To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/mandos-client.c
- browse files at revision 505.2.3
- compare with another revision
- download diff
- download tarball
- view history from revision 505.2.3
- Committer: Teddy Hogeborn
- Date: 2011-11-11 09:10:58 UTC
- mto: (505.2.5 mandos-client-network-hooks)
- mto: This revision was merged to the branch mainline in revision 525.
- Revision ID: teddy@recompile.se-20111111091058-60y74fpjy2ce1c17
Intermediate commit - this does *not* work yet.
* plugins.d/mandos-client.c (HOOKDIR): New.
(up_interface): New.
(runnable_hook): New.
(main): Run network hooks with "start" argument.
* plugins.d/mandos-client.c (HOOKDIR): New.
(up_interface): New.
(runnable_hook): New.
(main): Run network hooks with "start" argument.
- files added:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- files removed:
- ca.pem
- files renamed:
- mandos-clients.conf => clients.conf
- server.py => mandos
- plugbasedclient.c => plugin-runner.c
- plugins.d/mandosclient.c => plugins.d/mandos-client.c
- plugins.d/passprompt.c => plugins.d/password-prompt.c
- files modified:
- Makefile
added
removed
plugins.d/mandos-client.c
1
/***
2
This file is part of avahi.
3
4
avahi is free software; you can redistribute it and/or modify it
5
under the terms of the GNU Lesser General Public License as
6
published by the Free Software Foundation; either version 2.1 of the
7
License, or (at your option) any later version.
8
9
avahi is distributed in the hope that it will be useful, but WITHOUT
10
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General
12
Public License for more details.
13
14
You should have received a copy of the GNU Lesser General Public
15
License along with avahi; if not, write to the Free Software
16
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
17
USA.
18
***/
1
/* -*- coding: utf-8 -*- */
2
/*
3
* Mandos-client - get and decrypt data from a Mandos server
4
*
5
* This program is partly derived from an example program for an Avahi
6
* service browser, downloaded from
7
* <http://avahi.org/browser/examples/core-browse-services.c>. This
8
* includes the following functions: "resolve_callback",
9
* "browse_callback", and parts of "main".
10
*
11
* Everything else is
12
* Copyright © 2008-2011 Teddy Hogeborn
13
* Copyright © 2008-2011 Björn Påhlsson
14
*
15
* This program is free software: you can redistribute it and/or
16
* modify it under the terms of the GNU General Public License as
17
* published by the Free Software Foundation, either version 3 of the
18
* License, or (at your option) any later version.
19
*
20
* This program is distributed in the hope that it will be useful, but
21
* WITHOUT ANY WARRANTY; without even the implied warranty of
22
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
23
* General Public License for more details.
24
*
25
* You should have received a copy of the GNU General Public License
26
* along with this program. If not, see
27
* <http://www.gnu.org/licenses/>.
28
*
29
* Contact the authors at <mandos@recompile.se>.
30
*/
19
31
32
/* Needed by GPGME, specifically gpgme_data_seek() */
33
#ifndef _LARGEFILE_SOURCE
20
34
#define _LARGEFILE_SOURCE
35
#endif
36
#ifndef _FILE_OFFSET_BITS
21
37
#define _FILE_OFFSET_BITS 64
22
23
#include <stdio.h>
24
#include <assert.h>
25
#include <stdlib.h>
26
#include <time.h>
27
#include <net/if.h> /* if_nametoindex */
28
38
#endif
39
40
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */
41
42
#include <stdio.h> /* fprintf(), stderr, fwrite(),
43
stdout, ferror(), remove() */
44
#include <stdint.h> /* uint16_t, uint32_t */
45
#include <stddef.h> /* NULL, size_t, ssize_t */
46
#include <stdlib.h> /* free(), EXIT_SUCCESS, srand(),
47
strtof(), abort() */
48
#include <stdbool.h> /* bool, false, true */
49
#include <string.h> /* memset(), strcmp(), strlen(),
50
strerror(), asprintf(), strcpy() */
51
#include <sys/ioctl.h> /* ioctl */
52
#include <sys/types.h> /* socket(), inet_pton(), sockaddr,
53
sockaddr_in6, PF_INET6,
54
SOCK_STREAM, uid_t, gid_t, open(),
55
opendir(), DIR */
56
#include <sys/stat.h> /* open() */
57
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
58
inet_pton(), connect() */
59
#include <fcntl.h> /* open() */
60
#include <dirent.h> /* opendir(), struct dirent, readdir()
61
*/
62
#include <inttypes.h> /* PRIu16, PRIdMAX, intmax_t,
63
strtoimax() */
64
#include <assert.h> /* assert() */
65
#include <errno.h> /* perror(), errno,
66
program_invocation_short_name */
67
#include <time.h> /* nanosleep(), time(), sleep() */
68
#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
69
SIOCSIFFLAGS, if_indextoname(),
70
if_nametoindex(), IF_NAMESIZE */
71
#include <netinet/in.h> /* IN6_IS_ADDR_LINKLOCAL,
72
INET_ADDRSTRLEN, INET6_ADDRSTRLEN
73
*/
74
#include <unistd.h> /* close(), SEEK_SET, off_t, write(),
75
getuid(), getgid(), seteuid(),
76
setgid(), pause() */
77
#include <arpa/inet.h> /* inet_pton(), htons, inet_ntop() */
78
#include <iso646.h> /* not, or, and */
79
#include <argp.h> /* struct argp_option, error_t, struct
80
argp_state, struct argp,
81
argp_parse(), ARGP_KEY_ARG,
82
ARGP_KEY_END, ARGP_ERR_UNKNOWN */
83
#include <signal.h> /* sigemptyset(), sigaddset(),
84
sigaction(), SIGTERM, sig_atomic_t,
85
raise() */
86
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_UNAVAILABLE,
87
EX_NOHOST, EX_IOERR, EX_PROTOCOL */
88
89
#ifdef __linux__
90
#include <sys/klog.h> /* klogctl() */
91
#endif /* __linux__ */
92
93
/* Avahi */
94
/* All Avahi types, constants and functions
95
Avahi*, avahi_*,
96
AVAHI_* */
29
97
#include <avahi-core/core.h>
30
98
#include <avahi-core/lookup.h>
31
99
#include <avahi-core/log.h>
33
101
#include <avahi-common/malloc.h>
34
102
#include <avahi-common/error.h>
35
103
36
//mandos client part
37
#include <sys/types.h> /* socket(), setsockopt(), inet_pton() */
38
#include <sys/socket.h> /* socket(), setsockopt(), struct sockaddr_in6, struct in6_addr, inet_pton() */
39
#include <gnutls/gnutls.h> /* ALL GNUTLS STUFF */
40
#include <gnutls/openpgp.h> /* gnutls with openpgp stuff */
41
42
#include <unistd.h> /* close() */
43
#include <netinet/in.h>
44
#include <stdbool.h> /* true */
45
#include <string.h> /* memset */
46
#include <arpa/inet.h> /* inet_pton() */
47
#include <iso646.h> /* not */
48
49
// gpgme
50
#include <errno.h> /* perror() */
51
#include <gpgme.h>
52
53
// getopt long
54
#include <getopt.h>
55
56
#ifndef CERT_ROOT
57
#define CERT_ROOT "/conf/conf.d/cryptkeyreq/"
58
#endif
59
#define CERTFILE CERT_ROOT "openpgp-client.txt"
60
#define KEYFILE CERT_ROOT "openpgp-client-key.txt"
104
/* GnuTLS */
105
#include <gnutls/gnutls.h> /* All GnuTLS types, constants and
106
functions:
107
gnutls_*
108
init_gnutls_session(),
109
GNUTLS_* */
110
#include <gnutls/openpgp.h>
111
/* gnutls_certificate_set_openpgp_key_file(),
112
GNUTLS_OPENPGP_FMT_BASE64 */
113
114
/* GPGME */
115
#include <gpgme.h> /* All GPGME types, constants and
116
functions:
117
gpgme_*
118
GPGME_PROTOCOL_OpenPGP,
119
GPG_ERR_NO_* */
120
61
121
#define BUFFER_SIZE 256
62
#define DH_BITS 1024
122
123
#define PATHDIR "/conf/conf.d/mandos"
124
#define SECKEY "seckey.txt"
125
#define PUBKEY "pubkey.txt"
126
#define HOOKDIR "/lib/mandos/network-hooks.d"
63
127
64
128
bool debug = false;
65
char *interface = "eth0";
66
129
static const char mandos_protocol_version[] = "1";
130
const char *argp_program_version = "mandos-client " VERSION;
131
const char *argp_program_bug_address = "<mandos@recompile.se>";
132
static const char sys_class_net[] = "/sys/class/net";
133
char *connect_to = NULL;
134
135
/* Doubly linked list that need to be circularly linked when used */
136
typedef struct server{
137
const char *ip;
138
uint16_t port;
139
AvahiIfIndex if_index;
140
int af;
141
struct timespec last_seen;
142
struct server *next;
143
struct server *prev;
144
} server;
145
146
/* Used for passing in values through the Avahi callback functions */
67
147
typedef struct {
68
gnutls_session_t session;
148
AvahiSimplePoll *simple_poll;
149
AvahiServer *server;
69
150
gnutls_certificate_credentials_t cred;
151
unsigned int dh_bits;
70
152
gnutls_dh_params_t dh_params;
71
} encrypted_session;
72
73
74
ssize_t gpg_packet_decrypt (char *packet, size_t packet_size, char **new_packet, char *homedir){
75
gpgme_data_t dh_crypto, dh_plain;
153
const char *priority;
76
154
gpgme_ctx_t ctx;
155
server *current_server;
156
} mandos_context;
157
158
/* global context so signal handler can reach it*/
159
mandos_context mc = { .simple_poll = NULL, .server = NULL,
160
.dh_bits = 1024, .priority = "SECURE256"
161
":!CTYPE-X.509:+CTYPE-OPENPGP",
162
.current_server = NULL };
163
164
sig_atomic_t quit_now = 0;
165
int signal_received = 0;
166
167
/* Function to use when printing errors */
168
void perror_plus(const char *print_text){
169
fprintf(stderr, "Mandos plugin %s: ",
170
program_invocation_short_name);
171
perror(print_text);
172
}
173
174
/*
175
* Make additional room in "buffer" for at least BUFFER_SIZE more
176
* bytes. "buffer_capacity" is how much is currently allocated,
177
* "buffer_length" is how much is already used.
178
*/
179
size_t incbuffer(char **buffer, size_t buffer_length,
180
size_t buffer_capacity){
181
if(buffer_length + BUFFER_SIZE > buffer_capacity){
182
*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
183
if(buffer == NULL){
184
return 0;
185
}
186
buffer_capacity += BUFFER_SIZE;
187
}
188
return buffer_capacity;
189
}
190
191
/* Add server to set of servers to retry periodically */
192
int add_server(const char *ip, uint16_t port,
193
AvahiIfIndex if_index,
194
int af){
195
int ret;
196
server *new_server = malloc(sizeof(server));
197
if(new_server == NULL){
198
perror_plus("malloc");
199
return -1;
200
}
201
*new_server = (server){ .ip = strdup(ip),
202
.port = port,
203
.if_index = if_index,
204
.af = af };
205
if(new_server->ip == NULL){
206
perror_plus("strdup");
207
return -1;
208
}
209
/* Special case of first server */
210
if (mc.current_server == NULL){
211
new_server->next = new_server;
212
new_server->prev = new_server;
213
mc.current_server = new_server;
214
/* Place the new server last in the list */
215
} else {
216
new_server->next = mc.current_server;
217
new_server->prev = mc.current_server->prev;
218
new_server->prev->next = new_server;
219
mc.current_server->prev = new_server;
220
}
221
ret = clock_gettime(CLOCK_MONOTONIC, &mc.current_server->last_seen);
222
if(ret == -1){
223
perror_plus("clock_gettime");
224
return -1;
225
}
226
return 0;
227
}
228
229
/*
230
* Initialize GPGME.
231
*/
232
static bool init_gpgme(const char *seckey,
233
const char *pubkey, const char *tempdir){
77
234
gpgme_error_t rc;
78
ssize_t ret;
79
size_t new_packet_capacity = 0;
80
size_t new_packet_length = 0;
81
235
gpgme_engine_info_t engine_info;
82
83
if (debug){
84
fprintf(stderr, "Attempting to decrypt password from gpg packet\n");
236
237
238
/*
239
* Helper function to insert pub and seckey to the engine keyring.
240
*/
241
bool import_key(const char *filename){
242
int ret;
243
int fd;
244
gpgme_data_t pgp_data;
245
246
fd = (int)TEMP_FAILURE_RETRY(open(filename, O_RDONLY));
247
if(fd == -1){
248
perror_plus("open");
249
return false;
250
}
251
252
rc = gpgme_data_new_from_fd(&pgp_data, fd);
253
if(rc != GPG_ERR_NO_ERROR){
254
fprintf(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",
255
gpgme_strsource(rc), gpgme_strerror(rc));
256
return false;
257
}
258
259
rc = gpgme_op_import(mc.ctx, pgp_data);
260
if(rc != GPG_ERR_NO_ERROR){
261
fprintf(stderr, "bad gpgme_op_import: %s: %s\n",
262
gpgme_strsource(rc), gpgme_strerror(rc));
263
return false;
264
}
265
266
ret = (int)TEMP_FAILURE_RETRY(close(fd));
267
if(ret == -1){
268
perror_plus("close");
269
}
270
gpgme_data_release(pgp_data);
271
return true;
272
}
273
274
if(debug){
275
fprintf(stderr, "Initializing GPGME\n");
85
276
}
86
277
87
278
/* Init GPGME */
88
279
gpgme_check_version(NULL);
89
gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
280
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
281
if(rc != GPG_ERR_NO_ERROR){
282
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
283
gpgme_strsource(rc), gpgme_strerror(rc));
284
return false;
285
}
90
286
91
/* Set GPGME home directory */
92
rc = gpgme_get_engine_info (&engine_info);
93
if (rc != GPG_ERR_NO_ERROR){
287
/* Set GPGME home directory for the OpenPGP engine only */
288
rc = gpgme_get_engine_info(&engine_info);
289
if(rc != GPG_ERR_NO_ERROR){
94
290
fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
95
291
gpgme_strsource(rc), gpgme_strerror(rc));
96
return -1;
292
return false;
97
293
}
98
294
while(engine_info != NULL){
99
295
if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){
100
296
gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,
101
engine_info->file_name, homedir);
297
engine_info->file_name, tempdir);
102
298
break;
103
299
}
104
300
engine_info = engine_info->next;
105
301
}
106
302
if(engine_info == NULL){
107
fprintf(stderr, "Could not set home dir to %s\n", homedir);
108
return -1;
109
}
110
111
/* Create new GPGME data buffer from packet buffer */
112
rc = gpgme_data_new_from_mem(&dh_crypto, packet, packet_size, 0);
113
if (rc != GPG_ERR_NO_ERROR){
303
fprintf(stderr, "Could not set GPGME home dir to %s\n", tempdir);
304
return false;
305
}
306
307
/* Create new GPGME "context" */
308
rc = gpgme_new(&(mc.ctx));
309
if(rc != GPG_ERR_NO_ERROR){
310
fprintf(stderr, "bad gpgme_new: %s: %s\n",
311
gpgme_strsource(rc), gpgme_strerror(rc));
312
return false;
313
}
314
315
if(not import_key(pubkey) or not import_key(seckey)){
316
return false;
317
}
318
319
return true;
320
}
321
322
/*
323
* Decrypt OpenPGP data.
324
* Returns -1 on error
325
*/
326
static ssize_t pgp_packet_decrypt(const char *cryptotext,
327
size_t crypto_size,
328
char **plaintext){
329
gpgme_data_t dh_crypto, dh_plain;
330
gpgme_error_t rc;
331
ssize_t ret;
332
size_t plaintext_capacity = 0;
333
ssize_t plaintext_length = 0;
334
335
if(debug){
336
fprintf(stderr, "Trying to decrypt OpenPGP data\n");
337
}
338
339
/* Create new GPGME data buffer from memory cryptotext */
340
rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,
341
0);
342
if(rc != GPG_ERR_NO_ERROR){
114
343
fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
115
344
gpgme_strsource(rc), gpgme_strerror(rc));
116
345
return -1;
118
347
119
348
/* Create new empty GPGME data buffer for the plaintext */
120
349
rc = gpgme_data_new(&dh_plain);
121
if (rc != GPG_ERR_NO_ERROR){
350
if(rc != GPG_ERR_NO_ERROR){
122
351
fprintf(stderr, "bad gpgme_data_new: %s: %s\n",
123
352
gpgme_strsource(rc), gpgme_strerror(rc));
124
return -1;
125
}
126
127
/* Create new GPGME "context" */
128
rc = gpgme_new(&ctx);
129
if (rc != GPG_ERR_NO_ERROR){
130
fprintf(stderr, "bad gpgme_new: %s: %s\n",
131
gpgme_strsource(rc), gpgme_strerror(rc));
132
return -1;
133
}
134
135
/* Decrypt data from the FILE pointer to the plaintext data buffer */
136
rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);
137
if (rc != GPG_ERR_NO_ERROR){
353
gpgme_data_release(dh_crypto);
354
return -1;
355
}
356
357
/* Decrypt data from the cryptotext data buffer to the plaintext
358
data buffer */
359
rc = gpgme_op_decrypt(mc.ctx, dh_crypto, dh_plain);
360
if(rc != GPG_ERR_NO_ERROR){
138
361
fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
139
362
gpgme_strsource(rc), gpgme_strerror(rc));
140
return -1;
141
}
142
143
if(debug){
144
fprintf(stderr, "decryption of gpg packet succeeded\n");
145
}
146
147
if (debug){
148
gpgme_decrypt_result_t result;
149
result = gpgme_op_decrypt_result(ctx);
150
if (result == NULL){
151
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
152
} else {
153
fprintf(stderr, "Unsupported algorithm: %s\n", result->unsupported_algorithm);
154
fprintf(stderr, "Wrong key usage: %d\n", result->wrong_key_usage);
155
if(result->file_name != NULL){
156
fprintf(stderr, "File name: %s\n", result->file_name);
157
}
158
gpgme_recipient_t recipient;
159
recipient = result->recipients;
160
if(recipient){
363
plaintext_length = -1;
364
if(debug){
365
gpgme_decrypt_result_t result;
366
result = gpgme_op_decrypt_result(mc.ctx);
367
if(result == NULL){
368
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
369
} else {
370
fprintf(stderr, "Unsupported algorithm: %s\n",
371
result->unsupported_algorithm);
372
fprintf(stderr, "Wrong key usage: %u\n",
373
result->wrong_key_usage);
374
if(result->file_name != NULL){
375
fprintf(stderr, "File name: %s\n", result->file_name);
376
}
377
gpgme_recipient_t recipient;
378
recipient = result->recipients;
161
379
while(recipient != NULL){
162
380
fprintf(stderr, "Public key algorithm: %s\n",
163
381
gpgme_pubkey_algo_name(recipient->pubkey_algo));
164
382
fprintf(stderr, "Key ID: %s\n", recipient->keyid);
165
383
fprintf(stderr, "Secret key available: %s\n",
166
recipient->status == GPG_ERR_NO_SECKEY ? "No" : "Yes");
384
recipient->status == GPG_ERR_NO_SECKEY
385
? "No" : "Yes");
167
386
recipient = recipient->next;
168
387
}
169
388
}
170
389
}
390
goto decrypt_end;
171
391
}
172
392
173
/* Delete the GPGME FILE pointer cryptotext data buffer */
174
gpgme_data_release(dh_crypto);
393
if(debug){
394
fprintf(stderr, "Decryption of OpenPGP data succeeded\n");
395
}
175
396
176
397
/* Seek back to the beginning of the GPGME plaintext data buffer */
177
gpgme_data_seek(dh_plain, 0, SEEK_SET);
178
179
*new_packet = 0;
398
if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){
399
perror_plus("gpgme_data_seek");
400
plaintext_length = -1;
401
goto decrypt_end;
402
}
403
404
*plaintext = NULL;
180
405
while(true){
181
if (new_packet_length + BUFFER_SIZE > new_packet_capacity){
182
*new_packet = realloc(*new_packet, new_packet_capacity + BUFFER_SIZE);
183
if (*new_packet == NULL){
184
perror("realloc");
185
return -1;
186
}
187
new_packet_capacity += BUFFER_SIZE;
406
plaintext_capacity = incbuffer(plaintext,
407
(size_t)plaintext_length,
408
plaintext_capacity);
409
if(plaintext_capacity == 0){
410
perror_plus("incbuffer");
411
plaintext_length = -1;
412
goto decrypt_end;
188
413
}
189
414
190
ret = gpgme_data_read(dh_plain, *new_packet + new_packet_length, BUFFER_SIZE);
415
ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,
416
BUFFER_SIZE);
191
417
/* Print the data, if any */
192
if (ret == 0){
193
/* If password is empty, then a incorrect error will be printed */
418
if(ret == 0){
419
/* EOF */
194
420
break;
195
421
}
196
422
if(ret < 0){
197
perror("gpgme_data_read");
198
return -1;
199
}
200
new_packet_length += ret;
201
}
202
203
/* FIXME: check characters before printing to screen so to not print
204
terminal control characters */
205
/* if(debug){ */
206
/* fprintf(stderr, "decrypted password is: "); */
207
/* fwrite(*new_packet, 1, new_packet_length, stderr); */
208
/* fprintf(stderr, "\n"); */
209
/* } */
423
perror_plus("gpgme_data_read");
424
plaintext_length = -1;
425
goto decrypt_end;
426
}
427
plaintext_length += ret;
428
}
429
430
if(debug){
431
fprintf(stderr, "Decrypted password is: ");
432
for(ssize_t i = 0; i < plaintext_length; i++){
433
fprintf(stderr, "%02hhX ", (*plaintext)[i]);
434
}
435
fprintf(stderr, "\n");
436
}
437
438
decrypt_end:
439
440
/* Delete the GPGME cryptotext data buffer */
441
gpgme_data_release(dh_crypto);
210
442
211
443
/* Delete the GPGME plaintext data buffer */
212
444
gpgme_data_release(dh_plain);
213
return new_packet_length;
445
return plaintext_length;
214
446
}
215
447
216
static const char * safer_gnutls_strerror (int value) {
217
const char *ret = gnutls_strerror (value);
218
if (ret == NULL)
448
static const char * safer_gnutls_strerror(int value){
449
const char *ret = gnutls_strerror(value); /* Spurious warning from
450
-Wunreachable-code */
451
if(ret == NULL)
219
452
ret = "(unknown)";
220
453
return ret;
221
454
}
222
455
223
void debuggnutls(int level, const char* string){
224
fprintf(stderr, "%s", string);
456
/* GnuTLS log function callback */
457
static void debuggnutls(__attribute__((unused)) int level,
458
const char* string){
459
fprintf(stderr, "GnuTLS: %s", string);
225
460
}
226
461
227
int initgnutls(encrypted_session *es){
228
const char *err;
462
static int init_gnutls_global(const char *pubkeyfilename,
463
const char *seckeyfilename){
229
464
int ret;
230
465
231
466
if(debug){
232
fprintf(stderr, "Initializing gnutls\n");
467
fprintf(stderr, "Initializing GnuTLS\n");
233
468
}
234
235
469
236
if ((ret = gnutls_global_init ())
237
!= GNUTLS_E_SUCCESS) {
238
fprintf (stderr, "global_init: %s\n", safer_gnutls_strerror(ret));
470
ret = gnutls_global_init();
471
if(ret != GNUTLS_E_SUCCESS){
472
fprintf(stderr, "GnuTLS global_init: %s\n",
473
safer_gnutls_strerror(ret));
239
474
return -1;
240
475
}
241
242
if (debug){
476
477
if(debug){
478
/* "Use a log level over 10 to enable all debugging options."
479
* - GnuTLS manual
480
*/
243
481
gnutls_global_set_log_level(11);
244
482
gnutls_global_set_log_function(debuggnutls);
245
483
}
246
484
247
248
/* openpgp credentials */
249
if ((ret = gnutls_certificate_allocate_credentials (&es->cred))
250
!= GNUTLS_E_SUCCESS) {
251
fprintf (stderr, "memory error: %s\n", safer_gnutls_strerror(ret));
485
/* OpenPGP credentials */
486
ret = gnutls_certificate_allocate_credentials(&mc.cred);
487
if(ret != GNUTLS_E_SUCCESS){
488
fprintf(stderr, "GnuTLS memory error: %s\n",
489
safer_gnutls_strerror(ret));
490
gnutls_global_deinit();
252
491
return -1;
253
492
}
254
493
255
494
if(debug){
256
fprintf(stderr, "Attempting to use openpgp certificate %s"
257
" and keyfile %s as gnutls credentials\n", CERTFILE, KEYFILE);
495
fprintf(stderr, "Attempting to use OpenPGP public key %s and"
496
" secret key %s as GnuTLS credentials\n", pubkeyfilename,
497
seckeyfilename);
258
498
}
259
499
260
500
ret = gnutls_certificate_set_openpgp_key_file
261
(es->cred, CERTFILE, KEYFILE, GNUTLS_OPENPGP_FMT_BASE64);
262
if (ret != GNUTLS_E_SUCCESS) {
263
fprintf
264
(stderr, "Error[%d] while reading the OpenPGP key pair ('%s', '%s')\n",
265
ret, CERTFILE, KEYFILE);
266
fprintf(stdout, "The Error is: %s\n",
267
safer_gnutls_strerror(ret));
268
return -1;
269
}
270
271
//Gnutls server initialization
272
if ((ret = gnutls_dh_params_init (&es->dh_params))
273
!= GNUTLS_E_SUCCESS) {
274
fprintf (stderr, "Error in dh parameter initialization: %s\n",
275
safer_gnutls_strerror(ret));
276
return -1;
277
}
278
279
if ((ret = gnutls_dh_params_generate2 (es->dh_params, DH_BITS))
280
!= GNUTLS_E_SUCCESS) {
281
fprintf (stderr, "Error in prime generation: %s\n",
282
safer_gnutls_strerror(ret));
283
return -1;
284
}
285
286
gnutls_certificate_set_dh_params (es->cred, es->dh_params);
287
288
// Gnutls session creation
289
if ((ret = gnutls_init (&es->session, GNUTLS_SERVER))
290
!= GNUTLS_E_SUCCESS){
291
fprintf(stderr, "Error in gnutls session initialization: %s\n",
292
safer_gnutls_strerror(ret));
293
}
294
295
if ((ret = gnutls_priority_set_direct (es->session, "NORMAL", &err))
296
!= GNUTLS_E_SUCCESS) {
297
fprintf(stderr, "Syntax error at: %s\n", err);
298
fprintf(stderr, "Gnutls error: %s\n",
299
safer_gnutls_strerror(ret));
300
return -1;
301
}
302
303
if ((ret = gnutls_credentials_set
304
(es->session, GNUTLS_CRD_CERTIFICATE, es->cred))
305
!= GNUTLS_E_SUCCESS) {
306
fprintf(stderr, "Error setting a credentials set: %s\n",
307
safer_gnutls_strerror(ret));
308
return -1;
309
}
310
501
(mc.cred, pubkeyfilename, seckeyfilename,
502
GNUTLS_OPENPGP_FMT_BASE64);
503
if(ret != GNUTLS_E_SUCCESS){
504
fprintf(stderr,
505
"Error[%d] while reading the OpenPGP key pair ('%s',"
506
" '%s')\n", ret, pubkeyfilename, seckeyfilename);
507
fprintf(stderr, "The GnuTLS error is: %s\n",
508
safer_gnutls_strerror(ret));
509
goto globalfail;
510
}
511
512
/* GnuTLS server initialization */
513
ret = gnutls_dh_params_init(&mc.dh_params);
514
if(ret != GNUTLS_E_SUCCESS){
515
fprintf(stderr, "Error in GnuTLS DH parameter initialization:"
516
" %s\n", safer_gnutls_strerror(ret));
517
goto globalfail;
518
}
519
ret = gnutls_dh_params_generate2(mc.dh_params, mc.dh_bits);
520
if(ret != GNUTLS_E_SUCCESS){
521
fprintf(stderr, "Error in GnuTLS prime generation: %s\n",
522
safer_gnutls_strerror(ret));
523
goto globalfail;
524
}
525
526
gnutls_certificate_set_dh_params(mc.cred, mc.dh_params);
527
528
return 0;
529
530
globalfail:
531
532
gnutls_certificate_free_credentials(mc.cred);
533
gnutls_global_deinit();
534
gnutls_dh_params_deinit(mc.dh_params);
535
return -1;
536
}
537
538
static int init_gnutls_session(gnutls_session_t *session){
539
int ret;
540
/* GnuTLS session creation */
541
do {
542
ret = gnutls_init(session, GNUTLS_SERVER);
543
if(quit_now){
544
return -1;
545
}
546
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
547
if(ret != GNUTLS_E_SUCCESS){
548
fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
549
safer_gnutls_strerror(ret));
550
}
551
552
{
553
const char *err;
554
do {
555
ret = gnutls_priority_set_direct(*session, mc.priority, &err);
556
if(quit_now){
557
gnutls_deinit(*session);
558
return -1;
559
}
560
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
561
if(ret != GNUTLS_E_SUCCESS){
562
fprintf(stderr, "Syntax error at: %s\n", err);
563
fprintf(stderr, "GnuTLS error: %s\n",
564
safer_gnutls_strerror(ret));
565
gnutls_deinit(*session);
566
return -1;
567
}
568
}
569
570
do {
571
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
572
mc.cred);
573
if(quit_now){
574
gnutls_deinit(*session);
575
return -1;
576
}
577
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
578
if(ret != GNUTLS_E_SUCCESS){
579
fprintf(stderr, "Error setting GnuTLS credentials: %s\n",
580
safer_gnutls_strerror(ret));
581
gnutls_deinit(*session);
582
return -1;
583
}
584
311
585
/* ignore client certificate if any. */
312
gnutls_certificate_server_set_request (es->session, GNUTLS_CERT_IGNORE);
586
gnutls_certificate_server_set_request(*session, GNUTLS_CERT_IGNORE);
313
587
314
gnutls_dh_set_prime_bits (es->session, DH_BITS);
588
gnutls_dh_set_prime_bits(*session, mc.dh_bits);
315
589
316
590
return 0;
317
591
}
318
592
319
void empty_log(AvahiLogLevel level, const char *txt){}
593
/* Avahi log function callback */
594
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
595
__attribute__((unused)) const char *txt){}
320
596
321
int start_mandos_communication(char *ip, uint16_t port){
322
int ret, tcp_sd;
323
struct sockaddr_in6 to;
324
encrypted_session es;
597
/* Called when a Mandos server is found */
598
static int start_mandos_communication(const char *ip, uint16_t port,
599
AvahiIfIndex if_index,
600
int af){
601
int ret, tcp_sd = -1;
602
ssize_t sret;
603
union {
604
struct sockaddr_in in;
605
struct sockaddr_in6 in6;
606
} to;
325
607
char *buffer = NULL;
326
char *decrypted_buffer;
608
char *decrypted_buffer = NULL;
327
609
size_t buffer_length = 0;
328
610
size_t buffer_capacity = 0;
329
ssize_t decrypted_buffer_size;
330
int retval = 0;
331
332
if(debug){
333
fprintf(stderr, "Setting up a tcp connection to %s\n", ip);
334
}
335
336
tcp_sd = socket(PF_INET6, SOCK_STREAM, 0);
337
if(tcp_sd < 0) {
338
perror("socket");
339
return -1;
340
}
341
342
if(debug){
343
fprintf(stderr, "Binding to interface %s\n", interface);
344
}
345
346
ret = setsockopt(tcp_sd, SOL_SOCKET, SO_BINDTODEVICE, interface, 5);
347
if(tcp_sd < 0) {
348
perror("setsockopt bindtodevice");
349
return -1;
350
}
351
352
memset(&to,0,sizeof(to));
353
to.sin6_family = AF_INET6;
354
ret = inet_pton(AF_INET6, ip, &to.sin6_addr);
355
if (ret < 0 ){
356
perror("inet_pton");
357
return -1;
358
}
611
size_t written;
612
int retval = -1;
613
gnutls_session_t session;
614
int pf; /* Protocol family */
615
616
errno = 0;
617
618
if(quit_now){
619
errno = EINTR;
620
return -1;
621
}
622
623
switch(af){
624
case AF_INET6:
625
pf = PF_INET6;
626
break;
627
case AF_INET:
628
pf = PF_INET;
629
break;
630
default:
631
fprintf(stderr, "Bad address family: %d\n", af);
632
errno = EINVAL;
633
return -1;
634
}
635
636
ret = init_gnutls_session(&session);
637
if(ret != 0){
638
return -1;
639
}
640
641
if(debug){
642
fprintf(stderr, "Setting up a TCP connection to %s, port %" PRIu16
643
"\n", ip, port);
644
}
645
646
tcp_sd = socket(pf, SOCK_STREAM, 0);
647
if(tcp_sd < 0){
648
int e = errno;
649
perror_plus("socket");
650
errno = e;
651
goto mandos_end;
652
}
653
654
if(quit_now){
655
errno = EINTR;
656
goto mandos_end;
657
}
658
659
memset(&to, 0, sizeof(to));
660
if(af == AF_INET6){
661
to.in6.sin6_family = (sa_family_t)af;
662
ret = inet_pton(af, ip, &to.in6.sin6_addr);
663
} else { /* IPv4 */
664
to.in.sin_family = (sa_family_t)af;
665
ret = inet_pton(af, ip, &to.in.sin_addr);
666
}
667
if(ret < 0 ){
668
int e = errno;
669
perror_plus("inet_pton");
670
errno = e;
671
goto mandos_end;
672
}
359
673
if(ret == 0){
674
int e = errno;
360
675
fprintf(stderr, "Bad address: %s\n", ip);
361
return -1;
362
}
363
to.sin6_port = htons(port);
364
to.sin6_scope_id = if_nametoindex(interface);
365
366
if(debug){
367
fprintf(stderr, "Connection to: %s\n", ip);
368
}
369
370
ret = connect(tcp_sd, (struct sockaddr *) &to, sizeof(to));
371
if (ret < 0){
372
perror("connect");
373
return -1;
374
}
375
376
ret = initgnutls (&es);
377
if (ret != 0){
378
retval = -1;
379
return -1;
380
}
381
382
383
gnutls_transport_set_ptr (es.session, (gnutls_transport_ptr_t) tcp_sd);
384
385
if(debug){
386
fprintf(stderr, "Establishing tls session with %s\n", ip);
387
}
388
389
390
ret = gnutls_handshake (es.session);
391
392
if (ret != GNUTLS_E_SUCCESS){
393
fprintf(stderr, "\n*** Handshake failed ***\n");
394
gnutls_perror (ret);
395
retval = -1;
396
goto exit;
397
}
398
399
//Retrieve gpg packet that contains the wanted password
400
401
if(debug){
402
fprintf(stderr, "Retrieving pgp encrypted password from %s\n", ip);
403
}
404
405
while(true){
406
if (buffer_length + BUFFER_SIZE > buffer_capacity){
407
buffer = realloc(buffer, buffer_capacity + BUFFER_SIZE);
408
if (buffer == NULL){
409
perror("realloc");
410
goto exit;
411
}
412
buffer_capacity += BUFFER_SIZE;
413
}
414
415
ret = gnutls_record_recv
416
(es.session, buffer+buffer_length, BUFFER_SIZE);
417
if (ret == 0){
676
errno = e;
677
goto mandos_end;
678
}
679
if(af == AF_INET6){
680
to.in6.sin6_port = htons(port); /* Spurious warnings from
681
-Wconversion and
682
-Wunreachable-code */
683
684
if(IN6_IS_ADDR_LINKLOCAL /* Spurious warnings from */
685
(&to.in6.sin6_addr)){ /* -Wstrict-aliasing=2 or lower and
686
-Wunreachable-code*/
687
if(if_index == AVAHI_IF_UNSPEC){
688
fprintf(stderr, "An IPv6 link-local address is incomplete"
689
" without a network interface\n");
690
errno = EINVAL;
691
goto mandos_end;
692
}
693
/* Set the network interface number as scope */
694
to.in6.sin6_scope_id = (uint32_t)if_index;
695
}
696
} else {
697
to.in.sin_port = htons(port); /* Spurious warnings from
698
-Wconversion and
699
-Wunreachable-code */
700
}
701
702
if(quit_now){
703
errno = EINTR;
704
goto mandos_end;
705
}
706
707
if(debug){
708
if(af == AF_INET6 and if_index != AVAHI_IF_UNSPEC){
709
char interface[IF_NAMESIZE];
710
if(if_indextoname((unsigned int)if_index, interface) == NULL){
711
perror_plus("if_indextoname");
712
} else {
713
fprintf(stderr, "Connection to: %s%%%s, port %" PRIu16 "\n",
714
ip, interface, port);
715
}
716
} else {
717
fprintf(stderr, "Connection to: %s, port %" PRIu16 "\n", ip,
718
port);
719
}
720
char addrstr[(INET_ADDRSTRLEN > INET6_ADDRSTRLEN) ?
721
INET_ADDRSTRLEN : INET6_ADDRSTRLEN] = "";
722
const char *pcret;
723
if(af == AF_INET6){
724
pcret = inet_ntop(af, &(to.in6.sin6_addr), addrstr,
725
sizeof(addrstr));
726
} else {
727
pcret = inet_ntop(af, &(to.in.sin_addr), addrstr,
728
sizeof(addrstr));
729
}
730
if(pcret == NULL){
731
perror_plus("inet_ntop");
732
} else {
733
if(strcmp(addrstr, ip) != 0){
734
fprintf(stderr, "Canonical address form: %s\n", addrstr);
735
}
736
}
737
}
738
739
if(quit_now){
740
errno = EINTR;
741
goto mandos_end;
742
}
743
744
if(af == AF_INET6){
745
ret = connect(tcp_sd, &to.in6, sizeof(to));
746
} else {
747
ret = connect(tcp_sd, &to.in, sizeof(to)); /* IPv4 */
748
}
749
if(ret < 0){
750
if ((errno != ECONNREFUSED and errno != ENETUNREACH) or debug){
751
int e = errno;
752
perror_plus("connect");
753
errno = e;
754
}
755
goto mandos_end;
756
}
757
758
if(quit_now){
759
errno = EINTR;
760
goto mandos_end;
761
}
762
763
const char *out = mandos_protocol_version;
764
written = 0;
765
while(true){
766
size_t out_size = strlen(out);
767
ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written,
768
out_size - written));
769
if(ret == -1){
770
int e = errno;
771
perror_plus("write");
772
errno = e;
773
goto mandos_end;
774
}
775
written += (size_t)ret;
776
if(written < out_size){
777
continue;
778
} else {
779
if(out == mandos_protocol_version){
780
written = 0;
781
out = "\r\n";
782
} else {
783
break;
784
}
785
}
786
787
if(quit_now){
788
errno = EINTR;
789
goto mandos_end;
790
}
791
}
792
793
if(debug){
794
fprintf(stderr, "Establishing TLS session with %s\n", ip);
795
}
796
797
if(quit_now){
798
errno = EINTR;
799
goto mandos_end;
800
}
801
802
/* Spurious warning from -Wint-to-pointer-cast */
803
gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) tcp_sd);
804
805
if(quit_now){
806
errno = EINTR;
807
goto mandos_end;
808
}
809
810
do {
811
ret = gnutls_handshake(session);
812
if(quit_now){
813
errno = EINTR;
814
goto mandos_end;
815
}
816
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
817
818
if(ret != GNUTLS_E_SUCCESS){
819
if(debug){
820
fprintf(stderr, "*** GnuTLS Handshake failed ***\n");
821
gnutls_perror(ret);
822
}
823
errno = EPROTO;
824
goto mandos_end;
825
}
826
827
/* Read OpenPGP packet that contains the wanted password */
828
829
if(debug){
830
fprintf(stderr, "Retrieving OpenPGP encrypted password from %s\n",
831
ip);
832
}
833
834
while(true){
835
836
if(quit_now){
837
errno = EINTR;
838
goto mandos_end;
839
}
840
841
buffer_capacity = incbuffer(&buffer, buffer_length,
842
buffer_capacity);
843
if(buffer_capacity == 0){
844
int e = errno;
845
perror_plus("incbuffer");
846
errno = e;
847
goto mandos_end;
848
}
849
850
if(quit_now){
851
errno = EINTR;
852
goto mandos_end;
853
}
854
855
sret = gnutls_record_recv(session, buffer+buffer_length,
856
BUFFER_SIZE);
857
if(sret == 0){
418
858
break;
419
859
}
420
if (ret < 0){
421
switch(ret){
860
if(sret < 0){
861
switch(sret){
422
862
case GNUTLS_E_INTERRUPTED:
423
863
case GNUTLS_E_AGAIN:
424
864
break;
425
865
case GNUTLS_E_REHANDSHAKE:
426
ret = gnutls_handshake (es.session);
427
if (ret < 0){
428
fprintf(stderr, "\n*** Handshake failed ***\n");
429
gnutls_perror (ret);
430
retval = -1;
431
goto exit;
866
do {
867
ret = gnutls_handshake(session);
868
869
if(quit_now){
870
errno = EINTR;
871
goto mandos_end;
872
}
873
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
874
if(ret < 0){
875
fprintf(stderr, "*** GnuTLS Re-handshake failed ***\n");
876
gnutls_perror(ret);
877
errno = EPROTO;
878
goto mandos_end;
432
879
}
433
880
break;
434
881
default:
435
fprintf(stderr, "Unknown error while reading data from encrypted session with mandos server\n");
436
retval = -1;
437
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
438
goto exit;
439
}
440
} else {
441
buffer_length += ret;
442
}
443
}
444
445
if (buffer_length > 0){
446
if ((decrypted_buffer_size = gpg_packet_decrypt(buffer, buffer_length, &decrypted_buffer, CERT_ROOT)) >= 0){
447
fwrite (decrypted_buffer, 1, decrypted_buffer_size, stdout);
448
free(decrypted_buffer);
449
} else {
882
fprintf(stderr, "Unknown error while reading data from"
883
" encrypted session with Mandos server\n");
884
gnutls_bye(session, GNUTLS_SHUT_RDWR);
885
errno = EIO;
886
goto mandos_end;
887
}
888
} else {
889
buffer_length += (size_t) sret;
890
}
891
}
892
893
if(debug){
894
fprintf(stderr, "Closing TLS session\n");
895
}
896
897
if(quit_now){
898
errno = EINTR;
899
goto mandos_end;
900
}
901
902
do {
903
ret = gnutls_bye(session, GNUTLS_SHUT_RDWR);
904
if(quit_now){
905
errno = EINTR;
906
goto mandos_end;
907
}
908
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
909
910
if(buffer_length > 0){
911
ssize_t decrypted_buffer_size;
912
decrypted_buffer_size = pgp_packet_decrypt(buffer,
913
buffer_length,
914
&decrypted_buffer);
915
if(decrypted_buffer_size >= 0){
916
917
written = 0;
918
while(written < (size_t) decrypted_buffer_size){
919
if(quit_now){
920
errno = EINTR;
921
goto mandos_end;
922
}
923
924
ret = (int)fwrite(decrypted_buffer + written, 1,
925
(size_t)decrypted_buffer_size - written,
926
stdout);
927
if(ret == 0 and ferror(stdout)){
928
int e = errno;
929
if(debug){
930
fprintf(stderr, "Error writing encrypted data: %s\n",
931
strerror(errno));
932
}
933
errno = e;
934
goto mandos_end;
935
}
936
written += (size_t)ret;
937
}
938
retval = 0;
939
}
940
}
941
942
/* Shutdown procedure */
943
944
mandos_end:
945
{
946
int e = errno;
947
free(decrypted_buffer);
948
free(buffer);
949
if(tcp_sd >= 0){
950
ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));
951
}
952
if(ret == -1){
953
if(e == 0){
954
e = errno;
955
}
956
perror_plus("close");
957
}
958
gnutls_deinit(session);
959
errno = e;
960
if(quit_now){
961
errno = EINTR;
450
962
retval = -1;
451
963
}
452
964
}
453
454
//shutdown procedure
455
456
if(debug){
457
fprintf(stderr, "Closing tls session\n");
458
}
459
460
free(buffer);
461
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
462
exit:
463
close(tcp_sd);
464
gnutls_deinit (es.session);
465
gnutls_certificate_free_credentials (es.cred);
466
gnutls_global_deinit ();
467
965
return retval;
468
966
}
469
967
470
static AvahiSimplePoll *simple_poll = NULL;
471
static AvahiServer *server = NULL;
472
473
static void resolve_callback(
474
AvahiSServiceResolver *r,
475
AVAHI_GCC_UNUSED AvahiIfIndex interface,
476
AVAHI_GCC_UNUSED AvahiProtocol protocol,
477
AvahiResolverEvent event,
478
const char *name,
479
const char *type,
480
const char *domain,
481
const char *host_name,
482
const AvahiAddress *address,
483
uint16_t port,
484
AvahiStringList *txt,
485
AvahiLookupResultFlags flags,
486
AVAHI_GCC_UNUSED void* userdata) {
487
488
assert(r);
489
490
/* Called whenever a service has been resolved successfully or timed out */
491
492
switch (event) {
493
case AVAHI_RESOLVER_FAILURE:
494
fprintf(stderr, "(Resolver) Failed to resolve service '%s' of type '%s' in domain '%s': %s\n", name, type, domain, avahi_strerror(avahi_server_errno(server)));
495
break;
496
497
case AVAHI_RESOLVER_FOUND: {
498
char ip[AVAHI_ADDRESS_STR_MAX];
499
avahi_address_snprint(ip, sizeof(ip), address);
500
if(debug){
501
fprintf(stderr, "Mandos server found at %s on port %d\n", ip, port);
502
}
503
int ret = start_mandos_communication(ip, port);
504
if (ret == 0){
505
exit(EXIT_SUCCESS);
506
} else {
507
exit(EXIT_FAILURE);
508
}
509
}
510
}
511
avahi_s_service_resolver_free(r);
512
}
513
514
static void browse_callback(
515
AvahiSServiceBrowser *b,
516
AvahiIfIndex interface,
517
AvahiProtocol protocol,
518
AvahiBrowserEvent event,
519
const char *name,
520
const char *type,
521
const char *domain,
522
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
523
void* userdata) {
524
525
AvahiServer *s = userdata;
526
assert(b);
527
528
/* Called whenever a new services becomes available on the LAN or is removed from the LAN */
529
530
switch (event) {
531
532
case AVAHI_BROWSER_FAILURE:
533
534
fprintf(stderr, "(Browser) %s\n", avahi_strerror(avahi_server_errno(server)));
535
avahi_simple_poll_quit(simple_poll);
536
return;
537
538
case AVAHI_BROWSER_NEW:
539
/* We ignore the returned resolver object. In the callback
540
function we free it. If the server is terminated before
541
the callback function is called the server will free
542
the resolver for us. */
543
544
if (!(avahi_s_service_resolver_new(s, interface, protocol, name, type, domain, AVAHI_PROTO_INET6, 0, resolve_callback, s)))
545
fprintf(stderr, "Failed to resolve service '%s': %s\n", name, avahi_strerror(avahi_server_errno(s)));
546
547
break;
548
549
case AVAHI_BROWSER_REMOVE:
550
break;
551
552
case AVAHI_BROWSER_ALL_FOR_NOW:
553
case AVAHI_BROWSER_CACHE_EXHAUSTED:
554
break;
555
}
556
}
557
558
int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char*argv[]) {
968
static void resolve_callback(AvahiSServiceResolver *r,
969
AvahiIfIndex interface,
970
AvahiProtocol proto,
971
AvahiResolverEvent event,
972
const char *name,
973
const char *type,
974
const char *domain,
975
const char *host_name,
976
const AvahiAddress *address,
977
uint16_t port,
978
AVAHI_GCC_UNUSED AvahiStringList *txt,
979
AVAHI_GCC_UNUSED AvahiLookupResultFlags
980
flags,
981
AVAHI_GCC_UNUSED void* userdata){
982
assert(r);
983
984
/* Called whenever a service has been resolved successfully or
985
timed out */
986
987
if(quit_now){
988
return;
989
}
990
991
switch(event){
992
default:
993
case AVAHI_RESOLVER_FAILURE:
994
fprintf(stderr, "(Avahi Resolver) Failed to resolve service '%s'"
995
" of type '%s' in domain '%s': %s\n", name, type, domain,
996
avahi_strerror(avahi_server_errno(mc.server)));
997
break;
998
999
case AVAHI_RESOLVER_FOUND:
1000
{
1001
char ip[AVAHI_ADDRESS_STR_MAX];
1002
avahi_address_snprint(ip, sizeof(ip), address);
1003
if(debug){
1004
fprintf(stderr, "Mandos server \"%s\" found on %s (%s, %"
1005
PRIdMAX ") on port %" PRIu16 "\n", name, host_name,
1006
ip, (intmax_t)interface, port);
1007
}
1008
int ret = start_mandos_communication(ip, port, interface,
1009
avahi_proto_to_af(proto));
1010
if(ret == 0){
1011
avahi_simple_poll_quit(mc.simple_poll);
1012
} else {
1013
ret = add_server(ip, port, interface,
1014
avahi_proto_to_af(proto));
1015
}
1016
}
1017
}
1018
avahi_s_service_resolver_free(r);
1019
}
1020
1021
static void browse_callback(AvahiSServiceBrowser *b,
1022
AvahiIfIndex interface,
1023
AvahiProtocol protocol,
1024
AvahiBrowserEvent event,
1025
const char *name,
1026
const char *type,
1027
const char *domain,
1028
AVAHI_GCC_UNUSED AvahiLookupResultFlags
1029
flags,
1030
AVAHI_GCC_UNUSED void* userdata){
1031
assert(b);
1032
1033
/* Called whenever a new services becomes available on the LAN or
1034
is removed from the LAN */
1035
1036
if(quit_now){
1037
return;
1038
}
1039
1040
switch(event){
1041
default:
1042
case AVAHI_BROWSER_FAILURE:
1043
1044
fprintf(stderr, "(Avahi browser) %s\n",
1045
avahi_strerror(avahi_server_errno(mc.server)));
1046
avahi_simple_poll_quit(mc.simple_poll);
1047
return;
1048
1049
case AVAHI_BROWSER_NEW:
1050
/* We ignore the returned Avahi resolver object. In the callback
1051
function we free it. If the Avahi server is terminated before
1052
the callback function is called the Avahi server will free the
1053
resolver for us. */
1054
1055
if(avahi_s_service_resolver_new(mc.server, interface, protocol,
1056
name, type, domain, protocol, 0,
1057
resolve_callback, NULL) == NULL)
1058
fprintf(stderr, "Avahi: Failed to resolve service '%s': %s\n",
1059
name, avahi_strerror(avahi_server_errno(mc.server)));
1060
break;
1061
1062
case AVAHI_BROWSER_REMOVE:
1063
break;
1064
1065
case AVAHI_BROWSER_ALL_FOR_NOW:
1066
case AVAHI_BROWSER_CACHE_EXHAUSTED:
1067
if(debug){
1068
fprintf(stderr, "No Mandos server found, still searching...\n");
1069
}
1070
break;
1071
}
1072
}
1073
1074
/* Signal handler that stops main loop after SIGTERM */
1075
static void handle_sigterm(int sig){
1076
if(quit_now){
1077
return;
1078
}
1079
quit_now = 1;
1080
signal_received = sig;
1081
int old_errno = errno;
1082
/* set main loop to exit */
1083
if(mc.simple_poll != NULL){
1084
avahi_simple_poll_quit(mc.simple_poll);
1085
}
1086
errno = old_errno;
1087
}
1088
1089
bool get_flags(const char *ifname, struct ifreq *ifr){
1090
int ret;
1091
1092
int s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1093
if(s < 0){
1094
perror_plus("socket");
1095
return false;
1096
}
1097
strcpy(ifr->ifr_name, ifname);
1098
ret = ioctl(s, SIOCGIFFLAGS, ifr);
1099
if(ret == -1){
1100
if(debug){
1101
perror_plus("ioctl SIOCGIFFLAGS");
1102
}
1103
return false;
1104
}
1105
return true;
1106
}
1107
1108
bool good_flags(const char *ifname, const struct ifreq *ifr){
1109
1110
/* Reject the loopback device */
1111
if(ifr->ifr_flags & IFF_LOOPBACK){
1112
if(debug){
1113
fprintf(stderr, "Rejecting loopback interface \"%s\"\n",
1114
ifname);
1115
}
1116
return false;
1117
}
1118
/* Accept point-to-point devices only if connect_to is specified */
1119
if(connect_to != NULL and (ifr->ifr_flags & IFF_POINTOPOINT)){
1120
if(debug){
1121
fprintf(stderr, "Accepting point-to-point interface \"%s\"\n",
1122
ifname);
1123
}
1124
return true;
1125
}
1126
/* Otherwise, reject non-broadcast-capable devices */
1127
if(not (ifr->ifr_flags & IFF_BROADCAST)){
1128
if(debug){
1129
fprintf(stderr, "Rejecting non-broadcast interface \"%s\"\n",
1130
ifname);
1131
}
1132
return false;
1133
}
1134
/* Reject non-ARP interfaces (including dummy interfaces) */
1135
if(ifr->ifr_flags & IFF_NOARP){
1136
if(debug){
1137
fprintf(stderr, "Rejecting non-ARP interface \"%s\"\n", ifname);
1138
}
1139
return false;
1140
}
1141
1142
/* Accept this device */
1143
if(debug){
1144
fprintf(stderr, "Interface \"%s\" is good\n", ifname);
1145
}
1146
return true;
1147
}
1148
1149
/*
1150
* This function determines if a directory entry in /sys/class/net
1151
* corresponds to an acceptable network device.
1152
* (This function is passed to scandir(3) as a filter function.)
1153
*/
1154
int good_interface(const struct dirent *if_entry){
1155
int ret;
1156
if(if_entry->d_name[0] == '.'){
1157
return 0;
1158
}
1159
struct ifreq ifr;
1160
1161
if(not get_flags(if_entry->d_name, &ifr)){
1162
return 0;
1163
}
1164
1165
if(not good_flags(if_entry->d_name, &ifr)){
1166
return 0;
1167
}
1168
return 1;
1169
}
1170
1171
/*
1172
* This function determines if a directory entry in /sys/class/net
1173
* corresponds to an acceptable network device which is up.
1174
* (This function is passed to scandir(3) as a filter function.)
1175
*/
1176
int up_interface(const struct dirent *if_entry){
1177
ssize_t ssret;
1178
char *flagname = NULL;
1179
if(if_entry->d_name[0] == '.'){
1180
return 0;
1181
}
1182
int ret = asprintf(&flagname, "%s/%s/flags", sys_class_net,
1183
if_entry->d_name);
1184
if(ret < 0){
1185
perror_plus("asprintf");
1186
return 0;
1187
}
1188
int flags_fd = (int)TEMP_FAILURE_RETRY(open(flagname, O_RDONLY));
1189
if(flags_fd == -1){
1190
perror_plus("open");
1191
free(flagname);
1192
return 0;
1193
}
1194
free(flagname);
1195
typedef short ifreq_flags; /* ifreq.ifr_flags in netdevice(7) */
1196
/* read line from flags_fd */
1197
ssize_t to_read = 2+(sizeof(ifreq_flags)*2)+1; /* "0x1003\n" */
1198
char *flagstring = malloc((size_t)to_read+1); /* +1 for final \0 */
1199
flagstring[(size_t)to_read] = '\0';
1200
if(flagstring == NULL){
1201
perror_plus("malloc");
1202
close(flags_fd);
1203
return 0;
1204
}
1205
while(to_read > 0){
1206
ssret = (ssize_t)TEMP_FAILURE_RETRY(read(flags_fd, flagstring,
1207
(size_t)to_read));
1208
if(ssret == -1){
1209
perror_plus("read");
1210
free(flagstring);
1211
close(flags_fd);
1212
return 0;
1213
}
1214
to_read -= ssret;
1215
if(ssret == 0){
1216
break;
1217
}
1218
}
1219
close(flags_fd);
1220
intmax_t tmpmax;
1221
char *tmp;
1222
errno = 0;
1223
tmpmax = strtoimax(flagstring, &tmp, 0);
1224
if(errno != 0 or tmp == flagstring or (*tmp != '\0'
1225
and not (isspace(*tmp)))
1226
or tmpmax != (ifreq_flags)tmpmax){
1227
if(debug){
1228
fprintf(stderr, "Invalid flags \"%s\" for interface \"%s\"\n",
1229
flagstring, if_entry->d_name);
1230
}
1231
free(flagstring);
1232
return 0;
1233
}
1234
free(flagstring);
1235
ifreq_flags flags = (ifreq_flags)tmpmax;
1236
/* Reject the loopback device */
1237
if(flags & IFF_LOOPBACK){
1238
if(debug){
1239
fprintf(stderr, "Rejecting loopback interface \"%s\"\n",
1240
if_entry->d_name);
1241
}
1242
return 0;
1243
}
1244
1245
/* Reject down interfaces */
1246
if(not (flags & IFF_UP)){
1247
return 0;
1248
}
1249
1250
/* Accept point-to-point devices only if connect_to is specified */
1251
if(connect_to != NULL and (flags & IFF_POINTOPOINT)){
1252
if(debug){
1253
fprintf(stderr, "Accepting point-to-point interface \"%s\"\n",
1254
if_entry->d_name);
1255
}
1256
return 1;
1257
}
1258
/* Otherwise, reject non-broadcast-capable devices */
1259
if(not (flags & IFF_BROADCAST)){
1260
if(debug){
1261
fprintf(stderr, "Rejecting non-broadcast interface \"%s\"\n",
1262
if_entry->d_name);
1263
}
1264
return 0;
1265
}
1266
/* Reject non-ARP interfaces (including dummy interfaces) */
1267
if(flags & IFF_NOARP){
1268
if(debug){
1269
fprintf(stderr, "Rejecting non-ARP interface \"%s\"\n",
1270
if_entry->d_name);
1271
}
1272
return 0;
1273
}
1274
/* Accept this device */
1275
if(debug){
1276
fprintf(stderr, "Interface \"%s\" is acceptable\n",
1277
if_entry->d_name);
1278
}
1279
return 1;
1280
}
1281
1282
int notdotentries(const struct dirent *direntry){
1283
/* Skip "." and ".." */
1284
if(direntry->d_name[0] == '.'
1285
and (direntry->d_name[1] == '\0'
1286
or (direntry->d_name[1] == '.'
1287
and direntry->d_name[2] == '\0'))){
1288
return 0;
1289
}
1290
return 1;
1291
}
1292
1293
/* Is this directory entry a runnable program? */
1294
int runnable_hook(const struct dirent *direntry){
1295
int ret;
1296
struct stat st;
1297
1298
if((direntry->d_name)[0] == '\0'){
1299
/* Empty name? */
1300
return 0;
1301
}
1302
1303
/* Save pointer to last character */
1304
char *end = strchr(direntry->d_name, '\0')-1;
1305
1306
if(*end == '~'){
1307
/* Backup name~ */
1308
return 0;
1309
}
1310
1311
if(((direntry->d_name)[0] == '#')
1312
and (*end == '#')){
1313
/* Temporary #name# */
1314
return 0;
1315
}
1316
1317
/* XXX more rules here */
1318
1319
ret = stat(direntry->d_name, &st);
1320
if(ret == -1){
1321
if(debug){
1322
perror_plus("Could not stat plugin");
1323
}
1324
return 0;
1325
}
1326
if(not (st.st_mode & S_ISREG)){
1327
/* Not a regular file */
1328
return 0;
1329
}
1330
if(not (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))){
1331
/* Not executable */
1332
return 0;
1333
}
1334
return 1;
1335
}
1336
1337
int avahi_loop_with_timeout(AvahiSimplePoll *s, int retry_interval){
1338
int ret;
1339
struct timespec now;
1340
struct timespec waited_time;
1341
intmax_t block_time;
1342
1343
while(true){
1344
if(mc.current_server == NULL){
1345
if (debug){
1346
fprintf(stderr,
1347
"Wait until first server is found. No timeout!\n");
1348
}
1349
ret = avahi_simple_poll_iterate(s, -1);
1350
} else {
1351
if (debug){
1352
fprintf(stderr, "Check current_server if we should run it,"
1353
" or wait\n");
1354
}
1355
/* the current time */
1356
ret = clock_gettime(CLOCK_MONOTONIC, &now);
1357
if(ret == -1){
1358
perror_plus("clock_gettime");
1359
return -1;
1360
}
1361
/* Calculating in ms how long time between now and server
1362
who we visted longest time ago. Now - last seen. */
1363
waited_time.tv_sec = (now.tv_sec
1364
- mc.current_server->last_seen.tv_sec);
1365
waited_time.tv_nsec = (now.tv_nsec
1366
- mc.current_server->last_seen.tv_nsec);
1367
/* total time is 10s/10,000ms.
1368
Converting to s from ms by dividing by 1,000,
1369
and ns to ms by dividing by 1,000,000. */
1370
block_time = ((retry_interval
1371
- ((intmax_t)waited_time.tv_sec * 1000))
1372
- ((intmax_t)waited_time.tv_nsec / 1000000));
1373
1374
if (debug){
1375
fprintf(stderr, "Blocking for %" PRIdMAX " ms\n", block_time);
1376
}
1377
1378
if(block_time <= 0){
1379
ret = start_mandos_communication(mc.current_server->ip,
1380
mc.current_server->port,
1381
mc.current_server->if_index,
1382
mc.current_server->af);
1383
if(ret == 0){
1384
avahi_simple_poll_quit(mc.simple_poll);
1385
return 0;
1386
}
1387
ret = clock_gettime(CLOCK_MONOTONIC,
1388
&mc.current_server->last_seen);
1389
if(ret == -1){
1390
perror_plus("clock_gettime");
1391
return -1;
1392
}
1393
mc.current_server = mc.current_server->next;
1394
block_time = 0; /* Call avahi to find new Mandos
1395
servers, but don't block */
1396
}
1397
1398
ret = avahi_simple_poll_iterate(s, (int)block_time);
1399
}
1400
if(ret != 0){
1401
if (ret > 0 or errno != EINTR) {
1402
return (ret != 1) ? ret : 0;
1403
}
1404
}
1405
}
1406
}
1407
1408
int main(int argc, char *argv[]){
1409
AvahiSServiceBrowser *sb = NULL;
1410
int error;
1411
int ret;
1412
intmax_t tmpmax;
1413
char *tmp;
1414
int exitcode = EXIT_SUCCESS;
1415
const char *interface = "";
1416
struct ifreq network;
1417
int sd = -1;
1418
bool take_down_interface = false;
1419
uid_t uid;
1420
gid_t gid;
1421
char tempdir[] = "/tmp/mandosXXXXXX";
1422
bool tempdir_created = false;
1423
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
1424
const char *seckey = PATHDIR "/" SECKEY;
1425
const char *pubkey = PATHDIR "/" PUBKEY;
1426
1427
bool gnutls_initialized = false;
1428
bool gpgme_initialized = false;
1429
float delay = 2.5f;
1430
double retry_interval = 10; /* 10s between trying a server and
1431
retrying the same server again */
1432
1433
struct sigaction old_sigterm_action = { .sa_handler = SIG_DFL };
1434
struct sigaction sigterm_action = { .sa_handler = handle_sigterm };
1435
1436
uid = getuid();
1437
gid = getgid();
1438
1439
/* Lower any group privileges we might have, just to be safe */
1440
errno = 0;
1441
ret = setgid(gid);
1442
if(ret == -1){
1443
perror_plus("setgid");
1444
}
1445
1446
/* Lower user privileges (temporarily) */
1447
errno = 0;
1448
ret = seteuid(uid);
1449
if(ret == -1){
1450
perror_plus("seteuid");
1451
}
1452
1453
if(quit_now){
1454
goto end;
1455
}
1456
1457
{
1458
struct argp_option options[] = {
1459
{ .name = "debug", .key = 128,
1460
.doc = "Debug mode", .group = 3 },
1461
{ .name = "connect", .key = 'c',
1462
.arg = "ADDRESS:PORT",
1463
.doc = "Connect directly to a specific Mandos server",
1464
.group = 1 },
1465
{ .name = "interface", .key = 'i',
1466
.arg = "NAME",
1467
.doc = "Network interface that will be used to search for"
1468
" Mandos servers",
1469
.group = 1 },
1470
{ .name = "seckey", .key = 's',
1471
.arg = "FILE",
1472
.doc = "OpenPGP secret key file base name",
1473
.group = 1 },
1474
{ .name = "pubkey", .key = 'p',
1475
.arg = "FILE",
1476
.doc = "OpenPGP public key file base name",
1477
.group = 2 },
1478
{ .name = "dh-bits", .key = 129,
1479
.arg = "BITS",
1480
.doc = "Bit length of the prime number used in the"
1481
" Diffie-Hellman key exchange",
1482
.group = 2 },
1483
{ .name = "priority", .key = 130,
1484
.arg = "STRING",
1485
.doc = "GnuTLS priority string for the TLS handshake",
1486
.group = 1 },
1487
{ .name = "delay", .key = 131,
1488
.arg = "SECONDS",
1489
.doc = "Maximum delay to wait for interface startup",
1490
.group = 2 },
1491
{ .name = "retry", .key = 132,
1492
.arg = "SECONDS",
1493
.doc = "Retry interval used when denied by the mandos server",
1494
.group = 2 },
1495
/*
1496
* These reproduce what we would get without ARGP_NO_HELP
1497
*/
1498
{ .name = "help", .key = '?',
1499
.doc = "Give this help list", .group = -1 },
1500
{ .name = "usage", .key = -3,
1501
.doc = "Give a short usage message", .group = -1 },
1502
{ .name = "version", .key = 'V',
1503
.doc = "Print program version", .group = -1 },
1504
{ .name = NULL }
1505
};
1506
1507
error_t parse_opt(int key, char *arg,
1508
struct argp_state *state){
1509
errno = 0;
1510
switch(key){
1511
case 128: /* --debug */
1512
debug = true;
1513
break;
1514
case 'c': /* --connect */
1515
connect_to = arg;
1516
break;
1517
case 'i': /* --interface */
1518
interface = arg;
1519
break;
1520
case 's': /* --seckey */
1521
seckey = arg;
1522
break;
1523
case 'p': /* --pubkey */
1524
pubkey = arg;
1525
break;
1526
case 129: /* --dh-bits */
1527
errno = 0;
1528
tmpmax = strtoimax(arg, &tmp, 10);
1529
if(errno != 0 or tmp == arg or *tmp != '\0'
1530
or tmpmax != (typeof(mc.dh_bits))tmpmax){
1531
argp_error(state, "Bad number of DH bits");
1532
}
1533
mc.dh_bits = (typeof(mc.dh_bits))tmpmax;
1534
break;
1535
case 130: /* --priority */
1536
mc.priority = arg;
1537
break;
1538
case 131: /* --delay */
1539
errno = 0;
1540
delay = strtof(arg, &tmp);
1541
if(errno != 0 or tmp == arg or *tmp != '\0'){
1542
argp_error(state, "Bad delay");
1543
}
1544
case 132: /* --retry */
1545
errno = 0;
1546
retry_interval = strtod(arg, &tmp);
1547
if(errno != 0 or tmp == arg or *tmp != '\0'
1548
or (retry_interval * 1000) > INT_MAX
1549
or retry_interval < 0){
1550
argp_error(state, "Bad retry interval");
1551
}
1552
break;
1553
/*
1554
* These reproduce what we would get without ARGP_NO_HELP
1555
*/
1556
case '?': /* --help */
1557
argp_state_help(state, state->out_stream,
1558
(ARGP_HELP_STD_HELP | ARGP_HELP_EXIT_ERR)
1559
& ~(unsigned int)ARGP_HELP_EXIT_OK);
1560
case -3: /* --usage */
1561
argp_state_help(state, state->out_stream,
1562
ARGP_HELP_USAGE | ARGP_HELP_EXIT_ERR);
1563
case 'V': /* --version */
1564
fprintf(state->out_stream, "%s\n", argp_program_version);
1565
exit(argp_err_exit_status);
1566
break;
1567
default:
1568
return ARGP_ERR_UNKNOWN;
1569
}
1570
return errno;
1571
}
1572
1573
struct argp argp = { .options = options, .parser = parse_opt,
1574
.args_doc = "",
1575
.doc = "Mandos client -- Get and decrypt"
1576
" passwords from a Mandos server" };
1577
ret = argp_parse(&argp, argc, argv,
1578
ARGP_IN_ORDER | ARGP_NO_HELP, 0, NULL);
1579
switch(ret){
1580
case 0:
1581
break;
1582
case ENOMEM:
1583
default:
1584
errno = ret;
1585
perror_plus("argp_parse");
1586
exitcode = EX_OSERR;
1587
goto end;
1588
case EINVAL:
1589
exitcode = EX_USAGE;
1590
goto end;
1591
}
1592
}
1593
1594
{
1595
/* Work around Debian bug #633582:
1596
<http://bugs.debian.org/633582> */
1597
struct stat st;
1598
1599
/* Re-raise priviliges */
1600
errno = 0;
1601
ret = seteuid(0);
1602
if(ret == -1){
1603
perror_plus("seteuid");
1604
}
1605
1606
if(strcmp(seckey, PATHDIR "/" SECKEY) == 0){
1607
int seckey_fd = open(seckey, O_RDONLY);
1608
if(seckey_fd == -1){
1609
perror_plus("open");
1610
} else {
1611
ret = (int)TEMP_FAILURE_RETRY(fstat(seckey_fd, &st));
1612
if(ret == -1){
1613
perror_plus("fstat");
1614
} else {
1615
if(S_ISREG(st.st_mode) and st.st_uid == 0 and st.st_gid == 0){
1616
ret = fchown(seckey_fd, uid, gid);
1617
if(ret == -1){
1618
perror_plus("fchown");
1619
}
1620
}
1621
}
1622
TEMP_FAILURE_RETRY(close(seckey_fd));
1623
}
1624
}
1625
1626
if(strcmp(pubkey, PATHDIR "/" PUBKEY) == 0){
1627
int pubkey_fd = open(pubkey, O_RDONLY);
1628
if(pubkey_fd == -1){
1629
perror_plus("open");
1630
} else {
1631
ret = (int)TEMP_FAILURE_RETRY(fstat(pubkey_fd, &st));
1632
if(ret == -1){
1633
perror_plus("fstat");
1634
} else {
1635
if(S_ISREG(st.st_mode) and st.st_uid == 0 and st.st_gid == 0){
1636
ret = fchown(pubkey_fd, uid, gid);
1637
if(ret == -1){
1638
perror_plus("fchown");
1639
}
1640
}
1641
}
1642
TEMP_FAILURE_RETRY(close(pubkey_fd));
1643
}
1644
}
1645
1646
/* Lower privileges */
1647
errno = 0;
1648
ret = seteuid(uid);
1649
if(ret == -1){
1650
perror_plus("seteuid");
1651
}
1652
}
1653
1654
/* Find network hooks and run them */
1655
{
1656
struct dirent **direntries;
1657
struct dirent *direntry;
1658
int numhooks = scandir(HOOKDIR, &direntries, runnable_hook,
1659
alphasort);
1660
int devnull = open("/dev/null", O_RDONLY);
1661
for(int i = 0; i < numhooks; i++){
1662
direntry = direntries[0];
1663
char *fullname = NULL;
1664
ret = asprintf(&fullname, "%s/%s", tempdir,
1665
direntry->d_name);
1666
if(ret < 0){
1667
perror_plus("asprintf");
1668
continue;
1669
}
1670
pid_t hook_pid = fork();
1671
if(hook_pid == 0){
1672
/* Child */
1673
dup2(devnull, STDIN_FILENO);
1674
close(devnull);
1675
dup2(STDERR_FILENO, STDOUT_FILENO);
1676
setenv("DEVICE", interface, 1);
1677
setenv("VERBOSE", debug ? "1" : "0", 1);
1678
setenv("MODE", "start", 1);
1679
/* setenv( XXX more here */
1680
ret = execl(fullname, direntry->d_name, "start");
1681
perror_plus("execl");
1682
}
1683
free(fullname);
1684
if(quit_now){
1685
goto end;
1686
}
1687
}
1688
close(devnull);
1689
}
1690
1691
if(not debug){
1692
avahi_set_log_function(empty_log);
1693
}
1694
1695
if(interface[0] == '\0'){
1696
struct dirent **direntries;
1697
ret = scandir(sys_class_net, &direntries, good_interface,
1698
alphasort);
1699
if(ret >= 1){
1700
/* Pick the first good interface */
1701
interface = strdup(direntries[0]->d_name);
1702
if(debug){
1703
fprintf(stderr, "Using interface \"%s\"\n", interface);
1704
}
1705
if(interface == NULL){
1706
perror_plus("malloc");
1707
free(direntries);
1708
exitcode = EXIT_FAILURE;
1709
goto end;
1710
}
1711
free(direntries);
1712
} else {
1713
free(direntries);
1714
fprintf(stderr, "Could not find a network interface\n");
1715
exitcode = EXIT_FAILURE;
1716
goto end;
1717
}
1718
}
1719
1720
/* Initialize Avahi early so avahi_simple_poll_quit() can be called
1721
from the signal handler */
1722
/* Initialize the pseudo-RNG for Avahi */
1723
srand((unsigned int) time(NULL));
1724
mc.simple_poll = avahi_simple_poll_new();
1725
if(mc.simple_poll == NULL){
1726
fprintf(stderr, "Avahi: Failed to create simple poll object.\n");
1727
exitcode = EX_UNAVAILABLE;
1728
goto end;
1729
}
1730
1731
sigemptyset(&sigterm_action.sa_mask);
1732
ret = sigaddset(&sigterm_action.sa_mask, SIGINT);
1733
if(ret == -1){
1734
perror_plus("sigaddset");
1735
exitcode = EX_OSERR;
1736
goto end;
1737
}
1738
ret = sigaddset(&sigterm_action.sa_mask, SIGHUP);
1739
if(ret == -1){
1740
perror_plus("sigaddset");
1741
exitcode = EX_OSERR;
1742
goto end;
1743
}
1744
ret = sigaddset(&sigterm_action.sa_mask, SIGTERM);
1745
if(ret == -1){
1746
perror_plus("sigaddset");
1747
exitcode = EX_OSERR;
1748
goto end;
1749
}
1750
/* Need to check if the handler is SIG_IGN before handling:
1751
| [[info:libc:Initial Signal Actions]] |
1752
| [[info:libc:Basic Signal Handling]] |
1753
*/
1754
ret = sigaction(SIGINT, NULL, &old_sigterm_action);
1755
if(ret == -1){
1756
perror_plus("sigaction");
1757
return EX_OSERR;
1758
}
1759
if(old_sigterm_action.sa_handler != SIG_IGN){
1760
ret = sigaction(SIGINT, &sigterm_action, NULL);
1761
if(ret == -1){
1762
perror_plus("sigaction");
1763
exitcode = EX_OSERR;
1764
goto end;
1765
}
1766
}
1767
ret = sigaction(SIGHUP, NULL, &old_sigterm_action);
1768
if(ret == -1){
1769
perror_plus("sigaction");
1770
return EX_OSERR;
1771
}
1772
if(old_sigterm_action.sa_handler != SIG_IGN){
1773
ret = sigaction(SIGHUP, &sigterm_action, NULL);
1774
if(ret == -1){
1775
perror_plus("sigaction");
1776
exitcode = EX_OSERR;
1777
goto end;
1778
}
1779
}
1780
ret = sigaction(SIGTERM, NULL, &old_sigterm_action);
1781
if(ret == -1){
1782
perror_plus("sigaction");
1783
return EX_OSERR;
1784
}
1785
if(old_sigterm_action.sa_handler != SIG_IGN){
1786
ret = sigaction(SIGTERM, &sigterm_action, NULL);
1787
if(ret == -1){
1788
perror_plus("sigaction");
1789
exitcode = EX_OSERR;
1790
goto end;
1791
}
1792
}
1793
1794
/* If the interface is down, bring it up */
1795
if(strcmp(interface, "none") != 0){
1796
if_index = (AvahiIfIndex) if_nametoindex(interface);
1797
if(if_index == 0){
1798
fprintf(stderr, "No such interface: \"%s\"\n", interface);
1799
exitcode = EX_UNAVAILABLE;
1800
goto end;
1801
}
1802
1803
if(quit_now){
1804
goto end;
1805
}
1806
1807
/* Re-raise priviliges */
1808
errno = 0;
1809
ret = seteuid(0);
1810
if(ret == -1){
1811
perror_plus("seteuid");
1812
}
1813
1814
#ifdef __linux__
1815
/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO
1816
messages about the network interface to mess up the prompt */
1817
ret = klogctl(8, NULL, 5);
1818
bool restore_loglevel = true;
1819
if(ret == -1){
1820
restore_loglevel = false;
1821
perror_plus("klogctl");
1822
}
1823
#endif /* __linux__ */
1824
1825
sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1826
if(sd < 0){
1827
perror_plus("socket");
1828
exitcode = EX_OSERR;
1829
#ifdef __linux__
1830
if(restore_loglevel){
1831
ret = klogctl(7, NULL, 0);
1832
if(ret == -1){
1833
perror_plus("klogctl");
1834
}
1835
}
1836
#endif /* __linux__ */
1837
/* Lower privileges */
1838
errno = 0;
1839
ret = seteuid(uid);
1840
if(ret == -1){
1841
perror_plus("seteuid");
1842
}
1843
goto end;
1844
}
1845
strcpy(network.ifr_name, interface);
1846
ret = ioctl(sd, SIOCGIFFLAGS, &network);
1847
if(ret == -1){
1848
perror_plus("ioctl SIOCGIFFLAGS");
1849
#ifdef __linux__
1850
if(restore_loglevel){
1851
ret = klogctl(7, NULL, 0);
1852
if(ret == -1){
1853
perror_plus("klogctl");
1854
}
1855
}
1856
#endif /* __linux__ */
1857
exitcode = EX_OSERR;
1858
/* Lower privileges */
1859
errno = 0;
1860
ret = seteuid(uid);
1861
if(ret == -1){
1862
perror_plus("seteuid");
1863
}
1864
goto end;
1865
}
1866
if((network.ifr_flags & IFF_UP) == 0){
1867
network.ifr_flags |= IFF_UP;
1868
take_down_interface = true;
1869
ret = ioctl(sd, SIOCSIFFLAGS, &network);
1870
if(ret == -1){
1871
take_down_interface = false;
1872
perror_plus("ioctl SIOCSIFFLAGS +IFF_UP");
1873
exitcode = EX_OSERR;
1874
#ifdef __linux__
1875
if(restore_loglevel){
1876
ret = klogctl(7, NULL, 0);
1877
if(ret == -1){
1878
perror_plus("klogctl");
1879
}
1880
}
1881
#endif /* __linux__ */
1882
/* Lower privileges */
1883
errno = 0;
1884
ret = seteuid(uid);
1885
if(ret == -1){
1886
perror_plus("seteuid");
1887
}
1888
goto end;
1889
}
1890
}
1891
/* Sleep checking until interface is running.
1892
Check every 0.25s, up to total time of delay */
1893
for(int i=0; i < delay * 4; i++){
1894
ret = ioctl(sd, SIOCGIFFLAGS, &network);
1895
if(ret == -1){
1896
perror_plus("ioctl SIOCGIFFLAGS");
1897
} else if(network.ifr_flags & IFF_RUNNING){
1898
break;
1899
}
1900
struct timespec sleeptime = { .tv_nsec = 250000000 };
1901
ret = nanosleep(&sleeptime, NULL);
1902
if(ret == -1 and errno != EINTR){
1903
perror_plus("nanosleep");
1904
}
1905
}
1906
if(not take_down_interface){
1907
/* We won't need the socket anymore */
1908
ret = (int)TEMP_FAILURE_RETRY(close(sd));
1909
if(ret == -1){
1910
perror_plus("close");
1911
}
1912
}
1913
#ifdef __linux__
1914
if(restore_loglevel){
1915
/* Restores kernel loglevel to default */
1916
ret = klogctl(7, NULL, 0);
1917
if(ret == -1){
1918
perror_plus("klogctl");
1919
}
1920
}
1921
#endif /* __linux__ */
1922
/* Lower privileges */
1923
errno = 0;
1924
if(take_down_interface){
1925
/* Lower privileges */
1926
ret = seteuid(uid);
1927
if(ret == -1){
1928
perror_plus("seteuid");
1929
}
1930
} else {
1931
/* Lower privileges permanently */
1932
ret = setuid(uid);
1933
if(ret == -1){
1934
perror_plus("setuid");
1935
}
1936
}
1937
}
1938
1939
if(quit_now){
1940
goto end;
1941
}
1942
1943
ret = init_gnutls_global(pubkey, seckey);
1944
if(ret == -1){
1945
fprintf(stderr, "init_gnutls_global failed\n");
1946
exitcode = EX_UNAVAILABLE;
1947
goto end;
1948
} else {
1949
gnutls_initialized = true;
1950
}
1951
1952
if(quit_now){
1953
goto end;
1954
}
1955
1956
if(mkdtemp(tempdir) == NULL){
1957
perror_plus("mkdtemp");
1958
goto end;
1959
}
1960
tempdir_created = true;
1961
1962
if(quit_now){
1963
goto end;
1964
}
1965
1966
if(not init_gpgme(pubkey, seckey, tempdir)){
1967
fprintf(stderr, "init_gpgme failed\n");
1968
exitcode = EX_UNAVAILABLE;
1969
goto end;
1970
} else {
1971
gpgme_initialized = true;
1972
}
1973
1974
if(quit_now){
1975
goto end;
1976
}
1977
1978
if(connect_to != NULL){
1979
/* Connect directly, do not use Zeroconf */
1980
/* (Mainly meant for debugging) */
1981
char *address = strrchr(connect_to, ':');
1982
if(address == NULL){
1983
fprintf(stderr, "No colon in address\n");
1984
exitcode = EX_USAGE;
1985
goto end;
1986
}
1987
1988
if(quit_now){
1989
goto end;
1990
}
1991
1992
uint16_t port;
1993
errno = 0;
1994
tmpmax = strtoimax(address+1, &tmp, 10);
1995
if(errno != 0 or tmp == address+1 or *tmp != '\0'
1996
or tmpmax != (uint16_t)tmpmax){
1997
fprintf(stderr, "Bad port number\n");
1998
exitcode = EX_USAGE;
1999
goto end;
2000
}
2001
2002
if(quit_now){
2003
goto end;
2004
}
2005
2006
port = (uint16_t)tmpmax;
2007
*address = '\0';
2008
/* Colon in address indicates IPv6 */
2009
int af;
2010
if(strchr(connect_to, ':') != NULL){
2011
af = AF_INET6;
2012
/* Accept [] around IPv6 address - see RFC 5952 */
2013
if(connect_to[0] == '[' and address[-1] == ']')
2014
{
2015
connect_to++;
2016
address[-1] = '\0';
2017
}
2018
} else {
2019
af = AF_INET;
2020
}
2021
address = connect_to;
2022
2023
if(quit_now){
2024
goto end;
2025
}
2026
2027
while(not quit_now){
2028
ret = start_mandos_communication(address, port, if_index, af);
2029
if(quit_now or ret == 0){
2030
break;
2031
}
2032
if(debug){
2033
fprintf(stderr, "Retrying in %d seconds\n",
2034
(int)retry_interval);
2035
}
2036
sleep((int)retry_interval);
2037
}
2038
2039
if (not quit_now){
2040
exitcode = EXIT_SUCCESS;
2041
}
2042
2043
goto end;
2044
}
2045
2046
if(quit_now){
2047
goto end;
2048
}
2049
2050
{
559
2051
AvahiServerConfig config;
560
AvahiSServiceBrowser *sb = NULL;
561
int error;
562
int ret;
563
int returncode = EXIT_SUCCESS;
564
565
while (true){
566
static struct option long_options[] = {
567
{"debug", no_argument, (int *)&debug, 1},
568
{"interface", required_argument, 0, 'i'},
569
{0, 0, 0, 0} };
570
571
int option_index = 0;
572
ret = getopt_long (argc, argv, "i:", long_options, &option_index);
573
574
if (ret == -1){
575
break;
576
}
577
578
switch(ret){
579
case 0:
580
break;
581
case 'i':
582
interface = optarg;
583
break;
584
default:
585
exit(EXIT_FAILURE);
586
}
587
}
588
589
if (not debug){
590
avahi_set_log_function(empty_log);
591
}
592
593
/* Initialize the psuedo-RNG */
594
srand(time(NULL));
595
596
/* Allocate main loop object */
597
if (!(simple_poll = avahi_simple_poll_new())) {
598
fprintf(stderr, "Failed to create simple poll object.\n");
599
600
goto exit;
601
}
602
603
/* Do not publish any local records */
2052
/* Do not publish any local Zeroconf records */
604
2053
avahi_server_config_init(&config);
605
2054
config.publish_hinfo = 0;
606
2055
config.publish_addresses = 0;
607
2056
config.publish_workstation = 0;
608
2057
config.publish_domain = 0;
609
2058
610
2059
/* Allocate a new server */
611
server = avahi_server_new(avahi_simple_poll_get(simple_poll), &config, NULL, NULL, &error);
612
613
/* Free the configuration data */
2060
mc.server = avahi_server_new(avahi_simple_poll_get
2061
(mc.simple_poll), &config, NULL,
2062
NULL, &error);
2063
2064
/* Free the Avahi configuration data */
614
2065
avahi_server_config_free(&config);
615
616
/* Check if creating the server object succeeded */
617
if (!server) {
618
fprintf(stderr, "Failed to create server: %s\n", avahi_strerror(error));
619
returncode = EXIT_FAILURE;
620
goto exit;
621
}
622
623
/* Create the service browser */
624
if (!(sb = avahi_s_service_browser_new(server, if_nametoindex("eth0"), AVAHI_PROTO_INET6, "_mandos._tcp", NULL, 0, browse_callback, server))) {
625
fprintf(stderr, "Failed to create service browser: %s\n", avahi_strerror(avahi_server_errno(server)));
626
returncode = EXIT_FAILURE;
627
goto exit;
628
}
629
630
/* Run the main loop */
631
632
if (debug){
633
fprintf(stderr, "Starting avahi loop search\n");
634
}
635
636
avahi_simple_poll_loop(simple_poll);
637
638
exit:
639
640
if (debug){
641
fprintf(stderr, "%s exiting\n", argv[0]);
642
}
643
644
/* Cleanup things */
645
if (sb)
646
avahi_s_service_browser_free(sb);
647
648
if (server)
649
avahi_server_free(server);
650
651
if (simple_poll)
652
avahi_simple_poll_free(simple_poll);
653
654
return returncode;
2066
}
2067
2068
/* Check if creating the Avahi server object succeeded */
2069
if(mc.server == NULL){
2070
fprintf(stderr, "Failed to create Avahi server: %s\n",
2071
avahi_strerror(error));
2072
exitcode = EX_UNAVAILABLE;
2073
goto end;
2074
}
2075
2076
if(quit_now){
2077
goto end;
2078
}
2079
2080
/* Create the Avahi service browser */
2081
sb = avahi_s_service_browser_new(mc.server, if_index,
2082
AVAHI_PROTO_UNSPEC, "_mandos._tcp",
2083
NULL, 0, browse_callback, NULL);
2084
if(sb == NULL){
2085
fprintf(stderr, "Failed to create service browser: %s\n",
2086
avahi_strerror(avahi_server_errno(mc.server)));
2087
exitcode = EX_UNAVAILABLE;
2088
goto end;
2089
}
2090
2091
if(quit_now){
2092
goto end;
2093
}
2094
2095
/* Run the main loop */
2096
2097
if(debug){
2098
fprintf(stderr, "Starting Avahi loop search\n");
2099
}
2100
2101
ret = avahi_loop_with_timeout(mc.simple_poll,
2102
(int)(retry_interval * 1000));
2103
if(debug){
2104
fprintf(stderr, "avahi_loop_with_timeout exited %s\n",
2105
(ret == 0) ? "successfully" : "with error");
2106
}
2107
2108
end:
2109
2110
if(debug){
2111
fprintf(stderr, "%s exiting\n", argv[0]);
2112
}
2113
2114
/* Cleanup things */
2115
if(sb != NULL)
2116
avahi_s_service_browser_free(sb);
2117
2118
if(mc.server != NULL)
2119
avahi_server_free(mc.server);
2120
2121
if(mc.simple_poll != NULL)
2122
avahi_simple_poll_free(mc.simple_poll);
2123
2124
if(gnutls_initialized){
2125
gnutls_certificate_free_credentials(mc.cred);
2126
gnutls_global_deinit();
2127
gnutls_dh_params_deinit(mc.dh_params);
2128
}
2129
2130
if(gpgme_initialized){
2131
gpgme_release(mc.ctx);
2132
}
2133
2134
/* Cleans up the circular linked list of Mandos servers the client
2135
has seen */
2136
if(mc.current_server != NULL){
2137
mc.current_server->prev->next = NULL;
2138
while(mc.current_server != NULL){
2139
server *next = mc.current_server->next;
2140
free(mc.current_server);
2141
mc.current_server = next;
2142
}
2143
}
2144
2145
/* XXX run network hooks "stop" here */
2146
2147
/* Take down the network interface */
2148
if(take_down_interface){
2149
/* Re-raise priviliges */
2150
errno = 0;
2151
ret = seteuid(0);
2152
if(ret == -1){
2153
perror_plus("seteuid");
2154
}
2155
if(geteuid() == 0){
2156
ret = ioctl(sd, SIOCGIFFLAGS, &network);
2157
if(ret == -1){
2158
perror_plus("ioctl SIOCGIFFLAGS");
2159
} else if(network.ifr_flags & IFF_UP) {
2160
network.ifr_flags &= ~(short)IFF_UP; /* clear flag */
2161
ret = ioctl(sd, SIOCSIFFLAGS, &network);
2162
if(ret == -1){
2163
perror_plus("ioctl SIOCSIFFLAGS -IFF_UP");
2164
}
2165
}
2166
ret = (int)TEMP_FAILURE_RETRY(close(sd));
2167
if(ret == -1){
2168
perror_plus("close");
2169
}
2170
/* Lower privileges permanently */
2171
errno = 0;
2172
ret = setuid(uid);
2173
if(ret == -1){
2174
perror_plus("setuid");
2175
}
2176
}
2177
}
2178
2179
/* Removes the GPGME temp directory and all files inside */
2180
if(tempdir_created){
2181
struct dirent **direntries = NULL;
2182
struct dirent *direntry = NULL;
2183
int numentries = scandir(tempdir, &direntries, notdotentries,
2184
alphasort);
2185
if (numentries > 0){
2186
for(int i = 0; i < numentries; i++){
2187
direntry = direntries[i];
2188
char *fullname = NULL;
2189
ret = asprintf(&fullname, "%s/%s", tempdir,
2190
direntry->d_name);
2191
if(ret < 0){
2192
perror_plus("asprintf");
2193
continue;
2194
}
2195
ret = remove(fullname);
2196
if(ret == -1){
2197
fprintf(stderr, "remove(\"%s\"): %s\n", fullname,
2198
strerror(errno));
2199
}
2200
free(fullname);
2201
}
2202
}
2203
2204
/* need to clean even if 0 because man page doesn't specify */
2205
free(direntries);
2206
if (numentries == -1){
2207
perror_plus("scandir");
2208
}
2209
ret = rmdir(tempdir);
2210
if(ret == -1 and errno != ENOENT){
2211
perror_plus("rmdir");
2212
}
2213
}
2214
2215
if(quit_now){
2216
sigemptyset(&old_sigterm_action.sa_mask);
2217
old_sigterm_action.sa_handler = SIG_DFL;
2218
ret = (int)TEMP_FAILURE_RETRY(sigaction(signal_received,
2219
&old_sigterm_action,
2220
NULL));
2221
if(ret == -1){
2222
perror_plus("sigaction");
2223
}
2224
do {
2225
ret = raise(signal_received);
2226
} while(ret != 0 and errno == EINTR);
2227
if(ret != 0){
2228
perror_plus("raise");
2229
abort();
2230
}
2231
TEMP_FAILURE_RETRY(pause());
2232
}
2233
2234
return exitcode;
655
2235
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0