ivshmem: validate incoming_posn value from server
[qemu/rayw.git] / slirp / misc.c
blob6543dc777298463931ae82fbb94619c8b0ee5902
1 /*
2 * Copyright (c) 1995 Danny Gasparovski.
4 * Please read the file COPYRIGHT for the
5 * terms and conditions of the copyright.
6 */
8 #include <slirp.h>
9 #include <libslirp.h>
11 #include "monitor/monitor.h"
12 #include "qemu/main-loop.h"
14 #ifdef DEBUG
15 int slirp_debug = DBG_CALL|DBG_MISC|DBG_ERROR;
16 #endif
18 struct quehead {
19 struct quehead *qh_link;
20 struct quehead *qh_rlink;
23 inline void
24 insque(void *a, void *b)
26 register struct quehead *element = (struct quehead *) a;
27 register struct quehead *head = (struct quehead *) b;
28 element->qh_link = head->qh_link;
29 head->qh_link = (struct quehead *)element;
30 element->qh_rlink = (struct quehead *)head;
31 ((struct quehead *)(element->qh_link))->qh_rlink
32 = (struct quehead *)element;
35 inline void
36 remque(void *a)
38 register struct quehead *element = (struct quehead *) a;
39 ((struct quehead *)(element->qh_link))->qh_rlink = element->qh_rlink;
40 ((struct quehead *)(element->qh_rlink))->qh_link = element->qh_link;
41 element->qh_rlink = NULL;
44 int add_exec(struct ex_list **ex_ptr, int do_pty, char *exec,
45 struct in_addr addr, int port)
47 struct ex_list *tmp_ptr;
49 /* First, check if the port is "bound" */
50 for (tmp_ptr = *ex_ptr; tmp_ptr; tmp_ptr = tmp_ptr->ex_next) {
51 if (port == tmp_ptr->ex_fport &&
52 addr.s_addr == tmp_ptr->ex_addr.s_addr)
53 return -1;
56 tmp_ptr = *ex_ptr;
57 *ex_ptr = g_new(struct ex_list, 1);
58 (*ex_ptr)->ex_fport = port;
59 (*ex_ptr)->ex_addr = addr;
60 (*ex_ptr)->ex_pty = do_pty;
61 (*ex_ptr)->ex_exec = (do_pty == 3) ? exec : g_strdup(exec);
62 (*ex_ptr)->ex_next = tmp_ptr;
63 return 0;
66 #ifndef HAVE_STRERROR
69 * For systems with no strerror
72 extern int sys_nerr;
73 extern char *sys_errlist[];
75 char *
76 strerror(error)
77 int error;
79 if (error < sys_nerr)
80 return sys_errlist[error];
81 else
82 return "Unknown error.";
85 #endif
88 #ifdef _WIN32
90 int
91 fork_exec(struct socket *so, const char *ex, int do_pty)
93 /* not implemented */
94 return 0;
97 #else
100 * XXX This is ugly
101 * We create and bind a socket, then fork off to another
102 * process, which connects to this socket, after which we
103 * exec the wanted program. If something (strange) happens,
104 * the accept() call could block us forever.
106 * do_pty = 0 Fork/exec inetd style
107 * do_pty = 1 Fork/exec using slirp.telnetd
108 * do_ptr = 2 Fork/exec using pty
111 fork_exec(struct socket *so, const char *ex, int do_pty)
113 int s;
114 struct sockaddr_in addr;
115 socklen_t addrlen = sizeof(addr);
116 int opt;
117 const char *argv[256];
118 /* don't want to clobber the original */
119 char *bptr;
120 const char *curarg;
121 int c, i, ret;
122 pid_t pid;
124 DEBUG_CALL("fork_exec");
125 DEBUG_ARG("so = %lx", (long)so);
126 DEBUG_ARG("ex = %lx", (long)ex);
127 DEBUG_ARG("do_pty = %lx", (long)do_pty);
129 if (do_pty == 2) {
130 return 0;
131 } else {
132 addr.sin_family = AF_INET;
133 addr.sin_port = 0;
134 addr.sin_addr.s_addr = INADDR_ANY;
136 if ((s = qemu_socket(AF_INET, SOCK_STREAM, 0)) < 0 ||
137 bind(s, (struct sockaddr *)&addr, addrlen) < 0 ||
138 listen(s, 1) < 0) {
139 error_report("Error: inet socket: %s", strerror(errno));
140 closesocket(s);
142 return 0;
146 pid = fork();
147 switch(pid) {
148 case -1:
149 error_report("Error: fork failed: %s", strerror(errno));
150 close(s);
151 return 0;
153 case 0:
154 setsid();
156 /* Set the DISPLAY */
157 getsockname(s, (struct sockaddr *)&addr, &addrlen);
158 close(s);
160 * Connect to the socket
161 * XXX If any of these fail, we're in trouble!
163 s = qemu_socket(AF_INET, SOCK_STREAM, 0);
164 addr.sin_addr = loopback_addr;
165 do {
166 ret = connect(s, (struct sockaddr *)&addr, addrlen);
167 } while (ret < 0 && errno == EINTR);
169 dup2(s, 0);
170 dup2(s, 1);
171 dup2(s, 2);
172 for (s = getdtablesize() - 1; s >= 3; s--)
173 close(s);
175 i = 0;
176 bptr = g_strdup(ex); /* No need to free() this */
177 if (do_pty == 1) {
178 /* Setup "slirp.telnetd -x" */
179 argv[i++] = "slirp.telnetd";
180 argv[i++] = "-x";
181 argv[i++] = bptr;
182 } else
183 do {
184 /* Change the string into argv[] */
185 curarg = bptr;
186 while (*bptr != ' ' && *bptr != (char)0)
187 bptr++;
188 c = *bptr;
189 *bptr++ = (char)0;
190 argv[i++] = g_strdup(curarg);
191 } while (c);
193 argv[i] = NULL;
194 execvp(argv[0], (char **)argv);
196 /* Ooops, failed, let's tell the user why */
197 fprintf(stderr, "Error: execvp of %s failed: %s\n",
198 argv[0], strerror(errno));
199 close(0); close(1); close(2); /* XXX */
200 exit(1);
202 default:
203 qemu_add_child_watch(pid);
205 * XXX this could block us...
206 * XXX Should set a timer here, and if accept() doesn't
207 * return after X seconds, declare it a failure
208 * The only reason this will block forever is if socket()
209 * of connect() fail in the child process
211 do {
212 so->s = accept(s, (struct sockaddr *)&addr, &addrlen);
213 } while (so->s < 0 && errno == EINTR);
214 closesocket(s);
215 socket_set_fast_reuse(so->s);
216 opt = 1;
217 qemu_setsockopt(so->s, SOL_SOCKET, SO_OOBINLINE, &opt, sizeof(int));
218 qemu_set_nonblock(so->s);
220 /* Append the telnet options now */
221 if (so->so_m != NULL && do_pty == 1) {
222 sbappend(so, so->so_m);
223 so->so_m = NULL;
226 return 1;
229 #endif
231 void slirp_connection_info(Slirp *slirp, Monitor *mon)
233 const char * const tcpstates[] = {
234 [TCPS_CLOSED] = "CLOSED",
235 [TCPS_LISTEN] = "LISTEN",
236 [TCPS_SYN_SENT] = "SYN_SENT",
237 [TCPS_SYN_RECEIVED] = "SYN_RCVD",
238 [TCPS_ESTABLISHED] = "ESTABLISHED",
239 [TCPS_CLOSE_WAIT] = "CLOSE_WAIT",
240 [TCPS_FIN_WAIT_1] = "FIN_WAIT_1",
241 [TCPS_CLOSING] = "CLOSING",
242 [TCPS_LAST_ACK] = "LAST_ACK",
243 [TCPS_FIN_WAIT_2] = "FIN_WAIT_2",
244 [TCPS_TIME_WAIT] = "TIME_WAIT",
246 struct in_addr dst_addr;
247 struct sockaddr_in src;
248 socklen_t src_len;
249 uint16_t dst_port;
250 struct socket *so;
251 const char *state;
252 char buf[20];
254 monitor_printf(mon, " Protocol[State] FD Source Address Port "
255 "Dest. Address Port RecvQ SendQ\n");
257 for (so = slirp->tcb.so_next; so != &slirp->tcb; so = so->so_next) {
258 if (so->so_state & SS_HOSTFWD) {
259 state = "HOST_FORWARD";
260 } else if (so->so_tcpcb) {
261 state = tcpstates[so->so_tcpcb->t_state];
262 } else {
263 state = "NONE";
265 if (so->so_state & (SS_HOSTFWD | SS_INCOMING)) {
266 src_len = sizeof(src);
267 getsockname(so->s, (struct sockaddr *)&src, &src_len);
268 dst_addr = so->so_laddr;
269 dst_port = so->so_lport;
270 } else {
271 src.sin_addr = so->so_laddr;
272 src.sin_port = so->so_lport;
273 dst_addr = so->so_faddr;
274 dst_port = so->so_fport;
276 snprintf(buf, sizeof(buf), " TCP[%s]", state);
277 monitor_printf(mon, "%-19s %3d %15s %5d ", buf, so->s,
278 src.sin_addr.s_addr ? inet_ntoa(src.sin_addr) : "*",
279 ntohs(src.sin_port));
280 monitor_printf(mon, "%15s %5d %5d %5d\n",
281 inet_ntoa(dst_addr), ntohs(dst_port),
282 so->so_rcv.sb_cc, so->so_snd.sb_cc);
285 for (so = slirp->udb.so_next; so != &slirp->udb; so = so->so_next) {
286 if (so->so_state & SS_HOSTFWD) {
287 snprintf(buf, sizeof(buf), " UDP[HOST_FORWARD]");
288 src_len = sizeof(src);
289 getsockname(so->s, (struct sockaddr *)&src, &src_len);
290 dst_addr = so->so_laddr;
291 dst_port = so->so_lport;
292 } else {
293 snprintf(buf, sizeof(buf), " UDP[%d sec]",
294 (so->so_expire - curtime) / 1000);
295 src.sin_addr = so->so_laddr;
296 src.sin_port = so->so_lport;
297 dst_addr = so->so_faddr;
298 dst_port = so->so_fport;
300 monitor_printf(mon, "%-19s %3d %15s %5d ", buf, so->s,
301 src.sin_addr.s_addr ? inet_ntoa(src.sin_addr) : "*",
302 ntohs(src.sin_port));
303 monitor_printf(mon, "%15s %5d %5d %5d\n",
304 inet_ntoa(dst_addr), ntohs(dst_port),
305 so->so_rcv.sb_cc, so->so_snd.sb_cc);
308 for (so = slirp->icmp.so_next; so != &slirp->icmp; so = so->so_next) {
309 snprintf(buf, sizeof(buf), " ICMP[%d sec]",
310 (so->so_expire - curtime) / 1000);
311 src.sin_addr = so->so_laddr;
312 dst_addr = so->so_faddr;
313 monitor_printf(mon, "%-19s %3d %15s - ", buf, so->s,
314 src.sin_addr.s_addr ? inet_ntoa(src.sin_addr) : "*");
315 monitor_printf(mon, "%15s - %5d %5d\n", inet_ntoa(dst_addr),
316 so->so_rcv.sb_cc, so->so_snd.sb_cc);