2 * (c) Copyright 1992 by Panagiotis Tsirigotis
3 * (c) Sections Copyright 1998-2001 by Rob Braun
4 * All rights reserved. The file named COPYRIGHT specifies the terms
5 * and conditions for redistribution.
12 #include <netinet/in.h>
21 #ifdef HAVE_RPC_RPCENT_H
22 #include <rpc/rpcent.h>
31 #include "confparse.h"
43 extern int inetd_compat;
46 * Pset iterator used by functions in this file.
47 * It lives only when get_configuration is called (i.e. it is created and
48 * destroyed each time). This is because the pset it is iterating on
53 static status_e fix_server_argv( struct service_config *scp )
56 const char *func = "fix_server_argv" ;
58 if( SC_SERVER(scp) == NULL )
61 "Must specify a server in %s", SC_NAME(scp));
65 if( SC_NAMEINARGS( scp ) ) {
66 if( !SC_SPECIFIED(scp, A_SERVER_ARGS ) ){
68 "Must specify server args if using NAMEINARGS flag");
76 * Check if the user specified any server arguments.
77 * If not, then the server_argv has not been allocated yet,
78 * so malloc it (size 2)
79 * Put in argv[ 0 ] the last component of the server pathname
81 if ( ! SC_SPECIFIED( scp, A_SERVER_ARGS ) )
83 SC_SERVER_ARGV(scp) = (char **) malloc( 2 * sizeof( char * ) ) ;
84 if ( SC_SERVER_ARGV(scp) == NULL )
86 out_of_memory( func ) ;
89 SC_SERVER_ARGV(scp)[ 0 ] = NULL ;
90 SC_SERVER_ARGV(scp)[ 1 ] = NULL ;
91 SC_PRESENT( scp, A_SERVER_ARGS ) ;
95 * Determine server name
97 server_name = strrchr( SC_SERVER(scp), '/' ) ;
98 if ( server_name == NULL )
99 server_name = SC_SERVER(scp) ;
101 server_name++ ; /* skip the '/' */
104 * Place it in argv[ 0 ]
106 SC_SERVER_ARGV(scp)[ 0 ] = new_string( server_name ) ;
107 if ( SC_SERVER_ARGV(scp)[ 0 ] == NULL )
109 out_of_memory( func ) ;
117 #define USE_DEFAULT( scp, def, attr_id ) \
118 ( ! SC_SPECIFIED( scp, attr_id ) && SC_SPECIFIED( def, attr_id ) )
121 * Fill the service configuration with attributes that were not
122 * explicitly specified. These can be:
123 * 1) implied attributes (like the server name in argv[0])
124 * 2) attributes from 'defaults' so that we won't need to check
125 * 'defaults' anymore.
126 * 3) default values (like the service instance limit)
128 static status_e service_fill( struct service_config *scp,
129 struct service_config *def )
131 const char *func = "service_fill" ;
133 /* Note: if the service was specified, it won't be honored. */
134 if( (SC_REDIR_ADDR(scp) != NULL) ) {
135 if ( SC_SPECIFIED( scp, A_SERVER ) && SC_SERVER(scp))
136 free(SC_SERVER(scp));
137 SC_SERVER(scp) = new_string( "/bin/true" );
138 SC_SPECIFY(scp, A_SERVER);
141 if ( ! SC_IS_INTERNAL( scp ) && fix_server_argv( scp ) == FAILED )
145 * FIXME: Should all these set SPECIFY or PRESENT ?
146 * PRESENT means that either a default or specified value.
147 * SPECIFIED means that the user specified a value.
148 * PRESENT makes more sense for default values. -SG
150 if ( ! SC_SPECIFIED( scp, A_INSTANCES ) )
152 SC_INSTANCES(scp) = SC_SPECIFIED( def, A_INSTANCES ) ? SC_INSTANCES(def)
153 : DEFAULT_INSTANCE_LIMIT ;
154 SC_PRESENT( scp, A_INSTANCES ) ;
157 if ( (! SC_SPECIFIED( scp, A_UMASK )) && SC_SPECIFIED( def, A_UMASK ) )
159 SC_UMASK(scp) = SC_UMASK(def);
160 SC_SPECIFY( scp, A_UMASK );
163 if ( ! SC_SPECIFIED( scp, A_PER_SOURCE ) )
165 SC_PER_SOURCE(scp) = SC_SPECIFIED( def, A_PER_SOURCE ) ?
166 SC_PER_SOURCE(def) : DEFAULT_INSTANCE_LIMIT ;
167 SC_SPECIFY( scp, A_PER_SOURCE ) ;
171 if ( ! SC_SPECIFIED( scp, A_MDNS ) )
173 SC_MDNS(scp) = SC_SPECIFIED( def, A_MDNS ) ? SC_MDNS(def) : YES;
174 SC_SPECIFY( scp, A_MDNS );
178 if ( ! SC_SPECIFIED( scp, A_GROUPS ) )
180 SC_GROUPS(scp) = SC_SPECIFIED( def, A_GROUPS ) ? SC_GROUPS(def) : NO;
181 SC_SPECIFY( scp, A_GROUPS );
184 if ( ! SC_SPECIFIED( scp, A_CPS ) )
186 SC_TIME_CONN_MAX(scp) = SC_SPECIFIED( def, A_CPS ) ?
187 SC_TIME_CONN_MAX(def) : DEFAULT_LOOP_RATE;
188 SC_TIME_WAIT(scp) = SC_SPECIFIED( def, A_CPS ) ?
189 SC_TIME_WAIT(def) : DEFAULT_LOOP_TIME;
190 SC_TIME_REENABLE(scp) = 0;
194 if ( ! SC_SPECIFIED( scp, A_MAX_LOAD ) ) {
195 SC_MAX_LOAD(scp) = SC_SPECIFIED( def, A_MAX_LOAD ) ? SC_MAX_LOAD(def) : 0;
196 SC_SPECIFY( scp, A_MAX_LOAD ) ;
201 * we need to check a few things. A_BIND can be specified & sc_bind_addr
202 * is NULL. This means the address couldn't be determined in bind_parser
203 * and it was stored into sc_orig_bind_addr. We unset the attribute
204 * so that its processed correctly.
206 if (SC_SPECIFIED( scp, A_BIND ) && SC_BIND_ADDR(scp) == NULL)
207 M_CLEAR( scp->sc_specified_attributes, A_BIND ) ;
209 if ( (! SC_SPECIFIED( scp, A_BIND )) && (SC_ORIG_BIND_ADDR(scp) == 0) ) {
210 if ( SC_SPECIFIED( def, A_BIND ) ) {
211 SC_BIND_ADDR(scp) = (union xsockaddr *)malloc(sizeof(union xsockaddr));
212 if( SC_BIND_ADDR(scp) == NULL ) {
213 msg(LOG_ERR, func, "can't allocate space for bind addr");
216 memcpy(SC_BIND_ADDR(scp), SC_BIND_ADDR(def), sizeof(union xsockaddr));
217 SC_SPECIFY( scp, A_BIND ) ;
219 else if ( SC_ORIG_BIND_ADDR(def) )
220 SC_ORIG_BIND_ADDR(scp) = new_string( SC_ORIG_BIND_ADDR(def) );
223 if ( ! SC_SPECIFIED( scp, A_V6ONLY ) ) {
224 SC_V6ONLY(scp) = SC_SPECIFIED( def, A_V6ONLY ) ? SC_V6ONLY(def) : NO;
227 if ( ! SC_SPECIFIED( scp, A_DENY_TIME ) )
229 SC_DENY_TIME(scp) = SC_SPECIFIED( def, A_DENY_TIME ) ?
230 SC_DENY_TIME(def) : 0 ;
231 SC_SPECIFY( scp, A_DENY_TIME ) ;
234 if ( (!SC_IPV4( scp )) && (!SC_IPV6( scp )) )
237 * If bind is specified, check the address and see what family is
238 * available. If not, then use default.
240 if ( SC_SPECIFIED( scp, A_BIND ) && !SC_ORIG_BIND_ADDR(scp) )
242 if ( SAIN(SC_BIND_ADDR(scp))->sin_family == AF_INET )
243 M_SET(SC_XFLAGS(scp), SF_IPV4);
245 M_SET(SC_XFLAGS(scp), SF_IPV6);
248 M_SET(SC_XFLAGS(scp), SF_IPV4);
251 if (SC_ORIG_BIND_ADDR(scp))
254 * If we are here, we have a dual stack machine with multiple
255 * entries for a domain name. We can finally use the flags for
256 * a hint to see which one to use.
258 struct addrinfo hints, *res;
260 memset(&hints, 0, sizeof(hints));
261 hints.ai_flags = AI_CANONNAME;
263 hints.ai_family = AF_INET6;
265 hints.ai_family = AF_INET;
267 if( getaddrinfo(SC_ORIG_BIND_ADDR(scp), NULL, &hints, &res) < 0 )
269 msg(LOG_ERR, func, "bad address given for: %s", SC_NAME(scp));
273 if( (res == NULL) || (res->ai_addr == NULL) )
275 msg(LOG_ERR, func, "no addresses returned for: %s", SC_NAME(scp));
279 if( (res->ai_family == AF_INET) || (res->ai_family == AF_INET6) )
281 SC_BIND_ADDR(scp) = (union xsockaddr *)
282 malloc(sizeof(union xsockaddr));
283 if( SC_BIND_ADDR(scp) == NULL )
285 msg(LOG_ERR, func, "can't allocate space for bind addr of: %s",
289 memset(SC_BIND_ADDR(scp), 0, sizeof(union xsockaddr));
290 memcpy(SC_BIND_ADDR(scp), res->ai_addr, res->ai_addrlen);
291 free(SC_ORIG_BIND_ADDR(scp));
292 SC_ORIG_BIND_ADDR(scp) = 0;
293 SC_SPECIFY( scp, A_BIND );
298 /* This should be removed if sock_stream is ever something other than TCP,
299 * or sock_dgram is ever something other than UDP.
301 if ( (! SC_SPECIFIED( scp, A_PROTOCOL )) &&
302 ( SC_SPECIFIED( scp, A_SOCKET_TYPE ) ) )
304 struct protoent *pep ;
306 if( SC_SOCKET_TYPE(scp) == SOCK_STREAM ) {
307 if( (pep = getprotobyname( "tcp" )) != NULL ) {
308 SC_PROTONAME(scp) = new_string ( "tcp" );
309 if( SC_PROTONAME(scp) == NULL )
311 SC_PROTOVAL(scp) = pep->p_proto ;
312 SC_SPECIFY(scp, A_PROTOCOL);
316 if( SC_SOCKET_TYPE(scp) == SOCK_DGRAM ) {
317 if( (pep = getprotobyname( "udp" )) != NULL ) {
318 SC_PROTONAME(scp) = new_string ( "udp" );
319 if( SC_PROTONAME(scp) == NULL )
321 SC_PROTOVAL(scp) = pep->p_proto ;
322 SC_SPECIFY(scp, A_PROTOCOL);
326 if ( ( SC_SPECIFIED( scp, A_PROTOCOL )) &&
327 (! SC_SPECIFIED( scp, A_SOCKET_TYPE ) ) )
329 if( (SC_PROTONAME(scp) != NULL) && EQ("tcp", SC_PROTONAME(scp)) )
331 SC_SOCKET_TYPE(scp) = SOCK_STREAM;
332 SC_SPECIFY(scp, A_SOCKET_TYPE);
335 if( (SC_PROTONAME(scp) != NULL) && EQ("udp", SC_PROTONAME(scp)) )
337 SC_SOCKET_TYPE(scp) = SOCK_DGRAM;
338 SC_SPECIFY(scp, A_SOCKET_TYPE);
343 * Next assign a port based on service name if not specified. Based
344 * on the code immediately before this, if either a socket_type or a
345 * protocol is specied, the other gets set appropriately. We will only
346 * use protocol for this code.
348 if (! SC_SPECIFIED( scp, A_PORT ) && ! SC_IS_MUXCLIENT( scp ) &&
349 ! SC_IS_RPC( scp )) {
350 if ( SC_IS_UNLISTED( scp ) ) {
351 msg(LOG_ERR, func, "Unlisted service: %s must have a port entry",
355 if ( SC_SPECIFIED( scp, A_PROTOCOL ) ) {
357 * Look up the service based on the protocol and service name.
358 * If not found, don't worry. Message will be emitted in
361 struct servent *sep = getservbyname( SC_NAME(scp),
362 SC_PROTONAME(scp) ) ;
364 /* s_port is in network-byte-order */
365 SC_PORT(scp) = ntohs(sep->s_port);
366 SC_SPECIFY(scp, A_PORT);
370 "Port not specified and can't find service: %s with getservbyname",
377 "Port not specified for service: %s and no protocol given",
383 if ( USE_DEFAULT( scp, def, A_LOG_ON_SUCCESS ) )
385 SC_LOG_ON_SUCCESS(scp) = SC_LOG_ON_SUCCESS(def) ;
386 SC_SPECIFY( scp, A_LOG_ON_SUCCESS ) ;
389 if ( USE_DEFAULT( scp, def, A_LOG_ON_FAILURE ) )
391 SC_LOG_ON_FAILURE(scp) = SC_LOG_ON_FAILURE(def) ;
392 SC_SPECIFY( scp, A_LOG_ON_FAILURE ) ;
395 if ( USE_DEFAULT( scp, def, A_LOG_TYPE ) )
397 struct log *dlp = SC_LOG( def ) ;
398 struct log *slp = SC_LOG( scp ) ;
400 switch ( LOG_GET_TYPE( dlp ) )
403 LOG_SET_TYPE( slp, L_NONE ) ;
411 LOG_SET_TYPE( slp, L_COMMON_FILE ) ;
416 "bad log type: %d", (int) LOG_GET_TYPE( dlp ) ) ;
419 SC_SPECIFY( scp, A_LOG_TYPE ) ;
421 if ( setup_environ( scp, def ) == FAILED )
427 static void remove_disabled_services( struct configuration *confp )
429 pset_h disabled_services ;
430 pset_h enabled_services ;
431 struct service_config *scp ;
432 struct service_config *defaults = confp->cnf_defaults ;
434 if( SC_SPECIFIED( defaults, A_ENABLED ) ) {
435 enabled_services = SC_ENABLED(defaults) ;
438 /* Mark all the services disabled */
439 for ( scp = SCP( psi_start( iter ) ) ; scp ; scp = SCP( psi_next(iter) ) )
442 /* Enable the selected services */
443 for ( scp = SCP( psi_start( iter ) ) ; scp ; scp = SCP( psi_next(iter) ) )
445 register char *sid = SC_ID( scp ) ;
446 register unsigned u ;
448 for ( u = 0 ; u < pset_count( enabled_services ) ; u++ ) {
449 if ( EQ( sid, (char *) pset_pointer( enabled_services, u ) ) ) {
457 /* Remove any services that are left marked disabled */
458 for ( scp = SCP( psi_start( iter ) ) ; scp ; scp = SCP( psi_next(iter)) ){
459 if( SC_IS_DISABLED( scp ) ) {
460 msg(LOG_DEBUG, "remove_disabled_services", "removing %s", SC_NAME(scp));
467 if ( ! SC_SPECIFIED( defaults, A_DISABLED ) )
470 disabled_services = SC_DISABLED(defaults) ;
472 for ( scp = SCP( psi_start( iter ) ) ; scp ; scp = SCP( psi_next( iter ) ) )
474 register char *sid = SC_ID( scp ) ;
475 register unsigned u ;
477 for ( u = 0 ; u < pset_count( disabled_services ) ; u++ )
478 if ( EQ( sid, (char *) pset_pointer( disabled_services, u ) ) )
489 * Check if all required attributes have been specified
491 static status_e service_attr_check( struct service_config *scp )
493 mask_t necessary_and_specified ;
494 mask_t necessary_and_missing ;
495 mask_t must_specify = NECESSARY_ATTRS ; /* socket_type & wait */
496 unsigned int attr_id ;
497 const char *attr_name ;
498 const char *func = "service_attr_check" ;
501 * Determine what attributes must be specified
503 if ( ! SC_IS_INTERNAL( scp ) )
504 { /* user & server */
505 M_OR( must_specify, must_specify, NECESSARY_ATTRS_EXTERNAL ) ;
506 if ( SC_IS_UNLISTED( scp ) )
508 if ( ! SC_IS_MUXCLIENT( scp ) ) /* protocol, & port */
510 M_OR( must_specify, must_specify, NECESSARY_ATTRS_UNLISTED ) ;
512 else /* Don't need port for TCPMUX CLIENT */
514 M_OR( must_specify, must_specify, NECESSARY_ATTRS_UNLISTED_MUX ) ;
519 if ( SC_IS_RPC( scp ) )
521 M_CLEAR( must_specify, A_PORT ); /* port is already known for RPC */
522 /* protocol & rpc_version */
523 M_OR( must_specify, must_specify, NECESSARY_ATTRS_RPC ) ;
524 if ( SC_IS_UNLISTED( scp ) ) /* rpc_number */
525 M_OR( must_specify, must_specify, NECESSARY_ATTRS_RPC_UNLISTED ) ;
529 if ( SC_SPECIFIED( scp, A_REDIR ) )
530 M_CLEAR( must_specify, A_SERVER ); /* server isn't used */
533 if( SC_IPV4( scp ) && SC_IPV6( scp ) ) {
535 "Service %s specified as both IPv4 and IPv6 - DISABLING",
541 * Check if all necessary attributes have been specified
543 * NOTE: None of the necessary attributes can belong to "defaults"
544 * This is why we use the sc_attributes_specified mask instead
545 * of the sc_attributes_present mask.
548 M_AND( necessary_and_specified,
549 scp->sc_specified_attributes, must_specify ) ;
550 M_XOR( necessary_and_missing, necessary_and_specified, must_specify ) ;
552 if ( M_ARE_ALL_CLEAR( necessary_and_missing) )
556 * Print names of missing attributes
558 for ( attr_id = 0 ; attr_id < SERVICE_ATTRIBUTES ; attr_id++ )
559 if ( M_IS_SET( necessary_and_missing, attr_id ) &&
560 ( attr_name = attr_name_lookup( attr_id ) ) != NULL )
563 "Service %s missing attribute %s - DISABLING",
564 SC_ID(scp), attr_name ) ;
571 * Perform validity checks on the whole entry. At this point, all
572 * attributes have been read and we can do an integrated check that
573 * all parameters make sense.
575 * Also does the following:
576 * 1. If this is an internal service, it finds the function that
578 * 2. For RPC services, it finds the program number
579 * 3. For non-RPC services, it finds the port number.
581 static status_e check_entry( struct service_config *scp,
582 const struct configuration *confp )
584 const char *func = "check_entry" ;
586 const pset_h sconfs = CNF_SERVICE_CONFS( confp ) ;
589 * Make sure the service id is unique
591 for ( u = 0 ; u < pset_count( sconfs ) ; u++ )
594 const struct service_config *tmp_scp = SCP( pset_pointer( sconfs, u ) );
596 break; /* Don't check ourselves, or anything after us */
597 if ( EQ( SC_ID(tmp_scp), SC_ID(scp) ) )
601 if( SC_BIND_ADDR(tmp_scp) == NULL)
602 continue; /* problem entry, skip it */
603 if ( (SC_PORT(scp) != SC_PORT(tmp_scp)) ||
604 (SC_PROTOVAL(scp) != SC_PROTOVAL(tmp_scp)) )
605 continue; /* if port or protocol are different, its OK */
606 if (SC_BIND_ADDR(scp) != NULL)
608 if (SC_BIND_ADDR(scp)->sa.sa_family !=
609 SC_BIND_ADDR(tmp_scp)->sa.sa_family)
611 if (SC_BIND_ADDR(scp)->sa.sa_family == AF_INET)
613 if (memcmp(&SC_BIND_ADDR(scp)->sa_in.sin_addr,
614 &SC_BIND_ADDR(tmp_scp)->sa_in.sin_addr,
615 sizeof(struct in_addr) ) )
618 else /* We assume that all bad address families are weeded out */
620 if (memcmp(&SC_BIND_ADDR(scp)->sa_in6.sin6_addr,
621 &SC_BIND_ADDR(tmp_scp)->sa_in6.sin6_addr,
622 sizeof(struct in6_addr) ) )
626 if( SC_IS_DISABLED( tmp_scp ) ||
627 SC_IS_DISABLED(scp) )
630 * Allow multiple configs, as long as all but one are
635 #if defined(HAVE_RPC_RPCENT_H) || defined(HAVE_NETDB_H)
636 if ( SC_IS_RPC( scp ) && SC_IS_RPC ( tmp_scp ) )
638 const struct rpc_data *rdp1 = SC_RPCDATA( scp ) ;
639 const struct rpc_data *rdp2 = SC_RPCDATA( tmp_scp ) ;
640 if ( rdp1->rd_program_number != rdp2->rd_program_number )
642 if ( rdp1->rd_min_version > rdp2->rd_max_version ||
643 rdp1->rd_max_version < rdp2->rd_min_version )
649 "service: %s id: %s is unique but its identical to "
650 "service: %s id: %s - DISABLING",
651 SC_NAME(scp), SC_ID(scp), SC_NAME(tmp_scp), SC_ID(tmp_scp) ) ;
654 "service: %s id: %s not unique or is a duplicate - DISABLING",
655 SC_NAME(scp), SC_ID(scp) ) ;
660 * Currently, we cannot intercept:
661 * 1) internal services
662 * 2) multi-threaded services
663 * We clear the INTERCEPT flag without disabling the service.
665 if ( SC_IS_INTERCEPTED( scp ) )
667 if ( SC_IS_INTERNAL( scp ) )
670 "Internal services cannot be intercepted: %s ", SC_ID(scp) ) ;
671 M_CLEAR( SC_XFLAGS(scp), SF_INTERCEPT ) ;
673 if ( SC_WAIT(scp) == NO )
676 "Multi-threaded services cannot be intercepted: %s", SC_ID(scp) ) ;
677 M_CLEAR( SC_XFLAGS(scp), SF_INTERCEPT ) ;
681 /* Steer the lost sheep home */
682 if ( SC_SENSOR( scp ) )
683 M_SET( SC_TYPE(scp), ST_INTERNAL );
685 if ( SC_IS_INTERNAL( scp ) )
686 { /* If SENSOR flagged redirect to internal builtin function. */
687 if ( SC_SENSOR( scp ) )
691 builtin_find( "sensor", SC_SOCKET_TYPE(scp) );
695 builtin_find( SC_NAME(scp), SC_SOCKET_TYPE(scp) );
696 if (SC_BUILTIN(scp) == NULL )
700 if ( SC_IS_MUXCLIENT( scp ) )
702 if ( !SC_IS_UNLISTED( scp ) )
705 "Service: %s (tcpmux) should have UNLISTED in type.",
710 if (!EQ("tcp", SC_PROTONAME(scp)))
713 "Service: %s (tcpmux) should have tcp in protocol.",
720 #if defined(HAVE_RPC_RPCENT_H) || defined(HAVE_NETDB_H)
721 if ( SC_IS_RPC( scp ) && !SC_IS_UNLISTED( scp ) )
723 struct rpcent *rep = (struct rpcent *)getrpcbyname( SC_NAME(scp) ) ;
727 msg( LOG_ERR, func, "unknown RPC service: %s", SC_NAME(scp) ) ;
730 SC_RPCDATA( scp )->rd_program_number = rep->r_number ;
733 #endif /* ! NO_RPC */
735 if ( !SC_IS_UNLISTED( scp ) )
737 uint16_t service_port ;
738 struct servent *sep ;
741 * Check if a protocol was specified. Based on the code in
742 * service_fill, if either socket_type or protocol is specified,
743 * the other one is filled in. Protocol should therefore always
744 * be filled in unless they made a mistake. Then verify it is the
745 * proper protocol for the given service.
746 * We don't need to check MUXCLIENTs - they aren't in /etc/services.
748 if ( SC_SPECIFIED( scp, A_PROTOCOL ) )
750 sep = getservbyname( SC_NAME(scp), SC_PROTONAME(scp) ) ;
754 "service/protocol combination not in /etc/services: %s/%s",
755 SC_NAME(scp), SC_PROTONAME(scp) ) ;
762 "A protocol or a socket_type must be specified for service: %s.",
767 /* s_port is in network-byte-order */
768 service_port = ntohs(sep->s_port);
771 * If a port was specified, it must be the right one
773 if ( SC_SPECIFIED( scp, A_PORT ) &&
774 SC_PORT(scp) != service_port )
776 msg( LOG_ERR, func, "Service %s expects port %d, not %d",
777 SC_NAME(scp), service_port, SC_PORT(scp) ) ;
780 } /* if not unlisted */
782 if ( SC_SPECIFIED( scp, A_REDIR ))
784 if ( SC_SOCKET_TYPE( scp ) != SOCK_STREAM )
787 "Only tcp sockets are supported for redirected service %s",
791 if ( SC_WAITS( scp ) )
794 "Redirected service %s must not wait", SC_NAME(scp));
797 if ( SC_NAMEINARGS( scp ) )
800 "Redirected service %s should not have NAMEINARGS flag set",
805 else /* Not a redirected service */
807 if( M_IS_SET( SC_LOG_ON_SUCCESS(scp), LO_TRAFFIC ) )
810 "Service %s should not have TRAFFIC flag set since its"
811 " not redirected", SC_NAME(scp));
816 if ( SC_NAMEINARGS(scp) )
818 if (SC_IS_INTERNAL( scp ) )
821 "Service %s is INTERNAL and has NAMEINARGS flag set",
825 else if (!SC_SPECIFIED( scp, A_SERVER_ARGS) )
828 "Service %s has NAMEINARGS flag set and no server_args",
834 if ( service_attr_check( scp ) == FAILED )
841 * Get a configuration from the specified file.
843 static status_e get_conf( int fd, struct configuration *confp )
845 parse_conf_file( fd, confp, ps.ros.config_file ) ;
851 #define CHECK_AND_CLEAR( scp, mask, mask_name ) \
852 if ( M_IS_SET( mask, LO_USERID ) ) \
854 msg( LOG_WARNING, func, \
855 "%s service: clearing USERID option from %s", SC_ID(scp), mask_name ) ; \
856 M_CLEAR( mask, LO_USERID ) ; \
860 * Get a configuration by reading the configuration file.
862 status_e cnf_get( struct configuration *confp )
865 struct service_config *scp ;
866 const char *func = "get_configuration" ;
868 if ( cnf_init( confp, &config_fd, &iter ) == FAILED )
871 else if ( get_conf( config_fd, confp ) == FAILED )
873 Sclose( config_fd ) ;
875 psi_destroy( iter ) ;
879 /* get_conf eventually calls Srdline, try Sclosing to unmmap memory. */
882 current_file = "/etc/inetd.conf";
883 config_fd = open(current_file, O_RDONLY);
884 if( config_fd >= 0 ) {
885 parse_inet_conf_file( config_fd, confp );
888 * parse_inet_conf eventually calls Srdline, try Sclosing to
895 remove_disabled_services( confp ) ;
897 for ( scp = SCP( psi_start( iter ) ) ; scp ; scp = SCP( psi_next( iter ) ) )
900 * Fill the service configuration from the defaults.
901 * We do this so that we don't have to look at the defaults any more.
903 if ( service_fill( scp, confp->cnf_defaults ) == FAILED )
910 if ( check_entry( scp, confp ) == FAILED )
918 * If the INTERCEPT flag is set, change this service to an internal
919 * service using the special INTERCEPT builtin.
921 if ( SC_IS_INTERCEPTED( scp ) )
923 const builtin_s *bp ;
925 bp = spec_find( INTERCEPT_SERVICE_NAME, SC_SOCKET_TYPE(scp) ) ;
928 msg( LOG_ERR, func, "removing service %s", SC_ID( scp ) ) ;
934 SC_BUILTIN(scp) = bp ;
935 M_SET( SC_TYPE(scp), ST_INTERNAL ) ;
939 * Clear the USERID flag for the identity service because
940 * it may lead to loops (for example, remote xinetd issues request,
941 * local xinetd issues request to remote xinetd etc.)
942 * We identify the identity service by its (protocol,port) combination.
944 if ( SC_PORT(scp) == IDENTITY_SERVICE_PORT &&
945 SC_PROTOVAL(scp) == IPPROTO_TCP )
947 CHECK_AND_CLEAR( scp, SC_LOG_ON_SUCCESS(scp), "log_on_success" ) ;
948 CHECK_AND_CLEAR( scp, SC_LOG_ON_FAILURE(scp), "log_on_failure" ) ;
952 psi_destroy( iter ) ;
954 if ( debug.on && debug.fd != -1 )
955 cnf_dump( confp, debug.fd ) ;