X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=command.c;h=ec822c82978d78649b6641d2206f41db44ab3bd7;hp=69bbbb74dd2831791e0f24378d7a4c4451bb6524;hb=24758c5f;hpb=8a61aff04fa2e8860f7fd3969d58d77c0292155a diff --git a/command.c b/command.c index 69bbbb74..ec822c82 100644 --- a/command.c +++ b/command.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 1997-2011 Andre Noll + * Copyright (C) 1997-2013 Andre Noll * * Licensed under the GPL v2. For licencing details see COPYING. */ @@ -8,14 +8,13 @@ #include #include -#include #include #include -#include #include "para.h" #include "error.h" #include "crypt.h" +#include "sideband.h" #include "command.h" #include "server.cmdline.h" #include "string.h" @@ -24,6 +23,7 @@ #include "server.h" #include "list.h" #include "send.h" +#include "sched.h" #include "vss.h" #include "net.h" #include "daemon.h" @@ -32,19 +32,19 @@ #include "user_list.h" #include "server_command_list.h" #include "afs_command_list.h" -#include "sched.h" #include "signal.h" #include "version.h" +struct server_command afs_cmds[] = {DEFINE_AFS_CMD_ARRAY}; +struct server_command server_cmds[] = {DEFINE_SERVER_CMD_ARRAY}; + /** Commands including options must be shorter than this. */ #define MAX_COMMAND_LEN 32768 extern int mmd_mutex; extern struct misc_meta_data *mmd; extern struct sender senders[]; -int send_afs_status(struct stream_cipher_context *scc, int parser_friendly); - -const char *status_item_list[] = {STATUS_ITEM_ARRAY}; +int send_afs_status(struct command_context *cc, int parser_friendly); static void dummy(__a_unused int s) { @@ -104,11 +104,13 @@ static char *vss_get_status_flags(unsigned int flags) return msg; } -static char *get_status(struct misc_meta_data *nmmd, int parser_friendly) +static unsigned get_status(struct misc_meta_data *nmmd, int parser_friendly, + char **result) { char mtime[30] = ""; char *status, *flags; /* vss status info */ - char *ut = uptime_str(); + /* nobody updates our version of "now" */ + char *ut = get_server_uptime_str(NULL); long offset = (nmmd->offset + 500) / 1000; struct timeval current_time; struct tm mtime_tm; @@ -121,12 +123,12 @@ static char *get_status(struct misc_meta_data *nmmd, int parser_friendly) localtime_r(&nmmd->mtime, &mtime_tm); strftime(mtime, 29, "%b %d %Y", &mtime_tm); } - gettimeofday(¤t_time, NULL); + clock_get_realtime(¤t_time); /* * The calls to WRITE_STATUS_ITEM() below never fail because * b->max_size is zero (unlimited), see para_printf(). However, clang * is not smart enough to prove this and complains nevertheless. - * Casting the return value to void silences solves this. + * Casting the return value to void silences clang. */ (void)WRITE_STATUS_ITEM(&b, SI_FILE_SIZE, "%zu\n", nmmd->size / 1024); (void)WRITE_STATUS_ITEM(&b, SI_MTIME, "%s\n", mtime); @@ -143,7 +145,8 @@ static char *get_status(struct misc_meta_data *nmmd, int parser_friendly) free(flags); free(status); free(ut); - return b.buf; + *result = b.buf; + return b.offset; } static int check_sender_args(int argc, char * const * argv, struct sender_command_data *scd) @@ -193,29 +196,163 @@ static int check_sender_args(int argc, char * const * argv, struct sender_comman return 1; } -int com_sender(struct stream_cipher_context *scc, int argc, char * const * argv) +/** + * Send a sideband packet through a blocking file descriptor. + * + * \param scc fd and crypto keys. + * \param buf The buffer to send. + * \param numbytes The size of \a buf. + * \param band The sideband designator of this packet. + * \param dont_free If true, never deallocate \a buf. + * + * The nonblock flag must be disabled for the file descriptor given by \a scc. + * + * Stream cipher encryption is automatically activated if neccessary via the + * sideband transformation, depending on the value of \a band. + * + * \return Standard. + * + * \sa \ref send_sb_va(). + */ +int send_sb(struct stream_cipher_context *scc, void *buf, size_t numbytes, + int band, bool dont_free) { - int i, ret; + int ret; + struct sb_context *sbc; + struct iovec iov[2]; + struct sb_buffer sbb = SBB_INIT(band, buf, numbytes); + sb_transformation trafo = band < SBD_PROCEED? NULL : sc_trafo; + + sbc = sb_new_send(&sbb, dont_free, trafo, scc->send); + do { + ret = sb_get_send_buffers(sbc, iov); + ret = xwritev(scc->fd, iov, ret); + if (ret < 0) + goto fail; + } while (sb_sent(sbc, ret) == false); + return 1; +fail: + sb_free(sbc); + return ret; +} + +/** + * Create a variable sized buffer and send it as a sideband packet. + * + * \param scc Passed to \ref send_sb. + * \param band See \ref send_sb. + * \param fmt The format string. + * + * \return The return value of the underlying call to \ref send_sb. + */ +__printf_3_4 int send_sb_va(struct stream_cipher_context *scc, int band, + const char *fmt, ...) +{ + va_list ap; + char *msg; + int ret; + + va_start(ap, fmt); + ret = xvasprintf(&msg, fmt, ap); + va_end(ap); + return send_sb(scc, msg, ret, band, false); +} + +/** + * Send an error message to a client. + * + * \param cc Client info. + * \param err The (positive) error code. + * + * \return The return value of the underlying call to send_sb_va(). + */ +int send_strerror(struct command_context *cc, int err) +{ + return cc->use_sideband? + send_sb_va(&cc->scc, SBD_ERROR_LOG, "%s\n", para_strerror(err)) + : + sc_send_va_buffer(&cc->scc, "%s\n", para_strerror(err)); +} + +/** + * Send a sideband packet through a blocking file descriptor. + * + * \param scc fd and crypto keys. + * \param expected_band The expected band designator. + * \param max_size Passed to \ref sb_new_recv(). + * \param result Body of the sideband packet is returned here. + * + * If \a expected_band is not \p SBD_ANY, the band designator of the received + * sideband packet is compared to \a expected_band and a mismatch is considered + * an error. + * + * \return Standard. + */ +int recv_sb(struct stream_cipher_context *scc, + enum sb_designator expected_band, + size_t max_size, struct iovec *result) +{ + int ret; + struct sb_context *sbc; + struct iovec iov; + struct sb_buffer sbb; + sb_transformation trafo; + + trafo = expected_band != SBD_ANY && expected_band < SBD_PROCEED? + NULL : sc_trafo; + sbc = sb_new_recv(max_size, trafo, scc->recv); + for (;;) { + sb_get_recv_buffer(sbc, &iov); + ret = recv_bin_buffer(scc->fd, iov.iov_base, iov.iov_len); + if (ret == 0) + ret = -E_EOF; + if (ret < 0) + goto fail; + ret = sb_received(sbc, ret, &sbb); + if (ret < 0) + goto fail; + if (ret > 0) + break; + } + ret = -E_BAD_BAND; + if (expected_band != SBD_ANY && sbb.band != expected_band) + goto fail; + *result = sbb.iov; + return 1; +fail: + sb_free(sbc); + return ret; +} + +static int com_sender(struct command_context *cc) +{ + int i, ret = 0; char *msg = NULL; struct sender_command_data scd; - if (argc < 2) { + if (cc->argc < 2) { for (i = 0; senders[i].name; i++) { - char *tmp = make_message("%s%s\n", - msg? msg : "", senders[i].name); + char *tmp; + ret = xasprintf(&tmp, "%s%s\n", msg? msg : "", + senders[i].name); free(msg); msg = tmp; } - ret = sc_send_buffer(scc, msg); + if (cc->use_sideband) + return send_sb(&cc->scc, msg, ret, SBD_OUTPUT, false); + ret = sc_send_buffer(&cc->scc, msg); free(msg); return ret; } - ret = check_sender_args(argc, argv, &scd); + ret = check_sender_args(cc->argc, cc->argv, &scd); if (ret < 0) { if (scd.sender_num < 0) return ret; msg = senders[scd.sender_num].help(); - ret = sc_send_buffer(scc, msg); + if (cc->use_sideband) + return send_sb(&cc->scc, msg, strlen(msg), SBD_OUTPUT, + false); + ret = sc_send_buffer(&cc->scc, msg); free(msg); return ret; } @@ -224,7 +361,7 @@ int com_sender(struct stream_cipher_context *scc, int argc, char * const * argv) case SENDER_ADD: case SENDER_DELETE: assert(senders[scd.sender_num].resolve_target); - ret = senders[scd.sender_num].resolve_target(argv[3], &scd); + ret = senders[scd.sender_num].resolve_target(cc->argv[3], &scd); if (ret < 0) return ret; } @@ -244,13 +381,12 @@ int com_sender(struct stream_cipher_context *scc, int argc, char * const * argv) } /* server info */ -int com_si(struct stream_cipher_context *scc, int argc, __a_unused char * const * argv) +static int com_si(struct command_context *cc) { int i, ret; - char *ut; - char *sender_info = NULL; + char *msg, *ut, *sender_info = NULL; - if (argc != 1) + if (cc->argc != 1) return -E_COMMAND_SYNTAX; mutex_lock(mmd_mutex); for (i = 0; senders[i].name; i++) { @@ -258,8 +394,8 @@ int com_si(struct stream_cipher_context *scc, int argc, __a_unused char * const sender_info = para_strcat(sender_info, info); free(info); } - ut = uptime_str(); - ret = sc_send_va_buffer(scc, "version: " GIT_VERSION "\n" + ut = get_server_uptime_str(now); + ret = xasprintf(&msg, "version: " GIT_VERSION "\n" "up: %s\nplayed: %u\n" "server_pid: %d\n" "afs_pid: %d\n" @@ -274,24 +410,33 @@ int com_si(struct stream_cipher_context *scc, int argc, __a_unused char * const mmd->num_commands, mmd->num_connects, conf.loglevel_arg, - SERVER_AUDIO_FORMATS, + AUDIO_FORMAT_HANDLERS, sender_info ); mutex_unlock(mmd_mutex); free(ut); free(sender_info); + if (cc->use_sideband) + return send_sb(&cc->scc, msg, ret, SBD_OUTPUT, false); + ret = sc_send_bin_buffer(&cc->scc, msg, ret); + free(msg); return ret; } /* version */ -int com_version(struct stream_cipher_context *scc, int argc, __a_unused char * const * argv) +static int com_version(struct command_context *cc) { - if (argc != 1) + char *msg; + size_t len; + + if (cc->argc != 1) return -E_COMMAND_SYNTAX; - return sc_send_buffer(scc, VERSION_TEXT("server") - "built: " BUILD_DATE "\n" - UNAME_RS ", " CC_VERSION "\n" - ); + msg = VERSION_TEXT("server") "built: " BUILD_DATE "\n" UNAME_RS + ", " CC_VERSION "\n"; + len = strlen(msg); + if (cc->use_sideband) + return send_sb(&cc->scc, msg, len, SBD_OUTPUT, true); + return sc_send_bin_buffer(&cc->scc, msg, len); } #define EMPTY_STATUS_ITEMS \ @@ -327,10 +472,16 @@ int com_version(struct stream_cipher_context *scc, int argc, __a_unused char * c * * This is used by vss when currently no audio file is open. */ -static char *empty_status_items(int parser_friendly) +static unsigned empty_status_items(int parser_friendly, char **result) { + static char *esi; + static unsigned len; + + if (esi) + goto out; + if (parser_friendly) - return make_message( + len = xasprintf(&esi, #define ITEM(x) "0004 %02x:\n" EMPTY_STATUS_ITEMS #undef ITEM @@ -338,30 +489,34 @@ static char *empty_status_items(int parser_friendly) EMPTY_STATUS_ITEMS #undef ITEM ); - return make_message( - #define ITEM(x) "%s:\n" - EMPTY_STATUS_ITEMS - #undef ITEM - #define ITEM(x) ,status_item_list[SI_ ## x] - EMPTY_STATUS_ITEMS - #undef ITEM - ); + else + len = xasprintf(&esi, + #define ITEM(x) "%s:\n" + EMPTY_STATUS_ITEMS + #undef ITEM + #define ITEM(x) ,status_item_list[SI_ ## x] + EMPTY_STATUS_ITEMS + #undef ITEM + ); +out: + *result = esi; + return len; } #undef EMPTY_STATUS_ITEMS /* stat */ -int com_stat(struct stream_cipher_context *scc, int argc, char * const * argv) +static int com_stat(struct command_context *cc) { int i, ret; struct misc_meta_data tmp, *nmmd = &tmp; - char *s; + char *s, *esi = NULL; int32_t num = 0; int parser_friendly = 0; para_sigaction(SIGUSR1, dummy); - for (i = 1; i < argc; i++) { - const char *arg = argv[i]; + for (i = 1; i < cc->argc; i++) { + const char *arg = cc->argv[i]; if (arg[0] != '-') break; if (!strcmp(arg, "--")) { @@ -380,51 +535,62 @@ int com_stat(struct stream_cipher_context *scc, int argc, char * const * argv) } return -E_COMMAND_SYNTAX; } - if (i != argc) + if (i != cc->argc) return -E_COMMAND_SYNTAX; for (;;) { mmd_dup(nmmd); - s = get_status(nmmd, parser_friendly); - ret = sc_send_buffer(scc, s); - free(s); + ret = get_status(nmmd, parser_friendly, &s); + if (cc->use_sideband) + ret = send_sb(&cc->scc, s, ret, SBD_OUTPUT, false); + else { + ret = sc_send_bin_buffer(&cc->scc, s, ret); + free(s); + } if (ret < 0) goto out; if (nmmd->vss_status_flags & VSS_NEXT) { - static char *esi; - if (!esi) - esi = empty_status_items(parser_friendly); - ret = sc_send_buffer(scc, esi); + ret = empty_status_items(parser_friendly, &esi); + if (cc->use_sideband) + ret = send_sb(&cc->scc, esi, ret, SBD_OUTPUT, + true); + else + ret = sc_send_bin_buffer(&cc->scc, esi, ret); if (ret < 0) goto out; } else - send_afs_status(scc, parser_friendly); + send_afs_status(cc, parser_friendly); ret = 1; if (num > 0 && !--num) goto out; sleep(50); + ret = -E_SERVER_CRASH; if (getppid() == 1) - return -E_SERVER_CRASH; + goto out; } out: + free(esi); return ret; } -static int send_list_of_commands(struct stream_cipher_context *scc, struct server_command *cmd, +static int send_list_of_commands(struct command_context *cc, struct server_command *cmd, const char *handler) { - int ret, i; + int ret; + char *msg = NULL; - for (i = 1; cmd->name; cmd++, i++) { - char *perms = cmd_perms_itohuman(cmd->perms); - ret = sc_send_va_buffer(scc, "%s\t%s\t%s\t%s\n", cmd->name, - handler, - perms, - cmd->description); + for (; cmd->name; cmd++) { + char *tmp, *perms = cmd_perms_itohuman(cmd->perms); + tmp = make_message("%s\t%s\t%s\t%s\n", cmd->name, handler, + perms, cmd->description); free(perms); - if (ret < 0) - return ret; + msg = para_strcat(msg, tmp); + free(tmp); } - return 1; + if (cc->use_sideband) + return send_sb(&cc->scc, msg, strlen(msg), SBD_OUTPUT, false); + ret = sc_send_buffer(&cc->scc, msg); + free(msg); + return ret; } /* returns string that must be freed by the caller */ @@ -449,30 +615,29 @@ static struct server_command *get_cmd_ptr(const char *name, char **handler) } /* help */ -int com_help(struct stream_cipher_context *scc, int argc, char * const * argv) +static int com_help(struct command_context *cc) { struct server_command *cmd; - char *perms, *handler; + char *perms, *handler, *buf; int ret; - if (argc < 2) { + if (cc->argc < 2) { /* no argument given, print list of commands */ - if ((ret = send_list_of_commands(scc, server_cmds, "server")) < 0) + if ((ret = send_list_of_commands(cc, server_cmds, "server")) < 0) return ret; - return send_list_of_commands(scc, afs_cmds, "afs"); + return send_list_of_commands(cc, afs_cmds, "afs"); } /* argument given for help */ - cmd = get_cmd_ptr(argv[1], &handler); + cmd = get_cmd_ptr(cc->argv[1], &handler); if (!cmd) return -E_BAD_CMD; perms = cmd_perms_itohuman(cmd->perms); - ret = sc_send_va_buffer(scc, - "%s - %s\n\n" + ret = xasprintf(&buf, "%s - %s\n\n" "handler: %s\n" "permissions: %s\n" "usage: %s\n\n" "%s\n", - argv[1], + cc->argv[1], cmd->description, handler, perms, @@ -481,43 +646,46 @@ int com_help(struct stream_cipher_context *scc, int argc, char * const * argv) ); free(perms); free(handler); + if (cc->use_sideband) + return send_sb(&cc->scc, buf, ret, SBD_OUTPUT, false); + ret = sc_send_buffer(&cc->scc, buf); + free(buf); return ret; } /* hup */ -int com_hup(__a_unused struct stream_cipher_context *scc, int argc, __a_unused char * const * argv) +static int com_hup(struct command_context *cc) { - if (argc != 1) + if (cc->argc != 1) return -E_COMMAND_SYNTAX; kill(getppid(), SIGHUP); return 1; } /* term */ -int com_term(__a_unused struct stream_cipher_context *scc, int argc, __a_unused char * const * argv) +static int com_term(struct command_context *cc) { - if (argc != 1) + if (cc->argc != 1) return -E_COMMAND_SYNTAX; kill(getppid(), SIGTERM); return 1; } -int com_play(__a_unused struct stream_cipher_context *scc, int argc, __a_unused char * const * argv) +static int com_play(struct command_context *cc) { - if (argc != 1) + if (cc->argc != 1) return -E_COMMAND_SYNTAX; mutex_lock(mmd_mutex); mmd->new_vss_status_flags |= VSS_PLAYING; mmd->new_vss_status_flags &= ~VSS_NOMORE; mutex_unlock(mmd_mutex); return 1; - } /* stop */ -int com_stop(__a_unused struct stream_cipher_context *scc, int argc, __a_unused char * const * argv) +static int com_stop(struct command_context *cc) { - if (argc != 1) + if (cc->argc != 1) return -E_COMMAND_SYNTAX; mutex_lock(mmd_mutex); mmd->new_vss_status_flags &= ~VSS_PLAYING; @@ -528,9 +696,9 @@ int com_stop(__a_unused struct stream_cipher_context *scc, int argc, __a_unused } /* pause */ -int com_pause(__a_unused struct stream_cipher_context *scc, int argc, __a_unused char * const * argv) +static int com_pause(struct command_context *cc) { - if (argc != 1) + if (cc->argc != 1) return -E_COMMAND_SYNTAX; mutex_lock(mmd_mutex); if (!vss_paused() && !vss_stopped()) { @@ -543,9 +711,9 @@ int com_pause(__a_unused struct stream_cipher_context *scc, int argc, __a_unused } /* next */ -int com_next(__a_unused struct stream_cipher_context *scc, int argc, __a_unused char * const * argv) +static int com_next(struct command_context *cc) { - if (argc != 1) + if (cc->argc != 1) return -E_COMMAND_SYNTAX; mutex_lock(mmd_mutex); mmd->events++; @@ -555,9 +723,9 @@ int com_next(__a_unused struct stream_cipher_context *scc, int argc, __a_unused } /* nomore */ -int com_nomore(__a_unused struct stream_cipher_context *scc, int argc, __a_unused char * const * argv) +static int com_nomore(struct command_context *cc) { - if (argc != 1) + if (cc->argc != 1) return -E_COMMAND_SYNTAX; mutex_lock(mmd_mutex); if (vss_playing() || vss_paused()) @@ -567,16 +735,16 @@ int com_nomore(__a_unused struct stream_cipher_context *scc, int argc, __a_unuse } /* ff */ -int com_ff(__a_unused struct stream_cipher_context *scc, int argc, char * const * argv) +static int com_ff(struct command_context *cc) { long promille; int ret, backwards = 0; unsigned i; char c; - if (argc != 2) + if (cc->argc != 2) return -E_COMMAND_SYNTAX; - if (!(ret = sscanf(argv[1], "%u%c", &i, &c))) + if (!(ret = sscanf(cc->argv[1], "%u%c", &i, &c))) return -E_COMMAND_SYNTAX; if (ret > 1 && c == '-') backwards = 1; /* jmp backwards */ @@ -606,14 +774,14 @@ out: } /* jmp */ -int com_jmp(__a_unused struct stream_cipher_context *scc, int argc, char * const * argv) +static int com_jmp(struct command_context *cc) { long unsigned int i; int ret; - if (argc != 2) + if (cc->argc != 2) return -E_COMMAND_SYNTAX; - if (sscanf(argv[1], "%lu", &i) <= 0) + if (sscanf(cc->argv[1], "%lu", &i) <= 0) return -E_COMMAND_SYNTAX; mutex_lock(mmd_mutex); ret = -E_NO_AUDIO_FILE; @@ -704,6 +872,80 @@ static void reset_signals(void) para_sigaction(SIGHUP, SIG_DFL); } +static int parse_auth_request(char *buf, int len, struct user **u, + bool *use_sideband) +{ + int ret; + char *p, *username, **features = NULL; + size_t auth_rq_len = strlen(AUTH_REQUEST_MSG); + + *u = NULL; + *use_sideband = false; + if (len < auth_rq_len + 2) + return -E_AUTH_REQUEST; + if (strncmp(buf, AUTH_REQUEST_MSG, auth_rq_len) != 0) + return -E_AUTH_REQUEST; + username = buf + auth_rq_len; + p = strchr(username, ' '); + if (p) { + int i; + if (p == username) + return -E_AUTH_REQUEST; + *p = '\0'; + p++; + create_argv(p, ",", &features); + for (i = 0; features[i]; i++) { + if (strcmp(features[i], "sideband") == 0) + *use_sideband = true; + else { + ret = -E_BAD_FEATURE; + goto out; + } + } + } + PARA_DEBUG_LOG("received auth request for user %s (sideband = %s)\n", + username, *use_sideband? "true" : "false"); + *u = lookup_user(username); + ret = 1; +out: + free_argv(features); + return ret; +} + +#define HANDSHAKE_BUFSIZE 4096 + +static int parse_sb_command(struct command_context *cc, struct iovec *iov) +{ + int ret, i; + char *p, *end; + + ret = -E_BAD_CMD; + if (iov->iov_base == NULL || iov->iov_len == 0) + goto out; + p = iov->iov_base; + p[iov->iov_len - 1] = '\0'; /* just to be sure */ + cc->cmd = get_cmd_ptr(p, NULL); + if (!cc->cmd) + goto out; + ret = check_perms(cc->u->perms, cc->cmd); + if (ret < 0) + goto out; + end = iov->iov_base + iov->iov_len; + for (i = 0, p = iov->iov_base; p < end; i++) + p += strlen(p) + 1; + cc->argc = i; + cc->argv = para_malloc((cc->argc + 1) * sizeof(char *)); + for (i = 0, p = iov->iov_base; p < end; i++) { + cc->argv[i] = para_strdup(p); + p += strlen(p) + 1; + } + cc->argv[cc->argc] = NULL; + ret = cc->argc; +out: + free(iov->iov_base); + return ret; +} + /** * Perform user authentication and execute a command. * @@ -733,46 +975,39 @@ static void reset_signals(void) */ __noreturn void handle_connect(int fd, const char *peername) { - int ret, argc; - char buf[4096]; + int ret; unsigned char rand_buf[CHALLENGE_SIZE + 2 * SESSION_KEY_LEN]; unsigned char challenge_hash[HASH_SIZE]; - struct user *u; - struct server_command *cmd = NULL; - char **argv = NULL; - char *p, *command = NULL; + char *p, *command = NULL, *buf = para_malloc(HANDSHAKE_BUFSIZE) /* must be on the heap */; size_t numbytes; - struct stream_cipher_context scc = {.fd = fd}; + struct command_context cc_struct = {.peer = peername}, *cc = &cc_struct; + cc->scc.fd = fd; reset_signals(); /* we need a blocking fd here as recv() might return EAGAIN otherwise. */ ret = mark_fd_blocking(fd); if (ret < 0) goto net_err; /* send Welcome message */ - ret = send_va_buffer(fd, "This is para_server, version " - PACKAGE_VERSION ".\n" ); + ret = write_va_buffer(fd, "This is para_server, version " + PACKAGE_VERSION ".\n" + "Features: sideband\n" + ); if (ret < 0) goto net_err; /* recv auth request line */ - ret = recv_buffer(fd, buf, sizeof(buf)); + ret = recv_buffer(fd, buf, HANDSHAKE_BUFSIZE); if (ret < 0) goto net_err; - if (ret < 10) { - ret = -E_AUTH_REQUEST; - goto net_err; - } - numbytes = ret; - ret = -E_AUTH_REQUEST; - if (strncmp(buf, AUTH_REQUEST_MSG, strlen(AUTH_REQUEST_MSG))) + ret = parse_auth_request(buf, ret, &cc->u, &cc->use_sideband); + if (ret < 0) goto net_err; p = buf + strlen(AUTH_REQUEST_MSG); PARA_DEBUG_LOG("received auth request for user %s\n", p); - ret = -E_BAD_USER; - u = lookup_user(p); - if (u) { + cc->u = lookup_user(p); + if (cc->u) { get_random_bytes_or_die(rand_buf, sizeof(rand_buf)); - ret = pub_encrypt(u->pubkey, rand_buf, sizeof(rand_buf), + ret = pub_encrypt(cc->u->pubkey, rand_buf, sizeof(rand_buf), (unsigned char *)buf); if (ret < 0) goto net_err; @@ -788,17 +1023,31 @@ __noreturn void handle_connect(int fd, const char *peername) } PARA_DEBUG_LOG("sending %u byte challenge + rc4 keys (%zu bytes)\n", CHALLENGE_SIZE, numbytes); - ret = send_bin_buffer(fd, buf, numbytes); - if (ret < 0) - goto net_err; - /* recv challenge response */ - ret = recv_bin_buffer(fd, buf, HASH_SIZE); - if (ret < 0) - goto net_err; - numbytes = ret; - PARA_DEBUG_LOG("received %d bytes challenge response\n", ret); + if (cc->use_sideband) { + struct iovec iov; + ret = send_sb(&cc->scc, buf, numbytes, SBD_CHALLENGE, false); + buf = NULL; + if (ret < 0) + goto net_err; + ret = recv_sb(&cc->scc, SBD_CHALLENGE_RESPONSE, + HANDSHAKE_BUFSIZE, &iov); + if (ret < 0) + goto net_err; + buf = iov.iov_base; + numbytes = iov.iov_len; + } else { + ret = write_all(fd, buf, numbytes); + if (ret < 0) + goto net_err; + /* recv challenge response */ + ret = recv_bin_buffer(fd, buf, HASH_SIZE); + if (ret < 0) + goto net_err; + numbytes = ret; + } + PARA_DEBUG_LOG("received %zu bytes challenge response\n", numbytes); ret = -E_BAD_USER; - if (!u) + if (!cc->u) goto net_err; /* * The correct response is the hash of the first CHALLENGE_SIZE bytes @@ -812,52 +1061,73 @@ __noreturn void handle_connect(int fd, const char *peername) goto net_err; /* auth successful */ alarm(0); - PARA_INFO_LOG("good auth for %s\n", u->name); + PARA_INFO_LOG("good auth for %s\n", cc->u->name); /* init stream cipher keys with the second part of the random buffer */ - scc.recv = sc_new(rand_buf + CHALLENGE_SIZE, SESSION_KEY_LEN); - scc.send = sc_new(rand_buf + CHALLENGE_SIZE + SESSION_KEY_LEN, SESSION_KEY_LEN); - ret = sc_send_buffer(&scc, PROCEED_MSG); - if (ret < 0) - goto net_err; - ret = read_command(&scc, &command); - if (ret == -E_COMMAND_SYNTAX) - goto err_out; + cc->scc.recv = sc_new(rand_buf + CHALLENGE_SIZE, SESSION_KEY_LEN); + cc->scc.send = sc_new(rand_buf + CHALLENGE_SIZE + SESSION_KEY_LEN, SESSION_KEY_LEN); + if (cc->use_sideband) + ret = send_sb(&cc->scc, NULL, 0, SBD_PROCEED, false); + else + ret = sc_send_buffer(&cc->scc, PROCEED_MSG); if (ret < 0) goto net_err; - ret = -E_BAD_CMD; - cmd = parse_cmd(command); - if (!cmd) - goto err_out; - /* valid command, check permissions */ - ret = check_perms(u->perms, cmd); - if (ret < 0) - goto err_out; - /* valid command and sufficient perms */ - ret = create_argv(command, "\n", &argv); - if (ret < 0) - goto err_out; - argc = ret; - PARA_NOTICE_LOG("calling com_%s() for %s@%s\n", cmd->name, u->name, - peername); - ret = cmd->handler(&scc, argc, argv); - free_argv(argv); + if (cc->use_sideband) { + struct iovec iov; + ret = recv_sb(&cc->scc, SBD_COMMAND, MAX_COMMAND_LEN, &iov); + if (ret < 0) + goto net_err; + ret = parse_sb_command(cc, &iov); + if (ret < 0) + goto err_out; + cc->argc = ret; + } else { + ret = read_command(&cc->scc, &command); + if (ret == -E_COMMAND_SYNTAX) + goto err_out; + if (ret < 0) + goto net_err; + ret = -E_BAD_CMD; + cc->cmd = parse_cmd(command); + if (!cc->cmd) + goto err_out; + /* valid command, check permissions */ + ret = check_perms(cc->u->perms, cc->cmd); + if (ret < 0) + goto err_out; + /* valid command and sufficient perms */ + ret = create_argv(command, "\n", &cc->argv); + if (ret < 0) + goto err_out; + cc->argc = ret; + } + PARA_NOTICE_LOG("calling com_%s() for %s@%s\n", cc->cmd->name, + cc->u->name, peername); + ret = cc->cmd->handler(cc); + free_argv(cc->argv); mutex_lock(mmd_mutex); mmd->num_commands++; mutex_unlock(mmd_mutex); if (ret >= 0) goto out; err_out: - sc_send_va_buffer(&scc, "%s\n", para_strerror(-ret)); + if (send_strerror(cc, -ret) >= 0 && cc->use_sideband) + send_sb(&cc->scc, NULL, 0, SBD_EXIT__FAILURE, true); net_err: PARA_NOTICE_LOG("%s\n", para_strerror(-ret)); out: + free(buf); free(command); - sc_free(scc.recv); - sc_free(scc.send); mutex_lock(mmd_mutex); - if (cmd && (cmd->perms & AFS_WRITE) && ret >= 0) + if (cc->cmd && (cc->cmd->perms & AFS_WRITE) && ret >= 0) mmd->events++; mmd->active_connections--; mutex_unlock(mmd_mutex); + if (ret >= 0 && cc->use_sideband) { + ret = send_sb(&cc->scc, NULL, 0, SBD_EXIT__SUCCESS, true); + if (ret < 0) + PARA_NOTICE_LOG("%s\n", para_strerror(-ret)); + } + sc_free(cc->scc.recv); + sc_free(cc->scc.send); exit(ret < 0? EXIT_FAILURE : EXIT_SUCCESS); }