X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=command.c;h=585bb31c54b8df7395c8330f7f4d6e7b15890ad8;hp=f9bace34146e28ccaf7b0632e0fa34ede51de8aa;hb=435ad905;hpb=2ce04a49091712719b8fd60a6c7888258b719db1 diff --git a/command.c b/command.c index f9bace34..585bb31c 100644 --- a/command.c +++ b/command.c @@ -1,16 +1,20 @@ /* - * Copyright (C) 1997-2012 Andre Noll + * Copyright (C) 1997-2014 Andre Noll * * Licensed under the GPL v2. For licencing details see COPYING. */ /** \file command.c Client authentication and server commands. */ +#include +#include #include #include -#include #include #include +#include +#include +#include #include "para.h" #include "error.h" @@ -36,8 +40,8 @@ #include "signal.h" #include "version.h" -struct server_command afs_cmds[] = {DEFINE_AFS_CMD_ARRAY}; -struct server_command server_cmds[] = {DEFINE_SERVER_CMD_ARRAY}; +static struct server_command afs_cmds[] = {DEFINE_AFS_CMD_ARRAY}; +static struct server_command server_cmds[] = {DEFINE_SERVER_CMD_ARRAY}; /** Commands including options must be shorter than this. */ #define MAX_COMMAND_LEN 32768 @@ -111,7 +115,6 @@ static unsigned get_status(struct misc_meta_data *nmmd, int parser_friendly, char mtime[30] = ""; char *status, *flags; /* vss status info */ /* nobody updates our version of "now" */ - char *ut = get_server_uptime_str(NULL); long offset = (nmmd->offset + 500) / 1000; struct timeval current_time; struct tm mtime_tm; @@ -124,7 +127,7 @@ static unsigned get_status(struct misc_meta_data *nmmd, int parser_friendly, localtime_r(&nmmd->mtime, &mtime_tm); strftime(mtime, 29, "%b %d %Y", &mtime_tm); } - gettimeofday(¤t_time, NULL); + clock_get_realtime(¤t_time); /* * The calls to WRITE_STATUS_ITEM() below never fail because * b->max_size is zero (unlimited), see para_printf(). However, clang @@ -145,7 +148,6 @@ static unsigned get_status(struct misc_meta_data *nmmd, int parser_friendly, (long unsigned)current_time.tv_usec); free(flags); free(status); - free(ut); *result = b.buf; return b.offset; } @@ -221,8 +223,8 @@ int send_sb(struct stream_cipher_context *scc, void *buf, size_t numbytes, int ret; struct sb_context *sbc; struct iovec iov[2]; - struct sb_buffer sbb = SBB_INIT(band, buf, numbytes); sb_transformation trafo = band < SBD_PROCEED? NULL : sc_trafo; + struct sb_buffer sbb = SBB_INIT(band, buf, numbytes); sbc = sb_new_send(&sbb, dont_free, trafo, scc->send); do { @@ -259,12 +261,17 @@ __printf_3_4 int send_sb_va(struct stream_cipher_context *scc, int band, return send_sb(scc, msg, ret, band, false); } +/** + * Send an error message to a client. + * + * \param cc Client info. + * \param err The (positive) error code. + * + * \return The return value of the underlying call to send_sb_va(). + */ int send_strerror(struct command_context *cc, int err) { - return cc->use_sideband? - send_sb_va(&cc->scc, SBD_ERROR_LOG, "%s\n", para_strerror(err)) - : - sc_send_va_buffer(&cc->scc, "%s\n", para_strerror(err)); + return send_sb_va(&cc->scc, SBD_ERROR_LOG, "%s\n", para_strerror(err)); } /** @@ -331,23 +338,17 @@ static int com_sender(struct command_context *cc) free(msg); msg = tmp; } - if (cc->use_sideband) - return send_sb(&cc->scc, msg, ret, SBD_OUTPUT, false); - ret = sc_send_buffer(&cc->scc, msg); - free(msg); - return ret; + return send_sb(&cc->scc, msg, ret, SBD_OUTPUT, false); } ret = check_sender_args(cc->argc, cc->argv, &scd); if (ret < 0) { if (scd.sender_num < 0) return ret; - msg = senders[scd.sender_num].help(); - if (cc->use_sideband) - return send_sb(&cc->scc, msg, strlen(msg), SBD_OUTPUT, - false); - ret = sc_send_buffer(&cc->scc, msg); - free(msg); - return ret; + if (strcmp(cc->argv[2], "status") == 0) + msg = senders[scd.sender_num].status(); + else + msg = senders[scd.sender_num].help(); + return send_sb(&cc->scc, msg, strlen(msg), SBD_OUTPUT, false); } switch (scd.cmd_num) { @@ -366,7 +367,7 @@ static int com_sender(struct command_context *cc) usleep(100 * 1000); continue; } - memcpy(&mmd->sender_cmd_data, &scd, sizeof(scd)); + mmd->sender_cmd_data = scd; mutex_unlock(mmd_mutex); break; } @@ -376,26 +377,20 @@ static int com_sender(struct command_context *cc) /* server info */ static int com_si(struct command_context *cc) { - int i, ret; - char *msg, *ut, *sender_info = NULL; + int ret; + char *msg, *ut; if (cc->argc != 1) return -E_COMMAND_SYNTAX; mutex_lock(mmd_mutex); - for (i = 0; senders[i].name; i++) { - char *info = senders[i].info(); - sender_info = para_strcat(sender_info, info); - free(info); - } ut = get_server_uptime_str(now); - ret = xasprintf(&msg, "version: " GIT_VERSION "\n" + ret = xasprintf(&msg, "up: %s\nplayed: %u\n" "server_pid: %d\n" "afs_pid: %d\n" "connections (active/accepted/total): %u/%u/%u\n" "current loglevel: %s\n" - "supported audio formats: %s\n" - "%s", + "supported audio formats: %s\n", ut, mmd->num_played, (int)getppid(), (int)mmd->afs_pid, @@ -403,17 +398,11 @@ static int com_si(struct command_context *cc) mmd->num_commands, mmd->num_connects, conf.loglevel_arg, - SERVER_AUDIO_FORMATS, - sender_info + AUDIO_FORMAT_HANDLERS ); mutex_unlock(mmd_mutex); free(ut); - free(sender_info); - if (cc->use_sideband) - return send_sb(&cc->scc, msg, ret, SBD_OUTPUT, false); - ret = sc_send_bin_buffer(&cc->scc, msg, ret); - free(msg); - return ret; + return send_sb(&cc->scc, msg, ret, SBD_OUTPUT, false); } /* version */ @@ -424,12 +413,8 @@ static int com_version(struct command_context *cc) if (cc->argc != 1) return -E_COMMAND_SYNTAX; - msg = VERSION_TEXT("server") "built: " BUILD_DATE "\n" UNAME_RS - ", " CC_VERSION "\n"; - len = strlen(msg); - if (cc->use_sideband) - return send_sb(&cc->scc, msg, len, SBD_OUTPUT, true); - return sc_send_bin_buffer(&cc->scc, msg, len); + len = xasprintf(&msg, "%s", version_text("server")); + return send_sb(&cc->scc, msg, len, SBD_OUTPUT, false); } #define EMPTY_STATUS_ITEMS \ @@ -467,11 +452,8 @@ static int com_version(struct command_context *cc) */ static unsigned empty_status_items(int parser_friendly, char **result) { - static char *esi; - static unsigned len; - - if (esi) - goto out; + char *esi; + unsigned len; if (parser_friendly) len = xasprintf(&esi, @@ -491,7 +473,6 @@ static unsigned empty_status_items(int parser_friendly, char **result) EMPTY_STATUS_ITEMS #undef ITEM ); -out: *result = esi; return len; } @@ -502,7 +483,7 @@ static int com_stat(struct command_context *cc) { int i, ret; struct misc_meta_data tmp, *nmmd = &tmp; - char *s, *esi = NULL; + char *s; int32_t num = 0; int parser_friendly = 0; @@ -533,21 +514,13 @@ static int com_stat(struct command_context *cc) for (;;) { mmd_dup(nmmd); ret = get_status(nmmd, parser_friendly, &s); - if (cc->use_sideband) - ret = send_sb(&cc->scc, s, ret, SBD_OUTPUT, false); - else { - ret = sc_send_bin_buffer(&cc->scc, s, ret); - free(s); - } + ret = send_sb(&cc->scc, s, ret, SBD_OUTPUT, false); if (ret < 0) goto out; if (nmmd->vss_status_flags & VSS_NEXT) { + char *esi; ret = empty_status_items(parser_friendly, &esi); - if (cc->use_sideband) - ret = send_sb(&cc->scc, esi, ret, SBD_OUTPUT, - true); - else - ret = sc_send_bin_buffer(&cc->scc, esi, ret); + ret = send_sb(&cc->scc, esi, ret, SBD_OUTPUT, false); if (ret < 0) goto out; } else @@ -561,14 +534,12 @@ static int com_stat(struct command_context *cc) goto out; } out: - free(esi); return ret; } static int send_list_of_commands(struct command_context *cc, struct server_command *cmd, const char *handler) { - int ret; char *msg = NULL; for (; cmd->name; cmd++) { @@ -579,11 +550,8 @@ static int send_list_of_commands(struct command_context *cc, struct server_comma msg = para_strcat(msg, tmp); free(tmp); } - if (cc->use_sideband) - return send_sb(&cc->scc, msg, strlen(msg), SBD_OUTPUT, false); - ret = sc_send_buffer(&cc->scc, msg); - free(msg); - return ret; + assert(msg); + return send_sb(&cc->scc, msg, strlen(msg), SBD_OUTPUT, false); } /* returns string that must be freed by the caller */ @@ -639,11 +607,7 @@ static int com_help(struct command_context *cc) ); free(perms); free(handler); - if (cc->use_sideband) - return send_sb(&cc->scc, buf, ret, SBD_OUTPUT, false); - ret = sc_send_buffer(&cc->scc, buf); - free(buf); - return ret; + return send_sb(&cc->scc, buf, ret, SBD_OUTPUT, false); } /* hup */ @@ -805,58 +769,6 @@ static int check_perms(unsigned int perms, struct server_command *cmd_ptr) return (cmd_ptr->perms & perms) < cmd_ptr->perms ? -E_PERM : 0; } -/* - * Parse first string from *cmd and lookup in table of valid commands. - * On error, NULL is returned. - */ -static struct server_command *parse_cmd(const char *cmdstr) -{ - char buf[255]; - int n = 0; - - sscanf(cmdstr, "%200s%n", buf, &n); - if (!n) - return NULL; - buf[n] = '\0'; - return get_cmd_ptr(buf, NULL); -} - -static int read_command(struct stream_cipher_context *scc, char **result) -{ - int ret; - char buf[4096]; - char *command = NULL; - - for (;;) { - size_t numbytes; - char *p; - - ret = sc_recv_buffer(scc, buf, sizeof(buf)); - if (ret < 0) - goto out; - if (!ret) - break; - numbytes = ret; - ret = -E_COMMAND_SYNTAX; - if (command && numbytes + strlen(command) > MAX_COMMAND_LEN) /* DOS */ - goto out; - command = para_strcat(command, buf); - p = strstr(command, EOC_MSG); - if (p) { - *p = '\0'; - break; - } - } - ret = command? 1 : -E_COMMAND_SYNTAX; -out: - if (ret < 0) - free(command); - else - *result = command; - return ret; - -} - static void reset_signals(void) { para_sigaction(SIGCHLD, SIG_IGN); @@ -865,15 +777,20 @@ static void reset_signals(void) para_sigaction(SIGHUP, SIG_DFL); } +struct connection_features { + bool sideband_requested; + bool aes_ctr128_requested; +}; + static int parse_auth_request(char *buf, int len, struct user **u, - bool *use_sideband) + struct connection_features *cf) { int ret; char *p, *username, **features = NULL; size_t auth_rq_len = strlen(AUTH_REQUEST_MSG); *u = NULL; - *use_sideband = false; + memset(cf, 0, sizeof(*cf)); if (len < auth_rq_len + 2) return -E_AUTH_REQUEST; if (strncmp(buf, AUTH_REQUEST_MSG, auth_rq_len) != 0) @@ -889,15 +806,16 @@ static int parse_auth_request(char *buf, int len, struct user **u, create_argv(p, ",", &features); for (i = 0; features[i]; i++) { if (strcmp(features[i], "sideband") == 0) - *use_sideband = true; + cf->sideband_requested = true; + else if (strcmp(features[i], "aes_ctr128") == 0) + cf->aes_ctr128_requested = true; else { ret = -E_BAD_FEATURE; goto out; } } } - PARA_DEBUG_LOG("received auth request for user %s (sideband = %s)\n", - username, *use_sideband? "true" : "false"); + PARA_DEBUG_LOG("received auth request for user %s\n", username); *u = lookup_user(username); ret = 1; out: @@ -924,7 +842,7 @@ static int parse_sb_command(struct command_context *cc, struct iovec *iov) if (ret < 0) goto out; end = iov->iov_base + iov->iov_len; - for (i = 0, p = iov->iov_base; p < end; i++) + for (i = 0; p < end; i++) p += strlen(p) + 1; cc->argc = i; cc->argv = para_malloc((cc->argc + 1) * sizeof(char *)); @@ -971,9 +889,11 @@ __noreturn void handle_connect(int fd, const char *peername) int ret; unsigned char rand_buf[CHALLENGE_SIZE + 2 * SESSION_KEY_LEN]; unsigned char challenge_hash[HASH_SIZE]; - char *p, *command = NULL, *buf = para_malloc(HANDSHAKE_BUFSIZE) /* must be on the heap */; + char *command = NULL, *buf = para_malloc(HANDSHAKE_BUFSIZE) /* must be on the heap */; size_t numbytes; struct command_context cc_struct = {.peer = peername}, *cc = &cc_struct; + struct iovec iov; + struct connection_features cf; cc->scc.fd = fd; reset_signals(); @@ -984,7 +904,7 @@ __noreturn void handle_connect(int fd, const char *peername) /* send Welcome message */ ret = write_va_buffer(fd, "This is para_server, version " PACKAGE_VERSION ".\n" - "Features: sideband,foo\n" + "Features: sideband,aes_ctr128\n" ); if (ret < 0) goto net_err; @@ -992,12 +912,14 @@ __noreturn void handle_connect(int fd, const char *peername) ret = recv_buffer(fd, buf, HANDSHAKE_BUFSIZE); if (ret < 0) goto net_err; - ret = parse_auth_request(buf, ret, &cc->u, &cc->use_sideband); + ret = parse_auth_request(buf, ret, &cc->u, &cf); if (ret < 0) goto net_err; - p = buf + strlen(AUTH_REQUEST_MSG); - PARA_DEBUG_LOG("received auth request for user %s\n", p); - cc->u = lookup_user(p); + if (!cf.sideband_requested) { /* sideband is mandatory */ + PARA_ERROR_LOG("client did not request sideband\n"); + ret = -E_BAD_FEATURE; + goto net_err; + } if (cc->u) { get_random_bytes_or_die(rand_buf, sizeof(rand_buf)); ret = pub_encrypt(cc->u->pubkey, rand_buf, sizeof(rand_buf), @@ -1014,30 +936,18 @@ __noreturn void handle_connect(int fd, const char *peername) numbytes = 256; get_random_bytes_or_die((unsigned char *)buf, numbytes); } - PARA_DEBUG_LOG("sending %u byte challenge + rc4 keys (%zu bytes)\n", + PARA_DEBUG_LOG("sending %u byte challenge + session key (%zu bytes)\n", CHALLENGE_SIZE, numbytes); - if (cc->use_sideband) { - struct iovec iov; - ret = send_sb(&cc->scc, buf, numbytes, SBD_CHALLENGE, false); - buf = NULL; - if (ret < 0) - goto net_err; - ret = recv_sb(&cc->scc, SBD_CHALLENGE_RESPONSE, - HANDSHAKE_BUFSIZE, &iov); - if (ret < 0) - goto net_err; - buf = iov.iov_base; - numbytes = iov.iov_len; - } else { - ret = write_all(fd, buf, numbytes); - if (ret < 0) - goto net_err; - /* recv challenge response */ - ret = recv_bin_buffer(fd, buf, HASH_SIZE); - if (ret < 0) - goto net_err; - numbytes = ret; - } + ret = send_sb(&cc->scc, buf, numbytes, SBD_CHALLENGE, false); + buf = NULL; + if (ret < 0) + goto net_err; + ret = recv_sb(&cc->scc, SBD_CHALLENGE_RESPONSE, + HANDSHAKE_BUFSIZE, &iov); + if (ret < 0) + goto net_err; + buf = iov.iov_base; + numbytes = iov.iov_len; PARA_DEBUG_LOG("received %zu bytes challenge response\n", numbytes); ret = -E_BAD_USER; if (!cc->u) @@ -1056,43 +966,20 @@ __noreturn void handle_connect(int fd, const char *peername) alarm(0); PARA_INFO_LOG("good auth for %s\n", cc->u->name); /* init stream cipher keys with the second part of the random buffer */ - cc->scc.recv = sc_new(rand_buf + CHALLENGE_SIZE, SESSION_KEY_LEN); - cc->scc.send = sc_new(rand_buf + CHALLENGE_SIZE + SESSION_KEY_LEN, SESSION_KEY_LEN); - if (cc->use_sideband) - ret = send_sb(&cc->scc, NULL, 0, SBD_PROCEED, false); - else - ret = sc_send_buffer(&cc->scc, PROCEED_MSG); + cc->scc.recv = sc_new(rand_buf + CHALLENGE_SIZE, SESSION_KEY_LEN, + cf.aes_ctr128_requested); + cc->scc.send = sc_new(rand_buf + CHALLENGE_SIZE + SESSION_KEY_LEN, + SESSION_KEY_LEN, cf.aes_ctr128_requested); + ret = send_sb(&cc->scc, NULL, 0, SBD_PROCEED, false); if (ret < 0) goto net_err; - if (cc->use_sideband) { - struct iovec iov; - ret = recv_sb(&cc->scc, SBD_COMMAND, MAX_COMMAND_LEN, &iov); - if (ret < 0) - goto net_err; - ret = parse_sb_command(cc, &iov); - if (ret < 0) - goto err_out; - cc->argc = ret; - } else { - ret = read_command(&cc->scc, &command); - if (ret == -E_COMMAND_SYNTAX) - goto err_out; - if (ret < 0) - goto net_err; - ret = -E_BAD_CMD; - cc->cmd = parse_cmd(command); - if (!cc->cmd) - goto err_out; - /* valid command, check permissions */ - ret = check_perms(cc->u->perms, cc->cmd); - if (ret < 0) - goto err_out; - /* valid command and sufficient perms */ - ret = create_argv(command, "\n", &cc->argv); - if (ret < 0) - goto err_out; - cc->argc = ret; - } + ret = recv_sb(&cc->scc, SBD_COMMAND, MAX_COMMAND_LEN, &iov); + if (ret < 0) + goto net_err; + ret = parse_sb_command(cc, &iov); + if (ret < 0) + goto err_out; + cc->argc = ret; PARA_NOTICE_LOG("calling com_%s() for %s@%s\n", cc->cmd->name, cc->u->name, peername); ret = cc->cmd->handler(cc); @@ -1103,7 +990,7 @@ __noreturn void handle_connect(int fd, const char *peername) if (ret >= 0) goto out; err_out: - if (send_strerror(cc, -ret) >= 0 && cc->use_sideband) + if (send_strerror(cc, -ret) >= 0) send_sb(&cc->scc, NULL, 0, SBD_EXIT__FAILURE, true); net_err: PARA_NOTICE_LOG("%s\n", para_strerror(-ret)); @@ -1115,7 +1002,7 @@ out: mmd->events++; mmd->active_connections--; mutex_unlock(mmd_mutex); - if (ret >= 0 && cc->use_sideband) { + if (ret >= 0) { ret = send_sb(&cc->scc, NULL, 0, SBD_EXIT__SUCCESS, true); if (ret < 0) PARA_NOTICE_LOG("%s\n", para_strerror(-ret));