X-Git-Url: http://git.tuebingen.mpg.de/?a=blobdiff_plain;f=command.c;h=e3f12931fd9d17fe5489636919a14379d60d0969;hb=d440a71683940a58747de6dc32643db452d9cf54;hp=0a76f68ee03dfeadf2d48e0b5065594caecbfef0;hpb=d6a87acd98b9e451d488e31b92cdae7673c30ac6;p=paraslash.git diff --git a/command.c b/command.c index 0a76f68e..e3f12931 100644 --- a/command.c +++ b/command.c @@ -6,10 +6,7 @@ #include #include #include -#include -#include #include -#include #include #include @@ -22,7 +19,6 @@ #include "command.h" #include "string.h" #include "afh.h" -#include "afs.h" #include "net.h" #include "server.h" #include "list.h" @@ -554,7 +550,7 @@ out: } EXPORT_SERVER_CMD_HANDLER(stat); -const char *aux_info_cb(unsigned cmd_num, bool verbose) +static const char *aux_info_cb(unsigned cmd_num, bool verbose) { static char result[80]; unsigned perms = server_command_perms[cmd_num]; @@ -745,14 +741,6 @@ out: } EXPORT_SERVER_CMD_HANDLER(jmp); -/* deprecated, does nothing */ -static int com_tasks(__a_unused struct command_context *cc, - __a_unused struct lls_parse_result *lpr) -{ - return 1; -} -EXPORT_SERVER_CMD_HANDLER(tasks); - static void reset_signals(void) { para_sigaction(SIGCHLD, SIG_IGN); @@ -762,7 +750,7 @@ static void reset_signals(void) } struct connection_features { - int dummy; /* none at the moment */ + bool sha256_requested; /* can be removed after 0.7.0 */ }; static int parse_auth_request(char *buf, int len, const struct user **u, @@ -787,11 +775,22 @@ static int parse_auth_request(char *buf, int len, const struct user **u, *p = '\0'; p++; create_argv(p, ",", &features); + /* + * Still accept sideband and AES feature requests (as a no-op) + * because some 0.6.x clients request them. The two checks + * below may be removed after 0.7.1. + */ for (i = 0; features[i]; i++) { if (strcmp(features[i], "sideband") == 0) continue; if (strcmp(features[i], "aes_ctr128") == 0) continue; + /* + * ->sha256_requested can go away after 0.7.0 but the + * check has to stay until 0.9.0. + */ + if (strcmp(features[i], "sha256") == 0) + cf->sha256_requested = true; else { ret = -E_BAD_FEATURE; goto out; @@ -829,7 +828,7 @@ static int run_command(struct command_context *cc, struct iovec *iov) } perms = server_command_perms[ret]; if ((perms & cc->u->perms) != perms) - return -E_PERM; + return -ERRNO_TO_PARA_ERROR(EPERM); lcmd = lls_cmd(ret, server_cmd_suite); end = iov->iov_base + iov->iov_len; for (i = 0; p < end; i++) @@ -889,7 +888,7 @@ int handle_connect(int fd) { int ret; unsigned char rand_buf[APC_CHALLENGE_SIZE + 2 * SESSION_KEY_LEN]; - unsigned char challenge_hash[HASH_SIZE]; + unsigned char challenge_hash[HASH2_SIZE]; char *command = NULL, *buf = para_malloc(HANDSHAKE_BUFSIZE) /* must be on the heap */; size_t numbytes; struct command_context cc_struct = {.u = NULL}, *cc = &cc_struct; @@ -905,7 +904,7 @@ int handle_connect(int fd) /* send Welcome message */ ret = write_va_buffer(fd, "This is para_server, version " PACKAGE_VERSION ".\n" - "Features: sideband,aes_ctr128\n" + "Features: sha256\n" /* no longer announce this after 0.8.0 */ ); if (ret < 0) goto net_err; @@ -953,11 +952,19 @@ int handle_connect(int fd) * of the random data. */ ret = -E_BAD_AUTH; - if (numbytes != HASH_SIZE) - goto net_err; - hash_function((char *)rand_buf, APC_CHALLENGE_SIZE, challenge_hash); - if (memcmp(challenge_hash, buf, HASH_SIZE)) - goto net_err; + if (cf.sha256_requested) { + if (numbytes != HASH2_SIZE) + goto net_err; + hash2_function((char *)rand_buf, APC_CHALLENGE_SIZE, challenge_hash); + if (memcmp(challenge_hash, buf, HASH2_SIZE)) + goto net_err; + } else { /* old client. This can be removed after 0.7.0 */ + if (numbytes != HASH_SIZE) + goto net_err; + hash_function((char *)rand_buf, APC_CHALLENGE_SIZE, challenge_hash); + if (memcmp(challenge_hash, buf, HASH_SIZE)) + goto net_err; + } /* auth successful */ alarm(0); PARA_INFO_LOG("good auth for %s\n", cc->u->name);