From 55e8e09c4a87ecaf93f9d1ecd725ced346ef1bce Mon Sep 17 00:00:00 2001 From: Robert Swiecki Date: Sun, 11 Feb 2018 00:17:44 +0100 Subject: [PATCH] net: convert net::connToText to std::string --- net.cc | 49 +++++++++++++++++++++++++------------------------ net.h | 4 +++- nsjail.h | 2 +- subproc.cc | 26 +++++++++++--------------- 4 files changed, 40 insertions(+), 41 deletions(-) diff --git a/net.cc b/net.cc index bf26646..66ef6eb 100644 --- a/net.cc +++ b/net.cc @@ -39,6 +39,8 @@ #include #include +#include + #include "logs.h" #include "subproc.h" @@ -161,8 +163,7 @@ bool limitConns(nsjconf_t* nsjconf, int connsock) { } struct sockaddr_in6 addr; - char cs_addr[64]; - connToText(connsock, true /* remote */, cs_addr, sizeof(cs_addr), &addr); + auto connstr = connToText(connsock, true /* remote */, &addr); unsigned cnt = 0; for (const auto& pid : nsjconf->pids) { @@ -172,7 +173,7 @@ bool limitConns(nsjconf_t* nsjconf, int connsock) { } } if (cnt >= nsjconf->max_conns_per_ip) { - LOG_W("Rejecting connection from '%s', max_conns_per_ip limit reached: %u", cs_addr, + LOG_W("Rejecting connection from '%s', max_conns_per_ip limit reached: %u", connstr.c_str(), nsjconf->max_conns_per_ip); return false; } @@ -231,9 +232,8 @@ int getRecvSocket(const char* bindhost, int port) { return -1; } - char ss_addr[64]; - connToText(sockfd, false /* remote */, ss_addr, sizeof(ss_addr), NULL); - LOG_I("Listening on %s", ss_addr); + auto connstr = connToText(sockfd, false /* remote */, NULL); + LOG_I("Listening on %s", connstr.c_str()); return sockfd; } @@ -249,18 +249,18 @@ int acceptConn(int listenfd) { return -1; } - char cs_addr[64], ss_addr[64]; - connToText(connfd, true /* remote */, cs_addr, sizeof(cs_addr), NULL); - connToText(connfd, false /* remote */, ss_addr, sizeof(ss_addr), NULL); - LOG_I("New connection from: %s on: %s", cs_addr, ss_addr); + auto connremotestr = connToText(connfd, true /* remote */, NULL); + auto connlocalstr = connToText(connfd, false /* remote */, NULL); + LOG_I("New connection from: %s on: %s", connremotestr.c_str(), connlocalstr.c_str()); return connfd; } -void connToText(int fd, bool remote, char* buf, size_t s, struct sockaddr_in6* addr_or_null) { - if (isSocket(fd) == false) { - snprintf(buf, s, "[STANDALONE_MODE]"); - return; +const std::string connToText(int fd, bool remote, struct sockaddr_in6* addr_or_null) { + std::string res; + + if (!isSocket(fd)) { + return "[STANDALONE MODE]"; } struct sockaddr_in6 addr; @@ -268,14 +268,12 @@ void connToText(int fd, bool remote, char* buf, size_t s, struct sockaddr_in6* a if (remote) { if (getpeername(fd, (struct sockaddr*)&addr, &addrlen) == -1) { PLOG_W("getpeername(%d)", fd); - snprintf(buf, s, "[unknown]"); - return; + return "[unknown]"; } } else { if (getsockname(fd, (struct sockaddr*)&addr, &addrlen) == -1) { PLOG_W("getsockname(%d)", fd); - snprintf(buf, s, "[unknown]"); - return; + return "[unknown]"; } } @@ -283,14 +281,17 @@ void connToText(int fd, bool remote, char* buf, size_t s, struct sockaddr_in6* a memcpy(addr_or_null, &addr, sizeof(*addr_or_null)); } - char tmp[s]; - if (inet_ntop(AF_INET6, addr.sin6_addr.s6_addr, tmp, s) == NULL) { + char addrstr[128]; + if (!inet_ntop(AF_INET6, addr.sin6_addr.s6_addr, addrstr, sizeof(addrstr))) { PLOG_W("inet_ntop()"); - snprintf(buf, s, "[unknown]:%hu", ntohs(addr.sin6_port)); - return; + snprintf(addrstr, sizeof(addrstr), "[unknown](%s)", strerror(errno)); } - snprintf(buf, s, "[%s]:%hu", tmp, ntohs(addr.sin6_port)); - return; + + res.append("["); + res.append(addrstr); + res.append("]:"); + res.append(std::to_string(ntohs(addr.sin6_port))); + return res; } static bool ifaceUp(const char* ifacename) { diff --git a/net.h b/net.h index 56500b7..3056af1 100644 --- a/net.h +++ b/net.h @@ -25,6 +25,8 @@ #include #include +#include + #include "nsjail.h" namespace net { @@ -32,7 +34,7 @@ namespace net { bool limitConns(nsjconf_t* nsjconf, int connsock); int getRecvSocket(const char* bindhost, int port); int acceptConn(int listenfd); -void connToText(int fd, bool remote, char* buf, size_t s, struct sockaddr_in6* addr_or_null); +const std::string connToText(int fd, bool remote, struct sockaddr_in6* addr_or_null); bool initNsFromParent(nsjconf_t* nsjconf, int pid); bool initNsFromChild(nsjconf_t* nsjconf); diff --git a/nsjail.h b/nsjail.h index dee46ba..455b6d7 100644 --- a/nsjail.h +++ b/nsjail.h @@ -49,7 +49,7 @@ static const int nssigs[] = { struct pids_t { pid_t pid; time_t start; - char remote_txt[64]; + std::string remote_txt; struct sockaddr_in6 remote_addr; int pid_syscall_fd; }; diff --git a/subproc.cc b/subproc.cc index f07a003..d09d181 100644 --- a/subproc.cc +++ b/subproc.cc @@ -165,9 +165,8 @@ static int subprocNewProc(nsjconf_t* nsjconf, int fd_in, int fd_out, int fd_err, putenv(const_cast(env.c_str())); } - char cs_addr[64]; - net::connToText(fd_in, true /* remote */, cs_addr, sizeof(cs_addr), NULL); - LOG_I("Executing '%s' for '%s'", nsjconf->exec_file, cs_addr); + auto connstr = net::connToText(fd_in, /* remote= */ true, NULL); + LOG_I("Executing '%s' for '%s'", nsjconf->exec_file, connstr.c_str()); for (size_t i = 0; nsjconf->argv[i]; i++) { LOG_D(" Arg[%zu]: '%s'", i, nsjconf->argv[i]); @@ -196,11 +195,10 @@ static int subprocNewProc(nsjconf_t* nsjconf, int fd_in, int fd_out, int fd_err, static void addProc(nsjconf_t* nsjconf, pid_t pid, int sock) { pids_t p; + p.pid = pid; p.start = time(NULL); - - net::connToText( - sock, true /* remote */, p.remote_txt, sizeof(p.remote_txt), &p.remote_addr); + p.remote_txt = net::connToText(sock, /* remote= */ true, &p.remote_addr); char fname[PATH_MAX]; snprintf(fname, sizeof(fname), "/proc/%d/syscall", (int)pid); @@ -209,14 +207,14 @@ static void addProc(nsjconf_t* nsjconf, pid_t pid, int sock) { nsjconf->pids.push_back(p); LOG_D("Added pid '%d' with start time '%u' to the queue for IP: '%s'", p.pid, - (unsigned int)p.start, p.remote_txt); + (unsigned int)p.start, p.remote_txt.c_str()); } static void removeProc(nsjconf_t* nsjconf, pid_t pid) { for (auto p = nsjconf->pids.begin(); p != nsjconf->pids.end(); ++p) { if (p->pid == pid) { LOG_D("Removing pid '%d' from the queue (IP:'%s', start time:'%s')", p->pid, - p->remote_txt, util::timeToStr(p->start).c_str()); + p->remote_txt.c_str(), util::timeToStr(p->start).c_str()); close(p->pid_syscall_fd); nsjconf->pids.erase(p); return; @@ -236,7 +234,7 @@ void displayProc(nsjconf_t* nsjconf) { time_t diff = now - pid.start; time_t left = nsjconf->tlimit ? nsjconf->tlimit - diff : 0; LOG_I("PID: %d, Remote host: %s, Run time: %ld sec. (time left: %ld sec.)", pid.pid, - pid.remote_txt, (long)diff, (long)left); + pid.remote_txt.c_str(), (long)diff, (long)left); } } @@ -308,7 +306,7 @@ int reapProc(nsjconf_t* nsjconf) { if (wait4(si.si_pid, &status, WNOHANG, NULL) == si.si_pid) { cgroup::finishFromParent(nsjconf, si.si_pid); - const char* remote_txt = "[UNKNOWN]"; + std::string remote_txt = "[UNKNOWN]"; const pids_t* elem = getPidElem(nsjconf, si.si_pid); if (elem) { remote_txt = elem->remote_txt; @@ -316,7 +314,7 @@ int reapProc(nsjconf_t* nsjconf) { if (WIFEXITED(status)) { LOG_I("PID: %d (%s) exited with status: %d, (PIDs left: %d)", - si.si_pid, remote_txt, WEXITSTATUS(status), + si.si_pid, remote_txt.c_str(), WEXITSTATUS(status), countProc(nsjconf) - 1); removeProc(nsjconf, si.si_pid); rv = WEXITSTATUS(status) % 100; @@ -327,7 +325,7 @@ int reapProc(nsjconf_t* nsjconf) { if (WIFSIGNALED(status)) { LOG_I( "PID: %d (%s) terminated with signal: %s (%d), (PIDs left: %d)", - si.si_pid, remote_txt, util::sigName(WTERMSIG(status)).c_str(), + si.si_pid, remote_txt.c_str(), util::sigName(WTERMSIG(status)).c_str(), WTERMSIG(status), countProc(nsjconf) - 1); removeProc(nsjconf, si.si_pid); rv = 100 + WTERMSIG(status); @@ -344,7 +342,7 @@ int reapProc(nsjconf_t* nsjconf) { time_t diff = now - p.start; if (diff >= nsjconf->tlimit) { LOG_I("PID: %d run time >= time limit (%ld >= %ld) (%s). Killing it", pid, - (long)diff, (long)nsjconf->tlimit, p.remote_txt); + (long)diff, (long)nsjconf->tlimit, p.remote_txt.c_str()); /* * Probably a kernel bug - some processes cannot be killed with KILL if * they're namespaced, and in a stopped state @@ -447,8 +445,6 @@ void runChild(nsjconf_t* nsjconf, int fd_in, int fd_out, int fd_err) { } close(parent_fd); - char cs_addr[64]; - net::connToText(fd_in, true /* remote */, cs_addr, sizeof(cs_addr), NULL); } /*