X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=command.c;h=9c175f35ec45087325db2ef3dbb3249689de0708;hp=cdc42fa1a220662ac7413b52fc40aba0f56e14d8;hb=3667d75edd30f45f6b909bcf5203689c866a77b5;hpb=e151dbb79eac16326585ec0a33cf48029f5f22f4

diff --git a/command.c b/command.c
index cdc42fa1..9c175f35 100644
--- a/command.c
+++ b/command.c
@@ -15,6 +15,7 @@
 #include "para.h"
 #include "error.h"
 #include "crypt.h"
+#include "sideband.h"
 #include "command.h"
 #include "server.cmdline.h"
 #include "string.h"
@@ -101,7 +102,8 @@ static char *vss_get_status_flags(unsigned int flags)
 	return msg;
 }
 
-static char *get_status(struct misc_meta_data *nmmd, int parser_friendly)
+static unsigned get_status(struct misc_meta_data *nmmd, int parser_friendly,
+		char **result)
 {
 	char mtime[30] = "";
 	char *status, *flags; /* vss status info */
@@ -141,7 +143,8 @@ static char *get_status(struct misc_meta_data *nmmd, int parser_friendly)
 	free(flags);
 	free(status);
 	free(ut);
-	return b.buf;
+	*result = b.buf;
+	return b.offset;
 }
 
 static int check_sender_args(int argc, char * const * argv, struct sender_command_data *scd)
@@ -191,6 +194,118 @@ static int check_sender_args(int argc, char * const * argv, struct sender_comman
 	return 1;
 }
 
+/**
+ * Send a sideband packet through a blocking file descriptor.
+ *
+ * \param scc fd and crypto keys.
+ * \param buf The buffer to send.
+ * \param numbytes The size of \a buf.
+ * \param band The sideband designator of this packet.
+ * \param dont_free If true, never deallocate \a buf.
+ *
+ * The nonblock flag must be disabled for the file descriptor given by \a scc.
+ *
+ * Stream cipher encryption is automatically activated if neccessary via the
+ * sideband transformation, depending on the value of \a band.
+ *
+ * \return Standard.
+ *
+ * \sa \ref send_sb_va().
+ */
+int send_sb(struct stream_cipher_context *scc, void *buf, size_t numbytes,
+		int band, bool dont_free)
+{
+	int ret;
+	struct sb_context *sbc;
+	struct iovec iov[2];
+	struct sb_buffer sbb = SBB_INIT(band, buf, numbytes);
+	sb_transformation trafo = band < SBD_PROCEED? NULL : sc_trafo;
+
+	sbc = sb_new_send(&sbb, dont_free, trafo, scc->send);
+	do {
+		ret = sb_get_send_buffers(sbc, iov);
+		ret = xwritev(scc->fd, iov, ret);
+		if (ret < 0)
+			goto fail;
+	} while (sb_sent(sbc, ret) == false);
+	return 1;
+fail:
+	sb_free(sbc);
+	return ret;
+}
+
+/**
+ * Create a variable sized buffer and send it as a sideband packet.
+ *
+ * \param scc Passed to \ref send_sb.
+ * \param band See \ref send_sb.
+ * \param fmt The format string.
+ *
+ * \return The return value of the underlying call to \ref send_sb.
+ */
+__printf_3_4 int send_sb_va(struct stream_cipher_context *scc, int band,
+		const char *fmt, ...)
+{
+	va_list ap;
+	char *msg;
+	int ret;
+
+	va_start(ap, fmt);
+	ret = xvasprintf(&msg, fmt, ap);
+	va_end(ap);
+	return send_sb(scc, msg, ret, band, false);
+}
+
+/**
+ * Send a sideband packet through a blocking file descriptor.
+ *
+ * \param scc fd and crypto keys.
+ * \param expected_band The expected band designator.
+ * \param max_size Passed to \ref sb_new_recv().
+ * \param result Body of the sideband packet is returned here.
+ *
+ * If \a expected_band is not \p SBD_ANY, the band designator of the received
+ * sideband packet is compared to \a expected_band and a mismatch is considered
+ * an error.
+ *
+ * \return Standard.
+ */
+int recv_sb(struct stream_cipher_context *scc,
+		enum sb_designator expected_band,
+		size_t max_size, struct iovec *result)
+{
+	int ret;
+	struct sb_context *sbc;
+	struct iovec iov;
+	struct sb_buffer sbb;
+	sb_transformation trafo;
+
+	trafo = expected_band != SBD_ANY && expected_band < SBD_PROCEED?
+		NULL : sc_trafo;
+	sbc = sb_new_recv(max_size, trafo, scc->recv);
+	for (;;) {
+		sb_get_recv_buffer(sbc, &iov);
+		ret = recv_bin_buffer(scc->fd, iov.iov_base, iov.iov_len);
+		if (ret == 0)
+			ret = -E_EOF;
+		if (ret < 0)
+			goto fail;
+		ret = sb_received(sbc, ret, &sbb);
+		if (ret < 0)
+			goto fail;
+		if (ret > 0)
+			break;
+	}
+	ret = -E_BAD_BAND;
+	if (expected_band != SBD_ANY && sbb.band != expected_band)
+		goto fail;
+	*result = sbb.iov;
+	return 1;
+fail:
+	sb_free(sbc);
+	return ret;
+}
+
 int com_sender(struct command_context *cc)
 {
 	int i, ret;
@@ -382,8 +497,8 @@ int com_stat(struct command_context *cc)
 		return -E_COMMAND_SYNTAX;
 	for (;;) {
 		mmd_dup(nmmd);
-		s = get_status(nmmd, parser_friendly);
-		ret = sc_send_buffer(&cc->scc, s);
+		ret = get_status(nmmd, parser_friendly, &s);
+		ret = sc_send_bin_buffer(&cc->scc, s, ret);
 		free(s);
 		if (ret < 0)
 			goto out;
@@ -741,6 +856,40 @@ out:
 	return ret;
 }
 
+#define HANDSHAKE_BUFSIZE 4096
+
+static int parse_sb_command(struct command_context *cc, struct iovec *iov)
+{
+	int ret, i;
+	char *p, *end;
+
+	ret = -E_BAD_CMD;
+	if (iov->iov_base == NULL || iov->iov_len == 0)
+		goto out;
+	p = iov->iov_base;
+	p[iov->iov_len - 1] = '\0'; /* just to be sure */
+	cc->cmd = get_cmd_ptr(p, NULL);
+	if (!cc->cmd)
+		goto out;
+	ret = check_perms(cc->u->perms, cc->cmd);
+	if (ret < 0)
+		goto out;
+	end = iov->iov_base + iov->iov_len;
+	for (i = 0, p = iov->iov_base; p < end; i++)
+		p += strlen(p) + 1;
+	cc->argc = i;
+	cc->argv = para_malloc((cc->argc + 1) * sizeof(char *));
+	for (i = 0, p = iov->iov_base; p < end; i++) {
+		cc->argv[i] = para_strdup(p);
+		p += strlen(p) + 1;
+	}
+	cc->argv[cc->argc] = NULL;
+	ret = cc->argc;
+out:
+	free(iov->iov_base);
+	return ret;
+}
+
 /**
  * Perform user authentication and execute a command.
  *
@@ -771,10 +920,9 @@ out:
 __noreturn void handle_connect(int fd, const char *peername)
 {
 	int ret;
-	char buf[4096];
 	unsigned char rand_buf[CHALLENGE_SIZE + 2 * SESSION_KEY_LEN];
 	unsigned char challenge_hash[HASH_SIZE];
-	char *p, *command = NULL;
+	char *p, *command = NULL, *buf = para_malloc(HANDSHAKE_BUFSIZE) /* must be on the heap */;
 	size_t numbytes;
 	struct command_context cc_struct = {.peer = peername}, *cc = &cc_struct;
 
@@ -792,7 +940,7 @@ __noreturn void handle_connect(int fd, const char *peername)
 	if (ret < 0)
 		goto net_err;
 	/* recv auth request line */
-	ret = recv_buffer(fd, buf, sizeof(buf));
+	ret = recv_buffer(fd, buf, HANDSHAKE_BUFSIZE);
 	if (ret < 0)
 		goto net_err;
 	ret = parse_auth_request(buf, ret, &cc->u, &cc->use_sideband);
@@ -819,15 +967,29 @@ __noreturn void handle_connect(int fd, const char *peername)
 	}
 	PARA_DEBUG_LOG("sending %u byte challenge + rc4 keys (%zu bytes)\n",
 		CHALLENGE_SIZE, numbytes);
-	ret = write_all(fd, buf, numbytes);
-	if (ret < 0)
-		goto net_err;
-	/* recv challenge response */
-	ret = recv_bin_buffer(fd, buf, HASH_SIZE);
-	if (ret < 0)
-		goto net_err;
-	numbytes = ret;
-	PARA_DEBUG_LOG("received %d bytes challenge response\n", ret);
+	if (cc->use_sideband) {
+		struct iovec iov;
+		ret = send_sb(&cc->scc, buf, numbytes, SBD_CHALLENGE, false);
+		buf = NULL;
+		if (ret < 0)
+			goto net_err;
+		ret = recv_sb(&cc->scc, SBD_CHALLENGE_RESPONSE,
+			HANDSHAKE_BUFSIZE, &iov);
+		if (ret < 0)
+			goto net_err;
+		buf = iov.iov_base;
+		numbytes = iov.iov_len;
+	} else {
+		ret = write_all(fd, buf, numbytes);
+		if (ret < 0)
+			goto net_err;
+		/* recv challenge response */
+		ret = recv_bin_buffer(fd, buf, HASH_SIZE);
+		if (ret < 0)
+			goto net_err;
+		numbytes = ret;
+	}
+	PARA_DEBUG_LOG("received %zu bytes challenge response\n", numbytes);
 	ret = -E_BAD_USER;
 	if (!cc->u)
 		goto net_err;
@@ -847,27 +1009,41 @@ __noreturn void handle_connect(int fd, const char *peername)
 	/* init stream cipher keys with the second part of the random buffer */
 	cc->scc.recv = sc_new(rand_buf + CHALLENGE_SIZE, SESSION_KEY_LEN);
 	cc->scc.send = sc_new(rand_buf + CHALLENGE_SIZE + SESSION_KEY_LEN, SESSION_KEY_LEN);
-	ret = sc_send_buffer(&cc->scc, PROCEED_MSG);
-	if (ret < 0)
-		goto net_err;
-	ret = read_command(&cc->scc, &command);
-	if (ret == -E_COMMAND_SYNTAX)
-		goto err_out;
+	if (cc->use_sideband)
+		ret = send_sb(&cc->scc, NULL, 0, SBD_PROCEED, false);
+	else
+		ret = sc_send_buffer(&cc->scc, PROCEED_MSG);
 	if (ret < 0)
 		goto net_err;
-	ret = -E_BAD_CMD;
-	cc->cmd = parse_cmd(command);
-	if (!cc->cmd)
-		goto err_out;
-	/* valid command, check permissions */
-	ret = check_perms(cc->u->perms, cc->cmd);
-	if (ret < 0)
-		goto err_out;
-	/* valid command and sufficient perms */
-	ret = create_argv(command, "\n", &cc->argv);
-	if (ret < 0)
-		goto err_out;
-	cc->argc = ret;
+	if (cc->use_sideband) {
+		struct iovec iov;
+		ret = recv_sb(&cc->scc, SBD_COMMAND, MAX_COMMAND_LEN, &iov);
+		if (ret < 0)
+			goto net_err;
+		ret = parse_sb_command(cc, &iov);
+		if (ret < 0)
+			goto err_out;
+		cc->argc = ret;
+	} else {
+		ret = read_command(&cc->scc, &command);
+		if (ret == -E_COMMAND_SYNTAX)
+			goto err_out;
+		if (ret < 0)
+			goto net_err;
+		ret = -E_BAD_CMD;
+		cc->cmd = parse_cmd(command);
+		if (!cc->cmd)
+			goto err_out;
+		/* valid command, check permissions */
+		ret = check_perms(cc->u->perms, cc->cmd);
+		if (ret < 0)
+			goto err_out;
+		/* valid command and sufficient perms */
+		ret = create_argv(command, "\n", &cc->argv);
+		if (ret < 0)
+			goto err_out;
+		cc->argc = ret;
+	}
 	PARA_NOTICE_LOG("calling com_%s() for %s@%s\n", cc->cmd->name,
 		cc->u->name, peername);
 	ret = cc->cmd->handler(cc);
@@ -882,6 +1058,7 @@ err_out:
 net_err:
 	PARA_NOTICE_LOG("%s\n", para_strerror(-ret));
 out:
+	free(buf);
 	free(command);
 	sc_free(cc->scc.recv);
 	sc_free(cc->scc.send);