* Copyright (c) 1998 The NetBSD Foundation, Inc.

/* $NetBSD: unfdpass.c,v 1.12 2021/08/08 20:54:48 nia Exp $ */

/*-
* Copyright (c) 1998 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
* by Jason R. Thorpe of the Numerical Aerospace Simulation Facility,
* NASA Ames Research Center.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/

/*
* Test passing of file descriptors and credentials over Unix domain sockets.
*/

#include <sys/param.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/wait.h>
#include <sys/un.h>
#include <sys/uio.h>
#include <sys/stat.h>

#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <signal.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>

#define SOCK_NAME "test-sock"

int main(int, char *[]);
void child(void);
void catch_sigchld(int);
void usage(char *progname);

#define FILE_SIZE 128
#define MSG_SIZE -1
#define NFILES 24

#define FDCM_DATASIZE (sizeof(int) * NFILES)
#define CRCM_DATASIZE (SOCKCREDSIZE(NGROUPS))

#define MESSAGE_SIZE (CMSG_SPACE(FDCM_DATASIZE) + \
CMSG_SPACE(CRCM_DATASIZE))

int chroot_rcvr = 0;
int pass_dir = 0;
int pass_root_dir = 0;
int exit_early = 0;
int exit_later = 0;
int pass_sock = 0;
int make_pretzel = 0;

/* ARGSUSED */
int
main(argc, argv)
int argc;
char *argv[];
{
#if MSG_SIZE >= 0
struct iovec iov;
#endif
char *progname=argv[0];
struct msghdr msg;
int listensock, sock, fd, i;
char fname[16], buf[FILE_SIZE];
struct cmsghdr *cmp;
void *message;
int *files = NULL;
struct sockcred *sc = NULL;
struct sockaddr_un sun, csun;
socklen_t csunlen;
pid_t pid;
int ch;

message = malloc(CMSG_SPACE(MESSAGE_SIZE));
if (message == NULL)
err(1, "unable to malloc message buffer");
memset(message, 0, CMSG_SPACE(MESSAGE_SIZE));

while ((ch = getopt(argc, argv, "DESdepr")) != -1) {
switch(ch) {

case 'e':
exit_early++; /* test early GC */
break;

case 'E':
exit_later++; /* test later GC */
break;

case 'd':
pass_dir++;
break;

case 'D':
pass_dir++;
pass_root_dir++;
break;

case 'S':
pass_sock++;
break;

case 'r':
chroot_rcvr++;
break;

case 'p':
make_pretzel++;
break;

case '?':
default:
usage(progname);
}
}

/*
* Create the test files.
*/
for (i = 0; i < NFILES; i++) {
(void) sprintf(fname, "file%d", i + 1);
if ((fd = open(fname, O_WRONLY|O_CREAT|O_TRUNC, 0666)) == -1)
err(1, "open %s", fname);
(void) sprintf(buf, "This is file %d.\n", i + 1);
if (write(fd, buf, strlen(buf)) != strlen(buf))
err(1, "write %s", fname);
(void) close(fd);
}

/*
* Create the listen socket.
*/
if ((listensock = socket(PF_LOCAL, SOCK_STREAM, 0)) == -1)
err(1, "socket");

(void) unlink(SOCK_NAME);
(void) memset(&sun, 0, sizeof(sun));
sun.sun_family = AF_LOCAL;
(void) strcpy(sun.sun_path, SOCK_NAME);
sun.sun_len = SUN_LEN(&sun);

i = 1;
if (setsockopt(listensock, SOL_LOCAL, LOCAL_CREDS, &i, sizeof(i)) == -1)
err(1, "setsockopt");

if (bind(listensock, (struct sockaddr *)&sun, sizeof(sun)) == -1)
err(1, "bind");

if (listen(listensock, 1) == -1)
err(1, "listen");

/*
* Create the sender.
*/
(void) signal(SIGCHLD, catch_sigchld);
pid = fork();
switch (pid) {
case -1:
err(1, "fork");
/* NOTREACHED */

case 0:
child();
/* NOTREACHED */
}

if (exit_early)
exit(0);

if (chroot_rcvr &&
((chroot(".") < 0)))
err(1, "chroot");

/*
* Wait for the sender to connect.
*/
csunlen = sizeof(csun);
if ((sock = accept(listensock, (struct sockaddr *)&csun,
&csunlen)) == -1)
err(1, "accept");

/*
* Give sender a chance to run. We will get going again
* once the SIGCHLD arrives.
*/
(void) sleep(10);

if (exit_later)
exit(0);

/*
* Grab the descriptors and credentials passed to us.
*/

/* Expect 2 messages; descriptors and creds. */
do {
(void) memset(&msg, 0, sizeof(msg));
msg.msg_control = message;
msg.msg_controllen = MESSAGE_SIZE;
#if MSG_SIZE >= 0
iov.iov_base = buf;
iov.iov_len = MSG_SIZE;
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
#endif

if (recvmsg(sock, &msg, 0) == -1)
err(1, "recvmsg");

(void) close(sock);
sock = -1;

if (msg.msg_controllen == 0)
errx(1, "no control messages received");

if (msg.msg_flags & MSG_CTRUNC)
errx(1, "lost control message data");

for (cmp = CMSG_FIRSTHDR(&msg); cmp != NULL;
cmp = CMSG_NXTHDR(&msg, cmp)) {
if (cmp->cmsg_level != SOL_SOCKET)
errx(1, "bad control message level %d",
cmp->cmsg_level);

switch (cmp->cmsg_type) {
case SCM_RIGHTS:
if (cmp->cmsg_len != CMSG_LEN(FDCM_DATASIZE))
errx(1, "bad fd control message "
"length %d", cmp->cmsg_len);

files = (int *)CMSG_DATA(cmp);
break;

case SCM_CREDS:
if (cmp->cmsg_len < CMSG_LEN(SOCKCREDSIZE(1)))
errx(1, "bad cred control message "
"length %d", cmp->cmsg_len);

sc = (struct sockcred *)CMSG_DATA(cmp);
break;

default:
errx(1, "unexpected control message");
/* NOTREACHED */
}
}

/*
* Read the files and print their contents.
*/
if (files == NULL)
warnx("didn't get fd control message");
else {
for (i = 0; i < NFILES; i++) {
struct stat st;
(void) memset(buf, 0, sizeof(buf));
fstat(files[i], &st);
if (S_ISDIR(st.st_mode)) {
printf("file %d is a directory\n", i+1);
} else if (S_ISSOCK(st.st_mode)) {
printf("file %d is a socket\n", i+1);
sock = files[i];
} else {
int c;
c = read (files[i], buf, sizeof(buf));
if (c < 0)
err(1, "read file %d", i + 1);
else if (c == 0)
printf("[eof on %d]\n", i + 1);
else
printf("%s", buf);
}
}
}
/*
* Double-check credentials.
*/
if (sc == NULL)
warnx("didn't get cred control message");
else {
if (sc->sc_uid == getuid() &&
sc->sc_euid == geteuid() &&
sc->sc_gid == getgid() &&
sc->sc_egid == getegid())
printf("Credentials match.\n");
else
printf("Credentials do NOT match.\n");
}
} while (sock != -1);

/*
* All done!
*/
exit(0);
}

void
usage(progname)
char *progname;
{
fprintf(stderr, "usage: %s [-derDES]\n", progname);
exit(1);
}

void
catch_sigchld(sig)
int sig;
{
int status;

(void) wait(&status);
}

void
child()
{
#if MSG_SIZE >= 0
struct iovec iov;
#endif
struct msghdr msg;
char fname[16];
struct cmsghdr *cmp;
void *fdcm;
int i, fd, sock, nfd, *files;
struct sockaddr_un sun;
int spair[2];

fdcm = malloc(CMSG_SPACE(FDCM_DATASIZE));
if (fdcm == NULL)
err(1, "unable to malloc fd control message");
memset(fdcm, 0, CMSG_SPACE(FDCM_DATASIZE));

cmp = fdcm;
files = (int *)CMSG_DATA(fdcm);

/*
* Create socket and connect to the receiver.
*/
if ((sock = socket(PF_LOCAL, SOCK_STREAM, 0)) == -1)
errx(1, "child socket");

(void) memset(&sun, 0, sizeof(sun));
sun.sun_family = AF_LOCAL;
(void) strcpy(sun.sun_path, SOCK_NAME);
sun.sun_len = SUN_LEN(&sun);

if (connect(sock, (struct sockaddr *)&sun, sizeof(sun)) == -1)
err(1, "child connect");

nfd = NFILES;
i = 0;

if (pass_sock) {
files[i++] = sock;
}

if (pass_dir)
nfd--;

/*
* Open the files again, and pass them to the child
* over the socket.
*/

for (; i < nfd; i++) {
(void) sprintf(fname, "file%d", i + 1);
if ((fd = open(fname, O_RDONLY, 0666)) == -1)
err(1, "child open %s", fname);
files[i] = fd;
}

if (pass_dir) {
char *dirname = pass_root_dir ? "/" : ".";

if ((fd = open(dirname, O_RDONLY, 0)) == -1) {
err(1, "child open directory %s", dirname);
}
files[i] = fd;
}

(void) memset(&msg, 0, sizeof(msg));
msg.msg_control = fdcm;
msg.msg_controllen = CMSG_LEN(FDCM_DATASIZE);
#if MSG_SIZE >= 0
iov.iov_base = buf;
iov.iov_len = MSG_SIZE;
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
#endif

cmp = CMSG_FIRSTHDR(&msg);
cmp->cmsg_len = CMSG_LEN(FDCM_DATASIZE);
cmp->cmsg_level = SOL_SOCKET;
cmp->cmsg_type = SCM_RIGHTS;

while (make_pretzel > 0) {
if (socketpair(PF_LOCAL, SOCK_STREAM, 0, spair) < 0)
err(1, "socketpair");

printf("send pretzel\n");
if (sendmsg(spair[0], &msg, 0) < 0)
err(1, "child prezel sendmsg");

close(files[0]);
close(files[1]);
files[0] = spair[0];
files[1] = spair[1];
make_pretzel--;
}

if (sendmsg(sock, &msg, 0) == -1)
err(1, "child sendmsg");

/*
* All done!
*/
exit(0);
}