1/*-
2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3 *
4 * Copyright (c) 2002 Dag-Erling Co��dan Sm��rgrav
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer
12 *    in this position and unchanged.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 *    notice, this list of conditions and the following disclaimer in the
15 *    documentation and/or other materials provided with the distribution.
16 * 3. The name of the author may not be used to endorse or promote products
17 *    derived from this software without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 */
30
31#include <sys/cdefs.h>
32__FBSDID("$FreeBSD$");
33
34#include <sys/param.h>
35#include <sys/socket.h>
36#include <sys/socketvar.h>
37#include <sys/sysctl.h>
38#include <sys/file.h>
39#include <sys/user.h>
40
41#include <sys/un.h>
42#define	_WANT_UNPCB
43#include <sys/unpcb.h>
44
45#include <net/route.h>
46
47#include <netinet/in.h>
48#include <netinet/in_pcb.h>
49#include <netinet/sctp.h>
50#include <netinet/tcp.h>
51#define TCPSTATES /* load state names */
52#include <netinet/tcp_fsm.h>
53#include <netinet/tcp_seq.h>
54#include <netinet/tcp_var.h>
55#include <arpa/inet.h>
56
57#include <ctype.h>
58#include <err.h>
59#include <errno.h>
60#include <jail.h>
61#include <netdb.h>
62#include <pwd.h>
63#include <stdarg.h>
64#include <stdio.h>
65#include <stdlib.h>
66#include <string.h>
67#include <unistd.h>
68
69#define	sstosin(ss)	((struct sockaddr_in *)(ss))
70#define	sstosin6(ss)	((struct sockaddr_in6 *)(ss))
71#define	sstosun(ss)	((struct sockaddr_un *)(ss))
72#define	sstosa(ss)	((struct sockaddr *)(ss))
73
74static int	 opt_4;		/* Show IPv4 sockets */
75static int	 opt_6;		/* Show IPv6 sockets */
76static int	 opt_c;		/* Show connected sockets */
77static int	 opt_j;		/* Show specified jail */
78static int	 opt_L;		/* Don't show IPv4 or IPv6 loopback sockets */
79static int	 opt_l;		/* Show listening sockets */
80static int	 opt_q;		/* Don't show header */
81static int	 opt_S;		/* Show protocol stack if applicable */
82static int	 opt_s;		/* Show protocol state if applicable */
83static int	 opt_U;		/* Show remote UDP encapsulation port number */
84static int	 opt_u;		/* Show Unix domain sockets */
85static int	 opt_v;		/* Verbose mode */
86static int	 opt_w;		/* Wide print area for addresses */
87
88/*
89 * Default protocols to use if no -P was defined.
90 */
91static const char *default_protos[] = {"sctp", "tcp", "udp", "divert" };
92static size_t	   default_numprotos = nitems(default_protos);
93
94static int	*protos;	/* protocols to use */
95static size_t	 numprotos;	/* allocated size of protos[] */
96
97static int	*ports;
98
99#define	INT_BIT (sizeof(int)*CHAR_BIT)
100#define	SET_PORT(p) do { ports[p / INT_BIT] |= 1 << (p % INT_BIT); } while (0)
101#define	CHK_PORT(p) (ports[p / INT_BIT] & (1 << (p % INT_BIT)))
102
103struct addr {
104	struct sockaddr_storage address;
105	unsigned int encaps_port;
106	int state;
107	struct addr *next;
108};
109
110struct sock {
111	kvaddr_t socket;
112	kvaddr_t pcb;
113	int shown;
114	int vflag;
115	int family;
116	int proto;
117	int state;
118	const char *protoname;
119	char stack[TCP_FUNCTION_NAME_LEN_MAX];
120	struct addr *laddr;
121	struct addr *faddr;
122	struct sock *next;
123};
124
125#define	HASHSIZE 1009
126static struct sock *sockhash[HASHSIZE];
127
128static struct xfile *xfiles;
129static int nxfiles;
130
131static int
132xprintf(const char *fmt, ...)
133{
134	va_list ap;
135	int len;
136
137	va_start(ap, fmt);
138	len = vprintf(fmt, ap);
139	va_end(ap);
140	if (len < 0)
141		err(1, "printf()");
142	return (len);
143}
144
145static int
146get_proto_type(const char *proto)
147{
148	struct protoent *pent;
149
150	if (strlen(proto) == 0)
151		return (0);
152	pent = getprotobyname(proto);
153	if (pent == NULL) {
154		warn("getprotobyname");
155		return (-1);
156	}
157	return (pent->p_proto);
158}
159
160static void
161init_protos(int num)
162{
163	int proto_count = 0;
164
165	if (num > 0) {
166		proto_count = num;
167	} else {
168		/* Find the maximum number of possible protocols. */
169		while (getprotoent() != NULL)
170			proto_count++;
171		endprotoent();
172	}
173
174	if ((protos = malloc(sizeof(int) * proto_count)) == NULL)
175		err(1, "malloc");
176	numprotos = proto_count;
177}
178
179static int
180parse_protos(char *protospec)
181{
182	char *prot;
183	int proto_type, proto_index;
184
185	if (protospec == NULL)
186		return (-1);
187
188	init_protos(0);
189	proto_index = 0;
190	while ((prot = strsep(&protospec, ",")) != NULL) {
191		if (strlen(prot) == 0)
192			continue;
193		proto_type = get_proto_type(prot);
194		if (proto_type != -1)
195			protos[proto_index++] = proto_type;
196	}
197	numprotos = proto_index;
198	return (proto_index);
199}
200
201static void
202parse_ports(const char *portspec)
203{
204	const char *p, *q;
205	int port, end;
206
207	if (ports == NULL)
208		if ((ports = calloc(65536 / INT_BIT, sizeof(int))) == NULL)
209			err(1, "calloc()");
210	p = portspec;
211	while (*p != '\0') {
212		if (!isdigit(*p))
213			errx(1, "syntax error in port range");
214		for (q = p; *q != '\0' && isdigit(*q); ++q)
215			/* nothing */ ;
216		for (port = 0; p < q; ++p)
217			port = port * 10 + digittoint(*p);
218		if (port < 0 || port > 65535)
219			errx(1, "invalid port number");
220		SET_PORT(port);
221		switch (*p) {
222		case '-':
223			++p;
224			break;
225		case ',':
226			++p;
227			/* fall through */
228		case '\0':
229		default:
230			continue;
231		}
232		for (q = p; *q != '\0' && isdigit(*q); ++q)
233			/* nothing */ ;
234		for (end = 0; p < q; ++p)
235			end = end * 10 + digittoint(*p);
236		if (end < port || end > 65535)
237			errx(1, "invalid port number");
238		while (port++ < end)
239			SET_PORT(port);
240		if (*p == ',')
241			++p;
242	}
243}
244
245static void
246sockaddr(struct sockaddr_storage *ss, int af, void *addr, int port)
247{
248	struct sockaddr_in *sin4;
249	struct sockaddr_in6 *sin6;
250
251	bzero(ss, sizeof(*ss));
252	switch (af) {
253	case AF_INET:
254		sin4 = sstosin(ss);
255		sin4->sin_len = sizeof(*sin4);
256		sin4->sin_family = af;
257		sin4->sin_port = port;
258		sin4->sin_addr = *(struct in_addr *)addr;
259		break;
260	case AF_INET6:
261		sin6 = sstosin6(ss);
262		sin6->sin6_len = sizeof(*sin6);
263		sin6->sin6_family = af;
264		sin6->sin6_port = port;
265		sin6->sin6_addr = *(struct in6_addr *)addr;
266#define	s6_addr16	__u6_addr.__u6_addr16
267		if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) {
268			sin6->sin6_scope_id =
269			    ntohs(sin6->sin6_addr.s6_addr16[1]);
270			sin6->sin6_addr.s6_addr16[1] = 0;
271		}
272		break;
273	default:
274		abort();
275	}
276}
277
278static void
279free_socket(struct sock *sock)
280{
281	struct addr *cur, *next;
282
283	cur = sock->laddr;
284	while (cur != NULL) {
285		next = cur->next;
286		free(cur);
287		cur = next;
288	}
289	cur = sock->faddr;
290	while (cur != NULL) {
291		next = cur->next;
292		free(cur);
293		cur = next;
294	}
295	free(sock);
296}
297
298static void
299gather_sctp(void)
300{
301	struct sock *sock;
302	struct addr *laddr, *prev_laddr, *faddr, *prev_faddr;
303	struct xsctp_inpcb *xinpcb;
304	struct xsctp_tcb *xstcb;
305	struct xsctp_raddr *xraddr;
306	struct xsctp_laddr *xladdr;
307	const char *varname;
308	size_t len, offset;
309	char *buf;
310	int hash, vflag;
311	int no_stcb, local_all_loopback, foreign_all_loopback;
312
313	vflag = 0;
314	if (opt_4)
315		vflag |= INP_IPV4;
316	if (opt_6)
317		vflag |= INP_IPV6;
318
319	varname = "net.inet.sctp.assoclist";
320	if (sysctlbyname(varname, 0, &len, 0, 0) < 0) {
321		if (errno != ENOENT)
322			err(1, "sysctlbyname()");
323		return;
324	}
325	if ((buf = (char *)malloc(len)) == NULL) {
326		err(1, "malloc()");
327		return;
328	}
329	if (sysctlbyname(varname, buf, &len, 0, 0) < 0) {
330		err(1, "sysctlbyname()");
331		free(buf);
332		return;
333	}
334	xinpcb = (struct xsctp_inpcb *)(void *)buf;
335	offset = sizeof(struct xsctp_inpcb);
336	while ((offset < len) && (xinpcb->last == 0)) {
337		if ((sock = calloc(1, sizeof *sock)) == NULL)
338			err(1, "malloc()");
339		sock->socket = xinpcb->socket;
340		sock->proto = IPPROTO_SCTP;
341		sock->protoname = "sctp";
342		if (xinpcb->maxqlen == 0)
343			sock->state = SCTP_CLOSED;
344		else
345			sock->state = SCTP_LISTEN;
346		if (xinpcb->flags & SCTP_PCB_FLAGS_BOUND_V6) {
347			sock->family = AF_INET6;
348			/*
349			 * Currently there is no way to distinguish between
350			 * IPv6 only sockets or dual family sockets.
351			 * So mark it as dual socket.
352			 */
353			sock->vflag = INP_IPV6 | INP_IPV4;
354		} else {
355			sock->family = AF_INET;
356			sock->vflag = INP_IPV4;
357		}
358		prev_laddr = NULL;
359		local_all_loopback = 1;
360		while (offset < len) {
361			xladdr = (struct xsctp_laddr *)(void *)(buf + offset);
362			offset += sizeof(struct xsctp_laddr);
363			if (xladdr->last == 1)
364				break;
365			if ((laddr = calloc(1, sizeof(struct addr))) == NULL)
366				err(1, "malloc()");
367			switch (xladdr->address.sa.sa_family) {
368			case AF_INET:
369#define	__IN_IS_ADDR_LOOPBACK(pina) \
370	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
371				if (!__IN_IS_ADDR_LOOPBACK(
372				    &xladdr->address.sin.sin_addr))
373					local_all_loopback = 0;
374#undef	__IN_IS_ADDR_LOOPBACK
375				sockaddr(&laddr->address, AF_INET,
376				    &xladdr->address.sin.sin_addr,
377				    htons(xinpcb->local_port));
378				break;
379			case AF_INET6:
380				if (!IN6_IS_ADDR_LOOPBACK(
381				    &xladdr->address.sin6.sin6_addr))
382					local_all_loopback = 0;
383				sockaddr(&laddr->address, AF_INET6,
384				    &xladdr->address.sin6.sin6_addr,
385				    htons(xinpcb->local_port));
386				break;
387			default:
388				errx(1, "address family %d not supported",
389				    xladdr->address.sa.sa_family);
390			}
391			laddr->next = NULL;
392			if (prev_laddr == NULL)
393				sock->laddr = laddr;
394			else
395				prev_laddr->next = laddr;
396			prev_laddr = laddr;
397		}
398		if (sock->laddr == NULL) {
399			if ((sock->laddr =
400			    calloc(1, sizeof(struct addr))) == NULL)
401				err(1, "malloc()");
402			sock->laddr->address.ss_family = sock->family;
403			if (sock->family == AF_INET)
404				sock->laddr->address.ss_len =
405				    sizeof(struct sockaddr_in);
406			else
407				sock->laddr->address.ss_len =
408				    sizeof(struct sockaddr_in6);
409			local_all_loopback = 0;
410		}
411		if ((sock->faddr = calloc(1, sizeof(struct addr))) == NULL)
412			err(1, "malloc()");
413		sock->faddr->address.ss_family = sock->family;
414		if (sock->family == AF_INET)
415			sock->faddr->address.ss_len =
416			    sizeof(struct sockaddr_in);
417		else
418			sock->faddr->address.ss_len =
419			    sizeof(struct sockaddr_in6);
420		no_stcb = 1;
421		while (offset < len) {
422			xstcb = (struct xsctp_tcb *)(void *)(buf + offset);
423			offset += sizeof(struct xsctp_tcb);
424			if (no_stcb) {
425				if (opt_l && (sock->vflag & vflag) &&
426				    (!opt_L || !local_all_loopback) &&
427				    ((xinpcb->flags & SCTP_PCB_FLAGS_UDPTYPE) ||
428				     (xstcb->last == 1))) {
429					hash = (int)((uintptr_t)sock->socket %
430					    HASHSIZE);
431					sock->next = sockhash[hash];
432					sockhash[hash] = sock;
433				} else {
434					free_socket(sock);
435				}
436			}
437			if (xstcb->last == 1)
438				break;
439			no_stcb = 0;
440			if (opt_c) {
441				if ((sock = calloc(1, sizeof *sock)) == NULL)
442					err(1, "malloc()");
443				sock->socket = xinpcb->socket;
444				sock->proto = IPPROTO_SCTP;
445				sock->protoname = "sctp";
446				sock->state = (int)xstcb->state;
447				if (xinpcb->flags & SCTP_PCB_FLAGS_BOUND_V6) {
448					sock->family = AF_INET6;
449				/*
450				 * Currently there is no way to distinguish
451				 * between IPv6 only sockets or dual family
452				 *  sockets. So mark it as dual socket.
453				 */
454					sock->vflag = INP_IPV6 | INP_IPV4;
455				} else {
456					sock->family = AF_INET;
457					sock->vflag = INP_IPV4;
458				}
459			}
460			prev_laddr = NULL;
461			local_all_loopback = 1;
462			while (offset < len) {
463				xladdr = (struct xsctp_laddr *)(void *)(buf +
464				    offset);
465				offset += sizeof(struct xsctp_laddr);
466				if (xladdr->last == 1)
467					break;
468				if (!opt_c)
469					continue;
470				laddr = calloc(1, sizeof(struct addr));
471				if (laddr == NULL)
472					err(1, "malloc()");
473				switch (xladdr->address.sa.sa_family) {
474				case AF_INET:
475#define	__IN_IS_ADDR_LOOPBACK(pina) \
476	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
477					if (!__IN_IS_ADDR_LOOPBACK(
478					    &xladdr->address.sin.sin_addr))
479						local_all_loopback = 0;
480#undef	__IN_IS_ADDR_LOOPBACK
481					sockaddr(&laddr->address, AF_INET,
482					    &xladdr->address.sin.sin_addr,
483					    htons(xstcb->local_port));
484					break;
485				case AF_INET6:
486					if (!IN6_IS_ADDR_LOOPBACK(
487					    &xladdr->address.sin6.sin6_addr))
488						local_all_loopback = 0;
489					sockaddr(&laddr->address, AF_INET6,
490					    &xladdr->address.sin6.sin6_addr,
491					    htons(xstcb->local_port));
492					break;
493				default:
494					errx(1,
495					    "address family %d not supported",
496					    xladdr->address.sa.sa_family);
497				}
498				laddr->next = NULL;
499				if (prev_laddr == NULL)
500					sock->laddr = laddr;
501				else
502					prev_laddr->next = laddr;
503				prev_laddr = laddr;
504			}
505			prev_faddr = NULL;
506			foreign_all_loopback = 1;
507			while (offset < len) {
508				xraddr = (struct xsctp_raddr *)(void *)(buf +
509				    offset);
510				offset += sizeof(struct xsctp_raddr);
511				if (xraddr->last == 1)
512					break;
513				if (!opt_c)
514					continue;
515				faddr = calloc(1, sizeof(struct addr));
516				if (faddr == NULL)
517					err(1, "malloc()");
518				switch (xraddr->address.sa.sa_family) {
519				case AF_INET:
520#define	__IN_IS_ADDR_LOOPBACK(pina) \
521	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
522					if (!__IN_IS_ADDR_LOOPBACK(
523					    &xraddr->address.sin.sin_addr))
524						foreign_all_loopback = 0;
525#undef	__IN_IS_ADDR_LOOPBACK
526					sockaddr(&faddr->address, AF_INET,
527					    &xraddr->address.sin.sin_addr,
528					    htons(xstcb->remote_port));
529					break;
530				case AF_INET6:
531					if (!IN6_IS_ADDR_LOOPBACK(
532					    &xraddr->address.sin6.sin6_addr))
533						foreign_all_loopback = 0;
534					sockaddr(&faddr->address, AF_INET6,
535					    &xraddr->address.sin6.sin6_addr,
536					    htons(xstcb->remote_port));
537					break;
538				default:
539					errx(1,
540					    "address family %d not supported",
541					    xraddr->address.sa.sa_family);
542				}
543				faddr->encaps_port = xraddr->encaps_port;
544				faddr->state = xraddr->state;
545				faddr->next = NULL;
546				if (prev_faddr == NULL)
547					sock->faddr = faddr;
548				else
549					prev_faddr->next = faddr;
550				prev_faddr = faddr;
551			}
552			if (opt_c) {
553				if ((sock->vflag & vflag) &&
554				    (!opt_L ||
555				     !(local_all_loopback ||
556				     foreign_all_loopback))) {
557					hash = (int)((uintptr_t)sock->socket %
558					    HASHSIZE);
559					sock->next = sockhash[hash];
560					sockhash[hash] = sock;
561				} else {
562					free_socket(sock);
563				}
564			}
565		}
566		xinpcb = (struct xsctp_inpcb *)(void *)(buf + offset);
567		offset += sizeof(struct xsctp_inpcb);
568	}
569	free(buf);
570}
571
572static void
573gather_inet(int proto)
574{
575	struct xinpgen *xig, *exig;
576	struct xinpcb *xip;
577	struct xtcpcb *xtp = NULL;
578	struct xsocket *so;
579	struct sock *sock;
580	struct addr *laddr, *faddr;
581	const char *varname, *protoname;
582	size_t len, bufsize;
583	void *buf;
584	int hash, retry, vflag;
585
586	vflag = 0;
587	if (opt_4)
588		vflag |= INP_IPV4;
589	if (opt_6)
590		vflag |= INP_IPV6;
591
592	switch (proto) {
593	case IPPROTO_TCP:
594		varname = "net.inet.tcp.pcblist";
595		protoname = "tcp";
596		break;
597	case IPPROTO_UDP:
598		varname = "net.inet.udp.pcblist";
599		protoname = "udp";
600		break;
601	case IPPROTO_DIVERT:
602		varname = "net.inet.divert.pcblist";
603		protoname = "div";
604		break;
605	default:
606		errx(1, "protocol %d not supported", proto);
607	}
608
609	buf = NULL;
610	bufsize = 8192;
611	retry = 5;
612	do {
613		for (;;) {
614			if ((buf = realloc(buf, bufsize)) == NULL)
615				err(1, "realloc()");
616			len = bufsize;
617			if (sysctlbyname(varname, buf, &len, NULL, 0) == 0)
618				break;
619			if (errno == ENOENT)
620				goto out;
621			if (errno != ENOMEM || len != bufsize)
622				err(1, "sysctlbyname()");
623			bufsize *= 2;
624		}
625		xig = (struct xinpgen *)buf;
626		exig = (struct xinpgen *)(void *)
627		    ((char *)buf + len - sizeof *exig);
628		if (xig->xig_len != sizeof *xig ||
629		    exig->xig_len != sizeof *exig)
630			errx(1, "struct xinpgen size mismatch");
631	} while (xig->xig_gen != exig->xig_gen && retry--);
632
633	if (xig->xig_gen != exig->xig_gen && opt_v)
634		warnx("warning: data may be inconsistent");
635
636	for (;;) {
637		xig = (struct xinpgen *)(void *)((char *)xig + xig->xig_len);
638		if (xig >= exig)
639			break;
640		switch (proto) {
641		case IPPROTO_TCP:
642			xtp = (struct xtcpcb *)xig;
643			xip = &xtp->xt_inp;
644			if (xtp->xt_len != sizeof(*xtp)) {
645				warnx("struct xtcpcb size mismatch");
646				goto out;
647			}
648			protoname = xtp->t_flags & TF_TOE ? "toe" : "tcp";
649			break;
650		case IPPROTO_UDP:
651		case IPPROTO_DIVERT:
652			xip = (struct xinpcb *)xig;
653			if (xip->xi_len != sizeof(*xip)) {
654				warnx("struct xinpcb size mismatch");
655				goto out;
656			}
657			break;
658		default:
659			errx(1, "protocol %d not supported", proto);
660		}
661		so = &xip->xi_socket;
662		if ((xip->inp_vflag & vflag) == 0)
663			continue;
664		if (xip->inp_vflag & INP_IPV4) {
665			if ((xip->inp_fport == 0 && !opt_l) ||
666			    (xip->inp_fport != 0 && !opt_c))
667				continue;
668#define	__IN_IS_ADDR_LOOPBACK(pina) \
669	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
670			if (opt_L &&
671			    (__IN_IS_ADDR_LOOPBACK(&xip->inp_faddr) ||
672			     __IN_IS_ADDR_LOOPBACK(&xip->inp_laddr)))
673				continue;
674#undef	__IN_IS_ADDR_LOOPBACK
675		} else if (xip->inp_vflag & INP_IPV6) {
676			if ((xip->inp_fport == 0 && !opt_l) ||
677			    (xip->inp_fport != 0 && !opt_c))
678				continue;
679			if (opt_L &&
680			    (IN6_IS_ADDR_LOOPBACK(&xip->in6p_faddr) ||
681			     IN6_IS_ADDR_LOOPBACK(&xip->in6p_laddr)))
682				continue;
683		} else {
684			if (opt_v)
685				warnx("invalid vflag 0x%x", xip->inp_vflag);
686			continue;
687		}
688		if ((sock = calloc(1, sizeof(*sock))) == NULL)
689			err(1, "malloc()");
690		if ((laddr = calloc(1, sizeof *laddr)) == NULL)
691			err(1, "malloc()");
692		if ((faddr = calloc(1, sizeof *faddr)) == NULL)
693			err(1, "malloc()");
694		sock->socket = so->xso_so;
695		sock->proto = proto;
696		if (xip->inp_vflag & INP_IPV4) {
697			sock->family = AF_INET;
698			sockaddr(&laddr->address, sock->family,
699			    &xip->inp_laddr, xip->inp_lport);
700			sockaddr(&faddr->address, sock->family,
701			    &xip->inp_faddr, xip->inp_fport);
702		} else if (xip->inp_vflag & INP_IPV6) {
703			sock->family = AF_INET6;
704			sockaddr(&laddr->address, sock->family,
705			    &xip->in6p_laddr, xip->inp_lport);
706			sockaddr(&faddr->address, sock->family,
707			    &xip->in6p_faddr, xip->inp_fport);
708		}
709		laddr->next = NULL;
710		faddr->next = NULL;
711		sock->laddr = laddr;
712		sock->faddr = faddr;
713		sock->vflag = xip->inp_vflag;
714		if (proto == IPPROTO_TCP) {
715			sock->state = xtp->t_state;
716			memcpy(sock->stack, xtp->xt_stack,
717			    TCP_FUNCTION_NAME_LEN_MAX);
718		}
719		sock->protoname = protoname;
720		hash = (int)((uintptr_t)sock->socket % HASHSIZE);
721		sock->next = sockhash[hash];
722		sockhash[hash] = sock;
723	}
724out:
725	free(buf);
726}
727
728static void
729gather_unix(int proto)
730{
731	struct xunpgen *xug, *exug;
732	struct xunpcb *xup;
733	struct sock *sock;
734	struct addr *laddr, *faddr;
735	const char *varname, *protoname;
736	size_t len, bufsize;
737	void *buf;
738	int hash, retry;
739
740	switch (proto) {
741	case SOCK_STREAM:
742		varname = "net.local.stream.pcblist";
743		protoname = "stream";
744		break;
745	case SOCK_DGRAM:
746		varname = "net.local.dgram.pcblist";
747		protoname = "dgram";
748		break;
749	case SOCK_SEQPACKET:
750		varname = "net.local.seqpacket.pcblist";
751		protoname = "seqpac";
752		break;
753	default:
754		abort();
755	}
756	buf = NULL;
757	bufsize = 8192;
758	retry = 5;
759	do {
760		for (;;) {
761			if ((buf = realloc(buf, bufsize)) == NULL)
762				err(1, "realloc()");
763			len = bufsize;
764			if (sysctlbyname(varname, buf, &len, NULL, 0) == 0)
765				break;
766			if (errno != ENOMEM || len != bufsize)
767				err(1, "sysctlbyname()");
768			bufsize *= 2;
769		}
770		xug = (struct xunpgen *)buf;
771		exug = (struct xunpgen *)(void *)
772		    ((char *)buf + len - sizeof(*exug));
773		if (xug->xug_len != sizeof(*xug) ||
774		    exug->xug_len != sizeof(*exug)) {
775			warnx("struct xinpgen size mismatch");
776			goto out;
777		}
778	} while (xug->xug_gen != exug->xug_gen && retry--);
779
780	if (xug->xug_gen != exug->xug_gen && opt_v)
781		warnx("warning: data may be inconsistent");
782
783	for (;;) {
784		xug = (struct xunpgen *)(void *)((char *)xug + xug->xug_len);
785		if (xug >= exug)
786			break;
787		xup = (struct xunpcb *)xug;
788		if (xup->xu_len != sizeof(*xup)) {
789			warnx("struct xunpcb size mismatch");
790			goto out;
791		}
792		if ((xup->unp_conn == 0 && !opt_l) ||
793		    (xup->unp_conn != 0 && !opt_c))
794			continue;
795		if ((sock = calloc(1, sizeof(*sock))) == NULL)
796			err(1, "malloc()");
797		if ((laddr = calloc(1, sizeof *laddr)) == NULL)
798			err(1, "malloc()");
799		if ((faddr = calloc(1, sizeof *faddr)) == NULL)
800			err(1, "malloc()");
801		sock->socket = xup->xu_socket.xso_so;
802		sock->pcb = xup->xu_unpp;
803		sock->proto = proto;
804		sock->family = AF_UNIX;
805		sock->protoname = protoname;
806		if (xup->xu_addr.sun_family == AF_UNIX)
807			laddr->address =
808			    *(struct sockaddr_storage *)(void *)&xup->xu_addr;
809		else if (xup->unp_conn != 0)
810			*(kvaddr_t*)&(faddr->address) = xup->unp_conn;
811		laddr->next = NULL;
812		faddr->next = NULL;
813		sock->laddr = laddr;
814		sock->faddr = faddr;
815		hash = (int)((uintptr_t)sock->socket % HASHSIZE);
816		sock->next = sockhash[hash];
817		sockhash[hash] = sock;
818	}
819out:
820	free(buf);
821}
822
823static void
824getfiles(void)
825{
826	size_t len, olen;
827
828	olen = len = sizeof(*xfiles);
829	if ((xfiles = malloc(len)) == NULL)
830		err(1, "malloc()");
831	while (sysctlbyname("kern.file", xfiles, &len, 0, 0) == -1) {
832		if (errno != ENOMEM || len != olen)
833			err(1, "sysctlbyname()");
834		olen = len *= 2;
835		if ((xfiles = realloc(xfiles, len)) == NULL)
836			err(1, "realloc()");
837	}
838	if (len > 0 && xfiles->xf_size != sizeof(*xfiles))
839		errx(1, "struct xfile size mismatch");
840	nxfiles = len / sizeof(*xfiles);
841}
842
843static int
844printaddr(struct sockaddr_storage *ss)
845{
846	struct sockaddr_un *sun;
847	char addrstr[NI_MAXHOST] = { '\0', '\0' };
848	int error, off, port = 0;
849
850	switch (ss->ss_family) {
851	case AF_INET:
852		if (inet_lnaof(sstosin(ss)->sin_addr) == INADDR_ANY)
853			addrstr[0] = '*';
854		port = ntohs(sstosin(ss)->sin_port);
855		break;
856	case AF_INET6:
857		if (IN6_IS_ADDR_UNSPECIFIED(&sstosin6(ss)->sin6_addr))
858			addrstr[0] = '*';
859		port = ntohs(sstosin6(ss)->sin6_port);
860		break;
861	case AF_UNIX:
862		sun = sstosun(ss);
863		off = (int)((char *)&sun->sun_path - (char *)sun);
864		return (xprintf("%.*s", sun->sun_len - off, sun->sun_path));
865	}
866	if (addrstr[0] == '\0') {
867		error = getnameinfo(sstosa(ss), ss->ss_len, addrstr,
868		    sizeof(addrstr), NULL, 0, NI_NUMERICHOST);
869		if (error)
870			errx(1, "getnameinfo()");
871	}
872	if (port == 0)
873		return xprintf("%s:*", addrstr);
874	else
875		return xprintf("%s:%d", addrstr, port);
876}
877
878static const char *
879getprocname(pid_t pid)
880{
881	static struct kinfo_proc proc;
882	size_t len;
883	int mib[4];
884
885	mib[0] = CTL_KERN;
886	mib[1] = KERN_PROC;
887	mib[2] = KERN_PROC_PID;
888	mib[3] = (int)pid;
889	len = sizeof(proc);
890	if (sysctl(mib, nitems(mib), &proc, &len, NULL, 0) == -1) {
891		/* Do not warn if the process exits before we get its name. */
892		if (errno != ESRCH)
893			warn("sysctl()");
894		return ("??");
895	}
896	return (proc.ki_comm);
897}
898
899static int
900getprocjid(pid_t pid)
901{
902	static struct kinfo_proc proc;
903	size_t len;
904	int mib[4];
905
906	mib[0] = CTL_KERN;
907	mib[1] = KERN_PROC;
908	mib[2] = KERN_PROC_PID;
909	mib[3] = (int)pid;
910	len = sizeof(proc);
911	if (sysctl(mib, nitems(mib), &proc, &len, NULL, 0) == -1) {
912		/* Do not warn if the process exits before we get its jid. */
913		if (errno != ESRCH)
914			warn("sysctl()");
915		return (-1);
916	}
917	return (proc.ki_jid);
918}
919
920static int
921check_ports(struct sock *s)
922{
923	int port;
924	struct addr *addr;
925
926	if (ports == NULL)
927		return (1);
928	if ((s->family != AF_INET) && (s->family != AF_INET6))
929		return (1);
930	for (addr = s->laddr; addr != NULL; addr = addr->next) {
931		if (s->family == AF_INET)
932			port = ntohs(sstosin(&addr->address)->sin_port);
933		else
934			port = ntohs(sstosin6(&addr->address)->sin6_port);
935		if (CHK_PORT(port))
936			return (1);
937	}
938	for (addr = s->faddr; addr != NULL; addr = addr->next) {
939		if (s->family == AF_INET)
940			port = ntohs(sstosin(&addr->address)->sin_port);
941		else
942			port = ntohs(sstosin6(&addr->address)->sin6_port);
943		if (CHK_PORT(port))
944			return (1);
945	}
946	return (0);
947}
948
949static const char *
950sctp_conn_state(int state)
951{
952	switch (state) {
953	case SCTP_CLOSED:
954		return "CLOSED";
955		break;
956	case SCTP_BOUND:
957		return "BOUND";
958		break;
959	case SCTP_LISTEN:
960		return "LISTEN";
961		break;
962	case SCTP_COOKIE_WAIT:
963		return "COOKIE_WAIT";
964		break;
965	case SCTP_COOKIE_ECHOED:
966		return "COOKIE_ECHOED";
967		break;
968	case SCTP_ESTABLISHED:
969		return "ESTABLISHED";
970		break;
971	case SCTP_SHUTDOWN_SENT:
972		return "SHUTDOWN_SENT";
973		break;
974	case SCTP_SHUTDOWN_RECEIVED:
975		return "SHUTDOWN_RECEIVED";
976		break;
977	case SCTP_SHUTDOWN_ACK_SENT:
978		return "SHUTDOWN_ACK_SENT";
979		break;
980	case SCTP_SHUTDOWN_PENDING:
981		return "SHUTDOWN_PENDING";
982		break;
983	default:
984		return "UNKNOWN";
985		break;
986	}
987}
988
989static const char *
990sctp_path_state(int state)
991{
992	switch (state) {
993	case SCTP_UNCONFIRMED:
994		return "UNCONFIRMED";
995		break;
996	case SCTP_ACTIVE:
997		return "ACTIVE";
998		break;
999	case SCTP_INACTIVE:
1000		return "INACTIVE";
1001		break;
1002	default:
1003		return "UNKNOWN";
1004		break;
1005	}
1006}
1007
1008static void
1009displaysock(struct sock *s, int pos)
1010{
1011	kvaddr_t p;
1012	int hash, first, offset;
1013	struct addr *laddr, *faddr;
1014	struct sock *s_tmp;
1015
1016	while (pos < 29)
1017		pos += xprintf(" ");
1018	pos += xprintf("%s", s->protoname);
1019	if (s->vflag & INP_IPV4)
1020		pos += xprintf("4");
1021	if (s->vflag & INP_IPV6)
1022		pos += xprintf("6");
1023	if (s->vflag & (INP_IPV4 | INP_IPV6))
1024		pos += xprintf(" ");
1025	laddr = s->laddr;
1026	faddr = s->faddr;
1027	first = 1;
1028	while (laddr != NULL || faddr != NULL) {
1029		offset = 36;
1030		while (pos < offset)
1031			pos += xprintf(" ");
1032		switch (s->family) {
1033		case AF_INET:
1034		case AF_INET6:
1035			if (laddr != NULL) {
1036				pos += printaddr(&laddr->address);
1037				if (s->family == AF_INET6 && pos >= 58)
1038					pos += xprintf(" ");
1039			}
1040			offset += opt_w ? 46 : 22;
1041			while (pos < offset)
1042				pos += xprintf(" ");
1043			if (faddr != NULL)
1044				pos += printaddr(&faddr->address);
1045			offset += opt_w ? 46 : 22;
1046			break;
1047		case AF_UNIX:
1048			if ((laddr == NULL) || (faddr == NULL))
1049				errx(1, "laddr = %p or faddr = %p is NULL",
1050				    (void *)laddr, (void *)faddr);
1051			/* server */
1052			if (laddr->address.ss_len > 0) {
1053				pos += printaddr(&laddr->address);
1054				break;
1055			}
1056			/* client */
1057			p = *(kvaddr_t*)&(faddr->address);
1058			if (p == 0) {
1059				pos += xprintf("(not connected)");
1060				offset += opt_w ? 92 : 44;
1061				break;
1062			}
1063			pos += xprintf("-> ");
1064			for (hash = 0; hash < HASHSIZE; ++hash) {
1065				for (s_tmp = sockhash[hash];
1066				    s_tmp != NULL;
1067				    s_tmp = s_tmp->next)
1068					if (s_tmp->pcb == p)
1069						break;
1070				if (s_tmp != NULL)
1071					break;
1072			}
1073			if (s_tmp == NULL || s_tmp->laddr == NULL ||
1074			    s_tmp->laddr->address.ss_len == 0)
1075				pos += xprintf("??");
1076			else
1077				pos += printaddr(&s_tmp->laddr->address);
1078			offset += opt_w ? 92 : 44;
1079			break;
1080		default:
1081			abort();
1082		}
1083		if (opt_U) {
1084			if (faddr != NULL &&
1085			    s->proto == IPPROTO_SCTP &&
1086			    s->state != SCTP_CLOSED &&
1087			    s->state != SCTP_BOUND &&
1088			    s->state != SCTP_LISTEN) {
1089				while (pos < offset)
1090					pos += xprintf(" ");
1091				pos += xprintf("%u",
1092				    ntohs(faddr->encaps_port));
1093			}
1094			offset += 7;
1095		}
1096		if (opt_s) {
1097			if (faddr != NULL &&
1098			    s->proto == IPPROTO_SCTP &&
1099			    s->state != SCTP_CLOSED &&
1100			    s->state != SCTP_BOUND &&
1101			    s->state != SCTP_LISTEN) {
1102				while (pos < offset)
1103					pos += xprintf(" ");
1104				pos += xprintf("%s",
1105				    sctp_path_state(faddr->state));
1106			}
1107			offset += 13;
1108		}
1109		if (first) {
1110			if (opt_s) {
1111				if (s->proto == IPPROTO_SCTP ||
1112				    s->proto == IPPROTO_TCP) {
1113					while (pos < offset)
1114						pos += xprintf(" ");
1115					switch (s->proto) {
1116					case IPPROTO_SCTP:
1117						pos += xprintf("%s",
1118						    sctp_conn_state(s->state));
1119						break;
1120					case IPPROTO_TCP:
1121						if (s->state >= 0 &&
1122						    s->state < TCP_NSTATES)
1123							pos += xprintf("%s",
1124							    tcpstates[s->state]);
1125						else
1126							pos += xprintf("?");
1127						break;
1128					}
1129				}
1130				offset += 13;
1131			}
1132			if (opt_S && s->proto == IPPROTO_TCP) {
1133				while (pos < offset)
1134					pos += xprintf(" ");
1135				xprintf("%.*s", TCP_FUNCTION_NAME_LEN_MAX,
1136				    s->stack);
1137			}
1138		}
1139		if (laddr != NULL)
1140			laddr = laddr->next;
1141		if (faddr != NULL)
1142			faddr = faddr->next;
1143		if ((laddr != NULL) || (faddr != NULL)) {
1144			xprintf("\n");
1145			pos = 0;
1146		}
1147		first = 0;
1148	}
1149	xprintf("\n");
1150}
1151
1152static void
1153display(void)
1154{
1155	struct passwd *pwd;
1156	struct xfile *xf;
1157	struct sock *s;
1158	int hash, n, pos;
1159
1160	if (opt_q != 1) {
1161		printf("%-8s %-10s %-5s %-2s %-6s %-*s %-*s",
1162		    "USER", "COMMAND", "PID", "FD", "PROTO",
1163		    opt_w ? 45 : 21, "LOCAL ADDRESS",
1164		    opt_w ? 45 : 21, "FOREIGN ADDRESS");
1165		if (opt_U)
1166			printf(" %-6s", "ENCAPS");
1167		if (opt_s) {
1168			printf(" %-12s", "PATH STATE");
1169			printf(" %-12s", "CONN STATE");
1170		}
1171		if (opt_S)
1172			printf(" %.*s", TCP_FUNCTION_NAME_LEN_MAX, "STACK");
1173		printf("\n");
1174	}
1175	setpassent(1);
1176	for (xf = xfiles, n = 0; n < nxfiles; ++n, ++xf) {
1177		if (xf->xf_data == 0)
1178			continue;
1179		if (opt_j >= 0 && opt_j != getprocjid(xf->xf_pid))
1180			continue;
1181		hash = (int)((uintptr_t)xf->xf_data % HASHSIZE);
1182		for (s = sockhash[hash]; s != NULL; s = s->next) {
1183			if (s->socket != xf->xf_data)
1184				continue;
1185			if (!check_ports(s))
1186				continue;
1187			s->shown = 1;
1188			pos = 0;
1189			if ((pwd = getpwuid(xf->xf_uid)) == NULL)
1190				pos += xprintf("%lu ", (u_long)xf->xf_uid);
1191			else
1192				pos += xprintf("%s ", pwd->pw_name);
1193			while (pos < 9)
1194				pos += xprintf(" ");
1195			pos += xprintf("%.10s", getprocname(xf->xf_pid));
1196			while (pos < 20)
1197				pos += xprintf(" ");
1198			pos += xprintf("%lu ", (u_long)xf->xf_pid);
1199			while (pos < 26)
1200				pos += xprintf(" ");
1201			pos += xprintf("%d ", xf->xf_fd);
1202			displaysock(s, pos);
1203		}
1204	}
1205	if (opt_j >= 0)
1206		return;
1207	for (hash = 0; hash < HASHSIZE; hash++) {
1208		for (s = sockhash[hash]; s != NULL; s = s->next) {
1209			if (s->shown)
1210				continue;
1211			if (!check_ports(s))
1212				continue;
1213			pos = 0;
1214			pos += xprintf("%-8s %-10s %-5s %-2s ",
1215			    "?", "?", "?", "?");
1216			displaysock(s, pos);
1217		}
1218	}
1219}
1220
1221static int set_default_protos(void)
1222{
1223	struct protoent *prot;
1224	const char *pname;
1225	size_t pindex;
1226
1227	init_protos(default_numprotos);
1228
1229	for (pindex = 0; pindex < default_numprotos; pindex++) {
1230		pname = default_protos[pindex];
1231		prot = getprotobyname(pname);
1232		if (prot == NULL)
1233			err(1, "getprotobyname: %s", pname);
1234		protos[pindex] = prot->p_proto;
1235	}
1236	numprotos = pindex;
1237	return (pindex);
1238}
1239
1240static void
1241usage(void)
1242{
1243	fprintf(stderr,
1244	    "usage: sockstat [-46cLlSsUuvw] [-j jid] [-p ports] [-P protocols]\n");
1245	exit(1);
1246}
1247
1248int
1249main(int argc, char *argv[])
1250{
1251	int protos_defined = -1;
1252	int o, i;
1253
1254	opt_j = -1;
1255	while ((o = getopt(argc, argv, "46cj:Llp:P:qSsUuvw")) != -1)
1256		switch (o) {
1257		case '4':
1258			opt_4 = 1;
1259			break;
1260		case '6':
1261			opt_6 = 1;
1262			break;
1263		case 'c':
1264			opt_c = 1;
1265			break;
1266		case 'j':
1267			opt_j = jail_getid(optarg);
1268			if (opt_j < 0)
1269				errx(1, "%s", jail_errmsg);
1270			break;
1271		case 'L':
1272			opt_L = 1;
1273			break;
1274		case 'l':
1275			opt_l = 1;
1276			break;
1277		case 'p':
1278			parse_ports(optarg);
1279			break;
1280		case 'P':
1281			protos_defined = parse_protos(optarg);
1282			break;
1283		case 'q':
1284			opt_q = 1;
1285			break;
1286		case 'S':
1287			opt_S = 1;
1288			break;
1289		case 's':
1290			opt_s = 1;
1291			break;
1292		case 'U':
1293			opt_U = 1;
1294			break;
1295		case 'u':
1296			opt_u = 1;
1297			break;
1298		case 'v':
1299			++opt_v;
1300			break;
1301		case 'w':
1302			opt_w = 1;
1303			break;
1304		default:
1305			usage();
1306		}
1307
1308	argc -= optind;
1309	argv += optind;
1310
1311	if (argc > 0)
1312		usage();
1313
1314	if ((!opt_4 && !opt_6) && protos_defined != -1)
1315		opt_4 = opt_6 = 1;
1316	if (!opt_4 && !opt_6 && !opt_u)
1317		opt_4 = opt_6 = opt_u = 1;
1318	if ((opt_4 || opt_6) && protos_defined == -1)
1319		protos_defined = set_default_protos();
1320	if (!opt_c && !opt_l)
1321		opt_c = opt_l = 1;
1322
1323	if (opt_4 || opt_6) {
1324		for (i = 0; i < protos_defined; i++)
1325			if (protos[i] == IPPROTO_SCTP)
1326				gather_sctp();
1327			else
1328				gather_inet(protos[i]);
1329	}
1330
1331	if (opt_u || (protos_defined == -1 && !opt_4 && !opt_6)) {
1332		gather_unix(SOCK_STREAM);
1333		gather_unix(SOCK_DGRAM);
1334		gather_unix(SOCK_SEQPACKET);
1335	}
1336	getfiles();
1337	display();
1338	exit(0);
1339}
1340