To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/mandosclient.c
- browse files at revision 24.1.6
- compare with another revision
- download diff
- download tarball
- view history from revision 24.1.6
- Committer: Björn Påhlsson
- Date: 2008-08-02 14:48:45 UTC
- mto: (24.1.154 mandos) (237.4.3 mandos-release)
- mto: This revision was merged to the branch mainline in revision 38.
- Revision ID: belorn@braxen-20080802144845-sd6z98g9poztxffs
plugbasedclient
change uid to nobody:nogroup as default for all plugins
mandosclient
Takes up the interface if needed
change uid to nobody:nogroup as default for all plugins
mandosclient
Takes up the interface if needed
- files added:
- ca.pem
- files removed:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- debian/upstream
- network-hooks.d
- plugin-helpers
- files renamed:
- clients.conf => mandos-clients.conf
- plugin-runner.c => plugbasedclient.c
- plugins.d/mandos-client.c => plugins.d/mandosclient.c
- plugins.d/password-prompt.c => plugins.d/passprompt.c
- mandos => server.py
- files modified:
- Makefile
added
removed
plugins.d/mandosclient.c
1
1
/* -*- coding: utf-8 -*- */
2
2
/*
3
* Mandos-client - get and decrypt data from a Mandos server
3
* Mandos client - get and decrypt data from a Mandos server
4
4
*
5
5
* This program is partly derived from an example program for an Avahi
6
6
* service browser, downloaded from
8
8
* includes the following functions: "resolve_callback",
9
9
* "browse_callback", and parts of "main".
10
10
*
11
* Everything else is
12
* Copyright © 2008-2018 Teddy Hogeborn
13
* Copyright © 2008-2018 Björn Påhlsson
14
*
15
* This file is part of Mandos.
16
*
17
* Mandos is free software: you can redistribute it and/or modify it
18
* under the terms of the GNU General Public License as published by
19
* the Free Software Foundation, either version 3 of the License, or
20
* (at your option) any later version.
21
*
22
* Mandos is distributed in the hope that it will be useful, but
11
* Everything else is Copyright © 2007-2008 Teddy Hogeborn and Björn
12
* Påhlsson.
13
*
14
* This program is free software: you can redistribute it and/or
15
* modify it under the terms of the GNU General Public License as
16
* published by the Free Software Foundation, either version 3 of the
17
* License, or (at your option) any later version.
18
*
19
* This program is distributed in the hope that it will be useful, but
23
20
* WITHOUT ANY WARRANTY; without even the implied warranty of
24
21
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
25
22
* General Public License for more details.
26
23
*
27
24
* You should have received a copy of the GNU General Public License
28
* along with Mandos. If not, see <http://www.gnu.org/licenses/>.
25
* along with this program. If not, see
26
* <http://www.gnu.org/licenses/>.
29
27
*
30
* Contact the authors at <mandos@recompile.se>.
28
* Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and
29
* <https://www.fukt.bsnet.se/~teddy/>.
31
30
*/
32
31
33
/* Needed by GPGME, specifically gpgme_data_seek() */
34
#ifndef _LARGEFILE_SOURCE
32
#define _FORTIFY_SOURCE 2
33
35
34
#define _LARGEFILE_SOURCE
36
#endif /* not _LARGEFILE_SOURCE */
37
#ifndef _FILE_OFFSET_BITS
38
35
#define _FILE_OFFSET_BITS 64
39
#endif /* not _FILE_OFFSET_BITS */
40
41
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */
42
43
#include <stdio.h> /* fprintf(), stderr, fwrite(),
44
stdout, ferror() */
45
#include <stdint.h> /* uint16_t, uint32_t, intptr_t */
46
#include <stddef.h> /* NULL, size_t, ssize_t */
47
#include <stdlib.h> /* free(), EXIT_SUCCESS, srand(),
48
strtof(), abort() */
49
#include <stdbool.h> /* bool, false, true */
50
#include <string.h> /* strcmp(), strlen(), strerror(),
51
asprintf(), strncpy(), strsignal()
52
*/
53
#include <sys/ioctl.h> /* ioctl */
54
#include <sys/types.h> /* socket(), inet_pton(), sockaddr,
55
sockaddr_in6, PF_INET6,
56
SOCK_STREAM, uid_t, gid_t, open(),
57
opendir(), DIR */
58
#include <sys/stat.h> /* open(), S_ISREG */
59
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
60
inet_pton(), connect(),
61
getnameinfo() */
62
#include <fcntl.h> /* open(), unlinkat(), AT_REMOVEDIR */
63
#include <dirent.h> /* opendir(), struct dirent, readdir()
64
*/
65
#include <inttypes.h> /* PRIu16, PRIdMAX, intmax_t,
66
strtoimax() */
67
#include <errno.h> /* perror(), errno, EINTR, EINVAL,
68
EAI_SYSTEM, ENETUNREACH,
69
EHOSTUNREACH, ECONNREFUSED, EPROTO,
70
EIO, ENOENT, ENXIO, ENOMEM, EISDIR,
71
ENOTEMPTY,
72
program_invocation_short_name */
73
#include <time.h> /* nanosleep(), time(), sleep() */
74
#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
75
SIOCSIFFLAGS, if_indextoname(),
76
if_nametoindex(), IF_NAMESIZE */
77
#include <netinet/in.h> /* IN6_IS_ADDR_LINKLOCAL,
78
INET_ADDRSTRLEN, INET6_ADDRSTRLEN
79
*/
80
#include <unistd.h> /* close(), SEEK_SET, off_t, write(),
81
getuid(), getgid(), seteuid(),
82
setgid(), pause(), _exit(),
83
unlinkat() */
84
#include <arpa/inet.h> /* inet_pton(), htons() */
85
#include <iso646.h> /* not, or, and */
86
#include <argp.h> /* struct argp_option, error_t, struct
87
argp_state, struct argp,
88
argp_parse(), ARGP_KEY_ARG,
89
ARGP_KEY_END, ARGP_ERR_UNKNOWN */
90
#include <signal.h> /* sigemptyset(), sigaddset(),
91
sigaction(), SIGTERM, sig_atomic_t,
92
raise() */
93
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_UNAVAILABLE,
94
EX_NOHOST, EX_IOERR, EX_PROTOCOL */
95
#include <sys/wait.h> /* waitpid(), WIFEXITED(),
96
WEXITSTATUS(), WTERMSIG() */
97
#include <grp.h> /* setgroups() */
98
#include <argz.h> /* argz_add_sep(), argz_next(),
99
argz_delete(), argz_append(),
100
argz_stringify(), argz_add(),
101
argz_count() */
102
#include <netdb.h> /* getnameinfo(), NI_NUMERICHOST,
103
EAI_SYSTEM, gai_strerror() */
104
105
#ifdef __linux__
106
#include <sys/klog.h> /* klogctl() */
107
#endif /* __linux__ */
108
109
/* Avahi */
110
/* All Avahi types, constants and functions
111
Avahi*, avahi_*,
112
AVAHI_* */
36
37
#include <stdio.h>
38
#include <assert.h>
39
#include <stdlib.h>
40
#include <time.h>
41
#include <net/if.h> /* if_nametoindex */
42
#include <sys/ioctl.h> // ioctl, ifreq, SIOCGIFFLAGS, IFF_UP, SIOCSIFFLAGS
43
#include <net/if.h> // ioctl, ifreq, SIOCGIFFLAGS, IFF_UP, SIOCSIFFLAGS
44
113
45
#include <avahi-core/core.h>
114
46
#include <avahi-core/lookup.h>
115
47
#include <avahi-core/log.h>
117
49
#include <avahi-common/malloc.h>
118
50
#include <avahi-common/error.h>
119
51
120
/* GnuTLS */
121
#include <gnutls/gnutls.h> /* All GnuTLS types, constants and
122
functions:
123
gnutls_*
124
init_gnutls_session(),
125
GNUTLS_* */
126
#include <gnutls/openpgp.h>
127
/* gnutls_certificate_set_openpgp_key_file(),
128
GNUTLS_OPENPGP_FMT_BASE64 */
129
130
/* GPGME */
131
#include <gpgme.h> /* All GPGME types, constants and
132
functions:
133
gpgme_*
134
GPGME_PROTOCOL_OpenPGP,
135
GPG_ERR_NO_* */
52
//mandos client part
53
#include <sys/types.h> /* socket(), inet_pton() */
54
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
55
struct in6_addr, inet_pton() */
56
#include <gnutls/gnutls.h> /* All GnuTLS stuff */
57
#include <gnutls/openpgp.h> /* GnuTLS with openpgp stuff */
58
59
#include <unistd.h> /* close() */
60
#include <netinet/in.h>
61
#include <stdbool.h> /* true */
62
#include <string.h> /* memset */
63
#include <arpa/inet.h> /* inet_pton() */
64
#include <iso646.h> /* not */
65
66
// gpgme
67
#include <errno.h> /* perror() */
68
#include <gpgme.h>
69
70
// getopt long
71
#include <getopt.h>
136
72
137
73
#define BUFFER_SIZE 256
74
#define DH_BITS 1024
138
75
139
#define PATHDIR "/conf/conf.d/mandos"
140
#define SECKEY "seckey.txt"
141
#define PUBKEY "pubkey.txt"
142
#define HOOKDIR "/lib/mandos/network-hooks.d"
76
const char *certdir = "/conf/conf.d/cryptkeyreq/";
77
const char *certfile = "openpgp-client.txt";
78
const char *certkey = "openpgp-client-key.txt";
143
79
144
80
bool debug = false;
145
static const char mandos_protocol_version[] = "1";
146
const char *argp_program_version = "mandos-client " VERSION;
147
const char *argp_program_bug_address = "<mandos@recompile.se>";
148
static const char sys_class_net[] = "/sys/class/net";
149
char *connect_to = NULL;
150
const char *hookdir = HOOKDIR;
151
int hookdir_fd = -1;
152
uid_t uid = 65534;
153
gid_t gid = 65534;
154
155
/* Doubly linked list that need to be circularly linked when used */
156
typedef struct server{
157
const char *ip;
158
in_port_t port;
159
AvahiIfIndex if_index;
160
int af;
161
struct timespec last_seen;
162
struct server *next;
163
struct server *prev;
164
} server;
165
166
/* Used for passing in values through the Avahi callback functions */
81
167
82
typedef struct {
168
AvahiServer *server;
83
gnutls_session_t session;
169
84
gnutls_certificate_credentials_t cred;
170
unsigned int dh_bits;
171
85
gnutls_dh_params_t dh_params;
172
const char *priority;
86
} encrypted_session;
87
88
89
ssize_t pgp_packet_decrypt (char *packet, size_t packet_size,
90
char **new_packet, const char *homedir){
91
gpgme_data_t dh_crypto, dh_plain;
173
92
gpgme_ctx_t ctx;
174
server *current_server;
175
char *interfaces;
176
size_t interfaces_size;
177
} mandos_context;
178
179
/* global so signal handler can reach it*/
180
AvahiSimplePoll *simple_poll;
181
182
sig_atomic_t quit_now = 0;
183
int signal_received = 0;
184
185
/* Function to use when printing errors */
186
void perror_plus(const char *print_text){
187
int e = errno;
188
fprintf(stderr, "Mandos plugin %s: ",
189
program_invocation_short_name);
190
errno = e;
191
perror(print_text);
192
}
193
194
__attribute__((format (gnu_printf, 2, 3), nonnull))
195
int fprintf_plus(FILE *stream, const char *format, ...){
196
va_list ap;
197
va_start (ap, format);
198
199
TEMP_FAILURE_RETRY(fprintf(stream, "Mandos plugin %s: ",
200
program_invocation_short_name));
201
return (int)TEMP_FAILURE_RETRY(vfprintf(stream, format, ap));
202
}
203
204
/*
205
* Make additional room in "buffer" for at least BUFFER_SIZE more
206
* bytes. "buffer_capacity" is how much is currently allocated,
207
* "buffer_length" is how much is already used.
208
*/
209
__attribute__((nonnull, warn_unused_result))
210
size_t incbuffer(char **buffer, size_t buffer_length,
211
size_t buffer_capacity){
212
if(buffer_length + BUFFER_SIZE > buffer_capacity){
213
char *new_buf = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
214
if(new_buf == NULL){
215
int old_errno = errno;
216
free(*buffer);
217
errno = old_errno;
218
*buffer = NULL;
219
return 0;
220
}
221
*buffer = new_buf;
222
buffer_capacity += BUFFER_SIZE;
223
}
224
return buffer_capacity;
225
}
226
227
/* Add server to set of servers to retry periodically */
228
__attribute__((nonnull, warn_unused_result))
229
bool add_server(const char *ip, in_port_t port, AvahiIfIndex if_index,
230
int af, server **current_server){
231
int ret;
232
server *new_server = malloc(sizeof(server));
233
if(new_server == NULL){
234
perror_plus("malloc");
235
return false;
236
}
237
*new_server = (server){ .ip = strdup(ip),
238
.port = port,
239
.if_index = if_index,
240
.af = af };
241
if(new_server->ip == NULL){
242
perror_plus("strdup");
243
free(new_server);
244
return false;
245
}
246
ret = clock_gettime(CLOCK_MONOTONIC, &(new_server->last_seen));
247
if(ret == -1){
248
perror_plus("clock_gettime");
249
#ifdef __GNUC__
250
#pragma GCC diagnostic push
251
#pragma GCC diagnostic ignored "-Wcast-qual"
252
#endif
253
free((char *)(new_server->ip));
254
#ifdef __GNUC__
255
#pragma GCC diagnostic pop
256
#endif
257
free(new_server);
258
return false;
259
}
260
/* Special case of first server */
261
if(*current_server == NULL){
262
new_server->next = new_server;
263
new_server->prev = new_server;
264
*current_server = new_server;
265
} else {
266
/* Place the new server last in the list */
267
new_server->next = *current_server;
268
new_server->prev = (*current_server)->prev;
269
new_server->prev->next = new_server;
270
(*current_server)->prev = new_server;
271
}
272
return true;
273
}
274
275
/*
276
* Initialize GPGME.
277
*/
278
__attribute__((nonnull, warn_unused_result))
279
static bool init_gpgme(const char * const seckey,
280
const char * const pubkey,
281
const char * const tempdir,
282
mandos_context *mc){
283
93
gpgme_error_t rc;
94
ssize_t ret;
95
ssize_t new_packet_capacity = 0;
96
ssize_t new_packet_length = 0;
284
97
gpgme_engine_info_t engine_info;
285
286
/*
287
* Helper function to insert pub and seckey to the engine keyring.
288
*/
289
bool import_key(const char * const filename){
290
int ret;
291
int fd;
292
gpgme_data_t pgp_data;
293
294
fd = (int)TEMP_FAILURE_RETRY(open(filename, O_RDONLY));
295
if(fd == -1){
296
perror_plus("open");
297
return false;
298
}
299
300
rc = gpgme_data_new_from_fd(&pgp_data, fd);
301
if(rc != GPG_ERR_NO_ERROR){
302
fprintf_plus(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",
303
gpgme_strsource(rc), gpgme_strerror(rc));
304
return false;
305
}
306
307
rc = gpgme_op_import(mc->ctx, pgp_data);
308
if(rc != GPG_ERR_NO_ERROR){
309
fprintf_plus(stderr, "bad gpgme_op_import: %s: %s\n",
310
gpgme_strsource(rc), gpgme_strerror(rc));
311
return false;
312
}
313
314
ret = close(fd);
315
if(ret == -1){
316
perror_plus("close");
317
}
318
gpgme_data_release(pgp_data);
319
return true;
320
}
321
322
if(debug){
323
fprintf_plus(stderr, "Initializing GPGME\n");
98
99
if (debug){
100
fprintf(stderr, "Trying to decrypt OpenPGP packet\n");
324
101
}
325
102
326
103
/* Init GPGME */
327
104
gpgme_check_version(NULL);
328
105
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
329
if(rc != GPG_ERR_NO_ERROR){
330
fprintf_plus(stderr, "bad gpgme_engine_check_version: %s: %s\n",
331
gpgme_strsource(rc), gpgme_strerror(rc));
332
return false;
106
if (rc != GPG_ERR_NO_ERROR){
107
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
108
gpgme_strsource(rc), gpgme_strerror(rc));
109
return -1;
333
110
}
334
111
335
/* Set GPGME home directory for the OpenPGP engine only */
336
rc = gpgme_get_engine_info(&engine_info);
337
if(rc != GPG_ERR_NO_ERROR){
338
fprintf_plus(stderr, "bad gpgme_get_engine_info: %s: %s\n",
339
gpgme_strsource(rc), gpgme_strerror(rc));
340
return false;
112
/* Set GPGME home directory */
113
rc = gpgme_get_engine_info (&engine_info);
114
if (rc != GPG_ERR_NO_ERROR){
115
fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
116
gpgme_strsource(rc), gpgme_strerror(rc));
117
return -1;
341
118
}
342
119
while(engine_info != NULL){
343
120
if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){
344
121
gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,
345
engine_info->file_name, tempdir);
122
engine_info->file_name, homedir);
346
123
break;
347
124
}
348
125
engine_info = engine_info->next;
349
126
}
350
127
if(engine_info == NULL){
351
fprintf_plus(stderr, "Could not set GPGME home dir to %s\n",
352
tempdir);
353
return false;
354
}
355
356
/* Create new GPGME "context" */
357
rc = gpgme_new(&(mc->ctx));
358
if(rc != GPG_ERR_NO_ERROR){
359
fprintf_plus(stderr, "Mandos plugin mandos-client: "
360
"bad gpgme_new: %s: %s\n", gpgme_strsource(rc),
361
gpgme_strerror(rc));
362
return false;
363
}
364
365
if(not import_key(pubkey) or not import_key(seckey)){
366
return false;
367
}
368
369
return true;
370
}
371
372
/*
373
* Decrypt OpenPGP data.
374
* Returns -1 on error
375
*/
376
__attribute__((nonnull, warn_unused_result))
377
static ssize_t pgp_packet_decrypt(const char *cryptotext,
378
size_t crypto_size,
379
char **plaintext,
380
mandos_context *mc){
381
gpgme_data_t dh_crypto, dh_plain;
382
gpgme_error_t rc;
383
ssize_t ret;
384
size_t plaintext_capacity = 0;
385
ssize_t plaintext_length = 0;
386
387
if(debug){
388
fprintf_plus(stderr, "Trying to decrypt OpenPGP data\n");
389
}
390
391
/* Create new GPGME data buffer from memory cryptotext */
392
rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,
393
0);
394
if(rc != GPG_ERR_NO_ERROR){
395
fprintf_plus(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
396
gpgme_strsource(rc), gpgme_strerror(rc));
128
fprintf(stderr, "Could not set home dir to %s\n", homedir);
129
return -1;
130
}
131
132
/* Create new GPGME data buffer from packet buffer */
133
rc = gpgme_data_new_from_mem(&dh_crypto, packet, packet_size, 0);
134
if (rc != GPG_ERR_NO_ERROR){
135
fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
136
gpgme_strsource(rc), gpgme_strerror(rc));
397
137
return -1;
398
138
}
399
139
400
140
/* Create new empty GPGME data buffer for the plaintext */
401
141
rc = gpgme_data_new(&dh_plain);
402
if(rc != GPG_ERR_NO_ERROR){
403
fprintf_plus(stderr, "Mandos plugin mandos-client: "
404
"bad gpgme_data_new: %s: %s\n",
405
gpgme_strsource(rc), gpgme_strerror(rc));
406
gpgme_data_release(dh_crypto);
407
return -1;
408
}
409
410
/* Decrypt data from the cryptotext data buffer to the plaintext
411
data buffer */
412
rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);
413
if(rc != GPG_ERR_NO_ERROR){
414
fprintf_plus(stderr, "bad gpgme_op_decrypt: %s: %s\n",
415
gpgme_strsource(rc), gpgme_strerror(rc));
416
plaintext_length = -1;
417
if(debug){
418
gpgme_decrypt_result_t result;
419
result = gpgme_op_decrypt_result(mc->ctx);
420
if(result == NULL){
421
fprintf_plus(stderr, "gpgme_op_decrypt_result failed\n");
422
} else {
423
fprintf_plus(stderr, "Unsupported algorithm: %s\n",
424
result->unsupported_algorithm);
425
fprintf_plus(stderr, "Wrong key usage: %u\n",
426
result->wrong_key_usage);
427
if(result->file_name != NULL){
428
fprintf_plus(stderr, "File name: %s\n", result->file_name);
429
}
430
gpgme_recipient_t recipient;
431
recipient = result->recipients;
142
if (rc != GPG_ERR_NO_ERROR){
143
fprintf(stderr, "bad gpgme_data_new: %s: %s\n",
144
gpgme_strsource(rc), gpgme_strerror(rc));
145
return -1;
146
}
147
148
/* Create new GPGME "context" */
149
rc = gpgme_new(&ctx);
150
if (rc != GPG_ERR_NO_ERROR){
151
fprintf(stderr, "bad gpgme_new: %s: %s\n",
152
gpgme_strsource(rc), gpgme_strerror(rc));
153
return -1;
154
}
155
156
/* Decrypt data from the FILE pointer to the plaintext data
157
buffer */
158
rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);
159
if (rc != GPG_ERR_NO_ERROR){
160
fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
161
gpgme_strsource(rc), gpgme_strerror(rc));
162
return -1;
163
}
164
165
if(debug){
166
fprintf(stderr, "Decryption of OpenPGP packet succeeded\n");
167
}
168
169
if (debug){
170
gpgme_decrypt_result_t result;
171
result = gpgme_op_decrypt_result(ctx);
172
if (result == NULL){
173
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
174
} else {
175
fprintf(stderr, "Unsupported algorithm: %s\n",
176
result->unsupported_algorithm);
177
fprintf(stderr, "Wrong key usage: %d\n",
178
result->wrong_key_usage);
179
if(result->file_name != NULL){
180
fprintf(stderr, "File name: %s\n", result->file_name);
181
}
182
gpgme_recipient_t recipient;
183
recipient = result->recipients;
184
if(recipient){
432
185
while(recipient != NULL){
433
fprintf_plus(stderr, "Public key algorithm: %s\n",
434
gpgme_pubkey_algo_name
435
(recipient->pubkey_algo));
436
fprintf_plus(stderr, "Key ID: %s\n", recipient->keyid);
437
fprintf_plus(stderr, "Secret key available: %s\n",
438
recipient->status == GPG_ERR_NO_SECKEY
439
? "No" : "Yes");
186
fprintf(stderr, "Public key algorithm: %s\n",
187
gpgme_pubkey_algo_name(recipient->pubkey_algo));
188
fprintf(stderr, "Key ID: %s\n", recipient->keyid);
189
fprintf(stderr, "Secret key available: %s\n",
190
recipient->status == GPG_ERR_NO_SECKEY
191
? "No" : "Yes");
440
192
recipient = recipient->next;
441
193
}
442
194
}
443
195
}
444
goto decrypt_end;
445
196
}
446
197
447
if(debug){
448
fprintf_plus(stderr, "Decryption of OpenPGP data succeeded\n");
449
}
198
/* Delete the GPGME FILE pointer cryptotext data buffer */
199
gpgme_data_release(dh_crypto);
450
200
451
201
/* Seek back to the beginning of the GPGME plaintext data buffer */
452
if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){
453
perror_plus("gpgme_data_seek");
454
plaintext_length = -1;
455
goto decrypt_end;
202
if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){
203
perror("pgpme_data_seek");
456
204
}
457
205
458
*plaintext = NULL;
206
*new_packet = 0;
459
207
while(true){
460
plaintext_capacity = incbuffer(plaintext,
461
(size_t)plaintext_length,
462
plaintext_capacity);
463
if(plaintext_capacity == 0){
464
perror_plus("incbuffer");
465
plaintext_length = -1;
466
goto decrypt_end;
208
if (new_packet_length + BUFFER_SIZE > new_packet_capacity){
209
*new_packet = realloc(*new_packet,
210
(unsigned int)new_packet_capacity
211
+ BUFFER_SIZE);
212
if (*new_packet == NULL){
213
perror("realloc");
214
return -1;
215
}
216
new_packet_capacity += BUFFER_SIZE;
467
217
}
468
218
469
ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,
219
ret = gpgme_data_read(dh_plain, *new_packet + new_packet_length,
470
220
BUFFER_SIZE);
471
221
/* Print the data, if any */
472
if(ret == 0){
473
/* EOF */
222
if (ret == 0){
474
223
break;
475
224
}
476
225
if(ret < 0){
477
perror_plus("gpgme_data_read");
478
plaintext_length = -1;
479
goto decrypt_end;
480
}
481
plaintext_length += ret;
482
}
483
484
if(debug){
485
fprintf_plus(stderr, "Decrypted password is: ");
486
for(ssize_t i = 0; i < plaintext_length; i++){
487
fprintf(stderr, "%02hhX ", (*plaintext)[i]);
488
}
489
fprintf(stderr, "\n");
490
}
491
492
decrypt_end:
493
494
/* Delete the GPGME cryptotext data buffer */
495
gpgme_data_release(dh_crypto);
226
perror("gpgme_data_read");
227
return -1;
228
}
229
new_packet_length += ret;
230
}
231
232
/* FIXME: check characters before printing to screen so to not print
233
terminal control characters */
234
/* if(debug){ */
235
/* fprintf(stderr, "decrypted password is: "); */
236
/* fwrite(*new_packet, 1, new_packet_length, stderr); */
237
/* fprintf(stderr, "\n"); */
238
/* } */
496
239
497
240
/* Delete the GPGME plaintext data buffer */
498
241
gpgme_data_release(dh_plain);
499
return plaintext_length;
500
}
501
502
__attribute__((warn_unused_result, const))
503
static const char *safe_string(const char *str){
504
if(str == NULL)
505
return "(unknown)";
506
return str;
507
}
508
509
__attribute__((warn_unused_result))
510
static const char *safer_gnutls_strerror(int value){
511
const char *ret = gnutls_strerror(value);
512
return safe_string(ret);
513
}
514
515
/* GnuTLS log function callback */
516
__attribute__((nonnull))
517
static void debuggnutls(__attribute__((unused)) int level,
518
const char* string){
519
fprintf_plus(stderr, "GnuTLS: %s", string);
520
}
521
522
__attribute__((nonnull(1, 2, 4), warn_unused_result))
523
static int init_gnutls_global(const char *pubkeyfilename,
524
const char *seckeyfilename,
525
const char *dhparamsfilename,
526
mandos_context *mc){
242
return new_packet_length;
243
}
244
245
static const char * safer_gnutls_strerror (int value) {
246
const char *ret = gnutls_strerror (value);
247
if (ret == NULL)
248
ret = "(unknown)";
249
return ret;
250
}
251
252
void debuggnutls(__attribute__((unused)) int level,
253
const char* string){
254
fprintf(stderr, "%s", string);
255
}
256
257
int initgnutls(encrypted_session *es){
258
const char *err;
527
259
int ret;
528
unsigned int uret;
529
530
if(debug){
531
fprintf_plus(stderr, "Initializing GnuTLS\n");
532
}
533
534
if(debug){
535
/* "Use a log level over 10 to enable all debugging options."
536
* - GnuTLS manual
537
*/
260
261
if(debug){
262
fprintf(stderr, "Initializing GnuTLS\n");
263
}
264
265
if ((ret = gnutls_global_init ())
266
!= GNUTLS_E_SUCCESS) {
267
fprintf (stderr, "global_init: %s\n", safer_gnutls_strerror(ret));
268
return -1;
269
}
270
271
if (debug){
538
272
gnutls_global_set_log_level(11);
539
273
gnutls_global_set_log_function(debuggnutls);
540
274
}
541
275
542
/* OpenPGP credentials */
543
ret = gnutls_certificate_allocate_credentials(&mc->cred);
544
if(ret != GNUTLS_E_SUCCESS){
545
fprintf_plus(stderr, "GnuTLS memory error: %s\n",
546
safer_gnutls_strerror(ret));
276
/* openpgp credentials */
277
if ((ret = gnutls_certificate_allocate_credentials (&es->cred))
278
!= GNUTLS_E_SUCCESS) {
279
fprintf (stderr, "memory error: %s\n",
280
safer_gnutls_strerror(ret));
547
281
return -1;
548
282
}
549
283
550
284
if(debug){
551
fprintf_plus(stderr, "Attempting to use OpenPGP public key %s and"
552
" secret key %s as GnuTLS credentials\n",
553
pubkeyfilename,
554
seckeyfilename);
285
fprintf(stderr, "Attempting to use OpenPGP certificate %s"
286
" and keyfile %s as GnuTLS credentials\n", certfile,
287
certkey);
555
288
}
556
289
557
290
ret = gnutls_certificate_set_openpgp_key_file
558
(mc->cred, pubkeyfilename, seckeyfilename,
559
GNUTLS_OPENPGP_FMT_BASE64);
560
if(ret != GNUTLS_E_SUCCESS){
561
fprintf_plus(stderr,
562
"Error[%d] while reading the OpenPGP key pair ('%s',"
563
" '%s')\n", ret, pubkeyfilename, seckeyfilename);
564
fprintf_plus(stderr, "The GnuTLS error is: %s\n",
565
safer_gnutls_strerror(ret));
566
goto globalfail;
567
}
568
569
/* GnuTLS server initialization */
570
ret = gnutls_dh_params_init(&mc->dh_params);
571
if(ret != GNUTLS_E_SUCCESS){
572
fprintf_plus(stderr, "Error in GnuTLS DH parameter"
573
" initialization: %s\n",
574
safer_gnutls_strerror(ret));
575
goto globalfail;
576
}
577
/* If a Diffie-Hellman parameters file was given, try to use it */
578
if(dhparamsfilename != NULL){
579
gnutls_datum_t params = { .data = NULL, .size = 0 };
580
do {
581
int dhpfile = open(dhparamsfilename, O_RDONLY);
582
if(dhpfile == -1){
583
perror_plus("open");
584
dhparamsfilename = NULL;
585
break;
586
}
587
size_t params_capacity = 0;
588
while(true){
589
params_capacity = incbuffer((char **)¶ms.data,
590
(size_t)params.size,
591
(size_t)params_capacity);
592
if(params_capacity == 0){
593
perror_plus("incbuffer");
594
free(params.data);
595
params.data = NULL;
596
dhparamsfilename = NULL;
597
break;
598
}
599
ssize_t bytes_read = read(dhpfile,
600
params.data + params.size,
601
BUFFER_SIZE);
602
/* EOF */
603
if(bytes_read == 0){
604
break;
605
}
606
/* check bytes_read for failure */
607
if(bytes_read < 0){
608
perror_plus("read");
609
free(params.data);
610
params.data = NULL;
611
dhparamsfilename = NULL;
612
break;
613
}
614
params.size += (unsigned int)bytes_read;
615
}
616
if(params.data == NULL){
617
dhparamsfilename = NULL;
618
}
619
if(dhparamsfilename == NULL){
620
break;
621
}
622
ret = gnutls_dh_params_import_pkcs3(mc->dh_params, ¶ms,
623
GNUTLS_X509_FMT_PEM);
624
if(ret != GNUTLS_E_SUCCESS){
625
fprintf_plus(stderr, "Failed to parse DH parameters in file"
626
" \"%s\": %s\n", dhparamsfilename,
627
safer_gnutls_strerror(ret));
628
dhparamsfilename = NULL;
629
}
630
free(params.data);
631
} while(false);
632
}
633
if(dhparamsfilename == NULL){
634
if(mc->dh_bits == 0){
635
/* Find out the optimal number of DH bits */
636
/* Try to read the private key file */
637
gnutls_datum_t buffer = { .data = NULL, .size = 0 };
638
do {
639
int secfile = open(seckeyfilename, O_RDONLY);
640
if(secfile == -1){
641
perror_plus("open");
642
break;
643
}
644
size_t buffer_capacity = 0;
645
while(true){
646
buffer_capacity = incbuffer((char **)&buffer.data,
647
(size_t)buffer.size,
648
(size_t)buffer_capacity);
649
if(buffer_capacity == 0){
650
perror_plus("incbuffer");
651
free(buffer.data);
652
buffer.data = NULL;
653
break;
654
}
655
ssize_t bytes_read = read(secfile,
656
buffer.data + buffer.size,
657
BUFFER_SIZE);
658
/* EOF */
659
if(bytes_read == 0){
660
break;
661
}
662
/* check bytes_read for failure */
663
if(bytes_read < 0){
664
perror_plus("read");
665
free(buffer.data);
666
buffer.data = NULL;
667
break;
668
}
669
buffer.size += (unsigned int)bytes_read;
670
}
671
close(secfile);
672
} while(false);
673
/* If successful, use buffer to parse private key */
674
gnutls_sec_param_t sec_param = GNUTLS_SEC_PARAM_ULTRA;
675
if(buffer.data != NULL){
676
{
677
gnutls_openpgp_privkey_t privkey = NULL;
678
ret = gnutls_openpgp_privkey_init(&privkey);
679
if(ret != GNUTLS_E_SUCCESS){
680
fprintf_plus(stderr, "Error initializing OpenPGP key"
681
" structure: %s",
682
safer_gnutls_strerror(ret));
683
free(buffer.data);
684
buffer.data = NULL;
685
} else {
686
ret = gnutls_openpgp_privkey_import
687
(privkey, &buffer, GNUTLS_OPENPGP_FMT_BASE64, "", 0);
688
if(ret != GNUTLS_E_SUCCESS){
689
fprintf_plus(stderr, "Error importing OpenPGP key : %s",
690
safer_gnutls_strerror(ret));
691
privkey = NULL;
692
}
693
free(buffer.data);
694
buffer.data = NULL;
695
if(privkey != NULL){
696
/* Use private key to suggest an appropriate
697
sec_param */
698
sec_param = gnutls_openpgp_privkey_sec_param(privkey);
699
gnutls_openpgp_privkey_deinit(privkey);
700
if(debug){
701
fprintf_plus(stderr, "This OpenPGP key implies using"
702
" a GnuTLS security parameter \"%s\".\n",
703
safe_string(gnutls_sec_param_get_name
704
(sec_param)));
705
}
706
}
707
}
708
}
709
if(sec_param == GNUTLS_SEC_PARAM_UNKNOWN){
710
/* Err on the side of caution */
711
sec_param = GNUTLS_SEC_PARAM_ULTRA;
712
if(debug){
713
fprintf_plus(stderr, "Falling back to security parameter"
714
" \"%s\"\n",
715
safe_string(gnutls_sec_param_get_name
716
(sec_param)));
717
}
718
}
719
}
720
uret = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, sec_param);
721
if(uret != 0){
722
mc->dh_bits = uret;
723
if(debug){
724
fprintf_plus(stderr, "A \"%s\" GnuTLS security parameter"
725
" implies %u DH bits; using that.\n",
726
safe_string(gnutls_sec_param_get_name
727
(sec_param)),
728
mc->dh_bits);
729
}
730
} else {
731
fprintf_plus(stderr, "Failed to get implied number of DH"
732
" bits for security parameter \"%s\"): %s\n",
733
safe_string(gnutls_sec_param_get_name
734
(sec_param)),
735
safer_gnutls_strerror(ret));
736
goto globalfail;
737
}
738
} else if(debug){
739
fprintf_plus(stderr, "DH bits explicitly set to %u\n",
740
mc->dh_bits);
741
}
742
ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
743
if(ret != GNUTLS_E_SUCCESS){
744
fprintf_plus(stderr, "Error in GnuTLS prime generation (%u"
745
" bits): %s\n", mc->dh_bits,
746
safer_gnutls_strerror(ret));
747
goto globalfail;
748
}
749
}
750
gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
751
752
return 0;
753
754
globalfail:
755
756
gnutls_certificate_free_credentials(mc->cred);
757
gnutls_dh_params_deinit(mc->dh_params);
758
return -1;
759
}
760
761
__attribute__((nonnull, warn_unused_result))
762
static int init_gnutls_session(gnutls_session_t *session,
763
mandos_context *mc){
764
int ret;
765
/* GnuTLS session creation */
766
do {
767
ret = gnutls_init(session, GNUTLS_SERVER);
768
if(quit_now){
769
return -1;
770
}
771
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
772
if(ret != GNUTLS_E_SUCCESS){
773
fprintf_plus(stderr,
774
"Error in GnuTLS session initialization: %s\n",
775
safer_gnutls_strerror(ret));
776
}
777
778
{
779
const char *err;
780
do {
781
ret = gnutls_priority_set_direct(*session, mc->priority, &err);
782
if(quit_now){
783
gnutls_deinit(*session);
784
return -1;
785
}
786
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
787
if(ret != GNUTLS_E_SUCCESS){
788
fprintf_plus(stderr, "Syntax error at: %s\n", err);
789
fprintf_plus(stderr, "GnuTLS error: %s\n",
790
safer_gnutls_strerror(ret));
791
gnutls_deinit(*session);
792
return -1;
793
}
794
}
795
796
do {
797
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
798
mc->cred);
799
if(quit_now){
800
gnutls_deinit(*session);
801
return -1;
802
}
803
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
804
if(ret != GNUTLS_E_SUCCESS){
805
fprintf_plus(stderr, "Error setting GnuTLS credentials: %s\n",
806
safer_gnutls_strerror(ret));
807
gnutls_deinit(*session);
291
(es->cred, certfile, certkey, GNUTLS_OPENPGP_FMT_BASE64);
292
if (ret != GNUTLS_E_SUCCESS) {
293
fprintf
294
(stderr, "Error[%d] while reading the OpenPGP key pair ('%s',"
295
" '%s')\n",
296
ret, certfile, certkey);
297
fprintf(stdout, "The Error is: %s\n",
298
safer_gnutls_strerror(ret));
299
return -1;
300
}
301
302
//GnuTLS server initialization
303
if ((ret = gnutls_dh_params_init (&es->dh_params))
304
!= GNUTLS_E_SUCCESS) {
305
fprintf (stderr, "Error in dh parameter initialization: %s\n",
306
safer_gnutls_strerror(ret));
307
return -1;
308
}
309
310
if ((ret = gnutls_dh_params_generate2 (es->dh_params, DH_BITS))
311
!= GNUTLS_E_SUCCESS) {
312
fprintf (stderr, "Error in prime generation: %s\n",
313
safer_gnutls_strerror(ret));
314
return -1;
315
}
316
317
gnutls_certificate_set_dh_params (es->cred, es->dh_params);
318
319
// GnuTLS session creation
320
if ((ret = gnutls_init (&es->session, GNUTLS_SERVER))
321
!= GNUTLS_E_SUCCESS){
322
fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
323
safer_gnutls_strerror(ret));
324
}
325
326
if ((ret = gnutls_priority_set_direct (es->session, "NORMAL", &err))
327
!= GNUTLS_E_SUCCESS) {
328
fprintf(stderr, "Syntax error at: %s\n", err);
329
fprintf(stderr, "GnuTLS error: %s\n",
330
safer_gnutls_strerror(ret));
331
return -1;
332
}
333
334
if ((ret = gnutls_credentials_set
335
(es->session, GNUTLS_CRD_CERTIFICATE, es->cred))
336
!= GNUTLS_E_SUCCESS) {
337
fprintf(stderr, "Error setting a credentials set: %s\n",
338
safer_gnutls_strerror(ret));
808
339
return -1;
809
340
}
810
341
811
342
/* ignore client certificate if any. */
812
gnutls_certificate_server_set_request(*session, GNUTLS_CERT_IGNORE);
343
gnutls_certificate_server_set_request (es->session,
344
GNUTLS_CERT_IGNORE);
345
346
gnutls_dh_set_prime_bits (es->session, DH_BITS);
813
347
814
348
return 0;
815
349
}
816
350
817
/* Avahi log function callback */
818
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
819
__attribute__((unused)) const char *txt){}
820
821
/* Set effective uid to 0, return errno */
822
__attribute__((warn_unused_result))
823
int raise_privileges(void){
824
int old_errno = errno;
825
int ret = 0;
826
if(seteuid(0) == -1){
827
ret = errno;
828
}
829
errno = old_errno;
830
return ret;
831
}
832
833
/* Set effective and real user ID to 0. Return errno. */
834
__attribute__((warn_unused_result))
835
int raise_privileges_permanently(void){
836
int old_errno = errno;
837
int ret = raise_privileges();
838
if(ret != 0){
839
errno = old_errno;
840
return ret;
841
}
842
if(setuid(0) == -1){
843
ret = errno;
844
}
845
errno = old_errno;
846
return ret;
847
}
848
849
/* Set effective user ID to unprivileged saved user ID */
850
__attribute__((warn_unused_result))
851
int lower_privileges(void){
852
int old_errno = errno;
853
int ret = 0;
854
if(seteuid(uid) == -1){
855
ret = errno;
856
}
857
errno = old_errno;
858
return ret;
859
}
860
861
/* Lower privileges permanently */
862
__attribute__((warn_unused_result))
863
int lower_privileges_permanently(void){
864
int old_errno = errno;
865
int ret = 0;
866
if(setuid(uid) == -1){
867
ret = errno;
868
}
869
errno = old_errno;
870
return ret;
871
}
872
873
/* Helper function to add_local_route() and delete_local_route() */
874
__attribute__((nonnull, warn_unused_result))
875
static bool add_delete_local_route(const bool add,
876
const char *address,
877
AvahiIfIndex if_index){
878
int ret;
879
char helper[] = "mandos-client-iprouteadddel";
880
char add_arg[] = "add";
881
char delete_arg[] = "delete";
882
char debug_flag[] = "--debug";
883
char *pluginhelperdir = getenv("MANDOSPLUGINHELPERDIR");
884
if(pluginhelperdir == NULL){
885
if(debug){
886
fprintf_plus(stderr, "MANDOSPLUGINHELPERDIR environment"
887
" variable not set; cannot run helper\n");
888
}
889
return false;
890
}
891
892
char interface[IF_NAMESIZE];
893
if(if_indextoname((unsigned int)if_index, interface) == NULL){
894
perror_plus("if_indextoname");
895
return false;
896
}
897
898
int devnull = (int)TEMP_FAILURE_RETRY(open("/dev/null", O_RDONLY));
899
if(devnull == -1){
900
perror_plus("open(\"/dev/null\", O_RDONLY)");
901
return false;
902
}
903
pid_t pid = fork();
904
if(pid == 0){
905
/* Child */
906
/* Raise privileges */
907
errno = raise_privileges_permanently();
908
if(errno != 0){
909
perror_plus("Failed to raise privileges");
910
/* _exit(EX_NOPERM); */
911
} else {
912
/* Set group */
913
errno = 0;
914
ret = setgid(0);
915
if(ret == -1){
916
perror_plus("setgid");
917
_exit(EX_NOPERM);
918
}
919
/* Reset supplementary groups */
920
errno = 0;
921
ret = setgroups(0, NULL);
922
if(ret == -1){
923
perror_plus("setgroups");
924
_exit(EX_NOPERM);
925
}
926
}
927
ret = dup2(devnull, STDIN_FILENO);
928
if(ret == -1){
929
perror_plus("dup2(devnull, STDIN_FILENO)");
930
_exit(EX_OSERR);
931
}
932
ret = close(devnull);
933
if(ret == -1){
934
perror_plus("close");
935
_exit(EX_OSERR);
936
}
937
ret = dup2(STDERR_FILENO, STDOUT_FILENO);
938
if(ret == -1){
939
perror_plus("dup2(STDERR_FILENO, STDOUT_FILENO)");
940
_exit(EX_OSERR);
941
}
942
int helperdir_fd = (int)TEMP_FAILURE_RETRY(open(pluginhelperdir,
943
O_RDONLY
944
| O_DIRECTORY
945
| O_PATH
946
| O_CLOEXEC));
947
if(helperdir_fd == -1){
948
perror_plus("open");
949
_exit(EX_UNAVAILABLE);
950
}
951
int helper_fd = (int)TEMP_FAILURE_RETRY(openat(helperdir_fd,
952
helper, O_RDONLY));
953
if(helper_fd == -1){
954
perror_plus("openat");
955
close(helperdir_fd);
956
_exit(EX_UNAVAILABLE);
957
}
958
close(helperdir_fd);
959
#ifdef __GNUC__
960
#pragma GCC diagnostic push
961
#pragma GCC diagnostic ignored "-Wcast-qual"
962
#endif
963
if(fexecve(helper_fd, (char *const [])
964
{ helper, add ? add_arg : delete_arg, (char *)address,
965
interface, debug ? debug_flag : NULL, NULL },
966
environ) == -1){
967
#ifdef __GNUC__
968
#pragma GCC diagnostic pop
969
#endif
970
perror_plus("fexecve");
971
_exit(EXIT_FAILURE);
972
}
973
}
974
if(pid == -1){
975
perror_plus("fork");
976
return false;
977
}
978
int status;
979
pid_t pret = -1;
980
errno = 0;
981
do {
982
pret = waitpid(pid, &status, 0);
983
if(pret == -1 and errno == EINTR and quit_now){
984
int errno_raising = 0;
985
if((errno = raise_privileges()) != 0){
986
errno_raising = errno;
987
perror_plus("Failed to raise privileges in order to"
988
" kill helper program");
989
}
990
if(kill(pid, SIGTERM) == -1){
991
perror_plus("kill");
992
}
993
if((errno_raising == 0) and (errno = lower_privileges()) != 0){
994
perror_plus("Failed to lower privileges after killing"
995
" helper program");
996
}
997
return false;
998
}
999
} while(pret == -1 and errno == EINTR);
1000
if(pret == -1){
1001
perror_plus("waitpid");
1002
return false;
1003
}
1004
if(WIFEXITED(status)){
1005
if(WEXITSTATUS(status) != 0){
1006
fprintf_plus(stderr, "Error: iprouteadddel exited"
1007
" with status %d\n", WEXITSTATUS(status));
1008
return false;
1009
}
1010
return true;
1011
}
1012
if(WIFSIGNALED(status)){
1013
fprintf_plus(stderr, "Error: iprouteadddel died by"
1014
" signal %d\n", WTERMSIG(status));
1015
return false;
1016
}
1017
fprintf_plus(stderr, "Error: iprouteadddel crashed\n");
1018
return false;
1019
}
1020
1021
__attribute__((nonnull, warn_unused_result))
1022
static bool add_local_route(const char *address,
1023
AvahiIfIndex if_index){
1024
if(debug){
1025
fprintf_plus(stderr, "Adding route to %s\n", address);
1026
}
1027
return add_delete_local_route(true, address, if_index);
1028
}
1029
1030
__attribute__((nonnull, warn_unused_result))
1031
static bool delete_local_route(const char *address,
1032
AvahiIfIndex if_index){
1033
if(debug){
1034
fprintf_plus(stderr, "Removing route to %s\n", address);
1035
}
1036
return add_delete_local_route(false, address, if_index);
1037
}
1038
1039
/* Called when a Mandos server is found */
1040
__attribute__((nonnull, warn_unused_result))
1041
static int start_mandos_communication(const char *ip, in_port_t port,
1042
AvahiIfIndex if_index,
1043
int af, mandos_context *mc){
1044
int ret, tcp_sd = -1;
1045
ssize_t sret;
1046
struct sockaddr_storage to;
351
void empty_log(__attribute__((unused)) AvahiLogLevel level,
352
__attribute__((unused)) const char *txt){}
353
354
int start_mandos_communication(const char *ip, uint16_t port,
355
unsigned int if_index){
356
int ret, tcp_sd;
357
struct sockaddr_in6 to;
358
encrypted_session es;
1047
359
char *buffer = NULL;
1048
char *decrypted_buffer = NULL;
360
char *decrypted_buffer;
1049
361
size_t buffer_length = 0;
1050
362
size_t buffer_capacity = 0;
1051
size_t written;
1052
int retval = -1;
1053
gnutls_session_t session;
1054
int pf; /* Protocol family */
1055
bool route_added = false;
1056
1057
errno = 0;
1058
1059
if(quit_now){
1060
errno = EINTR;
1061
return -1;
1062
}
1063
1064
switch(af){
1065
case AF_INET6:
1066
pf = PF_INET6;
1067
break;
1068
case AF_INET:
1069
pf = PF_INET;
1070
break;
1071
default:
1072
fprintf_plus(stderr, "Bad address family: %d\n", af);
1073
errno = EINVAL;
1074
return -1;
1075
}
1076
1077
/* If the interface is specified and we have a list of interfaces */
1078
if(if_index != AVAHI_IF_UNSPEC and mc->interfaces != NULL){
1079
/* Check if the interface is one of the interfaces we are using */
1080
bool match = false;
1081
{
1082
char *interface = NULL;
1083
while((interface = argz_next(mc->interfaces,
1084
mc->interfaces_size,
1085
interface))){
1086
if(if_nametoindex(interface) == (unsigned int)if_index){
1087
match = true;
1088
break;
1089
}
1090
}
1091
}
1092
if(not match){
1093
/* This interface does not match any in the list, so we don't
1094
connect to the server */
363
ssize_t decrypted_buffer_size;
364
size_t written = 0;
365
int retval = 0;
366
char interface[IF_NAMESIZE];
367
368
if(debug){
369
fprintf(stderr, "Setting up a tcp connection to %s\n", ip);
370
}
371
372
tcp_sd = socket(PF_INET6, SOCK_STREAM, 0);
373
if(tcp_sd < 0) {
374
perror("socket");
375
return -1;
376
}
377
378
if(debug){
379
if(if_indextoname(if_index, interface) == NULL){
1095
380
if(debug){
1096
char interface[IF_NAMESIZE];
1097
if(if_indextoname((unsigned int)if_index, interface) == NULL){
1098
perror_plus("if_indextoname");
1099
} else {
1100
fprintf_plus(stderr, "Skipping server on non-used interface"
1101
" \"%s\"\n",
1102
if_indextoname((unsigned int)if_index,
1103
interface));
1104
}
381
perror("if_indextoname");
1105
382
}
1106
383
return -1;
1107
384
}
385
386
fprintf(stderr, "Binding to interface %s\n", interface);
1108
387
}
1109
388
1110
ret = init_gnutls_session(&session, mc);
1111
if(ret != 0){
389
memset(&to,0,sizeof(to)); /* Spurious warning */
390
to.sin6_family = AF_INET6;
391
ret = inet_pton(AF_INET6, ip, &to.sin6_addr);
392
if (ret < 0 ){
393
perror("inet_pton");
1112
394
return -1;
1113
}
1114
1115
if(debug){
1116
fprintf_plus(stderr, "Setting up a TCP connection to %s, port %"
1117
PRIuMAX "\n", ip, (uintmax_t)port);
1118
}
1119
1120
tcp_sd = socket(pf, SOCK_STREAM | SOCK_CLOEXEC, 0);
1121
if(tcp_sd < 0){
1122
int e = errno;
1123
perror_plus("socket");
1124
errno = e;
1125
goto mandos_end;
1126
}
1127
1128
if(quit_now){
1129
errno = EINTR;
1130
goto mandos_end;
1131
}
1132
1133
if(af == AF_INET6){
1134
struct sockaddr_in6 *to6 = (struct sockaddr_in6 *)&to;
1135
*to6 = (struct sockaddr_in6){ .sin6_family = (sa_family_t)af };
1136
ret = inet_pton(af, ip, &to6->sin6_addr);
1137
} else { /* IPv4 */
1138
struct sockaddr_in *to4 = (struct sockaddr_in *)&to;
1139
*to4 = (struct sockaddr_in){ .sin_family = (sa_family_t)af };
1140
ret = inet_pton(af, ip, &to4->sin_addr);
1141
}
1142
if(ret < 0 ){
1143
int e = errno;
1144
perror_plus("inet_pton");
1145
errno = e;
1146
goto mandos_end;
1147
}
395
}
1148
396
if(ret == 0){
1149
int e = errno;
1150
fprintf_plus(stderr, "Bad address: %s\n", ip);
1151
errno = e;
1152
goto mandos_end;
1153
}
1154
if(af == AF_INET6){
1155
((struct sockaddr_in6 *)&to)->sin6_port = htons(port);
1156
if(IN6_IS_ADDR_LINKLOCAL
1157
(&((struct sockaddr_in6 *)&to)->sin6_addr)){
1158
if(if_index == AVAHI_IF_UNSPEC){
1159
fprintf_plus(stderr, "An IPv6 link-local address is"
1160
" incomplete without a network interface\n");
1161
errno = EINVAL;
1162
goto mandos_end;
1163
}
1164
/* Set the network interface number as scope */
1165
((struct sockaddr_in6 *)&to)->sin6_scope_id = (uint32_t)if_index;
1166
}
1167
} else {
1168
((struct sockaddr_in *)&to)->sin_port = htons(port);
1169
}
1170
1171
if(quit_now){
1172
errno = EINTR;
1173
goto mandos_end;
1174
}
1175
1176
if(debug){
1177
if(af == AF_INET6 and if_index != AVAHI_IF_UNSPEC){
1178
char interface[IF_NAMESIZE];
1179
if(if_indextoname((unsigned int)if_index, interface) == NULL){
1180
perror_plus("if_indextoname");
1181
} else {
1182
fprintf_plus(stderr, "Connection to: %s%%%s, port %" PRIuMAX
1183
"\n", ip, interface, (uintmax_t)port);
1184
}
1185
} else {
1186
fprintf_plus(stderr, "Connection to: %s, port %" PRIuMAX "\n",
1187
ip, (uintmax_t)port);
1188
}
1189
char addrstr[(INET_ADDRSTRLEN > INET6_ADDRSTRLEN) ?
1190
INET_ADDRSTRLEN : INET6_ADDRSTRLEN] = "";
1191
if(af == AF_INET6){
1192
ret = getnameinfo((struct sockaddr *)&to,
1193
sizeof(struct sockaddr_in6),
1194
addrstr, sizeof(addrstr), NULL, 0,
1195
NI_NUMERICHOST);
1196
} else {
1197
ret = getnameinfo((struct sockaddr *)&to,
1198
sizeof(struct sockaddr_in),
1199
addrstr, sizeof(addrstr), NULL, 0,
1200
NI_NUMERICHOST);
1201
}
1202
if(ret == EAI_SYSTEM){
1203
perror_plus("getnameinfo");
1204
} else if(ret != 0) {
1205
fprintf_plus(stderr, "getnameinfo: %s", gai_strerror(ret));
1206
} else if(strcmp(addrstr, ip) != 0){
1207
fprintf_plus(stderr, "Canonical address form: %s\n", addrstr);
1208
}
1209
}
1210
1211
if(quit_now){
1212
errno = EINTR;
1213
goto mandos_end;
1214
}
1215
1216
while(true){
1217
if(af == AF_INET6){
1218
ret = connect(tcp_sd, (struct sockaddr *)&to,
1219
sizeof(struct sockaddr_in6));
1220
} else {
1221
ret = connect(tcp_sd, (struct sockaddr *)&to, /* IPv4 */
1222
sizeof(struct sockaddr_in));
1223
}
1224
if(ret < 0){
1225
if(((errno == ENETUNREACH) or (errno == EHOSTUNREACH))
1226
and if_index != AVAHI_IF_UNSPEC
1227
and connect_to == NULL
1228
and not route_added and
1229
((af == AF_INET6 and not
1230
IN6_IS_ADDR_LINKLOCAL(&(((struct sockaddr_in6 *)
1231
&to)->sin6_addr)))
1232
or (af == AF_INET and
1233
/* Not a a IPv4LL address */
1234
(ntohl(((struct sockaddr_in *)&to)->sin_addr.s_addr)
1235
& 0xFFFF0000L) != 0xA9FE0000L))){
1236
/* Work around Avahi bug - Avahi does not announce link-local
1237
addresses if it has a global address, so local hosts with
1238
*only* a link-local address (e.g. Mandos clients) cannot
1239
connect to a Mandos server announced by Avahi on a server
1240
host with a global address. Work around this by retrying
1241
with an explicit route added with the server's address.
1242
1243
Avahi bug reference:
1244
https://lists.freedesktop.org/archives/avahi/2010-February/001833.html
1245
https://bugs.debian.org/587961
1246
*/
1247
if(debug){
1248
fprintf_plus(stderr, "Mandos server unreachable, trying"
1249
" direct route\n");
1250
}
1251
int e = errno;
1252
route_added = add_local_route(ip, if_index);
1253
if(route_added){
1254
continue;
1255
}
1256
errno = e;
1257
}
1258
if(errno != ECONNREFUSED or debug){
1259
int e = errno;
1260
perror_plus("connect");
1261
errno = e;
1262
}
1263
goto mandos_end;
1264
}
1265
1266
if(quit_now){
1267
errno = EINTR;
1268
goto mandos_end;
1269
}
1270
break;
1271
}
1272
1273
const char *out = mandos_protocol_version;
1274
written = 0;
1275
while(true){
1276
size_t out_size = strlen(out);
1277
ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written,
1278
out_size - written));
1279
if(ret == -1){
1280
int e = errno;
1281
perror_plus("write");
1282
errno = e;
1283
goto mandos_end;
1284
}
1285
written += (size_t)ret;
1286
if(written < out_size){
1287
continue;
1288
} else {
1289
if(out == mandos_protocol_version){
1290
written = 0;
1291
out = "\r\n";
1292
} else {
1293
break;
1294
}
1295
}
1296
1297
if(quit_now){
1298
errno = EINTR;
1299
goto mandos_end;
1300
}
1301
}
1302
1303
if(debug){
1304
fprintf_plus(stderr, "Establishing TLS session with %s\n", ip);
1305
}
1306
1307
if(quit_now){
1308
errno = EINTR;
1309
goto mandos_end;
1310
}
1311
1312
/* This casting via intptr_t is to eliminate warning about casting
1313
an int to a pointer type. This is exactly how the GnuTLS Guile
1314
function "set-session-transport-fd!" does it. */
1315
gnutls_transport_set_ptr(session,
1316
(gnutls_transport_ptr_t)(intptr_t)tcp_sd);
1317
1318
if(quit_now){
1319
errno = EINTR;
1320
goto mandos_end;
1321
}
1322
1323
do {
1324
ret = gnutls_handshake(session);
1325
if(quit_now){
1326
errno = EINTR;
1327
goto mandos_end;
1328
}
1329
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
1330
1331
if(ret != GNUTLS_E_SUCCESS){
397
fprintf(stderr, "Bad address: %s\n", ip);
398
return -1;
399
}
400
to.sin6_port = htons(port); /* Spurious warning */
401
402
to.sin6_scope_id = (uint32_t)if_index;
403
404
if(debug){
405
fprintf(stderr, "Connection to: %s\n", ip);
406
}
407
408
ret = connect(tcp_sd, (struct sockaddr *) &to, sizeof(to));
409
if (ret < 0){
410
perror("connect");
411
return -1;
412
}
413
414
ret = initgnutls (&es);
415
if (ret != 0){
416
retval = -1;
417
return -1;
418
}
419
420
gnutls_transport_set_ptr (es.session,
421
(gnutls_transport_ptr_t) tcp_sd);
422
423
if(debug){
424
fprintf(stderr, "Establishing TLS session with %s\n", ip);
425
}
426
427
ret = gnutls_handshake (es.session);
428
429
if (ret != GNUTLS_E_SUCCESS){
1332
430
if(debug){
1333
fprintf_plus(stderr, "*** GnuTLS Handshake failed ***\n");
1334
gnutls_perror(ret);
431
fprintf(stderr, "\n*** Handshake failed ***\n");
432
gnutls_perror (ret);
1335
433
}
1336
errno = EPROTO;
1337
goto mandos_end;
434
retval = -1;
435
goto exit;
1338
436
}
1339
437
1340
/* Read OpenPGP packet that contains the wanted password */
438
//Retrieve OpenPGP packet that contains the wanted password
1341
439
1342
440
if(debug){
1343
fprintf_plus(stderr, "Retrieving OpenPGP encrypted password from"
1344
" %s\n", ip);
441
fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
442
ip);
1345
443
}
1346
444
1347
445
while(true){
1348
1349
if(quit_now){
1350
errno = EINTR;
1351
goto mandos_end;
1352
}
1353
1354
buffer_capacity = incbuffer(&buffer, buffer_length,
1355
buffer_capacity);
1356
if(buffer_capacity == 0){
1357
int e = errno;
1358
perror_plus("incbuffer");
1359
errno = e;
1360
goto mandos_end;
1361
}
1362
1363
if(quit_now){
1364
errno = EINTR;
1365
goto mandos_end;
1366
}
1367
1368
sret = gnutls_record_recv(session, buffer+buffer_length,
1369
BUFFER_SIZE);
1370
if(sret == 0){
446
if (buffer_length + BUFFER_SIZE > buffer_capacity){
447
buffer = realloc(buffer, buffer_capacity + BUFFER_SIZE);
448
if (buffer == NULL){
449
perror("realloc");
450
goto exit;
451
}
452
buffer_capacity += BUFFER_SIZE;
453
}
454
455
ret = gnutls_record_recv
456
(es.session, buffer+buffer_length, BUFFER_SIZE);
457
if (ret == 0){
1371
458
break;
1372
459
}
1373
if(sret < 0){
1374
switch(sret){
460
if (ret < 0){
461
switch(ret){
1375
462
case GNUTLS_E_INTERRUPTED:
1376
463
case GNUTLS_E_AGAIN:
1377
464
break;
1378
465
case GNUTLS_E_REHANDSHAKE:
1379
do {
1380
ret = gnutls_handshake(session);
1381
1382
if(quit_now){
1383
errno = EINTR;
1384
goto mandos_end;
1385
}
1386
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
1387
if(ret < 0){
1388
fprintf_plus(stderr, "*** GnuTLS Re-handshake failed "
1389
"***\n");
1390
gnutls_perror(ret);
1391
errno = EPROTO;
1392
goto mandos_end;
466
ret = gnutls_handshake (es.session);
467
if (ret < 0){
468
fprintf(stderr, "\n*** Handshake failed ***\n");
469
gnutls_perror (ret);
470
retval = -1;
471
goto exit;
1393
472
}
1394
473
break;
1395
474
default:
1396
fprintf_plus(stderr, "Unknown error while reading data from"
1397
" encrypted session with Mandos server\n");
1398
gnutls_bye(session, GNUTLS_SHUT_RDWR);
1399
errno = EIO;
1400
goto mandos_end;
475
fprintf(stderr, "Unknown error while reading data from"
476
" encrypted session with mandos server\n");
477
retval = -1;
478
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
479
goto exit;
1401
480
}
1402
481
} else {
1403
buffer_length += (size_t) sret;
1404
}
1405
}
1406
1407
if(debug){
1408
fprintf_plus(stderr, "Closing TLS session\n");
1409
}
1410
1411
if(quit_now){
1412
errno = EINTR;
1413
goto mandos_end;
1414
}
1415
1416
do {
1417
ret = gnutls_bye(session, GNUTLS_SHUT_RDWR);
1418
if(quit_now){
1419
errno = EINTR;
1420
goto mandos_end;
1421
}
1422
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
1423
1424
if(buffer_length > 0){
1425
ssize_t decrypted_buffer_size;
1426
decrypted_buffer_size = pgp_packet_decrypt(buffer, buffer_length,
1427
&decrypted_buffer, mc);
1428
if(decrypted_buffer_size >= 0){
1429
1430
clearerr(stdout);
1431
written = 0;
1432
while(written < (size_t) decrypted_buffer_size){
1433
if(quit_now){
1434
errno = EINTR;
1435
goto mandos_end;
1436
}
1437
1438
ret = (int)fwrite(decrypted_buffer + written, 1,
1439
(size_t)decrypted_buffer_size - written,
1440
stdout);
482
buffer_length += (size_t) ret;
483
}
484
}
485
486
if (buffer_length > 0){
487
decrypted_buffer_size = pgp_packet_decrypt(buffer,
488
buffer_length,
489
&decrypted_buffer,
490
certdir);
491
if (decrypted_buffer_size >= 0){
492
while(written < (size_t)decrypted_buffer_size){
493
ret = (int)fwrite (decrypted_buffer + written, 1,
494
(size_t)decrypted_buffer_size - written,
495
stdout);
1441
496
if(ret == 0 and ferror(stdout)){
1442
int e = errno;
1443
497
if(debug){
1444
fprintf_plus(stderr, "Error writing encrypted data: %s\n",
1445
strerror(errno));
498
fprintf(stderr, "Error writing encrypted data: %s\n",
499
strerror(errno));
1446
500
}
1447
errno = e;
1448
goto mandos_end;
501
retval = -1;
502
break;
1449
503
}
1450
504
written += (size_t)ret;
1451
505
}
1452
ret = fflush(stdout);
1453
if(ret != 0){
1454
int e = errno;
1455
if(debug){
1456
fprintf_plus(stderr, "Error writing encrypted data: %s\n",
1457
strerror(errno));
1458
}
1459
errno = e;
1460
goto mandos_end;
1461
}
1462
retval = 0;
1463
}
1464
}
1465
1466
/* Shutdown procedure */
1467
1468
mandos_end:
1469
{
1470
if(route_added){
1471
if(not delete_local_route(ip, if_index)){
1472
fprintf_plus(stderr, "Failed to delete local route to %s on"
1473
" interface %d", ip, if_index);
1474
}
1475
}
1476
int e = errno;
1477
free(decrypted_buffer);
1478
free(buffer);
1479
if(tcp_sd >= 0){
1480
ret = close(tcp_sd);
1481
}
1482
if(ret == -1){
1483
if(e == 0){
1484
e = errno;
1485
}
1486
perror_plus("close");
1487
}
1488
gnutls_deinit(session);
1489
errno = e;
1490
if(quit_now){
1491
errno = EINTR;
506
free(decrypted_buffer);
507
} else {
1492
508
retval = -1;
1493
509
}
1494
510
}
511
512
//shutdown procedure
513
514
if(debug){
515
fprintf(stderr, "Closing TLS session\n");
516
}
517
518
free(buffer);
519
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
520
exit:
521
close(tcp_sd);
522
gnutls_deinit (es.session);
523
gnutls_certificate_free_credentials (es.cred);
524
gnutls_global_deinit ();
1495
525
return retval;
1496
526
}
1497
527
1498
static void resolve_callback(AvahiSServiceResolver *r,
1499
AvahiIfIndex interface,
1500
AvahiProtocol proto,
1501
AvahiResolverEvent event,
1502
const char *name,
1503
const char *type,
1504
const char *domain,
1505
const char *host_name,
1506
const AvahiAddress *address,
1507
uint16_t port,
1508
AVAHI_GCC_UNUSED AvahiStringList *txt,
1509
AVAHI_GCC_UNUSED AvahiLookupResultFlags
1510
flags,
1511
void *mc){
1512
if(r == NULL){
1513
return;
1514
}
528
static AvahiSimplePoll *simple_poll = NULL;
529
static AvahiServer *server = NULL;
530
531
static void resolve_callback(
532
AvahiSServiceResolver *r,
533
AvahiIfIndex interface,
534
AVAHI_GCC_UNUSED AvahiProtocol protocol,
535
AvahiResolverEvent event,
536
const char *name,
537
const char *type,
538
const char *domain,
539
const char *host_name,
540
const AvahiAddress *address,
541
uint16_t port,
542
AVAHI_GCC_UNUSED AvahiStringList *txt,
543
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
544
AVAHI_GCC_UNUSED void* userdata) {
545
546
assert(r); /* Spurious warning */
1515
547
1516
548
/* Called whenever a service has been resolved successfully or
1517
549
timed out */
1518
550
1519
if(quit_now){
1520
avahi_s_service_resolver_free(r);
1521
return;
1522
}
1523
1524
switch(event){
551
switch (event) {
1525
552
default:
1526
553
case AVAHI_RESOLVER_FAILURE:
1527
fprintf_plus(stderr, "(Avahi Resolver) Failed to resolve service "
1528
"'%s' of type '%s' in domain '%s': %s\n", name, type,
1529
domain,
1530
avahi_strerror(avahi_server_errno
1531
(((mandos_context*)mc)->server)));
554
fprintf(stderr, "(Resolver) Failed to resolve service '%s' of"
555
" type '%s' in domain '%s': %s\n", name, type, domain,
556
avahi_strerror(avahi_server_errno(server)));
1532
557
break;
1533
558
1534
559
case AVAHI_RESOLVER_FOUND:
1536
561
char ip[AVAHI_ADDRESS_STR_MAX];
1537
562
avahi_address_snprint(ip, sizeof(ip), address);
1538
563
if(debug){
1539
fprintf_plus(stderr, "Mandos server \"%s\" found on %s (%s, %"
1540
PRIdMAX ") on port %" PRIu16 "\n", name,
1541
host_name, ip, (intmax_t)interface, port);
564
fprintf(stderr, "Mandos server \"%s\" found on %s (%s) on"
565
" port %d\n", name, host_name, ip, port);
1542
566
}
1543
int ret = start_mandos_communication(ip, (in_port_t)port,
1544
interface,
1545
avahi_proto_to_af(proto),
1546
mc);
1547
if(ret == 0){
1548
avahi_simple_poll_quit(simple_poll);
1549
} else {
1550
if(not add_server(ip, (in_port_t)port, interface,
1551
avahi_proto_to_af(proto),
1552
&((mandos_context*)mc)->current_server)){
1553
fprintf_plus(stderr, "Failed to add server \"%s\" to server"
1554
" list\n", name);
1555
}
567
int ret = start_mandos_communication(ip, port,
568
(unsigned int) interface);
569
if (ret == 0){
570
exit(EXIT_SUCCESS);
1556
571
}
1557
572
}
1558
573
}
1559
574
avahi_s_service_resolver_free(r);
1560
575
}
1561
576
1562
static void browse_callback(AvahiSServiceBrowser *b,
1563
AvahiIfIndex interface,
1564
AvahiProtocol protocol,
1565
AvahiBrowserEvent event,
1566
const char *name,
1567
const char *type,
1568
const char *domain,
1569
AVAHI_GCC_UNUSED AvahiLookupResultFlags
1570
flags,
1571
void *mc){
1572
if(b == NULL){
1573
return;
1574
}
1575
1576
/* Called whenever a new services becomes available on the LAN or
1577
is removed from the LAN */
1578
1579
if(quit_now){
1580
return;
1581
}
1582
1583
switch(event){
1584
default:
1585
case AVAHI_BROWSER_FAILURE:
1586
1587
fprintf_plus(stderr, "(Avahi browser) %s\n",
1588
avahi_strerror(avahi_server_errno
1589
(((mandos_context*)mc)->server)));
1590
avahi_simple_poll_quit(simple_poll);
1591
return;
1592
1593
case AVAHI_BROWSER_NEW:
1594
/* We ignore the returned Avahi resolver object. In the callback
1595
function we free it. If the Avahi server is terminated before
1596
the callback function is called the Avahi server will free the
1597
resolver for us. */
1598
1599
if(avahi_s_service_resolver_new(((mandos_context*)mc)->server,
1600
interface, protocol, name, type,
1601
domain, protocol, 0,
1602
resolve_callback, mc) == NULL)
1603
fprintf_plus(stderr, "Avahi: Failed to resolve service '%s':"
1604
" %s\n", name,
1605
avahi_strerror(avahi_server_errno
1606
(((mandos_context*)mc)->server)));
1607
break;
1608
1609
case AVAHI_BROWSER_REMOVE:
1610
break;
1611
1612
case AVAHI_BROWSER_ALL_FOR_NOW:
1613
case AVAHI_BROWSER_CACHE_EXHAUSTED:
1614
if(debug){
1615
fprintf_plus(stderr, "No Mandos server found, still"
1616
" searching...\n");
1617
}
1618
break;
1619
}
1620
}
1621
1622
/* Signal handler that stops main loop after SIGTERM */
1623
static void handle_sigterm(int sig){
1624
if(quit_now){
1625
return;
1626
}
1627
quit_now = 1;
1628
signal_received = sig;
1629
int old_errno = errno;
1630
/* set main loop to exit */
1631
if(simple_poll != NULL){
1632
avahi_simple_poll_quit(simple_poll);
1633
}
1634
errno = old_errno;
1635
}
1636
1637
__attribute__((nonnull, warn_unused_result))
1638
bool get_flags(const char *ifname, struct ifreq *ifr){
1639
int ret;
1640
int old_errno;
1641
1642
int s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1643
if(s < 0){
1644
old_errno = errno;
1645
perror_plus("socket");
1646
errno = old_errno;
1647
return false;
1648
}
1649
strncpy(ifr->ifr_name, ifname, IF_NAMESIZE);
1650
ifr->ifr_name[IF_NAMESIZE-1] = '\0'; /* NUL terminate */
1651
ret = ioctl(s, SIOCGIFFLAGS, ifr);
1652
if(ret == -1){
1653
if(debug){
1654
old_errno = errno;
1655
perror_plus("ioctl SIOCGIFFLAGS");
1656
errno = old_errno;
1657
}
1658
return false;
1659
}
1660
return true;
1661
}
1662
1663
__attribute__((nonnull, warn_unused_result))
1664
bool good_flags(const char *ifname, const struct ifreq *ifr){
1665
1666
/* Reject the loopback device */
1667
if(ifr->ifr_flags & IFF_LOOPBACK){
1668
if(debug){
1669
fprintf_plus(stderr, "Rejecting loopback interface \"%s\"\n",
1670
ifname);
1671
}
1672
return false;
1673
}
1674
/* Accept point-to-point devices only if connect_to is specified */
1675
if(connect_to != NULL and (ifr->ifr_flags & IFF_POINTOPOINT)){
1676
if(debug){
1677
fprintf_plus(stderr, "Accepting point-to-point interface"
1678
" \"%s\"\n", ifname);
1679
}
1680
return true;
1681
}
1682
/* Otherwise, reject non-broadcast-capable devices */
1683
if(not (ifr->ifr_flags & IFF_BROADCAST)){
1684
if(debug){
1685
fprintf_plus(stderr, "Rejecting non-broadcast interface"
1686
" \"%s\"\n", ifname);
1687
}
1688
return false;
1689
}
1690
/* Reject non-ARP interfaces (including dummy interfaces) */
1691
if(ifr->ifr_flags & IFF_NOARP){
1692
if(debug){
1693
fprintf_plus(stderr, "Rejecting non-ARP interface \"%s\"\n",
1694
ifname);
1695
}
1696
return false;
1697
}
1698
1699
/* Accept this device */
1700
if(debug){
1701
fprintf_plus(stderr, "Interface \"%s\" is good\n", ifname);
1702
}
1703
return true;
1704
}
1705
1706
/*
1707
* This function determines if a directory entry in /sys/class/net
1708
* corresponds to an acceptable network device.
1709
* (This function is passed to scandir(3) as a filter function.)
1710
*/
1711
__attribute__((nonnull, warn_unused_result))
1712
int good_interface(const struct dirent *if_entry){
1713
if(if_entry->d_name[0] == '.'){
1714
return 0;
1715
}
1716
1717
struct ifreq ifr;
1718
if(not get_flags(if_entry->d_name, &ifr)){
1719
if(debug){
1720
fprintf_plus(stderr, "Failed to get flags for interface "
1721
"\"%s\"\n", if_entry->d_name);
1722
}
1723
return 0;
1724
}
1725
1726
if(not good_flags(if_entry->d_name, &ifr)){
1727
return 0;
1728
}
1729
return 1;
1730
}
1731
1732
/*
1733
* This function determines if a network interface is up.
1734
*/
1735
__attribute__((nonnull, warn_unused_result))
1736
bool interface_is_up(const char *interface){
1737
struct ifreq ifr;
1738
if(not get_flags(interface, &ifr)){
1739
if(debug){
1740
fprintf_plus(stderr, "Failed to get flags for interface "
1741
"\"%s\"\n", interface);
1742
}
1743
return false;
1744
}
1745
1746
return (bool)(ifr.ifr_flags & IFF_UP);
1747
}
1748
1749
/*
1750
* This function determines if a network interface is running
1751
*/
1752
__attribute__((nonnull, warn_unused_result))
1753
bool interface_is_running(const char *interface){
1754
struct ifreq ifr;
1755
if(not get_flags(interface, &ifr)){
1756
if(debug){
1757
fprintf_plus(stderr, "Failed to get flags for interface "
1758
"\"%s\"\n", interface);
1759
}
1760
return false;
1761
}
1762
1763
return (bool)(ifr.ifr_flags & IFF_RUNNING);
1764
}
1765
1766
__attribute__((nonnull, pure, warn_unused_result))
1767
int notdotentries(const struct dirent *direntry){
1768
/* Skip "." and ".." */
1769
if(direntry->d_name[0] == '.'
1770
and (direntry->d_name[1] == '\0'
1771
or (direntry->d_name[1] == '.'
1772
and direntry->d_name[2] == '\0'))){
1773
return 0;
1774
}
1775
return 1;
1776
}
1777
1778
/* Is this directory entry a runnable program? */
1779
__attribute__((nonnull, warn_unused_result))
1780
int runnable_hook(const struct dirent *direntry){
1781
int ret;
1782
size_t sret;
1783
struct stat st;
1784
1785
if((direntry->d_name)[0] == '\0'){
1786
/* Empty name? */
1787
return 0;
1788
}
1789
1790
sret = strspn(direntry->d_name, "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
1791
"abcdefghijklmnopqrstuvwxyz"
1792
"0123456789"
1793
"_.-");
1794
if((direntry->d_name)[sret] != '\0'){
1795
/* Contains non-allowed characters */
1796
if(debug){
1797
fprintf_plus(stderr, "Ignoring hook \"%s\" with bad name\n",
1798
direntry->d_name);
1799
}
1800
return 0;
1801
}
1802
1803
ret = fstatat(hookdir_fd, direntry->d_name, &st, 0);
1804
if(ret == -1){
1805
if(debug){
1806
perror_plus("Could not stat hook");
1807
}
1808
return 0;
1809
}
1810
if(not (S_ISREG(st.st_mode))){
1811
/* Not a regular file */
1812
if(debug){
1813
fprintf_plus(stderr, "Ignoring hook \"%s\" - not a file\n",
1814
direntry->d_name);
1815
}
1816
return 0;
1817
}
1818
if(not (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))){
1819
/* Not executable */
1820
if(debug){
1821
fprintf_plus(stderr, "Ignoring hook \"%s\" - not executable\n",
1822
direntry->d_name);
1823
}
1824
return 0;
1825
}
1826
if(debug){
1827
fprintf_plus(stderr, "Hook \"%s\" is acceptable\n",
1828
direntry->d_name);
1829
}
1830
return 1;
1831
}
1832
1833
__attribute__((nonnull, warn_unused_result))
1834
int avahi_loop_with_timeout(AvahiSimplePoll *s, int retry_interval,
1835
mandos_context *mc){
1836
int ret;
1837
struct timespec now;
1838
struct timespec waited_time;
1839
intmax_t block_time;
1840
1841
while(true){
1842
if(mc->current_server == NULL){
1843
if(debug){
1844
fprintf_plus(stderr, "Wait until first server is found."
1845
" No timeout!\n");
1846
}
1847
ret = avahi_simple_poll_iterate(s, -1);
1848
} else {
1849
if(debug){
1850
fprintf_plus(stderr, "Check current_server if we should run"
1851
" it, or wait\n");
1852
}
1853
/* the current time */
1854
ret = clock_gettime(CLOCK_MONOTONIC, &now);
1855
if(ret == -1){
1856
perror_plus("clock_gettime");
1857
return -1;
1858
}
1859
/* Calculating in ms how long time between now and server
1860
who we visted longest time ago. Now - last seen. */
1861
waited_time.tv_sec = (now.tv_sec
1862
- mc->current_server->last_seen.tv_sec);
1863
waited_time.tv_nsec = (now.tv_nsec
1864
- mc->current_server->last_seen.tv_nsec);
1865
/* total time is 10s/10,000ms.
1866
Converting to s from ms by dividing by 1,000,
1867
and ns to ms by dividing by 1,000,000. */
1868
block_time = ((retry_interval
1869
- ((intmax_t)waited_time.tv_sec * 1000))
1870
- ((intmax_t)waited_time.tv_nsec / 1000000));
1871
1872
if(debug){
1873
fprintf_plus(stderr, "Blocking for %" PRIdMAX " ms\n",
1874
block_time);
1875
}
1876
1877
if(block_time <= 0){
1878
ret = start_mandos_communication(mc->current_server->ip,
1879
mc->current_server->port,
1880
mc->current_server->if_index,
1881
mc->current_server->af, mc);
1882
if(ret == 0){
1883
avahi_simple_poll_quit(s);
1884
return 0;
1885
}
1886
ret = clock_gettime(CLOCK_MONOTONIC,
1887
&mc->current_server->last_seen);
1888
if(ret == -1){
1889
perror_plus("clock_gettime");
1890
return -1;
1891
}
1892
mc->current_server = mc->current_server->next;
1893
block_time = 0; /* Call avahi to find new Mandos
1894
servers, but don't block */
1895
}
1896
1897
ret = avahi_simple_poll_iterate(s, (int)block_time);
1898
}
1899
if(ret != 0){
1900
if(ret > 0 or errno != EINTR){
1901
return (ret != 1) ? ret : 0;
1902
}
1903
}
1904
}
1905
}
1906
1907
__attribute__((nonnull))
1908
void run_network_hooks(const char *mode, const char *interface,
1909
const float delay){
1910
struct dirent **direntries = NULL;
1911
if(hookdir_fd == -1){
1912
hookdir_fd = open(hookdir, O_RDONLY | O_DIRECTORY | O_PATH
1913
| O_CLOEXEC);
1914
if(hookdir_fd == -1){
1915
if(errno == ENOENT){
1916
if(debug){
1917
fprintf_plus(stderr, "Network hook directory \"%s\" not"
1918
" found\n", hookdir);
1919
}
1920
} else {
1921
perror_plus("open");
1922
}
577
static void browse_callback(
578
AvahiSServiceBrowser *b,
579
AvahiIfIndex interface,
580
AvahiProtocol protocol,
581
AvahiBrowserEvent event,
582
const char *name,
583
const char *type,
584
const char *domain,
585
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
586
void* userdata) {
587
588
AvahiServer *s = userdata;
589
assert(b); /* Spurious warning */
590
591
/* Called whenever a new services becomes available on the LAN or
592
is removed from the LAN */
593
594
switch (event) {
595
default:
596
case AVAHI_BROWSER_FAILURE:
597
598
fprintf(stderr, "(Browser) %s\n",
599
avahi_strerror(avahi_server_errno(server)));
600
avahi_simple_poll_quit(simple_poll);
1923
601
return;
1924
}
1925
}
1926
int devnull = (int)TEMP_FAILURE_RETRY(open("/dev/null", O_RDONLY));
1927
if(devnull == -1){
1928
perror_plus("open(\"/dev/null\", O_RDONLY)");
1929
return;
1930
}
1931
int numhooks = scandirat(hookdir_fd, ".", &direntries,
1932
runnable_hook, alphasort);
1933
if(numhooks == -1){
1934
perror_plus("scandir");
1935
close(devnull);
1936
return;
1937
}
1938
struct dirent *direntry;
1939
int ret;
1940
for(int i = 0; i < numhooks; i++){
1941
direntry = direntries[i];
1942
if(debug){
1943
fprintf_plus(stderr, "Running network hook \"%s\"\n",
1944
direntry->d_name);
1945
}
1946
pid_t hook_pid = fork();
1947
if(hook_pid == 0){
1948
/* Child */
1949
/* Raise privileges */
1950
errno = raise_privileges_permanently();
1951
if(errno != 0){
1952
perror_plus("Failed to raise privileges");
1953
_exit(EX_NOPERM);
1954
}
1955
/* Set group */
1956
errno = 0;
1957
ret = setgid(0);
1958
if(ret == -1){
1959
perror_plus("setgid");
1960
_exit(EX_NOPERM);
1961
}
1962
/* Reset supplementary groups */
1963
errno = 0;
1964
ret = setgroups(0, NULL);
1965
if(ret == -1){
1966
perror_plus("setgroups");
1967
_exit(EX_NOPERM);
1968
}
1969
ret = setenv("MANDOSNETHOOKDIR", hookdir, 1);
1970
if(ret == -1){
1971
perror_plus("setenv");
1972
_exit(EX_OSERR);
1973
}
1974
ret = setenv("DEVICE", interface, 1);
1975
if(ret == -1){
1976
perror_plus("setenv");
1977
_exit(EX_OSERR);
1978
}
1979
ret = setenv("VERBOSITY", debug ? "1" : "0", 1);
1980
if(ret == -1){
1981
perror_plus("setenv");
1982
_exit(EX_OSERR);
1983
}
1984
ret = setenv("MODE", mode, 1);
1985
if(ret == -1){
1986
perror_plus("setenv");
1987
_exit(EX_OSERR);
1988
}
1989
char *delaystring;
1990
ret = asprintf(&delaystring, "%f", (double)delay);
1991
if(ret == -1){
1992
perror_plus("asprintf");
1993
_exit(EX_OSERR);
1994
}
1995
ret = setenv("DELAY", delaystring, 1);
1996
if(ret == -1){
1997
free(delaystring);
1998
perror_plus("setenv");
1999
_exit(EX_OSERR);
2000
}
2001
free(delaystring);
2002
if(connect_to != NULL){
2003
ret = setenv("CONNECT", connect_to, 1);
2004
if(ret == -1){
2005
perror_plus("setenv");
2006
_exit(EX_OSERR);
2007
}
2008
}
2009
int hook_fd = (int)TEMP_FAILURE_RETRY(openat(hookdir_fd,
2010
direntry->d_name,
2011
O_RDONLY));
2012
if(hook_fd == -1){
2013
perror_plus("openat");
2014
_exit(EXIT_FAILURE);
2015
}
2016
if(close(hookdir_fd) == -1){
2017
perror_plus("close");
2018
_exit(EXIT_FAILURE);
2019
}
2020
ret = dup2(devnull, STDIN_FILENO);
2021
if(ret == -1){
2022
perror_plus("dup2(devnull, STDIN_FILENO)");
2023
_exit(EX_OSERR);
2024
}
2025
ret = close(devnull);
2026
if(ret == -1){
2027
perror_plus("close");
2028
_exit(EX_OSERR);
2029
}
2030
ret = dup2(STDERR_FILENO, STDOUT_FILENO);
2031
if(ret == -1){
2032
perror_plus("dup2(STDERR_FILENO, STDOUT_FILENO)");
2033
_exit(EX_OSERR);
2034
}
2035
if(fexecve(hook_fd, (char *const []){ direntry->d_name, NULL },
2036
environ) == -1){
2037
perror_plus("fexecve");
2038
_exit(EXIT_FAILURE);
2039
}
2040
} else {
2041
if(hook_pid == -1){
2042
perror_plus("fork");
2043
free(direntry);
2044
continue;
2045
}
2046
int status;
2047
if(TEMP_FAILURE_RETRY(waitpid(hook_pid, &status, 0)) == -1){
2048
perror_plus("waitpid");
2049
free(direntry);
2050
continue;
2051
}
2052
if(WIFEXITED(status)){
2053
if(WEXITSTATUS(status) != 0){
2054
fprintf_plus(stderr, "Warning: network hook \"%s\" exited"
2055
" with status %d\n", direntry->d_name,
2056
WEXITSTATUS(status));
2057
free(direntry);
2058
continue;
2059
}
2060
} else if(WIFSIGNALED(status)){
2061
fprintf_plus(stderr, "Warning: network hook \"%s\" died by"
2062
" signal %d\n", direntry->d_name,
2063
WTERMSIG(status));
2064
free(direntry);
2065
continue;
2066
} else {
2067
fprintf_plus(stderr, "Warning: network hook \"%s\""
2068
" crashed\n", direntry->d_name);
2069
free(direntry);
2070
continue;
2071
}
2072
}
2073
if(debug){
2074
fprintf_plus(stderr, "Network hook \"%s\" ran successfully\n",
2075
direntry->d_name);
2076
}
2077
free(direntry);
2078
}
2079
free(direntries);
2080
if(close(hookdir_fd) == -1){
2081
perror_plus("close");
2082
} else {
2083
hookdir_fd = -1;
2084
}
2085
close(devnull);
2086
}
2087
2088
__attribute__((nonnull, warn_unused_result))
2089
int bring_up_interface(const char *const interface,
2090
const float delay){
2091
int old_errno = errno;
2092
int ret;
2093
struct ifreq network;
2094
unsigned int if_index = if_nametoindex(interface);
2095
if(if_index == 0){
2096
fprintf_plus(stderr, "No such interface: \"%s\"\n", interface);
2097
errno = old_errno;
2098
return ENXIO;
2099
}
2100
2101
if(quit_now){
2102
errno = old_errno;
2103
return EINTR;
2104
}
2105
2106
if(not interface_is_up(interface)){
2107
int ret_errno = 0;
2108
int ioctl_errno = 0;
2109
if(not get_flags(interface, &network)){
2110
ret_errno = errno;
2111
fprintf_plus(stderr, "Failed to get flags for interface "
2112
"\"%s\"\n", interface);
2113
errno = old_errno;
2114
return ret_errno;
2115
}
2116
network.ifr_flags |= IFF_UP; /* set flag */
2117
2118
int sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
2119
if(sd == -1){
2120
ret_errno = errno;
2121
perror_plus("socket");
2122
errno = old_errno;
2123
return ret_errno;
2124
}
2125
2126
if(quit_now){
2127
ret = close(sd);
2128
if(ret == -1){
2129
perror_plus("close");
2130
}
2131
errno = old_errno;
2132
return EINTR;
2133
}
2134
2135
if(debug){
2136
fprintf_plus(stderr, "Bringing up interface \"%s\"\n",
2137
interface);
2138
}
2139
2140
/* Raise privileges */
2141
ret_errno = raise_privileges();
2142
if(ret_errno != 0){
2143
errno = ret_errno;
2144
perror_plus("Failed to raise privileges");
2145
}
2146
2147
#ifdef __linux__
2148
int ret_linux;
2149
bool restore_loglevel = false;
2150
if(ret_errno == 0){
2151
/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO
2152
messages about the network interface to mess up the prompt */
2153
ret_linux = klogctl(8, NULL, 5);
2154
if(ret_linux == -1){
2155
perror_plus("klogctl");
2156
} else {
2157
restore_loglevel = true;
2158
}
2159
}
2160
#endif /* __linux__ */
2161
int ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
2162
ioctl_errno = errno;
2163
#ifdef __linux__
2164
if(restore_loglevel){
2165
ret_linux = klogctl(7, NULL, 0);
2166
if(ret_linux == -1){
2167
perror_plus("klogctl");
2168
}
2169
}
2170
#endif /* __linux__ */
2171
2172
/* If raise_privileges() succeeded above */
2173
if(ret_errno == 0){
2174
/* Lower privileges */
2175
ret_errno = lower_privileges();
2176
if(ret_errno != 0){
2177
errno = ret_errno;
2178
perror_plus("Failed to lower privileges");
2179
}
2180
}
2181
2182
/* Close the socket */
2183
ret = close(sd);
2184
if(ret == -1){
2185
perror_plus("close");
2186
}
2187
2188
if(ret_setflags == -1){
2189
errno = ioctl_errno;
2190
perror_plus("ioctl SIOCSIFFLAGS +IFF_UP");
2191
errno = old_errno;
2192
return ioctl_errno;
2193
}
2194
} else if(debug){
2195
fprintf_plus(stderr, "Interface \"%s\" is already up; good\n",
2196
interface);
2197
}
2198
2199
/* Sleep checking until interface is running.
2200
Check every 0.25s, up to total time of delay */
2201
for(int i = 0; i < delay * 4; i++){
2202
if(interface_is_running(interface)){
2203
break;
2204
}
2205
struct timespec sleeptime = { .tv_nsec = 250000000 };
2206
ret = nanosleep(&sleeptime, NULL);
2207
if(ret == -1 and errno != EINTR){
2208
perror_plus("nanosleep");
2209
}
2210
}
2211
2212
errno = old_errno;
2213
return 0;
2214
}
2215
2216
__attribute__((nonnull, warn_unused_result))
2217
int take_down_interface(const char *const interface){
2218
int old_errno = errno;
2219
struct ifreq network;
2220
unsigned int if_index = if_nametoindex(interface);
2221
if(if_index == 0){
2222
fprintf_plus(stderr, "No such interface: \"%s\"\n", interface);
2223
errno = old_errno;
2224
return ENXIO;
2225
}
2226
if(interface_is_up(interface)){
2227
int ret_errno = 0;
2228
int ioctl_errno = 0;
2229
if(not get_flags(interface, &network) and debug){
2230
ret_errno = errno;
2231
fprintf_plus(stderr, "Failed to get flags for interface "
2232
"\"%s\"\n", interface);
2233
errno = old_errno;
2234
return ret_errno;
2235
}
2236
network.ifr_flags &= ~(short)IFF_UP; /* clear flag */
2237
2238
int sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
2239
if(sd == -1){
2240
ret_errno = errno;
2241
perror_plus("socket");
2242
errno = old_errno;
2243
return ret_errno;
2244
}
2245
2246
if(debug){
2247
fprintf_plus(stderr, "Taking down interface \"%s\"\n",
2248
interface);
2249
}
2250
2251
/* Raise privileges */
2252
ret_errno = raise_privileges();
2253
if(ret_errno != 0){
2254
errno = ret_errno;
2255
perror_plus("Failed to raise privileges");
2256
}
2257
2258
int ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
2259
ioctl_errno = errno;
2260
2261
/* If raise_privileges() succeeded above */
2262
if(ret_errno == 0){
2263
/* Lower privileges */
2264
ret_errno = lower_privileges();
2265
if(ret_errno != 0){
2266
errno = ret_errno;
2267
perror_plus("Failed to lower privileges");
2268
}
2269
}
2270
2271
/* Close the socket */
2272
int ret = close(sd);
2273
if(ret == -1){
2274
perror_plus("close");
2275
}
2276
2277
if(ret_setflags == -1){
2278
errno = ioctl_errno;
2279
perror_plus("ioctl SIOCSIFFLAGS -IFF_UP");
2280
errno = old_errno;
2281
return ioctl_errno;
2282
}
2283
} else if(debug){
2284
fprintf_plus(stderr, "Interface \"%s\" is already down; odd\n",
2285
interface);
2286
}
2287
2288
errno = old_errno;
2289
return 0;
2290
}
2291
2292
int main(int argc, char *argv[]){
2293
mandos_context mc = { .server = NULL, .dh_bits = 0,
2294
.priority = "SECURE256:!CTYPE-X.509"
2295
":+CTYPE-OPENPGP:!RSA:+SIGN-DSA-SHA256",
2296
.current_server = NULL, .interfaces = NULL,
2297
.interfaces_size = 0 };
2298
AvahiSServiceBrowser *sb = NULL;
2299
error_t ret_errno;
2300
int ret;
2301
intmax_t tmpmax;
602
603
case AVAHI_BROWSER_NEW:
604
/* We ignore the returned resolver object. In the callback
605
function we free it. If the server is terminated before
606
the callback function is called the server will free
607
the resolver for us. */
608
609
if (!(avahi_s_service_resolver_new(s, interface, protocol, name,
610
type, domain,
611
AVAHI_PROTO_INET6, 0,
612
resolve_callback, s)))
613
fprintf(stderr, "Failed to resolve service '%s': %s\n", name,
614
avahi_strerror(avahi_server_errno(s)));
615
break;
616
617
case AVAHI_BROWSER_REMOVE:
618
break;
619
620
case AVAHI_BROWSER_ALL_FOR_NOW:
621
case AVAHI_BROWSER_CACHE_EXHAUSTED:
622
break;
623
}
624
}
625
626
/* combinds file name and path and returns the malloced new string. som sane checks could/should be added */
627
const char *combinepath(const char *first, const char *second){
2302
628
char *tmp;
2303
int exitcode = EXIT_SUCCESS;
2304
char *interfaces_to_take_down = NULL;
2305
size_t interfaces_to_take_down_size = 0;
2306
char run_tempdir[] = "/run/tmp/mandosXXXXXX";
2307
char old_tempdir[] = "/tmp/mandosXXXXXX";
2308
char *tempdir = NULL;
2309
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
2310
const char *seckey = PATHDIR "/" SECKEY;
2311
const char *pubkey = PATHDIR "/" PUBKEY;
2312
const char *dh_params_file = NULL;
2313
char *interfaces_hooks = NULL;
2314
2315
bool gnutls_initialized = false;
2316
bool gpgme_initialized = false;
2317
float delay = 2.5f;
2318
double retry_interval = 10; /* 10s between trying a server and
2319
retrying the same server again */
2320
2321
struct sigaction old_sigterm_action = { .sa_handler = SIG_DFL };
2322
struct sigaction sigterm_action = { .sa_handler = handle_sigterm };
2323
2324
uid = getuid();
2325
gid = getgid();
2326
2327
/* Lower any group privileges we might have, just to be safe */
2328
errno = 0;
2329
ret = setgid(gid);
2330
if(ret == -1){
2331
perror_plus("setgid");
2332
}
2333
2334
/* Lower user privileges (temporarily) */
2335
errno = 0;
2336
ret = seteuid(uid);
2337
if(ret == -1){
2338
perror_plus("seteuid");
2339
}
2340
2341
if(quit_now){
2342
goto end;
2343
}
2344
2345
{
2346
struct argp_option options[] = {
2347
{ .name = "debug", .key = 128,
2348
.doc = "Debug mode", .group = 3 },
2349
{ .name = "connect", .key = 'c',
2350
.arg = "ADDRESS:PORT",
2351
.doc = "Connect directly to a specific Mandos server",
2352
.group = 1 },
2353
{ .name = "interface", .key = 'i',
2354
.arg = "NAME",
2355
.doc = "Network interface that will be used to search for"
2356
" Mandos servers",
2357
.group = 1 },
2358
{ .name = "seckey", .key = 's',
2359
.arg = "FILE",
2360
.doc = "OpenPGP secret key file base name",
2361
.group = 1 },
2362
{ .name = "pubkey", .key = 'p',
2363
.arg = "FILE",
2364
.doc = "OpenPGP public key file base name",
2365
.group = 2 },
2366
{ .name = "dh-bits", .key = 129,
2367
.arg = "BITS",
2368
.doc = "Bit length of the prime number used in the"
2369
" Diffie-Hellman key exchange",
2370
.group = 2 },
2371
{ .name = "dh-params", .key = 134,
2372
.arg = "FILE",
2373
.doc = "PEM-encoded PKCS#3 file with pre-generated parameters"
2374
" for the Diffie-Hellman key exchange",
2375
.group = 2 },
2376
{ .name = "priority", .key = 130,
2377
.arg = "STRING",
2378
.doc = "GnuTLS priority string for the TLS handshake",
2379
.group = 1 },
2380
{ .name = "delay", .key = 131,
2381
.arg = "SECONDS",
2382
.doc = "Maximum delay to wait for interface startup",
2383
.group = 2 },
2384
{ .name = "retry", .key = 132,
2385
.arg = "SECONDS",
2386
.doc = "Retry interval used when denied by the Mandos server",
2387
.group = 2 },
2388
{ .name = "network-hook-dir", .key = 133,
2389
.arg = "DIR",
2390
.doc = "Directory where network hooks are located",
2391
.group = 2 },
2392
/*
2393
* These reproduce what we would get without ARGP_NO_HELP
2394
*/
2395
{ .name = "help", .key = '?',
2396
.doc = "Give this help list", .group = -1 },
2397
{ .name = "usage", .key = -3,
2398
.doc = "Give a short usage message", .group = -1 },
2399
{ .name = "version", .key = 'V',
2400
.doc = "Print program version", .group = -1 },
2401
{ .name = NULL }
2402
};
2403
2404
error_t parse_opt(int key, char *arg,
2405
struct argp_state *state){
2406
errno = 0;
2407
switch(key){
2408
case 128: /* --debug */
2409
debug = true;
2410
break;
2411
case 'c': /* --connect */
2412
connect_to = arg;
2413
break;
2414
case 'i': /* --interface */
2415
ret_errno = argz_add_sep(&mc.interfaces, &mc.interfaces_size,
2416
arg, (int)',');
2417
if(ret_errno != 0){
2418
argp_error(state, "%s", strerror(ret_errno));
2419
}
2420
break;
2421
case 's': /* --seckey */
2422
seckey = arg;
2423
break;
2424
case 'p': /* --pubkey */
2425
pubkey = arg;
2426
break;
2427
case 129: /* --dh-bits */
2428
errno = 0;
2429
tmpmax = strtoimax(arg, &tmp, 10);
2430
if(errno != 0 or tmp == arg or *tmp != '\0'
2431
or tmpmax != (typeof(mc.dh_bits))tmpmax){
2432
argp_error(state, "Bad number of DH bits");
2433
}
2434
mc.dh_bits = (typeof(mc.dh_bits))tmpmax;
2435
break;
2436
case 134: /* --dh-params */
2437
dh_params_file = arg;
2438
break;
2439
case 130: /* --priority */
2440
mc.priority = arg;
2441
break;
2442
case 131: /* --delay */
2443
errno = 0;
2444
delay = strtof(arg, &tmp);
2445
if(errno != 0 or tmp == arg or *tmp != '\0'){
2446
argp_error(state, "Bad delay");
2447
}
2448
case 132: /* --retry */
2449
errno = 0;
2450
retry_interval = strtod(arg, &tmp);
2451
if(errno != 0 or tmp == arg or *tmp != '\0'
2452
or (retry_interval * 1000) > INT_MAX
2453
or retry_interval < 0){
2454
argp_error(state, "Bad retry interval");
2455
}
2456
break;
2457
case 133: /* --network-hook-dir */
2458
hookdir = arg;
2459
break;
2460
/*
2461
* These reproduce what we would get without ARGP_NO_HELP
2462
*/
2463
case '?': /* --help */
2464
argp_state_help(state, state->out_stream,
2465
(ARGP_HELP_STD_HELP | ARGP_HELP_EXIT_ERR)
2466
& ~(unsigned int)ARGP_HELP_EXIT_OK);
2467
case -3: /* --usage */
2468
argp_state_help(state, state->out_stream,
2469
ARGP_HELP_USAGE | ARGP_HELP_EXIT_ERR);
2470
case 'V': /* --version */
2471
fprintf_plus(state->out_stream, "%s\n", argp_program_version);
2472
exit(argp_err_exit_status);
2473
break;
2474
default:
2475
return ARGP_ERR_UNKNOWN;
2476
}
2477
return errno;
2478
}
2479
2480
struct argp argp = { .options = options, .parser = parse_opt,
2481
.args_doc = "",
2482
.doc = "Mandos client -- Get and decrypt"
2483
" passwords from a Mandos server" };
2484
ret_errno = argp_parse(&argp, argc, argv,
2485
ARGP_IN_ORDER | ARGP_NO_HELP, 0, NULL);
2486
switch(ret_errno){
2487
case 0:
2488
break;
2489
case ENOMEM:
2490
default:
2491
errno = ret_errno;
2492
perror_plus("argp_parse");
2493
exitcode = EX_OSERR;
2494
goto end;
2495
case EINVAL:
2496
exitcode = EX_USAGE;
2497
goto end;
2498
}
2499
}
2500
2501
{
2502
/* Work around Debian bug #633582:
2503
<https://bugs.debian.org/633582> */
2504
2505
/* Re-raise privileges */
2506
ret = raise_privileges();
2507
if(ret != 0){
2508
errno = ret;
2509
perror_plus("Failed to raise privileges");
2510
} else {
2511
struct stat st;
2512
2513
if(strcmp(seckey, PATHDIR "/" SECKEY) == 0){
2514
int seckey_fd = open(seckey, O_RDONLY);
2515
if(seckey_fd == -1){
2516
perror_plus("open");
2517
} else {
2518
ret = (int)TEMP_FAILURE_RETRY(fstat(seckey_fd, &st));
2519
if(ret == -1){
2520
perror_plus("fstat");
2521
} else {
2522
if(S_ISREG(st.st_mode)
2523
and st.st_uid == 0 and st.st_gid == 0){
2524
ret = fchown(seckey_fd, uid, gid);
2525
if(ret == -1){
2526
perror_plus("fchown");
2527
}
2528
}
2529
}
2530
close(seckey_fd);
2531
}
2532
}
2533
2534
if(strcmp(pubkey, PATHDIR "/" PUBKEY) == 0){
2535
int pubkey_fd = open(pubkey, O_RDONLY);
2536
if(pubkey_fd == -1){
2537
perror_plus("open");
2538
} else {
2539
ret = (int)TEMP_FAILURE_RETRY(fstat(pubkey_fd, &st));
2540
if(ret == -1){
2541
perror_plus("fstat");
2542
} else {
2543
if(S_ISREG(st.st_mode)
2544
and st.st_uid == 0 and st.st_gid == 0){
2545
ret = fchown(pubkey_fd, uid, gid);
2546
if(ret == -1){
2547
perror_plus("fchown");
2548
}
2549
}
2550
}
2551
close(pubkey_fd);
2552
}
2553
}
2554
2555
if(dh_params_file != NULL
2556
and strcmp(dh_params_file, PATHDIR "/dhparams.pem" ) == 0){
2557
int dhparams_fd = open(dh_params_file, O_RDONLY);
2558
if(dhparams_fd == -1){
2559
perror_plus("open");
2560
} else {
2561
ret = (int)TEMP_FAILURE_RETRY(fstat(dhparams_fd, &st));
2562
if(ret == -1){
2563
perror_plus("fstat");
2564
} else {
2565
if(S_ISREG(st.st_mode)
2566
and st.st_uid == 0 and st.st_gid == 0){
2567
ret = fchown(dhparams_fd, uid, gid);
2568
if(ret == -1){
2569
perror_plus("fchown");
2570
}
2571
}
2572
}
2573
close(dhparams_fd);
2574
}
2575
}
2576
2577
/* Lower privileges */
2578
ret = lower_privileges();
2579
if(ret != 0){
2580
errno = ret;
2581
perror_plus("Failed to lower privileges");
2582
}
2583
}
2584
}
2585
2586
/* Remove invalid interface names (except "none") */
2587
{
2588
char *interface = NULL;
2589
while((interface = argz_next(mc.interfaces, mc.interfaces_size,
2590
interface))){
2591
if(strcmp(interface, "none") != 0
2592
and if_nametoindex(interface) == 0){
2593
if(interface[0] != '\0'){
2594
fprintf_plus(stderr, "Not using nonexisting interface"
2595
" \"%s\"\n", interface);
2596
}
2597
argz_delete(&mc.interfaces, &mc.interfaces_size, interface);
2598
interface = NULL;
2599
}
2600
}
2601
}
2602
2603
/* Run network hooks */
2604
{
2605
if(mc.interfaces != NULL){
2606
interfaces_hooks = malloc(mc.interfaces_size);
2607
if(interfaces_hooks == NULL){
2608
perror_plus("malloc");
2609
goto end;
2610
}
2611
memcpy(interfaces_hooks, mc.interfaces, mc.interfaces_size);
2612
argz_stringify(interfaces_hooks, mc.interfaces_size, (int)',');
2613
}
2614
run_network_hooks("start", interfaces_hooks != NULL ?
2615
interfaces_hooks : "", delay);
2616
}
2617
2618
if(not debug){
2619
avahi_set_log_function(empty_log);
2620
}
2621
2622
/* Initialize Avahi early so avahi_simple_poll_quit() can be called
2623
from the signal handler */
2624
/* Initialize the pseudo-RNG for Avahi */
2625
srand((unsigned int) time(NULL));
2626
simple_poll = avahi_simple_poll_new();
2627
if(simple_poll == NULL){
2628
fprintf_plus(stderr,
2629
"Avahi: Failed to create simple poll object.\n");
2630
exitcode = EX_UNAVAILABLE;
2631
goto end;
2632
}
2633
2634
sigemptyset(&sigterm_action.sa_mask);
2635
ret = sigaddset(&sigterm_action.sa_mask, SIGINT);
2636
if(ret == -1){
2637
perror_plus("sigaddset");
2638
exitcode = EX_OSERR;
2639
goto end;
2640
}
2641
ret = sigaddset(&sigterm_action.sa_mask, SIGHUP);
2642
if(ret == -1){
2643
perror_plus("sigaddset");
2644
exitcode = EX_OSERR;
2645
goto end;
2646
}
2647
ret = sigaddset(&sigterm_action.sa_mask, SIGTERM);
2648
if(ret == -1){
2649
perror_plus("sigaddset");
2650
exitcode = EX_OSERR;
2651
goto end;
2652
}
2653
/* Need to check if the handler is SIG_IGN before handling:
2654
| [[info:libc:Initial Signal Actions]] |
2655
| [[info:libc:Basic Signal Handling]] |
2656
*/
2657
ret = sigaction(SIGINT, NULL, &old_sigterm_action);
2658
if(ret == -1){
2659
perror_plus("sigaction");
2660
return EX_OSERR;
2661
}
2662
if(old_sigterm_action.sa_handler != SIG_IGN){
2663
ret = sigaction(SIGINT, &sigterm_action, NULL);
2664
if(ret == -1){
2665
perror_plus("sigaction");
2666
exitcode = EX_OSERR;
2667
goto end;
2668
}
2669
}
2670
ret = sigaction(SIGHUP, NULL, &old_sigterm_action);
2671
if(ret == -1){
2672
perror_plus("sigaction");
2673
return EX_OSERR;
2674
}
2675
if(old_sigterm_action.sa_handler != SIG_IGN){
2676
ret = sigaction(SIGHUP, &sigterm_action, NULL);
2677
if(ret == -1){
2678
perror_plus("sigaction");
2679
exitcode = EX_OSERR;
2680
goto end;
2681
}
2682
}
2683
ret = sigaction(SIGTERM, NULL, &old_sigterm_action);
2684
if(ret == -1){
2685
perror_plus("sigaction");
2686
return EX_OSERR;
2687
}
2688
if(old_sigterm_action.sa_handler != SIG_IGN){
2689
ret = sigaction(SIGTERM, &sigterm_action, NULL);
2690
if(ret == -1){
2691
perror_plus("sigaction");
2692
exitcode = EX_OSERR;
2693
goto end;
2694
}
2695
}
2696
2697
/* If no interfaces were specified, make a list */
2698
if(mc.interfaces == NULL){
2699
struct dirent **direntries = NULL;
2700
/* Look for any good interfaces */
2701
ret = scandir(sys_class_net, &direntries, good_interface,
2702
alphasort);
2703
if(ret >= 1){
2704
/* Add all found interfaces to interfaces list */
2705
for(int i = 0; i < ret; ++i){
2706
ret_errno = argz_add(&mc.interfaces, &mc.interfaces_size,
2707
direntries[i]->d_name);
2708
if(ret_errno != 0){
2709
errno = ret_errno;
2710
perror_plus("argz_add");
2711
free(direntries[i]);
2712
continue;
2713
}
2714
if(debug){
2715
fprintf_plus(stderr, "Will use interface \"%s\"\n",
2716
direntries[i]->d_name);
2717
}
2718
free(direntries[i]);
2719
}
2720
free(direntries);
2721
} else {
2722
if(ret == 0){
2723
free(direntries);
2724
}
2725
fprintf_plus(stderr, "Could not find a network interface\n");
2726
exitcode = EXIT_FAILURE;
2727
goto end;
2728
}
2729
}
2730
2731
/* Bring up interfaces which are down, and remove any "none"s */
2732
{
2733
char *interface = NULL;
2734
while((interface = argz_next(mc.interfaces, mc.interfaces_size,
2735
interface))){
2736
/* If interface name is "none", stop bringing up interfaces.
2737
Also remove all instances of "none" from the list */
2738
if(strcmp(interface, "none") == 0){
2739
argz_delete(&mc.interfaces, &mc.interfaces_size,
2740
interface);
2741
interface = NULL;
2742
while((interface = argz_next(mc.interfaces,
2743
mc.interfaces_size, interface))){
2744
if(strcmp(interface, "none") == 0){
2745
argz_delete(&mc.interfaces, &mc.interfaces_size,
2746
interface);
2747
interface = NULL;
2748
}
2749
}
2750
break;
2751
}
2752
bool interface_was_up = interface_is_up(interface);
2753
errno = bring_up_interface(interface, delay);
2754
if(not interface_was_up){
2755
if(errno != 0){
2756
fprintf_plus(stderr, "Failed to bring up interface \"%s\":"
2757
" %s\n", interface, strerror(errno));
2758
} else {
2759
errno = argz_add(&interfaces_to_take_down,
2760
&interfaces_to_take_down_size,
2761
interface);
2762
if(errno != 0){
2763
perror_plus("argz_add");
2764
}
2765
}
2766
}
2767
}
2768
if(debug and (interfaces_to_take_down == NULL)){
2769
fprintf_plus(stderr, "No interfaces were brought up\n");
2770
}
2771
}
2772
2773
/* If we only got one interface, explicitly use only that one */
2774
if(argz_count(mc.interfaces, mc.interfaces_size) == 1){
2775
if(debug){
2776
fprintf_plus(stderr, "Using only interface \"%s\"\n",
2777
mc.interfaces);
2778
}
2779
if_index = (AvahiIfIndex)if_nametoindex(mc.interfaces);
2780
}
2781
2782
if(quit_now){
2783
goto end;
2784
}
2785
2786
ret = init_gnutls_global(pubkey, seckey, dh_params_file, &mc);
2787
if(ret == -1){
2788
fprintf_plus(stderr, "init_gnutls_global failed\n");
2789
exitcode = EX_UNAVAILABLE;
2790
goto end;
2791
} else {
2792
gnutls_initialized = true;
2793
}
2794
2795
if(quit_now){
2796
goto end;
2797
}
2798
2799
/* Try /run/tmp before /tmp */
2800
tempdir = mkdtemp(run_tempdir);
2801
if(tempdir == NULL and errno == ENOENT){
2802
if(debug){
2803
fprintf_plus(stderr, "Tempdir %s did not work, trying %s\n",
2804
run_tempdir, old_tempdir);
2805
}
2806
tempdir = mkdtemp(old_tempdir);
2807
}
2808
if(tempdir == NULL){
2809
perror_plus("mkdtemp");
2810
goto end;
2811
}
2812
2813
if(quit_now){
2814
goto end;
2815
}
2816
2817
if(not init_gpgme(pubkey, seckey, tempdir, &mc)){
2818
fprintf_plus(stderr, "init_gpgme failed\n");
2819
exitcode = EX_UNAVAILABLE;
2820
goto end;
2821
} else {
2822
gpgme_initialized = true;
2823
}
2824
2825
if(quit_now){
2826
goto end;
2827
}
2828
2829
if(connect_to != NULL){
2830
/* Connect directly, do not use Zeroconf */
2831
/* (Mainly meant for debugging) */
2832
char *address = strrchr(connect_to, ':');
2833
2834
if(address == NULL){
2835
fprintf_plus(stderr, "No colon in address\n");
2836
exitcode = EX_USAGE;
2837
goto end;
2838
}
2839
2840
if(quit_now){
2841
goto end;
2842
}
2843
2844
in_port_t port;
2845
errno = 0;
2846
tmpmax = strtoimax(address+1, &tmp, 10);
2847
if(errno != 0 or tmp == address+1 or *tmp != '\0'
2848
or tmpmax != (in_port_t)tmpmax){
2849
fprintf_plus(stderr, "Bad port number\n");
2850
exitcode = EX_USAGE;
2851
goto end;
2852
}
2853
2854
if(quit_now){
2855
goto end;
2856
}
2857
2858
port = (in_port_t)tmpmax;
2859
*address = '\0';
2860
/* Colon in address indicates IPv6 */
2861
int af;
2862
if(strchr(connect_to, ':') != NULL){
2863
af = AF_INET6;
2864
/* Accept [] around IPv6 address - see RFC 5952 */
2865
if(connect_to[0] == '[' and address[-1] == ']')
2866
{
2867
connect_to++;
2868
address[-1] = '\0';
2869
}
2870
} else {
2871
af = AF_INET;
2872
}
2873
address = connect_to;
2874
2875
if(quit_now){
2876
goto end;
2877
}
2878
2879
while(not quit_now){
2880
ret = start_mandos_communication(address, port, if_index, af,
2881
&mc);
2882
if(quit_now or ret == 0){
2883
break;
2884
}
2885
if(debug){
2886
fprintf_plus(stderr, "Retrying in %d seconds\n",
2887
(int)retry_interval);
2888
}
2889
sleep((unsigned int)retry_interval);
2890
}
2891
2892
if(not quit_now){
2893
exitcode = EXIT_SUCCESS;
2894
}
2895
2896
goto end;
2897
}
2898
2899
if(quit_now){
2900
goto end;
2901
}
2902
2903
{
629
tmp = malloc(strlen(first) + strlen(second) + 2);
630
if (tmp == NULL){
631
perror("malloc");
632
return NULL;
633
}
634
strcpy(tmp, first);
635
if (first[0] != '\0' and first[strlen(first) - 1] != '/'){
636
strcat(tmp, "/");
637
}
638
strcat(tmp, second);
639
return tmp;
640
}
641
642
643
int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char*argv[]) {
2904
644
AvahiServerConfig config;
2905
/* Do not publish any local Zeroconf records */
645
AvahiSServiceBrowser *sb = NULL;
646
int error;
647
int ret;
648
int returncode = EXIT_SUCCESS;
649
const char *interface = "eth0";
650
struct ifreq network;
651
int sd;
652
653
while (true){
654
static struct option long_options[] = {
655
{"debug", no_argument, (int *)&debug, 1},
656
{"interface", required_argument, 0, 'i'},
657
{"certdir", required_argument, 0, 'd'},
658
{"certkey", required_argument, 0, 'c'},
659
{"certfile", required_argument, 0, 'k'},
660
{0, 0, 0, 0} };
661
662
int option_index = 0;
663
ret = getopt_long (argc, argv, "i:", long_options,
664
&option_index);
665
666
if (ret == -1){
667
break;
668
}
669
670
switch(ret){
671
case 0:
672
break;
673
case 'i':
674
interface = optarg;
675
break;
676
case 'd':
677
certdir = optarg;
678
break;
679
case 'c':
680
certfile = optarg;
681
break;
682
case 'k':
683
certkey = optarg;
684
break;
685
default:
686
exit(EXIT_FAILURE);
687
}
688
}
689
690
certfile = combinepath(certdir, certfile);
691
if (certfile == NULL){
692
returncode = EXIT_FAILURE;
693
goto exit;
694
}
695
696
certkey = combinepath(certdir, certkey);
697
if (certkey == NULL){
698
returncode = EXIT_FAILURE;
699
goto exit;
700
}
701
702
sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
703
if(sd < 0) {
704
perror("socket");
705
returncode = EXIT_FAILURE;
706
goto exit;
707
}
708
strcpy(network.ifr_name, interface);
709
ret = ioctl(sd, SIOCGIFFLAGS, &network);
710
if(ret == -1){
711
712
perror("ioctl SIOCGIFFLAGS");
713
returncode = EXIT_FAILURE;
714
goto exit;
715
}
716
if((network.ifr_flags & IFF_UP) == 0){
717
network.ifr_flags |= IFF_UP;
718
ret = ioctl(sd, SIOCSIFFLAGS, &network);
719
if(ret == -1){
720
perror("ioctl SIOCSIFFLAGS");
721
returncode = EXIT_FAILURE;
722
goto exit;
723
}
724
}
725
close(sd);
726
727
if (not debug){
728
avahi_set_log_function(empty_log);
729
}
730
731
/* Initialize the psuedo-RNG */
732
srand((unsigned int) time(NULL));
733
734
/* Allocate main loop object */
735
if (!(simple_poll = avahi_simple_poll_new())) {
736
fprintf(stderr, "Failed to create simple poll object.\n");
737
returncode = EXIT_FAILURE;
738
goto exit;
739
}
740
741
/* Do not publish any local records */
2906
742
avahi_server_config_init(&config);
2907
743
config.publish_hinfo = 0;
2908
744
config.publish_addresses = 0;
2909
745
config.publish_workstation = 0;
2910
746
config.publish_domain = 0;
2911
747
2912
748
/* Allocate a new server */
2913
mc.server = avahi_server_new(avahi_simple_poll_get(simple_poll),
2914
&config, NULL, NULL, &ret);
2915
2916
/* Free the Avahi configuration data */
749
server = avahi_server_new(avahi_simple_poll_get(simple_poll),
750
&config, NULL, NULL, &error);
751
752
/* Free the configuration data */
2917
753
avahi_server_config_free(&config);
2918
}
2919
2920
/* Check if creating the Avahi server object succeeded */
2921
if(mc.server == NULL){
2922
fprintf_plus(stderr, "Failed to create Avahi server: %s\n",
2923
avahi_strerror(ret));
2924
exitcode = EX_UNAVAILABLE;
2925
goto end;
2926
}
2927
2928
if(quit_now){
2929
goto end;
2930
}
2931
2932
/* Create the Avahi service browser */
2933
sb = avahi_s_service_browser_new(mc.server, if_index,
2934
AVAHI_PROTO_UNSPEC, "_mandos._tcp",
2935
NULL, 0, browse_callback,
2936
(void *)&mc);
2937
if(sb == NULL){
2938
fprintf_plus(stderr, "Failed to create service browser: %s\n",
2939
avahi_strerror(avahi_server_errno(mc.server)));
2940
exitcode = EX_UNAVAILABLE;
2941
goto end;
2942
}
2943
2944
if(quit_now){
2945
goto end;
2946
}
2947
2948
/* Run the main loop */
2949
2950
if(debug){
2951
fprintf_plus(stderr, "Starting Avahi loop search\n");
2952
}
2953
2954
ret = avahi_loop_with_timeout(simple_poll,
2955
(int)(retry_interval * 1000), &mc);
2956
if(debug){
2957
fprintf_plus(stderr, "avahi_loop_with_timeout exited %s\n",
2958
(ret == 0) ? "successfully" : "with error");
2959
}
2960
2961
end:
2962
2963
if(debug){
2964
if(signal_received){
2965
fprintf_plus(stderr, "%s exiting due to signal %d: %s\n",
2966
argv[0], signal_received,
2967
strsignal(signal_received));
2968
} else {
2969
fprintf_plus(stderr, "%s exiting\n", argv[0]);
2970
}
2971
}
2972
2973
/* Cleanup things */
2974
free(mc.interfaces);
2975
2976
if(sb != NULL)
2977
avahi_s_service_browser_free(sb);
2978
2979
if(mc.server != NULL)
2980
avahi_server_free(mc.server);
2981
2982
if(simple_poll != NULL)
2983
avahi_simple_poll_free(simple_poll);
2984
2985
if(gnutls_initialized){
2986
gnutls_certificate_free_credentials(mc.cred);
2987
gnutls_dh_params_deinit(mc.dh_params);
2988
}
2989
2990
if(gpgme_initialized){
2991
gpgme_release(mc.ctx);
2992
}
2993
2994
/* Cleans up the circular linked list of Mandos servers the client
2995
has seen */
2996
if(mc.current_server != NULL){
2997
mc.current_server->prev->next = NULL;
2998
while(mc.current_server != NULL){
2999
server *next = mc.current_server->next;
3000
#ifdef __GNUC__
3001
#pragma GCC diagnostic push
3002
#pragma GCC diagnostic ignored "-Wcast-qual"
3003
#endif
3004
free((char *)(mc.current_server->ip));
3005
#ifdef __GNUC__
3006
#pragma GCC diagnostic pop
3007
#endif
3008
free(mc.current_server);
3009
mc.current_server = next;
3010
}
3011
}
3012
3013
/* Re-raise privileges */
3014
{
3015
ret = raise_privileges();
3016
if(ret != 0){
3017
errno = ret;
3018
perror_plus("Failed to raise privileges");
3019
} else {
3020
3021
/* Run network hooks */
3022
run_network_hooks("stop", interfaces_hooks != NULL ?
3023
interfaces_hooks : "", delay);
3024
3025
/* Take down the network interfaces which were brought up */
3026
{
3027
char *interface = NULL;
3028
while((interface = argz_next(interfaces_to_take_down,
3029
interfaces_to_take_down_size,
3030
interface))){
3031
ret = take_down_interface(interface);
3032
if(ret != 0){
3033
errno = ret;
3034
perror_plus("Failed to take down interface");
3035
}
3036
}
3037
if(debug and (interfaces_to_take_down == NULL)){
3038
fprintf_plus(stderr, "No interfaces needed to be taken"
3039
" down\n");
3040
}
3041
}
3042
}
3043
3044
ret = lower_privileges_permanently();
3045
if(ret != 0){
3046
errno = ret;
3047
perror_plus("Failed to lower privileges permanently");
3048
}
3049
}
3050
3051
free(interfaces_to_take_down);
3052
free(interfaces_hooks);
3053
3054
void clean_dir_at(int base, const char * const dirname,
3055
uintmax_t level){
3056
struct dirent **direntries = NULL;
3057
int dret;
3058
int dir_fd = (int)TEMP_FAILURE_RETRY(openat(base, dirname,
3059
O_RDONLY
3060
| O_NOFOLLOW
3061
| O_DIRECTORY
3062
| O_PATH));
3063
if(dir_fd == -1){
3064
perror_plus("open");
3065
return;
3066
}
3067
int numentries = scandirat(dir_fd, ".", &direntries,
3068
notdotentries, alphasort);
3069
if(numentries >= 0){
3070
for(int i = 0; i < numentries; i++){
3071
if(debug){
3072
fprintf_plus(stderr, "Unlinking \"%s/%s\"\n",
3073
dirname, direntries[i]->d_name);
3074
}
3075
dret = unlinkat(dir_fd, direntries[i]->d_name, 0);
3076
if(dret == -1){
3077
if(errno == EISDIR){
3078
dret = unlinkat(dir_fd, direntries[i]->d_name,
3079
AT_REMOVEDIR);
3080
}
3081
if((dret == -1) and (errno == ENOTEMPTY)
3082
and (strcmp(direntries[i]->d_name, "private-keys-v1.d")
3083
== 0) and (level == 0)){
3084
/* Recurse only in this special case */
3085
clean_dir_at(dir_fd, direntries[i]->d_name, level+1);
3086
dret = 0;
3087
}
3088
if((dret == -1) and (errno != ENOENT)){
3089
fprintf_plus(stderr, "unlink(\"%s/%s\"): %s\n", dirname,
3090
direntries[i]->d_name, strerror(errno));
3091
}
3092
}
3093
free(direntries[i]);
3094
}
3095
3096
/* need to clean even if 0 because man page doesn't specify */
3097
free(direntries);
3098
dret = unlinkat(base, dirname, AT_REMOVEDIR);
3099
if(dret == -1 and errno != ENOENT){
3100
perror_plus("rmdir");
3101
}
3102
} else {
3103
perror_plus("scandirat");
3104
}
3105
close(dir_fd);
3106
}
3107
3108
/* Removes the GPGME temp directory and all files inside */
3109
if(tempdir != NULL){
3110
clean_dir_at(-1, tempdir, 0);
3111
}
3112
3113
if(quit_now){
3114
sigemptyset(&old_sigterm_action.sa_mask);
3115
old_sigterm_action.sa_handler = SIG_DFL;
3116
ret = (int)TEMP_FAILURE_RETRY(sigaction(signal_received,
3117
&old_sigterm_action,
3118
NULL));
3119
if(ret == -1){
3120
perror_plus("sigaction");
3121
}
3122
do {
3123
ret = raise(signal_received);
3124
} while(ret != 0 and errno == EINTR);
3125
if(ret != 0){
3126
perror_plus("raise");
3127
abort();
3128
}
3129
TEMP_FAILURE_RETRY(pause());
3130
}
3131
3132
return exitcode;
754
755
/* Check if creating the server object succeeded */
756
if (!server) {
757
fprintf(stderr, "Failed to create server: %s\n",
758
avahi_strerror(error));
759
returncode = EXIT_FAILURE;
760
goto exit;
761
}
762
763
/* Create the service browser */
764
sb = avahi_s_service_browser_new(server,
765
(AvahiIfIndex)
766
if_nametoindex(interface),
767
AVAHI_PROTO_INET6,
768
"_mandos._tcp", NULL, 0,
769
browse_callback, server);
770
if (!sb) {
771
fprintf(stderr, "Failed to create service browser: %s\n",
772
avahi_strerror(avahi_server_errno(server)));
773
returncode = EXIT_FAILURE;
774
goto exit;
775
}
776
777
/* Run the main loop */
778
779
if (debug){
780
fprintf(stderr, "Starting avahi loop search\n");
781
}
782
783
avahi_simple_poll_loop(simple_poll);
784
785
exit:
786
787
if (debug){
788
fprintf(stderr, "%s exiting\n", argv[0]);
789
}
790
791
/* Cleanup things */
792
if (sb)
793
avahi_s_service_browser_free(sb);
794
795
if (server)
796
avahi_server_free(server);
797
798
if (simple_poll)
799
avahi_simple_poll_free(simple_poll);
800
free(certfile);
801
free(certkey);
802
803
return returncode;
3133
804
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0