search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
server/crypto.c: Improve error messages in crypto_send
[nbdkit.git] / server / public.c
blob71ea6779dffc376eb4d7ee22c8cf5624be9d482c
1 /* nbdkit
2 * Copyright Red Hat
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are
6 * met:
7 *
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * * Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * * Neither the name of Red Hat nor the names of its contributors may be
16 * used to endorse or promote products derived from this software without
17 * specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY RED HAT AND CONTRIBUTORS ''AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
21 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
22 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT OR
23 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
25 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
26 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
27 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
28 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
29 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33 /* This file contains the public utility APIs to be exported by nbdkit
34 * for use by filters and plugins, declared in nbdkit-common.h.
35 */
36
37 #include <config.h>
38
39 #include <stdio.h>
40 #include <stdlib.h>
41 #include <stdbool.h>
42 #include <stdint.h>
43 #include <inttypes.h>
44 #include <string.h>
45 #include <unistd.h>
46 #include <fcntl.h>
47 #include <limits.h>
48 #include <errno.h>
49 #include <signal.h>
50 #include <sys/types.h>
51
52 #ifdef HAVE_TERMIOS_H
53 #include <termios.h>
54 #endif
55
56 #ifdef HAVE_SYS_SOCKET_H
57 #include <sys/socket.h>
58 #endif
59
60 #ifdef HAVE_SYS_UCRED_H
61 #include <sys/ucred.h>
62 #endif
63
64 #ifdef HAVE_SYS_UN_H
65 #include <sys/un.h>
66 #endif
67
68 #ifdef WIN32
69 /* For nanosleep on Windows. */
70 #include <pthread_time.h>
71 #endif
72
73 #include "array-size.h"
74 #include "ascii-ctype.h"
75 #include "ascii-string.h"
76 #include "get_current_dir_name.h"
77 #include "getline.h"
78 #include "poll.h"
79 #include "realpath.h"
80 #include "strndup.h"
81
82 #include "internal.h"
83
84 #ifndef WIN32
85
86 NBDKIT_DLL_PUBLIC char *
87 nbdkit_absolute_path (const char *path)
88 {
89 CLEANUP_FREE char *pwd = NULL;
90 char *ret;
91
92 if (path == NULL || *path == '\0') {
93 nbdkit_error ("cannot convert null or empty path to an absolute path");
94 return NULL;
95 }
96
97 if (*path == '/') {
98 ret = strdup (path);
99 if (!ret) {
100 nbdkit_error ("strdup: %m");
101 return NULL;
102 }
103 return ret;
104 }
105
106 pwd = get_current_dir_name ();
107 if (pwd == NULL) {
108 nbdkit_error ("get_current_dir_name: %m");
109 return NULL;
110 }
111
112 if (asprintf (&ret, "%s" DIR_SEPARATOR_STR "%s", pwd, path) == -1) {
113 nbdkit_error ("asprintf: %m");
114 return NULL;
115 }
116
117 return ret;
118 }
119
120 #else /* WIN32 */
121
122 /* On Windows realpath() is replaced by GetFullPathName which doesn't
123 * bother to check if the final path exists. Therefore we can simply
124 * replace nbdkit_absolute_path with nbdkit_realpath and everything
125 * should work the same.
126 */
127 NBDKIT_DLL_PUBLIC char *
128 nbdkit_absolute_path (const char *path)
129 {
130 return nbdkit_realpath (path);
131 }
132
133 #endif /* WIN32 */
134
135 NBDKIT_DLL_PUBLIC char *
136 nbdkit_realpath (const char *path)
137 {
138 char *ret;
139
140 if (path == NULL || *path == '\0') {
141 nbdkit_error ("cannot resolve a null or empty path");
142 return NULL;
143 }
144
145 ret = realpath (path, NULL);
146 if (ret == NULL) {
147 nbdkit_error ("realpath: %s: %m", path);
148 return NULL;
149 }
150
151 return ret;
152 }
153
154 /* Common code for parsing integers. */
155 #define PARSE_COMMON_TAIL \
156 if (errno != 0) { \
157 nbdkit_error ("%s: could not parse number: \"%s\": %m", \
158 what, str); \
159 return -1; \
160 } \
161 if (end == str) { \
162 nbdkit_error ("%s: empty string where we expected a number", \
163 what); \
164 return -1; \
165 } \
166 if (*end) { \
167 nbdkit_error ("%s: could not parse number: \"%s\": trailing garbage", \
168 what, str); \
169 return -1; \
170 } \
171 \
172 if (rp) \
173 *rp = r; \
174 return 0
175
176 /* Functions for parsing signed integers. */
177 NBDKIT_DLL_PUBLIC int
178 nbdkit_parse_int (const char *what, const char *str, int *rp)
179 {
180 long r;
181 char *end;
182
183 errno = 0;
184 r = strtol (str, &end, 0);
185 #if INT_MAX != LONG_MAX
186 if (r < INT_MIN || r > INT_MAX)
187 errno = ERANGE;
188 #endif
189 PARSE_COMMON_TAIL;
190 }
191
192 NBDKIT_DLL_PUBLIC int
193 nbdkit_parse_int8_t (const char *what, const char *str, int8_t *rp)
194 {
195 long r;
196 char *end;
197
198 errno = 0;
199 r = strtol (str, &end, 0);
200 if (r < INT8_MIN || r > INT8_MAX)
201 errno = ERANGE;
202 PARSE_COMMON_TAIL;
203 }
204
205 NBDKIT_DLL_PUBLIC int
206 nbdkit_parse_int16_t (const char *what, const char *str, int16_t *rp)
207 {
208 long r;
209 char *end;
210
211 errno = 0;
212 r = strtol (str, &end, 0);
213 if (r < INT16_MIN || r > INT16_MAX)
214 errno = ERANGE;
215 PARSE_COMMON_TAIL;
216 }
217
218 NBDKIT_DLL_PUBLIC int
219 nbdkit_parse_int32_t (const char *what, const char *str, int32_t *rp)
220 {
221 long r;
222 char *end;
223
224 errno = 0;
225 r = strtol (str, &end, 0);
226 #if INT32_MAX != LONG_MAX
227 if (r < INT32_MIN || r > INT32_MAX)
228 errno = ERANGE;
229 #endif
230 PARSE_COMMON_TAIL;
231 }
232
233 NBDKIT_DLL_PUBLIC int
234 nbdkit_parse_int64_t (const char *what, const char *str, int64_t *rp)
235 {
236 long long r;
237 char *end;
238
239 errno = 0;
240 r = strtoll (str, &end, 0);
241 #if INT64_MAX != LONGLONG_MAX
242 if (r < INT64_MIN || r > INT64_MAX)
243 errno = ERANGE;
244 #endif
245 PARSE_COMMON_TAIL;
246 }
247
248 /* Functions for parsing unsigned integers. */
249
250 /* strtou* functions have surprising behaviour if the first character
251 * (after whitespace) is '-', so reject this early.
252 */
253 #define PARSE_ERROR_IF_NEGATIVE \
254 do { \
255 while (ascii_isspace (*str)) \
256 str++; \
257 if (*str == '-') { \
258 nbdkit_error ("%s: negative numbers are not allowed", what); \
259 return -1; \
260 } \
261 } while (0)
262
263 NBDKIT_DLL_PUBLIC int
264 nbdkit_parse_unsigned (const char *what, const char *str, unsigned *rp)
265 {
266 unsigned long r;
267 char *end;
268
269 PARSE_ERROR_IF_NEGATIVE;
270 errno = 0;
271 r = strtoul (str, &end, 0);
272 #if UINT_MAX != ULONG_MAX
273 if (r > UINT_MAX)
274 errno = ERANGE;
275 #endif
276 PARSE_COMMON_TAIL;
277 }
278
279 NBDKIT_DLL_PUBLIC int
280 nbdkit_parse_uint8_t (const char *what, const char *str, uint8_t *rp)
281 {
282 unsigned long r;
283 char *end;
284
285 PARSE_ERROR_IF_NEGATIVE;
286 errno = 0;
287 r = strtoul (str, &end, 0);
288 if (r > UINT8_MAX)
289 errno = ERANGE;
290 PARSE_COMMON_TAIL;
291 }
292
293 NBDKIT_DLL_PUBLIC int
294 nbdkit_parse_uint16_t (const char *what, const char *str, uint16_t *rp)
295 {
296 unsigned long r;
297 char *end;
298
299 PARSE_ERROR_IF_NEGATIVE;
300 errno = 0;
301 r = strtoul (str, &end, 0);
302 if (r > UINT16_MAX)
303 errno = ERANGE;
304 PARSE_COMMON_TAIL;
305 }
306
307 NBDKIT_DLL_PUBLIC int
308 nbdkit_parse_uint32_t (const char *what, const char *str, uint32_t *rp)
309 {
310 unsigned long r;
311 char *end;
312
313 PARSE_ERROR_IF_NEGATIVE;
314 errno = 0;
315 r = strtoul (str, &end, 0);
316 #if UINT32_MAX != ULONG_MAX
317 if (r > UINT32_MAX)
318 errno = ERANGE;
319 #endif
320 PARSE_COMMON_TAIL;
321 }
322
323 NBDKIT_DLL_PUBLIC int
324 nbdkit_parse_uint64_t (const char *what, const char *str, uint64_t *rp)
325 {
326 unsigned long long r;
327 char *end;
328
329 PARSE_ERROR_IF_NEGATIVE;
330 errno = 0;
331 r = strtoull (str, &end, 0);
332 #if UINT64_MAX != ULONGLONG_MAX
333 if (r > UINT64_MAX)
334 errno = ERANGE;
335 #endif
336 PARSE_COMMON_TAIL;
337 }
338
339 /* Parse a string as a size with possible scaling suffix, or return -1
340 * after reporting the error.
341 */
342 NBDKIT_DLL_PUBLIC int64_t
343 nbdkit_parse_size (const char *str)
344 {
345 int64_t size;
346 char *end;
347 uint64_t scale = 1;
348
349 /* Disk sizes cannot usefully exceed off_t (which is signed) and
350 * cannot be negative. */
351 /* XXX Should we also parse things like '1.5M'? */
352 /* XXX Should we allow hex? If so, hex cannot use scaling suffixes,
353 * because some of them are valid hex digits */
354 errno = 0;
355 size = strtoimax (str, &end, 10);
356 if (str == end) {
357 nbdkit_error ("could not parse size string (%s)", str);
358 return -1;
359 }
360 if (size < 0) {
361 nbdkit_error ("size cannot be negative (%s)", str);
362 return -1;
363 }
364 if (errno) {
365 nbdkit_error ("size (%s) exceeds maximum value", str);
366 return -1;
367 }
368
369 switch (*end) {
370 /* No suffix */
371 case '\0':
372 end--; /* Safe, since we already filtered out empty string */
373 break;
374
375 /* Powers of 1024 */
376 case 'e': case 'E':
377 scale *= 1024;
378 /* fallthru */
379 case 'p': case 'P':
380 scale *= 1024;
381 /* fallthru */
382 case 't': case 'T':
383 scale *= 1024;
384 /* fallthru */
385 case 'g': case 'G':
386 scale *= 1024;
387 /* fallthru */
388 case 'm': case 'M':
389 scale *= 1024;
390 /* fallthru */
391 case 'k': case 'K':
392 scale *= 1024;
393 /* fallthru */
394 case 'b': case 'B':
395 break;
396
397 /* "sectors", ie. units of 512 bytes, even if that's not the real
398 * sector size */
399 case 's': case 'S':
400 scale = 512;
401 break;
402
403 default:
404 nbdkit_error ("could not parse size: unknown suffix '%s'", end);
405 return -1;
406 }
407
408 /* XXX Maybe we should support 'MiB' as a synonym for 'M'; and 'MB'
409 * for powers of 1000, for similarity to GNU tools. But for now,
410 * anything beyond 'M' is dropped. */
411 if (end[1]) {
412 nbdkit_error ("could not parse size: unknown suffix '%s'", end);
413 return -1;
414 }
415
416 if (INT64_MAX / scale < size) {
417 nbdkit_error ("overflow computing size (%s)", str);
418 return -1;
419 }
420
421 return size * scale;
422 }
423
424 /* Parse a string as a boolean, or return -1 after reporting the error.
425 */
426 NBDKIT_DLL_PUBLIC int
427 nbdkit_parse_bool (const char *str)
428 {
429 if (!strcmp (str, "1") ||
430 !ascii_strcasecmp (str, "true") ||
431 !ascii_strcasecmp (str, "t") ||
432 !ascii_strcasecmp (str, "yes") ||
433 !ascii_strcasecmp (str, "y") ||
434 !ascii_strcasecmp (str, "on"))
435 return 1;
436
437 if (!strcmp (str, "0") ||
438 !ascii_strcasecmp (str, "false") ||
439 !ascii_strcasecmp (str, "f") ||
440 !ascii_strcasecmp (str, "no") ||
441 !ascii_strcasecmp (str, "n") ||
442 !ascii_strcasecmp (str, "off"))
443 return 0;
444
445 nbdkit_error ("could not decipher boolean (%s)", str);
446 return -1;
447 }
448
449 /* Return true if it is safe to read from stdin during configuration. */
450 NBDKIT_DLL_PUBLIC int
451 nbdkit_stdio_safe (void)
452 {
453 return !listen_stdin && !configured;
454 }
455
456 /* Read a password from configuration value. */
457 static int read_password_interactive (char **password);
458 static int read_password_from_fd (const char *what, int fd, char **password);
459
460 NBDKIT_DLL_PUBLIC int
461 nbdkit_read_password (const char *value, char **password)
462 {
463 *password = NULL;
464
465 /* Read from stdin interactively. */
466 if (strcmp (value, "-") == 0) {
467 if (read_password_interactive (password) == -1)
468 return -1;
469 }
470
471 /* Read from numbered file descriptor. */
472 else if (value[0] == '-') {
473 #ifndef WIN32
474 int fd;
475
476 if (nbdkit_parse_int ("password file descriptor", &value[1], &fd) == -1)
477 return -1;
478 if (fd == STDIN_FILENO || fd == STDOUT_FILENO || fd == STDERR_FILENO) {
479 nbdkit_error ("cannot use password -FD for stdin/stdout/stderr");
480 return -1;
481 }
482 if (read_password_from_fd (&value[1], fd, password) == -1)
483 return -1;
484
485 #else /* WIN32 */
486 /* As far as I know this will never be possible on Windows, so
487 * it's a simple error.
488 */
489 nbdkit_error ("not possible to read passwords from file descriptors "
490 "under Windows");
491 return -1;
492 #endif /* WIN32 */
493 }
494
495 /* Read password from a file. */
496 else if (value[0] == '+') {
497 int fd;
498
499 fd = open (&value[1], O_RDONLY | O_CLOEXEC);
500 if (fd == -1) {
501 nbdkit_error ("open %s: %m", &value[1]);
502 return -1;
503 }
504 if (read_password_from_fd (&value[1], fd, password) == -1)
505 return -1;
506 }
507
508 /* Parameter is the password. */
509 else {
510 *password = strdup (value);
511 if (*password == NULL) {
512 nbdkit_error ("strdup: %m");
513 return -1;
514 }
515 }
516
517 return 0;
518 }
519
520 #ifndef WIN32
521
522 typedef struct termios echo_mode;
523
524 static void
525 echo_off (echo_mode *old_mode)
526 {
527 struct termios temp;
528
529 tcgetattr (STDIN_FILENO, old_mode);
530 temp = *old_mode;
531 temp.c_lflag &= ~ECHO;
532 tcsetattr (STDIN_FILENO, TCSAFLUSH, &temp);
533 }
534
535 static void
536 echo_restore (const echo_mode *old_mode)
537 {
538 tcsetattr (STDIN_FILENO, TCSAFLUSH, old_mode);
539 }
540
541 #else /* WIN32 */
542
543 /* Windows implementation of tty echo off based on this:
544 * https://stackoverflow.com/a/1455007
545 */
546 typedef DWORD echo_mode;
547
548 static void
549 echo_off (echo_mode *old_mode)
550 {
551 HANDLE h_stdin;
552 DWORD mode;
553
554 h_stdin = GetStdHandle (STD_INPUT_HANDLE);
555 GetConsoleMode (h_stdin, old_mode);
556 mode = *old_mode;
557 mode &= ~ENABLE_ECHO_INPUT;
558 SetConsoleMode (h_stdin, mode);
559 }
560
561 static void
562 echo_restore (const echo_mode *old_mode)
563 {
564 HANDLE h_stdin;
565
566 h_stdin = GetStdHandle (STD_INPUT_HANDLE);
567 SetConsoleMode (h_stdin, *old_mode);
568 }
569
570 #endif /* WIN32 */
571
572 static int
573 read_password_interactive (char **password)
574 {
575 int err;
576 echo_mode orig;
577 ssize_t r;
578 size_t n;
579
580 if (!nbdkit_stdio_safe ()) {
581 nbdkit_error ("stdin is not available for reading password");
582 return -1;
583 }
584
585 if (!isatty (STDIN_FILENO)) {
586 nbdkit_error ("stdin is not a tty, cannot read password interactively");
587 return -1;
588 }
589
590 printf ("password: ");
591
592 /* Set no echo. */
593 echo_off (&orig);
594
595 /* To distinguish between error and EOF we have to check errno.
596 * getline can return -1 and errno = 0 which means we got end of
597 * file, which is simply a zero length password.
598 */
599 errno = 0;
600 r = getline (password, &n, stdin);
601 err = errno;
602
603 /* Restore echo. */
604 echo_restore (&orig);
605
606 /* Complete the printf above. */
607 printf ("\n");
608
609 if (r == -1) {
610 if (err == 0) { /* EOF, not an error. */
611 free (*password); /* State of linebuf is undefined. */
612 *password = strdup ("");
613 if (*password == NULL) {
614 nbdkit_error ("strdup: %m");
615 return -1;
616 }
617 }
618 else {
619 errno = err;
620 nbdkit_error ("could not read password from stdin: %m");
621 return -1;
622 }
623 }
624
625 if (*password && r > 0 && (*password)[r-1] == '\n')
626 (*password)[r-1] = '\0';
627
628 return 0;
629 }
630
631 static int
632 read_password_from_fd (const char *what, int fd, char **password)
633 {
634 FILE *fp;
635 size_t n;
636 ssize_t r;
637 int err;
638
639 fp = fdopen (fd, "r");
640 if (fp == NULL) {
641 nbdkit_error ("fdopen %s: %m", what);
642 close (fd);
643 return -1;
644 }
645
646 /* To distinguish between error and EOF we have to check errno.
647 * getline can return -1 and errno = 0 which means we got end of
648 * file, which is simply a zero length password.
649 */
650 errno = 0;
651 r = getline (password, &n, fp);
652 err = errno;
653
654 fclose (fp);
655
656 if (r == -1) {
657 if (err == 0) { /* EOF, not an error. */
658 free (*password); /* State of linebuf is undefined. */
659 *password = strdup ("");
660 if (*password == NULL) {
661 nbdkit_error ("strdup: %m");
662 return -1;
663 }
664 }
665 else {
666 errno = err;
667 nbdkit_error ("could not read password from %s: %m", what);
668 return -1;
669 }
670 }
671
672 if (*password && r > 0 && (*password)[r-1] == '\n')
673 (*password)[r-1] = '\0';
674
675 return 0;
676 }
677
678 NBDKIT_DLL_PUBLIC int
679 nbdkit_nanosleep (unsigned sec, unsigned nsec)
680 {
681 struct timespec ts;
682
683 if (sec >= INT_MAX - nsec / 1000000000) {
684 nbdkit_error ("sleep request is too long");
685 errno = EINVAL;
686 return -1;
687 }
688 ts.tv_sec = sec + nsec / 1000000000;
689 ts.tv_nsec = nsec % 1000000000;
690
691 #if defined HAVE_PPOLL && defined POLLRDHUP
692 /* End the sleep early if any of these happen:
693 * - nbdkit has received a signal to shut down the server
694 * - the current connection is multi-threaded and another thread detects
695 * NBD_CMD_DISC or a problem with the connection
696 * - the input socket detects POLLRDHUP/POLLHUP/POLLERR
697 * - the input socket is invalid (POLLNVAL, probably closed by
698 * another thread)
699 */
700 struct connection *conn = threadlocal_get_conn ();
701 struct pollfd fds[] = {
702 [0].fd = quit_fd,
703 [0].events = POLLIN,
704 [1].fd = conn ? conn->status_pipe[0] : -1,
705 [1].events = POLLIN,
706 [2].fd = conn ? conn->sockin : -1,
707 [2].events = POLLRDHUP,
708 };
709 sigset_t all;
710
711 /* Block all signals to this thread during the poll, so we don't
712 * have to worry about EINTR
713 */
714 if (sigfillset (&all))
715 abort ();
716 switch (ppoll (fds, ARRAY_SIZE (fds), &ts, &all)) {
717 case -1:
718 assert (errno != EINTR);
719 nbdkit_error ("poll: %m");
720 return -1;
721 case 0:
722 return 0;
723 }
724
725 /* We don't have to read the pipe-to-self; if poll returned an
726 * event, we know the connection should be shutting down.
727 */
728 bool has_quit = quit;
729 assert (has_quit ||
730 (conn && conn->nworkers > 0 &&
731 connection_get_status () < STATUS_SHUTDOWN) ||
732 (conn && (fds[2].revents & (POLLRDHUP | POLLHUP | POLLERR |
733 POLLNVAL))));
734 if (has_quit)
735 nbdkit_error ("aborting sleep because of server shut down");
736 else
737 nbdkit_error ("aborting sleep because of connection close or error");
738 errno = ESHUTDOWN;
739 return -1;
740
741 #else
742 /* The fallback path simply calls ordinary nanosleep, and will
743 * cause long delays on server shutdown.
744 *
745 * If however you want to port this to your platform, then
746 * porting ideas, in order of preference:
747 * - POSIX requires pselect; it's a bit clunkier to set up than poll,
748 * but the same ability to atomically mask all signals and operate
749 * on struct timespec makes it similar to the preferred ppoll interface
750 * - calculate an end time target, then use poll in a loop on EINTR with
751 * a recalculation of the timeout to still reach the end time (masking
752 * signals in that case is not safe, as it is a non-atomic race)
753 */
754 int r;
755
756 r = nanosleep (&ts, NULL);
757 if (r == -1 && errno != EINTR && errno != EAGAIN) {
758 nbdkit_error ("nanosleep: %m");
759 return -1;
760 }
761 return 0;
762 #endif
763 }
764
765 /* This function will be deprecated for API V3 users. The preferred
766 * approach will be to get the exportname from .open().
767 */
768 NBDKIT_DLL_PUBLIC const char *
769 nbdkit_export_name (void)
770 {
771 struct context *c = threadlocal_get_context ();
772
773 if (!c || !c->conn) {
774 nbdkit_error ("no connection in this thread");
775 return NULL;
776 }
777
778 return c->conn->exportname;
779 }
780
781 /* This function will be deprecated for API V3 users. The preferred
782 * approach will be to get the tls mode from .open().
783 */
784 NBDKIT_DLL_PUBLIC int
785 nbdkit_is_tls (void)
786 {
787 struct context *c = threadlocal_get_context ();
788
789 if (!c) {
790 nbdkit_error ("no connection in this thread");
791 return -1;
792 }
793
794 if (!c->conn) {
795 /* If a filter opened this backend outside of a client connection,
796 * then we can only claim tls when the command line required it.
797 */
798 return tls == 2;
799 }
800
801 return c->conn->using_tls;
802 }
803
804 NBDKIT_DLL_PUBLIC int
805 nbdkit_peer_name (struct sockaddr *addr, socklen_t *addrlen)
806 {
807 struct connection *conn = threadlocal_get_conn ();
808 int s;
809
810 if (!conn) {
811 nbdkit_error ("no connection in this thread");
812 return -1;
813 }
814
815 s = conn->sockin;
816 if (s == -1) {
817 nbdkit_error ("socket not open");
818 return -1;
819 }
820
821 if (getpeername (s, addr, addrlen) == -1) {
822 nbdkit_error ("peername: %m");
823 return -1;
824 }
825
826 return 0;
827 }
828
829 #if defined (SO_PEERCRED) && \
830 (defined (HAVE_STRUCT_UCRED_UID) || defined (HAVE_STRUCT_SOCKPEERCRED_UID))
831
832 #define GET_PEERCRED_DEFINED 1
833
834 static int
835 get_peercred (int s, int64_t *pid, int64_t *uid, int64_t *gid)
836 {
837 #if HAVE_STRUCT_UCRED_UID
838 struct ucred cred;
839 #elif HAVE_STRUCT_SOCKPEERCRED_UID
840 /* The struct has a different name on OpenBSD, but the same members. */
841 struct sockpeercred cred;
842 #endif
843 socklen_t n = sizeof cred;
844
845 if (getsockopt (s, SOL_SOCKET, SO_PEERCRED, &cred, &n) == -1) {
846 nbdkit_error ("getsockopt: SO_PEERCRED: %m");
847 return -1;
848 }
849
850 if (pid && cred.pid >= 1) {
851 #if SIZEOF_PID_T >= 8
852 if (cred.pid > INT64_MAX)
853 nbdkit_error ("pid out of range: cannot be mapped to int64_t");
854 else
855 #endif
856 *pid = cred.pid;
857 }
858 if (uid && cred.uid >= 0) {
859 #if SIZEOF_UID_T >= 8
860 if (cred.uid > INT64_MAX)
861 nbdkit_error ("uid out of range: cannot be mapped to int64_t");
862 else
863 #endif
864 *uid = cred.uid;
865 }
866 if (gid && cred.gid >= 0) {
867 #if SIZEOF_GID_T >= 8
868 if (cred.gid > INT64_MAX)
869 nbdkit_error ("gid out of range: cannot be mapped to int64_t");
870 else
871 #endif
872 *gid = cred.gid;
873 }
874
875 return 0;
876 }
877
878 #endif /* SO_PEERCRED */
879
880 #ifdef LOCAL_PEERCRED
881
882 #define GET_PEERCRED_DEFINED 1
883
884 /* FreeBSD supports LOCAL_PEERCRED and struct xucred. */
885 static int
886 get_peercred (int s, int64_t *pid, int64_t *uid, int64_t *gid)
887 {
888 struct xucred xucred;
889 socklen_t n = sizeof xucred;
890
891 if (getsockopt (s, 0, LOCAL_PEERCRED, &xucred, &n) == -1) {
892 nbdkit_error ("getsockopt: LOCAL_PEERCRED: %m");
893 return -1;
894 }
895
896 if (xucred.cr_version != XUCRED_VERSION) {
897 nbdkit_error ("getsockopt: LOCAL_PEERCRED: "
898 "struct xucred version (%u) "
899 "did not match expected version (%u)",
900 xucred.cr_version, XUCRED_VERSION);
901 return -1;
902 }
903
904 if (n != sizeof xucred) {
905 nbdkit_error ("getsockopt: LOCAL_PEERCRED: did not return full struct");
906 return -1;
907 }
908
909 if (pid)
910 nbdkit_error ("nbdkit_peer_pid is not supported on this platform");
911 if (uid && xucred.cr_uid >= 0) {
912 #if SIZEOF_UID_T >= 8
913 if (xucred.cr_uid <= INT64_MAX)
914 #endif
915 *uid = xucred.cr_uid;
916 #if SIZEOF_UID_T >= 8
917 else
918 nbdkit_error ("uid out of range: cannot be mapped to int64_t");
919 #endif
920 }
921 if (gid && xucred.cr_ngroups > 0) {
922 #if SIZEOF_GID_T >= 8
923 if (xucred.cr_gid <= INT64_MAX)
924 #endif
925 *gid = xucred.cr_gid;
926 #if SIZEOF_GID_T >= 8
927 else
928 nbdkit_error ("gid out of range: cannot be mapped to int64_t");
929 #endif
930 }
931
932 return 0;
933 }
934
935 #endif /* LOCAL_PEERCRED */
936
937 #ifndef GET_PEERCRED_DEFINED
938
939 static int
940 get_peercred (int s, int64_t *pid, int64_t *uid, int64_t *gid)
941 {
942 nbdkit_error ("nbdkit_peer_pid, nbdkit_peer_uid and nbdkit_peer_gid "
943 "are not supported on this platform");
944 return -1;
945 }
946
947 #endif
948
949 static int
950 get_peercred_common (int64_t *pid, int64_t *uid, int64_t *gid)
951 {
952 struct connection *conn = threadlocal_get_conn ();
953 int s;
954
955 if (pid) *pid = -1;
956 if (uid) *uid = -1;
957 if (gid) *gid = -1;
958
959 if (!conn) {
960 nbdkit_error ("no connection in this thread");
961 return -1;
962 }
963
964 s = conn->sockin;
965 if (s == -1) {
966 nbdkit_error ("socket not open");
967 return -1;
968 }
969
970 return get_peercred (s, pid, uid, gid);
971 }
972
973 NBDKIT_DLL_PUBLIC int64_t
974 nbdkit_peer_pid ()
975 {
976 int64_t pid;
977
978 if (get_peercred_common (&pid, NULL, NULL) == -1)
979 return -1;
980
981 return pid;
982 }
983
984 NBDKIT_DLL_PUBLIC int64_t
985 nbdkit_peer_uid ()
986 {
987 int64_t uid;
988
989 if (get_peercred_common (NULL, &uid, NULL) == -1)
990 return -1;
991
992 return uid;
993 }
994
995 NBDKIT_DLL_PUBLIC int64_t
996 nbdkit_peer_gid ()
997 {
998 int64_t gid;
999
1000 if (get_peercred_common (NULL, NULL, &gid) == -1)
1001 return -1;
1002
1003 return gid;
1004 }
1005
1006 /* Functions for manipulating intern'd strings. */
1007
1008 static string_vector global_interns;
1009
1010 void
1011 free_interns (void)
1012 {
1013 struct connection *conn = threadlocal_get_conn ();
1014 string_vector *list = conn ? &conn->interns : &global_interns;
1015
1016 string_vector_empty (list);
1017 }
1018
1019 static const char *
1020 add_intern (char *str)
1021 {
1022 struct context *c = threadlocal_get_context ();
1023 struct connection *conn = c ? c->conn : NULL;
1024 string_vector *list = conn ? &conn->interns : &global_interns;
1025
1026 if (string_vector_append (list, str) == -1) {
1027 nbdkit_error ("malloc: %m");
1028 free (str);
1029 return NULL;
1030 }
1031
1032 return str;
1033 }
1034
1035 NBDKIT_DLL_PUBLIC const char *
1036 nbdkit_strndup_intern (const char *str, size_t n)
1037 {
1038 char *copy;
1039
1040 if (str == NULL) {
1041 nbdkit_error ("nbdkit_strndup_intern: no string given");
1042 errno = EINVAL;
1043 return NULL;
1044 }
1045
1046 copy = strndup (str, n);
1047 if (copy == NULL) {
1048 nbdkit_error ("strndup: %m");
1049 return NULL;
1050 }
1051
1052 return add_intern (copy);
1053 }
1054
1055 NBDKIT_DLL_PUBLIC const char *
1056 nbdkit_strdup_intern (const char *str)
1057 {
1058 char *copy;
1059
1060 if (str == NULL) {
1061 nbdkit_error ("nbdkit_strdup_intern: no string given");
1062 errno = EINVAL;
1063 return NULL;
1064 }
1065
1066 copy = strdup (str);
1067 if (copy == NULL) {
1068 nbdkit_error ("strdup: %m");
1069 return NULL;
1070 }
1071
1072 return add_intern (copy);
1073 }
1074
1075 NBDKIT_DLL_PUBLIC const char *
1076 nbdkit_vprintf_intern (const char *fmt, va_list ap)
1077 {
1078 char *str = NULL;
1079
1080 if (vasprintf (&str, fmt, ap) == -1) {
1081 nbdkit_error ("asprintf: %m");
1082 return NULL;
1083 }
1084
1085 return add_intern (str);
1086 }
1087
1088 NBDKIT_DLL_PUBLIC const char *
1089 nbdkit_printf_intern (const char *fmt, ...)
1090 {
1091 va_list ap;
1092 const char *ret;
1093
1094 va_start (ap, fmt);
1095 ret = nbdkit_vprintf_intern (fmt, ap);
1096 va_end (ap);
1097 return ret;
1098 }
1099
1100 NBDKIT_DLL_PUBLIC void
1101 nbdkit_disconnect (int force)
1102 {
1103 struct connection *conn = threadlocal_get_conn ();
1104
1105 if (!conn) {
1106 debug ("no connection in this thread, ignoring disconnect request");
1107 return;
1108 }
1109 if (connection_set_status (force ? STATUS_DEAD : STATUS_SHUTDOWN)) {
1110 ACQUIRE_LOCK_FOR_CURRENT_SCOPE (&conn->write_lock);
1111 conn->close (SHUT_WR);
1112 }
1113 }
Liberally-licensed kit for writing user-space NBD servers