static bool checkArgs(Dict* args, struct Function* func, String* txid, struct Admin* admin) { struct Dict_Entry* entry = *func->args; String* error = NULL; uint8_t buffer[1024]; struct Allocator* alloc = BufferAllocator_new(buffer, 1024); while (entry != NULL) { String* key = (String*) entry->key; Assert_true(entry->val->type == Object_DICT); Dict* value = entry->val->as.dictionary; entry = entry->next; if (*Dict_getInt(value, String_CONST("required")) == 0) { continue; } String* type = Dict_getString(value, String_CONST("type")); if ((type == STRING && !Dict_getString(args, key)) || (type == DICT && !Dict_getDict(args, key)) || (type == INTEGER && !Dict_getInt(args, key)) || (type == LIST && !Dict_getList(args, key))) { error = String_printf(alloc, "Entry [%s] is required and must be of type [%s]", key->bytes, type->bytes); break; } } if (error) { Dict d = Dict_CONST(String_CONST("error"), String_OBJ(error), NULL); Admin_sendMessage(&d, txid, admin); } return !error; }
static void authorizedPasswords(List* list, struct Context* ctx) { uint32_t count = List_size(list); for (uint32_t i = 0; i < count; i++) { Dict* d = List_getDict(list, i); Log_info(ctx->logger, "Checking authorized password %d.", i); if (!d) { Log_critical(ctx->logger, "Not a dictionary type %d.", i); exit(-1); } String* passwd = Dict_getString(d, String_CONST("password")); if (!passwd) { Log_critical(ctx->logger, "Must specify a password %d.", i); exit(-1); } } Log_info(ctx->logger, "Flushing existing authorized passwords"); rpcCall(String_CONST("AuthorizedPasswords_flush"), NULL, ctx, ctx->alloc); for (uint32_t i = 0; i < count; i++) { Dict* d = List_getDict(list, i); String* passwd = Dict_getString(d, String_CONST("password")); Log_info(ctx->logger, "Adding authorized password #[%d].", i); Dict args = Dict_CONST( String_CONST("authType"), Int_OBJ(1), Dict_CONST( String_CONST("password"), String_OBJ(passwd), NULL )); struct Allocator* child = ctx->alloc->child(ctx->alloc); rpcCall(String_CONST("AuthorizedPasswords_add"), &args, ctx, child); child->free(child); } }
static int getcmds(Dict* config) { uint8_t privateKey[32]; struct Address addr; parsePrivateKey(config, &addr, privateKey); uint8_t myIp[40]; Address_printIp(myIp, &addr); Dict* router = Dict_getDict(config, BSTR("router")); Dict* iface = Dict_getDict(router, BSTR("interface")); String* type = Dict_getString(iface, BSTR("type")); String* tunDevice = Dict_getString(iface, BSTR("tunDevice")); if (!String_equals(type, BSTR("TUNInterface"))) { fprintf(stderr, "router.interface.type is not recognized.\n"); return -1; } char* tunDev = tunDevice ? tunDevice->bytes : "tun0"; if (strrchr(tunDev, '/') != NULL) { tunDev = strrchr(tunDev, '/') + 1; } printf("#!/bin/bash\n" "# Run these commands as root now and every time the system is rebooted\n" "# in order to get the interfaces setup properly.\n\n"); printf("/sbin/ip addr add %s dev %s\n", myIp, tunDev); printf("/sbin/ip -6 route add fc00::/8 dev %s\n", tunDev); printf("/sbin/ip link set %s up\n", tunDev); return 0; }
static void ipTunnel(Dict* ifaceConf, struct Allocator* tempAlloc, struct Context* ctx) { List* incoming = Dict_getList(ifaceConf, String_CONST("allowedConnections")); Dict* d; for (int i = 0; (d = List_getDict(incoming, i)) != NULL; i++) { String* key = Dict_getString(d, String_CONST("publicKey")); String* ip4 = Dict_getString(d, String_CONST("ip4Address")); String* ip6 = Dict_getString(d, String_CONST("ip6Address")); if (!key) { Log_critical(ctx->logger, "In router.ipTunnel.allowedConnections[%d]" "'publicKey' required.", i); exit(1); } if (!ip4 && !ip6) { Log_critical(ctx->logger, "In router.ipTunnel.allowedConnections[%d]" "either ip4Address or ip6Address required.", i); exit(1); } Log_debug(ctx->logger, "Allowing IpTunnel connections from [%s]", key->bytes); Dict_putString(d, String_CONST("publicKeyOfAuthorizedNode"), key, tempAlloc); rpcCall0(String_CONST("IpTunnel_allowConnection"), d, ctx, tempAlloc, true); } List* outgoing = Dict_getList(ifaceConf, String_CONST("outgoingConnections")); String* s; for (int i = 0; (s = List_getString(outgoing, i)) != NULL; i++) { Log_debug(ctx->logger, "Initiating IpTunnel connection to [%s]", s->bytes); Dict requestDict = Dict_CONST(String_CONST("publicKeyOfNodeToConnectTo"), String_OBJ(s), NULL); rpcCall0(String_CONST("IpTunnel_connectTo"), &requestDict, ctx, tempAlloc, true); } }
static void handleRequestFromChild(struct Admin* admin, uint8_t buffer[MAX_API_REQUEST_SIZE], size_t amount, struct Allocator* allocator) { String* txid = NULL; int skip = 0; if (!memcmp(buffer, "0123", 4)) { // out of band txid txid = &(String) { .len = 4, .bytes = (char*) buffer + 4 }; skip = 8; } struct Reader* reader = ArrayReader_new(buffer + skip, amount - skip, allocator); Dict message; if (List_getStandardBencSerializer()->parseDictionary(reader, allocator, &message)) { return; } String* query = Dict_getString(&message, CJDHTConstants_QUERY); if (!query) { return; } // If they're asking for a cookie then lets give them one. String* cookie = BSTR("cookie"); if (String_equals(query, cookie)) { Dict* d = Dict_new(allocator); char bytes[32]; snprintf(bytes, 32, "%u", (uint32_t) Time_currentTimeSeconds(admin->eventBase)); String* theCookie = &(String) { .len = strlen(bytes), .bytes = bytes }; Dict_putString(d, cookie, theCookie, allocator); Admin_sendMessage(d, txid, admin); return; } // If this is a permitted query, make sure the cookie is right. String* auth = BSTR("auth"); bool authed = false; if (String_equals(query, auth)) { if (!authValid(&message, buffer + skip, reader->bytesRead(reader), admin)) { Dict* d = Dict_new(allocator); Dict_putString(d, BSTR("error"), BSTR("Auth failed."), allocator); Admin_sendMessage(d, txid, admin); return; } query = Dict_getString(&message, BSTR("aq")); authed = true; } for (int i = 0; i < admin->functionCount; i++) { if (String_equals(query, admin->functions[i].name) && (authed || !admin->functions[i].needsAuth)) { admin->functions[i].call(&message, admin->functions[i].context, txid); } } return; }
static void tunInterface(Dict* ifaceConf, struct Allocator* tempAlloc, struct Context* ctx) { String* ifaceType = Dict_getString(ifaceConf, String_CONST("type")); if (!String_equals(ifaceType, String_CONST("TUNInterface"))) { return; } // Setup the interface. String* tunfd = Dict_getString(ifaceConf, String_CONST("tunfd")); String* device = Dict_getString(ifaceConf, String_CONST("tunDevice")); Dict* args = Dict_new(tempAlloc); if (tunfd && device) { Dict_putString(args, String_CONST("path"), device, tempAlloc); Dict_putString(args, String_CONST("type"), String_new(tunfd->bytes, tempAlloc), tempAlloc); Dict* res = NULL; rpcCall0(String_CONST("FileNo_import"), args, ctx, tempAlloc, &res, false); if (res) { Dict* args = Dict_new(tempAlloc); int64_t* tunfd = Dict_getInt(res, String_CONST("tunfd")); int64_t* type = Dict_getInt(res, String_CONST("type")); Dict_putInt(args, String_CONST("tunfd"), *tunfd, tempAlloc); Dict_putInt(args, String_CONST("type"), *type, tempAlloc); rpcCall0(String_CONST("Core_initTunfd"), args, ctx, tempAlloc, NULL, false); } } else { if (device) { Dict_putString(args, String_CONST("desiredTunName"), device, tempAlloc); } rpcCall0(String_CONST("Core_initTunnel"), args, ctx, tempAlloc, NULL, false); } }
static void adminPing(Dict* args, void* vcontext, String* txid, struct Allocator* requestAlloc) { struct Context* context = vcontext; String* pathStr = Dict_getString(args, String_CONST("path")); int64_t* timeoutPtr = Dict_getInt(args, String_CONST("timeout")); String* data = Dict_getString(args, String_CONST("data")); int64_t* keyPing = Dict_getInt(args, String_CONST("keyPing")); uint32_t timeout = (timeoutPtr) ? *timeoutPtr : DEFAULT_TIMEOUT; uint64_t path; String* err = NULL; if (pathStr->len != 19 || AddrTools_parsePath(&path, (uint8_t*) pathStr->bytes)) { err = String_CONST("path was not parsable."); } else { struct SwitchPinger_Ping* ping = SwitchPinger_newPing(path, data, timeout, adminPingOnResponse, context->alloc, context->switchPinger); if (keyPing && *keyPing) { ping->keyPing = true; } if (!ping) { err = String_CONST("no open slots to store ping, try later."); } else { ping->onResponseContext = Allocator_clone(ping->pingAlloc, (&(struct Ping) { .context = context, .txid = String_clone(txid, ping->pingAlloc), .path = String_clone(pathStr, ping->pingAlloc) })); } }
static void allowConnection(Dict* args, void* vcontext, String* txid) { struct Context* context = (struct Context*) vcontext; String* publicKeyOfAuthorizedNode = Dict_getString(args, String_CONST("publicKeyOfAuthorizedNode")); String* ip6Address = Dict_getString(args, String_CONST("ip6Address")); String* ip4Address = Dict_getString(args, String_CONST("ip4Address")); uint8_t pubKey[32]; uint8_t ip6Addr[16]; uint8_t ip6ToGive[16]; uint8_t ip4ToGive[4]; char* error; int ret; if (!ip6Address && !ip4Address) { error = "Must specify ip6Address or ip4Address"; } else if ((ret = Key_parse(publicKeyOfAuthorizedNode, pubKey, ip6Addr)) != 0) { error = Key_parse_strerror(ret); } else if (ip6Address && evutil_inet_pton(AF_INET6, ip6Address->bytes, ip6ToGive) < 1) { error = "malformed ip6Address"; } else if (ip4Address && evutil_inet_pton(AF_INET, ip4Address->bytes, ip4ToGive) < 1) { error = "malformed ip4Address"; } else { int conn = IpTunnel_allowConnection(pubKey, (ip6Address) ? ip6ToGive : NULL, (ip4Address) ? ip4ToGive : NULL, context->ipTun); sendResponse(conn, txid, context->admin); return; } sendError(error, txid, context->admin); }
static inline bool authValid(Dict* message, uint8_t* buffer, uint32_t length, struct Admin* admin) { String* cookieStr = Dict_getString(message, String_CONST("cookie")); uint32_t cookie = (cookieStr != NULL) ? strtoll(cookieStr->bytes, NULL, 10) : 0; if (!cookie) { int64_t* cookieInt = Dict_getInt(message, String_CONST("cookie")); cookie = (cookieInt) ? *cookieInt : 0; } uint64_t nowSecs = Time_currentTimeSeconds(admin->eventBase); String* submittedHash = Dict_getString(message, String_CONST("hash")); if (cookie > nowSecs || cookie < nowSecs - 20 || !submittedHash || submittedHash->len != 64) { return false; } uint8_t* hashPtr = (uint8_t*) strstr((char*) buffer, submittedHash->bytes); if (!hashPtr || !admin->password) { return false; } uint8_t passAndCookie[64]; snprintf((char*) passAndCookie, 64, "%s%u", admin->password->bytes, cookie); uint8_t hash[32]; crypto_hash_sha256(hash, passAndCookie, strlen((char*) passAndCookie)); Hex_encode(hashPtr, 64, hash, 32); crypto_hash_sha256(hash, buffer, length); Hex_encode(hashPtr, 64, hash, 32); return memcmp(hashPtr, submittedHash->bytes, 64) == 0; }
static void reconf(struct event_base* eventbase, Dict* mainConf, struct Log* logger, struct Allocator* alloc) { Dict* adminConf = Dict_getDict(mainConf, String_CONST("admin")); String* address = Dict_getString(adminConf, String_CONST("bind")); String* password = Dict_getString(adminConf, String_CONST("password")); if (!(address && password)) { Log_critical(logger, "Can't get the admin address and password from conf file."); exit(-1); } struct sockaddr_storage addr; memset(&addr, 0, sizeof(struct sockaddr_storage)); int addrLen = sizeof(struct sockaddr_storage); if (evutil_parse_sockaddr_port(address->bytes, (struct sockaddr*) &addr, &addrLen)) { Log_critical(logger, "Unable to parse [%s] as an ip address port, " "eg: 127.0.0.1:11234", address->bytes); exit(-1); } Configurator_config(mainConf, &addr, addrLen, password, eventbase, logger, alloc); }
static void allowConnection(Dict* args, void* vcontext, String* txid, struct Allocator* requestAlloc) { struct Context* context = (struct Context*) vcontext; String* publicKeyOfAuthorizedNode = Dict_getString(args, String_CONST("publicKeyOfAuthorizedNode")); String* ip6Address = Dict_getString(args, String_CONST("ip6Address")); int64_t* ip6Prefix = Dict_getInt(args, String_CONST("ip6Prefix")); String* ip4Address = Dict_getString(args, String_CONST("ip4Address")); int64_t* ip4Prefix = Dict_getInt(args, String_CONST("ip4Prefix")); uint8_t pubKey[32]; uint8_t ip6Addr[16]; struct Sockaddr_storage ip6ToGive; struct Sockaddr_storage ip4ToGive; char* error; int ret; if (!ip6Address && !ip4Address) { error = "Must specify ip6Address or ip4Address"; } else if ((ret = Key_parse(publicKeyOfAuthorizedNode, pubKey, ip6Addr)) != 0) { error = Key_parse_strerror(ret); } else if (ip6Prefix && !ip6Address) { error = "Must specify ip6Address with ip6Prefix"; } else if (ip6Prefix && (*ip6Prefix > 128 || *ip6Prefix < 0)) { error = "ip6Prefix out of range: must be 0 to 128"; } else if (ip4Prefix && (*ip4Prefix > 32 || *ip4Prefix < 0)) { error = "ip4Prefix out of range: must be 0 to 32"; } else if (ip4Prefix && !ip4Address) { error = "Must specify ip4Address with ip4Prefix"; } else if (ip6Address && (Sockaddr_parse(ip6Address->bytes, &ip6ToGive) || Sockaddr_getFamily(&ip6ToGive.addr) != Sockaddr_AF_INET6)) { error = "malformed ip6Address"; } else if (ip4Address && (Sockaddr_parse(ip4Address->bytes, &ip4ToGive) || Sockaddr_getFamily(&ip4ToGive.addr) != Sockaddr_AF_INET)) { error = "malformed ip4Address"; } else { int conn = IpTunnel_allowConnection(pubKey, (ip6Address) ? &ip6ToGive.addr : NULL, (ip6Prefix) ? (uint8_t) (*ip6Prefix) : 0, (ip4Address) ? &ip4ToGive.addr : NULL, (ip4Prefix) ? (uint8_t) (*ip4Prefix) : 0, context->ipTun); sendResponse(conn, txid, context->admin); return; } sendError(error, txid, context->admin); }
static void beginConnection(Dict* args, void* vcontext, String* txid) { struct Context* ctx = vcontext; String* password = Dict_getString(args, String_CONST("password")); String* publicKey = Dict_getString(args, String_CONST("publicKey")); String* address = Dict_getString(args, String_CONST("address")); int64_t* interfaceNumber = Dict_getInt(args, String_CONST("interfaceNumber")); uint32_t ifNum = (interfaceNumber) ? ((uint32_t) *interfaceNumber) : 0; String* error = NULL; uint8_t pkBytes[32]; if (ctx->ifCount == 0) { error = String_CONST("no interfaces are setup, call UDPInterface_new() first"); } else if (interfaceNumber && (*interfaceNumber >= ctx->ifCount || *interfaceNumber < 0)) { error = String_CONST("invalid interfaceNumber"); } else if (!publicKey || publicKey->len < 52 || (publicKey->len > 52 && publicKey->bytes[52] != '.')) { error = String_CONST("publicKey must be 52 characters long."); } else if (Base32_decode(pkBytes, 32, (uint8_t*)publicKey->bytes, 52) != 32) { error = String_CONST("failed to parse publicKey."); } else { struct UDPInterface* udpif = ctx->ifaces[ifNum]; switch (UDPInterface_beginConnection(address->bytes, pkBytes, password, udpif)) { case UDPInterface_beginConnection_OUT_OF_SPACE: error = String_CONST("no more space to register with the switch."); break; case UDPInterface_beginConnection_BAD_KEY: error = String_CONST("invalid cjdns public key."); break; case UDPInterface_beginConnection_BAD_ADDRESS: error = String_CONST("unable to parse ip address and port."); break; case UDPInterface_beginConnection_ADDRESS_MISMATCH: error = String_CONST("different address type than this socket is bound to."); break; case 0: error = String_CONST("none"); break; default: error = String_CONST("unknown error"); } } Dict out = Dict_CONST(String_CONST("error"), String_OBJ(error), NULL); Admin_sendMessage(&out, txid, ctx->admin); }
static void subscribe(Dict* args, void* vcontext, String* txid) { struct AdminLog* log = (struct AdminLog*) vcontext; String* levelName = Dict_getString(args, String_CONST("level")); enum Log_Level level = (levelName) ? Log_levelForName(levelName->bytes) : Log_Level_DEBUG; int64_t* lineNumPtr = Dict_getInt(args, String_CONST("line")); String* fileStr = Dict_getString(args, String_CONST("file")); const char* file = (fileStr && fileStr->len > 0) ? fileStr->bytes : NULL; char* error = "2+2=5"; if (level == Log_Level_INVALID) { level = Log_Level_KEYS; } if (lineNumPtr && *lineNumPtr < 0) { error = "Invalid line number, must be positive or 0 to signify any line is acceptable."; } else if (log->subscriptionCount >= MAX_SUBSCRIPTIONS) { error = "Max subscription count reached."; } else { struct Subscription* sub = &log->subscriptions[log->subscriptionCount]; sub->level = level; sub->alloc = Allocator_child(log->alloc); if (file) { int i; for (i = 0; i < FILE_NAME_COUNT; i++) { if (log->fileNames[i] && !strcmp(log->fileNames[i], file)) { file = log->fileNames[i]; sub->internalName = true; break; } } if (i == FILE_NAME_COUNT) { file = String_new(file, sub->alloc)->bytes; sub->internalName = false; } } sub->file = file; sub->lineNum = (lineNumPtr) ? *lineNumPtr : 0; sub->txid = String_clone(txid, sub->alloc); Random_bytes(log->rand, (uint8_t*) sub->streamId, 8); uint8_t streamIdHex[20]; Hex_encode(streamIdHex, 20, sub->streamId, 8); Dict response = Dict_CONST( String_CONST("error"), String_OBJ(String_CONST("none")), Dict_CONST( String_CONST("streamId"), String_OBJ(String_CONST((char*)streamIdHex)), NULL )); Admin_sendMessage(&response, txid, log->admin); log->subscriptionCount++; return; } Dict response = Dict_CONST( String_CONST("error"), String_OBJ(String_CONST(error)), NULL ); Admin_sendMessage(&response, txid, log->admin); }
static void registerRouter(Dict* config, uint8_t myPubKey[32], struct Context* context) { Dict* iface = Dict_getDict(config, BSTR("interface")); if (String_equals(Dict_getString(iface, BSTR("type")), BSTR("TUNInterface"))) { String* tunPath = Dict_getString(iface, BSTR("tunDevice")); context->routerIf = TUNInterface_new(tunPath, context->base, context->allocator); } context->routerModule = RouterModule_register(context->registry, context->allocator, myPubKey, context->base, context->logger, context->admin); }
struct EncodingScheme* EncodingScheme_fromList(List* scheme, struct Allocator* alloc) { struct EncodingScheme* list = Allocator_malloc(alloc, sizeof(struct EncodingScheme)); list->count = List_size(scheme); list->forms = Allocator_malloc(alloc, sizeof(struct EncodingScheme_Form) * list->count); for (int i = 0; i < (int)list->count; i++) { Dict* form = List_getDict(scheme, i); uint64_t* prefixLen = Dict_getInt(form, String_CONST("prefixLen")); uint64_t* bitCount = Dict_getInt(form, String_CONST("bitCount")); String* prefixStr = Dict_getString(form, String_CONST("prefix")); if (!prefixLen || !bitCount || !prefixStr || prefixStr->len != 8) { return NULL; } uint32_t prefix_be; if (Hex_decode((uint8_t*)&prefix_be, 4, prefixStr->bytes, 8) != 4) { return NULL; } list->forms[i].prefixLen = *prefixLen; list->forms[i].bitCount = *bitCount; list->forms[i].prefix = Endian_bigEndianToHost32(prefix_be); } if (!EncodingScheme_isSane(list)) { return NULL; } return list; }
static void dumpRumorMill(Dict* args, void* vcontext, String* txid, struct Allocator* requestAlloc) { struct Context* ctx = Identity_check((struct Context*) vcontext); Dict* out = Dict_new(requestAlloc); struct RumorMill* rm = getRumorMill(ctx, Dict_getString(args, String_CONST("mill"))); if (!rm) { Dict_putString(out, String_CONST("error"), String_CONST("mill must be one of " "[externalMill,linkMill,nodeMill,dhtMill,splitMill]"), requestAlloc); Admin_sendMessage(out, txid, ctx->admin); return; } int64_t* page = Dict_getInt(args, String_CONST("page")); int ctr = (page) ? *page * ENTRIES_PER_PAGE : 0; List* table = List_new(requestAlloc); for (int i = 0; i < ENTRIES_PER_PAGE && ctr < rm->count; i++) { String* addr = Address_toString(&rm->addresses[ctr++], requestAlloc); List_addString(table, addr, requestAlloc); } Dict_putList(out, String_CONST("addresses"), table, requestAlloc); Dict_putInt(out, String_CONST("total"), rm->count, requestAlloc); Admin_sendMessage(out, txid, ctx->admin); }
static void adminDisconnectPeer(Dict* args, void* vcontext, String* txid, struct Allocator* requestAlloc) { struct Context* context = Identity_check((struct Context*)vcontext); String* pubkeyString = Dict_getString(args, String_CONST("pubkey")); // parse the key uint8_t pubkey[32]; uint8_t addr[16]; int error = Key_parse(pubkeyString, pubkey, addr); char* errorMsg = NULL; if (error) { errorMsg = "bad key"; } else { // try to remove the peer if the key is valid error = InterfaceController_disconnectPeer(context->ic,pubkey); if (error) { errorMsg = "no peer found for that key"; } } Dict* response = Dict_new(requestAlloc); Dict_putInt(response, String_CONST("success"), error ? 0 : 1, requestAlloc); if (error) { Dict_putString(response, String_CONST("error"), String_CONST(errorMsg), requestAlloc); } Admin_sendMessage(response, txid, context->admin); }
static void addKey(Dict* args, void* vcontext, String* txid, struct Allocator* requestAlloc) { struct Context* context = vcontext; struct Allocator* alloc = Allocator_child(context->alloc); String* identStr = Dict_getString(args, String_CONST("ident")); int ret; uint8_t key[32]; char* err = "none"; if (identStr->len < 52) { err = "too short"; } else if (Base32_decode(key, 32, identStr->bytes, 52) != 32) { err = "failed to parse"; } else if ((ret = RainflyClient_addKey(context->rainfly, key))) { if (ret == RainflyClient_addKey_TOO_MANY_KEYS) { err = "RainflyClient_addKey_TOO_MANY_KEYS"; } else { err = "unknown error"; } } Dict* response = Dict_new(alloc); Dict_putString(response, String_CONST("error"), String_CONST(err), alloc); Admin_sendMessage(response, txid, context->admin); Allocator_free(alloc); }
static void getUser(Dict* args, void* vctx, String* txid, struct Allocator* requestAlloc) { struct Context* const ctx = Identity_check((struct Context*) vctx); String* user = Dict_getString(args, String_CONST("user")); Dict* ret = Security_getUser((user) ? user->bytes : NULL, requestAlloc); Admin_sendMessage(ret, txid, ctx->admin); }
static void addServer(Dict* args, void* vcontext, String* txid, struct Allocator* requestAlloc) { struct Context* context = vcontext; struct Allocator* alloc = Allocator_child(context->alloc); String* addrStr = Dict_getString(args, String_CONST("addr")); int ret; struct Sockaddr_storage ss; char* err = "none"; if (Sockaddr_parse(addrStr->bytes, &ss)) { err = "could not parse address"; } else if ((ret = RainflyClient_addServer(context->rainfly, &ss.addr))) { if (ret == RainflyClient_addServer_WRONG_ADDRESS_TYPE) { err = "RainflyClient_addServer_WRONG_ADDRESS_TYPE"; } else { err = "unknown error"; } } Dict* response = Dict_new(alloc); Dict_putString(response, String_CONST("error"), String_CONST(err), alloc); Admin_sendMessage(response, txid, context->admin); Allocator_free(alloc); }
static void initTunnel(Dict* args, void* vcontext, String* txid) { struct Context* const ctx = (struct Context*) vcontext; #define BUFFERSZ 1024 uint8_t buffer[BUFFERSZ]; struct Allocator* const alloc = BufferAllocator_new(buffer, BUFFERSZ); struct Jmp jmp; Jmp_try(jmp) { Core_initTunnel(Dict_getString(args, String_CONST("desiredTunName")), ctx->ipAddr, 8, ctx->ducttape, ctx->logger, ctx->ipTunnel, ctx->eventBase, ctx->alloc, &jmp.handler); } Jmp_catch { String* error = String_printf(alloc, "Failed to configure tunnel [%s]", jmp.message); sendResponse(error, ctx->admin, txid, alloc); return; } sendResponse(String_CONST("none"), ctx->admin, txid, alloc); }
static void add(Dict* args, void* vcontext, String* txid) { struct Context* context = (struct Context*) vcontext; String* passwd = Dict_getString(args, String_CONST("password")); int64_t* authType = Dict_getInt(args, String_CONST("authType")); int64_t one = 1; if (!authType) { authType = &one; } else if (*authType < 1 || *authType > 255) { sendResponse(String_CONST("Specified auth type is not supported."), context->admin, txid); return; } int32_t ret = CryptoAuth_addUser(passwd, *authType, context, context->ca); switch (ret) { case 0: sendResponse(String_CONST("none"), context->admin, txid); break; case CryptoAuth_addUser_INVALID_AUTHTYPE: sendResponse(String_CONST("Specified auth type is not supported."), context->admin, txid); break; case CryptoAuth_addUser_OUT_OF_SPACE: sendResponse(String_CONST("Out of memory to store password."), context->admin, txid); break; case CryptoAuth_addUser_DUPLICATE: sendResponse(String_CONST("Password already added."), context->admin, txid); break; default: sendResponse(String_CONST("Unknown error."), context->admin, txid); } }
struct Admin* Admin_new(Dict* config, char* user, struct event_base* eventBase, struct ExceptionHandler* eh, struct Allocator* allocator) { errno = 0; int pipes[2][2]; if (pipe(pipes[0]) || pipe(pipes[1])) { eh->exception(__FILE__ " Failed to create pipes.", errno, eh); } int pgid = getpid(); int pid = fork(); if (pid < 0) { eh->exception(__FILE__ " Failed to fork()", errno, eh); } bool isChild = (pid == 0); int inFd = pipes[isChild][0]; close(pipes[!isChild][0]); int outFd = pipes[!isChild][1]; close(pipes[isChild][1]); if (isChild) { // Set the process group so that children will not // become orphaned if the parent gets signal 11 err um 9. setpgid(0, pgid); if (user) { Security_setUser(user, NULL, AbortHandler_INSTANCE); } struct ChildContext context; memset(&context, 0, sizeof(struct ChildContext)); context.inFd = inFd; context.outFd = outFd; context.allocator = allocator; event_reinit(eventBase); context.eventBase = eventBase; child(config, &context); exit(0); } setpgid(pid, pgid); struct Admin* admin = allocator->calloc(sizeof(struct Admin), 1, allocator); admin->inFd = inFd; admin->outFd = outFd; admin->allocator = allocator; admin->functionCount = 0; admin->eventBase = eventBase; admin->password = Dict_getString(config, BSTR("password")); admin->pipeEv = event_new(eventBase, inFd, EV_READ | EV_PERSIST, inFromChild, admin); event_add(admin->pipeEv, NULL); return admin; }
static void tunInterface(Dict* ifaceConf, struct Allocator* tempAlloc, struct Context* ctx) { String* ifaceType = Dict_getString(ifaceConf, String_CONST("type")); if (!String_equals(ifaceType, String_CONST("TUNInterface"))) { return; } // Setup the interface. String* device = Dict_getString(ifaceConf, String_CONST("tunDevice")); Dict* args = Dict_new(tempAlloc); if (device) { Dict_putString(args, String_CONST("desiredTunName"), device, tempAlloc); } rpcCall0(String_CONST("Core_initTunnel"), args, ctx, tempAlloc, false); }
static void rpcCall0(String* function, Dict* args, struct Context* ctx, struct Allocator* alloc, bool exitIfError) { struct AdminClient_Result* res = AdminClient_rpcCall(function, args, ctx->client, alloc); if (res->err) { Log_critical(ctx->logger, "Failed to make function call [%s], error: [%s]", AdminClient_errorString(res->err), function->bytes); die(res, ctx, alloc); } String* error = Dict_getString(res->responseDict, String_CONST("error")); if (error && !String_equals(error, String_CONST("none"))) { if (exitIfError) { Log_critical(ctx->logger, "Got error [%s] calling [%s]", error->bytes, function->bytes); die(res, ctx, alloc); } Log_warn(ctx->logger, "Got error [%s] calling [%s], ignoring.", error->bytes, function->bytes); } }
static void pidfile(Dict* config) { String* pidFile = Dict_getString(config, BSTR("pidFile")); if (pidFile) { printf("%s", pidFile->bytes); } }
static void lookup(Dict* args, void* vcontext, String* txid, struct Allocator* requestAlloc) { struct Context* ctx = vcontext; String* addrStr = Dict_getString(args, String_CONST("address")); char* err = NULL; uint8_t addr[16]; uint8_t resultBuff[60]; char* result = (char*) resultBuff; if (addrStr->len != 39) { err = "address wrong length"; } else if (AddrTools_parseIp(addr, (uint8_t*) addrStr->bytes)) { err = "failed to parse address"; } else { struct Node_Two* n = Router_lookup(ctx->router, addr); if (!n) { result = "not found"; } else if (Bits_memcmp(addr, n->address.ip6.bytes, 16)) { Address_print(resultBuff, &n->address); } else { AddrTools_printPath(resultBuff, n->address.path); } } Dict response = Dict_CONST( String_CONST("error"), String_OBJ(String_CONST((err) ? err : "none")), Dict_CONST( String_CONST("result"), String_OBJ(String_CONST(result)), NULL )); Admin_sendMessage(&response, txid, ctx->admin); }
static void authorizedPasswords(List* list, struct Context* ctx) { uint32_t count = List_size(list); for (uint32_t i = 0; i < count; i++) { Dict* d = List_getDict(list, i); Log_info(ctx->logger, "Checking authorized password %d.", i); if (!d) { Log_critical(ctx->logger, "Not a dictionary type %d.", i); exit(-1); } String* passwd = Dict_getString(d, String_CONST("password")); if (!passwd) { Log_critical(ctx->logger, "Must specify a password %d.", i); exit(-1); } } for (uint32_t i = 0; i < count; i++) { struct Allocator* child = Allocator_child(ctx->alloc); Dict* d = List_getDict(list, i); String* passwd = Dict_getString(d, String_CONST("password")); String* user = Dict_getString(d, String_CONST("user")); String* displayName = user; if (!displayName) { displayName = String_printf(child, "password [%d]", i); } //String* publicKey = Dict_getString(d, String_CONST("publicKey")); String* ipv6 = Dict_getString(d, String_CONST("ipv6")); Log_info(ctx->logger, "Adding authorized password #[%d] for user [%s].", i, displayName->bytes); Dict *args = Dict_new(child); uint32_t i = 1; Dict_putInt(args, String_CONST("authType"), i, child); Dict_putString(args, String_CONST("password"), passwd, child); if (user) { Dict_putString(args, String_CONST("user"), user, child); } Dict_putString(args, String_CONST("displayName"), displayName, child); if (ipv6) { Log_info(ctx->logger, " This connection password restricted to [%s] only.", ipv6->bytes); Dict_putString(args, String_CONST("ipv6"), ipv6, child); } rpcCall(String_CONST("AuthorizedPasswords_add"), args, ctx, child); Allocator_free(child); } }
static void getRouteLabel(Dict* args, void* vcontext, String* txid, struct Allocator* requestAlloc) { struct Context* ctx = Identity_check((struct Context*) vcontext); char* err = NULL; String* pathToParentS = Dict_getString(args, String_CONST("pathToParent")); uint64_t pathToParent = 0; if (pathToParentS->len != 19 || AddrTools_parsePath(&pathToParent, pathToParentS->bytes)) { err = "parse_pathToParent"; } String* pathParentToChildS = Dict_getString(args, String_CONST("pathParentToChild")); uint64_t pathParentToChild = 0; if (pathParentToChildS->len != 19 || AddrTools_parsePath(&pathParentToChild, pathParentToChildS->bytes)) { err = "parse_pathParentToChild"; } uint64_t label = UINT64_MAX; if (!err) { label = NodeStore_getRouteLabel(ctx->store, pathToParent, pathParentToChild); err = NodeStore_getRouteLabel_strerror(label); } Dict* response = Dict_new(requestAlloc); if (!err) { String* printedPath = String_newBinary(NULL, 19, requestAlloc); AddrTools_printPath(printedPath->bytes, label); Dict_putString(response, String_new("result", requestAlloc), printedPath, requestAlloc); Dict_putString(response, String_new("error", requestAlloc), String_new("none", requestAlloc), requestAlloc); Admin_sendMessage(response, txid, ctx->admin); } else { Dict_putString(response, String_new("error", requestAlloc), String_new(err, requestAlloc), requestAlloc); Admin_sendMessage(response, txid, ctx->admin); } }
static void addRemoveSomething(Dict* args, void* vcontext, String* txid, struct Allocator* requestAlloc, enum addRemoveSomething_What what) { struct RouteGen_admin_Ctx* ctx = Identity_check((struct RouteGen_admin_Ctx*) vcontext); String* route = Dict_getString(args, String_CONST("route")); char* error = NULL; struct Sockaddr_storage ss; if (route->len > 63) { error = "parse_failed"; } if (!error) { if (Sockaddr_parse(route->bytes, &ss)) { error = "parse_failed"; } else { int family = Sockaddr_getFamily(&ss.addr); if (family != Sockaddr_AF_INET && family != Sockaddr_AF_INET6) { error = "unexpected_af"; } } } int retVal = -1; Dict* out = Dict_new(requestAlloc); if (!error) { switch (what) { case addRemoveSomething_What_ADD_EXCEPTION: RouteGen_addException(ctx->rg, &ss.addr); break; case addRemoveSomething_What_ADD_PREFIX: RouteGen_addPrefix(ctx->rg, &ss.addr); break; case addRemoveSomething_What_ADD_LOCALPREFIX: RouteGen_addLocalPrefix(ctx->rg, &ss.addr); break; case addRemoveSomething_What_RM_EXCEPTION: retVal = RouteGen_removeException(ctx->rg, &ss.addr); break; case addRemoveSomething_What_RM_PREFIX: retVal = RouteGen_removePrefix(ctx->rg, &ss.addr); break; case addRemoveSomething_What_RM_LOCALPREFIX: retVal = RouteGen_removeLocalPrefix(ctx->rg, &ss.addr); break; default: Assert_failure("invalid op"); } if (!retVal) { error = "no_such_route"; } else { error = "none"; } } Dict_putString(out, String_new("error", requestAlloc), String_new(error, requestAlloc), requestAlloc); Admin_sendMessage(out, txid, ctx->admin); }