Blob

Date:
Message:
cache listener flags in struct client this saves us from the small chance that a client accepted before reconf uses the flags from a listener post reconf.
Actions:
History | Blame | Raw File
1 /*

2  * Copyright (c) 2021, 2022 Omar Polo <op@omarpolo.com>

3  * Copyright (c) 2018 Florian Obser <florian@openbsd.org>

4  * Copyright (c) 2004, 2005 Claudio Jeker <claudio@openbsd.org>

5  * Copyright (c) 2004 Esben Norby <norby@openbsd.org>

6  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>

7  *

8  * Permission to use, copy, modify, and distribute this software for any

9  * purpose with or without fee is hereby granted, provided that the above

10  * copyright notice and this permission notice appear in all copies.

11  *

12  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

13  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

14  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR

15  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

16  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN

17  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF

18  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

19  */

21 #include "compat.h"

23 #include <sys/socket.h>

24 #include <sys/types.h>

25 #include <sys/uio.h>

27 #include <endian.h>

28 #include <errno.h>

29 #include <inttypes.h>

30 #include <pwd.h>

31 #include <signal.h>

32 #include <stdint.h>

33 #include <stdio.h>

34 #include <stdlib.h>

35 #include <string.h>

36 #include <syslog.h>

37 #include <unistd.h>

39 #include "control.h"

40 #include "kami.h"

41 #include "kamid.h"

42 #include "listener.h"

43 #include "log.h"

44 #include "sandbox.h"

45 #include "utils.h"

47 static struct kd_conf	*listener_conf;

48 static struct imsgev	*iev_main;

50 static void	listener_sig_handler(int, short, void *);

51 __dead void	listener_shutdown(void);

53 SPLAY_HEAD(clients_tree_id, client) clients;

55 struct client {

56 	uint32_t		 id;

57 	uint32_t		 lid;

58 	uint32_t		 lflags;

59 	uint32_t		 msize;

60 	int			 fd;

61 	struct tls		*ctx;

62 	struct event		 event;

63 	struct imsgev		 iev;

64 	struct bufferevent	*bev;

65 	SPLAY_ENTRY(client)	 sp_entry;

66 };

68 static void	listener_imsg_event_add(struct imsgev *, void *);

69 static void	listener_dispatch_client(int, short, void *);

70 static int	listener_imsg_compose_client(struct client *, int,

71     uint32_t, const void *, uint16_t);

73 static void	apply_config(struct kd_conf *);

74 static void	handle_accept(int, short, void *);

76 static void	handle_handshake(int, short, void *);

77 static void	client_read(struct bufferevent *, void *);

78 static void	client_write(struct bufferevent *, void *);

79 static void	client_error(struct bufferevent *, short, void *);

80 static void	client_tls_readcb(int, short, void *);

81 static void	client_tls_writecb(int, short, void *);

82 static void	close_conn(struct client *);

83 static void	handle_close(int, short, void *);

85 static inline int

86 clients_tree_cmp(struct client *a, struct client *b)

87 {

88 	if (a->id == b->id)

89 		return 0;

90 	else if (a->id < b->id)

91 		return -1;

92 	else

93 		return +1;

94 }

96 SPLAY_PROTOTYPE(clients_tree_id, client, sp_entry, clients_tree_cmp);

97 SPLAY_GENERATE(clients_tree_id, client, sp_entry, clients_tree_cmp)

99 static void

100 listener_sig_handler(int sig, short event, void *d)

102 	/*

103 	 * Normal signal handler rules don't apply because libevent

104 	 * decouples for us.

105 	 */

107 	switch (sig) {

108 	case SIGINT:

109 	case SIGTERM:

110 		listener_shutdown();

111 	default:

112 		fatalx("unexpected signal %d", sig);

116 void

117 listener(int debug, int verbose)

119 	struct event		 ev_sigint, ev_sigterm;

120 	struct passwd		*pw;

122 	/* listener_conf = config_new_empty(); */

124 	log_init(debug, LOG_DAEMON);

125 	log_setverbose(verbose);

127 	if ((pw = getpwnam(KD_USER)) == NULL)

128 		fatal("getpwnam");

130 	if (chroot(pw->pw_dir) == -1)

131 		fatal("chroot");

132 	if (chdir("/") == -1)

133 		fatal("chdir(\"/\")");

135 	setproctitle("listener");

136 	log_procinit("listener");

138 	if (setgroups(1, &pw->pw_gid) ||

139 	    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||

140 	    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))

141 		fatal("can't drop privileges");

143 	event_init();

145 	/* Setup signal handlers(s). */

146 	signal_set(&ev_sigint, SIGINT, listener_sig_handler, NULL);

147 	signal_set(&ev_sigterm, SIGTERM, listener_sig_handler, NULL);

149 	signal_add(&ev_sigint, NULL);

150 	signal_add(&ev_sigterm, NULL);

152 	signal(SIGPIPE, SIG_IGN);

153 	signal(SIGHUP, SIG_IGN);

155 	/* Setup pipe and event handler to the main process. */

156 	if ((iev_main = malloc(sizeof(*iev_main))) == NULL)

157 		fatal(NULL);

159 	imsg_init(&iev_main->ibuf, 3);

160 	iev_main->handler = listener_dispatch_main;

162 	/* Setup event handlers. */

163 	iev_main->events = EV_READ;

164 	event_set(&iev_main->ev, iev_main->ibuf.fd, iev_main->events,

165 	    iev_main->handler, iev_main);

166 	event_add(&iev_main->ev, NULL);

168 	sandbox_listener();

169 	event_dispatch();

170 	listener_shutdown();

173 __dead void

174 listener_shutdown(void)

176 	msgbuf_clear(&iev_main->ibuf.w);

177 	close(iev_main->ibuf.fd);

179 	clear_config(listener_conf);

181 	free(iev_main);

183 	log_info("listener exiting");

184 	exit(0);

187 static void

188 listener_receive_config(struct imsg *imsg, struct kd_conf **nconf,

189     struct kd_pki_conf **pki)

191 	struct kd_listen_conf *listen;

192 	char *t;

194 	switch (imsg->hdr.type) {

195 	case IMSG_RECONF_CONF:

196 		if (*nconf != NULL)

197 			fatalx("%s: IMSG_RECONF_CONF already in "

198 			    "progress", __func__);

200 		if (listener_conf != NULL)

201 			fatalx("%s: don't know how reload the "

202 			    "configuration yet", __func__);

204 		if (IMSG_DATA_SIZE(*imsg) != sizeof(struct kd_conf))

205 			fatalx("%s: IMSG_RECONF_CONF wrong length: %lu",

206 			    __func__, IMSG_DATA_SIZE(*imsg));

207 		if ((*nconf = malloc(sizeof(**nconf))) == NULL)

208 			fatal(NULL);

209 		memcpy(*nconf, imsg->data, sizeof(**nconf));

210 		STAILQ_INIT(&(*nconf)->pki_head);

211 		STAILQ_INIT(&(*nconf)->table_head);

212 		STAILQ_INIT(&(*nconf)->listen_head);

213 		break;

214 	case IMSG_RECONF_PKI:

215 		if (*nconf == NULL)

216 			fatalx("%s: IMSG_RECONF_PKI without "

217 			    "IMSG_RECONF_CONF", __func__);

218 		*pki = xcalloc(1, sizeof(**pki));

219 		t = imsg->data;

220 		t[IMSG_DATA_SIZE(*imsg)-1] = '\0';

221 		strlcpy((*pki)->name, t, sizeof((*pki)->name));

222 		break;

223 	case IMSG_RECONF_PKI_CERT:

224 		if (*pki == NULL)

225 			fatalx("%s: IMSG_RECONF_PKI_CERT without "

226 			    "IMSG_RECONF_PKI", __func__);

227 		(*pki)->certlen = IMSG_DATA_SIZE(*imsg);

228 		(*pki)->cert = xmemdup(imsg->data, (*pki)->certlen);

229 		break;

230 	case IMSG_RECONF_PKI_KEY:

231 		if (*pki == NULL)

232 			fatalx("%s: IMSG_RECONF_PKI_KEY without "

233 			    "IMSG_RECONF_PKI", __func__);

234 		(*pki)->keylen = IMSG_DATA_SIZE(*imsg);

235 		(*pki)->key = xmemdup(imsg->data, (*pki)->keylen);

236 		STAILQ_INSERT_HEAD(&(*nconf)->pki_head, *pki, entry);

237 		pki = NULL;

238 		break;

239 	case IMSG_RECONF_LISTEN:

240 		if (*nconf == NULL)

241 			fatalx("%s: IMSG_RECONF_LISTEN without "

242 			    "IMSG_RECONF_CONF", __func__);

243 		if (IMSG_DATA_SIZE(*imsg) != sizeof(*listen))

244 			fatalx("%s: IMSG_RECONF_LISTEN wrong length: %lu",

245 			    __func__, IMSG_DATA_SIZE(*imsg));

246 		listen = xcalloc(1, sizeof(*listen));

247 		memcpy(listen, imsg->data, sizeof(*listen));

248 		memset(&listen->entry, 0, sizeof(listen->entry));

249 		if ((listen->fd = imsg->fd) == -1)

250 			fatalx("%s: IMSG_RECONF_LISTEN no fd",

251 			    __func__);

252 		listen->auth_table = NULL;

253 		memset(&listen->ev, 0, sizeof(listen->ev));

254 		STAILQ_INSERT_HEAD(&(*nconf)->listen_head, listen, entry);

255 		break;

256 	case IMSG_RECONF_END:

257 		if (*nconf == NULL)

258 			fatalx("%s: IMSG_RECONF_END without "

259 			    "IMSG_RECONF_CONF", __func__);

260 		apply_config(*nconf);

261 		*nconf = NULL;

262 		break;

266 static inline struct kd_listen_conf *

267 listen_by_id(uint32_t id)

269 	struct kd_listen_conf *l;

271 	STAILQ_FOREACH(l, &listener_conf->listen_head, entry) {

272 		if (l->id == id)

273 			return l;

275 	return NULL;

278 void

279 listener_dispatch_main(int fd, short event, void *d)

281 	static struct kd_conf		*nconf;

282 	static struct kd_pki_conf	*pki;

283 	struct kd_listen_conf		*listen;

284 	struct client			*client, find;

285 	struct imsg			 imsg;

286 	struct imsgev			*iev = d;

287 	struct imsgbuf			*ibuf;

288 	ssize_t				 n;

289 	int				 shut = 0;

291 	ibuf = &iev->ibuf;

293 	if (event & EV_READ) {

294 		if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)

295 			fatal("imsg_read error");

296 		if (n == 0)	/* Connection closed. */

297 			shut = 1;

299 	if (event & EV_WRITE) {

300 		if ((n = msgbuf_write(&ibuf->w)) == -1 && errno != EAGAIN)

301 			fatal("msgbuf_write");

302 		if (n == 0)	/* Connection closed. */

303 			shut = 1;

306 	for (;;) {

307 		if ((n = imsg_get(ibuf, &imsg)) == -1)

308 			fatal("%s: imsg_get error", __func__);

309 		if (n == 0)	/* No more messages. */

310 			break;

312 		switch (imsg.hdr.type) {

313 		case IMSG_CTL_LOG_VERBOSE:

314 			if (IMSG_DATA_SIZE(imsg) != sizeof(verbose))

315 				fatalx("wrong size for IMSG_CTL_LOG_VERBOSE");

316 			memcpy(&verbose, imsg.data, sizeof(verbose));

317 			log_setverbose(verbose);

318 			SPLAY_FOREACH(client, clients_tree_id, &clients)

319 				listener_imsg_compose_client(client,

320 				    imsg.hdr.type, 0,

321 				    &verbose, sizeof(verbose));

322 			break;

323 		case IMSG_RECONF_CONF:

324 		case IMSG_RECONF_PKI:

325 		case IMSG_RECONF_PKI_CERT:

326 		case IMSG_RECONF_PKI_KEY:

327 		case IMSG_RECONF_LISTEN:

328 		case IMSG_RECONF_END:

329 			listener_receive_config(&imsg, &nconf, &pki);

330 			break;

331 		case IMSG_AUTH:

332 			if (IMSG_DATA_SIZE(imsg) != sizeof(struct kd_auth_proc))

333 				fatalx("mismatching size for IMSG_AUTH");

335 			find.id = imsg.hdr.peerid;

336 			client = SPLAY_FIND(clients_tree_id, &clients, &find);

337 			if (client == NULL) {

338 				if (imsg.fd != -1)

339 					close(imsg.fd);

340 				break;

342 			if (imsg.fd == -1) {

343 				log_info("got fd = -1, auth failed?");

344 				close_conn(client);

345 				break;

347 			imsg_init(&client->iev.ibuf, imsg.fd);

348 			client->iev.events = EV_READ;

349 			client->iev.handler = listener_dispatch_client;

350 			event_set(&client->iev.ev, client->iev.ibuf.fd,

351 			    client->iev.events, client->iev.handler, client);

352 			listener_imsg_compose_client(client, IMSG_AUTH,

353 			    client->id, imsg.data, IMSG_DATA_SIZE(imsg));

355 			client->bev = bufferevent_new(client->fd,

356 			    client_read, client_write, client_error,

357 			    client);

358 			if (client->bev == NULL) {

359 				log_info("failed to allocate client buffer");

360 				close_conn(client);

361 				return;

364 #if HAVE_EVENT2

365 			evbuffer_unfreeze(client->bev->input, 0);

366 			evbuffer_unfreeze(client->bev->output, 1);

367 #endif

369 			if (client->lflags & L_TLS) {

370 				event_set(&client->bev->ev_read, client->fd,

371 				    EV_READ, client_tls_readcb, client->bev);

372 				event_set(&client->bev->ev_write, client->fd,

373 				    EV_WRITE, client_tls_writecb, client->bev);

376 			/*

377 			 * Read or write at least a header before

378 			 * firing the callbacks.  High watermark of 0

379 			 * to never stop reading/writing; probably to

380 			 * be revisited.

381 			 */

382 			/* bufferevent_setwatermark(client->bev, EV_READ|EV_WRITE, */

383 			    /* sizeof(struct np_msg_header), 0); */

384 			bufferevent_enable(client->bev, EV_READ|EV_WRITE);

385 			break;

387 		default:

388 			log_debug("%s: unexpected imsg %d", __func__,

389 			    imsg.hdr.type);

390 			break;

392 		imsg_free(&imsg);

395 	if (!shut)

396 		listener_imsg_event_add(iev, d);

397 	else {

398 		/* This pipe is dead.  Remove its event handler. */

399 		event_del(&iev->ev);

400 		log_warnx("pipe closed, shutting down...");

401 		event_loopexit(NULL);

405 int

406 listener_imsg_compose_main(int type, uint32_t peerid, const void *data,

407     uint16_t datalen)

409 	return imsg_compose_event(iev_main, type, peerid, 0, -1, data,

410 	    datalen);

413 static void

414 listener_imsg_event_add(struct imsgev *iev, void *d)

416 	iev->events = EV_READ;

417 	if (iev->ibuf.w.queued)

418 		iev->events |= EV_WRITE;

420 	event_del(&iev->ev);

421 	event_set(&iev->ev, iev->ibuf.fd, iev->events, iev->handler, d);

422 	event_add(&iev->ev, NULL);

425 static void

426 listener_dispatch_client(int fd, short event, void *d)

428         struct client	 find, *client = d;

429 	struct imsg	 imsg;

430 	struct imsgev	*iev;

431 	struct imsgbuf	*ibuf;

432 	ssize_t		 n;

433 	int		 r, shut = 0;

435 	iev = &client->iev;

436 	ibuf = &iev->ibuf;

438 	if (event & EV_READ) {

439 		if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)

440 			fatal("imsg_read error");

441 		if (n == 0)	/* Connection closed */

442 			shut = 1;

445 	if (event & EV_WRITE) {

446 		if ((n = msgbuf_write(&ibuf->w)) == -1 && errno != EAGAIN)

447 			fatal("msgbuf_write");

448 		if (n == 0)	/* Connection closed. */

449 			shut = 1;

452 	for (;;) {

453 		if ((n = imsg_get(ibuf, &imsg)) == -1)

454 			fatal("%s: imsg_get error", __func__);

455 		if (n == 0)	/* No more messages. */

456 			break;

458 		switch (imsg.hdr.type) {

459 		case IMSG_BUF:

460 			find.id = imsg.hdr.peerid;

461 			client = SPLAY_FIND(clients_tree_id, &clients, &find);

462 			if (client == NULL) {

463 				log_info("got IMSG_BUF but client (%d) gone",

464 				    imsg.hdr.peerid);

465 				break;

467 			r = bufferevent_write(client->bev, imsg.data,

468 			    IMSG_DATA_SIZE(imsg));

469 			if (r == -1) {

470 				log_warn("%s: bufferevent_write failed",

471 				    __func__);

472 				close_conn(client);

473 				break;

475 			break;

477 		case IMSG_MSIZE:

478 			if (IMSG_DATA_SIZE(imsg) != sizeof(client->msize))

479 				fatal("IMSG_MSIZE size mismatch: "

480 				    "got %zu want %zu", IMSG_DATA_SIZE(imsg),

481 				    sizeof(client->msize));

483 			memcpy(&client->msize, imsg.data,

484 			    sizeof(client->msize));

486 			if (client->msize == 0)

487 				fatal("IMSG_MSIZE got msize = 0");

489 			break;

491 		case IMSG_CLOSE:

492 			/*

493 			 * Both EVBUFFER_READ or EVBUFFER_WRITE should

494 			 * be fine.

495 			 */

496 			client_error(client->bev, EVBUFFER_READ, client);

497 			break;

499 		default:

500 			log_debug("%s: unexpected imsg %d", __func__,

501 			    imsg.hdr.type);

502 			break;

504 		imsg_free(&imsg);

507 	if (!shut)

508 		listener_imsg_event_add(iev, d);

509 	else {

510 		/* This pipe is dead.  Remove its handler */

511 		log_debug("client proc vanished");

512                 close_conn(client);

516 static int

517 listener_imsg_compose_client(struct client *client, int type,

518     uint32_t peerid, const void *data, uint16_t len)

520 	int ret;

522 	if ((ret = imsg_compose(&client->iev.ibuf, type, peerid, 0, -1,

523 	    data, len)) != -1)

524 		listener_imsg_event_add(&client->iev, client);

526 	return ret;

529 static inline struct kd_pki_conf *

530 pki_by_name(const char *name)

532         struct kd_pki_conf *pki;

534 	STAILQ_FOREACH(pki, &listener_conf->pki_head, entry) {

535 		if (!strcmp(name, pki->name))

536 			return pki;

539 	return NULL;

542 static void

543 apply_config(struct kd_conf *conf)

545 	struct kd_pki_conf *pki;

546 	struct kd_listen_conf *listen;

547 	struct client *c;

549 	/* drop any pre-auth inflight connections */

550 	SPLAY_FOREACH(c, clients_tree_id, &clients) {

551 		/*

552 		 * c->event is set only during the handshake and the teardown

553 		 * of the connection; c->bev is set only after auth.  Checking

554 		 * for both ensures we drop only incoming connection in the

555 		 * pre-auth state.

556 		 */

557 		if (event_pending(&c->event, EV_READ|EV_WRITE, NULL) &&

558 		    c->bev == NULL) {

559 			log_warn("closing in-flight connection due to reload");

560 			close_conn(c);

564 	/* swap the now config with the current one */

565 	clear_config(listener_conf);

566 	listener_conf = conf;

568 	/* prepare the various tls_config */

569 	STAILQ_FOREACH(pki, &listener_conf->pki_head, entry) {

570 		if ((pki->tlsconf = tls_config_new()) == NULL)

571 			fatal("tls_config_new");

572 		tls_config_verify_client_optional(pki->tlsconf);

573 		tls_config_insecure_noverifycert(pki->tlsconf);

574 		if (tls_config_set_keypair_mem(pki->tlsconf,

575 		    pki->cert, pki->certlen,

576 		    pki->key, pki->keylen) == -1)

577 			fatalx("tls_config_set_keypair_mem: %s",

578 			    tls_config_error(pki->tlsconf));

581 	/* prepare and kickoff the listeners */

582 	STAILQ_FOREACH(listen, &listener_conf->listen_head, entry) {

583 		if ((listen->ctx = tls_server()) == NULL)

584 			fatal("tls_server");

586 		pki = pki_by_name(listen->pki);

587 		if (tls_configure(listen->ctx, pki->tlsconf) == -1)

588 			fatalx("tls_configure: %s",

589 			    tls_config_error(pki->tlsconf));

591 		event_set(&listen->ev, listen->fd, EV_READ|EV_PERSIST,

592 		    handle_accept, listen);

593 		event_add(&listen->ev, NULL);

597 static inline void

598 yield_r(struct client *c, void (*fn)(int, short, void *))

600 	if (event_pending(&c->event, EV_WRITE|EV_READ, NULL))

601 		event_del(&c->event);

602 	event_set(&c->event, c->fd, EV_READ, fn, c);

603 	event_add(&c->event, NULL);

606 static inline void

607 yield_w(struct client *c, void (*fn)(int, short, void *))

609 	if (event_pending(&c->event, EV_WRITE|EV_READ, NULL))

610 		event_del(&c->event);

611 	event_set(&c->event, c->fd, EV_WRITE, fn, c);

612 	event_add(&c->event, NULL);

615 static void

616 handle_accept(int fd, short ev, void *data)

618 	static uint32_t counter;

619 	struct kd_listen_conf *listen = data;

620 	struct client *c;

621 	int s;

623 	if ((s = accept(fd, NULL, NULL)) == -1) {

624 		log_warn("accept");

625 		return;

628 	c = xcalloc(1, sizeof(*c));

629 	c->msize = MSIZE9P;

630 	c->lid = listen->id;

631 	c->lflags = listen->flags;

632 	c->iev.ibuf.fd = -1;

634 	if (tls_accept_socket(listen->ctx, &c->ctx, s) == -1) {

635 		log_warnx("tls_accept_socket: %s",

636 		    tls_error(listen->ctx));

637 		free(c);

638 		close(s);

639 		return;

642 	c->fd = s;

643 	c->id = counter++;

645 	SPLAY_INSERT(clients_tree_id, &clients, c);

647 	/* initialize the event */

648 	event_set(&c->event, c->fd, EV_READ, NULL, NULL);

650 	yield_r(c, handle_handshake);

653 static void

654 handle_handshake(int fd, short ev, void *data)

656 	struct client *c = data;

657 	struct kd_auth_req auth;

658 	ssize_t r;

659 	const char *hash;

661 	switch (r = tls_handshake(c->ctx)) {

662 	case TLS_WANT_POLLIN:

663 		yield_r(c, handle_handshake);

664 		return;

665 	case TLS_WANT_POLLOUT:

666 		yield_w(c, handle_handshake);

667 		return;

668 	case -1:

669 		log_debug("handhsake failed: %s", tls_error(c->ctx));

670 		close_conn(c);

671 		return;

674 	if ((hash = tls_peer_cert_hash(c->ctx)) == NULL) {

675 		log_warnx("client didn't provide certificate");

676 		close_conn(c);

677 		return;

680 	memset(&auth, 0, sizeof(auth));

681 	auth.listen_id = c->lid;

682 	strlcpy(auth.hash, hash, sizeof(auth.hash));

683 	log_debug("sending hash %s", auth.hash);

685 	listener_imsg_compose_main(IMSG_AUTH_TLS, c->id,

686 	    &auth, sizeof(auth));

689 static void

690 client_read(struct bufferevent *bev, void *d)

692 	struct client	*client = d;

693 	struct evbuffer	*src = EVBUFFER_INPUT(bev);

694 	uint32_t	 len;

696 	for (;;) {

697 		if (EVBUFFER_LENGTH(src) < 4)

698 			return;

700 		memcpy(&len, EVBUFFER_DATA(src), sizeof(len));

701 		len = le32toh(len);

702 		log_debug("expecting a message %"PRIu32" bytes long "

703 		    "(of wich %zu already read)",

704 		    len, EVBUFFER_LENGTH(src));

706 		if (len < HEADERSIZE) {

707 			log_warnx("invalid message size %d (too low)", len);

708 			client_error(bev, EVBUFFER_READ, client);

709 			return;

712 		if (len > client->msize) {

713 			log_warnx("incoming message bigger than msize "

714 			    "(%"PRIu32" vs %"PRIu32")", len, client->msize);

715 			client_error(bev, EVBUFFER_READ, client);

716 			return;

719 		if (len > EVBUFFER_LENGTH(src))

720 			return;

722 		listener_imsg_compose_client(client, IMSG_BUF, client->id,

723 		    EVBUFFER_DATA(src), len);

724 		evbuffer_drain(src, len);

728 static void

729 client_write(struct bufferevent *bev, void *d)

731 	/*

732 	 * here we can do some fancy logic like deciding when to call

734 	 *	(*bev->errorcb)(bev, EVBUFFER_WRITE, bev->cbarg)

736 	 * to signal the end of the transaction.

737 	 */

739 	return;

742 static void

743 client_error(struct bufferevent *bev, short err, void *d)

745 	struct client	*client = d;

746 	struct evbuffer	*buf;

748         if (err & EVBUFFER_ERROR) {

749 		if (errno == EFBIG) {

750 			bufferevent_enable(bev, EV_READ);

751 			return;

753 		log_debug("buffer event error");

754                 close_conn(client);

755 		return;

758 	if (err & EVBUFFER_EOF) {

759                 close_conn(client);

760 		return;

763 	if (err & (EVBUFFER_READ|EVBUFFER_WRITE)) {

764 		bufferevent_disable(bev, EV_READ|EV_WRITE);

766 		buf = EVBUFFER_OUTPUT(client->bev);

767 		if (EVBUFFER_LENGTH(buf) != 0) {

768 			/* finish writing all the data first */

769 			bufferevent_enable(client->bev, EV_WRITE);

770 			return;

773 		close_conn(client);

774 		return;

777 	log_warnx("unknown event error, closing client connection");

778 	close_conn(client);

781 static void

782 client_tls_readcb(int fd, short event, void *d)

784 	struct bufferevent	*bufev = d;

785 	struct client		*client = bufev->cbarg;

786 	char			 buf[IBUF_READ_SIZE];

787 	int			 what = EVBUFFER_READ;

788 	int			 howmuch = IBUF_READ_SIZE;

789 	ssize_t			 ret;

790 	size_t			 len;

792 	if (event == EV_TIMEOUT) {

793 		what |= EVBUFFER_TIMEOUT;

794 		goto err;

797 	if (bufev->wm_read.high != 0)

798 		howmuch = MIN(sizeof(buf), bufev->wm_read.high);

800         switch (ret = tls_read(client->ctx, buf, howmuch)) {

801 	case TLS_WANT_POLLIN:

802 	case TLS_WANT_POLLOUT:

803 		goto retry;

804 	case -1:

805 		what |= EVBUFFER_ERROR;

806 		goto err;

808 	len = ret;

810 	if (len == 0) {

811 		what |= EVBUFFER_EOF;

812 		goto err;

815 	if (evbuffer_add(bufev->input, buf, len) == -1) {

816 		what |= EVBUFFER_ERROR;

817 		goto err;

820 	event_add(&bufev->ev_read, NULL);

822 	len = EVBUFFER_LENGTH(bufev->input);

823 	if (bufev->wm_read.low != 0 && len < bufev->wm_read.low)

824 		return;

825 	if (bufev->wm_read.high != 0 && len > bufev->wm_read.high) {

826 		/*

827 		 * here we could implement some read pressure

828 		 * mechanism.

829 		 */

832 	if (bufev->readcb != NULL)

833 		(*bufev->readcb)(bufev, bufev->cbarg);

835 	return;

837 retry:

838 	event_add(&bufev->ev_read, NULL);

839 	return;

841 err:

842 	(*bufev->errorcb)(bufev, what, bufev->cbarg);

845 static void

846 client_tls_writecb(int fd, short event, void *d)

848 	struct bufferevent	*bufev = d;

849 	struct client		*client = bufev->cbarg;

850 	ssize_t			 ret;

851 	size_t			 len;

852 	short			 what = EVBUFFER_WRITE;

854 	if (event == EV_TIMEOUT) {

855 		what |= EVBUFFER_TIMEOUT;

856 		goto err;

859 	if (EVBUFFER_LENGTH(bufev->output) != 0) {

860 		ret = tls_write(client->ctx,

861 		    EVBUFFER_DATA(bufev->output),

862 		    EVBUFFER_LENGTH(bufev->output));

863 		switch (ret) {

864 		case TLS_WANT_POLLIN:

865 		case TLS_WANT_POLLOUT:

866 			goto retry;

867 		case -1:

868 			what |= EVBUFFER_ERROR;

869 			goto err;

871 		len = ret;

872 		evbuffer_drain(bufev->output, len);

875 	if (EVBUFFER_LENGTH(bufev->output) != 0)

876 		event_add(&bufev->ev_write, NULL);

878 	if (bufev->writecb != NULL &&

879 	    EVBUFFER_LENGTH(bufev->output) <= bufev->wm_write.low)

880 		(*bufev->writecb)(bufev, bufev->cbarg);

881 	return;

883 retry:

884 	event_add(&bufev->ev_write, NULL);

885 	return;

887 err:

888 	(*bufev->errorcb)(bufev, what, bufev->cbarg);

891 static void

892 close_conn(struct client *c)

894 	log_debug("closing connection");

896 	SPLAY_REMOVE(clients_tree_id, &clients, c);

898 	if (c->iev.ibuf.fd != -1) {

899 		listener_imsg_compose_client(c, IMSG_CONN_GONE, 0, NULL, 0);

900 		imsg_flush(&c->iev.ibuf);

901 		msgbuf_clear(&c->iev.ibuf.w);

902 		event_del(&c->iev.ev);

903 		close(c->iev.ibuf.fd);

906 	handle_close(c->fd, 0, c);

909 static void

910 handle_close(int fd, short ev, void *d)

912 	struct client *c = d;

914 	switch (tls_close(c->ctx)) {

915 	case TLS_WANT_POLLIN:

916 		yield_r(c, handle_close);

917 		return;

918 	case TLS_WANT_POLLOUT:

919 		yield_w(c, handle_close);

920 		return;

923 	event_del(&c->event);

924 	tls_free(c->ctx);

925 	close(c->fd);

926 	free(c);