1 /******************************************************************************/
2 /* pfixtools: a collection of postfix related tools */
4 /* ________________________________________________________________________ */
6 /* Redistribution and use in source and binary forms, with or without */
7 /* modification, are permitted provided that the following conditions */
10 /* 1. Redistributions of source code must retain the above copyright */
11 /* notice, this list of conditions and the following disclaimer. */
12 /* 2. Redistributions in binary form must reproduce the above copyright */
13 /* notice, this list of conditions and the following disclaimer in the */
14 /* documentation and/or other materials provided with the distribution. */
15 /* 3. The names of its contributors may not be used to endorse or promote */
16 /* products derived from this software without specific prior written */
19 /* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND */
20 /* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE */
21 /* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR */
22 /* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS */
23 /* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR */
24 /* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF */
25 /* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS */
26 /* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN */
27 /* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) */
28 /* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF */
29 /* THE POSSIBILITY OF SUCH DAMAGE. */
30 /******************************************************************************/
33 * Copyright © 2005-2007 Pierre Habouzit
44 #define DAEMON_NAME "pfix-srsd"
45 #define DEFAULT_ENCODER_PORT 10000
46 #define DEFAULT_DECODER_PORT 10001
47 #define RUNAS_USER "nobody"
48 #define RUNAS_GROUP "nogroup"
51 #define STR(x) __tostr(x)
53 /* srs encoder/decoder/listener worker {{{ */
55 typedef struct srsd_t {
56 unsigned listener : 1;
64 static srsd_t *srsd_new(void)
66 srsd_t *srsd = p_new(srsd_t, 1);
71 static void srsd_delete(srsd_t **srsd)
76 buffer_wipe(&(*srsd)->ibuf);
77 buffer_wipe(&(*srsd)->obuf);
82 void urldecode(char *s, char *end)
87 if (*p == '%' && end - p >= 3) {
88 int h = (hexval(p[1]) << 4) | hexval(p[2]);
102 int process_srs(srs_t *srs, const char *domain, srsd_t *srsd)
104 while (srsd->ibuf.len > 4) {
105 char buf[BUFSIZ], *p, *q, *nl;
108 nl = strchr(srsd->ibuf.data + 4, '\n');
110 if (srsd->ibuf.len > BUFSIZ) {
111 syslog(LOG_ERR, "unreasonnable amount of data without a \\n");
117 if (strncmp("get ", srsd->ibuf.data, 4)) {
118 syslog(LOG_ERR, "bad request, not starting with \"get \"");
122 for (p = srsd->ibuf.data + 4; p < nl && isspace(*p); p++);
123 for (q = nl++; q >= p && isspace(*q); *q-- = '\0');
126 buffer_addstr(&srsd->obuf, "400 empty request ???\n");
127 syslog(LOG_WARNING, "empty request");
134 err = srs_reverse(srs, buf, ssizeof(buf), p);
136 err = srs_forward(srs, buf, ssizeof(buf), p, domain);
140 buffer_addstr(&srsd->obuf, "200 ");
141 buffer_addstr(&srsd->obuf, buf);
143 switch (SRS_ERROR_TYPE(err)) {
144 case SRS_ERRTYPE_SRS:
145 case SRS_ERRTYPE_SYNTAX:
146 buffer_addstr(&srsd->obuf, "500 ");
149 buffer_addstr(&srsd->obuf, "400 ");
152 buffer_addstr(&srsd->obuf, srs_strerror(err));
154 buffer_addch(&srsd->obuf, '\n');
157 buffer_consume(&srsd->ibuf, nl - srsd->ibuf.data);
163 int start_listener(int port, bool decoder)
165 struct sockaddr_in addr = {
166 .sin_family = AF_INET,
167 .sin_addr = { htonl(INADDR_LOOPBACK) },
169 struct epoll_event evt = { .events = EPOLLIN };
173 addr.sin_port = htons(port);
174 sock = tcp_listen_nonblock((const struct sockaddr *)&addr, sizeof(addr));
179 evt.data.ptr = tmp = srsd_new();
181 tmp->decoder = decoder;
182 tmp->listener = true;
183 if (epoll_ctl(epollfd, EPOLL_CTL_ADD, sock, &evt) < 0) {
184 UNIXERR("epoll_ctl");
191 /* administrivia {{{ */
193 static int main_initialize(void)
195 openlog(DAEMON_NAME, LOG_PID, LOG_MAIL);
196 signal(SIGPIPE, SIG_IGN);
197 signal(SIGINT, &common_sighandler);
198 signal(SIGTERM, &common_sighandler);
199 signal(SIGHUP, &common_sighandler);
200 signal(SIGSEGV, &common_sighandler);
201 syslog(LOG_INFO, "Starting...");
205 static void main_shutdown(void)
210 module_init(main_initialize);
211 module_exit(main_shutdown);
215 fputs("usage: "DAEMON_NAME" [options] domain secrets\n"
218 " -e <port> port to listen to for encoding requests\n"
219 " (default: "STR(DEFAULT_ENCODER_PORT)")\n"
220 " -d <port> port to listen to for decoding requests\n"
221 " (default: "STR(DEFAULT_DECODER_PORT)")\n"
222 " -p <pidfile> file to write our pid to\n"
223 " -u unsafe mode: don't drop privilegies\n"
229 int main_loop(srs_t *srs, const char *domain, int port_enc, int port_dec)
231 int exitcode = EXIT_SUCCESS;
233 if (start_listener(port_enc, false) < 0)
235 if (start_listener(port_dec, true) < 0)
239 struct epoll_event evts[1024];
242 n = epoll_wait(epollfd, evts, countof(evts), -1);
244 if (errno != EAGAIN && errno != EINTR) {
245 UNIXERR("epoll_wait");
246 exitcode = EXIT_FAILURE;
253 srsd_t *srsd = evts[n].data.ptr;
255 if (srsd->listener) {
256 struct epoll_event evt = { .events = EPOLLIN };
260 sock = accept_nonblock(srsd->fd);
266 evt.data.ptr = tmp = srsd_new();
267 tmp->decoder = srsd->decoder;
269 if (epoll_ctl(epollfd, EPOLL_CTL_ADD, sock, &evt) < 0) {
270 UNIXERR("epoll_ctl");
277 if (evts[n].events & EPOLLIN) {
278 int res = buffer_read(&srsd->ibuf, srsd->fd, -1);
280 if ((res < 0 && errno != EINTR && errno != EAGAIN)
287 if (process_srs(srs, domain, srsd) < 0) {
293 if ((evts[n].events & EPOLLOUT) && srsd->obuf.len) {
294 int res = write(srsd->fd, srsd->obuf.data, srsd->obuf.len);
296 if (res < 0 && errno != EINTR && errno != EAGAIN) {
302 buffer_consume(&srsd->obuf, res);
306 if (srsd->watchwr == !srsd->obuf.len) {
307 struct epoll_event evt = {
308 .events = EPOLLIN | (srsd->obuf.len ? EPOLLOUT : 0),
311 if (epoll_ctl(epollfd, EPOLL_CTL_MOD, srsd->fd, &evt) < 0) {
312 UNIXERR("epoll_ctl");
316 srsd->watchwr = srsd->obuf.len != 0;
324 static srs_t *srs_read_secrets(const char *sfile)
331 f = fopen(sfile, "r");
339 while (fgets(buf, sizeof(buf), f)) {
343 if (n == sizeof(buf) - 1 && buf[n - 1] != '\n') {
344 syslog(LOG_CRIT, "%s:%d: line too long", sfile, lineno);
348 srs_add_secret(srs, skipspaces(buf));
352 syslog(LOG_CRIT, "%s: empty file, no secrets", sfile);
365 int main(int argc, char *argv[])
368 int port_enc = DEFAULT_ENCODER_PORT;
369 int port_dec = DEFAULT_DECODER_PORT;
370 const char *pidfile = NULL;
378 for (int c = 0; (c = getopt(argc, argv, "hu" "e:d:p:")) >= 0; ) {
381 port_enc = atoi(optarg);
384 port_dec = atoi(optarg);
398 if (argc - optind != 2) {
403 srs = srs_read_secrets(argv[optind + 1]);
409 f = fopen(pidfile, "w");
411 syslog(LOG_CRIT, "unable to write pidfile %s", pidfile);
413 fprintf(f, "%d\n", getpid());
417 if (!unsafe && drop_privileges(RUNAS_USER, RUNAS_GROUP) < 0) {
418 syslog(LOG_CRIT, "unable to drop privileges");
422 if (daemon_detach() < 0) {
423 syslog(LOG_CRIT, "unable to fork");
429 ftruncate(fileno(f), 0);
430 fprintf(f, "%d\n", getpid());
433 res = main_loop(srs, argv[optind], port_enc, port_dec);
436 ftruncate(fileno(f), 0);
440 syslog(LOG_INFO, "Stopping...");