X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fcontrol.c;h=738521425e4d3ea01b14042c73de9ba319d01110;hb=07a560eab66b575f382428a956550817697e25e2;hp=b72ea9eeb59778509c1aa8f368110163d8288928;hpb=01f47c46af514a9d7f39c143e4558a8426a0d3eb;p=tinc diff --git a/src/control.c b/src/control.c index b72ea9ee..73852142 100644 --- a/src/control.c +++ b/src/control.c @@ -24,93 +24,289 @@ #include "system.h" #include "conf.h" #include "control.h" +#include "control_common.h" +#include "graph.h" #include "logger.h" #include "xalloc.h" static int control_socket = -1; static struct event control_event; static splay_tree_t *control_socket_tree; -extern char *controlfilename; +extern char *controlsocketname; -static void handle_control_data(int fd, short events, void *event) { - char buf[MAXBUFSIZE]; - size_t inlen; +static void handle_control_data(struct bufferevent *event, void *data) { + tinc_ctl_request_t req; + tinc_ctl_request_t res; + struct evbuffer *res_data = NULL; + void *req_data; - inlen = read(fd, buf, sizeof buf); + if(EVBUFFER_LENGTH(event->input) < sizeof req) + return; + + /* Copy the structure to ensure alignment */ + memcpy(&req, EVBUFFER_DATA(event->input), sizeof req); + + if(EVBUFFER_LENGTH(event->input) < req.length) + return; + req_data = EVBUFFER_DATA(event->input) + sizeof req; + + if(req.length < sizeof req) + goto failure; + + memset(&res, 0, sizeof res); + res.type = req.type; + res.id = req.id; + + res_data = evbuffer_new(); + if(res_data == NULL) { + res.res_errno = ENOMEM; + goto respond; + } + + if(req.type == REQ_STOP) { + logger(LOG_NOTICE, "Got '%s' command", "stop"); + event_loopexit(NULL); + goto respond; + } + + if(req.type == REQ_DUMP_NODES) { + logger(LOG_NOTICE, "Got '%s' command", "dump nodes"); + res.res_errno = dump_nodes(res_data); + goto respond; + } + + if(req.type == REQ_DUMP_EDGES) { + logger(LOG_NOTICE, "Got '%s' command", "dump edges"); + res.res_errno = dump_edges(res_data); + goto respond; + } + + if(req.type == REQ_DUMP_SUBNETS) { + logger(LOG_NOTICE, "Got '%s' command", "dump subnets"); + res.res_errno = dump_subnets(res_data); + goto respond; + } - if(inlen <= 0) { - logger(LOG_DEBUG, _("Closing control socket")); - event_del(event); - splay_delete(control_socket_tree, event); - close(fd); + if(req.type == REQ_DUMP_CONNECTIONS) { + logger(LOG_NOTICE, "Got '%s' command", "dump connections"); + res.res_errno = dump_connections(res_data); + goto respond; } + + if(req.type == REQ_DUMP_GRAPH) { + logger(LOG_NOTICE, "Got '%s' command", "dump graph"); + res.res_errno = dump_graph(res_data); + goto respond; + } + + if(req.type == REQ_PURGE) { + logger(LOG_NOTICE, "Got '%s' command", "purge"); + purge(); + goto respond; + } + + if(req.type == REQ_SET_DEBUG) { + debug_t new_debug_level; + + logger(LOG_NOTICE, "Got '%s' command", "debug"); + if(req.length != sizeof req + sizeof debug_level) + res.res_errno = EINVAL; + else { + memcpy(&new_debug_level, req_data, sizeof new_debug_level); + logger(LOG_NOTICE, "Changing debug level from %d to %d", + debug_level, new_debug_level); + if(evbuffer_add_printf(res_data, + "Changing debug level from %d to %d\n", + debug_level, new_debug_level) == -1) + res.res_errno = errno; + debug_level = new_debug_level; + } + goto respond; + } + + if(req.type == REQ_RETRY) { + logger(LOG_NOTICE, "Got '%s' command", "retry"); + retry(); + goto respond; + } + + if(req.type == REQ_RELOAD) { + logger(LOG_NOTICE, "Got '%s' command", "reload"); + res.res_errno = reload_configuration(); + goto respond; + } + + logger(LOG_DEBUG, "Malformed control command received"); + res.res_errno = EINVAL; + +respond: + res.length = (sizeof res) + + ((res_data == NULL) ? 0 : EVBUFFER_LENGTH(res_data)); + evbuffer_drain(event->input, req.length); + if(bufferevent_write(event, &res, sizeof res) == -1) + goto failure; + if(res_data != NULL) { + if(bufferevent_write_buffer(event, res_data) == -1) + goto failure; + evbuffer_free(res_data); + } + return; + +failure: + logger(LOG_INFO, "Closing control socket on error"); + evbuffer_free(res_data); + close(event->ev_read.ev_fd); + splay_delete(control_socket_tree, event); +} + +static void handle_control_error(struct bufferevent *event, short what, void *data) { + if(what & EVBUFFER_EOF) + logger(LOG_DEBUG, "Control socket connection closed by peer"); + else + logger(LOG_DEBUG, "Error while reading from control socket: %s", strerror(errno)); + + close(event->ev_read.ev_fd); + splay_delete(control_socket_tree, event); } static void handle_new_control_socket(int fd, short events, void *data) { int newfd; - struct event *ev; + struct bufferevent *ev; + tinc_ctl_greeting_t greeting; newfd = accept(fd, NULL, NULL); if(newfd < 0) { - logger(LOG_ERR, _("Accepting a new connection failed: %s"), strerror(errno)); + logger(LOG_ERR, "Accepting a new connection failed: %s", strerror(errno)); event_del(&control_event); return; } - ev = xmalloc(sizeof *ev); - event_set(ev, newfd, EV_READ | EV_PERSIST, handle_control_data, ev); - event_add(ev, NULL); + ev = bufferevent_new(newfd, handle_control_data, NULL, handle_control_error, NULL); + if(!ev) { + logger(LOG_ERR, "Could not create bufferevent for new control connection: %s", strerror(errno)); + close(newfd); + return; + } + + memset(&greeting, 0, sizeof greeting); + greeting.version = TINC_CTL_VERSION_CURRENT; + greeting.pid = getpid(); + if(bufferevent_write(ev, &greeting, sizeof greeting) == -1) { + logger(LOG_ERR, + "Cannot send greeting for new control connection: %s", + strerror(errno)); + bufferevent_free(ev); + close(newfd); + return; + } + + bufferevent_enable(ev, EV_READ); splay_insert(control_socket_tree, ev); - logger(LOG_DEBUG, _("Control socket connection accepted")); + logger(LOG_DEBUG, "Control socket connection accepted"); } static int control_compare(const struct event *a, const struct event *b) { return a < b ? -1 : a > b ? 1 : 0; } -void init_control() { +bool init_control() { + int result; struct sockaddr_un addr; + char *lastslash; - control_socket_tree = splay_alloc_tree((splay_compare_t)control_compare, (splay_action_t)free); - - if(strlen(controlfilename) >= sizeof addr.sun_path) { - logger(LOG_ERR, _("Control socket filename too long!")); - return; + if(strlen(controlsocketname) >= sizeof addr.sun_path) { + logger(LOG_ERR, "Control socket filename too long!"); + goto bail; } memset(&addr, 0, sizeof addr); addr.sun_family = AF_UNIX; - strncpy(addr.sun_path, controlfilename, sizeof addr.sun_path - 1); + strncpy(addr.sun_path, controlsocketname, sizeof addr.sun_path - 1); control_socket = socket(PF_UNIX, SOCK_STREAM, 0); if(control_socket < 0) { - logger(LOG_ERR, _("Creating UNIX socket failed: %s"), strerror(errno)); - return; + logger(LOG_ERR, "Creating UNIX socket failed: %s", strerror(errno)); + goto bail; } - unlink(controlfilename); - if(bind(control_socket, (struct sockaddr *)&addr, sizeof addr) < 0) { - logger(LOG_ERR, _("Can't bind to %s: %s\n"), controlfilename, strerror(errno)); - close(control_socket); - return; + /* + * Restrict connections to our control socket by ensuring the parent + * directory can be traversed only by root. Note this is not totally + * race-free unless all ancestors are writable only by trusted users, + * which we don't verify. + */ + + struct stat statbuf; + lastslash = strrchr(controlsocketname, '/'); + if(lastslash != NULL) { + *lastslash = 0; /* temporarily change controlsocketname to be dir */ + if(mkdir(controlsocketname, 0700) < 0 && errno != EEXIST) { + logger(LOG_ERR, "Unable to create control socket directory %s: %s", controlsocketname, strerror(errno)); + *lastslash = '/'; + goto bail; + } + + result = stat(controlsocketname, &statbuf); + *lastslash = '/'; + } else + result = stat(".", &statbuf); + + if(result < 0) { + logger(LOG_ERR, "Examining control socket directory failed: %s", strerror(errno)); + goto bail; + } + + if(statbuf.st_uid != 0 || (statbuf.st_mode & S_IXOTH) != 0 || (statbuf.st_gid != 0 && (statbuf.st_mode & S_IXGRP)) != 0) { + logger(LOG_ERR, "Control socket directory ownership/permissions insecure."); + goto bail; + } + + result = bind(control_socket, (struct sockaddr *)&addr, sizeof addr); + + if(result < 0 && errno == EADDRINUSE) { + result = connect(control_socket, (struct sockaddr *)&addr, sizeof addr); + if(result < 0) { + logger(LOG_WARNING, "Removing old control socket."); + unlink(controlsocketname); + result = bind(control_socket, (struct sockaddr *)&addr, sizeof addr); + } else { + if(netname) + logger(LOG_ERR, "Another tincd is already running for net `%s'.", netname); + else + logger(LOG_ERR, "Another tincd is already running."); + goto bail; + } + } + + if(result < 0) { + logger(LOG_ERR, "Can't bind to %s: %s", controlsocketname, strerror(errno)); + goto bail; } if(listen(control_socket, 3) < 0) { - logger(LOG_ERR, _("Can't listen on %s: %s\n"), controlfilename, strerror(errno)); - close(control_socket); - return; + logger(LOG_ERR, "Can't listen on %s: %s", controlsocketname, strerror(errno)); + goto bail; } + control_socket_tree = splay_alloc_tree((splay_compare_t)control_compare, (splay_action_t)bufferevent_free); + event_set(&control_event, control_socket, EV_READ | EV_PERSIST, handle_new_control_socket, NULL); event_add(&control_event, NULL); -} + return true; -void exit_control() { - if(control_socket >= 0) { - event_del(&control_event); +bail: + if(control_socket != -1) { close(control_socket); + control_socket = -1; } + return false; +} + +void exit_control() { + event_del(&control_event); + close(control_socket); + unlink(controlsocketname); }