Prevent ospf6d from starting when another process is listening on the

control socket.

ok florian@

diff --git a/usr.sbin/ospf6d/control.c b/usr.sbin/ospf6d/control.c
index 29bb254..191d09c 100644 (file)
--- a/usr.sbin/ospf6d/control.c
+++ b/usr.sbin/ospf6d/control.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: control.c,v 1.26 2017/08/12 16:27:50 benno Exp $ */
+/*     $OpenBSD: control.c,v 1.27 2018/09/01 19:21:10 remi Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -38,6 +38,33 @@ struct ctl_conn      *control_connbyfd(int);
 struct ctl_conn        *control_connbypid(pid_t);
 void            control_close(int);
 
+int
+control_check(char *path)
+{
+       struct sockaddr_un       sun;
+       int                      fd;
+
+       bzero(&sun, sizeof(sun));
+       sun.sun_family = AF_UNIX;
+       strlcpy(sun.sun_path, path, sizeof(sun.sun_path));
+
+       if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
+               log_warn("control_check: socket check");
+               return (-1);
+       }
+
+       if (connect(fd, (struct sockaddr *)&sun, sizeof(sun)) == 0) {
+               log_warnx("control_check: socket in use");
+               close(fd);
+               return (-1);
+       }
+
+       close(fd);
+
+       return (0);
+}
+
+
 int
 control_init(char *path)
 {
@@ -78,9 +105,7 @@ control_init(char *path)
                return (-1);
        }
 
-       control_state.fd = fd;
-
-       return (0);
+       return (fd);
 }
 
 int

diff --git a/usr.sbin/ospf6d/control.h b/usr.sbin/ospf6d/control.h
index c71a818..dc91fd0 100644 (file)
--- a/usr.sbin/ospf6d/control.h
+++ b/usr.sbin/ospf6d/control.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: control.h,v 1.5 2015/02/10 05:39:10 claudio Exp $ */
+/*     $OpenBSD: control.h,v 1.6 2018/09/01 19:21:10 remi Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -34,6 +34,7 @@ struct ctl_conn {
        struct imsgev           iev;
 };
 
+int    control_check(char *);
 int    control_init(char *);
 int    control_listen(void);
 void   control_accept(int, short, void *);

diff --git a/usr.sbin/ospf6d/ospf6d.c b/usr.sbin/ospf6d/ospf6d.c
index e8ef83f..440907c 100644 (file)
--- a/usr.sbin/ospf6d/ospf6d.c
+++ b/usr.sbin/ospf6d/ospf6d.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ospf6d.c,v 1.38 2018/07/12 13:45:03 remi Exp $ */
+/*     $OpenBSD: ospf6d.c,v 1.39 2018/09/01 19:21:10 remi Exp $ */
 
 /*
  * Copyright (c) 2005 Claudio Jeker <claudio@openbsd.org>
@@ -115,6 +115,7 @@ main(int argc, char *argv[])
        int                      mib[4];
        size_t                   len;
        char                    *sockname = NULL;
+       int                      control_fd;
 
        conffile = CONF_FILE;
        ospfd_process = PROC_MAIN;
@@ -209,6 +210,9 @@ main(int argc, char *argv[])
        log_init(debug, LOG_DAEMON);
        log_setverbose(ospfd_conf->opts & OSPFD_OPT_VERBOSE);
 
+       if ((control_check(ospfd_conf->csock)) == -1)
+               fatalx("control socket check failed");
+
        if (!debug)
                daemon(1, 0);
 
@@ -266,6 +270,10 @@ main(int argc, char *argv[])
            iev_rde->handler, iev_rde);
        event_add(&iev_rde->ev, NULL);
 
+       if ((control_fd = control_init(ospfd_conf->csock)) == -1)
+               fatalx("control socket setup failed");
+       main_imsg_compose_ospfe_fd(IMSG_CONTROLFD, 0, control_fd);
+
        if (kr_init(!(ospfd_conf->flags & OSPFD_FLAG_NO_FIB_UPDATE),
            ospfd_conf->rdomain) == -1)
                fatalx("kr_init failed");
@@ -456,6 +464,14 @@ main_imsg_compose_ospfe(int type, pid_t pid, void *data, u_int16_t datalen)
        imsg_compose_event(iev_ospfe, type, 0, pid, -1, data, datalen);
 }
 
+void
+main_imsg_compose_ospfe_fd(int type, pid_t pid, int fd)
+{
+       if (iev_ospfe == NULL)
+               return;
+       imsg_compose_event(iev_ospfe, type, 0, pid, fd, NULL, 0);
+}
+
 void
 main_imsg_compose_rde(int type, pid_t pid, void *data, u_int16_t datalen)
 {

diff --git a/usr.sbin/ospf6d/ospf6d.h b/usr.sbin/ospf6d/ospf6d.h
index 2597289..38193ff 100644 (file)
--- a/usr.sbin/ospf6d/ospf6d.h
+++ b/usr.sbin/ospf6d/ospf6d.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ospf6d.h,v 1.37 2018/07/12 13:45:03 remi Exp $ */
+/*     $OpenBSD: ospf6d.h,v 1.38 2018/09/01 19:21:10 remi Exp $ */
 
 /*
  * Copyright (c) 2004, 2007 Esben Norby <norby@openbsd.org>
@@ -99,6 +99,7 @@ enum imsg_type {
        IMSG_CTL_KROUTE_ADDR,
        IMSG_CTL_END,
        IMSG_CTL_LOG_VERBOSE,
+       IMSG_CONTROLFD,
        IMSG_KROUTE_CHANGE,
        IMSG_KROUTE_DELETE,
        IMSG_IFINFO,
@@ -577,6 +578,7 @@ void                 rtlabel_tag(u_int16_t, u_int32_t);
 
 /* ospf6d.c */
 void   main_imsg_compose_ospfe(int, pid_t, void *, u_int16_t);
+void   main_imsg_compose_ospfe_fd(int, pid_t, int);
 void   main_imsg_compose_rde(int, pid_t, void *, u_int16_t);
 int    ospf_redistribute(struct kroute *, u_int32_t *);
 void   merge_config(struct ospfd_conf *, struct ospfd_conf *);

diff --git a/usr.sbin/ospf6d/ospfe.c b/usr.sbin/ospf6d/ospfe.c
index 3f03589..b6dfe33 100644 (file)
--- a/usr.sbin/ospf6d/ospfe.c
+++ b/usr.sbin/ospf6d/ospfe.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ospfe.c,v 1.54 2018/07/12 13:45:03 remi Exp $ */
+/*     $OpenBSD: ospfe.c,v 1.55 2018/09/01 19:21:10 remi Exp $ */
 
 /*
  * Copyright (c) 2005 Claudio Jeker <claudio@openbsd.org>
@@ -88,10 +88,6 @@ ospfe(struct ospfd_conf *xconf, int pipe_parent2ospfe[2], int pipe_ospfe2rde[2],
                return (pid);
        }
 
-       /* create ospfd control socket outside chroot */
-       if (control_init(xconf->csock) == -1)
-               fatalx("control socket setup failed");
-
        /* create the raw ip socket */
        if ((xconf->ospf_socket = socket(AF_INET6,
            SOCK_RAW | SOCK_CLOEXEC | SOCK_NONBLOCK, IPPROTO_OSPF)) == -1)
@@ -133,7 +129,7 @@ ospfe(struct ospfd_conf *xconf, int pipe_parent2ospfe[2], int pipe_ospfe2rde[2],
            setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
                fatal("can't drop privileges");
 
-       if (pledge("stdio inet mcast", NULL) == -1)
+       if (pledge("stdio inet mcast recvfd", NULL) == -1)
                fatal("pledge");
 
        event_init();
@@ -445,6 +441,17 @@ ospfe_dispatch_main(int fd, short event, void *bula)
                case IMSG_CTL_END:
                        control_imsg_relay(&imsg);
                        break;
+               case IMSG_CONTROLFD:
+                       if ((fd = imsg.fd) == -1)
+                               fatalx("%s: expected to receive imsg control"
+                                   "fd but didn't receive any", __func__);
+                       control_state.fd = fd;
+                       /* Listen on control socket. */
+                       TAILQ_INIT(&ctl_conns);
+                       control_listen();
+                       if (pledge("stdio inet mcast", NULL) == -1)
+                               fatal("pledge");
+                       break;
                default:
                        log_debug("ospfe_dispatch_main: error handling imsg %d",
                            imsg.hdr.type);