X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=command.c;h=2bd101919eafa22136926ff244d12d13866fabac;hp=93e664e67fdf336df179277b2c7e1e667818ac27;hb=c4ecbd8f75be7847f7332dd64f11a0ba54233891;hpb=d431f957ebaeecc20685ac49a8c96e56cdef43f6 diff --git a/command.c b/command.c index 93e664e6..2bd10191 100644 --- a/command.c +++ b/command.c @@ -20,7 +20,7 @@ #include /* gettimeofday */ #include "server.cmdline.h" -#include "db.h" +#include "afs.h" #include "server.h" #include "vss.h" #include "send.h" @@ -34,6 +34,9 @@ #include "user_list.h" #include "server_command_list.h" +/** commands including options must be shorter than this */ +#define MAX_COMMAND_LEN 4096 + static RC4_KEY rc4_recv_key; static RC4_KEY rc4_send_key; static unsigned char rc4_buf[2 * RC4_KEY_LEN]; @@ -42,8 +45,6 @@ extern const char *status_item_list[NUM_STAT_ITEMS]; extern struct misc_meta_data *mmd; extern struct audio_file_selector selectors[]; extern struct sender senders[]; -extern char *user_list; -struct sockaddr_in *in_addr; static void dummy(__a_unused int s) {} @@ -72,12 +73,12 @@ static char *vss_status_tohuman(unsigned int flags) /* * return human readable permission string. Never returns NULL. */ -char *cmd_perms_itohuman(unsigned int perms) +static char *cmd_perms_itohuman(unsigned int perms) { char *msg = para_malloc(5 * sizeof(char)); - msg[0] = perms & DB_READ? 'a' : '-'; - msg[1] = perms & DB_WRITE? 'A' : '-'; + msg[0] = perms & AFS_READ? 'a' : '-'; + msg[1] = perms & AFS_WRITE? 'A' : '-'; msg[2] = perms & VSS_READ? 'v' : '-'; msg[3] = perms & VSS_WRITE? 'V' : '-'; msg[4] = '\0'; @@ -102,7 +103,7 @@ static char *vss_get_status_flags(unsigned int flags) /* * compute status bar string. Never returns NULL */ -char *get_sb_string(struct misc_meta_data *nmmd) +static char *get_sb_string(struct misc_meta_data *nmmd) { char *base, *ret; long long unsigned secs = 0, rsecs = 0, percent = 0; @@ -112,14 +113,14 @@ char *get_sb_string(struct misc_meta_data *nmmd) return para_strdup(""); if (!base[0]) return base; - if (nmmd->chunks_total) { - secs = (long long) nmmd->seconds_total * nmmd->chunks_sent - / nmmd->chunks_total; - rsecs = (long long) nmmd->seconds_total * - (nmmd->chunks_total - nmmd->chunks_sent) - / nmmd->chunks_total; + if (nmmd->afi.chunks_total) { + secs = (long long) nmmd->afi.seconds_total * nmmd->chunks_sent + / nmmd->afi.chunks_total; + rsecs = (long long) nmmd->afi.seconds_total * + (nmmd->afi.chunks_total - nmmd->chunks_sent) + / nmmd->afi.chunks_total; percent = 100 * ((nmmd->chunks_sent + 5) / 10) - / ((nmmd->chunks_total + 5) / 10); + / ((nmmd->afi.chunks_total + 5) / 10); } ret = make_message("%llu:%02llu [%llu:%02llu] (%llu%%) %s", secs / 60, secs % 60, @@ -150,13 +151,13 @@ static char *get_status(struct misc_meta_data *nmmd) bar = para_basename(nmmd->filename); gettimeofday(&now, NULL); ret = make_message( - "%s:%lu\n" "%s:%s\n" "%s:%i\n" "%s:%u\n" + "%s:%zu\n" "%s:%s\n" "%s:%lu\n" "%s:%u\n" "%s:%s\n" "%s:%s\n" "%s:%s\n" "%s:%s\n" "%s:%li\n" "%s:%s\n" "%s" "%s" "%s:%s\n" "%s:%lu.%lu\n" "%s:%lu.%lu\n", status_item_list[SI_FILE_SIZE], nmmd->size / 1024, status_item_list[SI_MTIME], mtime, - status_item_list[SI_LENGTH], nmmd->seconds_total, + status_item_list[SI_LENGTH], nmmd->afi.seconds_total, status_item_list[SI_NUM_PLAYED], nmmd->num_played, status_item_list[SI_STATUS_BAR], bar ? bar : "(none)", @@ -167,7 +168,7 @@ static char *get_status(struct misc_meta_data *nmmd) status_item_list[SI_OFFSET], offset, status_item_list[SI_FORMAT], audio_format_name(nmmd->audio_format), nmmd->selector_info, - nmmd->audio_file_info, + nmmd->afi.info_string, status_item_list[SI_UPTIME], ut, status_item_list[SI_STREAM_START], @@ -342,20 +343,18 @@ int com_si(int fd, int argc, __a_unused char **argv) } /* version */ -int com_version(int socket_fd, int argc, __a_unused char **argv) +int com_version(int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; - return send_buffer(socket_fd, "para_server-" PACKAGE_VERSION ", \"" - CODENAME "\"\n" - COPYRIGHT "\n" - "built: " BUILD_DATE "\n" - SYSTEM ", " CC_VERSION "\n" - ); + return send_buffer(fd, VERSION_TEXT("server") + "built: " BUILD_DATE "\n" + SYSTEM ", " CC_VERSION "\n" + ); } /* sc */ -int com_sc(int socket_fd, int argc, char **argv) +int com_sc(int fd, int argc, char **argv) { char *name = NULL; int ret, old = 0, count = -1; /* print af change forever */ @@ -370,7 +369,7 @@ repeat: } mmd_unlock(); if (name) { - ret = send_va_buffer(socket_fd, "%s\n", name); + ret = send_va_buffer(fd, "%s\n", name); free(name); name = NULL; if (ret < 0) @@ -383,7 +382,7 @@ repeat: } /* sb */ -int com_sb(int socket_fd, int argc, char **argv) +int com_sb(int fd, int argc, char **argv) { char *sb; int ret, nr = -1; /* status bar will be printed that many @@ -396,7 +395,7 @@ int com_sb(int socket_fd, int argc, char **argv) mmd_lock(); sb = get_sb_string(mmd); mmd_unlock(); - ret = send_va_buffer(socket_fd, "%s\n", sb); + ret = send_va_buffer(fd, "%s\n", sb); free(sb); if (ret < 0) return ret; @@ -410,7 +409,7 @@ int com_sb(int socket_fd, int argc, char **argv) } /* stat */ -int com_stat(int socket_fd, int argc, char **argv) +int com_stat(int fd, int argc, char **argv) { int ret, num = 0;/* status will be printed that many * times. num <= 0 means: print forever @@ -426,7 +425,7 @@ int com_stat(int socket_fd, int argc, char **argv) mmd_dup(nmmd); s = get_status(nmmd); - ret = send_buffer(socket_fd, s); + ret = send_buffer(fd, s); free(s); if (ret < 0) goto out; @@ -519,7 +518,7 @@ int com_help(int fd, int argc, char **argv) cmd->description, handler, perms, - cmd->synopsis, + cmd->usage, cmd->help ); free(perms); @@ -528,7 +527,7 @@ int com_help(int fd, int argc, char **argv) } /* hup */ -int com_hup(__a_unused int socket_fd, int argc, __a_unused char **argv) +int com_hup(__a_unused int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; @@ -537,7 +536,7 @@ int com_hup(__a_unused int socket_fd, int argc, __a_unused char **argv) } /* term */ -int com_term(__a_unused int socket_fd, int argc, __a_unused char **argv) +int com_term(__a_unused int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; @@ -545,7 +544,7 @@ int com_term(__a_unused int socket_fd, int argc, __a_unused char **argv) return 1; } -int com_play(__a_unused int socket_fd, int argc, __a_unused char **argv) +int com_play(__a_unused int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; @@ -558,7 +557,7 @@ int com_play(__a_unused int socket_fd, int argc, __a_unused char **argv) } /* stop */ -int com_stop(__a_unused int socket_fd, int argc, __a_unused char **argv) +int com_stop(__a_unused int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; @@ -571,7 +570,7 @@ int com_stop(__a_unused int socket_fd, int argc, __a_unused char **argv) } /* pause */ -int com_pause(__a_unused int socket_fd, int argc, __a_unused char **argv) +int com_pause(__a_unused int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; @@ -610,7 +609,7 @@ int com_chs(int fd, int argc, char **argv) } /* next */ -int com_next(__a_unused int socket_fd, int argc, __a_unused char **argv) +int com_next(__a_unused int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; @@ -622,7 +621,7 @@ int com_next(__a_unused int socket_fd, int argc, __a_unused char **argv) } /* nomore */ -int com_nomore(__a_unused int socket_fd, int argc, __a_unused char **argv) +int com_nomore(__a_unused int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; @@ -634,7 +633,7 @@ int com_nomore(__a_unused int socket_fd, int argc, __a_unused char **argv) } /* ff */ -int com_ff(__a_unused int socket_fd, int argc, char **argv) +int com_ff(__a_unused int fd, int argc, char **argv) { long promille; int ret, backwards = 0; @@ -649,20 +648,20 @@ int com_ff(__a_unused int socket_fd, int argc, char **argv) backwards = 1; /* jmp backwards */ mmd_lock(); ret = -E_NO_AUDIO_FILE; - if (!mmd->chunks_total || !mmd->seconds_total) + if (!mmd->afi.chunks_total || !mmd->afi.seconds_total) goto out; - promille = (1000 * mmd->current_chunk) / mmd->chunks_total; + promille = (1000 * mmd->current_chunk) / mmd->afi.chunks_total; if (backwards) - promille -= 1000 * i / mmd->seconds_total; + promille -= 1000 * i / mmd->afi.seconds_total; else - promille += 1000 * i / mmd->seconds_total; + promille += 1000 * i / mmd->afi.seconds_total; if (promille < 0) promille = 0; if (promille > 1000) { mmd->new_vss_status_flags |= VSS_NEXT; goto out; } - mmd->repos_request = (mmd->chunks_total * promille) / 1000; + mmd->repos_request = (mmd->afi.chunks_total * promille) / 1000; mmd->new_vss_status_flags |= VSS_REPOS; mmd->new_vss_status_flags &= ~VSS_NEXT; mmd->events++; @@ -673,7 +672,7 @@ out: } /* jmp */ -int com_jmp(__a_unused int socket_fd, int argc, char **argv) +int com_jmp(__a_unused int fd, int argc, char **argv) { long unsigned int i; int ret; @@ -684,12 +683,12 @@ int com_jmp(__a_unused int socket_fd, int argc, char **argv) return -E_COMMAND_SYNTAX; mmd_lock(); ret = -E_NO_AUDIO_FILE; - if (!mmd->chunks_total) + if (!mmd->afi.chunks_total) goto out; if (i > 100) i = 100; PARA_INFO_LOG("jumping to %lu%%\n", i); - mmd->repos_request = (mmd->chunks_total * i + 50)/ 100; + mmd->repos_request = (mmd->afi.chunks_total * i + 50)/ 100; PARA_INFO_LOG("sent: %lu, offset before jmp: %lu\n", mmd->chunks_sent, mmd->offset); mmd->new_vss_status_flags |= VSS_REPOS; @@ -727,7 +726,7 @@ static struct server_command *parse_cmd(const char *cmdstr) return get_cmd_ptr(buf, NULL); } -long int para_rand(long unsigned max) +static long int para_rand(long unsigned max) { return (long int) ((max + 0.0) * (random() / (RAND_MAX + 1.0))); } @@ -757,16 +756,84 @@ static void rc4_send(unsigned long len, const unsigned char *indata, RC4(&rc4_send_key, len, indata, outdata); } +static int read_command(int fd, char **result) +{ + int ret; + char buf[4096]; + char *command = NULL; + + for (;;) { + size_t numbytes; + char *p; + + ret = recv_buffer(fd, buf, sizeof(buf)); + if (ret < 0) + goto out; + if (!ret) + break; + numbytes = ret; + ret = -E_COMMAND_SYNTAX; + if (command && numbytes + strlen(command) > MAX_COMMAND_LEN) /* DOS */ + goto out; + command = para_strcat(command, buf); + p = strstr(command, EOC_MSG); + if (p) { + *p = '\0'; + break; + } + } + ret = command? 1 : -E_COMMAND_SYNTAX; +out: + if (ret < 0) + free(command); + else + *result = command; + return ret; + +} + +/** + * perform user authentication and execute a command + * + * \param fd the file descriptor to send output to + * \param addr socket address info of peer + * + * \return EXIT_SUCCESS or EXIT_FAILURE + * + * Whenever para_server accepts an incoming tcp connection on + * the port it listens on, it forks and the resulting child + * calls this function. + * + * An RSA-based challenge/response is used to authenticate + * the peer. It that authentication succeeds, a random RC4 + * session key is generated and sent back to the peer, + * encrypted with its RSA public key. From this point on, + * all transfers are crypted with this session key. + * + * Next it is checked if the peer supplied a valid server + * command or a command for the audio file selector currently + * in use. If yes, and if the user has sufficient + * permissions to execute that command, the function calls + * the corresponding command handler which does argument + * checking and further processing. + * + * In order to cope with a DOS attacks, a timeout is set up + * which terminates the function if the connection was not + * authenticated when the timeout expires. + * + * \sa alarm(2), rc4(3), crypt.c, crypt.h + */ int handle_connect(int fd, struct sockaddr_in *addr) { - int numbytes, ret, argc, use_rc4 = 0; - char buf[STRINGSIZE]; + int ret, argc, use_rc4 = 0; + char buf[4096]; unsigned char crypt_buf[MAXLINE]; - struct user u; + struct user *u; struct server_command *cmd = NULL; long unsigned challenge_nr, chall_response; char **argv = NULL; char *p, *command = NULL; + size_t numbytes; signal(SIGCHLD, SIG_IGN); signal(SIGINT, SIG_DFL); @@ -774,7 +841,6 @@ int handle_connect(int fd, struct sockaddr_in *addr) signal(SIGHUP, SIG_DFL); signal(SIGUSR1, SIG_IGN); - in_addr = addr; challenge_nr = random(); /* send Welcome message */ ret = send_va_buffer(fd, "This is para_server, version " @@ -795,16 +861,18 @@ int handle_connect(int fd, struct sockaddr_in *addr) goto err_out; if (numbytes < 9 || strncmp(buf, "auth rc4 ", 9)) - u.name = para_strdup(buf + 5); /* client version < 0.2.6 */ + p = buf + 5; /* client version < 0.2.6 */ else { - u.name = para_strdup(buf + 9); /* client version >= 0.2.6 */ + p = buf + 9; /* client version >= 0.2.6 */ use_rc4 = 1; } PARA_DEBUG_LOG("received %s request for user %s\n", - use_rc4? "rc4" : "auth", u.name); - if ((ret = lookup_user(&u)) < 0) + use_rc4? "rc4" : "auth", p); + ret = -E_BAD_USER; + u = lookup_user(p); + if (!u) goto err_out; - ret = para_encrypt_challenge(u.rsa, challenge_nr, crypt_buf); + ret = para_encrypt_challenge(u->rsa, challenge_nr, crypt_buf); if (ret <= 0) goto err_out; numbytes = ret; @@ -814,22 +882,22 @@ int handle_connect(int fd, struct sockaddr_in *addr) if (ret < 0) goto err_out; /* recv decrypted number */ - numbytes = recv_buffer(fd, buf, sizeof(buf)); - ret = numbytes; + ret = recv_buffer(fd, buf, sizeof(buf)); if (ret < 0) goto err_out; + numbytes = ret; ret = -E_AUTH; if (!numbytes) goto err_out; if (sscanf(buf, CHALLENGE_RESPONSE_MSG "%lu", &chall_response) < 1 || chall_response != challenge_nr) goto err_out; - /* auth successful. Send 'Proceed' message */ - PARA_INFO_LOG("good auth for %s (%lu)\n", u.name, challenge_nr); + /* auth successful, send 'Proceed' message */ + PARA_INFO_LOG("good auth for %s (%lu)\n", u->name, challenge_nr); sprintf(buf, "%s", PROCEED_MSG); if (use_rc4) { init_rc4_keys(); - ret = para_encrypt_buffer(u.rsa, rc4_buf, 2 * RC4_KEY_LEN, + ret = para_encrypt_buffer(u->rsa, rc4_buf, 2 * RC4_KEY_LEN, (unsigned char *)buf + PROCEED_MSG_LEN + 1); if (ret <= 0) goto err_out; @@ -841,27 +909,15 @@ int handle_connect(int fd, struct sockaddr_in *addr) goto err_out; if (use_rc4) enable_crypt(fd, rc4_recv, rc4_send, NULL); - /* read command */ - while ((numbytes = recv_buffer(fd, buf, sizeof(buf))) > 0) { -// PARA_INFO_LOG("recvd: %s (%d)\n", buf, numbytes); - ret = -E_COMMAND_SYNTAX; - if (command && numbytes + strlen(command) > STRINGSIZE) /* DOS */ - goto err_out; - command = para_strcat(command, buf); - if ((p = strstr(command, EOC_MSG))) { - *p = '\0'; - break; - } - } - ret = numbytes; + ret = read_command(fd, &command); if (ret < 0) goto err_out; ret = -E_BAD_CMD; - /* parse command */ - if (!(cmd = parse_cmd(command))) + cmd = parse_cmd(command); + if (!cmd) goto err_out; /* valid command, check permissions */ - ret = check_perms(u.perms, cmd); + ret = check_perms(u->perms, cmd); if (ret < 0) goto err_out; /* valid command and sufficient perms */ @@ -870,7 +926,7 @@ int handle_connect(int fd, struct sockaddr_in *addr) mmd_lock(); mmd->num_commands++; mmd_unlock(); - PARA_NOTICE_LOG("calling com_%s() for %s@%s\n", cmd->name, u.name, + PARA_NOTICE_LOG("calling com_%s() for %s@%s\n", cmd->name, u->name, inet_ntoa(addr->sin_addr)); ret = cmd->handler(fd, argc, argv); if (ret >= 0) { @@ -878,16 +934,15 @@ int handle_connect(int fd, struct sockaddr_in *addr) goto out; } err_out: - if (ret != -E_SEND && ret != -E_RECV) { - PARA_NOTICE_LOG("%s\n", PARA_STRERROR(-ret)); + PARA_NOTICE_LOG("%s\n", PARA_STRERROR(-ret)); + if (ret != -E_SEND && ret != -E_RECV) send_va_buffer(fd, "%s\n", PARA_STRERROR(-ret)); - } ret = EXIT_FAILURE; out: free(command); free(argv); mmd_lock(); - if (cmd && (cmd->perms & DB_WRITE) && ret >= 0) + if (cmd && (cmd->perms & AFS_WRITE) && ret >= 0) mmd->events++; mmd->active_connections--; mmd_unlock();