X-Git-Url: http://git.dolda2000.com/gitweb/?a=blobdiff_plain;f=daemon%2Fui.c;h=34eebc10210f0ae6cf860f3c10e3b24ec8ba4401;hb=3616b334bc6426e973e08b612a5e8fd30ad80a5f;hp=8a56c1f281d204218db081be23d1827139b2e6ff;hpb=7b2663a4c07e756aa44cb0e2144cb8efee1fe00c;p=doldaconnect.git diff --git a/daemon/ui.c b/daemon/ui.c index 8a56c1f..34eebc1 100644 --- a/daemon/ui.c +++ b/daemon/ui.c @@ -19,11 +19,11 @@ #define _GNU_SOURCE #include #include -#include #include #include #include #include +#include #include #include #include @@ -167,7 +167,9 @@ static void notifappend(struct notif *notif, ...); struct uiuser *users = NULL; struct uidata *actives = NULL; -struct socket *uisocket = NULL; +struct socket *tcpsocket = NULL; +struct socket *unixsocket = NULL; +static time_t starttime; static wchar_t *quoteword(wchar_t *word) { @@ -338,6 +340,9 @@ static void cmd_connect(struct socket *sk, struct uidata *data, int argc, wchar_ if(!memcmp(&((struct sockaddr_in6 *)sk->remote)->sin6_addr, &mv4lo, sizeof(in6addr_loopback))) valid = 1; break; + case AF_UNIX: + valid = 1; + break; default: valid = 0; break; @@ -384,7 +389,7 @@ static void cmd_lsauth(struct socket *sk, struct uidata *data, int argc, wchar_t prev = NULL; for(mech = mechs; mech != NULL; mech = mech->next) { - if(mech->enabled) + if(mech->enabled && authavailable(mech, sk)) { if(prev != NULL) sq(sk, 1, L"200", prev->name, NULL); @@ -433,7 +438,7 @@ static void cmd_login(struct socket *sk, struct uidata *data, int argc, wchar_t return; } free(buf); - switch(authenticate(data->auth, NULL)) + switch(authenticate(data->auth, sk, NULL)) { case AUTH_SUCCESS: data->userinfo = finduser(data->username); @@ -507,7 +512,7 @@ static void cmd_pass(struct socket *sk, struct uidata *data, int argc, wchar_t * sq(sk, 0, L"507", L"Data not expected", NULL); return; } - switch(authenticate(data->auth, buf)) + switch(authenticate(data->auth, sk, buf)) { case AUTH_SUCCESS: data->userinfo = finduser(data->username); @@ -589,7 +594,7 @@ static void cmd_fnetconnect(struct socket *sk, struct uidata *data, int argc, wc args = NULL; for(i = 3; i < argc - 1; i += 2) newwcspair(argv[i], argv[i + 1], &args); - fn = fnetinitconnect(argv[1], buf, args); + fn = fnetinitconnect(argv[1], data->userinfo->name, buf, args); err = errno; free(buf); if(fn == NULL) @@ -640,6 +645,11 @@ static void cmd_disconnect(struct socket *sk, struct uidata *data, int argc, wch sq(sk, 0, L"510", L"No such node", NULL); return; } + if(wpfind(fn->args, L"locked") && !((data->userinfo->perms & PERM_ADMIN) || !wcscmp(data->userinfo->name, fn->owner))) + { + sq(sk, 0, L"502", L"This node is locked and you are neither administrator nor its owner", NULL); + return; + } killfnetnode(fn); unlinkfnetnode(fn); } @@ -685,7 +695,7 @@ static void cmd_lspeers(struct socket *sk, struct uidata *data, int argc, wchar_ } else { for(peer = fn->peers; peer != NULL; peer = peer->next) { - sq(sk, 2 | ((peer->next != NULL)?1:0), L"200", peer->id, peer->nick, NULL); + sq(sk, 2 | ((peer->next != NULL)?1:0), L"200", L"%%ls", peer->id, L"%%ls", peer->nick, NULL); for(i = 0; i < peer->dinum; i++) { if(peer->peerdi[i].datum->datatype == FNPD_INT) @@ -698,7 +708,7 @@ static void cmd_lspeers(struct socket *sk, struct uidata *data, int argc, wchar_ sq(sk, 2, peer->peerdi[i].datum->id, buf, NULL); } if((peer->peerdi[i].datum->datatype == FNPD_STR) && (peer->peerdi[i].data.str != NULL)) - sq(sk, 2, peer->peerdi[i].datum->id, peer->peerdi[i].data.str, NULL); + sq(sk, 2, peer->peerdi[i].datum->id, L"%%ls", peer->peerdi[i].data.str, NULL); } sq(sk, 0, NULL); } @@ -1131,7 +1141,10 @@ static void cmd_filtercmd(struct socket *sk, struct uidata *data, int argc, wcha sq(sk, 0, L"505", L"System error - Could not fork session", "Internal error", NULL); return; } - if((filtercmd = findfile(icswcstombs(confgetstr("ui", "filtercmd"), NULL, NULL), "dcdl-filtercmd", pwent->pw_dir, 0)) == NULL) + filtercmd = findfile(icswcstombs(confgetstr("ui", "filtercmd"), NULL, NULL), NULL, 0); + if(filtercmd == NULL) + filtercmd = findfile("dc-filtercmd", pwent->pw_dir, 0); + if(filtercmd == NULL) { flog(LOG_WARNING, "could not find filtercmd executable for user %s", pwent->pw_name); sq(sk, 0, L"505", L"System error - Could not fork session", L"Could not find filtercmd executable", NULL); @@ -1232,7 +1245,7 @@ static void cmd_transstatus(struct socket *sk, struct uidata *data, int argc, wc havepriv(PERM_TRANS); buf1 = swprintf2(L"%lli", bytesdownload); buf2 = swprintf2(L"%lli", bytesupload); - sq(sk, 0, L"200", L"%%ls", buf1, L"%%ls", buf2, NULL); + sq(sk, 0, L"200", L"down", L"%%ls", buf1, L"up", L"%%ls", buf2, NULL); free(buf1); free(buf2); } @@ -1304,6 +1317,11 @@ static void cmd_sendmsg(struct socket *sk, struct uidata *data, int argc, wchar_ sq(sk, 0, L"200", L"Message sent", NULL); } +static void cmd_uptime(struct socket *sk, struct uidata *data, int argc, wchar_t **argv) +{ + sq(sk, 0, L"200", L"%%i", time(NULL) - starttime, NULL); +} + #undef haveargs #undef havepriv @@ -1342,6 +1360,7 @@ static struct command commands[] = {L"transstatus", cmd_transstatus}, {L"register", cmd_register}, {L"sendmsg", cmd_sendmsg}, + {L"uptime", cmd_uptime}, {NULL, NULL} }; @@ -2123,24 +2142,90 @@ static void preinit(int hup) } } -static int portupdate(struct configvar *var, void *uudata) +static struct sockaddr_un *makeunixname(void) +{ + static struct sockaddr_un buf; + char *val; + struct passwd *pwd; + uid_t uid; + + memset(&buf, 0, sizeof(buf)); + buf.sun_family = PF_UNIX; + if((val = icswcstombs(confgetstr("ui", "unixsock"), NULL, NULL)) == NULL) { + flog(LOG_WARNING, "could not map Unix socket name into local charset: %s", strerror(errno)); + return(NULL); + } + if(!strcmp(val, "none")) + return(NULL); + if(!strcmp(val, "default")) + { + if((uid = getuid()) == 0) + { + strcpy(buf.sun_path, "/var/run/doldacond.sock"); + return(&buf); + } else { + if((pwd = getpwuid(uid)) == NULL) + { + flog(LOG_ERR, "could not get passwd entry for current user: %s", strerror(errno)); + return(NULL); + } + strcpy(buf.sun_path, "/tmp/doldacond-"); + strcat(buf.sun_path, pwd->pw_name); + return(&buf); + } + } + if(strchr(val, '/')) + { + strcpy(buf.sun_path, val); + return(&buf); + } + flog(LOG_WARNING, "invalid Unix socket name: %s", val); + return(NULL); +} + +static int tcpportupdate(struct configvar *var, void *uudata) +{ + struct socket *newsock; + + newsock = NULL; + if((var->val.num != -1) && ((newsock = netcstcplisten(var->val.num, 1, uiaccept, NULL)) == NULL)) + { + flog(LOG_WARNING, "could not create new TCP UI socket, reverting to old: %s", strerror(errno)); + return(0); + } + if(tcpsocket != NULL) + { + putsock(tcpsocket); + tcpsocket = NULL; + } + tcpsocket = newsock; + return(0); +} + +static int unixsockupdate(struct configvar *var, void *uudata) { struct socket *newsock; + struct sockaddr_un *un; - if((uisocket = netcstcplisten(var->val.num, 1, uiaccept, NULL)) == NULL) + newsock = NULL; + if(((un = makeunixname()) != NULL) && ((newsock = netcslistenlocal(SOCK_STREAM, (struct sockaddr *)un, sizeof(*un), uiaccept, NULL)) == NULL)) { - flog(LOG_WARNING, "could not create new UI socket, reverting to old: %s", strerror(errno)); + flog(LOG_WARNING, "could not create new Unix UI socket, reverting to old: %s", strerror(errno)); return(0); } - if(uisocket != NULL) - putsock(uisocket); - uisocket = newsock; + if(unixsocket != NULL) + { + putsock(unixsocket); + unixsocket = NULL; + } + unixsocket = newsock; return(0); } static int init(int hup) { struct uiuser *user, *next; + struct sockaddr_un *un; if(hup) { @@ -2153,14 +2238,19 @@ static int init(int hup) } if(!hup) { - if(uisocket != NULL) - putsock(uisocket); - if((uisocket = netcstcplisten(confgetint("ui", "port"), 1, uiaccept, NULL)) == NULL) + starttime = time(NULL); + if((confgetint("ui", "port") != -1) && ((tcpsocket = netcstcplisten(confgetint("ui", "port"), 1, uiaccept, NULL)) == NULL)) + { + flog(LOG_CRIT, "could not create TCP UI socket: %s", strerror(errno)); + return(1); + } + CBREG(confgetvar("ui", "port"), conf_update, tcpportupdate, NULL, NULL); + if(((un = makeunixname()) != NULL) && ((unixsocket = netcslistenlocal(SOCK_STREAM, (struct sockaddr *)un, sizeof(*un), uiaccept, NULL)) == NULL)) { - flog(LOG_CRIT, "could not create UI socket: %s", strerror(errno)); + flog(LOG_CRIT, "could not create Unix UI socket: %s", strerror(errno)); return(1); } - CBREG(confgetvar("ui", "port"), conf_update, portupdate, NULL, NULL); + CBREG(confgetvar("ui", "unixsock"), conf_update, unixsockupdate, NULL, NULL); GCBREG(newfncb, newfnetnode, NULL); GCBREG(newtransfercb, newtransfernotify, NULL); } @@ -2243,13 +2333,38 @@ static void terminate(void) { while(users != NULL) freeuser(users); + if(tcpsocket != NULL) + putsock(tcpsocket); + if(unixsocket != NULL) + putsock(unixsocket); } static struct configvar myvars[] = { + /** If true, UI connections will only be accepted from localhost + * addresses (127.0.0.1, ::1 or ::ffff:127.0.0.1). Unless you are + * completely sure that you know what you are doing, never turn + * this off when auth.authless is on. */ {CONF_VAR_BOOL, "onlylocal", {.num = 1}}, + /** The TCP port number on which to accept UI client connections, + * or -1 to not listen on TCP. */ {CONF_VAR_INT, "port", {.num = 1500}}, + /** + * Controls the the name to use for the Unix socket on which to + * accept UI client connections. If the name contains a slash, it + * is treated as a file name to bind on. If the name is "default", + * the file name will be "/var/run/doldacond.sock" if doldacond + * runs with UID == 0, or "/tmp/doldacond-NAME" otherwise, where + * NAME is the user name of the UID which doldacond runs as. If + * the name is "none", no Unix socket will be used. Otherwise, an + * error is signaled. + */ + {CONF_VAR_STRING, "unixsock", {.str = L"default"}}, + /** The TOS value to use for UI connections (see the TOS VALUES + * section). */ {CONF_VAR_INT, "uitos", {.num = SOCK_TOS_MINDELAY}}, + /** The name of the filtercmd script (see the FILES section for + * lookup information). */ {CONF_VAR_STRING, "filtercmd", {.str = L"dc-filtercmd"}}, {CONF_VAR_END} };