Check for IPv4 or IPv6 to be available by the kernel to not

provoke errors trying to query options not available.
Make it possible to compile out INET or INET6 only parts.

Reviewed by:	jamie
Sponsored by:	The FreeBSD Foundation
Sponsored by:	iXsystems
MFC after:	10 days
This commit is contained in:
bz 2011-05-29 21:03:40 +00:00
parent abff9de7bd
commit 2c33480efe
4 changed files with 111 additions and 53 deletions

View File

@ -10,5 +10,8 @@ LDADD= -ljail -lutil
.if ${MK_INET6_SUPPORT} != "no"
CFLAGS+= -DINET6
.endif
.if ${MK_INET_SUPPORT} != "no"
CFLAGS+= -DINET
.endif
.include <bsd.prog.mk>

View File

@ -54,12 +54,18 @@ static struct jailparam *params;
static char **param_values;
static int nparams;
static char *ip4_addr;
#ifdef INET6
static int ip6_ok;
static char *ip6_addr;
#endif
#ifdef INET
static int ip4_ok;
static char *ip4_addr;
#endif
#if defined(INET6) || defined(INET)
static void add_ip_addr(char **addrp, char *newaddr);
#endif
#ifdef INET6
static void add_ip_addr46(char *newaddr);
#endif
@ -194,6 +200,13 @@ main(int argc, char **argv)
if (uflag)
GET_USER_INFO;
#ifdef INET6
ip6_ok = feature_present("inet6");
#endif
#ifdef INET
ip4_ok = feature_present("inet");
#endif
if (jailname)
set_param("name", jailname);
if (securelevel)
@ -207,10 +220,12 @@ main(int argc, char **argv)
break;
}
if (hflag) {
#ifdef INET
if (!strncmp(argv[i], "ip4.addr=", 9)) {
add_ip_addr(&ip4_addr, argv[i] + 9);
break;
}
#endif
#ifdef INET6
if (!strncmp(argv[i], "ip6.addr=", 9)) {
add_ip_addr(&ip6_addr, argv[i] + 9);
@ -231,11 +246,13 @@ main(int argc, char **argv)
set_param("host.hostname", argv[1]);
if (hflag)
add_ip_addrinfo(0, argv[1]);
#if defined(INET6) || defined(INET)
if (argv[2][0] != '\0')
#ifdef INET6
add_ip_addr46(argv[2]);
#else
add_ip_addr(&ip4_addr, argv[2]);
#endif
#endif
cmdarg = 3;
/* Emulate the defaults from security.jail.* sysctls */
@ -259,8 +276,10 @@ main(int argc, char **argv)
}
}
}
#ifdef INET
if (ip4_addr != NULL)
set_param("ip4.addr", ip4_addr);
#endif
#ifdef INET6
if (ip6_addr != NULL)
set_param("ip6.addr", ip6_addr);
@ -297,14 +316,19 @@ main(int argc, char **argv)
for (i = 0; i < nparams; i++)
if (!strcmp(params[i].jp_name, "path"))
break;
#ifdef INET6
#if defined(INET6) && defined(INET)
fprintf(fp, "%d\t%s\t%s\t%s%s%s\t%s\n",
jid, i < nparams
? (char *)params[i].jp_value : argv[0],
argv[1], ip4_addr ? ip4_addr : "",
ip4_addr && ip4_addr[0] && ip6_addr && ip6_addr[0]
? "," : "", ip6_addr ? ip6_addr : "", argv[3]);
#else
#elif defined(INET6)
fprintf(fp, "%d\t%s\t%s\t%s\t%s\n",
jid, i < nparams
? (char *)params[i].jp_value : argv[0],
argv[1], ip6_addr ? ip6_addr : "", argv[3]);
#elif defined(INET)
fprintf(fp, "%d\t%s\t%s\t%s\t%s\n",
jid, i < nparams
? (char *)params[i].jp_value : argv[0],
@ -348,6 +372,7 @@ main(int argc, char **argv)
err(1, "execvp: %s", argv[cmdarg]);
}
#if defined(INET6) || defined(INET)
static void
add_ip_addr(char **addrp, char *value)
{
@ -368,6 +393,7 @@ add_ip_addr(char **addrp, char *value)
*addrp = addr;
}
}
#endif
#ifdef INET6
static void
@ -391,23 +417,24 @@ static void
add_ip_addrinfo(int ai_flags, char *value)
{
struct addrinfo hints, *ai0, *ai;
struct in_addr addr4;
size_t size;
int error, ip4ok;
int mib[4];
int error;
#ifdef INET
char avalue4[INET_ADDRSTRLEN];
struct in_addr addr4;
#endif
#ifdef INET6
struct in6_addr addr6;
int ip6ok;
char avalue6[INET6_ADDRSTRLEN];
struct in6_addr addr6;
#endif
/* Look up the hostname (or get the address) */
memset(&hints, 0, sizeof(hints));
hints.ai_socktype = SOCK_STREAM;
#ifdef INET6
#if defined(INET6) && defined(INET)
hints.ai_family = PF_UNSPEC;
#else
#elif defined(INET6)
hints.ai_family = PF_INET6;
#elif defined(INET)
hints.ai_family = PF_INET;
#endif
hints.ai_flags = ai_flags;
@ -415,32 +442,12 @@ add_ip_addrinfo(int ai_flags, char *value)
if (error != 0)
errx(1, "hostname %s: %s", value, gai_strerror(error));
/*
* Silently ignore unsupported address families from DNS lookups.
* But if this is a numeric address, let the kernel give the error.
*/
if (ai_flags & AI_NUMERICHOST)
ip4ok =
#ifdef INET6
ip6ok =
#endif
1;
else {
size = 4;
ip4ok = (sysctlnametomib("security.jail.param.ip4", mib,
&size) == 0);
#ifdef INET6
size = 4;
ip6ok = (sysctlnametomib("security.jail.param.ip6", mib,
&size) == 0);
#endif
}
/* Convert the addresses to ASCII so set_param can convert them back. */
for (ai = ai0; ai; ai = ai->ai_next)
switch (ai->ai_family) {
#ifdef INET
case AF_INET:
if (!ip4ok)
if (!ip4_ok && (ai_flags & AI_NUMERICHOST) == 0)
break;
memcpy(&addr4, &((struct sockaddr_in *)
(void *)ai->ai_addr)->sin_addr, sizeof(addr4));
@ -449,9 +456,10 @@ add_ip_addrinfo(int ai_flags, char *value)
err(1, "inet_ntop");
add_ip_addr(&ip4_addr, avalue4);
break;
#endif
#ifdef INET6
case AF_INET6:
if (!ip6ok)
if (!ip6_ok && (ai_flags & AI_NUMERICHOST) == 0)
break;
memcpy(&addr6, &((struct sockaddr_in6 *)
(void *)ai->ai_addr)->sin6_addr, sizeof(addr6));

View File

@ -1,8 +1,17 @@
# $FreeBSD$
.include <bsd.own.mk>
PROG= jls
MAN= jls.8
DPADD= ${LIBJAIL}
LDADD= -ljail
.if ${MK_INET6_SUPPORT} != "no"
CFLAGS+= -DINET6
.endif
.if ${MK_INET_SUPPORT} != "no"
CFLAGS+= -DINET
.endif
.include <bsd.prog.mk>

View File

@ -59,6 +59,12 @@ __FBSDID("$FreeBSD$");
static struct jailparam *params;
static int *param_parent;
static int nparams;
#ifdef INET6
static int ip6_ok;
#endif
#ifdef INET
static int ip4_ok;
#endif
static int add_param(const char *name, void *value, size_t valuelen,
struct jailparam *source, unsigned flags);
@ -112,6 +118,13 @@ main(int argc, char **argv)
errx(1, "usage: jls [-dhnqv] [-j jail] [param ...]");
}
#ifdef INET6
ip6_ok = feature_present("inet6");
#endif
#ifdef INET
ip4_ok = feature_present("inet");
#endif
/* Add the parameters to print. */
if (optind == argc) {
if (pflags & (PRINT_HEADER | PRINT_NAMEVAL))
@ -124,13 +137,24 @@ main(int argc, char **argv)
add_param("name", NULL, (size_t)0, NULL, JP_USER);
add_param("dying", NULL, (size_t)0, NULL, JP_USER);
add_param("cpuset.id", NULL, (size_t)0, NULL, JP_USER);
add_param("ip4.addr", NULL, (size_t)0, NULL, JP_USER);
add_param("ip6.addr", NULL, (size_t)0, NULL,
JP_USER | JP_OPT);
#ifdef INET
if (ip4_ok)
add_param("ip4.addr", NULL, (size_t)0, NULL,
JP_USER);
#endif
#ifdef INET6
if (ip6_ok)
add_param("ip6.addr", NULL, (size_t)0, NULL,
JP_USER | JP_OPT);
#endif
} else {
pflags |= PRINT_DEFAULT;
add_param("jid", NULL, (size_t)0, NULL, JP_USER);
add_param("ip4.addr", NULL, (size_t)0, NULL, JP_USER);
#ifdef INET
if (ip4_ok)
add_param("ip4.addr", NULL, (size_t)0, NULL,
JP_USER);
#endif
add_param("host.hostname", NULL, (size_t)0, NULL,
JP_USER);
add_param("path", NULL, (size_t)0, NULL, JP_USER);
@ -327,7 +351,7 @@ print_jail(int pflags, int jflags)
{
char *nname;
char **param_values;
int i, ai, jid, count, spc;
int i, ai, jid, count, n, spc;
char ipbuf[INET6_ADDRSTRLEN];
jid = jailparam_get(params, nparams, jflags);
@ -345,31 +369,45 @@ print_jail(int pflags, int jflags)
*(int *)params[4].jp_value ? "DYING" : "ACTIVE",
"",
*(int *)params[5].jp_value);
count = params[6].jp_valuelen / sizeof(struct in_addr);
for (ai = 0; ai < count; ai++)
if (inet_ntop(AF_INET,
&((struct in_addr *)params[6].jp_value)[ai],
ipbuf, sizeof(ipbuf)) == NULL)
err(1, "inet_ntop");
else
printf("%6s %-15.15s\n", "", ipbuf);
if (!strcmp(params[7].jp_name, "ip6.addr")) {
count = params[7].jp_valuelen / sizeof(struct in6_addr);
n = 6;
#ifdef INET
if (ip4_ok && !strcmp(params[n].jp_name, "ip.addr")) {
count = params[n].jp_valuelen / sizeof(struct in_addr);
for (ai = 0; ai < count; ai++)
if (inet_ntop(AF_INET,
&((struct in_addr *)params[n].jp_value)[ai],
ipbuf, sizeof(ipbuf)) == NULL)
err(1, "inet_ntop");
else
printf("%6s %-15.15s\n", "", ipbuf);
n++;
}
#endif
#ifdef INET6
if (ip6_ok && !strcmp(params[n].jp_name, "ip6.addr")) {
count = params[n].jp_valuelen / sizeof(struct in6_addr);
for (ai = 0; ai < count; ai++)
if (inet_ntop(AF_INET6,
&((struct in6_addr *)params[7].jp_value)[ai],
&((struct in6_addr *)
params[n].jp_value)[ai],
ipbuf, sizeof(ipbuf)) == NULL)
err(1, "inet_ntop");
else
printf("%6s %s\n", "", ipbuf);
n++;
}
#endif
} else if (pflags & PRINT_DEFAULT)
printf("%6d %-15.15s %-29.29s %.74s\n",
*(int *)params[0].jp_value,
params[1].jp_valuelen == 0 ? "-"
#ifdef INET
(!ip4_ok || params[1].jp_valuelen == 0) ? "-"
: inet_ntoa(*(struct in_addr *)params[1].jp_value),
(char *)params[2].jp_value,
(char *)params[3].jp_value);
#else
"-"
#endif
(char *)params[2-!ip4_ok].jp_value,
(char *)params[3-!ip4_ok].jp_value);
else {
param_values = alloca(nparams * sizeof(*param_values));
for (i = 0; i < nparams; i++) {