2 * Copyright (c) 2012 The FreeBSD Foundation
5 * This software was developed by Pawel Jakub Dawidek under sponsorship from
6 * the FreeBSD Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 #include <config/config.h>
32 #include <sys/param.h>
33 #if defined(HAVE_SYS_ENDIAN_H) && defined(HAVE_BSWAP)
34 #include <sys/endian.h>
35 #else /* !HAVE_SYS_ENDIAN_H || !HAVE_BSWAP */
36 #ifdef HAVE_MACHINE_ENDIAN_H
37 #include <machine/endian.h>
38 #else /* !HAVE_MACHINE_ENDIAN_H */
41 #else /* !HAVE_ENDIAN_H */
42 #error "No supported endian.h"
43 #endif /* !HAVE_ENDIAN_H */
44 #endif /* !HAVE_MACHINE_ENDIAN_H */
45 #include <compat/endian.h>
46 #endif /* !HAVE_SYS_ENDIAN_H || !HAVE_BSWAP */
47 #include <sys/queue.h>
67 #include <openssl/hmac.h>
69 #ifndef HAVE_SIGTIMEDWAIT
70 #include "sigtimedwait.h"
73 #include "auditdistd.h"
81 static struct adist_config *adcfg;
82 static struct adist_host *adhost;
84 static pthread_rwlock_t adist_remote_lock;
85 static pthread_mutex_t adist_remote_mtx;
86 static pthread_cond_t adist_remote_cond;
87 static struct trail *adist_trail;
89 static TAILQ_HEAD(, adreq) adist_free_list;
90 static pthread_mutex_t adist_free_list_lock;
91 static pthread_cond_t adist_free_list_cond;
92 static TAILQ_HEAD(, adreq) adist_send_list;
93 static pthread_mutex_t adist_send_list_lock;
94 static pthread_cond_t adist_send_list_cond;
95 static TAILQ_HEAD(, adreq) adist_recv_list;
96 static pthread_mutex_t adist_recv_list_lock;
97 static pthread_cond_t adist_recv_list_cond;
100 init_environment(void)
105 rw_init(&adist_remote_lock);
106 mtx_init(&adist_remote_mtx);
107 cv_init(&adist_remote_cond);
108 TAILQ_INIT(&adist_free_list);
109 mtx_init(&adist_free_list_lock);
110 cv_init(&adist_free_list_cond);
111 TAILQ_INIT(&adist_send_list);
112 mtx_init(&adist_send_list_lock);
113 cv_init(&adist_send_list_cond);
114 TAILQ_INIT(&adist_recv_list);
115 mtx_init(&adist_recv_list_lock);
116 cv_init(&adist_recv_list_cond);
118 for (ii = 0; ii < ADIST_QUEUE_SIZE; ii++) {
119 adreq = malloc(sizeof(*adreq) + ADIST_BUF_SIZE);
121 pjdlog_exitx(EX_TEMPFAIL,
122 "Unable to allocate %zu bytes of memory for adreq object.",
123 sizeof(*adreq) + ADIST_BUF_SIZE);
125 adreq->adr_byteorder = ADIST_BYTEORDER;
126 adreq->adr_cmd = ADIST_CMD_UNDEFINED;
128 adreq->adr_datasize = 0;
129 TAILQ_INSERT_TAIL(&adist_free_list, adreq, adr_next);
136 unsigned char rnd[32], hash[32], resp[32];
137 struct proto_conn *conn;
142 if (proto_send(adhost->adh_conn, &val, sizeof(val)) < 0) {
143 pjdlog_exit(EX_TEMPFAIL,
144 "Unable to send connection request to parent");
146 if (proto_recv(adhost->adh_conn, &val, sizeof(val)) < 0) {
147 pjdlog_exit(EX_TEMPFAIL,
148 "Unable to receive reply to connection request from parent");
152 pjdlog_errno(LOG_WARNING, "Unable to connect to %s",
153 adhost->adh_remoteaddr);
156 if (proto_connection_recv(adhost->adh_conn, true, &conn) < 0) {
157 pjdlog_exit(EX_TEMPFAIL,
158 "Unable to receive connection from parent");
160 if (proto_connect_wait(conn, adcfg->adc_timeout) < 0) {
161 pjdlog_errno(LOG_WARNING, "Unable to connect to %s",
162 adhost->adh_remoteaddr);
166 pjdlog_debug(1, "Connected to %s.", adhost->adh_remoteaddr);
167 /* Error in setting timeout is not critical, but why should it fail? */
168 if (proto_timeout(conn, adcfg->adc_timeout) < 0)
169 pjdlog_errno(LOG_WARNING, "Unable to set connection timeout");
171 pjdlog_debug(1, "Timeout set to %d.", adcfg->adc_timeout);
173 /* Exchange welcome message, which includes version number. */
174 (void)snprintf(welcome, sizeof(welcome), "ADIST%02d", ADIST_VERSION);
175 if (proto_send(conn, welcome, sizeof(welcome)) < 0) {
176 pjdlog_errno(LOG_WARNING,
177 "Unable to send welcome message to %s",
178 adhost->adh_remoteaddr);
182 pjdlog_debug(1, "Welcome message sent (%s).", welcome);
183 bzero(welcome, sizeof(welcome));
184 if (proto_recv(conn, welcome, sizeof(welcome)) < 0) {
185 pjdlog_errno(LOG_WARNING,
186 "Unable to receive welcome message from %s",
187 adhost->adh_remoteaddr);
191 if (strncmp(welcome, "ADIST", 5) != 0 || !isdigit(welcome[5]) ||
192 !isdigit(welcome[6]) || welcome[7] != '\0') {
193 pjdlog_warning("Invalid welcome message from %s.",
194 adhost->adh_remoteaddr);
198 pjdlog_debug(1, "Welcome message received (%s).", welcome);
200 * Receiver can only reply with version number lower or equal to
203 adhost->adh_version = atoi(welcome + 5);
204 if (adhost->adh_version > ADIST_VERSION) {
205 pjdlog_warning("Invalid version number from %s (%d received, up to %d supported).",
206 adhost->adh_remoteaddr, adhost->adh_version, ADIST_VERSION);
211 pjdlog_debug(1, "Version %d negotiated with %s.", adhost->adh_version,
212 adhost->adh_remoteaddr);
214 if (proto_send(conn, adcfg->adc_name, sizeof(adcfg->adc_name)) == -1) {
215 pjdlog_errno(LOG_WARNING, "Unable to send name to %s",
216 adhost->adh_remoteaddr);
220 pjdlog_debug(1, "Name (%s) sent.", adcfg->adc_name);
222 if (proto_recv(conn, rnd, sizeof(rnd)) == -1) {
223 pjdlog_errno(LOG_WARNING, "Unable to receive challenge from %s",
224 adhost->adh_remoteaddr);
228 pjdlog_debug(1, "Challenge received.");
230 if (HMAC(EVP_sha256(), adhost->adh_password,
231 (int)strlen(adhost->adh_password), rnd, (int)sizeof(rnd), hash,
233 pjdlog_warning("Unable to generate response.");
237 pjdlog_debug(1, "Response generated.");
239 if (proto_send(conn, hash, sizeof(hash)) == -1) {
240 pjdlog_errno(LOG_WARNING, "Unable to send response to %s",
241 adhost->adh_remoteaddr);
245 pjdlog_debug(1, "Response sent.");
247 if (adist_random(rnd, sizeof(rnd)) == -1) {
248 pjdlog_warning("Unable to generate challenge.");
252 pjdlog_debug(1, "Challenge generated.");
254 if (proto_send(conn, rnd, sizeof(rnd)) == -1) {
255 pjdlog_errno(LOG_WARNING, "Unable to send challenge to %s",
256 adhost->adh_remoteaddr);
260 pjdlog_debug(1, "Challenge sent.");
262 if (proto_recv(conn, resp, sizeof(resp)) == -1) {
263 pjdlog_errno(LOG_WARNING, "Unable to receive response from %s",
264 adhost->adh_remoteaddr);
268 pjdlog_debug(1, "Response received.");
270 if (HMAC(EVP_sha256(), adhost->adh_password,
271 (int)strlen(adhost->adh_password), rnd, (int)sizeof(rnd), hash,
273 pjdlog_warning("Unable to generate hash.");
277 pjdlog_debug(1, "Hash generated.");
279 if (memcmp(resp, hash, sizeof(hash)) != 0) {
280 pjdlog_warning("Invalid response from %s (wrong password?).",
281 adhost->adh_remoteaddr);
285 pjdlog_info("Receiver authenticated.");
287 if (proto_recv(conn, &adhost->adh_trail_offset,
288 sizeof(adhost->adh_trail_offset)) == -1) {
289 pjdlog_errno(LOG_WARNING,
290 "Unable to receive size of the most recent trail file from %s",
291 adhost->adh_remoteaddr);
295 adhost->adh_trail_offset = le64toh(adhost->adh_trail_offset);
296 if (proto_recv(conn, &adhost->adh_trail_name,
297 sizeof(adhost->adh_trail_name)) == -1) {
298 pjdlog_errno(LOG_WARNING,
299 "Unable to receive name of the most recent trail file from %s",
300 adhost->adh_remoteaddr);
304 pjdlog_debug(1, "Trail name (%s) and offset (%ju) received.",
305 adhost->adh_trail_name, (uintmax_t)adhost->adh_trail_offset);
307 rw_wlock(&adist_remote_lock);
308 mtx_lock(&adist_remote_mtx);
309 PJDLOG_ASSERT(adhost->adh_remote == NULL);
310 PJDLOG_ASSERT(conn != NULL);
311 adhost->adh_remote = conn;
312 mtx_unlock(&adist_remote_mtx);
313 rw_unlock(&adist_remote_lock);
314 cv_signal(&adist_remote_cond);
320 sender_disconnect(void)
323 rw_wlock(&adist_remote_lock);
325 * Check for a race between dropping rlock and acquiring wlock -
326 * another thread can close connection in-between.
328 if (adhost->adh_remote == NULL) {
329 rw_unlock(&adist_remote_lock);
332 pjdlog_debug(2, "Closing connection to %s.", adhost->adh_remoteaddr);
333 proto_close(adhost->adh_remote);
334 mtx_lock(&adist_remote_mtx);
335 adhost->adh_remote = NULL;
336 adhost->adh_reset = true;
337 adhost->adh_trail_name[0] = '\0';
338 adhost->adh_trail_offset = 0;
339 mtx_unlock(&adist_remote_mtx);
340 rw_unlock(&adist_remote_lock);
342 pjdlog_warning("Disconnected from %s.", adhost->adh_remoteaddr);
344 /* Move all in-flight requests back onto free list. */
345 QUEUE_CONCAT2(&adist_free_list, &adist_send_list, &adist_recv_list);
349 adreq_fill(struct adreq *adreq, uint8_t cmd, const unsigned char *data,
352 static uint64_t seq = 1;
354 PJDLOG_ASSERT(size <= ADIST_BUF_SIZE);
358 case ADIST_CMD_CLOSE:
359 PJDLOG_ASSERT(data != NULL && size == 0);
360 size = strlen(data) + 1;
362 case ADIST_CMD_APPEND:
363 PJDLOG_ASSERT(data != NULL && size > 0);
365 case ADIST_CMD_KEEPALIVE:
366 case ADIST_CMD_ERROR:
367 PJDLOG_ASSERT(data == NULL && size == 0);
370 PJDLOG_ABORT("Invalid command (%hhu).", cmd);
373 adreq->adr_cmd = cmd;
374 adreq->adr_seq = seq++;
375 adreq->adr_datasize = size;
376 /* Don't copy if data is already in out buffer. */
377 if (data != NULL && data != adreq->adr_data)
378 bcopy(data, adreq->adr_data, size);
382 read_thread_wait(void)
384 bool newfile = false;
386 mtx_lock(&adist_remote_mtx);
387 if (adhost->adh_reset) {
389 adhost->adh_reset = false;
390 if (trail_filefd(adist_trail) != -1)
391 trail_close(adist_trail);
392 trail_reset(adist_trail);
393 while (adhost->adh_remote == NULL)
394 cv_wait(&adist_remote_cond, &adist_remote_mtx);
395 trail_start(adist_trail, adhost->adh_trail_name,
396 adhost->adh_trail_offset);
399 mtx_unlock(&adist_remote_mtx);
400 while (trail_filefd(adist_trail) == -1) {
404 * We may have been disconnected and reconnected in the
405 * meantime, check if reset is set.
407 mtx_lock(&adist_remote_mtx);
408 if (adhost->adh_reset)
410 mtx_unlock(&adist_remote_mtx);
411 if (trail_filefd(adist_trail) == -1)
412 trail_next(adist_trail);
415 pjdlog_debug(1, "Trail file \"%s/%s\" opened.",
416 adhost->adh_directory,
417 trail_filename(adist_trail));
418 (void)wait_for_file_init(trail_filefd(adist_trail));
424 read_thread(void *arg __unused)
430 pjdlog_debug(1, "%s started.", __func__);
433 newfile = read_thread_wait();
434 QUEUE_TAKE(adreq, &adist_free_list, 0);
436 adreq_fill(adreq, ADIST_CMD_OPEN,
437 trail_filename(adist_trail), 0);
442 done = read(trail_filefd(adist_trail), adreq->adr_data,
449 offset = lseek(trail_filefd(adist_trail), 0, SEEK_CUR);
451 pjdlog_errno(LOG_ERR,
452 "Error while reading \"%s/%s\" at offset %jd",
453 adhost->adh_directory, trail_filename(adist_trail),
455 trail_close(adist_trail);
456 adreq_fill(adreq, ADIST_CMD_ERROR, NULL, 0);
458 } else if (done == 0) {
460 pjdlog_debug(3, "End of \"%s/%s\".",
461 adhost->adh_directory, trail_filename(adist_trail));
462 if (!trail_switch(adist_trail)) {
463 /* More audit records can arrive. */
464 mtx_lock(&adist_free_list_lock);
465 TAILQ_INSERT_TAIL(&adist_free_list, adreq,
467 mtx_unlock(&adist_free_list_lock);
471 adreq_fill(adreq, ADIST_CMD_CLOSE,
472 trail_filename(adist_trail), 0);
473 trail_close(adist_trail);
477 adreq_fill(adreq, ADIST_CMD_APPEND, adreq->adr_data, done);
480 "read thread: Moving request %p to the send queue (%hhu).",
481 adreq, adreq->adr_cmd);
482 QUEUE_INSERT(adreq, &adist_send_list);
493 rw_rlock(&adist_remote_lock);
494 if (adhost->adh_remote == NULL) {
495 rw_unlock(&adist_remote_lock);
498 rw_unlock(&adist_remote_lock);
500 mtx_lock(&adist_free_list_lock);
501 adreq = TAILQ_FIRST(&adist_free_list);
503 TAILQ_REMOVE(&adist_free_list, adreq, adr_next);
504 mtx_unlock(&adist_free_list_lock);
508 adreq_fill(adreq, ADIST_CMD_KEEPALIVE, NULL, 0);
510 QUEUE_INSERT(adreq, &adist_send_list);
512 pjdlog_debug(3, "keepalive_send: Request sent.");
516 send_thread(void *arg __unused)
518 time_t lastcheck, now;
521 pjdlog_debug(1, "%s started.", __func__);
523 lastcheck = time(NULL);
526 pjdlog_debug(3, "send thread: Taking request.");
528 QUEUE_TAKE(adreq, &adist_send_list, ADIST_KEEPALIVE);
532 if (lastcheck + ADIST_KEEPALIVE <= now) {
537 PJDLOG_ASSERT(adreq != NULL);
538 pjdlog_debug(3, "send thread: (%p) Got request %hhu.", adreq,
541 * Protect connection from disappearing.
543 rw_rlock(&adist_remote_lock);
545 * Move the request to the recv queue first to avoid race
546 * where the recv thread receives the reply before we move
547 * the request to the recv queue.
549 QUEUE_INSERT(adreq, &adist_recv_list);
550 if (adhost->adh_remote == NULL ||
551 proto_send(adhost->adh_remote, &adreq->adr_packet,
552 ADPKT_SIZE(adreq)) == -1) {
553 rw_unlock(&adist_remote_lock);
555 "send thread: (%p) Unable to send request.", adreq);
556 if (adhost->adh_remote != NULL)
560 pjdlog_debug(3, "Request %p sent successfully.", adreq);
561 adreq_log(LOG_DEBUG, 2, -1, adreq,
562 "send: (%p) Request sent: ", adreq);
563 rw_unlock(&adist_remote_lock);
571 adrep_decode_header(struct adrep *adrep)
574 /* Byte-swap only if the receiver is using different byte order. */
575 if (adrep->adrp_byteorder != ADIST_BYTEORDER) {
576 adrep->adrp_byteorder = ADIST_BYTEORDER;
577 adrep->adrp_seq = bswap64(adrep->adrp_seq);
578 adrep->adrp_error = bswap16(adrep->adrp_error);
583 recv_thread(void *arg __unused)
588 pjdlog_debug(1, "%s started.", __func__);
591 /* Wait until there is anything to receive. */
592 QUEUE_WAIT(&adist_recv_list);
593 pjdlog_debug(3, "recv thread: Got something.");
594 rw_rlock(&adist_remote_lock);
595 if (adhost->adh_remote == NULL) {
597 * Connection is dead.
598 * There is a short race in sender_disconnect() between
599 * setting adh_remote to NULL and removing entries from
600 * the recv list, which can result in us being here.
601 * To avoid just spinning, wait for 0.1s.
603 rw_unlock(&adist_remote_lock);
607 if (proto_recv(adhost->adh_remote, &adrep,
608 sizeof(adrep)) == -1) {
609 rw_unlock(&adist_remote_lock);
610 pjdlog_errno(LOG_ERR, "Unable to receive reply");
614 rw_unlock(&adist_remote_lock);
615 adrep_decode_header(&adrep);
617 * Find the request that was just confirmed.
619 mtx_lock(&adist_recv_list_lock);
620 TAILQ_FOREACH(adreq, &adist_recv_list, adr_next) {
621 if (adreq->adr_seq == adrep.adrp_seq) {
622 TAILQ_REMOVE(&adist_recv_list, adreq,
629 * If we disconnected in the meantime, just continue.
630 * On disconnect sender_disconnect() clears the queue,
633 if (TAILQ_EMPTY(&adist_recv_list)) {
634 mtx_unlock(&adist_recv_list_lock);
637 mtx_unlock(&adist_recv_list_lock);
638 pjdlog_error("Found no request matching received 'seq' field (%ju).",
639 (uintmax_t)adrep.adrp_seq);
643 mtx_unlock(&adist_recv_list_lock);
644 adreq_log(LOG_DEBUG, 2, -1, adreq,
645 "recv thread: (%p) Request confirmed: ", adreq);
646 pjdlog_debug(3, "recv thread: (%p) Got request %hhu.", adreq,
648 if (adrep.adrp_error != 0) {
649 pjdlog_error("Receiver returned error (%s), disconnecting.",
650 adist_errstr((int)adrep.adrp_error));
654 if (adreq->adr_cmd == ADIST_CMD_CLOSE)
655 trail_unlink(adist_trail, adreq->adr_data);
656 pjdlog_debug(3, "Request received successfully.");
657 QUEUE_INSERT(adreq, &adist_free_list);
664 guard_check_connection(void)
667 PJDLOG_ASSERT(adhost->adh_role == ADIST_ROLE_SENDER);
669 rw_rlock(&adist_remote_lock);
670 if (adhost->adh_remote != NULL) {
671 rw_unlock(&adist_remote_lock);
672 pjdlog_debug(3, "remote_guard: Connection to %s is ok.",
673 adhost->adh_remoteaddr);
678 * Upgrade the lock. It doesn't have to be atomic as no other thread
679 * can change connection status from disconnected to connected.
681 rw_unlock(&adist_remote_lock);
682 pjdlog_debug(1, "remote_guard: Reconnecting to %s.",
683 adhost->adh_remoteaddr);
684 if (sender_connect() == 0) {
685 pjdlog_info("Successfully reconnected to %s.",
686 adhost->adh_remoteaddr);
688 pjdlog_debug(1, "remote_guard: Reconnect to %s failed.",
689 adhost->adh_remoteaddr);
694 * Thread guards remote connections and reconnects when needed, handles
698 guard_thread(void *arg __unused)
700 struct timespec timeout;
701 time_t lastcheck, now;
705 lastcheck = time(NULL);
707 PJDLOG_VERIFY(sigemptyset(&mask) == 0);
708 PJDLOG_VERIFY(sigaddset(&mask, SIGINT) == 0);
709 PJDLOG_VERIFY(sigaddset(&mask, SIGTERM) == 0);
711 timeout.tv_sec = ADIST_KEEPALIVE;
719 sigexit_received = true;
721 "Termination signal received, exiting.");
727 pjdlog_debug(3, "remote_guard: Checking connections.");
729 if (lastcheck + ADIST_KEEPALIVE <= now) {
730 guard_check_connection();
733 signo = sigtimedwait(&mask, NULL, &timeout);
740 adist_sender(struct adist_config *config, struct adist_host *adh)
744 int error, mode, debuglevel;
747 * Create communication channel for sending connection requests from
750 if (proto_connect(NULL, "socketpair://", -1, &adh->adh_conn) == -1) {
751 pjdlog_errno(LOG_ERR,
752 "Unable to create connection sockets between child and parent");
758 pjdlog_errno(LOG_ERR, "Unable to fork");
759 proto_close(adh->adh_conn);
760 adh->adh_conn = NULL;
765 /* This is parent. */
766 adh->adh_worker_pid = pid;
767 /* Declare that we are receiver. */
768 proto_recv(adh->adh_conn, NULL, 0);
775 mode = pjdlog_mode_get();
776 debuglevel = pjdlog_debug_get();
778 /* Declare that we are sender. */
779 proto_send(adhost->adh_conn, NULL, 0);
781 descriptors_cleanup(adhost);
784 descriptors_assert(adhost, mode);
788 pjdlog_debug_set(debuglevel);
789 pjdlog_prefix_set("[%s] (%s) ", adhost->adh_name,
790 role2str(adhost->adh_role));
791 #ifdef HAVE_SETPROCTITLE
792 setproctitle("[%s] (%s) ", adhost->adh_name,
793 role2str(adhost->adh_role));
797 * The sender process should be able to remove entries from its
798 * trail directory, but it should not be able to write to the
799 * trail files, only read from them.
801 adist_trail = trail_new(adhost->adh_directory, false);
802 if (adist_trail == NULL)
805 if (sandbox(ADIST_USER, true, "auditdistd: %s (%s)",
806 role2str(adhost->adh_role), adhost->adh_name) != 0) {
809 pjdlog_info("Privileges successfully dropped.");
812 * We can ignore wait_for_dir_init() failures. It will fall back to
815 (void)wait_for_dir_init(trail_dirfd(adist_trail));
818 if (sender_connect() == 0) {
819 pjdlog_info("Successfully connected to %s.",
820 adhost->adh_remoteaddr);
822 adhost->adh_reset = true;
825 * Create the guard thread first, so we can handle signals from the
828 error = pthread_create(&td, NULL, guard_thread, NULL);
829 PJDLOG_ASSERT(error == 0);
830 error = pthread_create(&td, NULL, send_thread, NULL);
831 PJDLOG_ASSERT(error == 0);
832 error = pthread_create(&td, NULL, recv_thread, NULL);
833 PJDLOG_ASSERT(error == 0);
834 (void)read_thread(NULL);