3 * Main header file for port forwarder
5 * (c) 1999 Straylight/Edgeware
8 /*----- Licensing notice --------------------------------------------------*
10 * This file is part of the `fwd' port forwarder.
12 * `fwd' is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 2 of the License, or
15 * (at your option) any later version.
17 * `fwd' is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with `fwd'; if not, write to the Free Software Foundation,
24 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
34 /*----- Header files ------------------------------------------------------*/
36 /* --- Configuration --- */
62 #include <sys/types.h>
68 #include <sys/socket.h>
70 #include <netinet/in.h>
71 #include <arpa/inet.h>
81 #include <mLib/alloc.h>
82 #include <mLib/bres.h>
83 #include <mLib/conn.h>
84 #include <mLib/darray.h>
85 #include <mLib/dstr.h>
87 #include <mLib/fdflags.h>
88 #include <mLib/fdpass.h>
89 #include <mLib/ident.h>
90 #include <mLib/mdup.h>
91 #include <mLib/mdwopt.h>
92 #include <mLib/quis.h>
93 #include <mLib/report.h>
95 #include <mLib/selbuf.h>
102 /*----- Other subtleties --------------------------------------------------*/
104 #if defined(HAVE_DECL_ENVIRON) && !HAVE_DECL_ENVIRON
105 extern char **environ;
108 /*----- Main program ------------------------------------------------------*/
110 /* --- The global select state --- */
112 extern sel_state *sel;
114 /* --- Help text --- */
116 extern const char grammar_text[];
117 extern const char option_text[];
119 /* --- @fw_log@ --- *
121 * Arguments: @time_t t@ = when the connection occurred or (@-1@)
122 * @const char *fmt@ = format string to fill in
123 * @...@ = other arguments
127 * Use: Logs a connection.
130 extern void fw_log(time_t /*t*/, const char */*fmt*/, ...);
132 /* --- @fw_inc@, @fw_dec@ --- *
138 * Use: Increments or decrements the active thing count. `fwd' won't
139 * quit while there are active things.
142 extern void fw_inc(void);
143 extern void fw_dec(void);
145 /*----- Channel management ------------------------------------------------*/
147 /* --- Magic numbers --- */
149 #define CHAN_BUFSZ 4096
151 /* --- Channel structure --- */
153 typedef struct chan {
154 unsigned base, len; /* Base and length of data */
155 unsigned f; /* Various interesting flags */
156 void (*func)(void */*p*/); /* Function to call on closure */
157 int err; /* What's wrong with the channel */
158 void *p; /* Argument to pass function */
159 sel_file r, w; /* Reader and writer selectors */
160 char buf[CHAN_BUFSZ]; /* The actual data buffer */
163 #define CHANF_CLOSE 1u /* Close channel when buffer empty */
164 #define CHANF_READY 2u /* The channel destination exists */
166 /* --- @chan_close@ --- *
168 * Arguments: @chan *c@ = pointer to channel
172 * Use: Closes down a channel prematurely.
175 extern void chan_close(chan */*c*/);
177 /* --- @chan_dest@ --- *
179 * Arguments: @chan *c@ = pointer to channel
180 * @int fd@ = destination file descriptor for channel
184 * Use: Sets the channel's destination so it knows where to put
188 extern void chan_dest(chan */*c*/, int /*fd*/);
190 /* --- @chan_open@ --- *
192 * Arguments: @chan *c@ = pointer to channel to open
193 * @int from, to@ = source and destination file descriptors
194 * @void (*func)(void *p)@ = function to call on closure
195 * @void *p@ = argument to pass to function
199 * Use: Opens a channel. Data is copied from the source to the
200 * destination. The @to@ argument may be @-1@ if the file
201 * descriptor isn't known yet.
204 extern void chan_open(chan */*c*/, int /*from*/, int /*to*/,
205 void (*/*func*/)(void */*p*/), void */*p*/);
207 /*----- Character scanners ------------------------------------------------*/
209 /* --- A low-level scanner source --- */
211 typedef struct scansrc {
212 struct scansrc *next; /* Next one in the list */
213 struct scansrc_ops *ops; /* Pointer to operations table */
214 char *src; /* Name of this source */
215 int line; /* Current line number */
216 dstr pushback; /* Pushback characters */
217 char *tok; /* Token pushback */
218 unsigned t; /* Token type pushback */
221 /* --- Scanner source operations --- */
223 typedef struct scansrc_ops {
224 int (*scan)(scansrc */*ss*/); /* Read another character */
225 void (*destroy)(scansrc */*ss*/); /* Destroy an unwanted source */
228 /* --- A character scanner --- */
230 typedef struct scanner {
231 scansrc *head, **tail; /* Scanner list head and tail */
232 int t; /* Token type */
233 dstr d; /* Current token value */
234 const char *wbegin, *wcont; /* Parsing exception strings */
237 /* --- @scan_file@ --- *
239 * Arguments: @FILE *fp@ = pointer to file descriptor
240 * @const char *name@ = pointer to source file name
241 * @unsigned f@ = flags
243 * Returns: A scanner source.
245 * Use: Creates a new scanner source for reading from a file.
248 #define SCF_NOCLOSE 1u /* Don't close @fp@ when finished */
250 extern scansrc *scan_file(FILE */*fp*/, const char */*name*/,
253 /* --- @scan_argv@ --- *
255 * Arguments: @char **av@ = pointer to argument array (null terminated)
257 * Returns: A scanner source.
259 * Use: Creates a new scanner source for reading from an @argv@
263 extern scansrc *scan_argv(char **/*av*/);
267 * Arguments: @scanner *sc@ = pointer to main scanner context
269 * Returns: Character read, or end-of-file.
271 * Use: Scans a character from a source of characters.
274 extern int scan(scanner */*sc*/);
276 /* --- @unscan@ --- *
278 * Arguments: @scanner *sc@ = pointer to main scanner context
279 * @int ch@ = character to unscan
283 * Use: Scans a character from a source of characters.
286 extern void unscan(scanner */*sc*/, int /*ch*/);
288 /* --- @scan_push@ --- *
290 * Arguments: @scanner *sc@ = pointer to main scanner context
291 * @scansrc *ss@ = souorce to push
295 * Use: Pushes a scanner source onto the front of the queue.
298 extern void scan_push(scanner */*sc*/, scansrc */*ss*/);
300 /* --- @scan_add@ --- *
302 * Arguments: @scanner *sc@ = pointer to main scanner context
303 * @scansrc *ss@ = souorce to push
307 * Use: Adds a scanner source onto the end of the queue.
310 extern void scan_add(scanner */*sc*/, scansrc */*ss*/);
312 /* --- @scan_create@ --- *
314 * Arguments: @scanner *sc@ = scanner context to initialize
318 * Use: Initializes a scanner block ready for use.
321 extern void scan_create(scanner */*sc*/);
323 /* --- @scan_destroy@ --- *
325 * Arguments: @scanner *sc@ = pointer to scanner context
329 * Use: Destroys a scanner and all the sources attached to it.
332 extern void scan_destroy(scanner */*sc*/);
334 /*----- Configuration parsing ---------------------------------------------*/
336 /* --- Magical constants --- */
338 #define CTOK_EOF (-1)
339 #define CTOK_WORD 256
341 /* --- @conf_undelim@ --- *
343 * Arguments: @scanner *sc@ = pointer to scanner definition
344 * @const char *d, *dd@ = pointer to characters to escape
348 * Use: Modifies the tokenizer. Characters in the first list will
349 * always be considered to begin a word. Characters in the
350 * second list will always be allowed to continue a word.
353 extern void conf_undelim(scanner */*sc*/,
354 const char */*d*/, const char */*dd*/);
358 * Arguments: @scanner *sc@ = pointer to scanner definition
360 * Returns: Type of token scanned.
362 * Use: Reads the next token from the character scanner.
365 extern int token(scanner */*sc*/);
369 * Arguments: @scanner *sc@ = pointer to scanner definition
370 * @const char *msg@ = message skeleton string
371 * @...@ = extra arguments for the skeleton
375 * Use: Reports an error at the current scanner location.
378 extern void error(scanner */*sc*/, const char */*msg*/, ...);
380 /* --- @pushback@ --- *
382 * Arguments: @scanner *sc@ = pointer to scanner definition
386 * Use: Pushes the current token back. This is normally a precursor
387 * to pushing a new scanner source.
390 extern void pushback(scanner */*sc*/);
392 /* --- @conf_enum@ --- *
394 * Arguments: @scanner *sc@ = pointer to a scanner object
395 * @const char *list@ = comma-separated things to allow
396 * @unsigned @f = flags for the search
397 * @const char *err@ = error message if not found
399 * Returns: Index into list, zero-based, or @-1@.
401 * Use: Checks whether the current token is a string which matches
402 * one of the comma-separated items given. The return value is
403 * the index (zero-based) of the matched string in the list.
405 * The flags control the behaviour if no exact match is found.
406 * If @ENUM_ABBREV@ is set, and the current token is a left
407 * substring of exactly one of the possibilities, then that one
408 * is chosen. If @ENUM_NONE@ is set, the value @-1@ is
409 * returned; otherwise an error is reported and the program is
413 #define ENUM_ABBREV 1u
416 extern int conf_enum(scanner */*sc*/, const char */*list*/,
417 unsigned /*flags*/, const char */*err*/);
419 /* --- @conf_prefix@ --- *
421 * Arguments: @scanner *sc@ = pointer to a scanner object
422 * @const char *p@ = pointer to prefix string to check
424 * Returns: Nonzero if the prefix matches.
426 * Use: If the current token is a word matching the given prefix
427 * string, then it and an optional `.' character are removed and
428 * a nonzero result is returned. Otherwise the current token is
429 * left as it is, and zero is returned.
431 * Typical options parsing code would remove an expected prefix,
432 * scan an option anyway (since qualifying prefixes are
433 * optional) and if a match is found, claim the option. If no
434 * match is found, and a prefix was stripped, then an error
435 * should be reported.
438 extern int conf_prefix(scanner */*sc*/, const char */*p*/);
440 /* --- @CONF_BEGIN@, @CONF_END@ --- *
442 * Arguments: @sc@ = scanner to read from
443 * @prefix@ = prefix to scan for
444 * @desc@ = description of what we're parsing
446 * Use: Bracket an options parsing routine. The current token is
447 * checked to see whether it matches the prefix. If so, it is
448 * removed and the following token examined. If that's a `.'
449 * then it's removed. If it's a `{' then the enclosed
450 * option-parsing code is executed in a loop until a matching
451 * '}' is found. If the options parser doesn't accept an
452 * option, the behaviour is dependent on whether a prefix was
453 * seen: if so, an error is reported; otherwse a zero return is
462 #define CONF_BEGIN(sc, prefix, desc) do { \
463 scanner *_conf_sc = (sc); \
464 const char *_conf_desc = (desc); \
465 int _conf_state = CS_PLAIN; \
467 /* --- Read the initial prefix --- */ \
469 if (_conf_sc->t == CTOK_WORD && \
470 strcmp(_conf_sc->d.buf, (prefix)) == 0) { \
472 _conf_state = CS_PREFIX; \
473 if (_conf_sc->t == '.') \
475 else if (_conf_sc->t == '{') { \
477 _conf_state = CS_BRACE; \
481 /* --- Ensure the next token is a word --- */ \
483 if (_conf_sc->t != CTOK_WORD) \
484 error(_conf_sc, "parse error, expected option keyword"); \
489 /* --- Reject an option --- * \
491 * We could get here as a result of an explicit @CONF_REJECT@ or \
492 * because the option wasn't accepted. \
497 if (_conf_state == CS_PLAIN) \
498 _conf_state = CS_UNKNOWN; \
500 error(_conf_sc, "unknown %s option `%s'", \
501 _conf_desc, _conf_sc->d.buf); \
504 /* --- Accept an option --- * \
506 * It's safe to drop through from above. Either an error will have \
507 * been reported, or the state is not @CS_BRACE@. \
511 if (_conf_state == CS_BRACE && _conf_sc->t == ';') \
513 } while (_conf_state == CS_BRACE && _conf_sc->t == CTOK_WORD); \
515 /* --- Check for a closing brace --- */ \
517 if (_conf_state == CS_BRACE) { \
518 if (_conf_sc->t == '}') \
521 error(_conf_sc, "parse error, expected `}'"); \
524 /* --- Return an appropriate value --- */ \
526 return (_conf_state != CS_UNKNOWN); \
529 /* --- @CONF_ACCEPT@, @CONF_REJECT@ --- *
533 * Use: Within an options parser (between @CONF_BEGIN@ and
534 * @CONF_END@), accept or reject an option.
537 #define CONF_ACCEPT goto _conf_accept
538 #define CONF_REJECT goto _conf_reject
540 /* --- @CONF_QUAL@ --- *
544 * Use: Evaluates to a nonzero value if the current option is
545 * qualified. This can be used to decide whether abbreviations
546 * for options should be accepted.
549 #define CONF_QUAL (_conf_state != CS_PLAIN)
551 /* --- @conf_name@ --- *
553 * Arguments: @scanner *sc@ = pointer to scanner
554 * @char delim@ = delimiter character to look for
555 * @dstr *d@ = pointer to dynamic string for output
559 * Use: Reads in a compound name consisting of words separated by
560 * delimiters. Leading and trailing delimiters are permitted,
561 * although they'll probably cause confusion if used. The name
562 * may be enclosed in square brackets if that helps at all.
564 * Examples of compound names are filenames (delimited by `/')
565 * and IP addresses (delimited by `.').
568 extern void conf_name(scanner */*sc*/, char /*delim*/, dstr */*d*/);
570 /* --- @conf_fname@ --- *
572 * Arguments: @scanner *sc@ = pointer to scanner
573 * @dstr *d@ = pointer to dynamic string for output
577 * Use: Reads a file name from the input and stores it in @d@.
580 extern void conf_fname(scanner */*sc*/, dstr */*d*/);
582 /*----- Reference-counted file descriptors --------------------------------*/
584 typedef struct reffd {
587 void (*proc)(void */*p*/);
591 /* --- @reffd_init@ --- *
593 * Arguments: @int fd@ = file descriptor
595 * Returns: Reference-counted file descriptor object.
597 * Use: Creates a refcounted file descriptor.
600 extern reffd *reffd_init(int /*fd*/);
602 /* --- @reffd_handler@ --- *
604 * Arguments: @reffd *r@ = pointer to reference counted filehandle
605 * @void (*proc)(void *p)@ = procedure to call
610 * Use: Sets the reference counted file descriptor to call @proc@
611 * when it is no longer required.
614 extern void reffd_handler(reffd */*r*/, void (*/*proc*/)(void */*p*/),
617 /* --- @reffd_inc@ --- *
619 * Arguments: @reffd *r@ = pointer to reference counted filehandle
623 * Use: Increments the reference count for a file descriptor.
626 #define REFFD_INC(r) do { (r)->ref++; } while (0)
628 extern void reffd_inc(reffd */*r*/);
630 /* --- @reffd_dec@ --- *
632 * Arguments: @reffd *r@ = pointer to reference counted filehandle
636 * Use: Decrements the reference count for a file descriptor.
639 #define REFFD_DEC(r) do { \
642 if (_r->ref == 0) { \
650 extern void reffd_dec(reffd */*r*/);
652 /*----- Sources, targets and endpoints ------------------------------------*/
654 /* --- Basic endpoint structure --- */
656 typedef struct endpt {
657 struct endpt_ops *ops; /* Pointer to operations table */
658 struct endpt *other; /* Pointer to sibling endpoint */
659 unsigned f; /* Various flags */
660 struct tango *t; /* Private data structure */
661 reffd *in, *out; /* File descriptors */
664 /* --- Endpoint flags --- */
666 #define EPF_PENDING 1u /* Endpoint creation in progress */
667 #define EPF_FILE 2u /* Endpoint smells like a file */
669 /* --- Endpoint operations table --- */
671 typedef struct endpt_ops {
673 /* --- @attach@ --- *
675 * Arguments: @endpt *e@ = pointer to endpoint to be attached
676 * @reffd *in, *out@ = input and output file descriptors
680 * Use: Instructs a non-file endpoint to attach itself to a pair of
684 void (*attach)(endpt */*e*/, reffd */*in*/, reffd */*out*/);
688 * Arguments: @endpt *e@ = pointer to endpoint in question
689 * @endpt *f@ = pointer to a file endpoint
693 * Use: Informs a non-file endpoint of a file endpoint which will
694 * want to be closed when it's finished with. At that time, the
695 * endpoint should arrange to have both itself and its partner
696 * closed. If no file is registered, the endpoint manager will
697 * close both endpoints itself.
700 void (*file)(endpt */*e*/, endpt */*f*/);
702 /* --- @wclose@ --- *
704 * Arguments: @endpt *e@ = endpoint to be partially closed
708 * Use: Announces that the endpoint will not be written to any more.
711 void (*wclose)(endpt */*e*/);
715 * Arguments: @endpt *e@ = endpoint to be closed
719 * Use: Completely closes an endpoint. The endpoint's data may be
720 * freed, although some endpoints may wish to delay freeing for
724 void (*close)(endpt */*e*/);
728 /* --- A basic target object --- */
730 typedef struct target {
731 struct target_ops *ops;
735 /* --- Forwarding target operations --- */
737 typedef struct target_ops {
738 const char *name; /* Name of this target */
740 /* --- @option@ --- *
742 * Arguments: @target *t@ = pointer to target object, or zero if global
743 * @scanner *sc@ = scanner to read from
745 * Returns: Nonzero to claim the option.
747 * Use: Handles an option string from the configuration file.
750 int (*option)(target */*t*/, scanner */*sc*/);
754 * Arguments: @scanner *sc@ = pointer to scanner to read from
756 * Returns: Pointer to a target object to claim, null to reject.
758 * Use: Parses a target description from the configuration file.
759 * Only the socket target is allowed to omit the prefix on a
760 * target specification.
763 target *(*read)(scanner */*sc*/);
765 /* --- @confirm@ --- *
767 * Arguments: @target *t@ = pointer to target
771 * Use: Confirms configuration of a target.
774 void (*confirm)(target */*t*/);
776 /* --- @create@ --- *
778 * Arguments: @target *t@ = pointer to target
779 * @const char *desc@ = description of connection
781 * Returns: Pointer to a created endpoint.
783 * Use: Generates a target endpoint for communication.
786 endpt *(*create)(target */*t*/, const char */*desc*/);
788 /* --- @destroy@ --- *
790 * Arguments: @target *t@ = pointer to target
794 * Use: Destroys a target.
797 void (*destroy)(target */*t*/);
801 /* --- A basic source object --- */
803 typedef struct source {
804 struct source *next, *prev;
805 struct source_ops *ops;
809 /* --- Forwarding source operations --- */
811 typedef struct source_ops {
812 const char *name; /* Name of this source */
814 /* --- @option@ --- *
816 * Arguments: @scanner *sc@ = scanner to read from
817 * @source *s@ = pointer to source object, or zero if global
819 * Returns: Nonzero to claim the option.
821 * Use: Handles an option string from the configuration file.
824 int (*option)(source */*s*/, scanner */*sc*/);
828 * Arguments: @scanner *sc@ = pointer to scanner to read from
830 * Returns: Pointer to a source object to claim, null to reject.
832 * Use: Parses a source description from the configuration file.
833 * Only the socket source is allowed to omit the prefix on a
834 * source specification.
837 source *(*read)(scanner */*sc*/);
839 /* --- @attach@ --- *
841 * Arguments: @source *s@ = pointer to source
842 * @scanner *sc@ = scanner (for error reporting)
843 * @target *t@ = pointer to target to attach
847 * Use: Attaches a target to a source.
850 void (*attach)(source */*s*/, scanner */*sc*/, target */*t*/);
852 /* --- @destroy@ --- *
854 * Arguments: @source *s@ = pointer to source
858 * Use: Destroys a source. Used when closing the system down, for
859 * example as a result of a signal.
862 void (*destroy)(source */*s*/);
866 /* --- @endpt_kill@ --- *
868 * Arguments: @endpt *a@ = an endpoint
872 * Use: Kills an endpoint. If the endpoint is joined to another, the
873 * other endpoint is also killed, as is the connection between
874 * them (and that's the tricky bit).
877 extern void endpt_kill(endpt */*a*/);
879 /* --- @endpt_killall@ --- *
885 * Use: Destroys all current endpoint connections. Used when
889 extern void endpt_killall(void);
891 /* --- @endpt_join@ --- *
893 * Arguments: @endpt *a@ = pointer to first endpoint
894 * @endpt *b@ = pointer to second endpoint
895 * @const char *desc@ = description of connection
899 * Use: Joins two endpoints together. It's OK to join endpoints
900 * which are already joined; in fact, the the right thing to do
901 * when your endpoint decides that it's not pending any more is
902 * to join it to its partner again.
904 * If the endpoints are already connected then the description
905 * string is ignored. The endpoint manager takes a copy of
906 * the string, so you don't need to keep it around.
909 extern void endpt_join(endpt */*a*/, endpt */*b*/, const char */*desc*/);
911 /* --- @source_add@ --- *
913 * Arguments: @source *s@ = pointer to a source
917 * Use: Adds a source to the master list. Only do this for passive
918 * sources (e.g., listening sockets), not active sources (e.g.,
919 * executable programs).
922 extern void source_add(source */*s*/);
924 /* --- @source_remove@ --- *
926 * Arguments: @source *s@ = pointer to a source
930 * Use: Removes a source from the master list.
933 extern void source_remove(source */*s*/);
935 /* --- @source_killall@ --- *
941 * Use: Frees all sources.
944 extern void source_killall(void);
946 /*----- The exec source and target ----------------------------------------*/
948 extern source_ops xsource_ops;
949 extern target_ops xtarget_ops;
951 /* --- @exec_init@ --- *
957 * Use: Initializes the executable problem source and target.
960 extern void exec_init(void);
962 /*----- The file source and target ----------------------------------------*/
964 extern source_ops fsource_ops;
965 extern target_ops ftarget_ops;
967 /*----- The socket source and target --------------------------------------*/
969 extern source_ops ssource_ops;
970 extern target_ops starget_ops;
972 /* --- @starget_connected@ --- *
974 * Arguments: @int fd@ = file descriptor now ready for use
975 * @void *p@ = pointer to an endpoint structure
979 * Use: Handles successful connection of the target endpoint.
982 extern void starget_connected(int /*fd*/, void */*p*/);
984 /*----- Handling of file attributes ---------------------------------------*/
986 /* --- File attribute options structure --- */
988 typedef struct fattr {
994 /* --- Shared global options --- */
996 extern fattr fattr_global;
998 /* --- @fattr_init@ --- *
1000 * Arguments: @fattr *f@ = pointer to file attributes
1004 * Use: Initializes a set of file attributes to default values.
1007 extern void fattr_init(fattr */*f*/);
1009 /* --- @fattr_option@ --- *
1011 * Arguments: @scanner *sc@ = pointer to scanner to read
1012 * @fattr *f@ = pointer to file attributes to set
1014 * Returns: Whether the option was clamed.
1016 * Use: Reads file attributes from a scanner.
1019 extern int fattr_option(scanner */*sc*/, fattr */*f*/);
1021 /* --- @fattr_apply@ --- *
1023 * Arguments: @const char *file@ = pointer to filename
1024 * @fattr *f@ = pointer to attribute set
1026 * Returns: @-1@ if it failed.
1028 * Use: Applies file attributes to a file. For best results, try to
1029 * create the file with the right permissions and so on. This
1030 * call will fix everything up, but there are potential races
1031 * which might catch you out if you're not careful.
1034 extern int fattr_apply(const char */*file*/, fattr */*f*/);
1036 /*----- Making privileged connections -------------------------------------*/
1038 /* --- @privconn_split@ --- *
1040 * Arguments: @sel_state *s@ = select state
1044 * Use: Splits off the privileged binding code into a separate
1048 extern void privconn_split(sel_state */*s*/);
1050 /* --- @privconn_adddest@ --- *
1052 * Arguments: @struct in_addr peer@ = address to connect to
1053 * @unsigned port@ = port to connect to
1055 * Returns: Index for this destination address, or @-1@ if not
1058 * Use: Adds a valid destination for a privileged connection.
1061 extern int privconn_adddest(struct in_addr /*peer*/, unsigned /*port*/);
1063 /* --- @privconn_connect@ --- *
1065 * Arguments: @conn *c@ = connection structure to fill in
1066 * @sel_state *s@ = pointer to select state to attach to
1067 * @int i@ = address index to connect to
1068 * @struct in_addr bind@ = address to bind to
1069 * @void (*func)(int, void *)@ = function to call on connect
1070 * @void *p@ = argument for the function
1072 * Returns: Zero on success, @-1@ on failure.
1074 * Use: Sets up a privileged connection job.
1077 extern int privconn_connect(conn */*c*/, sel_state */*s*/,
1078 int /*i*/, struct in_addr /*bind*/,
1079 void (*/*func*/)(int, void *), void */*p*/);
1081 /*----- Identifying remote clients ----------------------------------------*/
1083 typedef struct id_req {
1084 struct sockaddr_in lsin; /* Local address of connection */
1085 struct sockaddr_in rsin; /* Remote address of connection */
1086 const char *desc; /* Description of connection */
1087 const char *act; /* Action taken by server */
1088 reffd *r; /* Pointer to file descriptor */
1091 /* --- @identify@ --- *
1093 * Arguments: @const id_req *q@ = pointer to request block
1097 * Use: Starts a background ident lookup and reverse-resolve job
1098 * which will, eventually, report a message to the system log.
1101 extern void identify(const id_req */*q*/);
1103 /*----- Host-based access control -----------------------------------------*/
1105 /* --- An access control entry --- */
1107 typedef struct acl_entry {
1108 struct acl_entry *next; /* Next entry in the list */
1109 const struct acl_ops *ops; /* Operations for the ACL entry */
1110 unsigned act; /* What to do with matching hosts */
1113 #define ACL_DENY 0 /* Deny access to matching conns */
1114 #define ACL_ALLOW 1 /* Allow access to matching conns */
1115 #define ACL_PERM 1u /* Bit mask for permission bit */
1117 /* --- Host-based access control --- */
1119 typedef struct acl_host {
1120 acl_entry a; /* Base structure */
1121 struct in_addr addr, mask; /* Address and netmask */
1124 /* --- ACL methods --- */
1126 typedef struct acl_ops {
1127 int (*check)(void */*a*/, struct in_addr /*addr*/, unsigned /*port*/);
1128 void (*dump)(void */*a*/, FILE */*fp*/);
1129 void (*free)(void */*a*/);
1132 /* --- @acl_check@ --- *
1134 * Arguments: @acl_entry *a@ = pointer to ACL to check against
1135 * @struct in_addr addr@ = address to check
1136 * @unsigned port@ = port number to check
1137 * @int *act@ = verdict (should initially be @ACT_ALLOW@)
1139 * Returns: Zero if undecided, nonzero if a rule matched.
1141 * Use: Checks an address against an ACL.
1144 extern int acl_check(acl_entry */*a*/,
1145 struct in_addr /*addr*/, unsigned /*port*/,
1148 /* --- @acl_dump@ --- *
1150 * Arguments: @acl_entry *a@ = pointer to ACL to dump
1151 * @FILE *fp@ = pointer to stream to dump on
1155 * Use: Dumps an access control list to an output stream.
1158 extern void acl_dump(acl_entry */*a*/, FILE */*fp*/);
1160 /* --- @acl_free@ --- *
1162 * Arguments: @acl_entry *a@ = pointer to a list of ACLs
1166 * Use: Frees all of the memory used by an ACL.
1169 extern void acl_free(acl_entry */*a*/);
1171 /* --- @acl_addhost@ --- *
1173 * Arguments: @acl_entry ***a@ = address of pointer to list tail
1174 * @unsigned act@ = what to do with matching addresses
1175 * @struct in_addr addr, mask@ = address and mask to match
1179 * Use: Adds a host-authentication entry to the end of an access
1183 extern void acl_addhost(acl_entry ***/*a*/, unsigned /*act*/,
1184 struct in_addr /*addr*/, struct in_addr /*mask*/);
1186 /* --- @acl_addpriv@ --- *
1188 * Arguments: @acl_entry ***a@ = address of pointer to list tail
1189 * @unsigned act@ = what to do with matching addresses
1193 * Use: Adds a privileged-port check to the end of an access control
1197 extern void acl_addpriv(acl_entry ***/*a*/, unsigned /*act*/);
1199 /*----- Network addresses -------------------------------------------------*/
1201 /* --- A generic socket address --- *
1203 * Not all systems understand @sa_len@ fields. (In particular, Linux
1204 * doesn't.) Some fairly ugly hacking is then performed on particular
1208 typedef struct addr {
1209 struct addr_ops *ops;
1213 #define ADDRSZ(sz) (sizeof(addr) + (sz))
1215 /* --- Address configuration --- *
1217 * An address family will want to extend this.
1220 typedef struct addr_opts {
1224 #define ADDRF_NOLOG 1u
1226 /* --- Address types --- *
1228 * For things like Internet addresses, source and destinations look
1238 /* --- Description of an address type handler --- */
1240 typedef struct addr_ops {
1241 const char *name; /* Protocol's internal name */
1245 * Arguments: @scanner *sc@ = pointer to scanner to read from
1246 * @unsigned type@ = type of address to be read
1248 * Returns: A filled-in socket address.
1250 * Use: Parses a textual representation of a socket address.
1253 addr *(*read)(scanner */*sc*/, unsigned /*type*/);
1255 /* --- @destroy@ --- *
1257 * Arguments: @addr *a@ = pointer to an address block
1261 * Use: Disposes of an address block in some suitable fashion.
1264 void (*destroy)(addr */*a*/);
1266 /* --- @print@ --- *
1268 * Arguments: @addr *a@ = pointer to socket address to read
1269 * @unsigned type@ = type of address to be written
1270 * @dstr *d@ = string on which to write the description
1274 * Use: Writes a textual representation of a socket address to
1278 void (*print)(addr */*a*/, unsigned /*type*/, dstr */*d*/);
1280 /* --- @initsrcopts@ --- *
1284 * Returns: A pointer to a protocol-specific data block for a listener
1286 * Use: Creates a data block for a listener. This is attached to the
1287 * listener data structure. Options can then be requested, and
1288 * are added to the block when necessary.
1291 addr_opts *(*initsrcopts)(void);
1293 /* --- @option@ --- *
1295 * Arguments: @scanner *sc@ = pointer to a scanner to read from
1296 * @unsigned type@ = kind of option this is
1297 * @addr_opts *ao@ = data block to modify (from @init@), or null
1299 * Returns: Nonzero to claim the option.
1301 * Use: Parses a source option, either global or listener-specific.
1304 int (*option)(scanner */*sc*/, addr_opts */*ao*/, unsigned /*type*/);
1306 /* --- @confirm@ --- *
1308 * Arguments: @addr *a@ = pointer to an address structure
1309 * @unsigned type@ = kind of address this is
1310 * @addr_opts *ao@ = address options
1314 * Use: Called during initialization when an address is fully
1318 void (*confirm)(addr */*a*/, unsigned /*type*/, addr_opts */*ao*/);
1320 /* --- @freesrcopts@ --- *
1322 * Arguments: @addr_opts *ao@ = data block to remove
1326 * Use: Throws away all the configuration data for an address type.
1329 void (*freesrcopts)(addr_opts */*ao*/);
1333 * Arguments: @addr *a@ = the address to bind to
1334 * @addr_opts *ao@ = the address options
1336 * Returns: File descriptor of bound socket if OK, or @-1@ on error.
1338 * Use: Binds a listening socket. The tedious stuff with @listen@
1342 int (*bind)(addr */*a*/, addr_opts */*ao*/);
1344 /* --- @unbind@ --- *
1346 * Arguments: @addr *a@ = pointer to an address
1350 * Use: Unbinds an address. This is used when tidying up. The main
1351 * purpose is to let the Unix-domain handler remove its socket
1352 * node from the filesystem.
1355 void (*unbind)(addr */*a*/);
1357 /* --- @accept@ --- *
1359 * Arguments: @int fd@ = listening file descriptor
1360 * @addr_opts *ao@ = data block to get configuration from
1361 * @const char *desc@ = description of the listener
1363 * Returns: Pointer to a reference counted file descriptor.
1365 * Use: Accepts, verifies and logs an incoming connection.
1368 reffd *(*accept)(int /*fd*/, addr_opts */*ao*/, const char */*desc*/);
1370 /* --- @inittargopts@ --- *
1374 * Returns: A pointer to a protocol-specific data block for a connecter
1376 * Use: Creates a data block for a target. This is attached to the
1377 * target data structure. Options can then be requested, and
1378 * are added to the block when necessary.
1381 addr_opts *(*inittargopts)(void);
1383 /* --- @freetargopts@ --- *
1385 * Arguments: @addr_opts *ao@ = data block to remove
1389 * Use: Throws away all the configuration data for an address type.
1392 void (*freetargopts)(addr_opts */*ao*/);
1394 /* --- @connect@ --- *
1396 * Arguments: @addr *a@ = destination address
1397 * @addr_opts *ao@ = target address options
1398 * @conn *c@ = connection structure
1399 * @endpt *e@ = endpoint structure
1401 * Returns: Zero if OK, @-1@ on some error.
1403 * Use: Requests that a connection be made, or at least set in
1404 * motion. An address may do one of these things:
1408 * * Call @starget_connected@ with @-1@ or a connected file
1409 * descriptor and the pointer @e@.
1411 * * Call @conn_init@ or @conn_fd@, giving @starget_connected@
1412 * and @e@ as the function to call.
1415 int (*connect)(addr */*a*/, addr_opts */*ao*/, conn */*c*/, endpt */*e*/);
1419 /* --- Address types --- */
1421 extern addr_ops un_ops;
1422 extern addr_ops inet_ops;
1424 /*----- That's all, folks -------------------------------------------------*/
~mdw / fwd / blob