GCOV - Varnish Cache


/*-
 * Copyright (c) 2006 Verdens Gang AS
 * Copyright (c) 2006-2023 Varnish Software AS
 * All rights reserved.
 *
 * Author: Poul-Henning Kamp <phk@phk.freebsd.dk>
 * Author: Asad Sajjad Ahmed <asadsa@varnish-software.com>
 *
 * SPDX-License-Identifier: BSD-2-Clause
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * Acceptor socket management
 */

#include "config.h"

#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <sys/stat.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <pwd.h>
#include <grp.h>

#include "mgt/mgt.h"
#include "common/heritage.h"

#include "acceptor/cache_acceptor.h"
#include "acceptor/acceptor_uds.h"
#include "acceptor/mgt_acceptor.h"

#include "vsa.h"
#include "vus.h"

int
vca_uds_config(void)
{

        return (0);
}

static int
vca_vus_bind(void *priv, const struct sockaddr_un *uds)
{
        return (VUS_bind(uds, priv));
}

static int
vca_uds_opensocket(struct listen_sock *ls)
{
        int fail;
        const char *err;

        CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC);

        if (ls->sock > 0) {
                MCH_Fd_Inherit(ls->sock, NULL);
                closefd(&ls->sock);
        }

        ls->sock = VUS_resolver(ls->endpoint, vca_vus_bind, NULL, &err);
        fail = errno;

        if (ls->sock < 0) {
                AN(fail);
                return (fail);
        }

        if (ls->perms != NULL) {
                CHECK_OBJ(ls->perms, UDS_PERMS_MAGIC);
                assert(ls->uds);
                errno = 0;
                if (ls->perms->mode != 0 &&
                    chmod(ls->endpoint, ls->perms->mode) != 0)
                        return (errno);
                if (chown(ls->endpoint, ls->perms->uid, ls->perms->gid) != 0)
                        return (errno);
        }

        MCH_Fd_Inherit(ls->sock, "sock");
        return (0);
}

static int v_matchproto_(vus_resolved_f)
vca_uds_open_cb(void *priv, const struct sockaddr_un *uds)
{
        struct listen_arg *la;
        struct listen_sock *ls;
        int fail;

        CAST_OBJ_NOTNULL(la, priv, LISTEN_ARG_MAGIC);
        (void) uds;

        VTAILQ_FOREACH(ls, &UDS_acceptor.socks, vcalist) {
                CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC);

                if (strcmp(ls->endpoint, la->endpoint) == 0)
                        ARGV_ERR("-a arguments %s and %s have same address\n",
                            ls->endpoint, la->endpoint);
        }

        ALLOC_OBJ(ls, LISTEN_SOCK_MAGIC);
        AN(ls);

        ls->sock = -1;
        ls->vca = &UDS_acceptor;

        ls->addr = VSA_Clone(bogo_ip);
        AN(ls->addr);

        REPLACE(ls->endpoint, la->endpoint);
        ls->name = la->name;
        ls->transport = la->transport;
        ls->perms = la->perms;
        ls->uds = 1;

        VJ_master(JAIL_MASTER_PRIVPORT);
        fail = vca_uds_opensocket(ls);
        VJ_master(JAIL_MASTER_LOW);

        if (fail) {
                VSA_free(&ls->addr);
                free(ls->endpoint);
                FREE_OBJ(ls);
                if (fail != EAFNOSUPPORT)
                        ARGV_ERR("Could not get socket %s: %s\n",
                            la->endpoint, VAS_errtxt(fail));
                return (0);
        }

        VTAILQ_INSERT_TAIL(&la->socks, ls, arglist);
        VTAILQ_INSERT_TAIL(&heritage.socks, ls, list);
        VTAILQ_INSERT_TAIL(&UDS_acceptor.socks, ls, vcalist);

        return (0);
}

int
vca_uds_open(char **av, struct listen_arg *la, const char **err)
{

        const struct transport *xp = NULL;
        struct passwd *pwd = NULL;
        struct group *grp = NULL;
        struct uds_perms *perms;
        mode_t mode = 0;

        CHECK_OBJ_NOTNULL(la, LISTEN_ARG_MAGIC);
        AN(av);
        AN(err);

        if (*la->endpoint != '/' && strchr(la->endpoint, '/') != NULL)
                ARGV_ERR("Unix domain socket addresses must be"
                    " absolute paths in -a (%s)\n", la->endpoint);

        heritage.min_vcl_version = vmax(heritage.min_vcl_version, 41U);

        for (int i = 0; av[i] != NULL; i++) {
                const char *val;

                if (strchr(av[i], '=') == NULL) {
                        if (xp != NULL)
                                ARGV_ERR("Too many protocol sub-args"
                                    " in -a (%s)\n", av[i]);
                        xp = XPORT_Find(av[i]);
                        if (xp == NULL)
                                ARGV_ERR("Unknown protocol '%s'\n", av[i]);
                        continue;
                }
                if (la->endpoint[0] != '/')
                        ARGV_ERR("Invalid sub-arg %s"
                            " in -a\n", av[i]);

                val = keyval(av[i], "user=");
                if (val != NULL && pwd != NULL)
                        ARGV_ERR("Too many user sub-args in -a (%s)\n", av[i]);
                if (val != NULL) {
                        pwd = getpwnam(val);
                        if (pwd == NULL)
                                ARGV_ERR("Unknown user %s in -a\n", val);
                        continue;
                }

                val = keyval(av[i], "group=");
                if (val != NULL && grp != NULL)
                        ARGV_ERR("Too many group sub-args in -a (%s)\n", av[i]);
                if (val != NULL) {
                        grp = getgrnam(val);
                        if (grp == NULL)
                                ARGV_ERR("Unknown group %s in -a\n", val);
                        continue;
                }

                val = keyval(av[i], "mode=");
                if (val != NULL && mode != 0)
                        ARGV_ERR("Too many mode sub-args in -a (%s)\n", av[i]);
                if (val != NULL && *val == '\0')
                        ARGV_ERR("Empty mode sub-arg in -a\n");
                if (val != NULL) {
                        long m;
                        char *p;

                        errno = 0;
                        m = strtol(val, &p, 8);
                        if (*p != '\0')
                                ARGV_ERR("Invalid mode sub-arg %s in -a\n",
                                         val);
                        if (errno)
                                ARGV_ERR("Cannot parse mode sub-arg %s in -a: "
                                         "%s\n", val, VAS_errtxt(errno));
                        if (m <= 0 || m > 0777)
                                ARGV_ERR("Mode sub-arg %s out of range in -a\n",
                                         val);
                        mode = (mode_t) m;
                        continue;
                }

                ARGV_ERR("Invalid sub-arg %s in -a\n", av[i]);
        }

        if (xp == NULL)
                xp = XPORT_Find("http");

        AN(xp);
        la->transport = xp;

        if (pwd != NULL || grp != NULL || mode != 0) {
                ALLOC_OBJ(perms, UDS_PERMS_MAGIC);
                AN(perms);
                if (pwd != NULL)
                        perms->uid = pwd->pw_uid;
                else
                        perms->uid = (uid_t) -1;
                if (grp != NULL)
                        perms->gid = grp->gr_gid;
                else
                        perms->gid = (gid_t) -1;
                perms->mode = mode;
                la->perms = perms;
        }

        return (VUS_resolver(la->endpoint, vca_uds_open_cb, la, err));
}

int
vca_uds_reopen(void)
{
        struct listen_sock *ls;
        int err, fail = 0;

        VTAILQ_FOREACH(ls, &UDS_acceptor.socks, vcalist) {
                CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC);

                VJ_master(JAIL_MASTER_PRIVPORT);
                err = vca_uds_opensocket(ls);
                VJ_master(JAIL_MASTER_LOW);

                if (err == 0)
                        continue;

                fail = vmax(fail, err);
                MGT_Complain(C_ERR, "Could not reopen listen socket %s: %s",
                    ls->endpoint, VAS_errtxt(err));
        }

        return (fail);
}

		varnish-cache/bin/varnishd/acceptor/mgt_acceptor_uds.c
0		/*-
1		* Copyright (c) 2006 Verdens Gang AS
2		* Copyright (c) 2006-2023 Varnish Software AS
3		* All rights reserved.
4		*
5		* Author: Poul-Henning Kamp <phk@phk.freebsd.dk>
6		* Author: Asad Sajjad Ahmed <asadsa@varnish-software.com>
7		*
8		* SPDX-License-Identifier: BSD-2-Clause
9		*
10		* Redistribution and use in source and binary forms, with or without
11		* modification, are permitted provided that the following conditions
12		* are met:
13		* 1. Redistributions of source code must retain the above copyright
14		* notice, this list of conditions and the following disclaimer.
15		* 2. Redistributions in binary form must reproduce the above copyright
16		* notice, this list of conditions and the following disclaimer in the
17		* documentation and/or other materials provided with the distribution.
18		*
19		* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
20		* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21		* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22		* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
23		* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24		* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25		* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26		* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27		* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28		* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29		* SUCH DAMAGE.
30		*
31		* Acceptor socket management
32		*/
33
34		#include "config.h"
35
36		#include <sys/types.h>
37		#include <sys/socket.h>
38		#include <sys/un.h>
39		#include <sys/stat.h>
40		#include <stdio.h>
41		#include <stdlib.h>
42		#include <string.h>
43		#include <unistd.h>
44		#include <pwd.h>
45		#include <grp.h>
46
47		#include "mgt/mgt.h"
48		#include "common/heritage.h"
49
50		#include "acceptor/cache_acceptor.h"
51		#include "acceptor/acceptor_uds.h"
52		#include "acceptor/mgt_acceptor.h"
53
54		#include "vsa.h"
55		#include "vus.h"
56
57		int
58	4020	vca_uds_config(void)
59		{
60
61	4020	return (0);
62		}
63
64		static int
65	228	vca_vus_bind(void priv, const struct sockaddr_un uds)
66		{
67	228	return (VUS_bind(uds, priv));
68		}
69
70		static int
71	228	vca_uds_opensocket(struct listen_sock *ls)
72		{
73		int fail;
74		const char *err;
75
76	228	CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC);
77
78	228	if (ls->sock > 0) {
79	112	MCH_Fd_Inherit(ls->sock, NULL);
80	112	closefd(&ls->sock);
81	112	}
82
83	228	ls->sock = VUS_resolver(ls->endpoint, vca_vus_bind, NULL, &err);
84	228	fail = errno;
85
86	228	if (ls->sock < 0) {
87	0	AN(fail);
88	0	return (fail);
89		}
90
91	228	if (ls->perms != NULL) {
92	16	CHECK_OBJ(ls->perms, UDS_PERMS_MAGIC);
93	16	assert(ls->uds);
94	16	errno = 0;
95	16	if (ls->perms->mode != 0 &&
96	16	chmod(ls->endpoint, ls->perms->mode) != 0)
97	0	return (errno);
98	16	if (chown(ls->endpoint, ls->perms->uid, ls->perms->gid) != 0)
99	0	return (errno);
100	16	}
101
102	228	MCH_Fd_Inherit(ls->sock, "sock");
103	228	return (0);
104	228	}
105
106		static int v_matchproto_(vus_resolved_f)
107	120	vca_uds_open_cb(void priv, const struct sockaddr_un uds)
108		{
109		struct listen_arg *la;
110		struct listen_sock *ls;
111		int fail;
112
113	120	CAST_OBJ_NOTNULL(la, priv, LISTEN_ARG_MAGIC);
114	120	(void) uds;
115
116	124	VTAILQ_FOREACH(ls, &UDS_acceptor.socks, vcalist) {
117	8	CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC);
118
119	8	if (strcmp(ls->endpoint, la->endpoint) == 0)
120	4	ARGV_ERR("-a arguments %s and %s have same address\n",
121		ls->endpoint, la->endpoint);
122	4	}
123
124	116	ALLOC_OBJ(ls, LISTEN_SOCK_MAGIC);
125	116	AN(ls);
126
127	116	ls->sock = -1;
128	116	ls->vca = &UDS_acceptor;
129
130	116	ls->addr = VSA_Clone(bogo_ip);
131	116	AN(ls->addr);
132
133	116	REPLACE(ls->endpoint, la->endpoint);
134	116	ls->name = la->name;
135	116	ls->transport = la->transport;
136	116	ls->perms = la->perms;
137	116	ls->uds = 1;
138
139	116	VJ_master(JAIL_MASTER_PRIVPORT);
140	116	fail = vca_uds_opensocket(ls);
141	116	VJ_master(JAIL_MASTER_LOW);
142
143	116	if (fail) {
144	0	VSA_free(&ls->addr);
145	0	free(ls->endpoint);
146	0	FREE_OBJ(ls);
147	0	if (fail != EAFNOSUPPORT)
148	0	ARGV_ERR("Could not get socket %s: %s\n",
149		la->endpoint, VAS_errtxt(fail));
150	0	return (0);
151		}
152
153	116	VTAILQ_INSERT_TAIL(&la->socks, ls, arglist);
154	116	VTAILQ_INSERT_TAIL(&heritage.socks, ls, list);
155	116	VTAILQ_INSERT_TAIL(&UDS_acceptor.socks, ls, vcalist);
156
157	116	return (0);
158	116	}
159
160		int
161	192	vca_uds_open(char *av, struct listen_arg la, const char **err)
162		{
163
164	192	const struct transport *xp = NULL;
165	192	struct passwd *pwd = NULL;
166	192	struct group *grp = NULL;
167		struct uds_perms *perms;
168	192	mode_t mode = 0;
169
170	192	CHECK_OBJ_NOTNULL(la, LISTEN_ARG_MAGIC);
171	192	AN(av);
172	192	AN(err);
173
174	192	if (*la->endpoint != '/' && strchr(la->endpoint, '/') != NULL)
175	0	ARGV_ERR("Unix domain socket addresses must be"
176		" absolute paths in -a (%s)\n", la->endpoint);
177
178	192	heritage.min_vcl_version = vmax(heritage.min_vcl_version, 41U);
179
180	220	for (int i = 0; av[i] != NULL; i++) {
181		const char *val;
182
183	96	if (strchr(av[i], '=') == NULL) {
184	12	if (xp != NULL)
185	0	ARGV_ERR("Too many protocol sub-args"
186		" in -a (%s)\n", av[i]);
187	12	xp = XPORT_Find(av[i]);
188	12	if (xp == NULL)
189	4	ARGV_ERR("Unknown protocol '%s'\n", av[i]);
190	8	continue;
191		}
192	84	if (la->endpoint[0] != '/')
193	4	ARGV_ERR("Invalid sub-arg %s"
194		" in -a\n", av[i]);
195
196	80	val = keyval(av[i], "user=");
197	80	if (val != NULL && pwd != NULL)
198	0	ARGV_ERR("Too many user sub-args in -a (%s)\n", av[i]);
199	80	if (val != NULL) {
200	4	pwd = getpwnam(val);
201	4	if (pwd == NULL)
202	0	ARGV_ERR("Unknown user %s in -a\n", val);
203	4	continue;
204		}
205
206	76	val = keyval(av[i], "group=");
207	76	if (val != NULL && grp != NULL)
208	0	ARGV_ERR("Too many group sub-args in -a (%s)\n", av[i]);
209	76	if (val != NULL) {
210	4	grp = getgrnam(val);
211	4	if (grp == NULL)
212	0	ARGV_ERR("Unknown group %s in -a\n", val);
213	4	continue;
214		}
215
216	72	val = keyval(av[i], "mode=");
217	72	if (val != NULL && mode != 0)
218	4	ARGV_ERR("Too many mode sub-args in -a (%s)\n", av[i]);
219	68	if (val != NULL && *val == '\0')
220	4	ARGV_ERR("Empty mode sub-arg in -a\n");
221	64	if (val != NULL) {
222		long m;
223		char *p;
224
225	44	errno = 0;
226	44	m = strtol(val, &p, 8);
227	44	if (*p != '\0')
228	12	ARGV_ERR("Invalid mode sub-arg %s in -a\n",
229		val);
230	32	if (errno)
231	8	ARGV_ERR("Cannot parse mode sub-arg %s in -a: "
232		"%s\n", val, VAS_errtxt(errno));
233	24	if (m <= 0 \|\| m > 0777)
234	12	ARGV_ERR("Mode sub-arg %s out of range in -a\n",
235		val);
236	12	mode = (mode_t) m;
237	12	continue;
238		}
239
240	20	ARGV_ERR("Invalid sub-arg %s in -a\n", av[i]);
241	0	}
242
243	124	if (xp == NULL)
244	116	xp = XPORT_Find("http");
245
246	124	AN(xp);
247	124	la->transport = xp;
248
249	124	if (pwd != NULL \|\| grp != NULL \|\| mode != 0) {
250	8	ALLOC_OBJ(perms, UDS_PERMS_MAGIC);
251	8	AN(perms);
252	8	if (pwd != NULL)
253	4	perms->uid = pwd->pw_uid;
254		else
255	4	perms->uid = (uid_t) -1;
256	8	if (grp != NULL)
257	4	perms->gid = grp->gr_gid;
258		else
259	4	perms->gid = (gid_t) -1;
260	8	perms->mode = mode;
261	8	la->perms = perms;
262	8	}
263
264	124	return (VUS_resolver(la->endpoint, vca_uds_open_cb, la, err));
265		}
266
267		int
268	3808	vca_uds_reopen(void)
269		{
270		struct listen_sock *ls;
271	3808	int err, fail = 0;
272
273	3920	VTAILQ_FOREACH(ls, &UDS_acceptor.socks, vcalist) {
274	112	CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC);
275
276	112	VJ_master(JAIL_MASTER_PRIVPORT);
277	112	err = vca_uds_opensocket(ls);
278	112	VJ_master(JAIL_MASTER_LOW);
279
280	112	if (err == 0)
281	112	continue;
282
283	0	fail = vmax(fail, err);
284	0	MGT_Complain(C_ERR, "Could not reopen listen socket %s: %s",
285	0	ls->endpoint, VAS_errtxt(err));
286	0	}
287
288	3808	return (fail);
289		}