(root)/mandos/release
» Revision
237.7.780
(compared to revision 237.7.145)
: plugins.d/mandos-client.c
To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to plugins.d/mandos-client.c
- browse files at revision 237.7.780
- compare with another revision
- download diff
- download tarball
- view history from revision 237.7.780
- Committer: Teddy Hogeborn
- Date: 2021-02-01 19:30:45 UTC
- mto: This revision was merged to the branch mainline in revision 404.
- Revision ID: teddy@recompile.se-20210201193045-lpg6aprpc4srem6k
Fix issue with french translation
Initial white space was missing in both msgid and msgstr of the french
translation, leading to checking tools reporing an incomplete
translation. The string is a raw command line command, and therefore
did not need translation, so this was never a user-visible issue.
* debian/po/fr.po: Add missing whitespace to the id and translation
for msgid " mandos-keygen -F/dev/null|grep ^key_id".
Initial white space was missing in both msgid and msgstr of the french
translation, leading to checking tools reporing an incomplete
translation. The string is a raw command line command, and therefore
did not need translation, so this was never a user-visible issue.
* debian/po/fr.po: Add missing whitespace to the id and translation
for msgid " mandos-keygen -F/dev/null|grep ^key_id".
- files added:
- bugs.xml
- debian/tests
- debian/upstream
- dracut-module
- plugin-helpers
- files removed:
- initramfs-tools-hook-conf
- files modified:
- .bzrignore
added
removed
plugins.d/mandos-client.c
9
9
* "browse_callback", and parts of "main".
10
10
*
11
11
* Everything else is
12
* Copyright © 2008-2012 Teddy Hogeborn
13
* Copyright © 2008-2012 Björn Påhlsson
14
*
15
* This program is free software: you can redistribute it and/or
16
* modify it under the terms of the GNU General Public License as
17
* published by the Free Software Foundation, either version 3 of the
18
* License, or (at your option) any later version.
19
*
20
* This program is distributed in the hope that it will be useful, but
12
* Copyright © 2008-2020 Teddy Hogeborn
13
* Copyright © 2008-2020 Björn Påhlsson
14
*
15
* This file is part of Mandos.
16
*
17
* Mandos is free software: you can redistribute it and/or modify it
18
* under the terms of the GNU General Public License as published by
19
* the Free Software Foundation, either version 3 of the License, or
20
* (at your option) any later version.
21
*
22
* Mandos is distributed in the hope that it will be useful, but
21
23
* WITHOUT ANY WARRANTY; without even the implied warranty of
22
24
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
23
25
* General Public License for more details.
24
26
*
25
27
* You should have received a copy of the GNU General Public License
26
* along with this program. If not, see
27
* <http://www.gnu.org/licenses/>.
28
* along with Mandos. If not, see <http://www.gnu.org/licenses/>.
28
29
*
29
30
* Contact the authors at <mandos@recompile.se>.
30
31
*/
32
33
/* Needed by GPGME, specifically gpgme_data_seek() */
33
34
#ifndef _LARGEFILE_SOURCE
34
35
#define _LARGEFILE_SOURCE
35
#endif
36
#endif /* not _LARGEFILE_SOURCE */
36
37
#ifndef _FILE_OFFSET_BITS
37
38
#define _FILE_OFFSET_BITS 64
38
#endif
39
#endif /* not _FILE_OFFSET_BITS */
39
40
40
41
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */
41
42
42
43
#include <stdio.h> /* fprintf(), stderr, fwrite(),
43
stdout, ferror(), remove() */
44
stdout, ferror() */
44
45
#include <stdint.h> /* uint16_t, uint32_t, intptr_t */
45
46
#include <stddef.h> /* NULL, size_t, ssize_t */
46
47
#include <stdlib.h> /* free(), EXIT_SUCCESS, srand(),
47
48
strtof(), abort() */
48
49
#include <stdbool.h> /* bool, false, true */
49
#include <string.h> /* memset(), strcmp(), strlen(),
50
strerror(), asprintf(), strcpy() */
50
#include <string.h> /* strcmp(), strlen(), strerror(),
51
asprintf(), strncpy(), strsignal()
52
*/
51
53
#include <sys/ioctl.h> /* ioctl */
52
54
#include <sys/types.h> /* socket(), inet_pton(), sockaddr,
53
55
sockaddr_in6, PF_INET6,
55
57
opendir(), DIR */
56
58
#include <sys/stat.h> /* open(), S_ISREG */
57
59
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
58
inet_pton(), connect() */
59
#include <fcntl.h> /* open() */
60
inet_pton(), connect(),
61
getnameinfo() */
62
#include <fcntl.h> /* open(), unlinkat(), AT_REMOVEDIR */
60
63
#include <dirent.h> /* opendir(), struct dirent, readdir()
61
64
*/
62
65
#include <inttypes.h> /* PRIu16, PRIdMAX, intmax_t,
63
66
strtoimax() */
64
#include <errno.h> /* perror(), errno,
67
#include <errno.h> /* perror(), errno, EINTR, EINVAL,
68
EAI_SYSTEM, ENETUNREACH,
69
EHOSTUNREACH, ECONNREFUSED, EPROTO,
70
EIO, ENOENT, ENXIO, ENOMEM, EISDIR,
71
ENOTEMPTY,
65
72
program_invocation_short_name */
66
73
#include <time.h> /* nanosleep(), time(), sleep() */
67
74
#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
72
79
*/
73
80
#include <unistd.h> /* close(), SEEK_SET, off_t, write(),
74
81
getuid(), getgid(), seteuid(),
75
setgid(), pause(), _exit() */
76
#include <arpa/inet.h> /* inet_pton(), htons, inet_ntop() */
82
setgid(), pause(), _exit(),
83
unlinkat(), lstat(), symlink() */
84
#include <arpa/inet.h> /* inet_pton(), htons() */
77
85
#include <iso646.h> /* not, or, and */
78
86
#include <argp.h> /* struct argp_option, error_t, struct
79
87
argp_state, struct argp,
91
99
argz_delete(), argz_append(),
92
100
argz_stringify(), argz_add(),
93
101
argz_count() */
102
#include <netdb.h> /* getnameinfo(), NI_NUMERICHOST,
103
EAI_SYSTEM, gai_strerror() */
94
104
95
105
#ifdef __linux__
96
106
#include <sys/klog.h> /* klogctl() */
113
123
gnutls_*
114
124
init_gnutls_session(),
115
125
GNUTLS_* */
126
#if GNUTLS_VERSION_NUMBER < 0x030600
116
127
#include <gnutls/openpgp.h>
117
128
/* gnutls_certificate_set_openpgp_key_file(),
118
129
GNUTLS_OPENPGP_FMT_BASE64 */
130
#elif GNUTLS_VERSION_NUMBER >= 0x030606
131
#include <gnutls/x509.h> /* gnutls_pkcs_encrypt_flags_t,
132
GNUTLS_PKCS_PLAIN,
133
GNUTLS_PKCS_NULL_PASSWORD */
134
#endif
119
135
120
136
/* GPGME */
121
137
#include <gpgme.h> /* All GPGME types, constants and
129
145
#define PATHDIR "/conf/conf.d/mandos"
130
146
#define SECKEY "seckey.txt"
131
147
#define PUBKEY "pubkey.txt"
148
#define TLS_PRIVKEY "tls-privkey.pem"
149
#define TLS_PUBKEY "tls-pubkey.pem"
132
150
#define HOOKDIR "/lib/mandos/network-hooks.d"
133
151
134
152
bool debug = false;
138
156
static const char sys_class_net[] = "/sys/class/net";
139
157
char *connect_to = NULL;
140
158
const char *hookdir = HOOKDIR;
159
int hookdir_fd = -1;
141
160
uid_t uid = 65534;
142
161
gid_t gid = 65534;
143
162
154
173
155
174
/* Used for passing in values through the Avahi callback functions */
156
175
typedef struct {
157
AvahiSimplePoll *simple_poll;
158
176
AvahiServer *server;
159
177
gnutls_certificate_credentials_t cred;
160
178
unsigned int dh_bits;
162
180
const char *priority;
163
181
gpgme_ctx_t ctx;
164
182
server *current_server;
183
char *interfaces;
184
size_t interfaces_size;
165
185
} mandos_context;
166
186
167
/* global context so signal handler can reach it*/
168
mandos_context mc = { .simple_poll = NULL, .server = NULL,
169
.dh_bits = 1024, .priority = "SECURE256"
170
":!CTYPE-X.509:+CTYPE-OPENPGP",
171
.current_server = NULL };
187
/* global so signal handler can reach it*/
188
AvahiSimplePoll *simple_poll;
172
189
173
190
sig_atomic_t quit_now = 0;
174
191
int signal_received = 0;
182
199
perror(print_text);
183
200
}
184
201
185
__attribute__((format (gnu_printf, 2, 3)))
202
__attribute__((format (gnu_printf, 2, 3), nonnull))
186
203
int fprintf_plus(FILE *stream, const char *format, ...){
187
204
va_list ap;
188
205
va_start (ap, format);
189
206
190
207
TEMP_FAILURE_RETRY(fprintf(stream, "Mandos plugin %s: ",
191
208
program_invocation_short_name));
192
return TEMP_FAILURE_RETRY(vfprintf(stream, format, ap));
209
return (int)TEMP_FAILURE_RETRY(vfprintf(stream, format, ap));
193
210
}
194
211
195
212
/*
197
214
* bytes. "buffer_capacity" is how much is currently allocated,
198
215
* "buffer_length" is how much is already used.
199
216
*/
217
__attribute__((nonnull, warn_unused_result))
200
218
size_t incbuffer(char **buffer, size_t buffer_length,
201
219
size_t buffer_capacity){
202
220
if(buffer_length + BUFFER_SIZE > buffer_capacity){
203
*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
204
if(buffer == NULL){
221
char *new_buf = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
222
if(new_buf == NULL){
223
int old_errno = errno;
224
free(*buffer);
225
errno = old_errno;
226
*buffer = NULL;
205
227
return 0;
206
228
}
229
*buffer = new_buf;
207
230
buffer_capacity += BUFFER_SIZE;
208
231
}
209
232
return buffer_capacity;
210
233
}
211
234
212
235
/* Add server to set of servers to retry periodically */
236
__attribute__((nonnull, warn_unused_result))
213
237
bool add_server(const char *ip, in_port_t port, AvahiIfIndex if_index,
214
int af){
238
int af, server **current_server){
215
239
int ret;
216
240
server *new_server = malloc(sizeof(server));
217
241
if(new_server == NULL){
224
248
.af = af };
225
249
if(new_server->ip == NULL){
226
250
perror_plus("strdup");
251
free(new_server);
252
return false;
253
}
254
ret = clock_gettime(CLOCK_MONOTONIC, &(new_server->last_seen));
255
if(ret == -1){
256
perror_plus("clock_gettime");
257
#ifdef __GNUC__
258
#pragma GCC diagnostic push
259
#pragma GCC diagnostic ignored "-Wcast-qual"
260
#endif
261
free((char *)(new_server->ip));
262
#ifdef __GNUC__
263
#pragma GCC diagnostic pop
264
#endif
265
free(new_server);
227
266
return false;
228
267
}
229
268
/* Special case of first server */
230
if (mc.current_server == NULL){
269
if(*current_server == NULL){
231
270
new_server->next = new_server;
232
271
new_server->prev = new_server;
233
mc.current_server = new_server;
234
/* Place the new server last in the list */
272
*current_server = new_server;
235
273
} else {
236
new_server->next = mc.current_server;
237
new_server->prev = mc.current_server->prev;
274
/* Place the new server last in the list */
275
new_server->next = *current_server;
276
new_server->prev = (*current_server)->prev;
238
277
new_server->prev->next = new_server;
239
mc.current_server->prev = new_server;
240
}
241
ret = clock_gettime(CLOCK_MONOTONIC, &mc.current_server->last_seen);
242
if(ret == -1){
243
perror_plus("clock_gettime");
244
return false;
278
(*current_server)->prev = new_server;
245
279
}
246
280
return true;
247
281
}
248
282
283
/* Set effective uid to 0, return errno */
284
__attribute__((warn_unused_result))
285
int raise_privileges(void){
286
int old_errno = errno;
287
int ret = 0;
288
if(seteuid(0) == -1){
289
ret = errno;
290
}
291
errno = old_errno;
292
return ret;
293
}
294
295
/* Set effective and real user ID to 0. Return errno. */
296
__attribute__((warn_unused_result))
297
int raise_privileges_permanently(void){
298
int old_errno = errno;
299
int ret = raise_privileges();
300
if(ret != 0){
301
errno = old_errno;
302
return ret;
303
}
304
if(setuid(0) == -1){
305
ret = errno;
306
}
307
errno = old_errno;
308
return ret;
309
}
310
311
/* Set effective user ID to unprivileged saved user ID */
312
__attribute__((warn_unused_result))
313
int lower_privileges(void){
314
int old_errno = errno;
315
int ret = 0;
316
if(seteuid(uid) == -1){
317
ret = errno;
318
}
319
errno = old_errno;
320
return ret;
321
}
322
323
/* Lower privileges permanently */
324
__attribute__((warn_unused_result))
325
int lower_privileges_permanently(void){
326
int old_errno = errno;
327
int ret = 0;
328
if(setuid(uid) == -1){
329
ret = errno;
330
}
331
errno = old_errno;
332
return ret;
333
}
334
249
335
/*
250
336
* Initialize GPGME.
251
337
*/
252
static bool init_gpgme(const char *seckey, const char *pubkey,
253
const char *tempdir){
338
__attribute__((nonnull, warn_unused_result))
339
static bool init_gpgme(const char * const seckey,
340
const char * const pubkey,
341
const char * const tempdir,
342
mandos_context *mc){
254
343
gpgme_error_t rc;
255
344
gpgme_engine_info_t engine_info;
256
345
257
258
346
/*
259
347
* Helper function to insert pub and seckey to the engine keyring.
260
348
*/
261
bool import_key(const char *filename){
349
bool import_key(const char * const filename){
262
350
int ret;
263
351
int fd;
264
352
gpgme_data_t pgp_data;
269
357
return false;
270
358
}
271
359
360
/* Workaround for systems without a real-time clock; see also
361
Debian bug #894495: <https://bugs.debian.org/894495> */
362
do {
363
{
364
time_t currtime = time(NULL);
365
if(currtime != (time_t)-1){
366
struct tm tm;
367
if(gmtime_r(&currtime, &tm) == NULL) {
368
perror_plus("gmtime_r");
369
break;
370
}
371
if(tm.tm_year != 70 or tm.tm_mon != 0){
372
break;
373
}
374
if(debug){
375
fprintf_plus(stderr, "System clock is January 1970");
376
}
377
} else {
378
if(debug){
379
fprintf_plus(stderr, "System clock is invalid");
380
}
381
}
382
}
383
struct stat keystat;
384
ret = fstat(fd, &keystat);
385
if(ret != 0){
386
perror_plus("fstat");
387
break;
388
}
389
ret = raise_privileges();
390
if(ret != 0){
391
errno = ret;
392
perror_plus("Failed to raise privileges");
393
break;
394
}
395
if(debug){
396
fprintf_plus(stderr,
397
"Setting system clock to key file mtime");
398
}
399
if(clock_settime(CLOCK_REALTIME, &keystat.st_mtim) != 0){
400
perror_plus("clock_settime");
401
}
402
ret = lower_privileges();
403
if(ret != 0){
404
errno = ret;
405
perror_plus("Failed to lower privileges");
406
}
407
} while(false);
408
272
409
rc = gpgme_data_new_from_fd(&pgp_data, fd);
273
410
if(rc != GPG_ERR_NO_ERROR){
274
411
fprintf_plus(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",
276
413
return false;
277
414
}
278
415
279
rc = gpgme_op_import(mc.ctx, pgp_data);
416
rc = gpgme_op_import(mc->ctx, pgp_data);
280
417
if(rc != GPG_ERR_NO_ERROR){
281
418
fprintf_plus(stderr, "bad gpgme_op_import: %s: %s\n",
282
419
gpgme_strsource(rc), gpgme_strerror(rc));
283
420
return false;
284
421
}
422
{
423
gpgme_import_result_t import_result
424
= gpgme_op_import_result(mc->ctx);
425
if((import_result->imported < 1
426
or import_result->not_imported > 0)
427
and import_result->unchanged == 0){
428
fprintf_plus(stderr, "bad gpgme_op_import_results:\n");
429
fprintf_plus(stderr,
430
"The total number of considered keys: %d\n",
431
import_result->considered);
432
fprintf_plus(stderr,
433
"The number of keys without user ID: %d\n",
434
import_result->no_user_id);
435
fprintf_plus(stderr,
436
"The total number of imported keys: %d\n",
437
import_result->imported);
438
fprintf_plus(stderr, "The number of imported RSA keys: %d\n",
439
import_result->imported_rsa);
440
fprintf_plus(stderr, "The number of unchanged keys: %d\n",
441
import_result->unchanged);
442
fprintf_plus(stderr, "The number of new user IDs: %d\n",
443
import_result->new_user_ids);
444
fprintf_plus(stderr, "The number of new sub keys: %d\n",
445
import_result->new_sub_keys);
446
fprintf_plus(stderr, "The number of new signatures: %d\n",
447
import_result->new_signatures);
448
fprintf_plus(stderr, "The number of new revocations: %d\n",
449
import_result->new_revocations);
450
fprintf_plus(stderr,
451
"The total number of secret keys read: %d\n",
452
import_result->secret_read);
453
fprintf_plus(stderr,
454
"The number of imported secret keys: %d\n",
455
import_result->secret_imported);
456
fprintf_plus(stderr,
457
"The number of unchanged secret keys: %d\n",
458
import_result->secret_unchanged);
459
fprintf_plus(stderr, "The number of keys not imported: %d\n",
460
import_result->not_imported);
461
for(gpgme_import_status_t import_status
462
= import_result->imports;
463
import_status != NULL;
464
import_status = import_status->next){
465
fprintf_plus(stderr, "Import status for key: %s\n",
466
import_status->fpr);
467
if(import_status->result != GPG_ERR_NO_ERROR){
468
fprintf_plus(stderr, "Import result: %s: %s\n",
469
gpgme_strsource(import_status->result),
470
gpgme_strerror(import_status->result));
471
}
472
fprintf_plus(stderr, "Key status:\n");
473
fprintf_plus(stderr,
474
import_status->status & GPGME_IMPORT_NEW
475
? "The key was new.\n"
476
: "The key was not new.\n");
477
fprintf_plus(stderr,
478
import_status->status & GPGME_IMPORT_UID
479
? "The key contained new user IDs.\n"
480
: "The key did not contain new user IDs.\n");
481
fprintf_plus(stderr,
482
import_status->status & GPGME_IMPORT_SIG
483
? "The key contained new signatures.\n"
484
: "The key did not contain new signatures.\n");
485
fprintf_plus(stderr,
486
import_status->status & GPGME_IMPORT_SUBKEY
487
? "The key contained new sub keys.\n"
488
: "The key did not contain new sub keys.\n");
489
fprintf_plus(stderr,
490
import_status->status & GPGME_IMPORT_SECRET
491
? "The key contained a secret key.\n"
492
: "The key did not contain a secret key.\n");
493
}
494
return false;
495
}
496
}
285
497
286
ret = (int)TEMP_FAILURE_RETRY(close(fd));
498
ret = close(fd);
287
499
if(ret == -1){
288
500
perror_plus("close");
289
501
}
326
538
}
327
539
328
540
/* Create new GPGME "context" */
329
rc = gpgme_new(&(mc.ctx));
541
rc = gpgme_new(&(mc->ctx));
330
542
if(rc != GPG_ERR_NO_ERROR){
331
fprintf_plus(stderr, "Mandos plugin mandos-client: "
332
"bad gpgme_new: %s: %s\n", gpgme_strsource(rc),
333
gpgme_strerror(rc));
543
fprintf_plus(stderr, "bad gpgme_new: %s: %s\n",
544
gpgme_strsource(rc), gpgme_strerror(rc));
334
545
return false;
335
546
}
336
547
345
556
* Decrypt OpenPGP data.
346
557
* Returns -1 on error
347
558
*/
559
__attribute__((nonnull, warn_unused_result))
348
560
static ssize_t pgp_packet_decrypt(const char *cryptotext,
349
561
size_t crypto_size,
350
char **plaintext){
562
char **plaintext,
563
mandos_context *mc){
351
564
gpgme_data_t dh_crypto, dh_plain;
352
565
gpgme_error_t rc;
353
566
ssize_t ret;
370
583
/* Create new empty GPGME data buffer for the plaintext */
371
584
rc = gpgme_data_new(&dh_plain);
372
585
if(rc != GPG_ERR_NO_ERROR){
373
fprintf_plus(stderr, "Mandos plugin mandos-client: "
374
"bad gpgme_data_new: %s: %s\n",
586
fprintf_plus(stderr, "bad gpgme_data_new: %s: %s\n",
375
587
gpgme_strsource(rc), gpgme_strerror(rc));
376
588
gpgme_data_release(dh_crypto);
377
589
return -1;
379
591
380
592
/* Decrypt data from the cryptotext data buffer to the plaintext
381
593
data buffer */
382
rc = gpgme_op_decrypt(mc.ctx, dh_crypto, dh_plain);
594
rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);
383
595
if(rc != GPG_ERR_NO_ERROR){
384
596
fprintf_plus(stderr, "bad gpgme_op_decrypt: %s: %s\n",
385
597
gpgme_strsource(rc), gpgme_strerror(rc));
386
598
plaintext_length = -1;
387
599
if(debug){
388
600
gpgme_decrypt_result_t result;
389
result = gpgme_op_decrypt_result(mc.ctx);
601
result = gpgme_op_decrypt_result(mc->ctx);
390
602
if(result == NULL){
391
603
fprintf_plus(stderr, "gpgme_op_decrypt_result failed\n");
392
604
} else {
393
fprintf_plus(stderr, "Unsupported algorithm: %s\n",
394
result->unsupported_algorithm);
395
fprintf_plus(stderr, "Wrong key usage: %u\n",
396
result->wrong_key_usage);
605
if(result->unsupported_algorithm != NULL) {
606
fprintf_plus(stderr, "Unsupported algorithm: %s\n",
607
result->unsupported_algorithm);
608
}
609
fprintf_plus(stderr, "Wrong key usage: %s\n",
610
result->wrong_key_usage ? "Yes" : "No");
397
611
if(result->file_name != NULL){
398
612
fprintf_plus(stderr, "File name: %s\n", result->file_name);
399
613
}
400
gpgme_recipient_t recipient;
401
recipient = result->recipients;
402
while(recipient != NULL){
614
615
for(gpgme_recipient_t r = result->recipients; r != NULL;
616
r = r->next){
403
617
fprintf_plus(stderr, "Public key algorithm: %s\n",
404
gpgme_pubkey_algo_name
405
(recipient->pubkey_algo));
406
fprintf_plus(stderr, "Key ID: %s\n", recipient->keyid);
618
gpgme_pubkey_algo_name(r->pubkey_algo));
619
fprintf_plus(stderr, "Key ID: %s\n", r->keyid);
407
620
fprintf_plus(stderr, "Secret key available: %s\n",
408
recipient->status == GPG_ERR_NO_SECKEY
409
? "No" : "Yes");
410
recipient = recipient->next;
621
r->status == GPG_ERR_NO_SECKEY ? "No" : "Yes");
411
622
}
412
623
}
413
624
}
469
680
return plaintext_length;
470
681
}
471
682
472
static const char * safer_gnutls_strerror(int value){
683
__attribute__((warn_unused_result, const))
684
static const char *safe_string(const char *str){
685
if(str == NULL)
686
return "(unknown)";
687
return str;
688
}
689
690
__attribute__((warn_unused_result))
691
static const char *safer_gnutls_strerror(int value){
473
692
const char *ret = gnutls_strerror(value);
474
if(ret == NULL)
475
ret = "(unknown)";
476
return ret;
693
return safe_string(ret);
477
694
}
478
695
479
696
/* GnuTLS log function callback */
697
__attribute__((nonnull))
480
698
static void debuggnutls(__attribute__((unused)) int level,
481
699
const char* string){
482
700
fprintf_plus(stderr, "GnuTLS: %s", string);
483
701
}
484
702
703
__attribute__((nonnull(1, 2, 4), warn_unused_result))
485
704
static int init_gnutls_global(const char *pubkeyfilename,
486
const char *seckeyfilename){
705
const char *seckeyfilename,
706
const char *dhparamsfilename,
707
mandos_context *mc){
487
708
int ret;
488
709
489
710
if(debug){
490
711
fprintf_plus(stderr, "Initializing GnuTLS\n");
491
712
}
492
713
493
ret = gnutls_global_init();
494
if(ret != GNUTLS_E_SUCCESS){
495
fprintf_plus(stderr, "GnuTLS global_init: %s\n",
496
safer_gnutls_strerror(ret));
497
return -1;
498
}
499
500
714
if(debug){
501
715
/* "Use a log level over 10 to enable all debugging options."
502
716
* - GnuTLS manual
506
720
}
507
721
508
722
/* OpenPGP credentials */
509
ret = gnutls_certificate_allocate_credentials(&mc.cred);
723
ret = gnutls_certificate_allocate_credentials(&mc->cred);
510
724
if(ret != GNUTLS_E_SUCCESS){
511
725
fprintf_plus(stderr, "GnuTLS memory error: %s\n",
512
726
safer_gnutls_strerror(ret));
513
gnutls_global_deinit();
514
727
return -1;
515
728
}
516
729
517
730
if(debug){
518
fprintf_plus(stderr, "Attempting to use OpenPGP public key %s and"
519
" secret key %s as GnuTLS credentials\n",
731
fprintf_plus(stderr, "Attempting to use public key %s and"
732
" private key %s as GnuTLS credentials\n",
520
733
pubkeyfilename,
521
734
seckeyfilename);
522
735
}
523
736
737
#if GNUTLS_VERSION_NUMBER >= 0x030606
738
ret = gnutls_certificate_set_rawpk_key_file
739
(mc->cred, pubkeyfilename, seckeyfilename,
740
GNUTLS_X509_FMT_PEM, /* format */
741
NULL, /* pass */
742
/* key_usage */
743
GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
744
NULL, /* names */
745
0, /* names_length */
746
/* privkey_flags */
747
GNUTLS_PKCS_PLAIN | GNUTLS_PKCS_NULL_PASSWORD,
748
0); /* pkcs11_flags */
749
#elif GNUTLS_VERSION_NUMBER < 0x030600
524
750
ret = gnutls_certificate_set_openpgp_key_file
525
(mc.cred, pubkeyfilename, seckeyfilename,
751
(mc->cred, pubkeyfilename, seckeyfilename,
526
752
GNUTLS_OPENPGP_FMT_BASE64);
753
#else
754
#error "Needs GnuTLS 3.6.6 or later, or before 3.6.0"
755
#endif
527
756
if(ret != GNUTLS_E_SUCCESS){
528
757
fprintf_plus(stderr,
529
"Error[%d] while reading the OpenPGP key pair ('%s',"
758
"Error[%d] while reading the key pair ('%s',"
530
759
" '%s')\n", ret, pubkeyfilename, seckeyfilename);
531
760
fprintf_plus(stderr, "The GnuTLS error is: %s\n",
532
761
safer_gnutls_strerror(ret));
534
763
}
535
764
536
765
/* GnuTLS server initialization */
537
ret = gnutls_dh_params_init(&mc.dh_params);
766
ret = gnutls_dh_params_init(&mc->dh_params);
538
767
if(ret != GNUTLS_E_SUCCESS){
539
768
fprintf_plus(stderr, "Error in GnuTLS DH parameter"
540
769
" initialization: %s\n",
541
770
safer_gnutls_strerror(ret));
542
771
goto globalfail;
543
772
}
544
ret = gnutls_dh_params_generate2(mc.dh_params, mc.dh_bits);
545
if(ret != GNUTLS_E_SUCCESS){
546
fprintf_plus(stderr, "Error in GnuTLS prime generation: %s\n",
547
safer_gnutls_strerror(ret));
548
goto globalfail;
549
}
550
551
gnutls_certificate_set_dh_params(mc.cred, mc.dh_params);
773
/* If a Diffie-Hellman parameters file was given, try to use it */
774
if(dhparamsfilename != NULL){
775
gnutls_datum_t params = { .data = NULL, .size = 0 };
776
do {
777
int dhpfile = open(dhparamsfilename, O_RDONLY);
778
if(dhpfile == -1){
779
perror_plus("open");
780
dhparamsfilename = NULL;
781
break;
782
}
783
size_t params_capacity = 0;
784
while(true){
785
params_capacity = incbuffer((char **)¶ms.data,
786
(size_t)params.size,
787
(size_t)params_capacity);
788
if(params_capacity == 0){
789
perror_plus("incbuffer");
790
free(params.data);
791
params.data = NULL;
792
dhparamsfilename = NULL;
793
break;
794
}
795
ssize_t bytes_read = read(dhpfile,
796
params.data + params.size,
797
BUFFER_SIZE);
798
/* EOF */
799
if(bytes_read == 0){
800
break;
801
}
802
/* check bytes_read for failure */
803
if(bytes_read < 0){
804
perror_plus("read");
805
free(params.data);
806
params.data = NULL;
807
dhparamsfilename = NULL;
808
break;
809
}
810
params.size += (unsigned int)bytes_read;
811
}
812
ret = close(dhpfile);
813
if(ret == -1){
814
perror_plus("close");
815
}
816
if(params.data == NULL){
817
dhparamsfilename = NULL;
818
}
819
if(dhparamsfilename == NULL){
820
break;
821
}
822
ret = gnutls_dh_params_import_pkcs3(mc->dh_params, ¶ms,
823
GNUTLS_X509_FMT_PEM);
824
if(ret != GNUTLS_E_SUCCESS){
825
fprintf_plus(stderr, "Failed to parse DH parameters in file"
826
" \"%s\": %s\n", dhparamsfilename,
827
safer_gnutls_strerror(ret));
828
dhparamsfilename = NULL;
829
}
830
free(params.data);
831
} while(false);
832
}
833
if(dhparamsfilename == NULL){
834
if(mc->dh_bits == 0){
835
#if GNUTLS_VERSION_NUMBER < 0x030600
836
/* Find out the optimal number of DH bits */
837
/* Try to read the private key file */
838
gnutls_datum_t buffer = { .data = NULL, .size = 0 };
839
do {
840
int secfile = open(seckeyfilename, O_RDONLY);
841
if(secfile == -1){
842
perror_plus("open");
843
break;
844
}
845
size_t buffer_capacity = 0;
846
while(true){
847
buffer_capacity = incbuffer((char **)&buffer.data,
848
(size_t)buffer.size,
849
(size_t)buffer_capacity);
850
if(buffer_capacity == 0){
851
perror_plus("incbuffer");
852
free(buffer.data);
853
buffer.data = NULL;
854
break;
855
}
856
ssize_t bytes_read = read(secfile,
857
buffer.data + buffer.size,
858
BUFFER_SIZE);
859
/* EOF */
860
if(bytes_read == 0){
861
break;
862
}
863
/* check bytes_read for failure */
864
if(bytes_read < 0){
865
perror_plus("read");
866
free(buffer.data);
867
buffer.data = NULL;
868
break;
869
}
870
buffer.size += (unsigned int)bytes_read;
871
}
872
close(secfile);
873
} while(false);
874
/* If successful, use buffer to parse private key */
875
gnutls_sec_param_t sec_param = GNUTLS_SEC_PARAM_ULTRA;
876
if(buffer.data != NULL){
877
{
878
gnutls_openpgp_privkey_t privkey = NULL;
879
ret = gnutls_openpgp_privkey_init(&privkey);
880
if(ret != GNUTLS_E_SUCCESS){
881
fprintf_plus(stderr, "Error initializing OpenPGP key"
882
" structure: %s",
883
safer_gnutls_strerror(ret));
884
free(buffer.data);
885
buffer.data = NULL;
886
} else {
887
ret = gnutls_openpgp_privkey_import
888
(privkey, &buffer, GNUTLS_OPENPGP_FMT_BASE64, "", 0);
889
if(ret != GNUTLS_E_SUCCESS){
890
fprintf_plus(stderr, "Error importing OpenPGP key : %s",
891
safer_gnutls_strerror(ret));
892
privkey = NULL;
893
}
894
free(buffer.data);
895
buffer.data = NULL;
896
if(privkey != NULL){
897
/* Use private key to suggest an appropriate
898
sec_param */
899
sec_param = gnutls_openpgp_privkey_sec_param(privkey);
900
gnutls_openpgp_privkey_deinit(privkey);
901
if(debug){
902
fprintf_plus(stderr, "This OpenPGP key implies using"
903
" a GnuTLS security parameter \"%s\".\n",
904
safe_string(gnutls_sec_param_get_name
905
(sec_param)));
906
}
907
}
908
}
909
}
910
if(sec_param == GNUTLS_SEC_PARAM_UNKNOWN){
911
/* Err on the side of caution */
912
sec_param = GNUTLS_SEC_PARAM_ULTRA;
913
if(debug){
914
fprintf_plus(stderr, "Falling back to security parameter"
915
" \"%s\"\n",
916
safe_string(gnutls_sec_param_get_name
917
(sec_param)));
918
}
919
}
920
}
921
unsigned int uret = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, sec_param);
922
if(uret != 0){
923
mc->dh_bits = uret;
924
if(debug){
925
fprintf_plus(stderr, "A \"%s\" GnuTLS security parameter"
926
" implies %u DH bits; using that.\n",
927
safe_string(gnutls_sec_param_get_name
928
(sec_param)),
929
mc->dh_bits);
930
}
931
} else {
932
fprintf_plus(stderr, "Failed to get implied number of DH"
933
" bits for security parameter \"%s\"): %s\n",
934
safe_string(gnutls_sec_param_get_name
935
(sec_param)),
936
safer_gnutls_strerror(ret));
937
goto globalfail;
938
}
939
#endif
940
} else { /* dh_bits != 0 */
941
if(debug){
942
fprintf_plus(stderr, "DH bits explicitly set to %u\n",
943
mc->dh_bits);
944
}
945
ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
946
if(ret != GNUTLS_E_SUCCESS){
947
fprintf_plus(stderr, "Error in GnuTLS prime generation (%u"
948
" bits): %s\n", mc->dh_bits,
949
safer_gnutls_strerror(ret));
950
goto globalfail;
951
}
952
gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
953
}
954
}
552
955
553
956
return 0;
554
957
555
958
globalfail:
556
959
557
gnutls_certificate_free_credentials(mc.cred);
558
gnutls_global_deinit();
559
gnutls_dh_params_deinit(mc.dh_params);
960
gnutls_certificate_free_credentials(mc->cred);
961
gnutls_dh_params_deinit(mc->dh_params);
560
962
return -1;
561
963
}
562
964
563
static int init_gnutls_session(gnutls_session_t *session){
965
__attribute__((nonnull, warn_unused_result))
966
static int init_gnutls_session(gnutls_session_t *session,
967
mandos_context *mc){
564
968
int ret;
565
969
/* GnuTLS session creation */
566
970
do {
567
ret = gnutls_init(session, GNUTLS_SERVER);
971
ret = gnutls_init(session, (GNUTLS_SERVER
972
#if GNUTLS_VERSION_NUMBER >= 0x030506
973
| GNUTLS_NO_TICKETS
974
#endif
975
#if GNUTLS_VERSION_NUMBER >= 0x030606
976
| GNUTLS_ENABLE_RAWPK
977
#endif
978
));
568
979
if(quit_now){
569
980
return -1;
570
981
}
578
989
{
579
990
const char *err;
580
991
do {
581
ret = gnutls_priority_set_direct(*session, mc.priority, &err);
992
ret = gnutls_priority_set_direct(*session, mc->priority, &err);
582
993
if(quit_now){
583
994
gnutls_deinit(*session);
584
995
return -1;
595
1006
596
1007
do {
597
1008
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
598
mc.cred);
1009
mc->cred);
599
1010
if(quit_now){
600
1011
gnutls_deinit(*session);
601
1012
return -1;
611
1022
/* ignore client certificate if any. */
612
1023
gnutls_certificate_server_set_request(*session, GNUTLS_CERT_IGNORE);
613
1024
614
gnutls_dh_set_prime_bits(*session, mc.dh_bits);
615
616
1025
return 0;
617
1026
}
618
1027
620
1029
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
621
1030
__attribute__((unused)) const char *txt){}
622
1031
1032
/* Helper function to add_local_route() and delete_local_route() */
1033
__attribute__((nonnull, warn_unused_result))
1034
static bool add_delete_local_route(const bool add,
1035
const char *address,
1036
AvahiIfIndex if_index){
1037
int ret;
1038
char helper[] = "mandos-client-iprouteadddel";
1039
char add_arg[] = "add";
1040
char delete_arg[] = "delete";
1041
char debug_flag[] = "--debug";
1042
char *pluginhelperdir = getenv("MANDOSPLUGINHELPERDIR");
1043
if(pluginhelperdir == NULL){
1044
if(debug){
1045
fprintf_plus(stderr, "MANDOSPLUGINHELPERDIR environment"
1046
" variable not set; cannot run helper\n");
1047
}
1048
return false;
1049
}
1050
1051
char interface[IF_NAMESIZE];
1052
if(if_indextoname((unsigned int)if_index, interface) == NULL){
1053
perror_plus("if_indextoname");
1054
return false;
1055
}
1056
1057
int devnull = (int)TEMP_FAILURE_RETRY(open("/dev/null", O_RDONLY));
1058
if(devnull == -1){
1059
perror_plus("open(\"/dev/null\", O_RDONLY)");
1060
return false;
1061
}
1062
pid_t pid = fork();
1063
if(pid == 0){
1064
/* Child */
1065
/* Raise privileges */
1066
errno = raise_privileges_permanently();
1067
if(errno != 0){
1068
perror_plus("Failed to raise privileges");
1069
/* _exit(EX_NOPERM); */
1070
} else {
1071
/* Set group */
1072
errno = 0;
1073
ret = setgid(0);
1074
if(ret == -1){
1075
perror_plus("setgid");
1076
close(devnull);
1077
_exit(EX_NOPERM);
1078
}
1079
/* Reset supplementary groups */
1080
errno = 0;
1081
ret = setgroups(0, NULL);
1082
if(ret == -1){
1083
perror_plus("setgroups");
1084
close(devnull);
1085
_exit(EX_NOPERM);
1086
}
1087
}
1088
ret = dup2(devnull, STDIN_FILENO);
1089
if(ret == -1){
1090
perror_plus("dup2(devnull, STDIN_FILENO)");
1091
close(devnull);
1092
_exit(EX_OSERR);
1093
}
1094
ret = close(devnull);
1095
if(ret == -1){
1096
perror_plus("close");
1097
}
1098
ret = dup2(STDERR_FILENO, STDOUT_FILENO);
1099
if(ret == -1){
1100
perror_plus("dup2(STDERR_FILENO, STDOUT_FILENO)");
1101
_exit(EX_OSERR);
1102
}
1103
int helperdir_fd = (int)TEMP_FAILURE_RETRY(open(pluginhelperdir,
1104
O_RDONLY
1105
| O_DIRECTORY
1106
| O_PATH
1107
| O_CLOEXEC));
1108
if(helperdir_fd == -1){
1109
perror_plus("open");
1110
_exit(EX_UNAVAILABLE);
1111
}
1112
int helper_fd = (int)TEMP_FAILURE_RETRY(openat(helperdir_fd,
1113
helper, O_RDONLY));
1114
if(helper_fd == -1){
1115
perror_plus("openat");
1116
close(helperdir_fd);
1117
_exit(EX_UNAVAILABLE);
1118
}
1119
close(helperdir_fd);
1120
#ifdef __GNUC__
1121
#pragma GCC diagnostic push
1122
#pragma GCC diagnostic ignored "-Wcast-qual"
1123
#endif
1124
if(fexecve(helper_fd, (char *const [])
1125
{ helper, add ? add_arg : delete_arg, (char *)address,
1126
interface, debug ? debug_flag : NULL, NULL },
1127
environ) == -1){
1128
#ifdef __GNUC__
1129
#pragma GCC diagnostic pop
1130
#endif
1131
perror_plus("fexecve");
1132
_exit(EXIT_FAILURE);
1133
}
1134
}
1135
if(pid == -1){
1136
perror_plus("fork");
1137
close(devnull);
1138
return false;
1139
}
1140
ret = close(devnull);
1141
if(ret == -1){
1142
perror_plus("close");
1143
}
1144
int status;
1145
pid_t pret = -1;
1146
errno = 0;
1147
do {
1148
pret = waitpid(pid, &status, 0);
1149
if(pret == -1 and errno == EINTR and quit_now){
1150
int errno_raising = 0;
1151
if((errno = raise_privileges()) != 0){
1152
errno_raising = errno;
1153
perror_plus("Failed to raise privileges in order to"
1154
" kill helper program");
1155
}
1156
if(kill(pid, SIGTERM) == -1){
1157
perror_plus("kill");
1158
}
1159
if((errno_raising == 0) and (errno = lower_privileges()) != 0){
1160
perror_plus("Failed to lower privileges after killing"
1161
" helper program");
1162
}
1163
return false;
1164
}
1165
} while(pret == -1 and errno == EINTR);
1166
if(pret == -1){
1167
perror_plus("waitpid");
1168
return false;
1169
}
1170
if(WIFEXITED(status)){
1171
if(WEXITSTATUS(status) != 0){
1172
fprintf_plus(stderr, "Error: iprouteadddel exited"
1173
" with status %d\n", WEXITSTATUS(status));
1174
return false;
1175
}
1176
return true;
1177
}
1178
if(WIFSIGNALED(status)){
1179
fprintf_plus(stderr, "Error: iprouteadddel died by"
1180
" signal %d\n", WTERMSIG(status));
1181
return false;
1182
}
1183
fprintf_plus(stderr, "Error: iprouteadddel crashed\n");
1184
return false;
1185
}
1186
1187
__attribute__((nonnull, warn_unused_result))
1188
static bool add_local_route(const char *address,
1189
AvahiIfIndex if_index){
1190
if(debug){
1191
fprintf_plus(stderr, "Adding route to %s\n", address);
1192
}
1193
return add_delete_local_route(true, address, if_index);
1194
}
1195
1196
__attribute__((nonnull, warn_unused_result))
1197
static bool delete_local_route(const char *address,
1198
AvahiIfIndex if_index){
1199
if(debug){
1200
fprintf_plus(stderr, "Removing route to %s\n", address);
1201
}
1202
return add_delete_local_route(false, address, if_index);
1203
}
1204
623
1205
/* Called when a Mandos server is found */
1206
__attribute__((nonnull, warn_unused_result))
624
1207
static int start_mandos_communication(const char *ip, in_port_t port,
625
1208
AvahiIfIndex if_index,
626
int af){
1209
int af, mandos_context *mc){
627
1210
int ret, tcp_sd = -1;
628
1211
ssize_t sret;
629
union {
630
struct sockaddr_in in;
631
struct sockaddr_in6 in6;
632
} to;
1212
struct sockaddr_storage to;
633
1213
char *buffer = NULL;
634
1214
char *decrypted_buffer = NULL;
635
1215
size_t buffer_length = 0;
638
1218
int retval = -1;
639
1219
gnutls_session_t session;
640
1220
int pf; /* Protocol family */
1221
bool route_added = false;
641
1222
642
1223
errno = 0;
643
1224
659
1240
return -1;
660
1241
}
661
1242
662
ret = init_gnutls_session(&session);
1243
/* If the interface is specified and we have a list of interfaces */
1244
if(if_index != AVAHI_IF_UNSPEC and mc->interfaces != NULL){
1245
/* Check if the interface is one of the interfaces we are using */
1246
bool match = false;
1247
{
1248
char *interface = NULL;
1249
while((interface = argz_next(mc->interfaces,
1250
mc->interfaces_size,
1251
interface))){
1252
if(if_nametoindex(interface) == (unsigned int)if_index){
1253
match = true;
1254
break;
1255
}
1256
}
1257
}
1258
if(not match){
1259
/* This interface does not match any in the list, so we don't
1260
connect to the server */
1261
if(debug){
1262
char interface[IF_NAMESIZE];
1263
if(if_indextoname((unsigned int)if_index, interface) == NULL){
1264
perror_plus("if_indextoname");
1265
} else {
1266
fprintf_plus(stderr, "Skipping server on non-used interface"
1267
" \"%s\"\n",
1268
if_indextoname((unsigned int)if_index,
1269
interface));
1270
}
1271
}
1272
return -1;
1273
}
1274
}
1275
1276
ret = init_gnutls_session(&session, mc);
663
1277
if(ret != 0){
664
1278
return -1;
665
1279
}
669
1283
PRIuMAX "\n", ip, (uintmax_t)port);
670
1284
}
671
1285
672
tcp_sd = socket(pf, SOCK_STREAM, 0);
1286
tcp_sd = socket(pf, SOCK_STREAM | SOCK_CLOEXEC, 0);
673
1287
if(tcp_sd < 0){
674
1288
int e = errno;
675
1289
perror_plus("socket");
682
1296
goto mandos_end;
683
1297
}
684
1298
685
memset(&to, 0, sizeof(to));
686
1299
if(af == AF_INET6){
687
to.in6.sin6_family = (sa_family_t)af;
688
ret = inet_pton(af, ip, &to.in6.sin6_addr);
1300
struct sockaddr_in6 *to6 = (struct sockaddr_in6 *)&to;
1301
*to6 = (struct sockaddr_in6){ .sin6_family = (sa_family_t)af };
1302
ret = inet_pton(af, ip, &to6->sin6_addr);
689
1303
} else { /* IPv4 */
690
to.in.sin_family = (sa_family_t)af;
691
ret = inet_pton(af, ip, &to.in.sin_addr);
1304
struct sockaddr_in *to4 = (struct sockaddr_in *)&to;
1305
*to4 = (struct sockaddr_in){ .sin_family = (sa_family_t)af };
1306
ret = inet_pton(af, ip, &to4->sin_addr);
692
1307
}
693
1308
if(ret < 0 ){
694
1309
int e = errno;
703
1318
goto mandos_end;
704
1319
}
705
1320
if(af == AF_INET6){
706
to.in6.sin6_port = htons(port);
707
if(IN6_IS_ADDR_LINKLOCAL /* Spurious warnings from */
708
(&to.in6.sin6_addr)){ /* -Wstrict-aliasing=2 or lower and
709
-Wunreachable-code*/
1321
((struct sockaddr_in6 *)&to)->sin6_port = htons(port);
1322
if(IN6_IS_ADDR_LINKLOCAL
1323
(&((struct sockaddr_in6 *)&to)->sin6_addr)){
710
1324
if(if_index == AVAHI_IF_UNSPEC){
711
1325
fprintf_plus(stderr, "An IPv6 link-local address is"
712
1326
" incomplete without a network interface\n");
714
1328
goto mandos_end;
715
1329
}
716
1330
/* Set the network interface number as scope */
717
to.in6.sin6_scope_id = (uint32_t)if_index;
1331
((struct sockaddr_in6 *)&to)->sin6_scope_id = (uint32_t)if_index;
718
1332
}
719
1333
} else {
720
to.in.sin_port = htons(port); /* Spurious warnings from
721
-Wconversion and
722
-Wunreachable-code */
1334
((struct sockaddr_in *)&to)->sin_port = htons(port);
723
1335
}
724
1336
725
1337
if(quit_now){
742
1354
}
743
1355
char addrstr[(INET_ADDRSTRLEN > INET6_ADDRSTRLEN) ?
744
1356
INET_ADDRSTRLEN : INET6_ADDRSTRLEN] = "";
745
const char *pcret;
746
if(af == AF_INET6){
747
pcret = inet_ntop(af, &(to.in6.sin6_addr), addrstr,
748
sizeof(addrstr));
749
} else {
750
pcret = inet_ntop(af, &(to.in.sin_addr), addrstr,
751
sizeof(addrstr));
752
}
753
if(pcret == NULL){
754
perror_plus("inet_ntop");
755
} else {
756
if(strcmp(addrstr, ip) != 0){
757
fprintf_plus(stderr, "Canonical address form: %s\n", addrstr);
758
}
759
}
760
}
761
762
if(quit_now){
763
errno = EINTR;
764
goto mandos_end;
765
}
766
767
if(af == AF_INET6){
768
ret = connect(tcp_sd, &to.in6, sizeof(to));
769
} else {
770
ret = connect(tcp_sd, &to.in, sizeof(to)); /* IPv4 */
771
}
772
if(ret < 0){
773
if ((errno != ECONNREFUSED and errno != ENETUNREACH) or debug){
774
int e = errno;
775
perror_plus("connect");
776
errno = e;
777
}
778
goto mandos_end;
779
}
780
781
if(quit_now){
782
errno = EINTR;
783
goto mandos_end;
1357
if(af == AF_INET6){
1358
ret = getnameinfo((struct sockaddr *)&to,
1359
sizeof(struct sockaddr_in6),
1360
addrstr, sizeof(addrstr), NULL, 0,
1361
NI_NUMERICHOST);
1362
} else {
1363
ret = getnameinfo((struct sockaddr *)&to,
1364
sizeof(struct sockaddr_in),
1365
addrstr, sizeof(addrstr), NULL, 0,
1366
NI_NUMERICHOST);
1367
}
1368
if(ret == EAI_SYSTEM){
1369
perror_plus("getnameinfo");
1370
} else if(ret != 0) {
1371
fprintf_plus(stderr, "getnameinfo: %s", gai_strerror(ret));
1372
} else if(strcmp(addrstr, ip) != 0){
1373
fprintf_plus(stderr, "Canonical address form: %s\n", addrstr);
1374
}
1375
}
1376
1377
if(quit_now){
1378
errno = EINTR;
1379
goto mandos_end;
1380
}
1381
1382
while(true){
1383
if(af == AF_INET6){
1384
ret = connect(tcp_sd, (struct sockaddr *)&to,
1385
sizeof(struct sockaddr_in6));
1386
} else {
1387
ret = connect(tcp_sd, (struct sockaddr *)&to, /* IPv4 */
1388
sizeof(struct sockaddr_in));
1389
}
1390
if(ret < 0){
1391
if(((errno == ENETUNREACH) or (errno == EHOSTUNREACH))
1392
and if_index != AVAHI_IF_UNSPEC
1393
and connect_to == NULL
1394
and not route_added and
1395
((af == AF_INET6 and not
1396
IN6_IS_ADDR_LINKLOCAL(&(((struct sockaddr_in6 *)
1397
&to)->sin6_addr)))
1398
or (af == AF_INET and
1399
/* Not a a IPv4LL address */
1400
(ntohl(((struct sockaddr_in *)&to)->sin_addr.s_addr)
1401
& 0xFFFF0000L) != 0xA9FE0000L))){
1402
/* Work around Avahi bug - Avahi does not announce link-local
1403
addresses if it has a global address, so local hosts with
1404
*only* a link-local address (e.g. Mandos clients) cannot
1405
connect to a Mandos server announced by Avahi on a server
1406
host with a global address. Work around this by retrying
1407
with an explicit route added with the server's address.
1408
1409
Avahi bug reference:
1410
https://lists.freedesktop.org/archives/avahi/2010-February/001833.html
1411
https://bugs.debian.org/587961
1412
*/
1413
if(debug){
1414
fprintf_plus(stderr, "Mandos server unreachable, trying"
1415
" direct route\n");
1416
}
1417
int e = errno;
1418
route_added = add_local_route(ip, if_index);
1419
if(route_added){
1420
continue;
1421
}
1422
errno = e;
1423
}
1424
if(errno != ECONNREFUSED or debug){
1425
int e = errno;
1426
perror_plus("connect");
1427
errno = e;
1428
}
1429
goto mandos_end;
1430
}
1431
1432
if(quit_now){
1433
errno = EINTR;
1434
goto mandos_end;
1435
}
1436
break;
784
1437
}
785
1438
786
1439
const char *out = mandos_protocol_version;
937
1590
if(buffer_length > 0){
938
1591
ssize_t decrypted_buffer_size;
939
1592
decrypted_buffer_size = pgp_packet_decrypt(buffer, buffer_length,
940
&decrypted_buffer);
1593
&decrypted_buffer, mc);
941
1594
if(decrypted_buffer_size >= 0){
942
1595
1596
clearerr(stdout);
943
1597
written = 0;
944
1598
while(written < (size_t) decrypted_buffer_size){
945
1599
if(quit_now){
961
1615
}
962
1616
written += (size_t)ret;
963
1617
}
1618
ret = fflush(stdout);
1619
if(ret != 0){
1620
int e = errno;
1621
if(debug){
1622
fprintf_plus(stderr, "Error writing encrypted data: %s\n",
1623
strerror(errno));
1624
}
1625
errno = e;
1626
goto mandos_end;
1627
}
964
1628
retval = 0;
965
1629
}
966
1630
}
969
1633
970
1634
mandos_end:
971
1635
{
1636
if(route_added){
1637
if(not delete_local_route(ip, if_index)){
1638
fprintf_plus(stderr, "Failed to delete local route to %s on"
1639
" interface %d", ip, if_index);
1640
}
1641
}
972
1642
int e = errno;
973
1643
free(decrypted_buffer);
974
1644
free(buffer);
975
1645
if(tcp_sd >= 0){
976
ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));
1646
ret = close(tcp_sd);
977
1647
}
978
1648
if(ret == -1){
979
1649
if(e == 0){
1004
1674
AVAHI_GCC_UNUSED AvahiStringList *txt,
1005
1675
AVAHI_GCC_UNUSED AvahiLookupResultFlags
1006
1676
flags,
1007
AVAHI_GCC_UNUSED void* userdata){
1677
void *mc){
1008
1678
if(r == NULL){
1009
1679
return;
1010
1680
}
1013
1683
timed out */
1014
1684
1015
1685
if(quit_now){
1686
avahi_s_service_resolver_free(r);
1016
1687
return;
1017
1688
}
1018
1689
1022
1693
fprintf_plus(stderr, "(Avahi Resolver) Failed to resolve service "
1023
1694
"'%s' of type '%s' in domain '%s': %s\n", name, type,
1024
1695
domain,
1025
avahi_strerror(avahi_server_errno(mc.server)));
1696
avahi_strerror(avahi_server_errno
1697
(((mandos_context*)mc)->server)));
1026
1698
break;
1027
1699
1028
1700
case AVAHI_RESOLVER_FOUND:
1036
1708
}
1037
1709
int ret = start_mandos_communication(ip, (in_port_t)port,
1038
1710
interface,
1039
avahi_proto_to_af(proto));
1711
avahi_proto_to_af(proto),
1712
mc);
1040
1713
if(ret == 0){
1041
avahi_simple_poll_quit(mc.simple_poll);
1714
avahi_simple_poll_quit(simple_poll);
1042
1715
} else {
1043
1716
if(not add_server(ip, (in_port_t)port, interface,
1044
avahi_proto_to_af(proto))){
1717
avahi_proto_to_af(proto),
1718
&((mandos_context*)mc)->current_server)){
1045
1719
fprintf_plus(stderr, "Failed to add server \"%s\" to server"
1046
1720
" list\n", name);
1047
1721
}
1060
1734
const char *domain,
1061
1735
AVAHI_GCC_UNUSED AvahiLookupResultFlags
1062
1736
flags,
1063
AVAHI_GCC_UNUSED void* userdata){
1737
void *mc){
1064
1738
if(b == NULL){
1065
1739
return;
1066
1740
}
1077
1751
case AVAHI_BROWSER_FAILURE:
1078
1752
1079
1753
fprintf_plus(stderr, "(Avahi browser) %s\n",
1080
avahi_strerror(avahi_server_errno(mc.server)));
1081
avahi_simple_poll_quit(mc.simple_poll);
1754
avahi_strerror(avahi_server_errno
1755
(((mandos_context*)mc)->server)));
1756
avahi_simple_poll_quit(simple_poll);
1082
1757
return;
1083
1758
1084
1759
case AVAHI_BROWSER_NEW:
1087
1762
the callback function is called the Avahi server will free the
1088
1763
resolver for us. */
1089
1764
1090
if(avahi_s_service_resolver_new(mc.server, interface, protocol,
1091
name, type, domain, protocol, 0,
1092
resolve_callback, NULL) == NULL)
1765
if(avahi_s_service_resolver_new(((mandos_context*)mc)->server,
1766
interface, protocol, name, type,
1767
domain, protocol, 0,
1768
resolve_callback, mc) == NULL)
1093
1769
fprintf_plus(stderr, "Avahi: Failed to resolve service '%s':"
1094
1770
" %s\n", name,
1095
avahi_strerror(avahi_server_errno(mc.server)));
1771
avahi_strerror(avahi_server_errno
1772
(((mandos_context*)mc)->server)));
1096
1773
break;
1097
1774
1098
1775
case AVAHI_BROWSER_REMOVE:
1117
1794
signal_received = sig;
1118
1795
int old_errno = errno;
1119
1796
/* set main loop to exit */
1120
if(mc.simple_poll != NULL){
1121
avahi_simple_poll_quit(mc.simple_poll);
1797
if(simple_poll != NULL){
1798
avahi_simple_poll_quit(simple_poll);
1122
1799
}
1123
1800
errno = old_errno;
1124
1801
}
1125
1802
1803
__attribute__((nonnull, warn_unused_result))
1126
1804
bool get_flags(const char *ifname, struct ifreq *ifr){
1127
1805
int ret;
1128
error_t ret_errno;
1806
int old_errno;
1129
1807
1130
1808
int s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1131
1809
if(s < 0){
1132
ret_errno = errno;
1810
old_errno = errno;
1133
1811
perror_plus("socket");
1134
errno = ret_errno;
1812
errno = old_errno;
1135
1813
return false;
1136
1814
}
1137
strcpy(ifr->ifr_name, ifname);
1815
strncpy(ifr->ifr_name, ifname, IF_NAMESIZE);
1816
ifr->ifr_name[IF_NAMESIZE-1] = '\0'; /* NUL terminate */
1138
1817
ret = ioctl(s, SIOCGIFFLAGS, ifr);
1139
1818
if(ret == -1){
1140
1819
if(debug){
1141
ret_errno = errno;
1820
old_errno = errno;
1142
1821
perror_plus("ioctl SIOCGIFFLAGS");
1143
errno = ret_errno;
1822
errno = old_errno;
1823
}
1824
if((close(s) == -1) and debug){
1825
old_errno = errno;
1826
perror_plus("close");
1827
errno = old_errno;
1144
1828
}
1145
1829
return false;
1146
1830
}
1831
if((close(s) == -1) and debug){
1832
old_errno = errno;
1833
perror_plus("close");
1834
errno = old_errno;
1835
}
1147
1836
return true;
1148
1837
}
1149
1838
1839
__attribute__((nonnull, warn_unused_result))
1150
1840
bool good_flags(const char *ifname, const struct ifreq *ifr){
1151
1841
1152
1842
/* Reject the loopback device */
1194
1884
* corresponds to an acceptable network device.
1195
1885
* (This function is passed to scandir(3) as a filter function.)
1196
1886
*/
1887
__attribute__((nonnull, warn_unused_result))
1197
1888
int good_interface(const struct dirent *if_entry){
1198
1889
if(if_entry->d_name[0] == '.'){
1199
1890
return 0;
1217
1908
/*
1218
1909
* This function determines if a network interface is up.
1219
1910
*/
1911
__attribute__((nonnull, warn_unused_result))
1220
1912
bool interface_is_up(const char *interface){
1221
1913
struct ifreq ifr;
1222
1914
if(not get_flags(interface, &ifr)){
1233
1925
/*
1234
1926
* This function determines if a network interface is running
1235
1927
*/
1928
__attribute__((nonnull, warn_unused_result))
1236
1929
bool interface_is_running(const char *interface){
1237
1930
struct ifreq ifr;
1238
1931
if(not get_flags(interface, &ifr)){
1246
1939
return (bool)(ifr.ifr_flags & IFF_RUNNING);
1247
1940
}
1248
1941
1942
__attribute__((nonnull, pure, warn_unused_result))
1249
1943
int notdotentries(const struct dirent *direntry){
1250
1944
/* Skip "." and ".." */
1251
1945
if(direntry->d_name[0] == '.'
1258
1952
}
1259
1953
1260
1954
/* Is this directory entry a runnable program? */
1955
__attribute__((nonnull, warn_unused_result))
1261
1956
int runnable_hook(const struct dirent *direntry){
1262
1957
int ret;
1263
1958
size_t sret;
1271
1966
sret = strspn(direntry->d_name, "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
1272
1967
"abcdefghijklmnopqrstuvwxyz"
1273
1968
"0123456789"
1274
"_-");
1969
"_.-");
1275
1970
if((direntry->d_name)[sret] != '\0'){
1276
1971
/* Contains non-allowed characters */
1277
1972
if(debug){
1281
1976
return 0;
1282
1977
}
1283
1978
1284
char *fullname = NULL;
1285
ret = asprintf(&fullname, "%s/%s", hookdir, direntry->d_name);
1286
if(ret < 0){
1287
perror_plus("asprintf");
1288
return 0;
1289
}
1290
1291
ret = stat(fullname, &st);
1979
ret = fstatat(hookdir_fd, direntry->d_name, &st, 0);
1292
1980
if(ret == -1){
1293
1981
if(debug){
1294
1982
perror_plus("Could not stat hook");
1318
2006
return 1;
1319
2007
}
1320
2008
1321
int avahi_loop_with_timeout(AvahiSimplePoll *s, int retry_interval){
2009
__attribute__((nonnull, warn_unused_result))
2010
int avahi_loop_with_timeout(AvahiSimplePoll *s, int retry_interval,
2011
mandos_context *mc){
1322
2012
int ret;
1323
2013
struct timespec now;
1324
2014
struct timespec waited_time;
1325
2015
intmax_t block_time;
1326
2016
1327
2017
while(true){
1328
if(mc.current_server == NULL){
1329
if (debug){
2018
if(mc->current_server == NULL){
2019
if(debug){
1330
2020
fprintf_plus(stderr, "Wait until first server is found."
1331
2021
" No timeout!\n");
1332
2022
}
1333
2023
ret = avahi_simple_poll_iterate(s, -1);
1334
2024
} else {
1335
if (debug){
2025
if(debug){
1336
2026
fprintf_plus(stderr, "Check current_server if we should run"
1337
2027
" it, or wait\n");
1338
2028
}
1345
2035
/* Calculating in ms how long time between now and server
1346
2036
who we visted longest time ago. Now - last seen. */
1347
2037
waited_time.tv_sec = (now.tv_sec
1348
- mc.current_server->last_seen.tv_sec);
2038
- mc->current_server->last_seen.tv_sec);
1349
2039
waited_time.tv_nsec = (now.tv_nsec
1350
- mc.current_server->last_seen.tv_nsec);
2040
- mc->current_server->last_seen.tv_nsec);
1351
2041
/* total time is 10s/10,000ms.
1352
2042
Converting to s from ms by dividing by 1,000,
1353
2043
and ns to ms by dividing by 1,000,000. */
1355
2045
- ((intmax_t)waited_time.tv_sec * 1000))
1356
2046
- ((intmax_t)waited_time.tv_nsec / 1000000));
1357
2047
1358
if (debug){
2048
if(debug){
1359
2049
fprintf_plus(stderr, "Blocking for %" PRIdMAX " ms\n",
1360
2050
block_time);
1361
2051
}
1362
2052
1363
2053
if(block_time <= 0){
1364
ret = start_mandos_communication(mc.current_server->ip,
1365
mc.current_server->port,
1366
mc.current_server->if_index,
1367
mc.current_server->af);
2054
ret = start_mandos_communication(mc->current_server->ip,
2055
mc->current_server->port,
2056
mc->current_server->if_index,
2057
mc->current_server->af, mc);
1368
2058
if(ret == 0){
1369
avahi_simple_poll_quit(mc.simple_poll);
2059
avahi_simple_poll_quit(s);
1370
2060
return 0;
1371
2061
}
1372
2062
ret = clock_gettime(CLOCK_MONOTONIC,
1373
&mc.current_server->last_seen);
2063
&mc->current_server->last_seen);
1374
2064
if(ret == -1){
1375
2065
perror_plus("clock_gettime");
1376
2066
return -1;
1377
2067
}
1378
mc.current_server = mc.current_server->next;
2068
mc->current_server = mc->current_server->next;
1379
2069
block_time = 0; /* Call avahi to find new Mandos
1380
2070
servers, but don't block */
1381
2071
}
1383
2073
ret = avahi_simple_poll_iterate(s, (int)block_time);
1384
2074
}
1385
2075
if(ret != 0){
1386
if (ret > 0 or errno != EINTR){
2076
if(ret > 0 or errno != EINTR){
1387
2077
return (ret != 1) ? ret : 0;
1388
2078
}
1389
2079
}
1390
2080
}
1391
2081
}
1392
2082
1393
/* Set effective uid to 0, return errno */
1394
error_t raise_privileges(void){
1395
error_t old_errno = errno;
1396
error_t ret_errno = 0;
1397
if(seteuid(0) == -1){
1398
ret_errno = errno;
1399
perror_plus("seteuid");
1400
}
1401
errno = old_errno;
1402
return ret_errno;
1403
}
1404
1405
/* Set effective and real user ID to 0. Return errno. */
1406
error_t raise_privileges_permanently(void){
1407
error_t old_errno = errno;
1408
error_t ret_errno = raise_privileges();
1409
if(ret_errno != 0){
1410
errno = old_errno;
1411
return ret_errno;
1412
}
1413
if(setuid(0) == -1){
1414
ret_errno = errno;
1415
perror_plus("seteuid");
1416
}
1417
errno = old_errno;
1418
return ret_errno;
1419
}
1420
1421
/* Set effective user ID to unprivileged saved user ID */
1422
error_t lower_privileges(void){
1423
error_t old_errno = errno;
1424
error_t ret_errno = 0;
1425
if(seteuid(uid) == -1){
1426
ret_errno = errno;
1427
perror_plus("seteuid");
1428
}
1429
errno = old_errno;
1430
return ret_errno;
1431
}
1432
1433
/* Lower privileges permanently */
1434
error_t lower_privileges_permanently(void){
1435
error_t old_errno = errno;
1436
error_t ret_errno = 0;
1437
if(setuid(uid) == -1){
1438
ret_errno = errno;
1439
perror_plus("setuid");
1440
}
1441
errno = old_errno;
1442
return ret_errno;
1443
}
1444
1445
bool run_network_hooks(const char *mode, const char *interface,
2083
__attribute__((nonnull))
2084
void run_network_hooks(const char *mode, const char *interface,
1446
2085
const float delay){
1447
struct dirent **direntries;
1448
struct dirent *direntry;
1449
int ret;
1450
int numhooks = scandir(hookdir, &direntries, runnable_hook,
1451
alphasort);
2086
struct dirent **direntries = NULL;
2087
if(hookdir_fd == -1){
2088
hookdir_fd = open(hookdir, O_RDONLY | O_DIRECTORY | O_PATH
2089
| O_CLOEXEC);
2090
if(hookdir_fd == -1){
2091
if(errno == ENOENT){
2092
if(debug){
2093
fprintf_plus(stderr, "Network hook directory \"%s\" not"
2094
" found\n", hookdir);
2095
}
2096
} else {
2097
perror_plus("open");
2098
}
2099
return;
2100
}
2101
}
2102
int devnull = (int)TEMP_FAILURE_RETRY(open("/dev/null", O_RDONLY));
2103
if(devnull == -1){
2104
perror_plus("open(\"/dev/null\", O_RDONLY)");
2105
return;
2106
}
2107
int numhooks = scandirat(hookdir_fd, ".", &direntries,
2108
runnable_hook, alphasort);
1452
2109
if(numhooks == -1){
1453
2110
perror_plus("scandir");
1454
} else {
1455
int devnull = open("/dev/null", O_RDONLY);
1456
for(int i = 0; i < numhooks; i++){
1457
direntry = direntries[i];
1458
char *fullname = NULL;
1459
ret = asprintf(&fullname, "%s/%s", hookdir, direntry->d_name);
1460
if(ret < 0){
2111
close(devnull);
2112
return;
2113
}
2114
struct dirent *direntry;
2115
int ret;
2116
for(int i = 0; i < numhooks; i++){
2117
direntry = direntries[i];
2118
if(debug){
2119
fprintf_plus(stderr, "Running network hook \"%s\"\n",
2120
direntry->d_name);
2121
}
2122
pid_t hook_pid = fork();
2123
if(hook_pid == 0){
2124
/* Child */
2125
/* Raise privileges */
2126
errno = raise_privileges_permanently();
2127
if(errno != 0){
2128
perror_plus("Failed to raise privileges");
2129
_exit(EX_NOPERM);
2130
}
2131
/* Set group */
2132
errno = 0;
2133
ret = setgid(0);
2134
if(ret == -1){
2135
perror_plus("setgid");
2136
_exit(EX_NOPERM);
2137
}
2138
/* Reset supplementary groups */
2139
errno = 0;
2140
ret = setgroups(0, NULL);
2141
if(ret == -1){
2142
perror_plus("setgroups");
2143
_exit(EX_NOPERM);
2144
}
2145
ret = setenv("MANDOSNETHOOKDIR", hookdir, 1);
2146
if(ret == -1){
2147
perror_plus("setenv");
2148
_exit(EX_OSERR);
2149
}
2150
ret = setenv("DEVICE", interface, 1);
2151
if(ret == -1){
2152
perror_plus("setenv");
2153
_exit(EX_OSERR);
2154
}
2155
ret = setenv("VERBOSITY", debug ? "1" : "0", 1);
2156
if(ret == -1){
2157
perror_plus("setenv");
2158
_exit(EX_OSERR);
2159
}
2160
ret = setenv("MODE", mode, 1);
2161
if(ret == -1){
2162
perror_plus("setenv");
2163
_exit(EX_OSERR);
2164
}
2165
char *delaystring;
2166
ret = asprintf(&delaystring, "%f", (double)delay);
2167
if(ret == -1){
1461
2168
perror_plus("asprintf");
1462
continue;
1463
}
1464
if(debug){
1465
fprintf_plus(stderr, "Running network hook \"%s\"\n",
1466
direntry->d_name);
1467
}
1468
pid_t hook_pid = fork();
1469
if(hook_pid == 0){
1470
/* Child */
1471
/* Raise privileges */
1472
raise_privileges_permanently();
1473
/* Set group */
1474
errno = 0;
1475
ret = setgid(0);
1476
if(ret == -1){
1477
perror_plus("setgid");
1478
}
1479
/* Reset supplementary groups */
1480
errno = 0;
1481
ret = setgroups(0, NULL);
1482
if(ret == -1){
1483
perror_plus("setgroups");
1484
}
1485
dup2(devnull, STDIN_FILENO);
1486
close(devnull);
1487
dup2(STDERR_FILENO, STDOUT_FILENO);
1488
ret = setenv("MANDOSNETHOOKDIR", hookdir, 1);
1489
if(ret == -1){
1490
perror_plus("setenv");
1491
_exit(EX_OSERR);
1492
}
1493
ret = setenv("DEVICE", interface, 1);
1494
if(ret == -1){
1495
perror_plus("setenv");
1496
_exit(EX_OSERR);
1497
}
1498
ret = setenv("VERBOSITY", debug ? "1" : "0", 1);
1499
if(ret == -1){
1500
perror_plus("setenv");
1501
_exit(EX_OSERR);
1502
}
1503
ret = setenv("MODE", mode, 1);
1504
if(ret == -1){
1505
perror_plus("setenv");
1506
_exit(EX_OSERR);
1507
}
1508
char *delaystring;
1509
ret = asprintf(&delaystring, "%f", delay);
1510
if(ret == -1){
1511
perror_plus("asprintf");
1512
_exit(EX_OSERR);
1513
}
1514
ret = setenv("DELAY", delaystring, 1);
1515
if(ret == -1){
1516
free(delaystring);
1517
perror_plus("setenv");
1518
_exit(EX_OSERR);
1519
}
2169
_exit(EX_OSERR);
2170
}
2171
ret = setenv("DELAY", delaystring, 1);
2172
if(ret == -1){
1520
2173
free(delaystring);
1521
if(connect_to != NULL){
1522
ret = setenv("CONNECT", connect_to, 1);
1523
if(ret == -1){
1524
perror_plus("setenv");
1525
_exit(EX_OSERR);
1526
}
1527
}
1528
if(execl(fullname, direntry->d_name, mode, NULL) == -1){
1529
perror_plus("execl");
1530
_exit(EXIT_FAILURE);
1531
}
2174
perror_plus("setenv");
2175
_exit(EX_OSERR);
2176
}
2177
free(delaystring);
2178
if(connect_to != NULL){
2179
ret = setenv("CONNECT", connect_to, 1);
2180
if(ret == -1){
2181
perror_plus("setenv");
2182
_exit(EX_OSERR);
2183
}
2184
}
2185
int hook_fd = (int)TEMP_FAILURE_RETRY(openat(hookdir_fd,
2186
direntry->d_name,
2187
O_RDONLY));
2188
if(hook_fd == -1){
2189
perror_plus("openat");
2190
_exit(EXIT_FAILURE);
2191
}
2192
if(close(hookdir_fd) == -1){
2193
perror_plus("close");
2194
_exit(EXIT_FAILURE);
2195
}
2196
ret = dup2(devnull, STDIN_FILENO);
2197
if(ret == -1){
2198
perror_plus("dup2(devnull, STDIN_FILENO)");
2199
_exit(EX_OSERR);
2200
}
2201
ret = close(devnull);
2202
if(ret == -1){
2203
perror_plus("close");
2204
_exit(EX_OSERR);
2205
}
2206
ret = dup2(STDERR_FILENO, STDOUT_FILENO);
2207
if(ret == -1){
2208
perror_plus("dup2(STDERR_FILENO, STDOUT_FILENO)");
2209
_exit(EX_OSERR);
2210
}
2211
if(fexecve(hook_fd, (char *const []){ direntry->d_name, NULL },
2212
environ) == -1){
2213
perror_plus("fexecve");
2214
_exit(EXIT_FAILURE);
2215
}
2216
} else {
2217
if(hook_pid == -1){
2218
perror_plus("fork");
2219
free(direntry);
2220
continue;
2221
}
2222
int status;
2223
if(TEMP_FAILURE_RETRY(waitpid(hook_pid, &status, 0)) == -1){
2224
perror_plus("waitpid");
2225
free(direntry);
2226
continue;
2227
}
2228
if(WIFEXITED(status)){
2229
if(WEXITSTATUS(status) != 0){
2230
fprintf_plus(stderr, "Warning: network hook \"%s\" exited"
2231
" with status %d\n", direntry->d_name,
2232
WEXITSTATUS(status));
2233
free(direntry);
2234
continue;
2235
}
2236
} else if(WIFSIGNALED(status)){
2237
fprintf_plus(stderr, "Warning: network hook \"%s\" died by"
2238
" signal %d\n", direntry->d_name,
2239
WTERMSIG(status));
2240
free(direntry);
2241
continue;
1532
2242
} else {
1533
int status;
1534
if(TEMP_FAILURE_RETRY(waitpid(hook_pid, &status, 0)) == -1){
1535
perror_plus("waitpid");
1536
free(fullname);
1537
continue;
1538
}
1539
if(WIFEXITED(status)){
1540
if(WEXITSTATUS(status) != 0){
1541
fprintf_plus(stderr, "Warning: network hook \"%s\" exited"
1542
" with status %d\n", direntry->d_name,
1543
WEXITSTATUS(status));
1544
free(fullname);
1545
continue;
1546
}
1547
} else if(WIFSIGNALED(status)){
1548
fprintf_plus(stderr, "Warning: network hook \"%s\" died by"
1549
" signal %d\n", direntry->d_name,
1550
WTERMSIG(status));
1551
free(fullname);
1552
continue;
1553
} else {
1554
fprintf_plus(stderr, "Warning: network hook \"%s\""
1555
" crashed\n", direntry->d_name);
1556
free(fullname);
1557
continue;
1558
}
1559
}
1560
free(fullname);
1561
if(debug){
1562
fprintf_plus(stderr, "Network hook \"%s\" ran successfully\n",
1563
direntry->d_name);
1564
}
1565
}
1566
close(devnull);
1567
}
1568
return true;
2243
fprintf_plus(stderr, "Warning: network hook \"%s\""
2244
" crashed\n", direntry->d_name);
2245
free(direntry);
2246
continue;
2247
}
2248
}
2249
if(debug){
2250
fprintf_plus(stderr, "Network hook \"%s\" ran successfully\n",
2251
direntry->d_name);
2252
}
2253
free(direntry);
2254
}
2255
free(direntries);
2256
if(close(hookdir_fd) == -1){
2257
perror_plus("close");
2258
} else {
2259
hookdir_fd = -1;
2260
}
2261
close(devnull);
1569
2262
}
1570
2263
1571
error_t bring_up_interface(const char *const interface,
1572
const float delay){
1573
int sd = -1;
1574
error_t old_errno = errno;
1575
error_t ret_errno = 0;
1576
int ret, ret_setflags;
2264
__attribute__((nonnull, warn_unused_result))
2265
int bring_up_interface(const char *const interface,
2266
const float delay){
2267
int old_errno = errno;
2268
int ret;
1577
2269
struct ifreq network;
1578
2270
unsigned int if_index = if_nametoindex(interface);
1579
2271
if(if_index == 0){
1588
2280
}
1589
2281
1590
2282
if(not interface_is_up(interface)){
1591
if(not get_flags(interface, &network) and debug){
2283
int ret_errno = 0;
2284
int ioctl_errno = 0;
2285
if(not get_flags(interface, &network)){
1592
2286
ret_errno = errno;
1593
2287
fprintf_plus(stderr, "Failed to get flags for interface "
1594
2288
"\"%s\"\n", interface);
2289
errno = old_errno;
1595
2290
return ret_errno;
1596
2291
}
1597
network.ifr_flags |= IFF_UP;
2292
network.ifr_flags |= IFF_UP; /* set flag */
1598
2293
1599
sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1600
if(sd < 0){
2294
int sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
2295
if(sd == -1){
1601
2296
ret_errno = errno;
1602
2297
perror_plus("socket");
1603
2298
errno = old_errno;
1604
2299
return ret_errno;
1605
2300
}
1606
2301
1607
2302
if(quit_now){
1608
close(sd);
2303
ret = close(sd);
2304
if(ret == -1){
2305
perror_plus("close");
2306
}
1609
2307
errno = old_errno;
1610
2308
return EINTR;
1611
2309
}
1615
2313
interface);
1616
2314
}
1617
2315
1618
/* Raise priviliges */
1619
raise_privileges();
2316
/* Raise privileges */
2317
ret_errno = raise_privileges();
2318
if(ret_errno != 0){
2319
errno = ret_errno;
2320
perror_plus("Failed to raise privileges");
2321
}
1620
2322
1621
2323
#ifdef __linux__
1622
/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO
1623
messages about the network interface to mess up the prompt */
1624
int ret_linux = klogctl(8, NULL, 5);
1625
bool restore_loglevel = true;
1626
if(ret_linux == -1){
1627
restore_loglevel = false;
1628
perror_plus("klogctl");
2324
int ret_linux;
2325
bool restore_loglevel = false;
2326
if(ret_errno == 0){
2327
/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO
2328
messages about the network interface to mess up the prompt */
2329
ret_linux = klogctl(8, NULL, 5);
2330
if(ret_linux == -1){
2331
perror_plus("klogctl");
2332
} else {
2333
restore_loglevel = true;
2334
}
1629
2335
}
1630
2336
#endif /* __linux__ */
1631
ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
1632
ret_errno = errno;
2337
int ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
2338
ioctl_errno = errno;
1633
2339
#ifdef __linux__
1634
2340
if(restore_loglevel){
1635
2341
ret_linux = klogctl(7, NULL, 0);
1639
2345
}
1640
2346
#endif /* __linux__ */
1641
2347
1642
/* Lower privileges */
1643
lower_privileges();
2348
/* If raise_privileges() succeeded above */
2349
if(ret_errno == 0){
2350
/* Lower privileges */
2351
ret_errno = lower_privileges();
2352
if(ret_errno != 0){
2353
errno = ret_errno;
2354
perror_plus("Failed to lower privileges");
2355
}
2356
}
1644
2357
1645
2358
/* Close the socket */
1646
ret = (int)TEMP_FAILURE_RETRY(close(sd));
2359
ret = close(sd);
1647
2360
if(ret == -1){
1648
2361
perror_plus("close");
1649
2362
}
1650
2363
1651
2364
if(ret_setflags == -1){
1652
errno = ret_errno;
2365
errno = ioctl_errno;
1653
2366
perror_plus("ioctl SIOCSIFFLAGS +IFF_UP");
1654
2367
errno = old_errno;
1655
return ret_errno;
2368
return ioctl_errno;
1656
2369
}
1657
2370
} else if(debug){
1658
2371
fprintf_plus(stderr, "Interface \"%s\" is already up; good\n",
1661
2374
1662
2375
/* Sleep checking until interface is running.
1663
2376
Check every 0.25s, up to total time of delay */
1664
for(int i=0; i < delay * 4; i++){
2377
for(int i = 0; i < delay * 4; i++){
1665
2378
if(interface_is_running(interface)){
1666
2379
break;
1667
2380
}
1676
2389
return 0;
1677
2390
}
1678
2391
1679
error_t take_down_interface(const char *const interface){
1680
int sd = -1;
1681
error_t old_errno = errno;
1682
error_t ret_errno = 0;
1683
int ret, ret_setflags;
2392
__attribute__((nonnull, warn_unused_result))
2393
int take_down_interface(const char *const interface){
2394
int old_errno = errno;
1684
2395
struct ifreq network;
1685
2396
unsigned int if_index = if_nametoindex(interface);
1686
2397
if(if_index == 0){
1689
2400
return ENXIO;
1690
2401
}
1691
2402
if(interface_is_up(interface)){
2403
int ret_errno = 0;
2404
int ioctl_errno = 0;
1692
2405
if(not get_flags(interface, &network) and debug){
1693
2406
ret_errno = errno;
1694
2407
fprintf_plus(stderr, "Failed to get flags for interface "
1695
2408
"\"%s\"\n", interface);
2409
errno = old_errno;
1696
2410
return ret_errno;
1697
2411
}
1698
2412
network.ifr_flags &= ~(short)IFF_UP; /* clear flag */
1699
2413
1700
sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1701
if(sd < 0){
2414
int sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
2415
if(sd == -1){
1702
2416
ret_errno = errno;
1703
2417
perror_plus("socket");
1704
2418
errno = old_errno;
1710
2424
interface);
1711
2425
}
1712
2426
1713
/* Raise priviliges */
1714
raise_privileges();
1715
1716
ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
1717
ret_errno = errno;
1718
1719
/* Lower privileges */
1720
lower_privileges();
2427
/* Raise privileges */
2428
ret_errno = raise_privileges();
2429
if(ret_errno != 0){
2430
errno = ret_errno;
2431
perror_plus("Failed to raise privileges");
2432
}
2433
2434
int ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
2435
ioctl_errno = errno;
2436
2437
/* If raise_privileges() succeeded above */
2438
if(ret_errno == 0){
2439
/* Lower privileges */
2440
ret_errno = lower_privileges();
2441
if(ret_errno != 0){
2442
errno = ret_errno;
2443
perror_plus("Failed to lower privileges");
2444
}
2445
}
1721
2446
1722
2447
/* Close the socket */
1723
ret = (int)TEMP_FAILURE_RETRY(close(sd));
2448
int ret = close(sd);
1724
2449
if(ret == -1){
1725
2450
perror_plus("close");
1726
2451
}
1727
2452
1728
2453
if(ret_setflags == -1){
1729
errno = ret_errno;
2454
errno = ioctl_errno;
1730
2455
perror_plus("ioctl SIOCSIFFLAGS -IFF_UP");
1731
2456
errno = old_errno;
1732
return ret_errno;
2457
return ioctl_errno;
1733
2458
}
1734
2459
} else if(debug){
1735
2460
fprintf_plus(stderr, "Interface \"%s\" is already down; odd\n",
1741
2466
}
1742
2467
1743
2468
int main(int argc, char *argv[]){
2469
mandos_context mc = { .server = NULL, .dh_bits = 0,
2470
#if GNUTLS_VERSION_NUMBER >= 0x030606
2471
.priority = "SECURE128:!CTYPE-X.509"
2472
":+CTYPE-RAWPK:!RSA:!VERS-ALL:+VERS-TLS1.3"
2473
":%PROFILE_ULTRA",
2474
#elif GNUTLS_VERSION_NUMBER < 0x030600
2475
.priority = "SECURE256:!CTYPE-X.509"
2476
":+CTYPE-OPENPGP:!RSA:+SIGN-DSA-SHA256",
2477
#else
2478
#error "Needs GnuTLS 3.6.6 or later, or before 3.6.0"
2479
#endif
2480
.current_server = NULL, .interfaces = NULL,
2481
.interfaces_size = 0 };
1744
2482
AvahiSServiceBrowser *sb = NULL;
1745
2483
error_t ret_errno;
1746
2484
int ret;
1747
2485
intmax_t tmpmax;
1748
2486
char *tmp;
1749
2487
int exitcode = EXIT_SUCCESS;
1750
char *interfaces = NULL;
1751
size_t interfaces_size = 0;
1752
2488
char *interfaces_to_take_down = NULL;
1753
2489
size_t interfaces_to_take_down_size = 0;
1754
char tempdir[] = "/tmp/mandosXXXXXX";
1755
bool tempdir_created = false;
2490
char run_tempdir[] = "/run/tmp/mandosXXXXXX";
2491
char old_tempdir[] = "/tmp/mandosXXXXXX";
2492
char *tempdir = NULL;
1756
2493
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
1757
2494
const char *seckey = PATHDIR "/" SECKEY;
1758
2495
const char *pubkey = PATHDIR "/" PUBKEY;
2496
#if GNUTLS_VERSION_NUMBER >= 0x030606
2497
const char *tls_privkey = PATHDIR "/" TLS_PRIVKEY;
2498
const char *tls_pubkey = PATHDIR "/" TLS_PUBKEY;
2499
#endif
2500
const char *dh_params_file = NULL;
1759
2501
char *interfaces_hooks = NULL;
1760
size_t interfaces_hooks_size = 0;
1761
2502
1762
2503
bool gnutls_initialized = false;
1763
2504
bool gpgme_initialized = false;
1809
2550
{ .name = "pubkey", .key = 'p',
1810
2551
.arg = "FILE",
1811
2552
.doc = "OpenPGP public key file base name",
1812
.group = 2 },
2553
.group = 1 },
2554
{ .name = "tls-privkey", .key = 't',
2555
.arg = "FILE",
2556
#if GNUTLS_VERSION_NUMBER >= 0x030606
2557
.doc = "TLS private key file base name",
2558
#else
2559
.doc = "Dummy; ignored (requires GnuTLS 3.6.6)",
2560
#endif
2561
.group = 1 },
2562
{ .name = "tls-pubkey", .key = 'T',
2563
.arg = "FILE",
2564
#if GNUTLS_VERSION_NUMBER >= 0x030606
2565
.doc = "TLS public key file base name",
2566
#else
2567
.doc = "Dummy; ignored (requires GnuTLS 3.6.6)",
2568
#endif
2569
.group = 1 },
1813
2570
{ .name = "dh-bits", .key = 129,
1814
2571
.arg = "BITS",
1815
2572
.doc = "Bit length of the prime number used in the"
1816
2573
" Diffie-Hellman key exchange",
1817
2574
.group = 2 },
2575
{ .name = "dh-params", .key = 134,
2576
.arg = "FILE",
2577
.doc = "PEM-encoded PKCS#3 file with pre-generated parameters"
2578
" for the Diffie-Hellman key exchange",
2579
.group = 2 },
1818
2580
{ .name = "priority", .key = 130,
1819
2581
.arg = "STRING",
1820
2582
.doc = "GnuTLS priority string for the TLS handshake",
1854
2616
connect_to = arg;
1855
2617
break;
1856
2618
case 'i': /* --interface */
1857
ret_errno = argz_add_sep(&interfaces, &interfaces_size, arg,
1858
(int)',');
2619
ret_errno = argz_add_sep(&mc.interfaces, &mc.interfaces_size,
2620
arg, (int)',');
1859
2621
if(ret_errno != 0){
1860
2622
argp_error(state, "%s", strerror(ret_errno));
1861
2623
}
1866
2628
case 'p': /* --pubkey */
1867
2629
pubkey = arg;
1868
2630
break;
2631
case 't': /* --tls-privkey */
2632
#if GNUTLS_VERSION_NUMBER >= 0x030606
2633
tls_privkey = arg;
2634
#endif
2635
break;
2636
case 'T': /* --tls-pubkey */
2637
#if GNUTLS_VERSION_NUMBER >= 0x030606
2638
tls_pubkey = arg;
2639
#endif
2640
break;
1869
2641
case 129: /* --dh-bits */
1870
2642
errno = 0;
1871
2643
tmpmax = strtoimax(arg, &tmp, 10);
1875
2647
}
1876
2648
mc.dh_bits = (typeof(mc.dh_bits))tmpmax;
1877
2649
break;
2650
case 134: /* --dh-params */
2651
dh_params_file = arg;
2652
break;
1878
2653
case 130: /* --priority */
1879
2654
mc.priority = arg;
1880
2655
break;
1903
2678
argp_state_help(state, state->out_stream,
1904
2679
(ARGP_HELP_STD_HELP | ARGP_HELP_EXIT_ERR)
1905
2680
& ~(unsigned int)ARGP_HELP_EXIT_OK);
2681
__builtin_unreachable();
1906
2682
case -3: /* --usage */
1907
2683
argp_state_help(state, state->out_stream,
1908
2684
ARGP_HELP_USAGE | ARGP_HELP_EXIT_ERR);
2685
__builtin_unreachable();
1909
2686
case 'V': /* --version */
1910
2687
fprintf_plus(state->out_stream, "%s\n", argp_program_version);
1911
2688
exit(argp_err_exit_status);
1920
2697
.args_doc = "",
1921
2698
.doc = "Mandos client -- Get and decrypt"
1922
2699
" passwords from a Mandos server" };
1923
ret = argp_parse(&argp, argc, argv,
1924
ARGP_IN_ORDER | ARGP_NO_HELP, 0, NULL);
1925
switch(ret){
2700
ret_errno = argp_parse(&argp, argc, argv,
2701
ARGP_IN_ORDER | ARGP_NO_HELP, 0, NULL);
2702
switch(ret_errno){
1926
2703
case 0:
1927
2704
break;
1928
2705
case ENOMEM:
1929
2706
default:
1930
errno = ret;
2707
errno = ret_errno;
1931
2708
perror_plus("argp_parse");
1932
2709
exitcode = EX_OSERR;
1933
2710
goto end;
1936
2713
goto end;
1937
2714
}
1938
2715
}
1939
2716
1940
2717
{
1941
/* Work around Debian bug #633582:
1942
<http://bugs.debian.org/633582> */
1943
1944
/* Re-raise priviliges */
1945
if(raise_privileges() == 0){
2718
/* Re-raise privileges */
2719
ret = raise_privileges();
2720
if(ret != 0){
2721
errno = ret;
2722
perror_plus("Failed to raise privileges");
2723
} else {
1946
2724
struct stat st;
1947
2725
2726
/* Work around Debian bug #633582:
2727
<https://bugs.debian.org/633582> */
2728
1948
2729
if(strcmp(seckey, PATHDIR "/" SECKEY) == 0){
1949
2730
int seckey_fd = open(seckey, O_RDONLY);
1950
2731
if(seckey_fd == -1){
1962
2743
}
1963
2744
}
1964
2745
}
1965
TEMP_FAILURE_RETRY(close(seckey_fd));
2746
close(seckey_fd);
1966
2747
}
1967
2748
}
1968
2749
1969
2750
if(strcmp(pubkey, PATHDIR "/" PUBKEY) == 0){
1970
2751
int pubkey_fd = open(pubkey, O_RDONLY);
1971
2752
if(pubkey_fd == -1){
1983
2764
}
1984
2765
}
1985
2766
}
1986
TEMP_FAILURE_RETRY(close(pubkey_fd));
1987
}
1988
}
1989
2767
close(pubkey_fd);
2768
}
2769
}
2770
2771
if(dh_params_file != NULL
2772
and strcmp(dh_params_file, PATHDIR "/dhparams.pem" ) == 0){
2773
int dhparams_fd = open(dh_params_file, O_RDONLY);
2774
if(dhparams_fd == -1){
2775
perror_plus("open");
2776
} else {
2777
ret = (int)TEMP_FAILURE_RETRY(fstat(dhparams_fd, &st));
2778
if(ret == -1){
2779
perror_plus("fstat");
2780
} else {
2781
if(S_ISREG(st.st_mode)
2782
and st.st_uid == 0 and st.st_gid == 0){
2783
ret = fchown(dhparams_fd, uid, gid);
2784
if(ret == -1){
2785
perror_plus("fchown");
2786
}
2787
}
2788
}
2789
close(dhparams_fd);
2790
}
2791
}
2792
2793
/* Work around Debian bug #981302
2794
<https://bugs.debian.org/981302> */
2795
if(lstat("/dev/fd", &st) != 0 and errno == ENOENT){
2796
ret = symlink("/proc/self/fd", "/dev/fd");
2797
if(ret == -1){
2798
perror_plus("Failed to create /dev/fd symlink");
2799
}
2800
}
2801
1990
2802
/* Lower privileges */
1991
errno = 0;
1992
ret = seteuid(uid);
1993
if(ret == -1){
1994
perror_plus("seteuid");
2803
ret = lower_privileges();
2804
if(ret != 0){
2805
errno = ret;
2806
perror_plus("Failed to lower privileges");
1995
2807
}
1996
2808
}
1997
2809
}
1998
2810
1999
/* Remove empty interface names */
2811
/* Remove invalid interface names (except "none") */
2000
2812
{
2001
2813
char *interface = NULL;
2002
while((interface = argz_next(interfaces, interfaces_size,
2814
while((interface = argz_next(mc.interfaces, mc.interfaces_size,
2003
2815
interface))){
2004
if(if_nametoindex(interface) == 0){
2005
if(interface[0] != '\0' and strcmp(interface, "none") != 0){
2816
if(strcmp(interface, "none") != 0
2817
and if_nametoindex(interface) == 0){
2818
if(interface[0] != '\0'){
2006
2819
fprintf_plus(stderr, "Not using nonexisting interface"
2007
2820
" \"%s\"\n", interface);
2008
2821
}
2009
argz_delete(&interfaces, &interfaces_size, interface);
2822
argz_delete(&mc.interfaces, &mc.interfaces_size, interface);
2010
2823
interface = NULL;
2011
2824
}
2012
2825
}
2014
2827
2015
2828
/* Run network hooks */
2016
2829
{
2017
ret_errno = argz_append(&interfaces_hooks, &interfaces_hooks_size,
2018
interfaces, interfaces_size);
2019
if(ret_errno != 0){
2020
errno = ret_errno;
2021
perror_plus("argz_append");
2022
goto end;
2023
}
2024
argz_stringify(interfaces_hooks, interfaces_hooks_size, (int)',');
2025
if(not run_network_hooks("start", interfaces_hooks, delay)){
2026
goto end;
2027
}
2830
if(mc.interfaces != NULL){
2831
interfaces_hooks = malloc(mc.interfaces_size);
2832
if(interfaces_hooks == NULL){
2833
perror_plus("malloc");
2834
goto end;
2835
}
2836
memcpy(interfaces_hooks, mc.interfaces, mc.interfaces_size);
2837
argz_stringify(interfaces_hooks, mc.interfaces_size, (int)',');
2838
}
2839
run_network_hooks("start", interfaces_hooks != NULL ?
2840
interfaces_hooks : "", delay);
2028
2841
}
2029
2842
2030
2843
if(not debug){
2035
2848
from the signal handler */
2036
2849
/* Initialize the pseudo-RNG for Avahi */
2037
2850
srand((unsigned int) time(NULL));
2038
mc.simple_poll = avahi_simple_poll_new();
2039
if(mc.simple_poll == NULL){
2851
simple_poll = avahi_simple_poll_new();
2852
if(simple_poll == NULL){
2040
2853
fprintf_plus(stderr,
2041
2854
"Avahi: Failed to create simple poll object.\n");
2042
2855
exitcode = EX_UNAVAILABLE;
2107
2920
}
2108
2921
2109
2922
/* If no interfaces were specified, make a list */
2110
if(interfaces == NULL){
2111
struct dirent **direntries;
2923
if(mc.interfaces == NULL){
2924
struct dirent **direntries = NULL;
2112
2925
/* Look for any good interfaces */
2113
2926
ret = scandir(sys_class_net, &direntries, good_interface,
2114
2927
alphasort);
2115
2928
if(ret >= 1){
2116
2929
/* Add all found interfaces to interfaces list */
2117
2930
for(int i = 0; i < ret; ++i){
2118
ret_errno = argz_add(&interfaces, &interfaces_size,
2931
ret_errno = argz_add(&mc.interfaces, &mc.interfaces_size,
2119
2932
direntries[i]->d_name);
2120
2933
if(ret_errno != 0){
2934
errno = ret_errno;
2121
2935
perror_plus("argz_add");
2936
free(direntries[i]);
2122
2937
continue;
2123
2938
}
2124
2939
if(debug){
2125
2940
fprintf_plus(stderr, "Will use interface \"%s\"\n",
2126
2941
direntries[i]->d_name);
2127
2942
}
2943
free(direntries[i]);
2128
2944
}
2129
2945
free(direntries);
2130
2946
} else {
2131
free(direntries);
2947
if(ret == 0){
2948
free(direntries);
2949
}
2132
2950
fprintf_plus(stderr, "Could not find a network interface\n");
2133
2951
exitcode = EXIT_FAILURE;
2134
2952
goto end;
2135
2953
}
2136
2954
}
2137
2955
2138
/* If we only got one interface, explicitly use only that one */
2139
if(argz_count(interfaces, interfaces_size) == 1){
2140
if(debug){
2141
fprintf_plus(stderr, "Using only interface \"%s\"\n",
2142
interfaces);
2143
}
2144
if_index = (AvahiIfIndex)if_nametoindex(interfaces);
2145
}
2146
2147
/* Bring up interfaces which are down */
2148
if(not (argz_count(interfaces, interfaces_size) == 1
2149
and strcmp(interfaces, "none") == 0)){
2956
/* Bring up interfaces which are down, and remove any "none"s */
2957
{
2150
2958
char *interface = NULL;
2151
while((interface = argz_next(interfaces, interfaces_size,
2959
while((interface = argz_next(mc.interfaces, mc.interfaces_size,
2152
2960
interface))){
2961
/* If interface name is "none", stop bringing up interfaces.
2962
Also remove all instances of "none" from the list */
2963
if(strcmp(interface, "none") == 0){
2964
argz_delete(&mc.interfaces, &mc.interfaces_size,
2965
interface);
2966
interface = NULL;
2967
while((interface = argz_next(mc.interfaces,
2968
mc.interfaces_size, interface))){
2969
if(strcmp(interface, "none") == 0){
2970
argz_delete(&mc.interfaces, &mc.interfaces_size,
2971
interface);
2972
interface = NULL;
2973
}
2974
}
2975
break;
2976
}
2153
2977
bool interface_was_up = interface_is_up(interface);
2154
ret = bring_up_interface(interface, delay);
2978
errno = bring_up_interface(interface, delay);
2155
2979
if(not interface_was_up){
2156
if(ret != 0){
2157
errno = ret;
2158
perror_plus("Failed to bring up interface");
2980
if(errno != 0){
2981
fprintf_plus(stderr, "Failed to bring up interface \"%s\":"
2982
" %s\n", interface, strerror(errno));
2159
2983
} else {
2160
ret_errno = argz_add(&interfaces_to_take_down,
2161
&interfaces_to_take_down_size,
2162
interface);
2984
errno = argz_add(&interfaces_to_take_down,
2985
&interfaces_to_take_down_size,
2986
interface);
2987
if(errno != 0){
2988
perror_plus("argz_add");
2989
}
2163
2990
}
2164
2991
}
2165
2992
}
2166
free(interfaces);
2167
interfaces = NULL;
2168
interfaces_size = 0;
2169
2993
if(debug and (interfaces_to_take_down == NULL)){
2170
2994
fprintf_plus(stderr, "No interfaces were brought up\n");
2171
2995
}
2172
2996
}
2173
2997
2998
/* If we only got one interface, explicitly use only that one */
2999
if(argz_count(mc.interfaces, mc.interfaces_size) == 1){
3000
if(debug){
3001
fprintf_plus(stderr, "Using only interface \"%s\"\n",
3002
mc.interfaces);
3003
}
3004
if_index = (AvahiIfIndex)if_nametoindex(mc.interfaces);
3005
}
3006
2174
3007
if(quit_now){
2175
3008
goto end;
2176
3009
}
2177
3010
2178
ret = init_gnutls_global(pubkey, seckey);
3011
#if GNUTLS_VERSION_NUMBER >= 0x030606
3012
ret = init_gnutls_global(tls_pubkey, tls_privkey, dh_params_file, &mc);
3013
#elif GNUTLS_VERSION_NUMBER < 0x030600
3014
ret = init_gnutls_global(pubkey, seckey, dh_params_file, &mc);
3015
#else
3016
#error "Needs GnuTLS 3.6.6 or later, or before 3.6.0"
3017
#endif
2179
3018
if(ret == -1){
2180
3019
fprintf_plus(stderr, "init_gnutls_global failed\n");
2181
3020
exitcode = EX_UNAVAILABLE;
2188
3027
goto end;
2189
3028
}
2190
3029
2191
if(mkdtemp(tempdir) == NULL){
3030
/* Try /run/tmp before /tmp */
3031
tempdir = mkdtemp(run_tempdir);
3032
if(tempdir == NULL and errno == ENOENT){
3033
if(debug){
3034
fprintf_plus(stderr, "Tempdir %s did not work, trying %s\n",
3035
run_tempdir, old_tempdir);
3036
}
3037
tempdir = mkdtemp(old_tempdir);
3038
}
3039
if(tempdir == NULL){
2192
3040
perror_plus("mkdtemp");
2193
3041
goto end;
2194
3042
}
2195
tempdir_created = true;
2196
3043
2197
3044
if(quit_now){
2198
3045
goto end;
2199
3046
}
2200
3047
2201
if(not init_gpgme(pubkey, seckey, tempdir)){
3048
if(not init_gpgme(pubkey, seckey, tempdir, &mc)){
2202
3049
fprintf_plus(stderr, "init_gpgme failed\n");
2203
3050
exitcode = EX_UNAVAILABLE;
2204
3051
goto end;
2234
3081
exitcode = EX_USAGE;
2235
3082
goto end;
2236
3083
}
2237
3084
2238
3085
if(quit_now){
2239
3086
goto end;
2240
3087
}
2261
3108
}
2262
3109
2263
3110
while(not quit_now){
2264
ret = start_mandos_communication(address, port, if_index, af);
3111
ret = start_mandos_communication(address, port, if_index, af,
3112
&mc);
2265
3113
if(quit_now or ret == 0){
2266
3114
break;
2267
3115
}
2269
3117
fprintf_plus(stderr, "Retrying in %d seconds\n",
2270
3118
(int)retry_interval);
2271
3119
}
2272
sleep((int)retry_interval);
3120
sleep((unsigned int)retry_interval);
2273
3121
}
2274
3122
2275
if (not quit_now){
3123
if(not quit_now){
2276
3124
exitcode = EXIT_SUCCESS;
2277
3125
}
2278
3126
2293
3141
config.publish_domain = 0;
2294
3142
2295
3143
/* Allocate a new server */
2296
mc.server = avahi_server_new(avahi_simple_poll_get
2297
(mc.simple_poll), &config, NULL,
2298
NULL, &ret_errno);
3144
mc.server = avahi_server_new(avahi_simple_poll_get(simple_poll),
3145
&config, NULL, NULL, &ret);
2299
3146
2300
3147
/* Free the Avahi configuration data */
2301
3148
avahi_server_config_free(&config);
2304
3151
/* Check if creating the Avahi server object succeeded */
2305
3152
if(mc.server == NULL){
2306
3153
fprintf_plus(stderr, "Failed to create Avahi server: %s\n",
2307
avahi_strerror(ret_errno));
3154
avahi_strerror(ret));
2308
3155
exitcode = EX_UNAVAILABLE;
2309
3156
goto end;
2310
3157
}
2316
3163
/* Create the Avahi service browser */
2317
3164
sb = avahi_s_service_browser_new(mc.server, if_index,
2318
3165
AVAHI_PROTO_UNSPEC, "_mandos._tcp",
2319
NULL, 0, browse_callback, NULL);
3166
NULL, 0, browse_callback,
3167
(void *)&mc);
2320
3168
if(sb == NULL){
2321
3169
fprintf_plus(stderr, "Failed to create service browser: %s\n",
2322
3170
avahi_strerror(avahi_server_errno(mc.server)));
2333
3181
if(debug){
2334
3182
fprintf_plus(stderr, "Starting Avahi loop search\n");
2335
3183
}
2336
2337
ret = avahi_loop_with_timeout(mc.simple_poll,
2338
(int)(retry_interval * 1000));
3184
3185
ret = avahi_loop_with_timeout(simple_poll,
3186
(int)(retry_interval * 1000), &mc);
2339
3187
if(debug){
2340
3188
fprintf_plus(stderr, "avahi_loop_with_timeout exited %s\n",
2341
3189
(ret == 0) ? "successfully" : "with error");
2344
3192
end:
2345
3193
2346
3194
if(debug){
2347
fprintf_plus(stderr, "%s exiting\n", argv[0]);
3195
if(signal_received){
3196
fprintf_plus(stderr, "%s exiting due to signal %d: %s\n",
3197
argv[0], signal_received,
3198
strsignal(signal_received));
3199
} else {
3200
fprintf_plus(stderr, "%s exiting\n", argv[0]);
3201
}
2348
3202
}
2349
3203
2350
3204
/* Cleanup things */
3205
free(mc.interfaces);
3206
2351
3207
if(sb != NULL)
2352
3208
avahi_s_service_browser_free(sb);
2353
3209
2354
3210
if(mc.server != NULL)
2355
3211
avahi_server_free(mc.server);
2356
3212
2357
if(mc.simple_poll != NULL)
2358
avahi_simple_poll_free(mc.simple_poll);
3213
if(simple_poll != NULL)
3214
avahi_simple_poll_free(simple_poll);
2359
3215
2360
3216
if(gnutls_initialized){
2361
3217
gnutls_certificate_free_credentials(mc.cred);
2362
gnutls_global_deinit();
2363
3218
gnutls_dh_params_deinit(mc.dh_params);
2364
3219
}
2365
3220
2373
3228
mc.current_server->prev->next = NULL;
2374
3229
while(mc.current_server != NULL){
2375
3230
server *next = mc.current_server->next;
3231
#ifdef __GNUC__
3232
#pragma GCC diagnostic push
3233
#pragma GCC diagnostic ignored "-Wcast-qual"
3234
#endif
3235
free((char *)(mc.current_server->ip));
3236
#ifdef __GNUC__
3237
#pragma GCC diagnostic pop
3238
#endif
2376
3239
free(mc.current_server);
2377
3240
mc.current_server = next;
2378
3241
}
2379
3242
}
2380
3243
2381
/* Re-raise priviliges */
3244
/* Re-raise privileges */
2382
3245
{
2383
raise_privileges();
2384
2385
/* Run network hooks */
2386
run_network_hooks("stop", interfaces_hooks, delay);
2387
2388
/* Take down the network interfaces which were brought up */
2389
{
2390
char *interface = NULL;
2391
while((interface=argz_next(interfaces_to_take_down,
2392
interfaces_to_take_down_size,
2393
interface))){
2394
ret_errno = take_down_interface(interface);
2395
if(ret_errno != 0){
2396
errno = ret_errno;
2397
perror_plus("Failed to take down interface");
2398
}
2399
}
2400
if(debug and (interfaces_to_take_down == NULL)){
2401
fprintf_plus(stderr, "No interfaces needed to be taken"
2402
" down\n");
2403
}
2404
}
2405
2406
lower_privileges_permanently();
3246
ret = raise_privileges();
3247
if(ret != 0){
3248
errno = ret;
3249
perror_plus("Failed to raise privileges");
3250
} else {
3251
3252
/* Run network hooks */
3253
run_network_hooks("stop", interfaces_hooks != NULL ?
3254
interfaces_hooks : "", delay);
3255
3256
/* Take down the network interfaces which were brought up */
3257
{
3258
char *interface = NULL;
3259
while((interface = argz_next(interfaces_to_take_down,
3260
interfaces_to_take_down_size,
3261
interface))){
3262
ret = take_down_interface(interface);
3263
if(ret != 0){
3264
errno = ret;
3265
perror_plus("Failed to take down interface");
3266
}
3267
}
3268
if(debug and (interfaces_to_take_down == NULL)){
3269
fprintf_plus(stderr, "No interfaces needed to be taken"
3270
" down\n");
3271
}
3272
}
3273
}
3274
3275
ret = lower_privileges_permanently();
3276
if(ret != 0){
3277
errno = ret;
3278
perror_plus("Failed to lower privileges permanently");
3279
}
2407
3280
}
2408
3281
2409
3282
free(interfaces_to_take_down);
2410
3283
free(interfaces_hooks);
2411
3284
3285
void clean_dir_at(int base, const char * const dirname,
3286
uintmax_t level){
3287
struct dirent **direntries = NULL;
3288
int dret;
3289
int dir_fd = (int)TEMP_FAILURE_RETRY(openat(base, dirname,
3290
O_RDONLY
3291
| O_NOFOLLOW
3292
| O_DIRECTORY
3293
| O_PATH));
3294
if(dir_fd == -1){
3295
perror_plus("open");
3296
return;
3297
}
3298
int numentries = scandirat(dir_fd, ".", &direntries,
3299
notdotentries, alphasort);
3300
if(numentries >= 0){
3301
for(int i = 0; i < numentries; i++){
3302
if(debug){
3303
fprintf_plus(stderr, "Unlinking \"%s/%s\"\n",
3304
dirname, direntries[i]->d_name);
3305
}
3306
dret = unlinkat(dir_fd, direntries[i]->d_name, 0);
3307
if(dret == -1){
3308
if(errno == EISDIR){
3309
dret = unlinkat(dir_fd, direntries[i]->d_name,
3310
AT_REMOVEDIR);
3311
}
3312
if((dret == -1) and (errno == ENOTEMPTY)
3313
and (strcmp(direntries[i]->d_name, "private-keys-v1.d")
3314
== 0) and (level == 0)){
3315
/* Recurse only in this special case */
3316
clean_dir_at(dir_fd, direntries[i]->d_name, level+1);
3317
dret = 0;
3318
}
3319
if((dret == -1) and (errno != ENOENT)){
3320
fprintf_plus(stderr, "unlink(\"%s/%s\"): %s\n", dirname,
3321
direntries[i]->d_name, strerror(errno));
3322
}
3323
}
3324
free(direntries[i]);
3325
}
3326
3327
/* need to clean even if 0 because man page doesn't specify */
3328
free(direntries);
3329
dret = unlinkat(base, dirname, AT_REMOVEDIR);
3330
if(dret == -1 and errno != ENOENT){
3331
perror_plus("rmdir");
3332
}
3333
} else {
3334
perror_plus("scandirat");
3335
}
3336
close(dir_fd);
3337
}
3338
2412
3339
/* Removes the GPGME temp directory and all files inside */
2413
if(tempdir_created){
2414
struct dirent **direntries = NULL;
2415
struct dirent *direntry = NULL;
2416
int numentries = scandir(tempdir, &direntries, notdotentries,
2417
alphasort);
2418
if (numentries > 0){
2419
for(int i = 0; i < numentries; i++){
2420
direntry = direntries[i];
2421
char *fullname = NULL;
2422
ret = asprintf(&fullname, "%s/%s", tempdir,
2423
direntry->d_name);
2424
if(ret < 0){
2425
perror_plus("asprintf");
2426
continue;
2427
}
2428
ret = remove(fullname);
2429
if(ret == -1){
2430
fprintf_plus(stderr, "remove(\"%s\"): %s\n", fullname,
2431
strerror(errno));
2432
}
2433
free(fullname);
2434
}
2435
}
2436
2437
/* need to clean even if 0 because man page doesn't specify */
2438
free(direntries);
2439
if (numentries == -1){
2440
perror_plus("scandir");
2441
}
2442
ret = rmdir(tempdir);
2443
if(ret == -1 and errno != ENOENT){
2444
perror_plus("rmdir");
2445
}
3340
if(tempdir != NULL){
3341
clean_dir_at(-1, tempdir, 0);
2446
3342
}
2447
3343
2448
3344
if(quit_now){
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0