ipc_listener.cpp 8.79 KB
Newer Older
1
/*
2
    Copyright (c) 2007-2015 Contributors as noted in the AUTHORS file
3

4
    This file is part of libzmq, the ZeroMQ core engine in C++.
5

6 7 8
    libzmq is free software; you can redistribute it and/or modify it under
    the terms of the GNU Lesser General Public License (LGPL) as published
    by the Free Software Foundation; either version 3 of the License, or
9 10
    (at your option) any later version.

11 12 13 14 15 16 17 18 19 20 21 22 23 24
    As a special exception, the Contributors give you permission to link
    this library with independent modules to produce an executable,
    regardless of the license terms of these independent modules, and to
    copy and distribute the resulting executable under terms of your choice,
    provided that you also meet, for each linked independent module, the
    terms and conditions of the license of that module. An independent
    module is a module which is not derived from or based on this library.
    If you modify this library, you must extend this exception to your
    version of the library.

    libzmq is distributed in the hope that it will be useful, but WITHOUT
    ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
    FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
    License for more details.
25 26 27 28 29

    You should have received a copy of the GNU Lesser General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

30 31 32 33
#include "ipc_listener.hpp"

#if !defined ZMQ_HAVE_WINDOWS && !defined ZMQ_HAVE_OPENVMS

34 35 36 37
#include <new>

#include <string.h>

38
#include "stream_engine.hpp"
39
#include "ipc_address.hpp"
40
#include "io_thread.hpp"
41
#include "session_base.hpp"
42 43
#include "config.hpp"
#include "err.hpp"
44
#include "ip.hpp"
45
#include "socket_base.hpp"
46 47 48 49 50 51

#include <unistd.h>
#include <sys/socket.h>
#include <fcntl.h>
#include <sys/un.h>

52 53 54 55 56 57
#if defined ZMQ_HAVE_SO_PEERCRED || defined ZMQ_HAVE_LOCAL_PEERCRED
#   include <sys/types.h>
#endif
#ifdef ZMQ_HAVE_SO_PEERCRED
#   include <pwd.h>
#   include <grp.h>
58 59 60
#   if defined ZMQ_HAVE_OPENBSD
#       define ucred sockpeercred
#   endif
61 62
#endif

63 64 65 66 67 68 69 70 71 72 73 74
zmq::ipc_listener_t::ipc_listener_t (io_thread_t *io_thread_,
      socket_base_t *socket_, const options_t &options_) :
    own_t (io_thread_, options_),
    io_object_t (io_thread_),
    has_file (false),
    s (retired_fd),
    socket (socket_)
{
}

zmq::ipc_listener_t::~ipc_listener_t ()
{
75
    zmq_assert (s == retired_fd);
76 77 78 79 80 81 82 83 84 85 86 87
}

void zmq::ipc_listener_t::process_plug ()
{
    //  Start polling for incoming connections.
    handle = add_fd (s);
    set_pollin (handle);
}

void zmq::ipc_listener_t::process_term (int linger_)
{
    rm_fd (handle);
88
    close ();
89 90 91 92 93 94 95 96 97
    own_t::process_term (linger_);
}

void zmq::ipc_listener_t::in_event ()
{
    fd_t fd = accept ();

    //  If connection was reset by the peer in the meantime, just ignore it.
    //  TODO: Handle specific errors like ENFILE/EMFILE etc.
98
    if (fd == retired_fd) {
99
        socket->event_accept_failed (endpoint, zmq_errno());
100
        return;
101
    }
102 103

    //  Create the engine object for this connection.
104
    stream_engine_t *engine = new (std::nothrow)
105
        stream_engine_t (fd, options, endpoint);
106 107 108 109 110 111 112 113
    alloc_assert (engine);

    //  Choose I/O thread to run connecter in. Given that we are already
    //  running in an I/O thread, there must be at least one available.
    io_thread_t *io_thread = choose_io_thread (options.affinity);
    zmq_assert (io_thread);

    //  Create and launch a session object. 
114
    session_base_t *session = session_base_t::create (io_thread, false, socket,
115
        options, NULL);
116
    errno_assert (session);
117 118 119
    session->inc_seqnum ();
    launch_child (session);
    send_attach (session, engine, false);
120
    socket->event_accepted (endpoint, fd);
121 122
}

123
int zmq::ipc_listener_t::get_address (std::string &addr_)
124
{
125
    struct sockaddr_storage ss;
AJ Lewis's avatar
AJ Lewis committed
126 127 128
#ifdef ZMQ_HAVE_HPUX
    int sl = sizeof (ss);
#else
129
    socklen_t sl = sizeof (ss);
AJ Lewis's avatar
AJ Lewis committed
130
#endif
131
    int rc = getsockname (s, (sockaddr *) &ss, &sl);
132
    if (rc != 0) {
133
        addr_.clear ();
134
        return rc;
135
    }
Mikko Koppanen's avatar
Mikko Koppanen committed
136

137 138
    ipc_address_t addr ((struct sockaddr *) &ss, sl);
    return addr.to_string (addr_);
139 140
}

141
int zmq::ipc_listener_t::set_address (const char *addr_)
142
{
143 144 145 146
    //  Create addr on stack for auto-cleanup
    std::string addr (addr_);

    //  Allow wildcard file
147 148
    if (addr [0] == '*') {
        char buffer [12] = "2134XXXXXX";
149 150
        int fd = mkstemp (buffer);
        if (fd == -1)
151 152
            return -1;
        addr.assign (buffer);
153
        ::close (fd);
154
    }
155

156 157
    //  Get rid of the file associated with the UNIX domain socket that
    //  may have been left behind by the previous run of the application.
158
    ::unlink (addr.c_str());
159
    filename.clear ();
160

161 162
    //  Initialise the address structure.
    ipc_address_t address;
163
    int rc = address.resolve (addr.c_str());
164
    if (rc != 0)
165
        return -1;
166 167

    //  Create a listening socket.
168
    s = open_socket (AF_UNIX, SOCK_STREAM, 0);
169
    if (s == -1)
170 171
        return -1;

172 173
    address.to_string (endpoint);

174
    //  Bind the socket to the file path.
175
    rc = bind (s, address.addr (), address.addrlen ());
176
    if (rc != 0)
177
        goto error;
178

179
    filename.assign (addr.c_str());
180
    has_file = true;
181

182
    //  Listen for incoming connections.
183
    rc = listen (s, options.backlog);
184
    if (rc != 0)
185
        goto error;
186

187
    socket->event_listening (endpoint, s);
188
    return 0;
189 190 191 192 193 194

error:
    int err = errno;
    close ();
    errno = err;
    return -1;
195 196 197 198 199 200
}

int zmq::ipc_listener_t::close ()
{
    zmq_assert (s != retired_fd);
    int rc = ::close (s);
201
    errno_assert (rc == 0);
202

203 204
    s = retired_fd;

205 206
    //  If there's an underlying UNIX domain socket, get rid of the file it
    //  is associated with.
207 208
    if (has_file && !filename.empty ()) {
        rc = ::unlink(filename.c_str ());
209
        if (rc != 0) {
210
            socket->event_close_failed (endpoint, zmq_errno());
211
            return -1;
212
        }
213 214
    }

215
    socket->event_closed (endpoint, s);
216 217 218
    return 0;
}

219 220 221 222 223 224 225 226 227 228 229 230 231 232 233
#if defined ZMQ_HAVE_SO_PEERCRED

bool zmq::ipc_listener_t::filter (fd_t sock)
{
    if (options.ipc_uid_accept_filters.empty () &&
        options.ipc_pid_accept_filters.empty () &&
        options.ipc_gid_accept_filters.empty ())
        return true;

    struct ucred cred;
    socklen_t size = sizeof (cred);

    if (getsockopt (sock, SOL_SOCKET, SO_PEERCRED, &cred, &size))
        return false;
    if (options.ipc_uid_accept_filters.find (cred.uid) != options.ipc_uid_accept_filters.end () ||
234
            options.ipc_gid_accept_filters.find (cred.gid) != options.ipc_gid_accept_filters.end () ||
235 236 237 238 239 240 241 242 243 244 245 246
            options.ipc_pid_accept_filters.find (cred.pid) != options.ipc_pid_accept_filters.end ())
        return true;

    struct passwd *pw;
    struct group *gr;

    if (!(pw = getpwuid (cred.uid)))
        return false;
    for (options_t::ipc_gid_accept_filters_t::const_iterator it = options.ipc_gid_accept_filters.begin ();
            it != options.ipc_gid_accept_filters.end (); it++) {
        if (!(gr = getgrgid (*it)))
            continue;
247
        for (char **mem = gr->gr_mem; *mem; mem++) {
248 249
            if (!strcmp (*mem, pw->pw_name))
                return true;
250
        }
251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281
    }
    return false;
}

#elif defined ZMQ_HAVE_LOCAL_PEERCRED

bool zmq::ipc_listener_t::filter (fd_t sock)
{
    if (options.ipc_uid_accept_filters.empty () &&
        options.ipc_gid_accept_filters.empty ())
        return true;

    struct xucred cred;
    socklen_t size = sizeof (cred);

    if (getsockopt (sock, 0, LOCAL_PEERCRED, &cred, &size))
        return false;
    if (cred.cr_version != XUCRED_VERSION)
        return false;
    if (options.ipc_uid_accept_filters.find (cred.cr_uid) != options.ipc_uid_accept_filters.end ())
        return true;
    for (int i = 0; i < cred.cr_ngroups; i++) {
        if (options.ipc_gid_accept_filters.find (cred.cr_groups[i]) != options.ipc_gid_accept_filters.end ())
            return true;
    }

    return false;
}

#endif

282 283
zmq::fd_t zmq::ipc_listener_t::accept ()
{
284
    //  Accept one connection and deal with different failure modes.
285 286
    //  The situation where connection cannot be accepted due to insufficient
    //  resources is considered valid and treated by ignoring the connection.
287 288
    zmq_assert (s != retired_fd);
    fd_t sock = ::accept (s, NULL, NULL);
289 290
    if (sock == -1) {
        errno_assert (errno == EAGAIN || errno == EWOULDBLOCK ||
291
            errno == EINTR || errno == ECONNABORTED || errno == EPROTO ||
292
            errno == ENFILE);
293
        return retired_fd;
294
    }
295

296 297 298 299 300 301 302
    //  Race condition can cause socket not to be closed (if fork happens
    //  between accept and this point).
#ifdef FD_CLOEXEC
    int rc = fcntl (sock, F_SETFD, FD_CLOEXEC);
    errno_assert (rc != -1);
#endif

303 304 305 306 307 308 309 310 311
    // IPC accept() filters
#if defined ZMQ_HAVE_SO_PEERCRED || defined ZMQ_HAVE_LOCAL_PEERCRED
    if (!filter (sock)) {
        int rc = ::close (sock);
        errno_assert (rc == 0);
        return retired_fd;
    }
#endif

312 313 314 315
    return sock;
}

#endif