| 1 |
/*************************************************************************** |
/* SPDX-License-Identifier: GPL-3.0-or-later */ |
| 2 |
net_server.c - description |
/* |
| 3 |
------------------- |
* net_server |
| 4 |
Copyright : (C) 2004-2025 by Leaflet |
* - network server with SSH support |
| 5 |
Email : leaflet@leafok.com |
* |
| 6 |
***************************************************************************/ |
* Copyright (C) 2004-2025 Leaflet <leaflet@leafok.com> |
| 7 |
|
*/ |
| 8 |
/*************************************************************************** |
|
| 9 |
* * |
#ifdef HAVE_CONFIG_H |
| 10 |
* This program is free software; you can redistribute it and/or modify * |
#include "config.h" |
| 11 |
* it under the terms of the GNU General Public License as published by * |
#endif |
|
* the Free Software Foundation; either version 3 of the License, or * |
|
|
* (at your option) any later version. * |
|
|
* * |
|
|
***************************************************************************/ |
|
| 12 |
|
|
| 13 |
#include "bbs.h" |
#include "bbs.h" |
| 14 |
#include "bbs_main.h" |
#include "bbs_main.h" |
| 15 |
|
#include "bwf.h" |
| 16 |
#include "common.h" |
#include "common.h" |
| 17 |
#include "database.h" |
#include "database.h" |
| 18 |
#include "file_loader.h" |
#include "file_loader.h" |
| 19 |
|
#include "hash_dict.h" |
| 20 |
#include "io.h" |
#include "io.h" |
| 21 |
#include "init.h" |
#include "init.h" |
| 22 |
#include "log.h" |
#include "log.h" |
| 45 |
#include <sys/wait.h> |
#include <sys/wait.h> |
| 46 |
#include <systemd/sd-daemon.h> |
#include <systemd/sd-daemon.h> |
| 47 |
|
|
| 48 |
#define WAIT_CHILD_PROCESS_EXIT_TIMEOUT 5 // second |
enum _net_server_constant_t |
|
#define WAIT_CHILD_PROCESS_KILL_TIMEOUT 1 // second |
|
|
|
|
|
struct process_sockaddr_t |
|
| 49 |
{ |
{ |
| 50 |
pid_t pid; |
WAIT_CHILD_PROCESS_EXIT_TIMEOUT = 5, // second |
| 51 |
in_addr_t s_addr; |
WAIT_CHILD_PROCESS_KILL_TIMEOUT = 1, // second |
|
}; |
|
|
typedef struct process_sockaddr_t PROCESS_SOCKADDR; |
|
| 52 |
|
|
| 53 |
static PROCESS_SOCKADDR process_sockaddr_pool[MAX_CLIENT_LIMIT]; |
SSH_AUTH_MAX_DURATION = 60 * 1000, // milliseconds |
| 54 |
|
}; |
|
#define SSH_AUTH_MAX_DURATION (60 * 1000) // milliseconds |
|
| 55 |
|
|
| 56 |
#define SFTP_SERVER_PATH "/usr/lib/sftp-server" |
static const char SFTP_SERVER_PATH[] = "/usr/lib/sftp-server"; |
| 57 |
|
|
| 58 |
/* A userdata struct for session. */ |
/* A userdata struct for session. */ |
| 59 |
struct session_data_struct |
struct session_data_struct |
| 325 |
|
|
| 326 |
ssh_bind_free(sshbind); |
ssh_bind_free(sshbind); |
| 327 |
|
|
|
ssh_callbacks_init(&channel_cb); |
|
|
ssh_callbacks_init(&server_cb); |
|
|
|
|
|
ssh_set_server_callbacks(SSH_session, &server_cb); |
|
|
|
|
| 328 |
ssh_timeout = 60; // second |
ssh_timeout = 60; // second |
| 329 |
if (ssh_options_set(SSH_session, SSH_OPTIONS_TIMEOUT, &ssh_timeout) < 0) |
if (ssh_options_set(SSH_session, SSH_OPTIONS_TIMEOUT, &ssh_timeout) < 0) |
| 330 |
{ |
{ |
| 332 |
goto cleanup; |
goto cleanup; |
| 333 |
} |
} |
| 334 |
|
|
| 335 |
|
ssh_set_auth_methods(SSH_session, SSH_AUTH_METHOD_PASSWORD); |
| 336 |
|
|
| 337 |
|
ssh_callbacks_init(&server_cb); |
| 338 |
|
ssh_callbacks_init(&channel_cb); |
| 339 |
|
|
| 340 |
|
ssh_set_server_callbacks(SSH_session, &server_cb); |
| 341 |
|
|
| 342 |
if (ssh_handle_key_exchange(SSH_session)) |
if (ssh_handle_key_exchange(SSH_session)) |
| 343 |
{ |
{ |
| 344 |
log_error("ssh_handle_key_exchange() error: %s\n", ssh_get_error(SSH_session)); |
log_error("ssh_handle_key_exchange() error: %s\n", ssh_get_error(SSH_session)); |
| 345 |
goto cleanup; |
goto cleanup; |
| 346 |
} |
} |
|
ssh_set_auth_methods(SSH_session, SSH_AUTH_METHOD_PASSWORD); |
|
| 347 |
|
|
| 348 |
event = ssh_event_new(); |
event = ssh_event_new(); |
| 349 |
ssh_event_add_session(event, SSH_session); |
ssh_event_add_session(event, SSH_session); |
| 368 |
|
|
| 369 |
ssh_set_channel_callbacks(SSH_channel, &channel_cb); |
ssh_set_channel_callbacks(SSH_channel, &channel_cb); |
| 370 |
|
|
| 371 |
|
do |
| 372 |
|
{ |
| 373 |
|
ret = ssh_event_dopoll(event, 100); // 0.1 second |
| 374 |
|
if (ret == SSH_ERROR) |
| 375 |
|
{ |
| 376 |
|
ssh_channel_close(SSH_channel); |
| 377 |
|
} |
| 378 |
|
|
| 379 |
|
if (ret == SSH_AGAIN) // loop until SSH connection is fully established |
| 380 |
|
{ |
| 381 |
|
/* Executed only once, once the child process starts. */ |
| 382 |
|
cdata.event = event; |
| 383 |
|
break; |
| 384 |
|
} |
| 385 |
|
} while (ssh_channel_is_open(SSH_channel)); |
| 386 |
|
|
| 387 |
ssh_timeout = 0; |
ssh_timeout = 0; |
| 388 |
if (ssh_options_set(SSH_session, SSH_OPTIONS_TIMEOUT, &ssh_timeout) < 0) |
if (ssh_options_set(SSH_session, SSH_OPTIONS_TIMEOUT, &ssh_timeout) < 0) |
| 389 |
{ |
{ |
| 393 |
} |
} |
| 394 |
|
|
| 395 |
// Redirect Input |
// Redirect Input |
|
close(STDIN_FILENO); |
|
| 396 |
if (dup2(socket_client, STDIN_FILENO) == -1) |
if (dup2(socket_client, STDIN_FILENO) == -1) |
| 397 |
{ |
{ |
| 398 |
log_error("Redirect stdin to client socket failed\n"); |
log_error("Redirect stdin to client socket failed\n"); |
| 400 |
} |
} |
| 401 |
|
|
| 402 |
// Redirect Output |
// Redirect Output |
|
close(STDOUT_FILENO); |
|
| 403 |
if (dup2(socket_client, STDOUT_FILENO) == -1) |
if (dup2(socket_client, STDOUT_FILENO) == -1) |
| 404 |
{ |
{ |
| 405 |
log_error("Redirect stdout to client socket failed\n"); |
log_error("Redirect stdout to client socket failed\n"); |
| 446 |
|
|
| 447 |
int net_server(const char *hostaddr, in_port_t port[]) |
int net_server(const char *hostaddr, in_port_t port[]) |
| 448 |
{ |
{ |
| 449 |
|
HASH_DICT *hash_dict_pid_sockaddr = NULL; |
| 450 |
|
HASH_DICT *hash_dict_sockaddr_count = NULL; |
| 451 |
|
|
| 452 |
unsigned int addrlen; |
unsigned int addrlen; |
| 453 |
int ret; |
int ret; |
| 454 |
int flags[2]; |
int flags[2]; |
| 544 |
fcntl(socket_server[i], F_SETFL, flags[i] | O_NONBLOCK); |
fcntl(socket_server[i], F_SETFL, flags[i] | O_NONBLOCK); |
| 545 |
} |
} |
| 546 |
|
|
| 547 |
|
hash_dict_pid_sockaddr = hash_dict_create(MAX_CLIENT_LIMIT); |
| 548 |
|
if (hash_dict_pid_sockaddr == NULL) |
| 549 |
|
{ |
| 550 |
|
log_error("hash_dict_create(hash_dict_pid_sockaddr) error\n"); |
| 551 |
|
return -1; |
| 552 |
|
} |
| 553 |
|
hash_dict_sockaddr_count = hash_dict_create(MAX_CLIENT_LIMIT); |
| 554 |
|
if (hash_dict_sockaddr_count == NULL) |
| 555 |
|
{ |
| 556 |
|
log_error("hash_dict_create(hash_dict_sockaddr_count) error\n"); |
| 557 |
|
return -1; |
| 558 |
|
} |
| 559 |
|
|
| 560 |
// Startup complete |
// Startup complete |
| 561 |
sd_notifyf(0, "READY=1\n" |
sd_notifyf(0, "READY=1\n" |
| 562 |
"STATUS=Listening at %s:%d (Telnet) and %s:%d (SSH2)\n" |
"STATUS=Listening at %s:%d (Telnet) and %s:%d (SSH2)\n" |
| 586 |
|
|
| 587 |
if (siginfo.si_pid != section_list_loader_pid) |
if (siginfo.si_pid != section_list_loader_pid) |
| 588 |
{ |
{ |
| 589 |
i = 0; |
j = 0; |
| 590 |
for (; i < BBS_max_client; i++) |
ret = hash_dict_get(hash_dict_pid_sockaddr, (uint64_t)siginfo.si_pid, (int64_t *)&j); |
| 591 |
|
if (ret < 0) |
| 592 |
{ |
{ |
| 593 |
if (process_sockaddr_pool[i].pid == siginfo.si_pid) |
log_error("hash_dict_get(hash_dict_pid_sockaddr, %d) error\n", siginfo.si_pid); |
|
{ |
|
|
process_sockaddr_pool[i].pid = 0; |
|
|
break; |
|
|
} |
|
| 594 |
} |
} |
| 595 |
if (i >= BBS_max_client) |
else |
| 596 |
{ |
{ |
| 597 |
log_error("Child process (%d) not found in process sockaddr pool\n", siginfo.si_pid); |
sin.sin_addr.s_addr = (uint32_t)j; |
| 598 |
|
j = 0; |
| 599 |
|
ret = hash_dict_get(hash_dict_sockaddr_count, sin.sin_addr.s_addr, (int64_t *)&j); |
| 600 |
|
if (ret < 0) |
| 601 |
|
{ |
| 602 |
|
log_error("hash_dict_get(hash_dict_sockaddr_count, %d) error\n", sin.sin_addr.s_addr); |
| 603 |
|
} |
| 604 |
|
else if (ret == 0) |
| 605 |
|
{ |
| 606 |
|
log_error("hash_dict_get(hash_dict_sockaddr_count, %d) not found\n", sin.sin_addr.s_addr); |
| 607 |
|
j = 1; |
| 608 |
|
} |
| 609 |
|
|
| 610 |
|
j--; |
| 611 |
|
ret = hash_dict_set(hash_dict_sockaddr_count, sin.sin_addr.s_addr, j); |
| 612 |
|
if (ret < 0) |
| 613 |
|
{ |
| 614 |
|
log_error("hash_dict_set(hash_dict_sockaddr_count, %d, %d) error\n", sin.sin_addr.s_addr, j); |
| 615 |
|
} |
| 616 |
|
|
| 617 |
|
ret = hash_dict_del(hash_dict_pid_sockaddr, (uint64_t)siginfo.si_pid); |
| 618 |
|
if (ret < 0) |
| 619 |
|
{ |
| 620 |
|
log_error("hash_dict_del(hash_dict_pid_sockaddr, %d) error\n", siginfo.si_pid); |
| 621 |
|
} |
| 622 |
} |
} |
| 623 |
} |
} |
| 624 |
} |
} |
| 640 |
sd_notifyf(0, "STATUS=Notify %d child process to exit", SYS_child_process_count); |
sd_notifyf(0, "STATUS=Notify %d child process to exit", SYS_child_process_count); |
| 641 |
log_common("Notify %d child process to exit\n", SYS_child_process_count); |
log_common("Notify %d child process to exit\n", SYS_child_process_count); |
| 642 |
|
|
| 643 |
if (kill(0, SIGTERM) < 0) |
if (kill(-getpid(), SIGTERM) < 0) |
| 644 |
{ |
{ |
| 645 |
log_error("Send SIGTERM signal failed (%d)\n", errno); |
log_error("Send SIGTERM signal failed (%d)\n", errno); |
| 646 |
} |
} |
| 652 |
{ |
{ |
| 653 |
sd_notifyf(0, "STATUS=Kill %d child process", SYS_child_process_count); |
sd_notifyf(0, "STATUS=Kill %d child process", SYS_child_process_count); |
| 654 |
|
|
| 655 |
for (i = 0; i < BBS_max_client; i++) |
if (kill(-getpid(), SIGKILL) < 0) |
| 656 |
{ |
{ |
| 657 |
if (process_sockaddr_pool[i].pid != 0) |
log_error("Send SIGKILL signal failed (%d)\n", errno); |
|
{ |
|
|
log_error("Kill child process (pid=%d)\n", process_sockaddr_pool[i].pid); |
|
|
if (kill(process_sockaddr_pool[i].pid, SIGKILL) < 0) |
|
|
{ |
|
|
log_error("Send SIGKILL signal failed (%d)\n", errno); |
|
|
} |
|
|
} |
|
| 658 |
} |
} |
| 659 |
|
|
| 660 |
notify_child_exit = 2; |
notify_child_exit = 2; |
| 678 |
log_error("Reload conf failed\n"); |
log_error("Reload conf failed\n"); |
| 679 |
} |
} |
| 680 |
|
|
| 681 |
|
// Reload BWF config |
| 682 |
|
if (bwf_load(CONF_BWF) < 0) |
| 683 |
|
{ |
| 684 |
|
log_error("Reload BWF conf failed\n"); |
| 685 |
|
} |
| 686 |
|
|
| 687 |
if (load_menu(&bbs_menu_new, CONF_MENU) < 0) |
if (load_menu(&bbs_menu_new, CONF_MENU) < 0) |
| 688 |
{ |
{ |
| 689 |
unload_menu(&bbs_menu_new); |
unload_menu(&bbs_menu_new); |
| 713 |
{ |
{ |
| 714 |
if (load_file(data_files_load_startup[i]) < 0) |
if (load_file(data_files_load_startup[i]) < 0) |
| 715 |
{ |
{ |
| 716 |
log_error("load_file_mmap(%s) error\n", data_files_load_startup[i]); |
log_error("load_file(%s) error\n", data_files_load_startup[i]); |
| 717 |
} |
} |
| 718 |
} |
} |
| 719 |
log_common("Reload data files successfully\n"); |
log_common("Reload data files successfully\n"); |
| 786 |
if (SYS_child_process_count - 1 < BBS_max_client) |
if (SYS_child_process_count - 1 < BBS_max_client) |
| 787 |
{ |
{ |
| 788 |
j = 0; |
j = 0; |
| 789 |
for (i = 0; i < BBS_max_client; i++) |
ret = hash_dict_get(hash_dict_sockaddr_count, (uint64_t)sin.sin_addr.s_addr, (int64_t *)&j); |
| 790 |
|
if (ret < 0) |
| 791 |
{ |
{ |
| 792 |
if (process_sockaddr_pool[i].pid != 0 && process_sockaddr_pool[i].s_addr == sin.sin_addr.s_addr) |
log_error("hash_dict_get(hash_dict_sockaddr_count, %s) error\n", hostaddr_client); |
|
{ |
|
|
j++; |
|
|
if (j >= BBS_max_client_per_ip) |
|
|
{ |
|
|
log_common("Too many client connections (%d) from %s\n", j, hostaddr_client); |
|
|
break; |
|
|
} |
|
|
} |
|
| 793 |
} |
} |
| 794 |
|
|
| 795 |
if (j < BBS_max_client_per_ip) |
if (j < BBS_max_client_per_ip) |
| 800 |
} |
} |
| 801 |
else if (pid > 0) |
else if (pid > 0) |
| 802 |
{ |
{ |
| 803 |
i = 0; |
ret = hash_dict_set(hash_dict_pid_sockaddr, (uint64_t)pid, sin.sin_addr.s_addr); |
| 804 |
for (; i < BBS_max_client; i++) |
if (ret < 0) |
| 805 |
{ |
{ |
| 806 |
if (process_sockaddr_pool[i].pid == 0) |
log_error("hash_dict_set(hash_dict_pid_sockaddr, %d, %s) error\n", pid, hostaddr_client); |
|
{ |
|
|
break; |
|
|
} |
|
| 807 |
} |
} |
| 808 |
|
|
| 809 |
if (i >= BBS_max_client) |
ret = hash_dict_set(hash_dict_sockaddr_count, (uint64_t)sin.sin_addr.s_addr, j + 1); |
| 810 |
{ |
if (ret < 0) |
|
log_error("Process sockaddr pool depleted\n"); |
|
|
} |
|
|
else |
|
| 811 |
{ |
{ |
| 812 |
process_sockaddr_pool[i].pid = pid; |
log_error("hash_dict_set(hash_dict_sockaddr_count, %s, %d) error\n", hostaddr_client, j + 1); |
|
process_sockaddr_pool[i].s_addr = sin.sin_addr.s_addr; |
|
| 813 |
} |
} |
| 814 |
} |
} |
| 815 |
} |
} |
| 816 |
|
else |
| 817 |
|
{ |
| 818 |
|
log_error("Rejected client connection from %s over limit per IP (%d)\n", hostaddr_client, BBS_max_client_per_ip); |
| 819 |
|
} |
| 820 |
} |
} |
| 821 |
else |
else |
| 822 |
{ |
{ |
| 847 |
} |
} |
| 848 |
} |
} |
| 849 |
|
|
| 850 |
|
hash_dict_destroy(hash_dict_pid_sockaddr); |
| 851 |
|
hash_dict_destroy(hash_dict_sockaddr_count); |
| 852 |
|
|
| 853 |
ssh_bind_free(sshbind); |
ssh_bind_free(sshbind); |
| 854 |
ssh_finalize(); |
ssh_finalize(); |
| 855 |
|
|
Parent Directory
| 
Revision Log
| 
Patch