X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/yaid/blobdiff_plain/4f8fdcc1b5d5e6ffe8cc14be447313e5833702f5..152ca59daf3abc63081bc5da9748d86cbb75c1af:/yaid.c

diff --git a/yaid.c b/yaid.c
index 1d45fb8..cc3bb47 100644
--- a/yaid.c
+++ b/yaid.c
@@ -55,6 +55,7 @@ struct listen {
 struct client {
   int fd;				/* The connection to the client */
   selbuf b;				/* Accumulate lines of input */
+  union addr raddr;			/* Remote address */
   struct query q;			/* The clients query and our reply */
   struct sel_timer t;			/* Timeout for idle or doomed conn */
   struct listen *l;			/* Back to the listener (and ops) */
@@ -76,6 +77,9 @@ struct proxy {
 
 static sel_state sel;			/* I/O multiplexer state */
 
+static const char *pidfile = 0;		/* Where to write daemon's pid */
+
+static const char *policyfile = POLICYFILE; /* Filename for global policy */
 static const struct policy default_policy = POLICY_INIT(A_NAME);
 static policy_v policy = DA_INIT;	/* Vector of global policy rules */
 static fwatch polfw;			/* Watch policy file for changes */
@@ -84,6 +88,10 @@ static unsigned char tokenbuf[4096];	/* Random-ish data for tokens */
 static size_t tokenptr = sizeof(tokenbuf); /* Current read position */
 static int randfd;			/* File descriptor for random data */
 
+static unsigned flags = 0;		/* Various interesting flags */
+#define F_SYSLOG 1u			/*   Use syslog for logging */
+#define F_RUNNING 2u			/*   Running properly now */
+
 /*----- Ident protocol parsing --------------------------------------------*/
 
 /* Advance *PP over whitespace characters. */
@@ -217,6 +225,9 @@ void logmsg(const struct query *q, int prio, const char *msg, ...)
 {
   va_list ap;
   dstr d = DSTR_INIT;
+  time_t t;
+  struct tm *tm;
+  char buf[64];
 
   va_start(ap, msg);
   if (q) {
@@ -227,7 +238,18 @@ void logmsg(const struct query *q, int prio, const char *msg, ...)
   }
   dstr_vputf(&d, msg, &ap);
   va_end(ap);
-  fprintf(stderr, "yaid: %s\n", d.buf);
+
+  if (!(flags & F_RUNNING))
+    moan("%s", d.buf);
+  else if (flags & F_SYSLOG)
+    syslog(prio, "%s", d.buf);
+  else {
+    t = time(0);
+    tm = localtime(&t);
+    strftime(buf, sizeof(buf), "%Y-%m-%d %H:%M:%S %z", tm);
+    fprintf(stderr, "%s %s: %s\n", buf, QUIS, d.buf);
+  }
+
   dstr_destroy(&d);
 }
 
@@ -276,7 +298,8 @@ static void done_client_write(int err, void *p)
 /* Format the message FMT and queue it to be sent to the client.  Client
  * input will be disabled until the write completes.
  */
-static void write_to_client(struct client *c, const char *fmt, ...)
+static void PRINTF_LIKE(2, 3)
+  write_to_client(struct client *c, const char *fmt, ...)
 {
   va_list ap;
   char buf[WRBUFSZ];
@@ -342,8 +365,8 @@ static void cancel_proxy(struct proxy *px)
     selbuf_destroy(&px->b);
     free_writebuf(&px->wb);
   }
-  selbuf_enable(&px->c->b);
   px->c->px = 0;
+  selbuf_enable(&px->c->b);
   xfree(px);
 }
 
@@ -607,9 +630,10 @@ static void client_line(char *line, size_t len, void *p)
   struct policy upol = POLICY_INIT(A_LIMIT);
   struct policy_file pf;
   char buf[16];
-  int i;
+  int i, t;
 
   /* If the connection has closed, then tidy stuff away. */
+  c->q.s[R].addr = c->raddr;
   c->q.s[L].port = c->q.s[R].port = 0;
   if (!line) {
     disconnect_client(c);
@@ -622,9 +646,9 @@ static void client_line(char *line, size_t len, void *p)
   /* See if the policy file has changed since we last looked.  If so, try to
    * read the new version.
    */
-  if (fwatch_update(&polfw, "yaid.policy")) {
-    logmsg(0, LOG_INFO, "reload master policy file `%s'", "yaid.policy");
-    load_policy_file("yaid.policy", &policy);
+  if (fwatch_update(&polfw, policyfile)) {
+    logmsg(0, LOG_INFO, "reload master policy file `%s'", policyfile);
+    load_policy_file(policyfile, &policy);
   }
 
   /* Read the local and remote port numbers into the query structure. */
@@ -682,13 +706,13 @@ static void client_line(char *line, size_t len, void *p)
      */
     DRESET(&d);
     dstr_putf(&d, "%s/.yaid.policy", pw->pw_dir);
-    if (open_policy_file(&pf, d.buf, "user policy file", &c->q))
+    if (open_policy_file(&pf, d.buf, "user policy file", &c->q, OPF_NOENTOK))
       continue;
-    while (!read_policy_file(&pf)) {
+    while ((t = read_policy_file(&pf)) < T_ERROR) {
 
-      /* Give up after 100 lines.  If the user's policy is that complicated,
-       * something's gone very wrong.  Or there's too much commentary or
-       * something.
+      /* Give up after 100 lines or if there's an error.  If the user's
+       * policy is that complicated, something's gone very wrong.  Or there's
+       * too much commentary or something.
        */
       if (pf.lno > 100) {
 	logmsg(&c->q, LOG_ERR, "%s:%d: user policy file too long",
@@ -696,6 +720,9 @@ static void client_line(char *line, size_t len, void *p)
 	break;
       }
 
+      /* If this was a blank line, just go around again. */
+      if (t != T_OK) continue;
+
       /* If this isn't a match, go around for the next rule. */
       if (!match_policy(&pf.p, &c->q)) continue;
 
@@ -801,7 +828,7 @@ static void accept_client(int fd, unsigned mode, void *p)
   c->q.ao = l->ao;
 
   /* Collect the local and remote addresses. */
-  l->ao->sockaddr_to_addr(&ssr, &c->q.s[R].addr);
+  l->ao->sockaddr_to_addr(&ssr, &c->raddr);
   ssz = sizeof(ssl);
   if (getsockname(sk, (struct sockaddr *)&ssl, &ssz)) {
     logmsg(0, LOG_ERR,
@@ -882,37 +909,208 @@ static int make_listening_socket(const struct addrops *ao, int port)
   return (0);
 }
 
+/* Quit because of a fatal signal. */
+static void NORETURN quit(int sig, void *p)
+{
+  const char *signame = p;
+
+  logmsg(0, LOG_NOTICE, "shutting down on %s", signame);
+  if (pidfile) unlink(pidfile);
+  exit(0);
+}
+
+/* Answer whether the string pointed to by P consists entirely of digits. */
+static int numericp(const char *p)
+{
+  while (*p)
+    if (!isdigit((unsigned char)*p++)) return (0);
+  return (1);
+}
+
+static void usage(FILE *fp)
+{
+  pquis(fp, "Usage: $ [-Dl] [-G GROUP] [-U USER] [-P FILE] "
+	"[-c FILE] [-p PORT]\n");
+}
+
+static void version(FILE *fp)
+  { pquis(fp, "$, version " VERSION "\n"); }
+
+static void help(FILE *fp)
+{
+  version(fp); fputc('\n', fp);
+  usage(fp);
+  fputs("\n\
+Yet Another Ident Daemon.  Really, the world doesn't need such a thing.\n\
+It's just a shame none of the others do the right things.\n\
+\n\
+Options:\n\
+\n\
+  -h, --help		Show this help message.\n\
+  -v, --version		Show the version number.\n\
+  -u, --usage		Show a very short usage summary.\n\
+\n\
+  -D, --daemon		Become a daemon, running in the background.\n\
+  -G, --group=GROUP	Set group after initialization.\n\
+  -P, --pidfile=FILE	Write process id to FILE.\n\
+  -U, --user=USER	Set user after initialization.\n\
+  -c, --config=FILE	Read global policy from FILE.\n\
+  -l, --syslog		Write log messages using syslog(3).\n\
+  -p, --port=PORT	Listen for connections on this port.\n",
+	fp);
+}
+
 int main(int argc, char *argv[])
 {
   int port = 113;
+  uid_t u = -1;
+  gid_t g = -1;
+  struct passwd *pw = 0;
+  struct group *gr;
+  struct servent *s;
+  sig sigint, sigterm;
+  FILE *fp = 0;
+  int i;
+  unsigned f = 0;
+#define f_bogus 1u
+#define f_daemon 2u
   const struct addrops *ao;
   int any = 0;
 
   ego(argv[0]);
 
-  fwatch_init(&polfw, "yaid.policy");
+  /* Parse command-line options. */
+  for (;;) {
+    const struct option opts[] = {
+      { "help",		0,		0,	'h' },
+      { "version",	0,		0,	'v' },
+      { "usage",	0,		0,	'u' },
+      { "daemon",	0,		0,	'D' },
+      { "group",	OPTF_ARGREQ,	0,	'G' },
+      { "pidfile",	OPTF_ARGREQ,	0,	'P' },
+      { "user",		OPTF_ARGREQ,	0,	'U' },
+      { "config",	OPTF_ARGREQ,	0,	'c' },
+      { "syslog",	0,		0,	'l' },
+      { "port",		OPTF_ARGREQ,	0,	'p' },
+      { 0,		0,		0,	0 }
+    };
+
+    if ((i = mdwopt(argc, argv, "hvuDG:P:U:c:lp:", opts, 0, 0, 0)) < 0)
+      break;
+    switch (i) {
+      case 'h': help(stdout); exit(0);
+      case 'v': version(stdout); exit(0);
+      case 'u': usage(stdout); exit(0);
+      case 'D': f |= f_daemon; break;
+      case 'P': pidfile = optarg; break;
+      case 'c': policyfile = optarg; break;
+      case 'l': flags |= F_SYSLOG; break;
+      case 'G':
+	if (numericp(optarg))
+	  g = atoi(optarg);
+	else if ((gr = getgrnam(optarg)) == 0)
+	  die(1, "unknown group `%s'", optarg);
+	else
+	  g = gr->gr_gid;
+	break;
+      case 'U':
+	if (numericp(optarg))
+	  u = atoi(optarg);
+	else if ((pw = getpwnam(optarg)) == 0)
+	  die(1, "unknown user `%s'", optarg);
+	else
+	  u = pw->pw_uid;
+	break;
+      case 'p':
+	if (numericp(optarg))
+	  port = atoi(optarg);
+	else if ((s = getservbyname(optarg, "tcp")) == 0)
+	  die(1, "unknown service name `%s'", optarg);
+	else
+	  port = ntohs(s->s_port);
+	break;
+      default: f |= f_bogus; break;
+    }
+  }
+  if (optind < argc) f |= f_bogus;
+  if (f & f_bogus) { usage(stderr); exit(1); }
+
+  /* If a user has been requested, but no group, then find the user's primary
+   * group.  If the user was given by name, then we already have a password
+   * entry and should use that, in case two differently-named users have the
+   * same uid but distinct gids.
+   */
+  if (u != -1 && g == -1) {
+    if (!pw && (pw = getpwuid(u)) == 0) {
+      die(1, "failed to find password entry for user %d: "
+	  "request group explicitly", u);
+    }
+    g = pw->pw_gid;
+  }
+
+  /* Initialize system-specific machinery. */
   init_sys();
-  if (load_policy_file("yaid.policy", &policy))
+
+  /* Load the global policy rules. */
+  fwatch_init(&polfw, policyfile);
+  if (load_policy_file(policyfile, &policy))
     exit(1);
-  { int i;
-    for (i = 0; i < DA_LEN(&policy); i++)
-      print_policy(&DA(&policy)[i]);
-  }
 
+  /* Open the random data source. */
   if ((randfd = open("/dev/urandom", O_RDONLY)) < 0) {
     die(1, "failed to open `/dev/urandom' for reading: %s",
 	strerror(errno));
   }
 
+  /* Set up the I/O event system. */
   sel_init(&sel);
+
+  /* Watch for some interesting signals. */
+  sig_init(&sel);
+  sig_add(&sigint, SIGINT, quit, "SIGINT");
+  sig_add(&sigterm, SIGTERM, quit, "SIGTERM");
+
+  /* Listen for incoming connections. */
   for (ao = addroptab; ao->name; ao++)
     if (!make_listening_socket(ao, port)) any = 1;
-  if (!any)
-    die(1, "no IP protocols supported");
+  if (!any) die(1, "no IP protocols supported");
+
+  /* Open the pidfile now, in case it's somewhere we can't write. */
+  if (pidfile && (fp = fopen(pidfile, "w")) == 0) {
+    die(1, "failed to open pidfile `%s' for writing: %s",
+	pidfile, strerror(errno));
+  }
+
+  /* If we're meant to use syslog, then open the log. */
+  if (flags & F_SYSLOG)
+    openlog(QUIS, 0, LOG_DAEMON);
+
+  /* Drop privileges. */
+  if ((g != -1 && (setegid(g) || setgid(g) ||
+		   (getuid() == 0 && setgroups(1, &g)))) ||
+      (u != -1 && setuid(u)))
+    die(1, "failed to drop privileges: %s", strerror(errno));
 
-  for (;;)
-    if (sel_select(&sel)) die(1, "select failed: %s", strerror(errno));
+  /* Become a background process, if requested. */
+  if ((f & f_daemon) && daemonize())
+    die(1, "failed to become daemon: %s", strerror(errno));
+
+  /* Write the process id to the pidfile. */
+  if (fp) {
+    fprintf(fp, "%d\n", getpid());
+    fclose(fp);
+  }
+
+  /* And now we're going. */
+  flags |= F_RUNNING;
+
+  /* Read events and process them. */
+  for (;;) {
+    if (sel_select(&sel) && errno != EINTR)
+      die(1, "select failed: %s", strerror(errno));
+  }
 
+  /* This just keeps the compiler happy. */
   return (0);
 }