static void initTunfd(Dict* args, void* vcontext, String* txid, struct Allocator* requestAlloc)
{
struct Context* ctx = Identity_check((struct Context*) vcontext);
struct Jmp jmp;
Jmp_try(jmp) {
int64_t* tunfd = Dict_getInt(args, String_CONST("tunfd"));
int64_t* tuntype = Dict_getInt(args, String_CONST("type"));
if (!tunfd || *tunfd < 0) {
String* error = String_printf(requestAlloc, "Invalid tunfd");
sendResponse(error, ctx->admin, txid, requestAlloc);
return;
}
int fileno = *tunfd;
int type = (*tuntype) ? *tuntype : FileNo_Type_NORMAL;
struct Pipe* p = Pipe_forFiles(fileno, fileno, ctx->base, &jmp.handler, ctx->alloc);
p->logger = ctx->logger;
if (type == FileNo_Type_ANDROID) {
struct AndroidWrapper* aw = AndroidWrapper_new(ctx->alloc, ctx->logger);
Iface_plumb(&aw->externalIf, &p->iface);
Iface_plumb(&aw->internalIf, &ctx->nc->tunAdapt->tunIf);
} else {
Iface_plumb(&p->iface, &ctx->nc->tunAdapt->tunIf);
}
sendResponse(String_CONST("none"), ctx->admin, txid, requestAlloc);
} Jmp_catch {
String* error = String_printf(requestAlloc, "Failed to configure tunnel [%s]", jmp.message);
sendResponse(error, ctx->admin, txid, requestAlloc);
return;
}
}
static bool checkArgs(Dict* args, struct Function* func, String* txid, struct Admin* admin)
{
struct Dict_Entry* entry = *func->args;
String* error = NULL;
uint8_t buffer[1024];
struct Allocator* alloc = BufferAllocator_new(buffer, 1024);
while (entry != NULL) {
String* key = (String*) entry->key;
Assert_true(entry->val->type == Object_DICT);
Dict* value = entry->val->as.dictionary;
entry = entry->next;
if (*Dict_getInt(value, String_CONST("required")) == 0) {
continue;
}
String* type = Dict_getString(value, String_CONST("type"));
if ((type == STRING && !Dict_getString(args, key))
|| (type == DICT && !Dict_getDict(args, key))
|| (type == INTEGER && !Dict_getInt(args, key))
|| (type == LIST && !Dict_getList(args, key)))
{
error = String_printf(alloc,
"Entry [%s] is required and must be of type [%s]",
key->bytes,
type->bytes);
break;
}
}
if (error) {
Dict d = Dict_CONST(String_CONST("error"), String_OBJ(error), NULL);
Admin_sendMessage(&d, txid, admin);
}
return !error;
}
static void initTunnel(Dict* args, void* vcontext, String* txid)
{
struct Context* const ctx = (struct Context*) vcontext;
#define BUFFERSZ 1024
uint8_t buffer[BUFFERSZ];
struct Allocator* const alloc = BufferAllocator_new(buffer, BUFFERSZ);
struct Jmp jmp;
Jmp_try(jmp) {
Core_initTunnel(Dict_getString(args, String_CONST("desiredTunName")),
ctx->ipAddr,
8,
ctx->ducttape,
ctx->logger,
ctx->ipTunnel,
ctx->eventBase,
ctx->alloc,
&jmp.handler);
} Jmp_catch {
String* error = String_printf(alloc, "Failed to configure tunnel [%s]", jmp.message);
sendResponse(error, ctx->admin, txid, alloc);
return;
}
sendResponse(String_CONST("none"), ctx->admin, txid, alloc);
}
int CryptoAuth_addUser_ipv6(String* password,
String* login,
uint8_t ipv6[16],
struct CryptoAuth* cryptoAuth)
{
struct CryptoAuth_pvt* ca = Identity_check((struct CryptoAuth_pvt*) cryptoAuth);
struct Allocator* alloc = Allocator_child(ca->allocator);
struct CryptoAuth_User* user = Allocator_calloc(alloc, sizeof(struct CryptoAuth_User), 1);
user->alloc = alloc;
Identity_set(user);
if (!login) {
int i = 0;
for (struct CryptoAuth_User* u = ca->users; u; u = u->next) { i++; }
user->login = login = String_printf(alloc, "Anon #%d", i);
} else {
user->login = String_clone(login, alloc);
}
union CryptoHeader_Challenge ac;
// Users specified with a login field might want to use authType 1 still.
hashPassword(user->secret, &ac, login, password, 2);
Bits_memcpyConst(user->userNameHash, ac.bytes, CryptoHeader_Challenge_KEYSIZE);
hashPassword(user->secret, &ac, NULL, password, 1);
Bits_memcpyConst(user->passwordHash, ac.bytes, CryptoHeader_Challenge_KEYSIZE);
for (struct CryptoAuth_User* u = ca->users; u; u = u->next) {
if (Bits_memcmp(user->secret, u->secret, 32)) {
} else if (!login) {
} else if (String_equals(login, u->login)) {
Allocator_free(alloc);
return CryptoAuth_addUser_DUPLICATE;
}
}
if (ipv6) {
Bits_memcpyConst(user->restrictedToip6, ipv6, 16);
}
// Add the user to the *end* of the list
for (struct CryptoAuth_User** up = &ca->users; ; up = &(*up)->next) {
if (!*up) {
*up = user;
break;
}
}
return 0;
}
static String* getCorePath(struct Allocator* alloc)
{
struct Allocator* alloc2 = Allocator_child(alloc);
char* cjdroute2Path = Process_getPath(alloc2);
char* lastSlash = strrchr(cjdroute2Path, '/');
Assert_always(lastSlash != NULL);
*lastSlash = '\0';
String* tempOutput = String_printf(alloc2, "%s/cjdns", cjdroute2Path);
String* output = NULL;
if (fileExists(tempOutput->bytes)) {
output = String_clone(tempOutput, alloc);
}
Allocator_free(alloc2);
return output;
}
static void initTunnel(Dict* args, void* vcontext, String* txid, struct Allocator* requestAlloc)
{
struct Context* const ctx = Identity_check((struct Context*) vcontext);
struct Jmp jmp;
Jmp_try(jmp) {
String* desiredName = Dict_getString(args, String_CONST("desiredTunName"));
initTunnel2(desiredName, ctx, 8, &jmp.handler);
} Jmp_catch {
String* error = String_printf(requestAlloc, "Failed to configure tunnel [%s]", jmp.message);
sendResponse(error, ctx->admin, txid, requestAlloc);
return;
}
sendResponse(String_CONST("none"), ctx->admin, txid, requestAlloc);
}
static void authorizedPasswords(List* list, struct Context* ctx)
{
uint32_t count = List_size(list);
for (uint32_t i = 0; i < count; i++) {
Dict* d = List_getDict(list, i);
Log_info(ctx->logger, "Checking authorized password %d.", i);
if (!d) {
Log_critical(ctx->logger, "Not a dictionary type %d.", i);
exit(-1);
}
String* passwd = Dict_getString(d, String_CONST("password"));
if (!passwd) {
Log_critical(ctx->logger, "Must specify a password %d.", i);
exit(-1);
}
}
for (uint32_t i = 0; i < count; i++) {
struct Allocator* child = Allocator_child(ctx->alloc);
Dict* d = List_getDict(list, i);
String* passwd = Dict_getString(d, String_CONST("password"));
String* user = Dict_getString(d, String_CONST("user"));
String* displayName = user;
if (!displayName) {
displayName = String_printf(child, "password [%d]", i);
}
//String* publicKey = Dict_getString(d, String_CONST("publicKey"));
String* ipv6 = Dict_getString(d, String_CONST("ipv6"));
Log_info(ctx->logger, "Adding authorized password #[%d] for user [%s].",
i, displayName->bytes);
Dict *args = Dict_new(child);
uint32_t i = 1;
Dict_putInt(args, String_CONST("authType"), i, child);
Dict_putString(args, String_CONST("password"), passwd, child);
if (user) {
Dict_putString(args, String_CONST("user"), user, child);
}
Dict_putString(args, String_CONST("displayName"), displayName, child);
if (ipv6) {
Log_info(ctx->logger,
" This connection password restricted to [%s] only.", ipv6->bytes);
Dict_putString(args, String_CONST("ipv6"), ipv6, child);
}
rpcCall(String_CONST("AuthorizedPasswords_add"), args, ctx, child);
Allocator_free(child);
}
}
static void initTunnel(Dict* args, void* vcontext, String* txid, struct Allocator* requestAlloc)
{
struct Core_Context* const ctx = (struct Core_Context*) vcontext;
struct Jmp jmp;
Jmp_try(jmp) {
Core_initTunnel(Dict_getString(args, String_CONST("desiredTunName")),
ctx->ipAddr,
8,
ctx->ducttape,
ctx->logger,
ctx->ipTunnel,
ctx->eventBase,
ctx->alloc,
&jmp.handler);
} Jmp_catch {
String* error = String_printf(requestAlloc, "Failed to configure tunnel [%s]", jmp.message);
sendResponse(error, ctx->admin, txid, requestAlloc);
return;
}
sendResponse(String_CONST("none"), ctx->admin, txid, requestAlloc);
}
static void authorizedPasswords(List* list, struct Context* ctx)
{
uint32_t count = List_size(list);
for (uint32_t i = 0; i < count; i++) {
Dict* d = List_getDict(list, i);
Log_info(ctx->logger, "Checking authorized password %d.", i);
if (!d) {
Log_critical(ctx->logger, "Not a dictionary type %d.", i);
exit(-1);
}
String* passwd = Dict_getString(d, String_CONST("password"));
if (!passwd) {
Log_critical(ctx->logger, "Must specify a password %d.", i);
exit(-1);
}
}
for (uint32_t i = 0; i < count; i++) {
struct Allocator* child = Allocator_child(ctx->alloc);
Dict* d = List_getDict(list, i);
String* passwd = Dict_getString(d, String_CONST("password"));
String* user = Dict_getString(d, String_CONST("user"));
if (!user) {
user = String_printf(child, "password [%d]", i);
}
Log_info(ctx->logger, "Adding authorized password #[%d] for user [%s].", i, user->bytes);
Dict args = Dict_CONST(
String_CONST("authType"), Int_OBJ(1), Dict_CONST(
String_CONST("password"), String_OBJ(passwd), Dict_CONST(
String_CONST("user"), String_OBJ(user), NULL
)));
rpcCall(String_CONST("AuthorizedPasswords_add"), &args, ctx, child);
Allocator_free(child);
}
}
