From 342c075e00df43d2b5a72e0757d44c93aca834c9 Mon Sep 17 00:00:00 2001 From: Alex 'AdUser' Z Date: Fri, 15 Jan 2021 01:03:13 +1000 Subject: [PATCH] * drop multicast source/backend (so, it was funny, but it's time to die) --- CMakeLists.txt | 2 - src/backends/CMakeLists.txt | 6 - src/backends/mcast.c | 217 ----------------------------- src/sources/CMakeLists.txt | 6 - src/sources/mcast.c | 271 ------------------------------------ 5 files changed, 502 deletions(-) delete mode 100644 src/backends/mcast.c delete mode 100644 src/sources/mcast.c diff --git a/CMakeLists.txt b/CMakeLists.txt index 5d50f61..e85176a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -12,7 +12,6 @@ option(WITH_HARDENING "Enable hardening options" ON) option(WITH_READLINE "Use readline library for client" ON) option(WITH_PCRE "Build pcre-compatible filter" ON) option(WITH_REDIS "Build redis source/backend" OFF) -option(WITH_MCAST "Build mcast source/backend" OFF) option(WITH_IPSET "Build native ipset backend" OFF) if (NOT DEFINED CMAKE_INSTALL_PREFIX) @@ -56,7 +55,6 @@ message(STATUS "- WITH_CSOCKET : ${WITH_CSOCKET}") message(STATUS "- WITH_HARDENING : ${WITH_HARDENING}") message(STATUS "- WITH_PCRE : ${WITH_PCRE}") message(STATUS "- WITH_REDIS : ${WITH_REDIS}") -message(STATUS "- WITH_MCAST : ${WITH_MCAST}") message(STATUS "- WITH_IPSET : ${WITH_IPSET}") message(STATUS "- WITH_READLINE : ${WITH_READLINE}") message(STATUS "Components:") diff --git a/src/backends/CMakeLists.txt b/src/backends/CMakeLists.txt index 2f9e87f..606570f 100644 --- a/src/backends/CMakeLists.txt +++ b/src/backends/CMakeLists.txt @@ -5,12 +5,6 @@ set(BACKENDS "") add_library("b_exec" MODULE "exec.c" "../strlcpy.c") list(APPEND BACKENDS "exec") -if (WITH_MCAST) - add_library("b_mcast" MODULE "mcast.c" "../strlcpy.c" - "../commands.c" "../cmsg.c" "../csocket.c") - list(APPEND BACKENDS "mcast") -endif () - find_library(REDIS_FOUND "hiredis") if (WITH_REDIS AND REDIS_FOUND) add_library("b_redis" MODULE "redis.c" "../strlcpy.c") diff --git a/src/backends/mcast.c b/src/backends/mcast.c deleted file mode 100644 index 23a90ef..0000000 --- a/src/backends/mcast.c +++ /dev/null @@ -1,217 +0,0 @@ -/* Copyright 2016 Alex 'AdUser' Z (ad_user@runbox.com) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 as - * published by the Free Software Foundation. - */ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "../strlcpy.h" -#include "../commands.h" -#include "../cmsg.h" -#include "../csocket.h" - -#include "backend.h" -#include "shared.c" - -#define DEFAULT_MCAST_ADDR "239.255.186.1" -#define DEFAULT_MCAST_PORT "3370" - -struct _config { - char name[ID_MAX + 1]; - char error[256]; - bool shared; - char maddr[INET_ADDRSTRLEN]; /**< multicast address */ - char mport[6]; /**< multicast port */ - char iface[IF_NAMESIZE]; /**< bind interface */ - int sock; - struct sockaddr_storage sa; - socklen_t sa_len; -}; - -cfg_t * -create(const char *id) { - cfg_t *cfg = NULL; - - assert(id != NULL); - - if ((cfg = calloc(1, sizeof(cfg_t))) == NULL) - return NULL; - strlcpy(cfg->name, id, sizeof(cfg->name)); - strlcpy(cfg->maddr, DEFAULT_MCAST_ADDR, sizeof(cfg->maddr)); - strlcpy(cfg->mport, DEFAULT_MCAST_PORT, sizeof(cfg->mport)); - - return cfg; -} - -bool -config(cfg_t *cfg, const char *key, const char *value) { - assert(cfg != NULL); - assert(key != NULL); - assert(value != NULL); - - if (strcmp(key, "group") == 0) { - if (strncmp(value, "239.255.", 8) != 0) { - strlcpy(cfg->error, "mcast group address should be inside 239.255.0.0/16 block", sizeof(cfg->error)); - return false; - } - strlcpy(cfg->maddr, value, sizeof(cfg->maddr)); - return true; - } - if (strcmp(key, "port") == 0) { - strlcpy(cfg->mport, value, sizeof(cfg->mport)); - return true; - } - if (strcmp(key, "iface") == 0) { - strlcpy(cfg->iface, value, sizeof(cfg->iface)); - return true; - } - - return false; -} - -bool -ready(cfg_t *cfg) { - assert(cfg != NULL); - - if (cfg->maddr[0] && cfg->mport[0]) - return true; - - return false; -} - -char * -error(cfg_t *cfg) { - assert(cfg != NULL); - - return cfg->error; -} - -bool -start(cfg_t *cfg) { - struct addrinfo hints; - struct addrinfo *result; - assert(cfg != NULL); - int ret, sock = -1; - - if (cfg->shared && usage_inc(cfg->name) > 1) - return true; - - memset(&hints, 0, sizeof(struct addrinfo)); - hints.ai_family = AF_INET; - hints.ai_socktype = SOCK_DGRAM; - hints.ai_protocol = 0; - - if ((ret = getaddrinfo(cfg->maddr, cfg->mport, &hints, &result)) < 0) { - snprintf(cfg->error, sizeof(cfg->error), "can't create socket: %s", gai_strerror(ret)); - return false; - } - - for (struct addrinfo *rp = result; rp != NULL; rp = rp->ai_next) { - if (sock >= 0) { - close(sock); /* from prev iteration */ - sock = -1; - } - if ((sock = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol)) < 0) { - snprintf(cfg->error, sizeof(cfg->error), "can't create socket: %s", strerror(errno)); - continue; - } - memcpy(&cfg->sa, rp->ai_addr, rp->ai_addrlen); - cfg->sa_len = rp->ai_addrlen; - break; - } - freeaddrinfo(result); - - if (sock < 0) - return false; - - cfg->sock = sock; - return true; - - return true; -} - -bool -stop(cfg_t *cfg) { - assert(cfg != NULL); - - if (cfg->shared && usage_dec(cfg->name) > 0) - return true; - - close(cfg->sock); - cfg->sock = -1; - - return true; -} - -bool -ban(cfg_t *cfg, const char *ip) { - f2b_cmsg_t cmsg; - int ret; - - assert(cfg != NULL); - - memset(&cmsg, 0x0, sizeof(cmsg)); - - strncpy(cmsg.magic, "F2B", sizeof(cmsg.magic)); - cmsg.version = F2B_PROTO_VER; - cmsg.type = CMD_JAIL_IP_BAN; - f2b_cmd_append_arg(cmsg.data, sizeof(cmsg.data), cfg->name); - f2b_cmd_append_arg(cmsg.data, sizeof(cmsg.data), ip); - cmsg.size = strlen(cmsg.data); - cmsg.data[cmsg.size] = '\0'; - f2b_cmsg_convert_args(&cmsg); - - ret = f2b_csocket_send(cfg->sock, &cmsg, &cfg->sa, &cfg->sa_len); - if (ret <= 0) { - strlcpy(cfg->error, f2b_csocket_error(ret), sizeof(cfg->error)); - return false; - } - - return true; -} - -bool -unban(cfg_t *cfg, const char *ip) { - assert(cfg != NULL); - - (void)(cfg); /* suppress warning for unused variable 'cfg' */ - (void)(ip); /* suppress warning for unused variable 'ip' */ - return true; -} - -bool -check(cfg_t *cfg, const char *ip) { - assert(cfg != NULL); - - (void)(cfg); /* suppress warning for unused variable 'cfg' */ - (void)(ip); /* suppress warning for unused variable 'ip' */ - return false; -} - -bool -ping(cfg_t *cfg) { - assert(cfg != NULL); - - (void)(cfg); /* silence warning about unused variable */ - return true; -} - -void -destroy(cfg_t *cfg) { - assert(cfg != NULL); - - free(cfg); -} diff --git a/src/sources/CMakeLists.txt b/src/sources/CMakeLists.txt index a6003d6..ae32ed1 100644 --- a/src/sources/CMakeLists.txt +++ b/src/sources/CMakeLists.txt @@ -8,12 +8,6 @@ list(APPEND SOURCES "files") add_library("s_portknock" MODULE "portknock.c" "../strlcpy.c") list(APPEND SOURCES "portknock") -if (WITH_MCAST) - add_library("s_mcast" MODULE "mcast.c" "../strlcpy.c" - "../commands.c" "../cmsg.c" "../csocket.c") - list(APPEND SOURCES "mcast") -endif () - find_library(REDIS_FOUND "hiredis") if (WITH_REDIS AND REDIS_FOUND) add_library("s_redis" MODULE "redis.c" "../strlcpy.c") diff --git a/src/sources/mcast.c b/src/sources/mcast.c deleted file mode 100644 index 68b3761..0000000 --- a/src/sources/mcast.c +++ /dev/null @@ -1,271 +0,0 @@ -/* Copyright 2016 Alex 'AdUser' Z (ad_user@runbox.com) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 as - * published by the Free Software Foundation. - */ -#include "source.h" - -#include -#include -#include -#include -#include -#include -#include - -#include "../commands.h" -#include "../cmsg.h" -#include "../csocket.h" - -#define DEFAULT_BIND_ADDR "0.0.0.0" -#define DEFAULT_MCAST_ADDR "239.255.186.1" -#define DEFAULT_MCAST_PORT "3370" - -#if defined(IPV6_JOIN_GROUP) && !defined(IPV6_ADD_MEMBERSHIP) - /* bsd-derivatives */ - #define IPV6_ADD_MEMBERSHIP IPV6_JOIN_GROUP -#endif - -struct _config { - char name[32]; - char error[256]; - void (*errcb)(const char *errstr); - char baddr[INET6_ADDRSTRLEN]; /**< bind address */ - char maddr[INET6_ADDRSTRLEN]; /**< multicast address */ - char mport[6]; /**< multicast port */ - char iface[IF_NAMESIZE]; /**< bind interface */ - int sock; -}; - -static void -errcb_stub(const char *str) { - assert(str != NULL); - (void)(str); -} - -cfg_t * -create(const char *init) { - cfg_t *cfg = NULL; - assert(init != NULL); - if ((cfg = calloc(1, sizeof(cfg_t))) == NULL) - return NULL; - strlcpy(cfg->name, init, sizeof(cfg->name)); - strlcpy(cfg->baddr, DEFAULT_BIND_ADDR, sizeof(cfg->baddr)); - strlcpy(cfg->maddr, DEFAULT_MCAST_ADDR, sizeof(cfg->maddr)); - strlcpy(cfg->mport, DEFAULT_MCAST_PORT, sizeof(cfg->mport)); - cfg->errcb = &errcb_stub; - return cfg; -} - -bool -config(cfg_t *cfg, const char *key, const char *value) { - assert(cfg != NULL); - assert(key != NULL); - assert(value != NULL); - - if (strcmp(key, "group") == 0) { - if (strncmp(value, "239.255.", 8) != 0) { - strlcpy(cfg->error, "mcast group address should be inside 239.255.0.0/16 block", sizeof(cfg->error)); - return false; - } - strlcpy(cfg->maddr, value, sizeof(cfg->maddr)); - return true; - } - if (strcmp(key, "address") == 0) { - strlcpy(cfg->baddr, value, sizeof(cfg->baddr)); - return true; - } - if (strcmp(key, "port") == 0) { - strlcpy(cfg->mport, value, sizeof(cfg->mport)); - return true; - } - if (strcmp(key, "iface") == 0) { - strlcpy(cfg->iface, value, sizeof(cfg->iface)); - return true; - } - - return false; -} - -bool -ready(cfg_t *cfg) { - assert(cfg != NULL); - - if (cfg->maddr[0] && (cfg->iface[0] || cfg->baddr[0])) - return true; - - return false; -} - -char * -error(cfg_t *cfg) { - assert(cfg != NULL); - - return cfg->error; -} - -void -errcb(cfg_t *cfg, void (*cb)(const char *errstr)) { - assert(cfg != NULL); - assert(cb != NULL); - - cfg->errcb = cb; -} - -bool -start(cfg_t *cfg) { - struct addrinfo hints; - struct addrinfo *maddr, *laddr; - int opt, ret, sock = -1; - - assert(cfg != NULL); - - memset(&hints, 0, sizeof(struct addrinfo)); - hints.ai_family = AF_UNSPEC; - hints.ai_flags = AI_NUMERICHOST; - hints.ai_socktype = SOCK_DGRAM; - hints.ai_protocol = 0; - - if ((ret = getaddrinfo(cfg->maddr, cfg->mport, &hints, &maddr)) < 0) { - snprintf(cfg->error, sizeof(cfg->error), "can't resolve mcast addr: %s", gai_strerror(ret)); - return false; - } - - hints.ai_family = maddr->ai_family; - hints.ai_flags = AI_PASSIVE; - hints.ai_socktype = SOCK_DGRAM; - - if ((ret = getaddrinfo(cfg->baddr[0] != '\0' ? cfg->baddr : NULL, cfg->mport, &hints, &laddr)) < 0) { - snprintf(cfg->error, sizeof(cfg->error), "can't resolve local addr: %s", gai_strerror(ret)); - freeaddrinfo(maddr); - return false; - } - - do { - cfg->sock = -1; - /* create socket */ - if ((sock = socket(laddr->ai_family, laddr->ai_socktype, laddr->ai_protocol)) < 0) { - snprintf(cfg->error, sizeof(cfg->error), "can't create socket: %s", strerror(errno)); - continue; - } - /* set non-blocking mode */ - if ((opt = fcntl(sock, F_GETFL, 0)) < 0) { - continue; - } - fcntl(sock, F_SETFL, opt | O_NONBLOCK); - /* reuse address */ - opt = 1; - setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)); - /* bind to given address */ - if (bind(sock, laddr->ai_addr, laddr->ai_addrlen) < 0) { - snprintf(cfg->error, sizeof(cfg->error), "can't bind socket to addr %s: %s", - cfg->baddr, strerror(errno)); - continue; - } - /* IP_MULTICAST_LOOP -- default: yes */ - /* IP_MULTICAST_TTL -- default: 1 */ - /* join mcast group */ - if (maddr->ai_family == AF_INET) { - struct ip_mreq mreq; - struct in_addr *addr = NULL; - memset(&mreq, 0x0, sizeof(mreq)); - addr = &((struct sockaddr_in *)(maddr->ai_addr))->sin_addr; - memcpy(&mreq.imr_multiaddr, addr, sizeof(mreq.imr_multiaddr)); - addr = &((struct sockaddr_in *)(laddr->ai_addr))->sin_addr; - memcpy(&mreq.imr_interface, addr, sizeof(mreq.imr_interface)); - if (setsockopt(sock, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq)) < 0) { - snprintf(cfg->error, sizeof(cfg->error), "can't join mcast group: %s", - strerror(errno)); - continue; - } - } else if (maddr->ai_family == AF_INET6) { - struct ipv6_mreq mreq; - struct in6_addr *addr = NULL; - memset(&mreq, 0x0, sizeof(mreq)); - addr = &((struct sockaddr_in6 *)(maddr->ai_addr))->sin6_addr; - memcpy(&mreq.ipv6mr_multiaddr, addr, sizeof(mreq.ipv6mr_multiaddr)); - if (cfg->iface[0] != '\0') { - mreq.ipv6mr_interface = if_nametoindex(cfg->iface); - } - if (setsockopt(sock, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, &mreq, sizeof(mreq)) < 0) { - snprintf(cfg->error, sizeof(cfg->error), "can't join mcast group: %s", - strerror(errno)); - continue; - } - } else { - snprintf(cfg->error, sizeof(cfg->error), "unknown family for mcast addr: %d", laddr->ai_family); - continue; - } - /* all ok */ - cfg->sock = sock; - sock = -1; - } while (0); - - freeaddrinfo(maddr); - freeaddrinfo(laddr); - - if (cfg->sock < 0) - return false; - - return true; -} - -bool -stop(cfg_t *cfg) { - assert(cfg != NULL); - - /* mcast group will be leaved automatically */ - close(cfg->sock); - cfg->sock = -1; - - return true; -} - -bool -next(cfg_t *cfg, char *buf, size_t bufsize, bool reset) { - const char *args[DATA_ARGS_MAX]; - struct sockaddr_storage addr; - socklen_t socklen; - f2b_cmsg_t cmsg; - int ret; - - (void)(reset); - assert(cfg != NULL); - assert(buf != NULL); - assert(bufsize > 0); - - memset(&cmsg, 0x0, sizeof(cmsg)); - memset(&addr, 0x0, sizeof(addr)); - - while (1) { - ret = f2b_csocket_recv(cfg->sock, &cmsg, &addr, &socklen); - if (ret == 0) - break; /* no messages */ - if (ret < 0) { - cfg->errcb(f2b_csocket_error(ret)); - continue; - } - /* ret > 0 */ - if (cmsg.type != CMD_JAIL_IP_BAN) - continue; - ret = f2b_cmsg_extract_args(&cmsg, args); - if (!f2b_cmd_check_argc(cmsg.type, ret)) { - cfg->errcb("received cmsg with wrong args count"); - continue; - } - if (strcmp(cfg->name, args[0]) != 0) - continue; /* wrong group */ - strlcpy(buf, args[1], bufsize); - return true; - } - - return false; -} - -void -destroy(cfg_t *cfg) { - assert(cfg != NULL); - - free(cfg); -}