39struct port_share *port_share = NULL;
42#define PROXY_CONNECTION_BUFFER_SIZE 1500
45#define COMMAND_REDIRECT 10
46#define COMMAND_EXIT 11
49#define RESPONSE_INIT_SUCCEEDED 20
50#define RESPONSE_INIT_FAILED 21
56#define IOSTAT_EAGAIN_ON_READ 0
57#define IOSTAT_EAGAIN_ON_WRITE 1
58#define IOSTAT_READ_ERROR 2
59#define IOSTAT_WRITE_ERROR 3
66struct proxy_connection
69 struct proxy_connection *next;
70 struct proxy_connection *counterpart;
113 for (
i = 3;
i <= 100; ++
i)
147 if (size ==
sizeof(
c))
162 if (size ==
sizeof(
c))
199 head ?
BLEN(head) : -1);
205 iov[0].iov_base = &cmd;
206 iov[0].iov_len =
sizeof(cmd);
211 iov[1].iov_base =
BPTR(head);
212 iov[1].iov_len =
BLEN(head);
218 mesg.msg_controllen = cmsg_size();
219 mesg.msg_control = (
char *)malloc(mesg.msg_controllen);
223 h = CMSG_FIRSTHDR(&mesg);
224 h->cmsg_level = SOL_SOCKET;
225 h->cmsg_type = SCM_RIGHTS;
230 memcpy(CMSG_DATA(h), &sd_send,
sizeof(sd_send));
234 socketpair(PF_UNIX, SOCK_DGRAM, 0, sd_null);
235 memcpy(CMSG_DATA(h), &sd_null[0],
sizeof(sd_null[0]));
242 "PORT SHARE: sendmsg failed -- unable to communicate with background process (%d,%d,%d,%d)",
243 sd, sd_send, sd_null[0], sd_null[1]);
246 close_socket_if_defined(sd_null[0]);
247 close_socket_if_defined(sd_null[1]);
248 free(mesg.msg_control);
253proxy_entry_close_sd(
struct proxy_connection *pc,
struct event_set *
es)
271proxy_entry_mark_for_close(
struct proxy_connection *pc,
struct event_set *
es)
275 struct proxy_connection *cp = pc->counterpart;
276 proxy_entry_close_sd(pc,
es);
278 pc->buffer_initial =
false;
287 if (cp && cp->defined && cp->counterpart == pc)
289 proxy_entry_mark_for_close(cp,
es);
299proxy_list_housekeeping(
struct proxy_connection **list)
303 struct proxy_connection *prev = NULL;
304 struct proxy_connection *pc = *list;
308 struct proxy_connection *next = pc->next;
335journal_add(
const char *journal_dir,
struct proxy_connection *pc,
struct proxy_connection *cp)
339 socklen_t slen =
sizeof(from.addr);
340 socklen_t dlen =
sizeof(to.addr);
341 if (!getpeername(pc->sd, (
struct sockaddr *)&from.addr.sa, &slen)
342 && !getsockname(cp->sd, (
struct sockaddr *)&to.addr.sa, &dlen))
347 size_t fnlen = strlen(journal_dir) + strlen(t) + 2;
348 char *jfn = (
char *)malloc(fnlen);
350 snprintf(jfn, fnlen,
"%s/%s", journal_dir, t);
352 int fd =
platform_open(jfn, O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR | S_IWUSR | S_IRGRP);
355 if (
write(fd, f, strlen(f)) != strlen(f))
357 msg(
M_WARN,
"PORT SHARE: writing to journal file (%s) failed", jfn);
364 msg(
M_WARN |
M_ERRNO,
"PORT SHARE: unable to write journal file in %s", jfn);
375proxy_list_close(
struct proxy_connection **
list)
379 struct proxy_connection *pc = *list;
382 proxy_entry_mark_for_close(pc, NULL);
385 proxy_list_housekeeping(list);
390proxy_connection_io_requeue(
struct proxy_connection *pc,
const unsigned int rwflags_new,
398 pc->rwflags = rwflags_new;
410proxy_entry_new(
struct proxy_connection **list,
struct event_set *
es,
412 struct buffer *initial_data,
const char *journal_dir)
416 struct proxy_connection *pc;
417 struct proxy_connection *cp;
420 if ((sd_server = socket(server_addr.
addr.
sa.sa_family, SOCK_STREAM, IPPROTO_TCP)) < 0)
428 msg(
M_WARN,
"PORT SHARE PROXY: connect to port-share server failed");
444 pc->counterpart = cp;
445 pc->buf = *initial_data;
446 pc->buffer_initial =
true;
453 cp->counterpart = pc;
454 cp->buf =
alloc_buf(PROXY_CONNECTION_BUFFER_SIZE);
455 cp->buffer_initial =
false;
465 journal_add(journal_dir, pc, cp);
485control_message_from_parent(
const socket_descriptor_t sd_control,
struct proxy_connection **list,
487 const int max_initial_buf,
const char *journal_dir)
502 iov[0].iov_base = &command;
503 iov[0].iov_len =
sizeof(command);
504 iov[1].iov_base =
BPTR(&buf);
505 iov[1].iov_len =
BCAP(&buf);
509 mesg.msg_controllen = cmsg_size();
510 mesg.msg_control = (
char *)malloc(mesg.msg_controllen);
514 h = CMSG_FIRSTHDR(&mesg);
516 h->cmsg_level = SOL_SOCKET;
517 h->cmsg_type = SCM_RIGHTS;
519 memcpy(CMSG_DATA(h), &socket_undefined,
sizeof(socket_undefined));
525 || h->cmsg_level != SOL_SOCKET || h->cmsg_type != SCM_RIGHTS)
527 msg(
M_WARN,
"PORT SHARE PROXY: received unknown message");
532 memcpy(&received_fd, CMSG_DATA(h),
sizeof(received_fd));
535 if (
status >= 2 && command == COMMAND_REDIRECT)
538 if (proxy_entry_new(list,
es, server_addr, received_fd, &buf, journal_dir))
555 free(mesg.msg_control);
561proxy_connection_io_recv(
struct proxy_connection *pc)
567 return (errno == EAGAIN) ? IOSTAT_EAGAIN_ON_READ : IOSTAT_READ_ERROR;
573 return IOSTAT_READ_ERROR;
576 pc->buf.len = (int)
status;
582proxy_connection_io_send(
struct proxy_connection *pc,
int *bytes_sent)
590 return (e == EAGAIN) ? IOSTAT_EAGAIN_ON_WRITE : IOSTAT_WRITE_ERROR;
594 *bytes_sent += (int)
status;
595 if (
status != pc->buf.len)
600 return IOSTAT_EAGAIN_ON_WRITE;
611 if (pc->buffer_initial)
614 pc->buf =
alloc_buf(PROXY_CONNECTION_BUFFER_SIZE);
615 pc->buffer_initial =
false;
625proxy_connection_io_xfer(
struct proxy_connection *pc,
const int max_transfer)
628 while (transferred < max_transfer)
632 const int status = proxy_connection_io_recv(pc);
633 if (
status != IOSTAT_GOOD)
641 const int status = proxy_connection_io_send(pc, &transferred);
642 if (
status != IOSTAT_GOOD)
648 return IOSTAT_EAGAIN_ON_READ;
655proxy_connection_io_status(
const int status,
unsigned int *rwflags_pc,
unsigned int *rwflags_cp)
659 case IOSTAT_EAGAIN_ON_READ:
661 *rwflags_cp &= ~EVENT_WRITE;
664 case IOSTAT_EAGAIN_ON_WRITE:
665 *rwflags_pc &= ~EVENT_READ;
669 case IOSTAT_READ_ERROR:
672 case IOSTAT_WRITE_ERROR:
686proxy_connection_io_dispatch(
struct proxy_connection *pc,
const unsigned int rwflags,
689 const int max_transfer_per_iteration = 10000;
690 struct proxy_connection *cp = pc->counterpart;
691 unsigned int rwflags_pc = pc->rwflags;
692 unsigned int rwflags_cp = cp->rwflags;
694 ASSERT(pc->defined && cp->defined && cp->counterpart == pc);
698 const int status = proxy_connection_io_xfer(pc, max_transfer_per_iteration);
699 if (!proxy_connection_io_status(
status, &rwflags_pc, &rwflags_cp))
706 const int status = proxy_connection_io_xfer(cp, max_transfer_per_iteration);
707 if (!proxy_connection_io_status(
status, &rwflags_cp, &rwflags_pc))
712 proxy_connection_io_requeue(pc, rwflags_pc,
es);
713 proxy_connection_io_requeue(cp, rwflags_cp,
es);
718 proxy_entry_mark_for_close(pc,
es);
727 const int max_initial_buf,
const char *journal_dir)
731 void *sd_control_marker = (
void *)1;
735 struct proxy_connection *list = NULL;
736 time_t last_housekeeping = 0;
752 current = time(NULL);
756 for (
i = 0;
i < n_events; ++
i)
759 if (e->
arg == sd_control_marker)
761 if (!control_message_from_parent(sd_control, &list,
es, hostaddr,
762 max_initial_buf, journal_dir))
769 struct proxy_connection *pc = (
struct proxy_connection *)e->
arg;
772 proxy_connection_io_dispatch(pc, e->
rwflags,
es);
777 else if (n_events < 0)
781 if (current > last_housekeeping)
783 proxy_list_housekeeping(&list);
784 last_housekeeping = current;
789 proxy_list_close(&list);
792 msg(
M_INFO,
"PORT SHARE PROXY: proxy exiting");
800port_share_open(
const char *host,
const char *port,
const int max_initial_buf,
801 const char *journal_dir)
806 struct port_share *ps;
811 ps->foreground_fd = -1;
812 ps->background_pid = -1;
821 ASSERT(
sizeof(hostaddr.
addr) >= ai->ai_addrlen);
822 memcpy(&hostaddr.
addr.
sa, ai->ai_addr, ai->ai_addrlen);
837 if (socketpair(PF_UNIX, SOCK_DGRAM, 0, fd) == -1)
839 msg(
M_WARN,
"PORT SHARE: socketpair call failed");
856 ps->background_pid = pid;
872 ps->foreground_fd = fd[0];
877 msg(
M_ERR,
"PORT SHARE: unexpected init recv_control status=%d",
status);
892#ifdef ENABLE_MANAGEMENT
904 port_share_proxy(hostaddr, fd[1], max_initial_buf, journal_dir);
913 port_share_close(ps);
918port_share_close(
struct port_share *ps)
922 if (ps->foreground_fd >= 0)
929 if (ps->background_pid > 0)
931 waitpid(ps->background_pid, NULL, 0);
936 ps->foreground_fd = -1;
944port_share_abort(
struct port_share *ps)
949 if (ps->foreground_fd >= 0)
953 ps->foreground_fd = -1;
964is_openvpn_protocol(
const struct buffer *buf)
966 const unsigned char *p = (
const unsigned char *)
BSTR(buf);
967 const int len =
BLEN(buf);
970 int plen = (p[0] << 8) | p[1];
988 return (plen >= 336 && plen < (1024 + 255));
994 return plen >= 14 && plen <= 255
1000 int plen = (p[0] << 8) | p[1];
1001 return plen >= 14 && plen <= 255;
1019 port_share_sendmsg(ps->foreground_fd, COMMAND_REDIRECT, head, sd);
static void set_signals(void)
#define RESPONSE_INIT_SUCCEEDED
static int recv_control(int fd)
static int send_control(int fd, int code)
static void close_fds_except(int keep)
void free_buf(struct buffer *buf)
struct buffer alloc_buf(size_t size)
static bool buf_advance(struct buffer *buf, int size)
static void check_malloc_return(void *p)
static void gc_free(struct gc_arena *a)
#define ALLOC_OBJ_CLEAR(dptr, type)
static struct gc_arena gc_new(void)
Data Channel Cryptography Module.
struct event_set * event_set_init(int *maxevents, unsigned int flags)
static void event_free(struct event_set *es)
static void event_del(struct event_set *es, event_t event)
static int event_wait(struct event_set *es, const struct timeval *tv, struct event_set_return *out, int outlen)
static void event_ctl(struct event_set *es, event_t event, unsigned int rwflags, void *arg)
void set_nonblock(socket_descriptor_t fd)
void set_cloexec(socket_descriptor_t fd)
static SERVICE_STATUS status
static bool msg_test(msglvl_t flags)
Return true if flags represent an enabled, not muted log level.
int openvpn_connect(socket_descriptor_t sd, const struct sockaddr *remote, int connect_timeout, volatile int *signal_received)
#define openvpn_close_socket(s)
int openvpn_getaddrinfo(unsigned int flags, const char *hostname, const char *servname, int resolve_retry_seconds, struct signal_info *sig_info, int ai_family, struct addrinfo **res)
static const char * print_openvpn_sockaddr(const struct openvpn_sockaddr *addr, struct gc_arena *gc)
#define P_CONTROL_HARD_RESET_CLIENT_V2
#define P_CONTROL_HARD_RESET_CLIENT_V3
Wrapper structure for dynamically allocated memory.
int len
Length in bytes of the actual content within the allocated memory.
Garbage collection arena used to keep track of dynamically allocated memory.
struct gc_entry * list
First element of the linked list of gc_entry structures.
union openvpn_sockaddr::@27 addr
SOCKET socket_descriptor_t
static int socket_defined(const socket_descriptor_t sd)