To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/mandosclient.c
- browse files at revision 31
- compare with another revision
- download diff
- download tarball
- view history from revision 31
- Committer: Teddy Hogeborn
- Date: 2008-08-01 06:33:15 UTC
- Revision ID: teddy@fukt.bsnet.se-20080801063315-4k33q3ek28hjc3tu
* plugins.d/plugbasedclient.c: Update include file comments.
(struct process.disable): Renamed to "disabled". All users changed.
(addarguments): Renamed to "addargument". All callers changed.
(doc, args_doc): Removed.
(main): Changed default "plugindir" to
"/conf/conf.d/mandos/plugins.d". Renamed "rfds_orig" to
"rfds_all"; all users changed. New "debug" and
"exitstatus" variables. New "--debug" option. Removed
unnecessary ".flags = 0" from all options. Changed so that
"--disable-plugin" only takes one plugin. Check for
non-existence of ":" in argument to "--options-for". Added
some debugging outputs. Set the FD_CLOEXEC flag on the
directory FD. More capable code for dealing with
disallowed plugin file name prefixes and suffixes. Bug
fix: check for some malloc failures. Moved allocating the
"struct process *new_process" to after the fork. Do
_exit() instead of exit() in the child.
* plugins.d/mandosclient.c: Updated contact information.
(struct process.disable): Renamed to "disabled". All users changed.
(addarguments): Renamed to "addargument". All callers changed.
(doc, args_doc): Removed.
(main): Changed default "plugindir" to
"/conf/conf.d/mandos/plugins.d". Renamed "rfds_orig" to
"rfds_all"; all users changed. New "debug" and
"exitstatus" variables. New "--debug" option. Removed
unnecessary ".flags = 0" from all options. Changed so that
"--disable-plugin" only takes one plugin. Check for
non-existence of ":" in argument to "--options-for". Added
some debugging outputs. Set the FD_CLOEXEC flag on the
directory FD. More capable code for dealing with
disallowed plugin file name prefixes and suffixes. Bug
fix: check for some malloc failures. Moved allocating the
"struct process *new_process" to after the fork. Do
_exit() instead of exit() in the child.
* plugins.d/mandosclient.c: Updated contact information.
- files added:
- ca.pem
- files removed:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- debian/upstream
- network-hooks.d
- files renamed:
- plugin-runner.c => plugbasedclient.c
- plugins.d/mandos-client.c => plugins.d/mandosclient.c
- plugins.d/password-prompt.c => plugins.d/passprompt.c
- mandos.conf => server.conf
- mandos => server.py
- files modified:
- Makefile
added
removed
plugins.d/mandosclient.c
1
1
/* -*- coding: utf-8 -*- */
2
2
/*
3
* Mandos-client - get and decrypt data from a Mandos server
3
* Mandos client - get and decrypt data from a Mandos server
4
4
*
5
5
* This program is partly derived from an example program for an Avahi
6
6
* service browser, downloaded from
9
9
* "browse_callback", and parts of "main".
10
10
*
11
11
* Everything else is
12
* Copyright © 2008-2014 Teddy Hogeborn
13
* Copyright © 2008-2014 Björn Påhlsson
12
* Copyright © 2007-2008 Teddy Hogeborn & Björn Påhlsson
14
13
*
15
14
* This program is free software: you can redistribute it and/or
16
15
* modify it under the terms of the GNU General Public License as
26
25
* along with this program. If not, see
27
26
* <http://www.gnu.org/licenses/>.
28
27
*
29
* Contact the authors at <mandos@recompile.se>.
28
* Contact the authors at <mandos@fukt.bsnet.se>.
30
29
*/
31
30
32
31
/* Needed by GPGME, specifically gpgme_data_seek() */
33
#ifndef _LARGEFILE_SOURCE
34
32
#define _LARGEFILE_SOURCE
35
#endif /* not _LARGEFILE_SOURCE */
36
#ifndef _FILE_OFFSET_BITS
37
33
#define _FILE_OFFSET_BITS 64
38
#endif /* not _FILE_OFFSET_BITS */
39
40
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */
41
42
#include <stdio.h> /* fprintf(), stderr, fwrite(),
43
stdout, ferror(), remove() */
44
#include <stdint.h> /* uint16_t, uint32_t, intptr_t */
45
#include <stddef.h> /* NULL, size_t, ssize_t */
46
#include <stdlib.h> /* free(), EXIT_SUCCESS, srand(),
47
strtof(), abort() */
48
#include <stdbool.h> /* bool, false, true */
49
#include <string.h> /* memset(), strcmp(), strlen(),
50
strerror(), asprintf(), strcpy() */
51
#include <sys/ioctl.h> /* ioctl */
52
#include <sys/types.h> /* socket(), inet_pton(), sockaddr,
53
sockaddr_in6, PF_INET6,
54
SOCK_STREAM, uid_t, gid_t, open(),
55
opendir(), DIR */
56
#include <sys/stat.h> /* open(), S_ISREG */
57
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
58
inet_pton(), connect(),
59
getnameinfo() */
60
#include <fcntl.h> /* open() */
61
#include <dirent.h> /* opendir(), struct dirent, readdir()
62
*/
63
#include <inttypes.h> /* PRIu16, PRIdMAX, intmax_t,
64
strtoimax() */
65
#include <errno.h> /* perror(), errno,
66
program_invocation_short_name */
67
#include <time.h> /* nanosleep(), time(), sleep() */
68
#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
69
SIOCSIFFLAGS, if_indextoname(),
70
if_nametoindex(), IF_NAMESIZE */
71
#include <netinet/in.h> /* IN6_IS_ADDR_LINKLOCAL,
72
INET_ADDRSTRLEN, INET6_ADDRSTRLEN
73
*/
74
#include <unistd.h> /* close(), SEEK_SET, off_t, write(),
75
getuid(), getgid(), seteuid(),
76
setgid(), pause(), _exit() */
77
#include <arpa/inet.h> /* inet_pton(), htons() */
78
#include <iso646.h> /* not, or, and */
79
#include <argp.h> /* struct argp_option, error_t, struct
80
argp_state, struct argp,
81
argp_parse(), ARGP_KEY_ARG,
82
ARGP_KEY_END, ARGP_ERR_UNKNOWN */
83
#include <signal.h> /* sigemptyset(), sigaddset(),
84
sigaction(), SIGTERM, sig_atomic_t,
85
raise() */
86
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_UNAVAILABLE,
87
EX_NOHOST, EX_IOERR, EX_PROTOCOL */
88
#include <sys/wait.h> /* waitpid(), WIFEXITED(),
89
WEXITSTATUS(), WTERMSIG() */
90
#include <grp.h> /* setgroups() */
91
#include <argz.h> /* argz_add_sep(), argz_next(),
92
argz_delete(), argz_append(),
93
argz_stringify(), argz_add(),
94
argz_count() */
95
#include <netdb.h> /* getnameinfo(), NI_NUMERICHOST,
96
EAI_SYSTEM, gai_strerror() */
97
98
#ifdef __linux__
99
#include <sys/klog.h> /* klogctl() */
100
#endif /* __linux__ */
101
102
/* Avahi */
103
/* All Avahi types, constants and functions
104
Avahi*, avahi_*,
105
AVAHI_* */
34
35
#include <stdio.h>
36
#include <assert.h>
37
#include <stdlib.h>
38
#include <time.h>
39
#include <net/if.h> /* if_nametoindex */
40
106
41
#include <avahi-core/core.h>
107
42
#include <avahi-core/lookup.h>
108
43
#include <avahi-core/log.h>
110
45
#include <avahi-common/malloc.h>
111
46
#include <avahi-common/error.h>
112
47
113
/* GnuTLS */
114
#include <gnutls/gnutls.h> /* All GnuTLS types, constants and
115
functions:
116
gnutls_*
117
init_gnutls_session(),
118
GNUTLS_* */
119
#include <gnutls/openpgp.h>
120
/* gnutls_certificate_set_openpgp_key_file(),
121
GNUTLS_OPENPGP_FMT_BASE64 */
122
123
/* GPGME */
124
#include <gpgme.h> /* All GPGME types, constants and
125
functions:
126
gpgme_*
127
GPGME_PROTOCOL_OpenPGP,
128
GPG_ERR_NO_* */
48
//mandos client part
49
#include <sys/types.h> /* socket(), inet_pton() */
50
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
51
struct in6_addr, inet_pton() */
52
#include <gnutls/gnutls.h> /* All GnuTLS stuff */
53
#include <gnutls/openpgp.h> /* GnuTLS with openpgp stuff */
54
55
#include <unistd.h> /* close() */
56
#include <netinet/in.h>
57
#include <stdbool.h> /* true */
58
#include <string.h> /* memset */
59
#include <arpa/inet.h> /* inet_pton() */
60
#include <iso646.h> /* not */
61
62
// gpgme
63
#include <errno.h> /* perror() */
64
#include <gpgme.h>
65
66
// getopt long
67
#include <getopt.h>
129
68
130
69
#define BUFFER_SIZE 256
70
#define DH_BITS 1024
131
71
132
#define PATHDIR "/conf/conf.d/mandos"
133
#define SECKEY "seckey.txt"
134
#define PUBKEY "pubkey.txt"
135
#define HOOKDIR "/lib/mandos/network-hooks.d"
72
const char *certdir = "/conf/conf.d/cryptkeyreq/";
73
const char *certfile = "openpgp-client.txt";
74
const char *certkey = "openpgp-client-key.txt";
136
75
137
76
bool debug = false;
138
static const char mandos_protocol_version[] = "1";
139
const char *argp_program_version = "mandos-client " VERSION;
140
const char *argp_program_bug_address = "<mandos@recompile.se>";
141
static const char sys_class_net[] = "/sys/class/net";
142
char *connect_to = NULL;
143
const char *hookdir = HOOKDIR;
144
int hookdir_fd = -1;
145
uid_t uid = 65534;
146
gid_t gid = 65534;
147
148
/* Doubly linked list that need to be circularly linked when used */
149
typedef struct server{
150
const char *ip;
151
in_port_t port;
152
AvahiIfIndex if_index;
153
int af;
154
struct timespec last_seen;
155
struct server *next;
156
struct server *prev;
157
} server;
158
159
/* Used for passing in values through the Avahi callback functions */
77
160
78
typedef struct {
161
AvahiServer *server;
79
gnutls_session_t session;
162
80
gnutls_certificate_credentials_t cred;
163
unsigned int dh_bits;
164
81
gnutls_dh_params_t dh_params;
165
const char *priority;
82
} encrypted_session;
83
84
85
ssize_t pgp_packet_decrypt (char *packet, size_t packet_size,
86
char **new_packet, const char *homedir){
87
gpgme_data_t dh_crypto, dh_plain;
166
88
gpgme_ctx_t ctx;
167
server *current_server;
168
char *interfaces;
169
size_t interfaces_size;
170
} mandos_context;
171
172
/* global so signal handler can reach it*/
173
AvahiSimplePoll *simple_poll;
174
175
sig_atomic_t quit_now = 0;
176
int signal_received = 0;
177
178
/* Function to use when printing errors */
179
void perror_plus(const char *print_text){
180
int e = errno;
181
fprintf(stderr, "Mandos plugin %s: ",
182
program_invocation_short_name);
183
errno = e;
184
perror(print_text);
185
}
186
187
__attribute__((format (gnu_printf, 2, 3), nonnull))
188
int fprintf_plus(FILE *stream, const char *format, ...){
189
va_list ap;
190
va_start (ap, format);
191
192
TEMP_FAILURE_RETRY(fprintf(stream, "Mandos plugin %s: ",
193
program_invocation_short_name));
194
return (int)TEMP_FAILURE_RETRY(vfprintf(stream, format, ap));
195
}
196
197
/*
198
* Make additional room in "buffer" for at least BUFFER_SIZE more
199
* bytes. "buffer_capacity" is how much is currently allocated,
200
* "buffer_length" is how much is already used.
201
*/
202
__attribute__((nonnull, warn_unused_result))
203
size_t incbuffer(char **buffer, size_t buffer_length,
204
size_t buffer_capacity){
205
if(buffer_length + BUFFER_SIZE > buffer_capacity){
206
char *new_buf = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
207
if(new_buf == NULL){
208
int old_errno = errno;
209
free(*buffer);
210
errno = old_errno;
211
*buffer = NULL;
212
return 0;
213
}
214
*buffer = new_buf;
215
buffer_capacity += BUFFER_SIZE;
216
}
217
return buffer_capacity;
218
}
219
220
/* Add server to set of servers to retry periodically */
221
__attribute__((nonnull, warn_unused_result))
222
bool add_server(const char *ip, in_port_t port, AvahiIfIndex if_index,
223
int af, server **current_server){
224
int ret;
225
server *new_server = malloc(sizeof(server));
226
if(new_server == NULL){
227
perror_plus("malloc");
228
return false;
229
}
230
*new_server = (server){ .ip = strdup(ip),
231
.port = port,
232
.if_index = if_index,
233
.af = af };
234
if(new_server->ip == NULL){
235
perror_plus("strdup");
236
return false;
237
}
238
ret = clock_gettime(CLOCK_MONOTONIC, &(new_server->last_seen));
239
if(ret == -1){
240
perror_plus("clock_gettime");
241
return false;
242
}
243
/* Special case of first server */
244
if(*current_server == NULL){
245
new_server->next = new_server;
246
new_server->prev = new_server;
247
*current_server = new_server;
248
} else {
249
/* Place the new server last in the list */
250
new_server->next = *current_server;
251
new_server->prev = (*current_server)->prev;
252
new_server->prev->next = new_server;
253
(*current_server)->prev = new_server;
254
}
255
return true;
256
}
257
258
/*
259
* Initialize GPGME.
260
*/
261
__attribute__((nonnull, warn_unused_result))
262
static bool init_gpgme(const char * const seckey,
263
const char * const pubkey,
264
const char * const tempdir,
265
mandos_context *mc){
266
89
gpgme_error_t rc;
90
ssize_t ret;
91
ssize_t new_packet_capacity = 0;
92
ssize_t new_packet_length = 0;
267
93
gpgme_engine_info_t engine_info;
268
269
/*
270
* Helper function to insert pub and seckey to the engine keyring.
271
*/
272
bool import_key(const char * const filename){
273
int ret;
274
int fd;
275
gpgme_data_t pgp_data;
276
277
fd = (int)TEMP_FAILURE_RETRY(open(filename, O_RDONLY));
278
if(fd == -1){
279
perror_plus("open");
280
return false;
281
}
282
283
rc = gpgme_data_new_from_fd(&pgp_data, fd);
284
if(rc != GPG_ERR_NO_ERROR){
285
fprintf_plus(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",
286
gpgme_strsource(rc), gpgme_strerror(rc));
287
return false;
288
}
289
290
rc = gpgme_op_import(mc->ctx, pgp_data);
291
if(rc != GPG_ERR_NO_ERROR){
292
fprintf_plus(stderr, "bad gpgme_op_import: %s: %s\n",
293
gpgme_strsource(rc), gpgme_strerror(rc));
294
return false;
295
}
296
297
ret = (int)TEMP_FAILURE_RETRY(close(fd));
298
if(ret == -1){
299
perror_plus("close");
300
}
301
gpgme_data_release(pgp_data);
302
return true;
303
}
304
305
if(debug){
306
fprintf_plus(stderr, "Initializing GPGME\n");
94
95
if (debug){
96
fprintf(stderr, "Trying to decrypt OpenPGP packet\n");
307
97
}
308
98
309
99
/* Init GPGME */
310
100
gpgme_check_version(NULL);
311
101
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
312
if(rc != GPG_ERR_NO_ERROR){
313
fprintf_plus(stderr, "bad gpgme_engine_check_version: %s: %s\n",
314
gpgme_strsource(rc), gpgme_strerror(rc));
315
return false;
102
if (rc != GPG_ERR_NO_ERROR){
103
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
104
gpgme_strsource(rc), gpgme_strerror(rc));
105
return -1;
316
106
}
317
107
318
/* Set GPGME home directory for the OpenPGP engine only */
319
rc = gpgme_get_engine_info(&engine_info);
320
if(rc != GPG_ERR_NO_ERROR){
321
fprintf_plus(stderr, "bad gpgme_get_engine_info: %s: %s\n",
322
gpgme_strsource(rc), gpgme_strerror(rc));
323
return false;
108
/* Set GPGME home directory */
109
rc = gpgme_get_engine_info (&engine_info);
110
if (rc != GPG_ERR_NO_ERROR){
111
fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
112
gpgme_strsource(rc), gpgme_strerror(rc));
113
return -1;
324
114
}
325
115
while(engine_info != NULL){
326
116
if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){
327
117
gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,
328
engine_info->file_name, tempdir);
118
engine_info->file_name, homedir);
329
119
break;
330
120
}
331
121
engine_info = engine_info->next;
332
122
}
333
123
if(engine_info == NULL){
334
fprintf_plus(stderr, "Could not set GPGME home dir to %s\n",
335
tempdir);
336
return false;
337
}
338
339
/* Create new GPGME "context" */
340
rc = gpgme_new(&(mc->ctx));
341
if(rc != GPG_ERR_NO_ERROR){
342
fprintf_plus(stderr, "Mandos plugin mandos-client: "
343
"bad gpgme_new: %s: %s\n", gpgme_strsource(rc),
344
gpgme_strerror(rc));
345
return false;
346
}
347
348
if(not import_key(pubkey) or not import_key(seckey)){
349
return false;
350
}
351
352
return true;
353
}
354
355
/*
356
* Decrypt OpenPGP data.
357
* Returns -1 on error
358
*/
359
__attribute__((nonnull, warn_unused_result))
360
static ssize_t pgp_packet_decrypt(const char *cryptotext,
361
size_t crypto_size,
362
char **plaintext,
363
mandos_context *mc){
364
gpgme_data_t dh_crypto, dh_plain;
365
gpgme_error_t rc;
366
ssize_t ret;
367
size_t plaintext_capacity = 0;
368
ssize_t plaintext_length = 0;
369
370
if(debug){
371
fprintf_plus(stderr, "Trying to decrypt OpenPGP data\n");
372
}
373
374
/* Create new GPGME data buffer from memory cryptotext */
375
rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,
376
0);
377
if(rc != GPG_ERR_NO_ERROR){
378
fprintf_plus(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
379
gpgme_strsource(rc), gpgme_strerror(rc));
124
fprintf(stderr, "Could not set home dir to %s\n", homedir);
125
return -1;
126
}
127
128
/* Create new GPGME data buffer from packet buffer */
129
rc = gpgme_data_new_from_mem(&dh_crypto, packet, packet_size, 0);
130
if (rc != GPG_ERR_NO_ERROR){
131
fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
132
gpgme_strsource(rc), gpgme_strerror(rc));
380
133
return -1;
381
134
}
382
135
383
136
/* Create new empty GPGME data buffer for the plaintext */
384
137
rc = gpgme_data_new(&dh_plain);
385
if(rc != GPG_ERR_NO_ERROR){
386
fprintf_plus(stderr, "Mandos plugin mandos-client: "
387
"bad gpgme_data_new: %s: %s\n",
388
gpgme_strsource(rc), gpgme_strerror(rc));
389
gpgme_data_release(dh_crypto);
390
return -1;
391
}
392
393
/* Decrypt data from the cryptotext data buffer to the plaintext
394
data buffer */
395
rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);
396
if(rc != GPG_ERR_NO_ERROR){
397
fprintf_plus(stderr, "bad gpgme_op_decrypt: %s: %s\n",
398
gpgme_strsource(rc), gpgme_strerror(rc));
399
plaintext_length = -1;
400
if(debug){
401
gpgme_decrypt_result_t result;
402
result = gpgme_op_decrypt_result(mc->ctx);
403
if(result == NULL){
404
fprintf_plus(stderr, "gpgme_op_decrypt_result failed\n");
405
} else {
406
fprintf_plus(stderr, "Unsupported algorithm: %s\n",
407
result->unsupported_algorithm);
408
fprintf_plus(stderr, "Wrong key usage: %u\n",
409
result->wrong_key_usage);
410
if(result->file_name != NULL){
411
fprintf_plus(stderr, "File name: %s\n", result->file_name);
412
}
413
gpgme_recipient_t recipient;
414
recipient = result->recipients;
138
if (rc != GPG_ERR_NO_ERROR){
139
fprintf(stderr, "bad gpgme_data_new: %s: %s\n",
140
gpgme_strsource(rc), gpgme_strerror(rc));
141
return -1;
142
}
143
144
/* Create new GPGME "context" */
145
rc = gpgme_new(&ctx);
146
if (rc != GPG_ERR_NO_ERROR){
147
fprintf(stderr, "bad gpgme_new: %s: %s\n",
148
gpgme_strsource(rc), gpgme_strerror(rc));
149
return -1;
150
}
151
152
/* Decrypt data from the FILE pointer to the plaintext data
153
buffer */
154
rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);
155
if (rc != GPG_ERR_NO_ERROR){
156
fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
157
gpgme_strsource(rc), gpgme_strerror(rc));
158
return -1;
159
}
160
161
if(debug){
162
fprintf(stderr, "Decryption of OpenPGP packet succeeded\n");
163
}
164
165
if (debug){
166
gpgme_decrypt_result_t result;
167
result = gpgme_op_decrypt_result(ctx);
168
if (result == NULL){
169
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
170
} else {
171
fprintf(stderr, "Unsupported algorithm: %s\n",
172
result->unsupported_algorithm);
173
fprintf(stderr, "Wrong key usage: %d\n",
174
result->wrong_key_usage);
175
if(result->file_name != NULL){
176
fprintf(stderr, "File name: %s\n", result->file_name);
177
}
178
gpgme_recipient_t recipient;
179
recipient = result->recipients;
180
if(recipient){
415
181
while(recipient != NULL){
416
fprintf_plus(stderr, "Public key algorithm: %s\n",
417
gpgme_pubkey_algo_name
418
(recipient->pubkey_algo));
419
fprintf_plus(stderr, "Key ID: %s\n", recipient->keyid);
420
fprintf_plus(stderr, "Secret key available: %s\n",
421
recipient->status == GPG_ERR_NO_SECKEY
422
? "No" : "Yes");
182
fprintf(stderr, "Public key algorithm: %s\n",
183
gpgme_pubkey_algo_name(recipient->pubkey_algo));
184
fprintf(stderr, "Key ID: %s\n", recipient->keyid);
185
fprintf(stderr, "Secret key available: %s\n",
186
recipient->status == GPG_ERR_NO_SECKEY
187
? "No" : "Yes");
423
188
recipient = recipient->next;
424
189
}
425
190
}
426
191
}
427
goto decrypt_end;
428
192
}
429
193
430
if(debug){
431
fprintf_plus(stderr, "Decryption of OpenPGP data succeeded\n");
432
}
194
/* Delete the GPGME FILE pointer cryptotext data buffer */
195
gpgme_data_release(dh_crypto);
433
196
434
197
/* Seek back to the beginning of the GPGME plaintext data buffer */
435
if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){
436
perror_plus("gpgme_data_seek");
437
plaintext_length = -1;
438
goto decrypt_end;
198
if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){
199
perror("pgpme_data_seek");
439
200
}
440
201
441
*plaintext = NULL;
202
*new_packet = 0;
442
203
while(true){
443
plaintext_capacity = incbuffer(plaintext,
444
(size_t)plaintext_length,
445
plaintext_capacity);
446
if(plaintext_capacity == 0){
447
perror_plus("incbuffer");
448
plaintext_length = -1;
449
goto decrypt_end;
204
if (new_packet_length + BUFFER_SIZE > new_packet_capacity){
205
*new_packet = realloc(*new_packet,
206
(unsigned int)new_packet_capacity
207
+ BUFFER_SIZE);
208
if (*new_packet == NULL){
209
perror("realloc");
210
return -1;
211
}
212
new_packet_capacity += BUFFER_SIZE;
450
213
}
451
214
452
ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,
215
ret = gpgme_data_read(dh_plain, *new_packet + new_packet_length,
453
216
BUFFER_SIZE);
454
217
/* Print the data, if any */
455
if(ret == 0){
456
/* EOF */
218
if (ret == 0){
457
219
break;
458
220
}
459
221
if(ret < 0){
460
perror_plus("gpgme_data_read");
461
plaintext_length = -1;
462
goto decrypt_end;
463
}
464
plaintext_length += ret;
465
}
466
467
if(debug){
468
fprintf_plus(stderr, "Decrypted password is: ");
469
for(ssize_t i = 0; i < plaintext_length; i++){
470
fprintf(stderr, "%02hhX ", (*plaintext)[i]);
471
}
472
fprintf(stderr, "\n");
473
}
474
475
decrypt_end:
476
477
/* Delete the GPGME cryptotext data buffer */
478
gpgme_data_release(dh_crypto);
222
perror("gpgme_data_read");
223
return -1;
224
}
225
new_packet_length += ret;
226
}
227
228
/* FIXME: check characters before printing to screen so to not print
229
terminal control characters */
230
/* if(debug){ */
231
/* fprintf(stderr, "decrypted password is: "); */
232
/* fwrite(*new_packet, 1, new_packet_length, stderr); */
233
/* fprintf(stderr, "\n"); */
234
/* } */
479
235
480
236
/* Delete the GPGME plaintext data buffer */
481
237
gpgme_data_release(dh_plain);
482
return plaintext_length;
238
return new_packet_length;
483
239
}
484
240
485
__attribute__((warn_unused_result))
486
static const char *safer_gnutls_strerror(int value){
487
const char *ret = gnutls_strerror(value);
488
if(ret == NULL)
241
static const char * safer_gnutls_strerror (int value) {
242
const char *ret = gnutls_strerror (value);
243
if (ret == NULL)
489
244
ret = "(unknown)";
490
245
return ret;
491
246
}
492
247
493
/* GnuTLS log function callback */
494
__attribute__((nonnull))
495
static void debuggnutls(__attribute__((unused)) int level,
496
const char* string){
497
fprintf_plus(stderr, "GnuTLS: %s", string);
248
void debuggnutls(__attribute__((unused)) int level,
249
const char* string){
250
fprintf(stderr, "%s", string);
498
251
}
499
252
500
__attribute__((nonnull, warn_unused_result))
501
static int init_gnutls_global(const char *pubkeyfilename,
502
const char *seckeyfilename,
503
mandos_context *mc){
253
int initgnutls(encrypted_session *es){
254
const char *err;
504
255
int ret;
505
256
506
257
if(debug){
507
fprintf_plus(stderr, "Initializing GnuTLS\n");
258
fprintf(stderr, "Initializing GnuTLS\n");
508
259
}
509
510
ret = gnutls_global_init();
511
if(ret != GNUTLS_E_SUCCESS){
512
fprintf_plus(stderr, "GnuTLS global_init: %s\n",
513
safer_gnutls_strerror(ret));
260
261
if ((ret = gnutls_global_init ())
262
!= GNUTLS_E_SUCCESS) {
263
fprintf (stderr, "global_init: %s\n", safer_gnutls_strerror(ret));
514
264
return -1;
515
265
}
516
517
if(debug){
518
/* "Use a log level over 10 to enable all debugging options."
519
* - GnuTLS manual
520
*/
266
267
if (debug){
521
268
gnutls_global_set_log_level(11);
522
269
gnutls_global_set_log_function(debuggnutls);
523
270
}
524
271
525
/* OpenPGP credentials */
526
ret = gnutls_certificate_allocate_credentials(&mc->cred);
527
if(ret != GNUTLS_E_SUCCESS){
528
fprintf_plus(stderr, "GnuTLS memory error: %s\n",
529
safer_gnutls_strerror(ret));
530
gnutls_global_deinit();
272
/* openpgp credentials */
273
if ((ret = gnutls_certificate_allocate_credentials (&es->cred))
274
!= GNUTLS_E_SUCCESS) {
275
fprintf (stderr, "memory error: %s\n",
276
safer_gnutls_strerror(ret));
531
277
return -1;
532
278
}
533
279
534
280
if(debug){
535
fprintf_plus(stderr, "Attempting to use OpenPGP public key %s and"
536
" secret key %s as GnuTLS credentials\n",
537
pubkeyfilename,
538
seckeyfilename);
281
fprintf(stderr, "Attempting to use OpenPGP certificate %s"
282
" and keyfile %s as GnuTLS credentials\n", certfile,
283
certkey);
539
284
}
540
285
541
286
ret = gnutls_certificate_set_openpgp_key_file
542
(mc->cred, pubkeyfilename, seckeyfilename,
543
GNUTLS_OPENPGP_FMT_BASE64);
544
if(ret != GNUTLS_E_SUCCESS){
545
fprintf_plus(stderr,
546
"Error[%d] while reading the OpenPGP key pair ('%s',"
547
" '%s')\n", ret, pubkeyfilename, seckeyfilename);
548
fprintf_plus(stderr, "The GnuTLS error is: %s\n",
549
safer_gnutls_strerror(ret));
550
goto globalfail;
551
}
552
553
/* GnuTLS server initialization */
554
ret = gnutls_dh_params_init(&mc->dh_params);
555
if(ret != GNUTLS_E_SUCCESS){
556
fprintf_plus(stderr, "Error in GnuTLS DH parameter"
557
" initialization: %s\n",
558
safer_gnutls_strerror(ret));
559
goto globalfail;
560
}
561
ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
562
if(ret != GNUTLS_E_SUCCESS){
563
fprintf_plus(stderr, "Error in GnuTLS prime generation: %s\n",
564
safer_gnutls_strerror(ret));
565
goto globalfail;
566
}
567
568
gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
569
570
return 0;
571
572
globalfail:
573
574
gnutls_certificate_free_credentials(mc->cred);
575
gnutls_global_deinit();
576
gnutls_dh_params_deinit(mc->dh_params);
577
return -1;
578
}
579
580
__attribute__((nonnull, warn_unused_result))
581
static int init_gnutls_session(gnutls_session_t *session,
582
mandos_context *mc){
583
int ret;
584
/* GnuTLS session creation */
585
do {
586
ret = gnutls_init(session, GNUTLS_SERVER);
587
if(quit_now){
588
return -1;
589
}
590
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
591
if(ret != GNUTLS_E_SUCCESS){
592
fprintf_plus(stderr,
593
"Error in GnuTLS session initialization: %s\n",
594
safer_gnutls_strerror(ret));
595
}
596
597
{
598
const char *err;
599
do {
600
ret = gnutls_priority_set_direct(*session, mc->priority, &err);
601
if(quit_now){
602
gnutls_deinit(*session);
603
return -1;
604
}
605
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
606
if(ret != GNUTLS_E_SUCCESS){
607
fprintf_plus(stderr, "Syntax error at: %s\n", err);
608
fprintf_plus(stderr, "GnuTLS error: %s\n",
609
safer_gnutls_strerror(ret));
610
gnutls_deinit(*session);
611
return -1;
612
}
613
}
614
615
do {
616
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
617
mc->cred);
618
if(quit_now){
619
gnutls_deinit(*session);
620
return -1;
621
}
622
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
623
if(ret != GNUTLS_E_SUCCESS){
624
fprintf_plus(stderr, "Error setting GnuTLS credentials: %s\n",
625
safer_gnutls_strerror(ret));
626
gnutls_deinit(*session);
287
(es->cred, certfile, certkey, GNUTLS_OPENPGP_FMT_BASE64);
288
if (ret != GNUTLS_E_SUCCESS) {
289
fprintf
290
(stderr, "Error[%d] while reading the OpenPGP key pair ('%s',"
291
" '%s')\n",
292
ret, certfile, certkey);
293
fprintf(stdout, "The Error is: %s\n",
294
safer_gnutls_strerror(ret));
295
return -1;
296
}
297
298
//GnuTLS server initialization
299
if ((ret = gnutls_dh_params_init (&es->dh_params))
300
!= GNUTLS_E_SUCCESS) {
301
fprintf (stderr, "Error in dh parameter initialization: %s\n",
302
safer_gnutls_strerror(ret));
303
return -1;
304
}
305
306
if ((ret = gnutls_dh_params_generate2 (es->dh_params, DH_BITS))
307
!= GNUTLS_E_SUCCESS) {
308
fprintf (stderr, "Error in prime generation: %s\n",
309
safer_gnutls_strerror(ret));
310
return -1;
311
}
312
313
gnutls_certificate_set_dh_params (es->cred, es->dh_params);
314
315
// GnuTLS session creation
316
if ((ret = gnutls_init (&es->session, GNUTLS_SERVER))
317
!= GNUTLS_E_SUCCESS){
318
fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
319
safer_gnutls_strerror(ret));
320
}
321
322
if ((ret = gnutls_priority_set_direct (es->session, "NORMAL", &err))
323
!= GNUTLS_E_SUCCESS) {
324
fprintf(stderr, "Syntax error at: %s\n", err);
325
fprintf(stderr, "GnuTLS error: %s\n",
326
safer_gnutls_strerror(ret));
327
return -1;
328
}
329
330
if ((ret = gnutls_credentials_set
331
(es->session, GNUTLS_CRD_CERTIFICATE, es->cred))
332
!= GNUTLS_E_SUCCESS) {
333
fprintf(stderr, "Error setting a credentials set: %s\n",
334
safer_gnutls_strerror(ret));
627
335
return -1;
628
336
}
629
337
630
338
/* ignore client certificate if any. */
631
gnutls_certificate_server_set_request(*session, GNUTLS_CERT_IGNORE);
339
gnutls_certificate_server_set_request (es->session,
340
GNUTLS_CERT_IGNORE);
632
341
633
gnutls_dh_set_prime_bits(*session, mc->dh_bits);
342
gnutls_dh_set_prime_bits (es->session, DH_BITS);
634
343
635
344
return 0;
636
345
}
637
346
638
/* Avahi log function callback */
639
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
640
__attribute__((unused)) const char *txt){}
347
void empty_log(__attribute__((unused)) AvahiLogLevel level,
348
__attribute__((unused)) const char *txt){}
641
349
642
/* Called when a Mandos server is found */
643
__attribute__((nonnull, warn_unused_result))
644
static int start_mandos_communication(const char *ip, in_port_t port,
645
AvahiIfIndex if_index,
646
int af, mandos_context *mc){
647
int ret, tcp_sd = -1;
648
ssize_t sret;
649
struct sockaddr_storage to;
350
int start_mandos_communication(const char *ip, uint16_t port,
351
AvahiIfIndex if_index){
352
int ret, tcp_sd;
353
struct sockaddr_in6 to;
354
encrypted_session es;
650
355
char *buffer = NULL;
651
char *decrypted_buffer = NULL;
356
char *decrypted_buffer;
652
357
size_t buffer_length = 0;
653
358
size_t buffer_capacity = 0;
654
size_t written;
655
int retval = -1;
656
gnutls_session_t session;
657
int pf; /* Protocol family */
658
659
errno = 0;
660
661
if(quit_now){
662
errno = EINTR;
663
return -1;
664
}
665
666
switch(af){
667
case AF_INET6:
668
pf = PF_INET6;
669
break;
670
case AF_INET:
671
pf = PF_INET;
672
break;
673
default:
674
fprintf_plus(stderr, "Bad address family: %d\n", af);
675
errno = EINVAL;
676
return -1;
677
}
678
679
/* If the interface is specified and we have a list of interfaces */
680
if(if_index != AVAHI_IF_UNSPEC and mc->interfaces != NULL){
681
/* Check if the interface is one of the interfaces we are using */
682
bool match = false;
683
{
684
char *interface = NULL;
685
while((interface=argz_next(mc->interfaces, mc->interfaces_size,
686
interface))){
687
if(if_nametoindex(interface) == (unsigned int)if_index){
688
match = true;
689
break;
690
}
691
}
692
}
693
if(not match){
694
/* This interface does not match any in the list, so we don't
695
connect to the server */
696
if(debug){
697
char interface[IF_NAMESIZE];
698
if(if_indextoname((unsigned int)if_index, interface) == NULL){
699
perror_plus("if_indextoname");
700
} else {
701
fprintf_plus(stderr, "Skipping server on non-used interface"
702
" \"%s\"\n",
703
if_indextoname((unsigned int)if_index,
704
interface));
705
}
706
}
707
return -1;
708
}
709
}
710
711
ret = init_gnutls_session(&session, mc);
712
if(ret != 0){
713
return -1;
714
}
715
716
if(debug){
717
fprintf_plus(stderr, "Setting up a TCP connection to %s, port %"
718
PRIuMAX "\n", ip, (uintmax_t)port);
719
}
720
721
tcp_sd = socket(pf, SOCK_STREAM, 0);
722
if(tcp_sd < 0){
723
int e = errno;
724
perror_plus("socket");
725
errno = e;
726
goto mandos_end;
727
}
728
729
if(quit_now){
730
errno = EINTR;
731
goto mandos_end;
732
}
733
734
memset(&to, 0, sizeof(to));
735
if(af == AF_INET6){
736
((struct sockaddr_in6 *)&to)->sin6_family = (sa_family_t)af;
737
ret = inet_pton(af, ip, &((struct sockaddr_in6 *)&to)->sin6_addr);
738
} else { /* IPv4 */
739
((struct sockaddr_in *)&to)->sin_family = (sa_family_t)af;
740
ret = inet_pton(af, ip, &((struct sockaddr_in *)&to)->sin_addr);
741
}
742
if(ret < 0 ){
743
int e = errno;
744
perror_plus("inet_pton");
745
errno = e;
746
goto mandos_end;
747
}
359
ssize_t decrypted_buffer_size;
360
size_t written = 0;
361
int retval = 0;
362
char interface[IF_NAMESIZE];
363
364
if(debug){
365
fprintf(stderr, "Setting up a tcp connection to %s, port %d\n",
366
ip, port);
367
}
368
369
tcp_sd = socket(PF_INET6, SOCK_STREAM, 0);
370
if(tcp_sd < 0) {
371
perror("socket");
372
return -1;
373
}
374
375
if(if_indextoname((unsigned int)if_index, interface) == NULL){
376
if(debug){
377
perror("if_indextoname");
378
}
379
return -1;
380
}
381
382
if(debug){
383
fprintf(stderr, "Binding to interface %s\n", interface);
384
}
385
386
memset(&to,0,sizeof(to)); /* Spurious warning */
387
to.sin6_family = AF_INET6;
388
ret = inet_pton(AF_INET6, ip, &to.sin6_addr);
389
if (ret < 0 ){
390
perror("inet_pton");
391
return -1;
392
}
748
393
if(ret == 0){
749
int e = errno;
750
fprintf_plus(stderr, "Bad address: %s\n", ip);
751
errno = e;
752
goto mandos_end;
753
}
754
if(af == AF_INET6){
755
((struct sockaddr_in6 *)&to)->sin6_port = htons(port);
756
if(IN6_IS_ADDR_LINKLOCAL
757
(&((struct sockaddr_in6 *)&to)->sin6_addr)){
758
if(if_index == AVAHI_IF_UNSPEC){
759
fprintf_plus(stderr, "An IPv6 link-local address is"
760
" incomplete without a network interface\n");
761
errno = EINVAL;
762
goto mandos_end;
763
}
764
/* Set the network interface number as scope */
765
((struct sockaddr_in6 *)&to)->sin6_scope_id = (uint32_t)if_index;
766
}
767
} else {
768
((struct sockaddr_in *)&to)->sin_port = htons(port);
769
}
770
771
if(quit_now){
772
errno = EINTR;
773
goto mandos_end;
774
}
775
776
if(debug){
777
if(af == AF_INET6 and if_index != AVAHI_IF_UNSPEC){
778
char interface[IF_NAMESIZE];
779
if(if_indextoname((unsigned int)if_index, interface) == NULL){
780
perror_plus("if_indextoname");
781
} else {
782
fprintf_plus(stderr, "Connection to: %s%%%s, port %" PRIuMAX
783
"\n", ip, interface, (uintmax_t)port);
784
}
785
} else {
786
fprintf_plus(stderr, "Connection to: %s, port %" PRIuMAX "\n",
787
ip, (uintmax_t)port);
788
}
789
char addrstr[(INET_ADDRSTRLEN > INET6_ADDRSTRLEN) ?
790
INET_ADDRSTRLEN : INET6_ADDRSTRLEN] = "";
791
if(af == AF_INET6){
792
ret = getnameinfo((struct sockaddr *)&to,
793
sizeof(struct sockaddr_in6),
794
addrstr, sizeof(addrstr), NULL, 0,
795
NI_NUMERICHOST);
796
} else {
797
ret = getnameinfo((struct sockaddr *)&to,
798
sizeof(struct sockaddr_in),
799
addrstr, sizeof(addrstr), NULL, 0,
800
NI_NUMERICHOST);
801
}
802
if(ret == EAI_SYSTEM){
803
perror_plus("getnameinfo");
804
} else if(ret != 0) {
805
fprintf_plus(stderr, "getnameinfo: %s", gai_strerror(ret));
806
} else if(strcmp(addrstr, ip) != 0){
807
fprintf_plus(stderr, "Canonical address form: %s\n", addrstr);
808
}
809
}
810
811
if(quit_now){
812
errno = EINTR;
813
goto mandos_end;
814
}
815
816
if(af == AF_INET6){
817
ret = connect(tcp_sd, (struct sockaddr *)&to,
818
sizeof(struct sockaddr_in6));
819
} else {
820
ret = connect(tcp_sd, (struct sockaddr *)&to, /* IPv4 */
821
sizeof(struct sockaddr_in));
822
}
823
if(ret < 0){
824
if((errno != ECONNREFUSED and errno != ENETUNREACH) or debug){
825
int e = errno;
826
perror_plus("connect");
827
errno = e;
828
}
829
goto mandos_end;
830
}
831
832
if(quit_now){
833
errno = EINTR;
834
goto mandos_end;
835
}
836
837
const char *out = mandos_protocol_version;
838
written = 0;
839
while(true){
840
size_t out_size = strlen(out);
841
ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written,
842
out_size - written));
843
if(ret == -1){
844
int e = errno;
845
perror_plus("write");
846
errno = e;
847
goto mandos_end;
848
}
849
written += (size_t)ret;
850
if(written < out_size){
851
continue;
852
} else {
853
if(out == mandos_protocol_version){
854
written = 0;
855
out = "\r\n";
856
} else {
857
break;
858
}
859
}
860
861
if(quit_now){
862
errno = EINTR;
863
goto mandos_end;
864
}
865
}
866
867
if(debug){
868
fprintf_plus(stderr, "Establishing TLS session with %s\n", ip);
869
}
870
871
if(quit_now){
872
errno = EINTR;
873
goto mandos_end;
874
}
875
876
/* This casting via intptr_t is to eliminate warning about casting
877
an int to a pointer type. This is exactly how the GnuTLS Guile
878
function "set-session-transport-fd!" does it. */
879
gnutls_transport_set_ptr(session,
880
(gnutls_transport_ptr_t)(intptr_t)tcp_sd);
881
882
if(quit_now){
883
errno = EINTR;
884
goto mandos_end;
885
}
886
887
do {
888
ret = gnutls_handshake(session);
889
if(quit_now){
890
errno = EINTR;
891
goto mandos_end;
892
}
893
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
894
895
if(ret != GNUTLS_E_SUCCESS){
394
fprintf(stderr, "Bad address: %s\n", ip);
395
return -1;
396
}
397
to.sin6_port = htons(port); /* Spurious warning */
398
399
to.sin6_scope_id = (uint32_t)if_index;
400
401
if(debug){
402
fprintf(stderr, "Connection to: %s, port %d\n", ip, port);
403
/* char addrstr[INET6_ADDRSTRLEN]; */
404
/* if(inet_ntop(to.sin6_family, &(to.sin6_addr), addrstr, */
405
/* sizeof(addrstr)) == NULL){ */
406
/* perror("inet_ntop"); */
407
/* } else { */
408
/* fprintf(stderr, "Really connecting to: %s, port %d\n", */
409
/* addrstr, ntohs(to.sin6_port)); */
410
/* } */
411
}
412
413
ret = connect(tcp_sd, (struct sockaddr *) &to, sizeof(to));
414
if (ret < 0){
415
perror("connect");
416
return -1;
417
}
418
419
ret = initgnutls (&es);
420
if (ret != 0){
421
retval = -1;
422
return -1;
423
}
424
425
gnutls_transport_set_ptr (es.session,
426
(gnutls_transport_ptr_t) tcp_sd);
427
428
if(debug){
429
fprintf(stderr, "Establishing TLS session with %s\n", ip);
430
}
431
432
ret = gnutls_handshake (es.session);
433
434
if (ret != GNUTLS_E_SUCCESS){
896
435
if(debug){
897
fprintf_plus(stderr, "*** GnuTLS Handshake failed ***\n");
898
gnutls_perror(ret);
436
fprintf(stderr, "\n*** Handshake failed ***\n");
437
gnutls_perror (ret);
899
438
}
900
errno = EPROTO;
901
goto mandos_end;
439
retval = -1;
440
goto exit;
902
441
}
903
442
904
/* Read OpenPGP packet that contains the wanted password */
443
//Retrieve OpenPGP packet that contains the wanted password
905
444
906
445
if(debug){
907
fprintf_plus(stderr, "Retrieving OpenPGP encrypted password from"
908
" %s\n", ip);
446
fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
447
ip);
909
448
}
910
449
911
450
while(true){
912
913
if(quit_now){
914
errno = EINTR;
915
goto mandos_end;
916
}
917
918
buffer_capacity = incbuffer(&buffer, buffer_length,
919
buffer_capacity);
920
if(buffer_capacity == 0){
921
int e = errno;
922
perror_plus("incbuffer");
923
errno = e;
924
goto mandos_end;
925
}
926
927
if(quit_now){
928
errno = EINTR;
929
goto mandos_end;
930
}
931
932
sret = gnutls_record_recv(session, buffer+buffer_length,
933
BUFFER_SIZE);
934
if(sret == 0){
451
if (buffer_length + BUFFER_SIZE > buffer_capacity){
452
buffer = realloc(buffer, buffer_capacity + BUFFER_SIZE);
453
if (buffer == NULL){
454
perror("realloc");
455
goto exit;
456
}
457
buffer_capacity += BUFFER_SIZE;
458
}
459
460
ret = gnutls_record_recv
461
(es.session, buffer+buffer_length, BUFFER_SIZE);
462
if (ret == 0){
935
463
break;
936
464
}
937
if(sret < 0){
938
switch(sret){
465
if (ret < 0){
466
switch(ret){
939
467
case GNUTLS_E_INTERRUPTED:
940
468
case GNUTLS_E_AGAIN:
941
469
break;
942
470
case GNUTLS_E_REHANDSHAKE:
943
do {
944
ret = gnutls_handshake(session);
945
946
if(quit_now){
947
errno = EINTR;
948
goto mandos_end;
949
}
950
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
951
if(ret < 0){
952
fprintf_plus(stderr, "*** GnuTLS Re-handshake failed "
953
"***\n");
954
gnutls_perror(ret);
955
errno = EPROTO;
956
goto mandos_end;
471
ret = gnutls_handshake (es.session);
472
if (ret < 0){
473
fprintf(stderr, "\n*** Handshake failed ***\n");
474
gnutls_perror (ret);
475
retval = -1;
476
goto exit;
957
477
}
958
478
break;
959
479
default:
960
fprintf_plus(stderr, "Unknown error while reading data from"
961
" encrypted session with Mandos server\n");
962
gnutls_bye(session, GNUTLS_SHUT_RDWR);
963
errno = EIO;
964
goto mandos_end;
480
fprintf(stderr, "Unknown error while reading data from"
481
" encrypted session with mandos server\n");
482
retval = -1;
483
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
484
goto exit;
965
485
}
966
486
} else {
967
buffer_length += (size_t) sret;
968
}
969
}
970
971
if(debug){
972
fprintf_plus(stderr, "Closing TLS session\n");
973
}
974
975
if(quit_now){
976
errno = EINTR;
977
goto mandos_end;
978
}
979
980
do {
981
ret = gnutls_bye(session, GNUTLS_SHUT_RDWR);
982
if(quit_now){
983
errno = EINTR;
984
goto mandos_end;
985
}
986
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
987
988
if(buffer_length > 0){
989
ssize_t decrypted_buffer_size;
990
decrypted_buffer_size = pgp_packet_decrypt(buffer, buffer_length,
991
&decrypted_buffer, mc);
992
if(decrypted_buffer_size >= 0){
993
994
written = 0;
487
buffer_length += (size_t) ret;
488
}
489
}
490
491
if (buffer_length > 0){
492
decrypted_buffer_size = pgp_packet_decrypt(buffer,
493
buffer_length,
494
&decrypted_buffer,
495
certdir);
496
if (decrypted_buffer_size >= 0){
995
497
while(written < (size_t) decrypted_buffer_size){
996
if(quit_now){
997
errno = EINTR;
998
goto mandos_end;
999
}
1000
1001
ret = (int)fwrite(decrypted_buffer + written, 1,
1002
(size_t)decrypted_buffer_size - written,
1003
stdout);
498
ret = (int)fwrite (decrypted_buffer + written, 1,
499
(size_t)decrypted_buffer_size - written,
500
stdout);
1004
501
if(ret == 0 and ferror(stdout)){
1005
int e = errno;
1006
502
if(debug){
1007
fprintf_plus(stderr, "Error writing encrypted data: %s\n",
1008
strerror(errno));
503
fprintf(stderr, "Error writing encrypted data: %s\n",
504
strerror(errno));
1009
505
}
1010
errno = e;
1011
goto mandos_end;
506
retval = -1;
507
break;
1012
508
}
1013
509
written += (size_t)ret;
1014
510
}
1015
retval = 0;
1016
}
1017
}
1018
1019
/* Shutdown procedure */
1020
1021
mandos_end:
1022
{
1023
int e = errno;
1024
free(decrypted_buffer);
1025
free(buffer);
1026
if(tcp_sd >= 0){
1027
ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));
1028
}
1029
if(ret == -1){
1030
if(e == 0){
1031
e = errno;
1032
}
1033
perror_plus("close");
1034
}
1035
gnutls_deinit(session);
1036
errno = e;
1037
if(quit_now){
1038
errno = EINTR;
511
free(decrypted_buffer);
512
} else {
1039
513
retval = -1;
1040
514
}
1041
515
}
516
517
//shutdown procedure
518
519
if(debug){
520
fprintf(stderr, "Closing TLS session\n");
521
}
522
523
free(buffer);
524
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
525
exit:
526
close(tcp_sd);
527
gnutls_deinit (es.session);
528
gnutls_certificate_free_credentials (es.cred);
529
gnutls_global_deinit ();
1042
530
return retval;
1043
531
}
1044
532
1045
__attribute__((nonnull))
1046
static void resolve_callback(AvahiSServiceResolver *r,
1047
AvahiIfIndex interface,
1048
AvahiProtocol proto,
1049
AvahiResolverEvent event,
1050
const char *name,
1051
const char *type,
1052
const char *domain,
1053
const char *host_name,
1054
const AvahiAddress *address,
1055
uint16_t port,
1056
AVAHI_GCC_UNUSED AvahiStringList *txt,
1057
AVAHI_GCC_UNUSED AvahiLookupResultFlags
1058
flags,
1059
void *mc){
1060
if(r == NULL){
1061
return;
1062
}
533
static AvahiSimplePoll *simple_poll = NULL;
534
static AvahiServer *server = NULL;
535
536
static void resolve_callback(
537
AvahiSServiceResolver *r,
538
AvahiIfIndex interface,
539
AVAHI_GCC_UNUSED AvahiProtocol protocol,
540
AvahiResolverEvent event,
541
const char *name,
542
const char *type,
543
const char *domain,
544
const char *host_name,
545
const AvahiAddress *address,
546
uint16_t port,
547
AVAHI_GCC_UNUSED AvahiStringList *txt,
548
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
549
AVAHI_GCC_UNUSED void* userdata) {
550
551
assert(r); /* Spurious warning */
1063
552
1064
553
/* Called whenever a service has been resolved successfully or
1065
554
timed out */
1066
555
1067
if(quit_now){
1068
return;
1069
}
1070
1071
switch(event){
556
switch (event) {
1072
557
default:
1073
558
case AVAHI_RESOLVER_FAILURE:
1074
fprintf_plus(stderr, "(Avahi Resolver) Failed to resolve service "
1075
"'%s' of type '%s' in domain '%s': %s\n", name, type,
1076
domain,
1077
avahi_strerror(avahi_server_errno
1078
(((mandos_context*)mc)->server)));
559
fprintf(stderr, "(Resolver) Failed to resolve service '%s' of"
560
" type '%s' in domain '%s': %s\n", name, type, domain,
561
avahi_strerror(avahi_server_errno(server)));
1079
562
break;
1080
563
1081
564
case AVAHI_RESOLVER_FOUND:
1083
566
char ip[AVAHI_ADDRESS_STR_MAX];
1084
567
avahi_address_snprint(ip, sizeof(ip), address);
1085
568
if(debug){
1086
fprintf_plus(stderr, "Mandos server \"%s\" found on %s (%s, %"
1087
PRIdMAX ") on port %" PRIu16 "\n", name,
1088
host_name, ip, (intmax_t)interface, port);
569
fprintf(stderr, "Mandos server \"%s\" found on %s (%s) on"
570
" port %d\n", name, host_name, ip, port);
1089
571
}
1090
int ret = start_mandos_communication(ip, (in_port_t)port,
1091
interface,
1092
avahi_proto_to_af(proto),
1093
mc);
1094
if(ret == 0){
1095
avahi_simple_poll_quit(simple_poll);
1096
} else {
1097
if(not add_server(ip, (in_port_t)port, interface,
1098
avahi_proto_to_af(proto),
1099
&((mandos_context*)mc)->current_server)){
1100
fprintf_plus(stderr, "Failed to add server \"%s\" to server"
1101
" list\n", name);
1102
}
572
int ret = start_mandos_communication(ip, port, interface);
573
if (ret == 0){
574
exit(EXIT_SUCCESS);
1103
575
}
1104
576
}
1105
577
}
1106
578
avahi_s_service_resolver_free(r);
1107
579
}
1108
580
1109
static void browse_callback(AvahiSServiceBrowser *b,
1110
AvahiIfIndex interface,
1111
AvahiProtocol protocol,
1112
AvahiBrowserEvent event,
1113
const char *name,
1114
const char *type,
1115
const char *domain,
1116
AVAHI_GCC_UNUSED AvahiLookupResultFlags
1117
flags,
1118
void *mc){
1119
if(b == NULL){
1120
return;
1121
}
1122
1123
/* Called whenever a new services becomes available on the LAN or
1124
is removed from the LAN */
1125
1126
if(quit_now){
1127
return;
1128
}
1129
1130
switch(event){
1131
default:
1132
case AVAHI_BROWSER_FAILURE:
1133
1134
fprintf_plus(stderr, "(Avahi browser) %s\n",
1135
avahi_strerror(avahi_server_errno
1136
(((mandos_context*)mc)->server)));
1137
avahi_simple_poll_quit(simple_poll);
1138
return;
1139
1140
case AVAHI_BROWSER_NEW:
1141
/* We ignore the returned Avahi resolver object. In the callback
1142
function we free it. If the Avahi server is terminated before
1143
the callback function is called the Avahi server will free the
1144
resolver for us. */
1145
1146
if(avahi_s_service_resolver_new(((mandos_context*)mc)->server,
1147
interface, protocol, name, type,
1148
domain, protocol, 0,
1149
resolve_callback, mc) == NULL)
1150
fprintf_plus(stderr, "Avahi: Failed to resolve service '%s':"
1151
" %s\n", name,
1152
avahi_strerror(avahi_server_errno
1153
(((mandos_context*)mc)->server)));
1154
break;
1155
1156
case AVAHI_BROWSER_REMOVE:
1157
break;
1158
1159
case AVAHI_BROWSER_ALL_FOR_NOW:
1160
case AVAHI_BROWSER_CACHE_EXHAUSTED:
1161
if(debug){
1162
fprintf_plus(stderr, "No Mandos server found, still"
1163
" searching...\n");
1164
}
1165
break;
1166
}
1167
}
1168
1169
/* Signal handler that stops main loop after SIGTERM */
1170
static void handle_sigterm(int sig){
1171
if(quit_now){
1172
return;
1173
}
1174
quit_now = 1;
1175
signal_received = sig;
1176
int old_errno = errno;
1177
/* set main loop to exit */
1178
if(simple_poll != NULL){
1179
avahi_simple_poll_quit(simple_poll);
1180
}
1181
errno = old_errno;
1182
}
1183
1184
__attribute__((nonnull, warn_unused_result))
1185
bool get_flags(const char *ifname, struct ifreq *ifr){
1186
int ret;
1187
error_t ret_errno;
1188
1189
int s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1190
if(s < 0){
1191
ret_errno = errno;
1192
perror_plus("socket");
1193
errno = ret_errno;
1194
return false;
1195
}
1196
strcpy(ifr->ifr_name, ifname);
1197
ret = ioctl(s, SIOCGIFFLAGS, ifr);
1198
if(ret == -1){
1199
if(debug){
1200
ret_errno = errno;
1201
perror_plus("ioctl SIOCGIFFLAGS");
1202
errno = ret_errno;
1203
}
1204
return false;
1205
}
1206
return true;
1207
}
1208
1209
__attribute__((nonnull, warn_unused_result))
1210
bool good_flags(const char *ifname, const struct ifreq *ifr){
1211
1212
/* Reject the loopback device */
1213
if(ifr->ifr_flags & IFF_LOOPBACK){
1214
if(debug){
1215
fprintf_plus(stderr, "Rejecting loopback interface \"%s\"\n",
1216
ifname);
1217
}
1218
return false;
1219
}
1220
/* Accept point-to-point devices only if connect_to is specified */
1221
if(connect_to != NULL and (ifr->ifr_flags & IFF_POINTOPOINT)){
1222
if(debug){
1223
fprintf_plus(stderr, "Accepting point-to-point interface"
1224
" \"%s\"\n", ifname);
1225
}
1226
return true;
1227
}
1228
/* Otherwise, reject non-broadcast-capable devices */
1229
if(not (ifr->ifr_flags & IFF_BROADCAST)){
1230
if(debug){
1231
fprintf_plus(stderr, "Rejecting non-broadcast interface"
1232
" \"%s\"\n", ifname);
1233
}
1234
return false;
1235
}
1236
/* Reject non-ARP interfaces (including dummy interfaces) */
1237
if(ifr->ifr_flags & IFF_NOARP){
1238
if(debug){
1239
fprintf_plus(stderr, "Rejecting non-ARP interface \"%s\"\n",
1240
ifname);
1241
}
1242
return false;
1243
}
1244
1245
/* Accept this device */
1246
if(debug){
1247
fprintf_plus(stderr, "Interface \"%s\" is good\n", ifname);
1248
}
1249
return true;
1250
}
1251
1252
/*
1253
* This function determines if a directory entry in /sys/class/net
1254
* corresponds to an acceptable network device.
1255
* (This function is passed to scandir(3) as a filter function.)
1256
*/
1257
__attribute__((nonnull, warn_unused_result))
1258
int good_interface(const struct dirent *if_entry){
1259
if(if_entry->d_name[0] == '.'){
1260
return 0;
1261
}
1262
1263
struct ifreq ifr;
1264
if(not get_flags(if_entry->d_name, &ifr)){
1265
if(debug){
1266
fprintf_plus(stderr, "Failed to get flags for interface "
1267
"\"%s\"\n", if_entry->d_name);
1268
}
1269
return 0;
1270
}
1271
1272
if(not good_flags(if_entry->d_name, &ifr)){
1273
return 0;
1274
}
1275
return 1;
1276
}
1277
1278
/*
1279
* This function determines if a network interface is up.
1280
*/
1281
__attribute__((nonnull, warn_unused_result))
1282
bool interface_is_up(const char *interface){
1283
struct ifreq ifr;
1284
if(not get_flags(interface, &ifr)){
1285
if(debug){
1286
fprintf_plus(stderr, "Failed to get flags for interface "
1287
"\"%s\"\n", interface);
1288
}
1289
return false;
1290
}
1291
1292
return (bool)(ifr.ifr_flags & IFF_UP);
1293
}
1294
1295
/*
1296
* This function determines if a network interface is running
1297
*/
1298
__attribute__((nonnull, warn_unused_result))
1299
bool interface_is_running(const char *interface){
1300
struct ifreq ifr;
1301
if(not get_flags(interface, &ifr)){
1302
if(debug){
1303
fprintf_plus(stderr, "Failed to get flags for interface "
1304
"\"%s\"\n", interface);
1305
}
1306
return false;
1307
}
1308
1309
return (bool)(ifr.ifr_flags & IFF_RUNNING);
1310
}
1311
1312
__attribute__((nonnull, pure, warn_unused_result))
1313
int notdotentries(const struct dirent *direntry){
1314
/* Skip "." and ".." */
1315
if(direntry->d_name[0] == '.'
1316
and (direntry->d_name[1] == '\0'
1317
or (direntry->d_name[1] == '.'
1318
and direntry->d_name[2] == '\0'))){
1319
return 0;
1320
}
1321
return 1;
1322
}
1323
1324
/* Is this directory entry a runnable program? */
1325
__attribute__((nonnull, warn_unused_result))
1326
int runnable_hook(const struct dirent *direntry){
1327
int ret;
1328
size_t sret;
1329
struct stat st;
1330
1331
if((direntry->d_name)[0] == '\0'){
1332
/* Empty name? */
1333
return 0;
1334
}
1335
1336
sret = strspn(direntry->d_name, "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
1337
"abcdefghijklmnopqrstuvwxyz"
1338
"0123456789"
1339
"_.-");
1340
if((direntry->d_name)[sret] != '\0'){
1341
/* Contains non-allowed characters */
1342
if(debug){
1343
fprintf_plus(stderr, "Ignoring hook \"%s\" with bad name\n",
1344
direntry->d_name);
1345
}
1346
return 0;
1347
}
1348
1349
char *fullname = NULL;
1350
ret = asprintf(&fullname, "%s/%s", hookdir, direntry->d_name);
1351
if(ret < 0){
1352
perror_plus("asprintf");
1353
return 0;
1354
}
1355
1356
ret = stat(fullname, &st);
1357
if(ret == -1){
1358
if(debug){
1359
perror_plus("Could not stat hook");
1360
}
1361
return 0;
1362
}
1363
free(fullname);
1364
if(not (S_ISREG(st.st_mode))){
1365
/* Not a regular file */
1366
if(debug){
1367
fprintf_plus(stderr, "Ignoring hook \"%s\" - not a file\n",
1368
direntry->d_name);
1369
}
1370
return 0;
1371
}
1372
if(not (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))){
1373
/* Not executable */
1374
if(debug){
1375
fprintf_plus(stderr, "Ignoring hook \"%s\" - not executable\n",
1376
direntry->d_name);
1377
}
1378
return 0;
1379
}
1380
if(debug){
1381
fprintf_plus(stderr, "Hook \"%s\" is acceptable\n",
1382
direntry->d_name);
1383
}
1384
return 1;
1385
}
1386
1387
__attribute__((nonnull, warn_unused_result))
1388
int avahi_loop_with_timeout(AvahiSimplePoll *s, int retry_interval,
1389
mandos_context *mc){
1390
int ret;
1391
struct timespec now;
1392
struct timespec waited_time;
1393
intmax_t block_time;
1394
1395
while(true){
1396
if(mc->current_server == NULL){
1397
if(debug){
1398
fprintf_plus(stderr, "Wait until first server is found."
1399
" No timeout!\n");
1400
}
1401
ret = avahi_simple_poll_iterate(s, -1);
1402
} else {
1403
if(debug){
1404
fprintf_plus(stderr, "Check current_server if we should run"
1405
" it, or wait\n");
1406
}
1407
/* the current time */
1408
ret = clock_gettime(CLOCK_MONOTONIC, &now);
1409
if(ret == -1){
1410
perror_plus("clock_gettime");
1411
return -1;
1412
}
1413
/* Calculating in ms how long time between now and server
1414
who we visted longest time ago. Now - last seen. */
1415
waited_time.tv_sec = (now.tv_sec
1416
- mc->current_server->last_seen.tv_sec);
1417
waited_time.tv_nsec = (now.tv_nsec
1418
- mc->current_server->last_seen.tv_nsec);
1419
/* total time is 10s/10,000ms.
1420
Converting to s from ms by dividing by 1,000,
1421
and ns to ms by dividing by 1,000,000. */
1422
block_time = ((retry_interval
1423
- ((intmax_t)waited_time.tv_sec * 1000))
1424
- ((intmax_t)waited_time.tv_nsec / 1000000));
1425
1426
if(debug){
1427
fprintf_plus(stderr, "Blocking for %" PRIdMAX " ms\n",
1428
block_time);
1429
}
1430
1431
if(block_time <= 0){
1432
ret = start_mandos_communication(mc->current_server->ip,
1433
mc->current_server->port,
1434
mc->current_server->if_index,
1435
mc->current_server->af, mc);
1436
if(ret == 0){
1437
avahi_simple_poll_quit(s);
1438
return 0;
1439
}
1440
ret = clock_gettime(CLOCK_MONOTONIC,
1441
&mc->current_server->last_seen);
1442
if(ret == -1){
1443
perror_plus("clock_gettime");
1444
return -1;
1445
}
1446
mc->current_server = mc->current_server->next;
1447
block_time = 0; /* Call avahi to find new Mandos
1448
servers, but don't block */
1449
}
1450
1451
ret = avahi_simple_poll_iterate(s, (int)block_time);
1452
}
1453
if(ret != 0){
1454
if(ret > 0 or errno != EINTR){
1455
return (ret != 1) ? ret : 0;
1456
}
1457
}
1458
}
1459
}
1460
1461
/* Set effective uid to 0, return errno */
1462
__attribute__((warn_unused_result))
1463
error_t raise_privileges(void){
1464
error_t old_errno = errno;
1465
error_t ret_errno = 0;
1466
if(seteuid(0) == -1){
1467
ret_errno = errno;
1468
perror_plus("seteuid");
1469
}
1470
errno = old_errno;
1471
return ret_errno;
1472
}
1473
1474
/* Set effective and real user ID to 0. Return errno. */
1475
__attribute__((warn_unused_result))
1476
error_t raise_privileges_permanently(void){
1477
error_t old_errno = errno;
1478
error_t ret_errno = raise_privileges();
1479
if(ret_errno != 0){
1480
errno = old_errno;
1481
return ret_errno;
1482
}
1483
if(setuid(0) == -1){
1484
ret_errno = errno;
1485
perror_plus("seteuid");
1486
}
1487
errno = old_errno;
1488
return ret_errno;
1489
}
1490
1491
/* Set effective user ID to unprivileged saved user ID */
1492
__attribute__((warn_unused_result))
1493
error_t lower_privileges(void){
1494
error_t old_errno = errno;
1495
error_t ret_errno = 0;
1496
if(seteuid(uid) == -1){
1497
ret_errno = errno;
1498
perror_plus("seteuid");
1499
}
1500
errno = old_errno;
1501
return ret_errno;
1502
}
1503
1504
/* Lower privileges permanently */
1505
__attribute__((warn_unused_result))
1506
error_t lower_privileges_permanently(void){
1507
error_t old_errno = errno;
1508
error_t ret_errno = 0;
1509
if(setuid(uid) == -1){
1510
ret_errno = errno;
1511
perror_plus("setuid");
1512
}
1513
errno = old_errno;
1514
return ret_errno;
1515
}
1516
1517
#ifndef O_CLOEXEC
1518
/*
1519
* Based on the example in the GNU LibC manual chapter 13.13 "File
1520
* Descriptor Flags".
1521
| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |
1522
*/
1523
__attribute__((warn_unused_result))
1524
static int set_cloexec_flag(int fd){
1525
int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
1526
/* If reading the flags failed, return error indication now. */
1527
if(ret < 0){
1528
return ret;
1529
}
1530
/* Store modified flag word in the descriptor. */
1531
return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,
1532
ret | FD_CLOEXEC));
1533
}
1534
#endif /* not O_CLOEXEC */
1535
1536
__attribute__((nonnull))
1537
void run_network_hooks(const char *mode, const char *interface,
1538
const float delay){
1539
struct dirent **direntries;
1540
if(hookdir_fd == -1){
1541
hookdir_fd = open(hookdir, O_RDONLY |
1542
#ifdef O_CLOEXEC
1543
O_CLOEXEC
1544
#else /* not O_CLOEXEC */
1545
0
1546
#endif /* not O_CLOEXEC */
1547
);
1548
if(hookdir_fd == -1){
1549
if(errno == ENOENT){
1550
if(debug){
1551
fprintf_plus(stderr, "Network hook directory \"%s\" not"
1552
" found\n", hookdir);
1553
}
1554
} else {
1555
perror_plus("open");
1556
}
1557
return;
1558
}
1559
#ifndef O_CLOEXEC
1560
if(set_cloexec_flag(hookdir_fd) < 0){
1561
perror_plus("set_cloexec_flag");
1562
if((int)TEMP_FAILURE_RETRY(close(hookdir_fd)) == -1){
1563
perror_plus("close");
1564
} else {
1565
hookdir_fd = -1;
1566
}
1567
return;
1568
}
1569
#endif /* not O_CLOEXEC */
1570
}
1571
#ifdef __GLIBC__
1572
#if __GLIBC_PREREQ(2, 15)
1573
int numhooks = scandirat(hookdir_fd, ".", &direntries,
1574
runnable_hook, alphasort);
1575
#else /* not __GLIBC_PREREQ(2, 15) */
1576
int numhooks = scandir(hookdir, &direntries, runnable_hook,
1577
alphasort);
1578
#endif /* not __GLIBC_PREREQ(2, 15) */
1579
#else /* not __GLIBC__ */
1580
int numhooks = scandir(hookdir, &direntries, runnable_hook,
1581
alphasort);
1582
#endif /* not __GLIBC__ */
1583
if(numhooks == -1){
1584
perror_plus("scandir");
1585
return;
1586
}
1587
struct dirent *direntry;
1588
int ret;
1589
int devnull = open("/dev/null", O_RDONLY);
1590
for(int i = 0; i < numhooks; i++){
1591
direntry = direntries[i];
1592
char *fullname = NULL;
1593
ret = asprintf(&fullname, "%s/%s", hookdir, direntry->d_name);
1594
if(ret < 0){
1595
perror_plus("asprintf");
1596
continue;
1597
}
1598
if(debug){
1599
fprintf_plus(stderr, "Running network hook \"%s\"\n",
1600
direntry->d_name);
1601
}
1602
pid_t hook_pid = fork();
1603
if(hook_pid == 0){
1604
/* Child */
1605
/* Raise privileges */
1606
if(raise_privileges_permanently() != 0){
1607
perror_plus("Failed to raise privileges");
1608
_exit(EX_NOPERM);
1609
}
1610
/* Set group */
1611
errno = 0;
1612
ret = setgid(0);
1613
if(ret == -1){
1614
perror_plus("setgid");
1615
_exit(EX_NOPERM);
1616
}
1617
/* Reset supplementary groups */
1618
errno = 0;
1619
ret = setgroups(0, NULL);
1620
if(ret == -1){
1621
perror_plus("setgroups");
1622
_exit(EX_NOPERM);
1623
}
1624
ret = dup2(devnull, STDIN_FILENO);
1625
if(ret == -1){
1626
perror_plus("dup2(devnull, STDIN_FILENO)");
1627
_exit(EX_OSERR);
1628
}
1629
ret = close(devnull);
1630
if(ret == -1){
1631
perror_plus("close");
1632
_exit(EX_OSERR);
1633
}
1634
ret = dup2(STDERR_FILENO, STDOUT_FILENO);
1635
if(ret == -1){
1636
perror_plus("dup2(STDERR_FILENO, STDOUT_FILENO)");
1637
_exit(EX_OSERR);
1638
}
1639
ret = setenv("MANDOSNETHOOKDIR", hookdir, 1);
1640
if(ret == -1){
1641
perror_plus("setenv");
1642
_exit(EX_OSERR);
1643
}
1644
ret = setenv("DEVICE", interface, 1);
1645
if(ret == -1){
1646
perror_plus("setenv");
1647
_exit(EX_OSERR);
1648
}
1649
ret = setenv("VERBOSITY", debug ? "1" : "0", 1);
1650
if(ret == -1){
1651
perror_plus("setenv");
1652
_exit(EX_OSERR);
1653
}
1654
ret = setenv("MODE", mode, 1);
1655
if(ret == -1){
1656
perror_plus("setenv");
1657
_exit(EX_OSERR);
1658
}
1659
char *delaystring;
1660
ret = asprintf(&delaystring, "%f", (double)delay);
1661
if(ret == -1){
1662
perror_plus("asprintf");
1663
_exit(EX_OSERR);
1664
}
1665
ret = setenv("DELAY", delaystring, 1);
1666
if(ret == -1){
1667
free(delaystring);
1668
perror_plus("setenv");
1669
_exit(EX_OSERR);
1670
}
1671
free(delaystring);
1672
if(connect_to != NULL){
1673
ret = setenv("CONNECT", connect_to, 1);
1674
if(ret == -1){
1675
perror_plus("setenv");
1676
_exit(EX_OSERR);
1677
}
1678
}
1679
if(execl(fullname, direntry->d_name, mode, NULL) == -1){
1680
perror_plus("execl");
1681
_exit(EXIT_FAILURE);
1682
}
1683
} else {
1684
int status;
1685
if(TEMP_FAILURE_RETRY(waitpid(hook_pid, &status, 0)) == -1){
1686
perror_plus("waitpid");
1687
free(fullname);
1688
continue;
1689
}
1690
if(WIFEXITED(status)){
1691
if(WEXITSTATUS(status) != 0){
1692
fprintf_plus(stderr, "Warning: network hook \"%s\" exited"
1693
" with status %d\n", direntry->d_name,
1694
WEXITSTATUS(status));
1695
free(fullname);
1696
continue;
1697
}
1698
} else if(WIFSIGNALED(status)){
1699
fprintf_plus(stderr, "Warning: network hook \"%s\" died by"
1700
" signal %d\n", direntry->d_name,
1701
WTERMSIG(status));
1702
free(fullname);
1703
continue;
1704
} else {
1705
fprintf_plus(stderr, "Warning: network hook \"%s\""
1706
" crashed\n", direntry->d_name);
1707
free(fullname);
1708
continue;
1709
}
1710
}
1711
free(fullname);
1712
if(debug){
1713
fprintf_plus(stderr, "Network hook \"%s\" ran successfully\n",
1714
direntry->d_name);
1715
}
1716
}
1717
if((int)TEMP_FAILURE_RETRY(close(hookdir_fd)) == -1){
1718
perror_plus("close");
1719
} else {
1720
hookdir_fd = -1;
1721
}
1722
close(devnull);
1723
}
1724
1725
__attribute__((nonnull, warn_unused_result))
1726
error_t bring_up_interface(const char *const interface,
1727
const float delay){
1728
error_t old_errno = errno;
1729
int ret;
1730
struct ifreq network;
1731
unsigned int if_index = if_nametoindex(interface);
1732
if(if_index == 0){
1733
fprintf_plus(stderr, "No such interface: \"%s\"\n", interface);
1734
errno = old_errno;
1735
return ENXIO;
1736
}
1737
1738
if(quit_now){
1739
errno = old_errno;
1740
return EINTR;
1741
}
1742
1743
if(not interface_is_up(interface)){
1744
error_t ret_errno = 0, ioctl_errno = 0;
1745
if(not get_flags(interface, &network)){
1746
ret_errno = errno;
1747
fprintf_plus(stderr, "Failed to get flags for interface "
1748
"\"%s\"\n", interface);
1749
errno = old_errno;
1750
return ret_errno;
1751
}
1752
network.ifr_flags |= IFF_UP; /* set flag */
1753
1754
int sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1755
if(sd == -1){
1756
ret_errno = errno;
1757
perror_plus("socket");
1758
errno = old_errno;
1759
return ret_errno;
1760
}
1761
1762
if(quit_now){
1763
ret = (int)TEMP_FAILURE_RETRY(close(sd));
1764
if(ret == -1){
1765
perror_plus("close");
1766
}
1767
errno = old_errno;
1768
return EINTR;
1769
}
1770
1771
if(debug){
1772
fprintf_plus(stderr, "Bringing up interface \"%s\"\n",
1773
interface);
1774
}
1775
1776
/* Raise privileges */
1777
ret_errno = raise_privileges();
1778
if(ret_errno != 0){
1779
perror_plus("Failed to raise privileges");
1780
}
1781
1782
#ifdef __linux__
1783
int ret_linux;
1784
bool restore_loglevel = false;
1785
if(ret_errno == 0){
1786
/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO
1787
messages about the network interface to mess up the prompt */
1788
ret_linux = klogctl(8, NULL, 5);
1789
if(ret_linux == -1){
1790
perror_plus("klogctl");
1791
} else {
1792
restore_loglevel = true;
1793
}
1794
}
1795
#endif /* __linux__ */
1796
int ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
1797
ioctl_errno = errno;
1798
#ifdef __linux__
1799
if(restore_loglevel){
1800
ret_linux = klogctl(7, NULL, 0);
1801
if(ret_linux == -1){
1802
perror_plus("klogctl");
1803
}
1804
}
1805
#endif /* __linux__ */
1806
1807
/* If raise_privileges() succeeded above */
1808
if(ret_errno == 0){
1809
/* Lower privileges */
1810
ret_errno = lower_privileges();
1811
if(ret_errno != 0){
1812
errno = ret_errno;
1813
perror_plus("Failed to lower privileges");
1814
}
1815
}
1816
1817
/* Close the socket */
1818
ret = (int)TEMP_FAILURE_RETRY(close(sd));
1819
if(ret == -1){
1820
perror_plus("close");
1821
}
1822
1823
if(ret_setflags == -1){
1824
errno = ioctl_errno;
1825
perror_plus("ioctl SIOCSIFFLAGS +IFF_UP");
1826
errno = old_errno;
1827
return ioctl_errno;
1828
}
1829
} else if(debug){
1830
fprintf_plus(stderr, "Interface \"%s\" is already up; good\n",
1831
interface);
1832
}
1833
1834
/* Sleep checking until interface is running.
1835
Check every 0.25s, up to total time of delay */
1836
for(int i=0; i < delay * 4; i++){
1837
if(interface_is_running(interface)){
1838
break;
1839
}
1840
struct timespec sleeptime = { .tv_nsec = 250000000 };
1841
ret = nanosleep(&sleeptime, NULL);
1842
if(ret == -1 and errno != EINTR){
1843
perror_plus("nanosleep");
1844
}
1845
}
1846
1847
errno = old_errno;
1848
return 0;
1849
}
1850
1851
__attribute__((nonnull, warn_unused_result))
1852
error_t take_down_interface(const char *const interface){
1853
error_t old_errno = errno;
1854
struct ifreq network;
1855
unsigned int if_index = if_nametoindex(interface);
1856
if(if_index == 0){
1857
fprintf_plus(stderr, "No such interface: \"%s\"\n", interface);
1858
errno = old_errno;
1859
return ENXIO;
1860
}
1861
if(interface_is_up(interface)){
1862
error_t ret_errno = 0, ioctl_errno = 0;
1863
if(not get_flags(interface, &network) and debug){
1864
ret_errno = errno;
1865
fprintf_plus(stderr, "Failed to get flags for interface "
1866
"\"%s\"\n", interface);
1867
errno = old_errno;
1868
return ret_errno;
1869
}
1870
network.ifr_flags &= ~(short)IFF_UP; /* clear flag */
1871
1872
int sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1873
if(sd == -1){
1874
ret_errno = errno;
1875
perror_plus("socket");
1876
errno = old_errno;
1877
return ret_errno;
1878
}
1879
1880
if(debug){
1881
fprintf_plus(stderr, "Taking down interface \"%s\"\n",
1882
interface);
1883
}
1884
1885
/* Raise privileges */
1886
ret_errno = raise_privileges();
1887
if(ret_errno != 0){
1888
perror_plus("Failed to raise privileges");
1889
}
1890
1891
int ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
1892
ioctl_errno = errno;
1893
1894
/* If raise_privileges() succeeded above */
1895
if(ret_errno == 0){
1896
/* Lower privileges */
1897
ret_errno = lower_privileges();
1898
if(ret_errno != 0){
1899
errno = ret_errno;
1900
perror_plus("Failed to lower privileges");
1901
}
1902
}
1903
1904
/* Close the socket */
1905
int ret = (int)TEMP_FAILURE_RETRY(close(sd));
1906
if(ret == -1){
1907
perror_plus("close");
1908
}
1909
1910
if(ret_setflags == -1){
1911
errno = ioctl_errno;
1912
perror_plus("ioctl SIOCSIFFLAGS -IFF_UP");
1913
errno = old_errno;
1914
return ioctl_errno;
1915
}
1916
} else if(debug){
1917
fprintf_plus(stderr, "Interface \"%s\" is already down; odd\n",
1918
interface);
1919
}
1920
1921
errno = old_errno;
1922
return 0;
1923
}
1924
1925
int main(int argc, char *argv[]){
1926
mandos_context mc = { .server = NULL, .dh_bits = 1024,
1927
.priority = "SECURE256:!CTYPE-X.509:"
1928
"+CTYPE-OPENPGP", .current_server = NULL,
1929
.interfaces = NULL, .interfaces_size = 0 };
1930
AvahiSServiceBrowser *sb = NULL;
1931
error_t ret_errno;
1932
int ret;
1933
intmax_t tmpmax;
581
static void browse_callback(
582
AvahiSServiceBrowser *b,
583
AvahiIfIndex interface,
584
AvahiProtocol protocol,
585
AvahiBrowserEvent event,
586
const char *name,
587
const char *type,
588
const char *domain,
589
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
590
void* userdata) {
591
592
AvahiServer *s = userdata;
593
assert(b); /* Spurious warning */
594
595
/* Called whenever a new services becomes available on the LAN or
596
is removed from the LAN */
597
598
switch (event) {
599
default:
600
case AVAHI_BROWSER_FAILURE:
601
602
fprintf(stderr, "(Browser) %s\n",
603
avahi_strerror(avahi_server_errno(server)));
604
avahi_simple_poll_quit(simple_poll);
605
return;
606
607
case AVAHI_BROWSER_NEW:
608
/* We ignore the returned resolver object. In the callback
609
function we free it. If the server is terminated before
610
the callback function is called the server will free
611
the resolver for us. */
612
613
if (!(avahi_s_service_resolver_new(s, interface, protocol, name,
614
type, domain,
615
AVAHI_PROTO_INET6, 0,
616
resolve_callback, s)))
617
fprintf(stderr, "Failed to resolve service '%s': %s\n", name,
618
avahi_strerror(avahi_server_errno(s)));
619
break;
620
621
case AVAHI_BROWSER_REMOVE:
622
break;
623
624
case AVAHI_BROWSER_ALL_FOR_NOW:
625
case AVAHI_BROWSER_CACHE_EXHAUSTED:
626
break;
627
}
628
}
629
630
/* combinds file name and path and returns the malloced new string. som sane checks could/should be added */
631
const char *combinepath(const char *first, const char *second){
1934
632
char *tmp;
1935
int exitcode = EXIT_SUCCESS;
1936
char *interfaces_to_take_down = NULL;
1937
size_t interfaces_to_take_down_size = 0;
1938
char run_tempdir[] = "/run/tmp/mandosXXXXXX";
1939
char old_tempdir[] = "/tmp/mandosXXXXXX";
1940
char *tempdir = NULL;
1941
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
1942
const char *seckey = PATHDIR "/" SECKEY;
1943
const char *pubkey = PATHDIR "/" PUBKEY;
1944
char *interfaces_hooks = NULL;
1945
1946
bool gnutls_initialized = false;
1947
bool gpgme_initialized = false;
1948
float delay = 2.5f;
1949
double retry_interval = 10; /* 10s between trying a server and
1950
retrying the same server again */
1951
1952
struct sigaction old_sigterm_action = { .sa_handler = SIG_DFL };
1953
struct sigaction sigterm_action = { .sa_handler = handle_sigterm };
1954
1955
uid = getuid();
1956
gid = getgid();
1957
1958
/* Lower any group privileges we might have, just to be safe */
1959
errno = 0;
1960
ret = setgid(gid);
1961
if(ret == -1){
1962
perror_plus("setgid");
1963
}
1964
1965
/* Lower user privileges (temporarily) */
1966
errno = 0;
1967
ret = seteuid(uid);
1968
if(ret == -1){
1969
perror_plus("seteuid");
1970
}
1971
1972
if(quit_now){
1973
goto end;
1974
}
1975
1976
{
1977
struct argp_option options[] = {
1978
{ .name = "debug", .key = 128,
1979
.doc = "Debug mode", .group = 3 },
1980
{ .name = "connect", .key = 'c',
1981
.arg = "ADDRESS:PORT",
1982
.doc = "Connect directly to a specific Mandos server",
1983
.group = 1 },
1984
{ .name = "interface", .key = 'i',
1985
.arg = "NAME",
1986
.doc = "Network interface that will be used to search for"
1987
" Mandos servers",
1988
.group = 1 },
1989
{ .name = "seckey", .key = 's',
1990
.arg = "FILE",
1991
.doc = "OpenPGP secret key file base name",
1992
.group = 1 },
1993
{ .name = "pubkey", .key = 'p',
1994
.arg = "FILE",
1995
.doc = "OpenPGP public key file base name",
1996
.group = 2 },
1997
{ .name = "dh-bits", .key = 129,
1998
.arg = "BITS",
1999
.doc = "Bit length of the prime number used in the"
2000
" Diffie-Hellman key exchange",
2001
.group = 2 },
2002
{ .name = "priority", .key = 130,
2003
.arg = "STRING",
2004
.doc = "GnuTLS priority string for the TLS handshake",
2005
.group = 1 },
2006
{ .name = "delay", .key = 131,
2007
.arg = "SECONDS",
2008
.doc = "Maximum delay to wait for interface startup",
2009
.group = 2 },
2010
{ .name = "retry", .key = 132,
2011
.arg = "SECONDS",
2012
.doc = "Retry interval used when denied by the Mandos server",
2013
.group = 2 },
2014
{ .name = "network-hook-dir", .key = 133,
2015
.arg = "DIR",
2016
.doc = "Directory where network hooks are located",
2017
.group = 2 },
2018
/*
2019
* These reproduce what we would get without ARGP_NO_HELP
2020
*/
2021
{ .name = "help", .key = '?',
2022
.doc = "Give this help list", .group = -1 },
2023
{ .name = "usage", .key = -3,
2024
.doc = "Give a short usage message", .group = -1 },
2025
{ .name = "version", .key = 'V',
2026
.doc = "Print program version", .group = -1 },
2027
{ .name = NULL }
2028
};
2029
2030
error_t parse_opt(int key, char *arg,
2031
struct argp_state *state){
2032
errno = 0;
2033
switch(key){
2034
case 128: /* --debug */
2035
debug = true;
2036
break;
2037
case 'c': /* --connect */
2038
connect_to = arg;
2039
break;
2040
case 'i': /* --interface */
2041
ret_errno = argz_add_sep(&mc.interfaces, &mc.interfaces_size,
2042
arg, (int)',');
2043
if(ret_errno != 0){
2044
argp_error(state, "%s", strerror(ret_errno));
2045
}
2046
break;
2047
case 's': /* --seckey */
2048
seckey = arg;
2049
break;
2050
case 'p': /* --pubkey */
2051
pubkey = arg;
2052
break;
2053
case 129: /* --dh-bits */
2054
errno = 0;
2055
tmpmax = strtoimax(arg, &tmp, 10);
2056
if(errno != 0 or tmp == arg or *tmp != '\0'
2057
or tmpmax != (typeof(mc.dh_bits))tmpmax){
2058
argp_error(state, "Bad number of DH bits");
2059
}
2060
mc.dh_bits = (typeof(mc.dh_bits))tmpmax;
2061
break;
2062
case 130: /* --priority */
2063
mc.priority = arg;
2064
break;
2065
case 131: /* --delay */
2066
errno = 0;
2067
delay = strtof(arg, &tmp);
2068
if(errno != 0 or tmp == arg or *tmp != '\0'){
2069
argp_error(state, "Bad delay");
2070
}
2071
case 132: /* --retry */
2072
errno = 0;
2073
retry_interval = strtod(arg, &tmp);
2074
if(errno != 0 or tmp == arg or *tmp != '\0'
2075
or (retry_interval * 1000) > INT_MAX
2076
or retry_interval < 0){
2077
argp_error(state, "Bad retry interval");
2078
}
2079
break;
2080
case 133: /* --network-hook-dir */
2081
hookdir = arg;
2082
break;
2083
/*
2084
* These reproduce what we would get without ARGP_NO_HELP
2085
*/
2086
case '?': /* --help */
2087
argp_state_help(state, state->out_stream,
2088
(ARGP_HELP_STD_HELP | ARGP_HELP_EXIT_ERR)
2089
& ~(unsigned int)ARGP_HELP_EXIT_OK);
2090
case -3: /* --usage */
2091
argp_state_help(state, state->out_stream,
2092
ARGP_HELP_USAGE | ARGP_HELP_EXIT_ERR);
2093
case 'V': /* --version */
2094
fprintf_plus(state->out_stream, "%s\n", argp_program_version);
2095
exit(argp_err_exit_status);
2096
break;
2097
default:
2098
return ARGP_ERR_UNKNOWN;
2099
}
2100
return errno;
2101
}
2102
2103
struct argp argp = { .options = options, .parser = parse_opt,
2104
.args_doc = "",
2105
.doc = "Mandos client -- Get and decrypt"
2106
" passwords from a Mandos server" };
2107
ret = argp_parse(&argp, argc, argv,
2108
ARGP_IN_ORDER | ARGP_NO_HELP, 0, NULL);
2109
switch(ret){
2110
case 0:
2111
break;
2112
case ENOMEM:
2113
default:
2114
errno = ret;
2115
perror_plus("argp_parse");
2116
exitcode = EX_OSERR;
2117
goto end;
2118
case EINVAL:
2119
exitcode = EX_USAGE;
2120
goto end;
2121
}
2122
}
2123
2124
{
2125
/* Work around Debian bug #633582:
2126
<http://bugs.debian.org/633582> */
2127
2128
/* Re-raise privileges */
2129
ret_errno = raise_privileges();
2130
if(ret_errno != 0){
2131
errno = ret_errno;
2132
perror_plus("Failed to raise privileges");
2133
} else {
2134
struct stat st;
2135
2136
if(strcmp(seckey, PATHDIR "/" SECKEY) == 0){
2137
int seckey_fd = open(seckey, O_RDONLY);
2138
if(seckey_fd == -1){
2139
perror_plus("open");
2140
} else {
2141
ret = (int)TEMP_FAILURE_RETRY(fstat(seckey_fd, &st));
2142
if(ret == -1){
2143
perror_plus("fstat");
2144
} else {
2145
if(S_ISREG(st.st_mode)
2146
and st.st_uid == 0 and st.st_gid == 0){
2147
ret = fchown(seckey_fd, uid, gid);
2148
if(ret == -1){
2149
perror_plus("fchown");
2150
}
2151
}
2152
}
2153
TEMP_FAILURE_RETRY(close(seckey_fd));
2154
}
2155
}
2156
2157
if(strcmp(pubkey, PATHDIR "/" PUBKEY) == 0){
2158
int pubkey_fd = open(pubkey, O_RDONLY);
2159
if(pubkey_fd == -1){
2160
perror_plus("open");
2161
} else {
2162
ret = (int)TEMP_FAILURE_RETRY(fstat(pubkey_fd, &st));
2163
if(ret == -1){
2164
perror_plus("fstat");
2165
} else {
2166
if(S_ISREG(st.st_mode)
2167
and st.st_uid == 0 and st.st_gid == 0){
2168
ret = fchown(pubkey_fd, uid, gid);
2169
if(ret == -1){
2170
perror_plus("fchown");
2171
}
2172
}
2173
}
2174
TEMP_FAILURE_RETRY(close(pubkey_fd));
2175
}
2176
}
2177
2178
/* Lower privileges */
2179
ret_errno = lower_privileges();
2180
if(ret_errno != 0){
2181
errno = ret_errno;
2182
perror_plus("Failed to lower privileges");
2183
}
2184
}
2185
}
2186
2187
/* Remove invalid interface names (except "none") */
2188
{
2189
char *interface = NULL;
2190
while((interface = argz_next(mc.interfaces, mc.interfaces_size,
2191
interface))){
2192
if(strcmp(interface, "none") != 0
2193
and if_nametoindex(interface) == 0){
2194
if(interface[0] != '\0'){
2195
fprintf_plus(stderr, "Not using nonexisting interface"
2196
" \"%s\"\n", interface);
2197
}
2198
argz_delete(&mc.interfaces, &mc.interfaces_size, interface);
2199
interface = NULL;
2200
}
2201
}
2202
}
2203
2204
/* Run network hooks */
2205
{
2206
if(mc.interfaces != NULL){
2207
interfaces_hooks = malloc(mc.interfaces_size);
2208
if(interfaces_hooks == NULL){
2209
perror_plus("malloc");
2210
goto end;
2211
}
2212
memcpy(interfaces_hooks, mc.interfaces, mc.interfaces_size);
2213
argz_stringify(interfaces_hooks, mc.interfaces_size, (int)',');
2214
}
2215
run_network_hooks("start", interfaces_hooks != NULL ?
2216
interfaces_hooks : "", delay);
2217
}
2218
2219
if(not debug){
2220
avahi_set_log_function(empty_log);
2221
}
2222
2223
/* Initialize Avahi early so avahi_simple_poll_quit() can be called
2224
from the signal handler */
2225
/* Initialize the pseudo-RNG for Avahi */
2226
srand((unsigned int) time(NULL));
2227
simple_poll = avahi_simple_poll_new();
2228
if(simple_poll == NULL){
2229
fprintf_plus(stderr,
2230
"Avahi: Failed to create simple poll object.\n");
2231
exitcode = EX_UNAVAILABLE;
2232
goto end;
2233
}
2234
2235
sigemptyset(&sigterm_action.sa_mask);
2236
ret = sigaddset(&sigterm_action.sa_mask, SIGINT);
2237
if(ret == -1){
2238
perror_plus("sigaddset");
2239
exitcode = EX_OSERR;
2240
goto end;
2241
}
2242
ret = sigaddset(&sigterm_action.sa_mask, SIGHUP);
2243
if(ret == -1){
2244
perror_plus("sigaddset");
2245
exitcode = EX_OSERR;
2246
goto end;
2247
}
2248
ret = sigaddset(&sigterm_action.sa_mask, SIGTERM);
2249
if(ret == -1){
2250
perror_plus("sigaddset");
2251
exitcode = EX_OSERR;
2252
goto end;
2253
}
2254
/* Need to check if the handler is SIG_IGN before handling:
2255
| [[info:libc:Initial Signal Actions]] |
2256
| [[info:libc:Basic Signal Handling]] |
2257
*/
2258
ret = sigaction(SIGINT, NULL, &old_sigterm_action);
2259
if(ret == -1){
2260
perror_plus("sigaction");
2261
return EX_OSERR;
2262
}
2263
if(old_sigterm_action.sa_handler != SIG_IGN){
2264
ret = sigaction(SIGINT, &sigterm_action, NULL);
2265
if(ret == -1){
2266
perror_plus("sigaction");
2267
exitcode = EX_OSERR;
2268
goto end;
2269
}
2270
}
2271
ret = sigaction(SIGHUP, NULL, &old_sigterm_action);
2272
if(ret == -1){
2273
perror_plus("sigaction");
2274
return EX_OSERR;
2275
}
2276
if(old_sigterm_action.sa_handler != SIG_IGN){
2277
ret = sigaction(SIGHUP, &sigterm_action, NULL);
2278
if(ret == -1){
2279
perror_plus("sigaction");
2280
exitcode = EX_OSERR;
2281
goto end;
2282
}
2283
}
2284
ret = sigaction(SIGTERM, NULL, &old_sigterm_action);
2285
if(ret == -1){
2286
perror_plus("sigaction");
2287
return EX_OSERR;
2288
}
2289
if(old_sigterm_action.sa_handler != SIG_IGN){
2290
ret = sigaction(SIGTERM, &sigterm_action, NULL);
2291
if(ret == -1){
2292
perror_plus("sigaction");
2293
exitcode = EX_OSERR;
2294
goto end;
2295
}
2296
}
2297
2298
/* If no interfaces were specified, make a list */
2299
if(mc.interfaces == NULL){
2300
struct dirent **direntries;
2301
/* Look for any good interfaces */
2302
ret = scandir(sys_class_net, &direntries, good_interface,
2303
alphasort);
2304
if(ret >= 1){
2305
/* Add all found interfaces to interfaces list */
2306
for(int i = 0; i < ret; ++i){
2307
ret_errno = argz_add(&mc.interfaces, &mc.interfaces_size,
2308
direntries[i]->d_name);
2309
if(ret_errno != 0){
2310
errno = ret_errno;
2311
perror_plus("argz_add");
2312
continue;
2313
}
2314
if(debug){
2315
fprintf_plus(stderr, "Will use interface \"%s\"\n",
2316
direntries[i]->d_name);
2317
}
2318
}
2319
free(direntries);
2320
} else {
2321
free(direntries);
2322
fprintf_plus(stderr, "Could not find a network interface\n");
2323
exitcode = EXIT_FAILURE;
2324
goto end;
2325
}
2326
}
2327
2328
/* Bring up interfaces which are down, and remove any "none"s */
2329
{
2330
char *interface = NULL;
2331
while((interface = argz_next(mc.interfaces, mc.interfaces_size,
2332
interface))){
2333
/* If interface name is "none", stop bringing up interfaces.
2334
Also remove all instances of "none" from the list */
2335
if(strcmp(interface, "none") == 0){
2336
argz_delete(&mc.interfaces, &mc.interfaces_size,
2337
interface);
2338
interface = NULL;
2339
while((interface = argz_next(mc.interfaces,
2340
mc.interfaces_size, interface))){
2341
if(strcmp(interface, "none") == 0){
2342
argz_delete(&mc.interfaces, &mc.interfaces_size,
2343
interface);
2344
interface = NULL;
2345
}
2346
}
2347
break;
2348
}
2349
bool interface_was_up = interface_is_up(interface);
2350
errno = bring_up_interface(interface, delay);
2351
if(not interface_was_up){
2352
if(errno != 0){
2353
perror_plus("Failed to bring up interface");
2354
} else {
2355
errno = argz_add(&interfaces_to_take_down,
2356
&interfaces_to_take_down_size,
2357
interface);
2358
if(errno != 0){
2359
perror_plus("argz_add");
2360
}
2361
}
2362
}
2363
}
2364
if(debug and (interfaces_to_take_down == NULL)){
2365
fprintf_plus(stderr, "No interfaces were brought up\n");
2366
}
2367
}
2368
2369
/* If we only got one interface, explicitly use only that one */
2370
if(argz_count(mc.interfaces, mc.interfaces_size) == 1){
2371
if(debug){
2372
fprintf_plus(stderr, "Using only interface \"%s\"\n",
2373
mc.interfaces);
2374
}
2375
if_index = (AvahiIfIndex)if_nametoindex(mc.interfaces);
2376
}
2377
2378
if(quit_now){
2379
goto end;
2380
}
2381
2382
ret = init_gnutls_global(pubkey, seckey, &mc);
2383
if(ret == -1){
2384
fprintf_plus(stderr, "init_gnutls_global failed\n");
2385
exitcode = EX_UNAVAILABLE;
2386
goto end;
2387
} else {
2388
gnutls_initialized = true;
2389
}
2390
2391
if(quit_now){
2392
goto end;
2393
}
2394
2395
/* Try /run/tmp before /tmp */
2396
tempdir = mkdtemp(run_tempdir);
2397
if(tempdir == NULL and errno == ENOENT){
2398
if(debug){
2399
fprintf_plus(stderr, "Tempdir %s did not work, trying %s\n",
2400
run_tempdir, old_tempdir);
2401
}
2402
tempdir = mkdtemp(old_tempdir);
2403
}
2404
if(tempdir == NULL){
2405
perror_plus("mkdtemp");
2406
goto end;
2407
}
2408
2409
if(quit_now){
2410
goto end;
2411
}
2412
2413
if(not init_gpgme(pubkey, seckey, tempdir, &mc)){
2414
fprintf_plus(stderr, "init_gpgme failed\n");
2415
exitcode = EX_UNAVAILABLE;
2416
goto end;
2417
} else {
2418
gpgme_initialized = true;
2419
}
2420
2421
if(quit_now){
2422
goto end;
2423
}
2424
2425
if(connect_to != NULL){
2426
/* Connect directly, do not use Zeroconf */
2427
/* (Mainly meant for debugging) */
2428
char *address = strrchr(connect_to, ':');
2429
2430
if(address == NULL){
2431
fprintf_plus(stderr, "No colon in address\n");
2432
exitcode = EX_USAGE;
2433
goto end;
2434
}
2435
2436
if(quit_now){
2437
goto end;
2438
}
2439
2440
in_port_t port;
2441
errno = 0;
2442
tmpmax = strtoimax(address+1, &tmp, 10);
2443
if(errno != 0 or tmp == address+1 or *tmp != '\0'
2444
or tmpmax != (in_port_t)tmpmax){
2445
fprintf_plus(stderr, "Bad port number\n");
2446
exitcode = EX_USAGE;
2447
goto end;
2448
}
2449
2450
if(quit_now){
2451
goto end;
2452
}
2453
2454
port = (in_port_t)tmpmax;
2455
*address = '\0';
2456
/* Colon in address indicates IPv6 */
2457
int af;
2458
if(strchr(connect_to, ':') != NULL){
2459
af = AF_INET6;
2460
/* Accept [] around IPv6 address - see RFC 5952 */
2461
if(connect_to[0] == '[' and address[-1] == ']')
2462
{
2463
connect_to++;
2464
address[-1] = '\0';
2465
}
2466
} else {
2467
af = AF_INET;
2468
}
2469
address = connect_to;
2470
2471
if(quit_now){
2472
goto end;
2473
}
2474
2475
while(not quit_now){
2476
ret = start_mandos_communication(address, port, if_index, af,
2477
&mc);
2478
if(quit_now or ret == 0){
2479
break;
2480
}
2481
if(debug){
2482
fprintf_plus(stderr, "Retrying in %d seconds\n",
2483
(int)retry_interval);
2484
}
2485
sleep((unsigned int)retry_interval);
2486
}
2487
2488
if(not quit_now){
2489
exitcode = EXIT_SUCCESS;
2490
}
2491
2492
goto end;
2493
}
2494
2495
if(quit_now){
2496
goto end;
2497
}
2498
2499
{
633
tmp = malloc(strlen(first) + strlen(second) + 2);
634
if (tmp == NULL){
635
perror("malloc");
636
return NULL;
637
}
638
strcpy(tmp, first);
639
if (first[0] != '\0' and first[strlen(first) - 1] != '/'){
640
strcat(tmp, "/");
641
}
642
strcat(tmp, second);
643
return tmp;
644
}
645
646
647
int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char*argv[]) {
2500
648
AvahiServerConfig config;
2501
/* Do not publish any local Zeroconf records */
649
AvahiSServiceBrowser *sb = NULL;
650
int error;
651
int ret;
652
int returncode = EXIT_SUCCESS;
653
const char *interface = NULL;
654
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
655
char *connect_to = NULL;
656
657
while (true){
658
static struct option long_options[] = {
659
{"debug", no_argument, (int *)&debug, 1},
660
{"connect", required_argument, 0, 'C'},
661
{"interface", required_argument, 0, 'i'},
662
{"certdir", required_argument, 0, 'd'},
663
{"certkey", required_argument, 0, 'c'},
664
{"certfile", required_argument, 0, 'k'},
665
{0, 0, 0, 0} };
666
667
int option_index = 0;
668
ret = getopt_long (argc, argv, "i:", long_options,
669
&option_index);
670
671
if (ret == -1){
672
break;
673
}
674
675
switch(ret){
676
case 0:
677
break;
678
case 'i':
679
interface = optarg;
680
break;
681
case 'C':
682
connect_to = optarg;
683
break;
684
case 'd':
685
certdir = optarg;
686
break;
687
case 'c':
688
certfile = optarg;
689
break;
690
case 'k':
691
certkey = optarg;
692
break;
693
default:
694
exit(EXIT_FAILURE);
695
}
696
}
697
698
certfile = combinepath(certdir, certfile);
699
if (certfile == NULL){
700
goto exit;
701
}
702
703
if(interface != NULL){
704
if_index = (AvahiIfIndex) if_nametoindex(interface);
705
if(if_index == 0){
706
fprintf(stderr, "No such interface: \"%s\"\n", interface);
707
exit(EXIT_FAILURE);
708
}
709
}
710
711
if(connect_to != NULL){
712
/* Connect directly, do not use Zeroconf */
713
/* (Mainly meant for debugging) */
714
char *address = strrchr(connect_to, ':');
715
if(address == NULL){
716
fprintf(stderr, "No colon in address\n");
717
exit(EXIT_FAILURE);
718
}
719
errno = 0;
720
uint16_t port = (uint16_t) strtol(address+1, NULL, 10);
721
if(errno){
722
perror("Bad port number");
723
exit(EXIT_FAILURE);
724
}
725
*address = '\0';
726
address = connect_to;
727
ret = start_mandos_communication(address, port, if_index);
728
if(ret < 0){
729
exit(EXIT_FAILURE);
730
} else {
731
exit(EXIT_SUCCESS);
732
}
733
}
734
735
certkey = combinepath(certdir, certkey);
736
if (certkey == NULL){
737
goto exit;
738
}
739
740
if (not debug){
741
avahi_set_log_function(empty_log);
742
}
743
744
/* Initialize the psuedo-RNG */
745
srand((unsigned int) time(NULL));
746
747
/* Allocate main loop object */
748
if (!(simple_poll = avahi_simple_poll_new())) {
749
fprintf(stderr, "Failed to create simple poll object.\n");
750
751
goto exit;
752
}
753
754
/* Do not publish any local records */
2502
755
avahi_server_config_init(&config);
2503
756
config.publish_hinfo = 0;
2504
757
config.publish_addresses = 0;
2505
758
config.publish_workstation = 0;
2506
759
config.publish_domain = 0;
2507
760
2508
761
/* Allocate a new server */
2509
mc.server = avahi_server_new(avahi_simple_poll_get(simple_poll),
2510
&config, NULL, NULL, &ret_errno);
2511
2512
/* Free the Avahi configuration data */
762
server = avahi_server_new(avahi_simple_poll_get(simple_poll),
763
&config, NULL, NULL, &error);
764
765
/* Free the configuration data */
2513
766
avahi_server_config_free(&config);
2514
}
2515
2516
/* Check if creating the Avahi server object succeeded */
2517
if(mc.server == NULL){
2518
fprintf_plus(stderr, "Failed to create Avahi server: %s\n",
2519
avahi_strerror(ret_errno));
2520
exitcode = EX_UNAVAILABLE;
2521
goto end;
2522
}
2523
2524
if(quit_now){
2525
goto end;
2526
}
2527
2528
/* Create the Avahi service browser */
2529
sb = avahi_s_service_browser_new(mc.server, if_index,
2530
AVAHI_PROTO_UNSPEC, "_mandos._tcp",
2531
NULL, 0, browse_callback,
2532
(void *)&mc);
2533
if(sb == NULL){
2534
fprintf_plus(stderr, "Failed to create service browser: %s\n",
2535
avahi_strerror(avahi_server_errno(mc.server)));
2536
exitcode = EX_UNAVAILABLE;
2537
goto end;
2538
}
2539
2540
if(quit_now){
2541
goto end;
2542
}
2543
2544
/* Run the main loop */
2545
2546
if(debug){
2547
fprintf_plus(stderr, "Starting Avahi loop search\n");
2548
}
2549
2550
ret = avahi_loop_with_timeout(simple_poll,
2551
(int)(retry_interval * 1000), &mc);
2552
if(debug){
2553
fprintf_plus(stderr, "avahi_loop_with_timeout exited %s\n",
2554
(ret == 0) ? "successfully" : "with error");
2555
}
2556
2557
end:
2558
2559
if(debug){
2560
fprintf_plus(stderr, "%s exiting\n", argv[0]);
2561
}
2562
2563
/* Cleanup things */
2564
free(mc.interfaces);
2565
2566
if(sb != NULL)
2567
avahi_s_service_browser_free(sb);
2568
2569
if(mc.server != NULL)
2570
avahi_server_free(mc.server);
2571
2572
if(simple_poll != NULL)
2573
avahi_simple_poll_free(simple_poll);
2574
2575
if(gnutls_initialized){
2576
gnutls_certificate_free_credentials(mc.cred);
2577
gnutls_global_deinit();
2578
gnutls_dh_params_deinit(mc.dh_params);
2579
}
2580
2581
if(gpgme_initialized){
2582
gpgme_release(mc.ctx);
2583
}
2584
2585
/* Cleans up the circular linked list of Mandos servers the client
2586
has seen */
2587
if(mc.current_server != NULL){
2588
mc.current_server->prev->next = NULL;
2589
while(mc.current_server != NULL){
2590
server *next = mc.current_server->next;
2591
free(mc.current_server);
2592
mc.current_server = next;
2593
}
2594
}
2595
2596
/* Re-raise privileges */
2597
{
2598
ret_errno = raise_privileges();
2599
if(ret_errno != 0){
2600
perror_plus("Failed to raise privileges");
2601
} else {
2602
2603
/* Run network hooks */
2604
run_network_hooks("stop", interfaces_hooks != NULL ?
2605
interfaces_hooks : "", delay);
2606
2607
/* Take down the network interfaces which were brought up */
2608
{
2609
char *interface = NULL;
2610
while((interface=argz_next(interfaces_to_take_down,
2611
interfaces_to_take_down_size,
2612
interface))){
2613
ret_errno = take_down_interface(interface);
2614
if(ret_errno != 0){
2615
errno = ret_errno;
2616
perror_plus("Failed to take down interface");
2617
}
2618
}
2619
if(debug and (interfaces_to_take_down == NULL)){
2620
fprintf_plus(stderr, "No interfaces needed to be taken"
2621
" down\n");
2622
}
2623
}
2624
}
2625
2626
ret_errno = lower_privileges_permanently();
2627
if(ret_errno != 0){
2628
perror_plus("Failed to lower privileges permanently");
2629
}
2630
}
2631
2632
free(interfaces_to_take_down);
2633
free(interfaces_hooks);
2634
2635
/* Removes the GPGME temp directory and all files inside */
2636
if(tempdir != NULL){
2637
struct dirent **direntries = NULL;
2638
struct dirent *direntry = NULL;
2639
int numentries = scandir(tempdir, &direntries, notdotentries,
2640
alphasort);
2641
if(numentries > 0){
2642
for(int i = 0; i < numentries; i++){
2643
direntry = direntries[i];
2644
char *fullname = NULL;
2645
ret = asprintf(&fullname, "%s/%s", tempdir,
2646
direntry->d_name);
2647
if(ret < 0){
2648
perror_plus("asprintf");
2649
continue;
2650
}
2651
ret = remove(fullname);
2652
if(ret == -1){
2653
fprintf_plus(stderr, "remove(\"%s\"): %s\n", fullname,
2654
strerror(errno));
2655
}
2656
free(fullname);
2657
}
2658
}
2659
2660
/* need to clean even if 0 because man page doesn't specify */
2661
free(direntries);
2662
if(numentries == -1){
2663
perror_plus("scandir");
2664
}
2665
ret = rmdir(tempdir);
2666
if(ret == -1 and errno != ENOENT){
2667
perror_plus("rmdir");
2668
}
2669
}
2670
2671
if(quit_now){
2672
sigemptyset(&old_sigterm_action.sa_mask);
2673
old_sigterm_action.sa_handler = SIG_DFL;
2674
ret = (int)TEMP_FAILURE_RETRY(sigaction(signal_received,
2675
&old_sigterm_action,
2676
NULL));
2677
if(ret == -1){
2678
perror_plus("sigaction");
2679
}
2680
do {
2681
ret = raise(signal_received);
2682
} while(ret != 0 and errno == EINTR);
2683
if(ret != 0){
2684
perror_plus("raise");
2685
abort();
2686
}
2687
TEMP_FAILURE_RETRY(pause());
2688
}
2689
2690
return exitcode;
767
768
/* Check if creating the server object succeeded */
769
if (!server) {
770
fprintf(stderr, "Failed to create server: %s\n",
771
avahi_strerror(error));
772
returncode = EXIT_FAILURE;
773
goto exit;
774
}
775
776
/* Create the service browser */
777
sb = avahi_s_service_browser_new(server, if_index,
778
AVAHI_PROTO_INET6,
779
"_mandos._tcp", NULL, 0,
780
browse_callback, server);
781
if (!sb) {
782
fprintf(stderr, "Failed to create service browser: %s\n",
783
avahi_strerror(avahi_server_errno(server)));
784
returncode = EXIT_FAILURE;
785
goto exit;
786
}
787
788
/* Run the main loop */
789
790
if (debug){
791
fprintf(stderr, "Starting avahi loop search\n");
792
}
793
794
avahi_simple_poll_loop(simple_poll);
795
796
exit:
797
798
if (debug){
799
fprintf(stderr, "%s exiting\n", argv[0]);
800
}
801
802
/* Cleanup things */
803
if (sb)
804
avahi_s_service_browser_free(sb);
805
806
if (server)
807
avahi_server_free(server);
808
809
if (simple_poll)
810
avahi_simple_poll_free(simple_poll);
811
free(certfile);
812
free(certkey);
813
814
return returncode;
2691
815
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0