X-Git-Url: http://git.alex.org.uk diff --git a/nbd-server.c b/nbd-server.c index a35aafb..4d01e37 100644 --- a/nbd-server.c +++ b/nbd-server.c @@ -68,6 +68,7 @@ #include /* For BLKGETSIZE */ #endif #include /* sigaction */ +#include #include #include /* sockaddr_in, htons, in_addr */ #include /* hostent, gethostby*, getservby* */ @@ -82,6 +83,8 @@ #include #include #include +#include +#include #include @@ -98,6 +101,11 @@ /** Where our config file actually is */ gchar* config_file_pos; +/** What user we're running as */ +gchar* runuser=NULL; +/** What group we're running as */ +gchar* rungroup=NULL; + /** Logging macros, now nothing goes to syslog unless you say ISSERVER */ #ifdef ISSERVER #define msg2(a,b) syslog(a,b) @@ -131,7 +139,7 @@ gchar* config_file_pos; **/ #define OFFT_MAX ~((off_t)1<<(sizeof(off_t)*8-1)) #define LINELEN 256 /**< Size of static buffer used to read the - authorization file (yuck) */ + authorization file (yuck) */ #define BUFSIZE (1024*1024) /**< Size of buffer that can hold requests */ #define DIFFPAGESIZE 4096 /**< diff file uses those chunks */ #define F_READONLY 1 /**< flag to tell us a file is readonly */ @@ -139,9 +147,24 @@ gchar* config_file_pos; #define F_COPYONWRITE 4 /**< flag to tell us a file is exported using copyonwrite */ #define F_AUTOREADONLY 8 /**< flag to tell us a file is set to autoreadonly */ +#define F_SPARSE 16 /**< flag to tell us copyronwrite should use a sparse file */ +#define F_SDP 32 /**< flag to tell us the export should be done using the Socket Direct Protocol for RDMA */ +#define F_SYNC 64 /**< Whether to fsync() after a write */ GHashTable *children; char pidfname[256]; /**< name of our PID file */ -char default_authname[] = "/etc/nbd_server.allow"; /**< default name of allow file */ +char pidftemplate[256]; /**< template to be used for the filename of the PID file */ +char default_authname[] = SYSCONFDIR "/nbd-server/allow"; /**< default name of allow file */ + +/** + * Types of virtuatlization + **/ +typedef enum { + VIRT_NONE=0, /**< No virtualization */ + VIRT_IPLIT, /**< Literal IP address as part of the filename */ + VIRT_IPHASH, /**< Replacing all dots in an ip address by a / before + doing the same as in IPLIT */ + VIRT_CIDR, /**< Every subnet in its own directory */ +} VIRT_STYLE; /** * Variables associated with a server. @@ -150,12 +173,18 @@ typedef struct { gchar* exportname; /**< (unprocessed) filename of the file we're exporting */ off_t expected_size; /**< size of the exported file as it was told to us through configuration */ + gchar* listenaddr; /**< The IP address we're listening on */ unsigned int port; /**< port we're exporting this file at */ char* authname; /**< filename of the authorization file */ int flags; /**< flags associated with this exported file */ - unsigned int timeout;/**< how long a connection may be idle - (0=forever) */ int socket; /**< The socket of this server. */ + VIRT_STYLE virtstyle;/**< The style of virtualization, if any */ + uint8_t cidrlen; /**< The length of the mask when we use + CIDR-style virtualization */ + gchar* prerun; /**< command to be ran after connecting a client, + but before starting to serve */ + gchar* postrun; /**< command that will be ran after the client + disconnects */ } SERVER; /** @@ -191,6 +220,7 @@ typedef enum { PARAM_STRING, /**< This parameter is a string */ PARAM_BOOL, /**< This parameter is a boolean */ } PARAM_TYPE; + /** * Configuration file values **/ @@ -216,9 +246,14 @@ typedef struct { * @return 0 - authorization refused, 1 - OK **/ int authorized_client(CLIENT *opts) { + const char *ERRMSG="Invalid entry '%s' in authfile '%s', so, refusing all connections."; FILE *f ; - char line[LINELEN]; + char *tmp; + struct in_addr addr; + struct in_addr client; + struct in_addr cltemp; + int len; if ((f=fopen(opts->server->authname,"r"))==NULL) { msg4(LOG_INFO,"Can't open authorization file %s (%s).", @@ -226,14 +261,35 @@ int authorized_client(CLIENT *opts) { return 1 ; } + inet_aton(opts->clientname, &client); while (fgets(line,LINELEN,f)!=NULL) { + if((tmp=index(line, '/'))) { + if(strlen(line)<=tmp-line) { + msg4(LOG_CRIT, ERRMSG, line, opts->server->authname); + return 0; + } + *(tmp++)=0; + if(inet_aton(line,&addr)) { + msg4(LOG_CRIT, ERRMSG, line, opts->server->authname); + return 0; + } + len=strtol(tmp, NULL, 0); + addr.s_addr>>=32-len; + addr.s_addr<<=32-len; + memcpy(&cltemp,&client,sizeof(client)); + cltemp.s_addr>>=32-len; + cltemp.s_addr<<=32-len; + if(addr.s_addr == cltemp.s_addr) { + return 1; + } + } if (strncmp(line,opts->clientname,strlen(opts->clientname))==0) { fclose(f); return 1; } } - fclose(f) ; - return 0 ; + fclose(f); + return 0; } /** @@ -247,10 +303,14 @@ inline void readit(int f, void *buf, size_t len) { ssize_t res; while (len > 0) { DEBUG("*"); - if ((res = read(f, buf, len)) <= 0) - err("Read failed: %m"); - len -= res; - buf += res; + if ((res = read(f, buf, len)) <= 0) { + if(errno != EAGAIN) { + err("Read failed: %m"); + } + } else { + len -= res; + buf += res; + } } } @@ -278,19 +338,46 @@ inline void writeit(int f, void *buf, size_t len) { */ void usage() { printf("This is nbd-server version " VERSION "\n"); - printf("Usage: port file_to_export [size][kKmM] [-l authorize_file] [-r] [-m] [-c] [-a timeout_sec] [-C configuration file]\n" + printf("Usage: [ip:]port file_to_export [size][kKmM] [-l authorize_file] [-r] [-m] [-c] [-C configuration file] [-p PID file name] [-o section name]\n" "\t-r|--read-only\t\tread only\n" "\t-m|--multi-file\t\tmultiple file\n" "\t-c|--copy-on-write\tcopy on write\n" - "\t-C|--config-file\tspecify an alternat configuration file\n" + "\t-C|--config-file\tspecify an alternate configuration file\n" "\t-l|--authorize-file\tfile with list of hosts that are allowed to\n\t\t\t\tconnect.\n" - "\t-a|--idle-time\t\tmaximum idle seconds; server terminates when\n\t\t\t\tidle time exceeded\n\n" + "\t-a|--idle-time\t\tmaximum idle seconds; server terminates when\n\t\t\t\tidle time exceeded\n" + "\t-p|--pid-file\t\tspecify a filename to write our PID to\n" + "\t-o|--output-config\toutput a config file section for what you\n\t\t\t\tspecified on the command line, with the\n\t\t\t\tspecified section name\n\n" "\tif port is set to 0, stdin is used (for running from inetd)\n" "\tif file_to_export contains '%%s', it is substituted with the IP\n" - "\t\taddress of the machine trying to connect\n" ); + "\t\taddress of the machine trying to connect\n" + "\tif ip is set, it contains the local IP address on which we're listening.\n\tif not, the server will listen on all local IP addresses\n"); printf("Using configuration file %s\n", CFILE); } +/* Dumps a config file section of the given SERVER*, and exits. */ +void dump_section(SERVER* serve, gchar* section_header) { + printf("[%s]\n", section_header); + printf("\texportname = %s\n", serve->exportname); + printf("\tlistenaddr = %s\n", serve->listenaddr); + printf("\tport = %d\n", serve->port); + if(serve->flags & F_READONLY) { + printf("\treadonly = true\n"); + } + if(serve->flags & F_MULTIFILE) { + printf("\tmultifile = true\n"); + } + if(serve->flags & F_COPYONWRITE) { + printf("\tcopyonwrite = true\n"); + } + if(serve->expected_size) { + printf("\tfilesize = %lld\n", (long long int)serve->expected_size); + } + if(serve->authname) { + printf("\tauthfile = %s\n", serve->authname); + } + exit(EXIT_SUCCESS); +} + /** * Parse the command line. * @@ -308,25 +395,39 @@ SERVER* cmdline(int argc, char *argv[]) { {"authorize-file", required_argument, NULL, 'l'}, {"idle-time", required_argument, NULL, 'a'}, {"config-file", required_argument, NULL, 'C'}, + {"pid-file", required_argument, NULL, 'p'}, + {"output-config", required_argument, NULL, 'o'}, {0,0,0,0} }; SERVER *serve; off_t es; size_t last; char suffix; + gboolean do_output=FALSE; + gchar* section_header=""; + gchar** addr_port; if(argc==1) { return NULL; } serve=g_new0(SERVER, 1); serve->authname = g_strdup(default_authname); - while((c=getopt_long(argc, argv, "-a:C:cl:mr", long_options, &i))>=0) { + serve->virtstyle=VIRT_IPLIT; + while((c=getopt_long(argc, argv, "-a:C:cl:mo:rp:", long_options, &i))>=0) { switch (c) { case 1: /* non-option argument */ switch(nonspecial++) { case 0: - serve->port=strtol(optarg, NULL, 0); + addr_port=g_strsplit(optarg, ":", 2); + if(addr_port[1]) { + serve->port=strtol(addr_port[1], NULL, 0); + serve->listenaddr=g_strdup(addr_port[0]); + } else { + serve->listenaddr=g_strdup("0.0.0.0"); + serve->port=strtol(addr_port[0], NULL, 0); + } + g_strfreev(addr_port); break; case 1: serve->exportname = g_strdup(optarg); @@ -341,7 +442,7 @@ SERVER* cmdline(int argc, char *argv[]) { if (suffix == 'k' || suffix == 'K' || suffix == 'm' || suffix == 'M') optarg[last] = '\0'; - es = (off_t)atol(optarg); + es = (off_t)atoll(optarg); switch (suffix) { case 'm': case 'M': es <<= 10; @@ -359,6 +460,13 @@ SERVER* cmdline(int argc, char *argv[]) { case 'm': serve->flags |= F_MULTIFILE; break; + case 'o': + do_output = TRUE; + section_header = g_strdup(optarg); + break; + case 'p': + strncpy(pidftemplate, optarg, 256); + break; case 'c': serve->flags |=F_COPYONWRITE; break; @@ -370,9 +478,6 @@ SERVER* cmdline(int argc, char *argv[]) { g_free(serve->authname); serve->authname=g_strdup(optarg); break; - case 'a': - serve->timeout=strtol(optarg, NULL, 0); - break; default: usage(); exit(EXIT_FAILURE); @@ -385,6 +490,13 @@ SERVER* cmdline(int argc, char *argv[]) { g_free(serve); serve=NULL; } + if(do_output) { + if(!serve) { + g_critical("Need a complete configuration on the command line to output a config file section!"); + exit(EXIT_FAILURE); + } + dump_section(serve, section_header); + } return serve; } @@ -396,7 +508,10 @@ typedef enum { CFILE_MISSING_GENERIC, /**< The (required) group "generic" is missing */ CFILE_KEY_MISSING, /**< A (required) key is missing */ CFILE_VALUE_INVALID, /**< A value is syntactically invalid */ - CFILE_PROGERR /**< Programmer error */ + CFILE_VALUE_UNSUPPORTED,/**< A value is not supported in this build */ + CFILE_PROGERR, /**< Programmer error */ + CFILE_NO_EXPORTS /**< A config file was specified that does not + define any exports */ } CFILE_ERRORS; /** @@ -418,26 +533,38 @@ void remove_server(gpointer s) { * @param f the name of the config file * @param e a GError. @see CFILE_ERRORS for what error values this function can * return. - * @return a GHashTable of SERVER* pointers, with the port number as the hash - * key. If the config file is empty or does not exist, returns an empty - * GHashTable; if the config file contains an error, returns NULL, and - * e is set appropriately + * @return a Array of SERVER* pointers, If the config file is empty or does not + * exist, returns an empty GHashTable; if the config file contains an + * error, returns NULL, and e is set appropriately **/ GArray* parse_cfile(gchar* f, GError** e) { const char* DEFAULT_ERROR = "Could not parse %s in group %s: %s"; const char* MISSING_REQUIRED_ERROR = "Could not find required value %s in group %s: %s"; SERVER s; - PARAM p[] = { + gchar *virtstyle=NULL; + PARAM lp[] = { { "exportname", TRUE, PARAM_STRING, NULL, 0 }, { "port", TRUE, PARAM_INT, NULL, 0 }, { "authfile", FALSE, PARAM_STRING, NULL, 0 }, - { "timeout", FALSE, PARAM_INT, NULL, 0 }, { "filesize", FALSE, PARAM_INT, NULL, 0 }, + { "virtstyle", FALSE, PARAM_STRING, NULL, 0 }, + { "prerun", FALSE, PARAM_STRING, NULL, 0 }, + { "postrun", FALSE, PARAM_STRING, NULL, 0 }, { "readonly", FALSE, PARAM_BOOL, NULL, F_READONLY }, { "multifile", FALSE, PARAM_BOOL, NULL, F_MULTIFILE }, { "copyonwrite", FALSE, PARAM_BOOL, NULL, F_COPYONWRITE }, + { "sparse_cow", FALSE, PARAM_BOOL, NULL, F_SPARSE }, + { "sdp", FALSE, PARAM_BOOL, NULL, F_SDP }, + { "sync", FALSE, PARAM_BOOL, NULL, F_SYNC }, + { "listenaddr", FALSE, PARAM_STRING, NULL, 0 }, }; - const int p_size=8; + const int lp_size=sizeof(lp)/sizeof(PARAM); + PARAM gp[] = { + { "user", FALSE, PARAM_STRING, &runuser, 0 }, + { "group", FALSE, PARAM_STRING, &rungroup, 0 }, + }; + PARAM* p=gp; + int p_size=sizeof(gp)/sizeof(PARAM); GKeyFile *cfile; GError *err = NULL; const char *err_msg=NULL; @@ -445,31 +572,45 @@ GArray* parse_cfile(gchar* f, GError** e) { GArray *retval=NULL; gchar **groups; gboolean value; - gint i,j; + gchar* startgroup; + gint i; + gint j; - memset(&s, '\0', sizeof(SERVER)); errdomain = g_quark_from_string("parse_cfile"); cfile = g_key_file_new(); retval = g_array_new(FALSE, TRUE, sizeof(SERVER)); if(!g_key_file_load_from_file(cfile, f, G_KEY_FILE_KEEP_COMMENTS | G_KEY_FILE_KEEP_TRANSLATIONS, &err)) { - g_set_error(e, errdomain, CFILE_NOTFOUND, "Could not open config file."); + g_set_error(e, errdomain, CFILE_NOTFOUND, "Could not open config file.", f); g_key_file_free(cfile); return retval; } - if(strcmp(g_key_file_get_start_group(cfile), "generic")) { + startgroup = g_key_file_get_start_group(cfile); + if(!startgroup || strcmp(startgroup, "generic")) { g_set_error(e, errdomain, CFILE_MISSING_GENERIC, "Config file does not contain the [generic] group!"); g_key_file_free(cfile); return NULL; } groups = g_key_file_get_groups(cfile, NULL); - for(i=1;groups[i];i++) { - p[0].target=&(s.exportname); - p[1].target=&(s.port); - p[2].target=&(s.authname); - p[3].target=&(s.timeout); - p[4].target=&(s.expected_size); - p[5].target=p[6].target=p[7].target=&(s.flags); + for(i=0;groups[i];i++) { + memset(&s, '\0', sizeof(SERVER)); + lp[0].target=&(s.exportname); + lp[1].target=&(s.port); + lp[2].target=&(s.authname); + lp[3].target=&(s.expected_size); + lp[4].target=&(virtstyle); + lp[5].target=&(s.prerun); + lp[6].target=&(s.postrun); + lp[7].target=lp[8].target=lp[9].target= + lp[10].target=lp[11].target= + lp[12].target=&(s.flags); + lp[13].target=&(s.listenaddr); + + /* After the [generic] group, start parsing exports */ + if(i==1) { + p=lp; + p_size=lp_size; + } for(j=0;j0) { + if(!s.listenaddr) { + s.listenaddr = g_strdup("0.0.0.0"); + } + g_array_append_val(retval, s); + } +#ifndef WITH_SDP + if(s.flags & F_SDP) { + g_set_error(e, errdomain, CFILE_VALUE_UNSUPPORTED, "This nbd-server was built without support for SDP, yet group %s uses it", groups[i]); + g_array_free(retval, TRUE); + g_key_file_free(cfile); + return NULL; + } +#endif + } + if(i==1) { + g_set_error(e, errdomain, CFILE_NO_EXPORTS, "The config file does not specify any exports"); } + g_key_file_free(cfile); return retval; } @@ -532,7 +722,7 @@ void sigchld_handler(int s) { pid_t pid; while((pid=waitpid(-1, &status, WNOHANG)) > 0) { - if(WIFEXITED(&status)) { + if(WIFEXITED(status)) { msg3(LOG_INFO, "Child exited with %d", WEXITSTATUS(status)); } i=g_hash_table_lookup(children, &pid); @@ -575,7 +765,7 @@ void sigterm_handler(int s) { unlink(pidfname); } - exit(0); + exit(EXIT_SUCCESS); } /** @@ -587,19 +777,18 @@ void sigterm_handler(int s) { **/ off_t size_autodetect(int fhandle) { off_t es; - u32 es32; + u64 bytes; struct stat stat_buf; int error; #ifdef HAVE_SYS_MOUNT_H #ifdef HAVE_SYS_IOCTL_H -#ifdef BLKGETSIZE - DEBUG("looking for fhandle size with ioctl BLKGETSIZE\n"); - if (!ioctl(fhandle, BLKGETSIZE, &es32) && es32) { - es = (off_t)es32 * (off_t)512; - return es; +#ifdef BLKGETSIZE64 + DEBUG("looking for export size with ioctl BLKGETSIZE64\n"); + if (!ioctl(fhandle, BLKGETSIZE64, bytes) && bytes) { + return (off_t)bytes; } -#endif /* BLKGETSIZE */ +#endif /* BLKGETSIZE64 */ #endif /* HAVE_SYS_IOCTL_H */ #endif /* HAVE_SYS_MOUNT_H */ @@ -701,16 +890,21 @@ ssize_t rawexpwrite(off_t a, char *buf, size_t len, CLIENT *client) { int fhandle; off_t foffset; size_t maxbytes; + ssize_t retval; if(get_filepos(client->export, a, &fhandle, &foffset, &maxbytes)) return -1; if(maxbytes && len > maxbytes) len = maxbytes; - DEBUG4("(WRITE to fd %d offset %Lu len %u), ", fhandle, foffset, len); + DEBUG4("(WRITE to fd %d offset %llu len %u), ", fhandle, foffset, len); myseek(fhandle, foffset); - return write(fhandle, buf, len); + retval = write(fhandle, buf, len); + if(client->server->flags & F_SYNC) { + fsync(fhandle); + } + return retval; } /** @@ -718,7 +912,7 @@ ssize_t rawexpwrite(off_t a, char *buf, size_t len, CLIENT *client) { * @return 0 on success, nonzero on failure **/ int rawexpwrite_fully(off_t a, char *buf, size_t len, CLIENT *client) { - ssize_t ret; + ssize_t ret=0; while(len > 0 && (ret=rawexpwrite(a, buf, len, client)) > 0 ) { a += ret; @@ -749,7 +943,7 @@ ssize_t rawexpread(off_t a, char *buf, size_t len, CLIENT *client) { if(maxbytes && len > maxbytes) len = maxbytes; - DEBUG4("(READ from fd %d offset %Lu len %u), ", fhandle, foffset, len); + DEBUG4("(READ from fd %d offset %llu len %u), ", fhandle, foffset, len); myseek(fhandle, foffset); return read(fhandle, buf, len); @@ -760,7 +954,7 @@ ssize_t rawexpread(off_t a, char *buf, size_t len, CLIENT *client) { * @return 0 on success, nonzero on failure **/ int rawexpread_fully(off_t a, char *buf, size_t len, CLIENT *client) { - ssize_t ret; + ssize_t ret=0; while(len > 0 && (ret=rawexpread(a, buf, len, client)) > 0 ) { a += ret; @@ -786,7 +980,7 @@ int expread(off_t a, char *buf, size_t len, CLIENT *client) { if (!(client->server->flags & F_COPYONWRITE)) return(rawexpread_fully(a, buf, len, client)); - DEBUG3("Asked to read %d bytes at %Lu.\n", len, (unsigned long long)a); + DEBUG3("Asked to read %d bytes at %llu.\n", len, (unsigned long long)a); mapl=a/DIFFPAGESIZE; maph=(a+len-1)/DIFFPAGESIZE; @@ -796,12 +990,12 @@ int expread(off_t a, char *buf, size_t len, CLIENT *client) { rdlen=(0difmap[mapcnt]!=(u32)(-1)) { /* the block is already there */ - DEBUG3("Page %Lu is at %lu\n", (unsigned long long)mapcnt, + DEBUG3("Page %llu is at %lu\n", (unsigned long long)mapcnt, (unsigned long)(client->difmap[mapcnt])); myseek(client->difffile, client->difmap[mapcnt]*DIFFPAGESIZE+offset); if (read(client->difffile, buf, rdlen) != rdlen) return -1; } else { /* the block is not there */ - DEBUG2("Page %Lu is not here, we read the original one\n", + DEBUG2("Page %llu is not here, we read the original one\n", (unsigned long long)mapcnt); if(rawexpread_fully(a, buf, rdlen, client)) return -1; } @@ -830,7 +1024,7 @@ int expwrite(off_t a, char *buf, size_t len, CLIENT *client) { if (!(client->server->flags & F_COPYONWRITE)) return(rawexpwrite_fully(a, buf, len, client)); - DEBUG3("Asked to write %d bytes at %Lu.\n", len, (unsigned long long)a); + DEBUG3("Asked to write %d bytes at %llu.\n", len, (unsigned long long)a); mapl=a/DIFFPAGESIZE ; maph=(a+len-1)/DIFFPAGESIZE ; @@ -841,15 +1035,15 @@ int expwrite(off_t a, char *buf, size_t len, CLIENT *client) { len : (size_t)DIFFPAGESIZE-offset; if (client->difmap[mapcnt]!=(u32)(-1)) { /* the block is already there */ - DEBUG3("Page %Lu is at %lu\n", (unsigned long long)mapcnt, + DEBUG3("Page %llu is at %lu\n", (unsigned long long)mapcnt, (unsigned long)(client->difmap[mapcnt])) ; myseek(client->difffile, client->difmap[mapcnt]*DIFFPAGESIZE+offset); if (write(client->difffile, buf, wrlen) != wrlen) return -1 ; } else { /* the block is not there */ myseek(client->difffile,client->difffilelen*DIFFPAGESIZE) ; - client->difmap[mapcnt]=client->difffilelen++ ; - DEBUG3("Page %Lu is not here, we put it at %lu\n", + client->difmap[mapcnt]=(client->server->flags&F_SPARSE)?mapcnt:client->difffilelen++; + DEBUG3("Page %llu is not here, we put it at %lu\n", (unsigned long long)mapcnt, (unsigned long)(client->difmap[mapcnt])); rdlen=DIFFPAGESIZE ; @@ -871,10 +1065,11 @@ int expwrite(off_t a, char *buf, size_t len, CLIENT *client) { * @param client The client we're negotiating with. **/ void negotiate(CLIENT *client) { - char zeros[300]; + char zeros[128]; u64 size_host; + u32 flags = NBD_FLAG_HAS_FLAGS; - memset(zeros, 0, 290); + memset(zeros, '\0', sizeof(zeros)); if (write(client->net, INIT_PASSWD, 8) < 0) err("Negotiation failed: %m"); cliserv_magic = htonll(cliserv_magic); @@ -883,14 +1078,19 @@ void negotiate(CLIENT *client) { size_host = htonll((u64)(client->exportsize)); if (write(client->net, &size_host, 8) < 0) err("Negotiation failed: %m"); - if (write(client->net, zeros, 128) < 0) + if (client->server->flags & F_READONLY) + flags |= NBD_FLAG_READ_ONLY; + flags = htonl(flags); + if (write(client->net, &flags, 4) < 0) + err("Negotiation failed: %m"); + if (write(client->net, zeros, 124) < 0) err("Negotiation failed: %m"); } /** sending macro. */ #define SEND(net,reply) writeit( net, &reply, sizeof( reply )); /** error macro. */ -#define ERROR(client,reply) { reply.error = htonl(-1); SEND(client->net,reply); reply.error = 0; } +#define ERROR(client,reply,errcode) { reply.error = htonl(errcode); SEND(client->net,reply); reply.error = 0; } /** * Serve a file to a single client. * @@ -898,7 +1098,7 @@ void negotiate(CLIENT *client) { * pieces. Preferably with a chainsaw. * * @param client The client we're going to serve to. - * @return never + * @return when the client disconnects **/ int mainloop(CLIENT *client) { struct nbd_request request; @@ -918,16 +1118,14 @@ int mainloop(CLIENT *client) { i++; printf("%d: ", i); #endif - if (client->server->timeout) - alarm(client->server->timeout); readit(client->net, &request, sizeof(request)); request.from = ntohll(request.from); request.type = ntohl(request.type); if (request.type==NBD_CMD_DISC) { msg2(LOG_INFO, "Disconnect request received."); - if (client->difmap) g_free(client->difmap) ; - if (client->difffile>=0) { + if (client->server->flags & F_COPYONWRITE) { + if (client->difmap) g_free(client->difmap) ; close(client->difffile); unlink(client->difffilename); free(client->difffilename); @@ -943,20 +1141,20 @@ int mainloop(CLIENT *client) { if (len > BUFSIZE + sizeof(struct nbd_reply)) err("Request too big!"); #ifdef DODBG - printf("%s from %Lu (%Lu) len %d, ", request.type ? "WRITE" : + printf("%s from %llu (%llu) len %d, ", request.type ? "WRITE" : "READ", (unsigned long long)request.from, (unsigned long long)request.from / 512, len); #endif memcpy(reply.handle, request.handle, sizeof(reply.handle)); if ((request.from + len) > (OFFT_MAX)) { DEBUG("[Number too large!]"); - ERROR(client, reply); + ERROR(client, reply, EINVAL); continue; } if (((ssize_t)((off_t)request.from + len) > client->exportsize)) { DEBUG("[RANGE!]"); - ERROR(client, reply); + ERROR(client, reply, EINVAL); continue; } @@ -967,12 +1165,12 @@ int mainloop(CLIENT *client) { if ((client->server->flags & F_READONLY) || (client->server->flags & F_AUTOREADONLY)) { DEBUG("[WRITE to READONLY!]"); - ERROR(client, reply); + ERROR(client, reply, EPERM); continue; } if (expwrite(request.from, buf, len, client)) { DEBUG("Write failed: %m" ); - ERROR(client, reply); + ERROR(client, reply, errno); continue; } SEND(client->net, reply); @@ -984,7 +1182,7 @@ int mainloop(CLIENT *client) { DEBUG("exp->buf, "); if (expread(request.from, buf + sizeof(struct nbd_reply), len, client)) { DEBUG("Read failed: %m"); - ERROR(client, reply); + ERROR(client, reply, errno); continue; } @@ -1014,6 +1212,7 @@ void setupexport(CLIENT* client) { for(i=0; ; i++) { FILE_INFO fi; gchar *tmpname; + gchar* error_string; mode_t mode = (client->server->flags & F_READONLY) ? O_RDONLY : O_RDWR; if(multifile) { @@ -1027,14 +1226,21 @@ void setupexport(CLIENT* client) { /* Try again because maybe media was read-only */ fi.fhandle = open(tmpname, O_RDONLY); if(fi.fhandle != -1) { - client->server->flags |= F_AUTOREADONLY; - client->server->flags |= F_READONLY; + /* Opening the base file in copyonwrite mode is + * okay */ + if(!(client->server->flags & F_COPYONWRITE)) { + client->server->flags |= F_AUTOREADONLY; + client->server->flags |= F_READONLY; + } } } if(fi.fhandle == -1) { if(multifile && i>0) break; - err("Could not open exported file: %m"); + error_string=g_strdup_printf( + "Could not open exported file %s: %%m", + tmpname); + err(error_string); } fi.startoff = laststartoff + lastsize; g_array_append_val(client->export, fi); @@ -1062,7 +1268,7 @@ void setupexport(CLIENT* client) { client->exportsize = client->server->expected_size; } - msg3(LOG_INFO, "Size of exported file/device is %Lu", (unsigned long long)client->exportsize); + msg3(LOG_INFO, "Size of exported file/device is %llu", (unsigned long long)client->exportsize); if(multifile) { msg3(LOG_INFO, "Total number of files: %d", i); } @@ -1086,6 +1292,25 @@ int copyonwrite_prepare(CLIENT* client) { } /** + * Run a command. This is used for the ``prerun'' and ``postrun'' config file + * options + * + * @param command the command to be ran. Read from the config file + * @param file the file name we're about to export + **/ +int do_run(gchar* command, gchar* file) { + gchar* cmd; + int retval=0; + + if(command && *command) { + cmd = g_strdup_printf(command, file); + retval=system(cmd); + g_free(cmd); + } + return retval; +} + +/** * Serve a connection. * * @todo allow for multithreading, perhaps use libevent. Not just yet, though; @@ -1094,6 +1319,9 @@ int copyonwrite_prepare(CLIENT* client) { * @param client a connected client **/ void serveconnection(CLIENT *client) { + if(do_run(client->server->prerun, client->exportname)) { + exit(EXIT_FAILURE); + } setupexport(client); if (client->server->flags & F_COPYONWRITE) { @@ -1103,12 +1331,14 @@ void serveconnection(CLIENT *client) { setmysockopt(client->net); mainloop(client); + do_run(client->server->postrun, client->exportname); } /** * Find the name of the file we have to serve. This will use g_strdup_printf * to put the IP address of the client inside a filename containing - * "%s". That name is then written to client->exportname. + * "%s" (in the form as specified by the "virtstyle" option). That name + * is then written to client->exportname. * * @param net A socket connected to an nbd client * @param client information about the client. The IP address in human-readable @@ -1117,17 +1347,43 @@ void serveconnection(CLIENT *client) { **/ void set_peername(int net, CLIENT *client) { struct sockaddr_in addrin; - int addrinlen = sizeof( addrin ); - char *peername ; + struct sockaddr_in netaddr; + size_t addrinlen = sizeof( addrin ); + char *peername; + char *netname; + char *tmp; + int i; if (getpeername(net, (struct sockaddr *) &addrin, (socklen_t *)&addrinlen) < 0) err("getsockname failed: %m"); - peername = inet_ntoa(addrin.sin_addr); - client->exportname=g_strdup_printf(client->server->exportname, peername); + peername = g_strdup(inet_ntoa(addrin.sin_addr)); + switch(client->server->virtstyle) { + case VIRT_NONE: + client->exportname=g_strdup(client->server->exportname); + break; + case VIRT_IPHASH: + for(i=0;iexportname=g_strdup_printf(client->server->exportname, peername); + break; + case VIRT_CIDR: + memcpy(&netaddr, &addrin, addrinlen); + netaddr.sin_addr.s_addr>>=32-(client->server->cidrlen); + netaddr.sin_addr.s_addr<<=32-(client->server->cidrlen); + netname = inet_ntoa(netaddr.sin_addr); + tmp=g_strdup_printf("%s/%s", netname, peername); + client->exportname=g_strdup_printf(client->server->exportname, tmp); + break; + } msg4(LOG_INFO, "connect from %s, assigned file is %s", peername, client->exportname); client->clientname=g_strdup(peername); + g_free(peername); } /** @@ -1139,106 +1395,7 @@ void destroy_pid_t(gpointer data) { } /** - * Go daemon (unless we specified at compile time that we didn't want this) - * @param serve the first server of our configuration. If its port is zero, - * then do not daemonize, because we're doing inetd then. This parameter - * is only used to create a PID file of the form - * /var/run/nbd-server.<port>.pid; it's not modified in any way. - **/ -#if !defined(NODAEMON) && !defined(NOFORK) -void daemonize(SERVER* serve) { - FILE*pidf; - - if(daemon(0,0)<0) { - err("daemon"); - } - if(serve) { - snprintf(pidfname, sizeof(char)*255, "/var/run/nbd-server.%d.pid", serve->port); - } else { - strncpy(pidfname, "/var/run/nbd-server.pid", sizeof(char)*255); - } - pidf=fopen(pidfname, "w"); - if(pidf) { - fprintf(pidf,"%d\n", (int)getpid()); - fclose(pidf); - } else { - perror("fopen"); - fprintf(stderr, "Not fatal; continuing"); - } -} -#else -#define daemonize(serve) -#endif /* !defined(NODAEMON) && !defined(NOFORK) */ - -/** - * Connect a server's socket. - * - * @param serve the server we want to connect. - **/ -void setup_serve(SERVER *serve) { - struct sockaddr_in addrin; - struct sigaction sa; - int addrinlen = sizeof(addrin); - int sock_flags; -#ifndef sun - int yes=1; -#else - char yes='1'; -#endif /* sun */ - if ((serve->socket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) - err("socket: %m"); - - /* lose the pesky "Address already in use" error message */ - if (setsockopt(serve->socket,SOL_SOCKET,SO_REUSEADDR,&yes,sizeof(int)) == -1) { - err("setsockopt SO_REUSEADDR"); - } - if (setsockopt(serve->socket,SOL_SOCKET,SO_KEEPALIVE,&yes,sizeof(int)) == -1) { - err("setsockopt SO_KEEPALIVE"); - } - - /* make the listening socket non-blocking */ - if ((sock_flags = fcntl(serve->socket, F_GETFL, 0)) == -1) { - err("fcntl F_GETFL"); - } - if (fcntl(serve->socket, F_SETFL, sock_flags | O_NONBLOCK) == -1) { - err("fcntl F_SETFL O_NONBLOCK"); - } - - DEBUG("Waiting for connections... bind, "); - addrin.sin_family = AF_INET; - addrin.sin_port = htons(serve->port); - addrin.sin_addr.s_addr = 0; - if (bind(serve->socket, (struct sockaddr *) &addrin, addrinlen) < 0) - err("bind: %m"); - DEBUG("listen, "); - if (listen(serve->socket, 1) < 0) - err("listen: %m"); - sa.sa_handler = sigchld_handler; - sigemptyset(&sa.sa_mask); - sa.sa_flags = SA_RESTART; - if(sigaction(SIGCHLD, &sa, NULL) == -1) - err("sigaction: %m"); - sa.sa_handler = sigterm_handler; - sigemptyset(&sa.sa_mask); - sa.sa_flags = SA_RESTART; - if(sigaction(SIGTERM, &sa, NULL) == -1) - err("sigaction: %m"); - children=g_hash_table_new_full(g_int_hash, g_int_equal, NULL, destroy_pid_t); -} - -/** - * Connect our servers. - **/ -void setup_servers(GArray* servers) { - int i; - - for(i=0;ilen;i++) { - setup_serve(&(g_array_index(servers, SERVER, i))); - } -} - -/** - * Loop through the available servers, and serve them. + * Loop through the available servers, and serve them. Never returns. **/ int serveloop(GArray* servers) { struct sockaddr_in addrin; @@ -1249,7 +1406,6 @@ int serveloop(GArray* servers) { int sock; fd_set mset; fd_set rset; - struct timeval tv; /* * Set up the master fd_set. The set of descriptors we need @@ -1271,16 +1427,21 @@ int serveloop(GArray* servers) { pid_t *pid; memcpy(&rset, &mset, sizeof(fd_set)); - tv.tv_sec=0; - tv.tv_usec=500; - if(select(max+1, &rset, NULL, NULL, &tv)>0) { + if(select(max+1, &rset, NULL, NULL, NULL)>0) { DEBUG("accept, "); for(i=0;ilen;i++) { serve=&(g_array_index(servers, SERVER, i)); if(FD_ISSET(serve->socket, &rset)) { + int sock_flags; if ((net=accept(serve->socket, (struct sockaddr *) &addrin, &addrinlen)) < 0) err("accept: %m"); + if((sock_flags = fcntl(net, F_GETFL, 0))==-1) { + err("fcntl F_GETFL"); + } + if(fcntl(net, F_SETFL, sock_flags &~O_NONBLOCK)==-1) { + err("fcntl F_SETFL ~O_NONBLOCK"); + } client = g_malloc(sizeof(CLIENT)); client->server=serve; client->exportsize=OFFT_MAX; @@ -1306,7 +1467,8 @@ int serveloop(GArray* servers) { } /* child */ g_hash_table_destroy(children); - for(i=0;ilen,serve=(g_array_index(servers, SERVER*, i));i++) { + for(i=0;ilen;i++) { + serve=&g_array_index(servers, SERVER, i); close(serve->socket); } /* FALSE does not free the @@ -1319,6 +1481,7 @@ int serveloop(GArray* servers) { #endif // NOFORK msg2(LOG_INFO,"Starting to serve"); serveconnection(client); + exit(EXIT_SUCCESS); } } } @@ -1326,6 +1489,197 @@ int serveloop(GArray* servers) { } /** + * Connect a server's socket. + * + * @param serve the server we want to connect. + **/ +void setup_serve(SERVER *serve) { + struct sockaddr_in addrin; + struct sigaction sa; + int addrinlen = sizeof(addrin); + int sock_flags; + int af; +#ifndef sun + int yes=1; +#else + char yes='1'; +#endif /* sun */ + + af = AF_INET; +#ifdef WITH_SDP + if ((serve->flags) && F_SDP) { + af = AF_INET_SDP; + } +#endif + if ((serve->socket = socket(af, SOCK_STREAM, IPPROTO_TCP)) < 0) + err("socket: %m"); + + /* lose the pesky "Address already in use" error message */ + if (setsockopt(serve->socket,SOL_SOCKET,SO_REUSEADDR,&yes,sizeof(int)) == -1) { + err("setsockopt SO_REUSEADDR"); + } + if (setsockopt(serve->socket,SOL_SOCKET,SO_KEEPALIVE,&yes,sizeof(int)) == -1) { + err("setsockopt SO_KEEPALIVE"); + } + + /* make the listening socket non-blocking */ + if ((sock_flags = fcntl(serve->socket, F_GETFL, 0)) == -1) { + err("fcntl F_GETFL"); + } + if (fcntl(serve->socket, F_SETFL, sock_flags | O_NONBLOCK) == -1) { + err("fcntl F_SETFL O_NONBLOCK"); + } + + DEBUG("Waiting for connections... bind, "); + addrin.sin_family = AF_INET; +#ifdef WITH_SDP + if(serve->flags & F_SDP) { + addrin.sin_family = AF_INET_SDP; + } +#endif + addrin.sin_port = htons(serve->port); + if(!inet_aton(serve->listenaddr, &(addrin.sin_addr))) + err("could not parse listen address"); + if (bind(serve->socket, (struct sockaddr *) &addrin, addrinlen) < 0) + err("bind: %m"); + DEBUG("listen, "); + if (listen(serve->socket, 1) < 0) + err("listen: %m"); + sa.sa_handler = sigchld_handler; + sigemptyset(&sa.sa_mask); + sa.sa_flags = SA_RESTART; + if(sigaction(SIGCHLD, &sa, NULL) == -1) + err("sigaction: %m"); + sa.sa_handler = sigterm_handler; + sigemptyset(&sa.sa_mask); + sa.sa_flags = SA_RESTART; + if(sigaction(SIGTERM, &sa, NULL) == -1) + err("sigaction: %m"); +} + +/** + * Connect our servers. + **/ +void setup_servers(GArray* servers) { + int i; + + for(i=0;ilen;i++) { + setup_serve(&(g_array_index(servers, SERVER, i))); + } + children=g_hash_table_new_full(g_int_hash, g_int_equal, NULL, destroy_pid_t); +} + +/** + * Go daemon (unless we specified at compile time that we didn't want this) + * @param serve the first server of our configuration. If its port is zero, + * then do not daemonize, because we're doing inetd then. This parameter + * is only used to create a PID file of the form + * /var/run/nbd-server.<port>.pid; it's not modified in any way. + **/ +#if !defined(NODAEMON) && !defined(NOFORK) +void daemonize(SERVER* serve) { + FILE*pidf; + + if(serve && !(serve->port)) { + return; + } + if(daemon(0,0)<0) { + err("daemon"); + } + if(!*pidftemplate) { + if(serve) { + strncpy(pidftemplate, "/var/run/nbd-server.%d.pid", 255); + } else { + strncpy(pidftemplate, "/var/run/nbd-server.pid", 255); + } + } + snprintf(pidfname, 255, pidftemplate, serve ? serve->port : 0); + pidf=fopen(pidfname, "w"); + if(pidf) { + fprintf(pidf,"%d\n", (int)getpid()); + fclose(pidf); + } else { + perror("fopen"); + fprintf(stderr, "Not fatal; continuing"); + } +} +#else +#define daemonize(serve) +#endif /* !defined(NODAEMON) && !defined(NOFORK) */ + +/* + * Everything beyond this point (in the file) is run in non-daemon mode. + * The stuff above daemonize() isn't. + */ + +void serve_err(SERVER* serve, const char* msg) G_GNUC_NORETURN; + +void serve_err(SERVER* serve, const char* msg) { + g_message("Export of %s on port %d failed:", serve->exportname, + serve->port); + err(msg); +} + +/** + * Set up user-ID and/or group-ID + **/ +void dousers(void) { + struct passwd *pw; + struct group *gr; + if(rungroup) { + gr=getgrnam(rungroup); + if(!gr) { + g_message("Invalid group name: %s", rungroup); + exit(EXIT_FAILURE); + } + if(setgid(gr->gr_gid)<0) { + g_message("Could not set GID: %s", strerror(errno)); + exit(EXIT_FAILURE); + } + } + if(runuser) { + pw=getpwnam(runuser); + if(!pw) { + g_message("Invalid user name: %s", runuser); + exit(EXIT_FAILURE); + } + if(setuid(pw->pw_uid)<0) { + g_message("Could not set UID: %s", strerror(errno)); + exit(EXIT_FAILURE); + } + } +} + +#ifndef ISSERVER +void glib_message_syslog_redirect(const gchar *log_domain, + GLogLevelFlags log_level, + const gchar *message, + gpointer user_data) +{ + int level=LOG_DEBUG; + + switch( log_level ) + { + case G_LOG_FLAG_FATAL: + case G_LOG_LEVEL_CRITICAL: + case G_LOG_LEVEL_ERROR: + level=LOG_ERR; + break; + case G_LOG_LEVEL_WARNING: + level=LOG_WARNING; + break; + case G_LOG_LEVEL_MESSAGE: + case G_LOG_LEVEL_INFO: + level=LOG_INFO; + break; + case G_LOG_LEVEL_DEBUG: + level=LOG_DEBUG; + } + syslog(level, message); +} +#endif + +/** * Main entry point... **/ int main(int argc, char *argv[]) { @@ -1335,49 +1689,54 @@ int main(int argc, char *argv[]) { if (sizeof( struct nbd_request )!=28) { fprintf(stderr,"Bad size of structure. Alignment problems?\n"); - exit(-1) ; + exit(EXIT_FAILURE) ; } + memset(pidftemplate, '\0', 256); + logging(); config_file_pos = g_strdup(CFILE); serve=cmdline(argc, argv); servers = parse_cfile(config_file_pos, &err); - if(!servers || !servers->len) { - g_warning("Could not parse config file: %s", err->message); - } + if(serve) { g_array_append_val(servers, *serve); - } - -/* We don't support this at this time */ -#if 0 - if (!(serve->port)) { - CLIENT *client; + + if (!(serve->port)) { + CLIENT *client; #ifndef ISSERVER - /* You really should define ISSERVER if you're going to use - * inetd mode, but if you don't, closing stdout and stderr - * (which inetd had connected to the client socket) will let it - * work. */ - close(1); - close(2); - open("/dev/null", O_WRONLY); - open("/dev/null", O_WRONLY); -#endif - client=g_malloc(sizeof(CLIENT)); - client->server=serve; - client->net=0; - client->exportsize=OFFT_MAX; - set_peername(0,client); - serveconnection(client); - return 0; - } + /* You really should define ISSERVER if you're going to use + * inetd mode, but if you don't, closing stdout and stderr + * (which inetd had connected to the client socket) will let it + * work. */ + close(1); + close(2); + open("/dev/null", O_WRONLY); + open("/dev/null", O_WRONLY); + g_log_set_default_handler( glib_message_syslog_redirect, NULL ); #endif + client=g_malloc(sizeof(CLIENT)); + client->server=serve; + client->net=0; + client->exportsize=OFFT_MAX; + set_peername(0,client); + serveconnection(client); + return 0; + } + } + + if(!servers || !servers->len) { + g_warning("Could not parse config file: %s", + err ? err->message : "Unknown error"); + } + if((!serve) && (!servers||!servers->len)) { g_message("Nothing to do! Bye!"); exit(EXIT_FAILURE); } daemonize(serve); setup_servers(servers); + dousers(); serveloop(servers); return 0 ; }