2 * Copyright (c) 2022 Omar Polo <op@omarpolo.com>
3 * Copyright (c) 2011 - 2015 Reyk Floeter <reyk@openbsd.org>
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 #include <sys/types.h>
19 #include <sys/queue.h>
20 #include <sys/socket.h>
26 #include <sys/stat.h> /* umask */
27 #include <sys/un.h> /* sockaddr_un */
46 config_init(struct galileo *env)
48 /* Global configuration */
49 if (privsep_process == PROC_PARENT)
50 env->sc_prefork = PROXY_NUMPROC;
52 /* Other configuration. */
53 TAILQ_INIT(&env->sc_proxies);
61 config_purge(struct galileo *env)
65 while ((p = TAILQ_FIRST(&env->sc_proxies)) != NULL) {
66 TAILQ_REMOVE(&env->sc_proxies, p, pr_entry);
72 config_setproxy(struct galileo *env, struct proxy *p)
74 struct privsep *ps = env->sc_ps;
76 if (proc_compose(ps, PROC_PROXY, IMSG_CFG_SRV, p, sizeof(*p)) == -1)
77 fatal("proc_compose");
82 config_getproxy(struct galileo *env, struct imsg *imsg)
86 proxy = xcalloc(1, sizeof(*proxy));
87 if (IMSG_DATA_SIZE(imsg) != sizeof(*proxy))
88 fatalx("%s: bad imsg size", __func__);
90 memcpy(proxy, imsg->data, sizeof(*proxy));
92 log_debug("%s: proxy=%s -> %s:%s (%s)", __func__,
93 proxy->pr_conf.host, proxy->pr_conf.proxy_addr,
94 proxy->pr_conf.proxy_port, proxy->pr_conf.proxy_name);
96 TAILQ_INSERT_TAIL(&env->sc_proxies, proxy, pr_entry);
102 config_setsock(struct galileo *env)
104 struct privsep *ps = env->sc_ps;
105 struct passwd *pw = ps->ps_pw;
106 struct sockaddr_un sun;
107 const char *path = GALILEO_SOCK;
108 int id, fd, old_umask;
111 * open listening socket.
113 * XXX: move to server.c as server_privinit like httpd once we
114 * support more than one listening socket.
116 if ((fd = socket(AF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0)) == -1) {
117 log_warn("%s: socket", __func__);
121 memset(&sun, 0, sizeof(sun));
122 sun.sun_family = AF_UNIX;
123 strlcpy(sun.sun_path, path, sizeof(sun.sun_path));
125 if (unlink(path) == -1)
126 if (errno != ENOENT) {
127 log_warn("%s: unlink %s", __func__, path);
132 old_umask = umask(S_IXUSR|S_IXGRP|S_IWOTH|S_IROTH|S_IXOTH);
133 if (bind(fd, (struct sockaddr *)&sun, sizeof(sun)) == -1) {
134 log_warn("%s: bind: %s (%d)", __func__, path, geteuid());
141 if (chmod(path, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP) == -1) {
142 log_warn("%s: chmod", __func__);
148 if (chown(path, pw->pw_uid, pw->pw_gid) == -1) {
149 log_warn("%s: chown", __func__);
155 if (listen(fd, 5) == -1) {
156 log_warn("%s: listen", __func__);
162 for (id = 0; id < PROC_MAX; ++id) {
165 if (id == privsep_process || id != PROC_PROXY)
169 proc_range(ps, id, &n, &m);
170 for (n = 0; n < m; ++n) {
173 if ((d = dup(fd)) == -1) {
174 log_warn("%s: dup", __func__);
179 if (proc_compose_imsg(ps, id, n, IMSG_CFG_SOCK,
180 -1, d, NULL, 0) == -1) {
181 log_warn("%s: failed to compose "
182 "IMSG_CFG_SOCK", __func__);
186 if (proc_flush_imsg(ps, id, n) == -1) {
187 log_warn("%s: failed to flush", __func__);
199 config_getsock(struct galileo *env, struct imsg *imsg)
201 /* XXX: make it more like httpd/gotwebd' one */
206 config_setreset(struct galileo *env)
208 struct privsep *ps = env->sc_ps;
211 for (id = 0; id < PROC_MAX; ++id)
212 proc_compose(ps, id, IMSG_CTL_RESET, NULL, 0);
218 config_getreset(struct galileo *env, struct imsg *imsg)