static int rsae_send_imsg(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding, unsigned int cmd) { int ret = 0; struct imsgbuf *ibuf; struct imsg imsg; int n, done = 0; const void *toptr; char *pkiname; size_t tlen; struct msg m; uint64_t id; if ((pkiname = RSA_get_ex_data(rsa, 0)) == NULL) return (0); /* * Send a synchronous imsg because we cannot defer the RSA * operation in OpenSSL's engine layer. */ m_create(p_ca, cmd, 0, 0, -1); rsae_reqid++; m_add_id(p_ca, rsae_reqid); m_add_string(p_ca, pkiname); m_add_data(p_ca, (const void *)from, (size_t)flen); m_add_size(p_ca, (size_t)RSA_size(rsa)); m_add_size(p_ca, (size_t)padding); m_flush(p_ca); ibuf = &p_ca->imsgbuf; while (!done) { if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN) fatalx("imsg_read"); if (n == 0) fatalx("pipe closed"); while (!done) { if ((n = imsg_get(ibuf, &imsg)) == -1) fatalx("imsg_get error"); if (n == 0) break; log_imsg(PROC_PONY, PROC_CA, &imsg); switch (imsg.hdr.type) { case IMSG_CA_PRIVENC: case IMSG_CA_PRIVDEC: break; default: /* Another imsg is queued up in the buffer */ pony_imsg(p_ca, &imsg); imsg_free(&imsg); continue; } m_msg(&m, &imsg); m_get_id(&m, &id); if (id != rsae_reqid) fatalx("invalid response id"); m_get_int(&m, &ret); if (ret > 0) m_get_data(&m, &toptr, &tlen); m_end(&m); if (ret > 0) memcpy(to, toptr, tlen); done = 1; imsg_free(&imsg); } } mproc_event_add(p_ca); return (ret); }
static void control_imsg(struct mproc *p, struct imsg *imsg) { struct ctl_conn *c; struct stat_value val; struct msg m; const char *key; const void *data; size_t sz; if (p->proc == PROC_PONY) { switch (imsg->hdr.type) { case IMSG_CTL_SMTP_SESSION: c = tree_get(&ctl_conns, imsg->hdr.peerid); if (c == NULL) return; m_compose(&c->mproc, IMSG_CTL_OK, 0, 0, imsg->fd, NULL, 0); return; } } if (p->proc == PROC_SCHEDULER) { switch (imsg->hdr.type) { case IMSG_CTL_OK: case IMSG_CTL_FAIL: case IMSG_CTL_LIST_MESSAGES: c = tree_get(&ctl_conns, imsg->hdr.peerid); if (c == NULL) return; imsg->hdr.peerid = 0; m_forward(&c->mproc, imsg); return; } } if (p->proc == PROC_QUEUE) { switch (imsg->hdr.type) { case IMSG_CTL_LIST_ENVELOPES: case IMSG_CTL_DISCOVER_EVPID: case IMSG_CTL_DISCOVER_MSGID: case IMSG_CTL_UNCORRUPT_MSGID: c = tree_get(&ctl_conns, imsg->hdr.peerid); if (c == NULL) return; m_forward(&c->mproc, imsg); return; } } if (p->proc == PROC_PONY) { switch (imsg->hdr.type) { case IMSG_CTL_OK: case IMSG_CTL_FAIL: case IMSG_CTL_MTA_SHOW_HOSTS: case IMSG_CTL_MTA_SHOW_RELAYS: case IMSG_CTL_MTA_SHOW_ROUTES: case IMSG_CTL_MTA_SHOW_HOSTSTATS: case IMSG_CTL_MTA_SHOW_BLOCK: c = tree_get(&ctl_conns, imsg->hdr.peerid); if (c == NULL) return; imsg->hdr.peerid = 0; m_forward(&c->mproc, imsg); return; } } switch (imsg->hdr.type) { case IMSG_STAT_INCREMENT: m_msg(&m, imsg); m_get_string(&m, &key); m_get_data(&m, &data, &sz); m_end(&m); memmove(&val, data, sz); if (stat_backend) stat_backend->increment(key, val.u.counter); control_digest_update(key, val.u.counter, 1); return; case IMSG_STAT_DECREMENT: m_msg(&m, imsg); m_get_string(&m, &key); m_get_data(&m, &data, &sz); m_end(&m); memmove(&val, data, sz); if (stat_backend) stat_backend->decrement(key, val.u.counter); control_digest_update(key, val.u.counter, 0); return; case IMSG_STAT_SET: m_msg(&m, imsg); m_get_string(&m, &key); m_get_data(&m, &data, &sz); m_end(&m); memmove(&val, data, sz); if (stat_backend) stat_backend->set(key, &val); return; } errx(1, "control_imsg: unexpected %s imsg", imsg_to_str(imsg->hdr.type)); }
void ca_imsg(struct mproc *p, struct imsg *imsg) { RSA *rsa; const void *from = NULL; unsigned char *to = NULL; struct msg m; const char *pkiname; size_t flen, tlen, padding; struct pki *pki; int ret = 0; uint64_t id; int v; if (p->proc == PROC_PARENT) { switch (imsg->hdr.type) { case IMSG_CONF_START: return; case IMSG_CONF_END: ca_init(); /* Start fulfilling requests */ mproc_enable(p_pony); return; } } if (p->proc == PROC_CONTROL) { switch (imsg->hdr.type) { case IMSG_CTL_VERBOSE: m_msg(&m, imsg); m_get_int(&m, &v); m_end(&m); log_verbose(v); return; case IMSG_CTL_PROFILE: m_msg(&m, imsg); m_get_int(&m, &v); m_end(&m); profiling = v; return; } } if (p->proc == PROC_PONY) { switch (imsg->hdr.type) { case IMSG_CA_PRIVENC: case IMSG_CA_PRIVDEC: m_msg(&m, imsg); m_get_id(&m, &id); m_get_string(&m, &pkiname); m_get_data(&m, &from, &flen); m_get_size(&m, &tlen); m_get_size(&m, &padding); m_end(&m); pki = dict_get(env->sc_pki_dict, pkiname); if (pki == NULL || pki->pki_pkey == NULL || (rsa = EVP_PKEY_get1_RSA(pki->pki_pkey)) == NULL) fatalx("ca_imsg: invalid pki"); if ((to = calloc(1, tlen)) == NULL) fatalx("ca_imsg: calloc"); switch (imsg->hdr.type) { case IMSG_CA_PRIVENC: ret = RSA_private_encrypt(flen, from, to, rsa, padding); break; case IMSG_CA_PRIVDEC: ret = RSA_private_decrypt(flen, from, to, rsa, padding); break; } m_create(p, imsg->hdr.type, 0, 0, -1); m_add_id(p, id); m_add_int(p, ret); if (ret > 0) m_add_data(p, to, (size_t)ret); m_close(p); free(to); RSA_free(rsa); return; } } errx(1, "ca_imsg: unexpected %s imsg", imsg_to_str(imsg->hdr.type)); }