1 /******************************************************************************/
2 /* pfixtools: a collection of postfix related tools */
4 /* ________________________________________________________________________ */
6 /* Redistribution and use in source and binary forms, with or without */
7 /* modification, are permitted provided that the following conditions */
10 /* 1. Redistributions of source code must retain the above copyright */
11 /* notice, this list of conditions and the following disclaimer. */
12 /* 2. Redistributions in binary form must reproduce the above copyright */
13 /* notice, this list of conditions and the following disclaimer in the */
14 /* documentation and/or other materials provided with the distribution. */
15 /* 3. The names of its contributors may not be used to endorse or promote */
16 /* products derived from this software without specific prior written */
19 /* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND */
20 /* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE */
21 /* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR */
22 /* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS */
23 /* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR */
24 /* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF */
25 /* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS */
26 /* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN */
27 /* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) */
28 /* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF */
29 /* THE POSSIBILITY OF SUCH DAMAGE. */
30 /******************************************************************************/
33 * Copyright © 2005-2007 Pierre Habouzit
37 #include <netinet/in.h>
38 #include <sys/epoll.h>
48 #define DAEMON_NAME "pfix-srsd"
49 #define DEFAULT_ENCODER_PORT 10000
50 #define DEFAULT_DECODER_PORT 10001
51 #define RUNAS_USER "nobody"
52 #define RUNAS_GROUP "nogroup"
55 #define STR(x) __tostr(x)
57 /* srs encoder/decoder/listener worker {{{ */
59 typedef struct srsd_t {
60 unsigned listener : 1;
68 static srsd_t *srsd_new(void)
70 srsd_t *srsd = p_new(srsd_t, 1);
75 static void srsd_delete(srsd_t **srsd)
80 buffer_wipe(&(*srsd)->ibuf);
81 buffer_wipe(&(*srsd)->obuf);
86 void urldecode(char *s, char *end)
91 if (*p == '%' && end - p >= 3) {
92 int h = (hexval(p[1]) << 4) | hexval(p[2]);
106 int process_srs(srs_t *srs, const char *domain, srsd_t *srsd)
108 while (srsd->ibuf.len > 4) {
109 char buf[BUFSIZ], *p, *q, *nl;
112 nl = strchr(srsd->ibuf.data + 4, '\n');
114 if (srsd->ibuf.len > BUFSIZ) {
115 syslog(LOG_ERR, "unreasonnable amount of data without a \\n");
121 if (strncmp("get ", srsd->ibuf.data, 4)) {
122 syslog(LOG_ERR, "bad request, not starting with \"get \"");
126 for (p = srsd->ibuf.data + 4; p < nl && isspace(*p); p++);
127 for (q = nl++; q >= p && isspace(*q); *q-- = '\0');
130 buffer_addstr(&srsd->obuf, "400 empty request ???\n");
131 syslog(LOG_WARNING, "empty request");
138 err = srs_reverse(srs, buf, ssizeof(buf), p);
140 err = srs_forward(srs, buf, ssizeof(buf), p, domain);
144 buffer_addstr(&srsd->obuf, "200 ");
145 buffer_addstr(&srsd->obuf, buf);
147 switch (SRS_ERROR_TYPE(err)) {
148 case SRS_ERRTYPE_SRS:
149 case SRS_ERRTYPE_SYNTAX:
150 buffer_addstr(&srsd->obuf, "500 ");
153 buffer_addstr(&srsd->obuf, "400 ");
156 buffer_addstr(&srsd->obuf, srs_strerror(err));
158 buffer_addch(&srsd->obuf, '\n');
161 buffer_consume(&srsd->ibuf, nl - srsd->ibuf.data);
167 int start_listener(int epollfd, int port, bool decoder)
169 struct sockaddr_in addr = {
170 .sin_family = AF_INET,
171 .sin_addr = { htonl(INADDR_LOOPBACK) },
173 struct epoll_event evt = { .events = EPOLLIN };
177 addr.sin_port = htons(port);
178 sock = tcp_listen_nonblock((const struct sockaddr *)&addr, sizeof(addr));
183 evt.data.ptr = tmp = srsd_new();
185 tmp->decoder = decoder;
186 tmp->listener = true;
187 if (epoll_ctl(epollfd, EPOLL_CTL_ADD, sock, &evt) < 0) {
188 UNIXERR("epoll_ctl");
195 /* administrivia {{{ */
197 static int main_initialize(void)
199 openlog(DAEMON_NAME, LOG_PID, LOG_MAIL);
200 signal(SIGPIPE, SIG_IGN);
201 signal(SIGINT, &common_sighandler);
202 signal(SIGTERM, &common_sighandler);
203 signal(SIGHUP, &common_sighandler);
204 signal(SIGSEGV, &common_sighandler);
205 syslog(LOG_INFO, "Starting...");
209 static void main_shutdown(void)
214 module_init(main_initialize);
215 module_exit(main_shutdown);
219 fputs("usage: "DAEMON_NAME" [options] domain secrets\n"
222 " -e <port> port to listen to for encoding requests\n"
223 " (default: "STR(DEFAULT_ENCODER_PORT)")\n"
224 " -d <port> port to listen to for decoding requests\n"
225 " (default: "STR(DEFAULT_DECODER_PORT)")\n"
226 " -p <pidfile> file to write our pid to\n"
227 " -u unsafe mode: don't drop privilegies\n"
233 int main_loop(srs_t *srs, const char *domain, int port_enc, int port_dec)
235 int exitcode = EXIT_SUCCESS;
236 int epollfd = epoll_create(128);
239 UNIXERR("epoll_create");
240 exitcode = EXIT_FAILURE;
244 if (start_listener(epollfd, port_enc, false) < 0)
246 if (start_listener(epollfd, port_dec, true) < 0)
250 struct epoll_event evts[1024];
253 n = epoll_wait(epollfd, evts, countof(evts), -1);
255 if (errno != EAGAIN && errno != EINTR) {
256 UNIXERR("epoll_wait");
257 exitcode = EXIT_FAILURE;
264 srsd_t *srsd = evts[n].data.ptr;
266 if (srsd->listener) {
267 struct epoll_event evt = { .events = EPOLLIN };
271 sock = accept_nonblock(srsd->fd);
277 evt.data.ptr = tmp = srsd_new();
278 tmp->decoder = srsd->decoder;
280 if (epoll_ctl(epollfd, EPOLL_CTL_ADD, sock, &evt) < 0) {
281 UNIXERR("epoll_ctl");
288 if (evts[n].events & EPOLLIN) {
289 int res = buffer_read(&srsd->ibuf, srsd->fd, -1);
291 if ((res < 0 && errno != EINTR && errno != EAGAIN)
298 if (process_srs(srs, domain, srsd) < 0) {
304 if ((evts[n].events & EPOLLOUT) && srsd->obuf.len) {
305 int res = write(srsd->fd, srsd->obuf.data, srsd->obuf.len);
307 if (res < 0 && errno != EINTR && errno != EAGAIN) {
313 buffer_consume(&srsd->obuf, res);
317 if (srsd->watchwr == !srsd->obuf.len) {
318 struct epoll_event evt = {
319 .events = EPOLLIN | (srsd->obuf.len ? EPOLLOUT : 0),
322 if (epoll_ctl(epollfd, EPOLL_CTL_MOD, srsd->fd, &evt) < 0) {
323 UNIXERR("epoll_ctl");
327 srsd->watchwr = srsd->obuf.len != 0;
338 static srs_t *srs_read_secrets(const char *sfile)
345 f = fopen(sfile, "r");
353 while (fgets(buf, sizeof(buf), f)) {
357 if (n == sizeof(buf) - 1 && buf[n - 1] != '\n') {
358 syslog(LOG_CRIT, "%s:%d: line too long", sfile, lineno);
362 srs_add_secret(srs, skipspaces(buf));
366 syslog(LOG_CRIT, "%s: empty file, no secrets", sfile);
379 int main(int argc, char *argv[])
382 int port_enc = DEFAULT_ENCODER_PORT;
383 int port_dec = DEFAULT_DECODER_PORT;
384 const char *pidfile = NULL;
390 if (atexit(common_shutdown)) {
391 fputs("Cannot hook my atexit function, quitting !\n", stderr);
396 for (int c = 0; (c = getopt(argc, argv, "he:d:p:u")) >= 0; ) {
399 port_enc = atoi(optarg);
402 port_dec = atoi(optarg);
416 if (argc - optind != 2) {
421 srs = srs_read_secrets(argv[optind + 1]);
427 f = fopen(pidfile, "w");
429 syslog(LOG_CRIT, "unable to write pidfile %s", pidfile);
431 fprintf(f, "%d\n", getpid());
435 if (!unsafe && drop_privileges(RUNAS_USER, RUNAS_GROUP) < 0) {
436 syslog(LOG_CRIT, "unable to drop privileges");
440 if (daemon_detach() < 0) {
441 syslog(LOG_CRIT, "unable to fork");
447 ftruncate(fileno(f), 0);
448 fprintf(f, "%d\n", getpid());
451 res = main_loop(srs, argv[optind], port_enc, port_dec);
454 ftruncate(fileno(f), 0);
458 syslog(LOG_INFO, "Stopping...");