From 510e4e18d1ce46d8a1ae2ed5eff54304598c1529 Mon Sep 17 00:00:00 2001
From: "C. McEnroe" <june@causal.agency>
Date: Sun, 10 Nov 2019 15:09:32 -0500
Subject: Rename listen to local

---
 Makefile |   2 +-
 README.7 |  16 ++---
 bounce.c |  10 +--
 bounce.h |   8 +--
 listen.c | 208 ---------------------------------------------------------------
 local.c  | 208 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 6 files changed, 226 insertions(+), 226 deletions(-)
 delete mode 100644 listen.c
 create mode 100644 local.c

diff --git a/Makefile b/Makefile
index 4c7b47d..73d25c6 100644
--- a/Makefile
+++ b/Makefile
@@ -18,7 +18,7 @@ DIRS = ${ETCDIR}/pounce /var/run/calico
 OBJS += bounce.o
 OBJS += client.o
 OBJS += config.o
-OBJS += listen.o
+OBJS += local.o
 OBJS += ring.o
 OBJS += server.o
 OBJS += state.o
diff --git a/README.7 b/README.7
index ac3023e..369f78f 100644
--- a/README.7
+++ b/README.7
@@ -1,4 +1,4 @@
-.Dd November 6, 2019
+.Dd November 10, 2019
 .Dt README 7
 .Os "Causal Agency"
 .
@@ -52,15 +52,15 @@ rather than being limited to messages.
 .Sh FILES
 .Bl -tag -width "dispatch.c" -compact
 .It Pa bounce.h
-common declarations and general functions
+declarations and common functions
 .It Pa bounce.c
-command line parsing and event loop
-.It Pa listen.c
-local server functions
+configuration and event loop
+.It Pa local.c
+local server binding
 .It Pa server.c
-remote server functions
+remote server connection
 .It Pa client.c
-remote client functions
+remote client connections
 .It Pa state.c
 state shared between clients
 .It Pa ring.c
@@ -69,7 +69,7 @@ buffer between server and clients
 .Xr getopt_long 3 Ns -integrated
 configuration parsing
 .It Pa dispatch.c
-SNI socket dispatcher
+SNI socket dispatch
 .It Pa compat.h
 compatibility with lesser operating systems
 .It Pa rc.d/
diff --git a/bounce.c b/bounce.c
index bc97cf3..1587d81 100644
--- a/bounce.c
+++ b/bounce.c
@@ -333,14 +333,14 @@ int main(int argc, char *argv[]) {
 	struct SplitPath privSplit = splitPath(privPath);
 	FILE *cert = splitOpen(certSplit);
 	FILE *priv = splitOpen(privSplit);
-	listenConfig(cert, priv);
+	localConfig(cert, priv);
 	fclose(cert);
 	fclose(priv);
 
 	int bind[8];
 	size_t binds = bindPath[0]
-		? listenUnix(bind, ARRAY_LEN(bind), bindPath)
-		: listenBind(bind, ARRAY_LEN(bind), bindHost, bindPort);
+		? localUnix(bind, ARRAY_LEN(bind), bindPath)
+		: localBind(bind, ARRAY_LEN(bind), bindHost, bindPort);
 
 	serverConfig(insecure, clientCert, clientPriv);
 	int server = serverConnect(host, port);
@@ -399,7 +399,7 @@ int main(int argc, char *argv[]) {
 		if (signals[SIGUSR1]) {
 			cert = splitOpen(certSplit);
 			priv = splitOpen(privSplit);
-			listenConfig(cert, priv);
+			localConfig(cert, priv);
 			fclose(cert);
 			fclose(priv);
 			signals[SIGUSR1] = 0;
@@ -417,7 +417,7 @@ int main(int argc, char *argv[]) {
 
 			if (!event.clients[i]) {
 				int fd;
-				struct tls *tls = listenAccept(&fd, event.fds[i].fd);
+				struct tls *tls = localAccept(&fd, event.fds[i].fd);
 				int error = tls_handshake(tls);
 				if (error) {
 					warnx("tls_handshake: %s", tls_error(tls));
diff --git a/bounce.h b/bounce.h
index 518360e..e304055 100644
--- a/bounce.h
+++ b/bounce.h
@@ -118,10 +118,10 @@ void ringInfo(void);
 int ringSave(FILE *file);
 void ringLoad(FILE *file);
 
-void listenConfig(FILE *cert, FILE *priv);
-size_t listenBind(int fds[], size_t cap, const char *host, const char *port);
-size_t listenUnix(int fds[], size_t cap, const char *path);
-struct tls *listenAccept(int *fd, int bind);
+void localConfig(FILE *cert, FILE *priv);
+size_t localBind(int fds[], size_t cap, const char *host, const char *port);
+size_t localUnix(int fds[], size_t cap, const char *path);
+struct tls *localAccept(int *fd, int bind);
 
 void serverConfig(bool insecure, const char *cert, const char *priv);
 int serverConnect(const char *host, const char *port);
diff --git a/listen.c b/listen.c
deleted file mode 100644
index 727a1e1..0000000
--- a/listen.c
+++ /dev/null
@@ -1,208 +0,0 @@
-/* Copyright (C) 2019  C. McEnroe <june@causal.agency>
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <https://www.gnu.org/licenses/>.
- */
-
-#include <err.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <limits.h>
-#include <netdb.h>
-#include <netinet/in.h>
-#include <stdbool.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/socket.h>
-#include <sys/stat.h>
-#include <sys/un.h>
-#include <sysexits.h>
-#include <tls.h>
-#include <unistd.h>
-
-#ifdef __FreeBSD__
-#include <sys/capsicum.h>
-#endif
-
-#include "bounce.h"
-
-static struct tls *server;
-
-static byte *readFile(size_t *len, FILE *file) {
-	struct stat stat;
-	int error = fstat(fileno(file), &stat);
-	if (error) err(EX_IOERR, "fstat");
-
-	byte *buf = malloc(stat.st_size);
-	if (!buf) err(EX_OSERR, "malloc");
-
-	*len = fread(buf, 1, stat.st_size, file);
-	if (ferror(file)) err(EX_IOERR, "fread");
-
-	return buf;
-}
-
-void listenConfig(FILE *cert, FILE *priv) {
-	tls_free(server);
-	server = tls_server();
-	if (!server) errx(EX_SOFTWARE, "tls_server");
-
-	struct tls_config *config = tls_config_new();
-	if (!config) errx(EX_SOFTWARE, "tls_config_new");
-
-	size_t len;
-	byte *buf = readFile(&len, cert);
-	int error = tls_config_set_cert_mem(config, buf, len);
-	if (error) {
-		errx(EX_CONFIG, "tls_config_set_cert_mem: %s", tls_config_error(config));
-	}
-	free(buf);
-
-	buf = readFile(&len, priv);
-	error = tls_config_set_key_mem(config, buf, len);
-	if (error) {
-		errx(EX_CONFIG, "tls_config_set_key_mem: %s", tls_config_error(config));
-	}
-	free(buf);
-
-	error = tls_configure(server, config);
-	if (error) errx(EX_SOFTWARE, "tls_configure: %s", tls_error(server));
-	tls_config_free(config);
-}
-
-size_t listenBind(int fds[], size_t cap, const char *host, const char *port) {
-	struct addrinfo *head;
-	struct addrinfo hints = {
-		.ai_family = AF_UNSPEC,
-		.ai_socktype = SOCK_STREAM,
-		.ai_protocol = IPPROTO_TCP,
-	};
-	int error = getaddrinfo(host, port, &hints, &head);
-	if (error) errx(EX_NOHOST, "%s:%s: %s", host, port, gai_strerror(error));
-
-	size_t len = 0;
-	for (struct addrinfo *ai = head; ai && len < cap; ai = ai->ai_next) {
-		fds[len] = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
-		if (fds[len] < 0) err(EX_OSERR, "socket");
-
-		int yes = 1;
-		error = setsockopt(fds[len], SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(yes));
-		if (error) err(EX_OSERR, "setsockopt");
-
-		error = bind(fds[len], ai->ai_addr, ai->ai_addrlen);
-		if (error) {
-			warn("%s:%s", host, port);
-			close(fds[len]);
-			continue;
-		}
-
-		len++;
-	}
-	freeaddrinfo(head);
-
-	if (!len) errx(EX_UNAVAILABLE, "could not bind any sockets");
-	return len;
-}
-
-static bool unix;
-static int unixDir = -1;
-static char unixFile[PATH_MAX];
-
-static void unixUnlink(void) {
-	int error = unlinkat(unixDir, unixFile, 0);
-	if (error) warn("unlinkat");
-}
-
-size_t listenUnix(int fds[], size_t cap, const char *path) {
-	if (!cap) return 0;
-
-	int sock = socket(PF_UNIX, SOCK_STREAM, 0);
-	if (sock < 0) err(EX_OSERR, "socket");
-
-	struct sockaddr_un addr = { .sun_family = AF_UNIX };
-	if (strlen(path) > sizeof(addr.sun_path)) {
-		errx(EX_CONFIG, "path too long: %s", path);
-	}
-	strncpy(addr.sun_path, path, sizeof(addr.sun_path));
-
-	int error = bind(sock, (struct sockaddr *)&addr, SUN_LEN(&addr));
-	if (error) err(EX_UNAVAILABLE, "%s", path);
-
-	char dir[PATH_MAX] = ".";
-	const char *base = strrchr(path, '/');
-	if (base) {
-		snprintf(dir, sizeof(dir), "%.*s", (int)(base - path), path);
-		base++;
-	} else {
-		base = path;
-	}
-	snprintf(unixFile, sizeof(unixFile), "%s", base);
-
-	unixDir = open(dir, O_DIRECTORY);
-	if (unixDir < 0) err(EX_UNAVAILABLE, "%s", dir);
-	atexit(unixUnlink);
-
-#ifdef __FreeBSD__
-	cap_rights_t rights;
-	error = cap_rights_limit(unixDir, cap_rights_init(&rights, CAP_UNLINKAT));
-	if (error) err(EX_OSERR, "cap_rights_limit");
-#endif
-
-	unix = true;
-	fds[0] = sock;
-	return 1;
-}
-
-static int recvfd(int sock) {
-	size_t len = CMSG_SPACE(sizeof(int));
-	char buf[len];
-
-	char x;
-	struct iovec iov = { .iov_base = &x, .iov_len = 1 };
-	struct msghdr msg = {
-		.msg_iov = &iov,
-		.msg_iovlen = 1,
-		.msg_control = buf,
-		.msg_controllen = len,
-	};
-	if (0 > recvmsg(sock, &msg, 0)) return -1;
-
-	struct cmsghdr *cmsg = CMSG_FIRSTHDR(&msg);
-	if (!cmsg || cmsg->cmsg_type != SCM_RIGHTS) {
-		errno = ENOMSG;
-		return -1;
-	}
-	return *(int *)CMSG_DATA(cmsg);
-}
-
-struct tls *listenAccept(int *fd, int bind) {
-	*fd = accept(bind, NULL, NULL);
-	if (*fd < 0) err(EX_IOERR, "accept");
-
-	if (unix) {
-		int sent = recvfd(*fd);
-		if (sent < 0) err(EX_IOERR, "recvfd");
-		close(*fd);
-		*fd = sent;
-	}
-
-	int yes = 1;
-	int error = setsockopt(*fd, SOL_SOCKET, SO_NOSIGPIPE, &yes, sizeof(yes));
-	if (error) err(EX_OSERR, "setsockopt");
-
-	struct tls *client;
-	error = tls_accept_socket(server, &client, *fd);
-	if (error) errx(EX_SOFTWARE, "tls_accept_socket: %s", tls_error(server));
-	return client;
-}
diff --git a/local.c b/local.c
new file mode 100644
index 0000000..eccd2e6
--- /dev/null
+++ b/local.c
@@ -0,0 +1,208 @@
+/* Copyright (C) 2019  C. McEnroe <june@causal.agency>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include <err.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <netdb.h>
+#include <netinet/in.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <sys/stat.h>
+#include <sys/un.h>
+#include <sysexits.h>
+#include <tls.h>
+#include <unistd.h>
+
+#ifdef __FreeBSD__
+#include <sys/capsicum.h>
+#endif
+
+#include "bounce.h"
+
+static struct tls *server;
+
+static byte *readFile(size_t *len, FILE *file) {
+	struct stat stat;
+	int error = fstat(fileno(file), &stat);
+	if (error) err(EX_IOERR, "fstat");
+
+	byte *buf = malloc(stat.st_size);
+	if (!buf) err(EX_OSERR, "malloc");
+
+	*len = fread(buf, 1, stat.st_size, file);
+	if (ferror(file)) err(EX_IOERR, "fread");
+
+	return buf;
+}
+
+void localConfig(FILE *cert, FILE *priv) {
+	tls_free(server);
+	server = tls_server();
+	if (!server) errx(EX_SOFTWARE, "tls_server");
+
+	struct tls_config *config = tls_config_new();
+	if (!config) errx(EX_SOFTWARE, "tls_config_new");
+
+	size_t len;
+	byte *buf = readFile(&len, cert);
+	int error = tls_config_set_cert_mem(config, buf, len);
+	if (error) {
+		errx(EX_CONFIG, "tls_config_set_cert_mem: %s", tls_config_error(config));
+	}
+	free(buf);
+
+	buf = readFile(&len, priv);
+	error = tls_config_set_key_mem(config, buf, len);
+	if (error) {
+		errx(EX_CONFIG, "tls_config_set_key_mem: %s", tls_config_error(config));
+	}
+	free(buf);
+
+	error = tls_configure(server, config);
+	if (error) errx(EX_SOFTWARE, "tls_configure: %s", tls_error(server));
+	tls_config_free(config);
+}
+
+size_t localBind(int fds[], size_t cap, const char *host, const char *port) {
+	struct addrinfo *head;
+	struct addrinfo hints = {
+		.ai_family = AF_UNSPEC,
+		.ai_socktype = SOCK_STREAM,
+		.ai_protocol = IPPROTO_TCP,
+	};
+	int error = getaddrinfo(host, port, &hints, &head);
+	if (error) errx(EX_NOHOST, "%s:%s: %s", host, port, gai_strerror(error));
+
+	size_t len = 0;
+	for (struct addrinfo *ai = head; ai && len < cap; ai = ai->ai_next) {
+		fds[len] = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
+		if (fds[len] < 0) err(EX_OSERR, "socket");
+
+		int yes = 1;
+		error = setsockopt(fds[len], SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(yes));
+		if (error) err(EX_OSERR, "setsockopt");
+
+		error = bind(fds[len], ai->ai_addr, ai->ai_addrlen);
+		if (error) {
+			warn("%s:%s", host, port);
+			close(fds[len]);
+			continue;
+		}
+
+		len++;
+	}
+	freeaddrinfo(head);
+
+	if (!len) errx(EX_UNAVAILABLE, "could not bind any sockets");
+	return len;
+}
+
+static bool unix;
+static int unixDir = -1;
+static char unixFile[PATH_MAX];
+
+static void unixUnlink(void) {
+	int error = unlinkat(unixDir, unixFile, 0);
+	if (error) warn("unlinkat");
+}
+
+size_t localUnix(int fds[], size_t cap, const char *path) {
+	if (!cap) return 0;
+
+	int sock = socket(PF_UNIX, SOCK_STREAM, 0);
+	if (sock < 0) err(EX_OSERR, "socket");
+
+	struct sockaddr_un addr = { .sun_family = AF_UNIX };
+	if (strlen(path) > sizeof(addr.sun_path)) {
+		errx(EX_CONFIG, "path too long: %s", path);
+	}
+	strncpy(addr.sun_path, path, sizeof(addr.sun_path));
+
+	int error = bind(sock, (struct sockaddr *)&addr, SUN_LEN(&addr));
+	if (error) err(EX_UNAVAILABLE, "%s", path);
+
+	char dir[PATH_MAX] = ".";
+	const char *base = strrchr(path, '/');
+	if (base) {
+		snprintf(dir, sizeof(dir), "%.*s", (int)(base - path), path);
+		base++;
+	} else {
+		base = path;
+	}
+	snprintf(unixFile, sizeof(unixFile), "%s", base);
+
+	unixDir = open(dir, O_DIRECTORY);
+	if (unixDir < 0) err(EX_UNAVAILABLE, "%s", dir);
+	atexit(unixUnlink);
+
+#ifdef __FreeBSD__
+	cap_rights_t rights;
+	error = cap_rights_limit(unixDir, cap_rights_init(&rights, CAP_UNLINKAT));
+	if (error) err(EX_OSERR, "cap_rights_limit");
+#endif
+
+	unix = true;
+	fds[0] = sock;
+	return 1;
+}
+
+static int recvfd(int sock) {
+	size_t len = CMSG_SPACE(sizeof(int));
+	char buf[len];
+
+	char x;
+	struct iovec iov = { .iov_base = &x, .iov_len = 1 };
+	struct msghdr msg = {
+		.msg_iov = &iov,
+		.msg_iovlen = 1,
+		.msg_control = buf,
+		.msg_controllen = len,
+	};
+	if (0 > recvmsg(sock, &msg, 0)) return -1;
+
+	struct cmsghdr *cmsg = CMSG_FIRSTHDR(&msg);
+	if (!cmsg || cmsg->cmsg_type != SCM_RIGHTS) {
+		errno = ENOMSG;
+		return -1;
+	}
+	return *(int *)CMSG_DATA(cmsg);
+}
+
+struct tls *localAccept(int *fd, int bind) {
+	*fd = accept(bind, NULL, NULL);
+	if (*fd < 0) err(EX_IOERR, "accept");
+
+	if (unix) {
+		int sent = recvfd(*fd);
+		if (sent < 0) err(EX_IOERR, "recvfd");
+		close(*fd);
+		*fd = sent;
+	}
+
+	int yes = 1;
+	int error = setsockopt(*fd, SOL_SOCKET, SO_NOSIGPIPE, &yes, sizeof(yes));
+	if (error) err(EX_OSERR, "setsockopt");
+
+	struct tls *client;
+	error = tls_accept_socket(server, &client, *fd);
+	if (error) errx(EX_SOFTWARE, "tls_accept_socket: %s", tls_error(server));
+	return client;
+}
-- 
cgit 1.4.1