static void authorizedPasswords(List* list, struct Context* ctx)
{
uint32_t count = List_size(list);
for (uint32_t i = 0; i < count; i++) {
Dict* d = List_getDict(list, i);
Log_info(ctx->logger, "Checking authorized password %d.", i);
if (!d) {
Log_critical(ctx->logger, "Not a dictionary type %d.", i);
exit(-1);
}
String* passwd = Dict_getString(d, String_CONST("password"));
if (!passwd) {
Log_critical(ctx->logger, "Must specify a password %d.", i);
exit(-1);
}
}
for (uint32_t i = 0; i < count; i++) {
struct Allocator* child = Allocator_child(ctx->alloc);
Dict* d = List_getDict(list, i);
String* passwd = Dict_getString(d, String_CONST("password"));
String* user = Dict_getString(d, String_CONST("user"));
if (!user) {
user = String_printf(child, "password [%d]", i);
}
Log_info(ctx->logger, "Adding authorized password #[%d] for user [%s].", i, user->bytes);
Dict args = Dict_CONST(
String_CONST("authType"), Int_OBJ(1), Dict_CONST(
String_CONST("password"), String_OBJ(passwd), Dict_CONST(
String_CONST("user"), String_OBJ(user), NULL
)));
rpcCall(String_CONST("AuthorizedPasswords_add"), &args, ctx, child);
Allocator_free(child);
}
}
static void authorizedPasswords(List* list, struct Context* ctx)
{
uint32_t count = List_size(list);
for (uint32_t i = 0; i < count; i++) {
Dict* d = List_getDict(list, i);
if (!d) {
fprintf(stderr, "authorizedPasswords[%u] is not a dictionary type.\n", i);
exit(-1);
}
String* passwd = Dict_getString(d, BSTR("password"));
int64_t* authType = Dict_getInt(d, BSTR("authType"));
int64_t* trust = Dict_getInt(d, BSTR("trust"));
authorizedPassword(passwd, authType, trust, i, ctx);
}
}
static void security(List* securityConf, struct Allocator* tempAlloc, struct Context* ctx)
{
bool noFiles = false;
for (int i = 0; i < List_size(securityConf); i++) {
if (String_equals(String_CONST("nofiles"), List_getString(securityConf, i))) {
noFiles = true;
} else {
Dict* userDict = List_getDict(securityConf, i);
String* userName = Dict_getString(userDict, String_CONST("setuser"));
if (userName) {
Dict d = Dict_CONST(String_CONST("user"), String_OBJ(userName), NULL);
// If this call returns an error, it is ok.
rpcCall0(String_CONST("Security_setUser"), &d, ctx, tempAlloc, false);
}
}
}
if (noFiles) {
Dict d = NULL;
rpcCall(String_CONST("Security_noFiles"), &d, ctx, tempAlloc);
}
}
static void security(struct Allocator* tempAlloc, List* conf, struct Log* log, struct Context* ctx)
{
int seccomp = 1;
int nofiles = 0;
int noforks = 1;
int chroot = 1;
int setupComplete = 1;
int setuser = 1;
if (Defined(win32)) {
setuser = 0;
}
int uid = -1;
int64_t* group = NULL;
int keepNetAdmin = 1;
do {
Dict* d = Dict_new(tempAlloc);
Dict_putString(d, String_CONST("user"), String_CONST("nobody"), tempAlloc);
if (!Defined(win32)) {
Dict* ret = NULL;
rpcCall0(String_CONST("Security_getUser"), d, ctx, tempAlloc, &ret, true);
uid = *Dict_getInt(ret, String_CONST("uid"));
group = Dict_getInt(ret, String_CONST("gid"));
}
} while (0);
for (int i = 0; conf && i < List_size(conf); i++) {
Dict* elem = List_getDict(conf, i);
String* s;
if (elem && (s = Dict_getString(elem, String_CONST("setuser")))) {
if (setuser == 0) { continue; }
Dict* d = Dict_new(tempAlloc);
Dict_putString(d, String_CONST("user"), s, tempAlloc);
Dict* ret = NULL;
rpcCall0(String_CONST("Security_getUser"), d, ctx, tempAlloc, &ret, true);
uid = *Dict_getInt(ret, String_CONST("uid"));
group = Dict_getInt(ret, String_CONST("gid"));
int64_t* nka = Dict_getInt(elem, String_CONST("keepNetAdmin"));
int64_t* exemptAngel = Dict_getInt(elem, String_CONST("exemptAngel"));
keepNetAdmin = ((nka) ? *nka : ((exemptAngel) ? *exemptAngel : 0));
continue;
}
if (elem && (s = Dict_getString(elem, String_CONST("chroot")))) {
Log_debug(log, "Security_chroot(%s)", s->bytes);
Dict* d = Dict_new(tempAlloc);
Dict_putString(d, String_CONST("root"), s, tempAlloc);
rpcCall0(String_CONST("Security_chroot"), d, ctx, tempAlloc, NULL, false);
chroot = 0;
continue;
}
uint64_t* x;
if (elem && (x = Dict_getInt(elem, String_CONST("nofiles")))) {
if (!*x) { continue; }
nofiles = 1;
continue;
}
if (elem && (x = Dict_getInt(elem, String_CONST("setuser")))) {
if (!*x) { setuser = 0; }
continue;
}
if (elem && (x = Dict_getInt(elem, String_CONST("seccomp")))) {
if (!*x) { seccomp = 0; }
continue;
}
if (elem && (x = Dict_getInt(elem, String_CONST("noforks")))) {
if (!*x) { noforks = 0; }
continue;
}
if (elem && (x = Dict_getInt(elem, String_CONST("chroot")))) {
if (!*x) { chroot = 0; }
continue;
}
if (elem && (x = Dict_getInt(elem, String_CONST("setupComplete")))) {
if (!*x) { setupComplete = 0; }
continue;
}
Log_info(ctx->logger, "Unrecognized entry in security at index [%d]", i);
}
if (chroot) {
Log_debug(log, "Security_chroot(/var/run)");
Dict* d = Dict_new(tempAlloc);
Dict_putString(d, String_CONST("root"), String_CONST("/var/run/"), tempAlloc);
rpcCall0(String_CONST("Security_chroot"), d, ctx, tempAlloc, NULL, false);
}
/* FIXME(sdg): moving noforks after setuser might make nproc <- 0,0 work
on older kernels, where doing it before causes setuid to fail w EAGAIN. */
if (noforks) {
Log_debug(log, "Security_noforks()");
Dict* d = Dict_new(tempAlloc);
rpcCall(String_CONST("Security_noforks"), d, ctx, tempAlloc);
}
if (setuser) {
Log_debug(log, "Security_setUser(uid:%d, keepNetAdmin:%d)", uid, keepNetAdmin);
Dict* d = Dict_new(tempAlloc);
Dict_putInt(d, String_CONST("uid"), uid, tempAlloc);
if (group) {
Dict_putInt(d, String_CONST("gid"), (int)*group, tempAlloc);
}
Dict_putInt(d, String_CONST("keepNetAdmin"), keepNetAdmin, tempAlloc);
rpcCall0(String_CONST("Security_setUser"), d, ctx, tempAlloc, NULL, false);
}
if (nofiles) {
Log_debug(log, "Security_nofiles()");
Dict* d = Dict_new(tempAlloc);
rpcCall(String_CONST("Security_nofiles"), d, ctx, tempAlloc);
}
if (seccomp) {
Log_debug(log, "Security_seccomp()");
Dict* d = Dict_new(tempAlloc);
rpcCall(String_CONST("Security_seccomp"), d, ctx, tempAlloc);
}
if (setupComplete) {
Log_debug(log, "Security_setupComplete()");
Dict* d = Dict_new(tempAlloc);
rpcCall(String_CONST("Security_setupComplete"), d, ctx, tempAlloc);
}
}
static void ethInterface(Dict* config, struct Context* ctx)
{
List* ifaces = Dict_getList(config, String_CONST("ETHInterface"));
if (!ifaces) {
ifaces = List_new(ctx->alloc);
List_addDict(ifaces, Dict_getDict(config, String_CONST("ETHInterface")), ctx->alloc);
}
uint32_t count = List_size(ifaces);
for (uint32_t i = 0; i < count; i++) {
Dict *eth = List_getDict(ifaces, i);
if (!eth) { continue; }
String* deviceStr = Dict_getString(eth, String_CONST("bind"));
if (!deviceStr || !String_equals(String_CONST("all"), deviceStr)) { continue; }
Log_info(ctx->logger, "Setting up all ETHInterfaces...");
Dict* res = NULL;
Dict* d = Dict_new(ctx->alloc);
if (rpcCall0(String_CONST("ETHInterface_listDevices"), d, ctx, ctx->alloc, &res, false)) {
Log_info(ctx->logger, "Getting device list failed");
break;
}
List* devs = Dict_getList(res, String_CONST("devices"));
uint32_t devCount = List_size(devs);
for (uint32_t j = 0; j < devCount; j++) {
Dict* d = Dict_new(ctx->alloc);
String* deviceName = List_getString(devs, j);
// skip loopback...
if (String_equals(String_CONST("lo"), deviceName)) { continue; }
Dict_putString(d, String_CONST("bindDevice"), deviceName, ctx->alloc);
Dict* resp;
Log_info(ctx->logger, "Creating new ETHInterface [%s]", deviceName->bytes);
if (rpcCall0(String_CONST("ETHInterface_new"), d, ctx, ctx->alloc, &resp, false)) {
Log_warn(ctx->logger, "Failed to create ETHInterface.");
continue;
}
int ifNum = *(Dict_getInt(resp, String_CONST("interfaceNumber")));
ethInterfaceSetBeacon(ifNum, eth, ctx);
}
return;
}
for (uint32_t i = 0; i < count; i++) {
Dict *eth = List_getDict(ifaces, i);
if (!eth) { continue; }
// Setup the interface.
String* deviceStr = Dict_getString(eth, String_CONST("bind"));
Log_info(ctx->logger, "Setting up ETHInterface [%d].", i);
Dict* d = Dict_new(ctx->alloc);
if (deviceStr) {
Log_info(ctx->logger, "Binding to device [%s].", deviceStr->bytes);
Dict_putString(d, String_CONST("bindDevice"), deviceStr, ctx->alloc);
}
Dict* resp = NULL;
if (rpcCall0(String_CONST("ETHInterface_new"), d, ctx, ctx->alloc, &resp, false)) {
Log_warn(ctx->logger, "Failed to create ETHInterface.");
continue;
}
int ifNum = *(Dict_getInt(resp, String_CONST("interfaceNumber")));
ethInterfaceSetBeacon(ifNum, eth, ctx);
// Make the connections.
Dict* connectTo = Dict_getDict(eth, String_CONST("connectTo"));
if (connectTo) {
Log_info(ctx->logger, "ETHInterface should connect to a specific node.");
struct Dict_Entry* entry = *connectTo;
while (entry != NULL) {
String* key = (String*) entry->key;
if (entry->val->type != Object_DICT) {
Log_critical(ctx->logger, "interfaces.ETHInterface.connectTo: entry [%s] "
"is not a dictionary type.", key->bytes);
exit(-1);
}
Dict* value = entry->val->as.dictionary;
Log_keys(ctx->logger, "Attempting to connect to node [%s].", key->bytes);
struct Allocator* perCallAlloc = Allocator_child(ctx->alloc);
// Turn the dict from the config into our RPC args dict by filling in all
// the arguments,
Dict_putString(value, String_CONST("macAddress"), key, perCallAlloc);
Dict_putInt(value, String_CONST("interfaceNumber"), ifNum, perCallAlloc);
rpcCall(String_CONST("ETHInterface_beginConnection"), value, ctx, perCallAlloc);
Allocator_free(perCallAlloc);
entry = entry->next;
}
}
}
}
static void ipTunnel(Dict* ifaceConf, struct Allocator* tempAlloc, struct Context* ctx)
{
List* incoming = Dict_getList(ifaceConf, String_CONST("allowedConnections"));
if (incoming) {
Dict* d;
for (int i = 0; (d = List_getDict(incoming, i)) != NULL; i++) {
String* key = Dict_getString(d, String_CONST("publicKey"));
String* ip4 = Dict_getString(d, String_CONST("ip4Address"));
// Note that the prefix length has to be a proper int in the config
// (not quoted!)
int64_t* ip4Prefix = Dict_getInt(d, String_CONST("ip4Prefix"));
String* ip6 = Dict_getString(d, String_CONST("ip6Address"));
int64_t* ip6Prefix = Dict_getInt(d, String_CONST("ip6Prefix"));
if (!key) {
Log_critical(ctx->logger, "In router.ipTunnel.allowedConnections[%d]"
"'publicKey' required.", i);
exit(1);
}
if (!ip4 && !ip6) {
Log_critical(ctx->logger, "In router.ipTunnel.allowedConnections[%d]"
"either 'ip4Address' or 'ip6Address' required.", i);
exit(1);
} else if (ip4Prefix && !ip4) {
Log_critical(ctx->logger, "In router.ipTunnel.allowedConnections[%d]"
"'ip4Address' required with 'ip4Prefix'.", i);
exit(1);
} else if (ip6Prefix && !ip6) {
Log_critical(ctx->logger, "In router.ipTunnel.allowedConnections[%d]"
"'ip6Address' required with 'ip6Prefix'.", i);
exit(1);
}
Log_debug(ctx->logger, "Allowing IpTunnel connections from [%s]", key->bytes);
if (ip4) {
Log_debug(ctx->logger, "Issue IPv4 address %s", ip4->bytes);
if (ip4Prefix) {
Log_debug(ctx->logger, "Issue IPv4 netmask/prefix length /%d",
(int) *ip4Prefix);
} else {
Log_debug(ctx->logger, "Use default netmask/prefix length /0");
}
}
if (ip6) {
Log_debug(ctx->logger, "Issue IPv6 address [%s]", ip6->bytes);
if (ip6Prefix) {
Log_debug(ctx->logger, "Issue IPv6 netmask/prefix length /%d",
(int) *ip6Prefix);
} else {
Log_debug(ctx->logger, "Use default netmask/prefix length /0");
}
}
Dict_putString(d, String_CONST("publicKeyOfAuthorizedNode"), key, tempAlloc);
rpcCall0(String_CONST("IpTunnel_allowConnection"), d, ctx, tempAlloc, NULL, true);
}
}
List* outgoing = Dict_getList(ifaceConf, String_CONST("outgoingConnections"));
if (outgoing) {
String* s;
for (int i = 0; (s = List_getString(outgoing, i)) != NULL; i++) {
Log_debug(ctx->logger, "Initiating IpTunnel connection to [%s]", s->bytes);
Dict requestDict =
Dict_CONST(String_CONST("publicKeyOfNodeToConnectTo"), String_OBJ(s), NULL);
rpcCall0(String_CONST("IpTunnel_connectTo"), &requestDict, ctx, tempAlloc, NULL, true);
}
}
}
static void udpInterface(Dict* config, struct Context* ctx)
{
List* ifaces = Dict_getList(config, String_CONST("UDPInterface"));
if (!ifaces) {
ifaces = List_new(ctx->alloc);
List_addDict(ifaces, Dict_getDict(config, String_CONST("UDPInterface")), ctx->alloc);
}
uint32_t count = List_size(ifaces);
for (uint32_t i = 0; i < count; i++) {
Dict *udp = List_getDict(ifaces, i);
if (!udp) {
continue;
}
// Setup the interface.
String* bindStr = Dict_getString(udp, String_CONST("bind"));
Dict* d = Dict_new(ctx->alloc);
if (bindStr) {
Dict_putString(d, String_CONST("bindAddress"), bindStr, ctx->alloc);
}
Dict* resp = NULL;
rpcCall0(String_CONST("UDPInterface_new"), d, ctx, ctx->alloc, &resp, true);
int ifNum = *(Dict_getInt(resp, String_CONST("interfaceNumber")));
// Make the connections.
Dict* connectTo = Dict_getDict(udp, String_CONST("connectTo"));
if (connectTo) {
struct Dict_Entry* entry = *connectTo;
struct Allocator* perCallAlloc = Allocator_child(ctx->alloc);
while (entry != NULL) {
String* key = (String*) entry->key;
if (entry->val->type != Object_DICT) {
Log_critical(ctx->logger, "interfaces.UDPInterface.connectTo: entry [%s] "
"is not a dictionary type.", key->bytes);
exit(-1);
}
Dict* all = entry->val->as.dictionary;
Dict* value = Dict_new(perCallAlloc);
String* pub_d = Dict_getString(all, String_CONST("publicKey"));
String* pss_d = Dict_getString(all, String_CONST("password"));
String* peerName_d = Dict_getString(all, String_CONST("peerName"));
String* login_d = Dict_getString(all, String_CONST("login"));
if ( !pub_d || !pss_d ) {
const char * error_name = "(unknown)";
if ( !pub_d ) {
error_name = "publicKey";
}
if ( !pss_d ) {
error_name = "password";
}
Log_warn(ctx->logger,
"Skipping peer: missing %s for peer [%s]", error_name, key->bytes);
if (abort_if_invalid_ref) {
Assert_failure("Invalid peer reference");
}
else {
entry = entry->next;
continue;
}
}
Dict_putString(value, String_CONST("publicKey"), pub_d, perCallAlloc);
Dict_putString(value, String_CONST("password"), pss_d, perCallAlloc);
Dict_putString(value, String_CONST("peerName"), peerName_d, perCallAlloc);
Dict_putString(value, String_CONST("login"), login_d, perCallAlloc);
Log_keys(ctx->logger, "Attempting to connect to node [%s].", key->bytes);
key = String_clone(key, perCallAlloc);
char* lastColon = CString_strrchr(key->bytes, ':');
if (!Sockaddr_parse(key->bytes, NULL)) {
// it's a sockaddr, fall through
} else if (lastColon) {
// try it as a hostname.
int port = atoi(lastColon+1);
if (!port) {
Log_critical(ctx->logger, "Couldn't get port number from [%s]", key->bytes);
exit(-1);
}
*lastColon = '\0';
struct Sockaddr* adr = Sockaddr_fromName(key->bytes, perCallAlloc);
if (adr != NULL) {
Sockaddr_setPort(adr, port);
key = String_new(Sockaddr_print(adr, perCallAlloc), perCallAlloc);
} else {
Log_warn(ctx->logger, "Failed to lookup hostname [%s]", key->bytes);
entry = entry->next;
continue;
}
}
struct Allocator* child = Allocator_child(ctx->alloc);
struct Message* msg = Message_new(0, AdminClient_MAX_MESSAGE_SIZE + 256, child);
int r = BencMessageWriter_writeDictTry(value, msg, NULL);
const int max_reference_size = 298;
if (r != 0 || msg->length > max_reference_size) {
Log_warn(ctx->logger, "Peer skipped:");
Log_warn(ctx->logger, "Too long peer reference for [%s]", key->bytes);
if (abort_if_invalid_ref) {
Assert_failure("Invalid peer reference");
}
else {
entry = entry->next;
continue;
}
}
Dict_putInt(value, String_CONST("interfaceNumber"), ifNum, perCallAlloc);
Dict_putString(value, String_CONST("address"), key, perCallAlloc);
rpcCall(String_CONST("UDPInterface_beginConnection"), value, ctx, perCallAlloc);
entry = entry->next;
}
Allocator_free(perCallAlloc);
}
}
}
int main(int argc, char** argv)
{
#ifdef Log_KEYS
fprintf(stderr, "Log_LEVEL = KEYS, EXPECT TO SEE PRIVATE KEYS IN YOUR LOGS!\n");
#endif
Assert_true(argc > 0);
struct Except* eh = NULL;
// Allow it to allocate 4MB
struct Allocator* allocator = MallocAllocator_new(1<<22);
struct Random* rand = Random_new(allocator, NULL, eh);
struct EventBase* eventBase = EventBase_new(allocator);
if (argc == 2) {
// one argument
if (strcmp(argv[1], "--help") == 0) {
return usage(argv[0]);
} else if (strcmp(argv[1], "--genconf") == 0) {
return genconf(rand);
} else if (strcmp(argv[1], "--pidfile") == 0) {
// Performed after reading the configuration
} else if (strcmp(argv[1], "--reconf") == 0) {
// Performed after reading the configuration
} else if (strcmp(argv[1], "--bench") == 0) {
return benchmark();
} else if (strcmp(argv[1], "--version") == 0) {
//printf("Version ID: %s\n", RouterModule_gitVersion());
return 0;
} else {
fprintf(stderr, "%s: unrecognized option '%s'\n", argv[0], argv[1]);
fprintf(stderr, "Try `%s --help' for more information.\n", argv[0]);
return -1;
}
} else if (argc > 2) {
// more than one argument?
fprintf(stderr, "%s: too many arguments\n", argv[0]);
fprintf(stderr, "Try `%s --help' for more information.\n", argv[0]);
return -1;
}
if (isatty(STDIN_FILENO)) {
// We were started from a terminal
// The chances an user wants to type in a configuration
// bij hand are pretty slim so we show him the usage
return usage(argv[0]);
} else {
// We assume stdin is a configuration file and that we should
// start routing
}
struct Reader* stdinReader = FileReader_new(stdin, allocator);
Dict config;
if (JsonBencSerializer_get()->parseDictionary(stdinReader, allocator, &config)) {
fprintf(stderr, "Failed to parse configuration.\n");
return -1;
}
struct Writer* logWriter = FileWriter_new(stdout, allocator);
struct Log* logger = WriterLog_new(logWriter, allocator);
// --------------------- Setup Pipes to Angel --------------------- //
int pipeToAngel[2];
int pipeFromAngel[2];
if (Pipe_createUniPipe(pipeToAngel) || Pipe_createUniPipe(pipeFromAngel)) {
Except_raise(eh, -1, "Failed to create pipes to angel [%s]", Errno_getString());
}
char pipeToAngelStr[8];
snprintf(pipeToAngelStr, 8, "%d", pipeToAngel[0]);
char pipeFromAngelStr[8];
snprintf(pipeFromAngelStr, 8, "%d", pipeFromAngel[1]);
char* args[] = { "angel", pipeToAngelStr, pipeFromAngelStr, NULL };
// --------------------- Spawn Angel --------------------- //
String* privateKey = Dict_getString(&config, String_CONST("privateKey"));
String* corePath = getCorePath(allocator);
if (!corePath) {
Except_raise(eh, -1, "Can't find a usable cjdns core executable, "
"make sure it is in the same directory as cjdroute");
}
if (!privateKey) {
Except_raise(eh, -1, "Need to specify privateKey.");
}
Log_info(logger, "Forking angel to background.");
Process_spawn(corePath->bytes, args);
// --------------------- Get Admin --------------------- //
Dict* configAdmin = Dict_getDict(&config, String_CONST("admin"));
String* adminPass = Dict_getString(configAdmin, String_CONST("password"));
String* adminBind = Dict_getString(configAdmin, String_CONST("bind"));
if (!adminPass) {
adminPass = String_newBinary(NULL, 32, allocator);
Random_base32(rand, (uint8_t*) adminPass->bytes, 32);
adminPass->len = strlen(adminPass->bytes);
}
if (!adminBind) {
adminBind = String_new("127.0.0.1:0", allocator);
}
// --------------------- Get user for angel to setuid() ---------------------- //
String* securityUser = NULL;
List* securityConf = Dict_getList(&config, String_CONST("security"));
for (int i = 0; i < List_size(securityConf); i++) {
securityUser = Dict_getString(List_getDict(securityConf, i), String_CONST("setuser"));
if (securityUser) {
int64_t* ea = Dict_getInt(List_getDict(securityConf, i), String_CONST("exemptAngel"));
if (ea && *ea) {
securityUser = NULL;
}
break;
}
}
// --------------------- Pre-Configure Angel ------------------------- //
Dict* preConf = Dict_new(allocator);
Dict* adminPreConf = Dict_new(allocator);
Dict_putDict(preConf, String_CONST("admin"), adminPreConf, allocator);
Dict_putString(adminPreConf, String_CONST("core"), corePath, allocator);
Dict_putString(preConf, String_CONST("privateKey"), privateKey, allocator);
Dict_putString(adminPreConf, String_CONST("bind"), adminBind, allocator);
Dict_putString(adminPreConf, String_CONST("pass"), adminPass, allocator);
if (securityUser) {
Dict_putString(adminPreConf, String_CONST("user"), securityUser, allocator);
}
#define CONFIG_BUFF_SIZE 1024
uint8_t buff[CONFIG_BUFF_SIZE] = {0};
struct Writer* toAngelWriter = ArrayWriter_new(buff, CONFIG_BUFF_SIZE - 1, allocator);
if (StandardBencSerializer_get()->serializeDictionary(toAngelWriter, preConf)) {
Except_raise(eh, -1, "Failed to serialize pre-configuration");
}
write(pipeToAngel[1], buff, toAngelWriter->bytesWritten(toAngelWriter));
Log_keys(logger, "Sent [%s] to angel process.", buff);
// --------------------- Get Response from Angel --------------------- //
uint32_t amount = Waiter_getData(buff, CONFIG_BUFF_SIZE, pipeFromAngel[0], eventBase, eh);
Dict responseFromAngel;
struct Reader* responseFromAngelReader = ArrayReader_new(buff, amount, allocator);
if (StandardBencSerializer_get()->parseDictionary(responseFromAngelReader,
allocator,
&responseFromAngel))
{
Except_raise(eh, -1, "Failed to parse pre-configuration response [%s]", buff);
}
// --------------------- Get Admin Addr/Port/Passwd --------------------- //
Dict* responseFromAngelAdmin = Dict_getDict(&responseFromAngel, String_CONST("admin"));
adminBind = Dict_getString(responseFromAngelAdmin, String_CONST("bind"));
if (!adminBind) {
Except_raise(eh, -1, "didn't get address and port back from angel");
}
struct Sockaddr_storage adminAddr;
if (Sockaddr_parse(adminBind->bytes, &adminAddr)) {
Except_raise(eh, -1, "Unable to parse [%s] as an ip address port, eg: 127.0.0.1:11234",
adminBind->bytes);
}
// sanity check
Assert_true(EventBase_eventCount(eventBase) == 0);
// --------------------- Configuration ------------------------- //
Configurator_config(&config,
&adminAddr.addr,
adminPass,
eventBase,
logger,
allocator);
return 0;
}
int main(int argc, char** argv)
{
#ifdef Log_KEYS
fprintf(stderr, "Log_LEVEL = KEYS, EXPECT TO SEE PRIVATE KEYS IN YOUR LOGS!\n");
#endif
if (argc < 2) {
// Fall through.
} else if (!CString_strcmp("angel", argv[1])) {
return AngelInit_main(argc, argv);
} else if (!CString_strcmp("core", argv[1])) {
return Core_main(argc, argv);
}
Assert_ifParanoid(argc > 0);
struct Except* eh = NULL;
// Allow it to allocate 8MB
struct Allocator* allocator = MallocAllocator_new(1<<23);
struct Random* rand = Random_new(allocator, NULL, eh);
struct EventBase* eventBase = EventBase_new(allocator);
if (argc == 2) {
// one argument
if ((CString_strcmp(argv[1], "--help") == 0) || (CString_strcmp(argv[1], "-h") == 0)) {
return usage(allocator, argv[0]);
} else if (CString_strcmp(argv[1], "--genconf") == 0) {
return genconf(rand);
} else if (CString_strcmp(argv[1], "--pidfile") == 0) {
// deprecated
fprintf(stderr, "'--pidfile' option is deprecated.\n");
return 0;
} else if (CString_strcmp(argv[1], "--reconf") == 0) {
// Performed after reading the configuration
} else if (CString_strcmp(argv[1], "--bench") == 0) {
return benchmark();
} else if ((CString_strcmp(argv[1], "--version") == 0)
|| (CString_strcmp(argv[1], "-v") == 0))
{
printf("Cjdns protocol version: %d\n", Version_CURRENT_PROTOCOL);
return 0;
} else if (CString_strcmp(argv[1], "--cleanconf") == 0) {
// Performed after reading configuration
} else if (CString_strcmp(argv[1], "--nobg") == 0) {
// Performed while reading configuration
} else {
fprintf(stderr, "%s: unrecognized option '%s'\n", argv[0], argv[1]);
fprintf(stderr, "Try `%s --help' for more information.\n", argv[0]);
return -1;
}
} else if (argc > 2) {
// more than one argument?
fprintf(stderr, "%s: too many arguments [%s]\n", argv[0], argv[1]);
fprintf(stderr, "Try `%s --help' for more information.\n", argv[0]);
// because of '--pidfile $filename'?
if (CString_strcmp(argv[1], "--pidfile") == 0)
{
fprintf(stderr, "\n'--pidfile' option is deprecated.\n");
}
return -1;
}
if (isatty(STDIN_FILENO)) {
// We were started from a terminal
// The chances an user wants to type in a configuration
// bij hand are pretty slim so we show him the usage
return usage(allocator, argv[0]);
} else {
// We assume stdin is a configuration file and that we should
// start routing
}
struct Reader* stdinReader = FileReader_new(stdin, allocator);
Dict config;
if (JsonBencSerializer_get()->parseDictionary(stdinReader, allocator, &config)) {
fprintf(stderr, "Failed to parse configuration.\n");
return -1;
}
if (argc == 2 && CString_strcmp(argv[1], "--cleanconf") == 0) {
struct Writer* stdoutWriter = FileWriter_new(stdout, allocator);
JsonBencSerializer_get()->serializeDictionary(stdoutWriter, &config);
printf("\n");
return 0;
}
int forceNoBackground = 0;
if (argc == 2 && CString_strcmp(argv[1], "--nobg") == 0) {
forceNoBackground = 1;
}
struct Writer* logWriter = FileWriter_new(stdout, allocator);
struct Log* logger = WriterLog_new(logWriter, allocator);
// --------------------- Get Admin --------------------- //
Dict* configAdmin = Dict_getDict(&config, String_CONST("admin"));
String* adminPass = Dict_getString(configAdmin, String_CONST("password"));
String* adminBind = Dict_getString(configAdmin, String_CONST("bind"));
if (!adminPass) {
adminPass = String_newBinary(NULL, 32, allocator);
Random_base32(rand, (uint8_t*) adminPass->bytes, 32);
adminPass->len = CString_strlen(adminPass->bytes);
}
if (!adminBind) {
Except_throw(eh, "You must specify admin.bind in the cjdroute.conf file.");
}
// --------------------- Welcome to cjdns ---------------------- //
char* archInfo = ArchInfo_describe(ArchInfo_detect(), allocator);
char* sysInfo = SysInfo_describe(SysInfo_detect(), allocator);
Log_info(logger, "Cjdns %s %s", archInfo, sysInfo);
// --------------------- Check for running instance --------------------- //
Log_info(logger, "Checking for running instance...");
checkRunningInstance(allocator, eventBase, adminBind, adminPass, logger, eh);
// --------------------- Setup Pipes to Angel --------------------- //
char angelPipeName[64] = "client-angel-";
Random_base32(rand, (uint8_t*)angelPipeName+13, 31);
Assert_ifParanoid(EventBase_eventCount(eventBase) == 0);
struct Pipe* angelPipe = Pipe_named(angelPipeName, eventBase, eh, allocator);
Assert_ifParanoid(EventBase_eventCount(eventBase) == 2);
angelPipe->logger = logger;
char* args[] = { "angel", angelPipeName, NULL };
// --------------------- Spawn Angel --------------------- //
String* privateKey = Dict_getString(&config, String_CONST("privateKey"));
char* corePath = Process_getPath(allocator);
if (!corePath) {
Except_throw(eh, "Can't find a usable cjdns core executable, "
"make sure it is in the same directory as cjdroute");
}
if (!privateKey) {
Except_throw(eh, "Need to specify privateKey.");
}
Log_info(logger, "Forking angel to background.");
Process_spawn(corePath, args, eventBase, allocator);
// --------------------- Get user for angel to setuid() ---------------------- //
String* securityUser = NULL;
List* securityConf = Dict_getList(&config, String_CONST("security"));
for (int i = 0; securityConf && i < List_size(securityConf); i++) {
securityUser = Dict_getString(List_getDict(securityConf, i), String_CONST("setuser"));
if (securityUser) {
int64_t* ea = Dict_getInt(List_getDict(securityConf, i), String_CONST("exemptAngel"));
if (ea && *ea) {
securityUser = NULL;
}
break;
}
}
// --------------------- Pre-Configure Angel ------------------------- //
Dict* preConf = Dict_new(allocator);
Dict* adminPreConf = Dict_new(allocator);
Dict_putDict(preConf, String_CONST("admin"), adminPreConf, allocator);
Dict_putString(adminPreConf, String_CONST("core"), String_new(corePath, allocator), allocator);
Dict_putString(preConf, String_CONST("privateKey"), privateKey, allocator);
Dict_putString(adminPreConf, String_CONST("bind"), adminBind, allocator);
Dict_putString(adminPreConf, String_CONST("pass"), adminPass, allocator);
if (securityUser) {
Dict_putString(adminPreConf, String_CONST("user"), securityUser, allocator);
}
Dict* logging = Dict_getDict(&config, String_CONST("logging"));
if (logging) {
Dict_putDict(preConf, String_CONST("logging"), logging, allocator);
}
struct Message* toAngelMsg = Message_new(0, 1024, allocator);
BencMessageWriter_write(preConf, toAngelMsg, eh);
Interface_sendMessage(&angelPipe->iface, toAngelMsg);
Log_debug(logger, "Sent [%d] bytes to angel process", toAngelMsg->length);
// --------------------- Get Response from Angel --------------------- //
struct Message* fromAngelMsg =
InterfaceWaiter_waitForData(&angelPipe->iface, eventBase, allocator, eh);
Dict* responseFromAngel = BencMessageReader_read(fromAngelMsg, allocator, eh);
// --------------------- Get Admin Addr/Port/Passwd --------------------- //
Dict* responseFromAngelAdmin = Dict_getDict(responseFromAngel, String_CONST("admin"));
adminBind = Dict_getString(responseFromAngelAdmin, String_CONST("bind"));
if (!adminBind) {
Except_throw(eh, "didn't get address and port back from angel");
}
struct Sockaddr_storage adminAddr;
if (Sockaddr_parse(adminBind->bytes, &adminAddr)) {
Except_throw(eh, "Unable to parse [%s] as an ip address port, eg: 127.0.0.1:11234",
adminBind->bytes);
}
// sanity check, Pipe_named() creates 2 events, see above.
Assert_ifParanoid(EventBase_eventCount(eventBase) == 2);
// --------------------- Configuration ------------------------- //
Configurator_config(&config,
&adminAddr.addr,
adminPass,
eventBase,
logger,
allocator);
// --------------------- noBackground ------------------------ //
int64_t* noBackground = Dict_getInt(&config, String_CONST("noBackground"));
if (forceNoBackground || (noBackground && *noBackground)) {
EventBase_beginLoop(eventBase);
}
//Allocator_free(allocator);
return 0;
}
static void udpInterface(Dict* config, struct Context* ctx)
{
List* ifaces = Dict_getList(config, String_CONST("UDPInterface"));
if (!ifaces) {
ifaces = List_new(ctx->alloc);
List_addDict(ifaces, Dict_getDict(config, String_CONST("UDPInterface")), ctx->alloc);
}
uint32_t count = List_size(ifaces);
for (uint32_t i = 0; i < count; i++) {
Dict *udp = List_getDict(ifaces, i);
if (!udp) {
continue;
}
// Setup the interface.
String* bindStr = Dict_getString(udp, String_CONST("bind"));
Dict* d = Dict_new(ctx->alloc);
if (bindStr) {
Dict_putString(d, String_CONST("bindAddress"), bindStr, ctx->alloc);
}
Dict* resp = NULL;
rpcCall0(String_CONST("UDPInterface_new"), d, ctx, ctx->alloc, &resp, true);
int ifNum = *(Dict_getInt(resp, String_CONST("interfaceNumber")));
// Make the connections.
Dict* connectTo = Dict_getDict(udp, String_CONST("connectTo"));
if (connectTo) {
struct Dict_Entry* entry = *connectTo;
struct Allocator* perCallAlloc = Allocator_child(ctx->alloc);
while (entry != NULL) {
String* key = (String*) entry->key;
if (entry->val->type != Object_DICT) {
Log_critical(ctx->logger, "interfaces.UDPInterface.connectTo: entry [%s] "
"is not a dictionary type.", key->bytes);
exit(-1);
}
Dict* value = entry->val->as.dictionary;
Log_keys(ctx->logger, "Attempting to connect to node [%s].", key->bytes);
key = String_clone(key, perCallAlloc);
char* lastColon = CString_strrchr(key->bytes, ':');
if (!Sockaddr_parse(key->bytes, NULL)) {
// it's a sockaddr, fall through
} else if (lastColon) {
// try it as a hostname.
Log_critical(ctx->logger, "Couldn't add connection [%s], "
"hostnames aren't supported.", key->bytes);
exit(-1);
}
Dict_putInt(value, String_CONST("interfaceNumber"), ifNum, perCallAlloc);
Dict_putString(value, String_CONST("address"), key, perCallAlloc);
rpcCall(String_CONST("UDPInterface_beginConnection"), value, ctx, perCallAlloc);
// Make a IPTunnel exception for this node
Dict* aed = Dict_new(perCallAlloc);
*lastColon = '\0';
Dict_putString(aed, String_CONST("route"), String_new(key->bytes, perCallAlloc),
perCallAlloc);
*lastColon = ':';
rpcCall(String_CONST("RouteGen_addException"), aed, ctx, perCallAlloc);
entry = entry->next;
}
Allocator_free(perCallAlloc);
}
}
}
static void ethInterface(Dict* config, struct Context* ctx)
{
List* ifaces = Dict_getList(config, String_CONST("ETHInterface"));
if (!ifaces) {
ifaces = List_addDict(ifaces,
Dict_getDict(config, String_CONST("ETHInterface")), ctx->alloc);
}
uint32_t count = List_size(ifaces);
for (uint32_t i = 0; i < count; i++) {
Dict *eth = List_getDict(ifaces, i);
if (!eth) {
continue;
}
// Setup the interface.
String* deviceStr = Dict_getString(eth, String_CONST("bind"));
Log_info(ctx->logger, "Setting up ETHInterface [%d].", i);
Dict* d = Dict_new(ctx->alloc);
if (deviceStr) {
Log_info(ctx->logger, "Binding to device [%s].", deviceStr->bytes);
Dict_putString(d, String_CONST("bindDevice"), deviceStr, ctx->alloc);
}
if (rpcCall0(String_CONST("ETHInterface_new"), d, ctx, ctx->alloc, false)) {
Log_warn(ctx->logger, "Failed to create ETHInterface.");
continue;
}
// Make the connections.
Dict* connectTo = Dict_getDict(eth, String_CONST("connectTo"));
if (connectTo) {
Log_info(ctx->logger, "ETHInterface should connect to a specific node.");
struct Dict_Entry* entry = *connectTo;
while (entry != NULL) {
String* key = (String*) entry->key;
if (entry->val->type != Object_DICT) {
Log_critical(ctx->logger, "interfaces.ETHInterface.connectTo: entry [%s] "
"is not a dictionary type.", key->bytes);
exit(-1);
}
Dict* value = entry->val->as.dictionary;
Log_keys(ctx->logger, "Attempting to connect to node [%s].", key->bytes);
struct Allocator* perCallAlloc = Allocator_child(ctx->alloc);
// Turn the dict from the config into our RPC args dict by filling in all
// the arguments,
Dict_putString(value, String_CONST("macAddress"), key, perCallAlloc);
Dict_putInt(value, String_CONST("interfaceNumber"), i, perCallAlloc);
rpcCall(String_CONST("ETHInterface_beginConnection"), value, ctx, perCallAlloc);
Allocator_free(perCallAlloc);
entry = entry->next;
}
}
int64_t* beaconP = Dict_getInt(eth, String_CONST("beacon"));
if (beaconP) {
int64_t beacon = *beaconP;
if (beacon > 3 || beacon < 0) {
Log_error(ctx->logger, "interfaces.ETHInterface.beacon may only be 0, 1,or 2");
} else {
// We can cast beacon to an int here because we know it's small enough
Log_info(ctx->logger, "Setting beacon mode on ETHInterface to [%d].", (int) beacon);
Dict d = Dict_CONST(String_CONST("interfaceNumber"), Int_OBJ(i),
Dict_CONST(String_CONST("state"), Int_OBJ(beacon), NULL));
rpcCall(String_CONST("ETHInterface_beacon"), &d, ctx, ctx->alloc);
}
}
}
}
static void udpInterface(Dict* config, struct Context* ctx)
{
List* ifaces = Dict_getList(config, String_CONST("UDPInterface"));
if (!ifaces) {
ifaces = List_addDict(ifaces,
Dict_getDict(config, String_CONST("UDPInterface")), ctx->alloc);
}
uint32_t count = List_size(ifaces);
for (uint32_t i = 0; i < count; i++) {
Dict *udp = List_getDict(ifaces, i);
if (!udp) {
continue;
}
// Setup the interface.
String* bindStr = Dict_getString(udp, String_CONST("bind"));
Dict* d = Dict_new(ctx->alloc);
if (bindStr) {
Dict_putString(d, String_CONST("bindAddress"), bindStr, ctx->alloc);
}
rpcCall(String_CONST("UDPInterface_new"), d, ctx, ctx->alloc);
// Make the connections.
Dict* connectTo = Dict_getDict(udp, String_CONST("connectTo"));
if (connectTo) {
struct Dict_Entry* entry = *connectTo;
struct Allocator* perCallAlloc = Allocator_child(ctx->alloc);
while (entry != NULL) {
String* key = (String*) entry->key;
if (entry->val->type != Object_DICT) {
Log_critical(ctx->logger, "interfaces.UDPInterface.connectTo: entry [%s] "
"is not a dictionary type.", key->bytes);
exit(-1);
}
Dict* value = entry->val->as.dictionary;
Log_keys(ctx->logger, "Attempting to connect to node [%s].", key->bytes);
key = String_clone(key, perCallAlloc);
char* lastColon = strrchr(key->bytes, ':');
if (!Sockaddr_parse(key->bytes, NULL)) {
// it's a sockaddr, fall through
} else if (lastColon) {
// try it as a hostname.
int port = atoi(lastColon+1);
if (!port) {
Log_critical(ctx->logger, "Couldn't get port number from [%s]", key->bytes);
exit(-1);
}
*lastColon = '\0';
struct Sockaddr* adr = Sockaddr_fromName(key->bytes, perCallAlloc);
if (adr != NULL) {
Sockaddr_setPort(adr, port);
key = String_new(Sockaddr_print(adr, perCallAlloc), perCallAlloc);
} else {
Log_warn(ctx->logger, "Failed to lookup hostname [%s]", key->bytes);
entry = entry->next;
continue;
}
}
Dict_putString(value, String_CONST("address"), key, perCallAlloc);
rpcCall(String_CONST("UDPInterface_beginConnection"), value, ctx, perCallAlloc);
entry = entry->next;
}
Allocator_free(perCallAlloc);
}
}
}
