1/*
2 * Socket functions used in rsync.
3 *
4 * Copyright (C) 1992-2001 Andrew Tridgell <tridge@samba.org>
5 * Copyright (C) 2001, 2002 Martin Pool <mbp@samba.org>
6 * Copyright (C) 2003, 2004, 2005, 2006 Wayne Davison
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
21 */
22
23/* This file is now converted to use the new-style getaddrinfo()
24 * interface, which supports IPv6 but is also supported on recent
25 * IPv4-only machines.  On systems that don't have that interface, we
26 * emulate it using the KAME implementation. */
27
28#include "rsync.h"
29#include <netinet/in_systm.h>
30#include <netinet/ip.h>
31#include <netinet/tcp.h>
32
33extern char *bind_address;
34extern int default_af_hint;
35
36#ifdef HAVE_SIGACTION
37static struct sigaction sigact;
38#endif
39
40/**
41 * Establish a proxy connection on an open socket to a web proxy by
42 * using the CONNECT method. If proxy_user and proxy_pass are not NULL,
43 * they are used to authenticate to the proxy using the "Basic"
44 * proxy-authorization protocol
45 **/
46static int establish_proxy_connection(int fd, char *host, int port,
47				      char *proxy_user, char *proxy_pass)
48{
49	char *cp, buffer[1024];
50	char *authhdr, authbuf[1024];
51	int len;
52
53	if (proxy_user && proxy_pass) {
54		stringjoin(buffer, sizeof buffer,
55			 proxy_user, ":", proxy_pass, NULL);
56		len = strlen(buffer);
57
58		if ((len*8 + 5) / 6 >= (int)sizeof authbuf - 3) {
59			rprintf(FERROR,
60				"authentication information is too long\n");
61			return -1;
62		}
63
64		base64_encode(buffer, len, authbuf, 1);
65		authhdr = "\r\nProxy-Authorization: Basic ";
66	} else {
67		*authbuf = '\0';
68		authhdr = "";
69	}
70
71	snprintf(buffer, sizeof buffer, "CONNECT %s:%d HTTP/1.0%s%s\r\n\r\n",
72		 host, port, authhdr, authbuf);
73	len = strlen(buffer);
74	if (write(fd, buffer, len) != len) {
75		rsyserr(FERROR, errno, "failed to write to proxy");
76		return -1;
77	}
78
79	for (cp = buffer; cp < &buffer[sizeof buffer - 1]; cp++) {
80		if (read(fd, cp, 1) != 1) {
81			rsyserr(FERROR, errno, "failed to read from proxy");
82			return -1;
83		}
84		if (*cp == '\n')
85			break;
86	}
87
88	if (*cp != '\n')
89		cp++;
90	*cp-- = '\0';
91	if (*cp == '\r')
92		*cp = '\0';
93	if (strncmp(buffer, "HTTP/", 5) != 0) {
94		rprintf(FERROR, "bad response from proxy -- %s\n",
95			buffer);
96		return -1;
97	}
98	for (cp = &buffer[5]; isdigit(*(uchar*)cp) || *cp == '.'; cp++) {}
99	while (*cp == ' ')
100		cp++;
101	if (*cp != '2') {
102		rprintf(FERROR, "bad response from proxy -- %s\n",
103			buffer);
104		return -1;
105	}
106	/* throw away the rest of the HTTP header */
107	while (1) {
108		for (cp = buffer; cp < &buffer[sizeof buffer - 1]; cp++) {
109			if (read(fd, cp, 1) != 1) {
110				rsyserr(FERROR, errno,
111					"failed to read from proxy");
112				return -1;
113			}
114			if (*cp == '\n')
115				break;
116		}
117		if (cp > buffer && *cp == '\n')
118			cp--;
119		if (cp == buffer && (*cp == '\n' || *cp == '\r'))
120			break;
121	}
122	return 0;
123}
124
125
126/**
127 * Try to set the local address for a newly-created socket.  Return -1
128 * if this fails.
129 **/
130int try_bind_local(int s, int ai_family, int ai_socktype,
131		   const char *bind_addr)
132{
133	int error;
134	struct addrinfo bhints, *bres_all, *r;
135
136	memset(&bhints, 0, sizeof bhints);
137	bhints.ai_family = ai_family;
138	bhints.ai_socktype = ai_socktype;
139	bhints.ai_flags = AI_PASSIVE;
140	if ((error = getaddrinfo(bind_addr, NULL, &bhints, &bres_all))) {
141		rprintf(FERROR, RSYNC_NAME ": getaddrinfo %s: %s\n",
142			bind_addr, gai_strerror(error));
143		return -1;
144	}
145
146	for (r = bres_all; r; r = r->ai_next) {
147		if (bind(s, r->ai_addr, r->ai_addrlen) == -1)
148			continue;
149		freeaddrinfo(bres_all);
150		return s;
151	}
152
153	/* no error message; there might be some problem that allows
154	 * creation of the socket but not binding, perhaps if the
155	 * machine has no ipv6 address of this name. */
156	freeaddrinfo(bres_all);
157	return -1;
158}
159
160
161/**
162 * Open a socket to a tcp remote host with the specified port .
163 *
164 * Based on code from Warren.  Proxy support by Stephen Rothwell.
165 * getaddrinfo() rewrite contributed by KAME.net.
166 *
167 * Now that we support IPv6 we need to look up the remote machine's
168 * address first, using @p af_hint to set a preference for the type
169 * of address.  Then depending on whether it has v4 or v6 addresses we
170 * try to open a connection.
171 *
172 * The loop allows for machines with some addresses which may not be
173 * reachable, perhaps because we can't e.g. route ipv6 to that network
174 * but we can get ip4 packets through.
175 *
176 * @param bind_addr Local address to use.  Normally NULL to bind
177 * the wildcard address.
178 *
179 * @param af_hint Address family, e.g. AF_INET or AF_INET6.
180 **/
181int open_socket_out(char *host, int port, const char *bind_addr,
182		    int af_hint)
183{
184	int type = SOCK_STREAM;
185	int error, s;
186	struct addrinfo hints, *res0, *res;
187	char portbuf[10];
188	char *h, *cp;
189	int proxied = 0;
190	char buffer[1024];
191	char *proxy_user = NULL, *proxy_pass = NULL;
192
193	/* if we have a RSYNC_PROXY env variable then redirect our
194	 * connetcion via a web proxy at the given address. */
195	h = getenv("RSYNC_PROXY");
196	proxied = h != NULL && *h != '\0';
197
198	if (proxied) {
199		strlcpy(buffer, h, sizeof buffer);
200
201		/* Is the USER:PASS@ prefix present? */
202		if ((cp = strrchr(buffer, '@')) != NULL) {
203			*cp++ = '\0';
204			/* The remainder is the HOST:PORT part. */
205			h = cp;
206
207			if ((cp = strchr(buffer, ':')) == NULL) {
208				rprintf(FERROR,
209					"invalid proxy specification: should be USER:PASS@HOST:PORT\n");
210				return -1;
211			}
212			*cp++ = '\0';
213
214			proxy_user = buffer;
215			proxy_pass = cp;
216		} else {
217			/* The whole buffer is the HOST:PORT part. */
218			h = buffer;
219		}
220
221		if ((cp = strchr(h, ':')) == NULL) {
222			rprintf(FERROR,
223				"invalid proxy specification: should be HOST:PORT\n");
224			return -1;
225		}
226		*cp++ = '\0';
227		strlcpy(portbuf, cp, sizeof portbuf);
228		if (verbose >= 2) {
229			rprintf(FINFO, "connection via http proxy %s port %s\n",
230				h, portbuf);
231		}
232	} else {
233		snprintf(portbuf, sizeof portbuf, "%d", port);
234		h = host;
235	}
236
237	memset(&hints, 0, sizeof hints);
238	hints.ai_family = af_hint;
239	hints.ai_socktype = type;
240	error = getaddrinfo(h, portbuf, &hints, &res0);
241	if (error) {
242		rprintf(FERROR, RSYNC_NAME ": getaddrinfo: %s %s: %s\n",
243			h, portbuf, gai_strerror(error));
244		return -1;
245	}
246
247	s = -1;
248	/* Try to connect to all addresses for this machine until we get
249	 * through.  It might e.g. be multi-homed, or have both IPv4 and IPv6
250	 * addresses.  We need to create a socket for each record, since the
251	 * address record tells us what protocol to use to try to connect. */
252	for (res = res0; res; res = res->ai_next) {
253		s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
254		if (s < 0)
255			continue;
256
257		if (bind_addr
258		 && try_bind_local(s, res->ai_family, type,
259				   bind_addr) == -1) {
260			close(s);
261			s = -1;
262			continue;
263		}
264		if (connect(s, res->ai_addr, res->ai_addrlen) < 0) {
265			close(s);
266			s = -1;
267			continue;
268		}
269		if (proxied
270		 && establish_proxy_connection(s, host, port,
271					       proxy_user, proxy_pass) != 0) {
272			close(s);
273			s = -1;
274			continue;
275		}
276		break;
277	}
278	freeaddrinfo(res0);
279	if (s < 0) {
280		rsyserr(FERROR, errno, "failed to connect to %s", h);
281		return -1;
282	}
283	return s;
284}
285
286
287/**
288 * Open an outgoing socket, but allow for it to be intercepted by
289 * $RSYNC_CONNECT_PROG, which will execute a program across a TCP
290 * socketpair rather than really opening a socket.
291 *
292 * We use this primarily in testing to detect TCP flow bugs, but not
293 * cause security problems by really opening remote connections.
294 *
295 * This is based on the Samba LIBSMB_PROG feature.
296 *
297 * @param bind_addr Local address to use.  Normally NULL to get the stack default.
298 **/
299int open_socket_out_wrapped(char *host, int port, const char *bind_addr,
300			    int af_hint)
301{
302	char *prog = getenv("RSYNC_CONNECT_PROG");
303
304	if (verbose >= 2) {
305		rprintf(FINFO, "%sopening tcp connection to %s port %d\n",
306			prog ? "Using RSYNC_CONNECT_PROG instead of " : "",
307			host, port);
308	}
309	if (prog)
310		return sock_exec(prog);
311	return open_socket_out(host, port, bind_addr, af_hint);
312}
313
314
315
316/**
317 * Open one or more sockets for incoming data using the specified type,
318 * port, and address.
319 *
320 * The getaddrinfo() call may return several address results, e.g. for
321 * the machine's IPv4 and IPv6 name.
322 *
323 * We return an array of file-descriptors to the sockets, with a trailing
324 * -1 value to indicate the end of the list.
325 *
326 * @param bind_addr Local address to bind, or NULL to allow it to
327 * default.
328 **/
329static int *open_socket_in(int type, int port, const char *bind_addr,
330			   int af_hint)
331{
332	int one = 1;
333	int s, *socks, maxs, i, ecnt;
334	struct addrinfo hints, *all_ai, *resp;
335	char portbuf[10], **errmsgs;
336	int error;
337
338	memset(&hints, 0, sizeof hints);
339	hints.ai_family = af_hint;
340	hints.ai_socktype = type;
341	hints.ai_flags = AI_PASSIVE;
342	snprintf(portbuf, sizeof portbuf, "%d", port);
343	error = getaddrinfo(bind_addr, portbuf, &hints, &all_ai);
344	if (error) {
345		rprintf(FERROR, RSYNC_NAME ": getaddrinfo: bind address %s: %s\n",
346			bind_addr, gai_strerror(error));
347		return NULL;
348	}
349
350	/* Count max number of sockets we might open. */
351	for (maxs = 0, resp = all_ai; resp; resp = resp->ai_next, maxs++) {}
352
353	socks = new_array(int, maxs + 1);
354	errmsgs = new_array(char *, maxs);
355	if (!socks || !errmsgs)
356		out_of_memory("open_socket_in");
357
358	/* We may not be able to create the socket, if for example the
359	 * machine knows about IPv6 in the C library, but not in the
360	 * kernel. */
361	for (resp = all_ai, i = ecnt = 0; resp; resp = resp->ai_next) {
362		s = socket(resp->ai_family, resp->ai_socktype,
363			   resp->ai_protocol);
364
365		if (s == -1) {
366			int r = asprintf(&errmsgs[ecnt++],
367				"socket(%d,%d,%d) failed: %s\n",
368				(int)resp->ai_family, (int)resp->ai_socktype,
369				(int)resp->ai_protocol, strerror(errno));
370			if (r < 0)
371				out_of_memory("open_socket_in");
372			/* See if there's another address that will work... */
373			continue;
374		}
375
376		setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
377			   (char *)&one, sizeof one);
378
379#ifdef IPV6_V6ONLY
380		if (resp->ai_family == AF_INET6) {
381			if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY,
382				       (char *)&one, sizeof one) < 0
383			    && default_af_hint != AF_INET6) {
384				close(s);
385				continue;
386			}
387		}
388#endif
389
390		/* Now we've got a socket - we need to bind it. */
391		if (bind(s, resp->ai_addr, resp->ai_addrlen) < 0) {
392			/* Nope, try another */
393			int r = asprintf(&errmsgs[ecnt++],
394				"bind() failed: %s (address-family %d)\n",
395				strerror(errno), (int)resp->ai_family);
396			if (r < 0)
397				out_of_memory("open_socket_in");
398			close(s);
399			continue;
400		}
401
402		socks[i++] = s;
403	}
404	socks[i] = -1;
405
406	if (all_ai)
407		freeaddrinfo(all_ai);
408
409	/* Only output the socket()/bind() messages if we were totally
410	 * unsuccessful, or if the daemon is being run with -vv. */
411	for (s = 0; s < ecnt; s++) {
412		if (!i || verbose > 1)
413			rwrite(FLOG, errmsgs[s], strlen(errmsgs[s]));
414		free(errmsgs[s]);
415	}
416	free(errmsgs);
417
418	if (!i) {
419		rprintf(FERROR,
420			"unable to bind any inbound sockets on port %d\n",
421			port);
422		free(socks);
423		return NULL;
424	}
425	return socks;
426}
427
428
429/*
430 * Determine if a file descriptor is in fact a socket
431 */
432int is_a_socket(int fd)
433{
434	int v;
435	socklen_t l = sizeof (int);
436
437	/* Parameters to getsockopt, setsockopt etc are very
438	 * unstandardized across platforms, so don't be surprised if
439	 * there are compiler warnings on e.g. SCO OpenSwerver or AIX.
440	 * It seems they all eventually get the right idea.
441	 *
442	 * Debian says: ``The fifth argument of getsockopt and
443	 * setsockopt is in reality an int [*] (and this is what BSD
444	 * 4.* and libc4 and libc5 have).  Some POSIX confusion
445	 * resulted in the present socklen_t.  The draft standard has
446	 * not been adopted yet, but glibc2 already follows it and
447	 * also has socklen_t [*]. See also accept(2).''
448	 *
449	 * We now return to your regularly scheduled programming.  */
450	return getsockopt(fd, SOL_SOCKET, SO_TYPE, (char *)&v, &l) == 0;
451}
452
453
454static RETSIGTYPE sigchld_handler(UNUSED(int val))
455{
456#ifdef WNOHANG
457	while (waitpid(-1, NULL, WNOHANG) > 0) {}
458#endif
459#ifndef HAVE_SIGACTION
460	signal(SIGCHLD, sigchld_handler);
461#endif
462}
463
464
465void start_accept_loop(int port, int (*fn)(int, int))
466{
467	fd_set deffds;
468	int *sp, maxfd, i;
469
470#ifdef HAVE_SIGACTION
471	sigact.sa_flags = SA_NOCLDSTOP;
472#endif
473
474	/* open an incoming socket */
475	sp = open_socket_in(SOCK_STREAM, port, bind_address, default_af_hint);
476	if (sp == NULL)
477		exit_cleanup(RERR_SOCKETIO);
478
479	/* ready to listen */
480	FD_ZERO(&deffds);
481	for (i = 0, maxfd = -1; sp[i] >= 0; i++) {
482		if (listen(sp[i], 5) < 0) {
483			rsyserr(FERROR, errno, "listen() on socket failed");
484#ifdef INET6
485			if (errno == EADDRINUSE && i > 0) {
486				rprintf(FINFO,
487				    "Try using --ipv4 or --ipv6 to avoid this listen() error.\n");
488			}
489#endif
490			exit_cleanup(RERR_SOCKETIO);
491		}
492		FD_SET(sp[i], &deffds);
493		if (maxfd < sp[i])
494			maxfd = sp[i];
495	}
496
497	/* now accept incoming connections - forking a new process
498	 * for each incoming connection */
499	while (1) {
500		fd_set fds;
501		pid_t pid;
502		int fd;
503		struct sockaddr_storage addr;
504		socklen_t addrlen = sizeof addr;
505
506		/* close log file before the potentially very long select so
507		 * file can be trimmed by another process instead of growing
508		 * forever */
509		logfile_close();
510
511#ifdef FD_COPY
512		FD_COPY(&deffds, &fds);
513#else
514		fds = deffds;
515#endif
516
517		if (select(maxfd + 1, &fds, NULL, NULL, NULL) != 1)
518			continue;
519
520		for (i = 0, fd = -1; sp[i] >= 0; i++) {
521			if (FD_ISSET(sp[i], &fds)) {
522				fd = accept(sp[i], (struct sockaddr *)&addr,
523					    &addrlen);
524				break;
525			}
526		}
527
528		if (fd < 0)
529			continue;
530
531		SIGACTION(SIGCHLD, sigchld_handler);
532
533		if ((pid = fork()) == 0) {
534			int ret;
535			for (i = 0; sp[i] >= 0; i++)
536				close(sp[i]);
537			/* Re-open log file in child before possibly giving
538			 * up privileges (see logfile_close() above). */
539			logfile_reopen();
540			ret = fn(fd, fd);
541			close_all();
542			_exit(ret);
543		} else if (pid < 0) {
544			rsyserr(FERROR, errno,
545				"could not create child server process");
546			close(fd);
547			/* This might have happened because we're
548			 * overloaded.  Sleep briefly before trying to
549			 * accept again. */
550			sleep(2);
551		} else {
552			/* Parent doesn't need this fd anymore. */
553			close(fd);
554		}
555	}
556}
557
558
559enum SOCK_OPT_TYPES {OPT_BOOL,OPT_INT,OPT_ON};
560
561struct
562{
563  char *name;
564  int level;
565  int option;
566  int value;
567  int opttype;
568} socket_options[] = {
569  {"SO_KEEPALIVE",      SOL_SOCKET,    SO_KEEPALIVE,    0,                 OPT_BOOL},
570  {"SO_REUSEADDR",      SOL_SOCKET,    SO_REUSEADDR,    0,                 OPT_BOOL},
571  {"SO_BROADCAST",      SOL_SOCKET,    SO_BROADCAST,    0,                 OPT_BOOL},
572#ifdef TCP_NODELAY
573  {"TCP_NODELAY",       IPPROTO_TCP,   TCP_NODELAY,     0,                 OPT_BOOL},
574#endif
575#ifdef IPTOS_LOWDELAY
576  {"IPTOS_LOWDELAY",    IPPROTO_IP,    IP_TOS,          IPTOS_LOWDELAY,    OPT_ON},
577#endif
578#ifdef IPTOS_THROUGHPUT
579  {"IPTOS_THROUGHPUT",  IPPROTO_IP,    IP_TOS,          IPTOS_THROUGHPUT,  OPT_ON},
580#endif
581#ifdef SO_SNDBUF
582  {"SO_SNDBUF",         SOL_SOCKET,    SO_SNDBUF,       0,                 OPT_INT},
583#endif
584#ifdef SO_RCVBUF
585  {"SO_RCVBUF",         SOL_SOCKET,    SO_RCVBUF,       0,                 OPT_INT},
586#endif
587#ifdef SO_SNDLOWAT
588  {"SO_SNDLOWAT",       SOL_SOCKET,    SO_SNDLOWAT,     0,                 OPT_INT},
589#endif
590#ifdef SO_RCVLOWAT
591  {"SO_RCVLOWAT",       SOL_SOCKET,    SO_RCVLOWAT,     0,                 OPT_INT},
592#endif
593#ifdef SO_SNDTIMEO
594  {"SO_SNDTIMEO",       SOL_SOCKET,    SO_SNDTIMEO,     0,                 OPT_INT},
595#endif
596#ifdef SO_RCVTIMEO
597  {"SO_RCVTIMEO",       SOL_SOCKET,    SO_RCVTIMEO,     0,                 OPT_INT},
598#endif
599  {NULL,0,0,0,0}};
600
601
602
603/**
604 * Set user socket options
605 **/
606void set_socket_options(int fd, char *options)
607{
608	char *tok;
609
610	if (!options || !*options)
611		return;
612
613	options = strdup(options);
614
615	if (!options)
616		out_of_memory("set_socket_options");
617
618	for (tok = strtok(options, " \t,"); tok; tok = strtok(NULL," \t,")) {
619		int ret=0,i;
620		int value = 1;
621		char *p;
622		int got_value = 0;
623
624		if ((p = strchr(tok,'='))) {
625			*p = 0;
626			value = atoi(p+1);
627			got_value = 1;
628		}
629
630		for (i = 0; socket_options[i].name; i++) {
631			if (strcmp(socket_options[i].name,tok)==0)
632				break;
633		}
634
635		if (!socket_options[i].name) {
636			rprintf(FERROR,"Unknown socket option %s\n",tok);
637			continue;
638		}
639
640		switch (socket_options[i].opttype) {
641		case OPT_BOOL:
642		case OPT_INT:
643			ret = setsockopt(fd,socket_options[i].level,
644					 socket_options[i].option,
645					 (char *)&value, sizeof (int));
646			break;
647
648		case OPT_ON:
649			if (got_value)
650				rprintf(FERROR,"syntax error -- %s does not take a value\n",tok);
651
652			{
653				int on = socket_options[i].value;
654				ret = setsockopt(fd,socket_options[i].level,
655						 socket_options[i].option,
656						 (char *)&on, sizeof (int));
657			}
658			break;
659		}
660
661		if (ret != 0) {
662			rsyserr(FERROR, errno,
663				"failed to set socket option %s", tok);
664		}
665	}
666
667	free(options);
668}
669
670/**
671 * Become a daemon, discarding the controlling terminal
672 **/
673void become_daemon(void)
674{
675	int i;
676
677	if (fork()) {
678		_exit(0);
679	}
680
681	/* detach from the terminal */
682#ifdef HAVE_SETSID
683	setsid();
684#elif defined TIOCNOTTY
685	i = open("/dev/tty", O_RDWR);
686	if (i >= 0) {
687		ioctl(i, (int)TIOCNOTTY, (char *)0);
688		close(i);
689	}
690#endif
691	/* make sure that stdin, stdout an stderr don't stuff things
692	 * up (library functions, for example) */
693	for (i = 0; i < 3; i++) {
694		close(i);
695		open("/dev/null", O_RDWR);
696	}
697}
698
699
700/**
701 * This is like socketpair but uses tcp. It is used by the Samba
702 * regression test code.
703 *
704 * The function guarantees that nobody else can attach to the socket,
705 * or if they do that this function fails and the socket gets closed
706 * returns 0 on success, -1 on failure the resulting file descriptors
707 * are symmetrical.
708 **/
709static int socketpair_tcp(int fd[2])
710{
711	int listener;
712	struct sockaddr_in sock;
713	struct sockaddr_in sock2;
714	socklen_t socklen = sizeof sock;
715	int connect_done = 0;
716
717	fd[0] = fd[1] = listener = -1;
718
719	memset(&sock, 0, sizeof sock);
720
721	if ((listener = socket(PF_INET, SOCK_STREAM, 0)) == -1)
722		goto failed;
723
724	memset(&sock2, 0, sizeof sock2);
725#ifdef HAVE_SOCKADDR_IN_LEN
726	sock2.sin_len = sizeof sock2;
727#endif
728	sock2.sin_family = PF_INET;
729
730	bind(listener, (struct sockaddr *)&sock2, sizeof sock2);
731
732	if (listen(listener, 1) != 0)
733		goto failed;
734
735	if (getsockname(listener, (struct sockaddr *)&sock, &socklen) != 0)
736		goto failed;
737
738	if ((fd[1] = socket(PF_INET, SOCK_STREAM, 0)) == -1)
739		goto failed;
740
741	set_nonblocking(fd[1]);
742
743	sock.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
744
745	if (connect(fd[1], (struct sockaddr *)&sock, sizeof sock) == -1) {
746		if (errno != EINPROGRESS)
747			goto failed;
748	} else
749		connect_done = 1;
750
751	if ((fd[0] = accept(listener, (struct sockaddr *)&sock, &socklen)) == -1)
752		goto failed;
753
754	close(listener);
755	listener = -1;
756
757	set_blocking(fd[1]);
758
759	if (connect_done == 0) {
760		if (connect(fd[1], (struct sockaddr *)&sock, sizeof sock) != 0
761		    && errno != EISCONN)
762			goto failed;
763	}
764
765	/* all OK! */
766	return 0;
767
768 failed:
769	if (fd[0] != -1)
770		close(fd[0]);
771	if (fd[1] != -1)
772		close(fd[1]);
773	if (listener != -1)
774		close(listener);
775	return -1;
776}
777
778
779
780/**
781 * Run a program on a local tcp socket, so that we can talk to it's
782 * stdin and stdout.  This is used to fake a connection to a daemon
783 * for testing -- not for the normal case of running SSH.
784 *
785 * @return a socket which is attached to a subprocess running
786 * "prog". stdin and stdout are attached. stderr is left attached to
787 * the original stderr
788 **/
789int sock_exec(const char *prog)
790{
791	int fd[2];
792
793	if (socketpair_tcp(fd) != 0) {
794		rsyserr(FERROR, errno, "socketpair_tcp failed");
795		return -1;
796	}
797	if (verbose >= 2)
798		rprintf(FINFO, "Running socket program: \"%s\"\n", prog);
799	if (fork() == 0) {
800		close(fd[0]);
801		close(0);
802		close(1);
803		dup(fd[1]);
804		dup(fd[1]);
805		exit(system(prog));
806	}
807	close(fd[1]);
808	return fd[0];
809}
810