1
0

pptpmanager.c 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544
  1. /*
  2. * pptpmanager.c
  3. *
  4. * Manages the PoPToP sessions.
  5. *
  6. * $Id: pptpmanager.c,v 1.14 2005/12/29 09:59:49 quozl Exp $
  7. */
  8. #ifdef HAVE_CONFIG_H
  9. #include "config.h"
  10. #endif
  11. #ifdef __linux__
  12. #define _GNU_SOURCE 1 /* broken arpa/inet.h */
  13. #endif
  14. #include "our_syslog.h"
  15. #include <errno.h>
  16. #include <netdb.h>
  17. #include <signal.h>
  18. #include <stdio.h>
  19. #include <string.h>
  20. #include <stdlib.h>
  21. #include <sys/types.h>
  22. #include <sys/socket.h>
  23. #include <netinet/in.h>
  24. #include <arpa/inet.h>
  25. #include <sys/un.h>
  26. #include <sys/wait.h>
  27. #include <unistd.h>
  28. #include <time.h>
  29. #include <sys/time.h>
  30. #include <fcntl.h>
  31. #if HAVE_LIBWRAP
  32. /* re-include, just in case HAVE_SYSLOG_H wasn't defined */
  33. #include <syslog.h>
  34. #include <tcpd.h>
  35. int allow_severity = LOG_WARNING;
  36. int deny_severity = LOG_WARNING;
  37. #endif
  38. #ifdef __UCLIBC__
  39. #define socklen_t int
  40. #endif
  41. #include "configfile.h"
  42. #include "defaults.h"
  43. #include "pptpctrl.h"
  44. #include "pptpdefs.h"
  45. #include "pptpmanager.h"
  46. #include "compat.h"
  47. /* command line arg variables */
  48. extern char *ppp_binary;
  49. extern char *pppdoptstr;
  50. extern char *speedstr;
  51. extern char *bindaddr;
  52. extern int pptp_debug;
  53. extern int pptp_noipparam;
  54. extern int pptp_logwtmp;
  55. extern int pptp_delegate;
  56. /* option for timeout on starting ctrl connection */
  57. extern int pptp_stimeout;
  58. extern int pptp_connections;
  59. /* local function prototypes */
  60. static void connectCall(int clientSocket, int clientNumber);
  61. static int createHostSocket(int *hostSocket);
  62. /* this end's call identifier */
  63. uint16_t unique_call_id = 0;
  64. /* slots - begin */
  65. /* data about connection slots */
  66. struct slot {
  67. pid_t pid;
  68. char *local;
  69. char *remote;
  70. } *slots;
  71. /* number of connection slots allocated */
  72. int slot_count;
  73. static void slot_iterate(struct slot *slots, int count, void (*callback) (struct slot *slot))
  74. {
  75. int i;
  76. for(i=0; i<count; i++)
  77. (*callback)(&slots[i]);
  78. }
  79. static void slot_slot_init(struct slot *slot)
  80. {
  81. slot->pid = 0;
  82. slot->local = NULL;
  83. slot->remote = NULL;
  84. }
  85. void slot_init(int count)
  86. {
  87. slot_count = count;
  88. slots = (struct slot *) calloc(slot_count, sizeof(struct slot));
  89. slot_iterate(slots, slot_count, slot_slot_init);
  90. }
  91. static void slot_slot_free(struct slot *slot)
  92. {
  93. slot->pid = 0;
  94. if (slot->local) free(slot->local);
  95. slot->local = NULL;
  96. if (slot->remote) free(slot->remote);
  97. slot->remote = NULL;
  98. }
  99. void slot_free()
  100. {
  101. slot_iterate(slots, slot_count, slot_slot_free);
  102. free(slots);
  103. slots = NULL;
  104. slot_count = 0;
  105. }
  106. void slot_set_local(int i, char *ip)
  107. {
  108. struct slot *slot = &slots[i];
  109. if (slot->local) free(slot->local);
  110. slot->local = strdup(ip);
  111. }
  112. void slot_set_remote(int i, char *ip)
  113. {
  114. struct slot *slot = &slots[i];
  115. if (slot->remote) free(slot->remote);
  116. slot->remote = strdup(ip);
  117. }
  118. void slot_set_pid(int i, pid_t pid)
  119. {
  120. struct slot *slot = &slots[i];
  121. slot->pid = pid;
  122. }
  123. int slot_find_by_pid(pid_t pid)
  124. {
  125. int i;
  126. for(i=0; i<slot_count; i++) {
  127. struct slot *slot = &slots[i];
  128. if (slot->pid == pid) return i;
  129. }
  130. return -1;
  131. }
  132. int slot_find_empty()
  133. {
  134. return slot_find_by_pid(0);
  135. }
  136. char *slot_get_local(int i)
  137. {
  138. struct slot *slot = &slots[i];
  139. return slot->local;
  140. }
  141. char *slot_get_remote(int i)
  142. {
  143. struct slot *slot = &slots[i];
  144. return slot->remote;
  145. }
  146. /* slots - end */
  147. static void sigchld_responder(int sig)
  148. {
  149. int child, status;
  150. while ((child = waitpid(-1, &status, WNOHANG)) > 0) {
  151. if (pptp_delegate) {
  152. if (pptp_debug) syslog(LOG_DEBUG, "MGR: Reaped child %d", child);
  153. } else {
  154. int i;
  155. i = slot_find_by_pid(child);
  156. if (i != -1) {
  157. slot_set_pid(i, 0);
  158. if (pptp_debug) syslog(LOG_DEBUG, "MGR: Reaped child %d", child);
  159. } else {
  160. syslog(LOG_INFO, "MGR: Reaped unknown child %d", child);
  161. }
  162. }
  163. }
  164. }
  165. int pptp_manager(int argc, char **argv)
  166. {
  167. int firstOpen = -1;
  168. int ctrl_pid;
  169. socklen_t addrsize;
  170. int hostSocket;
  171. fd_set connSet;
  172. int rc, sig_fd;
  173. rc = sigpipe_create();
  174. if (rc < 0) {
  175. syslog(LOG_ERR, "MGR: unable to setup sigchld pipe!");
  176. syslog_perror("sigpipe_create");
  177. exit(-1);
  178. }
  179. sigpipe_assign(SIGCHLD);
  180. sigpipe_assign(SIGTERM);
  181. sig_fd = sigpipe_fd();
  182. /* openlog() not required, done in pptpd.c */
  183. syslog(LOG_INFO, "MGR: Manager process started");
  184. if (!pptp_delegate) {
  185. syslog(LOG_INFO, "MGR: Maximum of %d connections available",
  186. pptp_connections);
  187. }
  188. /* Connect the host socket and activate it for listening */
  189. if (createHostSocket(&hostSocket) < 0) {
  190. syslog(LOG_ERR, "MGR: Couldn't create host socket");
  191. syslog_perror("createHostSocket");
  192. exit(-1);
  193. }
  194. while (1) {
  195. int max_fd;
  196. FD_ZERO(&connSet);
  197. if (pptp_delegate) {
  198. FD_SET(hostSocket, &connSet);
  199. } else {
  200. firstOpen = slot_find_empty();
  201. if (firstOpen == -1) {
  202. syslog(LOG_ERR, "MGR: No free connection slots or IPs - no more clients can connect!");
  203. } else {
  204. FD_SET(hostSocket, &connSet);
  205. }
  206. }
  207. max_fd = hostSocket;
  208. FD_SET(sig_fd, &connSet);
  209. if (max_fd < sig_fd) max_fd = sig_fd;
  210. while (1) {
  211. if (select(max_fd + 1, &connSet, NULL, NULL, NULL) != -1) break;
  212. if (errno == EINTR) continue;
  213. syslog(LOG_ERR, "MGR: Error with manager select()!");
  214. syslog_perror("select");
  215. exit(-1);
  216. }
  217. if (FD_ISSET(sig_fd, &connSet)) { /* SIGCHLD */
  218. int signum = sigpipe_read();
  219. if (signum == SIGCHLD)
  220. sigchld_responder(signum);
  221. else if (signum == SIGTERM)
  222. return signum;
  223. }
  224. if (FD_ISSET(hostSocket, &connSet)) { /* A call came! */
  225. int clientSocket;
  226. struct sockaddr_in client_addr;
  227. /* Accept call and launch PPTPCTRL */
  228. addrsize = sizeof(client_addr);
  229. clientSocket = accept(hostSocket, (struct sockaddr *) &client_addr, &addrsize);
  230. #if HAVE_LIBWRAP
  231. if (clientSocket != -1) {
  232. struct request_info r;
  233. request_init(&r, RQ_DAEMON, "pptpd", RQ_FILE, clientSocket, NULL);
  234. fromhost(&r);
  235. if (!hosts_access(&r)) {
  236. /* send a permission denied message? this is a tcp wrapper
  237. * type deny so probably best to just drop it immediately like
  238. * this, as tcp wrappers usually do.
  239. */
  240. close(clientSocket);
  241. /* this would never be file descriptor 0, so use it as a error
  242. * value
  243. */
  244. clientSocket = 0;
  245. }
  246. }
  247. #endif
  248. if (clientSocket == -1) {
  249. /* accept failed, but life goes on... */
  250. syslog(LOG_ERR, "MGR: accept() failed");
  251. syslog_perror("accept");
  252. } else if (clientSocket != 0) {
  253. fd_set rfds;
  254. struct timeval tv;
  255. struct pptp_header ph;
  256. /* TODO: this select below prevents
  257. other connections from being
  258. processed during the wait for the
  259. first data packet from the
  260. client. */
  261. /*
  262. * DOS protection: get a peek at the first packet
  263. * and do some checks on it before we continue.
  264. * A 10 second timeout on the first packet seems reasonable
  265. * to me, if anything looks sus, throw it away.
  266. */
  267. FD_ZERO(&rfds);
  268. FD_SET(clientSocket, &rfds);
  269. tv.tv_sec = pptp_stimeout;
  270. tv.tv_usec = 0;
  271. if (select(clientSocket + 1, &rfds, NULL, NULL, &tv) <= 0) {
  272. syslog(LOG_ERR, "MGR: dropped slow initial connection");
  273. close(clientSocket);
  274. continue;
  275. }
  276. if (recv(clientSocket, &ph, sizeof(ph), MSG_PEEK) !=
  277. sizeof(ph)) {
  278. syslog(LOG_ERR, "MGR: dropped small initial connection");
  279. close(clientSocket);
  280. continue;
  281. }
  282. ph.length = ntohs(ph.length);
  283. ph.pptp_type = ntohs(ph.pptp_type);
  284. ph.magic = ntohl(ph.magic);
  285. ph.ctrl_type = ntohs(ph.ctrl_type);
  286. if (ph.length <= 0 || ph.length > PPTP_MAX_CTRL_PCKT_SIZE) {
  287. syslog(LOG_WARNING, "MGR: initial packet length %d outside "
  288. "(0 - %d)", ph.length, PPTP_MAX_CTRL_PCKT_SIZE);
  289. goto dos_exit;
  290. }
  291. if (ph.magic != PPTP_MAGIC_COOKIE) {
  292. syslog(LOG_WARNING, "MGR: initial packet bad magic");
  293. goto dos_exit;
  294. }
  295. if (ph.pptp_type != PPTP_CTRL_MESSAGE) {
  296. syslog(LOG_WARNING, "MGR: initial packet has bad type");
  297. goto dos_exit;
  298. }
  299. if (ph.ctrl_type != START_CTRL_CONN_RQST) {
  300. syslog(LOG_WARNING, "MGR: initial packet has bad ctrl type "
  301. "0x%x", ph.ctrl_type);
  302. dos_exit:
  303. close(clientSocket);
  304. continue;
  305. }
  306. #ifndef HAVE_FORK
  307. switch (ctrl_pid = vfork()) {
  308. #else
  309. switch (ctrl_pid = fork()) {
  310. #endif
  311. case -1: /* error */
  312. syslog(LOG_ERR, "MGR: fork() failed launching " PPTP_CTRL_BIN);
  313. close(clientSocket);
  314. break;
  315. case 0: /* child */
  316. close(hostSocket);
  317. if (pptp_debug)
  318. syslog(LOG_DEBUG, "MGR: Launching " PPTP_CTRL_BIN " to handle client");
  319. connectCall(clientSocket, !pptp_delegate ? firstOpen : 0);
  320. _exit(1);
  321. /* NORETURN */
  322. default: /* parent */
  323. close(clientSocket);
  324. unique_call_id += MAX_CALLS_PER_TCP_LINK;
  325. if (!pptp_delegate)
  326. slot_set_pid(firstOpen, ctrl_pid);
  327. break;
  328. }
  329. }
  330. } /* FD_ISSET(hostSocket, &connSet) */
  331. } /* while (1) */
  332. } /* pptp_manager() */
  333. /*
  334. * Author: Kevin Thayer
  335. *
  336. * This creates a socket to listen on, sets the max # of pending connections and
  337. * various other options.
  338. *
  339. * Returns the fd of the host socket.
  340. *
  341. * The function return values are:
  342. * 0 for sucessful
  343. * -1 for bad socket creation
  344. * -2 for bad socket options
  345. * -3 for bad bind
  346. * -4 for bad listen
  347. */
  348. static int createHostSocket(int *hostSocket)
  349. {
  350. int opt = 1;
  351. struct sockaddr_in address;
  352. #ifdef HAVE_GETSERVBYNAME
  353. struct servent *serv;
  354. #endif
  355. /* create the master socket and check it worked */
  356. if ((*hostSocket = socket(AF_INET, SOCK_STREAM, 0)) == 0)
  357. return -1;
  358. /* set master socket to allow daemon to be restarted with connections active */
  359. if (setsockopt(*hostSocket, SOL_SOCKET, SO_REUSEADDR,
  360. (char *) &opt, sizeof(opt)) < 0)
  361. return -2;
  362. /* set up socket */
  363. memset(&address, 0, sizeof(address));
  364. address.sin_family = AF_INET;
  365. if(bindaddr)
  366. address.sin_addr.s_addr = inet_addr(bindaddr);
  367. else
  368. address.sin_addr.s_addr = INADDR_ANY;
  369. #ifdef HAVE_GETSERVBYNAME
  370. if ((serv = getservbyname("pptp", "tcp")) != NULL) {
  371. address.sin_port = serv->s_port;
  372. } else
  373. #endif
  374. address.sin_port = htons(PPTP_PORT);
  375. /* bind the socket to the pptp port */
  376. if (bind(*hostSocket, (struct sockaddr *) &address, sizeof(address)) < 0)
  377. return -3;
  378. /* minimal backlog to avoid DoS */
  379. if (listen(*hostSocket, 3) < 0)
  380. return -4;
  381. return 0;
  382. }
  383. /*
  384. * Author: Kevin Thayer
  385. *
  386. * this routine sets up the arguments for the call handler and calls it.
  387. */
  388. static void connectCall(int clientSocket, int clientNumber)
  389. {
  390. #define NUM2ARRAY(array, num) snprintf(array, sizeof(array), "%d", num)
  391. char *ctrl_argv[16]; /* arguments for launching 'pptpctrl' binary */
  392. int pptpctrl_argc = 0; /* count the number of arguments sent to pptpctrl */
  393. /* lame strings to hold passed args. */
  394. char ctrl_debug[2];
  395. char ctrl_noipparam[2];
  396. char pppdoptfile_argv[2];
  397. char speedgiven_argv[2];
  398. extern char **environ;
  399. char callid_argv[16];
  400. /*
  401. * Launch the CTRL manager binary; we send it some information such as
  402. * speed and option file on the command line.
  403. */
  404. ctrl_argv[pptpctrl_argc++] = PPTP_CTRL_BIN " ";
  405. /* Pass socket as stdin */
  406. if (clientSocket != 0) {
  407. dup2(clientSocket, 0);
  408. close(clientSocket);
  409. }
  410. /* get argv set up */
  411. NUM2ARRAY(ctrl_debug, pptp_debug ? 1 : 0);
  412. ctrl_debug[1] = '\0';
  413. ctrl_argv[pptpctrl_argc++] = ctrl_debug;
  414. NUM2ARRAY(ctrl_noipparam, pptp_noipparam ? 1 : 0);
  415. ctrl_noipparam[1] = '\0';
  416. ctrl_argv[pptpctrl_argc++] = ctrl_noipparam;
  417. /* optionfile = TRUE or FALSE; so the CTRL manager knows whether to load a non-standard options file */
  418. NUM2ARRAY(pppdoptfile_argv, pppdoptstr ? 1 : 0);
  419. pppdoptfile_argv[1] = '\0';
  420. ctrl_argv[pptpctrl_argc++] = pppdoptfile_argv;
  421. if (pppdoptstr) {
  422. /* send the option filename so the CTRL manager can launch pppd with this alternate file */
  423. ctrl_argv[pptpctrl_argc++] = pppdoptstr;
  424. }
  425. /* tell the ctrl manager whether we were given a speed */
  426. NUM2ARRAY(speedgiven_argv, speedstr ? 1 : 0);
  427. speedgiven_argv[1] = '\0';
  428. ctrl_argv[pptpctrl_argc++] = speedgiven_argv;
  429. if (speedstr) {
  430. /* send the CTRL manager the speed of the connection so it can fire pppd at that speed */
  431. ctrl_argv[pptpctrl_argc++] = speedstr;
  432. }
  433. if (pptp_delegate) {
  434. /* no local or remote address to specify */
  435. ctrl_argv[pptpctrl_argc++] = "0";
  436. ctrl_argv[pptpctrl_argc++] = "0";
  437. } else {
  438. /* specify local & remote addresses for this call */
  439. ctrl_argv[pptpctrl_argc++] = "1";
  440. ctrl_argv[pptpctrl_argc++] = slot_get_local(clientNumber);
  441. ctrl_argv[pptpctrl_argc++] = "1";
  442. ctrl_argv[pptpctrl_argc++] = slot_get_remote(clientNumber);
  443. }
  444. /* our call id to be included in GRE packets the client
  445. * will send to us */
  446. NUM2ARRAY(callid_argv, unique_call_id);
  447. ctrl_argv[pptpctrl_argc++] = callid_argv;
  448. /* pass path to ppp binary */
  449. ctrl_argv[pptpctrl_argc++] = ppp_binary;
  450. /* pass logwtmp flag */
  451. ctrl_argv[pptpctrl_argc++] = pptp_logwtmp ? "1" : "0";
  452. /* note: update pptpctrl.8 if the argument list format is changed */
  453. /* terminate argv array with a NULL */
  454. ctrl_argv[pptpctrl_argc] = NULL;
  455. pptpctrl_argc++;
  456. /* ok, args are setup: invoke the call handler */
  457. execve(PPTP_CTRL_BIN, ctrl_argv, environ);
  458. syslog(LOG_ERR, "MGR: Failed to exec " PPTP_CTRL_BIN "!");
  459. _exit(1);
  460. }