1/*	$OpenBSD: rbootd.c,v 1.32 2019/06/28 13:32:50 deraadt Exp $	*/
2/*	$NetBSD: rbootd.c,v 1.5 1995/10/06 05:12:17 thorpej Exp $	*/
3
4/*
5 * Copyright (c) 1988, 1992 The University of Utah and the Center
6 *	for Software Science (CSS).
7 * Copyright (c) 1992, 1993
8 *	The Regents of the University of California.  All rights reserved.
9 *
10 * This code is derived from software contributed to Berkeley by
11 * the Center for Software Science of the University of Utah Computer
12 * Science Department.  CSS requests users of this software to return
13 * to css-dist@cs.utah.edu any improvements that they make and grant
14 * CSS redistribution rights.
15 *
16 * Redistribution and use in source and binary forms, with or without
17 * modification, are permitted provided that the following conditions
18 * are met:
19 * 1. Redistributions of source code must retain the above copyright
20 *    notice, this list of conditions and the following disclaimer.
21 * 2. Redistributions in binary form must reproduce the above copyright
22 *    notice, this list of conditions and the following disclaimer in the
23 *    documentation and/or other materials provided with the distribution.
24 * 3. Neither the name of the University nor the names of its contributors
25 *    may be used to endorse or promote products derived from this software
26 *    without specific prior written permission.
27 *
28 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
31 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 * SUCH DAMAGE.
39 *
40 *	from: @(#)rbootd.c	8.1 (Berkeley) 6/4/93
41 *
42 * From: Utah Hdr: rbootd.c 3.1 92/07/06
43 * Author: Jeff Forys, University of Utah CSS
44 */
45
46#include <sys/time.h>
47
48#include <err.h>
49#include <errno.h>
50#include <signal.h>
51#include <stdio.h>
52#include <stdlib.h>
53#include <string.h>
54#include <syslog.h>
55#include <unistd.h>
56#include <limits.h>
57#include <pwd.h>
58#include <poll.h>
59
60#include "defs.h"
61
62extern	char *__progname;	/* from crt0.o */
63
64volatile sig_atomic_t	dodebugoff;
65volatile sig_atomic_t	dodebugon;
66volatile sig_atomic_t	doreconfig;
67
68void DebugOff(int);
69void DebugOn(int);
70void ReConfig(int);
71void Exit(int);
72
73void DoDebugOff(void);
74void DoDebugOn(void);
75void DoReConfig(void);
76
77void DoTimeout(void);
78CLIENT *FindClient(RMPCONN *);
79
80int
81main(int argc, char *argv[])
82{
83	int c, fd;
84	struct passwd *pw;
85	struct pollfd pfd[1];
86
87	closefrom(STDERR_FILENO + 1);
88
89	if ((pw = getpwnam("_rbootd")) == NULL)
90		err(1, "getpwnam");
91
92	while ((c = getopt(argc, argv, "adi:")) != -1)
93		switch (c) {
94		case 'a':
95			BootAny++;
96			break;
97		case 'd':
98			DebugFlg++;
99			break;
100		case 'i':
101			IntfName = optarg;
102			break;
103		}
104	for (; optind < argc; optind++) {
105		if (ConfigFile == NULL)
106			ConfigFile = argv[optind];
107		else {
108			warnx("too many config files (`%s' ignored)",
109			    argv[optind]);
110		}
111	}
112
113	if (ConfigFile == NULL)			/* use default config file */
114		ConfigFile = DfltConfig;
115
116	if (DebugFlg) {
117		DbgFp = stdout;				/* output to stdout */
118
119		(void) signal(SIGUSR1, SIG_IGN);	/* dont muck w/DbgFp */
120		(void) signal(SIGUSR2, SIG_IGN);
121		(void) fclose(stderr);			/* finished with it */
122	} else {
123		if (daemon(0, 0))
124			err(1, "can't detach from terminal");
125
126		(void) signal(SIGUSR1, DebugOn);
127		(void) signal(SIGUSR2, DebugOff);
128	}
129
130	/*
131	 *  If no interface was specified, get one now.
132	 *
133	 *  This is convoluted because we want to get the default interface
134	 *  name for the syslog("restarted") message.  If BpfGetIntfName()
135	 *  runs into an error, it will return a syslog-able error message
136	 *  (in `errmsg') which will be displayed here.
137	 */
138	if (IntfName == NULL) {
139		char *errmsg;
140
141		if ((IntfName = BpfGetIntfName(&errmsg)) == NULL) {
142			/* BpfGetIntfName() returns safe names, using %m */
143			syslog(LOG_ERR, "%s", errmsg);
144			DoExit();
145		}
146	}
147
148	openlog(__progname, LOG_PID, LOG_DAEMON);
149	fd = BpfOpen();
150	syslog(LOG_NOTICE, "restarted (%s)", IntfName);
151
152	(void) signal(SIGHUP, ReConfig);
153	(void) signal(SIGINT, Exit);
154	(void) signal(SIGTERM, Exit);
155
156	gethostname(MyHost, HOST_NAME_MAX+1);
157
158	/*
159	 *  All boot files are relative to the boot directory, we might
160	 *  as well chdir() there to make life easier.
161	 */
162	if (chdir(BootDir) == -1) {
163		syslog(LOG_ERR, "chdir: %m (%s)", BootDir);
164		DoExit();
165	}
166
167	/*
168	 *  Initial configuration.
169	 */
170	if (GetBootFiles() == 0)		/* get list of boot files */
171		DoExit();
172	if (ParseConfig() == 0)			/* parse config file */
173		DoExit();
174
175	if (chroot(BootDir) == -1) {
176		syslog(LOG_CRIT, "chroot %s: %m", BootDir);
177		exit(1);
178	}
179	if (chdir("/") == -1) {
180		syslog(LOG_CRIT, "chdir(\"/\"): %m");
181		exit(1);
182	}
183	if (setgroups(1, &pw->pw_gid) ||
184	    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
185	    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) {
186		syslog(LOG_CRIT, "can't drop privileges: %m");
187		exit(1);
188	}
189	endpwent();
190
191	/*
192	 *  Main loop: receive a packet, determine where it came from,
193	 *  and if we service this host, call routine to handle request.
194	 */
195	pfd[0].fd = fd;
196	pfd[0].events = POLLIN;
197	for (;;) {
198		int nsel;
199
200		/*
201		 * Check pending actions
202		 */
203		if (dodebugoff) {
204			DoDebugOff();
205			dodebugoff = 0;
206		}
207		if (dodebugon) {
208			DoDebugOn();
209			dodebugon = 0;
210		}
211		if (doreconfig) {
212			DoReConfig();
213			doreconfig = 0;
214		}
215
216		nsel = poll(pfd, 1, RmpConns ? RMP_TIMEOUT * 100 : -1);
217
218		if (nsel == -1) {
219			if (errno == EINTR)
220				continue;
221			syslog(LOG_ERR, "poll: %m");
222			DoExit();
223		} else if (nsel == 0) {		/* timeout */
224			DoTimeout();		/* clear stale conns */
225			continue;
226		}
227
228		if (pfd[0].revents & POLLIN) {
229			RMPCONN rconn;
230			CLIENT *client;
231			int doread = 1;
232
233			while (BpfRead(&rconn, doread)) {
234				doread = 0;
235
236				if (DbgFp != NULL)	/* display packet */
237					DispPkt(&rconn,DIR_RCVD);
238
239				/*
240				 *  If we do not restrict service, set the
241				 *  client to NULL (ProcessPacket() handles
242				 *  this).  Otherwise, check that we can
243				 *  service this host; if not, log a message
244				 *  and ignore the packet.
245				 */
246				if (BootAny) {
247					client = NULL;
248				} else if ((client=FindClient(&rconn))==NULL) {
249					syslog(LOG_INFO,
250					    "%s: boot packet ignored",
251					    EnetStr(&rconn));
252					continue;
253				}
254
255				ProcessPacket(&rconn,client);
256			}
257		}
258	}
259}
260
261/*
262**  DoTimeout -- Free any connections that have timed out.
263**
264**	Parameters:
265**		None.
266**
267**	Returns:
268**		Nothing.
269**
270**	Side Effects:
271**		- Timed out connections in `RmpConns' will be freed.
272*/
273void
274DoTimeout(void)
275{
276	RMPCONN *rtmp;
277	struct timeval now;
278
279	(void) gettimeofday(&now, NULL);
280
281	/*
282	 *  For each active connection, if RMP_TIMEOUT seconds have passed
283	 *  since the last packet was sent, delete the connection.
284	 */
285	for (rtmp = RmpConns; rtmp != NULL; rtmp = rtmp->next)
286		if ((rtmp->tstamp.tv_sec + RMP_TIMEOUT) < now.tv_sec) {
287			syslog(LOG_WARNING, "%s: connection timed out (%u)",
288			    EnetStr(rtmp), rtmp->rmp.r_type);
289			RemoveConn(rtmp);
290		}
291}
292
293/*
294**  FindClient -- Find client associated with a packet.
295**
296**	Parameters:
297**		rconn - the new packet.
298**
299**	Returns:
300**		Pointer to client info if found, NULL otherwise.
301**
302**	Side Effects:
303**		None.
304**
305**	Warnings:
306**		- This routine must be called with SIGHUP blocked since
307**		  a reconfigure can invalidate the information returned.
308*/
309CLIENT *
310FindClient(RMPCONN *rconn)
311{
312	CLIENT *ctmp;
313
314	for (ctmp = Clients; ctmp != NULL; ctmp = ctmp->next)
315		if (bcmp((char *)&rconn->rmp.hp_hdr.saddr[0],
316		    (char *)&ctmp->addr[0], RMP_ADDRLEN) == 0)
317			break;
318
319	return(ctmp);
320}
321
322/*
323**  Exit -- Log an error message and exit.
324**
325**	Parameters:
326**		sig - caught signal (or zero if not dying on a signal).
327**
328**	Returns:
329**		Does not return.
330**
331**	Side Effects:
332**		- This process ceases to exist.
333*/
334void
335Exit(int sig)
336{
337	struct syslog_data sdata = SYSLOG_DATA_INIT;
338
339	syslog_r(LOG_ERR, &sdata, "going down on signal %d", sig);
340	_exit(1);
341}
342
343void
344DoExit(void)
345{
346	syslog(LOG_ERR, "going down on fatal error");
347	exit(1);
348}
349
350/*
351**  ReConfig -- Get new list of boot files and reread config files.
352**
353**	Parameters:
354**		None.
355**
356**	Returns:
357**		Nothing.
358**
359**	Side Effects:
360**		- All active connections are dropped.
361**		- List of bootable files is changed.
362**		- List of clients is changed.
363**
364**	Warnings:
365**		- This routine must be called with SIGHUP blocked.
366*/
367void
368ReConfig(int signo)
369{
370	doreconfig = 1;
371}
372
373void
374DoReConfig(void)
375{
376	syslog(LOG_NOTICE, "reconfiguring boot server");
377
378	FreeConns();
379
380	if (GetBootFiles() == 0)
381		DoExit();
382
383	if (ParseConfig() == 0)
384		DoExit();
385}
386
387/*
388**  DebugOff -- Turn off debugging.
389**
390**	Parameters:
391**		None.
392**
393**	Returns:
394**		Nothing.
395**
396**	Side Effects:
397**		- Debug file is closed.
398*/
399void
400DebugOff(int signo)
401{
402	dodebugoff = 1;
403}
404
405void
406DoDebugOff(void)
407{
408	if (DbgFp != NULL)
409		(void) fclose(DbgFp);
410
411	DbgFp = NULL;
412}
413
414/*
415**  DebugOn -- Turn on debugging.
416**
417**	Parameters:
418**		None.
419**
420**	Returns:
421**		Nothing.
422**
423**	Side Effects:
424**		- Debug file is opened/truncated if not already opened,
425**		  otherwise do nothing.
426*/
427void
428DebugOn(int signo)
429{
430	dodebugon = 1;
431}
432
433void
434DoDebugOn(void)
435{
436	if (DbgFp == NULL) {
437		if ((DbgFp = fopen(DbgFile, "w")) == NULL)
438			syslog(LOG_ERR, "can't open debug file (%s)", DbgFile);
439	}
440}
441