X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=src%2Ffrontend%2Fconnection.c;h=cf610ac45a06951a82c00644a943ef43d5da8ced;hb=d81bfcccccea93ac261b75814e530a5fc50cfc58;hp=6cad74788cbef796e42ef01a3fd6f334430fdabd;hpb=a5673017588c548a6a8e4fcb1ec44ffc27816d06;p=sysdb.git diff --git a/src/frontend/connection.c b/src/frontend/connection.c index 6cad747..cf610ac 100644 --- a/src/frontend/connection.c +++ b/src/frontend/connection.c @@ -25,6 +25,10 @@ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + #include "sysdb.h" #include "core/object.h" #include "core/plugin.h" @@ -42,6 +46,19 @@ #include #include +#include +#include +#include + +#ifdef HAVE_UCRED_H +# include +#endif +#ifdef HAVE_SYS_UCRED_H +# include +#endif + +#include + #include /* @@ -49,7 +66,7 @@ */ static pthread_key_t conn_ctx_key; -static _Bool conn_ctx_key_initialized = 0; +static bool conn_ctx_key_initialized = 0; /* * private types @@ -59,6 +76,36 @@ static _Bool conn_ctx_key_initialized = 0; #define CONN_FD_PREFIX "conn#" #define CONN_FD_PLACEHOLDER "XXXXXXX" +/* XXX: only supports UNIX sockets so far */ +static char * +peer(int sockfd) +{ + uid_t uid; + + struct passwd pw_entry; + struct passwd *result = NULL; + char buf[1024]; + +#ifdef SO_PEERCRED + struct ucred cred; + socklen_t len = sizeof(cred); + + if (getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cred, &len) + || (len != sizeof(cred))) + return NULL; + uid = cred.uid; +#else /* SO_PEERCRED */ + errno = ENOSYS; + return NULL; +#endif + + memset(&pw_entry, 0, sizeof(pw_entry)); + if (getpwuid_r(uid, &pw_entry, buf, sizeof(buf), &result) + || (! result)) + return NULL; + return strdup(result->pw_name); +} /* peer */ + static int connection_init(sdb_object_t *obj, va_list ap) { @@ -111,10 +158,20 @@ connection_init(sdb_object_t *obj, va_list ap) return -1; } + conn->username = peer(conn->fd); + if (! conn->username) { + char buf[1024]; + sdb_log(SDB_LOG_ERR, "frontend: Failed to retrieve peer for " + "connection conn#%i: %s", conn->fd, + sdb_strerror(errno, buf, sizeof(buf))); + return -1; + } + conn->ready = 0; + sdb_log(SDB_LOG_DEBUG, "frontend: Accepted connection on fd=%i", conn->fd); - conn->cmd = CONNECTION_IDLE; + conn->cmd = SDB_CONNECTION_IDLE; conn->cmd_len = 0; conn->skip_len = 0; @@ -241,47 +298,33 @@ connection_log(int prio, const char *msg, memcpy(tmp, &p, sizeof(p)); strcpy(tmp + sizeof(p), msg); - if (sdb_connection_send(conn, CONNECTION_LOG, len, tmp) < 0) + if (sdb_connection_send(conn, SDB_CONNECTION_LOG, len, tmp) < 0) return -1; return 0; } /* connection_log */ -static uint32_t -connection_get_int32(sdb_conn_t *conn, size_t offset) -{ - const char *data; - uint32_t n; - - assert(conn && (sdb_strbuf_len(conn->buf) >= offset + sizeof(uint32_t))); - - data = sdb_strbuf_string(conn->buf); - memcpy(&n, data + offset, sizeof(n)); - n = ntohl(n); - return n; -} /* connection_get_int32 */ - static int command_handle(sdb_conn_t *conn) { int status = -1; - assert(conn && (conn->cmd != CONNECTION_IDLE)); + assert(conn && (conn->cmd != SDB_CONNECTION_IDLE)); assert(! conn->skip_len); sdb_log(SDB_LOG_DEBUG, "frontend: Handling command %u (len: %u)", conn->cmd, conn->cmd_len); - if (conn->cmd == CONNECTION_PING) + if (conn->cmd == SDB_CONNECTION_PING) status = sdb_connection_ping(conn); - else if (conn->cmd == CONNECTION_STARTUP) + else if (conn->cmd == SDB_CONNECTION_STARTUP) status = sdb_fe_session_start(conn); - else if (conn->cmd == CONNECTION_QUERY) + else if (conn->cmd == SDB_CONNECTION_QUERY) status = sdb_fe_query(conn); - else if (conn->cmd == CONNECTION_FETCH) + else if (conn->cmd == SDB_CONNECTION_FETCH) status = sdb_fe_fetch(conn); - else if (conn->cmd == CONNECTION_LIST) + else if (conn->cmd == SDB_CONNECTION_LIST) status = sdb_fe_list(conn); - else if (conn->cmd == CONNECTION_LOOKUP) + else if (conn->cmd == SDB_CONNECTION_LOOKUP) status = sdb_fe_lookup(conn); else { sdb_log(SDB_LOG_WARNING, "frontend: Ignoring invalid command %#x", @@ -293,7 +336,7 @@ command_handle(sdb_conn_t *conn) if (status) { if (! sdb_strbuf_len(conn->errbuf)) sdb_strbuf_sprintf(conn->errbuf, "Failed to execute command"); - sdb_connection_send(conn, CONNECTION_ERROR, + sdb_connection_send(conn, SDB_CONNECTION_ERROR, (uint32_t)sdb_strbuf_len(conn->errbuf), sdb_strbuf_string(conn->errbuf)); } @@ -306,7 +349,7 @@ command_init(sdb_conn_t *conn) { const char *errmsg = NULL; - assert(conn && (conn->cmd == CONNECTION_IDLE) && (! conn->cmd_len)); + assert(conn && (conn->cmd == SDB_CONNECTION_IDLE) && (! conn->cmd_len)); if (conn->skip_len) return -1; @@ -314,24 +357,24 @@ command_init(sdb_conn_t *conn) /* reset */ sdb_strbuf_clear(conn->errbuf); - conn->cmd = connection_get_int32(conn, 0); - conn->cmd_len = connection_get_int32(conn, sizeof(uint32_t)); + conn->cmd = sdb_proto_get_int(conn->buf, 0); + conn->cmd_len = sdb_proto_get_int(conn->buf, sizeof(uint32_t)); sdb_strbuf_skip(conn->buf, 0, 2 * sizeof(uint32_t)); - if ((! conn->ready) && (conn->cmd != CONNECTION_STARTUP)) + if ((! conn->ready) && (conn->cmd != SDB_CONNECTION_STARTUP)) errmsg = "Authentication required"; - else if (conn->cmd == CONNECTION_IDLE) + else if (conn->cmd == SDB_CONNECTION_IDLE) errmsg = "Invalid command 0"; if (errmsg) { size_t len = sdb_strbuf_len(conn->buf); sdb_strbuf_sprintf(conn->errbuf, "%s", errmsg); - sdb_connection_send(conn, CONNECTION_ERROR, + sdb_connection_send(conn, SDB_CONNECTION_ERROR, (uint32_t)strlen(errmsg), errmsg); conn->skip_len += conn->cmd_len; - conn->cmd = CONNECTION_IDLE; + conn->cmd = SDB_CONNECTION_IDLE; conn->cmd_len = 0; if (len > conn->skip_len) @@ -419,12 +462,10 @@ sdb_connection_close(sdb_conn_t *conn) if (conn->fd >= 0) close(conn->fd); conn->fd = -1; - - sdb_object_deref(SDB_OBJ(conn)); } /* sdb_connection_close */ ssize_t -sdb_connection_read(sdb_conn_t *conn) +sdb_connection_handle(sdb_conn_t *conn) { ssize_t n = 0; @@ -433,17 +474,17 @@ sdb_connection_read(sdb_conn_t *conn) while (42) { ssize_t status = connection_read(conn); - if ((conn->cmd == CONNECTION_IDLE) && (! conn->cmd_len) + if ((conn->cmd == SDB_CONNECTION_IDLE) && (! conn->cmd_len) && (sdb_strbuf_len(conn->buf) >= 2 * sizeof(int32_t))) command_init(conn); - if ((conn->cmd != CONNECTION_IDLE) + if ((conn->cmd != SDB_CONNECTION_IDLE) && (sdb_strbuf_len(conn->buf) >= conn->cmd_len)) { command_handle(conn); /* remove the command from the buffer */ if (conn->cmd_len) sdb_strbuf_skip(conn->buf, 0, conn->cmd_len); - conn->cmd = CONNECTION_IDLE; + conn->cmd = SDB_CONNECTION_IDLE; conn->cmd_len = 0; } @@ -455,18 +496,21 @@ sdb_connection_read(sdb_conn_t *conn) sdb_conn_set_ctx(NULL); return n; -} /* sdb_connection_read */ +} /* sdb_connection_handle */ ssize_t sdb_connection_send(sdb_conn_t *conn, uint32_t code, uint32_t msg_len, const char *msg) { + char buf[2 * sizeof(uint32_t) + msg_len]; ssize_t status; if ((! conn) || (conn->fd < 0)) return -1; + if (sdb_proto_marshal(buf, sizeof(buf), code, msg_len, msg) < 0) + return -1; - status = sdb_proto_send_msg(conn->fd, code, msg_len, msg); + status = sdb_proto_send(conn->fd, sizeof(buf), buf); if (status < 0) { char errbuf[1024]; @@ -486,11 +530,11 @@ sdb_connection_send(sdb_conn_t *conn, uint32_t code, int sdb_connection_ping(sdb_conn_t *conn) { - if ((! conn) || (conn->cmd != CONNECTION_PING)) + if ((! conn) || (conn->cmd != SDB_CONNECTION_PING)) return -1; /* we're alive */ - sdb_connection_send(conn, CONNECTION_OK, 0, NULL); + sdb_connection_send(conn, SDB_CONNECTION_OK, 0, NULL); return 0; } /* sdb_connection_ping */