Line data Source code
1 : /*
2 : * BSD 3-Clause License
3 : *
4 : * Copyright (c) 2005-2008, Jelmer Vernooij <jelmer@samba.org>
5 : * Copyright (c) 2006-2021, Stefan Metzmacher <metze@samba.org>
6 : * Copyright (c) 2013-2021, Andreas Schneider <asn@samba.org>
7 : * Copyright (c) 2014-2017, Michael Adam <obnox@samba.org>
8 : * Copyright (c) 2016-2018, Anoop C S <anoopcs@redhat.com>
9 : * All rights reserved.
10 : *
11 : * Redistribution and use in source and binary forms, with or without
12 : * modification, are permitted provided that the following conditions
13 : * are met:
14 : *
15 : * 1. Redistributions of source code must retain the above copyright
16 : * notice, this list of conditions and the following disclaimer.
17 : *
18 : * 2. Redistributions in binary form must reproduce the above copyright
19 : * notice, this list of conditions and the following disclaimer in the
20 : * documentation and/or other materials provided with the distribution.
21 : *
22 : * 3. Neither the name of the author nor the names of its contributors
23 : * may be used to endorse or promote products derived from this software
24 : * without specific prior written permission.
25 : *
26 : * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
27 : * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 : * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 : * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
30 : * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 : * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 : * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 : * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 : * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 : * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 : * SUCH DAMAGE.
37 : */
38 :
39 : /*
40 : Socket wrapper library. Passes all socket communication over
41 : unix domain sockets if the environment variable SOCKET_WRAPPER_DIR
42 : is set.
43 : */
44 :
45 : #include "config.h"
46 :
47 : /*
48 : * Make sure we do not redirect (f)open(at)() or fcntl() to their 64bit
49 : * variants
50 : */
51 : #undef _FILE_OFFSET_BITS
52 :
53 : #include <sys/types.h>
54 : #include <sys/time.h>
55 : #include <sys/stat.h>
56 : #ifdef HAVE_SYS_SYSCALL_H
57 : #include <sys/syscall.h>
58 : #endif
59 : #ifdef HAVE_SYSCALL_H
60 : #include <syscall.h>
61 : #endif
62 : #include <sys/socket.h>
63 : #include <sys/ioctl.h>
64 : #ifdef HAVE_SYS_FILIO_H
65 : #include <sys/filio.h>
66 : #endif
67 : #ifdef HAVE_SYS_SIGNALFD_H
68 : #include <sys/signalfd.h>
69 : #endif
70 : #ifdef HAVE_SYS_EVENTFD_H
71 : #include <sys/eventfd.h>
72 : #endif
73 : #ifdef HAVE_SYS_TIMERFD_H
74 : #include <sys/timerfd.h>
75 : #endif
76 : #include <sys/uio.h>
77 : #include <errno.h>
78 : #include <sys/un.h>
79 : #include <netinet/in.h>
80 : #include <netinet/tcp.h>
81 : #ifdef HAVE_NETINET_TCP_FSM_H
82 : #include <netinet/tcp_fsm.h>
83 : #endif
84 : #include <arpa/inet.h>
85 : #include <fcntl.h>
86 : #include <stdlib.h>
87 : #include <string.h>
88 : #include <stdio.h>
89 : #include <stdint.h>
90 : #include <stdarg.h>
91 : #include <stdbool.h>
92 : #include <unistd.h>
93 : #ifdef HAVE_GNU_LIB_NAMES_H
94 : #include <gnu/lib-names.h>
95 : #endif
96 : #ifdef HAVE_RPC_RPC_H
97 : #include <rpc/rpc.h>
98 : #endif
99 : #include <pthread.h>
100 :
101 : #include "socket_wrapper.h"
102 :
103 : #ifdef __USE_FILE_OFFSET64
104 : #error -D_FILE_OFFSET_BITS=64 should not be set for socket_wrapper!
105 : #endif
106 :
107 : enum swrap_dbglvl_e {
108 : SWRAP_LOG_ERROR = 0,
109 : SWRAP_LOG_WARN,
110 : SWRAP_LOG_DEBUG,
111 : SWRAP_LOG_TRACE
112 : };
113 :
114 : /* GCC have printf type attribute check. */
115 : #ifdef HAVE_FUNCTION_ATTRIBUTE_FORMAT
116 : #define PRINTF_ATTRIBUTE(a,b) __attribute__ ((__format__ (__printf__, a, b)))
117 : #else
118 : #define PRINTF_ATTRIBUTE(a,b)
119 : #endif /* HAVE_FUNCTION_ATTRIBUTE_FORMAT */
120 :
121 : #ifdef HAVE_CONSTRUCTOR_ATTRIBUTE
122 : #define CONSTRUCTOR_ATTRIBUTE __attribute__ ((constructor))
123 : #else
124 : #define CONSTRUCTOR_ATTRIBUTE
125 : #endif /* HAVE_CONSTRUCTOR_ATTRIBUTE */
126 :
127 : #ifdef HAVE_DESTRUCTOR_ATTRIBUTE
128 : #define DESTRUCTOR_ATTRIBUTE __attribute__ ((destructor))
129 : #else
130 : #define DESTRUCTOR_ATTRIBUTE
131 : #endif
132 :
133 : #ifndef FALL_THROUGH
134 : # ifdef HAVE_FALLTHROUGH_ATTRIBUTE
135 : # define FALL_THROUGH __attribute__ ((fallthrough))
136 : # else /* HAVE_FALLTHROUGH_ATTRIBUTE */
137 : # define FALL_THROUGH ((void)0)
138 : # endif /* HAVE_FALLTHROUGH_ATTRIBUTE */
139 : #endif /* FALL_THROUGH */
140 :
141 : #ifdef HAVE_ADDRESS_SANITIZER_ATTRIBUTE
142 : #define DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE __attribute__((no_sanitize_address))
143 : #else
144 : #define DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE
145 : #endif
146 :
147 : #ifdef HAVE_GCC_THREAD_LOCAL_STORAGE
148 : # define SWRAP_THREAD __thread
149 : #else
150 : # define SWRAP_THREAD
151 : #endif
152 :
153 : #ifndef MIN
154 : #define MIN(a,b) ((a)<(b)?(a):(b))
155 : #endif
156 :
157 : #ifndef ZERO_STRUCT
158 : #define ZERO_STRUCT(x) memset((char *)&(x), 0, sizeof(x))
159 : #endif
160 :
161 : #ifndef ZERO_STRUCTP
162 : #define ZERO_STRUCTP(x) do { \
163 : if ((x) != NULL) \
164 : memset((char *)(x), 0, sizeof(*(x))); \
165 : } while(0)
166 : #endif
167 :
168 : #ifndef SAFE_FREE
169 : #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); (x)=NULL;} } while(0)
170 : #endif
171 :
172 : #ifndef discard_const
173 : #define discard_const(ptr) ((void *)((uintptr_t)(ptr)))
174 : #endif
175 :
176 : #ifndef discard_const_p
177 : #define discard_const_p(type, ptr) ((type *)discard_const(ptr))
178 : #endif
179 :
180 : #define UNUSED(x) (void)(x)
181 :
182 : #ifdef IPV6_PKTINFO
183 : # ifndef IPV6_RECVPKTINFO
184 : # define IPV6_RECVPKTINFO IPV6_PKTINFO
185 : # endif /* IPV6_RECVPKTINFO */
186 : #endif /* IPV6_PKTINFO */
187 :
188 : /*
189 : * On BSD IP_PKTINFO has a different name because during
190 : * the time when they implemented it, there was no RFC.
191 : * The name for IPv6 is the same as on Linux.
192 : */
193 : #ifndef IP_PKTINFO
194 : # ifdef IP_RECVDSTADDR
195 : # define IP_PKTINFO IP_RECVDSTADDR
196 : # endif
197 : #endif
198 :
199 : #define socket_wrapper_init_mutex(m) \
200 : _socket_wrapper_init_mutex(m, #m)
201 :
202 : /* Add new global locks here please */
203 : # define SWRAP_REINIT_ALL do { \
204 : int ret; \
205 : ret = socket_wrapper_init_mutex(&sockets_mutex); \
206 : if (ret != 0) exit(-1); \
207 : ret = socket_wrapper_init_mutex(&socket_reset_mutex); \
208 : if (ret != 0) exit(-1); \
209 : ret = socket_wrapper_init_mutex(&first_free_mutex); \
210 : if (ret != 0) exit(-1); \
211 : ret = socket_wrapper_init_mutex(&sockets_si_global); \
212 : if (ret != 0) exit(-1); \
213 : ret = socket_wrapper_init_mutex(&autobind_start_mutex); \
214 : if (ret != 0) exit(-1); \
215 : ret = socket_wrapper_init_mutex(&pcap_dump_mutex); \
216 : if (ret != 0) exit(-1); \
217 : ret = socket_wrapper_init_mutex(&mtu_update_mutex); \
218 : if (ret != 0) exit(-1); \
219 : } while(0)
220 :
221 : # define SWRAP_LOCK_ALL do { \
222 : swrap_mutex_lock(&sockets_mutex); \
223 : swrap_mutex_lock(&socket_reset_mutex); \
224 : swrap_mutex_lock(&first_free_mutex); \
225 : swrap_mutex_lock(&sockets_si_global); \
226 : swrap_mutex_lock(&autobind_start_mutex); \
227 : swrap_mutex_lock(&pcap_dump_mutex); \
228 : swrap_mutex_lock(&mtu_update_mutex); \
229 : } while(0)
230 :
231 : # define SWRAP_UNLOCK_ALL do { \
232 : swrap_mutex_unlock(&mtu_update_mutex); \
233 : swrap_mutex_unlock(&pcap_dump_mutex); \
234 : swrap_mutex_unlock(&autobind_start_mutex); \
235 : swrap_mutex_unlock(&sockets_si_global); \
236 : swrap_mutex_unlock(&first_free_mutex); \
237 : swrap_mutex_unlock(&socket_reset_mutex); \
238 : swrap_mutex_unlock(&sockets_mutex); \
239 : } while(0)
240 :
241 : #define SOCKET_INFO_CONTAINER(si) \
242 : (struct socket_info_container *)(si)
243 :
244 : #define SWRAP_LOCK_SI(si) do { \
245 : struct socket_info_container *sic = SOCKET_INFO_CONTAINER(si); \
246 : if (sic != NULL) { \
247 : swrap_mutex_lock(&sockets_si_global); \
248 : } else { \
249 : abort(); \
250 : } \
251 : } while(0)
252 :
253 : #define SWRAP_UNLOCK_SI(si) do { \
254 : struct socket_info_container *sic = SOCKET_INFO_CONTAINER(si); \
255 : if (sic != NULL) { \
256 : swrap_mutex_unlock(&sockets_si_global); \
257 : } else { \
258 : abort(); \
259 : } \
260 : } while(0)
261 :
262 : #if defined(HAVE_GETTIMEOFDAY_TZ) || defined(HAVE_GETTIMEOFDAY_TZ_VOID)
263 : #define swrapGetTimeOfDay(tval) gettimeofday(tval,NULL)
264 : #else
265 : #define swrapGetTimeOfDay(tval) gettimeofday(tval)
266 : #endif
267 :
268 : /* we need to use a very terse format here as IRIX 6.4 silently
269 : truncates names to 16 chars, so if we use a longer name then we
270 : can't tell which port a packet came from with recvfrom()
271 :
272 : with this format we have 8 chars left for the directory name
273 : */
274 : #define SOCKET_FORMAT "%c%02X%04X"
275 : #define SOCKET_TYPE_CHAR_TCP 'T'
276 : #define SOCKET_TYPE_CHAR_UDP 'U'
277 : #define SOCKET_TYPE_CHAR_TCP_V6 'X'
278 : #define SOCKET_TYPE_CHAR_UDP_V6 'Y'
279 :
280 : /*
281 : * Set the packet MTU to 1500 bytes for stream sockets to make it it easier to
282 : * format PCAP capture files (as the caller will simply continue from here).
283 : */
284 : #define SOCKET_WRAPPER_MTU_DEFAULT 1500
285 : #define SOCKET_WRAPPER_MTU_MIN 512
286 : #define SOCKET_WRAPPER_MTU_MAX 32768
287 :
288 : #define SOCKET_MAX_SOCKETS 1024
289 :
290 : /*
291 : * Maximum number of socket_info structures that can
292 : * be used. Can be overriden by the environment variable
293 : * SOCKET_WRAPPER_MAX_SOCKETS.
294 : */
295 : #define SOCKET_WRAPPER_MAX_SOCKETS_DEFAULT 65535
296 :
297 : #define SOCKET_WRAPPER_MAX_SOCKETS_LIMIT 262140
298 :
299 : /* This limit is to avoid broadcast sendto() needing to stat too many
300 : * files. It may be raised (with a performance cost) to up to 254
301 : * without changing the format above */
302 : #define MAX_WRAPPED_INTERFACES 64
303 :
304 : struct swrap_address {
305 : socklen_t sa_socklen;
306 : union {
307 : struct sockaddr s;
308 : struct sockaddr_in in;
309 : #ifdef HAVE_IPV6
310 : struct sockaddr_in6 in6;
311 : #endif
312 : struct sockaddr_un un;
313 : struct sockaddr_storage ss;
314 : } sa;
315 : };
316 :
317 : static int first_free;
318 :
319 : struct socket_info
320 : {
321 : /*
322 : * Remember to update swrap_unix_scm_right_magic
323 : * on any change.
324 : */
325 :
326 : int family;
327 : int type;
328 : int protocol;
329 : int bound;
330 : int bcast;
331 : int is_server;
332 : int connected;
333 : int defer_connect;
334 : int pktinfo;
335 : int tcp_nodelay;
336 : int listening;
337 : int fd_passed;
338 :
339 : /* The unix path so we can unlink it on close() */
340 : struct sockaddr_un un_addr;
341 :
342 : struct swrap_address bindname;
343 : struct swrap_address myname;
344 : struct swrap_address peername;
345 :
346 : struct {
347 : unsigned long pck_snd;
348 : unsigned long pck_rcv;
349 : } io;
350 : };
351 :
352 : struct socket_info_meta
353 : {
354 : unsigned int refcount;
355 : int next_free;
356 : /*
357 : * As long as we don't use shared memory
358 : * for the sockets array, we use
359 : * sockets_si_global as a single mutex.
360 : *
361 : * pthread_mutex_t mutex;
362 : */
363 : };
364 :
365 : struct socket_info_container
366 : {
367 : struct socket_info info;
368 : struct socket_info_meta meta;
369 : };
370 :
371 : static struct socket_info_container *sockets;
372 :
373 : static size_t socket_info_max = 0;
374 :
375 : /*
376 : * Allocate the socket array always on the limit value. We want it to be
377 : * at least bigger than the default so if we reach the limit we can
378 : * still deal with duplicate fds pointing to the same socket_info.
379 : */
380 : static size_t socket_fds_max = SOCKET_WRAPPER_MAX_SOCKETS_LIMIT;
381 :
382 : /* Hash table to map fds to corresponding socket_info index */
383 : static int *socket_fds_idx;
384 :
385 : /* Mutex for syncronizing port selection during swrap_auto_bind() */
386 : static pthread_mutex_t autobind_start_mutex = PTHREAD_MUTEX_INITIALIZER;
387 :
388 : /* Mutex to guard the initialization of array of socket_info structures */
389 : static pthread_mutex_t sockets_mutex = PTHREAD_MUTEX_INITIALIZER;
390 :
391 : /* Mutex to guard the socket reset in swrap_remove_wrapper() */
392 : static pthread_mutex_t socket_reset_mutex = PTHREAD_MUTEX_INITIALIZER;
393 :
394 : /* Mutex to synchronize access to first free index in socket_info array */
395 : static pthread_mutex_t first_free_mutex = PTHREAD_MUTEX_INITIALIZER;
396 :
397 : /*
398 : * Mutex to synchronize access to to socket_info structures
399 : * We use a single global mutex in order to avoid leaking
400 : * ~ 38M copy on write memory per fork.
401 : * max_sockets=65535 * sizeof(struct socket_info_container)=592 = 38796720
402 : */
403 : static pthread_mutex_t sockets_si_global = PTHREAD_MUTEX_INITIALIZER;
404 :
405 : /* Mutex to synchronize access to packet capture dump file */
406 : static pthread_mutex_t pcap_dump_mutex = PTHREAD_MUTEX_INITIALIZER;
407 :
408 : /* Mutex for synchronizing mtu value fetch*/
409 : static pthread_mutex_t mtu_update_mutex = PTHREAD_MUTEX_INITIALIZER;
410 :
411 : /* Function prototypes */
412 :
413 : #if ! defined(HAVE_CONSTRUCTOR_ATTRIBUTE) && defined(HAVE_PRAGMA_INIT)
414 : /* xlC and other oldschool compilers support (only) this */
415 : #pragma init (swrap_constructor)
416 : #endif
417 : void swrap_constructor(void) CONSTRUCTOR_ATTRIBUTE;
418 : #if ! defined(HAVE_DESTRUCTOR_ATTRIBUTE) && defined(HAVE_PRAGMA_FINI)
419 : #pragma fini (swrap_destructor)
420 : #endif
421 : void swrap_destructor(void) DESTRUCTOR_ATTRIBUTE;
422 :
423 : #ifndef HAVE_GETPROGNAME
424 81225327 : static const char *getprogname(void)
425 : {
426 : #if defined(HAVE_PROGRAM_INVOCATION_SHORT_NAME)
427 81225327 : return program_invocation_short_name;
428 : #elif defined(HAVE_GETEXECNAME)
429 : return getexecname();
430 : #else
431 : return NULL;
432 : #endif /* HAVE_PROGRAM_INVOCATION_SHORT_NAME */
433 : }
434 : #endif /* HAVE_GETPROGNAME */
435 :
436 : static void swrap_log(enum swrap_dbglvl_e dbglvl, const char *func, const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
437 : # define SWRAP_LOG(dbglvl, ...) swrap_log((dbglvl), __func__, __VA_ARGS__)
438 :
439 81225327 : static void swrap_log(enum swrap_dbglvl_e dbglvl,
440 : const char *func,
441 : const char *format, ...)
442 : {
443 618932 : char buffer[1024];
444 618932 : va_list va;
445 618932 : const char *d;
446 81225327 : unsigned int lvl = 0;
447 81225327 : const char *prefix = "SWRAP";
448 81225327 : const char *progname = getprogname();
449 :
450 81225327 : d = getenv("SOCKET_WRAPPER_DEBUGLEVEL");
451 81225327 : if (d != NULL) {
452 0 : lvl = atoi(d);
453 : }
454 :
455 81225327 : if (lvl < dbglvl) {
456 81225327 : return;
457 : }
458 :
459 0 : va_start(va, format);
460 0 : vsnprintf(buffer, sizeof(buffer), format, va);
461 0 : va_end(va);
462 :
463 0 : switch (dbglvl) {
464 0 : case SWRAP_LOG_ERROR:
465 0 : prefix = "SWRAP_ERROR";
466 0 : break;
467 0 : case SWRAP_LOG_WARN:
468 0 : prefix = "SWRAP_WARN";
469 0 : break;
470 0 : case SWRAP_LOG_DEBUG:
471 0 : prefix = "SWRAP_DEBUG";
472 0 : break;
473 0 : case SWRAP_LOG_TRACE:
474 0 : prefix = "SWRAP_TRACE";
475 0 : break;
476 : }
477 :
478 0 : if (progname == NULL) {
479 0 : progname = "<unknown>";
480 : }
481 :
482 0 : fprintf(stderr,
483 : "%s[%s (%u)] - %s: %s\n",
484 : prefix,
485 : progname,
486 0 : (unsigned int)getpid(),
487 : func,
488 : buffer);
489 : }
490 :
491 : /*********************************************************
492 : * SWRAP LOADING LIBC FUNCTIONS
493 : *********************************************************/
494 :
495 : #include <dlfcn.h>
496 :
497 : #ifdef HAVE_ACCEPT4
498 : typedef int (*__libc_accept4)(int sockfd,
499 : struct sockaddr *addr,
500 : socklen_t *addrlen,
501 : int flags);
502 : #else
503 : typedef int (*__libc_accept)(int sockfd,
504 : struct sockaddr *addr,
505 : socklen_t *addrlen);
506 : #endif
507 : typedef int (*__libc_bind)(int sockfd,
508 : const struct sockaddr *addr,
509 : socklen_t addrlen);
510 : typedef int (*__libc_close)(int fd);
511 : #ifdef HAVE___CLOSE_NOCANCEL
512 : typedef int (*__libc___close_nocancel)(int fd);
513 : #endif
514 : typedef int (*__libc_connect)(int sockfd,
515 : const struct sockaddr *addr,
516 : socklen_t addrlen);
517 : typedef int (*__libc_dup)(int fd);
518 : typedef int (*__libc_dup2)(int oldfd, int newfd);
519 : typedef int (*__libc_fcntl)(int fd, int cmd, ...);
520 : #ifdef HAVE_FCNTL64
521 : typedef int (*__libc_fcntl64)(int fd, int cmd, ...);
522 : #endif
523 : typedef FILE *(*__libc_fopen)(const char *name, const char *mode);
524 : #ifdef HAVE_FOPEN64
525 : typedef FILE *(*__libc_fopen64)(const char *name, const char *mode);
526 : #endif
527 : #ifdef HAVE_EVENTFD
528 : typedef int (*__libc_eventfd)(int count, int flags);
529 : #endif
530 : typedef int (*__libc_getpeername)(int sockfd,
531 : struct sockaddr *addr,
532 : socklen_t *addrlen);
533 : typedef int (*__libc_getsockname)(int sockfd,
534 : struct sockaddr *addr,
535 : socklen_t *addrlen);
536 : typedef int (*__libc_getsockopt)(int sockfd,
537 : int level,
538 : int optname,
539 : void *optval,
540 : socklen_t *optlen);
541 : typedef int (*__libc_ioctl)(int d, unsigned long int request, ...);
542 : typedef int (*__libc_listen)(int sockfd, int backlog);
543 : typedef int (*__libc_open)(const char *pathname, int flags, ...);
544 : #ifdef HAVE_OPEN64
545 : typedef int (*__libc_open64)(const char *pathname, int flags, ...);
546 : #endif /* HAVE_OPEN64 */
547 : #ifdef HAVE_OPENAT64
548 : typedef int (*__libc_openat64)(int dirfd, const char *pathname, int flags, ...);
549 : #endif /* HAVE_OPENAT64 */
550 : typedef int (*__libc_openat)(int dirfd, const char *path, int flags, ...);
551 : typedef int (*__libc_pipe)(int pipefd[2]);
552 : typedef int (*__libc_read)(int fd, void *buf, size_t count);
553 : typedef ssize_t (*__libc_readv)(int fd, const struct iovec *iov, int iovcnt);
554 : typedef int (*__libc_recv)(int sockfd, void *buf, size_t len, int flags);
555 : typedef int (*__libc_recvfrom)(int sockfd,
556 : void *buf,
557 : size_t len,
558 : int flags,
559 : struct sockaddr *src_addr,
560 : socklen_t *addrlen);
561 : typedef int (*__libc_recvmsg)(int sockfd, const struct msghdr *msg, int flags);
562 : #ifdef HAVE_RECVMMSG
563 : #if defined(HAVE_RECVMMSG_SSIZE_T_CONST_TIMEOUT)
564 : /* FreeBSD */
565 : typedef ssize_t (*__libc_recvmmsg)(int sockfd, struct mmsghdr *msgvec, size_t vlen, int flags, const struct timespec *timeout);
566 : #elif defined(HAVE_RECVMMSG_CONST_TIMEOUT)
567 : /* Linux legacy glibc < 2.21 */
568 : typedef int (*__libc_recvmmsg)(int sockfd, struct mmsghdr *msgvec, unsigned int vlen, int flags, const struct timespec *timeout);
569 : #else
570 : /* Linux glibc >= 2.21 */
571 : typedef int (*__libc_recvmmsg)(int sockfd, struct mmsghdr *msgvec, unsigned int vlen, int flags, struct timespec *timeout);
572 : #endif
573 : #endif /* HAVE_RECVMMSG */
574 : typedef int (*__libc_send)(int sockfd, const void *buf, size_t len, int flags);
575 : typedef int (*__libc_sendmsg)(int sockfd, const struct msghdr *msg, int flags);
576 : #ifdef HAVE_SENDMMSG
577 : #if defined(HAVE_SENDMMSG_SSIZE_T)
578 : /* FreeBSD */
579 : typedef ssize_t (*__libc_sendmmsg)(int sockfd, struct mmsghdr *msgvec, size_t vlen, int flags);
580 : #else
581 : /* Linux */
582 : typedef int (*__libc_sendmmsg)(int sockfd, struct mmsghdr *msgvec, unsigned int vlen, int flags);
583 : #endif
584 : #endif /* HAVE_SENDMMSG */
585 : typedef int (*__libc_sendto)(int sockfd,
586 : const void *buf,
587 : size_t len,
588 : int flags,
589 : const struct sockaddr *dst_addr,
590 : socklen_t addrlen);
591 : typedef int (*__libc_setsockopt)(int sockfd,
592 : int level,
593 : int optname,
594 : const void *optval,
595 : socklen_t optlen);
596 : #ifdef HAVE_SIGNALFD
597 : typedef int (*__libc_signalfd)(int fd, const sigset_t *mask, int flags);
598 : #endif
599 : typedef int (*__libc_socket)(int domain, int type, int protocol);
600 : typedef int (*__libc_socketpair)(int domain, int type, int protocol, int sv[2]);
601 : #ifdef HAVE_TIMERFD_CREATE
602 : typedef int (*__libc_timerfd_create)(int clockid, int flags);
603 : #endif
604 : typedef ssize_t (*__libc_write)(int fd, const void *buf, size_t count);
605 : typedef ssize_t (*__libc_writev)(int fd, const struct iovec *iov, int iovcnt);
606 : #ifdef HAVE_SYSCALL
607 : typedef long int (*__libc_syscall)(long int sysno, ...);
608 : #endif
609 :
610 : #define SWRAP_SYMBOL_ENTRY(i) \
611 : union { \
612 : __libc_##i f; \
613 : void *obj; \
614 : } _libc_##i
615 :
616 : struct swrap_libc_symbols {
617 : #ifdef HAVE_ACCEPT4
618 : SWRAP_SYMBOL_ENTRY(accept4);
619 : #else
620 : SWRAP_SYMBOL_ENTRY(accept);
621 : #endif
622 : SWRAP_SYMBOL_ENTRY(bind);
623 : SWRAP_SYMBOL_ENTRY(close);
624 : #ifdef HAVE___CLOSE_NOCANCEL
625 : SWRAP_SYMBOL_ENTRY(__close_nocancel);
626 : #endif
627 : SWRAP_SYMBOL_ENTRY(connect);
628 : SWRAP_SYMBOL_ENTRY(dup);
629 : SWRAP_SYMBOL_ENTRY(dup2);
630 : SWRAP_SYMBOL_ENTRY(fcntl);
631 : #ifdef HAVE_FCNTL64
632 : SWRAP_SYMBOL_ENTRY(fcntl64);
633 : #endif
634 : SWRAP_SYMBOL_ENTRY(fopen);
635 : #ifdef HAVE_FOPEN64
636 : SWRAP_SYMBOL_ENTRY(fopen64);
637 : #endif
638 : #ifdef HAVE_EVENTFD
639 : SWRAP_SYMBOL_ENTRY(eventfd);
640 : #endif
641 : SWRAP_SYMBOL_ENTRY(getpeername);
642 : SWRAP_SYMBOL_ENTRY(getsockname);
643 : SWRAP_SYMBOL_ENTRY(getsockopt);
644 : SWRAP_SYMBOL_ENTRY(ioctl);
645 : SWRAP_SYMBOL_ENTRY(listen);
646 : SWRAP_SYMBOL_ENTRY(open);
647 : #ifdef HAVE_OPEN64
648 : SWRAP_SYMBOL_ENTRY(open64);
649 : #endif
650 : #ifdef HAVE_OPENAT64
651 : SWRAP_SYMBOL_ENTRY(openat64);
652 : #endif
653 : SWRAP_SYMBOL_ENTRY(openat);
654 : SWRAP_SYMBOL_ENTRY(pipe);
655 : SWRAP_SYMBOL_ENTRY(read);
656 : SWRAP_SYMBOL_ENTRY(readv);
657 : SWRAP_SYMBOL_ENTRY(recv);
658 : SWRAP_SYMBOL_ENTRY(recvfrom);
659 : SWRAP_SYMBOL_ENTRY(recvmsg);
660 : #ifdef HAVE_RECVMMSG
661 : SWRAP_SYMBOL_ENTRY(recvmmsg);
662 : #endif
663 : SWRAP_SYMBOL_ENTRY(send);
664 : SWRAP_SYMBOL_ENTRY(sendmsg);
665 : #ifdef HAVE_SENDMMSG
666 : SWRAP_SYMBOL_ENTRY(sendmmsg);
667 : #endif
668 : SWRAP_SYMBOL_ENTRY(sendto);
669 : SWRAP_SYMBOL_ENTRY(setsockopt);
670 : #ifdef HAVE_SIGNALFD
671 : SWRAP_SYMBOL_ENTRY(signalfd);
672 : #endif
673 : SWRAP_SYMBOL_ENTRY(socket);
674 : SWRAP_SYMBOL_ENTRY(socketpair);
675 : #ifdef HAVE_TIMERFD_CREATE
676 : SWRAP_SYMBOL_ENTRY(timerfd_create);
677 : #endif
678 : SWRAP_SYMBOL_ENTRY(write);
679 : SWRAP_SYMBOL_ENTRY(writev);
680 : #ifdef HAVE_SYSCALL
681 : SWRAP_SYMBOL_ENTRY(syscall);
682 : #endif
683 : };
684 : #undef SWRAP_SYMBOL_ENTRY
685 :
686 : #define SWRAP_SYMBOL_ENTRY(i) \
687 : union { \
688 : __rtld_default_##i f; \
689 : void *obj; \
690 : } _rtld_default_##i
691 :
692 : #ifdef HAVE_SYSCALL
693 : typedef bool (*__rtld_default_uid_wrapper_syscall_valid)(long int sysno);
694 : typedef long int (*__rtld_default_uid_wrapper_syscall_va)(long int sysno, va_list va);
695 : #endif
696 :
697 : struct swrap_rtld_default_symbols {
698 : #ifdef HAVE_SYSCALL
699 : SWRAP_SYMBOL_ENTRY(uid_wrapper_syscall_valid);
700 : SWRAP_SYMBOL_ENTRY(uid_wrapper_syscall_va);
701 : #else
702 : uint8_t dummy;
703 : #endif
704 : };
705 : #undef SWRAP_SYMBOL_ENTRY
706 :
707 : struct swrap {
708 : struct {
709 : void *handle;
710 : void *socket_handle;
711 : struct swrap_libc_symbols symbols;
712 : } libc;
713 :
714 : struct {
715 : struct swrap_rtld_default_symbols symbols;
716 : } rtld_default;
717 : };
718 :
719 : static struct swrap swrap;
720 :
721 : /* prototypes */
722 : static char *socket_wrapper_dir(void);
723 :
724 : #define LIBC_NAME "libc.so"
725 :
726 : enum swrap_lib {
727 : SWRAP_LIBC,
728 : SWRAP_LIBSOCKET,
729 : };
730 :
731 6779400 : static const char *swrap_str_lib(enum swrap_lib lib)
732 : {
733 6779400 : switch (lib) {
734 2963484 : case SWRAP_LIBC:
735 2963484 : return "libc";
736 3728670 : case SWRAP_LIBSOCKET:
737 3728670 : return "libsocket";
738 : }
739 :
740 : /* Compiler would warn us about unhandled enum value if we get here */
741 0 : return "unknown";
742 : }
743 :
744 6779400 : static void *swrap_load_lib_handle(enum swrap_lib lib)
745 : {
746 6779400 : int flags = RTLD_LAZY;
747 6779400 : void *handle = NULL;
748 193880 : int i;
749 :
750 : #ifdef RTLD_DEEPBIND
751 6779400 : const char *env_preload = getenv("LD_PRELOAD");
752 6779400 : const char *env_deepbind = getenv("SOCKET_WRAPPER_DISABLE_DEEPBIND");
753 6779400 : bool enable_deepbind = true;
754 :
755 : /* Don't do a deepbind if we run with libasan */
756 6779400 : if (env_preload != NULL && strlen(env_preload) < 1024) {
757 6779400 : const char *p = strstr(env_preload, "libasan.so");
758 6779400 : if (p != NULL) {
759 0 : enable_deepbind = false;
760 : }
761 : }
762 :
763 6779400 : if (env_deepbind != NULL && strlen(env_deepbind) >= 1) {
764 0 : enable_deepbind = false;
765 : }
766 :
767 6779400 : if (enable_deepbind) {
768 6779400 : flags |= RTLD_DEEPBIND;
769 : }
770 : #endif
771 :
772 6779400 : switch (lib) {
773 6779400 : case SWRAP_LIBSOCKET:
774 : #ifdef HAVE_LIBSOCKET
775 : handle = swrap.libc.socket_handle;
776 : if (handle == NULL) {
777 : for (i = 10; i >= 0; i--) {
778 : char soname[256] = {0};
779 :
780 : snprintf(soname, sizeof(soname), "libsocket.so.%d", i);
781 : handle = dlopen(soname, flags);
782 : if (handle != NULL) {
783 : break;
784 : }
785 : }
786 :
787 : swrap.libc.socket_handle = handle;
788 : }
789 : break;
790 : #endif
791 : case SWRAP_LIBC:
792 6779400 : handle = swrap.libc.handle;
793 : #ifdef LIBC_SO
794 6779400 : if (handle == NULL) {
795 169485 : handle = dlopen(LIBC_SO, flags);
796 :
797 169485 : swrap.libc.handle = handle;
798 : }
799 : #endif
800 6779400 : if (handle == NULL) {
801 0 : for (i = 10; i >= 0; i--) {
802 0 : char soname[256] = {0};
803 :
804 0 : snprintf(soname, sizeof(soname), "libc.so.%d", i);
805 0 : handle = dlopen(soname, flags);
806 0 : if (handle != NULL) {
807 0 : break;
808 : }
809 : }
810 :
811 0 : swrap.libc.handle = handle;
812 : }
813 6585520 : break;
814 : }
815 :
816 6779400 : if (handle == NULL) {
817 : #ifdef RTLD_NEXT
818 0 : handle = swrap.libc.handle = swrap.libc.socket_handle = RTLD_NEXT;
819 : #else
820 : SWRAP_LOG(SWRAP_LOG_ERROR,
821 : "Failed to dlopen library: %s",
822 : dlerror());
823 : exit(-1);
824 : #endif
825 : }
826 :
827 6779400 : return handle;
828 : }
829 :
830 6779400 : static void *_swrap_bind_symbol(enum swrap_lib lib, const char *fn_name)
831 : {
832 193880 : void *handle;
833 193880 : void *func;
834 :
835 6779400 : handle = swrap_load_lib_handle(lib);
836 :
837 6779400 : func = dlsym(handle, fn_name);
838 6779400 : if (func == NULL) {
839 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
840 : "Failed to find %s: %s",
841 : fn_name,
842 : dlerror());
843 0 : exit(-1);
844 : }
845 :
846 6886034 : SWRAP_LOG(SWRAP_LOG_TRACE,
847 : "Loaded %s from %s",
848 : fn_name,
849 : swrap_str_lib(lib));
850 :
851 6779400 : return func;
852 : }
853 :
854 : #define swrap_mutex_lock(m) _swrap_mutex_lock(m, #m, __func__, __LINE__)
855 278598011 : static void _swrap_mutex_lock(pthread_mutex_t *mutex, const char *name, const char *caller, unsigned line)
856 : {
857 4468012 : int ret;
858 :
859 278598011 : ret = pthread_mutex_lock(mutex);
860 278598011 : if (ret != 0) {
861 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "PID(%d):PPID(%d): %s(%u): Couldn't lock pthread mutex(%s) - %s",
862 : getpid(), getppid(), caller, line, name, strerror(ret));
863 0 : abort();
864 : }
865 278598011 : }
866 :
867 : #define swrap_mutex_unlock(m) _swrap_mutex_unlock(m, #m, __func__, __LINE__)
868 278536572 : static void _swrap_mutex_unlock(pthread_mutex_t *mutex, const char *name, const char *caller, unsigned line)
869 : {
870 4467480 : int ret;
871 :
872 278536572 : ret = pthread_mutex_unlock(mutex);
873 278536572 : if (ret != 0) {
874 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "PID(%d):PPID(%d): %s(%u): Couldn't unlock pthread mutex(%s) - %s",
875 : getpid(), getppid(), caller, line, name, strerror(ret));
876 0 : abort();
877 : }
878 278536572 : }
879 :
880 : /*
881 : * These macros have a thread race condition on purpose!
882 : *
883 : * This is an optimization to avoid locking each time we check if the symbol is
884 : * bound.
885 : */
886 : #define _swrap_bind_symbol_generic(lib, sym_name) do { \
887 : swrap.libc.symbols._libc_##sym_name.obj = \
888 : _swrap_bind_symbol(lib, #sym_name); \
889 : } while(0);
890 :
891 : #define swrap_bind_symbol_libc(sym_name) \
892 : _swrap_bind_symbol_generic(SWRAP_LIBC, sym_name)
893 :
894 : #define swrap_bind_symbol_libsocket(sym_name) \
895 : _swrap_bind_symbol_generic(SWRAP_LIBSOCKET, sym_name)
896 :
897 : #define swrap_bind_symbol_rtld_default_optional(sym_name) do { \
898 : swrap.rtld_default.symbols._rtld_default_##sym_name.obj = \
899 : dlsym(RTLD_DEFAULT, #sym_name); \
900 : } while(0);
901 :
902 : static void swrap_bind_symbol_all(void);
903 :
904 : /****************************************************************************
905 : * IMPORTANT
906 : ****************************************************************************
907 : *
908 : * Functions especially from libc need to be loaded individually, you can't
909 : * load all at once or gdb will segfault at startup. The same applies to
910 : * valgrind and has probably something todo with with the linker. So we need
911 : * load each function at the point it is called the first time.
912 : *
913 : ****************************************************************************/
914 :
915 : #ifdef HAVE_ACCEPT4
916 208656 : static int libc_accept4(int sockfd,
917 : struct sockaddr *addr,
918 : socklen_t *addrlen,
919 : int flags)
920 : {
921 208656 : swrap_bind_symbol_all();
922 :
923 207791 : return swrap.libc.symbols._libc_accept4.f(sockfd, addr, addrlen, flags);
924 : }
925 :
926 : #else /* HAVE_ACCEPT4 */
927 :
928 : static int libc_accept(int sockfd, struct sockaddr *addr, socklen_t *addrlen)
929 : {
930 : swrap_bind_symbol_all();
931 :
932 : return swrap.libc.symbols._libc_accept.f(sockfd, addr, addrlen);
933 : }
934 : #endif /* HAVE_ACCEPT4 */
935 :
936 277857 : static int libc_bind(int sockfd,
937 : const struct sockaddr *addr,
938 : socklen_t addrlen)
939 : {
940 277857 : swrap_bind_symbol_all();
941 :
942 276681 : return swrap.libc.symbols._libc_bind.f(sockfd, addr, addrlen);
943 : }
944 :
945 67580690 : static int libc_close(int fd)
946 : {
947 67580690 : swrap_bind_symbol_all();
948 :
949 67580690 : return swrap.libc.symbols._libc_close.f(fd);
950 : }
951 :
952 : #ifdef HAVE___CLOSE_NOCANCEL
953 0 : static int libc___close_nocancel(int fd)
954 : {
955 0 : swrap_bind_symbol_all();
956 :
957 0 : return swrap.libc.symbols._libc___close_nocancel.f(fd);
958 : }
959 : #endif /* HAVE___CLOSE_NOCANCEL */
960 :
961 15446768 : static int libc_connect(int sockfd,
962 : const struct sockaddr *addr,
963 : socklen_t addrlen)
964 : {
965 15446768 : swrap_bind_symbol_all();
966 :
967 15440575 : return swrap.libc.symbols._libc_connect.f(sockfd, addr, addrlen);
968 : }
969 :
970 165776 : static int libc_dup(int fd)
971 : {
972 165776 : swrap_bind_symbol_all();
973 :
974 162246 : return swrap.libc.symbols._libc_dup.f(fd);
975 : }
976 :
977 381945 : static int libc_dup2(int oldfd, int newfd)
978 : {
979 381945 : swrap_bind_symbol_all();
980 :
981 373459 : return swrap.libc.symbols._libc_dup2.f(oldfd, newfd);
982 : }
983 :
984 : #ifdef HAVE_EVENTFD
985 48910 : static int libc_eventfd(int count, int flags)
986 : {
987 48910 : swrap_bind_symbol_all();
988 :
989 48910 : return swrap.libc.symbols._libc_eventfd.f(count, flags);
990 : }
991 : #endif
992 :
993 : DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE
994 308217408 : static int libc_vfcntl(int fd, int cmd, va_list ap)
995 : {
996 15559831 : void *arg;
997 15559831 : int rc;
998 :
999 308217408 : swrap_bind_symbol_all();
1000 :
1001 308217408 : arg = va_arg(ap, void *);
1002 :
1003 292657577 : rc = swrap.libc.symbols._libc_fcntl.f(fd, cmd, arg);
1004 :
1005 308217410 : return rc;
1006 : }
1007 :
1008 : #ifdef HAVE_FCNTL64
1009 : DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE
1010 64140 : static int libc_vfcntl64(int fd, int cmd, va_list ap)
1011 : {
1012 1345 : void *arg;
1013 1345 : int rc;
1014 :
1015 64140 : swrap_bind_symbol_all();
1016 :
1017 64140 : arg = va_arg(ap, void *);
1018 :
1019 62795 : rc = swrap.libc.symbols._libc_fcntl64.f(fd, cmd, arg);
1020 :
1021 64140 : return rc;
1022 : }
1023 : #endif
1024 :
1025 14863 : static int libc_getpeername(int sockfd,
1026 : struct sockaddr *addr,
1027 : socklen_t *addrlen)
1028 : {
1029 14863 : swrap_bind_symbol_all();
1030 :
1031 13889 : return swrap.libc.symbols._libc_getpeername.f(sockfd, addr, addrlen);
1032 : }
1033 :
1034 1409916 : static int libc_getsockname(int sockfd,
1035 : struct sockaddr *addr,
1036 : socklen_t *addrlen)
1037 : {
1038 1409916 : swrap_bind_symbol_all();
1039 :
1040 1264580 : return swrap.libc.symbols._libc_getsockname.f(sockfd, addr, addrlen);
1041 : }
1042 :
1043 489378 : static int libc_getsockopt(int sockfd,
1044 : int level,
1045 : int optname,
1046 : void *optval,
1047 : socklen_t *optlen)
1048 : {
1049 489378 : swrap_bind_symbol_all();
1050 :
1051 489353 : return swrap.libc.symbols._libc_getsockopt.f(sockfd,
1052 : level,
1053 : optname,
1054 : optval,
1055 : optlen);
1056 : }
1057 :
1058 : DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE
1059 2971036 : static int libc_vioctl(int d, unsigned long int request, va_list ap)
1060 : {
1061 42936 : void *arg;
1062 42936 : int rc;
1063 :
1064 2971036 : swrap_bind_symbol_all();
1065 :
1066 2971036 : arg = va_arg(ap, void *);
1067 :
1068 2968627 : rc = swrap.libc.symbols._libc_ioctl.f(d, request, arg);
1069 :
1070 2971036 : return rc;
1071 : }
1072 :
1073 4478 : static int libc_listen(int sockfd, int backlog)
1074 : {
1075 4478 : swrap_bind_symbol_all();
1076 :
1077 4435 : return swrap.libc.symbols._libc_listen.f(sockfd, backlog);
1078 : }
1079 :
1080 2908928 : static FILE *libc_fopen(const char *name, const char *mode)
1081 : {
1082 2908928 : swrap_bind_symbol_all();
1083 :
1084 2908928 : return swrap.libc.symbols._libc_fopen.f(name, mode);
1085 : }
1086 :
1087 : #ifdef HAVE_FOPEN64
1088 78409 : static FILE *libc_fopen64(const char *name, const char *mode)
1089 : {
1090 78409 : swrap_bind_symbol_all();
1091 :
1092 78409 : return swrap.libc.symbols._libc_fopen64.f(name, mode);
1093 : }
1094 : #endif /* HAVE_FOPEN64 */
1095 :
1096 87033545 : static void swrap_inject_o_largefile(int *flags)
1097 : {
1098 : (void)*flags; /* maybe unused */
1099 : #if SIZE_MAX == 0xffffffffUL && defined(O_LARGEFILE)
1100 : #ifdef O_PATH
1101 : if (((*flags) & O_PATH) == 0)
1102 : #endif
1103 : {
1104 : *flags |= O_LARGEFILE;
1105 : }
1106 : #endif
1107 87033545 : }
1108 :
1109 80375332 : static int libc_vopen(const char *pathname, int flags, va_list ap)
1110 : {
1111 80375332 : int mode = 0;
1112 561123 : int fd;
1113 :
1114 80375332 : swrap_bind_symbol_all();
1115 :
1116 80375332 : swrap_inject_o_largefile(&flags);
1117 :
1118 80375332 : if (flags & O_CREAT) {
1119 42271453 : mode = va_arg(ap, int);
1120 : }
1121 80375332 : fd = swrap.libc.symbols._libc_open.f(pathname, flags, (mode_t)mode);
1122 :
1123 80375332 : return fd;
1124 : }
1125 :
1126 74694926 : static int libc_open(const char *pathname, int flags, ...)
1127 : {
1128 416468 : va_list ap;
1129 416468 : int fd;
1130 :
1131 74694926 : va_start(ap, flags);
1132 74694926 : fd = libc_vopen(pathname, flags, ap);
1133 74694926 : va_end(ap);
1134 :
1135 74694926 : return fd;
1136 : }
1137 :
1138 : #ifdef HAVE_OPEN64
1139 1426908 : static int libc_vopen64(const char *pathname, int flags, va_list ap)
1140 : {
1141 1426908 : int mode = 0;
1142 82038 : int fd;
1143 :
1144 1426908 : swrap_bind_symbol_all();
1145 :
1146 1426908 : swrap_inject_o_largefile(&flags);
1147 :
1148 1426908 : if (flags & O_CREAT) {
1149 17413 : mode = va_arg(ap, int);
1150 : }
1151 1426908 : fd = swrap.libc.symbols._libc_open64.f(pathname, flags, (mode_t)mode);
1152 :
1153 1426908 : return fd;
1154 : }
1155 : #endif /* HAVE_OPEN64 */
1156 :
1157 : #ifdef HAVE_OPENAT64
1158 : static int
1159 4466 : libc_vopenat64(int dirfd, const char *pathname, int flags, va_list ap)
1160 : {
1161 4466 : int mode = 0;
1162 189 : int fd;
1163 :
1164 4466 : swrap_bind_symbol_all();
1165 :
1166 4466 : swrap_inject_o_largefile(&flags);
1167 :
1168 4466 : if (flags & O_CREAT) {
1169 0 : mode = va_arg(ap, int);
1170 : }
1171 4466 : fd = swrap.libc.symbols._libc_openat64.f(dirfd,
1172 : pathname,
1173 : flags,
1174 : (mode_t)mode);
1175 :
1176 4466 : return fd;
1177 : }
1178 : #endif /* HAVE_OPENAT64 */
1179 :
1180 5900721 : static int libc_vopenat(int dirfd, const char *path, int flags, va_list ap)
1181 : {
1182 5900721 : int mode = 0;
1183 30532 : int fd;
1184 :
1185 5900721 : swrap_bind_symbol_all();
1186 :
1187 5900721 : swrap_inject_o_largefile(&flags);
1188 :
1189 5900721 : if (flags & O_CREAT) {
1190 164298 : mode = va_arg(ap, int);
1191 : }
1192 5900721 : fd = swrap.libc.symbols._libc_openat.f(dirfd,
1193 : path,
1194 : flags,
1195 : (mode_t)mode);
1196 :
1197 5900721 : return fd;
1198 : }
1199 :
1200 : #if 0
1201 : static int libc_openat(int dirfd, const char *path, int flags, ...)
1202 : {
1203 : va_list ap;
1204 : int fd;
1205 :
1206 : va_start(ap, flags);
1207 : fd = libc_vopenat(dirfd, path, flags, ap);
1208 : va_end(ap);
1209 :
1210 : return fd;
1211 : }
1212 : #endif
1213 :
1214 869522 : static int libc_pipe(int pipefd[2])
1215 : {
1216 869522 : swrap_bind_symbol_all();
1217 :
1218 869522 : return swrap.libc.symbols._libc_pipe.f(pipefd);
1219 : }
1220 :
1221 24008737 : static int libc_read(int fd, void *buf, size_t count)
1222 : {
1223 24008737 : swrap_bind_symbol_all();
1224 :
1225 24008737 : return swrap.libc.symbols._libc_read.f(fd, buf, count);
1226 : }
1227 :
1228 13904376 : static ssize_t libc_readv(int fd, const struct iovec *iov, int iovcnt)
1229 : {
1230 13904376 : swrap_bind_symbol_all();
1231 :
1232 13874601 : return swrap.libc.symbols._libc_readv.f(fd, iov, iovcnt);
1233 : }
1234 :
1235 9005550 : static int libc_recv(int sockfd, void *buf, size_t len, int flags)
1236 : {
1237 9005550 : swrap_bind_symbol_all();
1238 :
1239 9005550 : return swrap.libc.symbols._libc_recv.f(sockfd, buf, len, flags);
1240 : }
1241 :
1242 75473 : static int libc_recvfrom(int sockfd,
1243 : void *buf,
1244 : size_t len,
1245 : int flags,
1246 : struct sockaddr *src_addr,
1247 : socklen_t *addrlen)
1248 : {
1249 75473 : swrap_bind_symbol_all();
1250 :
1251 75473 : return swrap.libc.symbols._libc_recvfrom.f(sockfd,
1252 : buf,
1253 : len,
1254 : flags,
1255 : src_addr,
1256 : addrlen);
1257 : }
1258 :
1259 3439694 : static int libc_recvmsg(int sockfd, struct msghdr *msg, int flags)
1260 : {
1261 3439694 : swrap_bind_symbol_all();
1262 :
1263 3439694 : return swrap.libc.symbols._libc_recvmsg.f(sockfd, msg, flags);
1264 : }
1265 :
1266 : #ifdef HAVE_RECVMMSG
1267 : #if defined(HAVE_RECVMMSG_SSIZE_T_CONST_TIMEOUT)
1268 : /* FreeBSD */
1269 : static ssize_t libc_recvmmsg(int sockfd, struct mmsghdr *msgvec, size_t vlen, int flags, const struct timespec *timeout)
1270 : #elif defined(HAVE_RECVMMSG_CONST_TIMEOUT)
1271 : /* Linux legacy glibc < 2.21 */
1272 : static int libc_recvmmsg(int sockfd, struct mmsghdr *msgvec, unsigned int vlen, int flags, const struct timespec *timeout)
1273 : #else
1274 : /* Linux glibc >= 2.21 */
1275 0 : static int libc_recvmmsg(int sockfd, struct mmsghdr *msgvec, unsigned int vlen, int flags, struct timespec *timeout)
1276 : #endif
1277 : {
1278 0 : swrap_bind_symbol_all();
1279 :
1280 0 : return swrap.libc.symbols._libc_recvmmsg.f(sockfd, msgvec, vlen, flags, timeout);
1281 : }
1282 : #endif
1283 :
1284 1024909 : static int libc_send(int sockfd, const void *buf, size_t len, int flags)
1285 : {
1286 1024909 : swrap_bind_symbol_all();
1287 :
1288 1024909 : return swrap.libc.symbols._libc_send.f(sockfd, buf, len, flags);
1289 : }
1290 :
1291 2396149 : static int libc_sendmsg(int sockfd, const struct msghdr *msg, int flags)
1292 : {
1293 2396149 : swrap_bind_symbol_all();
1294 :
1295 2396149 : return swrap.libc.symbols._libc_sendmsg.f(sockfd, msg, flags);
1296 : }
1297 :
1298 : #ifdef HAVE_SENDMMSG
1299 : #if defined(HAVE_SENDMMSG_SSIZE_T)
1300 : /* FreeBSD */
1301 : static ssize_t libc_sendmmsg(int sockfd, struct mmsghdr *msgvec, size_t vlen, int flags)
1302 : #else
1303 : /* Linux */
1304 69 : static int libc_sendmmsg(int sockfd, struct mmsghdr *msgvec, unsigned int vlen, int flags)
1305 : #endif
1306 : {
1307 69 : swrap_bind_symbol_all();
1308 :
1309 69 : return swrap.libc.symbols._libc_sendmmsg.f(sockfd, msgvec, vlen, flags);
1310 : }
1311 : #endif
1312 :
1313 63467 : static int libc_sendto(int sockfd,
1314 : const void *buf,
1315 : size_t len,
1316 : int flags,
1317 : const struct sockaddr *dst_addr,
1318 : socklen_t addrlen)
1319 : {
1320 63467 : swrap_bind_symbol_all();
1321 :
1322 63467 : return swrap.libc.symbols._libc_sendto.f(sockfd,
1323 : buf,
1324 : len,
1325 : flags,
1326 : dst_addr,
1327 : addrlen);
1328 : }
1329 :
1330 63461 : static int libc_setsockopt(int sockfd,
1331 : int level,
1332 : int optname,
1333 : const void *optval,
1334 : socklen_t optlen)
1335 : {
1336 63461 : swrap_bind_symbol_all();
1337 :
1338 63461 : return swrap.libc.symbols._libc_setsockopt.f(sockfd,
1339 : level,
1340 : optname,
1341 : optval,
1342 : optlen);
1343 : }
1344 :
1345 : #ifdef HAVE_SIGNALFD
1346 0 : static int libc_signalfd(int fd, const sigset_t *mask, int flags)
1347 : {
1348 0 : swrap_bind_symbol_all();
1349 :
1350 0 : return swrap.libc.symbols._libc_signalfd.f(fd, mask, flags);
1351 : }
1352 : #endif
1353 :
1354 1770688 : static int libc_socket(int domain, int type, int protocol)
1355 : {
1356 1770688 : swrap_bind_symbol_all();
1357 :
1358 1770666 : return swrap.libc.symbols._libc_socket.f(domain, type, protocol);
1359 : }
1360 :
1361 1883 : static int libc_socketpair(int domain, int type, int protocol, int sv[2])
1362 : {
1363 1883 : swrap_bind_symbol_all();
1364 :
1365 1883 : return swrap.libc.symbols._libc_socketpair.f(domain, type, protocol, sv);
1366 : }
1367 :
1368 : #ifdef HAVE_TIMERFD_CREATE
1369 0 : static int libc_timerfd_create(int clockid, int flags)
1370 : {
1371 0 : swrap_bind_symbol_all();
1372 :
1373 0 : return swrap.libc.symbols._libc_timerfd_create.f(clockid, flags);
1374 : }
1375 : #endif
1376 :
1377 23183331 : static ssize_t libc_write(int fd, const void *buf, size_t count)
1378 : {
1379 23183331 : swrap_bind_symbol_all();
1380 :
1381 5689847 : return swrap.libc.symbols._libc_write.f(fd, buf, count);
1382 : }
1383 :
1384 13743293 : static ssize_t libc_writev(int fd, const struct iovec *iov, int iovcnt)
1385 : {
1386 13743293 : swrap_bind_symbol_all();
1387 :
1388 13724607 : return swrap.libc.symbols._libc_writev.f(fd, iov, iovcnt);
1389 : }
1390 :
1391 : #ifdef HAVE_SYSCALL
1392 : DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE
1393 749634 : static long int libc_vsyscall(long int sysno, va_list va)
1394 : {
1395 1466 : long int args[8];
1396 1466 : long int rc;
1397 1466 : int i;
1398 :
1399 749634 : swrap_bind_symbol_all();
1400 :
1401 6746706 : for (i = 0; i < 8; i++) {
1402 5997072 : args[i] = va_arg(va, long int);
1403 : }
1404 :
1405 749634 : rc = swrap.libc.symbols._libc_syscall.f(sysno,
1406 : args[0],
1407 : args[1],
1408 : args[2],
1409 : args[3],
1410 : args[4],
1411 : args[5],
1412 : args[6],
1413 : args[7]);
1414 :
1415 749634 : return rc;
1416 : }
1417 :
1418 36773361 : static bool swrap_uwrap_syscall_valid(long int sysno)
1419 : {
1420 36773361 : swrap_bind_symbol_all();
1421 :
1422 36773361 : if (swrap.rtld_default.symbols._rtld_default_uid_wrapper_syscall_valid.f == NULL) {
1423 0 : return false;
1424 : }
1425 :
1426 36773361 : return swrap.rtld_default.symbols._rtld_default_uid_wrapper_syscall_valid.f(
1427 : sysno);
1428 : }
1429 :
1430 : DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE
1431 36023727 : static long int swrap_uwrap_syscall_va(long int sysno, va_list va)
1432 : {
1433 36023727 : swrap_bind_symbol_all();
1434 :
1435 36023727 : if (swrap.rtld_default.symbols._rtld_default_uid_wrapper_syscall_va.f == NULL) {
1436 : /*
1437 : * Fallback to libc, if uid_wrapper_syscall_va is not
1438 : * available.
1439 : */
1440 0 : return libc_vsyscall(sysno, va);
1441 : }
1442 :
1443 36023727 : return swrap.rtld_default.symbols._rtld_default_uid_wrapper_syscall_va.f(
1444 : sysno,
1445 : va);
1446 : }
1447 : #endif /* HAVE_SYSCALL */
1448 :
1449 : /* DO NOT call this function during library initialization! */
1450 169485 : static void __swrap_bind_symbol_all_once(void)
1451 : {
1452 : #ifdef HAVE_ACCEPT4
1453 169485 : swrap_bind_symbol_libsocket(accept4);
1454 : #else
1455 : swrap_bind_symbol_libsocket(accept);
1456 : #endif
1457 169485 : swrap_bind_symbol_libsocket(bind);
1458 169485 : swrap_bind_symbol_libc(close);
1459 : #ifdef HAVE___CLOSE_NOCANCEL
1460 169485 : swrap_bind_symbol_libc(__close_nocancel);
1461 : #endif
1462 169485 : swrap_bind_symbol_libsocket(connect);
1463 169485 : swrap_bind_symbol_libc(dup);
1464 169485 : swrap_bind_symbol_libc(dup2);
1465 169485 : swrap_bind_symbol_libc(fcntl);
1466 : #ifdef HAVE_FCNTL64
1467 169485 : swrap_bind_symbol_libc(fcntl64);
1468 : #endif
1469 169485 : swrap_bind_symbol_libc(fopen);
1470 : #ifdef HAVE_FOPEN64
1471 169485 : swrap_bind_symbol_libc(fopen64);
1472 : #endif
1473 : #ifdef HAVE_EVENTFD
1474 169485 : swrap_bind_symbol_libc(eventfd);
1475 : #endif
1476 169485 : swrap_bind_symbol_libsocket(getpeername);
1477 169485 : swrap_bind_symbol_libsocket(getsockname);
1478 169485 : swrap_bind_symbol_libsocket(getsockopt);
1479 169485 : swrap_bind_symbol_libc(ioctl);
1480 169485 : swrap_bind_symbol_libsocket(listen);
1481 169485 : swrap_bind_symbol_libc(open);
1482 : #ifdef HAVE_OPEN64
1483 169485 : swrap_bind_symbol_libc(open64);
1484 : #endif
1485 : #ifdef HAVE_OPENAT64
1486 169485 : swrap_bind_symbol_libc(openat64);
1487 : #endif
1488 169485 : swrap_bind_symbol_libc(openat);
1489 169485 : swrap_bind_symbol_libsocket(pipe);
1490 169485 : swrap_bind_symbol_libc(read);
1491 169485 : swrap_bind_symbol_libsocket(readv);
1492 169485 : swrap_bind_symbol_libsocket(recv);
1493 169485 : swrap_bind_symbol_libsocket(recvfrom);
1494 169485 : swrap_bind_symbol_libsocket(recvmsg);
1495 : #ifdef HAVE_RECVMMSG
1496 169485 : swrap_bind_symbol_libsocket(recvmmsg);
1497 : #endif
1498 169485 : swrap_bind_symbol_libsocket(send);
1499 169485 : swrap_bind_symbol_libsocket(sendmsg);
1500 : #ifdef HAVE_SENDMMSG
1501 169485 : swrap_bind_symbol_libsocket(sendmmsg);
1502 : #endif
1503 169485 : swrap_bind_symbol_libsocket(sendto);
1504 169485 : swrap_bind_symbol_libsocket(setsockopt);
1505 : #ifdef HAVE_SIGNALFD
1506 169485 : swrap_bind_symbol_libsocket(signalfd);
1507 : #endif
1508 169485 : swrap_bind_symbol_libsocket(socket);
1509 169485 : swrap_bind_symbol_libsocket(socketpair);
1510 : #ifdef HAVE_TIMERFD_CREATE
1511 169485 : swrap_bind_symbol_libc(timerfd_create);
1512 : #endif
1513 169485 : swrap_bind_symbol_libc(write);
1514 169485 : swrap_bind_symbol_libsocket(writev);
1515 : #ifdef HAVE_SYSCALL
1516 169485 : swrap_bind_symbol_libc(syscall);
1517 169485 : swrap_bind_symbol_rtld_default_optional(uid_wrapper_syscall_valid);
1518 169485 : swrap_bind_symbol_rtld_default_optional(uid_wrapper_syscall_va);
1519 : #endif
1520 169485 : }
1521 :
1522 658169488 : static void swrap_bind_symbol_all(void)
1523 : {
1524 52989325 : static pthread_once_t all_symbol_binding_once = PTHREAD_ONCE_INIT;
1525 :
1526 609132143 : pthread_once(&all_symbol_binding_once, __swrap_bind_symbol_all_once);
1527 605180151 : }
1528 :
1529 : /*********************************************************
1530 : * SWRAP HELPER FUNCTIONS
1531 : *********************************************************/
1532 :
1533 : /*
1534 : * We return 127.0.0.0 (default) or 10.53.57.0.
1535 : *
1536 : * This can be controlled by:
1537 : * SOCKET_WRAPPER_IPV4_NETWORK=127.0.0.0 (default)
1538 : * or
1539 : * SOCKET_WRAPPER_IPV4_NETWORK=10.53.57.0
1540 : */
1541 31405482 : static in_addr_t swrap_ipv4_net(void)
1542 : {
1543 26098 : static int initialized;
1544 26098 : static in_addr_t hv;
1545 31405482 : const char *net_str = NULL;
1546 26098 : struct in_addr nv;
1547 26098 : int ret;
1548 :
1549 31405482 : if (initialized) {
1550 31365634 : return hv;
1551 : }
1552 39848 : initialized = 1;
1553 :
1554 39848 : net_str = getenv("SOCKET_WRAPPER_IPV4_NETWORK");
1555 39848 : if (net_str == NULL) {
1556 0 : net_str = "127.0.0.0";
1557 : }
1558 :
1559 39848 : ret = inet_pton(AF_INET, net_str, &nv);
1560 39848 : if (ret <= 0) {
1561 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
1562 : "INVALID IPv4 Network [%s]",
1563 : net_str);
1564 0 : abort();
1565 : }
1566 :
1567 39848 : hv = ntohl(nv.s_addr);
1568 :
1569 39848 : switch (hv) {
1570 2 : case 0x7f000000:
1571 : /* 127.0.0.0 */
1572 2 : break;
1573 39553 : case 0x0a353900:
1574 : /* 10.53.57.0 */
1575 39553 : break;
1576 0 : default:
1577 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
1578 : "INVALID IPv4 Network [%s][0x%x] should be "
1579 : "127.0.0.0 or 10.53.57.0",
1580 : net_str, (unsigned)hv);
1581 0 : abort();
1582 : }
1583 :
1584 39555 : return hv;
1585 : }
1586 :
1587 : /*
1588 : * This returns 127.255.255.255 or 10.255.255.255
1589 : */
1590 15425468 : static in_addr_t swrap_ipv4_bcast(void)
1591 : {
1592 7239 : in_addr_t hv;
1593 :
1594 15432707 : hv = swrap_ipv4_net();
1595 15425468 : hv |= IN_CLASSA_HOST;
1596 :
1597 15425468 : return hv;
1598 : }
1599 :
1600 : /*
1601 : * This returns 127.0.0.${iface} or 10.53.57.${iface}
1602 : */
1603 514698 : static in_addr_t swrap_ipv4_iface(unsigned int iface)
1604 : {
1605 11327 : in_addr_t hv;
1606 :
1607 514698 : if (iface == 0 || iface > MAX_WRAPPED_INTERFACES) {
1608 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
1609 : "swrap_ipv4_iface(%u) invalid!",
1610 : iface);
1611 0 : abort();
1612 : return -1;
1613 : }
1614 :
1615 514698 : hv = swrap_ipv4_net();
1616 514698 : hv |= iface;
1617 :
1618 514698 : return hv;
1619 : }
1620 :
1621 : #ifdef HAVE_IPV6
1622 : /*
1623 : * FD00::5357:5FXX
1624 : */
1625 6367 : static const struct in6_addr *swrap_ipv6(void)
1626 : {
1627 76 : static struct in6_addr v;
1628 76 : static int initialized;
1629 76 : int ret;
1630 :
1631 6367 : if (initialized) {
1632 5249 : return &v;
1633 : }
1634 1057 : initialized = 1;
1635 :
1636 1057 : ret = inet_pton(AF_INET6, "FD00::5357:5F00", &v);
1637 1057 : if (ret <= 0) {
1638 0 : abort();
1639 : }
1640 :
1641 1042 : return &v;
1642 : }
1643 : #endif
1644 :
1645 213635 : static void set_port(int family, int prt, struct swrap_address *addr)
1646 : {
1647 213635 : switch (family) {
1648 212697 : case AF_INET:
1649 212697 : addr->sa.in.sin_port = htons(prt);
1650 212697 : break;
1651 : #ifdef HAVE_IPV6
1652 938 : case AF_INET6:
1653 938 : addr->sa.in6.sin6_port = htons(prt);
1654 938 : break;
1655 : #endif
1656 : }
1657 208948 : }
1658 :
1659 147245 : static size_t socket_length(int family)
1660 : {
1661 147245 : switch (family) {
1662 143121 : case AF_INET:
1663 143121 : return sizeof(struct sockaddr_in);
1664 : #ifdef HAVE_IPV6
1665 50 : case AF_INET6:
1666 50 : return sizeof(struct sockaddr_in6);
1667 : #endif
1668 : }
1669 0 : return 0;
1670 : }
1671 :
1672 : struct swrap_sockaddr_buf {
1673 : char str[128];
1674 : };
1675 :
1676 30543649 : static const char *swrap_sockaddr_string(struct swrap_sockaddr_buf *buf,
1677 : const struct sockaddr *saddr)
1678 : {
1679 30543649 : unsigned int port = 0;
1680 30543649 : char addr[64] = {0,};
1681 :
1682 30543649 : switch (saddr->sa_family) {
1683 30540641 : case AF_INET: {
1684 30540641 : const struct sockaddr_in *in =
1685 : (const struct sockaddr_in *)(const void *)saddr;
1686 :
1687 30540641 : port = ntohs(in->sin_port);
1688 :
1689 30540641 : inet_ntop(saddr->sa_family,
1690 30540641 : &in->sin_addr,
1691 : addr, sizeof(addr));
1692 30540641 : break;
1693 : }
1694 : #ifdef HAVE_IPV6
1695 3008 : case AF_INET6: {
1696 3008 : const struct sockaddr_in6 *in6 =
1697 : (const struct sockaddr_in6 *)(const void *)saddr;
1698 :
1699 3008 : port = ntohs(in6->sin6_port);
1700 :
1701 3008 : inet_ntop(saddr->sa_family,
1702 3008 : &in6->sin6_addr,
1703 : addr, sizeof(addr));
1704 3008 : break;
1705 : }
1706 : #endif
1707 0 : default:
1708 0 : snprintf(addr, sizeof(addr),
1709 : "<Unknown address family %u>",
1710 0 : saddr->sa_family);
1711 0 : break;
1712 : }
1713 :
1714 30543649 : snprintf(buf->str, sizeof(buf->str),
1715 : "addr[%s]/port[%u]",
1716 : addr, port);
1717 :
1718 30543649 : return buf->str;
1719 : }
1720 :
1721 62747121 : static struct socket_info *swrap_get_socket_info(int si_index)
1722 : {
1723 62747121 : return (struct socket_info *)(&(sockets[si_index].info));
1724 : }
1725 :
1726 2021401 : static int swrap_get_refcount(struct socket_info *si)
1727 : {
1728 2021401 : struct socket_info_container *sic = SOCKET_INFO_CONTAINER(si);
1729 2021401 : return sic->meta.refcount;
1730 : }
1731 :
1732 1725059 : static void swrap_inc_refcount(struct socket_info *si)
1733 : {
1734 1725059 : struct socket_info_container *sic = SOCKET_INFO_CONTAINER(si);
1735 :
1736 1725059 : sic->meta.refcount += 1;
1737 1694678 : }
1738 :
1739 2021401 : static void swrap_dec_refcount(struct socket_info *si)
1740 : {
1741 2021401 : struct socket_info_container *sic = SOCKET_INFO_CONTAINER(si);
1742 :
1743 2021401 : sic->meta.refcount -= 1;
1744 1986618 : }
1745 :
1746 1709054 : static int swrap_get_next_free(struct socket_info *si)
1747 : {
1748 1709054 : struct socket_info_container *sic = SOCKET_INFO_CONTAINER(si);
1749 :
1750 1709054 : return sic->meta.next_free;
1751 : }
1752 :
1753 2613483924 : static void swrap_set_next_free(struct socket_info *si, int next_free)
1754 : {
1755 2613483924 : struct socket_info_container *sic = SOCKET_INFO_CONTAINER(si);
1756 :
1757 2613483924 : sic->meta.next_free = next_free;
1758 2594247093 : }
1759 :
1760 33689993 : static int swrap_un_path(struct sockaddr_un *un,
1761 : const char *swrap_dir,
1762 : char type,
1763 : unsigned int iface,
1764 : unsigned int prt)
1765 : {
1766 59724 : int ret;
1767 :
1768 33689993 : ret = snprintf(un->sun_path,
1769 : sizeof(un->sun_path),
1770 : "%s/"SOCKET_FORMAT,
1771 : swrap_dir,
1772 : type,
1773 : iface,
1774 : prt);
1775 33673886 : if ((size_t)ret >= sizeof(un->sun_path)) {
1776 0 : return ENAMETOOLONG;
1777 : }
1778 :
1779 33630269 : return 0;
1780 : }
1781 :
1782 4990 : static int swrap_un_path_EINVAL(struct sockaddr_un *un,
1783 : const char *swrap_dir)
1784 : {
1785 65 : int ret;
1786 :
1787 4990 : ret = snprintf(un->sun_path,
1788 : sizeof(un->sun_path),
1789 : "%s/EINVAL",
1790 : swrap_dir);
1791 :
1792 4925 : if ((size_t)ret >= sizeof(un->sun_path)) {
1793 0 : return ENAMETOOLONG;
1794 : }
1795 :
1796 4925 : return 0;
1797 : }
1798 :
1799 17406076 : static bool swrap_dir_usable(const char *swrap_dir)
1800 : {
1801 43617 : struct sockaddr_un un;
1802 43617 : int ret;
1803 :
1804 17406076 : ret = swrap_un_path(&un, swrap_dir, SOCKET_TYPE_CHAR_TCP, 0, 0);
1805 17362459 : if (ret == 0) {
1806 17362459 : return true;
1807 : }
1808 :
1809 0 : ret = swrap_un_path_EINVAL(&un, swrap_dir);
1810 0 : if (ret == 0) {
1811 0 : return true;
1812 : }
1813 :
1814 0 : return false;
1815 : }
1816 :
1817 17406099 : static char *socket_wrapper_dir(void)
1818 : {
1819 17406099 : char *swrap_dir = NULL;
1820 17406099 : char *s = getenv("SOCKET_WRAPPER_DIR");
1821 43640 : char *t;
1822 43640 : bool ok;
1823 :
1824 17406099 : if (s == NULL || s[0] == '\0') {
1825 23 : SWRAP_LOG(SWRAP_LOG_WARN, "SOCKET_WRAPPER_DIR not set");
1826 23 : return NULL;
1827 : }
1828 :
1829 17406076 : swrap_dir = realpath(s, NULL);
1830 17406076 : if (swrap_dir == NULL) {
1831 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
1832 : "Unable to resolve socket_wrapper dir path: %s - %s",
1833 : s,
1834 : strerror(errno));
1835 0 : abort();
1836 : }
1837 :
1838 17406076 : ok = swrap_dir_usable(swrap_dir);
1839 17406076 : if (ok) {
1840 17406076 : goto done;
1841 : }
1842 :
1843 0 : free(swrap_dir);
1844 :
1845 0 : ok = swrap_dir_usable(s);
1846 0 : if (!ok) {
1847 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "SOCKET_WRAPPER_DIR is too long");
1848 0 : abort();
1849 : }
1850 :
1851 0 : t = getenv("SOCKET_WRAPPER_DIR_ALLOW_ORIG");
1852 0 : if (t == NULL) {
1853 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
1854 : "realpath(SOCKET_WRAPPER_DIR) too long and "
1855 : "SOCKET_WRAPPER_DIR_ALLOW_ORIG not set");
1856 0 : abort();
1857 :
1858 : }
1859 :
1860 0 : swrap_dir = strdup(s);
1861 0 : if (swrap_dir == NULL) {
1862 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
1863 : "Unable to duplicate socket_wrapper dir path");
1864 0 : abort();
1865 : }
1866 :
1867 0 : SWRAP_LOG(SWRAP_LOG_WARN,
1868 : "realpath(SOCKET_WRAPPER_DIR) too long, "
1869 : "using original SOCKET_WRAPPER_DIR\n");
1870 :
1871 17406076 : done:
1872 17406076 : SWRAP_LOG(SWRAP_LOG_TRACE, "socket_wrapper_dir: %s", swrap_dir);
1873 17406076 : return swrap_dir;
1874 : }
1875 :
1876 37391798 : static unsigned int socket_wrapper_mtu(void)
1877 : {
1878 164162 : static unsigned int max_mtu = 0;
1879 164162 : unsigned int tmp;
1880 164162 : const char *s;
1881 164162 : char *endp;
1882 :
1883 37391798 : swrap_mutex_lock(&mtu_update_mutex);
1884 :
1885 37391798 : if (max_mtu != 0) {
1886 37324735 : goto done;
1887 : }
1888 :
1889 67063 : max_mtu = SOCKET_WRAPPER_MTU_DEFAULT;
1890 :
1891 67063 : s = getenv("SOCKET_WRAPPER_MTU");
1892 67063 : if (s == NULL) {
1893 67048 : goto done;
1894 : }
1895 :
1896 15 : tmp = strtol(s, &endp, 10);
1897 15 : if (s == endp) {
1898 0 : goto done;
1899 : }
1900 :
1901 15 : if (tmp < SOCKET_WRAPPER_MTU_MIN || tmp > SOCKET_WRAPPER_MTU_MAX) {
1902 0 : goto done;
1903 : }
1904 15 : max_mtu = tmp;
1905 :
1906 37391798 : done:
1907 37391798 : swrap_mutex_unlock(&mtu_update_mutex);
1908 37391798 : return max_mtu;
1909 : }
1910 :
1911 1247834 : static int _socket_wrapper_init_mutex(pthread_mutex_t *m, const char *name)
1912 : {
1913 34461 : pthread_mutexattr_t ma;
1914 1247834 : bool need_destroy = false;
1915 1247834 : int ret = 0;
1916 :
1917 : #define __CHECK(cmd) do { \
1918 : ret = cmd; \
1919 : if (ret != 0) { \
1920 : SWRAP_LOG(SWRAP_LOG_ERROR, \
1921 : "%s: %s - failed %d", \
1922 : name, #cmd, ret); \
1923 : goto done; \
1924 : } \
1925 : } while(0)
1926 :
1927 1247834 : *m = (pthread_mutex_t)PTHREAD_MUTEX_INITIALIZER;
1928 1247834 : __CHECK(pthread_mutexattr_init(&ma));
1929 1247834 : need_destroy = true;
1930 1247834 : __CHECK(pthread_mutexattr_settype(&ma, PTHREAD_MUTEX_ERRORCHECK));
1931 1247834 : __CHECK(pthread_mutex_init(m, &ma));
1932 1247834 : done:
1933 1213373 : if (need_destroy) {
1934 1247834 : pthread_mutexattr_destroy(&ma);
1935 : }
1936 1247834 : return ret;
1937 : }
1938 :
1939 39848 : static size_t socket_wrapper_max_sockets(void)
1940 : {
1941 293 : const char *s;
1942 293 : size_t tmp;
1943 293 : char *endp;
1944 :
1945 39848 : if (socket_info_max != 0) {
1946 0 : return socket_info_max;
1947 : }
1948 :
1949 39848 : socket_info_max = SOCKET_WRAPPER_MAX_SOCKETS_DEFAULT;
1950 :
1951 39848 : s = getenv("SOCKET_WRAPPER_MAX_SOCKETS");
1952 39848 : if (s == NULL || s[0] == '\0') {
1953 39848 : goto done;
1954 : }
1955 :
1956 0 : tmp = strtoul(s, &endp, 10);
1957 0 : if (s == endp) {
1958 0 : goto done;
1959 : }
1960 0 : if (tmp == 0) {
1961 0 : tmp = SOCKET_WRAPPER_MAX_SOCKETS_DEFAULT;
1962 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
1963 : "Invalid number of sockets specified, "
1964 : "using default (%zu)",
1965 : tmp);
1966 : }
1967 :
1968 0 : if (tmp > SOCKET_WRAPPER_MAX_SOCKETS_LIMIT) {
1969 0 : tmp = SOCKET_WRAPPER_MAX_SOCKETS_LIMIT;
1970 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
1971 : "Invalid number of sockets specified, "
1972 : "using maximum (%zu).",
1973 : tmp);
1974 : }
1975 :
1976 0 : socket_info_max = tmp;
1977 :
1978 39848 : done:
1979 39848 : return socket_info_max;
1980 : }
1981 :
1982 39848 : static void socket_wrapper_init_fds_idx(void)
1983 : {
1984 39848 : int *tmp = NULL;
1985 293 : size_t i;
1986 :
1987 39848 : if (socket_fds_idx != NULL) {
1988 0 : return;
1989 : }
1990 :
1991 39848 : tmp = (int *)calloc(socket_fds_max, sizeof(int));
1992 39848 : if (tmp == NULL) {
1993 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
1994 : "Failed to allocate socket fds index array: %s",
1995 : strerror(errno));
1996 0 : exit(-1);
1997 : }
1998 :
1999 10445794568 : for (i = 0; i < socket_fds_max; i++) {
2000 10445754720 : tmp[i] = -1;
2001 : }
2002 :
2003 39848 : socket_fds_idx = tmp;
2004 : }
2005 :
2006 1771052 : static void socket_wrapper_init_sockets(void)
2007 : {
2008 31607 : size_t max_sockets;
2009 31607 : size_t i;
2010 1771052 : int ret = 0;
2011 :
2012 1771052 : swrap_bind_symbol_all();
2013 :
2014 1771052 : swrap_mutex_lock(&sockets_mutex);
2015 :
2016 1771052 : if (sockets != NULL) {
2017 1731204 : swrap_mutex_unlock(&sockets_mutex);
2018 1731204 : return;
2019 : }
2020 :
2021 39848 : SWRAP_LOG(SWRAP_LOG_DEBUG,
2022 : "SOCKET_WRAPPER_PACKAGE[%s] SOCKET_WRAPPER_VERSION[%s]",
2023 : SOCKET_WRAPPER_PACKAGE, SOCKET_WRAPPER_VERSION);
2024 :
2025 : /*
2026 : * Intialize the static cache early before
2027 : * any thread is able to start.
2028 : */
2029 39848 : (void)swrap_ipv4_net();
2030 :
2031 39848 : socket_wrapper_init_fds_idx();
2032 :
2033 : /* Needs to be called inside the sockets_mutex lock here. */
2034 39848 : max_sockets = socket_wrapper_max_sockets();
2035 :
2036 39848 : sockets = (struct socket_info_container *)calloc(max_sockets,
2037 : sizeof(struct socket_info_container));
2038 :
2039 39848 : if (sockets == NULL) {
2040 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
2041 : "Failed to allocate sockets array: %s",
2042 : strerror(errno));
2043 0 : swrap_mutex_unlock(&sockets_mutex);
2044 0 : exit(-1);
2045 : }
2046 :
2047 39848 : swrap_mutex_lock(&first_free_mutex);
2048 39848 : swrap_mutex_lock(&sockets_si_global);
2049 :
2050 39848 : first_free = 0;
2051 :
2052 2611478528 : for (i = 0; i < max_sockets; i++) {
2053 2611438680 : swrap_set_next_free(&sockets[i].info, i+1);
2054 : }
2055 :
2056 : /* mark the end of the free list */
2057 39848 : swrap_set_next_free(&sockets[max_sockets-1].info, -1);
2058 :
2059 39848 : swrap_mutex_unlock(&sockets_si_global);
2060 39848 : swrap_mutex_unlock(&first_free_mutex);
2061 39848 : swrap_mutex_unlock(&sockets_mutex);
2062 39848 : if (ret != 0) {
2063 0 : exit(-1);
2064 : }
2065 : }
2066 :
2067 1771075 : bool socket_wrapper_enabled(void)
2068 : {
2069 1771075 : char *s = socket_wrapper_dir();
2070 :
2071 1771075 : if (s == NULL) {
2072 0 : return false;
2073 : }
2074 :
2075 1771052 : SAFE_FREE(s);
2076 :
2077 1771052 : socket_wrapper_init_sockets();
2078 :
2079 1771052 : return true;
2080 : }
2081 :
2082 428694 : static unsigned int socket_wrapper_default_iface(void)
2083 : {
2084 428694 : const char *s = getenv("SOCKET_WRAPPER_DEFAULT_IFACE");
2085 428694 : if (s) {
2086 9425 : unsigned int iface;
2087 425010 : if (sscanf(s, "%u", &iface) == 1) {
2088 425010 : if (iface >= 1 && iface <= MAX_WRAPPED_INTERFACES) {
2089 425010 : return iface;
2090 : }
2091 : }
2092 : }
2093 :
2094 3612 : return 1;/* 127.0.0.1 */
2095 : }
2096 :
2097 3746460 : static void set_socket_info_index(int fd, int idx)
2098 : {
2099 3746460 : SWRAP_LOG(SWRAP_LOG_TRACE,
2100 : "fd=%d idx=%d",
2101 : fd, idx);
2102 3746460 : socket_fds_idx[fd] = idx;
2103 : /* This builtin issues a full memory barrier. */
2104 3746460 : __sync_synchronize();
2105 3746460 : }
2106 :
2107 2021401 : static void reset_socket_info_index(int fd)
2108 : {
2109 2021401 : SWRAP_LOG(SWRAP_LOG_TRACE,
2110 : "fd=%d idx=%d",
2111 : fd, -1);
2112 2021401 : set_socket_info_index(fd, -1);
2113 2021401 : }
2114 :
2115 504171531 : static int find_socket_info_index(int fd)
2116 : {
2117 504171531 : if (fd < 0) {
2118 280 : return -1;
2119 : }
2120 :
2121 504171251 : if (socket_fds_idx == NULL) {
2122 75775474 : return -1;
2123 : }
2124 :
2125 381607647 : if ((size_t)fd >= socket_fds_max) {
2126 : /*
2127 : * Do not add a log here as some applications do stupid things
2128 : * like:
2129 : *
2130 : * for (fd = 0; fd <= getdtablesize(); fd++) {
2131 : * close(fd)
2132 : * };
2133 : *
2134 : * This would produce millions of lines of debug messages.
2135 : */
2136 : #if 0
2137 : SWRAP_LOG(SWRAP_LOG_ERROR,
2138 : "Looking for a socket info for the fd %d is over the "
2139 : "max socket index limit of %zu.",
2140 : fd,
2141 : socket_fds_max);
2142 : #endif
2143 0 : return -1;
2144 : }
2145 :
2146 : /* This builtin issues a full memory barrier. */
2147 381607647 : __sync_synchronize();
2148 381607647 : return socket_fds_idx[fd];
2149 : }
2150 :
2151 1709054 : static int swrap_add_socket_info(const struct socket_info *si_input)
2152 : {
2153 1709054 : struct socket_info *si = NULL;
2154 1709054 : int si_index = -1;
2155 :
2156 1709054 : if (si_input == NULL) {
2157 0 : errno = EINVAL;
2158 0 : return -1;
2159 : }
2160 :
2161 1709054 : swrap_mutex_lock(&first_free_mutex);
2162 1709054 : if (first_free == -1) {
2163 0 : errno = ENFILE;
2164 0 : goto out;
2165 : }
2166 :
2167 1709054 : si_index = first_free;
2168 1709054 : si = swrap_get_socket_info(si_index);
2169 :
2170 1709054 : SWRAP_LOCK_SI(si);
2171 :
2172 1709054 : first_free = swrap_get_next_free(si);
2173 1709054 : *si = *si_input;
2174 1709054 : swrap_inc_refcount(si);
2175 :
2176 1709054 : SWRAP_UNLOCK_SI(si);
2177 :
2178 1709054 : out:
2179 1709054 : swrap_mutex_unlock(&first_free_mutex);
2180 :
2181 1709054 : return si_index;
2182 : }
2183 :
2184 1707201 : static int swrap_create_socket(struct socket_info *si, int fd)
2185 : {
2186 30329 : int idx;
2187 :
2188 1707201 : if ((size_t)fd >= socket_fds_max) {
2189 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
2190 : "The max socket index limit of %zu has been reached, "
2191 : "trying to add %d",
2192 : socket_fds_max,
2193 : fd);
2194 0 : errno = EMFILE;
2195 0 : return -1;
2196 : }
2197 :
2198 1707201 : idx = swrap_add_socket_info(si);
2199 1707201 : if (idx == -1) {
2200 0 : return -1;
2201 : }
2202 :
2203 1707201 : set_socket_info_index(fd, idx);
2204 :
2205 1707201 : return idx;
2206 : }
2207 :
2208 302600 : static int convert_un_in(const struct sockaddr_un *un, struct sockaddr *in, socklen_t *len)
2209 : {
2210 6591 : unsigned int iface;
2211 6591 : unsigned int prt;
2212 6591 : const char *p;
2213 6591 : char type;
2214 :
2215 302600 : p = strrchr(un->sun_path, '/');
2216 302600 : if (p) p++; else p = un->sun_path;
2217 :
2218 302600 : if (sscanf(p, SOCKET_FORMAT, &type, &iface, &prt) != 3) {
2219 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "sun_path[%s] p[%s]",
2220 : un->sun_path, p);
2221 0 : errno = EINVAL;
2222 0 : return -1;
2223 : }
2224 :
2225 302600 : if (iface == 0 || iface > MAX_WRAPPED_INTERFACES) {
2226 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "type %c iface %u port %u",
2227 : type, iface, prt);
2228 0 : errno = EINVAL;
2229 0 : return -1;
2230 : }
2231 :
2232 302600 : if (prt > 0xFFFF) {
2233 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "type %c iface %u port %u",
2234 : type, iface, prt);
2235 0 : errno = EINVAL;
2236 0 : return -1;
2237 : }
2238 :
2239 302600 : SWRAP_LOG(SWRAP_LOG_TRACE, "type %c iface %u port %u",
2240 : type, iface, prt);
2241 :
2242 302600 : switch(type) {
2243 301605 : case SOCKET_TYPE_CHAR_TCP:
2244 : case SOCKET_TYPE_CHAR_UDP: {
2245 301605 : struct sockaddr_in *in2 = (struct sockaddr_in *)(void *)in;
2246 :
2247 301605 : if ((*len) < sizeof(*in2)) {
2248 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
2249 : "V4: *len(%zu) < sizeof(*in2)=%zu",
2250 : (size_t)*len, sizeof(*in2));
2251 0 : errno = EINVAL;
2252 0 : return -1;
2253 : }
2254 :
2255 301605 : memset(in2, 0, sizeof(*in2));
2256 301605 : in2->sin_family = AF_INET;
2257 301605 : in2->sin_addr.s_addr = htonl(swrap_ipv4_iface(iface));
2258 301605 : in2->sin_port = htons(prt);
2259 :
2260 301605 : *len = sizeof(*in2);
2261 301605 : break;
2262 : }
2263 : #ifdef HAVE_IPV6
2264 995 : case SOCKET_TYPE_CHAR_TCP_V6:
2265 : case SOCKET_TYPE_CHAR_UDP_V6: {
2266 995 : struct sockaddr_in6 *in2 = (struct sockaddr_in6 *)(void *)in;
2267 :
2268 995 : if ((*len) < sizeof(*in2)) {
2269 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
2270 : "V6: *len(%zu) < sizeof(*in2)=%zu",
2271 : (size_t)*len, sizeof(*in2));
2272 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "LINE:%d", __LINE__);
2273 0 : errno = EINVAL;
2274 0 : return -1;
2275 : }
2276 :
2277 995 : memset(in2, 0, sizeof(*in2));
2278 995 : in2->sin6_family = AF_INET6;
2279 995 : in2->sin6_addr = *swrap_ipv6();
2280 995 : in2->sin6_addr.s6_addr[15] = iface;
2281 995 : in2->sin6_port = htons(prt);
2282 :
2283 995 : *len = sizeof(*in2);
2284 995 : break;
2285 : }
2286 : #endif
2287 0 : default:
2288 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "type %c iface %u port %u",
2289 : type, iface, prt);
2290 0 : errno = EINVAL;
2291 0 : return -1;
2292 : }
2293 :
2294 296009 : return 0;
2295 : }
2296 :
2297 15423843 : static int convert_in_un_remote(struct socket_info *si, const struct sockaddr *inaddr, struct sockaddr_un *un,
2298 : int *bcast)
2299 : {
2300 15423843 : char type = '\0';
2301 7186 : unsigned int prt;
2302 7186 : unsigned int iface;
2303 15423843 : int is_bcast = 0;
2304 15423843 : char *swrap_dir = NULL;
2305 :
2306 15423843 : if (bcast) *bcast = 0;
2307 :
2308 15423843 : switch (inaddr->sa_family) {
2309 15421972 : case AF_INET: {
2310 15421972 : const struct sockaddr_in *in =
2311 : (const struct sockaddr_in *)(const void *)inaddr;
2312 15421972 : unsigned int addr = ntohl(in->sin_addr.s_addr);
2313 15421972 : char u_type = '\0';
2314 15421972 : char b_type = '\0';
2315 15421972 : char a_type = '\0';
2316 15421972 : const unsigned int sw_net_addr = swrap_ipv4_net();
2317 15421972 : const unsigned int sw_bcast_addr = swrap_ipv4_bcast();
2318 :
2319 15421972 : switch (si->type) {
2320 164052 : case SOCK_STREAM:
2321 164052 : u_type = SOCKET_TYPE_CHAR_TCP;
2322 164052 : break;
2323 15254470 : case SOCK_DGRAM:
2324 15254470 : u_type = SOCKET_TYPE_CHAR_UDP;
2325 15254470 : a_type = SOCKET_TYPE_CHAR_UDP;
2326 15254470 : b_type = SOCKET_TYPE_CHAR_UDP;
2327 15254470 : break;
2328 0 : default:
2329 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "Unknown socket type!");
2330 0 : errno = ESOCKTNOSUPPORT;
2331 0 : return -1;
2332 : }
2333 :
2334 15421972 : prt = ntohs(in->sin_port);
2335 15421972 : if (a_type && addr == 0xFFFFFFFF) {
2336 : /* 255.255.255.255 only udp */
2337 0 : is_bcast = 2;
2338 0 : type = a_type;
2339 0 : iface = socket_wrapper_default_iface();
2340 15421972 : } else if (b_type && addr == sw_bcast_addr) {
2341 : /*
2342 : * 127.255.255.255
2343 : * or
2344 : * 10.255.255.255
2345 : * only udp
2346 : */
2347 4990 : is_bcast = 1;
2348 4990 : type = b_type;
2349 4990 : iface = socket_wrapper_default_iface();
2350 15416982 : } else if ((addr & 0xFFFFFF00) == sw_net_addr) {
2351 : /* 127.0.0.X or 10.53.57.X */
2352 15407988 : is_bcast = 0;
2353 15407988 : type = u_type;
2354 15407988 : iface = (addr & 0x000000FF);
2355 : } else {
2356 8994 : struct swrap_sockaddr_buf buf = {};
2357 8994 : SWRAP_LOG(SWRAP_LOG_WARN,
2358 : "%s",
2359 : swrap_sockaddr_string(&buf, inaddr));
2360 8994 : errno = ENETUNREACH;
2361 8994 : return -1;
2362 : }
2363 15412978 : if (bcast) *bcast = is_bcast;
2364 15405806 : break;
2365 : }
2366 : #ifdef HAVE_IPV6
2367 1871 : case AF_INET6: {
2368 1871 : const struct sockaddr_in6 *in =
2369 : (const struct sockaddr_in6 *)(const void *)inaddr;
2370 0 : struct in6_addr cmp1, cmp2;
2371 :
2372 1871 : switch (si->type) {
2373 306 : case SOCK_STREAM:
2374 306 : type = SOCKET_TYPE_CHAR_TCP_V6;
2375 306 : break;
2376 1565 : case SOCK_DGRAM:
2377 1565 : type = SOCKET_TYPE_CHAR_UDP_V6;
2378 1565 : break;
2379 0 : default:
2380 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "Unknown socket type!");
2381 0 : errno = ESOCKTNOSUPPORT;
2382 0 : return -1;
2383 : }
2384 :
2385 : /* XXX no multicast/broadcast */
2386 :
2387 1871 : prt = ntohs(in->sin6_port);
2388 :
2389 1871 : cmp1 = *swrap_ipv6();
2390 1871 : cmp2 = in->sin6_addr;
2391 1871 : cmp2.s6_addr[15] = 0;
2392 1871 : if (IN6_ARE_ADDR_EQUAL(&cmp1, &cmp2)) {
2393 1871 : iface = in->sin6_addr.s6_addr[15];
2394 : } else {
2395 0 : struct swrap_sockaddr_buf buf = {};
2396 0 : SWRAP_LOG(SWRAP_LOG_WARN,
2397 : "%s",
2398 : swrap_sockaddr_string(&buf, inaddr));
2399 0 : errno = ENETUNREACH;
2400 0 : return -1;
2401 : }
2402 :
2403 1871 : break;
2404 : }
2405 : #endif
2406 0 : default:
2407 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "Unknown address family!");
2408 0 : errno = ENETUNREACH;
2409 0 : return -1;
2410 : }
2411 :
2412 15414849 : if (prt == 0) {
2413 0 : SWRAP_LOG(SWRAP_LOG_WARN, "Port not set");
2414 0 : errno = EINVAL;
2415 0 : return -1;
2416 : }
2417 :
2418 15414849 : swrap_dir = socket_wrapper_dir();
2419 15414849 : if (swrap_dir == NULL) {
2420 0 : errno = EINVAL;
2421 0 : return -1;
2422 : }
2423 :
2424 15414849 : if (is_bcast) {
2425 4990 : swrap_un_path_EINVAL(un, swrap_dir);
2426 4990 : SWRAP_LOG(SWRAP_LOG_DEBUG, "un path [%s]", un->sun_path);
2427 4990 : SAFE_FREE(swrap_dir);
2428 : /* the caller need to do more processing */
2429 4990 : return 0;
2430 : }
2431 :
2432 15409859 : swrap_un_path(un, swrap_dir, type, iface, prt);
2433 15409859 : SWRAP_LOG(SWRAP_LOG_DEBUG, "un path [%s]", un->sun_path);
2434 :
2435 15409859 : SAFE_FREE(swrap_dir);
2436 :
2437 15409859 : return 0;
2438 : }
2439 :
2440 4905 : static int convert_in_un_alloc(struct socket_info *si, const struct sockaddr *inaddr, struct sockaddr_un *un,
2441 : int *bcast)
2442 : {
2443 4905 : char type = '\0';
2444 92 : unsigned int prt;
2445 92 : unsigned int iface;
2446 92 : struct stat st;
2447 4905 : int is_bcast = 0;
2448 4905 : char *swrap_dir = NULL;
2449 :
2450 4905 : if (bcast) *bcast = 0;
2451 :
2452 4905 : switch (si->family) {
2453 3496 : case AF_INET: {
2454 3496 : const struct sockaddr_in *in =
2455 : (const struct sockaddr_in *)(const void *)inaddr;
2456 3496 : unsigned int addr = ntohl(in->sin_addr.s_addr);
2457 3496 : char u_type = '\0';
2458 3496 : char d_type = '\0';
2459 3496 : char b_type = '\0';
2460 3496 : char a_type = '\0';
2461 3496 : const unsigned int sw_net_addr = swrap_ipv4_net();
2462 3496 : const unsigned int sw_bcast_addr = swrap_ipv4_bcast();
2463 :
2464 3496 : prt = ntohs(in->sin_port);
2465 :
2466 3496 : switch (si->type) {
2467 1946 : case SOCK_STREAM:
2468 1946 : u_type = SOCKET_TYPE_CHAR_TCP;
2469 1946 : d_type = SOCKET_TYPE_CHAR_TCP;
2470 1946 : break;
2471 1527 : case SOCK_DGRAM:
2472 1527 : u_type = SOCKET_TYPE_CHAR_UDP;
2473 1527 : d_type = SOCKET_TYPE_CHAR_UDP;
2474 1527 : a_type = SOCKET_TYPE_CHAR_UDP;
2475 1527 : b_type = SOCKET_TYPE_CHAR_UDP;
2476 1527 : break;
2477 0 : default:
2478 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "Unknown socket type!");
2479 0 : errno = ESOCKTNOSUPPORT;
2480 0 : return -1;
2481 : }
2482 :
2483 3496 : if (addr == 0) {
2484 : /* 0.0.0.0 */
2485 1534 : is_bcast = 0;
2486 1534 : type = d_type;
2487 1534 : iface = socket_wrapper_default_iface();
2488 1962 : } else if (a_type && addr == 0xFFFFFFFF) {
2489 : /* 255.255.255.255 only udp */
2490 0 : is_bcast = 2;
2491 0 : type = a_type;
2492 0 : iface = socket_wrapper_default_iface();
2493 1962 : } else if (b_type && addr == sw_bcast_addr) {
2494 : /* 127.255.255.255 only udp */
2495 216 : is_bcast = 1;
2496 216 : type = b_type;
2497 216 : iface = socket_wrapper_default_iface();
2498 1746 : } else if ((addr & 0xFFFFFF00) == sw_net_addr) {
2499 : /* 127.0.0.X */
2500 1746 : is_bcast = 0;
2501 1746 : type = u_type;
2502 1746 : iface = (addr & 0x000000FF);
2503 : } else {
2504 0 : errno = EADDRNOTAVAIL;
2505 0 : return -1;
2506 : }
2507 :
2508 : /* Store the bind address for connect() */
2509 3496 : if (si->bindname.sa_socklen == 0) {
2510 53 : struct sockaddr_in bind_in;
2511 3496 : socklen_t blen = sizeof(struct sockaddr_in);
2512 :
2513 3496 : ZERO_STRUCT(bind_in);
2514 3496 : bind_in.sin_family = in->sin_family;
2515 3496 : bind_in.sin_port = in->sin_port;
2516 3496 : bind_in.sin_addr.s_addr = htonl(swrap_ipv4_iface(iface));
2517 3496 : si->bindname.sa_socklen = blen;
2518 3496 : memcpy(&si->bindname.sa.in, &bind_in, blen);
2519 : }
2520 :
2521 3443 : break;
2522 : }
2523 : #ifdef HAVE_IPV6
2524 1409 : case AF_INET6: {
2525 1409 : const struct sockaddr_in6 *in =
2526 : (const struct sockaddr_in6 *)(const void *)inaddr;
2527 39 : struct in6_addr cmp1, cmp2;
2528 :
2529 1409 : switch (si->type) {
2530 943 : case SOCK_STREAM:
2531 943 : type = SOCKET_TYPE_CHAR_TCP_V6;
2532 943 : break;
2533 444 : case SOCK_DGRAM:
2534 444 : type = SOCKET_TYPE_CHAR_UDP_V6;
2535 444 : break;
2536 0 : default:
2537 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "Unknown socket type!");
2538 0 : errno = ESOCKTNOSUPPORT;
2539 255 : return -1;
2540 : }
2541 :
2542 : /* XXX no multicast/broadcast */
2543 :
2544 1409 : prt = ntohs(in->sin6_port);
2545 :
2546 1409 : cmp1 = *swrap_ipv6();
2547 1409 : cmp2 = in->sin6_addr;
2548 1409 : cmp2.s6_addr[15] = 0;
2549 1409 : if (IN6_IS_ADDR_UNSPECIFIED(&in->sin6_addr)) {
2550 849 : iface = socket_wrapper_default_iface();
2551 560 : } else if (IN6_ARE_ADDR_EQUAL(&cmp1, &cmp2)) {
2552 305 : iface = in->sin6_addr.s6_addr[15];
2553 : } else {
2554 255 : errno = EADDRNOTAVAIL;
2555 255 : return -1;
2556 : }
2557 :
2558 : /* Store the bind address for connect() */
2559 1154 : if (si->bindname.sa_socklen == 0) {
2560 37 : struct sockaddr_in6 bind_in;
2561 1154 : socklen_t blen = sizeof(struct sockaddr_in6);
2562 :
2563 1154 : ZERO_STRUCT(bind_in);
2564 1154 : bind_in.sin6_family = in->sin6_family;
2565 1154 : bind_in.sin6_port = in->sin6_port;
2566 :
2567 1154 : bind_in.sin6_addr = *swrap_ipv6();
2568 1154 : bind_in.sin6_addr.s6_addr[15] = iface;
2569 :
2570 1154 : memcpy(&si->bindname.sa.in6, &bind_in, blen);
2571 1154 : si->bindname.sa_socklen = blen;
2572 : }
2573 :
2574 1154 : break;
2575 : }
2576 : #endif
2577 0 : default:
2578 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "Unknown address family");
2579 0 : errno = EADDRNOTAVAIL;
2580 0 : return -1;
2581 : }
2582 :
2583 :
2584 4650 : if (bcast) *bcast = is_bcast;
2585 :
2586 4650 : if (iface == 0 || iface > MAX_WRAPPED_INTERFACES) {
2587 0 : errno = EINVAL;
2588 0 : return -1;
2589 : }
2590 :
2591 4650 : swrap_dir = socket_wrapper_dir();
2592 4650 : if (swrap_dir == NULL) {
2593 0 : errno = EINVAL;
2594 0 : return -1;
2595 : }
2596 :
2597 4650 : if (prt == 0) {
2598 : /* handle auto-allocation of ephemeral ports */
2599 334488 : for (prt = 5001; prt < 10000; prt++) {
2600 334488 : swrap_un_path(un, swrap_dir, type, iface, prt);
2601 334488 : if (stat(un->sun_path, &st) == 0) continue;
2602 :
2603 1550 : set_port(si->family, prt, &si->myname);
2604 1550 : set_port(si->family, prt, &si->bindname);
2605 :
2606 1548 : break;
2607 : }
2608 :
2609 1550 : if (prt == 10000) {
2610 0 : errno = ENFILE;
2611 0 : SAFE_FREE(swrap_dir);
2612 0 : return -1;
2613 : }
2614 : }
2615 :
2616 4650 : swrap_un_path(un, swrap_dir, type, iface, prt);
2617 4650 : SWRAP_LOG(SWRAP_LOG_DEBUG, "un path [%s]", un->sun_path);
2618 :
2619 4650 : SAFE_FREE(swrap_dir);
2620 :
2621 4650 : return 0;
2622 : }
2623 :
2624 111845569 : static struct socket_info *find_socket_info(int fd)
2625 : {
2626 145154686 : int idx = find_socket_info_index(fd);
2627 :
2628 111845526 : if (idx == -1) {
2629 22320950 : return NULL;
2630 : }
2631 :
2632 56222441 : return swrap_get_socket_info(idx);
2633 : }
2634 :
2635 : #if 0 /* FIXME */
2636 : static bool check_addr_port_in_use(const struct sockaddr *sa, socklen_t len)
2637 : {
2638 : struct socket_info_fd *f;
2639 : const struct socket_info *last_s = NULL;
2640 :
2641 : /* first catch invalid input */
2642 : switch (sa->sa_family) {
2643 : case AF_INET:
2644 : if (len < sizeof(struct sockaddr_in)) {
2645 : return false;
2646 : }
2647 : break;
2648 : #ifdef HAVE_IPV6
2649 : case AF_INET6:
2650 : if (len < sizeof(struct sockaddr_in6)) {
2651 : return false;
2652 : }
2653 : break;
2654 : #endif
2655 : default:
2656 : return false;
2657 : break;
2658 : }
2659 :
2660 : for (f = socket_fds; f; f = f->next) {
2661 : struct socket_info *s = swrap_get_socket_info(f->si_index);
2662 :
2663 : if (s == last_s) {
2664 : continue;
2665 : }
2666 : last_s = s;
2667 :
2668 : if (s->myname == NULL) {
2669 : continue;
2670 : }
2671 : if (s->myname->sa_family != sa->sa_family) {
2672 : continue;
2673 : }
2674 : switch (s->myname->sa_family) {
2675 : case AF_INET: {
2676 : struct sockaddr_in *sin1, *sin2;
2677 :
2678 : sin1 = (struct sockaddr_in *)s->myname;
2679 : sin2 = (struct sockaddr_in *)sa;
2680 :
2681 : if (sin1->sin_addr.s_addr == htonl(INADDR_ANY)) {
2682 : continue;
2683 : }
2684 : if (sin1->sin_port != sin2->sin_port) {
2685 : continue;
2686 : }
2687 : if (sin1->sin_addr.s_addr != sin2->sin_addr.s_addr) {
2688 : continue;
2689 : }
2690 :
2691 : /* found */
2692 : return true;
2693 : break;
2694 : }
2695 : #ifdef HAVE_IPV6
2696 : case AF_INET6: {
2697 : struct sockaddr_in6 *sin1, *sin2;
2698 :
2699 : sin1 = (struct sockaddr_in6 *)s->myname;
2700 : sin2 = (struct sockaddr_in6 *)sa;
2701 :
2702 : if (sin1->sin6_port != sin2->sin6_port) {
2703 : continue;
2704 : }
2705 : if (!IN6_ARE_ADDR_EQUAL(&sin1->sin6_addr,
2706 : &sin2->sin6_addr))
2707 : {
2708 : continue;
2709 : }
2710 :
2711 : /* found */
2712 : return true;
2713 : break;
2714 : }
2715 : #endif
2716 : default:
2717 : continue;
2718 : break;
2719 :
2720 : }
2721 : }
2722 :
2723 : return false;
2724 : }
2725 : #endif
2726 :
2727 : static void swrap_remove_stale(int fd);
2728 :
2729 15428748 : static int sockaddr_convert_to_un(struct socket_info *si,
2730 : const struct sockaddr *in_addr,
2731 : socklen_t in_len,
2732 : struct sockaddr_un *out_addr,
2733 : int alloc_sock,
2734 : int *bcast)
2735 : {
2736 15428748 : struct sockaddr *out = (struct sockaddr *)(void *)out_addr;
2737 :
2738 7278 : (void) in_len; /* unused */
2739 :
2740 15428748 : if (out_addr == NULL) {
2741 0 : return 0;
2742 : }
2743 :
2744 15428748 : out->sa_family = AF_UNIX;
2745 : #ifdef HAVE_STRUCT_SOCKADDR_SA_LEN
2746 : out->sa_len = sizeof(*out_addr);
2747 : #endif
2748 :
2749 15428748 : switch (in_addr->sa_family) {
2750 0 : case AF_UNSPEC: {
2751 0 : const struct sockaddr_in *sin;
2752 0 : if (si->family != AF_INET) {
2753 0 : break;
2754 : }
2755 0 : if (in_len < sizeof(struct sockaddr_in)) {
2756 0 : break;
2757 : }
2758 0 : sin = (const struct sockaddr_in *)(const void *)in_addr;
2759 0 : if(sin->sin_addr.s_addr != htonl(INADDR_ANY)) {
2760 0 : break;
2761 : }
2762 :
2763 : /*
2764 : * Note: in the special case of AF_UNSPEC and INADDR_ANY,
2765 : * AF_UNSPEC is mapped to AF_INET and must be treated here.
2766 : */
2767 :
2768 7278 : FALL_THROUGH;
2769 : }
2770 : case AF_INET:
2771 : #ifdef HAVE_IPV6
2772 : case AF_INET6:
2773 : #endif
2774 15428748 : switch (si->type) {
2775 15421470 : case SOCK_STREAM:
2776 : case SOCK_DGRAM:
2777 15428748 : break;
2778 0 : default:
2779 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "Unknown socket type!");
2780 0 : errno = ESOCKTNOSUPPORT;
2781 0 : return -1;
2782 : }
2783 15428748 : if (alloc_sock) {
2784 4905 : return convert_in_un_alloc(si, in_addr, out_addr, bcast);
2785 : } else {
2786 15423843 : return convert_in_un_remote(si, in_addr, out_addr, bcast);
2787 : }
2788 0 : default:
2789 0 : break;
2790 : }
2791 :
2792 0 : errno = EAFNOSUPPORT;
2793 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "Unknown address family");
2794 0 : return -1;
2795 : }
2796 :
2797 302600 : static int sockaddr_convert_from_un(const struct socket_info *si,
2798 : const struct sockaddr_un *in_addr,
2799 : socklen_t un_addrlen,
2800 : int family,
2801 : struct sockaddr *out_addr,
2802 : socklen_t *out_addrlen)
2803 : {
2804 6591 : int ret;
2805 :
2806 302600 : if (out_addr == NULL || out_addrlen == NULL)
2807 0 : return 0;
2808 :
2809 302600 : if (un_addrlen == 0) {
2810 0 : *out_addrlen = 0;
2811 0 : return 0;
2812 : }
2813 :
2814 302600 : switch (family) {
2815 302600 : case AF_INET:
2816 : #ifdef HAVE_IPV6
2817 : case AF_INET6:
2818 : #endif
2819 302600 : switch (si->type) {
2820 296009 : case SOCK_STREAM:
2821 : case SOCK_DGRAM:
2822 302600 : break;
2823 0 : default:
2824 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "Unknown socket type!");
2825 0 : errno = ESOCKTNOSUPPORT;
2826 0 : return -1;
2827 : }
2828 302600 : ret = convert_un_in(in_addr, out_addr, out_addrlen);
2829 : #ifdef HAVE_STRUCT_SOCKADDR_SA_LEN
2830 : out_addr->sa_len = *out_addrlen;
2831 : #endif
2832 302600 : return ret;
2833 0 : default:
2834 0 : break;
2835 : }
2836 :
2837 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "Unknown address family");
2838 0 : errno = EAFNOSUPPORT;
2839 0 : return -1;
2840 : }
2841 :
2842 : enum swrap_packet_type {
2843 : SWRAP_CONNECT_SEND,
2844 : SWRAP_CONNECT_UNREACH,
2845 : SWRAP_CONNECT_RECV,
2846 : SWRAP_CONNECT_ACK,
2847 : SWRAP_ACCEPT_SEND,
2848 : SWRAP_ACCEPT_RECV,
2849 : SWRAP_ACCEPT_ACK,
2850 : SWRAP_RECVFROM,
2851 : SWRAP_SENDTO,
2852 : SWRAP_SENDTO_UNREACH,
2853 : SWRAP_PENDING_RST,
2854 : SWRAP_RECV,
2855 : SWRAP_RECV_RST,
2856 : SWRAP_SEND,
2857 : SWRAP_SEND_RST,
2858 : SWRAP_CLOSE_SEND,
2859 : SWRAP_CLOSE_RECV,
2860 : SWRAP_CLOSE_ACK,
2861 : };
2862 :
2863 : struct swrap_file_hdr {
2864 : uint32_t magic;
2865 : uint16_t version_major;
2866 : uint16_t version_minor;
2867 : int32_t timezone;
2868 : uint32_t sigfigs;
2869 : uint32_t frame_max_len;
2870 : #define SWRAP_FRAME_LENGTH_MAX 0xFFFF
2871 : uint32_t link_type;
2872 : };
2873 : #define SWRAP_FILE_HDR_SIZE 24
2874 :
2875 : struct swrap_packet_frame {
2876 : uint32_t seconds;
2877 : uint32_t micro_seconds;
2878 : uint32_t recorded_length;
2879 : uint32_t full_length;
2880 : };
2881 : #define SWRAP_PACKET_FRAME_SIZE 16
2882 :
2883 : union swrap_packet_ip {
2884 : struct {
2885 : uint8_t ver_hdrlen;
2886 : uint8_t tos;
2887 : uint16_t packet_length;
2888 : uint16_t identification;
2889 : uint8_t flags;
2890 : uint8_t fragment;
2891 : uint8_t ttl;
2892 : uint8_t protocol;
2893 : uint16_t hdr_checksum;
2894 : uint32_t src_addr;
2895 : uint32_t dest_addr;
2896 : } v4;
2897 : #define SWRAP_PACKET_IP_V4_SIZE 20
2898 : struct {
2899 : uint8_t ver_prio;
2900 : uint8_t flow_label_high;
2901 : uint16_t flow_label_low;
2902 : uint16_t payload_length;
2903 : uint8_t next_header;
2904 : uint8_t hop_limit;
2905 : uint8_t src_addr[16];
2906 : uint8_t dest_addr[16];
2907 : } v6;
2908 : #define SWRAP_PACKET_IP_V6_SIZE 40
2909 : };
2910 : #define SWRAP_PACKET_IP_SIZE 40
2911 :
2912 : union swrap_packet_payload {
2913 : struct {
2914 : uint16_t source_port;
2915 : uint16_t dest_port;
2916 : uint32_t seq_num;
2917 : uint32_t ack_num;
2918 : uint8_t hdr_length;
2919 : uint8_t control;
2920 : uint16_t window;
2921 : uint16_t checksum;
2922 : uint16_t urg;
2923 : } tcp;
2924 : #define SWRAP_PACKET_PAYLOAD_TCP_SIZE 20
2925 : struct {
2926 : uint16_t source_port;
2927 : uint16_t dest_port;
2928 : uint16_t length;
2929 : uint16_t checksum;
2930 : } udp;
2931 : #define SWRAP_PACKET_PAYLOAD_UDP_SIZE 8
2932 : struct {
2933 : uint8_t type;
2934 : uint8_t code;
2935 : uint16_t checksum;
2936 : uint32_t unused;
2937 : } icmp4;
2938 : #define SWRAP_PACKET_PAYLOAD_ICMP4_SIZE 8
2939 : struct {
2940 : uint8_t type;
2941 : uint8_t code;
2942 : uint16_t checksum;
2943 : uint32_t unused;
2944 : } icmp6;
2945 : #define SWRAP_PACKET_PAYLOAD_ICMP6_SIZE 8
2946 : };
2947 : #define SWRAP_PACKET_PAYLOAD_SIZE 20
2948 :
2949 : #define SWRAP_PACKET_MIN_ALLOC \
2950 : (SWRAP_PACKET_FRAME_SIZE + \
2951 : SWRAP_PACKET_IP_SIZE + \
2952 : SWRAP_PACKET_PAYLOAD_SIZE)
2953 :
2954 39657434 : static const char *swrap_pcap_init_file(void)
2955 : {
2956 214596 : static int initialized = 0;
2957 214596 : static const char *s = NULL;
2958 214596 : static const struct swrap_file_hdr h;
2959 214596 : static const struct swrap_packet_frame f;
2960 214596 : static const union swrap_packet_ip i;
2961 214596 : static const union swrap_packet_payload p;
2962 :
2963 39657434 : if (initialized == 1) {
2964 39635056 : return s;
2965 : }
2966 22378 : initialized = 1;
2967 :
2968 : /*
2969 : * TODO: don't use the structs use plain buffer offsets
2970 : * and PUSH_U8(), PUSH_U16() and PUSH_U32()
2971 : *
2972 : * for now make sure we disable PCAP support
2973 : * if the struct has alignment!
2974 : */
2975 106 : if (sizeof(h) != SWRAP_FILE_HDR_SIZE) {
2976 : return NULL;
2977 : }
2978 106 : if (sizeof(f) != SWRAP_PACKET_FRAME_SIZE) {
2979 : return NULL;
2980 : }
2981 106 : if (sizeof(i) != SWRAP_PACKET_IP_SIZE) {
2982 : return NULL;
2983 : }
2984 106 : if (sizeof(i.v4) != SWRAP_PACKET_IP_V4_SIZE) {
2985 : return NULL;
2986 : }
2987 106 : if (sizeof(i.v6) != SWRAP_PACKET_IP_V6_SIZE) {
2988 : return NULL;
2989 : }
2990 106 : if (sizeof(p) != SWRAP_PACKET_PAYLOAD_SIZE) {
2991 : return NULL;
2992 : }
2993 106 : if (sizeof(p.tcp) != SWRAP_PACKET_PAYLOAD_TCP_SIZE) {
2994 : return NULL;
2995 : }
2996 106 : if (sizeof(p.udp) != SWRAP_PACKET_PAYLOAD_UDP_SIZE) {
2997 : return NULL;
2998 : }
2999 106 : if (sizeof(p.icmp4) != SWRAP_PACKET_PAYLOAD_ICMP4_SIZE) {
3000 : return NULL;
3001 : }
3002 106 : if (sizeof(p.icmp6) != SWRAP_PACKET_PAYLOAD_ICMP6_SIZE) {
3003 : return NULL;
3004 : }
3005 :
3006 22378 : s = getenv("SOCKET_WRAPPER_PCAP_FILE");
3007 22378 : if (s == NULL) {
3008 80 : return NULL;
3009 : }
3010 22298 : if (strncmp(s, "./", 2) == 0) {
3011 0 : s += 2;
3012 : }
3013 22298 : SWRAP_LOG(SWRAP_LOG_TRACE, "SOCKET_WRAPPER_PCAP_FILE: %s", s);
3014 22298 : return s;
3015 : }
3016 :
3017 37347463 : static uint8_t *swrap_pcap_packet_init(struct timeval *tval,
3018 : const struct sockaddr *src,
3019 : const struct sockaddr *dest,
3020 : int socket_type,
3021 : const uint8_t *payload,
3022 : size_t payload_len,
3023 : unsigned long tcp_seqno,
3024 : unsigned long tcp_ack,
3025 : unsigned char tcp_ctl,
3026 : int unreachable,
3027 : size_t *_packet_len)
3028 : {
3029 37347463 : uint8_t *base = NULL;
3030 37347463 : uint8_t *buf = NULL;
3031 208234 : union {
3032 : uint8_t *ptr;
3033 : struct swrap_packet_frame *frame;
3034 : } f;
3035 208234 : union {
3036 : uint8_t *ptr;
3037 : union swrap_packet_ip *ip;
3038 : } i;
3039 208234 : union swrap_packet_payload *pay;
3040 208234 : size_t packet_len;
3041 208234 : size_t alloc_len;
3042 37347463 : size_t nonwire_len = sizeof(struct swrap_packet_frame);
3043 37347463 : size_t wire_hdr_len = 0;
3044 37347463 : size_t wire_len = 0;
3045 37347463 : size_t ip_hdr_len = 0;
3046 37347463 : size_t icmp_hdr_len = 0;
3047 37347463 : size_t icmp_truncate_len = 0;
3048 37347463 : uint8_t protocol = 0, icmp_protocol = 0;
3049 37347463 : const struct sockaddr_in *src_in = NULL;
3050 37347463 : const struct sockaddr_in *dest_in = NULL;
3051 : #ifdef HAVE_IPV6
3052 37347463 : const struct sockaddr_in6 *src_in6 = NULL;
3053 37347463 : const struct sockaddr_in6 *dest_in6 = NULL;
3054 : #endif
3055 208234 : uint16_t src_port;
3056 208234 : uint16_t dest_port;
3057 :
3058 37347463 : switch (src->sa_family) {
3059 37317085 : case AF_INET:
3060 37317085 : src_in = (const struct sockaddr_in *)(const void *)src;
3061 37317085 : dest_in = (const struct sockaddr_in *)(const void *)dest;
3062 37317085 : src_port = src_in->sin_port;
3063 37317085 : dest_port = dest_in->sin_port;
3064 37317085 : ip_hdr_len = sizeof(i.ip->v4);
3065 37317085 : break;
3066 : #ifdef HAVE_IPV6
3067 30378 : case AF_INET6:
3068 30378 : src_in6 = (const struct sockaddr_in6 *)(const void *)src;
3069 30378 : dest_in6 = (const struct sockaddr_in6 *)(const void *)dest;
3070 30378 : src_port = src_in6->sin6_port;
3071 30378 : dest_port = dest_in6->sin6_port;
3072 30378 : ip_hdr_len = sizeof(i.ip->v6);
3073 30378 : break;
3074 : #endif
3075 0 : default:
3076 0 : return NULL;
3077 : }
3078 :
3079 37347463 : switch (socket_type) {
3080 37170774 : case SOCK_STREAM:
3081 37170774 : protocol = 0x06; /* TCP */
3082 37170774 : wire_hdr_len = ip_hdr_len + sizeof(pay->tcp);
3083 37170774 : wire_len = wire_hdr_len + payload_len;
3084 37170774 : break;
3085 :
3086 176689 : case SOCK_DGRAM:
3087 176689 : protocol = 0x11; /* UDP */
3088 176689 : wire_hdr_len = ip_hdr_len + sizeof(pay->udp);
3089 176689 : wire_len = wire_hdr_len + payload_len;
3090 176689 : break;
3091 :
3092 0 : default:
3093 0 : return NULL;
3094 : }
3095 :
3096 37347463 : if (unreachable) {
3097 84 : icmp_protocol = protocol;
3098 84 : switch (src->sa_family) {
3099 84 : case AF_INET:
3100 84 : protocol = 0x01; /* ICMPv4 */
3101 84 : icmp_hdr_len = ip_hdr_len + sizeof(pay->icmp4);
3102 84 : break;
3103 : #ifdef HAVE_IPV6
3104 0 : case AF_INET6:
3105 0 : protocol = 0x3A; /* ICMPv6 */
3106 0 : icmp_hdr_len = ip_hdr_len + sizeof(pay->icmp6);
3107 0 : break;
3108 : #endif
3109 : }
3110 84 : if (wire_len > 64 ) {
3111 84 : icmp_truncate_len = wire_len - 64;
3112 : }
3113 84 : wire_len += icmp_hdr_len;
3114 : }
3115 :
3116 37347463 : packet_len = nonwire_len + wire_len;
3117 37347463 : alloc_len = packet_len;
3118 37347463 : if (alloc_len < SWRAP_PACKET_MIN_ALLOC) {
3119 10233066 : alloc_len = SWRAP_PACKET_MIN_ALLOC;
3120 : }
3121 :
3122 37347463 : base = (uint8_t *)calloc(1, alloc_len);
3123 37347463 : if (base == NULL) {
3124 0 : return NULL;
3125 : }
3126 :
3127 37347463 : buf = base;
3128 37347463 : f.ptr = buf;
3129 :
3130 37347463 : f.frame->seconds = tval->tv_sec;
3131 37347463 : f.frame->micro_seconds = tval->tv_usec;
3132 37347463 : f.frame->recorded_length = wire_len - icmp_truncate_len;
3133 37347463 : f.frame->full_length = wire_len - icmp_truncate_len;
3134 :
3135 37347463 : buf += SWRAP_PACKET_FRAME_SIZE;
3136 :
3137 37347463 : i.ptr = buf;
3138 37347463 : switch (src->sa_family) {
3139 37317085 : case AF_INET:
3140 37317085 : if (src_in == NULL || dest_in == NULL) {
3141 0 : SAFE_FREE(base);
3142 0 : return NULL;
3143 : }
3144 :
3145 37317085 : i.ip->v4.ver_hdrlen = 0x45; /* version 4 and 5 * 32 bit words */
3146 37317085 : i.ip->v4.tos = 0x00;
3147 37317085 : i.ip->v4.packet_length = htons(wire_len - icmp_truncate_len);
3148 37317085 : i.ip->v4.identification = htons(0xFFFF);
3149 37317085 : i.ip->v4.flags = 0x40; /* BIT 1 set - means don't fragment */
3150 37317085 : i.ip->v4.fragment = htons(0x0000);
3151 37317085 : i.ip->v4.ttl = 0xFF;
3152 37317085 : i.ip->v4.protocol = protocol;
3153 37317085 : i.ip->v4.hdr_checksum = htons(0x0000);
3154 37317085 : i.ip->v4.src_addr = src_in->sin_addr.s_addr;
3155 37317085 : i.ip->v4.dest_addr = dest_in->sin_addr.s_addr;
3156 37317085 : buf += SWRAP_PACKET_IP_V4_SIZE;
3157 37317085 : break;
3158 : #ifdef HAVE_IPV6
3159 30378 : case AF_INET6:
3160 30378 : if (src_in6 == NULL || dest_in6 == NULL) {
3161 0 : SAFE_FREE(base);
3162 0 : return NULL;
3163 : }
3164 :
3165 30378 : i.ip->v6.ver_prio = 0x60; /* version 4 and 5 * 32 bit words */
3166 30378 : i.ip->v6.flow_label_high = 0x00;
3167 30378 : i.ip->v6.flow_label_low = 0x0000;
3168 30378 : i.ip->v6.payload_length = htons(wire_len - icmp_truncate_len); /* TODO */
3169 30378 : i.ip->v6.next_header = protocol;
3170 30378 : memcpy(i.ip->v6.src_addr, src_in6->sin6_addr.s6_addr, 16);
3171 30378 : memcpy(i.ip->v6.dest_addr, dest_in6->sin6_addr.s6_addr, 16);
3172 30378 : buf += SWRAP_PACKET_IP_V6_SIZE;
3173 30378 : break;
3174 : #endif
3175 : }
3176 :
3177 37347463 : if (unreachable) {
3178 84 : pay = (union swrap_packet_payload *)(void *)buf;
3179 84 : switch (src->sa_family) {
3180 84 : case AF_INET:
3181 84 : pay->icmp4.type = 0x03; /* destination unreachable */
3182 84 : pay->icmp4.code = 0x01; /* host unreachable */
3183 84 : pay->icmp4.checksum = htons(0x0000);
3184 84 : pay->icmp4.unused = htonl(0x00000000);
3185 :
3186 84 : buf += SWRAP_PACKET_PAYLOAD_ICMP4_SIZE;
3187 :
3188 : /* set the ip header in the ICMP payload */
3189 84 : i.ptr = buf;
3190 84 : i.ip->v4.ver_hdrlen = 0x45; /* version 4 and 5 * 32 bit words */
3191 84 : i.ip->v4.tos = 0x00;
3192 84 : i.ip->v4.packet_length = htons(wire_len - icmp_hdr_len);
3193 84 : i.ip->v4.identification = htons(0xFFFF);
3194 84 : i.ip->v4.flags = 0x40; /* BIT 1 set - means don't fragment */
3195 84 : i.ip->v4.fragment = htons(0x0000);
3196 84 : i.ip->v4.ttl = 0xFF;
3197 84 : i.ip->v4.protocol = icmp_protocol;
3198 84 : i.ip->v4.hdr_checksum = htons(0x0000);
3199 84 : i.ip->v4.src_addr = dest_in->sin_addr.s_addr;
3200 84 : i.ip->v4.dest_addr = src_in->sin_addr.s_addr;
3201 :
3202 84 : buf += SWRAP_PACKET_IP_V4_SIZE;
3203 :
3204 84 : src_port = dest_in->sin_port;
3205 84 : dest_port = src_in->sin_port;
3206 84 : break;
3207 : #ifdef HAVE_IPV6
3208 0 : case AF_INET6:
3209 0 : pay->icmp6.type = 0x01; /* destination unreachable */
3210 0 : pay->icmp6.code = 0x03; /* address unreachable */
3211 0 : pay->icmp6.checksum = htons(0x0000);
3212 0 : pay->icmp6.unused = htonl(0x00000000);
3213 0 : buf += SWRAP_PACKET_PAYLOAD_ICMP6_SIZE;
3214 :
3215 : /* set the ip header in the ICMP payload */
3216 0 : i.ptr = buf;
3217 0 : i.ip->v6.ver_prio = 0x60; /* version 4 and 5 * 32 bit words */
3218 0 : i.ip->v6.flow_label_high = 0x00;
3219 0 : i.ip->v6.flow_label_low = 0x0000;
3220 0 : i.ip->v6.payload_length = htons(wire_len - icmp_truncate_len); /* TODO */
3221 0 : i.ip->v6.next_header = protocol;
3222 0 : memcpy(i.ip->v6.src_addr, dest_in6->sin6_addr.s6_addr, 16);
3223 0 : memcpy(i.ip->v6.dest_addr, src_in6->sin6_addr.s6_addr, 16);
3224 :
3225 0 : buf += SWRAP_PACKET_IP_V6_SIZE;
3226 :
3227 0 : src_port = dest_in6->sin6_port;
3228 0 : dest_port = src_in6->sin6_port;
3229 0 : break;
3230 : #endif
3231 : }
3232 : }
3233 :
3234 37347463 : pay = (union swrap_packet_payload *)(void *)buf;
3235 :
3236 37347463 : switch (socket_type) {
3237 37170774 : case SOCK_STREAM:
3238 37170774 : pay->tcp.source_port = src_port;
3239 37170774 : pay->tcp.dest_port = dest_port;
3240 37170774 : pay->tcp.seq_num = htonl(tcp_seqno);
3241 37170774 : pay->tcp.ack_num = htonl(tcp_ack);
3242 37170774 : pay->tcp.hdr_length = 0x50; /* 5 * 32 bit words */
3243 37170774 : pay->tcp.control = tcp_ctl;
3244 37170774 : pay->tcp.window = htons(0x7FFF);
3245 37170774 : pay->tcp.checksum = htons(0x0000);
3246 37170774 : pay->tcp.urg = htons(0x0000);
3247 37170774 : buf += SWRAP_PACKET_PAYLOAD_TCP_SIZE;
3248 :
3249 37170774 : break;
3250 :
3251 176689 : case SOCK_DGRAM:
3252 176689 : pay->udp.source_port = src_port;
3253 176689 : pay->udp.dest_port = dest_port;
3254 176689 : pay->udp.length = htons(8 + payload_len);
3255 176689 : pay->udp.checksum = htons(0x0000);
3256 176689 : buf += SWRAP_PACKET_PAYLOAD_UDP_SIZE;
3257 :
3258 176689 : break;
3259 : }
3260 :
3261 37347463 : if (payload && payload_len > 0) {
3262 35511042 : memcpy(buf, payload, payload_len);
3263 : }
3264 :
3265 37347463 : *_packet_len = packet_len - icmp_truncate_len;
3266 37347463 : return base;
3267 : }
3268 :
3269 37347463 : static int swrap_pcap_get_fd(const char *fname)
3270 : {
3271 208234 : static int fd = -1;
3272 :
3273 37347463 : if (fd != -1) {
3274 0 : return fd;
3275 : }
3276 :
3277 37347463 : fd = libc_open(fname, O_WRONLY|O_CREAT|O_EXCL|O_APPEND, 0644);
3278 37347463 : if (fd != -1) {
3279 0 : struct swrap_file_hdr file_hdr;
3280 0 : file_hdr.magic = 0xA1B2C3D4;
3281 0 : file_hdr.version_major = 0x0002;
3282 0 : file_hdr.version_minor = 0x0004;
3283 0 : file_hdr.timezone = 0x00000000;
3284 0 : file_hdr.sigfigs = 0x00000000;
3285 0 : file_hdr.frame_max_len = SWRAP_FRAME_LENGTH_MAX;
3286 0 : file_hdr.link_type = 0x0065; /* 101 RAW IP */
3287 :
3288 0 : if (libc_write(fd, &file_hdr, sizeof(file_hdr)) != sizeof(file_hdr)) {
3289 0 : libc_close(fd);
3290 0 : fd = -1;
3291 : }
3292 0 : return fd;
3293 : }
3294 :
3295 37347463 : fd = libc_open(fname, O_WRONLY|O_APPEND, 0644);
3296 :
3297 37347463 : return fd;
3298 : }
3299 :
3300 37551393 : static uint8_t *swrap_pcap_marshall_packet(struct socket_info *si,
3301 : const struct sockaddr *addr,
3302 : enum swrap_packet_type type,
3303 : const void *buf, size_t len,
3304 : size_t *packet_len)
3305 : {
3306 214596 : const struct sockaddr *src_addr;
3307 214596 : const struct sockaddr *dest_addr;
3308 37551393 : unsigned long tcp_seqno = 0;
3309 37551393 : unsigned long tcp_ack = 0;
3310 37551393 : unsigned char tcp_ctl = 0;
3311 37551393 : int unreachable = 0;
3312 :
3313 214596 : struct timeval tv;
3314 :
3315 37551393 : switch (si->family) {
3316 37303239 : case AF_INET:
3317 37303239 : break;
3318 : #ifdef HAVE_IPV6
3319 33558 : case AF_INET6:
3320 33558 : break;
3321 : #endif
3322 0 : default:
3323 0 : return NULL;
3324 : }
3325 :
3326 37551393 : switch (type) {
3327 167776 : case SWRAP_CONNECT_SEND:
3328 167776 : if (si->type != SOCK_STREAM) {
3329 0 : return NULL;
3330 : }
3331 :
3332 167776 : src_addr = &si->myname.sa.s;
3333 167776 : dest_addr = addr;
3334 :
3335 167776 : tcp_seqno = si->io.pck_snd;
3336 167776 : tcp_ack = si->io.pck_rcv;
3337 167776 : tcp_ctl = 0x02; /* SYN */
3338 :
3339 167776 : si->io.pck_snd += 1;
3340 :
3341 167776 : break;
3342 :
3343 207344 : case SWRAP_CONNECT_RECV:
3344 207344 : if (si->type != SOCK_STREAM) {
3345 38362 : return NULL;
3346 : }
3347 :
3348 167776 : dest_addr = &si->myname.sa.s;
3349 167776 : src_addr = addr;
3350 :
3351 167776 : tcp_seqno = si->io.pck_rcv;
3352 167776 : tcp_ack = si->io.pck_snd;
3353 167776 : tcp_ctl = 0x12; /** SYN,ACK */
3354 :
3355 167776 : si->io.pck_rcv += 1;
3356 :
3357 167776 : break;
3358 :
3359 0 : case SWRAP_CONNECT_UNREACH:
3360 0 : if (si->type != SOCK_STREAM) {
3361 0 : return NULL;
3362 : }
3363 :
3364 0 : dest_addr = &si->myname.sa.s;
3365 0 : src_addr = addr;
3366 :
3367 : /* Unreachable: resend the data of SWRAP_CONNECT_SEND */
3368 0 : tcp_seqno = si->io.pck_snd - 1;
3369 0 : tcp_ack = si->io.pck_rcv;
3370 0 : tcp_ctl = 0x02; /* SYN */
3371 0 : unreachable = 1;
3372 :
3373 0 : break;
3374 :
3375 207344 : case SWRAP_CONNECT_ACK:
3376 207344 : if (si->type != SOCK_STREAM) {
3377 38362 : return NULL;
3378 : }
3379 :
3380 167776 : src_addr = &si->myname.sa.s;
3381 167776 : dest_addr = addr;
3382 :
3383 167776 : tcp_seqno = si->io.pck_snd;
3384 167776 : tcp_ack = si->io.pck_rcv;
3385 167776 : tcp_ctl = 0x10; /* ACK */
3386 :
3387 167776 : break;
3388 :
3389 118156 : case SWRAP_ACCEPT_SEND:
3390 118156 : if (si->type != SOCK_STREAM) {
3391 0 : return NULL;
3392 : }
3393 :
3394 118156 : dest_addr = &si->myname.sa.s;
3395 118156 : src_addr = addr;
3396 :
3397 118156 : tcp_seqno = si->io.pck_rcv;
3398 118156 : tcp_ack = si->io.pck_snd;
3399 118156 : tcp_ctl = 0x02; /* SYN */
3400 :
3401 118156 : si->io.pck_rcv += 1;
3402 :
3403 118156 : break;
3404 :
3405 118156 : case SWRAP_ACCEPT_RECV:
3406 118156 : if (si->type != SOCK_STREAM) {
3407 0 : return NULL;
3408 : }
3409 :
3410 118156 : src_addr = &si->myname.sa.s;
3411 118156 : dest_addr = addr;
3412 :
3413 118156 : tcp_seqno = si->io.pck_snd;
3414 118156 : tcp_ack = si->io.pck_rcv;
3415 118156 : tcp_ctl = 0x12; /* SYN,ACK */
3416 :
3417 118156 : si->io.pck_snd += 1;
3418 :
3419 118156 : break;
3420 :
3421 118156 : case SWRAP_ACCEPT_ACK:
3422 118156 : if (si->type != SOCK_STREAM) {
3423 0 : return NULL;
3424 : }
3425 :
3426 118156 : dest_addr = &si->myname.sa.s;
3427 118156 : src_addr = addr;
3428 :
3429 118156 : tcp_seqno = si->io.pck_rcv;
3430 118156 : tcp_ack = si->io.pck_snd;
3431 118156 : tcp_ctl = 0x10; /* ACK */
3432 :
3433 118156 : break;
3434 :
3435 13375066 : case SWRAP_SEND:
3436 13375066 : src_addr = &si->myname.sa.s;
3437 13375066 : dest_addr = &si->peername.sa.s;
3438 :
3439 13375066 : tcp_seqno = si->io.pck_snd;
3440 13375066 : tcp_ack = si->io.pck_rcv;
3441 13375066 : tcp_ctl = 0x18; /* PSH,ACK */
3442 :
3443 13375066 : si->io.pck_snd += len;
3444 :
3445 13375066 : break;
3446 :
3447 4653 : case SWRAP_SEND_RST:
3448 4653 : dest_addr = &si->myname.sa.s;
3449 4653 : src_addr = &si->peername.sa.s;
3450 :
3451 4653 : if (si->type == SOCK_DGRAM) {
3452 0 : return swrap_pcap_marshall_packet(si,
3453 0 : &si->peername.sa.s,
3454 : SWRAP_SENDTO_UNREACH,
3455 : buf,
3456 : len,
3457 : packet_len);
3458 : }
3459 :
3460 4653 : tcp_seqno = si->io.pck_rcv;
3461 4653 : tcp_ack = si->io.pck_snd;
3462 4653 : tcp_ctl = 0x14; /** RST,ACK */
3463 :
3464 4653 : break;
3465 :
3466 6182 : case SWRAP_PENDING_RST:
3467 6182 : dest_addr = &si->myname.sa.s;
3468 6182 : src_addr = &si->peername.sa.s;
3469 :
3470 6182 : if (si->type == SOCK_DGRAM) {
3471 5842 : return NULL;
3472 : }
3473 :
3474 8 : tcp_seqno = si->io.pck_rcv;
3475 8 : tcp_ack = si->io.pck_snd;
3476 8 : tcp_ctl = 0x14; /* RST,ACK */
3477 :
3478 8 : break;
3479 :
3480 21994273 : case SWRAP_RECV:
3481 21994273 : dest_addr = &si->myname.sa.s;
3482 21994273 : src_addr = &si->peername.sa.s;
3483 :
3484 21994273 : tcp_seqno = si->io.pck_rcv;
3485 21994273 : tcp_ack = si->io.pck_snd;
3486 21994273 : tcp_ctl = 0x18; /* PSH,ACK */
3487 :
3488 21994273 : si->io.pck_rcv += len;
3489 :
3490 21994273 : break;
3491 :
3492 6603 : case SWRAP_RECV_RST:
3493 6603 : dest_addr = &si->myname.sa.s;
3494 6603 : src_addr = &si->peername.sa.s;
3495 :
3496 6603 : if (si->type == SOCK_DGRAM) {
3497 0 : return NULL;
3498 : }
3499 :
3500 6603 : tcp_seqno = si->io.pck_rcv;
3501 6603 : tcp_ack = si->io.pck_snd;
3502 6603 : tcp_ctl = 0x14; /* RST,ACK */
3503 :
3504 6603 : break;
3505 :
3506 80687 : case SWRAP_SENDTO:
3507 80687 : src_addr = &si->myname.sa.s;
3508 80687 : dest_addr = addr;
3509 :
3510 80687 : si->io.pck_snd += len;
3511 :
3512 80687 : break;
3513 :
3514 84 : case SWRAP_SENDTO_UNREACH:
3515 84 : dest_addr = &si->myname.sa.s;
3516 84 : src_addr = addr;
3517 :
3518 84 : unreachable = 1;
3519 :
3520 84 : break;
3521 :
3522 60940 : case SWRAP_RECVFROM:
3523 60940 : dest_addr = &si->myname.sa.s;
3524 60940 : src_addr = addr;
3525 :
3526 60940 : si->io.pck_rcv += len;
3527 :
3528 60940 : break;
3529 :
3530 361991 : case SWRAP_CLOSE_SEND:
3531 361991 : if (si->type != SOCK_STREAM) {
3532 38334 : return NULL;
3533 : }
3534 :
3535 322451 : src_addr = &si->myname.sa.s;
3536 322451 : dest_addr = &si->peername.sa.s;
3537 :
3538 322451 : tcp_seqno = si->io.pck_snd;
3539 322451 : tcp_ack = si->io.pck_rcv;
3540 322451 : tcp_ctl = 0x11; /* FIN, ACK */
3541 :
3542 322451 : si->io.pck_snd += 1;
3543 :
3544 322451 : break;
3545 :
3546 361991 : case SWRAP_CLOSE_RECV:
3547 361991 : if (si->type != SOCK_STREAM) {
3548 38334 : return NULL;
3549 : }
3550 :
3551 322451 : dest_addr = &si->myname.sa.s;
3552 322451 : src_addr = &si->peername.sa.s;
3553 :
3554 322451 : tcp_seqno = si->io.pck_rcv;
3555 322451 : tcp_ack = si->io.pck_snd;
3556 322451 : tcp_ctl = 0x11; /* FIN,ACK */
3557 :
3558 322451 : si->io.pck_rcv += 1;
3559 :
3560 322451 : break;
3561 :
3562 361991 : case SWRAP_CLOSE_ACK:
3563 361991 : if (si->type != SOCK_STREAM) {
3564 38334 : return NULL;
3565 : }
3566 :
3567 322451 : src_addr = &si->myname.sa.s;
3568 322451 : dest_addr = &si->peername.sa.s;
3569 :
3570 322451 : tcp_seqno = si->io.pck_snd;
3571 322451 : tcp_ack = si->io.pck_rcv;
3572 322451 : tcp_ctl = 0x10; /* ACK */
3573 :
3574 322451 : break;
3575 0 : default:
3576 0 : return NULL;
3577 : }
3578 :
3579 37347463 : swrapGetTimeOfDay(&tv);
3580 :
3581 37347463 : return swrap_pcap_packet_init(&tv,
3582 : src_addr,
3583 : dest_addr,
3584 : si->type,
3585 : (const uint8_t *)buf,
3586 : len,
3587 : tcp_seqno,
3588 : tcp_ack,
3589 : tcp_ctl,
3590 : unreachable,
3591 : packet_len);
3592 : }
3593 :
3594 39657434 : static void swrap_pcap_dump_packet(struct socket_info *si,
3595 : const struct sockaddr *addr,
3596 : enum swrap_packet_type type,
3597 : const void *buf, size_t len)
3598 : {
3599 214596 : const char *file_name;
3600 214596 : uint8_t *packet;
3601 39657434 : size_t packet_len = 0;
3602 214596 : int fd;
3603 :
3604 39657434 : swrap_mutex_lock(&pcap_dump_mutex);
3605 :
3606 39657434 : file_name = swrap_pcap_init_file();
3607 39657434 : if (!file_name) {
3608 2106041 : goto done;
3609 : }
3610 :
3611 37551393 : packet = swrap_pcap_marshall_packet(si,
3612 : addr,
3613 : type,
3614 : buf,
3615 : len,
3616 : &packet_len);
3617 37551393 : if (packet == NULL) {
3618 203930 : goto done;
3619 : }
3620 :
3621 37347463 : fd = swrap_pcap_get_fd(file_name);
3622 37347463 : if (fd != -1) {
3623 0 : if (libc_write(fd, packet, packet_len) != (ssize_t)packet_len) {
3624 0 : free(packet);
3625 0 : goto done;
3626 : }
3627 : }
3628 :
3629 37347463 : free(packet);
3630 :
3631 39657434 : done:
3632 39657434 : swrap_mutex_unlock(&pcap_dump_mutex);
3633 39657434 : }
3634 :
3635 : /****************************************************************************
3636 : * SIGNALFD
3637 : ***************************************************************************/
3638 :
3639 : #ifdef HAVE_SIGNALFD
3640 0 : static int swrap_signalfd(int fd, const sigset_t *mask, int flags)
3641 : {
3642 0 : int rc;
3643 :
3644 0 : rc = libc_signalfd(fd, mask, flags);
3645 0 : if (rc != -1) {
3646 0 : swrap_remove_stale(fd);
3647 : }
3648 :
3649 0 : return rc;
3650 : }
3651 :
3652 : int signalfd(int fd, const sigset_t *mask, int flags)
3653 : {
3654 0 : return swrap_signalfd(fd, mask, flags);
3655 : }
3656 : #endif
3657 :
3658 : /****************************************************************************
3659 : * SOCKET
3660 : ***************************************************************************/
3661 :
3662 1770688 : static int swrap_socket(int family, int type, int protocol)
3663 : {
3664 1770688 : struct socket_info *si = NULL;
3665 1770688 : struct socket_info _si = { 0 };
3666 31629 : int fd;
3667 31629 : int ret;
3668 1770688 : int real_type = type;
3669 :
3670 : /*
3671 : * Remove possible addition flags passed to socket() so
3672 : * do not fail checking the type.
3673 : * See https://lwn.net/Articles/281965/
3674 : */
3675 : #ifdef SOCK_CLOEXEC
3676 1770688 : real_type &= ~SOCK_CLOEXEC;
3677 : #endif
3678 : #ifdef SOCK_NONBLOCK
3679 1770688 : real_type &= ~SOCK_NONBLOCK;
3680 : #endif
3681 :
3682 1770688 : if (!socket_wrapper_enabled()) {
3683 22 : return libc_socket(family, type, protocol);
3684 : }
3685 :
3686 1770666 : switch (family) {
3687 1561324 : case AF_INET:
3688 : #ifdef HAVE_IPV6
3689 : case AF_INET6:
3690 : #endif
3691 1589045 : break;
3692 : #ifdef AF_NETLINK
3693 177735 : case AF_NETLINK:
3694 : #endif /* AF_NETLINK */
3695 : #ifdef AF_PACKET
3696 : case AF_PACKET:
3697 : #endif /* AF_PACKET */
3698 : case AF_UNIX:
3699 181621 : fd = libc_socket(family, type, protocol);
3700 181621 : if (fd != -1) {
3701 : /* Check if we have a stale fd and remove it */
3702 185507 : swrap_remove_stale(fd);
3703 181621 : SWRAP_LOG(SWRAP_LOG_TRACE,
3704 : "Unix socket fd=%d",
3705 : fd);
3706 : }
3707 177735 : return fd;
3708 0 : default:
3709 0 : errno = EAFNOSUPPORT;
3710 0 : return -1;
3711 : }
3712 :
3713 1589045 : switch (real_type) {
3714 166158 : case SOCK_STREAM:
3715 166158 : break;
3716 1395166 : case SOCK_DGRAM:
3717 1395166 : break;
3718 0 : default:
3719 0 : errno = EPROTONOSUPPORT;
3720 0 : return -1;
3721 : }
3722 :
3723 1589045 : switch (protocol) {
3724 1502398 : case 0:
3725 1502398 : break;
3726 56963 : case 6:
3727 56963 : if (real_type == SOCK_STREAM) {
3728 55305 : break;
3729 : }
3730 0 : FALL_THROUGH;
3731 : case 17:
3732 3621 : if (real_type == SOCK_DGRAM) {
3733 3621 : break;
3734 : }
3735 0 : FALL_THROUGH;
3736 : default:
3737 0 : errno = EPROTONOSUPPORT;
3738 0 : return -1;
3739 : }
3740 :
3741 : /*
3742 : * We must call libc_socket with type, from the caller, not the version
3743 : * we removed SOCK_CLOEXEC and SOCK_NONBLOCK from
3744 : */
3745 1589045 : fd = libc_socket(AF_UNIX, type, 0);
3746 :
3747 1589045 : if (fd == -1) {
3748 0 : return -1;
3749 : }
3750 :
3751 : /* Check if we have a stale fd and remove it */
3752 1616766 : swrap_remove_stale(fd);
3753 :
3754 1589045 : si = &_si;
3755 1589045 : si->family = family;
3756 :
3757 : /* however, the rest of the socket_wrapper code expects just
3758 : * the type, not the flags */
3759 1589045 : si->type = real_type;
3760 1589045 : si->protocol = protocol;
3761 :
3762 : /*
3763 : * Setup myname so getsockname() can succeed to find out the socket
3764 : * type.
3765 : */
3766 1589045 : switch(si->family) {
3767 1586641 : case AF_INET: {
3768 1586641 : struct sockaddr_in sin = {
3769 : .sin_family = AF_INET,
3770 : };
3771 :
3772 1586641 : si->myname.sa_socklen = sizeof(struct sockaddr_in);
3773 1586641 : memcpy(&si->myname.sa.in, &sin, si->myname.sa_socklen);
3774 1586641 : break;
3775 : }
3776 : #ifdef HAVE_IPV6
3777 2404 : case AF_INET6: {
3778 2404 : struct sockaddr_in6 sin6 = {
3779 : .sin6_family = AF_INET6,
3780 : };
3781 :
3782 2404 : si->myname.sa_socklen = sizeof(struct sockaddr_in6);
3783 2404 : memcpy(&si->myname.sa.in6, &sin6, si->myname.sa_socklen);
3784 2404 : break;
3785 : }
3786 : #endif
3787 0 : default:
3788 0 : errno = EINVAL;
3789 0 : return -1;
3790 : }
3791 :
3792 1589045 : ret = swrap_create_socket(si, fd);
3793 1589045 : if (ret == -1) {
3794 0 : int saved_errno = errno;
3795 0 : libc_close(fd);
3796 0 : errno = saved_errno;
3797 0 : return -1;
3798 : }
3799 :
3800 1592540 : SWRAP_LOG(SWRAP_LOG_TRACE,
3801 : "Created %s socket for protocol %s, fd=%d",
3802 : family == AF_INET ? "IPv4" : "IPv6",
3803 : real_type == SOCK_DGRAM ? "UDP" : "TCP",
3804 : fd);
3805 :
3806 1589045 : return fd;
3807 : }
3808 :
3809 : int socket(int family, int type, int protocol)
3810 : {
3811 1770688 : return swrap_socket(family, type, protocol);
3812 : }
3813 :
3814 : /****************************************************************************
3815 : * SOCKETPAIR
3816 : ***************************************************************************/
3817 :
3818 1883 : static int swrap_socketpair(int family, int type, int protocol, int sv[2])
3819 : {
3820 170 : int rc;
3821 :
3822 1883 : rc = libc_socketpair(family, type, protocol, sv);
3823 1883 : if (rc != -1) {
3824 2053 : swrap_remove_stale(sv[0]);
3825 2053 : swrap_remove_stale(sv[1]);
3826 : }
3827 :
3828 1883 : return rc;
3829 : }
3830 :
3831 : int socketpair(int family, int type, int protocol, int sv[2])
3832 : {
3833 1883 : return swrap_socketpair(family, type, protocol, sv);
3834 : }
3835 :
3836 : /****************************************************************************
3837 : * SOCKETPAIR
3838 : ***************************************************************************/
3839 :
3840 : #ifdef HAVE_TIMERFD_CREATE
3841 0 : static int swrap_timerfd_create(int clockid, int flags)
3842 : {
3843 0 : int fd;
3844 :
3845 0 : fd = libc_timerfd_create(clockid, flags);
3846 0 : if (fd != -1) {
3847 0 : swrap_remove_stale(fd);
3848 : }
3849 :
3850 0 : return fd;
3851 : }
3852 :
3853 : int timerfd_create(int clockid, int flags)
3854 : {
3855 0 : return swrap_timerfd_create(clockid, flags);
3856 : }
3857 : #endif
3858 :
3859 : /****************************************************************************
3860 : * PIPE
3861 : ***************************************************************************/
3862 :
3863 869522 : static int swrap_pipe(int pipefd[2])
3864 : {
3865 3844 : int rc;
3866 :
3867 869522 : rc = libc_pipe(pipefd);
3868 869522 : if (rc != -1) {
3869 873366 : swrap_remove_stale(pipefd[0]);
3870 873366 : swrap_remove_stale(pipefd[1]);
3871 : }
3872 :
3873 869522 : return rc;
3874 : }
3875 :
3876 : int pipe(int pipefd[2])
3877 : {
3878 869522 : return swrap_pipe(pipefd);
3879 : }
3880 :
3881 : /****************************************************************************
3882 : * ACCEPT
3883 : ***************************************************************************/
3884 :
3885 208656 : static int swrap_accept(int s,
3886 : struct sockaddr *addr,
3887 : socklen_t *addrlen,
3888 : int flags)
3889 : {
3890 4939 : struct socket_info *parent_si, *child_si;
3891 208656 : struct socket_info new_si = { 0 };
3892 4939 : int fd;
3893 4939 : int idx;
3894 208656 : struct swrap_address un_addr = {
3895 : .sa_socklen = sizeof(struct sockaddr_un),
3896 : };
3897 208656 : struct swrap_address un_my_addr = {
3898 : .sa_socklen = sizeof(struct sockaddr_un),
3899 : };
3900 208656 : struct swrap_address in_addr = {
3901 : .sa_socklen = sizeof(struct sockaddr_storage),
3902 : };
3903 208656 : struct swrap_address in_my_addr = {
3904 : .sa_socklen = sizeof(struct sockaddr_storage),
3905 : };
3906 4939 : int ret;
3907 :
3908 208656 : parent_si = find_socket_info(s);
3909 207791 : if (!parent_si) {
3910 : #ifdef HAVE_ACCEPT4
3911 61411 : return libc_accept4(s, addr, addrlen, flags);
3912 : #else
3913 : UNUSED(flags);
3914 : return libc_accept(s, addr, addrlen);
3915 : #endif
3916 : }
3917 :
3918 :
3919 : /*
3920 : * prevent parent_si from being altered / closed
3921 : * while we read it
3922 : */
3923 147245 : SWRAP_LOCK_SI(parent_si);
3924 :
3925 : /*
3926 : * assume out sockaddr have the same size as the in parent
3927 : * socket family
3928 : */
3929 147245 : in_addr.sa_socklen = socket_length(parent_si->family);
3930 147245 : if (in_addr.sa_socklen <= 0) {
3931 0 : SWRAP_UNLOCK_SI(parent_si);
3932 0 : errno = EINVAL;
3933 0 : return -1;
3934 : }
3935 :
3936 147245 : SWRAP_UNLOCK_SI(parent_si);
3937 :
3938 : #ifdef HAVE_ACCEPT4
3939 147245 : ret = libc_accept4(s, &un_addr.sa.s, &un_addr.sa_socklen, flags);
3940 : #else
3941 : UNUSED(flags);
3942 : ret = libc_accept(s, &un_addr.sa.s, &un_addr.sa_socklen);
3943 : #endif
3944 147245 : if (ret == -1) {
3945 29089 : int saved_errno = errno;
3946 29089 : if (saved_errno == ENOTSOCK) {
3947 : /* Remove stale fds */
3948 1466 : swrap_remove_stale(s);
3949 : }
3950 29089 : errno = saved_errno;
3951 29089 : return ret;
3952 : }
3953 :
3954 118156 : fd = ret;
3955 :
3956 : /* Check if we have a stale fd and remove it */
3957 120764 : swrap_remove_stale(fd);
3958 :
3959 118156 : if (un_addr.sa.un.sun_path[0] == '\0') {
3960 : /*
3961 : * FreeBSD seems to have a problem where
3962 : * accept4() on the unix socket doesn't
3963 : * ECONNABORTED for already disconnected connections.
3964 : *
3965 : * Let's try libc_getpeername() to get the peer address
3966 : * as a fallback, but it'll likely return ENOTCONN,
3967 : * which we have to map to ECONNABORTED.
3968 : */
3969 0 : un_addr.sa_socklen = sizeof(struct sockaddr_un),
3970 0 : ret = libc_getpeername(fd, &un_addr.sa.s, &un_addr.sa_socklen);
3971 0 : if (ret == -1) {
3972 0 : int saved_errno = errno;
3973 0 : libc_close(fd);
3974 0 : if (saved_errno == ENOTCONN) {
3975 : /*
3976 : * If the connection is already disconnected
3977 : * we should return ECONNABORTED.
3978 : */
3979 0 : saved_errno = ECONNABORTED;
3980 : }
3981 0 : errno = saved_errno;
3982 0 : return ret;
3983 : }
3984 : }
3985 :
3986 118156 : ret = libc_getsockname(fd,
3987 : &un_my_addr.sa.s,
3988 : &un_my_addr.sa_socklen);
3989 118156 : if (ret == -1) {
3990 0 : int saved_errno = errno;
3991 0 : libc_close(fd);
3992 0 : if (saved_errno == ENOTCONN) {
3993 : /*
3994 : * If the connection is already disconnected
3995 : * we should return ECONNABORTED.
3996 : */
3997 0 : saved_errno = ECONNABORTED;
3998 : }
3999 0 : errno = saved_errno;
4000 0 : return ret;
4001 : }
4002 :
4003 118156 : SWRAP_LOCK_SI(parent_si);
4004 :
4005 118156 : ret = sockaddr_convert_from_un(parent_si,
4006 : &un_addr.sa.un,
4007 : un_addr.sa_socklen,
4008 : parent_si->family,
4009 : &in_addr.sa.s,
4010 : &in_addr.sa_socklen);
4011 118156 : if (ret == -1) {
4012 0 : int saved_errno = errno;
4013 0 : SWRAP_UNLOCK_SI(parent_si);
4014 0 : libc_close(fd);
4015 0 : errno = saved_errno;
4016 0 : return ret;
4017 : }
4018 :
4019 118156 : child_si = &new_si;
4020 :
4021 118156 : child_si->family = parent_si->family;
4022 118156 : child_si->type = parent_si->type;
4023 118156 : child_si->protocol = parent_si->protocol;
4024 118156 : child_si->bound = 1;
4025 118156 : child_si->is_server = 1;
4026 118156 : child_si->connected = 1;
4027 :
4028 118156 : SWRAP_UNLOCK_SI(parent_si);
4029 :
4030 118156 : child_si->peername = (struct swrap_address) {
4031 118156 : .sa_socklen = in_addr.sa_socklen,
4032 : };
4033 118156 : memcpy(&child_si->peername.sa.ss, &in_addr.sa.ss, in_addr.sa_socklen);
4034 :
4035 118156 : if (addr != NULL && addrlen != NULL) {
4036 118156 : size_t copy_len = MIN(*addrlen, in_addr.sa_socklen);
4037 118156 : if (copy_len > 0) {
4038 118156 : memcpy(addr, &in_addr.sa.ss, copy_len);
4039 : }
4040 118156 : *addrlen = in_addr.sa_socklen;
4041 : }
4042 :
4043 118156 : ret = sockaddr_convert_from_un(child_si,
4044 : &un_my_addr.sa.un,
4045 : un_my_addr.sa_socklen,
4046 : child_si->family,
4047 : &in_my_addr.sa.s,
4048 : &in_my_addr.sa_socklen);
4049 118156 : if (ret == -1) {
4050 0 : int saved_errno = errno;
4051 0 : libc_close(fd);
4052 0 : errno = saved_errno;
4053 0 : return ret;
4054 : }
4055 :
4056 118156 : SWRAP_LOG(SWRAP_LOG_TRACE,
4057 : "accept() path=%s, fd=%d",
4058 : un_my_addr.sa.un.sun_path, s);
4059 :
4060 118156 : child_si->myname = (struct swrap_address) {
4061 118156 : .sa_socklen = in_my_addr.sa_socklen,
4062 : };
4063 118156 : memcpy(&child_si->myname.sa.ss, &in_my_addr.sa.ss, in_my_addr.sa_socklen);
4064 :
4065 118156 : idx = swrap_create_socket(&new_si, fd);
4066 118156 : if (idx == -1) {
4067 0 : int saved_errno = errno;
4068 0 : libc_close(fd);
4069 0 : errno = saved_errno;
4070 0 : return -1;
4071 : }
4072 :
4073 118156 : if (addr != NULL) {
4074 118156 : struct socket_info *si = swrap_get_socket_info(idx);
4075 :
4076 118156 : SWRAP_LOCK_SI(si);
4077 118156 : swrap_pcap_dump_packet(si, addr, SWRAP_ACCEPT_SEND, NULL, 0);
4078 118156 : swrap_pcap_dump_packet(si, addr, SWRAP_ACCEPT_RECV, NULL, 0);
4079 118156 : swrap_pcap_dump_packet(si, addr, SWRAP_ACCEPT_ACK, NULL, 0);
4080 118156 : SWRAP_UNLOCK_SI(si);
4081 : }
4082 :
4083 115548 : return fd;
4084 : }
4085 :
4086 : #ifdef HAVE_ACCEPT4
4087 : int accept4(int s, struct sockaddr *addr, socklen_t *addrlen, int flags)
4088 : {
4089 110 : return swrap_accept(s, addr, (socklen_t *)addrlen, flags);
4090 : }
4091 : #endif
4092 :
4093 : #ifdef HAVE_ACCEPT_PSOCKLEN_T
4094 : int accept(int s, struct sockaddr *addr, Psocklen_t addrlen)
4095 : #else
4096 : int accept(int s, struct sockaddr *addr, socklen_t *addrlen)
4097 : #endif
4098 : {
4099 208546 : return swrap_accept(s, addr, (socklen_t *)addrlen, 0);
4100 : }
4101 :
4102 : static int autobind_start_init;
4103 : static int autobind_start;
4104 :
4105 : /* using sendto() or connect() on an unbound socket would give the
4106 : recipient no way to reply, as unlike UDP and TCP, a unix domain
4107 : socket can't auto-assign ephemeral port numbers, so we need to
4108 : assign it here.
4109 : Note: this might change the family from ipv6 to ipv4
4110 : */
4111 210535 : static int swrap_auto_bind(int fd, struct socket_info *si, int family)
4112 : {
4113 210535 : struct swrap_address un_addr = {
4114 : .sa_socklen = sizeof(struct sockaddr_un),
4115 : };
4116 4683 : int i;
4117 4683 : char type;
4118 4683 : int ret;
4119 4683 : int port;
4120 210535 : char *swrap_dir = NULL;
4121 :
4122 210535 : swrap_mutex_lock(&autobind_start_mutex);
4123 :
4124 210535 : if (autobind_start_init != 1) {
4125 21826 : autobind_start_init = 1;
4126 21826 : autobind_start = getpid();
4127 21826 : autobind_start %= 50000;
4128 21826 : autobind_start += 10000;
4129 : }
4130 :
4131 210535 : un_addr.sa.un.sun_family = AF_UNIX;
4132 :
4133 210535 : switch (family) {
4134 209597 : case AF_INET: {
4135 4683 : struct sockaddr_in in;
4136 :
4137 209597 : switch (si->type) {
4138 162871 : case SOCK_STREAM:
4139 162871 : type = SOCKET_TYPE_CHAR_TCP;
4140 162871 : break;
4141 43276 : case SOCK_DGRAM:
4142 43276 : type = SOCKET_TYPE_CHAR_UDP;
4143 43276 : break;
4144 0 : default:
4145 0 : errno = ESOCKTNOSUPPORT;
4146 0 : ret = -1;
4147 0 : goto done;
4148 : }
4149 :
4150 209597 : memset(&in, 0, sizeof(in));
4151 209597 : in.sin_family = AF_INET;
4152 209597 : in.sin_addr.s_addr = htonl(swrap_ipv4_iface(
4153 : socket_wrapper_default_iface()));
4154 :
4155 209597 : si->myname = (struct swrap_address) {
4156 : .sa_socklen = sizeof(in),
4157 : };
4158 209597 : memcpy(&si->myname.sa.in, &in, si->myname.sa_socklen);
4159 209597 : break;
4160 : }
4161 : #ifdef HAVE_IPV6
4162 938 : case AF_INET6: {
4163 0 : struct sockaddr_in6 in6;
4164 :
4165 938 : if (si->family != family) {
4166 0 : errno = ENETUNREACH;
4167 0 : ret = -1;
4168 0 : goto done;
4169 : }
4170 :
4171 938 : switch (si->type) {
4172 306 : case SOCK_STREAM:
4173 306 : type = SOCKET_TYPE_CHAR_TCP_V6;
4174 306 : break;
4175 632 : case SOCK_DGRAM:
4176 632 : type = SOCKET_TYPE_CHAR_UDP_V6;
4177 632 : break;
4178 0 : default:
4179 0 : errno = ESOCKTNOSUPPORT;
4180 0 : ret = -1;
4181 0 : goto done;
4182 : }
4183 :
4184 938 : memset(&in6, 0, sizeof(in6));
4185 938 : in6.sin6_family = AF_INET6;
4186 938 : in6.sin6_addr = *swrap_ipv6();
4187 938 : in6.sin6_addr.s6_addr[15] = socket_wrapper_default_iface();
4188 :
4189 938 : si->myname = (struct swrap_address) {
4190 : .sa_socklen = sizeof(in6),
4191 : };
4192 938 : memcpy(&si->myname.sa.in6, &in6, si->myname.sa_socklen);
4193 938 : break;
4194 : }
4195 : #endif
4196 0 : default:
4197 0 : errno = ESOCKTNOSUPPORT;
4198 0 : ret = -1;
4199 0 : goto done;
4200 : }
4201 :
4202 210535 : if (autobind_start > 60000) {
4203 0 : autobind_start = 10000;
4204 : }
4205 :
4206 210535 : swrap_dir = socket_wrapper_dir();
4207 210535 : if (swrap_dir == NULL) {
4208 0 : errno = EINVAL;
4209 0 : ret = -1;
4210 0 : goto done;
4211 : }
4212 :
4213 210570 : for (i = 0; i < SOCKET_MAX_SOCKETS; i++) {
4214 210570 : port = autobind_start + i;
4215 210570 : swrap_un_path(&un_addr.sa.un,
4216 : swrap_dir,
4217 : type,
4218 : socket_wrapper_default_iface(),
4219 : port);
4220 :
4221 210570 : ret = libc_bind(fd, &un_addr.sa.s, un_addr.sa_socklen);
4222 210570 : if (ret == -1) {
4223 35 : if (errno == EALREADY || errno == EADDRINUSE) {
4224 35 : continue;
4225 : }
4226 0 : goto done;
4227 : }
4228 :
4229 210535 : si->un_addr = un_addr.sa.un;
4230 :
4231 210535 : si->bound = 1;
4232 210535 : autobind_start = port + 1;
4233 210535 : break;
4234 : }
4235 210535 : if (i == SOCKET_MAX_SOCKETS) {
4236 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "Too many open unix sockets (%u) for "
4237 : "interface "SOCKET_FORMAT,
4238 : SOCKET_MAX_SOCKETS,
4239 : type,
4240 : socket_wrapper_default_iface(),
4241 : 0);
4242 0 : errno = ENFILE;
4243 0 : ret = -1;
4244 0 : goto done;
4245 : }
4246 :
4247 210535 : si->family = family;
4248 210535 : set_port(si->family, port, &si->myname);
4249 :
4250 205852 : ret = 0;
4251 :
4252 210535 : done:
4253 210535 : SAFE_FREE(swrap_dir);
4254 210535 : swrap_mutex_unlock(&autobind_start_mutex);
4255 210535 : return ret;
4256 : }
4257 :
4258 : /****************************************************************************
4259 : * CONNECT
4260 : ***************************************************************************/
4261 :
4262 328682 : static int swrap_connect(int s, const struct sockaddr *serv_addr,
4263 : socklen_t addrlen)
4264 : {
4265 7399 : int ret;
4266 328682 : struct swrap_address un_addr = {
4267 : .sa_socklen = sizeof(struct sockaddr_un),
4268 : };
4269 328682 : struct socket_info *si = find_socket_info(s);
4270 328682 : struct swrap_sockaddr_buf buf = {};
4271 328682 : int bcast = 0;
4272 :
4273 328682 : if (!si) {
4274 118976 : return libc_connect(s, serv_addr, addrlen);
4275 : }
4276 :
4277 209706 : SWRAP_LOCK_SI(si);
4278 :
4279 209706 : if (si->bound == 0) {
4280 208456 : ret = swrap_auto_bind(s, si, serv_addr->sa_family);
4281 208456 : if (ret == -1) {
4282 0 : goto done;
4283 : }
4284 : }
4285 :
4286 209706 : if (si->family != serv_addr->sa_family) {
4287 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
4288 : "called for fd=%d (family=%d) called with invalid family=%d",
4289 : s, si->family, serv_addr->sa_family);
4290 0 : errno = EINVAL;
4291 0 : ret = -1;
4292 0 : goto done;
4293 : }
4294 :
4295 209706 : ret = sockaddr_convert_to_un(si, serv_addr,
4296 : addrlen, &un_addr.sa.un, 0, &bcast);
4297 209706 : if (ret == -1) {
4298 4 : goto done;
4299 : }
4300 :
4301 209702 : if (bcast) {
4302 0 : errno = ENETUNREACH;
4303 0 : ret = -1;
4304 0 : goto done;
4305 : }
4306 :
4307 209702 : if (si->type == SOCK_DGRAM) {
4308 41898 : si->defer_connect = 1;
4309 41898 : ret = 0;
4310 : } else {
4311 167804 : swrap_pcap_dump_packet(si, serv_addr, SWRAP_CONNECT_SEND, NULL, 0);
4312 :
4313 167804 : ret = libc_connect(s,
4314 : &un_addr.sa.s,
4315 : un_addr.sa_socklen);
4316 : }
4317 :
4318 209702 : SWRAP_LOG(SWRAP_LOG_TRACE,
4319 : "connect(%s) path=%s, fd=%d",
4320 : swrap_sockaddr_string(&buf, serv_addr),
4321 : un_addr.sa.un.sun_path, s);
4322 :
4323 :
4324 : /* to give better errors */
4325 209702 : if (ret == -1 && errno == ENOENT) {
4326 10 : errno = EHOSTUNREACH;
4327 : }
4328 :
4329 209702 : if (ret == 0) {
4330 209692 : si->peername = (struct swrap_address) {
4331 : .sa_socklen = addrlen,
4332 : };
4333 :
4334 209692 : memcpy(&si->peername.sa.ss, serv_addr, addrlen);
4335 209692 : si->connected = 1;
4336 :
4337 : /*
4338 : * When we connect() on a socket than we have to bind the
4339 : * outgoing connection on the interface we use for the
4340 : * transport. We already bound it on the right interface
4341 : * but here we have to update the name so getsockname()
4342 : * returns correct information.
4343 : */
4344 209692 : if (si->bindname.sa_socklen > 0) {
4345 1222 : si->myname = (struct swrap_address) {
4346 1222 : .sa_socklen = si->bindname.sa_socklen,
4347 : };
4348 :
4349 1222 : memcpy(&si->myname.sa.ss,
4350 1222 : &si->bindname.sa.ss,
4351 1222 : si->bindname.sa_socklen);
4352 :
4353 : /* Cleanup bindname */
4354 1222 : si->bindname = (struct swrap_address) {
4355 : .sa_socklen = 0,
4356 : };
4357 : }
4358 :
4359 209692 : swrap_pcap_dump_packet(si, serv_addr, SWRAP_CONNECT_RECV, NULL, 0);
4360 209692 : swrap_pcap_dump_packet(si, serv_addr, SWRAP_CONNECT_ACK, NULL, 0);
4361 : } else {
4362 10 : swrap_pcap_dump_packet(si, serv_addr, SWRAP_CONNECT_UNREACH, NULL, 0);
4363 : }
4364 :
4365 209706 : done:
4366 209706 : SWRAP_UNLOCK_SI(si);
4367 209706 : return ret;
4368 : }
4369 :
4370 : int connect(int s, const struct sockaddr *serv_addr, socklen_t addrlen)
4371 : {
4372 328682 : return swrap_connect(s, serv_addr, addrlen);
4373 : }
4374 :
4375 : /****************************************************************************
4376 : * BIND
4377 : ***************************************************************************/
4378 :
4379 67542 : static int swrap_bind(int s, const struct sockaddr *myaddr, socklen_t addrlen)
4380 : {
4381 1268 : int ret;
4382 67542 : struct swrap_address un_addr = {
4383 : .sa_socklen = sizeof(struct sockaddr_un),
4384 : };
4385 67542 : struct socket_info *si = find_socket_info(s);
4386 67542 : struct swrap_sockaddr_buf buf = {};
4387 67542 : int ret_errno = errno;
4388 67542 : int bind_error = 0;
4389 : #if 0 /* FIXME */
4390 : bool in_use;
4391 : #endif
4392 :
4393 67542 : if (!si) {
4394 62637 : return libc_bind(s, myaddr, addrlen);
4395 : }
4396 :
4397 4905 : SWRAP_LOCK_SI(si);
4398 :
4399 4905 : switch (si->family) {
4400 3496 : case AF_INET: {
4401 53 : const struct sockaddr_in *sin;
4402 3496 : if (addrlen < sizeof(struct sockaddr_in)) {
4403 0 : bind_error = EINVAL;
4404 0 : break;
4405 : }
4406 :
4407 3496 : sin = (const struct sockaddr_in *)(const void *)myaddr;
4408 :
4409 3496 : if (sin->sin_family != AF_INET) {
4410 0 : bind_error = EAFNOSUPPORT;
4411 : }
4412 :
4413 : /* special case for AF_UNSPEC */
4414 3496 : if (sin->sin_family == AF_UNSPEC &&
4415 0 : (sin->sin_addr.s_addr == htonl(INADDR_ANY)))
4416 : {
4417 0 : bind_error = 0;
4418 : }
4419 :
4420 3443 : break;
4421 : }
4422 : #ifdef HAVE_IPV6
4423 1409 : case AF_INET6: {
4424 39 : const struct sockaddr_in6 *sin6;
4425 1409 : if (addrlen < sizeof(struct sockaddr_in6)) {
4426 0 : bind_error = EINVAL;
4427 0 : break;
4428 : }
4429 :
4430 1409 : sin6 = (const struct sockaddr_in6 *)(const void *)myaddr;
4431 :
4432 1409 : if (sin6->sin6_family != AF_INET6) {
4433 0 : bind_error = EAFNOSUPPORT;
4434 : }
4435 :
4436 1370 : break;
4437 : }
4438 : #endif
4439 0 : default:
4440 0 : bind_error = EINVAL;
4441 0 : break;
4442 : }
4443 :
4444 4866 : if (bind_error != 0) {
4445 0 : ret_errno = bind_error;
4446 0 : ret = -1;
4447 0 : goto out;
4448 : }
4449 :
4450 : #if 0 /* FIXME */
4451 : in_use = check_addr_port_in_use(myaddr, addrlen);
4452 : if (in_use) {
4453 : errno = EADDRINUSE;
4454 : ret = -1;
4455 : goto out;
4456 : }
4457 : #endif
4458 :
4459 4905 : si->myname.sa_socklen = addrlen;
4460 4905 : memcpy(&si->myname.sa.ss, myaddr, addrlen);
4461 :
4462 4905 : ret = sockaddr_convert_to_un(si,
4463 : myaddr,
4464 : addrlen,
4465 : &un_addr.sa.un,
4466 : 1,
4467 : &si->bcast);
4468 4905 : if (ret == -1) {
4469 255 : ret_errno = errno;
4470 255 : goto out;
4471 : }
4472 :
4473 4650 : unlink(un_addr.sa.un.sun_path);
4474 :
4475 4650 : ret = libc_bind(s, &un_addr.sa.s, un_addr.sa_socklen);
4476 4650 : if (ret == -1) {
4477 0 : ret_errno = errno;
4478 : }
4479 :
4480 4650 : SWRAP_LOG(SWRAP_LOG_TRACE,
4481 : "bind(%s) path=%s, fd=%d ret=%d ret_errno=%d",
4482 : swrap_sockaddr_string(&buf, myaddr),
4483 : un_addr.sa.un.sun_path, s, ret, ret_errno);
4484 :
4485 4650 : if (ret == 0) {
4486 4650 : si->bound = 1;
4487 : }
4488 :
4489 0 : out:
4490 4905 : SWRAP_UNLOCK_SI(si);
4491 4905 : errno = ret_errno;
4492 4905 : return ret;
4493 : }
4494 :
4495 : int bind(int s, const struct sockaddr *myaddr, socklen_t addrlen)
4496 : {
4497 67542 : return swrap_bind(s, myaddr, addrlen);
4498 : }
4499 :
4500 : /****************************************************************************
4501 : * BINDRESVPORT
4502 : ***************************************************************************/
4503 :
4504 : #ifdef HAVE_BINDRESVPORT
4505 : static int swrap_getsockname(int s, struct sockaddr *name, socklen_t *addrlen);
4506 :
4507 0 : static int swrap_bindresvport_sa(int sd, struct sockaddr *sa)
4508 : {
4509 0 : struct swrap_address myaddr = {
4510 : .sa_socklen = sizeof(struct sockaddr_storage),
4511 : };
4512 0 : socklen_t salen;
4513 0 : static uint16_t port;
4514 0 : uint16_t i;
4515 0 : int rc = -1;
4516 0 : int af;
4517 :
4518 : #define SWRAP_STARTPORT 600
4519 : #define SWRAP_ENDPORT (IPPORT_RESERVED - 1)
4520 : #define SWRAP_NPORTS (SWRAP_ENDPORT - SWRAP_STARTPORT + 1)
4521 :
4522 0 : if (port == 0) {
4523 0 : port = (getpid() % SWRAP_NPORTS) + SWRAP_STARTPORT;
4524 : }
4525 :
4526 0 : if (sa == NULL) {
4527 0 : salen = myaddr.sa_socklen;
4528 0 : sa = &myaddr.sa.s;
4529 :
4530 0 : rc = swrap_getsockname(sd, &myaddr.sa.s, &salen);
4531 0 : if (rc < 0) {
4532 0 : return -1;
4533 : }
4534 :
4535 0 : af = sa->sa_family;
4536 0 : memset(&myaddr.sa.ss, 0, salen);
4537 : } else {
4538 0 : af = sa->sa_family;
4539 : }
4540 :
4541 0 : for (i = 0; i < SWRAP_NPORTS; i++, port++) {
4542 0 : switch(af) {
4543 0 : case AF_INET: {
4544 0 : struct sockaddr_in *sinp = (struct sockaddr_in *)(void *)sa;
4545 :
4546 0 : salen = sizeof(struct sockaddr_in);
4547 0 : sinp->sin_port = htons(port);
4548 0 : break;
4549 : }
4550 0 : case AF_INET6: {
4551 0 : struct sockaddr_in6 *sin6p = (struct sockaddr_in6 *)(void *)sa;
4552 :
4553 0 : salen = sizeof(struct sockaddr_in6);
4554 0 : sin6p->sin6_port = htons(port);
4555 0 : break;
4556 : }
4557 0 : default:
4558 0 : errno = EAFNOSUPPORT;
4559 0 : return -1;
4560 : }
4561 0 : sa->sa_family = af;
4562 :
4563 0 : if (port > SWRAP_ENDPORT) {
4564 0 : port = SWRAP_STARTPORT;
4565 : }
4566 :
4567 0 : rc = swrap_bind(sd, (struct sockaddr *)sa, salen);
4568 0 : if (rc == 0 || errno != EADDRINUSE) {
4569 : break;
4570 : }
4571 : }
4572 :
4573 0 : return rc;
4574 : }
4575 :
4576 : int bindresvport(int sockfd, struct sockaddr_in *sinp)
4577 : {
4578 0 : return swrap_bindresvport_sa(sockfd, (struct sockaddr *)sinp);
4579 : }
4580 : #endif
4581 :
4582 : /****************************************************************************
4583 : * LISTEN
4584 : ***************************************************************************/
4585 :
4586 4478 : static int swrap_listen(int s, int backlog)
4587 : {
4588 86 : int ret;
4589 4478 : struct socket_info *si = find_socket_info(s);
4590 :
4591 4435 : if (!si) {
4592 2980 : return libc_listen(s, backlog);
4593 : }
4594 :
4595 1498 : SWRAP_LOCK_SI(si);
4596 :
4597 1498 : if (si->bound == 0) {
4598 0 : ret = swrap_auto_bind(s, si, si->family);
4599 0 : if (ret == -1) {
4600 0 : errno = EADDRINUSE;
4601 0 : goto out;
4602 : }
4603 : }
4604 :
4605 1498 : ret = libc_listen(s, backlog);
4606 1498 : if (ret == 0) {
4607 1498 : si->listening = 1;
4608 : }
4609 :
4610 0 : out:
4611 1498 : SWRAP_UNLOCK_SI(si);
4612 :
4613 1498 : return ret;
4614 : }
4615 :
4616 : int listen(int s, int backlog)
4617 : {
4618 4478 : return swrap_listen(s, backlog);
4619 : }
4620 :
4621 : /****************************************************************************
4622 : * FOPEN
4623 : ***************************************************************************/
4624 :
4625 2908928 : static FILE *swrap_fopen(const char *name, const char *mode)
4626 : {
4627 84514 : FILE *fp;
4628 :
4629 2908928 : fp = libc_fopen(name, mode);
4630 2908928 : if (fp != NULL) {
4631 1452047 : int fd = fileno(fp);
4632 :
4633 1536561 : swrap_remove_stale(fd);
4634 : }
4635 :
4636 2908928 : return fp;
4637 : }
4638 :
4639 : #undef fopen /* Needed for LFS handling */
4640 : FILE *fopen(const char *name, const char *mode)
4641 : {
4642 2908928 : return swrap_fopen(name, mode);
4643 : }
4644 :
4645 : /****************************************************************************
4646 : * FOPEN64
4647 : ***************************************************************************/
4648 :
4649 : #ifdef HAVE_FOPEN64
4650 78409 : static FILE *swrap_fopen64(const char *name, const char *mode)
4651 : {
4652 2465 : FILE *fp;
4653 :
4654 78409 : fp = libc_fopen64(name, mode);
4655 78409 : if (fp != NULL) {
4656 32174 : int fd = fileno(fp);
4657 :
4658 34639 : swrap_remove_stale(fd);
4659 : }
4660 :
4661 78409 : return fp;
4662 : }
4663 :
4664 : FILE *fopen64(const char *name, const char *mode)
4665 : {
4666 78409 : return swrap_fopen64(name, mode);
4667 : }
4668 : #endif /* HAVE_FOPEN64 */
4669 :
4670 : /****************************************************************************
4671 : * OPEN
4672 : ***************************************************************************/
4673 :
4674 5680406 : static int swrap_vopen(const char *pathname, int flags, va_list ap)
4675 : {
4676 144655 : int ret;
4677 :
4678 5680406 : ret = libc_vopen(pathname, flags, ap);
4679 5680406 : if (ret != -1) {
4680 : /*
4681 : * There are methods for closing descriptors (libc-internal code
4682 : * paths, direct syscalls) which close descriptors in ways that
4683 : * we can't intercept, so try to recover when we notice that
4684 : * that's happened
4685 : */
4686 5264641 : swrap_remove_stale(ret);
4687 : }
4688 5680406 : return ret;
4689 : }
4690 :
4691 : #undef open /* Needed for LFS handling */
4692 : int open(const char *pathname, int flags, ...)
4693 : {
4694 144655 : va_list ap;
4695 144655 : int fd;
4696 :
4697 5680406 : va_start(ap, flags);
4698 5680406 : fd = swrap_vopen(pathname, flags, ap);
4699 5680406 : va_end(ap);
4700 :
4701 5680406 : return fd;
4702 : }
4703 :
4704 : /****************************************************************************
4705 : * OPEN64
4706 : ***************************************************************************/
4707 :
4708 : #ifdef HAVE_OPEN64
4709 1426908 : static int swrap_vopen64(const char *pathname, int flags, va_list ap)
4710 : {
4711 82038 : int ret;
4712 :
4713 1426908 : ret = libc_vopen64(pathname, flags, ap);
4714 1426908 : if (ret != -1) {
4715 : /*
4716 : * There are methods for closing descriptors (libc-internal code
4717 : * paths, direct syscalls) which close descriptors in ways that
4718 : * we can't intercept, so try to recover when we notice that
4719 : * that's happened
4720 : */
4721 1502091 : swrap_remove_stale(ret);
4722 : }
4723 1426908 : return ret;
4724 : }
4725 :
4726 : int open64(const char *pathname, int flags, ...)
4727 : {
4728 82038 : va_list ap;
4729 82038 : int fd;
4730 :
4731 1426908 : va_start(ap, flags);
4732 1426908 : fd = swrap_vopen64(pathname, flags, ap);
4733 1426908 : va_end(ap);
4734 :
4735 1426908 : return fd;
4736 : }
4737 : #endif /* HAVE_OPEN64 */
4738 :
4739 : /****************************************************************************
4740 : * OPENAT64
4741 : ***************************************************************************/
4742 :
4743 : #ifdef HAVE_OPENAT64
4744 : static int
4745 4466 : swrap_vopenat64(int dirfd, const char *pathname, int flags, va_list ap)
4746 : {
4747 189 : int ret;
4748 :
4749 4466 : ret = libc_vopenat64(dirfd, pathname, flags, ap);
4750 4466 : if (ret != -1) {
4751 : /*
4752 : * There are methods for closing descriptors (libc-internal code
4753 : * paths, direct syscalls) which close descriptors in ways that
4754 : * we can't intercept, so try to recover when we notice that
4755 : * that's happened
4756 : */
4757 4635 : swrap_remove_stale(ret);
4758 : }
4759 4466 : return ret;
4760 : }
4761 :
4762 : int openat64(int dirfd, const char *pathname, int flags, ...)
4763 : {
4764 189 : va_list ap;
4765 189 : int fd;
4766 :
4767 4466 : va_start(ap, flags);
4768 4466 : fd = swrap_vopenat64(dirfd, pathname, flags, ap);
4769 4466 : va_end(ap);
4770 :
4771 4466 : return fd;
4772 : }
4773 : #endif /* HAVE_OPENAT64 */
4774 :
4775 : /****************************************************************************
4776 : * OPENAT
4777 : ***************************************************************************/
4778 :
4779 5900721 : static int swrap_vopenat(int dirfd, const char *path, int flags, va_list ap)
4780 : {
4781 30532 : int ret;
4782 :
4783 5900721 : ret = libc_vopenat(dirfd, path, flags, ap);
4784 5900721 : if (ret != -1) {
4785 : /*
4786 : * There are methods for closing descriptors (libc-internal code
4787 : * paths, direct syscalls) which close descriptors in ways that
4788 : * we can't intercept, so try to recover when we notice that
4789 : * that's happened
4790 : */
4791 4222068 : swrap_remove_stale(ret);
4792 : }
4793 :
4794 5900721 : return ret;
4795 : }
4796 :
4797 : #undef openat /* Needed for LFS handling */
4798 : int openat(int dirfd, const char *path, int flags, ...)
4799 : {
4800 30532 : va_list ap;
4801 30532 : int fd;
4802 :
4803 5900721 : va_start(ap, flags);
4804 5900721 : fd = swrap_vopenat(dirfd, path, flags, ap);
4805 5900721 : va_end(ap);
4806 :
4807 5900721 : return fd;
4808 : }
4809 :
4810 : /****************************************************************************
4811 : * GETPEERNAME
4812 : ***************************************************************************/
4813 :
4814 216400 : static int swrap_getpeername(int s, struct sockaddr *name, socklen_t *addrlen)
4815 : {
4816 216400 : struct socket_info *si = find_socket_info(s);
4817 4344 : socklen_t len;
4818 216400 : int ret = -1;
4819 :
4820 215426 : if (!si) {
4821 14863 : return libc_getpeername(s, name, addrlen);
4822 : }
4823 :
4824 201537 : SWRAP_LOCK_SI(si);
4825 :
4826 201537 : if (si->peername.sa_socklen == 0)
4827 : {
4828 41 : errno = ENOTCONN;
4829 41 : goto out;
4830 : }
4831 :
4832 201496 : len = MIN(*addrlen, si->peername.sa_socklen);
4833 201496 : if (len == 0) {
4834 0 : ret = 0;
4835 0 : goto out;
4836 : }
4837 :
4838 201496 : memcpy(name, &si->peername.sa.ss, len);
4839 201496 : *addrlen = si->peername.sa_socklen;
4840 :
4841 201496 : ret = 0;
4842 201537 : out:
4843 201537 : SWRAP_UNLOCK_SI(si);
4844 :
4845 201537 : return ret;
4846 : }
4847 :
4848 : #ifdef HAVE_ACCEPT_PSOCKLEN_T
4849 : int getpeername(int s, struct sockaddr *name, Psocklen_t addrlen)
4850 : #else
4851 : int getpeername(int s, struct sockaddr *name, socklen_t *addrlen)
4852 : #endif
4853 : {
4854 216400 : return swrap_getpeername(s, name, (socklen_t *)addrlen);
4855 : }
4856 :
4857 : /****************************************************************************
4858 : * GETSOCKNAME
4859 : ***************************************************************************/
4860 :
4861 1535796 : static int swrap_getsockname(int s, struct sockaddr *name, socklen_t *addrlen)
4862 : {
4863 1535796 : struct socket_info *si = find_socket_info(s);
4864 4711 : socklen_t len;
4865 1535796 : int ret = -1;
4866 :
4867 1390460 : if (!si) {
4868 1291760 : return libc_getsockname(s, name, addrlen);
4869 : }
4870 :
4871 244036 : SWRAP_LOCK_SI(si);
4872 :
4873 244036 : len = MIN(*addrlen, si->myname.sa_socklen);
4874 244036 : if (len == 0) {
4875 0 : ret = 0;
4876 0 : goto out;
4877 : }
4878 :
4879 244036 : memcpy(name, &si->myname.sa.ss, len);
4880 244036 : *addrlen = si->myname.sa_socklen;
4881 :
4882 244036 : ret = 0;
4883 244036 : out:
4884 244036 : SWRAP_UNLOCK_SI(si);
4885 :
4886 244036 : return ret;
4887 : }
4888 :
4889 : #ifdef HAVE_ACCEPT_PSOCKLEN_T
4890 : int getsockname(int s, struct sockaddr *name, Psocklen_t addrlen)
4891 : #else
4892 : int getsockname(int s, struct sockaddr *name, socklen_t *addrlen)
4893 : #endif
4894 : {
4895 1535796 : return swrap_getsockname(s, name, (socklen_t *)addrlen);
4896 : }
4897 :
4898 : /****************************************************************************
4899 : * GETSOCKOPT
4900 : ***************************************************************************/
4901 :
4902 : #ifndef SO_PROTOCOL
4903 : # ifdef SO_PROTOTYPE /* The Solaris name */
4904 : # define SO_PROTOCOL SO_PROTOTYPE
4905 : # endif /* SO_PROTOTYPE */
4906 : #endif /* SO_PROTOCOL */
4907 :
4908 490219 : static int swrap_getsockopt(int s, int level, int optname,
4909 : void *optval, socklen_t *optlen)
4910 : {
4911 490219 : struct socket_info *si = find_socket_info(s);
4912 6097 : int ret;
4913 :
4914 490194 : if (!si) {
4915 4890 : return libc_getsockopt(s,
4916 : level,
4917 : optname,
4918 : optval,
4919 : optlen);
4920 : }
4921 :
4922 485329 : SWRAP_LOCK_SI(si);
4923 :
4924 485329 : if (level == SOL_SOCKET) {
4925 484508 : switch (optname) {
4926 : #ifdef SO_DOMAIN
4927 0 : case SO_DOMAIN:
4928 0 : if (optval == NULL || optlen == NULL ||
4929 0 : *optlen < (socklen_t)sizeof(int)) {
4930 0 : errno = EINVAL;
4931 0 : ret = -1;
4932 0 : goto done;
4933 : }
4934 :
4935 0 : *optlen = sizeof(int);
4936 0 : *(int *)optval = si->family;
4937 0 : ret = 0;
4938 0 : goto done;
4939 : #endif /* SO_DOMAIN */
4940 :
4941 : #ifdef SO_PROTOCOL
4942 0 : case SO_PROTOCOL:
4943 0 : if (optval == NULL || optlen == NULL ||
4944 0 : *optlen < (socklen_t)sizeof(int)) {
4945 0 : errno = EINVAL;
4946 0 : ret = -1;
4947 0 : goto done;
4948 : }
4949 :
4950 0 : *optlen = sizeof(int);
4951 0 : *(int *)optval = si->protocol;
4952 0 : ret = 0;
4953 0 : goto done;
4954 : #endif /* SO_PROTOCOL */
4955 20 : case SO_TYPE:
4956 20 : if (optval == NULL || optlen == NULL ||
4957 20 : *optlen < (socklen_t)sizeof(int)) {
4958 0 : errno = EINVAL;
4959 0 : ret = -1;
4960 0 : goto done;
4961 : }
4962 :
4963 20 : *optlen = sizeof(int);
4964 20 : *(int *)optval = si->type;
4965 20 : ret = 0;
4966 20 : goto done;
4967 478391 : default:
4968 484488 : ret = libc_getsockopt(s,
4969 : level,
4970 : optname,
4971 : optval,
4972 : optlen);
4973 484488 : goto done;
4974 : }
4975 821 : } else if (level == IPPROTO_TCP) {
4976 805 : switch (optname) {
4977 : #ifdef TCP_NODELAY
4978 8 : case TCP_NODELAY:
4979 : /*
4980 : * This enables sending packets directly out over TCP.
4981 : * As a unix socket is doing that any way, report it as
4982 : * enabled.
4983 : */
4984 8 : if (optval == NULL || optlen == NULL ||
4985 8 : *optlen < (socklen_t)sizeof(int)) {
4986 0 : errno = EINVAL;
4987 0 : ret = -1;
4988 0 : goto done;
4989 : }
4990 :
4991 8 : *optlen = sizeof(int);
4992 8 : *(int *)optval = si->tcp_nodelay;
4993 :
4994 8 : ret = 0;
4995 8 : goto done;
4996 : #endif /* TCP_NODELAY */
4997 : #ifdef TCP_INFO
4998 749 : case TCP_INFO: {
4999 0 : struct tcp_info info;
5000 749 : socklen_t ilen = sizeof(info);
5001 :
5002 : #ifdef HAVE_NETINET_TCP_FSM_H
5003 : /* This is FreeBSD */
5004 : # define __TCP_LISTEN TCPS_LISTEN
5005 : # define __TCP_ESTABLISHED TCPS_ESTABLISHED
5006 : # define __TCP_CLOSE TCPS_CLOSED
5007 : #else
5008 : /* This is Linux */
5009 : # define __TCP_LISTEN TCP_LISTEN
5010 : # define __TCP_ESTABLISHED TCP_ESTABLISHED
5011 : # define __TCP_CLOSE TCP_CLOSE
5012 : #endif
5013 :
5014 749 : ZERO_STRUCT(info);
5015 749 : if (si->listening) {
5016 0 : info.tcpi_state = __TCP_LISTEN;
5017 749 : } else if (si->connected) {
5018 : /*
5019 : * For now we just fake a few values
5020 : * supported both by FreeBSD and Linux
5021 : */
5022 749 : info.tcpi_state = __TCP_ESTABLISHED;
5023 749 : info.tcpi_rto = 200000; /* 200 msec */
5024 749 : info.tcpi_rtt = 5000; /* 5 msec */
5025 749 : info.tcpi_rttvar = 5000; /* 5 msec */
5026 : } else {
5027 0 : info.tcpi_state = __TCP_CLOSE;
5028 0 : info.tcpi_rto = 1000000; /* 1 sec */
5029 0 : info.tcpi_rtt = 0;
5030 0 : info.tcpi_rttvar = 250000; /* 250 msec */
5031 : }
5032 :
5033 749 : if (optval == NULL || optlen == NULL ||
5034 749 : *optlen < (socklen_t)ilen) {
5035 0 : errno = EINVAL;
5036 0 : ret = -1;
5037 0 : goto done;
5038 : }
5039 :
5040 749 : *optlen = ilen;
5041 749 : memcpy(optval, &info, ilen);
5042 :
5043 749 : ret = 0;
5044 749 : goto done;
5045 : }
5046 : #endif /* TCP_INFO */
5047 48 : default:
5048 48 : break;
5049 : }
5050 : }
5051 :
5052 64 : errno = ENOPROTOOPT;
5053 64 : ret = -1;
5054 :
5055 485329 : done:
5056 485329 : SWRAP_UNLOCK_SI(si);
5057 485329 : return ret;
5058 : }
5059 :
5060 : #ifdef HAVE_ACCEPT_PSOCKLEN_T
5061 : int getsockopt(int s, int level, int optname, void *optval, Psocklen_t optlen)
5062 : #else
5063 : int getsockopt(int s, int level, int optname, void *optval, socklen_t *optlen)
5064 : #endif
5065 : {
5066 490219 : return swrap_getsockopt(s, level, optname, optval, (socklen_t *)optlen);
5067 : }
5068 :
5069 : /****************************************************************************
5070 : * SETSOCKOPT
5071 : ***************************************************************************/
5072 :
5073 134345 : static int swrap_setsockopt(int s, int level, int optname,
5074 : const void *optval, socklen_t optlen)
5075 : {
5076 134345 : struct socket_info *si = find_socket_info(s);
5077 2878 : int ret;
5078 :
5079 134344 : if (!si) {
5080 283 : return libc_setsockopt(s,
5081 : level,
5082 : optname,
5083 : optval,
5084 : optlen);
5085 : }
5086 :
5087 134062 : if (level == SOL_SOCKET) {
5088 63178 : return libc_setsockopt(s,
5089 : level,
5090 : optname,
5091 : optval,
5092 : optlen);
5093 : }
5094 :
5095 70884 : SWRAP_LOCK_SI(si);
5096 :
5097 70884 : if (level == IPPROTO_TCP) {
5098 69086 : switch (optname) {
5099 : #ifdef TCP_NODELAY
5100 69006 : case TCP_NODELAY: {
5101 1778 : int i;
5102 :
5103 : /*
5104 : * This enables sending packets directly out over TCP.
5105 : * A unix socket is doing that any way.
5106 : */
5107 69006 : if (optval == NULL || optlen == 0 ||
5108 : optlen < (socklen_t)sizeof(int)) {
5109 0 : errno = EINVAL;
5110 0 : ret = -1;
5111 0 : goto done;
5112 : }
5113 :
5114 69006 : i = *discard_const_p(int, optval);
5115 69006 : if (i != 0 && i != 1) {
5116 0 : errno = EINVAL;
5117 0 : ret = -1;
5118 0 : goto done;
5119 : }
5120 69006 : si->tcp_nodelay = i;
5121 :
5122 69006 : ret = 0;
5123 69006 : goto done;
5124 : }
5125 : #endif /* TCP_NODELAY */
5126 80 : default:
5127 80 : break;
5128 : }
5129 : }
5130 :
5131 1878 : switch (si->family) {
5132 121 : case AF_INET:
5133 121 : if (level == IPPROTO_IP) {
5134 : #ifdef IP_PKTINFO
5135 41 : if (optname == IP_PKTINFO) {
5136 0 : si->pktinfo = AF_INET;
5137 : }
5138 : #endif /* IP_PKTINFO */
5139 : }
5140 121 : ret = 0;
5141 121 : goto done;
5142 : #ifdef HAVE_IPV6
5143 1757 : case AF_INET6:
5144 1757 : if (level == IPPROTO_IPV6) {
5145 : #ifdef IPV6_RECVPKTINFO
5146 1757 : if (optname == IPV6_RECVPKTINFO) {
5147 0 : si->pktinfo = AF_INET6;
5148 : }
5149 : #endif /* IPV6_PKTINFO */
5150 : }
5151 1757 : ret = 0;
5152 1757 : goto done;
5153 : #endif
5154 0 : default:
5155 0 : errno = ENOPROTOOPT;
5156 0 : ret = -1;
5157 0 : goto done;
5158 : }
5159 :
5160 70884 : done:
5161 70884 : SWRAP_UNLOCK_SI(si);
5162 70884 : return ret;
5163 : }
5164 :
5165 : int setsockopt(int s, int level, int optname,
5166 : const void *optval, socklen_t optlen)
5167 : {
5168 134345 : return swrap_setsockopt(s, level, optname, optval, optlen);
5169 : }
5170 :
5171 : /****************************************************************************
5172 : * IOCTL
5173 : ***************************************************************************/
5174 :
5175 2971036 : static int swrap_vioctl(int s, unsigned long int r, va_list va)
5176 : {
5177 2971036 : struct socket_info *si = find_socket_info(s);
5178 40527 : va_list ap;
5179 2971036 : int *value_ptr = NULL;
5180 40527 : int rc;
5181 :
5182 2968627 : if (!si) {
5183 667848 : return libc_vioctl(s, r, va);
5184 : }
5185 :
5186 2305597 : SWRAP_LOCK_SI(si);
5187 :
5188 2305597 : va_copy(ap, va);
5189 :
5190 2305597 : rc = libc_vioctl(s, r, va);
5191 :
5192 2305597 : switch (r) {
5193 157517 : case FIONREAD:
5194 157517 : if (rc == 0) {
5195 157517 : value_ptr = ((int *)va_arg(ap, int *));
5196 : }
5197 :
5198 157517 : if (rc == -1 && errno != EAGAIN && errno != ENOBUFS) {
5199 0 : swrap_pcap_dump_packet(si, NULL, SWRAP_PENDING_RST, NULL, 0);
5200 157517 : } else if (value_ptr != NULL && *value_ptr == 0) { /* END OF FILE */
5201 6182 : swrap_pcap_dump_packet(si, NULL, SWRAP_PENDING_RST, NULL, 0);
5202 : }
5203 151406 : break;
5204 : #ifdef FIONWRITE
5205 : case FIONWRITE:
5206 : /* this is FreeBSD */
5207 : FALL_THROUGH; /* to TIOCOUTQ */
5208 : #endif /* FIONWRITE */
5209 876 : case TIOCOUTQ: /* same as SIOCOUTQ on Linux */
5210 : /*
5211 : * This may return more bytes then the application
5212 : * sent into the socket, for tcp it should
5213 : * return the number of unacked bytes.
5214 : *
5215 : * On AF_UNIX, all bytes are immediately acked!
5216 : */
5217 876 : if (rc == 0) {
5218 876 : value_ptr = ((int *)va_arg(ap, int *));
5219 876 : *value_ptr = 0;
5220 : }
5221 876 : break;
5222 : }
5223 :
5224 2305597 : va_end(ap);
5225 :
5226 2305597 : SWRAP_UNLOCK_SI(si);
5227 2305597 : return rc;
5228 : }
5229 :
5230 : #ifdef HAVE_IOCTL_INT
5231 : int ioctl(int s, int r, ...)
5232 : #else
5233 : int ioctl(int s, unsigned long int r, ...)
5234 : #endif
5235 : {
5236 42936 : va_list va;
5237 42936 : int rc;
5238 :
5239 2971036 : va_start(va, r);
5240 :
5241 2971036 : rc = swrap_vioctl(s, (unsigned long int) r, va);
5242 :
5243 2971036 : va_end(va);
5244 :
5245 2971036 : return rc;
5246 : }
5247 :
5248 : /*****************
5249 : * CMSG
5250 : *****************/
5251 :
5252 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
5253 :
5254 : #ifndef CMSG_ALIGN
5255 : # ifdef _ALIGN /* BSD */
5256 : #define CMSG_ALIGN _ALIGN
5257 : # else
5258 : #define CMSG_ALIGN(len) (((len) + sizeof(size_t) - 1) & ~(sizeof(size_t) - 1))
5259 : # endif /* _ALIGN */
5260 : #endif /* CMSG_ALIGN */
5261 :
5262 : /**
5263 : * @brief Add a cmsghdr to a msghdr.
5264 : *
5265 : * This is an function to add any type of cmsghdr. It will operate on the
5266 : * msg->msg_control and msg->msg_controllen you pass in by adapting them to
5267 : * the buffer position after the added cmsg element. Hence, this function is
5268 : * intended to be used with an intermediate msghdr and not on the original
5269 : * one handed in by the client.
5270 : *
5271 : * @param[in] msg The msghdr to which to add the cmsg.
5272 : *
5273 : * @param[in] level The cmsg level to set.
5274 : *
5275 : * @param[in] type The cmsg type to set.
5276 : *
5277 : * @param[in] data The cmsg data to set.
5278 : *
5279 : * @param[in] len the length of the data to set.
5280 : */
5281 0 : static void swrap_msghdr_add_cmsghdr(struct msghdr *msg,
5282 : int level,
5283 : int type,
5284 : const void *data,
5285 : size_t len)
5286 0 : {
5287 0 : size_t cmlen = CMSG_LEN(len);
5288 0 : size_t cmspace = CMSG_SPACE(len);
5289 0 : uint8_t cmbuf[cmspace];
5290 0 : void *cast_ptr = (void *)cmbuf;
5291 0 : struct cmsghdr *cm = (struct cmsghdr *)cast_ptr;
5292 0 : uint8_t *p;
5293 :
5294 0 : memset(cmbuf, 0, cmspace);
5295 :
5296 0 : if (msg->msg_controllen < cmlen) {
5297 0 : cmlen = msg->msg_controllen;
5298 0 : msg->msg_flags |= MSG_CTRUNC;
5299 : }
5300 :
5301 0 : if (msg->msg_controllen < cmspace) {
5302 0 : cmspace = msg->msg_controllen;
5303 : }
5304 :
5305 : /*
5306 : * We copy the full input data into an intermediate cmsghdr first
5307 : * in order to more easily cope with truncation.
5308 : */
5309 0 : cm->cmsg_len = cmlen;
5310 0 : cm->cmsg_level = level;
5311 0 : cm->cmsg_type = type;
5312 0 : memcpy(CMSG_DATA(cm), data, len);
5313 :
5314 : /*
5315 : * We now copy the possibly truncated buffer.
5316 : * We copy cmlen bytes, but consume cmspace bytes,
5317 : * leaving the possible padding uninitialiazed.
5318 : */
5319 0 : p = (uint8_t *)msg->msg_control;
5320 0 : memcpy(p, cm, cmlen);
5321 0 : p += cmspace;
5322 0 : msg->msg_control = p;
5323 0 : msg->msg_controllen -= cmspace;
5324 :
5325 0 : return;
5326 : }
5327 :
5328 0 : static int swrap_msghdr_add_pktinfo(struct socket_info *si,
5329 : struct msghdr *msg)
5330 : {
5331 : /* Add packet info */
5332 0 : switch (si->pktinfo) {
5333 : #if defined(IP_PKTINFO) && (defined(HAVE_STRUCT_IN_PKTINFO) || defined(IP_RECVDSTADDR))
5334 0 : case AF_INET: {
5335 0 : struct sockaddr_in *sin;
5336 : #if defined(HAVE_STRUCT_IN_PKTINFO)
5337 0 : struct in_pktinfo pkt;
5338 : #elif defined(IP_RECVDSTADDR)
5339 : struct in_addr pkt;
5340 : #endif
5341 :
5342 0 : if (si->bindname.sa_socklen == sizeof(struct sockaddr_in)) {
5343 0 : sin = &si->bindname.sa.in;
5344 : } else {
5345 0 : if (si->myname.sa_socklen != sizeof(struct sockaddr_in)) {
5346 0 : return 0;
5347 : }
5348 0 : sin = &si->myname.sa.in;
5349 : }
5350 :
5351 0 : ZERO_STRUCT(pkt);
5352 :
5353 : #if defined(HAVE_STRUCT_IN_PKTINFO)
5354 0 : pkt.ipi_ifindex = socket_wrapper_default_iface();
5355 0 : pkt.ipi_addr.s_addr = sin->sin_addr.s_addr;
5356 : #elif defined(IP_RECVDSTADDR)
5357 : pkt = sin->sin_addr;
5358 : #endif
5359 :
5360 0 : swrap_msghdr_add_cmsghdr(msg, IPPROTO_IP, IP_PKTINFO,
5361 : &pkt, sizeof(pkt));
5362 :
5363 0 : break;
5364 : }
5365 : #endif /* IP_PKTINFO */
5366 : #if defined(HAVE_IPV6)
5367 0 : case AF_INET6: {
5368 : #if defined(IPV6_PKTINFO) && defined(HAVE_STRUCT_IN6_PKTINFO)
5369 0 : struct sockaddr_in6 *sin6;
5370 0 : struct in6_pktinfo pkt6;
5371 :
5372 0 : if (si->bindname.sa_socklen == sizeof(struct sockaddr_in6)) {
5373 0 : sin6 = &si->bindname.sa.in6;
5374 : } else {
5375 0 : if (si->myname.sa_socklen != sizeof(struct sockaddr_in6)) {
5376 0 : return 0;
5377 : }
5378 0 : sin6 = &si->myname.sa.in6;
5379 : }
5380 :
5381 0 : ZERO_STRUCT(pkt6);
5382 :
5383 0 : pkt6.ipi6_ifindex = socket_wrapper_default_iface();
5384 0 : pkt6.ipi6_addr = sin6->sin6_addr;
5385 :
5386 0 : swrap_msghdr_add_cmsghdr(msg, IPPROTO_IPV6, IPV6_PKTINFO,
5387 : &pkt6, sizeof(pkt6));
5388 : #endif /* HAVE_STRUCT_IN6_PKTINFO */
5389 :
5390 0 : break;
5391 : }
5392 : #endif /* IPV6_PKTINFO */
5393 0 : default:
5394 0 : return -1;
5395 : }
5396 :
5397 0 : return 0;
5398 : }
5399 :
5400 0 : static int swrap_msghdr_add_socket_info(struct socket_info *si,
5401 : struct msghdr *omsg)
5402 : {
5403 0 : int rc = 0;
5404 :
5405 0 : if (si->pktinfo > 0) {
5406 0 : rc = swrap_msghdr_add_pktinfo(si, omsg);
5407 : }
5408 :
5409 0 : return rc;
5410 : }
5411 :
5412 : static int swrap_sendmsg_copy_cmsg(const struct cmsghdr *cmsg,
5413 : uint8_t **cm_data,
5414 : size_t *cm_data_space);
5415 : static int swrap_sendmsg_filter_cmsg_ipproto_ip(const struct cmsghdr *cmsg,
5416 : uint8_t **cm_data,
5417 : size_t *cm_data_space);
5418 : static int swrap_sendmsg_filter_cmsg_sol_socket(const struct cmsghdr *cmsg,
5419 : uint8_t **cm_data,
5420 : size_t *cm_data_space);
5421 :
5422 0 : static int swrap_sendmsg_filter_cmsghdr(const struct msghdr *_msg,
5423 : uint8_t **cm_data,
5424 : size_t *cm_data_space)
5425 : {
5426 0 : struct msghdr *msg = discard_const_p(struct msghdr, _msg);
5427 0 : struct cmsghdr *cmsg;
5428 0 : int rc = -1;
5429 :
5430 : /* Nothing to do */
5431 0 : if (msg->msg_controllen == 0 || msg->msg_control == NULL) {
5432 0 : return 0;
5433 : }
5434 :
5435 0 : for (cmsg = CMSG_FIRSTHDR(msg);
5436 0 : cmsg != NULL;
5437 0 : cmsg = CMSG_NXTHDR(msg, cmsg)) {
5438 0 : switch (cmsg->cmsg_level) {
5439 0 : case IPPROTO_IP:
5440 0 : rc = swrap_sendmsg_filter_cmsg_ipproto_ip(cmsg,
5441 : cm_data,
5442 : cm_data_space);
5443 0 : break;
5444 0 : case SOL_SOCKET:
5445 0 : rc = swrap_sendmsg_filter_cmsg_sol_socket(cmsg,
5446 : cm_data,
5447 : cm_data_space);
5448 0 : break;
5449 0 : default:
5450 0 : rc = swrap_sendmsg_copy_cmsg(cmsg,
5451 : cm_data,
5452 : cm_data_space);
5453 0 : break;
5454 : }
5455 0 : if (rc < 0) {
5456 0 : int saved_errno = errno;
5457 0 : SAFE_FREE(*cm_data);
5458 0 : *cm_data_space = 0;
5459 0 : errno = saved_errno;
5460 0 : return rc;
5461 : }
5462 : }
5463 :
5464 0 : return rc;
5465 : }
5466 :
5467 0 : static int swrap_sendmsg_copy_cmsg(const struct cmsghdr *cmsg,
5468 : uint8_t **cm_data,
5469 : size_t *cm_data_space)
5470 : {
5471 0 : size_t cmspace;
5472 0 : uint8_t *p;
5473 :
5474 0 : cmspace = *cm_data_space + CMSG_ALIGN(cmsg->cmsg_len);
5475 :
5476 0 : p = realloc((*cm_data), cmspace);
5477 0 : if (p == NULL) {
5478 0 : return -1;
5479 : }
5480 0 : (*cm_data) = p;
5481 :
5482 0 : p = (*cm_data) + (*cm_data_space);
5483 0 : *cm_data_space = cmspace;
5484 :
5485 0 : memcpy(p, cmsg, cmsg->cmsg_len);
5486 :
5487 0 : return 0;
5488 : }
5489 :
5490 : static int swrap_sendmsg_filter_cmsg_pktinfo(const struct cmsghdr *cmsg,
5491 : uint8_t **cm_data,
5492 : size_t *cm_data_space);
5493 :
5494 :
5495 0 : static int swrap_sendmsg_filter_cmsg_ipproto_ip(const struct cmsghdr *cmsg,
5496 : uint8_t **cm_data,
5497 : size_t *cm_data_space)
5498 : {
5499 0 : int rc = -1;
5500 :
5501 0 : switch(cmsg->cmsg_type) {
5502 : #ifdef IP_PKTINFO
5503 0 : case IP_PKTINFO:
5504 0 : rc = swrap_sendmsg_filter_cmsg_pktinfo(cmsg,
5505 : cm_data,
5506 : cm_data_space);
5507 0 : break;
5508 : #endif
5509 : #ifdef IPV6_PKTINFO
5510 0 : case IPV6_PKTINFO:
5511 0 : rc = swrap_sendmsg_filter_cmsg_pktinfo(cmsg,
5512 : cm_data,
5513 : cm_data_space);
5514 0 : break;
5515 : #endif
5516 0 : default:
5517 0 : break;
5518 : }
5519 :
5520 0 : return rc;
5521 : }
5522 :
5523 0 : static int swrap_sendmsg_filter_cmsg_pktinfo(const struct cmsghdr *cmsg,
5524 : uint8_t **cm_data,
5525 : size_t *cm_data_space)
5526 : {
5527 : (void)cmsg; /* unused */
5528 : (void)cm_data; /* unused */
5529 : (void)cm_data_space; /* unused */
5530 :
5531 : /*
5532 : * Passing a IP pktinfo to a unix socket might be rejected by the
5533 : * Kernel, at least on FreeBSD. So skip this cmsg.
5534 : */
5535 0 : return 0;
5536 : }
5537 :
5538 0 : static int swrap_sendmsg_filter_cmsg_sol_socket(const struct cmsghdr *cmsg,
5539 : uint8_t **cm_data,
5540 : size_t *cm_data_space)
5541 : {
5542 0 : int rc = -1;
5543 :
5544 0 : switch (cmsg->cmsg_type) {
5545 0 : case SCM_RIGHTS:
5546 0 : SWRAP_LOG(SWRAP_LOG_TRACE,
5547 : "Ignoring SCM_RIGHTS on inet socket!");
5548 0 : rc = 0;
5549 0 : break;
5550 : #ifdef SCM_CREDENTIALS
5551 0 : case SCM_CREDENTIALS:
5552 0 : SWRAP_LOG(SWRAP_LOG_TRACE,
5553 : "Ignoring SCM_CREDENTIALS on inet socket!");
5554 0 : rc = 0;
5555 0 : break;
5556 : #endif /* SCM_CREDENTIALS */
5557 0 : default:
5558 0 : rc = swrap_sendmsg_copy_cmsg(cmsg,
5559 : cm_data,
5560 : cm_data_space);
5561 0 : break;
5562 : }
5563 :
5564 0 : return rc;
5565 : }
5566 :
5567 : static const uint64_t swrap_unix_scm_right_magic = 0x8e0e13f27c42fc36;
5568 :
5569 : /*
5570 : * We only allow up to 6 fds at a time
5571 : * as that's more than enough for Samba
5572 : * and it means we can keep the logic simple
5573 : * and work with fixed size arrays.
5574 : *
5575 : * We also keep sizeof(struct swrap_unix_scm_rights)
5576 : * under PIPE_BUF (4096) in order to allow a non-blocking
5577 : * write into the pipe.
5578 : */
5579 : #ifndef PIPE_BUF
5580 : #define PIPE_BUF 4096
5581 : #endif
5582 : #define SWRAP_MAX_PASSED_FDS ((size_t)6)
5583 : #define SWRAP_MAX_PASSED_SOCKET_INFO SWRAP_MAX_PASSED_FDS
5584 : struct swrap_unix_scm_rights_payload {
5585 : uint8_t num_idxs;
5586 : int8_t idxs[SWRAP_MAX_PASSED_FDS];
5587 : struct socket_info infos[SWRAP_MAX_PASSED_SOCKET_INFO];
5588 : };
5589 : struct swrap_unix_scm_rights {
5590 : uint64_t magic;
5591 : char package_name[sizeof(SOCKET_WRAPPER_PACKAGE)];
5592 : char package_version[sizeof(SOCKET_WRAPPER_VERSION)];
5593 : uint32_t full_size;
5594 : uint32_t payload_size;
5595 : struct swrap_unix_scm_rights_payload payload;
5596 : };
5597 :
5598 0 : static void swrap_dec_fd_passed_array(size_t num, struct socket_info **array)
5599 : {
5600 0 : int saved_errno = errno;
5601 0 : size_t i;
5602 :
5603 0 : for (i = 0; i < num; i++) {
5604 0 : struct socket_info *si = array[i];
5605 0 : if (si == NULL) {
5606 0 : continue;
5607 : }
5608 :
5609 0 : SWRAP_LOCK_SI(si);
5610 0 : swrap_dec_refcount(si);
5611 0 : if (si->fd_passed > 0) {
5612 0 : si->fd_passed -= 1;
5613 : }
5614 0 : SWRAP_UNLOCK_SI(si);
5615 0 : array[i] = NULL;
5616 : }
5617 :
5618 0 : errno = saved_errno;
5619 0 : }
5620 :
5621 0 : static void swrap_undo_si_idx_array(size_t num, int *array)
5622 : {
5623 0 : int saved_errno = errno;
5624 0 : size_t i;
5625 :
5626 0 : swrap_mutex_lock(&first_free_mutex);
5627 :
5628 0 : for (i = 0; i < num; i++) {
5629 0 : struct socket_info *si = NULL;
5630 :
5631 0 : if (array[i] == -1) {
5632 0 : continue;
5633 : }
5634 :
5635 0 : si = swrap_get_socket_info(array[i]);
5636 0 : if (si == NULL) {
5637 0 : continue;
5638 : }
5639 :
5640 0 : SWRAP_LOCK_SI(si);
5641 0 : swrap_dec_refcount(si);
5642 0 : SWRAP_UNLOCK_SI(si);
5643 :
5644 0 : swrap_set_next_free(si, first_free);
5645 0 : first_free = array[i];
5646 0 : array[i] = -1;
5647 : }
5648 :
5649 0 : swrap_mutex_unlock(&first_free_mutex);
5650 0 : errno = saved_errno;
5651 0 : }
5652 :
5653 0 : static void swrap_close_fd_array(size_t num, const int *array)
5654 : {
5655 0 : int saved_errno = errno;
5656 0 : size_t i;
5657 :
5658 0 : for (i = 0; i < num; i++) {
5659 0 : if (array[i] == -1) {
5660 0 : continue;
5661 : }
5662 0 : libc_close(array[i]);
5663 : }
5664 :
5665 0 : errno = saved_errno;
5666 0 : }
5667 :
5668 : union __swrap_fds {
5669 : const uint8_t *p;
5670 : int *fds;
5671 : };
5672 :
5673 : union __swrap_cmsghdr {
5674 : const uint8_t *p;
5675 : struct cmsghdr *cmsg;
5676 : };
5677 :
5678 70295 : static int swrap_sendmsg_unix_scm_rights(struct cmsghdr *cmsg,
5679 : uint8_t **cm_data,
5680 : size_t *cm_data_space,
5681 : int *scm_rights_pipe_fd)
5682 : {
5683 55 : struct swrap_unix_scm_rights info;
5684 70295 : struct swrap_unix_scm_rights_payload *payload = NULL;
5685 55 : int si_idx_array[SWRAP_MAX_PASSED_FDS];
5686 70295 : struct socket_info *si_array[SWRAP_MAX_PASSED_FDS] = { NULL, };
5687 70295 : size_t info_idx = 0;
5688 55 : size_t size_fds_in;
5689 55 : size_t num_fds_in;
5690 70295 : union __swrap_fds __fds_in = { .p = NULL, };
5691 70295 : const int *fds_in = NULL;
5692 55 : size_t num_fds_out;
5693 55 : size_t size_fds_out;
5694 70295 : union __swrap_fds __fds_out = { .p = NULL, };
5695 70295 : int *fds_out = NULL;
5696 55 : size_t cmsg_len;
5697 55 : size_t cmsg_space;
5698 55 : size_t new_cm_data_space;
5699 70295 : union __swrap_cmsghdr __new_cmsg = { .p = NULL, };
5700 70295 : struct cmsghdr *new_cmsg = NULL;
5701 70295 : uint8_t *p = NULL;
5702 55 : size_t i;
5703 70295 : int pipefd[2] = { -1, -1 };
5704 55 : int rc;
5705 55 : ssize_t sret;
5706 :
5707 : /*
5708 : * We pass this a buffer to the kernel make sure any padding
5709 : * is also cleared.
5710 : */
5711 70295 : ZERO_STRUCT(info);
5712 70295 : info.magic = swrap_unix_scm_right_magic;
5713 70295 : memcpy(info.package_name,
5714 : SOCKET_WRAPPER_PACKAGE,
5715 : sizeof(info.package_name));
5716 70295 : memcpy(info.package_version,
5717 : SOCKET_WRAPPER_VERSION,
5718 : sizeof(info.package_version));
5719 70295 : info.full_size = sizeof(info);
5720 70295 : info.payload_size = sizeof(info.payload);
5721 70295 : payload = &info.payload;
5722 :
5723 70295 : if (*scm_rights_pipe_fd != -1) {
5724 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
5725 : "Two SCM_RIGHTS headers are not supported by socket_wrapper");
5726 0 : errno = EINVAL;
5727 0 : return -1;
5728 : }
5729 :
5730 70295 : if (cmsg->cmsg_len < CMSG_LEN(0)) {
5731 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
5732 : "cmsg->cmsg_len=%zu < CMSG_LEN(0)=%zu",
5733 : (size_t)cmsg->cmsg_len,
5734 : CMSG_LEN(0));
5735 0 : errno = EINVAL;
5736 0 : return -1;
5737 : }
5738 70295 : size_fds_in = cmsg->cmsg_len - CMSG_LEN(0);
5739 70295 : if ((size_fds_in % sizeof(int)) != 0) {
5740 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
5741 : "cmsg->cmsg_len=%zu => (size_fds_in=%zu %% sizeof(int)=%zu) != 0",
5742 : (size_t)cmsg->cmsg_len,
5743 : size_fds_in,
5744 : sizeof(int));
5745 0 : errno = EINVAL;
5746 0 : return -1;
5747 : }
5748 70295 : num_fds_in = size_fds_in / sizeof(int);
5749 70295 : if (num_fds_in > SWRAP_MAX_PASSED_FDS) {
5750 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
5751 : "cmsg->cmsg_len=%zu,size_fds_in=%zu => "
5752 : "num_fds_in=%zu > "
5753 : "SWRAP_MAX_PASSED_FDS(%zu)",
5754 : (size_t)cmsg->cmsg_len,
5755 : size_fds_in,
5756 : num_fds_in,
5757 : SWRAP_MAX_PASSED_FDS);
5758 0 : errno = EINVAL;
5759 0 : return -1;
5760 : }
5761 70295 : if (num_fds_in == 0) {
5762 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
5763 : "cmsg->cmsg_len=%zu,size_fds_in=%zu => "
5764 : "num_fds_in=%zu",
5765 : (size_t)cmsg->cmsg_len,
5766 : size_fds_in,
5767 : num_fds_in);
5768 0 : errno = EINVAL;
5769 0 : return -1;
5770 : }
5771 70295 : __fds_in.p = CMSG_DATA(cmsg);
5772 70295 : fds_in = __fds_in.fds;
5773 70295 : num_fds_out = num_fds_in + 1;
5774 :
5775 70295 : SWRAP_LOG(SWRAP_LOG_TRACE,
5776 : "num_fds_in=%zu num_fds_out=%zu",
5777 : num_fds_in, num_fds_out);
5778 :
5779 70295 : size_fds_out = sizeof(int) * num_fds_out;
5780 70295 : cmsg_len = CMSG_LEN(size_fds_out);
5781 70295 : cmsg_space = CMSG_SPACE(size_fds_out);
5782 :
5783 70295 : new_cm_data_space = *cm_data_space + cmsg_space;
5784 :
5785 70295 : p = realloc((*cm_data), new_cm_data_space);
5786 70295 : if (p == NULL) {
5787 0 : return -1;
5788 : }
5789 70295 : (*cm_data) = p;
5790 70295 : p = (*cm_data) + (*cm_data_space);
5791 70295 : memset(p, 0, cmsg_space);
5792 70295 : __new_cmsg.p = p;
5793 70295 : new_cmsg = __new_cmsg.cmsg;
5794 70295 : *new_cmsg = *cmsg;
5795 70295 : __fds_out.p = CMSG_DATA(new_cmsg);
5796 70295 : fds_out = __fds_out.fds;
5797 70295 : memcpy(fds_out, fds_in, size_fds_in);
5798 70295 : new_cmsg->cmsg_len = cmsg->cmsg_len;
5799 :
5800 140593 : for (i = 0; i < num_fds_in; i++) {
5801 58 : size_t j;
5802 :
5803 70298 : payload->idxs[i] = -1;
5804 70298 : payload->num_idxs++;
5805 :
5806 70298 : si_idx_array[i] = find_socket_info_index(fds_in[i]);
5807 70298 : if (si_idx_array[i] == -1) {
5808 68318 : continue;
5809 : }
5810 :
5811 1980 : si_array[i] = swrap_get_socket_info(si_idx_array[i]);
5812 1980 : if (si_array[i] == NULL) {
5813 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
5814 : "fds_in[%zu]=%d si_idx_array[%zu]=%d missing!",
5815 : i, fds_in[i], i, si_idx_array[i]);
5816 0 : errno = EINVAL;
5817 0 : return -1;
5818 : }
5819 :
5820 1980 : for (j = 0; j < i; j++) {
5821 0 : if (si_array[j] == si_array[i]) {
5822 0 : payload->idxs[i] = payload->idxs[j];
5823 0 : break;
5824 : }
5825 : }
5826 1980 : if (payload->idxs[i] == -1) {
5827 1980 : if (info_idx >= SWRAP_MAX_PASSED_SOCKET_INFO) {
5828 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
5829 : "fds_in[%zu]=%d,si_idx_array[%zu]=%d: "
5830 : "info_idx=%zu >= SWRAP_MAX_PASSED_FDS(%zu)!",
5831 : i, fds_in[i], i, si_idx_array[i],
5832 : info_idx,
5833 : SWRAP_MAX_PASSED_SOCKET_INFO);
5834 0 : errno = EINVAL;
5835 0 : return -1;
5836 : }
5837 1980 : payload->idxs[i] = info_idx;
5838 1980 : info_idx += 1;
5839 1980 : continue;
5840 : }
5841 : }
5842 :
5843 140593 : for (i = 0; i < num_fds_in; i++) {
5844 70298 : struct socket_info *si = si_array[i];
5845 :
5846 70298 : if (si == NULL) {
5847 68318 : SWRAP_LOG(SWRAP_LOG_TRACE,
5848 : "fds_in[%zu]=%d not an inet socket",
5849 : i, fds_in[i]);
5850 68318 : continue;
5851 : }
5852 :
5853 1980 : SWRAP_LOG(SWRAP_LOG_TRACE,
5854 : "fds_in[%zu]=%d si_idx_array[%zu]=%d "
5855 : "passing as info.idxs[%zu]=%d!",
5856 : i, fds_in[i],
5857 : i, si_idx_array[i],
5858 : i, payload->idxs[i]);
5859 :
5860 1980 : SWRAP_LOCK_SI(si);
5861 1980 : si->fd_passed += 1;
5862 1980 : payload->infos[payload->idxs[i]] = *si;
5863 1980 : payload->infos[payload->idxs[i]].fd_passed = 0;
5864 1986 : SWRAP_UNLOCK_SI(si);
5865 : }
5866 :
5867 70295 : rc = pipe(pipefd);
5868 70295 : if (rc == -1) {
5869 0 : int saved_errno = errno;
5870 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
5871 : "pipe() failed - %d %s",
5872 : saved_errno,
5873 : strerror(saved_errno));
5874 0 : swrap_dec_fd_passed_array(num_fds_in, si_array);
5875 0 : errno = saved_errno;
5876 0 : return -1;
5877 : }
5878 :
5879 70295 : sret = libc_write(pipefd[1], &info, sizeof(info));
5880 70295 : if (sret != sizeof(info)) {
5881 0 : int saved_errno = errno;
5882 0 : if (sret != -1) {
5883 0 : saved_errno = EINVAL;
5884 : }
5885 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
5886 : "write() failed - sret=%zd - %d %s",
5887 : sret, saved_errno,
5888 : strerror(saved_errno));
5889 0 : swrap_dec_fd_passed_array(num_fds_in, si_array);
5890 0 : libc_close(pipefd[1]);
5891 0 : libc_close(pipefd[0]);
5892 0 : errno = saved_errno;
5893 0 : return -1;
5894 : }
5895 70295 : libc_close(pipefd[1]);
5896 :
5897 : /*
5898 : * Add the pipe read end to the end of the passed fd array
5899 : */
5900 70295 : fds_out[num_fds_in] = pipefd[0];
5901 70295 : new_cmsg->cmsg_len = cmsg_len;
5902 :
5903 : /* we're done ... */
5904 70295 : *scm_rights_pipe_fd = pipefd[0];
5905 70295 : *cm_data_space = new_cm_data_space;
5906 :
5907 70295 : return 0;
5908 : }
5909 :
5910 70295 : static int swrap_sendmsg_unix_sol_socket(struct cmsghdr *cmsg,
5911 : uint8_t **cm_data,
5912 : size_t *cm_data_space,
5913 : int *scm_rights_pipe_fd)
5914 : {
5915 70295 : int rc = -1;
5916 :
5917 70295 : switch (cmsg->cmsg_type) {
5918 70295 : case SCM_RIGHTS:
5919 70295 : rc = swrap_sendmsg_unix_scm_rights(cmsg,
5920 : cm_data,
5921 : cm_data_space,
5922 : scm_rights_pipe_fd);
5923 70295 : break;
5924 0 : default:
5925 0 : rc = swrap_sendmsg_copy_cmsg(cmsg,
5926 : cm_data,
5927 : cm_data_space);
5928 0 : break;
5929 : }
5930 :
5931 70295 : return rc;
5932 : }
5933 :
5934 69588 : static int swrap_recvmsg_unix_scm_rights(struct cmsghdr *cmsg,
5935 : uint8_t **cm_data,
5936 : size_t *cm_data_space)
5937 : {
5938 69588 : int scm_rights_pipe_fd = -1;
5939 55 : struct swrap_unix_scm_rights info;
5940 69588 : struct swrap_unix_scm_rights_payload *payload = NULL;
5941 55 : int si_idx_array[SWRAP_MAX_PASSED_FDS];
5942 55 : size_t size_fds_in;
5943 55 : size_t num_fds_in;
5944 69588 : union __swrap_fds __fds_in = { .p = NULL, };
5945 69588 : const int *fds_in = NULL;
5946 55 : size_t num_fds_out;
5947 55 : size_t size_fds_out;
5948 69588 : union __swrap_fds __fds_out = { .p = NULL, };
5949 69588 : int *fds_out = NULL;
5950 55 : size_t cmsg_len;
5951 55 : size_t cmsg_space;
5952 55 : size_t new_cm_data_space;
5953 69588 : union __swrap_cmsghdr __new_cmsg = { .p = NULL, };
5954 69588 : struct cmsghdr *new_cmsg = NULL;
5955 69588 : uint8_t *p = NULL;
5956 55 : ssize_t sret;
5957 55 : size_t i;
5958 55 : int cmp;
5959 :
5960 69588 : if (cmsg->cmsg_len < CMSG_LEN(0)) {
5961 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
5962 : "cmsg->cmsg_len=%zu < CMSG_LEN(0)=%zu",
5963 : (size_t)cmsg->cmsg_len,
5964 : CMSG_LEN(0));
5965 0 : errno = EINVAL;
5966 0 : return -1;
5967 : }
5968 69588 : size_fds_in = cmsg->cmsg_len - CMSG_LEN(0);
5969 69588 : if ((size_fds_in % sizeof(int)) != 0) {
5970 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
5971 : "cmsg->cmsg_len=%zu => (size_fds_in=%zu %% sizeof(int)=%zu) != 0",
5972 : (size_t)cmsg->cmsg_len,
5973 : size_fds_in,
5974 : sizeof(int));
5975 0 : errno = EINVAL;
5976 0 : return -1;
5977 : }
5978 69588 : num_fds_in = size_fds_in / sizeof(int);
5979 69588 : if (num_fds_in > (SWRAP_MAX_PASSED_FDS + 1)) {
5980 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
5981 : "cmsg->cmsg_len=%zu,size_fds_in=%zu => "
5982 : "num_fds_in=%zu > SWRAP_MAX_PASSED_FDS+1(%zu)",
5983 : (size_t)cmsg->cmsg_len,
5984 : size_fds_in,
5985 : num_fds_in,
5986 : SWRAP_MAX_PASSED_FDS+1);
5987 0 : errno = EINVAL;
5988 0 : return -1;
5989 : }
5990 69588 : if (num_fds_in <= 1) {
5991 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
5992 : "cmsg->cmsg_len=%zu,size_fds_in=%zu => "
5993 : "num_fds_in=%zu",
5994 : (size_t)cmsg->cmsg_len,
5995 : size_fds_in,
5996 : num_fds_in);
5997 0 : errno = EINVAL;
5998 0 : return -1;
5999 : }
6000 69588 : __fds_in.p = CMSG_DATA(cmsg);
6001 69588 : fds_in = __fds_in.fds;
6002 69588 : num_fds_out = num_fds_in - 1;
6003 :
6004 69588 : SWRAP_LOG(SWRAP_LOG_TRACE,
6005 : "num_fds_in=%zu num_fds_out=%zu",
6006 : num_fds_in, num_fds_out);
6007 :
6008 208822 : for (i = 0; i < num_fds_in; i++) {
6009 : /* Check if we have a stale fd and remove it */
6010 139179 : swrap_remove_stale(fds_in[i]);
6011 : }
6012 :
6013 69588 : scm_rights_pipe_fd = fds_in[num_fds_out];
6014 69588 : size_fds_out = sizeof(int) * num_fds_out;
6015 69588 : cmsg_len = CMSG_LEN(size_fds_out);
6016 69588 : cmsg_space = CMSG_SPACE(size_fds_out);
6017 :
6018 69588 : new_cm_data_space = *cm_data_space + cmsg_space;
6019 :
6020 69588 : p = realloc((*cm_data), new_cm_data_space);
6021 69588 : if (p == NULL) {
6022 0 : swrap_close_fd_array(num_fds_in, fds_in);
6023 0 : return -1;
6024 : }
6025 69588 : (*cm_data) = p;
6026 69588 : p = (*cm_data) + (*cm_data_space);
6027 69588 : memset(p, 0, cmsg_space);
6028 69588 : __new_cmsg.p = p;
6029 69588 : new_cmsg = __new_cmsg.cmsg;
6030 69588 : *new_cmsg = *cmsg;
6031 69588 : __fds_out.p = CMSG_DATA(new_cmsg);
6032 69588 : fds_out = __fds_out.fds;
6033 69588 : memcpy(fds_out, fds_in, size_fds_out);
6034 69588 : new_cmsg->cmsg_len = cmsg_len;
6035 :
6036 69588 : sret = read(scm_rights_pipe_fd, &info, sizeof(info));
6037 69588 : if (sret != sizeof(info)) {
6038 0 : int saved_errno = errno;
6039 0 : if (sret != -1) {
6040 0 : saved_errno = EINVAL;
6041 : }
6042 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
6043 : "read() failed - sret=%zd - %d %s",
6044 : sret, saved_errno,
6045 : strerror(saved_errno));
6046 0 : swrap_close_fd_array(num_fds_in, fds_in);
6047 0 : errno = saved_errno;
6048 0 : return -1;
6049 : }
6050 69588 : libc_close(scm_rights_pipe_fd);
6051 69588 : payload = &info.payload;
6052 :
6053 69588 : if (info.magic != swrap_unix_scm_right_magic) {
6054 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
6055 : "info.magic=0x%llx != swrap_unix_scm_right_magic=0x%llx",
6056 : (unsigned long long)info.magic,
6057 : (unsigned long long)swrap_unix_scm_right_magic);
6058 0 : swrap_close_fd_array(num_fds_out, fds_out);
6059 0 : errno = EINVAL;
6060 0 : return -1;
6061 : }
6062 :
6063 69588 : cmp = memcmp(info.package_name,
6064 : SOCKET_WRAPPER_PACKAGE,
6065 : sizeof(info.package_name));
6066 69588 : if (cmp != 0) {
6067 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
6068 : "info.package_name='%.*s' != '%s'",
6069 : (int)sizeof(info.package_name),
6070 : info.package_name,
6071 : SOCKET_WRAPPER_PACKAGE);
6072 0 : swrap_close_fd_array(num_fds_out, fds_out);
6073 0 : errno = EINVAL;
6074 0 : return -1;
6075 : }
6076 :
6077 69588 : cmp = memcmp(info.package_version,
6078 : SOCKET_WRAPPER_VERSION,
6079 : sizeof(info.package_version));
6080 69588 : if (cmp != 0) {
6081 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
6082 : "info.package_version='%.*s' != '%s'",
6083 : (int)sizeof(info.package_version),
6084 : info.package_version,
6085 : SOCKET_WRAPPER_VERSION);
6086 0 : swrap_close_fd_array(num_fds_out, fds_out);
6087 0 : errno = EINVAL;
6088 0 : return -1;
6089 : }
6090 :
6091 69588 : if (info.full_size != sizeof(info)) {
6092 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
6093 : "info.full_size=%zu != sizeof(info)=%zu",
6094 : (size_t)info.full_size,
6095 : sizeof(info));
6096 0 : swrap_close_fd_array(num_fds_out, fds_out);
6097 0 : errno = EINVAL;
6098 0 : return -1;
6099 : }
6100 :
6101 69588 : if (info.payload_size != sizeof(info.payload)) {
6102 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
6103 : "info.payload_size=%zu != sizeof(info.payload)=%zu",
6104 : (size_t)info.payload_size,
6105 : sizeof(info.payload));
6106 0 : swrap_close_fd_array(num_fds_out, fds_out);
6107 0 : errno = EINVAL;
6108 0 : return -1;
6109 : }
6110 :
6111 69588 : if (payload->num_idxs != num_fds_out) {
6112 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
6113 : "info.num_idxs=%u != num_fds_out=%zu",
6114 : payload->num_idxs, num_fds_out);
6115 0 : swrap_close_fd_array(num_fds_out, fds_out);
6116 0 : errno = EINVAL;
6117 0 : return -1;
6118 : }
6119 :
6120 139179 : for (i = 0; i < num_fds_out; i++) {
6121 58 : size_t j;
6122 :
6123 69591 : si_idx_array[i] = -1;
6124 :
6125 69591 : if (payload->idxs[i] == -1) {
6126 67738 : SWRAP_LOG(SWRAP_LOG_TRACE,
6127 : "fds_out[%zu]=%d not an inet socket",
6128 : i, fds_out[i]);
6129 67738 : continue;
6130 : }
6131 :
6132 1853 : if (payload->idxs[i] < 0) {
6133 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
6134 : "fds_out[%zu]=%d info.idxs[%zu]=%d < 0!",
6135 : i, fds_out[i], i, payload->idxs[i]);
6136 0 : swrap_close_fd_array(num_fds_out, fds_out);
6137 0 : errno = EINVAL;
6138 0 : return -1;
6139 : }
6140 :
6141 1853 : if (payload->idxs[i] >= payload->num_idxs) {
6142 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
6143 : "fds_out[%zu]=%d info.idxs[%zu]=%d >= %u!",
6144 : i, fds_out[i], i, payload->idxs[i],
6145 : payload->num_idxs);
6146 0 : swrap_close_fd_array(num_fds_out, fds_out);
6147 0 : errno = EINVAL;
6148 0 : return -1;
6149 : }
6150 :
6151 1853 : if ((size_t)fds_out[i] >= socket_fds_max) {
6152 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
6153 : "The max socket index limit of %zu has been reached, "
6154 : "trying to add %d",
6155 : socket_fds_max,
6156 : fds_out[i]);
6157 0 : swrap_close_fd_array(num_fds_out, fds_out);
6158 0 : errno = EMFILE;
6159 0 : return -1;
6160 : }
6161 :
6162 1853 : SWRAP_LOG(SWRAP_LOG_TRACE,
6163 : "fds_in[%zu]=%d "
6164 : "received as info.idxs[%zu]=%d!",
6165 : i, fds_out[i],
6166 : i, payload->idxs[i]);
6167 :
6168 1905 : for (j = 0; j < i; j++) {
6169 0 : if (payload->idxs[j] == -1) {
6170 0 : continue;
6171 : }
6172 0 : if (payload->idxs[j] == payload->idxs[i]) {
6173 0 : si_idx_array[i] = si_idx_array[j];
6174 : }
6175 : }
6176 1853 : if (si_idx_array[i] == -1) {
6177 1853 : const struct socket_info *si = &payload->infos[payload->idxs[i]];
6178 :
6179 1853 : si_idx_array[i] = swrap_add_socket_info(si);
6180 1853 : if (si_idx_array[i] == -1) {
6181 0 : int saved_errno = errno;
6182 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
6183 : "The max socket index limit of %zu has been reached, "
6184 : "trying to add %d",
6185 : socket_fds_max,
6186 : fds_out[i]);
6187 0 : swrap_undo_si_idx_array(i, si_idx_array);
6188 0 : swrap_close_fd_array(num_fds_out, fds_out);
6189 0 : errno = saved_errno;
6190 0 : return -1;
6191 : }
6192 1905 : SWRAP_LOG(SWRAP_LOG_TRACE,
6193 : "Imported %s socket for protocol %s, fd=%d",
6194 : si->family == AF_INET ? "IPv4" : "IPv6",
6195 : si->type == SOCK_DGRAM ? "UDP" : "TCP",
6196 : fds_out[i]);
6197 : }
6198 : }
6199 :
6200 139179 : for (i = 0; i < num_fds_out; i++) {
6201 69591 : if (si_idx_array[i] == -1) {
6202 67738 : continue;
6203 : }
6204 1853 : set_socket_info_index(fds_out[i], si_idx_array[i]);
6205 : }
6206 :
6207 : /* we're done ... */
6208 69588 : *cm_data_space = new_cm_data_space;
6209 :
6210 69588 : return 0;
6211 : }
6212 :
6213 69588 : static int swrap_recvmsg_unix_sol_socket(struct cmsghdr *cmsg,
6214 : uint8_t **cm_data,
6215 : size_t *cm_data_space)
6216 : {
6217 69588 : int rc = -1;
6218 :
6219 69588 : switch (cmsg->cmsg_type) {
6220 69588 : case SCM_RIGHTS:
6221 69588 : rc = swrap_recvmsg_unix_scm_rights(cmsg,
6222 : cm_data,
6223 : cm_data_space);
6224 69588 : break;
6225 0 : default:
6226 0 : rc = swrap_sendmsg_copy_cmsg(cmsg,
6227 : cm_data,
6228 : cm_data_space);
6229 0 : break;
6230 : }
6231 :
6232 69588 : return rc;
6233 : }
6234 :
6235 : #endif /* HAVE_STRUCT_MSGHDR_MSG_CONTROL */
6236 :
6237 551415 : static int swrap_sendmsg_before_unix(const struct msghdr *_msg_in,
6238 : struct msghdr *msg_tmp,
6239 : int *scm_rights_pipe_fd)
6240 : {
6241 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
6242 551415 : struct msghdr *msg_in = discard_const_p(struct msghdr, _msg_in);
6243 551415 : struct cmsghdr *cmsg = NULL;
6244 551415 : uint8_t *cm_data = NULL;
6245 551415 : size_t cm_data_space = 0;
6246 551415 : int rc = -1;
6247 :
6248 551415 : *msg_tmp = *msg_in;
6249 551415 : *scm_rights_pipe_fd = -1;
6250 :
6251 : /* Nothing to do */
6252 551415 : if (msg_in->msg_controllen == 0 || msg_in->msg_control == NULL) {
6253 416510 : return 0;
6254 : }
6255 :
6256 70295 : for (cmsg = CMSG_FIRSTHDR(msg_in);
6257 140535 : cmsg != NULL;
6258 70350 : cmsg = CMSG_NXTHDR(msg_in, cmsg)) {
6259 70295 : switch (cmsg->cmsg_level) {
6260 70295 : case SOL_SOCKET:
6261 70295 : rc = swrap_sendmsg_unix_sol_socket(cmsg,
6262 : &cm_data,
6263 : &cm_data_space,
6264 : scm_rights_pipe_fd);
6265 70295 : break;
6266 :
6267 0 : default:
6268 0 : rc = swrap_sendmsg_copy_cmsg(cmsg,
6269 : &cm_data,
6270 : &cm_data_space);
6271 0 : break;
6272 : }
6273 70295 : if (rc < 0) {
6274 0 : int saved_errno = errno;
6275 0 : SAFE_FREE(cm_data);
6276 0 : errno = saved_errno;
6277 0 : return rc;
6278 : }
6279 : }
6280 :
6281 70295 : msg_tmp->msg_controllen = cm_data_space;
6282 70295 : msg_tmp->msg_control = cm_data;
6283 :
6284 70295 : return 0;
6285 : #else /* HAVE_STRUCT_MSGHDR_MSG_CONTROL */
6286 : *msg_tmp = *_msg_in;
6287 : return 0;
6288 : #endif /* ! HAVE_STRUCT_MSGHDR_MSG_CONTROL */
6289 : }
6290 :
6291 551412 : static ssize_t swrap_sendmsg_after_unix(struct msghdr *msg_tmp,
6292 : ssize_t ret,
6293 : int scm_rights_pipe_fd)
6294 : {
6295 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
6296 551412 : int saved_errno = errno;
6297 551412 : SAFE_FREE(msg_tmp->msg_control);
6298 551412 : if (scm_rights_pipe_fd != -1) {
6299 70295 : libc_close(scm_rights_pipe_fd);
6300 : }
6301 551412 : errno = saved_errno;
6302 : #endif /* HAVE_STRUCT_MSGHDR_MSG_CONTROL */
6303 551412 : return ret;
6304 : }
6305 :
6306 227417 : static int swrap_recvmsg_before_unix(struct msghdr *msg_in,
6307 : struct msghdr *msg_tmp,
6308 : uint8_t **tmp_control)
6309 : {
6310 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
6311 227417 : const size_t cm_extra_space = CMSG_SPACE(sizeof(int));
6312 227417 : uint8_t *cm_data = NULL;
6313 227417 : size_t cm_data_space = 0;
6314 :
6315 227417 : *msg_tmp = *msg_in;
6316 227417 : *tmp_control = NULL;
6317 :
6318 227417 : SWRAP_LOG(SWRAP_LOG_TRACE,
6319 : "msg_in->msg_controllen=%zu",
6320 : (size_t)msg_in->msg_controllen);
6321 :
6322 : /* Nothing to do */
6323 227417 : if (msg_in->msg_controllen == 0 || msg_in->msg_control == NULL) {
6324 0 : return 0;
6325 : }
6326 :
6327 : /*
6328 : * We need to give the kernel a bit more space in order
6329 : * recv the pipe fd, added by swrap_sendmsg_before_unix()).
6330 : * swrap_recvmsg_after_unix() will hide it again.
6331 : */
6332 227417 : cm_data_space = msg_in->msg_controllen;
6333 227417 : if (cm_data_space < (INT32_MAX - cm_extra_space)) {
6334 227417 : cm_data_space += cm_extra_space;
6335 : }
6336 227417 : cm_data = calloc(1, cm_data_space);
6337 227417 : if (cm_data == NULL) {
6338 0 : return -1;
6339 : }
6340 :
6341 227417 : msg_tmp->msg_controllen = cm_data_space;
6342 227417 : msg_tmp->msg_control = cm_data;
6343 227417 : *tmp_control = cm_data;
6344 :
6345 227417 : SWRAP_LOG(SWRAP_LOG_TRACE,
6346 : "msg_tmp->msg_controllen=%zu",
6347 : (size_t)msg_tmp->msg_controllen);
6348 227417 : return 0;
6349 : #else /* HAVE_STRUCT_MSGHDR_MSG_CONTROL */
6350 : *msg_tmp = *msg_in;
6351 : *tmp_control = NULL;
6352 : return 0;
6353 : #endif /* ! HAVE_STRUCT_MSGHDR_MSG_CONTROL */
6354 : }
6355 :
6356 227417 : static ssize_t swrap_recvmsg_after_unix(struct msghdr *msg_tmp,
6357 : uint8_t **tmp_control,
6358 : struct msghdr *msg_out,
6359 : ssize_t ret)
6360 : {
6361 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
6362 227417 : struct cmsghdr *cmsg = NULL;
6363 227417 : uint8_t *cm_data = NULL;
6364 227417 : size_t cm_data_space = 0;
6365 227417 : int rc = -1;
6366 :
6367 227417 : if (ret < 0) {
6368 0 : int saved_errno = errno;
6369 0 : SWRAP_LOG(SWRAP_LOG_TRACE, "ret=%zd - %d - %s", ret,
6370 : saved_errno, strerror(saved_errno));
6371 0 : SAFE_FREE(*tmp_control);
6372 : /* msg_out should not be touched on error */
6373 0 : errno = saved_errno;
6374 0 : return ret;
6375 : }
6376 :
6377 227417 : SWRAP_LOG(SWRAP_LOG_TRACE,
6378 : "msg_tmp->msg_controllen=%zu",
6379 : (size_t)msg_tmp->msg_controllen);
6380 :
6381 : /* Nothing to do */
6382 227417 : if (msg_tmp->msg_controllen == 0 || msg_tmp->msg_control == NULL) {
6383 157829 : int saved_errno = errno;
6384 157829 : *msg_out = *msg_tmp;
6385 157829 : SAFE_FREE(*tmp_control);
6386 157829 : errno = saved_errno;
6387 157829 : return ret;
6388 : }
6389 :
6390 69588 : for (cmsg = CMSG_FIRSTHDR(msg_tmp);
6391 139121 : cmsg != NULL;
6392 69643 : cmsg = CMSG_NXTHDR(msg_tmp, cmsg)) {
6393 69588 : switch (cmsg->cmsg_level) {
6394 69588 : case SOL_SOCKET:
6395 69588 : rc = swrap_recvmsg_unix_sol_socket(cmsg,
6396 : &cm_data,
6397 : &cm_data_space);
6398 69588 : break;
6399 :
6400 0 : default:
6401 0 : rc = swrap_sendmsg_copy_cmsg(cmsg,
6402 : &cm_data,
6403 : &cm_data_space);
6404 0 : break;
6405 : }
6406 69588 : if (rc < 0) {
6407 0 : int saved_errno = errno;
6408 0 : SAFE_FREE(cm_data);
6409 0 : SAFE_FREE(*tmp_control);
6410 0 : errno = saved_errno;
6411 0 : return rc;
6412 : }
6413 : }
6414 :
6415 : /*
6416 : * msg_tmp->msg_control (*tmp_control) was created by
6417 : * swrap_recvmsg_before_unix() and msg_out->msg_control
6418 : * is still the buffer of the caller.
6419 : */
6420 69588 : msg_tmp->msg_control = msg_out->msg_control;
6421 69588 : msg_tmp->msg_controllen = msg_out->msg_controllen;
6422 69588 : *msg_out = *msg_tmp;
6423 :
6424 69588 : cm_data_space = MIN(cm_data_space, msg_out->msg_controllen);
6425 69588 : memcpy(msg_out->msg_control, cm_data, cm_data_space);
6426 69588 : msg_out->msg_controllen = cm_data_space;
6427 69588 : SAFE_FREE(cm_data);
6428 69588 : SAFE_FREE(*tmp_control);
6429 :
6430 69588 : SWRAP_LOG(SWRAP_LOG_TRACE,
6431 : "msg_out->msg_controllen=%zu",
6432 : (size_t)msg_out->msg_controllen);
6433 69588 : return ret;
6434 : #else /* HAVE_STRUCT_MSGHDR_MSG_CONTROL */
6435 : int saved_errno = errno;
6436 : *msg_out = *msg_tmp;
6437 : SAFE_FREE(*tmp_control);
6438 : errno = saved_errno;
6439 : return ret;
6440 : #endif /* ! HAVE_STRUCT_MSGHDR_MSG_CONTROL */
6441 : }
6442 :
6443 29308660 : static ssize_t swrap_sendmsg_before(int fd,
6444 : struct socket_info *si,
6445 : struct msghdr *msg,
6446 : struct iovec *tmp_iov,
6447 : struct sockaddr_un *tmp_un,
6448 : const struct sockaddr_un **to_un,
6449 : const struct sockaddr **to,
6450 : int *bcast)
6451 : {
6452 29308660 : size_t i, len = 0;
6453 29308660 : ssize_t ret = -1;
6454 29308660 : struct swrap_sockaddr_buf buf = {};
6455 :
6456 29308660 : if (to_un) {
6457 1903504 : *to_un = NULL;
6458 : }
6459 29308660 : if (to) {
6460 1903504 : *to = NULL;
6461 : }
6462 29308660 : if (bcast) {
6463 1903504 : *bcast = 0;
6464 : }
6465 :
6466 29308660 : SWRAP_LOCK_SI(si);
6467 :
6468 29308660 : switch (si->type) {
6469 14094196 : case SOCK_STREAM: {
6470 60051 : unsigned long mtu;
6471 :
6472 14094196 : if (!si->connected) {
6473 0 : errno = ENOTCONN;
6474 0 : goto out;
6475 : }
6476 :
6477 14094196 : if (msg->msg_iovlen == 0) {
6478 0 : break;
6479 : }
6480 :
6481 14094196 : mtu = socket_wrapper_mtu();
6482 38273703 : for (i = 0; i < (size_t)msg->msg_iovlen; i++) {
6483 191148 : size_t nlen;
6484 30434529 : nlen = len + msg->msg_iov[i].iov_len;
6485 30434529 : if (nlen < len) {
6486 : /* overflow */
6487 0 : errno = EMSGSIZE;
6488 0 : goto out;
6489 : }
6490 30434529 : if (nlen > mtu) {
6491 6244539 : break;
6492 : }
6493 : }
6494 14094196 : msg->msg_iovlen = i;
6495 14094196 : if (msg->msg_iovlen == 0) {
6496 6087717 : *tmp_iov = msg->msg_iov[0];
6497 6087717 : tmp_iov->iov_len = MIN((size_t)tmp_iov->iov_len,
6498 : (size_t)mtu);
6499 6087717 : msg->msg_iov = tmp_iov;
6500 6087717 : msg->msg_iovlen = 1;
6501 : }
6502 14034145 : break;
6503 : }
6504 15214464 : case SOCK_DGRAM:
6505 15214464 : if (si->connected) {
6506 15160315 : if (msg->msg_name != NULL) {
6507 : /*
6508 : * We are dealing with unix sockets and if we
6509 : * are connected, we should only talk to the
6510 : * connected unix path. Using the fd to send
6511 : * to another server would be hard to achieve.
6512 : */
6513 0 : msg->msg_name = NULL;
6514 0 : msg->msg_namelen = 0;
6515 : }
6516 15160315 : SWRAP_LOG(SWRAP_LOG_TRACE,
6517 : "connected(%s) fd=%d",
6518 : swrap_sockaddr_string(&buf, &si->peername.sa.s),
6519 : fd);
6520 : } else {
6521 1324 : const struct sockaddr *msg_name;
6522 54149 : msg_name = (const struct sockaddr *)msg->msg_name;
6523 :
6524 54149 : if (msg_name == NULL) {
6525 0 : errno = ENOTCONN;
6526 0 : goto out;
6527 : }
6528 :
6529 :
6530 54149 : ret = sockaddr_convert_to_un(si, msg_name, msg->msg_namelen,
6531 : tmp_un, 0, bcast);
6532 54149 : if (ret == -1) {
6533 8990 : goto out;
6534 : }
6535 :
6536 45159 : if (to_un) {
6537 45159 : *to_un = tmp_un;
6538 : }
6539 45159 : if (to) {
6540 45159 : *to = msg_name;
6541 : }
6542 45159 : msg->msg_name = tmp_un;
6543 45159 : msg->msg_namelen = sizeof(*tmp_un);
6544 : }
6545 :
6546 15205474 : if (si->bound == 0) {
6547 2079 : ret = swrap_auto_bind(fd, si, si->family);
6548 2079 : if (ret == -1) {
6549 0 : SWRAP_UNLOCK_SI(si);
6550 0 : if (errno == ENOTSOCK) {
6551 0 : swrap_remove_stale(fd);
6552 0 : ret = -ENOTSOCK;
6553 : } else {
6554 0 : SWRAP_LOG(SWRAP_LOG_ERROR, "swrap_sendmsg_before failed");
6555 : }
6556 0 : return ret;
6557 : }
6558 : }
6559 :
6560 15205474 : if (!si->defer_connect) {
6561 44176 : break;
6562 : }
6563 :
6564 30319976 : ret = sockaddr_convert_to_un(si,
6565 15159988 : &si->peername.sa.s,
6566 : si->peername.sa_socklen,
6567 : tmp_un,
6568 : 0,
6569 : NULL);
6570 15159988 : if (ret == -1) {
6571 0 : goto out;
6572 : }
6573 :
6574 15159988 : SWRAP_LOG(SWRAP_LOG_TRACE,
6575 : "deferred connect(%s) path=%s, fd=%d",
6576 : swrap_sockaddr_string(&buf, &si->peername.sa.s),
6577 : tmp_un->sun_path, fd);
6578 :
6579 15159988 : ret = libc_connect(fd,
6580 : (struct sockaddr *)(void *)tmp_un,
6581 : sizeof(*tmp_un));
6582 :
6583 : /* to give better errors */
6584 15159988 : if (ret == -1 && errno == ENOENT) {
6585 15118346 : errno = EHOSTUNREACH;
6586 : }
6587 :
6588 15159988 : if (ret == -1) {
6589 15118380 : goto out;
6590 : }
6591 :
6592 41608 : si->defer_connect = 0;
6593 41608 : break;
6594 0 : default:
6595 0 : errno = EHOSTUNREACH;
6596 0 : goto out;
6597 : }
6598 :
6599 14118723 : ret = 0;
6600 29308660 : out:
6601 29308660 : SWRAP_UNLOCK_SI(si);
6602 :
6603 29308660 : return ret;
6604 : }
6605 :
6606 14176300 : static void swrap_sendmsg_after(int fd,
6607 : struct socket_info *si,
6608 : struct msghdr *msg,
6609 : const struct sockaddr *to,
6610 : ssize_t ret)
6611 : {
6612 14176300 : int saved_errno = errno;
6613 14176300 : size_t i, len = 0;
6614 62502 : uint8_t *buf;
6615 14176300 : off_t ofs = 0;
6616 14176300 : size_t avail = 0;
6617 62502 : size_t remain;
6618 :
6619 : /* to give better errors */
6620 14176300 : if (ret == -1) {
6621 4842 : if (saved_errno == ENOENT) {
6622 85 : saved_errno = EHOSTUNREACH;
6623 4757 : } else if (saved_errno == ENOTSOCK) {
6624 : /* If the fd is not a socket, remove it */
6625 62502 : swrap_remove_stale(fd);
6626 : }
6627 : }
6628 :
6629 44525686 : for (i = 0; i < (size_t)msg->msg_iovlen; i++) {
6630 30349386 : avail += msg->msg_iov[i].iov_len;
6631 : }
6632 :
6633 14176300 : if (ret == -1) {
6634 4842 : remain = MIN(80, avail);
6635 : } else {
6636 14171458 : remain = ret;
6637 : }
6638 :
6639 : /* we capture it as one single packet */
6640 14176300 : buf = (uint8_t *)malloc(remain);
6641 14176300 : if (!buf) {
6642 : /* we just not capture the packet */
6643 0 : errno = saved_errno;
6644 0 : return;
6645 : }
6646 :
6647 44525686 : for (i = 0; i < (size_t)msg->msg_iovlen; i++) {
6648 30349386 : size_t this_time = MIN(remain, (size_t)msg->msg_iov[i].iov_len);
6649 30349386 : if (this_time > 0) {
6650 27235297 : memcpy(buf + ofs,
6651 27044901 : msg->msg_iov[i].iov_base,
6652 : this_time);
6653 : }
6654 30349386 : ofs += this_time;
6655 30349386 : remain -= this_time;
6656 : }
6657 14176300 : len = ofs;
6658 :
6659 14176300 : SWRAP_LOCK_SI(si);
6660 :
6661 14176300 : switch (si->type) {
6662 14094196 : case SOCK_STREAM:
6663 14094196 : if (ret == -1) {
6664 4736 : swrap_pcap_dump_packet(si, NULL, SWRAP_SEND, buf, len);
6665 4736 : swrap_pcap_dump_packet(si, NULL, SWRAP_SEND_RST, NULL, 0);
6666 : } else {
6667 14089460 : swrap_pcap_dump_packet(si, NULL, SWRAP_SEND, buf, len);
6668 : }
6669 14034145 : break;
6670 :
6671 82104 : case SOCK_DGRAM:
6672 82104 : if (si->connected) {
6673 41935 : to = &si->peername.sa.s;
6674 : }
6675 82104 : if (ret == -1) {
6676 106 : swrap_pcap_dump_packet(si, to, SWRAP_SENDTO, buf, len);
6677 106 : swrap_pcap_dump_packet(si, to, SWRAP_SENDTO_UNREACH, buf, len);
6678 : } else {
6679 81998 : swrap_pcap_dump_packet(si, to, SWRAP_SENDTO, buf, len);
6680 : }
6681 79653 : break;
6682 : }
6683 :
6684 14176300 : SWRAP_UNLOCK_SI(si);
6685 :
6686 14176300 : free(buf);
6687 14176300 : errno = saved_errno;
6688 : }
6689 :
6690 23410376 : static int swrap_recvmsg_before(int fd,
6691 : struct socket_info *si,
6692 : struct msghdr *msg,
6693 : struct iovec *tmp_iov)
6694 : {
6695 23410376 : size_t i, len = 0;
6696 23410376 : int ret = -1;
6697 :
6698 23410376 : SWRAP_LOCK_SI(si);
6699 :
6700 107515 : (void)fd; /* unused */
6701 :
6702 23410376 : switch (si->type) {
6703 23297602 : case SOCK_STREAM: {
6704 104111 : unsigned int mtu;
6705 23297602 : if (!si->connected) {
6706 0 : errno = ENOTCONN;
6707 0 : goto out;
6708 : }
6709 :
6710 23297602 : if (msg->msg_iovlen == 0) {
6711 0 : break;
6712 : }
6713 :
6714 23297602 : mtu = socket_wrapper_mtu();
6715 41326110 : for (i = 0; i < (size_t)msg->msg_iovlen; i++) {
6716 104111 : size_t nlen;
6717 23297602 : nlen = len + msg->msg_iov[i].iov_len;
6718 23297602 : if (nlen > mtu) {
6719 5365936 : break;
6720 : }
6721 : }
6722 23297602 : msg->msg_iovlen = i;
6723 23297602 : if (msg->msg_iovlen == 0) {
6724 5373205 : *tmp_iov = msg->msg_iov[0];
6725 5373205 : tmp_iov->iov_len = MIN((size_t)tmp_iov->iov_len,
6726 : (size_t)mtu);
6727 5373205 : msg->msg_iov = tmp_iov;
6728 5373205 : msg->msg_iovlen = 1;
6729 : }
6730 23193491 : break;
6731 : }
6732 112774 : case SOCK_DGRAM:
6733 112774 : if (msg->msg_name == NULL) {
6734 0 : errno = EINVAL;
6735 0 : goto out;
6736 : }
6737 :
6738 112774 : if (msg->msg_iovlen == 0) {
6739 0 : break;
6740 : }
6741 :
6742 112774 : if (si->bound == 0) {
6743 0 : ret = swrap_auto_bind(fd, si, si->family);
6744 0 : if (ret == -1) {
6745 0 : SWRAP_UNLOCK_SI(si);
6746 : /*
6747 : * When attempting to read or write to a
6748 : * descriptor, if an underlying autobind fails
6749 : * because it's not a socket, stop intercepting
6750 : * uses of that descriptor.
6751 : */
6752 0 : if (errno == ENOTSOCK) {
6753 0 : swrap_remove_stale(fd);
6754 0 : ret = -ENOTSOCK;
6755 : } else {
6756 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
6757 : "swrap_recvmsg_before failed");
6758 : }
6759 0 : return ret;
6760 : }
6761 : }
6762 109370 : break;
6763 0 : default:
6764 0 : errno = EHOSTUNREACH;
6765 0 : goto out;
6766 : }
6767 :
6768 23302861 : ret = 0;
6769 23410376 : out:
6770 23410376 : SWRAP_UNLOCK_SI(si);
6771 :
6772 23410376 : return ret;
6773 : }
6774 :
6775 23401150 : static int swrap_recvmsg_after(int fd,
6776 : struct socket_info *si,
6777 : struct msghdr *msg,
6778 : const struct sockaddr_un *un_addr,
6779 : socklen_t un_addrlen,
6780 : ssize_t ret)
6781 : {
6782 23401150 : int saved_errno = errno;
6783 106656 : size_t i;
6784 23401150 : uint8_t *buf = NULL;
6785 23401150 : off_t ofs = 0;
6786 23401150 : size_t avail = 0;
6787 106656 : size_t remain;
6788 106656 : int rc;
6789 :
6790 : /* to give better errors */
6791 23401150 : if (ret == -1) {
6792 931 : if (saved_errno == ENOENT) {
6793 0 : saved_errno = EHOSTUNREACH;
6794 931 : } else if (saved_errno == ENOTSOCK) {
6795 : /* If the fd is not a socket, remove it */
6796 106656 : swrap_remove_stale(fd);
6797 : }
6798 : }
6799 :
6800 46802300 : for (i = 0; i < (size_t)msg->msg_iovlen; i++) {
6801 23401150 : avail += msg->msg_iov[i].iov_len;
6802 : }
6803 :
6804 23401150 : SWRAP_LOCK_SI(si);
6805 :
6806 : /* Convert the socket address before we leave */
6807 23401150 : if (si->type == SOCK_DGRAM && un_addr != NULL) {
6808 67663 : rc = sockaddr_convert_from_un(si,
6809 : un_addr,
6810 : un_addrlen,
6811 : si->family,
6812 66288 : msg->msg_name,
6813 : &msg->msg_namelen);
6814 66288 : if (rc == -1) {
6815 0 : goto done;
6816 : }
6817 : }
6818 :
6819 23401150 : if (avail == 0) {
6820 8 : rc = 0;
6821 8 : goto done;
6822 : }
6823 :
6824 23401142 : if (ret == -1) {
6825 931 : remain = MIN(80, avail);
6826 : } else {
6827 23400211 : remain = ret;
6828 : }
6829 :
6830 : /* we capture it as one single packet */
6831 23401142 : buf = (uint8_t *)malloc(remain);
6832 23401142 : if (buf == NULL) {
6833 : /* we just not capture the packet */
6834 0 : SWRAP_UNLOCK_SI(si);
6835 0 : errno = saved_errno;
6836 0 : return -1;
6837 : }
6838 :
6839 46802284 : for (i = 0; i < (size_t)msg->msg_iovlen; i++) {
6840 23401142 : size_t this_time = MIN(remain, (size_t)msg->msg_iov[i].iov_len);
6841 23401142 : memcpy(buf + ofs,
6842 23401142 : msg->msg_iov[i].iov_base,
6843 : this_time);
6844 23401142 : ofs += this_time;
6845 23401142 : remain -= this_time;
6846 : }
6847 :
6848 23401142 : switch (si->type) {
6849 23297602 : case SOCK_STREAM:
6850 23297602 : if (ret == -1 && saved_errno != EAGAIN && saved_errno != ENOBUFS) {
6851 160 : swrap_pcap_dump_packet(si, NULL, SWRAP_RECV_RST, NULL, 0);
6852 23297442 : } else if (ret == 0) { /* END OF FILE */
6853 8260 : swrap_pcap_dump_packet(si, NULL, SWRAP_RECV_RST, NULL, 0);
6854 23289182 : } else if (ret > 0) {
6855 23288411 : swrap_pcap_dump_packet(si, NULL, SWRAP_RECV, buf, ret);
6856 : }
6857 23193491 : break;
6858 :
6859 103540 : case SOCK_DGRAM:
6860 103540 : if (ret == -1) {
6861 0 : break;
6862 : }
6863 :
6864 103540 : if (un_addr != NULL) {
6865 66280 : swrap_pcap_dump_packet(si,
6866 66280 : msg->msg_name,
6867 : SWRAP_RECVFROM,
6868 : buf,
6869 : ret);
6870 : } else {
6871 37260 : swrap_pcap_dump_packet(si,
6872 37260 : msg->msg_name,
6873 : SWRAP_RECV,
6874 : buf,
6875 : ret);
6876 : }
6877 :
6878 100995 : break;
6879 : }
6880 :
6881 23294486 : rc = 0;
6882 23401150 : done:
6883 23401150 : free(buf);
6884 23401150 : errno = saved_errno;
6885 :
6886 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
6887 23401150 : if (rc == 0 &&
6888 23401150 : msg->msg_controllen > 0 &&
6889 0 : msg->msg_control != NULL) {
6890 0 : rc = swrap_msghdr_add_socket_info(si, msg);
6891 0 : if (rc < 0) {
6892 0 : SWRAP_UNLOCK_SI(si);
6893 0 : return -1;
6894 : }
6895 : }
6896 : #endif
6897 :
6898 23401150 : SWRAP_UNLOCK_SI(si);
6899 23401150 : return rc;
6900 : }
6901 :
6902 : /****************************************************************************
6903 : * RECVFROM
6904 : ***************************************************************************/
6905 :
6906 75473 : static ssize_t swrap_recvfrom(int s, void *buf, size_t len, int flags,
6907 : struct sockaddr *from, socklen_t *fromlen)
6908 : {
6909 75473 : struct swrap_address from_addr = {
6910 : .sa_socklen = sizeof(struct sockaddr_un),
6911 : };
6912 2234 : ssize_t ret;
6913 75473 : struct socket_info *si = find_socket_info(s);
6914 75473 : struct swrap_address saddr = {
6915 : .sa_socklen = sizeof(struct sockaddr_storage),
6916 : };
6917 2234 : struct msghdr msg;
6918 2234 : struct iovec tmp;
6919 2234 : int tret;
6920 :
6921 75473 : if (!si) {
6922 0 : return libc_recvfrom(s,
6923 : buf,
6924 : len,
6925 : flags,
6926 : from,
6927 : fromlen);
6928 : }
6929 :
6930 75473 : tmp.iov_base = buf;
6931 75473 : tmp.iov_len = len;
6932 :
6933 75473 : ZERO_STRUCT(msg);
6934 75473 : if (from != NULL && fromlen != NULL) {
6935 75444 : msg.msg_name = from; /* optional address */
6936 75444 : msg.msg_namelen = *fromlen; /* size of address */
6937 : } else {
6938 29 : msg.msg_name = &saddr.sa.s; /* optional address */
6939 29 : msg.msg_namelen = saddr.sa_socklen; /* size of address */
6940 : }
6941 75473 : msg.msg_iov = &tmp; /* scatter/gather array */
6942 75473 : msg.msg_iovlen = 1; /* # elements in msg_iov */
6943 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
6944 75473 : msg.msg_control = NULL; /* ancillary data, see below */
6945 75473 : msg.msg_controllen = 0; /* ancillary data buffer len */
6946 75473 : msg.msg_flags = 0; /* flags on received message */
6947 : #endif
6948 :
6949 75473 : tret = swrap_recvmsg_before(s, si, &msg, &tmp);
6950 75473 : if (tret < 0) {
6951 0 : return -1;
6952 : }
6953 :
6954 75473 : buf = msg.msg_iov[0].iov_base;
6955 75473 : len = msg.msg_iov[0].iov_len;
6956 :
6957 75473 : ret = libc_recvfrom(s,
6958 : buf,
6959 : len,
6960 : flags,
6961 : &from_addr.sa.s,
6962 : &from_addr.sa_socklen);
6963 75473 : if (ret == -1) {
6964 8367 : return ret;
6965 : }
6966 :
6967 66247 : tret = swrap_recvmsg_after(s,
6968 : si,
6969 : &msg,
6970 : &from_addr.sa.un,
6971 : from_addr.sa_socklen,
6972 : ret);
6973 66247 : if (tret != 0) {
6974 0 : return tret;
6975 : }
6976 :
6977 66247 : if (from != NULL && fromlen != NULL) {
6978 66218 : *fromlen = msg.msg_namelen;
6979 : }
6980 :
6981 64872 : return ret;
6982 : }
6983 :
6984 : #ifdef HAVE_ACCEPT_PSOCKLEN_T
6985 : ssize_t recvfrom(int s, void *buf, size_t len, int flags,
6986 : struct sockaddr *from, Psocklen_t fromlen)
6987 : #else
6988 : ssize_t recvfrom(int s, void *buf, size_t len, int flags,
6989 : struct sockaddr *from, socklen_t *fromlen)
6990 : #endif
6991 : {
6992 75473 : return swrap_recvfrom(s, buf, len, flags, from, (socklen_t *)fromlen);
6993 : }
6994 :
6995 : /****************************************************************************
6996 : * SENDTO
6997 : ***************************************************************************/
6998 :
6999 58729 : static ssize_t swrap_sendto(int s, const void *buf, size_t len, int flags,
7000 : const struct sockaddr *to, socklen_t tolen)
7001 : {
7002 1360 : struct msghdr msg;
7003 1360 : struct iovec tmp;
7004 58729 : struct swrap_address un_addr = {
7005 : .sa_socklen = sizeof(struct sockaddr_un),
7006 : };
7007 58729 : const struct sockaddr_un *to_un = NULL;
7008 1360 : ssize_t ret;
7009 1360 : int rc;
7010 58729 : struct socket_info *si = find_socket_info(s);
7011 58729 : int bcast = 0;
7012 :
7013 58729 : if (!si) {
7014 0 : return libc_sendto(s, buf, len, flags, to, tolen);
7015 : }
7016 :
7017 58729 : tmp.iov_base = discard_const_p(char, buf);
7018 58729 : tmp.iov_len = len;
7019 :
7020 58729 : ZERO_STRUCT(msg);
7021 58729 : msg.msg_name = discard_const_p(struct sockaddr, to); /* optional address */
7022 58729 : msg.msg_namelen = tolen; /* size of address */
7023 58729 : msg.msg_iov = &tmp; /* scatter/gather array */
7024 58729 : msg.msg_iovlen = 1; /* # elements in msg_iov */
7025 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7026 58729 : msg.msg_control = NULL; /* ancillary data, see below */
7027 58729 : msg.msg_controllen = 0; /* ancillary data buffer len */
7028 58729 : msg.msg_flags = 0; /* flags on received message */
7029 : #endif
7030 :
7031 58729 : rc = swrap_sendmsg_before(s,
7032 : si,
7033 : &msg,
7034 : &tmp,
7035 : &un_addr.sa.un,
7036 : &to_un,
7037 : &to,
7038 : &bcast);
7039 58729 : if (rc < 0) {
7040 8996 : return -1;
7041 : }
7042 :
7043 49719 : buf = msg.msg_iov[0].iov_base;
7044 49719 : len = msg.msg_iov[0].iov_len;
7045 :
7046 49719 : if (bcast) {
7047 65 : struct stat st;
7048 65 : unsigned int iface;
7049 4990 : unsigned int prt = ntohs(((const struct sockaddr_in *)(const void *)to)->sin_port);
7050 65 : char type;
7051 4990 : char *swrap_dir = NULL;
7052 :
7053 4990 : type = SOCKET_TYPE_CHAR_UDP;
7054 :
7055 4990 : swrap_dir = socket_wrapper_dir();
7056 4990 : if (swrap_dir == NULL) {
7057 0 : return -1;
7058 : }
7059 :
7060 329340 : for(iface=0; iface <= MAX_WRAPPED_INTERFACES; iface++) {
7061 324350 : swrap_un_path(&un_addr.sa.un,
7062 : swrap_dir,
7063 : type,
7064 : iface,
7065 : prt);
7066 324350 : if (stat(un_addr.sa.un.sun_path, &st) != 0) continue;
7067 :
7068 : /* ignore the any errors in broadcast sends */
7069 22963 : libc_sendto(s,
7070 : buf,
7071 : len,
7072 : flags,
7073 : &un_addr.sa.s,
7074 : un_addr.sa_socklen);
7075 : }
7076 :
7077 4990 : SAFE_FREE(swrap_dir);
7078 :
7079 4990 : SWRAP_LOCK_SI(si);
7080 :
7081 4990 : swrap_pcap_dump_packet(si, to, SWRAP_SENDTO, buf, len);
7082 :
7083 4990 : SWRAP_UNLOCK_SI(si);
7084 :
7085 4990 : return len;
7086 : }
7087 :
7088 44729 : SWRAP_LOCK_SI(si);
7089 : /*
7090 : * If it is a dgram socket and we are connected, don't include the
7091 : * 'to' address.
7092 : */
7093 44729 : if (si->type == SOCK_DGRAM && si->connected) {
7094 4596 : ret = libc_sendto(s,
7095 : buf,
7096 : len,
7097 : flags,
7098 : NULL,
7099 : 0);
7100 : } else {
7101 40169 : ret = libc_sendto(s,
7102 : buf,
7103 : len,
7104 : flags,
7105 40169 : (struct sockaddr *)msg.msg_name,
7106 : msg.msg_namelen);
7107 : }
7108 :
7109 44729 : SWRAP_UNLOCK_SI(si);
7110 :
7111 44729 : swrap_sendmsg_after(s, si, &msg, to, ret);
7112 :
7113 44729 : return ret;
7114 : }
7115 :
7116 : ssize_t sendto(int s, const void *buf, size_t len, int flags,
7117 : const struct sockaddr *to, socklen_t tolen)
7118 : {
7119 58729 : return swrap_sendto(s, buf, len, flags, to, tolen);
7120 : }
7121 :
7122 : /****************************************************************************
7123 : * READV
7124 : ***************************************************************************/
7125 :
7126 9005550 : static ssize_t swrap_recv(int s, void *buf, size_t len, int flags)
7127 : {
7128 47024 : struct socket_info *si;
7129 47024 : struct msghdr msg;
7130 9005550 : struct swrap_address saddr = {
7131 : .sa_socklen = sizeof(struct sockaddr_storage),
7132 : };
7133 47024 : struct iovec tmp;
7134 47024 : ssize_t ret;
7135 47024 : int tret;
7136 :
7137 9005550 : si = find_socket_info(s);
7138 9005550 : if (si == NULL) {
7139 785890 : return libc_recv(s, buf, len, flags);
7140 : }
7141 :
7142 8219660 : tmp.iov_base = buf;
7143 8219660 : tmp.iov_len = len;
7144 :
7145 8219660 : ZERO_STRUCT(msg);
7146 8219660 : msg.msg_name = &saddr.sa.s; /* optional address */
7147 8219660 : msg.msg_namelen = saddr.sa_socklen; /* size of address */
7148 8219660 : msg.msg_iov = &tmp; /* scatter/gather array */
7149 8219660 : msg.msg_iovlen = 1; /* # elements in msg_iov */
7150 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7151 8219660 : msg.msg_control = NULL; /* ancillary data, see below */
7152 8219660 : msg.msg_controllen = 0; /* ancillary data buffer len */
7153 8219660 : msg.msg_flags = 0; /* flags on received message */
7154 : #endif
7155 :
7156 8219660 : tret = swrap_recvmsg_before(s, si, &msg, &tmp);
7157 8219660 : if (tret < 0) {
7158 0 : return -1;
7159 : }
7160 :
7161 8219660 : buf = msg.msg_iov[0].iov_base;
7162 8219660 : len = msg.msg_iov[0].iov_len;
7163 :
7164 8219660 : ret = libc_recv(s, buf, len, flags);
7165 :
7166 8219660 : tret = swrap_recvmsg_after(s, si, &msg, NULL, 0, ret);
7167 8219660 : if (tret != 0) {
7168 0 : return tret;
7169 : }
7170 :
7171 8172636 : return ret;
7172 : }
7173 :
7174 : ssize_t recv(int s, void *buf, size_t len, int flags)
7175 : {
7176 9005550 : return swrap_recv(s, buf, len, flags);
7177 : }
7178 :
7179 : /****************************************************************************
7180 : * READ
7181 : ***************************************************************************/
7182 :
7183 24008737 : static ssize_t swrap_read(int s, void *buf, size_t len)
7184 : {
7185 15269173 : struct socket_info *si;
7186 15269173 : struct msghdr msg;
7187 15269173 : struct iovec tmp;
7188 24008737 : struct swrap_address saddr = {
7189 : .sa_socklen = sizeof(struct sockaddr_storage),
7190 : };
7191 15269173 : ssize_t ret;
7192 15269173 : int tret;
7193 :
7194 24008737 : si = find_socket_info(s);
7195 8760890 : if (si == NULL) {
7196 37546826 : return libc_read(s, buf, len);
7197 : }
7198 :
7199 1709758 : tmp.iov_base = buf;
7200 1709758 : tmp.iov_len = len;
7201 :
7202 1709758 : ZERO_STRUCT(msg);
7203 1709758 : msg.msg_name = &saddr.sa.ss; /* optional address */
7204 1709758 : msg.msg_namelen = saddr.sa_socklen; /* size of address */
7205 1709758 : msg.msg_iov = &tmp; /* scatter/gather array */
7206 1709758 : msg.msg_iovlen = 1; /* # elements in msg_iov */
7207 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7208 1709758 : msg.msg_control = NULL; /* ancillary data, see below */
7209 1709758 : msg.msg_controllen = 0; /* ancillary data buffer len */
7210 1709758 : msg.msg_flags = 0; /* flags on received message */
7211 : #endif
7212 :
7213 1709758 : tret = swrap_recvmsg_before(s, si, &msg, &tmp);
7214 1709758 : if (tret < 0) {
7215 0 : if (tret == -ENOTSOCK) {
7216 0 : return libc_read(s, buf, len);
7217 : }
7218 0 : return -1;
7219 : }
7220 :
7221 1709758 : buf = msg.msg_iov[0].iov_base;
7222 1709758 : len = msg.msg_iov[0].iov_len;
7223 :
7224 1709758 : ret = libc_read(s, buf, len);
7225 :
7226 1709758 : tret = swrap_recvmsg_after(s, si, &msg, NULL, 0, ret);
7227 1709758 : if (tret != 0) {
7228 0 : return tret;
7229 : }
7230 :
7231 1688432 : return ret;
7232 : }
7233 :
7234 : ssize_t read(int s, void *buf, size_t len)
7235 : {
7236 24008737 : return swrap_read(s, buf, len);
7237 : }
7238 :
7239 : /****************************************************************************
7240 : * WRITE
7241 : ***************************************************************************/
7242 :
7243 23113085 : static ssize_t swrap_write(int s, const void *buf, size_t len)
7244 : {
7245 17496849 : struct msghdr msg;
7246 17496849 : struct iovec tmp;
7247 17496849 : struct sockaddr_un un_addr;
7248 17496849 : ssize_t ret;
7249 17496849 : int rc;
7250 17496849 : struct socket_info *si;
7251 :
7252 23113085 : si = find_socket_info(s);
7253 5619552 : if (si == NULL) {
7254 22987890 : return libc_write(s, buf, len);
7255 : }
7256 :
7257 125146 : tmp.iov_base = discard_const_p(char, buf);
7258 125146 : tmp.iov_len = len;
7259 :
7260 125146 : ZERO_STRUCT(msg);
7261 125146 : msg.msg_name = NULL; /* optional address */
7262 125146 : msg.msg_namelen = 0; /* size of address */
7263 125146 : msg.msg_iov = &tmp; /* scatter/gather array */
7264 125146 : msg.msg_iovlen = 1; /* # elements in msg_iov */
7265 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7266 125146 : msg.msg_control = NULL; /* ancillary data, see below */
7267 125146 : msg.msg_controllen = 0; /* ancillary data buffer len */
7268 125146 : msg.msg_flags = 0; /* flags on received message */
7269 : #endif
7270 :
7271 125146 : rc = swrap_sendmsg_before(s, si, &msg, &tmp, &un_addr, NULL, NULL, NULL);
7272 125146 : if (rc < 0) {
7273 0 : return -1;
7274 : }
7275 :
7276 125146 : buf = msg.msg_iov[0].iov_base;
7277 125146 : len = msg.msg_iov[0].iov_len;
7278 :
7279 125146 : ret = libc_write(s, buf, len);
7280 :
7281 125146 : swrap_sendmsg_after(s, si, &msg, NULL, ret);
7282 :
7283 125146 : return ret;
7284 : }
7285 :
7286 : ssize_t write(int s, const void *buf, size_t len)
7287 : {
7288 23113137 : return swrap_write(s, buf, len);
7289 : }
7290 :
7291 : /****************************************************************************
7292 : * SEND
7293 : ***************************************************************************/
7294 :
7295 16143269 : static ssize_t swrap_send(int s, const void *buf, size_t len, int flags)
7296 : {
7297 1756 : struct msghdr msg;
7298 1756 : struct iovec tmp;
7299 1756 : struct sockaddr_un un_addr;
7300 1756 : ssize_t ret;
7301 1756 : int rc;
7302 16143269 : struct socket_info *si = find_socket_info(s);
7303 :
7304 16143269 : if (!si) {
7305 7 : return libc_send(s, buf, len, flags);
7306 : }
7307 :
7308 16143262 : tmp.iov_base = discard_const_p(char, buf);
7309 16143262 : tmp.iov_len = len;
7310 :
7311 16143262 : ZERO_STRUCT(msg);
7312 16143262 : msg.msg_name = NULL; /* optional address */
7313 16143262 : msg.msg_namelen = 0; /* size of address */
7314 16143262 : msg.msg_iov = &tmp; /* scatter/gather array */
7315 16143262 : msg.msg_iovlen = 1; /* # elements in msg_iov */
7316 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7317 16143262 : msg.msg_control = NULL; /* ancillary data, see below */
7318 16143262 : msg.msg_controllen = 0; /* ancillary data buffer len */
7319 16143262 : msg.msg_flags = 0; /* flags on received message */
7320 : #endif
7321 :
7322 16143262 : rc = swrap_sendmsg_before(s, si, &msg, &tmp, &un_addr, NULL, NULL, NULL);
7323 16143262 : if (rc < 0) {
7324 15118360 : return -1;
7325 : }
7326 :
7327 1024902 : buf = msg.msg_iov[0].iov_base;
7328 1024902 : len = msg.msg_iov[0].iov_len;
7329 :
7330 1024902 : ret = libc_send(s, buf, len, flags);
7331 :
7332 1024902 : swrap_sendmsg_after(s, si, &msg, NULL, ret);
7333 :
7334 1024902 : return ret;
7335 : }
7336 :
7337 : ssize_t send(int s, const void *buf, size_t len, int flags)
7338 : {
7339 16143269 : return swrap_send(s, buf, len, flags);
7340 : }
7341 :
7342 : /****************************************************************************
7343 : * RECVMSG
7344 : ***************************************************************************/
7345 :
7346 3439694 : static ssize_t swrap_recvmsg(int s, struct msghdr *omsg, int flags)
7347 : {
7348 3439694 : struct swrap_address from_addr = {
7349 : .sa_socklen = sizeof(struct sockaddr_un),
7350 : };
7351 3439694 : struct swrap_address convert_addr = {
7352 : .sa_socklen = sizeof(struct sockaddr_storage),
7353 : };
7354 86858 : struct socket_info *si;
7355 86858 : struct msghdr msg;
7356 86858 : struct iovec tmp;
7357 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7358 86858 : size_t msg_ctrllen_filled;
7359 86858 : size_t msg_ctrllen_left;
7360 : #endif
7361 :
7362 86858 : ssize_t ret;
7363 86858 : int rc;
7364 :
7365 3439694 : si = find_socket_info(s);
7366 3376124 : if (si == NULL) {
7367 227417 : uint8_t *tmp_control = NULL;
7368 227417 : rc = swrap_recvmsg_before_unix(omsg, &msg, &tmp_control);
7369 227417 : if (rc < 0) {
7370 0 : return rc;
7371 : }
7372 227417 : ret = libc_recvmsg(s, &msg, flags);
7373 227417 : return swrap_recvmsg_after_unix(&msg, &tmp_control, omsg, ret);
7374 : }
7375 :
7376 3212277 : tmp.iov_base = NULL;
7377 3212277 : tmp.iov_len = 0;
7378 :
7379 3212277 : ZERO_STRUCT(msg);
7380 3212277 : msg.msg_name = &from_addr.sa; /* optional address */
7381 3212277 : msg.msg_namelen = from_addr.sa_socklen; /* size of address */
7382 3212277 : msg.msg_iov = omsg->msg_iov; /* scatter/gather array */
7383 3212277 : msg.msg_iovlen = omsg->msg_iovlen; /* # elements in msg_iov */
7384 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7385 3212277 : msg_ctrllen_filled = 0;
7386 3212277 : msg_ctrllen_left = omsg->msg_controllen;
7387 :
7388 3212277 : msg.msg_control = omsg->msg_control; /* ancillary data, see below */
7389 3212277 : msg.msg_controllen = omsg->msg_controllen; /* ancillary data buffer len */
7390 3212277 : msg.msg_flags = omsg->msg_flags; /* flags on received message */
7391 : #endif
7392 :
7393 3212277 : rc = swrap_recvmsg_before(s, si, &msg, &tmp);
7394 3212277 : if (rc < 0) {
7395 0 : return -1;
7396 : }
7397 :
7398 3212277 : ret = libc_recvmsg(s, &msg, flags);
7399 :
7400 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7401 3212277 : msg_ctrllen_filled += msg.msg_controllen;
7402 3212277 : msg_ctrllen_left -= msg.msg_controllen;
7403 :
7404 3212277 : if (omsg->msg_control != NULL) {
7405 0 : uint8_t *p;
7406 :
7407 0 : p = omsg->msg_control;
7408 0 : p += msg_ctrllen_filled;
7409 :
7410 0 : msg.msg_control = p;
7411 0 : msg.msg_controllen = msg_ctrllen_left;
7412 : } else {
7413 3212277 : msg.msg_control = NULL;
7414 3212277 : msg.msg_controllen = 0;
7415 : }
7416 : #endif
7417 :
7418 : /*
7419 : * We convert the unix address to a IP address so we need a buffer
7420 : * which can store the address in case of SOCK_DGRAM, see below.
7421 : */
7422 3212277 : msg.msg_name = &convert_addr.sa;
7423 3212277 : msg.msg_namelen = convert_addr.sa_socklen;
7424 :
7425 3212277 : rc = swrap_recvmsg_after(s,
7426 : si,
7427 : &msg,
7428 : &from_addr.sa.un,
7429 : from_addr.sa_socklen,
7430 : ret);
7431 3212277 : if (rc != 0) {
7432 0 : return rc;
7433 : }
7434 :
7435 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7436 3212277 : if (omsg->msg_control != NULL) {
7437 : /* msg.msg_controllen = space left */
7438 0 : msg_ctrllen_left = msg.msg_controllen;
7439 0 : msg_ctrllen_filled = omsg->msg_controllen - msg_ctrllen_left;
7440 : }
7441 :
7442 : /* Update the original message length */
7443 3212277 : omsg->msg_controllen = msg_ctrllen_filled;
7444 3212277 : omsg->msg_flags = msg.msg_flags;
7445 : #endif
7446 3212277 : omsg->msg_iovlen = msg.msg_iovlen;
7447 :
7448 3212277 : SWRAP_LOCK_SI(si);
7449 :
7450 : /*
7451 : * From the manpage:
7452 : *
7453 : * The msg_name field points to a caller-allocated buffer that is
7454 : * used to return the source address if the socket is unconnected. The
7455 : * caller should set msg_namelen to the size of this buffer before this
7456 : * call; upon return from a successful call, msg_name will contain the
7457 : * length of the returned address. If the application does not need
7458 : * to know the source address, msg_name can be specified as NULL.
7459 : */
7460 3212277 : if (si->type == SOCK_STREAM) {
7461 3212236 : omsg->msg_namelen = 0;
7462 41 : } else if (omsg->msg_name != NULL &&
7463 41 : omsg->msg_namelen != 0 &&
7464 41 : omsg->msg_namelen >= msg.msg_namelen) {
7465 41 : memcpy(omsg->msg_name, msg.msg_name, msg.msg_namelen);
7466 41 : omsg->msg_namelen = msg.msg_namelen;
7467 : }
7468 :
7469 3212277 : SWRAP_UNLOCK_SI(si);
7470 :
7471 3212277 : return ret;
7472 : }
7473 :
7474 : ssize_t recvmsg(int sockfd, struct msghdr *msg, int flags)
7475 : {
7476 3439694 : return swrap_recvmsg(sockfd, msg, flags);
7477 : }
7478 :
7479 : /****************************************************************************
7480 : * RECVMMSG
7481 : ***************************************************************************/
7482 :
7483 : #ifdef HAVE_RECVMMSG
7484 : #if defined(HAVE_RECVMMSG_SSIZE_T_CONST_TIMEOUT)
7485 : /* FreeBSD */
7486 : static ssize_t swrap_recvmmsg(int s, struct mmsghdr *omsgvec, size_t _vlen, int flags, const struct timespec *timeout)
7487 : #elif defined(HAVE_RECVMMSG_CONST_TIMEOUT)
7488 : /* Linux legacy glibc < 2.21 */
7489 : static int swrap_recvmmsg(int s, struct mmsghdr *omsgvec, unsigned int _vlen, int flags, const struct timespec *timeout)
7490 : #else
7491 : /* Linux glibc >= 2.21 */
7492 0 : static int swrap_recvmmsg(int s, struct mmsghdr *omsgvec, unsigned int _vlen, int flags, struct timespec *timeout)
7493 : #endif
7494 : {
7495 0 : struct socket_info *si = find_socket_info(s);
7496 : #define __SWRAP_RECVMMSG_MAX_VLEN 16
7497 0 : struct mmsghdr msgvec[__SWRAP_RECVMMSG_MAX_VLEN] = {};
7498 0 : struct {
7499 : struct iovec iov;
7500 : struct swrap_address from_addr;
7501 : struct swrap_address convert_addr;
7502 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7503 : size_t msg_ctrllen_filled;
7504 : size_t msg_ctrllen_left;
7505 : #endif
7506 0 : } tmp[__SWRAP_RECVMMSG_MAX_VLEN] = {};
7507 0 : int vlen;
7508 0 : int i;
7509 0 : int ret;
7510 0 : int rc;
7511 0 : int saved_errno;
7512 :
7513 0 : if (_vlen > __SWRAP_RECVMMSG_MAX_VLEN) {
7514 0 : vlen = __SWRAP_RECVMMSG_MAX_VLEN;
7515 : } else {
7516 0 : vlen = _vlen;
7517 : }
7518 :
7519 0 : if (si == NULL) {
7520 0 : uint8_t *tmp_control[__SWRAP_RECVMMSG_MAX_VLEN] = { NULL, };
7521 :
7522 0 : for (i = 0; i < vlen; i++) {
7523 0 : struct msghdr *omsg = &omsgvec[i].msg_hdr;
7524 0 : struct msghdr *msg = &msgvec[i].msg_hdr;
7525 :
7526 0 : rc = swrap_recvmsg_before_unix(omsg, msg,
7527 : &tmp_control[i]);
7528 0 : if (rc < 0) {
7529 0 : ret = rc;
7530 0 : goto fail_libc;
7531 : }
7532 : }
7533 :
7534 0 : ret = libc_recvmmsg(s, msgvec, vlen, flags, timeout);
7535 0 : if (ret < 0) {
7536 0 : goto fail_libc;
7537 : }
7538 :
7539 0 : for (i = 0; i < ret; i++) {
7540 0 : omsgvec[i].msg_len = msgvec[i].msg_len;
7541 : }
7542 :
7543 0 : fail_libc:
7544 0 : saved_errno = errno;
7545 0 : for (i = 0; i < vlen; i++) {
7546 0 : struct msghdr *omsg = &omsgvec[i].msg_hdr;
7547 0 : struct msghdr *msg = &msgvec[i].msg_hdr;
7548 :
7549 0 : if (i == 0 || i < ret) {
7550 0 : swrap_recvmsg_after_unix(msg, &tmp_control[i], omsg, ret);
7551 : }
7552 0 : SAFE_FREE(tmp_control[i]);
7553 : }
7554 0 : errno = saved_errno;
7555 :
7556 0 : return ret;
7557 : }
7558 :
7559 0 : for (i = 0; i < vlen; i++) {
7560 0 : struct msghdr *omsg = &omsgvec[i].msg_hdr;
7561 0 : struct msghdr *msg = &msgvec[i].msg_hdr;
7562 :
7563 0 : tmp[i].from_addr.sa_socklen = sizeof(struct sockaddr_un);
7564 0 : tmp[i].convert_addr.sa_socklen = sizeof(struct sockaddr_storage);
7565 :
7566 0 : msg->msg_name = &tmp[i].from_addr.sa; /* optional address */
7567 0 : msg->msg_namelen = tmp[i].from_addr.sa_socklen; /* size of address */
7568 0 : msg->msg_iov = omsg->msg_iov; /* scatter/gather array */
7569 0 : msg->msg_iovlen = omsg->msg_iovlen; /* # elements in msg_iov */
7570 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7571 0 : tmp[i].msg_ctrllen_filled = 0;
7572 0 : tmp[i].msg_ctrllen_left = omsg->msg_controllen;
7573 :
7574 0 : msg->msg_control = omsg->msg_control; /* ancillary data, see below */
7575 0 : msg->msg_controllen = omsg->msg_controllen; /* ancillary data buffer len */
7576 0 : msg->msg_flags = omsg->msg_flags; /* flags on received message */
7577 : #endif
7578 :
7579 0 : rc = swrap_recvmsg_before(s, si, msg, &tmp[i].iov);
7580 0 : if (rc < 0) {
7581 0 : ret = rc;
7582 0 : goto fail_swrap;
7583 : }
7584 : }
7585 :
7586 0 : ret = libc_recvmmsg(s, msgvec, vlen, flags, timeout);
7587 0 : if (ret < 0) {
7588 0 : goto fail_swrap;
7589 : }
7590 :
7591 0 : for (i = 0; i < ret; i++) {
7592 0 : omsgvec[i].msg_len = msgvec[i].msg_len;
7593 : }
7594 :
7595 0 : fail_swrap:
7596 :
7597 0 : saved_errno = errno;
7598 0 : for (i = 0; i < vlen; i++) {
7599 0 : struct msghdr *omsg = &omsgvec[i].msg_hdr;
7600 0 : struct msghdr *msg = &msgvec[i].msg_hdr;
7601 :
7602 0 : if (!(i == 0 || i < ret)) {
7603 0 : break;
7604 : }
7605 :
7606 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7607 0 : tmp[i].msg_ctrllen_filled += msg->msg_controllen;
7608 0 : tmp[i].msg_ctrllen_left -= msg->msg_controllen;
7609 :
7610 0 : if (omsg->msg_control != NULL) {
7611 0 : uint8_t *p;
7612 :
7613 0 : p = omsg->msg_control;
7614 0 : p += tmp[i].msg_ctrllen_filled;
7615 :
7616 0 : msg->msg_control = p;
7617 0 : msg->msg_controllen = tmp[i].msg_ctrllen_left;
7618 : } else {
7619 0 : msg->msg_control = NULL;
7620 0 : msg->msg_controllen = 0;
7621 : }
7622 : #endif
7623 :
7624 : /*
7625 : * We convert the unix address to a IP address so we need a buffer
7626 : * which can store the address in case of SOCK_DGRAM, see below.
7627 : */
7628 0 : msg->msg_name = &tmp[i].convert_addr.sa;
7629 0 : msg->msg_namelen = tmp[i].convert_addr.sa_socklen;
7630 :
7631 0 : swrap_recvmsg_after(s, si, msg,
7632 0 : &tmp[i].from_addr.sa.un,
7633 : tmp[i].from_addr.sa_socklen,
7634 : ret);
7635 :
7636 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7637 0 : if (omsg->msg_control != NULL) {
7638 : /* msg->msg_controllen = space left */
7639 0 : tmp[i].msg_ctrllen_left = msg->msg_controllen;
7640 0 : tmp[i].msg_ctrllen_filled = omsg->msg_controllen - tmp[i].msg_ctrllen_left;
7641 : }
7642 :
7643 : /* Update the original message length */
7644 0 : omsg->msg_controllen = tmp[i].msg_ctrllen_filled;
7645 0 : omsg->msg_flags = msg->msg_flags;
7646 : #endif
7647 0 : omsg->msg_iovlen = msg->msg_iovlen;
7648 :
7649 0 : SWRAP_LOCK_SI(si);
7650 :
7651 : /*
7652 : * From the manpage:
7653 : *
7654 : * The msg_name field points to a caller-allocated buffer that is
7655 : * used to return the source address if the socket is unconnected. The
7656 : * caller should set msg_namelen to the size of this buffer before this
7657 : * call; upon return from a successful call, msg_name will contain the
7658 : * length of the returned address. If the application does not need
7659 : * to know the source address, msg_name can be specified as NULL.
7660 : */
7661 0 : if (si->type == SOCK_STREAM) {
7662 0 : omsg->msg_namelen = 0;
7663 0 : } else if (omsg->msg_name != NULL &&
7664 0 : omsg->msg_namelen != 0 &&
7665 0 : omsg->msg_namelen >= msg->msg_namelen) {
7666 0 : memcpy(omsg->msg_name, msg->msg_name, msg->msg_namelen);
7667 0 : omsg->msg_namelen = msg->msg_namelen;
7668 : }
7669 :
7670 0 : SWRAP_UNLOCK_SI(si);
7671 : }
7672 0 : errno = saved_errno;
7673 :
7674 0 : return ret;
7675 : }
7676 :
7677 : #if defined(HAVE_RECVMMSG_SSIZE_T_CONST_TIMEOUT)
7678 : /* FreeBSD */
7679 : ssize_t recvmmsg(int sockfd, struct mmsghdr *msgvec, size_t vlen, int flags, const struct timespec *timeout)
7680 : #elif defined(HAVE_RECVMMSG_CONST_TIMEOUT)
7681 : /* Linux legacy glibc < 2.21 */
7682 : int recvmmsg(int sockfd, struct mmsghdr *msgvec, unsigned int vlen, int flags, const struct timespec *timeout)
7683 : #else
7684 : /* Linux glibc >= 2.21 */
7685 : int recvmmsg(int sockfd, struct mmsghdr *msgvec, unsigned int vlen, int flags, struct timespec *timeout)
7686 : #endif
7687 : {
7688 0 : return swrap_recvmmsg(sockfd, msgvec, vlen, flags, timeout);
7689 : }
7690 : #endif /* HAVE_RECVMMSG */
7691 :
7692 : /****************************************************************************
7693 : * SENDMSG
7694 : ***************************************************************************/
7695 :
7696 2396149 : static ssize_t swrap_sendmsg(int s, const struct msghdr *omsg, int flags)
7697 : {
7698 79372 : struct msghdr msg;
7699 79372 : struct iovec tmp;
7700 79372 : struct sockaddr_un un_addr;
7701 2396149 : const struct sockaddr_un *to_un = NULL;
7702 2396149 : const struct sockaddr *to = NULL;
7703 79372 : ssize_t ret;
7704 79372 : int rc;
7705 2396149 : struct socket_info *si = find_socket_info(s);
7706 2396149 : int bcast = 0;
7707 :
7708 2396149 : if (!si) {
7709 551415 : int scm_rights_pipe_fd = -1;
7710 :
7711 551415 : rc = swrap_sendmsg_before_unix(omsg, &msg,
7712 : &scm_rights_pipe_fd);
7713 551415 : if (rc < 0) {
7714 0 : return rc;
7715 : }
7716 551415 : ret = libc_sendmsg(s, &msg, flags);
7717 551412 : return swrap_sendmsg_after_unix(&msg, ret, scm_rights_pipe_fd);
7718 : }
7719 :
7720 1844734 : ZERO_STRUCT(un_addr);
7721 :
7722 1844734 : tmp.iov_base = NULL;
7723 1844734 : tmp.iov_len = 0;
7724 :
7725 1844734 : ZERO_STRUCT(msg);
7726 :
7727 1844734 : SWRAP_LOCK_SI(si);
7728 :
7729 1844734 : if (si->connected == 0) {
7730 0 : msg.msg_name = omsg->msg_name; /* optional address */
7731 0 : msg.msg_namelen = omsg->msg_namelen; /* size of address */
7732 : }
7733 1844734 : msg.msg_iov = omsg->msg_iov; /* scatter/gather array */
7734 1844734 : msg.msg_iovlen = omsg->msg_iovlen; /* # elements in msg_iov */
7735 :
7736 1844734 : SWRAP_UNLOCK_SI(si);
7737 :
7738 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7739 1844734 : if (omsg != NULL && omsg->msg_controllen > 0 && omsg->msg_control != NULL) {
7740 0 : uint8_t *cmbuf = NULL;
7741 0 : size_t cmlen = 0;
7742 :
7743 0 : rc = swrap_sendmsg_filter_cmsghdr(omsg, &cmbuf, &cmlen);
7744 0 : if (rc < 0) {
7745 0 : return rc;
7746 : }
7747 :
7748 0 : if (cmlen == 0) {
7749 0 : msg.msg_controllen = 0;
7750 0 : msg.msg_control = NULL;
7751 : } else {
7752 0 : msg.msg_control = cmbuf;
7753 0 : msg.msg_controllen = cmlen;
7754 : }
7755 : }
7756 1844734 : msg.msg_flags = omsg->msg_flags; /* flags on received message */
7757 : #endif
7758 1844734 : rc = swrap_sendmsg_before(s, si, &msg, &tmp, &un_addr, &to_un, &to, &bcast);
7759 1844734 : if (rc < 0) {
7760 0 : int saved_errno = errno;
7761 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7762 0 : SAFE_FREE(msg.msg_control);
7763 : #endif
7764 0 : errno = saved_errno;
7765 0 : return -1;
7766 : }
7767 :
7768 1844734 : if (bcast) {
7769 0 : struct stat st;
7770 0 : unsigned int iface;
7771 0 : unsigned int prt = ntohs(((const struct sockaddr_in *)(const void *)to)->sin_port);
7772 0 : char type;
7773 0 : size_t i, len = 0;
7774 0 : uint8_t *buf;
7775 0 : off_t ofs = 0;
7776 0 : size_t avail = 0;
7777 0 : size_t remain;
7778 0 : char *swrap_dir = NULL;
7779 :
7780 0 : for (i = 0; i < (size_t)msg.msg_iovlen; i++) {
7781 0 : avail += msg.msg_iov[i].iov_len;
7782 : }
7783 :
7784 0 : len = avail;
7785 0 : remain = avail;
7786 :
7787 : /* we capture it as one single packet */
7788 0 : buf = (uint8_t *)malloc(remain);
7789 0 : if (!buf) {
7790 0 : int saved_errno = errno;
7791 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7792 0 : SAFE_FREE(msg.msg_control);
7793 : #endif
7794 0 : errno = saved_errno;
7795 0 : return -1;
7796 : }
7797 :
7798 0 : for (i = 0; i < (size_t)msg.msg_iovlen; i++) {
7799 0 : size_t this_time = MIN(remain, (size_t)msg.msg_iov[i].iov_len);
7800 0 : memcpy(buf + ofs,
7801 0 : msg.msg_iov[i].iov_base,
7802 : this_time);
7803 0 : ofs += this_time;
7804 0 : remain -= this_time;
7805 : }
7806 :
7807 0 : type = SOCKET_TYPE_CHAR_UDP;
7808 :
7809 0 : swrap_dir = socket_wrapper_dir();
7810 0 : if (swrap_dir == NULL) {
7811 0 : int saved_errno = errno;
7812 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7813 0 : SAFE_FREE(msg.msg_control);
7814 : #endif
7815 0 : SAFE_FREE(buf);
7816 0 : errno = saved_errno;
7817 0 : return -1;
7818 : }
7819 :
7820 0 : for(iface=0; iface <= MAX_WRAPPED_INTERFACES; iface++) {
7821 0 : swrap_un_path(&un_addr, swrap_dir, type, iface, prt);
7822 0 : if (stat(un_addr.sun_path, &st) != 0) continue;
7823 :
7824 0 : msg.msg_name = &un_addr; /* optional address */
7825 0 : msg.msg_namelen = sizeof(un_addr); /* size of address */
7826 :
7827 : /* ignore the any errors in broadcast sends */
7828 0 : libc_sendmsg(s, &msg, flags);
7829 : }
7830 :
7831 0 : SAFE_FREE(swrap_dir);
7832 :
7833 0 : SWRAP_LOCK_SI(si);
7834 :
7835 0 : swrap_pcap_dump_packet(si, to, SWRAP_SENDTO, buf, len);
7836 0 : free(buf);
7837 :
7838 0 : SWRAP_UNLOCK_SI(si);
7839 :
7840 0 : return len;
7841 : }
7842 :
7843 1844734 : ret = libc_sendmsg(s, &msg, flags);
7844 :
7845 1844734 : swrap_sendmsg_after(s, si, &msg, to, ret);
7846 :
7847 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7848 : {
7849 1844734 : int saved_errno = errno;
7850 1844734 : SAFE_FREE(msg.msg_control);
7851 1844734 : errno = saved_errno;
7852 : }
7853 : #endif
7854 :
7855 1844734 : return ret;
7856 : }
7857 :
7858 : ssize_t sendmsg(int s, const struct msghdr *omsg, int flags)
7859 : {
7860 2396149 : return swrap_sendmsg(s, omsg, flags);
7861 : }
7862 :
7863 : /****************************************************************************
7864 : * SENDMMSG
7865 : ***************************************************************************/
7866 :
7867 : #ifdef HAVE_SENDMMSG
7868 : #if defined(HAVE_SENDMMSG_SSIZE_T)
7869 : /* FreeBSD */
7870 : static ssize_t swrap_sendmmsg(int s, struct mmsghdr *omsgvec, size_t _vlen, int flags)
7871 : #else
7872 : /* Linux */
7873 69 : static int swrap_sendmmsg(int s, struct mmsghdr *omsgvec, unsigned int _vlen, int flags)
7874 : #endif
7875 : {
7876 69 : struct socket_info *si = find_socket_info(s);
7877 : #define __SWRAP_SENDMMSG_MAX_VLEN 16
7878 69 : struct mmsghdr msgvec[__SWRAP_SENDMMSG_MAX_VLEN] = {};
7879 0 : struct {
7880 : struct iovec iov;
7881 : struct sockaddr_un un_addr;
7882 : const struct sockaddr_un *to_un;
7883 : const struct sockaddr *to;
7884 : int bcast;
7885 69 : } tmp[__SWRAP_SENDMMSG_MAX_VLEN] = {};
7886 0 : int vlen;
7887 0 : int i;
7888 69 : char *swrap_dir = NULL;
7889 69 : int connected = 0;
7890 69 : int found_bcast = 0;
7891 0 : int ret;
7892 0 : int rc;
7893 0 : int saved_errno;
7894 :
7895 69 : if (_vlen > __SWRAP_SENDMMSG_MAX_VLEN) {
7896 0 : vlen = __SWRAP_SENDMMSG_MAX_VLEN;
7897 : } else {
7898 69 : vlen = _vlen;
7899 : }
7900 :
7901 69 : if (!si) {
7902 : int scm_rights_pipe_fd[__SWRAP_SENDMMSG_MAX_VLEN];
7903 :
7904 0 : for (i = 0; i < __SWRAP_SENDMMSG_MAX_VLEN; i++) {
7905 0 : scm_rights_pipe_fd[i] = -1;
7906 : }
7907 :
7908 0 : for (i = 0; i < vlen; i++) {
7909 0 : struct msghdr *omsg = &omsgvec[i].msg_hdr;
7910 0 : struct msghdr *msg = &msgvec[i].msg_hdr;
7911 :
7912 0 : rc = swrap_sendmsg_before_unix(omsg, msg,
7913 : &scm_rights_pipe_fd[i]);
7914 0 : if (rc < 0) {
7915 0 : ret = rc;
7916 0 : goto fail_libc;
7917 : }
7918 : }
7919 :
7920 0 : ret = libc_sendmmsg(s, msgvec, vlen, flags);
7921 0 : if (ret < 0) {
7922 0 : goto fail_libc;
7923 : }
7924 :
7925 0 : for (i = 0; i < ret; i++) {
7926 0 : omsgvec[i].msg_len = msgvec[i].msg_len;
7927 : }
7928 :
7929 0 : fail_libc:
7930 0 : saved_errno = errno;
7931 0 : for (i = 0; i < vlen; i++) {
7932 0 : struct msghdr *msg = &msgvec[i].msg_hdr;
7933 :
7934 0 : swrap_sendmsg_after_unix(msg, ret,
7935 : scm_rights_pipe_fd[i]);
7936 : }
7937 0 : errno = saved_errno;
7938 :
7939 0 : return ret;
7940 : }
7941 :
7942 69 : SWRAP_LOCK_SI(si);
7943 69 : connected = si->connected;
7944 69 : SWRAP_UNLOCK_SI(si);
7945 :
7946 110 : for (i = 0; i < vlen; i++) {
7947 41 : struct msghdr *omsg = &omsgvec[i].msg_hdr;
7948 41 : struct msghdr *msg = &msgvec[i].msg_hdr;
7949 :
7950 41 : if (connected == 0) {
7951 0 : msg->msg_name = omsg->msg_name; /* optional address */
7952 0 : msg->msg_namelen = omsg->msg_namelen; /* size of address */
7953 : }
7954 41 : msg->msg_iov = omsg->msg_iov; /* scatter/gather array */
7955 41 : msg->msg_iovlen = omsg->msg_iovlen; /* # elements in msg_iov */
7956 :
7957 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
7958 41 : if (omsg->msg_controllen > 0 && omsg->msg_control != NULL) {
7959 0 : uint8_t *cmbuf = NULL;
7960 0 : size_t cmlen = 0;
7961 :
7962 0 : rc = swrap_sendmsg_filter_cmsghdr(omsg, &cmbuf, &cmlen);
7963 0 : if (rc < 0) {
7964 0 : ret = rc;
7965 0 : goto fail_swrap;
7966 : }
7967 :
7968 0 : if (cmlen != 0) {
7969 0 : msg->msg_control = cmbuf;
7970 0 : msg->msg_controllen = cmlen;
7971 : }
7972 : }
7973 41 : msg->msg_flags = omsg->msg_flags; /* flags on received message */
7974 : #endif
7975 :
7976 41 : rc = swrap_sendmsg_before(s, si, msg,
7977 : &tmp[i].iov,
7978 : &tmp[i].un_addr,
7979 : &tmp[i].to_un,
7980 : &tmp[i].to,
7981 : &tmp[i].bcast);
7982 41 : if (rc < 0) {
7983 0 : ret = rc;
7984 0 : goto fail_swrap;
7985 : }
7986 :
7987 41 : if (tmp[i].bcast) {
7988 0 : found_bcast = 1;
7989 : }
7990 : }
7991 :
7992 69 : if (found_bcast) {
7993 :
7994 0 : swrap_dir = socket_wrapper_dir();
7995 0 : if (swrap_dir == NULL) {
7996 0 : ret = -1;
7997 0 : goto fail_swrap;
7998 : }
7999 :
8000 0 : for (i = 0; i < vlen; i++) {
8001 0 : struct msghdr *msg = &msgvec[i].msg_hdr;
8002 0 : struct sockaddr_un *un_addr = &tmp[i].un_addr;
8003 0 : const struct sockaddr *to = tmp[i].to;
8004 0 : struct stat st;
8005 0 : unsigned int iface;
8006 0 : unsigned int prt = ntohs(((const struct sockaddr_in *)(const void *)to)->sin_port);
8007 0 : char type;
8008 0 : size_t l, len = 0;
8009 0 : uint8_t *buf;
8010 0 : off_t ofs = 0;
8011 0 : size_t avail = 0;
8012 0 : size_t remain;
8013 :
8014 0 : for (l = 0; l < (size_t)msg->msg_iovlen; l++) {
8015 0 : avail += msg->msg_iov[l].iov_len;
8016 : }
8017 :
8018 0 : len = avail;
8019 0 : remain = avail;
8020 :
8021 : /* we capture it as one single packet */
8022 0 : buf = (uint8_t *)malloc(remain);
8023 0 : if (!buf) {
8024 0 : ret = -1;
8025 0 : goto fail_swrap;
8026 : }
8027 :
8028 0 : for (l = 0; l < (size_t)msg->msg_iovlen; l++) {
8029 0 : size_t this_time = MIN(remain, (size_t)msg->msg_iov[l].iov_len);
8030 0 : memcpy(buf + ofs,
8031 0 : msg->msg_iov[l].iov_base,
8032 : this_time);
8033 0 : ofs += this_time;
8034 0 : remain -= this_time;
8035 : }
8036 :
8037 0 : type = SOCKET_TYPE_CHAR_UDP;
8038 :
8039 0 : for(iface=0; iface <= MAX_WRAPPED_INTERFACES; iface++) {
8040 0 : swrap_un_path(un_addr, swrap_dir, type, iface, prt);
8041 0 : if (stat(un_addr->sun_path, &st) != 0) continue;
8042 :
8043 0 : msg->msg_name = un_addr; /* optional address */
8044 0 : msg->msg_namelen = sizeof(*un_addr); /* size of address */
8045 :
8046 : /*
8047 : * ignore the any errors in broadcast sends and
8048 : * do a single sendmsg instead of sendmmsg
8049 : */
8050 0 : libc_sendmsg(s, msg, flags);
8051 : }
8052 :
8053 0 : SWRAP_LOCK_SI(si);
8054 0 : swrap_pcap_dump_packet(si, to, SWRAP_SENDTO, buf, len);
8055 0 : SWRAP_UNLOCK_SI(si);
8056 :
8057 0 : SAFE_FREE(buf);
8058 :
8059 0 : msgvec[i].msg_len = len;
8060 : }
8061 :
8062 0 : ret = vlen;
8063 0 : goto bcast_done;
8064 : }
8065 :
8066 69 : ret = libc_sendmmsg(s, msgvec, vlen, flags);
8067 69 : if (ret < 0) {
8068 0 : goto fail_swrap;
8069 : }
8070 :
8071 69 : bcast_done:
8072 110 : for (i = 0; i < ret; i++) {
8073 41 : omsgvec[i].msg_len = msgvec[i].msg_len;
8074 : }
8075 :
8076 69 : fail_swrap:
8077 69 : saved_errno = errno;
8078 110 : for (i = 0; i < vlen; i++) {
8079 41 : struct msghdr *msg = &msgvec[i].msg_hdr;
8080 :
8081 41 : if (i == 0 || i < ret) {
8082 41 : swrap_sendmsg_after(s, si, msg, tmp[i].to, ret);
8083 : }
8084 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
8085 41 : SAFE_FREE(msg->msg_control);
8086 : #endif
8087 : }
8088 69 : SAFE_FREE(swrap_dir);
8089 69 : errno = saved_errno;
8090 :
8091 69 : return ret;
8092 : }
8093 :
8094 : #if defined(HAVE_SENDMMSG_SSIZE_T)
8095 : /* FreeBSD */
8096 : ssize_t sendmmsg(int s, struct mmsghdr *msgvec, size_t vlen, int flags)
8097 : #else
8098 : /* Linux */
8099 : int sendmmsg(int s, struct mmsghdr *msgvec, unsigned int vlen, int flags)
8100 : #endif
8101 : {
8102 13 : return swrap_sendmmsg(s, msgvec, vlen, flags);
8103 : }
8104 : #endif /* HAVE_SENDMMSG */
8105 :
8106 : /****************************************************************************
8107 : * READV
8108 : ***************************************************************************/
8109 :
8110 13904376 : static ssize_t swrap_readv(int s, const struct iovec *vector, int count)
8111 : {
8112 43418 : struct socket_info *si;
8113 43418 : struct msghdr msg;
8114 43418 : struct iovec tmp;
8115 13904376 : struct swrap_address saddr = {
8116 : .sa_socklen = sizeof(struct sockaddr_storage)
8117 : };
8118 43418 : ssize_t ret;
8119 43418 : int rc;
8120 :
8121 13904376 : si = find_socket_info(s);
8122 13874601 : if (si == NULL) {
8123 3711168 : return libc_readv(s, vector, count);
8124 : }
8125 :
8126 10193208 : tmp.iov_base = NULL;
8127 10193208 : tmp.iov_len = 0;
8128 :
8129 10193208 : ZERO_STRUCT(msg);
8130 10193208 : msg.msg_name = &saddr.sa.s; /* optional address */
8131 10193208 : msg.msg_namelen = saddr.sa_socklen; /* size of address */
8132 10193208 : msg.msg_iov = discard_const_p(struct iovec, vector); /* scatter/gather array */
8133 10193208 : msg.msg_iovlen = count; /* # elements in msg_iov */
8134 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
8135 10193208 : msg.msg_control = NULL; /* ancillary data, see below */
8136 10193208 : msg.msg_controllen = 0; /* ancillary data buffer len */
8137 10193208 : msg.msg_flags = 0; /* flags on received message */
8138 : #endif
8139 :
8140 10193208 : rc = swrap_recvmsg_before(s, si, &msg, &tmp);
8141 10193208 : if (rc < 0) {
8142 0 : if (rc == -ENOTSOCK) {
8143 0 : return libc_readv(s, vector, count);
8144 : }
8145 0 : return -1;
8146 : }
8147 :
8148 10193208 : ret = libc_readv(s, msg.msg_iov, msg.msg_iovlen);
8149 :
8150 10193208 : rc = swrap_recvmsg_after(s, si, &msg, NULL, 0, ret);
8151 10193208 : if (rc != 0) {
8152 0 : return rc;
8153 : }
8154 :
8155 10179565 : return ret;
8156 : }
8157 :
8158 : ssize_t readv(int s, const struct iovec *vector, int count)
8159 : {
8160 13904376 : return swrap_readv(s, vector, count);
8161 : }
8162 :
8163 : /****************************************************************************
8164 : * WRITEV
8165 : ***************************************************************************/
8166 :
8167 13743293 : static ssize_t swrap_writev(int s, const struct iovec *vector, int count)
8168 : {
8169 60128 : struct msghdr msg;
8170 60128 : struct iovec tmp;
8171 60128 : struct sockaddr_un un_addr;
8172 60128 : ssize_t ret;
8173 60128 : int rc;
8174 13743293 : struct socket_info *si = find_socket_info(s);
8175 :
8176 13724607 : if (!si) {
8177 2606545 : return libc_writev(s, vector, count);
8178 : }
8179 :
8180 11136748 : tmp.iov_base = NULL;
8181 11136748 : tmp.iov_len = 0;
8182 :
8183 11136748 : ZERO_STRUCT(msg);
8184 11136748 : msg.msg_name = NULL; /* optional address */
8185 11136748 : msg.msg_namelen = 0; /* size of address */
8186 11136748 : msg.msg_iov = discard_const_p(struct iovec, vector); /* scatter/gather array */
8187 11136748 : msg.msg_iovlen = count; /* # elements in msg_iov */
8188 : #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
8189 11136748 : msg.msg_control = NULL; /* ancillary data, see below */
8190 11136748 : msg.msg_controllen = 0; /* ancillary data buffer len */
8191 11136748 : msg.msg_flags = 0; /* flags on received message */
8192 : #endif
8193 :
8194 11136748 : rc = swrap_sendmsg_before(s, si, &msg, &tmp, &un_addr, NULL, NULL, NULL);
8195 11136748 : if (rc < 0) {
8196 0 : if (rc == -ENOTSOCK) {
8197 0 : return libc_readv(s, vector, count);
8198 : }
8199 0 : return -1;
8200 : }
8201 :
8202 11136748 : ret = libc_writev(s, msg.msg_iov, msg.msg_iovlen);
8203 :
8204 11136748 : swrap_sendmsg_after(s, si, &msg, NULL, ret);
8205 :
8206 11136748 : return ret;
8207 : }
8208 :
8209 : ssize_t writev(int s, const struct iovec *vector, int count)
8210 : {
8211 13743293 : return swrap_writev(s, vector, count);
8212 : }
8213 :
8214 : /****************************
8215 : * CLOSE
8216 : ***************************/
8217 :
8218 83426479 : static int swrap_remove_wrapper(const char *__func_name,
8219 : int (*__close_fd_fn)(int fd),
8220 : int fd)
8221 : {
8222 83426479 : struct socket_info *si = NULL;
8223 3449323 : int si_index;
8224 83426479 : int ret_errno = errno;
8225 3449323 : int ret;
8226 :
8227 83426479 : swrap_mutex_lock(&socket_reset_mutex);
8228 :
8229 83426480 : si_index = find_socket_info_index(fd);
8230 83426480 : if (si_index == -1) {
8231 81405079 : swrap_mutex_unlock(&socket_reset_mutex);
8232 81405079 : return __close_fd_fn(fd);
8233 : }
8234 :
8235 2021401 : swrap_log(SWRAP_LOG_TRACE, __func_name, "Remove wrapper for fd=%d", fd);
8236 2021401 : reset_socket_info_index(fd);
8237 :
8238 2021401 : si = swrap_get_socket_info(si_index);
8239 :
8240 2021401 : swrap_mutex_lock(&first_free_mutex);
8241 2021401 : SWRAP_LOCK_SI(si);
8242 :
8243 2021401 : ret = __close_fd_fn(fd);
8244 2021401 : if (ret == -1) {
8245 0 : ret_errno = errno;
8246 : }
8247 :
8248 2021401 : swrap_dec_refcount(si);
8249 :
8250 2021401 : if (swrap_get_refcount(si) > 0) {
8251 : /* there are still references left */
8252 16005 : goto out;
8253 : }
8254 :
8255 2005396 : if (si->fd_passed) {
8256 1944 : goto set_next_free;
8257 : }
8258 :
8259 2003452 : if (si->myname.sa_socklen > 0 && si->peername.sa_socklen > 0) {
8260 374361 : swrap_pcap_dump_packet(si, NULL, SWRAP_CLOSE_SEND, NULL, 0);
8261 : }
8262 :
8263 2003452 : if (si->myname.sa_socklen > 0 && si->peername.sa_socklen > 0) {
8264 374361 : swrap_pcap_dump_packet(si, NULL, SWRAP_CLOSE_RECV, NULL, 0);
8265 374361 : swrap_pcap_dump_packet(si, NULL, SWRAP_CLOSE_ACK, NULL, 0);
8266 : }
8267 :
8268 2003452 : if (si->un_addr.sun_path[0] != '\0') {
8269 210543 : unlink(si->un_addr.sun_path);
8270 : }
8271 :
8272 1792909 : set_next_free:
8273 2005396 : swrap_set_next_free(si, first_free);
8274 2005396 : first_free = si_index;
8275 :
8276 2021401 : out:
8277 2021401 : SWRAP_UNLOCK_SI(si);
8278 2021401 : swrap_mutex_unlock(&first_free_mutex);
8279 2021401 : swrap_mutex_unlock(&socket_reset_mutex);
8280 :
8281 2021401 : errno = ret_errno;
8282 2021401 : return ret;
8283 : }
8284 :
8285 16055968 : static int swrap_noop_close(int fd)
8286 : {
8287 335090 : (void)fd; /* unused */
8288 16055968 : return 0;
8289 : }
8290 :
8291 16055968 : static void swrap_remove_stale(int fd)
8292 : {
8293 16051017 : swrap_remove_wrapper(__func__, swrap_noop_close, fd);
8294 16017626 : }
8295 :
8296 : /*
8297 : * This allows socket_wrapper aware applications to
8298 : * indicate that the given fd does not belong to
8299 : * an inet socket.
8300 : *
8301 : * We already overload a lot of unrelated functions
8302 : * like eventfd(), timerfd_create(), ... in order to
8303 : * call swrap_remove_stale() on the returned fd, but
8304 : * we'll never be able to handle all possible syscalls.
8305 : *
8306 : * socket_wrapper_indicate_no_inet_fd() gives them a way
8307 : * to do the same.
8308 : *
8309 : * We don't export swrap_remove_stale() in order to
8310 : * make it easier to analyze SOCKET_WRAPPER_DEBUGLEVEL=3
8311 : * log files.
8312 : */
8313 0 : void socket_wrapper_indicate_no_inet_fd(int fd)
8314 : {
8315 0 : swrap_remove_wrapper(__func__, swrap_noop_close, fd);
8316 0 : }
8317 :
8318 67370512 : static int swrap_close(int fd)
8319 : {
8320 67370512 : return swrap_remove_wrapper(__func__, libc_close, fd);
8321 : }
8322 :
8323 : int close(int fd)
8324 : {
8325 67365098 : return swrap_close(fd);
8326 : }
8327 :
8328 : #ifdef HAVE___CLOSE_NOCANCEL
8329 :
8330 0 : static int swrap___close_nocancel(int fd)
8331 : {
8332 0 : return swrap_remove_wrapper(__func__, libc___close_nocancel, fd);
8333 : }
8334 :
8335 : int __close_nocancel(int fd);
8336 0 : int __close_nocancel(int fd)
8337 : {
8338 0 : return swrap___close_nocancel(fd);
8339 : }
8340 :
8341 : #endif /* HAVE___CLOSE_NOCANCEL */
8342 :
8343 : /****************************
8344 : * DUP
8345 : ***************************/
8346 :
8347 165776 : static int swrap_dup(int fd)
8348 : {
8349 3530 : struct socket_info *si;
8350 3530 : int dup_fd, idx;
8351 :
8352 165776 : idx = find_socket_info_index(fd);
8353 165776 : if (idx == -1) {
8354 149771 : return libc_dup(fd);
8355 : }
8356 :
8357 16005 : si = swrap_get_socket_info(idx);
8358 :
8359 16005 : dup_fd = libc_dup(fd);
8360 16005 : if (dup_fd == -1) {
8361 3530 : int saved_errno = errno;
8362 0 : errno = saved_errno;
8363 0 : return -1;
8364 : }
8365 :
8366 16005 : if ((size_t)dup_fd >= socket_fds_max) {
8367 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
8368 : "The max socket index limit of %zu has been reached, "
8369 : "trying to add %d",
8370 : socket_fds_max,
8371 : dup_fd);
8372 0 : libc_close(dup_fd);
8373 0 : errno = EMFILE;
8374 0 : return -1;
8375 : }
8376 :
8377 16005 : SWRAP_LOCK_SI(si);
8378 :
8379 16005 : swrap_inc_refcount(si);
8380 :
8381 16005 : SWRAP_UNLOCK_SI(si);
8382 :
8383 : /* Make sure we don't have an entry for the fd */
8384 16005 : swrap_remove_stale(dup_fd);
8385 :
8386 16005 : set_socket_info_index(dup_fd, idx);
8387 :
8388 16005 : return dup_fd;
8389 : }
8390 :
8391 : int dup(int fd)
8392 : {
8393 165776 : return swrap_dup(fd);
8394 : }
8395 :
8396 : /****************************
8397 : * DUP2
8398 : ***************************/
8399 :
8400 381945 : static int swrap_dup2(int fd, int newfd)
8401 : {
8402 8486 : struct socket_info *si;
8403 8486 : int dup_fd, idx;
8404 :
8405 381945 : idx = find_socket_info_index(fd);
8406 381945 : if (idx == -1) {
8407 381945 : return libc_dup2(fd, newfd);
8408 : }
8409 :
8410 0 : si = swrap_get_socket_info(idx);
8411 :
8412 0 : if (fd == newfd) {
8413 : /*
8414 : * According to the manpage:
8415 : *
8416 : * "If oldfd is a valid file descriptor, and newfd has the same
8417 : * value as oldfd, then dup2() does nothing, and returns newfd."
8418 : */
8419 0 : return newfd;
8420 : }
8421 :
8422 0 : if ((size_t)newfd >= socket_fds_max) {
8423 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
8424 : "The max socket index limit of %zu has been reached, "
8425 : "trying to add %d",
8426 : socket_fds_max,
8427 : newfd);
8428 0 : errno = EMFILE;
8429 0 : return -1;
8430 : }
8431 :
8432 0 : if (find_socket_info(newfd)) {
8433 : /* dup2() does an implicit close of newfd, which we
8434 : * need to emulate */
8435 0 : swrap_close(newfd);
8436 : }
8437 :
8438 0 : dup_fd = libc_dup2(fd, newfd);
8439 0 : if (dup_fd == -1) {
8440 8486 : int saved_errno = errno;
8441 0 : errno = saved_errno;
8442 0 : return -1;
8443 : }
8444 :
8445 0 : SWRAP_LOCK_SI(si);
8446 :
8447 0 : swrap_inc_refcount(si);
8448 :
8449 0 : SWRAP_UNLOCK_SI(si);
8450 :
8451 : /* Make sure we don't have an entry for the fd */
8452 0 : swrap_remove_stale(dup_fd);
8453 :
8454 0 : set_socket_info_index(dup_fd, idx);
8455 :
8456 0 : return dup_fd;
8457 : }
8458 :
8459 : int dup2(int fd, int newfd)
8460 : {
8461 381945 : return swrap_dup2(fd, newfd);
8462 : }
8463 :
8464 : /****************************
8465 : * FCNTL
8466 : ***************************/
8467 :
8468 308217405 : static int swrap_vfcntl(int fd, int cmd, va_list va)
8469 : {
8470 15559828 : struct socket_info *si;
8471 15559828 : int rc, dup_fd, idx;
8472 :
8473 308217405 : idx = find_socket_info_index(fd);
8474 308217408 : if (idx == -1) {
8475 321303703 : return libc_vfcntl(fd, cmd, va);
8476 : }
8477 :
8478 2427546 : si = swrap_get_socket_info(idx);
8479 :
8480 2427546 : switch (cmd) {
8481 0 : case F_DUPFD:
8482 0 : dup_fd = libc_vfcntl(fd, cmd, va);
8483 0 : if (dup_fd == -1) {
8484 15559837 : int saved_errno = errno;
8485 0 : errno = saved_errno;
8486 0 : return -1;
8487 : }
8488 :
8489 : /* Make sure we don't have an entry for the fd */
8490 0 : swrap_remove_stale(dup_fd);
8491 :
8492 0 : if ((size_t)dup_fd >= socket_fds_max) {
8493 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
8494 : "The max socket index limit of %zu has been reached, "
8495 : "trying to add %d",
8496 : socket_fds_max,
8497 : dup_fd);
8498 0 : libc_close(dup_fd);
8499 0 : errno = EMFILE;
8500 0 : return -1;
8501 : }
8502 :
8503 0 : SWRAP_LOCK_SI(si);
8504 :
8505 0 : swrap_inc_refcount(si);
8506 :
8507 0 : SWRAP_UNLOCK_SI(si);
8508 :
8509 :
8510 0 : set_socket_info_index(dup_fd, idx);
8511 :
8512 0 : rc = dup_fd;
8513 0 : break;
8514 2381554 : default:
8515 2427546 : rc = libc_vfcntl(fd, cmd, va);
8516 2427546 : break;
8517 : }
8518 :
8519 2381554 : return rc;
8520 : }
8521 :
8522 : #undef fcntl /* Needed for LFS handling */
8523 : int fcntl(int fd, int cmd, ...)
8524 : {
8525 15559828 : va_list va;
8526 15559828 : int rc;
8527 :
8528 308217405 : va_start(va, cmd);
8529 :
8530 308217405 : rc = swrap_vfcntl(fd, cmd, va);
8531 :
8532 308217414 : va_end(va);
8533 :
8534 308217414 : return rc;
8535 : }
8536 :
8537 : /****************************
8538 : * FCNTL64
8539 : ***************************/
8540 :
8541 : #ifdef HAVE_FCNTL64
8542 64140 : static int swrap_vfcntl64(int fd, int cmd, va_list va)
8543 : {
8544 1345 : struct socket_info *si;
8545 1345 : int rc, dup_fd, idx;
8546 :
8547 64140 : idx = find_socket_info_index(fd);
8548 64140 : if (idx == -1) {
8549 65485 : return libc_vfcntl64(fd, cmd, va);
8550 : }
8551 :
8552 0 : si = swrap_get_socket_info(idx);
8553 :
8554 0 : switch (cmd) {
8555 0 : case F_DUPFD:
8556 0 : dup_fd = libc_vfcntl64(fd, cmd, va);
8557 0 : if (dup_fd == -1) {
8558 1345 : int saved_errno = errno;
8559 0 : errno = saved_errno;
8560 0 : return -1;
8561 : }
8562 :
8563 : /* Make sure we don't have an entry for the fd */
8564 0 : swrap_remove_stale(dup_fd);
8565 :
8566 0 : if ((size_t)dup_fd >= socket_fds_max) {
8567 0 : SWRAP_LOG(SWRAP_LOG_ERROR,
8568 : "The max socket index limit of %zu has been reached, "
8569 : "trying to add %d",
8570 : socket_fds_max,
8571 : dup_fd);
8572 0 : libc_close(dup_fd);
8573 0 : errno = EMFILE;
8574 0 : return -1;
8575 : }
8576 :
8577 0 : SWRAP_LOCK_SI(si);
8578 :
8579 0 : swrap_inc_refcount(si);
8580 :
8581 0 : SWRAP_UNLOCK_SI(si);
8582 :
8583 :
8584 0 : set_socket_info_index(dup_fd, idx);
8585 :
8586 0 : rc = dup_fd;
8587 0 : break;
8588 0 : default:
8589 0 : rc = libc_vfcntl64(fd, cmd, va);
8590 0 : break;
8591 : }
8592 :
8593 0 : return rc;
8594 : }
8595 :
8596 : int fcntl64(int fd, int cmd, ...)
8597 : {
8598 1345 : va_list va;
8599 1345 : int rc;
8600 :
8601 64140 : va_start(va, cmd);
8602 :
8603 64140 : rc = swrap_vfcntl64(fd, cmd, va);
8604 :
8605 64140 : va_end(va);
8606 :
8607 64140 : return rc;
8608 : }
8609 : #endif
8610 :
8611 : /****************************
8612 : * EVENTFD
8613 : ***************************/
8614 :
8615 : #ifdef HAVE_EVENTFD
8616 48910 : static int swrap_eventfd(int count, int flags)
8617 : {
8618 937 : int fd;
8619 :
8620 48910 : fd = libc_eventfd(count, flags);
8621 48910 : if (fd != -1) {
8622 48910 : swrap_remove_stale(fd);
8623 : }
8624 :
8625 48910 : return fd;
8626 : }
8627 :
8628 : #ifdef HAVE_EVENTFD_UNSIGNED_INT
8629 : int eventfd(unsigned int count, int flags)
8630 : #else
8631 : int eventfd(int count, int flags)
8632 : #endif
8633 : {
8634 48910 : return swrap_eventfd(count, flags);
8635 : }
8636 : #endif
8637 :
8638 : #ifdef HAVE_PLEDGE
8639 : int pledge(const char *promises, const char *paths[])
8640 : {
8641 : (void)promises; /* unused */
8642 : (void)paths; /* unused */
8643 :
8644 : return 0;
8645 : }
8646 : #endif /* HAVE_PLEDGE */
8647 :
8648 : #ifdef HAVE_SYSCALL
8649 36773747 : static bool swrap_is_swrap_related_syscall(long int sysno)
8650 : {
8651 36773747 : switch (sysno) {
8652 : #ifdef SYS_close
8653 330 : case SYS_close:
8654 330 : return true;
8655 : #endif /* SYS_close */
8656 :
8657 : #ifdef SYS_recvmmsg
8658 0 : case SYS_recvmmsg:
8659 0 : return true;
8660 : #endif /* SYS_recvmmsg */
8661 :
8662 : #ifdef SYS_sendmmsg
8663 56 : case SYS_sendmmsg:
8664 56 : return true;
8665 : #endif /* SYS_sendmmsg */
8666 :
8667 36691429 : default:
8668 36773361 : return false;
8669 : }
8670 : }
8671 :
8672 386 : static long int swrap_syscall(long int sysno, va_list vp)
8673 : {
8674 0 : long int rc;
8675 :
8676 386 : switch (sysno) {
8677 : #ifdef SYS_close
8678 330 : case SYS_close:
8679 : {
8680 330 : int fd = (int)va_arg(vp, int);
8681 :
8682 330 : SWRAP_LOG(SWRAP_LOG_TRACE,
8683 : "calling swrap_close syscall %lu",
8684 : sysno);
8685 330 : rc = swrap_close(fd);
8686 : }
8687 330 : break;
8688 : #endif /* SYS_close */
8689 :
8690 : #ifdef SYS_recvmmsg
8691 0 : case SYS_recvmmsg:
8692 : {
8693 0 : int fd = (int)va_arg(vp, int);
8694 0 : struct mmsghdr *msgvec = va_arg(vp, struct mmsghdr *);
8695 0 : unsigned int vlen = va_arg(vp, unsigned int);
8696 0 : int flags = va_arg(vp, int);
8697 0 : struct timespec *timeout = va_arg(vp, struct timespec *);
8698 :
8699 0 : SWRAP_LOG(SWRAP_LOG_TRACE,
8700 : "calling swrap_recvmmsg syscall %lu",
8701 : sysno);
8702 0 : rc = swrap_recvmmsg(fd, msgvec, vlen, flags, timeout);
8703 : }
8704 0 : break;
8705 : #endif /* SYS_recvmmsg */
8706 :
8707 : #ifdef SYS_sendmmsg
8708 56 : case SYS_sendmmsg:
8709 : {
8710 56 : int fd = (int)va_arg(vp, int);
8711 56 : struct mmsghdr *msgvec = va_arg(vp, struct mmsghdr *);
8712 56 : unsigned int vlen = va_arg(vp, unsigned int);
8713 56 : int flags = va_arg(vp, int);
8714 :
8715 56 : SWRAP_LOG(SWRAP_LOG_TRACE,
8716 : "calling swrap_sendmmsg syscall %lu",
8717 : sysno);
8718 56 : rc = swrap_sendmmsg(fd, msgvec, vlen, flags);
8719 : }
8720 56 : break;
8721 : #endif /* SYS_sendmmsg */
8722 :
8723 0 : default:
8724 0 : rc = -1;
8725 0 : errno = ENOSYS;
8726 0 : break;
8727 : }
8728 :
8729 386 : return rc;
8730 : }
8731 :
8732 : #ifdef HAVE_SYSCALL_INT
8733 : int syscall(int sysno, ...)
8734 : #else
8735 : long int syscall(long int sysno, ...)
8736 : #endif
8737 : {
8738 : #ifdef HAVE_SYSCALL_INT
8739 : int rc;
8740 : #else
8741 81932 : long int rc;
8742 : #endif
8743 81932 : va_list va;
8744 :
8745 36773747 : va_start(va, sysno);
8746 :
8747 : /*
8748 : * We should only handle the syscall numbers
8749 : * we care about...
8750 : */
8751 36773747 : if (!swrap_is_swrap_related_syscall(sysno)) {
8752 : /*
8753 : * We need to give socket_wrapper a
8754 : * chance to take over...
8755 : */
8756 36773361 : if (swrap_uwrap_syscall_valid(sysno)) {
8757 36023727 : rc = swrap_uwrap_syscall_va(sysno, va);
8758 36023727 : va_end(va);
8759 36023727 : return rc;
8760 : }
8761 :
8762 749634 : rc = libc_vsyscall(sysno, va);
8763 749634 : va_end(va);
8764 749634 : return rc;
8765 : }
8766 :
8767 386 : if (!socket_wrapper_enabled()) {
8768 0 : rc = libc_vsyscall(sysno, va);
8769 0 : va_end(va);
8770 0 : return rc;
8771 : }
8772 :
8773 386 : rc = swrap_syscall(sysno, va);
8774 386 : va_end(va);
8775 :
8776 386 : return rc;
8777 : }
8778 :
8779 : /* used by uid_wrapper */
8780 : bool socket_wrapper_syscall_valid(long int sysno);
8781 0 : bool socket_wrapper_syscall_valid(long int sysno)
8782 : {
8783 0 : if (!swrap_is_swrap_related_syscall(sysno)) {
8784 0 : return false;
8785 : }
8786 :
8787 0 : if (!socket_wrapper_enabled()) {
8788 0 : return false;
8789 : }
8790 :
8791 0 : return true;
8792 : }
8793 :
8794 : /* used by uid_wrapper */
8795 : long int socket_wrapper_syscall_va(long int sysno, va_list va);
8796 0 : long int socket_wrapper_syscall_va(long int sysno, va_list va)
8797 : {
8798 0 : if (!swrap_is_swrap_related_syscall(sysno)) {
8799 0 : errno = ENOSYS;
8800 0 : return -1;
8801 : }
8802 :
8803 0 : if (!socket_wrapper_enabled()) {
8804 0 : return libc_vsyscall(sysno, va);
8805 : }
8806 :
8807 0 : return swrap_syscall(sysno, va);
8808 : }
8809 : #endif /* HAVE_SYSCALL */
8810 :
8811 1324541 : static void swrap_thread_prepare(void)
8812 : {
8813 : /*
8814 : * This function should only be called here!!
8815 : *
8816 : * We bind all symobls to avoid deadlocks of the fork is
8817 : * interrupted by a signal handler using a symbol of this
8818 : * library.
8819 : */
8820 1324541 : swrap_bind_symbol_all();
8821 :
8822 1324541 : SWRAP_LOCK_ALL;
8823 1324541 : }
8824 :
8825 1315764 : static void swrap_thread_parent(void)
8826 : {
8827 1315764 : SWRAP_UNLOCK_ALL;
8828 1315764 : }
8829 :
8830 8777 : static void swrap_thread_child(void)
8831 : {
8832 8777 : SWRAP_REINIT_ALL;
8833 8777 : }
8834 :
8835 : /****************************
8836 : * CONSTRUCTOR
8837 : ***************************/
8838 169485 : void swrap_constructor(void)
8839 : {
8840 4847 : if (PIPE_BUF < sizeof(struct swrap_unix_scm_rights)) {
8841 : SWRAP_LOG(SWRAP_LOG_ERROR,
8842 : "PIPE_BUF=%zu < "
8843 : "sizeof(struct swrap_unix_scm_rights)=%zu\n"
8844 : "sizeof(struct swrap_unix_scm_rights_payload)=%zu "
8845 : "sizeof(struct socket_info)=%zu",
8846 : (size_t)PIPE_BUF,
8847 : sizeof(struct swrap_unix_scm_rights),
8848 : sizeof(struct swrap_unix_scm_rights_payload),
8849 : sizeof(struct socket_info));
8850 : exit(-1);
8851 : }
8852 :
8853 169485 : SWRAP_REINIT_ALL;
8854 :
8855 : /*
8856 : * If we hold a lock and the application forks, then the child
8857 : * is not able to unlock the mutex and we are in a deadlock.
8858 : * This should prevent such deadlocks.
8859 : */
8860 169485 : pthread_atfork(&swrap_thread_prepare,
8861 : &swrap_thread_parent,
8862 : &swrap_thread_child);
8863 169485 : }
8864 :
8865 : /****************************
8866 : * DESTRUCTOR
8867 : ***************************/
8868 :
8869 : /*
8870 : * This function is called when the library is unloaded and makes sure that
8871 : * sockets get closed and the unix file for the socket are unlinked.
8872 : */
8873 217665 : void swrap_destructor(void)
8874 : {
8875 5779 : size_t i;
8876 :
8877 217665 : if (socket_fds_idx != NULL) {
8878 23075485807 : for (i = 0; i < socket_fds_max; ++i) {
8879 23075397780 : if (socket_fds_idx[i] != -1) {
8880 319291552 : swrap_close(i);
8881 : }
8882 : }
8883 88027 : SAFE_FREE(socket_fds_idx);
8884 : }
8885 :
8886 217665 : SAFE_FREE(sockets);
8887 :
8888 217665 : if (swrap.libc.handle != NULL
8889 : #ifdef RTLD_NEXT
8890 217665 : && swrap.libc.handle != RTLD_NEXT
8891 : #endif
8892 : ) {
8893 217665 : dlclose(swrap.libc.handle);
8894 : }
8895 217665 : if (swrap.libc.socket_handle
8896 : #ifdef RTLD_NEXT
8897 5779 : && swrap.libc.socket_handle != RTLD_NEXT
8898 : #endif
8899 : ) {
8900 0 : dlclose(swrap.libc.socket_handle);
8901 : }
8902 217665 : }
8903 :
8904 : #if defined(HAVE__SOCKET) && defined(HAVE__CLOSE)
8905 : /*
8906 : * On FreeBSD 12 (and maybe other platforms)
8907 : * system libraries like libresolv prefix there
8908 : * syscalls with '_' in order to always use
8909 : * the symbols from libc.
8910 : *
8911 : * In the interaction with resolv_wrapper,
8912 : * we need to inject socket wrapper into libresolv,
8913 : * which means we need to private all socket
8914 : * related syscalls also with the '_' prefix.
8915 : *
8916 : * This is tested in Samba's 'make test',
8917 : * there we noticed that providing '_read',
8918 : * '_open' and '_close' would cause errors, which
8919 : * means we skip '_read', '_write' and
8920 : * all non socket related calls without
8921 : * further analyzing the problem.
8922 : */
8923 : #define SWRAP_SYMBOL_ALIAS(__sym, __aliassym) \
8924 : extern typeof(__sym) __aliassym __attribute__ ((alias(#__sym)))
8925 :
8926 : #ifdef HAVE_ACCEPT4
8927 : SWRAP_SYMBOL_ALIAS(accept4, _accept4);
8928 : #endif
8929 : SWRAP_SYMBOL_ALIAS(accept, _accept);
8930 : SWRAP_SYMBOL_ALIAS(bind, _bind);
8931 : SWRAP_SYMBOL_ALIAS(connect, _connect);
8932 : SWRAP_SYMBOL_ALIAS(dup, _dup);
8933 : SWRAP_SYMBOL_ALIAS(dup2, _dup2);
8934 : SWRAP_SYMBOL_ALIAS(fcntl, _fcntl);
8935 : SWRAP_SYMBOL_ALIAS(getpeername, _getpeername);
8936 : SWRAP_SYMBOL_ALIAS(getsockname, _getsockname);
8937 : SWRAP_SYMBOL_ALIAS(getsockopt, _getsockopt);
8938 : SWRAP_SYMBOL_ALIAS(ioctl, _ioctl);
8939 : SWRAP_SYMBOL_ALIAS(listen, _listen);
8940 : SWRAP_SYMBOL_ALIAS(readv, _readv);
8941 : SWRAP_SYMBOL_ALIAS(recv, _recv);
8942 : SWRAP_SYMBOL_ALIAS(recvfrom, _recvfrom);
8943 : SWRAP_SYMBOL_ALIAS(recvmsg, _recvmsg);
8944 : SWRAP_SYMBOL_ALIAS(send, _send);
8945 : SWRAP_SYMBOL_ALIAS(sendmsg, _sendmsg);
8946 : SWRAP_SYMBOL_ALIAS(sendto, _sendto);
8947 : SWRAP_SYMBOL_ALIAS(setsockopt, _setsockopt);
8948 : SWRAP_SYMBOL_ALIAS(socket, _socket);
8949 : SWRAP_SYMBOL_ALIAS(socketpair, _socketpair);
8950 : SWRAP_SYMBOL_ALIAS(writev, _writev);
8951 :
8952 : #endif /* SOCKET_WRAPPER_EXPORT_UNDERSCORE_SYMBOLS */
|