Blob

Date:
Message:
Use gcc -ansi -pedantic in 9c. Fix many non-C89-isms.
Actions:
History | Blame | Raw File
1 #include <u.h>

2 #include <libc.h>

3 #include <bio.h>

4 #include <ndb.h>

5 #include <mp.h>

6 #include <libsec.h>

7 #include "SConn.h"

8 #include "secstore.h"

10 char *SECSTORE_DIR;

11 char* secureidcheck(char *, char *);   /* from /sys/src/cmd/auth/ */

12 extern char* dirls(char *path);

14 int verbose;

15 Ndb *db;

17 static void

18 usage(void)

19 {

20 	fprint(2, "usage: secstored [-R] [-S servername] [-s tcp!*!5356] [-v] [-x netmtpt]\n");

21 	exits("usage");

22 }

24 static int

25 getdir(SConn *conn, char *id)

26 {

27 	char *ls, *s; 

28 	uchar *msg;

29 	int n, len;

31 	s = emalloc(Maxmsg);

32 	snprint(s, Maxmsg, "%s/store/%s", SECSTORE_DIR, id);

34 	if((ls = dirls(s)) == nil)

35 		len = 0;

36 	else

37 		len = strlen(ls);

39 	/* send file size */

40 	snprint(s, Maxmsg, "%d", len);

41 	conn->write(conn, (uchar*)s, strlen(s));

43 	/* send directory listing in Maxmsg chunks */

44 	n = Maxmsg;

45 	msg = (uchar*)ls;

46 	while(len > 0){

47 		if(len < Maxmsg)

48 			n = len;

49 		conn->write(conn, msg, n);

50 		msg += n;

51 		len -= n;

52 	}

53 	free(s);

54 	free(ls);

55 	return 0;

56 }

58 char *

59 validatefile(char *f)

60 {

61 	char *nl;

63 	if(f==nil || *f==0)

64 		return nil;

65 	if(nl = strchr(f, '\n'))

66 		*nl = 0;

67 	if(strchr(f,'/') != nil || strcmp(f,"..")==0 || strlen(f) >= 300){

68 		syslog(0, LOG, "no slashes allowed: %s\n", f);

69 		return nil;

70 	}

71 	return f;

72 }

74 static int

75 getfile(SConn *conn, char *id, char *gf)

76 {

77 	int n, gd, len;

78 	ulong mode;

79 	char *s;

80 	Dir *st;

82 	if(strcmp(gf,".")==0)

83 		return getdir(conn, id);

85 	/* send file size */

86 	s = emalloc(Maxmsg);

87 	snprint(s, Maxmsg, "%s/store/%s/%s", SECSTORE_DIR, id, gf);

88 	gd = open(s, OREAD);

89 	if(gd < 0){

90 		syslog(0, LOG, "can't open %s: %r\n", s);

91 		free(s);

92 		conn->write(conn, (uchar*)"-1", 2);

93 		return -1;

94 	}

95 	st = dirfstat(gd);

96 	if(st == nil){

97 		syslog(0, LOG, "can't stat %s: %r\n", s);

98 		free(s);

99 		conn->write(conn, (uchar*)"-1", 2);

100 		return -1;

102 	mode = st->mode;

103 	len = st->length;

104 	free(st);

105 	if(mode & DMDIR) {

106 		syslog(0, LOG, "%s should be a plain file, not a directory\n", s);

107 		free(s);

108 		conn->write(conn, (uchar*)"-1", 2);

109 		return -1;

111 	if(len < 0 || len > MAXFILESIZE){

112 		syslog(0, LOG, "implausible filesize %d for %s\n", len, gf);

113 		free(s);

114 		conn->write(conn, (uchar*)"-3", 2);

115 		return -1;

117 	snprint(s, Maxmsg, "%d", len);

118 	conn->write(conn, (uchar*)s, strlen(s));

120 	/* send file in Maxmsg chunks */

121 	while(len > 0){

122 		n = read(gd, s, Maxmsg);

123 		if(n <= 0){

124 			syslog(0, LOG, "read error on %s: %r\n", gf);

125 			free(s);

126 			return -1;

128 		conn->write(conn, (uchar*)s, n);

129 		len -= n;

131 	close(gd);

132 	free(s);

133 	return 0;

136 static int

137 putfile(SConn *conn, char *id, char *pf)

139 	int n, nw, pd;

140 	long len;

141 	char s[Maxmsg+1];

143 	/* get file size */

144 	n = readstr(conn, s);

145 	if(n < 0){

146 		syslog(0, LOG, "remote: %s: %r\n", s);

147 		return -1;

149 	len = atoi(s);

150 	if(len == -1){

151 		syslog(0, LOG, "remote file %s does not exist\n", pf);

152 		return -1;

153 	}else if(len < 0 || len > MAXFILESIZE){

154 		syslog(0, LOG, "implausible filesize %ld for %s\n", len, pf);

155 		return -1;

158 	/* get file in Maxmsg chunks */

159 	if(strchr(pf,'/') != nil || strcmp(pf,"..")==0){

160 		syslog(0, LOG, "no slashes allowed: %s\n", pf);

161 		return -1;

163 	snprint(s, Maxmsg, "%s/store/%s/%s", SECSTORE_DIR, id, pf);

164 	pd = create(s, OWRITE, 0660);

165 	if(pd < 0){

166 		syslog(0, LOG, "can't open %s: %r\n", s);

167 		return -1;

169 	while(len > 0){

170 		n = conn->read(conn, (uchar*)s, Maxmsg);

171 		if(n <= 0){

172 			syslog(0, LOG, "empty file chunk\n");

173 			return -1;

175 		nw = write(pd, s, n);

176 		if(nw != n){

177 			syslog(0, LOG, "write error on %s: %r", pf);

178 			return -1;

180 		len -= n;

182 	close(pd);

183 	return 0;

187 static int

188 removefile(SConn *conn, char *id, char *f)

190 	Dir *d;

191 	char buf[Maxmsg];

193 	snprint(buf, Maxmsg, "%s/store/%s/%s", SECSTORE_DIR, id, f);

195 	if((d = dirstat(buf)) == nil){

196 		snprint(buf, sizeof buf, "remove failed: %r");

197 		writerr(conn, buf);

198 		return -1;

199 	}else if(d->mode & DMDIR){

200 		snprint(buf, sizeof buf, "can't remove a directory");

201 		writerr(conn, buf);

202 		free(d);

203 		return -1;

206 	free(d);

207 	if(remove(buf) < 0){

208 		snprint(buf, sizeof buf, "remove failed: %r");

209 		writerr(conn, buf);

210 		return -1;

212 	return 0;

215 /* given line directory from accept, returns ipaddr!port */

216 static char*

217 remoteIP(char *ldir)

219 	int fd, n;

220 	char rp[100], ap[500];

222 	snprint(rp, sizeof rp, "%s/remote", ldir);

223 	fd = open(rp, OREAD);

224 	if(fd < 0)

225 		return strdup("?!?");

226 	n = read(fd, ap, sizeof ap);

227 	if(n <= 0 || n == sizeof ap){

228 		fprint(2, "error %d reading %s: %r\n", n, rp);

229 		return strdup("?!?");

231 	close(fd);

232 	ap[n--] = 0;

233 	if(ap[n] == '\n')

234 		ap[n] = 0;

235 	return strdup(ap);

238 static int

239 dologin(int fd, char *S, int forceSTA)

241 	int i, n, rv;

242 	char *file, *mess;

243 	char msg[Maxmsg+1];

244 	PW *pw;

245 	SConn *conn;

247 	pw = nil;

248 	rv = -1;

250 	/* collect the first message */

251 	if((conn = newSConn(fd)) == nil)

252 		return -1;

253 	if(readstr(conn, msg) < 0){

254 		fprint(2, "remote: %s: %r\n", msg);

255 		writerr(conn, "can't read your first message");

256 		goto Out;

259 	/* authenticate */

260 	if(PAKserver(conn, S, msg, &pw) < 0){

261 		if(pw != nil)

262 			syslog(0, LOG, "secstore denied for %s", pw->id);

263 		goto Out;

265 	if((forceSTA || pw->status&STA) != 0){

266 		conn->write(conn, (uchar*)"STA", 3);

267 		if(readstr(conn, msg) < 10 || strncmp(msg, "STA", 3) != 0){

268 			syslog(0, LOG, "no STA from %s", pw->id);

269 			goto Out;

271 		mess = secureidcheck(pw->id, msg+3);

272 		if(mess != nil){

273 			syslog(0, LOG, "secureidcheck denied %s because %s", pw->id, mess);

274 			goto Out;

277 	conn->write(conn, (uchar*)"OK", 2);

278 	syslog(0, LOG, "AUTH %s", pw->id);

280 	/* perform operations as asked */

281 	while((n = readstr(conn, msg)) > 0){

282 		syslog(0, LOG, "[%s] %s", pw->id, msg);

284 		if(strncmp(msg, "GET ", 4) == 0){

285 			file = validatefile(msg+4);

286 			if(file==nil || getfile(conn, pw->id, file) < 0)

287 				goto Err;

289 		}else if(strncmp(msg, "PUT ", 4) == 0){

290 			file = validatefile(msg+4);

291 			if(file==nil || putfile(conn, pw->id, file) < 0){

292 				syslog(0, LOG, "failed PUT %s/%s", pw->id, file);

293 				goto Err;

296 		}else if(strncmp(msg, "RM ", 3) == 0){

297 			file = validatefile(msg+3);

298 			if(file==nil || removefile(conn, pw->id, file) < 0){

299 				syslog(0, LOG, "failed RM %s/%s", pw->id, file);

300 				goto Err;

303 		}else if(strncmp(msg, "CHPASS", 6) == 0){

304 			if(readstr(conn, msg) < 0){

305 				syslog(0, LOG, "protocol botch CHPASS for %s", pw->id);

306 				writerr(conn, "protocol botch while setting PAK");

307 				goto Out;

309 			pw->Hi = strtomp(msg, nil, 64, pw->Hi);

310 			for(i=0; i < 4 && putPW(pw) < 0; i++)

311 				syslog(0, LOG, "password change failed for %s (%d): %r", pw->id, i);

312 			if(i==4)

313 				goto Out;

315 		}else if(strncmp(msg, "BYE", 3) == 0){

316 			rv = 0;

317 			break;

319 		}else{

320 			writerr(conn, "unrecognized operation");

321 			break;

325 	if(n <= 0)

326 		syslog(0, LOG, "%s closed connection without saying goodbye\n", pw->id);

328 Out:

329 	freePW(pw);

330 	conn->free(conn);

331 	return rv;

332 Err:

333 	writerr(conn, "operation failed");

334 	goto Out;

337 void

338 main(int argc, char **argv)

340 	int afd, dfd, lcfd, forceSTA = 0;

341 	char adir[40], ldir[40], *remote;

342 	char *serve = "tcp!*!5356", *p, aserve[128];

343 	char *S = "secstore";

344 	char *dbpath;

345 	Ndb *db2;

347 	S = sysname();

348 	SECSTORE_DIR = unsharp("#9/secstore");

349 /*	setnetmtpt(net, sizeof(net), nil); */

350 	ARGBEGIN{

351 	case 'R':

352 		forceSTA = 1;

353 		break;

354 	case 's':

355 		serve = EARGF(usage());

356 		break;

357 	case 'S':

358 		S = EARGF(usage());

359 		break;

360 	case 'x':

361 		p = ARGF();

362 		if(p == nil)

363 			usage();

364 		USED(p);

365 	/*	setnetmtpt(net, sizeof(net), p); */

366 		break;

367 	case 'v':

368 		verbose++;

369 		break;

370 	default:

371 		usage();

372 	}ARGEND;

374 	if(!verbose)

375 		switch(rfork(RFNOTEG|RFPROC|RFFDG)) {

376 		case -1:

377 			sysfatal("fork: %r");

378 		case 0:

379 			break;

380 		default:

381 			exits(0);

384 	snprint(aserve, sizeof aserve, "%s", serve);

385 	afd = announce(aserve, adir);

386 	if(afd < 0)

387 		sysfatal("%s: %r\n", aserve);

388 	syslog(0, LOG, "ANNOUNCE %s", aserve);

389 	for(;;){

390 		if((lcfd = listen(adir, ldir)) < 0)

391 			exits("can't listen");

392 		switch(rfork(RFPROC|RFFDG|RFNOWAIT)){

393 		case -1:

394 			fprint(2, "secstore forking: %r\n");

395 			close(lcfd);

396 			break;

397 		case 0:

398 			/* "/lib/ndb/common.radius does not exist" if db set before fork */

399 			db = ndbopen(dbpath=unsharp("#9/ndb/auth"));

400 			if(db == 0)

401 				syslog(0, LOG, "no ndb/auth");

402 			db2 = ndbopen(0);

403 			if(db2 == 0)

404 				syslog(0, LOG, "no ndb/local");

405 			db = ndbcat(db, db2);

406 			if((dfd = accept(lcfd, ldir)) < 0)

407 				exits("can't accept");

408 			alarm(30*60*1000); 	/* 30 min */

409 			remote = remoteIP(ldir);

410 			syslog(0, LOG, "secstore from %s", remote);

411 			free(remote);

412 			dologin(dfd, S, forceSTA);

413 			exits(nil);

414 		default:

415 			close(lcfd);

416 			break;