To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/mandos-client.c
- browse files at revision 807
- compare with another revision
- download diff
- download tarball
- view history from revision 807
- Committer: Teddy Hogeborn
- Date: 2016-02-28 14:22:10 UTC
- Revision ID: teddy@recompile.se-20160228142210-2df89dih7mzxxr0h
Update copyright year.
* DBUS-API: Update copyright year.
* debian/copyright: - '' -
* intro.xml (COPYRIGHT): - '' -
* mandos: - '' -
* mandos-clients.conf.xml (COPYRIGHT): - '' -
* mandos-ctl: - '' -
* mandos-ctl.xml (COPYRIGHT): - '' -
* mandos-keygen: - '' -
* mandos-keygen.xml (COPYRIGHT): - '' -
* mandos-monitor: - '' -
* mandos-monitor.xml (COPYRIGHT): - '' -
* mandos.conf.xml (COPYRIGHT): - '' -
* mandos.xml (COPYRIGHT): - '' -
* plugin-helpers/mandos-client-iprouteadddel.c: - '' -
* plugin-runner.c: - '' -
* plugin-runner.xml (COPYRIGHT): - '' -
* plugins.d/askpass-fifo.c: - '' -
* plugins.d/askpass-fifo.xml (COPYRIGHT): - '' -
* plugins.d/mandos-client.c: - '' -
* plugins.d/mandos-client.xml (COPYRIGHT): - '' -
* plugins.d/password-prompt.c: - '' -
* plugins.d/password-prompt.xml (COPYRIGHT): - ''
* plugins.d/plymouth.c: - '' -
* plugins.d/plymouth.xml (COPYRIGHT): - '' -
* plugins.d/splashy.c: - '' -
* plugins.d/splashy.xml (COPYRIGHT): - '' -
* plugins.d/usplash.c: - '' -
* plugins.d/usplash.xml (COPYRIGHT): - '' -
* DBUS-API: Update copyright year.
* debian/copyright: - '' -
* intro.xml (COPYRIGHT): - '' -
* mandos: - '' -
* mandos-clients.conf.xml (COPYRIGHT): - '' -
* mandos-ctl: - '' -
* mandos-ctl.xml (COPYRIGHT): - '' -
* mandos-keygen: - '' -
* mandos-keygen.xml (COPYRIGHT): - '' -
* mandos-monitor: - '' -
* mandos-monitor.xml (COPYRIGHT): - '' -
* mandos.conf.xml (COPYRIGHT): - '' -
* mandos.xml (COPYRIGHT): - '' -
* plugin-helpers/mandos-client-iprouteadddel.c: - '' -
* plugin-runner.c: - '' -
* plugin-runner.xml (COPYRIGHT): - '' -
* plugins.d/askpass-fifo.c: - '' -
* plugins.d/askpass-fifo.xml (COPYRIGHT): - '' -
* plugins.d/mandos-client.c: - '' -
* plugins.d/mandos-client.xml (COPYRIGHT): - '' -
* plugins.d/password-prompt.c: - '' -
* plugins.d/password-prompt.xml (COPYRIGHT): - ''
* plugins.d/plymouth.c: - '' -
* plugins.d/plymouth.xml (COPYRIGHT): - '' -
* plugins.d/splashy.c: - '' -
* plugins.d/splashy.xml (COPYRIGHT): - '' -
* plugins.d/usplash.c: - '' -
* plugins.d/usplash.xml (COPYRIGHT): - '' -
- files added:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- debian/upstream
- network-hooks.d
- plugin-helpers
- files removed:
- ca.pem
- files renamed:
- server.py => mandos
- server.conf => mandos.conf
- plugbasedclient.c => plugin-runner.c
- plugins.d/mandosclient.c => plugins.d/mandos-client.c
- plugins.d/passprompt.c => plugins.d/password-prompt.c
- files modified:
- Makefile
added
removed
plugins.d/mandos-client.c
1
1
/* -*- coding: utf-8 -*- */
2
2
/*
3
* Mandos client - get and decrypt data from a Mandos server
3
* Mandos-client - get and decrypt data from a Mandos server
4
4
*
5
5
* This program is partly derived from an example program for an Avahi
6
6
* service browser, downloaded from
9
9
* "browse_callback", and parts of "main".
10
10
*
11
11
* Everything else is
12
* Copyright © 2007-2008 Teddy Hogeborn & Björn Påhlsson
12
* Copyright © 2008-2016 Teddy Hogeborn
13
* Copyright © 2008-2016 Björn Påhlsson
13
14
*
14
15
* This program is free software: you can redistribute it and/or
15
16
* modify it under the terms of the GNU General Public License as
25
26
* along with this program. If not, see
26
27
* <http://www.gnu.org/licenses/>.
27
28
*
28
* Contact the authors at <mandos@fukt.bsnet.se>.
29
* Contact the authors at <mandos@recompile.se>.
29
30
*/
30
31
31
32
/* Needed by GPGME, specifically gpgme_data_seek() */
33
#ifndef _LARGEFILE_SOURCE
32
34
#define _LARGEFILE_SOURCE
35
#endif /* not _LARGEFILE_SOURCE */
36
#ifndef _FILE_OFFSET_BITS
33
37
#define _FILE_OFFSET_BITS 64
34
35
#include <stdio.h>
36
#include <assert.h>
37
#include <stdlib.h>
38
#include <time.h>
39
#include <net/if.h> /* if_nametoindex */
40
38
#endif /* not _FILE_OFFSET_BITS */
39
40
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */
41
42
#include <stdio.h> /* fprintf(), stderr, fwrite(),
43
stdout, ferror() */
44
#include <stdint.h> /* uint16_t, uint32_t, intptr_t */
45
#include <stddef.h> /* NULL, size_t, ssize_t */
46
#include <stdlib.h> /* free(), EXIT_SUCCESS, srand(),
47
strtof(), abort() */
48
#include <stdbool.h> /* bool, false, true */
49
#include <string.h> /* strcmp(), strlen(), strerror(),
50
asprintf(), strncpy() */
51
#include <sys/ioctl.h> /* ioctl */
52
#include <sys/types.h> /* socket(), inet_pton(), sockaddr,
53
sockaddr_in6, PF_INET6,
54
SOCK_STREAM, uid_t, gid_t, open(),
55
opendir(), DIR */
56
#include <sys/stat.h> /* open(), S_ISREG */
57
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
58
inet_pton(), connect(),
59
getnameinfo() */
60
#include <fcntl.h> /* open(), unlinkat() */
61
#include <dirent.h> /* opendir(), struct dirent, readdir()
62
*/
63
#include <inttypes.h> /* PRIu16, PRIdMAX, intmax_t,
64
strtoimax() */
65
#include <errno.h> /* perror(), errno,
66
program_invocation_short_name */
67
#include <time.h> /* nanosleep(), time(), sleep() */
68
#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
69
SIOCSIFFLAGS, if_indextoname(),
70
if_nametoindex(), IF_NAMESIZE */
71
#include <netinet/in.h> /* IN6_IS_ADDR_LINKLOCAL,
72
INET_ADDRSTRLEN, INET6_ADDRSTRLEN
73
*/
74
#include <unistd.h> /* close(), SEEK_SET, off_t, write(),
75
getuid(), getgid(), seteuid(),
76
setgid(), pause(), _exit(),
77
unlinkat() */
78
#include <arpa/inet.h> /* inet_pton(), htons() */
79
#include <iso646.h> /* not, or, and */
80
#include <argp.h> /* struct argp_option, error_t, struct
81
argp_state, struct argp,
82
argp_parse(), ARGP_KEY_ARG,
83
ARGP_KEY_END, ARGP_ERR_UNKNOWN */
84
#include <signal.h> /* sigemptyset(), sigaddset(),
85
sigaction(), SIGTERM, sig_atomic_t,
86
raise() */
87
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_UNAVAILABLE,
88
EX_NOHOST, EX_IOERR, EX_PROTOCOL */
89
#include <sys/wait.h> /* waitpid(), WIFEXITED(),
90
WEXITSTATUS(), WTERMSIG() */
91
#include <grp.h> /* setgroups() */
92
#include <argz.h> /* argz_add_sep(), argz_next(),
93
argz_delete(), argz_append(),
94
argz_stringify(), argz_add(),
95
argz_count() */
96
#include <netdb.h> /* getnameinfo(), NI_NUMERICHOST,
97
EAI_SYSTEM, gai_strerror() */
98
99
#ifdef __linux__
100
#include <sys/klog.h> /* klogctl() */
101
#endif /* __linux__ */
102
103
/* Avahi */
104
/* All Avahi types, constants and functions
105
Avahi*, avahi_*,
106
AVAHI_* */
41
107
#include <avahi-core/core.h>
42
108
#include <avahi-core/lookup.h>
43
109
#include <avahi-core/log.h>
45
111
#include <avahi-common/malloc.h>
46
112
#include <avahi-common/error.h>
47
113
48
//mandos client part
49
#include <sys/types.h> /* socket(), inet_pton() */
50
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
51
struct in6_addr, inet_pton() */
52
#include <gnutls/gnutls.h> /* All GnuTLS stuff */
53
#include <gnutls/openpgp.h> /* GnuTLS with openpgp stuff */
54
55
#include <unistd.h> /* close() */
56
#include <netinet/in.h>
57
#include <stdbool.h> /* true */
58
#include <string.h> /* memset */
59
#include <arpa/inet.h> /* inet_pton() */
60
#include <iso646.h> /* not */
61
62
// gpgme
63
#include <errno.h> /* perror() */
64
#include <gpgme.h>
65
66
// getopt long
67
#include <getopt.h>
114
/* GnuTLS */
115
#include <gnutls/gnutls.h> /* All GnuTLS types, constants and
116
functions:
117
gnutls_*
118
init_gnutls_session(),
119
GNUTLS_* */
120
#include <gnutls/openpgp.h>
121
/* gnutls_certificate_set_openpgp_key_file(),
122
GNUTLS_OPENPGP_FMT_BASE64 */
123
124
/* GPGME */
125
#include <gpgme.h> /* All GPGME types, constants and
126
functions:
127
gpgme_*
128
GPGME_PROTOCOL_OpenPGP,
129
GPG_ERR_NO_* */
68
130
69
131
#define BUFFER_SIZE 256
70
#define DH_BITS 1024
71
132
72
static const char *certdir = "/conf/conf.d/mandos";
73
static const char *certfile = "openpgp-client.txt";
74
static const char *certkey = "openpgp-client-key.txt";
133
#define PATHDIR "/conf/conf.d/mandos"
134
#define SECKEY "seckey.txt"
135
#define PUBKEY "pubkey.txt"
136
#define HOOKDIR "/lib/mandos/network-hooks.d"
75
137
76
138
bool debug = false;
77
139
static const char mandos_protocol_version[] = "1";
140
const char *argp_program_version = "mandos-client " VERSION;
141
const char *argp_program_bug_address = "<mandos@recompile.se>";
142
static const char sys_class_net[] = "/sys/class/net";
143
char *connect_to = NULL;
144
const char *hookdir = HOOKDIR;
145
int hookdir_fd = -1;
146
uid_t uid = 65534;
147
gid_t gid = 65534;
148
149
/* Doubly linked list that need to be circularly linked when used */
150
typedef struct server{
151
const char *ip;
152
in_port_t port;
153
AvahiIfIndex if_index;
154
int af;
155
struct timespec last_seen;
156
struct server *next;
157
struct server *prev;
158
} server;
159
160
/* Used for passing in values through the Avahi callback functions */
78
161
typedef struct {
79
gnutls_session_t session;
162
AvahiServer *server;
80
163
gnutls_certificate_credentials_t cred;
164
unsigned int dh_bits;
81
165
gnutls_dh_params_t dh_params;
82
} encrypted_session;
83
84
85
static ssize_t pgp_packet_decrypt (char *packet, size_t packet_size,
86
char **new_packet,
87
const char *homedir){
88
gpgme_data_t dh_crypto, dh_plain;
166
const char *priority;
89
167
gpgme_ctx_t ctx;
168
server *current_server;
169
char *interfaces;
170
size_t interfaces_size;
171
} mandos_context;
172
173
/* global so signal handler can reach it*/
174
AvahiSimplePoll *simple_poll;
175
176
sig_atomic_t quit_now = 0;
177
int signal_received = 0;
178
179
/* Function to use when printing errors */
180
void perror_plus(const char *print_text){
181
int e = errno;
182
fprintf(stderr, "Mandos plugin %s: ",
183
program_invocation_short_name);
184
errno = e;
185
perror(print_text);
186
}
187
188
__attribute__((format (gnu_printf, 2, 3), nonnull))
189
int fprintf_plus(FILE *stream, const char *format, ...){
190
va_list ap;
191
va_start (ap, format);
192
193
TEMP_FAILURE_RETRY(fprintf(stream, "Mandos plugin %s: ",
194
program_invocation_short_name));
195
return (int)TEMP_FAILURE_RETRY(vfprintf(stream, format, ap));
196
}
197
198
/*
199
* Make additional room in "buffer" for at least BUFFER_SIZE more
200
* bytes. "buffer_capacity" is how much is currently allocated,
201
* "buffer_length" is how much is already used.
202
*/
203
__attribute__((nonnull, warn_unused_result))
204
size_t incbuffer(char **buffer, size_t buffer_length,
205
size_t buffer_capacity){
206
if(buffer_length + BUFFER_SIZE > buffer_capacity){
207
char *new_buf = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
208
if(new_buf == NULL){
209
int old_errno = errno;
210
free(*buffer);
211
errno = old_errno;
212
*buffer = NULL;
213
return 0;
214
}
215
*buffer = new_buf;
216
buffer_capacity += BUFFER_SIZE;
217
}
218
return buffer_capacity;
219
}
220
221
/* Add server to set of servers to retry periodically */
222
__attribute__((nonnull, warn_unused_result))
223
bool add_server(const char *ip, in_port_t port, AvahiIfIndex if_index,
224
int af, server **current_server){
225
int ret;
226
server *new_server = malloc(sizeof(server));
227
if(new_server == NULL){
228
perror_plus("malloc");
229
return false;
230
}
231
*new_server = (server){ .ip = strdup(ip),
232
.port = port,
233
.if_index = if_index,
234
.af = af };
235
if(new_server->ip == NULL){
236
perror_plus("strdup");
237
free(new_server);
238
return false;
239
}
240
ret = clock_gettime(CLOCK_MONOTONIC, &(new_server->last_seen));
241
if(ret == -1){
242
perror_plus("clock_gettime");
243
#ifdef __GNUC__
244
#pragma GCC diagnostic push
245
#pragma GCC diagnostic ignored "-Wcast-qual"
246
#endif
247
free((char *)(new_server->ip));
248
#ifdef __GNUC__
249
#pragma GCC diagnostic pop
250
#endif
251
free(new_server);
252
return false;
253
}
254
/* Special case of first server */
255
if(*current_server == NULL){
256
new_server->next = new_server;
257
new_server->prev = new_server;
258
*current_server = new_server;
259
} else {
260
/* Place the new server last in the list */
261
new_server->next = *current_server;
262
new_server->prev = (*current_server)->prev;
263
new_server->prev->next = new_server;
264
(*current_server)->prev = new_server;
265
}
266
return true;
267
}
268
269
/*
270
* Initialize GPGME.
271
*/
272
__attribute__((nonnull, warn_unused_result))
273
static bool init_gpgme(const char * const seckey,
274
const char * const pubkey,
275
const char * const tempdir,
276
mandos_context *mc){
90
277
gpgme_error_t rc;
91
ssize_t ret;
92
ssize_t new_packet_capacity = 0;
93
ssize_t new_packet_length = 0;
94
278
gpgme_engine_info_t engine_info;
95
96
if (debug){
97
fprintf(stderr, "Trying to decrypt OpenPGP packet\n");
279
280
/*
281
* Helper function to insert pub and seckey to the engine keyring.
282
*/
283
bool import_key(const char * const filename){
284
int ret;
285
int fd;
286
gpgme_data_t pgp_data;
287
288
fd = (int)TEMP_FAILURE_RETRY(open(filename, O_RDONLY));
289
if(fd == -1){
290
perror_plus("open");
291
return false;
292
}
293
294
rc = gpgme_data_new_from_fd(&pgp_data, fd);
295
if(rc != GPG_ERR_NO_ERROR){
296
fprintf_plus(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",
297
gpgme_strsource(rc), gpgme_strerror(rc));
298
return false;
299
}
300
301
rc = gpgme_op_import(mc->ctx, pgp_data);
302
if(rc != GPG_ERR_NO_ERROR){
303
fprintf_plus(stderr, "bad gpgme_op_import: %s: %s\n",
304
gpgme_strsource(rc), gpgme_strerror(rc));
305
return false;
306
}
307
308
ret = close(fd);
309
if(ret == -1){
310
perror_plus("close");
311
}
312
gpgme_data_release(pgp_data);
313
return true;
314
}
315
316
if(debug){
317
fprintf_plus(stderr, "Initializing GPGME\n");
98
318
}
99
319
100
320
/* Init GPGME */
101
321
gpgme_check_version(NULL);
102
322
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
103
if (rc != GPG_ERR_NO_ERROR){
104
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
105
gpgme_strsource(rc), gpgme_strerror(rc));
106
return -1;
323
if(rc != GPG_ERR_NO_ERROR){
324
fprintf_plus(stderr, "bad gpgme_engine_check_version: %s: %s\n",
325
gpgme_strsource(rc), gpgme_strerror(rc));
326
return false;
107
327
}
108
328
109
/* Set GPGME home directory */
110
rc = gpgme_get_engine_info (&engine_info);
111
if (rc != GPG_ERR_NO_ERROR){
112
fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
113
gpgme_strsource(rc), gpgme_strerror(rc));
114
return -1;
329
/* Set GPGME home directory for the OpenPGP engine only */
330
rc = gpgme_get_engine_info(&engine_info);
331
if(rc != GPG_ERR_NO_ERROR){
332
fprintf_plus(stderr, "bad gpgme_get_engine_info: %s: %s\n",
333
gpgme_strsource(rc), gpgme_strerror(rc));
334
return false;
115
335
}
116
336
while(engine_info != NULL){
117
337
if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){
118
338
gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,
119
engine_info->file_name, homedir);
339
engine_info->file_name, tempdir);
120
340
break;
121
341
}
122
342
engine_info = engine_info->next;
123
343
}
124
344
if(engine_info == NULL){
125
fprintf(stderr, "Could not set home dir to %s\n", homedir);
126
return -1;
127
}
128
129
/* Create new GPGME data buffer from packet buffer */
130
rc = gpgme_data_new_from_mem(&dh_crypto, packet, packet_size, 0);
131
if (rc != GPG_ERR_NO_ERROR){
132
fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
133
gpgme_strsource(rc), gpgme_strerror(rc));
345
fprintf_plus(stderr, "Could not set GPGME home dir to %s\n",
346
tempdir);
347
return false;
348
}
349
350
/* Create new GPGME "context" */
351
rc = gpgme_new(&(mc->ctx));
352
if(rc != GPG_ERR_NO_ERROR){
353
fprintf_plus(stderr, "Mandos plugin mandos-client: "
354
"bad gpgme_new: %s: %s\n", gpgme_strsource(rc),
355
gpgme_strerror(rc));
356
return false;
357
}
358
359
if(not import_key(pubkey) or not import_key(seckey)){
360
return false;
361
}
362
363
return true;
364
}
365
366
/*
367
* Decrypt OpenPGP data.
368
* Returns -1 on error
369
*/
370
__attribute__((nonnull, warn_unused_result))
371
static ssize_t pgp_packet_decrypt(const char *cryptotext,
372
size_t crypto_size,
373
char **plaintext,
374
mandos_context *mc){
375
gpgme_data_t dh_crypto, dh_plain;
376
gpgme_error_t rc;
377
ssize_t ret;
378
size_t plaintext_capacity = 0;
379
ssize_t plaintext_length = 0;
380
381
if(debug){
382
fprintf_plus(stderr, "Trying to decrypt OpenPGP data\n");
383
}
384
385
/* Create new GPGME data buffer from memory cryptotext */
386
rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,
387
0);
388
if(rc != GPG_ERR_NO_ERROR){
389
fprintf_plus(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
390
gpgme_strsource(rc), gpgme_strerror(rc));
134
391
return -1;
135
392
}
136
393
137
394
/* Create new empty GPGME data buffer for the plaintext */
138
395
rc = gpgme_data_new(&dh_plain);
139
if (rc != GPG_ERR_NO_ERROR){
140
fprintf(stderr, "bad gpgme_data_new: %s: %s\n",
141
gpgme_strsource(rc), gpgme_strerror(rc));
142
return -1;
143
}
144
145
/* Create new GPGME "context" */
146
rc = gpgme_new(&ctx);
147
if (rc != GPG_ERR_NO_ERROR){
148
fprintf(stderr, "bad gpgme_new: %s: %s\n",
149
gpgme_strsource(rc), gpgme_strerror(rc));
150
return -1;
151
}
152
153
/* Decrypt data from the FILE pointer to the plaintext data
154
buffer */
155
rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);
156
if (rc != GPG_ERR_NO_ERROR){
157
fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
158
gpgme_strsource(rc), gpgme_strerror(rc));
159
return -1;
160
}
161
162
if(debug){
163
fprintf(stderr, "Decryption of OpenPGP packet succeeded\n");
164
}
165
166
if (debug){
167
gpgme_decrypt_result_t result;
168
result = gpgme_op_decrypt_result(ctx);
169
if (result == NULL){
170
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
171
} else {
172
fprintf(stderr, "Unsupported algorithm: %s\n",
173
result->unsupported_algorithm);
174
fprintf(stderr, "Wrong key usage: %d\n",
175
result->wrong_key_usage);
176
if(result->file_name != NULL){
177
fprintf(stderr, "File name: %s\n", result->file_name);
178
}
179
gpgme_recipient_t recipient;
180
recipient = result->recipients;
181
if(recipient){
396
if(rc != GPG_ERR_NO_ERROR){
397
fprintf_plus(stderr, "Mandos plugin mandos-client: "
398
"bad gpgme_data_new: %s: %s\n",
399
gpgme_strsource(rc), gpgme_strerror(rc));
400
gpgme_data_release(dh_crypto);
401
return -1;
402
}
403
404
/* Decrypt data from the cryptotext data buffer to the plaintext
405
data buffer */
406
rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);
407
if(rc != GPG_ERR_NO_ERROR){
408
fprintf_plus(stderr, "bad gpgme_op_decrypt: %s: %s\n",
409
gpgme_strsource(rc), gpgme_strerror(rc));
410
plaintext_length = -1;
411
if(debug){
412
gpgme_decrypt_result_t result;
413
result = gpgme_op_decrypt_result(mc->ctx);
414
if(result == NULL){
415
fprintf_plus(stderr, "gpgme_op_decrypt_result failed\n");
416
} else {
417
fprintf_plus(stderr, "Unsupported algorithm: %s\n",
418
result->unsupported_algorithm);
419
fprintf_plus(stderr, "Wrong key usage: %u\n",
420
result->wrong_key_usage);
421
if(result->file_name != NULL){
422
fprintf_plus(stderr, "File name: %s\n", result->file_name);
423
}
424
gpgme_recipient_t recipient;
425
recipient = result->recipients;
182
426
while(recipient != NULL){
183
fprintf(stderr, "Public key algorithm: %s\n",
184
gpgme_pubkey_algo_name(recipient->pubkey_algo));
185
fprintf(stderr, "Key ID: %s\n", recipient->keyid);
186
fprintf(stderr, "Secret key available: %s\n",
187
recipient->status == GPG_ERR_NO_SECKEY
188
? "No" : "Yes");
427
fprintf_plus(stderr, "Public key algorithm: %s\n",
428
gpgme_pubkey_algo_name
429
(recipient->pubkey_algo));
430
fprintf_plus(stderr, "Key ID: %s\n", recipient->keyid);
431
fprintf_plus(stderr, "Secret key available: %s\n",
432
recipient->status == GPG_ERR_NO_SECKEY
433
? "No" : "Yes");
189
434
recipient = recipient->next;
190
435
}
191
436
}
192
437
}
438
goto decrypt_end;
193
439
}
194
440
195
/* Delete the GPGME FILE pointer cryptotext data buffer */
196
gpgme_data_release(dh_crypto);
441
if(debug){
442
fprintf_plus(stderr, "Decryption of OpenPGP data succeeded\n");
443
}
197
444
198
445
/* Seek back to the beginning of the GPGME plaintext data buffer */
199
if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){
200
perror("pgpme_data_seek");
446
if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){
447
perror_plus("gpgme_data_seek");
448
plaintext_length = -1;
449
goto decrypt_end;
201
450
}
202
451
203
*new_packet = 0;
452
*plaintext = NULL;
204
453
while(true){
205
if (new_packet_length + BUFFER_SIZE > new_packet_capacity){
206
*new_packet = realloc(*new_packet,
207
(unsigned int)new_packet_capacity
208
+ BUFFER_SIZE);
209
if (*new_packet == NULL){
210
perror("realloc");
211
return -1;
212
}
213
new_packet_capacity += BUFFER_SIZE;
454
plaintext_capacity = incbuffer(plaintext,
455
(size_t)plaintext_length,
456
plaintext_capacity);
457
if(plaintext_capacity == 0){
458
perror_plus("incbuffer");
459
plaintext_length = -1;
460
goto decrypt_end;
214
461
}
215
462
216
ret = gpgme_data_read(dh_plain, *new_packet + new_packet_length,
463
ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,
217
464
BUFFER_SIZE);
218
465
/* Print the data, if any */
219
if (ret == 0){
466
if(ret == 0){
467
/* EOF */
220
468
break;
221
469
}
222
470
if(ret < 0){
223
perror("gpgme_data_read");
224
return -1;
225
}
226
new_packet_length += ret;
227
}
228
229
/* FIXME: check characters before printing to screen so to not print
230
terminal control characters */
231
/* if(debug){ */
232
/* fprintf(stderr, "decrypted password is: "); */
233
/* fwrite(*new_packet, 1, new_packet_length, stderr); */
234
/* fprintf(stderr, "\n"); */
235
/* } */
471
perror_plus("gpgme_data_read");
472
plaintext_length = -1;
473
goto decrypt_end;
474
}
475
plaintext_length += ret;
476
}
477
478
if(debug){
479
fprintf_plus(stderr, "Decrypted password is: ");
480
for(ssize_t i = 0; i < plaintext_length; i++){
481
fprintf(stderr, "%02hhX ", (*plaintext)[i]);
482
}
483
fprintf(stderr, "\n");
484
}
485
486
decrypt_end:
487
488
/* Delete the GPGME cryptotext data buffer */
489
gpgme_data_release(dh_crypto);
236
490
237
491
/* Delete the GPGME plaintext data buffer */
238
492
gpgme_data_release(dh_plain);
239
return new_packet_length;
240
}
241
242
static const char * safer_gnutls_strerror (int value) {
243
const char *ret = gnutls_strerror (value);
244
if (ret == NULL)
245
ret = "(unknown)";
246
return ret;
247
}
248
493
return plaintext_length;
494
}
495
496
__attribute__((warn_unused_result, const))
497
static const char *safe_string(const char *str){
498
if(str == NULL)
499
return "(unknown)";
500
return str;
501
}
502
503
__attribute__((warn_unused_result))
504
static const char *safer_gnutls_strerror(int value){
505
const char *ret = gnutls_strerror(value);
506
return safe_string(ret);
507
}
508
509
/* GnuTLS log function callback */
510
__attribute__((nonnull))
249
511
static void debuggnutls(__attribute__((unused)) int level,
250
512
const char* string){
251
fprintf(stderr, "%s", string);
513
fprintf_plus(stderr, "GnuTLS: %s", string);
252
514
}
253
515
254
static int initgnutls(encrypted_session *es){
255
const char *err;
516
__attribute__((nonnull, warn_unused_result))
517
static int init_gnutls_global(const char *pubkeyfilename,
518
const char *seckeyfilename,
519
const char *dhparamsfilename,
520
mandos_context *mc){
256
521
int ret;
522
unsigned int uret;
257
523
258
524
if(debug){
259
fprintf(stderr, "Initializing GnuTLS\n");
525
fprintf_plus(stderr, "Initializing GnuTLS\n");
260
526
}
261
262
if ((ret = gnutls_global_init ())
263
!= GNUTLS_E_SUCCESS) {
264
fprintf (stderr, "global_init: %s\n", safer_gnutls_strerror(ret));
527
528
ret = gnutls_global_init();
529
if(ret != GNUTLS_E_SUCCESS){
530
fprintf_plus(stderr, "GnuTLS global_init: %s\n",
531
safer_gnutls_strerror(ret));
265
532
return -1;
266
533
}
267
268
if (debug){
534
535
if(debug){
536
/* "Use a log level over 10 to enable all debugging options."
537
* - GnuTLS manual
538
*/
269
539
gnutls_global_set_log_level(11);
270
540
gnutls_global_set_log_function(debuggnutls);
271
541
}
272
542
273
/* openpgp credentials */
274
if ((ret = gnutls_certificate_allocate_credentials (&es->cred))
275
!= GNUTLS_E_SUCCESS) {
276
fprintf (stderr, "memory error: %s\n",
277
safer_gnutls_strerror(ret));
543
/* OpenPGP credentials */
544
ret = gnutls_certificate_allocate_credentials(&mc->cred);
545
if(ret != GNUTLS_E_SUCCESS){
546
fprintf_plus(stderr, "GnuTLS memory error: %s\n",
547
safer_gnutls_strerror(ret));
548
gnutls_global_deinit();
278
549
return -1;
279
550
}
280
551
281
552
if(debug){
282
fprintf(stderr, "Attempting to use OpenPGP certificate %s"
283
" and keyfile %s as GnuTLS credentials\n", certfile,
284
certkey);
553
fprintf_plus(stderr, "Attempting to use OpenPGP public key %s and"
554
" secret key %s as GnuTLS credentials\n",
555
pubkeyfilename,
556
seckeyfilename);
285
557
}
286
558
287
559
ret = gnutls_certificate_set_openpgp_key_file
288
(es->cred, certfile, certkey, GNUTLS_OPENPGP_FMT_BASE64);
289
if (ret != GNUTLS_E_SUCCESS) {
290
fprintf
291
(stderr, "Error[%d] while reading the OpenPGP key pair ('%s',"
292
" '%s')\n",
293
ret, certfile, certkey);
294
fprintf(stdout, "The Error is: %s\n",
295
safer_gnutls_strerror(ret));
296
return -1;
297
}
298
299
//GnuTLS server initialization
300
if ((ret = gnutls_dh_params_init (&es->dh_params))
301
!= GNUTLS_E_SUCCESS) {
302
fprintf (stderr, "Error in dh parameter initialization: %s\n",
303
safer_gnutls_strerror(ret));
304
return -1;
305
}
306
307
if ((ret = gnutls_dh_params_generate2 (es->dh_params, DH_BITS))
308
!= GNUTLS_E_SUCCESS) {
309
fprintf (stderr, "Error in prime generation: %s\n",
310
safer_gnutls_strerror(ret));
311
return -1;
312
}
313
314
gnutls_certificate_set_dh_params (es->cred, es->dh_params);
315
316
// GnuTLS session creation
317
if ((ret = gnutls_init (&es->session, GNUTLS_SERVER))
318
!= GNUTLS_E_SUCCESS){
319
fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
320
safer_gnutls_strerror(ret));
321
}
322
323
if ((ret = gnutls_priority_set_direct (es->session, "NORMAL", &err))
324
!= GNUTLS_E_SUCCESS) {
325
fprintf(stderr, "Syntax error at: %s\n", err);
326
fprintf(stderr, "GnuTLS error: %s\n",
327
safer_gnutls_strerror(ret));
328
return -1;
329
}
330
331
if ((ret = gnutls_credentials_set
332
(es->session, GNUTLS_CRD_CERTIFICATE, es->cred))
333
!= GNUTLS_E_SUCCESS) {
334
fprintf(stderr, "Error setting a credentials set: %s\n",
335
safer_gnutls_strerror(ret));
560
(mc->cred, pubkeyfilename, seckeyfilename,
561
GNUTLS_OPENPGP_FMT_BASE64);
562
if(ret != GNUTLS_E_SUCCESS){
563
fprintf_plus(stderr,
564
"Error[%d] while reading the OpenPGP key pair ('%s',"
565
" '%s')\n", ret, pubkeyfilename, seckeyfilename);
566
fprintf_plus(stderr, "The GnuTLS error is: %s\n",
567
safer_gnutls_strerror(ret));
568
goto globalfail;
569
}
570
571
/* GnuTLS server initialization */
572
ret = gnutls_dh_params_init(&mc->dh_params);
573
if(ret != GNUTLS_E_SUCCESS){
574
fprintf_plus(stderr, "Error in GnuTLS DH parameter"
575
" initialization: %s\n",
576
safer_gnutls_strerror(ret));
577
goto globalfail;
578
}
579
/* If a Diffie-Hellman parameters file was given, try to use it */
580
if(dhparamsfilename != NULL){
581
gnutls_datum_t params = { .data = NULL, .size = 0 };
582
do {
583
int dhpfile = open(dhparamsfilename, O_RDONLY);
584
if(dhpfile == -1){
585
perror_plus("open");
586
dhparamsfilename = NULL;
587
break;
588
}
589
size_t params_capacity = 0;
590
while(true){
591
params_capacity = incbuffer((char **)¶ms.data,
592
(size_t)params.size,
593
(size_t)params_capacity);
594
if(params_capacity == 0){
595
perror_plus("incbuffer");
596
free(params.data);
597
params.data = NULL;
598
dhparamsfilename = NULL;
599
break;
600
}
601
ssize_t bytes_read = read(dhpfile,
602
params.data + params.size,
603
BUFFER_SIZE);
604
/* EOF */
605
if(bytes_read == 0){
606
break;
607
}
608
/* check bytes_read for failure */
609
if(bytes_read < 0){
610
perror_plus("read");
611
free(params.data);
612
params.data = NULL;
613
dhparamsfilename = NULL;
614
break;
615
}
616
params.size += (unsigned int)bytes_read;
617
}
618
if(params.data == NULL){
619
dhparamsfilename = NULL;
620
}
621
if(dhparamsfilename == NULL){
622
break;
623
}
624
ret = gnutls_dh_params_import_pkcs3(mc->dh_params, ¶ms,
625
GNUTLS_X509_FMT_PEM);
626
if(ret != GNUTLS_E_SUCCESS){
627
fprintf_plus(stderr, "Failed to parse DH parameters in file"
628
" \"%s\": %s\n", dhparamsfilename,
629
safer_gnutls_strerror(ret));
630
dhparamsfilename = NULL;
631
}
632
} while(false);
633
}
634
if(dhparamsfilename == NULL){
635
if(mc->dh_bits == 0){
636
/* Find out the optimal number of DH bits */
637
/* Try to read the private key file */
638
gnutls_datum_t buffer = { .data = NULL, .size = 0 };
639
do {
640
int secfile = open(seckeyfilename, O_RDONLY);
641
if(secfile == -1){
642
perror_plus("open");
643
break;
644
}
645
size_t buffer_capacity = 0;
646
while(true){
647
buffer_capacity = incbuffer((char **)&buffer.data,
648
(size_t)buffer.size,
649
(size_t)buffer_capacity);
650
if(buffer_capacity == 0){
651
perror_plus("incbuffer");
652
free(buffer.data);
653
buffer.data = NULL;
654
break;
655
}
656
ssize_t bytes_read = read(secfile,
657
buffer.data + buffer.size,
658
BUFFER_SIZE);
659
/* EOF */
660
if(bytes_read == 0){
661
break;
662
}
663
/* check bytes_read for failure */
664
if(bytes_read < 0){
665
perror_plus("read");
666
free(buffer.data);
667
buffer.data = NULL;
668
break;
669
}
670
buffer.size += (unsigned int)bytes_read;
671
}
672
close(secfile);
673
} while(false);
674
/* If successful, use buffer to parse private key */
675
gnutls_sec_param_t sec_param = GNUTLS_SEC_PARAM_ULTRA;
676
if(buffer.data != NULL){
677
{
678
gnutls_openpgp_privkey_t privkey = NULL;
679
ret = gnutls_openpgp_privkey_init(&privkey);
680
if(ret != GNUTLS_E_SUCCESS){
681
fprintf_plus(stderr, "Error initializing OpenPGP key"
682
" structure: %s",
683
safer_gnutls_strerror(ret));
684
free(buffer.data);
685
buffer.data = NULL;
686
} else {
687
ret = gnutls_openpgp_privkey_import
688
(privkey, &buffer, GNUTLS_OPENPGP_FMT_BASE64, "", 0);
689
if(ret != GNUTLS_E_SUCCESS){
690
fprintf_plus(stderr, "Error importing OpenPGP key : %s",
691
safer_gnutls_strerror(ret));
692
privkey = NULL;
693
}
694
free(buffer.data);
695
buffer.data = NULL;
696
if(privkey != NULL){
697
/* Use private key to suggest an appropriate
698
sec_param */
699
sec_param = gnutls_openpgp_privkey_sec_param(privkey);
700
gnutls_openpgp_privkey_deinit(privkey);
701
if(debug){
702
fprintf_plus(stderr, "This OpenPGP key implies using"
703
" a GnuTLS security parameter \"%s\".\n",
704
safe_string(gnutls_sec_param_get_name
705
(sec_param)));
706
}
707
}
708
}
709
}
710
if(sec_param == GNUTLS_SEC_PARAM_UNKNOWN){
711
/* Err on the side of caution */
712
sec_param = GNUTLS_SEC_PARAM_ULTRA;
713
if(debug){
714
fprintf_plus(stderr, "Falling back to security parameter"
715
" \"%s\"\n",
716
safe_string(gnutls_sec_param_get_name
717
(sec_param)));
718
}
719
}
720
}
721
uret = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, sec_param);
722
if(uret != 0){
723
mc->dh_bits = uret;
724
if(debug){
725
fprintf_plus(stderr, "A \"%s\" GnuTLS security parameter"
726
" implies %u DH bits; using that.\n",
727
safe_string(gnutls_sec_param_get_name
728
(sec_param)),
729
mc->dh_bits);
730
}
731
} else {
732
fprintf_plus(stderr, "Failed to get implied number of DH"
733
" bits for security parameter \"%s\"): %s\n",
734
safe_string(gnutls_sec_param_get_name
735
(sec_param)),
736
safer_gnutls_strerror(ret));
737
goto globalfail;
738
}
739
} else if(debug){
740
fprintf_plus(stderr, "DH bits explicitly set to %u\n",
741
mc->dh_bits);
742
}
743
ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
744
if(ret != GNUTLS_E_SUCCESS){
745
fprintf_plus(stderr, "Error in GnuTLS prime generation (%u"
746
" bits): %s\n", mc->dh_bits,
747
safer_gnutls_strerror(ret));
748
goto globalfail;
749
}
750
}
751
gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
752
753
return 0;
754
755
globalfail:
756
757
gnutls_certificate_free_credentials(mc->cred);
758
gnutls_global_deinit();
759
gnutls_dh_params_deinit(mc->dh_params);
760
return -1;
761
}
762
763
__attribute__((nonnull, warn_unused_result))
764
static int init_gnutls_session(gnutls_session_t *session,
765
mandos_context *mc){
766
int ret;
767
/* GnuTLS session creation */
768
do {
769
ret = gnutls_init(session, GNUTLS_SERVER);
770
if(quit_now){
771
return -1;
772
}
773
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
774
if(ret != GNUTLS_E_SUCCESS){
775
fprintf_plus(stderr,
776
"Error in GnuTLS session initialization: %s\n",
777
safer_gnutls_strerror(ret));
778
}
779
780
{
781
const char *err;
782
do {
783
ret = gnutls_priority_set_direct(*session, mc->priority, &err);
784
if(quit_now){
785
gnutls_deinit(*session);
786
return -1;
787
}
788
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
789
if(ret != GNUTLS_E_SUCCESS){
790
fprintf_plus(stderr, "Syntax error at: %s\n", err);
791
fprintf_plus(stderr, "GnuTLS error: %s\n",
792
safer_gnutls_strerror(ret));
793
gnutls_deinit(*session);
794
return -1;
795
}
796
}
797
798
do {
799
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
800
mc->cred);
801
if(quit_now){
802
gnutls_deinit(*session);
803
return -1;
804
}
805
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
806
if(ret != GNUTLS_E_SUCCESS){
807
fprintf_plus(stderr, "Error setting GnuTLS credentials: %s\n",
808
safer_gnutls_strerror(ret));
809
gnutls_deinit(*session);
336
810
return -1;
337
811
}
338
812
339
813
/* ignore client certificate if any. */
340
gnutls_certificate_server_set_request (es->session,
341
GNUTLS_CERT_IGNORE);
342
343
gnutls_dh_set_prime_bits (es->session, DH_BITS);
814
gnutls_certificate_server_set_request(*session, GNUTLS_CERT_IGNORE);
344
815
345
816
return 0;
346
817
}
347
818
819
/* Avahi log function callback */
348
820
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
349
821
__attribute__((unused)) const char *txt){}
350
822
351
static int start_mandos_communication(const char *ip, uint16_t port,
352
AvahiIfIndex if_index){
353
int ret, tcp_sd;
354
struct sockaddr_in6 to;
355
encrypted_session es;
823
/* Set effective uid to 0, return errno */
824
__attribute__((warn_unused_result))
825
error_t raise_privileges(void){
826
error_t old_errno = errno;
827
error_t ret_errno = 0;
828
if(seteuid(0) == -1){
829
ret_errno = errno;
830
}
831
errno = old_errno;
832
return ret_errno;
833
}
834
835
/* Set effective and real user ID to 0. Return errno. */
836
__attribute__((warn_unused_result))
837
error_t raise_privileges_permanently(void){
838
error_t old_errno = errno;
839
error_t ret_errno = raise_privileges();
840
if(ret_errno != 0){
841
errno = old_errno;
842
return ret_errno;
843
}
844
if(setuid(0) == -1){
845
ret_errno = errno;
846
}
847
errno = old_errno;
848
return ret_errno;
849
}
850
851
/* Set effective user ID to unprivileged saved user ID */
852
__attribute__((warn_unused_result))
853
error_t lower_privileges(void){
854
error_t old_errno = errno;
855
error_t ret_errno = 0;
856
if(seteuid(uid) == -1){
857
ret_errno = errno;
858
}
859
errno = old_errno;
860
return ret_errno;
861
}
862
863
/* Lower privileges permanently */
864
__attribute__((warn_unused_result))
865
error_t lower_privileges_permanently(void){
866
error_t old_errno = errno;
867
error_t ret_errno = 0;
868
if(setuid(uid) == -1){
869
ret_errno = errno;
870
}
871
errno = old_errno;
872
return ret_errno;
873
}
874
875
/* Helper function to add_local_route() and delete_local_route() */
876
__attribute__((nonnull, warn_unused_result))
877
static bool add_delete_local_route(const bool add,
878
const char *address,
879
AvahiIfIndex if_index){
880
int ret;
881
char helper[] = "mandos-client-iprouteadddel";
882
char add_arg[] = "add";
883
char delete_arg[] = "delete";
884
char debug_flag[] = "--debug";
885
char *pluginhelperdir = getenv("MANDOSPLUGINHELPERDIR");
886
if(pluginhelperdir == NULL){
887
if(debug){
888
fprintf_plus(stderr, "MANDOSPLUGINHELPERDIR environment"
889
" variable not set; cannot run helper\n");
890
}
891
return false;
892
}
893
894
char interface[IF_NAMESIZE];
895
if(if_indextoname((unsigned int)if_index, interface) == NULL){
896
perror_plus("if_indextoname");
897
return false;
898
}
899
900
int devnull = (int)TEMP_FAILURE_RETRY(open("/dev/null", O_RDONLY));
901
if(devnull == -1){
902
perror_plus("open(\"/dev/null\", O_RDONLY)");
903
return false;
904
}
905
pid_t pid = fork();
906
if(pid == 0){
907
/* Child */
908
/* Raise privileges */
909
errno = raise_privileges_permanently();
910
if(errno != 0){
911
perror_plus("Failed to raise privileges");
912
/* _exit(EX_NOPERM); */
913
} else {
914
/* Set group */
915
errno = 0;
916
ret = setgid(0);
917
if(ret == -1){
918
perror_plus("setgid");
919
_exit(EX_NOPERM);
920
}
921
/* Reset supplementary groups */
922
errno = 0;
923
ret = setgroups(0, NULL);
924
if(ret == -1){
925
perror_plus("setgroups");
926
_exit(EX_NOPERM);
927
}
928
}
929
ret = dup2(devnull, STDIN_FILENO);
930
if(ret == -1){
931
perror_plus("dup2(devnull, STDIN_FILENO)");
932
_exit(EX_OSERR);
933
}
934
ret = close(devnull);
935
if(ret == -1){
936
perror_plus("close");
937
_exit(EX_OSERR);
938
}
939
ret = dup2(STDERR_FILENO, STDOUT_FILENO);
940
if(ret == -1){
941
perror_plus("dup2(STDERR_FILENO, STDOUT_FILENO)");
942
_exit(EX_OSERR);
943
}
944
int helperdir_fd = (int)TEMP_FAILURE_RETRY(open(pluginhelperdir,
945
O_RDONLY
946
| O_DIRECTORY
947
| O_PATH
948
| O_CLOEXEC));
949
if(helperdir_fd == -1){
950
perror_plus("open");
951
_exit(EX_UNAVAILABLE);
952
}
953
int helper_fd = (int)TEMP_FAILURE_RETRY(openat(helperdir_fd,
954
helper, O_RDONLY));
955
if(helper_fd == -1){
956
perror_plus("openat");
957
close(helperdir_fd);
958
_exit(EX_UNAVAILABLE);
959
}
960
close(helperdir_fd);
961
#ifdef __GNUC__
962
#pragma GCC diagnostic push
963
#pragma GCC diagnostic ignored "-Wcast-qual"
964
#endif
965
if(fexecve(helper_fd, (char *const [])
966
{ helper, add ? add_arg : delete_arg, (char *)address,
967
interface, debug ? debug_flag : NULL, NULL },
968
environ) == -1){
969
#ifdef __GNUC__
970
#pragma GCC diagnostic pop
971
#endif
972
perror_plus("fexecve");
973
_exit(EXIT_FAILURE);
974
}
975
}
976
if(pid == -1){
977
perror_plus("fork");
978
return false;
979
}
980
int status;
981
pid_t pret = -1;
982
errno = 0;
983
do {
984
pret = waitpid(pid, &status, 0);
985
if(pret == -1 and errno == EINTR and quit_now){
986
int errno_raising = 0;
987
if((errno = raise_privileges()) != 0){
988
errno_raising = errno;
989
perror_plus("Failed to raise privileges in order to"
990
" kill helper program");
991
}
992
if(kill(pid, SIGTERM) == -1){
993
perror_plus("kill");
994
}
995
if((errno_raising == 0) and (errno = lower_privileges()) != 0){
996
perror_plus("Failed to lower privileges after killing"
997
" helper program");
998
}
999
return false;
1000
}
1001
} while(pret == -1 and errno == EINTR);
1002
if(pret == -1){
1003
perror_plus("waitpid");
1004
return false;
1005
}
1006
if(WIFEXITED(status)){
1007
if(WEXITSTATUS(status) != 0){
1008
fprintf_plus(stderr, "Error: iprouteadddel exited"
1009
" with status %d\n", WEXITSTATUS(status));
1010
return false;
1011
}
1012
return true;
1013
}
1014
if(WIFSIGNALED(status)){
1015
fprintf_plus(stderr, "Error: iprouteadddel died by"
1016
" signal %d\n", WTERMSIG(status));
1017
return false;
1018
}
1019
fprintf_plus(stderr, "Error: iprouteadddel crashed\n");
1020
return false;
1021
}
1022
1023
__attribute__((nonnull, warn_unused_result))
1024
static bool add_local_route(const char *address,
1025
AvahiIfIndex if_index){
1026
if(debug){
1027
fprintf_plus(stderr, "Adding route to %s\n", address);
1028
}
1029
return add_delete_local_route(true, address, if_index);
1030
}
1031
1032
__attribute__((nonnull, warn_unused_result))
1033
static bool delete_local_route(const char *address,
1034
AvahiIfIndex if_index){
1035
if(debug){
1036
fprintf_plus(stderr, "Removing route to %s\n", address);
1037
}
1038
return add_delete_local_route(false, address, if_index);
1039
}
1040
1041
/* Called when a Mandos server is found */
1042
__attribute__((nonnull, warn_unused_result))
1043
static int start_mandos_communication(const char *ip, in_port_t port,
1044
AvahiIfIndex if_index,
1045
int af, mandos_context *mc){
1046
int ret, tcp_sd = -1;
1047
ssize_t sret;
1048
struct sockaddr_storage to;
356
1049
char *buffer = NULL;
357
char *decrypted_buffer;
1050
char *decrypted_buffer = NULL;
358
1051
size_t buffer_length = 0;
359
1052
size_t buffer_capacity = 0;
360
ssize_t decrypted_buffer_size;
361
size_t written = 0;
362
int retval = 0;
363
char interface[IF_NAMESIZE];
364
365
if(debug){
366
fprintf(stderr, "Setting up a tcp connection to %s, port %d\n",
367
ip, port);
368
}
369
370
tcp_sd = socket(PF_INET6, SOCK_STREAM, 0);
371
if(tcp_sd < 0) {
372
perror("socket");
373
return -1;
374
}
375
376
if(if_indextoname((unsigned int)if_index, interface) == NULL){
377
if(debug){
378
perror("if_indextoname");
379
}
380
return -1;
381
}
382
383
if(debug){
384
fprintf(stderr, "Binding to interface %s\n", interface);
385
}
386
387
memset(&to,0,sizeof(to)); /* Spurious warning */
388
to.sin6_family = AF_INET6;
389
ret = inet_pton(AF_INET6, ip, &to.sin6_addr);
390
if (ret < 0 ){
391
perror("inet_pton");
392
return -1;
393
}
1053
size_t written;
1054
int retval = -1;
1055
gnutls_session_t session;
1056
int pf; /* Protocol family */
1057
bool route_added = false;
1058
1059
errno = 0;
1060
1061
if(quit_now){
1062
errno = EINTR;
1063
return -1;
1064
}
1065
1066
switch(af){
1067
case AF_INET6:
1068
pf = PF_INET6;
1069
break;
1070
case AF_INET:
1071
pf = PF_INET;
1072
break;
1073
default:
1074
fprintf_plus(stderr, "Bad address family: %d\n", af);
1075
errno = EINVAL;
1076
return -1;
1077
}
1078
1079
/* If the interface is specified and we have a list of interfaces */
1080
if(if_index != AVAHI_IF_UNSPEC and mc->interfaces != NULL){
1081
/* Check if the interface is one of the interfaces we are using */
1082
bool match = false;
1083
{
1084
char *interface = NULL;
1085
while((interface=argz_next(mc->interfaces, mc->interfaces_size,
1086
interface))){
1087
if(if_nametoindex(interface) == (unsigned int)if_index){
1088
match = true;
1089
break;
1090
}
1091
}
1092
}
1093
if(not match){
1094
/* This interface does not match any in the list, so we don't
1095
connect to the server */
1096
if(debug){
1097
char interface[IF_NAMESIZE];
1098
if(if_indextoname((unsigned int)if_index, interface) == NULL){
1099
perror_plus("if_indextoname");
1100
} else {
1101
fprintf_plus(stderr, "Skipping server on non-used interface"
1102
" \"%s\"\n",
1103
if_indextoname((unsigned int)if_index,
1104
interface));
1105
}
1106
}
1107
return -1;
1108
}
1109
}
1110
1111
ret = init_gnutls_session(&session, mc);
1112
if(ret != 0){
1113
return -1;
1114
}
1115
1116
if(debug){
1117
fprintf_plus(stderr, "Setting up a TCP connection to %s, port %"
1118
PRIuMAX "\n", ip, (uintmax_t)port);
1119
}
1120
1121
tcp_sd = socket(pf, SOCK_STREAM | SOCK_CLOEXEC, 0);
1122
if(tcp_sd < 0){
1123
int e = errno;
1124
perror_plus("socket");
1125
errno = e;
1126
goto mandos_end;
1127
}
1128
1129
if(quit_now){
1130
errno = EINTR;
1131
goto mandos_end;
1132
}
1133
1134
if(af == AF_INET6){
1135
struct sockaddr_in6 *to6 = (struct sockaddr_in6 *)&to;
1136
*to6 = (struct sockaddr_in6){ .sin6_family = (sa_family_t)af };
1137
ret = inet_pton(af, ip, &to6->sin6_addr);
1138
} else { /* IPv4 */
1139
struct sockaddr_in *to4 = (struct sockaddr_in *)&to;
1140
*to4 = (struct sockaddr_in){ .sin_family = (sa_family_t)af };
1141
ret = inet_pton(af, ip, &to4->sin_addr);
1142
}
1143
if(ret < 0 ){
1144
int e = errno;
1145
perror_plus("inet_pton");
1146
errno = e;
1147
goto mandos_end;
1148
}
394
1149
if(ret == 0){
395
fprintf(stderr, "Bad address: %s\n", ip);
396
return -1;
397
}
398
to.sin6_port = htons(port); /* Spurious warning */
399
400
to.sin6_scope_id = (uint32_t)if_index;
401
402
if(debug){
403
fprintf(stderr, "Connection to: %s, port %d\n", ip, port);
404
/* char addrstr[INET6_ADDRSTRLEN]; */
405
/* if(inet_ntop(to.sin6_family, &(to.sin6_addr), addrstr, */
406
/* sizeof(addrstr)) == NULL){ */
407
/* perror("inet_ntop"); */
408
/* } else { */
409
/* fprintf(stderr, "Really connecting to: %s, port %d\n", */
410
/* addrstr, ntohs(to.sin6_port)); */
411
/* } */
412
}
413
414
ret = connect(tcp_sd, (struct sockaddr *) &to, sizeof(to));
415
if (ret < 0){
416
perror("connect");
417
return -1;
418
}
419
420
ret = initgnutls (&es);
421
if (ret != 0){
422
retval = -1;
423
return -1;
424
}
425
426
gnutls_transport_set_ptr (es.session,
427
(gnutls_transport_ptr_t) tcp_sd);
428
429
if(debug){
430
fprintf(stderr, "Establishing TLS session with %s\n", ip);
431
}
432
433
ret = gnutls_handshake (es.session);
434
435
if (ret != GNUTLS_E_SUCCESS){
1150
int e = errno;
1151
fprintf_plus(stderr, "Bad address: %s\n", ip);
1152
errno = e;
1153
goto mandos_end;
1154
}
1155
if(af == AF_INET6){
1156
((struct sockaddr_in6 *)&to)->sin6_port = htons(port);
1157
if(IN6_IS_ADDR_LINKLOCAL
1158
(&((struct sockaddr_in6 *)&to)->sin6_addr)){
1159
if(if_index == AVAHI_IF_UNSPEC){
1160
fprintf_plus(stderr, "An IPv6 link-local address is"
1161
" incomplete without a network interface\n");
1162
errno = EINVAL;
1163
goto mandos_end;
1164
}
1165
/* Set the network interface number as scope */
1166
((struct sockaddr_in6 *)&to)->sin6_scope_id = (uint32_t)if_index;
1167
}
1168
} else {
1169
((struct sockaddr_in *)&to)->sin_port = htons(port);
1170
}
1171
1172
if(quit_now){
1173
errno = EINTR;
1174
goto mandos_end;
1175
}
1176
1177
if(debug){
1178
if(af == AF_INET6 and if_index != AVAHI_IF_UNSPEC){
1179
char interface[IF_NAMESIZE];
1180
if(if_indextoname((unsigned int)if_index, interface) == NULL){
1181
perror_plus("if_indextoname");
1182
} else {
1183
fprintf_plus(stderr, "Connection to: %s%%%s, port %" PRIuMAX
1184
"\n", ip, interface, (uintmax_t)port);
1185
}
1186
} else {
1187
fprintf_plus(stderr, "Connection to: %s, port %" PRIuMAX "\n",
1188
ip, (uintmax_t)port);
1189
}
1190
char addrstr[(INET_ADDRSTRLEN > INET6_ADDRSTRLEN) ?
1191
INET_ADDRSTRLEN : INET6_ADDRSTRLEN] = "";
1192
if(af == AF_INET6){
1193
ret = getnameinfo((struct sockaddr *)&to,
1194
sizeof(struct sockaddr_in6),
1195
addrstr, sizeof(addrstr), NULL, 0,
1196
NI_NUMERICHOST);
1197
} else {
1198
ret = getnameinfo((struct sockaddr *)&to,
1199
sizeof(struct sockaddr_in),
1200
addrstr, sizeof(addrstr), NULL, 0,
1201
NI_NUMERICHOST);
1202
}
1203
if(ret == EAI_SYSTEM){
1204
perror_plus("getnameinfo");
1205
} else if(ret != 0) {
1206
fprintf_plus(stderr, "getnameinfo: %s", gai_strerror(ret));
1207
} else if(strcmp(addrstr, ip) != 0){
1208
fprintf_plus(stderr, "Canonical address form: %s\n", addrstr);
1209
}
1210
}
1211
1212
if(quit_now){
1213
errno = EINTR;
1214
goto mandos_end;
1215
}
1216
1217
while(true){
1218
if(af == AF_INET6){
1219
ret = connect(tcp_sd, (struct sockaddr *)&to,
1220
sizeof(struct sockaddr_in6));
1221
} else {
1222
ret = connect(tcp_sd, (struct sockaddr *)&to, /* IPv4 */
1223
sizeof(struct sockaddr_in));
1224
}
1225
if(ret < 0){
1226
if(((errno == ENETUNREACH) or (errno == EHOSTUNREACH))
1227
and if_index != AVAHI_IF_UNSPEC
1228
and connect_to == NULL
1229
and not route_added and
1230
((af == AF_INET6 and not
1231
IN6_IS_ADDR_LINKLOCAL(&(((struct sockaddr_in6 *)
1232
&to)->sin6_addr)))
1233
or (af == AF_INET and
1234
/* Not a a IPv4LL address */
1235
(ntohl(((struct sockaddr_in *)&to)->sin_addr.s_addr)
1236
& 0xFFFF0000L) != 0xA9FE0000L))){
1237
/* Work around Avahi bug - Avahi does not announce link-local
1238
addresses if it has a global address, so local hosts with
1239
*only* a link-local address (e.g. Mandos clients) cannot
1240
connect to a Mandos server announced by Avahi on a server
1241
host with a global address. Work around this by retrying
1242
with an explicit route added with the server's address.
1243
1244
Avahi bug reference:
1245
http://lists.freedesktop.org/archives/avahi/2010-February/001833.html
1246
https://bugs.debian.org/587961
1247
*/
1248
if(debug){
1249
fprintf_plus(stderr, "Mandos server unreachable, trying"
1250
" direct route\n");
1251
}
1252
int e = errno;
1253
route_added = add_local_route(ip, if_index);
1254
if(route_added){
1255
continue;
1256
}
1257
errno = e;
1258
}
1259
if(errno != ECONNREFUSED or debug){
1260
int e = errno;
1261
perror_plus("connect");
1262
errno = e;
1263
}
1264
goto mandos_end;
1265
}
1266
1267
if(quit_now){
1268
errno = EINTR;
1269
goto mandos_end;
1270
}
1271
break;
1272
}
1273
1274
const char *out = mandos_protocol_version;
1275
written = 0;
1276
while(true){
1277
size_t out_size = strlen(out);
1278
ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written,
1279
out_size - written));
1280
if(ret == -1){
1281
int e = errno;
1282
perror_plus("write");
1283
errno = e;
1284
goto mandos_end;
1285
}
1286
written += (size_t)ret;
1287
if(written < out_size){
1288
continue;
1289
} else {
1290
if(out == mandos_protocol_version){
1291
written = 0;
1292
out = "\r\n";
1293
} else {
1294
break;
1295
}
1296
}
1297
1298
if(quit_now){
1299
errno = EINTR;
1300
goto mandos_end;
1301
}
1302
}
1303
1304
if(debug){
1305
fprintf_plus(stderr, "Establishing TLS session with %s\n", ip);
1306
}
1307
1308
if(quit_now){
1309
errno = EINTR;
1310
goto mandos_end;
1311
}
1312
1313
/* This casting via intptr_t is to eliminate warning about casting
1314
an int to a pointer type. This is exactly how the GnuTLS Guile
1315
function "set-session-transport-fd!" does it. */
1316
gnutls_transport_set_ptr(session,
1317
(gnutls_transport_ptr_t)(intptr_t)tcp_sd);
1318
1319
if(quit_now){
1320
errno = EINTR;
1321
goto mandos_end;
1322
}
1323
1324
do {
1325
ret = gnutls_handshake(session);
1326
if(quit_now){
1327
errno = EINTR;
1328
goto mandos_end;
1329
}
1330
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
1331
1332
if(ret != GNUTLS_E_SUCCESS){
436
1333
if(debug){
437
fprintf(stderr, "\n*** Handshake failed ***\n");
438
gnutls_perror (ret);
1334
fprintf_plus(stderr, "*** GnuTLS Handshake failed ***\n");
1335
gnutls_perror(ret);
439
1336
}
440
retval = -1;
441
goto exit;
1337
errno = EPROTO;
1338
goto mandos_end;
442
1339
}
443
1340
444
//Retrieve OpenPGP packet that contains the wanted password
1341
/* Read OpenPGP packet that contains the wanted password */
445
1342
446
1343
if(debug){
447
fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
448
ip);
1344
fprintf_plus(stderr, "Retrieving OpenPGP encrypted password from"
1345
" %s\n", ip);
449
1346
}
450
1347
451
1348
while(true){
452
if (buffer_length + BUFFER_SIZE > buffer_capacity){
453
buffer = realloc(buffer, buffer_capacity + BUFFER_SIZE);
454
if (buffer == NULL){
455
perror("realloc");
456
goto exit;
457
}
458
buffer_capacity += BUFFER_SIZE;
459
}
460
461
ret = gnutls_record_recv
462
(es.session, buffer+buffer_length, BUFFER_SIZE);
463
if (ret == 0){
1349
1350
if(quit_now){
1351
errno = EINTR;
1352
goto mandos_end;
1353
}
1354
1355
buffer_capacity = incbuffer(&buffer, buffer_length,
1356
buffer_capacity);
1357
if(buffer_capacity == 0){
1358
int e = errno;
1359
perror_plus("incbuffer");
1360
errno = e;
1361
goto mandos_end;
1362
}
1363
1364
if(quit_now){
1365
errno = EINTR;
1366
goto mandos_end;
1367
}
1368
1369
sret = gnutls_record_recv(session, buffer+buffer_length,
1370
BUFFER_SIZE);
1371
if(sret == 0){
464
1372
break;
465
1373
}
466
if (ret < 0){
467
switch(ret){
1374
if(sret < 0){
1375
switch(sret){
468
1376
case GNUTLS_E_INTERRUPTED:
469
1377
case GNUTLS_E_AGAIN:
470
1378
break;
471
1379
case GNUTLS_E_REHANDSHAKE:
472
ret = gnutls_handshake (es.session);
473
if (ret < 0){
474
fprintf(stderr, "\n*** Handshake failed ***\n");
475
gnutls_perror (ret);
476
retval = -1;
477
goto exit;
1380
do {
1381
ret = gnutls_handshake(session);
1382
1383
if(quit_now){
1384
errno = EINTR;
1385
goto mandos_end;
1386
}
1387
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
1388
if(ret < 0){
1389
fprintf_plus(stderr, "*** GnuTLS Re-handshake failed "
1390
"***\n");
1391
gnutls_perror(ret);
1392
errno = EPROTO;
1393
goto mandos_end;
478
1394
}
479
1395
break;
480
1396
default:
481
fprintf(stderr, "Unknown error while reading data from"
482
" encrypted session with mandos server\n");
483
retval = -1;
484
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
485
goto exit;
1397
fprintf_plus(stderr, "Unknown error while reading data from"
1398
" encrypted session with Mandos server\n");
1399
gnutls_bye(session, GNUTLS_SHUT_RDWR);
1400
errno = EIO;
1401
goto mandos_end;
486
1402
}
487
1403
} else {
488
buffer_length += (size_t) ret;
489
}
490
}
491
492
if (buffer_length > 0){
493
decrypted_buffer_size = pgp_packet_decrypt(buffer,
494
buffer_length,
495
&decrypted_buffer,
496
certdir);
497
if (decrypted_buffer_size >= 0){
1404
buffer_length += (size_t) sret;
1405
}
1406
}
1407
1408
if(debug){
1409
fprintf_plus(stderr, "Closing TLS session\n");
1410
}
1411
1412
if(quit_now){
1413
errno = EINTR;
1414
goto mandos_end;
1415
}
1416
1417
do {
1418
ret = gnutls_bye(session, GNUTLS_SHUT_RDWR);
1419
if(quit_now){
1420
errno = EINTR;
1421
goto mandos_end;
1422
}
1423
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
1424
1425
if(buffer_length > 0){
1426
ssize_t decrypted_buffer_size;
1427
decrypted_buffer_size = pgp_packet_decrypt(buffer, buffer_length,
1428
&decrypted_buffer, mc);
1429
if(decrypted_buffer_size >= 0){
1430
1431
written = 0;
498
1432
while(written < (size_t) decrypted_buffer_size){
499
ret = (int)fwrite (decrypted_buffer + written, 1,
500
(size_t)decrypted_buffer_size - written,
501
stdout);
1433
if(quit_now){
1434
errno = EINTR;
1435
goto mandos_end;
1436
}
1437
1438
ret = (int)fwrite(decrypted_buffer + written, 1,
1439
(size_t)decrypted_buffer_size - written,
1440
stdout);
502
1441
if(ret == 0 and ferror(stdout)){
1442
int e = errno;
503
1443
if(debug){
504
fprintf(stderr, "Error writing encrypted data: %s\n",
505
strerror(errno));
1444
fprintf_plus(stderr, "Error writing encrypted data: %s\n",
1445
strerror(errno));
506
1446
}
507
retval = -1;
508
break;
1447
errno = e;
1448
goto mandos_end;
509
1449
}
510
1450
written += (size_t)ret;
511
1451
}
512
free(decrypted_buffer);
513
} else {
1452
retval = 0;
1453
}
1454
}
1455
1456
/* Shutdown procedure */
1457
1458
mandos_end:
1459
{
1460
if(route_added){
1461
if(not delete_local_route(ip, if_index)){
1462
fprintf_plus(stderr, "Failed to delete local route to %s on"
1463
" interface %d", ip, if_index);
1464
}
1465
}
1466
int e = errno;
1467
free(decrypted_buffer);
1468
free(buffer);
1469
if(tcp_sd >= 0){
1470
ret = close(tcp_sd);
1471
}
1472
if(ret == -1){
1473
if(e == 0){
1474
e = errno;
1475
}
1476
perror_plus("close");
1477
}
1478
gnutls_deinit(session);
1479
errno = e;
1480
if(quit_now){
1481
errno = EINTR;
514
1482
retval = -1;
515
1483
}
516
1484
}
517
518
//shutdown procedure
519
520
if(debug){
521
fprintf(stderr, "Closing TLS session\n");
522
}
523
524
free(buffer);
525
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
526
exit:
527
close(tcp_sd);
528
gnutls_deinit (es.session);
529
gnutls_certificate_free_credentials (es.cred);
530
gnutls_global_deinit ();
531
1485
return retval;
532
1486
}
533
1487
534
static AvahiSimplePoll *simple_poll = NULL;
535
static AvahiServer *server = NULL;
536
537
static void resolve_callback(
538
AvahiSServiceResolver *r,
539
AvahiIfIndex interface,
540
AVAHI_GCC_UNUSED AvahiProtocol protocol,
541
AvahiResolverEvent event,
542
const char *name,
543
const char *type,
544
const char *domain,
545
const char *host_name,
546
const AvahiAddress *address,
547
uint16_t port,
548
AVAHI_GCC_UNUSED AvahiStringList *txt,
549
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
550
AVAHI_GCC_UNUSED void* userdata) {
551
552
assert(r); /* Spurious warning */
1488
__attribute__((nonnull))
1489
static void resolve_callback(AvahiSServiceResolver *r,
1490
AvahiIfIndex interface,
1491
AvahiProtocol proto,
1492
AvahiResolverEvent event,
1493
const char *name,
1494
const char *type,
1495
const char *domain,
1496
const char *host_name,
1497
const AvahiAddress *address,
1498
uint16_t port,
1499
AVAHI_GCC_UNUSED AvahiStringList *txt,
1500
AVAHI_GCC_UNUSED AvahiLookupResultFlags
1501
flags,
1502
void *mc){
1503
if(r == NULL){
1504
return;
1505
}
553
1506
554
1507
/* Called whenever a service has been resolved successfully or
555
1508
timed out */
556
1509
557
switch (event) {
1510
if(quit_now){
1511
avahi_s_service_resolver_free(r);
1512
return;
1513
}
1514
1515
switch(event){
558
1516
default:
559
1517
case AVAHI_RESOLVER_FAILURE:
560
fprintf(stderr, "(Resolver) Failed to resolve service '%s' of"
561
" type '%s' in domain '%s': %s\n", name, type, domain,
562
avahi_strerror(avahi_server_errno(server)));
1518
fprintf_plus(stderr, "(Avahi Resolver) Failed to resolve service "
1519
"'%s' of type '%s' in domain '%s': %s\n", name, type,
1520
domain,
1521
avahi_strerror(avahi_server_errno
1522
(((mandos_context*)mc)->server)));
563
1523
break;
564
1524
565
1525
case AVAHI_RESOLVER_FOUND:
567
1527
char ip[AVAHI_ADDRESS_STR_MAX];
568
1528
avahi_address_snprint(ip, sizeof(ip), address);
569
1529
if(debug){
570
fprintf(stderr, "Mandos server \"%s\" found on %s (%s) on"
571
" port %d\n", name, host_name, ip, port);
1530
fprintf_plus(stderr, "Mandos server \"%s\" found on %s (%s, %"
1531
PRIdMAX ") on port %" PRIu16 "\n", name,
1532
host_name, ip, (intmax_t)interface, port);
572
1533
}
573
int ret = start_mandos_communication(ip, port, interface);
574
if (ret == 0){
575
exit(EXIT_SUCCESS);
1534
int ret = start_mandos_communication(ip, (in_port_t)port,
1535
interface,
1536
avahi_proto_to_af(proto),
1537
mc);
1538
if(ret == 0){
1539
avahi_simple_poll_quit(simple_poll);
1540
} else {
1541
if(not add_server(ip, (in_port_t)port, interface,
1542
avahi_proto_to_af(proto),
1543
&((mandos_context*)mc)->current_server)){
1544
fprintf_plus(stderr, "Failed to add server \"%s\" to server"
1545
" list\n", name);
1546
}
576
1547
}
577
1548
}
578
1549
}
579
1550
avahi_s_service_resolver_free(r);
580
1551
}
581
1552
582
static void browse_callback(
583
AvahiSServiceBrowser *b,
584
AvahiIfIndex interface,
585
AvahiProtocol protocol,
586
AvahiBrowserEvent event,
587
const char *name,
588
const char *type,
589
const char *domain,
590
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
591
void* userdata) {
592
593
AvahiServer *s = userdata;
594
assert(b); /* Spurious warning */
595
596
/* Called whenever a new services becomes available on the LAN or
597
is removed from the LAN */
598
599
switch (event) {
1553
static void browse_callback(AvahiSServiceBrowser *b,
1554
AvahiIfIndex interface,
1555
AvahiProtocol protocol,
1556
AvahiBrowserEvent event,
1557
const char *name,
1558
const char *type,
1559
const char *domain,
1560
AVAHI_GCC_UNUSED AvahiLookupResultFlags
1561
flags,
1562
void *mc){
1563
if(b == NULL){
1564
return;
1565
}
1566
1567
/* Called whenever a new services becomes available on the LAN or
1568
is removed from the LAN */
1569
1570
if(quit_now){
1571
return;
1572
}
1573
1574
switch(event){
1575
default:
1576
case AVAHI_BROWSER_FAILURE:
1577
1578
fprintf_plus(stderr, "(Avahi browser) %s\n",
1579
avahi_strerror(avahi_server_errno
1580
(((mandos_context*)mc)->server)));
1581
avahi_simple_poll_quit(simple_poll);
1582
return;
1583
1584
case AVAHI_BROWSER_NEW:
1585
/* We ignore the returned Avahi resolver object. In the callback
1586
function we free it. If the Avahi server is terminated before
1587
the callback function is called the Avahi server will free the
1588
resolver for us. */
1589
1590
if(avahi_s_service_resolver_new(((mandos_context*)mc)->server,
1591
interface, protocol, name, type,
1592
domain, protocol, 0,
1593
resolve_callback, mc) == NULL)
1594
fprintf_plus(stderr, "Avahi: Failed to resolve service '%s':"
1595
" %s\n", name,
1596
avahi_strerror(avahi_server_errno
1597
(((mandos_context*)mc)->server)));
1598
break;
1599
1600
case AVAHI_BROWSER_REMOVE:
1601
break;
1602
1603
case AVAHI_BROWSER_ALL_FOR_NOW:
1604
case AVAHI_BROWSER_CACHE_EXHAUSTED:
1605
if(debug){
1606
fprintf_plus(stderr, "No Mandos server found, still"
1607
" searching...\n");
1608
}
1609
break;
1610
}
1611
}
1612
1613
/* Signal handler that stops main loop after SIGTERM */
1614
static void handle_sigterm(int sig){
1615
if(quit_now){
1616
return;
1617
}
1618
quit_now = 1;
1619
signal_received = sig;
1620
int old_errno = errno;
1621
/* set main loop to exit */
1622
if(simple_poll != NULL){
1623
avahi_simple_poll_quit(simple_poll);
1624
}
1625
errno = old_errno;
1626
}
1627
1628
__attribute__((nonnull, warn_unused_result))
1629
bool get_flags(const char *ifname, struct ifreq *ifr){
1630
int ret;
1631
error_t ret_errno;
1632
1633
int s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1634
if(s < 0){
1635
ret_errno = errno;
1636
perror_plus("socket");
1637
errno = ret_errno;
1638
return false;
1639
}
1640
strncpy(ifr->ifr_name, ifname, IF_NAMESIZE);
1641
ifr->ifr_name[IF_NAMESIZE-1] = '\0'; /* NUL terminate */
1642
ret = ioctl(s, SIOCGIFFLAGS, ifr);
1643
if(ret == -1){
1644
if(debug){
1645
ret_errno = errno;
1646
perror_plus("ioctl SIOCGIFFLAGS");
1647
errno = ret_errno;
1648
}
1649
return false;
1650
}
1651
return true;
1652
}
1653
1654
__attribute__((nonnull, warn_unused_result))
1655
bool good_flags(const char *ifname, const struct ifreq *ifr){
1656
1657
/* Reject the loopback device */
1658
if(ifr->ifr_flags & IFF_LOOPBACK){
1659
if(debug){
1660
fprintf_plus(stderr, "Rejecting loopback interface \"%s\"\n",
1661
ifname);
1662
}
1663
return false;
1664
}
1665
/* Accept point-to-point devices only if connect_to is specified */
1666
if(connect_to != NULL and (ifr->ifr_flags & IFF_POINTOPOINT)){
1667
if(debug){
1668
fprintf_plus(stderr, "Accepting point-to-point interface"
1669
" \"%s\"\n", ifname);
1670
}
1671
return true;
1672
}
1673
/* Otherwise, reject non-broadcast-capable devices */
1674
if(not (ifr->ifr_flags & IFF_BROADCAST)){
1675
if(debug){
1676
fprintf_plus(stderr, "Rejecting non-broadcast interface"
1677
" \"%s\"\n", ifname);
1678
}
1679
return false;
1680
}
1681
/* Reject non-ARP interfaces (including dummy interfaces) */
1682
if(ifr->ifr_flags & IFF_NOARP){
1683
if(debug){
1684
fprintf_plus(stderr, "Rejecting non-ARP interface \"%s\"\n",
1685
ifname);
1686
}
1687
return false;
1688
}
1689
1690
/* Accept this device */
1691
if(debug){
1692
fprintf_plus(stderr, "Interface \"%s\" is good\n", ifname);
1693
}
1694
return true;
1695
}
1696
1697
/*
1698
* This function determines if a directory entry in /sys/class/net
1699
* corresponds to an acceptable network device.
1700
* (This function is passed to scandir(3) as a filter function.)
1701
*/
1702
__attribute__((nonnull, warn_unused_result))
1703
int good_interface(const struct dirent *if_entry){
1704
if(if_entry->d_name[0] == '.'){
1705
return 0;
1706
}
1707
1708
struct ifreq ifr;
1709
if(not get_flags(if_entry->d_name, &ifr)){
1710
if(debug){
1711
fprintf_plus(stderr, "Failed to get flags for interface "
1712
"\"%s\"\n", if_entry->d_name);
1713
}
1714
return 0;
1715
}
1716
1717
if(not good_flags(if_entry->d_name, &ifr)){
1718
return 0;
1719
}
1720
return 1;
1721
}
1722
1723
/*
1724
* This function determines if a network interface is up.
1725
*/
1726
__attribute__((nonnull, warn_unused_result))
1727
bool interface_is_up(const char *interface){
1728
struct ifreq ifr;
1729
if(not get_flags(interface, &ifr)){
1730
if(debug){
1731
fprintf_plus(stderr, "Failed to get flags for interface "
1732
"\"%s\"\n", interface);
1733
}
1734
return false;
1735
}
1736
1737
return (bool)(ifr.ifr_flags & IFF_UP);
1738
}
1739
1740
/*
1741
* This function determines if a network interface is running
1742
*/
1743
__attribute__((nonnull, warn_unused_result))
1744
bool interface_is_running(const char *interface){
1745
struct ifreq ifr;
1746
if(not get_flags(interface, &ifr)){
1747
if(debug){
1748
fprintf_plus(stderr, "Failed to get flags for interface "
1749
"\"%s\"\n", interface);
1750
}
1751
return false;
1752
}
1753
1754
return (bool)(ifr.ifr_flags & IFF_RUNNING);
1755
}
1756
1757
__attribute__((nonnull, pure, warn_unused_result))
1758
int notdotentries(const struct dirent *direntry){
1759
/* Skip "." and ".." */
1760
if(direntry->d_name[0] == '.'
1761
and (direntry->d_name[1] == '\0'
1762
or (direntry->d_name[1] == '.'
1763
and direntry->d_name[2] == '\0'))){
1764
return 0;
1765
}
1766
return 1;
1767
}
1768
1769
/* Is this directory entry a runnable program? */
1770
__attribute__((nonnull, warn_unused_result))
1771
int runnable_hook(const struct dirent *direntry){
1772
int ret;
1773
size_t sret;
1774
struct stat st;
1775
1776
if((direntry->d_name)[0] == '\0'){
1777
/* Empty name? */
1778
return 0;
1779
}
1780
1781
sret = strspn(direntry->d_name, "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
1782
"abcdefghijklmnopqrstuvwxyz"
1783
"0123456789"
1784
"_.-");
1785
if((direntry->d_name)[sret] != '\0'){
1786
/* Contains non-allowed characters */
1787
if(debug){
1788
fprintf_plus(stderr, "Ignoring hook \"%s\" with bad name\n",
1789
direntry->d_name);
1790
}
1791
return 0;
1792
}
1793
1794
ret = fstatat(hookdir_fd, direntry->d_name, &st, 0);
1795
if(ret == -1){
1796
if(debug){
1797
perror_plus("Could not stat hook");
1798
}
1799
return 0;
1800
}
1801
if(not (S_ISREG(st.st_mode))){
1802
/* Not a regular file */
1803
if(debug){
1804
fprintf_plus(stderr, "Ignoring hook \"%s\" - not a file\n",
1805
direntry->d_name);
1806
}
1807
return 0;
1808
}
1809
if(not (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))){
1810
/* Not executable */
1811
if(debug){
1812
fprintf_plus(stderr, "Ignoring hook \"%s\" - not executable\n",
1813
direntry->d_name);
1814
}
1815
return 0;
1816
}
1817
if(debug){
1818
fprintf_plus(stderr, "Hook \"%s\" is acceptable\n",
1819
direntry->d_name);
1820
}
1821
return 1;
1822
}
1823
1824
__attribute__((nonnull, warn_unused_result))
1825
int avahi_loop_with_timeout(AvahiSimplePoll *s, int retry_interval,
1826
mandos_context *mc){
1827
int ret;
1828
struct timespec now;
1829
struct timespec waited_time;
1830
intmax_t block_time;
1831
1832
while(true){
1833
if(mc->current_server == NULL){
1834
if(debug){
1835
fprintf_plus(stderr, "Wait until first server is found."
1836
" No timeout!\n");
1837
}
1838
ret = avahi_simple_poll_iterate(s, -1);
1839
} else {
1840
if(debug){
1841
fprintf_plus(stderr, "Check current_server if we should run"
1842
" it, or wait\n");
1843
}
1844
/* the current time */
1845
ret = clock_gettime(CLOCK_MONOTONIC, &now);
1846
if(ret == -1){
1847
perror_plus("clock_gettime");
1848
return -1;
1849
}
1850
/* Calculating in ms how long time between now and server
1851
who we visted longest time ago. Now - last seen. */
1852
waited_time.tv_sec = (now.tv_sec
1853
- mc->current_server->last_seen.tv_sec);
1854
waited_time.tv_nsec = (now.tv_nsec
1855
- mc->current_server->last_seen.tv_nsec);
1856
/* total time is 10s/10,000ms.
1857
Converting to s from ms by dividing by 1,000,
1858
and ns to ms by dividing by 1,000,000. */
1859
block_time = ((retry_interval
1860
- ((intmax_t)waited_time.tv_sec * 1000))
1861
- ((intmax_t)waited_time.tv_nsec / 1000000));
1862
1863
if(debug){
1864
fprintf_plus(stderr, "Blocking for %" PRIdMAX " ms\n",
1865
block_time);
1866
}
1867
1868
if(block_time <= 0){
1869
ret = start_mandos_communication(mc->current_server->ip,
1870
mc->current_server->port,
1871
mc->current_server->if_index,
1872
mc->current_server->af, mc);
1873
if(ret == 0){
1874
avahi_simple_poll_quit(s);
1875
return 0;
1876
}
1877
ret = clock_gettime(CLOCK_MONOTONIC,
1878
&mc->current_server->last_seen);
1879
if(ret == -1){
1880
perror_plus("clock_gettime");
1881
return -1;
1882
}
1883
mc->current_server = mc->current_server->next;
1884
block_time = 0; /* Call avahi to find new Mandos
1885
servers, but don't block */
1886
}
1887
1888
ret = avahi_simple_poll_iterate(s, (int)block_time);
1889
}
1890
if(ret != 0){
1891
if(ret > 0 or errno != EINTR){
1892
return (ret != 1) ? ret : 0;
1893
}
1894
}
1895
}
1896
}
1897
1898
__attribute__((nonnull))
1899
void run_network_hooks(const char *mode, const char *interface,
1900
const float delay){
1901
struct dirent **direntries = NULL;
1902
if(hookdir_fd == -1){
1903
hookdir_fd = open(hookdir, O_RDONLY | O_DIRECTORY | O_PATH
1904
| O_CLOEXEC);
1905
if(hookdir_fd == -1){
1906
if(errno == ENOENT){
1907
if(debug){
1908
fprintf_plus(stderr, "Network hook directory \"%s\" not"
1909
" found\n", hookdir);
1910
}
1911
} else {
1912
perror_plus("open");
1913
}
1914
return;
1915
}
1916
}
1917
#ifdef __GLIBC__
1918
#if __GLIBC_PREREQ(2, 15)
1919
int numhooks = scandirat(hookdir_fd, ".", &direntries,
1920
runnable_hook, alphasort);
1921
#else /* not __GLIBC_PREREQ(2, 15) */
1922
int numhooks = scandir(hookdir, &direntries, runnable_hook,
1923
alphasort);
1924
#endif /* not __GLIBC_PREREQ(2, 15) */
1925
#else /* not __GLIBC__ */
1926
int numhooks = scandir(hookdir, &direntries, runnable_hook,
1927
alphasort);
1928
#endif /* not __GLIBC__ */
1929
if(numhooks == -1){
1930
perror_plus("scandir");
1931
return;
1932
}
1933
struct dirent *direntry;
1934
int ret;
1935
int devnull = (int)TEMP_FAILURE_RETRY(open("/dev/null", O_RDONLY));
1936
if(devnull == -1){
1937
perror_plus("open(\"/dev/null\", O_RDONLY)");
1938
return;
1939
}
1940
for(int i = 0; i < numhooks; i++){
1941
direntry = direntries[i];
1942
if(debug){
1943
fprintf_plus(stderr, "Running network hook \"%s\"\n",
1944
direntry->d_name);
1945
}
1946
pid_t hook_pid = fork();
1947
if(hook_pid == 0){
1948
/* Child */
1949
/* Raise privileges */
1950
errno = raise_privileges_permanently();
1951
if(errno != 0){
1952
perror_plus("Failed to raise privileges");
1953
_exit(EX_NOPERM);
1954
}
1955
/* Set group */
1956
errno = 0;
1957
ret = setgid(0);
1958
if(ret == -1){
1959
perror_plus("setgid");
1960
_exit(EX_NOPERM);
1961
}
1962
/* Reset supplementary groups */
1963
errno = 0;
1964
ret = setgroups(0, NULL);
1965
if(ret == -1){
1966
perror_plus("setgroups");
1967
_exit(EX_NOPERM);
1968
}
1969
ret = setenv("MANDOSNETHOOKDIR", hookdir, 1);
1970
if(ret == -1){
1971
perror_plus("setenv");
1972
_exit(EX_OSERR);
1973
}
1974
ret = setenv("DEVICE", interface, 1);
1975
if(ret == -1){
1976
perror_plus("setenv");
1977
_exit(EX_OSERR);
1978
}
1979
ret = setenv("VERBOSITY", debug ? "1" : "0", 1);
1980
if(ret == -1){
1981
perror_plus("setenv");
1982
_exit(EX_OSERR);
1983
}
1984
ret = setenv("MODE", mode, 1);
1985
if(ret == -1){
1986
perror_plus("setenv");
1987
_exit(EX_OSERR);
1988
}
1989
char *delaystring;
1990
ret = asprintf(&delaystring, "%f", (double)delay);
1991
if(ret == -1){
1992
perror_plus("asprintf");
1993
_exit(EX_OSERR);
1994
}
1995
ret = setenv("DELAY", delaystring, 1);
1996
if(ret == -1){
1997
free(delaystring);
1998
perror_plus("setenv");
1999
_exit(EX_OSERR);
2000
}
2001
free(delaystring);
2002
if(connect_to != NULL){
2003
ret = setenv("CONNECT", connect_to, 1);
2004
if(ret == -1){
2005
perror_plus("setenv");
2006
_exit(EX_OSERR);
2007
}
2008
}
2009
int hook_fd = (int)TEMP_FAILURE_RETRY(openat(hookdir_fd,
2010
direntry->d_name,
2011
O_RDONLY));
2012
if(hook_fd == -1){
2013
perror_plus("openat");
2014
_exit(EXIT_FAILURE);
2015
}
2016
if(close(hookdir_fd) == -1){
2017
perror_plus("close");
2018
_exit(EXIT_FAILURE);
2019
}
2020
ret = dup2(devnull, STDIN_FILENO);
2021
if(ret == -1){
2022
perror_plus("dup2(devnull, STDIN_FILENO)");
2023
_exit(EX_OSERR);
2024
}
2025
ret = close(devnull);
2026
if(ret == -1){
2027
perror_plus("close");
2028
_exit(EX_OSERR);
2029
}
2030
ret = dup2(STDERR_FILENO, STDOUT_FILENO);
2031
if(ret == -1){
2032
perror_plus("dup2(STDERR_FILENO, STDOUT_FILENO)");
2033
_exit(EX_OSERR);
2034
}
2035
if(fexecve(hook_fd, (char *const []){ direntry->d_name, NULL },
2036
environ) == -1){
2037
perror_plus("fexecve");
2038
_exit(EXIT_FAILURE);
2039
}
2040
} else {
2041
if(hook_pid == -1){
2042
perror_plus("fork");
2043
free(direntry);
2044
continue;
2045
}
2046
int status;
2047
if(TEMP_FAILURE_RETRY(waitpid(hook_pid, &status, 0)) == -1){
2048
perror_plus("waitpid");
2049
free(direntry);
2050
continue;
2051
}
2052
if(WIFEXITED(status)){
2053
if(WEXITSTATUS(status) != 0){
2054
fprintf_plus(stderr, "Warning: network hook \"%s\" exited"
2055
" with status %d\n", direntry->d_name,
2056
WEXITSTATUS(status));
2057
free(direntry);
2058
continue;
2059
}
2060
} else if(WIFSIGNALED(status)){
2061
fprintf_plus(stderr, "Warning: network hook \"%s\" died by"
2062
" signal %d\n", direntry->d_name,
2063
WTERMSIG(status));
2064
free(direntry);
2065
continue;
2066
} else {
2067
fprintf_plus(stderr, "Warning: network hook \"%s\""
2068
" crashed\n", direntry->d_name);
2069
free(direntry);
2070
continue;
2071
}
2072
}
2073
if(debug){
2074
fprintf_plus(stderr, "Network hook \"%s\" ran successfully\n",
2075
direntry->d_name);
2076
}
2077
free(direntry);
2078
}
2079
free(direntries);
2080
if(close(hookdir_fd) == -1){
2081
perror_plus("close");
2082
} else {
2083
hookdir_fd = -1;
2084
}
2085
close(devnull);
2086
}
2087
2088
__attribute__((nonnull, warn_unused_result))
2089
error_t bring_up_interface(const char *const interface,
2090
const float delay){
2091
error_t old_errno = errno;
2092
int ret;
2093
struct ifreq network;
2094
unsigned int if_index = if_nametoindex(interface);
2095
if(if_index == 0){
2096
fprintf_plus(stderr, "No such interface: \"%s\"\n", interface);
2097
errno = old_errno;
2098
return ENXIO;
2099
}
2100
2101
if(quit_now){
2102
errno = old_errno;
2103
return EINTR;
2104
}
2105
2106
if(not interface_is_up(interface)){
2107
error_t ret_errno = 0, ioctl_errno = 0;
2108
if(not get_flags(interface, &network)){
2109
ret_errno = errno;
2110
fprintf_plus(stderr, "Failed to get flags for interface "
2111
"\"%s\"\n", interface);
2112
errno = old_errno;
2113
return ret_errno;
2114
}
2115
network.ifr_flags |= IFF_UP; /* set flag */
2116
2117
int sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
2118
if(sd == -1){
2119
ret_errno = errno;
2120
perror_plus("socket");
2121
errno = old_errno;
2122
return ret_errno;
2123
}
2124
2125
if(quit_now){
2126
ret = close(sd);
2127
if(ret == -1){
2128
perror_plus("close");
2129
}
2130
errno = old_errno;
2131
return EINTR;
2132
}
2133
2134
if(debug){
2135
fprintf_plus(stderr, "Bringing up interface \"%s\"\n",
2136
interface);
2137
}
2138
2139
/* Raise privileges */
2140
ret_errno = raise_privileges();
2141
if(ret_errno != 0){
2142
errno = ret_errno;
2143
perror_plus("Failed to raise privileges");
2144
}
2145
2146
#ifdef __linux__
2147
int ret_linux;
2148
bool restore_loglevel = false;
2149
if(ret_errno == 0){
2150
/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO
2151
messages about the network interface to mess up the prompt */
2152
ret_linux = klogctl(8, NULL, 5);
2153
if(ret_linux == -1){
2154
perror_plus("klogctl");
2155
} else {
2156
restore_loglevel = true;
2157
}
2158
}
2159
#endif /* __linux__ */
2160
int ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
2161
ioctl_errno = errno;
2162
#ifdef __linux__
2163
if(restore_loglevel){
2164
ret_linux = klogctl(7, NULL, 0);
2165
if(ret_linux == -1){
2166
perror_plus("klogctl");
2167
}
2168
}
2169
#endif /* __linux__ */
2170
2171
/* If raise_privileges() succeeded above */
2172
if(ret_errno == 0){
2173
/* Lower privileges */
2174
ret_errno = lower_privileges();
2175
if(ret_errno != 0){
2176
errno = ret_errno;
2177
perror_plus("Failed to lower privileges");
2178
}
2179
}
2180
2181
/* Close the socket */
2182
ret = close(sd);
2183
if(ret == -1){
2184
perror_plus("close");
2185
}
2186
2187
if(ret_setflags == -1){
2188
errno = ioctl_errno;
2189
perror_plus("ioctl SIOCSIFFLAGS +IFF_UP");
2190
errno = old_errno;
2191
return ioctl_errno;
2192
}
2193
} else if(debug){
2194
fprintf_plus(stderr, "Interface \"%s\" is already up; good\n",
2195
interface);
2196
}
2197
2198
/* Sleep checking until interface is running.
2199
Check every 0.25s, up to total time of delay */
2200
for(int i=0; i < delay * 4; i++){
2201
if(interface_is_running(interface)){
2202
break;
2203
}
2204
struct timespec sleeptime = { .tv_nsec = 250000000 };
2205
ret = nanosleep(&sleeptime, NULL);
2206
if(ret == -1 and errno != EINTR){
2207
perror_plus("nanosleep");
2208
}
2209
}
2210
2211
errno = old_errno;
2212
return 0;
2213
}
2214
2215
__attribute__((nonnull, warn_unused_result))
2216
error_t take_down_interface(const char *const interface){
2217
error_t old_errno = errno;
2218
struct ifreq network;
2219
unsigned int if_index = if_nametoindex(interface);
2220
if(if_index == 0){
2221
fprintf_plus(stderr, "No such interface: \"%s\"\n", interface);
2222
errno = old_errno;
2223
return ENXIO;
2224
}
2225
if(interface_is_up(interface)){
2226
error_t ret_errno = 0, ioctl_errno = 0;
2227
if(not get_flags(interface, &network) and debug){
2228
ret_errno = errno;
2229
fprintf_plus(stderr, "Failed to get flags for interface "
2230
"\"%s\"\n", interface);
2231
errno = old_errno;
2232
return ret_errno;
2233
}
2234
network.ifr_flags &= ~(short)IFF_UP; /* clear flag */
2235
2236
int sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
2237
if(sd == -1){
2238
ret_errno = errno;
2239
perror_plus("socket");
2240
errno = old_errno;
2241
return ret_errno;
2242
}
2243
2244
if(debug){
2245
fprintf_plus(stderr, "Taking down interface \"%s\"\n",
2246
interface);
2247
}
2248
2249
/* Raise privileges */
2250
ret_errno = raise_privileges();
2251
if(ret_errno != 0){
2252
errno = ret_errno;
2253
perror_plus("Failed to raise privileges");
2254
}
2255
2256
int ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);
2257
ioctl_errno = errno;
2258
2259
/* If raise_privileges() succeeded above */
2260
if(ret_errno == 0){
2261
/* Lower privileges */
2262
ret_errno = lower_privileges();
2263
if(ret_errno != 0){
2264
errno = ret_errno;
2265
perror_plus("Failed to lower privileges");
2266
}
2267
}
2268
2269
/* Close the socket */
2270
int ret = close(sd);
2271
if(ret == -1){
2272
perror_plus("close");
2273
}
2274
2275
if(ret_setflags == -1){
2276
errno = ioctl_errno;
2277
perror_plus("ioctl SIOCSIFFLAGS -IFF_UP");
2278
errno = old_errno;
2279
return ioctl_errno;
2280
}
2281
} else if(debug){
2282
fprintf_plus(stderr, "Interface \"%s\" is already down; odd\n",
2283
interface);
2284
}
2285
2286
errno = old_errno;
2287
return 0;
2288
}
2289
2290
int main(int argc, char *argv[]){
2291
mandos_context mc = { .server = NULL, .dh_bits = 0,
2292
.priority = "SECURE256:!CTYPE-X.509"
2293
":+CTYPE-OPENPGP:!RSA:+SIGN-DSA-SHA256",
2294
.current_server = NULL, .interfaces = NULL,
2295
.interfaces_size = 0 };
2296
AvahiSServiceBrowser *sb = NULL;
2297
error_t ret_errno;
2298
int ret;
2299
intmax_t tmpmax;
2300
char *tmp;
2301
int exitcode = EXIT_SUCCESS;
2302
char *interfaces_to_take_down = NULL;
2303
size_t interfaces_to_take_down_size = 0;
2304
char run_tempdir[] = "/run/tmp/mandosXXXXXX";
2305
char old_tempdir[] = "/tmp/mandosXXXXXX";
2306
char *tempdir = NULL;
2307
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
2308
const char *seckey = PATHDIR "/" SECKEY;
2309
const char *pubkey = PATHDIR "/" PUBKEY;
2310
const char *dh_params_file = NULL;
2311
char *interfaces_hooks = NULL;
2312
2313
bool gnutls_initialized = false;
2314
bool gpgme_initialized = false;
2315
float delay = 2.5f;
2316
double retry_interval = 10; /* 10s between trying a server and
2317
retrying the same server again */
2318
2319
struct sigaction old_sigterm_action = { .sa_handler = SIG_DFL };
2320
struct sigaction sigterm_action = { .sa_handler = handle_sigterm };
2321
2322
uid = getuid();
2323
gid = getgid();
2324
2325
/* Lower any group privileges we might have, just to be safe */
2326
errno = 0;
2327
ret = setgid(gid);
2328
if(ret == -1){
2329
perror_plus("setgid");
2330
}
2331
2332
/* Lower user privileges (temporarily) */
2333
errno = 0;
2334
ret = seteuid(uid);
2335
if(ret == -1){
2336
perror_plus("seteuid");
2337
}
2338
2339
if(quit_now){
2340
goto end;
2341
}
2342
2343
{
2344
struct argp_option options[] = {
2345
{ .name = "debug", .key = 128,
2346
.doc = "Debug mode", .group = 3 },
2347
{ .name = "connect", .key = 'c',
2348
.arg = "ADDRESS:PORT",
2349
.doc = "Connect directly to a specific Mandos server",
2350
.group = 1 },
2351
{ .name = "interface", .key = 'i',
2352
.arg = "NAME",
2353
.doc = "Network interface that will be used to search for"
2354
" Mandos servers",
2355
.group = 1 },
2356
{ .name = "seckey", .key = 's',
2357
.arg = "FILE",
2358
.doc = "OpenPGP secret key file base name",
2359
.group = 1 },
2360
{ .name = "pubkey", .key = 'p',
2361
.arg = "FILE",
2362
.doc = "OpenPGP public key file base name",
2363
.group = 2 },
2364
{ .name = "dh-bits", .key = 129,
2365
.arg = "BITS",
2366
.doc = "Bit length of the prime number used in the"
2367
" Diffie-Hellman key exchange",
2368
.group = 2 },
2369
{ .name = "dh-params", .key = 134,
2370
.arg = "FILE",
2371
.doc = "PEM-encoded PKCS#3 file with pre-generated parameters"
2372
" for the Diffie-Hellman key exchange",
2373
.group = 2 },
2374
{ .name = "priority", .key = 130,
2375
.arg = "STRING",
2376
.doc = "GnuTLS priority string for the TLS handshake",
2377
.group = 1 },
2378
{ .name = "delay", .key = 131,
2379
.arg = "SECONDS",
2380
.doc = "Maximum delay to wait for interface startup",
2381
.group = 2 },
2382
{ .name = "retry", .key = 132,
2383
.arg = "SECONDS",
2384
.doc = "Retry interval used when denied by the Mandos server",
2385
.group = 2 },
2386
{ .name = "network-hook-dir", .key = 133,
2387
.arg = "DIR",
2388
.doc = "Directory where network hooks are located",
2389
.group = 2 },
2390
/*
2391
* These reproduce what we would get without ARGP_NO_HELP
2392
*/
2393
{ .name = "help", .key = '?',
2394
.doc = "Give this help list", .group = -1 },
2395
{ .name = "usage", .key = -3,
2396
.doc = "Give a short usage message", .group = -1 },
2397
{ .name = "version", .key = 'V',
2398
.doc = "Print program version", .group = -1 },
2399
{ .name = NULL }
2400
};
2401
2402
error_t parse_opt(int key, char *arg,
2403
struct argp_state *state){
2404
errno = 0;
2405
switch(key){
2406
case 128: /* --debug */
2407
debug = true;
2408
break;
2409
case 'c': /* --connect */
2410
connect_to = arg;
2411
break;
2412
case 'i': /* --interface */
2413
ret_errno = argz_add_sep(&mc.interfaces, &mc.interfaces_size,
2414
arg, (int)',');
2415
if(ret_errno != 0){
2416
argp_error(state, "%s", strerror(ret_errno));
2417
}
2418
break;
2419
case 's': /* --seckey */
2420
seckey = arg;
2421
break;
2422
case 'p': /* --pubkey */
2423
pubkey = arg;
2424
break;
2425
case 129: /* --dh-bits */
2426
errno = 0;
2427
tmpmax = strtoimax(arg, &tmp, 10);
2428
if(errno != 0 or tmp == arg or *tmp != '\0'
2429
or tmpmax != (typeof(mc.dh_bits))tmpmax){
2430
argp_error(state, "Bad number of DH bits");
2431
}
2432
mc.dh_bits = (typeof(mc.dh_bits))tmpmax;
2433
break;
2434
case 134: /* --dh-params */
2435
dh_params_file = arg;
2436
break;
2437
case 130: /* --priority */
2438
mc.priority = arg;
2439
break;
2440
case 131: /* --delay */
2441
errno = 0;
2442
delay = strtof(arg, &tmp);
2443
if(errno != 0 or tmp == arg or *tmp != '\0'){
2444
argp_error(state, "Bad delay");
2445
}
2446
case 132: /* --retry */
2447
errno = 0;
2448
retry_interval = strtod(arg, &tmp);
2449
if(errno != 0 or tmp == arg or *tmp != '\0'
2450
or (retry_interval * 1000) > INT_MAX
2451
or retry_interval < 0){
2452
argp_error(state, "Bad retry interval");
2453
}
2454
break;
2455
case 133: /* --network-hook-dir */
2456
hookdir = arg;
2457
break;
2458
/*
2459
* These reproduce what we would get without ARGP_NO_HELP
2460
*/
2461
case '?': /* --help */
2462
argp_state_help(state, state->out_stream,
2463
(ARGP_HELP_STD_HELP | ARGP_HELP_EXIT_ERR)
2464
& ~(unsigned int)ARGP_HELP_EXIT_OK);
2465
case -3: /* --usage */
2466
argp_state_help(state, state->out_stream,
2467
ARGP_HELP_USAGE | ARGP_HELP_EXIT_ERR);
2468
case 'V': /* --version */
2469
fprintf_plus(state->out_stream, "%s\n", argp_program_version);
2470
exit(argp_err_exit_status);
2471
break;
2472
default:
2473
return ARGP_ERR_UNKNOWN;
2474
}
2475
return errno;
2476
}
2477
2478
struct argp argp = { .options = options, .parser = parse_opt,
2479
.args_doc = "",
2480
.doc = "Mandos client -- Get and decrypt"
2481
" passwords from a Mandos server" };
2482
ret = argp_parse(&argp, argc, argv,
2483
ARGP_IN_ORDER | ARGP_NO_HELP, 0, NULL);
2484
switch(ret){
2485
case 0:
2486
break;
2487
case ENOMEM:
600
2488
default:
601
case AVAHI_BROWSER_FAILURE:
602
603
fprintf(stderr, "(Browser) %s\n",
604
avahi_strerror(avahi_server_errno(server)));
605
avahi_simple_poll_quit(simple_poll);
606
return;
607
608
case AVAHI_BROWSER_NEW:
609
/* We ignore the returned resolver object. In the callback
610
function we free it. If the server is terminated before
611
the callback function is called the server will free
612
the resolver for us. */
613
614
if (!(avahi_s_service_resolver_new(s, interface, protocol, name,
615
type, domain,
616
AVAHI_PROTO_INET6, 0,
617
resolve_callback, s)))
618
fprintf(stderr, "Failed to resolve service '%s': %s\n", name,
619
avahi_strerror(avahi_server_errno(s)));
620
break;
621
622
case AVAHI_BROWSER_REMOVE:
623
break;
624
625
case AVAHI_BROWSER_ALL_FOR_NOW:
626
case AVAHI_BROWSER_CACHE_EXHAUSTED:
627
break;
628
}
629
}
630
631
/* Combines file name and path and returns the malloced new
632
string. some sane checks could/should be added */
633
static const char *combinepath(const char *first, const char *second){
634
size_t f_len = strlen(first);
635
size_t s_len = strlen(second);
636
char *tmp = malloc(f_len + s_len + 2);
637
if (tmp == NULL){
638
return NULL;
639
}
640
if(f_len > 0){
641
memcpy(tmp, first, f_len);
642
}
643
tmp[f_len] = '/';
644
if(s_len > 0){
645
memcpy(tmp + f_len + 1, second, s_len);
646
}
647
tmp[f_len + 1 + s_len] = '\0';
648
return tmp;
649
}
650
651
652
int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char*argv[]) {
2489
errno = ret;
2490
perror_plus("argp_parse");
2491
exitcode = EX_OSERR;
2492
goto end;
2493
case EINVAL:
2494
exitcode = EX_USAGE;
2495
goto end;
2496
}
2497
}
2498
2499
{
2500
/* Work around Debian bug #633582:
2501
<http://bugs.debian.org/633582> */
2502
2503
/* Re-raise privileges */
2504
ret_errno = raise_privileges();
2505
if(ret_errno != 0){
2506
errno = ret_errno;
2507
perror_plus("Failed to raise privileges");
2508
} else {
2509
struct stat st;
2510
2511
if(strcmp(seckey, PATHDIR "/" SECKEY) == 0){
2512
int seckey_fd = open(seckey, O_RDONLY);
2513
if(seckey_fd == -1){
2514
perror_plus("open");
2515
} else {
2516
ret = (int)TEMP_FAILURE_RETRY(fstat(seckey_fd, &st));
2517
if(ret == -1){
2518
perror_plus("fstat");
2519
} else {
2520
if(S_ISREG(st.st_mode)
2521
and st.st_uid == 0 and st.st_gid == 0){
2522
ret = fchown(seckey_fd, uid, gid);
2523
if(ret == -1){
2524
perror_plus("fchown");
2525
}
2526
}
2527
}
2528
close(seckey_fd);
2529
}
2530
}
2531
2532
if(strcmp(pubkey, PATHDIR "/" PUBKEY) == 0){
2533
int pubkey_fd = open(pubkey, O_RDONLY);
2534
if(pubkey_fd == -1){
2535
perror_plus("open");
2536
} else {
2537
ret = (int)TEMP_FAILURE_RETRY(fstat(pubkey_fd, &st));
2538
if(ret == -1){
2539
perror_plus("fstat");
2540
} else {
2541
if(S_ISREG(st.st_mode)
2542
and st.st_uid == 0 and st.st_gid == 0){
2543
ret = fchown(pubkey_fd, uid, gid);
2544
if(ret == -1){
2545
perror_plus("fchown");
2546
}
2547
}
2548
}
2549
close(pubkey_fd);
2550
}
2551
}
2552
2553
if(dh_params_file != NULL
2554
and strcmp(dh_params_file, PATHDIR "/dhparams.pem" ) == 0){
2555
int dhparams_fd = open(dh_params_file, O_RDONLY);
2556
if(dhparams_fd == -1){
2557
perror_plus("open");
2558
} else {
2559
ret = (int)TEMP_FAILURE_RETRY(fstat(dhparams_fd, &st));
2560
if(ret == -1){
2561
perror_plus("fstat");
2562
} else {
2563
if(S_ISREG(st.st_mode)
2564
and st.st_uid == 0 and st.st_gid == 0){
2565
ret = fchown(dhparams_fd, uid, gid);
2566
if(ret == -1){
2567
perror_plus("fchown");
2568
}
2569
}
2570
}
2571
close(dhparams_fd);
2572
}
2573
}
2574
2575
/* Lower privileges */
2576
ret_errno = lower_privileges();
2577
if(ret_errno != 0){
2578
errno = ret_errno;
2579
perror_plus("Failed to lower privileges");
2580
}
2581
}
2582
}
2583
2584
/* Remove invalid interface names (except "none") */
2585
{
2586
char *interface = NULL;
2587
while((interface = argz_next(mc.interfaces, mc.interfaces_size,
2588
interface))){
2589
if(strcmp(interface, "none") != 0
2590
and if_nametoindex(interface) == 0){
2591
if(interface[0] != '\0'){
2592
fprintf_plus(stderr, "Not using nonexisting interface"
2593
" \"%s\"\n", interface);
2594
}
2595
argz_delete(&mc.interfaces, &mc.interfaces_size, interface);
2596
interface = NULL;
2597
}
2598
}
2599
}
2600
2601
/* Run network hooks */
2602
{
2603
if(mc.interfaces != NULL){
2604
interfaces_hooks = malloc(mc.interfaces_size);
2605
if(interfaces_hooks == NULL){
2606
perror_plus("malloc");
2607
goto end;
2608
}
2609
memcpy(interfaces_hooks, mc.interfaces, mc.interfaces_size);
2610
argz_stringify(interfaces_hooks, mc.interfaces_size, (int)',');
2611
}
2612
run_network_hooks("start", interfaces_hooks != NULL ?
2613
interfaces_hooks : "", delay);
2614
}
2615
2616
if(not debug){
2617
avahi_set_log_function(empty_log);
2618
}
2619
2620
/* Initialize Avahi early so avahi_simple_poll_quit() can be called
2621
from the signal handler */
2622
/* Initialize the pseudo-RNG for Avahi */
2623
srand((unsigned int) time(NULL));
2624
simple_poll = avahi_simple_poll_new();
2625
if(simple_poll == NULL){
2626
fprintf_plus(stderr,
2627
"Avahi: Failed to create simple poll object.\n");
2628
exitcode = EX_UNAVAILABLE;
2629
goto end;
2630
}
2631
2632
sigemptyset(&sigterm_action.sa_mask);
2633
ret = sigaddset(&sigterm_action.sa_mask, SIGINT);
2634
if(ret == -1){
2635
perror_plus("sigaddset");
2636
exitcode = EX_OSERR;
2637
goto end;
2638
}
2639
ret = sigaddset(&sigterm_action.sa_mask, SIGHUP);
2640
if(ret == -1){
2641
perror_plus("sigaddset");
2642
exitcode = EX_OSERR;
2643
goto end;
2644
}
2645
ret = sigaddset(&sigterm_action.sa_mask, SIGTERM);
2646
if(ret == -1){
2647
perror_plus("sigaddset");
2648
exitcode = EX_OSERR;
2649
goto end;
2650
}
2651
/* Need to check if the handler is SIG_IGN before handling:
2652
| [[info:libc:Initial Signal Actions]] |
2653
| [[info:libc:Basic Signal Handling]] |
2654
*/
2655
ret = sigaction(SIGINT, NULL, &old_sigterm_action);
2656
if(ret == -1){
2657
perror_plus("sigaction");
2658
return EX_OSERR;
2659
}
2660
if(old_sigterm_action.sa_handler != SIG_IGN){
2661
ret = sigaction(SIGINT, &sigterm_action, NULL);
2662
if(ret == -1){
2663
perror_plus("sigaction");
2664
exitcode = EX_OSERR;
2665
goto end;
2666
}
2667
}
2668
ret = sigaction(SIGHUP, NULL, &old_sigterm_action);
2669
if(ret == -1){
2670
perror_plus("sigaction");
2671
return EX_OSERR;
2672
}
2673
if(old_sigterm_action.sa_handler != SIG_IGN){
2674
ret = sigaction(SIGHUP, &sigterm_action, NULL);
2675
if(ret == -1){
2676
perror_plus("sigaction");
2677
exitcode = EX_OSERR;
2678
goto end;
2679
}
2680
}
2681
ret = sigaction(SIGTERM, NULL, &old_sigterm_action);
2682
if(ret == -1){
2683
perror_plus("sigaction");
2684
return EX_OSERR;
2685
}
2686
if(old_sigterm_action.sa_handler != SIG_IGN){
2687
ret = sigaction(SIGTERM, &sigterm_action, NULL);
2688
if(ret == -1){
2689
perror_plus("sigaction");
2690
exitcode = EX_OSERR;
2691
goto end;
2692
}
2693
}
2694
2695
/* If no interfaces were specified, make a list */
2696
if(mc.interfaces == NULL){
2697
struct dirent **direntries = NULL;
2698
/* Look for any good interfaces */
2699
ret = scandir(sys_class_net, &direntries, good_interface,
2700
alphasort);
2701
if(ret >= 1){
2702
/* Add all found interfaces to interfaces list */
2703
for(int i = 0; i < ret; ++i){
2704
ret_errno = argz_add(&mc.interfaces, &mc.interfaces_size,
2705
direntries[i]->d_name);
2706
if(ret_errno != 0){
2707
errno = ret_errno;
2708
perror_plus("argz_add");
2709
free(direntries[i]);
2710
continue;
2711
}
2712
if(debug){
2713
fprintf_plus(stderr, "Will use interface \"%s\"\n",
2714
direntries[i]->d_name);
2715
}
2716
free(direntries[i]);
2717
}
2718
free(direntries);
2719
} else {
2720
if(ret == 0){
2721
free(direntries);
2722
}
2723
fprintf_plus(stderr, "Could not find a network interface\n");
2724
exitcode = EXIT_FAILURE;
2725
goto end;
2726
}
2727
}
2728
2729
/* Bring up interfaces which are down, and remove any "none"s */
2730
{
2731
char *interface = NULL;
2732
while((interface = argz_next(mc.interfaces, mc.interfaces_size,
2733
interface))){
2734
/* If interface name is "none", stop bringing up interfaces.
2735
Also remove all instances of "none" from the list */
2736
if(strcmp(interface, "none") == 0){
2737
argz_delete(&mc.interfaces, &mc.interfaces_size,
2738
interface);
2739
interface = NULL;
2740
while((interface = argz_next(mc.interfaces,
2741
mc.interfaces_size, interface))){
2742
if(strcmp(interface, "none") == 0){
2743
argz_delete(&mc.interfaces, &mc.interfaces_size,
2744
interface);
2745
interface = NULL;
2746
}
2747
}
2748
break;
2749
}
2750
bool interface_was_up = interface_is_up(interface);
2751
errno = bring_up_interface(interface, delay);
2752
if(not interface_was_up){
2753
if(errno != 0){
2754
fprintf_plus(stderr, "Failed to bring up interface \"%s\":"
2755
" %s\n", interface, strerror(errno));
2756
} else {
2757
errno = argz_add(&interfaces_to_take_down,
2758
&interfaces_to_take_down_size,
2759
interface);
2760
if(errno != 0){
2761
perror_plus("argz_add");
2762
}
2763
}
2764
}
2765
}
2766
if(debug and (interfaces_to_take_down == NULL)){
2767
fprintf_plus(stderr, "No interfaces were brought up\n");
2768
}
2769
}
2770
2771
/* If we only got one interface, explicitly use only that one */
2772
if(argz_count(mc.interfaces, mc.interfaces_size) == 1){
2773
if(debug){
2774
fprintf_plus(stderr, "Using only interface \"%s\"\n",
2775
mc.interfaces);
2776
}
2777
if_index = (AvahiIfIndex)if_nametoindex(mc.interfaces);
2778
}
2779
2780
if(quit_now){
2781
goto end;
2782
}
2783
2784
ret = init_gnutls_global(pubkey, seckey, dh_params_file, &mc);
2785
if(ret == -1){
2786
fprintf_plus(stderr, "init_gnutls_global failed\n");
2787
exitcode = EX_UNAVAILABLE;
2788
goto end;
2789
} else {
2790
gnutls_initialized = true;
2791
}
2792
2793
if(quit_now){
2794
goto end;
2795
}
2796
2797
/* Try /run/tmp before /tmp */
2798
tempdir = mkdtemp(run_tempdir);
2799
if(tempdir == NULL and errno == ENOENT){
2800
if(debug){
2801
fprintf_plus(stderr, "Tempdir %s did not work, trying %s\n",
2802
run_tempdir, old_tempdir);
2803
}
2804
tempdir = mkdtemp(old_tempdir);
2805
}
2806
if(tempdir == NULL){
2807
perror_plus("mkdtemp");
2808
goto end;
2809
}
2810
2811
if(quit_now){
2812
goto end;
2813
}
2814
2815
if(not init_gpgme(pubkey, seckey, tempdir, &mc)){
2816
fprintf_plus(stderr, "init_gpgme failed\n");
2817
exitcode = EX_UNAVAILABLE;
2818
goto end;
2819
} else {
2820
gpgme_initialized = true;
2821
}
2822
2823
if(quit_now){
2824
goto end;
2825
}
2826
2827
if(connect_to != NULL){
2828
/* Connect directly, do not use Zeroconf */
2829
/* (Mainly meant for debugging) */
2830
char *address = strrchr(connect_to, ':');
2831
2832
if(address == NULL){
2833
fprintf_plus(stderr, "No colon in address\n");
2834
exitcode = EX_USAGE;
2835
goto end;
2836
}
2837
2838
if(quit_now){
2839
goto end;
2840
}
2841
2842
in_port_t port;
2843
errno = 0;
2844
tmpmax = strtoimax(address+1, &tmp, 10);
2845
if(errno != 0 or tmp == address+1 or *tmp != '\0'
2846
or tmpmax != (in_port_t)tmpmax){
2847
fprintf_plus(stderr, "Bad port number\n");
2848
exitcode = EX_USAGE;
2849
goto end;
2850
}
2851
2852
if(quit_now){
2853
goto end;
2854
}
2855
2856
port = (in_port_t)tmpmax;
2857
*address = '\0';
2858
/* Colon in address indicates IPv6 */
2859
int af;
2860
if(strchr(connect_to, ':') != NULL){
2861
af = AF_INET6;
2862
/* Accept [] around IPv6 address - see RFC 5952 */
2863
if(connect_to[0] == '[' and address[-1] == ']')
2864
{
2865
connect_to++;
2866
address[-1] = '\0';
2867
}
2868
} else {
2869
af = AF_INET;
2870
}
2871
address = connect_to;
2872
2873
if(quit_now){
2874
goto end;
2875
}
2876
2877
while(not quit_now){
2878
ret = start_mandos_communication(address, port, if_index, af,
2879
&mc);
2880
if(quit_now or ret == 0){
2881
break;
2882
}
2883
if(debug){
2884
fprintf_plus(stderr, "Retrying in %d seconds\n",
2885
(int)retry_interval);
2886
}
2887
sleep((unsigned int)retry_interval);
2888
}
2889
2890
if(not quit_now){
2891
exitcode = EXIT_SUCCESS;
2892
}
2893
2894
goto end;
2895
}
2896
2897
if(quit_now){
2898
goto end;
2899
}
2900
2901
{
653
2902
AvahiServerConfig config;
654
AvahiSServiceBrowser *sb = NULL;
655
int error;
656
int ret;
657
int returncode = EXIT_SUCCESS;
658
const char *interface = NULL;
659
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
660
char *connect_to = NULL;
661
662
while (true){
663
static struct option long_options[] = {
664
{"debug", no_argument, (int *)&debug, 1},
665
{"connect", required_argument, 0, 'C'},
666
{"interface", required_argument, 0, 'i'},
667
{"certdir", required_argument, 0, 'd'},
668
{"certkey", required_argument, 0, 'c'},
669
{"certfile", required_argument, 0, 'k'},
670
{0, 0, 0, 0} };
671
672
int option_index = 0;
673
ret = getopt_long (argc, argv, "i:", long_options,
674
&option_index);
675
676
if (ret == -1){
677
break;
678
}
679
680
switch(ret){
681
case 0:
682
break;
683
case 'i':
684
interface = optarg;
685
break;
686
case 'C':
687
connect_to = optarg;
688
break;
689
case 'd':
690
certdir = optarg;
691
break;
692
case 'c':
693
certfile = optarg;
694
break;
695
case 'k':
696
certkey = optarg;
697
break;
698
default:
699
exit(EXIT_FAILURE);
700
}
701
}
702
703
certfile = combinepath(certdir, certfile);
704
if (certfile == NULL){
705
perror("combinepath");
706
goto exit;
707
}
708
709
if(interface != NULL){
710
if_index = (AvahiIfIndex) if_nametoindex(interface);
711
if(if_index == 0){
712
fprintf(stderr, "No such interface: \"%s\"\n", interface);
713
exit(EXIT_FAILURE);
714
}
715
}
716
717
if(connect_to != NULL){
718
/* Connect directly, do not use Zeroconf */
719
/* (Mainly meant for debugging) */
720
char *address = strrchr(connect_to, ':');
721
if(address == NULL){
722
fprintf(stderr, "No colon in address\n");
723
exit(EXIT_FAILURE);
724
}
725
errno = 0;
726
uint16_t port = (uint16_t) strtol(address+1, NULL, 10);
727
if(errno){
728
perror("Bad port number");
729
exit(EXIT_FAILURE);
730
}
731
*address = '\0';
732
address = connect_to;
733
ret = start_mandos_communication(address, port, if_index);
734
if(ret < 0){
735
exit(EXIT_FAILURE);
736
} else {
737
exit(EXIT_SUCCESS);
738
}
739
}
740
741
certkey = combinepath(certdir, certkey);
742
if (certkey == NULL){
743
perror("combinepath");
744
goto exit;
745
}
746
747
if (not debug){
748
avahi_set_log_function(empty_log);
749
}
750
751
/* Initialize the psuedo-RNG */
752
srand((unsigned int) time(NULL));
753
754
/* Allocate main loop object */
755
if (!(simple_poll = avahi_simple_poll_new())) {
756
fprintf(stderr, "Failed to create simple poll object.\n");
757
758
goto exit;
759
}
760
761
/* Do not publish any local records */
2903
/* Do not publish any local Zeroconf records */
762
2904
avahi_server_config_init(&config);
763
2905
config.publish_hinfo = 0;
764
2906
config.publish_addresses = 0;
765
2907
config.publish_workstation = 0;
766
2908
config.publish_domain = 0;
767
2909
768
2910
/* Allocate a new server */
769
server = avahi_server_new(avahi_simple_poll_get(simple_poll),
770
&config, NULL, NULL, &error);
771
772
/* Free the configuration data */
2911
mc.server = avahi_server_new(avahi_simple_poll_get(simple_poll),
2912
&config, NULL, NULL, &ret_errno);
2913
2914
/* Free the Avahi configuration data */
773
2915
avahi_server_config_free(&config);
774
775
/* Check if creating the server object succeeded */
776
if (!server) {
777
fprintf(stderr, "Failed to create server: %s\n",
778
avahi_strerror(error));
779
returncode = EXIT_FAILURE;
780
goto exit;
781
}
782
783
/* Create the service browser */
784
sb = avahi_s_service_browser_new(server, if_index,
785
AVAHI_PROTO_INET6,
786
"_mandos._tcp", NULL, 0,
787
browse_callback, server);
788
if (!sb) {
789
fprintf(stderr, "Failed to create service browser: %s\n",
790
avahi_strerror(avahi_server_errno(server)));
791
returncode = EXIT_FAILURE;
792
goto exit;
793
}
794
795
/* Run the main loop */
796
797
if (debug){
798
fprintf(stderr, "Starting avahi loop search\n");
799
}
800
801
avahi_simple_poll_loop(simple_poll);
802
803
exit:
804
805
if (debug){
806
fprintf(stderr, "%s exiting\n", argv[0]);
807
}
808
809
/* Cleanup things */
810
if (sb)
811
avahi_s_service_browser_free(sb);
812
813
if (server)
814
avahi_server_free(server);
815
816
if (simple_poll)
817
avahi_simple_poll_free(simple_poll);
818
free(certfile);
819
free(certkey);
820
821
return returncode;
2916
}
2917
2918
/* Check if creating the Avahi server object succeeded */
2919
if(mc.server == NULL){
2920
fprintf_plus(stderr, "Failed to create Avahi server: %s\n",
2921
avahi_strerror(ret_errno));
2922
exitcode = EX_UNAVAILABLE;
2923
goto end;
2924
}
2925
2926
if(quit_now){
2927
goto end;
2928
}
2929
2930
/* Create the Avahi service browser */
2931
sb = avahi_s_service_browser_new(mc.server, if_index,
2932
AVAHI_PROTO_UNSPEC, "_mandos._tcp",
2933
NULL, 0, browse_callback,
2934
(void *)&mc);
2935
if(sb == NULL){
2936
fprintf_plus(stderr, "Failed to create service browser: %s\n",
2937
avahi_strerror(avahi_server_errno(mc.server)));
2938
exitcode = EX_UNAVAILABLE;
2939
goto end;
2940
}
2941
2942
if(quit_now){
2943
goto end;
2944
}
2945
2946
/* Run the main loop */
2947
2948
if(debug){
2949
fprintf_plus(stderr, "Starting Avahi loop search\n");
2950
}
2951
2952
ret = avahi_loop_with_timeout(simple_poll,
2953
(int)(retry_interval * 1000), &mc);
2954
if(debug){
2955
fprintf_plus(stderr, "avahi_loop_with_timeout exited %s\n",
2956
(ret == 0) ? "successfully" : "with error");
2957
}
2958
2959
end:
2960
2961
if(debug){
2962
fprintf_plus(stderr, "%s exiting\n", argv[0]);
2963
}
2964
2965
/* Cleanup things */
2966
free(mc.interfaces);
2967
2968
if(sb != NULL)
2969
avahi_s_service_browser_free(sb);
2970
2971
if(mc.server != NULL)
2972
avahi_server_free(mc.server);
2973
2974
if(simple_poll != NULL)
2975
avahi_simple_poll_free(simple_poll);
2976
2977
if(gnutls_initialized){
2978
gnutls_certificate_free_credentials(mc.cred);
2979
gnutls_global_deinit();
2980
gnutls_dh_params_deinit(mc.dh_params);
2981
}
2982
2983
if(gpgme_initialized){
2984
gpgme_release(mc.ctx);
2985
}
2986
2987
/* Cleans up the circular linked list of Mandos servers the client
2988
has seen */
2989
if(mc.current_server != NULL){
2990
mc.current_server->prev->next = NULL;
2991
while(mc.current_server != NULL){
2992
server *next = mc.current_server->next;
2993
#ifdef __GNUC__
2994
#pragma GCC diagnostic push
2995
#pragma GCC diagnostic ignored "-Wcast-qual"
2996
#endif
2997
free((char *)(mc.current_server->ip));
2998
#ifdef __GNUC__
2999
#pragma GCC diagnostic pop
3000
#endif
3001
free(mc.current_server);
3002
mc.current_server = next;
3003
}
3004
}
3005
3006
/* Re-raise privileges */
3007
{
3008
ret_errno = raise_privileges();
3009
if(ret_errno != 0){
3010
errno = ret_errno;
3011
perror_plus("Failed to raise privileges");
3012
} else {
3013
3014
/* Run network hooks */
3015
run_network_hooks("stop", interfaces_hooks != NULL ?
3016
interfaces_hooks : "", delay);
3017
3018
/* Take down the network interfaces which were brought up */
3019
{
3020
char *interface = NULL;
3021
while((interface=argz_next(interfaces_to_take_down,
3022
interfaces_to_take_down_size,
3023
interface))){
3024
ret_errno = take_down_interface(interface);
3025
if(ret_errno != 0){
3026
errno = ret_errno;
3027
perror_plus("Failed to take down interface");
3028
}
3029
}
3030
if(debug and (interfaces_to_take_down == NULL)){
3031
fprintf_plus(stderr, "No interfaces needed to be taken"
3032
" down\n");
3033
}
3034
}
3035
}
3036
3037
ret_errno = lower_privileges_permanently();
3038
if(ret_errno != 0){
3039
errno = ret_errno;
3040
perror_plus("Failed to lower privileges permanently");
3041
}
3042
}
3043
3044
free(interfaces_to_take_down);
3045
free(interfaces_hooks);
3046
3047
/* Removes the GPGME temp directory and all files inside */
3048
if(tempdir != NULL){
3049
struct dirent **direntries = NULL;
3050
int tempdir_fd = (int)TEMP_FAILURE_RETRY(open(tempdir, O_RDONLY
3051
| O_NOFOLLOW
3052
| O_DIRECTORY
3053
| O_PATH));
3054
if(tempdir_fd == -1){
3055
perror_plus("open");
3056
} else {
3057
#ifdef __GLIBC__
3058
#if __GLIBC_PREREQ(2, 15)
3059
int numentries = scandirat(tempdir_fd, ".", &direntries,
3060
notdotentries, alphasort);
3061
#else /* not __GLIBC_PREREQ(2, 15) */
3062
int numentries = scandir(tempdir, &direntries, notdotentries,
3063
alphasort);
3064
#endif /* not __GLIBC_PREREQ(2, 15) */
3065
#else /* not __GLIBC__ */
3066
int numentries = scandir(tempdir, &direntries, notdotentries,
3067
alphasort);
3068
#endif /* not __GLIBC__ */
3069
if(numentries >= 0){
3070
for(int i = 0; i < numentries; i++){
3071
ret = unlinkat(tempdir_fd, direntries[i]->d_name, 0);
3072
if(ret == -1){
3073
fprintf_plus(stderr, "unlinkat(open(\"%s\", O_RDONLY),"
3074
" \"%s\", 0): %s\n", tempdir,
3075
direntries[i]->d_name, strerror(errno));
3076
}
3077
free(direntries[i]);
3078
}
3079
3080
/* need to clean even if 0 because man page doesn't specify */
3081
free(direntries);
3082
if(numentries == -1){
3083
perror_plus("scandir");
3084
}
3085
ret = rmdir(tempdir);
3086
if(ret == -1 and errno != ENOENT){
3087
perror_plus("rmdir");
3088
}
3089
}
3090
close(tempdir_fd);
3091
}
3092
}
3093
3094
if(quit_now){
3095
sigemptyset(&old_sigterm_action.sa_mask);
3096
old_sigterm_action.sa_handler = SIG_DFL;
3097
ret = (int)TEMP_FAILURE_RETRY(sigaction(signal_received,
3098
&old_sigterm_action,
3099
NULL));
3100
if(ret == -1){
3101
perror_plus("sigaction");
3102
}
3103
do {
3104
ret = raise(signal_received);
3105
} while(ret != 0 and errno == EINTR);
3106
if(ret != 0){
3107
perror_plus("raise");
3108
abort();
3109
}
3110
TEMP_FAILURE_RETRY(pause());
3111
}
3112
3113
return exitcode;
822
3114
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0