Include stddef.h if available.
[tinc] / src / fsck.c
1 /*
2     fsck.c -- Check the configuration files for problems
3     Copyright (C) 2014 Guus Sliepen <guus@tinc-vpn.org>
4
5     This program is free software; you can redistribute it and/or modify
6     it under the terms of the GNU General Public License as published by
7     the Free Software Foundation; either version 2 of the License, or
8     (at your option) any later version.
9
10     This program is distributed in the hope that it will be useful,
11     but WITHOUT ANY WARRANTY; without even the implied warranty of
12     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13     GNU General Public License for more details.
14
15     You should have received a copy of the GNU General Public License along
16     with this program; if not, write to the Free Software Foundation, Inc.,
17     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 */
19
20 #include "system.h"
21
22 #include "crypto.h"
23 #include "ecdsa.h"
24 #include "ecdsagen.h"
25 #include "fsck.h"
26 #include "names.h"
27 #ifndef DISABLE_LEGACY
28 #include "rsa.h"
29 #include "rsagen.h"
30 #endif
31 #include "tincctl.h"
32 #include "utils.h"
33
34 static bool ask_fix(void) {
35         if(force) {
36                 return true;
37         }
38
39         if(!tty) {
40                 return false;
41         }
42
43 again:
44         fprintf(stderr, "Fix y/n? ");
45         char buf[1024];
46
47         if(!fgets(buf, sizeof(buf), stdin)) {
48                 tty = false;
49                 return false;
50         }
51
52         if(buf[0] == 'y' || buf[0] == 'Y') {
53                 return true;
54         }
55
56         if(buf[0] == 'n' || buf[0] == 'N') {
57                 return false;
58         }
59
60         goto again;
61 }
62
63 static void print_tinc_cmd(const char *argv0, const char *format, ...) {
64         if(confbasegiven) {
65                 fprintf(stderr, "%s -c %s ", argv0, confbase);
66         } else if(netname) {
67                 fprintf(stderr, "%s -n %s ", argv0, netname);
68         } else {
69                 fprintf(stderr, "%s ", argv0);
70         }
71
72         va_list va;
73         va_start(va, format);
74         vfprintf(stderr, format, va);
75         va_end(va);
76         fputc('\n', stderr);
77 }
78
79 static int strtailcmp(const char *str, const char *tail) {
80         size_t slen = strlen(str);
81         size_t tlen = strlen(tail);
82
83         if(tlen > slen) {
84                 return -1;
85         }
86
87         return memcmp(str + slen - tlen, tail, tlen);
88 }
89
90 static void check_conffile(const char *fname, bool server) {
91         (void)server;
92
93         FILE *f = fopen(fname, "r");
94
95         if(!f) {
96                 fprintf(stderr, "ERROR: cannot read %s: %s\n", fname, strerror(errno));
97                 return;
98         }
99
100         char line[2048];
101         int lineno = 0;
102         bool skip = false;
103         const int maxvariables = 50;
104         int count[maxvariables];
105         memset(count, 0, sizeof(count));
106
107         while(fgets(line, sizeof(line), f)) {
108                 if(skip) {
109                         if(!strncmp(line, "-----END", 8)) {
110                                 skip = false;
111                         }
112
113                         continue;
114                 } else {
115                         if(!strncmp(line, "-----BEGIN", 10)) {
116                                 skip = true;
117                                 continue;
118                         }
119                 }
120
121                 int len;
122                 char *variable, *value, *eol;
123                 variable = value = line;
124
125                 lineno++;
126
127                 eol = line + strlen(line);
128
129                 while(strchr("\t \r\n", *--eol)) {
130                         *eol = '\0';
131                 }
132
133                 if(!line[0] || line[0] == '#') {
134                         continue;
135                 }
136
137                 len = strcspn(value, "\t =");
138                 value += len;
139                 value += strspn(value, "\t ");
140
141                 if(*value == '=') {
142                         value++;
143                         value += strspn(value, "\t ");
144                 }
145
146                 variable[len] = '\0';
147
148                 bool found = false;
149
150                 for(int i = 0; variables[i].name; i++) {
151                         if(strcasecmp(variables[i].name, variable)) {
152                                 continue;
153                         }
154
155                         found = true;
156
157                         if(variables[i].type & VAR_OBSOLETE) {
158                                 fprintf(stderr, "WARNING: obsolete variable %s in %s line %d\n", variable, fname, lineno);
159                         }
160
161                         if(i < maxvariables) {
162                                 count[i]++;
163                         }
164                 }
165
166                 if(!found) {
167                         fprintf(stderr, "WARNING: unknown variable %s in %s line %d\n", variable, fname, lineno);
168                 }
169
170                 if(!*value) {
171                         fprintf(stderr, "ERROR: no value for variable %s in %s line %d\n", variable, fname, lineno);
172                 }
173         }
174
175         for(int i = 0; variables[i].name && i < maxvariables; i++) {
176                 if(count[i] > 1 && !(variables[i].type & VAR_MULTIPLE)) {
177                         fprintf(stderr, "WARNING: multiple instances of variable %s in %s\n", variables[i].name, fname);
178                 }
179         }
180
181         if(ferror(f)) {
182                 fprintf(stderr, "ERROR: while reading %s: %s\n", fname, strerror(errno));
183         }
184
185         fclose(f);
186 }
187
188 int fsck(const char *argv0) {
189 #ifdef HAVE_MINGW
190         int uid = 0;
191 #else
192         uid_t uid = getuid();
193 #endif
194
195         // Check that tinc.conf is readable.
196
197         if(access(tinc_conf, R_OK)) {
198                 fprintf(stderr, "ERROR: cannot read %s: %s\n", tinc_conf, strerror(errno));
199
200                 if(errno == ENOENT) {
201                         fprintf(stderr, "No tinc configuration found. Create a new one with:\n\n");
202                         print_tinc_cmd(argv0, "init");
203                 } else if(errno == EACCES) {
204                         if(uid != 0) {
205                                 fprintf(stderr, "You are currently not running tinc as root. Use sudo?\n");
206                         } else {
207                                 fprintf(stderr, "Check the permissions of each component of the path %s.\n", tinc_conf);
208                         }
209                 }
210
211                 return 1;
212         }
213
214         char *name = get_my_name(true);
215
216         if(!name) {
217                 fprintf(stderr, "ERROR: tinc cannot run without a valid Name.\n");
218                 return 1;
219         }
220
221         // Check for private keys.
222         // TODO: use RSAPrivateKeyFile and Ed25519PrivateKeyFile variables if present.
223
224         struct stat st;
225         char fname[PATH_MAX];
226         char dname[PATH_MAX];
227
228 #ifndef DISABLE_LEGACY
229         rsa_t *rsa_priv = NULL;
230         snprintf(fname, sizeof(fname), "%s/rsa_key.priv", confbase);
231
232         if(stat(fname, &st)) {
233                 if(errno != ENOENT) {
234                         // Something is seriously wrong here. If we can access the directory with tinc.conf in it, we should certainly be able to stat() an existing file.
235                         fprintf(stderr, "ERROR: cannot read %s: %s\n", fname, strerror(errno));
236                         fprintf(stderr, "Please correct this error.\n");
237                         return 1;
238                 }
239         } else {
240                 FILE *f = fopen(fname, "r");
241
242                 if(!f) {
243                         fprintf(stderr, "ERROR: could not open %s: %s\n", fname, strerror(errno));
244                         return 1;
245                 }
246
247                 rsa_priv = rsa_read_pem_private_key(f);
248                 fclose(f);
249
250                 if(!rsa_priv) {
251                         fprintf(stderr, "ERROR: No key or unusable key found in %s.\n", fname);
252                         fprintf(stderr, "You can generate a new RSA key with:\n\n");
253                         print_tinc_cmd(argv0, "generate-rsa-keys");
254                         return 1;
255                 }
256
257 #ifndef HAVE_MINGW
258
259                 if(st.st_mode & 077) {
260                         fprintf(stderr, "WARNING: unsafe file permissions on %s.\n", fname);
261
262                         if(st.st_uid != uid) {
263                                 fprintf(stderr, "You are not running %s as the same uid as %s.\n", argv0, fname);
264                         } else if(ask_fix()) {
265                                 if(chmod(fname, st.st_mode & ~077)) {
266                                         fprintf(stderr, "ERROR: could not change permissions of %s: %s\n", fname, strerror(errno));
267                                 } else {
268                                         fprintf(stderr, "Fixed permissions of %s.\n", fname);
269                                 }
270                         }
271                 }
272
273 #endif
274         }
275
276 #endif
277
278         ecdsa_t *ecdsa_priv = NULL;
279         snprintf(fname, sizeof(fname), "%s/ed25519_key.priv", confbase);
280
281         if(stat(fname, &st)) {
282                 if(errno != ENOENT) {
283                         // Something is seriously wrong here. If we can access the directory with tinc.conf in it, we should certainly be able to stat() an existing file.
284                         fprintf(stderr, "ERROR: cannot read %s: %s\n", fname, strerror(errno));
285                         fprintf(stderr, "Please correct this error.\n");
286                         return 1;
287                 }
288         } else {
289                 FILE *f = fopen(fname, "r");
290
291                 if(!f) {
292                         fprintf(stderr, "ERROR: could not open %s: %s\n", fname, strerror(errno));
293                         return 1;
294                 }
295
296                 ecdsa_priv = ecdsa_read_pem_private_key(f);
297                 fclose(f);
298
299                 if(!ecdsa_priv) {
300                         fprintf(stderr, "ERROR: No key or unusable key found in %s.\n", fname);
301                         fprintf(stderr, "You can generate a new Ed25519 key with:\n\n");
302                         print_tinc_cmd(argv0, "generate-ed25519-keys");
303                         return 1;
304                 }
305
306 #ifndef HAVE_MINGW
307
308                 if(st.st_mode & 077) {
309                         fprintf(stderr, "WARNING: unsafe file permissions on %s.\n", fname);
310
311                         if(st.st_uid != uid) {
312                                 fprintf(stderr, "You are not running %s as the same uid as %s.\n", argv0, fname);
313                         } else if(ask_fix()) {
314                                 if(chmod(fname, st.st_mode & ~077)) {
315                                         fprintf(stderr, "ERROR: could not change permissions of %s: %s\n", fname, strerror(errno));
316                                 } else {
317                                         fprintf(stderr, "Fixed permissions of %s.\n", fname);
318                                 }
319                         }
320                 }
321
322 #endif
323         }
324
325 #ifdef DISABLE_LEGACY
326
327         if(!ecdsa_priv) {
328                 fprintf(stderr, "ERROR: No Ed25519 private key found.\n");
329 #else
330
331         if(!rsa_priv && !ecdsa_priv) {
332                 fprintf(stderr, "ERROR: Neither RSA or Ed25519 private key found.\n");
333 #endif
334                 fprintf(stderr, "You can generate new keys with:\n\n");
335                 print_tinc_cmd(argv0, "generate-keys");
336                 return 1;
337         }
338
339         // Check for public keys.
340         // TODO: use RSAPublicKeyFile variable if present.
341
342         snprintf(fname, sizeof(fname), "%s/hosts/%s", confbase, name);
343
344         if(access(fname, R_OK)) {
345                 fprintf(stderr, "WARNING: cannot read %s\n", fname);
346         }
347
348         FILE *f;
349
350 #ifndef DISABLE_LEGACY
351         rsa_t *rsa_pub = NULL;
352
353         f = fopen(fname, "r");
354
355         if(f) {
356                 rsa_pub = rsa_read_pem_public_key(f);
357                 fclose(f);
358         }
359
360         if(rsa_priv) {
361                 if(!rsa_pub) {
362                         fprintf(stderr, "WARNING: No (usable) public RSA key found.\n");
363
364                         if(ask_fix()) {
365                                 FILE *f = fopen(fname, "a");
366
367                                 if(f) {
368                                         if(rsa_write_pem_public_key(rsa_priv, f)) {
369                                                 fprintf(stderr, "Wrote RSA public key to %s.\n", fname);
370                                         } else {
371                                                 fprintf(stderr, "ERROR: could not write RSA public key to %s.\n", fname);
372                                         }
373
374                                         fclose(f);
375                                 } else {
376                                         fprintf(stderr, "ERROR: could not append to %s: %s\n", fname, strerror(errno));
377                                 }
378                         }
379                 } else {
380                         // TODO: suggest remedies
381                         size_t len = rsa_size(rsa_priv);
382
383                         if(len != rsa_size(rsa_pub)) {
384                                 fprintf(stderr, "ERROR: public and private RSA keys do not match.\n");
385                                 return 1;
386                         }
387
388                         char buf1[len], buf2[len], buf3[len];
389                         randomize(buf1, sizeof(buf1));
390                         buf1[0] &= 0x7f;
391                         memset(buf2, 0, sizeof(buf2));
392                         memset(buf3, 0, sizeof(buf2));
393
394                         if(!rsa_public_encrypt(rsa_pub, buf1, sizeof(buf1), buf2)) {
395                                 fprintf(stderr, "ERROR: public RSA key does not work.\n");
396                                 return 1;
397                         }
398
399                         if(!rsa_private_decrypt(rsa_priv, buf2, sizeof(buf2), buf3)) {
400                                 fprintf(stderr, "ERROR: private RSA key does not work.\n");
401                                 return 1;
402                         }
403
404                         if(memcmp(buf1, buf3, sizeof(buf1))) {
405                                 fprintf(stderr, "ERROR: public and private RSA keys do not match.\n");
406                                 return 1;
407                         }
408                 }
409         } else {
410                 if(rsa_pub) {
411                         fprintf(stderr, "WARNING: A public RSA key was found but no private key is known.\n");
412                 }
413         }
414
415 #endif
416
417         ecdsa_t *ecdsa_pub = NULL;
418
419         f = fopen(fname, "r");
420
421         if(f) {
422                 ecdsa_pub = get_pubkey(f);
423
424                 if(!ecdsa_pub) {
425                         rewind(f);
426                         ecdsa_pub = ecdsa_read_pem_public_key(f);
427                 }
428
429                 fclose(f);
430         }
431
432         if(ecdsa_priv) {
433                 if(!ecdsa_pub) {
434                         fprintf(stderr, "WARNING: No (usable) public Ed25519 key found.\n");
435
436                         if(ask_fix()) {
437                                 FILE *f = fopen(fname, "a");
438
439                                 if(f) {
440                                         if(ecdsa_write_pem_public_key(ecdsa_priv, f)) {
441                                                 fprintf(stderr, "Wrote Ed25519 public key to %s.\n", fname);
442                                         } else {
443                                                 fprintf(stderr, "ERROR: could not write Ed25519 public key to %s.\n", fname);
444                                         }
445
446                                         fclose(f);
447                                 } else {
448                                         fprintf(stderr, "ERROR: could not append to %s: %s\n", fname, strerror(errno));
449                                 }
450                         }
451                 } else {
452                         // TODO: suggest remedies
453                         char *key1 = ecdsa_get_base64_public_key(ecdsa_pub);
454
455                         if(!key1) {
456                                 fprintf(stderr, "ERROR: public Ed25519 key does not work.\n");
457                                 return 1;
458                         }
459
460                         char *key2 = ecdsa_get_base64_public_key(ecdsa_priv);
461
462                         if(!key2) {
463                                 free(key1);
464                                 fprintf(stderr, "ERROR: private Ed25519 key does not work.\n");
465                                 return 1;
466                         }
467
468                         int result = strcmp(key1, key2);
469                         free(key1);
470                         free(key2);
471
472                         if(result) {
473                                 fprintf(stderr, "ERROR: public and private Ed25519 keys do not match.\n");
474                                 return 1;
475                         }
476                 }
477         } else {
478                 if(ecdsa_pub) {
479                         fprintf(stderr, "WARNING: A public Ed25519 key was found but no private key is known.\n");
480                 }
481         }
482
483         // Check whether scripts are executable
484
485         struct dirent *ent;
486         DIR *dir = opendir(confbase);
487
488         if(!dir) {
489                 fprintf(stderr, "ERROR: cannot read directory %s: %s\n", confbase, strerror(errno));
490                 return 1;
491         }
492
493         while((ent = readdir(dir))) {
494                 if(strtailcmp(ent->d_name, "-up") && strtailcmp(ent->d_name, "-down")) {
495                         continue;
496                 }
497
498                 strncpy(fname, ent->d_name, sizeof(fname));
499                 char *dash = strrchr(fname, '-');
500
501                 if(!dash) {
502                         continue;
503                 }
504
505                 *dash = 0;
506
507                 if(strcmp(fname, "tinc") && strcmp(fname, "host") && strcmp(fname, "subnet")) {
508                         static bool explained = false;
509                         fprintf(stderr, "WARNING: Unknown script %s" SLASH "%s found.\n", confbase, ent->d_name);
510
511                         if(!explained) {
512                                 fprintf(stderr, "The only scripts in %s executed by tinc are:\n", confbase);
513                                 fprintf(stderr, "tinc-up, tinc-down, host-up, host-down, subnet-up and subnet-down.\n");
514                                 explained = true;
515                         }
516
517                         continue;
518                 }
519
520                 snprintf(fname, sizeof(fname), "%s" SLASH "%s", confbase, ent->d_name);
521
522                 if(access(fname, R_OK | X_OK)) {
523                         if(errno != EACCES) {
524                                 fprintf(stderr, "ERROR: cannot access %s: %s\n", fname, strerror(errno));
525                                 continue;
526                         }
527
528                         fprintf(stderr, "WARNING: cannot read and execute %s: %s\n", fname, strerror(errno));
529
530                         if(ask_fix()) {
531                                 if(chmod(fname, 0755)) {
532                                         fprintf(stderr, "ERROR: cannot change permissions on %s: %s\n", fname, strerror(errno));
533                                 }
534                         }
535                 }
536         }
537
538         closedir(dir);
539
540         snprintf(dname, sizeof(dname), "%s" SLASH "hosts", confbase);
541         dir = opendir(dname);
542
543         if(!dir) {
544                 fprintf(stderr, "ERROR: cannot read directory %s: %s\n", dname, strerror(errno));
545                 return 1;
546         }
547
548         while((ent = readdir(dir))) {
549                 if(strtailcmp(ent->d_name, "-up") && strtailcmp(ent->d_name, "-down")) {
550                         continue;
551                 }
552
553                 strncpy(fname, ent->d_name, sizeof(fname));
554                 char *dash = strrchr(fname, '-');
555
556                 if(!dash) {
557                         continue;
558                 }
559
560                 *dash = 0;
561
562                 snprintf(fname, sizeof(fname), "%s" SLASH "hosts" SLASH "%s", confbase, ent->d_name);
563
564                 if(access(fname, R_OK | X_OK)) {
565                         if(errno != EACCES) {
566                                 fprintf(stderr, "ERROR: cannot access %s: %s\n", fname, strerror(errno));
567                                 continue;
568                         }
569
570                         fprintf(stderr, "WARNING: cannot read and execute %s: %s\n", fname, strerror(errno));
571
572                         if(ask_fix()) {
573                                 if(chmod(fname, 0755)) {
574                                         fprintf(stderr, "ERROR: cannot change permissions on %s: %s\n", fname, strerror(errno));
575                                 }
576                         }
577                 }
578         }
579
580         closedir(dir);
581
582         // Check for obsolete / unsafe / unknown configuration variables.
583
584         check_conffile(tinc_conf, true);
585
586         dir = opendir(dname);
587
588         if(dir) {
589                 while((ent = readdir(dir))) {
590                         if(!check_id(ent->d_name)) {
591                                 continue;
592                         }
593
594                         snprintf(fname, sizeof(fname), "%s" SLASH "hosts" SLASH "%s", confbase, ent->d_name);
595                         check_conffile(fname, false);
596                 }
597
598                 closedir(dir);
599         }
600
601         return 0;
602 }
603