mct_callback(void *priv, const struct suckaddr *sa)
{
int sock;
struct vsb *vsb = priv;
const char *err;
char abuf[VTCP_ADDRBUFSIZE];
char pbuf[VTCP_PORTBUFSIZE];
struct telnet *tn;
VJ_master(JAIL_MASTER_PRIVPORT);
sock = VTCP_listen(sa, 10, &err);
VJ_master(JAIL_MASTER_LOW);
assert(sock != 0); // We know where stdin is
if (sock > 0) {
VTCP_myname(sock, abuf, sizeof abuf, pbuf, sizeof pbuf);
VSB_printf(vsb, "%s %s\n", abuf, pbuf);
tn = telnet_new(sock);
tn->ev = vev_new();
AN(tn->ev);
tn->ev->fd = sock;
tn->ev->fd_flags = POLLIN;
tn->ev->callback = telnet_accept;
tn->ev->priv = tn;
AZ(vev_add(mgt_evb, tn->ev));
}
return (0);
}
void
mgt_cli_secret(const char *S_arg)
{
int i, fd;
char buf[BUFSIZ];
/* Save in shmem */
mgt_SHM_static_alloc(S_arg, strlen(S_arg) + 1L, "Arg", "-S", "");
VJ_master(JAIL_MASTER_FILE);
fd = open(S_arg, O_RDONLY);
if (fd < 0) {
fprintf(stderr, "Can not open secret-file \"%s\"\n", S_arg);
exit(2);
}
VJ_master(JAIL_MASTER_LOW);
mgt_got_fd(fd);
i = read(fd, buf, sizeof buf);
if (i == 0) {
fprintf(stderr, "Empty secret-file \"%s\"\n", S_arg);
exit(2);
}
if (i < 0) {
fprintf(stderr, "Can not read secret-file \"%s\"\n", S_arg);
exit(2);
}
AZ(close(fd));
secret_file = S_arg;
}
int
VJ_make_workdir(const char *dname)
{
int fd;
AN(dname);
CHECK_OBJ_NOTNULL(vjt, JAIL_TECH_MAGIC);
if (vjt->make_workdir != NULL)
return (vjt->make_workdir(dname));
VJ_master(JAIL_MASTER_FILE);
if (mkdir(dname, 0755) < 0 && errno != EEXIST)
ARGV_ERR("Cannot create working directory '%s': %s\n",
dname, strerror(errno));
if (chdir(dname) < 0)
ARGV_ERR("Cannot change to working directory '%s': %s\n",
dname, strerror(errno));
fd = open("_.testfile", O_RDWR|O_CREAT|O_EXCL, 0600);
if (fd < 0)
ARGV_ERR("Cannot create test-file in %s (%s)\n"
"Check permissions (or delete old directory)\n",
dname, strerror(errno));
closefd(&fd);
AZ(unlink("_.testfile"));
VJ_master(JAIL_MASTER_LOW);
return (0);
}
static void
mcf_auth(struct cli *cli, const char *const *av, void *priv)
{
int fd;
char buf[CLI_AUTH_RESPONSE_LEN + 1];
AN(av[2]);
(void)priv;
if (secret_file == NULL) {
VCLI_Out(cli, "Secret file not configured\n");
VCLI_SetResult(cli, CLIS_CANT);
return;
}
VJ_master(JAIL_MASTER_FILE);
fd = open(secret_file, O_RDONLY);
if (fd < 0) {
VCLI_Out(cli, "Cannot open secret file (%s)\n",
strerror(errno));
VCLI_SetResult(cli, CLIS_CANT);
VJ_master(JAIL_MASTER_LOW);
return;
}
VJ_master(JAIL_MASTER_LOW);
mgt_got_fd(fd);
VCLI_AuthResponse(fd, cli->challenge, buf);
AZ(close(fd));
if (strcasecmp(buf, av[2])) {
MGT_complain(C_SECURITY,
"CLI Authentication failure from %s", cli->ident);
VCLI_SetResult(cli, CLIS_CLOSE);
return;
}
cli->auth = MCF_AUTH;
memset(cli->challenge, 0, sizeof cli->challenge);
VCLI_SetResult(cli, CLIS_OK);
mcf_banner(cli, av, priv);
}
int
STV_GetFile(const char *fn, int *fdp, const char **fnp, const char *ctx)
{
int fd;
struct stat st;
int retval = 1;
char buf[FILENAME_MAX];
AN(fn);
AN(fnp);
AN(fdp);
*fnp = NULL;
*fdp = -1;
/* try to create a new file of this name */
VJ_master(JAIL_MASTER_STORAGE);
fd = open(fn, O_RDWR | O_CREAT | O_EXCL | O_LARGEFILE, 0600);
if (fd >= 0) {
VJ_fix_storage_file(fd);
*fdp = fd;
*fnp = fn;
VJ_master(JAIL_MASTER_LOW);
return (retval);
}
if (stat(fn, &st))
ARGV_ERR(
"(%s) \"%s\" does not exist and could not be created\n",
ctx, fn);
if (S_ISDIR(st.st_mode)) {
bprintf(buf, "%s/varnish.XXXXXX", fn);
fd = mkstemp(buf);
if (fd < 0)
ARGV_ERR("(%s) \"%s\" mkstemp(%s) failed (%s)\n",
ctx, fn, buf, strerror(errno));
AZ(unlink(buf));
*fnp = strdup(buf);
AN(*fnp);
retval = 2;
} else if (S_ISREG(st.st_mode)) {
fd = open(fn, O_RDWR | O_LARGEFILE);
if (fd < 0)
ARGV_ERR("(%s) \"%s\" could not open (%s)\n",
ctx, fn, strerror(errno));
*fnp = fn;
retval = 0;
} else
ARGV_ERR(
"(%s) \"%s\" is neither file nor directory\n", ctx, fn);
AZ(fstat(fd, &st));
if (!S_ISREG(st.st_mode))
ARGV_ERR("(%s) \"%s\" was not a file after opening\n",
ctx, fn);
*fdp = fd;
VJ_fix_storage_file(fd);
VJ_master(JAIL_MASTER_LOW);
return (retval);
}