mirror of
https://github.com/jart/cosmopolitan.git
synced 2025-01-31 11:37:35 +00:00
cf93ecbbb2
The whole repository is now buildable with GNU Make Landlock sandboxing.
This proves that no Makefile targets exist which touch files other than
their declared prerequisites. In order to do this, we had to:
1. Stop code morphing GCC output in package.com and instead run a
newly introduced FIXUPOBJ.COM command after GCC invocations.
2. Disable all the crumby Python unit tests that do things like create
files in the current directory, or rename() files between folders.
This ended up being a lot of tests, but most of them are still ok.
3. Introduce an .UNSANDBOXED variable to GNU Make to disable Landlock.
We currently only do this for things like `make tags`.
4. This change deletes some GNU Make code that was preventing the
execve() optimization from working. This means it should no longer
be necessary in most cases for command invocations to be indirected
through the cocmd interpreter.
5. Missing dependencies had to be declared in certain places, in cases
where they couldn't be automatically determined by MKDEPS.COM
6. The libcxx header situation has finally been tamed. One of the
things that makes this difficult is MKDEPS.COM only wants to
consider the first 64kb of a file, in order to go fast. But libcxx
likes to have #include lines buried after huge documentation.
7. An .UNVEIL variable has been introduced to GNU Make just in case
we ever wish to explicitly specify additional things that need to
be whitelisted which aren't strictly prerequisites. This works in
a manner similar to the recently introduced .EXTRA_PREREQS feature.
There's now a new build/bootstrap/make.com prebuilt binary available. It
should no longer be possible to write invalid Makefile code.
160 lines
4.3 KiB
C
160 lines
4.3 KiB
C
#if 0
|
|
/*─────────────────────────────────────────────────────────────────╗
|
|
│ To the extent possible under law, Justine Tunney has waived │
|
|
│ all copyright and related or neighboring rights to this file, │
|
|
│ as it is written in the following disclaimers: │
|
|
│ • http://unlicense.org/ │
|
|
│ • http://creativecommons.org/publicdomain/zero/1.0/ │
|
|
╚─────────────────────────────────────────────────────────────────*/
|
|
#endif
|
|
#include "libc/calls/calls.h"
|
|
#include "libc/dns/dns.h"
|
|
#include "libc/fmt/conv.h"
|
|
#include "libc/log/log.h"
|
|
#include "libc/macros.internal.h"
|
|
#include "libc/runtime/runtime.h"
|
|
#include "libc/sock/sock.h"
|
|
#include "libc/sock/struct/linger.h"
|
|
#include "libc/sock/struct/pollfd.h"
|
|
#include "libc/stdio/stdio.h"
|
|
#include "libc/str/str.h"
|
|
#include "libc/sysv/consts/af.h"
|
|
#include "libc/sysv/consts/ipproto.h"
|
|
#include "libc/sysv/consts/poll.h"
|
|
#include "libc/sysv/consts/shut.h"
|
|
#include "libc/sysv/consts/so.h"
|
|
#include "libc/sysv/consts/sock.h"
|
|
#include "libc/sysv/consts/sol.h"
|
|
#include "third_party/getopt/getopt.h"
|
|
|
|
/**
|
|
* @fileoverview netcat clone
|
|
*
|
|
* Implemented because BusyBox's netcat doesn't detect remote close and
|
|
* lingers in the CLOSE_WAIT wait possibly due to file descriptor leaks
|
|
*
|
|
* Here's an example usage:
|
|
*
|
|
* make -j8 o//examples/nc.com
|
|
* printf 'GET /\r\nHost: justine.lol\r\n\r\n' | o//examples/nc.com
|
|
* justine.lol 80
|
|
*
|
|
* Once upon time we called this command "telnet"
|
|
*/
|
|
|
|
int main(int argc, char *argv[]) {
|
|
ssize_t rc;
|
|
size_t i, got;
|
|
char buf[1500];
|
|
bool halfclose = true;
|
|
const char *host, *port;
|
|
int opt, err, toto, sock;
|
|
struct addrinfo *ai = NULL;
|
|
struct linger linger = {true, 1};
|
|
struct pollfd fds[2] = {{-1, POLLIN}, {-1, POLLIN}};
|
|
struct addrinfo hint = {AI_NUMERICSERV, AF_INET, SOCK_STREAM, IPPROTO_TCP};
|
|
|
|
while ((opt = getopt(argc, argv, "hH")) != -1) {
|
|
switch (opt) {
|
|
case 'H':
|
|
halfclose = false;
|
|
break;
|
|
case 'h':
|
|
fputs("Usage: ", stdout);
|
|
fputs(argv[0], stdout);
|
|
fputs(" [-hH] IP PORT\n", stdout);
|
|
exit(0);
|
|
default:
|
|
fprintf(stderr, "bad option %d\n", opt);
|
|
exit(1);
|
|
}
|
|
}
|
|
if (argc - optind != 2) {
|
|
fputs("missing args\n", stderr);
|
|
exit(1);
|
|
}
|
|
host = argv[optind + 0];
|
|
port = argv[optind + 1];
|
|
|
|
switch ((rc = getaddrinfo(host, port, &hint, &ai))) {
|
|
case EAI_SUCCESS:
|
|
break;
|
|
case EAI_SYSTEM:
|
|
perror("getaddrinfo");
|
|
exit(1);
|
|
default:
|
|
fputs("EAI_", stderr);
|
|
fputs(gai_strerror(rc), stderr);
|
|
fputs("\n", stderr);
|
|
exit(1);
|
|
}
|
|
|
|
if ((sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol)) == -1) {
|
|
perror("socket");
|
|
exit(1);
|
|
}
|
|
|
|
if (setsockopt(sock, SOL_SOCKET, SO_LINGER, &linger, sizeof(linger)) == -1) {
|
|
perror("setsockopt(SO_LINGER)");
|
|
exit(1);
|
|
}
|
|
|
|
if (connect(sock, ai->ai_addr, ai->ai_addrlen) == -1) {
|
|
perror("connect");
|
|
exit(1);
|
|
}
|
|
|
|
fds[0].fd = 0;
|
|
fds[1].fd = sock;
|
|
for (;;) {
|
|
fds[0].revents = 0;
|
|
fds[1].revents = 0;
|
|
if (poll(fds, ARRAYLEN(fds), -1) == -1) {
|
|
perror("poll");
|
|
exit(1);
|
|
}
|
|
|
|
if (fds[0].revents & (POLLIN | POLLERR | POLLHUP)) {
|
|
if ((rc = read(0, buf, 1400)) == -1) {
|
|
perror("read(stdin)");
|
|
exit(1);
|
|
}
|
|
if (!(got = rc)) {
|
|
if (halfclose) {
|
|
shutdown(sock, SHUT_WR);
|
|
}
|
|
fds[0].fd = -1;
|
|
}
|
|
for (i = 0; i < got; i += rc) {
|
|
if ((rc = write(sock, buf + i, got - i)) == -1) {
|
|
perror("write(sock)");
|
|
exit(1);
|
|
}
|
|
}
|
|
}
|
|
|
|
if (fds[1].revents & (POLLIN | POLLERR | POLLHUP)) {
|
|
if ((rc = read(sock, buf, 1500)) == -1) {
|
|
perror("read(sock)");
|
|
exit(1);
|
|
}
|
|
if (!(got = rc)) {
|
|
break;
|
|
}
|
|
for (i = 0; i < got; i += rc) {
|
|
if ((rc = write(1, buf + i, got - i)) == -1) {
|
|
perror("write(stdout)");
|
|
exit(1);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
if (close(sock) == -1) {
|
|
perror("close");
|
|
exit(1);
|
|
}
|
|
|
|
freeaddrinfo(ai);
|
|
return 0;
|
|
}
|