Example #1
0
int *ipc_init_(const char *uniq_dgrp, const char *id_str, int len1, int len2) {

  int i;

  char *uniq=strdupf(uniq_dgrp,len1);
  char *id=strdupf(id_str,len2);

  i=ipc_init(uniq,id);

  free(uniq);
  free(id);

  return ( (int*) i);
}
Example #2
0
palo_err string_get_word_or_whitespace_a(char **to, const char *from, size_t *index) {
	size_t idx, last_idx;

	assert(to != NULL);
	assert(from != NULL);
	assert(index != NULL);

	if (IS_WHITESPACE(from[*index])) {
		*to = strdupf("%c", from[*index]);
		if (*to == NULL) {
				return PALO_ERR_NO_MEM;
		}
		++(*index);
		return PALO_SUCCESS;
	}

	/* skip data */
	for (idx = *index; !IS_WHITESPACE(from[idx]) && from[idx] != L'\0'; idx++);
	last_idx = idx;

	*to = (char*)malloc((last_idx - *index + 1) * sizeof(char));
	if (*to == NULL) {
			return PALO_ERR_NO_MEM;
	}
	memcpy(*to, from + *index, (last_idx - *index)*sizeof(char));
	(*to)[last_idx-*index] = '\0';

	*index = idx;

	return PALO_SUCCESS;
}
Example #3
0
/* note: also called from the root context */
static int set_interface_var(const char *iface, const char *var, const char *name, uint32_t val)
{
	int retval = -1;
	FILE * fp = 0;
	char * spath = strdupf(var, iface);

	/* No path traversal */
	if (!iface[0] || !strcmp(iface, ".") || !strcmp(iface, "..") || strchr(iface, '/'))
		goto cleanup;

	if (access(spath, F_OK) != 0)
		goto cleanup;

	fp = fopen(spath, "w");
	if (!fp) {
		if (name)
			flog(LOG_ERR, "failed to set %s (%u) for %s: %s", name, val, iface, strerror(errno));
		goto cleanup;
	}

	if (0 > fprintf(fp, "%u", val)) {
		goto cleanup;
	}

	retval = 0;

cleanup:
	if (fp)
		fclose(fp);

	free(spath);

	return retval;
}
Example #4
0
static munge_err_t
_m_msg_client_millisleep (m_msg_t m, unsigned long msecs)
{
/*  Sleeps for 'msecs' milliseconds.
 *  Returns EMUNGE_SUCCESS on success,
 *    or EMUNGE_SNAFU on error (with additional info if 'm' is not NULL).
 */
    struct timespec ts;
    int rv;

    ts.tv_sec = msecs / 1000;
    ts.tv_nsec = (msecs % 1000) * 1000 * 1000;

    while (1) {
        rv = nanosleep (&ts, &ts);
        if (rv == 0) {
            break;
        }
        else if (errno == EINTR) {
            continue;
        }
        else if (m != NULL) {
            m_msg_set_err (m, EMUNGE_SNAFU,
                strdupf ("Failed nanosleep: %s", strerror (errno)));
        }
        return (EMUNGE_SNAFU);
    }
    return (EMUNGE_SUCCESS);
}
Example #5
0
void ipc_subject_subscribe_(const char *fsub, int flen) 
{
  char *sub=strdupf(fsub,flen);
  TipcSrvSubjectSetSubscribe(sub,TRUE);
  free(sub);
  return;

}
Example #6
0
void ipc_command_parse_str_(const char *fstr, int flen) 
{
  char *str=strdupf(fstr,flen);
  TutCommandParseStr(str);
  free(str);
  return;

}
Example #7
0
int *tcl_evalfile_(int *finterp, char *fname, int flen){

  Tcl_Interp *interp=(Tcl_Interp *) *finterp;
  char *name=strdupf(fname,flen);
  
  Tcl_EvalFile(interp,name);
  free(name);

}
Example #8
0
int
main (
  int argc,
  char * * argv ) {
  char * psz;
    psz = strdupf("%s - %s - %s, %d\n", "hoge", "fuga", "foo", 256);
    fprintf(stderr, psz);
    return (0);
}
Example #9
0
File: job.c Project: dun/munge 
static void
_job_exec (m_msg_t m)
{
/*  Receives and responds to the message request [m].
 */
    munge_err_t  e;
    const char  *p;

    assert (m != NULL);

    e = m_msg_recv (m, MUNGE_MSG_UNDEF, MUNGE_MAXIMUM_REQ_LEN);
    if (e == EMUNGE_SUCCESS) {
        switch (m->type) {
            case MUNGE_MSG_ENC_REQ:
                enc_process_msg (m);
                break;
            case MUNGE_MSG_DEC_REQ:
                dec_process_msg (m);
                break;
            default:
                m_msg_set_err (m, EMUNGE_SNAFU,
                    strdupf ("Invalid message type %d", m->type));
                break;
        }
    }
    /*  For certain MUNGE "cred" errors, the credential has been successfully
     *    decoded but is deemed invalid for other reasons.  In these cases,
     *    the origin IP address is added to the logged error message to aid
     *    in troubleshooting.
     */
    if (m->error_num != EMUNGE_SUCCESS) {
        p = (m->error_str != NULL)
            ? m->error_str
            : munge_strerror (m->error_num);
        switch (m->error_num) {
            case EMUNGE_CRED_EXPIRED:
            case EMUNGE_CRED_REWOUND:
            case EMUNGE_CRED_REPLAYED:
                if (m->addr_len == 4) {
                    char ip_addr_buf [INET_ADDRSTRLEN];
                    if (inet_ntop (AF_INET, &m->addr, ip_addr_buf,
                                   sizeof (ip_addr_buf)) != NULL) {
                        log_msg (LOG_INFO, "%s from %s", p, ip_addr_buf);
                        break;
                    }
                }
                /* fall-through */
            default:
                log_msg (LOG_INFO, "%s", p);
                break;
        }
    }
    m_msg_destroy (m);
    return;
}
Example #10
0
int *ipc_set_server_names_(const char *namesf, int len)
{
  int i;

  char *server=strdupf(namesf,len);

  i=ipc_set_server_names(server);

  free(server);

  return( (int*) i);
}
Example #11
0
int *ipc_set_disconnect_mode_(const char *namef, int len)
{
  int i;

  char *mode=strdupf(namef,len);

  i=ipc_set_disconnect_mode(mode);

  free(mode);

  return( (int*) i); 
}
Example #12
0
int *ipc_set_application_(const char *namef, int len)
{
  int i;

  char *app=strdupf(namef,len);

  i=ipc_set_application(app);

  free(app);

  return( (int*) i); 
}
Example #13
0
int *ipc_status_append_str_(T_IPC_MSG msg, const char *namef, int len)
{
  int i;

  char *str=strdupf(namef,len);

  i=TipcMsgAppendStr(msg,str);

  free(str);

  return( (int*) i);
}
Example #14
0
int *ipc_set_status_poll_group_(const char *namef, int len)
{
  int i;

  char *grp=strdupf(namef,len);

  i=ipc_set_status_poll_group(grp);

  free(grp);

  return( (int*) i);
}
Example #15
0
static munge_err_t
_decode_rsp (m_msg_t m, munge_ctx_t ctx,
               void **buf, int *len, uid_t *uid, gid_t *gid)
{
/*  Extracts a Decode Response message received from the local munge daemon.
 *  The outputs from this message are as follows:
 *    cipher, mac, zip, realm, ttl, addr, time0, time1, cred_uid, cred_gid,
 *    auth_uid, auth_gid, data_len, data, error_num, error_len, error_str.
 *  Note that error_num and error_str are set by _munge_ctx_set_err()
 *    called from munge_decode() (ie, the parent of this stack frame).
 */
    assert (m != NULL);

    /*  Perform sanity checks.
     */
    if (m->type != MUNGE_MSG_DEC_RSP) {
        m_msg_set_err (m, EMUNGE_SNAFU,
            strdupf ("Client received invalid message type %d", m->type));
        return (EMUNGE_SNAFU);
    }
    /*  Return the result.
     */
    if (ctx) {
        ctx->cipher = m->cipher;
        ctx->mac = m->mac;
        ctx->zip = m->zip;
        if ((ctx->realm_str = m->realm_str) != NULL) {
            m->realm_is_copy = 1;
        }
        ctx->ttl = m->ttl;
        ctx->addr.s_addr = m->addr.s_addr;;
        ctx->time0 = m->time0;
        ctx->time1 = m->time1;
        ctx->auth_uid = m->auth_uid;
        ctx->auth_gid = m->auth_gid;
    }
    if (buf && len && (m->data_len > 0)) {
        assert (* ((unsigned char *) m->data + m->data_len) == '\0');
        *buf = m->data;
        m->data_is_copy = 1;
    }
    if (len) {
        *len = m->data_len;
    }
    if (uid) {
        *uid = m->cred_uid;
    }
    if (gid) {
        *gid = m->cred_gid;
    }
    return (m->error_num);
}
Example #16
0
static munge_err_t
_m_msg_client_disconnect (m_msg_t m) {
    munge_err_t e;

    assert (m != NULL);
    assert (m->sd >= 0);

    if (close (m->sd) < 0) {
        m_msg_set_err (m, EMUNGE_SOCKET,
            strdupf ("Failed to close socket: %s", strerror (errno)));
        e = EMUNGE_SOCKET;
    }
    else {
        e = EMUNGE_SUCCESS;
    }
    m->sd = -1;
    return (e);
}
Example #17
0
/**
 * Create a list of expandable variables from envp and possibly argv
 */
am_list_t *
create_expandable_variable_list (MYSQL *mysql, const char *envp[], const char *argv[]){
	time_t t;
	char      *escaped_username = NULL;
	char      *escaped_password = NULL;
	const char *username, *password;
	am_list_t *l = am_list_new ();

	if (l == NULL)
		return l;

	t = time (NULL);

	username = get_env ("username", envp);
	password = get_env ("password", envp);
	if (username != NULL){
		escaped_username = (char *) am_malloc (sizeof(char) * (strlen (username) * 2 + 1));
		mysql_real_escape_string (mysql, escaped_username, username, strlen (username));
	}
	if (password != NULL){
		escaped_password = (char *) am_malloc (sizeof(char) * (strlen (password) * 2 + 1));
		mysql_real_escape_string (mysql, escaped_password, password, strlen (password));
	}

	am_list_append (l, kvp_new_with_kv (EV_DUP ("time_now"), strdupf ("%d", t)));
	am_list_append (l, kvp_new_with_kv (EV_DUP ("username"), NULL_OR_DUP (username)));
	am_list_append (l, kvp_new_with_kv (EV_DUP ("password"), NULL_OR_DUP (password)));
	am_list_append (l, kvp_new_with_kv (EV_DUP ("escaped_username"), NULL_OR_DUP (escaped_username)));
	am_list_append (l, kvp_new_with_kv (EV_DUP ("escaped_password"), NULL_OR_DUP (escaped_password)));
	am_list_append (l, kvp_new_with_kv (EV_DUP ("trusted_port"), NULL_OR_DUP (get_env ("trusted_port", envp))));
	am_list_append (l, kvp_new_with_kv (EV_DUP ("trusted_ip"), NULL_OR_DUP (get_env ("trusted_ip", envp))));
	am_list_append (l, kvp_new_with_kv (EV_DUP ("time_unix"), NULL_OR_DUP (get_env ("time_unix", envp))));
	am_list_append (l, kvp_new_with_kv (EV_DUP ("ifconfig_pool_remote_ip"), NULL_OR_DUP (get_env ("ifconfig_pool_remote_ip", envp))));
	am_list_append (l, kvp_new_with_kv (EV_DUP ("ifconfig_pool_local_ip"), NULL_OR_DUP (get_env ("ifconfig_pool_local_ip", envp))));
	am_list_append (l, kvp_new_with_kv (EV_DUP ("ifconfig_local"), NULL_OR_DUP (get_env ("ifconfig_local", envp))));
	am_list_append (l, kvp_new_with_kv (EV_DUP ("time_duration"), NULL_OR_DUP (get_env ("time_duration", envp))));
	am_list_append (l, kvp_new_with_kv (EV_DUP ("bytes_sent"), NULL_OR_DUP (get_env ("bytes_sent", envp))));
	am_list_append (l, kvp_new_with_kv (EV_DUP ("bytes_received"), NULL_OR_DUP (get_env ("bytes_received", envp))));

	am_free (escaped_username);
	am_free (escaped_password);
  return l;
}
Example #18
0
static void
sock_lock (conf_t conf)
{
/*  Ensures exclusive access to the unix domain socket.
 */
    struct stat  st;
    mode_t       mask;
    int          rv;

    assert (conf != NULL);
    assert (conf->lockfile_name == NULL);
    assert (conf->lockfile_fd == -1);
    assert (conf->socket_name != NULL);

    if (!(conf->lockfile_name = strdupf ("%s.lock", conf->socket_name))) {
        log_errno (EMUNGE_NO_MEMORY, LOG_ERR,
            "Failed to create lockfile string");
    }
    if (conf->got_force) {
        if ((unlink (conf->lockfile_name) < 0) && (errno != ENOENT)) {
            log_errno (EMUNGE_SNAFU, LOG_ERR, "Failed to remove \"%s\"",
                conf->lockfile_name);
        }
    }
    else if (lstat (conf->lockfile_name, &st) < 0) {
        if (errno != ENOENT) {
            log_errno (EMUNGE_SNAFU, LOG_ERR, "Failed to stat \"%s\"",
                conf->lockfile_name);
        }
    }
    else if (!S_ISREG(st.st_mode)) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "Lockfile is suspicious: \"%s\" should be a regular file",
            conf->lockfile_name);
    }
    else if (st.st_uid != geteuid()) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "Lockfile is suspicious: \"%s\" should be owned by UID %u",
            conf->lockfile_name, (unsigned) geteuid());
    }
    else if ((st.st_mode & 07777) != S_IWUSR) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "Lockfile is suspicious: \"%s\" should be writable only by user",
            conf->lockfile_name);
    }
    mask = umask (0);
    conf->lockfile_fd = creat (conf->lockfile_name, S_IWUSR);
    umask (mask);

    if (conf->lockfile_fd < 0) {
        log_errno (EMUNGE_SNAFU, LOG_ERR,
            "Failed to create \"%s\"", conf->lockfile_name);
    }
    if ((rv = set_file_lock (conf->lockfile_fd)) < 0) {
        if (!conf->got_force)
            log_errno (EMUNGE_SNAFU, LOG_ERR,
                "Failed to lock \"%s\"", conf->lockfile_name);
        else
            log_msg (LOG_WARNING,
                "Failed to lock \"%s\"", conf->lockfile_name);
    }
    else if (rv > 0) {

        pid_t pid = is_file_locked (conf->lockfile_fd);

        if (pid < 0) {
            log_errno (EMUNGE_SNAFU, LOG_ERR,
                "Failed to test lock \"%s\"", conf->lockfile_name);
        }
        else if (pid > 0) {
            log_err (EMUNGE_SNAFU, LOG_ERR,
                "Found pid %d bound to socket \"%s\"", pid, conf->socket_name);
        }
        else {
            log_err (EMUNGE_SNAFU, LOG_ERR,
                "Found inconsistent state for lock \"%s\"",
                conf->lockfile_name);
        }
    }
    if (unlink (conf->socket_name) == 0) {
        log_msg (LOG_INFO, "Removed existing socket \"%s\"",
            conf->socket_name);
    }
    else if (errno != ENOENT) {
        log_errno (EMUNGE_SNAFU, LOG_ERR, "Failed to remove \"%s\"",
            conf->socket_name);
    }
    return;
}
Example #19
0
File: jsio.c Project: atifs/juise 
/*
 * Opens a JUNOScript session for the give host_name, username, passphrase
 */
js_session_t *
js_session_open (js_session_opts_t *jsop, int flags)
{
    js_session_t *jsp;
    int max_argc = JSIO_SSH_OPTIONS_MAX * 2, argc = 0;
    char *argv[max_argc];
    char *port_str = NULL;
    char *timeout_str = NULL;
    char *conn_timeout_str = NULL;
    int i;
    js_session_opts_t jso;

    if (jsop == NULL) {		/* "Make life easier" */
	bzero(&jso, sizeof(jso));
	jsop = &jso;
    }

    js_initialize();

    if (jsop->jso_stype == ST_DEFAULT)
	jsop->jso_stype = js_default_stype;

    if (flags & JSF_JUNOS_NETCONF)
	jsop->jso_stype = ST_JUNOS_NETCONF;

    if (jsop->jso_server == NULL || *jsop->jso_server == '\0') {
	jsop->jso_server = js_default_server;
	if (jsop->jso_server == NULL || *jsop->jso_server == '\0')
	    return NULL;
    }

    if (jsop->jso_username == NULL || *jsop->jso_username == '\0')
	jsop->jso_username = js_default_user;

    /*
     * Check whether the junoscript session already exists for the given 
     * hostname, if so then return that.
     */
    jsp = js_session_find(jsop->jso_server, jsop->jso_stype);
    if (jsp)
	return jsp;

    argv[argc++] = ALLOCADUP(PATH_SSH);
    argv[argc++] = ALLOCADUP("-aqTx");
    argv[argc++] = ALLOCADUP("-oTCPKeepAlive=yes");

    if (jsop->jso_timeout) {
	timeout_str = strdupf("-oServerAliveInterval=%u", jsop->jso_timeout);
	argv[argc++] = timeout_str;
    }

    if (jsop->jso_connect_timeout) {
	conn_timeout_str = strdupf("-oConnectTimeout=%u", jsop->jso_connect_timeout);
	argv[argc++] = conn_timeout_str;
    }

    for (i = 0; i < jsio_ssh_options_count; i++)
	argv[argc++] = jsio_ssh_options[i];

    if (jsop->jso_port) {
	port_str = strdupf("-p%u", jsop->jso_port);
	argv[argc++] = port_str;
    }

    /*
     * If username is passed use that username
     */
    if (jsop->jso_username) {
	argv[argc++] = ALLOCADUP("-l");
	argv[argc++] = ALLOCADUP(jsop->jso_username);
    } else {
	/*
	 * When username is not passed, ssh takes it from
	 * getlogin().  Not always login name will be the name of
	 * the user executing the script. So, instead of relying
	 * on that get the username from auth info and pass it to
	 * ssh.
	 */
	const char *logname = getlogin();

	if (logname) {
	    argv[argc++] = ALLOCADUP("-l");
	    argv[argc++] = ALLOCADUP(logname);
	}
    }

    argv[argc++] = ALLOCADUP(jsop->jso_server);

    if (jsop->jso_stype == ST_NETCONF) {
	argv[argc++] = ALLOCADUP("-s");
	argv[argc++] = ALLOCADUP("netconf");
    } else if (jsop->jso_stype == ST_JUNOS_NETCONF) {
	argv[argc++] = ALLOCADUP("xml-mode");
	argv[argc++] = ALLOCADUP("netconf");
	argv[argc++] = ALLOCADUP("need-trailer");
    } else if (jsop->jso_stype == ST_SHELL) {
        /* shell requires no options */
    } else {
	argv[argc++] = ALLOCADUP("xml-mode");
	argv[argc++] = ALLOCADUP("need-trailer");
    }

    argv[argc] = NULL;		/* Terminate the argument list */

    INSIST(argc < max_argc);

    jsp = js_session_create(jsop->jso_server, argv, flags, jsop->jso_stype);

    if (jsp == NULL)
	return NULL;

    if (jsop->jso_passphrase)
	jsp->js_passphrase = strdup(jsop->jso_passphrase);

    if (jsop->jso_stype == ST_JUNOSCRIPT) {
	if (js_session_init(jsp)) {
	    js_session_terminate(jsp);
	    return NULL;
	}
    } else if (jsop->jso_stype == ST_SHELL) {
	if (js_shell_session_init(jsp)) {
	    js_session_terminate(jsp);
	    return NULL;
	}
    } else {
	if (js_session_init_netconf(jsp)) {
	    js_session_terminate(jsp);
	    return NULL;
	}
    }

    if (port_str)
	free(port_str);
    if (timeout_str)
	free(timeout_str);
    if (conn_timeout_str)
	free(conn_timeout_str);

    /*
     * Add the session details to patricia tree
     */
    if (!js_session_add(jsp)) {
	js_session_terminate(jsp);
	return NULL;
    }

    return jsp;
}
Example #20
0
static munge_err_t
_m_msg_client_connect (m_msg_t m, char *path)
{
    struct stat         st;
    struct sockaddr_un  addr;
    int                 sd;
    int                 n;
    int                 i;
    unsigned long       delay_msecs;

    assert (m != NULL);
    assert (m->sd < 0);

    if ((path == NULL) || (*path == '\0')) {
        m_msg_set_err (m, EMUNGE_SOCKET,
            strdup ("MUNGE socket name is undefined"));
        return (EMUNGE_SOCKET);
    }
    if (stat (path, &st) < 0) {
        m_msg_set_err (m, EMUNGE_SOCKET,
            strdupf ("Failed to access \"%s\": %s", path, strerror (errno)));
        return (EMUNGE_SOCKET);
    }
    if (!S_ISSOCK (st.st_mode)) {
        m_msg_set_err (m, EMUNGE_SOCKET,
            strdupf ("Invalid file type for socket \"%s\"", path));
        return (EMUNGE_SOCKET);
    }
    if ((sd = socket (PF_UNIX, SOCK_STREAM, 0)) < 0) {
        m_msg_set_err (m, EMUNGE_SOCKET,
            strdupf ("Failed to create socket: %s", strerror (errno)));
        return (EMUNGE_SOCKET);
    }
    if (fd_set_nonblocking (sd) < 0) {
        close (sd);
        m_msg_set_err (m, EMUNGE_SOCKET,
            strdupf ("Failed to set nonblocking socket: %s",
            strerror (errno)));
        return (EMUNGE_SOCKET);
    }
    memset (&addr, 0, sizeof (addr));
    addr.sun_family = AF_UNIX;
    addr.sun_path[ sizeof (addr.sun_path) - 1 ] = '\0';
    strncpy (addr.sun_path, path, sizeof (addr.sun_path));
    if (addr.sun_path[ sizeof (addr.sun_path) - 1 ] != '\0') {
        close (sd);
        m_msg_set_err (m, EMUNGE_OVERFLOW,
            strdup ("Exceeded maximum length of socket pathname"));
        return (EMUNGE_OVERFLOW);
    }
    i = 1;
    while (1) {
        /*
         * If a call to connect() for a Unix domain stream socket finds that
         *   the listening socket's queue is full, ECONNREFUSED is returned
         *   immediately.  (cf, Stevens UNPv1, s14.4, p378)
         * If ECONNREFUSED, try again up to MUNGE_SOCKET_CONNECT_ATTEMPTS.
         */
        n = connect (sd, (struct sockaddr *) &addr, sizeof (addr));

        if (n == 0) {
            break;
        }
        if (errno == EINTR) {
            continue;
        }
        if (errno != ECONNREFUSED) {
            break;
        }
        if (i >= MUNGE_SOCKET_CONNECT_ATTEMPTS) {
            break;
        }
        delay_msecs = i * MUNGE_SOCKET_CONNECT_RETRY_MSECS;
        if (_m_msg_client_millisleep (m, delay_msecs) != EMUNGE_SUCCESS) {
            break;
        }
        i++;
    }
    if (n < 0) {
        close (sd);
        m_msg_set_err (m, EMUNGE_SOCKET,
            strdupf ("Failed to connect to \"%s\": %s", path,
            strerror (errno)));
        return (EMUNGE_SOCKET);
    }
    m->sd = sd;
    return (EMUNGE_SUCCESS);
}
Example #21
0
int
auth_send (m_msg_t m)
{
    char *pipe_name = NULL;
    char *file_dir = NULL;
    char *file_name = NULL;
    int   file_fd = -1;
    int   pipe_fd = -1;
    char *estr;

    if (_recv_auth_req (m->sd, &pipe_name, &file_dir) < 0) {
        estr = strdup ("Failed to receive auth request");
        goto err;
    }
    assert (pipe_name != NULL);
    if (_name_auth_file (pipe_name, file_dir, &file_name) < 0) {
        estr = strdup ("Failed to name auth file");
        goto err;
    }
    assert (file_name != NULL);
    unlink (file_name);                 /* in case it already exists */

    if ((file_fd= open (file_name, O_RDONLY | O_CREAT | O_EXCL, S_IRUSR)) <0) {
        estr = strdupf ("Failed to open auth file \"%s\": %s",
            file_name, strerror (errno));
        goto err;
    }
    if (unlink (file_name) < 0) {
        estr = strdupf ("Failed to remove auth file \"%s\": %s",
            file_name, strerror (errno));
        goto err;
    }
    if ((pipe_fd = open (pipe_name, O_WRONLY)) < 0) {
        estr = strdupf ("Failed to open auth pipe \"%s\": %s",
            pipe_name, strerror (errno));
        goto err;
    }
    if (ioctl (pipe_fd, I_SENDFD, file_fd) < 0) {
        estr = strdupf ("Failed to send client identity: %s",
            strerror (errno));
        goto err;
    }
    if (close (pipe_fd) < 0) {
        estr = strdupf ("Failed to close auth pipe \"%s\": %s",
            pipe_name, strerror (errno));
        goto err;
    }
    if (close (file_fd) < 0) {
        estr = strdupf ("Failed to close auth file \"%s\": %s",
            file_name, strerror (errno));
        goto err;
    }
    free (pipe_name);
    free (file_dir);
    free (file_name);
    return (0);

err:
    if (pipe_fd >= 0) {
        (void) close (pipe_fd);
    }
    if (pipe_name != NULL) {
        free (pipe_name);
    }
    if (file_fd >= 0) {
        (void) close (file_fd);
    }
    if (file_name != NULL) {
        (void) unlink (file_name);
        free (file_name);
    }
    if (file_dir != NULL) {
        free (file_dir);
    }
    return (m_msg_set_err (m, EMUNGE_SNAFU, estr));
}
Example #22
0
OPENVPN_EXPORT int
openvpn_plugin_func_v2 (openvpn_plugin_handle_t handle,
                        const int type,
                        const char *argv[],
                        const char *envp[],
                        void *per_client_context,
                        struct openvpn_plugin_string_list **return_list)
{
  ldap_context_t *context = (ldap_context_t *) handle;
  auth_context_t *auth_context = NULL;
  action_t *action = NULL;


  int res = OPENVPN_PLUGIN_FUNC_ERROR;

  if (type == OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY){
    /* get username/password/auth_control_file from envp string array */
    const char *username = get_env ("username", envp);
    const char *password = get_env ("password", envp);
    const char *auth_control_file = get_env ( "auth_control_file", envp );
    const char *pf_file = get_env ("pf_file", envp);



    /* required parameters check */
    if (!username){
      LOGERROR("No username supplied to OpenVPN plugin");
      return OPENVPN_PLUGIN_FUNC_ERROR;
    }

    auth_context = auth_context_new( );
    if( !auth_context ){
      LOGERROR( "Could not allocate auth_context before calling thread" );
      return res;
    }
    if( username ) auth_context->username = strdup( username );
    if( password ) auth_context->password = strdup( password );
    if( pf_file ) auth_context->pf_file = strdup( pf_file );
    if( auth_control_file ) auth_context->auth_control_file = strdup( auth_control_file );
    /* If some argument were missing or could not be duplicate */
    if( !(auth_context->username && auth_context->password && auth_context->auth_control_file ) ){
      auth_context_free( auth_context );
      return res;
    }
    action = action_new( );
    action->type = LDAP_AUTH_ACTION_AUTH;
    action->context = auth_context;
    action->client_context = per_client_context;
    action->context_free_func = (void *)auth_context_free;
    action_push( context->action_list, action );
    return OPENVPN_PLUGIN_FUNC_DEFERRED;
  }
  else if (type == OPENVPN_PLUGIN_ENABLE_PF){
    /* unfortunately, at this stage we dont know anything about the client
     * yet. Let assume it is enabled, we will define default somewhere
     */
    return OPENVPN_PLUGIN_FUNC_SUCCESS;
  }else if( type == OPENVPN_PLUGIN_CLIENT_CONNECT_V2 ){
    /* on client connect, we return conf options through return list
     */
    const char *username = get_env ("username", envp);
    client_context_t *cc = per_client_context;
    char *ccd_options = NULL;
    /* sanity check */
    if (!username){
      LOGERROR("No username supplied to OpenVPN plugin");
      return OPENVPN_PLUGIN_FUNC_ERROR;
    }
    if (!cc || !cc->profile){
      LOGERROR("No profile found for user");
      return OPENVPN_PLUGIN_FUNC_ERROR;
    }
#ifdef ENABLE_LDAPUSERCONF
    ccd_options = ldap_account_get_options_to_string( cc->ldap_account );
#endif
    if( cc->profile->redirect_gateway_prefix && strlen( cc->profile->redirect_gateway_prefix ) > 0 ){
      /* do the username start with prefix? */
      if( strncmp( cc->profile->redirect_gateway_prefix, username, strlen( cc->profile->redirect_gateway_prefix ) ) == 0 ){
        char *tmp_ccd = ccd_options;
        ccd_options = strdupf("push \"redirect-gateway %s\"\n%s",
                            cc->profile->redirect_gateway_flags ? cc->profile->redirect_gateway_flags : DFT_REDIRECT_GATEWAY_FLAGS,
                            tmp_ccd ? tmp_ccd : "");
        if( tmp_ccd ) la_free( tmp_ccd );
      }
    }
    if( ccd_options ){
      *return_list = la_malloc( sizeof( struct openvpn_plugin_string_list ) );
      if( *return_list != NULL){
        (*return_list)->next = NULL;
        (*return_list)->name = strdup( "config" );
        (*return_list)->value = ccd_options;
      }
    }
    return OPENVPN_PLUGIN_FUNC_SUCCESS;
  }
#ifdef ENABLE_LDAPUSERCONF
  else if( type == OPENVPN_PLUGIN_CLIENT_DISCONNECT ){
    /* nothing done for now
     * potentially, session could be logged
     */
    return OPENVPN_PLUGIN_FUNC_SUCCESS;
  }
#endif
  return res;
}
Example #23
0
static int
pktgen_parse_args(int argc, char **argv)
{
	int opt, ret, port;
	char **argvopt;
	int option_index;
	char *prgname = argv[0], *p;
	static struct option lgopts[] = {
		{NULL, 0, 0, 0}
	};

	argvopt = argv;

	pktgen.hostname     = (char *)strdupf(pktgen.hostname, "localhost");
	pktgen.socket_port  = 0x5606;

	pktgen.argc = argc;
	for (opt = 0; opt < argc; opt++)
		pktgen.argv[opt] = strdup(argv[opt]);

	while ((opt = getopt_long(argc, argvopt, "p:m:f:l:s:g:hPNGT",
	                          lgopts, &option_index)) != EOF)
		switch (opt) {
		case 'p':
			/* Port mask not used anymore */
			break;

		case 'f':	/* Command file or Lua script. */
			pktgen.cmd_filename = strdup(optarg);
			break;

		case 'l':	/* Log file */
			pktgen_log_set_file(optarg);
			break;

		case 'm':	/* Matrix for port mapping. */
			if (wr_parse_matrix(pktgen.l2p, optarg) == -1) {
				pktgen_log_error("invalid matrix string (%s)", optarg);
				pktgen_usage(prgname);
				return -1;
			}
			break;

		case 's':	/* Read a PCAP packet capture file (stream) */
			port = strtol(optarg, NULL, 10);
			p = strchr(optarg, ':');
			if ( (p == NULL) || (pktgen.info[port].pcap = wr_pcap_open(++p, port)) == NULL) {
				pktgen_log_error("Invalid PCAP filename (%s) must include port number as P:filename", optarg);
				pktgen_usage(prgname);
				return -1;
			}
			break;

		case 'P':	/* Enable promiscuous mode on the ports */
			pktgen.flags    |= PROMISCUOUS_ON_FLAG;
			break;

		case 'N':	/* Enable NUMA support. */
			pktgen.flags    |= NUMA_SUPPORT_FLAG;
			break;

		case 'G':
			pktgen.flags    |= (ENABLE_GUI_FLAG | IS_SERVER_FLAG);
			break;

		case 'g':	/* Define the port number and IP address used for the socket connection. */
			pktgen.flags    |= (ENABLE_GUI_FLAG | IS_SERVER_FLAG);

			p = strchr(optarg, ':');
			if (p == NULL)	/* No : symbol means pktgen is a server application. */
				pktgen.hostname = (char *)strdupf(pktgen.hostname, optarg);
			else {
				char c = *p;

				*p = '\0';
				if (p != optarg)
					pktgen.hostname = (char *)strdupf(pktgen.hostname, optarg);

				pktgen.socket_port = strtol(++p, NULL, 0);
				pktgen_log_info(">>> Socket GUI support %s%c0x%x", pktgen.hostname, c, pktgen.socket_port);
			}
			break;

		case 'T':
			pktgen.flags    |= ENABLE_THEME_FLAG;
			break;

		case 'h':	/* print out the help message */
			pktgen_usage(prgname);
			return -1;

		case 0:	/* Long options */
		default:
			pktgen_usage(prgname);
			return -1;
		}

	/* Setup the program name */
	if (optind >= 0)
		argv[optind - 1] = prgname;

	ret = optind - 1;
	optind = 0;	/* reset getopt lib */
	return ret;
}