1/*++ 2/* NAME 3/* sane_accept 3 4/* SUMMARY 5/* sanitize accept() error returns 6/* SYNOPSIS 7/* #include <sane_accept.h> 8/* 9/* int sane_accept(sock, buf, len) 10/* int sock; 11/* struct sockaddr *buf; 12/* SOCKADDR_SIZE *len; 13/* DESCRIPTION 14/* sane_accept() implements the accept(2) socket call, and maps 15/* known harmless error results to EAGAIN. 16/* 17/* If the buf and len arguments are not null, then additional 18/* workarounds may be enabled that depend on the socket type. 19/* BUGS 20/* Bizarre systems may have other harmless error results. Such 21/* systems encourage programmers to ignore error results, and 22/* penalize programmers who code defensively. 23/* LICENSE 24/* .ad 25/* .fi 26/* The Secure Mailer license must be distributed with this software. 27/* AUTHOR(S) 28/* Wietse Venema 29/* IBM T.J. Watson Research 30/* P.O. Box 704 31/* Yorktown Heights, NY 10598, USA 32/*--*/ 33 34/* System library. */ 35 36#include "sys_defs.h" 37#include <sys/socket.h> 38#include <errno.h> 39 40/* Utility library. */ 41 42#include "msg.h" 43#include "sane_accept.h" 44 45/* sane_accept - sanitize accept() error returns */ 46 47int sane_accept(int sock, struct sockaddr * sa, SOCKADDR_SIZE *len) 48{ 49 static int accept_ok_errors[] = { 50 EAGAIN, 51 ECONNREFUSED, 52 ECONNRESET, 53 EHOSTDOWN, 54 EHOSTUNREACH, 55 EINTR, 56 ENETDOWN, 57 ENETUNREACH, 58 ENOTCONN, 59 EWOULDBLOCK, 60 ENOBUFS, /* HPUX11 */ 61 ECONNABORTED, 62#ifdef EPROTO 63 EPROTO, /* SunOS 5.5.1 */ 64#endif 65 0, 66 }; 67 int count; 68 int err; 69 int fd; 70 71 /* 72 * XXX Solaris 2.4 accept() returns EPIPE when a UNIX-domain client has 73 * disconnected in the mean time. From then on, UNIX-domain sockets are 74 * hosed beyond recovery. There is no point treating this as a beneficial 75 * error result because the program would go into a tight loop. 76 * 77 * XXX Solaris 2.5.1 accept() returns EPROTO when a TCP client has 78 * disconnected in the mean time. Since there is no connection, it is 79 * safe to map the error code onto EAGAIN. 80 * 81 * XXX LINUX < 2.1 accept() wakes up before the three-way handshake is 82 * complete, so it can fail with ECONNRESET and other "false alarm" 83 * indications. 84 * 85 * XXX FreeBSD 4.2-STABLE accept() returns ECONNABORTED when a UNIX-domain 86 * client has disconnected in the mean time. The data that was sent with 87 * connect() write() close() is lost, even though the write() and close() 88 * reported successful completion. This was fixed shortly before FreeBSD 89 * 4.3. 90 * 91 * XXX HP-UX 11 returns ENOBUFS when the client has disconnected in the mean 92 * time. 93 */ 94 if ((fd = accept(sock, sa, len)) < 0) { 95 for (count = 0; (err = accept_ok_errors[count]) != 0; count++) { 96 if (errno == err) { 97 errno = EAGAIN; 98 break; 99 } 100 } 101 } 102 103 /* 104 * XXX Solaris select() produces false read events, so that read() blocks 105 * forever on a blocking socket, and fails with EAGAIN on a non-blocking 106 * socket. Turning on keepalives will fix a blocking socket provided that 107 * the kernel's keepalive timer expires before the Postfix watchdog 108 * timer. 109 * 110 * XXX Work around NAT induced damage by sending a keepalive before an idle 111 * connection is expired. This requires that the kernel keepalive timer 112 * is set to a short time, like 100s. 113 */ 114 else if (sa && (sa->sa_family == AF_INET 115#ifdef HAS_IPV6 116 || sa->sa_family == AF_INET6 117#endif 118 )) { 119 int on = 1; 120 121 (void) setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, 122 (char *) &on, sizeof(on)); 123 } 124 return (fd); 125} 126