Lines Matching refs:sep
156 #define ISWRAP(sep) \
157 ( ((wrap_ex && !(sep)->se_bi) || (wrap_bi && (sep)->se_bi)) \
158 && (sep->se_family == AF_INET || sep->se_family == AF_INET6) \
159 && ( ((sep)->se_accept && (sep)->se_socktype == SOCK_STREAM) \
160 || (sep)->se_socktype == SOCK_DGRAM))
222 static void unregisterrpc(register struct servtab *sep);
223 static struct conninfo *search_conn(struct servtab *sep, int ctrl);
224 static int room_conn(struct servtab *sep, struct conninfo *conn);
228 static void resize_conn(struct servtab *sep, int maxperip);
229 static void free_connlist(struct servtab *sep);
319 struct servtab *sep;
607 for (sep = servtab; n && sep; sep = sep->se_next)
608 if (sep->se_fd != -1 && FD_ISSET(sep->se_fd, &readable)) {
611 warnx("someone wants %s", sep->se_service);
612 dofork = !sep->se_bi || sep->se_bi->bi_fork || ISWRAP(sep);
614 if (sep->se_accept && sep->se_socktype == SOCK_STREAM) {
616 if (ioctl(sep->se_fd, FIONBIO, &i) < 0)
618 ctrl = accept(sep->se_fd, (struct sockaddr *)0,
626 sep->se_service);
627 if (sep->se_accept &&
628 sep->se_socktype == SOCK_STREAM)
633 if (ioctl(sep->se_fd, FIONBIO, &i) < 0)
637 if (cpmip(sep, ctrl) < 0) {
642 (conn = search_conn(sep, ctrl)) != NULL &&
643 !room_conn(sep, conn)) {
648 ctrl = sep->se_fd;
649 if (dolog && !ISWRAP(sep)) {
671 syslog(LOG_INFO,"%s from %s", sep->se_service, pname);
681 if (sep->se_count++ == 0)
682 (void)clock_gettime(CLOCK_MONOTONIC_FAST, &sep->se_time);
683 else if (toomany > 0 && sep->se_count >= toomany) {
687 if (now.tv_sec - sep->se_time.tv_sec >
689 sep->se_time = now;
690 sep->se_count = 1;
694 sep->se_service, sep->se_proto);
695 if (sep->se_accept &&
696 sep->se_socktype == SOCK_STREAM)
698 close_sep(sep);
712 if (sep->se_accept &&
713 sep->se_socktype == SOCK_STREAM)
722 addchild(sep, pid);
736 if (sep->se_bi &&
737 sep->se_bi->bi_fn == (bi_fn_t *) tcpmux) {
738 sep = tcpmux(ctrl);
739 if (sep == NULL) {
745 if (ISWRAP(sep)) {
747 service = sep->se_server_name ?
748 sep->se_server_name : sep->se_service;
757 eval_client(&req), service, sep->se_proto,
759 if (sep->se_socktype != SOCK_STREAM)
769 eval_client(&req), service, sep->se_proto,
774 if (sep->se_bi) {
775 (*sep->se_bi->bi_fn)(ctrl, sep);
779 getpid(), sep->se_server);
784 sep->se_service, sep->se_proto);
793 if ((pwd = getpwnam(sep->se_user)) == NULL) {
796 sep->se_service, sep->se_proto,
797 sep->se_user);
798 if (sep->se_socktype != SOCK_STREAM)
803 if ( sep->se_group != NULL
804 && (grp = getgrnam(sep->se_group)) == NULL
808 sep->se_service, sep->se_proto,
809 sep->se_group);
810 if (sep->se_socktype != SOCK_STREAM)
817 if ((lc = login_getclass(sep->se_class)) == NULL) {
821 sep->se_service, sep->se_proto,
822 sep->se_class);
823 if (sep->se_socktype != SOCK_STREAM)
831 sep->se_service);
840 sep->se_service, sep->se_user);
846 if (setlogin(sep->se_user) < 0) {
849 sep->se_service, sep->se_user);
855 sep->se_service, pwd->pw_gid);
863 sep->se_service, pwd->pw_uid);
870 execv(sep->se_server, sep->se_argv);
872 "cannot execute %s: %m", sep->se_server);
873 if (sep->se_socktype != SOCK_STREAM)
879 if (sep->se_accept && sep->se_socktype == SOCK_STREAM)
907 addchild(struct servtab *sep, pid_t pid)
912 if (SERVTAB_EXCEEDS_LIMIT(sep)) {
914 __func__, sep->se_numchild, sep->se_maxchild);
924 LIST_INSERT_HEAD(&sep->se_children, sc, sc_link);
925 ++sep->se_numchild;
926 if (SERVTAB_AT_LIMIT(sep))
927 disable(sep);
936 struct servtab *sep;
947 for (sep = servtab; sep; sep = sep->se_next) {
948 LIST_FOREACH(sc, &sep->se_children, sc_link) {
954 if (SERVTAB_AT_LIMIT(sep))
955 enable(sep);
958 --sep->se_numchild;
962 sep->se_server, pid,
975 struct servtab *sep, *new, **sepp;
986 for (sep = servtab; sep; sep = sep->se_next)
987 sep->se_checked = 0;
1012 for (sep = servtab; sep; sep = sep->se_next)
1013 if (strcmp(sep->se_service, new->se_service) == 0 &&
1014 strcmp(sep->se_proto, new->se_proto) == 0 &&
1015 sep->se_rpc == new->se_rpc &&
1016 sep->se_socktype == new->se_socktype &&
1017 sep->se_family == new->se_family)
1019 if (sep != 0) {
1024 if (sep->se_nomapped != new->se_nomapped) {
1026 if (!sep->se_rpc)
1027 sep->se_nomapped = new->se_nomapped;
1028 sep->se_reset = 1;
1036 sep->se_maxcpm = new->se_maxcpm;
1037 sep->se_maxchild = new->se_maxchild;
1038 resize_conn(sep, new->se_maxperip);
1039 sep->se_maxperip = new->se_maxperip;
1040 sep->se_bi = new->se_bi;
1042 if (sep->se_fd >= 0) {
1043 if (SERVTAB_EXCEEDS_LIMIT(sep)) {
1044 if (FD_ISSET(sep->se_fd, &allsock))
1045 disable(sep);
1047 if (!FD_ISSET(sep->se_fd, &allsock))
1048 enable(sep);
1051 sep->se_accept = new->se_accept;
1052 SWAP(char *, sep->se_user, new->se_user);
1053 SWAP(char *, sep->se_group, new->se_group);
1055 SWAP(char *, sep->se_class, new->se_class);
1057 SWAP(char *, sep->se_server, new->se_server);
1058 SWAP(char *, sep->se_server_name, new->se_server_name);
1060 SWAP(char *, sep->se_argv[i], new->se_argv[i]);
1062 SWAP(char *, sep->se_policy, new->se_policy);
1063 ipsecsetup(sep);
1068 print_service("REDO", sep);
1070 sep = enter(new);
1072 print_service("ADD ", sep);
1074 sep->se_checked = 1;
1075 if (ISMUX(sep)) {
1076 sep->se_fd = -1;
1079 switch (sep->se_family) {
1082 sep->se_fd = -1;
1089 sep->se_fd = -1;
1095 if (!sep->se_rpc) {
1096 if (sep->se_family != AF_UNIX) {
1097 sp = getservbyname(sep->se_service, sep->se_proto);
1100 sep->se_service, sep->se_proto);
1101 sep->se_checked = 0;
1105 switch (sep->se_family) {
1107 if (sp->s_port != sep->se_ctrladdr4.sin_port) {
1108 sep->se_ctrladdr4.sin_port =
1110 sep->se_reset = 1;
1116 sep->se_ctrladdr6.sin6_port) {
1117 sep->se_ctrladdr6.sin6_port =
1119 sep->se_reset = 1;
1124 if (sep->se_reset != 0 && sep->se_fd >= 0)
1125 close_sep(sep);
1127 rpc = getrpcbyname(sep->se_service);
1130 sep->se_service, sep->se_proto);
1131 if (sep->se_fd != -1)
1132 (void) close(sep->se_fd);
1133 sep->se_fd = -1;
1136 if (sep->se_reset != 0 ||
1137 rpc->r_number != sep->se_rpc_prog) {
1138 if (sep->se_rpc_prog)
1139 unregisterrpc(sep);
1140 sep->se_rpc_prog = rpc->r_number;
1141 if (sep->se_fd != -1)
1142 (void) close(sep->se_fd);
1143 sep->se_fd = -1;
1145 sep->se_nomapped = new_nomapped;
1147 sep->se_reset = 0;
1148 if (sep->se_fd == -1)
1149 setup(sep);
1157 while ((sep = *sepp)) {
1158 if (sep->se_checked) {
1159 sepp = &sep->se_next;
1162 *sepp = sep->se_next;
1163 if (sep->se_fd >= 0)
1164 close_sep(sep);
1166 print_service("FREE", sep);
1167 if (sep->se_rpc && sep->se_rpc_prog > 0)
1168 unregisterrpc(sep);
1169 freeconfig(sep);
1170 free(sep);
1176 unregisterrpc(struct servtab *sep)
1184 netid4 = sep->se_socktype == SOCK_DGRAM ? udpconf : tcpconf;
1185 netid6 = sep->se_socktype == SOCK_DGRAM ? udp6conf : tcp6conf;
1186 if (sep->se_family == AF_INET)
1188 else if (sep->se_nomapped)
1199 if (sepp == sep)
1203 strcmp(sep->se_proto, sepp->se_proto) != 0 ||
1204 sep->se_rpc_prog != sepp->se_rpc_prog)
1210 if (!sep->se_nomapped)
1217 print_service("UNREG", sep);
1218 for (i = sep->se_rpc_lowvers; i <= sep->se_rpc_highvers; i++) {
1220 rpcb_unset(sep->se_rpc_prog, i, netid4);
1222 rpcb_unset(sep->se_rpc_prog, i, netid6);
1224 if (sep->se_fd != -1)
1225 (void) close(sep->se_fd);
1226 sep->se_fd = -1;
1233 struct servtab *sep;
1236 for (sep = servtab; sep; sep = sep->se_next)
1237 if (sep->se_fd == -1 && !ISMUX(sep))
1238 setup(sep);
1242 setup(struct servtab *sep)
1247 if ((sep->se_fd = socket(sep->se_family,
1248 sep->se_socktype | SOCK_CLOEXEC, 0)) < 0) {
1251 sep->se_service, sep->se_proto);
1253 sep->se_service, sep->se_proto);
1258 if (strcmp(sep->se_proto, "tcp") == 0 && (options & SO_DEBUG) &&
1259 turnon(sep->se_fd, SO_DEBUG) < 0)
1261 if (turnon(sep->se_fd, SO_REUSEADDR) < 0)
1264 if (turnon(sep->se_fd, SO_PRIVSTATE) < 0)
1269 if ((sep->se_family == AF_INET6) &&
1270 (strcmp(sep->se_proto, "udp") == 0) &&
1271 (sep->se_accept == 0) &&
1272 (setsockopt(sep->se_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO,
1275 if (sep->se_family == AF_INET6) {
1276 int flag = sep->se_nomapped ? 1 : 0;
1277 if (setsockopt(sep->se_fd, IPPROTO_IPV6, IPV6_V6ONLY,
1284 ipsecsetup(sep);
1286 if (sep->se_family == AF_UNIX) {
1287 (void) unlink(sep->se_ctrladdr_un.sun_path);
1290 if (bind(sep->se_fd, (struct sockaddr *)&sep->se_ctrladdr,
1291 sep->se_ctrladdr_size) < 0) {
1294 sep->se_service, sep->se_proto);
1296 sep->se_service, sep->se_proto);
1297 (void) close(sep->se_fd);
1298 sep->se_fd = -1;
1303 if (sep->se_family == AF_UNIX)
1307 if (sep->se_family == AF_UNIX) {
1309 if (chown(sep->se_service, sep->se_sockuid, sep->se_sockgid) < 0)
1311 if (chmod(sep->se_service, sep->se_sockmode) < 0)
1315 if (sep->se_rpc) {
1317 socklen_t len = sep->se_ctrladdr_size;
1324 if (getsockname(sep->se_fd,
1325 (struct sockaddr*)&sep->se_ctrladdr, &len) < 0){
1327 sep->se_service, sep->se_proto);
1328 (void) close(sep->se_fd);
1329 sep->se_fd = -1;
1332 nbuf.buf = &sep->se_ctrladdr;
1333 nbuf.len = sep->se_ctrladdr.sa_len;
1334 if (sep->se_family == AF_INET)
1335 netid = sep->se_socktype==SOCK_DGRAM? udpconf:tcpconf;
1338 netid = sep->se_socktype==SOCK_DGRAM? udp6conf:tcp6conf;
1339 if (!sep->se_nomapped) { /* INET and INET6 */
1345 sock.sin_port = sep->se_ctrladdr6.sin6_port;
1352 sep->se_service, sep->se_proto);
1353 (void) close(sep->se_fd);
1354 sep->se_fd = -1;
1359 print_service("REG ", sep);
1360 for (i = sep->se_rpc_lowvers; i <= sep->se_rpc_highvers; i++) {
1361 rpcb_unset(sep->se_rpc_prog, i, netid);
1362 rpcb_set(sep->se_rpc_prog, i, netid, &nbuf);
1364 rpcb_unset(sep->se_rpc_prog, i, netid2);
1365 rpcb_set(sep->se_rpc_prog, i, netid2, &nbuf2);
1369 if (sep->se_socktype == SOCK_STREAM)
1370 listen(sep->se_fd, -1);
1371 enable(sep);
1374 sep->se_server, sep->se_fd);
1380 ipsecsetup(struct servtab *sep)
1388 switch (sep->se_family) {
1403 if (!sep->se_policy || sep->se_policy[0] == '\0') {
1408 if (!strncmp("in", sep->se_policy, 2))
1409 policy_in = sep->se_policy;
1410 else if (!strncmp("out", sep->se_policy, 3))
1411 policy_out = sep->se_policy;
1414 sep->se_policy);
1422 if (setsockopt(sep->se_fd, level, opt,
1426 sep->se_service, sep->se_proto,
1436 if (setsockopt(sep->se_fd, level, opt,
1440 sep->se_service, sep->se_proto,
1454 close_sep(struct servtab *sep)
1456 if (sep->se_fd >= 0) {
1457 if (FD_ISSET(sep->se_fd, &allsock))
1458 disable(sep);
1459 (void) close(sep->se_fd);
1460 sep->se_fd = -1;
1462 sep->se_count = 0;
1463 sep->se_numchild = 0; /* forget about any existing children */
1493 struct servtab *sep;
1496 sep = malloc(sizeof(*sep));
1497 if (sep == NULL) {
1501 *sep = *cp;
1502 sep->se_fd = -1;
1504 sep->se_next = servtab;
1505 servtab = sep;
1507 return (sep);
1511 enable(struct servtab *sep)
1515 "enabling %s, fd %d", sep->se_service, sep->se_fd);
1517 if (sep->se_fd < 0) {
1519 "%s: %s: bad fd", __func__, sep->se_service);
1522 if (ISMUX(sep)) {
1524 "%s: %s: is mux", __func__, sep->se_service);
1527 if (FD_ISSET(sep->se_fd, &allsock)) {
1529 "%s: %s: not off", __func__, sep->se_service);
1534 FD_SET(sep->se_fd, &allsock);
1535 maxsock = MAX(maxsock, sep->se_fd);
1539 disable(struct servtab *sep)
1543 "disabling %s, fd %d", sep->se_service, sep->se_fd);
1545 if (sep->se_fd < 0) {
1547 "%s: %s: bad fd", __func__, sep->se_service);
1550 if (ISMUX(sep)) {
1552 "%s: %s: is mux", __func__, sep->se_service);
1555 if (!FD_ISSET(sep->se_fd, &allsock)) {
1557 "%s: %s: not on", __func__, sep->se_service);
1566 FD_CLR(sep->se_fd, &allsock);
1567 if (sep->se_fd == maxsock)
1599 struct servtab *sep = &serv;
1658 memset(sep, 0, sizeof *sep);
1683 sep->se_sockuid = pw->pw_uid;
1688 sep->se_sockgid = gr->gr_gid;
1689 sep->se_sockmode = strtol(perm, &arg, 8);
1696 sep->se_sockuid = euid;
1697 sep->se_sockgid = egid;
1698 sep->se_sockmode = 0200;
1703 sep->se_type = MUXPLUS_TYPE;
1706 sep->se_type = MUX_TYPE;
1707 sep->se_service = newstr(c);
1709 sep->se_service = newstr(arg);
1710 sep->se_type = NORM_TYPE;
1714 sep->se_socktype = SOCK_STREAM;
1716 sep->se_socktype = SOCK_DGRAM;
1718 sep->se_socktype = SOCK_RDM;
1720 sep->se_socktype = SOCK_SEQPACKET;
1722 sep->se_socktype = SOCK_RAW;
1724 sep->se_socktype = -1;
1728 sep->se_proto = newstr(strsep(&arg, "/"));
1734 if (sep->se_type == NORM_TYPE &&
1739 sep->se_proto = newstr(arg);
1741 if (strncmp(sep->se_proto, "rpc/", 4) == 0) {
1742 memmove(sep->se_proto, sep->se_proto + 4,
1743 strlen(sep->se_proto) + 1 - 4);
1744 sep->se_rpc = 1;
1745 sep->se_rpc_prog = sep->se_rpc_lowvers =
1746 sep->se_rpc_highvers = 0;
1747 if ((versp = strrchr(sep->se_service, '/'))) {
1750 &sep->se_rpc_lowvers,
1751 &sep->se_rpc_highvers)) {
1755 sep->se_rpc_highvers =
1756 sep->se_rpc_lowvers;
1761 sep->se_service);
1762 freeconfig(sep);
1767 sep->se_rpc_lowvers =
1768 sep->se_rpc_highvers = 1;
1771 sep->se_nomapped = 0;
1772 if (strcmp(sep->se_proto, "unix") == 0) {
1773 sep->se_family = AF_UNIX;
1775 while (isdigit(sep->se_proto[strlen(sep->se_proto) - 1])) {
1777 if (sep->se_proto[strlen(sep->se_proto) - 1] == '6') {
1778 sep->se_proto[strlen(sep->se_proto) - 1] = '\0';
1783 if (sep->se_proto[strlen(sep->se_proto) - 1] == '4') {
1784 sep->se_proto[strlen(sep->se_proto) - 1] = '\0';
1791 syslog(LOG_ERR, "bad IP version for %s", sep->se_proto);
1792 freeconfig(sep);
1798 sep->se_service);
1802 freeconfig(sep);
1807 sep->se_family = AF_INET6;
1809 sep->se_nomapped = 1;
1815 sep->se_service);
1816 freeconfig(sep);
1819 sep->se_family = AF_INET;
1823 switch(sep->se_family) {
1825 memcpy(&sep->se_ctrladdr4, bind_sa4,
1826 sizeof(sep->se_ctrladdr4));
1827 sep->se_ctrladdr_size = sizeof(sep->se_ctrladdr4);
1831 memcpy(&sep->se_ctrladdr6, bind_sa6,
1832 sizeof(sep->se_ctrladdr6));
1833 sep->se_ctrladdr_size = sizeof(sep->se_ctrladdr6);
1837 #define SUN_PATH_MAXSIZE sizeof(sep->se_ctrladdr_un.sun_path)
1838 memset(&sep->se_ctrladdr, 0, sizeof(sep->se_ctrladdr));
1839 sep->se_ctrladdr_un.sun_family = sep->se_family;
1840 if (strlcpy(sep->se_ctrladdr_un.sun_path, sep->se_service,
1844 sep->se_service);
1848 sep->se_ctrladdr_size = sep->se_ctrladdr_un.sun_len =
1849 SUN_LEN(&sep->se_ctrladdr_un);
1853 sep->se_accept = 0;
1855 sep->se_accept = 1;
1859 CONFIG, sep->se_service);
1862 sep->se_maxchild = -1;
1863 sep->se_maxcpm = -1;
1864 sep->se_maxperip = -1;
1873 CONFIG, sep->se_service);
1877 if (!sep->se_accept && val != 1)
1879 " not recommended", val, sep->se_service);
1880 sep->se_maxchild = val;
1882 sep->se_maxcpm = strtol(eptr + 1, &eptr, 10);
1884 sep->se_maxperip = strtol(eptr + 1, &eptr, 10);
1890 if (ISMUX(sep)) {
1895 sep->se_accept = 1;
1896 if (strcmp(sep->se_proto, "tcp")) {
1899 CONFIG, sep->se_service);
1902 if (sep->se_socktype != SOCK_STREAM) {
1905 CONFIG, sep->se_service);
1909 sep->se_user = newstr(sskip(&cp));
1911 if ((s = strrchr(sep->se_user, '/')) != NULL) {
1913 sep->se_class = newstr(s + 1);
1915 sep->se_class = newstr(RESOURCE_RC);
1917 if ((s = strrchr(sep->se_user, ':')) != NULL) {
1919 sep->se_group = newstr(s + 1);
1921 sep->se_group = NULL;
1922 sep->se_server = newstr(sskip(&cp));
1923 if ((sep->se_server_name = strrchr(sep->se_server, '/')))
1924 sep->se_server_name++;
1925 if (strcmp(sep->se_server, "internal") == 0) {
1929 if (bi->bi_socktype == sep->se_socktype &&
1930 matchservent(bi->bi_service, sep->se_service,
1931 sep->se_proto))
1935 sep->se_service);
1938 sep->se_accept = 1; /* force accept mode for built-ins */
1939 sep->se_bi = bi;
1941 sep->se_bi = NULL;
1942 if (sep->se_maxperip < 0)
1943 sep->se_maxperip = maxperip;
1944 if (sep->se_maxcpm < 0)
1945 sep->se_maxcpm = maxcpm;
1946 if (sep->se_maxchild < 0) { /* apply default max-children */
1947 if (sep->se_bi && sep->se_bi->bi_maxchild >= 0)
1948 sep->se_maxchild = sep->se_bi->bi_maxchild;
1949 else if (sep->se_accept)
1950 sep->se_maxchild = MAX(maxchild, 0);
1952 sep->se_maxchild = 1;
1954 LIST_INIT(&sep->se_children);
1958 sep->se_argv[argc++] = newstr(arg);
1962 CONFIG, sep->se_service);
1966 sep->se_argv[argc++] = NULL;
1968 LIST_INIT(&sep->se_conn[i]);
1970 sep->se_policy = policy ? newstr(policy) : NULL;
1973 return (sep);
2100 check_loop(const struct sockaddr *sa, const struct servtab *sep)
2129 sep->se_service, sep->se_proto,
2142 print_service(const char *action, const struct servtab *sep)
2154 action, sep->se_service, sep->se_proto,
2155 sep->se_accept, sep->se_maxchild, sep->se_user, sep->se_group,
2157 sep->se_class,
2159 (void *) sep->se_bi, sep->se_server
2161 , (sep->se_policy ? sep->se_policy : "")
2192 cpmip(const struct servtab *sep, int ctrl)
2203 if (sep->se_maxcpm > 0 &&
2204 (sep->se_family == AF_INET || sep->se_family == AF_INET6) &&
2252 ch->ch_Service && strcmp(sep->se_service,
2262 ch->ch_Service && strcmp(sep->se_service,
2277 strcmp(sep->se_service, chBest->ch_Service) != 0) {
2281 chBest->ch_Service = strdup(sep->se_service);
2290 strcmp(sep->se_service, chBest->ch_Service) != 0) {
2294 chBest->ch_Service = strdup(sep->se_service);
2314 if ((cnt * 60) / (CHTSIZE * CHTGRAN) > sep->se_maxcpm) {
2324 sep->se_service, pname,
2325 sep->se_maxcpm);
2332 search_conn(struct servtab *sep, int ctrl)
2340 if (sep->se_maxperip <= 0)
2373 LIST_FOREACH(conn, &sep->se_conn[hv], co_link) {
2386 conn->co_proc = reallocarray(NULL, sep->se_maxperip,
2394 LIST_INSERT_HEAD(&sep->se_conn[hv], conn, co_link);
2407 room_conn(struct servtab *sep, struct conninfo *conn)
2411 if (conn->co_numchild >= sep->se_maxperip) {
2416 sep->se_service, pname, sep->se_maxperip);
2463 resize_conn(struct servtab *sep, int maxpip)
2468 if (sep->se_maxperip <= 0)
2471 free_connlist(sep);
2475 LIST_FOREACH(conn, &sep->se_conn[i], co_link) {
2491 free_connlist(struct servtab *sep)
2497 LIST_FOREACH_SAFE(conn, &sep->se_conn[i], co_link, conn_temp) {