From 7f06f7fb26ee52547d30b620a4137bca0395da6d Mon Sep 17 00:00:00 2001
From: Uros Majstorovic <majstor@majstor.org>
Date: Thu, 16 May 2024 01:44:50 +0200
Subject: open handler moved to the end of open message; conn authenticator has
 access to remainder of open req msg; improved logging and error handling;
 removed extensions

---
 ecp/server/server.c | 74 ++++++++++++++++++++++++++++++++++++++---------------
 1 file changed, 54 insertions(+), 20 deletions(-)

(limited to 'ecp/server/server.c')

diff --git a/ecp/server/server.c b/ecp/server/server.c
index 1ec55f8..3fc0e7c 100644
--- a/ecp/server/server.c
+++ b/ecp/server/server.c
@@ -24,6 +24,8 @@
 static SRVConfig srv_config;
 static int proc_forked = 0;
 static FILE *log_file = NULL;
+
+int log_level;
 static const char *log_level_str[] = {
     "ERROR",
     "INFO",
@@ -91,32 +93,44 @@ static void conn_free(ECPConnection *conn) {
     free(conn);
 }
 
-static int conn_auth(ECPSocket *sock, ECPConnection *parent, unsigned char ctype, ecp_ecdh_public_t *public) {
+static ssize_t conn_auth(ECPSocket *sock, ECPConnection *parent, unsigned char ctype, ecp_ecdh_public_t *public, unsigned char *msg, size_t msg_size) {
     switch (ctype) {
         case CTYPE_DIR: {
-            if (public == NULL) return 0;
-            return acl_inlist(public);
+            if (public == NULL) return ECP_ERR_AUTH;
+            if (!acl_inlist(public)) return ECP_ERR_AUTH;
+            return 0;
         }
 
         case ECP_CTYPE_VLINK: {
-            if (public == NULL) return 0;
-            if (parent == NULL) return acl_inlist(public);
-            return 1;
+            if (public == NULL) return ECP_ERR_AUTH;
+            if ((parent == NULL) && !acl_inlist(public)) return ECP_ERR_AUTH;
+            return 0;
         }
 
         case ECP_CTYPE_DIR:
         case ECP_CTYPE_VCONN:
-            return 1;
+            return 0;
 
         default:
-            return 0;
+            return ECP_ERR_AUTH;
     }
 }
 
+static int core_logger(const char *format, ...) {
+    va_list ap;
+    FILE *file = log_file ? log_file : stderr;
+
+    va_start(ap, format);
+    log_vfprintf(LOG_ERR, file, format, ap);
+    va_end(ap);
+
+    return 0;
+}
+
 int ecp_init(ECPContext *ctx, ECPConnHandler *vconn_handler, ECPConnHandler *vlink_handler) {
     int rv;
 
-    rv = ecp_ctx_init(ctx, conn_auth, conn_new, conn_free, handle_err);
+    rv = ecp_ctx_init(ctx, conn_auth, conn_new, conn_free, handle_err, core_logger);
     if (rv) return rv;
 
     rv = ecp_vconn_handler_init(ctx, vconn_handler);
@@ -128,11 +142,12 @@ int ecp_init(ECPContext *ctx, ECPConnHandler *vconn_handler, ECPConnHandler *vli
     return ECP_OK;
 }
 
-void log_vfprintf(int level, FILE *file, char *format, va_list ap) {
+void log_vfprintf(int level, FILE *file, const char *format, va_list ap) {
     time_t t;
     char t_buf[26];
     char s_buf[256];
 
+    if (level > log_level) return;
     if (level >= (sizeof(log_level_str) / sizeof(char *))) return;
 
     t = time(NULL);
@@ -146,16 +161,18 @@ void log_vfprintf(int level, FILE *file, char *format, va_list ap) {
     fflush(file);
 }
 
-void log_printf(int level, char *format, ...) {
+void log_printf(int level, const char *format, ...) {
     va_list ap;
     FILE *file = log_file ? log_file : stderr;
 
+    if (level > log_level) return;
+
     va_start(ap, format);
     log_vfprintf(level, file, format, ap);
     va_end(ap);
 }
 
-static void fail(char *format, ...) {
+static void fail(const char *format, ...) {
     va_list ap;
     FILE *file;
 
@@ -179,8 +196,11 @@ static void usage(char *arg) {
     fprintf(stderr, "\t-d\n");
     fprintf(stderr, "\t\tdetach\n");
 
-    fprintf(stderr, "\t-l <log file>\n");
-    fprintf(stderr, "\t\twrite optput to <log file>\n");
+    fprintf(stderr, "\t-l <level>\n");
+    fprintf(stderr, "\t\tset log level: 0 - error, 1 - info, 2 - debug\n");
+
+    fprintf(stderr, "\t-f <log file>\n");
+    fprintf(stderr, "\t\twrite log to <log file>\n");
 
     fprintf(stderr, "\t-u <uid>\n");
     fprintf(stderr, "\t\trun as user <uid>\n");
@@ -201,7 +221,8 @@ static void daemonize(void) {
 
     proc_forked = 1;
 
-    if (setsid() < 0) fail("setsid failed\n");
+    pid = setsid()
+    if (pid < 0) fail("setsid failed\n");
 
     /* second fork */
     pid = fork();
@@ -210,18 +231,18 @@ static void daemonize(void) {
 
     /* redirect stdio to /dev/null */
     null_rd = open("/dev/null", O_RDONLY);
-    if (null_rd == -1) fail("open (r) /dev/null failed\n");
+    if (null_rd < 0) fail("open (r) /dev/null failed\n");
     null_wr = open("/dev/null", O_WRONLY);
-    if (null_wr == -1) fail("open (w) /dev/null failed\n");
+    if (null_wr < 0) fail("open (w) /dev/null failed\n");
 
     rv = dup2(null_rd, STDIN_FILENO);
-    if (rv == -1) fail("dup2 (stdin) failed\n");
+    if (rv < 0) fail("dup2 (stdin) failed\n");
 
     rv = dup2(null_wr, STDOUT_FILENO);
-    if (rv == -1) fail("dup2 (stdout) failed\n");
+    if (rv < 0) fail("dup2 (stdout) failed\n");
 
     rv = dup2(null_wr, STDERR_FILENO);
-    if (rv == -1) fail("dup2 (stderr) failed\n");
+    if (rv < 0) fail("dup2 (stderr) failed\n");
 
     close(null_rd);
     close(null_wr);
@@ -263,7 +284,20 @@ int main(int argc, char *argv[]) {
                 detach = 1;
                 break;
             }
+
             case 'l': {
+                _argi++;
+                _argc--;
+                if (_argc == 0) usage(argv[0]);
+                log_fn = strdup(argv[_argi]);
+                log_level = (uint8_t)strtol(argv[_argi], &endptr, 10);
+                if ((endptr[0] != '\0') || log_level > LOG_MAX_LEVEL) fail("Bad log level\n");
+                _argi++;
+                _argc--;
+                break;
+            }
+
+            case 'f': {
                 _argi++;
                 _argc--;
                 if (_argc == 0) usage(argv[0]);
-- 
cgit v1.2.3