To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/mandos-client.c
- browse files at revision 693
- compare with another revision
- download diff
- download tarball
- view history from revision 693
- Committer: Teddy Hogeborn
- Date: 2014-06-07 22:37:22 UTC
- Revision ID: teddy@recompile.se-20140607223722-55qmdr3n9x39pvx4
Make mandos-client use fstatat().
* plugins.d/mandos-client.d (runnable_hook): Use fstatat().
* plugins.d/mandos-client.d (runnable_hook): Use fstatat().
- files added:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- debian/upstream
- network-hooks.d
- files removed:
- ca.pem
- files renamed:
- mandos-clients.conf => clients.conf
- server.py => mandos
- plugbasedclient.c => plugin-runner.c
- plugins.d/mandosclient.c => plugins.d/mandos-client.c
- plugins.d/passprompt.c => plugins.d/password-prompt.c
- files modified:
- Makefile
added
removed
plugins.d/mandos-client.c
1
1
/* -*- coding: utf-8 -*- */
2
2
/*
3
* Mandos client - get and decrypt data from a Mandos server
3
* Mandos-client - get and decrypt data from a Mandos server
4
4
*
5
5
* This program is partly derived from an example program for an Avahi
6
6
* service browser, downloaded from
8
8
* includes the following functions: "resolve_callback",
9
9
* "browse_callback", and parts of "main".
10
10
*
11
* Everything else is Copyright © 2007-2008 Teddy Hogeborn and Björn
12
* Påhlsson.
11
* Everything else is
12
* Copyright © 2008-2014 Teddy Hogeborn
13
* Copyright © 2008-2014 Björn Påhlsson
13
14
*
14
15
* This program is free software: you can redistribute it and/or
15
16
* modify it under the terms of the GNU General Public License as
25
26
* along with this program. If not, see
26
27
* <http://www.gnu.org/licenses/>.
27
28
*
28
* Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and
29
* <https://www.fukt.bsnet.se/~teddy/>.
29
* Contact the authors at <mandos@recompile.se>.
30
30
*/
31
31
32
#define _FORTIFY_SOURCE 2
33
32
/* Needed by GPGME, specifically gpgme_data_seek() */
33
#ifndef _LARGEFILE_SOURCE
34
34
#define _LARGEFILE_SOURCE
35
#endif /* not _LARGEFILE_SOURCE */
36
#ifndef _FILE_OFFSET_BITS
35
37
#define _FILE_OFFSET_BITS 64
36
37
#include <stdio.h>
38
#include <assert.h>
39
#include <stdlib.h>
40
#include <time.h>
41
#include <net/if.h> /* if_nametoindex */
42
38
#endif /* not _FILE_OFFSET_BITS */
39
40
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */
41
42
#include <stdio.h> /* fprintf(), stderr, fwrite(),
43
stdout, ferror(), remove() */
44
#include <stdint.h> /* uint16_t, uint32_t, intptr_t */
45
#include <stddef.h> /* NULL, size_t, ssize_t */
46
#include <stdlib.h> /* free(), EXIT_SUCCESS, srand(),
47
strtof(), abort() */
48
#include <stdbool.h> /* bool, false, true */
49
#include <string.h> /* memset(), strcmp(), strlen(),
50
strerror(), asprintf(), strcpy() */
51
#include <sys/ioctl.h> /* ioctl */
52
#include <sys/types.h> /* socket(), inet_pton(), sockaddr,
53
sockaddr_in6, PF_INET6,
54
SOCK_STREAM, uid_t, gid_t, open(),
55
opendir(), DIR */
56
#include <sys/stat.h> /* open(), S_ISREG */
57
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
58
inet_pton(), connect(),
59
getnameinfo() */
60
#include <fcntl.h> /* open() */
61
#include <dirent.h> /* opendir(), struct dirent, readdir()
62
*/
63
#include <inttypes.h> /* PRIu16, PRIdMAX, intmax_t,
64
strtoimax() */
65
#include <errno.h> /* perror(), errno,
66
program_invocation_short_name */
67
#include <time.h> /* nanosleep(), time(), sleep() */
68
#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
69
SIOCSIFFLAGS, if_indextoname(),
70
if_nametoindex(), IF_NAMESIZE */
71
#include <netinet/in.h> /* IN6_IS_ADDR_LINKLOCAL,
72
INET_ADDRSTRLEN, INET6_ADDRSTRLEN
73
*/
74
#include <unistd.h> /* close(), SEEK_SET, off_t, write(),
75
getuid(), getgid(), seteuid(),
76
setgid(), pause(), _exit() */
77
#include <arpa/inet.h> /* inet_pton(), htons() */
78
#include <iso646.h> /* not, or, and */
79
#include <argp.h> /* struct argp_option, error_t, struct
80
argp_state, struct argp,
81
argp_parse(), ARGP_KEY_ARG,
82
ARGP_KEY_END, ARGP_ERR_UNKNOWN */
83
#include <signal.h> /* sigemptyset(), sigaddset(),
84
sigaction(), SIGTERM, sig_atomic_t,
85
raise() */
86
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_UNAVAILABLE,
87
EX_NOHOST, EX_IOERR, EX_PROTOCOL */
88
#include <sys/wait.h> /* waitpid(), WIFEXITED(),
89
WEXITSTATUS(), WTERMSIG() */
90
#include <grp.h> /* setgroups() */
91
#include <argz.h> /* argz_add_sep(), argz_next(),
92
argz_delete(), argz_append(),
93
argz_stringify(), argz_add(),
94
argz_count() */
95
#include <netdb.h> /* getnameinfo(), NI_NUMERICHOST,
96
EAI_SYSTEM, gai_strerror() */
97
98
#ifdef __linux__
99
#include <sys/klog.h> /* klogctl() */
100
#endif /* __linux__ */
101
102
/* Avahi */
103
/* All Avahi types, constants and functions
104
Avahi*, avahi_*,
105
AVAHI_* */
43
106
#include <avahi-core/core.h>
44
107
#include <avahi-core/lookup.h>
45
108
#include <avahi-core/log.h>
47
110
#include <avahi-common/malloc.h>
48
111
#include <avahi-common/error.h>
49
112
50
//mandos client part
51
#include <sys/types.h> /* socket(), setsockopt(),
52
inet_pton() */
53
#include <sys/socket.h> /* socket(), setsockopt(),
54
struct sockaddr_in6,
55
struct in6_addr, inet_pton() */
56
#include <gnutls/gnutls.h> /* All GnuTLS stuff */
57
#include <gnutls/openpgp.h> /* GnuTLS with openpgp stuff */
58
59
#include <unistd.h> /* close() */
60
#include <netinet/in.h>
61
#include <stdbool.h> /* true */
62
#include <string.h> /* memset */
63
#include <arpa/inet.h> /* inet_pton() */
64
#include <iso646.h> /* not */
65
66
// gpgme
67
#include <errno.h> /* perror() */
68
#include <gpgme.h>
69
70
// getopt long
71
#include <getopt.h>
72
73
#ifndef CERT_ROOT
74
#define CERT_ROOT "/conf/conf.d/cryptkeyreq/"
75
#endif
76
#define CERTFILE CERT_ROOT "openpgp-client.txt"
77
#define KEYFILE CERT_ROOT "openpgp-client-key.txt"
113
/* GnuTLS */
114
#include <gnutls/gnutls.h> /* All GnuTLS types, constants and
115
functions:
116
gnutls_*
117
init_gnutls_session(),
118
GNUTLS_* */
119
#include <gnutls/openpgp.h>
120
/* gnutls_certificate_set_openpgp_key_file(),
121
GNUTLS_OPENPGP_FMT_BASE64 */
122
123
/* GPGME */
124
#include <gpgme.h> /* All GPGME types, constants and
125
functions:
126
gpgme_*
127
GPGME_PROTOCOL_OpenPGP,
128
GPG_ERR_NO_* */
129
78
130
#define BUFFER_SIZE 256
79
#define DH_BITS 1024
131
132
#define PATHDIR "/conf/conf.d/mandos"
133
#define SECKEY "seckey.txt"
134
#define PUBKEY "pubkey.txt"
135
#define HOOKDIR "/lib/mandos/network-hooks.d"
80
136
81
137
bool debug = false;
82
138
static const char mandos_protocol_version[] = "1";
139
const char *argp_program_version = "mandos-client " VERSION;
140
const char *argp_program_bug_address = "<mandos@recompile.se>";
141
static const char sys_class_net[] = "/sys/class/net";
142
char *connect_to = NULL;
143
const char *hookdir = HOOKDIR;
144
int hookdir_fd = -1;
145
uid_t uid = 65534;
146
gid_t gid = 65534;
147
148
/* Doubly linked list that need to be circularly linked when used */
149
typedef struct server{
150
const char *ip;
151
in_port_t port;
152
AvahiIfIndex if_index;
153
int af;
154
struct timespec last_seen;
155
struct server *next;
156
struct server *prev;
157
} server;
158
159
/* Used for passing in values through the Avahi callback functions */
83
160
typedef struct {
84
gnutls_session_t session;
161
AvahiServer *server;
85
162
gnutls_certificate_credentials_t cred;
163
unsigned int dh_bits;
86
164
gnutls_dh_params_t dh_params;
87
} encrypted_session;
88
89
90
ssize_t pgp_packet_decrypt (char *packet, size_t packet_size,
91
char **new_packet, const char *homedir){
92
gpgme_data_t dh_crypto, dh_plain;
165
const char *priority;
93
166
gpgme_ctx_t ctx;
167
server *current_server;
168
char *interfaces;
169
size_t interfaces_size;
170
} mandos_context;
171
172
/* global so signal handler can reach it*/
173
AvahiSimplePoll *simple_poll;
174
175
sig_atomic_t quit_now = 0;
176
int signal_received = 0;
177
178
/* Function to use when printing errors */
179
void perror_plus(const char *print_text){
180
int e = errno;
181
fprintf(stderr, "Mandos plugin %s: ",
182
program_invocation_short_name);
183
errno = e;
184
perror(print_text);
185
}
186
187
__attribute__((format (gnu_printf, 2, 3), nonnull))
188
int fprintf_plus(FILE *stream, const char *format, ...){
189
va_list ap;
190
va_start (ap, format);
191
192
TEMP_FAILURE_RETRY(fprintf(stream, "Mandos plugin %s: ",
193
program_invocation_short_name));
194
return (int)TEMP_FAILURE_RETRY(vfprintf(stream, format, ap));
195
}
196
197
/*
198
* Make additional room in "buffer" for at least BUFFER_SIZE more
199
* bytes. "buffer_capacity" is how much is currently allocated,
200
* "buffer_length" is how much is already used.
201
*/
202
__attribute__((nonnull, warn_unused_result))
203
size_t incbuffer(char **buffer, size_t buffer_length,
204
size_t buffer_capacity){
205
if(buffer_length + BUFFER_SIZE > buffer_capacity){
206
char *new_buf = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
207
if(new_buf == NULL){
208
int old_errno = errno;
209
free(*buffer);
210
errno = old_errno;
211
*buffer = NULL;
212
return 0;
213
}
214
*buffer = new_buf;
215
buffer_capacity += BUFFER_SIZE;
216
}
217
return buffer_capacity;
218
}
219
220
/* Add server to set of servers to retry periodically */
221
__attribute__((nonnull, warn_unused_result))
222
bool add_server(const char *ip, in_port_t port, AvahiIfIndex if_index,
223
int af, server **current_server){
224
int ret;
225
server *new_server = malloc(sizeof(server));
226
if(new_server == NULL){
227
perror_plus("malloc");
228
return false;
229
}
230
*new_server = (server){ .ip = strdup(ip),
231
.port = port,
232
.if_index = if_index,
233
.af = af };
234
if(new_server->ip == NULL){
235
perror_plus("strdup");
236
return false;
237
}
238
ret = clock_gettime(CLOCK_MONOTONIC, &(new_server->last_seen));
239
if(ret == -1){
240
perror_plus("clock_gettime");
241
return false;
242
}
243
/* Special case of first server */
244
if(*current_server == NULL){
245
new_server->next = new_server;
246
new_server->prev = new_server;
247
*current_server = new_server;
248
} else {
249
/* Place the new server last in the list */
250
new_server->next = *current_server;
251
new_server->prev = (*current_server)->prev;
252
new_server->prev->next = new_server;
253
(*current_server)->prev = new_server;
254
}
255
return true;
256
}
257
258
/*
259
* Initialize GPGME.
260
*/
261
__attribute__((nonnull, warn_unused_result))
262
static bool init_gpgme(const char * const seckey,
263
const char * const pubkey,
264
const char * const tempdir,
265
mandos_context *mc){
94
266
gpgme_error_t rc;
95
ssize_t ret;
96
ssize_t new_packet_capacity = 0;
97
ssize_t new_packet_length = 0;
98
267
gpgme_engine_info_t engine_info;
99
100
if (debug){
101
fprintf(stderr, "Trying to decrypt OpenPGP packet\n");
268
269
/*
270
* Helper function to insert pub and seckey to the engine keyring.
271
*/
272
bool import_key(const char * const filename){
273
int ret;
274
int fd;
275
gpgme_data_t pgp_data;
276
277
fd = (int)TEMP_FAILURE_RETRY(open(filename, O_RDONLY));
278
if(fd == -1){
279
perror_plus("open");
280
return false;
281
}
282
283
rc = gpgme_data_new_from_fd(&pgp_data, fd);
284
if(rc != GPG_ERR_NO_ERROR){
285
fprintf_plus(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",
286
gpgme_strsource(rc), gpgme_strerror(rc));
287
return false;
288
}
289
290
rc = gpgme_op_import(mc->ctx, pgp_data);
291
if(rc != GPG_ERR_NO_ERROR){
292
fprintf_plus(stderr, "bad gpgme_op_import: %s: %s\n",
293
gpgme_strsource(rc), gpgme_strerror(rc));
294
return false;
295
}
296
297
ret = (int)TEMP_FAILURE_RETRY(close(fd));
298
if(ret == -1){
299
perror_plus("close");
300
}
301
gpgme_data_release(pgp_data);
302
return true;
303
}
304
305
if(debug){
306
fprintf_plus(stderr, "Initializing GPGME\n");
102
307
}
103
308
104
309
/* Init GPGME */
105
310
gpgme_check_version(NULL);
106
gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
311
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
312
if(rc != GPG_ERR_NO_ERROR){
313
fprintf_plus(stderr, "bad gpgme_engine_check_version: %s: %s\n",
314
gpgme_strsource(rc), gpgme_strerror(rc));
315
return false;
316
}
107
317
108
/* Set GPGME home directory */
109
rc = gpgme_get_engine_info (&engine_info);
110
if (rc != GPG_ERR_NO_ERROR){
111
fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
112
gpgme_strsource(rc), gpgme_strerror(rc));
113
return -1;
318
/* Set GPGME home directory for the OpenPGP engine only */
319
rc = gpgme_get_engine_info(&engine_info);
320
if(rc != GPG_ERR_NO_ERROR){
321
fprintf_plus(stderr, "bad gpgme_get_engine_info: %s: %s\n",
322
gpgme_strsource(rc), gpgme_strerror(rc));
323
return false;
114
324
}
115
325
while(engine_info != NULL){
116
326
if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){
117
327
gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,
118
engine_info->file_name, homedir);
328
engine_info->file_name, tempdir);
119
329
break;
120
330
}
121
331
engine_info = engine_info->next;
122
332
}
123
333
if(engine_info == NULL){
124
fprintf(stderr, "Could not set home dir to %s\n", homedir);
125
return -1;
126
}
127
128
/* Create new GPGME data buffer from packet buffer */
129
rc = gpgme_data_new_from_mem(&dh_crypto, packet, packet_size, 0);
130
if (rc != GPG_ERR_NO_ERROR){
131
fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
132
gpgme_strsource(rc), gpgme_strerror(rc));
334
fprintf_plus(stderr, "Could not set GPGME home dir to %s\n",
335
tempdir);
336
return false;
337
}
338
339
/* Create new GPGME "context" */
340
rc = gpgme_new(&(mc->ctx));
341
if(rc != GPG_ERR_NO_ERROR){
342
fprintf_plus(stderr, "Mandos plugin mandos-client: "
343
"bad gpgme_new: %s: %s\n", gpgme_strsource(rc),
344
gpgme_strerror(rc));
345
return false;
346
}
347
348
if(not import_key(pubkey) or not import_key(seckey)){
349
return false;
350
}
351
352
return true;
353
}
354
355
/*
356
* Decrypt OpenPGP data.
357
* Returns -1 on error
358
*/
359
__attribute__((nonnull, warn_unused_result))
360
static ssize_t pgp_packet_decrypt(const char *cryptotext,
361
size_t crypto_size,
362
char **plaintext,
363
mandos_context *mc){
364
gpgme_data_t dh_crypto, dh_plain;
365
gpgme_error_t rc;
366
ssize_t ret;
367
size_t plaintext_capacity = 0;
368
ssize_t plaintext_length = 0;
369
370
if(debug){
371
fprintf_plus(stderr, "Trying to decrypt OpenPGP data\n");
372
}
373
374
/* Create new GPGME data buffer from memory cryptotext */
375
rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,
376
0);
377
if(rc != GPG_ERR_NO_ERROR){
378
fprintf_plus(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
379
gpgme_strsource(rc), gpgme_strerror(rc));
133
380
return -1;
134
381
}
135
382
136
383
/* Create new empty GPGME data buffer for the plaintext */
137
384
rc = gpgme_data_new(&dh_plain);
138
if (rc != GPG_ERR_NO_ERROR){
139
fprintf(stderr, "bad gpgme_data_new: %s: %s\n",
140
gpgme_strsource(rc), gpgme_strerror(rc));
141
return -1;
142
}
143
144
/* Create new GPGME "context" */
145
rc = gpgme_new(&ctx);
146
if (rc != GPG_ERR_NO_ERROR){
147
fprintf(stderr, "bad gpgme_new: %s: %s\n",
148
gpgme_strsource(rc), gpgme_strerror(rc));
149
return -1;
150
}
151
152
/* Decrypt data from the FILE pointer to the plaintext data
153
buffer */
154
rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);
155
if (rc != GPG_ERR_NO_ERROR){
156
fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
157
gpgme_strsource(rc), gpgme_strerror(rc));
158
return -1;
159
}
160
161
if(debug){
162
fprintf(stderr, "Decryption of OpenPGP packet succeeded\n");
163
}
164
165
if (debug){
166
gpgme_decrypt_result_t result;
167
result = gpgme_op_decrypt_result(ctx);
168
if (result == NULL){
169
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
170
} else {
171
fprintf(stderr, "Unsupported algorithm: %s\n",
172
result->unsupported_algorithm);
173
fprintf(stderr, "Wrong key usage: %d\n",
174
result->wrong_key_usage);
175
if(result->file_name != NULL){
176
fprintf(stderr, "File name: %s\n", result->file_name);
177
}
178
gpgme_recipient_t recipient;
179
recipient = result->recipients;
180
if(recipient){
385
if(rc != GPG_ERR_NO_ERROR){
386
fprintf_plus(stderr, "Mandos plugin mandos-client: "
387
"bad gpgme_data_new: %s: %s\n",
388
gpgme_strsource(rc), gpgme_strerror(rc));
389
gpgme_data_release(dh_crypto);
390
return -1;
391
}
392
393
/* Decrypt data from the cryptotext data buffer to the plaintext
394
data buffer */
395
rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);
396
if(rc != GPG_ERR_NO_ERROR){
397
fprintf_plus(stderr, "bad gpgme_op_decrypt: %s: %s\n",
398
gpgme_strsource(rc), gpgme_strerror(rc));
399
plaintext_length = -1;
400
if(debug){
401
gpgme_decrypt_result_t result;
402
result = gpgme_op_decrypt_result(mc->ctx);
403
if(result == NULL){
404
fprintf_plus(stderr, "gpgme_op_decrypt_result failed\n");
405
} else {
406
fprintf_plus(stderr, "Unsupported algorithm: %s\n",
407
result->unsupported_algorithm);
408
fprintf_plus(stderr, "Wrong key usage: %u\n",
409
result->wrong_key_usage);
410
if(result->file_name != NULL){
411
fprintf_plus(stderr, "File name: %s\n", result->file_name);
412
}
413
gpgme_recipient_t recipient;
414
recipient = result->recipients;
181
415
while(recipient != NULL){
182
fprintf(stderr, "Public key algorithm: %s\n",
183
gpgme_pubkey_algo_name(recipient->pubkey_algo));
184
fprintf(stderr, "Key ID: %s\n", recipient->keyid);
185
fprintf(stderr, "Secret key available: %s\n",
186
recipient->status == GPG_ERR_NO_SECKEY
187
? "No" : "Yes");
416
fprintf_plus(stderr, "Public key algorithm: %s\n",
417
gpgme_pubkey_algo_name
418
(recipient->pubkey_algo));
419
fprintf_plus(stderr, "Key ID: %s\n", recipient->keyid);
420
fprintf_plus(stderr, "Secret key available: %s\n",
421
recipient->status == GPG_ERR_NO_SECKEY
422
? "No" : "Yes");
188
423
recipient = recipient->next;
189
424
}
190
425
}
191
426
}
427
goto decrypt_end;
192
428
}
193
429
194
/* Delete the GPGME FILE pointer cryptotext data buffer */
195
gpgme_data_release(dh_crypto);
430
if(debug){
431
fprintf_plus(stderr, "Decryption of OpenPGP data succeeded\n");
432
}
196
433
197
434
/* Seek back to the beginning of the GPGME plaintext data buffer */
198
gpgme_data_seek(dh_plain, 0, SEEK_SET);
199
200
*new_packet = 0;
435
if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){
436
perror_plus("gpgme_data_seek");
437
plaintext_length = -1;
438
goto decrypt_end;
439
}
440
441
*plaintext = NULL;
201
442
while(true){
202
if (new_packet_length + BUFFER_SIZE > new_packet_capacity){
203
*new_packet = realloc(*new_packet,
204
(unsigned int)new_packet_capacity
205
+ BUFFER_SIZE);
206
if (*new_packet == NULL){
207
perror("realloc");
208
return -1;
209
}
210
new_packet_capacity += BUFFER_SIZE;
443
plaintext_capacity = incbuffer(plaintext,
444
(size_t)plaintext_length,
445
plaintext_capacity);
446
if(plaintext_capacity == 0){
447
perror_plus("incbuffer");
448
plaintext_length = -1;
449
goto decrypt_end;
211
450
}
212
451
213
ret = gpgme_data_read(dh_plain, *new_packet + new_packet_length,
452
ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,
214
453
BUFFER_SIZE);
215
454
/* Print the data, if any */
216
if (ret == 0){
455
if(ret == 0){
456
/* EOF */
217
457
break;
218
458
}
219
459
if(ret < 0){
220
perror("gpgme_data_read");
221
return -1;
222
}
223
new_packet_length += ret;
224
}
225
226
/* FIXME: check characters before printing to screen so to not print
227
terminal control characters */
228
/* if(debug){ */
229
/* fprintf(stderr, "decrypted password is: "); */
230
/* fwrite(*new_packet, 1, new_packet_length, stderr); */
231
/* fprintf(stderr, "\n"); */
232
/* } */
460
perror_plus("gpgme_data_read");
461
plaintext_length = -1;
462
goto decrypt_end;
463
}
464
plaintext_length += ret;
465
}
466
467
if(debug){
468
fprintf_plus(stderr, "Decrypted password is: ");
469
for(ssize_t i = 0; i < plaintext_length; i++){
470
fprintf(stderr, "%02hhX ", (*plaintext)[i]);
471
}
472
fprintf(stderr, "\n");
473
}
474
475
decrypt_end:
476
477
/* Delete the GPGME cryptotext data buffer */
478
gpgme_data_release(dh_crypto);
233
479
234
480
/* Delete the GPGME plaintext data buffer */
235
481
gpgme_data_release(dh_plain);
236
return new_packet_length;
482
return plaintext_length;
237
483
}
238
484
239
static const char * safer_gnutls_strerror (int value) {
240
const char *ret = gnutls_strerror (value);
241
if (ret == NULL)
485
__attribute__((warn_unused_result))
486
static const char *safer_gnutls_strerror(int value){
487
const char *ret = gnutls_strerror(value);
488
if(ret == NULL)
242
489
ret = "(unknown)";
243
490
return ret;
244
491
}
245
492
246
void debuggnutls(__attribute__((unused)) int level,
247
const char* string){
248
fprintf(stderr, "%s", string);
493
/* GnuTLS log function callback */
494
__attribute__((nonnull))
495
static void debuggnutls(__attribute__((unused)) int level,
496
const char* string){
497
fprintf_plus(stderr, "GnuTLS: %s", string);
249
498
}
250
499
251
int initgnutls(encrypted_session *es){
252
const char *err;
500
__attribute__((nonnull, warn_unused_result))
501
static int init_gnutls_global(const char *pubkeyfilename,
502
const char *seckeyfilename,
503
mandos_context *mc){
253
504
int ret;
254
505
255
506
if(debug){
256
fprintf(stderr, "Initializing GnuTLS\n");
507
fprintf_plus(stderr, "Initializing GnuTLS\n");
257
508
}
258
509
259
if ((ret = gnutls_global_init ())
260
!= GNUTLS_E_SUCCESS) {
261
fprintf (stderr, "global_init: %s\n", safer_gnutls_strerror(ret));
510
ret = gnutls_global_init();
511
if(ret != GNUTLS_E_SUCCESS){
512
fprintf_plus(stderr, "GnuTLS global_init: %s\n",
513
safer_gnutls_strerror(ret));
262
514
return -1;
263
515
}
264
265
if (debug){
516
517
if(debug){
518
/* "Use a log level over 10 to enable all debugging options."
519
* - GnuTLS manual
520
*/
266
521
gnutls_global_set_log_level(11);
267
522
gnutls_global_set_log_function(debuggnutls);
268
523
}
269
524
270
/* openpgp credentials */
271
if ((ret = gnutls_certificate_allocate_credentials (&es->cred))
272
!= GNUTLS_E_SUCCESS) {
273
fprintf (stderr, "memory error: %s\n",
274
safer_gnutls_strerror(ret));
525
/* OpenPGP credentials */
526
ret = gnutls_certificate_allocate_credentials(&mc->cred);
527
if(ret != GNUTLS_E_SUCCESS){
528
fprintf_plus(stderr, "GnuTLS memory error: %s\n",
529
safer_gnutls_strerror(ret));
530
gnutls_global_deinit();
275
531
return -1;
276
532
}
277
533
278
534
if(debug){
279
fprintf(stderr, "Attempting to use OpenPGP certificate %s"
280
" and keyfile %s as GnuTLS credentials\n", CERTFILE,
281
KEYFILE);
535
fprintf_plus(stderr, "Attempting to use OpenPGP public key %s and"
536
" secret key %s as GnuTLS credentials\n",
537
pubkeyfilename,
538
seckeyfilename);
282
539
}
283
540
284
541
ret = gnutls_certificate_set_openpgp_key_file
285
(es->cred, CERTFILE, KEYFILE, GNUTLS_OPENPGP_FMT_BASE64);
286
if (ret != GNUTLS_E_SUCCESS) {
287
fprintf
288
(stderr, "Error[%d] while reading the OpenPGP key pair ('%s',"
289
" '%s')\n",
290
ret, CERTFILE, KEYFILE);
291
fprintf(stdout, "The Error is: %s\n",
292
safer_gnutls_strerror(ret));
293
return -1;
294
}
295
296
//GnuTLS server initialization
297
if ((ret = gnutls_dh_params_init (&es->dh_params))
298
!= GNUTLS_E_SUCCESS) {
299
fprintf (stderr, "Error in dh parameter initialization: %s\n",
300
safer_gnutls_strerror(ret));
301
return -1;
302
}
303
304
if ((ret = gnutls_dh_params_generate2 (es->dh_params, DH_BITS))
305
!= GNUTLS_E_SUCCESS) {
306
fprintf (stderr, "Error in prime generation: %s\n",
307
safer_gnutls_strerror(ret));
308
return -1;
309
}
310
311
gnutls_certificate_set_dh_params (es->cred, es->dh_params);
312
313
// GnuTLS session creation
314
if ((ret = gnutls_init (&es->session, GNUTLS_SERVER))
315
!= GNUTLS_E_SUCCESS){
316
fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
317
safer_gnutls_strerror(ret));
318
}
319
320
if ((ret = gnutls_priority_set_direct (es->session, "NORMAL", &err))
321
!= GNUTLS_E_SUCCESS) {
322
fprintf(stderr, "Syntax error at: %s\n", err);
323
fprintf(stderr, "GnuTLS error: %s\n",
324
safer_gnutls_strerror(ret));
325
return -1;
326
}
327
328
if ((ret = gnutls_credentials_set
329
(es->session, GNUTLS_CRD_CERTIFICATE, es->cred))
330
!= GNUTLS_E_SUCCESS) {
331
fprintf(stderr, "Error setting a credentials set: %s\n",
332
safer_gnutls_strerror(ret));
542
(mc->cred, pubkeyfilename, seckeyfilename,
543
GNUTLS_OPENPGP_FMT_BASE64);
544
if(ret != GNUTLS_E_SUCCESS){
545
fprintf_plus(stderr,
546
"Error[%d] while reading the OpenPGP key pair ('%s',"
547
" '%s')\n", ret, pubkeyfilename, seckeyfilename);
548
fprintf_plus(stderr, "The GnuTLS error is: %s\n",
549
safer_gnutls_strerror(ret));
550
goto globalfail;
551
}
552
553
/* GnuTLS server initialization */
554
ret = gnutls_dh_params_init(&mc->dh_params);
555
if(ret != GNUTLS_E_SUCCESS){
556
fprintf_plus(stderr, "Error in GnuTLS DH parameter"
557
" initialization: %s\n",
558
safer_gnutls_strerror(ret));
559
goto globalfail;
560
}
561
ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
562
if(ret != GNUTLS_E_SUCCESS){
563
fprintf_plus(stderr, "Error in GnuTLS prime generation: %s\n",
564
safer_gnutls_strerror(ret));
565
goto globalfail;
566
}
567
568
gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
569
570
return 0;
571
572
globalfail:
573
574
gnutls_certificate_free_credentials(mc->cred);
575
gnutls_global_deinit();
576
gnutls_dh_params_deinit(mc->dh_params);
577
return -1;
578
}
579
580
__attribute__((nonnull, warn_unused_result))
581
static int init_gnutls_session(gnutls_session_t *session,
582
mandos_context *mc){
583
int ret;
584
/* GnuTLS session creation */
585
do {
586
ret = gnutls_init(session, GNUTLS_SERVER);
587
if(quit_now){
588
return -1;
589
}
590
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
591
if(ret != GNUTLS_E_SUCCESS){
592
fprintf_plus(stderr,
593
"Error in GnuTLS session initialization: %s\n",
594
safer_gnutls_strerror(ret));
595
}
596
597
{
598
const char *err;
599
do {
600
ret = gnutls_priority_set_direct(*session, mc->priority, &err);
601
if(quit_now){
602
gnutls_deinit(*session);
603
return -1;
604
}
605
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
606
if(ret != GNUTLS_E_SUCCESS){
607
fprintf_plus(stderr, "Syntax error at: %s\n", err);
608
fprintf_plus(stderr, "GnuTLS error: %s\n",
609
safer_gnutls_strerror(ret));
610
gnutls_deinit(*session);
611
return -1;
612
}
613
}
614
615
do {
616
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
617
mc->cred);
618
if(quit_now){
619
gnutls_deinit(*session);
620
return -1;
621
}
622
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
623
if(ret != GNUTLS_E_SUCCESS){
624
fprintf_plus(stderr, "Error setting GnuTLS credentials: %s\n",
625
safer_gnutls_strerror(ret));
626
gnutls_deinit(*session);
333
627
return -1;
334
628
}
335
629
336
630
/* ignore client certificate if any. */
337
gnutls_certificate_server_set_request (es->session,
338
GNUTLS_CERT_IGNORE);
631
gnutls_certificate_server_set_request(*session, GNUTLS_CERT_IGNORE);
339
632
340
gnutls_dh_set_prime_bits (es->session, DH_BITS);
633
gnutls_dh_set_prime_bits(*session, mc->dh_bits);
341
634
342
635
return 0;
343
636
}
344
637
345
void empty_log(__attribute__((unused)) AvahiLogLevel level,
346
__attribute__((unused)) const char *txt){}
638
/* Avahi log function callback */
639
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
640
__attribute__((unused)) const char *txt){}
347
641
348
int start_mandos_communication(char *ip, uint16_t port,
349
unsigned int if_index){
350
int ret, tcp_sd;
351
struct sockaddr_in6 to;
352
encrypted_session es;
642
/* Called when a Mandos server is found */
643
__attribute__((nonnull, warn_unused_result))
644
static int start_mandos_communication(const char *ip, in_port_t port,
645
AvahiIfIndex if_index,
646
int af, mandos_context *mc){
647
int ret, tcp_sd = -1;
648
ssize_t sret;
649
struct sockaddr_storage to;
353
650
char *buffer = NULL;
354
char *decrypted_buffer;
651
char *decrypted_buffer = NULL;
355
652
size_t buffer_length = 0;
356
653
size_t buffer_capacity = 0;
357
ssize_t decrypted_buffer_size;
358
int retval = 0;
359
char interface[IF_NAMESIZE];
360
361
if(debug){
362
fprintf(stderr, "Setting up a tcp connection to %s\n", ip);
363
}
364
365
tcp_sd = socket(PF_INET6, SOCK_STREAM, 0);
366
if(tcp_sd < 0) {
367
perror("socket");
368
return -1;
369
}
370
371
if(if_indextoname(if_index, interface) == NULL){
372
if(debug){
373
perror("if_indextoname");
374
}
375
return -1;
376
}
377
378
if(debug){
379
fprintf(stderr, "Binding to interface %s\n", interface);
380
}
381
382
ret = setsockopt(tcp_sd, SOL_SOCKET, SO_BINDTODEVICE, interface, 5);
383
if(ret < 0) {
384
perror("setsockopt bindtodevice");
385
return -1;
386
}
387
388
memset(&to,0,sizeof(to));
389
to.sin6_family = AF_INET6;
390
ret = inet_pton(AF_INET6, ip, &to.sin6_addr);
391
if (ret < 0 ){
392
perror("inet_pton");
393
return -1;
394
}
654
size_t written;
655
int retval = -1;
656
gnutls_session_t session;
657
int pf; /* Protocol family */
658
659
errno = 0;
660
661
if(quit_now){
662
errno = EINTR;
663
return -1;
664
}
665
666
switch(af){
667
case AF_INET6:
668
pf = PF_INET6;
669
break;
670
case AF_INET:
671
pf = PF_INET;
672
break;
673
default:
674
fprintf_plus(stderr, "Bad address family: %d\n", af);
675
errno = EINVAL;
676
return -1;
677
}
678
679
/* If the interface is specified and we have a list of interfaces */
680
if(if_index != AVAHI_IF_UNSPEC and mc->interfaces != NULL){
681
/* Check if the interface is one of the interfaces we are using */
682
bool match = false;
683
{
684
char *interface = NULL;
685
while((interface=argz_next(mc->interfaces, mc->interfaces_size,
686
interface))){
687
if(if_nametoindex(interface) == (unsigned int)if_index){
688
match = true;
689
break;
690
}
691
}
692
}
693
if(not match){
694
/* This interface does not match any in the list, so we don't
695
connect to the server */
696
if(debug){
697
char interface[IF_NAMESIZE];
698
if(if_indextoname((unsigned int)if_index, interface) == NULL){
699
perror_plus("if_indextoname");
700
} else {
701
fprintf_plus(stderr, "Skipping server on non-used interface"
702
" \"%s\"\n",
703
if_indextoname((unsigned int)if_index,
704
interface));
705
}
706
}
707
return -1;
708
}
709
}
710
711
ret = init_gnutls_session(&session, mc);
712
if(ret != 0){
713
return -1;
714
}
715
716
if(debug){
717
fprintf_plus(stderr, "Setting up a TCP connection to %s, port %"
718
PRIuMAX "\n", ip, (uintmax_t)port);
719
}
720
721
tcp_sd = socket(pf, SOCK_STREAM, 0);
722
if(tcp_sd < 0){
723
int e = errno;
724
perror_plus("socket");
725
errno = e;
726
goto mandos_end;
727
}
728
729
if(quit_now){
730
errno = EINTR;
731
goto mandos_end;
732
}
733
734
memset(&to, 0, sizeof(to));
735
if(af == AF_INET6){
736
((struct sockaddr_in6 *)&to)->sin6_family = (sa_family_t)af;
737
ret = inet_pton(af, ip, &((struct sockaddr_in6 *)&to)->sin6_addr);
738
} else { /* IPv4 */
739
((struct sockaddr_in *)&to)->sin_family = (sa_family_t)af;
740
ret = inet_pton(af, ip, &((struct sockaddr_in *)&to)->sin_addr);
741
}
742
if(ret < 0 ){
743
int e = errno;
744
perror_plus("inet_pton");
745
errno = e;
746
goto mandos_end;
747
}
395
748
if(ret == 0){
396
fprintf(stderr, "Bad address: %s\n", ip);
397
return -1;
398
}
399
/* Spurious warnings for the next line, see for instance
400
<http://bugs.debian.org/488884> */
401
to.sin6_port = htons(port);
402
403
to.sin6_scope_id = (uint32_t)if_index;
404
405
if(debug){
406
fprintf(stderr, "Connection to: %s\n", ip);
407
}
408
409
ret = connect(tcp_sd, (struct sockaddr *) &to, sizeof(to));
410
if (ret < 0){
411
perror("connect");
412
return -1;
413
}
414
415
ret = initgnutls (&es);
416
if (ret != 0){
417
retval = -1;
418
return -1;
419
}
420
421
gnutls_transport_set_ptr (es.session,
422
(gnutls_transport_ptr_t) tcp_sd);
423
424
if(debug){
425
fprintf(stderr, "Establishing TLS session with %s\n", ip);
426
}
427
428
ret = gnutls_handshake (es.session);
429
430
if (ret != GNUTLS_E_SUCCESS){
431
fprintf(stderr, "\n*** Handshake failed ***\n");
432
gnutls_perror (ret);
433
retval = -1;
434
goto exit;
435
}
436
437
//Retrieve OpenPGP packet that contains the wanted password
438
439
if(debug){
440
fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
441
ip);
442
}
443
444
while(true){
445
if (buffer_length + BUFFER_SIZE > buffer_capacity){
446
buffer = realloc(buffer, buffer_capacity + BUFFER_SIZE);
447
if (buffer == NULL){
448
perror("realloc");
449
goto exit;
450
}
451
buffer_capacity += BUFFER_SIZE;
452
}
453
454
ret = gnutls_record_recv
455
(es.session, buffer+buffer_length, BUFFER_SIZE);
456
if (ret == 0){
749
int e = errno;
750
fprintf_plus(stderr, "Bad address: %s\n", ip);
751
errno = e;
752
goto mandos_end;
753
}
754
if(af == AF_INET6){
755
((struct sockaddr_in6 *)&to)->sin6_port = htons(port);
756
if(IN6_IS_ADDR_LINKLOCAL
757
(&((struct sockaddr_in6 *)&to)->sin6_addr)){
758
if(if_index == AVAHI_IF_UNSPEC){
759
fprintf_plus(stderr, "An IPv6 link-local address is"
760
" incomplete without a network interface\n");
761
errno = EINVAL;
762
goto mandos_end;
763
}
764
/* Set the network interface number as scope */
765
((struct sockaddr_in6 *)&to)->sin6_scope_id = (uint32_t)if_index;
766
}
767
} else {
768
((struct sockaddr_in *)&to)->sin_port = htons(port);
769
}
770
771
if(quit_now){
772
errno = EINTR;
773
goto mandos_end;
774
}
775
776
if(debug){
777
if(af == AF_INET6 and if_index != AVAHI_IF_UNSPEC){
778
char interface[IF_NAMESIZE];
779
if(if_indextoname((unsigned int)if_index, interface) == NULL){
780
perror_plus("if_indextoname");
781
} else {
782
fprintf_plus(stderr, "Connection to: %s%%%s, port %" PRIuMAX
783
"\n", ip, interface, (uintmax_t)port);
784
}
785
} else {
786
fprintf_plus(stderr, "Connection to: %s, port %" PRIuMAX "\n",
787
ip, (uintmax_t)port);
788
}
789
char addrstr[(INET_ADDRSTRLEN > INET6_ADDRSTRLEN) ?
790
INET_ADDRSTRLEN : INET6_ADDRSTRLEN] = "";
791
if(af == AF_INET6){
792
ret = getnameinfo((struct sockaddr *)&to,
793
sizeof(struct sockaddr_in6),
794
addrstr, sizeof(addrstr), NULL, 0,
795
NI_NUMERICHOST);
796
} else {
797
ret = getnameinfo((struct sockaddr *)&to,
798
sizeof(struct sockaddr_in),
799
addrstr, sizeof(addrstr), NULL, 0,
800
NI_NUMERICHOST);
801
}
802
if(ret == EAI_SYSTEM){
803
perror_plus("getnameinfo");
804
} else if(ret != 0) {
805
fprintf_plus(stderr, "getnameinfo: %s", gai_strerror(ret));
806
} else if(strcmp(addrstr, ip) != 0){
807
fprintf_plus(stderr, "Canonical address form: %s\n", addrstr);
808
}
809
}
810
811
if(quit_now){
812
errno = EINTR;
813
goto mandos_end;
814
}
815
816
if(af == AF_INET6){
817
ret = connect(tcp_sd, (struct sockaddr *)&to,
818
sizeof(struct sockaddr_in6));
819
} else {
820
ret = connect(tcp_sd, (struct sockaddr *)&to, /* IPv4 */
821
sizeof(struct sockaddr_in));
822
}
823
if(ret < 0){
824
if((errno != ECONNREFUSED and errno != ENETUNREACH) or debug){
825
int e = errno;
826
perror_plus("connect");
827
errno = e;
828
}
829
goto mandos_end;
830
}
831
832
if(quit_now){
833
errno = EINTR;
834
goto mandos_end;
835
}
836
837
const char *out = mandos_protocol_version;
838
written = 0;
839
while(true){
840
size_t out_size = strlen(out);
841
ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written,
842
out_size - written));
843
if(ret == -1){
844
int e = errno;
845
perror_plus("write");
846
errno = e;
847
goto mandos_end;
848
}
849
written += (size_t)ret;
850
if(written < out_size){
851
continue;
852
} else {
853
if(out == mandos_protocol_version){
854
written = 0;
855
out = "\r\n";
856
} else {
857
break;
858
}
859
}
860
861
if(quit_now){
862
errno = EINTR;
863
goto mandos_end;
864
}
865
}
866
867
if(debug){
868
fprintf_plus(stderr, "Establishing TLS session with %s\n", ip);
869
}
870
871
if(quit_now){
872
errno = EINTR;
873
goto mandos_end;
874
}
875
876
/* This casting via intptr_t is to eliminate warning about casting
877
an int to a pointer type. This is exactly how the GnuTLS Guile
878
function "set-session-transport-fd!" does it. */
879
gnutls_transport_set_ptr(session,
880
(gnutls_transport_ptr_t)(intptr_t)tcp_sd);
881
882
if(quit_now){
883
errno = EINTR;
884
goto mandos_end;
885
}
886
887
do {
888
ret = gnutls_handshake(session);
889
if(quit_now){
890
errno = EINTR;
891
goto mandos_end;
892
}
893
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
894
895
if(ret != GNUTLS_E_SUCCESS){
896
if(debug){
897
fprintf_plus(stderr, "*** GnuTLS Handshake failed ***\n");
898
gnutls_perror(ret);
899
}
900
errno = EPROTO;
901
goto mandos_end;
902
}
903
904
/* Read OpenPGP packet that contains the wanted password */
905
906
if(debug){
907
fprintf_plus(stderr, "Retrieving OpenPGP encrypted password from"
908
" %s\n", ip);
909
}
910
911
while(true){
912
913
if(quit_now){
914
errno = EINTR;
915
goto mandos_end;
916
}
917
918
buffer_capacity = incbuffer(&buffer, buffer_length,
919
buffer_capacity);
920
if(buffer_capacity == 0){
921
int e = errno;
922
perror_plus("incbuffer");
923
errno = e;
924
goto mandos_end;
925
}
926
927
if(quit_now){
928
errno = EINTR;
929
goto mandos_end;
930
}
931
932
sret = gnutls_record_recv(session, buffer+buffer_length,
933
BUFFER_SIZE);
934
if(sret == 0){
457
935
break;
458
936
}
459
if (ret < 0){
460
switch(ret){
937
if(sret < 0){
938
switch(sret){
461
939
case GNUTLS_E_INTERRUPTED:
462
940
case GNUTLS_E_AGAIN:
463
941
break;
464
942
case GNUTLS_E_REHANDSHAKE:
465
ret = gnutls_handshake (es.session);
466
if (ret < 0){
467
fprintf(stderr, "\n*** Handshake failed ***\n");
468
gnutls_perror (ret);
469
retval = -1;
470
goto exit;
943
do {
944
ret = gnutls_handshake(session);
945
946
if(quit_now){
947
errno = EINTR;
948
goto mandos_end;
949
}
950
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
951
if(ret < 0){
952
fprintf_plus(stderr, "*** GnuTLS Re-handshake failed "
953
"***\n");
954
gnutls_perror(ret);
955
errno = EPROTO;
956
goto mandos_end;
471
957
}
472
958
break;
473
959
default:
474
fprintf(stderr, "Unknown error while reading data from"
475
" encrypted session with mandos server\n");
476
retval = -1;
477
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
478
goto exit;
960
fprintf_plus(stderr, "Unknown error while reading data from"
961
" encrypted session with Mandos server\n");
962
gnutls_bye(session, GNUTLS_SHUT_RDWR);
963
errno = EIO;
964
goto mandos_end;
479
965
}
480
966
} else {
481
buffer_length += (size_t) ret;
482
}
483
}
484
485
if (buffer_length > 0){
486
decrypted_buffer_size = pgp_packet_decrypt(buffer,
487
buffer_length,
488
&decrypted_buffer,
489
CERT_ROOT);
490
if (decrypted_buffer_size >= 0){
491
while(decrypted_buffer_size > 0){
492
ret = fwrite (decrypted_buffer, 1, (size_t)decrypted_buffer_size,
493
stdout);
967
buffer_length += (size_t) sret;
968
}
969
}
970
971
if(debug){
972
fprintf_plus(stderr, "Closing TLS session\n");
973
}
974
975
if(quit_now){
976
errno = EINTR;
977
goto mandos_end;
978
}
979
980
do {
981
ret = gnutls_bye(session, GNUTLS_SHUT_RDWR);
982
if(quit_now){
983
errno = EINTR;
984
goto mandos_end;
985
}
986
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
987
988
if(buffer_length > 0){
989
ssize_t decrypted_buffer_size;
990
decrypted_buffer_size = pgp_packet_decrypt(buffer, buffer_length,
991
&decrypted_buffer, mc);
992
if(decrypted_buffer_size >= 0){
993
994
written = 0;
995
while(written < (size_t) decrypted_buffer_size){
996
if(quit_now){
997
errno = EINTR;
998
goto mandos_end;
999
}
1000
1001
ret = (int)fwrite(decrypted_buffer + written, 1,
1002
(size_t)decrypted_buffer_size - written,
1003
stdout);
494
1004
if(ret == 0 and ferror(stdout)){
1005
int e = errno;
495
1006
if(debug){
496
fprintf(stderr, "Error writing encrypted data: %s\n",
497
strerror(errno));
1007
fprintf_plus(stderr, "Error writing encrypted data: %s\n",
1008
strerror(errno));
498
1009
}
499
retval = -1;
500
break;
1010
errno = e;
1011
goto mandos_end;
501
1012
}
502
decrypted_buffer += ret;
503
decrypted_buffer_size -= ret;
504
}
505
free(decrypted_buffer);
506
} else {
1013
written += (size_t)ret;
1014
}
1015
retval = 0;
1016
}
1017
}
1018
1019
/* Shutdown procedure */
1020
1021
mandos_end:
1022
{
1023
int e = errno;
1024
free(decrypted_buffer);
1025
free(buffer);
1026
if(tcp_sd >= 0){
1027
ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));
1028
}
1029
if(ret == -1){
1030
if(e == 0){
1031
e = errno;
1032
}
1033
perror_plus("close");
1034
}
1035
gnutls_deinit(session);
1036
errno = e;
1037
if(quit_now){
1038
errno = EINTR;
507
1039
retval = -1;
508
1040
}
509
1041
}
510
511
//shutdown procedure
512
513
if(debug){
514
fprintf(stderr, "Closing TLS session\n");
515
}
516
517
free(buffer);
518
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
519
exit:
520
close(tcp_sd);
521
gnutls_deinit (es.session);
522
gnutls_certificate_free_credentials (es.cred);
523
gnutls_global_deinit ();
524
1042
return retval;
525
1043
}
526
1044
527
static AvahiSimplePoll *simple_poll = NULL;
528
static AvahiServer *server = NULL;
529
530
static void resolve_callback(
531
AvahiSServiceResolver *r,
532
AVAHI_GCC_UNUSED AvahiIfIndex interface,
533
AVAHI_GCC_UNUSED AvahiProtocol protocol,
534
AvahiResolverEvent event,
535
const char *name,
536
const char *type,
537
const char *domain,
538
const char *host_name,
539
const AvahiAddress *address,
540
uint16_t port,
541
AVAHI_GCC_UNUSED AvahiStringList *txt,
542
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
543
AVAHI_GCC_UNUSED void* userdata) {
544
545
assert(r);
546
1045
__attribute__((nonnull))
1046
static void resolve_callback(AvahiSServiceResolver *r,
1047
AvahiIfIndex interface,
1048
AvahiProtocol proto,
1049
AvahiResolverEvent event,
1050
const char *name,
1051
const char *type,
1052
const char *domain,
1053
const char *host_name,
1054
const AvahiAddress *address,
1055
uint16_t port,
1056
AVAHI_GCC_UNUSED AvahiStringList *txt,
1057
AVAHI_GCC_UNUSED AvahiLookupResultFlags
1058
flags,
1059
void *mc){
1060
if(r == NULL){
1061
return;
1062
}
1063
547
1064
/* Called whenever a service has been resolved successfully or
548
1065
timed out */
549
550
switch (event) {
1066
1067
if(quit_now){
1068
return;
1069
}
1070
1071
switch(event){
551
1072
default:
552
1073
case AVAHI_RESOLVER_FAILURE:
553
fprintf(stderr, "(Resolver) Failed to resolve service '%s' of"
554
" type '%s' in domain '%s': %s\n", name, type, domain,
555
avahi_strerror(avahi_server_errno(server)));
1074
fprintf_plus(stderr, "(Avahi Resolver) Failed to resolve service "
1075
"'%s' of type '%s' in domain '%s': %s\n", name, type,
1076
domain,
1077
avahi_strerror(avahi_server_errno
1078
(((mandos_context*)mc)->server)));
556
1079
break;
557
1080
558
1081
case AVAHI_RESOLVER_FOUND:
559
1082
{
560
1083
char ip[AVAHI_ADDRESS_STR_MAX];
561
1084
avahi_address_snprint(ip, sizeof(ip), address);
562
1085
if(debug){
563
fprintf(stderr, "Mandos server found on %s (%s) on port %d\n",
564
host_name, ip, port);
1086
fprintf_plus(stderr, "Mandos server \"%s\" found on %s (%s, %"
1087
PRIdMAX ") on port %" PRIu16 "\n", name,
1088
host_name, ip, (intmax_t)interface, port);
565
1089
}
566
int ret = start_mandos_communication(ip, port,
567
(unsigned int)
568
interface);
569
if (ret == 0){
570
exit(EXIT_SUCCESS);
1090
int ret = start_mandos_communication(ip, (in_port_t)port,
1091
interface,
1092
avahi_proto_to_af(proto),
1093
mc);
1094
if(ret == 0){
1095
avahi_simple_poll_quit(simple_poll);
571
1096
} else {
572
exit(EXIT_FAILURE);
1097
if(not add_server(ip, (in_port_t)port, interface,
1098
avahi_proto_to_af(proto),
1099
&((mandos_context*)mc)->current_server)){
1100
fprintf_plus(stderr, "Failed to add server \"%s\" to server"
1101
" list\n", name);
1102
}
573
1103
}
574
1104
}
575
1105
}
576
1106
avahi_s_service_resolver_free(r);
577
1107
}
578
1108
579
static void browse_callback(
580
AvahiSServiceBrowser *b,
581
AvahiIfIndex interface,
582
AvahiProtocol protocol,
583
AvahiBrowserEvent event,
584
const char *name,
585
const char *type,
586
const char *domain,
587
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
588
void* userdata) {
589
590
AvahiServer *s = userdata;
591
assert(b);
592
593
/* Called whenever a new services becomes available on the LAN or
594
is removed from the LAN */
595
596
switch (event) {
1109
static void browse_callback(AvahiSServiceBrowser *b,
1110
AvahiIfIndex interface,
1111
AvahiProtocol protocol,
1112
AvahiBrowserEvent event,
1113
const char *name,
1114
const char *type,
1115
const char *domain,
1116
AVAHI_GCC_UNUSED AvahiLookupResultFlags
1117
flags,
1118
void *mc){
1119
if(b == NULL){
1120
return;
1121
}
1122
1123
/* Called whenever a new services becomes available on the LAN or
1124
is removed from the LAN */
1125
1126
if(quit_now){
1127
return;
1128
}
1129
1130
switch(event){
1131
default:
1132
case AVAHI_BROWSER_FAILURE:
1133
1134
fprintf_plus(stderr, "(Avahi browser) %s\n",
1135
avahi_strerror(avahi_server_errno
1136
(((mandos_context*)mc)->server)));
1137
avahi_simple_poll_quit(simple_poll);
1138
return;
1139
1140
case AVAHI_BROWSER_NEW:
1141
/* We ignore the returned Avahi resolver object. In the callback
1142
function we free it. If the Avahi server is terminated before
1143
the callback function is called the Avahi server will free the
1144
resolver for us. */
1145
1146
if(avahi_s_service_resolver_new(((mandos_context*)mc)->server,
1147
interface, protocol, name, type,
1148
domain, protocol, 0,
1149
resolve_callback, mc) == NULL)
1150
fprintf_plus(stderr, "Avahi: Failed to resolve service '%s':"
1151
" %s\n", name,
1152
avahi_strerror(avahi_server_errno
1153
(((mandos_context*)mc)->server)));
1154
break;
1155
1156
case AVAHI_BROWSER_REMOVE:
1157
break;
1158
1159
case AVAHI_BROWSER_ALL_FOR_NOW:
1160
case AVAHI_BROWSER_CACHE_EXHAUSTED:
1161
if(debug){
1162
fprintf_plus(stderr, "No Mandos server found, still"
1163
" searching...\n");
1164
}
1165
break;
1166
}
1167
}
1168
1169
/* Signal handler that stops main loop after SIGTERM */
1170
static void handle_sigterm(int sig){
1171
if(quit_now){
1172
return;
1173
}
1174
quit_now = 1;
1175
signal_received = sig;
1176
int old_errno = errno;
1177
/* set main loop to exit */
1178
if(simple_poll != NULL){
1179
avahi_simple_poll_quit(simple_poll);
1180
}
1181
errno = old_errno;
1182
}
1183
1184
__attribute__((nonnull, warn_unused_result))
1185
bool get_flags(const char *ifname, struct ifreq *ifr){
1186
int ret;
1187
error_t ret_errno;
1188
1189
int s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1190
if(s < 0){
1191
ret_errno = errno;
1192
perror_plus("socket");
1193
errno = ret_errno;
1194
return false;
1195
}
1196
strcpy(ifr->ifr_name, ifname);
1197
ret = ioctl(s, SIOCGIFFLAGS, ifr);
1198
if(ret == -1){
1199
if(debug){
1200
ret_errno = errno;
1201
perror_plus("ioctl SIOCGIFFLAGS");
1202
errno = ret_errno;
1203
}
1204
return false;
1205
}
1206
return true;
1207
}
1208
1209
__attribute__((nonnull, warn_unused_result))
1210
bool good_flags(const char *ifname, const struct ifreq *ifr){
1211
1212
/* Reject the loopback device */
1213
if(ifr->ifr_flags & IFF_LOOPBACK){
1214
if(debug){
1215
fprintf_plus(stderr, "Rejecting loopback interface \"%s\"\n",
1216
ifname);
1217
}
1218
return false;
1219
}
1220
/* Accept point-to-point devices only if connect_to is specified */
1221
if(connect_to != NULL and (ifr->ifr_flags & IFF_POINTOPOINT)){
1222
if(debug){
1223
fprintf_plus(stderr, "Accepting point-to-point interface"
1224
" \"%s\"\n", ifname);
1225
}
1226
return true;
1227
}
1228
/* Otherwise, reject non-broadcast-capable devices */
1229
if(not (ifr->ifr_flags & IFF_BROADCAST)){
1230
if(debug){
1231
fprintf_plus(stderr, "Rejecting non-broadcast interface"
1232
" \"%s\"\n", ifname);
1233
}
1234
return false;
1235
}
1236
/* Reject non-ARP interfaces (including dummy interfaces) */
1237
if(ifr->ifr_flags & IFF_NOARP){
1238
if(debug){
1239
fprintf_plus(stderr, "Rejecting non-ARP interface \"%s\"\n",
1240
ifname);
1241
}
1242
return false;
1243
}
1244
1245
/* Accept this device */
1246
if(debug){
1247
fprintf_plus(stderr, "Interface \"%s\" is good\n", ifname);
1248
}
1249
return true;
1250
}
1251
1252
/*
1253
* This function determines if a directory entry in /sys/class/net
1254
* corresponds to an acceptable network device.
1255
* (This function is passed to scandir(3) as a filter function.)
1256
*/
1257
__attribute__((nonnull, warn_unused_result))
1258
int good_interface(const struct dirent *if_entry){
1259
if(if_entry->d_name[0] == '.'){
1260
return 0;
1261
}
1262
1263
struct ifreq ifr;
1264
if(not get_flags(if_entry->d_name, &ifr)){
1265
if(debug){
1266
fprintf_plus(stderr, "Failed to get flags for interface "
1267
"\"%s\"\n", if_entry->d_name);
1268
}
1269
return 0;
1270
}
1271
1272
if(not good_flags(if_entry->d_name, &ifr)){
1273
return 0;
1274
}
1275
return 1;
1276
}
1277
1278
/*
1279
* This function determines if a network interface is up.
1280
*/
1281
__attribute__((nonnull, warn_unused_result))
1282
bool interface_is_up(const char *interface){
1283
struct ifreq ifr;
1284
if(not get_flags(interface, &ifr)){
1285
if(debug){
1286
fprintf_plus(stderr, "Failed to get flags for interface "
1287
"\"%s\"\n", interface);
1288
}
1289
return false;
1290
}
1291
1292
return (bool)(ifr.ifr_flags & IFF_UP);
1293
}
1294
1295
/*
1296
* This function determines if a network interface is running
1297
*/
1298
__attribute__((nonnull, warn_unused_result))
1299
bool interface_is_running(const char *interface){
1300
struct ifreq ifr;
1301
if(not get_flags(interface, &ifr)){
1302
if(debug){
1303
fprintf_plus(stderr, "Failed to get flags for interface "
1304
"\"%s\"\n", interface);
1305
}
1306
return false;
1307
}
1308
1309
return (bool)(ifr.ifr_flags & IFF_RUNNING);
1310
}
1311
1312
__attribute__((nonnull, pure, warn_unused_result))
1313
int notdotentries(const struct dirent *direntry){
1314
/* Skip "." and ".." */
1315
if(direntry->d_name[0] == '.'
1316
and (direntry->d_name[1] == '\0'
1317
or (direntry->d_name[1] == '.'
1318
and direntry->d_name[2] == '\0'))){
1319
return 0;
1320
}
1321
return 1;
1322
}
1323
1324
/* Is this directory entry a runnable program? */
1325
__attribute__((nonnull, warn_unused_result))
1326
int runnable_hook(const struct dirent *direntry){
1327
int ret;
1328
size_t sret;
1329
struct stat st;
1330
1331
if((direntry->d_name)[0] == '\0'){
1332
/* Empty name? */
1333
return 0;
1334
}
1335
1336
sret = strspn(direntry->d_name, "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
1337
"abcdefghijklmnopqrstuvwxyz"
1338
"0123456789"
1339
"_.-");
1340
if((direntry->d_name)[sret] != '\0'){
1341
/* Contains non-allowed characters */
1342
if(debug){
1343
fprintf_plus(stderr, "Ignoring hook \"%s\" with bad name\n",
1344
direntry->d_name);
1345
}
1346
return 0;
1347
}
1348
1349
ret = fstatat(hookdir_fd, direntry->d_name, &st, 0);
1350
if(ret == -1){
1351
if(debug){
1352
perror_plus("Could not stat hook");
1353
}
1354
return 0;
1355
}
1356
if(not (S_ISREG(st.st_mode))){
1357
/* Not a regular file */
1358
if(debug){
1359
fprintf_plus(stderr, "Ignoring hook \"%s\" - not a file\n",
1360
direntry->d_name);
1361
}
1362
return 0;
1363
}
1364
if(not (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))){
1365
/* Not executable */
1366
if(debug){
1367
fprintf_plus(stderr, "Ignoring hook \"%s\" - not executable\n",
1368
direntry->d_name);
1369
}
1370
return 0;
1371
}
1372
if(debug){
1373
fprintf_plus(stderr, "Hook \"%s\" is acceptable\n",
1374
direntry->d_name);
1375
}
1376
return 1;
1377
}
1378
1379
__attribute__((nonnull, warn_unused_result))
1380
int avahi_loop_with_timeout(AvahiSimplePoll *s, int retry_interval,
1381
mandos_context *mc){
1382
int ret;
1383
struct timespec now;
1384
struct timespec waited_time;
1385
intmax_t block_time;
1386
1387
while(true){
1388
if(mc->current_server == NULL){
1389
if(debug){
1390
fprintf_plus(stderr, "Wait until first server is found."
1391
" No timeout!\n");
1392
}
1393
ret = avahi_simple_poll_iterate(s, -1);
1394
} else {
1395
if(debug){
1396
fprintf_plus(stderr, "Check current_server if we should run"
1397
" it, or wait\n");
1398
}
1399
/* the current time */
1400
ret = clock_gettime(CLOCK_MONOTONIC, &now);
1401
if(ret == -1){
1402
perror_plus("clock_gettime");
1403
return -1;
1404
}
1405
/* Calculating in ms how long time between now and server
1406
who we visted longest time ago. Now - last seen. */
1407
waited_time.tv_sec = (now.tv_sec
1408
- mc->current_server->last_seen.tv_sec);
1409
waited_time.tv_nsec = (now.tv_nsec
1410
- mc->current_server->last_seen.tv_nsec);
1411
/* total time is 10s/10,000ms.
1412
Converting to s from ms by dividing by 1,000,
1413
and ns to ms by dividing by 1,000,000. */
1414
block_time = ((retry_interval
1415
- ((intmax_t)waited_time.tv_sec * 1000))
1416
- ((intmax_t)waited_time.tv_nsec / 1000000));
1417
1418
if(debug){
1419
fprintf_plus(stderr, "Blocking for %" PRIdMAX " ms\n",
1420
block_time);
1421
}
1422
1423
if(block_time <= 0){
1424
ret = start_mandos_communication(mc->current_server->ip,
1425
mc->current_server->port,
1426
mc->current_server->if_index,
1427
mc->current_server->af, mc);
1428
if(ret == 0){
1429
avahi_simple_poll_quit(s);
1430
return 0;
1431
}
1432
ret = clock_gettime(CLOCK_MONOTONIC,
1433
&mc->current_server->last_seen);
1434
if(ret == -1){
1435
perror_plus("clock_gettime");
1436
return -1;
1437
}
1438
mc->current_server = mc->current_server->next;
1439
block_time = 0; /* Call avahi to find new Mandos
1440
servers, but don't block */
1441
}
1442
1443
ret = avahi_simple_poll_iterate(s, (int)block_time);
1444
}
1445
if(ret != 0){
1446
if(ret > 0 or errno != EINTR){
1447
return (ret != 1) ? ret : 0;
1448
}
1449
}
1450
}
1451
}
1452
1453
/* Set effective uid to 0, return errno */
1454
__attribute__((warn_unused_result))
1455
error_t raise_privileges(void){
1456
error_t old_errno = errno;
1457
error_t ret_errno = 0;
1458
if(seteuid(0) == -1){
1459
ret_errno = errno;
1460
perror_plus("seteuid");
1461
}
1462
errno = old_errno;
1463
return ret_errno;
1464
}
1465
1466
/* Set effective and real user ID to 0. Return errno. */
1467
__attribute__((warn_unused_result))
1468
error_t raise_privileges_permanently(void){
1469
error_t old_errno = errno;
1470
error_t ret_errno = raise_privileges();
1471
if(ret_errno != 0){
1472
errno = old_errno;
1473
return ret_errno;
1474
}
1475
if(setuid(0) == -1){
1476
ret_errno = errno;
1477
perror_plus("seteuid");
1478
}
1479
errno = old_errno;
1480
return ret_errno;
1481
}
1482
1483
/* Set effective user ID to unprivileged saved user ID */
1484
__attribute__((warn_unused_result))
1485
error_t lower_privileges(void){
1486
error_t old_errno = errno;
1487
error_t ret_errno = 0;
1488
if(seteuid(uid) == -1){
1489
ret_errno = errno;
1490
perror_plus("seteuid");
1491
}
1492
errno = old_errno;
1493
return ret_errno;
1494
}
1495
1496
/* Lower privileges permanently */
1497
__attribute__((warn_unused_result))
1498
error_t lower_privileges_permanently(void){
1499
error_t old_errno = errno;
1500
error_t ret_errno = 0;
1501
if(setuid(uid) == -1){
1502
ret_errno = errno;
1503
perror_plus("setuid");
1504
}
1505
errno = old_errno;
1506
return ret_errno;
1507
}
1508
1509
#ifndef O_CLOEXEC
1510
/*
1511
* Based on the example in the GNU LibC manual chapter 13.13 "File
1512
* Descriptor Flags".
1513
| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |
1514
*/
1515
__attribute__((warn_unused_result))
1516
static int set_cloexec_flag(int fd){
1517
int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
1518
/* If reading the flags failed, return error indication now. */
1519
if(ret < 0){
1520
return ret;
1521
}
1522
/* Store modified flag word in the descriptor. */
1523
return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,
1524
ret | FD_CLOEXEC));
1525
}
1526
#endif /* not O_CLOEXEC */
1527
1528
__attribute__((nonnull))
1529
void run_network_hooks(const char *mode, const char *interface,
1530
const float delay){
1531
struct dirent **direntries;
1532
if(hookdir_fd == -1){
1533
hookdir_fd = open(hookdir, O_RDONLY |
1534
#ifdef O_CLOEXEC
1535
O_CLOEXEC
1536
#else /* not O_CLOEXEC */
1537
0
1538
#endif /* not O_CLOEXEC */
1539
);
1540
if(hookdir_fd == -1){
1541
if(errno == ENOENT){
1542
if(debug){
1543
fprintf_plus(stderr, "Network hook directory \"%s\" not"
1544
" found\n", hookdir);
1545
}
1546
} else {
1547
perror_plus("open");
1548
}
1549
return;
1550
}
1551
#ifndef O_CLOEXEC
1552
if(set_cloexec_flag(hookdir_fd) < 0){
1553
perror_plus("set_cloexec_flag");
1554
if((int)TEMP_FAILURE_RETRY(close(hookdir_fd)) == -1){
1555
perror_plus("close");
1556
} else {
1557
hookdir_fd = -1;
1558
}
1559
return;
1560
}
1561
#endif /* not O_CLOEXEC */
1562
}
1563
#ifdef __GLIBC__
1564
#if __GLIBC_PREREQ(2, 15)
1565
int numhooks = scandirat(hookdir_fd, ".", &direntries,
1566
runnable_hook, alphasort);
1567
#else /* not __GLIBC_PREREQ(2, 15) */
1568
int numhooks = scandir(hookdir, &direntries, runnable_hook,
1569
alphasort);
1570
#endif /* not __GLIBC_PREREQ(2, 15) */
1571
#else /* not __GLIBC__ */
1572
int numhooks = scandir(hookdir, &direntries, runnable_hook,
1573
alphasort);
1574
#endif /* not __GLIBC__ */
1575
if(numhooks == -1){
1576
perror_plus("scandir");
1577
return;
1578
}
1579
struct dirent *direntry;
1580
int ret;
1581
int devnull = open("/dev/null", O_RDONLY);
1582
for(int i = 0; i < numhooks; i++){
1583
direntry = direntries[i];
1584
if(debug){
1585
fprintf_plus(stderr, "Running network hook \"%s\"\n",
1586
direntry->d_name);
1587
}
1588
pid_t hook_pid = fork();
1589
if(hook_pid == 0){
1590
/* Child */
1591
/* Raise privileges */
1592
if(raise_privileges_permanently() != 0){
1593
perror_plus("Failed to raise privileges");
1594
_exit(EX_NOPERM);
1595
}
1596
/* Set group */
1597
errno = 0;
1598
ret = setgid(0);
1599
if(ret == -1){
1600
perror_plus("setgid");
1601
_exit(EX_NOPERM);
1602
}
1603
/* Reset supplementary groups */
1604
errno = 0;
1605
ret = setgroups(0, NULL);
1606
if(ret == -1){
1607
perror_plus("setgroups");
1608
_exit(EX_NOPERM);
1609
}
1610
ret = dup2(devnull, STDIN_FILENO);
1611
if(ret == -1){
1612
perror_plus("dup2(devnull, STDIN_FILENO)");
1613
_exit(EX_OSERR);
1614
}
1615
ret = close(devnull);
1616
if(ret == -1){
1617
perror_plus("close");
1618
_exit(EX_OSERR);
1619
}
1620
ret = dup2(STDERR_FILENO, STDOUT_FILENO);
1621
if(ret == -1){
1622
perror_plus("dup2(STDERR_FILENO, STDOUT_FILENO)");
1623
_exit(EX_OSERR);
1624
}
1625
ret = setenv("MANDOSNETHOOKDIR", hookdir, 1);
1626
if(ret == -1){
1627
perror_plus("setenv");
1628
_exit(EX_OSERR);
1629
}
1630
ret = setenv("DEVICE", interface, 1);
1631
if(ret == -1){
1632
perror_plus("setenv");
1633
_exit(EX_OSERR);
1634
}
1635
ret = setenv("VERBOSITY", debug ? "1" : "0", 1);
1636
if(ret == -1){
1637
perror_plus("setenv");
1638
_exit(EX_OSERR);
1639
}
1640
ret = setenv("MODE", mode, 1);
1641
if(ret == -1){
1642
perror_plus("setenv");
1643
_exit(EX_OSERR);
1644
}
1645
char *delaystring;
1646
ret = asprintf(&delaystring, "%f", (double)delay);
1647
if(ret == -1){
1648
perror_plus("asprintf");
1649
_exit(EX_OSERR);
1650
}
1651
ret = setenv("DELAY", delaystring, 1);
1652
if(ret == -1){
1653
free(delaystring);
1654
perror_plus("setenv");
1655
_exit(EX_OSERR);
1656
}
1657
free(delaystring);
1658
if(connect_to != NULL){
1659
ret = setenv("CONNECT", connect_to, 1);
1660
if(ret == -1){
1661
perror_plus("setenv");
1662
_exit(EX_OSERR);
1663
}
1664
}
1665
if(fexecve(hookdir_fd, (char *const [])
1666
{ direntry->d_name, NULL }, environ) == -1){
1667
perror_plus("fexecve");
1668
_exit(EXIT_FAILURE);
1669
}
1670
} else {
1671
int status;
1672
if(TEMP_FAILURE_RETRY(waitpid(hook_pid, &status, 0)) == -1){
1673
perror_plus("waitpid");
1674
continue;
1675
}
1676
if(WIFEXITED(status)){
1677
if(WEXITSTATUS(status) != 0){
1678
fprintf_plus(stderr, "Warning: network hook \"%s\" exited"
1679
" with status %d\n", direntry->d_name,
1680
WEXITSTATUS(status));
1681
continue;
1682
}
1683
} else if(WIFSIGNALED(status)){
1684
fprintf_plus(stderr, "Warning: network hook \"%s\" died by"
1685
" signal %d\n", direntry->d_name,
1686
WTERMSIG(status));
1687
continue;
1688
} else {
1689
fprintf_plus(stderr, "Warning: network hook \"%s\""
1690
" crashed\n", direntry->d_name);
1691
continue;
1692
}
1693
}
1694
if(debug){
1695
fprintf_plus(stderr, "Network hook \"%s\" ran successfully\n",
1696
direntry->d_name);
1697
}
1698
}
1699
if((int)TEMP_FAILURE_RETRY(close(hookdir_fd)) == -1){
1700
perror_plus("close");
1701
} else {
1702
hookdir_fd = -1;
1703
}
1704
close(devnull);
1705
}
1706
1707
__attribute__((nonnull, warn_unused_result))
1708
error_t bring_up_interface(const char *const interface,
1709
const float delay){
1710
error_t old_errno = errno;
1711
int ret;
1712
struct ifreq network;
1713
unsigned int if_index = if_nametoindex(interface);
1714
if(if_index == 0){
1715
fprintf_plus(stderr, "No such interface: \"%s\"\n", interface);
1716
errno = old_errno;
1717
return ENXIO;
1718
}
1719
1720
if(quit_now){
1721
errno = old_errno;
1722
return EINTR;
1723
}
1724
1725
if(not interface_is_up(interface)){
1726
error_t ret_errno = 0, ioctl_errno = 0;
1727
if(not get_flags(interface, &network)){
1728
ret_errno = errno;
1729
fprintf_plus(stderr, "Failed to get flags for interface "
1730
"\"%s\"\n", interface);
1731
errno = old_errno;
1732
return ret_errno;
1733
}
1734
network.ifr_flags |= IFF_UP; /* set flag */
1735
1736
int sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1737
if(sd == -1){
1738
ret_errno = errno;
1739
perror_plus("socket");
1740
errno = old_errno;
1741
return ret_errno;
1742
}
1743
1744
if(quit_now){
1745
ret = (int)TEMP_FAILURE_RETRY(close(sd));
1746
if(ret == -1){
1747
perror_plus("close");
1748
}
1749
errno = old_errno;
1750
return EINTR;
1751
}
1752
1753
if(debug){
1754
fprintf_plus(stderr, "Bringing up interface \"%s\"\n",
1755
interface);
1756
}
1757
1758
/* Raise privileges */
1759
ret_errno = raise_privileges();
1760
if(ret_errno != 0){
1761
perror_plus("Failed to raise privileges");
1762
}
1763
1764
#ifdef __linux__
1765
int ret_linux;
1766
bool restore_loglevel = false;
1767
if(ret_errno == 0){
1768
/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO
1769
messages about the network interface to mess up the prompt */
1770
ret_linux = klogctl(8, NULL, 5);
1771
if(ret_linux == -1){
1772
perror_plus("klogctl");
1773
} else {
1774
restore_loglevel = true;
1775
}
1776
}
1777
#endif /* __linux__ */
1778
int ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
1779
ioctl_errno = errno;
1780
#ifdef __linux__
1781
if(restore_loglevel){
1782
ret_linux = klogctl(7, NULL, 0);
1783
if(ret_linux == -1){
1784
perror_plus("klogctl");
1785
}
1786
}
1787
#endif /* __linux__ */
1788
1789
/* If raise_privileges() succeeded above */
1790
if(ret_errno == 0){
1791
/* Lower privileges */
1792
ret_errno = lower_privileges();
1793
if(ret_errno != 0){
1794
errno = ret_errno;
1795
perror_plus("Failed to lower privileges");
1796
}
1797
}
1798
1799
/* Close the socket */
1800
ret = (int)TEMP_FAILURE_RETRY(close(sd));
1801
if(ret == -1){
1802
perror_plus("close");
1803
}
1804
1805
if(ret_setflags == -1){
1806
errno = ioctl_errno;
1807
perror_plus("ioctl SIOCSIFFLAGS +IFF_UP");
1808
errno = old_errno;
1809
return ioctl_errno;
1810
}
1811
} else if(debug){
1812
fprintf_plus(stderr, "Interface \"%s\" is already up; good\n",
1813
interface);
1814
}
1815
1816
/* Sleep checking until interface is running.
1817
Check every 0.25s, up to total time of delay */
1818
for(int i=0; i < delay * 4; i++){
1819
if(interface_is_running(interface)){
1820
break;
1821
}
1822
struct timespec sleeptime = { .tv_nsec = 250000000 };
1823
ret = nanosleep(&sleeptime, NULL);
1824
if(ret == -1 and errno != EINTR){
1825
perror_plus("nanosleep");
1826
}
1827
}
1828
1829
errno = old_errno;
1830
return 0;
1831
}
1832
1833
__attribute__((nonnull, warn_unused_result))
1834
error_t take_down_interface(const char *const interface){
1835
error_t old_errno = errno;
1836
struct ifreq network;
1837
unsigned int if_index = if_nametoindex(interface);
1838
if(if_index == 0){
1839
fprintf_plus(stderr, "No such interface: \"%s\"\n", interface);
1840
errno = old_errno;
1841
return ENXIO;
1842
}
1843
if(interface_is_up(interface)){
1844
error_t ret_errno = 0, ioctl_errno = 0;
1845
if(not get_flags(interface, &network) and debug){
1846
ret_errno = errno;
1847
fprintf_plus(stderr, "Failed to get flags for interface "
1848
"\"%s\"\n", interface);
1849
errno = old_errno;
1850
return ret_errno;
1851
}
1852
network.ifr_flags &= ~(short)IFF_UP; /* clear flag */
1853
1854
int sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1855
if(sd == -1){
1856
ret_errno = errno;
1857
perror_plus("socket");
1858
errno = old_errno;
1859
return ret_errno;
1860
}
1861
1862
if(debug){
1863
fprintf_plus(stderr, "Taking down interface \"%s\"\n",
1864
interface);
1865
}
1866
1867
/* Raise privileges */
1868
ret_errno = raise_privileges();
1869
if(ret_errno != 0){
1870
perror_plus("Failed to raise privileges");
1871
}
1872
1873
int ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
1874
ioctl_errno = errno;
1875
1876
/* If raise_privileges() succeeded above */
1877
if(ret_errno == 0){
1878
/* Lower privileges */
1879
ret_errno = lower_privileges();
1880
if(ret_errno != 0){
1881
errno = ret_errno;
1882
perror_plus("Failed to lower privileges");
1883
}
1884
}
1885
1886
/* Close the socket */
1887
int ret = (int)TEMP_FAILURE_RETRY(close(sd));
1888
if(ret == -1){
1889
perror_plus("close");
1890
}
1891
1892
if(ret_setflags == -1){
1893
errno = ioctl_errno;
1894
perror_plus("ioctl SIOCSIFFLAGS -IFF_UP");
1895
errno = old_errno;
1896
return ioctl_errno;
1897
}
1898
} else if(debug){
1899
fprintf_plus(stderr, "Interface \"%s\" is already down; odd\n",
1900
interface);
1901
}
1902
1903
errno = old_errno;
1904
return 0;
1905
}
1906
1907
int main(int argc, char *argv[]){
1908
mandos_context mc = { .server = NULL, .dh_bits = 1024,
1909
.priority = "SECURE256:!CTYPE-X.509:"
1910
"+CTYPE-OPENPGP", .current_server = NULL,
1911
.interfaces = NULL, .interfaces_size = 0 };
1912
AvahiSServiceBrowser *sb = NULL;
1913
error_t ret_errno;
1914
int ret;
1915
intmax_t tmpmax;
1916
char *tmp;
1917
int exitcode = EXIT_SUCCESS;
1918
char *interfaces_to_take_down = NULL;
1919
size_t interfaces_to_take_down_size = 0;
1920
char run_tempdir[] = "/run/tmp/mandosXXXXXX";
1921
char old_tempdir[] = "/tmp/mandosXXXXXX";
1922
char *tempdir = NULL;
1923
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
1924
const char *seckey = PATHDIR "/" SECKEY;
1925
const char *pubkey = PATHDIR "/" PUBKEY;
1926
char *interfaces_hooks = NULL;
1927
1928
bool gnutls_initialized = false;
1929
bool gpgme_initialized = false;
1930
float delay = 2.5f;
1931
double retry_interval = 10; /* 10s between trying a server and
1932
retrying the same server again */
1933
1934
struct sigaction old_sigterm_action = { .sa_handler = SIG_DFL };
1935
struct sigaction sigterm_action = { .sa_handler = handle_sigterm };
1936
1937
uid = getuid();
1938
gid = getgid();
1939
1940
/* Lower any group privileges we might have, just to be safe */
1941
errno = 0;
1942
ret = setgid(gid);
1943
if(ret == -1){
1944
perror_plus("setgid");
1945
}
1946
1947
/* Lower user privileges (temporarily) */
1948
errno = 0;
1949
ret = seteuid(uid);
1950
if(ret == -1){
1951
perror_plus("seteuid");
1952
}
1953
1954
if(quit_now){
1955
goto end;
1956
}
1957
1958
{
1959
struct argp_option options[] = {
1960
{ .name = "debug", .key = 128,
1961
.doc = "Debug mode", .group = 3 },
1962
{ .name = "connect", .key = 'c',
1963
.arg = "ADDRESS:PORT",
1964
.doc = "Connect directly to a specific Mandos server",
1965
.group = 1 },
1966
{ .name = "interface", .key = 'i',
1967
.arg = "NAME",
1968
.doc = "Network interface that will be used to search for"
1969
" Mandos servers",
1970
.group = 1 },
1971
{ .name = "seckey", .key = 's',
1972
.arg = "FILE",
1973
.doc = "OpenPGP secret key file base name",
1974
.group = 1 },
1975
{ .name = "pubkey", .key = 'p',
1976
.arg = "FILE",
1977
.doc = "OpenPGP public key file base name",
1978
.group = 2 },
1979
{ .name = "dh-bits", .key = 129,
1980
.arg = "BITS",
1981
.doc = "Bit length of the prime number used in the"
1982
" Diffie-Hellman key exchange",
1983
.group = 2 },
1984
{ .name = "priority", .key = 130,
1985
.arg = "STRING",
1986
.doc = "GnuTLS priority string for the TLS handshake",
1987
.group = 1 },
1988
{ .name = "delay", .key = 131,
1989
.arg = "SECONDS",
1990
.doc = "Maximum delay to wait for interface startup",
1991
.group = 2 },
1992
{ .name = "retry", .key = 132,
1993
.arg = "SECONDS",
1994
.doc = "Retry interval used when denied by the Mandos server",
1995
.group = 2 },
1996
{ .name = "network-hook-dir", .key = 133,
1997
.arg = "DIR",
1998
.doc = "Directory where network hooks are located",
1999
.group = 2 },
2000
/*
2001
* These reproduce what we would get without ARGP_NO_HELP
2002
*/
2003
{ .name = "help", .key = '?',
2004
.doc = "Give this help list", .group = -1 },
2005
{ .name = "usage", .key = -3,
2006
.doc = "Give a short usage message", .group = -1 },
2007
{ .name = "version", .key = 'V',
2008
.doc = "Print program version", .group = -1 },
2009
{ .name = NULL }
2010
};
2011
2012
error_t parse_opt(int key, char *arg,
2013
struct argp_state *state){
2014
errno = 0;
2015
switch(key){
2016
case 128: /* --debug */
2017
debug = true;
2018
break;
2019
case 'c': /* --connect */
2020
connect_to = arg;
2021
break;
2022
case 'i': /* --interface */
2023
ret_errno = argz_add_sep(&mc.interfaces, &mc.interfaces_size,
2024
arg, (int)',');
2025
if(ret_errno != 0){
2026
argp_error(state, "%s", strerror(ret_errno));
2027
}
2028
break;
2029
case 's': /* --seckey */
2030
seckey = arg;
2031
break;
2032
case 'p': /* --pubkey */
2033
pubkey = arg;
2034
break;
2035
case 129: /* --dh-bits */
2036
errno = 0;
2037
tmpmax = strtoimax(arg, &tmp, 10);
2038
if(errno != 0 or tmp == arg or *tmp != '\0'
2039
or tmpmax != (typeof(mc.dh_bits))tmpmax){
2040
argp_error(state, "Bad number of DH bits");
2041
}
2042
mc.dh_bits = (typeof(mc.dh_bits))tmpmax;
2043
break;
2044
case 130: /* --priority */
2045
mc.priority = arg;
2046
break;
2047
case 131: /* --delay */
2048
errno = 0;
2049
delay = strtof(arg, &tmp);
2050
if(errno != 0 or tmp == arg or *tmp != '\0'){
2051
argp_error(state, "Bad delay");
2052
}
2053
case 132: /* --retry */
2054
errno = 0;
2055
retry_interval = strtod(arg, &tmp);
2056
if(errno != 0 or tmp == arg or *tmp != '\0'
2057
or (retry_interval * 1000) > INT_MAX
2058
or retry_interval < 0){
2059
argp_error(state, "Bad retry interval");
2060
}
2061
break;
2062
case 133: /* --network-hook-dir */
2063
hookdir = arg;
2064
break;
2065
/*
2066
* These reproduce what we would get without ARGP_NO_HELP
2067
*/
2068
case '?': /* --help */
2069
argp_state_help(state, state->out_stream,
2070
(ARGP_HELP_STD_HELP | ARGP_HELP_EXIT_ERR)
2071
& ~(unsigned int)ARGP_HELP_EXIT_OK);
2072
case -3: /* --usage */
2073
argp_state_help(state, state->out_stream,
2074
ARGP_HELP_USAGE | ARGP_HELP_EXIT_ERR);
2075
case 'V': /* --version */
2076
fprintf_plus(state->out_stream, "%s\n", argp_program_version);
2077
exit(argp_err_exit_status);
2078
break;
2079
default:
2080
return ARGP_ERR_UNKNOWN;
2081
}
2082
return errno;
2083
}
2084
2085
struct argp argp = { .options = options, .parser = parse_opt,
2086
.args_doc = "",
2087
.doc = "Mandos client -- Get and decrypt"
2088
" passwords from a Mandos server" };
2089
ret = argp_parse(&argp, argc, argv,
2090
ARGP_IN_ORDER | ARGP_NO_HELP, 0, NULL);
2091
switch(ret){
2092
case 0:
2093
break;
2094
case ENOMEM:
597
2095
default:
598
case AVAHI_BROWSER_FAILURE:
599
600
fprintf(stderr, "(Browser) %s\n",
601
avahi_strerror(avahi_server_errno(server)));
602
avahi_simple_poll_quit(simple_poll);
603
return;
604
605
case AVAHI_BROWSER_NEW:
606
/* We ignore the returned resolver object. In the callback
607
function we free it. If the server is terminated before
608
the callback function is called the server will free
609
the resolver for us. */
610
611
if (!(avahi_s_service_resolver_new(s, interface, protocol, name,
612
type, domain,
613
AVAHI_PROTO_INET6, 0,
614
resolve_callback, s)))
615
fprintf(stderr, "Failed to resolve service '%s': %s\n", name,
616
avahi_strerror(avahi_server_errno(s)));
617
break;
618
619
case AVAHI_BROWSER_REMOVE:
620
break;
621
622
case AVAHI_BROWSER_ALL_FOR_NOW:
623
case AVAHI_BROWSER_CACHE_EXHAUSTED:
624
break;
625
}
626
}
627
628
int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char*argv[]) {
2096
errno = ret;
2097
perror_plus("argp_parse");
2098
exitcode = EX_OSERR;
2099
goto end;
2100
case EINVAL:
2101
exitcode = EX_USAGE;
2102
goto end;
2103
}
2104
}
2105
2106
{
2107
/* Work around Debian bug #633582:
2108
<http://bugs.debian.org/633582> */
2109
2110
/* Re-raise privileges */
2111
ret_errno = raise_privileges();
2112
if(ret_errno != 0){
2113
errno = ret_errno;
2114
perror_plus("Failed to raise privileges");
2115
} else {
2116
struct stat st;
2117
2118
if(strcmp(seckey, PATHDIR "/" SECKEY) == 0){
2119
int seckey_fd = open(seckey, O_RDONLY);
2120
if(seckey_fd == -1){
2121
perror_plus("open");
2122
} else {
2123
ret = (int)TEMP_FAILURE_RETRY(fstat(seckey_fd, &st));
2124
if(ret == -1){
2125
perror_plus("fstat");
2126
} else {
2127
if(S_ISREG(st.st_mode)
2128
and st.st_uid == 0 and st.st_gid == 0){
2129
ret = fchown(seckey_fd, uid, gid);
2130
if(ret == -1){
2131
perror_plus("fchown");
2132
}
2133
}
2134
}
2135
TEMP_FAILURE_RETRY(close(seckey_fd));
2136
}
2137
}
2138
2139
if(strcmp(pubkey, PATHDIR "/" PUBKEY) == 0){
2140
int pubkey_fd = open(pubkey, O_RDONLY);
2141
if(pubkey_fd == -1){
2142
perror_plus("open");
2143
} else {
2144
ret = (int)TEMP_FAILURE_RETRY(fstat(pubkey_fd, &st));
2145
if(ret == -1){
2146
perror_plus("fstat");
2147
} else {
2148
if(S_ISREG(st.st_mode)
2149
and st.st_uid == 0 and st.st_gid == 0){
2150
ret = fchown(pubkey_fd, uid, gid);
2151
if(ret == -1){
2152
perror_plus("fchown");
2153
}
2154
}
2155
}
2156
TEMP_FAILURE_RETRY(close(pubkey_fd));
2157
}
2158
}
2159
2160
/* Lower privileges */
2161
ret_errno = lower_privileges();
2162
if(ret_errno != 0){
2163
errno = ret_errno;
2164
perror_plus("Failed to lower privileges");
2165
}
2166
}
2167
}
2168
2169
/* Remove invalid interface names (except "none") */
2170
{
2171
char *interface = NULL;
2172
while((interface = argz_next(mc.interfaces, mc.interfaces_size,
2173
interface))){
2174
if(strcmp(interface, "none") != 0
2175
and if_nametoindex(interface) == 0){
2176
if(interface[0] != '\0'){
2177
fprintf_plus(stderr, "Not using nonexisting interface"
2178
" \"%s\"\n", interface);
2179
}
2180
argz_delete(&mc.interfaces, &mc.interfaces_size, interface);
2181
interface = NULL;
2182
}
2183
}
2184
}
2185
2186
/* Run network hooks */
2187
{
2188
if(mc.interfaces != NULL){
2189
interfaces_hooks = malloc(mc.interfaces_size);
2190
if(interfaces_hooks == NULL){
2191
perror_plus("malloc");
2192
goto end;
2193
}
2194
memcpy(interfaces_hooks, mc.interfaces, mc.interfaces_size);
2195
argz_stringify(interfaces_hooks, mc.interfaces_size, (int)',');
2196
}
2197
run_network_hooks("start", interfaces_hooks != NULL ?
2198
interfaces_hooks : "", delay);
2199
}
2200
2201
if(not debug){
2202
avahi_set_log_function(empty_log);
2203
}
2204
2205
/* Initialize Avahi early so avahi_simple_poll_quit() can be called
2206
from the signal handler */
2207
/* Initialize the pseudo-RNG for Avahi */
2208
srand((unsigned int) time(NULL));
2209
simple_poll = avahi_simple_poll_new();
2210
if(simple_poll == NULL){
2211
fprintf_plus(stderr,
2212
"Avahi: Failed to create simple poll object.\n");
2213
exitcode = EX_UNAVAILABLE;
2214
goto end;
2215
}
2216
2217
sigemptyset(&sigterm_action.sa_mask);
2218
ret = sigaddset(&sigterm_action.sa_mask, SIGINT);
2219
if(ret == -1){
2220
perror_plus("sigaddset");
2221
exitcode = EX_OSERR;
2222
goto end;
2223
}
2224
ret = sigaddset(&sigterm_action.sa_mask, SIGHUP);
2225
if(ret == -1){
2226
perror_plus("sigaddset");
2227
exitcode = EX_OSERR;
2228
goto end;
2229
}
2230
ret = sigaddset(&sigterm_action.sa_mask, SIGTERM);
2231
if(ret == -1){
2232
perror_plus("sigaddset");
2233
exitcode = EX_OSERR;
2234
goto end;
2235
}
2236
/* Need to check if the handler is SIG_IGN before handling:
2237
| [[info:libc:Initial Signal Actions]] |
2238
| [[info:libc:Basic Signal Handling]] |
2239
*/
2240
ret = sigaction(SIGINT, NULL, &old_sigterm_action);
2241
if(ret == -1){
2242
perror_plus("sigaction");
2243
return EX_OSERR;
2244
}
2245
if(old_sigterm_action.sa_handler != SIG_IGN){
2246
ret = sigaction(SIGINT, &sigterm_action, NULL);
2247
if(ret == -1){
2248
perror_plus("sigaction");
2249
exitcode = EX_OSERR;
2250
goto end;
2251
}
2252
}
2253
ret = sigaction(SIGHUP, NULL, &old_sigterm_action);
2254
if(ret == -1){
2255
perror_plus("sigaction");
2256
return EX_OSERR;
2257
}
2258
if(old_sigterm_action.sa_handler != SIG_IGN){
2259
ret = sigaction(SIGHUP, &sigterm_action, NULL);
2260
if(ret == -1){
2261
perror_plus("sigaction");
2262
exitcode = EX_OSERR;
2263
goto end;
2264
}
2265
}
2266
ret = sigaction(SIGTERM, NULL, &old_sigterm_action);
2267
if(ret == -1){
2268
perror_plus("sigaction");
2269
return EX_OSERR;
2270
}
2271
if(old_sigterm_action.sa_handler != SIG_IGN){
2272
ret = sigaction(SIGTERM, &sigterm_action, NULL);
2273
if(ret == -1){
2274
perror_plus("sigaction");
2275
exitcode = EX_OSERR;
2276
goto end;
2277
}
2278
}
2279
2280
/* If no interfaces were specified, make a list */
2281
if(mc.interfaces == NULL){
2282
struct dirent **direntries;
2283
/* Look for any good interfaces */
2284
ret = scandir(sys_class_net, &direntries, good_interface,
2285
alphasort);
2286
if(ret >= 1){
2287
/* Add all found interfaces to interfaces list */
2288
for(int i = 0; i < ret; ++i){
2289
ret_errno = argz_add(&mc.interfaces, &mc.interfaces_size,
2290
direntries[i]->d_name);
2291
if(ret_errno != 0){
2292
errno = ret_errno;
2293
perror_plus("argz_add");
2294
continue;
2295
}
2296
if(debug){
2297
fprintf_plus(stderr, "Will use interface \"%s\"\n",
2298
direntries[i]->d_name);
2299
}
2300
}
2301
free(direntries);
2302
} else {
2303
free(direntries);
2304
fprintf_plus(stderr, "Could not find a network interface\n");
2305
exitcode = EXIT_FAILURE;
2306
goto end;
2307
}
2308
}
2309
2310
/* Bring up interfaces which are down, and remove any "none"s */
2311
{
2312
char *interface = NULL;
2313
while((interface = argz_next(mc.interfaces, mc.interfaces_size,
2314
interface))){
2315
/* If interface name is "none", stop bringing up interfaces.
2316
Also remove all instances of "none" from the list */
2317
if(strcmp(interface, "none") == 0){
2318
argz_delete(&mc.interfaces, &mc.interfaces_size,
2319
interface);
2320
interface = NULL;
2321
while((interface = argz_next(mc.interfaces,
2322
mc.interfaces_size, interface))){
2323
if(strcmp(interface, "none") == 0){
2324
argz_delete(&mc.interfaces, &mc.interfaces_size,
2325
interface);
2326
interface = NULL;
2327
}
2328
}
2329
break;
2330
}
2331
bool interface_was_up = interface_is_up(interface);
2332
errno = bring_up_interface(interface, delay);
2333
if(not interface_was_up){
2334
if(errno != 0){
2335
perror_plus("Failed to bring up interface");
2336
} else {
2337
errno = argz_add(&interfaces_to_take_down,
2338
&interfaces_to_take_down_size,
2339
interface);
2340
if(errno != 0){
2341
perror_plus("argz_add");
2342
}
2343
}
2344
}
2345
}
2346
if(debug and (interfaces_to_take_down == NULL)){
2347
fprintf_plus(stderr, "No interfaces were brought up\n");
2348
}
2349
}
2350
2351
/* If we only got one interface, explicitly use only that one */
2352
if(argz_count(mc.interfaces, mc.interfaces_size) == 1){
2353
if(debug){
2354
fprintf_plus(stderr, "Using only interface \"%s\"\n",
2355
mc.interfaces);
2356
}
2357
if_index = (AvahiIfIndex)if_nametoindex(mc.interfaces);
2358
}
2359
2360
if(quit_now){
2361
goto end;
2362
}
2363
2364
ret = init_gnutls_global(pubkey, seckey, &mc);
2365
if(ret == -1){
2366
fprintf_plus(stderr, "init_gnutls_global failed\n");
2367
exitcode = EX_UNAVAILABLE;
2368
goto end;
2369
} else {
2370
gnutls_initialized = true;
2371
}
2372
2373
if(quit_now){
2374
goto end;
2375
}
2376
2377
/* Try /run/tmp before /tmp */
2378
tempdir = mkdtemp(run_tempdir);
2379
if(tempdir == NULL and errno == ENOENT){
2380
if(debug){
2381
fprintf_plus(stderr, "Tempdir %s did not work, trying %s\n",
2382
run_tempdir, old_tempdir);
2383
}
2384
tempdir = mkdtemp(old_tempdir);
2385
}
2386
if(tempdir == NULL){
2387
perror_plus("mkdtemp");
2388
goto end;
2389
}
2390
2391
if(quit_now){
2392
goto end;
2393
}
2394
2395
if(not init_gpgme(pubkey, seckey, tempdir, &mc)){
2396
fprintf_plus(stderr, "init_gpgme failed\n");
2397
exitcode = EX_UNAVAILABLE;
2398
goto end;
2399
} else {
2400
gpgme_initialized = true;
2401
}
2402
2403
if(quit_now){
2404
goto end;
2405
}
2406
2407
if(connect_to != NULL){
2408
/* Connect directly, do not use Zeroconf */
2409
/* (Mainly meant for debugging) */
2410
char *address = strrchr(connect_to, ':');
2411
2412
if(address == NULL){
2413
fprintf_plus(stderr, "No colon in address\n");
2414
exitcode = EX_USAGE;
2415
goto end;
2416
}
2417
2418
if(quit_now){
2419
goto end;
2420
}
2421
2422
in_port_t port;
2423
errno = 0;
2424
tmpmax = strtoimax(address+1, &tmp, 10);
2425
if(errno != 0 or tmp == address+1 or *tmp != '\0'
2426
or tmpmax != (in_port_t)tmpmax){
2427
fprintf_plus(stderr, "Bad port number\n");
2428
exitcode = EX_USAGE;
2429
goto end;
2430
}
2431
2432
if(quit_now){
2433
goto end;
2434
}
2435
2436
port = (in_port_t)tmpmax;
2437
*address = '\0';
2438
/* Colon in address indicates IPv6 */
2439
int af;
2440
if(strchr(connect_to, ':') != NULL){
2441
af = AF_INET6;
2442
/* Accept [] around IPv6 address - see RFC 5952 */
2443
if(connect_to[0] == '[' and address[-1] == ']')
2444
{
2445
connect_to++;
2446
address[-1] = '\0';
2447
}
2448
} else {
2449
af = AF_INET;
2450
}
2451
address = connect_to;
2452
2453
if(quit_now){
2454
goto end;
2455
}
2456
2457
while(not quit_now){
2458
ret = start_mandos_communication(address, port, if_index, af,
2459
&mc);
2460
if(quit_now or ret == 0){
2461
break;
2462
}
2463
if(debug){
2464
fprintf_plus(stderr, "Retrying in %d seconds\n",
2465
(int)retry_interval);
2466
}
2467
sleep((unsigned int)retry_interval);
2468
}
2469
2470
if(not quit_now){
2471
exitcode = EXIT_SUCCESS;
2472
}
2473
2474
goto end;
2475
}
2476
2477
if(quit_now){
2478
goto end;
2479
}
2480
2481
{
629
2482
AvahiServerConfig config;
630
AvahiSServiceBrowser *sb = NULL;
631
int error;
632
int ret;
633
int returncode = EXIT_SUCCESS;
634
const char *interface = "eth0";
635
636
while (true){
637
static struct option long_options[] = {
638
{"debug", no_argument, (int *)&debug, 1},
639
{"interface", required_argument, 0, 'i'},
640
{0, 0, 0, 0} };
641
642
int option_index = 0;
643
ret = getopt_long (argc, argv, "i:", long_options,
644
&option_index);
645
646
if (ret == -1){
647
break;
648
}
649
650
switch(ret){
651
case 0:
652
break;
653
case 'i':
654
interface = optarg;
655
break;
656
default:
657
exit(EXIT_FAILURE);
658
}
659
}
660
661
if (not debug){
662
avahi_set_log_function(empty_log);
663
}
664
665
/* Initialize the psuedo-RNG */
666
srand((unsigned int) time(NULL));
667
668
/* Allocate main loop object */
669
if (!(simple_poll = avahi_simple_poll_new())) {
670
fprintf(stderr, "Failed to create simple poll object.\n");
671
672
goto exit;
673
}
674
675
/* Do not publish any local records */
2483
/* Do not publish any local Zeroconf records */
676
2484
avahi_server_config_init(&config);
677
2485
config.publish_hinfo = 0;
678
2486
config.publish_addresses = 0;
679
2487
config.publish_workstation = 0;
680
2488
config.publish_domain = 0;
681
2489
682
2490
/* Allocate a new server */
683
server = avahi_server_new(avahi_simple_poll_get(simple_poll),
684
&config, NULL, NULL, &error);
685
686
/* Free the configuration data */
2491
mc.server = avahi_server_new(avahi_simple_poll_get(simple_poll),
2492
&config, NULL, NULL, &ret_errno);
2493
2494
/* Free the Avahi configuration data */
687
2495
avahi_server_config_free(&config);
688
689
/* Check if creating the server object succeeded */
690
if (!server) {
691
fprintf(stderr, "Failed to create server: %s\n",
692
avahi_strerror(error));
693
returncode = EXIT_FAILURE;
694
goto exit;
695
}
696
697
/* Create the service browser */
698
sb = avahi_s_service_browser_new(server,
699
(AvahiIfIndex)
700
if_nametoindex(interface),
701
AVAHI_PROTO_INET6,
702
"_mandos._tcp", NULL, 0,
703
browse_callback, server);
704
if (!sb) {
705
fprintf(stderr, "Failed to create service browser: %s\n",
706
avahi_strerror(avahi_server_errno(server)));
707
returncode = EXIT_FAILURE;
708
goto exit;
709
}
710
711
/* Run the main loop */
712
713
if (debug){
714
fprintf(stderr, "Starting avahi loop search\n");
715
}
716
717
avahi_simple_poll_loop(simple_poll);
718
719
exit:
720
721
if (debug){
722
fprintf(stderr, "%s exiting\n", argv[0]);
723
}
724
725
/* Cleanup things */
726
if (sb)
727
avahi_s_service_browser_free(sb);
728
729
if (server)
730
avahi_server_free(server);
731
732
if (simple_poll)
733
avahi_simple_poll_free(simple_poll);
734
735
return returncode;
2496
}
2497
2498
/* Check if creating the Avahi server object succeeded */
2499
if(mc.server == NULL){
2500
fprintf_plus(stderr, "Failed to create Avahi server: %s\n",
2501
avahi_strerror(ret_errno));
2502
exitcode = EX_UNAVAILABLE;
2503
goto end;
2504
}
2505
2506
if(quit_now){
2507
goto end;
2508
}
2509
2510
/* Create the Avahi service browser */
2511
sb = avahi_s_service_browser_new(mc.server, if_index,
2512
AVAHI_PROTO_UNSPEC, "_mandos._tcp",
2513
NULL, 0, browse_callback,
2514
(void *)&mc);
2515
if(sb == NULL){
2516
fprintf_plus(stderr, "Failed to create service browser: %s\n",
2517
avahi_strerror(avahi_server_errno(mc.server)));
2518
exitcode = EX_UNAVAILABLE;
2519
goto end;
2520
}
2521
2522
if(quit_now){
2523
goto end;
2524
}
2525
2526
/* Run the main loop */
2527
2528
if(debug){
2529
fprintf_plus(stderr, "Starting Avahi loop search\n");
2530
}
2531
2532
ret = avahi_loop_with_timeout(simple_poll,
2533
(int)(retry_interval * 1000), &mc);
2534
if(debug){
2535
fprintf_plus(stderr, "avahi_loop_with_timeout exited %s\n",
2536
(ret == 0) ? "successfully" : "with error");
2537
}
2538
2539
end:
2540
2541
if(debug){
2542
fprintf_plus(stderr, "%s exiting\n", argv[0]);
2543
}
2544
2545
/* Cleanup things */
2546
free(mc.interfaces);
2547
2548
if(sb != NULL)
2549
avahi_s_service_browser_free(sb);
2550
2551
if(mc.server != NULL)
2552
avahi_server_free(mc.server);
2553
2554
if(simple_poll != NULL)
2555
avahi_simple_poll_free(simple_poll);
2556
2557
if(gnutls_initialized){
2558
gnutls_certificate_free_credentials(mc.cred);
2559
gnutls_global_deinit();
2560
gnutls_dh_params_deinit(mc.dh_params);
2561
}
2562
2563
if(gpgme_initialized){
2564
gpgme_release(mc.ctx);
2565
}
2566
2567
/* Cleans up the circular linked list of Mandos servers the client
2568
has seen */
2569
if(mc.current_server != NULL){
2570
mc.current_server->prev->next = NULL;
2571
while(mc.current_server != NULL){
2572
server *next = mc.current_server->next;
2573
free(mc.current_server);
2574
mc.current_server = next;
2575
}
2576
}
2577
2578
/* Re-raise privileges */
2579
{
2580
ret_errno = raise_privileges();
2581
if(ret_errno != 0){
2582
perror_plus("Failed to raise privileges");
2583
} else {
2584
2585
/* Run network hooks */
2586
run_network_hooks("stop", interfaces_hooks != NULL ?
2587
interfaces_hooks : "", delay);
2588
2589
/* Take down the network interfaces which were brought up */
2590
{
2591
char *interface = NULL;
2592
while((interface=argz_next(interfaces_to_take_down,
2593
interfaces_to_take_down_size,
2594
interface))){
2595
ret_errno = take_down_interface(interface);
2596
if(ret_errno != 0){
2597
errno = ret_errno;
2598
perror_plus("Failed to take down interface");
2599
}
2600
}
2601
if(debug and (interfaces_to_take_down == NULL)){
2602
fprintf_plus(stderr, "No interfaces needed to be taken"
2603
" down\n");
2604
}
2605
}
2606
}
2607
2608
ret_errno = lower_privileges_permanently();
2609
if(ret_errno != 0){
2610
perror_plus("Failed to lower privileges permanently");
2611
}
2612
}
2613
2614
free(interfaces_to_take_down);
2615
free(interfaces_hooks);
2616
2617
/* Removes the GPGME temp directory and all files inside */
2618
if(tempdir != NULL){
2619
struct dirent **direntries = NULL;
2620
struct dirent *direntry = NULL;
2621
int numentries = scandir(tempdir, &direntries, notdotentries,
2622
alphasort);
2623
if(numentries > 0){
2624
for(int i = 0; i < numentries; i++){
2625
direntry = direntries[i];
2626
char *fullname = NULL;
2627
ret = asprintf(&fullname, "%s/%s", tempdir,
2628
direntry->d_name);
2629
if(ret < 0){
2630
perror_plus("asprintf");
2631
continue;
2632
}
2633
ret = remove(fullname);
2634
if(ret == -1){
2635
fprintf_plus(stderr, "remove(\"%s\"): %s\n", fullname,
2636
strerror(errno));
2637
}
2638
free(fullname);
2639
}
2640
}
2641
2642
/* need to clean even if 0 because man page doesn't specify */
2643
free(direntries);
2644
if(numentries == -1){
2645
perror_plus("scandir");
2646
}
2647
ret = rmdir(tempdir);
2648
if(ret == -1 and errno != ENOENT){
2649
perror_plus("rmdir");
2650
}
2651
}
2652
2653
if(quit_now){
2654
sigemptyset(&old_sigterm_action.sa_mask);
2655
old_sigterm_action.sa_handler = SIG_DFL;
2656
ret = (int)TEMP_FAILURE_RETRY(sigaction(signal_received,
2657
&old_sigterm_action,
2658
NULL));
2659
if(ret == -1){
2660
perror_plus("sigaction");
2661
}
2662
do {
2663
ret = raise(signal_received);
2664
} while(ret != 0 and errno == EINTR);
2665
if(ret != 0){
2666
perror_plus("raise");
2667
abort();
2668
}
2669
TEMP_FAILURE_RETRY(pause());
2670
}
2671
2672
return exitcode;
736
2673
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0