2 * Amanda, The Advanced Maryland Automatic Network Disk Archiver
3 * Copyright (c) 1991-1999 University of Maryland at College Park
6 * Permission to use, copy, modify, distribute, and sell this software and its
7 * documentation for any purpose is hereby granted without fee, provided that
8 * the above copyright notice appear in all copies and that both that
9 * copyright notice and this permission notice appear in supporting
10 * documentation, and that the name of U.M. not be used in advertising or
11 * publicity pertaining to distribution of the software without specific,
12 * written prior permission. U.M. makes no representations about the
13 * suitability of this software for any purpose. It is provided "as is"
14 * without express or implied warranty.
16 * U.M. DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL U.M.
18 * BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
19 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
20 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
21 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 * Authors: the Amanda Development Team. Its members are listed in a
24 * file named AUTHORS, in the root directory of this distribution.
27 * $Id: bsd-security.c,v 1.75 2006/07/19 17:41:14 martinea Exp $
29 * "BSD" security module
39 #include "security-util.h"
44 #undef DUMPER_SOCKET_BUFFERING
47 #ifdef BSD_SECURITY /* { */
50 * Change the following from #undef to #define to cause detailed logging
51 * of the security steps, e.g. into /tmp/amanda/amandad*debug.
53 #undef SHOW_SECURITY_DETAIL
58 static void bsd_connect(const char *, char *(*)(char *, void *),
59 void (*)(void *, security_handle_t *, security_status_t),
61 static void bsd_accept(const struct security_driver *, int, int,
62 void (*)(security_handle_t *, pkt_t *));
63 static void bsd_close(void *);
64 static void * bsd_stream_server(void *);
65 static int bsd_stream_accept(void *);
66 static void * bsd_stream_client(void *, int);
67 static void bsd_stream_close(void *);
68 static int bsd_stream_auth(void *);
69 static int bsd_stream_id(void *);
70 static void bsd_stream_read(void *, void (*)(void *, void *, ssize_t), void *);
71 static ssize_t bsd_stream_read_sync(void *, void **);
72 static void bsd_stream_read_cancel(void *);
75 * This is our interface to the outside world
77 const security_driver_t bsd_security_driver = {
94 bsd_stream_read_cancel,
95 sec_close_connection_none,
101 * This is data local to the datagram socket. We have one datagram
102 * per process, so it is global.
104 static udp_handle_t netfd4;
105 static udp_handle_t netfd6;
106 static int not_init4 = 1;
107 static int not_init6 = 1;
109 /* generate new handles from here */
110 static int newhandle = 0;
113 * These are the internal helper functions
115 static void stream_read_callback(void *);
116 static void stream_read_sync_callback(void *);
119 * Setup and return a handle outgoing to a client
124 const char * hostname,
125 char * (*conf_fn)(char *, void *),
126 void (*fn)(void *, security_handle_t *, security_status_t),
130 struct sec_handle *bh;
133 struct timeval sequence_time;
134 amanda_timezone dontcare;
138 struct addrinfo hints;
139 struct addrinfo *res = NULL;
141 assert(hostname != NULL);
143 (void)conf_fn; /* Quiet unused parameter warning */
144 (void)datap; /* Quiet unused parameter warning */
146 bh = alloc(SIZEOF(*bh));
147 bh->proto_handle=NULL;
148 security_handleinit(&bh->sech, &bsd_security_driver);
151 * Only init the socket once
154 hints.ai_flags = AI_CANONNAME | AI_V4MAPPED | AI_ALL;
155 hints.ai_family = AF_INET6;
157 hints.ai_flags = AI_CANONNAME;
158 hints.ai_family = AF_INET;
160 hints.ai_socktype = SOCK_DGRAM;
161 hints.ai_protocol = IPPROTO_UDP;
162 hints.ai_addrlen = 0;
163 hints.ai_addr = NULL;
164 hints.ai_canonname = NULL;
165 hints.ai_next = NULL;
166 result = getaddrinfo(hostname, NULL, &hints, &res);
169 hints.ai_flags = AI_CANONNAME;
170 hints.ai_family = AF_UNSPEC;
171 result = getaddrinfo(hostname, NULL, &hints, &res);
175 dbprintf(("getaddrinfo(%s): %s\n", hostname, gai_strerror(result)));
176 security_seterror(&bh->sech, "getaddrinfo(%s): %s\n", hostname,
177 gai_strerror(result));
178 (*fn)(arg, &bh->sech, S_ERROR);
181 if (res->ai_canonname == NULL) {
182 dbprintf(("getaddrinfo(%s) did not return a canonical name\n", hostname));
183 security_seterror(&bh->sech,
184 _("getaddrinfo(%s) did not return a canonical name\n"), hostname);
185 (*fn)(arg, &bh->sech, S_ERROR);
190 if (res->ai_addr->sa_family == AF_INET6 && not_init6 == 1) {
192 dgram_zero(&netfd6.dgram);
196 dgram_bind(&netfd6.dgram, res->ai_addr->sa_family, &port);
198 netfd6.handle = NULL;
199 netfd6.pkt.body = NULL;
200 netfd6.recv_security_ok = &bsd_recv_security_ok;
201 netfd6.prefix_packet = &bsd_prefix_packet;
203 * We must have a reserved port. Bomb if we didn't get one.
205 if (port >= IPPORT_RESERVED) {
206 security_seterror(&bh->sech,
207 "unable to bind to a reserved port (got port %u)",
209 (*fn)(arg, &bh->sech, S_ERROR);
217 if (res->ai_addr->sa_family == AF_INET && not_init4 == 1) {
219 dgram_zero(&netfd4.dgram);
223 dgram_bind(&netfd4.dgram, res->ai_addr->sa_family, &port);
225 netfd4.handle = NULL;
226 netfd4.pkt.body = NULL;
227 netfd4.recv_security_ok = &bsd_recv_security_ok;
228 netfd4.prefix_packet = &bsd_prefix_packet;
230 * We must have a reserved port. Bomb if we didn't get one.
232 if (port >= IPPORT_RESERVED) {
233 security_seterror(&bh->sech,
234 "unable to bind to a reserved port (got port %u)",
236 (*fn)(arg, &bh->sech, S_ERROR);
244 if (res->ai_addr->sa_family == AF_INET6)
250 auth_debug(1, ("Resolved hostname=%s\n", res->ai_canonname));
251 if ((se = getservbyname(AMANDA_SERVICE_NAME, "udp")) == NULL)
252 port = AMANDA_SERVICE_DEFAULT;
254 port = (in_port_t)ntohs(se->s_port);
255 amanda_gettimeofday(&sequence_time, &dontcare);
256 sequence = (int)sequence_time.tv_sec ^ (int)sequence_time.tv_usec;
258 snprintf(handle, 14, "000-%08x", (unsigned)newhandle++);
259 if (udp_inithandle(bh->udp, bh, res->ai_canonname,
260 (struct sockaddr_storage *)res->ai_addr, port, handle, sequence) < 0) {
261 (*fn)(arg, &bh->sech, S_ERROR);
262 amfree(bh->hostname);
266 (*fn)(arg, &bh->sech, S_OK);
274 * Setup to accept new incoming connections
278 const struct security_driver * driver,
281 void (*fn)(security_handle_t *, pkt_t *))
284 assert(in >= 0 && out >= 0);
287 (void)out; /* Quiet unused parameter warning */
288 (void)driver; /* Quiet unused parameter warning */
291 * We assume in and out point to the same socket, and just use
294 dgram_socket(&netfd4.dgram, in);
295 dgram_socket(&netfd6.dgram, in);
298 * Assign the function and return. When they call recvpkt later,
299 * the recvpkt callback will call this function when it discovers
300 * new incoming connections
302 netfd4.accept_fn = fn;
303 netfd4.recv_security_ok = &bsd_recv_security_ok;
304 netfd4.prefix_packet = &bsd_prefix_packet;
305 netfd4.driver = &bsd_security_driver;
307 udp_addref(&netfd4, &udp_netfd_read_callback);
311 * Frees a handle allocated by the above
317 struct sec_handle *bh = cookie;
319 if(bh->proto_handle == NULL) {
323 auth_debug(1, ("%s: bsd: close handle '%s'\n",
324 debug_prefix_time(NULL), bh->proto_handle));
326 udp_recvpkt_cancel(bh);
328 bh->next->prev = bh->prev;
331 if (!not_init6 && netfd6.bh_last == bh)
332 netfd6.bh_last = bh->prev;
334 netfd4.bh_last = bh->prev;
337 bh->prev->next = bh->next;
340 if (!not_init6 && netfd6.bh_first == bh)
341 netfd6.bh_first = bh->next;
343 netfd4.bh_first = bh->next;
346 amfree(bh->proto_handle);
347 amfree(bh->hostname);
352 * Create the server end of a stream. For bsd, this means setup a tcp
353 * socket for receiving a connection.
359 struct sec_stream *bs = NULL;
360 struct sec_handle *bh = h;
364 bs = alloc(SIZEOF(*bs));
365 security_streaminit(&bs->secstr, &bsd_security_driver);
366 bs->socket = stream_server(&bs->port, (size_t)STREAM_BUFSIZE,
367 (size_t)STREAM_BUFSIZE, 0);
368 if (bs->socket < 0) {
369 security_seterror(&bh->sech,
370 "can't create server stream: %s", strerror(errno));
380 * Accepts a new connection on unconnected streams. Assumes it is ok to
387 struct sec_stream *bs = s;
390 assert(bs->socket != -1);
393 bs->fd = stream_accept(bs->socket, 30, STREAM_BUFSIZE, STREAM_BUFSIZE);
395 security_stream_seterror(&bs->secstr,
396 "can't accept new stream connection: %s", strerror(errno));
403 * Return a connected stream
410 struct sec_stream *bs = NULL;
411 struct sec_handle *bh = h;
412 #ifdef DUMPER_SOCKET_BUFFERING
413 int rcvbuf = SIZEOF(bs->databuf) * 2;
418 bs = alloc(SIZEOF(*bs));
419 security_streaminit(&bs->secstr, &bsd_security_driver);
420 bs->fd = stream_client(bh->hostname, (in_port_t)id,
421 STREAM_BUFSIZE, STREAM_BUFSIZE, &bs->port, 0);
423 security_seterror(&bh->sech,
424 "can't connect stream to %s port %d: %s", bh->hostname,
425 id, strerror(errno));
429 bs->socket = -1; /* we're a client */
431 #ifdef DUMPER_SOCKET_BUFFERING
432 setsockopt(bs->fd, SOL_SOCKET, SO_RCVBUF, (void *)&rcvbuf, SIZEOF(rcvbuf));
438 * Close and unallocate resources for a stream
444 struct sec_stream *bs = s;
450 if (bs->socket != -1)
452 bsd_stream_read_cancel(bs);
457 * Authenticate a stream. bsd streams have no authentication
463 (void)s; /* Quiet unused parameter warning */
465 return (0); /* success */
469 * Returns the stream id for this stream. This is just the local port.
475 struct sec_stream *bs = s;
479 return ((int)bs->port);
483 * Submit a request to read some data. Calls back with the given function
484 * and arg when completed.
489 void (*fn)(void *, void *, ssize_t),
492 struct sec_stream *bs = s;
495 * Only one read request can be active per stream.
497 if (bs->ev_read != NULL)
498 event_release(bs->ev_read);
500 bs->ev_read = event_register((event_id_t)bs->fd, EV_READFD, stream_read_callback, bs);
506 * Read a chunk of data to a stream. Blocks until completion.
509 bsd_stream_read_sync(
513 struct sec_stream *bs = s;
518 * Only one read request can be active per stream.
520 if(bs->ev_read != NULL) {
523 bs->ev_read = event_register((event_id_t)bs->fd, EV_READFD,
524 stream_read_sync_callback, bs);
525 event_wait(bs->ev_read);
532 * Callback for bsd_stream_read_sync
535 stream_read_sync_callback(
538 struct sec_stream *bs = s;
543 auth_debug(1, ("%s: bsd: stream_read_callback_sync: fd %d\n",
544 debug_prefix_time(NULL), bs->fd));
547 * Remove the event first, in case they reschedule it in the callback.
549 bsd_stream_read_cancel(bs);
551 n = read(bs->fd, bs->databuf, sizeof(bs->databuf));
552 } while ((n < 0) && ((errno == EINTR) || (errno == EAGAIN)));
554 security_stream_seterror(&bs->secstr, strerror(errno));
559 * Cancel a previous stream read request. It's ok if we didn't
560 * have a read scheduled.
563 bsd_stream_read_cancel(
566 struct sec_stream *bs = s;
569 if (bs->ev_read != NULL) {
570 event_release(bs->ev_read);
576 * Callback for bsd_stream_read
579 stream_read_callback(
582 struct sec_stream *bs = arg;
588 * Remove the event first, in case they reschedule it in the callback.
590 bsd_stream_read_cancel(bs);
592 n = read(bs->fd, bs->databuf, SIZEOF(bs->databuf));
593 } while ((n < 0) && ((errno == EINTR) || (errno == EAGAIN)));
596 security_stream_seterror(&bs->secstr, strerror(errno));
598 (*bs->fn)(bs->arg, bs->databuf, n);
601 #endif /* BSD_SECURITY */ /* } */