Changeset 1345
- Timestamp:
- 08/03/07 18:20:39 (1 year ago)
- Files:
-
- honeytrap/trunk/src/ctrl.c (modified) (4 diffs)
- honeytrap/trunk/src/ctrl.h (modified) (2 diffs)
- honeytrap/trunk/src/dynsrv.c (modified) (5 diffs)
- honeytrap/trunk/src/modules/htm_ftpDownload.c (modified) (6 diffs)
- honeytrap/trunk/src/modules/htm_tftpDownload.c (modified) (10 diffs)
- honeytrap/trunk/src/modules/htm_tftpDownload.h (modified) (1 diff)
- honeytrap/trunk/src/proxy.c (modified) (1 diff)
- honeytrap/trunk/src/signals.c (modified) (7 diffs)
- honeytrap/trunk/src/signals.h (modified) (1 diff)
- honeytrap/trunk/src/sock.c (modified) (2 diffs)
- honeytrap/trunk/src/util.c (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
honeytrap/trunk/src/ctrl.c
r1293 r1345 20 20 #include <sys/stat.h> 21 21 22 #include "ctrl.h" 22 23 #include "honeytrap.h" 24 #include "logging.h" 23 25 #include "pcapmon.h" 24 #include "logging.h"25 #include "ctrl.h"26 26 #include "plugin.h" 27 27 #include "response.h" … … 113 113 114 114 /* become session leader and loose controlling TTY */ 115 if ((pid = fork()) < 0) {115 if ((pid = myfork()) < 0) { 116 116 fprintf(stderr, " Error - Unable to daemonize: %s\n", strerror(errno)); 117 117 exit(EXIT_FAILURE); … … 121 121 122 122 /* fork again, future opens must not allocate controlling TTYs */ 123 if ((pid = fork()) < 0) {123 if ((pid = myfork()) < 0) { 124 124 fprintf(stderr, " Error - Unable to daemonize: %s\n", strerror(errno)); 125 125 exit(EXIT_FAILURE); … … 190 190 return(1); 191 191 } 192 193 194 pid_t myfork(void) { 195 pid_t pid; 196 197 /* reopen signal pipe in child process */ 198 if ((pid = fork()) == 0) create_sigpipe(); 199 return(pid); 200 } honeytrap/trunk/src/ctrl.h
r1081 r1345 1 1 /* ctrl.h 2 * Copyright (C) 2006 Tillmann Werner <tillmann.werner@gmx.de>2 * Copyright (C) 2006-2007 Tillmann Werner <tillmann.werner@gmx.de> 3 3 * 4 4 * This file is free software; as a special exception the author gives … … 18 18 int do_daemonize(void); 19 19 int create_pid_file(void); 20 pid_t myfork(void); 20 21 21 22 #endif honeytrap/trunk/src/dynsrv.c
r1334 r1345 95 95 96 96 /* fork server process */ 97 if ((pid = fork()) == 0) {97 if ((pid = myfork()) == 0) { 98 98 /* use this port string as log prefix */ 99 99 memset(portstr, 0, 16); … … 194 194 exit(EXIT_SUCCESS); 195 195 default: 196 if (FD_ISSET(sigpipe[0], &rfds) && (check_sigpipe() == -1)) { 197 logmsg(LOG_ERR, 1, "Error - Signal handling failed in dynamic server process.\n"); 198 exit(EXIT_FAILURE); 199 } 196 if (FD_ISSET(sigpipe[0], &rfds) && (check_sigpipe() == -1)) exit(EXIT_FAILURE); 200 197 if (FD_ISSET(listen_fd, &rfds)) { 201 198 logmsg(LOG_NOISY, 1, … … 359 356 360 357 /* fork connection handler */ 361 if ((pid = fork()) == 0) {358 if ((pid = myfork()) == 0) { 362 359 /* close listening socket in child */ 363 360 close(listen_fd); … … 469 466 } 470 467 } 468 break; 471 469 default: 472 if (FD_ISSET(sigpipe[0], &rfds) && (check_sigpipe() == -1)) 473 exit(EXIT_FAILURE); 470 if (FD_ISSET(sigpipe[0], &rfds) && (check_sigpipe() == -1)) exit(EXIT_FAILURE); 474 471 if (FD_ISSET(connection_fd, &rfds)) { 475 472 /* handle data on server connection */ … … 576 573 (attack_string, total_bytes, server_string, total_from_server, dport, attack)); 577 574 default: 578 if (FD_ISSET(sigpipe[0], &rfds) && (check_sigpipe() == -1)) 579 exit(EXIT_FAILURE); 575 if (FD_ISSET(sigpipe[0], &rfds) && (check_sigpipe() == -1)) exit(EXIT_FAILURE); 580 576 if (FD_ISSET(server_sock_fd, &rfds)) { 581 577 /* read data and proxy it to client connection */ honeytrap/trunk/src/modules/htm_ftpDownload.c
r1334 r1345 32 32 #include <md5.h> 33 33 #include <plughook.h> 34 #include <signals.h> 34 35 #include <sock.h> 35 36 #include <tcpip.h> … … 39 40 40 41 const char module_name[]="ftpDownload"; 41 const char module_version[]="0.5. 2";42 const char module_version[]="0.5.3"; 42 43 43 44 char *ftp_host = NULL; … … 161 162 inet_ntoa(*(struct in_addr*)host->h_addr_list[0])); 162 163 163 if (! valid_ipaddr((uint32_t) *(host->h_addr_list[0]))) {164 if (!replace_private_ips && !valid_ipaddr((uint32_t) *(host->h_addr_list[0]))) { 164 165 logmsg(LOG_INFO, 1, "FTP download error - %s is not a valid ip address.\n", 165 166 inet_ntoa(*(struct in_addr*)host->h_addr_list[0])); … … 336 337 337 338 /* replace private ip? */ 338 if (replace_private_ips && private_ipaddr(rhost->s_addr)) {339 logmsg(LOG_NOISY, 1, "FTP download - Replacing private server address with attacking IP address.\n");339 if (replace_private_ips && (private_ipaddr(rhost->s_addr) || !(valid_ipaddr(rhost->s_addr)))) { 340 logmsg(LOG_NOISY, 1, "FTP download - Replacing private/invalid server address with attacking IP address.\n"); 340 341 rhost = (struct in_addr *) &attack->a_conn.r_addr; 341 342 } … … 610 611 timeout); 611 612 FD_ZERO(&rfds); 613 FD_SET(sigpipe[0], &rfds); 612 614 FD_SET(data_sock_listen_fd, &rfds); 613 s elect_return = select(data_sock_listen_fd + 1, &rfds, NULL, NULL, &r_timeout);614 if (select_return < 0) {615 switch (select_return = select(MAX(sigpipe[0], data_sock_fd) + 1, &rfds, NULL, NULL, &r_timeout)) { 616 case -1: 615 617 if (errno != EINTR) { 616 618 logmsg(LOG_ERR, 1, "FTP download error - Select on FTP data channel failed: %s.\n", strerror(errno)); … … 618 620 return(-1); 619 621 } 620 } else if (select_return == 0) {622 case 0: 621 623 logmsg(LOG_WARN, 1, "FTP download - Transfer timeout, no incoming data connection for %d seconds.\n", 622 624 timeout); 623 625 ftp_quit(control_sock_fd, data_sock_fd); 624 626 return(-1); 625 } else if (FD_ISSET(data_sock_listen_fd, &rfds)) { 626 if ((data_sock_fd = accept(data_sock_listen_fd, (struct sockaddr *) &remote_data_socket, (u_int *) &addr_len)) < 0) { 627 logmsg(LOG_ERR, 1, "FTP download error - Unable to accept FTP data connection: %s\n", 628 strerror(errno)); 629 ftp_quit(control_sock_fd, data_sock_fd); 630 return(-1); 631 } else logmsg(LOG_DEBUG, 1, "FTP download - Incoming data connection from %s:%u.\n", 632 inet_ntoa(control_socket.sin_addr), ntohs(remote_data_socket.sin_port)); 633 close(data_sock_listen_fd); 634 } else logmsg(LOG_DEBUG, 1, "FTP download - Select on FTP data channel returned but socket is not set.\n"); 627 default: 628 if (FD_ISSET(sigpipe[0], &rfds) && (check_sigpipe() == -1)) exit(EXIT_FAILURE); 629 if (FD_ISSET(data_sock_listen_fd, &rfds)) { 630 if ((data_sock_fd = accept(data_sock_listen_fd, (struct sockaddr *) &remote_data_socket, (u_int *) &addr_len)) < 0) { 631 logmsg(LOG_ERR, 1, "FTP download error - Unable to accept FTP data connection: %s\n", 632 strerror(errno)); 633 ftp_quit(control_sock_fd, data_sock_fd); 634 return(-1); 635 } else logmsg(LOG_DEBUG, 1, "FTP download - Incoming data connection from %s:%u.\n", 636 inet_ntoa(control_socket.sin_addr), ntohs(remote_data_socket.sin_port)); 637 close(data_sock_listen_fd); 638 } else logmsg(LOG_DEBUG, 1, "FTP download - Select on FTP data channel returned but socket is not set.\n"); 639 } 635 640 636 641 /* retrieve file, read timeout is 5 seconds */ 637 642 logmsg(LOG_DEBUG, 1, "FTP download - Waiting for data on FTP data channel, timeout is 10 seconds.\n"); 638 643 FD_ZERO(&rfds); 644 FD_SET(sigpipe[0], &rfds); 639 645 FD_SET(data_sock_fd, &rfds); 640 646 r_timeout.tv_sec = 10; 641 647 r_timeout.tv_usec = 0; 642 select_return = select( data_sock_fd+ 1, &rfds, NULL, NULL, &r_timeout);648 select_return = select(MAX(sigpipe[0], data_sock_fd) + 1, &rfds, NULL, NULL, &r_timeout); 643 649 if (select_return < 0) { 644 650 if (errno != EINTR) { honeytrap/trunk/src/modules/htm_tftpDownload.c
r1286 r1345 30 30 #include <logging.h> 31 31 #include <plughook.h> 32 #include <signals.h> 32 33 #include <util.h> 33 34 #include <md5.h> … … 39 40 40 41 const char module_name[]="tftpDownload"; 41 const char module_version[]="0.4 ";42 const char module_version[]="0.4.1"; 42 43 43 44 … … 112 113 inet_ntoa(*(struct in_addr*)host->h_addr_list[0])); 113 114 114 if (! valid_ipaddr((uint32_t) *(host->h_addr_list[0]))) {115 if (!replace_private_ips && !valid_ipaddr((uint32_t) *(host->h_addr_list[0]))) { 115 116 logmsg(LOG_INFO, 1, "TFTP download error - %s is not a valid ip address.\n", 116 117 inet_ntoa(*(struct in_addr*)host->h_addr_list[0])); … … 147 148 148 149 149 int tftp_quit(int data_sock_fd , int dumpfile_fd) {150 int tftp_quit(int data_sock_fd) { 150 151 if (data_sock_fd) close(data_sock_fd); 151 if (dumpfile_fd) close(dumpfile_fd);152 152 return(0); 153 153 } … … 156 156 int get_tftp_resource(struct in_addr* host, const char *save_file, Attack *attack) { 157 157 struct sockaddr_in data_socket, from; 158 int data_sock_fd, dumpfile_fd, 159 fromlen, select_return, bytes_sent, 158 int data_sock_fd, fromlen, bytes_sent, 160 159 tftp_command_size, socklen, retransmissions, received_last_packet, last_ack_packet; 161 160 uint8_t *binary_stream; … … 171 170 binary_stream = NULL; 172 171 max_blockcode = 0; 173 select_return = -1;174 dumpfile_fd = -1;175 172 socklen = sizeof(struct sockaddr_in); 173 174 175 /* replace private ip? */ 176 if (replace_private_ips && (private_ipaddr(host->s_addr) || !(valid_ipaddr(host->s_addr)))) { 177 logmsg(LOG_NOISY, 1, "FTP download - Replacing private/invalid server address with attacking IP address.\n"); 178 host = (struct in_addr *) &attack->a_conn.r_addr; 179 } 176 180 177 181 logmsg(LOG_NOTICE, 1, "TFTP download - Requesting '%s' from %s.\n", save_file, inet_ntoa(*host)); … … 214 218 215 219 FD_ZERO(&rfds); 220 FD_SET(sigpipe[0], &rfds); 216 221 FD_SET(data_sock_fd, &rfds); 217 select_return = 0; 218 219 while ((retransmissions++ < MAX_TRANSMISSION_TRIES) && !select_return) { 222 223 while (retransmissions++ < MAX_TRANSMISSION_TRIES) { 220 224 /* send read request */ 221 225 if ((bytes_sent = sendto(data_sock_fd, tftp_command, tftp_command_size, 0, … … 234 238 (u_int16_t) snd_timeout.tv_sec); 235 239 236 if (((select_return = select(data_sock_fd + 1, &rfds, NULL, NULL, &snd_timeout)) < 0) && (errno != EINTR)) { 237 logmsg(LOG_ERR, 1, "TFTP download error - 'select' call failed.\n"); 240 switch (select(MAX(sigpipe[0], data_sock_fd) + 1, &rfds, NULL, NULL, &snd_timeout)) { 241 case -1: 242 if (errno == EINTR) { 243 if (check_sigpipe() == -1) exit(EXIT_FAILURE); 244 break; 245 } 246 logmsg(LOG_ERR, 1, "TFTP download error - Select on TFTP data channel failed: %s.\n", strerror(errno)); 247 tftp_quit(data_sock_fd); 238 248 return(-1); 239 } 240 } 241 if (!select_return) { 249 case 0: 250 logmsg(LOG_WARN, 1, "TFTP download - Transfer timeout, no incoming data connection for %d seconds.\n", 251 (u_int16_t) snd_timeout.tv_sec); 252 tftp_quit(data_sock_fd); 253 return(-1); 254 default: 255 if (FD_ISSET(sigpipe[0], &rfds) && (check_sigpipe() == -1)) exit(EXIT_FAILURE); 256 if (FD_ISSET(data_sock_fd, &rfds)) break; 257 } 258 } 259 if (retransmissions >= MAX_TRANSMISSION_TRIES) { 242 260 logmsg(LOG_ERR, 1, "TFTP download error - Connection timed out.\n"); 243 261 return(-1); … … 265 283 266 284 switch(ntohs(tftp_opcode)) { 267 case 3: 268 /* Got data */ 269 memcpy(&tftp_blockcode, rbuf+2, 2); 270 logmsg(LOG_DEBUG, 1, "TFTP download - Data block %u read (%u bytes).\n", 285 case 3: 286 /* Got data */ 287 memcpy(&tftp_blockcode, rbuf+2, 2); 288 logmsg(LOG_DEBUG, 1, "TFTP download - Data block %u read (%u bytes).\n", 289 ntohs(tftp_blockcode), bytes_read); 290 291 if (last_ack_packet >= ntohs(tftp_blockcode)) { 292 /* packet already processed and acknowledged */ 293 logmsg(LOG_DEBUG, 1, "TFTP download - Data block %u re-received (%u bytes).\n", 271 294 ntohs(tftp_blockcode), bytes_read); 272 273 if (last_ack_packet >= ntohs(tftp_blockcode)) { 274 /* packet already processed and acknowledged */ 275 logmsg(LOG_DEBUG, 1, "TFTP download - Data block %u re-received (%u bytes).\n", 276 ntohs(tftp_blockcode), bytes_read); 277 } else { 278 /* new packet */ 279 last_ack_packet = ntohs(tftp_blockcode); 280 total_bytes += bytes_read-4; /* subtract space for opcode and block number */ 295 } else { 296 /* new packet */ 297 last_ack_packet = ntohs(tftp_blockcode); 298 total_bytes += bytes_read-4; /* subtract space for opcode and block number */ 299 300 /* check if we need to insert packet into file */ 301 if (ntohs(tftp_blockcode) > ntohs(max_blockcode)) { 302 max_blockcode = tftp_blockcode; 303 binary_stream = (uint8_t *) realloc(binary_stream, total_bytes); 304 /* assemble file */ 305 memcpy(binary_stream + total_bytes - bytes_read+4, rbuf+4, bytes_read-4); 306 } 307 } 308 309 /* send ACK */ 310 bytes_sent = 0; 311 tftp_command = (char *) malloc(4); 312 bzero(tftp_command, 4); 313 tftp_command[1] = 4; /* ACK opcode */ 314 memcpy(tftp_command+2, &tftp_blockcode, 2); 315 316 logmsg(LOG_DEBUG, 1, "TFTP download - ACK %u assembled.\n", ntohs(tftp_blockcode)); 317 318 if (bytes_read < 512) { 319 received_last_packet = 1; 320 logmsg(LOG_DEBUG, 1, "TFTP download - Last data packet recieved.\n"); 321 if ((bytes_sent = sendto(data_sock_fd, tftp_command, 4, 0, 322 (struct sockaddr *) &data_socket, socklen)) == -1) { 323 logmsg(LOG_DEBUG, 1, "TFTP download - Unable to send last ACK packet.\n"); 324 } else logmsg(LOG_DEBUG, 1, "TFTP download - Data block %d acknowledged.\n", 325 ntohs(tftp_blockcode)); 326 } else { 327 retransmissions = 0; 328 bytes_sent = 0; 329 330 while (retransmissions++ < MAX_TRANSMISSION_TRIES) { 331 /* send read request */ 332 logmsg(LOG_DEBUG, 1, "TFTP download - Sending \"ACK %u\" (%u. try)\n", 333 ntohs(tftp_blockcode), retransmissions); 334 if ((bytes_sent = sendto(data_sock_fd, tftp_command, 4, 0, 335 (struct sockaddr *) &data_socket, socklen)) == -1) { 336 logmsg(LOG_ERR, 1, 337 "TFTP download error - Unable to send ACK packet.\n"); 338 return(-1); 339 } 340 341 snd_timeout.tv_sec = 5; 342 snd_timeout.tv_usec = 0; 343 344 /* wait for incoming data, close connection on timeout */ 345 logmsg(LOG_DEBUG, 1, "TFTP download - Waiting for incoming data, timeout is %d seconds.\n", 346 (u_int16_t) snd_timeout.tv_sec); 281 347 282 /* check if we need to insert packet into file */ 283 if (ntohs(tftp_blockcode) > ntohs(max_blockcode)) { 284 max_blockcode = tftp_blockcode; 285 binary_stream = (uint8_t *) realloc(binary_stream, total_bytes); 286 /* assemble file */ 287 memcpy(binary_stream + total_bytes - bytes_read+4, rbuf+4, bytes_read-4); 348 switch (select(MAX(sigpipe[0], data_sock_fd) + 1, &rfds, NULL, NULL, &snd_timeout)) { 349 case -1: 350 if (errno == EINTR) { 351 if (check_sigpipe() == -1) exit(EXIT_FAILURE); 352 break; 353 } 354 logmsg(LOG_ERR, 1, "TFTP download error - Select on TFTP data channel failed: %s.\n", strerror(errno)); 355 tftp_quit(data_sock_fd); 356 return(-1); 357 case 0: 358 logmsg(LOG_WARN, 1, "TFTP download - Transfer timeout, no incoming data connection for %d seconds.\n", 359 (u_int16_t) snd_timeout.tv_sec); 360 tftp_quit(data_sock_fd); 361 return(-1); 362 default: 363 if (FD_ISSET(sigpipe[0], &rfds) && (check_sigpipe() == -1)) exit(EXIT_FAILURE); 364 if (FD_ISSET(data_sock_fd, &rfds)) break; 288 365 } 289 366 } 290 291 /* send ACK */ 292 bytes_sent = 0; 293 tftp_command = (char *) malloc(4); 294 bzero(tftp_command, 4); 295 tftp_command[1] = 4; /* ACK opcode */ 296 memcpy(tftp_command+2, &tftp_blockcode, 2); 297 298 logmsg(LOG_DEBUG, 1, "TFTP download - ACK %u assembled.\n", ntohs(tftp_blockcode)); 299 300 if (bytes_read < 512) { 301 received_last_packet = 1; 302 logmsg(LOG_DEBUG, 1, "TFTP download - Last data packet recieved.\n"); 303 if ((bytes_sent = sendto(data_sock_fd, tftp_command, 4, 0, 304 (struct sockaddr *) &data_socket, socklen)) == -1) { 305 logmsg(LOG_DEBUG, 1, "TFTP download - Unable to send last ACK packet.\n"); 306 } else logmsg(LOG_DEBUG, 1, "TFTP download - Data block %d acknowledged.\n", 307 ntohs(tftp_blockcode)); 308 } else { 309 retransmissions = 0; 310 bytes_sent = 0; 311 select_return = 0; 312 313 while ((retransmissions++ < MAX_TRANSMISSION_TRIES) && !select_return) { 314 logmsg(LOG_DEBUG, 1, "TFTP download - Sending \"ACK %u\" (%u. try)\n", 315 ntohs(tftp_blockcode), retransmissions); 316 if ((bytes_sent = sendto(data_sock_fd, tftp_command, 4, 0, 317 (struct sockaddr *) &data_socket, socklen)) == -1) { 318 logmsg(LOG_ERR, 1, 319 "TFTP download error - Unable to send ACK packet.\n"); 320 return(-1); 321 } 322 323 snd_timeout.tv_sec = 5; 324 snd_timeout.tv_usec = 0; 325 326 if (((select_return = select(data_sock_fd + 1, &rfds, NULL, NULL, 327 &snd_timeout)) < 0) && (errno != EINTR)) { 328 logmsg(LOG_ERR, 1, "TFTP download error - 'select' call failed.\n"); 329 return(-1); 330 } 331 } 332 if (!select_return) { 333 logmsg(LOG_ERR, 1, "TFTP download error - Connection timed out.\n"); 334 free(binary_stream); 335 return(-1); 336 } 337 logmsg(LOG_DEBUG, 1, "TFTP download - Data block %d acknowledged.\n", 338 ntohs(tftp_blockcode)); 367 if (retransmissions >= MAX_TRANSMISSION_TRIES) { 368 logmsg(LOG_ERR, 1, "TFTP download error - Connection timed out.\n"); 369 free(binary_stream); 370 return(-1); 339 371 } 340 break; 341 case 5: 342 /* RRQ failed */ 343 memcpy(&tftp_errcode, rbuf+2, 2); 344 if (tftp_errcode == 1) logmsg(LOG_ERR, 1, "TFTP download error - File not found.\n"); 345 else logmsg(LOG_ERR, 1, "TFTP download error - Read Request failed.\n"); 346 return(-1); 347 break; 348 default: 349 logmsg(LOG_DEBUG, 1, "TFTP download - %d bytes read.\n", bytes_read); 350 logmsg(LOG_WARN, 1, 351 "TFTP download warning - Don't know how to handle opcode %d.\n", tftp_opcode); 352 break; 372 logmsg(LOG_DEBUG, 1, "TFTP download - Data block %d acknowledged.\n", 373 ntohs(tftp_blockcode)); 374 } 375 break; 376 case 5: 377 /* RRQ failed */ 378 memcpy(&tftp_errcode, rbuf+2, 2); 379 if (tftp_errcode == 1) logmsg(LOG_ERR, 1, "TFTP download error - File not found.\n"); 380 else logmsg(LOG_ERR, 1, "TFTP download error - Read Request failed.\n"); 381 return(-1); 382 break; 383 default: 384 logmsg(LOG_DEBUG, 1, "TFTP download - %d bytes read.\n", bytes_read); 385 logmsg(LOG_WARN, 1, 386 "TFTP download warning - Don't know how to handle opcode %d.\n", tftp_opcode); 387 break; 353 388 } 354 389 } … … 362 397 363 398 /* close open descriptors and return */ 364 return(tftp_quit(data_sock_fd , dumpfile_fd));365 } 399 return(tftp_quit(data_sock_fd)); 400 } honeytrap/trunk/src/modules/htm_tftpDownload.h
r1270 r1345 23 23 int cmd_parse_for_tftp(Attack *attack); 24 24 int get_tftpcmd(char *attack_string, int string_size, Attack *attack); 25 int tftp_quit(int data_sock_fd , int dumpfile_fd);25 int tftp_quit(int data_sock_fd); 26 26 int get_tftp_resource(struct in_addr* host, const char *save_file, Attack *attack); 27 27 honeytrap/trunk/src/proxy.c
r1334 r1345 95 95 sizeof(proxy_socket), timeout)) { 96 96 case -1: 97 if (errno == EINPROGRESS) break; 98 if (errno == EINTR) { 99 if (check_sigpipe() == -1) exit(EXIT_FAILURE); 100 break; 101 } 97 102 logmsg(LOG_ERR, 1, "%s %s Error - select() call failed: %s \n", 98 103 logpre, portstr, strerror(errno)); honeytrap/trunk/src/signals.c
r1293 r1345 34 34 void get_signal(int sig) { 35 35 switch (sig) { 36 #ifdef HAVE_SIGBUS 37 case SIGBUS: 38 #endif 39 case SIGCHLD: 40 case SIGHUP: 41 case SIGILL: 36 42 case SIGINT: 37 case SIGHUP:38 43 case SIGQUIT: 44 case SIGSEGV: 39 45 case SIGTERM: 40 case SIGCHLD:41 46 /* prevent nested interrupts */ 42 47 if (signal(sig, SIG_IGN) == SIG_IGN) return; … … 56 61 57 62 void handle_signal(int sig) { 58 pid_t pid; 63 pid_t pid; 64 int status; 59 65 60 66 switch(sig) { 67 #ifdef HAVE_SIGBUS 68 case SIGBUS: 69 #endif 70 case SIGILL: 71 case SIGSEGV: 72 if (current_plugfunc) 73 logmsg(LOG_ERR, 1, "Error - Signal %d received in process %d, %s::%s().\n", 74 sig, getpid(), current_plugfunc->plugnam, current_plugfunc->funcnam); 75 else 76 logmsg(LOG_ERR, 1, "Error - Signal %d received in process %d.\n", sig, getpid()); 77 _exit(EXIT_FAILURE); 61 78 case SIGHUP: 62 79 if (MASTER_PROCESS) { … … 79 96 80 97 break; 81 case SIGSEGV:82 if (current_plugfunc)83 logmsg(LOG_ERR, 1, "Error - Segmentation fault in process %d, %s::%s() (SIGSEGV received).\n",84 getpid(), current_plugfunc->plugnam, current_plugfunc->funcnam);85 else86 logmsg(LOG_ERR, 1, "Error - Segmentation fault in process %d (SIGSEGV received).\n", getpid());87 _exit(EXIT_FAILURE);88 98 case SIGINT: 89 99 logmsg(LOG_DEBUG, 1, "SIGINT received.\n"); … … 125 135 case SIGCHLD: 126 136 logmsg(LOG_DEBUG, 1, "SIGCHILD received.\n"); 127 while ((pid = waitpid(-1, NULL, WNOHANG)) > 0) logmsg(LOG_DEBUG, 1, "Process %d terminated.\n", pid); 137 for (;;) { 138 status = 0; 139 if ((pid = waitpid(-1, &status, WNOHANG)) > 0) 140 logmsg(LOG_DEBUG, 1, "Process %d terminated.\n", pid); 141 if WIFSIGNALED(status) 142 logmsg(LOG_WARN, 1, "Warning - Process %d was terminated by signal %d.\n", pid, WTERMSIG(status)); 143 else if (WIFEXITED(status) && (WEXITSTATUS(status) == EXIT_FAILURE)) 144 logmsg(LOG_WARN, 1, "Warning - Process %d exited on failure.n", pid); 145 else break; 146 } 128 147 129 148 /* reinstall original signal handler */ … … 134 153 break; 135 154 default: 155 logmsg(LOG_WARN, 1, "Warning - Don't know how to handle signal %d in process %d.\n", sig, getpid()); 136 156 break; 137 157 } … … 141 161 142 162 void install_signal_handlers(void) { 143 /* create a pipe for process-internal signal delivery */ 163 u_char i; 164 static int sigs[] = { 165 #ifdef HAVE_SIGBUS 166 SIGBUS, 167 #endif 168 SIGCHLD, 169 SIGHUP, 170 SIGILL, 171 SIGINT, 172 SIGQUIT, 173 SIGSEGV, 174 SIGTERM 175 }; 176 177 create_sigpipe(); 178 179 /* install signal handlers */ 180 for (i = 0; i < sizeof(sigs)/sizeof(sigs[0]); i++) { 181 if (signal(sigs[i], get_signal) == SIG_ERR) 182 fprintf(stdout, " Warning - Handler for signal %d was not installed for %u.\n", i, getpid()); 183 else DEBUG_FPRINTF(stdout, " Handler for signal %d installed.\n", i); 184 } 185 return; 186 } 187 188 189 void create_sigpipe(void) { 190 /* create a pipe for process-internal signal delivery 191 * this function must be called in every process, e.g. after a fork() 192 * as pipes are inherited by childs which would break signal delivery */ 193 194 /* make sure there are no open pipe endpoints */ 195 close(sigpipe[0]); 196 close(sigpipe[1]); 197 198 /* (re)open pipe */ 144 199 if (pipe(sigpipe) == -1) { 145 200 fprintf(stderr, " Error - Unable to create signal pipe: %s.\n", strerror(errno)); 146 201 exit(EXIT_FAILURE); 147 202 } 148 DEBUG_FPRINTF(stdout, " Signal pipe successfully created.\n"); 149 150 151 /* install signal handlers */ 152 if (signal(SIGHUP, get_signal) == SIG_ERR) 153 fprintf(stdout, " Warning - Handler for SIGHUP was not installed for %u.\n", getpid()); 154 else DEBUG_FPRINTF(stdout, " Signal handler for SIGHUP installed.\n"); 155 156 if (signal(SIGSEGV, get_signal) == SIG_ERR) 157 fprintf(stdout, " Warning - Handler for SIGSEGV was not installed for %u.\n", getpid()); 158 else DEBUG_FPRINTF(stdout, " Signal handler for SIGSEGV installed.\n"); 159 160 if (signal(SIGINT, get_signal) == SIG_ERR) 161 fprintf(stdout, " Warning - Handler for SIGINT was not installed for %u.\n", getpid()); 162 else DEBUG_FPRINTF(stdout, " Signal handler for SIGINT installed.\n"); 163 164 if (signal(SIGQUIT, get_signal) == SIG_ERR) 165 fprintf(stdout, " Warning - Handler for SIGQUIT was not installed for %u.\n", getpid()); 166 else DEBUG_FPRINTF(stdout, " Signal handler for SIGQUIT installed.\n"); 167 168 if (signal(SIGTERM, get_signal) == SIG_ERR) 169 fprintf(stdout, " Warning - Handler for SIGTERM was not installed for %u.\n", getpid()); 170 else DEBUG_FPRINTF(stdout, " Signal handler for SIGTERM installed.\n"); 171 172 if (signal(SIGCHLD, get_signal) == SIG_ERR) 173 fprintf(stdout, " Warning - Handler for SIGCHLD was not installed for %u.\n", getpid()); 174 else DEBUG_FPRINTF(stdout, " Signal handler for SIGCHLD installed.\n"); 203 DEBUG_FPRINTF(stdout, " Signal pipe successfully created for process %d.\n", getpid()); 175 204 176 205 return; … … 184 213 int sig, rv; 185 214 186 if ((rv = read(sigpipe[0], &sig, sizeof(int))) == sizeof(int)) { 215 switch(rv = read(sigpipe[0], &sig, sizeof(int))) { 216 case sizeof(int): 187 217 /* caught a signal */ 188 218 logmsg(LOG_DEBUG, 1, "Process %d received signal %d on pipe.\n", getpid(), sig); 189 219 handle_signal(sig); 190 } 191 if (rv == -1) { 220 break; 221 case 0: 222 logmsg(LOG_WARN, 1, "Warning - Signal pipe ready to read but not enough data available.\n"); 223 return(0); 224 case -1: 192 225 logmsg(LOG_ERR, 1, "Error - Unable to read signal from pipe: %s.\n", strerror(errno)); 193 226 return(-1); honeytrap/trunk/src/signals.h
r1292 r1345 27 27 void handle_signal(int sig); 28 28 void install_signal_handlers(void); 29 void create_sigpipe(void); 29 30 int check_sigpipe(void); 30 31 honeytrap/trunk/src/sock.c
r1334 r1345 102 102 103 103 104 /* perform a non-blocking connect() with a given timeout r104 /* perform a non-blocking connect() with a given timeout 105 105 * always use this function instead of connect() 106 106 * or signal processing might get delayed */ … … 132 132 switch (select(MAX(sigpipe[0], sock_fd) + 1, &rfds, &wfds, NULL, &timeout)) { 133 133 case -1: 134 if (errno == EINPROGRESS) break; 134 135 if (errno == EINTR) { 135 136 if (check_sigpipe() == -1) exit(EXIT_FAILURE); honeytrap/trunk/src/util.c
r1334 r1345 84 84 return(-1); 85 85 default: 86 if (FD_ISSET(sigpipe[0], &rfds) && (check_sigpipe() == -1)) 87 exit(EXIT_FAILURE); 86 if (FD_ISSET(sigpipe[0], &rfds) && (check_sigpipe() == -1)) exit(EXIT_FAILURE); 88 87 if (FD_ISSET(socket, &rfds)) { 89 88 if (read_chars >= len-1) {
