/*
- conf.c -- configuration code
- Copyright (C) 1998 Robert van der Meulen
- 1998-2003 Ivo Timmermans <ivo@o2w.nl>
- 2000-2003 Guus Sliepen <guus@sliepen.eu.org>
- 2000 Cris van Pelt <tribbel@arise.dhs.org>
+ econf.c -- configuration code
+ Copyright (C) 2018 Guus Sliepen <guus@meshlink.io>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
- $Id: conf.c,v 1.9.4.72 2003/08/02 21:34:10 guus Exp $
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#include "system.h"
+#include <assert.h>
+#include <sys/types.h>
+#include <utime.h>
-#include "avl_tree.h"
#include "conf.h"
+#include "crypto.h"
#include "logger.h"
-#include "netutl.h" /* for str2address */
-#include "utils.h" /* for cp */
+#include "meshlink_internal.h"
#include "xalloc.h"
+#include "packmsg.h"
-avl_tree_t *config_tree;
-
-int pingtimeout = 0; /* seconds before timeout */
-char *confbase = NULL; /* directory in which all config files are */
-char *netname = NULL; /* name of the vpn network */
+/// Generate a path to the main configuration file.
+static void make_main_path(meshlink_handle_t *mesh, const char *conf_subdir, char *path, size_t len) {
+ assert(conf_subdir);
+ assert(path);
+ assert(len);
-static int config_compare(const config_t *a, const config_t *b)
-{
- int result;
+ snprintf(path, len, "%s" SLASH "%s" SLASH "meshlink.conf", mesh->confbase, conf_subdir);
+}
- result = strcasecmp(a->variable, b->variable);
+/// Generate a path to a host configuration file.
+static void make_host_path(meshlink_handle_t *mesh, const char *conf_subdir, const char *name, char *path, size_t len) {
+ assert(conf_subdir);
+ assert(name);
+ assert(path);
+ assert(len);
- if(result)
- return result;
+ snprintf(path, len, "%s" SLASH "%s" SLASH "hosts" SLASH "%s", mesh->confbase, conf_subdir, name);
+}
- result = a->line - b->line;
+/// Generate a path to an unused invitation file.
+static void make_invitation_path(meshlink_handle_t *mesh, const char *conf_subdir, const char *name, char *path, size_t len) {
+ assert(conf_subdir);
+ assert(name);
+ assert(path);
+ assert(len);
- if(result)
- return result;
- else
- return strcmp(a->file, b->file);
+ snprintf(path, len, "%s" SLASH "%s" SLASH "invitations" SLASH "%s", mesh->confbase, conf_subdir, name);
}
-void init_configuration(avl_tree_t ** config_tree)
-{
- cp();
+/// Generate a path to a used invitation file.
+static void make_used_invitation_path(meshlink_handle_t *mesh, const char *conf_subdir, const char *name, char *path, size_t len) {
+ assert(conf_subdir);
+ assert(name);
+ assert(path);
+ assert(len);
- *config_tree = avl_alloc_tree((avl_compare_t) config_compare, (avl_action_t) free_config);
+ snprintf(path, len, "%s" SLASH "%s" SLASH "invitations" SLASH "%s.used", mesh->confbase, conf_subdir, name);
}
-void exit_configuration(avl_tree_t ** config_tree)
-{
- cp();
+/// Remove a directory recursively
+static void deltree(const char *dirname) {
+ assert(dirname);
- avl_delete_tree(*config_tree);
- *config_tree = NULL;
-}
+ DIR *d = opendir(dirname);
-config_t *new_config(void)
-{
- cp();
+ if(d) {
+ struct dirent *ent;
+
+ while((ent = readdir(d))) {
+ if(ent->d_name[0] == '.') {
+ continue;
+ }
+
+ char filename[PATH_MAX];
+ snprintf(filename, sizeof(filename), "%s" SLASH "%s", dirname, ent->d_name);
+
+ if(unlink(filename)) {
+ deltree(filename);
+ }
+ }
- return (config_t *) xmalloc_and_zero(sizeof(config_t));
+ closedir(d);
+ }
+
+ rmdir(dirname);
}
-void free_config(config_t *cfg)
-{
- cp();
+bool sync_path(const char *pathname) {
+ assert(pathname);
- if(cfg->variable)
- free(cfg->variable);
+ int fd = open(pathname, O_RDONLY);
+
+ if(fd < 0) {
+ logger(NULL, MESHLINK_ERROR, "Failed to open %s: %s\n", pathname, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
+ }
- if(cfg->value)
- free(cfg->value);
+ if(fsync(fd)) {
+ logger(NULL, MESHLINK_ERROR, "Failed to sync %s: %s\n", pathname, strerror(errno));
+ close(fd);
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
+ }
- if(cfg->file)
- free(cfg->file);
+ if(close(fd)) {
+ logger(NULL, MESHLINK_ERROR, "Failed to close %s: %s\n", pathname, strerror(errno));
+ close(fd);
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
+ }
- free(cfg);
+ return true;
}
-void config_add(avl_tree_t *config_tree, config_t *cfg)
-{
- cp();
+/// Try decrypting the main configuration file from the given sub-directory.
+static bool main_config_decrypt(meshlink_handle_t *mesh, const char *conf_subdir) {
+ assert(mesh->config_key);
+ assert(mesh->confbase);
+ assert(conf_subdir);
+
+ config_t config;
- avl_insert(config_tree, cfg);
+ if(!main_config_read(mesh, conf_subdir, &config, mesh->config_key)) {
+ logger(mesh, MESHLINK_ERROR, "Could not read main configuration file");
+ return false;
+ }
+
+ packmsg_input_t in = {config.buf, config.len};
+
+ uint32_t version = packmsg_get_uint32(&in);
+ config_free(&config);
+
+ return version == MESHLINK_CONFIG_VERSION;
}
-config_t *lookup_config(const avl_tree_t *config_tree, char *variable)
-{
- config_t cfg, *found;
+/// Create a fresh configuration directory
+bool config_init(meshlink_handle_t *mesh, const char *conf_subdir) {
+ assert(conf_subdir);
- cp();
+ if(!mesh->confbase) {
+ return true;
+ }
- cfg.variable = variable;
- cfg.file = "";
- cfg.line = 0;
+ char path[PATH_MAX];
- found = avl_search_closest_greater(config_tree, &cfg);
+ // Create "current" sub-directory in the confbase
+ snprintf(path, sizeof(path), "%s" SLASH "%s", mesh->confbase, conf_subdir);
+ deltree(path);
- if(!found)
- return NULL;
+ if(mkdir(path, 0700)) {
+ logger(mesh, MESHLINK_DEBUG, "Could not create directory %s: %s\n", path, strerror(errno));
+ return false;
+ }
- if(strcasecmp(found->variable, variable))
- return NULL;
+ make_host_path(mesh, conf_subdir, "", path, sizeof(path));
+
+ if(mkdir(path, 0700)) {
+ logger(mesh, MESHLINK_DEBUG, "Could not create directory %s: %s\n", path, strerror(errno));
+ return false;
+ }
- return found;
+ make_invitation_path(mesh, conf_subdir, "", path, sizeof(path));
+
+ if(mkdir(path, 0700)) {
+ logger(mesh, MESHLINK_DEBUG, "Could not create directory %s: %s\n", path, strerror(errno));
+ return false;
+ }
+
+ return true;
}
-config_t *lookup_config_next(const avl_tree_t *config_tree, const config_t *cfg)
-{
- avl_node_t *node;
- config_t *found;
+/// Wipe an existing configuration directory
+bool config_destroy(const char *confbase, const char *conf_subdir) {
+ assert(conf_subdir);
- cp();
+ if(!confbase) {
+ return true;
+ }
- node = avl_search_node(config_tree, cfg);
+ struct stat st;
- if(node) {
- if(node->next) {
- found = (config_t *) node->next->data;
+ char path[PATH_MAX];
- if(!strcasecmp(found->variable, cfg->variable))
- return found;
+ // Check the presence of configuration base sub directory.
+ snprintf(path, sizeof(path), "%s" SLASH "%s", confbase, conf_subdir);
+
+ if(stat(path, &st)) {
+ if(errno == ENOENT) {
+ return true;
+ } else {
+ logger(NULL, MESHLINK_ERROR, "Cannot stat %s: %s\n", path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
+ }
+ }
+
+ // Remove meshlink.conf
+ snprintf(path, sizeof(path), "%s" SLASH "%s" SLASH "meshlink.conf", confbase, conf_subdir);
+
+ if(unlink(path)) {
+ if(errno != ENOENT) {
+ logger(NULL, MESHLINK_ERROR, "Cannot delete %s: %s\n", path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
}
}
- return NULL;
+ snprintf(path, sizeof(path), "%s" SLASH "%s", confbase, conf_subdir);
+ deltree(path);
+ return true;
}
-bool get_config_bool(const config_t *cfg, bool *result)
-{
- cp();
+static bool copytree(const char *src_dir_name, const void *src_key, const char *dst_dir_name, const void *dst_key) {
+ assert(src_dir_name);
+ assert(dst_dir_name);
+
+ char src_filename[PATH_MAX];
+ char dst_filename[PATH_MAX];
+ struct dirent *ent;
- if(!cfg)
+ DIR *src_dir = opendir(src_dir_name);
+
+ if(!src_dir) {
+ logger(NULL, MESHLINK_ERROR, "Could not open directory file %s\n", src_dir_name);
return false;
+ }
- if(!strcasecmp(cfg->value, "yes")) {
- *result = true;
- return true;
- } else if(!strcasecmp(cfg->value, "no")) {
- *result = false;
- return true;
+ // Delete if already exists and create a new destination directory
+ deltree(dst_dir_name);
+
+ if(mkdir(dst_dir_name, 0700)) {
+ logger(NULL, MESHLINK_ERROR, "Could not create directory %s\n", dst_filename);
+ return false;
+ }
+
+ while((ent = readdir(src_dir))) {
+ if(ent->d_name[0] == '.') {
+ continue;
+ }
+
+ snprintf(dst_filename, sizeof(dst_filename), "%s" SLASH "%s", dst_dir_name, ent->d_name);
+ snprintf(src_filename, sizeof(src_filename), "%s" SLASH "%s", src_dir_name, ent->d_name);
+
+ if(ent->d_type == DT_DIR) {
+ if(!copytree(src_filename, src_key, dst_filename, dst_key)) {
+ logger(NULL, MESHLINK_ERROR, "Copying %s to %s failed\n", src_filename, dst_filename);
+ return false;
+ }
+
+ if(!sync_path(dst_filename)) {
+ return false;
+ }
+ } else if(ent->d_type == DT_REG) {
+ struct stat st;
+ config_t config;
+
+ if(stat(src_filename, &st)) {
+ logger(NULL, MESHLINK_ERROR, "Could not stat file `%s': %s\n", src_filename, strerror(errno));
+ return false;
+ }
+
+ FILE *f = fopen(src_filename, "r");
+
+ if(!f) {
+ logger(NULL, MESHLINK_ERROR, "Failed to open `%s': %s\n", src_filename, strerror(errno));
+ return false;
+ }
+
+ if(!config_read_file(NULL, f, &config, src_key)) {
+ logger(NULL, MESHLINK_ERROR, "Failed to read `%s': %s\n", src_filename, strerror(errno));
+ fclose(f);
+ return false;
+ }
+
+ if(fclose(f)) {
+ logger(NULL, MESHLINK_ERROR, "Failed to close `%s': %s\n", src_filename, strerror(errno));
+ config_free(&config);
+ return false;
+ }
+
+ f = fopen(dst_filename, "w");
+
+ if(!f) {
+ logger(NULL, MESHLINK_ERROR, "Failed to open `%s': %s", dst_filename, strerror(errno));
+ config_free(&config);
+ return false;
+ }
+
+ if(!config_write_file(NULL, f, &config, dst_key)) {
+ logger(NULL, MESHLINK_ERROR, "Failed to write `%s': %s", dst_filename, strerror(errno));
+ config_free(&config);
+ fclose(f);
+ return false;
+ }
+
+ if(fclose(f)) {
+ logger(NULL, MESHLINK_ERROR, "Failed to close `%s': %s", dst_filename, strerror(errno));
+ config_free(&config);
+ return false;
+ }
+
+ config_free(&config);
+
+ struct utimbuf times;
+ times.modtime = st.st_mtime;
+ times.actime = st.st_atime;
+
+ if(utime(dst_filename, ×)) {
+ logger(NULL, MESHLINK_ERROR, "Failed to utime `%s': %s", dst_filename, strerror(errno));
+ return false;
+ }
+ }
}
- logger(LOG_ERR, _("\"yes\" or \"no\" expected for configuration variable %s in %s line %d"),
- cfg->variable, cfg->file, cfg->line);
+ closedir(src_dir);
+ return true;
+}
+
+bool config_copy(meshlink_handle_t *mesh, const char *src_dir_name, const void *src_key, const char *dst_dir_name, const void *dst_key) {
+ assert(src_dir_name);
+ assert(dst_dir_name);
+
+ char src_filename[PATH_MAX];
+ char dst_filename[PATH_MAX];
- return false;
+ snprintf(dst_filename, sizeof(dst_filename), "%s" SLASH "%s", mesh->confbase, dst_dir_name);
+ snprintf(src_filename, sizeof(src_filename), "%s" SLASH "%s", mesh->confbase, src_dir_name);
+
+ return copytree(src_filename, src_key, dst_filename, dst_key);
}
-bool get_config_int(const config_t *cfg, int *result)
-{
- cp();
+/// Check the presence of the main configuration file.
+bool main_config_exists(meshlink_handle_t *mesh, const char *conf_subdir) {
+ assert(conf_subdir);
- if(!cfg)
+ if(!mesh->confbase) {
return false;
+ }
- if(sscanf(cfg->value, "%d", result) == 1)
- return true;
+ char path[PATH_MAX];
+ make_main_path(mesh, conf_subdir, path, sizeof(path));
+ return access(path, F_OK) == 0;
+}
+
+bool config_rename(meshlink_handle_t *mesh, const char *old_conf_subdir, const char *new_conf_subdir) {
+ assert(old_conf_subdir);
+ assert(new_conf_subdir);
+
+ if(!mesh->confbase) {
+ return false;
+ }
+
+ char old_path[PATH_MAX];
+ char new_path[PATH_MAX];
- logger(LOG_ERR, _("Integer expected for configuration variable %s in %s line %d"),
- cfg->variable, cfg->file, cfg->line);
+ snprintf(old_path, sizeof(old_path), "%s" SLASH "%s", mesh->confbase, old_conf_subdir);
+ snprintf(new_path, sizeof(new_path), "%s" SLASH "%s", mesh->confbase, new_conf_subdir);
- return false;
+ return rename(old_path, new_path) == 0;
}
-bool get_config_string(const config_t *cfg, char **result)
-{
- cp();
+bool config_sync(meshlink_handle_t *mesh, const char *conf_subdir) {
+ assert(conf_subdir);
- if(!cfg)
+ if(!mesh->confbase) {
+ return true;
+ }
+
+ char path[PATH_MAX];
+ snprintf(path, sizeof(path), "%s" SLASH "%s" SLASH "hosts", mesh->confbase, conf_subdir);
+
+ if(!sync_path(path)) {
return false;
+ }
+
+ snprintf(path, sizeof(path), "%s" SLASH "%s", mesh->confbase, conf_subdir);
- *result = xstrdup(cfg->value);
+ if(!sync_path(path)) {
+ return false;
+ }
return true;
}
-bool get_config_address(const config_t *cfg, struct addrinfo **result)
-{
- struct addrinfo *ai;
+bool meshlink_confbase_exists(meshlink_handle_t *mesh) {
+ if(!mesh->confbase) {
+ return false;
+ }
- cp();
+ bool confbase_exists = false;
+ bool confbase_decryptable = false;
- if(!cfg)
- return false;
+ if(main_config_exists(mesh, "current")) {
+ confbase_exists = true;
- ai = str2addrinfo(cfg->value, NULL, 0);
+ if(mesh->config_key && main_config_decrypt(mesh, "current")) {
+ confbase_decryptable = true;
+ }
+ }
- if(ai) {
- *result = ai;
- return true;
+ if(mesh->config_key && !confbase_decryptable && main_config_exists(mesh, "new")) {
+ confbase_exists = true;
+
+ if(main_config_decrypt(mesh, "new")) {
+ if(!config_destroy(mesh->confbase, "current")) {
+ return false;
+ }
+
+ if(!config_rename(mesh, "new", "current")) {
+ return false;
+ }
+
+ confbase_decryptable = true;
+ }
}
- logger(LOG_ERR, _("Hostname or IP address expected for configuration variable %s in %s line %d"),
- cfg->variable, cfg->file, cfg->line);
+ if(mesh->config_key && !confbase_decryptable && main_config_exists(mesh, "old")) {
+ confbase_exists = true;
+
+ if(main_config_decrypt(mesh, "old")) {
+ if(!config_destroy(mesh->confbase, "current")) {
+ return false;
+ }
+
+ if(!config_rename(mesh, "old", "current")) {
+ return false;
+ }
+
+ confbase_decryptable = true;
+ }
+ }
- return false;
+ // Cleanup if current is existing with old and new
+ if(confbase_exists && confbase_decryptable) {
+ if(!config_destroy(mesh->confbase, "old") || !config_destroy(mesh->confbase, "new")) {
+ return false;
+ }
+ }
+
+ return confbase_exists;
}
-bool get_config_subnet(const config_t *cfg, subnet_t ** result)
-{
- subnet_t *subnet;
+/// Lock the main configuration file. Creates confbase if necessary.
+bool main_config_lock(meshlink_handle_t *mesh) {
+ if(!mesh->confbase) {
+ return true;
+ }
- cp();
+ if(mkdir(mesh->confbase, 0700) && errno != EEXIST) {
+ logger(NULL, MESHLINK_ERROR, "Cannot create configuration directory %s: %s", mesh->confbase, strerror(errno));
+ meshlink_close(mesh);
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return NULL;
+ }
- if(!cfg)
- return false;
+ char path[PATH_MAX];
+ snprintf(path, sizeof(path), "%s" SLASH "meshlink.lock", mesh->confbase);
- subnet = str2net(cfg->value);
+ mesh->lockfile = fopen(path, "w+");
- if(!subnet) {
- logger(LOG_ERR, _("Subnet expected for configuration variable %s in %s line %d"),
- cfg->variable, cfg->file, cfg->line);
+ if(!mesh->lockfile) {
+ logger(NULL, MESHLINK_ERROR, "Cannot not open %s: %s\n", path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
return false;
}
- /* Teach newbies what subnets are... */
+#ifdef FD_CLOEXEC
+ fcntl(fileno(mesh->lockfile), F_SETFD, FD_CLOEXEC);
+#endif
+
+#ifdef HAVE_MINGW
+ // TODO: use _locking()?
+#else
- if(((subnet->type == SUBNET_IPV4)
- && !maskcheck(&subnet->net.ipv4.address, subnet->net.ipv4.prefixlength, sizeof(ipv4_t)))
- || ((subnet->type == SUBNET_IPV6)
- && !maskcheck(&subnet->net.ipv6.address, subnet->net.ipv6.prefixlength, sizeof(ipv6_t)))) {
- logger(LOG_ERR, _ ("Network address and prefix length do not match for configuration variable %s in %s line %d"),
- cfg->variable, cfg->file, cfg->line);
- free(subnet);
+ if(flock(fileno(mesh->lockfile), LOCK_EX | LOCK_NB) != 0) {
+ logger(NULL, MESHLINK_ERROR, "Cannot lock %s: %s\n", path, strerror(errno));
+ fclose(mesh->lockfile);
+ mesh->lockfile = NULL;
+ meshlink_errno = MESHLINK_EBUSY;
return false;
}
- *result = subnet;
+#endif
return true;
}
-/*
- Read exactly one line and strip the trailing newline if any. If the
- file was on EOF, return NULL. Otherwise, return all the data in a
- dynamically allocated buffer.
-
- If line is non-NULL, it will be used as an initial buffer, to avoid
- unnecessary mallocing each time this function is called. If buf is
- given, and buf needs to be expanded, the var pointed to by buflen
- will be increased.
-*/
-static char *readline(FILE * fp, char **buf, size_t *buflen)
-{
- char *newline = NULL;
- char *p;
- char *line; /* The array that contains everything that has been read so far */
- char *idx; /* Read into this pointer, which points to an offset within line */
- size_t size, newsize; /* The size of the current array pointed to by line */
- size_t maxlen; /* Maximum number of characters that may be read with fgets. This is newsize - oldsize. */
-
- if(feof(fp))
- return NULL;
-
- if(buf && buflen) {
- size = *buflen;
- line = *buf;
- } else {
- size = 100;
- line = xmalloc(size);
+/// Unlock the main configuration file.
+void main_config_unlock(meshlink_handle_t *mesh) {
+ if(mesh->lockfile) {
+ fclose(mesh->lockfile);
+ mesh->lockfile = NULL;
}
+}
- maxlen = size;
- idx = line;
- *idx = 0;
+/// Read a configuration file from a FILE handle.
+bool config_read_file(meshlink_handle_t *mesh, FILE *f, config_t *config, const void *key) {
+ assert(f);
- for(;;) {
- errno = 0;
- p = fgets(idx, maxlen, fp);
+ long len;
- if(!p) { /* EOF or error */
- if(feof(fp))
- break;
+ if(fseek(f, 0, SEEK_END) || !(len = ftell(f)) || fseek(f, 0, SEEK_SET)) {
+ logger(mesh, MESHLINK_ERROR, "Cannot get config file size: %s\n", strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
+ }
- /* otherwise: error; let the calling function print an error message if applicable */
- free(line);
- return NULL;
+ uint8_t *buf = xmalloc(len);
+
+ if(fread(buf, len, 1, f) != 1) {
+ logger(mesh, MESHLINK_ERROR, "Cannot read config file: %s\n", strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
+ }
+
+ if(key) {
+ uint8_t *decrypted = xmalloc(len);
+ size_t decrypted_len = len;
+ chacha_poly1305_ctx_t *ctx = chacha_poly1305_init();
+ chacha_poly1305_set_key(ctx, key);
+
+ if(len > 12 && chacha_poly1305_decrypt_iv96(ctx, buf, buf + 12, len - 12, decrypted, &decrypted_len)) {
+ chacha_poly1305_exit(ctx);
+ free(buf);
+ config->buf = decrypted;
+ config->len = decrypted_len;
+ return true;
+ } else {
+ logger(mesh, MESHLINK_ERROR, "Cannot decrypt config file\n");
+ meshlink_errno = MESHLINK_ESTORAGE;
+ chacha_poly1305_exit(ctx);
+ free(decrypted);
+ free(buf);
+ return false;
}
+ }
+
+ config->buf = buf;
+ config->len = len;
- newline = strchr(p, '\n');
+ return true;
+}
+
+/// Write a configuration file to a FILE handle.
+bool config_write_file(meshlink_handle_t *mesh, FILE *f, const config_t *config, const void *key) {
+ assert(f);
+
+ if(key) {
+ uint8_t buf[config->len + 16];
+ size_t len = sizeof(buf);
+ uint8_t seqbuf[12];
+ randomize(&seqbuf, sizeof(seqbuf));
+ chacha_poly1305_ctx_t *ctx = chacha_poly1305_init();
+ chacha_poly1305_set_key(ctx, key);
+ bool success = false;
- if(!newline) { /* We haven't yet read everything to the end of the line */
- newsize = size << 1;
- line = xrealloc(line, newsize);
- idx = &line[size - 1];
- maxlen = newsize - size + 1;
- size = newsize;
+ if(chacha_poly1305_encrypt_iv96(ctx, seqbuf, config->buf, config->len, buf, &len)) {
+ success = fwrite(seqbuf, sizeof(seqbuf), 1, f) == 1 && fwrite(buf, len, 1, f) == 1;
+
+ if(!success) {
+ logger(mesh, MESHLINK_ERROR, "Cannot write config file: %s", strerror(errno));
+ }
+
+ meshlink_errno = MESHLINK_ESTORAGE;
} else {
- *newline = '\0'; /* kill newline */
- break; /* yay */
+ logger(mesh, MESHLINK_ERROR, "Cannot encrypt config file\n");
+ meshlink_errno = MESHLINK_ESTORAGE;
}
+
+ chacha_poly1305_exit(ctx);
+ return success;
+ }
+
+ if(fwrite(config->buf, config->len, 1, f) != 1) {
+ logger(mesh, MESHLINK_ERROR, "Cannot write config file: %s", strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
}
- if(buf && buflen) {
- *buflen = size;
- *buf = line;
+ if(fflush(f)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to flush file: %s", strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
}
- return line;
+ if(fsync(fileno(f))) {
+ logger(mesh, MESHLINK_ERROR, "Failed to sync file: %s\n", strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
+ }
+
+ return true;
}
-/*
- Parse a configuration file and put the results in the configuration tree
- starting at *base.
-*/
-int read_config_file(avl_tree_t *config_tree, const char *fname)
-{
- int err = -2; /* Parse error */
- FILE *fp;
- char *buffer, *line;
- char *variable, *value;
- int lineno = 0;
- int len;
- bool ignore = false;
- config_t *cfg;
- size_t bufsize;
+/// Free resources of a loaded configuration file.
+void config_free(config_t *config) {
+ assert(!config->len || config->buf);
- cp();
+ free((uint8_t *)config->buf);
+ config->buf = NULL;
+ config->len = 0;
+}
- fp = fopen(fname, "r");
+/// Check the presence of a host configuration file.
+bool config_exists(meshlink_handle_t *mesh, const char *conf_subdir, const char *name) {
+ assert(conf_subdir);
- if(!fp) {
- logger(LOG_ERR, _("Cannot open config file %s: %s"), fname,
- strerror(errno));
- return -3;
+ if(!mesh->confbase) {
+ return false;
}
- bufsize = 100;
- buffer = xmalloc(bufsize);
+ char path[PATH_MAX];
+ make_host_path(mesh, conf_subdir, name, path, sizeof(path));
- for(;;) {
- line = readline(fp, &buffer, &bufsize);
+ return access(path, F_OK) == 0;
+}
- if(!line) {
- err = -1;
- break;
- }
+/// Read a host configuration file.
+bool config_read(meshlink_handle_t *mesh, const char *conf_subdir, const char *name, config_t *config, void *key) {
+ assert(conf_subdir);
- if(feof(fp)) {
- err = 0;
- break;
- }
+ if(!mesh->confbase) {
+ return false;
+ }
- lineno++;
+ char path[PATH_MAX];
+ make_host_path(mesh, conf_subdir, name, path, sizeof(path));
- if(*line == '#')
- continue;
+ FILE *f = fopen(path, "r");
- if(ignore) {
- if(!strncmp(line, "-----END", 8))
- ignore = false;
+ if(!f) {
+ logger(mesh, MESHLINK_ERROR, "Failed to open `%s': %s", path, strerror(errno));
+ return false;
+ }
+
+ if(!config_read_file(mesh, f, config, key)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to read `%s': %s", path, strerror(errno));
+ fclose(f);
+ return false;
+ }
+
+ fclose(f);
+
+ return true;
+}
+
+bool config_scan_all(meshlink_handle_t *mesh, const char *conf_subdir, const char *conf_type, config_scan_action_t action, void *arg) {
+ assert(conf_subdir);
+ assert(conf_type);
+
+ if(!mesh->confbase) {
+ return true;
+ }
+
+ DIR *dir;
+ struct dirent *ent;
+ char dname[PATH_MAX];
+ snprintf(dname, sizeof(dname), "%s" SLASH "%s" SLASH "%s", mesh->confbase, conf_subdir, conf_type);
+
+ dir = opendir(dname);
+
+ if(!dir) {
+ logger(mesh, MESHLINK_ERROR, "Could not open %s: %s", dname, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
+ }
+
+ while((ent = readdir(dir))) {
+ if(ent->d_name[0] == '.') {
continue;
}
-
- if(!strncmp(line, "-----BEGIN", 10)) {
- ignore = true;
- continue;
+
+ if(!action(mesh, ent->d_name, arg)) {
+ closedir(dir);
+ return false;
}
+ }
- variable = value = line;
+ closedir(dir);
+ return true;
+}
- len = strcspn(value, "\t =");
- value += len;
- value += strspn(value, "\t ");
- if(*value == '=') {
- value++;
- value += strspn(value, "\t ");
- }
- variable[len] = '\0';
+/// Write a host configuration file.
+bool config_write(meshlink_handle_t *mesh, const char *conf_subdir, const char *name, const config_t *config, void *key) {
+ assert(conf_subdir);
+ assert(name);
+ assert(config);
- if(!*value) {
- logger(LOG_ERR, _("No value for variable `%s' on line %d while reading config file %s"),
- variable, lineno, fname);
- break;
- }
+ if(!mesh->confbase) {
+ return true;
+ }
+
+ char path[PATH_MAX];
+ char tmp_path[PATH_MAX + 4];
+ make_host_path(mesh, conf_subdir, name, path, sizeof(path));
+ snprintf(tmp_path, sizeof(tmp_path), "%s.tmp", path);
- cfg = new_config();
- cfg->variable = xstrdup(variable);
- cfg->value = xstrdup(value);
- cfg->file = xstrdup(fname);
- cfg->line = lineno;
+ FILE *f = fopen(tmp_path, "w");
- config_add(config_tree, cfg);
+ if(!f) {
+ logger(mesh, MESHLINK_ERROR, "Failed to open `%s': %s", tmp_path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
}
- free(buffer);
- fclose(fp);
+ if(!config_write_file(mesh, f, config, key)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to write `%s': %s", tmp_path, strerror(errno));
+ fclose(f);
+ return false;
+ }
- return err;
-}
+ if(fclose(f)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to close `%s': %s", tmp_path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
+ }
-bool read_server_config()
-{
- char *fname;
- int x;
+ if(rename(tmp_path, path)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to rename `%s' to `%s': %s", tmp_path, path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
+ }
- cp();
+ return true;
+}
- asprintf(&fname, "%s/tinc.conf", confbase);
- x = read_config_file(config_tree, fname);
+/// Delete a host configuration file.
+bool config_delete(meshlink_handle_t *mesh, const char *conf_subdir, const char *name) {
+ assert(conf_subdir);
+ assert(name);
- if(x == -1) { /* System error: complain */
- logger(LOG_ERR, _("Failed to read `%s': %s"), fname, strerror(errno));
+ if(!mesh->confbase) {
+ return true;
}
- free(fname);
+ char path[PATH_MAX];
+ make_host_path(mesh, conf_subdir, name, path, sizeof(path));
+
+ if(unlink(path) && errno != ENOENT) {
+ logger(mesh, MESHLINK_ERROR, "Failed to unlink `%s': %s", path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
+ }
- return x == 0;
+ return true;
}
-bool is_safe_path(const char *file)
-{
-#if !(defined(HAVE_CYGWIN) || defined(HAVE_MINGW))
- char *p;
- const char *f;
- char x;
- struct stat s;
- char l[MAXBUFSIZE];
+/// Read the main configuration file.
+bool main_config_read(meshlink_handle_t *mesh, const char *conf_subdir, config_t *config, void *key) {
+ assert(conf_subdir);
+ assert(config);
+
+ if(!mesh->confbase) {
+ return false;
+ }
+
+ char path[PATH_MAX];
+ make_main_path(mesh, conf_subdir, path, sizeof(path));
+
+ FILE *f = fopen(path, "r");
- if(*file != '/') {
- logger(LOG_ERR, _("`%s' is not an absolute path"), file);
+ if(!f) {
+ logger(mesh, MESHLINK_ERROR, "Failed to open `%s': %s", path, strerror(errno));
return false;
}
- p = strrchr(file, '/');
+ if(!config_read_file(mesh, f, config, key)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to read `%s': %s", path, strerror(errno));
+ fclose(f);
+ return false;
+ }
+
+ fclose(f);
- if(p == file) /* It's in the root */
- p++;
+ return true;
+}
+
+/// Write the main configuration file.
+bool main_config_write(meshlink_handle_t *mesh, const char *conf_subdir, const config_t *config, void *key) {
+ assert(conf_subdir);
+ assert(config);
+
+ if(!mesh->confbase) {
+ return true;
+ }
- x = *p;
- *p = '\0';
+ char path[PATH_MAX];
+ char tmp_path[PATH_MAX + 4];
+ make_main_path(mesh, conf_subdir, path, sizeof(path));
+ snprintf(tmp_path, sizeof(tmp_path), "%s.tmp", path);
- f = file;
+ FILE *f = fopen(tmp_path, "w");
-check1:
- if(lstat(f, &s) < 0) {
- logger(LOG_ERR, _("Couldn't stat `%s': %s"), f, strerror(errno));
+ if(!f) {
+ logger(mesh, MESHLINK_ERROR, "Failed to open `%s': %s", tmp_path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
return false;
}
- if(s.st_uid != geteuid()) {
- logger(LOG_ERR, _("`%s' is owned by UID %d instead of %d"),
- f, s.st_uid, geteuid());
+ if(!config_write_file(mesh, f, config, key)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to write `%s': %s", tmp_path, strerror(errno));
+ fclose(f);
return false;
}
- if(S_ISLNK(s.st_mode)) {
- logger(LOG_WARNING, _("Warning: `%s' is a symlink"), f);
+ if(rename(tmp_path, path)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to rename `%s' to `%s': %s", tmp_path, path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ fclose(f);
+ return false;
+ }
- if(readlink(f, l, MAXBUFSIZE) < 0) {
- logger(LOG_ERR, _("Unable to read symbolic link `%s': %s"), f,
- strerror(errno));
- return false;
+ if(fclose(f)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to close `%s': %s", tmp_path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
+ }
+
+ return true;
+}
+
+/// Read an invitation file from the confbase sub-directory, and immediately delete it.
+bool invitation_read(meshlink_handle_t *mesh, const char *conf_subdir, const char *name, config_t *config, void *key) {
+ assert(conf_subdir);
+ assert(name);
+ assert(config);
+
+ if(!mesh->confbase) {
+ return false;
+ }
+
+ char path[PATH_MAX];
+ char used_path[PATH_MAX];
+ make_invitation_path(mesh, conf_subdir, name, path, sizeof(path));
+ make_used_invitation_path(mesh, conf_subdir, name, used_path, sizeof(used_path));
+
+ // Atomically rename the invitation file
+ if(rename(path, used_path)) {
+ if(errno == ENOENT) {
+ logger(mesh, MESHLINK_ERROR, "Peer tried to use non-existing invitation %s\n", name);
+ } else {
+ logger(mesh, MESHLINK_ERROR, "Error trying to rename invitation %s\n", name);
}
- f = l;
- goto check1;
+ return false;
}
- *p = x;
- f = file;
+ FILE *f = fopen(used_path, "r");
-check2:
- if(lstat(f, &s) < 0 && errno != ENOENT) {
- logger(LOG_ERR, _("Couldn't stat `%s': %s"), f, strerror(errno));
+ if(!f) {
+ logger(mesh, MESHLINK_ERROR, "Failed to open `%s': %s", path, strerror(errno));
return false;
}
- if(errno == ENOENT)
- return true;
+ // Check the timestamp
+ struct stat st;
- if(s.st_uid != geteuid()) {
- logger(LOG_ERR, _("`%s' is owned by UID %d instead of %d"),
- f, s.st_uid, geteuid());
+ if(fstat(fileno(f), &st)) {
+ logger(mesh, MESHLINK_ERROR, "Could not stat invitation file %s\n", name);
+ fclose(f);
+ unlink(used_path);
return false;
}
- if(S_ISLNK(s.st_mode)) {
- logger(LOG_WARNING, _("Warning: `%s' is a symlink"), f);
+ if(mesh->loop.now.tv_sec >= st.st_mtime + mesh->invitation_timeout) {
+ logger(mesh, MESHLINK_ERROR, "Peer tried to use an outdated invitation file %s\n", name);
+ fclose(f);
+ unlink(used_path);
+ return false;
+ }
- if(readlink(f, l, MAXBUFSIZE) < 0) {
- logger(LOG_ERR, _("Unable to read symbolic link `%s': %s"), f,
- strerror(errno));
- return false;
- }
+ if(!config_read_file(mesh, f, config, key)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to read `%s': %s", path, strerror(errno));
+ fclose(f);
+ unlink(used_path);
+ return false;
+ }
- f = l;
- goto check2;
+ fclose(f);
+
+ if(unlink(used_path)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to unlink `%s': %s", path, strerror(errno));
+ return false;
}
- if(s.st_mode & 0007) {
- /* Accessible by others */
- logger(LOG_ERR, _("`%s' has unsecure permissions"), f);
+ snprintf(path, sizeof(path), "%s" SLASH "%s" SLASH "invitations", mesh->confbase, conf_subdir);
+
+ if(!sync_path(path)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to sync `%s': %s", path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
return false;
}
-#endif
return true;
}
-FILE *ask_and_safe_open(const char *filename, const char *what, bool safe, const char *mode)
-{
- FILE *r;
- char *directory;
- char *fn;
-
- /* Check stdin and stdout */
- if(!isatty(0) || !isatty(1)) {
- /* Argh, they are running us from a script or something. Write
- the files to the current directory and let them burn in hell
- for ever. */
- fn = xstrdup(filename);
- } else {
- /* Ask for a file and/or directory name. */
- fprintf(stdout, _("Please enter a file to save %s to [%s]: "),
- what, filename);
- fflush(stdout);
-
- fn = readline(stdin, NULL, NULL);
-
- if(!fn) {
- fprintf(stderr, _("Error while reading stdin: %s\n"),
- strerror(errno));
- return NULL;
- }
+/// Write an invitation file.
+bool invitation_write(meshlink_handle_t *mesh, const char *conf_subdir, const char *name, const config_t *config, void *key) {
+ assert(conf_subdir);
+ assert(name);
+ assert(config);
- if(!strlen(fn))
- /* User just pressed enter. */
- fn = xstrdup(filename);
+ if(!mesh->confbase) {
+ return false;
}
- if(!strchr(fn, '/') || fn[0] != '/') {
- /* The directory is a relative path or a filename. */
- char *p;
+ char path[PATH_MAX];
+ make_invitation_path(mesh, conf_subdir, name, path, sizeof(path));
+
+ FILE *f = fopen(path, "w");
- directory = get_current_dir_name();
- asprintf(&p, "%s/%s", directory, fn);
- free(fn);
- free(directory);
- fn = p;
+ if(!f) {
+ logger(mesh, MESHLINK_ERROR, "Failed to open `%s': %s", path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
}
- umask(0077); /* Disallow everything for group and other */
+ if(!config_write_file(mesh, f, config, key)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to write `%s': %s", path, strerror(errno));
+ fclose(f);
+ return false;
+ }
- /* Open it first to keep the inode busy */
+ if(fclose(f)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to close `%s': %s", path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
+ }
- r = fopen(fn, mode);
+ snprintf(path, sizeof(path), "%s" SLASH "%s" SLASH "invitations", mesh->confbase, conf_subdir);
- if(!r) {
- fprintf(stderr, _("Error opening file `%s': %s\n"),
- fn, strerror(errno));
- free(fn);
- return NULL;
+ if(!sync_path(path)) {
+ logger(mesh, MESHLINK_ERROR, "Failed to sync `%s': %s", path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return false;
}
- /* Then check the file for nasty attacks */
- if(safe) {
- if(!is_safe_path(fn)) { /* Do not permit any directories that are readable or writeable by other users. */
- fprintf(stderr, _("The file `%s' (or any of the leading directories) has unsafe permissions.\n"
- "I will not create or overwrite this file.\n"), fn);
- fclose(r);
- free(fn);
- return NULL;
+ return true;
+}
+
+/// Purge old invitation files
+size_t invitation_purge_old(meshlink_handle_t *mesh, time_t deadline) {
+ if(!mesh->confbase) {
+ return true;
+ }
+
+ char path[PATH_MAX];
+ make_invitation_path(mesh, "current", "", path, sizeof(path));
+
+ DIR *dir = opendir(path);
+
+ if(!dir) {
+ logger(mesh, MESHLINK_DEBUG, "Could not read directory %s: %s\n", path, strerror(errno));
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return 0;
+ }
+
+ errno = 0;
+ size_t count = 0;
+ struct dirent *ent;
+
+ while((ent = readdir(dir))) {
+ if(strlen(ent->d_name) != 24) {
+ continue;
+ }
+
+ char invname[PATH_MAX];
+ struct stat st;
+
+ if(snprintf(invname, sizeof(invname), "%s" SLASH "%s", path, ent->d_name) >= PATH_MAX) {
+ logger(mesh, MESHLINK_DEBUG, "Filename too long: %s" SLASH "%s", path, ent->d_name);
+ continue;
+ }
+
+ if(!stat(invname, &st)) {
+ if(mesh->invitation_key && deadline < st.st_mtime) {
+ count++;
+ } else {
+ unlink(invname);
+ }
+ } else {
+ logger(mesh, MESHLINK_DEBUG, "Could not stat %s: %s\n", invname, strerror(errno));
+ errno = 0;
}
}
- free(fn);
+ if(errno) {
+ logger(mesh, MESHLINK_DEBUG, "Error while reading directory %s: %s\n", path, strerror(errno));
+ closedir(dir);
+ meshlink_errno = MESHLINK_ESTORAGE;
+ return 0;
+ }
+
+ closedir(dir);
- return r;
+ return count;
}