To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/mandos-client.c
- browse files at revision 641
- compare with another revision
- download diff
- download tarball
- view history from revision 641
- Committer: Teddy Hogeborn
- Date: 2013-10-28 10:04:05 UTC
- Revision ID: teddy@recompile.se-20131028100405-u6miovq7y39m69x7
Doc fix: Refer to architecture libdir.
* debian/mandos-client.README.Debian: Refer to architecture libdir.
* debian/mandos-client.README.Debian: Refer to architecture libdir.
- files added:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- network-hooks.d
- plugins.d
- files removed:
- bad-ca.pem
- files modified:
- Makefile
added
removed
plugins.d/mandos-client.c
1
/* -*- coding: utf-8 -*- */
2
/*
3
* Mandos-client - get and decrypt data from a Mandos server
4
*
5
* This program is partly derived from an example program for an Avahi
6
* service browser, downloaded from
7
* <http://avahi.org/browser/examples/core-browse-services.c>. This
8
* includes the following functions: "resolve_callback",
9
* "browse_callback", and parts of "main".
10
*
11
* Everything else is
12
* Copyright © 2008-2013 Teddy Hogeborn
13
* Copyright © 2008-2013 Björn Påhlsson
14
*
15
* This program is free software: you can redistribute it and/or
16
* modify it under the terms of the GNU General Public License as
17
* published by the Free Software Foundation, either version 3 of the
18
* License, or (at your option) any later version.
19
*
20
* This program is distributed in the hope that it will be useful, but
21
* WITHOUT ANY WARRANTY; without even the implied warranty of
22
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
23
* General Public License for more details.
24
*
25
* You should have received a copy of the GNU General Public License
26
* along with this program. If not, see
27
* <http://www.gnu.org/licenses/>.
28
*
29
* Contact the authors at <mandos@recompile.se>.
30
*/
31
32
/* Needed by GPGME, specifically gpgme_data_seek() */
33
#ifndef _LARGEFILE_SOURCE
34
#define _LARGEFILE_SOURCE
35
#endif
36
#ifndef _FILE_OFFSET_BITS
37
#define _FILE_OFFSET_BITS 64
38
#endif
39
40
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */
41
42
#include <stdio.h> /* fprintf(), stderr, fwrite(),
43
stdout, ferror(), remove() */
44
#include <stdint.h> /* uint16_t, uint32_t, intptr_t */
45
#include <stddef.h> /* NULL, size_t, ssize_t */
46
#include <stdlib.h> /* free(), EXIT_SUCCESS, srand(),
47
strtof(), abort() */
48
#include <stdbool.h> /* bool, false, true */
49
#include <string.h> /* memset(), strcmp(), strlen(),
50
strerror(), asprintf(), strcpy() */
51
#include <sys/ioctl.h> /* ioctl */
52
#include <sys/types.h> /* socket(), inet_pton(), sockaddr,
53
sockaddr_in6, PF_INET6,
54
SOCK_STREAM, uid_t, gid_t, open(),
55
opendir(), DIR */
56
#include <sys/stat.h> /* open(), S_ISREG */
57
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
58
inet_pton(), connect() */
59
#include <fcntl.h> /* open() */
60
#include <dirent.h> /* opendir(), struct dirent, readdir()
61
*/
62
#include <inttypes.h> /* PRIu16, PRIdMAX, intmax_t,
63
strtoimax() */
64
#include <errno.h> /* perror(), errno,
65
program_invocation_short_name */
66
#include <time.h> /* nanosleep(), time(), sleep() */
67
#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
68
SIOCSIFFLAGS, if_indextoname(),
69
if_nametoindex(), IF_NAMESIZE */
70
#include <netinet/in.h> /* IN6_IS_ADDR_LINKLOCAL,
71
INET_ADDRSTRLEN, INET6_ADDRSTRLEN
72
*/
73
#include <unistd.h> /* close(), SEEK_SET, off_t, write(),
74
getuid(), getgid(), seteuid(),
75
setgid(), pause(), _exit() */
76
#include <arpa/inet.h> /* inet_pton(), htons, inet_ntop() */
77
#include <iso646.h> /* not, or, and */
78
#include <argp.h> /* struct argp_option, error_t, struct
79
argp_state, struct argp,
80
argp_parse(), ARGP_KEY_ARG,
81
ARGP_KEY_END, ARGP_ERR_UNKNOWN */
82
#include <signal.h> /* sigemptyset(), sigaddset(),
83
sigaction(), SIGTERM, sig_atomic_t,
84
raise() */
85
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_UNAVAILABLE,
86
EX_NOHOST, EX_IOERR, EX_PROTOCOL */
87
#include <sys/wait.h> /* waitpid(), WIFEXITED(),
88
WEXITSTATUS(), WTERMSIG() */
89
#include <grp.h> /* setgroups() */
90
#include <argz.h> /* argz_add_sep(), argz_next(),
91
argz_delete(), argz_append(),
92
argz_stringify(), argz_add(),
93
argz_count() */
94
95
#ifdef __linux__
96
#include <sys/klog.h> /* klogctl() */
97
#endif /* __linux__ */
98
99
/* Avahi */
100
/* All Avahi types, constants and functions
101
Avahi*, avahi_*,
102
AVAHI_* */
103
#include <avahi-core/core.h>
104
#include <avahi-core/lookup.h>
105
#include <avahi-core/log.h>
106
#include <avahi-common/simple-watch.h>
107
#include <avahi-common/malloc.h>
108
#include <avahi-common/error.h>
109
110
/* GnuTLS */
111
#include <gnutls/gnutls.h> /* All GnuTLS types, constants and
112
functions:
113
gnutls_*
114
init_gnutls_session(),
115
GNUTLS_* */
116
#include <gnutls/openpgp.h>
117
/* gnutls_certificate_set_openpgp_key_file(),
118
GNUTLS_OPENPGP_FMT_BASE64 */
119
120
/* GPGME */
121
#include <gpgme.h> /* All GPGME types, constants and
122
functions:
123
gpgme_*
124
GPGME_PROTOCOL_OpenPGP,
125
GPG_ERR_NO_* */
126
127
#define BUFFER_SIZE 256
128
129
#define PATHDIR "/conf/conf.d/mandos"
130
#define SECKEY "seckey.txt"
131
#define PUBKEY "pubkey.txt"
132
#define HOOKDIR "/lib/mandos/network-hooks.d"
133
134
bool debug = false;
135
static const char mandos_protocol_version[] = "1";
136
const char *argp_program_version = "mandos-client " VERSION;
137
const char *argp_program_bug_address = "<mandos@recompile.se>";
138
static const char sys_class_net[] = "/sys/class/net";
139
char *connect_to = NULL;
140
const char *hookdir = HOOKDIR;
141
uid_t uid = 65534;
142
gid_t gid = 65534;
143
144
/* Doubly linked list that need to be circularly linked when used */
145
typedef struct server{
146
const char *ip;
147
in_port_t port;
148
AvahiIfIndex if_index;
149
int af;
150
struct timespec last_seen;
151
struct server *next;
152
struct server *prev;
153
} server;
154
155
/* Used for passing in values through the Avahi callback functions */
156
typedef struct {
157
AvahiServer *server;
158
gnutls_certificate_credentials_t cred;
159
unsigned int dh_bits;
160
gnutls_dh_params_t dh_params;
161
const char *priority;
162
gpgme_ctx_t ctx;
163
server *current_server;
164
char *interfaces;
165
size_t interfaces_size;
166
} mandos_context;
167
168
/* global so signal handler can reach it*/
169
AvahiSimplePoll *simple_poll;
170
171
sig_atomic_t quit_now = 0;
172
int signal_received = 0;
173
174
/* Function to use when printing errors */
175
void perror_plus(const char *print_text){
176
int e = errno;
177
fprintf(stderr, "Mandos plugin %s: ",
178
program_invocation_short_name);
179
errno = e;
180
perror(print_text);
181
}
182
183
__attribute__((format (gnu_printf, 2, 3)))
184
int fprintf_plus(FILE *stream, const char *format, ...){
185
va_list ap;
186
va_start (ap, format);
187
188
TEMP_FAILURE_RETRY(fprintf(stream, "Mandos plugin %s: ",
189
program_invocation_short_name));
190
return (int)TEMP_FAILURE_RETRY(vfprintf(stream, format, ap));
191
}
192
193
/*
194
* Make additional room in "buffer" for at least BUFFER_SIZE more
195
* bytes. "buffer_capacity" is how much is currently allocated,
196
* "buffer_length" is how much is already used.
197
*/
198
size_t incbuffer(char **buffer, size_t buffer_length,
199
size_t buffer_capacity){
200
if(buffer_length + BUFFER_SIZE > buffer_capacity){
201
*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
202
if(buffer == NULL){
203
return 0;
204
}
205
buffer_capacity += BUFFER_SIZE;
206
}
207
return buffer_capacity;
208
}
209
210
/* Add server to set of servers to retry periodically */
211
bool add_server(const char *ip, in_port_t port, AvahiIfIndex if_index,
212
int af, server **current_server){
213
int ret;
214
server *new_server = malloc(sizeof(server));
215
if(new_server == NULL){
216
perror_plus("malloc");
217
return false;
218
}
219
*new_server = (server){ .ip = strdup(ip),
220
.port = port,
221
.if_index = if_index,
222
.af = af };
223
if(new_server->ip == NULL){
224
perror_plus("strdup");
225
return false;
226
}
227
/* Special case of first server */
228
if(*current_server == NULL){
229
new_server->next = new_server;
230
new_server->prev = new_server;
231
*current_server = new_server;
232
/* Place the new server last in the list */
233
} else {
234
new_server->next = *current_server;
235
new_server->prev = (*current_server)->prev;
236
new_server->prev->next = new_server;
237
(*current_server)->prev = new_server;
238
}
239
ret = clock_gettime(CLOCK_MONOTONIC, &(*current_server)->last_seen);
240
if(ret == -1){
241
perror_plus("clock_gettime");
242
return false;
243
}
244
return true;
245
}
246
247
/*
248
* Initialize GPGME.
249
*/
250
static bool init_gpgme(const char *seckey, const char *pubkey,
251
const char *tempdir, mandos_context *mc){
252
gpgme_error_t rc;
253
gpgme_engine_info_t engine_info;
254
255
/*
256
* Helper function to insert pub and seckey to the engine keyring.
257
*/
258
bool import_key(const char *filename){
259
int ret;
260
int fd;
261
gpgme_data_t pgp_data;
262
263
fd = (int)TEMP_FAILURE_RETRY(open(filename, O_RDONLY));
264
if(fd == -1){
265
perror_plus("open");
266
return false;
267
}
268
269
rc = gpgme_data_new_from_fd(&pgp_data, fd);
270
if(rc != GPG_ERR_NO_ERROR){
271
fprintf_plus(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",
272
gpgme_strsource(rc), gpgme_strerror(rc));
273
return false;
274
}
275
276
rc = gpgme_op_import(mc->ctx, pgp_data);
277
if(rc != GPG_ERR_NO_ERROR){
278
fprintf_plus(stderr, "bad gpgme_op_import: %s: %s\n",
279
gpgme_strsource(rc), gpgme_strerror(rc));
280
return false;
281
}
282
283
ret = (int)TEMP_FAILURE_RETRY(close(fd));
284
if(ret == -1){
285
perror_plus("close");
286
}
287
gpgme_data_release(pgp_data);
288
return true;
289
}
290
291
if(debug){
292
fprintf_plus(stderr, "Initializing GPGME\n");
293
}
294
295
/* Init GPGME */
296
gpgme_check_version(NULL);
297
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
298
if(rc != GPG_ERR_NO_ERROR){
299
fprintf_plus(stderr, "bad gpgme_engine_check_version: %s: %s\n",
300
gpgme_strsource(rc), gpgme_strerror(rc));
301
return false;
302
}
303
304
/* Set GPGME home directory for the OpenPGP engine only */
305
rc = gpgme_get_engine_info(&engine_info);
306
if(rc != GPG_ERR_NO_ERROR){
307
fprintf_plus(stderr, "bad gpgme_get_engine_info: %s: %s\n",
308
gpgme_strsource(rc), gpgme_strerror(rc));
309
return false;
310
}
311
while(engine_info != NULL){
312
if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){
313
gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,
314
engine_info->file_name, tempdir);
315
break;
316
}
317
engine_info = engine_info->next;
318
}
319
if(engine_info == NULL){
320
fprintf_plus(stderr, "Could not set GPGME home dir to %s\n",
321
tempdir);
322
return false;
323
}
324
325
/* Create new GPGME "context" */
326
rc = gpgme_new(&(mc->ctx));
327
if(rc != GPG_ERR_NO_ERROR){
328
fprintf_plus(stderr, "Mandos plugin mandos-client: "
329
"bad gpgme_new: %s: %s\n", gpgme_strsource(rc),
330
gpgme_strerror(rc));
331
return false;
332
}
333
334
if(not import_key(pubkey) or not import_key(seckey)){
335
return false;
336
}
337
338
return true;
339
}
340
341
/*
342
* Decrypt OpenPGP data.
343
* Returns -1 on error
344
*/
345
static ssize_t pgp_packet_decrypt(const char *cryptotext,
346
size_t crypto_size,
347
char **plaintext,
348
mandos_context *mc){
349
gpgme_data_t dh_crypto, dh_plain;
350
gpgme_error_t rc;
351
ssize_t ret;
352
size_t plaintext_capacity = 0;
353
ssize_t plaintext_length = 0;
354
355
if(debug){
356
fprintf_plus(stderr, "Trying to decrypt OpenPGP data\n");
357
}
358
359
/* Create new GPGME data buffer from memory cryptotext */
360
rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,
361
0);
362
if(rc != GPG_ERR_NO_ERROR){
363
fprintf_plus(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
364
gpgme_strsource(rc), gpgme_strerror(rc));
365
return -1;
366
}
367
368
/* Create new empty GPGME data buffer for the plaintext */
369
rc = gpgme_data_new(&dh_plain);
370
if(rc != GPG_ERR_NO_ERROR){
371
fprintf_plus(stderr, "Mandos plugin mandos-client: "
372
"bad gpgme_data_new: %s: %s\n",
373
gpgme_strsource(rc), gpgme_strerror(rc));
374
gpgme_data_release(dh_crypto);
375
return -1;
376
}
377
378
/* Decrypt data from the cryptotext data buffer to the plaintext
379
data buffer */
380
rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);
381
if(rc != GPG_ERR_NO_ERROR){
382
fprintf_plus(stderr, "bad gpgme_op_decrypt: %s: %s\n",
383
gpgme_strsource(rc), gpgme_strerror(rc));
384
plaintext_length = -1;
385
if(debug){
386
gpgme_decrypt_result_t result;
387
result = gpgme_op_decrypt_result(mc->ctx);
388
if(result == NULL){
389
fprintf_plus(stderr, "gpgme_op_decrypt_result failed\n");
390
} else {
391
fprintf_plus(stderr, "Unsupported algorithm: %s\n",
392
result->unsupported_algorithm);
393
fprintf_plus(stderr, "Wrong key usage: %u\n",
394
result->wrong_key_usage);
395
if(result->file_name != NULL){
396
fprintf_plus(stderr, "File name: %s\n", result->file_name);
397
}
398
gpgme_recipient_t recipient;
399
recipient = result->recipients;
400
while(recipient != NULL){
401
fprintf_plus(stderr, "Public key algorithm: %s\n",
402
gpgme_pubkey_algo_name
403
(recipient->pubkey_algo));
404
fprintf_plus(stderr, "Key ID: %s\n", recipient->keyid);
405
fprintf_plus(stderr, "Secret key available: %s\n",
406
recipient->status == GPG_ERR_NO_SECKEY
407
? "No" : "Yes");
408
recipient = recipient->next;
409
}
410
}
411
}
412
goto decrypt_end;
413
}
414
415
if(debug){
416
fprintf_plus(stderr, "Decryption of OpenPGP data succeeded\n");
417
}
418
419
/* Seek back to the beginning of the GPGME plaintext data buffer */
420
if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){
421
perror_plus("gpgme_data_seek");
422
plaintext_length = -1;
423
goto decrypt_end;
424
}
425
426
*plaintext = NULL;
427
while(true){
428
plaintext_capacity = incbuffer(plaintext,
429
(size_t)plaintext_length,
430
plaintext_capacity);
431
if(plaintext_capacity == 0){
432
perror_plus("incbuffer");
433
plaintext_length = -1;
434
goto decrypt_end;
435
}
436
437
ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,
438
BUFFER_SIZE);
439
/* Print the data, if any */
440
if(ret == 0){
441
/* EOF */
442
break;
443
}
444
if(ret < 0){
445
perror_plus("gpgme_data_read");
446
plaintext_length = -1;
447
goto decrypt_end;
448
}
449
plaintext_length += ret;
450
}
451
452
if(debug){
453
fprintf_plus(stderr, "Decrypted password is: ");
454
for(ssize_t i = 0; i < plaintext_length; i++){
455
fprintf(stderr, "%02hhX ", (*plaintext)[i]);
456
}
457
fprintf(stderr, "\n");
458
}
459
460
decrypt_end:
461
462
/* Delete the GPGME cryptotext data buffer */
463
gpgme_data_release(dh_crypto);
464
465
/* Delete the GPGME plaintext data buffer */
466
gpgme_data_release(dh_plain);
467
return plaintext_length;
468
}
469
470
static const char * safer_gnutls_strerror(int value){
471
const char *ret = gnutls_strerror(value);
472
if(ret == NULL)
473
ret = "(unknown)";
474
return ret;
475
}
476
477
/* GnuTLS log function callback */
478
static void debuggnutls(__attribute__((unused)) int level,
479
const char* string){
480
fprintf_plus(stderr, "GnuTLS: %s", string);
481
}
482
483
static int init_gnutls_global(const char *pubkeyfilename,
484
const char *seckeyfilename,
485
mandos_context *mc){
486
int ret;
487
488
if(debug){
489
fprintf_plus(stderr, "Initializing GnuTLS\n");
490
}
491
492
ret = gnutls_global_init();
493
if(ret != GNUTLS_E_SUCCESS){
494
fprintf_plus(stderr, "GnuTLS global_init: %s\n",
495
safer_gnutls_strerror(ret));
496
return -1;
497
}
498
499
if(debug){
500
/* "Use a log level over 10 to enable all debugging options."
501
* - GnuTLS manual
502
*/
503
gnutls_global_set_log_level(11);
504
gnutls_global_set_log_function(debuggnutls);
505
}
506
507
/* OpenPGP credentials */
508
ret = gnutls_certificate_allocate_credentials(&mc->cred);
509
if(ret != GNUTLS_E_SUCCESS){
510
fprintf_plus(stderr, "GnuTLS memory error: %s\n",
511
safer_gnutls_strerror(ret));
512
gnutls_global_deinit();
513
return -1;
514
}
515
516
if(debug){
517
fprintf_plus(stderr, "Attempting to use OpenPGP public key %s and"
518
" secret key %s as GnuTLS credentials\n",
519
pubkeyfilename,
520
seckeyfilename);
521
}
522
523
ret = gnutls_certificate_set_openpgp_key_file
524
(mc->cred, pubkeyfilename, seckeyfilename,
525
GNUTLS_OPENPGP_FMT_BASE64);
526
if(ret != GNUTLS_E_SUCCESS){
527
fprintf_plus(stderr,
528
"Error[%d] while reading the OpenPGP key pair ('%s',"
529
" '%s')\n", ret, pubkeyfilename, seckeyfilename);
530
fprintf_plus(stderr, "The GnuTLS error is: %s\n",
531
safer_gnutls_strerror(ret));
532
goto globalfail;
533
}
534
535
/* GnuTLS server initialization */
536
ret = gnutls_dh_params_init(&mc->dh_params);
537
if(ret != GNUTLS_E_SUCCESS){
538
fprintf_plus(stderr, "Error in GnuTLS DH parameter"
539
" initialization: %s\n",
540
safer_gnutls_strerror(ret));
541
goto globalfail;
542
}
543
ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
544
if(ret != GNUTLS_E_SUCCESS){
545
fprintf_plus(stderr, "Error in GnuTLS prime generation: %s\n",
546
safer_gnutls_strerror(ret));
547
goto globalfail;
548
}
549
550
gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
551
552
return 0;
553
554
globalfail:
555
556
gnutls_certificate_free_credentials(mc->cred);
557
gnutls_global_deinit();
558
gnutls_dh_params_deinit(mc->dh_params);
559
return -1;
560
}
561
562
static int init_gnutls_session(gnutls_session_t *session,
563
mandos_context *mc){
564
int ret;
565
/* GnuTLS session creation */
566
do {
567
ret = gnutls_init(session, GNUTLS_SERVER);
568
if(quit_now){
569
return -1;
570
}
571
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
572
if(ret != GNUTLS_E_SUCCESS){
573
fprintf_plus(stderr,
574
"Error in GnuTLS session initialization: %s\n",
575
safer_gnutls_strerror(ret));
576
}
577
578
{
579
const char *err;
580
do {
581
ret = gnutls_priority_set_direct(*session, mc->priority, &err);
582
if(quit_now){
583
gnutls_deinit(*session);
584
return -1;
585
}
586
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
587
if(ret != GNUTLS_E_SUCCESS){
588
fprintf_plus(stderr, "Syntax error at: %s\n", err);
589
fprintf_plus(stderr, "GnuTLS error: %s\n",
590
safer_gnutls_strerror(ret));
591
gnutls_deinit(*session);
592
return -1;
593
}
594
}
595
596
do {
597
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
598
mc->cred);
599
if(quit_now){
600
gnutls_deinit(*session);
601
return -1;
602
}
603
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
604
if(ret != GNUTLS_E_SUCCESS){
605
fprintf_plus(stderr, "Error setting GnuTLS credentials: %s\n",
606
safer_gnutls_strerror(ret));
607
gnutls_deinit(*session);
608
return -1;
609
}
610
611
/* ignore client certificate if any. */
612
gnutls_certificate_server_set_request(*session, GNUTLS_CERT_IGNORE);
613
614
gnutls_dh_set_prime_bits(*session, mc->dh_bits);
615
616
return 0;
617
}
618
619
/* Avahi log function callback */
620
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
621
__attribute__((unused)) const char *txt){}
622
623
/* Called when a Mandos server is found */
624
static int start_mandos_communication(const char *ip, in_port_t port,
625
AvahiIfIndex if_index,
626
int af, mandos_context *mc){
627
int ret, tcp_sd = -1;
628
ssize_t sret;
629
union {
630
struct sockaddr_in in;
631
struct sockaddr_in6 in6;
632
} to;
633
char *buffer = NULL;
634
char *decrypted_buffer = NULL;
635
size_t buffer_length = 0;
636
size_t buffer_capacity = 0;
637
size_t written;
638
int retval = -1;
639
gnutls_session_t session;
640
int pf; /* Protocol family */
641
642
errno = 0;
643
644
if(quit_now){
645
errno = EINTR;
646
return -1;
647
}
648
649
switch(af){
650
case AF_INET6:
651
pf = PF_INET6;
652
break;
653
case AF_INET:
654
pf = PF_INET;
655
break;
656
default:
657
fprintf_plus(stderr, "Bad address family: %d\n", af);
658
errno = EINVAL;
659
return -1;
660
}
661
662
/* If the interface is specified and we have a list of interfaces */
663
if(if_index != AVAHI_IF_UNSPEC and mc->interfaces != NULL){
664
/* Check if the interface is one of the interfaces we are using */
665
bool match = false;
666
{
667
char *interface = NULL;
668
while((interface=argz_next(mc->interfaces, mc->interfaces_size,
669
interface))){
670
if(if_nametoindex(interface) == (unsigned int)if_index){
671
match = true;
672
break;
673
}
674
}
675
}
676
if(not match){
677
/* This interface does not match any in the list, so we don't
678
connect to the server */
679
if(debug){
680
char interface[IF_NAMESIZE];
681
if(if_indextoname((unsigned int)if_index, interface) == NULL){
682
perror_plus("if_indextoname");
683
} else {
684
fprintf_plus(stderr, "Skipping server on non-used interface"
685
" \"%s\"\n",
686
if_indextoname((unsigned int)if_index,
687
interface));
688
}
689
}
690
return -1;
691
}
692
}
693
694
ret = init_gnutls_session(&session, mc);
695
if(ret != 0){
696
return -1;
697
}
698
699
if(debug){
700
fprintf_plus(stderr, "Setting up a TCP connection to %s, port %"
701
PRIuMAX "\n", ip, (uintmax_t)port);
702
}
703
704
tcp_sd = socket(pf, SOCK_STREAM, 0);
705
if(tcp_sd < 0){
706
int e = errno;
707
perror_plus("socket");
708
errno = e;
709
goto mandos_end;
710
}
711
712
if(quit_now){
713
errno = EINTR;
714
goto mandos_end;
715
}
716
717
memset(&to, 0, sizeof(to));
718
if(af == AF_INET6){
719
to.in6.sin6_family = (sa_family_t)af;
720
ret = inet_pton(af, ip, &to.in6.sin6_addr);
721
} else { /* IPv4 */
722
to.in.sin_family = (sa_family_t)af;
723
ret = inet_pton(af, ip, &to.in.sin_addr);
724
}
725
if(ret < 0 ){
726
int e = errno;
727
perror_plus("inet_pton");
728
errno = e;
729
goto mandos_end;
730
}
731
if(ret == 0){
732
int e = errno;
733
fprintf_plus(stderr, "Bad address: %s\n", ip);
734
errno = e;
735
goto mandos_end;
736
}
737
if(af == AF_INET6){
738
to.in6.sin6_port = htons(port);
739
if(IN6_IS_ADDR_LINKLOCAL /* Spurious warnings from */
740
(&to.in6.sin6_addr)){ /* -Wstrict-aliasing=2 or lower and
741
-Wunreachable-code*/
742
if(if_index == AVAHI_IF_UNSPEC){
743
fprintf_plus(stderr, "An IPv6 link-local address is"
744
" incomplete without a network interface\n");
745
errno = EINVAL;
746
goto mandos_end;
747
}
748
/* Set the network interface number as scope */
749
to.in6.sin6_scope_id = (uint32_t)if_index;
750
}
751
} else {
752
to.in.sin_port = htons(port); /* Spurious warnings from
753
-Wconversion and
754
-Wunreachable-code */
755
}
756
757
if(quit_now){
758
errno = EINTR;
759
goto mandos_end;
760
}
761
762
if(debug){
763
if(af == AF_INET6 and if_index != AVAHI_IF_UNSPEC){
764
char interface[IF_NAMESIZE];
765
if(if_indextoname((unsigned int)if_index, interface) == NULL){
766
perror_plus("if_indextoname");
767
} else {
768
fprintf_plus(stderr, "Connection to: %s%%%s, port %" PRIuMAX
769
"\n", ip, interface, (uintmax_t)port);
770
}
771
} else {
772
fprintf_plus(stderr, "Connection to: %s, port %" PRIuMAX "\n",
773
ip, (uintmax_t)port);
774
}
775
char addrstr[(INET_ADDRSTRLEN > INET6_ADDRSTRLEN) ?
776
INET_ADDRSTRLEN : INET6_ADDRSTRLEN] = "";
777
const char *pcret;
778
if(af == AF_INET6){
779
pcret = inet_ntop(af, &(to.in6.sin6_addr), addrstr,
780
sizeof(addrstr));
781
} else {
782
pcret = inet_ntop(af, &(to.in.sin_addr), addrstr,
783
sizeof(addrstr));
784
}
785
if(pcret == NULL){
786
perror_plus("inet_ntop");
787
} else {
788
if(strcmp(addrstr, ip) != 0){
789
fprintf_plus(stderr, "Canonical address form: %s\n", addrstr);
790
}
791
}
792
}
793
794
if(quit_now){
795
errno = EINTR;
796
goto mandos_end;
797
}
798
799
if(af == AF_INET6){
800
ret = connect(tcp_sd, &to.in6, sizeof(to));
801
} else {
802
ret = connect(tcp_sd, &to.in, sizeof(to)); /* IPv4 */
803
}
804
if(ret < 0){
805
if ((errno != ECONNREFUSED and errno != ENETUNREACH) or debug){
806
int e = errno;
807
perror_plus("connect");
808
errno = e;
809
}
810
goto mandos_end;
811
}
812
813
if(quit_now){
814
errno = EINTR;
815
goto mandos_end;
816
}
817
818
const char *out = mandos_protocol_version;
819
written = 0;
820
while(true){
821
size_t out_size = strlen(out);
822
ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written,
823
out_size - written));
824
if(ret == -1){
825
int e = errno;
826
perror_plus("write");
827
errno = e;
828
goto mandos_end;
829
}
830
written += (size_t)ret;
831
if(written < out_size){
832
continue;
833
} else {
834
if(out == mandos_protocol_version){
835
written = 0;
836
out = "\r\n";
837
} else {
838
break;
839
}
840
}
841
842
if(quit_now){
843
errno = EINTR;
844
goto mandos_end;
845
}
846
}
847
848
if(debug){
849
fprintf_plus(stderr, "Establishing TLS session with %s\n", ip);
850
}
851
852
if(quit_now){
853
errno = EINTR;
854
goto mandos_end;
855
}
856
857
/* This casting via intptr_t is to eliminate warning about casting
858
an int to a pointer type. This is exactly how the GnuTLS Guile
859
function "set-session-transport-fd!" does it. */
860
gnutls_transport_set_ptr(session,
861
(gnutls_transport_ptr_t)(intptr_t)tcp_sd);
862
863
if(quit_now){
864
errno = EINTR;
865
goto mandos_end;
866
}
867
868
do {
869
ret = gnutls_handshake(session);
870
if(quit_now){
871
errno = EINTR;
872
goto mandos_end;
873
}
874
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
875
876
if(ret != GNUTLS_E_SUCCESS){
877
if(debug){
878
fprintf_plus(stderr, "*** GnuTLS Handshake failed ***\n");
879
gnutls_perror(ret);
880
}
881
errno = EPROTO;
882
goto mandos_end;
883
}
884
885
/* Read OpenPGP packet that contains the wanted password */
886
887
if(debug){
888
fprintf_plus(stderr, "Retrieving OpenPGP encrypted password from"
889
" %s\n", ip);
890
}
891
892
while(true){
893
894
if(quit_now){
895
errno = EINTR;
896
goto mandos_end;
897
}
898
899
buffer_capacity = incbuffer(&buffer, buffer_length,
900
buffer_capacity);
901
if(buffer_capacity == 0){
902
int e = errno;
903
perror_plus("incbuffer");
904
errno = e;
905
goto mandos_end;
906
}
907
908
if(quit_now){
909
errno = EINTR;
910
goto mandos_end;
911
}
912
913
sret = gnutls_record_recv(session, buffer+buffer_length,
914
BUFFER_SIZE);
915
if(sret == 0){
916
break;
917
}
918
if(sret < 0){
919
switch(sret){
920
case GNUTLS_E_INTERRUPTED:
921
case GNUTLS_E_AGAIN:
922
break;
923
case GNUTLS_E_REHANDSHAKE:
924
do {
925
ret = gnutls_handshake(session);
926
927
if(quit_now){
928
errno = EINTR;
929
goto mandos_end;
930
}
931
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
932
if(ret < 0){
933
fprintf_plus(stderr, "*** GnuTLS Re-handshake failed "
934
"***\n");
935
gnutls_perror(ret);
936
errno = EPROTO;
937
goto mandos_end;
938
}
939
break;
940
default:
941
fprintf_plus(stderr, "Unknown error while reading data from"
942
" encrypted session with Mandos server\n");
943
gnutls_bye(session, GNUTLS_SHUT_RDWR);
944
errno = EIO;
945
goto mandos_end;
946
}
947
} else {
948
buffer_length += (size_t) sret;
949
}
950
}
951
952
if(debug){
953
fprintf_plus(stderr, "Closing TLS session\n");
954
}
955
956
if(quit_now){
957
errno = EINTR;
958
goto mandos_end;
959
}
960
961
do {
962
ret = gnutls_bye(session, GNUTLS_SHUT_RDWR);
963
if(quit_now){
964
errno = EINTR;
965
goto mandos_end;
966
}
967
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
968
969
if(buffer_length > 0){
970
ssize_t decrypted_buffer_size;
971
decrypted_buffer_size = pgp_packet_decrypt(buffer, buffer_length,
972
&decrypted_buffer, mc);
973
if(decrypted_buffer_size >= 0){
974
975
written = 0;
976
while(written < (size_t) decrypted_buffer_size){
977
if(quit_now){
978
errno = EINTR;
979
goto mandos_end;
980
}
981
982
ret = (int)fwrite(decrypted_buffer + written, 1,
983
(size_t)decrypted_buffer_size - written,
984
stdout);
985
if(ret == 0 and ferror(stdout)){
986
int e = errno;
987
if(debug){
988
fprintf_plus(stderr, "Error writing encrypted data: %s\n",
989
strerror(errno));
990
}
991
errno = e;
992
goto mandos_end;
993
}
994
written += (size_t)ret;
995
}
996
retval = 0;
997
}
998
}
999
1000
/* Shutdown procedure */
1001
1002
mandos_end:
1003
{
1004
int e = errno;
1005
free(decrypted_buffer);
1006
free(buffer);
1007
if(tcp_sd >= 0){
1008
ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));
1009
}
1010
if(ret == -1){
1011
if(e == 0){
1012
e = errno;
1013
}
1014
perror_plus("close");
1015
}
1016
gnutls_deinit(session);
1017
errno = e;
1018
if(quit_now){
1019
errno = EINTR;
1020
retval = -1;
1021
}
1022
}
1023
return retval;
1024
}
1025
1026
static void resolve_callback(AvahiSServiceResolver *r,
1027
AvahiIfIndex interface,
1028
AvahiProtocol proto,
1029
AvahiResolverEvent event,
1030
const char *name,
1031
const char *type,
1032
const char *domain,
1033
const char *host_name,
1034
const AvahiAddress *address,
1035
uint16_t port,
1036
AVAHI_GCC_UNUSED AvahiStringList *txt,
1037
AVAHI_GCC_UNUSED AvahiLookupResultFlags
1038
flags,
1039
void* mc){
1040
if(r == NULL){
1041
return;
1042
}
1043
1044
/* Called whenever a service has been resolved successfully or
1045
timed out */
1046
1047
if(quit_now){
1048
return;
1049
}
1050
1051
switch(event){
1052
default:
1053
case AVAHI_RESOLVER_FAILURE:
1054
fprintf_plus(stderr, "(Avahi Resolver) Failed to resolve service "
1055
"'%s' of type '%s' in domain '%s': %s\n", name, type,
1056
domain,
1057
avahi_strerror(avahi_server_errno
1058
(((mandos_context*)mc)->server)));
1059
break;
1060
1061
case AVAHI_RESOLVER_FOUND:
1062
{
1063
char ip[AVAHI_ADDRESS_STR_MAX];
1064
avahi_address_snprint(ip, sizeof(ip), address);
1065
if(debug){
1066
fprintf_plus(stderr, "Mandos server \"%s\" found on %s (%s, %"
1067
PRIdMAX ") on port %" PRIu16 "\n", name,
1068
host_name, ip, (intmax_t)interface, port);
1069
}
1070
int ret = start_mandos_communication(ip, (in_port_t)port,
1071
interface,
1072
avahi_proto_to_af(proto),
1073
mc);
1074
if(ret == 0){
1075
avahi_simple_poll_quit(simple_poll);
1076
} else {
1077
if(not add_server(ip, (in_port_t)port, interface,
1078
avahi_proto_to_af(proto),
1079
&((mandos_context*)mc)->current_server)){
1080
fprintf_plus(stderr, "Failed to add server \"%s\" to server"
1081
" list\n", name);
1082
}
1083
}
1084
}
1085
}
1086
avahi_s_service_resolver_free(r);
1087
}
1088
1089
static void browse_callback(AvahiSServiceBrowser *b,
1090
AvahiIfIndex interface,
1091
AvahiProtocol protocol,
1092
AvahiBrowserEvent event,
1093
const char *name,
1094
const char *type,
1095
const char *domain,
1096
AVAHI_GCC_UNUSED AvahiLookupResultFlags
1097
flags,
1098
void* mc){
1099
if(b == NULL){
1100
return;
1101
}
1102
1103
/* Called whenever a new services becomes available on the LAN or
1104
is removed from the LAN */
1105
1106
if(quit_now){
1107
return;
1108
}
1109
1110
switch(event){
1111
default:
1112
case AVAHI_BROWSER_FAILURE:
1113
1114
fprintf_plus(stderr, "(Avahi browser) %s\n",
1115
avahi_strerror(avahi_server_errno
1116
(((mandos_context*)mc)->server)));
1117
avahi_simple_poll_quit(simple_poll);
1118
return;
1119
1120
case AVAHI_BROWSER_NEW:
1121
/* We ignore the returned Avahi resolver object. In the callback
1122
function we free it. If the Avahi server is terminated before
1123
the callback function is called the Avahi server will free the
1124
resolver for us. */
1125
1126
if(avahi_s_service_resolver_new(((mandos_context*)mc)->server,
1127
interface, protocol, name, type,
1128
domain, protocol, 0,
1129
resolve_callback, mc) == NULL)
1130
fprintf_plus(stderr, "Avahi: Failed to resolve service '%s':"
1131
" %s\n", name,
1132
avahi_strerror(avahi_server_errno
1133
(((mandos_context*)mc)->server)));
1134
break;
1135
1136
case AVAHI_BROWSER_REMOVE:
1137
break;
1138
1139
case AVAHI_BROWSER_ALL_FOR_NOW:
1140
case AVAHI_BROWSER_CACHE_EXHAUSTED:
1141
if(debug){
1142
fprintf_plus(stderr, "No Mandos server found, still"
1143
" searching...\n");
1144
}
1145
break;
1146
}
1147
}
1148
1149
/* Signal handler that stops main loop after SIGTERM */
1150
static void handle_sigterm(int sig){
1151
if(quit_now){
1152
return;
1153
}
1154
quit_now = 1;
1155
signal_received = sig;
1156
int old_errno = errno;
1157
/* set main loop to exit */
1158
if(simple_poll != NULL){
1159
avahi_simple_poll_quit(simple_poll);
1160
}
1161
errno = old_errno;
1162
}
1163
1164
bool get_flags(const char *ifname, struct ifreq *ifr){
1165
int ret;
1166
error_t ret_errno;
1167
1168
int s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1169
if(s < 0){
1170
ret_errno = errno;
1171
perror_plus("socket");
1172
errno = ret_errno;
1173
return false;
1174
}
1175
strcpy(ifr->ifr_name, ifname);
1176
ret = ioctl(s, SIOCGIFFLAGS, ifr);
1177
if(ret == -1){
1178
if(debug){
1179
ret_errno = errno;
1180
perror_plus("ioctl SIOCGIFFLAGS");
1181
errno = ret_errno;
1182
}
1183
return false;
1184
}
1185
return true;
1186
}
1187
1188
bool good_flags(const char *ifname, const struct ifreq *ifr){
1189
1190
/* Reject the loopback device */
1191
if(ifr->ifr_flags & IFF_LOOPBACK){
1192
if(debug){
1193
fprintf_plus(stderr, "Rejecting loopback interface \"%s\"\n",
1194
ifname);
1195
}
1196
return false;
1197
}
1198
/* Accept point-to-point devices only if connect_to is specified */
1199
if(connect_to != NULL and (ifr->ifr_flags & IFF_POINTOPOINT)){
1200
if(debug){
1201
fprintf_plus(stderr, "Accepting point-to-point interface"
1202
" \"%s\"\n", ifname);
1203
}
1204
return true;
1205
}
1206
/* Otherwise, reject non-broadcast-capable devices */
1207
if(not (ifr->ifr_flags & IFF_BROADCAST)){
1208
if(debug){
1209
fprintf_plus(stderr, "Rejecting non-broadcast interface"
1210
" \"%s\"\n", ifname);
1211
}
1212
return false;
1213
}
1214
/* Reject non-ARP interfaces (including dummy interfaces) */
1215
if(ifr->ifr_flags & IFF_NOARP){
1216
if(debug){
1217
fprintf_plus(stderr, "Rejecting non-ARP interface \"%s\"\n",
1218
ifname);
1219
}
1220
return false;
1221
}
1222
1223
/* Accept this device */
1224
if(debug){
1225
fprintf_plus(stderr, "Interface \"%s\" is good\n", ifname);
1226
}
1227
return true;
1228
}
1229
1230
/*
1231
* This function determines if a directory entry in /sys/class/net
1232
* corresponds to an acceptable network device.
1233
* (This function is passed to scandir(3) as a filter function.)
1234
*/
1235
int good_interface(const struct dirent *if_entry){
1236
if(if_entry->d_name[0] == '.'){
1237
return 0;
1238
}
1239
1240
struct ifreq ifr;
1241
if(not get_flags(if_entry->d_name, &ifr)){
1242
if(debug){
1243
fprintf_plus(stderr, "Failed to get flags for interface "
1244
"\"%s\"\n", if_entry->d_name);
1245
}
1246
return 0;
1247
}
1248
1249
if(not good_flags(if_entry->d_name, &ifr)){
1250
return 0;
1251
}
1252
return 1;
1253
}
1254
1255
/*
1256
* This function determines if a network interface is up.
1257
*/
1258
bool interface_is_up(const char *interface){
1259
struct ifreq ifr;
1260
if(not get_flags(interface, &ifr)){
1261
if(debug){
1262
fprintf_plus(stderr, "Failed to get flags for interface "
1263
"\"%s\"\n", interface);
1264
}
1265
return false;
1266
}
1267
1268
return (bool)(ifr.ifr_flags & IFF_UP);
1269
}
1270
1271
/*
1272
* This function determines if a network interface is running
1273
*/
1274
bool interface_is_running(const char *interface){
1275
struct ifreq ifr;
1276
if(not get_flags(interface, &ifr)){
1277
if(debug){
1278
fprintf_plus(stderr, "Failed to get flags for interface "
1279
"\"%s\"\n", interface);
1280
}
1281
return false;
1282
}
1283
1284
return (bool)(ifr.ifr_flags & IFF_RUNNING);
1285
}
1286
1287
int notdotentries(const struct dirent *direntry){
1288
/* Skip "." and ".." */
1289
if(direntry->d_name[0] == '.'
1290
and (direntry->d_name[1] == '\0'
1291
or (direntry->d_name[1] == '.'
1292
and direntry->d_name[2] == '\0'))){
1293
return 0;
1294
}
1295
return 1;
1296
}
1297
1298
/* Is this directory entry a runnable program? */
1299
int runnable_hook(const struct dirent *direntry){
1300
int ret;
1301
size_t sret;
1302
struct stat st;
1303
1304
if((direntry->d_name)[0] == '\0'){
1305
/* Empty name? */
1306
return 0;
1307
}
1308
1309
sret = strspn(direntry->d_name, "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
1310
"abcdefghijklmnopqrstuvwxyz"
1311
"0123456789"
1312
"_-");
1313
if((direntry->d_name)[sret] != '\0'){
1314
/* Contains non-allowed characters */
1315
if(debug){
1316
fprintf_plus(stderr, "Ignoring hook \"%s\" with bad name\n",
1317
direntry->d_name);
1318
}
1319
return 0;
1320
}
1321
1322
char *fullname = NULL;
1323
ret = asprintf(&fullname, "%s/%s", hookdir, direntry->d_name);
1324
if(ret < 0){
1325
perror_plus("asprintf");
1326
return 0;
1327
}
1328
1329
ret = stat(fullname, &st);
1330
if(ret == -1){
1331
if(debug){
1332
perror_plus("Could not stat hook");
1333
}
1334
return 0;
1335
}
1336
if(not (S_ISREG(st.st_mode))){
1337
/* Not a regular file */
1338
if(debug){
1339
fprintf_plus(stderr, "Ignoring hook \"%s\" - not a file\n",
1340
direntry->d_name);
1341
}
1342
return 0;
1343
}
1344
if(not (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))){
1345
/* Not executable */
1346
if(debug){
1347
fprintf_plus(stderr, "Ignoring hook \"%s\" - not executable\n",
1348
direntry->d_name);
1349
}
1350
return 0;
1351
}
1352
if(debug){
1353
fprintf_plus(stderr, "Hook \"%s\" is acceptable\n",
1354
direntry->d_name);
1355
}
1356
return 1;
1357
}
1358
1359
int avahi_loop_with_timeout(AvahiSimplePoll *s, int retry_interval,
1360
mandos_context *mc){
1361
int ret;
1362
struct timespec now;
1363
struct timespec waited_time;
1364
intmax_t block_time;
1365
1366
while(true){
1367
if(mc->current_server == NULL){
1368
if (debug){
1369
fprintf_plus(stderr, "Wait until first server is found."
1370
" No timeout!\n");
1371
}
1372
ret = avahi_simple_poll_iterate(s, -1);
1373
} else {
1374
if (debug){
1375
fprintf_plus(stderr, "Check current_server if we should run"
1376
" it, or wait\n");
1377
}
1378
/* the current time */
1379
ret = clock_gettime(CLOCK_MONOTONIC, &now);
1380
if(ret == -1){
1381
perror_plus("clock_gettime");
1382
return -1;
1383
}
1384
/* Calculating in ms how long time between now and server
1385
who we visted longest time ago. Now - last seen. */
1386
waited_time.tv_sec = (now.tv_sec
1387
- mc->current_server->last_seen.tv_sec);
1388
waited_time.tv_nsec = (now.tv_nsec
1389
- mc->current_server->last_seen.tv_nsec);
1390
/* total time is 10s/10,000ms.
1391
Converting to s from ms by dividing by 1,000,
1392
and ns to ms by dividing by 1,000,000. */
1393
block_time = ((retry_interval
1394
- ((intmax_t)waited_time.tv_sec * 1000))
1395
- ((intmax_t)waited_time.tv_nsec / 1000000));
1396
1397
if (debug){
1398
fprintf_plus(stderr, "Blocking for %" PRIdMAX " ms\n",
1399
block_time);
1400
}
1401
1402
if(block_time <= 0){
1403
ret = start_mandos_communication(mc->current_server->ip,
1404
mc->current_server->port,
1405
mc->current_server->if_index,
1406
mc->current_server->af, mc);
1407
if(ret == 0){
1408
avahi_simple_poll_quit(s);
1409
return 0;
1410
}
1411
ret = clock_gettime(CLOCK_MONOTONIC,
1412
&mc->current_server->last_seen);
1413
if(ret == -1){
1414
perror_plus("clock_gettime");
1415
return -1;
1416
}
1417
mc->current_server = mc->current_server->next;
1418
block_time = 0; /* Call avahi to find new Mandos
1419
servers, but don't block */
1420
}
1421
1422
ret = avahi_simple_poll_iterate(s, (int)block_time);
1423
}
1424
if(ret != 0){
1425
if (ret > 0 or errno != EINTR){
1426
return (ret != 1) ? ret : 0;
1427
}
1428
}
1429
}
1430
}
1431
1432
/* Set effective uid to 0, return errno */
1433
error_t raise_privileges(void){
1434
error_t old_errno = errno;
1435
error_t ret_errno = 0;
1436
if(seteuid(0) == -1){
1437
ret_errno = errno;
1438
perror_plus("seteuid");
1439
}
1440
errno = old_errno;
1441
return ret_errno;
1442
}
1443
1444
/* Set effective and real user ID to 0. Return errno. */
1445
error_t raise_privileges_permanently(void){
1446
error_t old_errno = errno;
1447
error_t ret_errno = raise_privileges();
1448
if(ret_errno != 0){
1449
errno = old_errno;
1450
return ret_errno;
1451
}
1452
if(setuid(0) == -1){
1453
ret_errno = errno;
1454
perror_plus("seteuid");
1455
}
1456
errno = old_errno;
1457
return ret_errno;
1458
}
1459
1460
/* Set effective user ID to unprivileged saved user ID */
1461
error_t lower_privileges(void){
1462
error_t old_errno = errno;
1463
error_t ret_errno = 0;
1464
if(seteuid(uid) == -1){
1465
ret_errno = errno;
1466
perror_plus("seteuid");
1467
}
1468
errno = old_errno;
1469
return ret_errno;
1470
}
1471
1472
/* Lower privileges permanently */
1473
error_t lower_privileges_permanently(void){
1474
error_t old_errno = errno;
1475
error_t ret_errno = 0;
1476
if(setuid(uid) == -1){
1477
ret_errno = errno;
1478
perror_plus("setuid");
1479
}
1480
errno = old_errno;
1481
return ret_errno;
1482
}
1483
1484
bool run_network_hooks(const char *mode, const char *interface,
1485
const float delay){
1486
struct dirent **direntries;
1487
struct dirent *direntry;
1488
int ret;
1489
int numhooks = scandir(hookdir, &direntries, runnable_hook,
1490
alphasort);
1491
if(numhooks == -1){
1492
if(errno == ENOENT){
1493
if(debug){
1494
fprintf_plus(stderr, "Network hook directory \"%s\" not"
1495
" found\n", hookdir);
1496
}
1497
} else {
1498
perror_plus("scandir");
1499
}
1500
} else {
1501
int devnull = open("/dev/null", O_RDONLY);
1502
for(int i = 0; i < numhooks; i++){
1503
direntry = direntries[i];
1504
char *fullname = NULL;
1505
ret = asprintf(&fullname, "%s/%s", hookdir, direntry->d_name);
1506
if(ret < 0){
1507
perror_plus("asprintf");
1508
continue;
1509
}
1510
if(debug){
1511
fprintf_plus(stderr, "Running network hook \"%s\"\n",
1512
direntry->d_name);
1513
}
1514
pid_t hook_pid = fork();
1515
if(hook_pid == 0){
1516
/* Child */
1517
/* Raise privileges */
1518
raise_privileges_permanently();
1519
/* Set group */
1520
errno = 0;
1521
ret = setgid(0);
1522
if(ret == -1){
1523
perror_plus("setgid");
1524
}
1525
/* Reset supplementary groups */
1526
errno = 0;
1527
ret = setgroups(0, NULL);
1528
if(ret == -1){
1529
perror_plus("setgroups");
1530
}
1531
dup2(devnull, STDIN_FILENO);
1532
close(devnull);
1533
dup2(STDERR_FILENO, STDOUT_FILENO);
1534
ret = setenv("MANDOSNETHOOKDIR", hookdir, 1);
1535
if(ret == -1){
1536
perror_plus("setenv");
1537
_exit(EX_OSERR);
1538
}
1539
ret = setenv("DEVICE", interface, 1);
1540
if(ret == -1){
1541
perror_plus("setenv");
1542
_exit(EX_OSERR);
1543
}
1544
ret = setenv("VERBOSITY", debug ? "1" : "0", 1);
1545
if(ret == -1){
1546
perror_plus("setenv");
1547
_exit(EX_OSERR);
1548
}
1549
ret = setenv("MODE", mode, 1);
1550
if(ret == -1){
1551
perror_plus("setenv");
1552
_exit(EX_OSERR);
1553
}
1554
char *delaystring;
1555
ret = asprintf(&delaystring, "%f", delay);
1556
if(ret == -1){
1557
perror_plus("asprintf");
1558
_exit(EX_OSERR);
1559
}
1560
ret = setenv("DELAY", delaystring, 1);
1561
if(ret == -1){
1562
free(delaystring);
1563
perror_plus("setenv");
1564
_exit(EX_OSERR);
1565
}
1566
free(delaystring);
1567
if(connect_to != NULL){
1568
ret = setenv("CONNECT", connect_to, 1);
1569
if(ret == -1){
1570
perror_plus("setenv");
1571
_exit(EX_OSERR);
1572
}
1573
}
1574
if(execl(fullname, direntry->d_name, mode, NULL) == -1){
1575
perror_plus("execl");
1576
_exit(EXIT_FAILURE);
1577
}
1578
} else {
1579
int status;
1580
if(TEMP_FAILURE_RETRY(waitpid(hook_pid, &status, 0)) == -1){
1581
perror_plus("waitpid");
1582
free(fullname);
1583
continue;
1584
}
1585
if(WIFEXITED(status)){
1586
if(WEXITSTATUS(status) != 0){
1587
fprintf_plus(stderr, "Warning: network hook \"%s\" exited"
1588
" with status %d\n", direntry->d_name,
1589
WEXITSTATUS(status));
1590
free(fullname);
1591
continue;
1592
}
1593
} else if(WIFSIGNALED(status)){
1594
fprintf_plus(stderr, "Warning: network hook \"%s\" died by"
1595
" signal %d\n", direntry->d_name,
1596
WTERMSIG(status));
1597
free(fullname);
1598
continue;
1599
} else {
1600
fprintf_plus(stderr, "Warning: network hook \"%s\""
1601
" crashed\n", direntry->d_name);
1602
free(fullname);
1603
continue;
1604
}
1605
}
1606
free(fullname);
1607
if(debug){
1608
fprintf_plus(stderr, "Network hook \"%s\" ran successfully\n",
1609
direntry->d_name);
1610
}
1611
}
1612
close(devnull);
1613
}
1614
return true;
1615
}
1616
1617
error_t bring_up_interface(const char *const interface,
1618
const float delay){
1619
int sd = -1;
1620
error_t old_errno = errno;
1621
error_t ret_errno = 0;
1622
int ret, ret_setflags;
1623
struct ifreq network;
1624
unsigned int if_index = if_nametoindex(interface);
1625
if(if_index == 0){
1626
fprintf_plus(stderr, "No such interface: \"%s\"\n", interface);
1627
errno = old_errno;
1628
return ENXIO;
1629
}
1630
1631
if(quit_now){
1632
errno = old_errno;
1633
return EINTR;
1634
}
1635
1636
if(not interface_is_up(interface)){
1637
if(not get_flags(interface, &network) and debug){
1638
ret_errno = errno;
1639
fprintf_plus(stderr, "Failed to get flags for interface "
1640
"\"%s\"\n", interface);
1641
return ret_errno;
1642
}
1643
network.ifr_flags |= IFF_UP;
1644
1645
sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1646
if(sd < 0){
1647
ret_errno = errno;
1648
perror_plus("socket");
1649
errno = old_errno;
1650
return ret_errno;
1651
}
1652
1653
if(quit_now){
1654
close(sd);
1655
errno = old_errno;
1656
return EINTR;
1657
}
1658
1659
if(debug){
1660
fprintf_plus(stderr, "Bringing up interface \"%s\"\n",
1661
interface);
1662
}
1663
1664
/* Raise priviliges */
1665
raise_privileges();
1666
1667
#ifdef __linux__
1668
/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO
1669
messages about the network interface to mess up the prompt */
1670
int ret_linux = klogctl(8, NULL, 5);
1671
bool restore_loglevel = true;
1672
if(ret_linux == -1){
1673
restore_loglevel = false;
1674
perror_plus("klogctl");
1675
}
1676
#endif /* __linux__ */
1677
ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
1678
ret_errno = errno;
1679
#ifdef __linux__
1680
if(restore_loglevel){
1681
ret_linux = klogctl(7, NULL, 0);
1682
if(ret_linux == -1){
1683
perror_plus("klogctl");
1684
}
1685
}
1686
#endif /* __linux__ */
1687
1688
/* Lower privileges */
1689
lower_privileges();
1690
1691
/* Close the socket */
1692
ret = (int)TEMP_FAILURE_RETRY(close(sd));
1693
if(ret == -1){
1694
perror_plus("close");
1695
}
1696
1697
if(ret_setflags == -1){
1698
errno = ret_errno;
1699
perror_plus("ioctl SIOCSIFFLAGS +IFF_UP");
1700
errno = old_errno;
1701
return ret_errno;
1702
}
1703
} else if(debug){
1704
fprintf_plus(stderr, "Interface \"%s\" is already up; good\n",
1705
interface);
1706
}
1707
1708
/* Sleep checking until interface is running.
1709
Check every 0.25s, up to total time of delay */
1710
for(int i=0; i < delay * 4; i++){
1711
if(interface_is_running(interface)){
1712
break;
1713
}
1714
struct timespec sleeptime = { .tv_nsec = 250000000 };
1715
ret = nanosleep(&sleeptime, NULL);
1716
if(ret == -1 and errno != EINTR){
1717
perror_plus("nanosleep");
1718
}
1719
}
1720
1721
errno = old_errno;
1722
return 0;
1723
}
1724
1725
error_t take_down_interface(const char *const interface){
1726
int sd = -1;
1727
error_t old_errno = errno;
1728
error_t ret_errno = 0;
1729
int ret, ret_setflags;
1730
struct ifreq network;
1731
unsigned int if_index = if_nametoindex(interface);
1732
if(if_index == 0){
1733
fprintf_plus(stderr, "No such interface: \"%s\"\n", interface);
1734
errno = old_errno;
1735
return ENXIO;
1736
}
1737
if(interface_is_up(interface)){
1738
if(not get_flags(interface, &network) and debug){
1739
ret_errno = errno;
1740
fprintf_plus(stderr, "Failed to get flags for interface "
1741
"\"%s\"\n", interface);
1742
return ret_errno;
1743
}
1744
network.ifr_flags &= ~(short)IFF_UP; /* clear flag */
1745
1746
sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1747
if(sd < 0){
1748
ret_errno = errno;
1749
perror_plus("socket");
1750
errno = old_errno;
1751
return ret_errno;
1752
}
1753
1754
if(debug){
1755
fprintf_plus(stderr, "Taking down interface \"%s\"\n",
1756
interface);
1757
}
1758
1759
/* Raise priviliges */
1760
raise_privileges();
1761
1762
ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
1763
ret_errno = errno;
1764
1765
/* Lower privileges */
1766
lower_privileges();
1767
1768
/* Close the socket */
1769
ret = (int)TEMP_FAILURE_RETRY(close(sd));
1770
if(ret == -1){
1771
perror_plus("close");
1772
}
1773
1774
if(ret_setflags == -1){
1775
errno = ret_errno;
1776
perror_plus("ioctl SIOCSIFFLAGS -IFF_UP");
1777
errno = old_errno;
1778
return ret_errno;
1779
}
1780
} else if(debug){
1781
fprintf_plus(stderr, "Interface \"%s\" is already down; odd\n",
1782
interface);
1783
}
1784
1785
errno = old_errno;
1786
return 0;
1787
}
1788
1789
int main(int argc, char *argv[]){
1790
mandos_context mc = { .server = NULL, .dh_bits = 1024,
1791
.priority = "SECURE256:!CTYPE-X.509:"
1792
"+CTYPE-OPENPGP", .current_server = NULL,
1793
.interfaces = NULL, .interfaces_size = 0 };
1794
AvahiSServiceBrowser *sb = NULL;
1795
error_t ret_errno;
1796
int ret;
1797
intmax_t tmpmax;
1798
char *tmp;
1799
int exitcode = EXIT_SUCCESS;
1800
char *interfaces_to_take_down = NULL;
1801
size_t interfaces_to_take_down_size = 0;
1802
char tempdir[] = "/tmp/mandosXXXXXX";
1803
bool tempdir_created = false;
1804
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
1805
const char *seckey = PATHDIR "/" SECKEY;
1806
const char *pubkey = PATHDIR "/" PUBKEY;
1807
char *interfaces_hooks = NULL;
1808
size_t interfaces_hooks_size = 0;
1809
1810
bool gnutls_initialized = false;
1811
bool gpgme_initialized = false;
1812
float delay = 2.5f;
1813
double retry_interval = 10; /* 10s between trying a server and
1814
retrying the same server again */
1815
1816
struct sigaction old_sigterm_action = { .sa_handler = SIG_DFL };
1817
struct sigaction sigterm_action = { .sa_handler = handle_sigterm };
1818
1819
uid = getuid();
1820
gid = getgid();
1821
1822
/* Lower any group privileges we might have, just to be safe */
1823
errno = 0;
1824
ret = setgid(gid);
1825
if(ret == -1){
1826
perror_plus("setgid");
1827
}
1828
1829
/* Lower user privileges (temporarily) */
1830
errno = 0;
1831
ret = seteuid(uid);
1832
if(ret == -1){
1833
perror_plus("seteuid");
1834
}
1835
1836
if(quit_now){
1837
goto end;
1838
}
1839
1840
{
1841
struct argp_option options[] = {
1842
{ .name = "debug", .key = 128,
1843
.doc = "Debug mode", .group = 3 },
1844
{ .name = "connect", .key = 'c',
1845
.arg = "ADDRESS:PORT",
1846
.doc = "Connect directly to a specific Mandos server",
1847
.group = 1 },
1848
{ .name = "interface", .key = 'i',
1849
.arg = "NAME",
1850
.doc = "Network interface that will be used to search for"
1851
" Mandos servers",
1852
.group = 1 },
1853
{ .name = "seckey", .key = 's',
1854
.arg = "FILE",
1855
.doc = "OpenPGP secret key file base name",
1856
.group = 1 },
1857
{ .name = "pubkey", .key = 'p',
1858
.arg = "FILE",
1859
.doc = "OpenPGP public key file base name",
1860
.group = 2 },
1861
{ .name = "dh-bits", .key = 129,
1862
.arg = "BITS",
1863
.doc = "Bit length of the prime number used in the"
1864
" Diffie-Hellman key exchange",
1865
.group = 2 },
1866
{ .name = "priority", .key = 130,
1867
.arg = "STRING",
1868
.doc = "GnuTLS priority string for the TLS handshake",
1869
.group = 1 },
1870
{ .name = "delay", .key = 131,
1871
.arg = "SECONDS",
1872
.doc = "Maximum delay to wait for interface startup",
1873
.group = 2 },
1874
{ .name = "retry", .key = 132,
1875
.arg = "SECONDS",
1876
.doc = "Retry interval used when denied by the Mandos server",
1877
.group = 2 },
1878
{ .name = "network-hook-dir", .key = 133,
1879
.arg = "DIR",
1880
.doc = "Directory where network hooks are located",
1881
.group = 2 },
1882
/*
1883
* These reproduce what we would get without ARGP_NO_HELP
1884
*/
1885
{ .name = "help", .key = '?',
1886
.doc = "Give this help list", .group = -1 },
1887
{ .name = "usage", .key = -3,
1888
.doc = "Give a short usage message", .group = -1 },
1889
{ .name = "version", .key = 'V',
1890
.doc = "Print program version", .group = -1 },
1891
{ .name = NULL }
1892
};
1893
1894
error_t parse_opt(int key, char *arg,
1895
struct argp_state *state){
1896
errno = 0;
1897
switch(key){
1898
case 128: /* --debug */
1899
debug = true;
1900
break;
1901
case 'c': /* --connect */
1902
connect_to = arg;
1903
break;
1904
case 'i': /* --interface */
1905
ret_errno = argz_add_sep(&mc.interfaces, &mc.interfaces_size,
1906
arg, (int)',');
1907
if(ret_errno != 0){
1908
argp_error(state, "%s", strerror(ret_errno));
1909
}
1910
break;
1911
case 's': /* --seckey */
1912
seckey = arg;
1913
break;
1914
case 'p': /* --pubkey */
1915
pubkey = arg;
1916
break;
1917
case 129: /* --dh-bits */
1918
errno = 0;
1919
tmpmax = strtoimax(arg, &tmp, 10);
1920
if(errno != 0 or tmp == arg or *tmp != '\0'
1921
or tmpmax != (typeof(mc.dh_bits))tmpmax){
1922
argp_error(state, "Bad number of DH bits");
1923
}
1924
mc.dh_bits = (typeof(mc.dh_bits))tmpmax;
1925
break;
1926
case 130: /* --priority */
1927
mc.priority = arg;
1928
break;
1929
case 131: /* --delay */
1930
errno = 0;
1931
delay = strtof(arg, &tmp);
1932
if(errno != 0 or tmp == arg or *tmp != '\0'){
1933
argp_error(state, "Bad delay");
1934
}
1935
case 132: /* --retry */
1936
errno = 0;
1937
retry_interval = strtod(arg, &tmp);
1938
if(errno != 0 or tmp == arg or *tmp != '\0'
1939
or (retry_interval * 1000) > INT_MAX
1940
or retry_interval < 0){
1941
argp_error(state, "Bad retry interval");
1942
}
1943
break;
1944
case 133: /* --network-hook-dir */
1945
hookdir = arg;
1946
break;
1947
/*
1948
* These reproduce what we would get without ARGP_NO_HELP
1949
*/
1950
case '?': /* --help */
1951
argp_state_help(state, state->out_stream,
1952
(ARGP_HELP_STD_HELP | ARGP_HELP_EXIT_ERR)
1953
& ~(unsigned int)ARGP_HELP_EXIT_OK);
1954
case -3: /* --usage */
1955
argp_state_help(state, state->out_stream,
1956
ARGP_HELP_USAGE | ARGP_HELP_EXIT_ERR);
1957
case 'V': /* --version */
1958
fprintf_plus(state->out_stream, "%s\n", argp_program_version);
1959
exit(argp_err_exit_status);
1960
break;
1961
default:
1962
return ARGP_ERR_UNKNOWN;
1963
}
1964
return errno;
1965
}
1966
1967
struct argp argp = { .options = options, .parser = parse_opt,
1968
.args_doc = "",
1969
.doc = "Mandos client -- Get and decrypt"
1970
" passwords from a Mandos server" };
1971
ret = argp_parse(&argp, argc, argv,
1972
ARGP_IN_ORDER | ARGP_NO_HELP, 0, NULL);
1973
switch(ret){
1974
case 0:
1975
break;
1976
case ENOMEM:
1977
default:
1978
errno = ret;
1979
perror_plus("argp_parse");
1980
exitcode = EX_OSERR;
1981
goto end;
1982
case EINVAL:
1983
exitcode = EX_USAGE;
1984
goto end;
1985
}
1986
}
1987
1988
{
1989
/* Work around Debian bug #633582:
1990
<http://bugs.debian.org/633582> */
1991
1992
/* Re-raise priviliges */
1993
if(raise_privileges() == 0){
1994
struct stat st;
1995
1996
if(strcmp(seckey, PATHDIR "/" SECKEY) == 0){
1997
int seckey_fd = open(seckey, O_RDONLY);
1998
if(seckey_fd == -1){
1999
perror_plus("open");
2000
} else {
2001
ret = (int)TEMP_FAILURE_RETRY(fstat(seckey_fd, &st));
2002
if(ret == -1){
2003
perror_plus("fstat");
2004
} else {
2005
if(S_ISREG(st.st_mode)
2006
and st.st_uid == 0 and st.st_gid == 0){
2007
ret = fchown(seckey_fd, uid, gid);
2008
if(ret == -1){
2009
perror_plus("fchown");
2010
}
2011
}
2012
}
2013
TEMP_FAILURE_RETRY(close(seckey_fd));
2014
}
2015
}
2016
2017
if(strcmp(pubkey, PATHDIR "/" PUBKEY) == 0){
2018
int pubkey_fd = open(pubkey, O_RDONLY);
2019
if(pubkey_fd == -1){
2020
perror_plus("open");
2021
} else {
2022
ret = (int)TEMP_FAILURE_RETRY(fstat(pubkey_fd, &st));
2023
if(ret == -1){
2024
perror_plus("fstat");
2025
} else {
2026
if(S_ISREG(st.st_mode)
2027
and st.st_uid == 0 and st.st_gid == 0){
2028
ret = fchown(pubkey_fd, uid, gid);
2029
if(ret == -1){
2030
perror_plus("fchown");
2031
}
2032
}
2033
}
2034
TEMP_FAILURE_RETRY(close(pubkey_fd));
2035
}
2036
}
2037
2038
/* Lower privileges */
2039
lower_privileges();
2040
}
2041
}
2042
2043
/* Remove invalid interface names (except "none") */
2044
{
2045
char *interface = NULL;
2046
while((interface = argz_next(mc.interfaces, mc.interfaces_size,
2047
interface))){
2048
if(strcmp(interface, "none") != 0
2049
and if_nametoindex(interface) == 0){
2050
if(interface[0] != '\0'){
2051
fprintf_plus(stderr, "Not using nonexisting interface"
2052
" \"%s\"\n", interface);
2053
}
2054
argz_delete(&mc.interfaces, &mc.interfaces_size, interface);
2055
interface = NULL;
2056
}
2057
}
2058
}
2059
2060
/* Run network hooks */
2061
{
2062
if(mc.interfaces != NULL){
2063
interfaces_hooks = malloc(mc.interfaces_size);
2064
if(interfaces_hooks == NULL){
2065
perror_plus("malloc");
2066
goto end;
2067
}
2068
memcpy(interfaces_hooks, mc.interfaces, mc.interfaces_size);
2069
interfaces_hooks_size = mc.interfaces_size;
2070
argz_stringify(interfaces_hooks, interfaces_hooks_size,
2071
(int)',');
2072
}
2073
if(not run_network_hooks("start", interfaces_hooks != NULL ?
2074
interfaces_hooks : "", delay)){
2075
goto end;
2076
}
2077
}
2078
2079
if(not debug){
2080
avahi_set_log_function(empty_log);
2081
}
2082
2083
/* Initialize Avahi early so avahi_simple_poll_quit() can be called
2084
from the signal handler */
2085
/* Initialize the pseudo-RNG for Avahi */
2086
srand((unsigned int) time(NULL));
2087
simple_poll = avahi_simple_poll_new();
2088
if(simple_poll == NULL){
2089
fprintf_plus(stderr,
2090
"Avahi: Failed to create simple poll object.\n");
2091
exitcode = EX_UNAVAILABLE;
2092
goto end;
2093
}
2094
2095
sigemptyset(&sigterm_action.sa_mask);
2096
ret = sigaddset(&sigterm_action.sa_mask, SIGINT);
2097
if(ret == -1){
2098
perror_plus("sigaddset");
2099
exitcode = EX_OSERR;
2100
goto end;
2101
}
2102
ret = sigaddset(&sigterm_action.sa_mask, SIGHUP);
2103
if(ret == -1){
2104
perror_plus("sigaddset");
2105
exitcode = EX_OSERR;
2106
goto end;
2107
}
2108
ret = sigaddset(&sigterm_action.sa_mask, SIGTERM);
2109
if(ret == -1){
2110
perror_plus("sigaddset");
2111
exitcode = EX_OSERR;
2112
goto end;
2113
}
2114
/* Need to check if the handler is SIG_IGN before handling:
2115
| [[info:libc:Initial Signal Actions]] |
2116
| [[info:libc:Basic Signal Handling]] |
2117
*/
2118
ret = sigaction(SIGINT, NULL, &old_sigterm_action);
2119
if(ret == -1){
2120
perror_plus("sigaction");
2121
return EX_OSERR;
2122
}
2123
if(old_sigterm_action.sa_handler != SIG_IGN){
2124
ret = sigaction(SIGINT, &sigterm_action, NULL);
2125
if(ret == -1){
2126
perror_plus("sigaction");
2127
exitcode = EX_OSERR;
2128
goto end;
2129
}
2130
}
2131
ret = sigaction(SIGHUP, NULL, &old_sigterm_action);
2132
if(ret == -1){
2133
perror_plus("sigaction");
2134
return EX_OSERR;
2135
}
2136
if(old_sigterm_action.sa_handler != SIG_IGN){
2137
ret = sigaction(SIGHUP, &sigterm_action, NULL);
2138
if(ret == -1){
2139
perror_plus("sigaction");
2140
exitcode = EX_OSERR;
2141
goto end;
2142
}
2143
}
2144
ret = sigaction(SIGTERM, NULL, &old_sigterm_action);
2145
if(ret == -1){
2146
perror_plus("sigaction");
2147
return EX_OSERR;
2148
}
2149
if(old_sigterm_action.sa_handler != SIG_IGN){
2150
ret = sigaction(SIGTERM, &sigterm_action, NULL);
2151
if(ret == -1){
2152
perror_plus("sigaction");
2153
exitcode = EX_OSERR;
2154
goto end;
2155
}
2156
}
2157
2158
/* If no interfaces were specified, make a list */
2159
if(mc.interfaces == NULL){
2160
struct dirent **direntries;
2161
/* Look for any good interfaces */
2162
ret = scandir(sys_class_net, &direntries, good_interface,
2163
alphasort);
2164
if(ret >= 1){
2165
/* Add all found interfaces to interfaces list */
2166
for(int i = 0; i < ret; ++i){
2167
ret_errno = argz_add(&mc.interfaces, &mc.interfaces_size,
2168
direntries[i]->d_name);
2169
if(ret_errno != 0){
2170
perror_plus("argz_add");
2171
continue;
2172
}
2173
if(debug){
2174
fprintf_plus(stderr, "Will use interface \"%s\"\n",
2175
direntries[i]->d_name);
2176
}
2177
}
2178
free(direntries);
2179
} else {
2180
free(direntries);
2181
fprintf_plus(stderr, "Could not find a network interface\n");
2182
exitcode = EXIT_FAILURE;
2183
goto end;
2184
}
2185
}
2186
2187
/* Bring up interfaces which are down, and remove any "none"s */
2188
{
2189
char *interface = NULL;
2190
while((interface = argz_next(mc.interfaces, mc.interfaces_size,
2191
interface))){
2192
/* If interface name is "none", stop bringing up interfaces.
2193
Also remove all instances of "none" from the list */
2194
if(strcmp(interface, "none") == 0){
2195
argz_delete(&mc.interfaces, &mc.interfaces_size,
2196
interface);
2197
interface = NULL;
2198
while((interface = argz_next(mc.interfaces,
2199
mc.interfaces_size, interface))){
2200
if(strcmp(interface, "none") == 0){
2201
argz_delete(&mc.interfaces, &mc.interfaces_size,
2202
interface);
2203
interface = NULL;
2204
}
2205
}
2206
break;
2207
}
2208
bool interface_was_up = interface_is_up(interface);
2209
ret = bring_up_interface(interface, delay);
2210
if(not interface_was_up){
2211
if(ret != 0){
2212
errno = ret;
2213
perror_plus("Failed to bring up interface");
2214
} else {
2215
ret_errno = argz_add(&interfaces_to_take_down,
2216
&interfaces_to_take_down_size,
2217
interface);
2218
}
2219
}
2220
}
2221
if(debug and (interfaces_to_take_down == NULL)){
2222
fprintf_plus(stderr, "No interfaces were brought up\n");
2223
}
2224
}
2225
2226
/* If we only got one interface, explicitly use only that one */
2227
if(argz_count(mc.interfaces, mc.interfaces_size) == 1){
2228
if(debug){
2229
fprintf_plus(stderr, "Using only interface \"%s\"\n",
2230
mc.interfaces);
2231
}
2232
if_index = (AvahiIfIndex)if_nametoindex(mc.interfaces);
2233
}
2234
2235
if(quit_now){
2236
goto end;
2237
}
2238
2239
ret = init_gnutls_global(pubkey, seckey, &mc);
2240
if(ret == -1){
2241
fprintf_plus(stderr, "init_gnutls_global failed\n");
2242
exitcode = EX_UNAVAILABLE;
2243
goto end;
2244
} else {
2245
gnutls_initialized = true;
2246
}
2247
2248
if(quit_now){
2249
goto end;
2250
}
2251
2252
if(mkdtemp(tempdir) == NULL){
2253
perror_plus("mkdtemp");
2254
goto end;
2255
}
2256
tempdir_created = true;
2257
2258
if(quit_now){
2259
goto end;
2260
}
2261
2262
if(not init_gpgme(pubkey, seckey, tempdir, &mc)){
2263
fprintf_plus(stderr, "init_gpgme failed\n");
2264
exitcode = EX_UNAVAILABLE;
2265
goto end;
2266
} else {
2267
gpgme_initialized = true;
2268
}
2269
2270
if(quit_now){
2271
goto end;
2272
}
2273
2274
if(connect_to != NULL){
2275
/* Connect directly, do not use Zeroconf */
2276
/* (Mainly meant for debugging) */
2277
char *address = strrchr(connect_to, ':');
2278
2279
if(address == NULL){
2280
fprintf_plus(stderr, "No colon in address\n");
2281
exitcode = EX_USAGE;
2282
goto end;
2283
}
2284
2285
if(quit_now){
2286
goto end;
2287
}
2288
2289
in_port_t port;
2290
errno = 0;
2291
tmpmax = strtoimax(address+1, &tmp, 10);
2292
if(errno != 0 or tmp == address+1 or *tmp != '\0'
2293
or tmpmax != (in_port_t)tmpmax){
2294
fprintf_plus(stderr, "Bad port number\n");
2295
exitcode = EX_USAGE;
2296
goto end;
2297
}
2298
2299
if(quit_now){
2300
goto end;
2301
}
2302
2303
port = (in_port_t)tmpmax;
2304
*address = '\0';
2305
/* Colon in address indicates IPv6 */
2306
int af;
2307
if(strchr(connect_to, ':') != NULL){
2308
af = AF_INET6;
2309
/* Accept [] around IPv6 address - see RFC 5952 */
2310
if(connect_to[0] == '[' and address[-1] == ']')
2311
{
2312
connect_to++;
2313
address[-1] = '\0';
2314
}
2315
} else {
2316
af = AF_INET;
2317
}
2318
address = connect_to;
2319
2320
if(quit_now){
2321
goto end;
2322
}
2323
2324
while(not quit_now){
2325
ret = start_mandos_communication(address, port, if_index, af,
2326
&mc);
2327
if(quit_now or ret == 0){
2328
break;
2329
}
2330
if(debug){
2331
fprintf_plus(stderr, "Retrying in %d seconds\n",
2332
(int)retry_interval);
2333
}
2334
sleep((unsigned int)retry_interval);
2335
}
2336
2337
if (not quit_now){
2338
exitcode = EXIT_SUCCESS;
2339
}
2340
2341
goto end;
2342
}
2343
2344
if(quit_now){
2345
goto end;
2346
}
2347
2348
{
2349
AvahiServerConfig config;
2350
/* Do not publish any local Zeroconf records */
2351
avahi_server_config_init(&config);
2352
config.publish_hinfo = 0;
2353
config.publish_addresses = 0;
2354
config.publish_workstation = 0;
2355
config.publish_domain = 0;
2356
2357
/* Allocate a new server */
2358
mc.server = avahi_server_new(avahi_simple_poll_get(simple_poll),
2359
&config, NULL, NULL, &ret_errno);
2360
2361
/* Free the Avahi configuration data */
2362
avahi_server_config_free(&config);
2363
}
2364
2365
/* Check if creating the Avahi server object succeeded */
2366
if(mc.server == NULL){
2367
fprintf_plus(stderr, "Failed to create Avahi server: %s\n",
2368
avahi_strerror(ret_errno));
2369
exitcode = EX_UNAVAILABLE;
2370
goto end;
2371
}
2372
2373
if(quit_now){
2374
goto end;
2375
}
2376
2377
/* Create the Avahi service browser */
2378
sb = avahi_s_service_browser_new(mc.server, if_index,
2379
AVAHI_PROTO_UNSPEC, "_mandos._tcp",
2380
NULL, 0, browse_callback,
2381
(void *)&mc);
2382
if(sb == NULL){
2383
fprintf_plus(stderr, "Failed to create service browser: %s\n",
2384
avahi_strerror(avahi_server_errno(mc.server)));
2385
exitcode = EX_UNAVAILABLE;
2386
goto end;
2387
}
2388
2389
if(quit_now){
2390
goto end;
2391
}
2392
2393
/* Run the main loop */
2394
2395
if(debug){
2396
fprintf_plus(stderr, "Starting Avahi loop search\n");
2397
}
2398
2399
ret = avahi_loop_with_timeout(simple_poll,
2400
(int)(retry_interval * 1000), &mc);
2401
if(debug){
2402
fprintf_plus(stderr, "avahi_loop_with_timeout exited %s\n",
2403
(ret == 0) ? "successfully" : "with error");
2404
}
2405
2406
end:
2407
2408
if(debug){
2409
fprintf_plus(stderr, "%s exiting\n", argv[0]);
2410
}
2411
2412
/* Cleanup things */
2413
free(mc.interfaces);
2414
2415
if(sb != NULL)
2416
avahi_s_service_browser_free(sb);
2417
2418
if(mc.server != NULL)
2419
avahi_server_free(mc.server);
2420
2421
if(simple_poll != NULL)
2422
avahi_simple_poll_free(simple_poll);
2423
2424
if(gnutls_initialized){
2425
gnutls_certificate_free_credentials(mc.cred);
2426
gnutls_global_deinit();
2427
gnutls_dh_params_deinit(mc.dh_params);
2428
}
2429
2430
if(gpgme_initialized){
2431
gpgme_release(mc.ctx);
2432
}
2433
2434
/* Cleans up the circular linked list of Mandos servers the client
2435
has seen */
2436
if(mc.current_server != NULL){
2437
mc.current_server->prev->next = NULL;
2438
while(mc.current_server != NULL){
2439
server *next = mc.current_server->next;
2440
free(mc.current_server);
2441
mc.current_server = next;
2442
}
2443
}
2444
2445
/* Re-raise priviliges */
2446
{
2447
raise_privileges();
2448
2449
/* Run network hooks */
2450
run_network_hooks("stop", interfaces_hooks != NULL ?
2451
interfaces_hooks : "", delay);
2452
2453
/* Take down the network interfaces which were brought up */
2454
{
2455
char *interface = NULL;
2456
while((interface=argz_next(interfaces_to_take_down,
2457
interfaces_to_take_down_size,
2458
interface))){
2459
ret_errno = take_down_interface(interface);
2460
if(ret_errno != 0){
2461
errno = ret_errno;
2462
perror_plus("Failed to take down interface");
2463
}
2464
}
2465
if(debug and (interfaces_to_take_down == NULL)){
2466
fprintf_plus(stderr, "No interfaces needed to be taken"
2467
" down\n");
2468
}
2469
}
2470
2471
lower_privileges_permanently();
2472
}
2473
2474
free(interfaces_to_take_down);
2475
free(interfaces_hooks);
2476
2477
/* Removes the GPGME temp directory and all files inside */
2478
if(tempdir_created){
2479
struct dirent **direntries = NULL;
2480
struct dirent *direntry = NULL;
2481
int numentries = scandir(tempdir, &direntries, notdotentries,
2482
alphasort);
2483
if (numentries > 0){
2484
for(int i = 0; i < numentries; i++){
2485
direntry = direntries[i];
2486
char *fullname = NULL;
2487
ret = asprintf(&fullname, "%s/%s", tempdir,
2488
direntry->d_name);
2489
if(ret < 0){
2490
perror_plus("asprintf");
2491
continue;
2492
}
2493
ret = remove(fullname);
2494
if(ret == -1){
2495
fprintf_plus(stderr, "remove(\"%s\"): %s\n", fullname,
2496
strerror(errno));
2497
}
2498
free(fullname);
2499
}
2500
}
2501
2502
/* need to clean even if 0 because man page doesn't specify */
2503
free(direntries);
2504
if (numentries == -1){
2505
perror_plus("scandir");
2506
}
2507
ret = rmdir(tempdir);
2508
if(ret == -1 and errno != ENOENT){
2509
perror_plus("rmdir");
2510
}
2511
}
2512
2513
if(quit_now){
2514
sigemptyset(&old_sigterm_action.sa_mask);
2515
old_sigterm_action.sa_handler = SIG_DFL;
2516
ret = (int)TEMP_FAILURE_RETRY(sigaction(signal_received,
2517
&old_sigterm_action,
2518
NULL));
2519
if(ret == -1){
2520
perror_plus("sigaction");
2521
}
2522
do {
2523
ret = raise(signal_received);
2524
} while(ret != 0 and errno == EINTR);
2525
if(ret != 0){
2526
perror_plus("raise");
2527
abort();
2528
}
2529
TEMP_FAILURE_RETRY(pause());
2530
}
2531
2532
return exitcode;
2533
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0