summaryrefslogtreecommitdiffstats
path: root/lib/libfrr.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-09 13:16:35 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-09 13:16:35 +0000
commite2bbf175a2184bd76f6c54ccf8456babeb1a46fc (patch)
treef0b76550d6e6f500ada964a3a4ee933a45e5a6f1 /lib/libfrr.c
parentInitial commit. (diff)
downloadfrr-e2bbf175a2184bd76f6c54ccf8456babeb1a46fc.tar.xz
frr-e2bbf175a2184bd76f6c54ccf8456babeb1a46fc.zip
Adding upstream version 9.1.upstream/9.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'lib/libfrr.c')
-rw-r--r--lib/libfrr.c1293
1 files changed, 1293 insertions, 0 deletions
diff --git a/lib/libfrr.c b/lib/libfrr.c
new file mode 100644
index 0000000..33237df
--- /dev/null
+++ b/lib/libfrr.c
@@ -0,0 +1,1293 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * libfrr overall management functions
+ *
+ * Copyright (C) 2016 David Lamparter for NetDEF, Inc.
+ */
+
+#include <zebra.h>
+#include <sys/un.h>
+
+#include <sys/types.h>
+#include <sys/wait.h>
+
+#include "libfrr.h"
+#include "getopt.h"
+#include "privs.h"
+#include "vty.h"
+#include "command.h"
+#include "lib/version.h"
+#include "lib_vty.h"
+#include "log_vty.h"
+#include "zclient.h"
+#include "module.h"
+#include "network.h"
+#include "lib_errors.h"
+#include "db.h"
+#include "northbound_cli.h"
+#include "northbound_db.h"
+#include "debug.h"
+#include "frrcu.h"
+#include "frr_pthread.h"
+#include "defaults.h"
+#include "frrscript.h"
+#include "systemd.h"
+
+DEFINE_HOOK(frr_early_init, (struct event_loop * tm), (tm));
+DEFINE_HOOK(frr_late_init, (struct event_loop * tm), (tm));
+DEFINE_HOOK(frr_config_pre, (struct event_loop * tm), (tm));
+DEFINE_HOOK(frr_config_post, (struct event_loop * tm), (tm));
+DEFINE_KOOH(frr_early_fini, (), ());
+DEFINE_KOOH(frr_fini, (), ());
+
+const char frr_sysconfdir[] = SYSCONFDIR;
+char frr_vtydir[256];
+#ifdef HAVE_SQLITE3
+const char frr_dbdir[] = DAEMON_DB_DIR;
+#endif
+const char frr_moduledir[] = MODULE_PATH;
+const char frr_scriptdir[] = SCRIPT_PATH;
+
+char frr_protoname[256] = "NONE";
+char frr_protonameinst[256] = "NONE";
+
+char config_default[512];
+char frr_zclientpath[256];
+static char pidfile_default[1024];
+#ifdef HAVE_SQLITE3
+static char dbfile_default[512];
+#endif
+static char vtypath_default[512];
+
+/* cleared in frr_preinit(), then re-set after daemonizing */
+bool frr_is_after_fork = true;
+bool debug_memstats_at_exit = false;
+static bool nodetach_term, nodetach_daemon;
+static uint64_t startup_fds;
+
+static char comb_optstr[256];
+static struct option comb_lo[64];
+static struct option *comb_next_lo = &comb_lo[0];
+static char comb_helpstr[4096];
+
+struct optspec {
+ const char *optstr;
+ const char *helpstr;
+ const struct option *longopts;
+};
+
+static void opt_extend(const struct optspec *os)
+{
+ const struct option *lo;
+
+ strlcat(comb_optstr, os->optstr, sizeof(comb_optstr));
+ strlcat(comb_helpstr, os->helpstr, sizeof(comb_helpstr));
+ for (lo = os->longopts; lo->name; lo++)
+ memcpy(comb_next_lo++, lo, sizeof(*lo));
+}
+
+
+#define OPTION_VTYSOCK 1000
+#define OPTION_MODULEDIR 1002
+#define OPTION_LOG 1003
+#define OPTION_LOGLEVEL 1004
+#define OPTION_TCLI 1005
+#define OPTION_DB_FILE 1006
+#define OPTION_LOGGING 1007
+#define OPTION_LIMIT_FDS 1008
+#define OPTION_SCRIPTDIR 1009
+
+static const struct option lo_always[] = {
+ {"help", no_argument, NULL, 'h'},
+ {"version", no_argument, NULL, 'v'},
+ {"daemon", no_argument, NULL, 'd'},
+ {"module", no_argument, NULL, 'M'},
+ {"profile", required_argument, NULL, 'F'},
+ {"pathspace", required_argument, NULL, 'N'},
+ {"vrfdefaultname", required_argument, NULL, 'o'},
+ {"vty_socket", required_argument, NULL, OPTION_VTYSOCK},
+ {"moduledir", required_argument, NULL, OPTION_MODULEDIR},
+ {"scriptdir", required_argument, NULL, OPTION_SCRIPTDIR},
+ {"log", required_argument, NULL, OPTION_LOG},
+ {"log-level", required_argument, NULL, OPTION_LOGLEVEL},
+ {"command-log-always", no_argument, NULL, OPTION_LOGGING},
+ {"limit-fds", required_argument, NULL, OPTION_LIMIT_FDS},
+ {NULL}};
+static const struct optspec os_always = {
+ "hvdM:F:N:o:",
+ " -h, --help Display this help and exit\n"
+ " -v, --version Print program version\n"
+ " -d, --daemon Runs in daemon mode\n"
+ " -M, --module Load specified module\n"
+ " -F, --profile Use specified configuration profile\n"
+ " -N, --pathspace Insert prefix into config & socket paths\n"
+ " -o, --vrfdefaultname Set default VRF name.\n"
+ " --vty_socket Override vty socket path\n"
+ " --moduledir Override modules directory\n"
+ " --scriptdir Override scripts directory\n"
+ " --log Set Logging to stdout, syslog, or file:<name>\n"
+ " --log-level Set Logging Level to use, debug, info, warn, etc\n"
+ " --limit-fds Limit number of fds supported\n",
+ lo_always};
+
+static bool logging_to_stdout = false; /* set when --log stdout specified */
+
+static const struct option lo_cfg[] = {
+ {"config_file", required_argument, NULL, 'f'},
+ {"dryrun", no_argument, NULL, 'C'},
+ {NULL}};
+static const struct optspec os_cfg = {
+ "f:C",
+ " -f, --config_file Set configuration file name\n"
+ " -C, --dryrun Check configuration for validity and exit\n",
+ lo_cfg};
+
+
+static const struct option lo_fullcli[] = {
+ {"terminal", no_argument, NULL, 't'},
+ {"tcli", no_argument, NULL, OPTION_TCLI},
+#ifdef HAVE_SQLITE3
+ {"db_file", required_argument, NULL, OPTION_DB_FILE},
+#endif
+ {NULL}};
+static const struct optspec os_fullcli = {
+ "t",
+ " --tcli Use transaction-based CLI\n"
+ " -t, --terminal Open terminal session on stdio\n"
+ " -d -t Daemonize after terminal session ends\n",
+ lo_fullcli};
+
+
+static const struct option lo_pid[] = {
+ {"pid_file", required_argument, NULL, 'i'},
+ {NULL}};
+static const struct optspec os_pid = {
+ "i:",
+ " -i, --pid_file Set process identifier file name\n",
+ lo_pid};
+
+
+static const struct option lo_zclient[] = {
+ {"socket", required_argument, NULL, 'z'},
+ {NULL}};
+static const struct optspec os_zclient = {
+ "z:", " -z, --socket Set path of zebra socket\n", lo_zclient};
+
+
+static const struct option lo_vty[] = {
+ {"vty_addr", required_argument, NULL, 'A'},
+ {"vty_port", required_argument, NULL, 'P'},
+ {NULL}};
+static const struct optspec os_vty = {
+ "A:P:",
+ " -A, --vty_addr Set vty's bind address\n"
+ " -P, --vty_port Set vty's port number\n",
+ lo_vty};
+
+
+static const struct option lo_user[] = {{"user", required_argument, NULL, 'u'},
+ {"group", required_argument, NULL, 'g'},
+ {NULL}};
+static const struct optspec os_user = {"u:g:",
+ " -u, --user User to run as\n"
+ " -g, --group Group to run as\n",
+ lo_user};
+
+bool frr_zclient_addr(struct sockaddr_storage *sa, socklen_t *sa_len,
+ const char *path)
+{
+ memset(sa, 0, sizeof(*sa));
+
+ if (!path)
+ path = frr_zclientpath;
+
+ if (!strncmp(path, ZAPI_TCP_PATHNAME, strlen(ZAPI_TCP_PATHNAME))) {
+ /* note: this functionality is disabled at bottom */
+ int af;
+ int port = ZEBRA_PORT;
+ char *err = NULL;
+ struct sockaddr_in *sin = NULL;
+ struct sockaddr_in6 *sin6 = NULL;
+
+ path += strlen(ZAPI_TCP_PATHNAME);
+
+ switch (path[0]) {
+ case '4':
+ path++;
+ af = AF_INET;
+ break;
+ case '6':
+ path++;
+ /* fallthrough */
+ default:
+ af = AF_INET6;
+ break;
+ }
+
+ switch (path[0]) {
+ case '\0':
+ break;
+ case ':':
+ path++;
+ port = strtoul(path, &err, 10);
+ if (*err || !*path)
+ return false;
+ break;
+ default:
+ return false;
+ }
+
+ sa->ss_family = af;
+ switch (af) {
+ case AF_INET:
+ sin = (struct sockaddr_in *)sa;
+ sin->sin_port = htons(port);
+ sin->sin_addr.s_addr = htonl(INADDR_LOOPBACK);
+ *sa_len = sizeof(struct sockaddr_in);
+#ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
+ sin->sin_len = *sa_len;
+#endif
+ break;
+ case AF_INET6:
+ sin6 = (struct sockaddr_in6 *)sa;
+ sin6->sin6_port = htons(port);
+ inet_pton(AF_INET6, "::1", &sin6->sin6_addr);
+ *sa_len = sizeof(struct sockaddr_in6);
+#ifdef SIN6_LEN
+ sin6->sin6_len = *sa_len;
+#endif
+ break;
+ }
+
+#if 1
+ /* force-disable this path, because tcp-zebra is a
+ * SECURITY ISSUE. there are no checks at all against
+ * untrusted users on the local system connecting on TCP
+ * and injecting bogus routing data into the entire routing
+ * domain.
+ *
+ * The functionality is only left here because it may be
+ * useful during development, in order to be able to get
+ * tcpdump or wireshark watching ZAPI as TCP. If you want
+ * to do that, flip the #if 1 above to #if 0. */
+ memset(sa, 0, sizeof(*sa));
+ return false;
+#endif
+ } else {
+ /* "sun" is a #define on solaris */
+ struct sockaddr_un *suna = (struct sockaddr_un *)sa;
+
+ suna->sun_family = AF_UNIX;
+ strlcpy(suna->sun_path, path, sizeof(suna->sun_path));
+#ifdef HAVE_STRUCT_SOCKADDR_UN_SUN_LEN
+ *sa_len = suna->sun_len = SUN_LEN(suna);
+#else
+ *sa_len = sizeof(suna->sun_family) + strlen(suna->sun_path);
+#endif /* HAVE_STRUCT_SOCKADDR_UN_SUN_LEN */
+#if 0
+ /* this is left here for future reference; Linux abstract
+ * socket namespace support can be enabled by replacing
+ * above #if 0 with #ifdef GNU_LINUX.
+ *
+ * THIS IS A SECURITY ISSUE, the abstract socket namespace
+ * does not have user/group permission control on sockets.
+ * we'd need to implement SCM_CREDENTIALS support first to
+ * check that only proper users can connect to abstract
+ * sockets. (same problem as tcp-zebra, except there is a
+ * fix with SCM_CREDENTIALS. tcp-zebra has no such fix.)
+ */
+ if (suna->sun_path[0] == '@')
+ suna->sun_path[0] = '\0';
+#endif
+ }
+ return true;
+}
+
+static struct frr_daemon_info *di = NULL;
+
+void frr_init_vtydir(void)
+{
+ snprintf(frr_vtydir, sizeof(frr_vtydir), DAEMON_VTY_DIR, "", "");
+}
+
+void frr_preinit(struct frr_daemon_info *daemon, int argc, char **argv)
+{
+ di = daemon;
+ frr_is_after_fork = false;
+
+ /* basename(), opencoded. */
+ char *p = strrchr(argv[0], '/');
+ di->progname = p ? p + 1 : argv[0];
+
+ umask(0027);
+
+ log_args_init(daemon->early_logging);
+
+ opt_extend(&os_always);
+ if (!(di->flags & FRR_NO_SPLIT_CONFIG))
+ opt_extend(&os_cfg);
+ if (!(di->flags & FRR_LIMITED_CLI))
+ opt_extend(&os_fullcli);
+ if (!(di->flags & FRR_NO_PID))
+ opt_extend(&os_pid);
+ if (!(di->flags & FRR_NO_PRIVSEP))
+ opt_extend(&os_user);
+ if (!(di->flags & FRR_NO_ZCLIENT))
+ opt_extend(&os_zclient);
+ if (!(di->flags & FRR_NO_TCPVTY))
+ opt_extend(&os_vty);
+ if (di->flags & FRR_DETACH_LATER)
+ nodetach_daemon = true;
+
+ frr_init_vtydir();
+ snprintf(config_default, sizeof(config_default), "%s/%s.conf",
+ frr_sysconfdir, di->name);
+ snprintf(pidfile_default, sizeof(pidfile_default), "%s/%s.pid",
+ frr_vtydir, di->name);
+ snprintf(frr_zclientpath, sizeof(frr_zclientpath),
+ ZEBRA_SERV_PATH, "", "");
+#ifdef HAVE_SQLITE3
+ snprintf(dbfile_default, sizeof(dbfile_default), "%s/%s.db",
+ frr_dbdir, di->name);
+#endif
+
+ strlcpy(frr_protoname, di->logname, sizeof(frr_protoname));
+ strlcpy(frr_protonameinst, di->logname, sizeof(frr_protonameinst));
+
+ di->cli_mode = FRR_CLI_CLASSIC;
+
+ /* we may be starting with extra FDs open for whatever purpose,
+ * e.g. logging, some module, etc. Recording them here allows later
+ * checking whether an fd is valid for such extension purposes,
+ * without this we could end up e.g. logging to a BGP session fd.
+ */
+ startup_fds = 0;
+ for (int i = 0; i < 64; i++) {
+ struct stat st;
+
+ if (fstat(i, &st))
+ continue;
+ if (S_ISDIR(st.st_mode) || S_ISBLK(st.st_mode))
+ continue;
+
+ startup_fds |= UINT64_C(0x1) << (uint64_t)i;
+ }
+
+ /* note this doesn't do anything, it just grabs state, so doing it
+ * early in _preinit is perfect.
+ */
+ systemd_init_env();
+}
+
+bool frr_is_startup_fd(int fd)
+{
+ return !!(startup_fds & (UINT64_C(0x1) << (uint64_t)fd));
+}
+
+void frr_opt_add(const char *optstr, const struct option *longopts,
+ const char *helpstr)
+{
+ const struct optspec main_opts = {optstr, helpstr, longopts};
+ opt_extend(&main_opts);
+}
+
+void frr_help_exit(int status)
+{
+ FILE *target = status ? stderr : stdout;
+
+ if (status != 0)
+ fprintf(stderr, "Invalid options.\n\n");
+
+ if (di->printhelp)
+ di->printhelp(target);
+ else
+ fprintf(target, "Usage: %s [OPTION...]\n\n%s%s%s\n\n%s",
+ di->progname, di->proghelp, di->copyright ? "\n\n" : "",
+ di->copyright ? di->copyright : "", comb_helpstr);
+ fprintf(target, "\nReport bugs to %s\n", FRR_BUG_ADDRESS);
+ exit(status);
+}
+
+struct option_chain {
+ struct option_chain *next;
+ const char *arg;
+};
+
+static struct option_chain *modules = NULL, **modnext = &modules;
+static int errors = 0;
+
+static int frr_opt(int opt)
+{
+ static int vty_port_set = 0;
+ static int vty_addr_set = 0;
+ struct option_chain *oc;
+ struct log_arg *log_arg;
+ size_t arg_len;
+ char *err;
+
+ switch (opt) {
+ case 'h':
+ frr_help_exit(0);
+ case 'v':
+ print_version(di->progname);
+ exit(0);
+ break;
+ case 'd':
+ di->daemon_mode = true;
+ break;
+ case 'M':
+ oc = XMALLOC(MTYPE_TMP, sizeof(*oc));
+ oc->arg = optarg;
+ oc->next = NULL;
+ *modnext = oc;
+ modnext = &oc->next;
+ break;
+ case 'F':
+ if (!frr_defaults_profile_valid(optarg)) {
+ const char **p;
+ FILE *ofd = stderr;
+
+ if (!strcmp(optarg, "help"))
+ ofd = stdout;
+ else
+ fprintf(stderr,
+ "The \"%s\" configuration profile is not valid for this FRR version.\n",
+ optarg);
+
+ fprintf(ofd, "Available profiles are:\n");
+ for (p = frr_defaults_profiles; *p; p++)
+ fprintf(ofd, "%s%s\n",
+ strcmp(*p, DFLT_NAME) ? " " : " * ",
+ *p);
+
+ if (ofd == stdout)
+ exit(0);
+ fprintf(ofd, "\n");
+ errors++;
+ break;
+ }
+ frr_defaults_profile_set(optarg);
+ break;
+ case 'i':
+ if (di->flags & FRR_NO_PID)
+ return 1;
+ di->pid_file = optarg;
+ break;
+ case 'f':
+ if (di->flags & FRR_NO_SPLIT_CONFIG)
+ return 1;
+ di->config_file = optarg;
+ break;
+ case 'N':
+ if (di->pathspace) {
+ fprintf(stderr,
+ "-N/--pathspace option specified more than once!\n");
+ errors++;
+ break;
+ }
+ if (di->zpathspace)
+ fprintf(stderr,
+ "-N option overridden by -z for zebra named socket path\n");
+
+ if (strchr(optarg, '/') || strchr(optarg, '.')) {
+ fprintf(stderr,
+ "slashes or dots are not permitted in the --pathspace option.\n");
+ errors++;
+ break;
+ }
+ di->pathspace = optarg;
+
+ if (!di->zpathspace)
+ snprintf(frr_zclientpath, sizeof(frr_zclientpath),
+ ZEBRA_SERV_PATH, "/", di->pathspace);
+ snprintf(frr_vtydir, sizeof(frr_vtydir), DAEMON_VTY_DIR, "/",
+ di->pathspace);
+ snprintf(pidfile_default, sizeof(pidfile_default), "%s/%s.pid",
+ frr_vtydir, di->name);
+ break;
+ case 'o':
+ vrf_set_default_name(optarg);
+ break;
+#ifdef HAVE_SQLITE3
+ case OPTION_DB_FILE:
+ if (di->flags & FRR_NO_PID)
+ return 1;
+ di->db_file = optarg;
+ break;
+#endif
+ case 'C':
+ if (di->flags & FRR_NO_SPLIT_CONFIG)
+ return 1;
+ di->dryrun = true;
+ break;
+ case 't':
+ if (di->flags & FRR_LIMITED_CLI)
+ return 1;
+ di->terminal = true;
+ break;
+ case 'z':
+ di->zpathspace = true;
+ if (di->pathspace)
+ fprintf(stderr,
+ "-z option overrides -N option for zebra named socket path\n");
+ if (di->flags & FRR_NO_ZCLIENT)
+ return 1;
+ strlcpy(frr_zclientpath, optarg, sizeof(frr_zclientpath));
+ break;
+ case 'A':
+ if (di->flags & FRR_NO_TCPVTY)
+ return 1;
+ if (vty_addr_set) {
+ fprintf(stderr,
+ "-A option specified more than once!\n");
+ errors++;
+ break;
+ }
+ vty_addr_set = 1;
+ di->vty_addr = optarg;
+ break;
+ case 'P':
+ if (di->flags & FRR_NO_TCPVTY)
+ return 1;
+ if (vty_port_set) {
+ fprintf(stderr,
+ "-P option specified more than once!\n");
+ errors++;
+ break;
+ }
+ vty_port_set = 1;
+ di->vty_port = strtoul(optarg, &err, 0);
+ if (*err || !*optarg) {
+ fprintf(stderr,
+ "invalid port number \"%s\" for -P option\n",
+ optarg);
+ errors++;
+ break;
+ }
+ break;
+ case OPTION_VTYSOCK:
+ if (di->vty_sock_path) {
+ fprintf(stderr,
+ "--vty_socket option specified more than once!\n");
+ errors++;
+ break;
+ }
+ di->vty_sock_path = optarg;
+ break;
+ case OPTION_MODULEDIR:
+ if (di->module_path) {
+ fprintf(stderr,
+ "----moduledir option specified more than once!\n");
+ errors++;
+ break;
+ }
+ di->module_path = optarg;
+ break;
+ case OPTION_SCRIPTDIR:
+ if (di->script_path) {
+ fprintf(stderr, "--scriptdir option specified more than once!\n");
+ errors++;
+ break;
+ }
+ di->script_path = optarg;
+ break;
+ case OPTION_TCLI:
+ di->cli_mode = FRR_CLI_TRANSACTIONAL;
+ break;
+ case 'u':
+ if (di->flags & FRR_NO_PRIVSEP)
+ return 1;
+ di->privs->user = optarg;
+ break;
+ case 'g':
+ if (di->flags & FRR_NO_PRIVSEP)
+ return 1;
+ di->privs->group = optarg;
+ break;
+ case OPTION_LOG:
+ arg_len = strlen(optarg) + 1;
+ log_arg = XCALLOC(MTYPE_TMP, sizeof(*log_arg) + arg_len);
+ memcpy(log_arg->target, optarg, arg_len);
+ log_args_add_tail(di->early_logging, log_arg);
+ break;
+ case OPTION_LOGLEVEL:
+ di->early_loglevel = optarg;
+ break;
+ case OPTION_LOGGING:
+ di->log_always = true;
+ break;
+ case OPTION_LIMIT_FDS:
+ di->limit_fds = strtoul(optarg, &err, 0);
+ break;
+ default:
+ return 1;
+ }
+ return 0;
+}
+
+int frr_getopt(int argc, char *const argv[], int *longindex)
+{
+ int opt;
+ int lidx;
+
+ comb_next_lo->name = NULL;
+
+ do {
+ opt = getopt_long(argc, argv, comb_optstr, comb_lo, &lidx);
+ if (frr_opt(opt))
+ break;
+ } while (opt != -1);
+
+ if (opt == -1 && errors)
+ frr_help_exit(1);
+ if (longindex)
+ *longindex = lidx;
+ return opt;
+}
+
+static void frr_mkdir(const char *path, bool strip)
+{
+ char buf[256];
+ mode_t prev;
+ int ret;
+ struct zprivs_ids_t ids;
+
+ if (strip) {
+ char *slash = strrchr(path, '/');
+ size_t plen;
+ if (!slash)
+ return;
+ plen = slash - path;
+ if (plen > sizeof(buf) - 1)
+ return;
+ memcpy(buf, path, plen);
+ buf[plen] = '\0';
+ path = buf;
+ }
+
+ /* o+rx (..5) is needed for the frrvty group to work properly;
+ * without it, users in the frrvty group can't access the vty sockets.
+ */
+ prev = umask(0022);
+ ret = mkdir(path, 0755);
+ umask(prev);
+
+ if (ret != 0) {
+ /* if EEXIST, return without touching the permissions,
+ * so user-set custom permissions are left in place
+ */
+ if (errno == EEXIST)
+ return;
+
+ flog_err(EC_LIB_SYSTEM_CALL, "failed to mkdir \"%s\": %s", path,
+ strerror(errno));
+ return;
+ }
+
+ zprivs_get_ids(&ids);
+ if (chown(path, ids.uid_normal, ids.gid_normal))
+ flog_err(EC_LIB_SYSTEM_CALL, "failed to chown \"%s\": %s", path,
+ strerror(errno));
+}
+
+static void _err_print(const void *cookie, const char *errstr)
+{
+ const char *prefix = (const char *)cookie;
+
+ fprintf(stderr, "%s: %s\n", prefix, errstr);
+}
+
+static struct event_loop *master;
+struct event_loop *frr_init(void)
+{
+ struct option_chain *oc;
+ struct log_arg *log_arg;
+ struct frrmod_runtime *module;
+ struct zprivs_ids_t ids;
+ char p_instance[16] = "", p_pathspace[256] = "";
+ const char *dir;
+
+ dir = di->module_path ? di->module_path : frr_moduledir;
+
+ srandom(time(NULL));
+ frr_defaults_apply();
+
+ if (di->instance) {
+ snprintf(frr_protonameinst, sizeof(frr_protonameinst), "%s[%u]",
+ di->logname, di->instance);
+ snprintf(p_instance, sizeof(p_instance), "-%d", di->instance);
+ }
+ if (di->pathspace)
+ snprintf(p_pathspace, sizeof(p_pathspace), "%s/",
+ di->pathspace);
+
+ snprintf(config_default, sizeof(config_default), "%s%s%s%s.conf",
+ frr_sysconfdir, p_pathspace, di->name, p_instance);
+ snprintf(pidfile_default, sizeof(pidfile_default), "%s/%s%s.pid",
+ frr_vtydir, di->name, p_instance);
+#ifdef HAVE_SQLITE3
+ snprintf(dbfile_default, sizeof(dbfile_default), "%s/%s%s%s.db",
+ frr_dbdir, p_pathspace, di->name, p_instance);
+#endif
+
+ zprivs_preinit(di->privs);
+ zprivs_get_ids(&ids);
+
+ zlog_init(di->progname, di->logname, di->instance,
+ ids.uid_normal, ids.gid_normal);
+
+ while ((log_arg = log_args_pop(di->early_logging))) {
+ command_setup_early_logging(log_arg->target,
+ di->early_loglevel);
+ /* this is a bit of a hack,
+ but need to notice when
+ the target is stdout */
+ if (strcmp(log_arg->target, "stdout") == 0)
+ logging_to_stdout = true;
+ XFREE(MTYPE_TMP, log_arg);
+ }
+
+ if (!frr_zclient_addr(&zclient_addr, &zclient_addr_len,
+ frr_zclientpath)) {
+ fprintf(stderr, "Invalid zserv socket path: %s\n",
+ frr_zclientpath);
+ exit(1);
+ }
+
+ /* don't mkdir these as root... */
+ if (!(di->flags & FRR_NO_PRIVSEP)) {
+ if (!di->pid_file || !di->vty_path)
+ frr_mkdir(frr_vtydir, false);
+ if (di->pid_file)
+ frr_mkdir(di->pid_file, true);
+ if (di->vty_path)
+ frr_mkdir(di->vty_path, true);
+ }
+
+ frrmod_init(di->module);
+ while (modules) {
+ modules = (oc = modules)->next;
+ module = frrmod_load(oc->arg, dir, _err_print, __func__);
+ if (!module)
+ exit(1);
+ XFREE(MTYPE_TMP, oc);
+ }
+
+ zprivs_init(di->privs);
+
+ master = event_master_create(NULL);
+ signal_init(master, di->n_signals, di->signals);
+ hook_call(frr_early_init, master);
+
+#ifdef HAVE_SQLITE3
+ if (!di->db_file)
+ di->db_file = dbfile_default;
+ db_init("%s", di->db_file);
+#endif
+
+ if (di->flags & FRR_LIMITED_CLI)
+ cmd_init(-1);
+ else
+ cmd_init(1);
+
+ vty_init(master, di->log_always);
+ lib_cmd_init();
+
+ frr_pthread_init();
+#ifdef HAVE_SCRIPTING
+ frrscript_init(di->script_path ? di->script_path : frr_scriptdir);
+#endif
+
+ log_ref_init();
+ log_ref_vty_init();
+ lib_error_init();
+
+ nb_init(master, di->yang_modules, di->n_yang_modules, true);
+ if (nb_db_init() != NB_OK)
+ flog_warn(EC_LIB_NB_DATABASE,
+ "%s: failed to initialize northbound database",
+ __func__);
+
+ debug_init_cli();
+
+ return master;
+}
+
+const char *frr_get_progname(void)
+{
+ return di ? di->progname : NULL;
+}
+
+enum frr_cli_mode frr_get_cli_mode(void)
+{
+ return di ? di->cli_mode : FRR_CLI_CLASSIC;
+}
+
+uint32_t frr_get_fd_limit(void)
+{
+ return di ? di->limit_fds : 0;
+}
+
+static int rcvd_signal = 0;
+
+static void rcv_signal(int signum)
+{
+ rcvd_signal = signum;
+ /* poll() is interrupted by the signal; handled below */
+}
+
+static void frr_daemon_wait(int fd)
+{
+ struct pollfd pfd[1];
+ int ret;
+ pid_t exitpid;
+ int exitstat;
+ sigset_t sigs, prevsigs;
+
+ sigemptyset(&sigs);
+ sigaddset(&sigs, SIGTSTP);
+ sigaddset(&sigs, SIGQUIT);
+ sigaddset(&sigs, SIGINT);
+ sigprocmask(SIG_BLOCK, &sigs, &prevsigs);
+
+ struct sigaction sa = {
+ .sa_handler = rcv_signal, .sa_flags = SA_RESETHAND,
+ };
+ sigemptyset(&sa.sa_mask);
+ sigaction(SIGTSTP, &sa, NULL);
+ sigaction(SIGQUIT, &sa, NULL);
+ sigaction(SIGINT, &sa, NULL);
+
+ do {
+ char buf[1];
+ ssize_t nrecv;
+
+ pfd[0].fd = fd;
+ pfd[0].events = POLLIN;
+
+ rcvd_signal = 0;
+
+#if defined(HAVE_PPOLL)
+ ret = ppoll(pfd, 1, NULL, &prevsigs);
+#elif defined(HAVE_POLLTS)
+ ret = pollts(pfd, 1, NULL, &prevsigs);
+#else
+ /* racy -- only used on FreeBSD 9 */
+ sigset_t tmpsigs;
+ sigprocmask(SIG_SETMASK, &prevsigs, &tmpsigs);
+ ret = poll(pfd, 1, -1);
+ sigprocmask(SIG_SETMASK, &tmpsigs, NULL);
+#endif
+ if (ret < 0 && errno != EINTR && errno != EAGAIN) {
+ perror("poll()");
+ exit(1);
+ }
+ switch (rcvd_signal) {
+ case SIGTSTP:
+ send(fd, "S", 1, 0);
+ do {
+ nrecv = recv(fd, buf, sizeof(buf), 0);
+ } while (nrecv == -1
+ && (errno == EINTR || errno == EAGAIN));
+
+ raise(SIGTSTP);
+ sigaction(SIGTSTP, &sa, NULL);
+ send(fd, "R", 1, 0);
+ break;
+ case SIGINT:
+ send(fd, "I", 1, 0);
+ break;
+ case SIGQUIT:
+ send(fd, "Q", 1, 0);
+ break;
+ }
+ } while (ret <= 0);
+
+ exitpid = waitpid(-1, &exitstat, WNOHANG);
+ if (exitpid == 0)
+ /* child successfully went to main loop & closed socket */
+ exit(0);
+
+ /* child failed one way or another ... */
+ if (WIFEXITED(exitstat) && WEXITSTATUS(exitstat) == 0)
+ /* can happen in --terminal case if exit is fast enough */
+ (void)0;
+ else if (WIFEXITED(exitstat))
+ fprintf(stderr, "%s failed to start, exited %d\n", di->name,
+ WEXITSTATUS(exitstat));
+ else if (WIFSIGNALED(exitstat))
+ fprintf(stderr, "%s crashed in startup, signal %d\n", di->name,
+ WTERMSIG(exitstat));
+ else
+ fprintf(stderr, "%s failed to start, unknown problem\n",
+ di->name);
+ exit(1);
+}
+
+static int daemon_ctl_sock = -1;
+
+static void frr_daemonize(void)
+{
+ int fds[2];
+ pid_t pid;
+
+ if (socketpair(AF_UNIX, SOCK_STREAM, 0, fds)) {
+ perror("socketpair() for daemon control");
+ exit(1);
+ }
+ set_cloexec(fds[0]);
+ set_cloexec(fds[1]);
+
+ pid = fork();
+ if (pid < 0) {
+ perror("fork()");
+ exit(1);
+ }
+ if (pid == 0) {
+ /* child */
+ close(fds[0]);
+ if (setsid() < 0) {
+ perror("setsid()");
+ exit(1);
+ }
+
+ daemon_ctl_sock = fds[1];
+ return;
+ }
+
+ close(fds[1]);
+ nb_terminate();
+ yang_terminate();
+ frr_daemon_wait(fds[0]);
+}
+
+/*
+ * Why is this a thread?
+ *
+ * The read in of config for integrated config happens *after*
+ * thread execution starts( because it is passed in via a vtysh -b -n )
+ * While if you are not using integrated config we want the ability
+ * to read the config in after thread execution starts, so that
+ * we can match this behavior.
+ */
+static void frr_config_read_in(struct event *t)
+{
+ hook_call(frr_config_pre, master);
+
+ if (!vty_read_config(vty_shared_candidate_config, di->config_file,
+ config_default)
+ && di->backup_config_file) {
+ char *orig = XSTRDUP(MTYPE_TMP, host_config_get());
+
+ zlog_info("Attempting to read backup config file: %s specified",
+ di->backup_config_file);
+ vty_read_config(vty_shared_candidate_config,
+ di->backup_config_file, config_default);
+
+ host_config_set(orig);
+ XFREE(MTYPE_TMP, orig);
+ }
+
+ /*
+ * Automatically commit the candidate configuration after
+ * reading the configuration file.
+ */
+ if (frr_get_cli_mode() == FRR_CLI_TRANSACTIONAL) {
+ struct nb_context context = {};
+ char errmsg[BUFSIZ] = {0};
+ int ret;
+
+ context.client = NB_CLIENT_CLI;
+ ret = nb_candidate_commit(context, vty_shared_candidate_config,
+ true, "Read configuration file", NULL,
+ errmsg, sizeof(errmsg));
+ if (ret != NB_OK && ret != NB_ERR_NO_CHANGES)
+ zlog_err(
+ "%s: failed to read configuration file: %s (%s)",
+ __func__, nb_err_name(ret), errmsg);
+ }
+
+ hook_call(frr_config_post, master);
+}
+
+void frr_config_fork(void)
+{
+ hook_call(frr_late_init, master);
+
+ if (!(di->flags & FRR_NO_SPLIT_CONFIG)) {
+ /* Don't start execution if we are in dry-run mode */
+ if (di->dryrun) {
+ frr_config_read_in(NULL);
+ exit(0);
+ }
+
+ event_add_event(master, frr_config_read_in, NULL, 0,
+ &di->read_in);
+ }
+
+ if (di->daemon_mode || di->terminal)
+ frr_daemonize();
+
+ frr_is_after_fork = true;
+
+ if (!di->pid_file)
+ di->pid_file = pidfile_default;
+ pid_output(di->pid_file);
+ zlog_tls_buffer_init();
+}
+
+void frr_vty_serv_start(void)
+{
+ /* allow explicit override of vty_path in the future
+ * (not currently set anywhere) */
+ if (!di->vty_path) {
+ const char *dir;
+ char defvtydir[256];
+
+ snprintf(defvtydir, sizeof(defvtydir), "%s", frr_vtydir);
+
+ dir = di->vty_sock_path ? di->vty_sock_path : defvtydir;
+
+ if (di->instance)
+ snprintf(vtypath_default, sizeof(vtypath_default),
+ "%s/%s-%d.vty", dir, di->name, di->instance);
+ else
+ snprintf(vtypath_default, sizeof(vtypath_default),
+ "%s/%s.vty", dir, di->name);
+
+ di->vty_path = vtypath_default;
+ }
+
+ vty_serv_start(di->vty_addr, di->vty_port, di->vty_path);
+}
+
+void frr_vty_serv_stop(void)
+{
+ vty_serv_stop();
+
+ if (di->vty_path)
+ unlink(di->vty_path);
+}
+
+static void frr_check_detach(void)
+{
+ if (nodetach_term || nodetach_daemon)
+ return;
+
+ if (daemon_ctl_sock != -1)
+ close(daemon_ctl_sock);
+ daemon_ctl_sock = -1;
+}
+
+static void frr_terminal_close(int isexit)
+{
+ int nullfd;
+
+ nodetach_term = false;
+ frr_check_detach();
+
+ if (!di->daemon_mode || isexit) {
+ printf("\n%s exiting\n", di->name);
+ if (!isexit)
+ raise(SIGINT);
+ return;
+ } else {
+ printf("\n%s daemonizing\n", di->name);
+ fflush(stdout);
+ }
+
+ nullfd = open("/dev/null", O_RDONLY | O_NOCTTY);
+ if (nullfd == -1) {
+ flog_err_sys(EC_LIB_SYSTEM_CALL,
+ "%s: failed to open /dev/null: %s", __func__,
+ safe_strerror(errno));
+ } else {
+ int fd;
+ /*
+ * only redirect stdin, stdout, stderr to null when a tty also
+ * don't redirect when stdout is set with --log stdout
+ */
+ for (fd = 2; fd >= 0; fd--)
+ if (isatty(fd) &&
+ (fd != STDOUT_FILENO || !logging_to_stdout))
+ dup2(nullfd, fd);
+ close(nullfd);
+ }
+}
+
+static struct event *daemon_ctl_thread = NULL;
+
+static void frr_daemon_ctl(struct event *t)
+{
+ char buf[1];
+ ssize_t nr;
+
+ nr = recv(daemon_ctl_sock, buf, sizeof(buf), 0);
+ if (nr < 0 && (errno == EINTR || errno == EAGAIN))
+ goto out;
+ if (nr <= 0)
+ return;
+
+ switch (buf[0]) {
+ case 'S': /* SIGTSTP */
+ vty_stdio_suspend();
+ if (send(daemon_ctl_sock, "s", 1, 0) < 0)
+ zlog_err("%s send(\"s\") error (SIGTSTP propagation)",
+ (di && di->name ? di->name : ""));
+ break;
+ case 'R': /* SIGTCNT [implicit] */
+ vty_stdio_resume();
+ break;
+ case 'I': /* SIGINT */
+ di->daemon_mode = false;
+ raise(SIGINT);
+ break;
+ case 'Q': /* SIGQUIT */
+ di->daemon_mode = true;
+ vty_stdio_close();
+ break;
+ }
+
+out:
+ event_add_read(master, frr_daemon_ctl, NULL, daemon_ctl_sock,
+ &daemon_ctl_thread);
+}
+
+void frr_detach(void)
+{
+ nodetach_daemon = false;
+ frr_check_detach();
+}
+
+void frr_run(struct event_loop *master)
+{
+ char instanceinfo[64] = "";
+
+ if (!(di->flags & FRR_MANUAL_VTY_START))
+ frr_vty_serv_start();
+
+ if (di->instance)
+ snprintf(instanceinfo, sizeof(instanceinfo), "instance %u ",
+ di->instance);
+
+ zlog_notice("%s %s starting: %svty@%d%s", di->name, FRR_VERSION,
+ instanceinfo, di->vty_port, di->startinfo);
+
+ if (di->terminal) {
+ nodetach_term = true;
+
+ vty_stdio(frr_terminal_close);
+ if (daemon_ctl_sock != -1) {
+ set_nonblocking(daemon_ctl_sock);
+ event_add_read(master, frr_daemon_ctl, NULL,
+ daemon_ctl_sock, &daemon_ctl_thread);
+ }
+ } else if (di->daemon_mode) {
+ int nullfd = open("/dev/null", O_RDONLY | O_NOCTTY);
+ if (nullfd == -1) {
+ flog_err_sys(EC_LIB_SYSTEM_CALL,
+ "%s: failed to open /dev/null: %s",
+ __func__, safe_strerror(errno));
+ } else {
+ int fd;
+ /*
+ * only redirect stdin, stdout, stderr to null when a
+ * tty also don't redirect when stdout is set with --log
+ * stdout
+ */
+ for (fd = 2; fd >= 0; fd--)
+ if (isatty(fd) &&
+ (fd != STDOUT_FILENO || !logging_to_stdout))
+ dup2(nullfd, fd);
+ close(nullfd);
+ }
+
+ frr_check_detach();
+ }
+
+ /* end fixed stderr startup logging */
+ zlog_startup_end();
+
+ struct event thread;
+ while (event_fetch(master, &thread))
+ event_call(&thread);
+}
+
+void frr_early_fini(void)
+{
+ hook_call(frr_early_fini);
+}
+
+void frr_fini(void)
+{
+ FILE *fp;
+ char filename[128];
+ int have_leftovers = 0;
+
+ hook_call(frr_fini);
+
+ vty_terminate();
+ cmd_terminate();
+ nb_terminate();
+ yang_terminate();
+#ifdef HAVE_SQLITE3
+ db_close();
+#endif
+ log_ref_fini();
+
+#ifdef HAVE_SCRIPTING
+ frrscript_fini();
+#endif
+ frr_pthread_finish();
+ zprivs_terminate(di->privs);
+ /* signal_init -> nothing needed */
+ event_master_free(master);
+ master = NULL;
+ zlog_tls_buffer_fini();
+ zlog_fini();
+ /* frrmod_init -> nothing needed / hooks */
+ rcu_shutdown();
+
+ /* also log memstats to stderr when stderr goes to a file*/
+ if (debug_memstats_at_exit || !isatty(STDERR_FILENO))
+ have_leftovers = log_memstats(stderr, di->name);
+
+ /* in case we decide at runtime that we want exit-memstats for
+ * a daemon
+ * (only do this if we actually have something to print though)
+ */
+ if (!debug_memstats_at_exit || !have_leftovers)
+ return;
+
+ snprintf(filename, sizeof(filename), "/tmp/frr-memstats-%s-%llu-%llu",
+ di->name, (unsigned long long)getpid(),
+ (unsigned long long)time(NULL));
+
+ fp = fopen(filename, "w");
+ if (fp) {
+ log_memstats(fp, di->name);
+ fclose(fp);
+ }
+}
+
+#ifdef INTERP
+static const char interp[]
+ __attribute__((section(".interp"), used)) = INTERP;
+#endif
+/*
+ * executable entry point for libfrr.so
+ *
+ * note that libc initialization is skipped for this so the set of functions
+ * that can be called is rather limited
+ */
+extern void _libfrr_version(void)
+ __attribute__((visibility("hidden"), noreturn));
+void _libfrr_version(void)
+{
+ const char banner[] =
+ FRR_FULL_NAME " " FRR_VERSION ".\n"
+ FRR_COPYRIGHT GIT_INFO "\n"
+ "configured with:\n " FRR_CONFIG_ARGS "\n";
+ write(1, banner, sizeof(banner) - 1);
+ _exit(0);
+}