X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=command.c;h=6f6fad7c4028e0f10833cc30033402e126731d66;hp=acd539693748deebb035ba08e07b9bb49394bd1f;hb=0098ecb796452af48725e91f23f1aa961fd96258;hpb=6aa6fcd54de730b4dfc75ca60f8c21009d60da0d diff --git a/command.c b/command.c index acd53969..6f6fad7c 100644 --- a/command.c +++ b/command.c @@ -34,6 +34,9 @@ #include "user_list.h" #include "server_command_list.h" +/** commands including options must be shorter than this */ +#define MAX_COMMAND_LEN 4096 + static RC4_KEY rc4_recv_key; static RC4_KEY rc4_send_key; static unsigned char rc4_buf[2 * RC4_KEY_LEN]; @@ -43,7 +46,6 @@ extern struct misc_meta_data *mmd; extern struct audio_file_selector selectors[]; extern struct sender senders[]; extern char *user_list; -struct sockaddr_in *in_addr; static void dummy(__a_unused int s) {} @@ -72,14 +74,14 @@ static char *vss_status_tohuman(unsigned int flags) /* * return human readable permission string. Never returns NULL. */ -char *cmd_perms_itohuman(unsigned int perms) +static char *cmd_perms_itohuman(unsigned int perms) { - char *msg = para_malloc(7 * sizeof(char)); + char *msg = para_malloc(5 * sizeof(char)); - msg[0] = perms & DB_READ? 'd' : '-'; - msg[1] = perms & DB_WRITE? 'D' : '-'; - msg[2] = perms & VSS_READ? 'a' : '-'; - msg[3] = perms & VSS_WRITE? 'A' : '-'; + msg[0] = perms & DB_READ? 'a' : '-'; + msg[1] = perms & DB_WRITE? 'A' : '-'; + msg[2] = perms & VSS_READ? 'v' : '-'; + msg[3] = perms & VSS_WRITE? 'V' : '-'; msg[4] = '\0'; return msg; } @@ -102,7 +104,7 @@ static char *vss_get_status_flags(unsigned int flags) /* * compute status bar string. Never returns NULL */ -char *get_sb_string(struct misc_meta_data *nmmd) +static char *get_sb_string(struct misc_meta_data *nmmd) { char *base, *ret; long long unsigned secs = 0, rsecs = 0, percent = 0; @@ -342,20 +344,18 @@ int com_si(int fd, int argc, __a_unused char **argv) } /* version */ -int com_version(int socket_fd, int argc, __a_unused char **argv) +int com_version(int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; - return send_buffer(socket_fd, "para_server-" PACKAGE_VERSION ", \"" - CODENAME "\"\n" - COPYRIGHT "\n" - "built: " BUILD_DATE "\n" - SYSTEM ", " CC_VERSION "\n" - ); + return send_buffer(fd, VERSION_TEXT("server") + "built: " BUILD_DATE "\n" + SYSTEM ", " CC_VERSION "\n" + ); } /* sc */ -int com_sc(int socket_fd, int argc, char **argv) +int com_sc(int fd, int argc, char **argv) { char *name = NULL; int ret, old = 0, count = -1; /* print af change forever */ @@ -370,7 +370,7 @@ repeat: } mmd_unlock(); if (name) { - ret = send_va_buffer(socket_fd, "%s\n", name); + ret = send_va_buffer(fd, "%s\n", name); free(name); name = NULL; if (ret < 0) @@ -383,7 +383,7 @@ repeat: } /* sb */ -int com_sb(int socket_fd, int argc, char **argv) +int com_sb(int fd, int argc, char **argv) { char *sb; int ret, nr = -1; /* status bar will be printed that many @@ -396,7 +396,7 @@ int com_sb(int socket_fd, int argc, char **argv) mmd_lock(); sb = get_sb_string(mmd); mmd_unlock(); - ret = send_va_buffer(socket_fd, "%s\n", sb); + ret = send_va_buffer(fd, "%s\n", sb); free(sb); if (ret < 0) return ret; @@ -410,7 +410,7 @@ int com_sb(int socket_fd, int argc, char **argv) } /* stat */ -int com_stat(int socket_fd, int argc, char **argv) +int com_stat(int fd, int argc, char **argv) { int ret, num = 0;/* status will be printed that many * times. num <= 0 means: print forever @@ -426,7 +426,7 @@ int com_stat(int socket_fd, int argc, char **argv) mmd_dup(nmmd); s = get_status(nmmd); - ret = send_buffer(socket_fd, s); + ret = send_buffer(fd, s); free(s); if (ret < 0) goto out; @@ -462,9 +462,9 @@ static int send_list_of_commands(int fd, struct server_command *cmd, /* always returns string that must be freed by the caller in handler */ static struct server_command *get_cmd_ptr(char *name, char **handler) { - struct server_command *cmd = cmd_struct; + struct server_command *cmd; - for (cmd = cmd_struct; cmd->name; cmd++) + for (cmd = server_cmds; cmd->name; cmd++) if (!strcmp(cmd->name, name)) { if (handler) *handler = para_strdup("para_server"); /* server commands */ @@ -492,7 +492,7 @@ int com_help(int fd, int argc, char **argv) if (argc < 2) { /* no argument given, print list of commands */ - if ((ret = send_list_of_commands(fd, cmd_struct, "server")) < 0) + if ((ret = send_list_of_commands(fd, server_cmds, "server")) < 0) return ret; mmd_lock(); handler = para_strdup(selectors[mmd->selector_num].name); @@ -510,20 +510,17 @@ int com_help(int fd, int argc, char **argv) } perms = cmd_perms_itohuman(cmd->perms); ret = send_va_buffer(fd, - "NAME\n\t%s - %s\n" - "SYNOPSIS\n\t para_client %s\n" - "DESCRIPTION\n%s\n" - "HANDLER\n" - "This command is handled by %s.\n\n" - "PERMISSIONS\n" - "Needed privileges for %s: %s\n", + "%s - %s\n\n" + "handler: %s\n" + "permissions: %s\n" + "usage: %s\n\n" + "%s\n", argv[1], cmd->description, - cmd->synopsis, - cmd->help, handler, - argv[1], - perms + perms, + cmd->usage, + cmd->help ); free(perms); free(handler); @@ -531,7 +528,7 @@ int com_help(int fd, int argc, char **argv) } /* hup */ -int com_hup(__a_unused int socket_fd, int argc, __a_unused char **argv) +int com_hup(__a_unused int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; @@ -540,7 +537,7 @@ int com_hup(__a_unused int socket_fd, int argc, __a_unused char **argv) } /* term */ -int com_term(__a_unused int socket_fd, int argc, __a_unused char **argv) +int com_term(__a_unused int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; @@ -548,7 +545,7 @@ int com_term(__a_unused int socket_fd, int argc, __a_unused char **argv) return 1; } -int com_play(__a_unused int socket_fd, int argc, __a_unused char **argv) +int com_play(__a_unused int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; @@ -561,7 +558,7 @@ int com_play(__a_unused int socket_fd, int argc, __a_unused char **argv) } /* stop */ -int com_stop(__a_unused int socket_fd, int argc, __a_unused char **argv) +int com_stop(__a_unused int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; @@ -574,7 +571,7 @@ int com_stop(__a_unused int socket_fd, int argc, __a_unused char **argv) } /* pause */ -int com_pause(__a_unused int socket_fd, int argc, __a_unused char **argv) +int com_pause(__a_unused int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; @@ -613,7 +610,7 @@ int com_chs(int fd, int argc, char **argv) } /* next */ -int com_next(__a_unused int socket_fd, int argc, __a_unused char **argv) +int com_next(__a_unused int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; @@ -625,7 +622,7 @@ int com_next(__a_unused int socket_fd, int argc, __a_unused char **argv) } /* nomore */ -int com_nomore(__a_unused int socket_fd, int argc, __a_unused char **argv) +int com_nomore(__a_unused int fd, int argc, __a_unused char **argv) { if (argc != 1) return -E_COMMAND_SYNTAX; @@ -637,7 +634,7 @@ int com_nomore(__a_unused int socket_fd, int argc, __a_unused char **argv) } /* ff */ -int com_ff(__a_unused int socket_fd, int argc, char **argv) +int com_ff(__a_unused int fd, int argc, char **argv) { long promille; int ret, backwards = 0; @@ -676,7 +673,7 @@ out: } /* jmp */ -int com_jmp(__a_unused int socket_fd, int argc, char **argv) +int com_jmp(__a_unused int fd, int argc, char **argv) { long unsigned int i; int ret; @@ -730,7 +727,7 @@ static struct server_command *parse_cmd(const char *cmdstr) return get_cmd_ptr(buf, NULL); } -long int para_rand(long unsigned max) +static long int para_rand(long unsigned max) { return (long int) ((max + 0.0) * (random() / (RAND_MAX + 1.0))); } @@ -760,10 +757,41 @@ static void rc4_send(unsigned long len, const unsigned char *indata, RC4(&rc4_send_key, len, indata, outdata); } +/** + * perform user authentication and execute a command + * + * \param fd the file descriptor to send output to + * \param addr socket address info of peer + * + * \return EXIT_SUCCESS or EXIT_FAILURE + * + * Whenever para_server accepts an incoming tcp connection on + * the port it listens on, it forks and the resulting child + * calls this function. + * + * An RSA-based challenge/response is used to authenticate + * the peer. It that authentication succeeds, a random RC4 + * session key is generated and sent back to the peer, + * encrypted with its RSA public key. From this point on, + * all transfers are crypted with this session key. + * + * Next it is checked if the peer supplied a valid server + * command or a command for the audio file selector currently + * in use. If yes, and if the user has sufficient + * permissions to execute that command, the function calls + * the corresponding command handler which does argument + * checking and further processing. + * + * In order to cope with a DOS attacks, a timeout is set up + * which terminates the function if the connection was not + * authenticated when the timeout expires. + * + * \sa alarm(2), rc4(3), crypt.c, crypt.h + */ int handle_connect(int fd, struct sockaddr_in *addr) { int numbytes, ret, argc, use_rc4 = 0; - char buf[STRINGSIZE]; + char buf[4096]; unsigned char crypt_buf[MAXLINE]; struct user u; struct server_command *cmd = NULL; @@ -777,7 +805,6 @@ int handle_connect(int fd, struct sockaddr_in *addr) signal(SIGHUP, SIG_DFL); signal(SIGUSR1, SIG_IGN); - in_addr = addr; challenge_nr = random(); /* send Welcome message */ ret = send_va_buffer(fd, "This is para_server, version " @@ -848,7 +875,7 @@ int handle_connect(int fd, struct sockaddr_in *addr) while ((numbytes = recv_buffer(fd, buf, sizeof(buf))) > 0) { // PARA_INFO_LOG("recvd: %s (%d)\n", buf, numbytes); ret = -E_COMMAND_SYNTAX; - if (command && numbytes + strlen(command) > STRINGSIZE) /* DOS */ + if (command && numbytes + strlen(command) > MAX_COMMAND_LEN) /* DOS */ goto err_out; command = para_strcat(command, buf); if ((p = strstr(command, EOC_MSG))) {