dmake: do not set MAKEFLAGS=k
[unleashed/tickless.git] / usr / src / cmd / cmd-inet / usr.lib / ilbd / ilbd_support.c
bloba5fe6223fd69365b5ecf5c0acc4164d947e8461e
1 /*
2 * CDDL HEADER START
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
19 * CDDL HEADER END
23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
27 #include <stdio.h>
28 #include <stdlib.h>
29 #include <strings.h>
30 #include <unistd.h>
31 #include <stropts.h>
32 #include <sys/types.h>
33 #include <sys/socket.h>
34 #include <sys/stropts.h>
35 #include <sys/sockio.h>
36 #include <errno.h>
37 #include <sys/list.h>
38 #include <auth_attr.h>
39 #include <auth_list.h>
40 #include <secdb.h>
41 #include <libilb.h>
42 #include "libilb_impl.h"
43 #include "ilbd.h"
46 * logs error messages, either to stderr or syslog, depending on
47 * the -d option
49 static boolean_t ilbd_debugging = B_FALSE;
51 /* Socket to issue ioctl() to the kernel */
52 static int ksock = -1;
54 void
55 ilbd_enable_debug(void)
57 ilbd_debugging = B_TRUE;
60 boolean_t
61 is_debugging_on(void)
63 return (ilbd_debugging);
67 * All routines log to syslog, unless the daemon is running in
68 * the foreground, in which case the logging goes to stderr.
69 * The following logging functions are available:
72 * logdebug(): A printf-like function for outputting debug messages
73 * (messages at LOG_DEBUG) that are only of use to developers.
75 * logerr(): A printf-like function for outputting error messages
76 * (messages at LOG_ERR) from the daemon.
78 * logperror*(): A set of functions used to output error messages
79 * (messages at LOG_ERR); these automatically append strerror(errno)
80 * and a newline to the message passed to them.
82 * NOTE: since the logging functions write to syslog, the messages passed
83 * to them are not eligible for localization. Thus, gettext() must
84 * *not* be used.
87 /* PRINTFLIKE2 */
88 void
89 ilbd_log(int pri, const char *fmt, ...)
91 va_list ap;
92 va_start(ap, fmt);
94 if (ilbd_debugging == B_TRUE) {
95 (void) vfprintf(stderr, fmt, ap);
96 (void) fprintf(stderr, "\n");
97 } else {
98 vsyslog(pri, fmt, ap);
100 va_end(ap);
104 /* PRINTFLIKE1 */
105 void
106 logperror(const char *str)
108 if (ilbd_debugging == B_TRUE)
109 (void) fprintf(stderr, "%s: %s\n", str, strerror(errno));
110 else
111 syslog(LOG_ERR, "%s: %m", str);
115 ilb_status_t
116 ilbd_check_client_config_auth(const struct passwd *pwd)
118 if (chkauthattr(NET_ILB_CONFIG_AUTH, pwd->pw_name) == 0) {
119 logdebug("user %s is not authorized for"
120 " configuration operation", pwd->pw_name);
121 return (ILB_STATUS_CFGAUTH);
123 return (ILB_STATUS_OK);
127 ilb_status_t
128 ilbd_check_client_enable_auth(const struct passwd *pwd)
130 if (chkauthattr(NET_ILB_ENABLE_AUTH, pwd->pw_name) == 0) {
131 logdebug("user %s is not authorized for"
132 " enable/disable operation", pwd->pw_name);
133 return (ILB_STATUS_CFGAUTH);
135 return (ILB_STATUS_OK);
140 * input param. "err" should be one of the errnos defined in
141 * /usr/include/sys/errno.h
142 * this list is NOT complete.
144 ilb_status_t
145 ilb_map_errno2ilbstat(int err)
147 ilb_status_t rc = ILB_STATUS_INTERNAL;
149 switch (err) {
150 case 0:
151 rc = ILB_STATUS_OK; /* for completeness' sake */
152 break;
153 case EINVAL:
154 rc = ILB_STATUS_EINVAL;
155 break;
156 case ENOENT:
157 rc = ILB_STATUS_ENOENT;
158 break;
159 case ENOMEM:
160 rc = ILB_STATUS_ENOMEM;
161 break;
162 case EINPROGRESS:
163 rc = ILB_STATUS_INPROGRESS;
164 break;
165 case EEXIST:
166 rc = ILB_STATUS_EEXIST;
167 break;
169 return (rc);
172 static int
173 i_get_kcmd_sz(void *cmdp)
175 int sz;
177 switch (((ilb_rule_cmd_t *)cmdp)->cmd) {
178 case ILB_DESTROY_RULE:
179 case ILB_ENABLE_RULE:
180 case ILB_DISABLE_RULE:
181 sz = sizeof (ilb_name_cmd_t);
182 break;
183 case ILB_CREATE_RULE:
184 case ILB_LIST_RULE:
185 sz = sizeof (ilb_rule_cmd_t);
186 break;
187 case ILB_NUM_RULES:
188 sz = sizeof (ilb_num_rules_cmd_t);
189 break;
190 case ILB_NUM_SERVERS:
191 sz = sizeof (ilb_num_servers_cmd_t);
192 break;
193 case ILB_ADD_SERVERS: {
194 ilb_servers_info_cmd_t *kcmd = (ilb_servers_info_cmd_t *)cmdp;
196 sz = sizeof (*kcmd) + ((kcmd->num_servers - 1) *
197 sizeof (kcmd->servers));
198 break;
200 case ILB_RULE_NAMES: {
201 ilb_rule_names_cmd_t *kcmd = (ilb_rule_names_cmd_t *)cmdp;
203 sz = sizeof (*kcmd) +
204 ((kcmd->num_names - 1) * sizeof (kcmd->buf));
205 break;
207 case ILB_DEL_SERVERS:
208 case ILB_ENABLE_SERVERS:
209 case ILB_DISABLE_SERVERS: {
210 ilb_servers_cmd_t *kcmd = (ilb_servers_cmd_t *)cmdp;
212 sz = sizeof (*kcmd) +
213 ((kcmd->num_servers - 1) * sizeof (kcmd->servers));
214 break;
216 default: sz = -1;
217 break;
219 return (sz);
223 * parameter 'sz' is optional (indicated by == 0); if it's not set
224 * we try to derive it from cmdp->cmd
226 ilb_status_t
227 do_ioctl(void *cmdp, ssize_t sz)
229 struct strioctl ioc;
230 int i_rc;
232 if (ksock == -1) {
233 ksock = socket(AF_INET, SOCK_DGRAM, 0);
234 if (ksock == -1) {
235 logperror("do_ioctl: AF_INET socket call"
236 " failed");
237 return (ILB_STATUS_INTERNAL);
241 (void) memset(&ioc, 0, sizeof (ioc));
242 ioc.ic_cmd = SIOCILB;
243 ioc.ic_timout = 0;
244 ioc.ic_dp = cmdp;
246 if (sz == 0) {
247 sz = i_get_kcmd_sz(cmdp);
249 if (sz == -1) {
250 logdebug("do_ioctl: unknown command");
251 return (ILB_STATUS_INVAL_CMD);
255 ioc.ic_len = sz;
257 i_rc = ioctl(ksock, I_STR, (caddr_t)&ioc);
258 if (i_rc == -1) {
259 logdebug("do_ioctl: SIOCILB ioctl (%d) failed: %s",
260 *(ilb_cmd_t *)cmdp, strerror(errno));
261 return (ilb_map_errno2ilbstat(errno));
264 return (ILB_STATUS_OK);
268 * Create an OK reply to a client request. It is assumed that the passed
269 * in buffer is large enough to hold the reply.
271 void
272 ilbd_reply_ok(uint32_t *rbuf, size_t *rbufsz)
274 ilb_comm_t *ic = (ilb_comm_t *)rbuf;
276 ic->ic_cmd = ILBD_CMD_OK;
277 /* Default is one exchange of request/response. */
278 ic->ic_flags = ILB_COMM_END;
279 *rbufsz = sizeof (ilb_comm_t);
283 * Create an error reply to a client request. It is assumed that the passed
284 * in buffer is large enough to hold the reply.
286 void
287 ilbd_reply_err(uint32_t *rbuf, size_t *rbufsz, ilb_status_t status)
289 ilb_comm_t *ic = (ilb_comm_t *)rbuf;
291 ic->ic_cmd = ILBD_CMD_ERROR;
292 /* Default is one exchange of request/response. */
293 ic->ic_flags = ILB_COMM_END;
294 *(ilb_status_t *)&ic->ic_data = status;
295 *rbufsz = sizeof (ilb_comm_t) + sizeof (ilb_status_t);