cfengine  3.15.4
About: CFEngine is a configuration management system for configuring and maintaining Unix-like computers (using an own high level policy language). Community version.
  Fossies Dox: cfengine-3.15.4.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

server_common.c File Reference
#include <server_common.h>
#include <item_lib.h>
#include <string_lib.h>
#include <regex.h>
#include <crypto.h>
#include <files_names.h>
#include <files_interfaces.h>
#include <hash.h>
#include <file_lib.h>
#include <eval_context.h>
#include <dir.h>
#include <conversion.h>
#include <matching.h>
#include <pipes.h>
#include <classic.h>
#include <net.h>
#include <openssl/err.h>
#include <protocol.h>
#include <tls_generic.h>
#include <rlist.h>
#include <cf-serverd-enterprise-stubs.h>
#include <connection_info.h>
#include <misc_lib.h>
#include <cf-windows-functions.h>
#include <mutex.h>
#include <stat_cache.h>
#include "server_access.h"
Include dependency graph for server_common.c:

Go to the source code of this file.

Functions

void RefuseAccess (ServerConnectionState *conn, char *errmesg)
 
bool IsUserNameValid (const char *username)
 
bool AllowedUser (char *user)
 
ItemListPersistentClasses ()
 
static void ReplyNothing (ServerConnectionState *conn)
 
bool MatchClasses (const EvalContext *ctx, ServerConnectionState *conn)
 
void Terminate (ConnectionInfo *connection)
 
static bool TransferRights (const ServerConnectionState *conn, const char *filename, const struct stat *sb)
 
static void AbortTransfer (ConnectionInfo *connection, char *filename)
 
static void FailedTransfer (ConnectionInfo *connection)
 
void CfGetFile (ServerFileGetState *args)
 
void CfEncryptGetFile (ServerFileGetState *args)
 
int StatFile (ServerConnectionState *conn, char *sendbuffer, char *ofilename)
 
bool CompareLocalHash (const char *filename, const char digest[EVP_MAX_MD_SIZE+1], char sendbuffer[sizeof("CFD_FALSE")])
 
void GetServerLiteral (EvalContext *ctx, ServerConnectionState *conn, char *sendbuffer, char *recvbuffer, int encrypted)
 
bool GetServerQuery (ServerConnectionState *conn, char *recvbuffer, int encrypt)
 
void ReplyServerContext (ServerConnectionState *conn, int encrypted, Item *classes)
 
int CfOpenDirectory (ServerConnectionState *conn, char *sendbuffer, char *oldDirname)
 
int CfSecOpenDirectory (ServerConnectionState *conn, char *sendbuffer, char *dirname)
 
size_t ReplaceSpecialVariables (char *buf, size_t buf_size, const char *find1, const char *repl1, const char *find2, const char *repl2, const char *find3, const char *repl3)
 
bool PathRemoveTrailingSlash (char *s, size_t s_len)
 
bool PathAppendTrailingSlash (char *s, size_t s_len)
 
static bool PathIsAbsolute (const char *s)
 
size_t ShortcutsExpand (char *path, size_t path_size, const StringMap *shortcuts, const char *ipaddr, const char *hostname, const char *key)
 
size_t PreprocessRequestPath (char *reqpath, size_t reqpath_size)
 
void SetConnIdentity (ServerConnectionState *conn, const char *username)
 
static bool CharsetAcceptable (const char *s, size_t s_len)
 
static bool AuthorizeDelimitedArgs (const ServerConnectionState *conn, struct acl *acl, char **args_start, size_t *args_len)
 
bool DoExec2 (const EvalContext *ctx, ServerConnectionState *conn, char *exec_args, char *sendbuf, size_t sendbuf_size)
 

Variables

static const int CF_NOSIZE = -1
 

Function Documentation

◆ AbortTransfer()

static void AbortTransfer ( ConnectionInfo connection,
char *  filename 
)
static

◆ AllowedUser()

bool AllowedUser ( char *  user)

Definition at line 84 of file server_common.c.

References ServerAccess::allowuserlist, IsItemIn(), Log(), LOG_LEVEL_DEBUG, and SERVER_ACCESS.

Referenced by DoExec2().

◆ AuthorizeDelimitedArgs()

static bool AuthorizeDelimitedArgs ( const ServerConnectionState conn,
struct acl acl,
char **  args_start,
size_t *  args_len 
)
static
Parameters
args_startis a comma separated list of words, which may be prefixed with spaces and suffixed with spaces and other words. Example: " asd,fgh,jk blah". In this example the list has 3 words, and "blah" is not one of them.

Both #args_start and #args_len are in-out parameters. At the end of execution #args_start returns the real start of the list, and #args_len the real length.

Definition at line 1502 of file server_common.c.

References acl_CheckRegex(), CharsetAcceptable(), ServerConnectionState_::conn_info, ServerConnectionState_::ipaddr, KeyPrintableHash(), Log(), LOG_LEVEL_INFO, NULL, ConnectionInfo::remote_key, ServerConnectionState_::revdns, strchrnul(), and ServerConnectionState_::username.

Referenced by DoExec2().

◆ CfEncryptGetFile()

◆ CfGetFile()

◆ CfOpenDirectory()

◆ CfSecOpenDirectory()

◆ CharsetAcceptable()

static bool CharsetAcceptable ( const char *  s,
size_t  s_len 
)
static

Definition at line 1470 of file server_common.c.

References Log(), and LOG_LEVEL_INFO.

Referenced by AuthorizeDelimitedArgs().

◆ CompareLocalHash()

bool CompareLocalHash ( const char *  filename,
const char  digest[EVP_MAX_MD_SIZE+1],
char  sendbuffer[sizeof("CFD_FALSE")] 
)

◆ DoExec2()

bool DoExec2 ( const EvalContext ctx,
ServerConnectionState conn,
char *  exec_args,
char *  sendbuf,
size_t  sendbuf_size 
)

◆ FailedTransfer()

static void FailedTransfer ( ConnectionInfo connection)
static

◆ GetServerLiteral()

void GetServerLiteral ( EvalContext ctx,
ServerConnectionState conn,
char *  sendbuffer,
char *  recvbuffer,
int  encrypted 
)

◆ GetServerQuery()

bool GetServerQuery ( ServerConnectionState conn,
char *  recvbuffer,
int  encrypt 
)

Definition at line 918 of file server_common.c.

References CF_BUFSIZE, and ReturnQueryData().

Referenced by BusyWithClassicConnection(), and BusyWithNewProtocol().

◆ IsUserNameValid()

bool IsUserNameValid ( const char *  username)

Definition at line 71 of file server_common.c.

References NULL.

Referenced by BusyWithClassicConnection(), and ServerIdentificationDialog().

◆ ListPersistentClasses()

◆ MatchClasses()

◆ PathAppendTrailingSlash()

bool PathAppendTrailingSlash ( char *  s,
size_t  s_len 
)

Append a trailing FILE_SEPARATOR if it's not there.

Definition at line 1152 of file server_common.c.

References FILE_SEPARATOR.

Referenced by BusyWithNewProtocol(), KeepFileAccessPromise(), and PreprocessRequestPath().

◆ PathIsAbsolute()

static bool PathIsAbsolute ( const char *  s)
static

Definition at line 1167 of file server_common.c.

References FILE_SEPARATOR.

Referenced by PreprocessRequestPath(), and ShortcutsExpand().

◆ PathRemoveTrailingSlash()

bool PathRemoveTrailingSlash ( char *  s,
size_t  s_len 
)

Remove trailing FILE_SEPARATOR, unless we're referring to root dir: '/' or 'a:\'

Definition at line 1134 of file server_common.c.

References FILE_SEPARATOR, and NULL.

Referenced by BusyWithNewProtocol().

◆ PreprocessRequestPath()

size_t PreprocessRequestPath ( char *  reqpath,
size_t  reqpath_size 
)

Canonicalize a path, ensure it is absolute, and resolve all symlinks. In detail:

  1. MinGW: Translate to windows-compatible: slashes to FILE_SEPARATOR and uppercase to lowercase.
  2. Ensure the path is absolute.
  3. Resolve symlinks, resolve '.' and '..' and remove double '/' WARNING this will currently fail if file does not exist, returning -1 and setting errno==ENOENT!
Note
trailing slash is left as is if it's there.
#reqpath is written in place (if success was returned). It is always an absolute path.
#reqpath is invalid to be of zero length.
#reqpath_size must be at least PATH_MAX.
Returns
the length of #reqpath after preprocessing. In case of error return (size_t) -1.

Definition at line 1320 of file server_common.c.

References CF_BUFSIZE, errno, FILE_SEPARATOR, GetErrorStr(), Log(), LOG_LEVEL_INFO, LOG_LEVEL_VERBOSE, lstat(), NULL, PATH_MAX, PathAppendTrailingSlash(), PathIsAbsolute(), S_ISLNK, strlcpy(), ToLowerStrInplace(), and UnexpectedError.

Referenced by BusyWithNewProtocol(), DoExec2(), and KeepFileAccessPromise().

◆ RefuseAccess()

◆ ReplaceSpecialVariables()

size_t ReplaceSpecialVariables ( char *  buf,
size_t  buf_size,
const char *  find1,
const char *  repl1,
const char *  find2,
const char *  repl2,
const char *  find3,
const char *  repl3 
)

Search and replace occurrences of #find1, #find2, #find3, with #repl1, #repl2, #repl3 respectively.

"$(connection.ip)" from "191.168.0.1" "$(connection.hostname)" from "blah.cfengine.com", "$(connection.key)" from "SHA=asdfghjkl"

Returns
the output length of #buf, (size_t) -1 if overflow would occur, or 0 if no replacement happened and #buf was not touched.

@TODO change the function to more generic interface accepting arbitrary find/replace pairs.

Definition at line 1098 of file server_common.c.

References MAX, NULL, and StringReplace().

Referenced by acl_CheckPath(), and ShortcutsExpand().

◆ ReplyNothing()

◆ ReplyServerContext()

◆ SetConnIdentity()

void SetConnIdentity ( ServerConnectionState conn,
const char *  username 
)

◆ ShortcutsExpand()

size_t ShortcutsExpand ( char *  path,
size_t  path_size,
const StringMap shortcuts,
const char *  ipaddr,
const char *  hostname,
const char *  key 
)

If #path is relative, expand the first part accorting to #shortcuts, doing any replacements of special variables "$(connection.*)" on the way, with the provided #ipaddr, #hostname, #key.

Returns
the length of the new string or 0 if no replace took place. -1 in case of overflow.

Definition at line 1198 of file server_common.c.

References FILE_SEPARATOR, Log(), LOG_LEVEL_DEBUG, LOG_LEVEL_INFO, NULL, PathIsAbsolute(), ReplaceSpecialVariables(), StringMapGet(), and UnexpectedError.

Referenced by BusyWithClassicConnection(), and BusyWithNewProtocol().

◆ StatFile()

◆ Terminate()

void Terminate ( ConnectionInfo connection)

◆ TransferRights()

static bool TransferRights ( const ServerConnectionState conn,
const char *  filename,
const struct stat *  sb 
)
static

Variable Documentation

◆ CF_NOSIZE

const int CF_NOSIZE = -1
static

Definition at line 26 of file server_common.c.

Referenced by StatFile().