0001
0002
0003
0004
0005
0006
0007 #define _GNU_SOURCE
0008 #include <features.h>
0009 #include <sys/types.h>
0010 #include <sys/ioctl.h>
0011 #include <sys/socket.h>
0012 #include <sys/wait.h>
0013 #include <linux/tcp.h>
0014 #include <linux/udp.h>
0015 #include <arpa/inet.h>
0016 #include <net/if.h>
0017 #include <netinet/in.h>
0018 #include <netinet/ip.h>
0019 #include <netdb.h>
0020 #include <fcntl.h>
0021 #include <libgen.h>
0022 #include <limits.h>
0023 #include <sched.h>
0024 #include <stdarg.h>
0025 #include <stdio.h>
0026 #include <stdlib.h>
0027 #include <string.h>
0028 #include <unistd.h>
0029 #include <time.h>
0030 #include <errno.h>
0031 #include <getopt.h>
0032
0033 #include <linux/xfrm.h>
0034 #include <linux/ipsec.h>
0035 #include <linux/pfkeyv2.h>
0036
0037 #ifndef IPV6_UNICAST_IF
0038 #define IPV6_UNICAST_IF 76
0039 #endif
0040 #ifndef IPV6_MULTICAST_IF
0041 #define IPV6_MULTICAST_IF 17
0042 #endif
0043
0044 #define DEFAULT_PORT 12345
0045
0046 #define NS_PREFIX "/run/netns/"
0047
0048 #ifndef MAX
0049 #define MAX(a, b) ((a) > (b) ? (a) : (b))
0050 #endif
0051 #ifndef MIN
0052 #define MIN(a, b) ((a) < (b) ? (a) : (b))
0053 #endif
0054
0055 struct sock_args {
0056
0057 const char *local_addr_str;
0058 const char *client_local_addr_str;
0059 union {
0060 struct in_addr in;
0061 struct in6_addr in6;
0062 } local_addr;
0063
0064
0065 const char *remote_addr_str;
0066 union {
0067 struct in_addr in;
0068 struct in6_addr in6;
0069 } remote_addr;
0070 int scope_id;
0071
0072 struct in_addr grp;
0073
0074 unsigned int has_local_ip:1,
0075 has_remote_ip:1,
0076 has_grp:1,
0077 has_expected_laddr:1,
0078 has_expected_raddr:1,
0079 bind_test_only:1;
0080
0081 unsigned short port;
0082
0083 int type;
0084 int protocol;
0085 int version;
0086
0087 int use_setsockopt;
0088 int use_freebind;
0089 int use_cmsg;
0090 const char *dev;
0091 const char *server_dev;
0092 int ifindex;
0093
0094 const char *clientns;
0095 const char *serverns;
0096
0097 const char *password;
0098 const char *client_pw;
0099
0100 const char *md5_prefix_str;
0101 union {
0102 struct sockaddr_in v4;
0103 struct sockaddr_in6 v6;
0104 } md5_prefix;
0105 unsigned int prefix_len;
0106
0107 int bind_key_ifindex;
0108
0109
0110 const char *expected_dev;
0111 const char *expected_server_dev;
0112 int expected_ifindex;
0113
0114
0115 const char *expected_laddr_str;
0116 union {
0117 struct in_addr in;
0118 struct in6_addr in6;
0119 } expected_laddr;
0120
0121
0122 const char *expected_raddr_str;
0123 union {
0124 struct in_addr in;
0125 struct in6_addr in6;
0126 } expected_raddr;
0127
0128
0129 int use_xfrm;
0130 };
0131
0132 static int server_mode;
0133 static unsigned int prog_timeout = 5;
0134 static unsigned int interactive;
0135 static int iter = 1;
0136 static char *msg = "Hello world!";
0137 static int msglen;
0138 static int quiet;
0139 static int try_broadcast = 1;
0140
0141 static char *timestamp(char *timebuf, int buflen)
0142 {
0143 time_t now;
0144
0145 now = time(NULL);
0146 if (strftime(timebuf, buflen, "%T", localtime(&now)) == 0) {
0147 memset(timebuf, 0, buflen);
0148 strncpy(timebuf, "00:00:00", buflen-1);
0149 }
0150
0151 return timebuf;
0152 }
0153
0154 static void log_msg(const char *format, ...)
0155 {
0156 char timebuf[64];
0157 va_list args;
0158
0159 if (quiet)
0160 return;
0161
0162 fprintf(stdout, "%s %s:",
0163 timestamp(timebuf, sizeof(timebuf)),
0164 server_mode ? "server" : "client");
0165 va_start(args, format);
0166 vfprintf(stdout, format, args);
0167 va_end(args);
0168
0169 fflush(stdout);
0170 }
0171
0172 static void log_error(const char *format, ...)
0173 {
0174 char timebuf[64];
0175 va_list args;
0176
0177 if (quiet)
0178 return;
0179
0180 fprintf(stderr, "%s %s:",
0181 timestamp(timebuf, sizeof(timebuf)),
0182 server_mode ? "server" : "client");
0183 va_start(args, format);
0184 vfprintf(stderr, format, args);
0185 va_end(args);
0186
0187 fflush(stderr);
0188 }
0189
0190 static void log_err_errno(const char *fmt, ...)
0191 {
0192 char timebuf[64];
0193 va_list args;
0194
0195 if (quiet)
0196 return;
0197
0198 fprintf(stderr, "%s %s: ",
0199 timestamp(timebuf, sizeof(timebuf)),
0200 server_mode ? "server" : "client");
0201 va_start(args, fmt);
0202 vfprintf(stderr, fmt, args);
0203 va_end(args);
0204
0205 fprintf(stderr, ": %d: %s\n", errno, strerror(errno));
0206 fflush(stderr);
0207 }
0208
0209 static void log_address(const char *desc, struct sockaddr *sa)
0210 {
0211 char addrstr[64];
0212
0213 if (quiet)
0214 return;
0215
0216 if (sa->sa_family == AF_INET) {
0217 struct sockaddr_in *s = (struct sockaddr_in *) sa;
0218
0219 log_msg("%s %s:%d\n",
0220 desc,
0221 inet_ntop(AF_INET, &s->sin_addr, addrstr,
0222 sizeof(addrstr)),
0223 ntohs(s->sin_port));
0224
0225 } else if (sa->sa_family == AF_INET6) {
0226 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa;
0227
0228 log_msg("%s [%s]:%d\n",
0229 desc,
0230 inet_ntop(AF_INET6, &s6->sin6_addr, addrstr,
0231 sizeof(addrstr)),
0232 ntohs(s6->sin6_port));
0233 }
0234
0235 fflush(stdout);
0236 }
0237
0238 static int switch_ns(const char *ns)
0239 {
0240 char path[PATH_MAX];
0241 int fd, ret;
0242
0243 if (geteuid())
0244 log_error("warning: likely need root to set netns %s!\n", ns);
0245
0246 snprintf(path, sizeof(path), "%s%s", NS_PREFIX, ns);
0247 fd = open(path, 0);
0248 if (fd < 0) {
0249 log_err_errno("Failed to open netns path; can not switch netns");
0250 return 1;
0251 }
0252
0253 ret = setns(fd, CLONE_NEWNET);
0254 close(fd);
0255
0256 return ret;
0257 }
0258
0259 static int tcp_md5sig(int sd, void *addr, socklen_t alen, struct sock_args *args)
0260 {
0261 int keylen = strlen(args->password);
0262 struct tcp_md5sig md5sig = {};
0263 int opt = TCP_MD5SIG;
0264 int rc;
0265
0266 md5sig.tcpm_keylen = keylen;
0267 memcpy(md5sig.tcpm_key, args->password, keylen);
0268
0269 if (args->prefix_len) {
0270 opt = TCP_MD5SIG_EXT;
0271 md5sig.tcpm_flags |= TCP_MD5SIG_FLAG_PREFIX;
0272
0273 md5sig.tcpm_prefixlen = args->prefix_len;
0274 addr = &args->md5_prefix;
0275 }
0276 memcpy(&md5sig.tcpm_addr, addr, alen);
0277
0278 if ((args->ifindex && args->bind_key_ifindex >= 0) || args->bind_key_ifindex >= 1) {
0279 opt = TCP_MD5SIG_EXT;
0280 md5sig.tcpm_flags |= TCP_MD5SIG_FLAG_IFINDEX;
0281
0282 md5sig.tcpm_ifindex = args->ifindex;
0283 log_msg("TCP_MD5SIG_FLAG_IFINDEX set tcpm_ifindex=%d\n", md5sig.tcpm_ifindex);
0284 } else {
0285 log_msg("TCP_MD5SIG_FLAG_IFINDEX off\n", md5sig.tcpm_ifindex);
0286 }
0287
0288 rc = setsockopt(sd, IPPROTO_TCP, opt, &md5sig, sizeof(md5sig));
0289 if (rc < 0) {
0290
0291 if (errno == ENOENT)
0292 rc = 0;
0293 else
0294 log_err_errno("setsockopt(TCP_MD5SIG)");
0295 }
0296
0297 return rc;
0298 }
0299
0300 static int tcp_md5_remote(int sd, struct sock_args *args)
0301 {
0302 struct sockaddr_in sin = {
0303 .sin_family = AF_INET,
0304 };
0305 struct sockaddr_in6 sin6 = {
0306 .sin6_family = AF_INET6,
0307 };
0308 void *addr;
0309 int alen;
0310
0311 switch (args->version) {
0312 case AF_INET:
0313 sin.sin_port = htons(args->port);
0314 sin.sin_addr = args->md5_prefix.v4.sin_addr;
0315 addr = &sin;
0316 alen = sizeof(sin);
0317 break;
0318 case AF_INET6:
0319 sin6.sin6_port = htons(args->port);
0320 sin6.sin6_addr = args->md5_prefix.v6.sin6_addr;
0321 addr = &sin6;
0322 alen = sizeof(sin6);
0323 break;
0324 default:
0325 log_error("unknown address family\n");
0326 exit(1);
0327 }
0328
0329 if (tcp_md5sig(sd, addr, alen, args))
0330 return -1;
0331
0332 return 0;
0333 }
0334
0335 static int get_ifidx(const char *ifname)
0336 {
0337 struct ifreq ifdata;
0338 int sd, rc;
0339
0340 if (!ifname || *ifname == '\0')
0341 return -1;
0342
0343 memset(&ifdata, 0, sizeof(ifdata));
0344
0345 strcpy(ifdata.ifr_name, ifname);
0346
0347 sd = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP);
0348 if (sd < 0) {
0349 log_err_errno("socket failed");
0350 return -1;
0351 }
0352
0353 rc = ioctl(sd, SIOCGIFINDEX, (char *)&ifdata);
0354 close(sd);
0355 if (rc != 0) {
0356 log_err_errno("ioctl(SIOCGIFINDEX) failed");
0357 return -1;
0358 }
0359
0360 return ifdata.ifr_ifindex;
0361 }
0362
0363 static int bind_to_device(int sd, const char *name)
0364 {
0365 int rc;
0366
0367 rc = setsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, name, strlen(name)+1);
0368 if (rc < 0)
0369 log_err_errno("setsockopt(SO_BINDTODEVICE)");
0370
0371 return rc;
0372 }
0373
0374 static int get_bind_to_device(int sd, char *name, size_t len)
0375 {
0376 int rc;
0377 socklen_t optlen = len;
0378
0379 name[0] = '\0';
0380 rc = getsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, name, &optlen);
0381 if (rc < 0)
0382 log_err_errno("setsockopt(SO_BINDTODEVICE)");
0383
0384 return rc;
0385 }
0386
0387 static int check_device(int sd, struct sock_args *args)
0388 {
0389 int ifindex = 0;
0390 char name[32];
0391
0392 if (get_bind_to_device(sd, name, sizeof(name)))
0393 *name = '\0';
0394 else
0395 ifindex = get_ifidx(name);
0396
0397 log_msg(" bound to device %s/%d\n",
0398 *name ? name : "<none>", ifindex);
0399
0400 if (!args->expected_ifindex)
0401 return 0;
0402
0403 if (args->expected_ifindex != ifindex) {
0404 log_error("Device index mismatch: expected %d have %d\n",
0405 args->expected_ifindex, ifindex);
0406 return 1;
0407 }
0408
0409 log_msg("Device index matches: expected %d have %d\n",
0410 args->expected_ifindex, ifindex);
0411
0412 return 0;
0413 }
0414
0415 static int set_pktinfo_v4(int sd)
0416 {
0417 int one = 1;
0418 int rc;
0419
0420 rc = setsockopt(sd, SOL_IP, IP_PKTINFO, &one, sizeof(one));
0421 if (rc < 0 && rc != -ENOTSUP)
0422 log_err_errno("setsockopt(IP_PKTINFO)");
0423
0424 return rc;
0425 }
0426
0427 static int set_recvpktinfo_v6(int sd)
0428 {
0429 int one = 1;
0430 int rc;
0431
0432 rc = setsockopt(sd, SOL_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
0433 if (rc < 0 && rc != -ENOTSUP)
0434 log_err_errno("setsockopt(IPV6_RECVPKTINFO)");
0435
0436 return rc;
0437 }
0438
0439 static int set_recverr_v4(int sd)
0440 {
0441 int one = 1;
0442 int rc;
0443
0444 rc = setsockopt(sd, SOL_IP, IP_RECVERR, &one, sizeof(one));
0445 if (rc < 0 && rc != -ENOTSUP)
0446 log_err_errno("setsockopt(IP_RECVERR)");
0447
0448 return rc;
0449 }
0450
0451 static int set_recverr_v6(int sd)
0452 {
0453 int one = 1;
0454 int rc;
0455
0456 rc = setsockopt(sd, SOL_IPV6, IPV6_RECVERR, &one, sizeof(one));
0457 if (rc < 0 && rc != -ENOTSUP)
0458 log_err_errno("setsockopt(IPV6_RECVERR)");
0459
0460 return rc;
0461 }
0462
0463 static int set_unicast_if(int sd, int ifindex, int version)
0464 {
0465 int opt = IP_UNICAST_IF;
0466 int level = SOL_IP;
0467 int rc;
0468
0469 ifindex = htonl(ifindex);
0470
0471 if (version == AF_INET6) {
0472 opt = IPV6_UNICAST_IF;
0473 level = SOL_IPV6;
0474 }
0475 rc = setsockopt(sd, level, opt, &ifindex, sizeof(ifindex));
0476 if (rc < 0)
0477 log_err_errno("setsockopt(IP_UNICAST_IF)");
0478
0479 return rc;
0480 }
0481
0482 static int set_multicast_if(int sd, int ifindex)
0483 {
0484 struct ip_mreqn mreq = { .imr_ifindex = ifindex };
0485 int rc;
0486
0487 rc = setsockopt(sd, SOL_IP, IP_MULTICAST_IF, &mreq, sizeof(mreq));
0488 if (rc < 0)
0489 log_err_errno("setsockopt(IP_MULTICAST_IF)");
0490
0491 return rc;
0492 }
0493
0494 static int set_membership(int sd, uint32_t grp, uint32_t addr, int ifindex)
0495 {
0496 uint32_t if_addr = addr;
0497 struct ip_mreqn mreq;
0498 int rc;
0499
0500 if (addr == htonl(INADDR_ANY) && !ifindex) {
0501 log_error("Either local address or device needs to be given for multicast membership\n");
0502 return -1;
0503 }
0504
0505 mreq.imr_multiaddr.s_addr = grp;
0506 mreq.imr_address.s_addr = if_addr;
0507 mreq.imr_ifindex = ifindex;
0508
0509 rc = setsockopt(sd, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq));
0510 if (rc < 0) {
0511 log_err_errno("setsockopt(IP_ADD_MEMBERSHIP)");
0512 return -1;
0513 }
0514
0515 return 0;
0516 }
0517
0518 static int set_freebind(int sd, int version)
0519 {
0520 unsigned int one = 1;
0521 int rc = 0;
0522
0523 switch (version) {
0524 case AF_INET:
0525 if (setsockopt(sd, SOL_IP, IP_FREEBIND, &one, sizeof(one))) {
0526 log_err_errno("setsockopt(IP_FREEBIND)");
0527 rc = -1;
0528 }
0529 break;
0530 case AF_INET6:
0531 if (setsockopt(sd, SOL_IPV6, IPV6_FREEBIND, &one, sizeof(one))) {
0532 log_err_errno("setsockopt(IPV6_FREEBIND");
0533 rc = -1;
0534 }
0535 break;
0536 }
0537
0538 return rc;
0539 }
0540
0541 static int set_broadcast(int sd)
0542 {
0543 unsigned int one = 1;
0544 int rc = 0;
0545
0546 if (setsockopt(sd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) != 0) {
0547 log_err_errno("setsockopt(SO_BROADCAST)");
0548 rc = -1;
0549 }
0550
0551 return rc;
0552 }
0553
0554 static int set_reuseport(int sd)
0555 {
0556 unsigned int one = 1;
0557 int rc = 0;
0558
0559 if (setsockopt(sd, SOL_SOCKET, SO_REUSEPORT, &one, sizeof(one)) != 0) {
0560 log_err_errno("setsockopt(SO_REUSEPORT)");
0561 rc = -1;
0562 }
0563
0564 return rc;
0565 }
0566
0567 static int set_reuseaddr(int sd)
0568 {
0569 unsigned int one = 1;
0570 int rc = 0;
0571
0572 if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)) != 0) {
0573 log_err_errno("setsockopt(SO_REUSEADDR)");
0574 rc = -1;
0575 }
0576
0577 return rc;
0578 }
0579
0580 static int str_to_uint(const char *str, int min, int max, unsigned int *value)
0581 {
0582 int number;
0583 char *end;
0584
0585 errno = 0;
0586 number = (unsigned int) strtoul(str, &end, 0);
0587
0588
0589
0590
0591 if (((*end == '\0') || (*end == '\n')) && (end != str) &&
0592 (errno != ERANGE) && (min <= number) && (number <= max)) {
0593 *value = number;
0594 return 0;
0595 }
0596
0597 return -1;
0598 }
0599
0600 static int resolve_devices(struct sock_args *args)
0601 {
0602 if (args->dev) {
0603 args->ifindex = get_ifidx(args->dev);
0604 if (args->ifindex < 0) {
0605 log_error("Invalid device name\n");
0606 return 1;
0607 }
0608 }
0609
0610 if (args->expected_dev) {
0611 unsigned int tmp;
0612
0613 if (str_to_uint(args->expected_dev, 0, INT_MAX, &tmp) == 0) {
0614 args->expected_ifindex = (int)tmp;
0615 } else {
0616 args->expected_ifindex = get_ifidx(args->expected_dev);
0617 if (args->expected_ifindex < 0) {
0618 fprintf(stderr, "Invalid expected device\n");
0619 return 1;
0620 }
0621 }
0622 }
0623
0624 return 0;
0625 }
0626
0627 static int expected_addr_match(struct sockaddr *sa, void *expected,
0628 const char *desc)
0629 {
0630 char addrstr[64];
0631 int rc = 0;
0632
0633 if (sa->sa_family == AF_INET) {
0634 struct sockaddr_in *s = (struct sockaddr_in *) sa;
0635 struct in_addr *exp_in = (struct in_addr *) expected;
0636
0637 if (s->sin_addr.s_addr != exp_in->s_addr) {
0638 log_error("%s address does not match expected %s\n",
0639 desc,
0640 inet_ntop(AF_INET, exp_in,
0641 addrstr, sizeof(addrstr)));
0642 rc = 1;
0643 }
0644 } else if (sa->sa_family == AF_INET6) {
0645 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa;
0646 struct in6_addr *exp_in = (struct in6_addr *) expected;
0647
0648 if (memcmp(&s6->sin6_addr, exp_in, sizeof(*exp_in))) {
0649 log_error("%s address does not match expected %s\n",
0650 desc,
0651 inet_ntop(AF_INET6, exp_in,
0652 addrstr, sizeof(addrstr)));
0653 rc = 1;
0654 }
0655 } else {
0656 log_error("%s address does not match expected - unknown family\n",
0657 desc);
0658 rc = 1;
0659 }
0660
0661 if (!rc)
0662 log_msg("%s address matches expected\n", desc);
0663
0664 return rc;
0665 }
0666
0667 static int show_sockstat(int sd, struct sock_args *args)
0668 {
0669 struct sockaddr_in6 local_addr, remote_addr;
0670 socklen_t alen = sizeof(local_addr);
0671 struct sockaddr *sa;
0672 const char *desc;
0673 int rc = 0;
0674
0675 desc = server_mode ? "server local:" : "client local:";
0676 sa = (struct sockaddr *) &local_addr;
0677 if (getsockname(sd, sa, &alen) == 0) {
0678 log_address(desc, sa);
0679
0680 if (args->has_expected_laddr) {
0681 rc = expected_addr_match(sa, &args->expected_laddr,
0682 "local");
0683 }
0684 } else {
0685 log_err_errno("getsockname failed");
0686 }
0687
0688 sa = (struct sockaddr *) &remote_addr;
0689 desc = server_mode ? "server peer:" : "client peer:";
0690 if (getpeername(sd, sa, &alen) == 0) {
0691 log_address(desc, sa);
0692
0693 if (args->has_expected_raddr) {
0694 rc |= expected_addr_match(sa, &args->expected_raddr,
0695 "remote");
0696 }
0697 } else {
0698 log_err_errno("getpeername failed");
0699 }
0700
0701 return rc;
0702 }
0703
0704 enum addr_type {
0705 ADDR_TYPE_LOCAL,
0706 ADDR_TYPE_REMOTE,
0707 ADDR_TYPE_MCAST,
0708 ADDR_TYPE_EXPECTED_LOCAL,
0709 ADDR_TYPE_EXPECTED_REMOTE,
0710 ADDR_TYPE_MD5_PREFIX,
0711 };
0712
0713 static int convert_addr(struct sock_args *args, const char *_str,
0714 enum addr_type atype)
0715 {
0716 int pfx_len_max = args->version == AF_INET6 ? 128 : 32;
0717 int family = args->version;
0718 char *str, *dev, *sep;
0719 struct in6_addr *in6;
0720 struct in_addr *in;
0721 const char *desc;
0722 void *addr;
0723 int rc = 0;
0724
0725 str = strdup(_str);
0726 if (!str)
0727 return -ENOMEM;
0728
0729 switch (atype) {
0730 case ADDR_TYPE_LOCAL:
0731 desc = "local";
0732 addr = &args->local_addr;
0733 break;
0734 case ADDR_TYPE_REMOTE:
0735 desc = "remote";
0736 addr = &args->remote_addr;
0737 break;
0738 case ADDR_TYPE_MCAST:
0739 desc = "mcast grp";
0740 addr = &args->grp;
0741 break;
0742 case ADDR_TYPE_EXPECTED_LOCAL:
0743 desc = "expected local";
0744 addr = &args->expected_laddr;
0745 break;
0746 case ADDR_TYPE_EXPECTED_REMOTE:
0747 desc = "expected remote";
0748 addr = &args->expected_raddr;
0749 break;
0750 case ADDR_TYPE_MD5_PREFIX:
0751 desc = "md5 prefix";
0752 if (family == AF_INET) {
0753 args->md5_prefix.v4.sin_family = AF_INET;
0754 addr = &args->md5_prefix.v4.sin_addr;
0755 } else if (family == AF_INET6) {
0756 args->md5_prefix.v6.sin6_family = AF_INET6;
0757 addr = &args->md5_prefix.v6.sin6_addr;
0758 } else
0759 return 1;
0760
0761 sep = strchr(str, '/');
0762 if (sep) {
0763 *sep = '\0';
0764 sep++;
0765 if (str_to_uint(sep, 1, pfx_len_max,
0766 &args->prefix_len) != 0) {
0767 fprintf(stderr, "Invalid port\n");
0768 return 1;
0769 }
0770 } else {
0771 args->prefix_len = 0;
0772 }
0773 break;
0774 default:
0775 log_error("unknown address type\n");
0776 exit(1);
0777 }
0778
0779 switch (family) {
0780 case AF_INET:
0781 in = (struct in_addr *) addr;
0782 if (str) {
0783 if (inet_pton(AF_INET, str, in) == 0) {
0784 log_error("Invalid %s IP address\n", desc);
0785 rc = -1;
0786 goto out;
0787 }
0788 } else {
0789 in->s_addr = htonl(INADDR_ANY);
0790 }
0791 break;
0792
0793 case AF_INET6:
0794 dev = strchr(str, '%');
0795 if (dev) {
0796 *dev = '\0';
0797 dev++;
0798 }
0799
0800 in6 = (struct in6_addr *) addr;
0801 if (str) {
0802 if (inet_pton(AF_INET6, str, in6) == 0) {
0803 log_error("Invalid %s IPv6 address\n", desc);
0804 rc = -1;
0805 goto out;
0806 }
0807 } else {
0808 *in6 = in6addr_any;
0809 }
0810 if (dev) {
0811 args->scope_id = get_ifidx(dev);
0812 if (args->scope_id < 0) {
0813 log_error("Invalid scope on %s IPv6 address\n",
0814 desc);
0815 rc = -1;
0816 goto out;
0817 }
0818 }
0819 break;
0820
0821 default:
0822 log_error("Invalid address family\n");
0823 }
0824
0825 out:
0826 free(str);
0827 return rc;
0828 }
0829
0830 static int validate_addresses(struct sock_args *args)
0831 {
0832 if (args->local_addr_str &&
0833 convert_addr(args, args->local_addr_str, ADDR_TYPE_LOCAL) < 0)
0834 return 1;
0835
0836 if (args->remote_addr_str &&
0837 convert_addr(args, args->remote_addr_str, ADDR_TYPE_REMOTE) < 0)
0838 return 1;
0839
0840 if (args->md5_prefix_str &&
0841 convert_addr(args, args->md5_prefix_str,
0842 ADDR_TYPE_MD5_PREFIX) < 0)
0843 return 1;
0844
0845 if (args->expected_laddr_str &&
0846 convert_addr(args, args->expected_laddr_str,
0847 ADDR_TYPE_EXPECTED_LOCAL))
0848 return 1;
0849
0850 if (args->expected_raddr_str &&
0851 convert_addr(args, args->expected_raddr_str,
0852 ADDR_TYPE_EXPECTED_REMOTE))
0853 return 1;
0854
0855 return 0;
0856 }
0857
0858 static int get_index_from_cmsg(struct msghdr *m)
0859 {
0860 struct cmsghdr *cm;
0861 int ifindex = 0;
0862 char buf[64];
0863
0864 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(m);
0865 m->msg_controllen != 0 && cm;
0866 cm = (struct cmsghdr *)CMSG_NXTHDR(m, cm)) {
0867
0868 if (cm->cmsg_level == SOL_IP &&
0869 cm->cmsg_type == IP_PKTINFO) {
0870 struct in_pktinfo *pi;
0871
0872 pi = (struct in_pktinfo *)(CMSG_DATA(cm));
0873 inet_ntop(AF_INET, &pi->ipi_addr, buf, sizeof(buf));
0874 ifindex = pi->ipi_ifindex;
0875 } else if (cm->cmsg_level == SOL_IPV6 &&
0876 cm->cmsg_type == IPV6_PKTINFO) {
0877 struct in6_pktinfo *pi6;
0878
0879 pi6 = (struct in6_pktinfo *)(CMSG_DATA(cm));
0880 inet_ntop(AF_INET6, &pi6->ipi6_addr, buf, sizeof(buf));
0881 ifindex = pi6->ipi6_ifindex;
0882 }
0883 }
0884
0885 if (ifindex) {
0886 log_msg(" pktinfo: ifindex %d dest addr %s\n",
0887 ifindex, buf);
0888 }
0889 return ifindex;
0890 }
0891
0892 static int send_msg_no_cmsg(int sd, void *addr, socklen_t alen)
0893 {
0894 int err;
0895
0896 again:
0897 err = sendto(sd, msg, msglen, 0, addr, alen);
0898 if (err < 0) {
0899 if (errno == EACCES && try_broadcast) {
0900 try_broadcast = 0;
0901 if (!set_broadcast(sd))
0902 goto again;
0903 errno = EACCES;
0904 }
0905
0906 log_err_errno("sendto failed");
0907 return 1;
0908 }
0909
0910 return 0;
0911 }
0912
0913 static int send_msg_cmsg(int sd, void *addr, socklen_t alen,
0914 int ifindex, int version)
0915 {
0916 unsigned char cmsgbuf[64];
0917 struct iovec iov[2];
0918 struct cmsghdr *cm;
0919 struct msghdr m;
0920 int err;
0921
0922 iov[0].iov_base = msg;
0923 iov[0].iov_len = msglen;
0924 m.msg_iov = iov;
0925 m.msg_iovlen = 1;
0926 m.msg_name = (caddr_t)addr;
0927 m.msg_namelen = alen;
0928
0929 memset(cmsgbuf, 0, sizeof(cmsgbuf));
0930 cm = (struct cmsghdr *)cmsgbuf;
0931 m.msg_control = (caddr_t)cm;
0932
0933 if (version == AF_INET) {
0934 struct in_pktinfo *pi;
0935
0936 cm->cmsg_level = SOL_IP;
0937 cm->cmsg_type = IP_PKTINFO;
0938 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
0939 pi = (struct in_pktinfo *)(CMSG_DATA(cm));
0940 pi->ipi_ifindex = ifindex;
0941
0942 m.msg_controllen = cm->cmsg_len;
0943
0944 } else if (version == AF_INET6) {
0945 struct in6_pktinfo *pi6;
0946
0947 cm->cmsg_level = SOL_IPV6;
0948 cm->cmsg_type = IPV6_PKTINFO;
0949 cm->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
0950
0951 pi6 = (struct in6_pktinfo *)(CMSG_DATA(cm));
0952 pi6->ipi6_ifindex = ifindex;
0953
0954 m.msg_controllen = cm->cmsg_len;
0955 }
0956
0957 again:
0958 err = sendmsg(sd, &m, 0);
0959 if (err < 0) {
0960 if (errno == EACCES && try_broadcast) {
0961 try_broadcast = 0;
0962 if (!set_broadcast(sd))
0963 goto again;
0964 errno = EACCES;
0965 }
0966
0967 log_err_errno("sendmsg failed");
0968 return 1;
0969 }
0970
0971 return 0;
0972 }
0973
0974
0975 static int send_msg(int sd, void *addr, socklen_t alen, struct sock_args *args)
0976 {
0977 if (args->type == SOCK_STREAM) {
0978 if (write(sd, msg, msglen) < 0) {
0979 log_err_errno("write failed sending msg to peer");
0980 return 1;
0981 }
0982 } else if (args->ifindex && args->use_cmsg) {
0983 if (send_msg_cmsg(sd, addr, alen, args->ifindex, args->version))
0984 return 1;
0985 } else {
0986 if (send_msg_no_cmsg(sd, addr, alen))
0987 return 1;
0988 }
0989
0990 log_msg("Sent message:\n");
0991 log_msg(" %.24s%s\n", msg, msglen > 24 ? " ..." : "");
0992
0993 return 0;
0994 }
0995
0996 static int socket_read_dgram(int sd, struct sock_args *args)
0997 {
0998 unsigned char addr[sizeof(struct sockaddr_in6)];
0999 struct sockaddr *sa = (struct sockaddr *) addr;
1000 socklen_t alen = sizeof(addr);
1001 struct iovec iov[2];
1002 struct msghdr m = {
1003 .msg_name = (caddr_t)addr,
1004 .msg_namelen = alen,
1005 .msg_iov = iov,
1006 .msg_iovlen = 1,
1007 };
1008 unsigned char cmsgbuf[256];
1009 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
1010 char buf[16*1024];
1011 int ifindex;
1012 int len;
1013
1014 iov[0].iov_base = (caddr_t)buf;
1015 iov[0].iov_len = sizeof(buf);
1016
1017 memset(cmsgbuf, 0, sizeof(cmsgbuf));
1018 m.msg_control = (caddr_t)cm;
1019 m.msg_controllen = sizeof(cmsgbuf);
1020
1021 len = recvmsg(sd, &m, 0);
1022 if (len == 0) {
1023 log_msg("peer closed connection.\n");
1024 return 0;
1025 } else if (len < 0) {
1026 log_msg("failed to read message: %d: %s\n",
1027 errno, strerror(errno));
1028 return -1;
1029 }
1030
1031 buf[len] = '\0';
1032
1033 log_address("Message from:", sa);
1034 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1035
1036 ifindex = get_index_from_cmsg(&m);
1037 if (args->expected_ifindex) {
1038 if (args->expected_ifindex != ifindex) {
1039 log_error("Device index mismatch: expected %d have %d\n",
1040 args->expected_ifindex, ifindex);
1041 return -1;
1042 }
1043 log_msg("Device index matches: expected %d have %d\n",
1044 args->expected_ifindex, ifindex);
1045 }
1046
1047 if (!interactive && server_mode) {
1048 if (sa->sa_family == AF_INET6) {
1049 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa;
1050 struct in6_addr *in6 = &s6->sin6_addr;
1051
1052 if (IN6_IS_ADDR_V4MAPPED(in6)) {
1053 const uint32_t *pa = (uint32_t *) &in6->s6_addr;
1054 struct in_addr in4;
1055 struct sockaddr_in *sin;
1056
1057 sin = (struct sockaddr_in *) addr;
1058 pa += 3;
1059 in4.s_addr = *pa;
1060 sin->sin_addr = in4;
1061 sin->sin_family = AF_INET;
1062 if (send_msg_cmsg(sd, addr, alen,
1063 ifindex, AF_INET) < 0)
1064 goto out_err;
1065 }
1066 }
1067 again:
1068 iov[0].iov_len = len;
1069
1070 if (args->version == AF_INET6) {
1071 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa;
1072
1073 if (args->dev) {
1074
1075 if (sendto(sd, buf, len, 0,
1076 (void *) addr, alen) < 0)
1077 goto out_err;
1078 } else {
1079
1080
1081
1082
1083 s6->sin6_scope_id = ifindex;
1084 if (sendmsg(sd, &m, 0) < 0)
1085 goto out_err;
1086 }
1087 } else {
1088 int err;
1089
1090 err = sendmsg(sd, &m, 0);
1091 if (err < 0) {
1092 if (errno == EACCES && try_broadcast) {
1093 try_broadcast = 0;
1094 if (!set_broadcast(sd))
1095 goto again;
1096 errno = EACCES;
1097 }
1098 goto out_err;
1099 }
1100 }
1101 log_msg("Sent message:\n");
1102 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1103 }
1104
1105 return 1;
1106 out_err:
1107 log_err_errno("failed to send msg to peer");
1108 return -1;
1109 }
1110
1111 static int socket_read_stream(int sd)
1112 {
1113 char buf[1024];
1114 int len;
1115
1116 len = read(sd, buf, sizeof(buf)-1);
1117 if (len == 0) {
1118 log_msg("client closed connection.\n");
1119 return 0;
1120 } else if (len < 0) {
1121 log_msg("failed to read message\n");
1122 return -1;
1123 }
1124
1125 buf[len] = '\0';
1126 log_msg("Incoming message:\n");
1127 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1128
1129 if (!interactive && server_mode) {
1130 if (write(sd, buf, len) < 0) {
1131 log_err_errno("failed to send buf");
1132 return -1;
1133 }
1134 log_msg("Sent message:\n");
1135 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1136 }
1137
1138 return 1;
1139 }
1140
1141 static int socket_read(int sd, struct sock_args *args)
1142 {
1143 if (args->type == SOCK_STREAM)
1144 return socket_read_stream(sd);
1145
1146 return socket_read_dgram(sd, args);
1147 }
1148
1149 static int stdin_to_socket(int sd, int type, void *addr, socklen_t alen)
1150 {
1151 char buf[1024];
1152 int len;
1153
1154 if (fgets(buf, sizeof(buf), stdin) == NULL)
1155 return 0;
1156
1157 len = strlen(buf);
1158 if (type == SOCK_STREAM) {
1159 if (write(sd, buf, len) < 0) {
1160 log_err_errno("failed to send buf");
1161 return -1;
1162 }
1163 } else {
1164 int err;
1165
1166 again:
1167 err = sendto(sd, buf, len, 0, addr, alen);
1168 if (err < 0) {
1169 if (errno == EACCES && try_broadcast) {
1170 try_broadcast = 0;
1171 if (!set_broadcast(sd))
1172 goto again;
1173 errno = EACCES;
1174 }
1175 log_err_errno("failed to send msg to peer");
1176 return -1;
1177 }
1178 }
1179 log_msg("Sent message:\n");
1180 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1181
1182 return 1;
1183 }
1184
1185 static void set_recv_attr(int sd, int version)
1186 {
1187 if (version == AF_INET6) {
1188 set_recvpktinfo_v6(sd);
1189 set_recverr_v6(sd);
1190 } else {
1191 set_pktinfo_v4(sd);
1192 set_recverr_v4(sd);
1193 }
1194 }
1195
1196 static int msg_loop(int client, int sd, void *addr, socklen_t alen,
1197 struct sock_args *args)
1198 {
1199 struct timeval timeout = { .tv_sec = prog_timeout }, *ptval = NULL;
1200 fd_set rfds;
1201 int nfds;
1202 int rc;
1203
1204 if (args->type != SOCK_STREAM)
1205 set_recv_attr(sd, args->version);
1206
1207 if (msg) {
1208 msglen = strlen(msg);
1209
1210
1211 if (client) {
1212 if (send_msg(sd, addr, alen, args))
1213 return 1;
1214 }
1215 if (!interactive) {
1216 ptval = &timeout;
1217 if (!prog_timeout)
1218 timeout.tv_sec = 5;
1219 }
1220 }
1221
1222 nfds = interactive ? MAX(fileno(stdin), sd) + 1 : sd + 1;
1223 while (1) {
1224 FD_ZERO(&rfds);
1225 FD_SET(sd, &rfds);
1226 if (interactive)
1227 FD_SET(fileno(stdin), &rfds);
1228
1229 rc = select(nfds, &rfds, NULL, NULL, ptval);
1230 if (rc < 0) {
1231 if (errno == EINTR)
1232 continue;
1233
1234 rc = 1;
1235 log_err_errno("select failed");
1236 break;
1237 } else if (rc == 0) {
1238 log_error("Timed out waiting for response\n");
1239 rc = 2;
1240 break;
1241 }
1242
1243 if (FD_ISSET(sd, &rfds)) {
1244 rc = socket_read(sd, args);
1245 if (rc < 0) {
1246 rc = 1;
1247 break;
1248 }
1249 if (rc == 0)
1250 break;
1251 }
1252
1253 rc = 0;
1254
1255 if (FD_ISSET(fileno(stdin), &rfds)) {
1256 if (stdin_to_socket(sd, args->type, addr, alen) <= 0)
1257 break;
1258 }
1259
1260 if (interactive)
1261 continue;
1262
1263 if (iter != -1) {
1264 --iter;
1265 if (iter == 0)
1266 break;
1267 }
1268
1269 log_msg("Going into quiet mode\n");
1270 quiet = 1;
1271
1272 if (client) {
1273 if (send_msg(sd, addr, alen, args)) {
1274 rc = 1;
1275 break;
1276 }
1277 }
1278 }
1279
1280 return rc;
1281 }
1282
1283 static int msock_init(struct sock_args *args, int server)
1284 {
1285 uint32_t if_addr = htonl(INADDR_ANY);
1286 struct sockaddr_in laddr = {
1287 .sin_family = AF_INET,
1288 .sin_port = htons(args->port),
1289 };
1290 int one = 1;
1291 int sd;
1292
1293 if (!server && args->has_local_ip)
1294 if_addr = args->local_addr.in.s_addr;
1295
1296 sd = socket(PF_INET, SOCK_DGRAM, 0);
1297 if (sd < 0) {
1298 log_err_errno("socket");
1299 return -1;
1300 }
1301
1302 if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR,
1303 (char *)&one, sizeof(one)) < 0) {
1304 log_err_errno("Setting SO_REUSEADDR error");
1305 goto out_err;
1306 }
1307
1308 if (setsockopt(sd, SOL_SOCKET, SO_BROADCAST,
1309 (char *)&one, sizeof(one)) < 0)
1310 log_err_errno("Setting SO_BROADCAST error");
1311
1312 if (args->dev && bind_to_device(sd, args->dev) != 0)
1313 goto out_err;
1314 else if (args->use_setsockopt &&
1315 set_multicast_if(sd, args->ifindex))
1316 goto out_err;
1317
1318 laddr.sin_addr.s_addr = if_addr;
1319
1320 if (bind(sd, (struct sockaddr *) &laddr, sizeof(laddr)) < 0) {
1321 log_err_errno("bind failed");
1322 goto out_err;
1323 }
1324
1325 if (server &&
1326 set_membership(sd, args->grp.s_addr,
1327 args->local_addr.in.s_addr, args->ifindex))
1328 goto out_err;
1329
1330 return sd;
1331 out_err:
1332 close(sd);
1333 return -1;
1334 }
1335
1336 static int msock_server(struct sock_args *args)
1337 {
1338 return msock_init(args, 1);
1339 }
1340
1341 static int msock_client(struct sock_args *args)
1342 {
1343 return msock_init(args, 0);
1344 }
1345
1346 static int bind_socket(int sd, struct sock_args *args)
1347 {
1348 struct sockaddr_in serv_addr = {
1349 .sin_family = AF_INET,
1350 };
1351 struct sockaddr_in6 serv6_addr = {
1352 .sin6_family = AF_INET6,
1353 };
1354 void *addr;
1355 socklen_t alen;
1356
1357 if (!args->has_local_ip && args->type == SOCK_RAW)
1358 return 0;
1359
1360 switch (args->version) {
1361 case AF_INET:
1362 serv_addr.sin_port = htons(args->port);
1363 serv_addr.sin_addr = args->local_addr.in;
1364 addr = &serv_addr;
1365 alen = sizeof(serv_addr);
1366 break;
1367
1368 case AF_INET6:
1369 serv6_addr.sin6_port = htons(args->port);
1370 serv6_addr.sin6_addr = args->local_addr.in6;
1371 addr = &serv6_addr;
1372 alen = sizeof(serv6_addr);
1373 break;
1374
1375 default:
1376 log_error("Invalid address family\n");
1377 return -1;
1378 }
1379
1380 if (bind(sd, addr, alen) < 0) {
1381 log_err_errno("error binding socket");
1382 return -1;
1383 }
1384
1385 return 0;
1386 }
1387
1388 static int config_xfrm_policy(int sd, struct sock_args *args)
1389 {
1390 struct xfrm_userpolicy_info policy = {};
1391 int type = UDP_ENCAP_ESPINUDP;
1392 int xfrm_af = IP_XFRM_POLICY;
1393 int level = SOL_IP;
1394
1395 if (args->type != SOCK_DGRAM) {
1396 log_error("Invalid socket type. Only DGRAM could be used for XFRM\n");
1397 return 1;
1398 }
1399
1400 policy.action = XFRM_POLICY_ALLOW;
1401 policy.sel.family = args->version;
1402 if (args->version == AF_INET6) {
1403 xfrm_af = IPV6_XFRM_POLICY;
1404 level = SOL_IPV6;
1405 }
1406
1407 policy.dir = XFRM_POLICY_OUT;
1408 if (setsockopt(sd, level, xfrm_af, &policy, sizeof(policy)) < 0)
1409 return 1;
1410
1411 policy.dir = XFRM_POLICY_IN;
1412 if (setsockopt(sd, level, xfrm_af, &policy, sizeof(policy)) < 0)
1413 return 1;
1414
1415 if (setsockopt(sd, IPPROTO_UDP, UDP_ENCAP, &type, sizeof(type)) < 0) {
1416 log_err_errno("Failed to set xfrm encap");
1417 return 1;
1418 }
1419
1420 return 0;
1421 }
1422
1423 static int lsock_init(struct sock_args *args)
1424 {
1425 long flags;
1426 int sd;
1427
1428 sd = socket(args->version, args->type, args->protocol);
1429 if (sd < 0) {
1430 log_err_errno("Error opening socket");
1431 return -1;
1432 }
1433
1434 if (set_reuseaddr(sd) != 0)
1435 goto err;
1436
1437 if (set_reuseport(sd) != 0)
1438 goto err;
1439
1440 if (args->dev && bind_to_device(sd, args->dev) != 0)
1441 goto err;
1442 else if (args->use_setsockopt &&
1443 set_unicast_if(sd, args->ifindex, args->version))
1444 goto err;
1445
1446 if (args->use_freebind && set_freebind(sd, args->version))
1447 goto err;
1448
1449 if (bind_socket(sd, args))
1450 goto err;
1451
1452 if (args->bind_test_only)
1453 goto out;
1454
1455 if (args->type == SOCK_STREAM && listen(sd, 1) < 0) {
1456 log_err_errno("listen failed");
1457 goto err;
1458 }
1459
1460 flags = fcntl(sd, F_GETFL);
1461 if ((flags < 0) || (fcntl(sd, F_SETFL, flags|O_NONBLOCK) < 0)) {
1462 log_err_errno("Failed to set non-blocking option");
1463 goto err;
1464 }
1465
1466 if (fcntl(sd, F_SETFD, FD_CLOEXEC) < 0)
1467 log_err_errno("Failed to set close-on-exec flag");
1468
1469 if (args->use_xfrm && config_xfrm_policy(sd, args)) {
1470 log_err_errno("Failed to set xfrm policy");
1471 goto err;
1472 }
1473
1474 out:
1475 return sd;
1476
1477 err:
1478 close(sd);
1479 return -1;
1480 }
1481
1482 static void ipc_write(int fd, int message)
1483 {
1484
1485 if (fd < 0)
1486 return;
1487
1488 if (write(fd, &message, sizeof(message)) < 0)
1489 log_err_errno("Failed to send client status");
1490 }
1491
1492 static int do_server(struct sock_args *args, int ipc_fd)
1493 {
1494
1495 struct timeval timeout = { .tv_sec = prog_timeout }, *ptval = NULL;
1496 unsigned char addr[sizeof(struct sockaddr_in6)] = {};
1497 socklen_t alen = sizeof(addr);
1498 int lsd, csd = -1;
1499
1500 fd_set rfds;
1501 int rc;
1502
1503 if (args->serverns) {
1504 if (switch_ns(args->serverns)) {
1505 log_error("Could not set server netns to %s\n",
1506 args->serverns);
1507 goto err_exit;
1508 }
1509 log_msg("Switched server netns\n");
1510 }
1511
1512 args->dev = args->server_dev;
1513 args->expected_dev = args->expected_server_dev;
1514 if (resolve_devices(args) || validate_addresses(args))
1515 goto err_exit;
1516
1517 if (prog_timeout)
1518 ptval = &timeout;
1519
1520 if (args->has_grp)
1521 lsd = msock_server(args);
1522 else
1523 lsd = lsock_init(args);
1524
1525 if (lsd < 0)
1526 goto err_exit;
1527
1528 if (args->bind_test_only) {
1529 close(lsd);
1530 ipc_write(ipc_fd, 1);
1531 return 0;
1532 }
1533
1534 if (args->type != SOCK_STREAM) {
1535 ipc_write(ipc_fd, 1);
1536 rc = msg_loop(0, lsd, (void *) addr, alen, args);
1537 close(lsd);
1538 return rc;
1539 }
1540
1541 if (args->password && tcp_md5_remote(lsd, args)) {
1542 close(lsd);
1543 goto err_exit;
1544 }
1545
1546 ipc_write(ipc_fd, 1);
1547 while (1) {
1548 log_msg("waiting for client connection.\n");
1549 FD_ZERO(&rfds);
1550 FD_SET(lsd, &rfds);
1551
1552 rc = select(lsd+1, &rfds, NULL, NULL, ptval);
1553 if (rc == 0) {
1554 rc = 2;
1555 break;
1556 }
1557
1558 if (rc < 0) {
1559 if (errno == EINTR)
1560 continue;
1561
1562 log_err_errno("select failed");
1563 break;
1564 }
1565
1566 if (FD_ISSET(lsd, &rfds)) {
1567
1568 csd = accept(lsd, (void *) addr, &alen);
1569 if (csd < 0) {
1570 log_err_errno("accept failed");
1571 break;
1572 }
1573
1574 rc = show_sockstat(csd, args);
1575 if (rc)
1576 break;
1577
1578 rc = check_device(csd, args);
1579 if (rc)
1580 break;
1581 }
1582
1583 rc = msg_loop(0, csd, (void *) addr, alen, args);
1584 close(csd);
1585
1586 if (!interactive)
1587 break;
1588 }
1589
1590 close(lsd);
1591
1592 return rc;
1593 err_exit:
1594 ipc_write(ipc_fd, 0);
1595 return 1;
1596 }
1597
1598 static int wait_for_connect(int sd)
1599 {
1600 struct timeval _tv = { .tv_sec = prog_timeout }, *tv = NULL;
1601 fd_set wfd;
1602 int val = 0, sz = sizeof(val);
1603 int rc;
1604
1605 FD_ZERO(&wfd);
1606 FD_SET(sd, &wfd);
1607
1608 if (prog_timeout)
1609 tv = &_tv;
1610
1611 rc = select(FD_SETSIZE, NULL, &wfd, NULL, tv);
1612 if (rc == 0) {
1613 log_error("connect timed out\n");
1614 return -2;
1615 } else if (rc < 0) {
1616 log_err_errno("select failed");
1617 return -3;
1618 }
1619
1620 if (getsockopt(sd, SOL_SOCKET, SO_ERROR, &val, (socklen_t *)&sz) < 0) {
1621 log_err_errno("getsockopt(SO_ERROR) failed");
1622 return -4;
1623 }
1624
1625 if (val != 0) {
1626 log_error("connect failed: %d: %s\n", val, strerror(val));
1627 return -1;
1628 }
1629
1630 return 0;
1631 }
1632
1633 static int connectsock(void *addr, socklen_t alen, struct sock_args *args)
1634 {
1635 int sd, rc = -1;
1636 long flags;
1637
1638 sd = socket(args->version, args->type, args->protocol);
1639 if (sd < 0) {
1640 log_err_errno("Failed to create socket");
1641 return -1;
1642 }
1643
1644 flags = fcntl(sd, F_GETFL);
1645 if ((flags < 0) || (fcntl(sd, F_SETFL, flags|O_NONBLOCK) < 0)) {
1646 log_err_errno("Failed to set non-blocking option");
1647 goto err;
1648 }
1649
1650 if (set_reuseport(sd) != 0)
1651 goto err;
1652
1653 if (args->dev && bind_to_device(sd, args->dev) != 0)
1654 goto err;
1655 else if (args->use_setsockopt &&
1656 set_unicast_if(sd, args->ifindex, args->version))
1657 goto err;
1658
1659 if (args->has_local_ip && bind_socket(sd, args))
1660 goto err;
1661
1662 if (args->type != SOCK_STREAM)
1663 goto out;
1664
1665 if (args->password && tcp_md5sig(sd, addr, alen, args))
1666 goto err;
1667
1668 if (args->bind_test_only)
1669 goto out;
1670
1671 if (connect(sd, addr, alen) < 0) {
1672 if (errno != EINPROGRESS) {
1673 log_err_errno("Failed to connect to remote host");
1674 rc = -1;
1675 goto err;
1676 }
1677 rc = wait_for_connect(sd);
1678 if (rc < 0)
1679 goto err;
1680 }
1681 out:
1682 return sd;
1683
1684 err:
1685 close(sd);
1686 return rc;
1687 }
1688
1689 static int do_client(struct sock_args *args)
1690 {
1691 struct sockaddr_in sin = {
1692 .sin_family = AF_INET,
1693 };
1694 struct sockaddr_in6 sin6 = {
1695 .sin6_family = AF_INET6,
1696 };
1697 void *addr;
1698 int alen;
1699 int rc = 0;
1700 int sd;
1701
1702 if (!args->has_remote_ip && !args->has_grp) {
1703 fprintf(stderr, "remote IP or multicast group not given\n");
1704 return 1;
1705 }
1706
1707 if (args->clientns) {
1708 if (switch_ns(args->clientns)) {
1709 log_error("Could not set client netns to %s\n",
1710 args->clientns);
1711 return 1;
1712 }
1713 log_msg("Switched client netns\n");
1714 }
1715
1716 args->local_addr_str = args->client_local_addr_str;
1717 if (resolve_devices(args) || validate_addresses(args))
1718 return 1;
1719
1720 if ((args->use_setsockopt || args->use_cmsg) && !args->ifindex) {
1721 fprintf(stderr, "Device binding not specified\n");
1722 return 1;
1723 }
1724 if (args->use_setsockopt || args->use_cmsg)
1725 args->dev = NULL;
1726
1727 switch (args->version) {
1728 case AF_INET:
1729 sin.sin_port = htons(args->port);
1730 if (args->has_grp)
1731 sin.sin_addr = args->grp;
1732 else
1733 sin.sin_addr = args->remote_addr.in;
1734 addr = &sin;
1735 alen = sizeof(sin);
1736 break;
1737 case AF_INET6:
1738 sin6.sin6_port = htons(args->port);
1739 sin6.sin6_addr = args->remote_addr.in6;
1740 sin6.sin6_scope_id = args->scope_id;
1741 addr = &sin6;
1742 alen = sizeof(sin6);
1743 break;
1744 }
1745
1746 args->password = args->client_pw;
1747
1748 if (args->has_grp)
1749 sd = msock_client(args);
1750 else
1751 sd = connectsock(addr, alen, args);
1752
1753 if (sd < 0)
1754 return -sd;
1755
1756 if (args->bind_test_only)
1757 goto out;
1758
1759 if (args->type == SOCK_STREAM) {
1760 rc = show_sockstat(sd, args);
1761 if (rc != 0)
1762 goto out;
1763 }
1764
1765 rc = msg_loop(1, sd, addr, alen, args);
1766
1767 out:
1768 close(sd);
1769
1770 return rc;
1771 }
1772
1773 static char *random_msg(int len)
1774 {
1775 int i, n = 0, olen = len + 1;
1776 char *m;
1777
1778 if (len <= 0)
1779 return NULL;
1780
1781 m = malloc(olen);
1782 if (!m)
1783 return NULL;
1784
1785 while (len > 26) {
1786 i = snprintf(m + n, olen - n, "%.26s",
1787 "abcdefghijklmnopqrstuvwxyz");
1788 n += i;
1789 len -= i;
1790 }
1791 i = snprintf(m + n, olen - n, "%.*s", len,
1792 "abcdefghijklmnopqrstuvwxyz");
1793 return m;
1794 }
1795
1796 static int ipc_child(int fd, struct sock_args *args)
1797 {
1798 char *outbuf, *errbuf;
1799 int rc = 1;
1800
1801 outbuf = malloc(4096);
1802 errbuf = malloc(4096);
1803 if (!outbuf || !errbuf) {
1804 fprintf(stderr, "server: Failed to allocate buffers for stdout and stderr\n");
1805 goto out;
1806 }
1807
1808 setbuffer(stdout, outbuf, 4096);
1809 setbuffer(stderr, errbuf, 4096);
1810
1811 server_mode = 1;
1812
1813
1814
1815
1816 args->has_expected_laddr = 0;
1817 args->has_expected_raddr = 0;
1818
1819 rc = do_server(args, fd);
1820
1821 out:
1822 free(outbuf);
1823 free(errbuf);
1824
1825 return rc;
1826 }
1827
1828 static int ipc_parent(int cpid, int fd, struct sock_args *args)
1829 {
1830 int client_status;
1831 int status;
1832 int buf;
1833
1834
1835
1836
1837 if (read(fd, &buf, sizeof(buf)) <= 0) {
1838 log_err_errno("Failed to read IPC status from status");
1839 return 1;
1840 }
1841 if (!buf) {
1842 log_error("Server failed; can not continue\n");
1843 return 1;
1844 }
1845 log_msg("Server is ready\n");
1846
1847 client_status = do_client(args);
1848 log_msg("parent is done!\n");
1849
1850 if (kill(cpid, 0) == 0)
1851 kill(cpid, SIGKILL);
1852
1853 wait(&status);
1854 return client_status;
1855 }
1856
1857 #define GETOPT_STR "sr:l:c:p:t:g:P:DRn:M:X:m:d:I:BN:O:SCi6xL:0:1:2:3:Fbqf"
1858 #define OPT_FORCE_BIND_KEY_IFINDEX 1001
1859 #define OPT_NO_BIND_KEY_IFINDEX 1002
1860
1861 static struct option long_opts[] = {
1862 {"force-bind-key-ifindex", 0, 0, OPT_FORCE_BIND_KEY_IFINDEX},
1863 {"no-bind-key-ifindex", 0, 0, OPT_NO_BIND_KEY_IFINDEX},
1864 {0, 0, 0, 0}
1865 };
1866
1867 static void print_usage(char *prog)
1868 {
1869 printf(
1870 "usage: %s OPTS\n"
1871 "Required:\n"
1872 " -r addr remote address to connect to (client mode only)\n"
1873 " -p port port to connect to (client mode)/listen on (server mode)\n"
1874 " (default: %d)\n"
1875 " -s server mode (default: client mode)\n"
1876 " -t timeout seconds (default: none)\n"
1877 "\n"
1878 "Optional:\n"
1879 " -B do both client and server via fork and IPC\n"
1880 " -N ns set client to network namespace ns (requires root)\n"
1881 " -O ns set server to network namespace ns (requires root)\n"
1882 " -F Restart server loop\n"
1883 " -6 IPv6 (default is IPv4)\n"
1884 " -P proto protocol for socket: icmp, ospf (default: none)\n"
1885 " -D|R datagram (D) / raw (R) socket (default stream)\n"
1886 " -l addr local address to bind to in server mode\n"
1887 " -c addr local address to bind to in client mode\n"
1888 " -x configure XFRM policy on socket\n"
1889 "\n"
1890 " -d dev bind socket to given device name\n"
1891 " -I dev bind socket to given device name - server mode\n"
1892 " -S use setsockopt (IP_UNICAST_IF or IP_MULTICAST_IF)\n"
1893 " to set device binding\n"
1894 " -f bind socket with the IP[V6]_FREEBIND option\n"
1895 " -C use cmsg and IP_PKTINFO to specify device binding\n"
1896 "\n"
1897 " -L len send random message of given length\n"
1898 " -n num number of times to send message\n"
1899 "\n"
1900 " -M password use MD5 sum protection\n"
1901 " -X password MD5 password for client mode\n"
1902 " -m prefix/len prefix and length to use for MD5 key\n"
1903 " --no-bind-key-ifindex: Force TCP_MD5SIG_FLAG_IFINDEX off\n"
1904 " --force-bind-key-ifindex: Force TCP_MD5SIG_FLAG_IFINDEX on\n"
1905 " (default: only if -I is passed)\n"
1906 "\n"
1907 " -g grp multicast group (e.g., 239.1.1.1)\n"
1908 " -i interactive mode (default is echo and terminate)\n"
1909 "\n"
1910 " -0 addr Expected local address\n"
1911 " -1 addr Expected remote address\n"
1912 " -2 dev Expected device name (or index) to receive packet\n"
1913 " -3 dev Expected device name (or index) to receive packets - server mode\n"
1914 "\n"
1915 " -b Bind test only.\n"
1916 " -q Be quiet. Run test without printing anything.\n"
1917 , prog, DEFAULT_PORT);
1918 }
1919
1920 int main(int argc, char *argv[])
1921 {
1922 struct sock_args args = {
1923 .version = AF_INET,
1924 .type = SOCK_STREAM,
1925 .port = DEFAULT_PORT,
1926 };
1927 struct protoent *pe;
1928 int both_mode = 0;
1929 unsigned int tmp;
1930 int forever = 0;
1931 int fd[2];
1932 int cpid;
1933
1934
1935 extern char *optarg;
1936 int rc = 0;
1937
1938
1939
1940
1941
1942 while ((rc = getopt_long(argc, argv, GETOPT_STR, long_opts, NULL)) != -1) {
1943 switch (rc) {
1944 case 'B':
1945 both_mode = 1;
1946 break;
1947 case 's':
1948 server_mode = 1;
1949 break;
1950 case 'F':
1951 forever = 1;
1952 break;
1953 case 'l':
1954 args.has_local_ip = 1;
1955 args.local_addr_str = optarg;
1956 break;
1957 case 'r':
1958 args.has_remote_ip = 1;
1959 args.remote_addr_str = optarg;
1960 break;
1961 case 'c':
1962 args.has_local_ip = 1;
1963 args.client_local_addr_str = optarg;
1964 break;
1965 case 'p':
1966 if (str_to_uint(optarg, 1, 65535, &tmp) != 0) {
1967 fprintf(stderr, "Invalid port\n");
1968 return 1;
1969 }
1970 args.port = (unsigned short) tmp;
1971 break;
1972 case 't':
1973 if (str_to_uint(optarg, 0, INT_MAX,
1974 &prog_timeout) != 0) {
1975 fprintf(stderr, "Invalid timeout\n");
1976 return 1;
1977 }
1978 break;
1979 case 'D':
1980 args.type = SOCK_DGRAM;
1981 break;
1982 case 'R':
1983 args.type = SOCK_RAW;
1984 args.port = 0;
1985 if (!args.protocol)
1986 args.protocol = IPPROTO_RAW;
1987 break;
1988 case 'P':
1989 pe = getprotobyname(optarg);
1990 if (pe) {
1991 args.protocol = pe->p_proto;
1992 } else {
1993 if (str_to_uint(optarg, 0, 0xffff, &tmp) != 0) {
1994 fprintf(stderr, "Invalid protocol\n");
1995 return 1;
1996 }
1997 args.protocol = tmp;
1998 }
1999 break;
2000 case 'n':
2001 iter = atoi(optarg);
2002 break;
2003 case 'N':
2004 args.clientns = optarg;
2005 break;
2006 case 'O':
2007 args.serverns = optarg;
2008 break;
2009 case 'L':
2010 msg = random_msg(atoi(optarg));
2011 break;
2012 case 'M':
2013 args.password = optarg;
2014 break;
2015 case OPT_FORCE_BIND_KEY_IFINDEX:
2016 args.bind_key_ifindex = 1;
2017 break;
2018 case OPT_NO_BIND_KEY_IFINDEX:
2019 args.bind_key_ifindex = -1;
2020 break;
2021 case 'X':
2022 args.client_pw = optarg;
2023 break;
2024 case 'm':
2025 args.md5_prefix_str = optarg;
2026 break;
2027 case 'S':
2028 args.use_setsockopt = 1;
2029 break;
2030 case 'f':
2031 args.use_freebind = 1;
2032 break;
2033 case 'C':
2034 args.use_cmsg = 1;
2035 break;
2036 case 'd':
2037 args.dev = optarg;
2038 break;
2039 case 'I':
2040 args.server_dev = optarg;
2041 break;
2042 case 'i':
2043 interactive = 1;
2044 break;
2045 case 'g':
2046 args.has_grp = 1;
2047 if (convert_addr(&args, optarg, ADDR_TYPE_MCAST) < 0)
2048 return 1;
2049 args.type = SOCK_DGRAM;
2050 break;
2051 case '6':
2052 args.version = AF_INET6;
2053 break;
2054 case 'b':
2055 args.bind_test_only = 1;
2056 break;
2057 case '0':
2058 args.has_expected_laddr = 1;
2059 args.expected_laddr_str = optarg;
2060 break;
2061 case '1':
2062 args.has_expected_raddr = 1;
2063 args.expected_raddr_str = optarg;
2064 break;
2065 case '2':
2066 args.expected_dev = optarg;
2067 break;
2068 case '3':
2069 args.expected_server_dev = optarg;
2070 break;
2071 case 'q':
2072 quiet = 1;
2073 break;
2074 case 'x':
2075 args.use_xfrm = 1;
2076 break;
2077 default:
2078 print_usage(argv[0]);
2079 return 1;
2080 }
2081 }
2082
2083 if (args.password &&
2084 ((!args.has_remote_ip && !args.md5_prefix_str) ||
2085 args.type != SOCK_STREAM)) {
2086 log_error("MD5 passwords apply to TCP only and require a remote ip for the password\n");
2087 return 1;
2088 }
2089
2090 if (args.md5_prefix_str && !args.password) {
2091 log_error("Prefix range for MD5 protection specified without a password\n");
2092 return 1;
2093 }
2094
2095 if (iter == 0) {
2096 fprintf(stderr, "Invalid number of messages to send\n");
2097 return 1;
2098 }
2099
2100 if (args.type == SOCK_STREAM && !args.protocol)
2101 args.protocol = IPPROTO_TCP;
2102 if (args.type == SOCK_DGRAM && !args.protocol)
2103 args.protocol = IPPROTO_UDP;
2104
2105 if ((args.type == SOCK_STREAM || args.type == SOCK_DGRAM) &&
2106 args.port == 0) {
2107 fprintf(stderr, "Invalid port number\n");
2108 return 1;
2109 }
2110
2111 if ((both_mode || !server_mode) && !args.has_grp &&
2112 !args.has_remote_ip && !args.has_local_ip) {
2113 fprintf(stderr,
2114 "Local (server mode) or remote IP (client IP) required\n");
2115 return 1;
2116 }
2117
2118 if (interactive) {
2119 prog_timeout = 0;
2120 msg = NULL;
2121 }
2122
2123 if (both_mode) {
2124 if (pipe(fd) < 0) {
2125 perror("pipe");
2126 exit(1);
2127 }
2128
2129 cpid = fork();
2130 if (cpid < 0) {
2131 perror("fork");
2132 exit(1);
2133 }
2134 if (cpid)
2135 return ipc_parent(cpid, fd[0], &args);
2136
2137 return ipc_child(fd[1], &args);
2138 }
2139
2140 if (server_mode) {
2141 do {
2142 rc = do_server(&args, -1);
2143 } while (forever);
2144
2145 return rc;
2146 }
2147 return do_client(&args);
2148 }
