xref: /freebsd-14-stable/usr.bin/sockstat/sockstat.c (revision 60786eb3fe7fc0198baba9b153eec7fa5af1f9e9)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause
3  *
4  * Copyright (c) 2002 Dag-Erling Smørgrav
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer
12  *    in this position and unchanged.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  * 3. The name of the author may not be used to endorse or promote products
17  *    derived from this software without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29  */
30 
31 #include <sys/cdefs.h>
32 #include <sys/param.h>
33 #include <sys/file.h>
34 #include <sys/socket.h>
35 #include <sys/socketvar.h>
36 #include <sys/sysctl.h>
37 #include <sys/jail.h>
38 #include <sys/user.h>
39 #include <sys/queue.h>
40 #include <sys/tree.h>
41 
42 #include <sys/un.h>
43 #include <sys/unpcb.h>
44 
45 #include <net/route.h>
46 
47 #include <netinet/in.h>
48 #include <netinet/in_pcb.h>
49 #include <netinet/sctp.h>
50 #include <netinet/tcp.h>
51 #define TCPSTATES /* load state names */
52 #include <netinet/tcp_fsm.h>
53 #include <netinet/tcp_seq.h>
54 #include <netinet/tcp_var.h>
55 #include <arpa/inet.h>
56 
57 #include <capsicum_helpers.h>
58 #include <ctype.h>
59 #include <err.h>
60 #include <errno.h>
61 #include <inttypes.h>
62 #include <jail.h>
63 #include <netdb.h>
64 #include <pwd.h>
65 #include <stdarg.h>
66 #include <stdio.h>
67 #include <stdlib.h>
68 #include <string.h>
69 #include <unistd.h>
70 
71 #include <libcasper.h>
72 #include <casper/cap_net.h>
73 #include <casper/cap_netdb.h>
74 #include <casper/cap_pwd.h>
75 #include <casper/cap_sysctl.h>
76 
77 #define	sstosin(ss)	((struct sockaddr_in *)(ss))
78 #define	sstosin6(ss)	((struct sockaddr_in6 *)(ss))
79 #define	sstosun(ss)	((struct sockaddr_un *)(ss))
80 #define	sstosa(ss)	((struct sockaddr *)(ss))
81 
82 static int	 opt_4;		/* Show IPv4 sockets */
83 static int	 opt_6;		/* Show IPv6 sockets */
84 static int	 opt_C;		/* Show congestion control */
85 static int	 opt_c;		/* Show connected sockets */
86 static int	 opt_f;		/* Show FIB numbers */
87 static int	 opt_I;		/* Show spliced socket addresses */
88 static int	 opt_i;		/* Show inp_gencnt */
89 static int	 opt_j;		/* Show specified jail */
90 static int	 opt_L;		/* Don't show IPv4 or IPv6 loopback sockets */
91 static int	 opt_l;		/* Show listening sockets */
92 static int	 opt_n;		/* Don't resolve UIDs to user names */
93 static int	 opt_q;		/* Don't show header */
94 static int	 opt_S;		/* Show protocol stack if applicable */
95 static int	 opt_s;		/* Show protocol state if applicable */
96 static int	 opt_U;		/* Show remote UDP encapsulation port number */
97 static int	 opt_u;		/* Show Unix domain sockets */
98 static int	 opt_v;		/* Verbose mode */
99 static int	 opt_w;		/* Wide print area for addresses */
100 
101 /*
102  * Default protocols to use if no -P was defined.
103  */
104 static const char *default_protos[] = {"sctp", "tcp", "udp", "divert" };
105 static size_t	   default_numprotos = nitems(default_protos);
106 
107 static int	*protos;	/* protocols to use */
108 static size_t	 numprotos;	/* allocated size of protos[] */
109 
110 static int	*ports;
111 
112 #define	INT_BIT (sizeof(int)*CHAR_BIT)
113 #define	SET_PORT(p) do { ports[p / INT_BIT] |= 1 << (p % INT_BIT); } while (0)
114 #define	CHK_PORT(p) (ports[p / INT_BIT] & (1 << (p % INT_BIT)))
115 
116 struct addr {
117 	union {
118 		struct sockaddr_storage address;
119 		struct {	/* unix(4) faddr */
120 			kvaddr_t conn;
121 			kvaddr_t firstref;
122 			kvaddr_t nextref;
123 		};
124 	};
125 	unsigned int encaps_port;
126 	int state;
127 	struct addr *next;
128 };
129 
130 struct sock {
131 	union {
132 		RB_ENTRY(sock) socket_tree;	/* tree of pcbs with socket */
133 		SLIST_ENTRY(sock) socket_list;	/* list of pcbs w/o socket */
134 	};
135 	RB_ENTRY(sock) pcb_tree;
136 	kvaddr_t socket;
137 	kvaddr_t pcb;
138 	kvaddr_t splice_socket;
139 	uint64_t inp_gencnt;
140 	int shown;
141 	int vflag;
142 	int family;
143 	int proto;
144 	int state;
145 	int fibnum;
146 	const char *protoname;
147 	char stack[TCP_FUNCTION_NAME_LEN_MAX];
148 	char cc[TCP_CA_NAME_MAX];
149 	struct addr *laddr;
150 	struct addr *faddr;
151 };
152 
153 static RB_HEAD(socks_t, sock) socks = RB_INITIALIZER(&socks);
154 static int64_t
socket_compare(const struct sock * a,const struct sock * b)155 socket_compare(const struct sock *a, const struct sock *b)
156 {
157 	return ((int64_t)(a->socket/2 - b->socket/2));
158 }
159 RB_GENERATE_STATIC(socks_t, sock, socket_tree, socket_compare);
160 
161 static RB_HEAD(pcbs_t, sock) pcbs = RB_INITIALIZER(&pcbs);
162 static int64_t
pcb_compare(const struct sock * a,const struct sock * b)163 pcb_compare(const struct sock *a, const struct sock *b)
164 {
165         return ((int64_t)(a->pcb/2 - b->pcb/2));
166 }
167 RB_GENERATE_STATIC(pcbs_t, sock, pcb_tree, pcb_compare);
168 
169 static SLIST_HEAD(, sock) nosocks = SLIST_HEAD_INITIALIZER(&nosocks);
170 
171 struct file {
172 	RB_ENTRY(file)	file_tree;
173 	kvaddr_t	xf_data;
174 	pid_t	xf_pid;
175 	uid_t	xf_uid;
176 	int	xf_fd;
177 };
178 
179 static RB_HEAD(files_t, file) ftree = RB_INITIALIZER(&ftree);
180 static int64_t
file_compare(const struct file * a,const struct file * b)181 file_compare(const struct file *a, const struct file *b)
182 {
183 	return ((int64_t)(a->xf_data/2 - b->xf_data/2));
184 }
185 RB_GENERATE_STATIC(files_t, file, file_tree, file_compare);
186 
187 static struct file *files;
188 static int nfiles;
189 
190 static cap_channel_t *capnet;
191 static cap_channel_t *capnetdb;
192 static cap_channel_t *capsysctl;
193 static cap_channel_t *cappwd;
194 
195 static int
xprintf(const char * fmt,...)196 xprintf(const char *fmt, ...)
197 {
198 	va_list ap;
199 	int len;
200 
201 	va_start(ap, fmt);
202 	len = vprintf(fmt, ap);
203 	va_end(ap);
204 	if (len < 0)
205 		err(1, "printf()");
206 	return (len);
207 }
208 
209 static bool
_check_ksize(size_t received_size,size_t expected_size,const char * struct_name)210 _check_ksize(size_t received_size, size_t expected_size, const char *struct_name)
211 {
212 	if (received_size != expected_size) {
213 		warnx("%s size mismatch: expected %zd, received %zd",
214 		    struct_name, expected_size, received_size);
215 		return false;
216 	}
217 	return true;
218 }
219 #define check_ksize(_sz, _struct)	(_check_ksize(_sz, sizeof(_struct), #_struct))
220 
221 static void
_enforce_ksize(size_t received_size,size_t expected_size,const char * struct_name)222 _enforce_ksize(size_t received_size, size_t expected_size, const char *struct_name)
223 {
224 	if (received_size != expected_size) {
225 		errx(1, "fatal: struct %s size mismatch: expected %zd, received %zd",
226 		    struct_name, expected_size, received_size);
227 	}
228 }
229 #define enforce_ksize(_sz, _struct)	(_enforce_ksize(_sz, sizeof(_struct), #_struct))
230 
231 static int
get_proto_type(const char * proto)232 get_proto_type(const char *proto)
233 {
234 	struct protoent *pent;
235 
236 	if (strlen(proto) == 0)
237 		return (0);
238 	if (capnetdb != NULL)
239 		pent = cap_getprotobyname(capnetdb, proto);
240 	else
241 		pent = getprotobyname(proto);
242 	if (pent == NULL) {
243 		warn("cap_getprotobyname");
244 		return (-1);
245 	}
246 	return (pent->p_proto);
247 }
248 
249 static void
init_protos(int num)250 init_protos(int num)
251 {
252 	int proto_count = 0;
253 
254 	if (num > 0) {
255 		proto_count = num;
256 	} else {
257 		/* Find the maximum number of possible protocols. */
258 		while (getprotoent() != NULL)
259 			proto_count++;
260 		endprotoent();
261 	}
262 
263 	if ((protos = malloc(sizeof(int) * proto_count)) == NULL)
264 		err(1, "malloc");
265 	numprotos = proto_count;
266 }
267 
268 static int
parse_protos(char * protospec)269 parse_protos(char *protospec)
270 {
271 	char *prot;
272 	int proto_type, proto_index;
273 
274 	if (protospec == NULL)
275 		return (-1);
276 
277 	init_protos(0);
278 	proto_index = 0;
279 	while ((prot = strsep(&protospec, ",")) != NULL) {
280 		if (strlen(prot) == 0)
281 			continue;
282 		proto_type = get_proto_type(prot);
283 		if (proto_type != -1)
284 			protos[proto_index++] = proto_type;
285 	}
286 	numprotos = proto_index;
287 	return (proto_index);
288 }
289 
290 static void
parse_ports(const char * portspec)291 parse_ports(const char *portspec)
292 {
293 	const char *p, *q;
294 	int port, end;
295 
296 	if (ports == NULL)
297 		if ((ports = calloc(65536 / INT_BIT, sizeof(int))) == NULL)
298 			err(1, "calloc()");
299 	p = portspec;
300 	while (*p != '\0') {
301 		if (!isdigit(*p))
302 			errx(1, "syntax error in port range");
303 		for (q = p; *q != '\0' && isdigit(*q); ++q)
304 			/* nothing */ ;
305 		for (port = 0; p < q; ++p)
306 			port = port * 10 + digittoint(*p);
307 		if (port < 0 || port > 65535)
308 			errx(1, "invalid port number");
309 		SET_PORT(port);
310 		switch (*p) {
311 		case '-':
312 			++p;
313 			break;
314 		case ',':
315 			++p;
316 			/* fall through */
317 		case '\0':
318 		default:
319 			continue;
320 		}
321 		for (q = p; *q != '\0' && isdigit(*q); ++q)
322 			/* nothing */ ;
323 		for (end = 0; p < q; ++p)
324 			end = end * 10 + digittoint(*p);
325 		if (end < port || end > 65535)
326 			errx(1, "invalid port number");
327 		while (port++ < end)
328 			SET_PORT(port);
329 		if (*p == ',')
330 			++p;
331 	}
332 }
333 
334 static void
sockaddr(struct sockaddr_storage * ss,int af,void * addr,int port)335 sockaddr(struct sockaddr_storage *ss, int af, void *addr, int port)
336 {
337 	struct sockaddr_in *sin4;
338 	struct sockaddr_in6 *sin6;
339 
340 	bzero(ss, sizeof(*ss));
341 	switch (af) {
342 	case AF_INET:
343 		sin4 = sstosin(ss);
344 		sin4->sin_len = sizeof(*sin4);
345 		sin4->sin_family = af;
346 		sin4->sin_port = port;
347 		sin4->sin_addr = *(struct in_addr *)addr;
348 		break;
349 	case AF_INET6:
350 		sin6 = sstosin6(ss);
351 		sin6->sin6_len = sizeof(*sin6);
352 		sin6->sin6_family = af;
353 		sin6->sin6_port = port;
354 		sin6->sin6_addr = *(struct in6_addr *)addr;
355 #define	s6_addr16	__u6_addr.__u6_addr16
356 		if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) {
357 			sin6->sin6_scope_id =
358 			    ntohs(sin6->sin6_addr.s6_addr16[1]);
359 			sin6->sin6_addr.s6_addr16[1] = 0;
360 		}
361 		break;
362 	default:
363 		abort();
364 	}
365 }
366 
367 static void
free_socket(struct sock * sock)368 free_socket(struct sock *sock)
369 {
370 	struct addr *cur, *next;
371 
372 	cur = sock->laddr;
373 	while (cur != NULL) {
374 		next = cur->next;
375 		free(cur);
376 		cur = next;
377 	}
378 	cur = sock->faddr;
379 	while (cur != NULL) {
380 		next = cur->next;
381 		free(cur);
382 		cur = next;
383 	}
384 	free(sock);
385 }
386 
387 static void
gather_sctp(void)388 gather_sctp(void)
389 {
390 	struct sock *sock;
391 	struct addr *laddr, *prev_laddr, *faddr, *prev_faddr;
392 	struct xsctp_inpcb *xinpcb;
393 	struct xsctp_tcb *xstcb;
394 	struct xsctp_raddr *xraddr;
395 	struct xsctp_laddr *xladdr;
396 	const char *varname;
397 	size_t len, offset;
398 	char *buf;
399 	int vflag;
400 	int no_stcb, local_all_loopback, foreign_all_loopback;
401 
402 	vflag = 0;
403 	if (opt_4)
404 		vflag |= INP_IPV4;
405 	if (opt_6)
406 		vflag |= INP_IPV6;
407 
408 	varname = "net.inet.sctp.assoclist";
409 	if (cap_sysctlbyname(capsysctl, varname, 0, &len, 0, 0) < 0) {
410 		if (errno != ENOENT)
411 			err(1, "cap_sysctlbyname()");
412 		return;
413 	}
414 	if ((buf = (char *)malloc(len)) == NULL) {
415 		err(1, "malloc()");
416 		return;
417 	}
418 	if (cap_sysctlbyname(capsysctl, varname, buf, &len, 0, 0) < 0) {
419 		err(1, "cap_sysctlbyname()");
420 		free(buf);
421 		return;
422 	}
423 	xinpcb = (struct xsctp_inpcb *)(void *)buf;
424 	offset = sizeof(struct xsctp_inpcb);
425 	while ((offset < len) && (xinpcb->last == 0)) {
426 		if ((sock = calloc(1, sizeof *sock)) == NULL)
427 			err(1, "malloc()");
428 		sock->socket = xinpcb->socket;
429 		sock->proto = IPPROTO_SCTP;
430 		sock->protoname = "sctp";
431 		if (xinpcb->maxqlen == 0)
432 			sock->state = SCTP_CLOSED;
433 		else
434 			sock->state = SCTP_LISTEN;
435 		if (xinpcb->flags & SCTP_PCB_FLAGS_BOUND_V6) {
436 			sock->family = AF_INET6;
437 			/*
438 			 * Currently there is no way to distinguish between
439 			 * IPv6 only sockets or dual family sockets.
440 			 * So mark it as dual socket.
441 			 */
442 			sock->vflag = INP_IPV6 | INP_IPV4;
443 		} else {
444 			sock->family = AF_INET;
445 			sock->vflag = INP_IPV4;
446 		}
447 		prev_laddr = NULL;
448 		local_all_loopback = 1;
449 		while (offset < len) {
450 			xladdr = (struct xsctp_laddr *)(void *)(buf + offset);
451 			offset += sizeof(struct xsctp_laddr);
452 			if (xladdr->last == 1)
453 				break;
454 			if ((laddr = calloc(1, sizeof(struct addr))) == NULL)
455 				err(1, "malloc()");
456 			switch (xladdr->address.sa.sa_family) {
457 			case AF_INET:
458 #define	__IN_IS_ADDR_LOOPBACK(pina) \
459 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
460 				if (!__IN_IS_ADDR_LOOPBACK(
461 				    &xladdr->address.sin.sin_addr))
462 					local_all_loopback = 0;
463 #undef	__IN_IS_ADDR_LOOPBACK
464 				sockaddr(&laddr->address, AF_INET,
465 				    &xladdr->address.sin.sin_addr,
466 				    htons(xinpcb->local_port));
467 				break;
468 			case AF_INET6:
469 				if (!IN6_IS_ADDR_LOOPBACK(
470 				    &xladdr->address.sin6.sin6_addr))
471 					local_all_loopback = 0;
472 				sockaddr(&laddr->address, AF_INET6,
473 				    &xladdr->address.sin6.sin6_addr,
474 				    htons(xinpcb->local_port));
475 				break;
476 			default:
477 				errx(1, "address family %d not supported",
478 				    xladdr->address.sa.sa_family);
479 			}
480 			laddr->next = NULL;
481 			if (prev_laddr == NULL)
482 				sock->laddr = laddr;
483 			else
484 				prev_laddr->next = laddr;
485 			prev_laddr = laddr;
486 		}
487 		if (sock->laddr == NULL) {
488 			if ((sock->laddr =
489 			    calloc(1, sizeof(struct addr))) == NULL)
490 				err(1, "malloc()");
491 			sock->laddr->address.ss_family = sock->family;
492 			if (sock->family == AF_INET)
493 				sock->laddr->address.ss_len =
494 				    sizeof(struct sockaddr_in);
495 			else
496 				sock->laddr->address.ss_len =
497 				    sizeof(struct sockaddr_in6);
498 			local_all_loopback = 0;
499 		}
500 		if ((sock->faddr = calloc(1, sizeof(struct addr))) == NULL)
501 			err(1, "malloc()");
502 		sock->faddr->address.ss_family = sock->family;
503 		if (sock->family == AF_INET)
504 			sock->faddr->address.ss_len =
505 			    sizeof(struct sockaddr_in);
506 		else
507 			sock->faddr->address.ss_len =
508 			    sizeof(struct sockaddr_in6);
509 		no_stcb = 1;
510 		while (offset < len) {
511 			xstcb = (struct xsctp_tcb *)(void *)(buf + offset);
512 			offset += sizeof(struct xsctp_tcb);
513 			if (no_stcb) {
514 				if (opt_l && (sock->vflag & vflag) &&
515 				    (!opt_L || !local_all_loopback) &&
516 				    ((xinpcb->flags & SCTP_PCB_FLAGS_UDPTYPE) ||
517 				     (xstcb->last == 1))) {
518 					RB_INSERT(socks_t, &socks, sock);
519 				} else {
520 					free_socket(sock);
521 				}
522 			}
523 			if (xstcb->last == 1)
524 				break;
525 			no_stcb = 0;
526 			if (opt_c) {
527 				if ((sock = calloc(1, sizeof *sock)) == NULL)
528 					err(1, "malloc()");
529 				sock->socket = xinpcb->socket;
530 				sock->proto = IPPROTO_SCTP;
531 				sock->protoname = "sctp";
532 				sock->state = (int)xstcb->state;
533 				if (xinpcb->flags & SCTP_PCB_FLAGS_BOUND_V6) {
534 					sock->family = AF_INET6;
535 				/*
536 				 * Currently there is no way to distinguish
537 				 * between IPv6 only sockets or dual family
538 				 *  sockets. So mark it as dual socket.
539 				 */
540 					sock->vflag = INP_IPV6 | INP_IPV4;
541 				} else {
542 					sock->family = AF_INET;
543 					sock->vflag = INP_IPV4;
544 				}
545 			}
546 			prev_laddr = NULL;
547 			local_all_loopback = 1;
548 			while (offset < len) {
549 				xladdr = (struct xsctp_laddr *)(void *)(buf +
550 				    offset);
551 				offset += sizeof(struct xsctp_laddr);
552 				if (xladdr->last == 1)
553 					break;
554 				if (!opt_c)
555 					continue;
556 				laddr = calloc(1, sizeof(struct addr));
557 				if (laddr == NULL)
558 					err(1, "malloc()");
559 				switch (xladdr->address.sa.sa_family) {
560 				case AF_INET:
561 #define	__IN_IS_ADDR_LOOPBACK(pina) \
562 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
563 					if (!__IN_IS_ADDR_LOOPBACK(
564 					    &xladdr->address.sin.sin_addr))
565 						local_all_loopback = 0;
566 #undef	__IN_IS_ADDR_LOOPBACK
567 					sockaddr(&laddr->address, AF_INET,
568 					    &xladdr->address.sin.sin_addr,
569 					    htons(xstcb->local_port));
570 					break;
571 				case AF_INET6:
572 					if (!IN6_IS_ADDR_LOOPBACK(
573 					    &xladdr->address.sin6.sin6_addr))
574 						local_all_loopback = 0;
575 					sockaddr(&laddr->address, AF_INET6,
576 					    &xladdr->address.sin6.sin6_addr,
577 					    htons(xstcb->local_port));
578 					break;
579 				default:
580 					errx(1,
581 					    "address family %d not supported",
582 					    xladdr->address.sa.sa_family);
583 				}
584 				laddr->next = NULL;
585 				if (prev_laddr == NULL)
586 					sock->laddr = laddr;
587 				else
588 					prev_laddr->next = laddr;
589 				prev_laddr = laddr;
590 			}
591 			prev_faddr = NULL;
592 			foreign_all_loopback = 1;
593 			while (offset < len) {
594 				xraddr = (struct xsctp_raddr *)(void *)(buf +
595 				    offset);
596 				offset += sizeof(struct xsctp_raddr);
597 				if (xraddr->last == 1)
598 					break;
599 				if (!opt_c)
600 					continue;
601 				faddr = calloc(1, sizeof(struct addr));
602 				if (faddr == NULL)
603 					err(1, "malloc()");
604 				switch (xraddr->address.sa.sa_family) {
605 				case AF_INET:
606 #define	__IN_IS_ADDR_LOOPBACK(pina) \
607 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
608 					if (!__IN_IS_ADDR_LOOPBACK(
609 					    &xraddr->address.sin.sin_addr))
610 						foreign_all_loopback = 0;
611 #undef	__IN_IS_ADDR_LOOPBACK
612 					sockaddr(&faddr->address, AF_INET,
613 					    &xraddr->address.sin.sin_addr,
614 					    htons(xstcb->remote_port));
615 					break;
616 				case AF_INET6:
617 					if (!IN6_IS_ADDR_LOOPBACK(
618 					    &xraddr->address.sin6.sin6_addr))
619 						foreign_all_loopback = 0;
620 					sockaddr(&faddr->address, AF_INET6,
621 					    &xraddr->address.sin6.sin6_addr,
622 					    htons(xstcb->remote_port));
623 					break;
624 				default:
625 					errx(1,
626 					    "address family %d not supported",
627 					    xraddr->address.sa.sa_family);
628 				}
629 				faddr->encaps_port = xraddr->encaps_port;
630 				faddr->state = xraddr->state;
631 				faddr->next = NULL;
632 				if (prev_faddr == NULL)
633 					sock->faddr = faddr;
634 				else
635 					prev_faddr->next = faddr;
636 				prev_faddr = faddr;
637 			}
638 			if (opt_c) {
639 				if ((sock->vflag & vflag) &&
640 				    (!opt_L ||
641 				     !(local_all_loopback ||
642 				     foreign_all_loopback))) {
643 					RB_INSERT(socks_t, &socks, sock);
644 				} else {
645 					free_socket(sock);
646 				}
647 			}
648 		}
649 		xinpcb = (struct xsctp_inpcb *)(void *)(buf + offset);
650 		offset += sizeof(struct xsctp_inpcb);
651 	}
652 	free(buf);
653 }
654 
655 static void
gather_inet(int proto)656 gather_inet(int proto)
657 {
658 	struct xinpgen *xig, *exig;
659 	struct xinpcb *xip;
660 	struct xtcpcb *xtp = NULL;
661 	struct xsocket *so;
662 	struct sock *sock;
663 	struct addr *laddr, *faddr;
664 	const char *varname, *protoname;
665 	size_t len, bufsize;
666 	void *buf;
667 	int retry, vflag;
668 
669 	vflag = 0;
670 	if (opt_4)
671 		vflag |= INP_IPV4;
672 	if (opt_6)
673 		vflag |= INP_IPV6;
674 
675 	switch (proto) {
676 	case IPPROTO_TCP:
677 		varname = "net.inet.tcp.pcblist";
678 		protoname = "tcp";
679 		break;
680 	case IPPROTO_UDP:
681 		varname = "net.inet.udp.pcblist";
682 		protoname = "udp";
683 		break;
684 	case IPPROTO_DIVERT:
685 		varname = "net.inet.divert.pcblist";
686 		protoname = "div";
687 		break;
688 	default:
689 		errx(1, "protocol %d not supported", proto);
690 	}
691 
692 	buf = NULL;
693 	bufsize = 8192;
694 	retry = 5;
695 	do {
696 		for (;;) {
697 			if ((buf = realloc(buf, bufsize)) == NULL)
698 				err(1, "realloc()");
699 			len = bufsize;
700 			if (cap_sysctlbyname(capsysctl, varname, buf, &len,
701 			    NULL, 0) == 0)
702 				break;
703 			if (errno == ENOENT)
704 				goto out;
705 			if (errno != ENOMEM || len != bufsize)
706 				err(1, "cap_sysctlbyname()");
707 			bufsize *= 2;
708 		}
709 		xig = (struct xinpgen *)buf;
710 		exig = (struct xinpgen *)(void *)
711 		    ((char *)buf + len - sizeof *exig);
712 		enforce_ksize(xig->xig_len, struct xinpgen);
713 		enforce_ksize(exig->xig_len, struct xinpgen);
714 	} while (xig->xig_gen != exig->xig_gen && retry--);
715 
716 	if (xig->xig_gen != exig->xig_gen && opt_v)
717 		warnx("warning: data may be inconsistent");
718 
719 	for (;;) {
720 		xig = (struct xinpgen *)(void *)((char *)xig + xig->xig_len);
721 		if (xig >= exig)
722 			break;
723 		switch (proto) {
724 		case IPPROTO_TCP:
725 			xtp = (struct xtcpcb *)xig;
726 			xip = &xtp->xt_inp;
727 			if (!check_ksize(xtp->xt_len, struct xtcpcb))
728 				goto out;
729 			protoname = xtp->t_flags & TF_TOE ? "toe" : "tcp";
730 			break;
731 		case IPPROTO_UDP:
732 		case IPPROTO_DIVERT:
733 			xip = (struct xinpcb *)xig;
734 			if (!check_ksize(xip->xi_len, struct xinpcb))
735 				goto out;
736 			break;
737 		default:
738 			errx(1, "protocol %d not supported", proto);
739 		}
740 		so = &xip->xi_socket;
741 		if ((xip->inp_vflag & vflag) == 0)
742 			continue;
743 		if (xip->inp_vflag & INP_IPV4) {
744 			if ((xip->inp_fport == 0 && !opt_l) ||
745 			    (xip->inp_fport != 0 && !opt_c))
746 				continue;
747 #define	__IN_IS_ADDR_LOOPBACK(pina) \
748 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
749 			if (opt_L &&
750 			    (__IN_IS_ADDR_LOOPBACK(&xip->inp_faddr) ||
751 			     __IN_IS_ADDR_LOOPBACK(&xip->inp_laddr)))
752 				continue;
753 #undef	__IN_IS_ADDR_LOOPBACK
754 		} else if (xip->inp_vflag & INP_IPV6) {
755 			if ((xip->inp_fport == 0 && !opt_l) ||
756 			    (xip->inp_fport != 0 && !opt_c))
757 				continue;
758 			if (opt_L &&
759 			    (IN6_IS_ADDR_LOOPBACK(&xip->in6p_faddr) ||
760 			     IN6_IS_ADDR_LOOPBACK(&xip->in6p_laddr)))
761 				continue;
762 		} else {
763 			if (opt_v)
764 				warnx("invalid vflag 0x%x", xip->inp_vflag);
765 			continue;
766 		}
767 		if ((sock = calloc(1, sizeof(*sock))) == NULL)
768 			err(1, "malloc()");
769 		if ((laddr = calloc(1, sizeof *laddr)) == NULL)
770 			err(1, "malloc()");
771 		if ((faddr = calloc(1, sizeof *faddr)) == NULL)
772 			err(1, "malloc()");
773 		sock->socket = so->xso_so;
774 		sock->splice_socket = so->so_splice_so;
775 		sock->proto = proto;
776 		sock->inp_gencnt = xip->inp_gencnt;
777 		sock->fibnum = so->so_fibnum;
778 		if (xip->inp_vflag & INP_IPV4) {
779 			sock->family = AF_INET;
780 			sockaddr(&laddr->address, sock->family,
781 			    &xip->inp_laddr, xip->inp_lport);
782 			sockaddr(&faddr->address, sock->family,
783 			    &xip->inp_faddr, xip->inp_fport);
784 		} else if (xip->inp_vflag & INP_IPV6) {
785 			sock->family = AF_INET6;
786 			sockaddr(&laddr->address, sock->family,
787 			    &xip->in6p_laddr, xip->inp_lport);
788 			sockaddr(&faddr->address, sock->family,
789 			    &xip->in6p_faddr, xip->inp_fport);
790 		}
791 		if (proto == IPPROTO_TCP)
792 			faddr->encaps_port = xtp->xt_encaps_port;
793 		laddr->next = NULL;
794 		faddr->next = NULL;
795 		sock->laddr = laddr;
796 		sock->faddr = faddr;
797 		sock->vflag = xip->inp_vflag;
798 		if (proto == IPPROTO_TCP) {
799 			sock->state = xtp->t_state;
800 			memcpy(sock->stack, xtp->xt_stack,
801 			    TCP_FUNCTION_NAME_LEN_MAX);
802 			memcpy(sock->cc, xtp->xt_cc, TCP_CA_NAME_MAX);
803 		}
804 		sock->protoname = protoname;
805 		if (sock->socket != 0)
806 			RB_INSERT(socks_t, &socks, sock);
807 		else
808 			SLIST_INSERT_HEAD(&nosocks, sock, socket_list);
809 	}
810 out:
811 	free(buf);
812 }
813 
814 static void
gather_unix(int proto)815 gather_unix(int proto)
816 {
817 	struct xunpgen *xug, *exug;
818 	struct xunpcb *xup;
819 	struct sock *sock;
820 	struct addr *laddr, *faddr;
821 	const char *varname, *protoname;
822 	size_t len, bufsize;
823 	void *buf;
824 	int retry;
825 
826 	switch (proto) {
827 	case SOCK_STREAM:
828 		varname = "net.local.stream.pcblist";
829 		protoname = "stream";
830 		break;
831 	case SOCK_DGRAM:
832 		varname = "net.local.dgram.pcblist";
833 		protoname = "dgram";
834 		break;
835 	case SOCK_SEQPACKET:
836 		varname = "net.local.seqpacket.pcblist";
837 		protoname = "seqpac";
838 		break;
839 	default:
840 		abort();
841 	}
842 	buf = NULL;
843 	bufsize = 8192;
844 	retry = 5;
845 	do {
846 		for (;;) {
847 			if ((buf = realloc(buf, bufsize)) == NULL)
848 				err(1, "realloc()");
849 			len = bufsize;
850 			if (cap_sysctlbyname(capsysctl, varname, buf, &len,
851 			    NULL, 0) == 0)
852 				break;
853 			if (errno != ENOMEM || len != bufsize)
854 				err(1, "cap_sysctlbyname()");
855 			bufsize *= 2;
856 		}
857 		xug = (struct xunpgen *)buf;
858 		exug = (struct xunpgen *)(void *)
859 		    ((char *)buf + len - sizeof(*exug));
860 		if (!check_ksize(xug->xug_len, struct xunpgen) ||
861 		    !check_ksize(exug->xug_len, struct xunpgen))
862 			goto out;
863 	} while (xug->xug_gen != exug->xug_gen && retry--);
864 
865 	if (xug->xug_gen != exug->xug_gen && opt_v)
866 		warnx("warning: data may be inconsistent");
867 
868 	for (;;) {
869 		xug = (struct xunpgen *)(void *)((char *)xug + xug->xug_len);
870 		if (xug >= exug)
871 			break;
872 		xup = (struct xunpcb *)xug;
873 		if (!check_ksize(xup->xu_len, struct xunpcb))
874 			goto out;
875 		if ((xup->unp_conn == 0 && !opt_l) ||
876 		    (xup->unp_conn != 0 && !opt_c))
877 			continue;
878 		if ((sock = calloc(1, sizeof(*sock))) == NULL)
879 			err(1, "malloc()");
880 		if ((laddr = calloc(1, sizeof *laddr)) == NULL)
881 			err(1, "malloc()");
882 		if ((faddr = calloc(1, sizeof *faddr)) == NULL)
883 			err(1, "malloc()");
884 		sock->socket = xup->xu_socket.xso_so;
885 		sock->pcb = xup->xu_unpp;
886 		sock->proto = proto;
887 		sock->family = AF_UNIX;
888 		sock->protoname = protoname;
889 		if (xup->xu_addr.sun_family == AF_UNIX)
890 			laddr->address =
891 			    *(struct sockaddr_storage *)(void *)&xup->xu_addr;
892 		faddr->conn = xup->unp_conn;
893 		faddr->firstref = xup->xu_firstref;
894 		faddr->nextref = xup->xu_nextref;
895 		laddr->next = NULL;
896 		faddr->next = NULL;
897 		sock->laddr = laddr;
898 		sock->faddr = faddr;
899 		RB_INSERT(socks_t, &socks, sock);
900 		RB_INSERT(pcbs_t, &pcbs, sock);
901 	}
902 out:
903 	free(buf);
904 }
905 
906 static void
getfiles(void)907 getfiles(void)
908 {
909 	struct xfile *xfiles;
910 	size_t len, olen;
911 
912 	olen = len = sizeof(*xfiles);
913 	if ((xfiles = malloc(len)) == NULL)
914 		err(1, "malloc()");
915 	while (cap_sysctlbyname(capsysctl, "kern.file", xfiles, &len, 0, 0)
916 	    == -1) {
917 		if (errno != ENOMEM || len != olen)
918 			err(1, "cap_sysctlbyname()");
919 		olen = len *= 2;
920 		if ((xfiles = realloc(xfiles, len)) == NULL)
921 			err(1, "realloc()");
922 	}
923 	if (len > 0)
924 		enforce_ksize(xfiles->xf_size, struct xfile);
925 	nfiles = len / sizeof(*xfiles);
926 
927 	if ((files = malloc(nfiles * sizeof(struct file))) == NULL)
928 		err(1, "malloc()");
929 
930 	for (int i = 0; i < nfiles; i++) {
931 		files[i].xf_data = xfiles[i].xf_data;
932 		files[i].xf_pid = xfiles[i].xf_pid;
933 		files[i].xf_uid = xfiles[i].xf_uid;
934 		files[i].xf_fd = xfiles[i].xf_fd;
935 		RB_INSERT(files_t, &ftree, &files[i]);
936 	}
937 
938 	free(xfiles);
939 }
940 
941 static int
printaddr(struct sockaddr_storage * ss)942 printaddr(struct sockaddr_storage *ss)
943 {
944 	struct sockaddr_un *sun;
945 	char addrstr[NI_MAXHOST] = { '\0', '\0' };
946 	int error, off, port = 0;
947 
948 	switch (ss->ss_family) {
949 	case AF_INET:
950 		if (sstosin(ss)->sin_addr.s_addr == INADDR_ANY)
951 			addrstr[0] = '*';
952 		port = ntohs(sstosin(ss)->sin_port);
953 		break;
954 	case AF_INET6:
955 		if (IN6_IS_ADDR_UNSPECIFIED(&sstosin6(ss)->sin6_addr))
956 			addrstr[0] = '*';
957 		port = ntohs(sstosin6(ss)->sin6_port);
958 		break;
959 	case AF_UNIX:
960 		sun = sstosun(ss);
961 		off = (int)((char *)&sun->sun_path - (char *)sun);
962 		return (xprintf("%.*s", sun->sun_len - off, sun->sun_path));
963 	}
964 	if (addrstr[0] == '\0') {
965 		error = cap_getnameinfo(capnet, sstosa(ss), ss->ss_len,
966 		    addrstr, sizeof(addrstr), NULL, 0, NI_NUMERICHOST);
967 		if (error)
968 			errx(1, "cap_getnameinfo()");
969 	}
970 	if (port == 0)
971 		return xprintf("%s:*", addrstr);
972 	else
973 		return xprintf("%s:%d", addrstr, port);
974 }
975 
976 static const char *
getprocname(pid_t pid)977 getprocname(pid_t pid)
978 {
979 	static struct kinfo_proc proc;
980 	size_t len;
981 	int mib[4];
982 
983 	mib[0] = CTL_KERN;
984 	mib[1] = KERN_PROC;
985 	mib[2] = KERN_PROC_PID;
986 	mib[3] = (int)pid;
987 	len = sizeof(proc);
988 	if (cap_sysctl(capsysctl, mib, nitems(mib), &proc, &len, NULL, 0)
989 	    == -1) {
990 		/* Do not warn if the process exits before we get its name. */
991 		if (errno != ESRCH)
992 			warn("cap_sysctl()");
993 		return ("??");
994 	}
995 	return (proc.ki_comm);
996 }
997 
998 static int
getprocjid(pid_t pid)999 getprocjid(pid_t pid)
1000 {
1001 	static struct kinfo_proc proc;
1002 	size_t len;
1003 	int mib[4];
1004 
1005 	mib[0] = CTL_KERN;
1006 	mib[1] = KERN_PROC;
1007 	mib[2] = KERN_PROC_PID;
1008 	mib[3] = (int)pid;
1009 	len = sizeof(proc);
1010 	if (cap_sysctl(capsysctl, mib, nitems(mib), &proc, &len, NULL, 0)
1011 	    == -1) {
1012 		/* Do not warn if the process exits before we get its jid. */
1013 		if (errno != ESRCH)
1014 			warn("cap_sysctl()");
1015 		return (-1);
1016 	}
1017 	return (proc.ki_jid);
1018 }
1019 
1020 static int
check_ports(struct sock * s)1021 check_ports(struct sock *s)
1022 {
1023 	int port;
1024 	struct addr *addr;
1025 
1026 	if (ports == NULL)
1027 		return (1);
1028 	if ((s->family != AF_INET) && (s->family != AF_INET6))
1029 		return (1);
1030 	for (addr = s->laddr; addr != NULL; addr = addr->next) {
1031 		if (s->family == AF_INET)
1032 			port = ntohs(sstosin(&addr->address)->sin_port);
1033 		else
1034 			port = ntohs(sstosin6(&addr->address)->sin6_port);
1035 		if (CHK_PORT(port))
1036 			return (1);
1037 	}
1038 	for (addr = s->faddr; addr != NULL; addr = addr->next) {
1039 		if (s->family == AF_INET)
1040 			port = ntohs(sstosin(&addr->address)->sin_port);
1041 		else
1042 			port = ntohs(sstosin6(&addr->address)->sin6_port);
1043 		if (CHK_PORT(port))
1044 			return (1);
1045 	}
1046 	return (0);
1047 }
1048 
1049 static const char *
sctp_conn_state(int state)1050 sctp_conn_state(int state)
1051 {
1052 	switch (state) {
1053 	case SCTP_CLOSED:
1054 		return "CLOSED";
1055 		break;
1056 	case SCTP_BOUND:
1057 		return "BOUND";
1058 		break;
1059 	case SCTP_LISTEN:
1060 		return "LISTEN";
1061 		break;
1062 	case SCTP_COOKIE_WAIT:
1063 		return "COOKIE_WAIT";
1064 		break;
1065 	case SCTP_COOKIE_ECHOED:
1066 		return "COOKIE_ECHOED";
1067 		break;
1068 	case SCTP_ESTABLISHED:
1069 		return "ESTABLISHED";
1070 		break;
1071 	case SCTP_SHUTDOWN_SENT:
1072 		return "SHUTDOWN_SENT";
1073 		break;
1074 	case SCTP_SHUTDOWN_RECEIVED:
1075 		return "SHUTDOWN_RECEIVED";
1076 		break;
1077 	case SCTP_SHUTDOWN_ACK_SENT:
1078 		return "SHUTDOWN_ACK_SENT";
1079 		break;
1080 	case SCTP_SHUTDOWN_PENDING:
1081 		return "SHUTDOWN_PENDING";
1082 		break;
1083 	default:
1084 		return "UNKNOWN";
1085 		break;
1086 	}
1087 }
1088 
1089 static const char *
sctp_path_state(int state)1090 sctp_path_state(int state)
1091 {
1092 	switch (state) {
1093 	case SCTP_UNCONFIRMED:
1094 		return "UNCONFIRMED";
1095 		break;
1096 	case SCTP_ACTIVE:
1097 		return "ACTIVE";
1098 		break;
1099 	case SCTP_INACTIVE:
1100 		return "INACTIVE";
1101 		break;
1102 	default:
1103 		return "UNKNOWN";
1104 		break;
1105 	}
1106 }
1107 
1108 static void
displaysock(struct sock * s,int pos)1109 displaysock(struct sock *s, int pos)
1110 {
1111 	int first, offset;
1112 	struct addr *laddr, *faddr;
1113 
1114 	while (pos < 30)
1115 		pos += xprintf(" ");
1116 	pos += xprintf("%s", s->protoname);
1117 	if (s->vflag & INP_IPV4)
1118 		pos += xprintf("4");
1119 	if (s->vflag & INP_IPV6)
1120 		pos += xprintf("6");
1121 	if (s->vflag & (INP_IPV4 | INP_IPV6))
1122 		pos += xprintf(" ");
1123 	laddr = s->laddr;
1124 	faddr = s->faddr;
1125 	first = 1;
1126 	while (laddr != NULL || faddr != NULL) {
1127 		offset = 37;
1128 		while (pos < offset)
1129 			pos += xprintf(" ");
1130 		switch (s->family) {
1131 		case AF_INET:
1132 		case AF_INET6:
1133 			if (laddr != NULL)
1134 				pos += printaddr(&laddr->address);
1135 			offset += opt_w ? 46 : 22;
1136 			do
1137 				pos += xprintf(" ");
1138 			while (pos < offset);
1139 			if (faddr != NULL)
1140 				pos += printaddr(&faddr->address);
1141 			offset += opt_w ? 46 : 22;
1142 			break;
1143 		case AF_UNIX:
1144 			if ((laddr == NULL) || (faddr == NULL))
1145 				errx(1, "laddr = %p or faddr = %p is NULL",
1146 				    (void *)laddr, (void *)faddr);
1147 			if (laddr->address.ss_len == 0 && faddr->conn == 0) {
1148 				pos += xprintf("(not connected)");
1149 				offset += opt_w ? 92 : 44;
1150 				break;
1151 			}
1152 			/* Local bind(2) address, if any. */
1153 			if (laddr->address.ss_len > 0)
1154 				pos += printaddr(&laddr->address);
1155 			/* Remote peer we connect(2) to, if any. */
1156 			if (faddr->conn != 0) {
1157 				struct sock *p;
1158 
1159 				pos += xprintf("%s-> ",
1160 				    laddr->address.ss_len > 0 ? " " : "");
1161 				p = RB_FIND(pcbs_t, &pcbs,
1162 				    &(struct sock){ .pcb = faddr->conn });
1163 				if (__predict_false(p == NULL)) {
1164 					/* XXGL: can this happen at all? */
1165 					pos += xprintf("??");
1166 				}  else if (p->laddr->address.ss_len == 0) {
1167 					struct file *f;
1168 
1169 					f = RB_FIND(files_t, &ftree,
1170 					    &(struct file){ .xf_data =
1171 					    p->socket });
1172 					if (f != NULL) {
1173 						pos += xprintf("[%lu %d]",
1174 						    (u_long)f->xf_pid,
1175 						    f->xf_fd);
1176 					}
1177 				} else
1178 					pos += printaddr(&p->laddr->address);
1179 			}
1180 			/* Remote peer(s) connect(2)ed to us, if any. */
1181 			if (faddr->firstref != 0) {
1182 				struct sock *p;
1183 				struct file *f;
1184 				kvaddr_t ref = faddr->firstref;
1185 				bool fref = true;
1186 
1187 				pos += xprintf(" <- ");
1188 
1189 				while ((p = RB_FIND(pcbs_t, &pcbs,
1190 				    &(struct sock){ .pcb = ref })) != 0) {
1191 					f = RB_FIND(files_t, &ftree,
1192 					    &(struct file){ .xf_data =
1193 					    p->socket });
1194 					if (f != NULL) {
1195 						pos += xprintf("%s[%lu %d]",
1196 						    fref ? "" : ",",
1197 						    (u_long)f->xf_pid,
1198 						    f->xf_fd);
1199 					}
1200 					ref = p->faddr->nextref;
1201 					fref = false;
1202 				}
1203 			}
1204 			offset += opt_w ? 92 : 44;
1205 			break;
1206 		default:
1207 			abort();
1208 		}
1209 		if (opt_f) {
1210 			do
1211 				pos += xprintf(" ");
1212 			while (pos < offset);
1213 			pos += xprintf("%d", s->fibnum);
1214 			offset += 7;
1215 		}
1216 		if (opt_I) {
1217 			if (s->splice_socket != 0) {
1218 				struct sock *sp;
1219 
1220 				sp = RB_FIND(socks_t, &socks, &(struct sock)
1221 				    { .socket = s->splice_socket });
1222 				if (sp != NULL) {
1223 					do
1224 						pos += xprintf(" ");
1225 					while (pos < offset);
1226 					pos += printaddr(&sp->laddr->address);
1227 				} else {
1228 					do
1229 						pos += xprintf(" ");
1230 					while (pos < offset);
1231 					pos += xprintf("??");
1232 					offset += opt_w ? 46 : 22;
1233 				}
1234 			}
1235 			offset += opt_w ? 46 : 22;
1236 		}
1237 		if (opt_i) {
1238 			if (s->proto == IPPROTO_TCP ||
1239 			    s->proto == IPPROTO_UDP) {
1240 				do
1241 					pos += xprintf(" ");
1242 				while (pos < offset);
1243 				pos += xprintf("%" PRIu64, s->inp_gencnt);
1244 			}
1245 			offset += 9;
1246 		}
1247 		if (opt_U) {
1248 			if (faddr != NULL &&
1249 			    ((s->proto == IPPROTO_SCTP &&
1250 			      s->state != SCTP_CLOSED &&
1251 			      s->state != SCTP_BOUND &&
1252 			      s->state != SCTP_LISTEN) ||
1253 			     (s->proto == IPPROTO_TCP &&
1254 			      s->state != TCPS_CLOSED &&
1255 			      s->state != TCPS_LISTEN))) {
1256 				do
1257 					pos += xprintf(" ");
1258 				while (pos < offset);
1259 				pos += xprintf("%u",
1260 				    ntohs(faddr->encaps_port));
1261 			}
1262 			offset += 7;
1263 		}
1264 		if (opt_s) {
1265 			if (faddr != NULL &&
1266 			    s->proto == IPPROTO_SCTP &&
1267 			    s->state != SCTP_CLOSED &&
1268 			    s->state != SCTP_BOUND &&
1269 			    s->state != SCTP_LISTEN) {
1270 				do
1271 					pos += xprintf(" ");
1272 				while (pos < offset);
1273 				pos += xprintf("%s",
1274 				    sctp_path_state(faddr->state));
1275 			}
1276 			offset += 13;
1277 		}
1278 		if (first) {
1279 			if (opt_s) {
1280 				if (s->proto == IPPROTO_SCTP ||
1281 				    s->proto == IPPROTO_TCP) {
1282 					do
1283 						pos += xprintf(" ");
1284 					while (pos < offset);
1285 					switch (s->proto) {
1286 					case IPPROTO_SCTP:
1287 						pos += xprintf("%s",
1288 						    sctp_conn_state(s->state));
1289 						break;
1290 					case IPPROTO_TCP:
1291 						if (s->state >= 0 &&
1292 						    s->state < TCP_NSTATES)
1293 							pos += xprintf("%s",
1294 							    tcpstates[s->state]);
1295 						else
1296 							pos += xprintf("?");
1297 						break;
1298 					}
1299 				}
1300 				offset += 13;
1301 			}
1302 			if (opt_S) {
1303 				if (s->proto == IPPROTO_TCP) {
1304 					do
1305 						pos += xprintf(" ");
1306 					while (pos < offset);
1307 					pos += xprintf("%.*s",
1308 					    TCP_FUNCTION_NAME_LEN_MAX,
1309 					    s->stack);
1310 				}
1311 				offset += TCP_FUNCTION_NAME_LEN_MAX + 1;
1312 			}
1313 			if (opt_C) {
1314 				if (s->proto == IPPROTO_TCP) {
1315 					do
1316 						pos += xprintf(" ");
1317 					while (pos < offset);
1318 					xprintf("%.*s", TCP_CA_NAME_MAX, s->cc);
1319 				}
1320 				offset += TCP_CA_NAME_MAX + 1;
1321 			}
1322 		}
1323 		if (laddr != NULL)
1324 			laddr = laddr->next;
1325 		if (faddr != NULL)
1326 			faddr = faddr->next;
1327 		if ((laddr != NULL) || (faddr != NULL)) {
1328 			xprintf("\n");
1329 			pos = 0;
1330 		}
1331 		first = 0;
1332 	}
1333 	xprintf("\n");
1334 }
1335 
1336 static void
display(void)1337 display(void)
1338 {
1339 	struct passwd *pwd;
1340 	struct file *xf;
1341 	struct sock *s;
1342 	int n, pos;
1343 
1344 	if (opt_q != 1) {
1345 		printf("%-8s %-10s %-5s %-3s %-6s %-*s %-*s",
1346 		    "USER", "COMMAND", "PID", "FD", "PROTO",
1347 		    opt_w ? 45 : 21, "LOCAL ADDRESS",
1348 		    opt_w ? 45 : 21, "FOREIGN ADDRESS");
1349 		if (opt_f)
1350 			/* RT_MAXFIBS is 65535. */
1351 			printf(" %-6s", "FIB");
1352 		if (opt_I)
1353 			printf(" %-*s", opt_w ? 45 : 21, "SPLICE ADDRESS");
1354 		if (opt_i)
1355 			printf(" %-8s", "ID");
1356 		if (opt_U)
1357 			printf(" %-6s", "ENCAPS");
1358 		if (opt_s) {
1359 			printf(" %-12s", "PATH STATE");
1360 			printf(" %-12s", "CONN STATE");
1361 		}
1362 		if (opt_S)
1363 			printf(" %-*.*s", TCP_FUNCTION_NAME_LEN_MAX,
1364 			    TCP_FUNCTION_NAME_LEN_MAX, "STACK");
1365 		if (opt_C)
1366 			printf(" %-.*s", TCP_CA_NAME_MAX, "CC");
1367 		printf("\n");
1368 	}
1369 	cap_setpassent(cappwd, 1);
1370 	for (xf = files, n = 0; n < nfiles; ++n, ++xf) {
1371 		if (xf->xf_data == 0)
1372 			continue;
1373 		if (opt_j >= 0 && opt_j != getprocjid(xf->xf_pid))
1374 			continue;
1375 		s = RB_FIND(socks_t, &socks,
1376 		    &(struct sock){ .socket = xf->xf_data});
1377 		if (s != NULL && check_ports(s)) {
1378 			s->shown = 1;
1379 			pos = 0;
1380 			if (opt_n ||
1381 			    (pwd = cap_getpwuid(cappwd, xf->xf_uid)) == NULL)
1382 				pos += xprintf("%lu", (u_long)xf->xf_uid);
1383 			else
1384 				pos += xprintf("%s", pwd->pw_name);
1385 			do
1386 				pos += xprintf(" ");
1387 			while (pos < 9);
1388 			pos += xprintf("%.10s", getprocname(xf->xf_pid));
1389 			do
1390 				pos += xprintf(" ");
1391 			while (pos < 20);
1392 			pos += xprintf("%5lu", (u_long)xf->xf_pid);
1393 			do
1394 				pos += xprintf(" ");
1395 			while (pos < 26);
1396 			pos += xprintf("%-3d", xf->xf_fd);
1397 			displaysock(s, pos);
1398 		}
1399 	}
1400 	if (opt_j >= 0)
1401 		return;
1402 	SLIST_FOREACH(s, &nosocks, socket_list) {
1403 		if (!check_ports(s))
1404 			continue;
1405 		pos = xprintf("%-8s %-10s %-5s %-3s",
1406 		    "?", "?", "?", "?");
1407 		displaysock(s, pos);
1408 	}
1409 	RB_FOREACH(s, socks_t, &socks) {
1410 		if (s->shown)
1411 			continue;
1412 		if (!check_ports(s))
1413 			continue;
1414 		pos = xprintf("%-8s %-10s %-5s %-3s",
1415 		    "?", "?", "?", "?");
1416 		displaysock(s, pos);
1417 	}
1418 }
1419 
1420 static int
set_default_protos(void)1421 set_default_protos(void)
1422 {
1423 	struct protoent *prot;
1424 	const char *pname;
1425 	size_t pindex;
1426 
1427 	init_protos(default_numprotos);
1428 
1429 	for (pindex = 0; pindex < default_numprotos; pindex++) {
1430 		pname = default_protos[pindex];
1431 		prot = cap_getprotobyname(capnetdb, pname);
1432 		if (prot == NULL)
1433 			err(1, "cap_getprotobyname: %s", pname);
1434 		protos[pindex] = prot->p_proto;
1435 	}
1436 	numprotos = pindex;
1437 	return (pindex);
1438 }
1439 
1440 /*
1441  * Return the vnet property of the jail, or -1 on error.
1442  */
1443 static int
jail_getvnet(int jid)1444 jail_getvnet(int jid)
1445 {
1446 	struct iovec jiov[6];
1447 	int vnet;
1448 	size_t len = sizeof(vnet);
1449 
1450 	if (sysctlbyname("kern.features.vimage", &vnet, &len, NULL, 0) != 0)
1451 		return (0);
1452 
1453 	vnet = -1;
1454 	jiov[0].iov_base = __DECONST(char *, "jid");
1455 	jiov[0].iov_len = sizeof("jid");
1456 	jiov[1].iov_base = &jid;
1457 	jiov[1].iov_len = sizeof(jid);
1458 	jiov[2].iov_base = __DECONST(char *, "vnet");
1459 	jiov[2].iov_len = sizeof("vnet");
1460 	jiov[3].iov_base = &vnet;
1461 	jiov[3].iov_len = sizeof(vnet);
1462 	jiov[4].iov_base = __DECONST(char *, "errmsg");
1463 	jiov[4].iov_len = sizeof("errmsg");
1464 	jiov[5].iov_base = jail_errmsg;
1465 	jiov[5].iov_len = JAIL_ERRMSGLEN;
1466 	jail_errmsg[0] = '\0';
1467 	if (jail_get(jiov, nitems(jiov), 0) < 0) {
1468 		if (!jail_errmsg[0])
1469 			snprintf(jail_errmsg, JAIL_ERRMSGLEN,
1470 			    "jail_get: %s", strerror(errno));
1471 		return (-1);
1472 	}
1473 	return (vnet);
1474 }
1475 
1476 static void
usage(void)1477 usage(void)
1478 {
1479 	errx(1,
1480     "usage: sockstat [-46CcfIiLlnqSsUuvw] [-j jid] [-p ports] [-P protocols]");
1481 }
1482 
1483 int
main(int argc,char * argv[])1484 main(int argc, char *argv[])
1485 {
1486 	cap_channel_t *capcas;
1487 	cap_net_limit_t *limit;
1488 	const char *pwdcmds[] = { "setpassent", "getpwuid" };
1489 	const char *pwdfields[] = { "pw_name" };
1490 	int protos_defined = -1;
1491 	int o, i;
1492 
1493 	opt_j = -1;
1494 	while ((o = getopt(argc, argv, "46CcfIij:Llnp:P:qSsUuvw")) != -1)
1495 		switch (o) {
1496 		case '4':
1497 			opt_4 = 1;
1498 			break;
1499 		case '6':
1500 			opt_6 = 1;
1501 			break;
1502 		case 'C':
1503 			opt_C = 1;
1504 			break;
1505 		case 'c':
1506 			opt_c = 1;
1507 			break;
1508 		case 'f':
1509 			opt_f = 1;
1510 			break;
1511 		case 'I':
1512 			opt_I = 1;
1513 			break;
1514 		case 'i':
1515 			opt_i = 1;
1516 			break;
1517 		case 'j':
1518 			opt_j = jail_getid(optarg);
1519 			if (opt_j < 0)
1520 				errx(1, "jail_getid: %s", jail_errmsg);
1521 			break;
1522 		case 'L':
1523 			opt_L = 1;
1524 			break;
1525 		case 'l':
1526 			opt_l = 1;
1527 			break;
1528 		case 'n':
1529 			opt_n = 1;
1530 			break;
1531 		case 'p':
1532 			parse_ports(optarg);
1533 			break;
1534 		case 'P':
1535 			protos_defined = parse_protos(optarg);
1536 			break;
1537 		case 'q':
1538 			opt_q = 1;
1539 			break;
1540 		case 'S':
1541 			opt_S = 1;
1542 			break;
1543 		case 's':
1544 			opt_s = 1;
1545 			break;
1546 		case 'U':
1547 			opt_U = 1;
1548 			break;
1549 		case 'u':
1550 			opt_u = 1;
1551 			break;
1552 		case 'v':
1553 			++opt_v;
1554 			break;
1555 		case 'w':
1556 			opt_w = 1;
1557 			break;
1558 		default:
1559 			usage();
1560 		}
1561 
1562 	argc -= optind;
1563 	argv += optind;
1564 
1565 	if (argc > 0)
1566 		usage();
1567 
1568 	if (opt_j > 0) {
1569 		switch (jail_getvnet(opt_j)) {
1570 		case -1:
1571 			errx(2, "jail_getvnet: %s", jail_errmsg);
1572 		case JAIL_SYS_NEW:
1573 			if (jail_attach(opt_j) < 0)
1574 				err(3, "jail_attach()");
1575 			/* Set back to -1 for normal output in vnet jail. */
1576 			opt_j = -1;
1577 			break;
1578 		default:
1579 			break;
1580 		}
1581 	}
1582 
1583 	capcas = cap_init();
1584 	if (capcas == NULL)
1585 		err(1, "Unable to contact Casper");
1586 	if (caph_enter_casper() < 0)
1587 		err(1, "Unable to enter capability mode");
1588 	capnet = cap_service_open(capcas, "system.net");
1589 	if (capnet == NULL)
1590 		err(1, "Unable to open system.net service");
1591 	capnetdb = cap_service_open(capcas, "system.netdb");
1592 	if (capnetdb == NULL)
1593 		err(1, "Unable to open system.netdb service");
1594 	capsysctl = cap_service_open(capcas, "system.sysctl");
1595 	if (capsysctl == NULL)
1596 		err(1, "Unable to open system.sysctl service");
1597 	cappwd = cap_service_open(capcas, "system.pwd");
1598 	if (cappwd == NULL)
1599 		err(1, "Unable to open system.pwd service");
1600 	cap_close(capcas);
1601 	limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);
1602 	if (limit == NULL)
1603 		err(1, "Unable to init cap_net limits");
1604 	if (cap_net_limit(limit) < 0)
1605 		err(1, "Unable to apply limits");
1606 	if (cap_pwd_limit_cmds(cappwd, pwdcmds, nitems(pwdcmds)) < 0)
1607 		err(1, "Unable to apply pwd commands limits");
1608 	if (cap_pwd_limit_fields(cappwd, pwdfields, nitems(pwdfields)) < 0)
1609 		err(1, "Unable to apply pwd commands limits");
1610 
1611 	if ((!opt_4 && !opt_6) && protos_defined != -1)
1612 		opt_4 = opt_6 = 1;
1613 	if (!opt_4 && !opt_6 && !opt_u)
1614 		opt_4 = opt_6 = opt_u = 1;
1615 	if ((opt_4 || opt_6) && protos_defined == -1)
1616 		protos_defined = set_default_protos();
1617 	if (!opt_c && !opt_l)
1618 		opt_c = opt_l = 1;
1619 
1620 	if (opt_4 || opt_6) {
1621 		for (i = 0; i < protos_defined; i++)
1622 			if (protos[i] == IPPROTO_SCTP)
1623 				gather_sctp();
1624 			else
1625 				gather_inet(protos[i]);
1626 	}
1627 
1628 	if (opt_u || (protos_defined == -1 && !opt_4 && !opt_6)) {
1629 		gather_unix(SOCK_STREAM);
1630 		gather_unix(SOCK_DGRAM);
1631 		gather_unix(SOCK_SEQPACKET);
1632 	}
1633 	getfiles();
1634 	display();
1635 	exit(0);
1636 }
1637