]> The Tcpdump Group git mirrors - libpcap/blob - sockutils.c
projects / libpcap / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Handle older OSes without DLT_PRISM_HEADER/DLT_AIRONET_HEADER/DLT_PPI.
[libpcap] / sockutils.c
1 /*
2 * Copyright (c) 2002 - 2003
3 * NetGroup, Politecnico di Torino (Italy)
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the Politecnico di Torino nor the names of its
16 * contributors may be used to endorse or promote products derived from
17 * this software without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
23 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
25 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 *
31 */
32
33 #ifdef HAVE_CONFIG_H
34 #include <config.h>
35 #endif
36
37 /*
38 * \file sockutils.c
39 *
40 * The goal of this file is to provide a common set of primitives for socket
41 * manipulation.
42 *
43 * Although the socket interface defined in the RFC 2553 (and its updates)
44 * is excellent, there are still differences between the behavior of those
45 * routines on UN*X and Windows, and between UN*Xes.
46 *
47 * These calls provide an interface similar to the socket interface, but
48 * that hides the differences between operating systems. It does not
49 * attempt to significantly improve on the socket interface in other
50 * ways.
51 */
52
53 #include "ftmacros.h"
54
55 #include <string.h>
56 #include <errno.h> /* for the errno variable */
57 #include <stdio.h> /* for the stderr file */
58 #include <stdlib.h> /* for malloc() and free() */
59 #include <limits.h> /* for INT_MAX */
60
61 #include "pcap-int.h"
62
63 #include "sockutils.h"
64 #include "portability.h"
65
66 #ifdef _WIN32
67 /*
68 * Winsock initialization.
69 *
70 * Ask for WinSock 2.2.
71 */
72 #define WINSOCK_MAJOR_VERSION 2
73 #define WINSOCK_MINOR_VERSION 2
74
75 static int sockcount = 0; /*!< Variable that allows calling the WSAStartup() only one time */
76 #endif
77
78 /* Some minor differences between UNIX and Win32 */
79 #ifdef _WIN32
80 #define SHUT_WR SD_SEND /* The control code for shutdown() is different in Win32 */
81 #endif
82
83 /* Size of the buffer that has to keep error messages */
84 #define SOCK_ERRBUF_SIZE 1024
85
86 /* Constants; used in order to keep strings here */
87 #define SOCKET_NO_NAME_AVAILABLE "No name available"
88 #define SOCKET_NO_PORT_AVAILABLE "No port available"
89 #define SOCKET_NAME_NULL_DAD "Null address (possibly DAD Phase)"
90
91 /*
92 * On UN*X, send() and recv() return ssize_t.
93 *
94 * On Windows, send() and recv() return an int.
95 *
96 * Wth MSVC, there *is* no ssize_t.
97 *
98 * With MinGW, there is an ssize_t type; it is either an int (32 bit)
99 * or a long long (64 bit).
100 *
101 * So, on Windows, if we don't have ssize_t defined, define it as an
102 * int, so we can use it, on all platforms, as the type of variables
103 * that hold the return values from send() and recv().
104 */
105 #if defined(_WIN32) && !defined(_SSIZE_T_DEFINED)
106 typedef int ssize_t;
107 #endif
108
109 /****************************************************
110 * *
111 * Locally defined functions *
112 * *
113 ****************************************************/
114
115 static int sock_ismcastaddr(const struct sockaddr *saddr);
116
117 /****************************************************
118 * *
119 * Function bodies *
120 * *
121 ****************************************************/
122
123 /*
124 * Format an error message given an errno value (UN*X) or a WinSock error
125 * (Windows).
126 */
127 void sock_fmterror(const char *caller, int errcode, char *errbuf, int errbuflen)
128 {
129 #ifdef _WIN32
130 char message[SOCK_ERRBUF_SIZE]; /* We're forcing "ANSI" */
131
132 if (errbuf == NULL)
133 return;
134
135 pcap_win32_err_to_str(errcode, message);
136 if ((caller) && (*caller))
137 pcap_snprintf(errbuf, errbuflen, "%s%s", caller, message);
138 else
139 pcap_snprintf(errbuf, errbuflen, "%s", message);
140 #else
141 char *message;
142
143 if (errbuf == NULL)
144 return;
145
146 message = strerror(errcode);
147
148 if ((caller) && (*caller))
149 pcap_snprintf(errbuf, errbuflen, "%s%s (%d)", caller, message, errcode);
150 else
151 pcap_snprintf(errbuf, errbuflen, "%s (%d)", message, errcode);
152 #endif
153 }
154
155 /*
156 * \brief It retrieves the error message after an error occurred in the socket interface.
157 *
158 * This function is defined because of the different way errors are returned in UNIX
159 * and Win32. This function provides a consistent way to retrieve the error message
160 * (after a socket error occurred) on all the platforms.
161 *
162 * \param caller: a pointer to a user-allocated string which contains a message that has
163 * to be printed *before* the true error message. It could be, for example, 'this error
164 * comes from the recv() call at line 31'. It may be NULL.
165 *
166 * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
167 * error message. This buffer has to be at least 'errbuflen' in length.
168 * It can be NULL; in this case the error cannot be printed.
169 *
170 * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
171 * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
172 *
173 * \return No return values. The error message is returned in the 'string' parameter.
174 */
175 void sock_geterror(const char *caller, char *errbuf, int errbuflen)
176 {
177 #ifdef _WIN32
178 if (errbuf == NULL)
179 return;
180 sock_fmterror(caller, GetLastError(), errbuf, errbuflen);
181 #else
182 if (errbuf == NULL)
183 return;
184 sock_fmterror(caller, errno, errbuf, errbuflen);
185 #endif
186 }
187
188 /*
189 * \brief It initializes sockets.
190 *
191 * This function is pretty useless on UNIX, since socket initialization is not required.
192 * However it is required on Win32. In UNIX, this function appears to be completely empty.
193 *
194 * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
195 * error message. This buffer has to be at least 'errbuflen' in length.
196 * It can be NULL; in this case the error cannot be printed.
197 *
198 * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
199 * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
200 *
201 * \return '0' if everything is fine, '-1' if some errors occurred. The error message is returned
202 * in the 'errbuf' variable.
203 */
204 #ifdef _WIN32
205 int sock_init(char *errbuf, int errbuflen)
206 {
207 if (sockcount == 0)
208 {
209 WSADATA wsaData; /* helper variable needed to initialize Winsock */
210
211 if (WSAStartup(MAKEWORD(WINSOCK_MAJOR_VERSION,
212 WINSOCK_MINOR_VERSION), &wsaData) != 0)
213 {
214 if (errbuf)
215 pcap_snprintf(errbuf, errbuflen, "Failed to initialize Winsock\n");
216
217 WSACleanup();
218
219 return -1;
220 }
221 }
222
223 sockcount++;
224 #else
225 int sock_init(char *errbuf _U_, int errbuflen _U_)
226 {
227 #endif
228 return 0;
229 }
230
231 /*
232 * \brief It deallocates sockets.
233 *
234 * This function is pretty useless on UNIX, since socket deallocation is not required.
235 * However it is required on Win32. In UNIX, this function appears to be completely empty.
236 *
237 * \return No error values.
238 */
239 void sock_cleanup(void)
240 {
241 #ifdef _WIN32
242 sockcount--;
243
244 if (sockcount == 0)
245 WSACleanup();
246 #endif
247 }
248
249 /*
250 * \brief It checks if the sockaddr variable contains a multicast address.
251 *
252 * \return '0' if the address is multicast, '-1' if it is not.
253 */
254 static int sock_ismcastaddr(const struct sockaddr *saddr)
255 {
256 if (saddr->sa_family == PF_INET)
257 {
258 struct sockaddr_in *saddr4 = (struct sockaddr_in *) saddr;
259 if (IN_MULTICAST(ntohl(saddr4->sin_addr.s_addr))) return 0;
260 else return -1;
261 }
262 else
263 {
264 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *) saddr;
265 if (IN6_IS_ADDR_MULTICAST(&saddr6->sin6_addr)) return 0;
266 else return -1;
267 }
268 }
269
270 /*
271 * \brief It initializes a network connection both from the client and the server side.
272 *
273 * In case of a client socket, this function calls socket() and connect().
274 * In the meanwhile, it checks for any socket error.
275 * If an error occurs, it writes the error message into 'errbuf'.
276 *
277 * In case of a server socket, the function calls socket(), bind() and listen().
278 *
279 * This function is usually preceeded by the sock_initaddress().
280 *
281 * \param addrinfo: pointer to an addrinfo variable which will be used to
282 * open the socket and such. This variable is the one returned by the previous call to
283 * sock_initaddress().
284 *
285 * \param server: '1' if this is a server socket, '0' otherwise.
286 *
287 * \param nconn: number of the connections that are allowed to wait into the listen() call.
288 * This value has no meanings in case of a client socket.
289 *
290 * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
291 * error message. This buffer has to be at least 'errbuflen' in length.
292 * It can be NULL; in this case the error cannot be printed.
293 *
294 * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
295 * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
296 *
297 * \return the socket that has been opened (that has to be used in the following sockets calls)
298 * if everything is fine, INVALID_SOCKET if some errors occurred. The error message is returned
299 * in the 'errbuf' variable.
300 */
301 SOCKET sock_open(struct addrinfo *addrinfo, int server, int nconn, char *errbuf, int errbuflen)
302 {
303 SOCKET sock;
304 #if defined(SO_NOSIGPIPE) || defined(IPV6_V6ONLY) || defined(IPV6_BINDV6ONLY)
305 int on = 1;
306 #endif
307
308 sock = socket(addrinfo->ai_family, addrinfo->ai_socktype, addrinfo->ai_protocol);
309 if (sock == INVALID_SOCKET)
310 {
311 sock_geterror("socket(): ", errbuf, errbuflen);
312 return INVALID_SOCKET;
313 }
314
315 /*
316 * Disable SIGPIPE, if we have SO_NOSIGPIPE. We don't want to
317 * have to deal with signals if the peer closes the connection,
318 * especially in client programs, which may not even be aware that
319 * they're sending to sockets.
320 */
321 #ifdef SO_NOSIGPIPE
322 if (setsockopt(sock, SOL_SOCKET, SO_NOSIGPIPE, (char *)&on,
323 sizeof (int)) == -1)
324 {
325 sock_geterror("setsockopt(SO_NOSIGPIPE)", errbuf, errbuflen);
326 closesocket(sock);
327 return INVALID_SOCKET;
328 }
329 #endif
330
331 /* This is a server socket */
332 if (server)
333 {
334 #if defined(IPV6_V6ONLY) || defined(IPV6_BINDV6ONLY)
335 /*
336 * Force the use of IPv6-only addresses.
337 *
338 * RFC 3493 indicates that you can support IPv4 on an
339 * IPv6 socket:
340 *
341 * https://tools.ietf.org/html/rfc3493#section-3.7
342 *
343 * and that this is the default behavior. This means
344 * that if we first create an IPv6 socket bound to the
345 * "any" address, it is, in effect, also bound to the
346 * IPv4 "any" address, so when we create an IPv4 socket
347 * and try to bind it to the IPv4 "any" address, it gets
348 * EADDRINUSE.
349 *
350 * Not all network stacks support IPv4 on IPv6 sockets;
351 * pre-NT 6 Windows stacks don't support it, and the
352 * OpenBSD stack doesn't support it for security reasons
353 * (see the OpenBSD inet6(4) man page). Therefore, we
354 * don't want to rely on this behavior.
355 *
356 * So we try to disable it, using either the IPV6_V6ONLY
357 * option from RFC 3493:
358 *
359 * https://tools.ietf.org/html/rfc3493#section-5.3
360 *
361 * or the IPV6_BINDV6ONLY option from older UN*Xes.
362 */
363 #ifndef IPV6_V6ONLY
364 /* For older systems */
365 #define IPV6_V6ONLY IPV6_BINDV6ONLY
366 #endif /* IPV6_V6ONLY */
367 if (addrinfo->ai_family == PF_INET6)
368 {
369 if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
370 (char *)&on, sizeof (int)) == -1)
371 {
372 if (errbuf)
373 pcap_snprintf(errbuf, errbuflen, "setsockopt(IPV6_V6ONLY)");
374 closesocket(sock);
375 return INVALID_SOCKET;
376 }
377 }
378 #endif /* defined(IPV6_V6ONLY) || defined(IPV6_BINDV6ONLY) */
379
380 /* WARNING: if the address is a mcast one, I should place the proper Win32 code here */
381 if (bind(sock, addrinfo->ai_addr, (int) addrinfo->ai_addrlen) != 0)
382 {
383 sock_geterror("bind(): ", errbuf, errbuflen);
384 closesocket(sock);
385 return INVALID_SOCKET;
386 }
387
388 if (addrinfo->ai_socktype == SOCK_STREAM)
389 if (listen(sock, nconn) == -1)
390 {
391 sock_geterror("listen(): ", errbuf, errbuflen);
392 closesocket(sock);
393 return INVALID_SOCKET;
394 }
395
396 /* server side ended */
397 return sock;
398 }
399 else /* we're the client */
400 {
401 struct addrinfo *tempaddrinfo;
402 char *errbufptr;
403 size_t bufspaceleft;
404
405 tempaddrinfo = addrinfo;
406 errbufptr = errbuf;
407 bufspaceleft = errbuflen;
408 *errbufptr = 0;
409
410 /*
411 * We have to loop though all the addinfo returned.
412 * For instance, we can have both IPv6 and IPv4 addresses, but the service we're trying
413 * to connect to is unavailable in IPv6, so we have to try in IPv4 as well
414 */
415 while (tempaddrinfo)
416 {
417
418 if (connect(sock, tempaddrinfo->ai_addr, (int) tempaddrinfo->ai_addrlen) == -1)
419 {
420 size_t msglen;
421 char TmpBuffer[100];
422 char SocketErrorMessage[SOCK_ERRBUF_SIZE];
423
424 /*
425 * We have to retrieve the error message before any other socket call completes, otherwise
426 * the error message is lost
427 */
428 sock_geterror(NULL, SocketErrorMessage, sizeof(SocketErrorMessage));
429
430 /* Returns the numeric address of the host that triggered the error */
431 sock_getascii_addrport((struct sockaddr_storage *) tempaddrinfo->ai_addr, TmpBuffer, sizeof(TmpBuffer), NULL, 0, NI_NUMERICHOST, TmpBuffer, sizeof(TmpBuffer));
432
433 pcap_snprintf(errbufptr, bufspaceleft,
434 "Is the server properly installed on %s? connect() failed: %s", TmpBuffer, SocketErrorMessage);
435
436 /* In case more then one 'connect' fails, we manage to keep all the error messages */
437 msglen = strlen(errbufptr);
438
439 errbufptr[msglen] = ' ';
440 errbufptr[msglen + 1] = 0;
441
442 bufspaceleft = bufspaceleft - (msglen + 1);
443 errbufptr += (msglen + 1);
444
445 tempaddrinfo = tempaddrinfo->ai_next;
446 }
447 else
448 break;
449 }
450
451 /*
452 * Check how we exit from the previous loop
453 * If tempaddrinfo is equal to NULL, it means that all the connect() failed.
454 */
455 if (tempaddrinfo == NULL)
456 {
457 closesocket(sock);
458 return INVALID_SOCKET;
459 }
460 else
461 return sock;
462 }
463 }
464
465 /*
466 * \brief Closes the present (TCP and UDP) socket connection.
467 *
468 * This function sends a shutdown() on the socket in order to disable send() calls
469 * (while recv() ones are still allowed). Then, it closes the socket.
470 *
471 * \param sock: the socket identifier of the connection that has to be closed.
472 *
473 * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
474 * error message. This buffer has to be at least 'errbuflen' in length.
475 * It can be NULL; in this case the error cannot be printed.
476 *
477 * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
478 * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
479 *
480 * \return '0' if everything is fine, '-1' if some errors occurred. The error message is returned
481 * in the 'errbuf' variable.
482 */
483 int sock_close(SOCKET sock, char *errbuf, int errbuflen)
484 {
485 /*
486 * SHUT_WR: subsequent calls to the send function are disallowed.
487 * For TCP sockets, a FIN will be sent after all data is sent and
488 * acknowledged by the Server.
489 */
490 if (shutdown(sock, SHUT_WR))
491 {
492 sock_geterror("shutdown(): ", errbuf, errbuflen);
493 /* close the socket anyway */
494 closesocket(sock);
495 return -1;
496 }
497
498 closesocket(sock);
499 return 0;
500 }
501
502 /*
503 * gai_errstring() has some problems:
504 *
505 * 1) on Windows, Microsoft explicitly says it's not thread-safe;
506 * 2) on UN*X, the Single UNIX Specification doesn't say it *is*
507 * thread-safe, so an implementation might use a static buffer
508 * for unknown error codes;
509 * 3) the error message for the most likely error, EAI_NONAME, is
510 * truly horrible on several platforms ("nodename nor servname
511 * provided, or not known"? It's typically going to be "not
512 * known", not "oopsie, I passed null pointers for the host name
513 * and service name", not to mention they forgot the "neither");
514 *
515 * so we roll our own.
516 */
517 static void
518 get_gai_errstring(char *errbuf, int errbuflen, const char *prefix, int err,
519 const char *hostname, const char *portname)
520 {
521 char hostport[PCAP_ERRBUF_SIZE];
522
523 if (hostname != NULL && portname != NULL)
524 pcap_snprintf(hostport, PCAP_ERRBUF_SIZE, "%s:%s",
525 hostname, portname);
526 else if (hostname != NULL)
527 pcap_snprintf(hostport, PCAP_ERRBUF_SIZE, "%s",
528 hostname);
529 else if (portname != NULL)
530 pcap_snprintf(hostport, PCAP_ERRBUF_SIZE, ":%s",
531 portname);
532 else
533 pcap_snprintf(hostport, PCAP_ERRBUF_SIZE, "<no host or port!>");
534 switch (err)
535 {
536 #ifdef EAI_ADDRFAMILY
537 case EAI_ADDRFAMILY:
538 pcap_snprintf(errbuf, errbuflen,
539 "%sAddress family for %s not supported",
540 prefix, hostport);
541 break;
542 #endif
543
544 case EAI_AGAIN:
545 pcap_snprintf(errbuf, errbuflen,
546 "%s%s could not be resolved at this time",
547 prefix, hostport);
548 break;
549
550 case EAI_BADFLAGS:
551 pcap_snprintf(errbuf, errbuflen,
552 "%sThe ai_flags parameter for looking up %s had an invalid value",
553 prefix, hostport);
554 break;
555
556 case EAI_FAIL:
557 pcap_snprintf(errbuf, errbuflen,
558 "%sA non-recoverable error occurred when attempting to resolve %s",
559 prefix, hostport);
560 break;
561
562 case EAI_FAMILY:
563 pcap_snprintf(errbuf, errbuflen,
564 "%sThe address family for looking up %s was not recognized",
565 prefix, hostport);
566 break;
567
568 case EAI_MEMORY:
569 pcap_snprintf(errbuf, errbuflen,
570 "%sOut of memory trying to allocate storage when looking up %s",
571 prefix, hostport);
572 break;
573
574 /*
575 * RFC 2553 had both EAI_NODATA and EAI_NONAME.
576 *
577 * RFC 3493 has only EAI_NONAME.
578 *
579 * Some implementations define EAI_NODATA and EAI_NONAME
580 * to the same value, others don't. If EAI_NODATA is
581 * defined and isn't the same as EAI_NONAME, we handle
582 * EAI_NODATA.
583 */
584 #if defined(EAI_NODATA) && EAI_NODATA != EAI_NONAME
585 case EAI_NODATA:
586 pcap_snprintf(errbuf, errbuflen,
587 "%sNo address associated with %s",
588 prefix, hostport);
589 break;
590 #endif
591
592 case EAI_NONAME:
593 pcap_snprintf(errbuf, errbuflen,
594 "%sThe host name %s couldn't be resolved",
595 prefix, hostport);
596 break;
597
598 case EAI_SERVICE:
599 pcap_snprintf(errbuf, errbuflen,
600 "%sThe service value specified when looking up %s as not recognized for the socket type",
601 prefix, hostport);
602 break;
603
604 case EAI_SOCKTYPE:
605 pcap_snprintf(errbuf, errbuflen,
606 "%sThe socket type specified when looking up %s as not recognized",
607 prefix, hostport);
608 break;
609
610 #ifdef EAI_SYSTEM
611 case EAI_SYSTEM:
612 /*
613 * Assumed to be UN*X.
614 */
615 pcap_snprintf(errbuf, errbuflen,
616 "%sAn error occurred when looking up %s: %s",
617 prefix, hostport, pcap_strerror(errno));
618 break;
619 #endif
620
621 #ifdef EAI_BADHINTS
622 case EAI_BADHINTS:
623 pcap_snprintf(errbuf, errbuflen,
624 "%sInvalid value for hints when looking up %s",
625 prefix, hostport);
626 break;
627 #endif
628
629 #ifdef EAI_PROTOCOL
630 case EAI_PROTOCOL:
631 pcap_snprintf(errbuf, errbuflen,
632 "%sResolved protocol when looking up %s is unknown",
633 prefix, hostport);
634 break;
635 #endif
636
637 #ifdef EAI_OVERFLOW
638 case EAI_OVERFLOW:
639 pcap_snprintf(errbuf, errbuflen,
640 "%sArgument buffer overflow when looking up %s",
641 prefix, hostport);
642 break;
643 #endif
644
645 default:
646 pcap_snprintf(errbuf, errbuflen,
647 "%sgetaddrinfo() error %d when looking up %s",
648 prefix, err, hostport);
649 break;
650 }
651 }
652
653 /*
654 * \brief Checks that the address, port and flags given are valids and it returns an 'addrinfo' structure.
655 *
656 * This function basically calls the getaddrinfo() calls, and it performs a set of sanity checks
657 * to control that everything is fine (e.g. a TCP socket cannot have a mcast address, and such).
658 * If an error occurs, it writes the error message into 'errbuf'.
659 *
660 * \param host: a pointer to a string identifying the host. It can be
661 * a host name, a numeric literal address, or NULL or "" (useful
662 * in case of a server socket which has to bind to all addresses).
663 *
664 * \param port: a pointer to a user-allocated buffer containing the network port to use.
665 *
666 * \param hints: an addrinfo variable (passed by reference) containing the flags needed to create the
667 * addrinfo structure appropriately.
668 *
669 * \param addrinfo: it represents the true returning value. This is a pointer to an addrinfo variable
670 * (passed by reference), which will be allocated by this function and returned back to the caller.
671 * This variable will be used in the next sockets calls.
672 *
673 * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
674 * error message. This buffer has to be at least 'errbuflen' in length.
675 * It can be NULL; in this case the error cannot be printed.
676 *
677 * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
678 * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
679 *
680 * \return '0' if everything is fine, '-1' if some errors occurred. The error message is returned
681 * in the 'errbuf' variable. The addrinfo variable that has to be used in the following sockets calls is
682 * returned into the addrinfo parameter.
683 *
684 * \warning The 'addrinfo' variable has to be deleted by the programmer by calling freeaddrinfo() when
685 * it is no longer needed.
686 *
687 * \warning This function requires the 'hints' variable as parameter. The semantic of this variable is the same
688 * of the one of the corresponding variable used into the standard getaddrinfo() socket function. We suggest
689 * the programmer to look at that function in order to set the 'hints' variable appropriately.
690 */
691 int sock_initaddress(const char *host, const char *port,
692 struct addrinfo *hints, struct addrinfo **addrinfo, char *errbuf, int errbuflen)
693 {
694 int retval;
695
696 retval = getaddrinfo(host, port, hints, addrinfo);
697 if (retval != 0)
698 {
699 if (errbuf)
700 {
701 get_gai_errstring(errbuf, errbuflen, "", retval,
702 host, port);
703 }
704 return -1;
705 }
706 /*
707 * \warning SOCKET: I should check all the accept() in order to bind to all addresses in case
708 * addrinfo has more han one pointers
709 */
710
711 /*
712 * This software only supports PF_INET and PF_INET6.
713 *
714 * XXX - should we just check that at least *one* address is
715 * either PF_INET or PF_INET6, and, when using the list,
716 * ignore all addresses that are neither? (What, no IPX
717 * support? :-))
718 */
719 if (((*addrinfo)->ai_family != PF_INET) &&
720 ((*addrinfo)->ai_family != PF_INET6))
721 {
722 if (errbuf)
723 pcap_snprintf(errbuf, errbuflen, "getaddrinfo(): socket type not supported");
724 freeaddrinfo(*addrinfo);
725 *addrinfo = NULL;
726 return -1;
727 }
728
729 /*
730 * You can't do multicast (or broadcast) TCP.
731 */
732 if (((*addrinfo)->ai_socktype == SOCK_STREAM) &&
733 (sock_ismcastaddr((*addrinfo)->ai_addr) == 0))
734 {
735 if (errbuf)
736 pcap_snprintf(errbuf, errbuflen, "getaddrinfo(): multicast addresses are not valid when using TCP streams");
737 freeaddrinfo(*addrinfo);
738 *addrinfo = NULL;
739 return -1;
740 }
741
742 return 0;
743 }
744
745 /*
746 * \brief It sends the amount of data contained into 'buffer' on the given socket.
747 *
748 * This function basically calls the send() socket function and it checks that all
749 * the data specified in 'buffer' (of size 'size') will be sent. If an error occurs,
750 * it writes the error message into 'errbuf'.
751 * In case the socket buffer does not have enough space, it loops until all data
752 * has been sent.
753 *
754 * \param socket: the connected socket currently opened.
755 *
756 * \param buffer: a char pointer to a user-allocated buffer in which data is contained.
757 *
758 * \param size: number of bytes that have to be sent.
759 *
760 * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
761 * error message. This buffer has to be at least 'errbuflen' in length.
762 * It can be NULL; in this case the error cannot be printed.
763 *
764 * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
765 * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
766 *
767 * \return '0' if everything is fine, '-1' if an error other than
768 * "connection reset" or "peer has closed the receive side" occurred,
769 * '-2' if we got one of those errors.
770 * For errors, an error message is returned in the 'errbuf' variable.
771 */
772 int sock_send(SOCKET sock, SSL *ssl _U_NOSSL_, const char *buffer, size_t size,
773 char *errbuf, int errbuflen)
774 {
775 int remaining;
776 ssize_t nsent;
777
778 if (size > INT_MAX)
779 {
780 if (errbuf)
781 {
782 pcap_snprintf(errbuf, errbuflen,
783 "Can't send more than %u bytes with sock_send",
784 INT_MAX);
785 }
786 return -1;
787 }
788 remaining = (int)size;
789
790 do {
791 #ifdef HAVE_OPENSSL
792 if (ssl) return ssl_send(ssl, buffer, remaining, errbuf, errbuflen);
793 #endif
794
795 #ifdef MSG_NOSIGNAL
796 /*
797 * Send with MSG_NOSIGNAL, so that we don't get SIGPIPE
798 * on errors on stream-oriented sockets when the other
799 * end breaks the connection.
800 * The EPIPE error is still returned.
801 */
802 nsent = send(sock, buffer, remaining, MSG_NOSIGNAL);
803 #else
804 nsent = send(sock, buffer, remaining, 0);
805 #endif
806
807 if (nsent == -1)
808 {
809 /*
810 * If the client closed the connection out from
811 * under us, there's no need to log that as an
812 * error.
813 */
814 int errcode;
815
816 #ifdef _WIN32
817 errcode = GetLastError();
818 if (errcode == WSAECONNRESET ||
819 errcode == WSAECONNABORTED)
820 {
821 /*
822 * WSAECONNABORTED appears to be the error
823 * returned in Winsock when you try to send
824 * on a connection where the peer has closed
825 * the receive side.
826 */
827 return -2;
828 }
829 sock_fmterror("send(): ", errcode, errbuf, errbuflen);
830 #else
831 errcode = errno;
832 if (errcode == ECONNRESET || errcode == EPIPE)
833 {
834 /*
835 * EPIPE is what's returned on UN*X when
836 * you try to send on a connection when
837 * the peer has closed the receive side.
838 */
839 return -2;
840 }
841 sock_fmterror("send(): ", errcode, errbuf, errbuflen);
842 #endif
843 return -1;
844 }
845
846 remaining -= nsent;
847 buffer += nsent;
848 } while (remaining != 0);
849
850 return 0;
851 }
852
853 /*
854 * \brief It copies the amount of data contained into 'buffer' into 'tempbuf'.
855 * and it checks for buffer overflows.
856 *
857 * This function basically copies 'size' bytes of data contained into 'buffer'
858 * into 'tempbuf', starting at offset 'offset'. Before that, it checks that the
859 * resulting buffer will not be larger than 'totsize'. Finally, it updates
860 * the 'offset' variable in order to point to the first empty location of the buffer.
861 *
862 * In case the function is called with 'checkonly' equal to 1, it does not copy
863 * the data into the buffer. It only checks for buffer overflows and it updates the
864 * 'offset' variable. This mode can be useful when the buffer already contains the
865 * data (maybe because the producer writes directly into the target buffer), so
866 * only the buffer overflow check has to be made.
867 * In this case, both 'buffer' and 'tempbuf' can be NULL values.
868 *
869 * This function is useful in case the userland application does not know immediately
870 * all the data it has to write into the socket. This function provides a way to create
871 * the "stream" step by step, appending the new data to the old one. Then, when all the
872 * data has been bufferized, the application can call the sock_send() function.
873 *
874 * \param buffer: a char pointer to a user-allocated buffer that keeps the data
875 * that has to be copied.
876 *
877 * \param size: number of bytes that have to be copied.
878 *
879 * \param tempbuf: user-allocated buffer (of size 'totsize') in which data
880 * has to be copied.
881 *
882 * \param offset: an index into 'tempbuf' which keeps the location of its first
883 * empty location.
884 *
885 * \param totsize: total size of the buffer in which data is being copied.
886 *
887 * \param checkonly: '1' if we do not want to copy data into the buffer and we
888 * want just do a buffer ovreflow control, '0' if data has to be copied as well.
889 *
890 * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
891 * error message. This buffer has to be at least 'errbuflen' in length.
892 * It can be NULL; in this case the error cannot be printed.
893 *
894 * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
895 * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
896 *
897 * \return '0' if everything is fine, '-1' if some errors occurred. The error message
898 * is returned in the 'errbuf' variable. When the function returns, 'tempbuf' will
899 * have the new string appended, and 'offset' will keep the length of that buffer.
900 * In case of 'checkonly == 1', data is not copied, but 'offset' is updated in any case.
901 *
902 * \warning This function assumes that the buffer in which data has to be stored is
903 * large 'totbuf' bytes.
904 *
905 * \warning In case of 'checkonly', be carefully to call this function *before* copying
906 * the data into the buffer. Otherwise, the control about the buffer overflow is useless.
907 */
908 int sock_bufferize(const char *buffer, int size, char *tempbuf, int *offset, int totsize, int checkonly, char *errbuf, int errbuflen)
909 {
910 if ((*offset + size) > totsize)
911 {
912 if (errbuf)
913 pcap_snprintf(errbuf, errbuflen, "Not enough space in the temporary send buffer.");
914 return -1;
915 }
916
917 if (!checkonly)
918 memcpy(tempbuf + (*offset), buffer, size);
919
920 (*offset) += size;
921
922 return 0;
923 }
924
925 /*
926 * \brief It waits on a connected socket and it manages to receive data.
927 *
928 * This function basically calls the recv() socket function and it checks that no
929 * error occurred. If that happens, it writes the error message into 'errbuf'.
930 *
931 * This function changes its behavior according to the 'receiveall' flag: if we
932 * want to receive exactly 'size' byte, it loops on the recv() until all the requested
933 * data is arrived. Otherwise, it returns the data currently available.
934 *
935 * In case the socket does not have enough data available, it cycles on the recv()
936 * until the requested data (of size 'size') is arrived.
937 * In this case, it blocks until the number of bytes read is equal to 'size'.
938 *
939 * \param sock: the connected socket currently opened.
940 *
941 * \param buffer: a char pointer to a user-allocated buffer in which data has to be stored
942 *
943 * \param size: size of the allocated buffer. WARNING: this indicates the number of bytes
944 * that we are expecting to be read.
945 *
946 * \param flags:
947 *
948 * SOCK_RECEIVALL_XXX:
949 *
950 * if SOCK_RECEIVEALL_NO, return as soon as some data is ready
951 * if SOCK_RECEIVALL_YES, wait until 'size' data has been
952 * received (in case the socket does not have enough data available).
953 *
954 * SOCK_EOF_XXX:
955 *
956 * if SOCK_EOF_ISNT_ERROR, if the first read returns 0, just return 0,
957 * and return an error on any subsequent read that returns 0;
958 * if SOCK_EOF_IS_ERROR, if any read returns 0, return an error.
959 *
960 * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
961 * error message. This buffer has to be at least 'errbuflen' in length.
962 * It can be NULL; in this case the error cannot be printed.
963 *
964 * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
965 * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
966 *
967 * \return the number of bytes read if everything is fine, '-1' if some errors occurred.
968 * The error message is returned in the 'errbuf' variable.
969 */
970
971 int sock_recv(SOCKET sock, SSL *ssl _U_NOSSL_, void *buffer, size_t size,
972 int flags, char *errbuf, int errbuflen)
973 {
974 int recv_flags = 0;
975 char *bufp = buffer;
976 int remaining;
977 ssize_t nread;
978
979 if (size == 0)
980 {
981 return 0;
982 }
983 if (size > INT_MAX)
984 {
985 if (errbuf)
986 {
987 pcap_snprintf(errbuf, errbuflen,
988 "Can't read more than %u bytes with sock_recv",
989 INT_MAX);
990 }
991 return -1;
992 }
993
994 if (flags & SOCK_MSG_PEEK)
995 recv_flags |= MSG_PEEK;
996
997 bufp = (char *) buffer;
998 remaining = (int) size;
999
1000 /*
1001 * We don't use MSG_WAITALL because it's not supported in
1002 * Win32.
1003 */
1004 for (;;) {
1005 #ifdef HAVE_OPENSSL
1006 if (ssl)
1007 {
1008 /*
1009 * XXX - what about MSG_PEEK?
1010 */
1011 nread = ssl_recv(ssl, bufp, remaining, errbuf, errbuflen);
1012 if (nread == -2) return -1;
1013 }
1014 else
1015 nread = recv(sock, bufp, remaining, recv_flags);
1016 #else
1017 nread = recv(sock, bufp, remaining, recv_flags);
1018 #endif
1019
1020 if (nread == -1)
1021 {
1022 #ifndef _WIN32
1023 if (errno == EINTR)
1024 return -3;
1025 #endif
1026 sock_geterror("recv(): ", errbuf, errbuflen);
1027 return -1;
1028 }
1029
1030 if (nread == 0)
1031 {
1032 if ((flags & SOCK_EOF_IS_ERROR) ||
1033 (remaining != (int) size))
1034 {
1035 /*
1036 * Either we've already read some data,
1037 * or we're always supposed to return
1038 * an error on EOF.
1039 */
1040 if (errbuf)
1041 {
1042 pcap_snprintf(errbuf, errbuflen,
1043 "The other host terminated the connection.");
1044 }
1045 return -1;
1046 }
1047 else
1048 return 0;
1049 }
1050
1051 /*
1052 * Do we want to read the amount requested, or just return
1053 * what we got?
1054 */
1055 if (!(flags & SOCK_RECEIVEALL_YES))
1056 {
1057 /*
1058 * Just return what we got.
1059 */
1060 return (int) nread;
1061 }
1062
1063 bufp += nread;
1064 remaining -= nread;
1065
1066 if (remaining == 0)
1067 return (int) size;
1068 }
1069 }
1070
1071 /*
1072 * Receives a datagram from a socket.
1073 *
1074 * Returns the size of the datagram on success or -1 on error.
1075 */
1076 int sock_recv_dgram(SOCKET sock, SSL *ssl _U_NOSSL_, void *buffer, size_t size,
1077 char *errbuf, int errbuflen)
1078 {
1079 ssize_t nread;
1080 #ifndef _WIN32
1081 struct msghdr message;
1082 struct iovec iov;
1083 #endif
1084
1085 if (size == 0)
1086 {
1087 return 0;
1088 }
1089 if (size > INT_MAX)
1090 {
1091 if (errbuf)
1092 {
1093 pcap_snprintf(errbuf, errbuflen,
1094 "Can't read more than %u bytes with sock_recv_dgram",
1095 INT_MAX);
1096 }
1097 return -1;
1098 }
1099
1100 #ifdef HAVE_OPENSSL
1101 // TODO: DTLS
1102 if (ssl)
1103 {
1104 pcap_snprintf(errbuf, errbuflen, "DTLS not implemented yet");
1105 return -1;
1106 }
1107 #endif
1108
1109 /*
1110 * This should be a datagram socket, so we should get the
1111 * entire datagram in one recv() or recvmsg() call, and
1112 * don't need to loop.
1113 */
1114 #ifdef _WIN32
1115 nread = recv(sock, buffer, (int)size, 0);
1116 if (nread == SOCKET_ERROR)
1117 {
1118 /*
1119 * To quote the MSDN documentation for recv(),
1120 * "If the datagram or message is larger than
1121 * the buffer specified, the buffer is filled
1122 * with the first part of the datagram, and recv
1123 * generates the error WSAEMSGSIZE. For unreliable
1124 * protocols (for example, UDP) the excess data is
1125 * lost..."
1126 *
1127 * So if the message is bigger than the buffer
1128 * supplied to us, the excess data is discarded,
1129 * and we'll report an error.
1130 */
1131 sock_geterror("recv(): ", errbuf, errbuflen);
1132 return -1;
1133 }
1134 #else /* _WIN32 */
1135 /*
1136 * The Single UNIX Specification says that a recv() on
1137 * a socket for a message-oriented protocol will discard
1138 * the excess data. It does *not* indicate that the
1139 * receive will fail with, for example, EMSGSIZE.
1140 *
1141 * Therefore, we use recvmsg(), which appears to be
1142 * the only way to get a "message truncated" indication
1143 * when receiving a message for a message-oriented
1144 * protocol.
1145 */
1146 message.msg_name = NULL; /* we don't care who it's from */
1147 message.msg_namelen = 0;
1148 iov.iov_base = buffer;
1149 iov.iov_len = size;
1150 message.msg_iov = &iov;
1151 message.msg_iovlen = 1;
1152 #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
1153 message.msg_control = NULL; /* we don't care about control information */
1154 message.msg_controllen = 0;
1155 #endif
1156 #ifdef HAVE_STRUCT_MSGHDR_MSG_FLAGS
1157 message.msg_flags = 0;
1158 #endif
1159 nread = recvmsg(sock, &message, 0);
1160 if (nread == -1)
1161 {
1162 if (errno == EINTR)
1163 return -3;
1164 sock_geterror("recv(): ", errbuf, errbuflen);
1165 return -1;
1166 }
1167 #ifdef HAVE_STRUCT_MSGHDR_MSG_FLAGS
1168 /*
1169 * XXX - Solaris supports this, but only if you ask for the
1170 * X/Open version of recvmsg(); should we use that, or will
1171 * that cause other problems?
1172 */
1173 if (message.msg_flags & MSG_TRUNC)
1174 {
1175 /*
1176 * Message was bigger than the specified buffer size.
1177 *
1178 * Report this as an error, as the Microsoft documentation
1179 * implies we'd do in a similar case on Windows.
1180 */
1181 pcap_snprintf(errbuf, errbuflen, "recv(): Message too long");
1182 return -1;
1183 }
1184 #endif /* HAVE_STRUCT_MSGHDR_MSG_FLAGS */
1185 #endif /* _WIN32 */
1186
1187 /*
1188 * The size we're reading fits in an int, so the return value
1189 * will fit in an int.
1190 */
1191 return (int)nread;
1192 }
1193
1194 /*
1195 * \brief It discards N bytes that are currently waiting to be read on the current socket.
1196 *
1197 * This function is useful in case we receive a message we cannot understand (e.g.
1198 * wrong version number when receiving a network packet), so that we have to discard all
1199 * data before reading a new message.
1200 *
1201 * This function will read 'size' bytes from the socket and discard them.
1202 * It defines an internal buffer in which data will be copied; however, in case
1203 * this buffer is not large enough, it will cycle in order to read everything as well.
1204 *
1205 * \param sock: the connected socket currently opened.
1206 *
1207 * \param size: number of bytes that have to be discarded.
1208 *
1209 * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
1210 * error message. This buffer has to be at least 'errbuflen' in length.
1211 * It can be NULL; in this case the error cannot be printed.
1212 *
1213 * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
1214 * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
1215 *
1216 * \return '0' if everything is fine, '-1' if some errors occurred.
1217 * The error message is returned in the 'errbuf' variable.
1218 */
1219 int sock_discard(SOCKET sock, SSL *ssl, int size, char *errbuf, int errbuflen)
1220 {
1221 #define TEMP_BUF_SIZE 32768
1222
1223 char buffer[TEMP_BUF_SIZE]; /* network buffer, to be used when the message is discarded */
1224
1225 /*
1226 * A static allocation avoids the need of a 'malloc()' each time we want to discard a message
1227 * Our feeling is that a buffer if 32KB is enough for most of the application;
1228 * in case this is not enough, the "while" loop discards the message by calling the
1229 * sockrecv() several times.
1230 * We do not want to create a bigger variable because this causes the program to exit on
1231 * some platforms (e.g. BSD)
1232 */
1233 while (size > TEMP_BUF_SIZE)
1234 {
1235 if (sock_recv(sock, ssl, buffer, TEMP_BUF_SIZE, SOCK_RECEIVEALL_YES, errbuf, errbuflen) == -1)
1236 return -1;
1237
1238 size -= TEMP_BUF_SIZE;
1239 }
1240
1241 /*
1242 * If there is still data to be discarded
1243 * In this case, the data can fit into the temporary buffer
1244 */
1245 if (size)
1246 {
1247 if (sock_recv(sock, ssl, buffer, size, SOCK_RECEIVEALL_YES, errbuf, errbuflen) == -1)
1248 return -1;
1249 }
1250
1251 return 0;
1252 }
1253
1254 /*
1255 * \brief Checks that one host (identified by the sockaddr_storage structure) belongs to an 'allowed list'.
1256 *
1257 * This function is useful after an accept() call in order to check if the connecting
1258 * host is allowed to connect to me. To do that, we have a buffer that keeps the list of the
1259 * allowed host; this function checks the sockaddr_storage structure of the connecting host
1260 * against this host list, and it returns '0' is the host is included in this list.
1261 *
1262 * \param hostlist: pointer to a string that contains the list of the allowed host.
1263 *
1264 * \param sep: a string that keeps the separators used between the hosts (for example the
1265 * space character) in the host list.
1266 *
1267 * \param from: a sockaddr_storage structure, as it is returned by the accept() call.
1268 *
1269 * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
1270 * error message. This buffer has to be at least 'errbuflen' in length.
1271 * It can be NULL; in this case the error cannot be printed.
1272 *
1273 * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
1274 * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
1275 *
1276 * \return It returns:
1277 * - '1' if the host list is empty
1278 * - '0' if the host belongs to the host list (and therefore it is allowed to connect)
1279 * - '-1' in case the host does not belong to the host list (and therefore it is not allowed to connect
1280 * - '-2' in case or error. The error message is returned in the 'errbuf' variable.
1281 */
1282 int sock_check_hostlist(char *hostlist, const char *sep, struct sockaddr_storage *from, char *errbuf, int errbuflen)
1283 {
1284 /* checks if the connecting host is among the ones allowed */
1285 if ((hostlist) && (hostlist[0]))
1286 {
1287 char *token; /* temp, needed to separate items into the hostlist */
1288 struct addrinfo *addrinfo, *ai_next;
1289 char *temphostlist;
1290 char *lasts;
1291 int getaddrinfo_failed = 0;
1292
1293 /*
1294 * The problem is that strtok modifies the original variable by putting '0' at the end of each token
1295 * So, we have to create a new temporary string in which the original content is kept
1296 */
1297 temphostlist = strdup(hostlist);
1298 if (temphostlist == NULL)
1299 {
1300 sock_geterror("sock_check_hostlist(), malloc() failed", errbuf, errbuflen);
1301 return -2;
1302 }
1303
1304 token = pcap_strtok_r(temphostlist, sep, &lasts);
1305
1306 /* it avoids a warning in the compilation ('addrinfo used but not initialized') */
1307 addrinfo = NULL;
1308
1309 while (token != NULL)
1310 {
1311 struct addrinfo hints;
1312 int retval;
1313
1314 addrinfo = NULL;
1315 memset(&hints, 0, sizeof(struct addrinfo));
1316 hints.ai_family = PF_UNSPEC;
1317 hints.ai_socktype = SOCK_STREAM;
1318
1319 retval = getaddrinfo(token, NULL, &hints, &addrinfo);
1320 if (retval != 0)
1321 {
1322 if (errbuf)
1323 get_gai_errstring(errbuf, errbuflen,
1324 "Allowed host list error: ",
1325 retval, token, NULL);
1326
1327 /*
1328 * Note that at least one call to getaddrinfo()
1329 * failed.
1330 */
1331 getaddrinfo_failed = 1;
1332
1333 /* Get next token */
1334 token = pcap_strtok_r(NULL, sep, &lasts);
1335 continue;
1336 }
1337
1338 /* ai_next is required to preserve the content of addrinfo, in order to deallocate it properly */
1339 ai_next = addrinfo;
1340 while (ai_next)
1341 {
1342 if (sock_cmpaddr(from, (struct sockaddr_storage *) ai_next->ai_addr) == 0)
1343 {
1344 free(temphostlist);
1345 freeaddrinfo(addrinfo);
1346 return 0;
1347 }
1348
1349 /*
1350 * If we are here, it means that the current address does not matches
1351 * Let's try with the next one in the header chain
1352 */
1353 ai_next = ai_next->ai_next;
1354 }
1355
1356 freeaddrinfo(addrinfo);
1357 addrinfo = NULL;
1358
1359 /* Get next token */
1360 token = pcap_strtok_r(NULL, sep, &lasts);
1361 }
1362
1363 if (addrinfo)
1364 {
1365 freeaddrinfo(addrinfo);
1366 addrinfo = NULL;
1367 }
1368
1369 free(temphostlist);
1370
1371 if (getaddrinfo_failed) {
1372 /*
1373 * At least one getaddrinfo() call failed;
1374 * treat that as an error, so rpcapd knows
1375 * that it should log it locally as well
1376 * as telling the client about it.
1377 */
1378 return -2;
1379 } else {
1380 /*
1381 * All getaddrinfo() calls succeeded, but
1382 * the host wasn't in the list.
1383 */
1384 if (errbuf)
1385 pcap_snprintf(errbuf, errbuflen, "The host is not in the allowed host list. Connection refused.");
1386 return -1;
1387 }
1388 }
1389
1390 /* No hostlist, so we have to return 'empty list' */
1391 return 1;
1392 }
1393
1394 /*
1395 * \brief Compares two addresses contained into two sockaddr_storage structures.
1396 *
1397 * This function is useful to compare two addresses, given their internal representation,
1398 * i.e. an sockaddr_storage structure.
1399 *
1400 * The two structures do not need to be sockaddr_storage; you can have both 'sockaddr_in' and
1401 * sockaddr_in6, properly acsted in order to be compliant to the function interface.
1402 *
1403 * This function will return '0' if the two addresses matches, '-1' if not.
1404 *
1405 * \param first: a sockaddr_storage structure, (for example the one that is returned by an
1406 * accept() call), containing the first address to compare.
1407 *
1408 * \param second: a sockaddr_storage structure containing the second address to compare.
1409 *
1410 * \return '0' if the addresses are equal, '-1' if they are different.
1411 */
1412 int sock_cmpaddr(struct sockaddr_storage *first, struct sockaddr_storage *second)
1413 {
1414 if (first->ss_family == second->ss_family)
1415 {
1416 if (first->ss_family == AF_INET)
1417 {
1418 if (memcmp(&(((struct sockaddr_in *) first)->sin_addr),
1419 &(((struct sockaddr_in *) second)->sin_addr),
1420 sizeof(struct in_addr)) == 0)
1421 return 0;
1422 }
1423 else /* address family is AF_INET6 */
1424 {
1425 if (memcmp(&(((struct sockaddr_in6 *) first)->sin6_addr),
1426 &(((struct sockaddr_in6 *) second)->sin6_addr),
1427 sizeof(struct in6_addr)) == 0)
1428 return 0;
1429 }
1430 }
1431
1432 return -1;
1433 }
1434
1435 /*
1436 * \brief It gets the address/port the system picked for this socket (on connected sockets).
1437 *
1438 * It is used to return the address and port the server picked for our socket on the local machine.
1439 * It works only on:
1440 * - connected sockets
1441 * - server sockets
1442 *
1443 * On unconnected client sockets it does not work because the system dynamically chooses a port
1444 * only when the socket calls a send() call.
1445 *
1446 * \param sock: the connected socket currently opened.
1447 *
1448 * \param address: it contains the address that will be returned by the function. This buffer
1449 * must be properly allocated by the user. The address can be either literal or numeric depending
1450 * on the value of 'Flags'.
1451 *
1452 * \param addrlen: the length of the 'address' buffer.
1453 *
1454 * \param port: it contains the port that will be returned by the function. This buffer
1455 * must be properly allocated by the user.
1456 *
1457 * \param portlen: the length of the 'port' buffer.
1458 *
1459 * \param flags: a set of flags (the ones defined into the getnameinfo() standard socket function)
1460 * that determine if the resulting address must be in numeric / literal form, and so on.
1461 *
1462 * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
1463 * error message. This buffer has to be at least 'errbuflen' in length.
1464 * It can be NULL; in this case the error cannot be printed.
1465 *
1466 * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
1467 * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
1468 *
1469 * \return It returns '-1' if this function succeeds, '0' otherwise.
1470 * The address and port corresponding are returned back in the buffers 'address' and 'port'.
1471 * In any case, the returned strings are '0' terminated.
1472 *
1473 * \warning If the socket is using a connectionless protocol, the address may not be available
1474 * until I/O occurs on the socket.
1475 */
1476 int sock_getmyinfo(SOCKET sock, char *address, int addrlen, char *port, int portlen, int flags, char *errbuf, int errbuflen)
1477 {
1478 struct sockaddr_storage mysockaddr;
1479 socklen_t sockaddrlen;
1480
1481
1482 sockaddrlen = sizeof(struct sockaddr_storage);
1483
1484 if (getsockname(sock, (struct sockaddr *) &mysockaddr, &sockaddrlen) == -1)
1485 {
1486 sock_geterror("getsockname(): ", errbuf, errbuflen);
1487 return 0;
1488 }
1489
1490 /* Returns the numeric address of the host that triggered the error */
1491 return sock_getascii_addrport(&mysockaddr, address, addrlen, port, portlen, flags, errbuf, errbuflen);
1492 }
1493
1494 /*
1495 * \brief It retrieves two strings containing the address and the port of a given 'sockaddr' variable.
1496 *
1497 * This function is basically an extended version of the inet_ntop(), which does not exist in
1498 * Winsock because the same result can be obtained by using the getnameinfo().
1499 * However, differently from inet_ntop(), this function is able to return also literal names
1500 * (e.g. 'localhost') dependently from the 'Flags' parameter.
1501 *
1502 * The function accepts a sockaddr_storage variable (which can be returned by several functions
1503 * like bind(), connect(), accept(), and more) and it transforms its content into a 'human'
1504 * form. So, for instance, it is able to translate an hex address (stored in binary form) into
1505 * a standard IPv6 address like "::1".
1506 *
1507 * The behavior of this function depends on the parameters we have in the 'Flags' variable, which
1508 * are the ones allowed in the standard getnameinfo() socket function.
1509 *
1510 * \param sockaddr: a 'sockaddr_in' or 'sockaddr_in6' structure containing the address that
1511 * need to be translated from network form into the presentation form. This structure must be
1512 * zero-ed prior using it, and the address family field must be filled with the proper value.
1513 * The user must cast any 'sockaddr_in' or 'sockaddr_in6' structures to 'sockaddr_storage' before
1514 * calling this function.
1515 *
1516 * \param address: it contains the address that will be returned by the function. This buffer
1517 * must be properly allocated by the user. The address can be either literal or numeric depending
1518 * on the value of 'Flags'.
1519 *
1520 * \param addrlen: the length of the 'address' buffer.
1521 *
1522 * \param port: it contains the port that will be returned by the function. This buffer
1523 * must be properly allocated by the user.
1524 *
1525 * \param portlen: the length of the 'port' buffer.
1526 *
1527 * \param flags: a set of flags (the ones defined into the getnameinfo() standard socket function)
1528 * that determine if the resulting address must be in numeric / literal form, and so on.
1529 *
1530 * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
1531 * error message. This buffer has to be at least 'errbuflen' in length.
1532 * It can be NULL; in this case the error cannot be printed.
1533 *
1534 * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
1535 * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
1536 *
1537 * \return It returns '-1' if this function succeeds, '0' otherwise.
1538 * The address and port corresponding to the given SockAddr are returned back in the buffers 'address'
1539 * and 'port'.
1540 * In any case, the returned strings are '0' terminated.
1541 */
1542 int sock_getascii_addrport(const struct sockaddr_storage *sockaddr, char *address, int addrlen, char *port, int portlen, int flags, char *errbuf, int errbuflen)
1543 {
1544 socklen_t sockaddrlen;
1545 int retval; /* Variable that keeps the return value; */
1546
1547 retval = -1;
1548
1549 #ifdef _WIN32
1550 if (sockaddr->ss_family == AF_INET)
1551 sockaddrlen = sizeof(struct sockaddr_in);
1552 else
1553 sockaddrlen = sizeof(struct sockaddr_in6);
1554 #else
1555 sockaddrlen = sizeof(struct sockaddr_storage);
1556 #endif
1557
1558 if ((flags & NI_NUMERICHOST) == 0) /* Check that we want literal names */
1559 {
1560 if ((sockaddr->ss_family == AF_INET6) &&
1561 (memcmp(&((struct sockaddr_in6 *) sockaddr)->sin6_addr, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", sizeof(struct in6_addr)) == 0))
1562 {
1563 if (address)
1564 pcap_strlcpy(address, SOCKET_NAME_NULL_DAD, addrlen);
1565 return retval;
1566 }
1567 }
1568
1569 if (getnameinfo((struct sockaddr *) sockaddr, sockaddrlen, address, addrlen, port, portlen, flags) != 0)
1570 {
1571 /* If the user wants to receive an error message */
1572 if (errbuf)
1573 {
1574 sock_geterror("getnameinfo(): ", errbuf, errbuflen);
1575 errbuf[errbuflen - 1] = 0;
1576 }
1577
1578 if (address)
1579 {
1580 pcap_strlcpy(address, SOCKET_NO_NAME_AVAILABLE, addrlen);
1581 address[addrlen - 1] = 0;
1582 }
1583
1584 if (port)
1585 {
1586 pcap_strlcpy(port, SOCKET_NO_PORT_AVAILABLE, portlen);
1587 port[portlen - 1] = 0;
1588 }
1589
1590 retval = 0;
1591 }
1592
1593 return retval;
1594 }
1595
1596 /*
1597 * \brief It translates an address from the 'presentation' form into the 'network' form.
1598 *
1599 * This function basically replaces inet_pton(), which does not exist in Winsock because
1600 * the same result can be obtained by using the getaddrinfo().
1601 * An additional advantage is that 'Address' can be both a numeric address (e.g. '127.0.0.1',
1602 * like in inet_pton() ) and a literal name (e.g. 'localhost').
1603 *
1604 * This function does the reverse job of sock_getascii_addrport().
1605 *
1606 * \param address: a zero-terminated string which contains the name you have to
1607 * translate. The name can be either literal (e.g. 'localhost') or numeric (e.g. '::1').
1608 *
1609 * \param sockaddr: a user-allocated sockaddr_storage structure which will contains the
1610 * 'network' form of the requested address.
1611 *
1612 * \param addr_family: a constant which can assume the following values:
1613 * - 'AF_INET' if we want to ping an IPv4 host
1614 * - 'AF_INET6' if we want to ping an IPv6 host
1615 * - 'AF_UNSPEC' if we do not have preferences about the protocol used to ping the host
1616 *
1617 * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
1618 * error message. This buffer has to be at least 'errbuflen' in length.
1619 * It can be NULL; in this case the error cannot be printed.
1620 *
1621 * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
1622 * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
1623 *
1624 * \return '-1' if the translation succeeded, '-2' if there was some non critical error, '0'
1625 * otherwise. In case it fails, the content of the SockAddr variable remains unchanged.
1626 * A 'non critical error' can occur in case the 'Address' is a literal name, which can be mapped
1627 * to several network addresses (e.g. 'foo.bar.com' => '10.2.2.2' and '10.2.2.3'). In this case
1628 * the content of the SockAddr parameter will be the address corresponding to the first mapping.
1629 *
1630 * \warning The sockaddr_storage structure MUST be allocated by the user.
1631 */
1632 int sock_present2network(const char *address, struct sockaddr_storage *sockaddr, int addr_family, char *errbuf, int errbuflen)
1633 {
1634 int retval;
1635 struct addrinfo *addrinfo;
1636 struct addrinfo hints;
1637
1638 memset(&hints, 0, sizeof(hints));
1639
1640 hints.ai_family = addr_family;
1641
1642 if ((retval = sock_initaddress(address, "22222" /* fake port */, &hints, &addrinfo, errbuf, errbuflen)) == -1)
1643 return 0;
1644
1645 if (addrinfo->ai_family == PF_INET)
1646 memcpy(sockaddr, addrinfo->ai_addr, sizeof(struct sockaddr_in));
1647 else
1648 memcpy(sockaddr, addrinfo->ai_addr, sizeof(struct sockaddr_in6));
1649
1650 if (addrinfo->ai_next != NULL)
1651 {
1652 freeaddrinfo(addrinfo);
1653
1654 if (errbuf)
1655 pcap_snprintf(errbuf, errbuflen, "More than one socket requested; using the first one returned");
1656 return -2;
1657 }
1658
1659 freeaddrinfo(addrinfo);
1660 return -1;
1661 }
[mirror] the LIBpcap interface to various kernel packet capture mechanism