Context Navigation

source: trunk/src/yulectl.c@ 104

Last change on this file since 104 was 98, checked in by rainer, 18 years ago
Fix for ticket #58 (cross-compiling does not work).
File size: 14.4 KB

Rev	Line
[1]	1	/* SAMHAIN file system integrity testing */
	2	/* Copyright (C) 2003 Rainer Wichmann */
	3	/* */
	4	/* This program is free software; you can redistribute it */
	5	/* and/or modify */
	6	/* it under the terms of the GNU General Public License as */
	7	/* published by */
	8	/* the Free Software Foundation; either version 2 of the License, or */
	9	/* (at your option) any later version. */
	10	/* */
	11	/* This program is distributed in the hope that it will be useful, */
	12	/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
	13	/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
	14	/* GNU General Public License for more details. */
	15	/* */
	16	/* You should have received a copy of the GNU General Public License */
	17	/* along with this program; if not, write to the Free Software */
	18	/* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
	19
	20	#include "config_xor.h"
	21
	22	#include <stddef.h>
	23	#include <stdio.h>
	24	#include <stdlib.h>
	25	#include <string.h>
	26	#include <errno.h>
	27
	28	#include <unistd.h>
	29	#include <fcntl.h>
	30
	31	#include <sys/socket.h>
	32	#include <sys/un.h>
	33
	34	#include <signal.h>
	35	#include <pwd.h>
	36
	37	#if !defined(AF_FILE)
	38	#define AF_FILE AF_UNIX
	39	#endif
	40
	41	#define SH_MAXMSG 209
	42
	43	static int sock = -1;
	44	static char * sockname = NULL;
	45
	46	static char password[15] = "";
	47
	48	static int verbose = 0;
	49
	50	#ifdef SH_STEALTH
	51	char * globber(const char * string);
	52	#define _(string) globber(string)
	53	#define N_(string) string
	54	#else
	55	#define _(string) string
	56	#define N_(string) string
	57	#endif
	58
	59	#ifdef SH_STEALTH
	60	#ifndef SH_MAX_GLOBS
	61	#define SH_MAX_GLOBS 32
	62	#endif
	63	char * globber(const char * str)
	64	{
	65	register int i, j;
	66	static int count = -1;
	67	static char glob[SH_MAX_GLOBS][128];
	68
	69	++count; if (count > (SH_MAX_GLOBS-1) ) count = 0;
	70	j = strlen(str);
	71	if (j > 127) j = 127;
	72
	73	for (i = 0; i < j; ++i)
	74	{
	75	if (str[i] != '\n' && str[i] != '\t')
	76	glob[count][i] = str[i] ^ XOR_CODE;
	77	else
	78	glob[count][i] = str[i];
	79	}
	80	glob[count][j] = '\0';
	81	return glob[count];
	82	}
	83	#endif
	84
	85	#define CLIENT _("yulectl")
	86
	87
	88	int
	89	make_named_socket (char * sockname)
	90	{
	91	int sock;
	92
	93	#if 0
	94	struct sockaddr_un name;
	95	size_t size;
	96	#else
	97	(void) sockname;
	98	#endif
	99
	100	/* Create the socket. */
	101
	102	sock = socket (PF_UNIX, SOCK_STREAM, 0);
	103	if (sock < 0)
	104	{
	105	perror (_("ERROR: socket"));
	106	return -1;
	107	}
	108
	109	#if 0
	110	/* Bind a name to the socket. */
	111	name.sun_family = AF_FILE;
	112	strcpy (name.sun_path, sockname);
	113
	114	/* The size of the address is
	115	the offset of the start of the filename,
	116	plus its length,
	117	plus one for the terminating null byte. */
	118	size = (offsetof (struct sockaddr_un, sun_path)
	119	+ strlen (name.sun_path) + 1);
	120
	121	if (bind (sock, (struct sockaddr *) &name, size) < 0)
	122	{
	123	perror (_("ERROR: bind"));
	124	return -1;
	125	}
	126	#endif
	127
	128	return sock;
	129	}
	130
	131	void
	132	termination_handler (int signum)
	133	{
	134	/* Clean up. */
	135	if (signum != 0)
	136	{
	137	if (verbose)
	138	fprintf(stdout, _("# Terminated on signal %d\n"), signum);
	139	}
	140	#if 0
	141	if (sockname != NULL) unlink (sockname);
	142	#endif
	143	if (sock >= 0 ) close (sock);
	144
	145	return;
	146	}
	147
	148
	149	int send_to_server (char * serversock, char * message)
	150	{
	151	struct sockaddr_un name;
	152	/* size_t size; */
	153	int size;
	154	int nbytes;
	155
	156	/* Initialize the server socket address.
	157	*/
	158	name.sun_family = AF_UNIX;
	159	strncpy (name.sun_path, serversock, sizeof(name.sun_path) - 1);
	160	size = (offsetof (struct sockaddr_un, sun_path)
	161	+ strlen (name.sun_path) + 1);
	162
	163	nbytes = connect(sock, (struct sockaddr *) & name, size);
	164	if (nbytes < 0)
	165	{
	166	perror (_("ERROR: connect"));
	167	return -1;
	168	}
	169
	170	/* Send the datagram.
	171	nbytes = sendto (sock, message, strlen (message) + 1, 0,
	172	(struct sockaddr *) & name, size);
	173	*/
	174	nbytes = send (sock, message, strlen (message) + 1, 0);
	175
	176	if (nbytes < 0)
	177	{
	178	perror (_("ERROR: send"));
	179	return -1;
	180	}
	181	return 0;
	182	}
	183
	184	static int getline_from_server (int sock, char * buf, int size)
	185	{
	186	int nbytes = 0;
	187	int status = 0;
	188	char * p = buf;
	189
	190	do {
	191	status = read (sock, p, 1);
	192	if (status <= 0)
	193	{
	194	buf[nbytes] = '\0';
	195	return ((status == 0) ? nbytes : status);
	196	}
	197	else if (*p == '\0')
	198	{
	199	return nbytes;
	200	}
	201	++nbytes; ++p;
	202	} while (nbytes < size);
	203	buf[size-1] = '\0';
	204	return 0;
	205	}
	206
	207	int recv_from_server (char * message)
	208	{
	209	int nbytes = 0;
	210	char recvmsg[SH_MAXMSG];
	211	int num = 0;
	212	int good = -1;
	213	int islist = 0;
	214	char * p;
	215
	216	if (password[0] == '\0')
	217	{
	218	if (message[0] == 'L' && message[1] == 'I' &&
	219	message[2] == 'S' && message[3] == 'T')
	220	{
	221	islist = 1;
	222	}
	223	if (message[0] == 'P' && message[1] == 'R' &&
	224	message[2] == 'O' && message[3] == 'B' && message[4] == 'E' )
	225	{
	226	islist = 1;
	227	}
	228	}
	229	else
	230	{
	231	p = &message[strlen(password)+1];
	232	if (p[0] == 'L' && p[1] == 'I' &&
	233	p[2] == 'S' && p[3] == 'T')
	234	{
	235	islist = 1;
	236	}
	237	if (p[0] == 'P' && p[1] == 'R' &&
	238	p[2] == 'O' && p[3] == 'B' && p[4] == 'E' )
	239	{
	240	islist = 1;
	241	}
	242	}
	243
	244	if (islist == 1)
	245	{
	246	do {
	247	/*
	248	nbytes = recvfrom (sock, recvmsg, SH_MAXMSG, 0, NULL, 0);
	249	*/
	250	nbytes = getline_from_server (sock, recvmsg, SH_MAXMSG);
	251	if (nbytes < 0)
	252	{
	253	if (errno == EAGAIN)
	254	{
	255	return 0;
	256	}
	257	else
	258	{
	259	perror (_("ERROR: recv"));
	260	return -1;
	261	}
	262	}
	263	else if (nbytes == 0)
	264	{
	265	return 0;
	266	}
	267	if (recvmsg[0] == 'E' && recvmsg[1] == 'N' && recvmsg[2] == 'D')
	268	{
	269	if (verbose && (num == 0))
	270	fprintf (stdout, _("# There are no pending commands.\n"));
	271	return 0;
	272	}
	273	++num;
	274	fprintf (stdout, _("%03d: %s\n"), num, recvmsg);
	275	} while (nbytes >= 0);
	276	}
	277	else
	278	{
	279	/*
	280	nbytes = recvfrom (sock, recvmsg, SH_MAXMSG, 0, NULL, 0);
	281	*/
	282	nbytes = recv (sock, recvmsg, SH_MAXMSG, 0);
	283	if (nbytes < 0)
	284	{
	285	perror (_("ERROR: recv"));
	286	return -1;
	287	}
	288	}
	289
	290	/* Print a diagnostic message. */
	291	if (password[0] == '\0')
	292	{
	293	good = strcmp (message, recvmsg);
	294	}
	295	else
	296	{
	297	good = strcmp (&message[strlen(password)+1], recvmsg);
	298	}
	299
	300	if (0 != good)
	301	{
[22]	302	fprintf (stderr, _("ERROR: Bounced message != original message (possible reason: superfluous password).\n"));
[1]	303	return -1;
	304	}
	305	else
	306	{
	307	if (verbose)
	308	fprintf (stdout, _("# Message received by server.\n"));
	309	}
	310
	311	return 0;
	312	}
	313
	314	void usage(char * name)
	315	{
	316	printf(_("\nUsage : %s [-v][-s server_socket] -c command <client_hostname>\n\n"),
	317	name);
	318
	319	printf(_("Purpose : send commands to the server via a socket,\n"));
	320	printf(_(" in particular commands that the server would\n"));
	321	printf(_(" transfer to the client <client_hostname> when\n"));
	322	printf(_(" this client connects to deliver a message.\n\n"));
[22]	323	printf(_(" If password is required, it is read from\n"));
	324	printf(_(" $HOME/.yulectl_cred or taken from the environment\n"));
	325	printf(_(" variable YULECTL_PASSWORD (not recommended).\n\n"));
[1]	326
	327	printf(_("Commands: RELOAD <reload configuration>\n"));
	328	printf(_(" STOP <terminate>\n"));
	329	printf(_(" CANCEL <cancel previous command>\n"));
	330	printf(_(" LIST <list queued commands>\n"));
	331	printf(_(" LISTALL <list queued and last sent commands>\n"));
	332	printf(_(" PROBE <probe all clients for necessity of reload>\n"));
	333	return;
	334	}
	335
	336	void fixup_message (char * message)
	337	{
	338	char message2[SH_MAXMSG];
	339	char home[4096];
	340	FILE * fp;
	341	struct passwd * pwent;
[22]	342	char * pw;
[1]	343
[22]	344	pw = getenv(_("YULECTL_PASSWORD"));
	345	if (pw && strlen(pw) < 15)
	346	{
	347	strcpy(password, pw);
	348	strcpy(message2, password);
	349	goto do_msg;
	350	}
[1]	351
	352	pwent = getpwuid(geteuid());
	353	if ((pwent == 0) \|\| (pwent->pw_dir == NULL))
	354	{
	355	if (verbose)
	356	fprintf (stderr, _("WARNING: no home directory for euid %ld\n"),
	357	(long) geteuid());
	358	if (NULL != getenv(_("HOME")))
	359	{
	360	strncpy(home, getenv(_("HOME")), 4096);
	361	home[4095] = '\0';
	362	}
	363	else
	364	{
	365	fprintf (stderr, _("ERROR: no home directory for euid %ld (tried $HOME and password database).\n"), (long) geteuid());
	366	exit(EXIT_FAILURE);
	367	}
	368	}
	369	else
	370	{
	371	strncpy(home, pwent->pw_dir, 4096);
	372	home[4095] = '\0';
	373	}
	374
	375	if ( (strlen(home) + strlen(_("/.yulectl_cred")) + 1) > 4096)
	376	{
	377	fprintf (stderr, _("ERROR: path for $HOME is too long.\n"));
	378	exit(EXIT_FAILURE);
	379	}
	380	strcat(home, _("/.yulectl_cred"));
	381	fp = fopen(home, "r");
	382	if (fp == NULL)
	383	{
	384	if (verbose && (errno == ENOENT))
	385	fprintf (stdout,
[98]	386	_("# No password file (%s) exists\n"),
[1]	387	home);
	388	else if (verbose)
	389	fprintf (stdout,
	390	_("# Password file (%s) not accessible for euid %ld uid %ld\n"),
	391	home, (long)geteuid(), (long)getuid());
	392	return;
	393	}
[34]	394	if (NULL == fgets(message2, sizeof(message2), fp))
[1]	395	{
	396	fprintf (stderr,
	397	_("ERROR: empty or unreadable password file (%s).\n"),
	398	home);
	399	exit(EXIT_FAILURE);
	400	}
[22]	401	if (strlen(message2) > 14)
[1]	402	{
	403	fprintf (stderr,
	404	_("ERROR: Password too long (max. 14 characters).\n"));
	405	exit(EXIT_FAILURE);
	406	}
	407
	408	if ( (0 != strlen(message2)) && ('\n' == message2[strlen(message2)-1]))
	409	{
	410	message2[strlen(message2)-1] = '\0';
	411	}
	412	strcpy(password, message2);
[22]	413	fclose(fp);
	414	do_msg:
[1]	415	strcat(message2, "@");
	416
	417	strncat(message2, message, SH_MAXMSG - strlen(message2) -1);
	418	message2[SH_MAXMSG-1] = '\0';
	419	strcpy(message, message2);
	420	return;
	421	}
	422
	423
	424	int
	425	main (int argc, char * argv[])
	426	{
	427
	428	char message[SH_MAXMSG] = "";
	429	char clientcd[1024];
	430	char serversock[256];
	431	int status, size;
	432	int num = 1;
	433	int flag = 0;
	434
	435	#ifdef HAVE_VSNPRINTF
	436	status = snprintf(serversock, 256, _("%s/%s.sock"),
	437	DEFAULT_PIDDIR, SH_INSTALL_NAME);
	438	#else
	439	if ((strlen(DEFAULT_PIDDIR) + strlen(SH_INSTALL_NAME) + 1 + 6) > 256)
	440	{
	441	status = -1;
	442	}
	443	else
	444	{
	445	status = sprintf (serversock, _("%s/%s.sock"),
	446	DEFAULT_PIDDIR, SH_INSTALL_NAME);
	447	}
	448	#endif
	449
	450	if ((status < 0) \|\| (status > 255))
	451	{
	452	fprintf(stderr, _("ERROR: Path too long (maximum 255): %s/%s.sock\n"),
	453	DEFAULT_PIDDIR, SH_INSTALL_NAME);
	454	return (EXIT_FAILURE);
	455	}
	456
	457	while (argc > 1 && argv[num][0] == '-')
	458	{
	459	switch (argv[num][1])
	460	{
	461	case 'h':
	462	usage(argv[0]);
	463	return (EXIT_SUCCESS);
	464
	465	case 'v':
	466	++verbose;
	467	break;
	468
	469	case 's':
	470	--argc; ++num;
	471	if (argv[num] == NULL \|\| argv[num][0] == '\0') {
	472	usage(argv[0]);
	473	fprintf(stderr, _("ERROR: -s: argument missing\n"));
	474	return (EXIT_FAILURE);
	475	} else {
	476	if (strlen(argv[num]) > 255)
	477	{
	478	fprintf(stderr, _("ERROR: Path too long: %s\n"), argv[num]);
	479	return (EXIT_FAILURE);
	480	}
	481	strncpy (serversock, argv[num], 256);
	482	serversock[255] = '\0';
	483	}
	484	break;
	485
	486	case 'c':
	487	--argc; ++num;
	488	if (argv[num] == NULL \|\| argv[num][0] == '\0') {
	489	usage(argv[0]);
	490	fprintf(stderr, _("ERROR: -c: argument missing\n"));
	491	return (EXIT_FAILURE);
	492	} else {
	493	if (strlen(argv[num]) >= SH_MAXMSG)
	494	{
	495	fprintf(stderr, _("ERROR: Command too long: %s\n"),
	496	argv[num]);
	497	return (EXIT_FAILURE);
	498	}
	499	strncpy (message, argv[num], SH_MAXMSG);
	500	message[SH_MAXMSG-1] = '\0';
	501	strncat(message, ":", SH_MAXMSG-strlen(message)-1);
	502	message[SH_MAXMSG-1] = '\0';
	503	flag = 1;
	504	}
	505	break;
	506
	507	default:
	508	usage(argv[0]);
	509	fprintf(stderr, _("ERROR: unknown option -%c\n"), argv[num][1]);
	510	return (EXIT_FAILURE);
	511	}
	512	--argc; ++num;
	513	}
	514
	515	if (flag == 0) /* no command given */
	516	{
	517	usage(argv[0]);
	518	return (EXIT_FAILURE);
	519	}
	520
	521	if (argc > 1)
	522	{
	523	if (strlen(argv[num]) > (SH_MAXMSG - strlen(message) -1))
	524	{
	525	fprintf(stderr, _("ERROR: Hostname too long: %s\n"), argv[num]);
	526	return (EXIT_FAILURE);
	527	}
	528	strncat (message, argv[num], SH_MAXMSG -strlen(message) - 1);
	529	message[SH_MAXMSG-1] = '\0';
	530	}
	531	else
	532	{
	533	if (message[0] == 'P' && message[1] == 'R' &&
	534	message[2] == 'O' && message[3] == 'B' && message[4] == 'E' )
	535	{
	536	strncat (message, _("dummy"), SH_MAXMSG -strlen(message) - 1);
	537	message[SH_MAXMSG-1] = '\0';
	538	}
	539	else if (message[0] == 'L' && message[1] == 'I' &&
	540	message[2] == 'S' && message[3] == 'T')
	541	{
	542	strncat (message, _("dummy"), SH_MAXMSG -strlen(message) - 1);
	543	message[SH_MAXMSG-1] = '\0';
	544	}
	545	else
	546	{
[34]	547	fprintf(stderr, _("ERROR: this command requires a hostname\n"));
[1]	548	usage(argv[0]);
	549	return (EXIT_FAILURE);
	550	}
	551	}
	552
	553	fixup_message(message);
	554
	555	/* OpenBSD wants >= 1024
	556	*/
	557	if (NULL == getcwd(clientcd, 1024))
	558	{
	559	perror(_("ERROR: getcwd"));
	560	return (EXIT_FAILURE);
	561	}
	562	size = strlen(clientcd) + 1 + strlen(CLIENT) + 6;
	563	sockname = malloc (size);
	564	if (!sockname)
	565	{
	566	perror(_("ERROR: main: malloc"));
	567	return (EXIT_FAILURE);
	568	}
[34]	569	#ifdef HAVE_VSNPRINTF
	570	snprintf(sockname, size, _("%s/%s.sock"), clientcd, CLIENT);
	571	#else
[1]	572	sprintf(sockname, _("%s/%s.sock"), clientcd, CLIENT);
[34]	573	#endif
[1]	574
	575	/* Make the socket.
	576	*/
	577	sock = make_named_socket (sockname);
	578	if (sock < 0)
	579	{
	580	return (EXIT_FAILURE);
	581	}
	582
	583	/* Set up termination handler.
	584	*/
	585	signal (SIGINT, termination_handler);
	586	signal (SIGHUP, termination_handler);
	587	signal (SIGTERM, termination_handler);
	588	signal (SIGQUIT, termination_handler);
	589
	590	/* Send the datagram.
	591	*/
	592	status = send_to_server (serversock, message);
	593	if (status < 0)
	594	{
	595	fprintf(stderr, _("ERROR: sending command to server failed\n"));
	596	(void) termination_handler(0);
	597	return (EXIT_FAILURE);
	598	}
	599
	600	/* Wait for a reply.
	601	*/
	602	if (message[0] == 'L' && message[1] == 'I' &&
	603	message[2] == 'S' && message[3] == 'T')
	604	{
	605	if (verbose)
	606	fprintf(stdout, _("# Waiting for listing.\n"));
	607	}
	608	else
	609	{
	610	if (verbose)
	611	fprintf(stdout, _("# Waiting for confirmation.\n"));
	612	}
	613	status = recv_from_server (message);
	614
	615	if (status < 0)
	616	{
	617	fprintf(stderr, _("ERROR: receiving data from server failed.\n"));
	618	(void) termination_handler(0);
	619	return (EXIT_FAILURE);
	620	}
	621
	622	/* Clean up. */
	623	(void) termination_handler(0);
	624	return (EXIT_SUCCESS);
	625	}
	626

Note: See TracBrowser for help on using the repository browser.

Download in other formats: