| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
[skip ci]
(cherry picked from commit 88a0f88dbe73f57b69940d1ede8d0eb375f13095)
|
|
|
|
|
|
|
|
|
|
|
| |
That makes sure we terminate with a '\0'.
Reported by Charles Smith at Tangible Security.
While we're at it, fix some existing pcap_strlcpy() calls to use the
size of the buffer, using sizeof.
(cherry picked from commit fb4f0f1c85560e65cee6c6f6ba0addb2fc468136)
|
|
|
|
|
|
|
|
|
|
|
| |
It's like pcap_fmt_errmsg_for_errno(), but for Windows error codes.
Use it, rather than calling pcap_win32_err_to_str() and then formatting
a message with pcap_strerror().
Clean up some error messages while we're at it.
(cherry picked from commit 81e850934fc00eb60c12b240fda57b7c05223cff)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we do the accept() ourselves, we get only one socket on which we send
and from which we receive messages.
If we're run by an inetd-compatible daemon, it does the accept() and
gets only one socket, which it proceeds to dup and hand to us as the
standard input, output, and error; we really only need to use one of
them.
In the latter case, just dup the standard input, and then close the
standard input, output, and error as we dup a descriptor for /dev/null
to them.
In both cases, just hand the one control socket to daemon_serviceloop().
Close it in daemon_serviceloop() before it returns, rather than in the
caller after it returns.
(backported from commit 5ec780d84809c8be1398f55527ada06f4ec7034e)
|
|
|
|
| |
(cherry picked from commit 3f007f04a84bfdfdb308ecf079cf7e6441004393)
|
|
|
|
| |
(cherry picked from commit 23902b0b4b72748da182f7995315476f6a668e03)
|
|
|
|
|
|
|
|
|
|
| |
Rename the sock_copy structure to params_copy, and add a pointer to the
host list to it. Make the copy, stuff a pointer to it into the
allocated structure, and do the appropriate freeing on errors; in the
initial routine of the service thread, pass on the host list pointer
from the structure.
(cherry picked from commit cae80e9c180208fd76e5d1097798197431ecf920)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
That:
1) arranges that it's done only in one code path;
2) arranges that it not be done in the main connection-accepting
thread/process if this isn't an inetd-style daemon;
3) means that we're doing it in inetd-style daemons - we weren't
doing it before;
4) means that we're doing it after we've turned off non-blocking
mode on Windows, not before - doing it before may cause
sending a host/port list check error not to work (as we won't
block waiting for buffer space to be available for output).
Fix the file descriptor handling for inetd-style daemons while we're at
it; we should redirect the standard error to /dev/null - it's not
guaranteed to, for example, go to a daemon that reads your error
messages and logs them, and it could be going over the connection, which
would be a problem.
Close the control socket with sock_close() after daemon_serviceloop()
returns, in case shutting down the write side is necessary to have the
connection shut down cleanly.
(backported from commit 941280a5cd6aefafa79ff4dd032c4467a42c1fd1)
|
|
|
|
|
|
|
| |
Only if it thinks it's being run as a daemon should rpcapd log to the
system log.
(cherry picked from commit f3a833ea74fdc05a5445424db306949979b5f30c)
|
|
|
|
|
|
|
|
|
|
| |
That's what you want for daemons, as the standard error might not go
anywhere or, worse, might go to the control socket.
Also have a -D flag to control whether to log debug messages or not; the
default is "not".
(cherry picked from commit db1104b9632642bfadfa4e2e2b772ac1265fb280)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new LOGPRIO_DEBUG priority for logging, and use that instead of
SOCK_DEBUG_MESSAGE().
Use rpcapd_log() for command-line-argument errors as well.
This makes it easier to send errors somewhere other than the standard
output in daemons, and to control, at run time, whether to log debugging
messages.
(cherry picked from commit 117fb4c9a3b539d86e1aea3a8cca6b2ebb4c2917)
|
|
|
|
|
|
|
|
|
|
|
| |
If the control socket is in non-blocking mode, there's no guarantee that
we can easily send an error message to the client - we *probably* can,
but let's not rely on it, especially given that there are "shouldn't
happen" errors. Log them instead.
While we're at it, fix a copy-and-pasteo and fix indentation.
(cherry picked from commit 40b4666b567b234a5d8c2ae802c290d49758834a)
|
|
|
|
|
|
|
|
|
|
|
| |
C copmilers *really* shouldn't complain about unreachable break
statements, given that they're used as case separators. *Maybe*
complain if they're immediately preceded by a return or break statement,
but not if they're preceded by calls to functions that don't return.
While we're at it, use the same style for all NOTREACHED comments.
(cherry picked from commit 69b2b73b57863b270ca9479c136b158242dd08df)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We now depend on the *full* semantics of those routines, including the
return value being usable for truncation checks.
If we're building for a UN*X that has them, define pcap_strl{cpy,cat} to
be strl{cpy,cat}.
If we're building for Windows using MSVC, define pcap_strl{cpy,cat}, not
strl{cpy,cat}.
Otherwise, build our won versions of pcap_strl{cpy,cat} from BSD-derived
source code.
(cherry picked from commit 017c240336a375aebd52ec30cf341a207f1c12a4)
|
| |
|
|
|
|
| |
https://www.winpcap.org/docs/docs_412/html/group__remote.html
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
FD_SETSIZE might be defined as an unsigned, but sock_info->sock will be
an int on UN*Xes. It's not going to be negative (that's used for errors
from calls that return FDs, and if we got an error we wouldn't have an
FD on which to select), so just cast both sides to unsigned int.
|
|
|
|
| |
Signed-off-by: Joerg Mayer <jmayer@loplof.de>
|
|\
| |
| | |
Declare some variables static (found via -Wmissing-variable-declarations)
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
That makes it
#ifdef _WIN32
Windows-only stuff
#else
UN*X-only stuff
#endif
|
| |
| |
| |
| |
| |
| |
| | |
This emphasizes that it's for *debugging* messages, not for errors sent
to the peer or logged to a daemon log file. Any message that would be
useful if printed/logged in a production environment should *not* be
reported with SOCK_DEBUG_MESSAGE().
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When run from inetd and programs that support inetd-style program
launching (xinetd, launchd, systemd, ...), we don't do a
connection-accept loop; we're handed the input side of the connection as
the standard input and the output side of the connection as the standard
output, and should dive right into the service loop.
We extract the initial connection initialization and cleanup stuff from
daemon_serviceloop() and put it into the code that calls the service
loop, in rpcapd.c; it's different in the four cases where we start a
service loop (accepted connection on UN*X, accepted connection on
Windows, run from inetd, active mode), so that cleans up
daemon_serviceloop() a bit.
Supply a sample launchd plist; we could also supply examples of inetd
and xinetd config file entries, and systemd units.
|
| |
| |
| |
| |
| | |
SOCK_ASSERT was always called with a true expression ("1") thus only ever executing the message part.
Rename the macro, remove the assert part and remove the "1" parameter.
|
| |
| |
| |
| |
| |
| |
| | |
We don't need to make it a manual-reset event, explicitly check it with
WaitForSingleObject(), and reset it; it's the first event in the event
set, so if it's set, WSAWaitForMultipleEvents() will return
WSA_WAIT_EVENT_0, otherwise it'll return some other value.
|
|/
|
|
|
|
|
|
| |
That's what we do on UN*X; it should keep us from changing configuration
information out from under that loop.
While we're at it, indicate that we'll accept "parameter change"
controls, because we have code to process them.
|
|
|
|
|
|
|
|
|
| |
Call send_shutdown_event() on a SERVICE_CONTROL_STOP opcode.
Handle the SERVICE_CONTROL_PARAMCHANGE opcode as well.
Also, close all the listen sockets and clean up the socket mechanism
before accept_connections() returns.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Doing WSAEventSelect() on a socket turns on non-blocking mode on that
socket. accept(), on a non-blocking socket, returns a non-blocking
socket and, if the listen socket is non-blocking because
WSAEventSelect() was done on it, returns a non-blocking socket *with
WSAEventSelect() in effect*, so you have to remove the events and then
turn off non-blocking mode.
Thanks, Microsoft.
|
|
|
|
|
|
|
| |
ISO C doesn't say it can have that argument, and the argument isn't
used. The Single UNIX Specification says a pointer to the environment
is available as an external variable, and says nothing about a third
envp argument.
|
|
|
|
|
|
|
|
|
|
| |
Instead, have the SIGHUP handler set a flag indicating that the
configuration file should be re-read, and have the main loop check that
flag and, if it's set, clear the flag and call fileconf_read().
Don't set the handler in fileconf_read() - we're using sigaction() and
telling it that the handler shouldn't be reset, so there's no need to
set it, and setting it might clear the "don't reset" indication.
|
|
|
|
|
| |
Behavior, if a variable is set in a signal handler, is undefined unless
the variable is of type volatile sig_atomic_t.
|
|
|
|
|
|
|
| |
We don't want to rely on signal() not resetting the signal handler. The
Single UNIX Specification says it's implementation-defined whether that
happens. Use sigaction(), instead, where, if you don't request that the
signal handler be reset, it's not reset.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Have the main thread wait on all of the sockets on which we're
listening, using select() on UN*X and WSAWaitForMultipleEvents() on
Windows, rather than having separate threads or processes for each of
the sockets.
On UN*X, have "shut down" signals just set a flag, and have the select()
check for EINTR and, if it got EINTR, check the flag, and leave the main
event loop if it's set.
On Windows, set a console control event handler and, for all the "shut
down" events, set an event on which the main thread waits, in addition
to the socket events, and, if that event is signaled, leave the main
event loop.
|
|
|
|
|
| |
Again, the "decl" in "__declspec()" appears to mean it's for use only in
declarations, not definitions.
|
|
|
|
|
|
|
|
| |
Also suppress the one non-fixable warning:
build/scanner.c:5020:1: warning: function 'yy_fatal_error' could be
declared with attribute 'noreturn' [-Wmissing-noreturn]
Signed-off-by: Joerg Mayer <jmayer@loplof.de>
|
|
|
|
| |
Use for (;;) rather than while (1).
|
|
|
|
|
|
|
|
| |
If we have the SO_NOSIGPIPE socket option, set it on all sockets created
with sock_open().
Ignore SIGPIPE in rpcapd, in case we're on a platform where we *can't*
disable SIGPIPE on a socket.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we're using threads, free it if the attempt to create the thread
fails.
If we're using subprocesses, free it in the parent process, which isn't
using it.
(We don't really teed the socket temporary if we're using subprocesses,
as the socket value won't be overwritten - the multiple socket opens are
done in separate processes.)
This should fix Coverity CID 1418994.
|
|
|
|
| |
This should fix Coverity CID 1418993.
|
|
|
|
| |
It's just a version of getopt() to use on Windows.
|
|
|
|
| |
That squelches some warnings.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
That routine will use strerror_s() or strerror_r() if available, in a
fashion that's thread-safe. Otherwise, it falls back on
pcap_strerror().
Use it in both libpcap and rpcapd.
Given that we check for errors in strerror_r(), hopefully this will
squelch warnings with newer version of GCC and GNU libc; whilst the
macOS (and other BSD-flavored?) strerror_r() always fills in a message,
that's not required by the Single UNIX Specification, as far as I can
tell, so we apparently really *do* need to check for errors.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Have separate handlers for SIGINT/SIGTERM, for which we just want to
kill off subprocesses on UN*X and exit on all platforms (just exit,
don't muck with sockets, as that could cause random errors in threads
handling connections), and SIGABRT, which is for Windows services and
which probably needs more cleanup.
Change signal handler names to better felect what they (now) do, and add
and update comments.
No need to export the handlers from rpcapd/rpcapd.c
|
|
|
|
|
| |
If we're not checking whether a sock_close() fails, we don't need an
error message.
|
| |
|