diff options
| author | Laurent Bercot <ska-skaware@skarnet.org> | 2015-01-15 20:51:39 +0000 |
|---|---|---|
| committer | Laurent Bercot <ska-skaware@skarnet.org> | 2015-01-15 20:51:39 +0000 |
| commit | ebfd0ba17e0d4b220725018d16e294e8e22a1745 (patch) | |
| tree | 4b29683050ce9e8f24f1920f1be38b2f837ef5ad | |
| parent | 20c7d8e1b328155145ce9e8648435e127b60c208 (diff) | |
| download | s6-networking-ebfd0ba17e0d4b220725018d16e294e8e22a1745.tar.xz | |
Move Unix domain socket and access control stuff to s6.
Move seekablepipe to s6-portable-utils.
Version: 2.0.1.0, release candidate
61 files changed, 39 insertions, 4165 deletions
diff --git a/doc/index.html b/doc/index.html index 3b65640..c6d61fa 100644 --- a/doc/index.html +++ b/doc/index.html @@ -45,7 +45,7 @@ compiled with IPv6 support, s6-networking is IPv6-ready. <li> <a href="http://skarnet.org/software/execline/">execline</a> version 2.0.1.1 or later </li> <li> <a href="http://skarnet.org/software/s6/">s6</a> version -2.0.1.0 or later </li> +2.0.2.0 or later </li> <li> <a href="http://skarnet.org/software/s6-dns/">s6-dns</a> version 2.0.0.2 or later </li> </ul> @@ -60,7 +60,7 @@ compiled with IPv6 support, s6-networking is IPv6-ready. <h3> Download </h3> <ul> - <li> The current released version of s6-networking is <a href="s6-networking-2.0.1.0.tar.gz">2.0.1.0</a>. </li> + <li> The current released version of s6-networking is <a href="s6-networking-2.1.0.0.tar.gz">2.1.0.0</a>. </li> <li> Alternatively, you can checkout a copy of the s6-networking git repository: <pre> git clone git://git.skarnet.org/s6-networking </pre> </li> </ul> @@ -102,7 +102,7 @@ relevant page. <li><a href="s6-taiclockd.html">The <tt>s6-taiclockd</tt> program</a></li> </ul> -<h4> UCSPI implementation </h4> +<h4> UCSPI TCP implementation </h4> <ul> <li><a href="s6-tcpclient.html">The <tt>s6-tcpclient</tt> program</a></li> @@ -113,29 +113,13 @@ relevant page. <li><a href="s6-tcpserver6.html">The <tt>s6-tcpserver6</tt> program</a></li> <li><a href="s6-tcpserver6-socketbinder.html">The <tt>s6-tcpserver6-socketbinder</tt> program</a></li> <li><a href="s6-tcpserver6d.html">The <tt>s6-tcpserver6d</tt> program</a></li> -<li><a href="s6-ipcclient.html">The <tt>s6-ipcclient</tt> program</a></li> -<li><a href="s6-ipcserver.html">The <tt>s6-ipcserver</tt> program</a></li> -<li><a href="s6-ipcserver-socketbinder.html">The <tt>s6-ipcserver-socketbinder</tt> program</a></li> -<li><a href="s6-ipcserverd.html">The <tt>s6-ipcserverd</tt> program</a></li> -<li><a href="s6-ioconnect.html">The <tt>s6-ioconnect</tt> program</a></li> </ul> -<h4> TCP and Unix access control </h4> +<h4> TCP access control </h4> <ul> <li><a href="s6-tcpserver-access.html">The <tt>s6-tcpserver-access</tt> program</a></li> <li><a href="s6-ipcserver-access.html">The <tt>s6-ipcserver-access</tt> program</a></li> -<li><a href="s6-connlimit.html">The <tt>s6-connlimit</tt> program</a></li> -<li><a href="s6-accessrules-cdb-from-fs.html">The <tt>s6-accessrules-cdb-from-fs</tt> program</a></li> -<li><a href="s6-accessrules-fs-from-cdb.html">The <tt>s6-accessrules-fs-from-cdb</tt> program</a></li> -</ul> - -<h4> suidless privilege gain </h4> - -<ul> -<li><a href="s6-sudo.html">The <tt>s6-sudo</tt> program</a></li> -<li><a href="s6-sudoc.html">The <tt>s6-sudoc</tt> program</a></li> -<li><a href="s6-sudod.html">The <tt>s6-sudod</tt> program</a></li> </ul> <h4> IDENT protocol implementation </h4> @@ -148,7 +132,6 @@ relevant page. <h4> Miscellaneous utilities </h4> <ul> -<li><a href="seekablepipe.html">The <tt>seekablepipe</tt> program</a></li> <li><a href="s6-getservbyname.html">The <tt>s6-getservbyname</tt> program</a></li> </ul> @@ -157,7 +140,6 @@ relevant page. <ul> <li> The <a href="libs6net/">s6net</a> library, containing: </li> <li> <a href="libs6net/ident.html">The <tt>ident</tt> library interface</a> </li> -<li> <a href="libs6net/accessrules.html">The <tt>accessrules</tt> library interface</a> </li> </ul> <hr /> diff --git a/doc/libs6net/accessrules.html b/doc/libs6net/accessrules.html deleted file mode 100644 index ea996b7..0000000 --- a/doc/libs6net/accessrules.html +++ /dev/null @@ -1,331 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: the accessrules library interface</title> - <meta name="Description" content="s6-networking: the accessrules library interface" /> - <meta name="Keywords" content="s6-networking net accessrules library libs6net unix tcp access control dns ipv4 ipv6" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">libs6net</a><br /> -<a href="../">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> The <tt>accessrules</tt> library interface </h1> - -<p> - The following functions and structures are declared in the <tt>s6-networking/accessrules.h</tt> header, -and implemented in the <tt>libs6net.a</tt> or <tt>libs6net.so</tt> library. -</p> - -<h2> General information </h2> - -<p> - <tt>s6net_accessrules</tt> is an access control library. It looks up -a key in a user-specified database, then returns a code depending on -whether the database allows access (in which case additional information -can also be returned), denies access, or does not contain the key. -</p> - -<p> - <tt>accessrules</tt> has been designed to be easily extensible to any -database format and any key format. -</p> - -<p> - Check the <tt>s6-networking/accessrules.h</tt> header for the exact definitions. -</p> - -<h2> Data structures </h2> - -<ul> - <li> A <tt>s6net_accessrules_result_t</tt> is a scalar that -can have the following values: S6NET_ACCESSRULES_ERROR, -S6NET_ACCESSRULES_DENY, S6NET_ACCESSRULES_ALLOW or S6NET_ACCESSRULES_NOTFOUND. </li> - <li> A <tt>s6net_accessrules_params_t</tt> is a structure containing two -<a href="http://skarnet.org/software/skalibs/libstddjb/stralloc.html">strallocs</a>, -<em>.env</em> and <em>.exec</em>, used to return data contained in the -database when a key has been allowed. The interpretation of this data is -application-defined. </li> -</ul> - -<h2> Function types </h2> - -<h3> Backend lookups </h3> - -<p> - A <tt>s6net_accessrules_backend_func_t</tt> is the type of a function -that takes a single key, looks it up in a database, and returns the result. -Namely: -</p> - -<p> -<code>s6net_accessrules_result_t f (char const *key, unsigned int keylen, void *handle, s6net_accessrules_params_t *params) </code> -</p> - -<p> - <em>f</em> looks up key <em>key</em> of length <em>keylen</em> in the database -represented by <em>handle</em> in an implementation-defined way. It returns a -number that says the key has been allowed, denied or not found, or an error -occurred. If the key has been allowed, <em>f</em> stores additional information -from the database into *<em>params</em>. -</p> - -<p> - Two s6net_accessrules_backend_func_t functions are natively implemented: -</p> - -<ul> - <li> <tt>s6net_accessrules_backend_fs</tt> takes a <tt>char const *</tt> -<em>handle</em> and interprets it as a base directory to look up <em>key</em> -under, in the format understood by -<a href="../s6-accessrules-cdb-from-fs.html">s6-accessrules-cdb-from-fs</a>. </li> - <li> <tt>s6net_accessrules_backend_cdb</tt> takes a <tt>struct cdb *</tt> -<em>handle</em> and looks up <em>key</em> in the -<a href="http://cr.yp.to/cdb.html">CDB</a> it points to. <em>handle</em> must -already be mapped to a CDB file. Such a file can be built with the -<a href="../s6-accessrules-cdb-from-fs.html">s6-accessrules-cdb-from-fs</a> -utility. </li> -</ul> - -<h3> Frontend key checking </h3> - -<p> - A <tt>s6net_accessrules_keycheck_func_t</tt> is the type of a function that -takes a user-level key, makes a list of corresponding backend-level keys and -calls a <tt>s6net_accessrules_backend_func_t</tt> function until it finds -a match. Namely: -</p> - -<p> -<code>s6net_accessrules_result_t f (void const *key, void *handle, s6net_accessrules_params_t *params, s6net_accessrules_backend_func_t *backend) </code> -</p> - -<p> - <em>f</em> derives a list of low-level keys to check from <em>key</em>. -Then, for each key <em>k</em> of length <em>klen</em> in this list, it calls -<tt>(*backend)(k, klen, handle, params)</tt>, returning *<em>backend</em>'s result if it -is not S6NET_ACCESSRULES_NOTFOUND. If no match can be found in the whole list, -<em>f</em> finally returns S6NET_ACCESSRULES_NOTFOUND. -</p> - -<p> - Five s6net_accessrules_keycheck_func_t functions are natively implemented: -</p> - -<ul> - <li> -<a name="uidgid" /> - <tt>s6net_accessrules_keycheck_uidgid</tt> interprets <em>key</em> as a -<a href="http://skarnet.org/software/skalibs/libstddjb/">diuint</a>, i.e. a -structure containing two unsigned ints. The first one is interpreted as an -uid <em>u</em>, the second one as a gid <em>g</em>. The function first looks -for a <tt>uid/<em>u</em></tt> match; if it cannot find one, it looks for a -<tt>gid/<em>g</em></tt> match. If it cannot find one either, it checks -<tt>uid/default</tt> and returns the result. </li> - <li> -<a name="reversedns" /> - <tt>s6net_accessrules_keycheck_reversedns</tt> interprets <em>key</em> -as a string containing a FQDN. Then for each suffix <em>k</em> of <em>key</em>, -starting with <em>key</em> itself and ending with <em>key</em>'s TLD, -it looks up <tt>reversedns/<em>k</em></tt>. The final dot is excluded from -<em>k</em>. If no match can be found, the function checks <tt>reversedns/@</tt> -and returns the result. For instance, if <em>key</em> is "foo.bar.com", -the following strings are looked up, in that order: - <ul> - <li> reversedns/foo.bar.com </li> - <li> reversedns/bar.com </li> - <li> reversedns/com </li> - <li> reversedns/@ </li> - </ul> </li> - <li> -<a name="ip4" /> - <tt>s6net_accessrules_keycheck_ip4</tt> interprets <em>key</em> as -4 network-byte-order characters containing an IPv4 address. Then for each -netmask <em>mask</em> from 32 to 0, it constructs the IPv4 network -prefix <em>addr</em> corresponding to that address, and looks up -<tt>ip4/<em>addr</em>_<em>mask</em></tt>. For instance, if <em>key</em> -is "\300\250\001\007", representing the 192.168.1.7 address, the following -strings are looked up, in that order: - <ul> - <li> ip4/192.168.1.7_32 </li> - <li> ip4/192.168.1.6_31 </li> - <li> ip4/192.168.1.4_30 </li> - <li> ip4/192.168.1.0_29 </li> - <li> ip4/192.168.0.0_28 </li> - <li> ip4/192.168.0.0_27 </li> - </ul> - and so on, down to: - <ul> - <li> ip4/192.0.0.0_3 </li> - <li> ip4/192.0.0.0_2 </li> - <li> ip4/128.0.0.0_1 </li> - <li> ip4/0.0.0.0_0 </li> - </ul> - Note that the <tt>ip4/0.0.0.0_0</tt> string is a catch-all key that -matches everything. </li> - <li> -<a name="ip6" /> - <tt>s6net_accessrules_keycheck_ip6</tt> interprets <em>key</em> as -16 network-byte-order characters containing an IPv6 address. Then for each -netmask <em>mask</em> from 128 to 0, it constructs the IPv6 network -prefix <em>addr</em> corresponding to that address, -<strong>in canonical form</strong>, -and looks up -<tt>ip6/<em>addr</em>_<em>mask</em></tt>. For instance, if <em>key</em> -is "*\0\024P@\002\b\003\0\0\0\0\0\0\020\006", representing the -2a00:1450:4002:803::1006 address, the following -strings are looked up, in that order: - <ul> - <li> ip6/2a00:1450:4002:803::1006_128 </li> - <li> ip6/2a00:1450:4002:803::1006_127 </li> - <li> ip6/2a00:1450:4002:803::1004_126 </li> - <li> ip6/2a00:1450:4002:803::1000_125 </li> - <li> ip6/2a00:1450:4002:803::1000_124 </li> - <li> ip6/2a00:1450:4002:803::1000_123 </li> - <li> ip6/2a00:1450:4002:803::1000_122 </li> - <li> ip6/2a00:1450:4002:803::1000_121 </li> - <li> ip6/2a00:1450:4002:803::1000_120 </li> - <li> ip6/2a00:1450:4002:803::1000_119 </li> - <li> ip6/2a00:1450:4002:803::1000_118 </li> - <li> ip6/2a00:1450:4002:803::1000_117 </li> - <li> ip6/2a00:1450:4002:803::1000_116 </li> - <li> ip6/2a00:1450:4002:803::1000_115 </li> - <li> ip6/2a00:1450:4002:803::1000_114 </li> - <li> ip6/2a00:1450:4002:803::1000_113 </li> - <li> ip6/2a00:1450:4002:803::_112 </li> - <li> ip6/2a00:1450:4002:803::_111 </li> - </ul> - and so on, down to: - <ul> - <li> ip6/2a00::_11 </li> - <li> ip6/2800::_10 </li> - <li> ip6/2800::_9 </li> - <li> ip6/2000::_8 </li> - <li> ip6/2000::_7 </li> - <li> ip6/2000::_6 </li> - <li> ip6/2000::_5 </li> - <li> ip6/2000::_4 </li> - <li> ip6/2000::_3 </li> - <li> ip6/::_2 </li> - <li> ip6/::_1 </li> - <li> ip6/::_0 </li> - </ul> - Note that the <tt>ip6/::_0</tt> string is a catch-all key that -matches everything. </li> - <li> -<a name="ip46" /> - <tt>s6net_accessrules_keycheck_ip46</tt> interprets <em>key</em> as a pointer to an -<a href="http://skarnet.org/software/skalibs/libstddjb/ip46.html">ip46_t</a>, and -behaves either as s6net_accessrules_keycheck_ip6 or s6net_accessrules_keycheck_ip4, -depending on the type of address *<em>key</em> contains. </li> -</ul> - -<h2> Ready-to-use functions </h2> - - Those functions are mostly macros; they're built by associating a frontend -function with a backend function. - -<p> -<code> s6net_accessrules_result_t s6net_accessrules_uidgid_cdb -(unsigned int u, unsigned int g, struct cdb *c, -s6net_accessrules_params_t *params) </code> <br /> -Checks the *<em>c</em> CDB database for an authorization for uid <em>u</em> -and gid <em>g</em>. If the result is S6NET_ACCESSRULES_ALLOW, additional -information may be stored into <em>params</em>. -</p> - -<p> -<code> s6net_accessrules_result_t s6net_accessrules_uidgid_fs -(unsigned int u, unsigned int g, char const *dir, -s6net_accessrules_params_t *params) </code> <br /> -Checks the <em>dir</em> base directory for an authorization for uid <em>u</em> -and gid <em>g</em>. If the result is S6NET_ACCESSRULES_ALLOW, additional -information may be stored into <em>params</em>. -</p> - -<p> -<code> s6net_accessrules_result_t s6net_accessrules_reversedns_cdb -(char const *name, struct cdb *c, -s6net_accessrules_params_t *params) </code> <br /> -Checks the *<em>c</em> CDB database for an authorization for the -<em>name</em> FQDN. If the result is S6NET_ACCESSRULES_ALLOW, additional -information may be stored into <em>params</em>. -</p> - -<p> -<code> s6net_accessrules_result_t s6net_accessrules_reversedns_fs -(char const *name, char const *dir, -s6net_accessrules_params_t *params) </code> <br /> -Checks the <em>dir</em> base directory for an authorization for the -<em>name</em> FQDN. If the result is S6NET_ACCESSRULES_ALLOW, additional -information may be stored into <em>params</em>. -</p> - -<p> -<code> s6net_accessrules_result_t s6net_accessrules_ip4_cdb -(char const *ip4, struct cdb *c, -s6net_accessrules_params_t *params) </code> <br /> -Checks the *<em>c</em> CDB database for an authorization for the -<em>ip4</em> IPv4 address (4 network byte order characters). -If the result is S6NET_ACCESSRULES_ALLOW, additional -information may be stored into <em>params</em>. -</p> - -<p> -<code> s6net_accessrules_result_t s6net_accessrules_ip4_fs -(char const *ip4, char const *dir, -s6net_accessrules_params_t *params) </code> <br /> -Checks the <em>dir</em> base directory for an authorization for the -<em>ip4</em> IPv4 address (4 network byte order characters). -If the result is S6NET_ACCESSRULES_ALLOW, additional -information may be stored into <em>params</em>. -</p> - -<p> -<code> s6net_accessrules_result_t s6net_accessrules_ip6_cdb -(char const *ip6, struct cdb *c, -s6net_accessrules_params_t *params) </code> <br /> -Checks the *<em>c</em> CDB database for an authorization for the -<em>ip6</em> IPv6 address (16 network byte order characters). -If the result is S6NET_ACCESSRULES_ALLOW, additional -information may be stored into <em>params</em>. -</p> - -<p> -<code> s6net_accessrules_result_t s6net_accessrules_ip6_fs -(char const *ip6, char const *dir, -s6net_accessrules_params_t *params) </code> <br /> -Checks the <em>dir</em> base directory for an authorization for the -<em>ip6</em> IPv6 address (16 network byte order characters). -If the result is S6NET_ACCESSRULES_ALLOW, additional -information may be stored into <em>params</em>. -</p> - -<p> -<code> s6net_accessrules_result_t s6net_accessrules_ip46_cdb -(ip46_t *ip, struct cdb *c, -s6net_accessrules_params_t *params) </code> <br /> -Checks the *<em>c</em> CDB database for an authorization for the -<em>ip</em> IP address. -If the result is S6NET_ACCESSRULES_ALLOW, additional -information may be stored into <em>params</em>. -</p> - -<p> -<code> s6net_accessrules_result_t s6net_accessrules_ip46_fs -(ip46_t const *ip, char const *dir, -s6net_accessrules_params_t *params) </code> <br /> -Checks the <em>dir</em> base directory for an authorization for the -<em>ip</em> IP address. -If the result is S6NET_ACCESSRULES_ALLOW, additional -information may be stored into <em>params</em>. -</p> - -</body> -</html> diff --git a/doc/libs6net/index.html b/doc/libs6net/index.html index 4fb35ff..36440ac 100644 --- a/doc/libs6net/index.html +++ b/doc/libs6net/index.html @@ -53,8 +53,6 @@ own header. </p> <ul> - <li> The <a href="accessrules.html">s6-networking/accessrules.h</a> header -provides function to check credentials against configuration files. </li> <li> The <a href="ident.html">s6-networking/ident.h</a> header provides a small IDENT client (RFC 1413). </li> </ul> diff --git a/doc/localservice.html b/doc/localservice.html deleted file mode 100644 index af7aafb..0000000 --- a/doc/localservice.html +++ /dev/null @@ -1,151 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: what is a local service</title> - <meta name="Description" content="s6-networking: what is a local service" /> - <meta name="Keywords" content="s6-networking local service s6-ipcserver" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> Local services </h1> - -<p> - A <em>local service</em> is a daemon that listens to incoming connections -on a Unix domain socket. Clients of the service are programs connecting to -this socket: the daemon performs operations on their behalf. -</p> - -<p> - The service is called <em>local</em> because it is not accessible to -clients from the network. -</p> - -<p> - A widely known example of a local service is the <tt>syslogd</tt> daemon. -On most implementations, it listens to the <tt>/dev/log</tt> socket. -Its clients connect to it and send their logs via the socket. The -<tt>openlog()</tt> function is just a wrapper arround the <tt>connect()</tt> -system call, the <tt>syslog()</tt> function a wrapper around <tt>write()</tt>, -and so on. -</p> - -<h2> Benefits </h2> - -<h3> Privileges </h3> - -<p> - The most important benefit of a local service is that it permits -<strong>controlled privilege gains without using setuid programs</strong>. -The daemon is run as user S; a client running as user C and connecting to -the daemon asks it to perform operations: those will be done as user S. -</p> - -<p> - Standard Unix permissions on the listening socket can be used to implement -some basic access control: to restrict access to clients belonging to group -G, change the socket to user S and group G, and give it 0420 permissions. -This is functionally equivalent to the basic access control for setuid -programs: a program having user S, group G and permissions 4750 will be -executable by group G and run with S rights. -</p> - -<p> - But modern systems implement the -<a href="http://www.superscript.com/ucspi-ipc/getpeereid.html">getpeereid()</a> -system call or library function. This function allows the server to know the -client's credentials: so fine-grained access control is possible. On those -systems, <strong>local services can do as much authentication as setuid programs, -in a much more controlled environment</strong>. -</p> - -<h3> fd-passing </h3> - -<p> - The most obvious difference between a local service and a network service -is that a local service does not serve network clients. But local services -have another nice perk: while network services usually only provide you -with a single channel (a TCP or UDP socket) of communication between the -client and the server, forcing you to multiplex your data into that -channel, local services allow you to have as many -communication channels as you want. -</p> - -<p> -(The SCTP transport layer provides a way for network services to use -several communication channels. Unfortunately, it is not widely deployed -yet, and a lot of network services still depend on TCP.) -</p> - -<p> - The <em>fd-passing</em> mechanism is Unix domain socket black magic -that allows one peer of the socket to send open file descriptors to -the other peer. So, if the server opens a pipe and sends one end of -this pipe to a client via this mechanism, there is effectively a -socket <em>and</em> a pipe between the client and the server. -</p> - -<h2> UCSPI </h2> - -<p> - The <a href="http://cr.yp.to/proto/ucspi.txt">UCSPI</a> protocol -is an easy way of abstracting clients and servers from the network. -A server written as a UCSPI server, just as it can be run -under inetd or s6-tcpserver, can be run under -<a href="s6-ipcserver.html">s6-ipcserver</a>: choose a socket -location and you have a local service. -</p> - -<p> - Fine-grained access control can be added by inserting -<a href="s6-ipcserver-access.html">s6-ipcserver-access</a> in -your server command line after s6-ipcserver. -</p> - -<p> - A client written as an UCSPI client, i.e. assuming it has descriptor -6 (resp. 7) open and reading from (resp. writing to) the server socket, -can be run under <a href="s6-ipcclient.html">s6-ipcclient</a>. -</p> - -<h2> Use in skarnet.org software </h2> - -<p> - skarnet.org libraries often use a separate process to handle -asynchronicity and background work in a way that's invisible to -the user. Among them are: -</p> - -<ul> - <li> <a href="http://skarnet.org/software/s6/s6-ftrigrd.html">s6-ftrigrd</a>, -managing the reception of notifications and only waking up the client process -when the notification pattern matches a regular expression. </li> - <li> <a href="http://skarnet.org/software/s6/libs6lock/s6lockd.html">s6lockd</a>, -handling time-constrained lock acquisition on client behalf. </li> - <li> <a href="http://skarnet.org/software/s6-dns/skadns/skadnsd.html">skadnsd</a>, -performing asynchronous DNS queries and only waking up the client process -when an answer arrives. </li> -</ul> - -<p> - Those processes are usually spawned from a client, via the corresponding -<tt>*_startf*()</tt> library call. But they can also be spawned from a -s6-ipcserver program in a local service configuration. In both cases, they -need an additional control channel to be passed from the server to -the client: the main socket is used for synchronous commands from the client -to the server and their answers, whereas the additional channel, which is -now implemented as a socket as well (but created by the server on-demand -and not bound to a local path), is used for asynchronous -notifications from the server to the client. The fd-passing mechanism -is used to transfer the additional channel from the server to the client. -</p> - -</body> -</html> diff --git a/doc/s6-accessrules-cdb-from-fs.html b/doc/s6-accessrules-cdb-from-fs.html deleted file mode 100644 index 26105b1..0000000 --- a/doc/s6-accessrules-cdb-from-fs.html +++ /dev/null @@ -1,141 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: the s6-accessrules-cdb-from-fs program</title> - <meta name="Description" content="s6-networking: the s6-accessrules-cdb-from-fs program" /> - <meta name="Keywords" content="s6-networking s6-accessrules-cdb-from-fs tcp unix access control ipcrules tcprules cdb filesystem" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> The <tt>s6-accessrules-cdb-from-fs</tt> program </h1> - -<p> -<tt>s6-accessrules-cdb-from-fs</tt> compiles a directory -containing a ruleset suitable for -<a href="s6-ipcserver-access.html">s6-ipcserver-access<a> or -<a href="s6-tcpserver-access.html">s6-tcpserver-access<a> into a -<a href="http://en.wikipedia.org/wiki/Cdb_(software)">CDB file</a>. -</p> - -<h2> Interface </h2> - -<pre> - s6-accessrules-cdb-from-fs <em>cdbfile</em> <em>dir</em> -</pre> - -<ul> - <li> s6-accessrules-cdb-from-fs compiles the <em>dir</em> -directory containing a ruleset into a -<a href="http://en.wikipedia.org/wiki/Cdb_(software)">CDB file</a> -<em>cdbfile</em> then exits 0. </li> -</ul> - -<h2> Ruleset directory format </h2> - -<p> - To be understood by s6-accessrules-cdb-from-fs, -<a href="s6-ipcserver-access.html">s6-ipcserver-access<a>, or -<a href="s6-tcpserver-access.html">s6-tcpserver-access<a>, -<em>dir</em> must have a specific format. -</p> - -<p> - <em>dir</em> contains a series of directories: -</p> - -<ul> - <li> <tt>ip4</tt> for rules on IPv4 addresses </li> - <li> <tt>ip6</tt> for rules on IPv6 addresses </li> - <li> <tt>reversedns</tt> for rules on host names </li> - <li> <tt>uid</tt> for rules on user IDs </li> - <li> <tt>gid</tt> for rules on group IDs </li> -</ul> - -<p> -Depending on the application, other directories can appear in <em>dir</em> -and be compiled into <em>cdbfile</em>, but -<a href="s6-tcpserver-access.html">s6-tcpserver-access<a> only -uses the first three, and -<a href="s6-ipcserver-access.html">s6-ipcserver-access<a> only -uses the last two. -</p> - -<p> - Each of those directories contains a set of rules. A rule is -a subdirectory named after the set of keys it matches, and containing -actions that will be executed if the rule is the first matching rule -for the tested key. -</p> - -<p> - The syntax for the rule name is dependent on the nature of keys, and -fully documented on the -<a href="libs6net/accessrules.html">accessrules</a> -library page. For instance, a subdirectory named <tt>192.168.0.0_27</tt> -in the <tt>ip4</tt> directory will match every IPv4 address in the -192.168.0.0/27 network that does not match a more precise rule. -</p> - -<p> - The syntax for the actions, however, is the same for every type of key. -A rule subdirectory can contain the following elements: -</p> - -<ul> - <li> a file (that can be empty) named <tt>allow</tt>. If such a file exists, -a key matching this rule will be immediately accepted. </li> - <li> a file (that can be empty) named <tt>deny</tt>. If such a file exists and -no <tt>allow</tt> file exists, a key matching this rule will be immediately -denied. </li> - <li> a subdirectory named <tt>env</tt>. If such a directory exists along -with an <tt>allow</tt> file, then its contents represent environment -modifications that will be applied after accepting the connection and -before executing the next program in the chain, as if the -<a href="http://www.skarnet.org/software/s6/s6-envdir.html">s6-envdir</a> -program, without options, was applied to <tt>env</tt>. <tt>env</tt> -has exactly the same format as a directory suitable for s6-envdir; -however, if the modifications take up more than 4096 bytes when -compiled into <em>cdbfile</em>, then s6-accessrules-cdb-from-fs will -complain and exit 100. </li> - <li> a file named <tt>exec</tt>. If such a file exists along with an -<tt>allow</tt> file, then its contents represent a command line that, -interpreted by the -<a href="http://www.skarnet.org/software/execline/execlineb.html">execlineb</a> -launcher, will be executed after accepting the connection, totally bypassing the -original command line. s6-accessrules-cdb-from-fs truncates the <tt>exec</tt> -file to 4096 bytes max when embedding it into <em>cdbfile</em>, so make -sure it is not larger than that. </li> -</ul> - -<h2> Notes </h2> - -<ul> - <li> <em>cdbfile</em> can exist prior to, and during, the compilation, -which actually works in a temporary file in the same directory as -<em>cdbfile</em> and performs an atomic replacement when it is done. -So it is not necessary to interrupt a running service during the -compilation. </li> - <li> If s6-accessrules-cdb-from-fs fails at some point, the temporary -file is removed. However, this doesn't happen if -s6-accessrules-cdb-from-fs is interrupted by a signal. </li> - <li> After the program successfully completes, if <em>dir</em> -was a suitable candidate for the <tt>-i</tt> option of -<a href="s6-ipcserver-access.html">s6-ipcserver-access</a> or -<a href="s6-tcpserver-access.html">s6-tcpserver-access</a>, then -<em>cdbfile</em> will be a suitable candidate for the <tt>-x</tt> option -of the same program, implementing the same ruleset. </li> - <li> <em>cdbfile</em> can be decompiled by the -<a href="s6-accessrules-fs-from-cdb.html">s6-accessrules-fs-from-cdb</a> -program. </li> -</ul> - -</body> -</html> diff --git a/doc/s6-accessrules-fs-from-cdb.html b/doc/s6-accessrules-fs-from-cdb.html deleted file mode 100644 index 91ec98e..0000000 --- a/doc/s6-accessrules-fs-from-cdb.html +++ /dev/null @@ -1,60 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: the s6-accessrules-fs-from-cdb program</title> - <meta name="Description" content="s6-networking: the s6-accessrules-fs-from-cdb program" /> - <meta name="Keywords" content="s6-networking s6-accessrules-fs-from-cdb tcp unix access control ipcrules tcprules cdb filesystem" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> The <tt>s6-accessrules-fs-from-cdb</tt> program </h1> - -<p> -<tt>s6-accessrules-fs-from-cdb</tt> decompiles a CDB database -containing a ruleset suitable for -<a href="s6-ipcserver-access.html">s6-ipcserver-access<a> or -<a href="s6-tcpserver-access.html">s6-tcpserver-access<a> and -that has been compiled with -<a href="s6-accessrules-cdb-from-fs.html">s6-accessrules-cdb-from-fs<a>. -</p> - -<h2> Interface </h2> - -<pre> - s6-accessrules-fs-from-cdb <em>dir</em> <em>cdbfile</em> -</pre> - -<ul> - <li> s6-accessrules-fs-from-cdb decompiles the -<a href="http://en.wikipedia.org/wiki/Cdb_(software)">CDB file</a> -<em>cdbfile</em> into the directory <em>dir</em>, then exits 0. </li> -</ul> - -<h2> Notes </h2> - -<ul> - <li> <em>dir</em> must not exist prior to the decompilation. </li> - <li> <em>dir</em> must be considered as a work in progress as long as -s6-accessrules-fs-from-cdb is running. It is only safe to use <em>dir</em> -as a ruleset once the program has exited. </li> - <li> If s6-accessrules-fs-from-cdb fails at some point, the partial -arborescence at <em>dir</em> is removed. However, this doesn't happen if -s6-accessrules-fs-from-cdb is interrupted by a signal. </li> - <li> After the program successfully completes, if <em>cdbfile</em> -was a suitable candidate for the <tt>-x</tt> option of -<a href="s6-ipcserver-access.html">s6-ipcserver-access</a> or -<a href="s6-tcpserver-access.html">s6-tcpserver-access</a>, then -<em>dir</em> will be a suitable candidate for the <tt>-i</tt> option -of the same program, implementing the same ruleset. </li> -</ul> - -</body> -</html> diff --git a/doc/s6-connlimit.html b/doc/s6-connlimit.html deleted file mode 100644 index 5008b4d..0000000 --- a/doc/s6-connlimit.html +++ /dev/null @@ -1,96 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: the s6-connlimit program</title> - <meta name="Description" content="s6-networking: the s6-connlimit program" /> - <meta name="Keywords" content="s6-networking connection limit s6-connlimit" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> The <tt>s6-connlimit</tt> program </h1> - -<p> -<tt>s6-connlimit</tt> is a small utility to perform IP-based -control on the number of client connections to a TCP socket, and -uid-based control on the number of client connections to a Unix -domain socket. -</p> - -<h2> Interface </h2> - -<pre> - s6-connlimit <em>prog...</em> -</pre> - -<ul> - <li> <tt>s6-connlimit</tt> reads its environment for the PROTO -environment variable, and then for ${PROTO}CONNNUM and ${PROTO}CONNMAX, -which must contain integers. </li> - <li> If the value of ${PROTO}CONNNUM is superior or equal to the value -of ${PROTO}CONNMAX, s6-connlimit exits 1 with an error message. </li> - <li> Else it execs into <em>prog...</em>. </li> - <li> If ${PROTO}CONNMAX is unset, s6-connlimit directly execs into -<em>prog...</em> without performing any check: -no maximum number of connections has been defined. </li> -</ul> - -<h2> Usage </h2> - -<p> - The <a href="s6-tcpserver4.html">s6-tcpserver4</a> and -<a href="s6-tcpserver6.html">s6-tcpserver6</a> define the PROTO environment -variable to "TCP", and spawn every child server with the TCPCONNNUM environment -variable set to the number of connections from the same IP address. - The <a href="s6-tcpserver-access.html">s6-tcpserver-access</a> program -can set environment variables depending on the client's IP address. If the -s6-tcpserver-access database is configured to set the TCPCONNMAX environment -variable for a given set of IP addresses, and s6-tcpserver-access execs into -s6-connlimit, then s6-connlimit will drop connections if there already are -${TCPCONNMAX} connections from the same client IP address. -</p> - -<p> - The <a href="s6-ipcserver.html">s6-ipcserver</a> and -<a href="s6-ipcserver-access.html">s6-ipcserver-access</a> programs can -be used the same way, with "IPC" instead of "TCP", to limit the number -of client connections by UID. -</p> - -<h2> Example </h2> - -<p> - The following command line: -</p> - -<pre> - s6-tcpserver4 -v2 -c1000 -C40 1.2.3.4 80 \ - s6-tcpserver-access -v2 -RHl0 -i <em>dir</em> \ - s6-connlimit \ - <em>prog...</em> -</pre> - -<p> - will run a server listening to IPv4 address 1.2.3.4, on port 80, -serving up to 1000 concurrent connections, and up to 40 concurrent -connections from the same IP address, no matter what the IP address. -For every client connection, it will look up the database set up -in <em>dir</em>; if the connection is accepted, it will run <em>prog...</em>. -</p> - -<p> - If the <tt><em>dir</em>/ip4/5.6.7.8_32/env/TCPCONNMAX</tt> file -exists and contains the string <tt>30</tt>, then at most 30 concurrent -connections from 5.6.7.8 will execute <em>prog...</em>, instead of the -default of 40. -</p> - -</body> -</html> diff --git a/doc/s6-ioconnect.html b/doc/s6-ioconnect.html deleted file mode 100644 index 5e2b6c6..0000000 --- a/doc/s6-ioconnect.html +++ /dev/null @@ -1,84 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: the s6-ioconnect program</title> - <meta name="Description" content="s6-networking: the s6-ioconnect program" /> - <meta name="Keywords" content="s6-networking ioconnect ucspi tcpconnect ipcconnect" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> The <tt>s6-ioconnect</tt> program </h1> - -<p> -<tt>s6-ioconnect</tt> performs full-duplex data transmission -between two sets of open file descriptors. -</p> - -<h2> Interface </h2> - -<pre> - s6-ioconnect [ -t <em>millisecs</em> ] [ -r <em>fdr</em> ] [ -w <em>fdw</em> ] [ -0 ] [ -1 ] [ -6 ] [ -7 ] -</pre> - -<ul> - <li> s6-ioconnect reads data from its stdin and writes it as is to -file descriptor 7, which is assumed to be open. </li> - <li> It also reads data from its file descriptor 6, which is assumed -to be open, and writes it as is to its stdout. </li> - <li> When both sides have transmitted EOF and s6-ioconnect has -flushed its buffers, it exits 0. </li> -</ul> - -<h2> Options </h2> - -<ul> - <li> <tt>-t <em>millisecs</em></tt> : if no activity on -either side happens for <em>millisecs</em> milliseconds, s6-ioconnect -closes the connection on both ends and exits 1. By default, -<em>millisecs</em> is 0, which means no such timeout. </li> - <li> <tt>-r <em>fdr</em></tt> : Use fd <em>fdr</em> for -"remote" reading instead of fd 6. </li> - <li> <tt>-w <em>fdw</em></tt> : Use fd <em>fdw</em> for -"remote" writing instead of fd 7. </li> - <li> <tt>-0</tt>: assume stdin is a socket and needs to be shut down -for reading after an EOF. </li> - <li> <tt>-1</tt>: assume stdout is a socket and needs to be shut down -for writing to correctly transmit an EOF. </li> - <li> <tt>-6</tt>: assume the remote reading fd is a socket and needs to be shut down -for reading after an EOF. </li> - <li> <tt>-7</tt>: assume the remote writing fd is a socket and needs to be shut down -for writing to correctly transmit an EOF. </li> -</ul> - -<h2> Notes </h2> - -<ul> - <li> Transmitting EOF across full-duplex sockets -<a href="http://cr.yp.to/tcpip/twofd.html">is ugly</a>. The right thing -in every case cannot be automatically determined, so it is up to the user -to mention that a socket must be shut down. Most of the time, though, -shutting down sockets after EOF <em>is</em> the right thing to do, so -<tt>s6-ioconnect -67</tt> should be the common use case. </li> - <li> The point of s6-ioconnect is to be used together with -<a href="s6-tcpclient.html">s6-tcpclient</a> or -<a href="s6-ipcclient.html">s6-ipcclient</a> to establish a full- -duplex connection between the client and the server, for instance -for testing purposes. <tt>s6-ioconnect</tt> is to s6-tcpclient as -<tt>cat</tt> is to s6-tcpserver: a program that will just echo -what it gets. </li> - <li> On modern Linux systems, s6-ioconnect will perform zero-copy -data transmission, via the -<a href="http://man7.org/linux/man-pages/man2/splice.2.html">splice</a> -system call. </li> -</ul> - -</body> -</html> diff --git a/doc/s6-ipcclient.html b/doc/s6-ipcclient.html deleted file mode 100644 index 2bb66aa..0000000 --- a/doc/s6-ipcclient.html +++ /dev/null @@ -1,65 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: the s6-ipcclient program</title> - <meta name="Description" content="s6-networking: the s6-ipcclient program" /> - <meta name="Keywords" content="s6-networking s6-ipcclient ipcclient ucspi unix client" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> The <tt>s6-ipcclient</tt> program </h1> - -<p> -<tt>s6-ipcclient</tt> is an -<a href="http://cr.yp.to/proto/ucspi.txt">UCSPI client tool</a> for -Unix domain sockets. It connects to a socket, then executes into -a program. -</p> - -<h2> Interface </h2> - -<pre> - s6-ipcclient [ -q | -Q | -v ] [ -p bindpath ] [ -l localname ] <em>path</em> <em>prog...</em> -</pre> - -<ul> - <li> s6-ipcclient connects to a Unix domain socket on <em>path</em>. </li> - <li> It executes into <em>prog...</em> with descriptor 6 reading from -the socket and descriptor 7 writing to it. </li> -</ul> - -<h2> Environment variables </h2> - -<p> - <em>prog...</em> is run with -the following variables set: -</p> - -<ul> - <li> PROTO: always set to IPC </li> - <li> IPCLOCALPATH: set to the path associated with the local socket, -if any. Be aware that it may contain arbitrary characters. </li> -</ul> - -<h2> Options </h2> - -<ul> - <li> <tt>-q</tt> : be quiet. </li> - <li> <tt>-Q</tt> : be normally verbose. This is the default. </li> - <li> <tt>-v</tt> : be verbose. </li> - <li> <tt>-p <em>localpath</em></tt> : bind the local -socket to <em>localpath</em> before connecting to <em>path</em>. </li> - <li> <tt>-l <em>localname</em></tt> : use <em>localname</em> -as the value of the IPCLOCALPATH environment variable. </li> -</ul> - -</body> -</html> diff --git a/doc/s6-ipcserver-access.html b/doc/s6-ipcserver-access.html deleted file mode 100644 index 515138c..0000000 --- a/doc/s6-ipcserver-access.html +++ /dev/null @@ -1,172 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: the s6-ipcserver-access program</title> - <meta name="Description" content="s6-networking: the s6-ipcserver-access program" /> - <meta name="Keywords" content="s6-networking s6-tcpserver-access unix access control ipcrules" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> The <tt>s6-ipcserver-access</tt> program </h1> - -<p> -<tt>s6-ipcserver-access</tt> is a command-line access -control tool for Unix domain sockets on systems where the -<a href="http://www.superscript.com/ucspi-ipc/getpeereid.html">getpeereid()</a> system call can be implemented. -It is meant to be run after -<a href="s6-ipcserverd.html">s6-ipcserverd</a> and before -the application program on the s6-ipcserver command line. -</p> - -<h2> Interface </h2> - -<pre> - s6-ipcserver-access [ -v <em>verbosity</em> ] [ -E | -e ] [ -l <em>localname</em> ] [ -i <em>rulesdir</em> | -x <em>rulesfile</em> ] <em>prog...</em> -</pre> - -<ul> - <li> s6-ipcserver-access checks it is run under a UCSPI server tool -such as <a href="s6-ipcserver.html">s6-ipcserver</a>. - <li> It checks that the remote end of the connection fits the -accepted criteria defined by the database contained in <em>rulesdir</em> -or <em>rulesfile</em>. If the database tells it to reject the connection, -the program exits 1. </li> - <li> It sets up a few additional environment variables. </li> - <li> It executes into <em>prog...</em>, -unless the first matching rule in the rule database -includes instructions to override <em>prog...</em>. </li> -</ul> - -<h2> Environment variables </h2> - -<p> -s6-ipcserver-access expects to inherit some environment variables from -its parent: -</p> - -<ul> - <li> PROTO: normally IPC, but could be anything else, like UNIX. </li> - <li> ${PROTO}REMOTEEUID: the effective UID of the client program connecting to the socket. </li> - <li> ${PROTO}REMOTEEGID: the effective GID of the client program connecting to the socket. </li> -</ul> - -<p> - Additionally, it exports the following variables before executing into -<em>prog...</em>: -</p> - -<ul> - <li> ${PROTO}LOCALPATH: set to the local "address" of the socket, as -reported by the -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/getsockname.html">getsockname()</a> -system call, truncated to 99 characters max. </li> -</ul> - -<p> - Also, the access rules database can instruct s6-ipcserver-access to set -up, or unset, more environment variables, depending on the client address. -</p> - -<h2> Options </h2> - -<ul> - <li> <tt>-v <em>verbosity</em></tt> : be more or less verbose, i.e. -print more or less information to stderr: - <ul> - <li> 0: only log error messages. </li> - <li> 1: only log error and warning messages, and accepted connections. -This is the default. </li> - <li> 2: also log rejected connections and more warning messages. </li> - </ul> </li> - <li> <tt>-E</tt> : no environment. All environment variables potentially -set by s6-ipcserver-access, as well as those set by -<a href="s6-ipcserver.html">s6-ipcserver</a>, will be unset instead. </li> - <li> <tt>-e</tt> : set up environment variables normally. -This is the default. </li> - <li> <tt>-l <em>localname</em></tt> : use <em>localname</em> -as the value for the ${PROTO}LOCALPATH environment variable, instead of -looking it up via getsockname(). </li> - <li> <tt>-i <em>rulesdir</em></tt> : check client credentials -against a filesystem-based database in the <em>rulesdir</em> directory. </li> - <li> <tt>-x <em>rulesfile</em></tt> : check client credentials -against a <a href="http://en.wikipedia.org/wiki/Cdb_(software)">cdb</a> -database in the <em>rulesfile</em> file. <tt>-i</tt> and <tt>-x</tt> are -mutually exclusive. If none of those options is given, no credential checking will be -performed, and a warning will be emitted on every connection if -<em>verbosity</em> is 2 or more. </li> -</ul> - -<h2> Access rule checking </h2> - -<p> - s6-ipcserver-access checks its client connection against -a ruleset. This ruleset can be implemented: -</p> - -<ul> - <li> either in the filesystem as an arborescence of directories and files, -if the <tt>-i</tt> option has been given. This option is the most flexible -one: the directory format is simple enough for scripts to understand and -modify it, and the ruleset can be changed dynamically. This is practical, -for instance, for roaming users. </li> -<li> or in a <a href="http://en.wikipedia.org/wiki/Cdb_(software)">CDB -file</a>, if the <tt>-x</tt> option has been given. This option is the most -efficient one if the ruleset is static enough: a lot less system calls are -needed to perform searches in a CDB than in the filesystem. </li> -</ul> - -<p> - The exact format of the ruleset is described on the -<a href="s6-accessrules-cdb-from-fs.html">s6-accessrules-cdb-from-fs</a> page. -</p> - -<p> -s6-ipcserver-access first reads the client UID <em>uid</em> and -GID <em>gid</em> from the -${PROTO}REMOTEEUID and ${PROTO}REMOTEEGID environment variables, and checks -them with the -<a href="libs6net/accessrules.html#uidgid">s6net_accessrules_keycheck_uidgid()</a> -function. In other words, it tries to match: - -<ul> - <li> <tt>uid/</tt><em>uid</em> </li> - <li> <tt>gid/</tt><em>gid</em> </li> - <li> <tt>uid/default</tt> </li> -</ul> - -<p> - in that order. If no S6NET_ACCESSRULES_ALLOW result can be obtained, -the connection is denied. -</p> - -<h2> Environment and executable modifications </h2> - -<p> - s6-ipcserver-access interprets non-empty <tt>env</tt> subdirectories -and <tt>exec</tt> files -it finds in the first matching rule of the ruleset, as explained -in the <a href="s6-accessrules-cdb-from-fs.html">s6-accessrules-cdb-from-fs</a> -page. -</p> - -<ul> - <li> An <tt>env</tt> subdirectory is interpreted as if the -<a href="http://skarnet.org/software/s6/s6-envdir.html">s6-envdir</a> -command had been called before executing <em>prog</em>: the environment -is modified according to the contents of <tt>env</tt>. </li> - <li> An <tt>exec</tt> file containing <em>newprog</em> completely -bypasses the rest of s6-ipcserver-access' command line. After -environment modifications, if any, s6-ipcserver-access execs into -<tt><a href="http://skarnet.org/software/execline/execlineb.html">execlineb</a> -c <em>newprog</em></tt>. </li> -</ul> - -</body> -</html> diff --git a/doc/s6-ipcserver-socketbinder.html b/doc/s6-ipcserver-socketbinder.html deleted file mode 100644 index 2c8d993..0000000 --- a/doc/s6-ipcserver-socketbinder.html +++ /dev/null @@ -1,72 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: the s6-ipcserver-socketbinder program</title> - <meta name="Description" content="s6-networking: the s6-ipcserver-socketbinder program" /> - <meta name="Keywords" content="s6-networking s6-ipcserver-socketbinder ipcserver ucspi socket bind listen" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> The <tt>s6-ipcserver-socketbinder</tt> program </h1> - -<p> -<tt>s6-ipcserver-socketbinder</tt> binds a Unix domain -socket, then executes a program. -</p> - -<h2> Interface </h2> - -<pre> - s6-ipcserver-socketbinder [ -d | -D ] [ -b <em>backlog</em> ] <em>path</em> <em>prog...</em> -</pre> - -<ul> - <li> s6-ipcserver-socketbinder creates a Unix domain socket of type SOCK_STREAM -and binds it to <em>path</em>. It prepares the socket to accept -connections by calling -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/listen.html">listen()</a>. </li> - <li> It then execs into <em>prog...</em> with the open socket -as its standard input. </li> -</ul> - -<h2> Options </h2> - -<ul> - <li> <tt>-d</tt> : allow instant rebinding to the same path -even if it has been used not long ago - this is the SO_REUSEADDR flag to -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/setsockopt.html">setsockopt()</a> -and is generally used with server programs. This is the default. Note that -<em>path</em> will be deleted if it already exists at program start time. </li> - <li> <tt>-D</tt> : disallow instant rebinding to the same path. </li> - <li> <tt>-b <em>backlog</em></tt> : set a maximum of -<em>backlog</em> backlog connections on the socket. Extra -connection attempts will rejected by the kernel. </li> -</ul> - -<h2> Notes </h2> - -<ul> - <li> s6-ipcserver-socketbinder is part of a set of basic blocks used to -build a flexible Unix super-server. It normally should be given a -command line crafted to make it execute into -<a href="s6-ipcserverd.html">s6-ipcserverd</a> to accept connections -from clients, or into a program such as -<a href="http://skarnet.org/software/s6/s6-applyuidgid.html">s6-applyuidgid</a> -to drop privileges before doing so. </li> - <li> The <a href="s6-ipcserver.html">s6-ipcserver</a> program does -exactly this. It implements -a full Unix super-server by building a command line starting with -s6-ipcserver-socketbinder and ending with s6-ipcserverd followed by the -application program, and executing into it. </li> -</ul> - -</body> -</html> diff --git a/doc/s6-ipcserver.html b/doc/s6-ipcserver.html deleted file mode 100644 index 4b52888..0000000 --- a/doc/s6-ipcserver.html +++ /dev/null @@ -1,173 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: the s6-ipcserver program</title> - <meta name="Description" content="s6-networking: the s6-ipcserver program" /> - <meta name="Keywords" content="s6-networking s6-ipcserver ipcserver ucspi unix server super-server" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> The <tt>s6-ipcserver</tt> program </h1> - -<p> -<tt>s6-ipcserver</tt> is an -<a href="http://cr.yp.to/proto/ucspi.txt">UCSPI server tool</a> for -Unix domain sockets, i.e. a super-server. -It accepts connections from clients, and forks a -program to handle each connection. -</p> - -<h2> Interface </h2> - -<pre> - s6-ipcserver [ -1 ] [ -q | -Q | -v ] [ -d | -D ] [ -P | -p ] [ -c <em>maxconn</em> ] [ -C <em>localmaxconn</em> ] [ -b <em>backlog</em> ] [ -G <em>gidlist</em> ] [ -g <em>gid</em> ] [ -u <em>uid</em> ] [ -U ] <em>path</em> <em>prog...</em> -</pre> - -<ul> - <li> s6-ipcserver binds a Unix domain socket to <em>path</em>. </li> - <li> It can drop its root privileges. </li> - <li> It closes its stdin and stdout. </li> - <li> For every client connection to this socket, it -forks. The child sets some environment variables, then -executes <em>prog...</em> with stdin reading from the socket and -stdout writing to it. </li> - <li> Depending on the verbosity level, it logs what it does to stderr. </li> - <li> It runs until killed by a signal. Depending on the received -signal, it may kill its children before exiting. </li> - <li> s6-ipcserver actually doesn't do any of this itself. It is -a wrapper, rewriting the command line and executing into a chain -of programs that perform those duties. </li> -</ul> - -<h2> Implementation </h2> - -<ul> - <li> s6-ipcserver parses the options and arguments it is given, and -builds a new command line with them. It then executes into that new -command line. </li> - <li> The first program s6-ipcserver executes into is -<a href="s6-ipcserver-socketbinder.html">s6-ipcserver-socketbinder</a>. -It will create and bind a Unix domain socket to <em>path</em>, then -execute into the rest of the command line. </li> - <li> If a privilege-dropping operation has been requested, the -program that s6-ipcserver-socketbinder executes into is -<a href="http://skarnet.org/software/s6/s6-applyuidgid.html">s6-applyuidgid</a>. -It will drop the root privileges, then execute into the rest of the -command line. </li> - <li> The next program in the chain is -<a href="s6-ipcserverd.html">s6-ipcserverd</a>. It is executed into -by s6-applyuidgid, or directly by s6-ipcserver-socketbinder if no -privilege-dropping operation has been requested. s6-ipcserverd is -the long-lived process, the "daemon" itself, accepting connections -from clients. </li> - <li> For every client, s6-ipcserverd will spawn an instance of -<em>prog...</em>, the remainder of the command line. </li> -</ul> - - -<h2> Options </h2> - -<ul> - <li> <tt>-1</tt> : write <em>path</em>, followed by a newline, -to stdout, before -closing it, right after binding and listening to the Unix socket. -If stdout is suitably redirected, this can be used by monitoring -programs to check when the server is ready to accept connections. </li> - <li> <tt>-q</tt> : be quiet. </li> - <li> <tt>-Q</tt> : be normally verbose. This is the default. </li> - <li> <tt>-v</tt> : be verbose. </li> - <li> <tt>-d</tt> : allow instant rebinding to the same path -even if it has been used not long ago - this is the SO_REUSEADDR flag to -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/setsockopt.html">setsockopt()</a> -and is generally used with server programs. This is the default. Note that -<em>path</em> will be deleted if it already exists at program start time. </li> - <li> <tt>-D</tt> : disallow instant rebinding to the same path. </li> - <li> <tt>-P</tt> : disable client credentials lookups. The -IPCREMOTEEUID and IPCREMOTEEGID environment variables will be unset -in every instance of <em>prog...</em>. This is the portable option, -because not every system supports credential lookup across Unix domain -sockets; but it is not as secure. </li> - <li> <tt>-p</tt> : enable client credentials lookups. This -is the default; it works at least on Linux, Solaris, and -*BSD systems. On systems that do not support it, every connection -attempt will fail with a warning message. </li> - <li> <tt>-c <em>maxconn</em></tt> : accept at most -<em>maxconn</em> concurrent connections. Default is 40. It is -impossible to set it higher than 1000. </li> - <li> <tt>-C <em>localmaxconn</em></tt> : accept at most -<em>localmaxconn</em> connections from the same user ID. -Default is 40. It is impossible to set it higher than <em>maxconn</em>. </li> - <li> <tt>-b <em>backlog</em></tt> : set a maximum of -<em>backlog</em> backlog connections on the socket. Extra -connection attempts will rejected by the kernel. </li> - <li> <tt>-G <em>gidlist</em></tt> : change s6-ipcserver's -supplementary group list to <em>gidlist</em> after binding the socket. -This is only valid when run as root. <em>gidlist</em> must be a -comma-separated list of numerical group IDs. </li> - <li> <tt>-g <em>gid</em></tt> : change s6-ipcserver's groupid -to <em>gid</em> after binding the socket. This is only valid when run -as root. </li> - <li> <tt>-u <em>uid</em></tt> : change s6-ipcserver's userid -to <em>uid</em> after binding the socket. This is only valid when run -as root. </li> - <li> <tt>-U</tt> : change s6-ipcserver's user id, group id and -supplementary group list -according to the values of the UID, GID and GIDLIST environment variables -after binding the socket. This is only valid when run as root. -This can be used with the -<a href="http://skarnet.org/software/s6/s6-envuidgid.html">s6-envuidgid</a> -program to easily script a service that binds to a privileged socket -then drops its privileges to those of a named non-root account. </li> -</ul> - -<h2> Implementation </h2> - -<ul> - <li> s6-ipcserver parses the options and arguments it is given, and -builds a new command line with them. It then executes into that new -command line. </li> - <li> The first program s6-ipcserver executes into is -<a href="s6-ipcserver-socketbinder.html">s6-ipcserver-socketbinder</a>. -It will create and bind a Unix domain socket to <em>path</em>, then -execute into the rest of the command line. </li> - <li> If a privilege-dropping operation has been requested, the -program that s6-ipcserver-socketbinder executes into is -<a href="http://skarnet.org/software/s6/s6-applyuidgid.html">s6-applyuidgid</a>. -It will drop the root privileges, then execute into the rest of the -command line. </li> - <li> The next program in the chain is -<a href="s6-ipcserverd.html">s6-ipcserverd</a>. It is executed into -by s6-applyuidgid, or directly by s6-ipcserver-socketbinder if no -privilege-dropping operation has been requested. s6-ipcserverd is -the long-lived process, the "daemon" itself, accepting connections -from clients. </li> - <li> For every client, s6-ipcserverd will spawn an instance of -<em>prog...</em>, the remainder of the command line. </li> -</ul> - -<h2> Notes </h2> - -<ul> - <li> s6-ipcserver does not interpret its options itself. It just -dispatches them to the appropriate program on the command line that -it builds. </li> - <li> In previous releases of s6-networking, s6-ipcserver was -monolithic: it did the work of s6-ipcserver-socketbinder, -s6-applyuidgid and s6-ipcserverd itself. The functionality has now -been split into several different programs because some service startup -schemes require the daemon to get its socket from an external -program instead of creating and binding it itself. The most obvious -application of this is upgrading a long-lived process without -losing existing connections. </li> -</ul> - -</body> -</html> diff --git a/doc/s6-ipcserverd.html b/doc/s6-ipcserverd.html deleted file mode 100644 index 916de12..0000000 --- a/doc/s6-ipcserverd.html +++ /dev/null @@ -1,131 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: the s6-ipcserverd program</title> - <meta name="Description" content="s6-networking: the s6-ipcserverd program" /> - <meta name="Keywords" content="s6-networking s6-ipcserverd ipcserver ucspi unix server super-server" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> The <tt>s6-ipcserverd</tt> program </h1> - -<p> -<tt>s6-ipcserverd</tt> is the serving part of the -<a href="s6-ipcserver.html">s6-ipcserver</a> super-server. -It assumes that its stdin is a bound and listening Unix -domain socket, and -it accepts connections from clients connecting to it, forking a -program to handle each connection. -</p> - -<h2> Interface </h2> - -<pre> - s6-ipcserverd [ -1 ] [ -v verbosity ] [ -P | -p ] [ -c <em>maxconn</em> ] [ -C <em>localmaxconn</em> ] <em>prog...</em> -</pre> - -<ul> - <li> s6-ipcserverd accepts connections from clients to an already -bound and listening SOCK_STREAM Unix domain socket which is its -standard input. </li> - <li> For every client connection to this socket, it -forks. The child sets some environment variables, then -executes <em>prog...</em> with stdin reading from the socket and -stdout writing to it. </li> - <li> Depending on the verbosity level, it logs what it does to stderr. </li> - <li> It runs until killed by a signal. Depending on the received -signal, it may kill its children before exiting. </li> -</ul> - -<h2> Environment variables </h2> - -<p> - For each connection, an instance of <em>prog...</em> is spawned with -the following variables set: -</p> - -<ul> - <li> PROTO: always set to IPC </li> - <li> IPCREMOTEEUID: set to the effective UID of the client, -unless credentials lookups have been disabled </li> - <li> IPCREMOTEEGID: set to the effective GID of the client, -unless credentials lookups have been disabled </li> - <li> IPCREMOTEPATH: set to the path associated with the remote socket, -if any. Be aware that it may contain arbitrary characters. </li> - <li> IPCCONNNUM: set to the number of connections originating from -the same user (i.e. same uid) </li> -</ul> - -<p> - If client credentials lookup has been disabled, IPCREMOTEEUID and -IPCREMOTEEUID will be set, but empty. -</p> - - -<h2> Options </h2> - -<ul> - <li> <tt>-1</tt> : write a newline to stdout, and close stdout, -right before entering the client-accepting loop. -If stdout is suitably redirected, this can be used by monitoring -programs to check when the server is accepting connections. -The <a href="http://skarnet.org/software/s6/s6-notifywhenup.html">s6-notifywhenup</a> -program can be used before the s6-ipcserver -invocation to notify listeners when the server is ready. </li> - <li> <tt>-v <em>verbosity</em></tt> : be more or less -verbose. <em>verbosity</em> can be 0 (quiet), 1 (normal), or 2 -(verbose). </li> - <li> <tt>-P</tt> : disable client credentials lookups. The -IPCREMOTEEUID and IPCREMOTEEGID environment variables will be unset -in every instance of <em>prog...</em>. This is the portable option, -because not every system supports credential lookup across Unix domain -sockets; but it is not as secure. </li> - <li> <tt>-p</tt> : enable client credentials lookups. This -is the default; it works at least on Linux, Solaris, and -*BSD systems. On systems that do not support it, every connection -attempt will fail with a warning message. </li> - <li> <tt>-c <em>maxconn</em></tt> : accept at most -<em>maxconn</em> concurrent connections. Default is 40. It is -impossible to set it higher than 1000. </li> - <li> <tt>-C <em>localmaxconn</em></tt> : accept at most -<em>localmaxconn</em> connections from the same user ID. -Default is 40. It is impossible to set it higher than <em>maxconn</em>. </li> -</ul> - -<h2> Signals </h2> - -<ul> - <li> SIGTERM: exit. </li> - <li> SIGHUP: send a SIGTERM and a SIGCONT to all children. </li> - <li> SIGQUIT: send a SIGTERM and a SIGCONT to all children, then exit. </li> - <li> SIGABRT: send a SIGKILL to all children, then exit. </li> -</ul> - -<h2> Notes </h2> - -<ul> - <li> Unlike his close cousin -<a href="http://www.superscript.com/ucspi-ipc/ipcserver.html">ipcserver</a>, -s6-ipcserverd does not perform operations such as access control. Those are -delegated to the -<a href="s6-ipcserver-access.html">s6-ipcserver-access</a> program. </li> - <li> s6-ipcserverd can be used to set up -<a href="localservice.html">local services</a>. </li> - <li> s6-ipcserverd is meant to be execve'd into by a program that gets -the listening socket. That program is normally -<a href="s6-ipcserver-socketbinder.html">s6-ipcserver-socketbinder</a>, -which creates the socket itself; but it can be a different one if the -socket is to be retrieved by another means, for instance by fd-passing -from a fd-holding daemon (some people call this "socket activation"). </li> -</ul> - -</body> -</html> diff --git a/doc/s6-sudo.html b/doc/s6-sudo.html deleted file mode 100644 index 603ad8a..0000000 --- a/doc/s6-sudo.html +++ /dev/null @@ -1,59 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: the s6-sudo program</title> - <meta name="Description" content="s6-networking: the s6-sudo program" /> - <meta name="Keywords" content="s6-networking s6-sudo sudo setuid suid unix privilege gain getpeereid" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> The <tt>s6-sudo</tt> program </h1> - -<p> -<tt>s6-sudo</tt> connects to a Unix domain socket and passes -its standard file descriptors, command-line arguments and -environment to a program running on the server side, potentially -with different privileges. -</p> - -<h2> Interface </h2> - -<pre> - s6-sudo [ -q | -Q | -v ] [ -p <em>bindpath</em> ] [ -l <em>localname</em> ] [ -e ] [ -t <em>timeoutconn</em> ] [ -T <em>timeoutrun</em> ] <em>path</em> [ <em>args...</em> ] -</pre> - -<ul> - <li> s6-sudo executes into <tt><a href="s6-ipcclient.html">s6-ipcclient</a> <em>path</em> -<a href="s6-sudoc.html">s6-sudoc</a> args...</tt> It does nothing else: it is just a -convenience program. The <a href="s6-ipcclient.html">s6-ipcclient</a> program connects -to a Unix socket at <em>path</em>, and the -<a href="s6-sudoc.html">s6-sudoc program</a> transmits the desired elements over the -socket. </li> - <li> It should be used to connect to a -<a href="localservice.html">local service</a> running the -<a href="s6-sudod.html">s6-sudod</a> program, which will run a server program on the -client's behalf. </li> -</ul> - -<h2> Options </h2> - -<ul> - <li> The <tt>-q</tt>, <tt>-Q</tt>, <tt>-v</tt>, <tt>-p</tt> and </tt>-l</tt> -options are passed to <a href="s6-ipcclient.html">s6-ipcclient</a>. </li> - <li> The <tt>-e</tt>, <tt>-t</tt> and <tt>-T</tt> options are passed to -<a href="s6-sudoc.html">s6-sudoc</a>. </li> - <li> Command-line arguments, if any, are also passed to -<a href="s6-sudoc.html">s6-sudoc</a>, which will transmit them to -<a href="s6-sudod.html">s6-sudod</a> over the socket. -</ul> - -</body> -</html> diff --git a/doc/s6-sudoc.html b/doc/s6-sudoc.html deleted file mode 100644 index def09a9..0000000 --- a/doc/s6-sudoc.html +++ /dev/null @@ -1,80 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: the s6-sudoc program</title> - <meta name="Description" content="s6-networking: the s6-sudoc program" /> - <meta name="Keywords" content="s6-networking s6-sudoc sudo setuid suid unix privilege gain getpeereid client" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> The <tt>s6-sudoc</tt> program </h1> - -<p> -<tt>s6-sudoc</tt> talks to a peer <a href="s6-sudod.html">s6-sudod</a> -program over a Unix socket, passing it command-line arguments, environment -variables and standard descriptors. -</p> - -<h2> Interface </h2> - -<pre> - s6-sudoc [ -e ] [ -t <em>timeoutconn</em> ] [ -T <em>timeoutrun</em> ] [ <em>args...</em> ] -</pre> - -<ul> - <li> s6-sudoc transmits its standard input, standard output and standard error -via fd-passing over a Unix socket that must be open on its descriptors 6 and 7. - It expects a <a href="s6-sudod.html">s6-sudod</a> process to be receiving them -on the other side. </li> -<li> It also transmits its command-line arguments <em>args</em>, and also its -environment by default. Note that s6-sudod will not necessarily accept all the -environment variables that s6-sudoc tries to transmit. </li> - <li> s6-sudoc waits for the server program run by s6-sudod to finish. It exits -the same exit code as the server program. If the server program is killed by a -signal, s6-sudoc kills itself with the same signal. </li> -</ul> - -<h2> Options </h2> - -<ul> - <li> <tt>-e</tt> : do not attempt to transmit any environment variables -to <a href="s6-sudod.html">s6-sudod</a>. </li> - <li> <tt>-t <em>timeoutconn</em></tt> : if s6-sudod has not -managed to process the given information and start the server program after -<em>timeoutconn</em> milliseconds, give up. By default, <em>timeoutconn</em> -is 0, meaning infinite. Note that there is no reason to set up a nonzero -<em>timeoutconn</em> with a large value: s6-sudod is not supposed to block. -The option is only there to protect against ill-written services. </li> - <li> <tt>-T <em>timeoutrun</em></tt> : if the server program -has not exited after <em>timeoutrun</em> milliseconds, give up. By -default, <em>timeoutrun</em> is 0, meaning infinite. </li> -</ul> - -<h2> Notes </h2> - -<ul> - <li> If s6-sudoc is killed, or exits after <em>timeoutrun</em> milliseconds, -while the server program is still running, s6-sudod will send a SIGTERM and a -SIGCONT to the server program - but this does not guarantee that it will die. -If the server program keeps running, it might still read from the file that -was s6-sudoc's stdin, or write to the files that were s6-sudoc's stdout or -stderr. <strong>This is a potential security risk</strong>. -Administrators should audit their server programs to make sure this does not -happen. </li> - <li> More generally, anything using signals or terminals will not be -handled transparently by the s6-sudoc + s6-sudod mechanism. The mechanism -was designed to allow programs to gain privileges in specific situations: -short-lived, simple, noninteractive processes. It was not designed to emulate -the full suid functionality and will not go out of its way to do so. </li> -</ul> - -</body> -</html> diff --git a/doc/s6-sudod.html b/doc/s6-sudod.html deleted file mode 100644 index c783736..0000000 --- a/doc/s6-sudod.html +++ /dev/null @@ -1,165 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: the s6-sudod program</title> - <meta name="Description" content="s6-networking: the s6-sudod program" /> - <meta name="Keywords" content="s6-networking s6-sudod sudo setuid suid unix privilege gain getpeereid server" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> The <tt>s6-sudod</tt> program </h1> - -<p> -<tt>s6-sudod</tt> receives command-line arguments, environment variables -and standard descriptors from a peer <a href="s6-sudoc.html">s6-sudoc</a> -program over a Unix socket, then forks another program. -</p> - -<h2> Interface </h2> - -<pre> - s6-sudod [ -0 ] [ -1 ] [ -2 ] [ -s ] [ -t <em>timeout</em> ] [ <em>sargv...</em> ] -</pre> - -<ul> - <li> s6-sudod gets 3 file descriptors via fd-passing over a Unix socket that -must be open on its descriptors 0 and 1. (The received descriptors will be the -stdin, stdout and stderr of the server program.) It expects a -<a href="s6-sudoc.html">s6-sudoc</a> process to be sending them on the -client side. </li> - <li> It also receives a list of command-line arguments <em>cargv...</em>, and -an environment <em>clientenv</em>. </li> - <li> s6-sudod forks and executes <em>sargv...</em> <em>cargv</em>... -The client command line is appended to the server command line. </li> - <li> s6-sudod waits for its child to exit and transmits its exit code -to the peer <a href="s6-sudoc.html">s6-sudoc</a> process. It then exits 0. </li> -</ul> - -<h2> Environment </h2> - -<p> -s6-sudod transmits its own environment to its child, plus the environment sent -by <a href="s6-sudoc.html">s6-sudoc</a>, filtered in the following manner: -for every variable sent by <a href="s6-sudoc.html">s6-sudoc</a>, if the -variable is <strong>present but empty</strong> in s6-sudod's environment, then -its value is overriden by the value given by s6-sudoc. A variable that is -already nonempty, or that doesn't exist, in s6-sudod's environment, will not -be transmitted to the child. -</p> - -<h2> Options </h2> - -<ul> - <li> <tt>-0</tt> : do not inherit stdin from s6-sudoc. The child will be -run with its stdin pointing to <tt>/dev/null</tt> instead. </li> - <li> <tt>-1</tt> : do not inherit stdout from s6-sudoc. The child will be -run with its stdout pointing to <tt>/dev/null</tt> instead. </li> - <li> <tt>-2</tt> : do not inherit stderr from s6-sudoc. The child will be -run with its stderr being a copy of s6-sudod's stderr instead. (This is useful -to still log the child's error messages without sending them to the client.) </li> - <li> <tt>-t <em>timeout</em></tt> : if s6-sudod has not -received all the needed data from the client after <em>timeout</em> -milliseconds, it will exit without spawning a child. By default, <em>timeout</em> -is 0, meaning infinite. This mechanism exists to protect the server from -malicious or buggy clients that would uselessly consume resources. </li> -</ul> - -<h2> Usage example </h2> - -<p> - The typical use of s6-sudod is in a -<a href="localservice.html">local service</a> with a -<a href="s6-ipcserver.html">s6-ipcserver</a> process listening on a Unix -socket, a <a href="s6-ipcserver-access.html">s6-ipcserver-access</a> process -performing client authentication and access control, and possibly a -<a href="http://skarnet.org/software/s6/s6-envdir.html">s6-envdir</a> -process setting up the environment variables that will be accepted by -s6-sudod. The following script, meant to be a <em>run script</em> in a -<a href="http://skarnet.org/software/s6/servicedir.html">service directory</a>, -will set up a privileged program: -</p> - -<pre> -#!/command/execlineb -P -fdmove -c 2 1 -s6-envuidgid serveruser -s6-ipcserver -U -- serversocket -s6-ipcserver-access -v2 -l0 -i rules -- -exec -c -s6-envdir env -s6-sudod -sargv -</pre> - -<ul> - <li> <a href="http://skarnet.org/software/execline/execlineb.html">execlineb</a> -executes the script. </li> - <li> <a href="http://skarnet.org/software/execline/fdmove.html">fdmove</a> makes -sure the script's error messages are sent to the service's logger. </li> - <li> <a href="http://skarnet.org/software/s6/s6-envuidgid.html">s6-envuidgid</a> -sets the UID, GID and GIDLIST environment variables for s6-ipcserver to interpret. </li> - <li> <a href="s6-ipcserver.html">s6-ipcserver</a> binds to <em>serversocket</em> -and drops its privileges to those of <em>serveruser</em>. Then, for every client -connecting to <em>serversocket</em>: - <ul> - <li> <a href="s6-ipcserver-access.html">s6-ipcserver-access</a> checks the -client's credentials according to the rules in directory <em>rules</em>. - <li> <a href="http://skarnet.org/software/execline/exec.html">exec -c</a> -clears the environment. </li> - <li> <a href="http://skarnet.org/software/s6/s6-envdir.html">s6-envdir</a> -sets environment variables according to the directory <em>env</em>. You can -make sure that a variable VAR will be present but empty by performing -<tt>echo > env/VAR</tt>. (A single newline is interpreted by s6-envdir as -an empty variable; whereas if <tt>env/VAR</tt> is totally empty, then the -VAR variable will be removed from the environment.) </li> - <li> s6-sudod reads a command line <em>cargv</em>, a client environment -and file descriptors over the socket. </li> - <li> s6-sudod spawns <tt>sargv cargv</tt>. </li> - </ul> - (Actually, <a href="s6-ipcserver.html">s6-ipcserver</a> does not do this -itself: it executes into other programs that each do one of the tasks. But for -our example, it does not matter.) </li> -</ul> - -<p> - This means that user <em>clientuser</em> running -<tt><a href="s6-sudo.html">s6-sudo</a> serversocket cargv</tt> will be -able, if authorized by the configuration in <em>rules</em>, to run -<tt>sargv cargv</tt> as user <em>serveruser</em>, with stdin, -stdout, stderr and the environment variables properly listed in <em>env</em> -transmitted to <em>sargv</em>. -</p> - -<h2> Notes </h2> - -<ul> - <li> If s6-sudoc is killed, or exits after <em>timeoutrun</em> milliseconds, -while the server program is still running, s6-sudod will send a SIGTERM and a -SIGCONT to its child, then exit 1. However, sending a SIGTERM to the child -does not guarantee that it will die; and -if it keeps running, it might still read from the file that -was s6-sudoc's stdin, or write to the files that were s6-sudoc's stdout or -stderr. <strong>This is a potential security risk</strong>. -Administrators should audit their server programs to make sure this does not -happen. </li> - <li> More generally, anything using signals or terminals will not be -handled transparently by the s6-sudoc + s6-sudod mechanism. The mechanism -was designed to allow programs to gain privileges in specific situations: -short-lived, simple, noninteractive processes. It was not designed to emulate -the full suid functionality and will not go out of its way to do so. </li> - <li> <em>sargv</em> may be empty. In that case, the client is in complete -control of the command line executed as <em>serveruser</em>. This setup is -permitted by s6-sudod, but it is very dangerous, and extreme attention should -be paid to the construction of the s6-ipcserver-access rules. </li> -</ul> - -</body> -</html> diff --git a/doc/s6-tcpserver-access.html b/doc/s6-tcpserver-access.html index a89d9e3..435c92d 100644 --- a/doc/s6-tcpserver-access.html +++ b/doc/s6-tcpserver-access.html @@ -163,13 +163,13 @@ needed to perform searches in a CDB than in the filesystem. </li> <p> The exact format of the ruleset is described on the -<a href="s6-accessrules-cdb-from-fs.html">s6-accessrules-cdb-from-fs</a> page. +<a href="http://skarnet.org/software/s6/s6-accessrules-cdb-from-fs.html">s6-accessrules-cdb-from-fs</a> page. </p> <p> s6-tcpserver-access first gets the remote address <em>ip</em> of the client and converts it to canonical form. Then it checks it with the -<a href="libs6net/accessrules.html#ip4">s6net_accessrules_keycheck_ip46()</a> +<a href="http://skarnet.org/software/s6/libs6/accessrules.html#ip4">s6_accessrules_keycheck_ip46()</a> function. In other words, it tries to match broader and broader network prefixes of <em>ip</em>, from <tt>ip4/</tt><em>ip</em><tt>_32</tt> to <tt>ip4/0.0.0.0_0</tt> if <em>ip</em> is v4, or from @@ -177,10 +177,10 @@ prefixes of <em>ip</em>, from <tt>ip4/</tt><em>ip</em><tt>_32</tt> to is v6. If the result is: </p> - <li> S6NET_ACCESSRULES_ERROR: it immediately exits 111. </li> - <li> S6NET_ACCESSRULES_DENY: it immediately exits 1. </li> - <li> S6NET_ACCESSRULES_ALLOW: it grants access. </li> - <li> S6NET_ACCESSRULES_NOTFOUND: more information is needed. </li> + <li> S6_ACCESSRULES_ERROR: it immediately exits 111. </li> + <li> S6_ACCESSRULES_DENY: it immediately exits 1. </li> + <li> S6_ACCESSRULES_ALLOW: it grants access. </li> + <li> S6_ACCESSRULES_NOTFOUND: more information is needed. </li> </ul> <p> @@ -188,12 +188,12 @@ is v6. If the result is: is denied. But if s6-tcpserver-access is authorized to perform DNS lookups, then it gets the remote name of the client, <em>remotehost</em>, and checks it with the -<a href="libs6net/accessrules.html#reversedns">s6net_accessrules_keycheck_reversedns()</a> +<a href="http://skarnet.org/software/s6/libs6/accessrules.html#reversedns">s6_accessrules_keycheck_reversedns()</a> function. In other words, it tries to match shorter and shorter suffixes of <em>remotehost</em>, from <tt>reversedns/</tt><em>remotehost</em> to <tt>reversedns/@</tt>. This time, the connection is denied is the result is anything else than -S6NET_ACCESSRULES_ALLOW. +S6_ACCESSRULES_ALLOW. </p> <p> @@ -208,7 +208,7 @@ query on <em>remotehost</em> does not match <em>ip</em>. s6-tcpserver-access interprets non-empty <tt>env</tt> subdirectories and <tt>exec</tt> files it finds in the matching rule of the ruleset, as explained -in the <a href="s6-accessrules-cdb-from-fs.html">s6-accessrules-cdb-from-fs</a> +in the <a href="http://skarnet.org/software/s6/s6-accessrules-cdb-from-fs.html">s6-accessrules-cdb-from-fs</a> page. </p> diff --git a/doc/seekablepipe.html b/doc/seekablepipe.html deleted file mode 100644 index cd17b2e..0000000 --- a/doc/seekablepipe.html +++ /dev/null @@ -1,36 +0,0 @@ -<html> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <meta http-equiv="Content-Language" content="en" /> - <title>s6-networking: the seekablepipe program</title> - <meta name="Description" content="s6-networking: the seekablepipe program" /> - <meta name="Keywords" content="s6-networking seekablepipe pipe seekablepipe-io" /> - <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> - </head> -<body> - -<p> -<a href="index.html">s6-networking</a><br /> -<a href="http://skarnet.org/software/">Software</a><br /> -<a href="http://skarnet.org/">skarnet.org</a> -</p> - -<h1> The <tt>seekablepipe</tt> program </h1> - -<tt>seekablepipe</tt> turns the reading end of a pipe into a seekable -file descriptor, using a temporary file. - -<h2> Interface </h2> - -<pre> - <em>writer</em> | seekablepipe <em>tmpfile reader [ args ... ]</em> -</pre> - -<p> -<tt>seekablepipe</tt> writes <em>writer</em>'s output to <em>tmpfile</em>, -which is unlinked as soon as it is created. Then it execs into -<em>reader</em>, reading from a file descriptor on <em>tmpfile</em>. -</p> - -</body> -</html> diff --git a/package/deps.mak b/package/deps.mak index ab24798..b0f8835 100644 --- a/package/deps.mak +++ b/package/deps.mak @@ -2,28 +2,16 @@ # This file has been generated by tools/gen-deps.sh # -src/include/s6-networking/s6net.h: src/include/s6-networking/accessrules.h src/include/s6-networking/ident.h +src/include/s6-networking/s6net.h: src/include/s6-networking/ident.h src/clock/s6-clockadd.o src/clock/s6-clockadd.lo: src/clock/s6-clockadd.c src/clock/s6-clockview.o src/clock/s6-clockview.lo: src/clock/s6-clockview.c src/clock/s6-sntpclock.o src/clock/s6-sntpclock.lo: src/clock/s6-sntpclock.c src/clock/s6-taiclock.o src/clock/s6-taiclock.lo: src/clock/s6-taiclock.c src/clock/s6-taiclockd.o src/clock/s6-taiclockd.lo: src/clock/s6-taiclockd.c -src/conn-tools/s6-accessrules-cdb-from-fs.o src/conn-tools/s6-accessrules-cdb-from-fs.lo: src/conn-tools/s6-accessrules-cdb-from-fs.c -src/conn-tools/s6-accessrules-fs-from-cdb.o src/conn-tools/s6-accessrules-fs-from-cdb.lo: src/conn-tools/s6-accessrules-fs-from-cdb.c -src/conn-tools/s6-connlimit.o src/conn-tools/s6-connlimit.lo: src/conn-tools/s6-connlimit.c src/conn-tools/s6-getservbyname.o src/conn-tools/s6-getservbyname.lo: src/conn-tools/s6-getservbyname.c src/conn-tools/s6-ident-client.o src/conn-tools/s6-ident-client.lo: src/conn-tools/s6-ident-client.c src/include/s6-networking/ident.h -src/conn-tools/s6-ioconnect.o src/conn-tools/s6-ioconnect.lo: src/conn-tools/s6-ioconnect.c -src/conn-tools/s6-ipcclient.o src/conn-tools/s6-ipcclient.lo: src/conn-tools/s6-ipcclient.c -src/conn-tools/s6-ipcserver-access.o src/conn-tools/s6-ipcserver-access.lo: src/conn-tools/s6-ipcserver-access.c src/include/s6-networking/accessrules.h -src/conn-tools/s6-ipcserver-socketbinder.o src/conn-tools/s6-ipcserver-socketbinder.lo: src/conn-tools/s6-ipcserver-socketbinder.c -src/conn-tools/s6-ipcserver.o src/conn-tools/s6-ipcserver.lo: src/conn-tools/s6-ipcserver.c src/include/s6-networking/config.h -src/conn-tools/s6-ipcserverd.o src/conn-tools/s6-ipcserverd.lo: src/conn-tools/s6-ipcserverd.c -src/conn-tools/s6-sudo.o src/conn-tools/s6-sudo.lo: src/conn-tools/s6-sudo.c src/include/s6-networking/config.h -src/conn-tools/s6-sudoc.o src/conn-tools/s6-sudoc.lo: src/conn-tools/s6-sudoc.c src/conn-tools/s6-sudo.h -src/conn-tools/s6-sudod.o src/conn-tools/s6-sudod.lo: src/conn-tools/s6-sudod.c src/conn-tools/s6-sudo.h src/conn-tools/s6-tcpclient.o src/conn-tools/s6-tcpclient.lo: src/conn-tools/s6-tcpclient.c src/include/s6-networking/ident.h -src/conn-tools/s6-tcpserver-access.o src/conn-tools/s6-tcpserver-access.lo: src/conn-tools/s6-tcpserver-access.c src/include/s6-networking/s6net.h +src/conn-tools/s6-tcpserver-access.o src/conn-tools/s6-tcpserver-access.lo: src/conn-tools/s6-tcpserver-access.c src/include/s6-networking/ident.h src/conn-tools/s6-tcpserver.o src/conn-tools/s6-tcpserver.lo: src/conn-tools/s6-tcpserver.c src/include/s6-networking/config.h src/conn-tools/s6-tcpserver4-socketbinder.o src/conn-tools/s6-tcpserver4-socketbinder.lo: src/conn-tools/s6-tcpserver4-socketbinder.c src/conn-tools/s6-tcpserver4.o src/conn-tools/s6-tcpserver4.lo: src/conn-tools/s6-tcpserver4.c src/include/s6-networking/config.h @@ -31,22 +19,12 @@ src/conn-tools/s6-tcpserver4d.o src/conn-tools/s6-tcpserver4d.lo: src/conn-tools src/conn-tools/s6-tcpserver6-socketbinder.o src/conn-tools/s6-tcpserver6-socketbinder.lo: src/conn-tools/s6-tcpserver6-socketbinder.c src/conn-tools/s6-tcpserver6.o src/conn-tools/s6-tcpserver6.lo: src/conn-tools/s6-tcpserver6.c src/include/s6-networking/config.h src/conn-tools/s6-tcpserver6d.o src/conn-tools/s6-tcpserver6d.lo: src/conn-tools/s6-tcpserver6d.c -src/conn-tools/seekablepipe.o src/conn-tools/seekablepipe.lo: src/conn-tools/seekablepipe.c -src/libs6net/s6net_accessrules_backend_cdb.o src/libs6net/s6net_accessrules_backend_cdb.lo: src/libs6net/s6net_accessrules_backend_cdb.c src/include/s6-networking/accessrules.h -src/libs6net/s6net_accessrules_backend_fs.o src/libs6net/s6net_accessrules_backend_fs.lo: src/libs6net/s6net_accessrules_backend_fs.c src/include/s6-networking/accessrules.h -src/libs6net/s6net_accessrules_keycheck_ip4.o src/libs6net/s6net_accessrules_keycheck_ip4.lo: src/libs6net/s6net_accessrules_keycheck_ip4.c src/include/s6-networking/accessrules.h -src/libs6net/s6net_accessrules_keycheck_ip6.o src/libs6net/s6net_accessrules_keycheck_ip6.lo: src/libs6net/s6net_accessrules_keycheck_ip6.c src/include/s6-networking/accessrules.h -src/libs6net/s6net_accessrules_keycheck_reversedns.o src/libs6net/s6net_accessrules_keycheck_reversedns.lo: src/libs6net/s6net_accessrules_keycheck_reversedns.c src/include/s6-networking/accessrules.h -src/libs6net/s6net_accessrules_keycheck_uidgid.o src/libs6net/s6net_accessrules_keycheck_uidgid.lo: src/libs6net/s6net_accessrules_keycheck_uidgid.c src/include/s6-networking/accessrules.h -src/libs6net/s6net_accessrules_uidgid_cdb.o src/libs6net/s6net_accessrules_uidgid_cdb.lo: src/libs6net/s6net_accessrules_uidgid_cdb.c src/include/s6-networking/accessrules.h -src/libs6net/s6net_accessrules_uidgid_fs.o src/libs6net/s6net_accessrules_uidgid_fs.lo: src/libs6net/s6net_accessrules_uidgid_fs.c src/include/s6-networking/accessrules.h src/libs6net/s6net_ident_client.o src/libs6net/s6net_ident_client.lo: src/libs6net/s6net_ident_client.c src/include/s6-networking/ident.h src/libs6net/s6net_ident_error.o src/libs6net/s6net_ident_error.lo: src/libs6net/s6net_ident_error.c src/include/s6-networking/ident.h src/libs6net/s6net_ident_reply_get.o src/libs6net/s6net_ident_reply_get.lo: src/libs6net/s6net_ident_reply_get.c src/include/s6-networking/ident.h src/libs6net/s6net_ident_reply_parse.o src/libs6net/s6net_ident_reply_parse.lo: src/libs6net/s6net_ident_reply_parse.c src/include/s6-networking/ident.h src/minidentd/mgetuid-default.o src/minidentd/mgetuid-default.lo: src/minidentd/mgetuid-default.c src/minidentd/mgetuid.h src/minidentd/mgetuid-linux.o src/minidentd/mgetuid-linux.lo: src/minidentd/mgetuid-linux.c src/minidentd/mgetuid.h -src/minidentd/mgetuid.o src/minidentd/mgetuid.lo: src/minidentd/mgetuid.c src/minidentd/mgetuid.h src/minidentd/minidentd.o src/minidentd/minidentd.lo: src/minidentd/minidentd.c src/minidentd/mgetuid.h s6-clockadd: private EXTRA_LIBS := ${SYSCLOCK_LIB} @@ -59,40 +37,16 @@ s6-taiclock: private EXTRA_LIBS := ${SOCKET_LIB} ${TAINNOW_LIB} s6-taiclock: src/clock/s6-taiclock.o -lskarnet s6-taiclockd: private EXTRA_LIBS := ${SOCKET_LIB} ${SYSCLOCK_LIB} s6-taiclockd: src/clock/s6-taiclockd.o -lskarnet -s6-accessrules-cdb-from-fs: private EXTRA_LIBS := ${SOCKET_LIB} ${TAINNOW_LIB} -s6-accessrules-cdb-from-fs: src/conn-tools/s6-accessrules-cdb-from-fs.o ${LIBS6NET} -lskarnet -s6-accessrules-fs-from-cdb: private EXTRA_LIBS := -s6-accessrules-fs-from-cdb: src/conn-tools/s6-accessrules-fs-from-cdb.o -lskarnet -s6-connlimit: private EXTRA_LIBS := -s6-connlimit: src/conn-tools/s6-connlimit.o -lskarnet s6-getservbyname: private EXTRA_LIBS := ${SOCKET_LIB} s6-getservbyname: src/conn-tools/s6-getservbyname.o -lskarnet s6-ident-client: private EXTRA_LIBS := ${SOCKET_LIB} ${TAINNOW_LIB} s6-ident-client: src/conn-tools/s6-ident-client.o ${LIBS6NET} -lskarnet -s6-ioconnect: private EXTRA_LIBS := ${SOCKET_LIB} ${TAINNOW_LIB} -s6-ioconnect: src/conn-tools/s6-ioconnect.o -lskarnet -s6-ipcclient: private EXTRA_LIBS := ${SOCKET_LIB} -s6-ipcclient: src/conn-tools/s6-ipcclient.o -lskarnet -s6-ipcserver: private EXTRA_LIBS := -s6-ipcserver: src/conn-tools/s6-ipcserver.o -lskarnet -s6-ipcserver-access: private EXTRA_LIBS := ${SOCKET_LIB} -s6-ipcserver-access: src/conn-tools/s6-ipcserver-access.o ${LIBS6NET} -lskarnet -s6-ipcserver-socketbinder: private EXTRA_LIBS := ${SOCKET_LIB} -s6-ipcserver-socketbinder: src/conn-tools/s6-ipcserver-socketbinder.o -lskarnet -s6-ipcserverd: private EXTRA_LIBS := ${SOCKET_LIB} -s6-ipcserverd: src/conn-tools/s6-ipcserverd.o -lskarnet -s6-sudo: private EXTRA_LIBS := -s6-sudo: src/conn-tools/s6-sudo.o -lskarnet -s6-sudoc: private EXTRA_LIBS := ${SOCKET_LIB} ${TAINNOW_LIB} -s6-sudoc: src/conn-tools/s6-sudoc.o -lskarnet -s6-sudod: private EXTRA_LIBS := ${SOCKET_LIB} ${TAINNOW_LIB} -s6-sudod: src/conn-tools/s6-sudod.o -lskarnet s6-tcpclient: private EXTRA_LIBS := ${SOCKET_LIB} ${TAINNOW_LIB} s6-tcpclient: src/conn-tools/s6-tcpclient.o ${LIBS6NET} -ls6dns -lskarnet s6-tcpserver: private EXTRA_LIBS := s6-tcpserver: src/conn-tools/s6-tcpserver.o -lskarnet s6-tcpserver-access: private EXTRA_LIBS := ${SOCKET_LIB} ${TAINNOW_LIB} -s6-tcpserver-access: src/conn-tools/s6-tcpserver-access.o ${LIBS6NET} -ls6dns -lskarnet +s6-tcpserver-access: src/conn-tools/s6-tcpserver-access.o ${LIBS6NET} -ls6dns -ls6 -lskarnet s6-tcpserver4: private EXTRA_LIBS := ${SOCKET_LIB} s6-tcpserver4: src/conn-tools/s6-tcpserver4.o -lskarnet s6-tcpserver4-socketbinder: private EXTRA_LIBS := ${SOCKET_LIB} @@ -105,9 +59,7 @@ s6-tcpserver6-socketbinder: private EXTRA_LIBS := ${SOCKET_LIB} s6-tcpserver6-socketbinder: src/conn-tools/s6-tcpserver6-socketbinder.o -lskarnet s6-tcpserver6d: private EXTRA_LIBS := ${SOCKET_LIB} s6-tcpserver6d: src/conn-tools/s6-tcpserver6d.o -lskarnet -seekablepipe: private EXTRA_LIBS := -seekablepipe: src/conn-tools/seekablepipe.o -lskarnet -libs6net.a: src/libs6net/s6net_accessrules_backend_cdb.o src/libs6net/s6net_accessrules_backend_fs.o src/libs6net/s6net_accessrules_keycheck_ip4.o src/libs6net/s6net_accessrules_keycheck_ip6.o src/libs6net/s6net_accessrules_keycheck_reversedns.o src/libs6net/s6net_accessrules_keycheck_uidgid.o src/libs6net/s6net_accessrules_uidgid_cdb.o src/libs6net/s6net_accessrules_uidgid_fs.o src/libs6net/s6net_ident_client.o src/libs6net/s6net_ident_reply_get.o src/libs6net/s6net_ident_reply_parse.o src/libs6net/s6net_ident_error.o -libs6net.so: src/libs6net/s6net_accessrules_backend_cdb.lo src/libs6net/s6net_accessrules_backend_fs.lo src/libs6net/s6net_accessrules_keycheck_ip4.lo src/libs6net/s6net_accessrules_keycheck_ip6.lo src/libs6net/s6net_accessrules_keycheck_reversedns.lo src/libs6net/s6net_accessrules_keycheck_uidgid.lo src/libs6net/s6net_accessrules_uidgid_cdb.lo src/libs6net/s6net_accessrules_uidgid_fs.lo src/libs6net/s6net_ident_client.lo src/libs6net/s6net_ident_reply_get.lo src/libs6net/s6net_ident_reply_parse.lo src/libs6net/s6net_ident_error.lo +libs6net.a: src/libs6net/s6net_ident_client.o src/libs6net/s6net_ident_reply_get.o src/libs6net/s6net_ident_reply_parse.o src/libs6net/s6net_ident_error.o +libs6net.so: src/libs6net/s6net_ident_client.lo src/libs6net/s6net_ident_reply_get.lo src/libs6net/s6net_ident_reply_parse.lo src/libs6net/s6net_ident_error.lo minidentd: private EXTRA_LIBS := ${SOCKET_LIB} ${TAINNOW_LIB} minidentd: src/minidentd/minidentd.o src/minidentd/mgetuid.o -lskarnet diff --git a/package/modes b/package/modes index cc7dfa7..4d4cb19 100644 --- a/package/modes +++ b/package/modes @@ -1,11 +1,5 @@ -s6-connlimit 0755 s6-getservbyname 0755 -s6-ioconnect 0755 s6-ident-client 0755 -s6-ipcclient 0755 -s6-ipcserver 0755 -s6-ipcserverd 0755 -s6-ipcserver-socketbinder 0755 s6-tcpclient 0755 s6-tcpserver4 0755 s6-tcpserver4d 0755 @@ -14,14 +8,7 @@ s6-tcpserver6 0755 s6-tcpserver6d 0755 s6-tcpserver6-socketbinder 0755 s6-tcpserver 0755 -s6-accessrules-cdb-from-fs 0755 -s6-accessrules-fs-from-cdb 0755 -s6-ipcserver-access 0755 s6-tcpserver-access 0755 -seekablepipe 0755 -s6-sudo 0755 -s6-sudoc 0755 -s6-sudod 0755 s6-clockadd 0700 s6-clockview 0755 s6-sntpclock 0755 diff --git a/package/targets.mak b/package/targets.mak index 66b61be..1aacad2 100644 --- a/package/targets.mak +++ b/package/targets.mak @@ -1,12 +1,6 @@ BIN_TARGETS := \ -s6-connlimit \ s6-getservbyname \ -s6-ioconnect \ s6-ident-client \ -s6-ipcclient \ -s6-ipcserver \ -s6-ipcserverd \ -s6-ipcserver-socketbinder \ s6-tcpclient \ s6-tcpserver \ s6-tcpserver4 \ @@ -15,14 +9,7 @@ s6-tcpserver4-socketbinder \ s6-tcpserver6 \ s6-tcpserver6d \ s6-tcpserver6-socketbinder \ -s6-accessrules-cdb-from-fs \ -s6-accessrules-fs-from-cdb \ -s6-ipcserver-access \ s6-tcpserver-access \ -seekablepipe \ -s6-sudo \ -s6-sudoc \ -s6-sudod \ s6-clockadd \ s6-clockview \ s6-sntpclock \ diff --git a/src/conn-tools/deps-exe/s6-accessrules-cdb-from-fs b/src/conn-tools/deps-exe/s6-accessrules-cdb-from-fs deleted file mode 100644 index 407cc2d..0000000 --- a/src/conn-tools/deps-exe/s6-accessrules-cdb-from-fs +++ /dev/null @@ -1,4 +0,0 @@ -${LIBS6NET} --lskarnet -${SOCKET_LIB} -${TAINNOW_LIB} diff --git a/src/conn-tools/deps-exe/s6-accessrules-fs-from-cdb b/src/conn-tools/deps-exe/s6-accessrules-fs-from-cdb deleted file mode 100644 index e7187fe..0000000 --- a/src/conn-tools/deps-exe/s6-accessrules-fs-from-cdb +++ /dev/null @@ -1 +0,0 @@ --lskarnet diff --git a/src/conn-tools/deps-exe/s6-connlimit b/src/conn-tools/deps-exe/s6-connlimit deleted file mode 100644 index e7187fe..0000000 --- a/src/conn-tools/deps-exe/s6-connlimit +++ /dev/null @@ -1 +0,0 @@ --lskarnet diff --git a/src/conn-tools/deps-exe/s6-ioconnect b/src/conn-tools/deps-exe/s6-ioconnect deleted file mode 100644 index e027835..0000000 --- a/src/conn-tools/deps-exe/s6-ioconnect +++ /dev/null @@ -1,3 +0,0 @@ --lskarnet -${SOCKET_LIB} -${TAINNOW_LIB} diff --git a/src/conn-tools/deps-exe/s6-ipcclient b/src/conn-tools/deps-exe/s6-ipcclient deleted file mode 100644 index 19869b2..0000000 --- a/src/conn-tools/deps-exe/s6-ipcclient +++ /dev/null @@ -1,2 +0,0 @@ --lskarnet -${SOCKET_LIB} diff --git a/src/conn-tools/deps-exe/s6-ipcserver b/src/conn-tools/deps-exe/s6-ipcserver deleted file mode 100644 index e7187fe..0000000 --- a/src/conn-tools/deps-exe/s6-ipcserver +++ /dev/null @@ -1 +0,0 @@ --lskarnet diff --git a/src/conn-tools/deps-exe/s6-ipcserver-access b/src/conn-tools/deps-exe/s6-ipcserver-access deleted file mode 100644 index f328786..0000000 --- a/src/conn-tools/deps-exe/s6-ipcserver-access +++ /dev/null @@ -1,3 +0,0 @@ -${LIBS6NET} --lskarnet -${SOCKET_LIB} diff --git a/src/conn-tools/deps-exe/s6-ipcserver-socketbinder b/src/conn-tools/deps-exe/s6-ipcserver-socketbinder deleted file mode 100644 index 19869b2..0000000 --- a/src/conn-tools/deps-exe/s6-ipcserver-socketbinder +++ /dev/null @@ -1,2 +0,0 @@ --lskarnet -${SOCKET_LIB} diff --git a/src/conn-tools/deps-exe/s6-ipcserverd b/src/conn-tools/deps-exe/s6-ipcserverd deleted file mode 100644 index 19869b2..0000000 --- a/src/conn-tools/deps-exe/s6-ipcserverd +++ /dev/null @@ -1,2 +0,0 @@ --lskarnet -${SOCKET_LIB} diff --git a/src/conn-tools/deps-exe/s6-sudo b/src/conn-tools/deps-exe/s6-sudo deleted file mode 100644 index e7187fe..0000000 --- a/src/conn-tools/deps-exe/s6-sudo +++ /dev/null @@ -1 +0,0 @@ --lskarnet diff --git a/src/conn-tools/deps-exe/s6-sudoc b/src/conn-tools/deps-exe/s6-sudoc deleted file mode 100644 index e027835..0000000 --- a/src/conn-tools/deps-exe/s6-sudoc +++ /dev/null @@ -1,3 +0,0 @@ --lskarnet -${SOCKET_LIB} -${TAINNOW_LIB} diff --git a/src/conn-tools/deps-exe/s6-sudod b/src/conn-tools/deps-exe/s6-sudod deleted file mode 100644 index e027835..0000000 --- a/src/conn-tools/deps-exe/s6-sudod +++ /dev/null @@ -1,3 +0,0 @@ --lskarnet -${SOCKET_LIB} -${TAINNOW_LIB} diff --git a/src/conn-tools/deps-exe/s6-tcpserver-access b/src/conn-tools/deps-exe/s6-tcpserver-access index 661b207..87a105c 100644 --- a/src/conn-tools/deps-exe/s6-tcpserver-access +++ b/src/conn-tools/deps-exe/s6-tcpserver-access @@ -1,5 +1,6 @@ ${LIBS6NET} -ls6dns +-ls6 -lskarnet ${SOCKET_LIB} ${TAINNOW_LIB} diff --git a/src/conn-tools/deps-exe/seekablepipe b/src/conn-tools/deps-exe/seekablepipe deleted file mode 100644 index e7187fe..0000000 --- a/src/conn-tools/deps-exe/seekablepipe +++ /dev/null @@ -1 +0,0 @@ --lskarnet diff --git a/src/conn-tools/s6-accessrules-cdb-from-fs.c b/src/conn-tools/s6-accessrules-cdb-from-fs.c deleted file mode 100644 index 82da64c..0000000 --- a/src/conn-tools/s6-accessrules-cdb-from-fs.c +++ /dev/null @@ -1,195 +0,0 @@ -/* ISC license. */ - -#include <unistd.h> -#include <errno.h> -#include <stdio.h> /* for rename() */ -#include <skalibs/bytestr.h> -#include <skalibs/uint16.h> -#include <skalibs/fmtscan.h> -#include <skalibs/cdb_make.h> -#include <skalibs/strerr2.h> -#include <skalibs/stralloc.h> -#include <skalibs/direntry.h> -#include <skalibs/djbunix.h> -#include <skalibs/skamisc.h> -#include <skalibs/random.h> - -#define USAGE "s6-accessrules-cdb-from-fs cdbfile dir" - -static stralloc tmp = STRALLOC_ZERO ; - -static void cleanup (void) -{ - register int e = errno ; - unlink(tmp.s) ; - errno = e ; -} - -static void dienomem (void) -{ - cleanup() ; - strerr_diefu1sys(111, "stralloc_catb") ; -} - -static void doit (struct cdb_make *c, stralloc *sa, unsigned int start) -{ - unsigned int tmpbase = tmp.len ; - unsigned int k = sa->len ; - if (!stralloc_readyplus(sa, 10)) dienomem() ; - stralloc_catb(sa, "/allow", 7) ; - tmp.s[tmpbase] = 0 ; - if (access(sa->s, R_OK) < 0) - { - if ((errno != ENOENT) && (errno != EACCES)) - { - cleanup() ; - strerr_diefu2sys(111, "access ", sa->s) ; - } - sa->len = k+1 ; - stralloc_catb(sa, "deny", 5) ; - if (access(sa->s, R_OK) < 0) - if ((errno != ENOENT) && (errno != EACCES)) - { - cleanup() ; - strerr_diefu2sys(111, "access ", sa->s) ; - } - else return ; - else if (cdb_make_add(c, sa->s + start, k - start, "D", 1) < 0) - { - cleanup() ; - strerr_diefu1sys(111, "cdb_make_add") ; - } - } - else - { - uint16 envlen = 0 ; - uint16 execlen = 0 ; - register int r ; - tmp.s[tmpbase] = 'A' ; - sa->len = k+1 ; - stralloc_catb(sa, "env", 4) ; - tmp.len = tmpbase + 3 ; - if ((envdir(sa->s, &tmp) < 0) && (errno != ENOENT)) - { - cleanup() ; - strerr_diefu2sys(111, "s6_envdir ", sa->s) ; - } - if (tmp.len > tmpbase + 4103) - { - cleanup() ; - strerr_diefu2sys(100, sa->s, "too big") ; - } - envlen = tmp.len - tmpbase - 3 ; - tmp.len = tmpbase ; - uint16_pack_big(tmp.s + tmpbase + 1, envlen) ; - sa->len = k+1 ; - stralloc_catb(sa, "exec", 5) ; - r = openreadnclose(sa->s, tmp.s + tmpbase + 5 + envlen, 4096) ; - if ((r < 0) && (errno != ENOENT)) - { - cleanup() ; - strerr_diefu2sys(111, "openreadnclose ", sa->s) ; - } - if (r > 0) execlen = r ; - uint16_pack_big(tmp.s + tmpbase + 3 + envlen, execlen) ; - if (cdb_make_add(c, sa->s + start, k - start, tmp.s + tmpbase, 5 + envlen + execlen) < 0) - { - cleanup() ; - strerr_diefu1sys(111, "cdb_make_add") ; - } - } -} - - -int main (int argc, char const *const *argv) -{ - stralloc sa = STRALLOC_ZERO ; - struct cdb_make c = CDB_MAKE_ZERO ; - DIR *dir ; - unsigned int start ; - int fd ; - PROG = "s6-accessrules-cdb-from-fs" ; - if (argc < 3) strerr_dieusage(100, USAGE) ; - if (!stralloc_cats(&tmp, argv[1])) return 0 ; - if (random_sauniquename(&tmp, 8) < 0) - strerr_diefu1sys(111, "random_sauniquename") ; - if (!stralloc_readyplus(&tmp, 8210)) - strerr_diefu1sys(111, "stralloc_catb") ; - stralloc_0(&tmp) ; - fd = open_trunc(tmp.s) ; - if (fd < 0) strerr_diefu2sys(111, "open_trunc ", tmp.s) ; - if (cdb_make_start(&c, fd) < 0) - { - cleanup() ; - strerr_diefu1sys(111, "cdb_make_start") ; - } - dir = opendir(argv[2]) ; - if (!dir) - { - cleanup() ; - strerr_diefu2sys(111, "opendir ", argv[2]) ; - } - if (!stralloc_cats(&sa, argv[2]) || !stralloc_catb(&sa, "/", 1)) dienomem() ; - start = sa.len ; - - for (;;) - { - DIR *subdir ; - direntry *d ; - unsigned int base ; - errno = 0 ; - d = readdir(dir) ; - if (!d) break ; - if (d->d_name[0] == '.') continue ; - sa.len = start ; - if (!stralloc_cats(&sa, d->d_name) || !stralloc_0(&sa)) dienomem() ; - base = sa.len ; - subdir = opendir(sa.s) ; - if (!subdir) - { - cleanup() ; - strerr_diefu2sys(111, "opendir ", sa.s) ; - } - sa.s[base-1] = '/' ; - for (;;) - { - errno = 0 ; - d = readdir(subdir) ; - if (!d) break ; - if (d->d_name[0] == '.') continue ; - sa.len = base ; - if (!stralloc_cats(&sa, d->d_name)) dienomem() ; - doit(&c, &sa, start) ; - } - if (errno) - { - sa.s[base-1] = 0 ; - cleanup() ; - strerr_diefu2sys(111, "readdir ", sa.s) ; - } - dir_close(subdir) ; - } - if (errno) - { - cleanup() ; - strerr_diefu2sys(111, "readdir ", argv[2]) ; - } - dir_close(dir) ; - if (cdb_make_finish(&c) < 0) - { - cleanup() ; - strerr_diefu1sys(111, "cdb_make_finish") ; - } - if (fd_sync(fd) < 0) - { - cleanup() ; - strerr_diefu1sys(111, "fd_sync") ; - } - fd_close(fd) ; - if (rename(tmp.s, argv[1]) < 0) - { - cleanup() ; - strerr_diefu4sys(111, "rename ", tmp.s, " to ", argv[1]) ; - } - return 0 ; -} diff --git a/src/conn-tools/s6-accessrules-fs-from-cdb.c b/src/conn-tools/s6-accessrules-fs-from-cdb.c deleted file mode 100644 index cbe67ef..0000000 --- a/src/conn-tools/s6-accessrules-fs-from-cdb.c +++ /dev/null @@ -1,177 +0,0 @@ -/* ISC license. */ - -#include <sys/types.h> -#include <sys/stat.h> -#include <errno.h> -#include <unistd.h> -#include <skalibs/bytestr.h> -#include <skalibs/uint16.h> -#include <skalibs/uint32.h> -#include <skalibs/cdb.h> -#include <skalibs/strerr2.h> -#include <skalibs/djbunix.h> - -#define USAGE "s6-accessrules-fs-from-cdb dir cdbfile" - -static char const *basedir ; -unsigned int basedirlen ; - -static void cleanup () -{ - int e = errno ; - rm_rf(basedir) ; - errno = e ; -} - -static int domkdir (char const *s) -{ - return mkdir(s, S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH | S_ISGID) < 0 ? (errno == EEXIST) : 1 ; -} - -static void mkdirp (char *s) -{ - mode_t m = umask(0) ; - unsigned int len = str_len(s) ; - register unsigned int i = basedirlen + 1 ; - for (; i < len ; i++) if (s[i] == '/') - { - s[i] = 0 ; - if (!domkdir(s)) goto err ; - s[i] = '/' ; - } - if (!domkdir(s)) goto err ; - umask(m) ; - return ; - - err: - cleanup() ; - strerr_diefu2sys(111, "mkdir ", s) ; -} - -static void touchtrunc (char const *file) -{ - register int fd = open_trunc(file) ; - if (fd < 0) strerr_diefu2sys(111, "open_trunc ", file) ; - fd_close(fd) ; -} - -static int doenv (char const *dir, unsigned int dirlen, char *env, unsigned int envlen) -{ - mode_t m = umask(0) ; - unsigned int i = 0 ; - if (!domkdir(dir)) - { - cleanup() ; - strerr_diefu2sys(111, "mkdir ", dir) ; - } - umask(m) ; - while (i < envlen) - { - unsigned int n = byte_chr(env + i, envlen - i, 0) ; - if (i + n >= envlen) return 0 ; - { - unsigned int p = byte_chr(env + i, n, '=') ; - char tmp[dirlen + p + 2] ; - byte_copy(tmp, dirlen, dir) ; - tmp[dirlen] = '/' ; - byte_copy(tmp + dirlen + 1, p, env + i) ; - tmp[dirlen + p + 1] = 0 ; - if (p < n) - { - env[i+n] = '\n' ; - if (!openwritenclose_unsafe(tmp, env + i + p + 1, n - p)) - { - cleanup() ; - strerr_diefu2sys(111, "openwritenclose_unsafe ", tmp) ; - } - } - else touchtrunc(tmp) ; - } - i += n + 1 ; - } - return 1 ; -} - -static int doit (struct cdb *c) -{ - unsigned int klen = cdb_keylen(c) ; - unsigned int dlen = cdb_datalen(c) ; - { - uint16 envlen, execlen ; - char name[basedirlen + klen + 8] ; - char data[dlen] ; - byte_copy(name, basedirlen, basedir) ; - name[basedirlen] = '/' ; - if (!dlen || (dlen > 8201)) return (errno = EINVAL, 0) ; - if ((cdb_read(c, name+basedirlen+1, klen, cdb_keypos(c)) < 0) - || (cdb_read(c, data, dlen, cdb_datapos(c)) < 0)) - { - cleanup() ; - strerr_diefu1sys(111, "cdb_read") ; - } - name[basedirlen + klen + 1] = 0 ; - mkdirp(name) ; - name[basedirlen + klen + 1] = '/' ; - if (data[0] == 'A') - { - byte_copy(name + basedirlen + klen + 2, 6, "allow") ; - touchtrunc(name) ; - } - else if (data[0] == 'D') - { - byte_copy(name + basedirlen + klen + 2, 5, "deny") ; - touchtrunc(name) ; - } - if (dlen < 3) return 1 ; - uint16_unpack_big(data + 1, &envlen) ; - if ((envlen > 4096U) || (3U + envlen > dlen)) return (errno = EINVAL, 0) ; - uint16_unpack_big(data + 3 + envlen, &execlen) ; - if ((execlen > 4096U) || (5U + envlen + execlen != dlen)) return (errno = EINVAL, 0) ; - if (envlen) - { - byte_copy(name + basedirlen + klen + 2, 4, "env") ; - if (!doenv(name, basedirlen + klen + 5, data + 3, envlen)) return (errno = EINVAL, 0) ; - } - byte_copy(name + basedirlen + klen + 2, 5, "exec") ; - if (execlen && !openwritenclose_unsafe(name, data + 5 + envlen, execlen)) - { - cleanup() ; - strerr_diefu2sys(111, "openwritenclose_unsafe ", name) ; - } - } - return 1 ; -} - -int main (int argc, char const *const *argv) -{ - struct cdb c = CDB_ZERO ; - uint32 kpos ; - PROG = "s6-accessrules-fs-from-cdb" ; - if (argc < 3) strerr_dieusage(100, USAGE) ; - if (cdb_mapfile(&c, argv[2]) < 0) strerr_diefu1sys(111, "cdb_mapfile") ; - basedir = argv[1] ; - basedirlen = str_len(argv[1]) ; - { - mode_t m = umask(0) ; - if (mkdir(basedir, S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH | S_ISGID) < 0) - strerr_diefu2sys(111, "mkdir ", basedir) ; - umask(m) ; - } - cdb_traverse_init(&c, &kpos) ; - for (;;) - { - register int r = cdb_nextkey(&c, &kpos) ; - if (r < 0) - { - cleanup() ; - strerr_diefu1sys(111, "cdb_nextkey") ; - } - else if (!r) break ; - else if (!doit(&c)) - { - cleanup() ; - strerr_diefu1sys(111, "handle key") ; - } - } - return 0 ; -} diff --git a/src/conn-tools/s6-connlimit.c b/src/conn-tools/s6-connlimit.c deleted file mode 100644 index 19f4a2d..0000000 --- a/src/conn-tools/s6-connlimit.c +++ /dev/null @@ -1,39 +0,0 @@ -/* ISC license. */ - -#include <skalibs/uint.h> -#include <skalibs/bytestr.h> -#include <skalibs/strerr2.h> -#include <skalibs/env.h> -#include <skalibs/djbunix.h> - -int main (int argc, char const *const *argv, char const *const *envp) -{ - char const *x ; - unsigned int protolen ; - PROG = "s6-connlimit" ; - x = env_get2(envp, "PROTO") ; - if (!x) strerr_dienotset(100, "PROTO") ; - protolen = str_len(x) ; - if (!protolen) strerr_dief1x(100, "empty PROTO") ; - { - unsigned int num ; - char s[protolen + 8] ; - byte_copy(s, protolen, x) ; - byte_copy(s + protolen, 8, "CONNNUM") ; - x = env_get2(envp, s) ; - if (!x) strerr_dienotset(100, s) ; - if (!uint0_scan(x, &num)) strerr_dief2x(100, "invalid ", s) ; - byte_copy(s + protolen + 4, 4, "MAX") ; - x = env_get2(envp, s) ; - if (x) - { - unsigned int max ; - if (!uint0_scan(x, &max)) strerr_dief2x(100, "invalid ", s) ; - if (num > max) - strerr_dief2x(1, "number of connections from this client limited to ", x) ; - } - } - pathexec0_run(argv+1, envp) ; - (void)argc ; - strerr_dieexec(111, argv[1]) ; -} diff --git a/src/conn-tools/s6-ioconnect.c b/src/conn-tools/s6-ioconnect.c deleted file mode 100644 index a0217bb..0000000 --- a/src/conn-tools/s6-ioconnect.c +++ /dev/null @@ -1,187 +0,0 @@ -/* ISC license. */ - -#include <skalibs/nonposix.h> -#include <sys/socket.h> -#include <errno.h> -#include <signal.h> -#include <skalibs/uint.h> -#include <skalibs/allreadwrite.h> -#include <skalibs/sgetopt.h> -#include <skalibs/error.h> -#include <skalibs/iobuffer.h> -#include <skalibs/sig.h> -#include <skalibs/selfpipe.h> -#include <skalibs/strerr2.h> -#include <skalibs/tai.h> -#include <skalibs/iopause.h> -#include <skalibs/djbunix.h> - -#define USAGE "s6-ioconnect [ -t timeout ] [ -r fdr ] [ -w fdw ] [ -0 ] [ -1 ] [ -6 ] [ -7 ]" -#define dieusage() strerr_dieusage(100, USAGE) - - -typedef struct ioblah_s ioblah_t, *ioblah_t_ref ; -struct ioblah_s -{ - unsigned int fd ; - unsigned int xindex ; - unsigned int flagsocket : 1 ; - unsigned int flagopen : 1 ; -} ; - -static ioblah_t a[2][2] = { { { 0, 4, 0, 1 }, { 7, 4, 0, 1 } }, { { 6, 4, 0, 1 }, { 1, 4, 0, 1 } } } ; -static iobuffer b[2] ; -static iopause_fd x[5] = { { -1, IOPAUSE_READ, 0 } } ; - -static void closeit (unsigned int i, unsigned int j) -{ - if (a[i][j].flagsocket) - { - if ((shutdown(a[i][j].fd, j) < 0) && (errno != ENOTSOCK) && (errno != ENOTCONN)) - strerr_warnwu4sys("shutdown ", i ? "incoming" : "outgoing", " socket for ", j ? "writing" : "reading") ; - } - fd_close(a[i][j].fd) ; - a[i][j].flagopen = 0 ; - a[i][j].xindex = 5 ; -} - -static inline void finishit (unsigned int i) -{ - closeit(i, 1) ; - iobuffer_finish(&b[i]) ; -} - -static void handle_signals (void) -{ - for (;;) - { - char c = selfpipe_read() ; - switch (c) - { - case -1 : strerr_diefu1sys(111, "selfpipe_read") ; - case 0 : return ; - case SIGTERM : - { - if (a[0][0].xindex < 5) x[a[0][0].xindex].revents |= IOPAUSE_EXCEPT ; - if (a[1][0].xindex < 5) x[a[1][0].xindex].revents |= IOPAUSE_EXCEPT ; - break ; - } - default : - strerr_dief1x(101, "internal error: inconsistent signal state. Please submit a bug-report.") ; - } - } -} - -int main (int argc, char const *const *argv) -{ - tain_t tto ; - register unsigned int i, j ; - PROG = "s6-ioconnect" ; - { - subgetopt_t l = SUBGETOPT_ZERO ; - unsigned int t = 0 ; - for (;;) - { - register int opt = subgetopt_r(argc, argv, "0167t:r:w:", &l) ; - if (opt < 0) break ; - switch (opt) - { - case '0' : a[0][0].flagsocket = 1 ; break ; - case '1' : a[1][1].flagsocket = 1 ; break ; - case '6' : a[1][0].flagsocket = 1 ; break ; - case '7' : a[0][1].flagsocket = 1 ; break ; - case 't' : if (!uint0_scan(l.arg, &t)) dieusage() ; break ; - case 'r' : if (!uint0_scan(l.arg, &a[1][0].fd)) dieusage() ; break ; - case 'w' : if (!uint0_scan(l.arg, &a[0][1].fd)) dieusage() ; break ; - default : dieusage() ; - } - } - if (t) tain_from_millisecs(&tto, t) ; else tto = tain_infinite_relative ; - argc -= l.ind ; argv += l.ind ; - } - if ((a[0][1].fd < 3) || (a[1][0].fd < 3)) dieusage() ; - for (i = 0 ; i < 2 ; i++) - { - for (j = 0 ; j < 2 ; j++) - if (ndelay_on(a[i][j].fd) == -1) strerr_diefu1sys(111, "ndelay_on") ; - if (!iobuffer_init(&b[i], a[i][0].fd, a[i][1].fd) < 0) strerr_diefu1sys(111, "iobuffer_init") ; - } - if (sig_ignore(SIGPIPE) == -1) strerr_diefu1sys(111, "sig_ignore") ; - tain_now_g() ; - x[0].fd = selfpipe_init() ; - if (x[0].fd < 0) strerr_diefu1sys(111, "selfpipe_init") ; - if (selfpipe_trap(SIGTERM) < 0) - strerr_diefu1sys(111, "trap SIGTERM") ; - - for (;;) - { - tain_t deadline ; - unsigned int xlen = 1 ; - int r ; - - tain_add_g(&deadline, iobuffer_isempty(&b[0]) && iobuffer_isempty(&b[1]) ? &tto : &tain_infinite_relative) ; - for (i = 0 ; i < 2 ; i++) - { - a[i][0].xindex = 5 ; - if (a[i][0].flagopen && iobuffer_isreadable(&b[i])) - { - x[xlen].fd = a[i][0].fd ; - x[xlen].events = IOPAUSE_READ ; - a[i][0].xindex = xlen++ ; - } - a[i][1].xindex = 5 ; - if (a[i][1].flagopen) - { - x[xlen].fd = a[i][1].fd ; - x[xlen].events = IOPAUSE_EXCEPT | (iobuffer_isempty(&b[i]) ? 0 : IOPAUSE_WRITE) ; - a[i][1].xindex = xlen++ ; - } - } - if (xlen <= 1) break ; - - r = iopause_g(x, xlen, &deadline) ; - if (r < 0) strerr_diefu1sys(111, "iopause") ; - else if (!r) return 1 ; - - if (x[0].revents & IOPAUSE_READ) handle_signals() ; - - for (i = 0 ; i < 2 ; i++) if (a[i][1].xindex < 5) - { - if (x[a[i][1].xindex].revents & IOPAUSE_WRITE) - { - if (!iobuffer_flush(&b[i])) - { - if (!error_isagain(errno)) x[a[i][1].xindex].revents |= IOPAUSE_EXCEPT ; - } - else if (!a[i][0].flagopen) finishit(i) ; - } - if (x[a[i][1].xindex].revents & IOPAUSE_EXCEPT) - { - if (!iobuffer_isempty(&b[i])) - { - iobuffer_flush(&b[i]) ; /* sets errno */ - strerr_warnwu3sys("write ", i ? "incoming" : "outgoing", " data") ; - } - closeit(i, 0) ; finishit(i) ; - } - } - - for (i = 0 ; i < 2 ; i++) if (a[i][0].xindex < 5) - { - if (x[a[i][0].xindex].revents & IOPAUSE_READ) - { - if (sanitize_read(iobuffer_fill(&b[i])) < 0) - { - if (errno != EPIPE) strerr_warnwu3sys("read ", i ? "incoming" : "outgoing", " data") ; - x[a[i][0].xindex].revents |= IOPAUSE_EXCEPT ; - } - } - if (x[a[i][0].xindex].revents & IOPAUSE_EXCEPT) - { - closeit(i, 0) ; - if (iobuffer_isempty(&b[i])) finishit(i) ; - } - } - } - return 0 ; -} diff --git a/src/conn-tools/s6-ipcclient.c b/src/conn-tools/s6-ipcclient.c deleted file mode 100644 index c9aba1e..0000000 --- a/src/conn-tools/s6-ipcclient.c +++ /dev/null @@ -1,66 +0,0 @@ -/* ISC license. */ - -#include <skalibs/sgetopt.h> -#include <skalibs/strerr2.h> -#include <skalibs/env.h> -#include <skalibs/djbunix.h> -#include <skalibs/webipc.h> - -#define USAGE "s6-ipcclient [ -q | -Q | -v ] [ -p bindpath ] [ -l localname ] path prog..." - -int main (int argc, char const *const *argv, char const *const *envp) -{ - char const *bindpath = 0 ; - char const *localname = 0 ; - unsigned int verbosity = 1 ; - PROG = "s6-ipcclient" ; - { - subgetopt_t l = SUBGETOPT_ZERO ; - for (;;) - { - register int opt = subgetopt_r(argc, argv, "qQvp:l:", &l) ; - if (opt == -1) break ; - switch (opt) - { - case 'q' : if (verbosity) verbosity-- ; break ; - case 'Q' : verbosity = 1 ; break ; - case 'v' : verbosity++ ; break ; - case 'p' : bindpath = l.arg ; break ; - case 'l' : localname = l.arg ; break ; - default : strerr_dieusage(100, USAGE) ; - } - } - argc -= l.ind ; argv += l.ind ; - } - if (argc < 2) strerr_dieusage(100, USAGE) ; - { - char modif[24 + IPCPATH_MAX] = "PROTO=IPC\0IPCLOCALPATH=" ; - unsigned int i = 23 ; - int s = ipc_stream() ; - if (s == -1) strerr_diefu1sys(111, "create socket") ; - if (bindpath && (ipc_bind(s, bindpath) == -1)) - strerr_diefu2sys(111, "bind socket to ", bindpath) ; - if (!ipc_connect(s, argv[0])) - strerr_diefu2sys(111, "connect to ", argv[0]) ; - if (verbosity >= 2) strerr_warn3x(PROG, ": connected to ", argv[0]) ; - if (localname) - { - register unsigned int n = str_len(localname) ; - if (n > IPCPATH_MAX) n = IPCPATH_MAX ; - byte_copy(modif + i, n, localname) ; - i += n ; modif[i++] = 0 ; - } - else - { - int dummy ; - if (ipc_local(s, modif + i, IPCPATH_MAX, &dummy) < 0) modif[--i] = 0 ; - else i += str_len(modif + i) + 1 ; - } - if (fd_move(6, s) < 0) - strerr_diefu2sys(111, "set up fd ", "6") ; - if (fd_copy(7, 6) < 0) - strerr_diefu2sys(111, "set up fd ", "7") ; - pathexec_r(argv+1, envp, env_len(envp), modif, i) ; - } - strerr_dieexec(111, argv[1]) ; -} diff --git a/src/conn-tools/s6-ipcserver-access.c b/src/conn-tools/s6-ipcserver-access.c deleted file mode 100644 index 183f56c..0000000 --- a/src/conn-tools/s6-ipcserver-access.c +++ /dev/null @@ -1,211 +0,0 @@ -/* ISC license. */ - -#include <unistd.h> -#include <errno.h> -#include <skalibs/gccattributes.h> -#include <skalibs/uint.h> -#include <skalibs/strerr2.h> -#include <skalibs/sgetopt.h> -#include <skalibs/cdb.h> -#include <skalibs/env.h> -#include <skalibs/djbunix.h> -#include <skalibs/webipc.h> -#include <execline/config.h> -#include <s6-networking/accessrules.h> - -#define USAGE "s6-ipcserver-access [ -v verbosity ] [ -e | -E ] [ -l localname ] [ -i rulesdir | -x rulesfile ] prog..." - -static unsigned int verbosity = 1 ; - - /* Utility functions */ - -static inline void dieusage (void) gccattr_noreturn ; -static inline void dieusage () -{ - strerr_dieusage(100, USAGE) ; -} - -static inline void dienomem (void) gccattr_noreturn ; -static inline void dienomem () -{ - strerr_diefu1sys(111, "update environment") ; -} - -static inline void X (void) gccattr_noreturn ; -static inline void X () -{ - strerr_dief1x(101, "internal inconsistency. Please submit a bug-report.") ; -} - - - /* Logging */ - -static void logit (unsigned int pid, unsigned int uid, unsigned int gid, int h) -{ - char fmtpid[UINT_FMT] ; - char fmtuid[UINT_FMT] ; - char fmtgid[UINT_FMT] ; - fmtpid[uint_fmt(fmtpid, pid)] = 0 ; - fmtuid[uint_fmt(fmtuid, uid)] = 0 ; - fmtgid[uint_fmt(fmtgid, gid)] = 0 ; - if (h) strerr_warni7x("allow", " pid ", fmtpid, " uid ", fmtuid, " gid ", fmtgid) ; - else strerr_warni7sys("deny", " pid ", fmtpid, " uid ", fmtuid, " gid ", fmtgid) ; -} - -static inline void log_accept (unsigned int pid, unsigned int uid, unsigned int gid) -{ - logit(pid, uid, gid, 1) ; -} - -static inline void log_deny (unsigned int pid, unsigned int uid, unsigned int gid) -{ - logit(pid, uid, gid, 0) ; -} - - - /* Checking */ - -static s6net_accessrules_result_t check_cdb (unsigned int uid, unsigned int gid, char const *file, s6net_accessrules_params_t *params) -{ - struct cdb c = CDB_ZERO ; - int fd = open_readb(file) ; - register s6net_accessrules_result_t r ; - if (fd < 0) return -1 ; - if (cdb_init(&c, fd) < 0) strerr_diefu2sys(111, "cdb_init ", file) ; - r = s6net_accessrules_uidgid_cdb(uid, gid, &c, params) ; - cdb_free(&c) ; - fd_close(fd) ; - return r ; -} - -static inline int check (s6net_accessrules_params_t *params, char const *rules, unsigned int rulestype, unsigned int uid, unsigned int gid) -{ - char const *x = "" ; - s6net_accessrules_result_t r ; - switch (rulestype) - { - case 0 : - if (verbosity >= 2) strerr_warnw1x("invoked without a ruleset!") ; - return 1 ; - case 1 : - r = s6net_accessrules_uidgid_fs(uid, gid, rules, params) ; - x = "fs" ; - break ; - case 2 : - r = check_cdb(uid, gid, rules, params) ; - x = "cdb" ; - break ; - default : X() ; - } - switch (r) - { - case S6NET_ACCESSRULES_ERROR : strerr_diefu4sys(111, "check ", x, " ruleset in ", rules) ; - case S6NET_ACCESSRULES_ALLOW : return 1 ; - case S6NET_ACCESSRULES_DENY : return (errno = EACCES, 0) ; - case S6NET_ACCESSRULES_NOTFOUND : return (errno = ENOENT, 0) ; - default : X() ; - } -} - - -int main (int argc, char const *const *argv, char const *const *envp) -{ - s6net_accessrules_params_t params = S6NET_ACCESSRULES_PARAMS_ZERO ; - char const *rules = 0 ; - char const *localname = 0 ; - char const *proto ; - unsigned int protolen ; - unsigned int uid = 0, gid = 0 ; - unsigned int rulestype = 0 ; - int doenv = 1 ; - PROG = "s6-ipcserver-access" ; - { - subgetopt_t l = SUBGETOPT_ZERO ; - for (;;) - { - register int opt = subgetopt_r(argc, argv, "v:Eel:i:x:", &l) ; - if (opt == -1) break ; - switch (opt) - { - case 'v' : if (!uint0_scan(l.arg, &verbosity)) dieusage() ; break ; - case 'E' : doenv = 0 ; break ; - case 'e' : doenv = 1 ; break ; - case 'l' : localname = l.arg ; break ; - case 'i' : rules = l.arg ; rulestype = 1 ; break ; - case 'x' : rules = l.arg ; rulestype = 2 ; break ; - default : dieusage() ; - } - } - argc -= l.ind ; argv += l.ind ; - } - if (!argc) dieusage() ; - if (!*argv[0]) dieusage() ; - - proto = env_get2(envp, "PROTO") ; - if (!proto) strerr_dienotset(100, "PROTO") ; - protolen = str_len(proto) ; - - { - char const *x ; - char tmp[protolen + 11] ; - byte_copy(tmp, protolen, proto) ; - byte_copy(tmp + protolen, 11, "REMOTEEUID") ; - x = env_get2(envp, tmp) ; - if (!x) strerr_dienotset(100, tmp) ; - if (!uint0_scan(x, &uid)) strerr_dieinvalid(100, tmp) ; - tmp[protolen + 7] = 'G' ; - x = env_get2(envp, tmp) ; - if (!x) strerr_dienotset(100, tmp) ; - if (!uint0_scan(x, &gid)) strerr_dieinvalid(100, tmp) ; - } - - if (!check(¶ms, rules, rulestype, uid, gid)) - { - if (verbosity >= 2) log_deny(getpid(), uid, gid) ; - return 1 ; - } - if (verbosity) log_accept(getpid(), uid, gid) ; - - if (doenv) - { - char tmp[protolen + 10] ; - byte_copy(tmp, protolen, proto) ; - byte_copy(tmp + protolen, 10, "LOCALPATH") ; - if (localname) - { - if (!env_addmodif(¶ms.env, tmp, localname)) dienomem() ; - } - else - { - char curname[IPCPATH_MAX+1] ; - int dummy ; - if (ipc_local(0, curname, IPCPATH_MAX+1, &dummy) < 0) - strerr_diefu1sys(111, "ipc_local") ; - if (!env_addmodif(¶ms.env, tmp, curname)) dienomem() ; - } - } - else - { - char tmp[protolen + 11] ; - byte_copy(tmp, protolen, proto) ; - byte_copy(tmp + protolen, 11, "REMOTEEUID") ; - if (!env_addmodif(¶ms.env, "PROTO", 0)) dienomem() ; - if (!env_addmodif(¶ms.env, tmp, 0)) dienomem() ; - tmp[protolen + 7] = 'G' ; - if (!env_addmodif(¶ms.env, tmp, 0)) dienomem() ; - byte_copy(tmp + protolen + 6, 5, "PATH") ; - if (!env_addmodif(¶ms.env, tmp, 0)) dienomem() ; - byte_copy(tmp + protolen, 10, "LOCALPATH") ; - if (!env_addmodif(¶ms.env, tmp, 0)) dienomem() ; - } - - if (params.exec.len) - { - char *specialargv[4] = { EXECLINE_EXTBINPREFIX "execlineb", "-c", params.exec.s, 0 } ; - pathexec_r((char const *const *)specialargv, envp, env_len(envp), params.env.s, params.env.len) ; - strerr_dieexec(111, specialargv[0]) ; - } - - pathexec_r(argv, envp, env_len(envp), params.env.s, params.env.len) ; - strerr_dieexec(111, argv[0]) ; -} diff --git a/src/conn-tools/s6-ipcserver-socketbinder.c b/src/conn-tools/s6-ipcserver-socketbinder.c deleted file mode 100644 index b5a32f3..0000000 --- a/src/conn-tools/s6-ipcserver-socketbinder.c +++ /dev/null @@ -1,49 +0,0 @@ -/* ISC license. */ - -#include <sys/types.h> -#include <sys/stat.h> -#include <unistd.h> -#include <skalibs/uint.h> -#include <skalibs/sgetopt.h> -#include <skalibs/strerr2.h> -#include <skalibs/djbunix.h> -#include <skalibs/webipc.h> - -#define USAGE "s6-ipcserver-socketbinder [ -d | -D ] [ -b backlog ] path prog..." -#define dieusage() strerr_dieusage(100, USAGE) - -int main (int argc, char const *const *argv, char const *const *envp) -{ - unsigned int backlog = 20 ; - int flagreuse = 1 ; - PROG = "s6-ipcserver-socketbinder" ; - { - subgetopt_t l = SUBGETOPT_ZERO ; - for (;;) - { - register int opt = subgetopt_r(argc, argv, "Ddb:", &l) ; - if (opt == -1) break ; - switch (opt) - { - case 'D' : flagreuse = 0 ; break ; - case 'd' : flagreuse = 1 ; break ; - case 'b' : if (!uint0_scan(l.arg, &backlog)) dieusage() ; break ; - default : dieusage() ; - } - } - argc -= l.ind ; argv += l.ind ; - } - if (argc < 2) dieusage() ; - close(0) ; - if (ipc_stream()) strerr_diefu1sys(111, "create socket") ; - { - mode_t m = umask(0) ; - if ((flagreuse ? ipc_bind_reuse(0, argv[0]) : ipc_bind(0, argv[0])) < 0) - strerr_diefu2sys(111, "bind to ", argv[0]) ; - umask(m) ; - } - if (ipc_listen(0, backlog) < 0) strerr_diefu2sys(111, "listen to ", argv[0]) ; - - pathexec_run(argv[1], argv + 1, envp) ; - strerr_dieexec(111, argv[1]) ; -} diff --git a/src/conn-tools/s6-ipcserver.c b/src/conn-tools/s6-ipcserver.c deleted file mode 100644 index b6546f8..0000000 --- a/src/conn-tools/s6-ipcserver.c +++ /dev/null @@ -1,128 +0,0 @@ -/* ISC license. */ - -#include <sys/types.h> -#include <limits.h> -#include <skalibs/uint.h> -#include <skalibs/gidstuff.h> -#include <skalibs/sgetopt.h> -#include <skalibs/strerr2.h> -#include <skalibs/djbunix.h> -#include <s6/config.h> -#include <s6-networking/config.h> - -#define USAGE "s6-ipcserver [ -q | -Q | -v ] [ -d | -D ] [ -P | -p ] [ -1 ] [ -c maxconn ] [ -C localmaxconn ] [ -b backlog ] [ -G gid,gid,... ] [ -g gid ] [ -u uid ] [ -U ] path prog..." -#define dieusage() strerr_dieusage(100, USAGE) - -int main (int argc, char const *const *argv, char const *const *envp) -{ - unsigned int verbosity = 1 ; - int flag1 = 0 ; - int flagU = 0 ; - int flaglookup = 1 ; - int flagreuse = 1 ; - unsigned int uid = 0, gid = 0 ; - gid_t gids[NGROUPS_MAX] ; - unsigned int gidn = (unsigned int)-1 ; - unsigned int maxconn = 0 ; - unsigned int localmaxconn = 0 ; - unsigned int backlog = (unsigned int)-1 ; - PROG = "s6-ipcserver" ; - { - subgetopt_t l = SUBGETOPT_ZERO ; - for (;;) - { - register int opt = subgetopt_r(argc, argv, "qQvDd1UPpc:C:b:u:g:G:", &l) ; - if (opt == -1) break ; - switch (opt) - { - case 'q' : verbosity = 0 ; break ; - case 'Q' : verbosity = 1 ; break ; - case 'v' : verbosity = 2 ; break ; - case 'D' : flagreuse = 0 ; break ; - case 'd' : flagreuse = 1 ; break ; - case 'P' : flaglookup = 0 ; break ; - case 'p' : flaglookup = 1 ; break ; - case 'c' : if (!uint0_scan(l.arg, &maxconn)) dieusage() ; if (!maxconn) maxconn = 1 ; break ; - case 'C' : if (!uint0_scan(l.arg, &localmaxconn)) dieusage() ; if (!localmaxconn) localmaxconn = 1 ; break ; - case 'b' : if (!uint0_scan(l.arg, &backlog)) dieusage() ; break ; - case 'u' : if (!uint0_scan(l.arg, &uid)) dieusage() ; break ; - case 'g' : if (!uint0_scan(l.arg, &gid)) dieusage() ; break ; - case 'G' : if (!gid_scanlist(gids, NGROUPS_MAX, l.arg, &gidn) && *l.arg) dieusage() ; break ; - case '1' : flag1 = 1 ; break ; - case 'U' : flagU = 1 ; uid = 0 ; gid = 0 ; gidn = (unsigned int)-1 ; break ; - default : dieusage() ; - } - } - argc -= l.ind ; argv += l.ind ; - if (argc < 2) dieusage() ; - } - - { - unsigned int m = 0 ; - unsigned int pos = 0 ; - char fmt[UINT_FMT * 5 + GID_FMT * NGROUPS_MAX] ; - char const *newargv[24 + argc] ; - newargv[m++] = S6_NETWORKING_BINPREFIX "s6-ipcserver-socketbinder" ; - if (!flagreuse) newargv[m++] = "-D" ; - if (backlog != (unsigned int)-1) - { - newargv[m++] = "-b" ; - newargv[m++] = fmt + pos ; - pos += uint_fmt(fmt + pos, backlog) ; - fmt[pos++] = 0 ; - } - newargv[m++] = "--" ; - newargv[m++] = *argv++ ; - if (flagU || uid || gid || gidn != (unsigned int)-1) - { - newargv[m++] = S6_EXTBINPREFIX "s6-applyuidgid" ; - if (flagU) newargv[m++] = "-Uz" ; - if (uid) - { - newargv[m++] = "-u" ; - newargv[m++] = fmt + pos ; - pos += uint_fmt(fmt + pos, uid) ; - fmt[pos++] = 0 ; - } - if (gid) - { - newargv[m++] = "-g" ; - newargv[m++] = fmt + pos ; - pos += uint_fmt(fmt + pos, gid) ; - fmt[pos++] = 0 ; - } - if (gidn != (unsigned int)-1) - { - newargv[m++] = "-G" ; - newargv[m++] = fmt + pos ; - pos += gid_fmtlist(fmt + pos, gids, gidn) ; - fmt[pos++] = 0 ; - } - newargv[m++] = "--" ; - } - newargv[m++] = S6_NETWORKING_BINPREFIX "s6-ipcserverd" ; - if (!verbosity) newargv[m++] = "-v0" ; - else if (verbosity == 2) newargv[m++] = "-v2" ; - if (flag1) newargv[m++] = "-1" ; - if (!flaglookup) newargv[m++] = "-P" ; - if (maxconn) - { - newargv[m++] = "-c" ; - newargv[m++] = fmt + pos ; - pos += uint_fmt(fmt + pos, maxconn) ; - fmt[pos++] = 0 ; - } - if (localmaxconn) - { - newargv[m++] = "-C" ; - newargv[m++] = fmt + pos ; - pos += uint_fmt(fmt + pos, localmaxconn) ; - fmt[pos++] = 0 ; - } - newargv[m++] = "--" ; - while (*argv) newargv[m++] = *argv++ ; - newargv[m++] = 0 ; - pathexec_run(newargv[0], newargv, envp) ; - strerr_dieexec(111, newargv[0]) ; - } -} diff --git a/src/conn-tools/s6-ipcserverd.c b/src/conn-tools/s6-ipcserverd.c deleted file mode 100644 index 4afe5cc..0000000 --- a/src/conn-tools/s6-ipcserverd.c +++ /dev/null @@ -1,399 +0,0 @@ -/* ISC license. */ - -#include <sys/types.h> -#include <sys/wait.h> -#include <errno.h> -#include <unistd.h> -#include <fcntl.h> -#include <signal.h> -#include <skalibs/uint.h> -#include <skalibs/gccattributes.h> -#include <skalibs/allreadwrite.h> -#include <skalibs/bytestr.h> -#include <skalibs/sgetopt.h> -#include <skalibs/strerr2.h> -#include <skalibs/diuint.h> -#include <skalibs/env.h> -#include <skalibs/djbunix.h> -#include <skalibs/sig.h> -#include <skalibs/selfpipe.h> -#include <skalibs/iopause.h> -#include <skalibs/webipc.h> - -#define USAGE "s6-ipcserverd [ -v verbosity ] [ -1 ] [ -P | -p ] [ -c maxconn ] [ -C localmaxconn ] prog..." - -#define ABSOLUTE_MAXCONN 1000 - -static unsigned int maxconn = 40 ; -static unsigned int localmaxconn = 40 ; -static char fmtmaxconn[UINT_FMT+1] = "/" ; -static char fmtlocalmaxconn[UINT_FMT+1] = "/" ; -static int flaglookup = 1 ; -static unsigned int verbosity = 1 ; -static int cont = 1 ; - -static diuint *piduid ; -static unsigned int numconn = 0 ; -static diuint *uidnum ; -static unsigned int uidlen = 0 ; - - - /* Utility functions */ - -static inline void dieusage () -{ - strerr_dieusage(100, USAGE) ; -} - -static inline void X (void) -{ - strerr_dief1x(101, "internal inconsistency. Please submit a bug-report.") ; -} - - - /* Lookup primitives */ - -static unsigned int lookup_diuint (diuint const *tab, unsigned int tablen, unsigned int key) -{ - register unsigned int i = 0 ; - for (; i < tablen ; i++) if (key == tab[i].left) break ; - return i ; -} - -static inline unsigned int lookup_pid (unsigned int pid) -{ - return lookup_diuint(piduid, numconn, pid) ; -} - -static inline unsigned int lookup_uid (unsigned int uid) -{ - return lookup_diuint(uidnum, uidlen, uid) ; -} - - - /* Logging */ - -static inline void log_start (void) -{ - strerr_warni1x("starting") ; -} - -static inline void log_exit (void) -{ - strerr_warni1x("exiting") ; -} - -static void log_status (void) -{ - char fmt[UINT_FMT] ; - fmt[uint_fmt(fmt, numconn)] = 0 ; - strerr_warni3x("status: ", fmt, fmtmaxconn) ; -} - -static void log_deny (unsigned int uid, unsigned int gid, unsigned int num) -{ - char fmtuid[UINT_FMT] = "?" ; - char fmtgid[UINT_FMT] = "?" ; - char fmtnum[UINT_FMT] = "?" ; - if (flaglookup) - { - fmtuid[uint_fmt(fmtuid, uid)] = 0 ; - fmtgid[uint_fmt(fmtgid, gid)] = 0 ; - fmtnum[uint_fmt(fmtnum, num)] = 0 ; - } - strerr_warni7sys("deny ", fmtuid, ":", fmtgid, " count ", fmtnum, fmtlocalmaxconn) ; -} - -static void log_accept (unsigned int pid, unsigned int uid, unsigned int gid, unsigned int num) -{ - char fmtuidgid[UINT_FMT * 2 + 1] = "?:?" ; - char fmtpid[UINT_FMT] ; - char fmtnum[UINT_FMT] = "?" ; - if (flaglookup) - { - register unsigned int n = uint_fmt(fmtuidgid, uid) ; - fmtuidgid[n++] = ':' ; - n += uint_fmt(fmtuidgid + n, gid) ; - fmtuidgid[n] = 0 ; - fmtnum[uint_fmt(fmtnum, num)] = 0 ; - } - fmtpid[uint_fmt(fmtpid, pid)] = 0 ; - strerr_warni7x("allow ", fmtuidgid, " pid ", fmtpid, " count ", fmtnum, fmtlocalmaxconn) ; -} - -static void log_close (unsigned int pid, unsigned int uid, int w) -{ - char fmtpid[UINT_FMT] ; - char fmtuid[UINT_FMT] = "?" ; - char fmtw[UINT_FMT] ; - fmtpid[uint_fmt(fmtpid, pid)] = 0 ; - if (flaglookup) fmtuid[uint_fmt(fmtuid, uid)] = 0 ; - fmtw[uint_fmt(fmtw, WIFSIGNALED(w) ? WTERMSIG(w) : WEXITSTATUS(w))] = 0 ; - strerr_warni6x("end pid ", fmtpid, " uid ", fmtuid, WIFSIGNALED(w) ? " signal " : " exitcode ", fmtw) ; -} - - - /* Signal handling */ - -static void killthem (int sig) -{ - register unsigned int i = 0 ; - for (; i < numconn ; i++) kill(piduid[i].left, sig) ; -} - -static void wait_children (void) -{ - for (;;) - { - unsigned int i ; - int w ; - register pid_t pid = wait_nohang(&w) ; - if (pid < 0) - if (errno != ECHILD) strerr_diefu1sys(111, "wait_nohang") ; - else break ; - else if (!pid) break ; - i = lookup_pid(pid) ; - if (i < numconn) - { - unsigned int uid = piduid[i].right ; - register unsigned int j = lookup_uid(uid) ; - if (j >= uidlen) X() ; - if (!--uidnum[j].right) uidnum[j] = uidnum[--uidlen] ; - piduid[i] = piduid[--numconn] ; - if (verbosity >= 2) - { - log_close(pid, uid, w) ; - log_status() ; - } - } - } -} - -static void handle_signals (void) -{ - for (;;) switch (selfpipe_read()) - { - case -1 : strerr_diefu1sys(111, "read selfpipe") ; - case 0 : return ; - case SIGCHLD : wait_children() ; break ; - case SIGTERM : - { - if (verbosity >= 2) - strerr_warni3x("received ", "SIGTERM,", " quitting") ; - cont = 0 ; - break ; - } - case SIGHUP : - { - if (verbosity >= 2) - strerr_warni5x("received ", "SIGHUP,", " sending ", "SIGTERM+SIGCONT", " to all connections") ; - killthem(SIGTERM) ; - killthem(SIGCONT) ; - break ; - } - case SIGQUIT : - { - if (verbosity >= 2) - strerr_warni6x("received ", "SIGQUIT,", " sending ", "SIGTERM+SIGCONT", " to all connections", " and quitting") ; - cont = 0 ; - killthem(SIGTERM) ; - killthem(SIGCONT) ; - break ; - } - case SIGABRT : - { - if (verbosity >= 2) - strerr_warni6x("received ", "SIGABRT,", " sending ", "SIGKILL", " to all connections", " and quitting") ; - cont = 0 ; - killthem(SIGKILL) ; - break ; - } - default : X() ; - } -} - - - /* New connection handling */ - -static void run_child (int, unsigned int, unsigned int, unsigned int, char const *, char const *const *, char const *const *) gccattr_noreturn ; -static void run_child (int s, unsigned int uid, unsigned int gid, unsigned int num, char const *remotepath, char const *const *argv, char const *const *envp) -{ - unsigned int rplen = str_len(remotepath) + 1 ; - unsigned int n = 0 ; - char fmt[65 + UINT_FMT * 3 + rplen] ; - PROG = "s6-ipcserver (child)" ; - if ((fd_move(0, s) < 0) || (fd_copy(1, 0) < 0)) - strerr_diefu1sys(111, "move fds") ; - byte_copy(fmt+n, 23, "PROTO=IPC\0IPCREMOTEEUID") ; n += 23 ; - if (flaglookup) - { - fmt[n++] = '=' ; - n += uint_fmt(fmt+n, uid) ; - } - fmt[n++] = 0 ; - byte_copy(fmt+n, 13, "IPCREMOTEEGID") ; n += 13 ; - if (flaglookup) - { - fmt[n++] = '=' ; - n += uint_fmt(fmt+n, gid) ; - } - fmt[n++] = 0 ; - byte_copy(fmt+n, 11, "IPCCONNNUM=") ; n += 11 ; - if (flaglookup) n += uint_fmt(fmt+n, num) ; - fmt[n++] = 0 ; - byte_copy(fmt+n, 14, "IPCREMOTEPATH=") ; n += 14 ; - byte_copy(fmt+n, rplen, remotepath) ; n += rplen ; - pathexec_r(argv, envp, env_len(envp), fmt, n) ; - strerr_dieexec(111, argv[0]) ; -} - -static void new_connection (int s, char const *remotepath, char const *const *argv, char const *const *envp) -{ - unsigned int uid = 0, gid = 0 ; - unsigned int num, i ; - register pid_t pid ; - if (flaglookup && (ipc_eid(s, &uid, &gid) < 0)) - { - if (verbosity) strerr_warnwu1sys("ipc_eid") ; - return ; - } - i = lookup_uid(uid) ; - num = (i < uidlen) ? uidnum[i].right : 0 ; - if (num >= localmaxconn) - { - log_deny(uid, gid, num) ; - return ; - } - pid = fork() ; - if (pid < 0) - { - if (verbosity) strerr_warnwu1sys("fork") ; - return ; - } - else if (!pid) - { - selfpipe_finish() ; - run_child(s, uid, gid, num+1, remotepath, argv, envp) ; - } - - if (i < uidlen) uidnum[i].right = num + 1 ; - else - { - uidnum[uidlen].left = uid ; - uidnum[uidlen++].right = 1 ; - } - piduid[numconn].left = (unsigned int)pid ; - piduid[numconn++].right = uid ; - if (verbosity >= 2) - { - log_accept((unsigned int)pid, uid, gid, uidnum[i].right) ; - log_status() ; - } -} - - - /* And the main */ - -int main (int argc, char const *const *argv, char const *const *envp) -{ - iopause_fd x[2] = { { .events = IOPAUSE_READ }, { .fd = 0, .events = IOPAUSE_READ | IOPAUSE_EXCEPT } } ; - PROG = "s6-ipcserverd" ; - { - subgetopt_t l = SUBGETOPT_ZERO ; - int flag1 = 0 ; - for (;;) - { - register int opt = subgetopt_r(argc, argv, "Pp1c:C:v:", &l) ; - if (opt == -1) break ; - switch (opt) - { - case 'P' : flaglookup = 0 ; break ; - case 'p' : flaglookup = 1 ; break ; - case '1' : flag1 = 1 ; break ; - case 'c' : if (!uint0_scan(l.arg, &maxconn)) dieusage() ; break ; - case 'C' : if (!uint0_scan(l.arg, &localmaxconn)) dieusage() ; break ; - case 'v' : if (!uint0_scan(l.arg, &verbosity)) dieusage() ; break ; - default : dieusage() ; - } - } - argc -= l.ind ; argv += l.ind ; - if (!argc || !*argv[0]) dieusage() ; - { - struct stat st ; - if (fstat(0, &st) < 0) strerr_diefu1sys(111, "fstat stdin") ; - if (!S_ISSOCK(st.st_mode)) strerr_dief1x(100, "stdin is not a socket") ; - } - if (coe(0) < 0) strerr_diefu1sys(111, "make socket close-on-exec") ; - if (flag1) - { - if (fcntl(1, F_GETFD) < 0) - strerr_dief1sys(100, "called with option -1 but stdout said") ; - } - else close(1) ; - if (!maxconn) maxconn = 1 ; - if (maxconn > ABSOLUTE_MAXCONN) maxconn = ABSOLUTE_MAXCONN ; - if (!flaglookup || (localmaxconn > maxconn)) localmaxconn = maxconn ; - - x[0].fd = selfpipe_init() ; - if (x[0].fd == -1) strerr_diefu1sys(111, "create selfpipe") ; - if (sig_ignore(SIGPIPE) < 0) strerr_diefu1sys(111, "ignore SIGPIPE") ; - { - sigset_t set ; - sigemptyset(&set) ; - sigaddset(&set, SIGCHLD) ; - sigaddset(&set, SIGTERM) ; - sigaddset(&set, SIGHUP) ; - sigaddset(&set, SIGQUIT) ; - sigaddset(&set, SIGABRT) ; - if (selfpipe_trapset(&set) < 0) strerr_diefu1sys(111, "trap signals") ; - } - - fmtlocalmaxconn[1+uint_fmt(fmtlocalmaxconn+1, localmaxconn)] = 0 ; - if (verbosity >= 2) - { - fmtmaxconn[1+uint_fmt(fmtmaxconn+1, maxconn)] = 0 ; - log_start() ; - log_status() ; - } - if (flag1) - { - fd_write(1, "\n", 1) ; - fd_close(1) ; - } - } - - { - diuint inyostack[maxconn + (flaglookup ? maxconn : 1)] ; - piduid = inyostack ; uidnum = inyostack + maxconn ; - - while (cont) - { - if (iopause_g(x, 1 + (numconn < maxconn), 0) < 0) - strerr_diefu1sys(111, "iopause") ; - - if (x[0].revents & IOPAUSE_EXCEPT) strerr_dief1x(111, "trouble with selfpipe") ; - if (x[0].revents & IOPAUSE_READ) handle_signals() ; - if (numconn < maxconn) - { - if (x[1].revents & IOPAUSE_EXCEPT) strerr_dief1x(111, "trouble with socket") ; - if (x[1].revents & IOPAUSE_READ) - { - int dummy ; - char remotepath[IPCPATH_MAX+1] ; - register int s = ipc_accept(x[1].fd, remotepath, IPCPATH_MAX+1, &dummy) ; - if (s < 0) - { - if (verbosity) strerr_warnwu1sys("accept") ; - } - else - { - new_connection(s, remotepath, argv, envp) ; - fd_close(s) ; - } - } - } - } - } - if (verbosity >= 2) log_exit() ; - return 0 ; -} diff --git a/src/conn-tools/s6-sudo.c b/src/conn-tools/s6-sudo.c deleted file mode 100644 index 5e91951..0000000 --- a/src/conn-tools/s6-sudo.c +++ /dev/null @@ -1,67 +0,0 @@ -/* ISC license. */ - -#include <skalibs/uint.h> -#include <skalibs/sgetopt.h> -#include <skalibs/strerr2.h> -#include <skalibs/djbunix.h> -#include <s6-networking/config.h> - -#define USAGE "s6-sudo [ -q | -Q | -v ] [ -p bindpath ] [ -l localname ] [ -e ] [ -t timeout ] [ -T timeoutrun ] path [ args... ]" -#define dieusage() strerr_dieusage(100, USAGE) - -int main (int argc, char const *const *argv, char const *const *envp) -{ - unsigned int verbosity = 1, t = 0, T = 0 ; - char const *bindpath = 0 ; - char const *localname = 0 ; - int nodoenv = 0 ; - PROG = "s6-sudo" ; - { - subgetopt_t l = SUBGETOPT_ZERO ; - for (;;) - { - register int opt = subgetopt_r(argc, argv, "qQvp:l:et:T:", &l) ; - if (opt == -1) break ; - switch (opt) - { - case 'q' : if (verbosity) verbosity-- ; break ; - case 'Q' : verbosity = 1 ; break ; - case 'v' : verbosity++ ; break ; - case 'p' : bindpath = l.arg ; break ; - case 'l' : localname = l.arg ; break ; - case 'e' : nodoenv = 1 ; break ; - case 't' : if (!uint0_scan(l.arg, &t)) dieusage() ; break ; - case 'T' : if (!uint0_scan(l.arg, &T)) dieusage() ; break ; - default : dieusage() ; - } - } - argc -= l.ind ; argv += l.ind ; - } - if (!argc) dieusage() ; - { - char const *eargv[9 + argc + ((verbosity < 2 ? 1 : verbosity-1)) + ((!!bindpath + !!localname) << 1) + nodoenv] ; - char fmt1[UINT_FMT] ; - char fmt2[UINT_FMT] ; - unsigned int n = 0 ; - eargv[n++] = S6_NETWORKING_BINPREFIX "s6-ipcclient" ; - if (!verbosity) eargv[n++] = "-Q" ; - else while (--verbosity) eargv[n++] = "-v" ; - if (bindpath) { eargv[n++] = "-p" ; eargv[n++] = bindpath ; } - if (localname) { eargv[n++] = "-l" ; eargv[n++] = localname ; } - eargv[n++] = "--" ; - eargv[n++] = *argv++ ; argc-- ; - eargv[n++] = S6_NETWORKING_BINPREFIX "s6-sudoc" ; - if (nodoenv) eargv[n++] = "-e" ; - eargv[n++] = "-t" ; - fmt1[uint_fmt(fmt1, t)] = 0 ; - eargv[n++] = fmt1 ; - eargv[n++] = "-T" ; - fmt2[uint_fmt(fmt2, T)] = 0 ; - eargv[n++] = fmt2 ; - eargv[n++] = "--" ; - while (argc--) eargv[n++] = *argv++ ; - eargv[n++] = 0 ; - pathexec_run(eargv[0], eargv, envp) ; - } - strerr_dieexec(111, S6_NETWORKING_BINPREFIX "s6-ipcclient") ; -} diff --git a/src/conn-tools/s6-sudo.h b/src/conn-tools/s6-sudo.h deleted file mode 100644 index 8c5797f..0000000 --- a/src/conn-tools/s6-sudo.h +++ /dev/null @@ -1,11 +0,0 @@ -/* ISC license. */ - -#ifndef S6_SUDO_H -#define S6_SUDO_H - -#define S6_SUDO_BANNERB "s6-sudo b v1.0\n" -#define S6_SUDO_BANNERB_LEN (sizeof(S6_SUDO_BANNERB) - 1) -#define S6_SUDO_BANNERA "s6-sudo a v1.0\n" -#define S6_SUDO_BANNERA_LEN (sizeof(S6_SUDO_BANNERA) - 1) - -#endif diff --git a/src/conn-tools/s6-sudoc.c b/src/conn-tools/s6-sudoc.c deleted file mode 100644 index 823d7cb..0000000 --- a/src/conn-tools/s6-sudoc.c +++ /dev/null @@ -1,115 +0,0 @@ -/* ISC license. */ - -#include <errno.h> -#include <fcntl.h> -#include <signal.h> -#include <sys/wait.h> -#include <skalibs/uint.h> -#include <skalibs/sgetopt.h> -#include <skalibs/bytestr.h> -#include <skalibs/buffer.h> -#include <skalibs/stralloc.h> -#include <skalibs/strerr2.h> -#include <skalibs/djbunix.h> -#include <skalibs/tai.h> -#include <skalibs/env.h> -#include <skalibs/unix-timed.h> -#include <skalibs/unixmessage.h> -#include "s6-sudo.h" - -#define USAGE "s6-sudoc [ -e ] [ -t timeoutconn ] [ -T timeoutrun ] [ args... ]" -#define dieusage() strerr_dieusage(100, USAGE) -#define dienomem() strerr_diefu1sys(111, "stralloc_catb") - -int main (int argc, char const *const *argv, char const *const *envp) -{ - char buf6[64] ; - buffer b6 = BUFFER_INIT(&buffer_read, 6, buf6, 64) ; - unixmessage_sender_t b7 = UNIXMESSAGE_SENDER_INIT(7) ; - subgetopt_t l = SUBGETOPT_ZERO ; - unsigned int t = 0, T = 0 ; - int doenv = 1 ; - - tain_t deadline = TAIN_INFINITE_RELATIVE ; - PROG = "s6-sudoc" ; - for (;;) - { - register int opt = subgetopt_r(argc, argv, "et:T:", &l) ; - if (opt < 0) break ; - switch (opt) - { - case 'e' : doenv = 0 ; break ; - case 't' : if (!uint0_scan(l.arg, &t)) dieusage() ; break ; - case 'T' : if (!uint0_scan(l.arg, &T)) dieusage() ; break ; - default : dieusage() ; - } - } - argc -= l.ind ; argv += l.ind ; - if (t) tain_from_millisecs(&deadline, t) ; - if ((ndelay_on(6) < 0) || (ndelay_on(7) < 0)) - strerr_diefu1sys(111, "make socket non-blocking") ; - if (!fd_sanitize() || !fd_ensure_open(2, 1)) - strerr_diefu1sys(111, "sanitize stdin/stdout/stderr") ; - - tain_now_g() ; - tain_add_g(&deadline, &deadline) ; - { - char tmp[S6_SUDO_BANNERB_LEN] ; - if (buffer_timed_get_g(&b6, tmp, S6_SUDO_BANNERB_LEN, &deadline) < S6_SUDO_BANNERB_LEN) - strerr_diefu1sys(111, "read banner from s6-sudod") ; - if (str_diffn(tmp, S6_SUDO_BANNERB, S6_SUDO_BANNERB_LEN)) - strerr_dief1x(100, "wrong server banner") ; - } - { - int fds[3] = { 0, 1, 2 } ; - char pack[16] ; - siovec_t v[4] = { - { .s = S6_SUDO_BANNERA, .len = S6_SUDO_BANNERA_LEN }, - { .s = pack, .len = 16 }, - { .s = 0, .len = 0 }, - { .s = 0, .len = 0 } } ; - unixmessage_v_t mv = { .v = v, .vlen = 4, .fds = fds, .nfds = 3 } ; - stralloc sa = STRALLOC_ZERO ; - unsigned int envlen = doenv ? env_len(envp) : 0 ; - uint32_pack_big(pack, (uint32)argc) ; - uint32_pack_big(pack + 4, (uint32)envlen) ; - if (!env_string(&sa, argv, argc)) dienomem() ; - v[2].len = sa.len ; - uint32_pack_big(pack + 8, (uint32)v[2].len) ; - if (doenv) - { - if (!env_string(&sa, envp, envlen)) dienomem() ; - v[3].len = sa.len - v[2].len ; - } - uint32_pack_big(pack + 12, (uint32)v[3].len) ; - v[2].s = sa.s ; - v[3].s = sa.s + v[2].len ; - if (!unixmessage_putv_and_close(&b7, &mv, (unsigned char const *)"\003")) - strerr_diefu1sys(111, "unixmessage_putv") ; - stralloc_free(&sa) ; - } - if (!unixmessage_sender_timed_flush_g(&b7, &deadline)) - strerr_diefu1sys(111, "send args to server") ; - unixmessage_sender_free(&b7) ; - { - char c ; - if (buffer_timed_get_g(&b6, &c, 1, &deadline) < 1) - strerr_diefu1sys(111, "get confirmation from server") ; - if (c) - { - errno = c ; - strerr_diefu1sys(111, "start privileged program: server answered: ") ; - } - } - - if (T) tain_from_millisecs(&deadline, T) ; else deadline = tain_infinite_relative ; - tain_add_g(&deadline, &deadline) ; - { - char pack[UINT_PACK] ; - if (buffer_timed_get_g(&b6, pack, UINT_PACK, &deadline) < UINT_PACK) - strerr_diefu1sys(111, "get exit status from server") ; - uint_unpack_big(pack, &t) ; - } - if (WIFSIGNALED(t)) raise(WTERMSIG(t)) ; - return WEXITSTATUS(t) ; -} diff --git a/src/conn-tools/s6-sudod.c b/src/conn-tools/s6-sudod.c deleted file mode 100644 index 8c52bb9..0000000 --- a/src/conn-tools/s6-sudod.c +++ /dev/null @@ -1,233 +0,0 @@ -/* ISC license. */ - -#include <sys/types.h> -#include <unistd.h> -#include <errno.h> -#include <fcntl.h> -#include <signal.h> -#include <skalibs/uint.h> -#include <skalibs/allreadwrite.h> -#include <skalibs/sgetopt.h> -#include <skalibs/bytestr.h> -#include <skalibs/buffer.h> -#include <skalibs/stralloc.h> -#include <skalibs/strerr2.h> -#include <skalibs/tai.h> -#include <skalibs/iopause.h> -#include <skalibs/selfpipe.h> -#include <skalibs/env.h> -#include <skalibs/djbunix.h> -#include <skalibs/unix-timed.h> -#include <skalibs/unixmessage.h> -#include "s6-sudo.h" - -#define USAGE "s6-sudod [ -0 ] [ -1 ] [ -2 ] [ -t timeout ] args..." -#define dieusage() strerr_dieusage(100, USAGE) -#define dienomem() strerr_diefu1sys(111, "stralloc_catb") - -int main (int argc, char const *const *argv, char const *const *envp) -{ - subgetopt_t l = SUBGETOPT_ZERO ; - unixmessage_t m ; - unsigned int nullfds = 0, t = 2000 ; - pid_t pid ; - uint32 envc = env_len(envp) ; - uint32 cargc, cenvc, carglen, cenvlen ; - int spfd ; - tain_t deadline = TAIN_INFINITE_RELATIVE ; - PROG = "s6-sudod" ; - for (;;) - { - register int opt = subgetopt_r(argc, argv, "012t:", &l) ; - if (opt < 0) break ; - switch (opt) - { - case '0' : nullfds |= 1 ; break ; - case '1' : nullfds |= 2 ; break ; - case '2' : nullfds |= 4 ; break ; - case 't' : if (!uint0_scan(l.arg, &t)) dieusage() ; break ; - default : dieusage() ; - } - } - argc -= l.ind ; argv += l.ind ; - if (t) tain_from_millisecs(&deadline, t) ; - if ((ndelay_on(0) < 0) || (ndelay_on(1) < 0)) - strerr_diefu1sys(111, "make socket non-blocking") ; - - tain_now_g() ; - tain_add_g(&deadline, &deadline) ; - buffer_putnoflush(buffer_1small, S6_SUDO_BANNERB, S6_SUDO_BANNERB_LEN) ; - if (!buffer_timed_flush_g(buffer_1small, &deadline)) - strerr_diefu1sys(111, "write banner to client") ; - if (unixmessage_timed_receive_g(unixmessage_receiver_0, &m, &deadline) <= 0) - strerr_diefu1sys(111, "read message from client") ; - if (m.nfds != 3) - strerr_dief1x(100, "client did not send 3 fds") ; - if (m.len < 16 + S6_SUDO_BANNERA_LEN) - strerr_dief1x(100, "wrong client message") ; - if (str_diffn(m.s, S6_SUDO_BANNERA, S6_SUDO_BANNERA_LEN)) - strerr_dief1x(100, "wrong client banner") ; - uint32_unpack_big(m.s + S6_SUDO_BANNERA_LEN, &cargc) ; - uint32_unpack_big(m.s + S6_SUDO_BANNERA_LEN + 4, &cenvc) ; - uint32_unpack_big(m.s + S6_SUDO_BANNERA_LEN + 8, &carglen) ; - uint32_unpack_big(m.s + S6_SUDO_BANNERA_LEN + 12, &cenvlen) ; - if (S6_SUDO_BANNERA_LEN + 16 + carglen + cenvlen != m.len) - strerr_dief1x(100, "wrong client argc/envlen") ; - if ((cargc > 131072) || (cenvc > 131072)) - strerr_dief1x(100, "too many args/envvars from client") ; - - if (nullfds & 1) - { - close(m.fds[0]) ; - m.fds[0] = open2("/dev/null", O_RDONLY) ; - if (m.fds[0] < 0) strerr_diefu2sys(111, "open /dev/null for ", "reading") ; - } - if (nullfds & 2) - { - close(m.fds[1]) ; - m.fds[1] = open2("/dev/null", O_WRONLY) ; - if (m.fds[1] < 0) strerr_diefu2sys(111, "open /dev/null for ", "writing") ; - } - if (nullfds & 4) - { - close(m.fds[2]) ; - m.fds[2] = 2 ; - } - - { - char const *targv[argc + 1 + cargc] ; - char const *tenvp[envc + 1 + cenvc] ; - int p[2] ; - register unsigned int i = 0 ; - for (; i < (unsigned int)argc ; i++) targv[i] = argv[i] ; - for (i = 0 ; i <= envc ; i++) tenvp[i] = envp[i] ; - if (!env_make(targv + argc, cargc, m.s + S6_SUDO_BANNERA_LEN + 16, carglen)) - { - char c = errno ; - buffer_putnoflush(buffer_1small, &c, 1) ; - buffer_timed_flush_g(buffer_1small, &deadline) ; - errno = c ; - strerr_diefu1sys(111, "make child argv") ; - } - if (!env_make(tenvp + envc + 1, cenvc, m.s + S6_SUDO_BANNERA_LEN + 16 + carglen, cenvlen)) - { - char c = errno ; - buffer_putnoflush(buffer_1small, &c, 1) ; - buffer_timed_flush_g(buffer_1small, &deadline) ; - errno = c ; - strerr_diefu1sys(111, "make child envp") ; - } - targv[argc + cargc] = 0 ; - - for (i = 0 ; i < cenvc ; i++) - { - char const *var = tenvp[envc + 1 + i] ; - register unsigned int j = 0 ; - register unsigned int len = str_chr(var, '=') ; - if (!var[len]) - { - char c = EINVAL ; - buffer_putnoflush(buffer_1small, &c, 1) ; - buffer_timed_flush_g(buffer_1small, &deadline) ; - strerr_dief1x(100, "bad environment from client") ; - } - for (; j < envc ; j++) if (!str_diffn(var, tenvp[j], len+1)) break ; - if ((j < envc) && !tenvp[j][len+1]) tenvp[j] = var ; - } - - spfd = selfpipe_init() ; - if (spfd < 0) strerr_diefu1sys(111, "selfpipe_init") ; - if (selfpipe_trap(SIGCHLD) < 0) strerr_diefu1sys(111, "trap SIGCHLD") ; - if (pipe(p) < 0) strerr_diefu1sys(111, "pipe") ; - if (coe(p[1]) < 0) strerr_diefu1sys(111, "coe pipe") ; - pid = fork() ; - if (pid < 0) strerr_diefu1sys(111, "fork") ; - if (!pid) - { - PROG = "s6-sudod (child)" ; - fd_close(p[0]) ; - if ((fd_move(2, m.fds[2]) < 0) - || (fd_move(1, m.fds[1]) < 0) - || (fd_move(0, m.fds[0]) < 0)) - { - char c = errno ; - fd_write(p[1], &c, 1) ; - strerr_diefu1sys(111, "move fds") ; - } - selfpipe_finish() ; - pathexec0_run(targv, tenvp) ; - { - char c = errno ; - fd_write(p[1], &c, 1) ; - } - strerr_dieexec(111, targv[0]) ; - } - fd_close(p[1]) ; - { - char c ; - register int r = fd_read(p[0], &c, 1) ; - if (r < 0) strerr_diefu1sys(111, "read from child") ; - if (r) - { - buffer_putnoflush(buffer_1small, &c, 1) ; - buffer_timed_flush_g(buffer_1small, &deadline) ; - return 111 ; - } - } - fd_close(p[0]) ; - } - - fd_close(m.fds[0]) ; - fd_close(m.fds[1]) ; - if (!(nullfds & 4)) fd_close(m.fds[2]) ; - unixmessage_receiver_free(unixmessage_receiver_0) ; - buffer_putnoflush(buffer_1small, "", 1) ; - if (!buffer_timed_flush_g(buffer_1small, &deadline)) - strerr_diefu1sys(111, "send confirmation to client") ; - - { - iopause_fd x[2] = { { .fd = 0, .events = 0 }, { .fd = spfd, .events = IOPAUSE_READ } } ; - int cont = 1 ; - while (cont) - { - if (iopause_g(x, 2, 0) < 0) strerr_diefu1sys(111, "iopause") ; - if (x[1].revents) - { - for (;;) - { - int c = selfpipe_read() ; - if (c < 0) strerr_diefu1sys(111, "read from selfpipe") ; - else if (!c) break ; - else if (c == SIGCHLD) - { - int wstat ; - register int r = wait_pid_nohang(pid, &wstat) ; - if ((r < 0) && (errno != ECHILD)) - strerr_diefu1sys(111, "wait_pid_nohang") ; - else if (r > 0) - { - char pack[UINT_PACK] ; - uint_pack_big(pack, (unsigned int)wstat) ; - buffer_putnoflush(buffer_1small, pack, UINT_PACK) ; - cont = 0 ; - } - } - else - strerr_dief1sys(101, "internal inconsistency, please submit a bug-report") ; - } - } - if (x[0].revents && cont) - { - kill(pid, SIGTERM) ; - kill(pid, SIGCONT) ; - x[0].fd = -1 ; - return 1 ; - } - } - } - if (ndelay_off(1) < 0) - strerr_diefu1sys(111, "set stdout blocking") ; - if (!buffer_flush(buffer_1small)) - strerr_diefu1sys(111, "write status to client") ; - return 0 ; -} diff --git a/src/conn-tools/s6-tcpserver-access.c b/src/conn-tools/s6-tcpserver-access.c index ef2771b..db2e2a5 100644 --- a/src/conn-tools/s6-tcpserver-access.c +++ b/src/conn-tools/s6-tcpserver-access.c @@ -18,8 +18,9 @@ #include <skalibs/ip46.h> #include <skalibs/unix-timed.h> #include <execline/config.h> +#include <s6/accessrules.h> #include <s6-dns/s6dns.h> -#include <s6-networking/s6net.h> +#include <s6-networking/ident.h> #define USAGE "s6-tcpserver-access [ -v verbosity ] [ -W | -w ] [ -D | -d ] [ -H | -h ] [ -R | -r ] [ -P | -p ] [ -l localname ] [ -B banner ] [ -t timeout ] [ -i rulesdir | -x rulesfile ] prog..." #define dieusage() strerr_dieusage(100, USAGE) @@ -50,7 +51,7 @@ static inline void log_deny (unsigned int pid, ip46_t const *ip) int main (int argc, char const *const *argv, char const *const *envp) { - s6net_accessrules_params_t params = S6NET_ACCESSRULES_PARAMS_ZERO ; + s6_accessrules_params_t params = S6_ACCESSRULES_PARAMS_ZERO ; stralloc modifs = STRALLOC_ZERO ; tain_t deadline, tto ; char const *rulestypestr[3] = { "no", "fs", "cdb" } ; @@ -62,7 +63,7 @@ int main (int argc, char const *const *argv, char const *const *envp) unsigned int rulestype = 0 ; unsigned int verbosity = 1 ; unsigned int protolen ; - s6net_accessrules_result_t accepted ; + s6_accessrules_result_t accepted ; ip46_t remoteip, localip ; int flagfatal = 1, flagnodelay = 0, flagdnslookup = 1, flagident = 0, flagparanoid = 0, e = 0 ; @@ -140,17 +141,17 @@ int main (int argc, char const *const *argv, char const *const *envp) { case 0 : if (verbosity >= 2) strerr_warnw1x("invoked without a ruleset!") ; - accepted = S6NET_ACCESSRULES_ALLOW ; + accepted = S6_ACCESSRULES_ALLOW ; break ; case 1 : - accepted = s6net_accessrules_ip46_fs(&remoteip, (void *)rules, ¶ms) ; + accepted = s6_accessrules_ip46_fs(&remoteip, (void *)rules, ¶ms) ; break ; case 2 : cdbfd = open_readb(rules) ; if (cdbfd < 0) strerr_diefu2sys(111, "open_readb ", rules) ; if (cdb_init(&c, cdbfd) < 0) strerr_diefu2sys(111, "cdb_init ", rules) ; - accepted = s6net_accessrules_ip46_cdb(&remoteip, &c, ¶ms) ; - if (accepted == S6NET_ACCESSRULES_ALLOW) + accepted = s6_accessrules_ip46_cdb(&remoteip, &c, ¶ms) ; + if (accepted == S6_ACCESSRULES_ALLOW) { cdb_free(&c) ; fd_close(cdbfd) ; @@ -160,13 +161,13 @@ int main (int argc, char const *const *argv, char const *const *envp) } switch (accepted) { - case S6NET_ACCESSRULES_ERROR : + case S6_ACCESSRULES_ERROR : strerr_diefu6sys(111, "check ", rulestypestr[rulestype], " ruleset for ", "IP", " in ", rules) ; - case S6NET_ACCESSRULES_ALLOW : break ; - case S6NET_ACCESSRULES_DENY : + case S6_ACCESSRULES_ALLOW : break ; + case S6_ACCESSRULES_DENY : if (verbosity >= 2) { errno = EACCES ; log_deny(getpid(), &remoteip) ; } return 1 ; - case S6NET_ACCESSRULES_NOTFOUND : + case S6_ACCESSRULES_NOTFOUND : if (flagdnslookup) break ; if (verbosity >= 2) { errno = ENOENT ; log_deny(getpid(), &remoteip) ; } return 1 ; @@ -326,21 +327,21 @@ int main (int argc, char const *const *argv, char const *const *envp) } } if (!env_addmodif(&modifs, tcpremotehost, remotelen ? remotebuf : 0)) dienomem() ; - if (remotelen && (accepted == S6NET_ACCESSRULES_NOTFOUND)) + if (remotelen && (accepted == S6_ACCESSRULES_NOTFOUND)) { switch (rulestype) { case 1 : - accepted = s6net_accessrules_reversedns_fs(remotebuf, (void *)rules, ¶ms) ; + accepted = s6_accessrules_reversedns_fs(remotebuf, (void *)rules, ¶ms) ; break ; case 2 : - accepted = s6net_accessrules_reversedns_cdb(remotebuf, &c, ¶ms) ; + accepted = s6_accessrules_reversedns_cdb(remotebuf, &c, ¶ms) ; break ; default : X() ; } } - if ((rulestype == 2) && (accepted != S6NET_ACCESSRULES_ALLOW)) + if ((rulestype == 2) && (accepted != S6_ACCESSRULES_ALLOW)) { cdb_free(&c) ; fd_close(cdbfd) ; @@ -348,13 +349,13 @@ int main (int argc, char const *const *argv, char const *const *envp) switch (accepted) { - case S6NET_ACCESSRULES_ERROR : + case S6_ACCESSRULES_ERROR : strerr_diefu6sys(111, "check ", rulestypestr[rulestype], " ruleset for ", "reverse DNS", " in ", rules) ; - case S6NET_ACCESSRULES_ALLOW : break ; - case S6NET_ACCESSRULES_DENY : + case S6_ACCESSRULES_ALLOW : break ; + case S6_ACCESSRULES_DENY : if (verbosity >= 2) { errno = EACCES ; log_deny(getpid(), &remoteip) ; } return 1 ; - case S6NET_ACCESSRULES_NOTFOUND : + case S6_ACCESSRULES_NOTFOUND : if (verbosity >= 2) { errno = ENOENT ; log_deny(getpid(), &remoteip) ; } return 1 ; default : X() ; diff --git a/src/conn-tools/seekablepipe.c b/src/conn-tools/seekablepipe.c deleted file mode 100644 index 611f227..0000000 --- a/src/conn-tools/seekablepipe.c +++ /dev/null @@ -1,41 +0,0 @@ -/* ISC license. */ - -#include <unistd.h> -#include <skalibs/strerr2.h> -#include <skalibs/iobuffer.h> -#include <skalibs/djbunix.h> - -#define USAGE "seekablepipe tempfile prog..." - -#define N 8192 - -int main (int argc, char const *const *argv, char const *const *envp) -{ - iobuffer b ; - int fdr, fdw ; - int r ; - PROG = "seekablepipe" ; - if (argc < 3) strerr_dieusage(100, USAGE) ; - fdw = open_trunc(argv[1]) ; - if (fdw < 0) - strerr_diefu2sys(111, "create temporary ", argv[1]) ; - fdr = open_readb(argv[1]) ; - if (fdr < 0) - strerr_diefu3sys(111, "open ", argv[1], " for reading") ; - if (unlink(argv[1]) < 0) - strerr_diefu2sys(111, "unlink ", argv[1]) ; - if (ndelay_off(fdw) < 0) - strerr_diefu1sys(111, "set fdw blocking") ; - if (!iobuffer_init(&b, 0, fdw)) - strerr_diefu1sys(111, "iobuffer_init") ; - while ((r = iobuffer_fill(&b)) > 0) - if (!iobuffer_flush(&b)) - strerr_diefu2sys(111, "write to ", argv[1]) ; - if (r < 0) strerr_diefu1sys(111, "read from stdin") ; - iobuffer_finish(&b) ; - fd_close(fdw) ; - if (fd_move(0, fdr) < 0) - strerr_diefu1sys(111, "move fdr to stdin") ; - pathexec_run(argv[2], argv+2, envp) ; - strerr_dieexec(111, argv[2]) ; -} diff --git a/src/include/s6-networking/accessrules.h b/src/include/s6-networking/accessrules.h deleted file mode 100644 index ec7a0d5..0000000 --- a/src/include/s6-networking/accessrules.h +++ /dev/null @@ -1,53 +0,0 @@ -/* ISC license. */ - -#ifndef S6NET_ACCESSRULES_H -#define S6NET_ACCESSRULES_H - -#include <skalibs/cdb.h> -#include <skalibs/stralloc.h> -#include <skalibs/ip46.h> - -typedef struct s6net_accessrules_params_s s6net_accessrules_params_t, *s6net_accessrules_params_t_ref ; -struct s6net_accessrules_params_s -{ - stralloc env ; - stralloc exec ; -} ; -#define S6NET_ACCESSRULES_PARAMS_ZERO { STRALLOC_ZERO, STRALLOC_ZERO } - -typedef enum s6net_accessrules_result_e s6net_accessrules_result_t, *s6net_accessrules_result_t_ref ; -enum s6net_accessrules_result_e -{ - S6NET_ACCESSRULES_ERROR = -1, - S6NET_ACCESSRULES_DENY = 0, - S6NET_ACCESSRULES_ALLOW = 1, - S6NET_ACCESSRULES_NOTFOUND = 2 -} ; - -typedef s6net_accessrules_result_t s6net_accessrules_backend_func_t (char const *, unsigned int, void *, s6net_accessrules_params_t *) ; -typedef s6net_accessrules_backend_func_t *s6net_accessrules_backend_func_t_ref ; - -extern s6net_accessrules_backend_func_t s6net_accessrules_backend_fs ; -extern s6net_accessrules_backend_func_t s6net_accessrules_backend_cdb ; - -typedef s6net_accessrules_result_t s6net_accessrules_keycheck_func_t (void const *, void *, s6net_accessrules_params_t *, s6net_accessrules_backend_func_t_ref) ; -typedef s6net_accessrules_keycheck_func_t *s6net_accessrules_keycheck_func_t_ref ; - -extern s6net_accessrules_keycheck_func_t s6net_accessrules_keycheck_uidgid ; -extern s6net_accessrules_keycheck_func_t s6net_accessrules_keycheck_ip4 ; -extern s6net_accessrules_keycheck_func_t s6net_accessrules_keycheck_ip6 ; -extern s6net_accessrules_keycheck_func_t s6net_accessrules_keycheck_reversedns ; -#define s6net_accessrules_keycheck_ip46(key, data, params, f) (ip46_is6((ip46_t const *)(key)) ? s6net_accessrules_keycheck_ip6(((ip46_t const *)(key))->ip, data, params, f) : s6net_accessrules_keycheck_ip4(((ip46_t const *)(key))->ip, data, params, f)) - -extern s6net_accessrules_result_t s6net_accessrules_uidgid_cdb (unsigned int, unsigned int, struct cdb *, s6net_accessrules_params_t *) ; -extern s6net_accessrules_result_t s6net_accessrules_uidgid_fs (unsigned int, unsigned int, char const *, s6net_accessrules_params_t *) ; -#define s6net_accessrules_ip4_cdb(ip4, c, params) s6net_accessrules_keycheck_ip4(ip4, c, (params), &s6net_accessrules_backend_cdb) -#define s6net_accessrules_ip4_fs(ip4, rulesdir, params) s6net_accessrules_keycheck_ip4(ip4, rulesdir, (params), &s6net_accessrules_backend_fs) -#define s6net_accessrules_ip6_cdb(ip6, c, params) s6net_accessrules_keycheck_ip6(ip6, c, (params), &s6net_accessrules_backend_cdb) -#define s6net_accessrules_ip6_fs(ip6, rulesdir, params) s6net_accessrules_keycheck_ip6(ip6, rulesdir, (params), &s6net_accessrules_backend_fs) -#define s6net_accessrules_ip46_cdb(ip, c, params) s6net_accessrules_keycheck_ip46(ip, c, (params), &s6net_accessrules_backend_cdb) -#define s6net_accessrules_ip46_fs(ip, rulesdir, params) s6net_accessrules_keycheck_ip46(ip, rulesdir, (params), &s6net_accessrules_backend_fs) -#define s6net_accessrules_reversedns_cdb(name, c, params) s6net_accessrules_keycheck_reversedns(name, c, (params), &s6net_accessrules_backend_cdb) -#define s6net_accessrules_reversedns_fs(name, c, params) s6net_accessrules_keycheck_reversedns(name, c, (params), &s6net_accessrules_backend_fs) - -#endif diff --git a/src/include/s6-networking/s6net.h b/src/include/s6-networking/s6net.h index 81d804e..8778527 100644 --- a/src/include/s6-networking/s6net.h +++ b/src/include/s6-networking/s6net.h @@ -3,7 +3,6 @@ #ifndef S6NET_H #define S6NET_H -#include <s6-networking/accessrules.h> #include <s6-networking/ident.h> #endif diff --git a/src/libs6net/deps-lib/s6net b/src/libs6net/deps-lib/s6net index 7b497ac..1b15735 100644 --- a/src/libs6net/deps-lib/s6net +++ b/src/libs6net/deps-lib/s6net @@ -1,11 +1,3 @@ -s6net_accessrules_backend_cdb.o -s6net_accessrules_backend_fs.o -s6net_accessrules_keycheck_ip4.o -s6net_accessrules_keycheck_ip6.o -s6net_accessrules_keycheck_reversedns.o -s6net_accessrules_keycheck_uidgid.o -s6net_accessrules_uidgid_cdb.o -s6net_accessrules_uidgid_fs.o s6net_ident_client.o s6net_ident_reply_get.o s6net_ident_reply_parse.o diff --git a/src/libs6net/s6net_accessrules_backend_cdb.c b/src/libs6net/s6net_accessrules_backend_cdb.c deleted file mode 100644 index e75f755..0000000 --- a/src/libs6net/s6net_accessrules_backend_cdb.c +++ /dev/null @@ -1,38 +0,0 @@ -/* ISC license. */ - -#include <unistd.h> -#include <errno.h> -#include <skalibs/bytestr.h> -#include <skalibs/uint16.h> -#include <skalibs/cdb.h> -#include <skalibs/stralloc.h> -#include <s6-networking/accessrules.h> - -s6net_accessrules_result_t s6net_accessrules_backend_cdb (char const *key, unsigned int keylen, void *data, s6net_accessrules_params_t *params) -{ - struct cdb *c = data ; - unsigned int execbase, n ; - uint16 envlen, execlen ; - register int r = cdb_find(c, key, keylen) ; - if (r < 0) return S6NET_ACCESSRULES_ERROR ; - else if (!r) return S6NET_ACCESSRULES_NOTFOUND ; - n = cdb_datalen(c) ; - if ((n < 5U) || (n > 8197U)) return (errno = EINVAL, S6NET_ACCESSRULES_ERROR) ; - if (!stralloc_readyplus(¶ms->exec, n)) return S6NET_ACCESSRULES_ERROR ; - execbase = params->exec.len ; - if (cdb_read(c, params->exec.s + execbase, n, cdb_datapos(c)) < 0) return S6NET_ACCESSRULES_ERROR ; - if (params->exec.s[execbase] == 'D') return S6NET_ACCESSRULES_DENY ; - else if (params->exec.s[execbase] != 'A') return S6NET_ACCESSRULES_NOTFOUND ; - uint16_unpack_big(params->exec.s + execbase + 1U, &envlen) ; - if ((envlen > 4096U) || (envlen+5U > n)) return (errno = EINVAL, S6NET_ACCESSRULES_ERROR) ; - uint16_unpack_big(params->exec.s + execbase + 3 + envlen, &execlen) ; - if ((execlen > 4096U) || (5U + envlen + execlen != n)) return (errno = EINVAL, S6NET_ACCESSRULES_ERROR) ; - if (!stralloc_catb(¶ms->env, params->exec.s + execbase + 3U, envlen)) return S6NET_ACCESSRULES_ERROR ; - byte_copy(params->exec.s + execbase, execlen, params->exec.s + execbase + 5U + envlen) ; - if (execlen) - { - params->exec.len += execlen ; - params->exec.s[params->exec.len++] = 0 ; - } - return S6NET_ACCESSRULES_ALLOW ; -} diff --git a/src/libs6net/s6net_accessrules_backend_fs.c b/src/libs6net/s6net_accessrules_backend_fs.c deleted file mode 100644 index d609285..0000000 --- a/src/libs6net/s6net_accessrules_backend_fs.c +++ /dev/null @@ -1,58 +0,0 @@ -/* ISC license. */ - -#include <unistd.h> -#include <errno.h> -#include <skalibs/bytestr.h> -#include <skalibs/fmtscan.h> -#include <skalibs/stralloc.h> -#include <skalibs/djbunix.h> -#include <s6-networking/accessrules.h> - -s6net_accessrules_result_t s6net_accessrules_backend_fs (char const *key, unsigned int keylen, void *data, s6net_accessrules_params_t *params) -{ - char *dir = data ; - unsigned int dirlen = str_len(dir) ; - unsigned int envbase = params->env.len ; - int wasnull = !params->env.s ; - { - char tmp[dirlen + keylen + 10] ; - byte_copy(tmp, dirlen, dir) ; - tmp[dirlen] = '/' ; - byte_copy(tmp + dirlen + 1, keylen, key) ; - byte_copy(tmp + dirlen + keylen + 1, 7, "/allow") ; - if (access(tmp, R_OK) < 0) - { - if ((errno != EACCES) && (errno != ENOENT)) - return S6NET_ACCESSRULES_ERROR ; - byte_copy(tmp + dirlen + keylen + 2, 5, "deny") ; - return (access(tmp, R_OK) == 0) ? S6NET_ACCESSRULES_DENY : - (errno != EACCES) && (errno != ENOENT) ? S6NET_ACCESSRULES_ERROR : - S6NET_ACCESSRULES_NOTFOUND ; - } - byte_copy(tmp + dirlen + keylen + 2, 4, "env") ; - if ((envdir(tmp, ¶ms->env) < 0) && (errno != ENOENT)) - return S6NET_ACCESSRULES_ERROR ; - if (!stralloc_readyplus(¶ms->exec, 4097)) - { - if (wasnull) stralloc_free(¶ms->env) ; - else params->env.len = envbase ; - return S6NET_ACCESSRULES_ERROR ; - } - byte_copy(tmp + dirlen + keylen + 2, 5, "exec") ; - { - register int r = openreadnclose(tmp, params->exec.s + params->exec.len, 4096) ; - if ((r < 0) && (errno != EACCES) && (errno != ENOENT)) - { - if (wasnull) stralloc_free(¶ms->env) ; - else params->env.len = envbase ; - return S6NET_ACCESSRULES_ERROR ; - } - if (r > 0) - { - params->exec.len += r ; - params->exec.s[params->exec.len++] = 0 ; - } - } - } - return S6NET_ACCESSRULES_ALLOW ; -} diff --git a/src/libs6net/s6net_accessrules_keycheck_ip4.c b/src/libs6net/s6net_accessrules_keycheck_ip4.c deleted file mode 100644 index 1f96bd8..0000000 --- a/src/libs6net/s6net_accessrules_keycheck_ip4.c +++ /dev/null @@ -1,24 +0,0 @@ -/* ISC license. */ - -#include <skalibs/uint32.h> -#include <skalibs/uint.h> -#include <skalibs/fmtscan.h> -#include <s6-networking/accessrules.h> - -s6net_accessrules_result_t s6net_accessrules_keycheck_ip4 (void const *key, void *data, s6net_accessrules_params_t *params, s6net_accessrules_backend_func_t_ref check1) -{ - char fmt[IP4_FMT + UINT_FMT + 6] = "ip4/" ; - uint32 ip ; - unsigned int i = 0 ; - uint32_unpack_big((char const *)key, &ip) ; - for (; i <= 32 ; i++) - { - register s6net_accessrules_result_t r ; - register unsigned int len = 4 + ip4_fmtu32(fmt+4, (i == 32) ? 0 : ip & ~((1U << i) - 1)) ; - fmt[len++] = '_' ; - len += uint_fmt(fmt + len, 32 - i) ; - r = (*check1)(fmt, len, data, params) ; - if (r != S6NET_ACCESSRULES_NOTFOUND) return r ; - } - return S6NET_ACCESSRULES_NOTFOUND ; -} diff --git a/src/libs6net/s6net_accessrules_keycheck_ip6.c b/src/libs6net/s6net_accessrules_keycheck_ip6.c deleted file mode 100644 index c2ee5ae..0000000 --- a/src/libs6net/s6net_accessrules_keycheck_ip6.c +++ /dev/null @@ -1,27 +0,0 @@ -/* ISC license. */ - -#include <skalibs/uint.h> -#include <skalibs/bytestr.h> -#include <skalibs/bitarray.h> -#include <skalibs/fmtscan.h> -#include <s6-networking/accessrules.h> - -s6net_accessrules_result_t s6net_accessrules_keycheck_ip6 (void const *key, void *data, s6net_accessrules_params_t *params, s6net_accessrules_backend_func_t_ref check1) -{ - char fmt[IP6_FMT + UINT_FMT + 6] = "ip6/" ; - char ip6[16] ; - unsigned int i = 0 ; - byte_copy(ip6, 16, (char const *)key) ; - for (; i <= 128 ; i++) - { - unsigned int len ; - register s6net_accessrules_result_t r ; - if (i) bitarray_clear(ip6, 128 - i) ; - len = 4 + ip6_fmt(fmt+4, ip6) ; - fmt[len++] = '_' ; - len += uint_fmt(fmt + len, 128 - i) ; - r = (*check1)(fmt, len, data, params) ; - if (r != S6NET_ACCESSRULES_NOTFOUND) return r ; - } - return S6NET_ACCESSRULES_NOTFOUND ; -} diff --git a/src/libs6net/s6net_accessrules_keycheck_reversedns.c b/src/libs6net/s6net_accessrules_keycheck_reversedns.c deleted file mode 100644 index f4c0213..0000000 --- a/src/libs6net/s6net_accessrules_keycheck_reversedns.c +++ /dev/null @@ -1,27 +0,0 @@ -/* ISC license. */ - -#include <errno.h> -#include <skalibs/bytestr.h> -#include <s6-networking/accessrules.h> - -s6net_accessrules_result_t s6net_accessrules_keycheck_reversedns (void const *key, void *data, s6net_accessrules_params_t *params, s6net_accessrules_backend_func_t_ref check1) -{ - char const *name = key ; - unsigned int len = str_len(name) ; - if (!len) return (errno = EINVAL, S6NET_ACCESSRULES_ERROR) ; - if (name[len-1] == '.') len-- ; - { - unsigned int i = 0 ; - char tmp[len + 11] ; - byte_copy(tmp, 11, "reversedns/") ; - while (i < len) - { - register s6net_accessrules_result_t r ; - byte_copy(tmp+11, len-i, name+i) ; - r = (*check1)(tmp, 11+len-i, data, params) ; - if (r != S6NET_ACCESSRULES_NOTFOUND) return r ; - i += byte_chr(name+i, len-i, '.') + 1 ; - } - } - return (*check1)("reversedns/@", 12, data, params) ; -} diff --git a/src/libs6net/s6net_accessrules_keycheck_uidgid.c b/src/libs6net/s6net_accessrules_keycheck_uidgid.c deleted file mode 100644 index a7e2200..0000000 --- a/src/libs6net/s6net_accessrules_keycheck_uidgid.c +++ /dev/null @@ -1,16 +0,0 @@ -/* ISC license. */ - -#include <skalibs/uint.h> -#include <skalibs/diuint.h> -#include <s6-networking/accessrules.h> - -s6net_accessrules_result_t s6net_accessrules_keycheck_uidgid (void const *key, void *data, s6net_accessrules_params_t *params, s6net_accessrules_backend_func_t_ref check1) -{ - char fmt[4 + UINT_FMT] = "uid/" ; - register s6net_accessrules_result_t r = (*check1)(fmt, 4 + uint_fmt(fmt+4, ((diuint const *)key)->left), data, params) ; - if (r != S6NET_ACCESSRULES_NOTFOUND) return r ; - fmt[0] = 'g' ; - r = (*check1)(fmt, 4 + uint_fmt(fmt+4, ((diuint const *)key)->right), data, params) ; - return (r != S6NET_ACCESSRULES_NOTFOUND) ? r : - (*check1)("uid/default", 11, data, params) ; -} diff --git a/src/libs6net/s6net_accessrules_uidgid_cdb.c b/src/libs6net/s6net_accessrules_uidgid_cdb.c deleted file mode 100644 index 1836389..0000000 --- a/src/libs6net/s6net_accessrules_uidgid_cdb.c +++ /dev/null @@ -1,11 +0,0 @@ -/* ISC license. */ - -#include <skalibs/diuint.h> -#include <skalibs/cdb.h> -#include <s6-networking/accessrules.h> - -s6net_accessrules_result_t s6net_accessrules_uidgid_cdb (unsigned int uid, unsigned int gid, struct cdb *c, s6net_accessrules_params_t *params) -{ - diuint uidgid = { uid, gid } ; - return s6net_accessrules_keycheck_uidgid(&uidgid, c, params, &s6net_accessrules_backend_cdb) ; -} diff --git a/src/libs6net/s6net_accessrules_uidgid_fs.c b/src/libs6net/s6net_accessrules_uidgid_fs.c deleted file mode 100644 index db2e909..0000000 --- a/src/libs6net/s6net_accessrules_uidgid_fs.c +++ /dev/null @@ -1,10 +0,0 @@ -/* ISC license. */ - -#include <skalibs/diuint.h> -#include <s6-networking/accessrules.h> - -s6net_accessrules_result_t s6net_accessrules_uidgid_fs (unsigned int uid, unsigned int gid, char const *rulesdir, s6net_accessrules_params_t *params) -{ - diuint uidgid = { uid, gid } ; - return s6net_accessrules_keycheck_uidgid(&uidgid, (void *)rulesdir, params, &s6net_accessrules_backend_fs) ; -} |