X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;ds=sidebyside;f=src%2Ftincctl.c;h=814800e8969c6c62c7060f26786789ef8fb63671;hb=551cd19406a560d0d206bff5b4e9da064ec222b6;hp=7e08629e76fed5da76ec6ac93950588793149be4;hpb=b1f8c65a2cfa307d9b8ed8cc3c8d4819f605e4f6;p=tinc diff --git a/src/tincctl.c b/src/tincctl.c index 7e08629e..814800e8 100644 --- a/src/tincctl.c +++ b/src/tincctl.c @@ -22,17 +22,12 @@ #include "system.h" #include -#include -#include -#include -#include -#include - #include #include "xalloc.h" #include "protocol.h" #include "control_common.h" +#include "rsagen.h" /* The name this program was run with. */ char *program_name = NULL; @@ -192,56 +187,19 @@ FILE *ask_and_open(const char *filename, const char *what, const char *mode) { return r; } -/* This function prettyprints the key generation process */ - -static void indicator(int a, int b, void *p) { - switch (a) { - case 0: - fprintf(stderr, "."); - break; - - case 1: - fprintf(stderr, "+"); - break; - - case 2: - fprintf(stderr, "-"); - break; - - case 3: - switch (b) { - case 0: - fprintf(stderr, " p\n"); - break; - - case 1: - fprintf(stderr, " q\n"); - break; - - default: - fprintf(stderr, "?"); - } - break; - - default: - fprintf(stderr, "?"); - } -} - /* Generate a public/private RSA keypair, and ask for a file to store them in. */ static bool keygen(int bits) { - RSA *rsa_key; + rsa_t key; FILE *f; char *name = NULL; char *filename; fprintf(stderr, _("Generating %d bits keys:\n"), bits); - rsa_key = RSA_generate_key(bits, 0x10001, indicator, NULL); - if(!rsa_key) { + if(!rsa_generate(&key, bits, 0x10001)) { fprintf(stderr, _("Error during key generation!\n")); return false; } else @@ -261,7 +219,8 @@ static bool keygen(int bits) { if(ftell(f)) fprintf(stderr, _("Appending key to existing contents.\nMake sure only one key is stored in the file.\n")); - PEM_write_RSAPrivateKey(f, rsa_key, NULL, NULL, 0, NULL, NULL); + rsa_write_pem_private_key(&key, f); + fclose(f); free(filename); @@ -278,7 +237,8 @@ static bool keygen(int bits) { if(ftell(f)) fprintf(stderr, _("Appending key to existing contents.\nMake sure only one key is stored in the file.\n")); - PEM_write_RSAPublicKey(f, rsa_key); + rsa_write_pem_public_key(&key, f); + fclose(f); free(filename); @@ -292,7 +252,7 @@ static void make_names(void) { #ifdef HAVE_MINGW HKEY key; char installdir[1024] = ""; - long len = sizeof(installdir); + long len = sizeof installdir; #endif if(netname) @@ -319,7 +279,7 @@ static void make_names(void) { #endif if(!controlsocketname) - asprintf(&controlsocketname, LOCALSTATEDIR "/run/%s.control", identname); + asprintf(&controlsocketname, "%s/run/%s.control/socket", LOCALSTATEDIR, identname); if(netname) { if(!confbase) @@ -360,7 +320,7 @@ static int send_ctl_request(int fd, enum request_type type, tinc_ctl_request_t req; int rv; struct iovec vector[2] = { - {&req, sizeof(req)}, + {&req, sizeof req}, {(void*) outdata, outdatalen} }; void *indata; @@ -425,7 +385,7 @@ static int send_ctl_request_cooked(int fd, enum request_type type, } if(buf != NULL) { - printf("%*s", buflen, buf); + printf("%*s", (int)buflen, buf); free(buf); } @@ -439,10 +399,9 @@ static int send_ctl_request_cooked(int fd, enum request_type type, int main(int argc, char *argv[], char *envp[]) { struct sockaddr_un addr; - int fd; - int len; tinc_ctl_greeting_t greeting; - tinc_ctl_request_t req; + int fd; + int result; program_name = argv[0]; @@ -486,12 +445,37 @@ int main(int argc, char *argv[], char *envp[]) { if(!strcasecmp(argv[optind], "start")) { argv[optind] = NULL; - execve("tincd", argv, envp); + execve(SBINDIR "/tincd", argv, envp); fprintf(stderr, _("Could not start tincd: %s"), strerror(errno)); return 1; } - // Now handle commands that do involve connecting to a running tinc daemon. + /* + * Now handle commands that do involve connecting to a running tinc daemon. + * Authenticate the server by ensuring the parent directory can be + * traversed only by root. Note this is not totally race-free unless all + * ancestors are writable only by trusted users, which we don't verify. + */ + + struct stat statbuf; + char *lastslash = strrchr(controlsocketname, '/'); + if(lastslash != NULL) { + /* control socket is not in cwd; stat its parent */ + *lastslash = 0; + result = stat(controlsocketname, &statbuf); + *lastslash = '/'; + } else + result = stat(".", &statbuf); + + if(result < 0) { + fprintf(stderr, _("Unable to check control socket directory permissions: %s\n"), strerror(errno)); + return 1; + } + + if(statbuf.st_uid != 0 || (statbuf.st_mode & S_IXOTH) != 0 || (statbuf.st_gid != 0 && (statbuf.st_mode & S_IXGRP)) != 0) { + fprintf(stderr, _("Insecure permissions on control socket directory\n")); + return 1; + } if(strlen(controlsocketname) >= sizeof addr.sun_path) { fprintf(stderr, _("Control socket filename too long!\n")); @@ -525,16 +509,8 @@ int main(int argc, char *argv[], char *envp[]) { return 1; } - struct ucred cred; - socklen_t credlen = sizeof cred; - - if(getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &cred, &credlen) < 0) { - fprintf(stderr, _("Could not obtain PID: %s\n"), strerror(errno)); - return 1; - } - if(!strcasecmp(argv[optind], "pid")) { - printf("%d\n", cred.pid); + printf("%d\n", greeting.pid); return 0; } @@ -595,7 +571,7 @@ int main(int argc, char *argv[], char *envp[]) { } debuglevel = atoi(argv[optind+1]); return send_ctl_request_cooked(fd, REQ_SET_DEBUG, &debuglevel, - sizeof(debuglevel)) != -1; + sizeof debuglevel) != -1; } if(!strcasecmp(argv[optind], "retry")) {