1/* $OpenBSD: rbootd.c,v 1.32 2019/06/28 13:32:50 deraadt Exp $ */ 2/* $NetBSD: rbootd.c,v 1.5 1995/10/06 05:12:17 thorpej Exp $ */ 3 4/* 5 * Copyright (c) 1988, 1992 The University of Utah and the Center 6 * for Software Science (CSS). 7 * Copyright (c) 1992, 1993 8 * The Regents of the University of California. All rights reserved. 9 * 10 * This code is derived from software contributed to Berkeley by 11 * the Center for Software Science of the University of Utah Computer 12 * Science Department. CSS requests users of this software to return 13 * to css-dist@cs.utah.edu any improvements that they make and grant 14 * CSS redistribution rights. 15 * 16 * Redistribution and use in source and binary forms, with or without 17 * modification, are permitted provided that the following conditions 18 * are met: 19 * 1. Redistributions of source code must retain the above copyright 20 * notice, this list of conditions and the following disclaimer. 21 * 2. Redistributions in binary form must reproduce the above copyright 22 * notice, this list of conditions and the following disclaimer in the 23 * documentation and/or other materials provided with the distribution. 24 * 3. Neither the name of the University nor the names of its contributors 25 * may be used to endorse or promote products derived from this software 26 * without specific prior written permission. 27 * 28 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 31 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 * 40 * from: @(#)rbootd.c 8.1 (Berkeley) 6/4/93 41 * 42 * From: Utah Hdr: rbootd.c 3.1 92/07/06 43 * Author: Jeff Forys, University of Utah CSS 44 */ 45 46#include <sys/time.h> 47 48#include <err.h> 49#include <errno.h> 50#include <signal.h> 51#include <stdio.h> 52#include <stdlib.h> 53#include <string.h> 54#include <syslog.h> 55#include <unistd.h> 56#include <limits.h> 57#include <pwd.h> 58#include <poll.h> 59 60#include "defs.h" 61 62extern char *__progname; /* from crt0.o */ 63 64volatile sig_atomic_t dodebugoff; 65volatile sig_atomic_t dodebugon; 66volatile sig_atomic_t doreconfig; 67 68void DebugOff(int); 69void DebugOn(int); 70void ReConfig(int); 71void Exit(int); 72 73void DoDebugOff(void); 74void DoDebugOn(void); 75void DoReConfig(void); 76 77void DoTimeout(void); 78CLIENT *FindClient(RMPCONN *); 79 80int 81main(int argc, char *argv[]) 82{ 83 int c, fd; 84 struct passwd *pw; 85 struct pollfd pfd[1]; 86 87 closefrom(STDERR_FILENO + 1); 88 89 if ((pw = getpwnam("_rbootd")) == NULL) 90 err(1, "getpwnam"); 91 92 while ((c = getopt(argc, argv, "adi:")) != -1) 93 switch (c) { 94 case 'a': 95 BootAny++; 96 break; 97 case 'd': 98 DebugFlg++; 99 break; 100 case 'i': 101 IntfName = optarg; 102 break; 103 } 104 for (; optind < argc; optind++) { 105 if (ConfigFile == NULL) 106 ConfigFile = argv[optind]; 107 else { 108 warnx("too many config files (`%s' ignored)", 109 argv[optind]); 110 } 111 } 112 113 if (ConfigFile == NULL) /* use default config file */ 114 ConfigFile = DfltConfig; 115 116 if (DebugFlg) { 117 DbgFp = stdout; /* output to stdout */ 118 119 (void) signal(SIGUSR1, SIG_IGN); /* dont muck w/DbgFp */ 120 (void) signal(SIGUSR2, SIG_IGN); 121 (void) fclose(stderr); /* finished with it */ 122 } else { 123 if (daemon(0, 0)) 124 err(1, "can't detach from terminal"); 125 126 (void) signal(SIGUSR1, DebugOn); 127 (void) signal(SIGUSR2, DebugOff); 128 } 129 130 /* 131 * If no interface was specified, get one now. 132 * 133 * This is convoluted because we want to get the default interface 134 * name for the syslog("restarted") message. If BpfGetIntfName() 135 * runs into an error, it will return a syslog-able error message 136 * (in `errmsg') which will be displayed here. 137 */ 138 if (IntfName == NULL) { 139 char *errmsg; 140 141 if ((IntfName = BpfGetIntfName(&errmsg)) == NULL) { 142 /* BpfGetIntfName() returns safe names, using %m */ 143 syslog(LOG_ERR, "%s", errmsg); 144 DoExit(); 145 } 146 } 147 148 openlog(__progname, LOG_PID, LOG_DAEMON); 149 fd = BpfOpen(); 150 syslog(LOG_NOTICE, "restarted (%s)", IntfName); 151 152 (void) signal(SIGHUP, ReConfig); 153 (void) signal(SIGINT, Exit); 154 (void) signal(SIGTERM, Exit); 155 156 gethostname(MyHost, HOST_NAME_MAX+1); 157 158 /* 159 * All boot files are relative to the boot directory, we might 160 * as well chdir() there to make life easier. 161 */ 162 if (chdir(BootDir) == -1) { 163 syslog(LOG_ERR, "chdir: %m (%s)", BootDir); 164 DoExit(); 165 } 166 167 /* 168 * Initial configuration. 169 */ 170 if (GetBootFiles() == 0) /* get list of boot files */ 171 DoExit(); 172 if (ParseConfig() == 0) /* parse config file */ 173 DoExit(); 174 175 if (chroot(BootDir) == -1) { 176 syslog(LOG_CRIT, "chroot %s: %m", BootDir); 177 exit(1); 178 } 179 if (chdir("/") == -1) { 180 syslog(LOG_CRIT, "chdir(\"/\"): %m"); 181 exit(1); 182 } 183 if (setgroups(1, &pw->pw_gid) || 184 setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || 185 setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) { 186 syslog(LOG_CRIT, "can't drop privileges: %m"); 187 exit(1); 188 } 189 endpwent(); 190 191 /* 192 * Main loop: receive a packet, determine where it came from, 193 * and if we service this host, call routine to handle request. 194 */ 195 pfd[0].fd = fd; 196 pfd[0].events = POLLIN; 197 for (;;) { 198 int nsel; 199 200 /* 201 * Check pending actions 202 */ 203 if (dodebugoff) { 204 DoDebugOff(); 205 dodebugoff = 0; 206 } 207 if (dodebugon) { 208 DoDebugOn(); 209 dodebugon = 0; 210 } 211 if (doreconfig) { 212 DoReConfig(); 213 doreconfig = 0; 214 } 215 216 nsel = poll(pfd, 1, RmpConns ? RMP_TIMEOUT * 100 : -1); 217 218 if (nsel == -1) { 219 if (errno == EINTR) 220 continue; 221 syslog(LOG_ERR, "poll: %m"); 222 DoExit(); 223 } else if (nsel == 0) { /* timeout */ 224 DoTimeout(); /* clear stale conns */ 225 continue; 226 } 227 228 if (pfd[0].revents & POLLIN) { 229 RMPCONN rconn; 230 CLIENT *client; 231 int doread = 1; 232 233 while (BpfRead(&rconn, doread)) { 234 doread = 0; 235 236 if (DbgFp != NULL) /* display packet */ 237 DispPkt(&rconn,DIR_RCVD); 238 239 /* 240 * If we do not restrict service, set the 241 * client to NULL (ProcessPacket() handles 242 * this). Otherwise, check that we can 243 * service this host; if not, log a message 244 * and ignore the packet. 245 */ 246 if (BootAny) { 247 client = NULL; 248 } else if ((client=FindClient(&rconn))==NULL) { 249 syslog(LOG_INFO, 250 "%s: boot packet ignored", 251 EnetStr(&rconn)); 252 continue; 253 } 254 255 ProcessPacket(&rconn,client); 256 } 257 } 258 } 259} 260 261/* 262** DoTimeout -- Free any connections that have timed out. 263** 264** Parameters: 265** None. 266** 267** Returns: 268** Nothing. 269** 270** Side Effects: 271** - Timed out connections in `RmpConns' will be freed. 272*/ 273void 274DoTimeout(void) 275{ 276 RMPCONN *rtmp; 277 struct timeval now; 278 279 (void) gettimeofday(&now, NULL); 280 281 /* 282 * For each active connection, if RMP_TIMEOUT seconds have passed 283 * since the last packet was sent, delete the connection. 284 */ 285 for (rtmp = RmpConns; rtmp != NULL; rtmp = rtmp->next) 286 if ((rtmp->tstamp.tv_sec + RMP_TIMEOUT) < now.tv_sec) { 287 syslog(LOG_WARNING, "%s: connection timed out (%u)", 288 EnetStr(rtmp), rtmp->rmp.r_type); 289 RemoveConn(rtmp); 290 } 291} 292 293/* 294** FindClient -- Find client associated with a packet. 295** 296** Parameters: 297** rconn - the new packet. 298** 299** Returns: 300** Pointer to client info if found, NULL otherwise. 301** 302** Side Effects: 303** None. 304** 305** Warnings: 306** - This routine must be called with SIGHUP blocked since 307** a reconfigure can invalidate the information returned. 308*/ 309CLIENT * 310FindClient(RMPCONN *rconn) 311{ 312 CLIENT *ctmp; 313 314 for (ctmp = Clients; ctmp != NULL; ctmp = ctmp->next) 315 if (bcmp((char *)&rconn->rmp.hp_hdr.saddr[0], 316 (char *)&ctmp->addr[0], RMP_ADDRLEN) == 0) 317 break; 318 319 return(ctmp); 320} 321 322/* 323** Exit -- Log an error message and exit. 324** 325** Parameters: 326** sig - caught signal (or zero if not dying on a signal). 327** 328** Returns: 329** Does not return. 330** 331** Side Effects: 332** - This process ceases to exist. 333*/ 334void 335Exit(int sig) 336{ 337 struct syslog_data sdata = SYSLOG_DATA_INIT; 338 339 syslog_r(LOG_ERR, &sdata, "going down on signal %d", sig); 340 _exit(1); 341} 342 343void 344DoExit(void) 345{ 346 syslog(LOG_ERR, "going down on fatal error"); 347 exit(1); 348} 349 350/* 351** ReConfig -- Get new list of boot files and reread config files. 352** 353** Parameters: 354** None. 355** 356** Returns: 357** Nothing. 358** 359** Side Effects: 360** - All active connections are dropped. 361** - List of bootable files is changed. 362** - List of clients is changed. 363** 364** Warnings: 365** - This routine must be called with SIGHUP blocked. 366*/ 367void 368ReConfig(int signo) 369{ 370 doreconfig = 1; 371} 372 373void 374DoReConfig(void) 375{ 376 syslog(LOG_NOTICE, "reconfiguring boot server"); 377 378 FreeConns(); 379 380 if (GetBootFiles() == 0) 381 DoExit(); 382 383 if (ParseConfig() == 0) 384 DoExit(); 385} 386 387/* 388** DebugOff -- Turn off debugging. 389** 390** Parameters: 391** None. 392** 393** Returns: 394** Nothing. 395** 396** Side Effects: 397** - Debug file is closed. 398*/ 399void 400DebugOff(int signo) 401{ 402 dodebugoff = 1; 403} 404 405void 406DoDebugOff(void) 407{ 408 if (DbgFp != NULL) 409 (void) fclose(DbgFp); 410 411 DbgFp = NULL; 412} 413 414/* 415** DebugOn -- Turn on debugging. 416** 417** Parameters: 418** None. 419** 420** Returns: 421** Nothing. 422** 423** Side Effects: 424** - Debug file is opened/truncated if not already opened, 425** otherwise do nothing. 426*/ 427void 428DebugOn(int signo) 429{ 430 dodebugon = 1; 431} 432 433void 434DoDebugOn(void) 435{ 436 if (DbgFp == NULL) { 437 if ((DbgFp = fopen(DbgFile, "w")) == NULL) 438 syslog(LOG_ERR, "can't open debug file (%s)", DbgFile); 439 } 440} 441