Merging upstream version 1:1.2.1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

9 files changed, 73 insertions, 36 deletions

diff --git a/CHANGES b/CHANGES
index e7140a2..2a0460c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,10 @@
 CHANGES file for iptraf-ng
 
+* Tue Jul 21 2020 Vitezslav Samel <vitezslav@samel.cz> - 1.2.1
+- Makefile: protect mandatory compile flags
+- packet capture: don't reuse socket for multiple receive functions
+- TPACKET_V[23]: continue even if mlock() fails
+
 * Thu Jun 04 2020 Vitezslav Samel <vitezslav@samel.cz> - 1.2.0
 - ipfrag: code refactoring (Nikola Pajkovsky)
 - ifstats: sort interfaces by name (Jan Engelhardt)
diff --git a/GEN-VERSION-FILE b/GEN-VERSION-FILE
index 9a8a22d..4031896 100755
--- a/GEN-VERSION-FILE
+++ b/GEN-VERSION-FILE
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 GVF=VERSION-FILE
-DEF_VER=1.2.0
+DEF_VER=1.2.1
 LF='
 '
 
diff --git a/Makefile b/Makefile
index a1fd3d2..a0968af 100644
--- a/Makefile
+++ b/Makefile
@@ -18,9 +18,10 @@ VERSION-FILE: FORCE
 	@$(SHELL_PATH) ./GEN-VERSION-FILE
 -include VERSION-FILE
 
-CFLAGS = -g -O2 -Wall -W -std=gnu99 -Werror=format-security -D_GNU_SOURCE
+CFLAGS = -g -O2 -Wall -W -Werror=format-security
 LDFLAGS =
-ALL_CFLAGS = $(CPPFLAGS) $(CFLAGS)
+IPTRAF_CFLAGS := -std=gnu99 -D_GNU_SOURCE
+ALL_CFLAGS = $(CPPFLAGS) $(CFLAGS) $(IPTRAF_CFLAGS)
 ALL_LDFLAGS = $(LDFLAGS)
 STRIP ?= strip
 
diff --git a/src/capt-mmap-v2.c b/src/capt-mmap-v2.c
index 19757cb..f69b189 100644
--- a/src/capt-mmap-v2.c
+++ b/src/capt-mmap-v2.c
@@ -102,14 +102,17 @@ static void capt_cleanup_mmap_v2(struct capt *capt)
 
 int capt_setup_mmap_v2(struct capt *capt)
 {
+	if (capt_get_socket(capt) == -1)
+		return -1;
+
 	int version = TPACKET_V2;
 	if (setsockopt(capt->fd, SOL_PACKET, PACKET_VERSION, &version, sizeof(version)) != 0)
-		return -1;
+		goto err;
 
 	int hdrlen = version;
 	socklen_t socklen = sizeof(hdrlen);
 	if (getsockopt(capt->fd, SOL_PACKET, PACKET_HDRLEN, &hdrlen, &socklen) != 0)
-		return -1;
+		goto err;
 
 	struct tpacket_req req;
 
@@ -118,18 +121,18 @@ int capt_setup_mmap_v2(struct capt *capt)
 	req.tp_frame_size = FRAME_SIZE;
 	req.tp_block_size = req.tp_frame_nr * req.tp_frame_size;
 
-	if(setsockopt(capt->fd, SOL_PACKET, PACKET_RX_RING, &req, sizeof(req)) != 0)
-		return -1;
+	if (setsockopt(capt->fd, SOL_PACKET, PACKET_RX_RING, &req, sizeof(req)) != 0)
+		goto err;
 
 	size_t size = req.tp_block_size * req.tp_block_nr;
 	void *map = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, capt->fd, 0);
 	if (map == MAP_FAILED)
-		return -1;
+		goto err;
 
-	if(mlock(map, size) != 0) {
-		munmap(map, size);
-		return -1;
-	}
+	/* try to lock this memory to RAM */
+	(void)mlock(map, size);	/* no need to check return value because the mlock() is
+				 * not mandatory; if it fails packet capture just works OK
+				 * albeit suboptimally */
 
 	struct capt_data_mmap_v2 *data = xmallocz(sizeof(struct capt_data_mmap_v2));
 
@@ -151,4 +154,7 @@ int capt_setup_mmap_v2(struct capt *capt)
 	capt->cleanup		= capt_cleanup_mmap_v2;
 
 	return 0;	/* All O.K. */
+err:
+	capt_put_socket(capt);
+	return -1;
 }
diff --git a/src/capt-mmap-v3.c b/src/capt-mmap-v3.c
index 6b823af..539b923 100644
--- a/src/capt-mmap-v3.c
+++ b/src/capt-mmap-v3.c
@@ -141,14 +141,17 @@ static void capt_cleanup_mmap_v3(struct capt *capt)
 
 int capt_setup_mmap_v3(struct capt *capt)
 {
+	if (capt_get_socket(capt) == -1)
+		return -1;
+
 	int version = TPACKET_V3;
 	if (setsockopt(capt->fd, SOL_PACKET, PACKET_VERSION, &version, sizeof(version)) != 0)
-		return -1;
+		goto err;
 
 	int hdrlen = version;
 	socklen_t socklen = sizeof(hdrlen);
 	if (getsockopt(capt->fd, SOL_PACKET, PACKET_HDRLEN, &hdrlen, &socklen) != 0)
-		return -1;
+		goto err;
 
 	struct tpacket_req3 req;
 
@@ -162,17 +165,17 @@ int capt_setup_mmap_v3(struct capt *capt)
 	// req.tp_feature_req_word = TP_FT_REQ_FILL_RXHASH;
 
 	if(setsockopt(capt->fd, SOL_PACKET, PACKET_RX_RING, &req, sizeof(req)) != 0)
-		return -1;
+		goto err;
 
 	size_t size = req.tp_block_size * req.tp_block_nr;
 	void *map = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, capt->fd, 0);
 	if (map == MAP_FAILED)
-		return -1;
+		goto err;
 
-	if (mlock(map, size) != 0) {
-		munmap(map, size);
-		return -1;
-	}
+	/* try to lock this memory to RAM */
+	(void)mlock(map, size);	/* no need to check return value because the mlock() is
+				 * not mandatory; if it fails packet capture just works OK
+				 * albeit suboptimally */
 
 	struct capt_data_mmap_v3 *data = xmallocz(sizeof(struct capt_data_mmap_v3));
 
@@ -193,4 +196,7 @@ int capt_setup_mmap_v3(struct capt *capt)
 	capt->cleanup		= capt_cleanup_mmap_v3;
 
 	return 0;	/* All O.K. */
+err:
+	capt_put_socket(capt);
+	return -1;
 }
diff --git a/src/capt-recvmmsg.c b/src/capt-recvmmsg.c
index 712bf0d..dacc5e7 100644
--- a/src/capt-recvmmsg.c
+++ b/src/capt-recvmmsg.c
@@ -114,6 +114,9 @@ int capt_setup_recvmmsg(struct capt *capt)
 {
 	struct capt_data_recvmmsg *data;
 
+	if (capt_get_socket(capt) == -1)
+		return -1;
+
 	data			= xmallocz(sizeof(struct capt_data_recvmmsg));
 	data->buf		= xmallocz(FRAMES * MAX_PACKET_SIZE);
 	data->msgvec		= xmallocz(FRAMES * sizeof(*data->msgvec));
diff --git a/src/capt-recvmsg.c b/src/capt-recvmsg.c
index 4ef7263..e167809 100644
--- a/src/capt-recvmsg.c
+++ b/src/capt-recvmsg.c
@@ -64,8 +64,12 @@ static void capt_cleanup_recvmsg(struct capt *capt)
 
 int capt_setup_recvmsg(struct capt *capt)
 {
-	struct capt_data_recvmsg *data = xmallocz(sizeof(struct capt_data_recvmsg));
+	struct capt_data_recvmsg *data;
 
+	if (capt_get_socket(capt) == -1)
+		return -1;
+
+	data			= xmallocz(sizeof(struct capt_data_recvmsg));
 	data->buf		= xmallocz(MAX_PACKET_SIZE);
 	data->iov.iov_len	= MAX_PACKET_SIZE;
 	data->iov.iov_base	= data->buf;
diff --git a/src/capt.c b/src/capt.c
index e14b398..324d7cc 100644
--- a/src/capt.c
+++ b/src/capt.c
@@ -15,6 +15,26 @@
 #include "capt-mmap-v2.h"
 #include "capt-mmap-v3.h"
 
+int capt_get_socket(struct capt *capt) {
+
+	/* initialize socket first with some default protocol;
+	 * the right protocol is then set with bind();
+	 * this overcomes the problem with getting packets
+	 * from other interfaces, because the socket was not
+	 * properly initialized yet */
+	int fd = socket(PF_PACKET, SOCK_RAW, 0);
+	if (fd == -1)
+		return -1;
+
+	capt->fd = fd;
+	return 0;
+}
+
+void capt_put_socket(struct capt *capt) {
+	close(capt->fd);
+	capt->fd = -1;
+}
+
 static int capt_set_recv_timeout(int fd, unsigned int msec)
 {
 	struct timeval timeout;
@@ -56,29 +76,20 @@ int capt_init(struct capt *capt, char *ifname)
 	capt->put_packet = NULL;
 	capt->get_dropped = NULL;
 	capt->cleanup = NULL;
+	capt->fd = -1;
 
 	capt->dropped = 0UL;
 
 	INIT_LIST_HEAD(&capt->promisc);
 
-	/* initialize socket first with some default protocol;
-	 * the right protocol is then set with bind();
-	 * this overcomes the problem with getting packets
-	 * from other interfaces, because the socket was not
-	 * properly initialized yet */
-	int fd = socket(PF_PACKET, SOCK_RAW, 0);
-	if (fd == -1)
-		return fd;
-	capt->fd = fd;
+	/* try all available receive functions */
+	if (capt_setup_receive_function(capt) == -1)
+		goto out;
 
 	/* set socket receive timeout */
 	if (capt_set_recv_timeout(capt->fd, 250) == -1)
 		goto out;
 
-	/* try all available receive functions */
-	if (capt_setup_receive_function(capt) == -1)
-		goto out;
-
 	if (options.promisc)
 		promisc_enable(capt->fd, &capt->promisc, ifname);
 
@@ -102,8 +113,7 @@ void capt_destroy(struct capt *capt)
 	if (capt->cleanup)
 		capt->cleanup(capt);
 
-	close(capt->fd);
-	capt->fd = -1;
+	capt_put_socket(capt);
 }
 
 static unsigned long capt_get_dropped_generic(struct capt *capt)
diff --git a/src/capt.h b/src/capt.h
index d1399b5..a36a4aa 100644
--- a/src/capt.h
+++ b/src/capt.h
@@ -27,6 +27,8 @@ struct capt {
 	void		(*cleanup)(struct capt *capt);
 };
 
+int capt_get_socket(struct capt *capt);
+void capt_put_socket(struct capt *capt);
 int capt_init(struct capt *capt, char *ifname);
 void capt_destroy(struct capt *capt);
 unsigned long capt_get_dropped(struct capt *capt);