2009-01-26 19:21:29 +00:00
|
|
|
// vim:foldmethod=marker:syntax=lpc:noexpandtab
|
2009-01-26 20:12:53 +00:00
|
|
|
// $Id: circuit.c,v 1.38 2008/10/14 19:02:29 lynx Exp $
|
2009-01-26 19:21:29 +00:00
|
|
|
|
|
|
|
|
#include "psyc.h"
|
2011-05-24 14:16:56 +00:00
|
|
|
#ifdef LIBPSYC
|
2011-05-19 15:41:48 +00:00
|
|
|
|
2009-01-26 19:21:29 +00:00
|
|
|
#include <net.h>
|
2009-03-03 23:40:26 +00:00
|
|
|
#include <uniform.h>
|
2009-01-26 19:21:29 +00:00
|
|
|
#include <tls.h>
|
|
|
|
|
#include <text.h>
|
|
|
|
|
|
|
|
|
|
inherit NET_PATH "trust";
|
|
|
|
|
inherit NET_PATH "spyc/parse";
|
|
|
|
|
virtual inherit NET_PATH "output";
|
|
|
|
|
|
|
|
|
|
volatile string peerhost;
|
|
|
|
|
volatile string peeraddr;
|
|
|
|
|
volatile string peerip;
|
|
|
|
|
volatile int peerport;
|
|
|
|
|
|
|
|
|
|
volatile string netloc;
|
|
|
|
|
|
|
|
|
|
#ifndef NEW_RENDER
|
|
|
|
|
# define NEW_RENDER
|
|
|
|
|
#endif
|
2011-01-21 17:12:46 +00:00
|
|
|
#include "render.i"
|
2009-01-26 19:21:29 +00:00
|
|
|
|
|
|
|
|
// this is completely anti-psyc. it should take mcs as arguments
|
|
|
|
|
// and look up the actual message from textdb.. FIXME
|
2009-12-28 03:19:44 +00:00
|
|
|
#define CIRCUITERROR(reason) { \
|
2009-01-26 19:21:29 +00:00
|
|
|
croak("_error_circuit", "circuit error: " \
|
|
|
|
|
reason); \
|
|
|
|
|
return 0; \
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-22 23:33:12 +00:00
|
|
|
mapping instate = ([ ]);
|
2009-01-26 19:21:29 +00:00
|
|
|
mapping outstate;
|
|
|
|
|
|
|
|
|
|
mapping legal_senders;
|
|
|
|
|
|
2011-07-31 08:33:35 +00:00
|
|
|
array(mixed) verify_queue = ({ });
|
2009-01-26 19:21:29 +00:00
|
|
|
|
|
|
|
|
volatile int flags = 0;
|
|
|
|
|
|
|
|
|
|
void circuit_msg(string mc, mapping vars, string data); // prototype
|
|
|
|
|
varargs int msg(string source, string mc, string data,
|
|
|
|
|
mapping vars, int showingLog, mixed target); // prototype
|
|
|
|
|
protected void quit(); // prototype
|
|
|
|
|
void runQ();
|
|
|
|
|
|
|
|
|
|
int isServer() { return 0; }
|
|
|
|
|
|
2011-05-23 20:08:00 +00:00
|
|
|
void connection_peek(string data) {
|
2011-05-22 23:33:12 +00:00
|
|
|
#if __EFUN_DEFINED__(enable_binary)
|
|
|
|
|
enable_binary(ME);
|
|
|
|
|
#else
|
|
|
|
|
raise_error("Driver compiled without enable_binary()");
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-26 19:21:29 +00:00
|
|
|
void feed(string data) {
|
|
|
|
|
input_to(#'feed, INPUT_IGNORE_BANG);
|
|
|
|
|
::feed(data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// yes, this is a funny implementation of croak
|
|
|
|
|
// it does not use msg(). Yes, that is intended
|
|
|
|
|
varargs mixed croak(string mc, string data, vamapping vars, vamixed source) {
|
2009-12-28 03:19:44 +00:00
|
|
|
PT(("croak(%O) in %O (%O)\n", mc, ME, query_ip_name()))
|
|
|
|
|
unless (data) data = T(mc, "");
|
2009-01-26 19:21:29 +00:00
|
|
|
binary_message(sprintf("\n%s\n%s\n|\n", mc, data));
|
2009-12-28 03:19:44 +00:00
|
|
|
// right behaviour for all croaks!?
|
|
|
|
|
remove_interactive(ME);
|
|
|
|
|
// destruct(ME);
|
2009-01-26 19:21:29 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2009-03-03 15:28:17 +00:00
|
|
|
// request sender authentication and/or target acknowledgement
|
|
|
|
|
// from the remote side
|
2011-07-31 08:33:35 +00:00
|
|
|
void sender_verification(string sourcehost, mixed targethost)
|
2009-03-03 15:28:17 +00:00
|
|
|
{
|
2011-07-31 08:33:35 +00:00
|
|
|
unless(interactive()) {
|
|
|
|
|
verify_queue += ({ ({ sourcehost, targethost }) });
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
mapping vars = ([ "_uniform_source" : sourcehost,
|
|
|
|
|
"_uniform_target" : targethost,
|
2009-03-03 15:28:17 +00:00
|
|
|
"_tag" : RANDHEXSTRING ]);
|
2011-07-31 08:33:35 +00:00
|
|
|
P0(("sender_verification(%O, %O)\n", sourcehost, targethost))
|
|
|
|
|
// since we send packets to them we should trust them to
|
|
|
|
|
// send packets to us, eh?
|
|
|
|
|
if (stringp(targethost)) {
|
|
|
|
|
targethost = parse_uniform(targethost);
|
2009-03-03 15:28:17 +00:00
|
|
|
}
|
2011-07-31 08:33:35 +00:00
|
|
|
sAuthenticated(targethost[UHost]);
|
|
|
|
|
msg(0, "_request_authorization", 0, vars);
|
2009-03-03 15:28:17 +00:00
|
|
|
}
|
|
|
|
|
|
2009-01-26 19:21:29 +00:00
|
|
|
// gets called during socket logon
|
2009-01-26 20:12:53 +00:00
|
|
|
int logon(int failure) {
|
2009-01-26 19:21:29 +00:00
|
|
|
sAuthHosts(([ ])); // reset authhosts
|
|
|
|
|
legal_senders = ([ ]);
|
2011-05-22 23:33:12 +00:00
|
|
|
instate = ([ "_INTERNAL_origin" : ME ]);
|
2009-01-26 19:21:29 +00:00
|
|
|
outstate = ([ ]);
|
|
|
|
|
#ifdef __TLS__
|
|
|
|
|
mixed cert;
|
|
|
|
|
if (tls_available() && tls_query_connection_state(ME) == 1 && mappingp(cert = tls_certificate(ME, 0))) {
|
|
|
|
|
mixed m, t;
|
|
|
|
|
if (cert[0] != 0) {
|
|
|
|
|
// log error 17 + cert here
|
|
|
|
|
// and goodbye.
|
|
|
|
|
P0(("%O encountered a cert verify error %O in %O\n", ME,
|
|
|
|
|
cert[0], cert))
|
|
|
|
|
remove_interactive(ME);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
if (m = cert["2.5.29.17:dNSName"]) {
|
|
|
|
|
// FIXME: this does not yet handle wildcard DNS names
|
|
|
|
|
P1(("%O believing dNSName %O\n", ME, m))
|
|
|
|
|
// probably also: register_target?
|
|
|
|
|
// but be careful never to register_target wildcards
|
|
|
|
|
if (stringp(m))
|
2011-07-31 08:46:36 +00:00
|
|
|
sAuthenticated(m);
|
2009-01-26 19:21:29 +00:00
|
|
|
else
|
|
|
|
|
foreach(t : m)
|
2011-07-31 08:46:36 +00:00
|
|
|
sAuthenticated(t);
|
2009-01-26 19:21:29 +00:00
|
|
|
}
|
|
|
|
|
//#ifdef _flag_allow_certificate_name_common // to be switched this year
|
|
|
|
|
#ifndef _flag_disallow_certificate_name_common
|
|
|
|
|
// assume that CN is a host
|
|
|
|
|
// as this is an assumption only, we may NEVER register_target it
|
|
|
|
|
// note: CN is deprecated for good reasons.
|
|
|
|
|
else if (t = cert["2.5.4.3"]) {
|
|
|
|
|
P1(("%O believing CN %O\n", ME, t))
|
2011-07-31 08:46:36 +00:00
|
|
|
sAuthenticated(t);
|
2009-01-26 19:21:29 +00:00
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
if (m = tls_query_connection_info(ME)) {
|
|
|
|
|
P2(("%O is using the %O cipher.\n", ME, m[TLS_CIPHER]))
|
|
|
|
|
// shouldn't our negotiation have ensured we have PFS?
|
|
|
|
|
if (stringp(t = m[TLS_CIPHER]) &&! abbrev("DHE", t)) {
|
|
|
|
|
// croak("_warning_circuit_encryption_cipher",
|
|
|
|
|
// "Your cipher choice does not provide forward secrecy.");
|
|
|
|
|
monitor_report(
|
|
|
|
|
"_warning_circuit_encryption_cipher_details",
|
|
|
|
|
object_name(ME) +" · using "+ t +" cipher");
|
|
|
|
|
//debug_message(sprintf(
|
|
|
|
|
// "TLS connection info for %O is %O\n", ME, m));
|
|
|
|
|
//QUIT // are we ready for *this* !???
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
peerip = query_ip_number(ME) || "127.0.0.1";
|
|
|
|
|
|
|
|
|
|
input_to(#'feed, INPUT_IGNORE_BANG);
|
|
|
|
|
|
|
|
|
|
call_out(#'quit, 90);
|
|
|
|
|
flags = TCP_PENDING_TIMEOUT;
|
|
|
|
|
|
|
|
|
|
parser_init();
|
|
|
|
|
|
|
|
|
|
// FIXME
|
|
|
|
|
unless(isServer()) {
|
|
|
|
|
emit("|\n"); // initial greeting
|
2011-07-31 08:33:35 +00:00
|
|
|
if (sizeof(verify_queue)) {
|
|
|
|
|
foreach(mixed t : verify_queue) {
|
|
|
|
|
sender_verification(t[0], t[1]);
|
|
|
|
|
}
|
|
|
|
|
verify_queue = ({ });
|
2009-03-03 15:28:17 +00:00
|
|
|
}
|
2009-01-26 19:21:29 +00:00
|
|
|
}
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int disconnected(string remaining) {
|
|
|
|
|
// i love to copy+paste source codes! thx for NOT sharing.. grrr
|
|
|
|
|
#if DEBUG > 0
|
|
|
|
|
if (remaining && (!stringp(remaining) || strlen(remaining)))
|
|
|
|
|
PP(("%O ignoring remaining data from socket: %O\n", ME,
|
|
|
|
|
remaining));
|
|
|
|
|
#endif
|
|
|
|
|
// wow.. a sincerely expected disconnect!
|
|
|
|
|
if (flags & TCP_PENDING_DISCONNECT) return 1;
|
2011-01-19 21:19:34 +00:00
|
|
|
#ifdef _flag_enable_report_failure_network_circuit_disconnect
|
2009-01-26 19:21:29 +00:00
|
|
|
monitor_report("_failure_network_circuit_disconnect",
|
|
|
|
|
object_name(ME) +" · lost PSYC circuit");
|
2011-01-19 21:19:34 +00:00
|
|
|
#else
|
|
|
|
|
P1(("%O disconnected unexpectedly\n", ME))
|
|
|
|
|
#endif
|
|
|
|
|
return 0; // unexpected
|
|
|
|
|
|
2009-01-26 19:21:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// respond to the first empty packet
|
|
|
|
|
first_response() {
|
|
|
|
|
emit("|\n");
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-26 20:12:53 +00:00
|
|
|
#define PSYC_TCP
|
|
|
|
|
#include "dispatch.i"
|
2009-01-26 19:21:29 +00:00
|
|
|
|
|
|
|
|
// receives a msg from the remote side
|
|
|
|
|
// note: this is circuit-messaging
|
|
|
|
|
void circuit_msg(string mc, mapping vars, string data) {
|
2011-07-31 08:33:35 +00:00
|
|
|
mapping rv = ([ ]);
|
|
|
|
|
mixed *u;
|
2009-01-26 19:21:29 +00:00
|
|
|
switch(mc) {
|
2011-07-31 08:33:35 +00:00
|
|
|
case "_request_authorization":
|
|
|
|
|
if (vars["_tag"]) {
|
|
|
|
|
rv["_tag_relay"] = vars["_tag"];
|
2009-01-26 19:21:29 +00:00
|
|
|
}
|
2011-07-31 08:33:35 +00:00
|
|
|
if (!vars["_uniform_source"] && vars["_uniform_target"]) {
|
|
|
|
|
CIRCUITERROR("_request_authorization without uniform source and/or target?!");
|
2009-01-26 19:21:29 +00:00
|
|
|
}
|
2011-07-31 08:33:35 +00:00
|
|
|
|
|
|
|
|
rv["_uniform_target"] = vars["_uniform_target"];
|
|
|
|
|
rv["_uniform_source"] = vars["_uniform_source"];
|
|
|
|
|
|
|
|
|
|
u = parse_uniform(vars["_uniform_target"]);
|
|
|
|
|
if (!(u && is_localhost(u[UHost]))) {
|
|
|
|
|
msg(0, "_error_invalid_uniform_target", "[_uniform_target] is not hosted here.", rv);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
u = parse_uniform(vars["_uniform_source"]);
|
2011-07-31 08:46:36 +00:00
|
|
|
// qAuthenticated does that:u[UHost] = NAMEPREP(u[UHost]);
|
2011-07-31 08:33:35 +00:00
|
|
|
if (qAuthenticated(u[UHost])) {
|
|
|
|
|
// possibly different _uniform_target only
|
|
|
|
|
if (flags & TCP_PENDING_TIMEOUT) {
|
|
|
|
|
P0(("removing call out\n"))
|
|
|
|
|
remove_call_out(#'quit);
|
|
|
|
|
flags -= TCP_PENDING_TIMEOUT;
|
|
|
|
|
}
|
|
|
|
|
msg(0, "_status_authorization", 0, rv);
|
|
|
|
|
// } else if (tls_query_connection_state(ME) == 1 && ...) {
|
|
|
|
|
// FIXME
|
2009-01-26 19:21:29 +00:00
|
|
|
} else {
|
2011-07-31 08:33:35 +00:00
|
|
|
string ho = u[UHost];
|
|
|
|
|
// FIXME: this actually needs to consider srv, too...
|
|
|
|
|
dns_resolve(ho, (:
|
|
|
|
|
// FIXME: psyc/parse::deliver is much better here
|
|
|
|
|
P0(("resolved %O to %O, expecting %O\n", ho, $1, peerip))
|
|
|
|
|
if ($1 == peerip) {
|
|
|
|
|
sAuthenticated(ho);
|
|
|
|
|
if (flags & TCP_PENDING_TIMEOUT) {
|
|
|
|
|
P0(("removing call out\n"))
|
|
|
|
|
remove_call_out(#'quit);
|
|
|
|
|
flags -= TCP_PENDING_TIMEOUT;
|
|
|
|
|
}
|
|
|
|
|
msg(0, "_status_authorization", 0, rv);
|
|
|
|
|
} else {
|
|
|
|
|
msg(0, "_error_invalid_uniform_source", 0, rv);
|
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
:));
|
2009-01-26 19:21:29 +00:00
|
|
|
}
|
|
|
|
|
break;
|
2011-07-31 08:33:35 +00:00
|
|
|
case "_status_authorization":
|
|
|
|
|
P0(("_status authorization with %O\n", vars))
|
|
|
|
|
// this means we can send from _uniform_source to _uniform_target
|
|
|
|
|
// we already did sAuthenticated _uniform_target before so we can't get
|
|
|
|
|
// tricked into it here
|
2009-01-26 19:21:29 +00:00
|
|
|
if (function_exists("runQ")) {
|
2011-07-31 08:33:35 +00:00
|
|
|
runQ();
|
|
|
|
|
// actually runQ(_uniform_source, _uniform_target)
|
2009-01-26 19:21:29 +00:00
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
P0(("%O got circuit_msg %O, not implemented\n", ME, mc))
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// delivers a message to the remote side
|
|
|
|
|
varargs int msg(string source, string mc, string data,
|
|
|
|
|
mapping vars, int showingLog, mixed target) {
|
|
|
|
|
|
|
|
|
|
string buf = "";
|
2011-07-31 08:33:35 +00:00
|
|
|
mixed u;
|
2009-01-26 19:21:29 +00:00
|
|
|
|
|
|
|
|
unless(vars) vars = ([ ]);
|
2011-05-21 16:48:24 +00:00
|
|
|
buf = render_psyc(source, mc, data, vars, showingLog, target);
|
2009-01-26 20:12:53 +00:00
|
|
|
#ifdef _flag_log_sockets_SPYC
|
2009-02-25 14:12:44 +00:00
|
|
|
log_file("RAW_SPYC", "« %O\n%s\n", ME, buf);
|
2009-01-26 19:21:29 +00:00
|
|
|
#endif
|
|
|
|
|
return emit(buf);
|
|
|
|
|
}
|
2011-05-19 15:41:48 +00:00
|
|
|
|
2011-05-24 14:16:56 +00:00
|
|
|
#endif // LIBPSYC
|
