varnish-cache/lib/libvarnish/vsa.c
0
/*-
1
 * Copyright (c) 2013-2015 Varnish Software AS
2
 * All rights reserved.
3
 *
4
 * Author: Poul-Henning Kamp <phk@phk.freebsd.dk>
5
 *
6
 * SPDX-License-Identifier: BSD-2-Clause
7
 *
8
 * Redistribution and use in source and binary forms, with or without
9
 * modification, are permitted provided that the following conditions
10
 * are met:
11
 * 1. Redistributions of source code must retain the above copyright
12
 *    notice, this list of conditions and the following disclaimer.
13
 * 2. Redistributions in binary form must reproduce the above copyright
14
 *    notice, this list of conditions and the following disclaimer in the
15
 *    documentation and/or other materials provided with the distribution.
16
 *
17
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20
 * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
21
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27
 * SUCH DAMAGE.
28
 *
29
 * Struct sockaddr_* is not even close to a convenient API.
30
 *
31
 * These functions try to mitigate the madness, at the cost of actually
32
 * knowing something about address families.
33
 */
34
35
#include "config.h"
36
37
#include <string.h>
38
#include <stdint.h>
39
#include <stdlib.h>
40
#include <sys/socket.h>
41
#include <sys/un.h>
42
#include <sys/types.h>
43
#include <netinet/in.h>
44
45
#include "vdef.h"
46
#include "vas.h"
47
#include "vsa.h"
48
#include "miniobj.h"
49
50
/*
51
 * Struct sockaddr{|_in|_in6|_storage} is absolutely the worst data
52
 * structure I have ever seen gold-plated in international standards.
53
 *
54
 * Network addresses have multiple different forms, many fewer today
55
 * than in last century, but imagine that in addition to IPv4 and IPv6
56
 * we had 40 other protocols.  Actually, you don't need to imagine that
57
 * just count the AF_* macros in /usr/include/sys/socket.h.
58
 *
59
 * So what do we pass the kernel API for an address to bind(2), connect(2) &
60
 * listen(2) etc. etc ?
61
 *
62
 * We could define a struct which is big enough to hold any and all
63
 * of these addresses.  That would make it a fixed size argument.
64
 * obviously the struct would have to be something like:
65
 *      struct bla {
66
 *              int family;
67
 *              char address[MAX_ADDR_LEN];
68
 *      }
69
 * and MAX_ADDR_LEN would have to be quite large, 128 byte or so.
70
 *
71
 * Back in last century that was TOTALLY unacceptable waste of space.
72
 *
73
 * The way which was chosen instead, was to make a "generic" address,
74
 * and have per protocol "specific" addresses, and pass the length
75
 * argument explicitly to the KPI functions.
76
 *
77
 * The generic address was called "struct sockaddr", and the specific
78
 * were called "struct sockaddr_${whatever}".  All of these must have
79
 * a "family" field as first element, so the kernel can figure out
80
 * which protocol it is.
81
 *
82
 * The generic struct sockaddr was made big enough for all protocols
83
 * supported in the kernel, so it would have different sizes depending
84
 * on your machine and kernel configuration.
85
 *
86
 * However, that allowed you to write protocol-agnostic programs, by
87
 * using "struct sockaddr" throughout, and relying on libray APIs for
88
 * things like name to address (and vice versa) resolution, and since
89
 * nobody were in the business of shipping random UNIX binaries around
90
 * the lack of binary portability didn't matter.
91
 *
92
 * Along the way the BSD people figured out that it was a bother
93
 * to carry the length argument separately, and added that to the
94
 * format of sockaddr, but other groups found this unclean, as
95
 * the length was already an explicit parameter.
96
 *
97
 * The net result of this is that your "portable" code, must take
98
 * care to handle the "sa_len" member on kernels which have it,
99
 * while still tracking the separate length argument for all other
100
 * kernels.
101
 *
102
 * Needless to say, there were no neat #define to tell you which
103
 * was which, so each programmer found a different heuristic to
104
 * decide, often not understanding it fully, which caused the kind
105
 * of portability issues which lead to the autocrap tools.
106
 *
107
 * Then all the other protocols died, we were left with IP and
108
 * life were good, the dot-com madness multiplied the IT-business
109
 * by a factor 1000, by making any high-school student who had
110
 * programmed PERL for 6 weeks a "senior web-programmer".
111
 *
112
 * Next IPv6 happened, in a rush even, (no seriously, I'm not kidding!),
113
 * and since IPv6 addresses were HUGE, like 16 bytes HUGE, the generic
114
 * struct sockaddr was not increased in size.
115
 *
116
 * At least "not yet", because it would break all the shitty code written
117
 * by the dot-com generation.
118
 *
119
 * Nobody used IPv6 anyway so that didn't matter that much.
120
 *
121
 * Then people actually started using IPv6 and its struct sockaddr_in6,
122
 * and realized that all the code which used "struct sockaddr" to allocate
123
 * space at compile time were broken.
124
 *
125
 * Some people took to using sockaddr_in6, since that was known to
126
 * be big enough for both IPv4 and IPv6, but "purist" found that
127
 * ugly and "prone to future trouble".
128
 *
129
 * So instead they came up with a "clean solution":  The added
130
 * "struct sockaddr_storage" which is defined to be "Large enough
131
 * to accommodate all supported protocol-specific address structures".
132
 *
133
 * Since we cannot possibly know what zany protocols will exist in
134
 * the future, and since some people think that we will add future
135
 * protocols, while retaining ABI compatibility, (totally overlooking
136
 * the fact that no code for name-resolution supports that) it is
137
 * usually defined so it can cope with 128 byte addresses.
138
 *
139
 * Does that ring a bell ?
140
 *
141
 * Only, not quite:  Remember that all APIs require you to track
142
 * the address and the length separately, so you only get the
143
 * size of the specific protocols sockaddr_${whatever} from API
144
 * functions, not a full sockaddr_storage, and besides the
145
 * prototype for the KPI is still "struct sockaddr *", so you
146
 * cannot gain C type-safety back by using sockaddr_storage
147
 * as the "generic network address" type.
148
 *
149
 * So we have come full circle, while causing maximum havoc along
150
 * the way and for the forseeable future.
151
 *
152
 * Do I need to tell you that static code analysis tools have a
153
 * really hard time coping with this, and that they give a lot of
154
 * false negatives which confuse people ?
155
 *
156
 * I have decided to try to contain this crap in this single
157
 * source-file, with only minimum leakage into the rest of Varnish,
158
 * which will only know of pointers to "struct suckaddr", the naming
159
 * of which is my of the historical narrative above.
160
 *
161
 * And you don't need to take my word for this, you can see it all
162
 * in various #include files on your own system.   If you are on
163
 * a Solaris derivative, don't miss the beautiful horror hidden in the
164
 * variant definition of IPv6 addresses between kernel and userland.
165
 *
166
 */
167
168
struct suckaddr {
169
        unsigned                        magic;
170
#define SUCKADDR_MAGIC                  0x4b1e9335
171
        union {
172
                struct sockaddr         sa;
173
                struct sockaddr_in      sa4;
174
                struct sockaddr_in6     sa6;
175
        } u;
176
};
177
178
const size_t vsa_suckaddr_len = sizeof(struct suckaddr);
179
180
/*
181
 * Bogus IPv4 address 0.0.0.0:0 to be used for VCL *.ip variables when the
182
 * "real" address is not IP (such as UDS addresses).
183
 */
184
static struct suckaddr bogo_ip_vsa;
185
const struct suckaddr *bogo_ip = &bogo_ip_vsa;
186
/* same in IPv6 */
187
static struct suckaddr bogo_ip6_vsa;
188
const struct suckaddr *bogo_ip6 = &bogo_ip6_vsa;
189
190
void
191 39600
VSA_Init(void)
192
{
193 39600
        AN(VSA_BuildFAP(&bogo_ip_vsa, PF_INET, NULL, 0, NULL, 0));
194 39600
        AN(VSA_BuildFAP(&bogo_ip6_vsa, PF_INET6, NULL, 0, NULL, 0));
195 39600
}
196
197
/*
198
 * This VRT interface is for the VCC generated ACL code, which needs
199
 * to know the address family and a pointer to the actual address.
200
 */
201
202
int
203 3863560
VSA_GetPtr(const struct suckaddr *sua, const unsigned char ** dst)
204
{
205
206 3863560
        AN(dst);
207 3863560
        if (sua == NULL)
208 0
                return (-1);
209 3863560
        CHECK_OBJ_NOTNULL(sua, SUCKADDR_MAGIC);
210
211 3863560
        switch (sua->u.sa.sa_family) {
212
        case PF_INET:
213 9200
                assert(sua->u.sa.sa_family == sua->u.sa4.sin_family);
214 9200
                *dst = (const unsigned char *)&sua->u.sa4.sin_addr;
215 9200
                return (sua->u.sa4.sin_family);
216
        case PF_INET6:
217 3854360
                assert(sua->u.sa.sa_family == sua->u.sa6.sin6_family);
218 3854360
                *dst = (const unsigned char *)&sua->u.sa6.sin6_addr;
219 3854360
                return (sua->u.sa6.sin6_family);
220
        default:
221 0
                *dst = NULL;
222 0
                return (-1);
223
        }
224 3863560
}
225
226
/*
227
 * Return the size of a struct sockaddr in a struck suckaddr
228
 * or 0 if unknown family
229
 */
230
static inline
231 6473763
socklen_t sua_len(const struct sockaddr *sa)
232
{
233
234 6473763
        switch (sa->sa_family) {
235
        case PF_INET:
236 2363483
                return (sizeof(struct sockaddr_in));
237
        case PF_INET6:
238 4110240
                return (sizeof(struct sockaddr_in6));
239
        case AF_UNIX:
240 40
                return (sizeof(struct sockaddr_un));
241
        default:
242 0
                return (0);
243
        }
244 6473763
}
245
246
/*
247
 * Malloc a suckaddr from a sockaddr of some kind.
248
 */
249
250
const struct suckaddr *
251 455677
VSA_Malloc(const void *s, unsigned  sal)
252
{
253
254 455677
        return (VSA_Build(NULL, s, sal));
255
}
256
257
/*
258
 * 'd' SHALL point to vsa_suckaddr_len aligned bytes of storage
259
 *
260
 * fam: address family
261
 * a / al : address and length
262
 * p / pl : port and length
263
 *
264
 * NULL or 0 length argument are ignored.
265
 * argument of the wrong length are an error (NULL return value, EINVAL)
266
 */
267
const struct suckaddr *
268 81640
VSA_BuildFAP(void *d, sa_family_t fam, const void *a, unsigned al,
269
            const void *p, unsigned pl)
270
{
271
        struct sockaddr_in sin4;
272
        struct sockaddr_in6 sin6;
273
274 81640
        switch (fam) {
275
        case PF_INET:
276 41520
                memset(&sin4, 0, sizeof sin4);
277 41520
                sin4.sin_family = fam;
278 41520
                if (a != NULL && al > 0) {
279 1920
                        if (al != sizeof(sin4.sin_addr))
280 0
                                break;
281 1920
                        memcpy(&sin4.sin_addr, a, al);
282 1920
                }
283 41520
                if (p != NULL && pl > 0) {
284 1680
                        if (pl != sizeof(sin4.sin_port))
285 0
                                break;
286 1680
                        memcpy(&sin4.sin_port, p, pl);
287 1680
                }
288 41520
                return (VSA_Build(d, &sin4, sizeof sin4));
289
        case PF_INET6:
290 40120
                memset(&sin6, 0, sizeof sin6);
291 40120
                sin6.sin6_family = fam;
292 40120
                if (a != NULL && al > 0) {
293 520
                        if (al != sizeof(sin6.sin6_addr))
294 0
                                break;
295 520
                        memcpy(&sin6.sin6_addr, a, al);
296 520
                }
297 40120
                if (p != NULL && pl > 0) {
298 400
                        if (pl != sizeof(sin6.sin6_port))
299 0
                                break;
300 400
                        memcpy(&sin6.sin6_port, p, pl);
301 400
                }
302 40120
                return (VSA_Build(d, &sin6, sizeof sin6));
303
        default:
304 0
                errno = EAFNOSUPPORT;
305 0
                return (NULL);
306
        }
307 0
        errno = EINVAL;
308 0
        return (NULL);
309 81640
}
310
311
const struct suckaddr *
312 616842
VSA_Build(void *d, const void *s, unsigned sal)
313
{
314
        struct suckaddr *sua;
315 616842
        const struct sockaddr *sa = s;
316
        unsigned l;     // for flexelint
317
318 616842
        AN(s);
319 616842
        l = sua_len(sa);
320 616842
        if (l == 0 || l != sal)
321 51
                return (NULL);
322
323 616801
        if (d == NULL) {
324 455677
                d = malloc(vsa_suckaddr_len);
325 455677
                AN(d);
326 455677
        }
327
328 616801
        sua = d;
329
330 616801
        INIT_OBJ(sua, SUCKADDR_MAGIC);
331 616801
        switch (l) {
332
        case sizeof sua->u.sa4:
333 492041
                memcpy(&sua->u.sa4, s, l);
334 492041
                break;
335
        case sizeof sua->u.sa6:
336 124760
                memcpy(&sua->u.sa6, s, l);
337 124760
                break;
338
        default:
339 0
                WRONG("VSA protocol vs. size");
340 0
        }
341
#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN
342 616801
        sua->u.sa.sa_len = (unsigned char)l;
343
#endif
344 616801
        return (sua);
345 616852
}
346
347
const void *
348 1577228
VSA_Get_Sockaddr(const struct suckaddr *sua, socklen_t *slp)
349
{
350
        socklen_t sl;
351
352 1577228
        CHECK_OBJ_NOTNULL(sua, SUCKADDR_MAGIC);
353 1577228
        AN(slp);
354 1577228
        sl = sua_len(&sua->u.sa);
355 1577228
        if (sl == 0)
356 0
                return (NULL);
357 1577228
        *slp = sl;
358 1577228
        return (&sua->u.sa);
359 1577228
}
360
361
int
362 536219
VSA_Get_Proto(const struct suckaddr *sua)
363
{
364
365 536219
        CHECK_OBJ_NOTNULL(sua, SUCKADDR_MAGIC);
366 536219
        return (sua->u.sa.sa_family);
367
}
368
369
int
370 4279710
VSA_Sane(const struct suckaddr *sua)
371
{
372 4279710
        return (VALID_OBJ(sua, SUCKADDR_MAGIC) && sua_len(&sua->u.sa) != 0);
373
}
374
375
int
376 8494
VSA_Compare(const struct suckaddr *sua1, const struct suckaddr *sua2)
377
{
378
379 8494
        CHECK_OBJ_NOTNULL(sua1, SUCKADDR_MAGIC);
380 8494
        CHECK_OBJ_NOTNULL(sua2, SUCKADDR_MAGIC);
381 8494
        return (memcmp(sua1, sua2, vsa_suckaddr_len));
382
}
383
384
int
385 939
VSA_Compare_IP(const struct suckaddr *sua1, const struct suckaddr *sua2)
386
{
387
388 939
        assert(VSA_Sane(sua1));
389 939
        assert(VSA_Sane(sua2));
390
391 939
        if (sua1->u.sa.sa_family != sua2->u.sa.sa_family)
392 0
                return (-1);
393
394 939
        switch (sua1->u.sa.sa_family) {
395
        case PF_INET:
396 1878
                return (memcmp(&sua1->u.sa4.sin_addr,
397 939
                    &sua2->u.sa4.sin_addr, sizeof(struct in_addr)));
398
        case PF_INET6:
399 0
                return (memcmp(&sua1->u.sa6.sin6_addr,
400 0
                    &sua2->u.sa6.sin6_addr, sizeof(struct in6_addr)));
401
        default:
402 0
                WRONG("Just plain insane");
403 0
        }
404 0
        NEEDLESS(return (-1));
405 939
}
406
407
const struct suckaddr *
408 131080
VSA_Clone(const struct suckaddr *sua)
409
{
410
        struct suckaddr *sua2;
411
412 131080
        assert(VSA_Sane(sua));
413 131080
        sua2 = calloc(1, vsa_suckaddr_len);
414 131080
        XXXAN(sua2);
415 131080
        memcpy(sua2, sua, vsa_suckaddr_len);
416 131080
        return (sua2);
417
}
418
419
unsigned
420 42800
VSA_Port(const struct suckaddr *sua)
421
{
422
423 42800
        CHECK_OBJ_NOTNULL(sua, SUCKADDR_MAGIC);
424 42800
        switch (sua->u.sa.sa_family) {
425
        case PF_INET:
426 40880
                return (ntohs(sua->u.sa4.sin_port));
427
        case PF_INET6:
428 1920
                return (ntohs(sua->u.sa6.sin6_port));
429
        default:
430 0
                return (0);
431
        }
432 42800
}
433
434
#define VSA_getname(which)                              \
435
const struct suckaddr *                                 \
436
VSA_get ## which ## name(int fd, void *d, size_t l)     \
437
{                                                       \
438
        struct suckaddr *sua;                           \
439
        socklen_t sl;                                   \
440
        int r;                                          \
441
                                                        \
442
        AN(d);                                          \
443
        if (l != vsa_suckaddr_len) {                    \
444
                errno = EINVAL;                         \
445
                return (NULL);                          \
446
        }                                               \
447
                                                        \
448
        sua = d;                                        \
449
                                                        \
450
        INIT_OBJ(sua, SUCKADDR_MAGIC);                  \
451
        sl = sizeof(sua->u);                            \
452
        r = get ## which ## name(fd, &sua->u.sa, &sl);  \
453
                                                        \
454
        return (r == 0 ? sua : NULL);                   \
455
}                                                       \
456
457 613623
VSA_getname(sock)
458 310988
VSA_getname(peer)
459
#undef VSA_getname
460
461
void
462 548275
VSA_free(const struct suckaddr **vsap)
463
{
464
        const struct suckaddr *vsa;
465
466 548275
        TAKE_OBJ_NOTNULL(vsa, vsap, SUCKADDR_MAGIC);
467 548275
        free(TRUST_ME(vsa));
468 548275
}