42
42
#include <stddef.h> /* NULL, size_t, ssize_t */
43
43
#include <stdlib.h> /* free(), EXIT_SUCCESS, EXIT_FAILURE,
45
#include <stdbool.h> /* bool, false, true */
45
#include <stdbool.h> /* bool, true */
46
46
#include <string.h> /* memset(), strcmp(), strlen(),
47
47
strerror(), asprintf(), strcpy() */
48
#include <sys/ioctl.h> /* ioctl */
48
#include <sys/ioctl.h> /* ioctl */
49
49
#include <sys/types.h> /* socket(), inet_pton(), sockaddr,
50
50
sockaddr_in6, PF_INET6,
51
SOCK_STREAM, uid_t, gid_t, open(),
51
SOCK_STREAM, INET6_ADDRSTRLEN,
52
uid_t, gid_t, open(), opendir(),
53
54
#include <sys/stat.h> /* open() */
54
55
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
55
inet_pton(), connect() */
56
struct in6_addr, inet_pton(),
56
58
#include <fcntl.h> /* open() */
57
59
#include <dirent.h> /* opendir(), struct dirent, readdir()
63
65
#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
64
66
SIOCSIFFLAGS, if_indextoname(),
65
67
if_nametoindex(), IF_NAMESIZE */
66
#include <netinet/in.h> /* IN6_IS_ADDR_LINKLOCAL,
67
INET_ADDRSTRLEN, INET6_ADDRSTRLEN
68
#include <netinet/in.h>
69
69
#include <unistd.h> /* close(), SEEK_SET, off_t, write(),
70
70
getuid(), getgid(), setuid(),
72
72
#include <arpa/inet.h> /* inet_pton(), htons */
73
#include <iso646.h> /* not, or, and */
73
#include <iso646.h> /* not, and, or */
74
74
#include <argp.h> /* struct argp_option, error_t, struct
75
75
argp_state, struct argp,
76
76
argp_parse(), ARGP_KEY_ARG,
77
77
ARGP_KEY_END, ARGP_ERR_UNKNOWN */
78
#include <signal.h> /* sigemptyset(), sigaddset(),
79
sigaction(), SIGTERM, sigaction */
82
79
#include <sys/klog.h> /* klogctl() */
133
130
} mandos_context;
135
/* global context so signal handler can reach it*/
139
* Make additional room in "buffer" for at least BUFFER_SIZE
140
* additional bytes. "buffer_capacity" is how much is currently
141
* allocated, "buffer_length" is how much is already used.
133
* Make room in "buffer" for at least BUFFER_SIZE additional bytes.
134
* "buffer_capacity" is how much is currently allocated,
135
* "buffer_length" is how much is already used.
143
size_t incbuffer(char **buffer, size_t buffer_length,
137
size_t adjustbuffer(char **buffer, size_t buffer_length,
144
138
size_t buffer_capacity){
145
139
if(buffer_length + BUFFER_SIZE > buffer_capacity){
146
140
*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
156
150
* Initialize GPGME.
158
static bool init_gpgme(const char *seckey,
152
static bool init_gpgme(mandos_context *mc, const char *seckey,
159
153
const char *pubkey, const char *tempdir){
161
155
gpgme_error_t rc;
185
rc = gpgme_op_import(mc.ctx, pgp_data);
179
rc = gpgme_op_import(mc->ctx, pgp_data);
186
180
if(rc != GPG_ERR_NO_ERROR){
187
181
fprintf(stderr, "bad gpgme_op_import: %s: %s\n",
188
182
gpgme_strsource(rc), gpgme_strerror(rc));
233
227
/* Create new GPGME "context" */
234
rc = gpgme_new(&(mc.ctx));
228
rc = gpgme_new(&(mc->ctx));
235
229
if(rc != GPG_ERR_NO_ERROR){
236
230
fprintf(stderr, "bad gpgme_new: %s: %s\n",
237
231
gpgme_strsource(rc), gpgme_strerror(rc));
249
243
* Decrypt OpenPGP data.
250
244
* Returns -1 on error
252
static ssize_t pgp_packet_decrypt(const char *cryptotext,
246
static ssize_t pgp_packet_decrypt(const mandos_context *mc,
247
const char *cryptotext,
253
248
size_t crypto_size,
254
249
char **plaintext){
255
250
gpgme_data_t dh_crypto, dh_plain;
283
278
/* Decrypt data from the cryptotext data buffer to the plaintext
285
rc = gpgme_op_decrypt(mc.ctx, dh_crypto, dh_plain);
280
rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);
286
281
if(rc != GPG_ERR_NO_ERROR){
287
282
fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
288
283
gpgme_strsource(rc), gpgme_strerror(rc));
289
284
plaintext_length = -1;
291
286
gpgme_decrypt_result_t result;
292
result = gpgme_op_decrypt_result(mc.ctx);
287
result = gpgme_op_decrypt_result(mc->ctx);
293
288
if(result == NULL){
294
289
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
332
327
*plaintext = NULL;
334
plaintext_capacity = incbuffer(plaintext,
329
plaintext_capacity = adjustbuffer(plaintext,
335
330
(size_t)plaintext_length,
336
331
plaintext_capacity);
337
332
if(plaintext_capacity == 0){
333
perror("adjustbuffer");
339
334
plaintext_length = -1;
340
335
goto decrypt_end;
387
382
fprintf(stderr, "GnuTLS: %s", string);
390
static int init_gnutls_global(const char *pubkeyfilename,
385
static int init_gnutls_global(mandos_context *mc,
386
const char *pubkeyfilename,
391
387
const char *seckeyfilename){
413
409
/* OpenPGP credentials */
414
gnutls_certificate_allocate_credentials(&mc.cred);
410
gnutls_certificate_allocate_credentials(&mc->cred);
415
411
if(ret != GNUTLS_E_SUCCESS){
416
412
fprintf(stderr, "GnuTLS memory error: %s\n", /* Spurious warning
420
416
safer_gnutls_strerror(ret));
421
417
gnutls_global_deinit();
431
427
ret = gnutls_certificate_set_openpgp_key_file
432
(mc.cred, pubkeyfilename, seckeyfilename,
428
(mc->cred, pubkeyfilename, seckeyfilename,
433
429
GNUTLS_OPENPGP_FMT_BASE64);
434
430
if(ret != GNUTLS_E_SUCCESS){
443
439
/* GnuTLS server initialization */
444
ret = gnutls_dh_params_init(&mc.dh_params);
440
ret = gnutls_dh_params_init(&mc->dh_params);
445
441
if(ret != GNUTLS_E_SUCCESS){
446
442
fprintf(stderr, "Error in GnuTLS DH parameter initialization:"
447
443
" %s\n", safer_gnutls_strerror(ret));
450
ret = gnutls_dh_params_generate2(mc.dh_params, mc.dh_bits);
446
ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
451
447
if(ret != GNUTLS_E_SUCCESS){
452
448
fprintf(stderr, "Error in GnuTLS prime generation: %s\n",
453
449
safer_gnutls_strerror(ret));
457
gnutls_certificate_set_dh_params(mc.cred, mc.dh_params);
453
gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
463
gnutls_certificate_free_credentials(mc.cred);
459
gnutls_certificate_free_credentials(mc->cred);
464
460
gnutls_global_deinit();
465
gnutls_dh_params_deinit(mc.dh_params);
461
gnutls_dh_params_deinit(mc->dh_params);
469
static int init_gnutls_session(gnutls_session_t *session){
465
static int init_gnutls_session(mandos_context *mc,
466
gnutls_session_t *session){
471
468
/* GnuTLS session creation */
472
469
ret = gnutls_init(session, GNUTLS_SERVER);
480
ret = gnutls_priority_set_direct(*session, mc.priority, &err);
477
ret = gnutls_priority_set_direct(*session, mc->priority, &err);
481
478
if(ret != GNUTLS_E_SUCCESS){
482
479
fprintf(stderr, "Syntax error at: %s\n", err);
483
480
fprintf(stderr, "GnuTLS error: %s\n",
490
487
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
492
489
if(ret != GNUTLS_E_SUCCESS){
493
490
fprintf(stderr, "Error setting GnuTLS credentials: %s\n",
494
491
safer_gnutls_strerror(ret));
500
497
gnutls_certificate_server_set_request(*session,
501
498
GNUTLS_CERT_IGNORE);
503
gnutls_dh_set_prime_bits(*session, mc.dh_bits);
500
gnutls_dh_set_prime_bits(*session, mc->dh_bits);
512
509
/* Called when a Mandos server is found */
513
510
static int start_mandos_communication(const char *ip, uint16_t port,
514
511
AvahiIfIndex if_index,
519
struct sockaddr_in in;
520
struct sockaddr_in6 in6;
515
union { struct sockaddr in; struct sockaddr_in6 in6; } to;
522
516
char *buffer = NULL;
523
517
char *decrypted_buffer;
524
518
size_t buffer_length = 0;
526
520
ssize_t decrypted_buffer_size;
523
char interface[IF_NAMESIZE];
529
524
gnutls_session_t session;
530
int pf; /* Protocol family */
540
fprintf(stderr, "Bad address family: %d\n", af);
544
ret = init_gnutls_session(&session);
526
ret = init_gnutls_session(mc, &session);
550
fprintf(stderr, "Setting up a TCP connection to %s, port %" PRIu16
532
fprintf(stderr, "Setting up a tcp connection to %s, port %" PRIu16
554
tcp_sd = socket(pf, SOCK_STREAM, 0);
536
tcp_sd = socket(PF_INET6, SOCK_STREAM, 0);
556
538
perror("socket");
543
if(if_indextoname((unsigned int)if_index, interface) == NULL){
544
perror("if_indextoname");
547
fprintf(stderr, "Binding to interface %s\n", interface);
560
550
memset(&to, 0, sizeof(to));
562
to.in6.sin6_family = (uint16_t)af;
563
ret = inet_pton(af, ip, &to.in6.sin6_addr);
565
to.in.sin_family = (sa_family_t)af;
566
ret = inet_pton(af, ip, &to.in.sin_addr);
551
to.in6.sin6_family = AF_INET6;
552
/* It would be nice to have a way to detect if we were passed an
553
IPv4 address here. Now we assume an IPv6 address. */
554
ret = inet_pton(AF_INET6, ip, &to.in6.sin6_addr);
569
556
perror("inet_pton");
573
560
fprintf(stderr, "Bad address: %s\n", ip);
577
to.in6.sin6_port = htons(port); /* Spurious warnings from
579
-Wunreachable-code */
581
if(IN6_IS_ADDR_LINKLOCAL /* Spurious warnings from */
582
(&to.in6.sin6_addr)){ /* -Wstrict-aliasing=2 or lower and
584
if(if_index == AVAHI_IF_UNSPEC){
585
fprintf(stderr, "An IPv6 link-local address is incomplete"
586
" without a network interface\n");
589
/* Set the network interface number as scope */
590
to.in6.sin6_scope_id = (uint32_t)if_index;
593
to.in.sin_port = htons(port); /* Spurious warnings from
563
to.in6.sin6_port = htons(port); /* Spurious warnings from
595
565
-Wunreachable-code */
567
to.in6.sin6_scope_id = (uint32_t)if_index;
599
if(af == AF_INET6 and if_index != AVAHI_IF_UNSPEC){
600
char interface[IF_NAMESIZE];
601
if(if_indextoname((unsigned int)if_index, interface) == NULL){
602
perror("if_indextoname");
604
fprintf(stderr, "Connection to: %s%%%s, port %" PRIu16 "\n",
605
ip, interface, port);
608
fprintf(stderr, "Connection to: %s, port %" PRIu16 "\n", ip,
611
char addrstr[(INET_ADDRSTRLEN > INET6_ADDRSTRLEN) ?
612
INET_ADDRSTRLEN : INET6_ADDRSTRLEN] = "";
615
pcret = inet_ntop(af, &(to.in6.sin6_addr), addrstr,
618
pcret = inet_ntop(af, &(to.in.sin_addr), addrstr,
570
fprintf(stderr, "Connection to: %s, port %" PRIu16 "\n", ip,
572
char addrstr[INET6_ADDRSTRLEN] = "";
573
if(inet_ntop(to.in6.sin6_family, &(to.in6.sin6_addr), addrstr,
574
sizeof(addrstr)) == NULL){
622
575
perror("inet_ntop");
624
577
if(strcmp(addrstr, ip) != 0){
631
ret = connect(tcp_sd, &to.in6, sizeof(to));
633
ret = connect(tcp_sd, &to.in, sizeof(to)); /* IPv4 */
583
ret = connect(tcp_sd, &to.in, sizeof(to));
636
585
perror("connect");
683
632
/* Read OpenPGP packet that contains the wanted password */
686
fprintf(stderr, "Retrieving OpenPGP encrypted password from %s\n",
635
fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
691
buffer_capacity = incbuffer(&buffer, buffer_length,
640
buffer_capacity = adjustbuffer(&buffer, buffer_length,
692
641
buffer_capacity);
693
642
if(buffer_capacity == 0){
643
perror("adjustbuffer");
736
685
gnutls_bye(session, GNUTLS_SHUT_RDWR);
738
687
if(buffer_length > 0){
739
decrypted_buffer_size = pgp_packet_decrypt(buffer,
688
decrypted_buffer_size = pgp_packet_decrypt(mc, buffer,
741
690
&decrypted_buffer);
742
691
if(decrypted_buffer_size >= 0){
788
737
AVAHI_GCC_UNUSED AvahiStringList *txt,
789
738
AVAHI_GCC_UNUSED AvahiLookupResultFlags
791
AVAHI_GCC_UNUSED void* userdata){
741
mandos_context *mc = userdata;
794
744
/* Called whenever a service has been resolved successfully or
799
749
case AVAHI_RESOLVER_FAILURE:
800
750
fprintf(stderr, "(Avahi Resolver) Failed to resolve service '%s'"
801
751
" of type '%s' in domain '%s': %s\n", name, type, domain,
802
avahi_strerror(avahi_server_errno(mc.server)));
752
avahi_strerror(avahi_server_errno(mc->server)));
805
755
case AVAHI_RESOLVER_FOUND:
811
761
PRIdMAX ") on port %" PRIu16 "\n", name, host_name,
812
762
ip, (intmax_t)interface, port);
814
int ret = start_mandos_communication(ip, port, interface,
815
avahi_proto_to_af(proto));
764
int ret = start_mandos_communication(ip, port, interface, mc);
817
avahi_simple_poll_quit(mc.simple_poll);
766
avahi_simple_poll_quit(mc->simple_poll);
841
791
case AVAHI_BROWSER_FAILURE:
843
793
fprintf(stderr, "(Avahi browser) %s\n",
844
avahi_strerror(avahi_server_errno(mc.server)));
845
avahi_simple_poll_quit(mc.simple_poll);
794
avahi_strerror(avahi_server_errno(mc->server)));
795
avahi_simple_poll_quit(mc->simple_poll);
848
798
case AVAHI_BROWSER_NEW:
851
801
the callback function is called the Avahi server will free the
852
802
resolver for us. */
854
if(!(avahi_s_service_resolver_new(mc.server, interface,
804
if(!(avahi_s_service_resolver_new(mc->server, interface,
855
805
protocol, name, type, domain,
856
806
AVAHI_PROTO_INET6, 0,
857
resolve_callback, NULL)))
807
resolve_callback, mc)))
858
808
fprintf(stderr, "Avahi: Failed to resolve service '%s': %s\n",
859
name, avahi_strerror(avahi_server_errno(mc.server)));
809
name, avahi_strerror(avahi_server_errno(mc->server)));
862
812
case AVAHI_BROWSER_REMOVE:
874
static void handle_sigterm(__attribute__((unused)) int sig){
875
int old_errno = errno;
876
avahi_simple_poll_quit(mc.simple_poll);
880
824
int main(int argc, char *argv[]){
881
825
AvahiSServiceBrowser *sb = NULL;
896
840
const char *seckey = PATHDIR "/" SECKEY;
897
841
const char *pubkey = PATHDIR "/" PUBKEY;
899
/* Initialize Mandos context */
900
mc = (mandos_context){ .simple_poll = NULL, .server = NULL,
901
.dh_bits = 1024, .priority = "SECURE256"
902
":!CTYPE-X.509:+CTYPE-OPENPGP" };
843
mandos_context mc = { .simple_poll = NULL, .server = NULL,
844
.dh_bits = 1024, .priority = "SECURE256"
845
":!CTYPE-X.509:+CTYPE-OPENPGP" };
903
846
bool gnutls_initialized = false;
904
847
bool gpgme_initialized = false;
905
848
double delay = 2.5;
907
struct sigaction old_sigterm_action;
908
struct sigaction sigterm_action = { .sa_handler = handle_sigterm };
911
851
struct argp_option options[] = {
918
858
{ .name = "interface", .key = 'i',
920
.doc = "Network interface that will be used to search for"
860
.doc = "Interface that will be used to search for Mandos"
923
863
{ .name = "seckey", .key = 's',
1006
946
/* If the interface is down, bring it up */
1007
if(interface[0] != '\0'){
1008
948
#ifdef __linux__
1009
949
/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO
1010
950
messages to mess up the prompt */
1011
951
ret = klogctl(8, NULL, 5);
1012
bool restore_loglevel = true;
1014
restore_loglevel = false;
1015
953
perror("klogctl");
1036
972
perror("ioctl SIOCGIFFLAGS");
1037
973
#ifdef __linux__
1038
if(restore_loglevel){
1039
ret = klogctl(7, NULL, 0);
974
ret = klogctl(7, NULL, 0);
1045
979
exitcode = EXIT_FAILURE;
1052
986
perror("ioctl SIOCSIFFLAGS");
1053
987
exitcode = EXIT_FAILURE;
1054
988
#ifdef __linux__
1055
if(restore_loglevel){
1056
ret = klogctl(7, NULL, 0);
989
ret = klogctl(7, NULL, 0);
1081
1013
perror("close");
1083
1015
#ifdef __linux__
1084
if(restore_loglevel){
1085
/* Restores kernel loglevel to default */
1086
ret = klogctl(7, NULL, 0);
1016
/* Restores kernel loglevel to default */
1017
ret = klogctl(7, NULL, 0);
1105
1034
perror("setuid");
1108
ret = init_gnutls_global(pubkey, seckey);
1037
ret = init_gnutls_global(&mc, pubkey, seckey);
1110
1039
fprintf(stderr, "init_gnutls_global failed\n");
1111
1040
exitcode = EXIT_FAILURE;
1121
1050
tempdir_created = true;
1123
if(not init_gpgme(pubkey, seckey, tempdir)){
1052
if(not init_gpgme(&mc, pubkey, seckey, tempdir)){
1124
1053
fprintf(stderr, "init_gpgme failed\n");
1125
1054
exitcode = EXIT_FAILURE;
1128
1057
gpgme_initialized = true;
1131
if(interface[0] != '\0'){
1132
if_index = (AvahiIfIndex) if_nametoindex(interface);
1134
fprintf(stderr, "No such interface: \"%s\"\n", interface);
1135
exitcode = EXIT_FAILURE;
1060
if_index = (AvahiIfIndex) if_nametoindex(interface);
1062
fprintf(stderr, "No such interface: \"%s\"\n", interface);
1063
exitcode = EXIT_FAILURE;
1140
1067
if(connect_to != NULL){
1157
1084
port = (uint16_t)tmpmax;
1158
1085
*address = '\0';
1159
1086
address = connect_to;
1160
/* Colon in address indicates IPv6 */
1162
if(strchr(address, ':') != NULL){
1167
ret = start_mandos_communication(address, port, if_index, af);
1087
ret = start_mandos_communication(address, port, if_index, &mc);
1169
1089
exitcode = EXIT_FAILURE;
1217
1137
/* Create the Avahi service browser */
1218
1138
sb = avahi_s_service_browser_new(mc.server, if_index,
1219
1139
AVAHI_PROTO_INET6, "_mandos._tcp",
1220
NULL, 0, browse_callback, NULL);
1140
NULL, 0, browse_callback, &mc);
1221
1141
if(sb == NULL){
1222
1142
fprintf(stderr, "Failed to create service browser: %s\n",
1223
1143
avahi_strerror(avahi_server_errno(mc.server)));
1228
sigemptyset(&sigterm_action.sa_mask);
1229
ret = sigaddset(&sigterm_action.sa_mask, SIGTERM);
1231
perror("sigaddset");
1232
exitcode = EXIT_FAILURE;
1235
ret = sigaction(SIGTERM, &sigterm_action, &old_sigterm_action);
1237
perror("sigaction");
1238
exitcode = EXIT_FAILURE;
1242
1148
/* Run the main loop */