43
44
struct tpm_properties tpm_metrics;
44
45
static volatile int hup = 0, term = 0;
45
46
extern char *optarg;
47
47
char *tcsd_config_file = NULL;
49
struct srv_sock_info {
51
int domain; // AF_INET or AF_INET6
54
#define MAX_IP_PROTO 2
55
#define INVALID_ADDR_STR "<Invalid client address>"
57
static void close_server_socks(struct srv_sock_info *socks_info)
61
for (i=0; i < MAX_IP_PROTO; i++) {
62
if (socks_info[i].sd != -1) {
64
rv = close(socks_info[i].sd);
65
if (rv == -1 && errno != EINTR) {
66
LogError("Error closing server socket descriptor - %s",
70
} while (rv == -1 && errno == EINTR);
76
tcsd_shutdown(struct srv_sock_info socks_info[])
78
close_server_socks(socks_info);
52
79
/* order is important here:
53
80
* allow all threads to complete their current request */
54
81
tcsd_threads_final();
240
int setup_ipv4_socket(struct srv_sock_info ssi[])
242
struct sockaddr_in serv_addr;
247
// Initialization of IPv4 socket.
248
sd = socket(AF_INET, SOCK_STREAM, 0);
250
LogWarn("Failed IPv4 socket: %s", strerror(errno));
254
memset(&serv_addr, 0, sizeof (serv_addr));
255
serv_addr.sin_family = AF_INET;
256
serv_addr.sin_port = htons(tcsd_options.port);
258
/* If no remote_ops are defined, restrict connections to localhost
259
* only at the socket. */
260
if (tcsd_options.remote_ops[0] == 0)
261
serv_addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
263
serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
266
setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
267
if (bind(sd, (struct sockaddr *) &serv_addr, sizeof (serv_addr)) < 0) {
268
LogWarn("Failed IPv4 bind: %s", strerror(errno));
272
if (listen(sd, TCSD_MAX_SOCKETS_QUEUED) < 0) {
273
LogWarn("Failed IPv4 listen: %s", strerror(errno));
277
ssi->domain = AF_INET;
279
ssi->addr_len = sizeof(serv_addr);
290
int setup_ipv6_socket(struct srv_sock_info *ssi)
292
struct sockaddr_in6 serv6_addr;
297
sd6 = socket(AF_INET6, SOCK_STREAM, 0);
299
LogWarn("Failed IPv6 socket: %s", strerror(errno));
303
memset(&serv6_addr, 0, sizeof (serv6_addr));
304
serv6_addr.sin6_family = AF_INET6;
305
serv6_addr.sin6_port = htons(tcsd_options.port);
307
/* If no remote_ops are defined, restrict connections to localhost
308
* only at the socket. */
309
if (tcsd_options.remote_ops[0] == 0)
310
serv6_addr.sin6_addr = in6addr_loopback;
312
serv6_addr.sin6_addr = in6addr_any;
315
/* Linux, by default, allows one socket to be used by both IP stacks
316
* This option disables that behavior, so you must have one socket for
317
* each IP protocol. */
319
if(setsockopt(sd6, IPPROTO_IPV6, IPV6_V6ONLY, &opt, sizeof(opt)) == -1) {
320
LogWarn("Could not set IPv6 socket option properly.\n");
326
setsockopt(sd6, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
327
if (bind(sd6, (struct sockaddr *) &serv6_addr, sizeof (serv6_addr)) < 0) {
328
LogWarn("Failed IPv6 bind: %s", strerror(errno));
332
if (listen(sd6, TCSD_MAX_SOCKETS_QUEUED) < 0) {
333
LogWarn("Failed IPv6 listen: %s", strerror(errno));
337
ssi->domain = AF_INET6;
339
ssi->addr_len = sizeof(serv6_addr);
350
int setup_server_sockets(struct srv_sock_info ssi[])
354
ssi[0].sd = ssi[1].sd = -1;
355
// Only enqueue sockets successfully bound or that weren't disabled.
356
if (tcsd_options.disable_ipv4) {
357
LogWarn("IPv4 support disabled by configuration option");
359
if (setup_ipv4_socket(&ssi[i]) == 0)
363
if (tcsd_options.disable_ipv6) {
364
LogWarn("IPv6 support disabled by configuration option");
366
setup_ipv6_socket(&ssi[i]);
369
// It's only a failure if both sockets are unavailable.
370
if ((ssi[0].sd == -1) && (ssi[1].sd == -1)) {
377
char *fetch_hostname(struct sockaddr_storage *client_addr, socklen_t socklen)
379
char buf[NI_MAXHOST];
381
if (getnameinfo((struct sockaddr *)client_addr, socklen, buf,
382
sizeof(buf), NULL, 0, 0) != 0) {
383
LogWarn("Could not retrieve client address info");
390
void prepare_for_select(struct srv_sock_info *socks_info, int *num_fds,
391
fd_set *rdfd_set, int *nfds)
398
// Filter out socket descriptors in the queue that
400
for (i=0; i < MAX_IP_PROTO; i++) {
401
if (socks_info[i].sd == -1)
404
FD_SET(socks_info[i].sd, rdfd_set);
406
if (*nfds < socks_info[i].sd) // grab highest sd for select call
407
*nfds = socks_info[i].sd;
216
412
main(int argc, char **argv)
218
struct sockaddr_in serv_addr, client_addr;
219
414
TSS_RESULT result;
220
int newsd, c, option_index = 0;
415
int newsd, c, rv, option_index = 0;
417
socklen_t client_len;
222
418
char *hostname = NULL;
423
sigset_t sigmask, termmask, oldsigmask;
424
struct sockaddr_storage client_addr;
425
struct srv_sock_info socks_info[MAX_IP_PROTO];
223
426
struct passwd *pwd;
224
struct hostent *client_hostent = NULL;
225
427
struct option long_options[] = {
226
428
{"help", 0, NULL, 'h'},
227
429
{"foreground", 0, NULL, 'f'},
256
458
if ((result = tcsd_startup()))
257
459
return (int)result;
259
sd = socket(AF_INET, SOCK_STREAM, 0);
261
LogError("Failed socket: %s", strerror(errno));
265
memset(&serv_addr, 0, sizeof (serv_addr));
266
serv_addr.sin_family = AF_INET;
267
serv_addr.sin_port = htons(tcsd_options.port);
269
/* If no remote_ops are defined, restrict connections to localhost
270
* only at the socket. */
271
if (tcsd_options.remote_ops[0] == 0)
272
serv_addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
274
serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
277
setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &c, sizeof(c));
278
if (bind(sd, (struct sockaddr *) &serv_addr, sizeof (serv_addr)) < 0) {
279
LogError("Failed bind: %s", strerror(errno));
462
LogWarn("will not switch user or check for file permissions. "
463
"(Compiled with --disable-usercheck)");
283
466
pwd = getpwnam(TSS_USER_NAME);
284
467
if (pwd == NULL) {
293
476
setuid(pwd->pw_uid);
295
if (listen(sd, TCSD_MAX_SOCKETS_QUEUED) < 0) {
296
LogError("Failed listen: %s", strerror(errno));
480
if (setup_server_sockets(socks_info) == -1) {
481
LogError("Could not create sockets to listen to connections. Aborting...");
299
client_len = (unsigned)sizeof(client_addr);
301
485
if (getenv("TCSD_FOREGROUND") == NULL) {
302
486
if (daemon(0, 0) == -1) {
303
487
perror("daemon");
488
tcsd_shutdown(socks_info);
309
493
LogInfo("%s: TCSD up and running.", PACKAGE_STRING);
495
sigemptyset(&sigmask);
496
sigaddset(&sigmask, SIGTERM);
497
sigaddset(&sigmask, SIGHUP);
499
sigemptyset(&termmask);
500
sigaddset(&termmask, SIGTERM);
311
newsd = accept(sd, (struct sockaddr *) &client_addr, &client_len);
313
if (errno == EINTR) {
317
if (reload_config() != TSS_SUCCESS)
318
LogError("Failed reloading config");
322
LogError("Failed accept: %s", strerror(errno));
326
LogDebug("accepted socket %i", newsd);
328
if ((client_hostent = gethostbyaddr((char *) &client_addr.sin_addr,
329
sizeof(client_addr.sin_addr),
332
uint32_t addr = htonl(client_addr.sin_addr.s_addr);
334
snprintf(buf, 16, "%d.%d.%d.%d", (addr & 0xff000000) >> 24,
335
(addr & 0x00ff0000) >> 16, (addr & 0x0000ff00) >> 8,
338
LogWarn("Host name for connecting IP %s could not be resolved", buf);
339
hostname = strdup(buf);
341
hostname = strdup(client_hostent->h_name);
344
tcsd_thread_create(newsd, hostname);
503
prepare_for_select(socks_info, &num_fds, &rdfd_set, &nfds);
506
LogError("No server sockets available to listen connections. Aborting...");
510
// Block TERM and HUP signals to prevent race condition
511
if (sigprocmask(SIG_BLOCK, &sigmask, &oldsigmask) == -1) {
512
LogError("Error setting interrupt mask before accept");
515
// TERM and HUP are blocked here, so its safe to test flags.
517
// Config reading can be slow, so unmask SIGTERM.
518
if (sigprocmask(SIG_UNBLOCK, &termmask, NULL) == -1) {
519
LogError("Error unblocking SIGTERM before config reload");
347
521
if (reload_config() != TSS_SUCCESS)
348
522
LogError("Failed reloading config");
523
if (sigprocmask(SIG_BLOCK, &termmask, NULL) == -1) {
524
LogError("Error blocking SIGTERM after config reload");
530
// Select IPv4 and IPv6 socket descriptors with appropriate sigmask.
531
LogDebug("Waiting for connections");
532
rv = pselect(nfds+1, &rdfd_set, NULL, NULL, NULL, &oldsigmask);
533
stor_errno = errno; // original mask must be set ASAP, so store errno.
534
if (sigprocmask(SIG_SETMASK, &oldsigmask, NULL) == -1) {
535
LogError("Error reseting signal mask to the original configuration.");
538
if (stor_errno != EINTR) {
539
LogError("Error monitoring server socket descriptors.");
545
for (i=0; i < num_fds; i++) { // accept connections from all IP versions (with valid sd)
546
if (!FD_ISSET(socks_info[i].sd, &rdfd_set)) {
549
client_len = socks_info[i].addr_len;
550
newsd = accept(socks_info[i].sd, (struct sockaddr *) &client_addr, &client_len);
553
LogError("Failed accept: %s", strerror(errno));
556
LogDebug("accepted socket %i", newsd);
558
hostname = fetch_hostname(&client_addr, client_len);
559
if (hostname == NULL)
560
hostname=INVALID_ADDR_STR;
562
tcsd_thread_create(newsd, hostname);
564
} // for (i=0; i < MAX_IP_PROTO; i++)
350
565
} while (term ==0);
352
567
/* To close correctly, we must receive a SIGTERM */
568
tcsd_shutdown(socks_info);