aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/forward.c61
-rw-r--r--src/forward.h13
-rw-r--r--src/jail.c68
-rw-r--r--src/jail.h4
-rw-r--r--src/main.c5
-rw-r--r--src/server.c2
6 files changed, 117 insertions, 36 deletions
diff --git a/src/forward.c b/src/forward.c
index 86f4fb6..d81f24c 100644
--- a/src/forward.c
+++ b/src/forward.c
@@ -20,16 +20,17 @@ int fwd_init_ctx(forward_ctx **ctx, init_cb init_fn)
return 0;
}
-int fwd_setup(forward_ctx *ctx, const char *host, const char *port)
+int fwd_setup_client(forward_ctx *ctx, const char *host, const char *port)
{
int s;
struct addrinfo *fwd_addr = NULL;
assert(ctx);
+ ctx->fwd_type = FT_CLIENT;
s = socket_init_in(host, port, &fwd_addr);
if (s) {
- E_GAIERR(s, "Could not initialise forward socket");
+ E_GAIERR(s, "Could not initialise client forward socket");
return 1;
}
@@ -56,9 +57,34 @@ int fwd_setup(forward_ctx *ctx, const char *host, const char *port)
return 0;
}
+int fwd_setup_server(forward_ctx *ctx, const char *listen_addr,
+ const char *listen_port)
+{
+ int s;
+ struct addrinfo *fwd_addr = NULL;
+
+ assert(ctx);
+ ctx->fwd_type = FT_SERVER;
+
+ s = socket_init_in(listen_addr, listen_port, &fwd_addr);
+ if (s) {
+ E_GAIERR(s, "Could not initialise server forward socket");
+ return 1;
+ }
+ if (socket_bind_in(&ctx->sock, &fwd_addr)) {
+ E_STRERR("Could not bind forward server socket to %s:%s",
+ listen_addr, listen_port);
+ return 1;
+ }
+
+ return 0;
+}
+
int fwd_validate_ctx(const forward_ctx *ctx)
{
assert(ctx);
+ assert(ctx->fwd_type == FT_CLIENT ||
+ ctx->fwd_type == FT_SERVER);
assert(ctx->fwd_cbs.on_listen && ctx->fwd_cbs.on_shutdown);
assert(ctx->sock.addr_len > 0);
assert(strnlen(ctx->host_buf, NI_MAXHOST) > 0);
@@ -69,13 +95,38 @@ int fwd_validate_ctx(const forward_ctx *ctx)
int fwd_connect_sock(forward_ctx *ctx, psocket *fwd_client)
{
+ psocket *dst;
+
assert(ctx);
- socket_clone(&ctx->sock, fwd_client);
+ assert(ctx->fwd_type == FT_CLIENT);
+ if (fwd_client) {
+ dst = fwd_client;
+ socket_clone(&ctx->sock, fwd_client);
+ } else {
+ dst = &ctx->sock;
+ }
- return socket_reconnect_in(fwd_client);
+ return socket_reconnect_in(dst);
}
-int fwd_listen_fd(forward_ctx *ctx, int fwd_fd)
+int fwd_listen_sock(forward_ctx *ctx, psocket *fwd_server)
{
+ psocket *dst;
+
+ assert(ctx);
+ assert(ctx->fwd_type == FT_SERVER);
+ if (fwd_server) {
+ dst = fwd_server;
+ socket_clone(&ctx->sock, fwd_server);
+ } else {
+ dst = &ctx->sock;
+ }
+
+ if (socket_listen_in(dst)) {
+ E_STRERR("Could not listen on forward server socket on %s:%s",
+ ctx->host_buf, ctx->service_buf);
+ return 1;
+ }
+
return 0;
}
diff --git a/src/forward.h b/src/forward.h
index 60c7500..1676c1b 100644
--- a/src/forward.h
+++ b/src/forward.h
@@ -15,8 +15,12 @@ typedef struct fwd_callbacks {
on_shutdown_cb on_shutdown;
} fwd_callbacks;
+typedef enum forward_type {
+ FT_NONE = 0, FT_CLIENT, FT_SERVER
+} forward_type;
+
typedef struct forward_ctx {
- pthread_t self;
+ forward_type fwd_type;
fwd_callbacks fwd_cbs;
psocket sock;
char host_buf[NI_MAXHOST], service_buf[NI_MAXSERV];
@@ -26,12 +30,15 @@ typedef struct forward_ctx {
int fwd_init_ctx(forward_ctx **ctx, init_cb init_fn);
-int fwd_setup(forward_ctx *ctx, const char *host, const char *port);
+int fwd_setup_client(forward_ctx *ctx, const char *host, const char *port);
+
+int fwd_setup_server(forward_ctx *ctx, const char *listen_addr,
+ const char *listen_port);
int fwd_validate_ctx(const forward_ctx *ctx);
int fwd_connect_sock(forward_ctx *ctx, psocket *fwd_client);
-int fwd_listen_fd(forward_ctx *ctx, int fwd_fd);
+int fwd_listen_sock(forward_ctx *ctx, psocket *fwd_server);
#endif
diff --git a/src/jail.c b/src/jail.c
index b45f7c8..749305e 100644
--- a/src/jail.c
+++ b/src/jail.c
@@ -21,6 +21,11 @@ typedef struct jail_prisoner_process {
char *newroot;
} jail_prisoner_process;
+typedef enum connection_state {
+ CON_OK, CON_IN_TERMINATED, CON_OUT_TERMINATED,
+ CON_IN_ERROR, CON_OUT_ERROR
+} connection_state;
+
static int jail_mainloop_epoll(int epoll_fd, jail_ctx *ctx[], size_t siz)
__attribute__((noreturn));
static int jail_accept_client(jail_ctx *ctx[],
@@ -28,6 +33,8 @@ static int jail_accept_client(jail_ctx *ctx[],
static int jail_childfn(jail_prisoner_process *ctx)
__attribute__((noreturn));
static int jail_socket_tty_epoll(jail_prisoner_process *ctx, int tty_fd);
+static connection_state
+jail_socket_tty_io_epoll(struct epoll_event *ev, int dest_fd);
void jail_init_ctx(jail_ctx **ctx, size_t stacksize)
@@ -48,33 +55,20 @@ void jail_init_ctx(jail_ctx **ctx, size_t stacksize)
(*ctx)->stack_beg =
(unsigned char *) (*ctx)->stack_ptr
+ (*ctx)->stacksize;
- assert( (*ctx)->stack_ptr );
}
int jail_setup(jail_ctx *ctx,
const char *listen_addr, const char *listen_port)
{
- int s;
- struct addrinfo *srv_addr = NULL;
-
assert(ctx);
assert(listen_addr || listen_port);
D2("Try to listen on %s:%s",
(listen_addr ? listen_addr : "*"), listen_port);
- s = socket_init_in(listen_addr, listen_port, &srv_addr);
- if (s) {
- E_GAIERR(s, "Could not initialise server socket");
+ if (fwd_setup_server(&ctx->fwd_ctx, listen_addr, listen_port))
return 1;
- }
- if (socket_bind_in(&ctx->sock, &srv_addr)) {
- E_STRERR("Could not bind server socket to %s:%s", listen_addr, listen_port);
+ if (fwd_listen_sock(&ctx->fwd_ctx, NULL))
return 1;
- }
- if (socket_listen_in(&ctx->sock)) {
- E_STRERR("Could not listen on server socket on %s:%s", listen_addr, listen_port);
- return 1;
- }
return 0;
}
@@ -82,7 +76,8 @@ int jail_setup(jail_ctx *ctx,
int jail_validate_ctx(const jail_ctx *ctx)
{
assert(ctx);
- assert(ctx->sock.addr_len > 0);
+ assert(ctx->fwd_ctx.sock.addr_len > 0);
+ assert(ctx->stack_ptr);
return 0;
}
@@ -99,10 +94,10 @@ int jail_setup_epoll(jail_ctx *ctx[], size_t siz)
for (size_t i = 0; i < siz; ++i) {
memset(&ev, 0, sizeof(ev));
- ev.data.fd = ctx[i]->sock.fd;
+ ev.data.fd = ctx[i]->fwd_ctx.sock.fd;
ev.events = EPOLLIN | EPOLLET;
- s = socket_addrtostr_in(&ctx[i]->sock,
+ s = socket_addrtostr_in(&ctx[i]->fwd_ctx.sock,
ctx[i]->host_buf, ctx[i]->service_buf);
if (s) {
E_GAIERR(s, "Convert socket address to string");
@@ -111,7 +106,7 @@ int jail_setup_epoll(jail_ctx *ctx[], size_t siz)
N("Jail service listening on %s:%s: %d",
ctx[i]->host_buf, ctx[i]->service_buf, ev.data.fd);
- s = epoll_ctl(fd, EPOLL_CTL_ADD, ctx[i]->sock.fd, &ev);
+ s = epoll_ctl(fd, EPOLL_CTL_ADD, ctx[i]->fwd_ctx.sock.fd, &ev);
if (s) {
close(fd);
return -3;
@@ -132,7 +127,7 @@ pid_t jail_daemonize(int epoll_fd, jail_ctx *ctx[], size_t siz)
for (i = 0; i < siz; ++i) {
assert(ctx[i]);
- s = socket_addrtostr_in(&ctx[i]->sock,
+ s = socket_addrtostr_in(&ctx[i]->fwd_ctx.sock,
ctx[i]->host_buf, ctx[i]->service_buf);
if (s) {
E_GAIERR(s, "Could not initialise jail daemon socket");
@@ -153,7 +148,7 @@ pid_t jail_daemonize(int epoll_fd, jail_ctx *ctx[], size_t siz)
close(epoll_fd);
for (i = 0; i < siz; ++i)
- socket_close(&ctx[i]->sock);
+ socket_close(&ctx[i]->fwd_ctx.sock);
return p;
}
@@ -215,12 +210,12 @@ static int jail_accept_client(jail_ctx *ctx[],
static jail_prisoner_process *args;
for (i = 0; i < siz; ++i) {
- if (ctx[i]->sock.fd == event->data.fd) {
+ if (ctx[i]->fwd_ctx.sock.fd == event->data.fd) {
args = (jail_prisoner_process *) calloc(1, sizeof(*args));
assert(args);
args->newroot = ctx[i]->newroot;
- if (socket_accept_in(&ctx[i]->sock, &args->client_psock)) {
+ if (socket_accept_in(&ctx[i]->fwd_ctx.sock, &args->client_psock)) {
E_STRERR("Could not accept client connection for fd %d",
args->client_psock.fd);
goto error;
@@ -354,10 +349,16 @@ static int jail_childfn(jail_prisoner_process *ctx)
static int jail_socket_tty_epoll(jail_prisoner_process *ctx, int tty_fd)
{
- int s, fd = epoll_create1(0);
+ int s, fd;
struct epoll_event event = {0,{0}};
+ struct epoll_event *events;
+ sigset_t eset;
assert(ctx);
+ events = (struct epoll_event *) calloc(POTD_MAXEVENTS, sizeof(*events));
+ assert(events);
+
+ fd = epoll_create1(0);
if (fd < 0)
return -1;
@@ -373,5 +374,24 @@ static int jail_socket_tty_epoll(jail_prisoner_process *ctx, int tty_fd)
FATAL("Jail TTY Epoll for client %s:%s",
ctx->host_buf, ctx->service_buf);
+ sigemptyset(&eset);
+
+ while (1) {
+ int n, i;
+
+ n = epoll_pwait(fd, events, POTD_MAXEVENTS, -1, &eset);
+ if (n < 0)
+ break;
+
+ for (i = 0; i < n; ++i) {
+ }
+ }
+
return 0;
}
+
+static connection_state
+jail_socket_tty_io_epoll(struct epoll_event *ev, int dest_fd)
+{
+ return CON_OK;
+}
diff --git a/src/jail.h b/src/jail.h
index 37a10a5..baa1d46 100644
--- a/src/jail.h
+++ b/src/jail.h
@@ -4,13 +4,13 @@
#include <sys/types.h>
#include <unistd.h>
-#include "socket.h"
+#include "forward.h"
#define MIN_STACKSIZE 2048
#define MAX_STACKSIZE BUFSIZ
typedef struct jail_ctx {
- psocket sock;
+ forward_ctx fwd_ctx;
char host_buf[NI_MAXHOST], service_buf[NI_MAXSERV];
size_t stacksize;
void *stack_ptr;
diff --git a/src/main.c b/src/main.c
index 73fb5b2..0e4a1e1 100644
--- a/src/main.c
+++ b/src/main.c
@@ -51,7 +51,8 @@ int main(int argc, char *argv[])
D("Initialising jail service on port %s", jail_ports[i]);
jail_init_ctx(&jail[i], MAX_STACKSIZE);
- jail[i]->newroot = strdup("/home/lns/git/busybox/sysroot");
+ //jail[i]->newroot = strdup("/home/lns/git/busybox/sysroot");
+ jail[i]->newroot = strdup("/home/toni/git/busybox/_install");
ABORT_ON_FATAL( jail_setup(jail[i], "127.0.0.1", jail_ports[i]),
"Jail daemon setup" );
ABORT_ON_FATAL( jail_validate_ctx(jail[i]),
@@ -67,7 +68,7 @@ int main(int argc, char *argv[])
{
ABORT_ON_FATAL( fwd_init_ctx(&ssh_fwd, ssh_init_cb),
"Forwarder initialisation" );
- ABORT_ON_FATAL( fwd_setup(ssh_fwd, "127.0.0.1", "22222"),
+ ABORT_ON_FATAL( fwd_setup_client(ssh_fwd, "127.0.0.1", "22222"),
"Forwarder setup" );
ABORT_ON_FATAL( fwd_validate_ctx( ssh_fwd ),
"Forwarder validation" );
diff --git a/src/server.c b/src/server.c
index 0edfe70..a4f816b 100644
--- a/src/server.c
+++ b/src/server.c
@@ -305,6 +305,7 @@ client_mainloop_epoll(void *arg)
}
event.data.fd = args->client_psock.fd;
event.events = EPOLLIN | EPOLLET;
+
s = epoll_ctl(epoll_fd, EPOLL_CTL_ADD, args->client_psock.fd, &event);
if (s) {
E_STRERR("Forward Epoll descriptor add to %s:%s forward fd %d",
@@ -314,6 +315,7 @@ client_mainloop_epoll(void *arg)
}
sigemptyset(&eset);
+
while (active) {
int n, i;
Powered by cgit, Themed by Ted Yin.