+/*** Daemon interface ***/
+
+#include <unistd.h>
+#include <errno.h>
+#include <time.h>
+#include <syslog.h>
+#include <sys/signal.h>
+#include <sys/wait.h>
+#include <sys/poll.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#if 0
+#define DTRACE(msg, args...) fprintf(stderr, msg "\n", ##args)
+#define DLOG(msg, args...) fprintf(stderr, msg "\n", ##args)
+#else
+#define DTRACE(msg, args...) do { } while(0)
+#define DLOG(msg, args...) syslog(LOG_INFO, msg, ##args)
+#endif
+
+#define MAX_CONNECTIONS 50 // Per daemon
+#define MAX_CONNS_PER_IP 1 // Per IP
+#define MAX_TRACKERS 200 // IP address trackers
+#define TBF_MAX 5 // Max number of tokens in the bucket
+#define TBF_REFILL_PER_SEC 0.2 // Bucket refill rate (buckets/sec)
+
+#define PID_FILE "/var/run/pd-minsk.pid"
+#define UID 124
+#define GID 125
+
+static void die(char *msg)
+{
+ fprintf(stderr, "minsk: ");
+ fprintf(stderr, msg);
+ fputc('\n', stderr);
+ exit(1);
+}
+
+static char **spt_argv;
+static char *spt_start, *spt_end;
+
+static void setproctitle_init(int argc, char **argv)
+{
+ int i, len;
+ char **env, **oldenv, *t;
+
+ spt_argv = argv;
+
+ /* Create a backup copy of environment */
+ oldenv = __environ;
+ len = 0;
+ for (i=0; oldenv[i]; i++)
+ len += strlen(oldenv[i]) + 1;
+ __environ = env = malloc(sizeof(char *)*(i+1));
+ t = malloc(len);
+ if (!__environ || !t)
+ die("malloc failed");
+ for (i=0; oldenv[i]; i++)
+ {
+ env[i] = t;
+ len = strlen(oldenv[i]) + 1;
+ memcpy(t, oldenv[i], len);
+ t += len;
+ }
+ env[i] = NULL;
+
+ /* Scan for consecutive free space */
+ spt_start = spt_end = argv[0];
+ for (i=0; i<argc; i++)
+ if (!i || spt_end+1 == argv[i])
+ spt_end = argv[i] + strlen(argv[i]);
+ for (i=0; oldenv[i]; i++)
+ if (spt_end+1 == oldenv[i])
+ spt_end = oldenv[i] + strlen(oldenv[i]);
+}
+
+static void
+setproctitle(const char *msg, ...)
+{
+ va_list args;
+ char buf[256];
+ int n;
+
+ va_start(args, msg);
+ if (spt_end > spt_start)
+ {
+ n = vsnprintf(buf, sizeof(buf), msg, args);
+ if (n >= (int) sizeof(buf) || n < 0)
+ sprintf(buf, "<too-long>");
+ n = spt_end - spt_start;
+ strncpy(spt_start, buf, n);
+ spt_start[n] = 0;
+ spt_argv[0] = spt_start;
+ spt_argv[1] = NULL;
+ }
+ va_end(args);
+}
+
+static void sigchld_handler(int sig __attribute__((unused)))
+{
+}
+
+static void sigalrm_handler(int sig __attribute__((unused)))
+{
+ const char err[] = "--- Timed out. Time machine disconnected. ---\n";
+ write(1, err, sizeof(err));
+ DLOG("Connection timed out");
+ exit(0);
+}
+
+static void child_error_hook(char *err)
+{
+ DLOG("Stopped: %s", err);
+}
+
+static void child(int sk2)
+{
+ dup2(sk2, 0);
+ dup2(sk2, 1);
+ close(sk2);
+
+ struct sigaction sact = {
+ .sa_handler = sigalrm_handler,
+ };
+ if (sigaction(SIGALRM, &sact, NULL) < 0)
+ die("sigaction: %m");
+
+ // Set up limits
+ alarm(60);
+ cpu_quota = 100000;
+ print_quota = 100;
+
+ const char welcome[] = "+++ Welcome to our computer museum. +++\n+++ Our time machine will connect you to one of our exhibits. +++\n\n";
+ write(1, welcome, sizeof(welcome));
+
+ error_hook = child_error_hook;
+ parse_in();
+ run();
+ fflush(stdout);
+ DTRACE("Finished");
+}
+
+struct conn {
+ pid_t pid;
+ struct in_addr addr;
+ struct tracker *tracker;
+};
+
+static struct conn connections[MAX_CONNECTIONS];
+
+static struct conn *get_conn(struct in_addr *a)
+{
+ for (int i=0; i<MAX_CONNECTIONS; i++)
+ {
+ struct conn *c = &connections[i];
+ if (!c->pid)
+ {
+ memcpy(&c->addr, a, sizeof(struct in_addr));
+ return c;
+ }
+ }
+ return NULL;
+}
+
+static struct conn *pid_to_conn(pid_t pid)
+{
+ for (int i=0; i<MAX_CONNECTIONS; i++)
+ {
+ struct conn *c = &connections[i];
+ if (c->pid == pid)
+ return c;
+ }
+ return NULL;
+}
+
+static void put_conn(struct conn *c)
+{
+ c->pid = 0;
+ c->tracker = NULL;
+}
+
+struct tracker {
+ struct in_addr addr;
+ int active_conns;
+ time_t last_access;
+ double tokens;
+};
+
+static struct tracker trackers[MAX_TRACKERS];
+
+static int get_tracker(struct conn *c)
+{
+ struct tracker *t;
+ time_t now = time(NULL);
+ int i;
+
+ for (i=0; i<MAX_TRACKERS; i++)
+ {
+ t = &trackers[i];
+ if (!memcmp(&t->addr, &c->addr, sizeof(struct in_addr)))
+ break;
+ }
+ if (i < MAX_TRACKERS)
+ {
+ if (now > t->last_access)
+ {
+ t->tokens += (now - t->last_access) * (double) TBF_REFILL_PER_SEC;
+ t->last_access = now;
+ if (t->tokens > TBF_MAX)
+ t->tokens = TBF_MAX;
+ }
+ DTRACE("TBF: Using tracker %d (%.3f tokens)", i, t->tokens);
+ }
+ else
+ {
+ int min_i = -1;
+ for (int i=0; i<MAX_TRACKERS; i++)
+ {
+ t = &trackers[i];
+ if (!t->active_conns && (min_i < 0 || t->last_access < trackers[min_i].last_access))
+ min_i = i;
+ }
+ if (min_i < 0)
+ {
+ DLOG("TBF: Out of trackers!");
+ return 0;
+ }
+ t = &trackers[min_i];
+ if (t->last_access)
+ DTRACE("TBF: Recycling tracker %d", min_i);
+ else
+ DTRACE("TBF: Creating tracker %d", min_i);
+ memset(t, 0, sizeof(*t));
+ t->addr = c->addr;
+ t->last_access = now;
+ t->tokens = TBF_MAX;
+ }
+
+ if (t->active_conns >= MAX_CONNS_PER_IP)
+ {
+ DTRACE("TBF: Too many conns per IP");
+ return 0;
+ }
+
+ if (t->tokens >= 0.999)
+ {
+ t->tokens -= 1;
+ t->active_conns++;
+ c->tracker = t;
+ DTRACE("TBF: Passed (%d conns)", t->active_conns);
+ return 1;
+ }
+ else
+ {
+ DTRACE("TBF: Failed");
+ t->tokens = 0;
+ return 0;
+ }
+}
+
+static void put_tracker(struct conn *c)