Use sideband also for challenge response.
[paraslash.git] / client_common.c
1 /*
2 * Copyright (C) 1997-2012 Andre Noll <maan@systemlinux.org>
3 *
4 * Licensed under the GPL v2. For licencing details see COPYING.
5 */
6
7 /** \file client_common.c Common functions of para_client and para_audiod. */
8
9 #include <regex.h>
10 #include <sys/types.h>
11
12 #include "para.h"
13 #include "error.h"
14 #include "list.h"
15 #include "sched.h"
16 #include "client.cmdline.h"
17 #include "crypt.h"
18 #include "net.h"
19 #include "fd.h"
20 #include "sideband.h"
21 #include "string.h"
22 #include "client.cmdline.h"
23 #include "client.h"
24 #include "buffer_tree.h"
25 #include "version.h"
26
27 /** The size of the receiving buffer. */
28 #define CLIENT_BUFSIZE 4000
29
30 /**
31 * Close the connection to para_server and deallocate per-command ressources.
32 *
33 * \param ct The client task.
34 *
35 * This frees all ressources of the current command but keeps the configuration
36 * in \p ct->conf.
37 *
38 * \sa \ref client_close().
39 */
40 void client_disconnect(struct client_task *ct)
41 {
42 if (!ct)
43 return;
44 if (ct->scc.fd >= 0)
45 close(ct->scc.fd);
46 free_argv(ct->features);
47 sc_free(ct->scc.recv);
48 ct->scc.recv = NULL;
49 sc_free(ct->scc.send);
50 ct->scc.send = NULL;
51 btr_free_node(ct->btrn);
52 ct->btrn = NULL;
53 }
54
55 /**
56 * Close the connection to para_server and free all resources.
57 *
58 * \param ct Pointer to the client data.
59 *
60 * \sa \ref client_open(), \ref client_disconnect().
61 */
62 void client_close(struct client_task *ct)
63 {
64 if (!ct)
65 return;
66 client_disconnect(ct);
67 free(ct->user);
68 free(ct->config_file);
69 free(ct->key_file);
70 client_cmdline_parser_free(&ct->conf);
71 free(ct->challenge_hash);
72 sb_free(ct->sbc);
73 free(ct);
74 }
75
76 /**
77 * The preselect hook for server commands.
78 *
79 * \param s Pointer to the scheduler.
80 * \param t Pointer to the task struct for this command.
81 *
82 * The task pointer must contain a pointer to the initialized client data
83 * structure as it is returned by client_open().
84 *
85 * This function checks the state of the connection and adds the file descriptor
86 * of the connection to the read or write fd set of \a s accordingly.
87 *
88 * \sa register_task() client_open(), struct sched, struct task.
89 */
90 static void client_pre_select(struct sched *s, struct task *t)
91 {
92 int ret;
93 struct client_task *ct = container_of(t, struct client_task, task);
94 struct btr_node *btrn = ct->btrn;
95
96 if (ct->scc.fd < 0)
97 return;
98 switch (ct->status) {
99 case CL_CONNECTED:
100 case CL_SENT_AUTH:
101 case CL_SENT_CH_RESPONSE:
102 case CL_SENT_COMMAND:
103 para_fd_set(ct->scc.fd, &s->rfds, &s->max_fileno);
104 return;
105
106 case CL_RECEIVED_WELCOME:
107 case CL_RECEIVED_PROCEED:
108 case CL_RECEIVED_CHALLENGE:
109 para_fd_set(ct->scc.fd, &s->wfds, &s->max_fileno);
110 return;
111
112 case CL_RECEIVING:
113 ret = btr_node_status(btrn, 0, BTR_NT_ROOT);
114 if (ret != 0) {
115 if (ret < 0)
116 sched_min_delay(s);
117 else
118 para_fd_set(ct->scc.fd, &s->rfds,
119 &s->max_fileno);
120 }
121 return;
122 case CL_SENDING:
123 ret = btr_node_status(btrn, 0, BTR_NT_LEAF);
124 if (ret != 0) {
125 if (ret < 0)
126 sched_min_delay(s);
127 else
128 para_fd_set(ct->scc.fd, &s->wfds,
129 &s->max_fileno);
130 }
131 return;
132 }
133 }
134
135 static int client_recv_buffer(struct client_task *ct, fd_set *rfds,
136 char *buf, size_t sz, size_t *n)
137 {
138 int ret;
139
140 if (ct->status < CL_SENT_CH_RESPONSE)
141 return read_nonblock(ct->scc.fd, buf, sz, rfds, n);
142
143 *n = 0;
144 ret = sc_recv_buffer(&ct->scc, buf, sz);
145 /*
146 * sc_recv_buffer is used with blocking fds elsewhere, so it
147 * does not use the nonblock-API. Therefore we need to
148 * check for EOF and EAGAIN.
149 */
150 if (ret == 0)
151 return -E_SERVER_EOF;
152 if (ret == -ERRNO_TO_PARA_ERROR(EAGAIN))
153 return 0;
154 if (ret < 0)
155 return ret;
156 *n = ret;
157 return 0;
158 }
159
160 static int send_sb(struct client_task *ct, void *buf, size_t numbytes,
161 enum sb_designator band, bool dont_free)
162 {
163 int ret, fd = ct->scc.fd;
164 struct iovec iov[2];
165
166 if (!ct->sbc) {
167 struct sb_buffer sbb;
168 sb_transformation trafo = ct->status < CL_RECEIVED_PROCEED?
169 NULL : sc_trafo;
170 sbb = (typeof(sbb))SBB_INIT(band, buf, numbytes);
171 ct->sbc = sb_new_send(&sbb, dont_free, trafo, ct->scc.send);
172 }
173 ret = sb_get_send_buffers(ct->sbc, iov);
174 ret = xwritev(fd, iov, ret);
175 if (ret < 0) {
176 sb_free(ct->sbc);
177 ct->sbc = NULL;
178 return ret;
179 }
180 if (sb_sent(ct->sbc, ret)) {
181 ct->sbc = NULL;
182 return 1;
183 }
184 return 0;
185 }
186
187 static int recv_sb(struct client_task *ct, fd_set *rfds,
188 struct sb_buffer *result)
189 {
190 int ret;
191 size_t n;
192 sb_transformation trafo;
193 void *trafo_context;
194 struct iovec iov;
195
196 if (!FD_ISSET(ct->scc.fd, rfds))
197 return 0;
198 if (ct->status < CL_SENT_CH_RESPONSE)
199 trafo = trafo_context = NULL;
200 else {
201 trafo = sc_trafo;
202 trafo_context = ct->scc.recv;
203 }
204 if (!ct->sbc)
205 ct->sbc = sb_new_recv(0, trafo, trafo_context);
206 again:
207 sb_get_recv_buffer(ct->sbc, &iov);
208 ret = read_nonblock(ct->scc.fd, iov.iov_base, iov.iov_len, rfds, &n);
209 if (ret < 0) {
210 sb_free(ct->sbc);
211 ct->sbc = NULL;
212 return ret;
213 }
214 if (n == 0)
215 return 0;
216 if (!sb_received(ct->sbc, n, result))
217 goto again;
218 ct->sbc = NULL;
219 return 1;
220 }
221
222
223 static char **parse_features(char *buf)
224 {
225 int i;
226 const char id[] = "\nFeatures: ";
227 char *p, *q, **features;
228
229 p = strstr(buf, id);
230 if (!p)
231 return NULL;
232 p += strlen(id);
233 q = strchr(p, '\n');
234 if (!q)
235 return NULL;
236 *q = '\0';
237 create_argv(p, ",", &features);
238 for (i = 0; features[i]; i++)
239 PARA_INFO_LOG("server feature: %s\n", features[i]);
240 return features;
241 }
242
243 static bool has_feature(const char *feature, struct client_task *ct)
244 {
245 return find_arg(feature, ct->features) >= 0? true : false;
246 }
247
248 /**
249 * The post select hook for client commands.
250 *
251 * \param s Pointer to the scheduler.
252 * \param t Pointer to the task struct for this command.
253 *
254 * Depending on the current state of the connection and the status of the read
255 * and write fd sets of \a s, this function performs the necessary steps to
256 * authenticate the connection, to send the command given by \a t->private_data
257 * and to receive para_server's output, if any.
258 *
259 * \sa struct sched, struct task.
260 */
261 static void client_post_select(struct sched *s, struct task *t)
262 {
263 struct client_task *ct = container_of(t, struct client_task, task);
264 struct btr_node *btrn = ct->btrn;
265 int ret = 0;
266 size_t n;
267 char buf[CLIENT_BUFSIZE];
268
269 t->error = 0;
270 if (ct->scc.fd < 0)
271 return;
272 switch (ct->status) {
273 case CL_CONNECTED: /* receive welcome message */
274 ret = client_recv_buffer(ct, &s->rfds, buf, sizeof(buf), &n);
275 if (ret < 0 || n == 0)
276 goto out;
277 ct->features = parse_features(buf);
278 ct->status = CL_RECEIVED_WELCOME;
279 return;
280 case CL_RECEIVED_WELCOME: /* send auth command */
281 if (!FD_ISSET(ct->scc.fd, &s->wfds))
282 return;
283 if (has_feature("sideband", ct)) {
284 ct->use_sideband = true;
285 sprintf(buf, AUTH_REQUEST_MSG "%s sideband", ct->user);
286 } else
287 sprintf(buf, AUTH_REQUEST_MSG "%s", ct->user);
288 PARA_INFO_LOG("--> %s\n", buf);
289 ret = write_buffer(ct->scc.fd, buf);
290 if (ret < 0)
291 goto out;
292 ct->status = CL_SENT_AUTH;
293 return;
294 case CL_SENT_AUTH:
295 /*
296 * Receive challenge and session keys, decrypt the challenge and
297 * send back the hash of the decrypted challenge.
298 */
299 {
300 /* decrypted challenge/session key buffer */
301 unsigned char crypt_buf[1024];
302 /* the SHA1 of the decrypted challenge */
303
304 if (ct->use_sideband) {
305 struct sb_buffer sbb;
306 ret = recv_sb(ct, &s->rfds, &sbb);
307 if (ret <= 0)
308 goto out;
309 if (sbb.band != SBD_CHALLENGE) {
310 ret = -E_BAD_BAND;
311 free(sbb.iov.iov_base);
312 goto out;
313 }
314 n = sbb.iov.iov_len;
315 PARA_INFO_LOG("<-- [challenge] (%zu bytes)\n", n);
316 ret = priv_decrypt(ct->key_file, crypt_buf,
317 sbb.iov.iov_base, n);
318 free(sbb.iov.iov_base);
319 if (ret < 0)
320 goto out;
321 } else {
322 ret = client_recv_buffer(ct, &s->rfds, buf, sizeof(buf), &n);
323 if (ret < 0 || n == 0)
324 goto out;
325 PARA_INFO_LOG("<-- [challenge] (%zu bytes)\n", n);
326 ret = priv_decrypt(ct->key_file, crypt_buf,
327 (unsigned char *)buf, n);
328 if (ret < 0)
329 goto out;
330 }
331 ct->challenge_hash = para_malloc(HASH_SIZE);
332 hash_function((char *)crypt_buf, CHALLENGE_SIZE, ct->challenge_hash);
333 ct->scc.send = sc_new(crypt_buf + CHALLENGE_SIZE, SESSION_KEY_LEN);
334 ct->scc.recv = sc_new(crypt_buf + CHALLENGE_SIZE + SESSION_KEY_LEN,
335 SESSION_KEY_LEN);
336 hash_to_asc(ct->challenge_hash, buf);
337 PARA_INFO_LOG("--> %s\n", buf);
338 ct->status = CL_RECEIVED_CHALLENGE;
339 return;
340 }
341 case CL_RECEIVED_CHALLENGE:
342 if (ct->use_sideband) {
343 ret = send_sb(ct, ct->challenge_hash, HASH_SIZE,
344 SBD_CHALLENGE_RESPONSE, false);
345 if (ret != 0)
346 ct->challenge_hash = NULL;
347 if (ret <= 0)
348 goto out;
349 } else {
350 ret = write_all(ct->scc.fd, (char *)ct->challenge_hash, HASH_SIZE);
351 if (ret < 0)
352 goto out;
353 }
354 ct->status = CL_SENT_CH_RESPONSE;
355 goto out;
356 case CL_SENT_CH_RESPONSE: /* read server response */
357 {
358 ret = client_recv_buffer(ct, &s->rfds, buf, sizeof(buf), &n);
359 if (ret < 0 || n == 0)
360 goto out;
361 /* check if server has sent "Proceed" message */
362 ret = -E_CLIENT_AUTH;
363 if (n < PROCEED_MSG_LEN)
364 goto out;
365 if (!strstr(buf, PROCEED_MSG))
366 goto out;
367 ct->status = CL_RECEIVED_PROCEED;
368 return;
369 }
370 case CL_RECEIVED_PROCEED: /* concat args and send command */
371 {
372 int i;
373 char *command = NULL;
374 if (!FD_ISSET(ct->scc.fd, &s->wfds))
375 return;
376 for (i = 0; i < ct->conf.inputs_num; i++) {
377 char *tmp = command;
378 command = make_message("%s\n%s", command?
379 command : "", ct->conf.inputs[i]);
380 free(tmp);
381 }
382 command = para_strcat(command, EOC_MSG "\n");
383 PARA_DEBUG_LOG("--> %s\n", command);
384 ret = sc_send_buffer(&ct->scc, command);
385 free(command);
386 if (ret < 0)
387 goto out;
388 ct->status = CL_SENT_COMMAND;
389 return;
390 }
391 case CL_SENT_COMMAND:
392 {
393 char *buf2;
394 /* can not use "buf" here because we need a malloced buffer */
395 buf2 = para_malloc(CLIENT_BUFSIZE);
396 ret = client_recv_buffer(ct, &s->rfds, buf2, CLIENT_BUFSIZE, &n);
397 if (n > 0) {
398 if (strstr(buf2, AWAITING_DATA_MSG)) {
399 free(buf2);
400 ct->status = CL_SENDING;
401 return;
402 }
403 ct->status = CL_RECEIVING;
404 btr_add_output(buf2, n, btrn);
405 } else
406 free(buf2);
407 goto out;
408 }
409 case CL_SENDING:
410 {
411 char *buf2;
412 size_t sz;
413 ret = btr_node_status(btrn, 0, BTR_NT_LEAF);
414 if (ret < 0)
415 goto out;
416 if (ret == 0)
417 return;
418 if (!FD_ISSET(ct->scc.fd, &s->wfds))
419 return;
420 sz = btr_next_buffer(btrn, &buf2);
421 ret = sc_send_bin_buffer(&ct->scc, buf2, sz);
422 if (ret < 0)
423 goto out;
424 btr_consume(btrn, sz);
425 return;
426 }
427 case CL_RECEIVING:
428 {
429 char *buf2;
430 ret = btr_node_status(btrn, 0, BTR_NT_ROOT);
431 if (ret < 0)
432 goto out;
433 if (ret == 0)
434 return;
435 /*
436 * The FD_ISSET() is not strictly necessary, but is allows us
437 * to skip the malloc below if there is nothing to read anyway.
438 */
439 if (!FD_ISSET(ct->scc.fd, &s->rfds))
440 return;
441 buf2 = para_malloc(CLIENT_BUFSIZE);
442 ret = client_recv_buffer(ct, &s->rfds, buf2, CLIENT_BUFSIZE, &n);
443 if (n > 0) {
444 buf2 = para_realloc(buf2, n);
445 btr_add_output(buf2, n, btrn);
446 } else
447 free(buf2);
448 goto out;
449 }
450 }
451 out:
452 t->error = ret;
453 if (ret < 0) {
454 if (ret != -E_SERVER_EOF && ret != -E_BTR_EOF && ret != -E_EOF)
455 PARA_ERROR_LOG("%s\n", para_strerror(-t->error));
456 btr_remove_node(btrn);
457 }
458 }
459
460 /**
461 * Connect to para_server and register the client task.
462 *
463 * \param ct The initialized client task structure.
464 * \param s The scheduler instance to register the client task to.
465 * \param parent The parent node of the client btr node.
466 * \param child The child node of the client node.
467 *
468 * The client task structure given by \a ct must be allocated and initialized
469 * by \ref client_parse_config() before this function is called.
470 *
471 * \return Standard.
472 */
473 int client_connect(struct client_task *ct, struct sched *s,
474 struct btr_node *parent, struct btr_node *child)
475 {
476 int ret;
477
478 PARA_NOTICE_LOG("connecting %s:%d\n", ct->conf.hostname_arg,
479 ct->conf.server_port_arg);
480 ct->scc.fd = -1;
481 ret = para_connect_simple(IPPROTO_TCP, ct->conf.hostname_arg,
482 ct->conf.server_port_arg);
483 if (ret < 0)
484 return ret;
485 ct->scc.fd = ret;
486 ret = mark_fd_nonblocking(ct->scc.fd);
487 if (ret < 0)
488 goto err_out;
489 ct->status = CL_CONNECTED;
490 ct->btrn = btr_new_node(&(struct btr_node_description)
491 EMBRACE(.name = "client", .parent = parent, .child = child));
492 ct->task.pre_select = client_pre_select;
493 ct->task.post_select = client_post_select;
494 ct->task.error = 0;
495 sprintf(ct->task.status, "client");
496 register_task(s, &ct->task);
497 return 1;
498 err_out:
499 close(ct->scc.fd);
500 ct->scc.fd = -1;
501 return ret;
502 }
503
504 /**
505 * Parse a client configuration.
506 *
507 * \param argc Usual argument count.
508 * \param argv Usual argument vector.
509 * \param ct_ptr Filled in by this function.
510 * \param loglevel If not \p NULL, the number of the loglevel is stored here.
511 *
512 * This checks the command line options given by \a argc and \a argv, sets
513 * default values for the user name and the name of the rsa key file and reads
514 * further options from the config file.
515 *
516 * Upon successful return, \a ct_ptr points to a dynamically allocated and
517 * initialized client task struct.
518 *
519 * \return The number of non-option arguments in \a argc/argv on success,
520 * negative on errors.
521 */
522 int client_parse_config(int argc, char *argv[], struct client_task **ct_ptr,
523 int *loglevel)
524 {
525 char *home = para_homedir();
526 int ret;
527 struct client_task *ct = para_calloc(sizeof(struct client_task));
528
529 *ct_ptr = ct;
530 ct->scc.fd = -1;
531 ret = -E_CLIENT_SYNTAX;
532 if (client_cmdline_parser(argc, argv, &ct->conf))
533 goto out;
534 HANDLE_VERSION_FLAG("client", ct->conf);
535
536 ct->config_file = ct->conf.config_file_given?
537 para_strdup(ct->conf.config_file_arg) :
538 make_message("%s/.paraslash/client.conf", home);
539 ret = file_exists(ct->config_file);
540 if (!ret && ct->conf.config_file_given) {
541 ret = -E_NO_CONFIG;
542 goto out;
543 }
544 if (ret) {
545 struct client_cmdline_parser_params params = {
546 .override = 0,
547 .initialize = 0,
548 .check_required = 0,
549 .check_ambiguity = 0,
550 .print_errors = 0
551 };
552 ret = -E_BAD_CONFIG;
553 if (client_cmdline_parser_config_file(ct->config_file,
554 &ct->conf, &params))
555 goto out;
556 }
557 ct->user = ct->conf.user_given?
558 para_strdup(ct->conf.user_arg) : para_logname();
559
560 if (ct->conf.key_file_given)
561 ct->key_file = para_strdup(ct->conf.key_file_arg);
562 else {
563 ct->key_file = make_message("%s/.paraslash/key.%s",
564 home, ct->user);
565 if (!file_exists(ct->key_file)) {
566 free(ct->key_file);
567 ct->key_file = make_message("%s/.ssh/id_rsa", home);
568 }
569 }
570
571 if (loglevel)
572 *loglevel = get_loglevel_by_name(ct->conf.loglevel_arg);
573 PARA_INFO_LOG("loglevel: %s\n", ct->conf.loglevel_arg);
574 PARA_INFO_LOG("config_file: %s\n", ct->config_file);
575 PARA_INFO_LOG("key_file: %s\n", ct->key_file);
576 ret = ct->conf.inputs_num;
577 out:
578 free(home);
579 if (ret < 0) {
580 PARA_ERROR_LOG("%s\n", para_strerror(-ret));
581 client_close(ct);
582 *ct_ptr = NULL;
583 }
584 return ret;
585 }
586
587 /**
588 * Parse the client configuration and open a connection to para_server.
589 *
590 * \param argc See \ref client_parse_config.
591 * \param argv See \ref client_parse_config.
592 * \param ct_ptr See \ref client_parse_config.
593 * \param loglevel See \ref client_parse_config.
594 * \param parent See \ref client_connect().
595 * \param child See \ref client_connect().
596 * \param sched See \ref client_connect().
597 *
598 * This function combines client_parse_config() and client_connect(). It is
599 * considered a syntax error if no command was given, i.e. if the number
600 * of non-option arguments is zero.
601 *
602 * \return Standard.
603 */
604 int client_open(int argc, char *argv[], struct client_task **ct_ptr,
605 int *loglevel, struct btr_node *parent, struct btr_node *child,
606 struct sched *sched)
607 {
608 int ret = client_parse_config(argc, argv, ct_ptr, loglevel);
609
610 if (ret < 0)
611 return ret;
612 if (ret == 0) {
613 ret = -E_CLIENT_SYNTAX;
614 goto fail;
615 }
616 ret = client_connect(*ct_ptr, sched, parent, child);
617 if (ret < 0)
618 goto fail;
619 return 1;
620 fail:
621 client_close(*ct_ptr);
622 *ct_ptr = NULL;
623 return ret;
624 }