#include "user_list.h"
#include "server_command_list.h"
#include "afs_command_list.h"
+#include "sched.h"
+#include "signal.h"
/** Commands including options must be shorter than this. */
#define MAX_COMMAND_LEN 32768
extern struct misc_meta_data *mmd;
extern struct sender senders[];
-static void dummy(int s)
+static void dummy(__a_unused int s)
{
- /*
- * At least on Solaris, SIGUSR1 is one-shot, i.e. the signal action is
- * restored to the default state once the signal handler has been
- * called.
- */
- if (s == SIGUSR1)
- signal(SIGUSR1, dummy);
}
static void mmd_dup(struct misc_meta_data *new_mmd)
char *status, *flags; /* vss status info */
char *ut = uptime_str();
long offset = (nmmd->offset + 500) / 1000;
- struct timeval now;
+ struct timeval current_time;
struct tm mtime_tm;
/* report real status */
localtime_r(&nmmd->mtime, &mtime_tm);
strftime(mtime, 29, "%b %d %Y", &mtime_tm);
}
- gettimeofday(&now, NULL);
+ gettimeofday(¤t_time, NULL);
ret = make_message(
"%s: %zu\n" /* file size */
"%s: %s\n" /* mtime */
(long unsigned)nmmd->stream_start.tv_sec,
(long unsigned)nmmd->stream_start.tv_usec,
status_item_list[SI_CURRENT_TIME],
- (long unsigned)now.tv_sec,
- (long unsigned)now.tv_usec,
+ (long unsigned)current_time.tv_sec,
+ (long unsigned)current_time.tv_usec,
nmmd->afd.verbose_ls_output
break;
case SENDER_ADD:
case SENDER_DELETE:
- if (argc != 4 || parse_url(argv[3], scd->host,
- sizeof(scd->host), &scd->port) == NULL)
+ if (argc != 4)
return -E_COMMAND_SYNTAX;
- break;
+ return parse_fec_url(argv[3], scd);
default:
return -E_COMMAND_SYNTAX;
}
struct misc_meta_data tmp, *nmmd = &tmp;
char *s;
- signal(SIGUSR1, dummy);
+ para_sigaction(SIGUSR1, dummy);
if (argc > 1)
num = atoi(argv[1]);
static void init_rc4_keys(void)
{
- int i;
-
- for (i = 0; i < 2 * RC4_KEY_LEN; i++)
- rc4_buf[i] = para_random(256);
+ get_random_bytes_or_die(rc4_buf, 2 * RC4_KEY_LEN);
PARA_DEBUG_LOG("rc4 keys initialized (%u:%u)\n",
(unsigned char) rc4_buf[0],
(unsigned char) rc4_buf[RC4_KEY_LEN]);
}
+static void reset_signals(void)
+{
+ para_sigaction(SIGCHLD, SIG_IGN);
+ para_sigaction(SIGINT, SIG_DFL);
+ para_sigaction(SIGTERM, SIG_DFL);
+ para_sigaction(SIGHUP, SIG_DFL);
+}
+
/**
* Perform user authentication and execute a command.
*
*/
__noreturn void handle_connect(int fd, const char *peername)
{
- int ret, argc, use_rc4 = 0;
+ int ret, argc;
char buf[4096];
unsigned char crypt_buf[MAXLINE];
struct user *u;
char *p, *command = NULL;
size_t numbytes;
- signal(SIGCHLD, SIG_IGN);
- signal(SIGINT, SIG_DFL);
- signal(SIGTERM, SIG_DFL);
- signal(SIGHUP, SIG_DFL);
-
+ reset_signals();
/* we need a blocking fd here as recv() might return EAGAIN otherwise. */
ret = mark_fd_blocking(fd);
if (ret < 0)
goto err_out;
- challenge_nr = random();
/* send Welcome message */
ret = send_va_buffer(fd, "This is para_server, version "
PACKAGE_VERSION ".\n" );
ret = recv_buffer(fd, buf, sizeof(buf));
if (ret < 0)
goto err_out;
- if (ret <= 6) {
+ if (ret < 10) {
ret = -E_AUTH;
goto err_out;
}
numbytes = ret;
ret = -E_AUTH;
- if (strncmp(buf, "auth ", 5))
+ if (strncmp(buf, "auth rc4 ", 9))
goto err_out;
-
- if (numbytes < 9 || strncmp(buf, "auth rc4 ", 9))
- p = buf + 5; /* client version < 0.2.6 */
- else {
- p = buf + 9; /* client version >= 0.2.6 */
- use_rc4 = 1;
- }
- PARA_DEBUG_LOG("received %s request for user %s\n",
- use_rc4? "rc4" : "auth", p);
+ p = buf + 9;
+ PARA_DEBUG_LOG("received auth request for user %s\n", p);
ret = -E_BAD_USER;
u = lookup_user(p);
if (!u)
goto err_out;
+ get_random_bytes_or_die((unsigned char *)&challenge_nr,
+ sizeof(challenge_nr));
ret = para_encrypt_challenge(u->rsa, challenge_nr, crypt_buf);
if (ret <= 0)
goto err_out;
/* auth successful, send 'Proceed' message */
PARA_INFO_LOG("good auth for %s (%lu)\n", u->name, challenge_nr);
sprintf(buf, "%s", PROCEED_MSG);
- if (use_rc4) {
- init_rc4_keys();
- ret = para_encrypt_buffer(u->rsa, rc4_buf, 2 * RC4_KEY_LEN,
- (unsigned char *)buf + PROCEED_MSG_LEN + 1);
- if (ret <= 0)
- goto err_out;
- numbytes = ret + strlen(PROCEED_MSG) + 1;
- } else
- numbytes = strlen(buf);
+ init_rc4_keys();
+ /* Should we also encrypt the proceed message? */
+ ret = para_encrypt_buffer(u->rsa, rc4_buf, 2 * RC4_KEY_LEN,
+ (unsigned char *)buf + PROCEED_MSG_LEN + 1);
+ if (ret <= 0)
+ goto err_out;
+ numbytes = ret + strlen(PROCEED_MSG) + 1;
ret = send_bin_buffer(fd, buf, numbytes);
if (ret < 0)
goto net_err;
- if (use_rc4)
- enable_crypt(fd, rc4_recv, rc4_send, NULL);
+ enable_crypt(fd, rc4_recv, rc4_send, NULL);
ret = read_command(fd, &command);
if (ret == -E_COMMAND_SYNTAX)
goto err_out;
/* valid command and sufficient perms */
alarm(0);
argc = split_args(command, &argv, "\n");
- mutex_lock(mmd_mutex);
- mmd->num_commands++;
- mutex_unlock(mmd_mutex);
PARA_NOTICE_LOG("calling com_%s() for %s@%s\n", cmd->name, u->name,
peername);
ret = cmd->handler(fd, argc, argv);
+ mutex_lock(mmd_mutex);
+ mmd->num_commands++;
+ mutex_unlock(mmd_mutex);
if (ret >= 0)
goto out;
err_out: