2 * Copyright (C) 2006-2014 Andre Noll <maan@systemlinux.org>
4 * Licensed under the GPL v2. For licencing details see COPYING.
7 /** \file user_list.c User handling for para_server. */
10 #include <sys/types.h>
18 #include "user_list.h"
20 static struct list_head user_list;
23 * Fill the list of users known to para_server.
25 * Populates a linked list of all users in \a user_list_file. Returns on
26 * success, calls exit() on errors.
28 static void populate_user_list(char *user_list_file)
30 int ret = -E_USERLIST;
31 FILE *file_ptr = fopen(user_list_file, "r");
38 /* keyword, name, key, perms */
39 char w[255], n[255], k[255], p[255], tmp[4][255];
41 struct asymmetric_key *pubkey;
43 ret = para_fgets(line, sizeof(line), file_ptr);
46 if (sscanf(line,"%200s %200s %200s %200s", w, n, k, p) < 3)
48 if (strcmp(w, "user"))
50 PARA_DEBUG_LOG("found entry for user %s\n", n);
51 ret = get_asymmetric_key(k, LOAD_PUBLIC_KEY, &pubkey);
53 PARA_NOTICE_LOG("skipping entry for user %s: %s\n", n,
58 * In order to encrypt len := CHALLENGE_SIZE + 2 * SESSION_KEY_LEN
59 * bytes using RSA_public_encrypt() with EME-OAEP padding mode,
60 * RSA_size(rsa) must be greater than len + 41. So ignore keys
61 * which are too short. For details see RSA_public_encrypt(3).
63 if (ret <= CHALLENGE_SIZE + 2 * SESSION_KEY_LEN + 41) {
64 PARA_WARNING_LOG("public key %s too short (%d)\n",
66 free_asymmetric_key(pubkey);
69 u = para_malloc(sizeof(*u));
70 u->name = para_strdup(n);
73 num = sscanf(p, "%200[A-Z_],%200[A-Z_],%200[A-Z_],%200[A-Z_]",
74 tmp[0], tmp[1], tmp[2], tmp[3]);
75 PARA_DEBUG_LOG("found %i perm entries\n", num);
78 if (!strcmp(tmp[num], "VSS_READ"))
80 else if (!strcmp(tmp[num], "VSS_WRITE"))
81 u->perms |= VSS_WRITE;
82 else if (!strcmp(tmp[num], "AFS_READ"))
84 else if (!strcmp(tmp[num], "AFS_WRITE"))
85 u->perms |= AFS_WRITE;
86 else /* unknown permission */
87 PARA_WARNING_LOG("ignoring unknown permission: %s\n",
90 para_list_add(&u->node, &user_list);
96 PARA_EMERG_LOG("%s\n", para_strerror(-ret));
101 * Initialize the list of users allowed to connect to to para_server.
103 * \param user_list_file The file containing access information.
105 * If this function is called for the second time, the contents of the
106 * previous call are discarded, i.e. the user list is reloaded.
108 void init_user_list(char *user_list_file)
110 struct user *u, *tmp;
111 static int initialized;
114 list_for_each_entry_safe(u, tmp, &user_list, node) {
117 free_asymmetric_key(u->pubkey);
121 INIT_LIST_HEAD(&user_list);
123 populate_user_list(user_list_file);
127 * Lookup a user in the user list.
129 * \param name The name of the user.
131 * \return A pointer to the corresponding user struct if the user was found, \p
134 struct user *lookup_user(const char *name)
137 list_for_each_entry(u, &user_list, node) {
138 if (strcmp(u->name, name))