New file: simplifies the job of getting a newly checked-out source tree

[become] / src / daemon.c

/* -*-c-*-
 *
 * $Id: daemon.c,v 1.10 1998/04/23 13:23:09 mdw Exp $
 *
 * Running a `become' daemon
 *
 * (c) 1998 EBI
 */

/*----- Licensing notice --------------------------------------------------*
 *
 * This file is part of `become'
 *
 * `Become' is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * `Become' is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with `become'; if not, write to the Free Software Foundation,
 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 */

/*----- Revision history --------------------------------------------------*
 *
 * $Log: daemon.c,v $
 * Revision 1.10  1998/04/23 13:23:09  mdw
 * Support new interface to configuration file parser.
 *
 * Revision 1.9  1998/01/12 16:45:59  mdw
 * Fix copyright date.
 *
 * Revision 1.8  1997/09/26 09:14:58  mdw
 * Merged blowfish branch into trunk.
 *
 * Revision 1.7.2.1  1997/09/26 09:08:05  mdw
 * Use the Blowfish encryption algorithm instead of IDEA.  This is partly
 * because I prefer Blowfish (without any particularly strong evidence) but
 * mainly because IDEA is patented and Blowfish isn't.
 *
 * Revision 1.7  1997/09/17 10:23:23  mdw
 * Fix a typo.  Port numbers are in network order now, so don't change them.
 *
 * Revision 1.6  1997/09/09 18:17:06  mdw
 * Allow default port to be given as a service name or port number.
 *
 * Revision 1.5  1997/08/20  16:17:10  mdw
 * More sensible restart routine: `_reinit' functions replaced by `_end' and
 * `_init' functions.
 *
 * Revision 1.4  1997/08/07 10:00:37  mdw
 * (Log entry for previous version is bogus.)  Read netgroups database.
 * Give up privileges permanently on startup.
 *
 * Revision 1.2  1997/08/04 10:24:21  mdw
 * Sources placed under CVS control.
 *
 * Revision 1.1  1997/07/21  13:47:50  mdw
 * Initial revision
 *
 */

/*----- Header files ------------------------------------------------------*/

/* --- ANSI headers --- */

#include <errno.h>
#include <signal.h>
#include <setjmp.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

/* --- Unix headers --- */

#include <sys/types.h>
#include <sys/time.h>
#include <sys/socket.h>

#include <netinet/in.h>

#include <arpa/inet.h>

#include <netdb.h>
#include <syslog.h>
#include <unistd.h>

/* --- Local headers --- */

#include "become.h"
#include "blowfish.h"
#include "config.h"
#include "crypt.h"
#include "daemon.h"
#include "lexer.h"
#include "name.h"
#include "netg.h"
#include "parser.h"
#include "rule.h"
#include "tx.h"
#include "userdb.h"
#include "utils.h"

/*----- Arbitrary constants -----------------------------------------------*/

#define daemon__awakeEvery (30 * 60)	/* Awaken this often to rescan */

/*----- Static variables --------------------------------------------------*/

static int daemon__running = 0;		/* Am I running as a daemon? */
static int daemon__port = -1;		/* No particular port yet */
static volatile sig_atomic_t daemon__rescan = 0; /* Rescan as soon as poss */
#define daemon__signum daemon__rescan	/* Alias for readbility */
static int daemon__readKey = 0;		/* Have I read a key? */
static unsigned char daemon__key[BLOWFISH_KEYSIZE]; /* Encryption key */
static jmp_buf daemon__dieBuf;		/* Jump here to kill the daemon */

/*----- Main code ---------------------------------------------------------*/

/* --- @daemon_usePort@ --- *
 *
 * Arguments:	@int port@ = port to use, please
 *
 * Returns:	---
 *
 * Use:		Instructs the daemon to listen to the given port.
 */

void daemon_usePort(int port)
{
  daemon__port = port;
}

/* --- @daemon_readKey@ --- *
 *
 * Arguments:	@const char *kf@ = name of file containing key
 *
 * Returns:	---
 *
 * Use:		Instructs the daemon to read the named key file.
 */

void daemon_readKey(const char *kf)
{
  FILE *fp;

  if (!daemon__running)
    return;

  if ((fp = fopen(kf, "r")) == 0) {
    syslog(LOG_WARNING, "couldn't read key file: %e");
    return;
  }
  tx_getBits(daemon__key, 128, fp);
  fclose(fp);
  daemon__readKey = 1;
  return;
}

/* --- @daemon__readConfig@ --- *
 *
 * Arguments:	@const char *cf@ = pointer to configuration file to use
 *
 * Returns:	Zero if it worked, nonzero if it hurt...
 *
 * Use:		Reads the configuration file, and other things.
 */

static int daemon__readConfig(const char *cf)
{
  FILE *fp;

  daemon__readKey = 0;
  if ((fp = fopen(cf, "r")) == 0)
    return (-1);
  lexer_scan(fp);
  parse();
  fclose(fp);
  if (!daemon__readKey)
    daemon_readKey(file_KEY);
  daemon__rescan = 0;
  T( trace(TRACE_DAEMON, "daemon: read config file"); )
  return (0);
}

/* --- @daemon__restart@ --- *
 *
 * Arguments:	@int sig@ = the signal number
 *
 * Returns:	---
 *
 * Use:		Handles signals.  Causes the configuration file to be reread.
 */

static void daemon__restart(int sig)
{
  daemon__rescan = 1;
  signal(sig, daemon__restart);
}

/* --- @daemon__die@ --- *
 *
 * Arguments:	@int sig@ = the signal number
 *
 * Returns:	via @longjmp@
 *
 * Use:		Handles other signals.  Causes the daemon to die.
 */

static void daemon__die(int sig)
{
  daemon__signum = sig;
  longjmp(daemon__dieBuf, 1);
}

/* --- @daemon__read@ --- *
 *
 * Arguments:	@int fd@ = socket handle
 *
 * Returns:	---
 *
 * Use:		Examines a buffer, and returns a response.
 */

void daemon__read(int fd)
{
  unsigned char buff[65536];		/* Buffer for incoming packets */
  unsigned char rpl[crp_size];		/* Buffer for outgoing replies */
  struct sockaddr_in sin;		/* Address of packet sender */
  char sender[64];			/* Sender's hostname (resolved) */
  unsigned char sk[BLOWFISH_KEYSIZE];	/* Session key for reply */
  request rq;				/* Request buffer for verification */

  /* --- Read the message --- */

  {
    int slen = sizeof(sin);

    if (recvfrom(fd, (char *)buff, sizeof(buff), 0,
		 (struct sockaddr *)&sin, &slen) < 0) {
      T( trace(TRACE_DAEMON, "daemon: error reading packet: %s",
	       strerror(errno)); )
      syslog(LOG_INFO, "duff packet received: %e");
      return;
    }
  }

  /* --- Resolve the host name --- */

  {
    struct hostent *he = gethostbyaddr((char *)&sin.sin_addr,
				       sizeof(sin.sin_addr),
				       AF_INET);
    sender[0] = 0;
    strncat(sender,
	    he ? he->h_name : inet_ntoa(sin.sin_addr),
	    sizeof(sender));
    syslog(LOG_DEBUG, "packet received from %s", sender);
    T( trace(TRACE_DAEMON, "daemon: received request from %s", sender); )
  }

  /* --- Unpack the block --- */

  if (crypt_unpackRequest(&rq, buff, daemon__key, sk, rpl) == 0) {
    burn(buff);
    T( trace(TRACE_DAEMON, "daemon: received corrupt or invalid request"); )
    syslog(LOG_INFO, "packet from %s rejected", sender);
    return;
  }
  burn(buff);

  /* --- Fill in the sender's address in the request block --- */

  rq.host = sin.sin_addr;

  /* --- Build a reply block --- */

  {
    int answer = rule_check(&rq);
    syslog(LOG_INFO, "request from %s for %i to become %i to run %s %s",
	   sender, rq.from, rq.to, rq.cmd, answer ? "granted" : "denied");
    crypt_packReply(rpl, sk, answer);
    burn(sk);
  }

  /* --- Send the reply off --- */

  sendto(fd, (char *)rpl, crp_size, 0, (struct sockaddr *)&sin, sizeof(sin));
  T( trace(TRACE_DAEMON, "daemon: reply sent"); )
  burn(rpl);
}

/* --- @daemon_init@ --- *
 *
 * Arguments:	@const char *cf@ = pointer to name of configuration file
 *		@int port@ = port to listen to, or %$-1$% for default
 *
 * Returns:	Never.
 *
 * Use:		Starts `become' up in daemon mode.
 */

void daemon_init(const char *cf, int port)
{
  int s;

  /* --- Remove my root privileges --- *
   *
   * Just in case there's anything dodgy in my configuration file, or the
   * user wants me to start on a funny port.
   */

  setuid(getuid());

  /* --- Initialise bits of the program --- */

  daemon__running = 1;
  daemon__port = port;
  userdb_init();
  userdb_local();
  userdb_yp();
  netg_init();
  name_init();
  rule_init();
  openlog(quis(), 0, LOG_DAEMON);
  syslog(LOG_NOTICE, "starting up");

  if (daemon__readConfig(cf))
    die("couldn't read configuration file");

  /* --- Decide on a port to use --- *
   *
   * If I don't have a port yet (e.g., from the configuration file) then
   * look it up in /etc/services under whatever name I was started as.
   */

  if (daemon__port == 0) {
    struct servent *se = getservbyname(quis(), "udp");
    if (!se)
      die("no idea which port to listen to");
    daemon__port = se->s_port;
  }

  /* --- Now set up a socket --- */

  {
    struct sockaddr_in sin;

    if ((s = socket(PF_INET, SOCK_DGRAM, 0)) == -1)
      die("couldn't create socket: %s", strerror(errno));
    sin.sin_family = AF_INET;
    sin.sin_port = daemon__port;
    sin.sin_addr.s_addr = htonl(INADDR_ANY);
    if (bind(s, (struct sockaddr *)&sin, sizeof(sin))) {
      die("couldn't bind socket to port %i: %s",
	  ntohs(daemon__port), strerror(errno));
    }
  }

  /* --- Fork off into the sunset --- */

#ifdef NDEBUG
  {
    int pid = fork();
    FILE *fp;

    /* --- Make a background process --- */

    if (pid == -1)
      die("couldn't fork daemon: %s", strerror(errno));
    else if (pid != 0)
      return;

    /* --- Disconnect from the terminal --- */

    setsid();

    /* --- Write my process id to a file --- */

    if ((fp = fopen(file_PID, "w")) != 0) {
      fprintf(fp, "%lu\n", (unsigned long)getpid());
      fclose(fp);
    }
    T( trace(TRACE_DAEMON, "daemon: forked to pid %li", (long)getpid()); )
  }
#endif

  /* --- Program in daemon death mode --- */

  if (setjmp(daemon__dieBuf)) {
#ifdef TRACING
    if (daemon__signum == SIGQUIT && tracing() & TRACE_RULE) {
      T( rule_dump(); )
      signal(SIGQUIT, daemon__die);
    } else
#endif
    {
      T( trace(TRACE_DAEMON, "daemon: killed by signal %i",
	       daemon__signum); )
      syslog(LOG_NOTICE, "killed by signal type %i", daemon__signum);
      remove(file_PID);
      exit(0);
    }
  } else {

    /* --- Set signal handlers --- */

    signal(SIGHUP, daemon__restart);
    signal(SIGQUIT, daemon__die);
    signal(SIGINT, daemon__die);
    signal(SIGTERM, daemon__die);
    signal(SIGSEGV, daemon__die);
    signal(SIGFPE, daemon__die);
    signal(SIGBUS, daemon__die);
  }

  /* --- Now wait for something exciting to happen --- *
   *
   * Actually, every so often (5 minutes, perhaps) I need to wake up and
   * rescan the users to see whether they've changed.  Time to play with
   * @select@.
   */

  {
    time_t when;

    /* --- Find when I am, and thus when I need to be awoken again --- */

    when = time(0) + daemon__awakeEvery;

    for (;;) {
      fd_set fds;
      int i;

      /* --- Set up the file descriptor tables --- */

      FD_ZERO(&fds);
      FD_SET(s, &fds);

      /* --- Now wait for something interesting --- */

      T( trace(TRACE_DAEMON, "daemon: waiting for requests"); )
      i = select(FD_SETSIZE, &fds, 0, 0, 0);

      /* --- Now, see if I need to rescan the config --- */

      if (daemon__rescan || time(0) - when > 0) {
	daemon__rescan = 0;
	syslog(LOG_INFO, "rescanning configuration file");
	name_end();
	rule_end();
	netg_end();
	userdb_end();
	userdb_init();
	userdb_local();
	userdb_yp();
	netg_init();
	rule_init();
	name_init();
	if (daemon__readConfig(cf))
	  syslog(LOG_ERR, "error reading configuration file");
	when = time(0) + daemon__awakeEvery;
      }

      /* --- Read the data from the request --- */

      if (i > 0)
	daemon__read(s);
    }
  }
}

/*----- That's all, folks -------------------------------------------------*/