Home | History | Annotate | Download | only in libpcap
      1 /*
      2  * Copyright (c) 2002 - 2003
      3  * NetGroup, Politecnico di Torino (Italy)
      4  * All rights reserved.
      5  *
      6  * Redistribution and use in source and binary forms, with or without
      7  * modification, are permitted provided that the following conditions
      8  * are met:
      9  *
     10  * 1. Redistributions of source code must retain the above copyright
     11  * notice, this list of conditions and the following disclaimer.
     12  * 2. Redistributions in binary form must reproduce the above copyright
     13  * notice, this list of conditions and the following disclaimer in the
     14  * documentation and/or other materials provided with the distribution.
     15  * 3. Neither the name of the Politecnico di Torino nor the names of its
     16  * contributors may be used to endorse or promote products derived from
     17  * this software without specific prior written permission.
     18  *
     19  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
     20  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
     21  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
     22  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
     23  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
     24  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
     25  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
     26  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
     27  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     28  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     29  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     30  *
     31  */
     32 
     33 #ifdef HAVE_CONFIG_H
     34 #include <config.h>
     35 #endif
     36 
     37 /*
     38  * \file sockutils.c
     39  *
     40  * The goal of this file is to provide a common set of primitives for socket
     41  * manipulation.
     42  *
     43  * Although the socket interface defined in the RFC 2553 (and its updates)
     44  * is excellent, there are still differences between the behavior of those
     45  * routines on UN*X and Windows, and between UN*Xes.
     46  *
     47  * These calls provide an interface similar to the socket interface, but
     48  * that hides the differences between operating systems.  It does not
     49  * attempt to significantly improve on the socket interface in other
     50  * ways.
     51  */
     52 
     53 #include "ftmacros.h"
     54 
     55 #include <string.h>
     56 #include <errno.h>	/* for the errno variable */
     57 #include <stdio.h>	/* for the stderr file */
     58 #include <stdlib.h>	/* for malloc() and free() */
     59 #ifdef HAVE_LIMITS_H
     60 #include <limits.h>
     61 #else
     62 #define INT_MAX		2147483647
     63 #endif
     64 
     65 #include "pcap-int.h"
     66 
     67 #include "sockutils.h"
     68 #include "portability.h"
     69 
     70 #ifdef _WIN32
     71   /*
     72    * Winsock initialization.
     73    *
     74    * Ask for WinSock 2.2.
     75    */
     76   #define WINSOCK_MAJOR_VERSION 2
     77   #define WINSOCK_MINOR_VERSION 2
     78 
     79   static int sockcount = 0;	/*!< Variable that allows calling the WSAStartup() only one time */
     80 #endif
     81 
     82 /* Some minor differences between UNIX and Win32 */
     83 #ifdef _WIN32
     84   #define SHUT_WR SD_SEND	/* The control code for shutdown() is different in Win32 */
     85 #endif
     86 
     87 /* Size of the buffer that has to keep error messages */
     88 #define SOCK_ERRBUF_SIZE 1024
     89 
     90 /* Constants; used in order to keep strings here */
     91 #define SOCKET_NO_NAME_AVAILABLE "No name available"
     92 #define SOCKET_NO_PORT_AVAILABLE "No port available"
     93 #define SOCKET_NAME_NULL_DAD "Null address (possibly DAD Phase)"
     94 
     95 /*
     96  * On UN*X, send() and recv() return ssize_t.
     97  *
     98  * On Windows, send() and recv() return an int.
     99  *
    100  *   Wth MSVC, there *is* no ssize_t.
    101  *
    102  *   With MinGW, there is an ssize_t type; it is either an int (32 bit)
    103  *   or a long long (64 bit).
    104  *
    105  * So, on Windows, if we don't have ssize_t defined, define it as an
    106  * int, so we can use it, on all platforms, as the type of variables
    107  * that hold the return values from send() and recv().
    108  */
    109 #if defined(_WIN32) && !defined(_SSIZE_T_DEFINED)
    110 typedef int ssize_t;
    111 #endif
    112 
    113 /****************************************************
    114  *                                                  *
    115  * Locally defined functions                        *
    116  *                                                  *
    117  ****************************************************/
    118 
    119 static int sock_ismcastaddr(const struct sockaddr *saddr);
    120 
    121 /****************************************************
    122  *                                                  *
    123  * Function bodies                                  *
    124  *                                                  *
    125  ****************************************************/
    126 
    127 /*
    128  * Format an error message given an errno value (UN*X) or a WinSock error
    129  * (Windows).
    130  */
    131 void sock_fmterror(const char *caller, int errcode, char *errbuf, int errbuflen)
    132 {
    133 #ifdef _WIN32
    134 	int retval;
    135 	char message[SOCK_ERRBUF_SIZE];	/* We're forcing "ANSI" */
    136 
    137 	if (errbuf == NULL)
    138 		return;
    139 
    140 	retval = FormatMessageA(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS |
    141 		FORMAT_MESSAGE_MAX_WIDTH_MASK,
    142 		NULL, errcode, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
    143 		message, sizeof(message) / sizeof(TCHAR), NULL);
    144 
    145 	if (retval == 0)
    146 	{
    147 		if ((caller) && (*caller))
    148 			pcap_snprintf(errbuf, errbuflen, "%sUnable to get the exact error message", caller);
    149 		else
    150 			pcap_snprintf(errbuf, errbuflen, "Unable to get the exact error message");
    151 	}
    152 	else
    153 	{
    154 		if ((caller) && (*caller))
    155 			pcap_snprintf(errbuf, errbuflen, "%s%s (code %d)", caller, message, errcode);
    156 		else
    157 			pcap_snprintf(errbuf, errbuflen, "%s (code %d)", message, errcode);
    158 	}
    159 #else
    160 	char *message;
    161 
    162 	if (errbuf == NULL)
    163 		return;
    164 
    165 	message = strerror(errcode);
    166 
    167 	if ((caller) && (*caller))
    168 		pcap_snprintf(errbuf, errbuflen, "%s%s (code %d)", caller, message, errcode);
    169 	else
    170 		pcap_snprintf(errbuf, errbuflen, "%s (code %d)", message, errcode);
    171 #endif
    172 }
    173 
    174 /*
    175  * \brief It retrieves the error message after an error occurred in the socket interface.
    176  *
    177  * This function is defined because of the different way errors are returned in UNIX
    178  * and Win32. This function provides a consistent way to retrieve the error message
    179  * (after a socket error occurred) on all the platforms.
    180  *
    181  * \param caller: a pointer to a user-allocated string which contains a message that has
    182  * to be printed *before* the true error message. It could be, for example, 'this error
    183  * comes from the recv() call at line 31'. It may be NULL.
    184  *
    185  * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
    186  * error message. This buffer has to be at least 'errbuflen' in length.
    187  * It can be NULL; in this case the error cannot be printed.
    188  *
    189  * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
    190  * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
    191  *
    192  * \return No return values. The error message is returned in the 'string' parameter.
    193  */
    194 void sock_geterror(const char *caller, char *errbuf, int errbuflen)
    195 {
    196 #ifdef _WIN32
    197 	if (errbuf == NULL)
    198 		return;
    199 	sock_fmterror(caller, GetLastError(), errbuf, errbuflen);
    200 #else
    201 	if (errbuf == NULL)
    202 		return;
    203 	sock_fmterror(caller, errno, errbuf, errbuflen);
    204 #endif
    205 }
    206 
    207 /*
    208  * \brief It initializes sockets.
    209  *
    210  * This function is pretty useless on UNIX, since socket initialization is not required.
    211  * However it is required on Win32. In UNIX, this function appears to be completely empty.
    212  *
    213  * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
    214  * error message. This buffer has to be at least 'errbuflen' in length.
    215  * It can be NULL; in this case the error cannot be printed.
    216  *
    217  * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
    218  * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
    219  *
    220  * \return '0' if everything is fine, '-1' if some errors occurred. The error message is returned
    221  * in the 'errbuf' variable.
    222  */
    223 #ifdef _WIN32
    224 int sock_init(char *errbuf, int errbuflen)
    225 {
    226 	if (sockcount == 0)
    227 	{
    228 		WSADATA wsaData;			/* helper variable needed to initialize Winsock */
    229 
    230 		if (WSAStartup(MAKEWORD(WINSOCK_MAJOR_VERSION,
    231 		    WINSOCK_MINOR_VERSION), &wsaData) != 0)
    232 		{
    233 			if (errbuf)
    234 				pcap_snprintf(errbuf, errbuflen, "Failed to initialize Winsock\n");
    235 
    236 			WSACleanup();
    237 
    238 			return -1;
    239 		}
    240 	}
    241 
    242 	sockcount++;
    243 #else
    244 int sock_init(char *errbuf _U_, int errbuflen _U_)
    245 {
    246 #endif
    247 	return 0;
    248 }
    249 
    250 /*
    251  * \brief It deallocates sockets.
    252  *
    253  * This function is pretty useless on UNIX, since socket deallocation is not required.
    254  * However it is required on Win32. In UNIX, this function appears to be completely empty.
    255  *
    256  * \return No error values.
    257  */
    258 void sock_cleanup(void)
    259 {
    260 #ifdef _WIN32
    261 	sockcount--;
    262 
    263 	if (sockcount == 0)
    264 		WSACleanup();
    265 #endif
    266 }
    267 
    268 /*
    269  * \brief It checks if the sockaddr variable contains a multicast address.
    270  *
    271  * \return '0' if the address is multicast, '-1' if it is not.
    272  */
    273 static int sock_ismcastaddr(const struct sockaddr *saddr)
    274 {
    275 	if (saddr->sa_family == PF_INET)
    276 	{
    277 		struct sockaddr_in *saddr4 = (struct sockaddr_in *) saddr;
    278 		if (IN_MULTICAST(ntohl(saddr4->sin_addr.s_addr))) return 0;
    279 		else return -1;
    280 	}
    281 	else
    282 	{
    283 		struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *) saddr;
    284 		if (IN6_IS_ADDR_MULTICAST(&saddr6->sin6_addr)) return 0;
    285 		else return -1;
    286 	}
    287 }
    288 
    289 /*
    290  * \brief It initializes a network connection both from the client and the server side.
    291  *
    292  * In case of a client socket, this function calls socket() and connect().
    293  * In the meanwhile, it checks for any socket error.
    294  * If an error occurs, it writes the error message into 'errbuf'.
    295  *
    296  * In case of a server socket, the function calls socket(), bind() and listen().
    297  *
    298  * This function is usually preceeded by the sock_initaddress().
    299  *
    300  * \param addrinfo: pointer to an addrinfo variable which will be used to
    301  * open the socket and such. This variable is the one returned by the previous call to
    302  * sock_initaddress().
    303  *
    304  * \param server: '1' if this is a server socket, '0' otherwise.
    305  *
    306  * \param nconn: number of the connections that are allowed to wait into the listen() call.
    307  * This value has no meanings in case of a client socket.
    308  *
    309  * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
    310  * error message. This buffer has to be at least 'errbuflen' in length.
    311  * It can be NULL; in this case the error cannot be printed.
    312  *
    313  * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
    314  * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
    315  *
    316  * \return the socket that has been opened (that has to be used in the following sockets calls)
    317  * if everything is fine, INVALID_SOCKET if some errors occurred. The error message is returned
    318  * in the 'errbuf' variable.
    319  */
    320 SOCKET sock_open(struct addrinfo *addrinfo, int server, int nconn, char *errbuf, int errbuflen)
    321 {
    322 	SOCKET sock;
    323 #if defined(SO_NOSIGPIPE) || defined(IPV6_V6ONLY) || defined(IPV6_BINDV6ONLY)
    324 	int on = 1;
    325 #endif
    326 
    327 	sock = socket(addrinfo->ai_family, addrinfo->ai_socktype, addrinfo->ai_protocol);
    328 	if (sock == INVALID_SOCKET)
    329 	{
    330 		sock_geterror("socket(): ", errbuf, errbuflen);
    331 		return INVALID_SOCKET;
    332 	}
    333 
    334 	/*
    335 	 * Disable SIGPIPE, if we have SO_NOSIGPIPE.  We don't want to
    336 	 * have to deal with signals if the peer closes the connection,
    337 	 * especially in client programs, which may not even be aware that
    338 	 * they're sending to sockets.
    339 	 */
    340 #ifdef SO_NOSIGPIPE
    341 	if (setsockopt(sock, SOL_SOCKET, SO_NOSIGPIPE, (char *)&on,
    342 	    sizeof (int)) == -1)
    343 	{
    344 		sock_geterror("setsockopt(SO_NOSIGPIPE)", errbuf, errbuflen);
    345 		closesocket(sock);
    346 		return INVALID_SOCKET;
    347 	}
    348 #endif
    349 
    350 	/* This is a server socket */
    351 	if (server)
    352 	{
    353 #if defined(IPV6_V6ONLY) || defined(IPV6_BINDV6ONLY)
    354 		/*
    355 		 * Force the use of IPv6-only addresses.
    356 		 *
    357 		 * RFC 3493 indicates that you can support IPv4 on an
    358 		 * IPv6 socket:
    359 		 *
    360 		 *    https://tools.ietf.org/html/rfc3493#section-3.7
    361 		 *
    362 		 * and that this is the default behavior.  This means
    363 		 * that if we first create an IPv6 socket bound to the
    364 		 * "any" address, it is, in effect, also bound to the
    365 		 * IPv4 "any" address, so when we create an IPv4 socket
    366 		 * and try to bind it to the IPv4 "any" address, it gets
    367 		 * EADDRINUSE.
    368 		 *
    369 		 * Not all network stacks support IPv4 on IPv6 sockets;
    370 		 * pre-NT 6 Windows stacks don't support it, and the
    371 		 * OpenBSD stack doesn't support it for security reasons
    372 		 * (see the OpenBSD inet6(4) man page).  Therefore, we
    373 		 * don't want to rely on this behavior.
    374 		 *
    375 		 * So we try to disable it, using either the IPV6_V6ONLY
    376 		 * option from RFC 3493:
    377 		 *
    378 		 *    https://tools.ietf.org/html/rfc3493#section-5.3
    379 		 *
    380 		 * or the IPV6_BINDV6ONLY option from older UN*Xes.
    381 		 */
    382 #ifndef IPV6_V6ONLY
    383   /* For older systems */
    384   #define IPV6_V6ONLY IPV6_BINDV6ONLY
    385 #endif /* IPV6_V6ONLY */
    386 		if (addrinfo->ai_family == PF_INET6)
    387 		{
    388 			if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
    389 			    (char *)&on, sizeof (int)) == -1)
    390 			{
    391 				if (errbuf)
    392 					pcap_snprintf(errbuf, errbuflen, "setsockopt(IPV6_V6ONLY)");
    393 				closesocket(sock);
    394 				return INVALID_SOCKET;
    395 			}
    396 		}
    397 #endif /* defined(IPV6_V6ONLY) || defined(IPV6_BINDV6ONLY) */
    398 
    399 		/* WARNING: if the address is a mcast one, I should place the proper Win32 code here */
    400 		if (bind(sock, addrinfo->ai_addr, (int) addrinfo->ai_addrlen) != 0)
    401 		{
    402 			sock_geterror("bind(): ", errbuf, errbuflen);
    403 			closesocket(sock);
    404 			return INVALID_SOCKET;
    405 		}
    406 
    407 		if (addrinfo->ai_socktype == SOCK_STREAM)
    408 			if (listen(sock, nconn) == -1)
    409 			{
    410 				sock_geterror("listen(): ", errbuf, errbuflen);
    411 				closesocket(sock);
    412 				return INVALID_SOCKET;
    413 			}
    414 
    415 		/* server side ended */
    416 		return sock;
    417 	}
    418 	else	/* we're the client */
    419 	{
    420 		struct addrinfo *tempaddrinfo;
    421 		char *errbufptr;
    422 		size_t bufspaceleft;
    423 
    424 		tempaddrinfo = addrinfo;
    425 		errbufptr = errbuf;
    426 		bufspaceleft = errbuflen;
    427 		*errbufptr = 0;
    428 
    429 		/*
    430 		 * We have to loop though all the addinfo returned.
    431 		 * For instance, we can have both IPv6 and IPv4 addresses, but the service we're trying
    432 		 * to connect to is unavailable in IPv6, so we have to try in IPv4 as well
    433 		 */
    434 		while (tempaddrinfo)
    435 		{
    436 
    437 			if (connect(sock, tempaddrinfo->ai_addr, (int) tempaddrinfo->ai_addrlen) == -1)
    438 			{
    439 				size_t msglen;
    440 				char TmpBuffer[100];
    441 				char SocketErrorMessage[SOCK_ERRBUF_SIZE];
    442 
    443 				/*
    444 				 * We have to retrieve the error message before any other socket call completes, otherwise
    445 				 * the error message is lost
    446 				 */
    447 				sock_geterror(NULL, SocketErrorMessage, sizeof(SocketErrorMessage));
    448 
    449 				/* Returns the numeric address of the host that triggered the error */
    450 				sock_getascii_addrport((struct sockaddr_storage *) tempaddrinfo->ai_addr, TmpBuffer, sizeof(TmpBuffer), NULL, 0, NI_NUMERICHOST, TmpBuffer, sizeof(TmpBuffer));
    451 
    452 				pcap_snprintf(errbufptr, bufspaceleft,
    453 				    "Is the server properly installed on %s?  connect() failed: %s", TmpBuffer, SocketErrorMessage);
    454 
    455 				/* In case more then one 'connect' fails, we manage to keep all the error messages */
    456 				msglen = strlen(errbufptr);
    457 
    458 				errbufptr[msglen] = ' ';
    459 				errbufptr[msglen + 1] = 0;
    460 
    461 				bufspaceleft = bufspaceleft - (msglen + 1);
    462 				errbufptr += (msglen + 1);
    463 
    464 				tempaddrinfo = tempaddrinfo->ai_next;
    465 			}
    466 			else
    467 				break;
    468 		}
    469 
    470 		/*
    471 		 * Check how we exit from the previous loop
    472 		 * If tempaddrinfo is equal to NULL, it means that all the connect() failed.
    473 		 */
    474 		if (tempaddrinfo == NULL)
    475 		{
    476 			closesocket(sock);
    477 			return INVALID_SOCKET;
    478 		}
    479 		else
    480 			return sock;
    481 	}
    482 }
    483 
    484 /*
    485  * \brief Closes the present (TCP and UDP) socket connection.
    486  *
    487  * This function sends a shutdown() on the socket in order to disable send() calls
    488  * (while recv() ones are still allowed). Then, it closes the socket.
    489  *
    490  * \param sock: the socket identifier of the connection that has to be closed.
    491  *
    492  * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
    493  * error message. This buffer has to be at least 'errbuflen' in length.
    494  * It can be NULL; in this case the error cannot be printed.
    495  *
    496  * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
    497  * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
    498  *
    499  * \return '0' if everything is fine, '-1' if some errors occurred. The error message is returned
    500  * in the 'errbuf' variable.
    501  */
    502 int sock_close(SOCKET sock, char *errbuf, int errbuflen)
    503 {
    504 	/*
    505 	 * SHUT_WR: subsequent calls to the send function are disallowed.
    506 	 * For TCP sockets, a FIN will be sent after all data is sent and
    507 	 * acknowledged by the Server.
    508 	 */
    509 	if (shutdown(sock, SHUT_WR))
    510 	{
    511 		sock_geterror("shutdown(): ", errbuf, errbuflen);
    512 		/* close the socket anyway */
    513 		closesocket(sock);
    514 		return -1;
    515 	}
    516 
    517 	closesocket(sock);
    518 	return 0;
    519 }
    520 
    521 /*
    522  * \brief Checks that the address, port and flags given are valids and it returns an 'addrinfo' structure.
    523  *
    524  * This function basically calls the getaddrinfo() calls, and it performs a set of sanity checks
    525  * to control that everything is fine (e.g. a TCP socket cannot have a mcast address, and such).
    526  * If an error occurs, it writes the error message into 'errbuf'.
    527  *
    528  * \param host: a pointer to a string identifying the host. It can be
    529  * a host name, a numeric literal address, or NULL or "" (useful
    530  * in case of a server socket which has to bind to all addresses).
    531  *
    532  * \param port: a pointer to a user-allocated buffer containing the network port to use.
    533  *
    534  * \param hints: an addrinfo variable (passed by reference) containing the flags needed to create the
    535  * addrinfo structure appropriately.
    536  *
    537  * \param addrinfo: it represents the true returning value. This is a pointer to an addrinfo variable
    538  * (passed by reference), which will be allocated by this function and returned back to the caller.
    539  * This variable will be used in the next sockets calls.
    540  *
    541  * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
    542  * error message. This buffer has to be at least 'errbuflen' in length.
    543  * It can be NULL; in this case the error cannot be printed.
    544  *
    545  * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
    546  * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
    547  *
    548  * \return '0' if everything is fine, '-1' if some errors occurred. The error message is returned
    549  * in the 'errbuf' variable. The addrinfo variable that has to be used in the following sockets calls is
    550  * returned into the addrinfo parameter.
    551  *
    552  * \warning The 'addrinfo' variable has to be deleted by the programmer by calling freeaddrinfo() when
    553  * it is no longer needed.
    554  *
    555  * \warning This function requires the 'hints' variable as parameter. The semantic of this variable is the same
    556  * of the one of the corresponding variable used into the standard getaddrinfo() socket function. We suggest
    557  * the programmer to look at that function in order to set the 'hints' variable appropriately.
    558  */
    559 int sock_initaddress(const char *host, const char *port,
    560     struct addrinfo *hints, struct addrinfo **addrinfo, char *errbuf, int errbuflen)
    561 {
    562 	int retval;
    563 
    564 	retval = getaddrinfo(host, port, hints, addrinfo);
    565 	if (retval != 0)
    566 	{
    567 		/*
    568 		 * if the getaddrinfo() fails, you have to use gai_strerror(), instead of using the standard
    569 		 * error routines (errno) in UNIX; Winsock suggests using the GetLastError() instead.
    570 		 */
    571 		if (errbuf)
    572 		{
    573 #ifdef _WIN32
    574 			sock_geterror("getaddrinfo(): ", errbuf, errbuflen);
    575 #else
    576 			pcap_snprintf(errbuf, errbuflen, "getaddrinfo() %s", gai_strerror(retval));
    577 #endif
    578 		}
    579 		return -1;
    580 	}
    581 	/*
    582 	 * \warning SOCKET: I should check all the accept() in order to bind to all addresses in case
    583 	 * addrinfo has more han one pointers
    584 	 */
    585 
    586 	/*
    587 	 * This software only supports PF_INET and PF_INET6.
    588 	 *
    589 	 * XXX - should we just check that at least *one* address is
    590 	 * either PF_INET or PF_INET6, and, when using the list,
    591 	 * ignore all addresses that are neither?  (What, no IPX
    592 	 * support? :-))
    593 	 */
    594 	if (((*addrinfo)->ai_family != PF_INET) &&
    595 	    ((*addrinfo)->ai_family != PF_INET6))
    596 	{
    597 		if (errbuf)
    598 			pcap_snprintf(errbuf, errbuflen, "getaddrinfo(): socket type not supported");
    599 		freeaddrinfo(*addrinfo);
    600 		*addrinfo = NULL;
    601 		return -1;
    602 	}
    603 
    604 	/*
    605 	 * You can't do multicast (or broadcast) TCP.
    606 	 */
    607 	if (((*addrinfo)->ai_socktype == SOCK_STREAM) &&
    608 	    (sock_ismcastaddr((*addrinfo)->ai_addr) == 0))
    609 	{
    610 		if (errbuf)
    611 			pcap_snprintf(errbuf, errbuflen, "getaddrinfo(): multicast addresses are not valid when using TCP streams");
    612 		freeaddrinfo(*addrinfo);
    613 		*addrinfo = NULL;
    614 		return -1;
    615 	}
    616 
    617 	return 0;
    618 }
    619 
    620 /*
    621  * \brief It sends the amount of data contained into 'buffer' on the given socket.
    622  *
    623  * This function basically calls the send() socket function and it checks that all
    624  * the data specified in 'buffer' (of size 'size') will be sent. If an error occurs,
    625  * it writes the error message into 'errbuf'.
    626  * In case the socket buffer does not have enough space, it loops until all data
    627  * has been sent.
    628  *
    629  * \param socket: the connected socket currently opened.
    630  *
    631  * \param buffer: a char pointer to a user-allocated buffer in which data is contained.
    632  *
    633  * \param size: number of bytes that have to be sent.
    634  *
    635  * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
    636  * error message. This buffer has to be at least 'errbuflen' in length.
    637  * It can be NULL; in this case the error cannot be printed.
    638  *
    639  * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
    640  * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
    641  *
    642  * \return '0' if everything is fine, '-1' if an error other than
    643  * "connection reset" or "peer has closed the receive side" occurred,
    644  * '-2' if we got one of those errors.
    645  * For errors, an error message is returned in the 'errbuf' variable.
    646  */
    647 int sock_send(SOCKET sock, const char *buffer, size_t size,
    648     char *errbuf, int errbuflen)
    649 {
    650 	int remaining;
    651 	ssize_t nsent;
    652 
    653 	if (size > INT_MAX)
    654 	{
    655 		if (errbuf)
    656 		{
    657 			pcap_snprintf(errbuf, errbuflen,
    658 			    "Can't send more than %u bytes with sock_recv",
    659 			    INT_MAX);
    660 		}
    661 		return -1;
    662 	}
    663 	remaining = (int)size;
    664 
    665 	do {
    666 #ifdef MSG_NOSIGNAL
    667 		/*
    668 		 * Send with MSG_NOSIGNAL, so that we don't get SIGPIPE
    669 		 * on errors on stream-oriented sockets when the other
    670 		 * end breaks the connection.
    671 		 * The EPIPE error is still returned.
    672 		 */
    673 		nsent = send(sock, buffer, remaining, MSG_NOSIGNAL);
    674 #else
    675 		nsent = send(sock, buffer, remaining, 0);
    676 #endif
    677 
    678 		if (nsent == -1)
    679 		{
    680 			/*
    681 			 * If the client closed the connection out from
    682 			 * under us, there's no need to log that as an
    683 			 * error.
    684 			 */
    685 			int errcode;
    686 
    687 #ifdef _WIN32
    688 			errcode = GetLastError();
    689 			if (errcode == WSAECONNRESET ||
    690 			    errcode == WSAECONNABORTED)
    691 			{
    692 				/*
    693 				 * WSAECONNABORTED appears to be the error
    694 				 * returned in Winsock when you try to send
    695 				 * on a connection where the peer has closed
    696 				 * the receive side.
    697 				 */
    698 				return -2;
    699 			}
    700 			sock_fmterror("send(): ", errcode, errbuf, errbuflen);
    701 #else
    702 			errcode = errno;
    703 			if (errcode == ECONNRESET || errcode == EPIPE)
    704 			{
    705 				/*
    706 				 * EPIPE is what's returned on UN*X when
    707 				 * you try to send on a connection when
    708 				 * the peer has closed the receive side.
    709 				 */
    710 				return -2;
    711 			}
    712 			sock_fmterror("send(): ", errcode, errbuf, errbuflen);
    713 #endif
    714 			return -1;
    715 		}
    716 
    717 		remaining -= nsent;
    718 		buffer += nsent;
    719 	} while (remaining != 0);
    720 
    721 	return 0;
    722 }
    723 
    724 /*
    725  * \brief It copies the amount of data contained into 'buffer' into 'tempbuf'.
    726  * and it checks for buffer overflows.
    727  *
    728  * This function basically copies 'size' bytes of data contained into 'buffer'
    729  * into 'tempbuf', starting at offset 'offset'. Before that, it checks that the
    730  * resulting buffer will not be larger	than 'totsize'. Finally, it updates
    731  * the 'offset' variable in order to point to the first empty location of the buffer.
    732  *
    733  * In case the function is called with 'checkonly' equal to 1, it does not copy
    734  * the data into the buffer. It only checks for buffer overflows and it updates the
    735  * 'offset' variable. This mode can be useful when the buffer already contains the
    736  * data (maybe because the producer writes directly into the target buffer), so
    737  * only the buffer overflow check has to be made.
    738  * In this case, both 'buffer' and 'tempbuf' can be NULL values.
    739  *
    740  * This function is useful in case the userland application does not know immediately
    741  * all the data it has to write into the socket. This function provides a way to create
    742  * the "stream" step by step, appending the new data to the old one. Then, when all the
    743  * data has been bufferized, the application can call the sock_send() function.
    744  *
    745  * \param buffer: a char pointer to a user-allocated buffer that keeps the data
    746  * that has to be copied.
    747  *
    748  * \param size: number of bytes that have to be copied.
    749  *
    750  * \param tempbuf: user-allocated buffer (of size 'totsize') in which data
    751  * has to be copied.
    752  *
    753  * \param offset: an index into 'tempbuf' which keeps the location of its first
    754  * empty location.
    755  *
    756  * \param totsize: total size of the buffer in which data is being copied.
    757  *
    758  * \param checkonly: '1' if we do not want to copy data into the buffer and we
    759  * want just do a buffer ovreflow control, '0' if data has to be copied as well.
    760  *
    761  * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
    762  * error message. This buffer has to be at least 'errbuflen' in length.
    763  * It can be NULL; in this case the error cannot be printed.
    764  *
    765  * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
    766  * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
    767  *
    768  * \return '0' if everything is fine, '-1' if some errors occurred. The error message
    769  * is returned in the 'errbuf' variable. When the function returns, 'tempbuf' will
    770  * have the new string appended, and 'offset' will keep the length of that buffer.
    771  * In case of 'checkonly == 1', data is not copied, but 'offset' is updated in any case.
    772  *
    773  * \warning This function assumes that the buffer in which data has to be stored is
    774  * large 'totbuf' bytes.
    775  *
    776  * \warning In case of 'checkonly', be carefully to call this function *before* copying
    777  * the data into the buffer. Otherwise, the control about the buffer overflow is useless.
    778  */
    779 int sock_bufferize(const char *buffer, int size, char *tempbuf, int *offset, int totsize, int checkonly, char *errbuf, int errbuflen)
    780 {
    781 	if ((*offset + size) > totsize)
    782 	{
    783 		if (errbuf)
    784 			pcap_snprintf(errbuf, errbuflen, "Not enough space in the temporary send buffer.");
    785 		return -1;
    786 	}
    787 
    788 	if (!checkonly)
    789 		memcpy(tempbuf + (*offset), buffer, size);
    790 
    791 	(*offset) += size;
    792 
    793 	return 0;
    794 }
    795 
    796 /*
    797  * \brief It waits on a connected socket and it manages to receive data.
    798  *
    799  * This function basically calls the recv() socket function and it checks that no
    800  * error occurred. If that happens, it writes the error message into 'errbuf'.
    801  *
    802  * This function changes its behavior according to the 'receiveall' flag: if we
    803  * want to receive exactly 'size' byte, it loops on the recv()	until all the requested
    804  * data is arrived. Otherwise, it returns the data currently available.
    805  *
    806  * In case the socket does not have enough data available, it cycles on the recv()
    807  * until the requested data (of size 'size') is arrived.
    808  * In this case, it blocks until the number of bytes read is equal to 'size'.
    809  *
    810  * \param sock: the connected socket currently opened.
    811  *
    812  * \param buffer: a char pointer to a user-allocated buffer in which data has to be stored
    813  *
    814  * \param size: size of the allocated buffer. WARNING: this indicates the number of bytes
    815  * that we are expecting to be read.
    816  *
    817  * \param flags:
    818  *
    819  *   SOCK_RECEIVALL_XXX:
    820  *
    821  * 	if SOCK_RECEIVEALL_NO, return as soon as some data is ready
    822  *	if SOCK_RECEIVALL_YES, wait until 'size' data has been
    823  *	    received (in case the socket does not have enough data available).
    824  *
    825  *   SOCK_EOF_XXX:
    826  *
    827  *	if SOCK_EOF_ISNT_ERROR, if the first read returns 0, just return 0,
    828  *	    and return an error on any subsequent read that returns 0;
    829  *	if SOCK_EOF_IS_ERROR, if any read returns 0, return an error.
    830  *
    831  * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
    832  * error message. This buffer has to be at least 'errbuflen' in length.
    833  * It can be NULL; in this case the error cannot be printed.
    834  *
    835  * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
    836  * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
    837  *
    838  * \return the number of bytes read if everything is fine, '-1' if some errors occurred.
    839  * The error message is returned in the 'errbuf' variable.
    840  */
    841 
    842 int sock_recv(SOCKET sock, void *buffer, size_t size, int flags,
    843     char *errbuf, int errbuflen)
    844 {
    845 	char *bufp = buffer;
    846 	int remaining;
    847 	ssize_t nread;
    848 
    849 	if (size == 0)
    850 	{
    851 		SOCK_DEBUG_MESSAGE("I have been requested to read zero bytes");
    852 		return 0;
    853 	}
    854 	if (size > INT_MAX)
    855 	{
    856 		if (errbuf)
    857 		{
    858 			pcap_snprintf(errbuf, errbuflen,
    859 			    "Can't read more than %u bytes with sock_recv",
    860 			    INT_MAX);
    861 		}
    862 		return -1;
    863 	}
    864 
    865 	bufp = (char *) buffer;
    866 	remaining = (int) size;
    867 
    868 	/*
    869 	 * We don't use MSG_WAITALL because it's not supported in
    870 	 * Win32.
    871 	 */
    872 	for (;;) {
    873 		nread = recv(sock, bufp, remaining, 0);
    874 
    875 		if (nread == -1)
    876 		{
    877 #ifndef _WIN32
    878 			if (errno == EINTR)
    879 				return -3;
    880 #endif
    881 			sock_geterror("recv(): ", errbuf, errbuflen);
    882 			return -1;
    883 		}
    884 
    885 		if (nread == 0)
    886 		{
    887 			if ((flags & SOCK_EOF_IS_ERROR) ||
    888 			    (remaining != (int) size))
    889 			{
    890 				/*
    891 				 * Either we've already read some data,
    892 				 * or we're always supposed to return
    893 				 * an error on EOF.
    894 				 */
    895 				if (errbuf)
    896 				{
    897 					pcap_snprintf(errbuf, errbuflen,
    898 					    "The other host terminated the connection.");
    899 				}
    900 				return -1;
    901 			}
    902 			else
    903 				return 0;
    904 		}
    905 
    906 		/*
    907 		 * Do we want to read the amount requested, or just return
    908 		 * what we got?
    909 		 */
    910 		if (!(flags & SOCK_RECEIVEALL_YES))
    911 		{
    912 			/*
    913 			 * Just return what we got.
    914 			 */
    915 			return (int) nread;
    916 		}
    917 
    918 		bufp += nread;
    919 		remaining -= nread;
    920 
    921 		if (remaining == 0)
    922 			return (int) size;
    923 	}
    924 }
    925 
    926 /*
    927  * Receives a datagram from a socket.
    928  *
    929  * Returns the size of the datagram on success or -1 on error.
    930  */
    931 int sock_recv_dgram(SOCKET sock, void *buffer, size_t size,
    932     char *errbuf, int errbuflen)
    933 {
    934 	ssize_t nread;
    935 #ifndef _WIN32
    936 	struct msghdr message;
    937 	struct iovec iov;
    938 #endif
    939 
    940 	if (size == 0)
    941 	{
    942 		SOCK_DEBUG_MESSAGE("I have been requested to read zero bytes");
    943 		return 0;
    944 	}
    945 	if (size > INT_MAX)
    946 	{
    947 		if (errbuf)
    948 		{
    949 			pcap_snprintf(errbuf, errbuflen,
    950 			    "Can't read more than %u bytes with sock_recv_dgram",
    951 			    INT_MAX);
    952 		}
    953 		return -1;
    954 	}
    955 
    956 	/*
    957 	 * This should be a datagram socket, so we should get the
    958 	 * entire datagram in one recv() or recvmsg() call, and
    959 	 * don't need to loop.
    960 	 */
    961 #ifdef _WIN32
    962 	nread = recv(sock, buffer, size, 0);
    963 	if (nread == SOCKET_ERROR)
    964 	{
    965 		/*
    966 		 * To quote the MSDN documentation for recv(),
    967 		 * "If the datagram or message is larger than
    968 		 * the buffer specified, the buffer is filled
    969 		 * with the first part of the datagram, and recv
    970 		 * generates the error WSAEMSGSIZE. For unreliable
    971 		 * protocols (for example, UDP) the excess data is
    972 		 * lost..."
    973 		 *
    974 		 * So if the message is bigger than the buffer
    975 		 * supplied to us, the excess data is discarded,
    976 		 * and we'll report an error.
    977 		 */
    978 		sock_geterror("recv(): ", errbuf, errbuflen);
    979 		return -1;
    980 	}
    981 #else /* _WIN32 */
    982 	/*
    983 	 * The Single UNIX Specification says that a recv() on
    984 	 * a socket for a message-oriented protocol will discard
    985 	 * the excess data.  It does *not* indicate that the
    986 	 * receive will fail with, for example, EMSGSIZE.
    987 	 *
    988 	 * Therefore, we use recvmsg(), which appears to be
    989 	 * the only way to get a "message truncated" indication
    990 	 * when receiving a message for a message-oriented
    991 	 * protocol.
    992 	 */
    993 	message.msg_name = NULL;	/* we don't care who it's from */
    994 	message.msg_namelen = 0;
    995 	iov.iov_base = buffer;
    996 	iov.iov_len = size;
    997 	message.msg_iov = &iov;
    998 	message.msg_iovlen = 1;
    999 #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
   1000 	message.msg_control = NULL;	/* we don't care about control information */
   1001 	message.msg_controllen = 0;
   1002 #endif
   1003 #ifdef HAVE_STRUCT_MSGHDR_MSG_FLAGS
   1004 	message.msg_flags = 0;
   1005 #endif
   1006 	nread = recvmsg(sock, &message, 0);
   1007 	if (nread == -1)
   1008 	{
   1009 		if (errno == EINTR)
   1010 			return -3;
   1011 		sock_geterror("recv(): ", errbuf, errbuflen);
   1012 		return -1;
   1013 	}
   1014 #ifdef HAVE_STRUCT_MSGHDR_MSG_FLAGS
   1015 	/*
   1016 	 * XXX - Solaris supports this, but only if you ask for the
   1017 	 * X/Open version of recvmsg(); should we use that, or will
   1018 	 * that cause other problems?
   1019 	 */
   1020 	if (message.msg_flags & MSG_TRUNC)
   1021 	{
   1022 		/*
   1023 		 * Message was bigger than the specified buffer size.
   1024 		 *
   1025 		 * Report this as an error, as the Microsoft documentation
   1026 		 * implies we'd do in a similar case on Windows.
   1027 		 */
   1028 		pcap_snprintf(errbuf, errbuflen, "recv(): Message too long");
   1029 		return -1;
   1030 	}
   1031 #endif /* HAVE_STRUCT_MSGHDR_MSG_FLAGS */
   1032 #endif /* _WIN32 */
   1033 
   1034 	/*
   1035 	 * The size we're reading fits in an int, so the return value
   1036 	 * will fit in an int.
   1037 	 */
   1038 	return (int)nread;
   1039 }
   1040 
   1041 /*
   1042  * \brief It discards N bytes that are currently waiting to be read on the current socket.
   1043  *
   1044  * This function is useful in case we receive a message we cannot understand (e.g.
   1045  * wrong version number when receiving a network packet), so that we have to discard all
   1046  * data before reading a new message.
   1047  *
   1048  * This function will read 'size' bytes from the socket and discard them.
   1049  * It defines an internal buffer in which data will be copied; however, in case
   1050  * this buffer is not large enough, it will cycle in order to read everything as well.
   1051  *
   1052  * \param sock: the connected socket currently opened.
   1053  *
   1054  * \param size: number of bytes that have to be discarded.
   1055  *
   1056  * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
   1057  * error message. This buffer has to be at least 'errbuflen' in length.
   1058  * It can be NULL; in this case the error cannot be printed.
   1059  *
   1060  * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
   1061  * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
   1062  *
   1063  * \return '0' if everything is fine, '-1' if some errors occurred.
   1064  * The error message is returned in the 'errbuf' variable.
   1065  */
   1066 int sock_discard(SOCKET sock, int size, char *errbuf, int errbuflen)
   1067 {
   1068 #define TEMP_BUF_SIZE 32768
   1069 
   1070 	char buffer[TEMP_BUF_SIZE];		/* network buffer, to be used when the message is discarded */
   1071 
   1072 	/*
   1073 	 * A static allocation avoids the need of a 'malloc()' each time we want to discard a message
   1074 	 * Our feeling is that a buffer if 32KB is enough for most of the application;
   1075 	 * in case this is not enough, the "while" loop discards the message by calling the
   1076 	 * sockrecv() several times.
   1077 	 * We do not want to create a bigger variable because this causes the program to exit on
   1078 	 * some platforms (e.g. BSD)
   1079 	 */
   1080 	while (size > TEMP_BUF_SIZE)
   1081 	{
   1082 		if (sock_recv(sock, buffer, TEMP_BUF_SIZE, SOCK_RECEIVEALL_YES, errbuf, errbuflen) == -1)
   1083 			return -1;
   1084 
   1085 		size -= TEMP_BUF_SIZE;
   1086 	}
   1087 
   1088 	/*
   1089 	 * If there is still data to be discarded
   1090 	 * In this case, the data can fit into the temporary buffer
   1091 	 */
   1092 	if (size)
   1093 	{
   1094 		if (sock_recv(sock, buffer, size, SOCK_RECEIVEALL_YES, errbuf, errbuflen) == -1)
   1095 			return -1;
   1096 	}
   1097 
   1098 	SOCK_DEBUG_MESSAGE("I'm currently discarding data\n");
   1099 
   1100 	return 0;
   1101 }
   1102 
   1103 /*
   1104  * \brief Checks that one host (identified by the sockaddr_storage structure) belongs to an 'allowed list'.
   1105  *
   1106  * This function is useful after an accept() call in order to check if the connecting
   1107  * host is allowed to connect to me. To do that, we have a buffer that keeps the list of the
   1108  * allowed host; this function checks the sockaddr_storage structure of the connecting host
   1109  * against this host list, and it returns '0' is the host is included in this list.
   1110  *
   1111  * \param hostlist: pointer to a string that contains the list of the allowed host.
   1112  *
   1113  * \param sep: a string that keeps the separators used between the hosts (for example the
   1114  * space character) in the host list.
   1115  *
   1116  * \param from: a sockaddr_storage structure, as it is returned by the accept() call.
   1117  *
   1118  * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
   1119  * error message. This buffer has to be at least 'errbuflen' in length.
   1120  * It can be NULL; in this case the error cannot be printed.
   1121  *
   1122  * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
   1123  * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
   1124  *
   1125  * \return It returns:
   1126  * - '1' if the host list is empty
   1127  * - '0' if the host belongs to the host list (and therefore it is allowed to connect)
   1128  * - '-1' in case the host does not belong to the host list (and therefore it is not allowed to connect
   1129  * - '-2' in case or error. The error message is returned in the 'errbuf' variable.
   1130  */
   1131 int sock_check_hostlist(char *hostlist, const char *sep, struct sockaddr_storage *from, char *errbuf, int errbuflen)
   1132 {
   1133 	/* checks if the connecting host is among the ones allowed */
   1134 	if ((hostlist) && (hostlist[0]))
   1135 	{
   1136 		char *token;					/* temp, needed to separate items into the hostlist */
   1137 		struct addrinfo *addrinfo, *ai_next;
   1138 		char *temphostlist;
   1139 		char *lasts;
   1140 
   1141 		/*
   1142 		 * The problem is that strtok modifies the original variable by putting '0' at the end of each token
   1143 		 * So, we have to create a new temporary string in which the original content is kept
   1144 		 */
   1145 		temphostlist = strdup(hostlist);
   1146 		if (temphostlist == NULL)
   1147 		{
   1148 			sock_geterror("sock_check_hostlist(), malloc() failed", errbuf, errbuflen);
   1149 			return -2;
   1150 		}
   1151 
   1152 		token = pcap_strtok_r(temphostlist, sep, &lasts);
   1153 
   1154 		/* it avoids a warning in the compilation ('addrinfo used but not initialized') */
   1155 		addrinfo = NULL;
   1156 
   1157 		while (token != NULL)
   1158 		{
   1159 			struct addrinfo hints;
   1160 			int retval;
   1161 
   1162 			addrinfo = NULL;
   1163 			memset(&hints, 0, sizeof(struct addrinfo));
   1164 			hints.ai_family = PF_UNSPEC;
   1165 			hints.ai_socktype = SOCK_STREAM;
   1166 
   1167 			retval = getaddrinfo(token, "0", &hints, &addrinfo);
   1168 			if (retval != 0)
   1169 			{
   1170 				if (errbuf)
   1171 					pcap_snprintf(errbuf, errbuflen, "getaddrinfo() %s", gai_strerror(retval));
   1172 
   1173 				SOCK_DEBUG_MESSAGE(errbuf);
   1174 
   1175 				/* Get next token */
   1176 				token = pcap_strtok_r(NULL, sep, &lasts);
   1177 				continue;
   1178 			}
   1179 
   1180 			/* ai_next is required to preserve the content of addrinfo, in order to deallocate it properly */
   1181 			ai_next = addrinfo;
   1182 			while (ai_next)
   1183 			{
   1184 				if (sock_cmpaddr(from, (struct sockaddr_storage *) ai_next->ai_addr) == 0)
   1185 				{
   1186 					free(temphostlist);
   1187 					freeaddrinfo(addrinfo);
   1188 					return 0;
   1189 				}
   1190 
   1191 				/*
   1192 				 * If we are here, it means that the current address does not matches
   1193 				 * Let's try with the next one in the header chain
   1194 				 */
   1195 				ai_next = ai_next->ai_next;
   1196 			}
   1197 
   1198 			freeaddrinfo(addrinfo);
   1199 			addrinfo = NULL;
   1200 
   1201 			/* Get next token */
   1202 			token = pcap_strtok_r(NULL, sep, &lasts);
   1203 		}
   1204 
   1205 		if (addrinfo)
   1206 		{
   1207 			freeaddrinfo(addrinfo);
   1208 			addrinfo = NULL;
   1209 		}
   1210 
   1211 		if (errbuf)
   1212 			pcap_snprintf(errbuf, errbuflen, "The host is not in the allowed host list. Connection refused.");
   1213 
   1214 		free(temphostlist);
   1215 		return -1;
   1216 	}
   1217 
   1218 	/* No hostlist, so we have to return 'empty list' */
   1219 	return 1;
   1220 }
   1221 
   1222 /*
   1223  * \brief Compares two addresses contained into two sockaddr_storage structures.
   1224  *
   1225  * This function is useful to compare two addresses, given their internal representation,
   1226  * i.e. an sockaddr_storage structure.
   1227  *
   1228  * The two structures do not need to be sockaddr_storage; you can have both 'sockaddr_in' and
   1229  * sockaddr_in6, properly acsted in order to be compliant to the function interface.
   1230  *
   1231  * This function will return '0' if the two addresses matches, '-1' if not.
   1232  *
   1233  * \param first: a sockaddr_storage structure, (for example the one that is returned by an
   1234  * accept() call), containing the first address to compare.
   1235  *
   1236  * \param second: a sockaddr_storage structure containing the second address to compare.
   1237  *
   1238  * \return '0' if the addresses are equal, '-1' if they are different.
   1239  */
   1240 int sock_cmpaddr(struct sockaddr_storage *first, struct sockaddr_storage *second)
   1241 {
   1242 	if (first->ss_family == second->ss_family)
   1243 	{
   1244 		if (first->ss_family == AF_INET)
   1245 		{
   1246 			if (memcmp(&(((struct sockaddr_in *) first)->sin_addr),
   1247 				&(((struct sockaddr_in *) second)->sin_addr),
   1248 				sizeof(struct in_addr)) == 0)
   1249 				return 0;
   1250 		}
   1251 		else /* address family is AF_INET6 */
   1252 		{
   1253 			if (memcmp(&(((struct sockaddr_in6 *) first)->sin6_addr),
   1254 				&(((struct sockaddr_in6 *) second)->sin6_addr),
   1255 				sizeof(struct in6_addr)) == 0)
   1256 				return 0;
   1257 		}
   1258 	}
   1259 
   1260 	return -1;
   1261 }
   1262 
   1263 /*
   1264  * \brief It gets the address/port the system picked for this socket (on connected sockets).
   1265  *
   1266  * It is used to return the address and port the server picked for our socket on the local machine.
   1267  * It works only on:
   1268  * - connected sockets
   1269  * - server sockets
   1270  *
   1271  * On unconnected client sockets it does not work because the system dynamically chooses a port
   1272  * only when the socket calls a send() call.
   1273  *
   1274  * \param sock: the connected socket currently opened.
   1275  *
   1276  * \param address: it contains the address that will be returned by the function. This buffer
   1277  * must be properly allocated by the user. The address can be either literal or numeric depending
   1278  * on the value of 'Flags'.
   1279  *
   1280  * \param addrlen: the length of the 'address' buffer.
   1281  *
   1282  * \param port: it contains the port that will be returned by the function. This buffer
   1283  * must be properly allocated by the user.
   1284  *
   1285  * \param portlen: the length of the 'port' buffer.
   1286  *
   1287  * \param flags: a set of flags (the ones defined into the getnameinfo() standard socket function)
   1288  * that determine if the resulting address must be in numeric / literal form, and so on.
   1289  *
   1290  * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
   1291  * error message. This buffer has to be at least 'errbuflen' in length.
   1292  * It can be NULL; in this case the error cannot be printed.
   1293  *
   1294  * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
   1295  * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
   1296  *
   1297  * \return It returns '-1' if this function succeeds, '0' otherwise.
   1298  * The address and port corresponding are returned back in the buffers 'address' and 'port'.
   1299  * In any case, the returned strings are '0' terminated.
   1300  *
   1301  * \warning If the socket is using a connectionless protocol, the address may not be available
   1302  * until I/O occurs on the socket.
   1303  */
   1304 int sock_getmyinfo(SOCKET sock, char *address, int addrlen, char *port, int portlen, int flags, char *errbuf, int errbuflen)
   1305 {
   1306 	struct sockaddr_storage mysockaddr;
   1307 	socklen_t sockaddrlen;
   1308 
   1309 
   1310 	sockaddrlen = sizeof(struct sockaddr_storage);
   1311 
   1312 	if (getsockname(sock, (struct sockaddr *) &mysockaddr, &sockaddrlen) == -1)
   1313 	{
   1314 		sock_geterror("getsockname(): ", errbuf, errbuflen);
   1315 		return 0;
   1316 	}
   1317 
   1318 	/* Returns the numeric address of the host that triggered the error */
   1319 	return sock_getascii_addrport(&mysockaddr, address, addrlen, port, portlen, flags, errbuf, errbuflen);
   1320 }
   1321 
   1322 /*
   1323  * \brief It retrieves two strings containing the address and the port of a given 'sockaddr' variable.
   1324  *
   1325  * This function is basically an extended version of the inet_ntop(), which does not exist in
   1326  * Winsock because the same result can be obtained by using the getnameinfo().
   1327  * However, differently from inet_ntop(), this function is able to return also literal names
   1328  * (e.g. 'localhost') dependently from the 'Flags' parameter.
   1329  *
   1330  * The function accepts a sockaddr_storage variable (which can be returned by several functions
   1331  * like bind(), connect(), accept(), and more) and it transforms its content into a 'human'
   1332  * form. So, for instance, it is able to translate an hex address (stored in binary form) into
   1333  * a standard IPv6 address like "::1".
   1334  *
   1335  * The behavior of this function depends on the parameters we have in the 'Flags' variable, which
   1336  * are the ones allowed in the standard getnameinfo() socket function.
   1337  *
   1338  * \param sockaddr: a 'sockaddr_in' or 'sockaddr_in6' structure containing the address that
   1339  * need to be translated from network form into the presentation form. This structure must be
   1340  * zero-ed prior using it, and the address family field must be filled with the proper value.
   1341  * The user must cast any 'sockaddr_in' or 'sockaddr_in6' structures to 'sockaddr_storage' before
   1342  * calling this function.
   1343  *
   1344  * \param address: it contains the address that will be returned by the function. This buffer
   1345  * must be properly allocated by the user. The address can be either literal or numeric depending
   1346  * on the value of 'Flags'.
   1347  *
   1348  * \param addrlen: the length of the 'address' buffer.
   1349  *
   1350  * \param port: it contains the port that will be returned by the function. This buffer
   1351  * must be properly allocated by the user.
   1352  *
   1353  * \param portlen: the length of the 'port' buffer.
   1354  *
   1355  * \param flags: a set of flags (the ones defined into the getnameinfo() standard socket function)
   1356  * that determine if the resulting address must be in numeric / literal form, and so on.
   1357  *
   1358  * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
   1359  * error message. This buffer has to be at least 'errbuflen' in length.
   1360  * It can be NULL; in this case the error cannot be printed.
   1361  *
   1362  * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
   1363  * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
   1364  *
   1365  * \return It returns '-1' if this function succeeds, '0' otherwise.
   1366  * The address and port corresponding to the given SockAddr are returned back in the buffers 'address'
   1367  * and 'port'.
   1368  * In any case, the returned strings are '0' terminated.
   1369  */
   1370 int sock_getascii_addrport(const struct sockaddr_storage *sockaddr, char *address, int addrlen, char *port, int portlen, int flags, char *errbuf, int errbuflen)
   1371 {
   1372 	socklen_t sockaddrlen;
   1373 	int retval;					/* Variable that keeps the return value; */
   1374 
   1375 	retval = -1;
   1376 
   1377 #ifdef _WIN32
   1378 	if (sockaddr->ss_family == AF_INET)
   1379 		sockaddrlen = sizeof(struct sockaddr_in);
   1380 	else
   1381 		sockaddrlen = sizeof(struct sockaddr_in6);
   1382 #else
   1383 	sockaddrlen = sizeof(struct sockaddr_storage);
   1384 #endif
   1385 
   1386 	if ((flags & NI_NUMERICHOST) == 0)	/* Check that we want literal names */
   1387 	{
   1388 		if ((sockaddr->ss_family == AF_INET6) &&
   1389 			(memcmp(&((struct sockaddr_in6 *) sockaddr)->sin6_addr, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", sizeof(struct in6_addr)) == 0))
   1390 		{
   1391 			if (address)
   1392 				strlcpy(address, SOCKET_NAME_NULL_DAD, addrlen);
   1393 			return retval;
   1394 		}
   1395 	}
   1396 
   1397 	if (getnameinfo((struct sockaddr *) sockaddr, sockaddrlen, address, addrlen, port, portlen, flags) != 0)
   1398 	{
   1399 		/* If the user wants to receive an error message */
   1400 		if (errbuf)
   1401 		{
   1402 			sock_geterror("getnameinfo(): ", errbuf, errbuflen);
   1403 			errbuf[errbuflen - 1] = 0;
   1404 		}
   1405 
   1406 		if (address)
   1407 		{
   1408 			strlcpy(address, SOCKET_NO_NAME_AVAILABLE, addrlen);
   1409 			address[addrlen - 1] = 0;
   1410 		}
   1411 
   1412 		if (port)
   1413 		{
   1414 			strlcpy(port, SOCKET_NO_PORT_AVAILABLE, portlen);
   1415 			port[portlen - 1] = 0;
   1416 		}
   1417 
   1418 		retval = 0;
   1419 	}
   1420 
   1421 	return retval;
   1422 }
   1423 
   1424 /*
   1425  * \brief It translates an address from the 'presentation' form into the 'network' form.
   1426  *
   1427  * This function basically replaces inet_pton(), which does not exist in Winsock because
   1428  * the same result can be obtained by using the getaddrinfo().
   1429  * An additional advantage is that 'Address' can be both a numeric address (e.g. '127.0.0.1',
   1430  * like in inet_pton() ) and a literal name (e.g. 'localhost').
   1431  *
   1432  * This function does the reverse job of sock_getascii_addrport().
   1433  *
   1434  * \param address: a zero-terminated string which contains the name you have to
   1435  * translate. The name can be either literal (e.g. 'localhost') or numeric (e.g. '::1').
   1436  *
   1437  * \param sockaddr: a user-allocated sockaddr_storage structure which will contains the
   1438  * 'network' form of the requested address.
   1439  *
   1440  * \param addr_family: a constant which can assume the following values:
   1441  * - 'AF_INET' if we want to ping an IPv4 host
   1442  * - 'AF_INET6' if we want to ping an IPv6 host
   1443  * - 'AF_UNSPEC' if we do not have preferences about the protocol used to ping the host
   1444  *
   1445  * \param errbuf: a pointer to an user-allocated buffer that will contain the complete
   1446  * error message. This buffer has to be at least 'errbuflen' in length.
   1447  * It can be NULL; in this case the error cannot be printed.
   1448  *
   1449  * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
   1450  * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
   1451  *
   1452  * \return '-1' if the translation succeeded, '-2' if there was some non critical error, '0'
   1453  * otherwise. In case it fails, the content of the SockAddr variable remains unchanged.
   1454  * A 'non critical error' can occur in case the 'Address' is a literal name, which can be mapped
   1455  * to several network addresses (e.g. 'foo.bar.com' => '10.2.2.2' and '10.2.2.3'). In this case
   1456  * the content of the SockAddr parameter will be the address corresponding to the first mapping.
   1457  *
   1458  * \warning The sockaddr_storage structure MUST be allocated by the user.
   1459  */
   1460 int sock_present2network(const char *address, struct sockaddr_storage *sockaddr, int addr_family, char *errbuf, int errbuflen)
   1461 {
   1462 	int retval;
   1463 	struct addrinfo *addrinfo;
   1464 	struct addrinfo hints;
   1465 
   1466 	memset(&hints, 0, sizeof(hints));
   1467 
   1468 	hints.ai_family = addr_family;
   1469 
   1470 	if ((retval = sock_initaddress(address, "22222" /* fake port */, &hints, &addrinfo, errbuf, errbuflen)) == -1)
   1471 		return 0;
   1472 
   1473 	if (addrinfo->ai_family == PF_INET)
   1474 		memcpy(sockaddr, addrinfo->ai_addr, sizeof(struct sockaddr_in));
   1475 	else
   1476 		memcpy(sockaddr, addrinfo->ai_addr, sizeof(struct sockaddr_in6));
   1477 
   1478 	if (addrinfo->ai_next != NULL)
   1479 	{
   1480 		freeaddrinfo(addrinfo);
   1481 
   1482 		if (errbuf)
   1483 			pcap_snprintf(errbuf, errbuflen, "More than one socket requested; using the first one returned");
   1484 		return -2;
   1485 	}
   1486 
   1487 	freeaddrinfo(addrinfo);
   1488 	return -1;
   1489 }
   1490