To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/mandos-client.c
- browse files at revision 777
- compare with another revision
- download diff
- download tarball
- view history from revision 777
- Committer: Teddy Hogeborn
- Date: 2015-07-20 03:03:33 UTC
- Revision ID: teddy@recompile.se-20150720030333-203m2aeblypcsfte
Bug fix for GnuTLS 3: be compatible with old 2048-bit DSA keys.
The mandos-keygen program in Mandos version 1.6.0 and older generated
2048-bit DSA keys, and when GnuTLS uses these it has trouble
connecting using the Mandos default priority string. This was
previously fixed in Mandos 1.6.2, but the bug reappeared when using
GnuTLS 3, so the default priority string has to change again; this
time also the Mandos client has to change its default, so now the
server and the client should use the same default priority string:
SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA:+SIGN-DSA-SHA256
* mandos (main/server_defaults): Changed default priority string.
* mandos-options.xml (/section/para[id="priority_compat"]): Removed.
(/section/para[id="priority"]): Changed default priority string.
* mandos.conf ([DEFAULT]/priority): - '' -
* mandos.conf.xml (OPTIONS/priority): Refer to the id "priority"
instead of "priority_compat".
* mandos.xml (OPTIONS/--priority): - '' -
* plugins.d/mandos-client.c (main): Changed default priority string.
The mandos-keygen program in Mandos version 1.6.0 and older generated
2048-bit DSA keys, and when GnuTLS uses these it has trouble
connecting using the Mandos default priority string. This was
previously fixed in Mandos 1.6.2, but the bug reappeared when using
GnuTLS 3, so the default priority string has to change again; this
time also the Mandos client has to change its default, so now the
server and the client should use the same default priority string:
SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA:+SIGN-DSA-SHA256
* mandos (main/server_defaults): Changed default priority string.
* mandos-options.xml (/section/para[id="priority_compat"]): Removed.
(/section/para[id="priority"]): Changed default priority string.
* mandos.conf ([DEFAULT]/priority): - '' -
* mandos.conf.xml (OPTIONS/priority): Refer to the id "priority"
instead of "priority_compat".
* mandos.xml (OPTIONS/--priority): - '' -
* plugins.d/mandos-client.c (main): Changed default priority string.
- files added:
- DBUS-API
- debian/source
- debian/upstream
- network-hooks.d
- plugin-helpers
- files modified:
- .bzrignore
added
removed
plugins.d/mandos-client.c
9
9
* "browse_callback", and parts of "main".
10
10
*
11
11
* Everything else is
12
* Copyright © 2008,2009 Teddy Hogeborn
13
* Copyright © 2008,2009 Björn Påhlsson
12
* Copyright © 2008-2015 Teddy Hogeborn
13
* Copyright © 2008-2015 Björn Påhlsson
14
14
*
15
15
* This program is free software: you can redistribute it and/or
16
16
* modify it under the terms of the GNU General Public License as
26
26
* along with this program. If not, see
27
27
* <http://www.gnu.org/licenses/>.
28
28
*
29
* Contact the authors at <mandos@fukt.bsnet.se>.
29
* Contact the authors at <mandos@recompile.se>.
30
30
*/
31
31
32
32
/* Needed by GPGME, specifically gpgme_data_seek() */
33
#ifndef _LARGEFILE_SOURCE
33
34
#define _LARGEFILE_SOURCE
35
#endif /* not _LARGEFILE_SOURCE */
36
#ifndef _FILE_OFFSET_BITS
34
37
#define _FILE_OFFSET_BITS 64
38
#endif /* not _FILE_OFFSET_BITS */
35
39
36
40
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */
37
41
38
42
#include <stdio.h> /* fprintf(), stderr, fwrite(),
39
stdout, ferror(), sscanf(),
40
remove() */
41
#include <stdint.h> /* uint16_t, uint32_t */
43
stdout, ferror() */
44
#include <stdint.h> /* uint16_t, uint32_t, intptr_t */
42
45
#include <stddef.h> /* NULL, size_t, ssize_t */
43
#include <stdlib.h> /* free(), EXIT_SUCCESS, EXIT_FAILURE,
44
srand() */
46
#include <stdlib.h> /* free(), EXIT_SUCCESS, srand(),
47
strtof(), abort() */
45
48
#include <stdbool.h> /* bool, false, true */
46
#include <string.h> /* memset(), strcmp(), strlen(),
47
strerror(), asprintf(), strcpy() */
49
#include <string.h> /* strcmp(), strlen(), strerror(),
50
asprintf(), strcpy() */
48
51
#include <sys/ioctl.h> /* ioctl */
49
52
#include <sys/types.h> /* socket(), inet_pton(), sockaddr,
50
53
sockaddr_in6, PF_INET6,
51
54
SOCK_STREAM, uid_t, gid_t, open(),
52
55
opendir(), DIR */
53
#include <sys/stat.h> /* open() */
56
#include <sys/stat.h> /* open(), S_ISREG */
54
57
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
55
inet_pton(), connect() */
56
#include <fcntl.h> /* open() */
58
inet_pton(), connect(),
59
getnameinfo() */
60
#include <fcntl.h> /* open(), unlinkat() */
57
61
#include <dirent.h> /* opendir(), struct dirent, readdir()
58
62
*/
59
#include <inttypes.h> /* PRIu16, intmax_t, SCNdMAX */
60
#include <assert.h> /* assert() */
61
#include <errno.h> /* perror(), errno */
62
#include <time.h> /* nanosleep(), time() */
63
#include <inttypes.h> /* PRIu16, PRIdMAX, intmax_t,
64
strtoimax() */
65
#include <errno.h> /* perror(), errno,
66
program_invocation_short_name */
67
#include <time.h> /* nanosleep(), time(), sleep() */
63
68
#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
64
69
SIOCSIFFLAGS, if_indextoname(),
65
70
if_nametoindex(), IF_NAMESIZE */
67
72
INET_ADDRSTRLEN, INET6_ADDRSTRLEN
68
73
*/
69
74
#include <unistd.h> /* close(), SEEK_SET, off_t, write(),
70
getuid(), getgid(), setuid(),
71
setgid() */
72
#include <arpa/inet.h> /* inet_pton(), htons */
75
getuid(), getgid(), seteuid(),
76
setgid(), pause(), _exit(),
77
unlinkat() */
78
#include <arpa/inet.h> /* inet_pton(), htons() */
73
79
#include <iso646.h> /* not, or, and */
74
80
#include <argp.h> /* struct argp_option, error_t, struct
75
81
argp_state, struct argp,
76
82
argp_parse(), ARGP_KEY_ARG,
77
83
ARGP_KEY_END, ARGP_ERR_UNKNOWN */
78
84
#include <signal.h> /* sigemptyset(), sigaddset(),
79
sigaction(), SIGTERM, sigaction,
80
sig_atomic_t */
85
sigaction(), SIGTERM, sig_atomic_t,
86
raise() */
87
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_UNAVAILABLE,
88
EX_NOHOST, EX_IOERR, EX_PROTOCOL */
89
#include <sys/wait.h> /* waitpid(), WIFEXITED(),
90
WEXITSTATUS(), WTERMSIG() */
91
#include <grp.h> /* setgroups() */
92
#include <argz.h> /* argz_add_sep(), argz_next(),
93
argz_delete(), argz_append(),
94
argz_stringify(), argz_add(),
95
argz_count() */
96
#include <netdb.h> /* getnameinfo(), NI_NUMERICHOST,
97
EAI_SYSTEM, gai_strerror() */
81
98
82
99
#ifdef __linux__
83
100
#include <sys/klog.h> /* klogctl() */
101
118
init_gnutls_session(),
102
119
GNUTLS_* */
103
120
#include <gnutls/openpgp.h>
104
/* gnutls_certificate_set_openpgp_key_file(),
105
GNUTLS_OPENPGP_FMT_BASE64 */
121
/* gnutls_certificate_set_openpgp_key_file(),
122
GNUTLS_OPENPGP_FMT_BASE64 */
106
123
107
124
/* GPGME */
108
125
#include <gpgme.h> /* All GPGME types, constants and
116
133
#define PATHDIR "/conf/conf.d/mandos"
117
134
#define SECKEY "seckey.txt"
118
135
#define PUBKEY "pubkey.txt"
136
#define HOOKDIR "/lib/mandos/network-hooks.d"
119
137
120
138
bool debug = false;
121
139
static const char mandos_protocol_version[] = "1";
122
140
const char *argp_program_version = "mandos-client " VERSION;
123
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
141
const char *argp_program_bug_address = "<mandos@recompile.se>";
142
static const char sys_class_net[] = "/sys/class/net";
143
char *connect_to = NULL;
144
const char *hookdir = HOOKDIR;
145
int hookdir_fd = -1;
146
uid_t uid = 65534;
147
gid_t gid = 65534;
148
149
/* Doubly linked list that need to be circularly linked when used */
150
typedef struct server{
151
const char *ip;
152
in_port_t port;
153
AvahiIfIndex if_index;
154
int af;
155
struct timespec last_seen;
156
struct server *next;
157
struct server *prev;
158
} server;
124
159
125
160
/* Used for passing in values through the Avahi callback functions */
126
161
typedef struct {
127
AvahiSimplePoll *simple_poll;
128
162
AvahiServer *server;
129
163
gnutls_certificate_credentials_t cred;
130
164
unsigned int dh_bits;
131
165
gnutls_dh_params_t dh_params;
132
166
const char *priority;
133
167
gpgme_ctx_t ctx;
168
server *current_server;
169
char *interfaces;
170
size_t interfaces_size;
134
171
} mandos_context;
135
172
136
/* global context so signal handler can reach it*/
137
mandos_context mc;
173
/* global so signal handler can reach it*/
174
AvahiSimplePoll *simple_poll;
175
176
sig_atomic_t quit_now = 0;
177
int signal_received = 0;
178
179
/* Function to use when printing errors */
180
void perror_plus(const char *print_text){
181
int e = errno;
182
fprintf(stderr, "Mandos plugin %s: ",
183
program_invocation_short_name);
184
errno = e;
185
perror(print_text);
186
}
187
188
__attribute__((format (gnu_printf, 2, 3), nonnull))
189
int fprintf_plus(FILE *stream, const char *format, ...){
190
va_list ap;
191
va_start (ap, format);
192
193
TEMP_FAILURE_RETRY(fprintf(stream, "Mandos plugin %s: ",
194
program_invocation_short_name));
195
return (int)TEMP_FAILURE_RETRY(vfprintf(stream, format, ap));
196
}
138
197
139
198
/*
140
199
* Make additional room in "buffer" for at least BUFFER_SIZE more
141
200
* bytes. "buffer_capacity" is how much is currently allocated,
142
201
* "buffer_length" is how much is already used.
143
202
*/
203
__attribute__((nonnull, warn_unused_result))
144
204
size_t incbuffer(char **buffer, size_t buffer_length,
145
size_t buffer_capacity){
205
size_t buffer_capacity){
146
206
if(buffer_length + BUFFER_SIZE > buffer_capacity){
147
*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
148
if(buffer == NULL){
207
char *new_buf = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
208
if(new_buf == NULL){
209
int old_errno = errno;
210
free(*buffer);
211
errno = old_errno;
212
*buffer = NULL;
149
213
return 0;
150
214
}
215
*buffer = new_buf;
151
216
buffer_capacity += BUFFER_SIZE;
152
217
}
153
218
return buffer_capacity;
154
219
}
155
220
221
/* Add server to set of servers to retry periodically */
222
__attribute__((nonnull, warn_unused_result))
223
bool add_server(const char *ip, in_port_t port, AvahiIfIndex if_index,
224
int af, server **current_server){
225
int ret;
226
server *new_server = malloc(sizeof(server));
227
if(new_server == NULL){
228
perror_plus("malloc");
229
return false;
230
}
231
*new_server = (server){ .ip = strdup(ip),
232
.port = port,
233
.if_index = if_index,
234
.af = af };
235
if(new_server->ip == NULL){
236
perror_plus("strdup");
237
free(new_server);
238
return false;
239
}
240
ret = clock_gettime(CLOCK_MONOTONIC, &(new_server->last_seen));
241
if(ret == -1){
242
perror_plus("clock_gettime");
243
#ifdef __GNUC__
244
#pragma GCC diagnostic push
245
#pragma GCC diagnostic ignored "-Wcast-qual"
246
#endif
247
free((char *)(new_server->ip));
248
#ifdef __GNUC__
249
#pragma GCC diagnostic pop
250
#endif
251
free(new_server);
252
return false;
253
}
254
/* Special case of first server */
255
if(*current_server == NULL){
256
new_server->next = new_server;
257
new_server->prev = new_server;
258
*current_server = new_server;
259
} else {
260
/* Place the new server last in the list */
261
new_server->next = *current_server;
262
new_server->prev = (*current_server)->prev;
263
new_server->prev->next = new_server;
264
(*current_server)->prev = new_server;
265
}
266
return true;
267
}
268
156
269
/*
157
270
* Initialize GPGME.
158
271
*/
159
static bool init_gpgme(const char *seckey,
160
const char *pubkey, const char *tempdir){
161
int ret;
272
__attribute__((nonnull, warn_unused_result))
273
static bool init_gpgme(const char * const seckey,
274
const char * const pubkey,
275
const char * const tempdir,
276
mandos_context *mc){
162
277
gpgme_error_t rc;
163
278
gpgme_engine_info_t engine_info;
164
279
165
166
280
/*
167
281
* Helper function to insert pub and seckey to the engine keyring.
168
282
*/
169
bool import_key(const char *filename){
283
bool import_key(const char * const filename){
284
int ret;
170
285
int fd;
171
286
gpgme_data_t pgp_data;
172
287
173
288
fd = (int)TEMP_FAILURE_RETRY(open(filename, O_RDONLY));
174
289
if(fd == -1){
175
perror("open");
290
perror_plus("open");
176
291
return false;
177
292
}
178
293
179
294
rc = gpgme_data_new_from_fd(&pgp_data, fd);
180
295
if(rc != GPG_ERR_NO_ERROR){
181
fprintf(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",
182
gpgme_strsource(rc), gpgme_strerror(rc));
296
fprintf_plus(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",
297
gpgme_strsource(rc), gpgme_strerror(rc));
183
298
return false;
184
299
}
185
300
186
rc = gpgme_op_import(mc.ctx, pgp_data);
301
rc = gpgme_op_import(mc->ctx, pgp_data);
187
302
if(rc != GPG_ERR_NO_ERROR){
188
fprintf(stderr, "bad gpgme_op_import: %s: %s\n",
189
gpgme_strsource(rc), gpgme_strerror(rc));
303
fprintf_plus(stderr, "bad gpgme_op_import: %s: %s\n",
304
gpgme_strsource(rc), gpgme_strerror(rc));
190
305
return false;
191
306
}
192
307
193
ret = (int)TEMP_FAILURE_RETRY(close(fd));
308
ret = close(fd);
194
309
if(ret == -1){
195
perror("close");
310
perror_plus("close");
196
311
}
197
312
gpgme_data_release(pgp_data);
198
313
return true;
199
314
}
200
315
201
316
if(debug){
202
fprintf(stderr, "Initializing GPGME\n");
317
fprintf_plus(stderr, "Initializing GPGME\n");
203
318
}
204
319
205
320
/* Init GPGME */
206
321
gpgme_check_version(NULL);
207
322
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
208
323
if(rc != GPG_ERR_NO_ERROR){
209
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
210
gpgme_strsource(rc), gpgme_strerror(rc));
324
fprintf_plus(stderr, "bad gpgme_engine_check_version: %s: %s\n",
325
gpgme_strsource(rc), gpgme_strerror(rc));
211
326
return false;
212
327
}
213
328
214
/* Set GPGME home directory for the OpenPGP engine only */
329
/* Set GPGME home directory for the OpenPGP engine only */
215
330
rc = gpgme_get_engine_info(&engine_info);
216
331
if(rc != GPG_ERR_NO_ERROR){
217
fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
218
gpgme_strsource(rc), gpgme_strerror(rc));
332
fprintf_plus(stderr, "bad gpgme_get_engine_info: %s: %s\n",
333
gpgme_strsource(rc), gpgme_strerror(rc));
219
334
return false;
220
335
}
221
336
while(engine_info != NULL){
227
342
engine_info = engine_info->next;
228
343
}
229
344
if(engine_info == NULL){
230
fprintf(stderr, "Could not set GPGME home dir to %s\n", tempdir);
345
fprintf_plus(stderr, "Could not set GPGME home dir to %s\n",
346
tempdir);
231
347
return false;
232
348
}
233
349
234
350
/* Create new GPGME "context" */
235
rc = gpgme_new(&(mc.ctx));
351
rc = gpgme_new(&(mc->ctx));
236
352
if(rc != GPG_ERR_NO_ERROR){
237
fprintf(stderr, "bad gpgme_new: %s: %s\n",
238
gpgme_strsource(rc), gpgme_strerror(rc));
353
fprintf_plus(stderr, "Mandos plugin mandos-client: "
354
"bad gpgme_new: %s: %s\n", gpgme_strsource(rc),
355
gpgme_strerror(rc));
239
356
return false;
240
357
}
241
358
243
360
return false;
244
361
}
245
362
246
return true;
363
return true;
247
364
}
248
365
249
366
/*
250
367
* Decrypt OpenPGP data.
251
368
* Returns -1 on error
252
369
*/
370
__attribute__((nonnull, warn_unused_result))
253
371
static ssize_t pgp_packet_decrypt(const char *cryptotext,
254
372
size_t crypto_size,
255
char **plaintext){
373
char **plaintext,
374
mandos_context *mc){
256
375
gpgme_data_t dh_crypto, dh_plain;
257
376
gpgme_error_t rc;
258
377
ssize_t ret;
260
379
ssize_t plaintext_length = 0;
261
380
262
381
if(debug){
263
fprintf(stderr, "Trying to decrypt OpenPGP data\n");
382
fprintf_plus(stderr, "Trying to decrypt OpenPGP data\n");
264
383
}
265
384
266
385
/* Create new GPGME data buffer from memory cryptotext */
267
386
rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,
268
387
0);
269
388
if(rc != GPG_ERR_NO_ERROR){
270
fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
271
gpgme_strsource(rc), gpgme_strerror(rc));
389
fprintf_plus(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
390
gpgme_strsource(rc), gpgme_strerror(rc));
272
391
return -1;
273
392
}
274
393
275
394
/* Create new empty GPGME data buffer for the plaintext */
276
395
rc = gpgme_data_new(&dh_plain);
277
396
if(rc != GPG_ERR_NO_ERROR){
278
fprintf(stderr, "bad gpgme_data_new: %s: %s\n",
279
gpgme_strsource(rc), gpgme_strerror(rc));
397
fprintf_plus(stderr, "Mandos plugin mandos-client: "
398
"bad gpgme_data_new: %s: %s\n",
399
gpgme_strsource(rc), gpgme_strerror(rc));
280
400
gpgme_data_release(dh_crypto);
281
401
return -1;
282
402
}
283
403
284
404
/* Decrypt data from the cryptotext data buffer to the plaintext
285
405
data buffer */
286
rc = gpgme_op_decrypt(mc.ctx, dh_crypto, dh_plain);
406
rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);
287
407
if(rc != GPG_ERR_NO_ERROR){
288
fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
289
gpgme_strsource(rc), gpgme_strerror(rc));
408
fprintf_plus(stderr, "bad gpgme_op_decrypt: %s: %s\n",
409
gpgme_strsource(rc), gpgme_strerror(rc));
290
410
plaintext_length = -1;
291
411
if(debug){
292
412
gpgme_decrypt_result_t result;
293
result = gpgme_op_decrypt_result(mc.ctx);
413
result = gpgme_op_decrypt_result(mc->ctx);
294
414
if(result == NULL){
295
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
415
fprintf_plus(stderr, "gpgme_op_decrypt_result failed\n");
296
416
} else {
297
fprintf(stderr, "Unsupported algorithm: %s\n",
298
result->unsupported_algorithm);
299
fprintf(stderr, "Wrong key usage: %u\n",
300
result->wrong_key_usage);
417
fprintf_plus(stderr, "Unsupported algorithm: %s\n",
418
result->unsupported_algorithm);
419
fprintf_plus(stderr, "Wrong key usage: %u\n",
420
result->wrong_key_usage);
301
421
if(result->file_name != NULL){
302
fprintf(stderr, "File name: %s\n", result->file_name);
422
fprintf_plus(stderr, "File name: %s\n", result->file_name);
303
423
}
304
424
gpgme_recipient_t recipient;
305
425
recipient = result->recipients;
306
if(recipient){
307
while(recipient != NULL){
308
fprintf(stderr, "Public key algorithm: %s\n",
309
gpgme_pubkey_algo_name(recipient->pubkey_algo));
310
fprintf(stderr, "Key ID: %s\n", recipient->keyid);
311
fprintf(stderr, "Secret key available: %s\n",
312
recipient->status == GPG_ERR_NO_SECKEY
313
? "No" : "Yes");
314
recipient = recipient->next;
315
}
426
while(recipient != NULL){
427
fprintf_plus(stderr, "Public key algorithm: %s\n",
428
gpgme_pubkey_algo_name
429
(recipient->pubkey_algo));
430
fprintf_plus(stderr, "Key ID: %s\n", recipient->keyid);
431
fprintf_plus(stderr, "Secret key available: %s\n",
432
recipient->status == GPG_ERR_NO_SECKEY
433
? "No" : "Yes");
434
recipient = recipient->next;
316
435
}
317
436
}
318
437
}
320
439
}
321
440
322
441
if(debug){
323
fprintf(stderr, "Decryption of OpenPGP data succeeded\n");
442
fprintf_plus(stderr, "Decryption of OpenPGP data succeeded\n");
324
443
}
325
444
326
445
/* Seek back to the beginning of the GPGME plaintext data buffer */
327
446
if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){
328
perror("gpgme_data_seek");
447
perror_plus("gpgme_data_seek");
329
448
plaintext_length = -1;
330
449
goto decrypt_end;
331
450
}
333
452
*plaintext = NULL;
334
453
while(true){
335
454
plaintext_capacity = incbuffer(plaintext,
336
(size_t)plaintext_length,
337
plaintext_capacity);
455
(size_t)plaintext_length,
456
plaintext_capacity);
338
457
if(plaintext_capacity == 0){
339
perror("incbuffer");
340
plaintext_length = -1;
341
goto decrypt_end;
458
perror_plus("incbuffer");
459
plaintext_length = -1;
460
goto decrypt_end;
342
461
}
343
462
344
463
ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,
349
468
break;
350
469
}
351
470
if(ret < 0){
352
perror("gpgme_data_read");
471
perror_plus("gpgme_data_read");
353
472
plaintext_length = -1;
354
473
goto decrypt_end;
355
474
}
357
476
}
358
477
359
478
if(debug){
360
fprintf(stderr, "Decrypted password is: ");
479
fprintf_plus(stderr, "Decrypted password is: ");
361
480
for(ssize_t i = 0; i < plaintext_length; i++){
362
481
fprintf(stderr, "%02hhX ", (*plaintext)[i]);
363
482
}
374
493
return plaintext_length;
375
494
}
376
495
377
static const char * safer_gnutls_strerror(int value){
378
const char *ret = gnutls_strerror(value); /* Spurious warning from
379
-Wunreachable-code */
380
if(ret == NULL)
381
ret = "(unknown)";
382
return ret;
496
__attribute__((warn_unused_result, const))
497
static const char *safe_string(const char *str){
498
if(str == NULL)
499
return "(unknown)";
500
return str;
501
}
502
503
__attribute__((warn_unused_result))
504
static const char *safer_gnutls_strerror(int value){
505
const char *ret = gnutls_strerror(value);
506
return safe_string(ret);
383
507
}
384
508
385
509
/* GnuTLS log function callback */
510
__attribute__((nonnull))
386
511
static void debuggnutls(__attribute__((unused)) int level,
387
512
const char* string){
388
fprintf(stderr, "GnuTLS: %s", string);
513
fprintf_plus(stderr, "GnuTLS: %s", string);
389
514
}
390
515
516
__attribute__((nonnull, warn_unused_result))
391
517
static int init_gnutls_global(const char *pubkeyfilename,
392
const char *seckeyfilename){
518
const char *seckeyfilename,
519
const char *dhparamsfilename,
520
mandos_context *mc){
393
521
int ret;
522
unsigned int uret;
394
523
395
524
if(debug){
396
fprintf(stderr, "Initializing GnuTLS\n");
525
fprintf_plus(stderr, "Initializing GnuTLS\n");
397
526
}
398
527
399
528
ret = gnutls_global_init();
400
529
if(ret != GNUTLS_E_SUCCESS){
401
fprintf(stderr, "GnuTLS global_init: %s\n",
402
safer_gnutls_strerror(ret));
530
fprintf_plus(stderr, "GnuTLS global_init: %s\n",
531
safer_gnutls_strerror(ret));
403
532
return -1;
404
533
}
405
534
412
541
}
413
542
414
543
/* OpenPGP credentials */
415
gnutls_certificate_allocate_credentials(&mc.cred);
544
ret = gnutls_certificate_allocate_credentials(&mc->cred);
416
545
if(ret != GNUTLS_E_SUCCESS){
417
fprintf(stderr, "GnuTLS memory error: %s\n", /* Spurious warning
418
from
419
-Wunreachable-code
420
*/
421
safer_gnutls_strerror(ret));
546
fprintf_plus(stderr, "GnuTLS memory error: %s\n",
547
safer_gnutls_strerror(ret));
422
548
gnutls_global_deinit();
423
549
return -1;
424
550
}
425
551
426
552
if(debug){
427
fprintf(stderr, "Attempting to use OpenPGP public key %s and"
428
" secret key %s as GnuTLS credentials\n", pubkeyfilename,
429
seckeyfilename);
553
fprintf_plus(stderr, "Attempting to use OpenPGP public key %s and"
554
" secret key %s as GnuTLS credentials\n",
555
pubkeyfilename,
556
seckeyfilename);
430
557
}
431
558
432
559
ret = gnutls_certificate_set_openpgp_key_file
433
(mc.cred, pubkeyfilename, seckeyfilename,
560
(mc->cred, pubkeyfilename, seckeyfilename,
434
561
GNUTLS_OPENPGP_FMT_BASE64);
435
562
if(ret != GNUTLS_E_SUCCESS){
436
fprintf(stderr,
437
"Error[%d] while reading the OpenPGP key pair ('%s',"
438
" '%s')\n", ret, pubkeyfilename, seckeyfilename);
439
fprintf(stderr, "The GnuTLS error is: %s\n",
440
safer_gnutls_strerror(ret));
563
fprintf_plus(stderr,
564
"Error[%d] while reading the OpenPGP key pair ('%s',"
565
" '%s')\n", ret, pubkeyfilename, seckeyfilename);
566
fprintf_plus(stderr, "The GnuTLS error is: %s\n",
567
safer_gnutls_strerror(ret));
441
568
goto globalfail;
442
569
}
443
570
444
571
/* GnuTLS server initialization */
445
ret = gnutls_dh_params_init(&mc.dh_params);
446
if(ret != GNUTLS_E_SUCCESS){
447
fprintf(stderr, "Error in GnuTLS DH parameter initialization:"
448
" %s\n", safer_gnutls_strerror(ret));
449
goto globalfail;
450
}
451
ret = gnutls_dh_params_generate2(mc.dh_params, mc.dh_bits);
452
if(ret != GNUTLS_E_SUCCESS){
453
fprintf(stderr, "Error in GnuTLS prime generation: %s\n",
454
safer_gnutls_strerror(ret));
455
goto globalfail;
456
}
457
458
gnutls_certificate_set_dh_params(mc.cred, mc.dh_params);
572
ret = gnutls_dh_params_init(&mc->dh_params);
573
if(ret != GNUTLS_E_SUCCESS){
574
fprintf_plus(stderr, "Error in GnuTLS DH parameter"
575
" initialization: %s\n",
576
safer_gnutls_strerror(ret));
577
goto globalfail;
578
}
579
/* If a Diffie-Hellman parameters file was given, try to use it */
580
if(dhparamsfilename != NULL){
581
gnutls_datum_t params = { .data = NULL, .size = 0 };
582
do {
583
int dhpfile = open(dhparamsfilename, O_RDONLY);
584
if(dhpfile == -1){
585
perror_plus("open");
586
dhparamsfilename = NULL;
587
break;
588
}
589
size_t params_capacity = 0;
590
while(true){
591
params_capacity = incbuffer((char **)¶ms.data,
592
(size_t)params.size,
593
(size_t)params_capacity);
594
if(params_capacity == 0){
595
perror_plus("incbuffer");
596
free(params.data);
597
params.data = NULL;
598
dhparamsfilename = NULL;
599
break;
600
}
601
ssize_t bytes_read = read(dhpfile,
602
params.data + params.size,
603
BUFFER_SIZE);
604
/* EOF */
605
if(bytes_read == 0){
606
break;
607
}
608
/* check bytes_read for failure */
609
if(bytes_read < 0){
610
perror_plus("read");
611
free(params.data);
612
params.data = NULL;
613
dhparamsfilename = NULL;
614
break;
615
}
616
params.size += (unsigned int)bytes_read;
617
}
618
if(params.data == NULL){
619
dhparamsfilename = NULL;
620
}
621
if(dhparamsfilename == NULL){
622
break;
623
}
624
ret = gnutls_dh_params_import_pkcs3(mc->dh_params, ¶ms,
625
GNUTLS_X509_FMT_PEM);
626
if(ret != GNUTLS_E_SUCCESS){
627
fprintf_plus(stderr, "Failed to parse DH parameters in file"
628
" \"%s\": %s\n", dhparamsfilename,
629
safer_gnutls_strerror(ret));
630
dhparamsfilename = NULL;
631
}
632
} while(false);
633
}
634
if(dhparamsfilename == NULL){
635
if(mc->dh_bits == 0){
636
/* Find out the optimal number of DH bits */
637
/* Try to read the private key file */
638
gnutls_datum_t buffer = { .data = NULL, .size = 0 };
639
do {
640
int secfile = open(seckeyfilename, O_RDONLY);
641
if(secfile == -1){
642
perror_plus("open");
643
break;
644
}
645
size_t buffer_capacity = 0;
646
while(true){
647
buffer_capacity = incbuffer((char **)&buffer.data,
648
(size_t)buffer.size,
649
(size_t)buffer_capacity);
650
if(buffer_capacity == 0){
651
perror_plus("incbuffer");
652
free(buffer.data);
653
buffer.data = NULL;
654
break;
655
}
656
ssize_t bytes_read = read(secfile,
657
buffer.data + buffer.size,
658
BUFFER_SIZE);
659
/* EOF */
660
if(bytes_read == 0){
661
break;
662
}
663
/* check bytes_read for failure */
664
if(bytes_read < 0){
665
perror_plus("read");
666
free(buffer.data);
667
buffer.data = NULL;
668
break;
669
}
670
buffer.size += (unsigned int)bytes_read;
671
}
672
close(secfile);
673
} while(false);
674
/* If successful, use buffer to parse private key */
675
gnutls_sec_param_t sec_param = GNUTLS_SEC_PARAM_ULTRA;
676
if(buffer.data != NULL){
677
{
678
gnutls_openpgp_privkey_t privkey = NULL;
679
ret = gnutls_openpgp_privkey_init(&privkey);
680
if(ret != GNUTLS_E_SUCCESS){
681
fprintf_plus(stderr, "Error initializing OpenPGP key"
682
" structure: %s",
683
safer_gnutls_strerror(ret));
684
free(buffer.data);
685
buffer.data = NULL;
686
} else {
687
ret = gnutls_openpgp_privkey_import
688
(privkey, &buffer, GNUTLS_OPENPGP_FMT_BASE64, "", 0);
689
if(ret != GNUTLS_E_SUCCESS){
690
fprintf_plus(stderr, "Error importing OpenPGP key : %s",
691
safer_gnutls_strerror(ret));
692
privkey = NULL;
693
}
694
free(buffer.data);
695
buffer.data = NULL;
696
if(privkey != NULL){
697
/* Use private key to suggest an appropriate
698
sec_param */
699
sec_param = gnutls_openpgp_privkey_sec_param(privkey);
700
gnutls_openpgp_privkey_deinit(privkey);
701
if(debug){
702
fprintf_plus(stderr, "This OpenPGP key implies using"
703
" a GnuTLS security parameter \"%s\".\n",
704
safe_string(gnutls_sec_param_get_name
705
(sec_param)));
706
}
707
}
708
}
709
}
710
if(sec_param == GNUTLS_SEC_PARAM_UNKNOWN){
711
/* Err on the side of caution */
712
sec_param = GNUTLS_SEC_PARAM_ULTRA;
713
if(debug){
714
fprintf_plus(stderr, "Falling back to security parameter"
715
" \"%s\"\n",
716
safe_string(gnutls_sec_param_get_name
717
(sec_param)));
718
}
719
}
720
}
721
uret = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, sec_param);
722
if(uret != 0){
723
mc->dh_bits = uret;
724
if(debug){
725
fprintf_plus(stderr, "A \"%s\" GnuTLS security parameter"
726
" implies %u DH bits; using that.\n",
727
safe_string(gnutls_sec_param_get_name
728
(sec_param)),
729
mc->dh_bits);
730
}
731
} else {
732
fprintf_plus(stderr, "Failed to get implied number of DH"
733
" bits for security parameter \"%s\"): %s\n",
734
safe_string(gnutls_sec_param_get_name
735
(sec_param)),
736
safer_gnutls_strerror(ret));
737
goto globalfail;
738
}
739
} else if(debug){
740
fprintf_plus(stderr, "DH bits explicitly set to %u\n",
741
mc->dh_bits);
742
}
743
ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
744
if(ret != GNUTLS_E_SUCCESS){
745
fprintf_plus(stderr, "Error in GnuTLS prime generation (%u"
746
" bits): %s\n", mc->dh_bits,
747
safer_gnutls_strerror(ret));
748
goto globalfail;
749
}
750
}
751
gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
459
752
460
753
return 0;
461
754
462
755
globalfail:
463
756
464
gnutls_certificate_free_credentials(mc.cred);
757
gnutls_certificate_free_credentials(mc->cred);
465
758
gnutls_global_deinit();
466
gnutls_dh_params_deinit(mc.dh_params);
759
gnutls_dh_params_deinit(mc->dh_params);
467
760
return -1;
468
761
}
469
762
470
static int init_gnutls_session(gnutls_session_t *session){
763
__attribute__((nonnull, warn_unused_result))
764
static int init_gnutls_session(gnutls_session_t *session,
765
mandos_context *mc){
471
766
int ret;
472
767
/* GnuTLS session creation */
473
ret = gnutls_init(session, GNUTLS_SERVER);
768
do {
769
ret = gnutls_init(session, GNUTLS_SERVER);
770
if(quit_now){
771
return -1;
772
}
773
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
474
774
if(ret != GNUTLS_E_SUCCESS){
475
fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
476
safer_gnutls_strerror(ret));
775
fprintf_plus(stderr,
776
"Error in GnuTLS session initialization: %s\n",
777
safer_gnutls_strerror(ret));
477
778
}
478
779
479
780
{
480
781
const char *err;
481
ret = gnutls_priority_set_direct(*session, mc.priority, &err);
782
do {
783
ret = gnutls_priority_set_direct(*session, mc->priority, &err);
784
if(quit_now){
785
gnutls_deinit(*session);
786
return -1;
787
}
788
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
482
789
if(ret != GNUTLS_E_SUCCESS){
483
fprintf(stderr, "Syntax error at: %s\n", err);
484
fprintf(stderr, "GnuTLS error: %s\n",
485
safer_gnutls_strerror(ret));
790
fprintf_plus(stderr, "Syntax error at: %s\n", err);
791
fprintf_plus(stderr, "GnuTLS error: %s\n",
792
safer_gnutls_strerror(ret));
486
793
gnutls_deinit(*session);
487
794
return -1;
488
795
}
489
796
}
490
797
491
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
492
mc.cred);
798
do {
799
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
800
mc->cred);
801
if(quit_now){
802
gnutls_deinit(*session);
803
return -1;
804
}
805
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
493
806
if(ret != GNUTLS_E_SUCCESS){
494
fprintf(stderr, "Error setting GnuTLS credentials: %s\n",
495
safer_gnutls_strerror(ret));
807
fprintf_plus(stderr, "Error setting GnuTLS credentials: %s\n",
808
safer_gnutls_strerror(ret));
496
809
gnutls_deinit(*session);
497
810
return -1;
498
811
}
499
812
500
813
/* ignore client certificate if any. */
501
gnutls_certificate_server_set_request(*session,
502
GNUTLS_CERT_IGNORE);
503
504
gnutls_dh_set_prime_bits(*session, mc.dh_bits);
814
gnutls_certificate_server_set_request(*session, GNUTLS_CERT_IGNORE);
505
815
506
816
return 0;
507
817
}
510
820
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
511
821
__attribute__((unused)) const char *txt){}
512
822
823
/* Set effective uid to 0, return errno */
824
__attribute__((warn_unused_result))
825
error_t raise_privileges(void){
826
error_t old_errno = errno;
827
error_t ret_errno = 0;
828
if(seteuid(0) == -1){
829
ret_errno = errno;
830
}
831
errno = old_errno;
832
return ret_errno;
833
}
834
835
/* Set effective and real user ID to 0. Return errno. */
836
__attribute__((warn_unused_result))
837
error_t raise_privileges_permanently(void){
838
error_t old_errno = errno;
839
error_t ret_errno = raise_privileges();
840
if(ret_errno != 0){
841
errno = old_errno;
842
return ret_errno;
843
}
844
if(setuid(0) == -1){
845
ret_errno = errno;
846
}
847
errno = old_errno;
848
return ret_errno;
849
}
850
851
/* Set effective user ID to unprivileged saved user ID */
852
__attribute__((warn_unused_result))
853
error_t lower_privileges(void){
854
error_t old_errno = errno;
855
error_t ret_errno = 0;
856
if(seteuid(uid) == -1){
857
ret_errno = errno;
858
}
859
errno = old_errno;
860
return ret_errno;
861
}
862
863
/* Lower privileges permanently */
864
__attribute__((warn_unused_result))
865
error_t lower_privileges_permanently(void){
866
error_t old_errno = errno;
867
error_t ret_errno = 0;
868
if(setuid(uid) == -1){
869
ret_errno = errno;
870
}
871
errno = old_errno;
872
return ret_errno;
873
}
874
875
/* Helper function to add_local_route() and delete_local_route() */
876
__attribute__((nonnull, warn_unused_result))
877
static bool add_delete_local_route(const bool add,
878
const char *address,
879
AvahiIfIndex if_index){
880
int ret;
881
char helper[] = "mandos-client-iprouteadddel";
882
char add_arg[] = "add";
883
char delete_arg[] = "delete";
884
char debug_flag[] = "--debug";
885
char *pluginhelperdir = getenv("MANDOSPLUGINHELPERDIR");
886
if(pluginhelperdir == NULL){
887
if(debug){
888
fprintf_plus(stderr, "MANDOSPLUGINHELPERDIR environment"
889
" variable not set; cannot run helper\n");
890
}
891
return false;
892
}
893
894
char interface[IF_NAMESIZE];
895
if(if_indextoname((unsigned int)if_index, interface) == NULL){
896
perror_plus("if_indextoname");
897
return false;
898
}
899
900
int devnull = (int)TEMP_FAILURE_RETRY(open("/dev/null", O_RDONLY));
901
if(devnull == -1){
902
perror_plus("open(\"/dev/null\", O_RDONLY)");
903
return false;
904
}
905
pid_t pid = fork();
906
if(pid == 0){
907
/* Child */
908
/* Raise privileges */
909
errno = raise_privileges_permanently();
910
if(errno != 0){
911
perror_plus("Failed to raise privileges");
912
/* _exit(EX_NOPERM); */
913
} else {
914
/* Set group */
915
errno = 0;
916
ret = setgid(0);
917
if(ret == -1){
918
perror_plus("setgid");
919
_exit(EX_NOPERM);
920
}
921
/* Reset supplementary groups */
922
errno = 0;
923
ret = setgroups(0, NULL);
924
if(ret == -1){
925
perror_plus("setgroups");
926
_exit(EX_NOPERM);
927
}
928
}
929
ret = dup2(devnull, STDIN_FILENO);
930
if(ret == -1){
931
perror_plus("dup2(devnull, STDIN_FILENO)");
932
_exit(EX_OSERR);
933
}
934
ret = close(devnull);
935
if(ret == -1){
936
perror_plus("close");
937
_exit(EX_OSERR);
938
}
939
ret = dup2(STDERR_FILENO, STDOUT_FILENO);
940
if(ret == -1){
941
perror_plus("dup2(STDERR_FILENO, STDOUT_FILENO)");
942
_exit(EX_OSERR);
943
}
944
int helperdir_fd = (int)TEMP_FAILURE_RETRY(open(pluginhelperdir,
945
O_RDONLY
946
| O_DIRECTORY
947
| O_PATH
948
| O_CLOEXEC));
949
if(helperdir_fd == -1){
950
perror_plus("open");
951
_exit(EX_UNAVAILABLE);
952
}
953
int helper_fd = (int)TEMP_FAILURE_RETRY(openat(helperdir_fd,
954
helper, O_RDONLY));
955
if(helper_fd == -1){
956
perror_plus("openat");
957
close(helperdir_fd);
958
_exit(EX_UNAVAILABLE);
959
}
960
close(helperdir_fd);
961
#ifdef __GNUC__
962
#pragma GCC diagnostic push
963
#pragma GCC diagnostic ignored "-Wcast-qual"
964
#endif
965
if(fexecve(helper_fd, (char *const [])
966
{ helper, add ? add_arg : delete_arg, (char *)address,
967
interface, debug ? debug_flag : NULL, NULL },
968
environ) == -1){
969
#ifdef __GNUC__
970
#pragma GCC diagnostic pop
971
#endif
972
perror_plus("fexecve");
973
_exit(EXIT_FAILURE);
974
}
975
}
976
if(pid == -1){
977
perror_plus("fork");
978
return false;
979
}
980
int status;
981
pid_t pret = -1;
982
errno = 0;
983
do {
984
pret = waitpid(pid, &status, 0);
985
if(pret == -1 and errno == EINTR and quit_now){
986
int errno_raising = 0;
987
if((errno = raise_privileges()) != 0){
988
errno_raising = errno;
989
perror_plus("Failed to raise privileges in order to"
990
" kill helper program");
991
}
992
if(kill(pid, SIGTERM) == -1){
993
perror_plus("kill");
994
}
995
if((errno_raising == 0) and (errno = lower_privileges()) != 0){
996
perror_plus("Failed to lower privileges after killing"
997
" helper program");
998
}
999
return false;
1000
}
1001
} while(pret == -1 and errno == EINTR);
1002
if(pret == -1){
1003
perror_plus("waitpid");
1004
return false;
1005
}
1006
if(WIFEXITED(status)){
1007
if(WEXITSTATUS(status) != 0){
1008
fprintf_plus(stderr, "Error: iprouteadddel exited"
1009
" with status %d\n", WEXITSTATUS(status));
1010
return false;
1011
}
1012
return true;
1013
}
1014
if(WIFSIGNALED(status)){
1015
fprintf_plus(stderr, "Error: iprouteadddel died by"
1016
" signal %d\n", WTERMSIG(status));
1017
return false;
1018
}
1019
fprintf_plus(stderr, "Error: iprouteadddel crashed\n");
1020
return false;
1021
}
1022
1023
__attribute__((nonnull, warn_unused_result))
1024
static bool add_local_route(const char *address,
1025
AvahiIfIndex if_index){
1026
if(debug){
1027
fprintf_plus(stderr, "Adding route to %s\n", address);
1028
}
1029
return add_delete_local_route(true, address, if_index);
1030
}
1031
1032
__attribute__((nonnull, warn_unused_result))
1033
static bool delete_local_route(const char *address,
1034
AvahiIfIndex if_index){
1035
if(debug){
1036
fprintf_plus(stderr, "Removing route to %s\n", address);
1037
}
1038
return add_delete_local_route(false, address, if_index);
1039
}
1040
513
1041
/* Called when a Mandos server is found */
514
static int start_mandos_communication(const char *ip, uint16_t port,
1042
__attribute__((nonnull, warn_unused_result))
1043
static int start_mandos_communication(const char *ip, in_port_t port,
515
1044
AvahiIfIndex if_index,
516
int af){
517
int ret, tcp_sd;
1045
int af, mandos_context *mc){
1046
int ret, tcp_sd = -1;
518
1047
ssize_t sret;
519
union {
520
struct sockaddr_in in;
521
struct sockaddr_in6 in6;
522
} to;
1048
struct sockaddr_storage to;
523
1049
char *buffer = NULL;
524
char *decrypted_buffer;
1050
char *decrypted_buffer = NULL;
525
1051
size_t buffer_length = 0;
526
1052
size_t buffer_capacity = 0;
527
ssize_t decrypted_buffer_size;
528
1053
size_t written;
529
int retval = 0;
1054
int retval = -1;
530
1055
gnutls_session_t session;
531
1056
int pf; /* Protocol family */
1057
bool route_added = false;
1058
1059
errno = 0;
1060
1061
if(quit_now){
1062
errno = EINTR;
1063
return -1;
1064
}
532
1065
533
1066
switch(af){
534
1067
case AF_INET6:
538
1071
pf = PF_INET;
539
1072
break;
540
1073
default:
541
fprintf(stderr, "Bad address family: %d\n", af);
1074
fprintf_plus(stderr, "Bad address family: %d\n", af);
1075
errno = EINVAL;
542
1076
return -1;
543
1077
}
544
1078
545
ret = init_gnutls_session(&session);
1079
/* If the interface is specified and we have a list of interfaces */
1080
if(if_index != AVAHI_IF_UNSPEC and mc->interfaces != NULL){
1081
/* Check if the interface is one of the interfaces we are using */
1082
bool match = false;
1083
{
1084
char *interface = NULL;
1085
while((interface=argz_next(mc->interfaces, mc->interfaces_size,
1086
interface))){
1087
if(if_nametoindex(interface) == (unsigned int)if_index){
1088
match = true;
1089
break;
1090
}
1091
}
1092
}
1093
if(not match){
1094
/* This interface does not match any in the list, so we don't
1095
connect to the server */
1096
if(debug){
1097
char interface[IF_NAMESIZE];
1098
if(if_indextoname((unsigned int)if_index, interface) == NULL){
1099
perror_plus("if_indextoname");
1100
} else {
1101
fprintf_plus(stderr, "Skipping server on non-used interface"
1102
" \"%s\"\n",
1103
if_indextoname((unsigned int)if_index,
1104
interface));
1105
}
1106
}
1107
return -1;
1108
}
1109
}
1110
1111
ret = init_gnutls_session(&session, mc);
546
1112
if(ret != 0){
547
1113
return -1;
548
1114
}
549
1115
550
1116
if(debug){
551
fprintf(stderr, "Setting up a TCP connection to %s, port %" PRIu16
552
"\n", ip, port);
1117
fprintf_plus(stderr, "Setting up a TCP connection to %s, port %"
1118
PRIuMAX "\n", ip, (uintmax_t)port);
553
1119
}
554
1120
555
tcp_sd = socket(pf, SOCK_STREAM, 0);
1121
tcp_sd = socket(pf, SOCK_STREAM | SOCK_CLOEXEC, 0);
556
1122
if(tcp_sd < 0){
557
perror("socket");
558
return -1;
559
}
560
561
memset(&to, 0, sizeof(to));
1123
int e = errno;
1124
perror_plus("socket");
1125
errno = e;
1126
goto mandos_end;
1127
}
1128
1129
if(quit_now){
1130
errno = EINTR;
1131
goto mandos_end;
1132
}
1133
562
1134
if(af == AF_INET6){
563
to.in6.sin6_family = (uint16_t)af;
564
ret = inet_pton(af, ip, &to.in6.sin6_addr);
1135
struct sockaddr_in6 *to6 = (struct sockaddr_in6 *)&to;
1136
*to6 = (struct sockaddr_in6){ .sin6_family = (sa_family_t)af };
1137
ret = inet_pton(af, ip, &to6->sin6_addr);
565
1138
} else { /* IPv4 */
566
to.in.sin_family = (sa_family_t)af;
567
ret = inet_pton(af, ip, &to.in.sin_addr);
1139
struct sockaddr_in *to4 = (struct sockaddr_in *)&to;
1140
*to4 = (struct sockaddr_in){ .sin_family = (sa_family_t)af };
1141
ret = inet_pton(af, ip, &to4->sin_addr);
568
1142
}
569
1143
if(ret < 0 ){
570
perror("inet_pton");
571
return -1;
1144
int e = errno;
1145
perror_plus("inet_pton");
1146
errno = e;
1147
goto mandos_end;
572
1148
}
573
1149
if(ret == 0){
574
fprintf(stderr, "Bad address: %s\n", ip);
575
return -1;
1150
int e = errno;
1151
fprintf_plus(stderr, "Bad address: %s\n", ip);
1152
errno = e;
1153
goto mandos_end;
576
1154
}
577
1155
if(af == AF_INET6){
578
to.in6.sin6_port = htons(port); /* Spurious warnings from
579
-Wconversion and
580
-Wunreachable-code */
581
582
if(IN6_IS_ADDR_LINKLOCAL /* Spurious warnings from */
583
(&to.in6.sin6_addr)){ /* -Wstrict-aliasing=2 or lower and
584
-Wunreachable-code*/
1156
((struct sockaddr_in6 *)&to)->sin6_port = htons(port);
1157
if(IN6_IS_ADDR_LINKLOCAL
1158
(&((struct sockaddr_in6 *)&to)->sin6_addr)){
585
1159
if(if_index == AVAHI_IF_UNSPEC){
586
fprintf(stderr, "An IPv6 link-local address is incomplete"
587
" without a network interface\n");
588
return -1;
1160
fprintf_plus(stderr, "An IPv6 link-local address is"
1161
" incomplete without a network interface\n");
1162
errno = EINVAL;
1163
goto mandos_end;
589
1164
}
590
1165
/* Set the network interface number as scope */
591
to.in6.sin6_scope_id = (uint32_t)if_index;
1166
((struct sockaddr_in6 *)&to)->sin6_scope_id = (uint32_t)if_index;
592
1167
}
593
1168
} else {
594
to.in.sin_port = htons(port); /* Spurious warnings from
595
-Wconversion and
596
-Wunreachable-code */
1169
((struct sockaddr_in *)&to)->sin_port = htons(port);
1170
}
1171
1172
if(quit_now){
1173
errno = EINTR;
1174
goto mandos_end;
597
1175
}
598
1176
599
1177
if(debug){
600
1178
if(af == AF_INET6 and if_index != AVAHI_IF_UNSPEC){
601
1179
char interface[IF_NAMESIZE];
602
1180
if(if_indextoname((unsigned int)if_index, interface) == NULL){
603
perror("if_indextoname");
1181
perror_plus("if_indextoname");
604
1182
} else {
605
fprintf(stderr, "Connection to: %s%%%s, port %" PRIu16 "\n",
606
ip, interface, port);
1183
fprintf_plus(stderr, "Connection to: %s%%%s, port %" PRIuMAX
1184
"\n", ip, interface, (uintmax_t)port);
607
1185
}
608
1186
} else {
609
fprintf(stderr, "Connection to: %s, port %" PRIu16 "\n", ip,
610
port);
1187
fprintf_plus(stderr, "Connection to: %s, port %" PRIuMAX "\n",
1188
ip, (uintmax_t)port);
611
1189
}
612
1190
char addrstr[(INET_ADDRSTRLEN > INET6_ADDRSTRLEN) ?
613
1191
INET_ADDRSTRLEN : INET6_ADDRSTRLEN] = "";
614
const char *pcret;
615
if(af == AF_INET6){
616
pcret = inet_ntop(af, &(to.in6.sin6_addr), addrstr,
617
sizeof(addrstr));
618
} else {
619
pcret = inet_ntop(af, &(to.in.sin_addr), addrstr,
620
sizeof(addrstr));
621
}
622
if(pcret == NULL){
623
perror("inet_ntop");
624
} else {
625
if(strcmp(addrstr, ip) != 0){
626
fprintf(stderr, "Canonical address form: %s\n", addrstr);
627
}
628
}
629
}
630
631
if(af == AF_INET6){
632
ret = connect(tcp_sd, &to.in6, sizeof(to));
633
} else {
634
ret = connect(tcp_sd, &to.in, sizeof(to)); /* IPv4 */
635
}
636
if(ret < 0){
637
perror("connect");
638
return -1;
1192
if(af == AF_INET6){
1193
ret = getnameinfo((struct sockaddr *)&to,
1194
sizeof(struct sockaddr_in6),
1195
addrstr, sizeof(addrstr), NULL, 0,
1196
NI_NUMERICHOST);
1197
} else {
1198
ret = getnameinfo((struct sockaddr *)&to,
1199
sizeof(struct sockaddr_in),
1200
addrstr, sizeof(addrstr), NULL, 0,
1201
NI_NUMERICHOST);
1202
}
1203
if(ret == EAI_SYSTEM){
1204
perror_plus("getnameinfo");
1205
} else if(ret != 0) {
1206
fprintf_plus(stderr, "getnameinfo: %s", gai_strerror(ret));
1207
} else if(strcmp(addrstr, ip) != 0){
1208
fprintf_plus(stderr, "Canonical address form: %s\n", addrstr);
1209
}
1210
}
1211
1212
if(quit_now){
1213
errno = EINTR;
1214
goto mandos_end;
1215
}
1216
1217
while(true){
1218
if(af == AF_INET6){
1219
ret = connect(tcp_sd, (struct sockaddr *)&to,
1220
sizeof(struct sockaddr_in6));
1221
} else {
1222
ret = connect(tcp_sd, (struct sockaddr *)&to, /* IPv4 */
1223
sizeof(struct sockaddr_in));
1224
}
1225
if(ret < 0){
1226
if(errno == ENETUNREACH
1227
and if_index != AVAHI_IF_UNSPEC
1228
and connect_to == NULL
1229
and not route_added and
1230
((af == AF_INET6 and not
1231
IN6_IS_ADDR_LINKLOCAL(&(((struct sockaddr_in6 *)
1232
&to)->sin6_addr)))
1233
or (af == AF_INET and
1234
/* Not a a IPv4LL address */
1235
(ntohl(((struct sockaddr_in *)&to)->sin_addr.s_addr)
1236
& 0xFFFF0000L) != 0xA9FE0000L))){
1237
/* Work around Avahi bug - Avahi does not announce link-local
1238
addresses if it has a global address, so local hosts with
1239
*only* a link-local address (e.g. Mandos clients) cannot
1240
connect to a Mandos server announced by Avahi on a server
1241
host with a global address. Work around this by retrying
1242
with an explicit route added with the server's address.
1243
1244
Avahi bug reference:
1245
http://lists.freedesktop.org/archives/avahi/2010-February/001833.html
1246
https://bugs.debian.org/587961
1247
*/
1248
if(debug){
1249
fprintf_plus(stderr, "Mandos server unreachable, trying"
1250
" direct route\n");
1251
}
1252
int e = errno;
1253
route_added = add_local_route(ip, if_index);
1254
if(route_added){
1255
continue;
1256
}
1257
errno = e;
1258
}
1259
if(errno != ECONNREFUSED or debug){
1260
int e = errno;
1261
perror_plus("connect");
1262
errno = e;
1263
}
1264
goto mandos_end;
1265
}
1266
1267
if(quit_now){
1268
errno = EINTR;
1269
goto mandos_end;
1270
}
1271
break;
639
1272
}
640
1273
641
1274
const char *out = mandos_protocol_version;
643
1276
while(true){
644
1277
size_t out_size = strlen(out);
645
1278
ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written,
646
out_size - written));
1279
out_size - written));
647
1280
if(ret == -1){
648
perror("write");
649
retval = -1;
1281
int e = errno;
1282
perror_plus("write");
1283
errno = e;
650
1284
goto mandos_end;
651
1285
}
652
1286
written += (size_t)ret;
660
1294
break;
661
1295
}
662
1296
}
1297
1298
if(quit_now){
1299
errno = EINTR;
1300
goto mandos_end;
1301
}
663
1302
}
664
1303
665
1304
if(debug){
666
fprintf(stderr, "Establishing TLS session with %s\n", ip);
667
}
668
669
gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) tcp_sd);
670
671
do{
1305
fprintf_plus(stderr, "Establishing TLS session with %s\n", ip);
1306
}
1307
1308
if(quit_now){
1309
errno = EINTR;
1310
goto mandos_end;
1311
}
1312
1313
/* This casting via intptr_t is to eliminate warning about casting
1314
an int to a pointer type. This is exactly how the GnuTLS Guile
1315
function "set-session-transport-fd!" does it. */
1316
gnutls_transport_set_ptr(session,
1317
(gnutls_transport_ptr_t)(intptr_t)tcp_sd);
1318
1319
if(quit_now){
1320
errno = EINTR;
1321
goto mandos_end;
1322
}
1323
1324
do {
672
1325
ret = gnutls_handshake(session);
1326
if(quit_now){
1327
errno = EINTR;
1328
goto mandos_end;
1329
}
673
1330
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
674
1331
675
1332
if(ret != GNUTLS_E_SUCCESS){
676
1333
if(debug){
677
fprintf(stderr, "*** GnuTLS Handshake failed ***\n");
1334
fprintf_plus(stderr, "*** GnuTLS Handshake failed ***\n");
678
1335
gnutls_perror(ret);
679
1336
}
680
retval = -1;
1337
errno = EPROTO;
681
1338
goto mandos_end;
682
1339
}
683
1340
684
1341
/* Read OpenPGP packet that contains the wanted password */
685
1342
686
1343
if(debug){
687
fprintf(stderr, "Retrieving OpenPGP encrypted password from %s\n",
688
ip);
1344
fprintf_plus(stderr, "Retrieving OpenPGP encrypted password from"
1345
" %s\n", ip);
689
1346
}
690
1347
691
1348
while(true){
1349
1350
if(quit_now){
1351
errno = EINTR;
1352
goto mandos_end;
1353
}
1354
692
1355
buffer_capacity = incbuffer(&buffer, buffer_length,
693
buffer_capacity);
1356
buffer_capacity);
694
1357
if(buffer_capacity == 0){
695
perror("incbuffer");
696
retval = -1;
1358
int e = errno;
1359
perror_plus("incbuffer");
1360
errno = e;
1361
goto mandos_end;
1362
}
1363
1364
if(quit_now){
1365
errno = EINTR;
697
1366
goto mandos_end;
698
1367
}
699
1368
708
1377
case GNUTLS_E_AGAIN:
709
1378
break;
710
1379
case GNUTLS_E_REHANDSHAKE:
711
do{
1380
do {
712
1381
ret = gnutls_handshake(session);
1382
1383
if(quit_now){
1384
errno = EINTR;
1385
goto mandos_end;
1386
}
713
1387
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
714
1388
if(ret < 0){
715
fprintf(stderr, "*** GnuTLS Re-handshake failed ***\n");
1389
fprintf_plus(stderr, "*** GnuTLS Re-handshake failed "
1390
"***\n");
716
1391
gnutls_perror(ret);
717
retval = -1;
1392
errno = EPROTO;
718
1393
goto mandos_end;
719
1394
}
720
1395
break;
721
1396
default:
722
fprintf(stderr, "Unknown error while reading data from"
723
" encrypted session with Mandos server\n");
724
retval = -1;
1397
fprintf_plus(stderr, "Unknown error while reading data from"
1398
" encrypted session with Mandos server\n");
725
1399
gnutls_bye(session, GNUTLS_SHUT_RDWR);
1400
errno = EIO;
726
1401
goto mandos_end;
727
1402
}
728
1403
} else {
731
1406
}
732
1407
733
1408
if(debug){
734
fprintf(stderr, "Closing TLS session\n");
735
}
736
737
gnutls_bye(session, GNUTLS_SHUT_RDWR);
1409
fprintf_plus(stderr, "Closing TLS session\n");
1410
}
1411
1412
if(quit_now){
1413
errno = EINTR;
1414
goto mandos_end;
1415
}
1416
1417
do {
1418
ret = gnutls_bye(session, GNUTLS_SHUT_RDWR);
1419
if(quit_now){
1420
errno = EINTR;
1421
goto mandos_end;
1422
}
1423
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
738
1424
739
1425
if(buffer_length > 0){
740
decrypted_buffer_size = pgp_packet_decrypt(buffer,
741
buffer_length,
742
&decrypted_buffer);
1426
ssize_t decrypted_buffer_size;
1427
decrypted_buffer_size = pgp_packet_decrypt(buffer, buffer_length,
1428
&decrypted_buffer, mc);
743
1429
if(decrypted_buffer_size >= 0){
1430
744
1431
written = 0;
745
1432
while(written < (size_t) decrypted_buffer_size){
1433
if(quit_now){
1434
errno = EINTR;
1435
goto mandos_end;
1436
}
1437
746
1438
ret = (int)fwrite(decrypted_buffer + written, 1,
747
1439
(size_t)decrypted_buffer_size - written,
748
1440
stdout);
749
1441
if(ret == 0 and ferror(stdout)){
1442
int e = errno;
750
1443
if(debug){
751
fprintf(stderr, "Error writing encrypted data: %s\n",
752
strerror(errno));
1444
fprintf_plus(stderr, "Error writing encrypted data: %s\n",
1445
strerror(errno));
753
1446
}
754
retval = -1;
755
break;
1447
errno = e;
1448
goto mandos_end;
756
1449
}
757
1450
written += (size_t)ret;
758
1451
}
759
free(decrypted_buffer);
760
} else {
761
retval = -1;
1452
retval = 0;
762
1453
}
763
} else {
764
retval = -1;
765
1454
}
766
1455
767
1456
/* Shutdown procedure */
768
1457
769
1458
mandos_end:
770
free(buffer);
771
ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));
772
if(ret == -1){
773
perror("close");
1459
{
1460
if(route_added){
1461
if(not delete_local_route(ip, if_index)){
1462
fprintf_plus(stderr, "Failed to delete local route to %s on"
1463
" interface %d", ip, if_index);
1464
}
1465
}
1466
int e = errno;
1467
free(decrypted_buffer);
1468
free(buffer);
1469
if(tcp_sd >= 0){
1470
ret = close(tcp_sd);
1471
}
1472
if(ret == -1){
1473
if(e == 0){
1474
e = errno;
1475
}
1476
perror_plus("close");
1477
}
1478
gnutls_deinit(session);
1479
errno = e;
1480
if(quit_now){
1481
errno = EINTR;
1482
retval = -1;
1483
}
774
1484
}
775
gnutls_deinit(session);
776
1485
return retval;
777
1486
}
778
1487
1488
__attribute__((nonnull))
779
1489
static void resolve_callback(AvahiSServiceResolver *r,
780
1490
AvahiIfIndex interface,
781
1491
AvahiProtocol proto,
789
1499
AVAHI_GCC_UNUSED AvahiStringList *txt,
790
1500
AVAHI_GCC_UNUSED AvahiLookupResultFlags
791
1501
flags,
792
AVAHI_GCC_UNUSED void* userdata){
793
assert(r);
1502
void *mc){
1503
if(r == NULL){
1504
return;
1505
}
794
1506
795
1507
/* Called whenever a service has been resolved successfully or
796
1508
timed out */
797
1509
1510
if(quit_now){
1511
avahi_s_service_resolver_free(r);
1512
return;
1513
}
1514
798
1515
switch(event){
799
1516
default:
800
1517
case AVAHI_RESOLVER_FAILURE:
801
fprintf(stderr, "(Avahi Resolver) Failed to resolve service '%s'"
802
" of type '%s' in domain '%s': %s\n", name, type, domain,
803
avahi_strerror(avahi_server_errno(mc.server)));
1518
fprintf_plus(stderr, "(Avahi Resolver) Failed to resolve service "
1519
"'%s' of type '%s' in domain '%s': %s\n", name, type,
1520
domain,
1521
avahi_strerror(avahi_server_errno
1522
(((mandos_context*)mc)->server)));
804
1523
break;
805
1524
806
1525
case AVAHI_RESOLVER_FOUND:
808
1527
char ip[AVAHI_ADDRESS_STR_MAX];
809
1528
avahi_address_snprint(ip, sizeof(ip), address);
810
1529
if(debug){
811
fprintf(stderr, "Mandos server \"%s\" found on %s (%s, %"
812
PRIdMAX ") on port %" PRIu16 "\n", name, host_name,
813
ip, (intmax_t)interface, port);
1530
fprintf_plus(stderr, "Mandos server \"%s\" found on %s (%s, %"
1531
PRIdMAX ") on port %" PRIu16 "\n", name,
1532
host_name, ip, (intmax_t)interface, port);
814
1533
}
815
int ret = start_mandos_communication(ip, port, interface,
816
avahi_proto_to_af(proto));
1534
int ret = start_mandos_communication(ip, (in_port_t)port,
1535
interface,
1536
avahi_proto_to_af(proto),
1537
mc);
817
1538
if(ret == 0){
818
avahi_simple_poll_quit(mc.simple_poll);
1539
avahi_simple_poll_quit(simple_poll);
1540
} else {
1541
if(not add_server(ip, (in_port_t)port, interface,
1542
avahi_proto_to_af(proto),
1543
&((mandos_context*)mc)->current_server)){
1544
fprintf_plus(stderr, "Failed to add server \"%s\" to server"
1545
" list\n", name);
1546
}
819
1547
}
820
1548
}
821
1549
}
831
1559
const char *domain,
832
1560
AVAHI_GCC_UNUSED AvahiLookupResultFlags
833
1561
flags,
834
AVAHI_GCC_UNUSED void* userdata){
835
assert(b);
1562
void *mc){
1563
if(b == NULL){
1564
return;
1565
}
836
1566
837
1567
/* Called whenever a new services becomes available on the LAN or
838
1568
is removed from the LAN */
839
1569
1570
if(quit_now){
1571
return;
1572
}
1573
840
1574
switch(event){
841
1575
default:
842
1576
case AVAHI_BROWSER_FAILURE:
843
1577
844
fprintf(stderr, "(Avahi browser) %s\n",
845
avahi_strerror(avahi_server_errno(mc.server)));
846
avahi_simple_poll_quit(mc.simple_poll);
1578
fprintf_plus(stderr, "(Avahi browser) %s\n",
1579
avahi_strerror(avahi_server_errno
1580
(((mandos_context*)mc)->server)));
1581
avahi_simple_poll_quit(simple_poll);
847
1582
return;
848
1583
849
1584
case AVAHI_BROWSER_NEW:
852
1587
the callback function is called the Avahi server will free the
853
1588
resolver for us. */
854
1589
855
if(!(avahi_s_service_resolver_new(mc.server, interface,
856
protocol, name, type, domain,
857
AVAHI_PROTO_INET6, 0,
858
resolve_callback, NULL)))
859
fprintf(stderr, "Avahi: Failed to resolve service '%s': %s\n",
860
name, avahi_strerror(avahi_server_errno(mc.server)));
1590
if(avahi_s_service_resolver_new(((mandos_context*)mc)->server,
1591
interface, protocol, name, type,
1592
domain, protocol, 0,
1593
resolve_callback, mc) == NULL)
1594
fprintf_plus(stderr, "Avahi: Failed to resolve service '%s':"
1595
" %s\n", name,
1596
avahi_strerror(avahi_server_errno
1597
(((mandos_context*)mc)->server)));
861
1598
break;
862
1599
863
1600
case AVAHI_BROWSER_REMOVE:
866
1603
case AVAHI_BROWSER_ALL_FOR_NOW:
867
1604
case AVAHI_BROWSER_CACHE_EXHAUSTED:
868
1605
if(debug){
869
fprintf(stderr, "No Mandos server found, still searching...\n");
1606
fprintf_plus(stderr, "No Mandos server found, still"
1607
" searching...\n");
870
1608
}
871
1609
break;
872
1610
}
873
1611
}
874
1612
875
sig_atomic_t quit_now = 0;
876
877
static void handle_sigterm(__attribute__((unused)) int sig){
1613
/* Signal handler that stops main loop after SIGTERM */
1614
static void handle_sigterm(int sig){
878
1615
if(quit_now){
879
1616
return;
880
1617
}
881
1618
quit_now = 1;
1619
signal_received = sig;
882
1620
int old_errno = errno;
883
if(mc.simple_poll != NULL){
884
avahi_simple_poll_quit(mc.simple_poll);
885
}
886
errno = old_errno;
1621
/* set main loop to exit */
1622
if(simple_poll != NULL){
1623
avahi_simple_poll_quit(simple_poll);
1624
}
1625
errno = old_errno;
1626
}
1627
1628
__attribute__((nonnull, warn_unused_result))
1629
bool get_flags(const char *ifname, struct ifreq *ifr){
1630
int ret;
1631
error_t ret_errno;
1632
1633
int s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1634
if(s < 0){
1635
ret_errno = errno;
1636
perror_plus("socket");
1637
errno = ret_errno;
1638
return false;
1639
}
1640
strcpy(ifr->ifr_name, ifname);
1641
ret = ioctl(s, SIOCGIFFLAGS, ifr);
1642
if(ret == -1){
1643
if(debug){
1644
ret_errno = errno;
1645
perror_plus("ioctl SIOCGIFFLAGS");
1646
errno = ret_errno;
1647
}
1648
return false;
1649
}
1650
return true;
1651
}
1652
1653
__attribute__((nonnull, warn_unused_result))
1654
bool good_flags(const char *ifname, const struct ifreq *ifr){
1655
1656
/* Reject the loopback device */
1657
if(ifr->ifr_flags & IFF_LOOPBACK){
1658
if(debug){
1659
fprintf_plus(stderr, "Rejecting loopback interface \"%s\"\n",
1660
ifname);
1661
}
1662
return false;
1663
}
1664
/* Accept point-to-point devices only if connect_to is specified */
1665
if(connect_to != NULL and (ifr->ifr_flags & IFF_POINTOPOINT)){
1666
if(debug){
1667
fprintf_plus(stderr, "Accepting point-to-point interface"
1668
" \"%s\"\n", ifname);
1669
}
1670
return true;
1671
}
1672
/* Otherwise, reject non-broadcast-capable devices */
1673
if(not (ifr->ifr_flags & IFF_BROADCAST)){
1674
if(debug){
1675
fprintf_plus(stderr, "Rejecting non-broadcast interface"
1676
" \"%s\"\n", ifname);
1677
}
1678
return false;
1679
}
1680
/* Reject non-ARP interfaces (including dummy interfaces) */
1681
if(ifr->ifr_flags & IFF_NOARP){
1682
if(debug){
1683
fprintf_plus(stderr, "Rejecting non-ARP interface \"%s\"\n",
1684
ifname);
1685
}
1686
return false;
1687
}
1688
1689
/* Accept this device */
1690
if(debug){
1691
fprintf_plus(stderr, "Interface \"%s\" is good\n", ifname);
1692
}
1693
return true;
1694
}
1695
1696
/*
1697
* This function determines if a directory entry in /sys/class/net
1698
* corresponds to an acceptable network device.
1699
* (This function is passed to scandir(3) as a filter function.)
1700
*/
1701
__attribute__((nonnull, warn_unused_result))
1702
int good_interface(const struct dirent *if_entry){
1703
if(if_entry->d_name[0] == '.'){
1704
return 0;
1705
}
1706
1707
struct ifreq ifr;
1708
if(not get_flags(if_entry->d_name, &ifr)){
1709
if(debug){
1710
fprintf_plus(stderr, "Failed to get flags for interface "
1711
"\"%s\"\n", if_entry->d_name);
1712
}
1713
return 0;
1714
}
1715
1716
if(not good_flags(if_entry->d_name, &ifr)){
1717
return 0;
1718
}
1719
return 1;
1720
}
1721
1722
/*
1723
* This function determines if a network interface is up.
1724
*/
1725
__attribute__((nonnull, warn_unused_result))
1726
bool interface_is_up(const char *interface){
1727
struct ifreq ifr;
1728
if(not get_flags(interface, &ifr)){
1729
if(debug){
1730
fprintf_plus(stderr, "Failed to get flags for interface "
1731
"\"%s\"\n", interface);
1732
}
1733
return false;
1734
}
1735
1736
return (bool)(ifr.ifr_flags & IFF_UP);
1737
}
1738
1739
/*
1740
* This function determines if a network interface is running
1741
*/
1742
__attribute__((nonnull, warn_unused_result))
1743
bool interface_is_running(const char *interface){
1744
struct ifreq ifr;
1745
if(not get_flags(interface, &ifr)){
1746
if(debug){
1747
fprintf_plus(stderr, "Failed to get flags for interface "
1748
"\"%s\"\n", interface);
1749
}
1750
return false;
1751
}
1752
1753
return (bool)(ifr.ifr_flags & IFF_RUNNING);
1754
}
1755
1756
__attribute__((nonnull, pure, warn_unused_result))
1757
int notdotentries(const struct dirent *direntry){
1758
/* Skip "." and ".." */
1759
if(direntry->d_name[0] == '.'
1760
and (direntry->d_name[1] == '\0'
1761
or (direntry->d_name[1] == '.'
1762
and direntry->d_name[2] == '\0'))){
1763
return 0;
1764
}
1765
return 1;
1766
}
1767
1768
/* Is this directory entry a runnable program? */
1769
__attribute__((nonnull, warn_unused_result))
1770
int runnable_hook(const struct dirent *direntry){
1771
int ret;
1772
size_t sret;
1773
struct stat st;
1774
1775
if((direntry->d_name)[0] == '\0'){
1776
/* Empty name? */
1777
return 0;
1778
}
1779
1780
sret = strspn(direntry->d_name, "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
1781
"abcdefghijklmnopqrstuvwxyz"
1782
"0123456789"
1783
"_.-");
1784
if((direntry->d_name)[sret] != '\0'){
1785
/* Contains non-allowed characters */
1786
if(debug){
1787
fprintf_plus(stderr, "Ignoring hook \"%s\" with bad name\n",
1788
direntry->d_name);
1789
}
1790
return 0;
1791
}
1792
1793
ret = fstatat(hookdir_fd, direntry->d_name, &st, 0);
1794
if(ret == -1){
1795
if(debug){
1796
perror_plus("Could not stat hook");
1797
}
1798
return 0;
1799
}
1800
if(not (S_ISREG(st.st_mode))){
1801
/* Not a regular file */
1802
if(debug){
1803
fprintf_plus(stderr, "Ignoring hook \"%s\" - not a file\n",
1804
direntry->d_name);
1805
}
1806
return 0;
1807
}
1808
if(not (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))){
1809
/* Not executable */
1810
if(debug){
1811
fprintf_plus(stderr, "Ignoring hook \"%s\" - not executable\n",
1812
direntry->d_name);
1813
}
1814
return 0;
1815
}
1816
if(debug){
1817
fprintf_plus(stderr, "Hook \"%s\" is acceptable\n",
1818
direntry->d_name);
1819
}
1820
return 1;
1821
}
1822
1823
__attribute__((nonnull, warn_unused_result))
1824
int avahi_loop_with_timeout(AvahiSimplePoll *s, int retry_interval,
1825
mandos_context *mc){
1826
int ret;
1827
struct timespec now;
1828
struct timespec waited_time;
1829
intmax_t block_time;
1830
1831
while(true){
1832
if(mc->current_server == NULL){
1833
if(debug){
1834
fprintf_plus(stderr, "Wait until first server is found."
1835
" No timeout!\n");
1836
}
1837
ret = avahi_simple_poll_iterate(s, -1);
1838
} else {
1839
if(debug){
1840
fprintf_plus(stderr, "Check current_server if we should run"
1841
" it, or wait\n");
1842
}
1843
/* the current time */
1844
ret = clock_gettime(CLOCK_MONOTONIC, &now);
1845
if(ret == -1){
1846
perror_plus("clock_gettime");
1847
return -1;
1848
}
1849
/* Calculating in ms how long time between now and server
1850
who we visted longest time ago. Now - last seen. */
1851
waited_time.tv_sec = (now.tv_sec
1852
- mc->current_server->last_seen.tv_sec);
1853
waited_time.tv_nsec = (now.tv_nsec
1854
- mc->current_server->last_seen.tv_nsec);
1855
/* total time is 10s/10,000ms.
1856
Converting to s from ms by dividing by 1,000,
1857
and ns to ms by dividing by 1,000,000. */
1858
block_time = ((retry_interval
1859
- ((intmax_t)waited_time.tv_sec * 1000))
1860
- ((intmax_t)waited_time.tv_nsec / 1000000));
1861
1862
if(debug){
1863
fprintf_plus(stderr, "Blocking for %" PRIdMAX " ms\n",
1864
block_time);
1865
}
1866
1867
if(block_time <= 0){
1868
ret = start_mandos_communication(mc->current_server->ip,
1869
mc->current_server->port,
1870
mc->current_server->if_index,
1871
mc->current_server->af, mc);
1872
if(ret == 0){
1873
avahi_simple_poll_quit(s);
1874
return 0;
1875
}
1876
ret = clock_gettime(CLOCK_MONOTONIC,
1877
&mc->current_server->last_seen);
1878
if(ret == -1){
1879
perror_plus("clock_gettime");
1880
return -1;
1881
}
1882
mc->current_server = mc->current_server->next;
1883
block_time = 0; /* Call avahi to find new Mandos
1884
servers, but don't block */
1885
}
1886
1887
ret = avahi_simple_poll_iterate(s, (int)block_time);
1888
}
1889
if(ret != 0){
1890
if(ret > 0 or errno != EINTR){
1891
return (ret != 1) ? ret : 0;
1892
}
1893
}
1894
}
1895
}
1896
1897
__attribute__((nonnull))
1898
void run_network_hooks(const char *mode, const char *interface,
1899
const float delay){
1900
struct dirent **direntries = NULL;
1901
if(hookdir_fd == -1){
1902
hookdir_fd = open(hookdir, O_RDONLY | O_DIRECTORY | O_PATH
1903
| O_CLOEXEC);
1904
if(hookdir_fd == -1){
1905
if(errno == ENOENT){
1906
if(debug){
1907
fprintf_plus(stderr, "Network hook directory \"%s\" not"
1908
" found\n", hookdir);
1909
}
1910
} else {
1911
perror_plus("open");
1912
}
1913
return;
1914
}
1915
}
1916
#ifdef __GLIBC__
1917
#if __GLIBC_PREREQ(2, 15)
1918
int numhooks = scandirat(hookdir_fd, ".", &direntries,
1919
runnable_hook, alphasort);
1920
#else /* not __GLIBC_PREREQ(2, 15) */
1921
int numhooks = scandir(hookdir, &direntries, runnable_hook,
1922
alphasort);
1923
#endif /* not __GLIBC_PREREQ(2, 15) */
1924
#else /* not __GLIBC__ */
1925
int numhooks = scandir(hookdir, &direntries, runnable_hook,
1926
alphasort);
1927
#endif /* not __GLIBC__ */
1928
if(numhooks == -1){
1929
perror_plus("scandir");
1930
return;
1931
}
1932
struct dirent *direntry;
1933
int ret;
1934
int devnull = (int)TEMP_FAILURE_RETRY(open("/dev/null", O_RDONLY));
1935
if(devnull == -1){
1936
perror_plus("open(\"/dev/null\", O_RDONLY)");
1937
return;
1938
}
1939
for(int i = 0; i < numhooks; i++){
1940
direntry = direntries[i];
1941
if(debug){
1942
fprintf_plus(stderr, "Running network hook \"%s\"\n",
1943
direntry->d_name);
1944
}
1945
pid_t hook_pid = fork();
1946
if(hook_pid == 0){
1947
/* Child */
1948
/* Raise privileges */
1949
errno = raise_privileges_permanently();
1950
if(errno != 0){
1951
perror_plus("Failed to raise privileges");
1952
_exit(EX_NOPERM);
1953
}
1954
/* Set group */
1955
errno = 0;
1956
ret = setgid(0);
1957
if(ret == -1){
1958
perror_plus("setgid");
1959
_exit(EX_NOPERM);
1960
}
1961
/* Reset supplementary groups */
1962
errno = 0;
1963
ret = setgroups(0, NULL);
1964
if(ret == -1){
1965
perror_plus("setgroups");
1966
_exit(EX_NOPERM);
1967
}
1968
ret = setenv("MANDOSNETHOOKDIR", hookdir, 1);
1969
if(ret == -1){
1970
perror_plus("setenv");
1971
_exit(EX_OSERR);
1972
}
1973
ret = setenv("DEVICE", interface, 1);
1974
if(ret == -1){
1975
perror_plus("setenv");
1976
_exit(EX_OSERR);
1977
}
1978
ret = setenv("VERBOSITY", debug ? "1" : "0", 1);
1979
if(ret == -1){
1980
perror_plus("setenv");
1981
_exit(EX_OSERR);
1982
}
1983
ret = setenv("MODE", mode, 1);
1984
if(ret == -1){
1985
perror_plus("setenv");
1986
_exit(EX_OSERR);
1987
}
1988
char *delaystring;
1989
ret = asprintf(&delaystring, "%f", (double)delay);
1990
if(ret == -1){
1991
perror_plus("asprintf");
1992
_exit(EX_OSERR);
1993
}
1994
ret = setenv("DELAY", delaystring, 1);
1995
if(ret == -1){
1996
free(delaystring);
1997
perror_plus("setenv");
1998
_exit(EX_OSERR);
1999
}
2000
free(delaystring);
2001
if(connect_to != NULL){
2002
ret = setenv("CONNECT", connect_to, 1);
2003
if(ret == -1){
2004
perror_plus("setenv");
2005
_exit(EX_OSERR);
2006
}
2007
}
2008
int hook_fd = (int)TEMP_FAILURE_RETRY(openat(hookdir_fd,
2009
direntry->d_name,
2010
O_RDONLY));
2011
if(hook_fd == -1){
2012
perror_plus("openat");
2013
_exit(EXIT_FAILURE);
2014
}
2015
if(close(hookdir_fd) == -1){
2016
perror_plus("close");
2017
_exit(EXIT_FAILURE);
2018
}
2019
ret = dup2(devnull, STDIN_FILENO);
2020
if(ret == -1){
2021
perror_plus("dup2(devnull, STDIN_FILENO)");
2022
_exit(EX_OSERR);
2023
}
2024
ret = close(devnull);
2025
if(ret == -1){
2026
perror_plus("close");
2027
_exit(EX_OSERR);
2028
}
2029
ret = dup2(STDERR_FILENO, STDOUT_FILENO);
2030
if(ret == -1){
2031
perror_plus("dup2(STDERR_FILENO, STDOUT_FILENO)");
2032
_exit(EX_OSERR);
2033
}
2034
if(fexecve(hook_fd, (char *const []){ direntry->d_name, NULL },
2035
environ) == -1){
2036
perror_plus("fexecve");
2037
_exit(EXIT_FAILURE);
2038
}
2039
} else {
2040
if(hook_pid == -1){
2041
perror_plus("fork");
2042
free(direntry);
2043
continue;
2044
}
2045
int status;
2046
if(TEMP_FAILURE_RETRY(waitpid(hook_pid, &status, 0)) == -1){
2047
perror_plus("waitpid");
2048
free(direntry);
2049
continue;
2050
}
2051
if(WIFEXITED(status)){
2052
if(WEXITSTATUS(status) != 0){
2053
fprintf_plus(stderr, "Warning: network hook \"%s\" exited"
2054
" with status %d\n", direntry->d_name,
2055
WEXITSTATUS(status));
2056
free(direntry);
2057
continue;
2058
}
2059
} else if(WIFSIGNALED(status)){
2060
fprintf_plus(stderr, "Warning: network hook \"%s\" died by"
2061
" signal %d\n", direntry->d_name,
2062
WTERMSIG(status));
2063
free(direntry);
2064
continue;
2065
} else {
2066
fprintf_plus(stderr, "Warning: network hook \"%s\""
2067
" crashed\n", direntry->d_name);
2068
free(direntry);
2069
continue;
2070
}
2071
}
2072
if(debug){
2073
fprintf_plus(stderr, "Network hook \"%s\" ran successfully\n",
2074
direntry->d_name);
2075
}
2076
free(direntry);
2077
}
2078
free(direntries);
2079
if(close(hookdir_fd) == -1){
2080
perror_plus("close");
2081
} else {
2082
hookdir_fd = -1;
2083
}
2084
close(devnull);
2085
}
2086
2087
__attribute__((nonnull, warn_unused_result))
2088
error_t bring_up_interface(const char *const interface,
2089
const float delay){
2090
error_t old_errno = errno;
2091
int ret;
2092
struct ifreq network;
2093
unsigned int if_index = if_nametoindex(interface);
2094
if(if_index == 0){
2095
fprintf_plus(stderr, "No such interface: \"%s\"\n", interface);
2096
errno = old_errno;
2097
return ENXIO;
2098
}
2099
2100
if(quit_now){
2101
errno = old_errno;
2102
return EINTR;
2103
}
2104
2105
if(not interface_is_up(interface)){
2106
error_t ret_errno = 0, ioctl_errno = 0;
2107
if(not get_flags(interface, &network)){
2108
ret_errno = errno;
2109
fprintf_plus(stderr, "Failed to get flags for interface "
2110
"\"%s\"\n", interface);
2111
errno = old_errno;
2112
return ret_errno;
2113
}
2114
network.ifr_flags |= IFF_UP; /* set flag */
2115
2116
int sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
2117
if(sd == -1){
2118
ret_errno = errno;
2119
perror_plus("socket");
2120
errno = old_errno;
2121
return ret_errno;
2122
}
2123
2124
if(quit_now){
2125
ret = close(sd);
2126
if(ret == -1){
2127
perror_plus("close");
2128
}
2129
errno = old_errno;
2130
return EINTR;
2131
}
2132
2133
if(debug){
2134
fprintf_plus(stderr, "Bringing up interface \"%s\"\n",
2135
interface);
2136
}
2137
2138
/* Raise privileges */
2139
ret_errno = raise_privileges();
2140
if(ret_errno != 0){
2141
errno = ret_errno;
2142
perror_plus("Failed to raise privileges");
2143
}
2144
2145
#ifdef __linux__
2146
int ret_linux;
2147
bool restore_loglevel = false;
2148
if(ret_errno == 0){
2149
/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO
2150
messages about the network interface to mess up the prompt */
2151
ret_linux = klogctl(8, NULL, 5);
2152
if(ret_linux == -1){
2153
perror_plus("klogctl");
2154
} else {
2155
restore_loglevel = true;
2156
}
2157
}
2158
#endif /* __linux__ */
2159
int ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
2160
ioctl_errno = errno;
2161
#ifdef __linux__
2162
if(restore_loglevel){
2163
ret_linux = klogctl(7, NULL, 0);
2164
if(ret_linux == -1){
2165
perror_plus("klogctl");
2166
}
2167
}
2168
#endif /* __linux__ */
2169
2170
/* If raise_privileges() succeeded above */
2171
if(ret_errno == 0){
2172
/* Lower privileges */
2173
ret_errno = lower_privileges();
2174
if(ret_errno != 0){
2175
errno = ret_errno;
2176
perror_plus("Failed to lower privileges");
2177
}
2178
}
2179
2180
/* Close the socket */
2181
ret = close(sd);
2182
if(ret == -1){
2183
perror_plus("close");
2184
}
2185
2186
if(ret_setflags == -1){
2187
errno = ioctl_errno;
2188
perror_plus("ioctl SIOCSIFFLAGS +IFF_UP");
2189
errno = old_errno;
2190
return ioctl_errno;
2191
}
2192
} else if(debug){
2193
fprintf_plus(stderr, "Interface \"%s\" is already up; good\n",
2194
interface);
2195
}
2196
2197
/* Sleep checking until interface is running.
2198
Check every 0.25s, up to total time of delay */
2199
for(int i=0; i < delay * 4; i++){
2200
if(interface_is_running(interface)){
2201
break;
2202
}
2203
struct timespec sleeptime = { .tv_nsec = 250000000 };
2204
ret = nanosleep(&sleeptime, NULL);
2205
if(ret == -1 and errno != EINTR){
2206
perror_plus("nanosleep");
2207
}
2208
}
2209
2210
errno = old_errno;
2211
return 0;
2212
}
2213
2214
__attribute__((nonnull, warn_unused_result))
2215
error_t take_down_interface(const char *const interface){
2216
error_t old_errno = errno;
2217
struct ifreq network;
2218
unsigned int if_index = if_nametoindex(interface);
2219
if(if_index == 0){
2220
fprintf_plus(stderr, "No such interface: \"%s\"\n", interface);
2221
errno = old_errno;
2222
return ENXIO;
2223
}
2224
if(interface_is_up(interface)){
2225
error_t ret_errno = 0, ioctl_errno = 0;
2226
if(not get_flags(interface, &network) and debug){
2227
ret_errno = errno;
2228
fprintf_plus(stderr, "Failed to get flags for interface "
2229
"\"%s\"\n", interface);
2230
errno = old_errno;
2231
return ret_errno;
2232
}
2233
network.ifr_flags &= ~(short)IFF_UP; /* clear flag */
2234
2235
int sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
2236
if(sd == -1){
2237
ret_errno = errno;
2238
perror_plus("socket");
2239
errno = old_errno;
2240
return ret_errno;
2241
}
2242
2243
if(debug){
2244
fprintf_plus(stderr, "Taking down interface \"%s\"\n",
2245
interface);
2246
}
2247
2248
/* Raise privileges */
2249
ret_errno = raise_privileges();
2250
if(ret_errno != 0){
2251
errno = ret_errno;
2252
perror_plus("Failed to raise privileges");
2253
}
2254
2255
int ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
2256
ioctl_errno = errno;
2257
2258
/* If raise_privileges() succeeded above */
2259
if(ret_errno == 0){
2260
/* Lower privileges */
2261
ret_errno = lower_privileges();
2262
if(ret_errno != 0){
2263
errno = ret_errno;
2264
perror_plus("Failed to lower privileges");
2265
}
2266
}
2267
2268
/* Close the socket */
2269
int ret = close(sd);
2270
if(ret == -1){
2271
perror_plus("close");
2272
}
2273
2274
if(ret_setflags == -1){
2275
errno = ioctl_errno;
2276
perror_plus("ioctl SIOCSIFFLAGS -IFF_UP");
2277
errno = old_errno;
2278
return ioctl_errno;
2279
}
2280
} else if(debug){
2281
fprintf_plus(stderr, "Interface \"%s\" is already down; odd\n",
2282
interface);
2283
}
2284
2285
errno = old_errno;
2286
return 0;
887
2287
}
888
2288
889
2289
int main(int argc, char *argv[]){
2290
mandos_context mc = { .server = NULL, .dh_bits = 0,
2291
.priority = "SECURE256:!CTYPE-X.509"
2292
":+CTYPE-OPENPGP:!RSA:+SIGN-DSA-SHA256",
2293
.current_server = NULL, .interfaces = NULL,
2294
.interfaces_size = 0 };
890
2295
AvahiSServiceBrowser *sb = NULL;
891
int error;
2296
error_t ret_errno;
892
2297
int ret;
893
2298
intmax_t tmpmax;
894
int numchars;
2299
char *tmp;
895
2300
int exitcode = EXIT_SUCCESS;
896
const char *interface = "eth0";
897
struct ifreq network;
898
int sd;
899
uid_t uid;
900
gid_t gid;
901
char *connect_to = NULL;
902
char tempdir[] = "/tmp/mandosXXXXXX";
903
bool tempdir_created = false;
2301
char *interfaces_to_take_down = NULL;
2302
size_t interfaces_to_take_down_size = 0;
2303
char run_tempdir[] = "/run/tmp/mandosXXXXXX";
2304
char old_tempdir[] = "/tmp/mandosXXXXXX";
2305
char *tempdir = NULL;
904
2306
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
905
2307
const char *seckey = PATHDIR "/" SECKEY;
906
2308
const char *pubkey = PATHDIR "/" PUBKEY;
2309
const char *dh_params_file = NULL;
2310
char *interfaces_hooks = NULL;
907
2311
908
/* Initialize Mandos context */
909
mc = (mandos_context){ .simple_poll = NULL, .server = NULL,
910
.dh_bits = 1024, .priority = "SECURE256"
911
":!CTYPE-X.509:+CTYPE-OPENPGP" };
912
2312
bool gnutls_initialized = false;
913
2313
bool gpgme_initialized = false;
914
double delay = 2.5;
915
916
struct sigaction old_sigterm_action;
2314
float delay = 2.5f;
2315
double retry_interval = 10; /* 10s between trying a server and
2316
retrying the same server again */
2317
2318
struct sigaction old_sigterm_action = { .sa_handler = SIG_DFL };
917
2319
struct sigaction sigterm_action = { .sa_handler = handle_sigterm };
918
2320
2321
uid = getuid();
2322
gid = getgid();
2323
2324
/* Lower any group privileges we might have, just to be safe */
2325
errno = 0;
2326
ret = setgid(gid);
2327
if(ret == -1){
2328
perror_plus("setgid");
2329
}
2330
2331
/* Lower user privileges (temporarily) */
2332
errno = 0;
2333
ret = seteuid(uid);
2334
if(ret == -1){
2335
perror_plus("seteuid");
2336
}
2337
2338
if(quit_now){
2339
goto end;
2340
}
2341
919
2342
{
920
2343
struct argp_option options[] = {
921
2344
{ .name = "debug", .key = 128,
942
2365
.doc = "Bit length of the prime number used in the"
943
2366
" Diffie-Hellman key exchange",
944
2367
.group = 2 },
2368
{ .name = "dh-params", .key = 134,
2369
.arg = "FILE",
2370
.doc = "PEM-encoded PKCS#3 file with pre-generated parameters"
2371
" for the Diffie-Hellman key exchange",
2372
.group = 2 },
945
2373
{ .name = "priority", .key = 130,
946
2374
.arg = "STRING",
947
2375
.doc = "GnuTLS priority string for the TLS handshake",
950
2378
.arg = "SECONDS",
951
2379
.doc = "Maximum delay to wait for interface startup",
952
2380
.group = 2 },
2381
{ .name = "retry", .key = 132,
2382
.arg = "SECONDS",
2383
.doc = "Retry interval used when denied by the Mandos server",
2384
.group = 2 },
2385
{ .name = "network-hook-dir", .key = 133,
2386
.arg = "DIR",
2387
.doc = "Directory where network hooks are located",
2388
.group = 2 },
2389
/*
2390
* These reproduce what we would get without ARGP_NO_HELP
2391
*/
2392
{ .name = "help", .key = '?',
2393
.doc = "Give this help list", .group = -1 },
2394
{ .name = "usage", .key = -3,
2395
.doc = "Give a short usage message", .group = -1 },
2396
{ .name = "version", .key = 'V',
2397
.doc = "Print program version", .group = -1 },
953
2398
{ .name = NULL }
954
2399
};
955
2400
956
2401
error_t parse_opt(int key, char *arg,
957
2402
struct argp_state *state){
2403
errno = 0;
958
2404
switch(key){
959
2405
case 128: /* --debug */
960
2406
debug = true;
963
2409
connect_to = arg;
964
2410
break;
965
2411
case 'i': /* --interface */
966
interface = arg;
2412
ret_errno = argz_add_sep(&mc.interfaces, &mc.interfaces_size,
2413
arg, (int)',');
2414
if(ret_errno != 0){
2415
argp_error(state, "%s", strerror(ret_errno));
2416
}
967
2417
break;
968
2418
case 's': /* --seckey */
969
2419
seckey = arg;
972
2422
pubkey = arg;
973
2423
break;
974
2424
case 129: /* --dh-bits */
975
ret = sscanf(arg, "%" SCNdMAX "%n", &tmpmax, &numchars);
976
if(ret < 1 or tmpmax != (typeof(mc.dh_bits))tmpmax
977
or arg[numchars] != '\0'){
978
fprintf(stderr, "Bad number of DH bits\n");
979
exit(EXIT_FAILURE);
2425
errno = 0;
2426
tmpmax = strtoimax(arg, &tmp, 10);
2427
if(errno != 0 or tmp == arg or *tmp != '\0'
2428
or tmpmax != (typeof(mc.dh_bits))tmpmax){
2429
argp_error(state, "Bad number of DH bits");
980
2430
}
981
2431
mc.dh_bits = (typeof(mc.dh_bits))tmpmax;
982
2432
break;
2433
case 134: /* --dh-params */
2434
dh_params_file = arg;
2435
break;
983
2436
case 130: /* --priority */
984
2437
mc.priority = arg;
985
2438
break;
986
2439
case 131: /* --delay */
987
ret = sscanf(arg, "%lf%n", &delay, &numchars);
988
if(ret < 1 or arg[numchars] != '\0'){
989
fprintf(stderr, "Bad delay\n");
990
exit(EXIT_FAILURE);
991
}
992
break;
993
case ARGP_KEY_ARG:
994
argp_usage(state);
995
case ARGP_KEY_END:
2440
errno = 0;
2441
delay = strtof(arg, &tmp);
2442
if(errno != 0 or tmp == arg or *tmp != '\0'){
2443
argp_error(state, "Bad delay");
2444
}
2445
case 132: /* --retry */
2446
errno = 0;
2447
retry_interval = strtod(arg, &tmp);
2448
if(errno != 0 or tmp == arg or *tmp != '\0'
2449
or (retry_interval * 1000) > INT_MAX
2450
or retry_interval < 0){
2451
argp_error(state, "Bad retry interval");
2452
}
2453
break;
2454
case 133: /* --network-hook-dir */
2455
hookdir = arg;
2456
break;
2457
/*
2458
* These reproduce what we would get without ARGP_NO_HELP
2459
*/
2460
case '?': /* --help */
2461
argp_state_help(state, state->out_stream,
2462
(ARGP_HELP_STD_HELP | ARGP_HELP_EXIT_ERR)
2463
& ~(unsigned int)ARGP_HELP_EXIT_OK);
2464
case -3: /* --usage */
2465
argp_state_help(state, state->out_stream,
2466
ARGP_HELP_USAGE | ARGP_HELP_EXIT_ERR);
2467
case 'V': /* --version */
2468
fprintf_plus(state->out_stream, "%s\n", argp_program_version);
2469
exit(argp_err_exit_status);
996
2470
break;
997
2471
default:
998
2472
return ARGP_ERR_UNKNOWN;
999
2473
}
1000
return 0;
2474
return errno;
1001
2475
}
1002
2476
1003
2477
struct argp argp = { .options = options, .parser = parse_opt,
1004
2478
.args_doc = "",
1005
2479
.doc = "Mandos client -- Get and decrypt"
1006
2480
" passwords from a Mandos server" };
1007
ret = argp_parse(&argp, argc, argv, 0, 0, NULL);
1008
if(ret == ARGP_ERR_UNKNOWN){
1009
fprintf(stderr, "Unknown error while parsing arguments\n");
1010
exitcode = EXIT_FAILURE;
2481
ret = argp_parse(&argp, argc, argv,
2482
ARGP_IN_ORDER | ARGP_NO_HELP, 0, NULL);
2483
switch(ret){
2484
case 0:
2485
break;
2486
case ENOMEM:
2487
default:
2488
errno = ret;
2489
perror_plus("argp_parse");
2490
exitcode = EX_OSERR;
2491
goto end;
2492
case EINVAL:
2493
exitcode = EX_USAGE;
1011
2494
goto end;
1012
2495
}
1013
2496
}
1014
2497
1015
/* If the interface is down, bring it up */
1016
if(interface[0] != '\0'){
1017
#ifdef __linux__
1018
/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO
1019
messages to mess up the prompt */
1020
ret = klogctl(8, NULL, 5);
1021
bool restore_loglevel = true;
1022
if(ret == -1){
1023
restore_loglevel = false;
1024
perror("klogctl");
1025
}
1026
#endif /* __linux__ */
2498
{
2499
/* Work around Debian bug #633582:
2500
<http://bugs.debian.org/633582> */
1027
2501
1028
sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1029
if(sd < 0){
1030
perror("socket");
1031
exitcode = EXIT_FAILURE;
1032
#ifdef __linux__
1033
if(restore_loglevel){
1034
ret = klogctl(7, NULL, 0);
1035
if(ret == -1){
1036
perror("klogctl");
1037
}
1038
}
1039
#endif /* __linux__ */
1040
goto end;
1041
}
1042
strcpy(network.ifr_name, interface);
1043
ret = ioctl(sd, SIOCGIFFLAGS, &network);
1044
if(ret == -1){
1045
perror("ioctl SIOCGIFFLAGS");
1046
#ifdef __linux__
1047
if(restore_loglevel){
1048
ret = klogctl(7, NULL, 0);
1049
if(ret == -1){
1050
perror("klogctl");
1051
}
1052
}
1053
#endif /* __linux__ */
1054
exitcode = EXIT_FAILURE;
1055
goto end;
1056
}
1057
if((network.ifr_flags & IFF_UP) == 0){
1058
network.ifr_flags |= IFF_UP;
1059
ret = ioctl(sd, SIOCSIFFLAGS, &network);
1060
if(ret == -1){
1061
perror("ioctl SIOCSIFFLAGS");
1062
exitcode = EXIT_FAILURE;
1063
#ifdef __linux__
1064
if(restore_loglevel){
1065
ret = klogctl(7, NULL, 0);
1066
if(ret == -1){
1067
perror("klogctl");
1068
}
1069
}
1070
#endif /* __linux__ */
2502
/* Re-raise privileges */
2503
ret_errno = raise_privileges();
2504
if(ret_errno != 0){
2505
errno = ret_errno;
2506
perror_plus("Failed to raise privileges");
2507
} else {
2508
struct stat st;
2509
2510
if(strcmp(seckey, PATHDIR "/" SECKEY) == 0){
2511
int seckey_fd = open(seckey, O_RDONLY);
2512
if(seckey_fd == -1){
2513
perror_plus("open");
2514
} else {
2515
ret = (int)TEMP_FAILURE_RETRY(fstat(seckey_fd, &st));
2516
if(ret == -1){
2517
perror_plus("fstat");
2518
} else {
2519
if(S_ISREG(st.st_mode)
2520
and st.st_uid == 0 and st.st_gid == 0){
2521
ret = fchown(seckey_fd, uid, gid);
2522
if(ret == -1){
2523
perror_plus("fchown");
2524
}
2525
}
2526
}
2527
close(seckey_fd);
2528
}
2529
}
2530
2531
if(strcmp(pubkey, PATHDIR "/" PUBKEY) == 0){
2532
int pubkey_fd = open(pubkey, O_RDONLY);
2533
if(pubkey_fd == -1){
2534
perror_plus("open");
2535
} else {
2536
ret = (int)TEMP_FAILURE_RETRY(fstat(pubkey_fd, &st));
2537
if(ret == -1){
2538
perror_plus("fstat");
2539
} else {
2540
if(S_ISREG(st.st_mode)
2541
and st.st_uid == 0 and st.st_gid == 0){
2542
ret = fchown(pubkey_fd, uid, gid);
2543
if(ret == -1){
2544
perror_plus("fchown");
2545
}
2546
}
2547
}
2548
close(pubkey_fd);
2549
}
2550
}
2551
2552
if(dh_params_file != NULL
2553
and strcmp(dh_params_file, PATHDIR "/dhparams.pem" ) == 0){
2554
int dhparams_fd = open(dh_params_file, O_RDONLY);
2555
if(dhparams_fd == -1){
2556
perror_plus("open");
2557
} else {
2558
ret = (int)TEMP_FAILURE_RETRY(fstat(dhparams_fd, &st));
2559
if(ret == -1){
2560
perror_plus("fstat");
2561
} else {
2562
if(S_ISREG(st.st_mode)
2563
and st.st_uid == 0 and st.st_gid == 0){
2564
ret = fchown(dhparams_fd, uid, gid);
2565
if(ret == -1){
2566
perror_plus("fchown");
2567
}
2568
}
2569
}
2570
close(dhparams_fd);
2571
}
2572
}
2573
2574
/* Lower privileges */
2575
ret_errno = lower_privileges();
2576
if(ret_errno != 0){
2577
errno = ret_errno;
2578
perror_plus("Failed to lower privileges");
2579
}
2580
}
2581
}
2582
2583
/* Remove invalid interface names (except "none") */
2584
{
2585
char *interface = NULL;
2586
while((interface = argz_next(mc.interfaces, mc.interfaces_size,
2587
interface))){
2588
if(strcmp(interface, "none") != 0
2589
and if_nametoindex(interface) == 0){
2590
if(interface[0] != '\0'){
2591
fprintf_plus(stderr, "Not using nonexisting interface"
2592
" \"%s\"\n", interface);
2593
}
2594
argz_delete(&mc.interfaces, &mc.interfaces_size, interface);
2595
interface = NULL;
2596
}
2597
}
2598
}
2599
2600
/* Run network hooks */
2601
{
2602
if(mc.interfaces != NULL){
2603
interfaces_hooks = malloc(mc.interfaces_size);
2604
if(interfaces_hooks == NULL){
2605
perror_plus("malloc");
1071
2606
goto end;
1072
2607
}
1073
}
1074
/* sleep checking until interface is running */
1075
for(int i=0; i < delay * 4; i++){
1076
ret = ioctl(sd, SIOCGIFFLAGS, &network);
1077
if(ret == -1){
1078
perror("ioctl SIOCGIFFLAGS");
1079
} else if(network.ifr_flags & IFF_RUNNING){
2608
memcpy(interfaces_hooks, mc.interfaces, mc.interfaces_size);
2609
argz_stringify(interfaces_hooks, mc.interfaces_size, (int)',');
2610
}
2611
run_network_hooks("start", interfaces_hooks != NULL ?
2612
interfaces_hooks : "", delay);
2613
}
2614
2615
if(not debug){
2616
avahi_set_log_function(empty_log);
2617
}
2618
2619
/* Initialize Avahi early so avahi_simple_poll_quit() can be called
2620
from the signal handler */
2621
/* Initialize the pseudo-RNG for Avahi */
2622
srand((unsigned int) time(NULL));
2623
simple_poll = avahi_simple_poll_new();
2624
if(simple_poll == NULL){
2625
fprintf_plus(stderr,
2626
"Avahi: Failed to create simple poll object.\n");
2627
exitcode = EX_UNAVAILABLE;
2628
goto end;
2629
}
2630
2631
sigemptyset(&sigterm_action.sa_mask);
2632
ret = sigaddset(&sigterm_action.sa_mask, SIGINT);
2633
if(ret == -1){
2634
perror_plus("sigaddset");
2635
exitcode = EX_OSERR;
2636
goto end;
2637
}
2638
ret = sigaddset(&sigterm_action.sa_mask, SIGHUP);
2639
if(ret == -1){
2640
perror_plus("sigaddset");
2641
exitcode = EX_OSERR;
2642
goto end;
2643
}
2644
ret = sigaddset(&sigterm_action.sa_mask, SIGTERM);
2645
if(ret == -1){
2646
perror_plus("sigaddset");
2647
exitcode = EX_OSERR;
2648
goto end;
2649
}
2650
/* Need to check if the handler is SIG_IGN before handling:
2651
| [[info:libc:Initial Signal Actions]] |
2652
| [[info:libc:Basic Signal Handling]] |
2653
*/
2654
ret = sigaction(SIGINT, NULL, &old_sigterm_action);
2655
if(ret == -1){
2656
perror_plus("sigaction");
2657
return EX_OSERR;
2658
}
2659
if(old_sigterm_action.sa_handler != SIG_IGN){
2660
ret = sigaction(SIGINT, &sigterm_action, NULL);
2661
if(ret == -1){
2662
perror_plus("sigaction");
2663
exitcode = EX_OSERR;
2664
goto end;
2665
}
2666
}
2667
ret = sigaction(SIGHUP, NULL, &old_sigterm_action);
2668
if(ret == -1){
2669
perror_plus("sigaction");
2670
return EX_OSERR;
2671
}
2672
if(old_sigterm_action.sa_handler != SIG_IGN){
2673
ret = sigaction(SIGHUP, &sigterm_action, NULL);
2674
if(ret == -1){
2675
perror_plus("sigaction");
2676
exitcode = EX_OSERR;
2677
goto end;
2678
}
2679
}
2680
ret = sigaction(SIGTERM, NULL, &old_sigterm_action);
2681
if(ret == -1){
2682
perror_plus("sigaction");
2683
return EX_OSERR;
2684
}
2685
if(old_sigterm_action.sa_handler != SIG_IGN){
2686
ret = sigaction(SIGTERM, &sigterm_action, NULL);
2687
if(ret == -1){
2688
perror_plus("sigaction");
2689
exitcode = EX_OSERR;
2690
goto end;
2691
}
2692
}
2693
2694
/* If no interfaces were specified, make a list */
2695
if(mc.interfaces == NULL){
2696
struct dirent **direntries = NULL;
2697
/* Look for any good interfaces */
2698
ret = scandir(sys_class_net, &direntries, good_interface,
2699
alphasort);
2700
if(ret >= 1){
2701
/* Add all found interfaces to interfaces list */
2702
for(int i = 0; i < ret; ++i){
2703
ret_errno = argz_add(&mc.interfaces, &mc.interfaces_size,
2704
direntries[i]->d_name);
2705
if(ret_errno != 0){
2706
errno = ret_errno;
2707
perror_plus("argz_add");
2708
free(direntries[i]);
2709
continue;
2710
}
2711
if(debug){
2712
fprintf_plus(stderr, "Will use interface \"%s\"\n",
2713
direntries[i]->d_name);
2714
}
2715
free(direntries[i]);
2716
}
2717
free(direntries);
2718
} else {
2719
if(ret == 0){
2720
free(direntries);
2721
}
2722
fprintf_plus(stderr, "Could not find a network interface\n");
2723
exitcode = EXIT_FAILURE;
2724
goto end;
2725
}
2726
}
2727
2728
/* Bring up interfaces which are down, and remove any "none"s */
2729
{
2730
char *interface = NULL;
2731
while((interface = argz_next(mc.interfaces, mc.interfaces_size,
2732
interface))){
2733
/* If interface name is "none", stop bringing up interfaces.
2734
Also remove all instances of "none" from the list */
2735
if(strcmp(interface, "none") == 0){
2736
argz_delete(&mc.interfaces, &mc.interfaces_size,
2737
interface);
2738
interface = NULL;
2739
while((interface = argz_next(mc.interfaces,
2740
mc.interfaces_size, interface))){
2741
if(strcmp(interface, "none") == 0){
2742
argz_delete(&mc.interfaces, &mc.interfaces_size,
2743
interface);
2744
interface = NULL;
2745
}
2746
}
1080
2747
break;
1081
2748
}
1082
struct timespec sleeptime = { .tv_nsec = 250000000 };
1083
ret = nanosleep(&sleeptime, NULL);
1084
if(ret == -1 and errno != EINTR){
1085
perror("nanosleep");
1086
}
1087
}
1088
ret = (int)TEMP_FAILURE_RETRY(close(sd));
1089
if(ret == -1){
1090
perror("close");
1091
}
1092
#ifdef __linux__
1093
if(restore_loglevel){
1094
/* Restores kernel loglevel to default */
1095
ret = klogctl(7, NULL, 0);
1096
if(ret == -1){
1097
perror("klogctl");
1098
}
1099
}
1100
#endif /* __linux__ */
1101
}
1102
1103
uid = getuid();
1104
gid = getgid();
1105
1106
errno = 0;
1107
setgid(gid);
1108
if(ret == -1){
1109
perror("setgid");
1110
}
1111
1112
ret = setuid(uid);
1113
if(ret == -1){
1114
perror("setuid");
1115
}
1116
1117
ret = init_gnutls_global(pubkey, seckey);
1118
if(ret == -1){
1119
fprintf(stderr, "init_gnutls_global failed\n");
1120
exitcode = EXIT_FAILURE;
2749
bool interface_was_up = interface_is_up(interface);
2750
errno = bring_up_interface(interface, delay);
2751
if(not interface_was_up){
2752
if(errno != 0){
2753
fprintf_plus(stderr, "Failed to bring up interface \"%s\":"
2754
" %s\n", interface, strerror(errno));
2755
} else {
2756
errno = argz_add(&interfaces_to_take_down,
2757
&interfaces_to_take_down_size,
2758
interface);
2759
if(errno != 0){
2760
perror_plus("argz_add");
2761
}
2762
}
2763
}
2764
}
2765
if(debug and (interfaces_to_take_down == NULL)){
2766
fprintf_plus(stderr, "No interfaces were brought up\n");
2767
}
2768
}
2769
2770
/* If we only got one interface, explicitly use only that one */
2771
if(argz_count(mc.interfaces, mc.interfaces_size) == 1){
2772
if(debug){
2773
fprintf_plus(stderr, "Using only interface \"%s\"\n",
2774
mc.interfaces);
2775
}
2776
if_index = (AvahiIfIndex)if_nametoindex(mc.interfaces);
2777
}
2778
2779
if(quit_now){
2780
goto end;
2781
}
2782
2783
ret = init_gnutls_global(pubkey, seckey, dh_params_file, &mc);
2784
if(ret == -1){
2785
fprintf_plus(stderr, "init_gnutls_global failed\n");
2786
exitcode = EX_UNAVAILABLE;
1121
2787
goto end;
1122
2788
} else {
1123
2789
gnutls_initialized = true;
1124
2790
}
1125
2791
1126
if(mkdtemp(tempdir) == NULL){
1127
perror("mkdtemp");
1128
goto end;
1129
}
1130
tempdir_created = true;
1131
1132
if(not init_gpgme(pubkey, seckey, tempdir)){
1133
fprintf(stderr, "init_gpgme failed\n");
1134
exitcode = EXIT_FAILURE;
2792
if(quit_now){
2793
goto end;
2794
}
2795
2796
/* Try /run/tmp before /tmp */
2797
tempdir = mkdtemp(run_tempdir);
2798
if(tempdir == NULL and errno == ENOENT){
2799
if(debug){
2800
fprintf_plus(stderr, "Tempdir %s did not work, trying %s\n",
2801
run_tempdir, old_tempdir);
2802
}
2803
tempdir = mkdtemp(old_tempdir);
2804
}
2805
if(tempdir == NULL){
2806
perror_plus("mkdtemp");
2807
goto end;
2808
}
2809
2810
if(quit_now){
2811
goto end;
2812
}
2813
2814
if(not init_gpgme(pubkey, seckey, tempdir, &mc)){
2815
fprintf_plus(stderr, "init_gpgme failed\n");
2816
exitcode = EX_UNAVAILABLE;
1135
2817
goto end;
1136
2818
} else {
1137
2819
gpgme_initialized = true;
1138
2820
}
1139
2821
1140
if(interface[0] != '\0'){
1141
if_index = (AvahiIfIndex) if_nametoindex(interface);
1142
if(if_index == 0){
1143
fprintf(stderr, "No such interface: \"%s\"\n", interface);
1144
exitcode = EXIT_FAILURE;
1145
goto end;
1146
}
2822
if(quit_now){
2823
goto end;
1147
2824
}
1148
2825
1149
2826
if(connect_to != NULL){
1150
2827
/* Connect directly, do not use Zeroconf */
1151
2828
/* (Mainly meant for debugging) */
1152
2829
char *address = strrchr(connect_to, ':');
2830
1153
2831
if(address == NULL){
1154
fprintf(stderr, "No colon in address\n");
1155
exitcode = EXIT_FAILURE;
1156
goto end;
1157
}
1158
uint16_t port;
1159
ret = sscanf(address+1, "%" SCNdMAX "%n", &tmpmax, &numchars);
1160
if(ret < 1 or tmpmax != (uint16_t)tmpmax
1161
or address[numchars+1] != '\0'){
1162
fprintf(stderr, "Bad port number\n");
1163
exitcode = EXIT_FAILURE;
1164
goto end;
1165
}
1166
port = (uint16_t)tmpmax;
2832
fprintf_plus(stderr, "No colon in address\n");
2833
exitcode = EX_USAGE;
2834
goto end;
2835
}
2836
2837
if(quit_now){
2838
goto end;
2839
}
2840
2841
in_port_t port;
2842
errno = 0;
2843
tmpmax = strtoimax(address+1, &tmp, 10);
2844
if(errno != 0 or tmp == address+1 or *tmp != '\0'
2845
or tmpmax != (in_port_t)tmpmax){
2846
fprintf_plus(stderr, "Bad port number\n");
2847
exitcode = EX_USAGE;
2848
goto end;
2849
}
2850
2851
if(quit_now){
2852
goto end;
2853
}
2854
2855
port = (in_port_t)tmpmax;
1167
2856
*address = '\0';
1168
address = connect_to;
1169
2857
/* Colon in address indicates IPv6 */
1170
2858
int af;
1171
if(strchr(address, ':') != NULL){
2859
if(strchr(connect_to, ':') != NULL){
1172
2860
af = AF_INET6;
2861
/* Accept [] around IPv6 address - see RFC 5952 */
2862
if(connect_to[0] == '[' and address[-1] == ']')
2863
{
2864
connect_to++;
2865
address[-1] = '\0';
2866
}
1173
2867
} else {
1174
2868
af = AF_INET;
1175
2869
}
1176
ret = start_mandos_communication(address, port, if_index, af);
1177
if(ret < 0){
1178
exitcode = EXIT_FAILURE;
1179
} else {
2870
address = connect_to;
2871
2872
if(quit_now){
2873
goto end;
2874
}
2875
2876
while(not quit_now){
2877
ret = start_mandos_communication(address, port, if_index, af,
2878
&mc);
2879
if(quit_now or ret == 0){
2880
break;
2881
}
2882
if(debug){
2883
fprintf_plus(stderr, "Retrying in %d seconds\n",
2884
(int)retry_interval);
2885
}
2886
sleep((unsigned int)retry_interval);
2887
}
2888
2889
if(not quit_now){
1180
2890
exitcode = EXIT_SUCCESS;
1181
2891
}
2892
1182
2893
goto end;
1183
2894
}
1184
2895
1185
if(not debug){
1186
avahi_set_log_function(empty_log);
1187
}
1188
1189
/* Initialize the pseudo-RNG for Avahi */
1190
srand((unsigned int) time(NULL));
1191
1192
/* Allocate main Avahi loop object */
1193
mc.simple_poll = avahi_simple_poll_new();
1194
if(mc.simple_poll == NULL){
1195
fprintf(stderr, "Avahi: Failed to create simple poll object.\n");
1196
exitcode = EXIT_FAILURE;
2896
if(quit_now){
1197
2897
goto end;
1198
2898
}
1199
2899
1207
2907
config.publish_domain = 0;
1208
2908
1209
2909
/* Allocate a new server */
1210
mc.server = avahi_server_new(avahi_simple_poll_get
1211
(mc.simple_poll), &config, NULL,
1212
NULL, &error);
2910
mc.server = avahi_server_new(avahi_simple_poll_get(simple_poll),
2911
&config, NULL, NULL, &ret_errno);
1213
2912
1214
2913
/* Free the Avahi configuration data */
1215
2914
avahi_server_config_free(&config);
1217
2916
1218
2917
/* Check if creating the Avahi server object succeeded */
1219
2918
if(mc.server == NULL){
1220
fprintf(stderr, "Failed to create Avahi server: %s\n",
1221
avahi_strerror(error));
1222
exitcode = EXIT_FAILURE;
2919
fprintf_plus(stderr, "Failed to create Avahi server: %s\n",
2920
avahi_strerror(ret_errno));
2921
exitcode = EX_UNAVAILABLE;
2922
goto end;
2923
}
2924
2925
if(quit_now){
1223
2926
goto end;
1224
2927
}
1225
2928
1226
2929
/* Create the Avahi service browser */
1227
2930
sb = avahi_s_service_browser_new(mc.server, if_index,
1228
AVAHI_PROTO_INET6, "_mandos._tcp",
1229
NULL, 0, browse_callback, NULL);
2931
AVAHI_PROTO_UNSPEC, "_mandos._tcp",
2932
NULL, 0, browse_callback,
2933
(void *)&mc);
1230
2934
if(sb == NULL){
1231
fprintf(stderr, "Failed to create service browser: %s\n",
1232
avahi_strerror(avahi_server_errno(mc.server)));
1233
exitcode = EXIT_FAILURE;
2935
fprintf_plus(stderr, "Failed to create service browser: %s\n",
2936
avahi_strerror(avahi_server_errno(mc.server)));
2937
exitcode = EX_UNAVAILABLE;
1234
2938
goto end;
1235
2939
}
1236
2940
1237
sigemptyset(&sigterm_action.sa_mask);
1238
ret = sigaddset(&sigterm_action.sa_mask, SIGINT);
1239
if(ret == -1){
1240
perror("sigaddset");
1241
exitcode = EXIT_FAILURE;
1242
goto end;
1243
}
1244
ret = sigaddset(&sigterm_action.sa_mask, SIGHUP);
1245
if(ret == -1){
1246
perror("sigaddset");
1247
exitcode = EXIT_FAILURE;
1248
goto end;
1249
}
1250
ret = sigaddset(&sigterm_action.sa_mask, SIGTERM);
1251
if(ret == -1){
1252
perror("sigaddset");
1253
exitcode = EXIT_FAILURE;
1254
goto end;
1255
}
1256
ret = sigaction(SIGTERM, &sigterm_action, &old_sigterm_action);
1257
if(ret == -1){
1258
perror("sigaction");
1259
exitcode = EXIT_FAILURE;
1260
goto end;
1261
}
2941
if(quit_now){
2942
goto end;
2943
}
1262
2944
1263
2945
/* Run the main loop */
1264
2946
1265
2947
if(debug){
1266
fprintf(stderr, "Starting Avahi loop search\n");
2948
fprintf_plus(stderr, "Starting Avahi loop search\n");
1267
2949
}
1268
2950
1269
avahi_simple_poll_loop(mc.simple_poll);
2951
ret = avahi_loop_with_timeout(simple_poll,
2952
(int)(retry_interval * 1000), &mc);
2953
if(debug){
2954
fprintf_plus(stderr, "avahi_loop_with_timeout exited %s\n",
2955
(ret == 0) ? "successfully" : "with error");
2956
}
1270
2957
1271
2958
end:
1272
2959
1273
2960
if(debug){
1274
fprintf(stderr, "%s exiting\n", argv[0]);
2961
fprintf_plus(stderr, "%s exiting\n", argv[0]);
1275
2962
}
1276
2963
1277
2964
/* Cleanup things */
2965
free(mc.interfaces);
2966
1278
2967
if(sb != NULL)
1279
2968
avahi_s_service_browser_free(sb);
1280
2969
1281
2970
if(mc.server != NULL)
1282
2971
avahi_server_free(mc.server);
1283
2972
1284
if(mc.simple_poll != NULL)
1285
avahi_simple_poll_free(mc.simple_poll);
2973
if(simple_poll != NULL)
2974
avahi_simple_poll_free(simple_poll);
1286
2975
1287
2976
if(gnutls_initialized){
1288
2977
gnutls_certificate_free_credentials(mc.cred);
1294
2983
gpgme_release(mc.ctx);
1295
2984
}
1296
2985
1297
/* Removes the temp directory used by GPGME */
1298
if(tempdir_created){
1299
DIR *d;
1300
struct dirent *direntry;
1301
d = opendir(tempdir);
1302
if(d == NULL){
1303
if(errno != ENOENT){
1304
perror("opendir");
1305
}
1306
} else {
1307
while(true){
1308
direntry = readdir(d);
1309
if(direntry == NULL){
1310
break;
1311
}
1312
/* Skip "." and ".." */
1313
if(direntry->d_name[0] == '.'
1314
and (direntry->d_name[1] == '\0'
1315
or (direntry->d_name[1] == '.'
1316
and direntry->d_name[2] == '\0'))){
1317
continue;
1318
}
1319
char *fullname = NULL;
1320
ret = asprintf(&fullname, "%s/%s", tempdir,
1321
direntry->d_name);
1322
if(ret < 0){
1323
perror("asprintf");
1324
continue;
1325
}
1326
ret = remove(fullname);
1327
if(ret == -1){
1328
fprintf(stderr, "remove(\"%s\"): %s\n", fullname,
1329
strerror(errno));
1330
}
1331
free(fullname);
1332
}
1333
closedir(d);
1334
}
1335
ret = rmdir(tempdir);
1336
if(ret == -1 and errno != ENOENT){
1337
perror("rmdir");
1338
}
2986
/* Cleans up the circular linked list of Mandos servers the client
2987
has seen */
2988
if(mc.current_server != NULL){
2989
mc.current_server->prev->next = NULL;
2990
while(mc.current_server != NULL){
2991
server *next = mc.current_server->next;
2992
#ifdef __GNUC__
2993
#pragma GCC diagnostic push
2994
#pragma GCC diagnostic ignored "-Wcast-qual"
2995
#endif
2996
free((char *)(mc.current_server->ip));
2997
#ifdef __GNUC__
2998
#pragma GCC diagnostic pop
2999
#endif
3000
free(mc.current_server);
3001
mc.current_server = next;
3002
}
3003
}
3004
3005
/* Re-raise privileges */
3006
{
3007
ret_errno = raise_privileges();
3008
if(ret_errno != 0){
3009
errno = ret_errno;
3010
perror_plus("Failed to raise privileges");
3011
} else {
3012
3013
/* Run network hooks */
3014
run_network_hooks("stop", interfaces_hooks != NULL ?
3015
interfaces_hooks : "", delay);
3016
3017
/* Take down the network interfaces which were brought up */
3018
{
3019
char *interface = NULL;
3020
while((interface=argz_next(interfaces_to_take_down,
3021
interfaces_to_take_down_size,
3022
interface))){
3023
ret_errno = take_down_interface(interface);
3024
if(ret_errno != 0){
3025
errno = ret_errno;
3026
perror_plus("Failed to take down interface");
3027
}
3028
}
3029
if(debug and (interfaces_to_take_down == NULL)){
3030
fprintf_plus(stderr, "No interfaces needed to be taken"
3031
" down\n");
3032
}
3033
}
3034
}
3035
3036
ret_errno = lower_privileges_permanently();
3037
if(ret_errno != 0){
3038
errno = ret_errno;
3039
perror_plus("Failed to lower privileges permanently");
3040
}
3041
}
3042
3043
free(interfaces_to_take_down);
3044
free(interfaces_hooks);
3045
3046
/* Removes the GPGME temp directory and all files inside */
3047
if(tempdir != NULL){
3048
struct dirent **direntries = NULL;
3049
int tempdir_fd = (int)TEMP_FAILURE_RETRY(open(tempdir, O_RDONLY
3050
| O_NOFOLLOW
3051
| O_DIRECTORY
3052
| O_PATH));
3053
if(tempdir_fd == -1){
3054
perror_plus("open");
3055
} else {
3056
#ifdef __GLIBC__
3057
#if __GLIBC_PREREQ(2, 15)
3058
int numentries = scandirat(tempdir_fd, ".", &direntries,
3059
notdotentries, alphasort);
3060
#else /* not __GLIBC_PREREQ(2, 15) */
3061
int numentries = scandir(tempdir, &direntries, notdotentries,
3062
alphasort);
3063
#endif /* not __GLIBC_PREREQ(2, 15) */
3064
#else /* not __GLIBC__ */
3065
int numentries = scandir(tempdir, &direntries, notdotentries,
3066
alphasort);
3067
#endif /* not __GLIBC__ */
3068
if(numentries >= 0){
3069
for(int i = 0; i < numentries; i++){
3070
ret = unlinkat(tempdir_fd, direntries[i]->d_name, 0);
3071
if(ret == -1){
3072
fprintf_plus(stderr, "unlinkat(open(\"%s\", O_RDONLY),"
3073
" \"%s\", 0): %s\n", tempdir,
3074
direntries[i]->d_name, strerror(errno));
3075
}
3076
free(direntries[i]);
3077
}
3078
3079
/* need to clean even if 0 because man page doesn't specify */
3080
free(direntries);
3081
if(numentries == -1){
3082
perror_plus("scandir");
3083
}
3084
ret = rmdir(tempdir);
3085
if(ret == -1 and errno != ENOENT){
3086
perror_plus("rmdir");
3087
}
3088
}
3089
close(tempdir_fd);
3090
}
3091
}
3092
3093
if(quit_now){
3094
sigemptyset(&old_sigterm_action.sa_mask);
3095
old_sigterm_action.sa_handler = SIG_DFL;
3096
ret = (int)TEMP_FAILURE_RETRY(sigaction(signal_received,
3097
&old_sigterm_action,
3098
NULL));
3099
if(ret == -1){
3100
perror_plus("sigaction");
3101
}
3102
do {
3103
ret = raise(signal_received);
3104
} while(ret != 0 and errno == EINTR);
3105
if(ret != 0){
3106
perror_plus("raise");
3107
abort();
3108
}
3109
TEMP_FAILURE_RETRY(pause());
1339
3110
}
1340
3111
1341
3112
return exitcode;
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0