summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLaurent Bercot <ska-skaware@skarnet.org>2021-07-23 10:04:22 +0000
committerLaurent Bercot <ska@appnovation.com>2021-07-23 10:04:22 +0000
commit260f1feffc8d48f1181929ce12a9f2cb65a2a5cb (patch)
treed9400ae6e0c7bd5117c8c266832e9ec7510daa9f
parent380757efd29c33ffefa8e0d1b8c2242278d034da (diff)
downloads6-networking-260f1feffc8d48f1181929ce12a9f2cb65a2a5cb.tar.xz
Prepare for 2.5.0.0; remove minidentd
Signed-off-by: Laurent Bercot <ska@appnovation.com>
-rw-r--r--INSTALL2
-rw-r--r--NEWS6
-rw-r--r--doc/index.html5
-rw-r--r--doc/libs6net/ident.html3
-rw-r--r--doc/minidentd.html84
-rw-r--r--doc/s6-ident-client.html2
-rw-r--r--doc/upgrade.html8
-rw-r--r--package/deps.mak5
-rw-r--r--package/info2
-rw-r--r--package/modes1
-rw-r--r--package/targets.mak12
-rwxr-xr-xsrc/minidentd/deps-exe/minidentd6
-rw-r--r--src/minidentd/mgetuid-default.c16
-rw-r--r--src/minidentd/mgetuid-linux.c184
-rw-r--r--src/minidentd/mgetuid.h12
-rw-r--r--src/minidentd/minidentd.c275
16 files changed, 21 insertions, 602 deletions
diff --git a/INSTALL b/INSTALL
index aa5ce8d..72b3ae6 100644
--- a/INSTALL
+++ b/INSTALL
@@ -6,7 +6,7 @@ Build Instructions
- A POSIX-compliant C development environment
- GNU make version 3.81 or later
- - skalibs version 2.10.0.3 or later: https://skarnet.org/software/skalibs/
+ - skalibs version 2.11.0.0 or later: https://skarnet.org/software/skalibs/
- Optional (but recommended): execline version 2.8.0.1 or later: https://skarnet.org/software/execline/
- s6 version 2.10.0.3 or later: https://skarnet.org/software/s6/
- s6-dns version 2.3.5.1 or later: https://skarnet.org/software/s6-dns/
diff --git a/NEWS b/NEWS
index 0aa7b52..04b4eb6 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,11 @@
Changelog for s6-networking.
+In 2.5.0.0
+----------
+
+ - minidentd has been removed
+
+
In 2.4.2.0
----------
diff --git a/doc/index.html b/doc/index.html
index be03d73..9da2ca0 100644
--- a/doc/index.html
+++ b/doc/index.html
@@ -55,7 +55,7 @@ as extensions to the s6 ecosystem.
<li> A POSIX-compliant system with a standard C development environment </li>
<li> GNU make, version 3.81 or later </li>
<li> <a href="//skarnet.org/software/skalibs/">skalibs</a> version
-2.10.0.3 or later. It's a build-time requirement. It's also a run-time
+2.11.0.0 or later. It's a build-time requirement. It's also a run-time
requirement if you link against the shared version of the skalibs
library. </li>
<li> (Optional, but recommended) <a href="//skarnet.org/software/execline/">execline</a> version
@@ -91,7 +91,7 @@ run-time requirement if you link against its shared version. </li>
<ul>
<li> The current released version of s6-networking is
-<a href="s6-networking-2.4.2.0.tar.gz">2.4.2.0</a>. </li>
+<a href="s6-networking-2.5.0.0.tar.gz">2.5.0.0</a>. </li>
<li> Alternatively, you can checkout a copy of the
<a href="//git.skarnet.org/cgi-bin/cgit.cgi/s6-networking/">s6-networking
git repository</a>:
@@ -175,7 +175,6 @@ relevant page.
<ul>
<li><a href="s6-ident-client.html">The <tt>s6-ident-client</tt> program</a></li>
-<li><a href="minidentd.html">The <tt>minidentd</tt> program</a></li>
</ul>
<h4> Miscellaneous utilities </h4>
diff --git a/doc/libs6net/ident.html b/doc/libs6net/ident.html
index 0b6a9c5..c8b4b2a 100644
--- a/doc/libs6net/ident.html
+++ b/doc/libs6net/ident.html
@@ -32,8 +32,7 @@ and implemented in the <tt>libs6net.a</tt> or <tt>libs6net.so</tt> library.
<p>
Please note that this protocol is of historical interest exclusively;
-this client, as well as the <a href="../minidentd.html">minidentd</a>
-server, is only provided for convenience and interoperability with
+this client is only provided for convenience and interoperability with
legacy systems. The IDENT protocol absolutely cannot be relied on for
any kind of authentication or secure operation.
</p>
diff --git a/doc/minidentd.html b/doc/minidentd.html
deleted file mode 100644
index d1fb546..0000000
--- a/doc/minidentd.html
+++ /dev/null
@@ -1,84 +0,0 @@
-<html>
- <head>
- <meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
- <meta http-equiv="Content-Language" content="en" />
- <title>s6-networking: the minidentd program</title>
- <meta name="Description" content="s6-networking: the minidentd program" />
- <meta name="Keywords" content="s6-networking minidentd identd ident server rfc 1413" />
- <!-- <link rel="stylesheet" type="text/css" href="//skarnet.org/default.css" /> -->
- </head>
-<body>
-
-<p>
-<a href="index.html">s6-networking</a><br />
-<a href="//skarnet.org/software/">Software</a><br />
-<a href="//skarnet.org/">skarnet.org</a>
-</p>
-
-<h1> The <tt>minidentd</tt> program </h1>
-
-<p>
-<tt>minidentd</tt> is a small
-<a href="https://cr.yp.to/proto/ucspi.txt">UCSPI</a> server application
-that answers IDENT requests.
-</p>
-
-<h2> Interface </h2>
-
-<pre>
- minidentd [ -v ] [ -n | -i | -r ] [ -y <em>file</em> ] [ -t <em>timeout</em> ]
-</pre>
-
-<p>
-<tt>minidentd</tt> reads a series of IDENT requests on stdin and answers
-them on stdout. It logs what it's doing on stderr. The environment
-variables <em>x</em>LOCALIP and <em>x</em>REMOTEIP, where <em>x</em> is
-the value of the PROTO environment variable, must contain the IDENT
-server address and the IDENT client address, respectively.
-</p>
-
-<p>
- minidentd exits 0 on success, 100 on a usage error and 111 on a system
-call failure.
-</p>
-
-<p>
- minidentd does not contact the network directly. It's meant to
-run under a super-server like
-<a href="s6-tcpserver.html">s6-tcpserver</a>. minidentd will
-work with IPv4 as well as IPv6.
-</p>
-
-<h2> Options </h2>
-
-<ul>
- <li> <tt>-v</tt>&nbsp;: verbose mode. Log queries and replies. </li>
- <li> <tt>-n</tt>&nbsp;: send ERROR&nbsp;:&nbsp;HIDDEN-USER replies if
-the user has a <tt>.ident</tt> file in their home directory. </li>
- <li> <tt>-i</tt>&nbsp;: user-defined answers. The first 14 chars of the
-user's <tt>.ident</tt> file, up to EOF or newline, are used instead of
-the user name. If the file exists and is empty, send
-ERROR&nbsp;:&nbsp;HIDDEN-USER. If it doesn't exist, send a normal reply. </li>
- <li> <tt>-r</tt>&nbsp;: send random replies. </li>
- <li> <tt>-y&nbsp;<em>file</em></tt>&nbsp;: valid with <tt>-n</tt> or <tt>-i</tt>.
-Use <em>file</em> instead of <tt>.ident</tt>. </li>
- <li> <tt>-t&nbsp;<em>timeout</em></tt>&nbsp;: close connection after
-<em>timeout</em> milliseconds without a client request. </li>
-</ul>
-
-<h2> Notes </h2>
-
-<ul>
- <li> minidentd works only under Linux (2.2 or later);
-on other systems, it will compile and run, but report an error for every
-request.
-The problem is that <em>there is no portable Unix way</em> of listing active
-outgoing TCP connections with the relevant uids. On Linux, minidentd parses
-the <tt>/proc/net/tcp</tt> or <tt>/proc/net/tcp6</tt> virtual file. Other
-systems have their own way of doing this, if you want your system to be
-supported by minidentd, please contact the author. </li>
-</ul>
-
-</body>
-</html>
diff --git a/doc/s6-ident-client.html b/doc/s6-ident-client.html
index ed44479..9a7d8be 100644
--- a/doc/s6-ident-client.html
+++ b/doc/s6-ident-client.html
@@ -5,7 +5,7 @@
<meta http-equiv="Content-Language" content="en" />
<title>s6-networking: the s6-ident-client program</title>
<meta name="Description" content="s6-networking: the s6-ident-client program" />
- <meta name="Keywords" content="s6-networking minidentd identd ident client rfc 1413" />
+ <meta name="Keywords" content="s6-networking identd ident client rfc 1413" />
<!-- <link rel="stylesheet" type="text/css" href="//skarnet.org/default.css" /> -->
</head>
<body>
diff --git a/doc/upgrade.html b/doc/upgrade.html
index f174e74..af9f7e6 100644
--- a/doc/upgrade.html
+++ b/doc/upgrade.html
@@ -18,6 +18,14 @@
<h1> What has changed in s6-networking </h1>
+<h2> in 2.5.0.0 </h2>
+
+<ul>
+ <li> <a href="//skarnet.org/software/skalibs/">skalibs</a>
+dependency bumped to 2.11.0.0 </li>
+ <li> The obsolete <tt>minidentd</tt> program has been removed. </li>
+</ul>
+
<h2> in 2.4.2.0 </h2>
<ul>
diff --git a/package/deps.mak b/package/deps.mak
index 030f842..8776328 100644
--- a/package/deps.mak
+++ b/package/deps.mak
@@ -24,9 +24,6 @@ src/libs6net/s6net_ident_client.o src/libs6net/s6net_ident_client.lo: src/libs6n
src/libs6net/s6net_ident_error.o src/libs6net/s6net_ident_error.lo: src/libs6net/s6net_ident_error.c src/include/s6-networking/ident.h
src/libs6net/s6net_ident_reply_get.o src/libs6net/s6net_ident_reply_get.lo: src/libs6net/s6net_ident_reply_get.c src/include/s6-networking/ident.h
src/libs6net/s6net_ident_reply_parse.o src/libs6net/s6net_ident_reply_parse.lo: src/libs6net/s6net_ident_reply_parse.c src/include/s6-networking/ident.h
-src/minidentd/mgetuid-default.o src/minidentd/mgetuid-default.lo: src/minidentd/mgetuid-default.c src/minidentd/mgetuid.h
-src/minidentd/mgetuid-linux.o src/minidentd/mgetuid-linux.lo: src/minidentd/mgetuid-linux.c src/minidentd/mgetuid.h
-src/minidentd/minidentd.o src/minidentd/minidentd.lo: src/minidentd/minidentd.c src/minidentd/mgetuid.h
src/sbearssl/sbearssl_append.o src/sbearssl/sbearssl_append.lo: src/sbearssl/sbearssl_append.c src/sbearssl/sbearssl-internal.h
src/sbearssl/sbearssl_cert_from.o src/sbearssl/sbearssl_cert_from.lo: src/sbearssl/sbearssl_cert_from.c src/include/s6-networking/sbearssl.h
src/sbearssl/sbearssl_cert_readbigpem.o src/sbearssl/sbearssl_cert_readbigpem.lo: src/sbearssl/sbearssl_cert_readbigpem.c src/include/s6-networking/sbearssl.h
@@ -142,8 +139,6 @@ libs6net.a.xyzzy: src/libs6net/s6net_ident_client.lo src/libs6net/s6net_ident_re
endif
libs6net.so.xyzzy: EXTRA_LIBS := -lskarnet
libs6net.so.xyzzy: src/libs6net/s6net_ident_client.lo src/libs6net/s6net_ident_reply_get.lo src/libs6net/s6net_ident_reply_parse.lo src/libs6net/s6net_ident_error.lo
-minidentd: EXTRA_LIBS := -lskarnet ${MAYBEPTHREAD_LIB} ${SOCKET_LIB} ${SYSCLOCK_LIB}
-minidentd: src/minidentd/minidentd.o src/minidentd/mgetuid.o ${LIBNSSS}
ifeq ($(strip $(STATIC_LIBS_ARE_PIC)),)
libsbearssl.a.xyzzy: src/sbearssl/sbearssl_append.o src/sbearssl/sbearssl_cert_from.o src/sbearssl/sbearssl_cert_readbigpem.o src/sbearssl/sbearssl_cert_readfile.o src/sbearssl/sbearssl_cert_to.o src/sbearssl/sbearssl_choose_algos_ec.o src/sbearssl/sbearssl_choose_algos_rsa.o src/sbearssl/sbearssl_choose_hash.o src/sbearssl/sbearssl_client_init_and_run.o src/sbearssl/sbearssl_drop.o src/sbearssl/sbearssl_ec_issuer_keytype.o src/sbearssl/sbearssl_ec_pkey_from.o src/sbearssl/sbearssl_ec_pkey_to.o src/sbearssl/sbearssl_ec_skey_from.o src/sbearssl/sbearssl_ec_skey_to.o src/sbearssl/sbearssl_error_str.o src/sbearssl/sbearssl_get_keycert.o src/sbearssl/sbearssl_get_tas.o src/sbearssl/sbearssl_isder.o src/sbearssl/sbearssl_pem_decode_from_buffer.o src/sbearssl/sbearssl_pem_decode_from_string.o src/sbearssl/sbearssl_pem_push.o src/sbearssl/sbearssl_pkey_from.o src/sbearssl/sbearssl_pkey_to.o src/sbearssl/sbearssl_rsa_pkey_from.o src/sbearssl/sbearssl_rsa_pkey_to.o src/sbearssl/sbearssl_rsa_skey_from.o src/sbearssl/sbearssl_rsa_skey_to.o src/sbearssl/sbearssl_run.o src/sbearssl/sbearssl_sctx_init_full_generic.o src/sbearssl/sbearssl_sctx_set_policy_sni.o src/sbearssl/sbearssl_send_environment.o src/sbearssl/sbearssl_server_init_and_run.o src/sbearssl/sbearssl_skey_from.o src/sbearssl/sbearssl_skey_readfile.o src/sbearssl/sbearssl_skey_storagelen.o src/sbearssl/sbearssl_skey_to.o src/sbearssl/sbearssl_skey_wipe.o src/sbearssl/sbearssl_sni_policy_add_keypair_file.o src/sbearssl/sbearssl_sni_policy_init.o src/sbearssl/sbearssl_sni_policy_nkeypairs.o src/sbearssl/sbearssl_sni_policy_vtable.o src/sbearssl/sbearssl_suite_bits.o src/sbearssl/sbearssl_suite_list.o src/sbearssl/sbearssl_suite_name.o src/sbearssl/sbearssl_ta_cert.o src/sbearssl/sbearssl_ta_certs.o src/sbearssl/sbearssl_ta_from.o src/sbearssl/sbearssl_ta_readdir.o src/sbearssl/sbearssl_ta_readfile.o src/sbearssl/sbearssl_ta_to.o src/sbearssl/sbearssl_x500_from_ta.o src/sbearssl/sbearssl_x500_name_len.o src/sbearssl/sbearssl_x509_minimal_set_tai.o src/sbearssl/sbearssl_x509_small_init_full.o src/sbearssl/sbearssl_x509_small_vtable.o
else
diff --git a/package/info b/package/info
index 342e4dd..f67528d 100644
--- a/package/info
+++ b/package/info
@@ -1,4 +1,4 @@
package=s6-networking
-version=2.4.2.0
+version=2.5.0.0
category=net
package_macro_name=S6_NETWORKING
diff --git a/package/modes b/package/modes
index 1bbc527..2327ea2 100644
--- a/package/modes
+++ b/package/modes
@@ -14,7 +14,6 @@ s6-clockview 0755
s6-sntpclock 0755
s6-taiclock 0755
s6-taiclockd 0755
-minidentd 0755
s6-tlsclient 0755
s6-tlsc 0755
s6-tlsc-io 0755
diff --git a/package/targets.mak b/package/targets.mak
index 474ea2d..4fa79dc 100644
--- a/package/targets.mak
+++ b/package/targets.mak
@@ -14,22 +14,12 @@ s6-clockadd \
s6-clockview \
s6-sntpclock \
s6-taiclock \
-s6-taiclockd \
-minidentd
+s6-taiclockd
LIBEXEC_TARGETS :=
LIB_DEFS := S6NET=s6net
-EXTRA_TARGETS := src/minidentd/mgetuid.c
-
-src/minidentd/mgetuid.c: src/minidentd/mgetuid-linux.c src/minidentd/mgetuid-default.c
- @if grep -q -iF -- -linux $(sysdeps)/target 2>/dev/null ; then \
- ln -sf mgetuid-linux.c src/minidentd/mgetuid.c ; \
- else \
- ln -sf mgetuid-default.c src/minidentd/mgetuid.c ; \
- fi
-
ifneq ($(SSL_IMPL),)
BIN_TARGETS += s6-tlsclient s6-tlsc s6-tlsc-io s6-tlsserver s6-tlsd s6-tlsd-io s6-ucspitlsc s6-ucspitlsd
diff --git a/src/minidentd/deps-exe/minidentd b/src/minidentd/deps-exe/minidentd
deleted file mode 100755
index 572ca89..0000000
--- a/src/minidentd/deps-exe/minidentd
+++ /dev/null
@@ -1,6 +0,0 @@
-mgetuid.o
-${LIBNSSS}
--lskarnet
-${MAYBEPTHREAD_LIB}
-${SOCKET_LIB}
-${SYSCLOCK_LIB}
diff --git a/src/minidentd/mgetuid-default.c b/src/minidentd/mgetuid-default.c
deleted file mode 100644
index 5c9f1d2..0000000
--- a/src/minidentd/mgetuid-default.c
+++ /dev/null
@@ -1,16 +0,0 @@
-/* ISC license. */
-
-#include <sys/types.h>
-#include <stdint.h>
-#include <errno.h>
-#include <skalibs/ip46.h>
-#include "mgetuid.h"
-
-uid_t mgetuid (ip46_t const *localaddr, uint16_t localport, ip46_t const *remoteaddr, uint16_t remoteport)
-{
- (void)localaddr ;
- (void)localport ;
- (void)remoteaddr ;
- (void)remoteport ;
- return (errno = ENOSYS, -2) ;
-}
diff --git a/src/minidentd/mgetuid-linux.c b/src/minidentd/mgetuid-linux.c
deleted file mode 100644
index f374adf..0000000
--- a/src/minidentd/mgetuid-linux.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/* ISC license. */
-
-#include <sys/types.h>
-#include <string.h>
-#include <stdint.h>
-#include <skalibs/uint64.h>
-#include <skalibs/types.h>
-#include <skalibs/fmtscan.h>
-#include <skalibs/buffer.h>
-#include <skalibs/stralloc.h>
-#include <skalibs/djbunix.h>
-#include <skalibs/ip46.h>
-#include <skalibs/skamisc.h>
-#include "mgetuid.h"
-
-#ifdef DEBUG
-#include <skalibs/strerr2.h>
-#define bug(a) do { strerr_warn4x("bug parsing ", a, "remaining: ", cur) ; return 0 ; } while (0)
-#else
-#define bug(a) return 0
-#endif
-
-#define LINESIZE 256
-
-static int skipspace (char **s)
-{
- while (**s && ((**s == ' ') || (**s == '\t')))
- (*s)++ ;
- return (int)**s ;
-}
-
-static void reverse_address (char *s, size_t n)
-{
- size_t i = n >> 1 ;
- while (i--)
- {
- char tmp = s[i] ;
- s[i] = s[n-1-i] ;
- s[n-1-i] = tmp ;
- }
-}
-
-static int parseline (char *s, size_t len, uid_t *u, char *la, uint16_t *lp, char *ra, uint16_t *rp, int is6)
-{
- char *cur = s ;
- size_t pos ;
- uint64_t uu ;
- uint32_t junk ;
- unsigned int iplen = is6 ? 16 : 4 ;
-
- if (!skipspace(&cur)) bug("initial whitespace") ;
- pos = uint32_scan(cur, &junk) ; /* sl */
- if (!pos || (cur-s+1+pos) > len) bug("sl") ;
- cur += pos ;
- if ((*cur++) != ':') bug("sl:") ;
- if (!skipspace(&cur)) bug("sl: SPACE") ;
-
- if ((cur - s + 1 + iplen) > len) bug("local_address") ;
- pos = ucharn_scan(cur, la, iplen) ; /* local_address */
- reverse_address(la, iplen) ;
- if (!pos) bug("local_address") ;
- cur += pos ;
- if ((*cur++) != ':') bug("local_address:") ;
-
- pos = uint16_xscan(cur, lp) ; /* :port */
- if (!pos || (cur-s+pos) > len) bug("local_port") ;
- cur += pos ;
- if (!skipspace(&cur)) bug("local_port SPACE") ;
-
- if ((cur - s + 1 + iplen) > len) bug("remote_address") ;
- pos = ucharn_scan(cur, ra, iplen) ; /* remote_address */
- reverse_address(ra, iplen) ;
- if (!pos) bug("remote_address") ;
- cur += pos ;
- if ((*cur++) != ':') bug("remote_address:") ;
-
- pos = uint16_xscan(cur, rp) ; /* :port */
- if (!pos || (cur-s+pos) > len) bug("remote_port") ;
- cur += pos ;
- if (!skipspace(&cur)) bug("remote_port SPACE");
-
- pos = uint32_xscan(cur, &junk) ; /* st */
- if (!pos || (cur-s+pos) > len) bug("st") ;
- cur += pos ;
- if (!skipspace(&cur)) bug("st SPACE") ;
- pos = uint32_xscan(cur, &junk) ; /* tx_queue */
- if (!pos || (cur-s+1+pos) > len) bug("tx_queue") ;
- cur += pos ;
- if ((*cur++) != ':') bug("tx_queue:") ;
- pos = uint32_xscan(cur, &junk) ; /* rx_queue */
- if (!pos || (cur-s+pos) > len) bug("rx_queue") ;
- cur += pos ;
- if (!skipspace(&cur)) bug("rx_queue SPACE") ;
- pos = uint32_xscan(cur, &junk) ; /* tr */
- if (!pos || (cur-s+1+pos) > len) bug("tr") ;
- cur += pos ;
- if ((*cur++) != ':') bug("tr:") ;
- pos = uint32_xscan(cur, &junk) ; /* tm->when */
- if (!pos || (cur-s+pos) > len) bug("tm->when") ;
- cur += pos ;
- if (!skipspace(&cur)) bug("tm->when SPACE") ;
- pos = uint32_xscan(cur, &junk) ; /* retrnsmt */
- if (!pos || (cur-s+pos) > len) bug("retrnsmt") ;
- cur += pos ;
-
- if (!skipspace(&cur)) bug("retrnsmt SPACE") ;
- pos = uint64_scan(cur, &uu) ; /* uid */
- if (!pos || (cur-s+1+pos) > len) bug("uid") ;
- *u = uu ;
- return 1 ;
-}
-
-#ifdef DEBUG
-
-static void debuglog (uint16_t a, uint16_t b, unsigned int c, char const *d, char const *e, int is6)
-{
- char sa[UINT16_FMT] ;
- char sb[UINT16_FMT] ;
- char sc[UINT_FMT] ;
- char sd[IP46_FMT] ;
- char se[IP46_FMT] ;
-
- sa[uint16_fmt(sa, a)] = 0 ;
- sb[uint16_fmt(sb, b)] = 0 ;
- sc[uint_fmt(sc, c)] = 0 ;
- sd[is6 ? ip6_fmt(sd, d) : ip4_fmt(sd, d)] = 0 ;
- se[is6 ? ip6_fmt(se, e) : ip4_fmt(se, e)] = 0 ;
-
- buffer_puts(buffer_2, sd) ;
- buffer_puts(buffer_2, ":") ;
- buffer_puts(buffer_2, sa) ;
- buffer_puts(buffer_2, " , ") ;
- buffer_puts(buffer_2, se) ;
- buffer_puts(buffer_2, ":") ;
- buffer_puts(buffer_2, sb) ;
- buffer_puts(buffer_2, " -> ") ;
- buffer_puts(buffer_2, sc) ;
- buffer_putsflush(buffer_2, "\n") ;
-}
-
-#endif
-
-uid_t mgetuid (ip46_t const *localaddr, uint16_t localport, ip46_t const *remoteaddr, uint16_t remoteport)
-{
- int r ;
- uid_t u = -2 ;
- stralloc line = STRALLOC_ZERO ;
- buffer b ;
- char y[BUFFER_INSIZE] ;
- int is6 = ip46_is6(localaddr) ;
- int fd = open_readb(is6 ? "/proc/net/tcp6" : "/proc/net/tcp") ;
- if (fd == -1) return -2 ;
- buffer_init(&b, &buffer_read, fd, y, BUFFER_INSIZE_SMALL) ;
- if (skagetln(&b, &line, '\n') < 1) goto err ;
-#ifdef DEBUG
- line.s[line.len-1] = 0 ;
- debuglog(localport, remoteport, 65535, localaddr->ip, remoteaddr->ip, is6) ;
-#endif
- for (;;)
- {
- char la[16] ;
- char ra[16] ;
- uid_t nu ;
- uint16_t lp, rp ;
- line.len = 0 ;
- r = skagetln(&b, &line, '\n') ;
- if (r <= 0) { u = -1 ; break ; }
- line.s[line.len-1] = 0 ;
- if (!parseline(line.s, line.len, &nu, la, &lp, ra, &rp, is6)) break ;
-#ifdef DEBUG
- debuglog(lp, rp, nu, la, ra, is6) ;
-#endif
- if ((lp == localport) && (rp == remoteport)
- && !memcmp(la, localaddr->ip, is6 ? 16 : 4)
- && !memcmp(ra, remoteaddr->ip, is6 ? 16 : 4))
- {
- u = nu ; break ;
- }
- }
- stralloc_free(&line) ;
- err:
- fd_close(fd) ;
- return u ;
-}
diff --git a/src/minidentd/mgetuid.h b/src/minidentd/mgetuid.h
deleted file mode 100644
index 4b882e4..0000000
--- a/src/minidentd/mgetuid.h
+++ /dev/null
@@ -1,12 +0,0 @@
-/* ISC license. */
-
-#ifndef MGETUID_H
-#define MGETUID_H
-
-#include <sys/types.h>
-#include <stdint.h>
-#include <skalibs/ip46.h>
-
-extern uid_t mgetuid (ip46_t const *, uint16_t, ip46_t const *, uint16_t) ;
-
-#endif
diff --git a/src/minidentd/minidentd.c b/src/minidentd/minidentd.c
deleted file mode 100644
index a5115b7..0000000
--- a/src/minidentd/minidentd.c
+++ /dev/null
@@ -1,275 +0,0 @@
-/* ISC license. */
-
-#include <string.h>
-#include <stdint.h>
-#include <unistd.h>
-#include <errno.h>
-#include <pwd.h>
-
-#include <skalibs/types.h>
-#include <skalibs/allreadwrite.h>
-#include <skalibs/bytestr.h>
-#include <skalibs/fmtscan.h>
-#include <skalibs/buffer.h>
-#include <skalibs/strerr2.h>
-#include <skalibs/stralloc.h>
-#include <skalibs/env.h>
-#include <skalibs/djbunix.h>
-#include <skalibs/sgetopt.h>
-#include <skalibs/tai.h>
-#include <skalibs/random.h>
-#include <skalibs/unix-timed.h>
-
-#include "mgetuid.h"
-
-#define USAGE "minidentd [ -v ] [ -n | -i | -r ] [ -y file ] [ -t timeout ]"
-#define dieusage() strerr_dieusage(100, USAGE)
-
-
-static int how = 0 ;
-static int flagverbose = 0 ;
-static char const *userfile = ".ident" ;
-
-static tain_t deadline ;
-static unsigned int nquery = 0 ;
-static char logfmt[UINT_FMT] ;
-
-#define godecimal(s) while (*(s) && !strchr("0123456789", *(s))) (s)++
-
-static int parseline (char const *s, uint16_t *localport, uint16_t *remoteport)
-{
- size_t pos ;
- godecimal(s) ;
- if (!*s) return 0 ;
- pos = uint16_scan(s, localport) ;
- if (!pos) return 0 ;
- s += pos ;
- if (!*s) return 0 ;
- s += str_chr(s, ',') ;
- if (*s) s++ ;
- godecimal(s) ;
- if (!*s) return 0 ;
- if (!uint16_scan(s, remoteport)) return 0 ;
- return 1 ;
-}
-
-static void formatlr (char *s, uint16_t lp, uint16_t rp)
-{
- s += uint16_fmt(s, lp) ;
- *s++ = ',' ;
- *s++ = ' ' ;
- s += uint16_fmt(s, rp) ;
- *s = 0 ;
-}
-
-static void reply (char const *s, char const *r, char const *info)
-{
- buffer_puts(buffer_1small, s) ;
- buffer_put(buffer_1small, " : ", 3) ;
- buffer_puts(buffer_1small, r) ;
- buffer_put(buffer_1small, " : ", 3) ;
- buffer_puts(buffer_1small, info) ;
- buffer_put(buffer_1small, "\r\n", 2) ;
- if (!buffer_timed_flush_g(buffer_1small, &deadline))
- strerr_diefu1sys(111, "write to stdout") ;
-}
-
-static void logquery (char const *s)
-{
- if (!flagverbose) return ;
- buffer_puts(buffer_2, PROG) ;
- buffer_puts(buffer_2, ": info : query ") ;
- logfmt[uint_fmt(logfmt, ++nquery)] = 0 ;
- buffer_puts(buffer_2, logfmt) ;
- buffer_put(buffer_2, ": ", 2) ;
- buffer_puts(buffer_2, s) ;
- buffer_putflush(buffer_2, "\n", 1) ;
-}
-
-static void logreply (char const *type, char const *reply1, char const *reply2)
-{
- if (!flagverbose) return ;
- buffer_puts(buffer_2, PROG) ;
- buffer_puts(buffer_2, ": info: reply type ") ;
- buffer_puts(buffer_2, type) ;
- buffer_put(buffer_2, ": ", 2) ;
- buffer_puts(buffer_2, logfmt) ;
- buffer_put(buffer_2, ": ", 2) ;
- buffer_puts(buffer_2, reply1) ;
- buffer_put(buffer_2, ": ", 2) ;
- buffer_puts(buffer_2, reply2) ;
- buffer_putflush(buffer_2, "\n", 1) ;
-}
-
-static int userident (char *s, char const *home)
-{
- int fd ;
- size_t r = 1 ;
- {
- size_t homelen = strlen(home) ;
- size_t userlen = strlen(userfile) ;
- char tmp[homelen + userlen + 2] ;
- memcpy(tmp, home, homelen) ;
- tmp[homelen] = '/' ;
- memcpy(tmp + homelen + 1, userfile, userlen + 1) ;
- fd = open_readb(tmp) ;
- }
- if (fd == -1) return (errno != ENOENT) ? -1 : 0 ;
- if (how == 1)
- {
- fd_close(fd) ;
- return 1 ;
- }
- r = allread(fd, s, 14) ;
- fd_close(fd) ;
- if (!r) return 1 ;
- s[r] = 0 ;
- s[byte_chr(s, r, '\n')] = 0 ;
- return 2 ;
-}
-
-
-static void doit (char const *s, ip46_t const *localaddr, ip46_t const *remoteaddr)
-{
- char lr[15] ;
- uint16_t localport, remoteport ;
- struct passwd *pw ;
- uid_t uid ;
- if (!parseline(s, &localport, &remoteport))
- {
- reply("0, 0", "ERROR", "INVALID-PORT") ;
- return ;
- }
- formatlr(lr, localport, remoteport) ;
- logquery(lr) ;
-
- uid = mgetuid(localaddr, localport, remoteaddr, remoteport) ;
- if (uid == -2)
- {
- strerr_warnwu1sys("get uid") ;
- reply(lr, "ERROR", "UNKNOWN-ERROR") ;
- return ;
- }
- else if (uid == -1)
- {
- reply(lr, "ERROR", "NO-USER") ;
- logreply("error", "ERROR", "NO-USER") ;
- return ;
- }
-
- if (how == 3)
- {
- char name[9] ;
- char fmt[4 + UINT_FMT] = "uid " ;
- fmt[4 + uint_fmt(fmt+4, uid)] = 0 ;
- random_name(name, 8) ;
- reply(lr, "UNIX", name) ;
- logreply("random", fmt, name) ;
- return ;
- }
-
- pw = getpwuid(uid) ;
- if (!pw)
- {
- char fmt[UINT_FMT] ;
- fmt[uint_fmt(fmt, uid)] = 0 ;
- strerr_warnw2x("unknown uid ", fmt) ;
- reply(lr, "ERROR", "UNKNOWN-ERROR") ;
- return ;
- }
-
- if (how)
- {
- char s[15] ;
- int r = userident(s, pw->pw_dir) ;
- if ((how == 1) || (r == 1))
- {
- reply(lr, "ERROR", "HIDDEN-USER") ;
- logreply("user", "ERROR", "HIDDEN-USER") ;
- return ;
- }
- else if (r == 2)
- {
- reply(lr, "USERID : UNIX", s) ;
- logreply("user", "UNIX", s) ;
- return ;
- }
- }
-
- reply(lr, "USERID : UNIX", pw->pw_name) ;
- logreply("user", "UNIX", pw->pw_name) ;
-}
-
-
-int main (int argc, char const *const *argv, char const *const *envp)
-{
- stralloc line = STRALLOC_ZERO ;
- tain_t tto ;
- ip46_t localaddr, remoteaddr ;
- PROG = "minidentd" ;
-
- {
- subgetopt_t l = SUBGETOPT_ZERO ;
- unsigned int t = 0 ;
- for (;;)
- {
- int opt = subgetopt_r(argc, argv, "vniry:t:", &l) ;
- if (opt == -1) break ;
- switch (opt)
- {
- case 'v' : flagverbose = 1 ; break ;
- case 'n' : how = 1 ; break ;
- case 'i' : how = 2 ; break ;
- case 'r' : how = 3 ; break ;
- case 'y' : userfile = l.arg ; break ;
- case 't' : if (!uint0_scan(l.arg, &t)) dieusage() ; break ;
- default : dieusage() ;
- }
- }
- if (t) tain_from_millisecs(&tto, t) ; else tto = tain_infinite_relative ;
- argc -= l.ind ; argv += l.ind ;
- }
-
- {
- char const *proto = env_get2(envp, "PROTO") ;
- if (!proto) strerr_dienotset(100, "PROTO") ;
- {
- char const *x ;
- size_t protolen = strlen(proto) ;
- char tmp[protolen + 9] ;
- memcpy(tmp, proto, protolen) ;
- memcpy(tmp + protolen, "LOCALIP", 8) ;
- x = env_get2(envp, tmp) ;
- if (!x) strerr_dienotset(100, tmp) ;
- if (!ip46_scan(x, &localaddr)) strerr_dieinvalid(100, tmp) ;
- memcpy(tmp + protolen, "REMOTEIP", 9) ;
- x = env_get2(envp, tmp) ;
- if (!x) strerr_dienotset(100, tmp) ;
- if (!ip46_scan(x, &remoteaddr)) strerr_dieinvalid(100, tmp) ;
- }
- }
-
- if (ip46_is6(&localaddr) != ip46_is6(&remoteaddr))
- strerr_dief1x(100, "local and remote address not of the same family") ;
- if (!random_init())
- strerr_diefu1sys(111, "init random generator") ;
-
- tain_now_set_stopwatch_g() ;
-
- for (;;)
- {
- int r ;
- line.len = 0 ;
- tain_add_g(&deadline, &tto) ;
- r = timed_getln_g(buffer_0small, &line, '\n', &deadline) ;
- if (r == -1)
- {
- if (errno == ETIMEDOUT || errno == ECONNRESET) return 1 ;
- else strerr_diefu1sys(111, "read from stdin") ;
- }
- if (!r) break ;
- line.s[line.len - 1] = 0 ;
- doit(line.s, &localaddr, &remoteaddr) ;
- }
- return 0 ;
-}