]> The Tcpdump Group git mirrors - libpcap/blob - rpcapd/rpcapd.c
projects / libpcap / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Enable -Wunused-parameter and fix warnings that are almost trivial.
[libpcap] / rpcapd / rpcapd.c
1 /*
2 * Copyright (c) 2002 - 2003
3 * NetGroup, Politecnico di Torino (Italy)
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the Politecnico di Torino nor the names of its
16 * contributors may be used to endorse or promote products derived from
17 * this software without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
23 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
25 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 *
31 */
32
33 #ifdef HAVE_CONFIG_H
34 #include <config.h>
35 #endif
36
37 #include "ftmacros.h"
38
39 #include <errno.h> // for the errno variable
40 #include <string.h> // for strtok, etc
41 #include <stdlib.h> // for malloc(), free(), ...
42 #include <pcap.h> // for PCAP_ERRBUF_SIZE
43 #include <signal.h> // for signal()
44
45 #include "fmtutils.h"
46 #include "sockutils.h" // for socket calls
47 #include "varattrs.h" // for _U_
48 #include "portability.h"
49 #include "rpcapd.h"
50 #include "config_params.h" // configuration file parameters
51 #include "fileconf.h" // for the configuration file management
52 #include "rpcap-protocol.h"
53 #include "daemon.h" // the true main() method of this daemon
54 #include "log.h"
55
56 #ifdef _WIN32
57 #include <process.h> // for thread stuff
58 #include "win32-svc.h" // for Win32 service stuff
59 #include "getopt.h" // for getopt()-for-Windows
60 #else
61 #include <fcntl.h> // for open()
62 #include <unistd.h> // for exit()
63 #include <sys/wait.h> // waitpid()
64 #endif
65
66 //
67 // Element in list of sockets on which we're listening for connections.
68 //
69 struct listen_sock {
70 struct listen_sock *next;
71 SOCKET sock;
72 };
73
74 // Global variables
75 char hostlist[MAX_HOST_LIST + 1]; //!< Keeps the list of the hosts that are allowed to connect to this server
76 struct active_pars activelist[MAX_ACTIVE_LIST]; //!< Keeps the list of the hosts (host, port) on which I want to connect to (active mode)
77 int nullAuthAllowed; //!< '1' if we permit NULL authentication, '0' otherwise
78 static struct listen_sock *listen_socks; //!< sockets on which we listen
79 char loadfile[MAX_LINE + 1]; //!< Name of the file from which we have to load the configuration
80 static int passivemode = 1; //!< '1' if we want to run in passive mode as well
81 static struct addrinfo mainhints; //!< temporary struct to keep settings needed to open the new socket
82 static char address[MAX_LINE + 1]; //!< keeps the network address (either numeric or literal) to bind to
83 static char port[MAX_LINE + 1]; //!< keeps the network port to bind to
84 #ifdef _WIN32
85 static HANDLE state_change_event; //!< event to signal that a state change should take place
86 #endif
87 static volatile sig_atomic_t shutdown_server; //!< '1' if the server is to shut down
88 static volatile sig_atomic_t reread_config; //!< '1' if the server is to re-read its configuration
89
90 extern char *optarg; // for getopt()
91
92 // Function definition
93 #ifdef _WIN32
94 static unsigned __stdcall main_active(void *ptr);
95 static BOOL WINAPI main_ctrl_event(DWORD);
96 #else
97 static void *main_active(void *ptr);
98 static void main_terminate(int sign);
99 static void main_reread_config(int sign);
100 #endif
101 static void accept_connections(void);
102 static void accept_connection(SOCKET listen_sock);
103 #ifndef _WIN32
104 static void main_reap_children(int sign);
105 #endif
106 #ifdef _WIN32
107 static unsigned __stdcall main_passive_serviceloop_thread(void *ptr);
108 #endif
109
110 #define RPCAP_ACTIVE_WAIT 30 /* Waiting time between two attempts to open a connection, in active mode (default: 30 sec) */
111
112 /*!
113 \brief Prints the usage screen if it is launched in console mode.
114 */
115 static void printusage(void)
116 {
117 char *usagetext =
118 "USAGE:"
119 " " PROGRAM_NAME " [-b <address>] [-p <port>] [-4] [-l <host_list>] [-a <host,port>]\n"
120 " [-n] [-v] [-d] "
121 #ifndef _WIN32
122 "[-i] "
123 #endif
124 "[-s <file>] [-f <file>]\n\n"
125 " -b <address> the address to bind to (either numeric or literal).\n"
126 " Default: binds to all local IPv4 and IPv6 addresses\n\n"
127 " -p <port> the port to bind to.\n"
128 " Default: binds to port " RPCAP_DEFAULT_NETPORT "\n\n"
129 " -4 use only IPv4.\n"
130 " Default: use both IPv4 and IPv6 waiting sockets\n\n"
131 " -l <host_list> a file that contains a list of hosts that are allowed\n"
132 " to connect to this server (if more than one, list them one\n"
133 " per line).\n"
134 " We suggest to use literal names (instead of numeric ones)\n"
135 " in order to avoid problems with different address families.\n\n"
136 " -n permit NULL authentication (usually used with '-l')\n\n"
137 " -a <host,port> run in active mode when connecting to 'host' on port 'port'\n"
138 " In case 'port' is omitted, the default port (" RPCAP_DEFAULT_NETPORT_ACTIVE ") is used\n\n"
139 " -v run in active mode only (default: if '-a' is specified, it\n"
140 " accepts passive connections as well)\n\n"
141 " -d run in daemon mode (UNIX only) or as a service (Win32 only)\n"
142 " Warning (Win32): this switch is provided automatically when\n"
143 " the service is started from the control panel\n\n"
144 #ifndef _WIN32
145 " -i run in inetd mode (UNIX only)\n\n"
146 #endif
147 " -s <file> save the current configuration to file\n\n"
148 " -f <file> load the current configuration from file; all switches\n"
149 " specified from the command line are ignored\n\n"
150 " -h print this help screen\n\n";
151
152 (void)fprintf(stderr, "RPCAPD, a remote packet capture daemon.\n"
153 "Compiled with %s\n\n", pcap_lib_version());
154 printf("%s", usagetext);
155 }
156
157
158
159 //! Program main
160 int main(int argc, char *argv[])
161 {
162 char savefile[MAX_LINE + 1]; // name of the file on which we have to save the configuration
163 int isdaemon = 0; // Non-zero if the user wants to run this program as a daemon
164 #ifndef _WIN32
165 int isrunbyinetd = 0; // Non-zero if this is being run by inetd or something inetd-like
166 #endif
167 int retval; // keeps the returning value from several functions
168 char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed
169 #ifndef _WIN32
170 struct sigaction action;
171 #endif
172
173 savefile[0] = 0;
174 loadfile[0] = 0;
175 hostlist[0] = 0;
176
177 // Initialize errbuf
178 memset(errbuf, 0, sizeof(errbuf));
179
180 if (sock_init(errbuf, PCAP_ERRBUF_SIZE) == -1)
181 {
182 SOCK_DEBUG_MESSAGE(errbuf);
183 exit(-1);
184 }
185
186 strncpy(address, RPCAP_DEFAULT_NETADDR, MAX_LINE);
187 strncpy(port, RPCAP_DEFAULT_NETPORT, MAX_LINE);
188
189 // Prepare to open a new server socket
190 memset(&mainhints, 0, sizeof(struct addrinfo));
191
192 mainhints.ai_family = PF_UNSPEC;
193 mainhints.ai_flags = AI_PASSIVE; // Ready to a bind() socket
194 mainhints.ai_socktype = SOCK_STREAM;
195
196 // Getting the proper command line options
197 while ((retval = getopt(argc, argv, "b:dhip:4l:na:s:f:v")) != -1)
198 {
199 switch (retval)
200 {
201 case 'b':
202 strncpy(address, optarg, MAX_LINE);
203 break;
204 case 'p':
205 strncpy(port, optarg, MAX_LINE);
206 break;
207 case '4':
208 mainhints.ai_family = PF_INET; // IPv4 server only
209 break;
210 case 'd':
211 isdaemon = 1;
212 break;
213 case 'i':
214 #ifdef _WIN32
215 printusage();
216 exit(1);
217 #else
218 isrunbyinetd = 1;
219 #endif
220 break;
221 case 'n':
222 nullAuthAllowed = 1;
223 break;
224 case 'v':
225 passivemode = 0;
226 break;
227 case 'l':
228 {
229 strncpy(hostlist, optarg, sizeof(hostlist));
230 break;
231 }
232 case 'a':
233 {
234 char *tmpaddress, *tmpport;
235 char *lasts;
236 int i = 0;
237
238 tmpaddress = pcap_strtok_r(optarg, RPCAP_HOSTLIST_SEP, &lasts);
239
240 while ((tmpaddress != NULL) && (i < MAX_ACTIVE_LIST))
241 {
242 tmpport = pcap_strtok_r(NULL, RPCAP_HOSTLIST_SEP, &lasts);
243
244 strlcpy(activelist[i].address, tmpaddress, MAX_LINE);
245
246 if ((tmpport == NULL) || (strcmp(tmpport, "DEFAULT") == 0)) // the user choose a custom port
247 strlcpy(activelist[i].port, RPCAP_DEFAULT_NETPORT_ACTIVE, MAX_LINE);
248 else
249 strlcpy(activelist[i].port, tmpport, MAX_LINE);
250
251 tmpaddress = pcap_strtok_r(NULL, RPCAP_HOSTLIST_SEP, &lasts);
252
253 i++;
254 }
255
256 if (i > MAX_ACTIVE_LIST)
257 SOCK_DEBUG_MESSAGE("Only MAX_ACTIVE_LIST active connections are currently supported.");
258
259 // I don't initialize the remaining part of the structure, since
260 // it is already zeroed (it is a global var)
261 break;
262 }
263 case 'f':
264 strlcpy(loadfile, optarg, MAX_LINE);
265 break;
266 case 's':
267 strlcpy(savefile, optarg, MAX_LINE);
268 break;
269 case 'h':
270 printusage();
271 exit(0);
272 break;
273 default:
274 exit(1);
275 break;
276 }
277 }
278
279 #ifndef _WIN32
280 if (isdaemon && isrunbyinetd)
281 {
282 fprintf(stderr, "rpcapd: -d and -i can't be used together\n");
283 exit(1);
284 }
285 #endif
286
287 if (savefile[0] && fileconf_save(savefile))
288 SOCK_DEBUG_MESSAGE("Error when saving the configuration to file");
289
290 // If the file does not exist, it keeps the settings provided by the command line
291 if (loadfile[0])
292 fileconf_read();
293
294 #ifdef WIN32
295 //
296 // Create a handle to signal the main loop to tell it to do
297 // something.
298 //
299 state_change_event = CreateEvent(NULL, FALSE, FALSE, NULL);
300 if (state_change_event == NULL)
301 {
302 sock_geterror(NULL, errbuf, PCAP_ERRBUF_SIZE);
303 rpcapd_log(LOGPRIO_ERROR, "Can't create state change event: %s",
304 errbuf);
305 exit(2);
306 }
307
308 //
309 // Catch control signals.
310 //
311 if (!SetConsoleCtrlHandler(main_ctrl_event, TRUE))
312 {
313 sock_geterror(NULL, errbuf, PCAP_ERRBUF_SIZE);
314 rpcapd_log(LOGPRIO_ERROR, "Can't set control handler: %s",
315 errbuf);
316 exit(2);
317 }
318 #else
319 memset(&action, 0, sizeof (action));
320 action.sa_handler = main_terminate;
321 action.sa_flags = 0;
322 sigemptyset(&action.sa_mask);
323 sigaction(SIGTERM, &action, NULL);
324 memset(&action, 0, sizeof (action));
325 action.sa_handler = main_reap_children;
326 action.sa_flags = 0;
327 sigemptyset(&action.sa_mask);
328 sigaction(SIGCHLD, &action, NULL);
329 // Ignore SIGPIPE - we'll get EPIPE when trying to write to a closed
330 // connection, we don't want to get killed by a signal in that case
331 signal(SIGPIPE, SIG_IGN);
332 #endif
333
334 #ifndef _WIN32
335 if (isrunbyinetd)
336 {
337 //
338 // -i was specified, indicating that this is being run
339 // by inetd or something that can run network daemons
340 // as if it were inetd (xinetd, launchd, systemd, etc.).
341 //
342 // Our standard input is the input side of a connection,
343 // and our standard output is the output side of a
344 // connection.
345 //
346 int sockctrl_in, sockctrl_out;
347 int devnull_fd;
348
349 //
350 // Duplicate the standard input and output, making them
351 // the input and output side of the control connection.
352 //
353 sockctrl_in = dup(0);
354 if (sockctrl_in == -1)
355 {
356 sock_geterror(NULL, errbuf, PCAP_ERRBUF_SIZE);
357 rpcapd_log(LOGPRIO_ERROR, "Can't dup standard input: %s",
358 errbuf);
359 exit(2);
360 }
361 sockctrl_out = dup(1);
362 if (sockctrl_out == -1)
363 {
364 sock_geterror(NULL, errbuf, PCAP_ERRBUF_SIZE);
365 rpcapd_log(LOGPRIO_ERROR, "Can't dup standard output: %s",
366 errbuf);
367 exit(2);
368 }
369
370 //
371 // Try to set the standard input and output to /dev/null.
372 //
373 devnull_fd = open("/dev/null", O_RDWR);
374 if (devnull_fd != -1)
375 {
376 //
377 // If this fails, just drive on.
378 //
379 (void)dup2(devnull_fd, 0);
380 (void)dup2(devnull_fd, 1);
381 close(devnull_fd);
382 }
383
384 //
385 // Handle this client.
386 // This is passive mode, so we don't care whether we were
387 // told by the client to close.
388 //
389 (void)daemon_serviceloop(sockctrl_in, sockctrl_out, 0,
390 nullAuthAllowed);
391
392 //
393 // Nothing more to do.
394 //
395 exit(0);
396 }
397 #endif
398
399 if (isdaemon)
400 {
401 //
402 // This is being run as a daemon.
403 // On UN*X, it might be manually run, or run from an
404 // rc file.
405 //
406 #ifndef _WIN32
407 int pid;
408
409 //
410 // Daemonize ourselves.
411 //
412 // Unix Network Programming, pg 336
413 //
414 if ((pid = fork()) != 0)
415 exit(0); // Parent terminates
416
417 // First child continues
418 // Set daemon mode
419 setsid();
420
421 // generated under unix with 'kill -HUP', needed to reload the configuration
422 memset(&action, 0, sizeof (action));
423 action.sa_handler = main_reread_config;
424 action.sa_flags = 0;
425 sigemptyset(&action.sa_mask);
426 sigaction(SIGHUP, &action, NULL);
427
428 if ((pid = fork()) != 0)
429 exit(0); // First child terminates
430
431 // LINUX WARNING: the current linux implementation of pthreads requires a management thread
432 // to handle some hidden stuff. So, as soon as you create the first thread, two threads are
433 // created. Fom this point on, the number of threads active are always one more compared
434 // to the number you're expecting
435
436 // Second child continues
437 // umask(0);
438 // chdir("/");
439 #else
440 //
441 // This is being run as a service on Windows.
442 //
443 // If this call succeeds, it is blocking on Win32
444 //
445 if (svc_start() != 1)
446 SOCK_DEBUG_MESSAGE("Unable to start the service");
447
448 // When the previous call returns, the entire application has to be stopped.
449 exit(0);
450 #endif
451 }
452 else // Console mode
453 {
454 #ifndef _WIN32
455 // Enable the catching of Ctrl+C
456 memset(&action, 0, sizeof (action));
457 action.sa_handler = main_terminate;
458 action.sa_flags = 0;
459 sigemptyset(&action.sa_mask);
460 sigaction(SIGINT, &action, NULL);
461
462 // generated under unix with 'kill -HUP', needed to reload the configuration
463 // We do not have this kind of signal in Win32
464 memset(&action, 0, sizeof (action));
465 action.sa_handler = main_reread_config;
466 action.sa_flags = 0;
467 sigemptyset(&action.sa_mask);
468 sigaction(SIGHUP, &action, NULL);
469 #endif
470
471 printf("Press CTRL + C to stop the server...\n");
472 }
473
474 // If we're a Win32 service, we have already called this function in the service_main
475 main_startup();
476
477 // The code should never arrive here (since the main_startup is blocking)
478 // however this avoids a compiler warning
479 exit(0);
480 }
481
482 void main_startup(void)
483 {
484 char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed
485 struct addrinfo *addrinfo; // keeps the addrinfo chain; required to open a new socket
486 int i;
487 #ifdef _WIN32
488 HANDLE threadId; // handle for the subthread
489 #else
490 pid_t pid;
491 #endif
492
493 i = 0;
494 addrinfo = NULL;
495 memset(errbuf, 0, sizeof(errbuf));
496
497 // Starts all the active threads
498 while ((i < MAX_ACTIVE_LIST) && (activelist[i].address[0] != 0))
499 {
500 activelist[i].ai_family = mainhints.ai_family;
501
502 #ifdef _WIN32
503 threadId = (HANDLE)_beginthreadex(NULL, 0, main_active,
504 (void *)&activelist[i], 0, NULL);
505 if (threadId == 0)
506 {
507 SOCK_DEBUG_MESSAGE("Error creating the active child threads");
508 continue;
509 }
510 CloseHandle(threadId);
511 #else
512 if ((pid = fork()) == 0) // I am the child
513 {
514 main_active((void *) &activelist[i]);
515 exit(0);
516 }
517 #endif
518 i++;
519 }
520
521 /*
522 * The code that manages the active connections is not blocking;
523 * the code that manages the passive connection is blocking.
524 * So, if the user does not want to run in passive mode, we have
525 * to block the main thread here, otherwise the program ends and
526 * all threads are stopped.
527 *
528 * WARNING: this means that in case we have only active mode,
529 * the program does not terminate even if all the child thread
530 * terminates. The user has always to press Ctrl+C (or send a
531 * SIGTERM) to terminate the program.
532 */
533 if (passivemode)
534 {
535 struct addrinfo *tempaddrinfo;
536
537 //
538 // Get a list of sockets on which to listen.
539 //
540 if (sock_initaddress((address[0]) ? address : NULL, port, &mainhints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
541 {
542 SOCK_DEBUG_MESSAGE(errbuf);
543 return;
544 }
545
546 for (tempaddrinfo = addrinfo; tempaddrinfo;
547 tempaddrinfo = tempaddrinfo->ai_next)
548 {
549 SOCKET sock;
550 struct listen_sock *sock_info;
551
552 if ((sock = sock_open(tempaddrinfo, SOCKOPEN_SERVER, SOCKET_MAXCONN, errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
553 {
554 SOCK_DEBUG_MESSAGE(errbuf);
555 continue;
556 }
557
558 sock_info = (struct listen_sock *) malloc(sizeof (struct listen_sock));
559 if (sock_info == NULL)
560 {
561 rpcapd_log(LOGPRIO_ERROR, "Can't allocate structure for listen socket");
562 exit(2);
563 }
564 sock_info->sock = sock;
565 sock_info->next = listen_socks;
566 listen_socks = sock_info;
567 }
568
569 freeaddrinfo(addrinfo);
570
571 //
572 // Now listen on all of them, waiting for connections.
573 //
574 accept_connections();
575 }
576
577 //
578 // We're done; exit.
579 //
580 SOCK_DEBUG_MESSAGE(PROGRAM_NAME " is closing.\n");
581
582 #ifndef _WIN32
583 //
584 // Sends a KILL signal to all the processes in this process's
585 // process group; i.e., it kills all the child processes
586 // we've created.
587 //
588 // XXX - that also includes us, so we will be killed as well;
589 // that may cause a message to be printed or logged.
590 //
591 kill(0, SIGKILL);
592 #endif
593
594 //
595 // Just leave. We shouldn't need to clean up sockets or
596 // anything else, and if we try to do so, we'll could end
597 // up closing sockets, or shutting Winsock down, out from
598 // under service loops, causing all sorts of noisy error
599 // messages.
600 //
601 // We shouldn't need to worry about cleaning up any resources
602 // such as handles, sockets, threads, etc. - exit() should
603 // terminate the process, causing all those resources to be
604 // cleaned up (including the threads; Microsoft claims in the
605 // ExitProcess() documentation that, if ExitProcess() is called,
606 // "If a thread is waiting on a kernel object, it will not be
607 // terminated until the wait has completed.", but claims in the
608 // _beginthread()/_beginthreadex() documentation that "All threads
609 // are terminated if any thread calls abort, exit, _exit, or
610 // ExitProcess." - the latter appears to be the case, even for
611 // threads waiting on the event for a pcap_t).
612 //
613 exit(0);
614 }
615
616 #ifdef _WIN32
617 static void
618 send_state_change_event(void)
619 {
620 char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed
621
622 if (!SetEvent(state_change_event))
623 {
624 sock_geterror(NULL, errbuf, PCAP_ERRBUF_SIZE);
625 rpcapd_log(LOGPRIO_ERROR, "SetEvent on shutdown event failed: %s", errbuf);
626 }
627 }
628
629 void
630 send_shutdown_notification(void)
631 {
632 //
633 // Indicate that the server should shut down.
634 //
635 shutdown_server = 1;
636
637 //
638 // Send a state change event, to wake up WSAWaitForMultipleEvents().
639 //
640 send_state_change_event();
641 }
642
643 void
644 send_reread_configuration_notification(void)
645 {
646 //
647 // Indicate that the server should re-read its configuration file.
648 //
649 reread_config = 1;
650
651 //
652 // Send a state change event, to wake up WSAWaitForMultipleEvents().
653 //
654 send_state_change_event();
655 }
656
657 static BOOL WINAPI main_ctrl_event(DWORD ctrltype)
658 {
659 //
660 // ctrltype is one of:
661 //
662 // CTRL_C_EVENT - we got a ^C; this is like SIGINT
663 // CTRL_BREAK_EVENT - we got Ctrl+Break
664 // CTRL_CLOSE_EVENT - the console was closed; this is like SIGHUP
665 // CTRL_LOGOFF_EVENT - a user is logging off; this is received
666 // only by services
667 // CTRL_SHUTDOWN_EVENT - the systemis shutting down; this is
668 // received only by services
669 //
670 // For now, we treat all but CTRL_LOGOFF_EVENT as indications
671 // that we should shut down.
672 //
673 switch (ctrltype)
674 {
675 case CTRL_C_EVENT:
676 case CTRL_BREAK_EVENT:
677 case CTRL_CLOSE_EVENT:
678 case CTRL_SHUTDOWN_EVENT:
679 //
680 // Set a shutdown notification.
681 //
682 send_shutdown_notification();
683 break;
684
685 default:
686 break;
687 }
688
689 //
690 // We handled this.
691 //
692 return TRUE;
693 }
694 #else
695 static void main_terminate(int sign _U_)
696 {
697 //
698 // Note that the server should shut down.
699 // select() should get an EINTR error when we return,
700 // so it will wake up and know it needs to check the flag.
701 //
702 shutdown_server = 1;
703 }
704
705 static void main_reread_config(int sign _U_)
706 {
707 //
708 // Note that the server should re-read its configuration file.
709 // select() should get an EINTR error when we return,
710 // so it will wake up and know it needs to check the flag.
711 //
712 reread_config = 1;
713 }
714
715 static void main_reap_children(int sign _U_)
716 {
717 pid_t pid;
718 int exitstat;
719
720 // Reap all child processes that have exited.
721 // For reference, Stevens, pg 128
722
723 while ((pid = waitpid(-1, &exitstat, WNOHANG)) > 0)
724 SOCK_DEBUG_MESSAGE("Child terminated");
725
726 return;
727 }
728 #endif
729
730 //
731 // Loop waiting for incoming connections and accepting them.
732 //
733 static void
734 accept_connections(void)
735 {
736 #ifdef _WIN32
737 struct listen_sock *sock_info;
738 DWORD num_events;
739 WSAEVENT *events;
740 int i;
741 char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed
742
743 //
744 // How big does the set of events need to be?
745 // One for the shutdown event, plus one for every socket on which
746 // we'll be listening.
747 //
748 num_events = 1; // shutdown event
749 for (sock_info = listen_socks; sock_info;
750 sock_info = sock_info->next)
751 {
752 if (num_events == WSA_MAXIMUM_WAIT_EVENTS)
753 {
754 //
755 // WSAWaitForMultipleEvents() doesn't support
756 // more than WSA_MAXIMUM_WAIT_EVENTS events
757 // on which to wait.
758 //
759 rpcapd_log(LOGPRIO_ERROR, "Too many sockets on which to listen");
760 exit(2);
761 }
762 num_events++;
763 }
764
765 //
766 // Allocate the array of events.
767 //
768 events = (WSAEVENT *) malloc(num_events * sizeof (WSAEVENT));
769 if (events == NULL)
770 {
771 rpcapd_log(LOGPRIO_ERROR, "Can't allocate array of events which to listen");
772 exit(2);
773 }
774
775 //
776 // Fill it in.
777 //
778 events[0] = state_change_event; // state change event first
779 for (sock_info = listen_socks, i = 1; sock_info;
780 sock_info = sock_info->next, i++)
781 {
782 WSAEVENT event;
783
784 //
785 // Create an event that is signaled if there's a connection
786 // to accept on the socket in question.
787 //
788 event = WSACreateEvent();
789 if (event == WSA_INVALID_EVENT)
790 {
791 sock_geterror(NULL, errbuf, PCAP_ERRBUF_SIZE);
792 rpcapd_log(LOGPRIO_ERROR, "Can't create socket event: %s", errbuf);
793 exit(2);
794 }
795 if (WSAEventSelect(sock_info->sock, event, FD_ACCEPT) == SOCKET_ERROR)
796 {
797 sock_geterror(NULL, errbuf, PCAP_ERRBUF_SIZE);
798 rpcapd_log(LOGPRIO_ERROR, "Can't setup socket event: %s", errbuf);
799 exit(2);
800 }
801 events[i] = event;
802 }
803
804 for (;;)
805 {
806 //
807 // Wait for incoming connections.
808 //
809 DWORD ret;
810
811 ret = WSAWaitForMultipleEvents(num_events, events, FALSE,
812 WSA_INFINITE, FALSE);
813 if (ret == WSA_WAIT_FAILED)
814 {
815 sock_geterror(NULL, errbuf, PCAP_ERRBUF_SIZE);
816 rpcapd_log(LOGPRIO_ERROR, "WSAWaitForMultipleEvents failed: %s", errbuf);
817 exit(2);
818 }
819
820 if (ret == WSA_WAIT_EVENT_0)
821 {
822 //
823 // The state change event was set.
824 //
825 if (shutdown_server)
826 {
827 //
828 // Time to quit. Exit the loop.
829 //
830 break;
831 }
832 if (reread_config)
833 {
834 //
835 // We should re-read the configuration
836 // file.
837 //
838 reread_config = 0; // clear the indicator
839 fileconf_read();
840 }
841 }
842
843 //
844 // Check each socket.
845 //
846 for (sock_info = listen_socks, i = 1; sock_info;
847 sock_info = sock_info->next, i++)
848 {
849 WSANETWORKEVENTS network_events;
850
851 if (WSAEnumNetworkEvents(sock_info->sock,
852 events[i], &network_events) == SOCKET_ERROR)
853 {
854 sock_geterror(NULL, errbuf, PCAP_ERRBUF_SIZE);
855 rpcapd_log(LOGPRIO_ERROR, "WSAEnumNetworkEvents failed: %s", errbuf);
856 exit(2);
857 }
858 if (network_events.lNetworkEvents & FD_ACCEPT)
859 {
860 //
861 // Did an error occur?
862 //
863 if (network_events.iErrorCode[FD_ACCEPT_BIT] != 0)
864 {
865 //
866 // Yes - report it and keep going.
867 //
868 sock_fmterror(NULL,
869 network_events.iErrorCode[FD_ACCEPT_BIT],
870 errbuf,
871 PCAP_ERRBUF_SIZE);
872 rpcapd_log(LOGPRIO_ERROR, "Socket error: %s", errbuf);
873 continue;
874 }
875
876 //
877 // Accept the connection.
878 //
879 accept_connection(sock_info->sock);
880 }
881 }
882 }
883 #else
884 struct listen_sock *sock_info;
885 int num_sock_fds;
886
887 //
888 // How big does the bitset of sockets on which to select() have
889 // to be?
890 //
891 num_sock_fds = 0;
892 for (sock_info = listen_socks; sock_info; sock_info = sock_info->next)
893 {
894 if (sock_info->sock + 1 > num_sock_fds)
895 {
896 if (sock_info->sock + 1 > FD_SETSIZE)
897 {
898 rpcapd_log(LOGPRIO_ERROR, "Socket FD is too bit for an fd_set");
899 exit(2);
900 }
901 num_sock_fds = sock_info->sock + 1;
902 }
903 }
904
905 for (;;)
906 {
907 fd_set sock_fds;
908 int ret;
909
910 //
911 // Set up an fd_set for all the sockets on which we're
912 // listening.
913 //
914 // This set is modified by select(), so we have to
915 // construct it anew each time.
916 //
917 FD_ZERO(&sock_fds);
918 for (sock_info = listen_socks; sock_info;
919 sock_info = sock_info->next)
920 {
921 FD_SET(sock_info->sock, &sock_fds);
922 }
923
924 //
925 // Wait for incoming connections.
926 //
927 ret = select(num_sock_fds, &sock_fds, NULL, NULL, NULL);
928 if (ret == -1)
929 {
930 if (errno == EINTR)
931 {
932 //
933 // If this is a "terminate the
934 // server" signal, exit the loop,
935 // otherwise just keep trying.
936 //
937 if (shutdown_server)
938 {
939 //
940 // Time to quit. Exit the loop.
941 //
942 break;
943 }
944 if (reread_config)
945 {
946 //
947 // We should re-read the configuration
948 // file.
949 //
950 reread_config = 0; // clear the indicator
951 fileconf_read();
952 }
953
954 //
955 // Go back and wait again.
956 //
957 continue;
958 }
959 else
960 {
961 rpcapd_log(LOGPRIO_ERROR, "select failed: %s",
962 strerror(errno));
963 exit(2);
964 }
965 }
966
967 //
968 // Check each socket.
969 //
970 for (sock_info = listen_socks; sock_info;
971 sock_info = sock_info->next)
972 {
973 if (FD_ISSET(sock_info->sock, &sock_fds))
974 {
975 //
976 // Accept the connection.
977 //
978 accept_connection(sock_info->sock);
979 }
980 }
981 }
982 #endif
983
984 //
985 // Close all the listen sockets.
986 //
987 for (sock_info = listen_socks; sock_info; sock_info = sock_info->next)
988 {
989 closesocket(sock_info->sock);
990 }
991 sock_cleanup();
992 }
993
994 //
995 // Accept a connection and start a worker thread, on Windows, or a
996 // worker process, on UN*X, to handle the connection.
997 //
998 static void
999 accept_connection(SOCKET listen_sock)
1000 {
1001 char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed
1002 SOCKET sockctrl; // keeps the socket ID for this control connection
1003 struct sockaddr_storage from; // generic sockaddr_storage variable
1004 socklen_t fromlen; // keeps the length of the sockaddr_storage variable
1005
1006 #ifdef _WIN32
1007 HANDLE threadId; // handle for the subthread
1008 u_long off = 0;
1009 SOCKET *sockctrl_temp;
1010 #else
1011 pid_t pid;
1012 #endif
1013
1014 // Initialize errbuf
1015 memset(errbuf, 0, sizeof(errbuf));
1016
1017 for (;;)
1018 {
1019 // Accept the connection
1020 fromlen = sizeof(struct sockaddr_storage);
1021
1022 sockctrl = accept(listen_sock, (struct sockaddr *) &from, &fromlen);
1023
1024 if (sockctrl != INVALID_SOCKET)
1025 {
1026 // Success.
1027 break;
1028 }
1029
1030 // The accept() call can return this error when a signal is catched
1031 // In this case, we have simply to ignore this error code
1032 // Stevens, pg 124
1033 #ifdef _WIN32
1034 if (WSAGetLastError() == WSAEINTR)
1035 #else
1036 if (errno == EINTR)
1037 #endif
1038 continue;
1039
1040 // Don't check for errors here, since the error can be due to the fact that the thread
1041 // has been killed
1042 sock_geterror("accept(): ", errbuf, PCAP_ERRBUF_SIZE);
1043 rpcapd_log(LOGPRIO_ERROR, "Accept of control connection from client failed: %s",
1044 errbuf);
1045 return;
1046 }
1047
1048 //
1049 // We have a connection.
1050 // Check whether the connecting host is among the ones allowed.
1051 //
1052 if (sock_check_hostlist(hostlist, RPCAP_HOSTLIST_SEP, &from, errbuf, PCAP_ERRBUF_SIZE) < 0)
1053 {
1054 rpcap_senderror(sockctrl, 0, PCAP_ERR_HOSTNOAUTH, errbuf, NULL);
1055 sock_close(sockctrl, NULL, 0);
1056 return;
1057 }
1058
1059 #ifdef _WIN32
1060 //
1061 // Put the socket back into blocking mode; doing WSAEventSelect()
1062 // on the listen socket makes that socket non-blocking, and it
1063 // appears that sockets returned from an accept() on that socket
1064 // are also non-blocking.
1065 //
1066 // First, we have to un-WSAEventSelect() this socket, and then
1067 // we can turn non-blocking mode off.
1068 //
1069 if (WSAEventSelect(sockctrl, NULL, 0) == SOCKET_ERROR)
1070 {
1071 sock_geterror("ioctlsocket(FIONBIO): ", errbuf, PCAP_ERRBUF_SIZE);
1072 rpcap_senderror(sockctrl, 0, PCAP_ERR_HOSTNOAUTH, errbuf, NULL);
1073 sock_close(sockctrl, NULL, 0);
1074 return;
1075 }
1076 if (ioctlsocket(sockctrl, FIONBIO, &off) == SOCKET_ERROR)
1077 {
1078 sock_geterror("ioctlsocket(FIONBIO): ", errbuf, PCAP_ERRBUF_SIZE);
1079 rpcap_senderror(sockctrl, 0, PCAP_ERR_HOSTNOAUTH, errbuf, NULL);
1080 sock_close(sockctrl, NULL, 0);
1081 return;
1082 }
1083
1084 //
1085 // Allocate a location to hold the value of sockctrl.
1086 // It will be freed in the newly-created thread once it's
1087 // finished with it.
1088 // I guess we *could* just cast sockctrl to a void *, but that's
1089 // a bit ugly.
1090 //
1091 sockctrl_temp = (SOCKET *)malloc(sizeof (SOCKET));
1092 if (sockctrl_temp == NULL)
1093 {
1094 pcap_fmt_errmsg_for_errno(errbuf, PCAP_ERRBUF_SIZE,
1095 errno, "malloc() failed");
1096 rpcap_senderror(sockctrl, 0, PCAP_ERR_OPEN, errbuf, NULL);
1097 sock_close(sockctrl, NULL, 0);
1098 return;
1099 }
1100 *sockctrl_temp = sockctrl;
1101
1102 threadId = (HANDLE)_beginthreadex(NULL, 0,
1103 main_passive_serviceloop_thread, (void *) sockctrl_temp, 0, NULL);
1104 if (threadId == 0)
1105 {
1106 pcap_snprintf(errbuf, PCAP_ERRBUF_SIZE, "Error creating the child thread");
1107 rpcap_senderror(sockctrl, 0, PCAP_ERR_OPEN, errbuf, NULL);
1108 sock_close(sockctrl, NULL, 0);
1109 free(sockctrl_temp);
1110 return;
1111 }
1112 CloseHandle(threadId);
1113 #else
1114 pid = fork();
1115 if (pid == -1)
1116 {
1117 pcap_snprintf(errbuf, PCAP_ERRBUF_SIZE, "Error creating the child process");
1118 rpcap_senderror(sockctrl, 0, PCAP_ERR_OPEN, errbuf, NULL);
1119 sock_close(sockctrl, NULL, 0);
1120 return;
1121 }
1122 if (pid == 0)
1123 {
1124 //
1125 // Child process.
1126 //
1127 // Close the socket on which we're listening (must
1128 // be open only in the parent).
1129 //
1130 closesocket(listen_sock);
1131
1132 #if 0
1133 //
1134 // Modify thread params so that it can be killed at any time
1135 // XXX - is this necessary? This is the main and, currently,
1136 // only thread in the child process, and nobody tries to
1137 // cancel us, although *we* may cancel the thread that's
1138 // handling the capture loop.
1139 //
1140 if (pthread_setcancelstate(PTHREAD_CANCEL_ENABLE, NULL))
1141 goto end;
1142 if (pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, NULL))
1143 goto end;
1144 #endif
1145
1146 //
1147 // Run the service loop.
1148 // This is passive mode, so we don't care whether we were
1149 // told by the client to close.
1150 //
1151 (void)daemon_serviceloop(sockctrl, sockctrl, 0,
1152 nullAuthAllowed);
1153
1154 close(sockctrl);
1155
1156 exit(0);
1157 }
1158
1159 // I am the parent
1160 // Close the socket for this session (must be open only in the child)
1161 closesocket(sockctrl);
1162 #endif
1163 }
1164
1165 /*!
1166 \brief 'true' main of the program in case the active mode is turned on.
1167
1168 This function loops forever trying to connect to the remote host, until the
1169 daemon is turned down.
1170
1171 \param ptr: it keeps the 'activepars' parameters. It is a 'void *'
1172 just because the thread APIs want this format.
1173 */
1174 #ifdef _WIN32
1175 static unsigned __stdcall
1176 #else
1177 static void *
1178 #endif
1179 main_active(void *ptr)
1180 {
1181 char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed
1182 SOCKET sockctrl; // keeps the socket ID for this control connection
1183 struct addrinfo hints; // temporary struct to keep settings needed to open the new socket
1184 struct addrinfo *addrinfo; // keeps the addrinfo chain; required to open a new socket
1185 struct active_pars *activepars;
1186
1187 activepars = (struct active_pars *) ptr;
1188
1189 // Prepare to open a new server socket
1190 memset(&hints, 0, sizeof(struct addrinfo));
1191 // WARNING Currently it supports only ONE socket family among IPv4 and IPv6
1192 hints.ai_family = AF_INET; // PF_UNSPEC to have both IPv4 and IPv6 server
1193 hints.ai_socktype = SOCK_STREAM;
1194 hints.ai_family = activepars->ai_family;
1195
1196 pcap_snprintf(errbuf, PCAP_ERRBUF_SIZE, "Connecting to host %s, port %s, using protocol %s",
1197 activepars->address, activepars->port, (hints.ai_family == AF_INET) ? "IPv4":
1198 (hints.ai_family == AF_INET6) ? "IPv6" : "Unspecified");
1199 SOCK_DEBUG_MESSAGE(errbuf);
1200
1201 // Initialize errbuf
1202 memset(errbuf, 0, sizeof(errbuf));
1203
1204 // Do the work
1205 if (sock_initaddress(activepars->address, activepars->port, &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
1206 {
1207 SOCK_DEBUG_MESSAGE(errbuf);
1208 return 0;
1209 }
1210
1211 for (;;)
1212 {
1213 int activeclose;
1214
1215 if ((sockctrl = sock_open(addrinfo, SOCKOPEN_CLIENT, 0, errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
1216 {
1217 SOCK_DEBUG_MESSAGE(errbuf);
1218
1219 pcap_snprintf(errbuf, PCAP_ERRBUF_SIZE, "Error connecting to host %s, port %s, using protocol %s",
1220 activepars->address, activepars->port, (hints.ai_family == AF_INET) ? "IPv4":
1221 (hints.ai_family == AF_INET6) ? "IPv6" : "Unspecified");
1222
1223 SOCK_DEBUG_MESSAGE(errbuf);
1224
1225 sleep_secs(RPCAP_ACTIVE_WAIT);
1226
1227 continue;
1228 }
1229
1230 activeclose = daemon_serviceloop(sockctrl, sockctrl, 1,
1231 nullAuthAllowed);
1232
1233 sock_close(sockctrl, NULL, 0);
1234
1235 // If the connection is closed by the user explicitely, don't try to connect to it again
1236 // just exit the program
1237 if (activeclose == 1)
1238 break;
1239 }
1240
1241 freeaddrinfo(addrinfo);
1242 return 0;
1243 }
1244
1245 #ifdef _WIN32
1246 //
1247 // Main routine of a passive-mode service thread.
1248 //
1249 unsigned __stdcall main_passive_serviceloop_thread(void *ptr)
1250 {
1251 SOCKET sockctrl;
1252
1253 sockctrl = *((SOCKET *)ptr);
1254 free(ptr);
1255
1256 //
1257 // Handle this client.
1258 // This is passive mode, so we don't care whether we were
1259 // told by the client to close.
1260 //
1261 (void)daemon_serviceloop(sockctrl, sockctrl, 0, nullAuthAllowed);
1262
1263 sock_close(sockctrl, NULL, 0);
1264
1265 return 0;
1266 }
1267 #endif
[mirror] the LIBpcap interface to various kernel packet capture mechanism