1 /*
2  * Copyright (c) 2021, 2022, 2024 Omar Polo <op@omarpolo.com>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 #include "compat.h"
18 
19 #include <limits.h>
20 #include <stdio.h>
21 #include <stdlib.h>
22 #include <string.h>
23 #include <unistd.h>
24 
25 #include "fs.h"
26 #include "tofu.h"
27 #include "utils.h"
28 
29 void
30 tofu_init(struct ohash *h, unsigned int sz, ptrdiff_t ko)
31 {
32 	struct ohash_info info = {
33 		.key_offset = ko,
34 		.calloc = hash_calloc,
35 		.free = hash_free,
36 		.alloc = hash_alloc,
37 	};
38 
39 	ohash_init(h, sz, &info);
40 }
41 
42 struct tofu_entry *
43 tofu_lookup(struct ohash *h, const char *domain, const char *port)
44 {
45 	char		buf[TOFU_URL_MAX_LEN];
46 	unsigned int	slot;
47 
48 	strlcpy(buf, domain, sizeof(buf));
49 	if (port != NULL && *port != '\0' && strcmp(port, "1965")) {
50 		strlcat(buf, ":", sizeof(buf));
51 		strlcat(buf, port, sizeof(buf));
52 	}
53 
54 	slot = ohash_qlookup(h, buf);
55 	return ohash_find(h, slot);
56 }
57 
58 void
59 tofu_add(struct ohash *h, struct tofu_entry *e)
60 {
61 	unsigned int	slot;
62 
63 	slot = ohash_qlookup(h, e->domain);
64 	ohash_insert(h, slot, e);
65 }
66 
67 int
68 tofu_save(struct ohash *h, struct tofu_entry *e)
69 {
70 	FILE *fp;
71 
72 	tofu_add(h, e);
73 
74 	if ((fp = fopen(known_hosts_file, "a")) == NULL)
75 		return -1;
76 	fprintf(fp, "%s %s %d\n", e->domain, e->hash, e->verified);
77 	fclose(fp);
78 	return 0;
79 }
80 
81 void
82 tofu_update(struct ohash *h, struct tofu_entry *e)
83 {
84 	struct tofu_entry *t;
85 
86 	if ((t = tofu_lookup(h, e->domain, NULL)) == NULL)
87 		tofu_add(h, e);
88 	else {
89 		strlcpy(t->hash, e->hash, sizeof(t->hash));
90 		t->verified = e->verified;
91 		free(e);
92 	}
93 }
94 
95 int
96 tofu_update_persist(struct ohash *h, struct tofu_entry *e)
97 {
98 	FILE	*tmp, *fp;
99 	char	 sfn[PATH_MAX], *line = NULL;
100 	size_t	 l, linesize = 0;
101 	ssize_t	 linelen;
102 	int	 fd, err;
103 
104 	tofu_update(h, e);
105 
106 	strlcpy(sfn, known_hosts_tmp, sizeof(sfn));
107 	if ((fd = mkstemp(sfn)) == -1 ||
108 	    (tmp = fdopen(fd, "w")) == NULL) {
109 		if (fd != -1) {
110 			unlink(sfn);
111 			close(fd);
112 		}
113 		return -1;
114 	}
115 
116 	if ((fp = fopen(known_hosts_file, "r")) == NULL) {
117 		unlink(sfn);
118 		fclose(tmp);
119 		return -1;
120 	}
121 
122 	l = strlen(e->domain);
123 	while ((linelen = getline(&line, &linesize, fp)) != -1) {
124 		if (!strncmp(line, e->domain, l))
125 			continue;
126 		if (linesize > 0 && line[linesize-1] == '\n')
127 			line[linesize-1] = '\0';
128 		fprintf(tmp, "%s\n", line);
129 	}
130 	fprintf(tmp, "%s %s %d\n", e->domain, e->hash, e->verified);
131 
132 	free(line);
133 	err = ferror(tmp);
134 	fclose(tmp);
135 	fclose(fp);
136 
137 	if (err) {
138 		unlink(sfn);
139 		return -1;
140 	}
141 
142 	if (rename(sfn, known_hosts_file) == -1)
143 		return -1;
144 	return 0;
145 }
146 
147 void
148 tofu_temp_trust(struct ohash *h, const char *host, const char *port,
149     const char *hash)
150 {
151 	struct tofu_entry *e;
152 
153 	if ((e = calloc(1, sizeof(*e))) == NULL)
154 		abort();
155 
156 	strlcpy(e->domain, host, sizeof(e->domain));
157 	if (*port != '\0' && strcmp(port, "1965")) {
158 		strlcat(e->domain, ":", sizeof(e->domain));
159 		strlcat(e->domain, port, sizeof(e->domain));
160 	}
161 	strlcpy(e->hash, hash, sizeof(e->hash));
162 	e->verified = -1;
163 
164 	tofu_update(h, e);
165 }