To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/mandos-client.c
- browse files at revision 833
- compare with another revision
- download diff
- download tarball
- view history from revision 833
- Committer: Teddy Hogeborn
- Date: 2016-03-17 20:40:55 UTC
- Revision ID: teddy@recompile.se-20160317204055-bhsh5xsidq7w5cxu
Client: Fix plymouth agent; broken since 1.7.2.
Fix an very old memory bug in the plymouth agent (which has been
present since its apperance in version 1.2), but which was only
recently detected at run time due to the new -fsanitize=address
compile- time flag, which has been used since version 1.7.2. This
detection of a memory access violation causes the program to abort,
making the Plymouth graphical boot system unable to accept interactive
input of passwords when using the Mandos client.
* plugins.d/plymouth.c (exec_and_wait): Fix memory allocation bug when
allocating new_argv. Also tolerate a zero-length argv.
Fix an very old memory bug in the plymouth agent (which has been
present since its apperance in version 1.2), but which was only
recently detected at run time due to the new -fsanitize=address
compile- time flag, which has been used since version 1.7.2. This
detection of a memory access violation causes the program to abort,
making the Plymouth graphical boot system unable to accept interactive
input of passwords when using the Mandos client.
* plugins.d/plymouth.c (exec_and_wait): Fix memory allocation bug when
allocating new_argv. Also tolerate a zero-length argv.
added
removed
plugins.d/mandos-client.c
9
9
* "browse_callback", and parts of "main".
10
10
*
11
11
* Everything else is
12
* Copyright © 2008-2015 Teddy Hogeborn
13
* Copyright © 2008-2015 Björn Påhlsson
12
* Copyright © 2008-2016 Teddy Hogeborn
13
* Copyright © 2008-2016 Björn Påhlsson
14
14
*
15
15
* This program is free software: you can redistribute it and/or
16
16
* modify it under the terms of the GNU General Public License as
46
46
#include <stdlib.h> /* free(), EXIT_SUCCESS, srand(),
47
47
strtof(), abort() */
48
48
#include <stdbool.h> /* bool, false, true */
49
#include <string.h> /* memset(), strcmp(), strlen(),
50
strerror(), asprintf(), strcpy() */
49
#include <string.h> /* strcmp(), strlen(), strerror(),
50
asprintf(), strncpy() */
51
51
#include <sys/ioctl.h> /* ioctl */
52
52
#include <sys/types.h> /* socket(), inet_pton(), sockaddr,
53
53
sockaddr_in6, PF_INET6,
57
57
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
58
58
inet_pton(), connect(),
59
59
getnameinfo() */
60
#include <fcntl.h> /* open(), unlinkat() */
60
#include <fcntl.h> /* open(), unlinkat(), AT_REMOVEDIR */
61
61
#include <dirent.h> /* opendir(), struct dirent, readdir()
62
62
*/
63
63
#include <inttypes.h> /* PRIu16, PRIdMAX, intmax_t,
64
64
strtoimax() */
65
#include <errno.h> /* perror(), errno,
65
#include <errno.h> /* perror(), errno, EINTR, EINVAL,
66
EAI_SYSTEM, ENETUNREACH,
67
EHOSTUNREACH, ECONNREFUSED, EPROTO,
68
EIO, ENOENT, ENXIO, ENOMEM, EISDIR,
69
ENOTEMPTY,
66
70
program_invocation_short_name */
67
71
#include <time.h> /* nanosleep(), time(), sleep() */
68
72
#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
305
309
return false;
306
310
}
307
311
308
ret = (int)TEMP_FAILURE_RETRY(close(fd));
312
ret = close(fd);
309
313
if(ret == -1){
310
314
perror_plus("close");
311
315
}
513
517
fprintf_plus(stderr, "GnuTLS: %s", string);
514
518
}
515
519
516
__attribute__((nonnull, warn_unused_result))
520
__attribute__((nonnull(1, 2, 4), warn_unused_result))
517
521
static int init_gnutls_global(const char *pubkeyfilename,
518
522
const char *seckeyfilename,
523
const char *dhparamsfilename,
519
524
mandos_context *mc){
520
525
int ret;
521
526
unsigned int uret;
524
529
fprintf_plus(stderr, "Initializing GnuTLS\n");
525
530
}
526
531
527
ret = gnutls_global_init();
528
if(ret != GNUTLS_E_SUCCESS){
529
fprintf_plus(stderr, "GnuTLS global_init: %s\n",
530
safer_gnutls_strerror(ret));
531
return -1;
532
}
533
534
532
if(debug){
535
533
/* "Use a log level over 10 to enable all debugging options."
536
534
* - GnuTLS manual
544
542
if(ret != GNUTLS_E_SUCCESS){
545
543
fprintf_plus(stderr, "GnuTLS memory error: %s\n",
546
544
safer_gnutls_strerror(ret));
547
gnutls_global_deinit();
548
545
return -1;
549
546
}
550
547
575
572
safer_gnutls_strerror(ret));
576
573
goto globalfail;
577
574
}
578
if(mc->dh_bits == 0){
579
/* Find out the optimal number of DH bits */
580
/* Try to read the private key file */
581
gnutls_datum_t buffer = { .data = NULL, .size = 0 };
582
{
583
int secfile = open(seckeyfilename, O_RDONLY);
584
size_t buffer_capacity = 0;
575
/* If a Diffie-Hellman parameters file was given, try to use it */
576
if(dhparamsfilename != NULL){
577
gnutls_datum_t params = { .data = NULL, .size = 0 };
578
do {
579
int dhpfile = open(dhparamsfilename, O_RDONLY);
580
if(dhpfile == -1){
581
perror_plus("open");
582
dhparamsfilename = NULL;
583
break;
584
}
585
size_t params_capacity = 0;
585
586
while(true){
586
buffer_capacity = incbuffer((char **)&buffer.data,
587
(size_t)buffer.size,
588
(size_t)buffer_capacity);
589
if(buffer_capacity == 0){
587
params_capacity = incbuffer((char **)¶ms.data,
588
(size_t)params.size,
589
(size_t)params_capacity);
590
if(params_capacity == 0){
590
591
perror_plus("incbuffer");
591
free(buffer.data);
592
buffer.data = NULL;
592
free(params.data);
593
params.data = NULL;
594
dhparamsfilename = NULL;
593
595
break;
594
596
}
595
ssize_t bytes_read = read(secfile, buffer.data + buffer.size,
597
ssize_t bytes_read = read(dhpfile,
598
params.data + params.size,
596
599
BUFFER_SIZE);
597
600
/* EOF */
598
601
if(bytes_read == 0){
601
604
/* check bytes_read for failure */
602
605
if(bytes_read < 0){
603
606
perror_plus("read");
604
free(buffer.data);
605
buffer.data = NULL;
606
break;
607
}
608
buffer.size += (unsigned int)bytes_read;
609
}
610
close(secfile);
611
}
612
/* If successful, use buffer to parse private key */
613
gnutls_sec_param_t sec_param = GNUTLS_SEC_PARAM_ULTRA;
614
if(buffer.data != NULL){
615
{
616
gnutls_openpgp_privkey_t privkey = NULL;
617
ret = gnutls_openpgp_privkey_init(&privkey);
618
if(ret != GNUTLS_E_SUCCESS){
619
fprintf_plus(stderr, "Error initializing OpenPGP key"
620
" structure: %s", safer_gnutls_strerror(ret));
621
free(buffer.data);
622
buffer.data = NULL;
623
} else {
624
ret = gnutls_openpgp_privkey_import(privkey, &buffer,
625
GNUTLS_OPENPGP_FMT_BASE64,
626
"", 0);
607
free(params.data);
608
params.data = NULL;
609
dhparamsfilename = NULL;
610
break;
611
}
612
params.size += (unsigned int)bytes_read;
613
}
614
if(params.data == NULL){
615
dhparamsfilename = NULL;
616
}
617
if(dhparamsfilename == NULL){
618
break;
619
}
620
ret = gnutls_dh_params_import_pkcs3(mc->dh_params, ¶ms,
621
GNUTLS_X509_FMT_PEM);
622
if(ret != GNUTLS_E_SUCCESS){
623
fprintf_plus(stderr, "Failed to parse DH parameters in file"
624
" \"%s\": %s\n", dhparamsfilename,
625
safer_gnutls_strerror(ret));
626
dhparamsfilename = NULL;
627
}
628
} while(false);
629
}
630
if(dhparamsfilename == NULL){
631
if(mc->dh_bits == 0){
632
/* Find out the optimal number of DH bits */
633
/* Try to read the private key file */
634
gnutls_datum_t buffer = { .data = NULL, .size = 0 };
635
do {
636
int secfile = open(seckeyfilename, O_RDONLY);
637
if(secfile == -1){
638
perror_plus("open");
639
break;
640
}
641
size_t buffer_capacity = 0;
642
while(true){
643
buffer_capacity = incbuffer((char **)&buffer.data,
644
(size_t)buffer.size,
645
(size_t)buffer_capacity);
646
if(buffer_capacity == 0){
647
perror_plus("incbuffer");
648
free(buffer.data);
649
buffer.data = NULL;
650
break;
651
}
652
ssize_t bytes_read = read(secfile,
653
buffer.data + buffer.size,
654
BUFFER_SIZE);
655
/* EOF */
656
if(bytes_read == 0){
657
break;
658
}
659
/* check bytes_read for failure */
660
if(bytes_read < 0){
661
perror_plus("read");
662
free(buffer.data);
663
buffer.data = NULL;
664
break;
665
}
666
buffer.size += (unsigned int)bytes_read;
667
}
668
close(secfile);
669
} while(false);
670
/* If successful, use buffer to parse private key */
671
gnutls_sec_param_t sec_param = GNUTLS_SEC_PARAM_ULTRA;
672
if(buffer.data != NULL){
673
{
674
gnutls_openpgp_privkey_t privkey = NULL;
675
ret = gnutls_openpgp_privkey_init(&privkey);
627
676
if(ret != GNUTLS_E_SUCCESS){
628
fprintf_plus(stderr, "Error importing OpenPGP key : %s",
677
fprintf_plus(stderr, "Error initializing OpenPGP key"
678
" structure: %s",
629
679
safer_gnutls_strerror(ret));
630
privkey = NULL;
680
free(buffer.data);
681
buffer.data = NULL;
682
} else {
683
ret = gnutls_openpgp_privkey_import
684
(privkey, &buffer, GNUTLS_OPENPGP_FMT_BASE64, "", 0);
685
if(ret != GNUTLS_E_SUCCESS){
686
fprintf_plus(stderr, "Error importing OpenPGP key : %s",
687
safer_gnutls_strerror(ret));
688
privkey = NULL;
689
}
690
free(buffer.data);
691
buffer.data = NULL;
692
if(privkey != NULL){
693
/* Use private key to suggest an appropriate
694
sec_param */
695
sec_param = gnutls_openpgp_privkey_sec_param(privkey);
696
gnutls_openpgp_privkey_deinit(privkey);
697
if(debug){
698
fprintf_plus(stderr, "This OpenPGP key implies using"
699
" a GnuTLS security parameter \"%s\".\n",
700
safe_string(gnutls_sec_param_get_name
701
(sec_param)));
702
}
703
}
631
704
}
632
free(buffer.data);
633
buffer.data = NULL;
634
if(privkey != NULL){
635
/* Use private key to suggest an appropriate sec_param */
636
sec_param = gnutls_openpgp_privkey_sec_param(privkey);
637
gnutls_openpgp_privkey_deinit(privkey);
638
if(debug){
639
fprintf_plus(stderr, "This OpenPGP key implies using a"
640
" GnuTLS security parameter \"%s\".\n",
641
safe_string(gnutls_sec_param_get_name
642
(sec_param)));
643
}
705
}
706
if(sec_param == GNUTLS_SEC_PARAM_UNKNOWN){
707
/* Err on the side of caution */
708
sec_param = GNUTLS_SEC_PARAM_ULTRA;
709
if(debug){
710
fprintf_plus(stderr, "Falling back to security parameter"
711
" \"%s\"\n",
712
safe_string(gnutls_sec_param_get_name
713
(sec_param)));
644
714
}
645
715
}
646
716
}
647
if(sec_param == GNUTLS_SEC_PARAM_UNKNOWN){
648
/* Err on the side of caution */
649
sec_param = GNUTLS_SEC_PARAM_ULTRA;
717
uret = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, sec_param);
718
if(uret != 0){
719
mc->dh_bits = uret;
650
720
if(debug){
651
fprintf_plus(stderr, "Falling back to security parameter"
652
" \"%s\"\n",
721
fprintf_plus(stderr, "A \"%s\" GnuTLS security parameter"
722
" implies %u DH bits; using that.\n",
653
723
safe_string(gnutls_sec_param_get_name
654
(sec_param)));
724
(sec_param)),
725
mc->dh_bits);
655
726
}
656
}
657
}
658
uret = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, sec_param);
659
if(uret != 0){
660
mc->dh_bits = uret;
661
if(debug){
662
fprintf_plus(stderr, "A \"%s\" GnuTLS security parameter"
663
" implies %u DH bits; using that.\n",
727
} else {
728
fprintf_plus(stderr, "Failed to get implied number of DH"
729
" bits for security parameter \"%s\"): %s\n",
664
730
safe_string(gnutls_sec_param_get_name
665
731
(sec_param)),
666
mc->dh_bits);
732
safer_gnutls_strerror(ret));
733
goto globalfail;
667
734
}
668
} else {
669
fprintf_plus(stderr, "Failed to get implied number of DH"
670
" bits for security parameter \"%s\"): %s\n",
671
safe_string(gnutls_sec_param_get_name(sec_param)),
735
} else if(debug){
736
fprintf_plus(stderr, "DH bits explicitly set to %u\n",
737
mc->dh_bits);
738
}
739
ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
740
if(ret != GNUTLS_E_SUCCESS){
741
fprintf_plus(stderr, "Error in GnuTLS prime generation (%u"
742
" bits): %s\n", mc->dh_bits,
672
743
safer_gnutls_strerror(ret));
673
744
goto globalfail;
674
745
}
675
} else if(debug){
676
fprintf_plus(stderr, "DH bits explicitly set to %u\n",
677
mc->dh_bits);
678
}
679
ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
680
if(ret != GNUTLS_E_SUCCESS){
681
fprintf_plus(stderr, "Error in GnuTLS prime generation (%u bits):"
682
" %s\n", mc->dh_bits, safer_gnutls_strerror(ret));
683
goto globalfail;
684
}
685
746
}
686
747
gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
687
748
688
749
return 0;
690
751
globalfail:
691
752
692
753
gnutls_certificate_free_credentials(mc->cred);
693
gnutls_global_deinit();
694
754
gnutls_dh_params_deinit(mc->dh_params);
695
755
return -1;
696
756
}
748
808
/* ignore client certificate if any. */
749
809
gnutls_certificate_server_set_request(*session, GNUTLS_CERT_IGNORE);
750
810
751
gnutls_dh_set_prime_bits(*session, mc->dh_bits);
752
753
811
return 0;
754
812
}
755
813
759
817
760
818
/* Set effective uid to 0, return errno */
761
819
__attribute__((warn_unused_result))
762
error_t raise_privileges(void){
763
error_t old_errno = errno;
764
error_t ret_errno = 0;
820
int raise_privileges(void){
821
int old_errno = errno;
822
int ret = 0;
765
823
if(seteuid(0) == -1){
766
ret_errno = errno;
824
ret = errno;
767
825
}
768
826
errno = old_errno;
769
return ret_errno;
827
return ret;
770
828
}
771
829
772
830
/* Set effective and real user ID to 0. Return errno. */
773
831
__attribute__((warn_unused_result))
774
error_t raise_privileges_permanently(void){
775
error_t old_errno = errno;
776
error_t ret_errno = raise_privileges();
777
if(ret_errno != 0){
832
int raise_privileges_permanently(void){
833
int old_errno = errno;
834
int ret = raise_privileges();
835
if(ret != 0){
778
836
errno = old_errno;
779
return ret_errno;
837
return ret;
780
838
}
781
839
if(setuid(0) == -1){
782
ret_errno = errno;
840
ret = errno;
783
841
}
784
842
errno = old_errno;
785
return ret_errno;
843
return ret;
786
844
}
787
845
788
846
/* Set effective user ID to unprivileged saved user ID */
789
847
__attribute__((warn_unused_result))
790
error_t lower_privileges(void){
791
error_t old_errno = errno;
792
error_t ret_errno = 0;
848
int lower_privileges(void){
849
int old_errno = errno;
850
int ret = 0;
793
851
if(seteuid(uid) == -1){
794
ret_errno = errno;
852
ret = errno;
795
853
}
796
854
errno = old_errno;
797
return ret_errno;
855
return ret;
798
856
}
799
857
800
858
/* Lower privileges permanently */
801
859
__attribute__((warn_unused_result))
802
error_t lower_privileges_permanently(void){
803
error_t old_errno = errno;
804
error_t ret_errno = 0;
860
int lower_privileges_permanently(void){
861
int old_errno = errno;
862
int ret = 0;
805
863
if(setuid(uid) == -1){
806
ret_errno = errno;
864
ret = errno;
807
865
}
808
866
errno = old_errno;
809
return ret_errno;
867
return ret;
810
868
}
811
869
812
870
/* Helper function to add_local_route() and delete_local_route() */
868
926
perror_plus("dup2(devnull, STDIN_FILENO)");
869
927
_exit(EX_OSERR);
870
928
}
871
ret = (int)TEMP_FAILURE_RETRY(close(devnull));
929
ret = close(devnull);
872
930
if(ret == -1){
873
931
perror_plus("close");
874
932
_exit(EX_OSERR);
891
949
helper, O_RDONLY));
892
950
if(helper_fd == -1){
893
951
perror_plus("openat");
952
close(helperdir_fd);
894
953
_exit(EX_UNAVAILABLE);
895
954
}
896
TEMP_FAILURE_RETRY(close(helperdir_fd));
955
close(helperdir_fd);
897
956
#ifdef __GNUC__
898
957
#pragma GCC diagnostic push
899
958
#pragma GCC diagnostic ignored "-Wcast-qual"
1067
1126
goto mandos_end;
1068
1127
}
1069
1128
1070
memset(&to, 0, sizeof(to));
1071
1129
if(af == AF_INET6){
1072
((struct sockaddr_in6 *)&to)->sin6_family = (sa_family_t)af;
1073
ret = inet_pton(af, ip, &((struct sockaddr_in6 *)&to)->sin6_addr);
1130
struct sockaddr_in6 *to6 = (struct sockaddr_in6 *)&to;
1131
*to6 = (struct sockaddr_in6){ .sin6_family = (sa_family_t)af };
1132
ret = inet_pton(af, ip, &to6->sin6_addr);
1074
1133
} else { /* IPv4 */
1075
((struct sockaddr_in *)&to)->sin_family = (sa_family_t)af;
1076
ret = inet_pton(af, ip, &((struct sockaddr_in *)&to)->sin_addr);
1134
struct sockaddr_in *to4 = (struct sockaddr_in *)&to;
1135
*to4 = (struct sockaddr_in){ .sin_family = (sa_family_t)af };
1136
ret = inet_pton(af, ip, &to4->sin_addr);
1077
1137
}
1078
1138
if(ret < 0 ){
1079
1139
int e = errno;
1158
1218
sizeof(struct sockaddr_in));
1159
1219
}
1160
1220
if(ret < 0){
1161
if(errno == ENETUNREACH
1221
if(((errno == ENETUNREACH) or (errno == EHOSTUNREACH))
1162
1222
and if_index != AVAHI_IF_UNSPEC
1163
1223
and connect_to == NULL
1164
1224
and not route_added and
1402
1462
free(decrypted_buffer);
1403
1463
free(buffer);
1404
1464
if(tcp_sd >= 0){
1405
ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));
1465
ret = close(tcp_sd);
1406
1466
}
1407
1467
if(ret == -1){
1408
1468
if(e == 0){
1563
1623
__attribute__((nonnull, warn_unused_result))
1564
1624
bool get_flags(const char *ifname, struct ifreq *ifr){
1565
1625
int ret;
1566
error_t ret_errno;
1626
int old_errno;
1567
1627
1568
1628
int s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
1569
1629
if(s < 0){
1570
ret_errno = errno;
1630
old_errno = errno;
1571
1631
perror_plus("socket");
1572
errno = ret_errno;
1632
errno = old_errno;
1573
1633
return false;
1574
1634
}
1575
strcpy(ifr->ifr_name, ifname);
1635
strncpy(ifr->ifr_name, ifname, IF_NAMESIZE);
1636
ifr->ifr_name[IF_NAMESIZE-1] = '\0'; /* NUL terminate */
1576
1637
ret = ioctl(s, SIOCGIFFLAGS, ifr);
1577
1638
if(ret == -1){
1578
1639
if(debug){
1579
ret_errno = errno;
1640
old_errno = errno;
1580
1641
perror_plus("ioctl SIOCGIFFLAGS");
1581
errno = ret_errno;
1642
errno = old_errno;
1582
1643
}
1583
1644
return false;
1584
1645
}
1848
1909
return;
1849
1910
}
1850
1911
}
1851
#ifdef __GLIBC__
1852
#if __GLIBC_PREREQ(2, 15)
1853
1912
int numhooks = scandirat(hookdir_fd, ".", &direntries,
1854
1913
runnable_hook, alphasort);
1855
#else /* not __GLIBC_PREREQ(2, 15) */
1856
int numhooks = scandir(hookdir, &direntries, runnable_hook,
1857
alphasort);
1858
#endif /* not __GLIBC_PREREQ(2, 15) */
1859
#else /* not __GLIBC__ */
1860
int numhooks = scandir(hookdir, &direntries, runnable_hook,
1861
alphasort);
1862
#endif /* not __GLIBC__ */
1863
1914
if(numhooks == -1){
1864
1915
perror_plus("scandir");
1865
1916
return;
1947
1998
perror_plus("openat");
1948
1999
_exit(EXIT_FAILURE);
1949
2000
}
1950
if((int)TEMP_FAILURE_RETRY(close(hookdir_fd)) == -1){
2001
if(close(hookdir_fd) == -1){
1951
2002
perror_plus("close");
1952
2003
_exit(EXIT_FAILURE);
1953
2004
}
1956
2007
perror_plus("dup2(devnull, STDIN_FILENO)");
1957
2008
_exit(EX_OSERR);
1958
2009
}
1959
ret = (int)TEMP_FAILURE_RETRY(close(devnull));
2010
ret = close(devnull);
1960
2011
if(ret == -1){
1961
2012
perror_plus("close");
1962
2013
_exit(EX_OSERR);
2011
2062
free(direntry);
2012
2063
}
2013
2064
free(direntries);
2014
if((int)TEMP_FAILURE_RETRY(close(hookdir_fd)) == -1){
2065
if(close(hookdir_fd) == -1){
2015
2066
perror_plus("close");
2016
2067
} else {
2017
2068
hookdir_fd = -1;
2020
2071
}
2021
2072
2022
2073
__attribute__((nonnull, warn_unused_result))
2023
error_t bring_up_interface(const char *const interface,
2024
const float delay){
2025
error_t old_errno = errno;
2074
int bring_up_interface(const char *const interface,
2075
const float delay){
2076
int old_errno = errno;
2026
2077
int ret;
2027
2078
struct ifreq network;
2028
2079
unsigned int if_index = if_nametoindex(interface);
2038
2089
}
2039
2090
2040
2091
if(not interface_is_up(interface)){
2041
error_t ret_errno = 0, ioctl_errno = 0;
2092
int ret_errno = 0;
2093
int ioctl_errno = 0;
2042
2094
if(not get_flags(interface, &network)){
2043
2095
ret_errno = errno;
2044
2096
fprintf_plus(stderr, "Failed to get flags for interface "
2057
2109
}
2058
2110
2059
2111
if(quit_now){
2060
ret = (int)TEMP_FAILURE_RETRY(close(sd));
2112
ret = close(sd);
2061
2113
if(ret == -1){
2062
2114
perror_plus("close");
2063
2115
}
2113
2165
}
2114
2166
2115
2167
/* Close the socket */
2116
ret = (int)TEMP_FAILURE_RETRY(close(sd));
2168
ret = close(sd);
2117
2169
if(ret == -1){
2118
2170
perror_plus("close");
2119
2171
}
2147
2199
}
2148
2200
2149
2201
__attribute__((nonnull, warn_unused_result))
2150
error_t take_down_interface(const char *const interface){
2151
error_t old_errno = errno;
2202
int take_down_interface(const char *const interface){
2203
int old_errno = errno;
2152
2204
struct ifreq network;
2153
2205
unsigned int if_index = if_nametoindex(interface);
2154
2206
if(if_index == 0){
2157
2209
return ENXIO;
2158
2210
}
2159
2211
if(interface_is_up(interface)){
2160
error_t ret_errno = 0, ioctl_errno = 0;
2212
int ret_errno = 0;
2213
int ioctl_errno = 0;
2161
2214
if(not get_flags(interface, &network) and debug){
2162
2215
ret_errno = errno;
2163
2216
fprintf_plus(stderr, "Failed to get flags for interface "
2201
2254
}
2202
2255
2203
2256
/* Close the socket */
2204
int ret = (int)TEMP_FAILURE_RETRY(close(sd));
2257
int ret = close(sd);
2205
2258
if(ret == -1){
2206
2259
perror_plus("close");
2207
2260
}
2223
2276
2224
2277
int main(int argc, char *argv[]){
2225
2278
mandos_context mc = { .server = NULL, .dh_bits = 0,
2226
.priority = "SECURE256:!CTYPE-X.509:"
2227
"+CTYPE-OPENPGP:!RSA", .current_server = NULL,
2228
.interfaces = NULL, .interfaces_size = 0 };
2279
.priority = "SECURE256:!CTYPE-X.509"
2280
":+CTYPE-OPENPGP:!RSA:+SIGN-DSA-SHA256",
2281
.current_server = NULL, .interfaces = NULL,
2282
.interfaces_size = 0 };
2229
2283
AvahiSServiceBrowser *sb = NULL;
2230
2284
error_t ret_errno;
2231
2285
int ret;
2240
2294
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
2241
2295
const char *seckey = PATHDIR "/" SECKEY;
2242
2296
const char *pubkey = PATHDIR "/" PUBKEY;
2297
const char *dh_params_file = NULL;
2243
2298
char *interfaces_hooks = NULL;
2244
2299
2245
2300
bool gnutls_initialized = false;
2298
2353
.doc = "Bit length of the prime number used in the"
2299
2354
" Diffie-Hellman key exchange",
2300
2355
.group = 2 },
2356
{ .name = "dh-params", .key = 134,
2357
.arg = "FILE",
2358
.doc = "PEM-encoded PKCS#3 file with pre-generated parameters"
2359
" for the Diffie-Hellman key exchange",
2360
.group = 2 },
2301
2361
{ .name = "priority", .key = 130,
2302
2362
.arg = "STRING",
2303
2363
.doc = "GnuTLS priority string for the TLS handshake",
2358
2418
}
2359
2419
mc.dh_bits = (typeof(mc.dh_bits))tmpmax;
2360
2420
break;
2421
case 134: /* --dh-params */
2422
dh_params_file = arg;
2423
break;
2361
2424
case 130: /* --priority */
2362
2425
mc.priority = arg;
2363
2426
break;
2403
2466
.args_doc = "",
2404
2467
.doc = "Mandos client -- Get and decrypt"
2405
2468
" passwords from a Mandos server" };
2406
ret = argp_parse(&argp, argc, argv,
2407
ARGP_IN_ORDER | ARGP_NO_HELP, 0, NULL);
2408
switch(ret){
2469
ret_errno = argp_parse(&argp, argc, argv,
2470
ARGP_IN_ORDER | ARGP_NO_HELP, 0, NULL);
2471
switch(ret_errno){
2409
2472
case 0:
2410
2473
break;
2411
2474
case ENOMEM:
2412
2475
default:
2413
errno = ret;
2476
errno = ret_errno;
2414
2477
perror_plus("argp_parse");
2415
2478
exitcode = EX_OSERR;
2416
2479
goto end;
2425
2488
<http://bugs.debian.org/633582> */
2426
2489
2427
2490
/* Re-raise privileges */
2428
ret_errno = raise_privileges();
2429
if(ret_errno != 0){
2430
errno = ret_errno;
2491
ret = raise_privileges();
2492
if(ret != 0){
2493
errno = ret;
2431
2494
perror_plus("Failed to raise privileges");
2432
2495
} else {
2433
2496
struct stat st;
2449
2512
}
2450
2513
}
2451
2514
}
2452
TEMP_FAILURE_RETRY(close(seckey_fd));
2515
close(seckey_fd);
2453
2516
}
2454
2517
}
2455
2518
2470
2533
}
2471
2534
}
2472
2535
}
2473
TEMP_FAILURE_RETRY(close(pubkey_fd));
2536
close(pubkey_fd);
2537
}
2538
}
2539
2540
if(dh_params_file != NULL
2541
and strcmp(dh_params_file, PATHDIR "/dhparams.pem" ) == 0){
2542
int dhparams_fd = open(dh_params_file, O_RDONLY);
2543
if(dhparams_fd == -1){
2544
perror_plus("open");
2545
} else {
2546
ret = (int)TEMP_FAILURE_RETRY(fstat(dhparams_fd, &st));
2547
if(ret == -1){
2548
perror_plus("fstat");
2549
} else {
2550
if(S_ISREG(st.st_mode)
2551
and st.st_uid == 0 and st.st_gid == 0){
2552
ret = fchown(dhparams_fd, uid, gid);
2553
if(ret == -1){
2554
perror_plus("fchown");
2555
}
2556
}
2557
}
2558
close(dhparams_fd);
2474
2559
}
2475
2560
}
2476
2561
2477
2562
/* Lower privileges */
2478
ret_errno = lower_privileges();
2479
if(ret_errno != 0){
2480
errno = ret_errno;
2563
ret = lower_privileges();
2564
if(ret != 0){
2565
errno = ret;
2481
2566
perror_plus("Failed to lower privileges");
2482
2567
}
2483
2568
}
2653
2738
errno = bring_up_interface(interface, delay);
2654
2739
if(not interface_was_up){
2655
2740
if(errno != 0){
2656
perror_plus("Failed to bring up interface");
2741
fprintf_plus(stderr, "Failed to bring up interface \"%s\":"
2742
" %s\n", interface, strerror(errno));
2657
2743
} else {
2658
2744
errno = argz_add(&interfaces_to_take_down,
2659
2745
&interfaces_to_take_down_size,
2682
2768
goto end;
2683
2769
}
2684
2770
2685
ret = init_gnutls_global(pubkey, seckey, &mc);
2771
ret = init_gnutls_global(pubkey, seckey, dh_params_file, &mc);
2686
2772
if(ret == -1){
2687
2773
fprintf_plus(stderr, "init_gnutls_global failed\n");
2688
2774
exitcode = EX_UNAVAILABLE;
2810
2896
2811
2897
/* Allocate a new server */
2812
2898
mc.server = avahi_server_new(avahi_simple_poll_get(simple_poll),
2813
&config, NULL, NULL, &ret_errno);
2899
&config, NULL, NULL, &ret);
2814
2900
2815
2901
/* Free the Avahi configuration data */
2816
2902
avahi_server_config_free(&config);
2819
2905
/* Check if creating the Avahi server object succeeded */
2820
2906
if(mc.server == NULL){
2821
2907
fprintf_plus(stderr, "Failed to create Avahi server: %s\n",
2822
avahi_strerror(ret_errno));
2908
avahi_strerror(ret));
2823
2909
exitcode = EX_UNAVAILABLE;
2824
2910
goto end;
2825
2911
}
2877
2963
2878
2964
if(gnutls_initialized){
2879
2965
gnutls_certificate_free_credentials(mc.cred);
2880
gnutls_global_deinit();
2881
2966
gnutls_dh_params_deinit(mc.dh_params);
2882
2967
}
2883
2968
2906
2991
2907
2992
/* Re-raise privileges */
2908
2993
{
2909
ret_errno = raise_privileges();
2910
if(ret_errno != 0){
2911
errno = ret_errno;
2994
ret = raise_privileges();
2995
if(ret != 0){
2996
errno = ret;
2912
2997
perror_plus("Failed to raise privileges");
2913
2998
} else {
2914
2999
2922
3007
while((interface=argz_next(interfaces_to_take_down,
2923
3008
interfaces_to_take_down_size,
2924
3009
interface))){
2925
ret_errno = take_down_interface(interface);
2926
if(ret_errno != 0){
2927
errno = ret_errno;
3010
ret = take_down_interface(interface);
3011
if(ret != 0){
3012
errno = ret;
2928
3013
perror_plus("Failed to take down interface");
2929
3014
}
2930
3015
}
2935
3020
}
2936
3021
}
2937
3022
2938
ret_errno = lower_privileges_permanently();
2939
if(ret_errno != 0){
2940
errno = ret_errno;
3023
ret = lower_privileges_permanently();
3024
if(ret != 0){
3025
errno = ret;
2941
3026
perror_plus("Failed to lower privileges permanently");
2942
3027
}
2943
3028
}
2945
3030
free(interfaces_to_take_down);
2946
3031
free(interfaces_hooks);
2947
3032
3033
void clean_dir_at(int base, const char * const dirname,
3034
uintmax_t level){
3035
struct dirent **direntries = NULL;
3036
int dret;
3037
int dir_fd = (int)TEMP_FAILURE_RETRY(openat(base, dirname,
3038
O_RDONLY
3039
| O_NOFOLLOW
3040
| O_DIRECTORY
3041
| O_PATH));
3042
if(dir_fd == -1){
3043
perror_plus("open");
3044
}
3045
int numentries = scandirat(dir_fd, ".", &direntries,
3046
notdotentries, alphasort);
3047
if(numentries >= 0){
3048
for(int i = 0; i < numentries; i++){
3049
if(debug){
3050
fprintf_plus(stderr, "Unlinking \"%s/%s\"\n",
3051
dirname, direntries[i]->d_name);
3052
}
3053
dret = unlinkat(dir_fd, direntries[i]->d_name, 0);
3054
if(dret == -1){
3055
if(errno == EISDIR){
3056
dret = unlinkat(dir_fd, direntries[i]->d_name,
3057
AT_REMOVEDIR);
3058
}
3059
if((dret == -1) and (errno == ENOTEMPTY)
3060
and (strcmp(direntries[i]->d_name, "private-keys-v1.d")
3061
== 0) and (level == 0)){
3062
/* Recurse only in this special case */
3063
clean_dir_at(dir_fd, direntries[i]->d_name, level+1);
3064
dret = 0;
3065
}
3066
if(dret == -1){
3067
fprintf_plus(stderr, "unlink(\"%s/%s\"): %s\n", dirname,
3068
direntries[i]->d_name, strerror(errno));
3069
}
3070
}
3071
free(direntries[i]);
3072
}
3073
3074
/* need to clean even if 0 because man page doesn't specify */
3075
free(direntries);
3076
if(numentries == -1){
3077
perror_plus("scandirat");
3078
}
3079
dret = unlinkat(base, dirname, AT_REMOVEDIR);
3080
if(dret == -1 and errno != ENOENT){
3081
perror_plus("rmdir");
3082
}
3083
} else {
3084
perror_plus("scandirat");
3085
}
3086
close(dir_fd);
3087
}
3088
2948
3089
/* Removes the GPGME temp directory and all files inside */
2949
3090
if(tempdir != NULL){
2950
struct dirent **direntries = NULL;
2951
int tempdir_fd = (int)TEMP_FAILURE_RETRY(open(tempdir, O_RDONLY
2952
| O_NOFOLLOW
2953
| O_DIRECTORY
2954
| O_PATH));
2955
if(tempdir_fd == -1){
2956
perror_plus("open");
2957
} else {
2958
#ifdef __GLIBC__
2959
#if __GLIBC_PREREQ(2, 15)
2960
int numentries = scandirat(tempdir_fd, ".", &direntries,
2961
notdotentries, alphasort);
2962
#else /* not __GLIBC_PREREQ(2, 15) */
2963
int numentries = scandir(tempdir, &direntries, notdotentries,
2964
alphasort);
2965
#endif /* not __GLIBC_PREREQ(2, 15) */
2966
#else /* not __GLIBC__ */
2967
int numentries = scandir(tempdir, &direntries, notdotentries,
2968
alphasort);
2969
#endif /* not __GLIBC__ */
2970
if(numentries >= 0){
2971
for(int i = 0; i < numentries; i++){
2972
ret = unlinkat(tempdir_fd, direntries[i]->d_name, 0);
2973
if(ret == -1){
2974
fprintf_plus(stderr, "unlinkat(open(\"%s\", O_RDONLY),"
2975
" \"%s\", 0): %s\n", tempdir,
2976
direntries[i]->d_name, strerror(errno));
2977
}
2978
free(direntries[i]);
2979
}
2980
2981
/* need to clean even if 0 because man page doesn't specify */
2982
free(direntries);
2983
if(numentries == -1){
2984
perror_plus("scandir");
2985
}
2986
ret = rmdir(tempdir);
2987
if(ret == -1 and errno != ENOENT){
2988
perror_plus("rmdir");
2989
}
2990
}
2991
TEMP_FAILURE_RETRY(close(tempdir_fd));
2992
}
3091
clean_dir_at(-1, tempdir, 0);
2993
3092
}
2994
3093
2995
3094
if(quit_now){
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0