#define F_SPARSE 16
GHashTable *children;
char pidfname[256]; /**< name of our PID file */
+char pidftemplate[256]; /**< template to be used for the filename of the PID file */
char default_authname[] = SYSCONFDIR "/nbd-server/allow"; /**< default name of allow file */
/**
* @return 0 - authorization refused, 1 - OK
**/
int authorized_client(CLIENT *opts) {
+ const char *ERRMSG="Invalid entry '%s' in authfile '%s', so, refusing all connections.";
FILE *f ;
-
char line[LINELEN];
+ char *tmp;
+ struct in_addr addr;
+ struct in_addr client;
+ struct in_addr cltemp;
+ int len;
if ((f=fopen(opts->server->authname,"r"))==NULL) {
msg4(LOG_INFO,"Can't open authorization file %s (%s).",
return 1 ;
}
+ inet_aton(opts->clientname, &client);
while (fgets(line,LINELEN,f)!=NULL) {
+ if((tmp=index(line, '/'))) {
+ if(strlen(line)<=tmp-line) {
+ msg4(LOG_CRIT, ERRMSG, line, opts->server->authname);
+ return 0;
+ }
+ *(tmp++)=0;
+ if(inet_aton(line,&addr)) {
+ msg4(LOG_CRIT, ERRMSG, line, opts->server->authname);
+ return 0;
+ }
+ len=strtol(tmp, NULL, 0);
+ addr.s_addr>>=32-len;
+ addr.s_addr<<=32-len;
+ memcpy(&cltemp,&client,sizeof(client));
+ cltemp.s_addr>>=32-len;
+ cltemp.s_addr<<=32-len;
+ if(addr.s_addr == cltemp.s_addr) {
+ return 1;
+ }
+ }
if (strncmp(line,opts->clientname,strlen(opts->clientname))==0) {
fclose(f);
return 1;
}
}
- fclose(f) ;
- return 0 ;
+ fclose(f);
+ return 0;
}
/**
**/
inline void readit(int f, void *buf, size_t len) {
ssize_t res;
+ gboolean tried = FALSE;
+
while (len > 0) {
DEBUG("*");
- if ((res = read(f, buf, len)) <= 0)
- err("Read failed: %m");
- len -= res;
- buf += res;
+ if ((res = read(f, buf, len)) <= 0) {
+ if(!tried && errno==EAGAIN) {
+ /* Assume the connection will work some time in
+ * the future, but don't run away with CPU time
+ * in case it doesn't */
+ fd_set set;
+ struct timeval tv;
+
+ DEBUG("Read failed, trying again");
+ tried=TRUE;
+ FD_ZERO(&set);
+ FD_SET(f, &set);
+ tv.tv_sec=30;
+ tv.tv_usec=0;
+ select(f+1, &set, NULL, NULL, &tv);
+ } else {
+ err("Read failed: %m");
+ }
+ } else {
+ len -= res;
+ buf += res;
+ tried=FALSE;
+ }
}
}
**/
inline void writeit(int f, void *buf, size_t len) {
ssize_t res;
+ gboolean tried=FALSE;
+
while (len > 0) {
DEBUG("+");
- if ((res = write(f, buf, len)) <= 0)
- err("Send failed: %m");
- len -= res;
- buf += res;
+ if ((res = write(f, buf, len)) <= 0) {
+ if(!tried && errno==EAGAIN) {
+ /* Assume the connection will work some time in
+ * the future, but don't run away with CPU time
+ * in case it doesn't */
+ fd_set set;
+ struct timeval tv;
+
+ DEBUG("Write failed, trying again");
+ tried=TRUE;
+ FD_ZERO(&set);
+ FD_SET(f, &set);
+ tv.tv_sec=30;
+ tv.tv_usec=0;
+ select(f+1, NULL, &set, NULL, &tv);
+ } else {
+ err("Send failed: %m");
+ }
+ } else {
+ len -= res;
+ buf += res;
+ tried=FALSE;
+ }
}
}
*/
void usage() {
printf("This is nbd-server version " VERSION "\n");
- printf("Usage: port file_to_export [size][kKmM] [-l authorize_file] [-r] [-m] [-c] [-a timeout_sec] [-C configuration file]\n"
+ printf("Usage: port file_to_export [size][kKmM] [-l authorize_file] [-r] [-m] [-c] [-a timeout_sec] [-C configuration file] [-p PID file name]\n"
"\t-r|--read-only\t\tread only\n"
"\t-m|--multi-file\t\tmultiple file\n"
"\t-c|--copy-on-write\tcopy on write\n"
- "\t-C|--config-file\tspecify an alternat configuration file\n"
+ "\t-C|--config-file\tspecify an alternate configuration file\n"
"\t-l|--authorize-file\tfile with list of hosts that are allowed to\n\t\t\t\tconnect.\n"
- "\t-a|--idle-time\t\tmaximum idle seconds; server terminates when\n\t\t\t\tidle time exceeded\n\n"
+ "\t-a|--idle-time\t\tmaximum idle seconds; server terminates when\n\t\t\t\tidle time exceeded\n"
+ "\t-p|--pid-file\t\tspecify a filename to write our PID to\n\n"
"\tif port is set to 0, stdin is used (for running from inetd)\n"
"\tif file_to_export contains '%%s', it is substituted with the IP\n"
"\t\taddress of the machine trying to connect\n" );
{"authorize-file", required_argument, NULL, 'l'},
{"idle-time", required_argument, NULL, 'a'},
{"config-file", required_argument, NULL, 'C'},
+ {"pid-file", required_argument, NULL, 'p'},
{0,0,0,0}
};
SERVER *serve;
}
serve=g_new0(SERVER, 1);
serve->authname = g_strdup(default_authname);
- while((c=getopt_long(argc, argv, "-a:C:cl:mr", long_options, &i))>=0) {
+ while((c=getopt_long(argc, argv, "-a:C:cl:mrp:", long_options, &i))>=0) {
switch (c) {
case 1:
/* non-option argument */
case 'm':
serve->flags |= F_MULTIFILE;
break;
+ case 'p':
+ strncpy(pidftemplate, optarg, 256);
+ break;
case 'c':
serve->flags |=F_COPYONWRITE;
break;
GArray *retval=NULL;
gchar **groups;
gboolean value;
- gint i,j;
+ gint i;
+ gint j;
errdomain = g_quark_from_string("parse_cfile");
cfile = g_key_file_new();
if (getpeername(net, (struct sockaddr *) &addrin, (socklen_t *)&addrinlen) < 0)
err("getsockname failed: %m");
- peername = inet_ntoa(addrin.sin_addr);
+ peername = g_strdup(inet_ntoa(addrin.sin_addr));
switch(client->server->virtstyle) {
case VIRT_NONE:
client->exportname=g_strdup(client->server->exportname);
break;
case VIRT_CIDR:
memcpy(&netaddr, &addrin, addrinlen);
- netaddr.sin_addr.s_addr=netaddr.sin_addr.s_addr>>(client->server->cidrlen)<<(client->server->cidrlen);
+ netaddr.sin_addr.s_addr>>=32-(client->server->cidrlen);
+ netaddr.sin_addr.s_addr<<=32-(client->server->cidrlen);
netname = inet_ntoa(netaddr.sin_addr);
tmp=g_strdup_printf("%s/%s", netname, peername);
client->exportname=g_strdup_printf(client->server->exportname, tmp);
break;
}
+ g_free(peername);
msg4(LOG_INFO, "connect from %s, assigned file is %s",
peername, client->exportname);
client->clientname=g_strdup(peername);
if(daemon(0,0)<0) {
err("daemon");
}
- if(serve) {
- snprintf(pidfname, sizeof(char)*255, "/var/run/nbd-server.%d.pid", serve->port);
- } else {
- strncpy(pidfname, "/var/run/nbd-server.pid", sizeof(char)*255);
+ if(!*pidftemplate) {
+ if(serve) {
+ strncpy(pidftemplate, "/var/run/server.%d.pid", 255);
+ } else {
+ strncpy(pidftemplate, "/var/run/server.pid", 255);
+ }
}
+ snprintf(pidfname, 255, pidftemplate, serve ? serve->port : 0);
pidf=fopen(pidfname, "w");
if(pidf) {
fprintf(pidf,"%d\n", (int)getpid());
err("fcntl F_GETFL");
}
if (fcntl(serve->socket, F_SETFL, sock_flags | O_NONBLOCK) == -1) {
- err("fcntl F_SETFL O_NONBLOCK");
+ err("fcntl F_SETFL O_NONBLOCK on server socket");
}
DEBUG("Waiting for connections... bind, ");
sa.sa_flags = SA_RESTART;
if(sigaction(SIGTERM, &sa, NULL) == -1)
err("sigaction: %m");
- children=g_hash_table_new_full(g_int_hash, g_int_equal, NULL, destroy_pid_t);
}
/**
for(i=0;i<servers->len;i++) {
setup_serve(&(g_array_index(servers, SERVER, i)));
}
+ children=g_hash_table_new_full(g_int_hash, g_int_equal, NULL, destroy_pid_t);
}
/**
for(i=0;i<servers->len;i++) {
serve=&(g_array_index(servers, SERVER, i));
if(FD_ISSET(serve->socket, &rset)) {
+ int sock_flags;
+
if ((net=accept(serve->socket, (struct sockaddr *) &addrin, &addrinlen)) < 0)
err("accept: %m");
client = g_malloc(sizeof(CLIENT));
client->server=serve;
client->exportsize=OFFT_MAX;
+ if ((sock_flags = fcntl(serve->socket, F_GETFL, 0)) == -1) {
+ err("fcntl F_GETFL");
+ }
+ if (fcntl(net, F_SETFL, sock_flags | O_NONBLOCK) == -1) {
+ err("fcntl F_SETFL O_NONBLOCK on client socket");
+ }
client->net=net;
set_peername(net, client);
if (!authorized_client(client)) {
exit(-1) ;
}
+ memset(pidftemplate, '\0', 256);
+
logging();
config_file_pos = g_strdup(CFILE);
serve=cmdline(argc, argv);