~mdw / become / blob
? search:


34d1e528e0d008c27f4f6921490b5ef07a7d5df1
[become] / src / check.c
1 /* -*-c-*-
2 *
3 * $Id: check.c,v 1.3 1997/08/07 09:49:38 mdw Exp $
4 *
5 * Check validity of requests
6 *
7 * (c) 1997 EBI
8 */
9
10 /*----- Licensing notice --------------------------------------------------*
11 *
12 * This file is part of `become'
13 *
14 * `Become' is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2 of the License, or
17 * (at your option) any later version.
18 *
19 * `Become' is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
23 *
24 * You should have received a copy of the GNU General Public License
25 * along with `become'; if not, write to the Free Software Foundation,
26 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
27 */
28
29 /*----- Revision history --------------------------------------------------*
30 *
31 * $Log: check.c,v $
32 * Revision 1.3 1997/08/07 09:49:38 mdw
33 * Extensive modifications to handle netgroups. Also sanitise user and group
34 * names before adding them to the symbol table.
35 *
36 * Revision 1.2 1997/08/04 10:24:20 mdw
37 * Sources placed under CVS control.
38 *
39 * Revision 1.1 1997/07/21 13:47:53 mdw
40 * Initial revision
41 *
42 */
43
44 /*----- Header files ------------------------------------------------------*/
45
46 /* --- ANSI headers --- */
47
48 #include <ctype.h>
49 #include <errno.h>
50 #include <stdio.h>
51 #include <stdlib.h>
52 #include <string.h>
53 #include <time.h>
54
55 /* --- Unix headers --- */
56
57 #include <sys/time.h>
58 #include <sys/types.h>
59 #include <sys/socket.h>
60
61 #include <netinet/in.h>
62
63 #include <arpa/inet.h>
64
65 #include <netdb.h>
66 #include <unistd.h>
67
68 /* --- Local headers --- */
69
70 #include "become.h"
71 #include "config.h"
72 #include "crypt.h"
73 #include "idea.h"
74 #include "lexer.h"
75 #include "name.h"
76 #include "netg.h"
77 #include "rule.h"
78 #include "parser.h"
79 #include "tx.h"
80 #include "userdb.h"
81 #include "utils.h"
82
83 /*----- Main code ---------------------------------------------------------*/
84
85 /* --- @check__send@ --- *
86 *
87 * Arguments: @unsigned char *crq@ = pointer to encrypted request
88 * @int fd@ = socket to send from
89 * @struct sockaddr_in *serv@ = pointer to table of servers
90 * @size_t n_serv@ = number of servers
91 *
92 * Returns: ---
93 *
94 * Use: Sends the request packet to the list of servers. If the
95 * message couldn't be sent to any of them, an error is
96 * reported.
97 */
98
99 static void check__send(unsigned char *crq, int fd,
100 struct sockaddr_in *serv, size_t n_serv)
101 {
102 size_t i;
103 int ok = 0;
104 int err = 0;
105
106 for (i = 0; i < n_serv; i++) {
107 if (sendto(fd, (char *)crq, crq_size, 0,
108 (struct sockaddr *)(serv + i), sizeof(serv[i])) < 0) {
109 T( trace(TRACE_CLIENT, "client: send to %s failed: %s",
110 inet_ntoa(serv[i].sin_addr), strerror(errno)); )
111 err = errno;
112 } else
113 ok = 1;
114 }
115
116 if (!ok)
117 die("couldn't send request to server: %s", strerror(err));
118 }
119
120 /* --- @check__ask@ --- *
121 *
122 * Arguments: @request *rq@ = pointer to request buffer
123 * @struct sockaddr_in *serv@ = pointer to table of servers
124 * @size_t n_serv@ = number of servers
125 *
126 * Returns: Nonzero if OK, zero if forbidden
127 *
128 * Use: Contacts a number of servers to decide whether the request
129 * is OK.
130 */
131
132 static int check__ask(request *rq, struct sockaddr_in *serv, size_t n_serv)
133 {
134 int fd;
135 unsigned char crq[crq_size];
136 unsigned char sk[IDEA_KEYSIZE];
137 time_t t;
138 pid_t pid;
139
140 /* --- First, build the encrypted request packet --- */
141
142 {
143 unsigned char k[IDEA_KEYSIZE];
144 FILE *fp;
145
146 /* --- Read in the encryption key --- */
147
148 if ((fp = fopen(file_KEY, "r")) == 0) {
149 die("couldn't open key file `%s': %s", file_KEY,
150 strerror(errno));
151 }
152 tx_getBits(k, 128, fp);
153
154 /* --- Now build a request packet --- */
155
156 t = time(0);
157 pid = getpid();
158 crypt_packRequest(rq, crq, t, pid, k, sk);
159 burn(k);
160 T( trace(TRACE_CLIENT, "client: encrypted request packet"); )
161 }
162
163 /* --- Create my socket --- */
164
165 {
166 struct sockaddr_in sin;
167
168 if ((fd = socket(PF_INET, SOCK_DGRAM, 0)) < 0)
169 die("couldn't create socket: %s", strerror(errno));
170
171 /* --- Bind myself to some address --- */
172
173 sin.sin_family = AF_INET;
174 sin.sin_port = 0;
175 sin.sin_addr.s_addr = htonl(INADDR_ANY);
176
177 if (bind(fd, (struct sockaddr *)&sin, sizeof(sin)) < 0)
178 die("couldn't bind socket to address: %s", strerror(errno));
179 }
180
181 /* --- Now wait for a reply --- */
182
183 {
184 fd_set fds;
185 struct timeval start, now, tv;
186 int ind;
187 size_t i;
188
189 /* --- State table for waiting for replies --- *
190 *
191 * For each number, send off the request to our servers, and wait for
192 * that many seconds to have elapsed since we started. If the number is
193 * %$-1$% then it's time to give up.
194 */
195
196 static int tbl[] = { 0, 5, 10, 20, -1 };
197
198 /* --- Find out when we are --- */
199
200 gettimeofday(&start, 0);
201 ind = 0;
202
203 /* --- Now loop until everything's done --- */
204
205 for (;;) {
206 gettimeofday(&now, 0);
207
208 /* --- If the current timer has expired, find one that hasn't --- *
209 *
210 * Also resend the request after I've found a timer which is still
211 * extant. If there aren't any, report an error.
212 */
213
214 if (now.tv_sec >= start.tv_sec + tbl[ind] &&
215 now.tv_usec >= start.tv_usec) {
216 do {
217 ind++;
218 if (tbl[ind] < 0)
219 die("no reply from servers");
220 } while (now.tv_sec >= start.tv_sec + tbl[ind] &&
221 now.tv_usec >= start.tv_usec);
222 check__send(crq, fd, serv, n_serv);
223 T( trace(TRACE_CLIENT, "client: send request to servers"); )
224 }
225
226 /* --- Now wait for a packet to arrive --- */
227
228 if (now.tv_usec > start.tv_usec) {
229 now.tv_usec -= 1000000;
230 now.tv_sec += 1;
231 }
232 tv.tv_sec = start.tv_sec + tbl[ind] - now.tv_sec;
233 tv.tv_usec = start.tv_usec - now.tv_usec;
234
235 /* --- Sort out file descriptors to watch --- */
236
237 FD_ZERO(&fds);
238 FD_SET(fd, &fds);
239
240 /* --- Wait for them --- */
241
242 i = select(FD_SETSIZE, &fds, 0, 0, &tv);
243 if (i == 0 || (i < 0 && errno == EINTR))
244 continue;
245 if (i < 0)
246 die("error waiting for reply: %s", strerror(errno));
247
248 /* --- A reply should be waiting now --- */
249
250 {
251 struct sockaddr_in sin;
252 int slen = sizeof(sin);
253 unsigned char buff[256];
254 int answer;
255
256 /* --- Read the reply data --- */
257
258 if (recvfrom(fd, (char *)buff, sizeof(buff), 0,
259 (struct sockaddr *)&sin, &slen) < 0)
260 die("error reading server's reply: %s", strerror(errno));
261
262 IF_TRACING(TRACE_CLIENT, {
263 struct hostent *h = gethostbyaddr((char *)&sin.sin_addr,
264 sizeof(sin.sin_addr), AF_INET);
265 trace(TRACE_CLIENT, "client: reply received from %s port %i",
266 h ? h->h_name : inet_ntoa(sin.sin_addr),
267 ntohs(sin.sin_port));
268 })
269
270 /* --- Verify the sender --- *
271 *
272 * This is more to avoid confusion than for security: an active
273 * attacker is quite capable of forging the source address. We rely
274 * on the checksum in the reply packet for authentication.
275 */
276
277 for (i = 0; i < n_serv; i++) {
278 if (sin.sin_addr.s_addr == serv[i].sin_addr.s_addr &&
279 sin.sin_port == serv[i].sin_port)
280 break;
281 }
282 if (i >= n_serv) {
283 T( trace(TRACE_CLIENT, "client: reply from unknown host"); )
284 continue;
285 }
286
287 /* --- Unpack and verify the response --- */
288
289 answer = crypt_unpackReply(buff, sk, t, pid);
290 if (answer < 0) {
291 T( trace(TRACE_CLIENT,
292 "client: invalid or corrupt reply packet"); )
293 continue;
294 }
295 return (answer);
296 }
297 }
298 }
299
300 die("internal error: can't get here in check__ask");
301 return (0);
302 }
303
304 /* --- @check__client@ --- *
305 *
306 * Arguments: @request *rq@ = pointer to a request block
307 * @FILE *fp@ = file containing server configuration
308 *
309 * Returns: Nonzero if OK, zero if forbidden
310 *
311 * Use: Asks one or several servers whether a request is acceptable.
312 */
313
314 int check__client(request *rq, FILE *fp)
315 {
316 /* --- Format of the file --- *
317 *
318 * The `servers' file contains entries of the form
319 *
320 * %%\syntax{<host> [`:' <port>]}%%
321 *
322 * separates by whitespace. I build them all into an array of socket
323 * addresses and pass the whole lot to another function.
324 */
325
326 struct sockaddr_in *serv; /* Array of servers */
327 size_t n_serv, max_serv; /* Number and maximum number */
328
329 /* --- Initialise the server array --- */
330
331 T( trace(TRACE_CLIENT, "client: reading server definitions"); )
332 n_serv = 0; max_serv = 4; /* Four seems reasonable */
333 serv = xmalloc(sizeof(*serv) * max_serv);
334
335 /* --- Start reading the file --- */
336
337 {
338 char buff[256], *p, *l; /* A buffer and pointers for it */
339 int port; /* Default port for servers */
340 int state; /* Current parser state */
341 struct in_addr t_host; /* Temp place for an address*/
342 int t_port; /* Temp place for a port */
343 int ch; /* The current character */
344
345 /* --- Parser states --- */
346
347 enum {
348 st_start, /* Waiting to begin */
349 st_host, /* Reading a new hostname */
350 st_colon, /* Expecting a colon, maybe */
351 st_preport, /* Waiting before reading port */
352 st_port, /* Reading a port number */
353 st_commit, /* Commit a newly read server */
354 st_done /* Finished reading the file */
355 };
356
357 /* --- Find a default port --- */
358
359 {
360 struct servent *s = getservbyname(quis(), "udp");
361 port = (s ? s->s_port : -1);
362 }
363
364 /* --- Initialise for scanning the file --- */
365
366 state = st_host;
367 p = buff;
368 l = buff + sizeof(buff);
369 t_port = port;
370 ch = getc(fp);
371
372 /* --- Go for it --- */
373
374 while (state != st_done) {
375 switch (state) {
376
377 /* --- Initial whitespace before hostname --- */
378
379 case st_start:
380 if (ch == EOF)
381 state = st_done;
382 else if (isspace((unsigned char)ch))
383 ch = getc(fp);
384 else
385 state = st_host;
386 break;
387
388 /* --- Read a host name --- */
389
390 case st_host:
391 if (p == l)
392 die("string too long in `" file_SERVER "'");
393 if (ch != EOF && !isspace((unsigned char)ch) && ch != ':') {
394 *p++ = ch;
395 ch = getc(fp);
396 } else {
397 struct hostent *h;
398
399 *p++ = 0;
400 if ((h = gethostbyname(buff)) == 0)
401 die("unknown host `%s' in `" file_SERVER "'", buff);
402 memcpy(&t_host, h->h_addr, sizeof(t_host));
403 state = st_colon;
404 }
405 break;
406
407 /* --- Waiting for a colon coming up --- */
408
409 case st_colon:
410 if (ch == EOF)
411 state = st_commit;
412 else if (isspace((unsigned char)ch))
413 ch = getc(fp);
414 else if (ch == ':') {
415 state = st_preport;
416 ch = getc(fp);
417 }
418 else
419 state = st_commit;
420 break;
421
422 /* --- Clearing whitespace before a port number --- */
423
424 case st_preport:
425 if (ch == EOF)
426 state = st_commit;
427 else if (isspace((unsigned char)ch))
428 ch = getc(fp);
429 else {
430 state = st_port;
431 p = buff;
432 }
433 break;
434
435 /* --- Read a port number --- */
436
437 case st_port:
438 if (p == l)
439 die("string too long in `" file_SERVER "'");
440 if (ch != EOF && !isspace((unsigned char)ch) && ch != ':') {
441 *p++ = ch;
442 ch = getc(fp);
443 } else {
444 struct servent *s;
445
446 *p++ = 0;
447 s = getservbyname(buff, "udp");
448 if (!s && isdigit((unsigned char)buff[0]))
449 t_port = htons(atoi(buff));
450 else if (!s)
451 die("unknown service `%s' in `" file_SERVER "'", buff);
452 else
453 t_port = s->s_port;
454 state = st_commit;
455 }
456 break;
457
458 /* --- A server has been read successfully --- */
459
460 case st_commit:
461 if (n_serv == max_serv) {
462 max_serv *= 2;
463 serv = xrealloc(serv, max_serv * sizeof(*serv));
464 }
465 serv[n_serv].sin_family = AF_INET;
466 serv[n_serv].sin_addr = t_host;
467 serv[n_serv].sin_port = t_port;
468 n_serv++;
469 state = st_start;
470 p = buff;
471 t_port = port;
472 break;
473
474 /* --- A safety net for a broken parser --- */
475
476 default:
477 die("internal error: can't get here in check__client");
478 break;
479 }
480 }
481 }
482
483 fclose(fp);
484
485 /* --- Now start sending requests --- */
486
487 if (!n_serv)
488 die("no servers specified in `" file_SERVER "'");
489
490 IF_TRACING(TRACE_CLIENT, {
491 size_t i;
492
493 for (i = 0; i < n_serv; i++) {
494 trace(TRACE_CLIENT, "client: server %s port %i",
495 inet_ntoa(serv[i].sin_addr), ntohs(serv[i].sin_port));
496 }
497 })
498 return (check__ask(rq, serv, n_serv));
499 }
500
501 /* --- @check@ --- *
502 *
503 * Arguments: @request *rq@ = pointer to request buffer
504 *
505 * Returns: Nonzero if OK, zero if forbidden
506 *
507 * Use: Checks to see if the request is acceptable.
508 */
509
510 int check(request *rq)
511 {
512 FILE *fp;
513
514 /* --- Check if we need to talk to a server --- */
515
516 if ((fp = fopen(file_SERVER, "r")) != 0)
517 return (check__client(rq, fp));
518
519 /* --- Otherwise do this all the old-fashioned way --- */
520
521 if ((fp = fopen(file_RULES, "r")) == 0) {
522 die("couldn't read configuration file `%s': %s",
523 file_RULES, strerror(errno));
524 }
525
526 userdb_init();
527 userdb_local();
528 userdb_yp();
529 netg_init();
530 name_init();
531 rule_init();
532 lexer_scan(fp);
533 yyparse();
534
535 return (rule_check(rq));
536 }
537
538 /*----- That's all, folks -------------------------------------------------*/
Management for shared accounts