X-Git-Url: http://git.tuebingen.mpg.de/?a=blobdiff_plain;f=command.c;h=67f6bf3c713b5de3d542d96f63848cb0014326dc;hb=686310d4b954efec5d5dcc8b4a143c294bb02739;hp=42fa3e7584e7f622b7137730edcbfb5f07cbfd0f;hpb=6b44f1fdf5fdfd18b9f77a87428a971eef0c547e;p=paraslash.git diff --git a/command.c b/command.c index 42fa3e75..67f6bf3c 100644 --- a/command.c +++ b/command.c @@ -1,70 +1,73 @@ -/* - * Copyright (C) 1997-2010 Andre Noll - * - * Licensed under the GPL v2. For licencing details see COPYING. - */ +/* Copyright (C) 1997 Andre Noll , see file COPYING. */ /** \file command.c Client authentication and server commands. */ +#include +#include #include #include -#include #include -#include -#include #include +#include +#include +#include +#include +#include "server.lsg.h" #include "para.h" #include "error.h" +#include "lsu.h" #include "crypt.h" +#include "sideband.h" #include "command.h" -#include "server.cmdline.h" #include "string.h" #include "afh.h" #include "afs.h" +#include "net.h" #include "server.h" #include "list.h" #include "send.h" +#include "sched.h" #include "vss.h" -#include "rc4.h" -#include "net.h" #include "daemon.h" #include "fd.h" #include "ipc.h" +#include "server_cmd.lsg.h" #include "user_list.h" -#include "server_command_list.h" -#include "afs_command_list.h" -#include "sched.h" #include "signal.h" +#include "version.h" + +#define SERVER_CMD_AUX_INFO(_arg) _arg, +static const unsigned server_command_perms[] = {LSG_SERVER_CMD_AUX_INFOS}; +#undef SERVER_CMD_AUX_INFO +#define SERVER_CMD_AUX_INFO(_arg) #_arg, +static const char * const server_command_perms_txt[] = {LSG_SERVER_CMD_AUX_INFOS}; +#undef SERVER_CMD_AUX_INFO /** Commands including options must be shorter than this. */ #define MAX_COMMAND_LEN 32768 extern int mmd_mutex; extern struct misc_meta_data *mmd; -extern struct sender senders[]; -int send_afs_status(struct rc4_context *rc4c, int parser_friendly); +int send_afs_status(struct command_context *cc, int parser_friendly); +static bool subcmd_should_die; -const char *status_item_list[] = {STATUS_ITEM_ARRAY}; - -static void dummy(__a_unused int s) -{ -} - -static void mmd_dup(struct misc_meta_data *new_mmd) +static void command_handler_sighandler(int s) { - mutex_lock(mmd_mutex); - *new_mmd = *mmd; - mutex_unlock(mmd_mutex); + if (s != SIGTERM) + return; + PARA_EMERG_LOG("terminating on signal %d\n", SIGTERM); + subcmd_should_die = true; } /* - * Compute human readable string containing vss status for given integer value. + * Compute human readable vss status text. * - * We don't want to use vss_playing() and friends here because we take a - * snapshot of the mmd struct and use the copy for computing the state of the - * vss. If the real data were used, we would take the mmd lock for a rather - * long time or risk to get an inconsistent view. + * We can't call vss_playing() and friends here because those functions read + * the flags from the primary mmd structure, so calling them from command + * handler context would require to take the mmd lock. At the time the function + * is called we already took a copy of the mmd structure and want to use the + * flags value of the copy for computing the vss status text. */ static char *vss_status_tohuman(unsigned int flags) { @@ -75,21 +78,6 @@ static char *vss_status_tohuman(unsigned int flags) return para_strdup("paused"); } -/* - * return human readable permission string. Never returns NULL. - */ -static char *cmd_perms_itohuman(unsigned int perms) -{ - char *msg = para_malloc(5 * sizeof(char)); - - msg[0] = perms & AFS_READ? 'a' : '-'; - msg[1] = perms & AFS_WRITE? 'A' : '-'; - msg[2] = perms & VSS_READ? 'v' : '-'; - msg[3] = perms & VSS_WRITE? 'V' : '-'; - msg[4] = '\0'; - return msg; -} - /* * Never returns NULL. */ @@ -105,407 +93,528 @@ static char *vss_get_status_flags(unsigned int flags) return msg; } -static char *get_status(struct misc_meta_data *nmmd, int parser_friendly) +static unsigned get_status(struct misc_meta_data *nmmd, bool parser_friendly, + char **result) { - char mtime[30] = ""; char *status, *flags; /* vss status info */ - char *ut = uptime_str(); + /* nobody updates our version of "now" */ long offset = (nmmd->offset + 500) / 1000; struct timeval current_time; - struct tm mtime_tm; struct para_buffer b = {.flags = parser_friendly? PBF_SIZE_PREFIX : 0}; /* report real status */ status = vss_status_tohuman(nmmd->vss_status_flags); flags = vss_get_status_flags(nmmd->vss_status_flags); - if (nmmd->size) { /* parent currently has an audio file open */ - localtime_r(&nmmd->mtime, &mtime_tm); - strftime(mtime, 29, "%b %d %Y", &mtime_tm); - } - gettimeofday(¤t_time, NULL); - WRITE_STATUS_ITEM(&b, SI_FILE_SIZE, "%zu\n", nmmd->size / 1024); - WRITE_STATUS_ITEM(&b, SI_MTIME, "%s\n", mtime); - WRITE_STATUS_ITEM(&b, SI_STATUS, "%s\n", status); - WRITE_STATUS_ITEM(&b, SI_STATUS_FLAGS, "%s\n", flags); - WRITE_STATUS_ITEM(&b, SI_OFFSET, "%li\n", offset); - WRITE_STATUS_ITEM(&b, SI_AFS_MODE, "%s\n", mmd->afs_mode_string); - WRITE_STATUS_ITEM(&b, SI_STREAM_START, "%lu.%lu\n", + clock_get_realtime(¤t_time); + /* + * The calls to WRITE_STATUS_ITEM() below never fail because + * b->max_size is zero (unlimited), see \ref para_printf(). However, + * clang is not smart enough to prove this and complains nevertheless. + * Casting the return value to void silences clang. + */ + (void)WRITE_STATUS_ITEM(&b, SI_status, "%s\n", status); + (void)WRITE_STATUS_ITEM(&b, SI_status_flags, "%s\n", flags); + (void)WRITE_STATUS_ITEM(&b, SI_offset, "%li\n", offset); + (void)WRITE_STATUS_ITEM(&b, SI_afs_mode, "%s\n", mmd->afs_mode_string); + (void)WRITE_STATUS_ITEM(&b, SI_stream_start, "%lu.%lu\n", (long unsigned)nmmd->stream_start.tv_sec, (long unsigned)nmmd->stream_start.tv_usec); - WRITE_STATUS_ITEM(&b, SI_CURRENT_TIME, "%lu.%lu\n", + (void)WRITE_STATUS_ITEM(&b, SI_current_time, "%lu.%lu\n", (long unsigned)current_time.tv_sec, (long unsigned)current_time.tv_usec); free(flags); free(status); - free(ut); - return b.buf; + *result = b.buf; + return b.offset; +} + +/** + * Send a sideband packet through a blocking file descriptor. + * + * \param scc fd and crypto keys. + * \param buf The buffer to send. + * \param numbytes The size of \a buf. + * \param band The sideband designator of this packet. + * \param dont_free If true, never deallocate \a buf. + * + * The nonblock flag must be disabled for the file descriptor given by \a scc. + * + * Stream cipher encryption is automatically activated if necessary via the + * sideband transformation, depending on the value of \a band. + * + * \return Standard. + * + * \sa \ref send_sb_va(). + */ +int send_sb(struct stream_cipher_context *scc, void *buf, size_t numbytes, + int band, bool dont_free) +{ + int ret; + struct sb_context *sbc; + struct iovec iov[2]; + sb_transformation trafo = band < SBD_PROCEED? NULL : sc_trafo; + struct sb_buffer sbb = SBB_INIT(band, buf, numbytes); + + sbc = sb_new_send(&sbb, dont_free, trafo, scc->send); + do { + ret = sb_get_send_buffers(sbc, iov); + ret = xwritev(scc->fd, iov, ret); + if (ret < 0) + goto fail; + } while (sb_sent(sbc, ret) == false); + return 1; +fail: + sb_free(sbc); + return ret; +} + +/** + * Create a variable sized buffer and send it as a sideband packet. + * + * \param scc Passed to \ref send_sb. + * \param band See \ref send_sb. + * \param fmt The format string. + * + * \return The return value of the underlying call to \ref send_sb. + */ +__printf_3_4 int send_sb_va(struct stream_cipher_context *scc, int band, + const char *fmt, ...) +{ + va_list ap; + char *msg; + int ret; + + va_start(ap, fmt); + ret = xvasprintf(&msg, fmt, ap); + va_end(ap); + return send_sb(scc, msg, ret, band, false); +} + +/** + * Send an error message to a client. + * + * \param cc Client info. + * \param err The (positive) error code. + * + * \return The return value of the underlying call to send_sb_va(). + */ +int send_strerror(struct command_context *cc, int err) +{ + return send_sb_va(&cc->scc, SBD_ERROR_LOG, "%s\n", para_strerror(err)); +} + +/** + * Send an error context to a client, + * + * \param cc Client info. + * \param errctx The error context string. + * + * \return The return value of the underlying call to send_sb_va(). + * + * This function frees the error context string after it was sent. + */ +int send_errctx(struct command_context *cc, char *errctx) +{ + int ret; + + if (!errctx) + return 0; + ret = send_sb_va(&cc->scc, SBD_ERROR_LOG, "%s\n", errctx); + free(errctx); + return ret; } -static int check_sender_args(int argc, char * const * argv, struct sender_command_data *scd) +static int check_sender_args(struct command_context *cc, + struct lls_parse_result *lpr, struct sender_command_data *scd) { - int i; - /* this has to match sender.h */ - const char *subcmds[] = {"add", "delete", "allow", "deny", "on", "off", NULL}; + int i, ret; + const char * const subcmds[] = {SENDER_SUBCOMMANDS}; + const char *arg; + char *errctx; + unsigned num_inputs = lls_num_inputs(lpr); scd->sender_num = -1; - if (argc < 2) - return -E_COMMAND_SYNTAX; - for (i = 0; senders[i].name; i++) - if (!strcmp(senders[i].name, argv[1])) + ret = lls(lls_check_arg_count(lpr, 2, INT_MAX, &errctx)); + if (ret < 0) { + send_errctx(cc, errctx); + return ret; + } + arg = lls_input(0, lpr); + FOR_EACH_SENDER(i) + if (strcmp(senders[i]->name, arg) == 0) break; - PARA_DEBUG_LOG("%d:%s\n", argc, argv[1]); - if (!senders[i].name) + if (!senders[i]) return -E_COMMAND_SYNTAX; scd->sender_num = i; - for (i = 0; subcmds[i]; i++) - if (!strcmp(subcmds[i], argv[2])) + arg = lls_input(1, lpr); + for (i = 0; i < NUM_SENDER_CMDS; i++) + if (!strcmp(subcmds[i], arg)) break; - if (!subcmds[i]) + if (i == NUM_SENDER_CMDS) return -E_COMMAND_SYNTAX; scd->cmd_num = i; - if (!senders[scd->sender_num].client_cmds[scd->cmd_num]) + if (!senders[scd->sender_num]->client_cmds[scd->cmd_num]) return -E_SENDER_CMD; switch (scd->cmd_num) { - case SENDER_ON: - case SENDER_OFF: - if (argc != 3) + case SENDER_on: + case SENDER_off: + if (num_inputs != 2) return -E_COMMAND_SYNTAX; break; - case SENDER_DENY: - case SENDER_ALLOW: - if (argc != 4 || parse_cidr(argv[3], scd->host, + case SENDER_deny: + case SENDER_allow: + if (num_inputs != 3 || parse_cidr(lls_input(2, lpr), scd->host, sizeof(scd->host), &scd->netmask) == NULL) return -E_COMMAND_SYNTAX; break; - case SENDER_ADD: - case SENDER_DELETE: - if (argc != 4) + case SENDER_add: + case SENDER_delete: + if (num_inputs != 3) return -E_COMMAND_SYNTAX; - return parse_fec_url(argv[3], scd); + return parse_fec_url(lls_input(2, lpr), scd); default: return -E_COMMAND_SYNTAX; } return 1; } -int com_sender(struct rc4_context *rc4c, int argc, char * const * argv) +/** + * Receive a sideband packet from a blocking file descriptor. + * + * \param scc fd and crypto keys. + * \param expected_band The expected band designator. + * \param max_size Passed to \ref sb_new_recv(). + * \param result Body of the sideband packet is returned here. + * + * If \a expected_band is not \p SBD_ANY, the band designator of the received + * sideband packet is compared to \a expected_band and a mismatch is considered + * an error. + * + * \return Standard. + */ +int recv_sb(struct stream_cipher_context *scc, + enum sb_designator expected_band, + size_t max_size, struct iovec *result) { - int i, ret; + int ret; + struct sb_context *sbc; + struct iovec iov; + struct sb_buffer sbb; + sb_transformation trafo; + + trafo = expected_band != SBD_ANY && expected_band < SBD_PROCEED? + NULL : sc_trafo; + sbc = sb_new_recv(max_size, trafo, scc->recv); + for (;;) { + sb_get_recv_buffer(sbc, &iov); + ret = recv_bin_buffer(scc->fd, iov.iov_base, iov.iov_len); + if (ret == 0) + ret = -E_EOF; + if (ret < 0) + goto fail; + ret = sb_received(sbc, ret, &sbb); + if (ret < 0) + goto fail; + if (ret > 0) + break; + } + ret = -E_BAD_BAND; + if (expected_band != SBD_ANY && sbb.band != expected_band) + goto fail; + *result = sbb.iov; + return 1; +fail: + sb_free(sbc); + return ret; +} + +static int com_sender(struct command_context *cc, struct lls_parse_result *lpr) +{ + int i, ret = 0; + char *msg = NULL; struct sender_command_data scd; - if (argc < 2) { - char *msg = NULL; - for (i = 0; senders[i].name; i++) { - char *tmp = make_message("%s%s\n", - msg? msg : "", senders[i].name); + if (lls_num_inputs(lpr) == 0) { + FOR_EACH_SENDER(i) { + char *tmp; + ret = xasprintf(&tmp, "%s%s\n", msg? msg : "", + senders[i]->name); free(msg); msg = tmp; } - ret = rc4_send_buffer(rc4c, msg); - free(msg); - return ret; + return send_sb(&cc->scc, msg, ret, SBD_OUTPUT, false); } - ret = check_sender_args(argc, argv, &scd); + ret = check_sender_args(cc, lpr, &scd); if (ret < 0) { - char *msg; if (scd.sender_num < 0) return ret; - msg = senders[scd.sender_num].help(); - ret = rc4_send_buffer(rc4c, msg); - free(msg); - return ret; + if (strcmp(lls_input(1, lpr), "status") == 0) + msg = senders[scd.sender_num]->status(); + else + msg = senders[scd.sender_num]->help(); + return send_sb(&cc->scc, msg, strlen(msg), SBD_OUTPUT, false); } + + switch (scd.cmd_num) { + case SENDER_add: + case SENDER_delete: + assert(senders[scd.sender_num]->resolve_target); + ret = senders[scd.sender_num]->resolve_target(lls_input(2, lpr), + &scd); + if (ret < 0) + return ret; + } + for (i = 0; i < 10; i++) { mutex_lock(mmd_mutex); if (mmd->sender_cmd_data.cmd_num >= 0) { + /* another sender command is active, retry in 100ms */ + struct timespec ts = {.tv_nsec = 100 * 1000 * 1000}; mutex_unlock(mmd_mutex); - usleep(100 * 1000); + nanosleep(&ts, NULL); continue; } - memcpy(&mmd->sender_cmd_data, &scd, sizeof(scd)); + mmd->sender_cmd_data = scd; mutex_unlock(mmd_mutex); break; } return (i < 10)? 1 : -E_LOCK; } +EXPORT_SERVER_CMD_HANDLER(sender); -/* server info */ -int com_si(struct rc4_context *rc4c, int argc, __a_unused char * const * argv) +static int com_si(struct command_context *cc, + __a_unused struct lls_parse_result *lpr) { - int i, ret; - char *ut; - char *sender_info = NULL; + char *msg, *ut; + int ret; - if (argc != 1) - return -E_COMMAND_SYNTAX; + ut = daemon_get_uptime_str(now); mutex_lock(mmd_mutex); - for (i = 0; senders[i].name; i++) { - char *info = senders[i].info(); - sender_info = para_strcat(sender_info, info); - free(info); - } - ut = uptime_str(); - ret = rc4_send_va_buffer(rc4c, "up: %s\nplayed: %u\n" + ret = xasprintf(&msg, + "up: %s\nplayed: %u\n" "server_pid: %d\n" "afs_pid: %d\n" "connections (active/accepted/total): %u/%u/%u\n" "current loglevel: %s\n" - "supported audio formats: %s\n" - "%s", + "supported audio formats: %s\n", ut, mmd->num_played, (int)getppid(), - (int)mmd->afs_pid, + (int)afs_pid, mmd->active_connections, mmd->num_commands, mmd->num_connects, - conf.loglevel_arg, - supported_audio_formats(), - sender_info + ENUM_STRING_VAL(LOGLEVEL), + AUDIO_FORMAT_HANDLERS ); mutex_unlock(mmd_mutex); free(ut); - free(sender_info); - return ret; + return send_sb(&cc->scc, msg, ret, SBD_OUTPUT, false); } +EXPORT_SERVER_CMD_HANDLER(si); -/* version */ -int com_version(struct rc4_context *rc4c, int argc, __a_unused char * const * argv) +static int com_version(struct command_context *cc, struct lls_parse_result *lpr) { - if (argc != 1) - return -E_COMMAND_SYNTAX; - return rc4_send_buffer(rc4c, VERSION_TEXT("server") - "built: " BUILD_DATE "\n" - UNAME_RS ", " CC_VERSION "\n" - ); + char *msg; + size_t len; + + if (SERVER_CMD_OPT_GIVEN(VERSION, VERBOSE, lpr)) + len = xasprintf(&msg, "%s", version_text("server")); + else + len = xasprintf(&msg, "%s\n", version_single_line("server")); + return send_sb(&cc->scc, msg, len, SBD_OUTPUT, false); } +EXPORT_SERVER_CMD_HANDLER(version); +/** These status items are cleared if no audio file is currently open. */ #define EMPTY_STATUS_ITEMS \ - ITEM(PATH) \ - ITEM(DIRECTORY) \ - ITEM(BASENAME) \ - ITEM(SCORE) \ - ITEM(ATTRIBUTES_BITMAP) \ - ITEM(ATTRIBUTES_TXT) \ - ITEM(HASH) \ - ITEM(IMAGE_ID) \ - ITEM(IMAGE_NAME) \ - ITEM(LYRICS_ID) \ - ITEM(LYRICS_NAME) \ - ITEM(BITRATE) \ - ITEM(FORMAT) \ - ITEM(FREQUENCY) \ - ITEM(CHANNELS) \ - ITEM(DURATION) \ - ITEM(SECONDS_TOTAL) \ - ITEM(NUM_PLAYED) \ - ITEM(LAST_PLAYED) \ - ITEM(TECHINFO) \ - ITEM(ARTIST) \ - ITEM(TITLE) \ - ITEM(YEAR) \ - ITEM(ALBUM) \ - ITEM(COMMENT) \ - ITEM(AMPLIFICATION) + ITEM(path) \ + ITEM(directory) \ + ITEM(basename) \ + ITEM(score) \ + ITEM(attributes_bitmap) \ + ITEM(attributes_txt) \ + ITEM(hash) \ + ITEM(image_id) \ + ITEM(image_name) \ + ITEM(lyrics_id) \ + ITEM(lyrics_name) \ + ITEM(bitrate) \ + ITEM(format) \ + ITEM(frequency) \ + ITEM(channels) \ + ITEM(duration) \ + ITEM(seconds_total) \ + ITEM(num_played) \ + ITEM(last_played) \ + ITEM(techinfo) \ + ITEM(artist) \ + ITEM(title) \ + ITEM(year) \ + ITEM(album) \ + ITEM(comment) \ + ITEM(mtime) \ + ITEM(file_size) \ + ITEM(chunk_time) \ + ITEM(num_chunks) \ + ITEM(amplification) \ -/** - * Write a list of audio-file related status items with empty values. - * - * This is used by vss when currently no audio file is open. +/* + * Create a set of audio-file related status items with empty values. These are + * written to stat clients when no audio file is open. */ -static char *empty_status_items(int parser_friendly) +static unsigned empty_status_items(bool parser_friendly, char **result) { + char *esi; + unsigned len; + if (parser_friendly) - return make_message( + len = xasprintf(&esi, #define ITEM(x) "0004 %02x:\n" EMPTY_STATUS_ITEMS #undef ITEM - #define ITEM(x) , SI_ ## x + #define ITEM(x) , (unsigned) SI_ ## x EMPTY_STATUS_ITEMS #undef ITEM ); - return make_message( - #define ITEM(x) "%s:\n" - EMPTY_STATUS_ITEMS - #undef ITEM - #define ITEM(x) ,status_item_list[SI_ ## x] - EMPTY_STATUS_ITEMS - #undef ITEM - ); + else + len = xasprintf(&esi, + #define ITEM(x) "%s:\n" + EMPTY_STATUS_ITEMS + #undef ITEM + #define ITEM(x) ,status_item_list[SI_ ## x] + EMPTY_STATUS_ITEMS + #undef ITEM + ); + *result = esi; + return len; } #undef EMPTY_STATUS_ITEMS -/* stat */ -int com_stat(struct rc4_context *rc4c, int argc, char * const * argv) +static int com_stat(struct command_context *cc, struct lls_parse_result *lpr) { - int i, ret; + int ret; struct misc_meta_data tmp, *nmmd = &tmp; char *s; - int32_t num = 0; - int parser_friendly = 0; - - para_sigaction(SIGUSR1, dummy); - - for (i = 1; i < argc; i++) { - const char *arg = argv[i]; - if (arg[0] != '-') - break; - if (!strcmp(arg, "--")) { - i++; - break; - } - if (!strncmp(arg, "-n=", 3)) { - ret = para_atoi32(arg + 3, &num); - if (ret < 0) - return ret; - continue; - } - if (!strcmp(arg, "-p")) { - parser_friendly = 1; - continue; - } - return -E_COMMAND_SYNTAX; - } - if (i != argc) - return -E_COMMAND_SYNTAX; + bool parser_friendly = SERVER_CMD_OPT_GIVEN(STAT, PARSER_FRIENDLY, + lpr) > 0; + uint32_t num = SERVER_CMD_UINT32_VAL(STAT, NUM, lpr); + const struct timespec ts = {.tv_sec = 50, .tv_nsec = 0}; + + para_sigaction(SIGINT, SIG_IGN); + para_sigaction(SIGUSR1, command_handler_sighandler); + para_sigaction(SIGTERM, command_handler_sighandler); + /* + * Simply checking subcmd_should_die is racy because a signal may + * arrive after the check but before the subsequent call to sleep(3). + * If this happens, sleep(3) would not be interrupted by the signal. + * To avoid this we block SIGTERM here and allow it to arrive only + * while we sleep. + */ + para_block_signal(SIGTERM); for (;;) { - mmd_dup(nmmd); - s = get_status(nmmd, parser_friendly); - ret = rc4_send_buffer(rc4c, s); - free(s); + sigset_t set; + /* + * Copy the mmd structure to minimize the time we hold the mmd + * lock. + */ + mutex_lock(mmd_mutex); + *nmmd = *mmd; + mutex_unlock(mmd_mutex); + ret = get_status(nmmd, parser_friendly, &s); + ret = send_sb(&cc->scc, s, ret, SBD_OUTPUT, false); if (ret < 0) goto out; if (nmmd->vss_status_flags & VSS_NEXT) { - static char *esi; - if (!esi) - esi = empty_status_items(parser_friendly); - ret = rc4_send_buffer(rc4c, esi); + char *esi; + ret = empty_status_items(parser_friendly, &esi); + ret = send_sb(&cc->scc, esi, ret, SBD_OUTPUT, false); if (ret < 0) goto out; } else - send_afs_status(rc4c, parser_friendly); + send_afs_status(cc, parser_friendly); ret = 1; if (num > 0 && !--num) goto out; - sleep(50); + sigemptyset(&set); /* empty set means: unblock all signals */ + /* + * pselect(2) allows to atomically unblock signals, then go to + * sleep. Calling sigprocmask(2) followed by sleep(3) would + * open a race window similar to the one described above. + */ + pselect(1, NULL, NULL, NULL, &ts, &set); + if (subcmd_should_die) + goto out; + ret = -E_SERVER_CRASH; if (getppid() == 1) - return -E_SERVER_CRASH; + goto out; } out: return ret; } +EXPORT_SERVER_CMD_HANDLER(stat); -static int send_list_of_commands(struct rc4_context *rc4c, struct server_command *cmd, - const char *handler) +const char *aux_info_cb(unsigned cmd_num, bool verbose) { - int ret, i; - - for (i = 1; cmd->name; cmd++, i++) { - char *perms = cmd_perms_itohuman(cmd->perms); - ret = rc4_send_va_buffer(rc4c, "%s\t%s\t%s\t%s\n", cmd->name, - handler, - perms, - cmd->description); - free(perms); - if (ret < 0) - return ret; - } - return 1; -} - -/* returns string that must be freed by the caller */ -static struct server_command *get_cmd_ptr(const char *name, char **handler) -{ - struct server_command *cmd; + static char result[80]; + unsigned perms = server_command_perms[cmd_num]; - for (cmd = server_cmds; cmd->name; cmd++) - if (!strcmp(cmd->name, name)) { - if (handler) - *handler = para_strdup("server"); /* server commands */ - return cmd; - } - /* not found, look for commands supported by afs */ - for (cmd = afs_cmds; cmd->name; cmd++) - if (!strcmp(cmd->name, name)) { - if (handler) - *handler = para_strdup("afs"); - return cmd; - } - return NULL; + if (verbose) { + /* permissions: VSS_READ | VSS_WRITE */ + sprintf(result, "permissions: %s", + server_command_perms_txt[cmd_num]); + } else { + result[0] = perms & AFS_READ? 'a' : '-'; + result[1] = perms & AFS_WRITE? 'A' : '-'; + result[2] = perms & VSS_READ? 'v' : '-'; + result[3] = perms & VSS_WRITE? 'V' : '-'; + result[4] = '\0'; + } + return result; } -/* help */ -int com_help(struct rc4_context *rc4c, int argc, char * const * argv) +static int com_help(struct command_context *cc, struct lls_parse_result *lpr) { - struct server_command *cmd; - char *perms, *handler; + char *buf; int ret; + unsigned n; + bool long_help = SERVER_CMD_OPT_GIVEN(HELP, LONG, lpr); - if (argc < 2) { - /* no argument given, print list of commands */ - if ((ret = send_list_of_commands(rc4c, server_cmds, "server")) < 0) - return ret; - return send_list_of_commands(rc4c, afs_cmds, "afs"); - } - /* argument given for help */ - cmd = get_cmd_ptr(argv[1], &handler); - if (!cmd) { - free(handler); - return -E_BAD_CMD; - } - perms = cmd_perms_itohuman(cmd->perms); - ret = rc4_send_va_buffer(rc4c, - "%s - %s\n\n" - "handler: %s\n" - "permissions: %s\n" - "usage: %s\n\n" - "%s\n", - argv[1], - cmd->description, - handler, - perms, - cmd->usage, - cmd->help - ); - free(perms); - free(handler); + lsu_com_help(long_help, lpr, server_cmd_suite, aux_info_cb, &buf, &n); + ret = send_sb(&cc->scc, buf, n, SBD_OUTPUT, false); return ret; } +EXPORT_SERVER_CMD_HANDLER(help); -/* hup */ -int com_hup(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * const * argv) +static int com_hup(__a_unused struct command_context *cc, + __a_unused struct lls_parse_result *lpr) { - if (argc != 1) - return -E_COMMAND_SYNTAX; kill(getppid(), SIGHUP); return 1; } +EXPORT_SERVER_CMD_HANDLER(hup); -/* term */ -int com_term(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * const * argv) +static int com_term(__a_unused struct command_context *cc, + __a_unused struct lls_parse_result *lpr) { - if (argc != 1) - return -E_COMMAND_SYNTAX; kill(getppid(), SIGTERM); return 1; } +EXPORT_SERVER_CMD_HANDLER(term); -int com_play(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * const * argv) +static int com_play(__a_unused struct command_context *cc, + __a_unused struct lls_parse_result *lpr) { - if (argc != 1) - return -E_COMMAND_SYNTAX; mutex_lock(mmd_mutex); mmd->new_vss_status_flags |= VSS_PLAYING; mmd->new_vss_status_flags &= ~VSS_NOMORE; mutex_unlock(mmd_mutex); return 1; - } +EXPORT_SERVER_CMD_HANDLER(play); -/* stop */ -int com_stop(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * const * argv) +static int com_stop(__a_unused struct command_context *cc, + __a_unused struct lls_parse_result *lpr) { - if (argc != 1) - return -E_COMMAND_SYNTAX; mutex_lock(mmd_mutex); mmd->new_vss_status_flags &= ~VSS_PLAYING; mmd->new_vss_status_flags &= ~VSS_REPOS; @@ -513,12 +622,11 @@ int com_stop(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * co mutex_unlock(mmd_mutex); return 1; } +EXPORT_SERVER_CMD_HANDLER(stop); -/* pause */ -int com_pause(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * const * argv) +static int com_pause(__a_unused struct command_context *cc, + __a_unused struct lls_parse_result *lpr) { - if (argc != 1) - return -E_COMMAND_SYNTAX; mutex_lock(mmd_mutex); if (!vss_paused() && !vss_stopped()) { mmd->events++; @@ -528,42 +636,43 @@ int com_pause(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * c mutex_unlock(mmd_mutex); return 1; } +EXPORT_SERVER_CMD_HANDLER(pause); -/* next */ -int com_next(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * const * argv) +static int com_next(__a_unused struct command_context *cc, + __a_unused struct lls_parse_result *lpr) { - if (argc != 1) - return -E_COMMAND_SYNTAX; mutex_lock(mmd_mutex); mmd->events++; mmd->new_vss_status_flags |= VSS_NEXT; mutex_unlock(mmd_mutex); return 1; } +EXPORT_SERVER_CMD_HANDLER(next); -/* nomore */ -int com_nomore(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * const * argv) +static int com_nomore(__a_unused struct command_context *cc, + __a_unused struct lls_parse_result *lpr) { - if (argc != 1) - return -E_COMMAND_SYNTAX; mutex_lock(mmd_mutex); if (vss_playing() || vss_paused()) mmd->new_vss_status_flags |= VSS_NOMORE; mutex_unlock(mmd_mutex); return 1; } +EXPORT_SERVER_CMD_HANDLER(nomore); -/* ff */ -int com_ff(__a_unused struct rc4_context *rc4c, int argc, char * const * argv) +static int com_ff(struct command_context *cc, struct lls_parse_result *lpr) { long promille; int ret, backwards = 0; unsigned i; - char c; + char c, *errctx; - if (argc != 2) - return -E_COMMAND_SYNTAX; - if (!(ret = sscanf(argv[1], "%u%c", &i, &c))) + ret = lls(lls_check_arg_count(lpr, 1, 1, &errctx)); + if (ret < 0) { + send_errctx(cc, errctx); + return ret; + } + if (!(ret = sscanf(lls_input(0, lpr), "%u%c", &i, &c))) return -E_COMMAND_SYNTAX; if (ret > 1 && c == '-') backwards = 1; /* jmp backwards */ @@ -571,6 +680,7 @@ int com_ff(__a_unused struct rc4_context *rc4c, int argc, char * const * argv) ret = -E_NO_AUDIO_FILE; if (!mmd->afd.afhi.chunks_total || !mmd->afd.afhi.seconds_total) goto out; + ret = 1; promille = (1000 * mmd->current_chunk) / mmd->afd.afhi.chunks_total; if (backwards) promille -= 1000 * i / mmd->afd.afhi.seconds_total; @@ -578,7 +688,7 @@ int com_ff(__a_unused struct rc4_context *rc4c, int argc, char * const * argv) promille += 1000 * i / mmd->afd.afhi.seconds_total; if (promille < 0) promille = 0; - if (promille > 1000) { + if (promille > 1000) { mmd->new_vss_status_flags |= VSS_NEXT; goto out; } @@ -586,22 +696,25 @@ int com_ff(__a_unused struct rc4_context *rc4c, int argc, char * const * argv) mmd->new_vss_status_flags |= VSS_REPOS; mmd->new_vss_status_flags &= ~VSS_NEXT; mmd->events++; - ret = 1; out: mutex_unlock(mmd_mutex); return ret; } +EXPORT_SERVER_CMD_HANDLER(ff); -/* jmp */ -int com_jmp(__a_unused struct rc4_context *rc4c, int argc, char * const * argv) +static int com_jmp(struct command_context *cc, struct lls_parse_result *lpr) { long unsigned int i; int ret; + char *errctx; - if (argc != 2) - return -E_COMMAND_SYNTAX; - if (sscanf(argv[1], "%lu", &i) <= 0) - return -E_COMMAND_SYNTAX; + ret = lls(lls_check_arg_count(lpr, 1, 1, &errctx)); + if (ret < 0) { + send_errctx(cc, errctx); + return ret; + } + if (sscanf(lls_input(0, lpr), "%lu", &i) <= 0) + return -ERRNO_TO_PARA_ERROR(EINVAL); mutex_lock(mmd_mutex); ret = -E_NO_AUDIO_FILE; if (!mmd->afd.afhi.chunks_total) @@ -609,8 +722,8 @@ int com_jmp(__a_unused struct rc4_context *rc4c, int argc, char * const * argv) if (i > 100) i = 100; PARA_INFO_LOG("jumping to %lu%%\n", i); - mmd->repos_request = (mmd->afd.afhi.chunks_total * i + 50)/ 100; - PARA_INFO_LOG("sent: %lu, offset before jmp: %lu\n", + mmd->repos_request = (mmd->afd.afhi.chunks_total * i + 50) / 100; + PARA_INFO_LOG("sent: %lu, offset before jmp: %li\n", mmd->chunks_sent, mmd->offset); mmd->new_vss_status_flags |= VSS_REPOS; mmd->new_vss_status_flags &= ~VSS_NEXT; @@ -620,149 +733,185 @@ out: mutex_unlock(mmd_mutex); return ret; } +EXPORT_SERVER_CMD_HANDLER(jmp); -/* - * check if perms are sufficient to exec a command having perms cmd_perms. - * Returns 0 if perms are sufficient, -E_PERM otherwise. - */ -static int check_perms(unsigned int perms, struct server_command *cmd_ptr) +/* deprecated, does nothing */ +static int com_tasks(__a_unused struct command_context *cc, + __a_unused struct lls_parse_result *lpr) { - PARA_DEBUG_LOG("checking permissions\n"); - return (cmd_ptr->perms & perms) < cmd_ptr->perms ? -E_PERM : 0; + return 1; } +EXPORT_SERVER_CMD_HANDLER(tasks); -/* - * Parse first string from *cmd and lookup in table of valid commands. - * On error, NULL is returned. - */ -static struct server_command *parse_cmd(const char *cmdstr) +static void reset_signals(void) { - char buf[255]; - int n = 0; - - sscanf(cmdstr, "%200s%n", buf, &n); - if (!n) - return NULL; - buf[n] = '\0'; - return get_cmd_ptr(buf, NULL); + para_sigaction(SIGCHLD, SIG_IGN); + para_sigaction(SIGINT, SIG_DFL); + para_sigaction(SIGTERM, SIG_DFL); + para_sigaction(SIGHUP, SIG_DFL); } -static int read_command(struct rc4_context *rc4c, char **result) +struct connection_features { + int dummy; /* none at the moment */ +}; + +static int parse_auth_request(char *buf, int len, const struct user **u, + struct connection_features *cf) { int ret; - char buf[4096]; - char *command = NULL; - - for (;;) { - size_t numbytes; - char *p; - - ret = rc4_recv_buffer(rc4c, buf, sizeof(buf)); - if (ret < 0) - goto out; - if (!ret) - break; - numbytes = ret; - ret = -E_COMMAND_SYNTAX; - if (command && numbytes + strlen(command) > MAX_COMMAND_LEN) /* DOS */ - goto out; - command = para_strcat(command, buf); - p = strstr(command, EOC_MSG); - if (p) { - *p = '\0'; - break; + char *p, *username, **features = NULL; + size_t auth_rq_len = strlen(AUTH_REQUEST_MSG); + + *u = NULL; + memset(cf, 0, sizeof(*cf)); + if (len < auth_rq_len + 2) + return -E_AUTH_REQUEST; + if (strncmp(buf, AUTH_REQUEST_MSG, auth_rq_len) != 0) + return -E_AUTH_REQUEST; + username = buf + auth_rq_len; + p = strchr(username, ' '); + if (p) { + int i; + if (p == username) + return -E_AUTH_REQUEST; + *p = '\0'; + p++; + create_argv(p, ",", &features); + for (i = 0; features[i]; i++) { + if (strcmp(features[i], "sideband") == 0) + continue; + if (strcmp(features[i], "aes_ctr128") == 0) + continue; + else { + ret = -E_BAD_FEATURE; + goto out; + } } } - ret = command? 1 : -E_COMMAND_SYNTAX; + PARA_DEBUG_LOG("received auth request for user %s\n", username); + *u = user_list_lookup(username); + ret = 1; out: - if (ret < 0) - free(command); - else - *result = command; + free_argv(features); return ret; - } -static void reset_signals(void) +#define HANDSHAKE_BUFSIZE 4096 + +static int run_command(struct command_context *cc, struct iovec *iov) { - para_sigaction(SIGCHLD, SIG_IGN); - para_sigaction(SIGINT, SIG_DFL); - para_sigaction(SIGTERM, SIG_DFL); - para_sigaction(SIGHUP, SIG_DFL); + int ret, i, argc; + char *p, *end, **argv; + const struct lls_command *lcmd = NULL; + unsigned perms; + struct lls_parse_result *lpr; + char *errctx; + + if (iov->iov_base == NULL || iov->iov_len == 0) + return -ERRNO_TO_PARA_ERROR(EINVAL); + p = iov->iov_base; + p[iov->iov_len - 1] = '\0'; /* just to be sure */ + + ret = lls(lls_lookup_subcmd(p, server_cmd_suite, &errctx)); + if (ret < 0) { + send_errctx(cc, errctx); + return ret; + } + perms = server_command_perms[ret]; + if ((perms & cc->u->perms) != perms) + return -E_PERM; + lcmd = lls_cmd(ret, server_cmd_suite); + end = iov->iov_base + iov->iov_len; + for (i = 0; p < end; i++) + p += strlen(p) + 1; + argc = i; + argv = para_malloc((argc + 1) * sizeof(char *)); + for (i = 0, p = iov->iov_base; p < end; i++) { + argv[i] = para_strdup(p); + p += strlen(p) + 1; + } + argv[argc] = NULL; + PARA_NOTICE_LOG("calling com_%s() for user %s\n", + lls_command_name(lcmd), cc->u->name); + ret = lls(lls_parse(argc, argv, lcmd, &lpr, &errctx)); + if (ret >= 0) { + const struct server_cmd_user_data *ud = lls_user_data(lcmd); + ret = ud->handler(cc, lpr); + lls_free_parse_result(lpr, lcmd); + } else + send_errctx(cc, errctx); + free_argv(argv); + mutex_lock(mmd_mutex); + mmd->num_commands++; + if (ret >= 0 && (perms & AFS_WRITE)) + mmd->events++; + mutex_unlock(mmd_mutex); + return ret; } /** * Perform user authentication and execute a command. * * \param fd The file descriptor to send output to. - * \param peername Identifies the connecting peer. * - * Whenever para_server accepts an incoming tcp connection on - * the port it listens on, it forks and the resulting child - * calls this function. + * Whenever para_server accepts an incoming tcp connection on the port it + * listens on, it forks and the resulting child calls this function. * - * An RSA-based challenge/response is used to authenticate - * the peer. It that authentication succeeds, a random RC4 - * session key is generated and sent back to the peer, - * encrypted with its RSA public key. From this point on, - * all transfers are crypted with this session key. + * An RSA-based challenge/response is used to authenticate the peer. It that + * authentication succeeds, a random session key is generated and sent back to + * the peer, encrypted with its RSA public key. From this point on, all + * transfers are crypted with this session key. * - * Next it is checked if the peer supplied a valid server command or a command - * for the audio file selector. If yes, and if the user has sufficient + * Next it is checked if the peer supplied a valid server command or a command + * for the audio file selector. If yes, and if the user has sufficient * permissions to execute that command, the function calls the corresponding * command handler which does argument checking and further processing. * - * In order to cope with a DOS attacks, a timeout is set up - * which terminates the function if the connection was not - * authenticated when the timeout expires. + * In order to cope with DOS attacks, a timeout is set up which terminates + * the function if the connection was not authenticated when the timeout + * expires. + * + * \return Standard. * - * \sa alarm(2), rc4(3), crypt.c, crypt.h + * \sa alarm(2), \ref openssl.c, \ref crypt.h. */ -__noreturn void handle_connect(int fd, const char *peername) +int handle_connect(int fd) { - int ret, argc; - char buf[4096]; - unsigned char rand_buf[CHALLENGE_SIZE + 2 * RC4_KEY_LEN]; - unsigned char challenge_sha1[HASH_SIZE]; - struct user *u; - struct server_command *cmd = NULL; - char **argv = NULL; - char *p, *command = NULL; + int ret; + unsigned char rand_buf[APC_CHALLENGE_SIZE + 2 * SESSION_KEY_LEN]; + unsigned char challenge_hash[HASH_SIZE]; + char *command = NULL, *buf = para_malloc(HANDSHAKE_BUFSIZE) /* must be on the heap */; size_t numbytes; - struct rc4_context rc4c = {.fd = fd}; + struct command_context cc_struct = {.u = NULL}, *cc = &cc_struct; + struct iovec iov; + struct connection_features cf; + cc->scc.fd = fd; reset_signals(); /* we need a blocking fd here as recv() might return EAGAIN otherwise. */ ret = mark_fd_blocking(fd); if (ret < 0) - goto err_out; + goto net_err; /* send Welcome message */ - ret = send_va_buffer(fd, "This is para_server, version " - PACKAGE_VERSION ".\n" ); + ret = write_va_buffer(fd, "This is para_server, version " + PACKAGE_VERSION ".\n" + "Features: sideband,aes_ctr128\n" + ); if (ret < 0) - goto err_out; + goto net_err; /* recv auth request line */ - ret = recv_buffer(fd, buf, sizeof(buf)); + ret = recv_buffer(fd, buf, HANDSHAKE_BUFSIZE); if (ret < 0) - goto err_out; - if (ret < 10) { - ret = -E_AUTH_REQUEST; - goto err_out; - } - numbytes = ret; - ret = -E_AUTH_REQUEST; - if (strncmp(buf, AUTH_REQUEST_MSG, strlen(AUTH_REQUEST_MSG))) - goto err_out; - p = buf + strlen(AUTH_REQUEST_MSG); - PARA_DEBUG_LOG("received auth request for user %s\n", p); - ret = -E_BAD_USER; - u = lookup_user(p); - if (u) { + goto net_err; + ret = parse_auth_request(buf, ret, &cc->u, &cf); + if (ret < 0) + goto net_err; + if (cc->u) { get_random_bytes_or_die(rand_buf, sizeof(rand_buf)); - ret = para_encrypt_buffer(u->rsa, rand_buf, sizeof(rand_buf), + ret = apc_pub_encrypt(cc->u->pubkey, rand_buf, sizeof(rand_buf), (unsigned char *)buf); if (ret < 0) - goto err_out; + goto net_err; numbytes = ret; } else { /* @@ -773,77 +922,68 @@ __noreturn void handle_connect(int fd, const char *peername) numbytes = 256; get_random_bytes_or_die((unsigned char *)buf, numbytes); } - PARA_DEBUG_LOG("sending %u byte challenge + rc4 keys (%zu bytes)\n", - CHALLENGE_SIZE, numbytes); - ret = send_bin_buffer(fd, buf, numbytes); + PARA_DEBUG_LOG("sending %d byte challenge + session key (%zu bytes)\n", + APC_CHALLENGE_SIZE, numbytes); + ret = send_sb(&cc->scc, buf, numbytes, SBD_CHALLENGE, false); + buf = NULL; if (ret < 0) goto net_err; - /* recv challenge response */ - ret = recv_bin_buffer(fd, buf, HASH_SIZE); + ret = recv_sb(&cc->scc, SBD_CHALLENGE_RESPONSE, + HANDSHAKE_BUFSIZE, &iov); if (ret < 0) goto net_err; - numbytes = ret; - PARA_DEBUG_LOG("received %d bytes challenge response\n", ret); + buf = iov.iov_base; + numbytes = iov.iov_len; + PARA_DEBUG_LOG("received %zu bytes challenge response\n", numbytes); ret = -E_BAD_USER; - if (!u) + if (!cc->u) goto net_err; /* - * The correct response is the sha1 of the first CHALLENGE_SIZE bytes + * The correct response is the hash of the first APC_CHALLENGE_SIZE bytes * of the random data. */ ret = -E_BAD_AUTH; if (numbytes != HASH_SIZE) goto net_err; - sha1_hash((char *)rand_buf, CHALLENGE_SIZE, challenge_sha1); - if (memcmp(challenge_sha1, buf, HASH_SIZE)) + hash_function((char *)rand_buf, APC_CHALLENGE_SIZE, challenge_hash); + if (memcmp(challenge_hash, buf, HASH_SIZE)) goto net_err; /* auth successful */ alarm(0); - PARA_INFO_LOG("good auth for %s\n", u->name); - /* init rc4 keys with the second part of the random buffer */ - RC4_set_key(&rc4c.recv_key, RC4_KEY_LEN, rand_buf + CHALLENGE_SIZE); - RC4_set_key(&rc4c.send_key, RC4_KEY_LEN, rand_buf + CHALLENGE_SIZE - + RC4_KEY_LEN); - ret = rc4_send_buffer(&rc4c, PROCEED_MSG); + PARA_INFO_LOG("good auth for %s\n", cc->u->name); + /* init stream cipher keys with the second part of the random buffer */ + cc->scc.recv = sc_new(rand_buf + APC_CHALLENGE_SIZE, SESSION_KEY_LEN); + cc->scc.send = sc_new(rand_buf + APC_CHALLENGE_SIZE + SESSION_KEY_LEN, + SESSION_KEY_LEN); + ret = send_sb(&cc->scc, NULL, 0, SBD_PROCEED, false); if (ret < 0) goto net_err; - ret = read_command(&rc4c, &command); - if (ret == -E_COMMAND_SYNTAX) - goto err_out; + ret = recv_sb(&cc->scc, SBD_COMMAND, MAX_COMMAND_LEN, &iov); if (ret < 0) goto net_err; - ret = -E_BAD_CMD; - cmd = parse_cmd(command); - if (!cmd) - goto err_out; - /* valid command, check permissions */ - ret = check_perms(u->perms, cmd); - if (ret < 0) - goto err_out; - /* valid command and sufficient perms */ - ret = create_argv(command, "\n", &argv); + ret = run_command(cc, &iov); + free(iov.iov_base); if (ret < 0) goto err_out; - argc = ret; - PARA_NOTICE_LOG("calling com_%s() for %s@%s\n", cmd->name, u->name, - peername); - ret = cmd->handler(&rc4c, argc, argv); - free_argv(argv); - mutex_lock(mmd_mutex); - mmd->num_commands++; - mutex_unlock(mmd_mutex); if (ret >= 0) goto out; err_out: - rc4_send_va_buffer(&rc4c, "%s\n", para_strerror(-ret)); + if (send_strerror(cc, -ret) >= 0) + send_sb(&cc->scc, NULL, 0, SBD_EXIT__FAILURE, true); net_err: PARA_NOTICE_LOG("%s\n", para_strerror(-ret)); out: + free(buf); free(command); mutex_lock(mmd_mutex); - if (cmd && (cmd->perms & AFS_WRITE) && ret >= 0) - mmd->events++; mmd->active_connections--; mutex_unlock(mmd_mutex); - exit(ret < 0? EXIT_FAILURE : EXIT_SUCCESS); + if (ret >= 0) { + ret = send_sb(&cc->scc, NULL, 0, SBD_EXIT__SUCCESS, true); + if (ret < 0) + PARA_NOTICE_LOG("%s\n", para_strerror(-ret)); + } + sc_free(cc->scc.recv); + sc_free(cc->scc.send); + return ret; }