diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/Makefile | 133 | ||||
-rwxr-xr-x | src/configure | 197 | ||||
-rw-r--r-- | src/daemon.h | 165 | ||||
-rw-r--r-- | src/datatypes.h | 39 | ||||
-rw-r--r-- | src/log.c | 252 | ||||
-rw-r--r-- | src/log.h | 82 | ||||
-rw-r--r-- | src/log_targets.h | 356 | ||||
-rw-r--r-- | src/options.c | 273 | ||||
-rw-r--r-- | src/options.h | 56 | ||||
-rw-r--r-- | src/sig_handler.c | 152 | ||||
-rw-r--r-- | src/sig_handler.h | 35 | ||||
-rw-r--r-- | src/string_list.c | 105 | ||||
-rw-r--r-- | src/string_list.h | 48 | ||||
-rw-r--r-- | src/tcpproxy.c | 179 |
14 files changed, 2072 insertions, 0 deletions
diff --git a/src/Makefile b/src/Makefile new file mode 100644 index 0000000..43c0857 --- /dev/null +++ b/src/Makefile @@ -0,0 +1,133 @@ +## +## tcpproxy +## +## tcpproxy is a simple tcp connection proxy which combines the +## features of rinetd and 6tunnel. tcpproxy supports IPv4 and +## IPv6 and also supports connections from IPv6 to IPv4 +## endpoints and vice versa. +## +## +## Copyright (C) 2010-2011 Christian Pointner <equinox@spreadspace.org> +## +## This file is part of tcpproxy. +## +## tcpproxy is free software: you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation, either version 3 of the License, or +## any later version. +## +## tcpproxy is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with tcpproxy. If not, see <http://www.gnu.org/licenses/>. +## + +ifneq ($(MAKECMDGOALS),distclean) +include include.mk +endif + +EXECUTABLE := tcpproxy + +C_OBJS := log.o \ + options.o \ + string_list.o \ + sig_handler.o \ + tcpproxy.o + +C_SRCS := $(C_OBJS:%.o=%.c) + +.PHONY: clean cleanall distclean manpage install install-bin install-etc install-man uninstall remove purge + +all: $(EXECUTABLE) + +%.d: %.c + @set -e; rm -f $@; \ + $(CC) -MM $(CFLAGS) $< > $@.$$$$; \ + sed 's,\($*\)\.o[ :]*,\1.o $@ : ,g' < $@.$$$$ > $@; \ + rm -f $@.$$$$; echo '(re)building $@' + +ifneq ($(MAKECMDGOALS),distclean) +-include $(C_SRCS:%.c=%.d) +endif + +$(EXECUTABLE): $(C_OBJS) + $(CC) $(C_OBJS) -o $@ $(LDFLAGS) + +%.o: %.c + $(CC) $(CFLAGS) -c $< + +strip: $(EXECUTABLE) + $(STRIP) -s $(EXECUTABLE) + + +distclean: cleanall + find . -name *.o -exec rm -f {} \; + find . -name "*.\~*" -exec rm -rf {} \; + rm -f include.mk + rm -f version.h + +clean: + rm -f *.o + rm -f *.d + rm -f *.d.* + rm -f $(EXECUTABLE) + rm -f $(EXECUTABLE).exe + +cleanall: clean + $(MAKE) --directory="../doc/" clean + +manpage: + $(MAKE) --directory="../doc/" manpage + + +INSTALL_TARGETS := install-bin install-etc +REMOVE_TARGETS := remove-bin remove-etc + +ifdef MANDIR +INSTALL_TARGETS += install-man +REMOVE_TARGETS += remove-man +endif + +ifdef EXAMPLESDIR +INSTALL_TARGETS += install-examples +REMOVE_TARGETS += remove-examples +endif + +install: all $(INSTALL_TARGETS) + +install-bin: $(EXECUTABLE) + $(INSTALL) -d $(DESTDIR)$(SBINDIR) + $(INSTALL) -m 755 $(EXECUTABLE) $(DESTDIR)$(SBINDIR) + +install-etc: + $(INSTALL) -d $(DESTDIR)$(ETCDIR)/$(EXECUTABLE) + @ echo "example configurations can be found at $(EXAMPLESDIR)/$(EXECUTABLE)" > $(DESTDIR)$(ETCDIR)/$(EXECUTABLE)/README + +install-examples: + $(INSTALL) -d $(DESTDIR)$(EXAMPLESDIR)/$(EXECUTABLE) + +install-man: manpage + $(INSTALL) -d $(DESTDIR)$(MANDIR)/man8/ + $(INSTALL) -m 644 ../doc/tcpproxy.8 $(DESTDIR)$(MANDIR)/man8/$(EXECUTABLE).8 + +uninstall: remove + +remove: $(REMOVE_TARGETS) + +remove-bin: + rm -f $(DESTDIR)$(SBINDIR)/$(EXECUTABLE) + +remove-etc: + rm -f $(DESTDIR)$(ETCDIR)/init.d/$(EXECUTABLE) + +remove-examples: + rm -rf $(DESTDIR)$(EXAMPLESDIR)/$(EXECUTABLE)/ + +remove-man: + rm -f $(DESTDIR)$(MANDIR)/man8/$(EXECUTABLE).8 + +purge: remove + rm -rf $(DESTDIR)$(ETCDIR)/$(EXECUTABLE)/ diff --git a/src/configure b/src/configure new file mode 100755 index 0000000..c87f3c2 --- /dev/null +++ b/src/configure @@ -0,0 +1,197 @@ +#!/bin/sh +# +# tcpproxy +# +# tcpproxy is a simple tcp connection proxy which combines the +# features of rinetd and 6tunnel. tcpproxy supports IPv4 and +# IPv6 and also supports connections from IPv6 to IPv4 +# endpoints and vice versa. +# +# +# Copyright (C) 2010-2011 Christian Pointner <equinox@spreadspace.org> +# +# This file is part of tcpproxy. +# +# tcpproxy is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# any later version. +# +# tcpproxy is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with tcpproxy. If not, see <http://www.gnu.org/licenses/>. +# + +TARGET=`uname -s` +EBUILD_COMPAT=0 + +CFLAGS='-g -O2' +LDFLAGS='-g -Wall -O2' + +PREFIX='/usr/local' +SBINDIR='' +ETCDIR='' +MANDIR='' +INSTALLMANPAGE=1 +EXAMPLESDIR='' +INSTALLEXAMPLES=1 + +print_usage() { + echo "configure --help print this" + echo " --target=<TARGET> build target i.e. Linux (default: autodetect)" + echo " --prefix=<PREFIX> the installation prefix (default: /usr/local)" + echo " --sbindir=<DIR> the path to the sbin directory (default: $PREFIX/sbin)" + echo " --sysconfdir=<DIR> the path to the system configuration directory (default: $PREFIX/etc" + echo " --mandir=<DIR> the path to the system man pages (default: $PREFIX/share/man)" + echo " --no-manpage dont't install manpage" + echo " --examplesdir=<DIR> the path to the examples files (default: $PREFIX/share/examples)" + echo " --no-examples dont't install example files" +} + +for arg +do + case $arg in + --target=*) + TARGET=${arg#--target=} + ;; + --prefix=*) + PREFIX=${arg#--prefix=} + ;; + --sbindir=*) + SBINDIR=${arg#--sbindir=} + ;; + --sysconfdir=*) + ETCDIR=${arg#--sysconfdir=} + ;; + --mandir=*) + MANDIR=${arg#--mandir=} + ;; + --no-manpage) + INSTALLMANPAGE=0 + ;; + --examplesdir=*) + EXAMPLESDIR=${arg#--examplesdir=} + ;; + --no-examples) + INSTALLEXAMPLES=0 + ;; + --ebuild-compat) + EBUILD_COMPAT=1 + ;; + --help) + print_usage + exit 0 + ;; + *) + ERRORS="$ERRORS $arg" + ;; + esac +done + +if [ -n "$ERRORS" ] && [ $EBUILD_COMPAT -ne 1 ]; then + for error in $ERRORS; do + echo "Unknown argument: $error" + done + + print_usage + exit 1 +fi + +rm -f version.h +rm -f include.mk +case $TARGET in + Linux) + LDFLAGS=$LDFLAGS' -ldl' + ;; + OpenBSD|FreeBSD|NetBSD|GNU/kFreeBSD) + CFLAGS=$CFLAGS' -I/usr/local/include' + LDFLAGS=$LDFLAGS' -L/usr/local/lib' + ;; + *) + echo "platform not supported" + exit 1; + ;; +esac + +if [ -z "$SBINDIR" ]; then + SBINDIR=$PREFIX/sbin +fi + +if [ -z "$ETCDIR" ]; then + ETCDIR=$PREFIX/etc +fi + +if [ -z "$MANDIR" ]; then + MANDIR=$PREFIX/share/man +fi + +if [ -z "$EXAMPLESDIR" ]; then + EXAMPLESDIR=$PREFIX/share/examples +fi + +cat >> include.mk <<EOF +# this file was created automatically +# do not edit this file directly +# use ./configure instead + +TARGET := '$TARGET' +CC := gcc +CFLAGS := $CFLAGS +LDFLAGS := $LDFLAGS +STRIP := strip +INSTALL := install + +PREFIX := '$PREFIX' +SBINDIR := '$SBINDIR' +ETCDIR := '$ETCDIR' +EOF + +if [ $INSTALLMANPAGE -eq 1 ]; then + echo "MANDIR := '$MANDIR'" >> include.mk + echo "installing manpage" +else + echo "not installing manpage" +fi + +if [ $INSTALLEXAMPLES -eq 1 ]; then + echo "EXAMPLESDIR := '$EXAMPLESDIR'" >> include.mk + echo "installing example files" +else + echo "not installing example files" +fi + +VERSION=`cat ../version` +if which svn >/dev/null; then + SVN_REV=`svn info 2> /dev/null | grep "^Revision: " | awk '{print($2)}'` + if [ -n "$SVN_REV" ]; then + VERSION="$VERSION (svn$SVN_REV)" + fi +fi + +HOSTNAME=`hostname` +DATE=`date +"%d.%m.%Y %H:%M:%S %Z"` + +cat >> version.h <<EOF +/* + * tcpproxy version info + * + * this file was created automatically + * do not edit this file directly + * use ./configure instead + */ + +#ifndef TCPPROXY_version_h_INCLUDED +#define TCPPROXY_version_h_INCLUDED + +#define VERSION_STRING_0 "tcpproxy version $VERSION" +#define VERSION_STRING_1 "built on $HOSTNAME, $DATE" + +#endif + +EOF + +exit 0 diff --git a/src/daemon.h b/src/daemon.h new file mode 100644 index 0000000..a910e4a --- /dev/null +++ b/src/daemon.h @@ -0,0 +1,165 @@ +/* + * tcpproxy + * + * tcpproxy is a simple tcp connection proxy which combines the + * features of rinetd and 6tunnel. tcpproxy supports IPv4 and + * IPv6 and also supports connections from IPv6 to IPv4 + * endpoints and vice versa. + * + * + * Copyright (C) 2010-2011 Christian Pointner <equinox@spreadspace.org> + * + * This file is part of tcpproxy. + * + * tcpproxy is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * any later version. + * + * tcpproxy is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with tcpproxy. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef TCPPROXY_daemon_h_INCLUDED +#define TCPPROXY_daemon_h_INCLUDED + +#include <poll.h> +#include <fcntl.h> +#include <pwd.h> +#include <grp.h> +#include <sys/wait.h> +#include <sys/stat.h> +#include <unistd.h> + +struct priv_info_struct { + struct passwd* pw_; + struct group* gr_; +}; +typedef struct priv_info_struct priv_info_t; + +int priv_init(priv_info_t* priv, const char* username, const char* groupname) +{ + if(!priv) + return -1; + + priv->pw_ = NULL; + priv->gr_ = NULL; + + priv->pw_ = getpwnam(username); + if(!priv->pw_) { + log_printf(ERROR, "unkown user %s", username); + return -1; + } + + if(groupname) + priv->gr_ = getgrnam(groupname); + else + priv->gr_ = getgrgid(priv->pw_->pw_gid); + + if(!priv->gr_) { + log_printf(ERROR, "unkown group %s", groupname); + return -1; + } + + return 0; +} + +int priv_drop(priv_info_t* priv) +{ + if(!priv || !priv->pw_ || !priv->gr_) { + log_printf(ERROR, "privileges not initialized properly"); + return -1; + } + + if(setgid(priv->gr_->gr_gid)) { + log_printf(ERROR, "setgid('%s') failed: %s", priv->gr_->gr_name, strerror(errno)); + return -1; + } + + gid_t gr_list[1]; + gr_list[0] = priv->gr_->gr_gid; + if(setgroups (1, gr_list)) { + log_printf(ERROR, "setgroups(['%s']) failed: %s", priv->gr_->gr_name, strerror(errno)); + return -1; + } + + if(setuid(priv->pw_->pw_uid)) { + log_printf(ERROR, "setuid('%s') failed: %s", priv->pw_->pw_name, strerror(errno)); + return -1; + } + + log_printf(NOTICE, "dropped privileges to %s:%s", priv->pw_->pw_name, priv->gr_->gr_name); + return 0; +} + + +int do_chroot(const char* chrootdir) +{ + if(getuid() != 0) { + log_printf(ERROR, "this program has to be run as root in order to run in a chroot"); + return -1; + } + + if(chroot(chrootdir)) { + log_printf(ERROR, "can't chroot to %s: %s", chrootdir, strerror(errno)); + return -1; + } + log_printf(NOTICE, "we are in chroot jail (%s) now", chrootdir); + if(chdir("/")) { + log_printf(ERROR, "can't change to /: %s", strerror(errno)); + return -1; + } +} + +void daemonize() +{ + pid_t pid; + + pid = fork(); + if(pid < 0) { + log_printf(ERROR, "daemonizing failed at fork(): %s, exitting", strerror(errno)); + exit(-1); + } + if(pid) exit(0); + + umask(0); + + if(setsid() < 0) { + log_printf(ERROR, "daemonizing failed at setsid(): %s, exitting", strerror(errno)); + exit(-1); + } + + pid = fork(); + if(pid < 0) { + log_printf(ERROR, "daemonizing failed at fork(): %s, exitting", strerror(errno)); + exit(-1); + } + if(pid) exit(0); + + if ((chdir("/")) < 0) { + log_printf(ERROR, "daemonizing failed at chdir(): %s, exitting", strerror(errno)); + exit(-1); + } + + int fd; + for (fd=0;fd<=2;fd++) // close all file descriptors + close(fd); + fd = open("/dev/null",O_RDWR); // stdin + if(fd == -1) + log_printf(WARNING, "can't open stdin (chroot and no link to /dev/null?)"); + else { + if(dup(fd) == -1) // stdout + log_printf(WARNING, "can't open stdout"); + if(dup(fd) == -1) // stderr + log_printf(WARNING, "can't open stderr"); + } + umask(027); +} + +#endif + diff --git a/src/datatypes.h b/src/datatypes.h new file mode 100644 index 0000000..deac84d --- /dev/null +++ b/src/datatypes.h @@ -0,0 +1,39 @@ +/* + * tcpproxy + * + * tcpproxy is a simple tcp connection proxy which combines the + * features of rinetd and 6tunnel. tcpproxy supports IPv4 and + * IPv6 and also supports connections from IPv6 to IPv4 + * endpoints and vice versa. + * + * + * Copyright (C) 2010-2011 Christian Pointner <equinox@spreadspace.org> + * + * This file is part of tcpproxy. + * + * tcpproxy is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * any later version. + * + * tcpproxy is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with tcpproxy. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef TCPPROXY_datatypes_h_INCLUDED +#define TCPPROXY_datatypes_h_INCLUDED + +#include <stdint.h> + +struct buffer_struct { + uint32_t length_; + uint8_t* buf_; +}; +typedef struct buffer_struct buffer_t; + +#endif diff --git a/src/log.c b/src/log.c new file mode 100644 index 0000000..c3aa346 --- /dev/null +++ b/src/log.c @@ -0,0 +1,252 @@ +/* + * tcpproxy + * + * tcpproxy is a simple tcp connection proxy which combines the + * features of rinetd and 6tunnel. tcpproxy supports IPv4 and + * IPv6 and also supports connections from IPv6 to IPv4 + * endpoints and vice versa. + * + * + * Copyright (C) 2010-2011 Christian Pointner <equinox@spreadspace.org> + * + * This file is part of tcpproxy. + * + * tcpproxy is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * any later version. + * + * tcpproxy is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with tcpproxy. If not, see <http://www.gnu.org/licenses/>. + */ + +#include "datatypes.h" + +#include <ctype.h> +#include <string.h> +#include <stdarg.h> +#include <stdlib.h> +#include <stdio.h> + +#define SYSLOG_NAMES +#include <syslog.h> + +#include "log.h" + +log_t stdlog; + +#include "log_targets.h" + +const char* log_prio_to_string(log_prio_t prio) +{ + switch(prio) { + case ERROR: return "ERROR"; + case WARNING: return "WARNING"; + case NOTICE: return "NOTICE"; + case INFO: return "INFO"; + case DEBUG: return "DEBUG"; + } + return "UNKNOWN"; +} + +log_target_type_t log_target_parse_type(const char* conf) +{ + if(!conf) + return TARGET_UNKNOWN; + + if(!strncmp(conf, "syslog", 6)) return TARGET_SYSLOG; + if(!strncmp(conf, "file", 4)) return TARGET_FILE; + if(!strncmp(conf, "stdout", 6)) return TARGET_STDOUT; + if(!strncmp(conf, "stderr", 6)) return TARGET_STDERR; + + return TARGET_UNKNOWN; +} + +int log_targets_target_exists(log_targets_t* targets, log_target_type_t type) +{ + if(!targets && !targets->first_) + return 0; + + log_target_t* tmp = targets->first_; + while(tmp) { + if(tmp->type_ == type) + return 1; + tmp = tmp->next_; + } + return 0; +} + +int log_targets_add(log_targets_t* targets, const char* conf) +{ + if(!targets) + return -1; + + log_target_t* new_target = NULL; + int duplicates_allowed = 0; + switch(log_target_parse_type(conf)) { + case TARGET_SYSLOG: new_target = log_target_syslog_new(); break; + case TARGET_FILE: new_target = log_target_file_new(); duplicates_allowed = 1; break; + case TARGET_STDOUT: new_target = log_target_stdout_new(); break; + case TARGET_STDERR: new_target = log_target_stderr_new(); break; + default: return -3; + } + if(!new_target) + return -2; + + if(!duplicates_allowed && log_targets_target_exists(targets, new_target->type_)) { + free(new_target); + return -4; + } + + const char* prioptr = strchr(conf, ':'); + if(!prioptr || prioptr[1] == 0) { + free(new_target); + return -1; + } + prioptr++; + if(!isdigit(prioptr[0]) || (prioptr[1] != 0 && prioptr[1] != ',')) { + free(new_target); + return -1; + } + new_target->max_prio_ = prioptr[0] - '0'; + if(new_target->max_prio_ > 0) + new_target->enabled_ = 1; + + if(new_target->init != NULL) { + const char* confptr = NULL; + if(prioptr[1] != 0) + confptr = prioptr+2; + + int ret = (*new_target->init)(new_target, confptr); + if(ret) { + free(new_target); + return ret; + } + } + + if(new_target->open != NULL) + (*new_target->open)(new_target); + + + if(!targets->first_) { + targets->first_ = new_target; + } + else { + log_target_t* tmp = targets->first_; + while(tmp->next_) + tmp = tmp->next_; + + tmp->next_ = new_target; + } + return 0; +} + +void log_targets_log(log_targets_t* targets, log_prio_t prio, const char* msg) +{ + if(!targets) + return; + + log_target_t* tmp = targets->first_; + while(tmp) { + if(tmp->log != NULL && tmp->enabled_ && tmp->max_prio_ >= prio) + (*tmp->log)(tmp, prio, msg); + + tmp = tmp->next_; + } +} + +void log_targets_clear(log_targets_t* targets) +{ + if(!targets) + return; + + while(targets->first_) { + log_target_t* tmp = targets->first_; + targets->first_ = tmp->next_; + if(tmp->close != NULL) + (*tmp->close)(tmp); + if(tmp->clear != NULL) + (*tmp->clear)(tmp); + free(tmp); + } +} + + +void log_init() +{ + stdlog.max_prio_ = 0; + stdlog.targets_.first_ = NULL; +} + +void log_close() +{ + log_targets_clear(&stdlog.targets_); +} + +void update_max_prio() +{ + log_target_t* tmp = stdlog.targets_.first_; + while(tmp) { + if(tmp->enabled_ && tmp->max_prio_ > stdlog.max_prio_) + stdlog.max_prio_ = tmp->max_prio_; + + tmp = tmp->next_; + } +} + +int log_add_target(const char* conf) +{ + if(!conf) + return -1; + + int ret = log_targets_add(&stdlog.targets_, conf); + if(!ret) update_max_prio(); + return ret; +} + +void log_printf(log_prio_t prio, const char* fmt, ...) +{ + if(stdlog.max_prio_ < prio) + return; + + static char msg[MSG_LENGTH_MAX]; + va_list args; + + va_start(args, fmt); + vsnprintf(msg, MSG_LENGTH_MAX, fmt, args); + va_end(args); + + log_targets_log(&stdlog.targets_, prio, msg); +} + +void log_print_hex_dump(log_prio_t prio, const uint8_t* buf, uint32_t len) +{ + if(stdlog.max_prio_ < prio) + return; + + static char msg[MSG_LENGTH_MAX]; + + if(!buf) { + snprintf(msg, MSG_LENGTH_MAX, "(NULL)"); + } + else { + uint32_t i; + int offset = snprintf(msg, MSG_LENGTH_MAX, "dump(%d): ", len); + if(offset < 0) + return; + uint8_t* ptr = &msg[offset]; + + for(i=0; i < len; i++) { + if(((i+1)*3) >= (MSG_LENGTH_MAX - offset)) + break; + snprintf(ptr, 3, "%02X ", buf[i]); + ptr+=3; + } + } + log_targets_log(&stdlog.targets_, prio, msg); +} diff --git a/src/log.h b/src/log.h new file mode 100644 index 0000000..cde20ac --- /dev/null +++ b/src/log.h @@ -0,0 +1,82 @@ +/* + * tcpproxy + * + * tcpproxy is a simple tcp connection proxy which combines the + * features of rinetd and 6tunnel. tcpproxy supports IPv4 and + * IPv6 and also supports connections from IPv6 to IPv4 + * endpoints and vice versa. + * + * + * Copyright (C) 2010-2011 Christian Pointner <equinox@spreadspace.org> + * + * This file is part of tcpproxy. + * + * tcpproxy is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * any later version. + * + * tcpproxy is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with tcpproxy. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef TCPPROXY_log_h_INCLUDED +#define TCPPROXY_log_h_INCLUDED + +#define MSG_LENGTH_MAX 1024 + +enum log_prio_enum { ERROR = 1, WARNING = 2, NOTICE = 3, + INFO = 4, DEBUG = 5 }; +typedef enum log_prio_enum log_prio_t; + +const char* log_prio_to_string(log_prio_t prio); + +enum log_target_type_enum { TARGET_SYSLOG , TARGET_STDOUT, TARGET_STDERR, TARGET_FILE , TARGET_UNKNOWN }; +typedef enum log_target_type_enum log_target_type_t; + +struct log_target_struct { + log_target_type_t type_; + int (*init)(struct log_target_struct* self, const char* conf); + void (*open)(struct log_target_struct* self); + void (*log)(struct log_target_struct* self, log_prio_t prio, const char* msg); + void (*close)(struct log_target_struct* self); + void (*clear)(struct log_target_struct* self); + int opened_; + int enabled_; + log_prio_t max_prio_; + void* param_; + struct log_target_struct* next_; +}; +typedef struct log_target_struct log_target_t; + + +struct log_targets_struct { + log_target_t* first_; +}; +typedef struct log_targets_struct log_targets_t; + +int log_targets_target_exists(log_targets_t* targets, log_target_type_t type); +int log_targets_add(log_targets_t* targets, const char* conf); +void log_targets_log(log_targets_t* targets, log_prio_t prio, const char* msg); +void log_targets_clear(log_targets_t* targets); + + +struct log_struct { + log_prio_t max_prio_; + log_targets_t targets_; +}; +typedef struct log_struct log_t; + +void log_init(); +void log_close(); +void update_max_prio(); +int log_add_target(const char* conf); +void log_printf(log_prio_t prio, const char* fmt, ...); +void log_print_hex_dump(log_prio_t prio, const uint8_t* buf, uint32_t len); + +#endif diff --git a/src/log_targets.h b/src/log_targets.h new file mode 100644 index 0000000..5ee3a39 --- /dev/null +++ b/src/log_targets.h @@ -0,0 +1,356 @@ +/* + * tcpproxy + * + * tcpproxy is a simple tcp connection proxy which combines the + * features of rinetd and 6tunnel. tcpproxy supports IPv4 and + * IPv6 and also supports connections from IPv6 to IPv4 + * endpoints and vice versa. + * + * + * Copyright (C) 2010-2011 Christian Pointner <equinox@spreadspace.org> + * + * This file is part of tcpproxy. + * + * tcpproxy is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * any later version. + * + * tcpproxy is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with tcpproxy. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef TCPPROXY_log_targets_h_INCLUDED +#define TCPPROXY_log_targets_h_INCLUDED + +#include <time.h> + +static char* get_time_formatted() +{ + char* time_string; + time_t t = time(NULL); + if(t < 0) + time_string = "<time read error>"; + else { + time_string = ctime(&t); + if(!time_string) + time_string = "<time format error>"; + else { + char* newline = strchr(time_string, '\n'); + if(newline) + newline[0] = 0; + } + } + return time_string; +} + +#ifndef WINVER +enum syslog_facility_enum { USER = LOG_USER, MAIL = LOG_MAIL, + DAEMON = LOG_DAEMON, AUTH = LOG_AUTH, + SYSLOG = LOG_SYSLOG, LPR = LOG_LPR, + NEWS = LOG_NEWS, UUCP = LOG_UUCP, + CRON = LOG_CRON, AUTHPRIV = LOG_AUTHPRIV, + FTP = LOG_FTP, LOCAL0 = LOG_LOCAL0, + LOCAL1 = LOG_LOCAL1, LOCAL2 = LOG_LOCAL2, + LOCAL3 = LOG_LOCAL3, LOCAL4 = LOG_LOCAL4, + LOCAL5 = LOG_LOCAL5, LOCAL6 = LOG_LOCAL6, + LOCAL7 = LOG_LOCAL7 }; +typedef enum syslog_facility_enum syslog_facility_t; + +struct log_target_syslog_param_struct { + char* logname_; + syslog_facility_t facility_; +}; +typedef struct log_target_syslog_param_struct log_target_syslog_param_t; + +int log_target_syslog_init(log_target_t* self, const char* conf) +{ + if(!self || (conf && conf[0] == 0)) + return -1; + + self->param_ = malloc(sizeof(log_target_syslog_param_t)); + if(!self->param_) + return -2; + + char* logname; + const char* end = NULL; + if(!conf) + logname = strdup("tcpproxy"); + else { + end = strchr(conf, ','); + if(end) { + size_t len = (size_t)(end - conf); + if(!len) { + free(self->param_); + return -1; + } + logname = malloc(len+1); + if(logname) { + strncpy(logname, conf, len); + logname[len] = 0; + } + } + else + logname = strdup(conf); + } + + if(!logname) { + free(self->param_); + return -2; + } + ((log_target_syslog_param_t*)(self->param_))->logname_ = logname; + + if(!end) { + ((log_target_syslog_param_t*)(self->param_))->facility_ = DAEMON; + return 0; + } + + if(end[1] == 0 || end[1] == ',') { + free(logname); + free(self->param_); + return -1; + } + + const char* start = end + 1; + end = strchr(start, ','); + int i; + for(i=0;;++i) { + if(facilitynames[i].c_name == NULL) { + free(logname); + free(self->param_); + return -1; + } + + if(( end && !strncmp(start, facilitynames[i].c_name, (size_t)(end - start)) && facilitynames[i].c_name[(size_t)(end-start)] == 0) || + (!end && !strcmp(start, facilitynames[i].c_name))) { + ((log_target_syslog_param_t*)(self->param_))->facility_ = facilitynames[i].c_val; + break; + } + } + + return 0; +} + +void log_target_syslog_open(log_target_t* self) +{ + if(!self || !self->param_) + return; + + openlog(((log_target_syslog_param_t*)(self->param_))->logname_, LOG_PID, ((log_target_syslog_param_t*)(self->param_))->facility_); + self->opened_ = 1; +} + +void log_target_syslog_log(log_target_t* self, log_prio_t prio, const char* msg) +{ + if(!self || !self->param_ || !self->opened_) + return; + + syslog((prio + 2) | ((log_target_syslog_param_t*)(self->param_))->facility_, "%s", msg); +} + +void log_target_syslog_close(log_target_t* self) +{ + closelog(); + self->opened_ = 0; +} + +void log_target_syslog_clear(log_target_t* self) +{ + if(!self || !self->param_) + return; + + if(((log_target_syslog_param_t*)(self->param_))->logname_) + free(((log_target_syslog_param_t*)(self->param_))->logname_); + + free(self->param_); +} + +log_target_t* log_target_syslog_new() +{ + log_target_t* tmp = malloc(sizeof(log_target_t)); + if(!tmp) + return NULL; + + tmp->type_ = TARGET_SYSLOG; + tmp->init = &log_target_syslog_init; + tmp->open = &log_target_syslog_open; + tmp->log = &log_target_syslog_log; + tmp->close = &log_target_syslog_close; + tmp->clear = &log_target_syslog_clear; + tmp->opened_ = 0; + tmp->enabled_ = 0; + tmp->max_prio_ = NOTICE; + tmp->param_ = NULL; + tmp->next_ = NULL; + + return tmp; +} +#endif + +struct log_target_file_param_struct { + char* logfilename_; + FILE* file_; +}; +typedef struct log_target_file_param_struct log_target_file_param_t; + +int log_target_file_init(log_target_t* self, const char* conf) +{ + if(!self || (conf && conf[0] == 0)) + return -1; + + self->param_ = malloc(sizeof(log_target_file_param_t)); + if(!self->param_) + return -2; + + char* logfilename; + if(!conf) + logfilename = strdup("tcpproxy.log"); + else { + const char* end = strchr(conf, ','); + if(end) { + size_t len = (size_t)(end - conf); + if(!len) { + free(self->param_); + return -1; + } + logfilename = malloc(len+1); + if(logfilename) { + strncpy(logfilename, conf, len); + logfilename[len] = 0; + } + } + else + logfilename = strdup(conf); + } + + if(!logfilename) { + free(self->param_); + return -2; + } + ((log_target_file_param_t*)(self->param_))->logfilename_ = logfilename; + ((log_target_file_param_t*)(self->param_))->file_ = NULL; + + return 0; +} + +void log_target_file_open(log_target_t* self) +{ + if(!self || !self->param_) + return; + + ((log_target_file_param_t*)(self->param_))->file_ = fopen(((log_target_file_param_t*)(self->param_))->logfilename_, "w"); + if(((log_target_file_param_t*)(self->param_))->file_) + self->opened_ = 1; +} + +void log_target_file_log(log_target_t* self, log_prio_t prio, const char* msg) +{ + if(!self || !self->param_ || !self->opened_) + return; + + fprintf(((log_target_file_param_t*)(self->param_))->file_, "%s %s: %s\n", get_time_formatted(), log_prio_to_string(prio), msg); + fflush(((log_target_file_param_t*)(self->param_))->file_); +} + +void log_target_file_close(log_target_t* self) +{ + if(!self || !self->param_) + return; + + fclose(((log_target_file_param_t*)(self->param_))->file_); + self->opened_ = 0; +} + +void log_target_file_clear(log_target_t* self) +{ + if(!self || !self->param_) + return; + + if(((log_target_file_param_t*)(self->param_))->logfilename_) + free(((log_target_file_param_t*)(self->param_))->logfilename_); + + free(self->param_); +} + + +log_target_t* log_target_file_new() +{ + log_target_t* tmp = malloc(sizeof(log_target_t)); + if(!tmp) + return NULL; + + tmp->type_ = TARGET_FILE; + tmp->init = &log_target_file_init; + tmp->open = &log_target_file_open; + tmp->log = &log_target_file_log; + tmp->close = &log_target_file_close; + tmp->clear = &log_target_file_clear; + tmp->opened_ = 0; + tmp->enabled_ = 0; + tmp->max_prio_ = NOTICE; + tmp->param_ = NULL; + tmp->next_ = NULL; + + return tmp; +} + + +void log_target_stdout_log(log_target_t* self, log_prio_t prio, const char* msg) +{ + printf("%s %s: %s\n", get_time_formatted(), log_prio_to_string(prio), msg); +} + +log_target_t* log_target_stdout_new() +{ + log_target_t* tmp = malloc(sizeof(log_target_t)); + if(!tmp) + return NULL; + + tmp->type_ = TARGET_STDOUT; + tmp->init = NULL; + tmp->open = NULL; + tmp->log = &log_target_stdout_log; + tmp->close = NULL; + tmp->clear = NULL; + tmp->opened_ = 0; + tmp->enabled_ = 0; + tmp->max_prio_ = NOTICE; + tmp->param_ = NULL; + tmp->next_ = NULL; + + return tmp; +} + + +void log_target_stderr_log(log_target_t* self, log_prio_t prio, const char* msg) +{ + fprintf(stderr, "%s %s: %s\n", get_time_formatted(), log_prio_to_string(prio), msg); +} + +log_target_t* log_target_stderr_new() +{ + log_target_t* tmp = malloc(sizeof(log_target_t)); + if(!tmp) + return NULL; + + tmp->type_ = TARGET_STDERR; + tmp->init = NULL; + tmp->open = NULL; + tmp->log = &log_target_stderr_log; + tmp->close = NULL; + tmp->clear = NULL; + tmp->opened_ = 0; + tmp->enabled_ = 0; + tmp->max_prio_ = NOTICE; + tmp->param_ = NULL; + tmp->next_ = NULL; + + return tmp; +} + +#endif diff --git a/src/options.c b/src/options.c new file mode 100644 index 0000000..76b93e3 --- /dev/null +++ b/src/options.c @@ -0,0 +1,273 @@ +/* + * tcpproxy + * + * tcpproxy is a simple tcp connection proxy which combines the + * features of rinetd and 6tunnel. tcpproxy supports IPv4 and + * IPv6 and also supports connections from IPv6 to IPv4 + * endpoints and vice versa. + * + * + * Copyright (C) 2010-2011 Christian Pointner <equinox@spreadspace.org> + * + * This file is part of tcpproxy. + * + * tcpproxy is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * any later version. + * + * tcpproxy is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with tcpproxy. If not, see <http://www.gnu.org/licenses/>. + */ + +#include "datatypes.h" +#include "version.h" + +#include "options.h" + +#include <stdlib.h> +#include <stdio.h> +#include <string.h> +#include <ctype.h> + +#define PARSE_BOOL_PARAM(SHORT, LONG, VALUE) \ + else if(!strcmp(str,SHORT) || !strcmp(str,LONG)) \ + VALUE = 1; + +#define PARSE_INVERSE_BOOL_PARAM(SHORT, LONG, VALUE) \ + else if(!strcmp(str,SHORT) || !strcmp(str,LONG)) \ + VALUE = 0; + +#define PARSE_INT_PARAM(SHORT, LONG, VALUE) \ + else if(!strcmp(str,SHORT) || !strcmp(str,LONG)) \ + { \ + if(argc < 1) \ + return i; \ + VALUE = atoi(argv[i+1]); \ + argc--; \ + i++; \ + } + +#define PARSE_STRING_PARAM(SHORT, LONG, VALUE) \ + else if(!strcmp(str,SHORT) || !strcmp(str,LONG)) \ + { \ + if(argc < 1 || argv[i+1][0] == '-') \ + return i; \ + if(VALUE) free(VALUE); \ + VALUE = strdup(argv[i+1]); \ + if(!VALUE) \ + return -2; \ + argc--; \ + i++; \ + } + +#define PARSE_STRING_PARAM_SEC(SHORT, LONG, VALUE) \ + else if(!strcmp(str,SHORT) || !strcmp(str,LONG)) \ + { \ + if(argc < 1 || argv[i+1][0] == '-') \ + return i; \ + if(VALUE) free(VALUE); \ + VALUE = strdup(argv[i+1]); \ + if(!VALUE) \ + return -2; \ + size_t j; \ + for(j=0; j < strlen(argv[i+1]); ++j) \ + argv[i+1][j] = '#'; \ + argc--; \ + i++; \ + } + +#define PARSE_HEXSTRING_PARAM_SEC(SHORT, LONG, VALUE) \ + else if(!strcmp(str,SHORT) || !strcmp(str,LONG)) \ + { \ + if(argc < 1 || argv[i+1][0] == '-') \ + return i; \ + int ret; \ + ret = options_parse_hex_string(argv[i+1], &VALUE); \ + if(ret > 0) \ + return i+1; \ + else if(ret < 0) \ + return ret; \ + size_t j; \ + for(j=0; j < strlen(argv[i+1]); ++j) \ + argv[i+1][j] = '#'; \ + argc--; \ + i++; \ + } + +#define PARSE_STRING_LIST(SHORT, LONG, LIST) \ + else if(!strcmp(str,SHORT) || !strcmp(str,LONG)) \ + { \ + if(argc < 1 || argv[i+1][0] == '-') \ + return i; \ + int ret = string_list_add(&LIST, argv[i+1]); \ + if(ret == -2) \ + return ret; \ + else if(ret) \ + return i+1; \ + argc--; \ + i++; \ + } + +int options_parse_hex_string(const char* hex, buffer_t* buffer) +{ + if(!hex || !buffer) + return -1; + + uint32_t hex_len = strlen(hex); + if(hex_len%2) + return 1; + + if(buffer->buf_) + free(buffer->buf_); + + buffer->length_ = hex_len/2; + buffer->buf_ = malloc(buffer->length_); + if(!buffer->buf_) { + buffer->length_ = 0; + return -2; + } + + const char* ptr = hex; + int i; + for(i=0;i<buffer->length_;++i) { + uint32_t tmp; + sscanf(ptr, "%2X", &tmp); + buffer->buf_[i] = (uint8_t)tmp; + ptr += 2; + } + + return 0; +} + + +int options_parse(options_t* opt, int argc, char* argv[]) +{ + if(!opt) + return -1; + + options_default(opt); + + if(opt->progname_) + free(opt->progname_); + opt->progname_ = strdup(argv[0]); + if(!opt->progname_) + return -2; + + argc--; + + int i; + for(i=1; argc > 0; ++i) + { + char* str = argv[i]; + argc--; + + if(!strcmp(str,"-h") || !strcmp(str,"--help")) + return -1; + else if(!strcmp(str,"-v") || !strcmp(str,"--version")) + return -3; + PARSE_INVERSE_BOOL_PARAM("-D","--nodaemonize", opt->daemonize_) + PARSE_STRING_PARAM("-u","--username", opt->username_) + PARSE_STRING_PARAM("-g","--groupname", opt->groupname_) + PARSE_STRING_PARAM("-C","--chroot", opt->chroot_dir_) + PARSE_STRING_PARAM("-P","--write-pid", opt->pid_file_) + PARSE_STRING_LIST("-L","--log", opt->log_targets_) + PARSE_BOOL_PARAM("-U", "--debug", opt->debug_) + else + return i; + } + + if(opt->debug_) { + string_list_add(&opt->log_targets_, "stdout:5"); + opt->daemonize_ = 0; + } + + if(!opt->log_targets_.first_) { + string_list_add(&opt->log_targets_, "syslog:3,tcpproxy,daemon"); + } + + return 0; +} + +void options_parse_post(options_t* opt) +{ + if(!opt) + return; + + // nothing yet +} + +void options_default(options_t* opt) +{ + if(!opt) + return; + + opt->progname_ = strdup("tcpproxy"); + opt->daemonize_ = 1; + opt->username_ = NULL; + opt->groupname_ = NULL; + opt->chroot_dir_ = NULL; + opt->pid_file_ = NULL; + string_list_init(&opt->log_targets_); + opt->debug_ = 0; +} + +void options_clear(options_t* opt) +{ + if(!opt) + return; + + if(opt->progname_) + free(opt->progname_); + if(opt->username_) + free(opt->username_); + if(opt->groupname_) + free(opt->groupname_); + if(opt->chroot_dir_) + free(opt->chroot_dir_); + if(opt->pid_file_) + free(opt->pid_file_); + string_list_clear(&opt->log_targets_); +} + +void options_print_usage() +{ + printf("USAGE:\n"); + printf("tcpproxy [-h|--help] prints this...\n"); + printf(" [-v|--version] print version info and exit\n"); + printf(" [-D|--nodaemonize] don't run in background\n"); + printf(" [-u|--username] <username> change to this user\n"); + printf(" [-g|--groupname] <groupname> change to this group\n"); + printf(" [-C|--chroot] <path> chroot to this directory\n"); + printf(" [-P|--write-pid] <path> write pid to this file\n"); + printf(" [-L|--log] <target>:<level>[,<param1>[,<param2>..]]\n"); + printf(" add a log target, can be invoked several times\n"); + printf(" [-U|--debug] don't daemonize and log to stdout with maximum log level\n"); +} + +void options_print_version() +{ + printf("%s\n", VERSION_STRING_0); + printf("%s\n", VERSION_STRING_1); +} + +void options_print(options_t* opt) +{ + if(!opt) + return; + + printf("progname: '%s'\n", opt->progname_); + printf("daemonize: %d\n", opt->daemonize_); + printf("username: '%s'\n", opt->username_); + printf("groupname: '%s'\n", opt->groupname_); + printf("chroot_dir: '%s'\n", opt->chroot_dir_); + printf("pid_file: '%s'\n", opt->pid_file_); + printf("log_targets: \n"); + string_list_print(&opt->log_targets_, " '", "'\n"); + printf("debug: %s\n", !opt->debug_ ? "false" : "true"); +} diff --git a/src/options.h b/src/options.h new file mode 100644 index 0000000..e3a980d --- /dev/null +++ b/src/options.h @@ -0,0 +1,56 @@ +/* + * tcpproxy + * + * tcpproxy is a simple tcp connection proxy which combines the + * features of rinetd and 6tunnel. tcpproxy supports IPv4 and + * IPv6 and also supports connections from IPv6 to IPv4 + * endpoints and vice versa. + * + * + * Copyright (C) 2010-2011 Christian Pointner <equinox@spreadspace.org> + * + * This file is part of tcpproxy. + * + * tcpproxy is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * any later version. + * + * tcpproxy is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with tcpproxy. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef TCPPROXY_options_h_INCLUDED +#define TCPPROXY_options_h_INCLUDED + +#include "string_list.h" +#include "datatypes.h" + +struct options_struct { + char* progname_; + int daemonize_; + char* username_; + char* groupname_; + char* chroot_dir_; + char* pid_file_; + string_list_t log_targets_; + int debug_; +}; +typedef struct options_struct options_t; + +int options_parse_hex_string(const char* hex, buffer_t* buffer); + +int options_parse(options_t* opt, int argc, char* argv[]); +void options_parse_post(options_t* opt); +void options_default(options_t* opt); +void options_clear(options_t* opt); +void options_print_usage(); +void options_print_version(); +void options_print(options_t* opt); + +#endif diff --git a/src/sig_handler.c b/src/sig_handler.c new file mode 100644 index 0000000..6e6a04a --- /dev/null +++ b/src/sig_handler.c @@ -0,0 +1,152 @@ +/* + * tcpproxy + * + * tcpproxy is a simple tcp connection proxy which combines the + * features of rinetd and 6tunnel. tcpproxy supports IPv4 and + * IPv6 and also supports connections from IPv6 to IPv4 + * endpoints and vice versa. + * + * + * Copyright (C) 2010-2011 Christian Pointner <equinox@spreadspace.org> + * + * This file is part of tcpproxy. + * + * tcpproxy is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * any later version. + * + * tcpproxy is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with tcpproxy. If not, see <http://www.gnu.org/licenses/>. + */ + +#include "datatypes.h" + +#include "log.h" + +#include "sig_handler.h" +#include <errno.h> + +#include <signal.h> +#include <unistd.h> +#include <fcntl.h> + +static int sig_pipe_fds[2]; + +static void sig_handler(int sig) +{ + sigset_t set; + int ret = read(sig_pipe_fds[0], &set, sizeof(sigset_t)); + if(ret != sizeof(sigset_t)) + sigemptyset(&set); + + sigaddset(&set, sig); + ret = write(sig_pipe_fds[1], &set, sizeof(sigset_t)); +} + + +int signal_init() +{ + if(pipe(sig_pipe_fds)) { + log_printf(ERROR, "signal handling init failed (pipe error: %s)", strerror(errno)); + return -1; + } + + int i; + for(i=0; i<2; ++i) { + int fd_flags = fcntl(sig_pipe_fds[i], F_GETFL); + if(fd_flags == -1) { + log_printf(ERROR, "signal handling init failed (pipe fd[%d] read flags error: %s)", i, strerror(errno)); + return -1; + } + if(fcntl(sig_pipe_fds[i], F_SETFL, fd_flags | O_NONBLOCK) == -1){ + log_printf(ERROR, "signal handling init failed (pipe fd[%d] write flags error: %s)", i, strerror(errno)); + return -1; + } + } + + struct sigaction act, act_ign; + act.sa_handler = sig_handler; + sigfillset(&act.sa_mask); + act.sa_flags = 0; + act_ign.sa_handler = SIG_IGN; + sigfillset(&act_ign.sa_mask); + act_ign.sa_flags = 0; + + if((sigaction(SIGINT, &act, NULL) < 0) || + (sigaction(SIGQUIT, &act, NULL) < 0) || + (sigaction(SIGTERM, &act, NULL) < 0) || + (sigaction(SIGHUP, &act, NULL) < 0) || + (sigaction(SIGUSR1, &act, NULL) < 0) || + (sigaction(SIGUSR2, &act, NULL) < 0) || + (sigaction(SIGPIPE, &act_ign, NULL) < 0)) { + + log_printf(ERROR, "signal handling init failed (sigaction error: %s)", strerror(errno)); + close(sig_pipe_fds[0]); + close(sig_pipe_fds[1]); + } + + return sig_pipe_fds[0]; +} + +int signal_handle() +{ + sigset_t set, oldset, tmpset; + + sigemptyset(&tmpset); + sigaddset(&tmpset, SIGINT); + sigaddset(&tmpset, SIGQUIT); + sigaddset(&tmpset, SIGTERM); + sigaddset(&tmpset, SIGHUP); + sigaddset(&tmpset, SIGUSR1); + sigaddset(&tmpset, SIGUSR2); + sigprocmask(SIG_BLOCK, &tmpset, &oldset); + + int ret = read(sig_pipe_fds[0], &set, sizeof(sigset_t)); + if(ret != sizeof(sigset_t)) + sigemptyset(&set); + + int return_value = 0; + int sig; + for(sig=1; sig < NSIG; ++sig) { + if(sigismember(&set, sig)) { + switch(sig) { + case SIGINT: log_printf(NOTICE, "SIG-Int caught, exitting"); return_value = 1; break; + case SIGQUIT: log_printf(NOTICE, "SIG-Quit caught, exitting"); return_value = 1; break; + case SIGTERM: log_printf(NOTICE, "SIG-Term caught, exitting"); return_value = 1; break; + case SIGHUP: log_printf(NOTICE, "SIG-Hup caught"); break; + case SIGUSR1: log_printf(NOTICE, "SIG-Usr1 caught"); break; + case SIGUSR2: log_printf(NOTICE, "SIG-Usr2 caught"); break; + default: log_printf(WARNING, "unknown signal %d caught, ignoring", sig); break; + } + sigdelset(&set, sig); + } + } + + sigprocmask(SIG_SETMASK, &oldset, NULL); + return return_value; +} + +void signal_stop() +{ + struct sigaction act; + act.sa_handler = SIG_DFL; + sigemptyset(&act.sa_mask); + act.sa_flags = 0; + + sigaction(SIGINT, &act, NULL); + sigaction(SIGQUIT, &act, NULL); + sigaction(SIGTERM, &act, NULL); + sigaction(SIGHUP, &act, NULL); + sigaction(SIGUSR1, &act, NULL); + sigaction(SIGUSR2, &act, NULL); + sigaction(SIGPIPE, &act, NULL); + + close(sig_pipe_fds[0]); + close(sig_pipe_fds[1]); +} diff --git a/src/sig_handler.h b/src/sig_handler.h new file mode 100644 index 0000000..eb19abf --- /dev/null +++ b/src/sig_handler.h @@ -0,0 +1,35 @@ +/* + * tcpproxy + * + * tcpproxy is a simple tcp connection proxy which combines the + * features of rinetd and 6tunnel. tcpproxy supports IPv4 and + * IPv6 and also supports connections from IPv6 to IPv4 + * endpoints and vice versa. + * + * + * Copyright (C) 2010-2011 Christian Pointner <equinox@spreadspace.org> + * + * This file is part of tcpproxy. + * + * tcpproxy is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * any later version. + * + * tcpproxy is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with tcpproxy. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef TCPPROXY_sig_handler_h_INCLUDED +#define TCPPROXY_sig_handler_h_INCLUDED + +int signal_init(); +int signal_handle(); +void signal_stop(); + +#endif diff --git a/src/string_list.c b/src/string_list.c new file mode 100644 index 0000000..3c7316d --- /dev/null +++ b/src/string_list.c @@ -0,0 +1,105 @@ +/* + * tcpproxy + * + * tcpproxy is a simple tcp connection proxy which combines the + * features of rinetd and 6tunnel. tcpproxy supports IPv4 and + * IPv6 and also supports connections from IPv6 to IPv4 + * endpoints and vice versa. + * + * + * Copyright (C) 2010-2011 Christian Pointner <equinox@spreadspace.org> + * + * This file is part of tcpproxy. + * + * tcpproxy is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * any later version. + * + * tcpproxy is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with tcpproxy. If not, see <http://www.gnu.org/licenses/>. + */ + +#include <string.h> +#include <stdlib.h> +#include <stdio.h> + +#include "string_list.h" + +void string_list_init(string_list_t* list) +{ + if(!list) + return; + + list->first_ = NULL; +} + +void string_list_clear(string_list_t* list) +{ + if(!list) + return; + + while(list->first_) { + string_list_element_t* tmp; + tmp = list->first_; + list->first_ = tmp->next_; + if(tmp->string_) + free(tmp->string_); + free(tmp); + } +} + +int string_list_add(string_list_t* list, const char* string) +{ + if(!list) + return -1; + + if(!list->first_) { + list->first_ = malloc(sizeof(string_list_element_t)); + if(!list->first_) + return -2; + + list->first_->next_ = 0; + list->first_->string_ = strdup(string); + if(!list->first_->string_) { + free(list->first_); + list->first_ = NULL; + return -2; + } + } + else { + string_list_element_t* tmp = list->first_; + while(tmp->next_) + tmp = tmp->next_; + + tmp->next_ = malloc(sizeof(string_list_element_t)); + if(!tmp->next_) + return -2; + + tmp->next_->next_ = 0; + tmp->next_->string_ = strdup(string); + if(!tmp->next_->string_) { + free(tmp->next_); + tmp->next_ = NULL; + return -2; + } + } + return 0; +} + +void string_list_print(string_list_t* list, const char* head, const char* tail) +{ + if(!list) + return; + + string_list_element_t* tmp = list->first_; + while(tmp) { + printf("%s%s%s", head, tmp->string_, tail); + tmp = tmp->next_; + } +} diff --git a/src/string_list.h b/src/string_list.h new file mode 100644 index 0000000..a9095db --- /dev/null +++ b/src/string_list.h @@ -0,0 +1,48 @@ +/* + * tcpproxy + * + * tcpproxy is a simple tcp connection proxy which combines the + * features of rinetd and 6tunnel. tcpproxy supports IPv4 and + * IPv6 and also supports connections from IPv6 to IPv4 + * endpoints and vice versa. + * + * + * Copyright (C) 2010-2011 Christian Pointner <equinox@spreadspace.org> + * + * This file is part of tcpproxy. + * + * tcpproxy is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * any later version. + * + * tcpproxy is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with tcpproxy. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef TCPPROXY_string_list_h_INCLUDED +#define TCPPROXY_string_list_h_INCLUDED + +struct string_list_element_struct { + char* string_; + struct string_list_element_struct* next_; +}; +typedef struct string_list_element_struct string_list_element_t; + +struct string_list_struct { + string_list_element_t* first_; +}; +typedef struct string_list_struct string_list_t; + +void string_list_init(string_list_t* list); +void string_list_clear(string_list_t* list); +int string_list_add(string_list_t* list, const char* string); + +void string_list_print(string_list_t* list, const char* head, const char* tail); + +#endif diff --git a/src/tcpproxy.c b/src/tcpproxy.c new file mode 100644 index 0000000..68add0f --- /dev/null +++ b/src/tcpproxy.c @@ -0,0 +1,179 @@ +/* + * tcpproxy + * + * tcpproxy is a simple tcp connection proxy which combines the + * features of rinetd and 6tunnel. tcpproxy supports IPv4 and + * IPv6 and also supports connections from IPv6 to IPv4 + * endpoints and vice versa. + * + * + * Copyright (C) 2010-2011 Christian Pointner <equinox@spreadspace.org> + * + * This file is part of tcpproxy. + * + * tcpproxy is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * any later version. + * + * tcpproxy is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with tcpproxy. If not, see <http://www.gnu.org/licenses/>. + */ + +#include <stdlib.h> +#include <stdio.h> +#include <errno.h> +#include <string.h> + +#include "datatypes.h" +#include "options.h" +#include "string_list.h" +#include "log.h" +#include "daemon.h" + +int main_loop(options_t* opt) +{ + log_printf(INFO, "entering main loop"); + + int return_value = 0; + int sig_fd = signal_init(); + if(sig_fd < 0) + return_value -1; + + fd_set readfds, readyfds; + FD_ZERO(&readfds); + FD_SET(sig_fd, &readfds); + int nfds = (nfds < sig_fd) ? sig_fd : nfds; + + while(!return_value) { + memcpy(&readyfds, &readfds, sizeof(readyfds)); + int ret = select(nfds + 1, &readyfds, NULL, NULL, NULL); + if(ret == -1 && errno != EINTR) { + log_printf(ERROR, "select returned with error: %s", strerror(errno)); + return_value = -1; + break; + } + if(!ret || ret == -1) + continue; + + if(FD_ISSET(sig_fd, &readyfds)) { + if(signal_handle()) { + return_value = 1; + break; + } + } + } + + signal_stop(); + return return_value; +} + +int main(int argc, char* argv[]) +{ + log_init(); + + options_t opt; + int ret = options_parse(&opt, argc, argv); + if(ret) { + if(ret > 0) { + fprintf(stderr, "syntax error near: %s\n\n", argv[ret]); + } + if(ret == -2) { + fprintf(stderr, "memory error on options_parse, exitting\n"); + } + if(ret == -3) { + options_print_version(); + } + + if(ret != -2 && ret != -3) + options_print_usage(); + + if(ret == -1 || ret == -3) + ret = 0; + + options_clear(&opt); + log_close(); + exit(ret); + } + string_list_element_t* tmp = opt.log_targets_.first_; + while(tmp) { + ret = log_add_target(tmp->string_); + if(ret) { + switch(ret) { + case -2: fprintf(stderr, "memory error on log_add_target, exitting\n"); break; + case -3: fprintf(stderr, "unknown log target: '%s', exitting\n", tmp->string_); break; + case -4: fprintf(stderr, "this log target is only allowed once: '%s', exitting\n", tmp->string_); break; + default: fprintf(stderr, "syntax error near: '%s', exitting\n", tmp->string_); break; + } + + options_clear(&opt); + log_close(); + exit(ret); + } + tmp = tmp->next_; + } + + log_printf(NOTICE, "just started..."); + options_parse_post(&opt); + + priv_info_t priv; + if(opt.username_) + if(priv_init(&priv, opt.username_, opt.groupname_)) { + options_clear(&opt); + log_close(); + exit(-1); + } + + FILE* pid_file = NULL; + if(opt.pid_file_) { + pid_file = fopen(opt.pid_file_, "w"); + if(!pid_file) { + log_printf(WARNING, "unable to open pid file: %s", strerror(errno)); + } + } + + if(opt.chroot_dir_) + if(do_chroot(opt.chroot_dir_)) { + options_clear(&opt); + log_close(); + exit(-1); + } + if(opt.username_) + if(priv_drop(&priv)) { + options_clear(&opt); + log_close(); + exit(-1); + } + + if(opt.daemonize_) { + pid_t oldpid = getpid(); + daemonize(); + log_printf(INFO, "running in background now (old pid: %d)", oldpid); + } + + if(pid_file) { + pid_t pid = getpid(); + fprintf(pid_file, "%d", pid); + fclose(pid_file); + } + + ret = main_loop(&opt); + + options_clear(&opt); + + if(!ret) + log_printf(NOTICE, "normal shutdown"); + else if(ret < 0) + log_printf(NOTICE, "shutdown after error"); + else + log_printf(NOTICE, "shutdown after signal"); + + log_close(); + + return ret; +} |