**/
#define OFFT_MAX ~((off_t)1<<(sizeof(off_t)*8-1))
#define LINELEN 256 /**< Size of static buffer used to read the
- authorization file (yuck) */
+ authorization file (yuck) */
#define BUFSIZE (1024*1024) /**< Size of buffer that can hold requests */
#define DIFFPAGESIZE 4096 /**< diff file uses those chunks */
#define F_READONLY 1 /**< flag to tell us a file is readonly */
copyonwrite */
#define F_AUTOREADONLY 8 /**< flag to tell us a file is set to autoreadonly */
#define F_SPARSE 16 /**< flag to tell us copyronwrite should use a sparse file */
-#define F_SDP /**< flag to tell us the export should be done using the Socket Direct Protocol for RDMA */
+#define F_SDP 32 /**< flag to tell us the export should be done using the Socket Direct Protocol for RDMA */
GHashTable *children;
char pidfname[256]; /**< name of our PID file */
char pidftemplate[256]; /**< template to be used for the filename of the PID file */
gchar* exportname; /**< (unprocessed) filename of the file we're exporting */
off_t expected_size; /**< size of the exported file as it was told to
us through configuration */
+ gchar* listenaddr; /**< The IP address we're listening on */
unsigned int port; /**< port we're exporting this file at */
char* authname; /**< filename of the authorization file */
int flags; /**< flags associated with this exported file */
*/
void usage() {
printf("This is nbd-server version " VERSION "\n");
- printf("Usage: port file_to_export [size][kKmM] [-l authorize_file] [-r] [-m] [-c] [-a timeout_sec] [-C configuration file] [-p PID file name] [-o section name]\n"
+ printf("Usage: [ip:]port file_to_export [size][kKmM] [-l authorize_file] [-r] [-m] [-c] [-a timeout_sec] [-C configuration file] [-p PID file name] [-o section name]\n"
"\t-r|--read-only\t\tread only\n"
"\t-m|--multi-file\t\tmultiple file\n"
"\t-c|--copy-on-write\tcopy on write\n"
"\t-o|--output-config\toutput a config file section for what you\n\t\t\t\tspecified on the command line, with the\n\t\t\t\tspecified section name\n\n"
"\tif port is set to 0, stdin is used (for running from inetd)\n"
"\tif file_to_export contains '%%s', it is substituted with the IP\n"
- "\t\taddress of the machine trying to connect\n" );
+ "\t\taddress of the machine trying to connect\n"
+ "\tif ip is set, it contains the local IP address on which we're listening.\n\tif not, the server will listen on all local IP addresses\n");
printf("Using configuration file %s\n", CFILE);
}
void dump_section(SERVER* serve, gchar* section_header) {
printf("[%s]\n", section_header);
printf("\texportname = %s\n", serve->exportname);
+ printf("\tlistenaddr = %s\n", serve->listenaddr);
printf("\tport = %d\n", serve->port);
if(serve->flags & F_READONLY) {
printf("\treadonly = true\n");
size_t last;
char suffix;
gboolean do_output=FALSE;
- gchar* section_header;
+ gchar* section_header="";
+ gchar** addr_port;
if(argc==1) {
return NULL;
/* non-option argument */
switch(nonspecial++) {
case 0:
- serve->port=strtol(optarg, NULL, 0);
+ addr_port=g_strsplit(optarg, ":", 2);
+ if(addr_port[1]) {
+ serve->port=strtol(addr_port[1], NULL, 0);
+ serve->listenaddr=g_strdup(addr_port[0]);
+ } else {
+ serve->listenaddr=g_strdup("0.0.0.0");
+ serve->port=strtol(addr_port[0], NULL, 0);
+ }
+ g_strfreev(addr_port);
break;
case 1:
serve->exportname = g_strdup(optarg);
CFILE_MISSING_GENERIC, /**< The (required) group "generic" is missing */
CFILE_KEY_MISSING, /**< A (required) key is missing */
CFILE_VALUE_INVALID, /**< A value is syntactically invalid */
+ CFILE_VALUE_UNSUPPORTED,/**< A value is not supported in this build */
CFILE_PROGERR /**< Programmer error */
} CFILE_ERRORS;
{ "readonly", FALSE, PARAM_BOOL, NULL, F_READONLY },
{ "multifile", FALSE, PARAM_BOOL, NULL, F_MULTIFILE },
{ "copyonwrite", FALSE, PARAM_BOOL, NULL, F_COPYONWRITE },
- { "autoreadonly", FALSE, PARAM_BOOL, NULL, F_AUTOREADONLY },
{ "sparse_cow", FALSE, PARAM_BOOL, NULL, F_SPARSE },
{ "sdp", FALSE, PARAM_BOOL, NULL, F_SDP },
+ { "listenaddr", FALSE, PARAM_STRING, NULL, 0 },
};
const int lp_size=14;
PARAM gp[] = {
lp[8].target=lp[9].target=lp[10].target=
lp[11].target=lp[12].target=
lp[13].target=&(s.flags);
+ lp[14].target=&(s.listenaddr);
/* After the [generic] group, start parsing exports */
if(i==1) {
virtstyle=NULL;
/* Don't append values for the [generic] group */
if(i>0) {
+ if(!s.listenaddr) {
+ s.listenaddr = g_strdup("0.0.0.0");
+ }
g_array_append_val(retval, s);
}
#ifndef WITH_SDP
- if(s.flags && F_SDP) {
+ if(s.flags & F_SDP) {
g_set_error(e, errdomain, CFILE_VALUE_UNSUPPORTED, "This nbd-server was built without support for SDP, yet group %s uses it", groups[i]);
g_array_free(retval, TRUE);
g_key_file_free(cfile);
unlink(pidfname);
}
- exit(0);
+ exit(EXIT_SUCCESS);
}
/**
* @return 0 on success, nonzero on failure
**/
int rawexpwrite_fully(off_t a, char *buf, size_t len, CLIENT *client) {
- ssize_t ret;
+ ssize_t ret=0;
while(len > 0 && (ret=rawexpwrite(a, buf, len, client)) > 0 ) {
a += ret;
* @return 0 on success, nonzero on failure
**/
int rawexpread_fully(off_t a, char *buf, size_t len, CLIENT *client) {
- ssize_t ret;
+ ssize_t ret=0;
while(len > 0 && (ret=rawexpread(a, buf, len, client)) > 0 ) {
a += ret;
/* Try again because maybe media was read-only */
fi.fhandle = open(tmpname, O_RDONLY);
if(fi.fhandle != -1) {
- client->server->flags |= F_AUTOREADONLY;
- client->server->flags |= F_READONLY;
+ /* Opening the base file in copyonwrite mode is
+ * okay */
+ if(!(client->server->flags & F_COPYONWRITE)) {
+ client->server->flags |= F_AUTOREADONLY;
+ client->server->flags |= F_READONLY;
+ }
}
}
if(fi.fhandle == -1) {
}
/**
- * Go daemon (unless we specified at compile time that we didn't want this)
- * @param serve the first server of our configuration. If its port is zero,
- * then do not daemonize, because we're doing inetd then. This parameter
- * is only used to create a PID file of the form
- * /var/run/nbd-server.<port>.pid; it's not modified in any way.
+ * Loop through the available servers, and serve them. Never returns.
**/
-#if !defined(NODAEMON) && !defined(NOFORK)
-void daemonize(SERVER* serve) {
- FILE*pidf;
+int serveloop(GArray* servers) {
+ struct sockaddr_in addrin;
+ socklen_t addrinlen=sizeof(addrin);
+ SERVER *serve;
+ int i;
+ int max;
+ int sock;
+ fd_set mset;
+ fd_set rset;
- if(serve && !(serve->port)) {
- return;
- }
- if(daemon(0,0)<0) {
- err("daemon");
+ /*
+ * Set up the master fd_set. The set of descriptors we need
+ * to select() for never changes anyway and it buys us a *lot*
+ * of time to only build this once. However, if we ever choose
+ * to not fork() for clients anymore, we may have to revisit
+ * this.
+ */
+ max=0;
+ FD_ZERO(&mset);
+ for(i=0;i<servers->len;i++) {
+ sock=(g_array_index(servers, SERVER, i)).socket;
+ FD_SET(sock, &mset);
+ max=sock>max?sock:max;
}
- if(!*pidftemplate) {
- if(serve) {
- strncpy(pidftemplate, "/var/run/server.%d.pid", 255);
- } else {
- strncpy(pidftemplate, "/var/run/server.pid", 255);
+ for(;;) {
+ CLIENT *client;
+ int net;
+ pid_t *pid;
+
+ memcpy(&rset, &mset, sizeof(fd_set));
+ if(select(max+1, &rset, NULL, NULL, NULL)>0) {
+ DEBUG("accept, ");
+ for(i=0;i<servers->len;i++) {
+ serve=&(g_array_index(servers, SERVER, i));
+ if(FD_ISSET(serve->socket, &rset)) {
+ if ((net=accept(serve->socket, (struct sockaddr *) &addrin, &addrinlen)) < 0)
+ err("accept: %m");
+
+ client = g_malloc(sizeof(CLIENT));
+ client->server=serve;
+ client->exportsize=OFFT_MAX;
+ client->net=net;
+ set_peername(net, client);
+ if (!authorized_client(client)) {
+ msg2(LOG_INFO,"Unauthorized client") ;
+ close(net);
+ continue;
+ }
+ msg2(LOG_INFO,"Authorized client") ;
+ pid=g_malloc(sizeof(pid_t));
+#ifndef NOFORK
+ if ((*pid=fork())<0) {
+ msg3(LOG_INFO,"Could not fork (%s)",strerror(errno)) ;
+ close(net);
+ continue;
+ }
+ if (*pid>0) { /* parent */
+ close(net);
+ g_hash_table_insert(children, pid, pid);
+ continue;
+ }
+ /* child */
+ g_hash_table_destroy(children);
+ for(i=0;i<servers->len;i++) {
+ serve=&g_array_index(servers, SERVER, i);
+ close(serve->socket);
+ }
+ /* FALSE does not free the
+ actual data. This is required,
+ because the client has a
+ direct reference into that
+ data, and otherwise we get a
+ segfault... */
+ g_array_free(servers, FALSE);
+#endif // NOFORK
+ msg2(LOG_INFO,"Starting to serve");
+ serveconnection(client);
+ exit(EXIT_SUCCESS);
+ }
+ }
}
}
- snprintf(pidfname, 255, pidftemplate, serve ? serve->port : 0);
- pidf=fopen(pidfname, "w");
- if(pidf) {
- fprintf(pidf,"%d\n", (int)getpid());
- fclose(pidf);
- } else {
- perror("fopen");
- fprintf(stderr, "Not fatal; continuing");
- }
}
-#else
-#define daemonize(serve)
-#endif /* !defined(NODAEMON) && !defined(NOFORK) */
/**
* Connect a server's socket.
DEBUG("Waiting for connections... bind, ");
addrin.sin_family = AF_INET;
#ifdef WITH_SDP
- if(serve->flags && F_SDP) {
+ if(serve->flags & F_SDP) {
addrin.sin_family = AF_INET_SDP;
}
#endif
addrin.sin_port = htons(serve->port);
- addrin.sin_addr.s_addr = 0;
+ if(!inet_aton(serve->listenaddr, &(addrin.sin_addr)))
+ err("could not parse listen address");
if (bind(serve->socket, (struct sockaddr *) &addrin, addrinlen) < 0)
err("bind: %m");
DEBUG("listen, ");
}
/**
- * Loop through the available servers, and serve them.
+ * Go daemon (unless we specified at compile time that we didn't want this)
+ * @param serve the first server of our configuration. If its port is zero,
+ * then do not daemonize, because we're doing inetd then. This parameter
+ * is only used to create a PID file of the form
+ * /var/run/nbd-server.<port>.pid; it's not modified in any way.
**/
-int serveloop(GArray* servers) {
- struct sockaddr_in addrin;
- socklen_t addrinlen=sizeof(addrin);
- SERVER *serve;
- int i;
- int max;
- int sock;
- fd_set mset;
- fd_set rset;
- struct timeval tv;
+#if !defined(NODAEMON) && !defined(NOFORK)
+void daemonize(SERVER* serve) {
+ FILE*pidf;
- /*
- * Set up the master fd_set. The set of descriptors we need
- * to select() for never changes anyway and it buys us a *lot*
- * of time to only build this once. However, if we ever choose
- * to not fork() for clients anymore, we may have to revisit
- * this.
- */
- max=0;
- FD_ZERO(&mset);
- for(i=0;i<servers->len;i++) {
- sock=(g_array_index(servers, SERVER, i)).socket;
- FD_SET(sock, &mset);
- max=sock>max?sock:max;
+ if(serve && !(serve->port)) {
+ return;
}
- for(;;) {
- CLIENT *client;
- int net;
- pid_t *pid;
-
- memcpy(&rset, &mset, sizeof(fd_set));
- tv.tv_sec=0;
- tv.tv_usec=500;
- if(select(max+1, &rset, NULL, NULL, &tv)>0) {
- DEBUG("accept, ");
- for(i=0;i<servers->len;i++) {
- serve=&(g_array_index(servers, SERVER, i));
- if(FD_ISSET(serve->socket, &rset)) {
- if ((net=accept(serve->socket, (struct sockaddr *) &addrin, &addrinlen)) < 0)
- err("accept: %m");
-
- client = g_malloc(sizeof(CLIENT));
- client->server=serve;
- client->exportsize=OFFT_MAX;
- client->net=net;
- set_peername(net, client);
- if (!authorized_client(client)) {
- msg2(LOG_INFO,"Unauthorized client") ;
- close(net);
- continue;
- }
- msg2(LOG_INFO,"Authorized client") ;
- pid=g_malloc(sizeof(pid_t));
-#ifndef NOFORK
- if ((*pid=fork())<0) {
- msg3(LOG_INFO,"Could not fork (%s)",strerror(errno)) ;
- close(net);
- continue;
- }
- if (*pid>0) { /* parent */
- close(net);
- g_hash_table_insert(children, pid, pid);
- continue;
- }
- /* child */
- g_hash_table_destroy(children);
- for(i=0;i<servers->len;i++) {
- serve=g_array_index(servers, SERVER*, i);
- close(serve->socket);
- }
- /* FALSE does not free the
- actual data. This is required,
- because the client has a
- direct reference into that
- data, and otherwise we get a
- segfault... */
- g_array_free(servers, FALSE);
-#endif // NOFORK
- msg2(LOG_INFO,"Starting to serve");
- serveconnection(client);
- exit(EXIT_SUCCESS);
- }
- }
+ if(daemon(0,0)<0) {
+ err("daemon");
+ }
+ if(!*pidftemplate) {
+ if(serve) {
+ strncpy(pidftemplate, "/var/run/nbd-server.%d.pid", 255);
+ } else {
+ strncpy(pidftemplate, "/var/run/nbd-server.pid", 255);
}
}
+ snprintf(pidfname, 255, pidftemplate, serve ? serve->port : 0);
+ pidf=fopen(pidfname, "w");
+ if(pidf) {
+ fprintf(pidf,"%d\n", (int)getpid());
+ fclose(pidf);
+ } else {
+ perror("fopen");
+ fprintf(stderr, "Not fatal; continuing");
+ }
+}
+#else
+#define daemonize(serve)
+#endif /* !defined(NODAEMON) && !defined(NOFORK) */
+
+/*
+ * Everything beyond this point (in the file) is run in non-daemon mode.
+ * The stuff above daemonize() isn't.
+ */
+
+void serve_err(SERVER* serve, const char* msg) G_GNUC_NORETURN;
+
+void serve_err(SERVER* serve, const char* msg) {
+ g_message("Export of %s on port %d failed:", serve->exportname,
+ serve->port);
+ err(msg);
}
/**
struct group *gr;
if(rungroup) {
gr=getgrnam(rungroup);
- if(setgid(gr->gr_gid)<0)
- msg3(LOG_DEBUG, "Could not set GID: %s", strerror(errno));
+ if(!gr) {
+ g_message("Invalid group name: %s", rungroup);
+ exit(EXIT_FAILURE);
+ }
+ if(setgid(gr->gr_gid)<0) {
+ g_message("Could not set GID: %s", strerror(errno));
+ exit(EXIT_FAILURE);
+ }
}
if(runuser) {
pw=getpwnam(runuser);
- if(setuid(pw->pw_uid)<0)
- msg3(LOG_DEBUG, "Could not set UID: %s", strerror(errno));
+ if(!pw) {
+ g_message("Invalid user name: %s", runuser);
+ exit(EXIT_FAILURE);
+ }
+ if(setuid(pw->pw_uid)<0) {
+ g_message("Could not set UID: %s", strerror(errno));
+ exit(EXIT_FAILURE);
+ }
}
}
if (sizeof( struct nbd_request )!=28) {
fprintf(stderr,"Bad size of structure. Alignment problems?\n");
- exit(-1) ;
+ exit(EXIT_FAILURE) ;
}
memset(pidftemplate, '\0', 256);