1 /* -*- c-file-style: "linux" -*-
3 rsync -- fast file replication program
5 Copyright (C) 1992-2001 by Andrew Tridgell <tridge@samba.org>
6 Copyright (C) 2001, 2002 by Martin Pool <mbp@samba.org>
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
26 * Socket functions used in rsync.
28 * This file is now converted to use the new-style getaddrinfo()
29 * interface, which supports IPv6 but is also supported on recent
30 * IPv4-only machines. On systems that don't have that interface, we
31 * emulate it using the KAME implementation.
36 static const char default_name[] = "UNKNOWN";
39 /* Establish a proxy connection on an open socket to a web roxy by
40 * using the CONNECT method. */
41 static int establish_proxy_connection(int fd, char *host, int port)
46 snprintf(buffer, sizeof(buffer), "CONNECT %s:%d HTTP/1.0\r\n\r\n", host, port);
47 if (write(fd, buffer, strlen(buffer)) != (int) strlen(buffer)) {
48 rprintf(FERROR, "failed to write to proxy: %s\n",
53 for (cp = buffer; cp < &buffer[sizeof(buffer) - 1]; cp++) {
54 if (read(fd, cp, 1) != 1) {
55 rprintf(FERROR, "failed to read from proxy: %s\n",
68 if (strncmp(buffer, "HTTP/", 5) != 0) {
69 rprintf(FERROR, "bad response from proxy - %s\n",
73 for (cp = &buffer[5]; isdigit(*cp) || (*cp == '.'); cp++)
78 rprintf(FERROR, "bad response from proxy - %s\n",
82 /* throw away the rest of the HTTP header */
84 for (cp = buffer; cp < &buffer[sizeof(buffer) - 1];
86 if (read(fd, cp, 1) != 1) {
87 rprintf(FERROR, "failed to read from proxy: %s\n",
94 if ((cp > buffer) && (*cp == '\n'))
96 if ((cp == buffer) && ((*cp == '\n') || (*cp == '\r')))
104 * Try to set the local address for a newly-created socket. Return -1
107 int try_bind_local(int s,
108 int ai_family, int ai_socktype,
109 const char *bind_address)
112 struct addrinfo bhints, *bres_all, *r;
114 memset(&bhints, 0, sizeof(bhints));
115 bhints.ai_family = ai_family;
116 bhints.ai_socktype = ai_socktype;
117 bhints.ai_flags = AI_PASSIVE;
118 if ((error = getaddrinfo(bind_address, NULL, &bhints, &bres_all))) {
119 rprintf(FERROR, RSYNC_NAME ": getaddrinfo %s: %s\n",
120 bind_address, gai_strerror(error));
124 for (r = bres_all; r; r = r->ai_next) {
125 if (bind(s, r->ai_addr, r->ai_addrlen) == -1)
130 /* no error message; there might be some problem that allows
131 * creation of the socket but not binding, perhaps if the
132 * machine has no ipv6 address of this name. */
138 * Open a socket to a tcp remote host with the specified port .
140 * Based on code from Warren. Proxy support by Stephen Rothwell.
141 * getaddrinfo() rewrite contributed by KAME.net.
143 * Now that we support IPv6 we need to look up the remote machine's
144 * address first, using @p af_hint to set a preference for the type
145 * of address. Then depending on whether it has v4 or v6 addresses we
146 * try to open a connection.
148 * The loop allows for machines with some addresses which may not be
149 * reachable, perhaps because we can't e.g. route ipv6 to that network
150 * but we can get ip4 packets through.
152 * @param bind_address Local address to use. Normally NULL to bind
153 * the wildcard address.
155 * @param af_hint Address family, e.g. AF_INET or AF_INET6.
157 int open_socket_out(char *host, int port, const char *bind_address,
160 int type = SOCK_STREAM;
163 struct addrinfo hints, *res0, *res;
170 /* if we have a RSYNC_PROXY env variable then redirect our
171 * connetcion via a web proxy at the given address. The format
172 * is hostname:port */
173 h = getenv("RSYNC_PROXY");
174 proxied = (h != NULL) && (*h != '\0');
177 strlcpy(buffer, h, sizeof(buffer));
178 cp = strchr(buffer, ':');
181 "invalid proxy specification: should be HOST:PORT\n");
188 snprintf(portbuf, sizeof(portbuf), "%d", port);
192 memset(&hints, 0, sizeof(hints));
193 hints.ai_family = af_hint;
194 hints.ai_socktype = type;
195 error = getaddrinfo(h, portbuf, &hints, &res0);
197 rprintf(FERROR, RSYNC_NAME ": getaddrinfo: %s %s: %s\n",
198 h, portbuf, gai_strerror(error));
203 /* Try to connect to all addresses for this machine until we get
204 * through. It might e.g. be multi-homed, or have both IPv4 and IPv6
205 * addresses. We need to create a socket for each record, since the
206 * address record tells us what protocol to use to try to connect. */
207 for (res = res0; res; res = res->ai_next) {
208 s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
213 if (try_bind_local(s, res->ai_family, type,
214 bind_address) == -1) {
220 if (connect(s, res->ai_addr, res->ai_addrlen) < 0) {
226 establish_proxy_connection(s, host, port) != 0) {
235 rprintf(FERROR, RSYNC_NAME ": failed to connect to %s: %s\n",
244 * Open an outgoing socket, but allow for it to be intercepted by
245 * $RSYNC_CONNECT_PROG, which will execute a program across a TCP
246 * socketpair rather than really opening a socket.
248 * We use this primarily in testing to detect TCP flow bugs, but not
249 * cause security problems by really opening remote connections.
251 * This is based on the Samba LIBSMB_PROG feature.
253 * @param bind_address Local address to use. Normally NULL to get the stack default.
255 int open_socket_out_wrapped (char *host,
257 const char *bind_address,
262 if ((prog = getenv ("RSYNC_CONNECT_PROG")) != NULL)
263 return sock_exec (prog);
265 return open_socket_out (host, port, bind_address,
272 * Open a socket of the specified type, port and address for incoming data
274 * Try to be better about handling the results of getaddrinfo(): when
275 * opening an inbound socket, we might get several address results,
276 * e.g. for the machine's ipv4 and ipv6 name.
278 * If binding a wildcard, then any one of them should do. If an address
279 * was specified but it's insufficiently specific then that's not our
282 * However, some of the advertized addresses may not work because e.g. we
283 * don't have IPv6 support in the kernel. In that case go on and try all
284 * addresses until one succeeds.
286 * @param bind_address Local address to bind, or NULL to allow it to
289 static int open_socket_in(int type, int port, const char *bind_address,
294 struct addrinfo hints, *all_ai, *resp;
298 memset(&hints, 0, sizeof(hints));
299 hints.ai_family = af_hint;
300 hints.ai_socktype = type;
301 hints.ai_flags = AI_PASSIVE;
302 snprintf(portbuf, sizeof(portbuf), "%d", port);
303 error = getaddrinfo(bind_address, portbuf, &hints, &all_ai);
305 rprintf(FERROR, RSYNC_NAME ": getaddrinfo: bind address %s: %s\n",
306 bind_address, gai_strerror(error));
310 /* We may not be able to create the socket, if for example the
311 * machine knows about IPv6 in the C library, but not in the
313 for (resp = all_ai; resp; resp = resp->ai_next) {
314 s = socket(resp->ai_family, resp->ai_socktype,
318 /* See if there's another address that will work... */
321 setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
322 (char *)&one, sizeof one);
324 /* now we've got a socket - we need to bind it */
325 if (bind(s, all_ai->ai_addr, all_ai->ai_addrlen) < 0) {
326 /* Nope, try another */
334 rprintf(FERROR, RSYNC_NAME ": open inbound socket on port %d failed: "
339 freeaddrinfo(all_ai);
345 * Determine if a file descriptor is in fact a socket
347 int is_a_socket(int fd)
353 /* Parameters to getsockopt, setsockopt etc are very
354 * unstandardized across platforms, so don't be surprised if
355 * there are compiler warnings on e.g. SCO OpenSwerver or AIX.
356 * It seems they all eventually get the right idea.
358 * Debian says: ``The fifth argument of getsockopt and
359 * setsockopt is in reality an int [*] (and this is what BSD
360 * 4.* and libc4 and libc5 have). Some POSIX confusion
361 * resulted in the present socklen_t. The draft standard has
362 * not been adopted yet, but glibc2 already follows it and
363 * also has socklen_t [*]. See also accept(2).''
365 * We now return to your regularly scheduled programming. */
366 return(getsockopt(fd, SOL_SOCKET, SO_TYPE, (char *)&v, &l) == 0);
370 void start_accept_loop(int port, int (*fn)(int ))
373 extern char *bind_address;
374 extern int default_af_hint;
376 /* open an incoming socket */
377 s = open_socket_in(SOCK_STREAM, port, bind_address, default_af_hint);
379 exit_cleanup(RERR_SOCKETIO);
381 /* ready to listen */
382 if (listen(s, 5) == -1) {
384 exit_cleanup(RERR_SOCKETIO);
388 /* now accept incoming connections - forking a new process
389 for each incoming connection */
393 struct sockaddr_storage addr;
394 socklen_t addrlen = sizeof addr;
396 /* close log file before the potentially very long select so
397 file can be trimmed by another process instead of growing
404 if (select(s+1, &fds, NULL, NULL, NULL) != 1) {
408 if(!FD_ISSET(s, &fds)) continue;
410 fd = accept(s,(struct sockaddr *)&addr,&addrlen);
412 if (fd == -1) continue;
414 signal(SIGCHLD, SIG_IGN);
416 /* we shouldn't have any children left hanging around
417 but I have had reports that on Digital Unix zombies
418 are produced, so this ensures that they are reaped */
420 while (waitpid(-1, NULL, WNOHANG) > 0);
425 /* open log file in child before possibly giving
436 enum SOCK_OPT_TYPES {OPT_BOOL,OPT_INT,OPT_ON};
445 } socket_options[] = {
446 {"SO_KEEPALIVE", SOL_SOCKET, SO_KEEPALIVE, 0, OPT_BOOL},
447 {"SO_REUSEADDR", SOL_SOCKET, SO_REUSEADDR, 0, OPT_BOOL},
448 {"SO_BROADCAST", SOL_SOCKET, SO_BROADCAST, 0, OPT_BOOL},
450 {"TCP_NODELAY", IPPROTO_TCP, TCP_NODELAY, 0, OPT_BOOL},
452 #ifdef IPTOS_LOWDELAY
453 {"IPTOS_LOWDELAY", IPPROTO_IP, IP_TOS, IPTOS_LOWDELAY, OPT_ON},
455 #ifdef IPTOS_THROUGHPUT
456 {"IPTOS_THROUGHPUT", IPPROTO_IP, IP_TOS, IPTOS_THROUGHPUT, OPT_ON},
459 {"SO_SNDBUF", SOL_SOCKET, SO_SNDBUF, 0, OPT_INT},
462 {"SO_RCVBUF", SOL_SOCKET, SO_RCVBUF, 0, OPT_INT},
465 {"SO_SNDLOWAT", SOL_SOCKET, SO_SNDLOWAT, 0, OPT_INT},
468 {"SO_RCVLOWAT", SOL_SOCKET, SO_RCVLOWAT, 0, OPT_INT},
471 {"SO_SNDTIMEO", SOL_SOCKET, SO_SNDTIMEO, 0, OPT_INT},
474 {"SO_RCVTIMEO", SOL_SOCKET, SO_RCVTIMEO, 0, OPT_INT},
480 /****************************************************************************
481 set user socket options
482 ****************************************************************************/
483 void set_socket_options(int fd, char *options)
486 if (!options || !*options) return;
488 options = strdup(options);
490 if (!options) out_of_memory("set_socket_options");
492 for (tok=strtok(options, " \t,"); tok; tok=strtok(NULL," \t,")) {
498 if ((p = strchr(tok,'='))) {
504 for (i=0;socket_options[i].name;i++)
505 if (strcmp(socket_options[i].name,tok)==0)
508 if (!socket_options[i].name) {
509 rprintf(FERROR,"Unknown socket option %s\n",tok);
513 switch (socket_options[i].opttype) {
516 ret = setsockopt(fd,socket_options[i].level,
517 socket_options[i].option,(char *)&value,sizeof(int));
522 rprintf(FERROR,"syntax error - %s does not take a value\n",tok);
525 int on = socket_options[i].value;
526 ret = setsockopt(fd,socket_options[i].level,
527 socket_options[i].option,(char *)&on,sizeof(int));
533 rprintf(FERROR, "failed to set socket option %s: %s\n", tok,
540 /****************************************************************************
541 become a daemon, discarding the controlling terminal
542 ****************************************************************************/
543 void become_daemon(void)
551 /* detach from the terminal */
556 i = open("/dev/tty", O_RDWR);
558 ioctl(i, (int) TIOCNOTTY, (char *)0);
561 #endif /* TIOCNOTTY */
563 /* make sure that stdin, stdout an stderr don't stuff things
564 up (library functions, for example) */
567 open("/dev/null", O_RDWR);
572 * Return the IP addr of the client as a string
574 char *client_addr(int fd)
576 struct sockaddr_storage ss;
577 socklen_t length = sizeof ss;
578 static char addr_buf[100];
579 static int initialised;
581 if (initialised) return addr_buf;
585 client_sockaddr(fd, &ss, &length);
587 getnameinfo((struct sockaddr *)&ss, length,
588 addr_buf, sizeof(addr_buf), NULL, 0, NI_NUMERICHOST);
594 static int get_sockaddr_family(const struct sockaddr_storage *ss)
596 return ((struct sockaddr *) ss)->sa_family;
601 * Return the DNS name of the client.
603 * The name is statically cached so that repeated lookups are quick,
604 * so there is a limit of one lookup per customer.
606 * If anything goes wrong, including the name->addr->name check, then
607 * we just use "UNKNOWN", so you can use that value in hosts allow
610 char *client_name(int fd)
612 struct sockaddr_storage ss;
613 socklen_t ss_len = sizeof ss;
614 static char name_buf[100];
615 static char port_buf[100];
616 static int initialised;
618 if (initialised) return name_buf;
620 strcpy(name_buf, default_name);
623 client_sockaddr(fd, &ss, &ss_len);
625 if (!lookup_name(fd, &ss, ss_len, name_buf, sizeof name_buf, port_buf, sizeof port_buf))
626 check_name(fd, &ss, ss_len, name_buf, port_buf);
634 * Get the sockaddr for the client.
636 void client_sockaddr(int fd,
637 struct sockaddr_storage *ss,
640 if (getpeername(fd, (struct sockaddr *) ss, ss_len)) {
641 /* FIXME: Can we really not continue? */
642 rprintf(FERROR, RSYNC_NAME ": getpeername on fd%d failed: %s\n",
643 fd, strerror(errno));
644 exit_cleanup(RERR_SOCKETIO);
648 if (get_sockaddr_family(ss) == AF_INET6 &&
649 IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)ss)->sin6_addr)) {
650 /* OK, so ss is in the IPv6 family, but it is really
651 * an IPv4 address: something like
652 * "::ffff:10.130.1.2". If we use it as-is, then the
653 * reverse lookup might fail or perhaps something else
654 * bad might happen. So instead we convert it to an
655 * equivalent address in the IPv4 address family. */
656 struct sockaddr_in6 sin6;
657 struct sockaddr_in *sin;
659 memcpy(&sin6, ss, sizeof(sin6));
660 sin = (struct sockaddr_in *)ss;
661 memset(sin, 0, sizeof(*sin));
662 sin->sin_family = AF_INET;
663 *ss_len = sizeof(struct sockaddr_in);
664 #ifdef HAVE_SOCKADDR_LEN
665 sin->sin_len = *ss_len;
667 sin->sin_port = sin6.sin6_port;
669 /* There is a macro to extract the mapped part
670 * (IN6_V4MAPPED_TO_SINADDR ?), but it does not seem
671 * to be present in the Linux headers. */
672 memcpy(&sin->sin_addr, &sin6.sin6_addr.s6_addr[12],
673 sizeof(sin->sin_addr));
680 * Look up a name from @p ss into @p name_buf.
682 int lookup_name(int fd, const struct sockaddr_storage *ss,
684 char *name_buf, size_t name_buf_len,
685 char *port_buf, size_t port_buf_len)
690 name_err = getnameinfo((struct sockaddr *) ss, ss_len,
691 name_buf, name_buf_len,
692 port_buf, port_buf_len,
693 NI_NAMEREQD | NI_NUMERICSERV);
695 strcpy(name_buf, default_name);
696 rprintf(FERROR, RSYNC_NAME ": name lookup failed for %s: %s\n",
698 gai_strerror(name_err));
707 /* Do a forward lookup on name_buf and make sure it corresponds to ss
708 * -- otherwise we may be being spoofed. If we suspect we are, then
709 * we don't abort the connection but just emit a warning. */
710 int check_name(int fd,
711 const struct sockaddr_storage *ss,
714 const char *port_buf)
716 struct addrinfo hints, *res, *res0;
719 memset(&hints, 0, sizeof(hints));
720 hints.ai_family = PF_UNSPEC;
721 hints.ai_flags = AI_CANONNAME;
722 hints.ai_socktype = SOCK_STREAM;
723 error = getaddrinfo(name_buf, port_buf, &hints, &res0);
726 RSYNC_NAME ": forward name lookup for %s:%s failed: %s\n",
728 gai_strerror(error));
729 strcpy(name_buf, default_name);
734 /* We expect that one of the results will be the same as ss. */
735 for (res = res0; res; res = res->ai_next) {
736 if (res->ai_family != get_sockaddr_family(ss))
738 if (res->ai_addrlen != ss_len)
740 if (memcmp(res->ai_addr, ss, res->ai_addrlen) == 0)
745 /* We hit the end of the list without finding an
746 * address that was the same as ss. */
747 rprintf(FERROR, RSYNC_NAME
748 ": %s is not a known address for \"%s\": "
749 "spoofed address?\n",
752 strcpy(name_buf, default_name);
760 /*******************************************************************
761 this is like socketpair but uses tcp. It is used by the Samba
763 The function guarantees that nobody else can attach to the socket,
764 or if they do that this function fails and the socket gets closed
765 returns 0 on success, -1 on failure
766 the resulting file descriptors are symmetrical
767 ******************************************************************/
768 static int socketpair_tcp(int fd[2])
771 struct sockaddr_in sock;
772 struct sockaddr_in sock2;
773 socklen_t socklen = sizeof(sock);
774 int connect_done = 0;
776 fd[0] = fd[1] = listener = -1;
778 memset(&sock, 0, sizeof(sock));
780 if ((listener = socket(PF_INET, SOCK_STREAM, 0)) == -1) goto failed;
782 memset(&sock2, 0, sizeof(sock2));
783 #ifdef HAVE_SOCK_SIN_LEN
784 sock2.sin_len = sizeof(sock2);
786 sock2.sin_family = PF_INET;
788 bind(listener, (struct sockaddr *)&sock2, sizeof(sock2));
790 if (listen(listener, 1) != 0) goto failed;
792 if (getsockname(listener, (struct sockaddr *)&sock, &socklen) != 0) goto failed;
794 if ((fd[1] = socket(PF_INET, SOCK_STREAM, 0)) == -1) goto failed;
796 set_nonblocking(fd[1]);
798 sock.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
800 if (connect(fd[1],(struct sockaddr *)&sock,sizeof(sock)) == -1) {
801 if (errno != EINPROGRESS) goto failed;
806 if ((fd[0] = accept(listener, (struct sockaddr *)&sock, &socklen)) == -1) goto failed;
809 if (connect_done == 0) {
810 if (connect(fd[1],(struct sockaddr *)&sock,sizeof(sock)) != 0
811 && errno != EISCONN) goto failed;
814 set_blocking (fd[1]);
820 if (fd[0] != -1) close(fd[0]);
821 if (fd[1] != -1) close(fd[1]);
822 if (listener != -1) close(listener);
829 * Run a program on a local tcp socket, so that we can talk to it's
830 * stdin and stdout. This is used to fake a connection to a daemon
831 * for testing -- not for the normal case of running SSH.
833 * @return a socket which is attached to a subprocess running
834 * "prog". stdin and stdout are attached. stderr is left attached to
835 * the original stderr
837 int sock_exec(const char *prog)
841 if (socketpair_tcp(fd) != 0) {
842 rprintf (FERROR, RSYNC_NAME
843 ": socketpair_tcp failed (%s)\n",
854 /* Can't use rprintf because we've forked. */
856 RSYNC_NAME ": execute socket program \"%s\"\n",
859 exit (system (prog));