1 /***************************************************************************
2  *                                  _   _ ____  _
3  *  Project                     ___| | | |  _ \| |
4  *                             / __| | | | |_) | |
5  *                            | (__| |_| |  _ <| |___
6  *                             \___|\___/|_| \_\_____|
7  *
8  * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
9  *
10  * This software is licensed as described in the file COPYING, which
11  * you should have received as part of this distribution. The terms
12  * are also available at https://curl.haxx.se/docs/copyright.html.
13  *
14  * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15  * copies of the Software, and permit persons to whom the Software is
16  * furnished to do so, under the terms of the COPYING file.
17  *
18  * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19  * KIND, either express or implied.
20  *
21  ***************************************************************************/
22 #include "server_setup.h"
23 
24 /* Purpose
25  *
26  * 1. Accept a TCP connection on a custom port (IPv4 or IPv6), or connect
27  *    to a given (localhost) port.
28  *
29  * 2. Get commands on STDIN. Pass data on to the TCP stream.
30  *    Get data from TCP stream and pass on to STDOUT.
31  *
32  * This program is made to perform all the socket/stream/connection stuff for
33  * the test suite's (perl) FTP server. Previously the perl code did all of
34  * this by its own, but I decided to let this program do the socket layer
35  * because of several things:
36  *
37  * o We want the perl code to work with rather old perl installations, thus
38  *   we cannot use recent perl modules or features.
39  *
40  * o We want IPv6 support for systems that provide it, and doing optional IPv6
41  *   support in perl seems if not impossible so at least awkward.
42  *
43  * o We want FTP-SSL support, which means that a connection that starts with
44  *   plain sockets needs to be able to "go SSL" in the midst. This would also
45  *   require some nasty perl stuff I'd rather avoid.
46  *
47  * (Source originally based on sws.c)
48  */
49 
50 /*
51  * Signal handling notes for sockfilt
52  * ----------------------------------
53  *
54  * This program is a single-threaded process.
55  *
56  * This program is intended to be highly portable and as such it must be kept
57  * as simple as possible, due to this the only signal handling mechanisms used
58  * will be those of ANSI C, and used only in the most basic form which is good
59  * enough for the purpose of this program.
60  *
61  * For the above reason and the specific needs of this program signals SIGHUP,
62  * SIGPIPE and SIGALRM will be simply ignored on systems where this can be
63  * done.  If possible, signals SIGINT and SIGTERM will be handled by this
64  * program as an indication to cleanup and finish execution as soon as
65  * possible.  This will be achieved with a single signal handler
66  * 'exit_signal_handler' for both signals.
67  *
68  * The 'exit_signal_handler' upon the first SIGINT or SIGTERM received signal
69  * will just set to one the global var 'got_exit_signal' storing in global var
70  * 'exit_signal' the signal that triggered this change.
71  *
72  * Nothing fancy that could introduce problems is used, the program at certain
73  * points in its normal flow checks if var 'got_exit_signal' is set and in
74  * case this is true it just makes its way out of loops and functions in
75  * structured and well behaved manner to achieve proper program cleanup and
76  * termination.
77  *
78  * Even with the above mechanism implemented it is worthwile to note that
79  * other signals might still be received, or that there might be systems on
80  * which it is not possible to trap and ignore some of the above signals.
81  * This implies that for increased portability and reliability the program
82  * must be coded as if no signal was being ignored or handled at all.  Enjoy
83  * it!
84  */
85 
86 #ifdef HAVE_SIGNAL_H
87 #include <signal.h>
88 #endif
89 #ifdef HAVE_NETINET_IN_H
90 #include <netinet/in.h>
91 #endif
92 #ifdef HAVE_ARPA_INET_H
93 #include <arpa/inet.h>
94 #endif
95 #ifdef HAVE_NETDB_H
96 #include <netdb.h>
97 #endif
98 
99 #define ENABLE_CURLX_PRINTF
100 /* make the curlx header define all printf() functions to use the curlx_*
101    versions instead */
102 #include "curlx.h" /* from the private lib dir */
103 #include "getpart.h"
104 #include "inet_pton.h"
105 #include "util.h"
106 #include "server_sockaddr.h"
107 #include "warnless.h"
108 
109 /* include memdebug.h last */
110 #include "memdebug.h"
111 
112 #ifdef USE_WINSOCK
113 #undef  EINTR
114 #define EINTR    4 /* errno.h value */
115 #undef  EAGAIN
116 #define EAGAIN  11 /* errno.h value */
117 #undef  ENOMEM
118 #define ENOMEM  12 /* errno.h value */
119 #undef  EINVAL
120 #define EINVAL  22 /* errno.h value */
121 #endif
122 
123 #define DEFAULT_PORT 8999
124 
125 #ifndef DEFAULT_LOGFILE
126 #define DEFAULT_LOGFILE "log/sockfilt.log"
127 #endif
128 
129 const char *serverlogfile = DEFAULT_LOGFILE;
130 
131 static bool verbose = FALSE;
132 static bool bind_only = FALSE;
133 #ifdef ENABLE_IPV6
134 static bool use_ipv6 = FALSE;
135 #endif
136 static const char *ipv_inuse = "IPv4";
137 static unsigned short port = DEFAULT_PORT;
138 static unsigned short connectport = 0; /* if non-zero, we activate this mode */
139 
140 enum sockmode {
141   PASSIVE_LISTEN,    /* as a server waiting for connections */
142   PASSIVE_CONNECT,   /* as a server, connected to a client */
143   ACTIVE,            /* as a client, connected to a server */
144   ACTIVE_DISCONNECT  /* as a client, disconnected from server */
145 };
146 
147 /* do-nothing macro replacement for systems which lack siginterrupt() */
148 
149 #ifndef HAVE_SIGINTERRUPT
150 #define siginterrupt(x,y) do {} while(0)
151 #endif
152 
153 /* vars used to keep around previous signal handlers */
154 
155 typedef RETSIGTYPE (*SIGHANDLER_T)(int);
156 
157 #ifdef SIGHUP
158 static SIGHANDLER_T old_sighup_handler  = SIG_ERR;
159 #endif
160 
161 #ifdef SIGPIPE
162 static SIGHANDLER_T old_sigpipe_handler = SIG_ERR;
163 #endif
164 
165 #ifdef SIGALRM
166 static SIGHANDLER_T old_sigalrm_handler = SIG_ERR;
167 #endif
168 
169 #ifdef SIGINT
170 static SIGHANDLER_T old_sigint_handler  = SIG_ERR;
171 #endif
172 
173 #ifdef SIGTERM
174 static SIGHANDLER_T old_sigterm_handler = SIG_ERR;
175 #endif
176 
177 #if defined(SIGBREAK) && defined(WIN32)
178 static SIGHANDLER_T old_sigbreak_handler = SIG_ERR;
179 #endif
180 
181 /* var which if set indicates that the program should finish execution */
182 
183 SIG_ATOMIC_T got_exit_signal = 0;
184 
185 /* if next is set indicates the first signal handled in exit_signal_handler */
186 
187 static volatile int exit_signal = 0;
188 
189 /* signal handler that will be triggered to indicate that the program
190   should finish its execution in a controlled manner as soon as possible.
191   The first time this is called it will set got_exit_signal to one and
192   store in exit_signal the signal that triggered its execution. */
193 
exit_signal_handler(int signum)194 static RETSIGTYPE exit_signal_handler(int signum)
195 {
196   int old_errno = errno;
197   if(got_exit_signal == 0) {
198     got_exit_signal = 1;
199     exit_signal = signum;
200   }
201   (void)signal(signum, exit_signal_handler);
202   errno = old_errno;
203 }
204 
install_signal_handlers(void)205 static void install_signal_handlers(void)
206 {
207 #ifdef SIGHUP
208   /* ignore SIGHUP signal */
209   if((old_sighup_handler = signal(SIGHUP, SIG_IGN)) == SIG_ERR)
210     logmsg("cannot install SIGHUP handler: %s", strerror(errno));
211 #endif
212 #ifdef SIGPIPE
213   /* ignore SIGPIPE signal */
214   if((old_sigpipe_handler = signal(SIGPIPE, SIG_IGN)) == SIG_ERR)
215     logmsg("cannot install SIGPIPE handler: %s", strerror(errno));
216 #endif
217 #ifdef SIGALRM
218   /* ignore SIGALRM signal */
219   if((old_sigalrm_handler = signal(SIGALRM, SIG_IGN)) == SIG_ERR)
220     logmsg("cannot install SIGALRM handler: %s", strerror(errno));
221 #endif
222 #ifdef SIGINT
223   /* handle SIGINT signal with our exit_signal_handler */
224   if((old_sigint_handler = signal(SIGINT, exit_signal_handler)) == SIG_ERR)
225     logmsg("cannot install SIGINT handler: %s", strerror(errno));
226   else
227     siginterrupt(SIGINT, 1);
228 #endif
229 #ifdef SIGTERM
230   /* handle SIGTERM signal with our exit_signal_handler */
231   if((old_sigterm_handler = signal(SIGTERM, exit_signal_handler)) == SIG_ERR)
232     logmsg("cannot install SIGTERM handler: %s", strerror(errno));
233   else
234     siginterrupt(SIGTERM, 1);
235 #endif
236 #if defined(SIGBREAK) && defined(WIN32)
237   /* handle SIGBREAK signal with our exit_signal_handler */
238   if((old_sigbreak_handler = signal(SIGBREAK, exit_signal_handler)) == SIG_ERR)
239     logmsg("cannot install SIGBREAK handler: %s", strerror(errno));
240   else
241     siginterrupt(SIGBREAK, 1);
242 #endif
243 }
244 
restore_signal_handlers(void)245 static void restore_signal_handlers(void)
246 {
247 #ifdef SIGHUP
248   if(SIG_ERR != old_sighup_handler)
249     (void)signal(SIGHUP, old_sighup_handler);
250 #endif
251 #ifdef SIGPIPE
252   if(SIG_ERR != old_sigpipe_handler)
253     (void)signal(SIGPIPE, old_sigpipe_handler);
254 #endif
255 #ifdef SIGALRM
256   if(SIG_ERR != old_sigalrm_handler)
257     (void)signal(SIGALRM, old_sigalrm_handler);
258 #endif
259 #ifdef SIGINT
260   if(SIG_ERR != old_sigint_handler)
261     (void)signal(SIGINT, old_sigint_handler);
262 #endif
263 #ifdef SIGTERM
264   if(SIG_ERR != old_sigterm_handler)
265     (void)signal(SIGTERM, old_sigterm_handler);
266 #endif
267 #if defined(SIGBREAK) && defined(WIN32)
268   if(SIG_ERR != old_sigbreak_handler)
269     (void)signal(SIGBREAK, old_sigbreak_handler);
270 #endif
271 }
272 
273 #ifdef WIN32
274 /*
275  * read-wrapper to support reading from stdin on Windows.
276  */
read_wincon(int fd,void * buf,size_t count)277 static ssize_t read_wincon(int fd, void *buf, size_t count)
278 {
279   HANDLE handle = NULL;
280   DWORD mode, rcount = 0;
281   BOOL success;
282 
283   if(fd == fileno(stdin)) {
284     handle = GetStdHandle(STD_INPUT_HANDLE);
285   }
286   else {
287     return read(fd, buf, count);
288   }
289 
290   if(GetConsoleMode(handle, &mode)) {
291     success = ReadConsole(handle, buf, curlx_uztoul(count), &rcount, NULL);
292   }
293   else {
294     success = ReadFile(handle, buf, curlx_uztoul(count), &rcount, NULL);
295   }
296   if(success) {
297     return rcount;
298   }
299 
300   errno = GetLastError();
301   return -1;
302 }
303 #undef  read
304 #define read(a,b,c) read_wincon(a,b,c)
305 
306 /*
307  * write-wrapper to support writing to stdout and stderr on Windows.
308  */
write_wincon(int fd,const void * buf,size_t count)309 static ssize_t write_wincon(int fd, const void *buf, size_t count)
310 {
311   HANDLE handle = NULL;
312   DWORD mode, wcount = 0;
313   BOOL success;
314 
315   if(fd == fileno(stdout)) {
316     handle = GetStdHandle(STD_OUTPUT_HANDLE);
317   }
318   else if(fd == fileno(stderr)) {
319     handle = GetStdHandle(STD_ERROR_HANDLE);
320   }
321   else {
322     return write(fd, buf, count);
323   }
324 
325   if(GetConsoleMode(handle, &mode)) {
326     success = WriteConsole(handle, buf, curlx_uztoul(count), &wcount, NULL);
327   }
328   else {
329     success = WriteFile(handle, buf, curlx_uztoul(count), &wcount, NULL);
330   }
331   if(success) {
332     return wcount;
333   }
334 
335   errno = GetLastError();
336   return -1;
337 }
338 #undef  write
339 #define write(a,b,c) write_wincon(a,b,c)
340 #endif
341 
342 /*
343  * fullread is a wrapper around the read() function. This will repeat the call
344  * to read() until it actually has read the complete number of bytes indicated
345  * in nbytes or it fails with a condition that cannot be handled with a simple
346  * retry of the read call.
347  */
348 
fullread(int filedes,void * buffer,size_t nbytes)349 static ssize_t fullread(int filedes, void *buffer, size_t nbytes)
350 {
351   int error;
352   ssize_t rc;
353   ssize_t nread = 0;
354 
355   do {
356     rc = read(filedes, (unsigned char *)buffer + nread, nbytes - nread);
357 
358     if(got_exit_signal) {
359       logmsg("signalled to die");
360       return -1;
361     }
362 
363     if(rc < 0) {
364       error = errno;
365       if((error == EINTR) || (error == EAGAIN))
366         continue;
367       logmsg("reading from file descriptor: %d,", filedes);
368       logmsg("unrecoverable read() failure: (%d) %s",
369              error, strerror(error));
370       return -1;
371     }
372 
373     if(rc == 0) {
374       logmsg("got 0 reading from stdin");
375       return 0;
376     }
377 
378     nread += rc;
379 
380   } while((size_t)nread < nbytes);
381 
382   if(verbose)
383     logmsg("read %zd bytes", nread);
384 
385   return nread;
386 }
387 
388 /*
389  * fullwrite is a wrapper around the write() function. This will repeat the
390  * call to write() until it actually has written the complete number of bytes
391  * indicated in nbytes or it fails with a condition that cannot be handled
392  * with a simple retry of the write call.
393  */
394 
fullwrite(int filedes,const void * buffer,size_t nbytes)395 static ssize_t fullwrite(int filedes, const void *buffer, size_t nbytes)
396 {
397   int error;
398   ssize_t wc;
399   ssize_t nwrite = 0;
400 
401   do {
402     wc = write(filedes, (unsigned char *)buffer + nwrite, nbytes - nwrite);
403 
404     if(got_exit_signal) {
405       logmsg("signalled to die");
406       return -1;
407     }
408 
409     if(wc < 0) {
410       error = errno;
411       if((error == EINTR) || (error == EAGAIN))
412         continue;
413       logmsg("writing to file descriptor: %d,", filedes);
414       logmsg("unrecoverable write() failure: (%d) %s",
415              error, strerror(error));
416       return -1;
417     }
418 
419     if(wc == 0) {
420       logmsg("put 0 writing to stdout");
421       return 0;
422     }
423 
424     nwrite += wc;
425 
426   } while((size_t)nwrite < nbytes);
427 
428   if(verbose)
429     logmsg("wrote %zd bytes", nwrite);
430 
431   return nwrite;
432 }
433 
434 /*
435  * read_stdin tries to read from stdin nbytes into the given buffer. This is a
436  * blocking function that will only return TRUE when nbytes have actually been
437  * read or FALSE when an unrecoverable error has been detected. Failure of this
438  * function is an indication that the sockfilt process should terminate.
439  */
440 
read_stdin(void * buffer,size_t nbytes)441 static bool read_stdin(void *buffer, size_t nbytes)
442 {
443   ssize_t nread = fullread(fileno(stdin), buffer, nbytes);
444   if(nread != (ssize_t)nbytes) {
445     logmsg("exiting...");
446     return FALSE;
447   }
448   return TRUE;
449 }
450 
451 /*
452  * write_stdout tries to write to stdio nbytes from the given buffer. This is a
453  * blocking function that will only return TRUE when nbytes have actually been
454  * written or FALSE when an unrecoverable error has been detected. Failure of
455  * this function is an indication that the sockfilt process should terminate.
456  */
457 
write_stdout(const void * buffer,size_t nbytes)458 static bool write_stdout(const void *buffer, size_t nbytes)
459 {
460   ssize_t nwrite = fullwrite(fileno(stdout), buffer, nbytes);
461   if(nwrite != (ssize_t)nbytes) {
462     logmsg("exiting...");
463     return FALSE;
464   }
465   return TRUE;
466 }
467 
lograw(unsigned char * buffer,ssize_t len)468 static void lograw(unsigned char *buffer, ssize_t len)
469 {
470   char data[120];
471   ssize_t i;
472   unsigned char *ptr = buffer;
473   char *optr = data;
474   ssize_t width=0;
475   int left = sizeof(data);
476 
477   for(i=0; i<len; i++) {
478     switch(ptr[i]) {
479     case '\n':
480       snprintf(optr, left, "\\n");
481       width += 2;
482       optr += 2;
483       left-=2;
484       break;
485     case '\r':
486       snprintf(optr, left, "\\r");
487       width += 2;
488       optr += 2;
489       left-=2;
490       break;
491     default:
492       snprintf(optr, left, "%c", (ISGRAPH(ptr[i]) ||
493                                   ptr[i]==0x20) ?ptr[i]:'.');
494       width++;
495       optr++;
496       left--;
497       break;
498     }
499 
500     if(width>60) {
501       logmsg("'%s'", data);
502       width = 0;
503       optr = data;
504       left = sizeof(data);
505     }
506   }
507   if(width)
508     logmsg("'%s'", data);
509 }
510 
511 #ifdef USE_WINSOCK
512 /*
513  * WinSock select() does not support standard file descriptors,
514  * it can only check SOCKETs. The following function is an attempt
515  * to re-create a select() function with support for other handle types.
516  *
517  * select() function with support for WINSOCK2 sockets and all
518  * other handle types supported by WaitForMultipleObjectsEx() as
519  * well as disk files, anonymous and names pipes, and character input.
520  *
521  * https://msdn.microsoft.com/en-us/library/windows/desktop/ms687028.aspx
522  * https://msdn.microsoft.com/en-us/library/windows/desktop/ms741572.aspx
523  */
524 struct select_ws_wait_data {
525   HANDLE handle; /* actual handle to wait for during select */
526   HANDLE event;  /* internal event to abort waiting thread */
527 };
select_ws_wait_thread(LPVOID lpParameter)528 static DWORD WINAPI select_ws_wait_thread(LPVOID lpParameter)
529 {
530   struct select_ws_wait_data *data;
531   HANDLE handle, handles[2];
532   INPUT_RECORD inputrecord;
533   LARGE_INTEGER size, pos;
534   DWORD type, length;
535 
536   /* retrieve handles from internal structure */
537   data = (struct select_ws_wait_data *) lpParameter;
538   if(data) {
539     handle = data->handle;
540     handles[0] = data->event;
541     handles[1] = handle;
542     free(data);
543   }
544   else
545     return -1;
546 
547   /* retrieve the type of file to wait on */
548   type = GetFileType(handle);
549   switch(type) {
550     case FILE_TYPE_DISK:
551        /* The handle represents a file on disk, this means:
552         * - WaitForMultipleObjectsEx will always be signalled for it.
553         * - comparison of current position in file and total size of
554         *   the file can be used to check if we reached the end yet.
555         *
556         * Approach: Loop till either the internal event is signalled
557         *           or if the end of the file has already been reached.
558         */
559       while(WaitForMultipleObjectsEx(1, handles, FALSE, 0, FALSE)
560             == WAIT_TIMEOUT) {
561         /* get total size of file */
562         length = 0;
563         size.QuadPart = 0;
564         size.LowPart = GetFileSize(handle, &length);
565         if((size.LowPart != INVALID_FILE_SIZE) ||
566            (GetLastError() == NO_ERROR)) {
567           size.HighPart = length;
568           /* get the current position within the file */
569           pos.QuadPart = 0;
570           pos.LowPart = SetFilePointer(handle, 0, &pos.HighPart,
571                                        FILE_CURRENT);
572           if((pos.LowPart != INVALID_SET_FILE_POINTER) ||
573              (GetLastError() == NO_ERROR)) {
574             /* compare position with size, abort if not equal */
575             if(size.QuadPart == pos.QuadPart) {
576               /* sleep and continue waiting */
577               SleepEx(0, FALSE);
578               continue;
579             }
580           }
581         }
582         /* there is some data available, stop waiting */
583         break;
584       }
585       break;
586 
587     case FILE_TYPE_CHAR:
588        /* The handle represents a character input, this means:
589         * - WaitForMultipleObjectsEx will be signalled on any kind of input,
590         *   including mouse and window size events we do not care about.
591         *
592         * Approach: Loop till either the internal event is signalled
593         *           or we get signalled for an actual key-event.
594         */
595       while(WaitForMultipleObjectsEx(2, handles, FALSE, INFINITE, FALSE)
596             == WAIT_OBJECT_0 + 1) {
597         /* check if this is an actual console handle */
598         length = 0;
599         if(GetConsoleMode(handle, &length)) {
600           /* retrieve an event from the console buffer */
601           length = 0;
602           if(PeekConsoleInput(handle, &inputrecord, 1, &length)) {
603             /* check if the event is not an actual key-event */
604             if(length == 1 && inputrecord.EventType != KEY_EVENT) {
605               /* purge the non-key-event and continue waiting */
606               ReadConsoleInput(handle, &inputrecord, 1, &length);
607               continue;
608             }
609           }
610         }
611         /* there is some data available, stop waiting */
612         break;
613       }
614       break;
615 
616     case FILE_TYPE_PIPE:
617        /* The handle represents an anonymous or named pipe, this means:
618         * - WaitForMultipleObjectsEx will always be signalled for it.
619         * - peek into the pipe and retrieve the amount of data available.
620         *
621         * Approach: Loop till either the internal event is signalled
622         *           or there is data in the pipe available for reading.
623         */
624       while(WaitForMultipleObjectsEx(1, handles, FALSE, 0, FALSE)
625             == WAIT_TIMEOUT) {
626         /* peek into the pipe and retrieve the amount of data available */
627         length = 0;
628         if(PeekNamedPipe(handle, NULL, 0, NULL, &length, NULL)) {
629           /* if there is no data available, sleep and continue waiting */
630           if(length == 0) {
631             SleepEx(0, FALSE);
632             continue;
633           }
634         }
635         else {
636           /* if the pipe has been closed, sleep and continue waiting */
637           if(GetLastError() == ERROR_BROKEN_PIPE) {
638             SleepEx(0, FALSE);
639             continue;
640           }
641         }
642         /* there is some data available, stop waiting */
643         break;
644       }
645       break;
646 
647     default:
648       /* The handle has an unknown type, try to wait on it */
649       WaitForMultipleObjectsEx(2, handles, FALSE, INFINITE, FALSE);
650       break;
651   }
652 
653   return 0;
654 }
select_ws_wait(HANDLE handle,HANDLE event)655 static HANDLE select_ws_wait(HANDLE handle, HANDLE event)
656 {
657   struct select_ws_wait_data *data;
658   HANDLE thread = NULL;
659 
660   /* allocate internal waiting data structure */
661   data = malloc(sizeof(struct select_ws_wait_data));
662   if(data) {
663     data->handle = handle;
664     data->event = event;
665 
666     /* launch waiting thread */
667     thread = CreateThread(NULL, 0,
668                           &select_ws_wait_thread,
669                           data, 0, NULL);
670 
671     /* free data if thread failed to launch */
672     if(!thread) {
673       free(data);
674     }
675   }
676 
677   return thread;
678 }
679 struct select_ws_data {
680   curl_socket_t fd;      /* the original input handle   (indexed by fds) */
681   curl_socket_t wsasock; /* the internal socket handle  (indexed by wsa) */
682   WSAEVENT wsaevent;     /* the internal WINSOCK2 event (indexed by wsa) */
683   HANDLE thread;         /* the internal threads handle (indexed by thd) */
684 };
select_ws(int nfds,fd_set * readfds,fd_set * writefds,fd_set * exceptfds,struct timeval * timeout)685 static int select_ws(int nfds, fd_set *readfds, fd_set *writefds,
686                      fd_set *exceptfds, struct timeval *timeout)
687 {
688   DWORD milliseconds, wait, idx;
689   WSANETWORKEVENTS wsanetevents;
690   struct select_ws_data *data;
691   HANDLE handle, *handles;
692   curl_socket_t sock;
693   long networkevents;
694   WSAEVENT wsaevent;
695   int error, fds;
696   HANDLE waitevent = NULL;
697   DWORD nfd = 0, thd = 0, wsa = 0;
698   int ret = 0;
699 
700   /* check if the input value is valid */
701   if(nfds < 0) {
702     errno = EINVAL;
703     return -1;
704   }
705 
706   /* check if we got descriptors, sleep in case we got none */
707   if(!nfds) {
708     Sleep((timeout->tv_sec*1000)+(DWORD)(((double)timeout->tv_usec)/1000.0));
709     return 0;
710   }
711 
712   /* create internal event to signal waiting threads */
713   waitevent = CreateEvent(NULL, TRUE, FALSE, NULL);
714   if(!waitevent) {
715     errno = ENOMEM;
716     return -1;
717   }
718 
719   /* allocate internal array for the internal data */
720   data = malloc(nfds * sizeof(struct select_ws_data));
721   if(data == NULL) {
722     errno = ENOMEM;
723     return -1;
724   }
725 
726   /* allocate internal array for the internal event handles */
727   handles = malloc(nfds * sizeof(HANDLE));
728   if(handles == NULL) {
729     free(data);
730     errno = ENOMEM;
731     return -1;
732   }
733 
734   /* clear internal arrays */
735   memset(data, 0, nfds * sizeof(struct select_ws_data));
736   memset(handles, 0, nfds * sizeof(HANDLE));
737 
738   /* loop over the handles in the input descriptor sets */
739   for(fds = 0; fds < nfds; fds++) {
740     networkevents = 0;
741     handles[nfd] = 0;
742 
743     if(FD_ISSET(fds, readfds))
744       networkevents |= FD_READ|FD_ACCEPT|FD_CLOSE;
745 
746     if(FD_ISSET(fds, writefds))
747       networkevents |= FD_WRITE|FD_CONNECT;
748 
749     if(FD_ISSET(fds, exceptfds))
750       networkevents |= FD_OOB|FD_CLOSE;
751 
752     /* only wait for events for which we actually care */
753     if(networkevents) {
754       data[nfd].fd = curlx_sitosk(fds);
755       if(fds == fileno(stdin)) {
756         handle = GetStdHandle(STD_INPUT_HANDLE);
757         handle = select_ws_wait(handle, waitevent);
758         handles[nfd] = handle;
759         data[thd].thread = handle;
760         thd++;
761       }
762       else if(fds == fileno(stdout)) {
763         handles[nfd] = GetStdHandle(STD_OUTPUT_HANDLE);
764       }
765       else if(fds == fileno(stderr)) {
766         handles[nfd] = GetStdHandle(STD_ERROR_HANDLE);
767       }
768       else {
769         wsaevent = WSACreateEvent();
770         if(wsaevent != WSA_INVALID_EVENT) {
771           error = WSAEventSelect(fds, wsaevent, networkevents);
772           if(error != SOCKET_ERROR) {
773             handle = (HANDLE) wsaevent;
774             handles[nfd] = handle;
775             data[wsa].wsasock = curlx_sitosk(fds);
776             data[wsa].wsaevent = wsaevent;
777             wsa++;
778           }
779           else {
780             WSACloseEvent(wsaevent);
781             handle = (HANDLE) curlx_sitosk(fds);
782             handle = select_ws_wait(handle, waitevent);
783             handles[nfd] = handle;
784             data[thd].thread = handle;
785             thd++;
786           }
787         }
788       }
789       nfd++;
790     }
791   }
792 
793   /* convert struct timeval to milliseconds */
794   if(timeout) {
795     milliseconds = ((timeout->tv_sec * 1000) + (timeout->tv_usec / 1000));
796   }
797   else {
798     milliseconds = INFINITE;
799   }
800 
801   /* wait for one of the internal handles to trigger */
802   wait = WaitForMultipleObjectsEx(nfd, handles, FALSE, milliseconds, FALSE);
803 
804   /* signal the event handle for the waiting threads */
805   SetEvent(waitevent);
806 
807   /* loop over the internal handles returned in the descriptors */
808   for(idx = 0; idx < nfd; idx++) {
809     handle = handles[idx];
810     sock = data[idx].fd;
811     fds = curlx_sktosi(sock);
812 
813     /* check if the current internal handle was triggered */
814     if(wait != WAIT_FAILED && (wait - WAIT_OBJECT_0) <= idx &&
815        WaitForSingleObjectEx(handle, 0, FALSE) == WAIT_OBJECT_0) {
816       /* first handle stdin, stdout and stderr */
817       if(fds == fileno(stdin)) {
818         /* stdin is never ready for write or exceptional */
819         FD_CLR(sock, writefds);
820         FD_CLR(sock, exceptfds);
821       }
822       else if(fds == fileno(stdout) || fds == fileno(stderr)) {
823         /* stdout and stderr are never ready for read or exceptional */
824         FD_CLR(sock, readfds);
825         FD_CLR(sock, exceptfds);
826       }
827       else {
828         /* try to handle the event with the WINSOCK2 functions */
829         wsanetevents.lNetworkEvents = 0;
830         error = WSAEnumNetworkEvents(fds, handle, &wsanetevents);
831         if(error != SOCKET_ERROR) {
832           /* remove from descriptor set if not ready for read/accept/close */
833           if(!(wsanetevents.lNetworkEvents & (FD_READ|FD_ACCEPT|FD_CLOSE)))
834             FD_CLR(sock, readfds);
835 
836           /* remove from descriptor set if not ready for write/connect */
837           if(!(wsanetevents.lNetworkEvents & (FD_WRITE|FD_CONNECT)))
838             FD_CLR(sock, writefds);
839 
840           /* HACK:
841            * use exceptfds together with readfds to signal
842            * that the connection was closed by the client.
843            *
844            * Reason: FD_CLOSE is only signaled once, sometimes
845            * at the same time as FD_READ with data being available.
846            * This means that recv/sread is not reliable to detect
847            * that the connection is closed.
848            */
849           /* remove from descriptor set if not exceptional */
850           if(!(wsanetevents.lNetworkEvents & (FD_OOB|FD_CLOSE)))
851             FD_CLR(sock, exceptfds);
852         }
853       }
854 
855       /* check if the event has not been filtered using specific tests */
856       if(FD_ISSET(sock, readfds) || FD_ISSET(sock, writefds) ||
857          FD_ISSET(sock, exceptfds)) {
858         ret++;
859       }
860     }
861     else {
862       /* remove from all descriptor sets since this handle did not trigger */
863       FD_CLR(sock, readfds);
864       FD_CLR(sock, writefds);
865       FD_CLR(sock, exceptfds);
866     }
867   }
868 
869   for(fds = 0; fds < nfds; fds++) {
870     if(FD_ISSET(fds, readfds))
871       logmsg("select_ws: %d is readable", fds);
872 
873     if(FD_ISSET(fds, writefds))
874       logmsg("select_ws: %d is writable", fds);
875 
876     if(FD_ISSET(fds, exceptfds))
877       logmsg("select_ws: %d is excepted", fds);
878   }
879 
880   for(idx = 0; idx < wsa; idx++) {
881     WSAEventSelect(data[idx].wsasock, NULL, 0);
882     WSACloseEvent(data[idx].wsaevent);
883   }
884 
885   for(idx = 0; idx < thd; idx++) {
886     WaitForSingleObject(data[idx].thread, INFINITE);
887     CloseHandle(data[idx].thread);
888   }
889 
890   CloseHandle(waitevent);
891 
892   free(handles);
893   free(data);
894 
895   return ret;
896 }
897 #define select(a,b,c,d,e) select_ws(a,b,c,d,e)
898 #endif  /* USE_WINSOCK */
899 
900 /*
901   sockfdp is a pointer to an established stream or CURL_SOCKET_BAD
902 
903   if sockfd is CURL_SOCKET_BAD, listendfd is a listening socket we must
904   accept()
905 */
juggle(curl_socket_t * sockfdp,curl_socket_t listenfd,enum sockmode * mode)906 static bool juggle(curl_socket_t *sockfdp,
907                    curl_socket_t listenfd,
908                    enum sockmode *mode)
909 {
910   struct timeval timeout;
911   fd_set fds_read;
912   fd_set fds_write;
913   fd_set fds_err;
914   curl_socket_t sockfd = CURL_SOCKET_BAD;
915   int maxfd = -99;
916   ssize_t rc;
917   ssize_t nread_socket;
918   ssize_t bytes_written;
919   ssize_t buffer_len;
920   int error = 0;
921 
922  /* 'buffer' is this excessively large only to be able to support things like
923     test 1003 which tests exceedingly large server response lines */
924   unsigned char buffer[17010];
925   char data[16];
926 
927   if(got_exit_signal) {
928     logmsg("signalled to die, exiting...");
929     return FALSE;
930   }
931 
932 #ifdef HAVE_GETPPID
933   /* As a last resort, quit if sockfilt process becomes orphan. Just in case
934      parent ftpserver process has died without killing its sockfilt children */
935   if(getppid() <= 1) {
936     logmsg("process becomes orphan, exiting");
937     return FALSE;
938   }
939 #endif
940 
941   timeout.tv_sec = 120;
942   timeout.tv_usec = 0;
943 
944   FD_ZERO(&fds_read);
945   FD_ZERO(&fds_write);
946   FD_ZERO(&fds_err);
947 
948   FD_SET((curl_socket_t)fileno(stdin), &fds_read);
949 
950   switch(*mode) {
951 
952   case PASSIVE_LISTEN:
953 
954     /* server mode */
955     sockfd = listenfd;
956     /* there's always a socket to wait for */
957     FD_SET(sockfd, &fds_read);
958     maxfd = (int)sockfd;
959     break;
960 
961   case PASSIVE_CONNECT:
962 
963     sockfd = *sockfdp;
964     if(CURL_SOCKET_BAD == sockfd) {
965       /* eeek, we are supposedly connected and then this cannot be -1 ! */
966       logmsg("socket is -1! on %s:%d", __FILE__, __LINE__);
967       maxfd = 0; /* stdin */
968     }
969     else {
970       /* there's always a socket to wait for */
971       FD_SET(sockfd, &fds_read);
972 #ifdef USE_WINSOCK
973       FD_SET(sockfd, &fds_err);
974 #endif
975       maxfd = (int)sockfd;
976     }
977     break;
978 
979   case ACTIVE:
980 
981     sockfd = *sockfdp;
982     /* sockfd turns CURL_SOCKET_BAD when our connection has been closed */
983     if(CURL_SOCKET_BAD != sockfd) {
984       FD_SET(sockfd, &fds_read);
985 #ifdef USE_WINSOCK
986       FD_SET(sockfd, &fds_err);
987 #endif
988       maxfd = (int)sockfd;
989     }
990     else {
991       logmsg("No socket to read on");
992       maxfd = 0;
993     }
994     break;
995 
996   case ACTIVE_DISCONNECT:
997 
998     logmsg("disconnected, no socket to read on");
999     maxfd = 0;
1000     sockfd = CURL_SOCKET_BAD;
1001     break;
1002 
1003   } /* switch(*mode) */
1004 
1005 
1006   do {
1007 
1008     /* select() blocking behavior call on blocking descriptors please */
1009 
1010     rc = select(maxfd + 1, &fds_read, &fds_write, &fds_err, &timeout);
1011 
1012     if(got_exit_signal) {
1013       logmsg("signalled to die, exiting...");
1014       return FALSE;
1015     }
1016 
1017   } while((rc == -1) && ((error = errno) == EINTR));
1018 
1019   if(rc < 0) {
1020     logmsg("select() failed with error: (%d) %s",
1021            error, strerror(error));
1022     return FALSE;
1023   }
1024 
1025   if(rc == 0)
1026     /* timeout */
1027     return TRUE;
1028 
1029 
1030   if(FD_ISSET(fileno(stdin), &fds_read)) {
1031     /* read from stdin, commands/data to be dealt with and possibly passed on
1032        to the socket
1033 
1034        protocol:
1035 
1036        4 letter command + LF [mandatory]
1037 
1038        4-digit hexadecimal data length + LF [if the command takes data]
1039        data                       [the data being as long as set above]
1040 
1041        Commands:
1042 
1043        DATA - plain pass-thru data
1044     */
1045 
1046     if(!read_stdin(buffer, 5))
1047       return FALSE;
1048 
1049     logmsg("Received %c%c%c%c (on stdin)",
1050            buffer[0], buffer[1], buffer[2], buffer[3]);
1051 
1052     if(!memcmp("PING", buffer, 4)) {
1053       /* send reply on stdout, just proving we are alive */
1054       if(!write_stdout("PONG\n", 5))
1055         return FALSE;
1056     }
1057 
1058     else if(!memcmp("PORT", buffer, 4)) {
1059       /* Question asking us what PORT number we are listening to.
1060          Replies to PORT with "IPv[num]/[port]" */
1061       snprintf((char *)buffer, sizeof(buffer), "%s/%hu\n", ipv_inuse, port);
1062       buffer_len = (ssize_t)strlen((char *)buffer);
1063       snprintf(data, sizeof(data), "PORT\n%04zx\n", buffer_len);
1064       if(!write_stdout(data, 10))
1065         return FALSE;
1066       if(!write_stdout(buffer, buffer_len))
1067         return FALSE;
1068     }
1069     else if(!memcmp("QUIT", buffer, 4)) {
1070       /* just die */
1071       logmsg("quits");
1072       return FALSE;
1073     }
1074     else if(!memcmp("DATA", buffer, 4)) {
1075       /* data IN => data OUT */
1076 
1077       if(!read_stdin(buffer, 5))
1078         return FALSE;
1079 
1080       buffer[5] = '\0';
1081 
1082       buffer_len = (ssize_t)strtol((char *)buffer, NULL, 16);
1083       if(buffer_len > (ssize_t)sizeof(buffer)) {
1084         logmsg("ERROR: Buffer size (%zu bytes) too small for data size "
1085                "(%zd bytes)", sizeof(buffer), buffer_len);
1086         return FALSE;
1087       }
1088       logmsg("> %zd bytes data, server => client", buffer_len);
1089 
1090       if(!read_stdin(buffer, buffer_len))
1091         return FALSE;
1092 
1093       lograw(buffer, buffer_len);
1094 
1095       if(*mode == PASSIVE_LISTEN) {
1096         logmsg("*** We are disconnected!");
1097         if(!write_stdout("DISC\n", 5))
1098           return FALSE;
1099       }
1100       else {
1101         /* send away on the socket */
1102         bytes_written = swrite(sockfd, buffer, buffer_len);
1103         if(bytes_written != buffer_len) {
1104           logmsg("Not all data was sent. Bytes to send: %zd sent: %zd",
1105                  buffer_len, bytes_written);
1106         }
1107       }
1108     }
1109     else if(!memcmp("DISC", buffer, 4)) {
1110       /* disconnect! */
1111       if(!write_stdout("DISC\n", 5))
1112         return FALSE;
1113       if(sockfd != CURL_SOCKET_BAD) {
1114         logmsg("====> Client forcibly disconnected");
1115         sclose(sockfd);
1116         *sockfdp = CURL_SOCKET_BAD;
1117         if(*mode == PASSIVE_CONNECT)
1118           *mode = PASSIVE_LISTEN;
1119         else
1120           *mode = ACTIVE_DISCONNECT;
1121       }
1122       else
1123         logmsg("attempt to close already dead connection");
1124       return TRUE;
1125     }
1126   }
1127 
1128 
1129   if((sockfd != CURL_SOCKET_BAD) && (FD_ISSET(sockfd, &fds_read)) ) {
1130 
1131     curl_socket_t newfd = CURL_SOCKET_BAD; /* newly accepted socket */
1132 
1133     if(*mode == PASSIVE_LISTEN) {
1134       /* there's no stream set up yet, this is an indication that there's a
1135          client connecting. */
1136       newfd = accept(sockfd, NULL, NULL);
1137       if(CURL_SOCKET_BAD == newfd) {
1138         error = SOCKERRNO;
1139         logmsg("accept(%d, NULL, NULL) failed with error: (%d) %s",
1140                sockfd, error, strerror(error));
1141       }
1142       else {
1143         logmsg("====> Client connect");
1144         if(!write_stdout("CNCT\n", 5))
1145           return FALSE;
1146         *sockfdp = newfd; /* store the new socket */
1147         *mode = PASSIVE_CONNECT; /* we have connected */
1148       }
1149       return TRUE;
1150     }
1151 
1152     /* read from socket, pass on data to stdout */
1153     nread_socket = sread(sockfd, buffer, sizeof(buffer));
1154 
1155     if(nread_socket > 0) {
1156       snprintf(data, sizeof(data), "DATA\n%04zx\n", nread_socket);
1157       if(!write_stdout(data, 10))
1158         return FALSE;
1159       if(!write_stdout(buffer, nread_socket))
1160         return FALSE;
1161 
1162       logmsg("< %zd bytes data, client => server", nread_socket);
1163       lograw(buffer, nread_socket);
1164     }
1165 
1166     if(nread_socket <= 0
1167 #ifdef USE_WINSOCK
1168        || FD_ISSET(sockfd, &fds_err)
1169 #endif
1170        ) {
1171       logmsg("====> Client disconnect");
1172       if(!write_stdout("DISC\n", 5))
1173         return FALSE;
1174       sclose(sockfd);
1175       *sockfdp = CURL_SOCKET_BAD;
1176       if(*mode == PASSIVE_CONNECT)
1177         *mode = PASSIVE_LISTEN;
1178       else
1179         *mode = ACTIVE_DISCONNECT;
1180       return TRUE;
1181     }
1182   }
1183 
1184   return TRUE;
1185 }
1186 
sockdaemon(curl_socket_t sock,unsigned short * listenport)1187 static curl_socket_t sockdaemon(curl_socket_t sock,
1188                                 unsigned short *listenport)
1189 {
1190   /* passive daemon style */
1191   srvr_sockaddr_union_t listener;
1192   int flag;
1193   int rc;
1194   int totdelay = 0;
1195   int maxretr = 10;
1196   int delay= 20;
1197   int attempt = 0;
1198   int error = 0;
1199 
1200   do {
1201     attempt++;
1202     flag = 1;
1203     rc = setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
1204          (void *)&flag, sizeof(flag));
1205     if(rc) {
1206       error = SOCKERRNO;
1207       logmsg("setsockopt(SO_REUSEADDR) failed with error: (%d) %s",
1208              error, strerror(error));
1209       if(maxretr) {
1210         rc = wait_ms(delay);
1211         if(rc) {
1212           /* should not happen */
1213           error = errno;
1214           logmsg("wait_ms() failed with error: (%d) %s",
1215                  error, strerror(error));
1216           sclose(sock);
1217           return CURL_SOCKET_BAD;
1218         }
1219         if(got_exit_signal) {
1220           logmsg("signalled to die, exiting...");
1221           sclose(sock);
1222           return CURL_SOCKET_BAD;
1223         }
1224         totdelay += delay;
1225         delay *= 2; /* double the sleep for next attempt */
1226       }
1227     }
1228   } while(rc && maxretr--);
1229 
1230   if(rc) {
1231     logmsg("setsockopt(SO_REUSEADDR) failed %d times in %d ms. Error: (%d) %s",
1232            attempt, totdelay, error, strerror(error));
1233     logmsg("Continuing anyway...");
1234   }
1235 
1236   /* When the specified listener port is zero, it is actually a
1237      request to let the system choose a non-zero available port. */
1238 
1239 #ifdef ENABLE_IPV6
1240   if(!use_ipv6) {
1241 #endif
1242     memset(&listener.sa4, 0, sizeof(listener.sa4));
1243     listener.sa4.sin_family = AF_INET;
1244     listener.sa4.sin_addr.s_addr = INADDR_ANY;
1245     listener.sa4.sin_port = htons(*listenport);
1246     rc = bind(sock, &listener.sa, sizeof(listener.sa4));
1247 #ifdef ENABLE_IPV6
1248   }
1249   else {
1250     memset(&listener.sa6, 0, sizeof(listener.sa6));
1251     listener.sa6.sin6_family = AF_INET6;
1252     listener.sa6.sin6_addr = in6addr_any;
1253     listener.sa6.sin6_port = htons(*listenport);
1254     rc = bind(sock, &listener.sa, sizeof(listener.sa6));
1255   }
1256 #endif /* ENABLE_IPV6 */
1257   if(rc) {
1258     error = SOCKERRNO;
1259     logmsg("Error binding socket on port %hu: (%d) %s",
1260            *listenport, error, strerror(error));
1261     sclose(sock);
1262     return CURL_SOCKET_BAD;
1263   }
1264 
1265   if(!*listenport) {
1266     /* The system was supposed to choose a port number, figure out which
1267        port we actually got and update the listener port value with it. */
1268     curl_socklen_t la_size;
1269     srvr_sockaddr_union_t localaddr;
1270 #ifdef ENABLE_IPV6
1271     if(!use_ipv6)
1272 #endif
1273       la_size = sizeof(localaddr.sa4);
1274 #ifdef ENABLE_IPV6
1275     else
1276       la_size = sizeof(localaddr.sa6);
1277 #endif
1278     memset(&localaddr.sa, 0, (size_t)la_size);
1279     if(getsockname(sock, &localaddr.sa, &la_size) < 0) {
1280       error = SOCKERRNO;
1281       logmsg("getsockname() failed with error: (%d) %s",
1282              error, strerror(error));
1283       sclose(sock);
1284       return CURL_SOCKET_BAD;
1285     }
1286     switch (localaddr.sa.sa_family) {
1287     case AF_INET:
1288       *listenport = ntohs(localaddr.sa4.sin_port);
1289       break;
1290 #ifdef ENABLE_IPV6
1291     case AF_INET6:
1292       *listenport = ntohs(localaddr.sa6.sin6_port);
1293       break;
1294 #endif
1295     default:
1296       break;
1297     }
1298     if(!*listenport) {
1299       /* Real failure, listener port shall not be zero beyond this point. */
1300       logmsg("Apparently getsockname() succeeded, with listener port zero.");
1301       logmsg("A valid reason for this failure is a binary built without");
1302       logmsg("proper network library linkage. This might not be the only");
1303       logmsg("reason, but double check it before anything else.");
1304       sclose(sock);
1305       return CURL_SOCKET_BAD;
1306     }
1307   }
1308 
1309   /* bindonly option forces no listening */
1310   if(bind_only) {
1311     logmsg("instructed to bind port without listening");
1312     return sock;
1313   }
1314 
1315   /* start accepting connections */
1316   rc = listen(sock, 5);
1317   if(0 != rc) {
1318     error = SOCKERRNO;
1319     logmsg("listen(%d, 5) failed with error: (%d) %s",
1320            sock, error, strerror(error));
1321     sclose(sock);
1322     return CURL_SOCKET_BAD;
1323   }
1324 
1325   return sock;
1326 }
1327 
1328 
main(int argc,char * argv[])1329 int main(int argc, char *argv[])
1330 {
1331   srvr_sockaddr_union_t me;
1332   curl_socket_t sock = CURL_SOCKET_BAD;
1333   curl_socket_t msgsock = CURL_SOCKET_BAD;
1334   int wrotepidfile = 0;
1335   char *pidname= (char *)".sockfilt.pid";
1336   bool juggle_again;
1337   int rc;
1338   int error;
1339   int arg=1;
1340   enum sockmode mode = PASSIVE_LISTEN; /* default */
1341   const char *addr = NULL;
1342 
1343   while(argc>arg) {
1344     if(!strcmp("--version", argv[arg])) {
1345       printf("sockfilt IPv4%s\n",
1346 #ifdef ENABLE_IPV6
1347              "/IPv6"
1348 #else
1349              ""
1350 #endif
1351              );
1352       return 0;
1353     }
1354     else if(!strcmp("--verbose", argv[arg])) {
1355       verbose = TRUE;
1356       arg++;
1357     }
1358     else if(!strcmp("--pidfile", argv[arg])) {
1359       arg++;
1360       if(argc>arg)
1361         pidname = argv[arg++];
1362     }
1363     else if(!strcmp("--logfile", argv[arg])) {
1364       arg++;
1365       if(argc>arg)
1366         serverlogfile = argv[arg++];
1367     }
1368     else if(!strcmp("--ipv6", argv[arg])) {
1369 #ifdef ENABLE_IPV6
1370       ipv_inuse = "IPv6";
1371       use_ipv6 = TRUE;
1372 #endif
1373       arg++;
1374     }
1375     else if(!strcmp("--ipv4", argv[arg])) {
1376       /* for completeness, we support this option as well */
1377 #ifdef ENABLE_IPV6
1378       ipv_inuse = "IPv4";
1379       use_ipv6 = FALSE;
1380 #endif
1381       arg++;
1382     }
1383     else if(!strcmp("--bindonly", argv[arg])) {
1384       bind_only = TRUE;
1385       arg++;
1386     }
1387     else if(!strcmp("--port", argv[arg])) {
1388       arg++;
1389       if(argc>arg) {
1390         char *endptr;
1391         unsigned long ulnum = strtoul(argv[arg], &endptr, 10);
1392         if((endptr != argv[arg] + strlen(argv[arg])) ||
1393            ((ulnum != 0UL) && ((ulnum < 1025UL) || (ulnum > 65535UL)))) {
1394           fprintf(stderr, "sockfilt: invalid --port argument (%s)\n",
1395                   argv[arg]);
1396           return 0;
1397         }
1398         port = curlx_ultous(ulnum);
1399         arg++;
1400       }
1401     }
1402     else if(!strcmp("--connect", argv[arg])) {
1403       /* Asked to actively connect to the specified local port instead of
1404          doing a passive server-style listening. */
1405       arg++;
1406       if(argc>arg) {
1407         char *endptr;
1408         unsigned long ulnum = strtoul(argv[arg], &endptr, 10);
1409         if((endptr != argv[arg] + strlen(argv[arg])) ||
1410            (ulnum < 1025UL) || (ulnum > 65535UL)) {
1411           fprintf(stderr, "sockfilt: invalid --connect argument (%s)\n",
1412                   argv[arg]);
1413           return 0;
1414         }
1415         connectport = curlx_ultous(ulnum);
1416         arg++;
1417       }
1418     }
1419     else if(!strcmp("--addr", argv[arg])) {
1420       /* Set an IP address to use with --connect; otherwise use localhost */
1421       arg++;
1422       if(argc>arg) {
1423         addr = argv[arg];
1424         arg++;
1425       }
1426     }
1427     else {
1428       puts("Usage: sockfilt [option]\n"
1429            " --version\n"
1430            " --verbose\n"
1431            " --logfile [file]\n"
1432            " --pidfile [file]\n"
1433            " --ipv4\n"
1434            " --ipv6\n"
1435            " --bindonly\n"
1436            " --port [port]\n"
1437            " --connect [port]\n"
1438            " --addr [address]");
1439       return 0;
1440     }
1441   }
1442 
1443 #ifdef WIN32
1444   win32_init();
1445   atexit(win32_cleanup);
1446 
1447   setmode(fileno(stdin), O_BINARY);
1448   setmode(fileno(stdout), O_BINARY);
1449   setmode(fileno(stderr), O_BINARY);
1450 #endif
1451 
1452   install_signal_handlers();
1453 
1454 #ifdef ENABLE_IPV6
1455   if(!use_ipv6)
1456 #endif
1457     sock = socket(AF_INET, SOCK_STREAM, 0);
1458 #ifdef ENABLE_IPV6
1459   else
1460     sock = socket(AF_INET6, SOCK_STREAM, 0);
1461 #endif
1462 
1463   if(CURL_SOCKET_BAD == sock) {
1464     error = SOCKERRNO;
1465     logmsg("Error creating socket: (%d) %s",
1466            error, strerror(error));
1467     write_stdout("FAIL\n", 5);
1468     goto sockfilt_cleanup;
1469   }
1470 
1471   if(connectport) {
1472     /* Active mode, we should connect to the given port number */
1473     mode = ACTIVE;
1474 #ifdef ENABLE_IPV6
1475     if(!use_ipv6) {
1476 #endif
1477       memset(&me.sa4, 0, sizeof(me.sa4));
1478       me.sa4.sin_family = AF_INET;
1479       me.sa4.sin_port = htons(connectport);
1480       me.sa4.sin_addr.s_addr = INADDR_ANY;
1481       if(!addr)
1482         addr = "127.0.0.1";
1483       Curl_inet_pton(AF_INET, addr, &me.sa4.sin_addr);
1484 
1485       rc = connect(sock, &me.sa, sizeof(me.sa4));
1486 #ifdef ENABLE_IPV6
1487     }
1488     else {
1489       memset(&me.sa6, 0, sizeof(me.sa6));
1490       me.sa6.sin6_family = AF_INET6;
1491       me.sa6.sin6_port = htons(connectport);
1492       if(!addr)
1493         addr = "::1";
1494       Curl_inet_pton(AF_INET6, addr, &me.sa6.sin6_addr);
1495 
1496       rc = connect(sock, &me.sa, sizeof(me.sa6));
1497     }
1498 #endif /* ENABLE_IPV6 */
1499     if(rc) {
1500       error = SOCKERRNO;
1501       logmsg("Error connecting to port %hu: (%d) %s",
1502              connectport, error, strerror(error));
1503       write_stdout("FAIL\n", 5);
1504       goto sockfilt_cleanup;
1505     }
1506     logmsg("====> Client connect");
1507     msgsock = sock; /* use this as stream */
1508   }
1509   else {
1510     /* passive daemon style */
1511     sock = sockdaemon(sock, &port);
1512     if(CURL_SOCKET_BAD == sock) {
1513       write_stdout("FAIL\n", 5);
1514       goto sockfilt_cleanup;
1515     }
1516     msgsock = CURL_SOCKET_BAD; /* no stream socket yet */
1517   }
1518 
1519   logmsg("Running %s version", ipv_inuse);
1520 
1521   if(connectport)
1522     logmsg("Connected to port %hu", connectport);
1523   else if(bind_only)
1524     logmsg("Bound without listening on port %hu", port);
1525   else
1526     logmsg("Listening on port %hu", port);
1527 
1528   wrotepidfile = write_pidfile(pidname);
1529   if(!wrotepidfile) {
1530     write_stdout("FAIL\n", 5);
1531     goto sockfilt_cleanup;
1532   }
1533 
1534   do {
1535     juggle_again = juggle(&msgsock, sock, &mode);
1536   } while(juggle_again);
1537 
1538 sockfilt_cleanup:
1539 
1540   if((msgsock != sock) && (msgsock != CURL_SOCKET_BAD))
1541     sclose(msgsock);
1542 
1543   if(sock != CURL_SOCKET_BAD)
1544     sclose(sock);
1545 
1546   if(wrotepidfile)
1547     unlink(pidname);
1548 
1549   restore_signal_handlers();
1550 
1551   if(got_exit_signal) {
1552     logmsg("============> sockfilt exits with signal (%d)", exit_signal);
1553     /*
1554      * To properly set the return status of the process we
1555      * must raise the same signal SIGINT or SIGTERM that we
1556      * caught and let the old handler take care of it.
1557      */
1558     raise(exit_signal);
1559   }
1560 
1561   logmsg("============> sockfilt quits");
1562   return 0;
1563 }
1564 
1565