Compare commits

...

7 Commits

Author SHA1 Message Date
bol-van
ef9f9ae428 nfqws: move code 2024-11-13 19:08:59 +03:00
bol-van
e5bcc5f682 nfqws: fix autohostlist debug chown 2024-11-13 17:35:50 +03:00
bol-van
4961e0d1a5 nfqws: fix snisld compat converter 2024-11-13 15:46:40 +03:00
bol-van
6a20fa27b3 nfqws: chown files after options parse 2024-11-13 14:56:15 +03:00
bol-van
01af779f2a nfqws: chown log files after options parse 2024-11-13 14:48:10 +03:00
bol-van
feb332140a nfqws: chown log files after options parse 2024-11-13 14:47:46 +03:00
bol-van
a85a0f19da init.d: sysv do not hide error messages from daemons. remove start-stop-daemon 2024-11-13 14:23:47 +03:00
9 changed files with 72 additions and 81 deletions

View File

@ -169,13 +169,10 @@ run_daemon()
local DAEMONBASE="$(basename "$2")" local DAEMONBASE="$(basename "$2")"
local PIDFILE=$PIDDIR/$DAEMONBASE$1.pid local PIDFILE=$PIDDIR/$DAEMONBASE$1.pid
echo "Starting daemon $1: $2 $3" echo "Starting daemon $1: $2 $3"
if exists start-stop-daemon ; then
start-stop-daemon -S -p "$PIDFILE" -m -b -x "$2" -- $3
else
if [ -f "$PIDFILE" ] && pgrep -F "$PIDFILE" "$DAEMONBASE" >/dev/null; then if [ -f "$PIDFILE" ] && pgrep -F "$PIDFILE" "$DAEMONBASE" >/dev/null; then
echo already running echo already running
else else
"$2" $3 >/dev/null 2>/dev/null & "$2" $3 >/dev/null &
PID=$! PID=$!
if [ -n "$PID" ]; then if [ -n "$PID" ]; then
echo $PID >$PIDFILE echo $PID >$PIDFILE
@ -184,7 +181,6 @@ run_daemon()
false false
fi fi
fi fi
fi
} }
stop_daemon() stop_daemon()
{ {

View File

@ -1871,3 +1871,34 @@ void verdict_udp_csum_fix(uint8_t verdict, struct udphdr *udphdr, size_t transpo
udp_fix_checksum(udphdr,transport_len,ip,ip6hdr); udp_fix_checksum(udphdr,transport_len,ip,ip6hdr);
} }
} }
void dbgprint_socket_buffers(int fd)
{
if (params.debug)
{
int v;
socklen_t sz;
sz = sizeof(int);
if (!getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &v, &sz))
DLOG("fd=%d SO_RCVBUF=%d\n", fd, v);
sz = sizeof(int);
if (!getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &v, &sz))
DLOG("fd=%d SO_SNDBUF=%d\n", fd, v);
}
}
bool set_socket_buffers(int fd, int rcvbuf, int sndbuf)
{
DLOG("set_socket_buffers fd=%d rcvbuf=%d sndbuf=%d\n", fd, rcvbuf, sndbuf);
if (rcvbuf && setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &rcvbuf, sizeof(int)) < 0)
{
DLOG_PERROR("setsockopt (SO_RCVBUF)");
return false;
}
if (sndbuf && setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &sndbuf, sizeof(int)) < 0)
{
DLOG_PERROR("setsockopt (SO_SNDBUF)");
return false;
}
dbgprint_socket_buffers(fd);
return true;
}

View File

@ -247,3 +247,6 @@ void do_nat(bool bOutbound, struct ip *ip, struct ip6_hdr *ip6, struct tcphdr *t
void verdict_tcp_csum_fix(uint8_t verdict, struct tcphdr *tcphdr, size_t transport_len, struct ip *ip, struct ip6_hdr *ip6hdr); void verdict_tcp_csum_fix(uint8_t verdict, struct tcphdr *tcphdr, size_t transport_len, struct ip *ip, struct ip6_hdr *ip6hdr);
void verdict_udp_csum_fix(uint8_t verdict, struct udphdr *udphdr, size_t transport_len, struct ip *ip, struct ip6_hdr *ip6hdr); void verdict_udp_csum_fix(uint8_t verdict, struct udphdr *udphdr, size_t transport_len, struct ip *ip, struct ip6_hdr *ip6hdr);
void dbgprint_socket_buffers(int fd);
bool set_socket_buffers(int fd, int rcvbuf, int sndbuf);

View File

@ -2163,7 +2163,7 @@ static void packet_debug(bool replay, const struct dissect *dis)
char s[80]; char s[80];
str_tcphdr(s,sizeof(s),dis->tcp); str_tcphdr(s,sizeof(s),dis->tcp);
DLOG(" %s\n",s); DLOG(" %s\n",s);
if (dis->len_payload) { DLOG("TCP: len=%zu : ",dis->len_payload); hexdump_limited_dlog(dis->data_payload, dis->len_payload, 32); DLOG("\n"); } if (dis->len_payload) { DLOG("TCP: len=%zu : ",dis->len_payload); hexdump_limited_dlog(dis->data_payload, dis->len_payload, PKTDATA_MAXDUMP); DLOG("\n"); }
} }
else if (dis->udp) else if (dis->udp)
@ -2171,7 +2171,7 @@ static void packet_debug(bool replay, const struct dissect *dis)
char s[30]; char s[30];
str_udphdr(s,sizeof(s),dis->udp); str_udphdr(s,sizeof(s),dis->udp);
DLOG(" %s\n",s); DLOG(" %s\n",s);
if (dis->len_payload) { DLOG("UDP: len=%zu : ",dis->len_payload); hexdump_limited_dlog(dis->data_payload, dis->len_payload, 32); DLOG("\n"); } if (dis->len_payload) { DLOG("UDP: len=%zu : ",dis->len_payload); hexdump_limited_dlog(dis->data_payload, dis->len_payload, PKTDATA_MAXDUMP); DLOG("\n"); }
} }
else else
DLOG("\n"); DLOG("\n");

View File

@ -5,12 +5,11 @@
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include <unistd.h> #include <unistd.h>
#include <stdlib.h>
#include <ctype.h> #include <ctype.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <libgen.h> #include <libgen.h>
#include "params.h"
int unique_size_t(size_t *pu, int ct) int unique_size_t(size_t *pu, int ct)
{ {
int i, j, u; int i, j, u;
@ -64,22 +63,6 @@ char *strncasestr(const char *s, const char *find, size_t slen)
return (char *)s; return (char *)s;
} }
void hexdump_limited_dlog(const uint8_t *data, size_t size, size_t limit)
{
size_t k;
bool bcut = false;
if (size > limit)
{
size = limit;
bcut = true;
}
if (!size) return;
for (k = 0; k < size; k++) DLOG("%02X ", data[k]);
DLOG(bcut ? "... : " : ": ");
for (k = 0; k < size; k++) DLOG("%c", data[k] >= 0x20 && data[k] <= 0x7F ? (char)data[k] : '.');
if (bcut) DLOG(" ...");
}
bool load_file(const char *filename, void *buffer, size_t *buffer_size) bool load_file(const char *filename, void *buffer, size_t *buffer_size)
{ {
@ -220,38 +203,6 @@ uint16_t saport(const struct sockaddr *sa)
sa->sa_family==AF_INET6 ? ((struct sockaddr_in6*)sa)->sin6_port : 0); sa->sa_family==AF_INET6 ? ((struct sockaddr_in6*)sa)->sin6_port : 0);
} }
void dbgprint_socket_buffers(int fd)
{
if (params.debug)
{
int v;
socklen_t sz;
sz = sizeof(int);
if (!getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &v, &sz))
DLOG("fd=%d SO_RCVBUF=%d\n", fd, v);
sz = sizeof(int);
if (!getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &v, &sz))
DLOG("fd=%d SO_SNDBUF=%d\n", fd, v);
}
}
bool set_socket_buffers(int fd, int rcvbuf, int sndbuf)
{
DLOG("set_socket_buffers fd=%d rcvbuf=%d sndbuf=%d\n", fd, rcvbuf, sndbuf);
if (rcvbuf && setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &rcvbuf, sizeof(int)) < 0)
{
DLOG_PERROR("setsockopt (SO_RCVBUF)");
close(fd);
return false;
}
if (sndbuf && setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &sndbuf, sizeof(int)) < 0)
{
DLOG_PERROR("setsockopt (SO_SNDBUF)");
close(fd);
return false;
}
dbgprint_socket_buffers(fd);
return true;
}
uint64_t pntoh64(const void *p) uint64_t pntoh64(const void *p)
{ {

View File

@ -24,7 +24,6 @@ void rtrim(char *s);
void replace_char(char *s, char from, char to); void replace_char(char *s, char from, char to);
char *strncasestr(const char *s,const char *find, size_t slen); char *strncasestr(const char *s,const char *find, size_t slen);
void hexdump_limited_dlog(const uint8_t *data, size_t size, size_t limit);
bool load_file(const char *filename,void *buffer,size_t *buffer_size); bool load_file(const char *filename,void *buffer,size_t *buffer_size);
bool load_file_nonempty(const char *filename,void *buffer,size_t *buffer_size); bool load_file_nonempty(const char *filename,void *buffer,size_t *buffer_size);
bool save_file(const char *filename, const void *buffer, size_t buffer_size); bool save_file(const char *filename, const void *buffer, size_t buffer_size);
@ -40,9 +39,6 @@ uint16_t saport(const struct sockaddr *sa);
bool seq_within(uint32_t s, uint32_t s1, uint32_t s2); bool seq_within(uint32_t s, uint32_t s1, uint32_t s2);
void dbgprint_socket_buffers(int fd);
bool set_socket_buffers(int fd, int rcvbuf, int sndbuf);
uint64_t pntoh64(const void *p); uint64_t pntoh64(const void *p);
void phton64(uint8_t *p, uint64_t v); void phton64(uint8_t *p, uint64_t v);

View File

@ -757,7 +757,7 @@ static bool parse_tlspos(const char *s, struct proto_pos *sp)
else if (!strcmp(s, "snisld")) else if (!strcmp(s, "snisld"))
{ {
sp->marker = PM_HOST_MIDSLD; sp->marker = PM_HOST_MIDSLD;
sp->pos=1; sp->pos=0;
} }
else else
return false; return false;
@ -1305,10 +1305,6 @@ int main(int argc, char **argv)
fprintf(stderr, "cannot create %s\n", params.debug_logfile); fprintf(stderr, "cannot create %s\n", params.debug_logfile);
exit_clean(1); exit_clean(1);
} }
#ifndef __CYGWIN__
if (params.droproot && chown(params.debug_logfile, params.uid, -1))
fprintf(stderr, "could not chown %s. log file may not be writable after privilege drop\n", params.debug_logfile);
#endif
params.debug = true; params.debug = true;
params.debug_target = LOG_TARGET_FILE; params.debug_target = LOG_TARGET_FILE;
} }
@ -1741,10 +1737,6 @@ int main(int argc, char **argv)
DLOG_ERR("gzipped auto hostlists are not supported\n"); DLOG_ERR("gzipped auto hostlists are not supported\n");
exit_clean(1); exit_clean(1);
} }
#ifndef __CYGWIN__
if (params.droproot && chown(optarg, params.uid, -1))
DLOG_ERR("could not chown %s. auto hostlist file may not be writable after privilege drop\n", optarg);
#endif
} }
if (!(dp->hostlist_auto=RegisterHostlist(dp, false, optarg))) if (!(dp->hostlist_auto=RegisterHostlist(dp, false, optarg)))
{ {
@ -1785,10 +1777,6 @@ int main(int argc, char **argv)
exit_clean(1); exit_clean(1);
} }
fclose(F); fclose(F);
#ifndef __CYGWIN__
if (params.droproot && chown(optarg, params.uid, -1))
DLOG_ERR("could not chown %s. auto hostlist debug log may not be writable after privilege drop\n", optarg);
#endif
strncpy(params.hostlist_auto_debuglog, optarg, sizeof(params.hostlist_auto_debuglog)); strncpy(params.hostlist_auto_debuglog, optarg, sizeof(params.hostlist_auto_debuglog));
params.hostlist_auto_debuglog[sizeof(params.hostlist_auto_debuglog) - 1] = '\0'; params.hostlist_auto_debuglog[sizeof(params.hostlist_auto_debuglog) - 1] = '\0';
} }
@ -2032,6 +2020,12 @@ int main(int argc, char **argv)
DLOG_CONDUP("we have %d user defined desync profile(s) and default low priority profile 0\n",desync_profile_count); DLOG_CONDUP("we have %d user defined desync profile(s) and default low priority profile 0\n",desync_profile_count);
#ifndef __CYGWIN__
if (params.debug_target == LOG_TARGET_FILE && params.droproot && chown(params.debug_logfile, params.uid, -1))
fprintf(stderr, "could not chown %s. log file may not be writable after privilege drop\n", params.debug_logfile);
if (params.droproot && *params.hostlist_auto_debuglog && chown(params.hostlist_auto_debuglog, params.uid, -1))
DLOG_ERR("could not chown %s. auto hostlist debug log may not be writable after privilege drop\n", params.hostlist_auto_debuglog);
#endif
LIST_FOREACH(dpl, &params.desync_profiles, next) LIST_FOREACH(dpl, &params.desync_profiles, next)
{ {
dp = &dpl->dp; dp = &dpl->dp;
@ -2043,6 +2037,10 @@ int main(int argc, char **argv)
if (AUTOTTL_ENABLED(dp->desync_autottl6)) if (AUTOTTL_ENABLED(dp->desync_autottl6))
DLOG("[profile %d] autottl ipv6 %u:%u-%u\n",dp->n,dp->desync_autottl6.delta,dp->desync_autottl6.min,dp->desync_autottl6.max); DLOG("[profile %d] autottl ipv6 %u:%u-%u\n",dp->n,dp->desync_autottl6.delta,dp->desync_autottl6.min,dp->desync_autottl6.max);
split_compat(dp); split_compat(dp);
#ifndef __CYGWIN__
if (params.droproot && dp->hostlist_auto && chown(dp->hostlist_auto->filename, params.uid, -1))
DLOG_ERR("could not chown %s. auto hostlist file may not be writable after privilege drop\n", dp->hostlist_auto->filename);
#endif
} }
if (!LoadAllHostLists()) if (!LoadAllHostLists())

View File

@ -154,6 +154,21 @@ int HOSTLIST_DEBUGLOG_APPEND(const char *format, ...)
return 0; return 0;
} }
void hexdump_limited_dlog(const uint8_t *data, size_t size, size_t limit)
{
size_t k;
bool bcut = false;
if (size > limit)
{
size = limit;
bcut = true;
}
if (!size) return;
for (k = 0; k < size; k++) DLOG("%02X ", data[k]);
DLOG(bcut ? "... : " : ": ");
for (k = 0; k < size; k++) DLOG("%c", data[k] >= 0x20 && data[k] <= 0x7F ? (char)data[k] : '.');
if (bcut) DLOG(" ...");
}
struct desync_profile_list *dp_list_add(struct desync_profile_list_head *head) struct desync_profile_list *dp_list_add(struct desync_profile_list_head *head)
{ {

View File

@ -148,3 +148,4 @@ int DLOG_ERR(const char *format, ...);
int DLOG_PERROR(const char *s); int DLOG_PERROR(const char *s);
int DLOG_CONDUP(const char *format, ...); int DLOG_CONDUP(const char *format, ...);
int HOSTLIST_DEBUGLOG_APPEND(const char *format, ...); int HOSTLIST_DEBUGLOG_APPEND(const char *format, ...);
void hexdump_limited_dlog(const uint8_t *data, size_t size, size_t limit);