1
0
mirror of https://github.com/PHJArea217/socket-enhancer synced 2024-11-23 01:10:59 +02:00
This commit is contained in:
Peter H. Jin 2022-07-02 13:50:04 -04:00
parent 01fb5ff448
commit afa6e73b4a

View File

@ -39,6 +39,7 @@ struct socket_enhancer_config {
uint8_t has_v6_v4mapv6:1; uint8_t has_v6_v4mapv6:1;
uint8_t has_v6_linklocal:1; uint8_t has_v6_linklocal:1;
uint8_t has_v6_uniquelocal:1; uint8_t has_v6_uniquelocal:1;
uint8_t has_bp_high:1;
struct ipv6_with_scope ipv6_default; struct ipv6_with_scope ipv6_default;
struct ipv6_with_scope ipv6_v4mapv6; struct ipv6_with_scope ipv6_v4mapv6;
struct ipv6_with_scope ipv6_linklocal; struct ipv6_with_scope ipv6_linklocal;
@ -46,7 +47,7 @@ struct socket_enhancer_config {
struct bind_profile *bind_profile_head; struct bind_profile *bind_profile_head;
size_t bind_profile_size; size_t bind_profile_size;
}; };
static int handle_bind_profile(int socket_fd, const struct bind_profile *profile, int do_bind_address, struct socket_enhancer_config *config) { static int handle_bind_profile(int socket_fd, const struct bind_profile *profile, int do_bind_address, uint16_t port, struct socket_enhancer_config *config) {
if (profile->has_fwmark) { if (profile->has_fwmark) {
if (setsockopt(socket_fd, SOL_SOCKET, SO_MARK, &profile->fwmark, sizeof(uint32_t))) return -1; if (setsockopt(socket_fd, SOL_SOCKET, SO_MARK, &profile->fwmark, sizeof(uint32_t))) return -1;
} }
@ -68,8 +69,10 @@ static int handle_bind_profile(int socket_fd, const struct bind_profile *profile
} }
} }
if (do_bind_address && profile->has_bind_address) { if (do_bind_address && profile->has_bind_address) {
int one = 1; if (port == 0) {
setsockopt(fd, SOL_IP, IP_BIND_ADDRESS_NO_PORT, &one, sizeof(one)); int one = 1;
setsockopt(socket_fd, SOL_IP, IP_BIND_ADDRESS_NO_PORT, &one, sizeof(one));
}
struct sockaddr_in new_bind_addr = {}; struct sockaddr_in new_bind_addr = {};
struct sockaddr_in6 new_bind_addr6 = {}; struct sockaddr_in6 new_bind_addr6 = {};
int sock_type = AF_UNSPEC; int sock_type = AF_UNSPEC;
@ -80,8 +83,8 @@ static int handle_bind_profile(int socket_fd, const struct bind_profile *profile
case AF_INET: case AF_INET:
if (IN6_IS_ADDR_V4MAPPED(&profile->bind_address)) { if (IN6_IS_ADDR_V4MAPPED(&profile->bind_address)) {
new_bind_addr.sin_family = AF_INET; new_bind_addr.sin_family = AF_INET;
new_bind_addr.sin_port = 0; new_bind_addr.sin_port = port;
new_bind_addr.sin_addr = profile->bind_address.s6_addr32[3]; new_bind_addr.sin_addr.s_addr = profile->bind_address.s6_addr32[3];
if (config->real_bind(socket_fd, (struct sockaddr *) &new_bind_addr, sizeof(new_bind_addr))) return -1; if (config->real_bind(socket_fd, (struct sockaddr *) &new_bind_addr, sizeof(new_bind_addr))) return -1;
} else { } else {
errno = EADDRNOTAVAIL; errno = EADDRNOTAVAIL;
@ -90,7 +93,7 @@ static int handle_bind_profile(int socket_fd, const struct bind_profile *profile
break; break;
case AF_INET6: case AF_INET6:
new_bind_addr6.sin6_family = AF_INET6; new_bind_addr6.sin6_family = AF_INET6;
new_bind_addr6.sin6_port = 0; new_bind_addr6.sin6_port = port;
memcpy(&new_bind_addr6.sin6_addr, &profile->bind_address, sizeof(struct in6_addr)); memcpy(&new_bind_addr6.sin6_addr, &profile->bind_address, sizeof(struct in6_addr));
if (config->real_bind(socket_fd, (struct sockaddr *) &new_bind_addr6, sizeof(new_bind_addr6))) return -1; if (config->real_bind(socket_fd, (struct sockaddr *) &new_bind_addr6, sizeof(new_bind_addr6))) return -1;
break; break;
@ -101,6 +104,17 @@ static int handle_bind_profile(int socket_fd, const struct bind_profile *profile
} }
return 0; return 0;
} }
static int compare_bind_profiles(const void *first, const void *second) {
struct bind_profile *a = (struct bind_profile *) first;
struct bind_profile *b = (struct bind_profile *) second;
if (a->idx < b->idx) return -1;
else if (a->idx > b->idx) return 1;
else return 0;
}
static struct bind_profile *find_bind_profile_by_index(struct socket_enhancer_config *config, uint16_t idx) {
struct bind_profile dummy = {.idx = idx};
return bsearch(&dummy, config->bind_profile_head, config->bind_profile_size, sizeof(struct bind_profile), compare_bind_profiles);
}
static int get_idx_by_address(const struct sockaddr *addr, socklen_t len) { static int get_idx_by_address(const struct sockaddr *addr, socklen_t len) {
uint32_t ipv4_address = 0; uint32_t ipv4_address = 0;
if ((len == sizeof(struct sockaddr_in6)) && (addr->sa_family == AF_INET6)) { if ((len == sizeof(struct sockaddr_in6)) && (addr->sa_family == AF_INET6)) {
@ -136,18 +150,40 @@ ipv4:
return 40; return 40;
} }
} }
static int apply_bind_profile(int socket_fd, uint16_t idx, uint16_t port, struct socket_enhancer_config *config, int do_bind) {
struct bind_profile *profile = find_bind_profile_by_index(config, idx);
if (profile) {
if (handle_bind_profile(socket_fd, profile, do_bind, port, config)) return -1;
return 1;
}
if ((idx >= 16384) && config->has_bp_high) {
errno = EADDRNOTAVAIL;
return -1;
}
return 0;
}
static int apply_bind_profile_sockname(int socket_fd, const struct sockaddr *addr, socklen_t len, struct socket_enhancer_config *config, int do_bind) {
int profile_idx = get_idx_by_address(addr, len);
if (profile_idx < 0) return 0;
if ((len == sizeof(struct sockaddr_in6)) && (addr->sa_family == AF_INET6)) {
return apply_bind_profile(socket_fd, profile_idx, ((struct sockaddr_in6 *) addr)->sin6_port, config, do_bind);
} else if ((len == sizeof(struct sockaddr_in)) && (addr->sa_family == AF_INET)) {
return apply_bind_profile(socket_fd, profile_idx, ((struct sockaddr_in *) addr)->sin_port, config, do_bind);
}
return 0;
}
static int parse_bind_profile_string(const char *input_string, struct bind_profile *result) { static int parse_bind_profile_string(const char *input_string, struct bind_profile *result) {
memset(result, 0, sizeof(struct bind_profile)); memset(result, 0, sizeof(struct bind_profile));
char *saveptr = NULL; char *saveptr = NULL;
char *input_string_d = strdup(input_string); char *input_string_d = strdup(input_string);
if (!input_string_d) return -1; if (!input_string_d) return -1;
char *idx_str = strtok(input_string_d, "/", &saveptr); char *idx_str = strtok_r(input_string_d, "/", &saveptr);
if (!idx_str) goto out; if (!idx_str) goto out;
unsigned long idx_num = strtoul(idx_str, NULL, 0); unsigned long idx_num = strtoul(idx_str, NULL, 0);
if ((idx_num == 0) || (idx_num > 65535)) goto out; if ((idx_num == 0) || (idx_num > 65535)) goto out;
result->idx = idx_num; result->idx = idx_num;
while (1) { while (1) {
char *token = strtok(NULL, "/", &saveptr); char *token = strtok_r(NULL, "/", &saveptr);
if (!token) break; if (!token) break;
switch (token[0]) { switch (token[0]) {
case 'M': case 'M':
@ -304,6 +340,25 @@ static void socket_enhancer_init(void) {
if (option_numeric_value > 3) goto out_of_range; if (option_numeric_value > 3) goto out_of_range;
temp_config->always_freebind = option_numeric_value; temp_config->always_freebind = option_numeric_value;
break; break;
case 0x62647072: /* "bdpr" */
{
struct bind_profile result = {};
if (parse_bind_profile_string(value, &result)) {
fprintf(stderr, "Invalid bind profile %s\n", value);
abort();
}
size_t newidx = temp_config->bind_profile_size++;
void *new_head = reallocarray(temp_config->bind_profile_head, sizeof(struct bind_profile), newidx+1);
if (!new_head) {
abort();
}
temp_config->bind_profile_head = new_head;
memcpy(&temp_config->bind_profile_head[newidx], &result, sizeof(struct bind_profile));
if (result.idx >= 16384) {
temp_config->has_bp_high = 1;
}
}
break;
default: default:
fprintf(stderr, "Invalid config option %s\n", token); fprintf(stderr, "Invalid config option %s\n", token);
abort(); abort();
@ -316,6 +371,7 @@ out_of_range:
return; return;
} }
free(dup_configstr); free(dup_configstr);
qsort(temp_config->bind_profile_head, temp_config->bind_profile_size, sizeof(struct bind_profile), compare_bind_profiles);
} }
__atomic_store_n(&global_config, temp_config, __ATOMIC_SEQ_CST); __atomic_store_n(&global_config, temp_config, __ATOMIC_SEQ_CST);
} }
@ -343,6 +399,7 @@ static int try_preconnect_bind_v4(int fd, const struct in_addr *bind_addr, int f
if (addrlen == sizeof(struct sockaddr_in)) { if (addrlen == sizeof(struct sockaddr_in)) {
if (existing_address.sin_family == AF_INET) { if (existing_address.sin_family == AF_INET) {
if (*(uint32_t *) &existing_address.sin_addr) return 0; if (*(uint32_t *) &existing_address.sin_addr) return 0;
if (apply_bind_profile(fd, 44, 0, config, 0) < 0) return -1;
} }
} }
int one = 1; int one = 1;
@ -364,6 +421,7 @@ static int try_preconnect_bind_v6(int fd, const struct ipv6_with_scope *bind_add
if (existing_address.sin6_addr.s6_addr32[1]) return 0; if (existing_address.sin6_addr.s6_addr32[1]) return 0;
if (existing_address.sin6_addr.s6_addr32[2]) return 0; if (existing_address.sin6_addr.s6_addr32[2]) return 0;
if (existing_address.sin6_addr.s6_addr32[3]) return 0; if (existing_address.sin6_addr.s6_addr32[3]) return 0;
if (apply_bind_profile(fd, 64, 0, config, 0) < 0) return -1;
} }
} }
int one = 1; int one = 1;
@ -461,6 +519,10 @@ int bind(int fd, const struct sockaddr *addr_, socklen_t len_) {
const struct sockaddr *addr = addr_; const struct sockaddr *addr = addr_;
socklen_t len = len_; socklen_t len = len_;
struct sockaddr_in6 ipv6_addr = {0}; struct sockaddr_in6 ipv6_addr = {0};
if (always_freebind) {
int one = 1;
setsockopt(fd, SOL_IP, IP_FREEBIND, &one, sizeof(one));
}
if (len == sizeof(struct sockaddr_in6)) { if (len == sizeof(struct sockaddr_in6)) {
if (addr->sa_family == AF_INET6) { if (addr->sa_family == AF_INET6) {
memcpy(&ipv6_addr, addr, sizeof(struct sockaddr_in6)); memcpy(&ipv6_addr, addr, sizeof(struct sockaddr_in6));
@ -468,11 +530,22 @@ int bind(int fd, const struct sockaddr *addr_, socklen_t len_) {
if (config->universal_link_local_mode & 1) { if (config->universal_link_local_mode & 1) {
convert_universal_linklocal(&ipv6_addr); convert_universal_linklocal(&ipv6_addr);
} }
int r = apply_bind_profile_sockname(fd, (struct sockaddr *) &ipv6_addr, sizeof(struct sockaddr_in6), config, 1);
if (r < 0) {
if (errno == 0) errno = EADDRNOTAVAIL;
return -1;
}
if (r == 1) return 0;
} }
} } else if ((len == sizeof(struct sockaddr_in)) && (addr->sa_family == AF_INET)) {
if (always_freebind) { struct sockaddr_in ipv4_addr;
int one = 1; memcpy(&ipv4_addr, addr, sizeof(struct sockaddr_in));
setsockopt(fd, SOL_IP, IP_FREEBIND, &one, sizeof(one)); int r = apply_bind_profile_sockname(fd, (struct sockaddr *) &ipv4_addr, sizeof(struct sockaddr_in), config, 1);
if (r < 0) {
if (errno == 0) errno = EADDRNOTAVAIL;
return -1;
}
if (r == 1) return 0;
} }
return config->real_bind(fd, addr, len); return config->real_bind(fd, addr, len);
} }