GCOV - Varnish Cache


/*-
 * Copyright (c) 2006 Verdens Gang AS
 * Copyright (c) 2006-2023 Varnish Software AS
 * All rights reserved.
 *
 * Author: Poul-Henning Kamp <phk@phk.freebsd.dk>
 * Author: Asad Sajjad Ahmed <asadsa@varnish-software.com>
 *
 * SPDX-License-Identifier: BSD-2-Clause
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * Acceptor socket management
 */

#include "config.h"

#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <sys/stat.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <pwd.h>
#include <grp.h>

#include "mgt/mgt.h"
#include "common/heritage.h"

#include "acceptor/cache_acceptor.h"
#include "acceptor/acceptor_uds.h"
#include "acceptor/mgt_acceptor.h"

#include "vsa.h"
#include "vus.h"

int
vca_uds_config(void)
{

        return (0);
}

static int
vca_vus_bind(void *priv, const struct sockaddr_un *uds)
{
        return (VUS_bind(uds, priv));
}

static int
vca_uds_opensocket(struct listen_sock *ls)
{
        int fail;
        const char *err;

        CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC);

        if (ls->sock > 0) {
                MCH_Fd_Inherit(ls->sock, NULL);
                closefd(&ls->sock);
        }

        ls->sock = VUS_resolver(ls->endpoint, vca_vus_bind, NULL, &err);
        fail = errno;

        if (ls->sock < 0) {
                AN(fail);
                return (fail);
        }

        if (ls->perms != NULL) {
                CHECK_OBJ(ls->perms, UDS_PERMS_MAGIC);
                assert(ls->uds);
                errno = 0;
                if (ls->perms->mode != 0 &&
                    chmod(ls->endpoint, ls->perms->mode) != 0)
                        return (errno);
                if (chown(ls->endpoint, ls->perms->uid, ls->perms->gid) != 0)
                        return (errno);
        }

        MCH_Fd_Inherit(ls->sock, "sock");
        return (0);
}

static int v_matchproto_(vus_resolved_f)
vca_uds_open_cb(void *priv, const struct sockaddr_un *uds)
{
        struct listen_arg *la;
        struct listen_sock *ls;
        int fail;

        CAST_OBJ_NOTNULL(la, priv, LISTEN_ARG_MAGIC);
        (void) uds;

        VTAILQ_FOREACH(ls, &UDS_acceptor.socks, vcalist) {
                CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC);

                if (strcmp(ls->endpoint, la->endpoint) == 0)
                        ARGV_ERR("-a arguments %s and %s have same address\n",
                            ls->endpoint, la->endpoint);
        }

        ALLOC_OBJ(ls, LISTEN_SOCK_MAGIC);
        AN(ls);

        ls->sock = -1;
        ls->vca = &UDS_acceptor;

        ls->addr = VSA_Clone(bogo_ip);
        AN(ls->addr);

        REPLACE(ls->endpoint, la->endpoint);
        ls->name = la->name;
        ls->transport = la->transport;
        ls->perms = la->perms;
        ls->uds = 1;

        VJ_master(JAIL_MASTER_PRIVPORT);
        fail = vca_uds_opensocket(ls);
        VJ_master(JAIL_MASTER_LOW);

        if (fail) {
                VSA_free(&ls->addr);
                free(ls->endpoint);
                FREE_OBJ(ls);
                if (fail != EAFNOSUPPORT)
                        ARGV_ERR("Could not get socket %s: %s\n",
                            la->endpoint, VAS_errtxt(fail));
                return (0);
        }

        VTAILQ_INSERT_TAIL(&la->socks, ls, arglist);
        VTAILQ_INSERT_TAIL(&heritage.socks, ls, list);
        VTAILQ_INSERT_TAIL(&UDS_acceptor.socks, ls, vcalist);

        return (0);
}

int
vca_uds_open(char **av, struct listen_arg *la, const char **err)
{

        const struct transport *xp = NULL;
        struct passwd *pwd = NULL;
        struct group *grp = NULL;
        struct uds_perms *perms;
        mode_t mode = 0;

        CHECK_OBJ_NOTNULL(la, LISTEN_ARG_MAGIC);
        AN(av);
        AN(err);

        if (*la->endpoint != '/' && strchr(la->endpoint, '/') != NULL)
                ARGV_ERR("Unix domain socket addresses must be"
                    " absolute paths in -a (%s)\n", la->endpoint);

        heritage.min_vcl_version = vmax(heritage.min_vcl_version, 41U);

        for (int i = 0; av[i] != NULL; i++) {
                char *eq, *val;
                int len;

                if ((eq = strchr(av[i], '=')) == NULL) {
                        if (xp != NULL)
                                ARGV_ERR("Too many protocol sub-args"
                                    " in -a (%s)\n", av[i]);
                        xp = XPORT_Find(av[i]);
                        if (xp == NULL)
                                ARGV_ERR("Unknown protocol '%s'\n", av[i]);
                        continue;
                }
                if (la->endpoint[0] != '/')
                        ARGV_ERR("Invalid sub-arg %s"
                            " in -a\n", av[i]);

                val = eq + 1;
                len = eq - av[i];
                assert(len >= 0);
                if (len == 0)
                        ARGV_ERR("Invalid sub-arg %s in -a\n", av[i]);

                if (strncmp(av[i], "user", len) == 0) {
                        if (pwd != NULL)
                                ARGV_ERR("Too many user sub-args in -a (%s)\n",
                                         av[i]);
                        pwd = getpwnam(val);
                        if (pwd == NULL)
                                ARGV_ERR("Unknown user %s in -a\n", val);
                        continue;
                }

                if (strncmp(av[i], "group", len) == 0) {
                        if (grp != NULL)
                                ARGV_ERR("Too many group sub-args in -a (%s)\n",
                                         av[i]);
                        grp = getgrnam(val);
                        if (grp == NULL)
                                ARGV_ERR("Unknown group %s in -a\n", val);
                        continue;
                }

                if (strncmp(av[i], "mode", len) == 0) {
                        long m;
                        char *p;

                        if (mode != 0)
                                ARGV_ERR("Too many mode sub-args in -a (%s)\n",
                                         av[i]);
                        if (*val == '\0')
                                ARGV_ERR("Empty mode sub-arg in -a\n");
                        errno = 0;
                        m = strtol(val, &p, 8);
                        if (*p != '\0')
                                ARGV_ERR("Invalid mode sub-arg %s in -a\n",
                                         val);
                        if (errno)
                                ARGV_ERR("Cannot parse mode sub-arg %s in -a: "
                                         "%s\n", val, VAS_errtxt(errno));
                        if (m <= 0 || m > 0777)
                                ARGV_ERR("Mode sub-arg %s out of range in -a\n",
                                         val);
                        mode = (mode_t) m;
                        continue;
                }

                ARGV_ERR("Invalid sub-arg %s in -a\n", av[i]);
        }

        if (xp == NULL)
                xp = XPORT_Find("http");

        AN(xp);
        la->transport = xp;

        if (pwd != NULL || grp != NULL || mode != 0) {
                ALLOC_OBJ(perms, UDS_PERMS_MAGIC);
                AN(perms);
                if (pwd != NULL)
                        perms->uid = pwd->pw_uid;
                else
                        perms->uid = (uid_t) -1;
                if (grp != NULL)
                        perms->gid = grp->gr_gid;
                else
                        perms->gid = (gid_t) -1;
                perms->mode = mode;
                la->perms = perms;
        }

        return (VUS_resolver(la->endpoint, vca_uds_open_cb, la, err));
}

int
vca_uds_reopen(void)
{
        struct listen_sock *ls;
        int err, fail = 0;

        VTAILQ_FOREACH(ls, &UDS_acceptor.socks, vcalist) {
                CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC);

                VJ_master(JAIL_MASTER_PRIVPORT);
                err = vca_uds_opensocket(ls);
                VJ_master(JAIL_MASTER_LOW);

                if (err == 0)
                        continue;

                fail = vmax(fail, err);
                MGT_Complain(C_ERR, "Could not reopen listen socket %s: %s",
                    ls->endpoint, VAS_errtxt(err));
        }

        return (fail);
}

		varnish-cache/bin/varnishd/acceptor/mgt_acceptor_uds.c
0		/*-
1		* Copyright (c) 2006 Verdens Gang AS
2		* Copyright (c) 2006-2023 Varnish Software AS
3		* All rights reserved.
4		*
5		* Author: Poul-Henning Kamp <phk@phk.freebsd.dk>
6		* Author: Asad Sajjad Ahmed <asadsa@varnish-software.com>
7		*
8		* SPDX-License-Identifier: BSD-2-Clause
9		*
10		* Redistribution and use in source and binary forms, with or without
11		* modification, are permitted provided that the following conditions
12		* are met:
13		* 1. Redistributions of source code must retain the above copyright
14		* notice, this list of conditions and the following disclaimer.
15		* 2. Redistributions in binary form must reproduce the above copyright
16		* notice, this list of conditions and the following disclaimer in the
17		* documentation and/or other materials provided with the distribution.
18		*
19		* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
20		* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21		* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22		* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
23		* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24		* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25		* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26		* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27		* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28		* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29		* SUCH DAMAGE.
30		*
31		* Acceptor socket management
32		*/
33
34		#include "config.h"
35
36		#include <sys/types.h>
37		#include <sys/socket.h>
38		#include <sys/un.h>
39		#include <sys/stat.h>
40		#include <stdio.h>
41		#include <stdlib.h>
42		#include <string.h>
43		#include <unistd.h>
44		#include <pwd.h>
45		#include <grp.h>
46
47		#include "mgt/mgt.h"
48		#include "common/heritage.h"
49
50		#include "acceptor/cache_acceptor.h"
51		#include "acceptor/acceptor_uds.h"
52		#include "acceptor/mgt_acceptor.h"
53
54		#include "vsa.h"
55		#include "vus.h"
56
57		int
58	4995	vca_uds_config(void)
59		{
60
61	4995	return (0);
62		}
63
64		static int
65	285	vca_vus_bind(void priv, const struct sockaddr_un uds)
66		{
67	285	return (VUS_bind(uds, priv));
68		}
69
70		static int
71	285	vca_uds_opensocket(struct listen_sock *ls)
72		{
73		int fail;
74		const char *err;
75
76	285	CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC);
77
78	285	if (ls->sock > 0) {
79	140	MCH_Fd_Inherit(ls->sock, NULL);
80	140	closefd(&ls->sock);
81	140	}
82
83	285	ls->sock = VUS_resolver(ls->endpoint, vca_vus_bind, NULL, &err);
84	285	fail = errno;
85
86	285	if (ls->sock < 0) {
87	0	AN(fail);
88	0	return (fail);
89		}
90
91	285	if (ls->perms != NULL) {
92	20	CHECK_OBJ(ls->perms, UDS_PERMS_MAGIC);
93	20	assert(ls->uds);
94	20	errno = 0;
95	20	if (ls->perms->mode != 0 &&
96	20	chmod(ls->endpoint, ls->perms->mode) != 0)
97	0	return (errno);
98	20	if (chown(ls->endpoint, ls->perms->uid, ls->perms->gid) != 0)
99	0	return (errno);
100	20	}
101
102	285	MCH_Fd_Inherit(ls->sock, "sock");
103	285	return (0);
104	285	}
105
106		static int v_matchproto_(vus_resolved_f)
107	150	vca_uds_open_cb(void priv, const struct sockaddr_un uds)
108		{
109		struct listen_arg *la;
110		struct listen_sock *ls;
111		int fail;
112
113	150	CAST_OBJ_NOTNULL(la, priv, LISTEN_ARG_MAGIC);
114	150	(void) uds;
115
116	155	VTAILQ_FOREACH(ls, &UDS_acceptor.socks, vcalist) {
117	10	CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC);
118
119	10	if (strcmp(ls->endpoint, la->endpoint) == 0)
120	5	ARGV_ERR("-a arguments %s and %s have same address\n",
121		ls->endpoint, la->endpoint);
122	5	}
123
124	145	ALLOC_OBJ(ls, LISTEN_SOCK_MAGIC);
125	145	AN(ls);
126
127	145	ls->sock = -1;
128	145	ls->vca = &UDS_acceptor;
129
130	145	ls->addr = VSA_Clone(bogo_ip);
131	145	AN(ls->addr);
132
133	145	REPLACE(ls->endpoint, la->endpoint);
134	145	ls->name = la->name;
135	145	ls->transport = la->transport;
136	145	ls->perms = la->perms;
137	145	ls->uds = 1;
138
139	145	VJ_master(JAIL_MASTER_PRIVPORT);
140	145	fail = vca_uds_opensocket(ls);
141	145	VJ_master(JAIL_MASTER_LOW);
142
143	145	if (fail) {
144	0	VSA_free(&ls->addr);
145	0	free(ls->endpoint);
146	0	FREE_OBJ(ls);
147	0	if (fail != EAFNOSUPPORT)
148	0	ARGV_ERR("Could not get socket %s: %s\n",
149		la->endpoint, VAS_errtxt(fail));
150	0	return (0);
151		}
152
153	145	VTAILQ_INSERT_TAIL(&la->socks, ls, arglist);
154	145	VTAILQ_INSERT_TAIL(&heritage.socks, ls, list);
155	145	VTAILQ_INSERT_TAIL(&UDS_acceptor.socks, ls, vcalist);
156
157	145	return (0);
158	145	}
159
160		int
161	240	vca_uds_open(char *av, struct listen_arg la, const char **err)
162		{
163
164	240	const struct transport *xp = NULL;
165	240	struct passwd *pwd = NULL;
166	240	struct group *grp = NULL;
167		struct uds_perms *perms;
168	240	mode_t mode = 0;
169
170	240	CHECK_OBJ_NOTNULL(la, LISTEN_ARG_MAGIC);
171	240	AN(av);
172	240	AN(err);
173
174	240	if (*la->endpoint != '/' && strchr(la->endpoint, '/') != NULL)
175	0	ARGV_ERR("Unix domain socket addresses must be"
176		" absolute paths in -a (%s)\n", la->endpoint);
177
178	240	heritage.min_vcl_version = vmax(heritage.min_vcl_version, 41U);
179
180	275	for (int i = 0; av[i] != NULL; i++) {
181		char eq, val;
182		int len;
183
184	120	if ((eq = strchr(av[i], '=')) == NULL) {
185	15	if (xp != NULL)
186	0	ARGV_ERR("Too many protocol sub-args"
187		" in -a (%s)\n", av[i]);
188	15	xp = XPORT_Find(av[i]);
189	15	if (xp == NULL)
190	5	ARGV_ERR("Unknown protocol '%s'\n", av[i]);
191	10	continue;
192		}
193	105	if (la->endpoint[0] != '/')
194	5	ARGV_ERR("Invalid sub-arg %s"
195		" in -a\n", av[i]);
196
197	100	val = eq + 1;
198	100	len = eq - av[i];
199	100	assert(len >= 0);
200	100	if (len == 0)
201	5	ARGV_ERR("Invalid sub-arg %s in -a\n", av[i]);
202
203	95	if (strncmp(av[i], "user", len) == 0) {
204	5	if (pwd != NULL)
205	0	ARGV_ERR("Too many user sub-args in -a (%s)\n",
206		av[i]);
207	5	pwd = getpwnam(val);
208	5	if (pwd == NULL)
209	0	ARGV_ERR("Unknown user %s in -a\n", val);
210	5	continue;
211		}
212
213	90	if (strncmp(av[i], "group", len) == 0) {
214	5	if (grp != NULL)
215	0	ARGV_ERR("Too many group sub-args in -a (%s)\n",
216		av[i]);
217	5	grp = getgrnam(val);
218	5	if (grp == NULL)
219	0	ARGV_ERR("Unknown group %s in -a\n", val);
220	5	continue;
221		}
222
223	85	if (strncmp(av[i], "mode", len) == 0) {
224		long m;
225		char *p;
226
227	65	if (mode != 0)
228	5	ARGV_ERR("Too many mode sub-args in -a (%s)\n",
229		av[i]);
230	60	if (*val == '\0')
231	5	ARGV_ERR("Empty mode sub-arg in -a\n");
232	55	errno = 0;
233	55	m = strtol(val, &p, 8);
234	55	if (*p != '\0')
235	15	ARGV_ERR("Invalid mode sub-arg %s in -a\n",
236		val);
237	40	if (errno)
238	10	ARGV_ERR("Cannot parse mode sub-arg %s in -a: "
239		"%s\n", val, VAS_errtxt(errno));
240	30	if (m <= 0 \|\| m > 0777)
241	15	ARGV_ERR("Mode sub-arg %s out of range in -a\n",
242		val);
243	15	mode = (mode_t) m;
244	15	continue;
245		}
246
247	20	ARGV_ERR("Invalid sub-arg %s in -a\n", av[i]);
248	0	}
249
250	155	if (xp == NULL)
251	145	xp = XPORT_Find("http");
252
253	155	AN(xp);
254	155	la->transport = xp;
255
256	155	if (pwd != NULL \|\| grp != NULL \|\| mode != 0) {
257	10	ALLOC_OBJ(perms, UDS_PERMS_MAGIC);
258	10	AN(perms);
259	10	if (pwd != NULL)
260	5	perms->uid = pwd->pw_uid;
261		else
262	5	perms->uid = (uid_t) -1;
263	10	if (grp != NULL)
264	5	perms->gid = grp->gr_gid;
265		else
266	5	perms->gid = (gid_t) -1;
267	10	perms->mode = mode;
268	10	la->perms = perms;
269	10	}
270
271	155	return (VUS_resolver(la->endpoint, vca_uds_open_cb, la, err));
272		}
273
274		int
275	4730	vca_uds_reopen(void)
276		{
277		struct listen_sock *ls;
278	4730	int err, fail = 0;
279
280	4870	VTAILQ_FOREACH(ls, &UDS_acceptor.socks, vcalist) {
281	140	CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC);
282
283	140	VJ_master(JAIL_MASTER_PRIVPORT);
284	140	err = vca_uds_opensocket(ls);
285	140	VJ_master(JAIL_MASTER_LOW);
286
287	140	if (err == 0)
288	140	continue;
289
290	0	fail = vmax(fail, err);
291	0	MGT_Complain(C_ERR, "Could not reopen listen socket %s: %s",
292	0	ls->endpoint, VAS_errtxt(err));
293	0	}
294
295	4730	return (fail);
296		}