X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=command.c;h=5b17f116d53c93956faf60f88d903b233b7e9b69;hp=481fd0f637352fb21ff97536d426ece42ec0fda3;hb=329bf73b72eea2c5be1bcbd9a9602c0a8994d0be;hpb=5459ae27b1efa26a1a47186c754a0e4cb486a278 diff --git a/command.c b/command.c index 481fd0f6..5b17f116 100644 --- a/command.c +++ b/command.c @@ -6,10 +6,7 @@ #include #include #include -#include -#include #include -#include #include #include @@ -22,7 +19,6 @@ #include "command.h" #include "string.h" #include "afh.h" -#include "afs.h" #include "net.h" #include "server.h" #include "list.h" @@ -457,6 +453,7 @@ EXPORT_SERVER_CMD_HANDLER(version); ITEM(chunk_time) \ ITEM(num_chunks) \ ITEM(amplification) \ + ITEM(play_time) \ /* * Create a set of audio-file related status items with empty values. These are @@ -553,7 +550,7 @@ out: } EXPORT_SERVER_CMD_HANDLER(stat); -const char *aux_info_cb(unsigned cmd_num, bool verbose) +static const char *aux_info_cb(unsigned cmd_num, bool verbose) { static char result[80]; unsigned perms = server_command_perms[cmd_num]; @@ -716,8 +713,7 @@ EXPORT_SERVER_CMD_HANDLER(ff); static int com_jmp(struct command_context *cc, struct lls_parse_result *lpr) { - long unsigned int i; - int ret; + int i, ret; char *errctx; ret = lls(lls_check_arg_count(lpr, 1, 1, &errctx)); @@ -725,18 +721,16 @@ static int com_jmp(struct command_context *cc, struct lls_parse_result *lpr) send_errctx(cc, errctx); return ret; } - if (sscanf(lls_input(0, lpr), "%lu", &i) <= 0) + if (sscanf(lls_input(0, lpr), "%d", &i) <= 0) + return -ERRNO_TO_PARA_ERROR(EINVAL); + if (i < 0 || i > 100) return -ERRNO_TO_PARA_ERROR(EINVAL); mutex_lock(mmd_mutex); ret = -E_NO_AUDIO_FILE; if (!mmd->afd.afhi.chunks_total) goto out; - if (i > 100) - i = 100; - PARA_INFO_LOG("jumping to %lu%%\n", i); + PARA_INFO_LOG("jumping to %d%%\n", i); mmd->repos_request = (mmd->afd.afhi.chunks_total * i + 50) / 100; - PARA_INFO_LOG("sent: %lu, offset before jmp: %li\n", - mmd->chunks_sent, mmd->offset); mmd->new_vss_status_flags |= VSS_REPOS; mmd->new_vss_status_flags &= ~VSS_NEXT; ret = 1; @@ -747,14 +741,6 @@ out: } EXPORT_SERVER_CMD_HANDLER(jmp); -/* deprecated, does nothing */ -static int com_tasks(__a_unused struct command_context *cc, - __a_unused struct lls_parse_result *lpr) -{ - return 1; -} -EXPORT_SERVER_CMD_HANDLER(tasks); - static void reset_signals(void) { para_sigaction(SIGCHLD, SIG_IGN); @@ -764,7 +750,7 @@ static void reset_signals(void) } struct connection_features { - int dummy; /* none at the moment */ + bool sha256_requested; /* can be removed after 0.7.0 */ }; static int parse_auth_request(char *buf, int len, const struct user **u, @@ -789,11 +775,22 @@ static int parse_auth_request(char *buf, int len, const struct user **u, *p = '\0'; p++; create_argv(p, ",", &features); + /* + * Still accept sideband and AES feature requests (as a no-op) + * because some 0.6.x clients request them. The two checks + * below may be removed after 0.7.1. + */ for (i = 0; features[i]; i++) { if (strcmp(features[i], "sideband") == 0) continue; if (strcmp(features[i], "aes_ctr128") == 0) continue; + /* + * ->sha256_requested can go away after 0.7.0 but the + * check has to stay until 0.9.0. + */ + if (strcmp(features[i], "sha256") == 0) + cf->sha256_requested = true; else { ret = -E_BAD_FEATURE; goto out; @@ -869,19 +866,19 @@ static int run_command(struct command_context *cc, struct iovec *iov) * Whenever para_server accepts an incoming tcp connection on the port it * listens on, it forks and the resulting child calls this function. * - * An RSA-based challenge/response is used to authenticate the peer. It that + * An RSA-based challenge/response is used to authenticate the peer. If the * authentication succeeds, a random session key is generated and sent back to * the peer, encrypted with its RSA public key. From this point on, all - * transfers are crypted with this session key. + * transfers are encrypted with this session key using a stream cipher. * * Next it is checked if the peer supplied a valid server command or a command * for the audio file selector. If yes, and if the user has sufficient - * permissions to execute that command, the function calls the corresponding - * command handler which does argument checking and further processing. + * permissions to execute this command, the function calls the corresponding + * command handler which performs argument checking and further processing. * - * In order to cope with DOS attacks, a timeout is set up which terminates - * the function if the connection was not authenticated when the timeout - * expires. + * To cope with DOS attacks, a timer is set up right after the fork. If the + * connection was still not authenticated when the timeout expires, the child + * process is terminated. * * \return Standard. * @@ -891,7 +888,7 @@ int handle_connect(int fd) { int ret; unsigned char rand_buf[APC_CHALLENGE_SIZE + 2 * SESSION_KEY_LEN]; - unsigned char challenge_hash[HASH_SIZE]; + unsigned char challenge_hash[HASH2_SIZE]; char *command = NULL, *buf = para_malloc(HANDSHAKE_BUFSIZE) /* must be on the heap */; size_t numbytes; struct command_context cc_struct = {.u = NULL}, *cc = &cc_struct; @@ -907,7 +904,7 @@ int handle_connect(int fd) /* send Welcome message */ ret = write_va_buffer(fd, "This is para_server, version " PACKAGE_VERSION ".\n" - "Features: sideband,aes_ctr128\n" + "Features: sha256\n" /* no longer announce this after 0.8.0 */ ); if (ret < 0) goto net_err; @@ -955,11 +952,19 @@ int handle_connect(int fd) * of the random data. */ ret = -E_BAD_AUTH; - if (numbytes != HASH_SIZE) - goto net_err; - hash_function((char *)rand_buf, APC_CHALLENGE_SIZE, challenge_hash); - if (memcmp(challenge_hash, buf, HASH_SIZE)) - goto net_err; + if (cf.sha256_requested) { + if (numbytes != HASH2_SIZE) + goto net_err; + hash2_function((char *)rand_buf, APC_CHALLENGE_SIZE, challenge_hash); + if (memcmp(challenge_hash, buf, HASH2_SIZE)) + goto net_err; + } else { /* old client. This can be removed after 0.7.0 */ + if (numbytes != HASH_SIZE) + goto net_err; + hash_function((char *)rand_buf, APC_CHALLENGE_SIZE, challenge_hash); + if (memcmp(challenge_hash, buf, HASH_SIZE)) + goto net_err; + } /* auth successful */ alarm(0); PARA_INFO_LOG("good auth for %s\n", cc->u->name);