GCOV - Varnish Cache


/*-
 * Copyright (c) 2006 Verdens Gang AS
 * Copyright (c) 2006-2015 Varnish Software AS
 * All rights reserved.
 *
 * Author: Poul-Henning Kamp <phk@phk.freebsd.dk>
 *
 * SPDX-License-Identifier: BSD-2-Clause
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * Acceptor socket management
 */

#include "config.h"

#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <sys/stat.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <pwd.h>
#include <grp.h>

#include "mgt/mgt.h"
#include "common/heritage.h"

#include "vav.h"
#include "vcli_serve.h"
#include "vsa.h"
#include "vss.h"
#include "vtcp.h"
#include "vus.h"

struct listen_arg {
        unsigned                        magic;
#define LISTEN_ARG_MAGIC                0xbb2fc333
        VTAILQ_ENTRY(listen_arg)        list;
        const char                      *endpoint;
        const char                      *name;
        VTAILQ_HEAD(,listen_sock)       socks;
        const struct transport          *transport;
        const struct uds_perms          *perms;
};

struct uds_perms {
        unsigned        magic;
#define UDS_PERMS_MAGIC 0x84fb5635
        mode_t          mode;
        uid_t           uid;
        gid_t           gid;
};

static VTAILQ_HEAD(,listen_arg) listen_args =
    VTAILQ_HEAD_INITIALIZER(listen_args);

static int
mac_vus_bind(void *priv, const struct sockaddr_un *uds)
{
        return (VUS_bind(uds, priv));
}

static int
mac_opensocket(struct listen_sock *ls)
{
        int fail;
        const char *err;

        CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC);
        if (ls->sock > 0) {
                MCH_Fd_Inherit(ls->sock, NULL);
                closefd(&ls->sock);
        }
        if (!ls->uds)
                ls->sock = VTCP_bind(ls->addr, NULL);
        else
                ls->sock = VUS_resolver(ls->endpoint, mac_vus_bind, NULL, &err);
        fail = errno;
        if (ls->sock < 0) {
                AN(fail);
                return (fail);
        }
        if (ls->perms != NULL) {
                CHECK_OBJ(ls->perms, UDS_PERMS_MAGIC);
                assert(ls->uds);
                errno = 0;
                if (ls->perms->mode != 0 &&
                    chmod(ls->endpoint, ls->perms->mode) != 0)
                        return (errno);
                if (chown(ls->endpoint, ls->perms->uid, ls->perms->gid) != 0)
                        return (errno);
        }
        MCH_Fd_Inherit(ls->sock, "sock");
        return (0);
}

/*=====================================================================
 * Reopen the accept sockets to get rid of listen status.
 * returns the highest errno encountered, 0 for success
 */

int
MAC_reopen_sockets(void)
{
        struct listen_sock *ls;
        int err, fail = 0;

        VTAILQ_FOREACH(ls, &heritage.socks, list) {
                VJ_master(JAIL_MASTER_PRIVPORT);
                err = mac_opensocket(ls);
                VJ_master(JAIL_MASTER_LOW);
                if (err == 0)
                        continue;
                fail = vmax(fail, err);
                MGT_Complain(C_ERR,
                    "Could not reopen listen socket %s: %s",
                    ls->endpoint, VAS_errtxt(err));
        }
        return (fail);
}

/*--------------------------------------------------------------------*/

static struct listen_sock *
mk_listen_sock(const struct listen_arg *la, const struct suckaddr *sa)
{
        struct listen_sock *ls;
        int fail;

        ALLOC_OBJ(ls, LISTEN_SOCK_MAGIC);
        AN(ls);
        ls->sock = -1;
        ls->addr = VSA_Clone(sa);
        AN(ls->addr);
        REPLACE(ls->endpoint, la->endpoint);
        ls->name = la->name;
        ls->transport = la->transport;
        ls->perms = la->perms;
        ls->uds = VUS_is(la->endpoint);
        VJ_master(JAIL_MASTER_PRIVPORT);
        fail = mac_opensocket(ls);
        VJ_master(JAIL_MASTER_LOW);
        if (fail) {
                VSA_free(&ls->addr);
                free(ls->endpoint);
                FREE_OBJ(ls);
                if (fail != EAFNOSUPPORT)
                        ARGV_ERR("Could not get socket %s: %s\n",
                            la->endpoint, VAS_errtxt(fail));
                return (NULL);
        }
        return (ls);
}

static int v_matchproto_(vss_resolved_f)
mac_tcp(void *priv, const struct suckaddr *sa)
{
        struct listen_arg *la;
        struct listen_sock *ls;
        char abuf[VTCP_ADDRBUFSIZE], pbuf[VTCP_PORTBUFSIZE];
        char nbuf[VTCP_ADDRBUFSIZE+VTCP_PORTBUFSIZE+2];

        CAST_OBJ_NOTNULL(la, priv, LISTEN_ARG_MAGIC);

        VTAILQ_FOREACH(ls, &heritage.socks, list) {
                if (!ls->uds && !VSA_Compare(sa, ls->addr))
                        ARGV_ERR("-a arguments %s and %s have same address\n",
                            ls->endpoint, la->endpoint);
        }
        ls = mk_listen_sock(la, sa);
        if (ls == NULL)
                return (0);
        AZ(ls->uds);
        if (VSA_Port(ls->addr) == 0) {
                /*
                 * If the argv port number is zero, we adopt whatever
                 * port number this VTCP_bind() found us, as if
                 * it was specified by the argv.
                 */
                VSA_free(&ls->addr);
                ls->addr = VTCP_my_suckaddr(ls->sock);
                VTCP_myname(ls->sock, abuf, sizeof abuf,
                    pbuf, sizeof pbuf);
                if (VSA_Get_Proto(sa) == AF_INET6)
                        bprintf(nbuf, "[%s]:%s", abuf, pbuf);
                else
                        bprintf(nbuf, "%s:%s", abuf, pbuf);
                REPLACE(ls->endpoint, nbuf);
        }
        VTAILQ_INSERT_TAIL(&la->socks, ls, arglist);
        VTAILQ_INSERT_TAIL(&heritage.socks, ls, list);
        return (0);
}

static int v_matchproto_(vus_resolved_f)
mac_uds(void *priv, const struct sockaddr_un *uds)
{
        struct listen_arg *la;
        struct listen_sock *ls;

        CAST_OBJ_NOTNULL(la, priv, LISTEN_ARG_MAGIC);
        (void) uds;

        VTAILQ_FOREACH(ls, &heritage.socks, list) {
                if (ls->uds && strcmp(ls->endpoint, la->endpoint) == 0)
                        ARGV_ERR("-a arguments %s and %s have same address\n",
                            ls->endpoint, la->endpoint);
        }
        ls = mk_listen_sock(la, bogo_ip);
        if (ls == NULL)
                return (0);
        AN(ls->uds);
        VTAILQ_INSERT_TAIL(&la->socks, ls, arglist);
        VTAILQ_INSERT_TAIL(&heritage.socks, ls, list);
        return (0);
}

void
MAC_Arg(const char *spec)
{
        char **av;
        struct listen_arg *la;
        const char *err;
        int error;
        const struct transport *xp = NULL;
        const char *name;
        char name_buf[8];
        static unsigned seq = 0;
        struct passwd *pwd = NULL;
        struct group *grp = NULL;
        mode_t mode = 0;
        struct uds_perms *perms;

        av = MGT_NamedArg(spec, &name, "-a");
        AN(av);

        ALLOC_OBJ(la, LISTEN_ARG_MAGIC);
        AN(la);
        VTAILQ_INIT(&la->socks);
        VTAILQ_INSERT_TAIL(&listen_args, la, list);
        la->endpoint = av[1];

        if (name == NULL) {
                bprintf(name_buf, "a%u", seq++);
                name = strdup(name_buf);
                AN(name);
        }
        la->name = name;

        if (*la->endpoint != '/' && strchr(la->endpoint, '/') != NULL)
                ARGV_ERR("Unix domain socket addresses must be"
                    " absolute paths in -a (%s)\n", la->endpoint);

        if (VUS_is(la->endpoint) && heritage.min_vcl_version < 41)
                heritage.min_vcl_version = 41;

        for (int i = 2; av[i] != NULL; i++) {
                char *eq, *val;
                int len;

                if ((eq = strchr(av[i], '=')) == NULL) {
                        if (xp != NULL)
                                ARGV_ERR("Too many protocol sub-args"
                                    " in -a (%s)\n", av[i]);
                        xp = XPORT_Find(av[i]);
                        if (xp == NULL)
                                ARGV_ERR("Unknown protocol '%s'\n", av[i]);
                        continue;
                }
                if (la->endpoint[0] != '/')
                        ARGV_ERR("Invalid sub-arg %s"
                            " in -a\n", av[i]);

                val = eq + 1;
                len = eq - av[i];
                assert(len >= 0);
                if (len == 0)
                        ARGV_ERR("Invalid sub-arg %s in -a\n", av[i]);

                if (strncmp(av[i], "user", len) == 0) {
                        if (pwd != NULL)
                                ARGV_ERR("Too many user sub-args in -a (%s)\n",
                                         av[i]);
                        pwd = getpwnam(val);
                        if (pwd == NULL)
                                ARGV_ERR("Unknown user %s in -a\n", val);
                        continue;
                }

                if (strncmp(av[i], "group", len) == 0) {
                        if (grp != NULL)
                                ARGV_ERR("Too many group sub-args in -a (%s)\n",
                                         av[i]);
                        grp = getgrnam(val);
                        if (grp == NULL)
                                ARGV_ERR("Unknown group %s in -a\n", val);
                        continue;
                }

                if (strncmp(av[i], "mode", len) == 0) {
                        long m;
                        char *p;

                        if (mode != 0)
                                ARGV_ERR("Too many mode sub-args in -a (%s)\n",
                                         av[i]);
                        if (*val == '\0')
                                ARGV_ERR("Empty mode sub-arg in -a\n");
                        errno = 0;
                        m = strtol(val, &p, 8);
                        if (*p != '\0')
                                ARGV_ERR("Invalid mode sub-arg %s in -a\n",
                                         val);
                        if (errno)
                                ARGV_ERR("Cannot parse mode sub-arg %s in -a: "
                                         "%s\n", val, VAS_errtxt(errno));
                        if (m <= 0 || m > 0777)
                                ARGV_ERR("Mode sub-arg %s out of range in -a\n",
                                         val);
                        mode = (mode_t) m;
                        continue;
                }

                ARGV_ERR("Invalid sub-arg %s in -a\n", av[i]);
        }

        if (xp == NULL)
                xp = XPORT_Find("http");
        AN(xp);
        la->transport = xp;

        if (pwd != NULL || grp != NULL || mode != 0) {
                ALLOC_OBJ(perms, UDS_PERMS_MAGIC);
                AN(perms);
                if (pwd != NULL)
                        perms->uid = pwd->pw_uid;
                else
                        perms->uid = (uid_t) -1;
                if (grp != NULL)
                        perms->gid = grp->gr_gid;
                else
                        perms->gid = (gid_t) -1;
                perms->mode = mode;
                la->perms = perms;
        }
        else
                AZ(la->perms);

        if (VUS_is(la->endpoint))
                error = VUS_resolver(av[1], mac_uds, la, &err);
        else
                error = VSS_resolver(av[1], "80", mac_tcp, la, &err);

        if (VTAILQ_EMPTY(&la->socks) || error)
                ARGV_ERR("Got no socket(s) for %s\n", av[1]);
        VAV_Free(av);
}

		varnish-cache/bin/varnishd/mgt/mgt_acceptor.c
0		/*-
1		* Copyright (c) 2006 Verdens Gang AS
2		* Copyright (c) 2006-2015 Varnish Software AS
3		* All rights reserved.
4		*
5		* Author: Poul-Henning Kamp <phk@phk.freebsd.dk>
6		*
7		* SPDX-License-Identifier: BSD-2-Clause
8		*
9		* Redistribution and use in source and binary forms, with or without
10		* modification, are permitted provided that the following conditions
11		* are met:
12		* 1. Redistributions of source code must retain the above copyright
13		* notice, this list of conditions and the following disclaimer.
14		* 2. Redistributions in binary form must reproduce the above copyright
15		* notice, this list of conditions and the following disclaimer in the
16		* documentation and/or other materials provided with the distribution.
17		*
18		* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19		* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20		* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21		* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
22		* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23		* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24		* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25		* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26		* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27		* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28		* SUCH DAMAGE.
29		*
30		* Acceptor socket management
31		*/
32
33		#include "config.h"
34
35		#include <sys/types.h>
36		#include <sys/socket.h>
37		#include <sys/un.h>
38		#include <sys/stat.h>
39		#include <stdio.h>
40		#include <stdlib.h>
41		#include <string.h>
42		#include <unistd.h>
43		#include <pwd.h>
44		#include <grp.h>
45
46		#include "mgt/mgt.h"
47		#include "common/heritage.h"
48
49		#include "vav.h"
50		#include "vcli_serve.h"
51		#include "vsa.h"
52		#include "vss.h"
53		#include "vtcp.h"
54		#include "vus.h"
55
56		struct listen_arg {
57		unsigned magic;
58		#define LISTEN_ARG_MAGIC 0xbb2fc333
59		VTAILQ_ENTRY(listen_arg) list;
60		const char *endpoint;
61		const char *name;
62		VTAILQ_HEAD(,listen_sock) socks;
63		const struct transport *transport;
64		const struct uds_perms *perms;
65		};
66
67		struct uds_perms {
68		unsigned magic;
69		#define UDS_PERMS_MAGIC 0x84fb5635
70		mode_t mode;
71		uid_t uid;
72		gid_t gid;
73		};
74
75		static VTAILQ_HEAD(,listen_arg) listen_args =
76		VTAILQ_HEAD_INITIALIZER(listen_args);
77
78		static int
79	1425	mac_vus_bind(void priv, const struct sockaddr_un uds)
80		{
81	1425	return (VUS_bind(uds, priv));
82		}
83
84		static int
85	47075	mac_opensocket(struct listen_sock *ls)
86		{
87		int fail;
88		const char *err;
89
90	47075	CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC);
91	47075	if (ls->sock > 0) {
92	23100	MCH_Fd_Inherit(ls->sock, NULL);
93	23100	closefd(&ls->sock);
94	23100	}
95	47075	if (!ls->uds)
96	45650	ls->sock = VTCP_bind(ls->addr, NULL);
97		else
98	1425	ls->sock = VUS_resolver(ls->endpoint, mac_vus_bind, NULL, &err);
99	47075	fail = errno;
100	47075	if (ls->sock < 0) {
101	25	AN(fail);
102	25	return (fail);
103		}
104	47050	if (ls->perms != NULL) {
105	100	CHECK_OBJ(ls->perms, UDS_PERMS_MAGIC);
106	100	assert(ls->uds);
107	100	errno = 0;
108	100	if (ls->perms->mode != 0 &&
109	100	chmod(ls->endpoint, ls->perms->mode) != 0)
110	0	return (errno);
111	100	if (chown(ls->endpoint, ls->perms->uid, ls->perms->gid) != 0)
112	0	return (errno);
113	100	}
114	47050	MCH_Fd_Inherit(ls->sock, "sock");
115	47050	return (0);
116	47075	}
117
118		/*=====================================================================
119		* Reopen the accept sockets to get rid of listen status.
120		* returns the highest errno encountered, 0 for success
121		*/
122
123		int
124	22775	MAC_reopen_sockets(void)
125		{
126		struct listen_sock *ls;
127	22775	int err, fail = 0;
128
129	45875	VTAILQ_FOREACH(ls, &heritage.socks, list) {
130	23100	VJ_master(JAIL_MASTER_PRIVPORT);
131	23100	err = mac_opensocket(ls);
132	23100	VJ_master(JAIL_MASTER_LOW);
133	23100	if (err == 0)
134	23100	continue;
135	0	fail = vmax(fail, err);
136	0	MGT_Complain(C_ERR,
137		"Could not reopen listen socket %s: %s",
138	0	ls->endpoint, VAS_errtxt(err));
139	0	}
140	22775	return (fail);
141		}
142
143		/--------------------------------------------------------------------/
144
145		static struct listen_sock *
146	23975	mk_listen_sock(const struct listen_arg la, const struct suckaddr sa)
147		{
148		struct listen_sock *ls;
149		int fail;
150
151	23975	ALLOC_OBJ(ls, LISTEN_SOCK_MAGIC);
152	23975	AN(ls);
153	23975	ls->sock = -1;
154	23975	ls->addr = VSA_Clone(sa);
155	23975	AN(ls->addr);
156	23975	REPLACE(ls->endpoint, la->endpoint);
157	23975	ls->name = la->name;
158	23975	ls->transport = la->transport;
159	23975	ls->perms = la->perms;
160	23975	ls->uds = VUS_is(la->endpoint);
161	23975	VJ_master(JAIL_MASTER_PRIVPORT);
162	23975	fail = mac_opensocket(ls);
163	23975	VJ_master(JAIL_MASTER_LOW);
164	23975	if (fail) {
165	25	VSA_free(&ls->addr);
166	25	free(ls->endpoint);
167	25	FREE_OBJ(ls);
168	25	if (fail != EAFNOSUPPORT)
169	25	ARGV_ERR("Could not get socket %s: %s\n",
170		la->endpoint, VAS_errtxt(fail));
171	0	return (NULL);
172		}
173	23950	return (ls);
174	23950	}
175
176		static int v_matchproto_(vss_resolved_f)
177	23250	mac_tcp(void priv, const struct suckaddr sa)
178		{
179		struct listen_arg *la;
180		struct listen_sock *ls;
181		char abuf[VTCP_ADDRBUFSIZE], pbuf[VTCP_PORTBUFSIZE];
182		char nbuf[VTCP_ADDRBUFSIZE+VTCP_PORTBUFSIZE+2];
183
184	23250	CAST_OBJ_NOTNULL(la, priv, LISTEN_ARG_MAGIC);
185
186	23850	VTAILQ_FOREACH(ls, &heritage.socks, list) {
187	625	if (!ls->uds && !VSA_Compare(sa, ls->addr))
188	25	ARGV_ERR("-a arguments %s and %s have same address\n",
189		ls->endpoint, la->endpoint);
190	600	}
191	23225	ls = mk_listen_sock(la, sa);
192	23225	if (ls == NULL)
193	0	return (0);
194	23225	AZ(ls->uds);
195	23225	if (VSA_Port(ls->addr) == 0) {
196		/*
197		* If the argv port number is zero, we adopt whatever
198		* port number this VTCP_bind() found us, as if
199		* it was specified by the argv.
200		*/
201	23200	VSA_free(&ls->addr);
202	23200	ls->addr = VTCP_my_suckaddr(ls->sock);
203	46400	VTCP_myname(ls->sock, abuf, sizeof abuf,
204	23200	pbuf, sizeof pbuf);
205	23200	if (VSA_Get_Proto(sa) == AF_INET6)
206	575	bprintf(nbuf, "[%s]:%s", abuf, pbuf);
207		else
208	22625	bprintf(nbuf, "%s:%s", abuf, pbuf);
209	23200	REPLACE(ls->endpoint, nbuf);
210	23200	}
211	23225	VTAILQ_INSERT_TAIL(&la->socks, ls, arglist);
212	23225	VTAILQ_INSERT_TAIL(&heritage.socks, ls, list);
213	23225	return (0);
214	23225	}
215
216		static int v_matchproto_(vus_resolved_f)
217	750	mac_uds(void priv, const struct sockaddr_un uds)
218		{
219		struct listen_arg *la;
220		struct listen_sock *ls;
221
222	750	CAST_OBJ_NOTNULL(la, priv, LISTEN_ARG_MAGIC);
223	750	(void) uds;
224
225	875	VTAILQ_FOREACH(ls, &heritage.socks, list) {
226	150	if (ls->uds && strcmp(ls->endpoint, la->endpoint) == 0)
227	25	ARGV_ERR("-a arguments %s and %s have same address\n",
228		ls->endpoint, la->endpoint);
229	125	}
230	725	ls = mk_listen_sock(la, bogo_ip);
231	725	if (ls == NULL)
232	0	return (0);
233	725	AN(ls->uds);
234	725	VTAILQ_INSERT_TAIL(&la->socks, ls, arglist);
235	725	VTAILQ_INSERT_TAIL(&heritage.socks, ls, list);
236	725	return (0);
237	725	}
238
239		void
240	24075	MAC_Arg(const char *spec)
241		{
242		char **av;
243		struct listen_arg *la;
244		const char *err;
245		int error;
246	24075	const struct transport *xp = NULL;
247		const char *name;
248		char name_buf[8];
249		static unsigned seq = 0;
250	24075	struct passwd *pwd = NULL;
251	24075	struct group *grp = NULL;
252	24075	mode_t mode = 0;
253		struct uds_perms *perms;
254
255	24075	av = MGT_NamedArg(spec, &name, "-a");
256	24075	AN(av);
257
258	24075	ALLOC_OBJ(la, LISTEN_ARG_MAGIC);
259	24075	AN(la);
260	24075	VTAILQ_INIT(&la->socks);
261	24075	VTAILQ_INSERT_TAIL(&listen_args, la, list);
262	24075	la->endpoint = av[1];
263
264	24075	if (name == NULL) {
265	23900	bprintf(name_buf, "a%u", seq++);
266	23900	name = strdup(name_buf);
267	23900	AN(name);
268	23900	}
269	24075	la->name = name;
270
271	24075	if (*la->endpoint != '/' && strchr(la->endpoint, '/') != NULL)
272	25	ARGV_ERR("Unix domain socket addresses must be"
273		" absolute paths in -a (%s)\n", la->endpoint);
274
275	24050	if (VUS_is(la->endpoint) && heritage.min_vcl_version < 41)
276	1150	heritage.min_vcl_version = 41;
277
278	24650	for (int i = 2; av[i] != NULL; i++) {
279		char eq, val;
280		int len;
281
282	1175	if ((eq = strchr(av[i], '=')) == NULL) {
283	575	if (xp != NULL)
284	50	ARGV_ERR("Too many protocol sub-args"
285		" in -a (%s)\n", av[i]);
286	525	xp = XPORT_Find(av[i]);
287	525	if (xp == NULL)
288	50	ARGV_ERR("Unknown protocol '%s'\n", av[i]);
289	475	continue;
290		}
291	600	if (la->endpoint[0] != '/')
292	100	ARGV_ERR("Invalid sub-arg %s"
293		" in -a\n", av[i]);
294
295	500	val = eq + 1;
296	500	len = eq - av[i];
297	500	assert(len >= 0);
298	500	if (len == 0)
299	25	ARGV_ERR("Invalid sub-arg %s in -a\n", av[i]);
300
301	475	if (strncmp(av[i], "user", len) == 0) {
302	25	if (pwd != NULL)
303	0	ARGV_ERR("Too many user sub-args in -a (%s)\n",
304		av[i]);
305	25	pwd = getpwnam(val);
306	25	if (pwd == NULL)
307	0	ARGV_ERR("Unknown user %s in -a\n", val);
308	25	continue;
309		}
310
311	450	if (strncmp(av[i], "group", len) == 0) {
312	25	if (grp != NULL)
313	0	ARGV_ERR("Too many group sub-args in -a (%s)\n",
314		av[i]);
315	25	grp = getgrnam(val);
316	25	if (grp == NULL)
317	0	ARGV_ERR("Unknown group %s in -a\n", val);
318	25	continue;
319		}
320
321	425	if (strncmp(av[i], "mode", len) == 0) {
322		long m;
323		char *p;
324
325	325	if (mode != 0)
326	25	ARGV_ERR("Too many mode sub-args in -a (%s)\n",
327		av[i]);
328	300	if (*val == '\0')
329	25	ARGV_ERR("Empty mode sub-arg in -a\n");
330	275	errno = 0;
331	275	m = strtol(val, &p, 8);
332	275	if (*p != '\0')
333	75	ARGV_ERR("Invalid mode sub-arg %s in -a\n",
334		val);
335	200	if (errno)
336	50	ARGV_ERR("Cannot parse mode sub-arg %s in -a: "
337		"%s\n", val, VAS_errtxt(errno));
338	150	if (m <= 0 \|\| m > 0777)
339	75	ARGV_ERR("Mode sub-arg %s out of range in -a\n",
340		val);
341	75	mode = (mode_t) m;
342	75	continue;
343		}
344
345	100	ARGV_ERR("Invalid sub-arg %s in -a\n", av[i]);
346	0	}
347
348	23475	if (xp == NULL)
349	23050	xp = XPORT_Find("http");
350	23475	AN(xp);
351	23475	la->transport = xp;
352
353	23475	if (pwd != NULL \|\| grp != NULL \|\| mode != 0) {
354	50	ALLOC_OBJ(perms, UDS_PERMS_MAGIC);
355	50	AN(perms);
356	50	if (pwd != NULL)
357	25	perms->uid = pwd->pw_uid;
358		else
359	25	perms->uid = (uid_t) -1;
360	50	if (grp != NULL)
361	25	perms->gid = grp->gr_gid;
362		else
363	25	perms->gid = (gid_t) -1;
364	50	perms->mode = mode;
365	50	la->perms = perms;
366	50	}
367		else
368	23425	AZ(la->perms);
369
370	23475	if (VUS_is(la->endpoint))
371	775	error = VUS_resolver(av[1], mac_uds, la, &err);
372		else
373	22700	error = VSS_resolver(av[1], "80", mac_tcp, la, &err);
374
375	23475	if (VTAILQ_EMPTY(&la->socks) \|\| error)
376	25	ARGV_ERR("Got no socket(s) for %s\n", av[1]);
377	23450	VAV_Free(av);
378	23450	}