1 // SPDX-License-Identifier: GPL-2.0 2 /* nettest - used for functional tests of networking APIs 3 * 4 * Copyright (c) 2013-2019 David Ahern <dsahern@gmail.com>. All rights reserved. 5 */ 6 7 #define _GNU_SOURCE 8 #include <features.h> 9 #include <sys/types.h> 10 #include <sys/ioctl.h> 11 #include <sys/socket.h> 12 #include <sys/wait.h> 13 #include <linux/tcp.h> 14 #include <linux/udp.h> 15 #include <arpa/inet.h> 16 #include <net/if.h> 17 #include <netinet/in.h> 18 #include <netinet/ip.h> 19 #include <netdb.h> 20 #include <fcntl.h> 21 #include <libgen.h> 22 #include <limits.h> 23 #include <sched.h> 24 #include <stdarg.h> 25 #include <stdio.h> 26 #include <stdlib.h> 27 #include <string.h> 28 #include <unistd.h> 29 #include <time.h> 30 #include <errno.h> 31 #include <getopt.h> 32 33 #include <linux/xfrm.h> 34 #include <linux/ipsec.h> 35 #include <linux/pfkeyv2.h> 36 37 #ifndef IPV6_UNICAST_IF 38 #define IPV6_UNICAST_IF 76 39 #endif 40 #ifndef IPV6_MULTICAST_IF 41 #define IPV6_MULTICAST_IF 17 42 #endif 43 44 #define DEFAULT_PORT 12345 45 46 #define NS_PREFIX "/run/netns/" 47 48 #ifndef MAX 49 #define MAX(a, b) ((a) > (b) ? (a) : (b)) 50 #endif 51 #ifndef MIN 52 #define MIN(a, b) ((a) < (b) ? (a) : (b)) 53 #endif 54 55 struct sock_args { 56 /* local address */ 57 const char *local_addr_str; 58 const char *client_local_addr_str; 59 union { 60 struct in_addr in; 61 struct in6_addr in6; 62 } local_addr; 63 64 /* remote address */ 65 const char *remote_addr_str; 66 union { 67 struct in_addr in; 68 struct in6_addr in6; 69 } remote_addr; 70 int scope_id; /* remote scope; v6 send only */ 71 72 struct in_addr grp; /* multicast group */ 73 74 unsigned int has_local_ip:1, 75 has_remote_ip:1, 76 has_grp:1, 77 has_expected_laddr:1, 78 has_expected_raddr:1, 79 bind_test_only:1; 80 81 unsigned short port; 82 83 int type; /* DGRAM, STREAM, RAW */ 84 int protocol; 85 int version; /* AF_INET/AF_INET6 */ 86 87 int use_setsockopt; 88 int use_cmsg; 89 const char *dev; 90 const char *server_dev; 91 int ifindex; 92 93 const char *clientns; 94 const char *serverns; 95 96 const char *password; 97 const char *client_pw; 98 /* prefix for MD5 password */ 99 const char *md5_prefix_str; 100 union { 101 struct sockaddr_in v4; 102 struct sockaddr_in6 v6; 103 } md5_prefix; 104 unsigned int prefix_len; 105 /* 0: default, -1: force off, +1: force on */ 106 int bind_key_ifindex; 107 108 /* expected addresses and device index for connection */ 109 const char *expected_dev; 110 const char *expected_server_dev; 111 int expected_ifindex; 112 113 /* local address */ 114 const char *expected_laddr_str; 115 union { 116 struct in_addr in; 117 struct in6_addr in6; 118 } expected_laddr; 119 120 /* remote address */ 121 const char *expected_raddr_str; 122 union { 123 struct in_addr in; 124 struct in6_addr in6; 125 } expected_raddr; 126 127 /* ESP in UDP encap test */ 128 int use_xfrm; 129 }; 130 131 static int server_mode; 132 static unsigned int prog_timeout = 5; 133 static unsigned int interactive; 134 static int iter = 1; 135 static char *msg = "Hello world!"; 136 static int msglen; 137 static int quiet; 138 static int try_broadcast = 1; 139 140 static char *timestamp(char *timebuf, int buflen) 141 { 142 time_t now; 143 144 now = time(NULL); 145 if (strftime(timebuf, buflen, "%T", localtime(&now)) == 0) { 146 memset(timebuf, 0, buflen); 147 strncpy(timebuf, "00:00:00", buflen-1); 148 } 149 150 return timebuf; 151 } 152 153 static void log_msg(const char *format, ...) 154 { 155 char timebuf[64]; 156 va_list args; 157 158 if (quiet) 159 return; 160 161 fprintf(stdout, "%s %s:", 162 timestamp(timebuf, sizeof(timebuf)), 163 server_mode ? "server" : "client"); 164 va_start(args, format); 165 vfprintf(stdout, format, args); 166 va_end(args); 167 168 fflush(stdout); 169 } 170 171 static void log_error(const char *format, ...) 172 { 173 char timebuf[64]; 174 va_list args; 175 176 if (quiet) 177 return; 178 179 fprintf(stderr, "%s %s:", 180 timestamp(timebuf, sizeof(timebuf)), 181 server_mode ? "server" : "client"); 182 va_start(args, format); 183 vfprintf(stderr, format, args); 184 va_end(args); 185 186 fflush(stderr); 187 } 188 189 static void log_err_errno(const char *fmt, ...) 190 { 191 char timebuf[64]; 192 va_list args; 193 194 if (quiet) 195 return; 196 197 fprintf(stderr, "%s %s: ", 198 timestamp(timebuf, sizeof(timebuf)), 199 server_mode ? "server" : "client"); 200 va_start(args, fmt); 201 vfprintf(stderr, fmt, args); 202 va_end(args); 203 204 fprintf(stderr, ": %d: %s\n", errno, strerror(errno)); 205 fflush(stderr); 206 } 207 208 static void log_address(const char *desc, struct sockaddr *sa) 209 { 210 char addrstr[64]; 211 212 if (quiet) 213 return; 214 215 if (sa->sa_family == AF_INET) { 216 struct sockaddr_in *s = (struct sockaddr_in *) sa; 217 218 log_msg("%s %s:%d\n", 219 desc, 220 inet_ntop(AF_INET, &s->sin_addr, addrstr, 221 sizeof(addrstr)), 222 ntohs(s->sin_port)); 223 224 } else if (sa->sa_family == AF_INET6) { 225 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa; 226 227 log_msg("%s [%s]:%d\n", 228 desc, 229 inet_ntop(AF_INET6, &s6->sin6_addr, addrstr, 230 sizeof(addrstr)), 231 ntohs(s6->sin6_port)); 232 } 233 234 fflush(stdout); 235 } 236 237 static int switch_ns(const char *ns) 238 { 239 char path[PATH_MAX]; 240 int fd, ret; 241 242 if (geteuid()) 243 log_error("warning: likely need root to set netns %s!\n", ns); 244 245 snprintf(path, sizeof(path), "%s%s", NS_PREFIX, ns); 246 fd = open(path, 0); 247 if (fd < 0) { 248 log_err_errno("Failed to open netns path; can not switch netns"); 249 return 1; 250 } 251 252 ret = setns(fd, CLONE_NEWNET); 253 close(fd); 254 255 return ret; 256 } 257 258 static int tcp_md5sig(int sd, void *addr, socklen_t alen, struct sock_args *args) 259 { 260 int keylen = strlen(args->password); 261 struct tcp_md5sig md5sig = {}; 262 int opt = TCP_MD5SIG; 263 int rc; 264 265 md5sig.tcpm_keylen = keylen; 266 memcpy(md5sig.tcpm_key, args->password, keylen); 267 268 if (args->prefix_len) { 269 opt = TCP_MD5SIG_EXT; 270 md5sig.tcpm_flags |= TCP_MD5SIG_FLAG_PREFIX; 271 272 md5sig.tcpm_prefixlen = args->prefix_len; 273 addr = &args->md5_prefix; 274 } 275 memcpy(&md5sig.tcpm_addr, addr, alen); 276 277 if ((args->ifindex && args->bind_key_ifindex >= 0) || args->bind_key_ifindex >= 1) { 278 opt = TCP_MD5SIG_EXT; 279 md5sig.tcpm_flags |= TCP_MD5SIG_FLAG_IFINDEX; 280 281 md5sig.tcpm_ifindex = args->ifindex; 282 log_msg("TCP_MD5SIG_FLAG_IFINDEX set tcpm_ifindex=%d\n", md5sig.tcpm_ifindex); 283 } else { 284 log_msg("TCP_MD5SIG_FLAG_IFINDEX off\n", md5sig.tcpm_ifindex); 285 } 286 287 rc = setsockopt(sd, IPPROTO_TCP, opt, &md5sig, sizeof(md5sig)); 288 if (rc < 0) { 289 /* ENOENT is harmless. Returned when a password is cleared */ 290 if (errno == ENOENT) 291 rc = 0; 292 else 293 log_err_errno("setsockopt(TCP_MD5SIG)"); 294 } 295 296 return rc; 297 } 298 299 static int tcp_md5_remote(int sd, struct sock_args *args) 300 { 301 struct sockaddr_in sin = { 302 .sin_family = AF_INET, 303 }; 304 struct sockaddr_in6 sin6 = { 305 .sin6_family = AF_INET6, 306 }; 307 void *addr; 308 int alen; 309 310 switch (args->version) { 311 case AF_INET: 312 sin.sin_port = htons(args->port); 313 sin.sin_addr = args->md5_prefix.v4.sin_addr; 314 addr = &sin; 315 alen = sizeof(sin); 316 break; 317 case AF_INET6: 318 sin6.sin6_port = htons(args->port); 319 sin6.sin6_addr = args->md5_prefix.v6.sin6_addr; 320 addr = &sin6; 321 alen = sizeof(sin6); 322 break; 323 default: 324 log_error("unknown address family\n"); 325 exit(1); 326 } 327 328 if (tcp_md5sig(sd, addr, alen, args)) 329 return -1; 330 331 return 0; 332 } 333 334 static int get_ifidx(const char *ifname) 335 { 336 struct ifreq ifdata; 337 int sd, rc; 338 339 if (!ifname || *ifname == '\0') 340 return -1; 341 342 memset(&ifdata, 0, sizeof(ifdata)); 343 344 strcpy(ifdata.ifr_name, ifname); 345 346 sd = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP); 347 if (sd < 0) { 348 log_err_errno("socket failed"); 349 return -1; 350 } 351 352 rc = ioctl(sd, SIOCGIFINDEX, (char *)&ifdata); 353 close(sd); 354 if (rc != 0) { 355 log_err_errno("ioctl(SIOCGIFINDEX) failed"); 356 return -1; 357 } 358 359 return ifdata.ifr_ifindex; 360 } 361 362 static int bind_to_device(int sd, const char *name) 363 { 364 int rc; 365 366 rc = setsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, name, strlen(name)+1); 367 if (rc < 0) 368 log_err_errno("setsockopt(SO_BINDTODEVICE)"); 369 370 return rc; 371 } 372 373 static int get_bind_to_device(int sd, char *name, size_t len) 374 { 375 int rc; 376 socklen_t optlen = len; 377 378 name[0] = '\0'; 379 rc = getsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, name, &optlen); 380 if (rc < 0) 381 log_err_errno("setsockopt(SO_BINDTODEVICE)"); 382 383 return rc; 384 } 385 386 static int check_device(int sd, struct sock_args *args) 387 { 388 int ifindex = 0; 389 char name[32]; 390 391 if (get_bind_to_device(sd, name, sizeof(name))) 392 *name = '\0'; 393 else 394 ifindex = get_ifidx(name); 395 396 log_msg(" bound to device %s/%d\n", 397 *name ? name : "<none>", ifindex); 398 399 if (!args->expected_ifindex) 400 return 0; 401 402 if (args->expected_ifindex != ifindex) { 403 log_error("Device index mismatch: expected %d have %d\n", 404 args->expected_ifindex, ifindex); 405 return 1; 406 } 407 408 log_msg("Device index matches: expected %d have %d\n", 409 args->expected_ifindex, ifindex); 410 411 return 0; 412 } 413 414 static int set_pktinfo_v4(int sd) 415 { 416 int one = 1; 417 int rc; 418 419 rc = setsockopt(sd, SOL_IP, IP_PKTINFO, &one, sizeof(one)); 420 if (rc < 0 && rc != -ENOTSUP) 421 log_err_errno("setsockopt(IP_PKTINFO)"); 422 423 return rc; 424 } 425 426 static int set_recvpktinfo_v6(int sd) 427 { 428 int one = 1; 429 int rc; 430 431 rc = setsockopt(sd, SOL_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one)); 432 if (rc < 0 && rc != -ENOTSUP) 433 log_err_errno("setsockopt(IPV6_RECVPKTINFO)"); 434 435 return rc; 436 } 437 438 static int set_recverr_v4(int sd) 439 { 440 int one = 1; 441 int rc; 442 443 rc = setsockopt(sd, SOL_IP, IP_RECVERR, &one, sizeof(one)); 444 if (rc < 0 && rc != -ENOTSUP) 445 log_err_errno("setsockopt(IP_RECVERR)"); 446 447 return rc; 448 } 449 450 static int set_recverr_v6(int sd) 451 { 452 int one = 1; 453 int rc; 454 455 rc = setsockopt(sd, SOL_IPV6, IPV6_RECVERR, &one, sizeof(one)); 456 if (rc < 0 && rc != -ENOTSUP) 457 log_err_errno("setsockopt(IPV6_RECVERR)"); 458 459 return rc; 460 } 461 462 static int set_unicast_if(int sd, int ifindex, int version) 463 { 464 int opt = IP_UNICAST_IF; 465 int level = SOL_IP; 466 int rc; 467 468 ifindex = htonl(ifindex); 469 470 if (version == AF_INET6) { 471 opt = IPV6_UNICAST_IF; 472 level = SOL_IPV6; 473 } 474 rc = setsockopt(sd, level, opt, &ifindex, sizeof(ifindex)); 475 if (rc < 0) 476 log_err_errno("setsockopt(IP_UNICAST_IF)"); 477 478 return rc; 479 } 480 481 static int set_multicast_if(int sd, int ifindex) 482 { 483 struct ip_mreqn mreq = { .imr_ifindex = ifindex }; 484 int rc; 485 486 rc = setsockopt(sd, SOL_IP, IP_MULTICAST_IF, &mreq, sizeof(mreq)); 487 if (rc < 0) 488 log_err_errno("setsockopt(IP_MULTICAST_IF)"); 489 490 return rc; 491 } 492 493 static int set_membership(int sd, uint32_t grp, uint32_t addr, int ifindex) 494 { 495 uint32_t if_addr = addr; 496 struct ip_mreqn mreq; 497 int rc; 498 499 if (addr == htonl(INADDR_ANY) && !ifindex) { 500 log_error("Either local address or device needs to be given for multicast membership\n"); 501 return -1; 502 } 503 504 mreq.imr_multiaddr.s_addr = grp; 505 mreq.imr_address.s_addr = if_addr; 506 mreq.imr_ifindex = ifindex; 507 508 rc = setsockopt(sd, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq)); 509 if (rc < 0) { 510 log_err_errno("setsockopt(IP_ADD_MEMBERSHIP)"); 511 return -1; 512 } 513 514 return 0; 515 } 516 517 static int set_broadcast(int sd) 518 { 519 unsigned int one = 1; 520 int rc = 0; 521 522 if (setsockopt(sd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) != 0) { 523 log_err_errno("setsockopt(SO_BROADCAST)"); 524 rc = -1; 525 } 526 527 return rc; 528 } 529 530 static int set_reuseport(int sd) 531 { 532 unsigned int one = 1; 533 int rc = 0; 534 535 if (setsockopt(sd, SOL_SOCKET, SO_REUSEPORT, &one, sizeof(one)) != 0) { 536 log_err_errno("setsockopt(SO_REUSEPORT)"); 537 rc = -1; 538 } 539 540 return rc; 541 } 542 543 static int set_reuseaddr(int sd) 544 { 545 unsigned int one = 1; 546 int rc = 0; 547 548 if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)) != 0) { 549 log_err_errno("setsockopt(SO_REUSEADDR)"); 550 rc = -1; 551 } 552 553 return rc; 554 } 555 556 static int str_to_uint(const char *str, int min, int max, unsigned int *value) 557 { 558 int number; 559 char *end; 560 561 errno = 0; 562 number = (unsigned int) strtoul(str, &end, 0); 563 564 /* entire string should be consumed by conversion 565 * and value should be between min and max 566 */ 567 if (((*end == '\0') || (*end == '\n')) && (end != str) && 568 (errno != ERANGE) && (min <= number) && (number <= max)) { 569 *value = number; 570 return 0; 571 } 572 573 return -1; 574 } 575 576 static int resolve_devices(struct sock_args *args) 577 { 578 if (args->dev) { 579 args->ifindex = get_ifidx(args->dev); 580 if (args->ifindex < 0) { 581 log_error("Invalid device name\n"); 582 return 1; 583 } 584 } 585 586 if (args->expected_dev) { 587 unsigned int tmp; 588 589 if (str_to_uint(args->expected_dev, 0, INT_MAX, &tmp) == 0) { 590 args->expected_ifindex = (int)tmp; 591 } else { 592 args->expected_ifindex = get_ifidx(args->expected_dev); 593 if (args->expected_ifindex < 0) { 594 fprintf(stderr, "Invalid expected device\n"); 595 return 1; 596 } 597 } 598 } 599 600 return 0; 601 } 602 603 static int expected_addr_match(struct sockaddr *sa, void *expected, 604 const char *desc) 605 { 606 char addrstr[64]; 607 int rc = 0; 608 609 if (sa->sa_family == AF_INET) { 610 struct sockaddr_in *s = (struct sockaddr_in *) sa; 611 struct in_addr *exp_in = (struct in_addr *) expected; 612 613 if (s->sin_addr.s_addr != exp_in->s_addr) { 614 log_error("%s address does not match expected %s\n", 615 desc, 616 inet_ntop(AF_INET, exp_in, 617 addrstr, sizeof(addrstr))); 618 rc = 1; 619 } 620 } else if (sa->sa_family == AF_INET6) { 621 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa; 622 struct in6_addr *exp_in = (struct in6_addr *) expected; 623 624 if (memcmp(&s6->sin6_addr, exp_in, sizeof(*exp_in))) { 625 log_error("%s address does not match expected %s\n", 626 desc, 627 inet_ntop(AF_INET6, exp_in, 628 addrstr, sizeof(addrstr))); 629 rc = 1; 630 } 631 } else { 632 log_error("%s address does not match expected - unknown family\n", 633 desc); 634 rc = 1; 635 } 636 637 if (!rc) 638 log_msg("%s address matches expected\n", desc); 639 640 return rc; 641 } 642 643 static int show_sockstat(int sd, struct sock_args *args) 644 { 645 struct sockaddr_in6 local_addr, remote_addr; 646 socklen_t alen = sizeof(local_addr); 647 struct sockaddr *sa; 648 const char *desc; 649 int rc = 0; 650 651 desc = server_mode ? "server local:" : "client local:"; 652 sa = (struct sockaddr *) &local_addr; 653 if (getsockname(sd, sa, &alen) == 0) { 654 log_address(desc, sa); 655 656 if (args->has_expected_laddr) { 657 rc = expected_addr_match(sa, &args->expected_laddr, 658 "local"); 659 } 660 } else { 661 log_err_errno("getsockname failed"); 662 } 663 664 sa = (struct sockaddr *) &remote_addr; 665 desc = server_mode ? "server peer:" : "client peer:"; 666 if (getpeername(sd, sa, &alen) == 0) { 667 log_address(desc, sa); 668 669 if (args->has_expected_raddr) { 670 rc |= expected_addr_match(sa, &args->expected_raddr, 671 "remote"); 672 } 673 } else { 674 log_err_errno("getpeername failed"); 675 } 676 677 return rc; 678 } 679 680 enum addr_type { 681 ADDR_TYPE_LOCAL, 682 ADDR_TYPE_REMOTE, 683 ADDR_TYPE_MCAST, 684 ADDR_TYPE_EXPECTED_LOCAL, 685 ADDR_TYPE_EXPECTED_REMOTE, 686 ADDR_TYPE_MD5_PREFIX, 687 }; 688 689 static int convert_addr(struct sock_args *args, const char *_str, 690 enum addr_type atype) 691 { 692 int pfx_len_max = args->version == AF_INET6 ? 128 : 32; 693 int family = args->version; 694 char *str, *dev, *sep; 695 struct in6_addr *in6; 696 struct in_addr *in; 697 const char *desc; 698 void *addr; 699 int rc = 0; 700 701 str = strdup(_str); 702 if (!str) 703 return -ENOMEM; 704 705 switch (atype) { 706 case ADDR_TYPE_LOCAL: 707 desc = "local"; 708 addr = &args->local_addr; 709 break; 710 case ADDR_TYPE_REMOTE: 711 desc = "remote"; 712 addr = &args->remote_addr; 713 break; 714 case ADDR_TYPE_MCAST: 715 desc = "mcast grp"; 716 addr = &args->grp; 717 break; 718 case ADDR_TYPE_EXPECTED_LOCAL: 719 desc = "expected local"; 720 addr = &args->expected_laddr; 721 break; 722 case ADDR_TYPE_EXPECTED_REMOTE: 723 desc = "expected remote"; 724 addr = &args->expected_raddr; 725 break; 726 case ADDR_TYPE_MD5_PREFIX: 727 desc = "md5 prefix"; 728 if (family == AF_INET) { 729 args->md5_prefix.v4.sin_family = AF_INET; 730 addr = &args->md5_prefix.v4.sin_addr; 731 } else if (family == AF_INET6) { 732 args->md5_prefix.v6.sin6_family = AF_INET6; 733 addr = &args->md5_prefix.v6.sin6_addr; 734 } else 735 return 1; 736 737 sep = strchr(str, '/'); 738 if (sep) { 739 *sep = '\0'; 740 sep++; 741 if (str_to_uint(sep, 1, pfx_len_max, 742 &args->prefix_len) != 0) { 743 fprintf(stderr, "Invalid port\n"); 744 return 1; 745 } 746 } else { 747 args->prefix_len = 0; 748 } 749 break; 750 default: 751 log_error("unknown address type\n"); 752 exit(1); 753 } 754 755 switch (family) { 756 case AF_INET: 757 in = (struct in_addr *) addr; 758 if (str) { 759 if (inet_pton(AF_INET, str, in) == 0) { 760 log_error("Invalid %s IP address\n", desc); 761 rc = -1; 762 goto out; 763 } 764 } else { 765 in->s_addr = htonl(INADDR_ANY); 766 } 767 break; 768 769 case AF_INET6: 770 dev = strchr(str, '%'); 771 if (dev) { 772 *dev = '\0'; 773 dev++; 774 } 775 776 in6 = (struct in6_addr *) addr; 777 if (str) { 778 if (inet_pton(AF_INET6, str, in6) == 0) { 779 log_error("Invalid %s IPv6 address\n", desc); 780 rc = -1; 781 goto out; 782 } 783 } else { 784 *in6 = in6addr_any; 785 } 786 if (dev) { 787 args->scope_id = get_ifidx(dev); 788 if (args->scope_id < 0) { 789 log_error("Invalid scope on %s IPv6 address\n", 790 desc); 791 rc = -1; 792 goto out; 793 } 794 } 795 break; 796 797 default: 798 log_error("Invalid address family\n"); 799 } 800 801 out: 802 free(str); 803 return rc; 804 } 805 806 static int validate_addresses(struct sock_args *args) 807 { 808 if (args->local_addr_str && 809 convert_addr(args, args->local_addr_str, ADDR_TYPE_LOCAL) < 0) 810 return 1; 811 812 if (args->remote_addr_str && 813 convert_addr(args, args->remote_addr_str, ADDR_TYPE_REMOTE) < 0) 814 return 1; 815 816 if (args->md5_prefix_str && 817 convert_addr(args, args->md5_prefix_str, 818 ADDR_TYPE_MD5_PREFIX) < 0) 819 return 1; 820 821 if (args->expected_laddr_str && 822 convert_addr(args, args->expected_laddr_str, 823 ADDR_TYPE_EXPECTED_LOCAL)) 824 return 1; 825 826 if (args->expected_raddr_str && 827 convert_addr(args, args->expected_raddr_str, 828 ADDR_TYPE_EXPECTED_REMOTE)) 829 return 1; 830 831 return 0; 832 } 833 834 static int get_index_from_cmsg(struct msghdr *m) 835 { 836 struct cmsghdr *cm; 837 int ifindex = 0; 838 char buf[64]; 839 840 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(m); 841 m->msg_controllen != 0 && cm; 842 cm = (struct cmsghdr *)CMSG_NXTHDR(m, cm)) { 843 844 if (cm->cmsg_level == SOL_IP && 845 cm->cmsg_type == IP_PKTINFO) { 846 struct in_pktinfo *pi; 847 848 pi = (struct in_pktinfo *)(CMSG_DATA(cm)); 849 inet_ntop(AF_INET, &pi->ipi_addr, buf, sizeof(buf)); 850 ifindex = pi->ipi_ifindex; 851 } else if (cm->cmsg_level == SOL_IPV6 && 852 cm->cmsg_type == IPV6_PKTINFO) { 853 struct in6_pktinfo *pi6; 854 855 pi6 = (struct in6_pktinfo *)(CMSG_DATA(cm)); 856 inet_ntop(AF_INET6, &pi6->ipi6_addr, buf, sizeof(buf)); 857 ifindex = pi6->ipi6_ifindex; 858 } 859 } 860 861 if (ifindex) { 862 log_msg(" pktinfo: ifindex %d dest addr %s\n", 863 ifindex, buf); 864 } 865 return ifindex; 866 } 867 868 static int send_msg_no_cmsg(int sd, void *addr, socklen_t alen) 869 { 870 int err; 871 872 again: 873 err = sendto(sd, msg, msglen, 0, addr, alen); 874 if (err < 0) { 875 if (errno == EACCES && try_broadcast) { 876 try_broadcast = 0; 877 if (!set_broadcast(sd)) 878 goto again; 879 errno = EACCES; 880 } 881 882 log_err_errno("sendto failed"); 883 return 1; 884 } 885 886 return 0; 887 } 888 889 static int send_msg_cmsg(int sd, void *addr, socklen_t alen, 890 int ifindex, int version) 891 { 892 unsigned char cmsgbuf[64]; 893 struct iovec iov[2]; 894 struct cmsghdr *cm; 895 struct msghdr m; 896 int err; 897 898 iov[0].iov_base = msg; 899 iov[0].iov_len = msglen; 900 m.msg_iov = iov; 901 m.msg_iovlen = 1; 902 m.msg_name = (caddr_t)addr; 903 m.msg_namelen = alen; 904 905 memset(cmsgbuf, 0, sizeof(cmsgbuf)); 906 cm = (struct cmsghdr *)cmsgbuf; 907 m.msg_control = (caddr_t)cm; 908 909 if (version == AF_INET) { 910 struct in_pktinfo *pi; 911 912 cm->cmsg_level = SOL_IP; 913 cm->cmsg_type = IP_PKTINFO; 914 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo)); 915 pi = (struct in_pktinfo *)(CMSG_DATA(cm)); 916 pi->ipi_ifindex = ifindex; 917 918 m.msg_controllen = cm->cmsg_len; 919 920 } else if (version == AF_INET6) { 921 struct in6_pktinfo *pi6; 922 923 cm->cmsg_level = SOL_IPV6; 924 cm->cmsg_type = IPV6_PKTINFO; 925 cm->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo)); 926 927 pi6 = (struct in6_pktinfo *)(CMSG_DATA(cm)); 928 pi6->ipi6_ifindex = ifindex; 929 930 m.msg_controllen = cm->cmsg_len; 931 } 932 933 again: 934 err = sendmsg(sd, &m, 0); 935 if (err < 0) { 936 if (errno == EACCES && try_broadcast) { 937 try_broadcast = 0; 938 if (!set_broadcast(sd)) 939 goto again; 940 errno = EACCES; 941 } 942 943 log_err_errno("sendmsg failed"); 944 return 1; 945 } 946 947 return 0; 948 } 949 950 951 static int send_msg(int sd, void *addr, socklen_t alen, struct sock_args *args) 952 { 953 if (args->type == SOCK_STREAM) { 954 if (write(sd, msg, msglen) < 0) { 955 log_err_errno("write failed sending msg to peer"); 956 return 1; 957 } 958 } else if (args->ifindex && args->use_cmsg) { 959 if (send_msg_cmsg(sd, addr, alen, args->ifindex, args->version)) 960 return 1; 961 } else { 962 if (send_msg_no_cmsg(sd, addr, alen)) 963 return 1; 964 } 965 966 log_msg("Sent message:\n"); 967 log_msg(" %.24s%s\n", msg, msglen > 24 ? " ..." : ""); 968 969 return 0; 970 } 971 972 static int socket_read_dgram(int sd, struct sock_args *args) 973 { 974 unsigned char addr[sizeof(struct sockaddr_in6)]; 975 struct sockaddr *sa = (struct sockaddr *) addr; 976 socklen_t alen = sizeof(addr); 977 struct iovec iov[2]; 978 struct msghdr m = { 979 .msg_name = (caddr_t)addr, 980 .msg_namelen = alen, 981 .msg_iov = iov, 982 .msg_iovlen = 1, 983 }; 984 unsigned char cmsgbuf[256]; 985 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf; 986 char buf[16*1024]; 987 int ifindex; 988 int len; 989 990 iov[0].iov_base = (caddr_t)buf; 991 iov[0].iov_len = sizeof(buf); 992 993 memset(cmsgbuf, 0, sizeof(cmsgbuf)); 994 m.msg_control = (caddr_t)cm; 995 m.msg_controllen = sizeof(cmsgbuf); 996 997 len = recvmsg(sd, &m, 0); 998 if (len == 0) { 999 log_msg("peer closed connection.\n"); 1000 return 0; 1001 } else if (len < 0) { 1002 log_msg("failed to read message: %d: %s\n", 1003 errno, strerror(errno)); 1004 return -1; 1005 } 1006 1007 buf[len] = '\0'; 1008 1009 log_address("Message from:", sa); 1010 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : ""); 1011 1012 ifindex = get_index_from_cmsg(&m); 1013 if (args->expected_ifindex) { 1014 if (args->expected_ifindex != ifindex) { 1015 log_error("Device index mismatch: expected %d have %d\n", 1016 args->expected_ifindex, ifindex); 1017 return -1; 1018 } 1019 log_msg("Device index matches: expected %d have %d\n", 1020 args->expected_ifindex, ifindex); 1021 } 1022 1023 if (!interactive && server_mode) { 1024 if (sa->sa_family == AF_INET6) { 1025 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa; 1026 struct in6_addr *in6 = &s6->sin6_addr; 1027 1028 if (IN6_IS_ADDR_V4MAPPED(in6)) { 1029 const uint32_t *pa = (uint32_t *) &in6->s6_addr; 1030 struct in_addr in4; 1031 struct sockaddr_in *sin; 1032 1033 sin = (struct sockaddr_in *) addr; 1034 pa += 3; 1035 in4.s_addr = *pa; 1036 sin->sin_addr = in4; 1037 sin->sin_family = AF_INET; 1038 if (send_msg_cmsg(sd, addr, alen, 1039 ifindex, AF_INET) < 0) 1040 goto out_err; 1041 } 1042 } 1043 again: 1044 iov[0].iov_len = len; 1045 1046 if (args->version == AF_INET6) { 1047 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa; 1048 1049 if (args->dev) { 1050 /* avoid PKTINFO conflicts with bindtodev */ 1051 if (sendto(sd, buf, len, 0, 1052 (void *) addr, alen) < 0) 1053 goto out_err; 1054 } else { 1055 /* kernel is allowing scope_id to be set to VRF 1056 * index for LLA. for sends to global address 1057 * reset scope id 1058 */ 1059 s6->sin6_scope_id = ifindex; 1060 if (sendmsg(sd, &m, 0) < 0) 1061 goto out_err; 1062 } 1063 } else { 1064 int err; 1065 1066 err = sendmsg(sd, &m, 0); 1067 if (err < 0) { 1068 if (errno == EACCES && try_broadcast) { 1069 try_broadcast = 0; 1070 if (!set_broadcast(sd)) 1071 goto again; 1072 errno = EACCES; 1073 } 1074 goto out_err; 1075 } 1076 } 1077 log_msg("Sent message:\n"); 1078 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : ""); 1079 } 1080 1081 return 1; 1082 out_err: 1083 log_err_errno("failed to send msg to peer"); 1084 return -1; 1085 } 1086 1087 static int socket_read_stream(int sd) 1088 { 1089 char buf[1024]; 1090 int len; 1091 1092 len = read(sd, buf, sizeof(buf)-1); 1093 if (len == 0) { 1094 log_msg("client closed connection.\n"); 1095 return 0; 1096 } else if (len < 0) { 1097 log_msg("failed to read message\n"); 1098 return -1; 1099 } 1100 1101 buf[len] = '\0'; 1102 log_msg("Incoming message:\n"); 1103 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : ""); 1104 1105 if (!interactive && server_mode) { 1106 if (write(sd, buf, len) < 0) { 1107 log_err_errno("failed to send buf"); 1108 return -1; 1109 } 1110 log_msg("Sent message:\n"); 1111 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : ""); 1112 } 1113 1114 return 1; 1115 } 1116 1117 static int socket_read(int sd, struct sock_args *args) 1118 { 1119 if (args->type == SOCK_STREAM) 1120 return socket_read_stream(sd); 1121 1122 return socket_read_dgram(sd, args); 1123 } 1124 1125 static int stdin_to_socket(int sd, int type, void *addr, socklen_t alen) 1126 { 1127 char buf[1024]; 1128 int len; 1129 1130 if (fgets(buf, sizeof(buf), stdin) == NULL) 1131 return 0; 1132 1133 len = strlen(buf); 1134 if (type == SOCK_STREAM) { 1135 if (write(sd, buf, len) < 0) { 1136 log_err_errno("failed to send buf"); 1137 return -1; 1138 } 1139 } else { 1140 int err; 1141 1142 again: 1143 err = sendto(sd, buf, len, 0, addr, alen); 1144 if (err < 0) { 1145 if (errno == EACCES && try_broadcast) { 1146 try_broadcast = 0; 1147 if (!set_broadcast(sd)) 1148 goto again; 1149 errno = EACCES; 1150 } 1151 log_err_errno("failed to send msg to peer"); 1152 return -1; 1153 } 1154 } 1155 log_msg("Sent message:\n"); 1156 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : ""); 1157 1158 return 1; 1159 } 1160 1161 static void set_recv_attr(int sd, int version) 1162 { 1163 if (version == AF_INET6) { 1164 set_recvpktinfo_v6(sd); 1165 set_recverr_v6(sd); 1166 } else { 1167 set_pktinfo_v4(sd); 1168 set_recverr_v4(sd); 1169 } 1170 } 1171 1172 static int msg_loop(int client, int sd, void *addr, socklen_t alen, 1173 struct sock_args *args) 1174 { 1175 struct timeval timeout = { .tv_sec = prog_timeout }, *ptval = NULL; 1176 fd_set rfds; 1177 int nfds; 1178 int rc; 1179 1180 if (args->type != SOCK_STREAM) 1181 set_recv_attr(sd, args->version); 1182 1183 if (msg) { 1184 msglen = strlen(msg); 1185 1186 /* client sends first message */ 1187 if (client) { 1188 if (send_msg(sd, addr, alen, args)) 1189 return 1; 1190 } 1191 if (!interactive) { 1192 ptval = &timeout; 1193 if (!prog_timeout) 1194 timeout.tv_sec = 5; 1195 } 1196 } 1197 1198 nfds = interactive ? MAX(fileno(stdin), sd) + 1 : sd + 1; 1199 while (1) { 1200 FD_ZERO(&rfds); 1201 FD_SET(sd, &rfds); 1202 if (interactive) 1203 FD_SET(fileno(stdin), &rfds); 1204 1205 rc = select(nfds, &rfds, NULL, NULL, ptval); 1206 if (rc < 0) { 1207 if (errno == EINTR) 1208 continue; 1209 1210 rc = 1; 1211 log_err_errno("select failed"); 1212 break; 1213 } else if (rc == 0) { 1214 log_error("Timed out waiting for response\n"); 1215 rc = 2; 1216 break; 1217 } 1218 1219 if (FD_ISSET(sd, &rfds)) { 1220 rc = socket_read(sd, args); 1221 if (rc < 0) { 1222 rc = 1; 1223 break; 1224 } 1225 if (rc == 0) 1226 break; 1227 } 1228 1229 rc = 0; 1230 1231 if (FD_ISSET(fileno(stdin), &rfds)) { 1232 if (stdin_to_socket(sd, args->type, addr, alen) <= 0) 1233 break; 1234 } 1235 1236 if (interactive) 1237 continue; 1238 1239 if (iter != -1) { 1240 --iter; 1241 if (iter == 0) 1242 break; 1243 } 1244 1245 log_msg("Going into quiet mode\n"); 1246 quiet = 1; 1247 1248 if (client) { 1249 if (send_msg(sd, addr, alen, args)) { 1250 rc = 1; 1251 break; 1252 } 1253 } 1254 } 1255 1256 return rc; 1257 } 1258 1259 static int msock_init(struct sock_args *args, int server) 1260 { 1261 uint32_t if_addr = htonl(INADDR_ANY); 1262 struct sockaddr_in laddr = { 1263 .sin_family = AF_INET, 1264 .sin_port = htons(args->port), 1265 }; 1266 int one = 1; 1267 int sd; 1268 1269 if (!server && args->has_local_ip) 1270 if_addr = args->local_addr.in.s_addr; 1271 1272 sd = socket(PF_INET, SOCK_DGRAM, 0); 1273 if (sd < 0) { 1274 log_err_errno("socket"); 1275 return -1; 1276 } 1277 1278 if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, 1279 (char *)&one, sizeof(one)) < 0) { 1280 log_err_errno("Setting SO_REUSEADDR error"); 1281 goto out_err; 1282 } 1283 1284 if (setsockopt(sd, SOL_SOCKET, SO_BROADCAST, 1285 (char *)&one, sizeof(one)) < 0) 1286 log_err_errno("Setting SO_BROADCAST error"); 1287 1288 if (args->dev && bind_to_device(sd, args->dev) != 0) 1289 goto out_err; 1290 else if (args->use_setsockopt && 1291 set_multicast_if(sd, args->ifindex)) 1292 goto out_err; 1293 1294 laddr.sin_addr.s_addr = if_addr; 1295 1296 if (bind(sd, (struct sockaddr *) &laddr, sizeof(laddr)) < 0) { 1297 log_err_errno("bind failed"); 1298 goto out_err; 1299 } 1300 1301 if (server && 1302 set_membership(sd, args->grp.s_addr, 1303 args->local_addr.in.s_addr, args->ifindex)) 1304 goto out_err; 1305 1306 return sd; 1307 out_err: 1308 close(sd); 1309 return -1; 1310 } 1311 1312 static int msock_server(struct sock_args *args) 1313 { 1314 return msock_init(args, 1); 1315 } 1316 1317 static int msock_client(struct sock_args *args) 1318 { 1319 return msock_init(args, 0); 1320 } 1321 1322 static int bind_socket(int sd, struct sock_args *args) 1323 { 1324 struct sockaddr_in serv_addr = { 1325 .sin_family = AF_INET, 1326 }; 1327 struct sockaddr_in6 serv6_addr = { 1328 .sin6_family = AF_INET6, 1329 }; 1330 void *addr; 1331 socklen_t alen; 1332 1333 if (!args->has_local_ip && args->type == SOCK_RAW) 1334 return 0; 1335 1336 switch (args->version) { 1337 case AF_INET: 1338 serv_addr.sin_port = htons(args->port); 1339 serv_addr.sin_addr = args->local_addr.in; 1340 addr = &serv_addr; 1341 alen = sizeof(serv_addr); 1342 break; 1343 1344 case AF_INET6: 1345 serv6_addr.sin6_port = htons(args->port); 1346 serv6_addr.sin6_addr = args->local_addr.in6; 1347 addr = &serv6_addr; 1348 alen = sizeof(serv6_addr); 1349 break; 1350 1351 default: 1352 log_error("Invalid address family\n"); 1353 return -1; 1354 } 1355 1356 if (bind(sd, addr, alen) < 0) { 1357 log_err_errno("error binding socket"); 1358 return -1; 1359 } 1360 1361 return 0; 1362 } 1363 1364 static int config_xfrm_policy(int sd, struct sock_args *args) 1365 { 1366 struct xfrm_userpolicy_info policy = {}; 1367 int type = UDP_ENCAP_ESPINUDP; 1368 int xfrm_af = IP_XFRM_POLICY; 1369 int level = SOL_IP; 1370 1371 if (args->type != SOCK_DGRAM) { 1372 log_error("Invalid socket type. Only DGRAM could be used for XFRM\n"); 1373 return 1; 1374 } 1375 1376 policy.action = XFRM_POLICY_ALLOW; 1377 policy.sel.family = args->version; 1378 if (args->version == AF_INET6) { 1379 xfrm_af = IPV6_XFRM_POLICY; 1380 level = SOL_IPV6; 1381 } 1382 1383 policy.dir = XFRM_POLICY_OUT; 1384 if (setsockopt(sd, level, xfrm_af, &policy, sizeof(policy)) < 0) 1385 return 1; 1386 1387 policy.dir = XFRM_POLICY_IN; 1388 if (setsockopt(sd, level, xfrm_af, &policy, sizeof(policy)) < 0) 1389 return 1; 1390 1391 if (setsockopt(sd, IPPROTO_UDP, UDP_ENCAP, &type, sizeof(type)) < 0) { 1392 log_err_errno("Failed to set xfrm encap"); 1393 return 1; 1394 } 1395 1396 return 0; 1397 } 1398 1399 static int lsock_init(struct sock_args *args) 1400 { 1401 long flags; 1402 int sd; 1403 1404 sd = socket(args->version, args->type, args->protocol); 1405 if (sd < 0) { 1406 log_err_errno("Error opening socket"); 1407 return -1; 1408 } 1409 1410 if (set_reuseaddr(sd) != 0) 1411 goto err; 1412 1413 if (set_reuseport(sd) != 0) 1414 goto err; 1415 1416 if (args->dev && bind_to_device(sd, args->dev) != 0) 1417 goto err; 1418 else if (args->use_setsockopt && 1419 set_unicast_if(sd, args->ifindex, args->version)) 1420 goto err; 1421 1422 if (bind_socket(sd, args)) 1423 goto err; 1424 1425 if (args->bind_test_only) 1426 goto out; 1427 1428 if (args->type == SOCK_STREAM && listen(sd, 1) < 0) { 1429 log_err_errno("listen failed"); 1430 goto err; 1431 } 1432 1433 flags = fcntl(sd, F_GETFL); 1434 if ((flags < 0) || (fcntl(sd, F_SETFL, flags|O_NONBLOCK) < 0)) { 1435 log_err_errno("Failed to set non-blocking option"); 1436 goto err; 1437 } 1438 1439 if (fcntl(sd, F_SETFD, FD_CLOEXEC) < 0) 1440 log_err_errno("Failed to set close-on-exec flag"); 1441 1442 if (args->use_xfrm && config_xfrm_policy(sd, args)) { 1443 log_err_errno("Failed to set xfrm policy"); 1444 goto err; 1445 } 1446 1447 out: 1448 return sd; 1449 1450 err: 1451 close(sd); 1452 return -1; 1453 } 1454 1455 static void ipc_write(int fd, int message) 1456 { 1457 /* Not in both_mode, so there's no process to signal */ 1458 if (fd < 0) 1459 return; 1460 1461 if (write(fd, &message, sizeof(message)) < 0) 1462 log_err_errno("Failed to send client status"); 1463 } 1464 1465 static int do_server(struct sock_args *args, int ipc_fd) 1466 { 1467 /* ipc_fd = -1 if no parent process to signal */ 1468 struct timeval timeout = { .tv_sec = prog_timeout }, *ptval = NULL; 1469 unsigned char addr[sizeof(struct sockaddr_in6)] = {}; 1470 socklen_t alen = sizeof(addr); 1471 int lsd, csd = -1; 1472 1473 fd_set rfds; 1474 int rc; 1475 1476 if (args->serverns) { 1477 if (switch_ns(args->serverns)) { 1478 log_error("Could not set server netns to %s\n", 1479 args->serverns); 1480 goto err_exit; 1481 } 1482 log_msg("Switched server netns\n"); 1483 } 1484 1485 args->dev = args->server_dev; 1486 args->expected_dev = args->expected_server_dev; 1487 if (resolve_devices(args) || validate_addresses(args)) 1488 goto err_exit; 1489 1490 if (prog_timeout) 1491 ptval = &timeout; 1492 1493 if (args->has_grp) 1494 lsd = msock_server(args); 1495 else 1496 lsd = lsock_init(args); 1497 1498 if (lsd < 0) 1499 goto err_exit; 1500 1501 if (args->bind_test_only) { 1502 close(lsd); 1503 ipc_write(ipc_fd, 1); 1504 return 0; 1505 } 1506 1507 if (args->type != SOCK_STREAM) { 1508 ipc_write(ipc_fd, 1); 1509 rc = msg_loop(0, lsd, (void *) addr, alen, args); 1510 close(lsd); 1511 return rc; 1512 } 1513 1514 if (args->password && tcp_md5_remote(lsd, args)) { 1515 close(lsd); 1516 goto err_exit; 1517 } 1518 1519 ipc_write(ipc_fd, 1); 1520 while (1) { 1521 log_msg("waiting for client connection.\n"); 1522 FD_ZERO(&rfds); 1523 FD_SET(lsd, &rfds); 1524 1525 rc = select(lsd+1, &rfds, NULL, NULL, ptval); 1526 if (rc == 0) { 1527 rc = 2; 1528 break; 1529 } 1530 1531 if (rc < 0) { 1532 if (errno == EINTR) 1533 continue; 1534 1535 log_err_errno("select failed"); 1536 break; 1537 } 1538 1539 if (FD_ISSET(lsd, &rfds)) { 1540 1541 csd = accept(lsd, (void *) addr, &alen); 1542 if (csd < 0) { 1543 log_err_errno("accept failed"); 1544 break; 1545 } 1546 1547 rc = show_sockstat(csd, args); 1548 if (rc) 1549 break; 1550 1551 rc = check_device(csd, args); 1552 if (rc) 1553 break; 1554 } 1555 1556 rc = msg_loop(0, csd, (void *) addr, alen, args); 1557 close(csd); 1558 1559 if (!interactive) 1560 break; 1561 } 1562 1563 close(lsd); 1564 1565 return rc; 1566 err_exit: 1567 ipc_write(ipc_fd, 0); 1568 return 1; 1569 } 1570 1571 static int wait_for_connect(int sd) 1572 { 1573 struct timeval _tv = { .tv_sec = prog_timeout }, *tv = NULL; 1574 fd_set wfd; 1575 int val = 0, sz = sizeof(val); 1576 int rc; 1577 1578 FD_ZERO(&wfd); 1579 FD_SET(sd, &wfd); 1580 1581 if (prog_timeout) 1582 tv = &_tv; 1583 1584 rc = select(FD_SETSIZE, NULL, &wfd, NULL, tv); 1585 if (rc == 0) { 1586 log_error("connect timed out\n"); 1587 return -2; 1588 } else if (rc < 0) { 1589 log_err_errno("select failed"); 1590 return -3; 1591 } 1592 1593 if (getsockopt(sd, SOL_SOCKET, SO_ERROR, &val, (socklen_t *)&sz) < 0) { 1594 log_err_errno("getsockopt(SO_ERROR) failed"); 1595 return -4; 1596 } 1597 1598 if (val != 0) { 1599 log_error("connect failed: %d: %s\n", val, strerror(val)); 1600 return -1; 1601 } 1602 1603 return 0; 1604 } 1605 1606 static int connectsock(void *addr, socklen_t alen, struct sock_args *args) 1607 { 1608 int sd, rc = -1; 1609 long flags; 1610 1611 sd = socket(args->version, args->type, args->protocol); 1612 if (sd < 0) { 1613 log_err_errno("Failed to create socket"); 1614 return -1; 1615 } 1616 1617 flags = fcntl(sd, F_GETFL); 1618 if ((flags < 0) || (fcntl(sd, F_SETFL, flags|O_NONBLOCK) < 0)) { 1619 log_err_errno("Failed to set non-blocking option"); 1620 goto err; 1621 } 1622 1623 if (set_reuseport(sd) != 0) 1624 goto err; 1625 1626 if (args->dev && bind_to_device(sd, args->dev) != 0) 1627 goto err; 1628 else if (args->use_setsockopt && 1629 set_unicast_if(sd, args->ifindex, args->version)) 1630 goto err; 1631 1632 if (args->has_local_ip && bind_socket(sd, args)) 1633 goto err; 1634 1635 if (args->type != SOCK_STREAM) 1636 goto out; 1637 1638 if (args->password && tcp_md5sig(sd, addr, alen, args)) 1639 goto err; 1640 1641 if (args->bind_test_only) 1642 goto out; 1643 1644 if (connect(sd, addr, alen) < 0) { 1645 if (errno != EINPROGRESS) { 1646 log_err_errno("Failed to connect to remote host"); 1647 rc = -1; 1648 goto err; 1649 } 1650 rc = wait_for_connect(sd); 1651 if (rc < 0) 1652 goto err; 1653 } 1654 out: 1655 return sd; 1656 1657 err: 1658 close(sd); 1659 return rc; 1660 } 1661 1662 static int do_client(struct sock_args *args) 1663 { 1664 struct sockaddr_in sin = { 1665 .sin_family = AF_INET, 1666 }; 1667 struct sockaddr_in6 sin6 = { 1668 .sin6_family = AF_INET6, 1669 }; 1670 void *addr; 1671 int alen; 1672 int rc = 0; 1673 int sd; 1674 1675 if (!args->has_remote_ip && !args->has_grp) { 1676 fprintf(stderr, "remote IP or multicast group not given\n"); 1677 return 1; 1678 } 1679 1680 if (args->clientns) { 1681 if (switch_ns(args->clientns)) { 1682 log_error("Could not set client netns to %s\n", 1683 args->clientns); 1684 return 1; 1685 } 1686 log_msg("Switched client netns\n"); 1687 } 1688 1689 args->local_addr_str = args->client_local_addr_str; 1690 if (resolve_devices(args) || validate_addresses(args)) 1691 return 1; 1692 1693 if ((args->use_setsockopt || args->use_cmsg) && !args->ifindex) { 1694 fprintf(stderr, "Device binding not specified\n"); 1695 return 1; 1696 } 1697 if (args->use_setsockopt || args->use_cmsg) 1698 args->dev = NULL; 1699 1700 switch (args->version) { 1701 case AF_INET: 1702 sin.sin_port = htons(args->port); 1703 if (args->has_grp) 1704 sin.sin_addr = args->grp; 1705 else 1706 sin.sin_addr = args->remote_addr.in; 1707 addr = &sin; 1708 alen = sizeof(sin); 1709 break; 1710 case AF_INET6: 1711 sin6.sin6_port = htons(args->port); 1712 sin6.sin6_addr = args->remote_addr.in6; 1713 sin6.sin6_scope_id = args->scope_id; 1714 addr = &sin6; 1715 alen = sizeof(sin6); 1716 break; 1717 } 1718 1719 args->password = args->client_pw; 1720 1721 if (args->has_grp) 1722 sd = msock_client(args); 1723 else 1724 sd = connectsock(addr, alen, args); 1725 1726 if (sd < 0) 1727 return -sd; 1728 1729 if (args->bind_test_only) 1730 goto out; 1731 1732 if (args->type == SOCK_STREAM) { 1733 rc = show_sockstat(sd, args); 1734 if (rc != 0) 1735 goto out; 1736 } 1737 1738 rc = msg_loop(1, sd, addr, alen, args); 1739 1740 out: 1741 close(sd); 1742 1743 return rc; 1744 } 1745 1746 static char *random_msg(int len) 1747 { 1748 int i, n = 0, olen = len + 1; 1749 char *m; 1750 1751 if (len <= 0) 1752 return NULL; 1753 1754 m = malloc(olen); 1755 if (!m) 1756 return NULL; 1757 1758 while (len > 26) { 1759 i = snprintf(m + n, olen - n, "%.26s", 1760 "abcdefghijklmnopqrstuvwxyz"); 1761 n += i; 1762 len -= i; 1763 } 1764 i = snprintf(m + n, olen - n, "%.*s", len, 1765 "abcdefghijklmnopqrstuvwxyz"); 1766 return m; 1767 } 1768 1769 static int ipc_child(int fd, struct sock_args *args) 1770 { 1771 char *outbuf, *errbuf; 1772 int rc = 1; 1773 1774 outbuf = malloc(4096); 1775 errbuf = malloc(4096); 1776 if (!outbuf || !errbuf) { 1777 fprintf(stderr, "server: Failed to allocate buffers for stdout and stderr\n"); 1778 goto out; 1779 } 1780 1781 setbuffer(stdout, outbuf, 4096); 1782 setbuffer(stderr, errbuf, 4096); 1783 1784 server_mode = 1; /* to tell log_msg in case we are in both_mode */ 1785 1786 /* when running in both mode, address validation applies 1787 * solely to client side 1788 */ 1789 args->has_expected_laddr = 0; 1790 args->has_expected_raddr = 0; 1791 1792 rc = do_server(args, fd); 1793 1794 out: 1795 free(outbuf); 1796 free(errbuf); 1797 1798 return rc; 1799 } 1800 1801 static int ipc_parent(int cpid, int fd, struct sock_args *args) 1802 { 1803 int client_status; 1804 int status; 1805 int buf; 1806 1807 /* do the client-side function here in the parent process, 1808 * waiting to be told when to continue 1809 */ 1810 if (read(fd, &buf, sizeof(buf)) <= 0) { 1811 log_err_errno("Failed to read IPC status from status"); 1812 return 1; 1813 } 1814 if (!buf) { 1815 log_error("Server failed; can not continue\n"); 1816 return 1; 1817 } 1818 log_msg("Server is ready\n"); 1819 1820 client_status = do_client(args); 1821 log_msg("parent is done!\n"); 1822 1823 if (kill(cpid, 0) == 0) 1824 kill(cpid, SIGKILL); 1825 1826 wait(&status); 1827 return client_status; 1828 } 1829 1830 #define GETOPT_STR "sr:l:c:p:t:g:P:DRn:M:X:m:d:I:BN:O:SCi6xL:0:1:2:3:Fbq" 1831 #define OPT_FORCE_BIND_KEY_IFINDEX 1001 1832 #define OPT_NO_BIND_KEY_IFINDEX 1002 1833 1834 static struct option long_opts[] = { 1835 {"force-bind-key-ifindex", 0, 0, OPT_FORCE_BIND_KEY_IFINDEX}, 1836 {"no-bind-key-ifindex", 0, 0, OPT_NO_BIND_KEY_IFINDEX}, 1837 {0, 0, 0, 0} 1838 }; 1839 1840 static void print_usage(char *prog) 1841 { 1842 printf( 1843 "usage: %s OPTS\n" 1844 "Required:\n" 1845 " -r addr remote address to connect to (client mode only)\n" 1846 " -p port port to connect to (client mode)/listen on (server mode)\n" 1847 " (default: %d)\n" 1848 " -s server mode (default: client mode)\n" 1849 " -t timeout seconds (default: none)\n" 1850 "\n" 1851 "Optional:\n" 1852 " -B do both client and server via fork and IPC\n" 1853 " -N ns set client to network namespace ns (requires root)\n" 1854 " -O ns set server to network namespace ns (requires root)\n" 1855 " -F Restart server loop\n" 1856 " -6 IPv6 (default is IPv4)\n" 1857 " -P proto protocol for socket: icmp, ospf (default: none)\n" 1858 " -D|R datagram (D) / raw (R) socket (default stream)\n" 1859 " -l addr local address to bind to in server mode\n" 1860 " -c addr local address to bind to in client mode\n" 1861 " -x configure XFRM policy on socket\n" 1862 "\n" 1863 " -d dev bind socket to given device name\n" 1864 " -I dev bind socket to given device name - server mode\n" 1865 " -S use setsockopt (IP_UNICAST_IF or IP_MULTICAST_IF)\n" 1866 " to set device binding\n" 1867 " -C use cmsg and IP_PKTINFO to specify device binding\n" 1868 "\n" 1869 " -L len send random message of given length\n" 1870 " -n num number of times to send message\n" 1871 "\n" 1872 " -M password use MD5 sum protection\n" 1873 " -X password MD5 password for client mode\n" 1874 " -m prefix/len prefix and length to use for MD5 key\n" 1875 " --no-bind-key-ifindex: Force TCP_MD5SIG_FLAG_IFINDEX off\n" 1876 " --force-bind-key-ifindex: Force TCP_MD5SIG_FLAG_IFINDEX on\n" 1877 " (default: only if -I is passed)\n" 1878 "\n" 1879 " -g grp multicast group (e.g., 239.1.1.1)\n" 1880 " -i interactive mode (default is echo and terminate)\n" 1881 "\n" 1882 " -0 addr Expected local address\n" 1883 " -1 addr Expected remote address\n" 1884 " -2 dev Expected device name (or index) to receive packet\n" 1885 " -3 dev Expected device name (or index) to receive packets - server mode\n" 1886 "\n" 1887 " -b Bind test only.\n" 1888 " -q Be quiet. Run test without printing anything.\n" 1889 , prog, DEFAULT_PORT); 1890 } 1891 1892 int main(int argc, char *argv[]) 1893 { 1894 struct sock_args args = { 1895 .version = AF_INET, 1896 .type = SOCK_STREAM, 1897 .port = DEFAULT_PORT, 1898 }; 1899 struct protoent *pe; 1900 int both_mode = 0; 1901 unsigned int tmp; 1902 int forever = 0; 1903 int fd[2]; 1904 int cpid; 1905 1906 /* process inputs */ 1907 extern char *optarg; 1908 int rc = 0; 1909 1910 /* 1911 * process input args 1912 */ 1913 1914 while ((rc = getopt_long(argc, argv, GETOPT_STR, long_opts, NULL)) != -1) { 1915 switch (rc) { 1916 case 'B': 1917 both_mode = 1; 1918 break; 1919 case 's': 1920 server_mode = 1; 1921 break; 1922 case 'F': 1923 forever = 1; 1924 break; 1925 case 'l': 1926 args.has_local_ip = 1; 1927 args.local_addr_str = optarg; 1928 break; 1929 case 'r': 1930 args.has_remote_ip = 1; 1931 args.remote_addr_str = optarg; 1932 break; 1933 case 'c': 1934 args.has_local_ip = 1; 1935 args.client_local_addr_str = optarg; 1936 break; 1937 case 'p': 1938 if (str_to_uint(optarg, 1, 65535, &tmp) != 0) { 1939 fprintf(stderr, "Invalid port\n"); 1940 return 1; 1941 } 1942 args.port = (unsigned short) tmp; 1943 break; 1944 case 't': 1945 if (str_to_uint(optarg, 0, INT_MAX, 1946 &prog_timeout) != 0) { 1947 fprintf(stderr, "Invalid timeout\n"); 1948 return 1; 1949 } 1950 break; 1951 case 'D': 1952 args.type = SOCK_DGRAM; 1953 break; 1954 case 'R': 1955 args.type = SOCK_RAW; 1956 args.port = 0; 1957 if (!args.protocol) 1958 args.protocol = IPPROTO_RAW; 1959 break; 1960 case 'P': 1961 pe = getprotobyname(optarg); 1962 if (pe) { 1963 args.protocol = pe->p_proto; 1964 } else { 1965 if (str_to_uint(optarg, 0, 0xffff, &tmp) != 0) { 1966 fprintf(stderr, "Invalid protocol\n"); 1967 return 1; 1968 } 1969 args.protocol = tmp; 1970 } 1971 break; 1972 case 'n': 1973 iter = atoi(optarg); 1974 break; 1975 case 'N': 1976 args.clientns = optarg; 1977 break; 1978 case 'O': 1979 args.serverns = optarg; 1980 break; 1981 case 'L': 1982 msg = random_msg(atoi(optarg)); 1983 break; 1984 case 'M': 1985 args.password = optarg; 1986 break; 1987 case OPT_FORCE_BIND_KEY_IFINDEX: 1988 args.bind_key_ifindex = 1; 1989 break; 1990 case OPT_NO_BIND_KEY_IFINDEX: 1991 args.bind_key_ifindex = -1; 1992 break; 1993 case 'X': 1994 args.client_pw = optarg; 1995 break; 1996 case 'm': 1997 args.md5_prefix_str = optarg; 1998 break; 1999 case 'S': 2000 args.use_setsockopt = 1; 2001 break; 2002 case 'C': 2003 args.use_cmsg = 1; 2004 break; 2005 case 'd': 2006 args.dev = optarg; 2007 break; 2008 case 'I': 2009 args.server_dev = optarg; 2010 break; 2011 case 'i': 2012 interactive = 1; 2013 break; 2014 case 'g': 2015 args.has_grp = 1; 2016 if (convert_addr(&args, optarg, ADDR_TYPE_MCAST) < 0) 2017 return 1; 2018 args.type = SOCK_DGRAM; 2019 break; 2020 case '6': 2021 args.version = AF_INET6; 2022 break; 2023 case 'b': 2024 args.bind_test_only = 1; 2025 break; 2026 case '0': 2027 args.has_expected_laddr = 1; 2028 args.expected_laddr_str = optarg; 2029 break; 2030 case '1': 2031 args.has_expected_raddr = 1; 2032 args.expected_raddr_str = optarg; 2033 break; 2034 case '2': 2035 args.expected_dev = optarg; 2036 break; 2037 case '3': 2038 args.expected_server_dev = optarg; 2039 break; 2040 case 'q': 2041 quiet = 1; 2042 break; 2043 case 'x': 2044 args.use_xfrm = 1; 2045 break; 2046 default: 2047 print_usage(argv[0]); 2048 return 1; 2049 } 2050 } 2051 2052 if (args.password && 2053 ((!args.has_remote_ip && !args.md5_prefix_str) || 2054 args.type != SOCK_STREAM)) { 2055 log_error("MD5 passwords apply to TCP only and require a remote ip for the password\n"); 2056 return 1; 2057 } 2058 2059 if (args.md5_prefix_str && !args.password) { 2060 log_error("Prefix range for MD5 protection specified without a password\n"); 2061 return 1; 2062 } 2063 2064 if (iter == 0) { 2065 fprintf(stderr, "Invalid number of messages to send\n"); 2066 return 1; 2067 } 2068 2069 if (args.type == SOCK_STREAM && !args.protocol) 2070 args.protocol = IPPROTO_TCP; 2071 if (args.type == SOCK_DGRAM && !args.protocol) 2072 args.protocol = IPPROTO_UDP; 2073 2074 if ((args.type == SOCK_STREAM || args.type == SOCK_DGRAM) && 2075 args.port == 0) { 2076 fprintf(stderr, "Invalid port number\n"); 2077 return 1; 2078 } 2079 2080 if ((both_mode || !server_mode) && !args.has_grp && 2081 !args.has_remote_ip && !args.has_local_ip) { 2082 fprintf(stderr, 2083 "Local (server mode) or remote IP (client IP) required\n"); 2084 return 1; 2085 } 2086 2087 if (interactive) { 2088 prog_timeout = 0; 2089 msg = NULL; 2090 } 2091 2092 if (both_mode) { 2093 if (pipe(fd) < 0) { 2094 perror("pipe"); 2095 exit(1); 2096 } 2097 2098 cpid = fork(); 2099 if (cpid < 0) { 2100 perror("fork"); 2101 exit(1); 2102 } 2103 if (cpid) 2104 return ipc_parent(cpid, fd[0], &args); 2105 2106 return ipc_child(fd[1], &args); 2107 } 2108 2109 if (server_mode) { 2110 do { 2111 rc = do_server(&args, -1); 2112 } while (forever); 2113 2114 return rc; 2115 } 2116 return do_client(&args); 2117 } 2118