To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/mandos-client.c
- browse files at revision 357
- compare with another revision
- download diff
- download tarball
- view history from revision 357
- Committer: Teddy Hogeborn
- Date: 2009-09-05 01:05:25 UTC
- Revision ID: teddy@fukt.bsnet.se-20090905010525-7qeq05ztwc2ddhuv
* plugins.d/mandos-client.c (main): Do not handle ignored signals.
Bug fix: remove signal handler
before re-raising signal.
* plugins.d/password-prompt.c (main): Check return values from
"sigaddset()".
Bug fix: remove signal handler
before re-raising signal.
* plugins.d/password-prompt.c (main): Check return values from
"sigaddset()".
- files modified:
- Makefile
added
removed
plugins.d/mandos-client.c
44
44
#include <stdint.h> /* uint16_t, uint32_t */
45
45
#include <stddef.h> /* NULL, size_t, ssize_t */
46
46
#include <stdlib.h> /* free(), EXIT_SUCCESS, EXIT_FAILURE,
47
srand(), strtof(), abort() */
47
srand(), strtof() */
48
48
#include <stdbool.h> /* bool, false, true */
49
49
#include <string.h> /* memset(), strcmp(), strlen(),
50
50
strerror(), asprintf(), strcpy() */
71
71
INET_ADDRSTRLEN, INET6_ADDRSTRLEN
72
72
*/
73
73
#include <unistd.h> /* close(), SEEK_SET, off_t, write(),
74
getuid(), getgid(), seteuid(),
75
setgid(), pause() */
74
getuid(), getgid(), setuid(),
75
setgid() */
76
76
#include <arpa/inet.h> /* inet_pton(), htons */
77
77
#include <iso646.h> /* not, or, and */
78
78
#include <argp.h> /* struct argp_option, error_t, struct
82
82
#include <signal.h> /* sigemptyset(), sigaddset(),
83
83
sigaction(), SIGTERM, sig_atomic_t,
84
84
raise() */
85
#include <sysexits.h> /* EX_OSERR, EX_USAGE */
86
85
87
86
#ifdef __linux__
88
87
#include <sys/klog.h> /* klogctl() */
143
142
.dh_bits = 1024, .priority = "SECURE256"
144
143
":!CTYPE-X.509:+CTYPE-OPENPGP" };
145
144
146
sig_atomic_t quit_now = 0;
147
int signal_received = 0;
148
149
145
/*
150
146
* Make additional room in "buffer" for at least BUFFER_SIZE more
151
147
* bytes. "buffer_capacity" is how much is currently allocated,
168
164
*/
169
165
static bool init_gpgme(const char *seckey,
170
166
const char *pubkey, const char *tempdir){
167
int ret;
171
168
gpgme_error_t rc;
172
169
gpgme_engine_info_t engine_info;
173
170
176
173
* Helper function to insert pub and seckey to the engine keyring.
177
174
*/
178
175
bool import_key(const char *filename){
179
int ret;
180
176
int fd;
181
177
gpgme_data_t pgp_data;
182
178
478
474
static int init_gnutls_session(gnutls_session_t *session){
479
475
int ret;
480
476
/* GnuTLS session creation */
481
do {
482
ret = gnutls_init(session, GNUTLS_SERVER);
483
if(quit_now){
484
return -1;
485
}
486
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
477
ret = gnutls_init(session, GNUTLS_SERVER);
487
478
if(ret != GNUTLS_E_SUCCESS){
488
479
fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
489
480
safer_gnutls_strerror(ret));
491
482
492
483
{
493
484
const char *err;
494
do {
495
ret = gnutls_priority_set_direct(*session, mc.priority, &err);
496
if(quit_now){
497
gnutls_deinit(*session);
498
return -1;
499
}
500
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
485
ret = gnutls_priority_set_direct(*session, mc.priority, &err);
501
486
if(ret != GNUTLS_E_SUCCESS){
502
487
fprintf(stderr, "Syntax error at: %s\n", err);
503
488
fprintf(stderr, "GnuTLS error: %s\n",
507
492
}
508
493
}
509
494
510
do {
511
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
512
mc.cred);
513
if(quit_now){
514
gnutls_deinit(*session);
515
return -1;
516
}
517
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
495
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
496
mc.cred);
518
497
if(ret != GNUTLS_E_SUCCESS){
519
498
fprintf(stderr, "Error setting GnuTLS credentials: %s\n",
520
499
safer_gnutls_strerror(ret));
523
502
}
524
503
525
504
/* ignore client certificate if any. */
526
gnutls_certificate_server_set_request(*session, GNUTLS_CERT_IGNORE);
505
gnutls_certificate_server_set_request(*session,
506
GNUTLS_CERT_IGNORE);
527
507
528
508
gnutls_dh_set_prime_bits(*session, mc.dh_bits);
529
509
534
514
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
535
515
__attribute__((unused)) const char *txt){}
536
516
517
sig_atomic_t quit_now = 0;
518
int signal_received = 0;
519
537
520
/* Called when a Mandos server is found */
538
521
static int start_mandos_communication(const char *ip, uint16_t port,
539
522
AvahiIfIndex if_index,
540
523
int af){
541
int ret, tcp_sd = -1;
524
int ret, tcp_sd;
542
525
ssize_t sret;
543
526
union {
544
527
struct sockaddr_in in;
545
528
struct sockaddr_in6 in6;
546
529
} to;
547
530
char *buffer = NULL;
548
char *decrypted_buffer = NULL;
531
char *decrypted_buffer;
549
532
size_t buffer_length = 0;
550
533
size_t buffer_capacity = 0;
534
ssize_t decrypted_buffer_size;
551
535
size_t written;
552
int retval = -1;
536
int retval = 0;
553
537
gnutls_session_t session;
554
538
int pf; /* Protocol family */
555
539
556
if(quit_now){
557
return -1;
558
}
559
560
540
switch(af){
561
541
case AF_INET6:
562
542
pf = PF_INET6;
582
562
tcp_sd = socket(pf, SOCK_STREAM, 0);
583
563
if(tcp_sd < 0){
584
564
perror("socket");
585
goto mandos_end;
586
}
587
588
if(quit_now){
589
goto mandos_end;
565
return -1;
590
566
}
591
567
592
568
memset(&to, 0, sizeof(to));
599
575
}
600
576
if(ret < 0 ){
601
577
perror("inet_pton");
602
goto mandos_end;
578
return -1;
603
579
}
604
580
if(ret == 0){
605
581
fprintf(stderr, "Bad address: %s\n", ip);
606
goto mandos_end;
582
return -1;
607
583
}
608
584
if(af == AF_INET6){
609
585
to.in6.sin6_port = htons(port); /* Spurious warnings from
616
592
if(if_index == AVAHI_IF_UNSPEC){
617
593
fprintf(stderr, "An IPv6 link-local address is incomplete"
618
594
" without a network interface\n");
619
goto mandos_end;
595
return -1;
620
596
}
621
597
/* Set the network interface number as scope */
622
598
to.in6.sin6_scope_id = (uint32_t)if_index;
627
603
-Wunreachable-code */
628
604
}
629
605
630
if(quit_now){
631
goto mandos_end;
632
}
633
634
606
if(debug){
635
607
if(af == AF_INET6 and if_index != AVAHI_IF_UNSPEC){
636
608
char interface[IF_NAMESIZE];
663
635
}
664
636
}
665
637
666
if(quit_now){
667
goto mandos_end;
668
}
669
670
638
if(af == AF_INET6){
671
639
ret = connect(tcp_sd, &to.in6, sizeof(to));
672
640
} else {
674
642
}
675
643
if(ret < 0){
676
644
perror("connect");
677
goto mandos_end;
678
}
679
680
if(quit_now){
681
goto mandos_end;
645
return -1;
682
646
}
683
647
684
648
const char *out = mandos_protocol_version;
689
653
out_size - written));
690
654
if(ret == -1){
691
655
perror("write");
656
retval = -1;
692
657
goto mandos_end;
693
658
}
694
659
written += (size_t)ret;
702
667
break;
703
668
}
704
669
}
705
706
if(quit_now){
707
goto mandos_end;
708
}
709
670
}
710
671
711
672
if(debug){
712
673
fprintf(stderr, "Establishing TLS session with %s\n", ip);
713
674
}
714
675
715
if(quit_now){
716
goto mandos_end;
717
}
718
719
676
gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) tcp_sd);
720
677
721
if(quit_now){
722
goto mandos_end;
723
}
724
725
do {
678
do{
726
679
ret = gnutls_handshake(session);
727
if(quit_now){
728
goto mandos_end;
729
}
730
680
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
731
681
732
682
if(ret != GNUTLS_E_SUCCESS){
734
684
fprintf(stderr, "*** GnuTLS Handshake failed ***\n");
735
685
gnutls_perror(ret);
736
686
}
687
retval = -1;
737
688
goto mandos_end;
738
689
}
739
690
745
696
}
746
697
747
698
while(true){
748
749
if(quit_now){
750
goto mandos_end;
751
}
752
753
699
buffer_capacity = incbuffer(&buffer, buffer_length,
754
700
buffer_capacity);
755
701
if(buffer_capacity == 0){
756
702
perror("incbuffer");
757
goto mandos_end;
758
}
759
760
if(quit_now){
703
retval = -1;
761
704
goto mandos_end;
762
705
}
763
706
772
715
case GNUTLS_E_AGAIN:
773
716
break;
774
717
case GNUTLS_E_REHANDSHAKE:
775
do {
718
do{
776
719
ret = gnutls_handshake(session);
777
778
if(quit_now){
779
goto mandos_end;
780
}
781
720
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
782
721
if(ret < 0){
783
722
fprintf(stderr, "*** GnuTLS Re-handshake failed ***\n");
784
723
gnutls_perror(ret);
724
retval = -1;
785
725
goto mandos_end;
786
726
}
787
727
break;
788
728
default:
789
729
fprintf(stderr, "Unknown error while reading data from"
790
730
" encrypted session with Mandos server\n");
731
retval = -1;
791
732
gnutls_bye(session, GNUTLS_SHUT_RDWR);
792
733
goto mandos_end;
793
734
}
800
741
fprintf(stderr, "Closing TLS session\n");
801
742
}
802
743
803
if(quit_now){
804
goto mandos_end;
805
}
806
807
do {
808
ret = gnutls_bye(session, GNUTLS_SHUT_RDWR);
809
if(quit_now){
810
goto mandos_end;
811
}
812
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
744
gnutls_bye(session, GNUTLS_SHUT_RDWR);
813
745
814
746
if(buffer_length > 0){
815
ssize_t decrypted_buffer_size;
816
747
decrypted_buffer_size = pgp_packet_decrypt(buffer,
817
748
buffer_length,
818
749
&decrypted_buffer);
819
750
if(decrypted_buffer_size >= 0){
820
821
751
written = 0;
822
752
while(written < (size_t) decrypted_buffer_size){
823
if(quit_now){
824
goto mandos_end;
825
}
826
827
753
ret = (int)fwrite(decrypted_buffer + written, 1,
828
754
(size_t)decrypted_buffer_size - written,
829
755
stdout);
832
758
fprintf(stderr, "Error writing encrypted data: %s\n",
833
759
strerror(errno));
834
760
}
835
goto mandos_end;
761
retval = -1;
762
break;
836
763
}
837
764
written += (size_t)ret;
838
765
}
839
retval = 0;
766
free(decrypted_buffer);
767
} else {
768
retval = -1;
840
769
}
770
} else {
771
retval = -1;
841
772
}
842
773
843
774
/* Shutdown procedure */
844
775
845
776
mandos_end:
846
free(decrypted_buffer);
847
777
free(buffer);
848
if(tcp_sd >= 0){
849
ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));
850
}
778
ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));
851
779
if(ret == -1){
852
780
perror("close");
853
781
}
854
782
gnutls_deinit(session);
855
if(quit_now){
856
retval = -1;
857
}
858
783
return retval;
859
784
}
860
785
923
848
/* Called whenever a new services becomes available on the LAN or
924
849
is removed from the LAN */
925
850
926
if(quit_now){
927
return;
928
}
929
930
851
switch(event){
931
852
default:
932
853
case AVAHI_BROWSER_FAILURE:
999
920
bool gpgme_initialized = false;
1000
921
float delay = 2.5f;
1001
922
1002
struct sigaction old_sigterm_action = { .sa_handler = SIG_DFL };
923
struct sigaction old_sigterm_action;
1003
924
struct sigaction sigterm_action = { .sa_handler = handle_sigterm };
1004
925
1005
uid = getuid();
1006
gid = getgid();
1007
1008
/* Lower any group privileges we might have, just to be safe */
1009
errno = 0;
1010
ret = setgid(gid);
1011
if(ret == -1){
1012
perror("setgid");
1013
}
1014
1015
/* Lower user privileges (temporarily) */
1016
errno = 0;
1017
ret = seteuid(uid);
1018
if(ret == -1){
1019
perror("seteuid");
1020
}
1021
1022
if(quit_now){
1023
goto end;
1024
}
1025
1026
926
{
1027
927
struct argp_option options[] = {
1028
928
{ .name = "debug", .key = 128,
1057
957
.arg = "SECONDS",
1058
958
.doc = "Maximum delay to wait for interface startup",
1059
959
.group = 2 },
1060
/*
1061
* These reproduce what we would get without ARGP_NO_HELP
1062
*/
1063
{ .name = "help", .key = '?',
1064
.doc = "Give this help list", .group = -1 },
1065
{ .name = "usage", .key = -3,
1066
.doc = "Give a short usage message", .group = -1 },
1067
{ .name = "version", .key = 'V',
1068
.doc = "Print program version", .group = -1 },
1069
960
{ .name = NULL }
1070
961
};
1071
962
1072
963
error_t parse_opt(int key, char *arg,
1073
964
struct argp_state *state){
1074
errno = 0;
1075
965
switch(key){
1076
966
case 128: /* --debug */
1077
967
debug = true;
1093
983
tmpmax = strtoimax(arg, &tmp, 10);
1094
984
if(errno != 0 or tmp == arg or *tmp != '\0'
1095
985
or tmpmax != (typeof(mc.dh_bits))tmpmax){
1096
argp_error(state, "Bad number of DH bits");
986
fprintf(stderr, "Bad number of DH bits\n");
987
exit(EXIT_FAILURE);
1097
988
}
1098
989
mc.dh_bits = (typeof(mc.dh_bits))tmpmax;
1099
990
break;
1104
995
errno = 0;
1105
996
delay = strtof(arg, &tmp);
1106
997
if(errno != 0 or tmp == arg or *tmp != '\0'){
1107
argp_error(state, "Bad delay");
998
fprintf(stderr, "Bad delay\n");
999
exit(EXIT_FAILURE);
1108
1000
}
1109
1001
break;
1110
/*
1111
* These reproduce what we would get without ARGP_NO_HELP
1112
*/
1113
case '?': /* --help */
1114
argp_state_help(state, state->out_stream,
1115
(ARGP_HELP_STD_HELP | ARGP_HELP_EXIT_ERR)
1116
& ~(unsigned int)ARGP_HELP_EXIT_OK);
1117
case -3: /* --usage */
1118
argp_state_help(state, state->out_stream,
1119
ARGP_HELP_USAGE | ARGP_HELP_EXIT_ERR);
1120
case 'V': /* --version */
1121
fprintf(state->out_stream, "%s\n", argp_program_version);
1122
exit(argp_err_exit_status);
1002
case ARGP_KEY_ARG:
1003
argp_usage(state);
1004
case ARGP_KEY_END:
1123
1005
break;
1124
1006
default:
1125
1007
return ARGP_ERR_UNKNOWN;
1126
1008
}
1127
return errno;
1009
return 0;
1128
1010
}
1129
1011
1130
1012
struct argp argp = { .options = options, .parser = parse_opt,
1131
1013
.args_doc = "",
1132
1014
.doc = "Mandos client -- Get and decrypt"
1133
1015
" passwords from a Mandos server" };
1134
ret = argp_parse(&argp, argc, argv,
1135
ARGP_IN_ORDER | ARGP_NO_HELP, 0, NULL);
1136
switch(ret){
1137
case 0:
1138
break;
1139
case ENOMEM:
1140
default:
1141
errno = ret;
1142
perror("argp_parse");
1143
exitcode = EX_OSERR;
1144
goto end;
1145
case EINVAL:
1146
exitcode = EX_USAGE;
1016
ret = argp_parse(&argp, argc, argv, 0, 0, NULL);
1017
if(ret == ARGP_ERR_UNKNOWN){
1018
fprintf(stderr, "Unknown error while parsing arguments\n");
1019
exitcode = EXIT_FAILURE;
1147
1020
goto end;
1148
1021
}
1149
1022
}
1239
1112
goto end;
1240
1113
}
1241
1114
1242
/* Re-raise priviliges */
1243
errno = 0;
1244
ret = seteuid(0);
1245
if(ret == -1){
1246
perror("seteuid");
1247
}
1248
1249
1115
#ifdef __linux__
1250
1116
/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO
1251
messages about the network interface to mess up the prompt */
1117
messages to mess up the prompt */
1252
1118
ret = klogctl(8, NULL, 5);
1253
1119
bool restore_loglevel = true;
1254
1120
if(ret == -1){
1269
1135
}
1270
1136
}
1271
1137
#endif /* __linux__ */
1272
/* Lower privileges */
1273
errno = 0;
1274
ret = seteuid(uid);
1275
if(ret == -1){
1276
perror("seteuid");
1277
}
1278
1138
goto end;
1279
1139
}
1280
1140
strcpy(network.ifr_name, interface);
1290
1150
}
1291
1151
#endif /* __linux__ */
1292
1152
exitcode = EXIT_FAILURE;
1293
/* Lower privileges */
1294
errno = 0;
1295
ret = seteuid(uid);
1296
if(ret == -1){
1297
perror("seteuid");
1298
}
1299
1153
goto end;
1300
1154
}
1301
1155
if((network.ifr_flags & IFF_UP) == 0){
1314
1168
}
1315
1169
}
1316
1170
#endif /* __linux__ */
1317
/* Lower privileges */
1318
errno = 0;
1319
ret = seteuid(uid);
1320
if(ret == -1){
1321
perror("seteuid");
1322
}
1323
1171
goto end;
1324
1172
}
1325
1173
}
1353
1201
}
1354
1202
}
1355
1203
#endif /* __linux__ */
1356
/* Lower privileges */
1357
errno = 0;
1358
if(take_down_interface){
1359
/* Lower privileges */
1360
ret = seteuid(uid);
1361
if(ret == -1){
1362
perror("seteuid");
1363
}
1364
} else {
1365
/* Lower privileges permanently */
1366
ret = setuid(uid);
1367
if(ret == -1){
1368
perror("setuid");
1369
}
1370
}
1204
}
1205
1206
if(quit_now){
1207
goto end;
1208
}
1209
1210
uid = getuid();
1211
gid = getgid();
1212
1213
errno = 0;
1214
setgid(gid);
1215
if(ret == -1){
1216
perror("setgid");
1217
}
1218
1219
ret = setuid(uid);
1220
if(ret == -1){
1221
perror("setuid");
1371
1222
}
1372
1223
1373
1224
if(quit_now){
1547
1398
1548
1399
/* Take down the network interface */
1549
1400
if(take_down_interface){
1550
/* Re-raise priviliges */
1551
errno = 0;
1552
ret = seteuid(0);
1401
ret = ioctl(sd, SIOCGIFFLAGS, &network);
1553
1402
if(ret == -1){
1554
perror("seteuid");
1403
perror("ioctl SIOCGIFFLAGS");
1404
} else if(network.ifr_flags & IFF_UP) {
1405
network.ifr_flags &= ~IFF_UP; /* clear flag */
1406
ret = ioctl(sd, SIOCSIFFLAGS, &network);
1407
if(ret == -1){
1408
perror("ioctl SIOCSIFFLAGS");
1409
}
1555
1410
}
1556
if(geteuid() == 0){
1557
ret = ioctl(sd, SIOCGIFFLAGS, &network);
1558
if(ret == -1){
1559
perror("ioctl SIOCGIFFLAGS");
1560
} else if(network.ifr_flags & IFF_UP) {
1561
network.ifr_flags &= ~(short)IFF_UP; /* clear flag */
1562
ret = ioctl(sd, SIOCSIFFLAGS, &network);
1563
if(ret == -1){
1564
perror("ioctl SIOCSIFFLAGS");
1565
}
1566
}
1567
ret = (int)TEMP_FAILURE_RETRY(close(sd));
1568
if(ret == -1){
1569
perror("close");
1570
}
1571
/* Lower privileges permanently */
1572
errno = 0;
1573
ret = setuid(uid);
1574
if(ret == -1){
1575
perror("setuid");
1576
}
1411
ret = (int)TEMP_FAILURE_RETRY(close(sd));
1412
if(ret == -1){
1413
perror("close");
1577
1414
}
1578
1415
}
1579
1416
1624
1461
if(quit_now){
1625
1462
sigemptyset(&old_sigterm_action.sa_mask);
1626
1463
old_sigterm_action.sa_handler = SIG_DFL;
1627
ret = (int)TEMP_FAILURE_RETRY(sigaction(signal_received,
1628
&old_sigterm_action,
1629
NULL));
1464
ret = sigaction(signal_received, &old_sigterm_action, NULL);
1630
1465
if(ret == -1){
1631
1466
perror("sigaction");
1632
1467
}
1633
do {
1634
ret = raise(signal_received);
1635
} while(ret != 0 and errno == EINTR);
1636
if(ret != 0){
1637
perror("raise");
1638
abort();
1639
}
1640
TEMP_FAILURE_RETRY(pause());
1468
raise(signal_received);
1641
1469
}
1642
1470
1643
1471
return exitcode;
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0