1 /* dnsmasq is Copyright (c) 2000-2013 Simon Kelley
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License as published by
5 the Free Software Foundation; version 2 dated June, 1991, or
6 (at your option) version 3 dated 29 June, 2007.
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
13 You should have received a copy of the GNU General Public License
14 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 /* This file has code to fork a helper process which recieves data via a pipe
22 shared with the main process and which is responsible for calling a script when
25 The helper process is forked before the main process drops root, so it retains root
26 privs to pass on to the script. For this reason it tries to be paranoid about
27 data received from the main process, in case that has been compromised. We don't
28 want the helper to give an attacker root. In particular, the script to be run is
29 not settable via the pipe, once the fork has taken place it is not alterable by the
33 static void my_setenv(const char *name
, const char *value
, int *error
);
34 static unsigned char *grab_extradata(unsigned char *buf
, unsigned char *end
, char *env
, int *err
);
37 #define LUA_COMPAT_ALL
43 #define lua_open() luaL_newstate()
48 static unsigned char *grab_extradata_lua(unsigned char *buf
, unsigned char *end
, char *field
);
55 int action
, hwaddr_len
, hwaddr_type
;
56 int clid_len
, hostname_len
, ed_len
;
57 struct in_addr addr
, giaddr
;
58 unsigned int remaining_time
;
59 #ifdef HAVE_BROKEN_RTC
64 unsigned char hwaddr
[DHCP_CHADDR_MAX
];
65 char interface
[IF_NAMESIZE
];
69 static struct script_data
*buf
= NULL
;
70 static size_t bytes_in_buf
= 0, buf_size
= 0;
72 int create_helper(int event_fd
, int err_fd
, uid_t uid
, gid_t gid
, long max_fd
)
76 struct sigaction sigact
;
78 /* create the pipe through which the main program sends us commands,
79 then fork our process. */
80 if (pipe(pipefd
) == -1 || !fix_fd(pipefd
[1]) || (pid
= fork()) == -1)
82 send_event(err_fd
, EVENT_PIPE_ERR
, errno
, NULL
);
88 close(pipefd
[0]); /* close reader side */
92 /* ignore SIGTERM, so that we can clean up when the main process gets hit
93 and SIGALRM so that we can use sleep() */
94 sigact
.sa_handler
= SIG_IGN
;
96 sigemptyset(&sigact
.sa_mask
);
97 sigaction(SIGTERM
, &sigact
, NULL
);
98 sigaction(SIGALRM
, &sigact
, NULL
);
100 if (!option_bool(OPT_DEBUG
) && uid
!= 0)
103 if (setgroups(0, &dummy
) == -1 ||
107 if (option_bool(OPT_NO_FORK
))
108 /* send error to daemon process if no-fork */
109 send_event(event_fd
, EVENT_USER_ERR
, errno
, daemon
->scriptuser
);
113 send_event(event_fd
, EVENT_DIE
, 0, NULL
);
115 send_event(err_fd
, EVENT_USER_ERR
, errno
, daemon
->scriptuser
);
121 /* close all the sockets etc, we don't need them here.
122 Don't close err_fd, in case the lua-init fails.
123 Note that we have to do this before lua init
124 so we don't close any lua fds. */
125 for (max_fd
--; max_fd
>= 0; max_fd
--)
126 if (max_fd
!= STDOUT_FILENO
&& max_fd
!= STDERR_FILENO
&&
127 max_fd
!= STDIN_FILENO
&& max_fd
!= pipefd
[0] &&
128 max_fd
!= event_fd
&& max_fd
!= err_fd
)
131 #ifdef HAVE_LUASCRIPT
132 if (daemon
->luascript
)
134 const char *lua_err
= NULL
;
138 /* get Lua to load our script file */
139 if (luaL_dofile(lua
, daemon
->luascript
) != 0)
140 lua_err
= lua_tostring(lua
, -1);
143 lua_getglobal(lua
, "lease");
144 if (lua_type(lua
, -1) != LUA_TFUNCTION
)
145 lua_err
= _("lease() function missing in Lua script");
150 if (option_bool(OPT_NO_FORK
) || option_bool(OPT_DEBUG
))
151 /* send error to daemon process if no-fork */
152 send_event(event_fd
, EVENT_LUA_ERR
, 0, (char *)lua_err
);
156 send_event(event_fd
, EVENT_DIE
, 0, NULL
);
158 send_event(err_fd
, EVENT_LUA_ERR
, 0, (char *)lua_err
);
163 lua_pop(lua
, 1); /* remove nil from stack */
164 lua_getglobal(lua
, "init");
165 if (lua_type(lua
, -1) == LUA_TFUNCTION
)
168 lua_pop(lua
, 1); /* remove nil from stack */
172 /* All init done, close our copy of the error pipe, so that main process can return */
179 struct script_data data
;
180 char *p
, *action_str
, *hostname
= NULL
, *domain
= NULL
;
181 unsigned char *buf
= (unsigned char *)daemon
->namebuff
;
182 unsigned char *end
, *extradata
, *alloc_buff
= NULL
;
187 /* we read zero bytes when pipe closed: this is our signal to exit */
188 if (!read_write(pipefd
[0], (unsigned char *)&data
, sizeof(data
), 1))
190 #ifdef HAVE_LUASCRIPT
191 if (daemon
->luascript
)
193 lua_getglobal(lua
, "shutdown");
194 if (lua_type(lua
, -1) == LUA_TFUNCTION
)
201 is6
= !!(data
.flags
& (LEASE_TA
| LEASE_NA
));
203 if (data
.action
== ACTION_DEL
)
205 else if (data
.action
== ACTION_ADD
)
207 else if (data
.action
== ACTION_OLD
|| data
.action
== ACTION_OLD_HOSTNAME
)
209 else if (data
.action
== ACTION_TFTP
)
212 is6
= (data
.flags
!= AF_INET
);
220 /* stringify MAC into dhcp_buff */
221 p
= daemon
->dhcp_buff
;
222 if (data
.hwaddr_type
!= ARPHRD_ETHER
|| data
.hwaddr_len
== 0)
223 p
+= sprintf(p
, "%.2x-", data
.hwaddr_type
);
224 for (i
= 0; (i
< data
.hwaddr_len
) && (i
< DHCP_CHADDR_MAX
); i
++)
226 p
+= sprintf(p
, "%.2x", data
.hwaddr
[i
]);
227 if (i
!= data
.hwaddr_len
- 1)
228 p
+= sprintf(p
, ":");
232 /* supplied data may just exceed normal buffer (unlikely) */
233 if ((data
.hostname_len
+ data
.ed_len
+ data
.clid_len
) > MAXDNAME
&&
234 !(alloc_buff
= buf
= malloc(data
.hostname_len
+ data
.ed_len
+ data
.clid_len
)))
237 if (!read_write(pipefd
[0], buf
,
238 data
.hostname_len
+ data
.ed_len
+ data
.clid_len
, 1))
241 /* CLID into packet */
243 for (p
= daemon
->packet
, i
= 0; i
< data
.clid_len
; i
++)
245 p
+= sprintf(p
, "%.2x", buf
[i
]);
246 if (i
!= data
.clid_len
- 1)
247 p
+= sprintf(p
, ":");
252 /* or IAID and server DUID for IPv6 */
253 sprintf(daemon
->dhcp_buff3
, "%s%u", data
.flags
& LEASE_TA
? "T" : "", data
.hwaddr_type
);
254 for (p
= daemon
->packet
, i
= 0; i
< daemon
->duid_len
; i
++)
256 p
+= sprintf(p
, "%.2x", daemon
->duid
[i
]);
257 if (i
!= daemon
->duid_len
- 1)
258 p
+= sprintf(p
, ":");
261 /* duid not MAC for IPv6 */
262 for (p
= daemon
->dhcp_buff
, i
= 0; i
< data
.clid_len
; i
++)
264 p
+= sprintf(p
, "%.2x", buf
[i
]);
265 if (i
!= data
.clid_len
- 1)
266 p
+= sprintf(p
, ":");
271 buf
+= data
.clid_len
;
273 if (data
.hostname_len
!= 0)
276 hostname
= (char *)buf
;
277 hostname
[data
.hostname_len
- 1] = 0;
278 if (data
.action
!= ACTION_TFTP
)
280 if (!legal_hostname(hostname
))
282 else if ((dot
= strchr(hostname
, '.')))
290 extradata
= buf
+ data
.hostname_len
;
293 inet_ntop(AF_INET
, &data
.addr
, daemon
->addrbuff
, ADDRSTRLEN
);
296 inet_ntop(AF_INET6
, &data
.hwaddr
, daemon
->addrbuff
, ADDRSTRLEN
);
300 if (data
.action
== ACTION_TFTP
)
301 sprintf(daemon
->dhcp_buff
, "%u", data
.hwaddr_len
);
303 #ifdef HAVE_LUASCRIPT
304 if (daemon
->luascript
)
306 if (data
.action
== ACTION_TFTP
)
308 lua_getglobal(lua
, "tftp");
309 if (lua_type(lua
, -1) != LUA_TFUNCTION
)
310 lua_pop(lua
, 1); /* tftp function optional */
313 lua_pushstring(lua
, action_str
); /* arg1 - action */
314 lua_newtable(lua
); /* arg2 - data table */
315 lua_pushstring(lua
, daemon
->addrbuff
);
316 lua_setfield(lua
, -2, "destination_address");
317 lua_pushstring(lua
, hostname
);
318 lua_setfield(lua
, -2, "file_name");
319 lua_pushstring(lua
, daemon
->dhcp_buff
);
320 lua_setfield(lua
, -2, "file_size");
321 lua_call(lua
, 2, 0); /* pass 2 values, expect 0 */
326 lua_getglobal(lua
, "lease"); /* function to call */
327 lua_pushstring(lua
, action_str
); /* arg1 - action */
328 lua_newtable(lua
); /* arg2 - data table */
332 lua_pushstring(lua
, daemon
->dhcp_buff
);
333 lua_setfield(lua
, -2, "client_duid");
334 lua_pushstring(lua
, daemon
->packet
);
335 lua_setfield(lua
, -2, "server_duid");
336 lua_pushstring(lua
, daemon
->dhcp_buff3
);
337 lua_setfield(lua
, -2, "iaid");
340 if (!is6
&& data
.clid_len
!= 0)
342 lua_pushstring(lua
, daemon
->packet
);
343 lua_setfield(lua
, -2, "client_id");
346 if (strlen(data
.interface
) != 0)
348 lua_pushstring(lua
, data
.interface
);
349 lua_setfield(lua
, -2, "interface");
352 #ifdef HAVE_BROKEN_RTC
353 lua_pushnumber(lua
, data
.length
);
354 lua_setfield(lua
, -2, "lease_length");
356 lua_pushnumber(lua
, data
.expires
);
357 lua_setfield(lua
, -2, "lease_expires");
362 lua_pushstring(lua
, hostname
);
363 lua_setfield(lua
, -2, "hostname");
368 lua_pushstring(lua
, domain
);
369 lua_setfield(lua
, -2, "domain");
372 end
= extradata
+ data
.ed_len
;
376 buf
= grab_extradata_lua(buf
, end
, "vendor_class");
379 for (i
= 0; i
< data
.hwaddr_len
; i
++)
381 sprintf(daemon
->dhcp_buff2
, "vendor_class%i", i
);
382 buf
= grab_extradata_lua(buf
, end
, daemon
->dhcp_buff2
);
386 buf
= grab_extradata_lua(buf
, end
, "supplied_hostname");
390 buf
= grab_extradata_lua(buf
, end
, "cpewan_oui");
391 buf
= grab_extradata_lua(buf
, end
, "cpewan_serial");
392 buf
= grab_extradata_lua(buf
, end
, "cpewan_class");
393 buf
= grab_extradata_lua(buf
, end
, "circuit_id");
394 buf
= grab_extradata_lua(buf
, end
, "subscriber_id");
395 buf
= grab_extradata_lua(buf
, end
, "remote_id");
398 buf
= grab_extradata_lua(buf
, end
, "tags");
401 buf
= grab_extradata_lua(buf
, end
, "relay_address");
402 else if (data
.giaddr
.s_addr
!= 0)
404 lua_pushstring(lua
, inet_ntoa(data
.giaddr
));
405 lua_setfield(lua
, -2, "relay_address");
408 for (i
= 0; buf
; i
++)
410 sprintf(daemon
->dhcp_buff2
, "user_class%i", i
);
411 buf
= grab_extradata_lua(buf
, end
, daemon
->dhcp_buff2
);
414 if (data
.action
!= ACTION_DEL
&& data
.remaining_time
!= 0)
416 lua_pushnumber(lua
, data
.remaining_time
);
417 lua_setfield(lua
, -2, "time_remaining");
420 if (data
.action
== ACTION_OLD_HOSTNAME
&& hostname
)
422 lua_pushstring(lua
, hostname
);
423 lua_setfield(lua
, -2, "old_hostname");
428 lua_pushstring(lua
, daemon
->dhcp_buff
);
429 lua_setfield(lua
, -2, "mac_address");
432 lua_pushstring(lua
, daemon
->addrbuff
);
433 lua_setfield(lua
, -2, "ip_address");
435 lua_call(lua
, 2, 0); /* pass 2 values, expect 0 */
440 /* no script, just lua */
441 if (!daemon
->lease_change_command
)
444 /* possible fork errors are all temporary resource problems */
445 while ((pid
= fork()) == -1 && (errno
== EAGAIN
|| errno
== ENOMEM
))
451 /* wait for child to complete */
454 /* reap our children's children, if necessary */
458 pid_t rc
= wait(&status
);
462 /* On error send event back to main process for logging */
463 if (WIFSIGNALED(status
))
464 send_event(event_fd
, EVENT_KILLED
, WTERMSIG(status
), NULL
);
465 else if (WIFEXITED(status
) && WEXITSTATUS(status
) != 0)
466 send_event(event_fd
, EVENT_EXITED
, WEXITSTATUS(status
), NULL
);
470 if (rc
== -1 && errno
!= EINTR
)
477 if (data
.action
!= ACTION_TFTP
)
481 my_setenv("DNSMASQ_IAID", daemon
->dhcp_buff3
, &err
);
482 my_setenv("DNSMASQ_SERVER_DUID", daemon
->packet
, &err
);
485 if (!is6
&& data
.clid_len
!= 0)
486 my_setenv("DNSMASQ_CLIENT_ID", daemon
->packet
, &err
);
488 if (strlen(data
.interface
) != 0)
489 my_setenv("DNSMASQ_INTERFACE", data
.interface
, &err
);
491 #ifdef HAVE_BROKEN_RTC
492 sprintf(daemon
->dhcp_buff2
, "%u", data
.length
);
493 my_setenv("DNSMASQ_LEASE_LENGTH", daemon
->dhcp_buff2
, &err
);
495 sprintf(daemon
->dhcp_buff2
, "%lu", (unsigned long)data
.expires
);
496 my_setenv("DNSMASQ_LEASE_EXPIRES", daemon
->dhcp_buff2
, &err
);
500 my_setenv("DNSMASQ_DOMAIN", domain
, &err
);
502 end
= extradata
+ data
.ed_len
;
506 buf
= grab_extradata(buf
, end
, "DNSMASQ_VENDOR_CLASS", &err
);
510 if (data
.hwaddr_len
!= 0)
512 buf
= grab_extradata(buf
, end
, "DNSMASQ_VENDOR_CLASS_ID", &err
);
513 for (i
= 0; i
< data
.hwaddr_len
- 1; i
++)
515 sprintf(daemon
->dhcp_buff2
, "DNSMASQ_VENDOR_CLASS%i", i
);
516 buf
= grab_extradata(buf
, end
, daemon
->dhcp_buff2
, &err
);
522 buf
= grab_extradata(buf
, end
, "DNSMASQ_SUPPLIED_HOSTNAME", &err
);
526 buf
= grab_extradata(buf
, end
, "DNSMASQ_CPEWAN_OUI", &err
);
527 buf
= grab_extradata(buf
, end
, "DNSMASQ_CPEWAN_SERIAL", &err
);
528 buf
= grab_extradata(buf
, end
, "DNSMASQ_CPEWAN_CLASS", &err
);
529 buf
= grab_extradata(buf
, end
, "DNSMASQ_CIRCUIT_ID", &err
);
530 buf
= grab_extradata(buf
, end
, "DNSMASQ_SUBSCRIBER_ID", &err
);
531 buf
= grab_extradata(buf
, end
, "DNSMASQ_REMOTE_ID", &err
);
534 buf
= grab_extradata(buf
, end
, "DNSMASQ_TAGS", &err
);
537 buf
= grab_extradata(buf
, end
, "DNSMASQ_RELAY_ADDRESS", &err
);
538 else if (data
.giaddr
.s_addr
!= 0)
539 my_setenv("DNSMASQ_RELAY_ADDRESS", inet_ntoa(data
.giaddr
), &err
);
541 for (i
= 0; buf
; i
++)
543 sprintf(daemon
->dhcp_buff2
, "DNSMASQ_USER_CLASS%i", i
);
544 buf
= grab_extradata(buf
, end
, daemon
->dhcp_buff2
, &err
);
547 if (data
.action
!= ACTION_DEL
&& data
.remaining_time
!= 0)
549 sprintf(daemon
->dhcp_buff2
, "%u", data
.remaining_time
);
550 my_setenv("DNSMASQ_TIME_REMAINING", daemon
->dhcp_buff2
, &err
);
553 if (data
.action
== ACTION_OLD_HOSTNAME
&& hostname
)
555 my_setenv("DNSMASQ_OLD_HOSTNAME", hostname
, &err
);
560 if (option_bool(OPT_LOG_OPTS
))
561 my_setenv("DNSMASQ_LOG_DHCP", "1", &err
);
563 /* we need to have the event_fd around if exec fails */
564 if ((i
= fcntl(event_fd
, F_GETFD
)) != -1)
565 fcntl(event_fd
, F_SETFD
, i
| FD_CLOEXEC
);
568 p
= strrchr(daemon
->lease_change_command
, '/');
571 execl(daemon
->lease_change_command
,
572 p
? p
+1 : daemon
->lease_change_command
,
573 action_str
, daemon
->dhcp_buff
, daemon
->addrbuff
, hostname
, (char*)NULL
);
576 /* failed, send event so the main process logs the problem */
577 send_event(event_fd
, EVENT_EXEC_ERR
, err
, NULL
);
582 static void my_setenv(const char *name
, const char *value
, int *error
)
584 if (*error
== 0 && setenv(name
, value
, 1) != 0)
588 static unsigned char *grab_extradata(unsigned char *buf
, unsigned char *end
, char *env
, int *err
)
592 if (!buf
|| (buf
== end
))
595 for (next
= buf
; *next
!= 0; next
++)
602 /* No "=" in value */
603 if ((p
= strchr((char *)buf
, '=')))
605 my_setenv(env
, (char *)buf
, err
);
611 #ifdef HAVE_LUASCRIPT
612 static unsigned char *grab_extradata_lua(unsigned char *buf
, unsigned char *end
, char *field
)
616 if (!buf
|| (buf
== end
))
619 for (next
= buf
; *next
!= 0; next
++)
625 lua_pushstring(lua
, (char *)buf
);
626 lua_setfield(lua
, -2, field
);
633 static void buff_alloc(size_t size
)
637 struct script_data
*new;
639 /* start with reasonable size, will almost never need extending. */
640 if (size
< sizeof(struct script_data
) + 200)
641 size
= sizeof(struct script_data
) + 200;
643 if (!(new = whine_malloc(size
)))
652 /* pack up lease data into a buffer */
653 void queue_script(int action
, struct dhcp_lease
*lease
, char *hostname
, time_t now
)
656 unsigned int hostname_len
= 0, clid_len
= 0, ed_len
= 0;
657 int fd
= daemon
->dhcpfd
;
659 int is6
= !!(lease
->flags
& (LEASE_TA
| LEASE_NA
));
662 fd
= daemon
->dhcp6fd
;
666 if (daemon
->helperfd
== -1)
669 if (lease
->extradata
)
670 ed_len
= lease
->extradata_len
;
672 clid_len
= lease
->clid_len
;
674 hostname_len
= strlen(hostname
) + 1;
676 buff_alloc(sizeof(struct script_data
) + clid_len
+ ed_len
+ hostname_len
);
678 buf
->action
= action
;
679 buf
->flags
= lease
->flags
;
682 buf
->hwaddr_len
= lease
->vendorclass_count
;
685 buf
->hwaddr_len
= lease
->hwaddr_len
;
686 buf
->hwaddr_type
= lease
->hwaddr_type
;
687 buf
->clid_len
= clid_len
;
688 buf
->ed_len
= ed_len
;
689 buf
->hostname_len
= hostname_len
;
690 buf
->addr
= lease
->addr
;
691 buf
->giaddr
= lease
->giaddr
;
692 memcpy(buf
->hwaddr
, lease
->hwaddr
, DHCP_CHADDR_MAX
);
693 if (!indextoname(fd
, lease
->last_interface
, buf
->interface
))
694 buf
->interface
[0] = 0;
696 #ifdef HAVE_BROKEN_RTC
697 buf
->length
= lease
->length
;
699 buf
->expires
= lease
->expires
;
702 if (lease
->expires
!= 0)
703 buf
->remaining_time
= (unsigned int)difftime(lease
->expires
, now
);
705 buf
->remaining_time
= 0;
707 p
= (unsigned char *)(buf
+1);
710 memcpy(p
, lease
->clid
, clid_len
);
713 if (hostname_len
!= 0)
715 memcpy(p
, hostname
, hostname_len
);
720 memcpy(p
, lease
->extradata
, ed_len
);
723 bytes_in_buf
= p
- (unsigned char *)buf
;
727 /* This nastily re-uses DHCP-fields for TFTP stuff */
728 void queue_tftp(off_t file_len
, char *filename
, union mysockaddr
*peer
)
730 unsigned int filename_len
;
733 if (daemon
->helperfd
== -1)
736 filename_len
= strlen(filename
) + 1;
737 buff_alloc(sizeof(struct script_data
) + filename_len
);
738 memset(buf
, 0, sizeof(struct script_data
));
740 buf
->action
= ACTION_TFTP
;
741 buf
->hostname_len
= filename_len
;
742 buf
->hwaddr_len
= file_len
;
744 if ((buf
->flags
= peer
->sa
.sa_family
) == AF_INET
)
745 buf
->addr
= peer
->in
.sin_addr
;
748 memcpy(buf
->hwaddr
, &peer
->in6
.sin6_addr
, IN6ADDRSZ
);
751 memcpy((unsigned char *)(buf
+1), filename
, filename_len
);
753 bytes_in_buf
= sizeof(struct script_data
) + filename_len
;
757 int helper_buf_empty(void)
759 return bytes_in_buf
== 0;
762 void helper_write(void)
766 if (bytes_in_buf
== 0)
769 if ((rc
= write(daemon
->helperfd
, buf
, bytes_in_buf
)) != -1)
771 if (bytes_in_buf
!= (size_t)rc
)
772 memmove(buf
, buf
+ rc
, bytes_in_buf
- rc
);
777 if (errno
== EAGAIN
|| errno
== EINTR
)