Home Explore Help
Register Sign In
Apq
/
ZeroTierOne
mirror of https://github.com/zerotier/ZeroTierOne.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: fde8af9483
Branches Tags
ZeroTierOne
/
netcon
/
Intercept.c

Intercept.c 32 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032 
  1. /*
    2. 

  2.  * ZeroTier One - Network Virtualization Everywhere
    3. 

  3.  * Copyright (C) 2011-2015  ZeroTier, Inc.
    4. 

  4.  *
    5. 

  5.  * This program is free software: you can redistribute it and/or modify
    6. 

  6.  * it under the terms of the GNU General Public License as published by
    7. 

  7.  * the Free Software Foundation, either version 3 of the License, or
    8. 

  8.  * (at your option) any later version.
    9. 

  9.  *
    10. 

  10.  * This program is distributed in the hope that it will be useful,
    11. 

  11.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12. 

  12.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13. 

  13.  * GNU General Public License for more details.
    14. 

  14.  *
    15. 

  15.  * You should have received a copy of the GNU General Public License
    16. 

  16.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17. 

  17.  *
    18. 

  18.  * --
    19. 

  19.  *
    20. 

  20.  * ZeroTier may be used and distributed under the terms of the GPLv3, which
    21. 

  21.  * are available at: http://www.gnu.org/licenses/gpl-3.0.html
    22. 

  22.  *
    23. 

  23.  * If you would like to embed ZeroTier into a commercial application or
    24. 

  24.  * redistribute it in a modified binary form, please contact ZeroTier Networks
    25. 

  25.  * LLC. Start here: http://www.zerotier.com/
    26. 

  26.  */
    27. 

  27. 

  28. #ifdef USE_GNU_SOURCE
    29. 

  29. #define _GNU_SOURCE
    30. 

  30. #endif
    31. 

  31. 

  32. #include <unistd.h>
    33. 

  33. #include <stdint.h>
    34. 

  34. #include <stdio.h>
    35. 

  35. #include <dlfcn.h>
    36. 

  36. #include <strings.h>
    37. 

  37. #include <netinet/in.h>
    38. 

  38. #include <sys/time.h>
    39. 

  39. #include <pwd.h>
    40. 

  40. #include <errno.h>
    41. 

  41. #include <linux/errno.h>
    42. 

  42. #include <stdarg.h>
    43. 

  43. #include <netdb.h>
    44. 

  44. #include <string.h>
    45. 

  45. #include <sys/syscall.h>
    46. 

  46. #include <sys/types.h>
    47. 

  47. #include <sys/socket.h>
    48. 

  48. #include <sys/poll.h>
    49. 

  49. #include <sys/un.h>
    50. 

  50. #include <arpa/inet.h>
    51. 

  51. 

  52. #include "Intercept.h"
    53. 

  53. 

  54. #include "common.inc.c"
    55. 

  55. 

  56. #ifdef CHECKS
    57. 

  57.   #include <sys/resource.h>
    58. 

  58.   #include <linux/net.h> /* for NPROTO */
    59. 

  59.   #define SOCK_MAX (SOCK_PACKET + 1)
    60. 

  60.   #define SOCK_TYPE_MASK 0xf
    61. 

  61. #endif
    62. 

  62. 

  63. /* Global Declarations */
    64. 

  64. static int (*realconnect)(CONNECT_SIG);
    65. 

  65. static int (*realbind)(BIND_SIG);
    66. 

  66. static int (*realaccept)(ACCEPT_SIG);
    67. 

  67. static int (*reallisten)(LISTEN_SIG);
    68. 

  68. static int (*realsocket)(SOCKET_SIG);
    69. 

  69. static int (*realsetsockopt)(SETSOCKOPT_SIG);
    70. 

  70. static int (*realgetsockopt)(GETSOCKOPT_SIG);
    71. 

  71. static int (*realaccept4)(ACCEPT4_SIG);
    72. 

  72. static long (*realsyscall)(SYSCALL_SIG);
    73. 

  73. static int (*realclose)(CLOSE_SIG);
    74. 

  74. static int (*realclone)(CLONE_SIG);
    75. 

  75. static int (*realdup2)(DUP2_SIG);
    76. 

  76. static int (*realdup3)(DUP3_SIG);
    77. 

  77. static int (*realgetsockname)(GETSOCKNAME_SIG);
    78. 

  78. 

  79. /* Exported Function Prototypes */
    80. 

  80. void my_init(void);
    81. 

  81. int connect(CONNECT_SIG);
    82. 

  82. int bind(BIND_SIG);
    83. 

  83. int accept(ACCEPT_SIG);
    84. 

  84. int listen(LISTEN_SIG);
    85. 

  85. int socket(SOCKET_SIG);
    86. 

  86. int setsockopt(SETSOCKOPT_SIG);
    87. 

  87. int getsockopt(GETSOCKOPT_SIG);
    88. 

  88. int accept4(ACCEPT4_SIG);
    89. 

  89. long syscall(SYSCALL_SIG);
    90. 

  90. int close(CLOSE_SIG);
    91. 

  91. int clone(CLONE_SIG);
    92. 

  92. int dup2(DUP2_SIG);
    93. 

  93. int dup3(DUP3_SIG);
    94. 

  94. int getsockname(GETSOCKNAME_SIG);
    95. 

  95. 

  96. static int init_service_connection();
    97. 

  97. static void load_symbols(void);
    98. 

  98. static void set_up_intercept();
    99. 

  99. 

  100. #define SERVICE_CONNECT_ATTEMPTS  30
    101. 

  101. #define RPC_FD                    1023
    102. 

  102. 

  103. static pthread_mutex_t lock;
    104. 

  104. static ssize_t sock_fd_read(int sock, void *buf, ssize_t bufsize, int *fd);
    105. 

  105. 

  106. void handle_error(char *name, char *info, int err)
    107. 

  107. {
    108. 

  108. #ifdef ERRORS_ARE_FATAL
    109. 

  109.   if(err < 0) {
    110. 

  110.     dwr(MSG_DEBUG,"handle_error(%s)=%d: FATAL: %s\n", name, err, info);
    111. 

  111.     exit(-1);
    112. 

  112.   }
    113. 

  113. #endif
    114. 

  114. #ifdef VERBOSE
    115. 

  115.   dwr(MSG_DEBUG,"%s()=%d\n", name, err);
    116. 

  116. #endif
    117. 

  117. }
    118. 

  118. 

  119. /*------------------------------------------------------------------------------
    120. 

  120. ------------------- Intercept<--->Service Comm mechanisms-----------------------
    121. 

  121. ------------------------------------------------------------------------------*/
    122. 

  122. 

  123. static int is_initialized = 0;
    124. 

  124. static int fdret_sock; /* used for fd-transfers */
    125. 

  125. static int newfd; /* used for "this_end" socket */
    126. 

  126. static int thispid = -1;
    127. 

  127. static int instance_count = 0;
    128. 

  128. 

  129. /*
    130. 

  130.  * Check for forking
    131. 

  131.  */
    132. 

  132. static void checkpid()
    133. 

  133. {
    134. 

  134.   /* Do noting if not configured (sanity check -- should never get here in this case) */
    135. 

  135.   if (!getenv("ZT_NC_NETWORK"))
    136. 

  136.     return;
    137. 

  137. 

  138.   if (thispid != getpid()) {
    139. 

  139.     dwr(MSG_DEBUG, "checkpid(): clone/fork detected. Re-initializing this instance.\n");
    140. 

  140.     set_up_intercept();
    141. 

  141.     fdret_sock = init_service_connection();
    142. 

  142.     thispid = getpid();
    143. 

  143.   }
    144. 

  144. }
    145. 

  145. 

  146. 

  147. /*
    148. 

  148.  * Reads a return value from the service and sets errno (if applicable)
    149. 

  149.  */
    150. 

  150. static int get_retval()
    151. 

  151. {
    152. 

  152.   dwr(MSG_DEBUG,"get_retval()\n");
    153. 

  153.   if(fdret_sock >= 0) {
    154. 

  154.     int retval;
    155. 

  155.     int sz = sizeof(char) + sizeof(retval) + sizeof(errno);
    156. 

  156.     char retbuf[BUF_SZ];
    157. 

  157.     memset(&retbuf, '\0', sz);
    158. 

  158.     int n_read = read(fdret_sock, &retbuf, sz);
    159. 

  159.     if(n_read > 0) {
    160. 

  160.       memcpy(&retval, &retbuf[1], sizeof(retval));
    161. 

  161.       memcpy(&errno, &retbuf[1+sizeof(retval)], sizeof(errno));
    162. 

  162.       dwr(MSG_DEBUG, "get_retval(): ret = %d\n", retval);
    163. 

  163.       return retval;
    164. 

  164.     }
    165. 

  165.   }
    166. 

  166.   dwr(MSG_DEBUG,"unable to read return value\n");
    167. 

  167.   return -1;
    168. 

  168. }
    169. 

  169. 

  170. /* Reads a new file descriptor from the service */
    171. 

  171. static int get_new_fd(int oversock)
    172. 

  172. {
    173. 

  173.   char buf[BUF_SZ];
    174. 

  174.   int newfd;
    175. 

  175.   ssize_t size = sock_fd_read(oversock, buf, sizeof(buf), &newfd);
    176. 

  176.   if(size > 0){
    177. 

  177.     dwr(MSG_DEBUG, "get_new_fd(): RX: fd = (%d) over (%d)\n", newfd, oversock);
    178. 

  178.     return newfd;
    179. 

  179.   }
    180. 

  180.   dwr(MSG_ERROR, "get_new_fd(): ERROR: unable to read fd over (%d)\n", oversock);
    181. 

  181.   return -1;
    182. 

  182. }
    183. 

  183. 

  184. #ifdef VERBOSE
    185. 

  185.   static unsigned long rpc_count = 0;
    186. 

  186. #endif
    187. 

  187. 

  188. /* Sends an RPC command to the service */
    189. 

  189. static int send_cmd(int rpc_fd, char *cmd)
    190. 

  190. {
    191. 

  191.   pthread_mutex_lock(&lock);
    192. 

  192.   char metabuf[BUF_SZ]; // portion of buffer which contains RPC metadata for debugging
    193. 

  193. #ifdef VERBOSE
    194. 

  194.   /*
    195. 

  195.   #define IDX_PID       0
    196. 

  196.   #define IDX_TID       sizeof(pid_t)
    197. 

  197.   #define IDX_COUNT     IDX_TID + sizeof(pid_t)
    198. 

  198.   #define IDX_TIME      IDX_COUNT + sizeof(int)
    199. 

  199.   #define IDX_CMD       IDX_TIME + 20 // 20 being the length of the timestamp string
    200. 

  200.   #define IDX_PAYLOAD   IDX_TIME + sizeof(char)
    201. 

  201.   */
    202. 

  202.   /* [pid_t] [pid_t] [rpc_count] [int] [...] */
    203. 

  203.   memset(metabuf, '\0', BUF_SZ);
    204. 

  204.   pid_t pid = syscall(SYS_getpid);
    205. 

  205.   pid_t tid = syscall(SYS_gettid);
    206. 

  206.   rpc_count++;
    207. 

  207.   char timestring[20];
    208. 

  208.   time_t timestamp;
    209. 

  209.   timestamp = time(NULL);
    210. 

  210.   strftime(timestring, sizeof(timestring), "%H:%M:%S", localtime(&timestamp));
    211. 

  211.   memcpy(&metabuf[IDX_PID],     &pid,         sizeof(pid_t)      ); /* pid       */
    212. 

  212.   memcpy(&metabuf[IDX_TID],     &tid,         sizeof(pid_t)      ); /* tid       */
    213. 

  213.   memcpy(&metabuf[IDX_COUNT],   &rpc_count,   sizeof(rpc_count)  ); /* rpc_count */
    214. 

  214.   memcpy(&metabuf[IDX_TIME],    &timestring,   20                ); /* timestamp */
    215. 

  215. #endif
    216. 

  216.   /* Combine command flag+payload with RPC metadata */
    217. 

  217.   memcpy(&metabuf[IDX_PAYLOAD], cmd, PAYLOAD_SZ);
    218. 

  218.   int n_write = write(rpc_fd, &metabuf, BUF_SZ);
    219. 

  219.   if(n_write < 0){
    220. 

  220.     dwr(MSG_DEBUG,"Error writing command to service (CMD = %d)\n", cmd[0]);
    221. 

  221.     errno = 0;
    222. 

  222.   }
    223. 

  223.   int ret = ERR_OK;
    224. 

  224. 

  225.   if(n_write > 0) {
    226. 

  226.     if(cmd[0]==RPC_SOCKET) {
    227. 

  227.     	ret = get_new_fd(fdret_sock);
    228. 

  228.     }
    229. 

  229.     if(cmd[0]==RPC_MAP_REQ 
    230. 

  230.       || cmd[0]==RPC_CONNECT 
    231. 

  231.       || cmd[0]==RPC_BIND
    232. 

  232.       || cmd[0]==RPC_LISTEN
    233. 

  233.       || cmd[0]==RPC_MAP) {
    234. 

  234.     	ret = get_retval();
    235. 

  235.     }
    236. 

  236.     if(cmd[0]==RPC_GETSOCKNAME) {
    237. 

  237.       ret = n_write;
    238. 

  238.     }
    239. 

  239.   }
    240. 

  240.   else {
    241. 

  241.     ret = -1;
    242. 

  242.   }
    243. 

  243.   pthread_mutex_unlock(&lock);
    244. 

  244.   return ret;
    245. 

  245. }
    246. 

  246. 

  247. 

  248. 

  249. /* Check whether the socket is mapped to the service or not. We
    250. 

  250. need to know if this is a regular AF_LOCAL socket or an end of a socketpair
    251. 

  251. that the service uses. We don't want to keep state in the intercept, so
    252. 

  252. we simply ask the service via an RPC */
    253. 

  253. static int is_mapped_to_service(int sockfd)
    254. 

  254. {
    255. 

  255.   dwr(MSG_DEBUG,"is_mapped_to_service()\n");
    256. 

  256.   char cmd[BUF_SZ];
    257. 

  257.   memset(cmd, '\0', BUF_SZ);
    258. 

  258.   cmd[0] = RPC_MAP_REQ;
    259. 

  259.   memcpy(&cmd[1], &sockfd, sizeof(sockfd));
    260. 

  260.   return send_cmd(fdret_sock, cmd);
    261. 

  261. }
    262. 

  262. 

  263. /*------------------------------------------------------------------------------
    264. 

  264. ----------  Unix-domain socket lazy initializer (for fd-transfers)--------------
    265. 

  265. ------------------------------------------------------------------------------*/
    266. 

  266. 

  267. /* Sets up the connection pipes and sockets to the service */
    268. 

  268. static int init_service_connection()
    269. 

  269. {
    270. 

  270.   struct sockaddr_un addr;
    271. 

  271.   int tfd = -1, attempts = 0, conn_err = -1;
    272. 

  272.   const char *network_id;
    273. 

  273.   char af_sock_name[1024];
    274. 

  274. 

  275.   network_id = getenv("ZT_NC_NETWORK");
    276. 

  276.   if (!network_id)
    277. 

  277.     return -1;
    278. 

  278.   strncpy(af_sock_name,network_id,sizeof(af_sock_name));
    279. 

  279.   instance_count++;
    280. 

  280. 

  281.   dwr(MSG_DEBUG,"init_service_connection()\n");
    282. 

  282. 

  283.   memset(&addr, 0, sizeof(addr));
    284. 

  284.   addr.sun_family = AF_UNIX;
    285. 

  285.   strncpy(addr.sun_path, af_sock_name, sizeof(addr.sun_path)-1);
    286. 

  286.   if((tfd = realsocket(AF_UNIX, SOCK_STREAM, 0)) == -1)
    287. 

  287.     return -1;
    288. 

  288. 

  289.   while(conn_err < 0 && attempts < SERVICE_CONNECT_ATTEMPTS) {
    290. 

  290.     conn_err = realconnect(tfd, (struct sockaddr*)&addr, sizeof(addr));
    291. 

  291.     if(conn_err < 0) {
    292. 

  292.       dwr(MSG_DEBUG,"re-attempting connection in %ds\n", 1+attempts);
    293. 

  293.       sleep(1);
    294. 

  294.     }
    295. 

  295.     else {
    296. 

  296.       dwr(MSG_DEBUG,"AF_UNIX connection established: %d\n", tfd);
    297. 

  297.       is_initialized = 1;
    298. 

  298.       int newtfd = realdup2(tfd, RPC_FD-instance_count);
    299. 

  299.       dwr(MSG_DEBUG,"dup'd to rpc_fd = %d\n", newtfd);
    300. 

  300.       close(tfd);
    301. 

  301.       return newtfd;
    302. 

  302.     }
    303. 

  303.     attempts++;
    304. 

  304.   }
    305. 

  305.   return -1;
    306. 

  306. }
    307. 

  307. 

  308. /*------------------------------------------------------------------------------
    309. 

  309. ------------------------  ctors and dtors (and friends)-------------------------
    310. 

  310. ------------------------------------------------------------------------------*/
    311. 

  311. 

  312. static void my_dest(void) __attribute__ ((destructor));
    313. 

  313. static void my_dest(void) {
    314. 

  314.   dwr(MSG_DEBUG,"closing connections to service...\n");
    315. 

  315.   pthread_mutex_destroy(&lock);
    316. 

  316. }
    317. 

  317. 

  318. static void load_symbols(void)
    319. 

  319. {
    320. 

  320.   if(thispid == getpid()) {
    321. 

  321.     dwr(MSG_DEBUG,"detected duplicate call to global constructor (pid=%d).\n", thispid);
    322. 

  322.   }
    323. 

  323.   thispid = getpid();
    324. 

  324. 

  325.   realconnect = dlsym(RTLD_NEXT, "connect");
    326. 

  326.   realbind = dlsym(RTLD_NEXT, "bind");
    327. 

  327.   realaccept = dlsym(RTLD_NEXT, "accept");
    328. 

  328.   reallisten = dlsym(RTLD_NEXT, "listen");
    329. 

  329.   realsocket = dlsym(RTLD_NEXT, "socket");
    330. 

  330.   realbind = dlsym(RTLD_NEXT, "bind");
    331. 

  331.   realsetsockopt = dlsym(RTLD_NEXT, "setsockopt");
    332. 

  332.   realgetsockopt = dlsym(RTLD_NEXT, "getsockopt");
    333. 

  333.   realaccept4 = dlsym(RTLD_NEXT, "accept4");
    334. 

  334.   realclone = dlsym(RTLD_NEXT, "clone");
    335. 

  335.   realclose = dlsym(RTLD_NEXT, "close");
    336. 

  336.   realsyscall = dlsym(RTLD_NEXT, "syscall");
    337. 

  337.   realdup2 = dlsym(RTLD_NEXT, "dup2");
    338. 

  338.   realdup3 = dlsym(RTLD_NEXT, "dup3");
    339. 

  339.   realgetsockname = dlsym(RTLD_NEXT, "getsockname");
    340. 

  340. }
    341. 

  341. 

  342. /* Private Function Prototypes */
    343. 

  343. static void _init(void) __attribute__ ((constructor));
    344. 

  344. static void _init(void) { set_up_intercept(); }
    345. 

  345. 

  346. /* get symbols and initialize mutexes */
    347. 

  347. static void set_up_intercept()
    348. 

  348. {
    349. 

  349.   if (!getenv("ZT_NC_NETWORK"))
    350. 

  350.     return;
    351. 

  351.   /* Hook/intercept Posix net API symbols */
    352. 

  352.   load_symbols();
    353. 

  353.   if(pthread_mutex_init(&lock, NULL) != 0) {
    354. 

  354.     dwr(MSG_ERROR, "error while initializing service call mutex\n");
    355. 

  355.   }
    356. 

  356.   if(pthread_mutex_init(&loglock, NULL) != 0) {
    357. 

  357.     dwr(MSG_ERROR, "error while initializing log mutex mutex\n");
    358. 

  358.   }
    359. 

  359. }
    360. 

  360. 

  361. /*------------------------------------------------------------------------------
    362. 

  362. --------------------------------- setsockopt() ---------------------------------
    363. 

  363. ------------------------------------------------------------------------------*/
    364. 

  364. 

  365. /* int socket, int level, int option_name, const void *option_value, socklen_t option_len */
    366. 

  366. int setsockopt(SETSOCKOPT_SIG)
    367. 

  367. {
    368. 

  368.   if(realsetsockopt == NULL){
    369. 

  369.     dwr(MSG_ERROR, "setsockopt(): SYMBOL NOT FOUND.\n");
    370. 

  370.     return -1;
    371. 

  371.   }
    372. 

  372.   dwr(MSG_DEBUG,"setsockopt(%d)\n", socket);
    373. 

  373.   /*
    374. 

  374.   if(is_mapped_to_service(socket) < 0) { // First, check if the service manages this
    375. 

  375.     return realsetsockopt(socket, level, option_name, option_value, option_len);
    376. 

  376.   }
    377. 

  377.   */
    378. 

  378.   /* return(realsetsockopt(socket, level, option_name, option_value, option_len)); */
    379. 

  379.   if(level == SOL_IPV6 && option_name == IPV6_V6ONLY)
    380. 

  380.     return 0;
    381. 

  381.   if(level == SOL_IP && option_name == IP_TTL)
    382. 

  382.     return 0;
    383. 

  383.   if(level == IPPROTO_TCP || (level == SOL_SOCKET && option_name == SO_KEEPALIVE))
    384. 

  384.     return 0;
    385. 

  385.   /* make sure we don't touch any standard outputs */
    386. 

  386.   if(socket == STDIN_FILENO || socket == STDOUT_FILENO || socket == STDERR_FILENO)
    387. 

  387.     return(realsetsockopt(socket, level, option_name, option_value, option_len));
    388. 

  388.   int err = realsetsockopt(socket, level, option_name, option_value, option_len);
    389. 

  389.   if(err < 0){
    390. 

  390.     perror("setsockopt():\n");
    391. 

  391.   }
    392. 

  392.   return 0;
    393. 

  393. }
    394. 

  394. 

  395. /*------------------------------------------------------------------------------
    396. 

  396. --------------------------------- getsockopt() ---------------------------------
    397. 

  397. ------------------------------------------------------------------------------*/
    398. 

  398. 

  399. /* int sockfd, int level, int optname, void *optval, socklen_t *optlen */
    400. 

  400. int getsockopt(GETSOCKOPT_SIG)
    401. 

  401. {
    402. 

  402.   if(realgetsockopt == NULL){
    403. 

  403.     dwr(MSG_ERROR, "getsockopt(): SYMBOL NOT FOUND.\n");
    404. 

  404.     return -1;
    405. 

  405.   }
    406. 

  406.   dwr(MSG_DEBUG,"getsockopt(%d)\n", sockfd);
    407. 

  407.   
    408. 

  408.   if(is_mapped_to_service(sockfd) <= 0) { // First, check if the service manages this
    409. 

  409.     return realgetsockopt(sockfd, level, optname, optval, optlen);
    410. 

  410.   }
    411. 

  411.   //return 0;
    412. 

  412. 

  413. 

  414.   //int err = realgetsockopt(sockfd, level, optname, optval, optlen);
    415. 

  415.   /* TODO: this condition will need a little more intelligence later on
    416. 

  416.    -- we will need to know if this fd is a local we are spoofing, or a true local */
    417. 

  417.   
    418. 

  418.   if(optname == SO_TYPE)
    419. 

  419.   {
    420. 

  420.     int* val = (int*)optval;
    421. 

  421.     *val = 2;
    422. 

  422.     optval = (void*)val;
    423. 

  423.   }
    424. 

  424.   /*
    425. 

  425.   if(err < 0){
    426. 

  426.     perror("getsockopt():\n");
    427. 

  427.   }
    428. 

  428.   */
    429. 

  429.   return 0;
    430. 

  430. }
    431. 

  431. 

  432. 

  433. /*------------------------------------------------------------------------------
    434. 

  434. ----------------------------------- socket() -----------------------------------
    435. 

  435. ------------------------------------------------------------------------------*/
    436. 

  436. 

  437. /* int socket_family, int socket_type, int protocol
    438. 

  438.    socket() intercept function */
    439. 

  439. int socket(SOCKET_SIG)
    440. 

  440. {
    441. 

  441.   if(realsocket == NULL){
    442. 

  442.     dwr(MSG_ERROR, "socket(): SYMBOL NOT FOUND.\n");
    443. 

  443.     return -1;
    444. 

  444.   }
    445. 

  445.   dwr(MSG_DEBUG,"socket():\n");
    446. 

  446.   int err;
    447. 

  447. #ifdef CHECKS
    448. 

  448.   /* Check that type makes sense */
    449. 

  449.   int flags = socket_type & ~SOCK_TYPE_MASK;
    450. 

  450.   if (flags & ~(SOCK_CLOEXEC | SOCK_NONBLOCK)) {
    451. 

  451.       errno = EINVAL;
    452. 

  452.       handle_error("socket", "", -1);
    453. 

  453.       return -1;
    454. 

  454.   }
    455. 

  455.   socket_type &= SOCK_TYPE_MASK;
    456. 

  456.   /* Check protocol is in range */
    457. 

  457.   if (socket_family < 0 || socket_family >= NPROTO){
    458. 

  458.     errno = EAFNOSUPPORT;
    459. 

  459.     handle_error("socket", "", -1);
    460. 

  460.     return -1;
    461. 

  461.   }
    462. 

  462.   if (socket_type < 0 || socket_type >= SOCK_MAX) {
    463. 

  463.     errno = EINVAL;
    464. 

  464.     handle_error("socket", "", -1);
    465. 

  465.     return -1;
    466. 

  466.   }
    467. 

  467.   /* Check that we haven't hit the soft-limit file descriptors allowed */
    468. 

  468.   /* FIXME: Find number of open fds
    469. 

  469.   struct rlimit rl;
    470. 

  470.   getrlimit(RLIMIT_NOFILE, &rl);
    471. 

  471.   if(sockfd >= rl.rlim_cur){
    472. 

  472.     errno = EMFILE;
    473. 

  473.     return -1;
    474. 

  474.   }
    475. 

  475.   */
    476. 

  476.   /* TODO: detect ENFILE condition */
    477. 

  477. #endif
    478. 

  478.   char cmd[BUF_SZ];
    479. 

  479.   fdret_sock = !is_initialized ? init_service_connection() : fdret_sock;
    480. 

  480.   if(fdret_sock < 0) {
    481. 

  481.     dwr(MSG_DEBUG,"BAD service connection. exiting.\n");
    482. 

  482.     handle_error("socket", "", -1);
    483. 

  483.     exit(-1);
    484. 

  484.   }
    485. 

  485.   if(socket_family == AF_LOCAL
    486. 

  486.     || socket_family == AF_NETLINK
    487. 

  487.     || socket_family == AF_UNIX) {
    488. 

  488.       int err = realsocket(socket_family, socket_type, protocol);
    489. 

  489.       dwr(MSG_DEBUG,"realsocket, err = %d\n", err);
    490. 

  490.       handle_error("socket", "", err);
    491. 

  491.       return err;
    492. 

  492.   }
    493. 

  493.   /* Assemble and send RPC */
    494. 

  494.   struct socket_st rpc_st;
    495. 

  495.   rpc_st.socket_family = socket_family;
    496. 

  496.   rpc_st.socket_type = socket_type;
    497. 

  497.   rpc_st.protocol = protocol;
    498. 

  498.   rpc_st.__tid = syscall(SYS_gettid);
    499. 

  499.   memset(cmd, '\0', BUF_SZ);
    500. 

  500.   cmd[0] = RPC_SOCKET;
    501. 

  501.   memcpy(&cmd[1], &rpc_st, sizeof(struct socket_st));
    502. 

  502. 

  503.   /* send command and get new fd */
    504. 

  504.   newfd = send_cmd(fdret_sock, cmd);
    505. 

  505.   if(newfd > 0)
    506. 

  506.   {
    507. 

  507.     dwr(MSG_DEBUG,"sending fd = %d to Service over (%d)\n", newfd, fdret_sock);
    508. 

  508.     /* send our local-fd number back to service so
    509. 

  509.      it can complete its mapping table entry */
    510. 

  510.     memset(cmd, '\0', BUF_SZ);
    511. 

  511.     cmd[0] = RPC_MAP;
    512. 

  512.     memcpy(&cmd[1], &newfd, sizeof(newfd));
    513. 

  513.   	/* send fd mapping and get confirmation */
    514. 

  514.   	err = send_cmd(fdret_sock, cmd);
    515. 

  515. 

  516. 	if(err > -1) {
    517. 

  517. 	  errno = ERR_OK;
    518. 

  518. 	  dwr(MSG_DEBUG, "RXd fd confirmation. Mapped!\n");
    519. 

  519.       return newfd; /* Mapping complete, everything is OK */
    520. 

  520.     }
    521. 

  521.     else{
    522. 

  522.     	dwr(MSG_DEBUG,"Error, service sent bad fd.\n");
    523. 

  523.     	return err; /* Mapping failed */
    524. 

  524.     }
    525. 

  525.   }
    526. 

  526.   else {
    527. 

  527.     dwr(MSG_DEBUG,"Error while receiving new fd.\n");
    528. 

  528.     return newfd;
    529. 

  529.   }
    530. 

  530. }
    531. 

  531. 

  532. /*------------------------------------------------------------------------------
    533. 

  533. ---------------------------------- connect() -----------------------------------
    534. 

  534. ------------------------------------------------------------------------------*/
    535. 

  535. 

  536. /* int __fd, const struct sockaddr * __addr, socklen_t __len
    537. 

  537.    connect() intercept function */
    538. 

  538. int connect(CONNECT_SIG)
    539. 

  539. {
    540. 

  540.   if(realconnect == NULL){
    541. 

  541.     dwr(MSG_ERROR, "connect(): SYMBOL NOT FOUND.\n");
    542. 

  542.     return -1;
    543. 

  543.   }
    544. 

  544.   dwr(MSG_DEBUG,"connect(%d):\n", __fd);
    545. 

  545.   /* print_addr(__addr); */
    546. 

  546.   struct sockaddr_in *connaddr;
    547. 

  547.   connaddr = (struct sockaddr_in *) __addr;
    548. 

  548. 

  549. #ifdef CHECKS
    550. 

  550.   /* Check that this is a valid fd */
    551. 

  551.   if(fcntl(__fd, F_GETFD) < 0) {
    552. 

  552.     errno = EBADF;
    553. 

  553.     handle_error("connect", "EBADF", -1);
    554. 

  554.     return -1;
    555. 

  555.   }
    556. 

  556.   /* Check that it is a socket */
    557. 

  557.   int sock_type;
    558. 

  558.   socklen_t sock_type_len = sizeof(sock_type);
    559. 

  559.   if(getsockopt(__fd, SOL_SOCKET, SO_TYPE, (void *) &sock_type, &sock_type_len) < 0) {
    560. 

  560.     errno = ENOTSOCK;
    561. 

  561.     handle_error("connect", "ENOTSOCK", -1);
    562. 

  562.     return -1;
    563. 

  563.   }
    564. 

  564.   /* Check family */
    565. 

  565.   if (connaddr->sin_family < 0 || connaddr->sin_family >= NPROTO){
    566. 

  566.     errno = EAFNOSUPPORT;
    567. 

  567.     handle_error("connect", "EAFNOSUPPORT", -1);
    568. 

  568.     return -1;
    569. 

  569.   }
    570. 

  570.   /* FIXME: Check that address is in user space, return EFAULT ? */
    571. 

  571. #endif
    572. 

  572. 

  573.   /* make sure we don't touch any standard outputs */
    574. 

  574.   if(__fd == STDIN_FILENO || __fd == STDOUT_FILENO || __fd == STDERR_FILENO){
    575. 

  575.     if (realconnect == NULL) {
    576. 

  576.       handle_error("connect", "Unresolved symbol [connect]", -1);
    577. 

  577.       exit(-1);
    578. 

  578.     }
    579. 

  579.     return(realconnect(__fd, __addr, __len));
    580. 

  580.   }
    581. 

  581. 

  582.   if(__addr != NULL && (connaddr->sin_family == AF_LOCAL
    583. 

  583.     || connaddr->sin_family == PF_NETLINK
    584. 

  584.     || connaddr->sin_family == AF_NETLINK
    585. 

  585.     || connaddr->sin_family == AF_UNIX)) {
    586. 

  586.     int err = realconnect(__fd, __addr, __len);
    587. 

  587.     perror("connect():");
    588. 

  588.     /* handle_error("connect", "Cannot connect to local socket", err); */
    589. 

  589.     return err;
    590. 

  590.   }
    591. 

  591. 

  592.   /* Assemble and send RPC */
    593. 

  593.   char cmd[BUF_SZ];
    594. 

  594.   memset(cmd, '\0', BUF_SZ);
    595. 

  595.   struct connect_st rpc_st;
    596. 

  596.   rpc_st.__tid = syscall(SYS_gettid);
    597. 

  597.   rpc_st.__fd = __fd;
    598. 

  598.   memcpy(&rpc_st.__addr, __addr, sizeof(struct sockaddr_storage));
    599. 

  599.   memcpy(&rpc_st.__len, &__len, sizeof(socklen_t));
    600. 

  600.   cmd[0] = RPC_CONNECT;
    601. 

  601.   memcpy(&cmd[1], &rpc_st, sizeof(struct connect_st));
    602. 

  602.   return send_cmd(fdret_sock, cmd);
    603. 

  603. }
    604. 

  604. 

  605. /*------------------------------------------------------------------------------
    606. 

  606. ------------------------------------ bind() ------------------------------------
    607. 

  607. ------------------------------------------------------------------------------*/
    608. 

  608. 

  609. /* int sockfd, const struct sockaddr *addr, socklen_t addrlen
    610. 

  610.    bind() intercept function */
    611. 

  611. int bind(BIND_SIG)
    612. 

  612. {
    613. 

  613.   if(realbind == NULL){
    614. 

  614.     dwr(MSG_ERROR, "bind(): SYMBOL NOT FOUND.\n");
    615. 

  615.     return -1;
    616. 

  616.   }
    617. 

  617.   dwr(MSG_DEBUG,"bind(%d):\n", sockfd);
    618. 

  618.   /* print_addr(addr); */
    619. 

  619. #ifdef CHECKS
    620. 

  620.   /* Check that this is a valid fd */
    621. 

  621.   if(fcntl(sockfd, F_GETFD) < 0) {
    622. 

  622.     errno = EBADF;
    623. 

  623.     handle_error("bind", "EBADF", -1);
    624. 

  624.     return -1;
    625. 

  625.   }
    626. 

  626.   /* Check that it is a socket */
    627. 

  627.   int opt = -1;
    628. 

  628.   socklen_t opt_len;
    629. 

  629.   if(getsockopt(sockfd, SOL_SOCKET, SO_TYPE, (void *) &opt, &opt_len) < 0) {
    630. 

  630.     errno = ENOTSOCK;
    631. 

  631.     handle_error("bind", "ENOTSOCK", -1);
    632. 

  632.     return -1;
    633. 

  633.   }
    634. 

  634. #endif
    635. 

  635. 

  636.   /* make sure we don't touch any standard outputs */
    637. 

  637.   if(sockfd == STDIN_FILENO || sockfd == STDOUT_FILENO || sockfd == STDERR_FILENO)
    638. 

  638.     return(realbind(sockfd, addr, addrlen));
    639. 

  639. 

  640.   /* If local, just use normal syscall */
    641. 

  641.   struct sockaddr_in *connaddr;
    642. 

  642.   connaddr = (struct sockaddr_in *)addr;
    643. 

  643. 

  644.   if(connaddr->sin_family == AF_LOCAL
    645. 

  645.     || connaddr->sin_family == AF_NETLINK
    646. 

  646.     || connaddr->sin_family == AF_UNIX) {
    647. 

  647.       int err = realbind(sockfd, addr, addrlen);
    648. 

  648.       dwr(MSG_DEBUG,"realbind, err = %d\n", err);
    649. 

  649.       return err;
    650. 

  650.   }
    651. 

  651. 

  652.   int port = connaddr->sin_port;
    653. 

  653.   int ip = connaddr->sin_addr.s_addr;
    654. 

  654.   unsigned char d[4];
    655. 

  655.   d[0] = ip & 0xFF;
    656. 

  656.   d[1] = (ip >>  8) & 0xFF;
    657. 

  657.   d[2] = (ip >> 16) & 0xFF;
    658. 

  658.   d[3] = (ip >> 24) & 0xFF;
    659. 

  659.   dwr(MSG_DEBUG, "bind(): %d.%d.%d.%d: %d\n", d[0],d[1],d[2],d[3], ntohs(port));
    660. 

  660. 

  661. 

  662.   /* Assemble and send RPC */
    663. 

  663.   char cmd[BUF_SZ];
    664. 

  664.   struct bind_st rpc_st;
    665. 

  665.   rpc_st.sockfd = sockfd;
    666. 

  666.   rpc_st.__tid = syscall(SYS_gettid);
    667. 

  667.   memcpy(&rpc_st.addr, addr, sizeof(struct sockaddr_storage));
    668. 

  668.   memcpy(&rpc_st.addrlen, &addrlen, sizeof(socklen_t));
    669. 

  669.   cmd[0]=RPC_BIND;
    670. 

  670.   memcpy(&cmd[1], &rpc_st, sizeof(struct bind_st));
    671. 

  671.   return send_cmd(fdret_sock, cmd);
    672. 

  672. }
    673. 

  673. 

  674. /*------------------------------------------------------------------------------
    675. 

  675. ----------------------------------- accept4() ----------------------------------
    676. 

  676. ------------------------------------------------------------------------------*/
    677. 

  677. 

  678. 

  679. /* int sockfd, struct sockaddr *addr, socklen_t *addrlen, int flags */
    680. 

  680. int accept4(ACCEPT4_SIG)
    681. 

  681. {
    682. 

  682.   if(realaccept4 == NULL){
    683. 

  683.     dwr(MSG_ERROR, "accept4(): SYMBOL NOT FOUND.\n");
    684. 

  684.     return -1;
    685. 

  685.   }
    686. 

  686.   dwr(MSG_DEBUG,"accept4(%d):\n", sockfd);
    687. 

  687. #ifdef CHECKS
    688. 

  688.   if (flags & ~(SOCK_CLOEXEC | SOCK_NONBLOCK)) {
    689. 

  689.     errno = EINVAL;
    690. 

  690.     return -1;
    691. 

  691.   }
    692. 

  692. #endif
    693. 

  693.   int newfd = accept(sockfd, addr, addrlen);
    694. 

  694.   if(newfd > 0) {
    695. 

  695.     if(flags & SOCK_CLOEXEC)
    696. 

  696.       fcntl(newfd, F_SETFL, FD_CLOEXEC);
    697. 

  697.     if(flags & SOCK_NONBLOCK)
    698. 

  698.       fcntl(newfd, F_SETFL, O_NONBLOCK);
    699. 

  699.   }
    700. 

  700.   handle_error("accept4", "", newfd);
    701. 

  701.   return newfd;
    702. 

  702. }
    703. 

  703. 

  704. /*------------------------------------------------------------------------------
    705. 

  705. ----------------------------------- accept() -----------------------------------
    706. 

  706. ------------------------------------------------------------------------------*/
    707. 

  707. 

  708. /* int sockfd struct sockaddr *addr, socklen_t *addrlen
    709. 

  709.    accept() intercept function */
    710. 

  710. int accept(ACCEPT_SIG)
    711. 

  711. {
    712. 

  712.   if(realaccept == NULL){
    713. 

  713.     dwr(MSG_ERROR, "accept(): SYMBOL NOT FOUND.\n");
    714. 

  714.     return -1;
    715. 

  715.   }
    716. 

  716.   dwr(MSG_DEBUG,"accept(%d):\n", sockfd);
    717. 

  717. #ifdef CHECKS
    718. 

  718.   /* Check that this is a valid fd */
    719. 

  719.   if(fcntl(sockfd, F_GETFD) < 0) {
    720. 

  720.     return -1;
    721. 

  721.     errno = EBADF;
    722. 

  722.     dwr(MSG_DEBUG,"EBADF\n");
    723. 

  723.     handle_error("accept", "EBADF", -1);
    724. 

  724.     return -1;
    725. 

  725.   }
    726. 

  726.   /* Check that it is a socket */
    727. 

  727.   int opt;
    728. 

  728.   socklen_t opt_len;
    729. 

  729.   if(getsockopt(sockfd, SOL_SOCKET, SO_TYPE, (void *) &opt, &opt_len) < 0) {
    730. 

  730.     errno = ENOTSOCK;
    731. 

  731.     dwr(MSG_DEBUG,"ENOTSOCK\n");
    732. 

  732.     handle_error("accept", "ENOTSOCK", -1);
    733. 

  733.     return -1;
    734. 

  734.   }
    735. 

  735.   /* Check that this socket supports accept() */
    736. 

  736.   if(!(opt && (SOCK_STREAM | SOCK_SEQPACKET))) {
    737. 

  737.     errno = EOPNOTSUPP;
    738. 

  738.     dwr(MSG_DEBUG,"EOPNOTSUPP\n");
    739. 

  739.     handle_error("accept", "EOPNOTSUPP", -1);
    740. 

  740.     return -1;
    741. 

  741.   }
    742. 

  742.   /* Check that we haven't hit the soft-limit file descriptors allowed */
    743. 

  743.   struct rlimit rl;
    744. 

  744.   getrlimit(RLIMIT_NOFILE, &rl);
    745. 

  745.   if(sockfd >= rl.rlim_cur){
    746. 

  746.     errno = EMFILE;
    747. 

  747.     dwr(MSG_DEBUG,"EMFILE\n");
    748. 

  748.     handle_error("accept", "EMFILE", -1);
    749. 

  749.     return -1;
    750. 

  750.   }
    751. 

  751.   /* Check address length */
    752. 

  752.   if(addrlen < 0) {
    753. 

  753.     errno = EINVAL;
    754. 

  754.     dwr(MSG_DEBUG,"EINVAL\n");
    755. 

  755.     handle_error("accept", "EINVAL", -1);
    756. 

  756.     return -1;
    757. 

  757.   }
    758. 

  758. #endif
    759. 

  759. 

  760.   /* redirect calls for standard I/O descriptors to kernel */
    761. 

  761.   if(sockfd == STDIN_FILENO || sockfd == STDOUT_FILENO || sockfd == STDERR_FILENO){
    762. 

  762.     dwr(MSG_DEBUG,"realaccept():\n");
    763. 

  763.     return(realaccept(sockfd, addr, addrlen));
    764. 

  764.   }
    765. 

  765. 

  766.   if(addr)
    767. 

  767.     addr->sa_family = AF_INET;
    768. 

  768.     /* TODO: also get address info */
    769. 

  769. 

  770.   char cmd[BUF_SZ];
    771. 

  771. 

  772.   /* The following line is required for libuv/nodejs to accept connections properly,
    773. 

  773.   however, this has the side effect of causing certain webservers to max out the CPU
    774. 

  774.   in an accept loop */
    775. 

  775.   fcntl(sockfd, F_SETFL, SOCK_NONBLOCK);
    776. 

  776.   int new_conn_socket = get_new_fd(sockfd);
    777. 

  777. 

  778.   if(new_conn_socket > 0)
    779. 

  779.   {
    780. 

  780.     dwr(MSG_DEBUG, "accept(): RX: fd = (%d) over (%d)\n", new_conn_socket, fdret_sock);
    781. 

  781.     /* Send our local-fd number back to service so it can complete its mapping table */
    782. 

  782.     memset(cmd, '\0', BUF_SZ);
    783. 

  783.     cmd[0] = RPC_MAP;
    784. 

  784.     memcpy(&cmd[1], &new_conn_socket, sizeof(new_conn_socket));
    785. 

  785. 

  786.     dwr(MSG_DEBUG, "accept(): sending perceived fd (%d) to service.\n", new_conn_socket);
    787. 

  787.     send_cmd(fdret_sock, cmd);
    788. 

  788.     /*
    789. 

  789.     if(n_write < 0) {
    790. 

  790.       errno = ECONNABORTED;
    791. 

  791.       handle_error("accept", "ECONNABORTED - Error sending perceived FD to service", -1);
    792. 

  792.       return -1;
    793. 

  793.     }
    794. 

  794.     */
    795. 

  795.     errno = ERR_OK;
    796. 

  796.     dwr(MSG_DEBUG,"accept()=%d\n", new_conn_socket);
    797. 

  797.     return new_conn_socket; /* OK */
    798. 

  798.   }
    799. 

  799.   errno = EAGAIN; /* necessary? */
    800. 

  800.   handle_error("accept", "EAGAIN - Error reading signal byte from service", -1);
    801. 

  801.   return -EAGAIN;
    802. 

  802. }
    803. 

  803. 

  804. 

  805. /*------------------------------------------------------------------------------
    806. 

  806. ------------------------------------- listen()----------------------------------
    807. 

  807. ------------------------------------------------------------------------------*/
    808. 

  808. 

  809. /* int sockfd, int backlog */
    810. 

  810. int listen(LISTEN_SIG)
    811. 

  811. {
    812. 

  812.   if(reallisten == NULL){
    813. 

  813.     dwr(MSG_ERROR, "listen(): SYMBOL NOT FOUND.\n");
    814. 

  814.     return -1;
    815. 

  815.   }
    816. 

  816.   dwr(MSG_DEBUG,"listen(%d):\n", sockfd);
    817. 

  817.   int sock_type;
    818. 

  818.   socklen_t sock_type_len = sizeof(sock_type);
    819. 

  819. 

  820.   #ifdef CHECKS
    821. 

  821.   /* Check that this is a valid fd */
    822. 

  822.   if(fcntl(sockfd, F_GETFD) < 0) {
    823. 

  823.     errno = EBADF;
    824. 

  824.     handle_error("listen", "EBADF", -1);
    825. 

  825.     return -1;
    826. 

  826.   }
    827. 

  827.   /* Check that it is a socket */
    828. 

  828.   if(getsockopt(sockfd, SOL_SOCKET, SO_TYPE, (void *) &sock_type, &sock_type_len) < 0) {
    829. 

  829.     errno = ENOTSOCK;
    830. 

  830.     handle_error("listen", "ENOTSOCK", -1);
    831. 

  831.     return -1;
    832. 

  832.   }
    833. 

  833.   /* Check that this socket supports accept() */
    834. 

  834.   if(!(sock_type && (SOCK_STREAM | SOCK_SEQPACKET))) {
    835. 

  835.     errno = EOPNOTSUPP;
    836. 

  836.     handle_error("listen", "EOPNOTSUPP", -1);
    837. 

  837.     return -1;
    838. 

  838.   }
    839. 

  839.   #endif
    840. 

  840. 

  841.   /* make sure we don't touch any standard outputs */
    842. 

  842.   if(sockfd == STDIN_FILENO || sockfd == STDOUT_FILENO || sockfd == STDERR_FILENO)
    843. 

  843.     return(reallisten(sockfd, backlog));
    844. 

  844. 

  845.   if(is_mapped_to_service(sockfd) < 0) {
    846. 

  846.     /* We now know this socket is not one of our socketpairs */
    847. 

  847.     int err = reallisten(sockfd, backlog);
    848. 

  848.     dwr(MSG_DEBUG,"reallisten()=%d\n", err);
    849. 

  849.     return err;
    850. 

  850.   }
    851. 

  851. 

  852.   /* Assemble and send RPC */
    853. 

  853.   char cmd[BUF_SZ];
    854. 

  854.   memset(cmd, '\0', BUF_SZ);
    855. 

  855.   struct listen_st rpc_st;
    856. 

  856.   rpc_st.sockfd = sockfd;
    857. 

  857.   rpc_st.backlog = backlog;
    858. 

  858.   rpc_st.__tid = syscall(SYS_gettid);
    859. 

  859.   cmd[0] = RPC_LISTEN;
    860. 

  860.   memcpy(&cmd[1], &rpc_st, sizeof(struct listen_st));
    861. 

  861.   return send_cmd(fdret_sock, cmd);
    862. 

  862. }
    863. 

  863. 

  864. /*------------------------------------------------------------------------------
    865. 

  865. -------------------------------------- clone() ---------------------------------
    866. 

  866. ------------------------------------------------------------------------------*/
    867. 

  867. 

  868. /* int (*fn)(void *), void *child_stack, int flags, void *arg, ... */
    869. 

  869. int clone(CLONE_SIG)
    870. 

  870. {
    871. 

  871.   if(realclone == NULL){
    872. 

  872.     dwr(MSG_ERROR, "clone(): SYMBOL NOT FOUND.\n");
    873. 

  873.     return -1;
    874. 

  874.   }
    875. 

  875.   dwr(MSG_DEBUG,"clone()\n");
    876. 

  876.   int err = realclone(fn, child_stack, flags, arg);
    877. 

  877.   checkpid();
    878. 

  878.   return err;
    879. 

  879. }
    880. 

  880. 

  881. /*------------------------------------------------------------------------------
    882. 

  882. ------------------------------------- close() ----------------------------------
    883. 

  883. ------------------------------------------------------------------------------*/
    884. 

  884. 

  885. /* int fd */
    886. 

  886. int close(CLOSE_SIG)
    887. 

  887. {
    888. 

  888.   dwr(MSG_DEBUG, "close(%d)\n", fd);
    889. 

  889.   if(realclose == NULL){
    890. 

  890.     checkpid(); // Add for nginx support, remove for apache support.
    891. 

  891.     dwr(MSG_ERROR, "close(%d): SYMBOL NOT FOUND.\n", fd);
    892. 

  892.     return -1;
    893. 

  893.   }
    894. 

  894.   if(fd == fdret_sock)
    895. 

  895.     return -1; /* TODO: Ignore request to shut down our rpc fd, this is *almost always* safe */
    896. 

  896.   if(fd != STDIN_FILENO && fd != STDOUT_FILENO && fd != STDERR_FILENO)
    897. 

  897.     return realclose(fd);
    898. 

  898.   return -1;
    899. 

  899. }
    900. 

  900. 

  901. /*------------------------------------------------------------------------------
    902. 

  902. -------------------------------------- dup2() ----------------------------------
    903. 

  903. ------------------------------------------------------------------------------*/
    904. 

  904. 

  905. /* int oldfd, int newfd */
    906. 

  906. int dup2(DUP2_SIG)
    907. 

  907. {
    908. 

  908.   if(realdup2 == NULL){
    909. 

  909.     dwr(MSG_ERROR, "dup2(): SYMBOL NOT FOUND.\n");
    910. 

  910.     return -1;
    911. 

  911.   }
    912. 

  912.   dwr(MSG_DEBUG,"dup2(%d, %d)\n", oldfd, newfd);
    913. 

  913.     if(oldfd == fdret_sock) {
    914. 

  914.     dwr(MSG_DEBUG,"client application attempted to dup2 RPC socket (%d). This is not allowed.\n", oldfd);
    915. 

  915.     errno = EBADF;
    916. 

  916.     return -1;
    917. 

  917.   }
    918. 

  918.   //if(oldfd != STDIN_FILENO && oldfd != STDOUT_FILENO && oldfd != STDERR_FILENO)
    919. 

  919.   //  if(newfd != STDIN_FILENO && newfd != STDOUT_FILENO && newfd != STDERR_FILENO)
    920. 

  920.       return realdup2(oldfd, newfd);
    921. 

  921.   return -1;
    922. 

  922. }
    923. 

  923. 

  924. /*------------------------------------------------------------------------------
    925. 

  925. -------------------------------------- dup3() ----------------------------------
    926. 

  926. ------------------------------------------------------------------------------*/
    927. 

  927. 

  928. /* int oldfd, int newfd, int flags */
    929. 

  929. int dup3(DUP3_SIG)
    930. 

  930. {
    931. 

  931.   if(realdup3 == NULL){
    932. 

  932.     dwr(MSG_ERROR, "dup3(): SYMBOL NOT FOUND.\n");
    933. 

  933.     return -1;
    934. 

  934.   }
    935. 

  935.   dwr(MSG_DEBUG,"dup3(%d, %d, %d)\n", oldfd, newfd, flags);
    936. 

  936. #ifdef DEBUG
    937. 

  937.   /* Only do this check if we want to debug the intercept, otherwise, dont mess with
    938. 

  938.    the client application's logging methods */
    939. 

  939.   if(newfd == STDIN_FILENO || newfd == STDOUT_FILENO || newfd == STDERR_FILENO)
    940. 

  940.     return newfd; /* FIXME: This is to prevent httpd from dup'ing over our stderr
    941. 

  941.                    and preventing us from debugging */
    942. 

  942.   else
    943. 

  943. #endif
    944. 

  944.   return realdup3(oldfd, newfd, flags);
    945. 

  945. }
    946. 

  946. 

  947. /*------------------------------------------------------------------------------
    948. 

  948. -------------------------------- getsockname() ---------------------------------
    949. 

  949. ------------------------------------------------------------------------------*/
    950. 

  950. 

  951. /* define GETSOCKNAME_SIG int sockfd, struct sockaddr *addr, socklen_t *addrlen */
    952. 

  952. int getsockname(GETSOCKNAME_SIG)
    953. 

  953. {
    954. 

  954.   if (realgetsockname == NULL) {
    955. 

  955.     dwr(MSG_ERROR, "getsockname(): SYMBOL NOT FOUND. \n");
    956. 

  956.     return -1;
    957. 

  957.   }
    958. 

  958.   dwr(MSG_DEBUG, "getsockname(%d)\n", sockfd);
    959. 

  959.   if(!is_mapped_to_service(sockfd))
    960. 

  960.     return realgetsockname(sockfd, addr, addrlen); 
    961. 

  961. 

  962.   /* This is kind of a hack as it stands -- assumes sockaddr is sockaddr_in
    963. 

  963.    * and is an IPv4 address. */
    964. 

  964. 

  965.   /* assemble and send command */
    966. 

  966.   char cmd[BUF_SZ];
    967. 

  967.   struct getsockname_st rpc_st;
    968. 

  968.   rpc_st.sockfd = sockfd;
    969. 

  969.   memcpy(&rpc_st.addr, addr, *addrlen);
    970. 

  970.   memcpy(&rpc_st.addrlen, &addrlen, sizeof(socklen_t));
    971. 

  971.   cmd[0] = RPC_GETSOCKNAME;
    972. 

  972.   memcpy(&cmd[1], &rpc_st, sizeof(struct getsockname_st));
    973. 

  973.   send_cmd(fdret_sock, cmd);
    974. 

  974. 

  975.   /* read address info from service */
    976. 

  976.   char addrbuf[sizeof(struct sockaddr_storage)];
    977. 

  977.   memset(&addrbuf, 0, sizeof(struct sockaddr_storage));
    978. 

  978.   read(fdret_sock, &addrbuf, sizeof(struct sockaddr_storage));
    979. 

  979.   struct sockaddr_storage sock_storage;
    980. 

  980.   memcpy(&sock_storage, addrbuf, sizeof(struct sockaddr_storage));
    981. 

  981.   *addrlen = sizeof(struct sockaddr_in);
    982. 

  982.   memcpy(addr, &sock_storage, (*addrlen > sizeof(sock_storage)) ? sizeof(sock_storage) : *addrlen);
    983. 

  983.   addr->sa_family = AF_INET;
    984. 

  984.   return 0;
    985. 

  985. }
    986. 

  986. 

  987. /*------------------------------------------------------------------------------
    988. 

  988. ------------------------------------ syscall() ---------------------------------
    989. 

  989. ------------------------------------------------------------------------------*/
    990. 

  990. 

  991. long syscall(SYSCALL_SIG){
    992. 

  992.   if(realsyscall == NULL){
    993. 

  993.     dwr(MSG_ERROR, "syscall(): SYMBOL NOT FOUND.\n");
    994. 

  994.     return -1;
    995. 

  995.   }
    996. 

  996.   //dwr(MSG_DEBUG_EXTRA,"syscall(%u, ...):\n", number);
    997. 

  997. 

  998.   va_list ap;
    999. 

  999.   uintptr_t a,b,c,d,e,f;
    1000. 

  1000.   va_start(ap, number);
    1001. 

  1001.   a=va_arg(ap, uintptr_t);
    1002. 

  1002.   b=va_arg(ap, uintptr_t);
    1003. 

  1003.   c=va_arg(ap, uintptr_t);
    1004. 

  1004.   d=va_arg(ap, uintptr_t);
    1005. 

  1005.   e=va_arg(ap, uintptr_t);
    1006. 

  1006.   f=va_arg(ap, uintptr_t);
    1007. 

  1007.   va_end(ap);
    1008. 

  1008. 

  1009. #if defined(__i386__)
    1010. 

  1010.   /* TODO: Implement for 32-bit systems: syscall(__NR_socketcall, 18, args);
    1011. 

  1011.   args[0] = (unsigned long) fd;
    1012. 

  1012.   args[1] = (unsigned long) addr;
    1013. 

  1013.   args[2] = (unsigned long) addrlen;
    1014. 

  1014.   args[3] = (unsigned long) flags;
    1015. 

  1015.   */
    1016. 

  1016. #else
    1017. 

  1017.   if(number == __NR_accept4) {
    1018. 

  1018.     int sockfd = a;
    1019. 

  1019.     struct sockaddr * addr = (struct sockaddr*)b;
    1020. 

  1020.     socklen_t * addrlen = (socklen_t*)c;
    1021. 

  1021.     int flags = d;
    1022. 

  1022.     int old_errno = errno;
    1023. 

  1023.     int err = accept4(sockfd, addr, addrlen, flags);
    1024. 

  1024. 

  1025.     errno = old_errno;
    1026. 

  1026.     if(err == -EBADF)
    1027. 

  1027.       err = -EAGAIN;
    1028. 

  1028.     return err;
    1029. 

  1029.   }
    1030. 

  1030. #endif
    1031. 

  1031.   return realsyscall(number,a,b,c,d,e,f);
    1032. 

  1032. }
    1033.