| 124 |
|
|
| 125 |
if (ret == 0) |
if (ret == 0) |
| 126 |
{ |
{ |
| 127 |
|
log_common("User [%s] authenticated successfully", user); |
| 128 |
return SSH_AUTH_SUCCESS; |
return SSH_AUTH_SUCCESS; |
| 129 |
} |
} |
| 130 |
|
|
| 133 |
sdata->error = 1; |
sdata->error = 1; |
| 134 |
} |
} |
| 135 |
|
|
| 136 |
|
log_common("User [%s] authentication failed (%d/%d)", user, |
| 137 |
|
sdata->tries, BBS_login_retry_times); |
| 138 |
return SSH_AUTH_DENIED; |
return SSH_AUTH_DENIED; |
| 139 |
} |
} |
| 140 |
|
|
| 156 |
rc = openpty(&cdata->pty_master, &cdata->pty_slave, NULL, NULL, cdata->winsize); |
rc = openpty(&cdata->pty_master, &cdata->pty_slave, NULL, NULL, cdata->winsize); |
| 157 |
if (rc != 0) |
if (rc != 0) |
| 158 |
{ |
{ |
| 159 |
log_error("Failed to open pty\n"); |
log_error("Failed to open pty"); |
| 160 |
return SSH_ERROR; |
return SSH_ERROR; |
| 161 |
} |
} |
| 162 |
|
|
| 190 |
|
|
| 191 |
if (command != NULL) |
if (command != NULL) |
| 192 |
{ |
{ |
| 193 |
log_error("Forbid exec /bin/sh %s %s)\n", mode, command); |
log_error("Forbid exec /bin/sh %s %s)", mode, command); |
| 194 |
} |
} |
| 195 |
|
|
| 196 |
return SSH_OK; |
return SSH_OK; |
| 202 |
|
|
| 203 |
if (command != NULL) |
if (command != NULL) |
| 204 |
{ |
{ |
| 205 |
log_error("Forbid exec /bin/sh -c %s)\n", command); |
log_error("Forbid exec /bin/sh -c %s)", command); |
| 206 |
} |
} |
| 207 |
|
|
| 208 |
return SSH_OK; |
return SSH_OK; |
| 252 |
(void)session; |
(void)session; |
| 253 |
(void)channel; |
(void)channel; |
| 254 |
|
|
| 255 |
log_error("subsystem_request(subsystem=%s)\n", subsystem); |
log_error("subsystem_request(subsystem=%s)", subsystem); |
| 256 |
|
|
| 257 |
/* subsystem requests behave similarly to exec requests. */ |
/* subsystem requests behave similarly to exec requests. */ |
| 258 |
if (strcmp(subsystem, "sftp") == 0) |
if (strcmp(subsystem, "sftp") == 0) |
| 326 |
if (pid > 0) // Parent process |
if (pid > 0) // Parent process |
| 327 |
{ |
{ |
| 328 |
SYS_child_process_count++; |
SYS_child_process_count++; |
| 329 |
log_common("Child process (%d) start\n", pid); |
log_common("Child process (%d) start", pid); |
| 330 |
return pid; |
return pid; |
| 331 |
} |
} |
| 332 |
else if (pid < 0) // Error |
else if (pid < 0) // Error |
| 333 |
{ |
{ |
| 334 |
log_error("fork() error (%d)\n", errno); |
log_error("fork() error (%d)", errno); |
| 335 |
return -1; |
return -1; |
| 336 |
} |
} |
| 337 |
|
|
| 339 |
#ifdef HAVE_SYS_EPOLL_H |
#ifdef HAVE_SYS_EPOLL_H |
| 340 |
if (close(epollfd_server) < 0) |
if (close(epollfd_server) < 0) |
| 341 |
{ |
{ |
| 342 |
log_error("close(epollfd_server) error (%d)\n"); |
log_error("close(epollfd_server) error (%d)"); |
| 343 |
} |
} |
| 344 |
#endif |
#endif |
| 345 |
|
|
| 347 |
{ |
{ |
| 348 |
if (close(socket_server[i]) == -1) |
if (close(socket_server[i]) == -1) |
| 349 |
{ |
{ |
| 350 |
log_error("Close server socket failed\n"); |
log_error("Close server socket failed"); |
| 351 |
} |
} |
| 352 |
} |
} |
| 353 |
|
|
| 360 |
{ |
{ |
| 361 |
if (ssh_bind_accept_fd(sshbind, SSH_session, socket_client) != SSH_OK) |
if (ssh_bind_accept_fd(sshbind, SSH_session, socket_client) != SSH_OK) |
| 362 |
{ |
{ |
| 363 |
log_error("ssh_bind_accept_fd() error: %s\n", ssh_get_error(SSH_session)); |
log_error("ssh_bind_accept_fd() error: %s", ssh_get_error(SSH_session)); |
| 364 |
goto cleanup; |
goto cleanup; |
| 365 |
} |
} |
| 366 |
|
|
| 369 |
ssh_timeout = 60; // second |
ssh_timeout = 60; // second |
| 370 |
if (ssh_options_set(SSH_session, SSH_OPTIONS_TIMEOUT, &ssh_timeout) < 0) |
if (ssh_options_set(SSH_session, SSH_OPTIONS_TIMEOUT, &ssh_timeout) < 0) |
| 371 |
{ |
{ |
| 372 |
log_error("Error setting SSH options: %s\n", ssh_get_error(SSH_session)); |
log_error("Error setting SSH options: %s", ssh_get_error(SSH_session)); |
| 373 |
goto cleanup; |
goto cleanup; |
| 374 |
} |
} |
| 375 |
|
|
| 382 |
|
|
| 383 |
if (ssh_handle_key_exchange(SSH_session)) |
if (ssh_handle_key_exchange(SSH_session)) |
| 384 |
{ |
{ |
| 385 |
log_error("ssh_handle_key_exchange() error: %s\n", ssh_get_error(SSH_session)); |
log_error("ssh_handle_key_exchange() error: %s", ssh_get_error(SSH_session)); |
| 386 |
goto cleanup; |
goto cleanup; |
| 387 |
} |
} |
| 388 |
|
|
| 394 |
ret = ssh_event_dopoll(event, 100); // 0.1 second |
ret = ssh_event_dopoll(event, 100); // 0.1 second |
| 395 |
if (ret == SSH_ERROR) |
if (ret == SSH_ERROR) |
| 396 |
{ |
{ |
| 397 |
#ifdef _DEBUG |
log_debug("ssh_event_dopoll() error: %s", ssh_get_error(SSH_session)); |
|
log_error("ssh_event_dopoll() error: %s\n", ssh_get_error(SSH_session)); |
|
|
#endif |
|
| 398 |
goto cleanup; |
goto cleanup; |
| 399 |
} |
} |
| 400 |
} |
} |
| 401 |
|
|
| 402 |
if (cb_data.error) |
if (cb_data.error) |
| 403 |
{ |
{ |
| 404 |
log_error("SSH auth error, tried %d times\n", cb_data.tries); |
log_error("SSH auth error, tried %d times", cb_data.tries); |
| 405 |
goto cleanup; |
goto cleanup; |
| 406 |
} |
} |
| 407 |
|
|
| 426 |
ssh_timeout = 0; |
ssh_timeout = 0; |
| 427 |
if (ssh_options_set(SSH_session, SSH_OPTIONS_TIMEOUT, &ssh_timeout) < 0) |
if (ssh_options_set(SSH_session, SSH_OPTIONS_TIMEOUT, &ssh_timeout) < 0) |
| 428 |
{ |
{ |
| 429 |
log_error("Error setting SSH options: %s\n", ssh_get_error(SSH_session)); |
log_error("Error setting SSH options: %s", ssh_get_error(SSH_session)); |
| 430 |
goto cleanup; |
goto cleanup; |
| 431 |
} |
} |
| 432 |
|
|
| 436 |
// Redirect Input |
// Redirect Input |
| 437 |
if (dup2(socket_client, STDIN_FILENO) == -1) |
if (dup2(socket_client, STDIN_FILENO) == -1) |
| 438 |
{ |
{ |
| 439 |
log_error("Redirect stdin to client socket failed\n"); |
log_error("Redirect stdin to client socket failed"); |
| 440 |
goto cleanup; |
goto cleanup; |
| 441 |
} |
} |
| 442 |
|
|
| 443 |
// Redirect Output |
// Redirect Output |
| 444 |
if (dup2(socket_client, STDOUT_FILENO) == -1) |
if (dup2(socket_client, STDOUT_FILENO) == -1) |
| 445 |
{ |
{ |
| 446 |
log_error("Redirect stdout to client socket failed\n"); |
log_error("Redirect stdout to client socket failed"); |
| 447 |
goto cleanup; |
goto cleanup; |
| 448 |
} |
} |
| 449 |
|
|
| 450 |
if (io_init() < 0) |
if (io_init() < 0) |
| 451 |
{ |
{ |
| 452 |
log_error("io_init() error\n"); |
log_error("io_init() error"); |
| 453 |
goto cleanup; |
goto cleanup; |
| 454 |
} |
} |
| 455 |
|
|
| 458 |
// BWF compile |
// BWF compile |
| 459 |
if (bwf_compile() < 0) |
if (bwf_compile() < 0) |
| 460 |
{ |
{ |
| 461 |
log_error("bwf_compile() error\n"); |
log_error("bwf_compile() error"); |
| 462 |
goto cleanup; |
goto cleanup; |
| 463 |
} |
} |
| 464 |
|
|
| 492 |
} |
} |
| 493 |
else if (close(socket_client) == -1) |
else if (close(socket_client) == -1) |
| 494 |
{ |
{ |
| 495 |
log_error("Close client socket failed\n"); |
log_error("Close client socket failed"); |
| 496 |
} |
} |
| 497 |
|
|
| 498 |
ssh_free(SSH_session); |
ssh_free(SSH_session); |
| 506 |
close(STDIN_FILENO); |
close(STDIN_FILENO); |
| 507 |
close(STDOUT_FILENO); |
close(STDOUT_FILENO); |
| 508 |
|
|
| 509 |
log_common("Process exit normally\n"); |
log_common("Process exit normally"); |
| 510 |
log_end(); |
log_end(); |
| 511 |
|
|
| 512 |
_exit(0); |
_exit(0); |
| 521 |
int ret; |
int ret; |
| 522 |
int flags_server[2]; |
int flags_server[2]; |
| 523 |
struct sockaddr_in sin; |
struct sockaddr_in sin; |
| 524 |
|
char local_addr[INET_ADDRSTRLEN]; |
| 525 |
|
|
| 526 |
#ifdef HAVE_SYS_EPOLL_H |
#ifdef HAVE_SYS_EPOLL_H |
| 527 |
struct epoll_event ev, events[MAX_EVENTS]; |
struct epoll_event ev, events[MAX_EVENTS]; |
| 532 |
int nfds; |
int nfds; |
| 533 |
int notify_child_exit = 0; |
int notify_child_exit = 0; |
| 534 |
time_t tm_notify_child_exit = time(NULL); |
time_t tm_notify_child_exit = time(NULL); |
|
int i, j; |
|
| 535 |
pid_t pid; |
pid_t pid; |
| 536 |
int ssh_key_valid = 0; |
int ssh_key_valid = 0; |
| 537 |
int ssh_log_level = SSH_LOG_NOLOG; |
int ssh_log_level = SSH_LOG_NOLOG; |
| 546 |
|
|
| 547 |
if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_RSA_KEY_FILE) < 0) |
if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_RSA_KEY_FILE) < 0) |
| 548 |
{ |
{ |
| 549 |
log_error("Error loading SSH RSA key: %s\n", SSH_HOST_RSA_KEY_FILE); |
log_error("Error loading SSH RSA key: %s", SSH_HOST_RSA_KEY_FILE); |
| 550 |
} |
} |
| 551 |
else |
else |
| 552 |
{ |
{ |
| 554 |
} |
} |
| 555 |
if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_ED25519_KEY_FILE) < 0) |
if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_ED25519_KEY_FILE) < 0) |
| 556 |
{ |
{ |
| 557 |
log_error("Error loading SSH ED25519 key: %s\n", SSH_HOST_ED25519_KEY_FILE); |
log_error("Error loading SSH ED25519 key: %s", SSH_HOST_ED25519_KEY_FILE); |
| 558 |
} |
} |
| 559 |
else |
else |
| 560 |
{ |
{ |
| 562 |
} |
} |
| 563 |
if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_ECDSA_KEY_FILE) < 0) |
if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_ECDSA_KEY_FILE) < 0) |
| 564 |
{ |
{ |
| 565 |
log_error("Error loading SSH ECDSA key: %s\n", SSH_HOST_ECDSA_KEY_FILE); |
log_error("Error loading SSH ECDSA key: %s", SSH_HOST_ECDSA_KEY_FILE); |
| 566 |
} |
} |
| 567 |
else |
else |
| 568 |
{ |
{ |
| 571 |
|
|
| 572 |
if (!ssh_key_valid) |
if (!ssh_key_valid) |
| 573 |
{ |
{ |
| 574 |
log_error("Error: no valid SSH host key\n"); |
log_error("Error: no valid SSH host key"); |
| 575 |
ssh_bind_free(sshbind); |
ssh_bind_free(sshbind); |
| 576 |
return -1; |
return -1; |
| 577 |
} |
} |
| 578 |
|
|
| 579 |
if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDADDR, hostaddr) < 0 || |
if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDADDR, hostaddr) < 0 || |
| 580 |
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT, &port) < 0 || |
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT, &port) < 0 || |
| 581 |
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY_ALGORITHMS, "+ssh-rsa") < 0 || |
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY_ALGORITHMS, "+ssh-ed25519,ecdsa-sha2-nistp256,ssh-rsa") < 0 || |
| 582 |
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_LOG_VERBOSITY, &ssh_log_level) < 0) |
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_LOG_VERBOSITY, &ssh_log_level) < 0) |
| 583 |
{ |
{ |
| 584 |
log_error("Error setting SSH bind options: %s\n", ssh_get_error(sshbind)); |
log_error("Error setting SSH bind options: %s", ssh_get_error(sshbind)); |
| 585 |
ssh_bind_free(sshbind); |
ssh_bind_free(sshbind); |
| 586 |
return -1; |
return -1; |
| 587 |
} |
} |
| 590 |
epollfd_server = epoll_create1(0); |
epollfd_server = epoll_create1(0); |
| 591 |
if (epollfd_server == -1) |
if (epollfd_server == -1) |
| 592 |
{ |
{ |
| 593 |
log_error("epoll_create1() error (%d)\n", errno); |
log_error("epoll_create1() error (%d)", errno); |
| 594 |
return -1; |
return -1; |
| 595 |
} |
} |
| 596 |
#endif |
#endif |
| 597 |
|
|
| 598 |
// Server socket |
// Server socket |
| 599 |
for (i = 0; i < 2; i++) |
for (int i = 0; i < 2; i++) |
| 600 |
{ |
{ |
| 601 |
socket_server[i] = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); |
socket_server[i] = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); |
| 602 |
|
|
| 603 |
if (socket_server[i] < 0) |
if (socket_server[i] < 0) |
| 604 |
{ |
{ |
| 605 |
log_error("Create socket_server error (%d)\n", errno); |
log_error("Create socket_server error (%d)", errno); |
| 606 |
return -1; |
return -1; |
| 607 |
} |
} |
| 608 |
|
|
| 610 |
sin.sin_addr.s_addr = (hostaddr[0] != '\0' ? inet_addr(hostaddr) : INADDR_ANY); |
sin.sin_addr.s_addr = (hostaddr[0] != '\0' ? inet_addr(hostaddr) : INADDR_ANY); |
| 611 |
sin.sin_port = htons(port[i]); |
sin.sin_port = htons(port[i]); |
| 612 |
|
|
| 613 |
|
if (inet_ntop(AF_INET, &(sin.sin_addr), local_addr, sizeof(local_addr)) == NULL) |
| 614 |
|
{ |
| 615 |
|
log_error("inet_ntop() error (%d)", errno); |
| 616 |
|
return -1; |
| 617 |
|
} |
| 618 |
|
|
| 619 |
// Reuse address and port |
// Reuse address and port |
| 620 |
flags_server[i] = 1; |
flags_server[i] = 1; |
| 621 |
if (setsockopt(socket_server[i], SOL_SOCKET, SO_REUSEADDR, &flags_server[i], sizeof(flags_server[i])) < 0) |
if (setsockopt(socket_server[i], SOL_SOCKET, SO_REUSEADDR, &flags_server[i], sizeof(flags_server[i])) < 0) |
| 622 |
{ |
{ |
| 623 |
log_error("setsockopt SO_REUSEADDR error (%d)\n", errno); |
log_error("setsockopt SO_REUSEADDR error (%d)", errno); |
| 624 |
} |
} |
| 625 |
#if defined(SO_REUSEPORT) |
#if defined(SO_REUSEPORT) |
| 626 |
if (setsockopt(socket_server[i], SOL_SOCKET, SO_REUSEPORT, &flags_server[i], sizeof(flags_server[i])) < 0) |
if (setsockopt(socket_server[i], SOL_SOCKET, SO_REUSEPORT, &flags_server[i], sizeof(flags_server[i])) < 0) |
| 627 |
{ |
{ |
| 628 |
log_error("setsockopt SO_REUSEPORT error (%d)\n", errno); |
log_error("setsockopt SO_REUSEPORT error (%d)", errno); |
| 629 |
} |
} |
| 630 |
#endif |
#endif |
| 631 |
|
|
| 632 |
if (bind(socket_server[i], (struct sockaddr *)&sin, sizeof(sin)) < 0) |
if (bind(socket_server[i], (struct sockaddr *)&sin, sizeof(sin)) < 0) |
| 633 |
{ |
{ |
| 634 |
log_error("Bind address %s:%u error (%d)\n", |
log_error("Bind address %s:%u error (%d)", |
| 635 |
inet_ntoa(sin.sin_addr), ntohs(sin.sin_port), errno); |
local_addr, port[i], errno); |
| 636 |
return -1; |
return -1; |
| 637 |
} |
} |
| 638 |
|
|
| 639 |
if (listen(socket_server[i], 10) < 0) |
if (listen(socket_server[i], 10) < 0) |
| 640 |
{ |
{ |
| 641 |
log_error("Telnet socket listen error (%d)\n", errno); |
log_error("Telnet socket listen error (%d)", errno); |
| 642 |
return -1; |
return -1; |
| 643 |
} |
} |
| 644 |
|
|
| 645 |
log_common("Listening at %s:%u\n", inet_ntoa(sin.sin_addr), ntohs(sin.sin_port)); |
log_common("Listening at %s:%u", local_addr, port[i]); |
| 646 |
|
|
| 647 |
#ifdef HAVE_SYS_EPOLL_H |
#ifdef HAVE_SYS_EPOLL_H |
| 648 |
ev.events = EPOLLIN; |
ev.events = EPOLLIN; |
| 649 |
ev.data.fd = socket_server[i]; |
ev.data.fd = socket_server[i]; |
| 650 |
if (epoll_ctl(epollfd_server, EPOLL_CTL_ADD, socket_server[i], &ev) == -1) |
if (epoll_ctl(epollfd_server, EPOLL_CTL_ADD, socket_server[i], &ev) == -1) |
| 651 |
{ |
{ |
| 652 |
log_error("epoll_ctl(socket_server[%d]) error (%d)\n", i, errno); |
log_error("epoll_ctl(socket_server[%d]) error (%d)", i, errno); |
| 653 |
if (close(epollfd_server) < 0) |
if (close(epollfd_server) < 0) |
| 654 |
{ |
{ |
| 655 |
log_error("close(epoll) error (%d)\n"); |
log_error("close(epoll) error (%d)"); |
| 656 |
} |
} |
| 657 |
return -1; |
return -1; |
| 658 |
} |
} |
| 667 |
hash_dict_pid_sockaddr = hash_dict_create(MAX_CLIENT_LIMIT); |
hash_dict_pid_sockaddr = hash_dict_create(MAX_CLIENT_LIMIT); |
| 668 |
if (hash_dict_pid_sockaddr == NULL) |
if (hash_dict_pid_sockaddr == NULL) |
| 669 |
{ |
{ |
| 670 |
log_error("hash_dict_create(hash_dict_pid_sockaddr) error\n"); |
log_error("hash_dict_create(hash_dict_pid_sockaddr) error"); |
| 671 |
return -1; |
return -1; |
| 672 |
} |
} |
| 673 |
hash_dict_sockaddr_count = hash_dict_create(MAX_CLIENT_LIMIT); |
hash_dict_sockaddr_count = hash_dict_create(MAX_CLIENT_LIMIT); |
| 674 |
if (hash_dict_sockaddr_count == NULL) |
if (hash_dict_sockaddr_count == NULL) |
| 675 |
{ |
{ |
| 676 |
log_error("hash_dict_create(hash_dict_sockaddr_count) error\n"); |
log_error("hash_dict_create(hash_dict_sockaddr_count) error"); |
| 677 |
return -1; |
return -1; |
| 678 |
} |
} |
| 679 |
|
|
| 707 |
|
|
| 708 |
if (WIFEXITED(ret)) |
if (WIFEXITED(ret)) |
| 709 |
{ |
{ |
| 710 |
log_common("Child process (%d) exited, status=%d\n", pid, WEXITSTATUS(ret)); |
log_common("Child process (%d) exited, status=%d", pid, WEXITSTATUS(ret)); |
| 711 |
} |
} |
| 712 |
else if (WIFSIGNALED(ret)) |
else if (WIFSIGNALED(ret)) |
| 713 |
{ |
{ |
| 714 |
log_common("Child process (%d) is killed, status=%d\n", pid, WTERMSIG(ret)); |
log_common("Child process (%d) is killed, status=%d", pid, WTERMSIG(ret)); |
| 715 |
} |
} |
| 716 |
else |
else |
| 717 |
{ |
{ |
| 718 |
log_common("Child process (%d) exited abnormally, status=%d\n", pid, ret); |
log_common("Child process (%d) exited abnormally, status=%d", pid, ret); |
| 719 |
} |
} |
| 720 |
|
|
| 721 |
if (pid != section_list_loader_pid) |
if (pid != section_list_loader_pid) |
| 722 |
{ |
{ |
| 723 |
j = 0; |
int64_t j = 0; |
| 724 |
ret = hash_dict_get(hash_dict_pid_sockaddr, (uint64_t)pid, (int64_t *)&j); |
ret = hash_dict_get(hash_dict_pid_sockaddr, (uint64_t)pid, &j); |
| 725 |
if (ret < 0) |
if (ret < 0) |
| 726 |
{ |
{ |
| 727 |
log_error("hash_dict_get(hash_dict_pid_sockaddr, %d) error\n", pid); |
log_error("hash_dict_get(hash_dict_pid_sockaddr, %d) error", pid); |
| 728 |
} |
} |
| 729 |
else |
else |
| 730 |
{ |
{ |
| 731 |
ret = hash_dict_inc(hash_dict_sockaddr_count, (in_addr_t)j, -1); |
ret = hash_dict_inc(hash_dict_sockaddr_count, (in_addr_t)j, -1); |
| 732 |
if (ret <= 0) |
if (ret <= 0) |
| 733 |
{ |
{ |
| 734 |
log_error("hash_dict_inc(hash_dict_sockaddr_count, %d, -1) error: %d\n", (in_addr_t)j, ret); |
log_error("hash_dict_inc(hash_dict_sockaddr_count, %lu, -1) error: %d", (in_addr_t)j, ret); |
| 735 |
} |
} |
| 736 |
|
|
| 737 |
ret = hash_dict_del(hash_dict_pid_sockaddr, (uint64_t)pid); |
ret = hash_dict_del(hash_dict_pid_sockaddr, (uint64_t)pid); |
| 738 |
if (ret < 0) |
if (ret < 0) |
| 739 |
{ |
{ |
| 740 |
log_error("hash_dict_del(hash_dict_pid_sockaddr, %d) error\n", pid); |
log_error("hash_dict_del(hash_dict_pid_sockaddr, %lu) error", (uint64_t)pid); |
| 741 |
} |
} |
| 742 |
} |
} |
| 743 |
} |
} |
| 748 |
} |
} |
| 749 |
else if (pid < 0) |
else if (pid < 0) |
| 750 |
{ |
{ |
| 751 |
log_error("Error in waitpid(): %d\n", errno); |
log_error("Error in waitpid(): %d", errno); |
| 752 |
break; |
break; |
| 753 |
} |
} |
| 754 |
} |
} |
| 759 |
{ |
{ |
| 760 |
#ifdef HAVE_SYSTEMD_SD_DAEMON_H |
#ifdef HAVE_SYSTEMD_SD_DAEMON_H |
| 761 |
sd_notifyf(0, "STATUS=Notify %d child process to exit", SYS_child_process_count); |
sd_notifyf(0, "STATUS=Notify %d child process to exit", SYS_child_process_count); |
| 762 |
log_common("Notify %d child process to exit\n", SYS_child_process_count); |
log_common("Notify %d child process to exit", SYS_child_process_count); |
| 763 |
#endif |
#endif |
| 764 |
|
|
| 765 |
if (kill(0, SIGTERM) < 0) |
if (kill(0, SIGTERM) < 0) |
| 766 |
{ |
{ |
| 767 |
log_error("Send SIGTERM signal failed (%d)\n", errno); |
log_error("Send SIGTERM signal failed (%d)", errno); |
| 768 |
} |
} |
| 769 |
|
|
| 770 |
notify_child_exit = 1; |
notify_child_exit = 1; |
| 778 |
|
|
| 779 |
if (kill(0, SIGKILL) < 0) |
if (kill(0, SIGKILL) < 0) |
| 780 |
{ |
{ |
| 781 |
log_error("Send SIGKILL signal failed (%d)\n", errno); |
log_error("Send SIGKILL signal failed (%d)", errno); |
| 782 |
} |
} |
| 783 |
|
|
| 784 |
notify_child_exit = 2; |
notify_child_exit = 2; |
| 786 |
} |
} |
| 787 |
else if (notify_child_exit == 2 && time(NULL) - tm_notify_child_exit >= WAIT_CHILD_PROCESS_KILL_TIMEOUT) |
else if (notify_child_exit == 2 && time(NULL) - tm_notify_child_exit >= WAIT_CHILD_PROCESS_KILL_TIMEOUT) |
| 788 |
{ |
{ |
| 789 |
log_error("Main process prepare to exit without waiting for %d child process any longer\n", SYS_child_process_count); |
log_error("Main process prepare to exit without waiting for %d child process any longer", SYS_child_process_count); |
| 790 |
SYS_child_process_count = 0; |
SYS_child_process_count = 0; |
| 791 |
} |
} |
| 792 |
} |
} |
| 799 |
sd_notify(0, "RELOADING=1"); |
sd_notify(0, "RELOADING=1"); |
| 800 |
#endif |
#endif |
| 801 |
|
|
| 802 |
|
log_common("Reload configuration"); |
| 803 |
|
|
| 804 |
// Restart log |
// Restart log |
| 805 |
if (log_restart() < 0) |
if (log_restart() < 0) |
| 806 |
{ |
{ |
| 807 |
log_error("Restart logging failed\n"); |
log_error("Restart logging failed"); |
| 808 |
} |
} |
| 809 |
|
|
| 810 |
// Reload configuration |
// Reload configuration |
| 811 |
if (load_conf(CONF_BBSD) < 0) |
if (load_conf(CONF_BBSD) < 0) |
| 812 |
{ |
{ |
| 813 |
log_error("Reload conf failed\n"); |
log_error("Reload conf failed"); |
| 814 |
} |
} |
| 815 |
|
|
| 816 |
// Reload BWF config |
// Reload BWF config |
| 817 |
if (bwf_load(CONF_BWF) < 0) |
if (bwf_load(CONF_BWF) < 0) |
| 818 |
{ |
{ |
| 819 |
log_error("Reload BWF conf failed\n"); |
log_error("Reload BWF conf failed"); |
| 820 |
} |
} |
| 821 |
|
|
| 822 |
// Get EULA modification tm |
// Get EULA modification tm |
| 823 |
if (stat(DATA_EULA, &file_stat) == -1) |
if (stat(DATA_EULA, &file_stat) == -1) |
| 824 |
{ |
{ |
| 825 |
log_error("stat(%s) error\n", DATA_EULA, errno); |
log_error("stat(%s) error", DATA_EULA, errno); |
| 826 |
} |
} |
| 827 |
else |
else |
| 828 |
{ |
{ |
| 831 |
|
|
| 832 |
if (detach_menu_shm(&bbs_menu) < 0) |
if (detach_menu_shm(&bbs_menu) < 0) |
| 833 |
{ |
{ |
| 834 |
log_error("detach_menu_shm(bbs_menu) error\n"); |
log_error("detach_menu_shm(bbs_menu) error"); |
| 835 |
} |
} |
| 836 |
if (load_menu(&bbs_menu, CONF_MENU) < 0) |
if (load_menu(&bbs_menu, CONF_MENU) < 0) |
| 837 |
{ |
{ |
| 838 |
log_error("load_menu(bbs_menu) error\n"); |
log_error("load_menu(bbs_menu) error"); |
| 839 |
unload_menu(&bbs_menu); |
unload_menu(&bbs_menu); |
| 840 |
} |
} |
| 841 |
|
|
| 842 |
if (detach_menu_shm(&top10_menu) < 0) |
if (detach_menu_shm(&top10_menu) < 0) |
| 843 |
{ |
{ |
| 844 |
log_error("detach_menu_shm(top10_menu) error\n"); |
log_error("detach_menu_shm(top10_menu) error"); |
| 845 |
} |
} |
| 846 |
if (load_menu(&top10_menu, CONF_TOP10_MENU) < 0) |
if (load_menu(&top10_menu, CONF_TOP10_MENU) < 0) |
| 847 |
{ |
{ |
| 848 |
log_error("load_menu(top10_menu) error\n"); |
log_error("load_menu(top10_menu) error"); |
| 849 |
unload_menu(&top10_menu); |
unload_menu(&top10_menu); |
| 850 |
} |
} |
| 851 |
top10_menu.allow_exit = 1; |
top10_menu.allow_exit = 1; |
| 854 |
{ |
{ |
| 855 |
if (load_file(data_files_load_startup[i]) < 0) |
if (load_file(data_files_load_startup[i]) < 0) |
| 856 |
{ |
{ |
| 857 |
log_error("load_file(%s) error\n", data_files_load_startup[i]); |
log_error("load_file(%s) error", data_files_load_startup[i]); |
| 858 |
} |
} |
| 859 |
} |
} |
| 860 |
|
|
| 861 |
// Load section config and gen_ex |
// Load section config and gen_ex |
| 862 |
if (load_section_config_from_db(1) < 0) |
if (load_section_config_from_db(1) < 0) |
| 863 |
{ |
{ |
| 864 |
log_error("load_section_config_from_db(1) error\n"); |
log_error("load_section_config_from_db(1) error"); |
| 865 |
} |
} |
| 866 |
|
|
| 867 |
// Notify child processes to reload configuration |
// Notify child processes to reload configuration |
| 868 |
if (kill(0, SIGUSR1) < 0) |
if (kill(0, SIGUSR1) < 0) |
| 869 |
{ |
{ |
| 870 |
log_error("Send SIGUSR1 signal failed (%d)\n", errno); |
log_error("Send SIGUSR1 signal failed (%d)", errno); |
| 871 |
} |
} |
| 872 |
|
|
| 873 |
#ifdef HAVE_SYSTEMD_SD_DAEMON_H |
#ifdef HAVE_SYSTEMD_SD_DAEMON_H |
| 891 |
if (errno != EINTR) |
if (errno != EINTR) |
| 892 |
{ |
{ |
| 893 |
#ifdef HAVE_SYS_EPOLL_H |
#ifdef HAVE_SYS_EPOLL_H |
| 894 |
log_error("epoll_wait() error (%d)\n", errno); |
log_error("epoll_wait() error (%d)", errno); |
| 895 |
#else |
#else |
| 896 |
log_error("poll() error (%d)\n", errno); |
log_error("poll() error (%d)", errno); |
| 897 |
#endif |
#endif |
| 898 |
break; |
break; |
| 899 |
} |
} |
| 936 |
} |
} |
| 937 |
else |
else |
| 938 |
{ |
{ |
| 939 |
log_error("accept(socket_server) error (%d)\n", errno); |
log_error("accept(socket_server) error (%d)", errno); |
| 940 |
break; |
break; |
| 941 |
} |
} |
| 942 |
} |
} |
| 943 |
|
|
| 944 |
strncpy(hostaddr_client, inet_ntoa(sin.sin_addr), sizeof(hostaddr_client) - 1); |
if (inet_ntop(AF_INET, &(sin.sin_addr), hostaddr_client, sizeof(hostaddr_client)) == NULL) |
| 945 |
hostaddr_client[sizeof(hostaddr_client) - 1] = '\0'; |
{ |
| 946 |
|
log_error("inet_ntop() error (%d)", errno); |
| 947 |
|
close(socket_client); |
| 948 |
|
break; |
| 949 |
|
} |
| 950 |
port_client = ntohs(sin.sin_port); |
port_client = ntohs(sin.sin_port); |
| 951 |
|
|
| 952 |
if (SYS_child_process_count - 1 < BBS_max_client) |
if (SYS_child_process_count - 1 < BBS_max_client) |
| 953 |
{ |
{ |
| 954 |
j = 0; |
int64_t j = 0; |
| 955 |
ret = hash_dict_get(hash_dict_sockaddr_count, (uint64_t)sin.sin_addr.s_addr, (int64_t *)&j); |
ret = hash_dict_get(hash_dict_sockaddr_count, sin.sin_addr.s_addr, &j); |
| 956 |
if (ret < 0) |
if (ret < 0) |
| 957 |
{ |
{ |
| 958 |
log_error("hash_dict_get(hash_dict_sockaddr_count, %s) error\n", hostaddr_client); |
log_error("hash_dict_get(hash_dict_sockaddr_count, %s) error", hostaddr_client); |
| 959 |
} |
} |
| 960 |
|
|
| 961 |
if (j < BBS_max_client_per_ip) |
if (j < BBS_max_client_per_ip) |
| 962 |
{ |
{ |
| 963 |
if ((pid = fork_server()) < 0) |
if ((pid = fork_server()) < 0) |
| 964 |
{ |
{ |
| 965 |
log_error("fork_server() error\n"); |
log_error("fork_server() error"); |
| 966 |
} |
} |
| 967 |
else if (pid > 0) |
else if (pid > 0) |
| 968 |
{ |
{ |
| 969 |
ret = hash_dict_set(hash_dict_pid_sockaddr, (uint64_t)pid, sin.sin_addr.s_addr); |
ret = hash_dict_set(hash_dict_pid_sockaddr, (uint64_t)pid, sin.sin_addr.s_addr); |
| 970 |
if (ret < 0) |
if (ret < 0) |
| 971 |
{ |
{ |
| 972 |
log_error("hash_dict_set(hash_dict_pid_sockaddr, %d, %s) error\n", pid, hostaddr_client); |
log_error("hash_dict_set(hash_dict_pid_sockaddr, %lu, %s) error", (uint64_t)pid, hostaddr_client); |
| 973 |
} |
} |
| 974 |
|
|
| 975 |
if (j == 0) |
if (j == 0) |
| 976 |
{ |
{ |
| 977 |
// First connection from this IP |
// First connection from this IP |
| 978 |
log_common("Accept %s connection from %s:%d\n", |
log_common("Accept %s connection from %s:%d", |
| 979 |
(SSH_v2 ? "SSH" : "telnet"), hostaddr_client, port_client); |
(SSH_v2 ? "SSH" : "telnet"), hostaddr_client, port_client); |
| 980 |
|
|
| 981 |
ret = hash_dict_set(hash_dict_sockaddr_count, (uint64_t)sin.sin_addr.s_addr, 1); |
ret = hash_dict_set(hash_dict_sockaddr_count, (uint64_t)sin.sin_addr.s_addr, 1); |
| 982 |
if (ret < 0) |
if (ret < 0) |
| 983 |
{ |
{ |
| 984 |
log_error("hash_dict_set(hash_dict_sockaddr_count, %s, 1) error\n", hostaddr_client); |
log_error("hash_dict_set(hash_dict_sockaddr_count, %s, 1) error", hostaddr_client); |
| 985 |
} |
} |
| 986 |
} |
} |
| 987 |
else |
else |
| 988 |
{ |
{ |
| 989 |
// Increase connection count from this IP |
// Increase connection count from this IP |
| 990 |
log_common("Accept %s connection from %s:%d, already have %d connections\n", |
log_common("Accept %s connection from %s:%d, already have %d connections", |
| 991 |
(SSH_v2 ? "SSH" : "telnet"), hostaddr_client, port_client, j); |
(SSH_v2 ? "SSH" : "telnet"), hostaddr_client, port_client, j); |
| 992 |
|
|
| 993 |
ret = hash_dict_inc(hash_dict_sockaddr_count, (uint64_t)sin.sin_addr.s_addr, 1); |
ret = hash_dict_inc(hash_dict_sockaddr_count, (uint64_t)sin.sin_addr.s_addr, 1); |
| 994 |
if (ret <= 0) |
if (ret <= 0) |
| 995 |
{ |
{ |
| 996 |
log_error("hash_dict_inc(hash_dict_sockaddr_count, %s, 1) error: %d\n", hostaddr_client, ret); |
log_error("hash_dict_inc(hash_dict_sockaddr_count, %s, 1) error: %d", hostaddr_client, ret); |
| 997 |
} |
} |
| 998 |
} |
} |
| 999 |
} |
} |
| 1000 |
} |
} |
| 1001 |
else |
else |
| 1002 |
{ |
{ |
| 1003 |
log_error("Rejected %s connection from %s:%d over limit per IP (%d >= %d)\n", |
log_error("Rejected %s connection from %s:%d over limit per IP (%d >= %d)", |
| 1004 |
(SSH_v2 ? "SSH" : "telnet"), hostaddr_client, port_client, j, BBS_max_client_per_ip); |
(SSH_v2 ? "SSH" : "telnet"), hostaddr_client, port_client, j, BBS_max_client_per_ip); |
| 1005 |
} |
} |
| 1006 |
} |
} |
| 1007 |
else |
else |
| 1008 |
{ |
{ |
| 1009 |
log_error("Rejected %s connection from %s:%d over limit (%d >= %d)\n", |
log_error("Rejected %s connection from %s:%d over limit (%d >= %d)", |
| 1010 |
(SSH_v2 ? "SSH" : "telnet"), hostaddr_client, port_client, SYS_child_process_count - 1, BBS_max_client); |
(SSH_v2 ? "SSH" : "telnet"), hostaddr_client, port_client, SYS_child_process_count - 1, BBS_max_client); |
| 1011 |
} |
} |
| 1012 |
|
|
| 1013 |
if (close(socket_client) == -1) |
if (close(socket_client) == -1) |
| 1014 |
{ |
{ |
| 1015 |
log_error("close(socket_lient) error (%d)\n", errno); |
log_error("close(socket_lient) error (%d)", errno); |
| 1016 |
} |
} |
| 1017 |
} |
} |
| 1018 |
} |
} |
| 1022 |
#ifdef HAVE_SYS_EPOLL_H |
#ifdef HAVE_SYS_EPOLL_H |
| 1023 |
if (close(epollfd_server) < 0) |
if (close(epollfd_server) < 0) |
| 1024 |
{ |
{ |
| 1025 |
log_error("close(epollfd_server) error (%d)\n"); |
log_error("close(epollfd_server) error (%d)"); |
| 1026 |
} |
} |
| 1027 |
#endif |
#endif |
| 1028 |
|
|
| 1029 |
for (i = 0; i < 2; i++) |
for (int i = 0; i < 2; i++) |
| 1030 |
{ |
{ |
| 1031 |
if (close(socket_server[i]) == -1) |
if (close(socket_server[i]) == -1) |
| 1032 |
{ |
{ |
| 1033 |
log_error("Close server socket failed\n"); |
log_error("Close server socket failed"); |
| 1034 |
} |
} |
| 1035 |
} |
} |
| 1036 |
|
|
Parent Directory
| 
Revision Log
| 
Patch