X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fconf.c;h=8282e2ffb09bacbc28b0168108dfec0c7f393608;hp=5d6437ff893556a477e5abd2a8ae9c2300c6b257;hb=113198d9c0b3be9904057673cfed165406803f86;hpb=24874d0806bac5d75663ea9de67a71171bfc97b6 diff --git a/src/conf.c b/src/conf.c index 5d6437ff..8282e2ff 100644 --- a/src/conf.c +++ b/src/conf.c @@ -1,6 +1,6 @@ /* conf.c -- configuration code - Copyright (C) 1998 Emphyrio, + Copyright (C) 1998 Robert van der Meulen Copyright (C) 1998,1999,2000 Ivo Timmermans 2000 Guus Sliepen 2000 Cris van Pelt @@ -19,58 +19,65 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: conf.c,v 1.9.4.5 2000/06/30 11:45:14 guus Exp $ + $Id: conf.c,v 1.9.4.28 2000/11/30 21:11:03 zarq Exp $ */ - #include "config.h" +#include #include #include #include #include #include #include +#include +#include +#include +#include #include +#include /* for cp */ #include "conf.h" #include "netutl.h" /* for strtoip */ -#include /* for cp */ #include "system.h" -config_t *config; +config_t *config = NULL; int debug_lvl = 0; int timeout = 0; /* seconds before timeout */ -char *configfilename = NULL; +char *confbase = NULL; /* directory in which all config files are */ +char *netname = NULL; /* name of the vpn network */ /* Will be set if HUP signal is received. It will be processed when it is safe. */ int sighup = 0; -typedef struct internal_config_t { - char *name; - enum which_t which; - int argtype; -} internal_config_t; - /* These are all the possible configurable values */ static internal_config_t hazahaza[] = { - { "AllowConnect", allowconnect, TYPE_BOOL }, /* Is not used anywhere. Remove? */ - { "ConnectTo", upstreamip, TYPE_IP }, - { "ConnectPort", upstreamport, TYPE_INT }, - { "ListenPort", listenport, TYPE_INT }, - { "MyOwnVPNIP", myvpnip, TYPE_IP }, - { "MyVirtualIP", myvpnip, TYPE_IP }, /* an alias */ - { "Passphrases", passphrasesdir, TYPE_NAME }, - { "PingTimeout", pingtimeout, TYPE_INT }, - { "TapDevice", tapdevice, TYPE_NAME }, - { "KeyExpire", keyexpire, TYPE_INT }, - { "VpnMask", vpnmask, TYPE_IP }, - { "Hostnames", resolve_dns, TYPE_BOOL }, - { "IndirectData", indirectdata, TYPE_BOOL }, +/* Main configuration file keywords */ + { "Name", config_name, TYPE_NAME }, + { "ConnectTo", config_connectto, TYPE_NAME }, + { "PingTimeout", config_pingtimeout, TYPE_INT }, + { "TapDevice", config_tapdevice, TYPE_NAME }, + { "PrivateKey", config_privatekey, TYPE_NAME }, + { "KeyExpire", config_keyexpire, TYPE_INT }, + { "Hostnames", config_hostnames, TYPE_BOOL }, + { "Interface", config_interface, TYPE_NAME }, + { "InterfaceIP", config_interfaceip, TYPE_IP }, +/* Host configuration file keywords */ + { "Address", config_address, TYPE_NAME }, + { "Port", config_port, TYPE_INT }, + { "PublicKey", config_publickey, TYPE_NAME }, + { "Subnet", config_subnet, TYPE_IP }, /* Use IPv4 subnets only for now */ + { "RestrictHosts", config_restricthosts, TYPE_BOOL }, + { "RestrictSubnets", config_restrictsubnets, TYPE_BOOL }, + { "RestrictAddress", config_restrictaddress, TYPE_BOOL }, + { "RestrictPort", config_restrictport, TYPE_BOOL }, + { "IndirectData", config_indirectdata, TYPE_BOOL }, + { "TCPonly", config_tcponly, TYPE_BOOL }, { NULL, 0, 0 } }; @@ -80,12 +87,12 @@ static internal_config_t hazahaza[] = { config_t * add_config_val(config_t **cfg, int argtype, char *val) { - config_t *p, *r; + config_t *p; char *q; cp p = (config_t*)xmalloc(sizeof(*p)); p->data.val = 0; - + switch(argtype) { case TYPE_INT: @@ -113,54 +120,106 @@ cp if(p->data.val) { - if(*cfg) - { - r = *cfg; - while(r->next) - r = r->next; - r->next = p; - } - else - *cfg = p; - p->next = NULL; + p->next = *cfg; + *cfg = p; +cp return p; } - - free(p); + else + { + free(p); cp - return NULL; + return NULL; + } } /* - Get variable from a section in a configfile. returns -1 on failure. + Read exactly one line and strip the trailing newline if any. If the + file was on EOF, return NULL. Otherwise, return all the data in a + dynamically allocated buffer. */ -int -readconfig(const char *fname, FILE *fp) +char *readline(FILE *fp) { - char *line, *temp_buf; + char *newline = NULL; + char *p; + char *line; /* The array that contains everything that has been read + so far */ + char *idx; /* Read into this pointer, which points to an offset + within line */ + size_t size, newsize; /* The size of the current array pointed to by + line */ + size_t maxlen; /* Maximum number of characters that may be read with + fgets. This is newsize - oldsize. */ + + if(feof(fp)) + return NULL; + + size = 100; + maxlen = size; + line = xmalloc(size); + idx = line; + for(;;) + { + errno = 0; + p = fgets(idx, maxlen, fp); + if(p == NULL) /* EOF or error */ + { + if(feof(fp)) + break; + + /* otherwise: error; let the calling function print an error + message if applicable */ + free(line); + return NULL; + } + + newline = strchr(p, '\n'); + if(newline == NULL) + /* We haven't yet read everything to the end of the line */ + { + newsize = size << 1; + line = xrealloc(line, newsize); + idx = &line[size - 1]; + maxlen = newsize - size + 1; + size = newsize; + } + else + { + *newline = '\0'; /* kill newline */ + break; /* yay */ + } + } + + return line; +} + +/* + Parse a configuration file and put the results in the configuration tree + starting at *base. +*/ +int read_config_file(config_t **base, const char *fname) +{ + int err = -1; + FILE *fp; + char *line; char *p, *q; int i, lineno = 0; config_t *cfg; cp - line = (char *)xmalloc(80 * sizeof(char)); - temp_buf = (char *)xmalloc(80 * sizeof(char)); - + if((fp = fopen (fname, "r")) == NULL) + return -1; + for(;;) { - if(fgets(line, 80, fp) == NULL) - return 0; - - while(!index(line, '\n')) - { - fgets(temp_buf, (strlen(line)+1) * 80, fp); - if(!temp_buf) - break; - strcat(line, temp_buf); - line = (char *)xrealloc(line, (strlen(line)+1) * sizeof(char)); - } + if((line = readline(fp)) == NULL) + { + err = -1; + break; + } + lineno++; - if((p = strtok(line, "\t\n\r =")) == NULL) + if((p = strtok(line, "\t =")) == NULL) continue; /* no tokens on this line */ if(p[0] == '#') @@ -172,97 +231,76 @@ cp if(!hazahaza[i].name) { - fprintf(stderr, _("%s: %d: Invalid variable name `%s'.\n"), - fname, lineno, p); - return -1; + syslog(LOG_ERR, _("Invalid variable name on line %d while reading config file %s"), + lineno, fname); + break; } if(((q = strtok(NULL, "\t\n\r =")) == NULL) || q[0] == '#') { - fprintf(stderr, _("%s: %d: No value given for `%s'.\n"), - fname, lineno, hazahaza[i].name); - return -1; + fprintf(stderr, _("No value for variable on line %d while reading config file %s"), + lineno, fname); + break; } - cfg = add_config_val(&config, hazahaza[i].argtype, q); + cfg = add_config_val(base, hazahaza[i].argtype, q); if(cfg == NULL) { - fprintf(stderr, _("%s: %d: Invalid value `%s' for variable `%s'.\n"), - fname, lineno, q, hazahaza[i].name); - return -1; + fprintf(stderr, _("Invalid value for variable on line %d while reading config file %s"), + lineno, fname); + break; } cfg->which = hazahaza[i].which; if(!config) config = cfg; + free(line); } + + free(line); + fclose (fp); cp - return 0; + return err; } -/* - wrapper function for readconfig -*/ -int -read_config_file(const char *fname) +int read_server_config() { - int err; - FILE *fp; + char *fname; + int x; cp - if((fp = fopen (fname, "r")) == NULL) + asprintf(&fname, "%s/tinc.conf", confbase); + x = read_config_file(&config, fname); + if(x != 0) { - fprintf(stderr, _("Could not open %s: %s\n"), fname, sys_errlist[errno]); - return 1; + fprintf(stderr, _("Failed to read `%s': %m\n"), + fname); } - - err = readconfig(fname, fp); - fclose (fp); + free(fname); cp - return err; + return x; } /* Look up the value of the config option type */ -const config_t * -get_config_val(which_t type) +const config_t *get_config_val(config_t *p, which_t type) { - config_t *p; cp - for(p = config; p != NULL; p = p->next) + for(; p != NULL; p = p->next) if(p->which == type) - return p; + break; cp - /* Not found */ - return NULL; -} - -/* - Support for multiple config lines. - Index is used to get a specific value, 0 being the first, 1 the second etc. -*/ -const config_t * -get_next_config_val(which_t type, int index) -{ - config_t *p; -cp - for(p = config; p != NULL; p = p->next) - if(p->which == type) - if(--index < 0) - return p; -cp - /* Not found */ - return NULL; + return p; } /* Remove the complete configuration tree. */ -void clear_config() +void clear_config(config_t **base) { config_t *p, *next; cp - for(p = config; p != NULL; p = next) + for(p = *base; p != NULL; p = next) { next = p->next; if(p->data.ptr && (p->argtype == TYPE_NAME)) @@ -271,6 +309,164 @@ cp } free(p); } - config = NULL; + *base = NULL; cp } + +int isadir(const char* f) +{ + struct stat s; + + if(stat(f, &s) < 0) + { + fprintf(stderr, _("Couldn't stat `%s': %m\n"), + f); + return -1; + } + + return S_ISDIR(s.st_mode); +} + +int is_safe_path(const char *file) +{ + char *p; + char *fn = xstrdup(file); + struct stat s; + + p = strrchr(file, '/'); + assert(p); /* p has to contain a / */ + *p = '\0'; + if(stat(file, &s) < 0) + { + fprintf(stderr, _("Couldn't stat `%s': %m\n"), + file); + return 0; + } + if(s.st_uid != geteuid()) + { + fprintf(stderr, _("`%s' is owned by UID %d instead of %d.\n"), + file, s.st_uid, geteuid()); + return 0; + } + if(S_ISLNK(s.st_mode)) + { + fprintf(stderr, _("Warning: `%s' is a symlink\n"), + file); + /* fixme: read the symlink and start again */ + } + + *p = '/'; + if(stat(file, &s) < 0 && errno != ENOENT) + { + fprintf(stderr, _("Couldn't stat `%s': %m\n"), + file); + return 0; + } + if(errno == ENOENT) + return 1; + if(s.st_uid != geteuid()) + { + fprintf(stderr, _("`%s' is owned by UID %d instead of %d.\n"), + file, s.st_uid, geteuid()); + return 0; + } + if(S_ISLNK(s.st_mode)) + { + fprintf(stderr, _("Warning: `%s' is a symlink\n"), + file); + /* fixme: read the symlink and start again */ + } + if(s.st_mode & 0007) + { + /* Accessible by others */ + fprintf(stderr, _("`%s' has unsecure permissions.\n"), + file); + return 0; + } + + return 1; +} + +FILE *ask_and_safe_open(const char* filename, const char* what) +{ + FILE *r; + char *directory; + char *fn; + int len; + + /* Check stdin and stdout */ + if(!isatty(0) || !isatty(1)) + { + /* Argh, they are running us from a script or something. Write + the files to the current directory and let them burn in hell + for ever. */ + fn = xstrdup(filename); + } + else + { + /* Ask for a file and/or directory name. */ + fprintf(stdout, _("Please enter a file to save %s to [%s]: "), + what, filename); + fflush(stdout); /* Don't wait for a newline */ + if((fn = readline(stdin)) == NULL) + { + fprintf(stderr, _("Error while reading stdin: %m\n")); + return NULL; + } + if(strlen(fn) == 0) + /* User just pressed enter. */ + fn = xstrdup(filename); + } + + if((strchr(fn, '/') == NULL) || (fn[0] != '/')) + { + /* The directory is a relative path or a filename. */ + char *p; + + directory = get_current_dir_name(); + len = strlen(fn) + strlen(directory) + 2; /* 1 for the / */ + p = xmalloc(len); + snprintf(p, len, "%s/%s", directory, fn); + free(fn); + free(directory); + fn = p; + } + + if(isadir(fn) > 0) /* -1 is error */ + { + char *p; + + len = strlen(fn) + strlen(filename) + 2; /* 1 for the / */ + p = xmalloc(len); + snprintf(p, len, "%s/%s", fn, filename); + free(fn); + fn = p; + } + + umask(0077); /* Disallow everything for group and other */ + + /* Open it first to keep the inode busy */ + if((r = fopen(fn, "w")) == NULL) + { + fprintf(stderr, _("Error opening file `%s': %m\n"), + fn); + free(fn); + return NULL; + } + + /* Then check the file for nasty attacks */ + if(!is_safe_path(fn)) /* Do not permit any directories that are + readable or writeable by other users. */ + { + fprintf(stderr, _("The file `%s' (or any of the leading directories) has unsafe permissions.\n" + "I will not create or overwrite this file.\n"), + fn); + fclose(r); + free(fn); + return NULL; + } + + free(fn); + + return r; +}