1 /******************************************************************************/
2 /* pfixtools: a collection of postfix related tools */
4 /* ________________________________________________________________________ */
6 /* Redistribution and use in source and binary forms, with or without */
7 /* modification, are permitted provided that the following conditions */
10 /* 1. Redistributions of source code must retain the above copyright */
11 /* notice, this list of conditions and the following disclaimer. */
12 /* 2. Redistributions in binary form must reproduce the above copyright */
13 /* notice, this list of conditions and the following disclaimer in the */
14 /* documentation and/or other materials provided with the distribution. */
15 /* 3. The names of its contributors may not be used to endorse or promote */
16 /* products derived from this software without specific prior written */
19 /* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND */
20 /* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE */
21 /* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR */
22 /* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS */
23 /* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR */
24 /* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF */
25 /* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS */
26 /* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN */
27 /* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) */
28 /* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF */
29 /* THE POSSIBILITY OF SUCH DAMAGE. */
30 /******************************************************************************/
33 * Copyright © 2005-2007 Pierre Habouzit
44 #define DAEMON_NAME "pfix-srsd"
45 #define DEFAULT_ENCODER_PORT 10001
46 #define DEFAULT_DECODER_PORT 10002
47 #define RUNAS_USER "nobody"
48 #define RUNAS_GROUP "nogroup"
51 #define STR(x) __tostr(x)
53 /* srs encoder/decoder/listener worker {{{ */
55 typedef struct srsd_t {
56 unsigned listener : 1;
64 static srsd_t *srsd_new(void)
66 srsd_t *srsd = p_new(srsd_t, 1);
71 static void srsd_delete(srsd_t **srsd)
76 buffer_wipe(&(*srsd)->ibuf);
77 buffer_wipe(&(*srsd)->obuf);
82 void urldecode(char *s, char *end)
87 if (*p == '%' && end - p >= 3) {
88 int h = (hexval(p[1]) << 4) | hexval(p[2]);
102 int process_srs(srs_t *srs, const char *domain, srsd_t *srsd)
104 while (srsd->ibuf.len > 4) {
105 char buf[BUFSIZ], *p, *q, *nl;
108 nl = strchr(srsd->ibuf.data + 4, '\n');
110 if (srsd->ibuf.len > BUFSIZ) {
111 syslog(LOG_ERR, "unreasonnable amount of data without a \\n");
117 if (strncmp("get ", srsd->ibuf.data, 4)) {
118 syslog(LOG_ERR, "bad request, not starting with \"get \"");
122 for (p = srsd->ibuf.data + 4; p < nl && isspace(*p); p++);
123 for (q = nl++; q >= p && isspace(*q); *q-- = '\0');
126 buffer_addstr(&srsd->obuf, "400 empty request ???\n");
127 syslog(LOG_WARNING, "empty request");
134 err = srs_reverse(srs, buf, ssizeof(buf), p);
136 err = srs_forward(srs, buf, ssizeof(buf), p, domain);
140 buffer_addstr(&srsd->obuf, "200 ");
141 buffer_addstr(&srsd->obuf, buf);
143 switch (SRS_ERROR_TYPE(err)) {
144 case SRS_ERRTYPE_SRS:
145 case SRS_ERRTYPE_SYNTAX:
146 buffer_addstr(&srsd->obuf, "500 ");
149 buffer_addstr(&srsd->obuf, "400 ");
152 buffer_addstr(&srsd->obuf, srs_strerror(err));
154 buffer_addch(&srsd->obuf, '\n');
157 buffer_consume(&srsd->ibuf, nl - srsd->ibuf.data);
163 int start_listener(int port, bool decoder)
165 struct sockaddr_in addr = {
166 .sin_family = AF_INET,
167 .sin_addr = { htonl(INADDR_LOOPBACK) },
169 struct epoll_event evt = { .events = EPOLLIN };
173 addr.sin_port = htons(port);
174 sock = tcp_listen_nonblock((const struct sockaddr *)&addr, sizeof(addr));
179 evt.data.ptr = tmp = srsd_new();
181 tmp->decoder = decoder;
182 tmp->listener = true;
183 if (epoll_ctl(epollfd, EPOLL_CTL_ADD, sock, &evt) < 0) {
184 UNIXERR("epoll_ctl");
191 /* administrivia {{{ */
193 static int main_initialize(void)
195 openlog(DAEMON_NAME, LOG_PID, LOG_MAIL);
196 signal(SIGPIPE, SIG_IGN);
197 signal(SIGINT, &common_sighandler);
198 signal(SIGTERM, &common_sighandler);
199 signal(SIGHUP, &common_sighandler);
200 signal(SIGSEGV, &common_sighandler);
201 syslog(LOG_INFO, "Starting...");
205 static void main_shutdown(void)
210 module_init(main_initialize);
211 module_exit(main_shutdown);
215 fputs("usage: "DAEMON_NAME" [options] domain secrets\n"
218 " -e <port> port to listen to for encoding requests\n"
219 " (default: "STR(DEFAULT_ENCODER_PORT)")\n"
220 " -d <port> port to listen to for decoding requests\n"
221 " (default: "STR(DEFAULT_DECODER_PORT)")\n"
222 " -p <pidfile> file to write our pid to\n"
223 " -u unsafe mode: don't drop privilegies\n"
224 " -f stay in foreground\n"
230 int main_loop(srs_t *srs, const char *domain, int port_enc, int port_dec)
232 if (start_listener(port_enc, false) < 0)
234 if (start_listener(port_dec, true) < 0)
238 struct epoll_event evts[1024];
241 n = epoll_wait(epollfd, evts, countof(evts), -1);
243 if (errno != EAGAIN && errno != EINTR) {
244 UNIXERR("epoll_wait");
251 srsd_t *srsd = evts[n].data.ptr;
253 if (srsd->listener) {
254 struct epoll_event evt = { .events = EPOLLIN };
258 sock = accept_nonblock(srsd->fd);
264 evt.data.ptr = tmp = srsd_new();
265 tmp->decoder = srsd->decoder;
267 if (epoll_ctl(epollfd, EPOLL_CTL_ADD, sock, &evt) < 0) {
268 UNIXERR("epoll_ctl");
275 if (evts[n].events & EPOLLIN) {
276 int res = buffer_read(&srsd->ibuf, srsd->fd, -1);
278 if ((res < 0 && errno != EINTR && errno != EAGAIN)
285 if (process_srs(srs, domain, srsd) < 0) {
291 if ((evts[n].events & EPOLLOUT) && srsd->obuf.len) {
292 int res = write(srsd->fd, srsd->obuf.data, srsd->obuf.len);
294 if (res < 0 && errno != EINTR && errno != EAGAIN) {
300 buffer_consume(&srsd->obuf, res);
304 if (srsd->watchwr == !srsd->obuf.len) {
305 struct epoll_event evt = {
306 .events = EPOLLIN | (srsd->obuf.len ? EPOLLOUT : 0),
309 if (epoll_ctl(epollfd, EPOLL_CTL_MOD, srsd->fd, &evt) < 0) {
310 UNIXERR("epoll_ctl");
314 srsd->watchwr = srsd->obuf.len != 0;
322 static srs_t *srs_read_secrets(const char *sfile)
329 f = fopen(sfile, "r");
337 while (fgets(buf, sizeof(buf), f)) {
341 if (n == sizeof(buf) - 1 && buf[n - 1] != '\n') {
342 syslog(LOG_CRIT, "%s:%d: line too long", sfile, lineno);
346 srs_add_secret(srs, skipspaces(buf));
350 syslog(LOG_CRIT, "%s: empty file, no secrets", sfile);
363 int main(int argc, char *argv[])
366 bool daemonize = true;
367 int port_enc = DEFAULT_ENCODER_PORT;
368 int port_dec = DEFAULT_DECODER_PORT;
369 const char *pidfile = NULL;
374 for (int c = 0; (c = getopt(argc, argv, "hfu" "e:d:p:")) >= 0; ) {
377 port_enc = atoi(optarg);
383 port_dec = atoi(optarg);
397 if (argc - optind != 2) {
402 srs = srs_read_secrets(argv[optind + 1]);
407 if (pidfile_open(pidfile) < 0) {
408 syslog(LOG_CRIT, "unable to write pidfile %s", pidfile);
412 if (!unsafe && drop_privileges(RUNAS_USER, RUNAS_GROUP) < 0) {
413 syslog(LOG_CRIT, "unable to drop privileges");
417 if (daemonize && daemon_detach() < 0) {
418 syslog(LOG_CRIT, "unable to fork");
423 res = main_loop(srs, argv[optind], port_enc, port_dec);
424 syslog(LOG_INFO, "Stopping...");