diff options
author | Toni Uhlig <matzeton@googlemail.com> | 2018-05-02 00:22:25 +0200 |
---|---|---|
committer | Toni Uhlig <matzeton@googlemail.com> | 2018-05-02 00:22:25 +0200 |
commit | 3ef3c65b4d19df39e020c1d5f778dafdf493a635 (patch) | |
tree | b0ddf82f8a7ea213ecefc056848800af8ede30f3 | |
parent | 8002952a4e49ed0a38779727783e1eb273e536ff (diff) |
POTD skeleton #39.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
-rw-r--r-- | src/Makefile.am | 2 | ||||
-rw-r--r-- | src/forward.c | 5 | ||||
-rw-r--r-- | src/jail.c | 65 | ||||
-rw-r--r-- | src/log.c | 1 | ||||
-rw-r--r-- | src/log.h | 24 | ||||
-rw-r--r-- | src/log_colored.c | 47 | ||||
-rw-r--r-- | src/log_colored.h | 5 | ||||
-rw-r--r-- | src/main.c | 7 | ||||
-rw-r--r-- | src/pterm.c | 184 | ||||
-rw-r--r-- | src/pterm.h | 16 | ||||
-rw-r--r-- | src/server.c | 47 | ||||
-rw-r--r-- | src/server_ssh.c | 8 | ||||
-rw-r--r-- | src/utils.c | 22 |
13 files changed, 347 insertions, 86 deletions
diff --git a/src/Makefile.am b/src/Makefile.am index f6c7a20..76a8c38 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -2,4 +2,4 @@ AM_CFLAGS = -pedantic -Wall -std=gnu99 -fstrict-aliasing -D_GNU_SOURCE=1 $(libss AM_LDFLAGS = $(libssh_LIBS) sbin_PROGRAMS = potd -potd_SOURCES = utils.c log.c log_colored.c socket.c jail.c forward.c server.c server_ssh.c main.c +potd_SOURCES = utils.c log.c log_colored.c socket.c pterm.c jail.c forward.c server.c server_ssh.c main.c diff --git a/src/forward.c b/src/forward.c index 6ab7de5..5fc0857 100644 --- a/src/forward.c +++ b/src/forward.c @@ -39,7 +39,7 @@ int fwd_setup(forward_ctx *ctx, const char *host, const char *port) return 1; if (socket_connect_in(&ctx->sock, &fwd_addr)) { - E_STRERR("Connection to forward socket"); + E_STRERR("Connection to forward socket %s:%s", host, port); return 1; } s = socket_addrtostr_in(&ctx->sock, ctx->host_buf, ctx->service_buf); @@ -48,7 +48,8 @@ int fwd_setup(forward_ctx *ctx, const char *host, const char *port) return 1; } if (socket_close(&ctx->sock)) { - E_STRERR("Forward socket close"); + E_STRERR("Forward socket to %s:%s close", + ctx->host_buf, ctx->service_buf); return 1; } @@ -66,11 +66,11 @@ int jail_setup(jail_ctx *ctx, return 1; } if (socket_bind_in(&ctx->sock, &srv_addr)) { - E_STRERR("Could not bind server socket"); + E_STRERR("Could not bind server socket to %s:%s", listen_addr, listen_port); return 1; } if (socket_listen_in(&ctx->sock)) { - E_STRERR("Could not listen on server socket"); + E_STRERR("Could not listen on server socket on %s:%s", listen_addr, listen_port); return 1; } @@ -141,7 +141,7 @@ pid_t jail_daemonize(int epoll_fd, jail_ctx *ctx[], size_t siz) p = fork(); switch (p) { case -1: - W_STRERR("Jail daemonize"); + W_STRERR("%s", "Jail daemonize"); return -1; case 0: N("%s", "Jail daemon mainloop"); @@ -182,8 +182,7 @@ static int jail_mainloop_epoll(int epoll_fd, jail_ctx *ctx[], size_t siz) (events[i].events & EPOLLHUP) || (!(events[i].events & EPOLLIN))) { - E("Epoll for descriptor %d failed", events[i].data.fd); - E_STRERR("epoll_wait"); + E_STRERR("Epoll for descriptor %d", events[i].data.fd); close(events[i].data.fd); continue; } else { @@ -219,7 +218,8 @@ static int jail_accept_client(jail_ctx *ctx[], args->newroot = ctx[i]->newroot; if (socket_accept_in(&ctx[i]->sock, &args->client_psock)) { - E_STRERR("Could not accept client connection"); + E_STRERR("Could not accept client connection for fd %d", + args->client_psock.fd); goto error; } @@ -261,53 +261,39 @@ static int jail_childfn(void *arg) assert(arg); args = (jail_prisoner_process *) arg; - if (prctl(PR_SET_PDEATHSIG, SIGKILL) != 0) { - E_STRERR("Jail child prctl"); - exit(EXIT_FAILURE); - } + if (prctl(PR_SET_PDEATHSIG, SIGKILL) != 0) + FATAL("Jail child prctl for pid %d", args->prisoner_pid); + if (!args->newroot) + FATAL("New root set for pid %d", args->prisoner_pid); - if (!args->newroot) { - E2("%s", "No new root set"); - exit(EXIT_FAILURE); - } D2("Safe change root to: '%s'", args->newroot); if (safe_chroot(args->newroot)) { E2("Safe jail chroot to '%s' failed", args->newroot); exit(EXIT_FAILURE); } - D2("Mounting rootfs to %s", args->newroot); + D2("Mounting rootfs to '%s'", args->newroot); mount_root(); - D2("Mounting devtmpfs to %s%s", args->newroot, path_dev); + D2("Mounting devtmpfs to '%s%s'", args->newroot, path_dev); s = mkdir(path_dev, S_IRUSR|S_IWUSR|S_IXUSR| S_IRGRP|S_IXGRP| S_IROTH|S_IXOTH); - if (s && errno != EEXIST) { - E2("Could not create directory: %s", path_dev); - E_STRERR("mkdir"); - exit(EXIT_FAILURE); - } - if (!dir_is_mountpoint(path_dev) && mount_dev(path_dev)) { - E2("Can not mount devtmpfs to %s%s", args->newroot, path_dev); - exit(EXIT_FAILURE); - } + if (s && errno != EEXIST) + FATAL("Create directory '%s'", path_dev); + if (!dir_is_mountpoint(path_dev) && mount_dev(path_dev)) + FATAL("Mount devtmpfs to '%s%s'", args->newroot, path_dev); - D2("Mounting devpts to %s%s", args->newroot, path_devpts); + D2("Mounting devpts to '%s%s'", args->newroot, path_devpts); s = mkdir(path_devpts, S_IRUSR|S_IWUSR|S_IXUSR| S_IRGRP|S_IXGRP| S_IROTH|S_IXOTH); - if (s && errno != EEXIST) { - E2("Could not create directory: %s", path_devpts); - E_STRERR("mkdir"); - exit(EXIT_FAILURE); - } - if (!dir_is_mountpoint(path_devpts) && mount_pts(path_devpts)) { - E2("Can not mount devpts to %s%s", args->newroot, path_devpts); - exit(EXIT_FAILURE); - } + if (s && errno != EEXIST) + FATAL("Create directory '%s'", path_devpts); + if (!dir_is_mountpoint(path_devpts) && mount_pts(path_devpts)) + FATAL("Mount devpts to '%s%s'", args->newroot, path_devpts); - D2("Creating device files in %s%s", args->newroot, path_dev); + D2("Creating device files in '%s%s'", args->newroot, path_dev); if (create_device_files(path_dev)) { E2("Device file creation failed for rootfs '%s%s'", args->newroot, path_dev); @@ -318,12 +304,13 @@ static int jail_childfn(void *arg) child_pid = forkpty(&term_fd, NULL, term, win); switch (child_pid) { case -1: - W_STRERR("Forking a new pseudo terminal"); - break; + FATAL("Forking a new pseudo terminal for pid %d", + args->prisoner_pid); + break; case 0: D2("Executing '%s'", "/bin/bash"); if (execl("/bin(bash", "/bin/bash", (char *) NULL)) - W_STRERR("Execute a shell"); + FATAL("Execute a shell for pid %d", args->prisoner_pid); break; default: waitpid(child_pid, &s, 0); @@ -6,3 +6,4 @@ log_open_cb log_open = NULL; log_close_cb log_close = NULL; log_fmt_cb log_fmt = NULL; log_fmtex_cb log_fmtex = NULL; +log_fmtexerr_cb log_fmtexerr = NULL; @@ -6,10 +6,11 @@ #include <errno.h> #define LOGMSG_MAXLEN 255 -#define LOG_SET_FUNCS(open_cb, close_cb, fmt_cb, fmtex_cb) \ +#define LOG_SET_FUNCS(open_cb, close_cb, fmt_cb, fmtex_cb, fmtexerr_cb) \ { \ log_open = open_cb; log_close = close_cb; \ log_fmt = fmt_cb; log_fmtex = fmtex_cb; \ + log_fmtexerr = fmtexerr_cb; \ } #define LOG_SET_FUNCS_VA(...) LOG_SET_FUNCS(__VA_ARGS__) #define D(fmt, ...) log_fmt(DEBUG, fmt, __VA_ARGS__) @@ -20,13 +21,19 @@ #define N2(fmt, ...) log_fmtex(NOTICE, __FILE__, __LINE__, fmt, __VA_ARGS__) #define W2(fmt, ...) log_fmtex(WARNING, __FILE__, __LINE__, fmt, __VA_ARGS__) #define E2(fmt, ...) log_fmtex(ERROR, __FILE__, __LINE__, fmt, __VA_ARGS__) -#define W_STRERR(msg) { if (errno) W2("%s failed: %s", msg, strerror(errno)); } -#define E_STRERR(msg) { if (errno) E2("%s failed: %s", msg, strerror(errno)); } +#define W_STRERR(fmt, ...) log_fmtexerr(WARNING, __FILE__, __LINE__, fmt, \ + __VA_ARGS__) +#define E_STRERR(fmt, ...) log_fmtexerr(ERROR, __FILE__, __LINE__, fmt, \ + __VA_ARGS__) #define E_GAIERR(ret, msg) { if (ret) { E2("%s failed: %s", msg, gai_strerror(ret)); } } +#define FATAL(fmt, ...) { E_STRERR(fmt, __VA_ARGS__); abort(); } #define ABORT_ON_FATAL(expr, msg) \ { errno = 0; long rv = (long) expr; \ - if (rv) { E2("`%s` returned: %ld", #expr, rv); \ - E_STRERR(msg); abort(); } } + if (rv) { \ + E_STRERR("`%s` returned %ld. %s", \ + #expr, rv, msg); abort(); \ + } \ + } #define GAI_ABORT_ON_FATAL(expr, msg) \ { int rv = expr; \ if (rv) { E2("`%s` returned: %d", #expr, rv); \ @@ -38,16 +45,23 @@ typedef enum log_priority { typedef int (*log_open_cb) (void); typedef void (*log_close_cb) (void); + typedef void (*log_fmt_cb) (log_priority prio, const char *fmt, ...) __attribute__ ((format (printf, 2, 3))); + typedef void (*log_fmtex_cb) (log_priority prio, const char *srcfile, size_t line, const char *fmt, ...) __attribute__ ((format (printf, 4, 5))); +typedef void (*log_fmtexerr_cb) (log_priority prio, const char *srcfile, + size_t line, const char *fmt, ...) + __attribute__ ((format (printf, 4, 5))); + extern log_open_cb log_open; extern log_close_cb log_close; extern log_fmt_cb log_fmt; extern log_fmtex_cb log_fmtex; +extern log_fmtexerr_cb log_fmtexerr; #endif diff --git a/src/log_colored.c b/src/log_colored.c index a8a26e3..9aaa23f 100644 --- a/src/log_colored.c +++ b/src/log_colored.c @@ -79,3 +79,50 @@ void log_fmtex_colored(log_priority prio, const char *srcfile, break; } } + +void log_fmtexerr_colored(log_priority prio, const char *srcfile, + size_t line, const char *fmt, ...) +{ + int saved_errno = errno; + char out[LOGMSG_MAXLEN+1] = {0}; + va_list arglist; + + assert(fmt); + va_start(arglist, fmt); + assert( vsnprintf(&out[0], LOGMSG_MAXLEN, fmt, arglist) >= 0 ); + va_end(arglist); + + switch (prio) { + case DEBUG: + if (saved_errno) + printf("[DEBUG] %s.%lu: %s failed: %s\n", srcfile, line, out, + strerror(saved_errno)); + else + printf("[DEBUG] %s.%lu: %s failed\n", srcfile, line, out); + break; + case NOTICE: + if (saved_errno) + printf("[" GRN "NOTICE" RESET "] %s.%lu: %s failed: %s\n", srcfile, + line, out, strerror(saved_errno)); + else + printf("[" GRN "NOTICE" RESET "] %s.%lu: %s failed\n", srcfile, + line, out); + break; + case WARNING: + if (saved_errno) + printf("[" YEL "WARNING" RESET "] %s.%lu: %s failed: %s\n", srcfile, + line, out, strerror(saved_errno)); + else + printf("[" YEL "WARNING" RESET "] %s.%lu: %s failed\n", srcfile, + line, out); + break; + case ERROR: + if (saved_errno) + printf("[" RED "ERROR" RESET "] %s.%lu: %s failed: %s\n", srcfile, + line, out, strerror(saved_errno)); + else + printf("[" RED "ERROR" RESET "] %s.%lu: %s failed\n", srcfile, + line, out); + break; + } +} diff --git a/src/log_colored.h b/src/log_colored.h index c7c0014..9f75557 100644 --- a/src/log_colored.h +++ b/src/log_colored.h @@ -10,7 +10,7 @@ #define RED "\x1B[31;1;5m" /* LOG_SET_FUNCS comfort */ #define LOG_COLORED_FUNCS log_open_colored, log_close_colored, \ - log_fmt_colored, log_fmtex_colored + log_fmt_colored, log_fmtex_colored, log_fmtexerr_colored int log_open_colored(void); @@ -22,4 +22,7 @@ void log_fmt_colored(log_priority prio, const char *fmt, ...); void log_fmtex_colored(log_priority prio, const char *srcfile, size_t line, const char *fmt, ...); +void log_fmtexerr_colored(log_priority prio, const char *srcfile, + size_t line, const char *fmt, ...); + #endif @@ -37,14 +37,11 @@ int main(int argc, char *argv[]) daemon_pid = daemonize(1); ABORT_ON_FATAL( daemon_pid > 0, "Forking" ); if (daemon_pid == 0) { - D("Daemon: main child pid: %d", daemon_pid); set_procname("[potd] main"); } else { - E("Forking failed: %d", daemon_pid); - E_STRERR("Daemonize"); - exit(EXIT_FAILURE); + FATAL("Forking (fork returned %d)", daemon_pid); } - D2("Master pid: %d", daemon_pid); + D2("Master pid: %d", getpid()); memset(jail, 0, sizeof(jail)); jail_ports[0] = "33333"; diff --git a/src/pterm.c b/src/pterm.c new file mode 100644 index 0000000..47f433c --- /dev/null +++ b/src/pterm.c @@ -0,0 +1,184 @@ +#include <unistd.h> +#include <sys/types.h> +#include <sys/ioctl.h> +#include <sys/stat.h> +#include <signal.h> +#include <errno.h> +#include <fcntl.h> +#include <grp.h> +#include <pwd.h> +#include <stdarg.h> +#include <string.h> +#include <termios.h> +#include <pty.h> + +#include "pterm.h" +#include "log.h" + +#ifndef _PATH_TTY +#define _PATH_TTY "/dev/tty" +#endif +#ifndef O_NOCTTY +#define O_NOCTTY 0 +#endif + + +int +pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen) +{ + /* openpty(3) exists in OSF/1 and some other os'es */ + char *name; + int i; + + i = openpty(ptyfd, ttyfd, NULL, NULL, NULL); + if (i < 0) { + E_STRERR("%s", "Allocate pseudo terminal"); + return 1; + } + name = ttyname(*ttyfd); + if (!name) { + E_STRERR("%s", "Invalid ttyname for pseudo terminal"); + abort(); + } + + strncpy(namebuf, name, namebuflen); /* possible truncation */ + return 0; +} + +void +pty_release(const char *tty) +{ + if (chown(tty, (uid_t) 0, (gid_t) 0) < 0) { + E_STRERR("Change tty owner for '%s'", tty); + } + if (chmod(tty, (mode_t) 0666) < 0) { + E_STRERR("Change tty mode for '%s'", tty); + } +} + +void +pty_make_controlling_tty(int *ttyfd, const char *tty) +{ + int fd; + + /* First disconnect from the old controlling tty. */ + fd = open(_PATH_TTY, O_RDWR | O_NOCTTY); + if (fd >= 0) { + (void) ioctl(fd, TIOCNOTTY, NULL); + close(fd); + } + if (setsid() < 0) + E_STRERR("%s", "New session"); + + /* + * Verify that we are successfully disconnected from the controlling + * tty. + */ + fd = open(_PATH_TTY, O_RDWR | O_NOCTTY); + if (fd >= 0) { + E2("%s", "Failed to disconnect from controlling tty."); + close(fd); + } + /* Make it our controlling tty. */ + D("%s", "Setting controlling tty using TIOCSCTTY."); + if (ioctl(*ttyfd, TIOCSCTTY, NULL) < 0) + E_STRERR("%s", "ioctl(TIOCSCTTY)"); + if (setpgrp() < 0) + E_STRERR("%s", "Set new process group"); + fd = open(tty, O_RDWR); + if (fd < 0) + E_STRERR("Open tty '%s'", tty); + else + close(fd); + + /* Verify that we now have a controlling tty. */ + fd = open(_PATH_TTY, O_WRONLY); + if (fd < 0) + E_STRERR("Could not set controlling tty - Open '%s'", tty); + else + close(fd); +} + +/* Changes the window size associated with the pty. */ + +void +pty_change_window_size(int ptyfd, u_int row, u_int col, + u_int xpixel, u_int ypixel) +{ + struct winsize w; + + /* may truncate u_int -> u_short */ + w.ws_row = row; + w.ws_col = col; + w.ws_xpixel = xpixel; + w.ws_ypixel = ypixel; + (void) ioctl(ptyfd, TIOCSWINSZ, &w); +} + +void +pty_setowner(struct passwd *pw, const char *tty) +{ + struct group *grp; + gid_t gid; + mode_t mode; + struct stat st; + + /* Determine the group to make the owner of the tty. */ + grp = getgrnam("tty"); + gid = (grp != NULL) ? grp->gr_gid : pw->pw_gid; + mode = (grp != NULL) ? 0620 : 0600; + + /* + * Change owner and mode of the tty as required. + * Warn but continue if filesystem is read-only and the uids match/ + * tty is owned by root. + */ + if (stat(tty, &st)) + FATAL("Change owner of %s", tty); + +#ifdef WITH_SELINUX + ssh_selinux_setup_pty(pw->pw_name, tty); +#endif + + if (st.st_uid != pw->pw_uid || st.st_gid != gid) { + if (chown(tty, pw->pw_uid, gid) < 0) { + if (errno == EROFS && + (st.st_uid == pw->pw_uid || st.st_uid == 0)) + { + D("Change owner of '%s' to %u:%u", + tty, (unsigned) pw->pw_uid, + (unsigned) gid); + } else { + FATAL("Change owner of '%s' to %u:%u", + tty, (unsigned) pw->pw_uid, + (unsigned) gid); + } + } + } + + if ((st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != mode) { + if (chmod(tty, mode) < 0) { + if (errno == EROFS && + (st.st_mode & (S_IRGRP | S_IROTH)) == 0) + { + D("Change mode of '%s' to 0%o", + tty, (unsigned) mode); + } else { + FATAL("Change mode of '%s' to 0%o", + tty, (unsigned) mode); + } + } + } +} + +/* Disconnect from the controlling tty. */ +void +disconnect_controlling_tty(void) +{ + int fd; + + if ((fd = open(_PATH_TTY, O_RDWR | O_NOCTTY)) >= 0) { + (void) ioctl(fd, TIOCNOTTY, NULL); + close(fd); + } +} diff --git a/src/pterm.h b/src/pterm.h new file mode 100644 index 0000000..734bab1 --- /dev/null +++ b/src/pterm.h @@ -0,0 +1,16 @@ +#ifndef POTD_PTY_H +#define POTD_PTY_H 1 + +int pty_allocate(int *, int *, char *, size_t); + +void pty_release(const char *); + +void pty_make_controlling_tty(int *, const char *); + +void pty_change_window_size(int, u_int, u_int, u_int, u_int); + +void pty_setowner(struct passwd *, const char *); + +void disconnect_controlling_tty(void); + +#endif diff --git a/src/server.c b/src/server.c index afa2172..9bf41f7 100644 --- a/src/server.c +++ b/src/server.c @@ -62,11 +62,13 @@ int server_setup(server_ctx *ctx, return 1; } if (socket_bind_in(&ctx->sock, &srv_addr)) { - E_STRERR("Could not bind server socket"); + E_STRERR("Could not bind server socket to %s:%s", + listen_addr, listen_port); return 1; } if (socket_listen_in(&ctx->sock)) { - E_STRERR("Could not listen on server socket"); + E_STRERR("Could not listen on server socket on %s:%s", + listen_addr, listen_port); return 1; } @@ -137,7 +139,7 @@ pid_t server_daemonize(int epoll_fd, server_ctx *ctx[], size_t siz) p = fork(); switch (p) { case -1: - W_STRERR("Server daemonsize"); + W_STRERR("%s", "Server daemonize"); return -1; case 0: N("%s", "Server daemon mainloop"); @@ -177,8 +179,7 @@ static int server_mainloop_epoll(int epoll_fd, server_ctx *ctx[], size_t siz) (events[i].events & EPOLLHUP) || (!(events[i].events & EPOLLIN))) { - E("Epoll for descriptor %d failed", events[i].data.fd); - E_STRERR("epoll_wait"); + E_STRERR("Epoll for descriptor %d failed", events[i].data.fd); close(events[i].data.fd); continue; } else { @@ -209,7 +210,8 @@ static int server_accept_client(server_ctx *ctx[], assert(args); if (socket_accept_in(&ctx[i]->sock, &args->client_psock)) { - E_STRERR("Could not accept client connection"); + E_STRERR("Could not accept client connection on fd %d", + ctx[i]->sock.fd); goto error; } @@ -228,7 +230,9 @@ static int server_accept_client(server_ctx *ctx[], if (pthread_create(&args->self, NULL, client_mainloop_epoll, args)) { - E_STRERR("Thread creation"); + E_STRERR("Thread creation for %s:%s on fd %d", + args->host_buf, args->service_buf, + args->client_psock.fd); goto error; } @@ -262,25 +266,29 @@ client_mainloop_epoll(void *arg) epoll_fd = epoll_create1(0); if (epoll_fd < 0) { - E_STRERR("Client epoll_create1"); + E_STRERR("Client Epoll descriptor creation for server fd %d", + args->server_ctx->sock.fd); goto finish; } if (fwd_connect(args->server_ctx->fwd_ctx, &fwd)) { - E("Forward connection to %s:%s failed", + E_STRERR("Forward connection to %s:%s server fd %d", args->server_ctx->fwd_ctx->host_buf, - args->server_ctx->fwd_ctx->service_buf); - E_STRERR("Forward connect"); + args->server_ctx->fwd_ctx->service_buf, + args->server_ctx->sock.fd); goto finish; } - N("Forwarding connection to %s:%s: %d", args->server_ctx->fwd_ctx->host_buf, + N("Forwarding connection to %s:%s forward fd %d", + args->server_ctx->fwd_ctx->host_buf, args->server_ctx->fwd_ctx->service_buf, fwd.fd); event.data.fd = fwd.fd; event.events = EPOLLIN | EPOLLET; s = epoll_ctl(epoll_fd, EPOLL_CTL_ADD, fwd.fd, &event); if (s) { - E_STRERR("Forward epoll_ctl"); + E_STRERR("Forward Epoll descriptor add to %s:%s forward fd %d", + args->server_ctx->fwd_ctx->host_buf, + args->server_ctx->fwd_ctx->service_buf, fwd.fd); goto finish; } @@ -290,14 +298,18 @@ client_mainloop_epoll(void *arg) */ s = socket_nonblock(&args->client_psock); if (s) { - E_STRERR("socket_nonblock"); + E_STRERR("Socket non blocking mode to %s:%s forward fd %d", + args->server_ctx->fwd_ctx->host_buf, + args->server_ctx->fwd_ctx->service_buf, fwd.fd); goto finish; } event.data.fd = args->client_psock.fd; event.events = EPOLLIN | EPOLLET; s = epoll_ctl(epoll_fd, EPOLL_CTL_ADD, args->client_psock.fd, &event); if (s) { - E_STRERR("Client epoll_ctl"); + E_STRERR("Forward Epoll descriptor add to %s:%s forward fd %d", + args->server_ctx->fwd_ctx->host_buf, + args->server_ctx->fwd_ctx->service_buf, fwd.fd); goto finish; } @@ -314,8 +326,7 @@ client_mainloop_epoll(void *arg) (events[i].events & EPOLLHUP) || (!(events[i].events & EPOLLIN))) { - E("Epoll for descriptor %d failed", events[i].data.fd); - E_STRERR("epoll_pwait"); + E_STRERR("Epoll for descriptor %d", events[i].data.fd); active = 0; break; } else { @@ -401,7 +412,7 @@ client_io_epoll(struct epoll_event *ev, int dest_fd) switch (siz) { case -1: - E_STRERR("Client read"); + E_STRERR("Client read from fd %d", ev->data.fd); rc = CON_IN_ERROR; break; case 0: diff --git a/src/server_ssh.c b/src/server_ssh.c index b0eb301..ff747fd 100644 --- a/src/server_ssh.c +++ b/src/server_ssh.c @@ -60,7 +60,7 @@ int ssh_init_cb(struct forward_ctx *ctx) LIBSSH_VERSION_MICRO)) == NULL) { W("This software was compiled/linked for libssh %d.%d.%d," - " which your arent currently using.", + " which you aren't currently using.", LIBSSH_VERSION_MAJOR, LIBSSH_VERSION_MINOR, LIBSSH_VERSION_MICRO); } if (ssh_version(SSH_VERSION_INT(0,7,3)) == NULL) @@ -113,11 +113,13 @@ int ssh_on_listen(struct forward_ctx *ctx, const char *host, if (ssh_bind_listen(d->sshbind) < 0) { E("Error listening to SSH socket: %s", ssh_get_error(d->sshbind)); } - N("SSH bind and listen on %s:%s: %d", host, port, ssh_bind_get_fd(d->sshbind)); + N("SSH bind and listen on %s:%s fd %d", host, port, + ssh_bind_get_fd(d->sshbind)); s = pthread_create(&d->self, NULL, ssh_thread_mainloop, d); if (s) { - E_STRERR("pthread_create"); + E_STRERR("SSH Thread creation on %s:%s fd %d", + host, port, ssh_bind_get_fd(d->sshbind)); } return s; diff --git a/src/utils.c b/src/utils.c index aa62beb..41fc7d4 100644 --- a/src/utils.c +++ b/src/utils.c @@ -8,7 +8,6 @@ #include <pwd.h> #include <grp.h> #include <sys/types.h> -#undef makedev #include <sys/sysmacros.h> #include <sys/stat.h> #include <sys/wait.h> @@ -77,7 +76,7 @@ pid_t daemonize(int stay_foreground) /* On success: The child process becomes session leader */ if (!stay_foreground && setsid() < 0) { - E_STRERR("setsid"); + E_STRERR("%s", "setsid"); exit(EXIT_FAILURE); } @@ -95,7 +94,7 @@ pid_t daemonize(int stay_foreground) } if (!stay_foreground && setpgrp()) { - E_STRERR("setpgrp"); + E_STRERR("%s", "setpgrp"); exit(EXIT_FAILURE); } @@ -123,7 +122,7 @@ int close_fds_except(int fds, ...) size_t i, except_count, found; va_list ap; - max_fd = sysconf(_SC_OPEN_MAX); + max_fd = sysconf(_SC_OPEN_MAX) - 1; if (max_fd <= 0) return 1; @@ -212,19 +211,19 @@ int safe_chroot(const char *newroot) s = chdir(newroot); if (s) { - E_STRERR("Change directory"); + E_STRERR("Change directory to '%s'", newroot); return 1; } s = chroot("."); if (s) { - E_STRERR("Change root directory"); + E_STRERR("Change root directory to '%s'", "."); return 1; } s = chdir("/"); if (s) { - E_STRERR("Change directory inside new root"); + E_STRERR("Change directory inside new root to '%s'", "/"); return 1; } @@ -250,7 +249,7 @@ int dir_is_mountpoint(const char *path) return current.st_dev != parent.st_dev; error: - W_STRERR("Mountpoint check"); + W_STRERR("Mountpoint check for '%s'", path); return -1; } @@ -285,7 +284,7 @@ int mount_dev(const char *mount_path) MS_NOEXEC|MS_REC, "size=4k,mode=755,gid=0"); if (s) { - E_STRERR("Mount devtmpfs filesystem"); + E_STRERR("Mount devtmpfs filesystem to %s", mount_path); return 1; } @@ -301,7 +300,7 @@ int mount_pts(const char *mount_path) "newinstance,gid=5,mode=620,ptmxmode=0666"); if (s) { - E_STRERR("Mount devpts filesystem"); + E_STRERR("Mount devpts filesystem to %s", mount_path); return 1; } @@ -333,8 +332,7 @@ int create_device_file_checked(const char *mount_path, const char *device_file, defmode = 0; s = mknod(devpath, defmode|mode, dev); if (s) { - E2("Device file creation '%s' failed", devpath); - E_STRERR("Device creation"); + E_STRERR("Device creation '%s'", devpath); return 1; } |