From da0e79048c01344bc430833ef989469f52dd3f3d Mon Sep 17 00:00:00 2001 From: John Denker Date: Tue, 17 Jul 2012 15:20:16 -0700 Subject: trivial --- .gitignore | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to '.gitignore') diff --git a/.gitignore b/.gitignore index f0e0ff6..b37624b 100644 --- a/.gitignore +++ b/.gitignore @@ -147,4 +147,7 @@ ucspi-tcp-0.88/who@ checkpasswd/auto_home.c checkpasswd/checkpassword checkpasswd/choose -checkpasswd/hasuserpw.h \ No newline at end of file +checkpasswd/hasuserpw.h +skrewt +mail-scan +hi-test -- cgit v1.2.3 From 1a6f4a654368174dc717d00b9eaf06872915d51c Mon Sep 17 00:00:00 2001 From: John Denker Date: Wed, 18 Jul 2012 04:58:53 -0700 Subject: add dummy-mta debian package --- .gitignore | 4 ++++ dummy-mta/control | 16 ++++++++++++++++ dummy-mta/debian-binary | 1 + dummy-mta/makefile | 13 +++++++++++++ 4 files changed, 34 insertions(+) create mode 100644 dummy-mta/control create mode 100644 dummy-mta/debian-binary create mode 100644 dummy-mta/makefile (limited to '.gitignore') diff --git a/.gitignore b/.gitignore index b37624b..3561ee3 100644 --- a/.gitignore +++ b/.gitignore @@ -151,3 +151,7 @@ checkpasswd/hasuserpw.h skrewt mail-scan hi-test + +control.tar.gz +data.tar.gz +dummy-mail-transfer-agent_all.deb diff --git a/dummy-mta/control b/dummy-mta/control new file mode 100644 index 0000000..0b5336d --- /dev/null +++ b/dummy-mta/control @@ -0,0 +1,16 @@ +Package: dummy-mail-transfer-agent +Provides: mail-transport-agent +Conflicts: mail-transport-agent +Version: 1 +Architecture: all +Maintainer: nobody +Installed-Size: 0 +Depends: +Section: universe/mail +Priority: extra +Description: Tells the package management system /not/ to go looking + for a Mail Transfer Agent such as exim or ssmtp. This is useful if + you plan to install a proper MTA later and don't want broken + depenencies in the meantime. It is also useful if you have installed + by hand something that provides MTA functionality, and you don't want + to bother making a .deb package out of it. diff --git a/dummy-mta/debian-binary b/dummy-mta/debian-binary new file mode 100644 index 0000000..cd5ac03 --- /dev/null +++ b/dummy-mta/debian-binary @@ -0,0 +1 @@ +2.0 diff --git a/dummy-mta/makefile b/dummy-mta/makefile new file mode 100644 index 0000000..f9e0cf5 --- /dev/null +++ b/dummy-mta/makefile @@ -0,0 +1,13 @@ + + +dummy-mail-transfer-agent_all.deb : debian-binary control.tar.gz data.tar.gz + ar -r $@ $^ + +control.tar.gz : control + tar -c $^ | gzip > $@ + +data.tar.gz : + tar --exclude '*' -c nothing-at-all | gzip > $@ + +install : dummy-mail-transfer-agent_all.deb + dpkg -i $< -- cgit v1.2.3 From 84688a05a4430daf8dedf80bce35286aff4f4b1c Mon Sep 17 00:00:00 2001 From: John Denker Date: Thu, 19 Jul 2012 17:24:43 -0700 Subject: bare beginnings of a greylisting system --- .gitignore | 3 ++ tools/filters.conf | 1 + tools/greylist.c | 89 +++++++++++++++++++++++++++++++++++++++++- tools/hi-q.c | 111 +++++++++++++++++++++++++++++------------------------ 4 files changed, 152 insertions(+), 52 deletions(-) (limited to '.gitignore') diff --git a/.gitignore b/.gitignore index 3561ee3..ca1ef6d 100644 --- a/.gitignore +++ b/.gitignore @@ -6,6 +6,7 @@ *.orig *.rej *.logg +*#[0-9]* has?????.h auto-gid @@ -151,7 +152,9 @@ checkpasswd/hasuserpw.h skrewt mail-scan hi-test +greylist +auto_uids.c control.tar.gz data.tar.gz dummy-mail-transfer-agent_all.deb diff --git a/tools/filters.conf b/tools/filters.conf index 8bc2efe..641b792 100644 --- a/tools/filters.conf +++ b/tools/filters.conf @@ -1,4 +1,5 @@ # configuration file for hi-q black /var/qmail/bin/skrewt +gray /var/qmail/bin/greylist black /usr/local/bin/spamc -Y 0 -s 1000000 qq /var/qmail/bin/qmail-queue diff --git a/tools/greylist.c b/tools/greylist.c index fa7d701..8adac05 100644 --- a/tools/greylist.c +++ b/tools/greylist.c @@ -1,5 +1,92 @@ +#include /* for exit(), getenv() */ +#include +#include +#include /* for stat() */ +#include /* for stat() */ +#include /* for stat() */ +#include /* for perror */ +#include /* for ENOENT */ +#include /* for ofstream() */ +#include /* for creat() */ +using namespace std; -int main(){ +const int sa_good = 0; +const int bug_bait_grey = 1; +// qmail_queue and spamc have similar interpretations here: +const int sa_syserr = 71; + +pid_t mypid; +string progname; + +void dump(const string var){ + char* str = getenv(var.c_str()); + cerr << progname + << "[" << mypid << "] " + << var; + if (str) cerr << " is set to '" << str << "'" << endl; + else cerr << " is not set." << endl; +} + +const string dirname("/var/qmail/greylist"); + + // int stat(const char *path, struct stat *buf); + // int fstat(int fd, struct stat *buf); + // int lstat(const char *path, struct stat *buf); + +int main(int argc, char** argv){ + mypid = getpid(); + progname = argv[0]; +// dump("TCPREMOTEIP"); +// dump("TCPREMOTEHOST"); + + char* ipvar = getenv("TCPREMOTEIP"); + if (!ipvar) { + cerr << progname << ": TCPREMOTEIP not set???" << endl; + exit(sa_syserr); + } + string ipbase = ipvar; + +// see if our directory exists: + struct stat dirstat; + int rslt = stat(dirname.c_str(), &dirstat); + if (rslt != 0){ + if (errno != ENOENT) { + cerr << progname << ": stat failed for '" + << dirname << "' : "; + perror(0); + } + rslt = mkdir(dirname.c_str(), 0755); + if (rslt != 0) { + cerr << progname + << "uid " << getuid() + << ": mkdir failed for '" + << dirname << "' : "; + perror(0); + exit(sa_syserr); + } + } + + string ipname = dirname + "/" + ipbase; + struct stat ipstat; + rslt = stat(ipname.c_str(), &ipstat); + if (rslt != 0){ + if (errno != ENOENT) { + cerr << progname << ": stat failed for '" + << ipname << "' : "; + perror(0); + } + ofstream foo; + int fd = creat(ipname.c_str(), 0644); + if (fd < 0){ + cerr << progname << ": create failed for '" + << ipname << "' : "; + perror(0); + } + close(fd); + return(bug_bait_grey); + } else { + cerr << "file exists: " << ipname << endl; + } return 0; } diff --git a/tools/hi-q.c b/tools/hi-q.c index 2ddc448..21724a1 100644 --- a/tools/hi-q.c +++ b/tools/hi-q.c @@ -11,7 +11,7 @@ #include #include /* for exit(), getenv() */ -#include +#include /* for perror */ #include #include /* for fork(), wait() */ #include @@ -29,6 +29,7 @@ using namespace std; // error exit codes, mostly as stated in qmail.c const int ex_good = 0; const int ex_spam = 21; +const int ex_grey = 70; const int ex_syserr = 71; const int ex_comerr = 74; @@ -139,7 +140,7 @@ int xclose(int arg){ extern char** environ; -typedef enum {gray, black, qq, fail} moder; +typedef enum {grey, black, qq, fail} moder; class jobber{ public: @@ -161,8 +162,8 @@ public: void setmode(const string _mode) { if (0) {} - else if (_mode == "gray") mode = gray; - else if (_mode == "grey") mode = gray; // variant spelling + else if (_mode == "gray") mode = grey; + else if (_mode == "grey") mode = grey; // variant spelling else if (_mode == "black") mode = black; else if (_mode == "qq") mode = qq; else { @@ -175,8 +176,8 @@ public: int main(int argc, char** argv) { progname = *argv; mypid = getpid(); - dump("TCPREMOTEIP"); - dump("TCPREMOTEHOST"); +// dump("TCPREMOTEIP"); +// dump("TCPREMOTEHOST"); int verbose(0); int kidstatus; @@ -270,41 +271,44 @@ int main(int argc, char** argv) { // to close it and dup() something useful onto it. map iiofpid; - for (unsigned int ii=0; ii < nkids; ii++){ /* loop starting all kids */ - int datapipe[2]; - int kid_end; + for (unsigned int ii=0; ii < nkids; ii++){ /* loop starting all kids */ //xx fprintf(stderr, "Top of loop %d loose: %d\n", ii, loose_end); - if (loose_end) { - close(0); - dup2(loose_end, 0); - close(loose_end); - } + int kid_end; + if (filter[ii].mode != grey){ + int datapipe[2]; -// Create a pipe, which will be used to connect -// this child's fd1 to the next child's fd0 ... -// except for the last kid, which reads both fd0 and fd1, -// while writing nothing. + if (loose_end) { + close(0); + dup2(loose_end, 0); + close(loose_end); + } - rslt = pipe(datapipe); - if (rslt < 0) { - fprintf(stderr, "hi-q: could not create datapipe: "); - perror(0); - panic(ex_syserr); - } + // Create a pipe, which will be used to connect + // this child's fd1 to the next child's fd0 ... + // except for the last kid, which reads both fd0 and fd1, + // while writing nothing. -//xx fprintf(stderr, "pipe: %d %d\n", datapipe[0], datapipe[1]); + rslt = pipe(datapipe); + if (rslt < 0) { + fprintf(stderr, "hi-q: could not create datapipe: "); + perror(0); + panic(ex_syserr); + } -// For N-1 kids, the loose end feeds forward. -// It will be written by this kid and read by the next kid. -// For the last kid, the loose end connects to hi-q. -// It will be written by hi-q and read by the last kid. + //xx fprintf(stderr, "pipe: %d %d\n", datapipe[0], datapipe[1]); - int lastkid = (ii == nkids-1); -#define flip(a,b) (lastkid ? b : a) - loose_end = datapipe[flip(rEnd, wEnd)]; - kid_end = datapipe[flip(wEnd, rEnd)]; + // For N-1 kids, the loose end feeds forward. + // It will be written by this kid and read by the next kid. + // For the last kid, the loose end connects to hi-q. + // It will be written by hi-q and read by the last kid. + + int lastkid = (ii == nkids-1); + #define flip(a,b) (lastkid ? b : a) + loose_end = datapipe[flip(rEnd, wEnd)]; + kid_end = datapipe[flip(wEnd, rEnd)]; + } kidpid[ii] = fork(); if (kidpid[ii] == -1) { @@ -358,24 +362,23 @@ int main(int argc, char** argv) { } } -// Now that we are through creating pipes, we don't -// need to continue blocking fd1: - close(1); - - close(loose_end); // the reading end is none of this kid's business - // except last kid: writing end + if (filter[ii].mode != grey){ + close(loose_end); // the reading end is none of this kid's business + // except last kid: writing end + + // Note this does an implicit close on the previously-open fd1: + rslt = dup2(kid_end, 1); // the writing end is stdout for this kid + // except last kid: nonstandard input + if (rslt < 0) { + fprintf(stderr, "hi-q: kid %d: dup2(%d,1) failed: ", ii, kid_end); + perror(0); + exit(ex_syserr); + } - rslt = dup2(kid_end, 1); // the writing end is stdout for this kid - // except last kid: nonstandard input - if (rslt < 0) { - fprintf(stderr, "hi-q: kid %d: dup2(%d,1) failed: ", ii, kid_end); - perror(0); - exit(ex_syserr); + close(kid_end); // use fd1 instead now + // OK, at this point this kid is set up to read fd0 and write fd1 + // (except last kid reads fd1 as well as fd0). } - - close(kid_end); // use fd1 instead now - // OK, at this point this kid is set up to read fd0 and write fd1 - // (except last kid reads fd1 as well as fd0). //// probe_fd(); int ntok = filter[ii].cmd.size(); @@ -499,14 +502,20 @@ int main(int argc, char** argv) { if (best_blame) { string short_name(""); int kidno(iiofpid[argbest_blame]); + string exword = "spam"; + int excode = ex_spam; + if (filter[kidno].mode == grey) { + exword = "greylisting"; + excode = ex_grey; + } if (WIFEXITED(best_blame)) { int sts = WEXITSTATUS(best_blame); if (sts == 1) { cerr << "hi-q says: kid[" << kidno << "]" << " pid " << argbest_blame << " i.e. '" << filter[kidno].cmd[0] << "'" - << " reports spam." << endl; - panic(ex_spam); + << " reports " << exword << endl; + panic(excode); } if (sts != 0) { cerr << "hi-q says: kid " << argbest_blame -- cgit v1.2.3 From 8f18b37fd5a46d28544a4f31465c47428a43398b Mon Sep 17 00:00:00 2001 From: John Denker Date: Sun, 22 Jul 2012 19:13:11 -0700 Subject: create the "bash-c" program, so as to make it easy to write self-executing scripts --- .gitignore | 3 +++ tools/bash-c.c | 36 ++++++++++++++++++++++++++++++++++++ tools/hi-test.conf | 2 +- tools/hi-test2.conf | 10 ++++++---- tools/hi-test3.conf | 2 +- tools/makefile | 5 ++++- tools/t-bash-c | 3 +++ 7 files changed, 54 insertions(+), 7 deletions(-) create mode 100644 tools/bash-c.c mode change 100644 => 100755 tools/hi-test.conf mode change 100644 => 100755 tools/hi-test2.conf create mode 100755 tools/t-bash-c (limited to '.gitignore') diff --git a/.gitignore b/.gitignore index ca1ef6d..574561f 100644 --- a/.gitignore +++ b/.gitignore @@ -7,6 +7,7 @@ *.rej *.logg *#[0-9]* +\#*# has?????.h auto-gid @@ -158,3 +159,5 @@ auto_uids.c control.tar.gz data.tar.gz dummy-mail-transfer-agent_all.deb +bash-c +wripper diff --git a/tools/bash-c.c b/tools/bash-c.c new file mode 100644 index 0000000..6b2844d --- /dev/null +++ b/tools/bash-c.c @@ -0,0 +1,36 @@ +////////////// + +using namespace std; +#include +#include +#include +#include +#include /* for perror() */ +#include /* for exit() */ + + +string dirname(const string path){ + size_t where = path.rfind("/"); + if (where == string::npos) return "."; + return path.substr(0, where); +} + +int main(int argc, char** argv){ + int verbosity(0); + + char* nargv[1+argc]; + for (int ii = 1; ii <= argc; ii++){ + if (verbosity) { + if (argv[ii] == 0) cout << "zero" << endl; + else cout << "[" << argv[ii] << "]" << endl; + } + nargv[1+ii] = argv[ii]; + } + nargv[1] = (char*)"-c"; + nargv[0] = (char*)"/home/jsd/bin/ECHO"; + nargv[0] = (char*)"/bin/bash"; + + execv(*nargv, nargv); + cerr << "bash-c: exec failed for '" << *nargv << "' : "; + perror(0); +} diff --git a/tools/hi-test.conf b/tools/hi-test.conf old mode 100644 new mode 100755 index aa6a1cf..f692f37 --- a/tools/hi-test.conf +++ b/tools/hi-test.conf @@ -1,4 +1,4 @@ -# comment +#! /usr/local/bin/bash-c set -x ; Date: Mon, 23 Jul 2012 12:42:23 -0700 Subject: much more logical about keeping track of pipes and how they are used --- .gitignore | 1 + tools/hi-q.c | 195 ++++++++++++++++++++++++++++++++-------------------- tools/hi-test.c | 33 +++++++-- tools/hi-test.conf | 7 +- tools/hi-test5.conf | 6 ++ 5 files changed, 161 insertions(+), 81 deletions(-) create mode 100755 tools/hi-test5.conf (limited to '.gitignore') diff --git a/.gitignore b/.gitignore index 574561f..ad1d359 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,7 @@ *~ *.a *.o +*.d *.lib *.0 *.orig diff --git a/tools/hi-q.c b/tools/hi-q.c index 114570f..5ee7688 100644 --- a/tools/hi-q.c +++ b/tools/hi-q.c @@ -64,6 +64,7 @@ foo_sa(CONFIG, 78, "configuration error") ;\ foo_sa(TOOBIG, 98, "message was too big to process (see --max-size)" +typedef enum {MSG, ENV} channeler; #define bufsize 16384 @@ -198,6 +199,7 @@ void slurp(const int inch, const int ouch){ ssize_t todo; for (;;) { ssize_t got = read(inch, buf, bufsize); + //xx cerr << "slurp: read returns " << got << endl; if (got == 0) { // EoF break; } @@ -210,6 +212,7 @@ void slurp(const int inch, const int ouch){ todo = got; while (todo) { ssize_t sent = write(ouch, buf, todo); + //xx cerr << "slurp: write returns " << sent << endl; if (sent < 0 && errno != EINTR) { fprintf(stderr, "hi-q: output error on fd%d : ", ouch); perror(0); @@ -282,6 +285,22 @@ string basename(const string path){ return path; } +void attach(const int pipe_end, const int fd, const int kidno){ + cerr << "attaching current pipe_end " << pipe_end + << " to " << fd + << " for " << kidno << endl; + if (pipe_end != fd) { + int rslt = dup2(pipe_end, fd); + if (rslt < 0) { + fprintf(stderr, "hi-q: dup2(%d,%d) failed for kid %d : ", pipe_end, fd, kidno); + perror(0); + exit(ex_syserr); + } + close(pipe_end); + } + +} + int main(int argc, char** argv) { { progname = *argv; @@ -299,7 +318,6 @@ bar int kidstatus; int rslt; - int loose_end = 0; // our original stdin typedef vector VS; vector filter; @@ -395,11 +413,28 @@ bar // to close it and dup() something useful onto it. map iiofpid; - + map next_read; + next_read[MSG] = 0; // our original stdin + next_read[ENV] = -1; // no kid is (yet) empowered to read envelope info + int slurp_read(1); // our original non-standard input + int slurp_write = -1; // effectively next_write[ENV]; + map current_read; + map cur_write; // current kid writes here + cur_write[MSG] = -1; + cur_write[ENV] = -1; + +// important loop to start all kids for (unsigned int ii=0; ii < nkids; ii++){ /* loop starting all kids */ - //xx cerr << "top of loop ... loose end " << loose_end << " for " << ii << endl; - if (loose_end > 20) exit(99); - int kid_end; + current_read = next_read; + + cerr << "top of loop: " + << " cr.MSG: " << current_read[MSG] + << " cr.ENV: " << current_read[ENV] + << " w.MSG: " << cur_write[MSG] + << " w.ENV: " << cur_write[ENV] + << " for " << ii << endl; + if (current_read[MSG] > 20) exit(99); + if (current_read[ENV] > 20) exit(99); int datapipe[2]; @@ -407,17 +442,15 @@ bar case series: case qq: case sa: -// connect *old* loose end to this kid's stdin - //xx cerr << "moving old loose end " << loose_end << " to 0 for " << ii << endl; - if (loose_end) { - close(0); - dup2(loose_end, 0); - close(loose_end); - } -// Create a pipe, which will be used to connect -// this child's fd1 to the next child's fd0 ... -// except for the last kid, which reads both fd0 and fd1, +// Create a new pipe. +// Pipe must be created here (in the parent). +// The intended bindings must be figured out shortly below. +// Some of the bindings must be hooked up later (in the child), +// while others are used by the parent (e.g. envelope slurp). +// This pipe will be used (by the children) to connect +// this child's output to the next child's input ... +// except for the special kid, which reads both fd0 and fd1, // while writing nothing. rslt = pipe(datapipe); if (rslt < 0) { @@ -425,6 +458,10 @@ bar perror(0); exeunt(ex_syserr); } + if (1) cerr << "new pipe" + << " reading: " << datapipe[rEnd] + << " writing: " << datapipe[wEnd] + << endl; break; case postspam: case stub: @@ -435,20 +472,23 @@ bar exeunt(ex_syserr); } -// For N-1 kids, the loose end feeds forward. -// It will be written by this kid and read by the next kid. -// For the special kid, the loose end will be its nonstandard input. -// It will be written by us (hi-q) and read by the last kid. - +// figure out the intended bindings: switch (filter[ii].mode) { - case series: case sa: - loose_end = datapipe[rEnd]; - kid_end = datapipe[wEnd]; + case series: + cur_write[MSG] = datapipe[wEnd]; + next_read[MSG] = datapipe[rEnd]; break; case qq: - loose_end = datapipe[wEnd]; // reverse of normal "series" case - kid_end = datapipe[rEnd]; // reverse of normal "series" case + if (slurp_write >= 0){ + cerr << "???? multiple qq jobs?" << endl; + } + slurp_write= datapipe[wEnd]; + current_read[ENV] = datapipe[rEnd]; + next_read[ENV] = -1; + next_read[MSG] = -1; + cur_write[ENV] = -1; + cur_write[MSG] = -1; break; case postspam: case stub: @@ -467,7 +507,7 @@ bar } iiofpid[kidpid[ii]] = ii; if (!kidpid[ii]) { /*** child code ***/ - if (verbose) cerr << "top of kid ... loose end " << loose_end << " for " << ii << endl; + if (verbose) cerr << "top of kid ... loose end " << current_read[MSG] << " for " << ii << endl; pid_t kidgroup(0); // process group for all kids is // equal to pid of kid#0 @@ -513,31 +553,19 @@ bar } } - if (0) cerr << "before closing loose end " << loose_end - << " and kid end " << kid_end - << " for " << ii << endl; switch (filter[ii].mode){ - case sa: case qq: + attach(current_read[MSG], 0, ii); + attach(current_read[ENV], 1, ii); + break; + case sa: case series: - close(loose_end); // the reading end is none of this kid's business - // except last kid: writing end - - // Note this does an implicit close on the previously-open fd1: - rslt = dup2(kid_end, 1); // the writing end is stdout for this kid - // except last kid: nonstandard input - if (rslt < 0) { - fprintf(stderr, "hi-q: kid %d: dup2(%d,1) failed: ", ii, kid_end); - perror(0); - exit(ex_syserr); - } - close(kid_end); // use fd1 instead now - // OK, at this point this kid is set up to read fd0 and write fd1 - // (except last kid reads fd1 as well as fd0). + attach(current_read[MSG], 0, ii); + attach(cur_write[MSG], 1, ii); break; case stub: case postspam: - // nothing to do + // nothing to hook up; no pipe was even created. break; case fail: cerr << "should never happen: invalid filter" << endl; @@ -545,6 +573,12 @@ bar break; } +// in all modes: +// close envelope channel in kid space +// (leaving it open in parent space) + close(current_read[ENV]); + close(slurp_write); + //// probe_fd(); int ntok = filter[ii].cmd.size(); @@ -576,7 +610,10 @@ bar perror(0); exeunt(ex_syserr); } - close(kid_end); + +// these tricks are for kid: + close(cur_write[MSG]); + close(cur_write[ENV]); // Let kid #0 run a little ways: if (ii==0) { @@ -598,6 +635,7 @@ bar } /* end loop starting all kids */ // here with the whole pipeline of kids launched +// parent program continues close(resync[wEnd]); // important, so that block gets released close(resync[rEnd]); // less important, just housecleaning @@ -730,35 +768,46 @@ bar // Here if all filters agree this is not spam. // Now it is safe to transfer the envelope information: - slurp(1, loose_end); - close(1); - close(loose_end); + + if (0) cerr << "about to slurp: " + << " cr.MSG: " << current_read[MSG] + << " cr.ENV: " << current_read[ENV] + << " w.MSG: " << cur_write[MSG] + << " w.ENV: " << cur_write[ENV] + << " slurp_read: " << slurp_read + << " slurp_write: " << slurp_write + << endl; + + slurp(slurp_read, slurp_write); + close(slurp_write); + close(slurp_read); // now that the envelope information has been transfered, // wait for the last kid in the usual way - { - for(;;) { - waitpid(special_pid, &kidstatus, WUNTRACED); - if (WIFEXITED(kidstatus)) { - int sts = WEXITSTATUS(kidstatus); - cerr << progid - << " says: qq program" - << " i.e. " << basename(filter[nkids-1].cmd[0]) - << "[" << kidpid[nkids-1] << "]" - << " returned status " << sts - << endl; - return sts; - } else if (WIFSIGNALED(kidstatus)) { - cerr << progid - << " says: qq program" - << " i.e. " << basename(filter[nkids-1].cmd[0]) - << "[" << kidpid[nkids-1] << "]" - << " was killed by signal " << WTERMSIG(kidstatus) - << endl; - return ex_syserr; - } else { - /* paused, not dead */ - } + + for(;;) { + waitpid(special_pid, &kidstatus, WUNTRACED); + if (WIFEXITED(kidstatus)) { + int sts = WEXITSTATUS(kidstatus); + cerr << progid + << " says: qq program" + << " i.e. " << basename(filter[nkids-1].cmd[0]) + << "[" << kidpid[nkids-1] << "]" + << " returned status " << sts + << endl; + return sts; + } else if (WIFSIGNALED(kidstatus)) { + cerr << progid + << " says: qq program" + << " i.e. " << basename(filter[nkids-1].cmd[0]) + << "[" << kidpid[nkids-1] << "]" + << " was killed by signal " << WTERMSIG(kidstatus) + << endl; + return ex_syserr; + } else { + /* paused, not dead */ } - } + } /* loop until all kids accounted for */ + // should never get here; + // exit from within loop is the only way out } diff --git a/tools/hi-test.c b/tools/hi-test.c index e2626cc..0661ada 100644 --- a/tools/hi-test.c +++ b/tools/hi-test.c @@ -3,6 +3,7 @@ #include #include #include +#include #include /* perror() */ @@ -13,6 +14,8 @@ const int sa_good(0); const int sa_spam(1); const int sa_usage(64); +int verbosity(0); + //////////////// // little utility to help with argument parsing: // @@ -42,10 +45,12 @@ void exeunt(const int sts){ using namespace std; string progname; +string progid; +int mypid; void dump(const string var){ char* str = getenv(var.c_str()); - cerr << progname << ": " << var; + cerr << progid << " " << var; if (str) cerr << " is set to '" << str << "'" << endl; else cerr << " is not set." << endl; } @@ -55,10 +60,19 @@ void countsome(const int unit){ int total(0); for (;;) { int rslt = read(unit, buf, sizeof(buf)); + if (verbosity) cerr << "hi-test: count: unit " << unit + << " read returns " << rslt << endl; if (rslt <= 0) break; total += rslt; } - cerr << "read " << total << " bytes from unit " << unit << endl; + cerr << progid + << " read " << total << " bytes from unit " << unit << endl; +} + +string basename(const string path){ + size_t where = path.rfind("/"); + if (where != string::npos) return path.substr(1+where); + return path; } int main(int _argc, const char** _argv){ @@ -68,7 +82,16 @@ int main(int _argc, const char** _argv){ int countmode(0); int argc(_argc); const char **argv(_argv); - progname = *argv; argv++; argc--; + + { + progname = *argv; + mypid = getpid(); + stringstream binder; + binder << "+++++ " << basename(progname) << "[" << mypid << "]"; + progid = binder.str(); + } + + argv++; argc--; while (argc) { string arg(*argv); argv++; argc--; @@ -113,8 +136,8 @@ int main(int _argc, const char** _argv){ exit(sa_usage); } } - - cerr << "++++ hi-test pid: " << getpid() << " group: " << getpgid(0); + + cerr << progid << " group: " << getpgid(0); char* foo = getenv("HI_Q_GROUP"); if (foo) cerr << " HI_Q_GROUP: " << foo; cerr << endl; diff --git a/tools/hi-test.conf b/tools/hi-test.conf index f692f37..20df5a7 100755 --- a/tools/hi-test.conf +++ b/tools/hi-test.conf @@ -1,6 +1,7 @@ -#! /usr/local/bin/bash-c set -x ; Date: Thu, 26 Jul 2012 10:57:13 -0700 Subject: patch to support IPv6 in tcpserver --- .gitignore | 1 + ucspi-tcp-0.88/FILES | 37 +++++++++ ucspi-tcp-0.88/Makefile | 184 +++++++++++++++++++++++++++++++++++------ ucspi-tcp-0.88/TARGETS | 28 +++++++ ucspi-tcp-0.88/dns.h | 63 ++++++++------ ucspi-tcp-0.88/dns_dfd.c | 11 +-- ucspi-tcp-0.88/dns_domain.c | 36 +++++--- ucspi-tcp-0.88/dns_dtda.c | 2 +- ucspi-tcp-0.88/dns_ip.c | 4 +- ucspi-tcp-0.88/dns_ipq.c | 6 +- ucspi-tcp-0.88/dns_name.c | 19 ++++- ucspi-tcp-0.88/dns_nd.c | 2 +- ucspi-tcp-0.88/dns_packet.c | 9 +- ucspi-tcp-0.88/dns_random.c | 3 +- ucspi-tcp-0.88/dns_rcip.c | 29 ++++--- ucspi-tcp-0.88/dns_rcrw.c | 5 +- ucspi-tcp-0.88/dns_resolve.c | 7 +- ucspi-tcp-0.88/dns_transmit.c | 71 ++++++++-------- ucspi-tcp-0.88/dns_txt.c | 4 +- ucspi-tcp-0.88/hier.c | 19 +++++ ucspi-tcp-0.88/ip4.h | 2 + ucspi-tcp-0.88/pathexec.h | 2 +- ucspi-tcp-0.88/pathexec_env.c | 3 +- ucspi-tcp-0.88/rblsmtpd.c | 46 +++++++++-- ucspi-tcp-0.88/remoteinfo.h | 1 + ucspi-tcp-0.88/rules.c | 2 +- ucspi-tcp-0.88/socket.h | 39 ++++++++- ucspi-tcp-0.88/socket_bind.c | 4 +- ucspi-tcp-0.88/socket_conn.c | 2 +- ucspi-tcp-0.88/str.h | 14 ++-- ucspi-tcp-0.88/str_chr.c | 4 +- ucspi-tcp-0.88/str_diff.c | 2 +- ucspi-tcp-0.88/str_len.c | 4 +- ucspi-tcp-0.88/str_start.c | 2 +- ucspi-tcp-0.88/stralloc.h | 12 +-- ucspi-tcp-0.88/stralloc_catb.c | 2 +- ucspi-tcp-0.88/stralloc_cats.c | 2 +- ucspi-tcp-0.88/stralloc_opyb.c | 2 +- ucspi-tcp-0.88/stralloc_opys.c | 2 +- ucspi-tcp-0.88/tcpclient.c | 73 ++++++++++------ ucspi-tcp-0.88/tcprules.c | 11 ++- ucspi-tcp-0.88/tcpserver.c | 112 +++++++++++++++++-------- ucspi-tcp-0.88/timeoutconn.h | 2 + 43 files changed, 644 insertions(+), 241 deletions(-) (limited to '.gitignore') diff --git a/.gitignore b/.gitignore index ad1d359..e929027 100644 --- a/.gitignore +++ b/.gitignore @@ -10,6 +10,7 @@ *#[0-9]* \#*# +ucspi-tcp-0.88-ipv6.patch has?????.h auto-gid auto-int diff --git a/ucspi-tcp-0.88/FILES b/ucspi-tcp-0.88/FILES index cfb38a5..142aed9 100644 --- a/ucspi-tcp-0.88/FILES +++ b/ucspi-tcp-0.88/FILES @@ -216,3 +216,40 @@ wait_pid.c warn-auto.sh warn-shsgr x86cpuid.c +dns_ip6.c +dns_ipq6.c +dns_nd6.c +dns_sortip6.c +fmt_xlong.c +ip6_fmt.c +ip6_scan.c +scan_0x.c +socket_accept6.c +socket_bind6.c +socket_conn6.c +socket_local6.c +socket_recv6.c +socket_remote6.c +socket_send6.c +socket_tcp6.c +timeoutconn6.c +tryip6.c +haveip6.h2 +haveip6.h1 +remoteinfo6.c +addcr.1 +argv0.1 +date@.1 +delcr.1 +finger@.1 +fixcr.1 +http@.1 +mconnect.1 +recordio.1 +tcp-environ.5 +tcpcat.1 +tcpclient.1 +tcprules.1 +tcprulescheck.1 +tcpserver.1 +who@.1 diff --git a/ucspi-tcp-0.88/Makefile b/ucspi-tcp-0.88/Makefile index a67b0cb..1b7c9dc 100644 --- a/ucspi-tcp-0.88/Makefile +++ b/ucspi-tcp-0.88/Makefile @@ -76,12 +76,14 @@ byte.a: \ makelib byte_chr.o byte_copy.o byte_cr.o byte_diff.o byte_rchr.o \ byte_zero.o case_diffb.o case_diffs.o fmt_ulong.o ip4_fmt.o \ ip4_scan.o scan_ulong.o str_chr.o str_diff.o str_len.o str_start.o \ -uint16_pack.o uint16_unpack.o uint32_pack.o uint32_unpack.o +uint16_pack.o uint16_unpack.o uint32_pack.o uint32_unpack.o \ +ip6_fmt.o scan_ip6.o scan_xlong.o fmt_xlong.o ./makelib byte.a byte_chr.o byte_copy.o byte_cr.o \ byte_diff.o byte_rchr.o byte_zero.o case_diffb.o \ case_diffs.o fmt_ulong.o ip4_fmt.o ip4_scan.o scan_ulong.o \ str_chr.o str_diff.o str_len.o str_start.o uint16_pack.o \ - uint16_unpack.o uint32_pack.o uint32_unpack.o + uint16_unpack.o uint32_pack.o uint32_unpack.o ip6_fmt.o \ + scan_ip6.o scan_xlong.o fmt_xlong.o byte_chr.o: \ compile byte_chr.c byte.h @@ -181,11 +183,13 @@ compile delcr.c buffer.h exit.h dns.a: \ makelib dns_dfd.o dns_domain.o dns_dtda.o dns_ip.o dns_ipq.o \ dns_name.o dns_nd.o dns_packet.o dns_random.o dns_rcip.o dns_rcrw.o \ -dns_resolve.o dns_sortip.o dns_transmit.o dns_txt.o +dns_resolve.o dns_sortip.o dns_transmit.o dns_txt.o dns_ip6.o \ +dns_sortip6.o dns_nd6.o dns_ipq6.o ./makelib dns.a dns_dfd.o dns_domain.o dns_dtda.o dns_ip.o \ dns_ipq.o dns_name.o dns_nd.o dns_packet.o dns_random.o \ dns_rcip.o dns_rcrw.o dns_resolve.o dns_sortip.o \ - dns_transmit.o dns_txt.o + dns_transmit.o dns_txt.o dns_ip6.o dns_sortip6.o dns_nd6.o \ + dns_ipq6.o dns_dfd.o: \ compile dns_dfd.c error.h alloc.h byte.h dns.h stralloc.h gen_alloc.h \ @@ -257,7 +261,7 @@ taia.h tai.h uint64.h taia.h dns_transmit.o: \ compile dns_transmit.c socket.h uint16.h alloc.h error.h byte.h \ readwrite.h uint16.h dns.h stralloc.h gen_alloc.h iopause.h taia.h \ -tai.h uint64.h taia.h +tai.h uint64.h taia.h uint32.h ./compile dns_transmit.c dns_txt.o: \ @@ -498,9 +502,15 @@ exit.h fmt.h iopause.h taia.h tai.h uint64.h pathexec.h remoteinfo.o: \ compile remoteinfo.c fmt.h buffer.h socket.h uint16.h error.h \ iopause.h taia.h tai.h uint64.h timeoutconn.h uint16.h remoteinfo.h \ -stralloc.h gen_alloc.h uint16.h +stralloc.h gen_alloc.h uint16.h uint32.h ./compile remoteinfo.c +remoteinfo6.o: \ +compile remoteinfo6.c fmt.h buffer.h socket.h uint16.h error.h \ +iopause.h taia.h tai.h uint64.h timeoutconn.h uint16.h remoteinfo.h \ +stralloc.h gen_alloc.h uint16.h uint32.h + ./compile remoteinfo6.c + rts: \ warn-auto.sh rts.sh conf-home cat warn-auto.sh rts.sh \ @@ -557,43 +567,43 @@ trylsock.c compile load rm -f trylsock.o trylsock socket_accept.o: \ -compile socket_accept.c byte.h socket.h uint16.h +compile socket_accept.c byte.h socket.h uint16.h uint32.h ./compile socket_accept.c socket_bind.o: \ -compile socket_bind.c byte.h socket.h uint16.h +compile socket_bind.c byte.h socket.h uint16.h uint32.h ./compile socket_bind.c socket_conn.o: \ -compile socket_conn.c readwrite.h byte.h socket.h uint16.h +compile socket_conn.c readwrite.h byte.h socket.h uint16.h uint32.h ./compile socket_conn.c socket_delay.o: \ -compile socket_delay.c socket.h uint16.h +compile socket_delay.c socket.h uint16.h uint32.h ./compile socket_delay.c socket_listen.o: \ -compile socket_listen.c socket.h uint16.h +compile socket_listen.c socket.h uint16.h uint32.h ./compile socket_listen.c socket_local.o: \ -compile socket_local.c byte.h socket.h uint16.h +compile socket_local.c byte.h socket.h uint16.h uint32.h ./compile socket_local.c socket_opts.o: \ -compile socket_opts.c socket.h uint16.h +compile socket_opts.c socket.h uint16.h uint32.h ./compile socket_opts.c socket_remote.o: \ -compile socket_remote.c byte.h socket.h uint16.h +compile socket_remote.c byte.h socket.h uint16.h uint32.h ./compile socket_remote.c socket_tcp.o: \ -compile socket_tcp.c ndelay.h socket.h uint16.h +compile socket_tcp.c ndelay.h socket.h uint16.h uint32.h ./compile socket_tcp.c socket_udp.o: \ -compile socket_udp.c ndelay.h socket.h uint16.h +compile socket_udp.c ndelay.h socket.h uint16.h uint32.h ./compile socket_udp.c str_chr.o: \ @@ -710,9 +720,9 @@ warn-auto.sh tcpcat.sh conf-home chmod 755 tcpcat tcpclient: \ -load tcpclient.o remoteinfo.o timeoutconn.o dns.a time.a unix.a \ -byte.a socket.lib - ./load tcpclient remoteinfo.o timeoutconn.o dns.a time.a \ +load tcpclient.o remoteinfo6.o dns.a time.a unix.a \ +byte.a socket.lib byte.h timeoutconn6.o + ./load tcpclient remoteinfo6.o timeoutconn6.o dns.a time.a \ unix.a byte.a `cat socket.lib` tcpclient.o: \ @@ -720,7 +730,7 @@ compile tcpclient.c sig.h exit.h sgetopt.h subgetopt.h uint16.h fmt.h \ scan.h str.h ip4.h uint16.h socket.h uint16.h fd.h stralloc.h \ gen_alloc.h buffer.h error.h strerr.h pathexec.h timeoutconn.h \ uint16.h remoteinfo.h stralloc.h uint16.h dns.h stralloc.h iopause.h \ -taia.h tai.h uint64.h taia.h +taia.h tai.h uint64.h taia.h uint32.h ./compile tcpclient.c tcprules: \ @@ -742,9 +752,9 @@ stralloc.h gen_alloc.h ./compile tcprulescheck.c tcpserver: \ -load tcpserver.o rules.o remoteinfo.o timeoutconn.o cdb.a dns.a \ +load tcpserver.o rules.o remoteinfo6.o timeoutconn6.o cdb.a dns.a \ time.a unix.a byte.a socket.lib - ./load tcpserver rules.o remoteinfo.o timeoutconn.o cdb.a \ + ./load tcpserver rules.o remoteinfo6.o timeoutconn6.o cdb.a \ dns.a time.a unix.a byte.a `cat socket.lib` tcpserver.o: \ @@ -753,7 +763,7 @@ exit.h env.h prot.h open.h wait.h readwrite.h stralloc.h gen_alloc.h \ alloc.h buffer.h error.h strerr.h sgetopt.h subgetopt.h pathexec.h \ socket.h uint16.h ndelay.h remoteinfo.h stralloc.h uint16.h rules.h \ stralloc.h sig.h dns.h stralloc.h iopause.h taia.h tai.h uint64.h \ -taia.h +taia.h uint32.h ./compile tcpserver.c time.a: \ @@ -765,9 +775,14 @@ taia_less.o taia_now.o taia_pack.o taia_sub.o taia_uint.o timeoutconn.o: \ compile timeoutconn.c ndelay.h socket.h uint16.h iopause.h taia.h \ -tai.h uint64.h error.h timeoutconn.h uint16.h +tai.h uint64.h error.h timeoutconn.h uint16.h uint32.h ./compile timeoutconn.c +timeoutconn6.o: \ +compile timeoutconn6.c ndelay.h socket.h uint16.h iopause.h taia.h \ +tai.h uint64.h error.h timeoutconn.h uint16.h uint32.h + ./compile timeoutconn6.c + uint16_pack.o: \ compile uint16_pack.c uint16.h ./compile uint16_pack.c @@ -806,7 +821,12 @@ socket_conn.o socket_delay.o socket_listen.o socket_local.o \ socket_opts.o socket_remote.o socket_tcp.o socket_udp.o \ stralloc_cat.o stralloc_catb.o stralloc_cats.o stralloc_copy.o \ stralloc_eady.o stralloc_opyb.o stralloc_opys.o stralloc_pend.o \ -strerr_die.o strerr_sys.o subgetopt.o wait_nohang.o wait_pid.o +strerr_die.o strerr_sys.o subgetopt.o wait_nohang.o wait_pid.o \ +socket_conn6.o socket_bind6.o socket_accept6.o socket_recv6.o \ +socket_send6.o socket_local6.o socket_remote6.o socket_tcp6.o \ +socket_getifname.o socket_getifidx.o socket_v4mappedprefix.o \ +socket_ip4loopback.o socket_v6any.o socket_v6loopback.o \ +socket_udp6.o ./makelib unix.a alloc.o alloc_re.o buffer.o buffer_0.o \ buffer_1.o buffer_2.o buffer_copy.o buffer_get.o \ buffer_put.o env.o error.o error_str.o fd_copy.o fd_move.o \ @@ -819,7 +839,12 @@ strerr_die.o strerr_sys.o subgetopt.o wait_nohang.o wait_pid.o socket_udp.o stralloc_cat.o stralloc_catb.o stralloc_cats.o \ stralloc_copy.o stralloc_eady.o stralloc_opyb.o \ stralloc_opys.o stralloc_pend.o strerr_die.o strerr_sys.o \ - subgetopt.o wait_nohang.o wait_pid.o + subgetopt.o wait_nohang.o wait_pid.o socket_conn6.o \ + socket_bind6.o socket_accept6.o socket_recv6.o socket_send6.o \ + socket_local6.o socket_remote6.o socket_tcp6.o \ + socket_getifname.o socket_getifidx.o socket_v4mappedprefix.o \ + socket_ip4loopback.o socket_v6any.o socket_v6loopback.o \ + socket_udp6.o wait_nohang.o: \ compile wait_nohang.c haswaitp.h @@ -835,3 +860,110 @@ warn-auto.sh who@.sh conf-home | sed s}HOME}"`head -1 conf-home`"}g \ > who@ chmod 755 who@ + +socket_conn6.o: \ +compile socket_conn6.c socket.h uint16.h haveip6.h error.h ip6.h \ +uint32.h + ./compile socket_conn6.c + +socket_bind6.o: \ +compile socket_bind6.c socket.h uint16.h haveip6.h error.h ip6.h \ +uint32.h + ./compile socket_bind6.c + +socket_accept6.o: \ +compile socket_accept6.c socket.h uint16.h haveip6.h error.h ip6.h \ +uint32.h + ./compile socket_accept6.c + +socket_recv6.o: \ +compile socket_recv6.c socket.h uint16.h haveip6.h error.h ip6.h \ +uint32.h + ./compile socket_recv6.c + +socket_send6.o: \ +compile socket_send6.c socket.h uint16.h haveip6.h error.h uint32.h + ./compile socket_send6.c + +socket_local6.o: \ +compile socket_local6.c socket.h uint16.h haveip6.h error.h uint32.h + ./compile socket_local6.c + +socket_remote6.o: \ +compile socket_remote6.c socket.h uint16.h haveip6.h error.h uint32.h + ./compile socket_remote6.c + +dns_sortip6.o: \ +compile dns_sortip6.c byte.h dns.h stralloc.h gen_alloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile dns_sortip6.c + +dns_nd6.o: \ +compile dns_nd6.c byte.h fmt.h dns.h stralloc.h gen_alloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile dns_nd6.c + +dns_ipq6.o: \ +compile dns_ipq6.c stralloc.h gen_alloc.h case.h byte.h str.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h ip6.h + ./compile dns_ipq6.c + +dns_ip6.o: \ +compile dns_ip6.c stralloc.h gen_alloc.h uint16.h byte.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_ip6.c + +fmt_xlong.o: \ +compile fmt_xlong.c scan.h + ./compile fmt_xlong.c + +scan_xlong.o: \ +compile scan_xlong.c scan.h + ./compile scan_xlong.c + +ip6_fmt.o: \ +compile ip6_fmt.c fmt.h ip6.h + ./compile ip6_fmt.c + +scan_ip6.o: \ +compile scan_ip6.c scan.h ip6.h + ./compile scan_ip6.c + +socket_tcp6.o: \ +compile socket_tcp6.c ndelay.h socket.h uint16.h haveip6.h uint32.h + ./compile socket_tcp6.c + +socket_udp6.o: \ +compile socket_udp6.c ndelay.h socket.h uint16.h haveip6.h uint32.h + ./compile socket_udp6.c + +haveip6.h: \ +tryip6.c choose compile haveip6.h1 haveip6.h2 + ./choose c tryip6 haveip6.h1 haveip6.h2 > haveip6.h + +socket_getifname.o: \ +compile socket_getifname.c socket.h uint16.h uint32.h + ./compile socket_getifname.c + +socket_getifidx.o: \ +compile socket_getifidx.c socket.h uint16.h uint32.h + ./compile socket_getifidx.c + +socket_ip4loopback.o: \ +compile socket_ip4loopback.c + ./compile socket_ip4loopback.c + +socket_v4mappedprefix.o: \ +compile socket_v4mappedprefix.c + ./compile socket_v4mappedprefix.c + +socket_v6any.o: \ +compile socket_v6any.c + ./compile socket_v6any.c + +socket_v6loopback.o: \ +compile socket_v6loopback.c + ./compile socket_v6loopback.c + +clean: + rm -f `cat TARGETS` diff --git a/ucspi-tcp-0.88/TARGETS b/ucspi-tcp-0.88/TARGETS index 4d1f2a0..0385f96 100644 --- a/ucspi-tcp-0.88/TARGETS +++ b/ucspi-tcp-0.88/TARGETS @@ -169,3 +169,31 @@ instcheck it setup check +dns_ip6.o +dns_ipq6.o +dns_nd6.o +dns_sortip6.o +fmt_xlong.o +ip6_fmt.o +ip6_scan.o +scan_0x.o +socket_accept6.o +socket_bind6.o +socket_conn6.o +socket_local6.o +socket_recv6.o +socket_remote6.o +socket_send6.o +socket_tcp6.o +timeoutconn6.o +haveip6.h +remoteinfo6.o +socket_getifidx.o +socket_getifname.o +scan_ip6.o +scan_xlong.o +socket_ip4loopback.o +socket_udp6.o +socket_v4mappedprefix.o +socket_v6any.o +socket_v6loopback.o diff --git a/ucspi-tcp-0.88/dns.h b/ucspi-tcp-0.88/dns.h index 0948b1a..f06c5a8 100644 --- a/ucspi-tcp-0.88/dns.h +++ b/ucspi-tcp-0.88/dns.h @@ -34,51 +34,60 @@ struct dns_transmit { unsigned int curserver; struct taia deadline; unsigned int pos; - char *servers; - char localip[4]; + const char *servers; + char localip[16]; + unsigned int scope_id; char qtype[2]; } ; -extern void dns_random_init(char *); +extern void dns_random_init(const char *); extern unsigned int dns_random(unsigned int); extern void dns_sortip(char *,unsigned int); +extern void dns_sortip6(char *,unsigned int); extern void dns_domain_free(char **); -extern int dns_domain_copy(char **,char *); -extern unsigned int dns_domain_length(char *); -extern int dns_domain_equal(char *,char *); -extern char *dns_domain_suffix(char *,char *); -extern int dns_domain_fromdot(char **,char *,unsigned int); -extern int dns_domain_todot_cat(stralloc *,char *); +extern int dns_domain_copy(char **,const char *); +extern unsigned int dns_domain_length(const char *); +extern int dns_domain_equal(const char *,const char *); +extern int dns_domain_suffix(const char *,const char *); +extern unsigned int dns_domain_suffixpos(const char *,const char *); +extern int dns_domain_fromdot(char **,const char *,unsigned int); +extern int dns_domain_todot_cat(stralloc *,const char *); -extern unsigned int dns_packet_copy(char *,unsigned int,unsigned int,char *,unsigned int); -extern unsigned int dns_packet_getname(char *,unsigned int,unsigned int,char **); -extern unsigned int dns_packet_skipname(char *,unsigned int,unsigned int); -extern int dns_packet_nameequal(char *,unsigned int,unsigned int,char *,unsigned int,unsigned int); +extern unsigned int dns_packet_copy(const char *,unsigned int,unsigned int,char *,unsigned int); +extern unsigned int dns_packet_getname(const char *,unsigned int,unsigned int,char **); +extern unsigned int dns_packet_skipname(const char *,unsigned int,unsigned int); -extern int dns_transmit_start(struct dns_transmit *,char *,int,char *,char *,char *); +extern int dns_transmit_start(struct dns_transmit *,const char *,int,const char *,const char *,const char *); extern void dns_transmit_free(struct dns_transmit *); extern void dns_transmit_io(struct dns_transmit *,iopause_fd *,struct taia *); -extern int dns_transmit_get(struct dns_transmit *,iopause_fd *,struct taia *); +extern int dns_transmit_get(struct dns_transmit *,const iopause_fd *,const struct taia *); extern int dns_resolvconfip(char *); -extern int dns_resolve(char *,char *); +extern int dns_resolve(const char *,const char *); extern struct dns_transmit dns_resolve_tx; -extern int dns_ip4_packet(stralloc *,char *,unsigned int); -extern int dns_ip4(stralloc *,stralloc *); -extern int dns_name_packet(stralloc *,char *,unsigned int); -extern void dns_name4_domain(char *,char *); +extern int dns_ip4_packet(stralloc *,const char *,unsigned int); +extern int dns_ip4(stralloc *,const stralloc *); +extern int dns_ip6_packet(stralloc *,const char *,unsigned int); +extern int dns_ip6(stralloc *,stralloc *); +extern int dns_name_packet(stralloc *,const char *,unsigned int); +extern void dns_name4_domain(char *,const char *); #define DNS_NAME4_DOMAIN 31 -extern int dns_name4(stralloc *,char *); -extern int dns_txt_packet(stralloc *,char *,unsigned int); -extern int dns_txt(stralloc *,stralloc *); -extern int dns_mx_packet(stralloc *,char *,unsigned int); -extern int dns_mx(stralloc *,stralloc *); +extern int dns_name4(stralloc *,const char *); +extern int dns_txt_packet(stralloc *,const char *,unsigned int); +extern int dns_txt(stralloc *,const stralloc *); +extern int dns_mx_packet(stralloc *,const char *,unsigned int); +extern int dns_mx(stralloc *,const stralloc *); extern int dns_resolvconfrewrite(stralloc *); -extern int dns_ip4_qualify_rules(stralloc *,stralloc *,stralloc *,stralloc *); -extern int dns_ip4_qualify(stralloc *,stralloc *,stralloc *); +extern int dns_ip4_qualify_rules(stralloc *,stralloc *,const stralloc *,const stralloc *); +extern int dns_ip4_qualify(stralloc *,stralloc *,const stralloc *); +extern int dns_ip6_qualify_rules(stralloc *,stralloc *,const stralloc *,const stralloc *); +extern int dns_ip6_qualify(stralloc *,stralloc *,const stralloc *); + +extern int dns_name6_domain(char *,char *); +#define DNS_NAME6_DOMAIN (4*16+11) #endif diff --git a/ucspi-tcp-0.88/dns_dfd.c b/ucspi-tcp-0.88/dns_dfd.c index 14a29d8..c924718 100644 --- a/ucspi-tcp-0.88/dns_dfd.c +++ b/ucspi-tcp-0.88/dns_dfd.c @@ -1,9 +1,10 @@ -#include "error.h" -#include "alloc.h" +#include +#include #include "byte.h" #include "dns.h" +#include "error.h" -int dns_domain_fromdot(char **out,char *buf,unsigned int n) +int dns_domain_fromdot(char **out,const char *buf,unsigned int n) { char label[63]; unsigned int labellen = 0; /* <= sizeof label */ @@ -59,11 +60,11 @@ int dns_domain_fromdot(char **out,char *buf,unsigned int n) if (namelen + 1 > sizeof name) return 0; name[namelen++] = 0; - x = alloc(namelen); + x = malloc(namelen); if (!x) return 0; byte_copy(x,namelen,name); - if (*out) alloc_free(*out); + if (*out) free(*out); *out = x; return 1; } diff --git a/ucspi-tcp-0.88/dns_domain.c b/ucspi-tcp-0.88/dns_domain.c index f898485..80ac5ea 100644 --- a/ucspi-tcp-0.88/dns_domain.c +++ b/ucspi-tcp-0.88/dns_domain.c @@ -1,16 +1,15 @@ -#include "error.h" -#include "alloc.h" +#include #include "case.h" #include "byte.h" #include "dns.h" -unsigned int dns_domain_length(char *dn) +unsigned int dns_domain_length(const char *dn) { - char *x; + const char *x; unsigned char c; x = dn; - while (c = *x++) + while ((c = *x++)) x += (unsigned int) c; return x - dn; } @@ -18,26 +17,26 @@ unsigned int dns_domain_length(char *dn) void dns_domain_free(char **out) { if (*out) { - alloc_free(*out); + free(*out); *out = 0; } } -int dns_domain_copy(char **out,char *in) +int dns_domain_copy(char **out,const char *in) { unsigned int len; char *x; len = dns_domain_length(in); - x = alloc(len); + x = malloc(len); if (!x) return 0; byte_copy(x,len,in); - if (*out) alloc_free(*out); + if (*out) free(*out); *out = x; return 1; } -int dns_domain_equal(char *dn1,char *dn2) +int dns_domain_equal(const char *dn1,const char *dn2) { unsigned int len; @@ -48,12 +47,25 @@ int dns_domain_equal(char *dn1,char *dn2) return 1; } -char *dns_domain_suffix(char *big,char *little) +int dns_domain_suffix(const char *big,const char *little) +{ + unsigned char c; + + for (;;) { + if (dns_domain_equal(big,little)) return 1; + c = *big++; + if (!c) return 0; + big += c; + } +} + +unsigned int dns_domain_suffixpos(const char *big,const char *little) { + const char *orig = big; unsigned char c; for (;;) { - if (dns_domain_equal(big,little)) return big; + if (dns_domain_equal(big,little)) return big - orig; c = *big++; if (!c) return 0; big += c; diff --git a/ucspi-tcp-0.88/dns_dtda.c b/ucspi-tcp-0.88/dns_dtda.c index 00b41a1..ba1db4f 100644 --- a/ucspi-tcp-0.88/dns_dtda.c +++ b/ucspi-tcp-0.88/dns_dtda.c @@ -1,7 +1,7 @@ #include "stralloc.h" #include "dns.h" -int dns_domain_todot_cat(stralloc *out,char *d) +int dns_domain_todot_cat(stralloc *out,const char *d) { char ch; char ch2; diff --git a/ucspi-tcp-0.88/dns_ip.c b/ucspi-tcp-0.88/dns_ip.c index fb0526c..e7c3a9a 100644 --- a/ucspi-tcp-0.88/dns_ip.c +++ b/ucspi-tcp-0.88/dns_ip.c @@ -3,7 +3,7 @@ #include "byte.h" #include "dns.h" -int dns_ip4_packet(stralloc *out,char *buf,unsigned int len) +int dns_ip4_packet(stralloc *out,const char *buf,unsigned int len) { unsigned int pos; char header[12]; @@ -36,7 +36,7 @@ int dns_ip4_packet(stralloc *out,char *buf,unsigned int len) static char *q = 0; -int dns_ip4(stralloc *out,stralloc *fqdn) +int dns_ip4(stralloc *out,const stralloc *fqdn) { unsigned int i; char code; diff --git a/ucspi-tcp-0.88/dns_ipq.c b/ucspi-tcp-0.88/dns_ipq.c index 8181ab7..5b65e23 100644 --- a/ucspi-tcp-0.88/dns_ipq.c +++ b/ucspi-tcp-0.88/dns_ipq.c @@ -4,7 +4,7 @@ #include "str.h" #include "dns.h" -static int doit(stralloc *work,char *rule) +static int doit(stralloc *work,const char *rule) { char ch; unsigned int colon; @@ -30,7 +30,7 @@ static int doit(stralloc *work,char *rule) return stralloc_cats(work,rule + colon + 1); } -int dns_ip4_qualify_rules(stralloc *out,stralloc *fqdn,stralloc *in,stralloc *rules) +int dns_ip4_qualify_rules(stralloc *out,stralloc *fqdn,const stralloc *in,const stralloc *rules) { unsigned int i; unsigned int j; @@ -63,7 +63,7 @@ int dns_ip4_qualify_rules(stralloc *out,stralloc *fqdn,stralloc *in,stralloc *ru } } -int dns_ip4_qualify(stralloc *out,stralloc *fqdn,stralloc *in) +int dns_ip4_qualify(stralloc *out,stralloc *fqdn,const stralloc *in) { static stralloc rules; if (dns_resolvconfrewrite(&rules) == -1) return -1; diff --git a/ucspi-tcp-0.88/dns_name.c b/ucspi-tcp-0.88/dns_name.c index dcb10c7..1f03186 100644 --- a/ucspi-tcp-0.88/dns_name.c +++ b/ucspi-tcp-0.88/dns_name.c @@ -2,10 +2,11 @@ #include "uint16.h" #include "byte.h" #include "dns.h" +#include "ip6.h" static char *q = 0; -int dns_name_packet(stralloc *out,char *buf,unsigned int len) +int dns_name_packet(stralloc *out,const char *buf,unsigned int len) { unsigned int pos; char header[12]; @@ -35,7 +36,7 @@ int dns_name_packet(stralloc *out,char *buf,unsigned int len) return 0; } -int dns_name4(stralloc *out,char ip[4]) +int dns_name4(stralloc *out,const char ip[4]) { char name[DNS_NAME4_DOMAIN]; @@ -46,3 +47,17 @@ int dns_name4(stralloc *out,char ip[4]) dns_domain_free(&q); return 0; } + +int dns_name6(stralloc *out,char ip[16]) +{ + char name[DNS_NAME6_DOMAIN]; + + if (ip6_isv4mapped(ip)) + return dns_name4(out,ip+12); + dns_name6_domain(name,ip); + if (dns_resolve(name,DNS_T_PTR) == -1) return -1; + if (dns_name_packet(out,dns_resolve_tx.packet,dns_resolve_tx.packetlen) == -1) return -1; + dns_transmit_free(&dns_resolve_tx); + dns_domain_free(&q); + return 0; +} diff --git a/ucspi-tcp-0.88/dns_nd.c b/ucspi-tcp-0.88/dns_nd.c index 279d74d..aa54e5d 100644 --- a/ucspi-tcp-0.88/dns_nd.c +++ b/ucspi-tcp-0.88/dns_nd.c @@ -2,7 +2,7 @@ #include "fmt.h" #include "dns.h" -void dns_name4_domain(char name[DNS_NAME4_DOMAIN],char ip[4]) +void dns_name4_domain(char name[DNS_NAME4_DOMAIN],const char ip[4]) { unsigned int namelen; unsigned int i; diff --git a/ucspi-tcp-0.88/dns_packet.c b/ucspi-tcp-0.88/dns_packet.c index 04a2cc8..72cfb35 100644 --- a/ucspi-tcp-0.88/dns_packet.c +++ b/ucspi-tcp-0.88/dns_packet.c @@ -2,10 +2,11 @@ DNS should have used LZ77 instead of its own sophomoric compression algorithm. */ -#include "error.h" +#include #include "dns.h" +#include "error.h" -unsigned int dns_packet_copy(char *buf,unsigned int len,unsigned int pos,char *out,unsigned int outlen) +unsigned int dns_packet_copy(const char *buf,unsigned int len,unsigned int pos,char *out,unsigned int outlen) { while (outlen) { if (pos >= len) { errno = error_proto; return 0; } @@ -15,7 +16,7 @@ unsigned int dns_packet_copy(char *buf,unsigned int len,unsigned int pos,char *o return pos; } -unsigned int dns_packet_skipname(char *buf,unsigned int len,unsigned int pos) +unsigned int dns_packet_skipname(const char *buf,unsigned int len,unsigned int pos) { unsigned char ch; @@ -32,7 +33,7 @@ unsigned int dns_packet_skipname(char *buf,unsigned int len,unsigned int pos) return 0; } -unsigned int dns_packet_getname(char *buf,unsigned int len,unsigned int pos,char **d) +unsigned int dns_packet_getname(const char *buf,unsigned int len,unsigned int pos,char **d) { unsigned int loop = 0; unsigned int state = 0; diff --git a/ucspi-tcp-0.88/dns_random.c b/ucspi-tcp-0.88/dns_random.c index b9892b4..2158ed4 100644 --- a/ucspi-tcp-0.88/dns_random.c +++ b/ucspi-tcp-0.88/dns_random.c @@ -1,3 +1,4 @@ +#include #include "dns.h" #include "taia.h" #include "uint32.h" @@ -29,7 +30,7 @@ static void surf(void) } } -void dns_random_init(char data[128]) +void dns_random_init(const char data[128]) { int i; struct taia t; diff --git a/ucspi-tcp-0.88/dns_rcip.c b/ucspi-tcp-0.88/dns_rcip.c index 2356c8b..794f6be 100644 --- a/ucspi-tcp-0.88/dns_rcip.c +++ b/ucspi-tcp-0.88/dns_rcip.c @@ -2,12 +2,13 @@ #include "openreadclose.h" #include "byte.h" #include "ip4.h" -#include "env.h" +#include "ip6.h" #include "dns.h" +#include "env.h" static stralloc data = {0}; -static int init(char ip[64]) +static int init(char ip[256]) { int i; int j; @@ -16,15 +17,16 @@ static int init(char ip[64]) x = env_get("DNSCACHEIP"); if (x) - while (iplen <= 60) + while (iplen <= 60) { if (*x == '.') ++x; else { - i = ip4_scan(x,ip + iplen); + i = scan_ip6(x,ip + iplen); if (!i) break; x += i; - iplen += 4; + iplen += 16; } + } if (!iplen) { i = openreadclose("/etc/resolv.conf",&data,64); @@ -39,8 +41,9 @@ static int init(char ip[64]) while ((data.s[i] == ' ') || (data.s[i] == '\t')) ++i; if (iplen <= 60) - if (ip4_scan(data.s + i,ip + iplen)) - iplen += 4; + if (scan_ip6(data.s + i,ip + iplen)) { + iplen += 16; + } } i = j + 1; } @@ -48,19 +51,19 @@ static int init(char ip[64]) } if (!iplen) { - byte_copy(ip,4,"\177\0\0\1"); - iplen = 4; + byte_copy(ip,16,"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1"); + iplen = 16; } - byte_zero(ip + iplen,64 - iplen); + byte_zero(ip + iplen,256 - iplen); return 0; } static int ok = 0; static unsigned int uses; static struct taia deadline; -static char ip[64]; /* defined if ok */ +static char ip[256]; /* defined if ok */ -int dns_resolvconfip(char s[64]) +int dns_resolvconfip(char s[256]) { struct taia now; @@ -77,6 +80,6 @@ int dns_resolvconfip(char s[64]) } --uses; - byte_copy(s,64,ip); + byte_copy(s,256,ip); return 0; } diff --git a/ucspi-tcp-0.88/dns_rcrw.c b/ucspi-tcp-0.88/dns_rcrw.c index 6f215ac..b0c8e6d 100644 --- a/ucspi-tcp-0.88/dns_rcrw.c +++ b/ucspi-tcp-0.88/dns_rcrw.c @@ -1,16 +1,17 @@ +#include #include "taia.h" -#include "env.h" #include "byte.h" #include "str.h" #include "openreadclose.h" #include "dns.h" +#include "env.h" static stralloc data = {0}; static int init(stralloc *rules) { char host[256]; - char *x; + const char *x; int i; int j; int k; diff --git a/ucspi-tcp-0.88/dns_resolve.c b/ucspi-tcp-0.88/dns_resolve.c index 3365c00..82b5bbb 100644 --- a/ucspi-tcp-0.88/dns_resolve.c +++ b/ucspi-tcp-0.88/dns_resolve.c @@ -2,19 +2,20 @@ #include "taia.h" #include "byte.h" #include "dns.h" +#include "ip6.h" struct dns_transmit dns_resolve_tx = {0}; -int dns_resolve(char *q,char qtype[2]) +int dns_resolve(const char *q,const char qtype[2]) { struct taia stamp; struct taia deadline; - char servers[64]; + char servers[256]; iopause_fd x[1]; int r; if (dns_resolvconfip(servers) == -1) return -1; - if (dns_transmit_start(&dns_resolve_tx,servers,1,q,qtype,"\0\0\0\0") == -1) return -1; + if (dns_transmit_start(&dns_resolve_tx,servers,1,q,qtype,V6any) == -1) return -1; for (;;) { taia_now(&stamp); diff --git a/ucspi-tcp-0.88/dns_transmit.c b/ucspi-tcp-0.88/dns_transmit.c index df12826..9511511 100644 --- a/ucspi-tcp-0.88/dns_transmit.c +++ b/ucspi-tcp-0.88/dns_transmit.c @@ -1,12 +1,15 @@ +#include +#include +#include +#include #include "socket.h" -#include "alloc.h" -#include "error.h" +#include #include "byte.h" -#include "readwrite.h" #include "uint16.h" #include "dns.h" +#include "ip6.h" -static int serverwantstcp(char *buf,unsigned int len) +static int serverwantstcp(const char *buf,unsigned int len) { char out[12]; @@ -15,7 +18,7 @@ static int serverwantstcp(char *buf,unsigned int len) return 0; } -static int serverfailed(char *buf,unsigned int len) +static int serverfailed(const char *buf,unsigned int len) { char out[12]; unsigned int rcode; @@ -23,11 +26,11 @@ static int serverfailed(char *buf,unsigned int len) if (!dns_packet_copy(buf,len,0,out,12)) return 1; rcode = out[3]; rcode &= 15; - if (rcode && (rcode != 3)) { errno = error_again; return 1; } + if (rcode && (rcode != 3)) { errno = EAGAIN; return 1; } return 0; } -static int irrelevant(struct dns_transmit *d,char *buf,unsigned int len) +static int irrelevant(const struct dns_transmit *d,const char *buf,unsigned int len) { char out[12]; char *dn; @@ -40,8 +43,8 @@ static int irrelevant(struct dns_transmit *d,char *buf,unsigned int len) dn = 0; pos = dns_packet_getname(buf,len,pos,&dn); if (!pos) return 1; - if (!dns_domain_equal(dn,d->query + 14)) { alloc_free(dn); return 1; } - alloc_free(dn); + if (!dns_domain_equal(dn,d->query + 14)) { free(dn); return 1; } + free(dn); pos = dns_packet_copy(buf,len,pos,out,4); if (!pos) return 1; if (byte_diff(out,2,d->qtype)) return 1; @@ -53,14 +56,14 @@ static int irrelevant(struct dns_transmit *d,char *buf,unsigned int len) static void packetfree(struct dns_transmit *d) { if (!d->packet) return; - alloc_free(d->packet); + free(d->packet); d->packet = 0; } static void queryfree(struct dns_transmit *d) { if (!d->query) return; - alloc_free(d->query); + free(d->query); d->query = 0; } @@ -83,9 +86,9 @@ static int randombind(struct dns_transmit *d) int j; for (j = 0;j < 10;++j) - if (socket_bind4(d->s1 - 1,d->localip,1025 + dns_random(64510)) == 0) + if (socket_bind6(d->s1 - 1,d->localip,1025 + dns_random(64510),d->scope_id) == 0) return 0; - if (socket_bind4(d->s1 - 1,d->localip,0) == 0) + if (socket_bind6(d->s1 - 1,d->localip,0,d->scope_id) == 0) return 0; return -1; } @@ -94,22 +97,22 @@ static const int timeouts[4] = { 1, 3, 11, 45 }; static int thisudp(struct dns_transmit *d) { - char *ip; + const char *ip; socketfree(d); while (d->udploop < 4) { for (;d->curserver < 16;++d->curserver) { - ip = d->servers + 4 * d->curserver; - if (byte_diff(ip,4,"\0\0\0\0")) { + ip = d->servers + 16 * d->curserver; + if (byte_diff(ip,16,V6any)) { d->query[2] = dns_random(256); d->query[3] = dns_random(256); - d->s1 = 1 + socket_udp(); + d->s1 = 1 + socket_udp6(); if (!d->s1) { dns_transmit_free(d); return -1; } if (randombind(d) == -1) { dns_transmit_free(d); return -1; } - if (socket_connect4(d->s1 - 1,ip,53) == 0) + if (socket_connect6(d->s1 - 1,ip,53,d->scope_id) == 0) if (send(d->s1 - 1,d->query + 2,d->querylen - 2,0) == d->querylen - 2) { struct taia now; taia_now(&now); @@ -145,29 +148,29 @@ static int nextudp(struct dns_transmit *d) static int thistcp(struct dns_transmit *d) { struct taia now; - char *ip; + const char *ip; socketfree(d); packetfree(d); for (;d->curserver < 16;++d->curserver) { - ip = d->servers + 4 * d->curserver; - if (byte_diff(ip,4,"\0\0\0\0")) { + ip = d->servers + 16 * d->curserver; + if (byte_diff(ip,16,V6any)) { d->query[2] = dns_random(256); d->query[3] = dns_random(256); - d->s1 = 1 + socket_tcp(); + d->s1 = 1 + socket_tcp6(); if (!d->s1) { dns_transmit_free(d); return -1; } if (randombind(d) == -1) { dns_transmit_free(d); return -1; } taia_now(&now); taia_uint(&d->deadline,10); taia_add(&d->deadline,&d->deadline,&now); - if (socket_connect4(d->s1 - 1,ip,53) == 0) { + if (socket_connect6(d->s1 - 1,ip,53,d->scope_id) == 0) { d->tcpstate = 2; return 0; } - if ((errno == error_inprogress) || (errno == error_wouldblock)) { + if ((errno == EINPROGRESS) || (errno == EWOULDBLOCK)) { d->tcpstate = 1; return 0; } @@ -191,16 +194,16 @@ static int nexttcp(struct dns_transmit *d) return thistcp(d); } -int dns_transmit_start(struct dns_transmit *d,char servers[64],int flagrecursive,char *q,char qtype[2],char localip[4]) +int dns_transmit_start(struct dns_transmit *d,const char servers[256],int flagrecursive,const char *q,const char qtype[2],const char localip[16]) { unsigned int len; dns_transmit_free(d); - errno = error_io; + errno = EIO; len = dns_domain_length(q); d->querylen = len + 18; - d->query = alloc(d->querylen); + d->query = malloc(d->querylen); if (!d->query) return -1; uint16_pack_big(d->query,len + 16); @@ -211,7 +214,7 @@ int dns_transmit_start(struct dns_transmit *d,char servers[64],int flagrecursive byte_copy(d->qtype,2,qtype); d->servers = servers; - byte_copy(d->localip,4,localip); + byte_copy(d->localip,16,localip); d->udploop = flagrecursive ? 1 : 0; @@ -236,19 +239,19 @@ void dns_transmit_io(struct dns_transmit *d,iopause_fd *x,struct taia *deadline) *deadline = d->deadline; } -int dns_transmit_get(struct dns_transmit *d,iopause_fd *x,struct taia *when) +int dns_transmit_get(struct dns_transmit *d,const iopause_fd *x,const struct taia *when) { char udpbuf[513]; unsigned char ch; int r; int fd; - errno = error_io; + errno = EIO; fd = d->s1 - 1; if (!x->revents) { if (taia_less(when,&d->deadline)) return 0; - errno = error_timeout; + errno = ETIMEDOUT; if (d->tcpstate == 0) return nextudp(d); return nexttcp(d); } @@ -260,7 +263,7 @@ have sent query to curserver on UDP socket s */ r = recv(fd,udpbuf,sizeof udpbuf,0); if (r <= 0) { - if (d->udploop == 2) return 0; + if (errno == ECONNREFUSED) if (d->udploop == 2) return 0; return nextudp(d); } if (r + 1 > sizeof udpbuf) return 0; @@ -274,7 +277,7 @@ have sent query to curserver on UDP socket s socketfree(d); d->packetlen = r; - d->packet = alloc(d->packetlen); + d->packet = malloc(d->packetlen); if (!d->packet) { dns_transmit_free(d); return -1; } byte_copy(d->packet,d->packetlen,udpbuf); queryfree(d); @@ -334,7 +337,7 @@ have received one byte of packet length into packetlen d->packetlen += ch; d->tcpstate = 5; d->pos = 0; - d->packet = alloc(d->packetlen); + d->packet = malloc(d->packetlen); if (!d->packet) { dns_transmit_free(d); return -1; } return 0; } diff --git a/ucspi-tcp-0.88/dns_txt.c b/ucspi-tcp-0.88/dns_txt.c index 263b641..44deafe 100644 --- a/ucspi-tcp-0.88/dns_txt.c +++ b/ucspi-tcp-0.88/dns_txt.c @@ -3,7 +3,7 @@ #include "byte.h" #include "dns.h" -int dns_txt_packet(stralloc *out,char *buf,unsigned int len) +int dns_txt_packet(stralloc *out,const char *buf,unsigned int len) { unsigned int pos; char header[12]; @@ -48,7 +48,7 @@ int dns_txt_packet(stralloc *out,char *buf,unsigned int len) static char *q = 0; -int dns_txt(stralloc *out,stralloc *fqdn) +int dns_txt(stralloc *out,const stralloc *fqdn) { if (!dns_domain_fromdot(&q,fqdn->s,fqdn->len)) return -1; if (dns_resolve(q,DNS_T_TXT) == -1) return -1; diff --git a/ucspi-tcp-0.88/hier.c b/ucspi-tcp-0.88/hier.c index 5663ada..546cc6d 100644 --- a/ucspi-tcp-0.88/hier.c +++ b/ucspi-tcp-0.88/hier.c @@ -4,6 +4,9 @@ void hier() { h(auto_home,-1,-1,02755); d(auto_home,"bin",-1,-1,02755); + d(auto_home,"man",-1,-1,02755); + d(auto_home,"man/man1",-1,-1,02755); + d(auto_home,"man/man5",-1,-1,02755); c(auto_home,"bin","tcpserver",-1,-1,0755); c(auto_home,"bin","tcprules",-1,-1,0755); @@ -22,4 +25,20 @@ void hier() c(auto_home,"bin","delcr",-1,-1,0755); c(auto_home,"bin","fixcrio",-1,-1,0755); c(auto_home,"bin","rblsmtpd",-1,-1,0755); + + c(auto_home,"man/man1","tcpclient.1",-1,-1,0644); + c(auto_home,"man/man1","tcpserver.1",-1,-1,0644); + c(auto_home,"man/man1","tcprules.1",-1,-1,0644); + c(auto_home,"man/man1","tcprulescheck.1",-1,-1,0644); + c(auto_home,"man/man1","fixcr.1",-1,-1,0644); + c(auto_home,"man/man1","addcr.1",-1,-1,0644); + c(auto_home,"man/man1","delcr.1",-1,-1,0644); + c(auto_home,"man/man1","who@.1",-1,-1,0644); + c(auto_home,"man/man1","date@.1",-1,-1,0644); + c(auto_home,"man/man1","finger@.1",-1,-1,0644); + c(auto_home,"man/man1","http@.1",-1,-1,0644); + c(auto_home,"man/man1","mconnect.1",-1,-1,0644); + c(auto_home,"man/man1","argv0.1",-1,-1,0644); + c(auto_home,"man/man1","recordio.1",-1,-1,0644); + c(auto_home,"man/man5","tcp-environ.5",-1,-1,0644); } diff --git a/ucspi-tcp-0.88/ip4.h b/ucspi-tcp-0.88/ip4.h index 64a7c1e..b906557 100644 --- a/ucspi-tcp-0.88/ip4.h +++ b/ucspi-tcp-0.88/ip4.h @@ -6,4 +6,6 @@ extern unsigned int ip4_fmt(char *,char *); #define IP4_FMT 20 +extern const char ip4loopback[4]; /* = {127,0,0,1}; */ + #endif diff --git a/ucspi-tcp-0.88/pathexec.h b/ucspi-tcp-0.88/pathexec.h index 6fcbb89..bef93b4 100644 --- a/ucspi-tcp-0.88/pathexec.h +++ b/ucspi-tcp-0.88/pathexec.h @@ -2,7 +2,7 @@ #define PATHEXEC_H extern void pathexec_run(char *,char **,char **); -extern int pathexec_env(char *,char *); +extern int pathexec_env(const char *,const char *); extern void pathexec(char **); #endif diff --git a/ucspi-tcp-0.88/pathexec_env.c b/ucspi-tcp-0.88/pathexec_env.c index 48bba7e..157e71b 100644 --- a/ucspi-tcp-0.88/pathexec_env.c +++ b/ucspi-tcp-0.88/pathexec_env.c @@ -8,7 +8,7 @@ static stralloc plus; static stralloc tmp; -int pathexec_env(char *s,char *t) +int pathexec_env(const char *s,const char *t) { if (!s) return 1; if (!stralloc_copys(&tmp,s)) return 0; @@ -22,7 +22,6 @@ int pathexec_env(char *s,char *t) void pathexec(char **argv) { - char *path; char **e; unsigned int elen; unsigned int i; diff --git a/ucspi-tcp-0.88/rblsmtpd.c b/ucspi-tcp-0.88/rblsmtpd.c index cc8ba2e..200a345 100644 --- a/ucspi-tcp-0.88/rblsmtpd.c +++ b/ucspi-tcp-0.88/rblsmtpd.c @@ -25,26 +25,58 @@ void usage(void) strerr_die1x(100,"rblsmtpd: usage: rblsmtpd [ -b ] [ -R ] [ -t timeout ] [ -r base ] [ -a base ] smtpd [ arg ... ]"); } +char *tcp_proto; char *ip_env; static stralloc ip_reverse; +static inline char tohex(char c) { + return c>=10?c-10+'a':c+'0'; +} + void ip_init(void) { unsigned int i; unsigned int j; + unsigned char remoteip[16]; + char hexval; + tcp_proto = env_get("PROTO"); + if (!tcp_proto) tcp_proto = ""; ip_env = env_get("TCPREMOTEIP"); if (!ip_env) ip_env = ""; if (!stralloc_copys(&ip_reverse,"")) nomem(); i = str_len(ip_env); - while (i) { - for (j = i;j > 0;--j) if (ip_env[j - 1] == '.') break; - if (!stralloc_catb(&ip_reverse,ip_env + j,i - j)) nomem(); - if (!stralloc_cats(&ip_reverse,".")) nomem(); - if (!j) break; - i = j - 1; + if (str_diff(tcp_proto, "TCP6") != 0) + { + // IPv4 + while (i) { + for (j = i;j > 0;--j) if (ip_env[j - 1] == '.') break; + if (!stralloc_catb(&ip_reverse,ip_env + j,i - j)) nomem(); + if (!stralloc_cats(&ip_reverse,".")) nomem(); + if (!j) break; + i = j - 1; + } + } + else + { + // IPv6 + if ((i=scan_ip6(ip_env, remoteip))==0) + return; + + for (j=16; j>0; j--) + { + hexval=tohex(remoteip[j-1] & 15); + if(!stralloc_catb(&ip_reverse, &hexval, 1)) nomem(); + if(!stralloc_cats(&ip_reverse, ".")) nomem(); + + hexval=tohex(remoteip[j-1] >> 4); + if(!stralloc_catb(&ip_reverse, &hexval, 1)) nomem(); + if(!stralloc_cats(&ip_reverse, ".")) nomem(); + } + + if(!stralloc_cats(&ip_reverse, "ipv6.")) nomem(); } } @@ -190,7 +222,7 @@ main(int argc,char **argv,char **envp) argv += optind; if (!*argv) usage(); - if (flagwantdefaultrbl) rbl("rbl.maps.vix.com"); + if (flagwantdefaultrbl) rbl("zen.spamhaus.org"); if (decision >= 2) rblsmtpd(); pathexec_run(*argv,argv,envp); diff --git a/ucspi-tcp-0.88/remoteinfo.h b/ucspi-tcp-0.88/remoteinfo.h index 2ca779d..0884cc1 100644 --- a/ucspi-tcp-0.88/remoteinfo.h +++ b/ucspi-tcp-0.88/remoteinfo.h @@ -5,5 +5,6 @@ #include "uint16.h" extern int remoteinfo(stralloc *,char *,uint16,char *,uint16,unsigned int); +extern int remoteinfo6(stralloc *,char *,uint16,char *,uint16,unsigned int,uint32); #endif diff --git a/ucspi-tcp-0.88/rules.c b/ucspi-tcp-0.88/rules.c index 1840360..4fc2354 100644 --- a/ucspi-tcp-0.88/rules.c +++ b/ucspi-tcp-0.88/rules.c @@ -64,7 +64,7 @@ static int doit(void (*callback)(char *,unsigned int),char *ip,char *host,char * if (!stralloc_copys(&rules_name,ip)) return -1; while (rules_name.len > 0) { - if (ip[rules_name.len - 1] == '.') { + if (ip[rules_name.len - 1] == '.' || ip[rules_name.len - 1] == ':') { r = dorule(callback); if (r) return r; } diff --git a/ucspi-tcp-0.88/socket.h b/ucspi-tcp-0.88/socket.h index 80fb260..4fba762 100644 --- a/ucspi-tcp-0.88/socket.h +++ b/ucspi-tcp-0.88/socket.h @@ -2,21 +2,52 @@ #define SOCKET_H #include "uint16.h" +#include "uint32.h" extern int socket_tcp(void); extern int socket_udp(void); +extern int socket_tcp6(void); +extern int socket_udp6(void); -extern int socket_connect4(int,char *,uint16); +extern int socket_connect4(int,const char *,uint16); +extern int socket_connect6(int s,const char *ip,uint16 port,uint32 scope_id); extern int socket_connected(int); -extern int socket_bind4(int,char *,uint16); -extern int socket_bind4_reuse(int,char *,uint16); +extern int socket_bind4(int,const char *,uint16); +extern int socket_bind4_reuse(int,const char *,uint16); +extern int socket_bind6(int s,const char *ip,uint16 port,uint32 scope_id); +extern int socket_bind6_reuse(int s,const char *ip,uint16 port,uint32 scope_id); extern int socket_listen(int,int); extern int socket_accept4(int,char *,uint16 *); +extern int socket_accept6(int s,char *ip,uint16 *port,uint32 *scope_id); extern int socket_recv4(int,char *,int,char *,uint16 *); -extern int socket_send4(int,char *,int,char *,uint16); +extern int socket_send4(int,const char *,int,const char *,uint16); +extern int socket_recv6(int s,char *buf,unsigned int len,char *ip,uint16 *port,uint32 *scope_id); +extern int socket_send6(int s,const char *buf,unsigned int len,const char *ip,uint16 port,uint32 scope_id); extern int socket_local4(int,char *,uint16 *); extern int socket_remote4(int,char *,uint16 *); +extern int socket_local6(int s,char *ip,uint16 *port,uint32 *scope_id); +extern int socket_remote6(int s,char *ip,uint16 *port,uint32 *scope_id); + +/* enable sending udp packets to the broadcast address */ +extern int socket_broadcast(int); +/* join a multicast group on the given interface */ +extern int socket_mcjoin4(int,char *,char *); +extern int socket_mcjoin6(int,char *,int); +/* leave a multicast group on the given interface */ +extern int socket_mcleave4(int,char *); +extern int socket_mcleave6(int,char *); +/* set multicast TTL/hop count for outgoing packets */ +extern int socket_mcttl4(int,char); +extern int socket_mcttl6(int,char); +/* enable multicast loopback */ +extern int socket_mcloop4(int,char); +extern int socket_mcloop6(int,char); + +extern const char* socket_getifname(uint32 interface); +extern uint32 socket_getifidx(const char *ifname); extern void socket_tryreservein(int,int); +extern int noipv6; + #endif diff --git a/ucspi-tcp-0.88/socket_bind.c b/ucspi-tcp-0.88/socket_bind.c index 20830a4..067b4a8 100644 --- a/ucspi-tcp-0.88/socket_bind.c +++ b/ucspi-tcp-0.88/socket_bind.c @@ -5,7 +5,7 @@ #include "byte.h" #include "socket.h" -int socket_bind4(int s,char ip[4],uint16 port) +int socket_bind4(int s,const char ip[4],uint16 port) { struct sockaddr_in sa; @@ -17,7 +17,7 @@ int socket_bind4(int s,char ip[4],uint16 port) return bind(s,(struct sockaddr *) &sa,sizeof sa); } -int socket_bind4_reuse(int s,char ip[4],uint16 port) +int socket_bind4_reuse(int s,const char ip[4],uint16 port) { int opt = 1; setsockopt(s,SOL_SOCKET,SO_REUSEADDR,&opt,sizeof opt); diff --git a/ucspi-tcp-0.88/socket_conn.c b/ucspi-tcp-0.88/socket_conn.c index 35adac4..dcc93ac 100644 --- a/ucspi-tcp-0.88/socket_conn.c +++ b/ucspi-tcp-0.88/socket_conn.c @@ -6,7 +6,7 @@ #include "byte.h" #include "socket.h" -int socket_connect4(int s,char ip[4],uint16 port) +int socket_connect4(int s,const char ip[4],uint16 port) { struct sockaddr_in sa; diff --git a/ucspi-tcp-0.88/str.h b/ucspi-tcp-0.88/str.h index ab4aedd..a2a4b75 100644 --- a/ucspi-tcp-0.88/str.h +++ b/ucspi-tcp-0.88/str.h @@ -1,13 +1,13 @@ #ifndef STR_H #define STR_H -extern unsigned int str_copy(char *,char *); -extern int str_diff(char *,char *); -extern int str_diffn(char *,char *,unsigned int); -extern unsigned int str_len(char *); -extern unsigned int str_chr(char *,int); -extern unsigned int str_rchr(char *,int); -extern int str_start(char *,char *); +extern unsigned int str_copy(char *,const char *); +extern int str_diff(const char *,const char *); +extern int str_diffn(const char *,const char *,unsigned int); +extern unsigned int str_len(const char *); +extern unsigned int str_chr(const char *,int); +extern unsigned int str_rchr(const char *,int); +extern int str_start(const char *,const char *); #define str_equal(s,t) (!str_diff((s),(t))) diff --git a/ucspi-tcp-0.88/str_chr.c b/ucspi-tcp-0.88/str_chr.c index 886d6b6..042dfa2 100644 --- a/ucspi-tcp-0.88/str_chr.c +++ b/ucspi-tcp-0.88/str_chr.c @@ -1,9 +1,9 @@ #include "str.h" -unsigned int str_chr(register char *s,int c) +unsigned int str_chr(register const char *s,int c) { register char ch; - register char *t; + register const char *t; ch = c; t = s; diff --git a/ucspi-tcp-0.88/str_diff.c b/ucspi-tcp-0.88/str_diff.c index 037dcdf..071e7f5 100644 --- a/ucspi-tcp-0.88/str_diff.c +++ b/ucspi-tcp-0.88/str_diff.c @@ -1,6 +1,6 @@ #include "str.h" -int str_diff(register char *s,register char *t) +int str_diff(register const char *s,register const char *t) { register char x; diff --git a/ucspi-tcp-0.88/str_len.c b/ucspi-tcp-0.88/str_len.c index 5bd3f62..8411ebf 100644 --- a/ucspi-tcp-0.88/str_len.c +++ b/ucspi-tcp-0.88/str_len.c @@ -1,8 +1,8 @@ #include "str.h" -unsigned int str_len(char *s) +unsigned int str_len(const char *s) { - register char *t; + register const char *t; t = s; for (;;) { diff --git a/ucspi-tcp-0.88/str_start.c b/ucspi-tcp-0.88/str_start.c index 43430bb..757189d 100644 --- a/ucspi-tcp-0.88/str_start.c +++ b/ucspi-tcp-0.88/str_start.c @@ -1,6 +1,6 @@ #include "str.h" -int str_start(register char *s,register char *t) +int str_start(register const char *s,register const char *t) { register char x; diff --git a/ucspi-tcp-0.88/stralloc.h b/ucspi-tcp-0.88/stralloc.h index 7866812..cc17048 100644 --- a/ucspi-tcp-0.88/stralloc.h +++ b/ucspi-tcp-0.88/stralloc.h @@ -9,18 +9,20 @@ extern int stralloc_ready(stralloc *,unsigned int); extern int stralloc_readyplus(stralloc *,unsigned int); extern int stralloc_copy(stralloc *,stralloc *); extern int stralloc_cat(stralloc *,stralloc *); -extern int stralloc_copys(stralloc *,char *); -extern int stralloc_cats(stralloc *,char *); -extern int stralloc_copyb(stralloc *,char *,unsigned int); -extern int stralloc_catb(stralloc *,char *,unsigned int); +extern int stralloc_copys(stralloc *,const char *); +extern int stralloc_cats(stralloc *,const char *); +extern int stralloc_copyb(stralloc *,const char *,unsigned int); +extern int stralloc_catb(stralloc *,const char *,unsigned int); extern int stralloc_append(stralloc *,char *); /* beware: this takes a pointer to 1 char */ -extern int stralloc_starts(stralloc *,char *); +extern int stralloc_starts(stralloc *,const char *); #define stralloc_0(sa) stralloc_append(sa,"") extern int stralloc_catulong0(stralloc *,unsigned long,unsigned int); extern int stralloc_catlong0(stralloc *,long,unsigned int); +extern void stralloc_free(stralloc *); + #define stralloc_catlong(sa,l) (stralloc_catlong0((sa),(l),0)) #define stralloc_catuint0(sa,i,n) (stralloc_catulong0((sa),(i),(n))) #define stralloc_catint0(sa,i,n) (stralloc_catlong0((sa),(i),(n))) diff --git a/ucspi-tcp-0.88/stralloc_catb.c b/ucspi-tcp-0.88/stralloc_catb.c index b739bed..b606e32 100644 --- a/ucspi-tcp-0.88/stralloc_catb.c +++ b/ucspi-tcp-0.88/stralloc_catb.c @@ -1,7 +1,7 @@ #include "stralloc.h" #include "byte.h" -int stralloc_catb(stralloc *sa,char *s,unsigned int n) +int stralloc_catb(stralloc *sa,const char *s,unsigned int n) { if (!sa->s) return stralloc_copyb(sa,s,n); if (!stralloc_readyplus(sa,n + 1)) return 0; diff --git a/ucspi-tcp-0.88/stralloc_cats.c b/ucspi-tcp-0.88/stralloc_cats.c index 8b11e94..92cb66e 100644 --- a/ucspi-tcp-0.88/stralloc_cats.c +++ b/ucspi-tcp-0.88/stralloc_cats.c @@ -2,7 +2,7 @@ #include "str.h" #include "stralloc.h" -int stralloc_cats(stralloc *sa,char *s) +int stralloc_cats(stralloc *sa,const char *s) { return stralloc_catb(sa,s,str_len(s)); } diff --git a/ucspi-tcp-0.88/stralloc_opyb.c b/ucspi-tcp-0.88/stralloc_opyb.c index 46b99fc..593029d 100644 --- a/ucspi-tcp-0.88/stralloc_opyb.c +++ b/ucspi-tcp-0.88/stralloc_opyb.c @@ -1,7 +1,7 @@ #include "stralloc.h" #include "byte.h" -int stralloc_copyb(stralloc *sa,char *s,unsigned int n) +int stralloc_copyb(stralloc *sa,const char *s,unsigned int n) { if (!stralloc_ready(sa,n + 1)) return 0; byte_copy(sa->s,n,s); diff --git a/ucspi-tcp-0.88/stralloc_opys.c b/ucspi-tcp-0.88/stralloc_opys.c index 78594b0..860c7e0 100644 --- a/ucspi-tcp-0.88/stralloc_opys.c +++ b/ucspi-tcp-0.88/stralloc_opys.c @@ -2,7 +2,7 @@ #include "str.h" #include "stralloc.h" -int stralloc_copys(stralloc *sa,char *s) +int stralloc_copys(stralloc *sa,const char *s) { return stralloc_copyb(sa,s,str_len(s)); } diff --git a/ucspi-tcp-0.88/tcpclient.c b/ucspi-tcp-0.88/tcpclient.c index 9f6d7f2..77b1ad5 100644 --- a/ucspi-tcp-0.88/tcpclient.c +++ b/ucspi-tcp-0.88/tcpclient.c @@ -9,6 +9,7 @@ #include "scan.h" #include "str.h" #include "ip4.h" +#include "ip6.h" #include "uint16.h" #include "socket.h" #include "fd.h" @@ -20,6 +21,7 @@ #include "timeoutconn.h" #include "remoteinfo.h" #include "dns.h" +#include "byte.h" #define FATAL "tcpclient: fatal: " #define CONNECT "tcpclient: unable to connect to " @@ -31,27 +33,30 @@ void nomem(void) void usage(void) { strerr_die1x(100,"tcpclient: usage: tcpclient \ -[ -hHrRdDqQv ] \ +[ -46hHrRdDqQv ] \ [ -i localip ] \ [ -p localport ] \ [ -T timeoutconn ] \ [ -l localname ] \ [ -t timeoutinfo ] \ +[ -I interface ] \ host port program"); } +int forcev6 = 0; int verbosity = 1; int flagdelay = 1; int flagremoteinfo = 1; int flagremotehost = 1; unsigned long itimeout = 26; unsigned long ctimeout[2] = { 2, 58 }; +uint32 netif = 0; -char iplocal[4] = { 0,0,0,0 }; +char iplocal[16] = { 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0 }; uint16 portlocal = 0; char *forcelocal = 0; -char ipremote[4]; +char ipremote[16]; uint16 portremote; char *hostname; @@ -61,12 +66,13 @@ static stralloc moreaddresses; static stralloc tmp; static stralloc fqdn; char strnum[FMT_ULONG]; -char ipstr[IP4_FMT]; +char ipstr[IP6_FMT]; char seed[128]; main(int argc,char **argv) { + int fakev4=0; unsigned long u; int opt; char *x; @@ -80,8 +86,10 @@ main(int argc,char **argv) close(7); sig_ignore(sig_pipe); - while ((opt = getopt(argc,argv,"dDvqQhHrRi:p:t:T:l:")) != opteof) + while ((opt = getopt(argc,argv,"46dDvqQhHrRi:p:t:T:l:I:")) != opteof) switch(opt) { + case '4': noipv6 = 1; break; + case '6': forcev6 = 1; break; case 'd': flagdelay = 1; break; case 'D': flagdelay = 0; break; case 'v': verbosity = 2; break; @@ -97,7 +105,8 @@ main(int argc,char **argv) if (optarg[j] == '+') ++j; scan_ulong(optarg + j,&ctimeout[1]); break; - case 'i': if (!ip4_scan(optarg,iplocal)) usage(); break; + case 'i': if (!scan_ip6(optarg,iplocal)) usage(); break; + case 'I': netif=socket_getifidx(optarg); break; case 'p': scan_ulong(optarg,&u); portlocal = u; break; default: usage(); } @@ -108,8 +117,8 @@ main(int argc,char **argv) hostname = *argv; if (!hostname) usage(); - if (str_equal(hostname,"")) hostname = "127.0.0.1"; - if (str_equal(hostname,"0")) hostname = "127.0.0.1"; + if (!hostname[0] || str_equal(hostname,"0")) + hostname = (noipv6?"127.0.0.1":"::1"); x = *++argv; if (!x) usage(); @@ -127,33 +136,36 @@ main(int argc,char **argv) if (!*++argv) usage(); if (!stralloc_copys(&tmp,hostname)) nomem(); - if (dns_ip4_qualify(&addresses,&fqdn,&tmp) == -1) + if (dns_ip6_qualify(&addresses,&fqdn,&tmp) == -1) strerr_die4sys(111,FATAL,"temporarily unable to figure out IP address for ",hostname,": "); - if (addresses.len < 4) + if (addresses.len < 16) strerr_die3x(111,FATAL,"no IP address for ",hostname); - if (addresses.len == 4) { + if (addresses.len == 16) { ctimeout[0] += ctimeout[1]; ctimeout[1] = 0; } for (cloop = 0;cloop < 2;++cloop) { if (!stralloc_copys(&moreaddresses,"")) nomem(); - for (j = 0;j + 4 <= addresses.len;j += 4) { - s = socket_tcp(); + for (j = 0;j + 16 <= addresses.len;j += 4) { + s = socket_tcp6(); if (s == -1) strerr_die2sys(111,FATAL,"unable to create socket: "); - if (socket_bind4(s,iplocal,portlocal) == -1) + if (socket_bind6(s,iplocal,portlocal,netif) == -1) strerr_die2sys(111,FATAL,"unable to bind socket: "); - if (timeoutconn(s,addresses.s + j,portremote,ctimeout[cloop]) == 0) + if (timeoutconn6(s,addresses.s + j,portremote,ctimeout[cloop],netif) == 0) goto CONNECTED; close(s); if (!cloop && ctimeout[1] && (errno == error_timeout)) { - if (!stralloc_catb(&moreaddresses,addresses.s + j,4)) nomem(); + if (!stralloc_catb(&moreaddresses,addresses.s + j,16)) nomem(); } else { strnum[fmt_ulong(strnum,portremote)] = 0; - ipstr[ip4_fmt(ipstr,addresses.s + j)] = 0; + if (ip6_isv4mapped(addresses.s+j)) + ipstr[ip4_fmt(ipstr,addresses.s + j + 12)] = 0; + else + ipstr[ip6_fmt(ipstr,addresses.s + j)] = 0; strerr_warn5(CONNECT,ipstr," port ",strnum,": ",&strerr_sys); } } @@ -169,37 +181,46 @@ main(int argc,char **argv) if (!flagdelay) socket_tcpnodelay(s); /* if it fails, bummer */ - if (!pathexec_env("PROTO","TCP")) nomem(); - - if (socket_local4(s,iplocal,&portlocal) == -1) + if (socket_local6(s,iplocal,&portlocal,&netif) == -1) strerr_die2sys(111,FATAL,"unable to get local address: "); + if (!forcev6 && (ip6_isv4mapped(iplocal) || byte_equal(iplocal,16,V6any))) + fakev4=1; + + if (!pathexec_env("PROTO",fakev4?"TCP":"TCP6")) nomem(); + strnum[fmt_ulong(strnum,portlocal)] = 0; if (!pathexec_env("TCPLOCALPORT",strnum)) nomem(); - ipstr[ip4_fmt(ipstr,iplocal)] = 0; + if (fakev4) + ipstr[ip4_fmt(ipstr,iplocal+12)] = 0; + else + ipstr[ip6_fmt(ipstr,iplocal)] = 0; if (!pathexec_env("TCPLOCALIP",ipstr)) nomem(); x = forcelocal; if (!x) - if (dns_name4(&tmp,iplocal) == 0) { + if (dns_name6(&tmp,iplocal) == 0) { if (!stralloc_0(&tmp)) nomem(); x = tmp.s; } if (!pathexec_env("TCPLOCALHOST",x)) nomem(); - if (socket_remote4(s,ipremote,&portremote) == -1) + if (socket_remote6(s,ipremote,&portremote,&netif) == -1) strerr_die2sys(111,FATAL,"unable to get remote address: "); strnum[fmt_ulong(strnum,portremote)] = 0; if (!pathexec_env("TCPREMOTEPORT",strnum)) nomem(); - ipstr[ip4_fmt(ipstr,ipremote)] = 0; + if (fakev4) + ipstr[ip4_fmt(ipstr,ipremote+12)] = 0; + else + ipstr[ip6_fmt(ipstr,ipremote)] = 0; if (!pathexec_env("TCPREMOTEIP",ipstr)) nomem(); if (verbosity >= 2) strerr_warn4("tcpclient: connected to ",ipstr," port ",strnum,0); x = 0; if (flagremotehost) - if (dns_name4(&tmp,ipremote) == 0) { + if (dns_name6(&tmp,ipremote) == 0) { if (!stralloc_0(&tmp)) nomem(); x = tmp.s; } @@ -207,7 +228,7 @@ main(int argc,char **argv) x = 0; if (flagremoteinfo) - if (remoteinfo(&tmp,ipremote,portremote,iplocal,portlocal,itimeout) == 0) { + if (remoteinfo6(&tmp,ipremote,portremote,iplocal,portlocal,itimeout,netif) == 0) { if (!stralloc_0(&tmp)) nomem(); x = tmp.s; } diff --git a/ucspi-tcp-0.88/tcprules.c b/ucspi-tcp-0.88/tcprules.c index a684ac5..83519c8 100644 --- a/ucspi-tcp-0.88/tcprules.c +++ b/ucspi-tcp-0.88/tcprules.c @@ -123,8 +123,15 @@ main(int argc,char **argv) } line.len = len; /* for die_bad() */ - colon = byte_chr(x,len,':'); - if (colon == len) continue; + colon = 0; + for (;;) { + int tmp; + tmp = byte_chr(x + colon,len - colon,':'); + colon += tmp; + if (colon == len) continue; + if (byte_equal(x+colon+1,4,"deny") || byte_equal(x+colon+1,5,"allow")) break; + ++colon; + } if (!stralloc_copyb(&address,x,colon)) nomem(); if (!stralloc_copys(&data,"")) nomem(); diff --git a/ucspi-tcp-0.88/tcpserver.c b/ucspi-tcp-0.88/tcpserver.c index 979a0be..aab637f 100644 --- a/ucspi-tcp-0.88/tcpserver.c +++ b/ucspi-tcp-0.88/tcpserver.c @@ -7,6 +7,7 @@ #include "fmt.h" #include "scan.h" #include "ip4.h" +#include "ip6.h" #include "fd.h" #include "exit.h" #include "env.h" @@ -28,6 +29,7 @@ #include "sig.h" #include "dns.h" +int forcev6 = 0; int verbosity = 1; int flagkillopts = 1; int flagdelay = 1; @@ -36,20 +38,21 @@ int flagremoteinfo = 1; int flagremotehost = 1; int flagparanoid = 0; unsigned long timeout = 26; +uint32 netif = 0; static stralloc tcpremoteinfo; uint16 localport; char localportstr[FMT_ULONG]; -char localip[4]; -char localipstr[IP4_FMT]; +char localip[16]; +char localipstr[IP6_FMT]; static stralloc localhostsa; char *localhost = 0; uint16 remoteport; char remoteportstr[FMT_ULONG]; -char remoteip[4]; -char remoteipstr[IP4_FMT]; +char remoteip[16]; +char remoteipstr[IP6_FMT]; static stralloc remotehostsa; char *remotehost = 0; @@ -96,12 +99,12 @@ void safecats(char *s) if (ch < 33) ch = '?'; if (ch > 126) ch = '?'; if (ch == '%') ch = '?'; /* logger stupidity */ - if (ch == ':') ch = '?'; +/* if (ch == ':') ch = '?'; */ append(&ch); } cats("..."); } -void env(char *s,char *t) +void env(const char *s,const char *t) { if (!pathexec_env(s,t)) drop_nomem(); } @@ -135,9 +138,16 @@ void found(char *data,unsigned int datalen) void doit(int t) { + int fakev4=0; int j; + uint32 scope_id; - remoteipstr[ip4_fmt(remoteipstr,remoteip)] = 0; + if (!forcev6 && ip6_isv4mapped(remoteip)) + fakev4=1; + if (fakev4) + remoteipstr[ip4_fmt(remoteipstr,remoteip+12)] = 0; + else + remoteipstr[ip6_fmt(remoteipstr,remoteip)] = 0; if (verbosity >= 2) { strnum[fmt_ulong(strnum,getpid())] = 0; @@ -155,30 +165,40 @@ void doit(int t) strerr_die2sys(111,DROP,"unable to print banner: "); } - if (socket_local4(t,localip,&localport) == -1) + if (socket_local6(t,localip,&localport,&scope_id) == -1) strerr_die2sys(111,DROP,"unable to get local address: "); - localipstr[ip4_fmt(localipstr,localip)] = 0; + if (fakev4) + localipstr[ip4_fmt(localipstr,localip+12)] = 0; + else + localipstr[ip6_fmt(localipstr,localip)] = 0; remoteportstr[fmt_ulong(remoteportstr,remoteport)] = 0; if (!localhost) - if (dns_name4(&localhostsa,localip) == 0) + if (dns_name6(&localhostsa,localip) == 0) if (localhostsa.len) { if (!stralloc_0(&localhostsa)) drop_nomem(); localhost = localhostsa.s; } - env("PROTO","TCP"); + env("PROTO",fakev4?"TCP":"TCP6"); env("TCPLOCALIP",localipstr); + localipstr[ip6_fmt(localipstr,localip)]=0; + env("TCP6LOCALIP",localipstr); + env("TCPLOCALPORT",localportstr); + env("TCP6LOCALPORT",localportstr); env("TCPLOCALHOST",localhost); + env("TCP6LOCALHOST",localhost); + if (!fakev4 && scope_id) + env("TCP6INTERFACE",socket_getifname(scope_id)); if (flagremotehost) - if (dns_name4(&remotehostsa,remoteip) == 0) + if (dns_name6(&remotehostsa,remoteip) == 0) if (remotehostsa.len) { if (flagparanoid) - if (dns_ip4(&tmp,&remotehostsa) == 0) - for (j = 0;j + 4 <= tmp.len;j += 4) - if (byte_equal(remoteip,4,tmp.s + j)) { + if (dns_ip6(&tmp,&remotehostsa) == 0) + for (j = 0;j + 16 <= tmp.len;j += 16) + if (byte_equal(remoteip,16,tmp.s + j)) { flagparanoid = 0; break; } @@ -188,15 +208,20 @@ void doit(int t) } } env("TCPREMOTEIP",remoteipstr); + remoteipstr[ip6_fmt(remoteipstr,remoteip)]=0; + env("TCP6REMOTEIP",remoteipstr); env("TCPREMOTEPORT",remoteportstr); + env("TCP6REMOTEPORT",remoteportstr); env("TCPREMOTEHOST",remotehost); + env("TCP6REMOTEHOST",remotehost); if (flagremoteinfo) { - if (remoteinfo(&tcpremoteinfo,remoteip,remoteport,localip,localport,timeout) == -1) + if (remoteinfo6(&tcpremoteinfo,remoteip,remoteport,localip,localport,timeout,netif) == -1) flagremoteinfo = 0; if (!stralloc_0(&tcpremoteinfo)) drop_nomem(); } env("TCPREMOTEINFO",flagremoteinfo ? tcpremoteinfo.s : 0); + env("TCP6REMOTEINFO",flagremoteinfo ? tcpremoteinfo.s : 0); if (fnrules) { int fdrules; @@ -206,7 +231,15 @@ void doit(int t) if (!flagallownorules) drop_rules(); } else { - if (rules(found,fdrules,remoteipstr,remotehost,flagremoteinfo ? tcpremoteinfo.s : 0) == -1) drop_rules(); + int fakev4=0; + char* temp; + if (!forcev6 && ip6_isv4mapped(remoteip)) + fakev4=1; + if (fakev4) + temp=remoteipstr+7; + else + temp=remoteipstr; + if (rules(found,fdrules,temp,remotehost,flagremoteinfo ? tcpremoteinfo.s : 0) == -1) drop_rules(); close(fdrules); } } @@ -240,7 +273,7 @@ void usage(void) { strerr_warn1("\ tcpserver: usage: tcpserver \ -[ -1UXpPhHrRoOdDqQv ] \ +[ -461UXpPhHrRoOdDqQv ] \ [ -c limit ] \ [ -x rules.cdb ] \ [ -B banner ] \ @@ -249,6 +282,7 @@ tcpserver: usage: tcpserver \ [ -b backlog ] \ [ -l localname ] \ [ -t timeout ] \ +[ -I interface ] \ host port program",0); _exit(100); } @@ -299,8 +333,8 @@ main(int argc,char **argv) unsigned long u; int s; int t; - - while ((opt = getopt(argc,argv,"dDvqQhHrR1UXx:t:u:g:l:b:B:c:pPoO")) != opteof) + + while ((opt = getopt(argc,argv,"46dDvqQhHrR1UXx:t:u:g:l:b:B:c:I:pPoO")) != opteof) switch(opt) { case 'b': scan_ulong(optarg,&backlog); break; case 'c': scan_ulong(optarg,&limit); break; @@ -325,7 +359,10 @@ main(int argc,char **argv) x = env_get("GID"); if (x) scan_ulong(x,&gid); break; case 'u': scan_ulong(optarg,&uid); break; case 'g': scan_ulong(optarg,&gid); break; + case 'I': netif=socket_getifidx(optarg); break; case '1': flag1 = 1; break; + case '4': noipv6 = 1; break; + case '6': forcev6 = 1; break; case 'l': localhost = optarg; break; default: usage(); } @@ -337,8 +374,7 @@ main(int argc,char **argv) hostname = *argv++; if (!hostname) usage(); - if (str_equal(hostname,"")) hostname = "0.0.0.0"; - if (str_equal(hostname,"0")) hostname = "0.0.0.0"; + if (str_equal(hostname,"")) hostname = "0"; x = *argv++; if (!x) usage(); @@ -348,7 +384,7 @@ main(int argc,char **argv) se = getservbyname(x,"tcp"); if (!se) strerr_die3x(111,FATAL,"unable to figure out port number for ",x); - localport = ntohs(se->s_port); + uint16_unpack_big((char*)&se->s_port,&localport); } if (!*argv) usage(); @@ -358,20 +394,26 @@ main(int argc,char **argv) sig_catch(sig_term,sigterm); sig_ignore(sig_pipe); - if (!stralloc_copys(&tmp,hostname)) - strerr_die2x(111,FATAL,"out of memory"); - if (dns_ip4_qualify(&addresses,&fqdn,&tmp) == -1) - strerr_die4sys(111,FATAL,"temporarily unable to figure out IP address for ",hostname,": "); - if (addresses.len < 4) - strerr_die3x(111,FATAL,"no IP address for ",hostname); - byte_copy(localip,4,addresses.s); - - s = socket_tcp(); + if (str_equal(hostname,"0")) { + byte_zero(localip,sizeof localip); + } else { + if (!stralloc_copys(&tmp,hostname)) + strerr_die2x(111,FATAL,"out of memory"); + if (dns_ip6_qualify(&addresses,&fqdn,&tmp) == -1) + strerr_die4sys(111,FATAL,"temporarily unable to figure out IP address for ",hostname,": "); + if (addresses.len < 16) + strerr_die3x(111,FATAL,"no IP address for ",hostname); + byte_copy(localip,16,addresses.s); + if (ip6_isv4mapped(localip)) + noipv6=1; + } + + s = socket_tcp6(); if (s == -1) strerr_die2sys(111,FATAL,"unable to create socket: "); - if (socket_bind4_reuse(s,localip,localport) == -1) + if (socket_bind6_reuse(s,localip,localport,netif) == -1) strerr_die2sys(111,FATAL,"unable to bind: "); - if (socket_local4(s,localip,&localport) == -1) + if (socket_local6(s,localip,&localport,&netif) == -1) strerr_die2sys(111,FATAL,"unable to get local address: "); if (socket_listen(s,backlog) == -1) strerr_die2sys(111,FATAL,"unable to listen: "); @@ -399,7 +441,7 @@ main(int argc,char **argv) while (numchildren >= limit) sig_pause(); sig_unblock(sig_child); - t = socket_accept4(s,remoteip,&remoteport); + t = socket_accept6(s,remoteip,&remoteport,&netif); sig_block(sig_child); if (t == -1) continue; diff --git a/ucspi-tcp-0.88/timeoutconn.h b/ucspi-tcp-0.88/timeoutconn.h index 7f9dcc9..01e6a75 100644 --- a/ucspi-tcp-0.88/timeoutconn.h +++ b/ucspi-tcp-0.88/timeoutconn.h @@ -2,7 +2,9 @@ #define TIMEOUTCONN_H #include "uint16.h" +#include "uint32.h" extern int timeoutconn(int,char *,uint16,unsigned int); +extern int timeoutconn6(int,char *,uint16,unsigned int,uint32); #endif -- cgit v1.2.3 From d2564d25e802d1ee3230cf045c4940e836b5c6a2 Mon Sep 17 00:00:00 2001 From: John Denker Date: Sun, 29 Jul 2012 16:50:11 -0700 Subject: split ltgrey (and libltgrey) off from greylist; put some utility functions into their own file. --- .gitignore | 1 + tools/greylist.c | 50 +------- tools/libltgrey.c | 343 ++++++++++++++++++++++++++++++++++++++++++++++++++ tools/libltgrey.h | 38 ++++++ tools/ltgrey.c | 153 ++++++++++++++++++++++ tools/makefile | 12 +- tools/qq_exit_codes.h | 15 +++ tools/skrewt.c | 17 +-- tools/utils.c | 44 +++++++ tools/utils.h | 3 + 10 files changed, 611 insertions(+), 65 deletions(-) create mode 100644 tools/libltgrey.c create mode 100644 tools/libltgrey.h create mode 100644 tools/ltgrey.c create mode 100644 tools/qq_exit_codes.h create mode 100644 tools/utils.c create mode 100644 tools/utils.h (limited to '.gitignore') diff --git a/.gitignore b/.gitignore index e929027..b6369d1 100644 --- a/.gitignore +++ b/.gitignore @@ -163,3 +163,4 @@ data.tar.gz dummy-mail-transfer-agent_all.deb bash-c wripper +ltgrey diff --git a/tools/greylist.c b/tools/greylist.c index 89396e7..9af70eb 100644 --- a/tools/greylist.c +++ b/tools/greylist.c @@ -22,7 +22,6 @@ #include /* for memset() */ #include /* for inet_ntop() */ - using namespace std; const int minute(60); @@ -33,18 +32,7 @@ const int minimum_age(15*minute); const int maximum_age(32*day); const int probation(4*hour); -// error exit codes, mostly as stated in qmail.c -#define foo(name, num) const int ex_ ## name = num -#define bar foo(good, 0) ;\ -foo(spam, 21) ;\ -foo(penaltybox, 22) ;\ -foo(badDNS, 23) ;\ -foo(greylisting, 70) ;\ -foo(syserr, 71) ;\ -foo(comerr, 74) ; - -bar -#undef foo +#include "qq_exit_codes.h" pid_t mypid; string progname; @@ -58,14 +46,6 @@ void dump(const string var){ else cerr << " is not set." << endl; } - -//////////////// -// little utility to help with argument parsing: -// -int prefix(const string shorter, const string longer){ - return shorter == longer.substr(0, shorter.length()); -} - void exeunt(const int sts){ if (sts == ex_good) exit(sts); @@ -93,6 +73,8 @@ void exeunt(const int sts){ exit(sts); } +#include "utils.h" + class whatsit{ public: string dirname; @@ -126,12 +108,6 @@ public: int check_dns_sub(string &addr, string &host, vector &checked); }; -string basename(const string path){ - size_t where = path.rfind("/"); - if (where != string::npos) return path.substr(1+where); - return path; -} - int whatsit::setup(){ stringstream foo; foo << basename(progname) << suffix @@ -145,26 +121,6 @@ int whatsit::setup(){ return 0; } -string time_out(const int _ttt){ - int ttt(abs(_ttt)); - int sec(ttt % 60); - int min((ttt / 60) % 60); - int hr(ttt / 3600); - stringstream foo; - int didsome(0); - if (_ttt < 0) foo << "-"; - if (hr) { - foo << hr << ":"; - didsome++; - } - if (didsome || min){ - foo << setw(didsome?2:1) << setfill('0') << min << ":"; - didsome++; - } - foo << setw(didsome?2:1) << setfill('0') << sec; - return foo.str(); -} - void scan(const string progid, const string p, const int copies=1){ timeval now; gettimeofday(&now, NULL); diff --git a/tools/libltgrey.c b/tools/libltgrey.c new file mode 100644 index 0000000..d4ec0da --- /dev/null +++ b/tools/libltgrey.c @@ -0,0 +1,343 @@ +#include /* for exit(), getenv() */ +#include +#include +#include + +#include /* for stat(), getaddrinfo() */ +#include /* for stat() */ +#include /* for stat() */ +#include /* for perror */ +#include /* for ENOENT */ +#include /* for ofstream() */ +#include /* for creat() */ +#include /* for gettimeofday() */ +#include /* for stringstream */ +#include /* for kill(), SIGUSR1 */ + +// requires apt-get install libboost-filesystem-dev: +#include + +#include /* for getaddrinfo() */ +#include /* for getaddrinfo() */ +#include /* for memset() */ +#include /* for inet_ntop() */ + +using namespace std; + +const int minute(60); +const int hour(60*minute); +const int day(24*hour); + +const int minimum_age(15*minute); +const int maximum_age(32*day); +const int probation(4*hour); + +#if 0 +void exeunt(const int sts){ + if (sts == ex_good) exit(sts); + +#ifndef PENALIZE_SPAMMERS + if (sts == ex_penaltybox) exit(sts); +#endif + +#ifndef KILL_GROUP + exit(sts); +#endif + + const char* foo = getenv("HI_Q_GROUP"); + if (!foo) exit(sts); + +// No point in signalling ourself: + sighandler_t rslt = signal(SIGUSR1, SIG_IGN); + if (rslt == SIG_ERR) { + cerr << "error setting signal" << endl; + } + int k = kill(-atoi(foo), SIGUSR1); + if (k) { + cerr << "kill failed on group " << atoi(foo) << " ... "; + perror(0); + } + exit(sts); +} +#endif + +#include /* for gettimeofday */ +#include /* for setw */ +#include /* for stat */ +#include /* for stat, creat */ +#include /* for stat, creat */ +#include /* for creat */ +#include /* for ofstream() */ + +#include "libltgrey.h" +#include "utils.h" +#include "qq_exit_codes.h" + +void whatsit::dump(const string var){ + char* str = getenv(var.c_str()); + cerr << progname + << "[" << mypid << "] " + << var; + if (str) cerr << " is set to '" << str << "'" << endl; + else cerr << " is not set." << endl; +} + +int whatsit::setup(){ + stringstream foo; + foo << basename(progname) << suffix + << "[" << mypid << "]"; + progid = foo.str(); + + ipvar = getenv("TCPREMOTEIP"); + if (ipvar) ipbase = ipvar; + hostvar = getenv("TCPREMOTEHOST"); + if (hostvar) hostname = hostvar; + return 0; +} + +void whatsit::update(const string msg, const timeval new_mod, + const timeval new_ac, const int penalty, const int stain){ + if (verbosity){ + if (penalty || stain || verbosity>1) cerr << progid << ": "; + if (penalty) cerr << " penalty " << penalty; + if (stain) cerr << " stain " << stain; + if (verbosity > 1) { + if (penalty || stain) cerr << "+"; // separation, punctuation + cerr << msg << ": " << ipbase; + if (hostname.length()) cerr << " " << hostname; + cerr << " mod_age: " << time_out(mod_age) + << " ac_age: " << time_out(ac_age); + } + cerr << endl; + } + timeval pen_mod(new_mod); + timeval stain_ac(new_ac); + if (penalty) { + pen_mod = now; + pen_mod.tv_sec += penalty; + } + if (stain) { + stain_ac = now; + stain_ac.tv_sec -= stain; + } + timeval upd[2] = { +// beware: access illogically comes *before* modification here: + stain_ac, + pen_mod + }; + if (utimes(ipname.c_str(), upd)) + cerr << "oops" << endl; +} + +int whatsit::doit(const int penalty, const int stain){ + + if (!ipvar) { + cerr << progid + << " TCPREMOTEIP not set???" << endl; + // should never happen + // although you can make it happen using a weird test-harness + return(ex_syserr); + } + +// see if our directory exists: + struct stat dirstat; + int rslt = stat(dirname.c_str(), &dirstat); + if (rslt != 0){ + if (errno != ENOENT) { + cerr << progid << ": stat failed for '" + << dirname << "' : "; + perror(0); + } + rslt = mkdir(dirname.c_str(), 0755); + if (rslt != 0) { + cerr << progid + << "uid " << getuid() + << ": mkdir failed for '" + << dirname << "' : "; + perror(0); + return(ex_syserr); + } + } + + ipname = dirname + "/" + ipbase; + struct stat ipstat; + rslt = stat(ipname.c_str(), &ipstat); + if (rslt != 0){ + if (errno != ENOENT) { + cerr << progid << ": stat failed for '" + << ipname << "' : "; + perror(0); + } + ofstream foo; + int fd = creat(ipname.c_str(), 0644); + if (fd < 0){ + cerr << progid << ": create failed for '" + << ipname << "' : "; + perror(0); + } + close(fd); + update("new customer", now, now, penalty, stain); + return(ex_greylisting); + } + +// now for really checking the greylist status: + mod_age = now.tv_sec - ipstat.st_mtime; + ac_age = now.tv_sec - ipstat.st_atime; + timeval mod_orig = {ipstat.st_mtime, 0}; + if (mod_age < 0) { + update("penalty box", mod_orig, now, penalty, stain); + return(ex_penaltybox); + } + if (mod_age < ac_age){ +// when he comes out on parole, he starts over with no reputation: + update("paroled spammer", now, now, penalty, stain); + return(ex_greylisting); + } + if (mod_age < minimum_age) { + update("early bird", mod_orig, now, penalty, stain); + return(ex_greylisting); + } + if (mod_age - ac_age < minimum_age // early bird, or completely unused + && mod_age > probation) { // did not diligently resubmit + update("disprobation", now, now, penalty, stain); + return(ex_greylisting); + } + if (ac_age > maximum_age) { + update("too old, starting over", now, now, penalty, stain); + return(ex_greylisting); + } +// if all checks are passed, must be OK: + update("returning customer", mod_orig, now, penalty, stain); + return 0; +} + +typedef vector VU; + +class VUx{ +public: + VU addr; + sa_family_t fam; + string str(); +}; + +string VUx::str(){ + char msgbuf[INET6_ADDRSTRLEN]; + const char* rslt = inet_ntop(fam, &addr[0], + msgbuf, sizeof(msgbuf)); + if (!rslt) rslt = ""; + return rslt; +} + +VUx parse_sockaddr(const sockaddr* ai_addr) { + void* numericAddress; + VUx rslt; + int addrsize; + rslt.addr = VU(0); + rslt.fam = ((sockaddr *)ai_addr)->sa_family; + switch (rslt.fam) { + case AF_INET: + numericAddress = &(((sockaddr_in *)ai_addr)->sin_addr.s_addr); + addrsize = sizeof(in_addr); + break; + case AF_INET6: + numericAddress = &(((sockaddr_in6 *)ai_addr)->sin6_addr.s6_addr); + addrsize = sizeof(in6_addr); + break; + default: + cerr << "?Unknown address family " << rslt.fam << endl; + return rslt; + } + unsigned char* foo = (unsigned char*) numericAddress; + rslt.addr = VU(foo, foo+addrsize); + return rslt; +} + +int diff(const VU aaa, const VU bbb){ + if(aaa.size() != bbb.size()) return 1; + for (unsigned int ii=0; ii < aaa.size(); ii++){ + if (aaa[ii] != bbb[ii]) return 1; + } + return 0; +} + +int whatsit::check_dns(){ + string addr("()"), host("()"); + vector checked; + int sts = check_dns_sub(addr, host, checked); + if (sts == 0) return sts; + if (sts != ex_badDNS) return sts; // possible ex_syserr +#if 1 + sts = 0; // demote badDNS to just a warning +#endif + cerr << progid; + if (!sts) cerr << " (warning)"; + cerr << " DNS inconsistency: " + << addr << " --> " + << host << " ==>"; + if (!checked.size()) cerr << " ()"; + else for (vector::const_iterator chk = checked.begin(); + chk != checked.end(); chk++) cerr << " " << *chk; + cerr << endl; + + return sts; +} + +int whatsit::check_dns_sub(string &addr, string &host, vector &checked){ + + struct addrinfo *result; + struct addrinfo *ipresult; + struct addrinfo *res; + addrinfo hints; + int error; + + memset(&hints, 0, sizeof(struct addrinfo)); +#if 1 + // restrict to TCP only; otherwise we get N records per address + hints.ai_protocol = IPPROTO_TCP; +#endif + + error = getaddrinfo(ipvar, NULL, &hints, &ipresult); + if (error == EAI_NONAME) return ex_badDNS; + if (error) { // some unexpected error + cerr << progid + << " odd error " << error + << " in getaddrinfo for " << ipvar + << " : " << gai_strerror(error) << endl; + return ex_syserr; + } + if (!ipresult) { + cerr << "should never happen (addr with no addrs?)" << endl; + return ex_syserr; + } + VUx ipAddr = parse_sockaddr(ipresult->ai_addr); + addr = ipAddr.str(); + + char* hostvar = getenv("TCPREMOTEHOST"); + if (hostvar) host = hostvar; + else return(ex_badDNS); + + error = getaddrinfo(hostvar, NULL, &hints, &result); + if (error == EAI_NONAME) return ex_badDNS; + if (error) { + cerr << progid + << " error " << error + << " compare " << EAI_NONAME + << " in getaddrinfo for " << ipvar + << " :: " << gai_strerror(error) << endl; + return ex_syserr; + } + +// loop over all returned results and check for a match. + for (res = result; res != NULL; res = res->ai_next){ + VUx hostAddr = parse_sockaddr(res->ai_addr); + checked.push_back(hostAddr.str()); + if (!diff(hostAddr.addr, ipAddr.addr)) { + ///// cerr << "match! " << ipAddr.addr.size() << endl; + goto done; + } + } + return ex_badDNS; + +done: + return 0; +} diff --git a/tools/libltgrey.h b/tools/libltgrey.h new file mode 100644 index 0000000..585ec01 --- /dev/null +++ b/tools/libltgrey.h @@ -0,0 +1,38 @@ +#include +#include /* for gettimeofday(), timeval */ +#include + +class whatsit{ +public: + std::string dirname; + std::string progname; + pid_t mypid; + timeval now; + char* ipvar; + char* hostvar; + std::string ipbase; + std::string ipname; + std::string hostname; + int mod_age; + int ac_age; + std::string suffix; + std::string progid; + int verbosity; + + whatsit(const std::string name, const std::string _dirname) + : dirname(_dirname), progname(name), mypid(getpid()), + mod_age(0), ac_age(0), + verbosity(0) + { + gettimeofday(&now, NULL); + } + int doit(const int penalty, const int stain); +// access comes after modification: + void update(const std::string msg, const timeval new_mod, + const timeval new_ac, const int penalty, const int stain); + int setup(); + int check_dns(); + int check_dns_sub(std::string &addr, std::string &host, + std::vector &checked); + void dump(const std::string var); +}; diff --git a/tools/ltgrey.c b/tools/ltgrey.c new file mode 100644 index 0000000..afdb4c1 --- /dev/null +++ b/tools/ltgrey.c @@ -0,0 +1,153 @@ +#include +#include /* for exit(), atoi() */ + +#include "libltgrey.h" +#include "utils.h" +#include "qq_exit_codes.h" + +using namespace std; +pid_t mypid; +string progname; + +#define exeunt exit + +// forward reference: +void scan(const string progid, const string p, const int copies=1); + +int main(int _argc, char** _argv){ + mypid = getpid(); + int argc(_argc); + char** argv(_argv); + const string dirname("/var/qmail/greylist"); + whatsit foo(argv[0], dirname); argc--; argv++; + int scanmode(0); + int copies(1); + int penalty(0); + int stain(0); + int check(0); + while (argc > 0) { + string arg = argv[0]; argc--; argv++; + if (prefix(arg, "-scan")) { + scanmode++; + } else if (prefix(arg, "-copy")) { + copies++; + } else if (prefix(arg, "-verbose")) { + foo.verbosity++; + } else if (prefix(arg, "-check")) { + check++; + } else if (prefix(arg, "-penalize") + || prefix(arg, "-penalty")) { + if (!argc){ + cerr << "Option '" << arg << "' requires an argument" << endl; + exeunt(ex_syserr); + } + penalty = atoi(*argv++); argc--; + } else if (prefix(arg, "-stain")) { + if (!argc){ + cerr << "Option '" << arg << "' requires an argument" << endl; + exeunt(ex_syserr); + } + stain = atoi(*argv++); argc--; + } else if (prefix(arg, "-suffix")) { + if (!argc){ + cerr << "Option '" << arg << "' requires an argument" << endl; + exeunt(ex_syserr); + } + foo.suffix += *argv++; argc--; + } else { + cerr << "Unrecognized arg: " << arg << endl; + exeunt(ex_syserr); + } + } + if (foo.setup()) return ex_syserr; + + if (scanmode) { + scan(foo.progid, dirname, copies); + return 0; + } + + int sts = foo.doit(penalty, stain); + if (sts == ex_syserr) return sts; + if (!check) return ex_good; + +// check mode ... perform some extra checks. +// Probably a better design would be to +// (a) make more thorough DNS checks, and +// (b) move all the DNS checking to a separate module + + int dns = foo.check_dns(); + if (dns == ex_syserr || dns == ex_spam) return dns; + exeunt(sts); +} + +////////////////////////////////////////////////////////////////////// +// requires apt-get install libboost-filesystem-dev: +#include +#include +#include /* for stat(), getaddrinfo() */ +#include /* for stat() */ +#include /* for stat() */ +#include /* for perror */ +#include + +const int minute(60); +const int hour(60*minute); +const int day(24*hour); + +const int minimum_age(15*minute); +const int maximum_age(32*day); +const int probation(4*hour); + +void scan(const string progid, const string p, const int copies){ + timeval now; + gettimeofday(&now, NULL); + using namespace boost::filesystem; + + if (is_directory(p)) { + for (directory_iterator itr(p); itr!=directory_iterator(); ++itr) { + string basename = itr->path().filename(); + for (int ii = 0; ii < copies; ii++) + cout << setw(20) << left << basename << ' '; // display filename only + if (is_regular_file(itr->status())) { +// cout << " [" << file_size(itr->path()) << ']'; + struct stat mystat; + string fn = p + "/" + basename; + int rslt = stat(fn.c_str(), &mystat); + if (rslt != 0){ + cerr << progid << ": stat failed for '" + << fn << "' : "; + perror(0); + } + int mod_age = now.tv_sec - mystat.st_mtime; + int ac_age = now.tv_sec - mystat.st_atime; + cout << setw(10) << time_out(mod_age) + << " " << setw(10) << time_out(ac_age); + if (0) { + + } else if (mod_age < 0) { + cout << " penalty"; + } else if (mod_age < ac_age) { + cout << " parole"; + } else if (mod_age - ac_age < minimum_age // early bird, or completely unused + && mod_age > probation) { // did not diligently resubmit + cout << " disprobation"; + if (mod_age != ac_age) cout << "!"; + } else if (mod_age < minimum_age) { + cout << " young"; + if (mod_age != ac_age) cout << "!"; + } else if (mod_age == ac_age) { + cout << " unused"; + } else if (mod_age > maximum_age) { + cout << " expired"; + } else { + cout << " OK"; + } + } + cout << '\n'; + } + } + else { + // starting point is not a directory: + cout << (exists(p) ? "Found: " : "Not found: ") << p << '\n'; + } +} diff --git a/tools/makefile b/tools/makefile index 76df23b..f0a3f70 100644 --- a/tools/makefile +++ b/tools/makefile @@ -15,10 +15,10 @@ qmain = pido.c hi-q.c skrewt.c hi-test.c mail-scan.c greylist.c wripper.c qprogs = $(qmain:%.c=%) # sources for other main programs: -moremain = wripper.c bash-c.c +moremain = wripper.c bash-c.c ltgrey.c moreprogs = $(moremain:%.c=%) -nonmain = +nonmain = libltgrey.c sources = $(qmain) $(moremain) $(nonmain) @@ -37,10 +37,14 @@ all: $(qprogs) $(moreprogs) show: : --- $(qprogs) +++ $(moreprogs) -greylist: greylist.o +skrewt: skrewt.o $(CC) $< -lboost_filesystem-mt -lboost_system -o $@ -# $(CC) $< -lboost_filesystem -o $@ +greylist: greylist.o utils.o + $(CC) $^ -lboost_filesystem-mt -lboost_system -o $@ + +ltgrey: ltgrey.o utils.o libltgrey.o + $(CC) $^ -lboost_filesystem-mt -lboost_system -o $@ wripper: wripper.o $(CC) $< -o $@ diff --git a/tools/qq_exit_codes.h b/tools/qq_exit_codes.h new file mode 100644 index 0000000..2af6848 --- /dev/null +++ b/tools/qq_exit_codes.h @@ -0,0 +1,15 @@ +// error exit codes, mostly as stated in qmail.c +#define qq_exit_codes \ +foo(good, 0) ;\ +foo(spam, 21) ;\ +foo(penaltybox, 22) ;\ +foo(badDNS, 23) ;\ +foo(usage, 39) ;\ +foo(greylisting, 70) ;\ +foo(syserr, 71) ;\ +foo(comerr, 74) ; + +// expand the codes to make some names: +#define foo(name, num) const int ex_ ## name = num +qq_exit_codes +#undef foo diff --git a/tools/skrewt.c b/tools/skrewt.c index a43fd13..3fee644 100644 --- a/tools/skrewt.c +++ b/tools/skrewt.c @@ -37,19 +37,7 @@ void usage(const int sts){ exit(sts); } -// error exit codes, mostly as stated in qmail.c -#define ErrorCodes \ -foo(good, 0) ;\ -foo(spam, 21) ;\ -foo(permerr, 31) ;\ -foo(usage, 39) ;\ -foo(greylisting, 70) ;\ -foo(syserr, 71) ;\ -foo(comerr, 74) ; - -#define foo(name, num) const int ex_ ## name = num -ErrorCodes -#undef foo +#include "qq_exit_codes.h" ///////////////////////////////////////////////////////// @@ -316,8 +304,8 @@ int main(int _argc, const char** _argv){ headrec += "\n" + noCR(line); } // here with a fully assembled header record +// headrec (unlike line) contains no DOS CR characters int len = headrec.length(); - if (len && headrec[len-1] == '\r') len--; // reduced length, not counting if (len == 0) { saw_blank_line = 1; break; // no more headers in this message @@ -351,6 +339,7 @@ int main(int _argc, const char** _argv){ if (0) if (recno <= 6) cerr << progid << "#" << recno << " " << headrec << endl; } + if (saw_blank_line) {/* ignore */} cerr << progid <<" Mid '" << message_id << "'" << endl; // Headers are done. diff --git a/tools/utils.c b/tools/utils.c new file mode 100644 index 0000000..3ec6e4c --- /dev/null +++ b/tools/utils.c @@ -0,0 +1,44 @@ +#include +#include +#include +//#include /* for abs() */ +#include + +// strip off the directory part of a path, leaving just +// the basic filename +std::string basename(const std::string path){ + size_t where = path.rfind("/"); + if (where != std::string::npos) return path.substr(1+where); + return path; +} + +//////////////// +// little utility to help with argument parsing: +// +int prefix(const std::string shorter, const std::string longer){ + return shorter == longer.substr(0, shorter.length()); +} + +/////////////// +// print a time as (-)hh:mm:ss +// +std::string time_out(const int _ttt){ +using namespace std; + int ttt(abs(_ttt)); + int sec(ttt % 60); + int min((ttt / 60) % 60); + int hr(ttt / 3600); + stringstream foo; + int didsome(0); + if (_ttt < 0) foo << "-"; + if (hr) { + foo << hr << ":"; + didsome++; + } + if (didsome || min){ + foo << setw(didsome?2:1) << setfill('0') << min << ":"; + didsome++; + } + foo << setw(didsome?2:1) << setfill('0') << sec; + return foo.str(); +} diff --git a/tools/utils.h b/tools/utils.h new file mode 100644 index 0000000..450db85 --- /dev/null +++ b/tools/utils.h @@ -0,0 +1,3 @@ +std::string basename(const std::string path); +int prefix(const std::string shorter, const std::string longer); +std::string time_out(const int _ttt); -- cgit v1.2.3