# HG changeset patch # User Petr Hoffmann # Date 1457505101 28800 # Node ID f678cc44b3d0583a562ebf55ca86e070f2567b75 # Parent e533d5840fddb72ebc5e1a13c6483e1c9cb2f591 PSARC/2014/291 PFLOGD: Packet Logging for PF PSARC/2014/292 FTP-PROXY: PF FTP-proxy supporting IPv4 NAT 22351416 deliver pflogd 22330374 deliver ftp-proxy diff -r e533d5840fdd -r f678cc44b3d0 components/ftp-proxy/Makefile --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/ftp-proxy/Makefile Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,66 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved. +# +include ../../make-rules/shared-macros.mk + +COMPONENT_NAME= ftp-proxy +COMPONENT_VERSION= OPENBSD_5_5 +IPS_COMPONENT_VERSION= 5.5 +COMPONENT_PROJECT_URL= http://www.openbsd.org +COMPONENT_SRC= $(COMPONENT_NAME)-$(COMPONENT_VERSION) +CVS_REPO=anoncvs@anoncvs.ca.openbsd.org:/cvs +CVS_PATH=src/usr.sbin/ftp-proxy +CVS_HASH= sha256:fc4487a5ea3f8f088d8096d512bda15c99b811db9d66fee44bdd40aa93122403 +CVS_TAG=$(COMPONENT_VERSION) +COMPONENT_BUGDB= service/ftp-proxy + +TPNO= 24255 + +# +# Don't overwrite CFLAGS here, just add our options there. +# +COMPONENT_BUILD_ENV += CFLAGS="$(CFLAGS) -D_SOLARIS_ -DOBSD_COMP -lscf" +COMPONENT_BUILD_ARGS += CC="$(CC)" + +include ../../make-rules/prep.mk +include ../../make-rules/justmake.mk +include ../../make-rules/ips.mk + +COMPONENT_INSTALL_ARGS += PREFIX=$(PROTOUSRDIR) +COMPONENT_INSTALL_ARGS += MANDIR=$(PROTOUSRSHAREMANDIR) +COMPONENT_INSTALL_ARGS += INSTALL=/usr/gnu/bin/install + +ASLR_MODE = $(ASLR_ENABLE) + +# common targets +build: $(BUILD_64) + +install: $(INSTALL_64) + +test: $(NO_TESTS) + +REQUIRED_PACKAGES += library/libevent +REQUIRED_PACKAGES += network/firewall +REQUIRED_PACKAGES += shell/ksh93 +REQUIRED_PACKAGES += system/core-os +REQUIRED_PACKAGES += system/header +REQUIRED_PACKAGES += system/library diff -r e533d5840fdd -r f678cc44b3d0 components/ftp-proxy/ftp-proxy.Solaris/firewall-ftp-proxy.xml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/ftp-proxy/ftp-proxy.Solaris/firewall-ftp-proxy.xml Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,203 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff -r e533d5840fdd -r f678cc44b3d0 components/ftp-proxy/ftp-proxy.Solaris/ftp-proxy --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/ftp-proxy/ftp-proxy.Solaris/ftp-proxy Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,186 @@ +#!/sbin/sh +# +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved. +# + +. /lib/svc/share/smf_include.sh + +PATH=$PATH:/usr/sbin + +# Retrieve an unescaped property value from a method token. +# Arguments: +# - raw method token value +# Outputs: +# - unescaped property value +# Returns: +# - 0 on success +# - 1 when unescaping failed +get_property() +{ + VALUE="$(echo "$1" | /usr/bin/sed 's/\\$.$/\1/g')" + + if [[ $? -ne 0 ]]; then + exit 1 + fi + + echo "$VALUE" +} + +failure() +{ + echo "An unknown error occurred. Probably either /usr/bin/sed is" + echo "missing or system resources are exhausted." + exit $SMF_EXIT_ERR_FATAL +} + +# Exit with error if given variable is empty or unset. +# Arguments: +# - Variable name +# - SMF property the variable's value is obtained from +# Exits when the variable value is empty or unset, +# returns otherwise. +failure_empty_value() +{ + eval "[[ -z \${$1:-} ]] || return 0" + echo "The ftp-proxy/$2 property cannot be empty." + exit $SMF_EXIT_ERR_FATAL +} + +failure_invalid_value() +{ + echo "The ftp-proxy/$1 property value is invalid." + exit $SMF_EXIT_ERR_FATAL +} + +# store and unescape property values +FTPPX_ANONYMOUS="$(get_property "$2")" || failure +FTPPX_PROXY_ADDRESS="$(get_property "$3")" || failure +FTPPX_PROXY_LISTEN_ADDRESS="$(get_property "$4")" || failure +FTPPX_DEBUG_LEVEL="$(get_property "$5")" || failure +FTPPX_MAXSESSIONS="$(get_property "$6")" || failure +FTPPX_PROXY_LISTEN_PORT="$(get_property "$7")" || failure +FTPPX_REVERSE_MODE_ADDRESS="$(get_property "$8")" || failure +FTPPX_REVERSE_MODE_PORT="$(get_property "$9")" || failure +FTPPX_REWRITE_SOURCE_PORT="$(get_property "${10}")" || failure +FTPPX_TAG="$(get_property "${11}")" || failure +FTPPX_TIMEOUT="$(get_property "${12}")" || failure +FTPPX_LOG="$(get_property "${13}")" || failure + +# check the following properties are not empty and add them +# to the command-line used to start the ftp-proxy +typeset -a CMDLINE + +failure_empty_value FTPPX_PROXY_ADDRESS proxy-NAT-address +CMDLINE+=( -a "$FTPPX_PROXY_ADDRESS" ) + +failure_empty_value FTPPX_PROXY_LISTEN_ADDRESS proxy-listen-address +CMDLINE+=( -b "$FTPPX_PROXY_LISTEN_ADDRESS" ) + +failure_empty_value FTPPX_DEBUG_LEVEL debug-level +CMDLINE+=( -D "$FTPPX_DEBUG_LEVEL" ) + +failure_empty_value FTPPX_MAXSESSIONS maxsessions +CMDLINE+=( -m "$FTPPX_MAXSESSIONS" ) + +failure_empty_value FTPPX_PROXY_LISTEN_PORT listen-port +CMDLINE+= ( -p "$FTPPX_PROXY_LISTEN_PORT" ) + +failure_empty_value FTPPX_TIMEOUT timeout +CMDLINE+=( -t "$FTPPX_TIMEOUT" ) + +case $FTPPX_ANONYMOUS in + on) CMDLINE+=( -A on ) + ;; + off) # nothing needed + ;; + *) failure_invalid_value anonymous-only + ;; +esac + +# reverse-mode-address is optional +if [[ -n $FTPPX_REVERSE_MODE_ADDRESS ]]; then + CMDLINE+=( -R "$FTPPX_REVERSE_MODE_ADDRESS" ) + if [[ -n $FTPPX_REVERSE_MODE_PORT ]]; then + CMDLINE+=( -P "$FTPPX_REVERSE_MODE_PORT" ) + fi +fi + +case $FTPPX_REWRITE_SOURCE_PORT in + on) CMDLINE+=( -r on ) + ;; + off) # nothing needed + ;; + *) failure_invalid_value always-use-ftp-data-port + ;; +esac + +# tag is optional +if [[ -n $FTPPX_TAG ]]; then + CMDLINE+=( -T "$FTPPX_TAG" ) +fi + +case $FTPPX_LOG in + on) CMDLINE+=( -v on ) + ;; + all) CMDLINE+=( -v all ) + ;; + off) CMDLINE+=( -v off ) + ;; + *) failure_invalid_value log + ;; +esac + +function start_proxy +{ + ANCHOR=$(echo "$SMF_FMRI" | \ + /usr/bin/cut -f 2- -d / | /usr/bin/tr / :) + if [[ -z $ANCHOR ]]; then + echo "Unable to form a valid anchor name." + exit $SMF_EXIT_ERR_FATAL + fi + ANCHOR="_auto/$ANCHOR" + echo 'anchor "*"' | pfctl -a "$ANCHOR" -f - + + if [[ $? -ne 0 ]]; then + echo "Unable to load rules into the firewall." + exit $SMF_EXIT_ERR_FATAL + fi + + CMDLINE+=( -X "$ANCHOR" ) + smf_clear_env + ftp-proxy "${CMDLINE[@]}" +} + +case "$1" in + start) + start_proxy + ;; + + *) + echo "Usage: $0 \c" >&2 + echo "(start)" >&2 + exit 1 + ;; + +esac diff -r e533d5840fdd -r f678cc44b3d0 components/ftp-proxy/ftp-proxy.license --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/ftp-proxy/ftp-proxy.license Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,71 @@ +-------------------------------------------------------------------------------- +This package brings a (modified) ftp-proxy component coming from OpenBSD 5.5. +-------------------------------------------------------------------------------- + +filter.c: +/* + * Copyright (c) 2004, 2005 Camiel Dobbelaar, + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +filter.h: +/* + * Copyright (c) 2004, 2005 Camiel Dobbelaar, + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +ftp-proxy.8: +.\" $OpenBSD: ftp-proxy.8,v 1.19 2012/06/25 11:49:19 jmc Exp $ +.\" +.\" Copyright (c) 2004, 2005 Camiel Dobbelaar, +.\" +.\" Permission to use, copy, modify, and distribute this software for any +.\" purpose with or without fee is hereby granted, provided that the above +.\" copyright notice and this permission notice appear in all copies. +.\" +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +ftp-proxy.c: +/* + * Copyright (c) 2004, 2005 Camiel Dobbelaar, + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ diff -r e533d5840fdd -r f678cc44b3d0 components/ftp-proxy/ftp-proxy.p5m --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/ftp-proxy/ftp-proxy.p5m Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,45 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. +# + + default mangler.man.stability volatile> +set name=pkg.fmri \ + value=pkg:/network/firewall/firewall-ftp-proxy@$(IPS_COMPONENT_VERSION),$(BUILD_VERSION) +set name=pkg.summary value="ftp-proxy - FTP proxy daemon for PF" +set name=pkg.description value="ftp-proxy handles FTP protocol over NAT in PF" +set name=com.oracle.info.description value="ftp-proxy, FTP proxy daemon" +set name=com.oracle.info.tpno value=$(TPNO) +set name=info.classification \ + value="org.opensolaris.category.2008:System/Administration and Configuration" +set name=info.source-url \ + value=http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/ftp-proxy/ +set name=info.upstream-url value=$(COMPONENT_PROJECT_URL) +set name=org.opensolaris.arc-caseid value=PSARC/2014/292 +set name=org.opensolaris.consolidation value=$(CONSOLIDATION) +file ftp-proxy.Solaris/firewall-ftp-proxy.xml \ + path=lib/svc/manifest/network/firewall/ftp-proxy.xml +file ftp-proxy.Solaris/ftp-proxy path=lib/svc/method/ftp-proxy mode=0555 +file path=usr/sbin/ftp-proxy +file path=usr/share/man/man8/ftp-proxy.8 +license ftp-proxy.license license="ftp-proxy license" diff -r e533d5840fdd -r f678cc44b3d0 components/ftp-proxy/patches/001-solaris.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/ftp-proxy/patches/001-solaris.patch Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,642 @@ +# This patch comes from Oracle. It fixes issues preventing ftp-proxy +# from building and running on Solaris. Especially, we: +# - disabled features missing support on Solaris (queuing, rtable..) +# where adding such support is not reasonable +# - used workarounds to deal with missing pieces on Solaris (missing +# structure members in sockaddr, PF not supporting divert-to, +# using Solaris-specific random number generator) +# +# These changes are not going to upstream, they are Solaris-specific. + +diff -Naur ORIGINAL/Makefile ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/Makefile +--- ORIGINAL/Makefile 2006-11-26 03:31:13.000000000 -0800 ++++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/Makefile 2016-02-10 04:21:21.337202150 -0800 +@@ -1,13 +1,29 @@ + # $OpenBSD: Makefile,v 1.3 2006/11/26 11:31:13 deraadt Exp $ + ++CFLAGS+= -m64 -errwarn ++ + PROG= ftp-proxy + SRCS= ftp-proxy.c filter.c ++OBJS=$(SRCS:.c=.o) + MAN= ftp-proxy.8 + +-CFLAGS+= -I${.CURDIR} +-CFLAGS+= -Wall -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith \ +- -Wno-uninitialized +-LDADD+= -levent +-DPADD+= ${LIBEVENT} ++LDADD+= -levent -luutil ++LDFLAGS+= -z nolazyload ++ ++all: $(SRCS) $(PROG) ++ ++install: $(PROG) ++ $(INSTALL) -d $(PREFIX)/sbin ++ $(INSTALL) -m 755 $(PROG) $(PREFIX)/sbin ++ $(INSTALL) -d $(MANDIR)/man8 ++ $(INSTALL) -m 644 $(MAN) $(MANDIR)/man8 ++ ++$(PROG): $(OBJS) ++ $(CC) $(CFLAGS) $(OBJS) -o $@ $(LDFLAGS) $(LDADD) ++ ++.c.o: ++ $(CC) $(CFLAGS) -c -o $@ $< + +-.include ++clean: ++ rm -rf *.o ++ rm -rf $(PROG) +diff -Naur ORIGINAL/filter.c ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/filter.c +--- ORIGINAL/filter.c 2012-09-18 03:11:53.000000000 -0700 ++++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/filter.c 2016-02-10 04:24:03.599069704 -0800 +@@ -32,6 +32,10 @@ + #include + #include + #include ++#ifdef _SOLARIS_ ++/* we need _IOWR */ ++#include ++#endif /* _SOLARIS_ */ + + #include "filter.h" + +diff -Naur ORIGINAL/ftp-proxy.8 ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/ftp-proxy.8 +--- ORIGINAL/ftp-proxy.8 2012-06-25 04:49:19.000000000 -0700 ++++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/ftp-proxy.8 2016-02-24 06:31:17.792565815 -0800 +@@ -30,17 +30,16 @@ + .Op Fl m Ar maxsessions + .Op Fl P Ar port + .Op Fl p Ar port +-.Op Fl q Ar queue + .Op Fl R Ar address + .Op Fl T Ar tag + .Op Fl t Ar timeout + .Ek + .Sh DESCRIPTION + .Nm +-is a proxy for the Internet File Transfer Protocol. +-FTP control connections should be redirected into the proxy using the +-.Xr pf 4 +-.Ar divert-to ++is a proxy for the Internet File Transfer Protocol making connections ++over IPv4 NAT possible. ++FTP control connections should be redirected into the proxy using the PF ++.Ar rdr-to + command, after which the proxy connects to the server on behalf of + the client. + .Pp +@@ -51,22 +50,20 @@ + Consequently, all connections from the server to the proxy have + their destination address rewritten, so they are redirected to the + client. +-The proxy uses the +-.Xr pf 4 ++The proxy uses the PF + .Ar anchor + facility for this. + .Pp + Assuming the FTP control connection is from $client to $server, the +-proxy connected to the server using the $proxy source address, and +-$port is negotiated, then ++proxy is connected to the server using the $proxy source address, and ++$port is negotiated, the + .Nm + adds the following rules to the anchor. + $server and $orig_server are the same unless + .Fl R + is used to force a different $server address for all connections. +-(These example rules use inet, but the proxy also supports inet6.) + .Pp +-In case of active mode (PORT or EPRT): ++In case of active mode (PORT): + .Bd -literal -offset 2n + pass in from $server to $proxy port $proxy_port \e + rdr-to $client port $port +@@ -74,7 +71,7 @@ + nat-to $orig_server port $natport + .Ed + .Pp +-In case of passive mode (PASV or EPSV): ++In case of passive mode (PASV): + .Bd -literal -offset 2n + pass in from $client to $orig_server port $proxy_port \e + rdr-to $server port $port +@@ -83,11 +80,6 @@ + .Pp + The options are as follows: + .Bl -tag -width Ds +-.It Fl 6 +-IPv6 mode. +-The proxy will expect and use IPv6 addresses for all communication. +-Only the extended FTP modes EPSV and EPRT are allowed with IPv6. +-The proxy is in IPv4 mode by default. + .It Fl A + Only permit anonymous FTP connections. + Either user "ftp" or user "anonymous" is allowed. +@@ -96,14 +88,11 @@ + connection to a server. + .It Fl b Ar address + Address where the proxy will listen for redirected control connections. +-The default is 127.0.0.1, or ::1 in IPv6 mode. ++The default is 127.0.0.1. + .It Fl D Ar level + Debug level, ranging from 0 to 7. + Higher is more verbose. + The default is 5. +-(These levels correspond to the +-.Xr syslog 3 +-levels.) + .It Fl d + Do not daemonize. + The process will stay in the foreground, logging to standard error. +@@ -120,10 +109,6 @@ + .It Fl p Ar port + Port where the proxy will listen for redirected connections. + The default is port 8021. +-.It Fl q Ar queue +-Create rules with queue +-.Ar queue +-appended, so that data connections can be queued. + .It Fl R Ar address + Fixed server address, also known as reverse mode. + The proxy will always connect to the same server, regardless of +@@ -142,9 +127,8 @@ + keyword can be implemented following the + .Nm + anchor. +-These rules can use special +-.Xr pf 4 +-features like route-to, reply-to, label, rtable, overload, etc. that ++These rules can use special PF ++features like route-to, reply-to, label, overload, etc. that + .Nm + does not implement itself. + There must be a matching pass rule after the +@@ -159,7 +143,9 @@ + .It Fl v + Set the 'log' flag on pf rules committed by + .Nm . +-Use twice to set the 'log all' flag. ++Use twice to set the ++.Sq log all ++flag. + The pf rules do not log by default. + .El + .Sh CONFIGURATION +@@ -171,27 +157,23 @@ + necessary. + .Bd -literal -offset 2n + anchor "ftp-proxy/*" +-pass in quick inet proto tcp to port ftp divert-to 127.0.0.1 port 8021 ++pass in quick inet proto tcp to port ftp rdr-to 127.0.0.1 port 8021 + pass out inet proto tcp from (self) to any port ftp + .Ed ++.Pp ++To run ++.Nm ++in a non-global zone, the ++.Bd -literal -offset indent ++svc:/network/socket-filter:pf_divert ++.Ed ++instance must be online in the global zone. + .Sh SEE ALSO +-.Xr ftp 1 , +-.Xr pf 4 , + .Xr pf.conf 5 + .Sh CAVEATS +-.Xr pf 4 +-does not allow the ruleset to be modified if the system is running at a +-.Xr securelevel 7 +-higher than 1. +-At that level +-.Nm +-cannot add rules to the anchors and FTP data connections may get blocked. + .Pp + Negotiated data connection ports below 1024 are not allowed. + .Pp + The negotiated IP address for active modes is ignored for security + reasons. + This makes third party file transfers impossible. +-.Pp +-.Nm +-chroots to "/var/empty" and changes to user "proxy" to drop privileges. +diff -Naur ORIGINAL/ftp-proxy.c ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/ftp-proxy.c +--- ORIGINAL/ftp-proxy.c 2013-03-15 06:31:27.000000000 -0700 ++++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/ftp-proxy.c 2016-02-10 04:12:16.600723376 -0800 +@@ -38,9 +38,20 @@ + #include + #include + #include ++#ifdef _SOLARIS_ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#endif /* _SOLARIS_ */ + #include + #include ++#ifndef _SOLARIS_ + #include ++#endif /* !_SOLARIS_ */ + + #include "filter.h" + +@@ -60,6 +71,32 @@ + + #define sstosa(ss) ((struct sockaddr *)(ss)) + ++#ifdef _SOLARIS_ ++/* ++ * These constants are used as a range used by pick_proxy_port(). The ftp-proxy ++ * never binds these ports. They are used only within proxy_reply() and add_rdr() ++ * to be put into a FTP-protocol message and to construct the rule to be loaded ++ * into PF, respectively. ++ * ++ * OpenBSD adheres to a convention where these port numbers are reserved for ++ * connections that want to bypass a firewall. Surely, it depends on how the ++ * administrator configures the firewall, too. Let's stick to that convention ++ * here. The idea probably is "if the admin uses this convention, these ports ++ * are not filtered and thus we are not going to clash with current firewall ++ * rules". ++ */ ++#define IPPORT_HIFIRSTAUTO 49152 ++#define IPPORT_HILASTAUTO 65535 ++ ++#define getrtable() 0 ++ ++#ifndef LIST_END ++#define LIST_END(x) NULL ++#endif /* !LIST_END */ ++ ++#define DIVERT_MODULE_NAME "pf_divertf" ++#endif /* _SOLARIS_ */ ++ + enum { CMD_NONE = 0, CMD_PORT, CMD_EPRT, CMD_PASV, CMD_EPSV }; + + struct session { +@@ -115,12 +152,59 @@ + + struct event listen_ev, pause_accept_ev; + struct sockaddr_storage fixed_server_ss, fixed_proxy_ss; ++#ifdef _SOLARIS_ ++static socklen_t fixed_server_ss_len; ++static socklen_t fixed_proxy_ss_len; ++#endif /* _SOLARIS_ */ + char *fixed_server, *fixed_server_port, *fixed_proxy, *listen_ip, *listen_port, + *qname, *tagname; + int anonymous_only, daemonize, id_count, ipv6_mode, loglevel, max_sessions, + rfc_mode, session_count, timeout, verbose; + extern char *__progname; + ++#ifdef _SOLARIS_ ++/* ++ * fake_arc4random_uniform() ++ * This is a fake implementation of arc4random_uniform(). The wrapper ++ * provides so called uniform calculation of pseudo random number with ++ * respect to upper bound. ++ * ++ * Function calculates random numbers until it finds one outside ++ * <0, 2^32 % upper_bound) range. Once random number, `rand`, is selected, ++ * function returns rand % upper_bound. ++ * ++ * Arguments: ++ * upper_bound - random number is picked up in range <0, upper_bound) ++ * ++ * Returns: ++ * random number, uniform with respect to upper bound. ++ * Returns UINT32_MAX on error. ++ */ ++static u_int32_t ++fake_arc4random_uniform(u_int32_t upper_bound) ++{ ++ u_int32_t rand, min; ++ ++ if (upper_bound < 2) ++ return (0); ++ ++ /* ++ * 2**32 % x == (2**32 - x) % x ++ * (Trick comes from OpenBSD, arc4random_uniform.c) ++ */ ++ min = -upper_bound % upper_bound; ++ for (;;) { ++ if (getrandom(&rand, sizeof (rand), GRND_NONBLOCK) != ++ sizeof (rand)) ++ return (UINT32_MAX); ++ if (rand >= min) ++ break; ++ } ++ ++ return (rand % upper_bound); ++} ++#endif /* _SOLARIS_ */ ++ + void + client_error(struct bufferevent *bufev, short what, void *arg) + { +@@ -220,6 +304,12 @@ + return (0); + } + s->proxy_port = pick_proxy_port(); ++#ifdef _SOLARIS_ ++ if (s->proxy_port == UINT16_MAX) { ++ logmsg(LOG_CRIT, "pick_proxy_port() failed"); ++ return (0); ++ } ++#endif /* _SOLARIS_ */ + proxy_reply(s->cmd, sstosa(&s->proxy_ss), s->proxy_port); + logmsg(LOG_DEBUG, "#%d proxy: %s", s->id, linebuf); + } +@@ -378,13 +468,30 @@ + struct sockaddr *proxy_to_server_sa; + struct session *s; + socklen_t len; ++#ifdef _SOLARIS_ ++ socklen_t client_sa_len, server_sa_len; ++ int one = 1; /* parameter for setsockopt */ ++#endif /* _SOLARIS_ */ + int client_fd, fc, on; +- ++ /* ++ * We experienced big problems when event_add() was called ++ * before accepting the incoming connection - for some reason, ++ * a new event was fired immediately and ftp-proxy was hanged ++ * trying to accept another client that was not there yet. ++ * Moving event_add() call a few lines below resolved this ++ * problem. ++ */ ++#ifndef _SOLARIS_ + event_add(&listen_ev, NULL); ++#endif /* !_SOLARIS_ */ + +- if ((event & EV_TIMEOUT)) ++ if ((event & EV_TIMEOUT)) { ++#ifdef _SOLARIS_ ++ event_add(&listen_ev, NULL); ++#endif /* _SOLARIS_ */ + /* accept() is no longer paused. */ + return; ++ } + + /* + * We _must_ accept the connection, otherwise libevent will keep +@@ -393,6 +500,9 @@ + client_sa = sstosa(&tmp_ss); + len = sizeof(struct sockaddr_storage); + if ((client_fd = accept(listen_fd, client_sa, &len)) < 0) { ++#ifdef _SOLARIS_ ++ event_add(&listen_ev, NULL); ++#endif /* _SOLARIS_ */ + logmsg(LOG_CRIT, "accept() failed: %s", strerror(errno)); + + /* +@@ -410,6 +520,16 @@ + return; + } + ++#ifdef _SOLARIS_ ++ event_add(&listen_ev, NULL); ++ ++ /* ++ * Struct sockaddr does not contain sa_len field on Solaris, ++ * we use client_sa_len instead. ++ */ ++ client_sa_len = len; ++#endif /* _SOLARIS_ */ ++ + /* Refuse connection if the maximum is reached. */ + if (session_count >= max_sessions) { + logmsg(LOG_ERR, "client limit (%d) reached, refusing " +@@ -426,8 +546,11 @@ + return; + } + s->client_fd = client_fd; ++#ifdef _SOLARIS_ ++ memcpy(sstosa(&s->client_ss), client_sa, client_sa_len); ++#else /* !_SOLARIS_ */ + memcpy(sstosa(&s->client_ss), client_sa, client_sa->sa_len); +- ++#endif /* _SOLARIS_ */ + /* Cast it once, and be done with it. */ + client_sa = sstosa(&s->client_ss); + server_sa = sstosa(&s->server_ss); +@@ -447,6 +570,17 @@ + strerror(errno)); + goto fail; + } ++#ifdef _SOLARIS_ ++ /* ++ * Struct sockaddr does not contain sa_len field on Solaris, ++ * we use server_sa_len instead. ++ */ ++ server_sa_len = len; ++#endif /* _SOLARIS_ */ ++/* SO_RTABLE not defined on Solaris */ ++#ifdef _SOLARIS_ ++ s->client_rd = 0; ++#else /* !_SOLARIS_ */ + len = sizeof(s->client_rd); + if (getsockopt(s->client_fd, SOL_SOCKET, SO_RTABLE, &s->client_rd, + &len) && errno != ENOPROTOOPT) { +@@ -454,10 +588,18 @@ + strerror(errno)); + goto fail; + } ++#endif /* _SOLARIS_ */ + if (fixed_server) { ++#ifdef _SOLARIS_ ++ memcpy(sstosa(&s->orig_server_ss), server_sa, ++ server_sa_len); ++ memcpy(server_sa, fixed_server_sa, fixed_server_ss_len); ++ server_sa_len = fixed_server_ss_len; /* update the length */ ++#else /* !_SOLARIS_ */ + memcpy(sstosa(&s->orig_server_ss), server_sa, + server_sa->sa_len); + memcpy(server_sa, fixed_server_sa, fixed_server_sa->sa_len); ++#endif /* _SOLARIS_ */ + } + + /* XXX: check we are not connecting to ourself. */ +@@ -471,8 +613,14 @@ + strerror(errno)); + goto fail; + } ++#ifdef _SOLARIS_ + if (fixed_proxy && bind(s->server_fd, sstosa(&fixed_proxy_ss), +- fixed_proxy_ss.ss_len) != 0) { ++ fixed_proxy_ss_len) != 0) ++#else /* !_SOLARIS_ */ ++ if (fixed_proxy && bind(s->server_fd, sstosa(&fixed_proxy_ss), ++ fixed_proxy_ss.ss_len) != 0) ++#endif /* _SOLARIS_ */ ++ { + logmsg(LOG_CRIT, "#%d cannot bind fixed proxy address: %s", + s->id, strerror(errno)); + goto fail; +@@ -485,8 +633,14 @@ + s->id, strerror(errno)); + goto fail; + } ++#ifdef _SOLARIS_ ++ if (connect(s->server_fd, server_sa, server_sa_len) < 0 && ++ errno != EINPROGRESS) ++#else /* !_SOLARIS_ */ + if (connect(s->server_fd, server_sa, server_sa->sa_len) < 0 && +- errno != EINPROGRESS) { ++ errno != EINPROGRESS) ++#endif /* _SOLARIS_ */ ++ { + logmsg(LOG_CRIT, "#%d proxy cannot connect to server %s: %s", + s->id, sock_ntop(server_sa), strerror(errno)); + goto fail; +@@ -592,6 +746,9 @@ + /* syslog does its own vissing. */ + vsyslog(pri, message, ap); + else { ++#ifdef _SOLARIS_ ++ vsyslog(pri, message, ap); ++#else /* !_SOLARIS_ */ + char buf[MAX_LOGLINE]; + char visbuf[2 * MAX_LOGLINE]; + +@@ -599,6 +756,7 @@ + vsnprintf(buf, sizeof buf, message, ap); + strnvis(visbuf, buf, sizeof visbuf, VIS_CSTYLE | VIS_NL); + fprintf(stderr, "%s\n", visbuf); ++#endif /* _SOLARIS_ */ + } + + va_end(ap); +@@ -636,9 +794,11 @@ + + while ((ch = getopt(argc, argv, "6Aa:b:D:dm:P:p:q:R:rT:t:v")) != -1) { + switch (ch) { ++#ifndef _SOLARIS_ + case '6': + ipv6_mode = 1; + break; ++#endif /* !_SOLARIS_ */ + case 'A': + anonymous_only = 1; + break; +@@ -668,11 +828,13 @@ + case 'p': + listen_port = optarg; + break; ++#ifndef _SOLARIS_ + case 'q': + if (strlen(optarg) >= PF_QNAME_SIZE) + errx(1, "queuename too long"); + qname = optarg; + break; ++#endif /* !_SOLARIS_ */ + case 'R': + fixed_server = optarg; + break; +@@ -718,9 +880,16 @@ + hints.ai_socktype = SOCK_STREAM; + error = getaddrinfo(fixed_proxy, NULL, &hints, &res); + if (error) +- errx(1, "getaddrinfo fixed proxy address failed: %s", ++ errx(1, "getaddrinfo fixed proxy address (%s) failed: %s", fixed_proxy, + gai_strerror(error)); + memcpy(&fixed_proxy_ss, res->ai_addr, res->ai_addrlen); ++#ifdef _SOLARIS_ ++ /* ++ * struct sockaddr_storage does not have the member ++ * ss_len on Solaris, thus we use a global variable. ++ */ ++ fixed_proxy_ss_len = res->ai_addrlen; ++#endif /* _SOLARIS_ */ + logmsg(LOG_INFO, "using %s to connect to servers", + sock_ntop(sstosa(&fixed_proxy_ss))); + freeaddrinfo(res); +@@ -736,6 +905,13 @@ + errx(1, "getaddrinfo fixed server address failed: %s", + gai_strerror(error)); + memcpy(&fixed_server_ss, res->ai_addr, res->ai_addrlen); ++#ifdef _SOLARIS_ ++ /* ++ * struct sockaddr_storage does not have the member ++ * ss_len on Solaris, thus we use a global variable. ++ */ ++ fixed_server_ss_len = res->ai_addrlen; ++#endif /* _SOLARIS_ */ + logmsg(LOG_INFO, "using fixed server %s", + sock_ntop(sstosa(&fixed_server_ss))); + freeaddrinfo(res); +@@ -752,6 +928,11 @@ + gai_strerror(error)); + if ((listenfd = socket(res->ai_family, SOCK_STREAM, IPPROTO_TCP)) == -1) + errx(1, "socket failed"); ++#ifdef _SOLARIS_ ++ if (setsockopt(listenfd, SOL_FILTER, FIL_ATTACH, DIVERT_MODULE_NAME, ++ (strlen(DIVERT_MODULE_NAME)+1)) != 0) ++ err(1, "setsockopt failed - unable to attach filter"); ++#endif /* _SOLARIS_ */ + on = 1; + if (setsockopt(listenfd, SOL_SOCKET, SO_REUSEADDR, (void *)&on, + sizeof on) != 0) +@@ -782,7 +963,11 @@ + event_init(); + + /* Setup signal handler. */ ++#ifdef _SOLARIS_ ++ sigset(SIGPIPE, SIG_IGN); ++#else /* !_SOLARIS_ */ + signal(SIGPIPE, SIG_IGN); ++#endif /* _SOLARIS_ */ + signal_set(&ev_sighup, SIGHUP, handle_signal, NULL); + signal_set(&ev_sigint, SIGINT, handle_signal, NULL); + signal_set(&ev_sigterm, SIGTERM, handle_signal, NULL); +@@ -857,12 +1042,25 @@ + return (0); + } + ++/* ++ * On Solaris, fake_arc4random_uniform() can fail. We return UINT16_MAX ++ * on error. ++ */ + u_int16_t + pick_proxy_port(void) + { ++#ifdef _SOLARIS_ ++ u_int32_t shift; ++ ++ shift = fake_arc4random_uniform(IPPORT_HILASTAUTO - IPPORT_HIFIRSTAUTO); ++ if (shift == UINT32_MAX) ++ return UINT16_MAX; ++ return (IPPORT_HIFIRSTAUTO + shift); ++#else /* !_SOLARIS_ */ + /* Random should be good enough for avoiding port collisions. */ + return (IPPORT_HIFIRSTAUTO + + arc4random_uniform(IPPORT_HILASTAUTO - IPPORT_HIFIRSTAUTO)); ++#endif /* _SOLARIS_ */ + } + + void +@@ -985,6 +1183,12 @@ + return (0); + } + s->proxy_port = pick_proxy_port(); ++#ifdef _SOLARIS_ ++ if (s->proxy_port == UINT16_MAX) { ++ logmsg(LOG_CRIT, "pick_proxy_port() failed"); ++ return (0); ++ } ++#endif /* _SOLARIS_ */ + logmsg(LOG_INFO, "#%d passive: client to server port %d" + " via port %d", s->id, s->port, s->proxy_port); + +@@ -1126,6 +1330,6 @@ + fprintf(stderr, "usage: %s [-6Adrv] [-a address] [-b address]" + " [-D level] [-m maxsessions]\n [-P port]" + " [-p port] [-q queue] [-R address] [-T tag]\n" +- " [-t timeout]\n", __progname); ++ " [-t timeout]\n", __progname); + exit(1); + } diff -r e533d5840fdd -r f678cc44b3d0 components/ftp-proxy/patches/002-smf.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/ftp-proxy/patches/002-smf.patch Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,1583 @@ +# This patch comes from Oracle. It turns the component into +# a well-behaving SMF service. It adds code manipulating service +# properties, service instances, and also provides security in +# cooperation with the service manifest (especially, extra +# privileges are dropped when not needed). +# +# This patch is not going to upstream, the changes are Solaris-specific. + +diff -Naur ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/Makefile ftp-proxy-OPENBSD_5_5-OPENBSD_5_5/Makefile +--- ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/Makefile 2016-02-10 04:21:21.337202150 -0800 ++++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5/Makefile 2016-02-10 04:59:25.999134460 -0800 +@@ -3,7 +3,7 @@ + CFLAGS+= -m64 -errwarn + + PROG= ftp-proxy +-SRCS= ftp-proxy.c filter.c ++SRCS= ftp-proxy.c filter.c smf-config.c + OBJS=$(SRCS:.c=.o) + MAN= ftp-proxy.8 + +diff -Naur ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/filter.c ftp-proxy-OPENBSD_5_5-OPENBSD_5_5/filter.c +--- ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/filter.c 2016-02-10 04:24:03.599069704 -0800 ++++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5/filter.c 2016-02-02 03:05:13.156044052 -0800 +@@ -53,6 +53,10 @@ + static int dev, rule_log; + static char *qname, *tagname; + ++#ifdef _SOLARIS_ ++char *FTP_PROXY_ANCHOR; ++#endif /* _SOLARIS_ */ ++ + int + add_addr(struct sockaddr *addr, struct pf_pool *pfp) + { +diff -Naur ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/filter.h ftp-proxy-OPENBSD_5_5-OPENBSD_5_5/filter.h +--- ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/filter.h 2016-02-10 04:25:34.896131457 -0800 ++++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5/filter.h 2016-02-08 23:45:38.805421033 -0800 +@@ -16,7 +16,11 @@ + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + ++#ifdef _SOLARIS_ ++extern char* FTP_PROXY_ANCHOR; ++#else /* !_SOLARIS_ */ + #define FTP_PROXY_ANCHOR "ftp-proxy" ++#endif /* _SOLARIS_ */ + + int add_nat(u_int32_t, struct sockaddr *, int, struct sockaddr *, u_int16_t, + struct sockaddr *, u_int16_t, u_int16_t); +diff -Naur ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/ftp-proxy.8 ftp-proxy-OPENBSD_5_5-OPENBSD_5_5/ftp-proxy.8 +--- ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/ftp-proxy.8 2016-02-24 06:31:17.792565815 -0800 ++++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5/ftp-proxy.8 2016-02-24 21:29:33.789584296 -0800 +@@ -23,7 +23,7 @@ + .Sh SYNOPSIS + .Nm + .Bk -words +-.Op Fl 6Adrv ++.Op Fl A Cm on | off + .Op Fl a Ar address + .Op Fl b Ar address + .Op Fl D Ar level +@@ -31,8 +31,10 @@ + .Op Fl P Ar port + .Op Fl p Ar port + .Op Fl R Ar address ++.Op Fl r Cm on | off + .Op Fl T Ar tag + .Op Fl t Ar timeout ++.Op Fl v Cm all | on | off + .Ek + .Sh DESCRIPTION + .Nm +@@ -83,6 +85,9 @@ + .It Fl A + Only permit anonymous FTP connections. + Either user "ftp" or user "anonymous" is allowed. ++Solaris Note: you need to specify ++.Cm on | off ++to enable/disable anonymous-only mode. + .It Fl a Ar address + The proxy will use this as the source address for the control + connection to a server. +@@ -93,9 +98,6 @@ + Debug level, ranging from 0 to 7. + Higher is more verbose. + The default is 5. +-.It Fl d +-Do not daemonize. +-The process will stay in the foreground, logging to standard error. + .It Fl m Ar maxsessions + Maximum number of concurrent FTP sessions. + When the proxy reaches this limit, new connections are denied. +@@ -118,6 +120,9 @@ + .It Fl r + Rewrite sourceport to 20 in active mode to suit ancient clients that insist + on this RFC property. ++Solaris Note: you need to specify ++.Cm on | off ++to enable/disable RFC compliant mode. + .It Fl T Ar tag + The filter rules will add tag + .Ar tag +@@ -147,6 +152,20 @@ + .Sq log all + flag. + The pf rules do not log by default. ++Solaris Note: the option is tri-state. ++You need to specify one of the values below: ++.Bl -tag -width "all" -offset 3n -compact ++.It off ++nothing is logged ++.It on ++log only packets, which create state for data session (equivalent to ++.Fl v ++on OpenBSD) ++.It all ++log all packets, which belong to data session (equivalent to ++.Fl vv ++on OpenBSD) ++.El + .El + .Sh CONFIGURATION + To make use of the proxy, +@@ -156,10 +175,19 @@ + last rule explicitly allowing FTP sessions from the proxy may not be + necessary. + .Bd -literal -offset 2n +-anchor "ftp-proxy/*" ++anchor "_auto/network:firewall:ftp-proxy:YOUR_INSTANCE_NAME/*" + pass in quick inet proto tcp to port ftp rdr-to 127.0.0.1 port 8021 + pass out inet proto tcp from (self) to any port ftp + .Ed ++.Sh SOLARIS ++Solaris runs ++.Nm ++as a ++.Xr smf 5 ++service: ++.Bd -literal -offset indent ++svc:/network/firewall/ftp-proxy ++.Ed + .Pp + To run + .Nm +@@ -168,8 +196,157 @@ + svc:/network/socket-filter:pf_divert + .Ed + instance must be online in the global zone. ++.Pp ++The options described in DESCRIPTION section are set using smf properties. ++Properties processed by ++.Nm ++enable ++.Xr smf_method 5 ++in order to configure the ++.Nm ++daemon are listed below. ++.Bl -tag -width "ftp-proxy/always-use-ftp-data-port" -offset 3n -compact ++.It ftp-proxy/anonymous-only ++If set to ++.Cm on ++the proxy is started with the ++.Fl A ++option, which allows anonymous FTP logins only. ++The value ++.Cm off ++is used as default. ++.It ftp-proxy/proxy-NAT-address ++This property sets the ++.Fl a ++option, the source IP address the proxy uses ++to connect to a server. ++.It ftp-proxy/proxy-listen-address ++This property sets the ++.Fl b ++option, which is the address, where the proxy accepts a connection from ++a client. ++.It ftp-proxy/proxy-listen-port ++This property sets the ++.Fl p ++option which is the port number, where the proxy accepts ++a connection from a client. ++.It ftp-proxy/debug-level ++This property sets the ++.Fl D ++option, which is a debug level (0-7). ++If not set, the default value 5 is used. ++.It ftp-proxy/max-sessions ++This property sets the ++.Fl m ++option, which is the maximum of concurrent FTP sessions served by ++the proxy. ++The valid range is from 1 to 500. ++If not specified the value 100 is used by default. ++.It ftp-proxy/reverse-mode-address ++This property sets the ++.Fl R ++option. ++It is the fixed server address, which is typically used to access ++a FTP server behind NAT. ++.It ftp-proxy/reverse-mode-port ++This property sets the ++.Fl P ++option, which is the port number used by a FTP server behind NAT. ++The default value is 21. ++.It ftp-proxy/always-use-ftp-data-port ++This property sets the ++.Fl r ++option, the value ++.Cm off ++is used as default. ++If set to ++.Cm on ++the proxy will always use port 20 for active data connections. ++.It ftp-proxy/tag ++This property sets the ++.Fl T ++option, which tags data connection packets with the desired tag. ++.It ftp-proxy/timeout ++This property sets the ++.Fl t ++option, which specifies the number of seconds a FTP command session ++may remain idle. ++The maximum value is 86400 seconds (1 day). ++.It ftp-proxy/log ++This property sets the ++.Fl v ++option. ++There are three possible values. ++For ++.Cm off , ++no log action will be added to FTP data connection rules created ++by the proxy. ++The value ++.Cm on ++adds the log action. ++Specifying the value ++.Cm all ++adds the ++.Sq log all ++action. ++.El ++.Pp ++.Nm ++on Solaris comes with two extra options, which make service configuration easier. ++.Bl -tag -offset 3n -compact ++.It Fl c Ar smf-instance ++Shows/changes settings kept in ++.Xr smf 5 ++repository for the specified ++.Ar smf-instance ++of the ++.Nm ++service. ++.It Fl C Ar smf-instance ++Creates a new instance of the ++.Nm ++service and uses ++.Ar smf-instance ++for its name. ++.El ++.Pp ++To tell proxy service to bind the listen socket to 192.168.1.2 address, ++one has to use the command below: ++.Bd -literal -offset indent ++ftp-proxy -c default -b 192.168.1.2 ++.Ed ++.Pp ++To create anonymous-only proxy listening to port 8821, bound to ++192.168.1.2, one uses the command as follows: ++.Bd -literal -offset indent ++ftp-proxy -C anonymous -b 192.168.1.2 -p 8821 -A on ++.Ed ++.Pp ++To switch the anonymous instance created above to the regular mode (disable ++anonymous-only), one uses the command like this: ++.Bd -literal -offset indent ++ftp-proxy -c anonymous -A off ++.Ed ++.Pp ++To display the anonymous instance configuration use the command as follows: ++.Bd -literal -offset indent ++ftp-proxy -c anonymous ++.Ed ++To manage the service, you need the ++.Sy solaris.smf.manage.network.firewall ++authorization. ++To configure service instances, you need the ++.Sy solaris.smf.value.network.firewall ++authorization. ++Both these authorizations are granted through the Network Firewall Management ++profile. ++To create new service instances, you need the ++.Sy solaris.smf.modify ++authorization. + .Sh SEE ALSO +-.Xr pf.conf 5 ++.Xr pf.conf 5 , ++.Xr smf 5 , ++.Xr svccfg (1M) + .Sh CAVEATS + .Pp + Negotiated data connection ports below 1024 are not allowed. +@@ -177,3 +354,8 @@ + The negotiated IP address for active modes is ignored for security + reasons. + This makes third party file transfers impossible. ++.Pp ++.Nm ++runs as the ++.Dq daemon ++user. +diff -Naur ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/ftp-proxy.c ftp-proxy-OPENBSD_5_5-OPENBSD_5_5/ftp-proxy.c +--- ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/ftp-proxy.c 2016-02-10 04:12:16.600723376 -0800 ++++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5/ftp-proxy.c 2016-02-24 06:58:52.001603474 -0800 +@@ -46,6 +46,7 @@ + #include + #include + #include ++#include "smf-config.h" + #endif /* _SOLARIS_ */ + #include + #include +@@ -62,8 +63,10 @@ + #define NTOP_BUFS 3 + #define TCP_BACKLOG 10 + ++#ifndef _SOLARIS_ + #define CHROOT_DIR "/var/empty" + #define NOPRIV_USER "proxy" ++#endif /* !_SOLARIS_ */ + + /* pfctl standard NAT range. */ + #define PF_NAT_PROXY_PORT_LOW 50001 +@@ -97,6 +100,28 @@ + #define DIVERT_MODULE_NAME "pf_divertf" + #endif /* _SOLARIS_ */ + ++#ifdef _SOLARIS_ ++#define FTP_PROXY_GETOPTSTR "A:a:b:D:dm:P:p:R:r:T:t:v:c:C:X:" ++#define SET_CFGFLAG(_set_, _f_) (_set_) |= (_f_) ++#define SKIP_CHK(_x_) ((_x_) == NULL) ++ ++#define DROP_PRIV(priv) \ ++ do { \ ++ if (priv_set(PRIV_OFF, PRIV_PERMITTED, (priv), \ ++ NULL) != 0) { \ ++ fprintf(stderr, \ ++ "Unable to drop privileges.\n"); \ ++ exit (-1); \ ++ } \ ++ } while (0) ++#else /* !_SOLARIS_ */ ++#define FTP_PROXY_GETOPTSTR "6Aa:b:D:dm:P:p:q:R:rT:t:v" ++#define SET_CFGFLAG(_set_, _f_) ++#define SKIP_CHK(_x_) (1) ++ ++#define DROP_PRIV(priv) ++#endif /* _SOLARIS_ */ ++ + enum { CMD_NONE = 0, CMD_PORT, CMD_EPRT, CMD_PASV, CMD_EPSV }; + + struct session { +@@ -127,7 +152,9 @@ + int client_parse_anon(struct session *s); + int client_parse_cmd(struct session *s); + void client_read(struct bufferevent *, void *); ++#ifndef _SOLARIS_ + int drop_privs(void); ++#endif /* !_SOLARIS_ */ + void end_session(struct session *); + void exit_daemon(void); + int get_line(char *, size_t *); +@@ -348,6 +375,7 @@ + } while (read == buf_avail); + } + ++#ifndef _SOLARIS_ + int + drop_privs(void) + { +@@ -363,9 +391,9 @@ + setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0 || + setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) != 0) + return (0); +- + return (1); + } ++#endif /* !_SOLARIS_ */ + + void + end_session(struct session *s) +@@ -561,9 +589,6 @@ + logmsg(LOG_DEBUG, "#%d accepted connection from %s", s->id, + sock_ntop(client_sa)); + +- /* +- * Find out the real server and port that the client wanted. +- */ + len = sizeof(struct sockaddr_storage); + if (getsockname(s->client_fd, server_sa, &len) < 0) { + logmsg(LOG_CRIT, "#%d getsockname failed: %s", s->id, +@@ -770,6 +795,13 @@ + struct event ev_sighup, ev_sigint, ev_sigterm; + int ch, error, listenfd, on; + const char *errstr; ++#ifdef _SOLARIS_ ++ const char *smf_instance = NULL; ++ int smf_create = 0; ++ int cfg_flags = 0; ++#endif /* _SOLARIS_ */ ++ ++ DROP_PRIV(PRIV_PROC_EXEC); + + /* Defaults. */ + anonymous_only = 0; +@@ -792,7 +824,8 @@ + id_count = 1; + session_count = 0; + +- while ((ch = getopt(argc, argv, "6Aa:b:D:dm:P:p:q:R:rT:t:v")) != -1) { ++ while ((ch = getopt(argc, argv, ++ FTP_PROXY_GETOPTSTR)) != -1) { + switch (ch) { + #ifndef _SOLARIS_ + case '6': +@@ -800,33 +833,49 @@ + break; + #endif /* !_SOLARIS_ */ + case 'A': ++#ifdef _SOLARIS_ ++ if (strcasecmp(optarg, "off") == 0) { ++ anonymous_only = 0; ++ } else { ++ anonymous_only = 1; ++ } ++#else /* !_SOLARIS_ */ + anonymous_only = 1; ++#endif /* _SOLARIS_ */ ++ SET_CFGFLAG(cfg_flags, SMF_CFG_ANON_SET); + break; + case 'a': + fixed_proxy = optarg; ++ SET_CFGFLAG(cfg_flags, SMF_CFG_FIXED_PROXY_SET); + break; + case 'b': + listen_ip = optarg; ++ SET_CFGFLAG(cfg_flags, SMF_CFG_LISTEN_ADDR_SET); + break; + case 'D': + loglevel = strtonum(optarg, LOG_EMERG, LOG_DEBUG, + &errstr); + if (errstr) + errx(1, "loglevel %s", errstr); ++ SET_CFGFLAG(cfg_flags, SMF_CFG_DEBUG_LEVEL_SET); + break; + case 'd': + daemonize = 0; ++ DROP_PRIV(PRIV_PROC_FORK); + break; + case 'm': + max_sessions = strtonum(optarg, 1, 500, &errstr); + if (errstr) + errx(1, "max sessions %s", errstr); ++ SET_CFGFLAG(cfg_flags, SMF_CFG_MAX_SESSION_SET); + break; + case 'P': + fixed_server_port = optarg; ++ SET_CFGFLAG(cfg_flags, SMF_CFG_FIXED_SERVER_PORT_SET); + break; + case 'p': + listen_port = optarg; ++ SET_CFGFLAG(cfg_flags, SMF_CFG_LISTEN_PORT_SET); + break; + #ifndef _SOLARIS_ + case 'q': +@@ -837,40 +886,83 @@ + #endif /* !_SOLARIS_ */ + case 'R': + fixed_server = optarg; ++ SET_CFGFLAG(cfg_flags, SMF_CFG_FIXED_SERVER_SET); + break; + case 'r': ++#ifdef _SOLARIS_ ++ if (strcasecmp(optarg, "off") == 0) { ++ rfc_mode = 0; ++ } else { ++ rfc_mode = 1; ++ } ++ SET_CFGFLAG(cfg_flags, SMF_CFG_RFC_MODE_SET); ++#else /* !_SOLARIS_ */ + rfc_mode = 1; ++#endif /* _SOLARIS_ */ + break; + case 'T': + if (strlen(optarg) >= PF_TAG_NAME_SIZE) + errx(1, "tagname too long"); + tagname = optarg; ++ SET_CFGFLAG(cfg_flags, SMF_CFG_TAG_SET); + break; + case 't': + timeout = strtonum(optarg, 0, 86400, &errstr); + if (errstr) + errx(1, "timeout %s", errstr); ++ SET_CFGFLAG(cfg_flags, SMF_CFG_TIMEOUT_SET); + break; + case 'v': ++#ifdef _SOLARIS_ ++ if (strcasecmp(optarg, "all") == 0) { ++ verbose = 2; ++ } else if (strcasecmp(optarg, "on") == 0) { ++ verbose = 1; ++ } else { ++ verbose = 0; ++ } ++ SET_CFGFLAG(cfg_flags, SMF_CFG_LOG_SET); ++#else /* !_SOLARIS_ */ + verbose++; + if (verbose > 2) + usage(); ++#endif /* _SOLARIS_ */ ++ break; ++#ifdef _SOLARIS_ ++ case 'C': ++ smf_create = 1; ++ /* FALLTHRU */ ++ case 'c': ++ smf_instance = optarg; ++ break; ++ case 'X': ++ FTP_PROXY_ANCHOR = optarg; + break; ++#endif /* _SOLARIS_ */ + default: + usage(); + } + } + ++#ifdef _SOLARIS_ ++ if ((FTP_PROXY_ANCHOR == NULL) && (smf_instance == NULL)) { ++ fprintf(stderr, "The ftp-proxy can be started only via SMF.\n"); ++ exit (-1); ++ } ++#endif /* _SOLARIS_ */ ++ + if (listen_ip == NULL) + listen_ip = ipv6_mode ? "::1" : "127.0.0.1"; + ++#ifndef _SOLARIS_ + /* Check for root to save the user from cryptic failure messages. */ + if (getuid() != 0) + errx(1, "needs to start as root"); ++#endif /* !_SOLARIS_ */ + + /* Raise max. open files limit to satisfy max. sessions. */ + rlp.rlim_cur = rlp.rlim_max = (2 * max_sessions) + 10; +- if (setrlimit(RLIMIT_NOFILE, &rlp) == -1) ++ if (SKIP_CHK(smf_instance) && (setrlimit(RLIMIT_NOFILE, &rlp) == -1)) + err(1, "setrlimit"); + + if (fixed_proxy) { +@@ -895,7 +987,12 @@ + freeaddrinfo(res); + } + ++#ifdef _SOLARIS_ ++ /* Steps not needed when we are just working with SMF. */ ++ if (fixed_server && (smf_instance == NULL)) { ++#else /* !_SOLARIS_ */ + if (fixed_server) { ++#endif /* _SOLARIS_ */ + memset(&hints, 0, sizeof hints); + hints.ai_family = ipv6_mode ? AF_INET6 : AF_INET; + hints.ai_socktype = SOCK_STREAM; +@@ -917,6 +1014,61 @@ + freeaddrinfo(res); + } + ++#ifdef _SOLARIS_ ++ if (smf_instance != NULL) { ++ /* ++ * If we are creating new instance, we will use default ++ * values for properties. ++ */ ++ if (smf_create == 1) { ++ cfg_flags = -1; ++ } ++ ++ if (cfg_flags == 0) { ++ if (smf_print_ftpcfg(smf_instance) != 0) { ++ exit (-1); ++ } ++ exit(0); ++ } else { ++ smf_ftp_cfg.cfg_set = cfg_flags; ++ smf_ftp_cfg.cfg_anonymous_only = anonymous_only; ++ smf_ftp_cfg.cfg_listen_addr = SMF_COPY_STR(listen_ip); ++ smf_ftp_cfg.cfg_listen_port = strtonum(listen_port, 1, ++ 65535, NULL); ++ if (smf_ftp_cfg.cfg_listen_port == 0) { ++ fprintf(stderr, ++ "Invalid listen port specified.\n"); ++ exit (-1); ++ } ++ smf_ftp_cfg.cfg_debug_level = loglevel; ++ smf_ftp_cfg.cfg_max_sessions = max_sessions; ++ smf_ftp_cfg.cfg_fixed_server = ++ SMF_COPY_STR(fixed_server); ++ smf_ftp_cfg.cfg_fixed_server_port = strtonum( ++ fixed_server_port, 1, 65535, NULL); ++ if (smf_ftp_cfg.cfg_fixed_server_port == 0) { ++ fprintf(stderr, ++ "Invalid fixed server port specified.\n"); ++ exit (-1); ++ } ++ smf_ftp_cfg.cfg_rfc_mode = rfc_mode; ++ smf_ftp_cfg.cfg_tag = SMF_COPY_STR(tagname); ++ smf_ftp_cfg.cfg_timeout = timeout; ++ smf_ftp_cfg.cfg_log = verbose; ++ smf_ftp_cfg.cfg_fixed_proxy = SMF_COPY_STR(fixed_proxy); ++ if (smf_write_ftpcfg(smf_instance, smf_create) == -1) { ++ err(1, "...Giving up"); ++ } else { ++ printf("configuration for\n\t%s (%s:%s)\nhas been saved\n", ++ smf_instance, ++ BASE_FMRI, ++ smf_instance); ++ } ++ exit(0); ++ } ++ } ++#endif /* _SOLARIS_ */ ++ + /* Setup listener. */ + memset(&hints, 0, sizeof hints); + hints.ai_flags = AI_NUMERICHOST | AI_PASSIVE; +@@ -946,19 +1098,21 @@ + + /* Initialize pf. */ + init_filter(qname, tagname, verbose); +- + if (daemonize) { + if (daemon(0, 0) == -1) + err(1, "cannot daemonize"); ++ DROP_PRIV(PRIV_PROC_FORK); + openlog(__progname, LOG_PID | LOG_NDELAY, LOG_DAEMON); + } + + /* Use logmsg for output from here on. */ + ++#ifndef _SOLARIS_ + if (!drop_privs()) { + logmsg(LOG_ERR, "cannot drop privileges: %s", strerror(errno)); + exit(1); + } ++#endif /* !_SOLARIS_ */ + + event_init(); + +@@ -1327,9 +1481,16 @@ + void + usage(void) + { ++#ifdef _SOLARIS_ ++ fprintf(stderr, "usage: %s [-A on | off] [-a address] [-b address]" ++ " [{-c | -C} instance] [-D level] [-m maxsessions]\n [-P port]" ++ " [-p port] [-R address] [-r on | off] [-T tag]\n" ++ " [-t timeout] [-v all | on | off]\n", __progname); ++#else /* !_SOLARIS_ */ + fprintf(stderr, "usage: %s [-6Adrv] [-a address] [-b address]" + " [-D level] [-m maxsessions]\n [-P port]" + " [-p port] [-q queue] [-R address] [-T tag]\n" + " [-t timeout]\n", __progname); ++#endif /* _SOLARIS_ */ + exit(1); + } +diff -Naur ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/smf-config.c ftp-proxy-OPENBSD_5_5-OPENBSD_5_5/smf-config.c +--- ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/smf-config.c 1969-12-31 16:00:00.000000000 -0800 ++++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5/smf-config.c 2016-02-24 08:45:36.636917450 -0800 +@@ -0,0 +1,822 @@ ++/* ++ * CDDL HEADER START ++ * ++ * The contents of this file are subject to the terms of the ++ * Common Development and Distribution License (the "License"). ++ * You may not use this file except in compliance with the License. ++ * ++ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE ++ * or http://www.opensolaris.org/os/licensing. ++ * See the License for the specific language governing permissions ++ * and limitations under the License. ++ * ++ * When distributing Covered Code, include this CDDL HEADER in each ++ * file and include the License file at usr/src/OPENSOLARIS.LICENSE. ++ * If applicable, add the following below this CDDL HEADER, with the ++ * fields enclosed by brackets "[]" replaced with your own identifying ++ * information: Portions Copyright [yyyy] [name of copyright owner] ++ * ++ * CDDL HEADER END ++ * ++ */ ++ ++/* ++ * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved. ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include "smf-config.h" ++ ++/* #include */ ++ ++#define FTP_PROXY_PG "ftp-proxy" ++#define FTP_PROXY_PROP_VALUE_AUTH "value_authorization" ++#define FTP_PROXY_PROP_ACTION_AUTH "action_authorization" ++#define FTP_PROXY_VALUE_AUTH "solaris.smf.value.network.firewall" ++#define FTP_PROXY_MANAGE_AUTH "solaris.smf.manage.network.firewall" ++ ++/* ++ * CHKASCIIZ() ++ * Macro checks if _s_ is ASCIIZ (not NULL, not empty), if _s_ is not empty ++ * string, then _p_ is returned. ++ * ++ * Arguments: ++ * _s_ - ASCIIZ string to be tested ++ * _p_ - string to be returned when _s_ is not NULL or empty ++ * ++ * Returns: ++ * _p_ if _s_ is not NULL/empty, otherwise the empty string is returned. ++ */ ++#define CHKASCIIZ(_s_, _p_) \ ++ ((((_s_) == NULL) || (_s_[0] == '\0')) ? "" : (_p_)) ++ ++#define SKIP_PROP(_pv_) \ ++ ((strcmp((_pv_)->pv_prop, "action_authorization") == 0) || \ ++ (strcmp((_pv_)->pv_prop, "value_authorization") == 0)) ++ ++#define STRIP_SVC(_x_) ((_x_) + (sizeof ("svc:/") - 1)) ++ ++/* ++ * smf_ftp_cfg ++ * FTP proxy configuration container. ++ */ ++smf_ftppx_cfg_t smf_ftp_cfg; ++ ++#define SMF_OPT_OPTIONAL 0 ++#define SMF_OPT_MANDATORY 1 ++/* ++ * X-macro table. ++ * Columns are as follows: ++ * value key/index ++ * smf(5) property name name ++ * member in smf_ftppx_cfg_t structure ++ * function which converts ASCIIZ to member type in smf_ftppx_cfg_t ++ * function which converts member in smf_ftppx_cfg_t to ASCIIZ ++ * optional/mandatory status ++ * property type ++ */ ++#define X_CFG_PROPS \ ++ X(SMF_ANON, "anonymous-only", cfg_anonymous_only, on_to_one, \ ++ one_to_on, SMF_OPT_OPTIONAL, SCF_TYPE_ASTRING) \ ++ X(SMF_FIXED_PROXY, "proxy-NAT-address", cfg_fixed_proxy, \ ++ nop_in, nop_out, SMF_OPT_MANDATORY, SCF_TYPE_ASTRING) \ ++ X(SMF_LISTEN_ADDR, "proxy-listen-address", cfg_listen_addr, \ ++ nop_in, nop_out, SMF_OPT_MANDATORY, SCF_TYPE_ASTRING) \ ++ X(SMF_LISTEN_PORT, "listen-port", cfg_listen_port, \ ++ int_in, int_out, SMF_OPT_OPTIONAL, SCF_TYPE_INTEGER) \ ++ X(SMF_DEBUG_LEVEL, "debug-level", cfg_debug_level, int_in, \ ++ int_out, SMF_OPT_OPTIONAL, SCF_TYPE_INTEGER) \ ++ X(SMF_MAX_SESSIONS, "maxsessions", cfg_max_sessions, \ ++ int_in, int_out, SMF_OPT_OPTIONAL, \ ++ SCF_TYPE_INTEGER) \ ++ X(SMF_RFC_MODE, "always-use-ftp-data-port", cfg_rfc_mode, \ ++ on_to_one, one_to_on, SMF_OPT_OPTIONAL, SCF_TYPE_ASTRING) \ ++ X(SMF_FIXED_SERVER_PORT, "reverse-mode-port", \ ++ cfg_fixed_server_port, int_in, int_out, SMF_OPT_OPTIONAL, \ ++ SCF_TYPE_INTEGER) \ ++ X(SMF_FIXED_SERVER, "reverse-mode-address", cfg_fixed_server, \ ++ nop_in, nop_out, SMF_OPT_OPTIONAL, SCF_TYPE_ASTRING) \ ++ X(SMF_TAG, "tag", cfg_tag, nop_in, nop_out, SMF_OPT_OPTIONAL, \ ++ SCF_TYPE_ASTRING) \ ++ X(SMF_TIMEOUT, "timeout", cfg_timeout, int_in, int_out, \ ++ SMF_OPT_OPTIONAL, SCF_TYPE_INTEGER) \ ++ X(SMF_LOG, "log", cfg_log, log_to_int, int_to_log, \ ++ SMF_OPT_OPTIONAL, SCF_TYPE_ASTRING) ++ ++static void nop_in(void *, void *); ++static void nop_out(void *, void *); ++static void int_in(void *, void *); ++static void int_out(void *, void *); ++static void on_to_one(void *, void *); ++static void one_to_on(void *, void *); ++static void str_to_int(void *, void *); ++static void int_to_str(void *, void *); ++static void str_to_uint(void *, void *); ++static void uint_to_str(void *, void *); ++static void log_to_int(void *, void *); ++static void int_to_log(void *, void *); ++ ++/* ++ * smf_keys ++ * Keys (indexes) to `smf_propnames` dictionary. ++ */ ++#define X(_const_, _propname_, _decl_, _conv_in_, _conv_out_, _mandatory_, \ ++ _type_) _const_, ++enum smf_keys { ++ X_CFG_PROPS ++ SMF_CFG_PROP_COUNT ++}; ++#undef X ++ ++/* ++ * smf_propnames ++ * It's an array (dictionary), which translates property code (SMF_*) to ++ * property value name found `ftp-proxy` property group. ++ */ ++#define X(_const_, _propname_, _decl_, _conv_in_, _conv_out_, _mandatory_, \ ++ _type_) _propname_, ++static const char *smf_propnames[] = { ++ X_CFG_PROPS ++ NULL ++}; ++#undef X ++ ++/* ++ * smf_cfg_offsets ++ * Table of smf_ftppx_cfg_t members. ++ */ ++#define X(_const_, _propname_, _decl_, _conv_in_, _conv_out_, _mandatory_, \ ++ _type_) offsetof(smf_ftppx_cfg_t, _decl_), ++static size_t smf_cfg_offsets[] = { ++ X_CFG_PROPS ++ sizeof (smf_ftppx_cfg_t) ++}; ++#undef X ++ ++typedef void(*conv_in_f)(void *, void *); ++typedef void(*conv_out_f)(void *, void *); ++/* ++ * smf_convert_in ++ * Table of conversion functions, which convert particular smf_ftppx_cfg_t ++ * member into ASCIIZ. ++ */ ++#define X(_const_, _propname_, _decl_, _conv_in_, _conv_out_, _mandatory_, \ ++ _type_) _conv_in_, ++static conv_in_f smf_conv_in[] = { ++ X_CFG_PROPS ++ NULL ++}; ++#undef X ++ ++/* ++ * smf_conv_out ++ * Table of conversion functions, which convert ASCIIZ fetched from smf(5) ++ * repository to member of smf_ftppx_cfg_t structure. ++ */ ++#define X(_const_, _propname_, _decl_, _conv_in_, _conv_out_, _mandatory_, \ ++ _type_) _conv_out_, ++static conv_out_f smf_conv_out[] = { ++ X_CFG_PROPS ++ NULL ++}; ++#undef X ++ ++/* ++ * smf_mandatory ++ * Table marks configuration parameters, which must be defined by admin, ++ * before the service is enabled for the first time. ++ */ ++#define X(_const_, _propname_, _decl_, _conv_in_, _conv_out_, _mandatory_, \ ++ _type_) _mandatory_, ++static int smf_mandatory[] = { ++ X_CFG_PROPS ++ 0 ++}; ++#undef X ++ ++/* ++ * smf_type ++ * Table of types of SMF properties. ++ */ ++#define X(_const_, _propname_, _decl_, _conv_in_, _conv_out_, _mandatory_, \ ++ _type_) _type_, ++static int smf_type[] = { ++ X_CFG_PROPS ++ 0 ++}; ++#undef X ++ ++/* ++ * ftp-proxy property group properties ++ * +1 for NULL termination. ++ * +1 for value_authorization ++ */ ++static scf_propvec_t prop_vec[SMF_CFG_PROP_COUNT + 1 + 1]; ++ ++/* ++ * general property group properties ++ * +1 for NULL termination. ++ * +2 for value_authorization/action_authorization ++ */ ++static scf_propvec_t gen_prop_vec[1 + 2]; ++ ++static int atexit_set = 0; ++ ++/* ++ * Conversion routines from smf_ftp_cfg structure to prop_vec member and vice ++ * versa. ++ */ ++ ++/* ++ * nop_in() ++ * Dummy conversion ASCIIZ to ASCIIZ, no allocation happens. Used when ++ * configuration is from smf(5). ++ */ ++static void ++nop_in(void *asciiz, void *result) ++{ ++ *((char **)result) = asciiz; ++} ++ ++/* ++ * nop_out() ++ * Dummy conversion ASCIIZ to ASCIIZ, function allocates memory for result by ++ * strdup(3C). Used when configuration is written to smf(5) repository. ++ */ ++static void ++nop_out(void *asciiz, void *val) ++{ ++ *((char **)asciiz) = strdup(*(char **)val); ++} ++ ++/* ++ * int_in() ++ * Dummy conversion of int64_t. No allocation happens. Used when reading ++ * values from smf. ++ */ ++static void ++int_in(void *in, void *out) { ++ *((int64_t *)out) = *((int64_t *)in); ++} ++ ++/* ++ * int_out() ++ * Dummy conversion of int64_t, storing into a newly allocated memory. ++ * Used when storing values to smf repository. ++ */ ++static void ++int_out(void *out, void *in) { ++ int64_t **out_ = (int64_t **)out; ++ ++ *out_ = malloc(sizeof (int64_t)); ++ if (*out_ != NULL) ++ **out_ = *((int64_t *)in); ++} ++ ++/* ++ * on_to_one() ++ * Function converts ASCIIZ value "on" to 1. Anything else yeilds a 0. Used to ++ * read configuration from smf(5). ++ */ ++static void ++on_to_one(void *asciiz, void *result) ++{ ++ *((int *)result) = ((strcasecmp((char *)asciiz, "on") == 0) ? 1 : 0); ++} ++ ++/* ++ * one_to_on() ++ * Function converts 0 to ASCIIZ string "off", anything else than 0 yeilds to ++ * "on". Used when configuration ie being written to smf(5). Function also ++ * allocates memory for resulting string using strdup(3C). ++ */ ++static void ++one_to_on(void *asciiz, void *val) ++{ ++ if (*((int *)val) == 0) { ++ *((char **)asciiz) = strdup("off"); ++ } else { ++ *((char **)asciiz) = strdup("on"); ++ } ++} ++ ++/* ++ * str_to_int() ++ * Function converts integer represented as ASCIIZ to int using atoi(3C). Used ++ * when configuration is read from smf(5). ++ */ ++static void ++str_to_int(void *asciiz, void *result) ++{ ++ *((int *)result) = atoi((char *)asciiz); ++} ++ ++/* ++ * int_to_str() ++ * Function converts integer number to ASCIIZ using asprintf(3C). Used when ++ * configuration is being stored to smf(5). Memory for results get allocated by ++ * asprintf(3C). ++ */ ++static void ++int_to_str(void *asciiz, void *val) ++{ ++ (void) asprintf((char **)asciiz, "%d", *((int *)val)); ++} ++ ++/* ++ * str_to_uint() ++ * Function converts unsigned integer represented as ASCIIZ to int using ++ * atoi(3C). Used when configuration is being read from smf(5) repository. ++ */ ++static void ++str_to_uint(void *asciiz, void *result) ++{ ++ *((unsigned int *)result) = (unsigned int) atoi((char *)asciiz); ++} ++ ++/* ++ * uint_to_str() ++ * Function converts unsigned integer to ASCIIZ using asprintf(3C). Used when ++ * configuration is written to smf(5). Memory for result is allocated by ++ * asprintf(3C). ++ */ ++static void ++uint_to_str(void *asciiz, void *val) ++{ ++ (void) asprintf((char **)asciiz, "%u", *((int *)val)); ++} ++ ++/* ++ * log_to_int() ++ * Function encodes ASCIIZ value for log property to numeric code. String ++ * "all" gets converted to 2, string "on" to 1, anything else yeilds to 0. ++ * It's used when configuration is being read from smf(5) repository. ++ */ ++static void ++log_to_int(void *asciiz, void *result) ++{ ++ if (strcasecmp((char *)asciiz, "all") == 0) { ++ *((int *)result) = 2; ++ } else if (strcasecmp((char *)asciiz, "on") == 0) { ++ *((int *)result) = 1; ++ } else { ++ *((int *)result) = 0; ++ } ++} ++ ++/* ++ * int_to_log() ++ * Function encodes value of log property to its numeric representation. 2 ++ * gets encoded to "all", 1 results to "on", anything else results to off. ++ * The memory for result is allocated by strdup(3C). ++ */ ++static void ++int_to_log(void *asciiz, void *val) ++{ ++ switch (*((int *)val)) { ++ case 2: ++ *((char **)asciiz) = strdup("all"); ++ break; ++ case 1: ++ *((char **)asciiz) = strdup("on"); ++ break; ++ default: ++ *((char **)asciiz) = strdup("off"); ++ } ++} ++ ++static void ++clear_prop_vec2(scf_propvec_t *prop_vec_ptr, int count) ++{ ++ while (count--) { ++ prop_vec_ptr->pv_prop = NULL; ++ prop_vec_ptr->pv_desc = NULL; ++ prop_vec_ptr->pv_type = 0; ++ prop_vec_ptr->pv_aux = 0; ++ prop_vec_ptr->pv_mval = 0; ++ ++ if (prop_vec_ptr->pv_ptr != NULL) { ++ free(prop_vec_ptr->pv_ptr); ++ prop_vec_ptr->pv_ptr = NULL; ++ } ++ ++ prop_vec_ptr++; ++ } ++} ++ ++/* ++ * clear_prop_vec() ++ * Function clears global variables `prop_vec` and `gen_prop_vec`, ++ * which are vectors of properties. ++ */ ++static void ++clear_prop_vec() ++{ ++ clear_prop_vec2(prop_vec, ++ sizeof (prop_vec) / sizeof (scf_propvec_t)); ++ clear_prop_vec2(gen_prop_vec, ++ sizeof (gen_prop_vec) / sizeof (scf_propvec_t)); ++} ++ ++/* ++ * cfg_to_prop_vec() ++ * Function converts smf_ftp_cfg global variable, which holds configuration ++ * parsed from command line arguments, to prop_vec, which is a smf(5) friendly ++ * representation of proxy configuration. ++ * ++ * Additionally, it populates gen_prop_vec to specify needed authorizations. ++ * ++ * Returns 0 on success, -1 on out of memory error. ++ */ ++static int ++cfg_to_prop_vec(void) ++{ ++ int cfg_bit = 1; ++ int i; ++ scf_propvec_t *prop_vec_ptr = prop_vec; ++ conv_out_f conv_func; ++ ++ clear_prop_vec(); ++ ++ for (i = 0; i < SMF_CFG_PROP_COUNT; i++) { ++ if ((smf_ftp_cfg.cfg_set & cfg_bit) != 0) { ++ prop_vec_ptr->pv_prop = smf_propnames[i]; ++ conv_func = smf_conv_out[i]; ++ ++ conv_func(&prop_vec_ptr->pv_ptr, ++ ((char *)&smf_ftp_cfg + smf_cfg_offsets[i])); ++ if (prop_vec_ptr->pv_ptr == NULL) ++ return (-1); ++ prop_vec_ptr->pv_type = smf_type[i]; ++ prop_vec_ptr++; ++ } ++ cfg_bit = cfg_bit << 1; ++ } ++ prop_vec_ptr->pv_type = SCF_TYPE_ASTRING; ++ prop_vec_ptr->pv_prop = FTP_PROXY_PROP_VALUE_AUTH; ++ prop_vec_ptr->pv_ptr = strdup(FTP_PROXY_VALUE_AUTH); ++ prop_vec_ptr++; ++ ++ gen_prop_vec[0].pv_type = SCF_TYPE_ASTRING; ++ gen_prop_vec[0].pv_prop = FTP_PROXY_PROP_VALUE_AUTH; ++ gen_prop_vec[0].pv_ptr = strdup(FTP_PROXY_MANAGE_AUTH); ++ gen_prop_vec[1].pv_type = SCF_TYPE_ASTRING; ++ gen_prop_vec[1].pv_prop = FTP_PROXY_PROP_ACTION_AUTH; ++ gen_prop_vec[1].pv_ptr = strdup(FTP_PROXY_MANAGE_AUTH); ++ ++ return (0); ++} ++ ++/* ++ * prop_vec_to_cfg() ++ * Converts global variable `prop_vec` to `smf_ftp_cfg` global variable, ++ * which is understood by main(). ++ */ ++static void ++prop_vec_to_cfg(void) ++{ ++ int i; ++ scf_propvec_t *prop_vec_ptr = prop_vec; ++ conv_in_f conv_func; ++ ++ for (i = 0; i < SMF_CFG_PROP_COUNT; i++, prop_vec_ptr++) { ++ if (SKIP_PROP(prop_vec_ptr)) { ++ /* ++ * We have `hidden` properties: action/value smf ++ * authorization. Those two are not kept in ++ * smf_ftp_cfg. ++ * ++ * So we must to skip to next property in vector ++ * without letting for loop to advance its counter, so ++ * we compensate here by doing `i--`. ++ */ ++ i--; ++ continue; ++ }; ++ conv_func = smf_conv_in[i]; ++ conv_func(prop_vec_ptr->pv_ptr, ++ ((char *)&smf_ftp_cfg + smf_cfg_offsets[i])); ++ } ++} ++ ++/* ++ * smf_print_ftpcfg() ++ * Function loads ftpcfg from smf(5) repository and prints configuration to ++ * standard output. We use `scf_simple_prop_get(3SCF)`. ++ * ++ * Returns 0 on success, -1 on error.. ++ */ ++int ++smf_print_ftpcfg(const char *smf_instance) ++{ ++ scf_simple_prop_t *prop; ++ int i; ++ scf_propvec_t *prop_vec_ptr = prop_vec; ++ int cfg_incomplete = 0; ++ char *fmri; ++ ++ if (atexit_set == 0) { ++ atexit(clear_prop_vec); ++ bzero(&smf_ftp_cfg, sizeof (smf_ftppx_cfg_t)); ++ atexit_set = 1; ++ } ++ ++ (void) asprintf(&fmri, "%s:%s", BASE_FMRI, smf_instance); ++ if (fmri == NULL) { ++ fprintf(stderr, "Out of memory.\n"); ++ return (-1); ++ } ++ ++ clear_prop_vec(); ++ ++ for (i = 0; i < SMF_CFG_PROP_COUNT; i++) { ++ prop = scf_simple_prop_get(NULL, fmri, FTP_PROXY_PG, ++ smf_propnames[i]); ++ prop_vec_ptr->pv_prop = smf_propnames[i]; ++ prop_vec_ptr->pv_type = scf_simple_prop_type(prop); ++ if (prop_vec_ptr->pv_type == -1) { ++ free(fmri); ++ fprintf(stderr, "Failed to get property type.\n"); ++ return (-1); ++ } ++ if (prop_vec_ptr->pv_type != smf_type[i]) { ++ free(fmri); ++ fprintf(stderr, "Property %s has unexpected type.\n", ++ smf_propnames[i]); ++ return (-1); ++ } ++ if (prop == NULL) { ++ /* ++ * Property not defined, so we create a kind of ++ * 'placeholder' with empty value. ++ * ++ * calloc() works well for both astring and integer. ++ */ ++ prop_vec_ptr->pv_ptr = calloc(1, sizeof (int64_t)); ++ cfg_incomplete |= smf_mandatory[i]; ++ } else { ++ if (smf_type[i] == SCF_TYPE_ASTRING) { ++ char *propval; ++ propval = scf_simple_prop_next_astring(prop); ++ if (propval == NULL) { ++ propval = ""; ++ } ++ prop_vec_ptr->pv_ptr = strdup(propval); ++ ++ if (propval[0] == 0) { ++ cfg_incomplete |= smf_mandatory[i]; ++ } ++ } else { ++ /* smf_type[i] == SCF_TYPE_INTEGER */ ++ int64_t *propval; ++ int64_t propval_; ++ ++ propval = scf_simple_prop_next_integer(prop); ++ propval_ = (propval == NULL) ? (0) : (*propval); ++ ++ prop_vec_ptr->pv_ptr = malloc(sizeof (int64_t)); ++ if (prop_vec_ptr->pv_ptr != NULL) { ++ *((int64_t *)prop_vec_ptr->pv_ptr) = ++ propval_; ++ } ++ if (propval_ == 0) { ++ cfg_incomplete |= smf_mandatory[i]; ++ } ++ } ++ scf_simple_prop_free(prop); ++ } ++ if (prop_vec_ptr->pv_ptr == NULL) { ++ free(fmri); ++ fprintf(stderr, "Out of memory.\n"); ++ return (-1); ++ } ++ ++ prop_vec_ptr++; ++ } ++ ++ printf("PF FTP proxy configuration:\n"); ++ ++ prop_vec_ptr = prop_vec; ++ for (i = 0; i < SMF_CFG_PROP_COUNT; i++) { ++ if (smf_type[i] == SCF_TYPE_ASTRING) { ++ const char *val = (const char *)prop_vec_ptr->pv_ptr; ++ printf("\t- %s:\n\t\t%s\n", prop_vec_ptr->pv_prop, ++ ((val[0] == '\0') ? "?? undefined ??" : val)); ++ } else { ++ /* smf_type[i] == SCF_TYPE_INTEGER */ ++ int64_t val = *((int64_t *)prop_vec_ptr->pv_ptr); ++ if (val == 0) { ++ printf("\t- %s:\n\t\t%s\n", prop_vec_ptr->pv_prop, ++ "?? undefined ??"); ++ } else { ++ printf("\t- %s:\n\t\t%d\n", prop_vec_ptr->pv_prop, ++ (int)val); ++ } ++ } ++ prop_vec_ptr++; ++ } ++ if (cfg_incomplete) { ++ printf("\n\nConfiguration for %s is incomplete." ++ " Service will not run.\n\n", fmri); ++ } else { ++ prop_vec_to_cfg(); ++ printf( ++ "\n\n%s service is being launched using cmd line below\n\n", ++ fmri); ++ printf("ftp-proxy " ++ "%s -a %s -b %s -p " ++ "%d -D %d -m %d -t %d %s %s %s %.d %s %s %s %s\n", ++ ((smf_ftp_cfg.cfg_anonymous_only == 1) ? "-A on" : ""), ++ smf_ftp_cfg.cfg_fixed_proxy, ++ smf_ftp_cfg.cfg_listen_addr, ++ (int)smf_ftp_cfg.cfg_listen_port, ++ (int)smf_ftp_cfg.cfg_debug_level, ++ (int)smf_ftp_cfg.cfg_max_sessions, ++ (int)smf_ftp_cfg.cfg_timeout, ++ CHKASCIIZ(smf_ftp_cfg.cfg_fixed_server, "-R"), ++ CHKASCIIZ(smf_ftp_cfg.cfg_fixed_server, ++ smf_ftp_cfg.cfg_fixed_server), ++ (smf_ftp_cfg.cfg_fixed_server_port == 0) ? ("") : ("-P"), ++ (int)smf_ftp_cfg.cfg_fixed_server_port, ++ ((smf_ftp_cfg.cfg_rfc_mode != 0) ? "-r on" : ""), ++ CHKASCIIZ(smf_ftp_cfg.cfg_tag, "-T"), ++ CHKASCIIZ(smf_ftp_cfg.cfg_tag, smf_ftp_cfg.cfg_tag), ++ ((smf_ftp_cfg.cfg_log == 2) ? "-vv" : ++ ((smf_ftp_cfg.cfg_log == 1) ? "-v" : ""))); ++ } ++ ++ free(fmri); ++ ++ return (0); ++} ++ ++/* ++ * smf_create_ftp_instance() ++ * Function creates a new instance in smf(5) repository. ++ */ ++static int ++smf_create_ftp_instance(const char *smf_instance) ++{ ++ scf_handle_t *h_scf = NULL; ++ scf_scope_t *scp_scf = NULL; ++ scf_service_t *svc_scf = NULL; ++ scf_instance_t *sin_scf = NULL; ++ int rv = -1; ++ ++ h_scf = scf_handle_create(SCF_VERSION); ++ if ((h_scf == NULL) || (scf_handle_bind(h_scf) == -1)) { ++ (void) fprintf(stderr, "scf_handle_bind() failed - %s\n", ++ scf_strerror(scf_error())); ++ if (h_scf != NULL) { ++ scf_handle_destroy(h_scf); ++ } ++ return (-1); ++ } ++ ++ if ((scp_scf = scf_scope_create(h_scf)) == NULL) { ++ (void) fprintf(stderr, "could not create scope - %s\n", ++ scf_strerror(scf_error())); ++ goto unbind; ++ } ++ ++ if (scf_handle_get_local_scope(h_scf, scp_scf) != 0) { ++ (void) fprintf(stderr, "could not get scope - %s\n", ++ scf_strerror(scf_error())); ++ goto scope_destroy; ++ } ++ ++ if ((svc_scf = scf_service_create(h_scf)) == NULL) { ++ (void) fprintf(stderr, "could not create service - %s\n", ++ scf_strerror(scf_error())); ++ goto scope_destroy; ++ } ++ ++ if ((sin_scf = scf_instance_create(h_scf)) == NULL) { ++ (void) fprintf(stderr, "could not get instance handle - %s\n", ++ scf_strerror(scf_error())); ++ goto service_destroy; ++ } ++ ++ if (scf_scope_get_service(scp_scf, STRIP_SVC(BASE_FMRI), svc_scf) != ++ SCF_SUCCESS) { ++ (void) fprintf(stderr, "could not select service (%s)\n", ++ scf_strerror(scf_error())); ++ goto instance_destroy; ++ } ++ ++ if (scf_service_add_instance(svc_scf, smf_instance, sin_scf) != 0) { ++ (void) fprintf(stderr, "could not add %s instance - %s\n", ++ smf_instance, scf_strerror(scf_error())); ++ goto instance_destroy; ++ } ++ ++ if (scf_instance_add_pg(sin_scf, "general", "framework", 0, ++ NULL) != SCF_SUCCESS) { ++ (void) fprintf(stderr, ++ "could not create property group - %s\n", ++ scf_strerror(scf_error())); ++ goto instance_delete; ++ } ++ ++ if (scf_instance_add_pg(sin_scf, FTP_PROXY_PG, "application", 0, ++ NULL) != SCF_SUCCESS) { ++ (void) fprintf(stderr, ++ "could not create property group - %s\n", ++ scf_strerror(scf_error())); ++ goto instance_delete; ++ } ++ ++ rv = 0; ++ goto instance_destroy; ++ ++instance_delete: ++ if (scf_instance_delete(sin_scf) != 0) { ++ fprintf(stderr, "Can't delete the newly created instance:"); ++ fprintf(stderr, "\t%s\n", scf_strerror(scf_error())); ++ } ++instance_destroy: ++ scf_instance_destroy(sin_scf); ++service_destroy: ++ scf_service_destroy(svc_scf); ++scope_destroy: ++ scf_scope_destroy(scp_scf); ++unbind: ++ scf_handle_unbind(h_scf); ++ scf_handle_destroy(h_scf); ++ ++ return (rv); ++} ++ ++/* ++ * smf_write_ftpcfg() ++ * Function writes proxy configuration to smf(5) repostiory. ++ */ ++int ++smf_write_ftpcfg(const char *smf_instance, int create) ++{ ++ int i; ++ scf_propvec_t ++ *bad_prop_vec = NULL; ++ char *fmri; ++ ++ if (atexit_set == 0) { ++ atexit(clear_prop_vec); ++ bzero(prop_vec, sizeof (prop_vec)); ++ atexit_set = 1; ++ } ++ ++ if (cfg_to_prop_vec() != 0) { ++ fprintf(stderr, "Out of memory.\n"); ++ return (-1); ++ } ++ ++ (void) asprintf(&fmri, "%s:%s", BASE_FMRI, smf_instance); ++ if (fmri == NULL) { ++ fprintf(stderr, "Out of memory.\n"); ++ return (-1); ++ } ++ ++ if (create) { ++ if (smf_create_ftp_instance(smf_instance) != 0) { ++ free(fmri); ++ return (-1); ++ } ++ } ++ ++ if (create && (scf_write_propvec(fmri, "general", gen_prop_vec, ++ &bad_prop_vec) != SCF_SUCCESS)) { ++ fprintf(stderr, "Can't update %s configuration:", fmri); ++ fprintf(stderr, "\t%s\n", scf_strerror(scf_error())); ++ if (bad_prop_vec != NULL) { ++ fprintf(stderr, "Could not set %s\n", ++ bad_prop_vec->pv_prop); ++ } ++ free(fmri); ++ exit(1); ++ } ++ ++ bad_prop_vec = NULL; ++ if (scf_write_propvec(fmri, FTP_PROXY_PG, prop_vec, &bad_prop_vec) ++ != SCF_SUCCESS) { ++ fprintf(stderr, "Can't update %s configuration:", fmri); ++ fprintf(stderr, "\t%s\n", scf_strerror(scf_error())); ++ if (bad_prop_vec != NULL) { ++ fprintf(stderr, "Could not set %s\n", ++ bad_prop_vec->pv_prop); ++ } ++ free(fmri); ++ exit(1); ++ } ++ ++ free(fmri); ++ return (0); ++} +diff -Naur ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/smf-config.h ftp-proxy-OPENBSD_5_5-OPENBSD_5_5/smf-config.h +--- ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/smf-config.h 1969-12-31 16:00:00.000000000 -0800 ++++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5/smf-config.h 2016-02-19 06:43:15.097134373 -0800 +@@ -0,0 +1,77 @@ ++/* ++ * CDDL HEADER START ++ * ++ * The contents of this file are subject to the terms of the ++ * Common Development and Distribution License (the "License"). ++ * You may not use this file except in compliance with the License. ++ * ++ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE ++ * or http://www.opensolaris.org/os/licensing. ++ * See the License for the specific language governing permissions ++ * and limitations under the License. ++ * ++ * When distributing Covered Code, include this CDDL HEADER in each ++ * file and include the License file at usr/src/OPENSOLARIS.LICENSE. ++ * If applicable, add the following below this CDDL HEADER, with the ++ * fields enclosed by brackets "[]" replaced with your own identifying ++ * information: Portions Copyright [yyyy] [name of copyright owner] ++ * ++ * CDDL HEADER END ++ * ++ */ ++ ++/* ++ * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved. ++ */ ++ ++#ifndef _SMF_CONFIG_H_ ++#define _SMF_CONFIG_H_ ++ ++#include ++ ++#define BASE_FMRI "svc:/network/firewall/ftp-proxy" ++#define DEFAULT_INSTANCE "default" ++ ++#define SMF_CFG_ANON_SET 0x00000001 ++#define SMF_CFG_FIXED_PROXY_SET 0x00000002 ++#define SMF_CFG_LISTEN_ADDR_SET 0x00000004 ++#define SMF_CFG_LISTEN_PORT_SET 0x00000008 ++#define SMF_CFG_DEBUG_LEVEL_SET 0x00000010 ++#define SMF_CFG_MAX_SESSION_SET 0x00000020 ++#define SMF_CFG_RFC_MODE_SET 0x00000040 ++#define SMF_CFG_FIXED_SERVER_PORT_SET \ ++ 0x00000080 ++#define SMF_CFG_FIXED_SERVER_SET \ ++ 0x00000100 ++#define SMF_CFG_TAG_SET 0x00000200 ++#define SMF_CFG_TIMEOUT_SET 0x00000400 ++#define SMF_CFG_LOG_SET 0x00000800 ++ ++#define SMF_CFG_LOG_OFF 0 ++#define SMF_CFG_LOG_ON 1 ++#define SMF_CFG_LOG_ALL 2 ++ ++#define SMF_COPY_STR(_x_) (((_x_) == NULL) ? strdup("") : strdup((_x_))) ++ ++typedef struct smf_ftppx_cfg { ++ unsigned int cfg_set; /* SMF_CFG_*_SET bit field */ ++ int cfg_anonymous_only; ++ char *cfg_fixed_proxy; ++ char *cfg_listen_addr; ++ int64_t cfg_listen_port; ++ int64_t cfg_debug_level; ++ int64_t cfg_max_sessions; ++ char *cfg_fixed_server; ++ int64_t cfg_fixed_server_port; ++ int cfg_rfc_mode; ++ char *cfg_tag; ++ int64_t cfg_timeout; ++ int cfg_log; ++} smf_ftppx_cfg_t; ++ ++extern smf_ftppx_cfg_t smf_ftp_cfg; ++ ++extern int smf_print_ftpcfg(const char *); ++extern int smf_write_ftpcfg(const char *, int); ++ ++#endif /* !_SMF_CONFIG_H_ */ diff -r e533d5840fdd -r f678cc44b3d0 components/pflogd/Makefile --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/pflogd/Makefile Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,66 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved. +# +include ../../make-rules/shared-macros.mk + +COMPONENT_NAME= pflogd +COMPONENT_VERSION= OPENBSD_5_5 +IPS_COMPONENT_VERSION= 5.5 +COMPONENT_PROJECT_URL= http://www.openbsd.org +COMPONENT_SRC= $(COMPONENT_NAME)-$(COMPONENT_VERSION) +CVS_REPO=anoncvs@anoncvs.ca.openbsd.org:/cvs +CVS_PATH='src/sbin/pflogd' +CVS_HASH= sha256:b3cc2c34844489913e8eaf4b3e4096c4b7f7f9e54901e477fa202d5a9a56994a +CVS_TAG=$(COMPONENT_VERSION) +COMPONENT_BUGDB= service/pflogd + +TPNO= 24254 + +# +# Don't overwrite CFLAGS here, just add our options there. +# +COMPONENT_BUILD_ENV += CFLAGS="$(CFLAGS) -D_SOLARIS_ -DOBSD_COMP -lscf" +COMPONENT_BUILD_ARGS += CC="$(CC)" + +include ../../make-rules/prep.mk +include ../../make-rules/justmake.mk +include ../../make-rules/ips.mk + +COMPONENT_INSTALL_ARGS += PREFIX=$(PROTOUSRDIR) +COMPONENT_INSTALL_ARGS += MANDIR=$(PROTOUSRSHAREMANDIR) +COMPONENT_INSTALL_ARGS += INSTALL=/usr/gnu/bin/install + +ASLR_MODE = $(ASLR_ENABLE) + +# common targets +build: $(BUILD_64) + +install: $(INSTALL_64) + +test: $(NO_TESTS) + +REQUIRED_PACKAGES += network/firewall +REQUIRED_PACKAGES += shell/ksh93 +REQUIRED_PACKAGES += system/core-os +REQUIRED_PACKAGES += system/header +REQUIRED_PACKAGES += system/library +REQUIRED_PACKAGES += system/library/libpcap diff -r e533d5840fdd -r f678cc44b3d0 components/pflogd/patches/001-solaris.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/pflogd/patches/001-solaris.patch Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,589 @@ +# This patch comes from Oracle. It fixes issues preventing pflogd +# from building and running on Solaris. Especially, we: +# - make it read packets from Solaris-specific capture links instead +# of OpenBSD's pflog interfaces +# - introduce our own pcap_pkthdr structure as the one used by +# upstream would result in corrupted packet dump files on Solaris +# - use Solaris-specific random number generator +# +# This patch is not going to upstream, the changes are Solaris-specific. + +diff -Naur ORIGINAL/Makefile pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/Makefile +--- ORIGINAL/Makefile 2013-06-18 20:51:30.000000000 -0700 ++++ pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/Makefile 2016-02-17 02:08:53.410106245 -0800 +@@ -1,15 +1,28 @@ + # $OpenBSD: Makefile,v 1.9 2013/06/19 03:51:30 lteo Exp $ + +-CFLAGS+=-Wall -Wmissing-prototypes -Wshadow ++CFLAGS+= -m64 -errwarn + +-# for pcap-int.h +-CFLAGS+=-I${.CURDIR}/../../lib/libpcap ++PROG=pflogd ++SRCS=pflogd.c privsep.c privsep_fdpass.c ++OBJS=$(SRCS:.c=.o) ++MAN=pflogd.8 + +-LDADD+= -lpcap +-DPADD+= ${LIBPCAP} ++LDADD+=-lpcap -ldladm -luutil + +-PROG= pflogd +-SRCS= pflogd.c privsep.c privsep_fdpass.c +-MAN= pflogd.8 ++all: $(SRCS) $(PROG) + +-.include ++install: $(PROG) ++ $(INSTALL) -d $(PREFIX)/sbin ++ $(INSTALL) -m 755 $(PROG) $(PREFIX)/sbin ++ $(INSTALL) -d $(MANDIR)/man8 ++ $(INSTALL) -m 644 $(MAN) $(MANDIR)/man8 ++ ++$(PROG): $(OBJS) ++ $(CC) $(CFLAGS) $(OBJS) -o $@ $(LDADD) ++ ++.c.o: ++ $(CC) $(CFLAGS) -c -o $@ $< ++ ++clean: ++ rm -rf *.o ++ rm -rf $(PROG) +diff -Naur ORIGINAL/pflogd.8 pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.8 +--- ORIGINAL/pflogd.8 2014-01-20 19:15:45.000000000 -0800 ++++ pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.8 2016-02-17 02:32:29.857912548 -0800 +@@ -44,15 +44,15 @@ + .Nm + is a background daemon which reads packets logged by + .Xr pf 4 +-to a +-.Xr pflog 4 +-interface, normally ++to a dedicated capture link interface (see ++.Xr dladm 1M ++for details), normally + .Pa pflog0 , + and writes the packets to a logfile (normally +-.Pa /var/log/pflog ) +-in +-.Xr tcpdump 8 +-binary format. ++.Pa /var/log/firewall/pflog/pflog0.pkt ) ++in libpcap format (see ++.Xr PCAP 3pcap ++for details). + These logs can be reviewed later using the + .Fl r + option of +@@ -63,9 +63,7 @@ + .Nm + closes and then re-opens the log file when it receives + .Dv SIGHUP , +-permitting +-.Xr newsyslog 8 +-to rotate logfiles automatically. ++permitting convenient log rotation. + .Dv SIGALRM + causes + .Nm +@@ -96,7 +94,7 @@ + .Pp + .Nm + will also log the pcap statistics for the +-.Xr pflog 4 ++capture link + interface to syslog when a + .Dv SIGUSR1 + is received. +@@ -113,12 +111,8 @@ + If not specified, the default is 60 seconds. + .It Fl f Ar filename + Log output filename. +-Default is +-.Pa /var/log/pflog . + .It Fl i Ar interface +-Specifies the +-.Xr pflog 4 +-interface to use. ++Specifies the capture link interface to use. + By default, + .Nm + will use +@@ -172,7 +166,7 @@ + .El + .Sh FILES + .Bl -tag -width /var/run/pflogd.pid -compact +-.It Pa /var/log/pflog ++.It Pa /var/log/firewall/pflog/pflog0.pkt + Default log file. + .El + .Sh EXAMPLES +@@ -185,7 +179,7 @@ + .Ed + .Pp + Log from another +-.Xr pflog 4 ++capture link + interface, excluding specific packets: + .Bd -literal -offset indent + # pflogd -i pflog3 -f network3.log "not (tcp and port 23)" +@@ -193,7 +187,7 @@ + .Pp + Display binary logs: + .Bd -literal -offset indent +-# tcpdump -n -e -ttt -r /var/log/pflog ++# tcpdump -n -e -ttt -r /var/log/firewall/pflog/pflog3.pkt + .Ed + .Pp + Display the logs in real time (this does not interfere with the +@@ -210,16 +204,18 @@ + .Ed + .Sh SEE ALSO + .Xr pcap 3 , +-.Xr pf 4 , +-.Xr pflog 4 , + .Xr pf.conf 5 , +-.Xr newsyslog 8 , ++.Xr privileges 5 , ++.Xr smf 5 , + .Xr tcpdump 8 + .Sh HISTORY + The + .Nm + command appeared in + .Ox 3.0 . ++The Solaris version is based on ++.Nm ++found in OpenBSD 5.5. + .Sh AUTHORS + .Nm + was written by +diff -Naur ORIGINAL/pflogd.c pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.c +--- ORIGINAL/pflogd.c 2012-11-05 18:50:47.000000000 -0800 ++++ pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.c 2016-02-18 12:05:03.256562087 -0800 +@@ -48,7 +48,15 @@ + #include + #include + #include ++#ifdef _SOLARIS_ ++#include ++#include ++#include ++#include ++#include ++#else /* !_SOLARIS_ */ + #include ++#endif /* _SOLARIS_ */ + #include "pflogd.h" + + pcap_t *hpcap; +@@ -88,6 +96,34 @@ + void sig_hup(int); + void usage(void); + ++#ifdef _SOLARIS_ ++/* ++ * setproctitle() is found in libc on OpenBSD. It allows program to update its ++ * process name. It will be an empty macro on Solaris. ++ */ ++#define setproctitle(...) ++ ++/* ++ * __dead attribute will be an empty macro on Solaris. ++ */ ++#define __dead ++ ++/* ++ * We must define our own pcap_pkthdr to ensure timeval structure will be ++ * defined in 32-bit version. Not doing so will result in corrupted packet dump ++ * file produced by pflogd on Solaris. ++ */ ++typedef struct pcap_pkthdr_file { ++ struct { ++ uint32_t tv_sec; ++ uint32_t tv_usec; ++ } ts; ++ uint32_t caplen; ++ uint32_t len; ++} pcap_pkthdr_file_t; ++ ++#endif /* _SOLARIS_ */ ++ + static int try_reset_dump(int); + + /* buffer must always be greater than snaplen */ +@@ -191,11 +227,13 @@ + { + struct bpf_program bprog; + +- if (pcap_compile(hpcap, &bprog, filter, PCAP_OPT_FIL, 0) < 0) ++ if (pcap_compile(hpcap, &bprog, filter, PCAP_OPT_FIL, 0) < 0) { + logmsg(LOG_WARNING, "%s", pcap_geterr(hpcap)); +- else { ++ logmsg(LOG_WARNING, "for filter:\n\t%s\nNo filter set.\n", filter); ++ } else { + if (pcap_setfilter(hpcap, &bprog) < 0) +- logmsg(LOG_WARNING, "%s", pcap_geterr(hpcap)); ++ logmsg(LOG_WARNING, "%s\nNo filter set.\n", ++ pcap_geterr(hpcap)); + pcap_freecode(&bprog); + } + } +@@ -203,6 +241,31 @@ + int + if_exists(char *ifname) + { ++#ifdef _SOLARIS_ ++ dladm_handle_t dlh; ++ datalink_id_t linkid; ++ zoneid_t zid = getzoneid(); ++ dladm_status_t dls; ++ int rv = 0; ++ ++ if (!dladm_valid_linkname(ifname) || ++ (dladm_open(&dlh) != DLADM_STATUS_OK)) { ++ errno = ENXIO; ++ return (rv); ++ } ++ ++ dls = dladm_apply_linknamefilters(dlh, ifname, &linkid, 1, &zid, ++ DLADM_OPT_ACTIVE, zid, NULL); ++ if ((dls == DLADM_STATUS_OK) && (linkid != DATALINK_INVALID_LINKID)) { ++ rv = 1; ++ } ++ ++ dladm_close(dlh); ++ ++ errno = (rv == 1) ? 0 : ENXIO; ++ ++ return (rv); ++#else /* !_SOLARIS_ */ + int s, ret = 1; + struct ifreq ifr; + struct if_data ifrdat; +@@ -220,6 +283,7 @@ + err(1, "close"); + + return (ret); ++#endif /* _SOLARIS_ */ + } + + int +@@ -243,10 +307,15 @@ + cur_snaplen = snaplen = pcap_snapshot(hpcap); + + /* lock */ ++/* ++ * BIOCLOCK operation is not implmented on Solaris. ++ */ ++#ifndef _SOLARIS_ + if (ioctl(pcap_fileno(hpcap), BIOCLOCK) < 0) { + logmsg(LOG_ERR, "BIOCLOCK: %s", strerror(errno)); + return (-1); + } ++#endif /* !_SOLARIS_ */ + + return (0); + } +@@ -371,7 +440,11 @@ + scan_dump(FILE *fp, off_t size) + { + struct pcap_file_header hdr; ++#ifdef _SOLARIS_ ++ struct pcap_pkthdr_file ph; ++#else /* !_SOLARIS_ */ + struct pcap_pkthdr ph; ++#endif /* _SOLARIS_ */ + off_t pos; + + /* +@@ -440,13 +513,26 @@ + dump_packet_nobuf(u_char *user, const struct pcap_pkthdr *h, const u_char *sp) + { + FILE *f = (FILE *)user; ++#ifdef _SOLARIS_ ++ struct pcap_pkthdr_file h_file; ++#endif /* _SOLARIS_ */ + + if (suspended) { + packets_dropped++; + return; + } + +- if (fwrite((char *)h, sizeof(*h), 1, f) != 1) { ++#ifdef _SOLARIS_ ++ h_file.ts.tv_sec = (uint32_t)h->ts.tv_sec; ++ h_file.ts.tv_usec = (uint32_t)h->ts.tv_usec; ++ h_file.caplen = h->caplen; ++ h_file.len = h->len; ++ if (fwrite((char *)&h_file, sizeof (h_file), 1, f) != 1) ++#else /* !_SOLARIS_ */ ++ if (fwrite((char *)h, sizeof(*h), 1, f) != 1) ++#endif /* _SOLARIS_ */ ++ ++ { + off_t pos = ftello(f); + + /* try to undo header to prevent corruption */ +@@ -520,9 +606,32 @@ + dump_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp) + { + FILE *f = (FILE *)user; ++#ifdef _SOLARIS_ ++ struct pcap_pkthdr_file h_file; ++ size_t len = sizeof (h_file) + h->caplen; ++#else /* !_SOLARIS_ */ + size_t len = sizeof(*h) + h->caplen; ++#endif /* _SOLARIS_ */ + +- if (len < sizeof(*h) || h->caplen > (size_t)cur_snaplen) { ++#ifdef _SOLARIS_ ++ /* ++ * Member ts is struct timeval defined in sys/time.h. Solaris uses ++ * 64-bit version for tv_sec, tv_usec. 64-bit members are not ++ * compatible with pcap file format, hence we must convert them to ++ * 32-bits. ++ */ ++ h_file.ts.tv_sec = (uint32_t)h->ts.tv_sec; ++ h_file.ts.tv_usec = (uint32_t)h->ts.tv_usec; ++ h_file.caplen = h->caplen; ++ h_file.len = h->len; ++#endif /* _SOLARIS_ */ ++ ++#ifdef _SOLARIS_ ++ if (len < sizeof(h_file) || h_file.caplen > (size_t)cur_snaplen) ++#else /* !_SOLARIS_ */ ++ if (len < sizeof(*h) || h->caplen > (size_t)cur_snaplen) ++#endif /* _SOLARIS_ */ ++ { + logmsg(LOG_NOTICE, "invalid size %zu (%d/%d), packet dropped", + len, cur_snaplen, snaplen); + packets_dropped++; +@@ -548,8 +657,13 @@ + } + + append: ++#ifdef _SOLARIS_ ++ (void) memcpy(bufpos, &h_file, sizeof (h_file)); ++ (void) memcpy(bufpos + sizeof (h_file), sp, h->caplen); ++#else /* !_SOLARIS_ */ + memcpy(bufpos, h, sizeof(*h)); + memcpy(bufpos + sizeof(*h), sp, h->caplen); ++#endif /* _SOLARIS_ */ + + bufpos += len; + bufleft -= len; +@@ -611,7 +725,6 @@ + default: + usage(); + } +- + } + + log_debug = Debug; +@@ -658,12 +771,25 @@ + + setproctitle("[initializing]"); + /* Process is now unprivileged and inside a chroot */ ++#ifdef _SOLARIS_ ++ /* ++ * We have to use sigset() on Solaris, since signal() resets sig. ++ * handler to default as soon as particular signal is delivered. ++ */ ++ sigset(SIGTERM, sig_close); ++ sigset(SIGINT, sig_close); ++ sigset(SIGQUIT, sig_close); ++ sigset(SIGALRM, sig_alrm); ++ sigset(SIGUSR1, sig_usr1); ++ sigset(SIGHUP, sig_hup); ++#else /* !_SOLARIS_ */ + signal(SIGTERM, sig_close); + signal(SIGINT, sig_close); + signal(SIGQUIT, sig_close); + signal(SIGALRM, sig_alrm); + signal(SIGUSR1, sig_usr1); + signal(SIGHUP, sig_hup); ++#endif /* _SOLARIS_ */ + alarm(delay); + + buffer = malloc(PFLOGD_BUFSIZE); +@@ -696,7 +822,7 @@ + ret = -1; + break; + } +- logmsg(LOG_NOTICE, "%s", pcap_geterr(hpcap)); ++ logmsg(LOG_NOTICE, "pcap says: %s", pcap_geterr(hpcap)); + } + + if (gotsig_close) +diff -Naur ORIGINAL/pflogd.h pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.h +--- ORIGINAL/pflogd.h 2010-09-20 22:56:58.000000000 -0700 ++++ pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.h 2016-02-18 12:08:42.414919276 -0800 +@@ -16,7 +16,11 @@ + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + ++#ifdef _SOLARIS_ ++#include ++#else /* !_SOLARIS_ */ + #include ++#endif /* _SOLARIS_ */ + #include + + #define DEF_SNAPLEN 160 /* pfloghdr + ip hdr + proto hdr fit usually */ +@@ -25,7 +29,12 @@ + #define PCAP_OPT_FIL 1 /* filter optimization */ + #define FLUSH_DELAY 60 /* flush delay */ + ++#ifdef _SOLARIS_ ++#define PFLOGD_LOG_DIR "/var/log/firewall/pflog" ++#define PFLOGD_LOG_FILE "pflog.pkt" ++#else /* !_SOLARIS_ */ + #define PFLOGD_LOG_FILE "/var/log/pflog" ++#endif /* _SOLARIS_ */ + #define PFLOGD_DEFAULT_IF "pflog0" + + #define PFLOGD_MAXSNAPLEN INT_MAX +diff -Naur ORIGINAL/privsep.c pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/privsep.c +--- ORIGINAL/privsep.c 2013-09-13 01:49:17.000000000 -0700 ++++ pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/privsep.c 2016-02-18 12:07:34.219667793 -0800 +@@ -28,8 +28,6 @@ + #include + #include + #include +-#include +-#include + #include + #include + #include +@@ -38,6 +36,34 @@ + #include + #include + #include "pflogd.h" ++#ifdef _SOLARIS_ ++#include ++#include ++#include ++#include ++#include ++#endif /* _SOLARIS_ */ ++/* ++ * It's better to include these after other header files. ++ * pcap-int.h defines strlcpy() as macro if it is undefined. ++ * In our case strlcpy() comes from string.h. ++ */ ++#define HAVE_SNPRINTF 1 ++#include ++#include ++ ++#ifdef _SOLARIS_ ++#define _NSIG 27 ++ ++/* ++ * setproctitle() is found in libc on OpenBSD. It allows program to update its ++ * process name. It will empty macro on Solaris. ++ */ ++#define setproctitle(...) ++ ++#else /* !_SOLARIS_ */ ++#define PFLOGD_USER "_pflogd" ++#endif /* _SOLARIS_ */ + + enum cmd_types { + PRIV_SET_SNAPLEN, /* set the snaplength */ +@@ -67,7 +93,9 @@ + { + int i, fd, socks[2], cmd; + int snaplen, ret, olderrno; ++#ifndef _SOLARIS_ + struct passwd *pw; ++#endif /* !_SOLARIS_ */ + + for (i = 1; i < _NSIG; i++) + signal(i, SIG_DFL); +@@ -76,16 +104,19 @@ + if (socketpair(AF_LOCAL, SOCK_STREAM, PF_UNSPEC, socks) == -1) + err(1, "socketpair() failed"); + ++#ifndef _SOLARIS_ + pw = getpwnam("_pflogd"); + if (pw == NULL) + errx(1, "unknown user _pflogd"); + endpwent(); ++#endif /* !_SOLARIS_ */ + + child_pid = fork(); + if (child_pid < 0) + err(1, "fork() failed"); + + if (!child_pid) { ++#ifndef _SOLARIS_ + gid_t gidset[1]; + + /* Child - drop privileges and return */ +@@ -101,6 +132,8 @@ + err(1, "setgroups() failed"); + if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) + err(1, "setresuid() failed"); ++#endif /* !_SOLARIS_ */ ++ + close(socks[0]); + priv_fd = socks[1]; + return 0; +@@ -108,19 +141,34 @@ + + /* Father */ + /* Pass ALRM/TERM/HUP/INT/QUIT through to child, and accept CHLD */ ++#ifdef _SOLARIS_ ++ /* ++ * We have to use sigset() on Solaris, since signal() resets sig. ++ * handler to default as soon as particular signal is delivered. ++ */ ++ sigset(SIGALRM, sig_pass_to_chld); ++ sigset(SIGTERM, sig_pass_to_chld); ++ sigset(SIGHUP, sig_pass_to_chld); ++ sigset(SIGINT, sig_pass_to_chld); ++ sigset(SIGQUIT, sig_pass_to_chld); ++ sigset(SIGCHLD, sig_chld); ++#else /* !_SOLARIS_ */ + signal(SIGALRM, sig_pass_to_chld); + signal(SIGTERM, sig_pass_to_chld); + signal(SIGHUP, sig_pass_to_chld); + signal(SIGINT, sig_pass_to_chld); + signal(SIGQUIT, sig_pass_to_chld); + signal(SIGCHLD, sig_chld); ++#endif /* _SOLARIS_ */ + + setproctitle("[priv]"); + close(socks[1]); + + while (!gotsig_chld) { +- if (may_read(socks[0], &cmd, sizeof(int))) ++ if (may_read(socks[0], &cmd, sizeof(int))) { ++ logmsg(LOG_ERR, "may_read: fails\n"); + break; ++ } + switch (cmd) { + case PRIV_SET_SNAPLEN: + logmsg(LOG_DEBUG, +@@ -192,9 +240,20 @@ + + for (;;) { + int fd; ++#ifdef _SOLARIS_ ++ uint32_t rand; + ++ if (getrandom(&rand, sizeof (rand), GRND_NONBLOCK) != ++ sizeof (rand)) { ++ logmsg(LOG_ERR, "getrandom() failed"); ++ return 1; ++ } ++ len = snprintf(ren, sizeof(ren), "%s.bad.%08x", ++ name, rand); ++#else /* !_SOLARIS_ */ + len = snprintf(ren, sizeof(ren), "%s.bad.%08x", + name, arc4random()); ++#endif /* _SOLARIS_ */ + if (len >= sizeof(ren)) { + logmsg(LOG_ERR, "[priv] new name too long"); + return (1); diff -r e533d5840fdd -r f678cc44b3d0 components/pflogd/patches/002-smf.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/pflogd/patches/002-smf.patch Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,1217 @@ +# This patch comes from Oracle. It turns the component into +# a well-behaving SMF service. It adds code manipulating service +# properties, service instances, and also provides security +# in cooperation with the service manifest (especially, extra +# privileges are dropped when not needed). +# +# This patch is not going to upstream, the changes are Solaris-specific. + +diff -Naur pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/Makefile pflogd-OPENBSD_5_5-OPENBSD_5_5/Makefile +--- pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/Makefile 2016-02-17 02:08:53.410106245 -0800 ++++ pflogd-OPENBSD_5_5-OPENBSD_5_5/Makefile 2016-02-16 05:02:32.489035397 -0800 +@@ -3,7 +3,7 @@ + CFLAGS+= -m64 -errwarn + + PROG=pflogd +-SRCS=pflogd.c privsep.c privsep_fdpass.c ++SRCS=pflogd.c privsep.c privsep_fdpass.c smf-config.c + OBJS=$(SRCS:.c=.o) + MAN=pflogd.8 + +diff -Naur pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.8 pflogd-OPENBSD_5_5-OPENBSD_5_5/pflogd.8 +--- pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.8 2016-02-17 02:32:29.857912548 -0800 ++++ pflogd-OPENBSD_5_5-OPENBSD_5_5/pflogd.8 2016-02-24 21:24:27.453116577 -0800 +@@ -33,7 +33,7 @@ + .Sh SYNOPSIS + .Nm pflogd + .Bk -words +-.Op Fl "Dx" ++.Op Fl C Ar new-pflog-instance-name | Fl c Ar pflog-instance-name + .Op Fl d Ar delay + .Op Fl f Ar filename + .Op Fl i Ar interface +@@ -60,6 +60,7 @@ + hopefully offline in case there are bugs in the packet parsing code of + .Xr tcpdump 8 . + .Pp ++ + .Nm + closes and then re-opens the log file when it receives + .Dv SIGHUP , +@@ -101,22 +102,52 @@ + .Pp + The options are as follows: + .Bl -tag -width Ds +-.It Fl D +-Debugging mode. ++.It Fl C Ar new-pflog-instance-name ++Creates a new + .Nm +-does not disassociate from the controlling terminal. ++instance with the specified name. If additional options are used to specify ++configuration, it is stored into the ++.Xr smf 5 ++repository. Default values are used for ++.Xr smf 5 ++properties unless overriden by a command-line option. The exception is ++pflog/interface (set to equal the instance name) and pflog/logfile ++(set to a file with name equal to the instance name followed by the ++.Pa .pkt ++extension located inside the ++.Pa /var/log/firewall/pflog/ ++directory) if the service instance name forms a valid linkname. If the ++service instance name is not a valid linkname, the values must be ++given explicitly. ++.It Fl c Ar pflog-instance-name ++Shows/changes the configuration of the given ++.Nm ++instance in ++.Xr smf 5 ++repository. Attributes specified by additional options are placed into the ++.Xr smf 5 ++repository. + .It Fl d Ar delay + Time in seconds to delay between automatic flushes of the file. + This may be specified with a value between 5 and 3600 seconds. + If not specified, the default is 60 seconds. + .It Fl f Ar filename +-Log output filename. ++Log output filename. When neither ++.Fl C ++nor ++.Fl c ++is used, the default value ++.Pa pflog.pkt ++is used. + .It Fl i Ar interface + Specifies the capture link interface to use. +-By default, +-.Nm +-will use +-.Pa pflog0 . ++When neither ++.Fl C ++nor ++.Fl c ++is used, the default value ++.Pa pflog0 ++is assumed. + .It Fl s Ar snaplen + Analyze at most the first + .Ar snaplen +@@ -124,8 +155,6 @@ + The default of 160 is adequate for IP, ICMP, TCP, and UDP headers but may + truncate protocol information for other protocols. + Other file parsers may desire a higher snaplen. +-.It Fl x +-Check the integrity of an existing log file, and return. + .It Ar expression + Selects which packets will be dumped, using the regular language of + .Xr tcpdump 8 . +@@ -164,11 +193,59 @@ + The direction was outbound. + .El + .El +-.Sh FILES +-.Bl -tag -width /var/run/pflogd.pid -compact +-.It Pa /var/log/firewall/pflog/pflog0.pkt +-Default log file. ++.Sh SOLARIS ++The ++.Nm ++daemon runs as an ++.Xr smf 5 ++service with the following FMRI: ++.Bd -literal -offset indent ++svc:/network/firewall/pflog ++.Ed ++.Pp ++Command line options described above are set via the following ++.Xr smf 5 ++properties. ++.Bl -tag -width "pflog/interface" -offset 3n -compact ++.It pflog/delay ++Automatic flush interval. ++The default value is 60. ++Used as the argument for the ++.Fl d ++option. ++.It pflog/filter ++Packet filter expression in ++.Xr tcpdump 8 ++format. ++No expression is defined by default. ++.It pflog/interface ++The capture link name from which to read packets. ++Used as the argument for the ++.Fl i ++option. ++.It pflog/logfile ++Path to the logfile (for security reasons, only paths starting by the ++.Pa /var/log/firewall/ ++directory are allowed. ++Used as the argument for the ++.Fl f ++option. ++.It pflog/snaplen ++An upper bound on how many bytes from each packet to analyze. ++The default value is 160. ++Used as the argument for the ++.Fl s ++option. + .El ++.Pp ++The start method creates a (temporal) capture link the particular ++instance is using. ++.Pp ++The refresh method sends ++.Dv SIGHUP ++to ++.Nm ++owned by particular service instance. + .Sh EXAMPLES + Log specific TCP packets to a different log file with a large snaplen + (useful with a +@@ -202,6 +279,32 @@ + .Bd -literal -offset indent + # tcpdump -n -e -ttt -i pflog0 inbound and action block and on wi0 + .Ed ++.Sh SECURITY ++The ++.Nm ++daemon is a privilege-aware application which runs as the ++.Dq daemon ++user possessing ++.Sy PRIV_NET_OBSERVABILITY ++privilege that is required for using ++.Xr bpf 7d ++to read packets. See ++.Xr privileges 5 ++for details. ++The service start method uses ++.Xr dladm 1M ++to create capture link if it does not exist already. ++.Pp ++To configure the ++.Nm ++service one has to obtain the ++.Sy solaris.smf.value.network.firewall ++authorization. ++To manage the service (disable/enable/refresh) one must have the ++.Sy solaris.smf.manage.network.firewall ++authorization. ++Both authorizations are granted through the Network Firewall Management profile. ++To create new service instances, you need the solaris.smf.modify authorization. + .Sh SEE ALSO + .Xr pcap 3 , + .Xr pf.conf 5 , +diff -Naur pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.c pflogd-OPENBSD_5_5-OPENBSD_5_5/pflogd.c +--- pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.c 2016-02-18 12:05:03.256562087 -0800 ++++ pflogd-OPENBSD_5_5-OPENBSD_5_5/pflogd.c 2016-02-18 12:01:49.900876863 -0800 +@@ -54,6 +54,7 @@ + #include + #include + #include ++#include "smf-config.h" + #else /* !_SOLARIS_ */ + #include + #endif /* _SOLARIS_ */ +@@ -63,7 +64,7 @@ + static FILE *dpcap; + + int Debug = 0; +-static int snaplen = DEF_SNAPLEN; ++static int64_t snaplen = DEF_SNAPLEN; + static int cur_snaplen = DEF_SNAPLEN; + + volatile sig_atomic_t gotsig_close, gotsig_alrm, gotsig_hup, gotsig_usr1; +@@ -75,7 +76,7 @@ + char errbuf[PCAP_ERRBUF_SIZE]; + + int log_debug = 0; +-unsigned int delay = FLUSH_DELAY; ++int64_t delay = FLUSH_DELAY; + + char *copy_argv(char * const *); + void dump_packet(u_char *, const struct pcap_pkthdr *, const u_char *); +@@ -124,6 +125,15 @@ + + #endif /* _SOLARIS_ */ + ++#ifdef _SOLARIS_ ++#define PFLOGD_GETOPTS "c:C:Dd:f:i:s:" ++#define CFG_SETFLAG(_flags_, _f_) ((_flags_) |= (_f_)) ++#define SKIP_CHK(_x_) ((_x_) == NULL) ++#else /* !_SOLARIS_ */ ++#define PFLOGD_GETOPTS "Dxd:f:i:s:" ++#define CFG_SETFLAG(_flags_, _f_) ++#define SKIP_CHK(_x_) (1) ++#endif /* _SOLARIS_ */ + static int try_reset_dump(int); + + /* buffer must always be greater than snaplen */ +@@ -290,6 +300,8 @@ + init_pcap(void) + { + hpcap = pcap_open_live(interface, snaplen, 1, PCAP_TO_MS, errbuf); ++ DROP_PRIV(PRIV_NET_OBSERVABILITY); ++ + if (hpcap == NULL) { + logmsg(LOG_ERR, "Failed to initialize: %s", errbuf); + return (-1); +@@ -690,12 +702,20 @@ + int ch, np, ret, Xflag = 0; + pcap_handler phandler = dump_packet; + const char *errstr = NULL; ++#ifdef _SOLARIS_ ++ unsigned int create = 0; ++ unsigned int cfg_flags = 0; ++ const char *smf_instance = NULL; ++#endif /* _SOLARIS_ */ ++ ++ DROP_PRIV(PRIV_SYS_IP_CONFIG); ++ DROP_PRIV(PRIV_PROC_EXEC); + + ret = 0; + + closefrom(STDERR_FILENO + 1); + +- while ((ch = getopt(argc, argv, "Dxd:f:i:s:")) != -1) { ++ while ((ch = getopt(argc, argv, PFLOGD_GETOPTS)) != -1) { + switch (ch) { + case 'D': + Debug = 1; +@@ -704,12 +724,15 @@ + delay = strtonum(optarg, 5, 60*60, &errstr); + if (errstr) + usage(); ++ CFG_SETFLAG(cfg_flags, SMF_CFG_DELAY_SET); + break; + case 'f': + filename = optarg; ++ CFG_SETFLAG(cfg_flags, SMF_CFG_LOGFILE_SET); + break; + case 'i': + interface = optarg; ++ CFG_SETFLAG(cfg_flags, SMF_CFG_INTERFACE_SET); + break; + case 's': + snaplen = strtonum(optarg, 0, PFLOGD_MAXSNAPLEN, +@@ -718,10 +741,27 @@ + snaplen = DEF_SNAPLEN; + if (errstr) + snaplen = PFLOGD_MAXSNAPLEN; ++ CFG_SETFLAG(cfg_flags, SMF_CFG_SNAPLEN_SET); + break; ++#ifndef _SOLARIS_ ++ /* ++ * This option requires a special securing on Solaris as ++ * pflogd will be started manually in the case it is used. ++ * Also, some polishing is needed so that the response ++ * from 'pflogd -x' is shown to the user and not put into ++ * a logfile. ++ */ + case 'x': + Xflag++; + break; ++#endif /* !_SOLARIS_ */ ++#ifdef _SOLARIS_ ++ case 'C': ++ create = 1; /* FALLTHRU */ ++ case 'c': ++ smf_instance = optarg; ++ break; ++#endif /* _SOLARIS_ */ + default: + usage(); + } +@@ -732,14 +772,14 @@ + argv += optind; + + /* does interface exist */ +- if (!if_exists(interface)) { ++ if (SKIP_CHK(smf_instance) && !if_exists(interface)) { + warn("Failed to initialize: %s", interface); + logmsg(LOG_ERR, "Failed to initialize: %s", interface); + logmsg(LOG_ERR, "Exiting, init failure"); + exit(1); + } + +- if (!Debug) { ++ if (SKIP_CHK(smf_instance) && !Debug) { + openlog("pflogd", LOG_PID | LOG_CONS, LOG_DAEMON); + if (daemon(0, 0)) { + logmsg(LOG_WARNING, "Failed to become daemon: %s", +@@ -757,6 +797,31 @@ + logmsg(LOG_NOTICE, "Failed to form filter expression"); + } + ++#ifdef _SOLARIS_ ++ if (smf_instance != NULL) { ++ if (filter != NULL) { ++ CFG_SETFLAG(cfg_flags, SMF_CFG_EXPRESSION_SET); ++ } else { ++ filter = ""; ++ } ++ if ((cfg_flags == 0) && (create == 0)) { ++ if (smf_print_pflogcfg(smf_instance)) { ++ exit (-1); ++ } ++ } else { ++ smf_pflogd_cfg.cfg_set = cfg_flags; ++ smf_pflogd_cfg.cfg_expression = strdup(filter); ++ smf_pflogd_cfg.cfg_interface = strdup(interface); ++ smf_pflogd_cfg.cfg_logfile = strdup(filename); ++ smf_pflogd_cfg.cfg_delay = delay; ++ smf_pflogd_cfg.cfg_snaplen = snaplen; ++ ++ smf_write_pflogcfg(smf_instance, create); ++ } ++ exit(0); ++ } ++#endif /* _SOLARIS_ */ ++ + /* initialize pcap before dropping privileges */ + if (init_pcap()) { + logmsg(LOG_ERR, "Exiting, init failure"); +@@ -768,7 +833,6 @@ + logmsg(LOG_ERR, "unable to privsep"); + exit(1); + } +- + setproctitle("[initializing]"); + /* Process is now unprivileged and inside a chroot */ + #ifdef _SOLARIS_ +diff -Naur pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.h pflogd-OPENBSD_5_5-OPENBSD_5_5/pflogd.h +--- pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.h 2016-02-18 12:08:42.414919276 -0800 ++++ pflogd-OPENBSD_5_5-OPENBSD_5_5/pflogd.h 2016-02-18 12:09:18.796727948 -0800 +@@ -18,6 +18,8 @@ + + #ifdef _SOLARIS_ + #include ++#include ++#include + #else /* !_SOLARIS_ */ + #include + #endif /* _SOLARIS_ */ +@@ -55,3 +57,27 @@ + int receive_fd(int); + + extern int Debug; ++ ++#ifdef _SOLARIS_ ++#define DROP_PRIV(priv) \ ++ do { \ ++ if (priv_set(PRIV_OFF, PRIV_PERMITTED, (priv), \ ++ NULL) != 0) { \ ++ fprintf(stderr, \ ++ "Unable to drop privileges.\n"); \ ++ exit (-1); \ ++ } \ ++ } while (0) ++ ++#define DROP_PFLAG(flag) \ ++ do { \ ++ if (setpflags((flag), 0) != 0) { \ ++ fprintf(stderr, \ ++ "Unable to drop pflag.\n"); \ ++ exit (-1); \ ++ } \ ++} while (0) ++#else /* !_SOLARIS_ */ ++#define DROP_PRIV(priv) ++#define DROP_PFLAG(flag) ++#endif /* _SOLARIS_ */ +diff -Naur pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/privsep.c pflogd-OPENBSD_5_5-OPENBSD_5_5/privsep.c +--- pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/privsep.c 2016-02-18 12:07:34.219667793 -0800 ++++ pflogd-OPENBSD_5_5-OPENBSD_5_5/privsep.c 2016-02-18 11:55:14.949135348 -0800 +@@ -112,6 +112,7 @@ + #endif /* !_SOLARIS_ */ + + child_pid = fork(); ++ DROP_PRIV(PRIV_PROC_FORK); + if (child_pid < 0) + err(1, "fork() failed"); + +@@ -133,6 +134,7 @@ + if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) + err(1, "setresuid() failed"); + #endif /* !_SOLARIS_ */ ++ DROP_PFLAG(PRIV_XPOLICY); + + close(socks[0]); + priv_fd = socks[1]; +diff -Naur pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/smf-config.c pflogd-OPENBSD_5_5-OPENBSD_5_5/smf-config.c +--- pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/smf-config.c 1969-12-31 16:00:00.000000000 -0800 ++++ pflogd-OPENBSD_5_5-OPENBSD_5_5/smf-config.c 2016-02-24 08:24:57.408744180 -0800 +@@ -0,0 +1,713 @@ ++/* ++ * CDDL HEADER START ++ * ++ * The contents of this file are subject to the terms of the ++ * Common Development and Distribution License (the "License"). ++ * You may not use this file except in compliance with the License. ++ * ++ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE ++ * or http://www.opensolaris.org/os/licensing. ++ * See the License for the specific language governing permissions ++ * and limitations under the License. ++ * ++ * When distributing Covered Code, include this CDDL HEADER in each ++ * file and include the License file at usr/src/OPENSOLARIS.LICENSE. ++ * If applicable, add the following below this CDDL HEADER, with the ++ * fields enclosed by brackets "[]" replaced with your own identifying ++ * information: Portions Copyright [yyyy] [name of copyright owner] ++ * ++ * CDDL HEADER END ++ * ++ */ ++ ++/* ++ * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved. ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include "pflogd.h" ++#include "smf-config.h" ++ ++#define PFLOGD_PG "pflog" ++#define PFLOGD_PROP_VALUE_AUTH "value_authorization" ++#define PFLOGD_PROP_ACTION_AUTH "action_authorization" ++#define PFLOGD_VALUE_AUTH "solaris.smf.value.network.firewall" ++#define PFLOGD_MANAGE_AUTH "solaris.smf.manage.network.firewall" ++ ++#define SKIP_PROP(_pv_) \ ++ ((strcmp((_pv_)->pv_prop, "action_authorization") == 0) || \ ++ (strcmp((_pv_)->pv_prop, "value_authorization") == 0)) ++ ++#define STRIP_SVC(_x_) ((_x_) + (sizeof ("svc:/") - 1)) ++ ++/* ++ * smf_pflogd_cfg ++ * FTP proxy configuration container. ++ */ ++smf_pflogd_cfg_t smf_pflogd_cfg; ++ ++#define SMF_OPT_OPTIONAL 0 ++#define SMF_OPT_MANDATORY 1 ++/* ++ * X-macro table. ++ * Columns are as follows: ++ * value key/index ++ * SMF property name name ++ * member in smf_pflogd_cfg_t structure ++ * function which converts ASCIIZ to member type in smf_pflogd_cfg_t ++ * function which converts member in smf_pflogd_cfg_t to ASCIIZ ++ * optional/mandatory status ++ * property type ++ */ ++#define X_CFG_PROPS \ ++ X(SMF_LOGFILE, "logfile", cfg_logfile, nop_in, nop_out, \ ++ SMF_OPT_MANDATORY, SCF_TYPE_ASTRING) \ ++ X(SMF_SNAPLEN, "snaplen", cfg_snaplen, int_in, int_out, \ ++ SMF_OPT_MANDATORY, SCF_TYPE_INTEGER) \ ++ X(SMF_INTERFACE, "interface", cfg_interface, nop_in, nop_out, \ ++ SMF_OPT_MANDATORY, SCF_TYPE_ASTRING) \ ++ X(SMF_DELAY, "delay", cfg_delay, int_in, int_out, \ ++ SMF_OPT_OPTIONAL, SCF_TYPE_INTEGER) \ ++ X(SMF_EXPRESSION, "filter", cfg_expression, nop_in, nop_out, \ ++ SMF_OPT_OPTIONAL, SCF_TYPE_ASTRING) ++ ++static void nop_in(void *, void *); ++static void nop_out(void *, void *); ++static void int_in(void *, void *); ++static void int_out(void *, void *); ++ ++/* ++ * smf_keys ++ * Keys (indexes) to `smf_propnames` dictionary. ++ */ ++#define X(_const_, _propname_, _decl_, _conv_in_, _conv_out_, _mandatory_, \ ++ _type_) _const_, ++enum smf_keys { ++ X_CFG_PROPS ++ SMF_CFG_PROP_COUNT ++}; ++#undef X ++ ++/* ++ * smf_propnames ++ * It's an array (dictionary), which translates property code (SMF_*) to ++ * property value name found `ftp-proxy` property group. ++ */ ++#define X(_const_, _propname_, _decl_, _conv_in_, _conv_out_, _mandatory_, \ ++ _type_) _propname_, ++static const char *smf_propnames[] = { ++ X_CFG_PROPS ++ NULL ++}; ++#undef X ++ ++/* ++ * smf_cfg_offsets ++ * Table of smf_pflogd_cfg_t members. ++ */ ++#define X(_const_, _propname_, _decl_, _conv_in_, _conv_out_, _mandatory_, \ ++ _type_) offsetof(smf_pflogd_cfg_t, _decl_), ++static size_t smf_cfg_offsets[] = { ++ X_CFG_PROPS ++ sizeof (smf_pflogd_cfg_t) ++}; ++#undef X ++ ++typedef void(*conv_in_f)(void *, void *); ++typedef void(*conv_out_f)(void *, void *); ++/* ++ * smf_convert_in ++ * Table of conversion functions, which convert particular smf_pflogd_cfg_t ++ * member into ASCIIZ. ++ */ ++#define X(_const_, _propname_, _decl_, _conv_in_, _conv_out_, _mandatory_, \ ++ _type_) _conv_in_, ++static conv_in_f smf_conv_in[] = { ++ X_CFG_PROPS ++ NULL ++}; ++#undef X ++ ++/* ++ * smf_conv_out ++ * Table of conversion functions, which convert ASCIIZ fetched from smf(5) ++ * repository to member of smf_pflogd_cfg_t structure. ++ */ ++#define X(_const_, _propname_, _decl_, _conv_in_, _conv_out_, _mandatory_, \ ++ _type_) _conv_out_, ++static conv_out_f smf_conv_out[] = { ++ X_CFG_PROPS ++ NULL ++}; ++#undef X ++ ++/* ++ * smf_mandatory ++ * Table marks configuration parameters, which must be defined by admin, ++ * before the service is enabled for the first time. ++ */ ++#define X(_const_, _propname_, _decl_, _conv_in_, _conv_out_, _mandatory_, \ ++ _type_) _mandatory_, ++static int smf_mandatory[] = { ++ X_CFG_PROPS ++ 0 ++}; ++#undef X ++ ++/* ++ * smf_type ++ * Table of types of SMF properties. ++ */ ++#define X(_const_, _propname_, _decl_, _conv_in_, _conv_out_, _mandatory_, \ ++ _type_) _type_, ++static int smf_type[] = { ++ X_CFG_PROPS ++ 0 ++}; ++#undef X ++ ++/* ++ * pflogd property group properties ++ * +1 for NULL termination. ++ * +1 for value_authorization ++ */ ++static scf_propvec_t prop_vec[SMF_CFG_PROP_COUNT + 1 + 1]; ++ ++/* ++ * general property group properties ++ * +1 for NULL termination. ++ * +2 for value_authorization/action_authorization ++ */ ++static scf_propvec_t gen_prop_vec[1 + 2]; ++ ++static int atexit_set = 0; ++static int complete_pflogdcfg(const char *); ++ ++/* ++ * nop_in() ++ * Dummy conversion ASCIIZ to ASCIIZ, no allocation happens. Used when ++ * configuration is from smf(5). ++ */ ++static void ++nop_in(void *asciiz, void *result) ++{ ++ *((char **)result) = (char *)asciiz; ++} ++ ++/* ++ * nop_out() ++ * Dummy conversion ASCIIZ to ASCIIZ, function allocates memory for result by ++ * strdup(3C). Used when configuration is written to smf(5) repository. ++ */ ++static void ++nop_out(void *asciiz, void *val) ++{ ++ *((char **)asciiz) = strdup(*(char **)val); ++} ++ ++/* ++ * int_in() ++ * Dummy conversion of int64_t. No allocation happens. Used when reading ++ * values from smf. ++ */ ++static void ++int_in(void *in, void *out) { ++ *((int64_t *)out) = *((int64_t *)in); ++} ++ ++/* ++ * int_out() ++ * Dummy conversion of int64_t, storing into a newly allocated memory. ++ * Used when storing values to smf repository. ++ */ ++static void ++int_out(void *out, void *in) { ++ int64_t **out_ = (int64_t **)out; ++ ++ *out_ = malloc(sizeof (int64_t)); ++ if (*out_ != NULL) ++ **out_ = *((int64_t *)in); ++} ++ ++static void ++clear_prop_vec2(scf_propvec_t *prop_vec_ptr, int count) ++{ ++ while (count--) { ++ prop_vec_ptr->pv_prop = NULL; ++ prop_vec_ptr->pv_desc = NULL; ++ prop_vec_ptr->pv_type = 0; ++ prop_vec_ptr->pv_aux = 0; ++ prop_vec_ptr->pv_mval = 0; ++ ++ if (prop_vec_ptr->pv_ptr != NULL) { ++ free(prop_vec_ptr->pv_ptr); ++ prop_vec_ptr->pv_ptr = NULL; ++ } ++ ++ prop_vec_ptr++; ++ } ++} ++ ++/* ++ * clear_prop_vec() ++ * Function clears global variables `prop_vec` and `gen_prop_vec`, ++ * which are vectors of properties. ++ */ ++static void ++clear_prop_vec() ++{ ++ clear_prop_vec2(prop_vec, ++ sizeof (prop_vec) / sizeof (scf_propvec_t)); ++ clear_prop_vec2(gen_prop_vec, ++ sizeof (gen_prop_vec) / sizeof (scf_propvec_t)); ++} ++ ++/* ++ * cfg_to_prop_vec() ++ * Function converts smf_pflogd_cfg global variable, which holds configuration ++ * parsed from command line arguments, to prop_vec, which is a smf(5) friendly ++ * representation of pflogd configuration. ++ * ++ * Additionally, it populates gen_prop_vec to specify needed authorizations. ++ * ++ * Returns 0 on success, -1 on out of memory error. ++ */ ++static int ++cfg_to_prop_vec(void) ++{ ++ int cfg_bit = 1; ++ int i; ++ scf_propvec_t *prop_vec_ptr = prop_vec; ++ conv_out_f conv_func; ++ ++ clear_prop_vec(); ++ ++ for (i = 0; i < SMF_CFG_PROP_COUNT; i++) { ++ if ((smf_pflogd_cfg.cfg_set & cfg_bit) != 0) { ++ prop_vec_ptr->pv_prop = smf_propnames[i]; ++ conv_func = smf_conv_out[i]; ++ ++ conv_func(&prop_vec_ptr->pv_ptr, ++ ((char *)&smf_pflogd_cfg + smf_cfg_offsets[i])); ++ if (prop_vec_ptr->pv_ptr == NULL) ++ return (-1); ++ prop_vec_ptr->pv_type = smf_type[i]; ++ prop_vec_ptr++; ++ } ++ cfg_bit = cfg_bit << 1; ++ } ++ prop_vec_ptr->pv_type = SCF_TYPE_ASTRING; ++ prop_vec_ptr->pv_prop = PFLOGD_PROP_VALUE_AUTH; ++ prop_vec_ptr->pv_ptr = strdup(PFLOGD_VALUE_AUTH); ++ prop_vec_ptr++; ++ ++ gen_prop_vec[0].pv_type = SCF_TYPE_ASTRING; ++ gen_prop_vec[0].pv_prop = PFLOGD_PROP_VALUE_AUTH; ++ gen_prop_vec[0].pv_ptr = strdup(PFLOGD_MANAGE_AUTH); ++ gen_prop_vec[1].pv_type = SCF_TYPE_ASTRING; ++ gen_prop_vec[1].pv_prop = PFLOGD_PROP_ACTION_AUTH; ++ gen_prop_vec[1].pv_ptr = strdup(PFLOGD_MANAGE_AUTH); ++ ++ return (0); ++} ++ ++/* ++ * prop_vec_to_cfg() ++ * Converts global variable `prop_vec` to `smf_pflogd_cfg` global variable, ++ * which is understood by main(). ++ */ ++static void ++prop_vec_to_cfg(void) ++{ ++ int i; ++ scf_propvec_t *prop_vec_ptr = prop_vec; ++ conv_in_f conv_func; ++ ++ for (i = 0; i < SMF_CFG_PROP_COUNT; i++, prop_vec_ptr++) { ++ if (SKIP_PROP(prop_vec_ptr)) { ++ /* ++ * We have `hidden` properties: action/value smf ++ * authorization. Those two are not kept in ++ * smf_ftp_cfg. ++ * ++ * So we must to skip to next property in vector ++ * without letting for loop to advance its counter, so ++ * we compensate here by doing `i--`. ++ */ ++ i--; ++ continue; ++ }; ++ conv_func = smf_conv_in[i]; ++ conv_func(prop_vec_ptr->pv_ptr, ++ ((char *)&smf_pflogd_cfg + smf_cfg_offsets[i])); ++ } ++} ++ ++/* ++ * smf_print_pflogcfg() ++ * Function loads pflogdcfg from smf(5) repository and prints configuration to ++ * standard output. We use `scf_simple_prop_get(3SCF)`. ++ * ++ * Returns 0 on success, -1 on error. ++ */ ++int ++smf_print_pflogcfg(const char *smf_instance) ++{ ++ scf_simple_prop_t *prop; ++ char *propval; ++ int i; ++ scf_propvec_t *prop_vec_ptr = prop_vec; ++ int cfg_undefined = 0; ++ char *fmri; ++ ++ if (atexit_set == 0) { ++ atexit(clear_prop_vec); ++ bzero(&smf_pflogd_cfg, sizeof (smf_pflogd_cfg_t)); ++ atexit_set = 1; ++ } ++ ++ (void) asprintf(&fmri, "%s:%s", BASE_FMRI, smf_instance); ++ if (fmri == NULL) { ++ fprintf(stderr, "Out of memory.\n"); ++ return (-1); ++ } ++ ++ clear_prop_vec(); ++ ++ for (i = 0; i < SMF_CFG_PROP_COUNT; i++) { ++ prop = scf_simple_prop_get(NULL, fmri, PFLOGD_PG, ++ smf_propnames[i]); ++ prop_vec_ptr->pv_prop = smf_propnames[i]; ++ ++ if (prop == NULL) { ++ /* ++ * Property not defined, so we create a kind of ++ * 'placeholder' with empty value. ++ * ++ * calloc() works well for both astring and integer. ++ */ ++ prop_vec_ptr->pv_type = smf_type[i]; ++ prop_vec_ptr->pv_ptr = calloc(1, sizeof (int64_t)); ++ cfg_undefined |= smf_mandatory[i]; ++ } else { ++ prop_vec_ptr->pv_type = scf_simple_prop_type(prop); ++ if (prop_vec_ptr->pv_type == -1) { ++ free(fmri); ++ fprintf(stderr, ++ "Failed to get property type.\n"); ++ return (-1); ++ } ++ if (prop_vec_ptr->pv_type != smf_type[i]) { ++ free(fmri); ++ fprintf(stderr, ++ "Property %s has unexpected type.\n", ++ smf_propnames[i]); ++ return (-1); ++ } ++ ++ if (smf_type[i] == SCF_TYPE_ASTRING) { ++ char *propval; ++ propval = scf_simple_prop_next_astring(prop); ++ if (propval == NULL) { ++ propval = ""; ++ } ++ prop_vec_ptr->pv_ptr = strdup(propval); ++ ++ if (propval[0] == 0) { ++ cfg_undefined |= smf_mandatory[i]; ++ } ++ } else { ++ /* smf_type[i] == SCF_TYPE_INTEGER */ ++ int64_t *propval; ++ int64_t propval_; ++ ++ propval = scf_simple_prop_next_integer(prop); ++ propval_ = (propval == NULL) ? (0) : (*propval); ++ ++ prop_vec_ptr->pv_ptr = malloc(sizeof (int64_t)); ++ if (prop_vec_ptr->pv_ptr != NULL) { ++ *((int64_t *)prop_vec_ptr->pv_ptr) = ++ propval_; ++ } ++ if (propval_ == 0) { ++ cfg_undefined |= smf_mandatory[i]; ++ } ++ } ++ scf_simple_prop_free(prop); ++ } ++ if (prop_vec_ptr->pv_ptr == NULL) { ++ free(fmri); ++ fprintf(stderr, "Out of memory.\n"); ++ return (-1); ++ } ++ ++ prop_vec_ptr++; ++ } ++ ++ printf("PF pflogd configuration:\n"); ++ ++ prop_vec_ptr = prop_vec; ++ for (i = 0; i < SMF_CFG_PROP_COUNT; i++) { ++ if (smf_type[i] == SCF_TYPE_ASTRING) { ++ const char *val = (const char *)prop_vec_ptr->pv_ptr; ++ printf("\t- %s:\n\t\t%s\n", prop_vec_ptr->pv_prop, ++ ((val[0] == '\0') ? "?? undefined ??" : val)); ++ } else { ++ /* smf_type[i] == SCF_TYPE_INTEGER */ ++ int64_t val = *((int64_t *)prop_vec_ptr->pv_ptr); ++ if (val == 0) { ++ printf("\t- %s:\n\t\t%s\n", prop_vec_ptr->pv_prop, ++ "?? undefined ??"); ++ } else { ++ printf("\t- %s:\n\t\t%d\n", prop_vec_ptr->pv_prop, ++ (int)val); ++ } ++ } ++ prop_vec_ptr++; ++ } ++ if (cfg_undefined) { ++ printf("\n\nConfiguration for %s is incomplete." ++ " Service will not run.\n\n", fmri); ++ } else { ++ prop_vec_to_cfg(); ++ printf( ++ "\n\n%s service is being launched using cmd line below\n", ++ fmri); ++ printf("pflogd -d %d -i %s -s %d -f %s %s\n\n", ++ (int)smf_pflogd_cfg.cfg_delay, smf_pflogd_cfg.cfg_interface, ++ (int)smf_pflogd_cfg.cfg_snaplen, smf_pflogd_cfg.cfg_logfile, ++ smf_pflogd_cfg.cfg_expression); ++ } ++ ++ free(fmri); ++ ++ return (0); ++} ++ ++/* ++ * smf_create_pflogd_instance() ++ * Function creates a new instance in smf(5) repository. ++ */ ++static int ++smf_create_pflogd_instance(const char *smf_instance) ++{ ++ scf_handle_t *h_scf = NULL; ++ scf_scope_t *scp_scf = NULL; ++ scf_service_t *svc_scf = NULL; ++ scf_instance_t *sin_scf = NULL; ++ int rv = -1; ++ ++ h_scf = scf_handle_create(SCF_VERSION); ++ if ((h_scf == NULL) || (scf_handle_bind(h_scf) == -1)) { ++ (void) fprintf(stderr, "scf_handle_bind() failed - %s\n", ++ scf_strerror(scf_error())); ++ if (h_scf != NULL) { ++ scf_handle_destroy(h_scf); ++ } ++ return (-1); ++ } ++ ++ if ((scp_scf = scf_scope_create(h_scf)) == NULL) { ++ (void) fprintf(stderr, "could not create scope - %s\n", ++ scf_strerror(scf_error())); ++ goto unbind; ++ } ++ ++ if (scf_handle_get_local_scope(h_scf, scp_scf) != 0) { ++ (void) fprintf(stderr, "could not get scope - %s\n", ++ scf_strerror(scf_error())); ++ goto scope_destroy; ++ } ++ ++ if ((svc_scf = scf_service_create(h_scf)) == NULL) { ++ (void) fprintf(stderr, "could not create service - %s\n", ++ scf_strerror(scf_error())); ++ goto scope_destroy; ++ } ++ ++ if ((sin_scf = scf_instance_create(h_scf)) == NULL) { ++ (void) fprintf(stderr, "could not get instance handle - %s\n", ++ scf_strerror(scf_error())); ++ goto service_destroy; ++ } ++ ++ if (scf_scope_get_service(scp_scf, STRIP_SVC(BASE_FMRI), svc_scf) != ++ SCF_SUCCESS) { ++ (void) fprintf(stderr, "could not select service (%s)\n", ++ scf_strerror(scf_error())); ++ goto instance_destroy; ++ } ++ ++ if (scf_service_add_instance(svc_scf, smf_instance, sin_scf) != 0) { ++ (void) fprintf(stderr, "could not add %s instance - %s\n", ++ smf_instance, scf_strerror(scf_error())); ++ goto instance_destroy; ++ } ++ ++ if (scf_instance_add_pg(sin_scf, "general", "framework", 0, ++ NULL) != SCF_SUCCESS) { ++ (void) fprintf(stderr, ++ "could not create property group - %s\n", ++ scf_strerror(scf_error())); ++ goto instance_delete; ++ } ++ ++ if (scf_instance_add_pg(sin_scf, PFLOGD_PG, "application", 0, ++ NULL) != SCF_SUCCESS) { ++ (void) fprintf(stderr, ++ "could not create property group - %s\n", ++ scf_strerror(scf_error())); ++ goto instance_delete; ++ } ++ ++ rv = 0; ++ goto instance_destroy; ++ ++instance_delete: ++ if (scf_instance_delete(sin_scf) != 0) { ++ fprintf(stderr, "Can't delete the newly created instance:"); ++ fprintf(stderr, "\t%s\n", scf_strerror(scf_error())); ++ } ++instance_destroy: ++ scf_instance_destroy(sin_scf); ++service_destroy: ++ scf_service_destroy(svc_scf); ++scope_destroy: ++ scf_scope_destroy(scp_scf); ++unbind: ++ scf_handle_unbind(h_scf); ++ scf_handle_destroy(h_scf); ++ ++ return (rv); ++} ++ ++/* ++ * smf_write_pflogcfg() ++ * Function writes pflogd configuration to smf(5) repository. ++ */ ++int ++smf_write_pflogcfg(const char *smf_instance, int create) ++{ ++ int i; ++ scf_propvec_t ++ *bad_prop_vec = NULL; ++ char *fmri; ++ ++ if (atexit_set == 0) { ++ atexit(clear_prop_vec); ++ bzero(prop_vec, sizeof (prop_vec)); ++ atexit_set = 1; ++ } ++ ++ if (create && (complete_pflogdcfg(smf_instance) != 0)) { ++ fprintf(stderr, "Out of memory.\n"); ++ return (-1); ++ } ++ ++ if (cfg_to_prop_vec() != 0) { ++ fprintf(stderr, "Out of memory.\n"); ++ return (-1); ++ } ++ ++ (void) asprintf(&fmri, "%s:%s", BASE_FMRI, smf_instance); ++ if (fmri == NULL) { ++ fprintf(stderr, "Out of memory.\n"); ++ return (-1); ++ } ++ ++ if (create) { ++ if (smf_create_pflogd_instance(smf_instance) != 0) { ++ free(fmri); ++ return (-1); ++ } ++ } ++ ++ if (create && (scf_write_propvec(fmri, "general", gen_prop_vec, ++ &bad_prop_vec) != SCF_SUCCESS)) { ++ fprintf(stderr, "Can't update %s configuration:", fmri); ++ fprintf(stderr, "\t%s\n", scf_strerror(scf_error())); ++ if (bad_prop_vec != NULL) { ++ fprintf(stderr, "Could not set %s\n", ++ bad_prop_vec->pv_prop); ++ } ++ free(fmri); ++ exit(1); ++ } ++ ++ bad_prop_vec = NULL; ++ if (scf_write_propvec(fmri, PFLOGD_PG, prop_vec, &bad_prop_vec) ++ != SCF_SUCCESS) { ++ fprintf(stderr, "Can't update %s configuration:", fmri); ++ fprintf(stderr, "\t%s\n", scf_strerror(scf_error())); ++ if (bad_prop_vec != NULL) { ++ fprintf(stderr, "Could not set %s\n", ++ bad_prop_vec->pv_prop); ++ } ++ free(fmri); ++ exit(1); ++ } ++ ++ free(fmri); ++ return (0); ++} ++ ++/* ++ * complete_pflogdcfg() ++ * Function sets default values to properties, which are unset/undefined when ++ * new smf(5) instance is being created. ++ * ++ * Returns 0 on success, -1 on out of memory error. ++ */ ++static int ++complete_pflogdcfg(const char *smf_instance) ++{ ++ int i; ++ int f = 1; ++ ++ for (i = 0; i < SMF_CFG_PROP_COUNT; i++) { ++ if ((smf_pflogd_cfg.cfg_set & f) == 0) { ++ switch (i) { ++ case SMF_LOGFILE: ++ (void) asprintf(&smf_pflogd_cfg.cfg_logfile, ++ "%s/%s", PFLOGD_LOG_DIR, smf_instance); ++ if (smf_pflogd_cfg.cfg_logfile == NULL) { ++ return (-1); ++ } ++ smf_pflogd_cfg.cfg_set |= SMF_CFG_LOGFILE_SET; ++ break; ++ case SMF_INTERFACE: ++ smf_pflogd_cfg.cfg_interface = strdup(smf_instance); ++ if (smf_pflogd_cfg.cfg_interface == NULL) { ++ return (-1); ++ } ++ smf_pflogd_cfg.cfg_set |= SMF_CFG_INTERFACE_SET; ++ break; ++ case SMF_SNAPLEN: ++ smf_pflogd_cfg.cfg_snaplen = DEF_SNAPLEN; ++ smf_pflogd_cfg.cfg_set |= SMF_CFG_SNAPLEN_SET; ++ break; ++ case SMF_DELAY: ++ smf_pflogd_cfg.cfg_delay = FLUSH_DELAY; ++ smf_pflogd_cfg.cfg_set |= SMF_CFG_DELAY_SET; ++ break; ++ case SMF_EXPRESSION: ++ smf_pflogd_cfg.cfg_expression = strdup(""); ++ smf_pflogd_cfg.cfg_set |= SMF_CFG_EXPRESSION_SET; ++ break; ++ default: ; ++ } ++ } ++ f = f << 1; ++ } ++ ++ return (0); ++} +diff -Naur pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/smf-config.h pflogd-OPENBSD_5_5-OPENBSD_5_5/smf-config.h +--- pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/smf-config.h 1969-12-31 16:00:00.000000000 -0800 ++++ pflogd-OPENBSD_5_5-OPENBSD_5_5/smf-config.h 2016-02-17 01:17:14.520118386 -0800 +@@ -0,0 +1,53 @@ ++/* ++ * CDDL HEADER START ++ * ++ * The contents of this file are subject to the terms of the ++ * Common Development and Distribution License (the "License"). ++ * You may not use this file except in compliance with the License. ++ * ++ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE ++ * or http://www.opensolaris.org/os/licensing. ++ * See the License for the specific language governing permissions ++ * and limitations under the License. ++ * ++ * When distributing Covered Code, include this CDDL HEADER in each ++ * file and include the License file at usr/src/OPENSOLARIS.LICENSE. ++ * If applicable, add the following below this CDDL HEADER, with the ++ * fields enclosed by brackets "[]" replaced with your own identifying ++ * information: Portions Copyright [yyyy] [name of copyright owner] ++ * ++ * CDDL HEADER END ++ * ++ */ ++ ++/* ++ * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved. ++ */ ++ ++#ifndef _SMF_CONFIG_H_ ++#define _SMF_CONFIG_H_ ++ ++#define BASE_FMRI "svc:/network/firewall/pflog" ++#define DEFAULT_INSTANCE "pflog0" ++ ++#define SMF_CFG_LOGFILE_SET 0x00000001 ++#define SMF_CFG_SNAPLEN_SET 0x00000002 ++#define SMF_CFG_INTERFACE_SET 0x00000004 ++#define SMF_CFG_DELAY_SET 0x00000008 ++#define SMF_CFG_EXPRESSION_SET 0x00000010 ++ ++typedef struct smf_pflogd_cfg { ++ unsigned int cfg_set; /* SMF_CFG_*_SET bit field */ ++ char *cfg_logfile; ++ int64_t cfg_snaplen; ++ char *cfg_interface; ++ int64_t cfg_delay; ++ char *cfg_expression; ++} smf_pflogd_cfg_t; ++ ++extern smf_pflogd_cfg_t smf_pflogd_cfg; ++ ++extern int smf_print_pflogcfg(const char *); ++extern int smf_write_pflogcfg(const char *, int); ++ ++#endif /* !_SMF_CONFIG_H_ */ diff -r e533d5840fdd -r f678cc44b3d0 components/pflogd/pflogd.Solaris/firewall-pflog.xml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/pflogd/pflogd.Solaris/firewall-pflog.xml Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,136 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff -r e533d5840fdd -r f678cc44b3d0 components/pflogd/pflogd.Solaris/pflog --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/pflogd/pflogd.Solaris/pflog Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,113 @@ +#!/sbin/sh +# +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved. +# + +. /lib/svc/share/smf_include.sh + +PATH=$PATH:/usr/sbin + +# Retrieve an unescaped property value from a method token. +# Arguments: +# - raw method token value +# Outputs: +# - unescaped property value +# Returns: +# - 0 on succes +# - 1 when unescaping failed +# - 2 when the value is empty +function get_property +{ + VALUE="$(echo "$1" | /usr/bin/sed 's/\\$.$/\1/g')" + + if [[ $? -ne 0 ]]; then + exit 1 + fi + + echo "$VALUE" +} + +function failure +{ + echo "An unknown error occurred. Probably either /usr/bin/sed is" + echo "missing or system resources are exhausted." + exit $SMF_EXIT_ERR_FATAL +} + +# store and unescape property values +PFLOGD_LOGFILE="$(get_property "$2")" || failure +PFLOGD_SNAPLEN="$(get_property "$3")" || failure +PFLOGD_IFACE="$(get_property "$4")" || failure +PFLOGD_DELAY="$(get_property "$5")" || failure +PFLOGD_FILTER="$(get_property "$6")" || failure + +# check property values for emptiness (pflog/filter may be empty) +if [[ -z $PFLOGD_LOGFILE ]]; then + echo "The pflog/logfile property cannot be empty." + exit $SMF_EXIT_ERR_FATAL +fi +if [[ -z $PFLOGD_SNAPLEN ]]; then + echo "The pflog/snaplen property cannot be empty." + exit $SMF_EXIT_ERR_FATAL +fi +if [[ -z $PFLOGD_IFACE ]]; then + echo "The pflog/interface property cannot be empty." + exit $SMF_EXIT_ERR_FATAL +fi +if [[ -z $PFLOGD_DELAY ]]; then + echo "The pflog/delay property cannot be empty." + exit $SMF_EXIT_ERR_FATAL +fi + +case "$1" in + start) + # Create non-persistent capture link if it does not exist. + echo "Checking if capture link exists.." + dladm show-cap "$PFLOGD_IFACE" + if [[ $? -ne 0 ]] ; then + echo "Creating a temporary capture link.." + dladm create-cap -t "$PFLOGD_IFACE" + if [ $? -ne 0 ] ; then + exit $SMF_EXIT_ERR_FATAL + fi + fi + + # Start the daemon. + smf_clear_env + pflogd -i "$PFLOGD_IFACE" -s "$PFLOGD_SNAPLEN" \ + -f "$PFLOGD_LOGFILE" -d "$PFLOGD_DELAY" "$PFLOGD_FILTER" + if [[ $? -ne 0 ]] ; then + exit $SMF_EXIT_ERR_FATAL + fi + ;; + + *) + echo "Usage: $0 \c" >&2 + echo "(start)" >&2 + exit 1 + ;; + +esac + +exit $SMF_EXIT_OK diff -r e533d5840fdd -r f678cc44b3d0 components/pflogd/pflogd.license --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/pflogd/pflogd.license Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,130 @@ +-------------------------------------------------------------------------------- +This package brings a (modified) pflogd component coming from OpenBSD 5.5. +-------------------------------------------------------------------------------- + +pflogd.8: +.\" $OpenBSD: pflogd.8,v 1.46 2014/01/21 03:15:45 schwarze Exp $ +.\" +.\" Copyright (c) 2001 Can Erkin Acar. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote products +.\" derived from this software without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" + +pflogd.c: +/* + * Copyright (c) 2001 Theo de Raadt + * Copyright (c) 2001 Can Erkin Acar + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN + * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +pflogd.h: +/* + * Copyright (c) 2003 Can Erkin Acar + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +privsep_fdpass.c: +/* + * Copyright 2001 Niels Provos + * All rights reserved. + * + * Copyright (c) 2002 Matthieu Herrb + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN + * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +privsep.c: +/* + * Copyright (c) 2003 Can Erkin Acar + * Copyright (c) 2003 Anil Madhavapeddy + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ diff -r e533d5840fdd -r f678cc44b3d0 components/pflogd/pflogd.p5m --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/pflogd/pflogd.p5m Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,49 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. +# + + default mangler.man.stability volatile> +set name=pkg.fmri \ + value=pkg:/network/firewall/firewall-pflog@$(IPS_COMPONENT_VERSION),$(BUILD_VERSION) +set name=pkg.summary value="pflog - PF packet log daemon" +set name=pkg.description \ + value="pflogd reads PF logged packets from capture link device" +set name=com.oracle.info.description value="pflog, PF log daemon" +set name=com.oracle.info.tpno value=$(TPNO) +set name=info.classification \ + value="org.opensolaris.category.2008:System/Administration and Configuration" +set name=info.source-url \ + value=http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/pflogd/ +set name=info.upstream-url value=$(COMPONENT_PROJECT_URL) +set name=org.opensolaris.arc-caseid value=PSARC/2014/291 +set name=org.opensolaris.consolidation value=$(CONSOLIDATION) +file pflogd.Solaris/firewall-pflog.xml \ + path=lib/svc/manifest/network/firewall/pflog.xml +file pflogd.Solaris/pflog path=lib/svc/method/pflog mode=0555 +file path=usr/sbin/pflogd +file path=usr/share/man/man8/pflogd.8 +dir path=var/log/firewall owner=daemon group=daemon mode=0700 +dir path=var/log/firewall/pflog owner=daemon group=daemon mode=0700 +license pflogd.license license="pflogd license" +depend type=require fmri=pkg:/network/firewall@5.12-5.12 diff -r e533d5840fdd -r f678cc44b3d0 make-rules/prep-cvs.mk --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/make-rules/prep-cvs.mk Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,76 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# Copyright (c) 2010, 2016, Oracle and/or its affiliates. All rights reserved. +# + +CVS=$(WS_TOP)/tools/proxy_cvs + +# +# Anything that we pull from a CVS repo must have a CVS_REPO{_[0-9]+} and +# CVS_TAG{_[0-9]+} to match. +# + +CVS_SUFFIXES = $(subst CVS_REPO_,, $(filter CVS_REPO_%, $(.VARIABLES))) + +define cvs-rules +ifdef CVS_REPO$(1) +ifdef CVS_PATH$(1) +ifdef CVS_TAG$(1) + +COMPONENT_SRC$(1) = $(COMPONENT_NAME)-$(COMPONENT_VERSION)-$$(CVS_TAG$(1)) +COMPONENT_ARCHIVE$(1) = $$(COMPONENT_SRC$(1)).tar.bz2 + +CLEAN_PATHS += $$(COMPONENT_SRC$(1)) +CLOBBER_PATHS += $$(COMPONENT_ARCHIVE$(1)) +SOURCE_DIR$(1) = $$(COMPONENT_DIR)/$(COMPONENT_SRC$(1)) + +download:: $$(USERLAND_ARCHIVES)$$(COMPONENT_ARCHIVE$(1)) + +# First attempt to download a cached archive of the CVS repo at the proper +# CVS tag. If that fails, create an archive by cloning the CVS repo, +# updating to the selected tag, archiving that directory, and cleaning up +# when complete. +$$(USERLAND_ARCHIVES)$$(COMPONENT_ARCHIVE$(1)): $(MAKEFILE_PREREQ) + $$(FETCH) --file $$@ $$(CVS_HASH$(1):%=--hash %) || \ + (TMP_REPO=$$$$(mktemp --directory ./cvs.XXXXXX) && \ + $(CVS) -qd $$(CVS_REPO$(1)) get $$(CVS_TAG$(1):%=-r%) -d $$$${TMP_REPO} $$(CVS_PATH$(1)) && \ + /usr/gnu/bin/tar --create --file - --absolute-names \ + --transform="s;$$$${TMP_REPO};$$(COMPONENT_SRC$(1));g" \ + --bzip2 $$$${TMP_REPO} >$$@ && \ + $(RM) -rf $$$${TMP_REPO} && \ + CVS_HASH=$$$$(digest -a sha256 $$@) && \ + $(GSED) -i \ + -e "s/^CVS_HASH$(1)=.*/CVS_HASH$(1)= sha256:$$$${CVS_HASH}/" \ + Makefile) + +REQUIRED_PACKAGES += developer/versioning/cvs + +endif +endif +endif +endef + +# +# Define the rules required to download any source archives and augment any +# cleanup macros. +# +$(eval $(call cvs-rules,)) +$(foreach suffix, $(CVS_SUFFIXES), $(eval $(call cvs-rules,_$(suffix)))) diff -r e533d5840fdd -r f678cc44b3d0 make-rules/prep.mk --- a/make-rules/prep.mk Tue Mar 08 21:43:23 2016 -0800 +++ b/make-rules/prep.mk Tue Mar 08 22:31:41 2016 -0800 @@ -20,13 +20,14 @@ # # -# Copyright (c) 2010, 2015, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2010, 2016, Oracle and/or its affiliates. All rights reserved. # include $(WS_MAKE_RULES)/prep-download.mk include $(WS_MAKE_RULES)/prep-hg.mk include $(WS_MAKE_RULES)/prep-git.mk include $(WS_MAKE_RULES)/prep-svn.mk +include $(WS_MAKE_RULES)/prep-cvs.mk include $(WS_MAKE_RULES)/prep-unpack.mk include $(WS_MAKE_RULES)/prep-patch.mk diff -r e533d5840fdd -r f678cc44b3d0 tools/Makefile --- a/tools/Makefile Tue Mar 08 21:43:23 2016 -0800 +++ b/tools/Makefile Tue Mar 08 22:31:41 2016 -0800 @@ -24,7 +24,8 @@ include ../make-rules/shared-macros.mk download setup prep build install publish \ -validate: links pkglint time-$(MACH32).so time-$(MACH64).so +validate: links pkglint time-$(MACH32).so time-$(MACH64).so \ + proxy_cvs # generate wrappers for parfait. we need to generate them # with the correct compiler variables from the common makefiles because @@ -52,6 +53,9 @@ > pkglint @chmod +x pkglint +proxy_cvs: + @cp proxy_cvs.sh proxy_cvs + @chmod +x proxy_cvs time-$(MACH64).o: BITS=64 time-$(MACH32).o time-$(MACH64).o: CFLAGS += -Kpic @@ -65,6 +69,7 @@ clean: @$(RM) time-*.o time*.bc @$(RM) pkglint + @$(RM) proxy_cvs clobber: clean @$(RM) time-*.so python/pkglint/*.pyc diff -r e533d5840fdd -r f678cc44b3d0 tools/proxy_cvs.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tools/proxy_cvs.sh Tue Mar 08 22:31:41 2016 -0800 @@ -0,0 +1,96 @@ +#!/bin/sh +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. +# + +# proxy_cvs.sh +# script tunnels cvs+ssh through http proxy outside of ORAWAN. It's easy to +# tell cvs to use ssh instead of rsh, just set 'CVS_RSH=ssh'. It's lot harder +# to tell ssh running on cvs behalf to use http proxy. So our approach is to +# create temp script, which executes ssh with all proxy parameters to set up +# HTTP tunnel for ssh session. +# +# If `http_proxy` variable is not set the script uses a default proxy, +# which is 'emeacache.uk.oracle.com:80'. +# +# All arguments, which appear on command line are passed to cvs(1) command with +# out any modification. +# +# Example: +# To check out pflogd sources from OpenBSD repository to local pflogd.src +# directory one invokes proxy_cvs.sh like that: +# +# proxy_cvs.sh -qd anoncvs@anoncvs.ca.openbsd.org:/cvs \ +# -d pflogd.src src/sbin/pflogd +# +# To check a particular version of pflogd sources, one has to use a +# corresponding CVS version tag assigned by upstream developers. Command below +# retrieves pflogd source code released by OpenBSD 5.4: +# +# proxy_cvs.sh -qd anoncvs@anoncvs.ca.openbsd.org:/cvs \ +# -rOPENBSD_5_4 -d pflogd.src src/sbin/pflogd +# + +# +# crate_ssh_wrapper +# function creates a shell script, which a netcat(1) as proxy to tunnel +# ssh via http proxy. +# +# Arguments: +# file name where to dump script, function makes file executable. +# +function create_ssh_wraper +{ + if [ -z "$http_proxy" ] ; then + HTTP_PROXY='emeacache.uk.oracle.com:80' + else + HTTP_PROXY=$http_proxy + fi + echo '#!/bin/sh\n' > $1 + echo 'ssh -oProxyCommand='"'/usr/bin/nc -X connect -x $HTTP_PROXY %h %p'"\ + '-oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null $*' >> $1 + chmod +x $1 +} + +# +# This is a workaround. I don't know how to pass all arguments required by +# 'ssh/http' proxy into CVS_RSH environment variable. So my solution is to +# dump desired arguments into a temporary shell script and point CVS_RSH +# variable to it. +# +function init_cvs_rsh +{ + export TMPF=`mktemp` + create_ssh_wraper $TMPF; + CVS_RSH=$TMPF + export CVS_RSH +} + +init_cvs_rsh + +trap "rm -f $TMPF" EXIT + +cvs $* + +RETURN=$? + +exit $RETURN