/* * stunnel Universal SSL tunnel * Copyright (C) 1998-2012 Michal Trojnara * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your * option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * See the GNU General Public License for more details. * * You should have received a copy of the GNU General Public License along * with this program; if not, see . * * Linking stunnel statically or dynamically with other modules is making * a combined work based on stunnel. Thus, the terms and conditions of * the GNU General Public License cover the whole combination. * * In addition, as a special exception, the copyright holder of stunnel * gives you permission to combine stunnel with free software programs or * libraries that are released under the GNU LGPL and with code included * in the standard release of OpenSSL under the OpenSSL License (or * modified versions of such code, with unchanged license). You may copy * and distribute such a system following the terms of the GNU GPL for * stunnel and the licenses of the other code concerned. * * Note that people who make modified versions of stunnel are not obligated * to grant this special exception for their modified versions; it is their * choice whether to do so. The GNU General Public License gives permission * to release a modified version without this exception; this exception * also makes it possible to release a modified version which carries * forward this exception. */ #include "common.h" #include "prototypes.h" /* http://www.openssl.org/support/faq.html#PROG2 */ #ifdef USE_WIN32 #ifdef __GNUC__ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-pedantic" #endif /* __GNUC__ */ #include #ifdef __GNUC__ #pragma GCC diagnostic pop #endif /* __GNUC__ */ #endif /* USE_WIN32 */ /**************************************** prototypes */ #ifdef __INNOTEK_LIBC__ struct sockaddr_un { u_char sun_len; /* sockaddr len including null */ u_char sun_family; /* AF_OS2 or AF_UNIX */ char sun_path[108]; /* path name */ }; #endif #ifndef USE_WIN32 static int main_unix(int, char*[]); #endif static int accept_connection(SERVICE_OPTIONS *); #ifdef HAVE_CHROOT static int change_root(void); #endif #if !defined(USE_WIN32) && !defined(__vms) static int daemonize(int); static int create_pid(void); static void delete_pid(void); #endif #if !defined(USE_WIN32) && !defined(USE_OS2) static void signal_handler(int); #endif static int signal_pipe_init(void); static int signal_pipe_dispatch(void); #ifdef USE_FORK static void client_status(void); /* dead children detected */ #endif /**************************************** global variables */ static int signal_pipe[2]={-1, -1}; #ifndef USE_FORK int max_clients=0; volatile int num_clients=0; /* current number of clients */ #endif s_poll_set *fds; /* file descriptors of listening sockets */ /**************************************** startup */ #ifndef USE_WIN32 int main(int argc, char* argv[]) { /* execution begins here 8-) */ int retval; #ifdef M_MMAP_THRESHOLD mallopt(M_MMAP_THRESHOLD, 4096); #endif str_init(); /* initialize per-thread string management */ retval=main_unix(argc, argv); unbind_ports(); s_poll_free(fds); fds=NULL; str_stats(); log_flush(LOG_MODE_ERROR); return retval; } static int main_unix(int argc, char* argv[]) { #if !defined(__vms) && !defined(USE_OS2) int fd; fd=open("/dev/null", O_RDWR); /* open /dev/null before chroot */ if(fd<0) fatal("Could not open /dev/null"); #endif /* standard Unix */ main_initialize(); if(main_configure(argc>1 ? argv[1] : NULL, argc>2 ? argv[2] : NULL)) return 1; if(service_options.next) { /* there are service sections -> daemon mode */ #if !defined(__vms) && !defined(USE_OS2) if(daemonize(fd)) return 1; close(fd); /* create_pid() must be called after drop_privileges() * or it won't be possible to remove the file on exit */ /* create_pid() must be called after daemonize() * since the final pid is not known beforehand */ if(create_pid()) return 1; #endif /* standard Unix */ signal(SIGCHLD, signal_handler); /* handle dead children */ signal(SIGHUP, signal_handler); /* configuration reload */ signal(SIGUSR1, signal_handler); /* log reopen */ signal(SIGPIPE, SIG_IGN); /* ignore broken pipe */ if(signal(SIGTERM, SIG_IGN)!=SIG_IGN) signal(SIGTERM, signal_handler); /* fatal */ if(signal(SIGQUIT, SIG_IGN)!=SIG_IGN) signal(SIGQUIT, signal_handler); /* fatal */ if(signal(SIGINT, SIG_IGN)!=SIG_IGN) signal(SIGINT, signal_handler); /* fatal */ daemon_loop(); } else { /* inetd mode */ #if !defined(__vms) && !defined(USE_OS2) close(fd); #endif /* standard Unix */ signal(SIGCHLD, SIG_IGN); /* ignore dead children */ signal(SIGPIPE, SIG_IGN); /* ignore broken pipe */ client_main(alloc_client_session(&service_options, 0, 1)); } return 0; } #endif void main_initialize() { /* one-time initialization */ /* basic initialization contains essential functions required for logging * subsystem to function properly, thus all errors here are fatal */ if(ssl_init()) /* initialize SSL library */ fatal("SSL initialization failed"); if(sthreads_init()) /* initialize critical sections & SSL callbacks */ fatal("Threads initialization failed"); #ifndef USE_FORK get_limits(); /* required by setup_fd() */ #endif fds=s_poll_alloc(); if(signal_pipe_init()) fatal("Signal pipe initialization failed: " "check your personal firewall"); stunnel_info(LOG_NOTICE); } /* configuration-dependent initialization */ int main_configure(char *arg1, char *arg2) { if(parse_commandline(arg1, arg2)) return 1; str_canary_init(); /* needs prng initialization from parse_commandline */ #if !defined(USE_WIN32) && !defined(__vms) /* syslog_open() must be called before change_root() * to be able to access /dev/log socket */ syslog_open(); #endif /* !defined(USE_WIN32) && !defined(__vms) */ if(bind_ports()) return 1; #ifdef HAVE_CHROOT /* change_root() must be called before drop_privileges() * since chroot() needs root privileges */ if(change_root()) return 1; #endif /* HAVE_CHROOT */ #if !defined(USE_WIN32) && !defined(__vms) && !defined(USE_OS2) if(drop_privileges(1)) return 1; #endif /* standard Unix */ /* log_open() must be be called after drop_privileges() * or logfile rotation won't be possible */ /* log_open() must be be called before daemonize() * since daemonize() invalidates stderr */ log_open(); return 0; } /**************************************** main loop accepting connections */ void daemon_loop(void) { SERVICE_OPTIONS *opt; int temporary_lack_of_resources; while(1) { temporary_lack_of_resources=0; if(s_poll_wait(fds, -1, -1)>=0) { if(s_poll_canread(fds, signal_pipe[0])) if(signal_pipe_dispatch()) /* received SIGNAL_TERMINATE */ break; /* terminate daemon_loop */ for(opt=service_options.next; opt; opt=opt->next) if(opt->option.accept && s_poll_canread(fds, opt->fd)) if(accept_connection(opt)) temporary_lack_of_resources=1; } else { log_error(LOG_NOTICE, get_last_socket_error(), "daemon_loop: s_poll_wait"); temporary_lack_of_resources=1; } if(temporary_lack_of_resources) { s_log(LOG_NOTICE, "Accepting new connections suspended for 1 second"); sleep(1); /* to avoid log trashing */ } } } /* return 1 when a short delay is needed before another try */ static int accept_connection(SERVICE_OPTIONS *opt) { SOCKADDR_UNION addr; char *from_address; int s; socklen_t addrlen; addrlen=sizeof addr; for(;;) { s=s_accept(opt->fd, &addr.sa, &addrlen, 1, "local socket"); if(s>=0) /* success! */ break; switch(get_last_socket_error()) { case S_EINTR: /* interrupted by a signal */ break; /* retry now */ case S_EMFILE: #ifdef S_ENFILE case S_ENFILE: #endif #ifdef S_ENOBUFS case S_ENOBUFS: #endif #ifdef S_ENOMEM case S_ENOMEM: #endif return 1; /* temporary lack of resources */ default: return 0; /* any other error */ } } from_address=s_ntop(&addr, addrlen); s_log(LOG_DEBUG, "Service [%s] accepted (FD=%d) from %s", opt->servname, s, from_address); str_free(from_address); #ifndef USE_FORK if(max_clients && num_clients>=max_clients) { s_log(LOG_WARNING, "Connection rejected: too many clients (>=%d)", max_clients); closesocket(s); return 0; } #endif if(create_client(opt->fd, s, alloc_client_session(opt, s, s), client_thread)) { s_log(LOG_ERR, "Connection rejected: create_client failed"); closesocket(s); return 0; } return 0; } /**************************************** initialization helpers */ /* clear fds, close old ports */ void unbind_ports(void) { SERVICE_OPTIONS *opt; #ifdef HAVE_STRUCT_SOCKADDR_UN struct stat st; /* buffer for stat */ #endif s_poll_init(fds); s_poll_add(fds, signal_pipe[0], 1, 0); for(opt=service_options.next; opt; opt=opt->next) if(opt->option.accept && opt->fd>=0) { closesocket(opt->fd); s_log(LOG_DEBUG, "Service [%s] closed (FD=%d)", opt->servname, opt->fd); opt->fd=-1; #ifdef HAVE_STRUCT_SOCKADDR_UN if(opt->local_addr.sa.sa_family==AF_UNIX) { if(lstat(opt->local_addr.un.sun_path, &st)) sockerror(opt->local_addr.un.sun_path); else if(!S_ISSOCK(st.st_mode)) s_log(LOG_ERR, "Not a socket: %s", opt->local_addr.un.sun_path); else if(unlink(opt->local_addr.un.sun_path)) sockerror(opt->local_addr.un.sun_path); else s_log(LOG_DEBUG, "Socket removed: %s", opt->local_addr.un.sun_path); } #endif } } /* open new ports, update fds */ int bind_ports(void) { SERVICE_OPTIONS *opt; char *local_address; #ifdef USE_LIBWRAP /* execute after parse_commandline() to know service_options.next, * but as early as possible to avoid leaking file descriptors */ /* retry on each bind_ports() in case stunnel.conf was reloaded without "libwrap = no" */ libwrap_init(); #endif /* USE_LIBWRAP */ s_poll_init(fds); s_poll_add(fds, signal_pipe[0], 1, 0); /* allow clean unbind_ports() even though bind_ports() was not fully performed */ for(opt=service_options.next; opt; opt=opt->next) if(opt->option.accept) opt->fd=-1; for(opt=service_options.next; opt; opt=opt->next) { if(opt->option.accept) { opt->fd=s_socket(opt->local_addr.sa.sa_family, SOCK_STREAM, 0, 1, "accept socket"); if(opt->fd<0) return 1; if(set_socket_options(opt->fd, 0)<0) { closesocket(opt->fd); return 1; } /* local socket can't be unnamed */ local_address=s_ntop(&opt->local_addr, addr_len(&opt->local_addr)); if(bind(opt->fd, &opt->local_addr.sa, addr_len(&opt->local_addr))) { s_log(LOG_ERR, "Error binding service [%s] to %s", opt->servname, local_address); sockerror("bind"); closesocket(opt->fd); str_free(local_address); return 1; } if(listen(opt->fd, SOMAXCONN)) { sockerror("listen"); closesocket(opt->fd); str_free(local_address); return 1; } s_poll_add(fds, opt->fd, 1, 0); s_log(LOG_DEBUG, "Service [%s] (FD=%d) bound to %s", opt->servname, opt->fd, local_address); str_free(local_address); } else if(opt->option.program && opt->option.remote) { /* create exec+connect services */ create_client(-1, -1, alloc_client_session(opt, -1, -1), client_thread); } } return 0; /* OK */ } #ifdef HAVE_CHROOT static int change_root(void) { if(!global_options.chroot_dir) return 0; if(chroot(global_options.chroot_dir)) { sockerror("chroot"); return 1; } if(chdir("/")) { sockerror("chdir"); return 1; } return 0; } #endif /* HAVE_CHROOT */ #if !defined(USE_WIN32) && !defined(__vms) && !defined(USE_OS2) int drop_privileges(int critical) { #ifdef HAVE_SETGROUPS gid_t gr_list[1]; #endif /* set uid and gid */ if(global_options.gid) { if(setgid(global_options.gid) && critical) { sockerror("setgid"); return 1; } #ifdef HAVE_SETGROUPS gr_list[0]=global_options.gid; if(setgroups(1, gr_list) && critical) { sockerror("setgroups"); return 1; } #endif } if(global_options.uid) { if(setuid(global_options.uid) && critical) { sockerror("setuid"); return 1; } } return 0; } static int daemonize(int fd) { /* go to background */ if(global_options.option.foreground) return 0; dup2(fd, 0); dup2(fd, 1); dup2(fd, 2); #if defined(HAVE_DAEMON) && !defined(__BEOS__) /* set noclose option when calling daemon() function, * so it does not require /dev/null device in the chrooted directory */ if(daemon(0, 1)==-1) { ioerror("daemon"); return 1; } #else chdir("/"); switch(fork()) { case -1: /* fork failed */ ioerror("fork"); return 1; case 0: /* child */ break; default: /* parent */ exit(0); } #endif #ifdef HAVE_SETSID setsid(); /* ignore the error */ #endif return 0; } static int create_pid(void) { int pf; char *pid; if(!global_options.pidfile) { s_log(LOG_DEBUG, "No pid file being created"); return 0; } if(global_options.pidfile[0]!='/') { /* to prevent creating pid file relative to '/' after daemonize() */ s_log(LOG_ERR, "Pid file (%s) must be full path name", global_options.pidfile); return 1; } global_options.dpid=(unsigned long)getpid(); /* silently remove old pid file */ unlink(global_options.pidfile); pf=open(global_options.pidfile, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL, 0644); if(pf==-1) { s_log(LOG_ERR, "Cannot create pid file %s", global_options.pidfile); ioerror("create"); return 1; } pid=str_printf("%lu\n", global_options.dpid); write(pf, pid, strlen(pid)); str_free(pid); close(pf); s_log(LOG_DEBUG, "Created pid file %s", global_options.pidfile); atexit(delete_pid); return 0; } static void delete_pid(void) { if((unsigned long)getpid()!=global_options.dpid) return; /* current process is not main daemon process */ s_log(LOG_DEBUG, "removing pid file %s", global_options.pidfile); if(unlink(global_options.pidfile)<0) ioerror(global_options.pidfile); /* not critical */ } #endif /* standard Unix */ /**************************************** signal pipe handling */ static int signal_pipe_init(void) { #ifdef USE_WIN32 if(make_sockets(signal_pipe)) return 1; #elif defined(__INNOTEK_LIBC__) /* Innotek port of GCC can not use select on a pipe: * use local socket instead */ struct sockaddr_un un; fd_set set_pipe; int pipe_in; FD_ZERO(&set_pipe); signal_pipe[0]=s_socket(PF_OS2, SOCK_STREAM, 0, 0, "socket#1"); signal_pipe[1]=s_socket(PF_OS2, SOCK_STREAM, 0, 0, "socket#2"); /* connect the two endpoints */ memset(&un, 0, sizeof un); un.sun_len=sizeof un; un.sun_family=AF_OS2; sprintf(un.sun_path, "\\socket\\stunnel-%u", getpid()); /* make the first endpoint listen */ bind(signal_pipe[0], (struct sockaddr *)&un, sizeof un); listen(signal_pipe[0], 1); connect(signal_pipe[1], (struct sockaddr *)&un, sizeof un); FD_SET(signal_pipe[0], &set_pipe); if(select(signal_pipe[0]+1, &set_pipe, NULL, NULL, NULL)>0) { pipe_in=signal_pipe[0]; signal_pipe[0]=s_accept(signal_pipe[0], NULL, 0, 0, "accept"); closesocket(pipe_in); } else { sockerror("select"); return 1; } #else /* Unix */ if(s_pipe(signal_pipe, 1, "signal_pipe")) return 1; #endif /* USE_WIN32 */ return 0; } void signal_post(int sig) { writesocket(signal_pipe[1], (char *)&sig, sizeof sig); } static int signal_pipe_dispatch(void) { int sig, err; s_log(LOG_DEBUG, "Dispatching signals from the signal pipe"); while(readsocket(signal_pipe[0], (char *)&sig, sizeof sig)==sizeof sig) { switch(sig) { #ifndef USE_WIN32 case SIGCHLD: s_log(LOG_DEBUG, "Processing SIGCHLD"); #ifdef USE_FORK client_status(); /* report status of client process */ #else /* USE_UCONTEXT || USE_PTHREAD */ child_status(); /* report status of libwrap or 'exec' process */ #endif /* defined USE_FORK */ break; #endif /* !defind USE_WIN32 */ case SIGNAL_RELOAD_CONFIG: s_log(LOG_DEBUG, "Processing SIGNAL_RELOAD_CONFIG"); err=parse_conf(NULL, CONF_RELOAD); if(err) { s_log(LOG_ERR, "Failed to reload the configuration file"); } else { unbind_ports(); log_close(); apply_conf(); log_open(); if(bind_ports()) { /* FIXME: handle the error */ } } break; case SIGNAL_REOPEN_LOG: s_log(LOG_DEBUG, "Processing SIGNAL_REOPEN_LOG"); log_close(); log_open(); s_log(LOG_NOTICE, "Log file reopened"); break; case SIGNAL_TERMINATE: s_log(LOG_DEBUG, "Processing SIGNAL_TERMINATE"); s_log(LOG_NOTICE, "Terminated"); return 2; default: s_log(LOG_ERR, "Received signal %d; terminating", sig); return 1; } } s_log(LOG_DEBUG, "Signal pipe is empty"); return 0; } #ifdef USE_FORK static void client_status(void) { /* dead children detected */ int pid, status; #ifdef HAVE_WAIT_FOR_PID while((pid=wait_for_pid(-1, &status, WNOHANG))>0) { #else if((pid=wait(&status))>0) { #endif #ifdef WIFSIGNALED if(WIFSIGNALED(status)) { s_log(LOG_DEBUG, "Process %d terminated on signal %d", pid, WTERMSIG(status)); } else { s_log(LOG_DEBUG, "Process %d finished with code %d", pid, WEXITSTATUS(status)); } } #else s_log(LOG_DEBUG, "Process %d finished with code %d", pid, status); } #endif } #endif /* defined USE_FORK */ #if !defined(USE_WIN32) && !defined(USE_OS2) void child_status(void) { /* dead libwrap or 'exec' process detected */ int pid, status; #ifdef HAVE_WAIT_FOR_PID while((pid=wait_for_pid(-1, &status, WNOHANG))>0) { #else if((pid=wait(&status))>0) { #endif #ifdef WIFSIGNALED if(WIFSIGNALED(status)) { s_log(LOG_INFO, "Child process %d terminated on signal %d", pid, WTERMSIG(status)); } else { s_log(LOG_INFO, "Child process %d finished with code %d", pid, WEXITSTATUS(status)); } #else s_log(LOG_INFO, "Child process %d finished with status %d", pid, status); #endif } } static void signal_handler(int sig) { int saved_errno; saved_errno=errno; signal_post(sig); signal(sig, signal_handler); errno=saved_errno; } #endif /* !defined(USE_WIN32) && !defined(USE_OS2) */ /**************************************** log messages to identify build */ void stunnel_info(int level) { s_log(level, "stunnel " STUNNEL_VERSION " on " HOST " platform"); if(SSLeay()==SSLEAY_VERSION_NUMBER) { s_log(level, "Compiled/running with " OPENSSL_VERSION_TEXT); } else { s_log(level, "Compiled with " OPENSSL_VERSION_TEXT); s_log(level, "Running with %s", SSLeay_version(SSLEAY_VERSION)); s_log(level, "Update OpenSSL shared libraries or rebuild stunnel"); } s_log(level, "Threading:" #ifdef USE_UCONTEXT "UCONTEXT" #endif #ifdef USE_PTHREAD "PTHREAD" #endif #ifdef USE_WIN32 "WIN32" #endif #ifdef USE_FORK "FORK" #endif " SSL:" #if defined HAVE_OSSL_ENGINE_H || defined HAVE_OSSL_OCSP_H || defined USE_FIPS #ifdef HAVE_OSSL_ENGINE_H "+ENGINE" #endif #ifdef HAVE_OSSL_OCSP_H "+OCSP" #endif #ifdef USE_FIPS "+FIPS" #endif #else "none" #endif " Auth:" #ifdef USE_LIBWRAP "LIBWRAP" #else "none" #endif " Sockets:" #ifdef USE_POLL "POLL" #else /* defined(USE_POLL) */ "SELECT" #endif /* defined(USE_POLL) */ "+IPv%c", #if defined(USE_WIN32) && !defined(_WIN32_WCE) s_getaddrinfo ? '6' : '4' #else /* defined(USE_WIN32) */ #if defined(USE_IPv6) '6' #else /* defined(USE_IPv6) */ '4' #endif /* defined(USE_IPv6) */ #endif /* defined(USE_WIN32) */ ); } /* end of stunnel.c */