2 * Amanda, The Advanced Maryland Automatic Network Disk Archiver
3 * Copyright (c) 1991-1999 University of Maryland at College Park
6 * Permission to use, copy, modify, distribute, and sell this software and its
7 * documentation for any purpose is hereby granted without fee, provided that
8 * the above copyright notice appear in all copies and that both that
9 * copyright notice and this permission notice appear in supporting
10 * documentation, and that the name of U.M. not be used in advertising or
11 * publicity pertaining to distribution of the software without specific,
12 * written prior permission. U.M. makes no representations about the
13 * suitability of this software for any purpose. It is provided "as is"
14 * without express or implied warranty.
16 * U.M. DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL U.M.
18 * BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
19 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
20 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
21 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 * Authors: the Amanda Development Team. Its members are listed in a
24 * file named AUTHORS, in the root directory of this distribution.
27 * $Id: bsd-security.c,v 1.75 2006/07/19 17:41:14 martinea Exp $
29 * "BSD" security module
39 #include "security-util.h"
44 #undef DUMPER_SOCKET_BUFFERING
50 static void bsd_connect(const char *, char *(*)(char *, void *),
51 void (*)(void *, security_handle_t *, security_status_t),
53 static void bsd_accept(const struct security_driver *,
54 char *(*)(char *, void *),
56 void (*)(security_handle_t *, pkt_t *),
58 static void bsd_close(void *);
59 static void * bsd_stream_server(void *);
60 static int bsd_stream_accept(void *);
61 static void * bsd_stream_client(void *, int);
62 static void bsd_stream_close(void *);
63 static int bsd_stream_auth(void *);
64 static int bsd_stream_id(void *);
65 static void bsd_stream_read(void *, void (*)(void *, void *, ssize_t), void *);
66 static ssize_t bsd_stream_read_sync(void *, void **);
67 static void bsd_stream_read_cancel(void *);
70 * This is our interface to the outside world
72 const security_driver_t bsd_security_driver = {
89 bsd_stream_read_cancel,
90 sec_close_connection_none,
96 * This is data local to the datagram socket. We have one datagram
97 * per process, so it is global.
99 static udp_handle_t netfd4;
100 static udp_handle_t netfd6;
101 static int not_init4 = 1;
102 static int not_init6 = 1;
104 /* generate new handles from here */
105 static int newhandle = 0;
108 * These are the internal helper functions
110 static void stream_read_callback(void *);
111 static void stream_read_sync_callback(void *);
114 * Setup and return a handle outgoing to a client
119 const char * hostname,
120 char * (*conf_fn)(char *, void *),
121 void (*fn)(void *, security_handle_t *, security_status_t),
125 struct sec_handle *bh;
128 struct timeval sequence_time;
132 struct addrinfo *res, *res_addr;
136 assert(hostname != NULL);
138 (void)conf_fn; /* Quiet unused parameter warning */
139 (void)datap; /* Quiet unused parameter warning */
141 bh = alloc(SIZEOF(*bh));
142 bh->proto_handle=NULL;
143 security_handleinit(&bh->sech, &bsd_security_driver);
145 result = resolve_hostname(hostname, SOCK_DGRAM, &res, &canonname);
147 dbprintf(_("resolve_hostname(%s): %s\n"), hostname, gai_strerror(result));
148 security_seterror(&bh->sech, _("resolve_hostname(%s): %s\n"), hostname,
149 gai_strerror(result));
150 (*fn)(arg, &bh->sech, S_ERROR);
153 if (canonname == NULL) {
154 dbprintf(_("resolve_hostname(%s) did not return a canonical name\n"), hostname);
155 security_seterror(&bh->sech,
156 _("resolve_hostname(%s) did not return a canonical name\n"), hostname);
157 (*fn)(arg, &bh->sech, S_ERROR);
161 dbprintf(_("resolve_hostname(%s): no results\n"), hostname);
162 security_seterror(&bh->sech,
163 _("resolve_hostname(%s): no results\n"), hostname);
164 (*fn)(arg, &bh->sech, S_ERROR);
169 for (res_addr = res; res_addr != NULL; res_addr = res_addr->ai_next) {
171 /* IPv6 socket already bound */
172 if (res_addr->ai_addr->sa_family == AF_INET6 && not_init6 == 0) {
176 * Only init the IPv6 socket once
178 if (res_addr->ai_addr->sa_family == AF_INET6 && not_init6 == 1) {
180 dgram_zero(&netfd6.dgram);
184 result_bind = dgram_bind(&netfd6.dgram,
185 res_addr->ai_addr->sa_family, &port);
187 if (result_bind != 0) {
190 netfd6.handle = NULL;
191 netfd6.pkt.body = NULL;
192 netfd6.recv_security_ok = &bsd_recv_security_ok;
193 netfd6.prefix_packet = &bsd_prefix_packet;
195 * We must have a reserved port. Bomb if we didn't get one.
197 if (port >= IPPORT_RESERVED) {
198 security_seterror(&bh->sech,
199 _("unable to bind to a reserved port (got port %u)"),
201 (*fn)(arg, &bh->sech, S_ERROR);
212 /* IPv4 socket already bound */
213 if (res_addr->ai_addr->sa_family == AF_INET && not_init4 == 0) {
218 * Only init the IPv4 socket once
220 if (res_addr->ai_addr->sa_family == AF_INET && not_init4 == 1) {
222 dgram_zero(&netfd4.dgram);
226 result_bind = dgram_bind(&netfd4.dgram,
227 res_addr->ai_addr->sa_family, &port);
229 if (result_bind != 0) {
232 netfd4.handle = NULL;
233 netfd4.pkt.body = NULL;
234 netfd4.recv_security_ok = &bsd_recv_security_ok;
235 netfd4.prefix_packet = &bsd_prefix_packet;
237 * We must have a reserved port. Bomb if we didn't get one.
239 if (port >= IPPORT_RESERVED) {
240 security_seterror(&bh->sech,
241 "unable to bind to a reserved port (got port %u)",
243 (*fn)(arg, &bh->sech, S_ERROR);
254 if (res_addr == NULL) {
255 dbprintf(_("Can't bind a socket to connect to %s\n"), hostname);
256 security_seterror(&bh->sech,
257 _("Can't bind a socket to connect to %s\n"), hostname);
258 (*fn)(arg, &bh->sech, S_ERROR);
264 if (res_addr->ai_addr->sa_family == AF_INET6)
270 auth_debug(1, _("Resolved hostname=%s\n"), canonname);
271 if ((se = getservbyname(AMANDA_SERVICE_NAME, "udp")) == NULL)
272 port = AMANDA_SERVICE_DEFAULT;
274 port = (in_port_t)ntohs(se->s_port);
275 amanda_gettimeofday(&sequence_time);
276 sequence = (int)sequence_time.tv_sec ^ (int)sequence_time.tv_usec;
278 g_snprintf(handle, 14, "000-%08x", (unsigned)newhandle++);
279 if (udp_inithandle(bh->udp, bh, canonname,
280 (struct sockaddr_storage *)res_addr->ai_addr, port, handle, sequence) < 0) {
281 (*fn)(arg, &bh->sech, S_ERROR);
282 amfree(bh->hostname);
286 (*fn)(arg, &bh->sech, S_OK);
295 * Setup to accept new incoming connections
299 const struct security_driver * driver,
300 char *(*conf_fn)(char *, void *),
303 void (*fn)(security_handle_t *, pkt_t *),
307 assert(in >= 0 && out >= 0);
310 (void)out; /* Quiet unused parameter warning */
311 (void)driver; /* Quiet unused parameter warning */
316 * We assume in and out point to the same socket, and just use
319 dgram_socket(&netfd4.dgram, in);
320 dgram_socket(&netfd6.dgram, in);
323 * Assign the function and return. When they call recvpkt later,
324 * the recvpkt callback will call this function when it discovers
325 * new incoming connections
327 netfd4.accept_fn = fn;
328 netfd4.recv_security_ok = &bsd_recv_security_ok;
329 netfd4.prefix_packet = &bsd_prefix_packet;
330 netfd4.driver = &bsd_security_driver;
332 udp_addref(&netfd4, &udp_netfd_read_callback);
336 * Frees a handle allocated by the above
342 struct sec_handle *bh = cookie;
344 if(bh->proto_handle == NULL) {
348 auth_debug(1, _("bsd: close handle '%s'\n"), bh->proto_handle);
350 udp_recvpkt_cancel(bh);
352 bh->next->prev = bh->prev;
355 if (!not_init6 && netfd6.bh_last == bh)
356 netfd6.bh_last = bh->prev;
358 netfd4.bh_last = bh->prev;
361 bh->prev->next = bh->next;
364 if (!not_init6 && netfd6.bh_first == bh)
365 netfd6.bh_first = bh->next;
367 netfd4.bh_first = bh->next;
370 amfree(bh->proto_handle);
371 amfree(bh->hostname);
376 * Create the server end of a stream. For bsd, this means setup a tcp
377 * socket for receiving a connection.
383 struct sec_stream *bs = NULL;
384 struct sec_handle *bh = h;
388 bs = alloc(SIZEOF(*bs));
389 security_streaminit(&bs->secstr, &bsd_security_driver);
390 bs->socket = stream_server(bh->udp->peer.ss_family, &bs->port,
391 (size_t)STREAM_BUFSIZE, (size_t)STREAM_BUFSIZE,
393 if (bs->socket < 0) {
394 security_seterror(&bh->sech,
395 _("can't create server stream: %s"), strerror(errno));
405 * Accepts a new connection on unconnected streams. Assumes it is ok to
412 struct sec_stream *bs = s;
415 assert(bs->socket != -1);
418 bs->fd = stream_accept(bs->socket, 30, STREAM_BUFSIZE, STREAM_BUFSIZE);
420 security_stream_seterror(&bs->secstr,
421 _("can't accept new stream connection: %s"), strerror(errno));
428 * Return a connected stream
435 struct sec_stream *bs = NULL;
436 struct sec_handle *bh = h;
437 #ifdef DUMPER_SOCKET_BUFFERING
438 int rcvbuf = SIZEOF(bs->databuf) * 2;
443 bs = alloc(SIZEOF(*bs));
444 security_streaminit(&bs->secstr, &bsd_security_driver);
445 bs->fd = stream_client(bh->hostname, (in_port_t)id,
446 STREAM_BUFSIZE, STREAM_BUFSIZE, &bs->port, 0);
448 security_seterror(&bh->sech,
449 _("can't connect stream to %s port %d: %s"), bh->hostname,
450 id, strerror(errno));
454 bs->socket = -1; /* we're a client */
456 #ifdef DUMPER_SOCKET_BUFFERING
457 setsockopt(bs->fd, SOL_SOCKET, SO_RCVBUF, (void *)&rcvbuf, SIZEOF(rcvbuf));
463 * Close and unallocate resources for a stream
469 struct sec_stream *bs = s;
475 if (bs->socket != -1)
477 bsd_stream_read_cancel(bs);
482 * Authenticate a stream. bsd streams have no authentication
488 (void)s; /* Quiet unused parameter warning */
490 return (0); /* success */
494 * Returns the stream id for this stream. This is just the local port.
500 struct sec_stream *bs = s;
504 return ((int)bs->port);
508 * Submit a request to read some data. Calls back with the given function
509 * and arg when completed.
514 void (*fn)(void *, void *, ssize_t),
517 struct sec_stream *bs = s;
520 * Only one read request can be active per stream.
522 if (bs->ev_read != NULL)
523 event_release(bs->ev_read);
525 bs->ev_read = event_register((event_id_t)bs->fd, EV_READFD, stream_read_callback, bs);
531 * Read a chunk of data to a stream. Blocks until completion.
534 bsd_stream_read_sync(
538 struct sec_stream *bs = s;
543 * Only one read request can be active per stream.
545 if(bs->ev_read != NULL) {
548 bs->ev_read = event_register((event_id_t)bs->fd, EV_READFD,
549 stream_read_sync_callback, bs);
550 event_wait(bs->ev_read);
557 * Callback for bsd_stream_read_sync
560 stream_read_sync_callback(
563 struct sec_stream *bs = s;
568 auth_debug(1, _("bsd: stream_read_callback_sync: fd %d\n"), bs->fd);
571 * Remove the event first, in case they reschedule it in the callback.
573 bsd_stream_read_cancel(bs);
575 n = read(bs->fd, bs->databuf, sizeof(bs->databuf));
576 } while ((n < 0) && ((errno == EINTR) || (errno == EAGAIN)));
578 security_stream_seterror(&bs->secstr, strerror(errno));
583 * Cancel a previous stream read request. It's ok if we didn't
584 * have a read scheduled.
587 bsd_stream_read_cancel(
590 struct sec_stream *bs = s;
593 if (bs->ev_read != NULL) {
594 event_release(bs->ev_read);
600 * Callback for bsd_stream_read
603 stream_read_callback(
606 struct sec_stream *bs = arg;
612 * Remove the event first, in case they reschedule it in the callback.
614 bsd_stream_read_cancel(bs);
616 n = read(bs->fd, bs->databuf, SIZEOF(bs->databuf));
617 } while ((n < 0) && ((errno == EINTR) || (errno == EAGAIN)));
620 security_stream_seterror(&bs->secstr, strerror(errno));
622 (*bs->fn)(bs->arg, bs->databuf, n);