X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fconf.c;h=11a9ca08633c09414dc4b46752d76ce03d1a0227;hp=7e135dec0c8f369e48f0840006b91b8529abfb49;hb=8ccb1ede92fbd55481fa2317c2450bb9dd94a180;hpb=183a8edd22ba4bc682392c73ae02fc9e121eda68

diff --git a/src/conf.c b/src/conf.c
index 7e135dec..11a9ca08 100644
--- a/src/conf.c
+++ b/src/conf.c
@@ -1,6 +1,6 @@
 /*
     conf.c -- configuration code
-    Copyright (C) 1998 Emphyrio,
+    Copyright (C) 1998 Robert van der Meulen
     Copyright (C) 1998,1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>
                             2000 Guus Sliepen <guus@sliepen.warande.net>
 			    2000 Cris van Pelt <tribbel@arise.dhs.org>
@@ -19,10 +19,12 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: conf.c,v 1.9.4.12 2000/10/11 22:00:57 guus Exp $
+    $Id: conf.c,v 1.9.4.27 2000/11/30 00:24:13 zarq Exp $
 */
 
+#include "config.h"
 
+#include <assert.h>
 #include <ctype.h>
 #include <errno.h>
 #include <netdb.h>
@@ -30,21 +32,23 @@
 #include <stdlib.h>
 #include <string.h>
 #include <syslog.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
 
 #include <xalloc.h>
+#include <utils.h> /* for cp */
 
 #include "conf.h"
 #include "netutl.h" /* for strtoip */
-#include <utils.h> /* for cp */
-
-#include "config.h"
 
 #include "system.h"
 
-config_t *config;
+config_t *config = NULL;
 int debug_lvl = 0;
 int timeout = 0; /* seconds before timeout */
-char *configfilename = NULL;
+char *confbase = NULL;           /* directory in which all config files are */
+char *netname = NULL;            /* name of the vpn network */
 
 /* Will be set if HUP signal is received. It will be processed when it is safe. */
 int sighup = 0;
@@ -54,26 +58,26 @@ int sighup = 0;
 */
 static internal_config_t hazahaza[] = {
 /* Main configuration file keywords */
-  { "Name",         tincname,       TYPE_NAME },
-  { "ConnectTo",    connectto,      TYPE_NAME },
-  { "PingTimeout",  pingtimeout,    TYPE_INT },
-  { "TapDevice",    tapdevice,      TYPE_NAME },
-  { "PrivateKey",   privatekey,     TYPE_NAME },
-  { "KeyExpire",    keyexpire,      TYPE_INT },
-  { "Hostnames",    resolve_dns,    TYPE_BOOL },
-  { "Interface",    interface,      TYPE_NAME },
-  { "InterfaceIP",  interfaceip,    TYPE_IP },
+  { "Name",         config_name,       TYPE_NAME },
+  { "ConnectTo",    config_connectto,      TYPE_NAME },
+  { "PingTimeout",  config_pingtimeout,    TYPE_INT },
+  { "TapDevice",    config_tapdevice,      TYPE_NAME },
+  { "PrivateKey",   config_privatekey,     TYPE_NAME },
+  { "KeyExpire",    config_keyexpire,      TYPE_INT },
+  { "Hostnames",    config_hostnames,    TYPE_BOOL },
+  { "Interface",    config_interface,      TYPE_NAME },
+  { "InterfaceIP",  config_interfaceip,    TYPE_IP },
 /* Host configuration file keywords */
-  { "Address",      address,        TYPE_NAME },
-  { "Port",         port,           TYPE_INT },
-  { "PublicKey",    publickey,      TYPE_NAME },
-  { "Subnet",       subnet,         TYPE_NAME },
-  { "RestrictHosts", restricthosts, TYPE_BOOL },
-  { "RestrictSubnets", restrictsubnets, TYPE_BOOL },
-  { "RestrictAddress", restrictaddress, TYPE_BOOL },
-  { "RestrictPort", restrictport,   TYPE_BOOL },
-  { "IndirectData", indirectdata,   TYPE_BOOL },
-  { "TCPonly",      tcponly,        TYPE_BOOL },
+  { "Address",      config_address,        TYPE_NAME },
+  { "Port",         config_port,           TYPE_INT },
+  { "PublicKey",    config_publickey,      TYPE_NAME },
+  { "Subnet",       config_subnet,         TYPE_IP },		/* Use IPv4 subnets only for now */
+  { "RestrictHosts", config_restricthosts, TYPE_BOOL },
+  { "RestrictSubnets", config_restrictsubnets, TYPE_BOOL },
+  { "RestrictAddress", config_restrictaddress, TYPE_BOOL },
+  { "RestrictPort", config_restrictport,   TYPE_BOOL },
+  { "IndirectData", config_indirectdata,   TYPE_BOOL },
+  { "TCPonly",      config_tcponly,        TYPE_BOOL },
   { NULL, 0, 0 }
 };
 
@@ -83,12 +87,12 @@ static internal_config_t hazahaza[] = {
 config_t *
 add_config_val(config_t **cfg, int argtype, char *val)
 {
-  config_t *p, *r;
+  config_t *p;
   char *q;
 cp
   p = (config_t*)xmalloc(sizeof(*p));
   p->data.val = 0;
-  
+
   switch(argtype)
     {
     case TYPE_INT:
@@ -116,22 +120,77 @@ cp
 
   if(p->data.val)
     {
-      if(*cfg)
-        {
-          r = *cfg;
-          while(r->next)
-            r = r->next;
-          r->next = p;
-        }
-      else
-        *cfg = p;
-      p->next = NULL;
+      p->next = *cfg;
+      *cfg = p;
+cp
       return p;
     }
-
-  free(p);
+  else
+    {
+      free(p);
 cp
-  return NULL;
+      return NULL;
+    }
+}
+
+/*
+  Read exactly one line and strip the trailing newline if any.  If the
+  file was on EOF, return NULL. Otherwise, return all the data in a
+  dynamically allocated buffer.
+*/
+char *readline(FILE *fp)
+{
+  char *newline = NULL;
+  char *p;
+  char *line; /* The array that contains everything that has been read
+                 so far */
+  char *idx; /* Read into this pointer, which points to an offset
+                within line */
+  size_t size, newsize; /* The size of the current array pointed to by
+                           line */
+  size_t maxlen; /* Maximum number of characters that may be read with
+                    fgets.  This is newsize - oldsize. */
+
+  if(feof(fp))
+    return NULL;
+  
+  size = 100;
+  maxlen = size;
+  line = xmalloc(size);
+  idx = line;
+  for(;;)
+    {
+      errno = 0;
+      p = fgets(idx, maxlen, fp);
+      if(p == NULL)  /* EOF or error */
+	{
+	  if(feof(fp))
+	    break;
+
+	  /* otherwise: error; let the calling function print an error
+             message if applicable */
+	  free(line);
+	  return NULL;
+	}
+
+      newline = strchr(p, '\n');
+      if(newline == NULL)
+	/* We haven't yet read everything to the end of the line */
+	{
+	  newsize = size << 1;
+	  line = xrealloc(line, newsize);
+	  idx = &line[size - 1];
+	  maxlen = newsize - size + 1;
+	  size = newsize;
+	}
+      else
+	{
+	  *newline = '\0'; /* kill newline */
+	  break;  /* yay */
+	}
+    }
+
+  return line;
 }
 
 /*
@@ -142,33 +201,25 @@ int read_config_file(config_t **base, const char *fname)
 {
   int err = -1;
   FILE *fp;
-  char line[MAXBUFSIZE];	/* There really should not be any line longer than this... */
+  char *line;
   char *p, *q;
   int i, lineno = 0;
   config_t *cfg;
 cp
   if((fp = fopen (fname, "r")) == NULL)
-    {
-      return -1;
-    }
+    return -1;
 
   for(;;)
     {
-      if(fgets(line, MAXBUFSIZE, fp) == NULL)
-        {
-          err = 0;
-          break;
-        }
+      if((line = readline(fp)) == NULL)
+	{
+	  err = -1;
+	  break;
+	}
         
       lineno++;
 
-      if(!index(line, '\n'))
-        {
-          syslog(LOG_ERR, _("Line %d too long while reading config file %s"), lineno, fname);
-          break;
-        }        
-
-      if((p = strtok(line, "\t\n\r =")) == NULL)
+      if((p = strtok(line, "\t =")) == NULL)
 	continue; /* no tokens on this line */
 
       if(p[0] == '#')
@@ -203,41 +254,43 @@ cp
       cfg->which = hazahaza[i].which;
       if(!config)
 	config = cfg;
+      free(line);
     }
 
+  free(line);
   fclose (fp);
 cp
   return err;
 }
 
-/*
-  Look up the value of the config option type
-*/
-const config_t *get_config_val(config_t *p, which_t type)
+int read_server_config()
 {
+  char *fname;
+  int x;
 cp
-  for(p = config; p != NULL; p = p->next)
-    if(p->which == type)
-      return p;
+  asprintf(&fname, "%s/tinc.conf", confbase);
+  x = read_config_file(&config, fname);
+  if(x != 0)
+    {
+      fprintf(stderr, _("Failed to read `%s': %m\n"),
+	      fname);
+    }
+  free(fname);
 cp
-  /* Not found */
-  return NULL;
+  return x;  
 }
 
 /*
-  Support for multiple config lines.
-  Index is used to get a specific value, 0 being the first, 1 the second etc.
+  Look up the value of the config option type
 */
-const config_t *get_next_config_val(config_t *p, which_t type, int index)
+const config_t *get_config_val(config_t *p, which_t type)
 {
-cp  
-  for(p = config; p != NULL; p = p->next)
+cp
+  for(; p != NULL; p = p->next)
     if(p->which == type)
-      if(--index < 0)
-        return p;
-cp  
-  /* Not found */
-  return NULL;
+      break;
+cp
+  return p;
 }
 
 /*
@@ -259,3 +312,159 @@ cp
   *base = NULL;
 cp
 }
+
+int isadir(const char* f)
+{
+  struct stat s;
+
+  if(stat(f, &s) < 0)
+    {
+      fprintf(stderr, _("Couldn't stat `%s': %m\n"),
+	      f);
+      return -1;
+    }
+
+  return S_ISDIR(s.st_mode);
+}
+
+int is_safe_path(const char *file)
+{
+  char *p;
+  char *fn = xstrdup(file);
+  struct stat s;
+
+  p = strrchr(file, '/');
+  assert(p); /* p has to contain a / */
+  *p = '\0';
+  if(stat(file, &s) < 0)
+    {
+      fprintf(stderr, _("Couldn't stat `%s': %m\n"),
+	      file);
+      return 0;
+    }
+  if(s.st_uid != geteuid())
+    {
+      fprintf(stderr, _("`%s' is owned by UID %d instead of %d.\n"),
+	      file, s.st_uid, geteuid());
+      return 0;
+    }
+  if(S_ISLNK(s.st_mode))
+    {
+      fprintf(stderr, _("Warning: `%s' is a symlink\n"),
+	      file);
+      /* fixme: read the symlink and start again */
+    }
+
+  *p = '/';
+  if(stat(file, &s) < 0)
+    {
+      fprintf(stderr, _("Couldn't stat `%s': %m\n"),
+	      file);
+      return 0;
+    }
+  if(s.st_uid != geteuid())
+    {
+      fprintf(stderr, _("`%s' is owned by UID %d instead of %d.\n"),
+	      file, s.st_uid, geteuid());
+      return 0;
+    }
+  if(S_ISLNK(s.st_mode))
+    {
+      fprintf(stderr, _("Warning: `%s' is a symlink\n"),
+	      file);
+      /* fixme: read the symlink and start again */
+    }
+  if(s.st_mode & 0007)
+    {
+      /* Accessible by others */
+      fprintf(stderr, _("`%s' has unsecure permissions.\n"),
+	      file);
+      return 0;
+    }
+  
+  return 1;
+}
+
+FILE *ask_and_safe_open(const char* filename, const char* what)
+{
+  FILE *r;
+  char *directory;
+  char *fn;
+  int len;
+
+  /* Check stdin and stdout */
+  if(!isatty(0) || !isatty(1))
+    {
+      /* Argh, they are running us from a script or something.  Write
+         the files to the current directory and let them burn in hell
+         for ever. */
+      fn = xstrdup(filename);
+    }
+  else
+    {
+      /* Ask for a file and/or directory name. */
+      fprintf(stdout, _("Please enter a file to save %s to [%s]: "),
+	      what, filename);
+      fflush(stdout);  /* Don't wait for a newline */
+      if((fn = readline(stdin)) == NULL)
+	{
+	  fprintf(stderr, _("Error while reading stdin: %m\n"));
+	  return NULL;
+	}
+      if(strlen(fn) == 0)
+	/* User just pressed enter. */
+	fn = xstrdup(filename);
+    }
+
+  if((strchr(fn, '/') == NULL) || (fn[0] != '/'))
+    {
+      /* The directory is a relative path or a filename. */
+      char *p;
+      
+      directory = get_current_dir_name();
+      len = strlen(fn) + strlen(directory) + 2; /* 1 for the / */
+      p = xmalloc(len);
+      snprintf(p, len, "%s/%s", directory, fn);
+      free(fn);
+      free(directory);
+      fn = p;
+    }
+
+  if(isadir(fn) > 0) /* -1 is error */
+    {
+      char *p;
+
+      len = strlen(fn) + strlen(filename) + 2; /* 1 for the / */
+      p = xmalloc(len);
+      snprintf(p, len, "%s/%s", fn, filename);
+      free(fn);
+      fn = p;
+    }
+
+  umask(0077); /* Disallow everything for group and other */
+  
+  /* Open it first to keep the inode busy */
+  if((r = fopen(fn, "w")) == NULL)
+    {
+      fprintf(stderr, _("Error opening file `%s': %m\n"),
+	      fn);
+      free(fn);
+      return NULL;
+    }
+
+  /* Then check the file for nasty attacks */
+  if(!is_safe_path(fn))  /* Do not permit any directories that are
+                            readable or writeable by other users. */
+    {
+      fprintf(stderr, _("The file `%s' (or any of the leading directories) has unsafe permissions.\n"
+			"I will not create or overwrite this file.\n"),
+			fn);
+      fclose(r);
+      free(fn);
+      return NULL;
+    }
+
+  free(fn);
+  
+  return r;
+}