Allow basic connectivity check via rrsync
[rsync.git] / socket.c
blobc2075adf8bb81cd05bc8342fdd37666704b7563e
1 /*
2 * Socket functions used in rsync.
4 * Copyright (C) 1992-2001 Andrew Tridgell <tridge@samba.org>
5 * Copyright (C) 2001, 2002 Martin Pool <mbp@samba.org>
6 * Copyright (C) 2003-2020 Wayne Davison
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, visit the http://fsf.org website.
22 /* This file is now converted to use the new-style getaddrinfo()
23 * interface, which supports IPv6 but is also supported on recent
24 * IPv4-only machines. On systems that don't have that interface, we
25 * emulate it using the KAME implementation. */
27 #include "rsync.h"
28 #include "itypes.h"
29 #include "ifuncs.h"
30 #ifdef HAVE_NETINET_IN_SYSTM_H
31 #include <netinet/in_systm.h>
32 #endif
33 #ifdef HAVE_NETINET_IP_H
34 #include <netinet/ip.h>
35 #endif
36 #include <netinet/tcp.h>
38 extern char *bind_address;
39 extern char *sockopts;
40 extern int default_af_hint;
41 extern int connect_timeout;
42 extern int pid_file_fd;
44 #ifdef HAVE_SIGACTION
45 static struct sigaction sigact;
46 #endif
48 static int sock_exec(const char *prog);
50 /* Establish a proxy connection on an open socket to a web proxy by using the
51 * CONNECT method. If proxy_user and proxy_pass are not NULL, they are used to
52 * authenticate to the proxy using the "Basic" proxy-authorization protocol. */
53 static int establish_proxy_connection(int fd, char *host, int port, char *proxy_user, char *proxy_pass)
55 char *cp, buffer[1024];
56 char *authhdr, authbuf[1024];
57 int len;
59 if (proxy_user && proxy_pass) {
60 stringjoin(buffer, sizeof buffer,
61 proxy_user, ":", proxy_pass, NULL);
62 len = strlen(buffer);
64 if ((len*8 + 5) / 6 >= (int)sizeof authbuf - 3) {
65 rprintf(FERROR,
66 "authentication information is too long\n");
67 return -1;
70 base64_encode(buffer, len, authbuf, 1);
71 authhdr = "\r\nProxy-Authorization: Basic ";
72 } else {
73 *authbuf = '\0';
74 authhdr = "";
77 len = snprintf(buffer, sizeof buffer, "CONNECT %s:%d HTTP/1.0%s%s\r\n\r\n", host, port, authhdr, authbuf);
78 assert(len > 0 && len < (int)sizeof buffer);
79 if (write(fd, buffer, len) != len) {
80 rsyserr(FERROR, errno, "failed to write to proxy");
81 return -1;
84 for (cp = buffer; cp < &buffer[sizeof buffer - 1]; cp++) {
85 if (read(fd, cp, 1) != 1) {
86 rsyserr(FERROR, errno, "failed to read from proxy");
87 return -1;
89 if (*cp == '\n')
90 break;
93 if (*cp != '\n')
94 cp++;
95 *cp-- = '\0';
96 if (*cp == '\r')
97 *cp = '\0';
98 if (strncmp(buffer, "HTTP/", 5) != 0) {
99 rprintf(FERROR, "bad response from proxy -- %s\n",
100 buffer);
101 return -1;
103 for (cp = &buffer[5]; isDigit(cp) || *cp == '.'; cp++) {}
104 while (*cp == ' ')
105 cp++;
106 if (*cp != '2') {
107 rprintf(FERROR, "bad response from proxy -- %s\n",
108 buffer);
109 return -1;
111 /* throw away the rest of the HTTP header */
112 while (1) {
113 for (cp = buffer; cp < &buffer[sizeof buffer - 1]; cp++) {
114 if (read(fd, cp, 1) != 1) {
115 rsyserr(FERROR, errno,
116 "failed to read from proxy");
117 return -1;
119 if (*cp == '\n')
120 break;
122 if (cp > buffer && *cp == '\n')
123 cp--;
124 if (cp == buffer && (*cp == '\n' || *cp == '\r'))
125 break;
127 return 0;
131 /* Try to set the local address for a newly-created socket.
132 * Return -1 if this fails. */
133 int try_bind_local(int s, int ai_family, int ai_socktype,
134 const char *bind_addr)
136 int error;
137 struct addrinfo bhints, *bres_all, *r;
139 memset(&bhints, 0, sizeof bhints);
140 bhints.ai_family = ai_family;
141 bhints.ai_socktype = ai_socktype;
142 bhints.ai_flags = AI_PASSIVE;
143 if ((error = getaddrinfo(bind_addr, NULL, &bhints, &bres_all))) {
144 rprintf(FERROR, RSYNC_NAME ": getaddrinfo %s: %s\n",
145 bind_addr, gai_strerror(error));
146 return -1;
149 for (r = bres_all; r; r = r->ai_next) {
150 if (bind(s, r->ai_addr, r->ai_addrlen) == -1)
151 continue;
152 freeaddrinfo(bres_all);
153 return s;
156 /* no error message; there might be some problem that allows
157 * creation of the socket but not binding, perhaps if the
158 * machine has no ipv6 address of this name. */
159 freeaddrinfo(bres_all);
160 return -1;
163 /* connect() timeout handler based on alarm() */
164 static void contimeout_handler(UNUSED(int val))
166 connect_timeout = -1;
169 /* Open a socket to a tcp remote host with the specified port.
171 * Based on code from Warren. Proxy support by Stephen Rothwell.
172 * getaddrinfo() rewrite contributed by KAME.net.
174 * Now that we support IPv6 we need to look up the remote machine's address
175 * first, using af_hint to set a preference for the type of address. Then
176 * depending on whether it has v4 or v6 addresses we try to open a connection.
178 * The loop allows for machines with some addresses which may not be reachable,
179 * perhaps because we can't e.g. route ipv6 to that network but we can get ip4
180 * packets through.
182 * bind_addr: local address to use. Normally NULL to bind the wildcard address.
184 * af_hint: address family, e.g. AF_INET or AF_INET6. */
185 int open_socket_out(char *host, int port, const char *bind_addr, int af_hint)
187 int type = SOCK_STREAM;
188 int error, s, j, addr_cnt, *errnos;
189 struct addrinfo hints, *res0, *res;
190 char portbuf[10];
191 char *h, *cp;
192 int proxied = 0;
193 char buffer[1024];
194 char *proxy_user = NULL, *proxy_pass = NULL;
196 /* if we have a RSYNC_PROXY env variable then redirect our
197 * connection via a web proxy at the given address. */
198 h = getenv("RSYNC_PROXY");
199 proxied = h != NULL && *h != '\0';
201 if (proxied) {
202 strlcpy(buffer, h, sizeof buffer);
204 /* Is the USER:PASS@ prefix present? */
205 if ((cp = strrchr(buffer, '@')) != NULL) {
206 *cp++ = '\0';
207 /* The remainder is the HOST:PORT part. */
208 h = cp;
210 if ((cp = strchr(buffer, ':')) == NULL) {
211 rprintf(FERROR,
212 "invalid proxy specification: should be USER:PASS@HOST:PORT\n");
213 return -1;
215 *cp++ = '\0';
217 proxy_user = buffer;
218 proxy_pass = cp;
219 } else {
220 /* The whole buffer is the HOST:PORT part. */
221 h = buffer;
224 if ((cp = strchr(h, ':')) == NULL) {
225 rprintf(FERROR,
226 "invalid proxy specification: should be HOST:PORT\n");
227 return -1;
229 *cp++ = '\0';
230 strlcpy(portbuf, cp, sizeof portbuf);
231 if (DEBUG_GTE(CONNECT, 1)) {
232 rprintf(FINFO, "connection via http proxy %s port %s\n",
233 h, portbuf);
235 } else {
236 snprintf(portbuf, sizeof portbuf, "%d", port);
237 h = host;
240 memset(&hints, 0, sizeof hints);
241 hints.ai_family = af_hint;
242 hints.ai_socktype = type;
243 error = getaddrinfo(h, portbuf, &hints, &res0);
244 if (error) {
245 rprintf(FERROR, RSYNC_NAME ": getaddrinfo: %s %s: %s\n",
246 h, portbuf, gai_strerror(error));
247 return -1;
250 for (res = res0, addr_cnt = 0; res; res = res->ai_next, addr_cnt++) {}
251 errnos = new_array0(int, addr_cnt);
253 s = -1;
254 /* Try to connect to all addresses for this machine until we get
255 * through. It might e.g. be multi-homed, or have both IPv4 and IPv6
256 * addresses. We need to create a socket for each record, since the
257 * address record tells us what protocol to use to try to connect. */
258 for (res = res0, j = 0; res; res = res->ai_next, j++) {
259 s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
260 if (s < 0)
261 continue;
263 if (bind_addr
264 && try_bind_local(s, res->ai_family, type,
265 bind_addr) == -1) {
266 close(s);
267 s = -1;
268 continue;
270 if (connect_timeout > 0) {
271 SIGACTION(SIGALRM, contimeout_handler);
272 alarm(connect_timeout);
275 set_socket_options(s, sockopts);
276 while (connect(s, res->ai_addr, res->ai_addrlen) < 0) {
277 if (connect_timeout < 0)
278 exit_cleanup(RERR_CONTIMEOUT);
279 if (errno == EINTR)
280 continue;
281 close(s);
282 s = -1;
283 break;
286 if (connect_timeout > 0)
287 alarm(0);
289 if (s < 0) {
290 errnos[j] = errno;
291 continue;
294 if (proxied && establish_proxy_connection(s, host, port, proxy_user, proxy_pass) != 0) {
295 close(s);
296 s = -1;
297 continue;
299 if (DEBUG_GTE(CONNECT, 2)) {
300 char buf[2048];
301 if ((error = getnameinfo(res->ai_addr, res->ai_addrlen, buf, sizeof buf, NULL, 0, NI_NUMERICHOST)) != 0)
302 snprintf(buf, sizeof buf, "*getnameinfo failure: %s*", gai_strerror(error));
303 rprintf(FINFO, "Connected to %s (%s)\n", h, buf);
305 break;
308 if (s < 0 || DEBUG_GTE(CONNECT, 2)) {
309 char buf[2048];
310 for (res = res0, j = 0; res; res = res->ai_next, j++) {
311 if (errnos[j] == 0)
312 continue;
313 if ((error = getnameinfo(res->ai_addr, res->ai_addrlen, buf, sizeof buf, NULL, 0, NI_NUMERICHOST)) != 0)
314 snprintf(buf, sizeof buf, "*getnameinfo failure: %s*", gai_strerror(error));
315 rsyserr(FERROR, errnos[j], "failed to connect to %s (%s)", h, buf);
317 if (s < 0)
318 s = -1;
321 freeaddrinfo(res0);
322 free(errnos);
324 return s;
328 /* Open an outgoing socket, but allow for it to be intercepted by
329 * $RSYNC_CONNECT_PROG, which will execute a program across a TCP
330 * socketpair rather than really opening a socket.
332 * We use this primarily in testing to detect TCP flow bugs, but not
333 * cause security problems by really opening remote connections.
335 * This is based on the Samba LIBSMB_PROG feature.
337 * bind_addr: local address to use. Normally NULL to get the stack default. */
338 int open_socket_out_wrapped(char *host, int port, const char *bind_addr, int af_hint)
340 char *prog = getenv("RSYNC_CONNECT_PROG");
342 if (prog && strchr(prog, '%')) {
343 int hlen = strlen(host);
344 int len = strlen(prog) + 1;
345 char *f, *t;
346 for (f = prog; *f; f++) {
347 if (*f != '%')
348 continue;
349 /* Compute more than enough room. */
350 if (f[1] == '%')
351 f++;
352 else
353 len += hlen;
355 f = prog;
356 prog = new_array(char, len);
357 for (t = prog; *f; f++) {
358 if (*f == '%') {
359 switch (*++f) {
360 case '%':
361 /* Just skips the extra '%'. */
362 break;
363 case 'H':
364 memcpy(t, host, hlen);
365 t += hlen;
366 continue;
367 default:
368 f--; /* pass % through */
369 break;
372 *t++ = *f;
374 *t = '\0';
377 if (DEBUG_GTE(CONNECT, 1)) {
378 rprintf(FINFO, "%sopening tcp connection to %s port %d\n",
379 prog ? "Using RSYNC_CONNECT_PROG instead of " : "",
380 host, port);
382 if (prog)
383 return sock_exec(prog);
384 return open_socket_out(host, port, bind_addr, af_hint);
388 /* Open one or more sockets for incoming data using the specified type,
389 * port, and address.
391 * The getaddrinfo() call may return several address results, e.g. for
392 * the machine's IPv4 and IPv6 name.
394 * We return an array of file-descriptors to the sockets, with a trailing
395 * -1 value to indicate the end of the list.
397 * bind_addr: local address to bind, or NULL to allow it to default. */
398 static int *open_socket_in(int type, int port, const char *bind_addr,
399 int af_hint)
401 int one = 1;
402 int s, *socks, maxs, i, ecnt;
403 struct addrinfo hints, *all_ai, *resp;
404 char portbuf[10], **errmsgs;
405 int error;
407 memset(&hints, 0, sizeof hints);
408 hints.ai_family = af_hint;
409 hints.ai_socktype = type;
410 hints.ai_flags = AI_PASSIVE;
411 snprintf(portbuf, sizeof portbuf, "%d", port);
412 error = getaddrinfo(bind_addr, portbuf, &hints, &all_ai);
413 if (error) {
414 rprintf(FERROR, RSYNC_NAME ": getaddrinfo: bind address %s: %s\n",
415 bind_addr, gai_strerror(error));
416 return NULL;
419 /* Count max number of sockets we might open. */
420 for (maxs = 0, resp = all_ai; resp; resp = resp->ai_next, maxs++) {}
422 socks = new_array(int, maxs + 1);
423 errmsgs = new_array(char *, maxs);
425 /* We may not be able to create the socket, if for example the
426 * machine knows about IPv6 in the C library, but not in the
427 * kernel. */
428 for (resp = all_ai, i = ecnt = 0; resp; resp = resp->ai_next) {
429 s = socket(resp->ai_family, resp->ai_socktype,
430 resp->ai_protocol);
432 if (s == -1) {
433 int r = asprintf(&errmsgs[ecnt++],
434 "socket(%d,%d,%d) failed: %s\n",
435 (int)resp->ai_family, (int)resp->ai_socktype,
436 (int)resp->ai_protocol, strerror(errno));
437 if (r < 0)
438 out_of_memory("open_socket_in");
439 /* See if there's another address that will work... */
440 continue;
443 setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
444 (char *)&one, sizeof one);
445 if (sockopts)
446 set_socket_options(s, sockopts);
447 else
448 set_socket_options(s, lp_socket_options());
450 #ifdef IPV6_V6ONLY
451 if (resp->ai_family == AF_INET6) {
452 if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, (char *)&one, sizeof one) < 0
453 && default_af_hint != AF_INET6) {
454 close(s);
455 continue;
458 #endif
460 /* Now we've got a socket - we need to bind it. */
461 if (bind(s, resp->ai_addr, resp->ai_addrlen) < 0) {
462 /* Nope, try another */
463 int r = asprintf(&errmsgs[ecnt++],
464 "bind() failed: %s (address-family %d)\n",
465 strerror(errno), (int)resp->ai_family);
466 if (r < 0)
467 out_of_memory("open_socket_in");
468 close(s);
469 continue;
472 socks[i++] = s;
474 socks[i] = -1;
476 if (all_ai)
477 freeaddrinfo(all_ai);
479 /* Only output the socket()/bind() messages if we were totally
480 * unsuccessful, or if the daemon is being run with -vv. */
481 for (s = 0; s < ecnt; s++) {
482 if (!i || DEBUG_GTE(BIND, 1))
483 rwrite(FLOG, errmsgs[s], strlen(errmsgs[s]), 0);
484 free(errmsgs[s]);
486 free(errmsgs);
488 if (!i) {
489 rprintf(FERROR,
490 "unable to bind any inbound sockets on port %d\n",
491 port);
492 free(socks);
493 return NULL;
495 return socks;
499 /* Determine if a file descriptor is in fact a socket. */
500 int is_a_socket(int fd)
502 int v;
503 socklen_t l = sizeof (int);
505 /* Parameters to getsockopt, setsockopt etc are very
506 * unstandardized across platforms, so don't be surprised if
507 * there are compiler warnings on e.g. SCO OpenSwerver or AIX.
508 * It seems they all eventually get the right idea.
510 * Debian says: ``The fifth argument of getsockopt and
511 * setsockopt is in reality an int [*] (and this is what BSD
512 * 4.* and libc4 and libc5 have). Some POSIX confusion
513 * resulted in the present socklen_t. The draft standard has
514 * not been adopted yet, but glibc2 already follows it and
515 * also has socklen_t [*]. See also accept(2).''
517 * We now return to your regularly scheduled programming. */
518 return getsockopt(fd, SOL_SOCKET, SO_TYPE, (char *)&v, &l) == 0;
522 static void sigchld_handler(UNUSED(int val))
524 #ifdef WNOHANG
525 while (waitpid(-1, NULL, WNOHANG) > 0) {}
526 #endif
527 #ifndef HAVE_SIGACTION
528 signal(SIGCHLD, sigchld_handler);
529 #endif
533 void start_accept_loop(int port, int (*fn)(int, int))
535 fd_set deffds;
536 int *sp, maxfd, i;
538 #ifdef HAVE_SIGACTION
539 sigact.sa_flags = SA_NOCLDSTOP;
540 #endif
542 /* open an incoming socket */
543 sp = open_socket_in(SOCK_STREAM, port, bind_address, default_af_hint);
544 if (sp == NULL)
545 exit_cleanup(RERR_SOCKETIO);
547 /* ready to listen */
548 FD_ZERO(&deffds);
549 for (i = 0, maxfd = -1; sp[i] >= 0; i++) {
550 if (listen(sp[i], lp_listen_backlog()) < 0) {
551 rsyserr(FERROR, errno, "listen() on socket failed");
552 #ifdef INET6
553 if (errno == EADDRINUSE && i > 0) {
554 rprintf(FINFO, "Try using --ipv4 or --ipv6 to avoid this listen() error.\n");
556 #endif
557 exit_cleanup(RERR_SOCKETIO);
559 FD_SET(sp[i], &deffds);
560 if (maxfd < sp[i])
561 maxfd = sp[i];
564 /* now accept incoming connections - forking a new process
565 * for each incoming connection */
566 while (1) {
567 fd_set fds;
568 pid_t pid;
569 int fd;
570 struct sockaddr_storage addr;
571 socklen_t addrlen = sizeof addr;
573 /* close log file before the potentially very long select so
574 * file can be trimmed by another process instead of growing
575 * forever */
576 logfile_close();
578 #ifdef FD_COPY
579 FD_COPY(&deffds, &fds);
580 #else
581 fds = deffds;
582 #endif
584 if (select(maxfd + 1, &fds, NULL, NULL, NULL) < 1)
585 continue;
587 for (i = 0, fd = -1; sp[i] >= 0; i++) {
588 if (FD_ISSET(sp[i], &fds)) {
589 fd = accept(sp[i], (struct sockaddr *)&addr, &addrlen);
590 break;
594 if (fd < 0)
595 continue;
597 SIGACTION(SIGCHLD, sigchld_handler);
599 if ((pid = fork()) == 0) {
600 int ret;
601 if (pid_file_fd >= 0)
602 close(pid_file_fd);
603 for (i = 0; sp[i] >= 0; i++)
604 close(sp[i]);
605 /* Re-open log file in child before possibly giving
606 * up privileges (see logfile_close() above). */
607 logfile_reopen();
608 ret = fn(fd, fd);
609 close_all();
610 _exit(ret);
611 } else if (pid < 0) {
612 rsyserr(FERROR, errno,
613 "could not create child server process");
614 close(fd);
615 /* This might have happened because we're
616 * overloaded. Sleep briefly before trying to
617 * accept again. */
618 sleep(2);
619 } else {
620 /* Parent doesn't need this fd anymore. */
621 close(fd);
627 enum SOCK_OPT_TYPES {OPT_BOOL,OPT_INT,OPT_ON};
629 struct
631 char *name;
632 int level;
633 int option;
634 int value;
635 int opttype;
636 } socket_options[] = {
637 {"SO_KEEPALIVE", SOL_SOCKET, SO_KEEPALIVE, 0, OPT_BOOL},
638 {"SO_REUSEADDR", SOL_SOCKET, SO_REUSEADDR, 0, OPT_BOOL},
639 #ifdef SO_BROADCAST
640 {"SO_BROADCAST", SOL_SOCKET, SO_BROADCAST, 0, OPT_BOOL},
641 #endif
642 #ifdef TCP_NODELAY
643 {"TCP_NODELAY", IPPROTO_TCP, TCP_NODELAY, 0, OPT_BOOL},
644 #endif
645 #ifdef IPTOS_LOWDELAY
646 {"IPTOS_LOWDELAY", IPPROTO_IP, IP_TOS, IPTOS_LOWDELAY, OPT_ON},
647 #endif
648 #ifdef IPTOS_THROUGHPUT
649 {"IPTOS_THROUGHPUT", IPPROTO_IP, IP_TOS, IPTOS_THROUGHPUT, OPT_ON},
650 #endif
651 #ifdef SO_SNDBUF
652 {"SO_SNDBUF", SOL_SOCKET, SO_SNDBUF, 0, OPT_INT},
653 #endif
654 #ifdef SO_RCVBUF
655 {"SO_RCVBUF", SOL_SOCKET, SO_RCVBUF, 0, OPT_INT},
656 #endif
657 #ifdef SO_SNDLOWAT
658 {"SO_SNDLOWAT", SOL_SOCKET, SO_SNDLOWAT, 0, OPT_INT},
659 #endif
660 #ifdef SO_RCVLOWAT
661 {"SO_RCVLOWAT", SOL_SOCKET, SO_RCVLOWAT, 0, OPT_INT},
662 #endif
663 #ifdef SO_SNDTIMEO
664 {"SO_SNDTIMEO", SOL_SOCKET, SO_SNDTIMEO, 0, OPT_INT},
665 #endif
666 #ifdef SO_RCVTIMEO
667 {"SO_RCVTIMEO", SOL_SOCKET, SO_RCVTIMEO, 0, OPT_INT},
668 #endif
669 {NULL,0,0,0,0}
673 /* Set user socket options. */
674 void set_socket_options(int fd, char *options)
676 char *tok;
678 if (!options || !*options)
679 return;
681 options = strdup(options);
683 for (tok = strtok(options, " \t,"); tok; tok = strtok(NULL," \t,")) {
684 int ret=0,i;
685 int value = 1;
686 char *p;
687 int got_value = 0;
689 if ((p = strchr(tok,'='))) {
690 *p = 0;
691 value = atoi(p+1);
692 got_value = 1;
695 for (i = 0; socket_options[i].name; i++) {
696 if (strcmp(socket_options[i].name,tok)==0)
697 break;
700 if (!socket_options[i].name) {
701 rprintf(FERROR,"Unknown socket option %s\n",tok);
702 continue;
705 switch (socket_options[i].opttype) {
706 case OPT_BOOL:
707 case OPT_INT:
708 ret = setsockopt(fd,socket_options[i].level,
709 socket_options[i].option,
710 (char *)&value, sizeof (int));
711 break;
713 case OPT_ON:
714 if (got_value)
715 rprintf(FERROR,"syntax error -- %s does not take a value\n",tok);
718 int on = socket_options[i].value;
719 ret = setsockopt(fd,socket_options[i].level,
720 socket_options[i].option,
721 (char *)&on, sizeof (int));
723 break;
726 if (ret != 0) {
727 rsyserr(FERROR, errno,
728 "failed to set socket option %s", tok);
732 free(options);
736 /* This is like socketpair but uses tcp. The function guarantees that nobody
737 * else can attach to the socket, or if they do that this function fails and
738 * the socket gets closed. Returns 0 on success, -1 on failure. The resulting
739 * file descriptors are symmetrical. Currently only for RSYNC_CONNECT_PROG. */
740 static int socketpair_tcp(int fd[2])
742 int listener;
743 struct sockaddr_in sock;
744 struct sockaddr_in sock2;
745 socklen_t socklen = sizeof sock;
746 int connect_done = 0;
748 fd[0] = fd[1] = listener = -1;
750 memset(&sock, 0, sizeof sock);
752 if ((listener = socket(PF_INET, SOCK_STREAM, 0)) == -1)
753 goto failed;
755 memset(&sock2, 0, sizeof sock2);
756 #ifdef HAVE_SOCKADDR_IN_LEN
757 sock2.sin_len = sizeof sock2;
758 #endif
759 sock2.sin_family = PF_INET;
760 sock2.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
762 if (bind(listener, (struct sockaddr *)&sock2, sizeof sock2) != 0
763 || listen(listener, 1) != 0
764 || getsockname(listener, (struct sockaddr *)&sock, &socklen) != 0
765 || (fd[1] = socket(PF_INET, SOCK_STREAM, 0)) == -1)
766 goto failed;
768 set_nonblocking(fd[1]);
770 sock.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
772 if (connect(fd[1], (struct sockaddr *)&sock, sizeof sock) == -1) {
773 if (errno != EINPROGRESS)
774 goto failed;
775 } else
776 connect_done = 1;
778 if ((fd[0] = accept(listener, (struct sockaddr *)&sock2, &socklen)) == -1)
779 goto failed;
781 close(listener);
782 listener = -1;
784 set_blocking(fd[1]);
786 if (connect_done == 0) {
787 if (connect(fd[1], (struct sockaddr *)&sock, sizeof sock) != 0 && errno != EISCONN)
788 goto failed;
791 /* all OK! */
792 return 0;
794 failed:
795 if (fd[0] != -1)
796 close(fd[0]);
797 if (fd[1] != -1)
798 close(fd[1]);
799 if (listener != -1)
800 close(listener);
801 return -1;
805 /* Run a program on a local tcp socket, so that we can talk to it's stdin and
806 * stdout. This is used to fake a connection to a daemon for testing -- not
807 * for the normal case of running SSH.
809 * Returns a socket which is attached to a subprocess running "prog". stdin and
810 * stdout are attached. stderr is left attached to the original stderr. */
811 static int sock_exec(const char *prog)
813 pid_t pid;
814 int fd[2];
816 if (socketpair_tcp(fd) != 0) {
817 rsyserr(FERROR, errno, "socketpair_tcp failed");
818 return -1;
820 if (DEBUG_GTE(CMD, 1))
821 rprintf(FINFO, "Running socket program: \"%s\"\n", prog);
823 pid = fork();
824 if (pid < 0) {
825 rsyserr(FERROR, errno, "fork");
826 exit_cleanup(RERR_IPC);
829 if (pid == 0) {
830 close(fd[0]);
831 if (dup2(fd[1], STDIN_FILENO) < 0
832 || dup2(fd[1], STDOUT_FILENO) < 0) {
833 fprintf(stderr, "Failed to run \"%s\"\n", prog);
834 exit(1);
836 exit(shell_exec(prog));
839 close(fd[1]);
840 return fd[0];