Admin.c 19 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566
  1. /* vim: set expandtab ts=4 sw=4: */
  2. /*
  3. * You may redistribute this program and/or modify it under the terms of
  4. * the GNU General Public License as published by the Free Software Foundation,
  5. * either version 3 of the License, or (at your option) any later version.
  6. *
  7. * This program is distributed in the hope that it will be useful,
  8. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  9. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  10. * GNU General Public License for more details.
  11. *
  12. * You should have received a copy of the GNU General Public License
  13. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  14. */
  15. #include "admin/Admin.h"
  16. #include "benc/String.h"
  17. #include "benc/Int.h"
  18. #include "benc/Dict.h"
  19. #include "benc/serialization/BencSerializer.h"
  20. #include "benc/serialization/standard/StandardBencSerializer.h"
  21. #include "interface/addressable/AddrInterface.h"
  22. #include "io/Reader.h"
  23. #include "io/ArrayReader.h"
  24. #include "io/ArrayWriter.h"
  25. #include "io/Writer.h"
  26. #include "memory/Allocator.h"
  27. #include "util/Assert.h"
  28. #include "util/Bits.h"
  29. #include "util/Hex.h"
  30. #include "util/log/Log.h"
  31. #include "util/events/Time.h"
  32. #include "util/events/Timeout.h"
  33. #include "util/Identity.h"
  34. #include "util/platform/Sockaddr.h"
  35. #define string_strstr
  36. #define string_strcmp
  37. #define string_strlen
  38. #include "util/platform/libc/string.h"
  39. #include <crypto_hash_sha256.h>
  40. #include <stdlib.h>
  41. #include <stdio.h>
  42. static String* TYPE = String_CONST_SO("type");
  43. static String* REQUIRED = String_CONST_SO("required");
  44. static String* STRING = String_CONST_SO("String");
  45. static String* INTEGER = String_CONST_SO("Int");
  46. static String* DICT = String_CONST_SO("Dict");
  47. static String* LIST = String_CONST_SO("List");
  48. static String* TXID = String_CONST_SO("txid");
  49. /** Number of milliseconds before a session times out and outgoing messages are failed. */
  50. #define TIMEOUT_MILLISECONDS 30000
  51. /** map values for tracking time of last message by source address */
  52. struct MapValue
  53. {
  54. /** time when the last incoming message was received. */
  55. uint64_t timeOfLastMessage;
  56. /** used to allocate the memory for the key (Sockaddr) and value (this). */
  57. struct Allocator* allocator;
  58. };
  59. //////// generate time-of-last-message-by-address map
  60. #define Map_USE_HASH
  61. #define Map_USE_COMPARATOR
  62. #define Map_NAME LastMessageTimeByAddr
  63. #define Map_KEY_TYPE struct Sockaddr*
  64. #define Map_VALUE_TYPE struct MapValue*
  65. #include "util/Map.h"
  66. static inline uint32_t Map_LastMessageTimeByAddr_hash(struct Sockaddr** key)
  67. {
  68. uint32_t* k = (uint32_t*) *key;
  69. return k[ ((*key)->addrLen / 4)-1 ];
  70. }
  71. static inline int Map_LastMessageTimeByAddr_compare(struct Sockaddr** keyA, struct Sockaddr** keyB)
  72. {
  73. return Bits_memcmp(*keyA, *keyB, (*keyA)->addrLen);
  74. }
  75. /////// end map
  76. struct Function
  77. {
  78. String* name;
  79. Admin_Function call;
  80. void* context;
  81. bool needsAuth;
  82. Dict* args;
  83. };
  84. struct Admin
  85. {
  86. struct EventBase* eventBase;
  87. struct Function* functions;
  88. int functionCount;
  89. struct Allocator* allocator;
  90. String* password;
  91. struct Log* logger;
  92. struct AddrInterface* iface;
  93. struct Map_LastMessageTimeByAddr map;
  94. /** non-null if we are currently in an admin request. */
  95. struct Message* currentRequest;
  96. /** non-zero if this session able to receive asynchronous messages. */
  97. int asyncEnabled;
  98. /** Length of addresses of clients which communicate with admin. */
  99. uint32_t addrLen;
  100. Identity
  101. };
  102. static uint8_t sendMessage(struct Message* message, struct Sockaddr* dest, struct Admin* admin)
  103. {
  104. // stack overflow when used with admin logger.
  105. //Log_keys(admin->logger, "sending message to angel [%s]", message->bytes);
  106. Message_push(message, dest, dest->addrLen, NULL);
  107. return admin->iface->generic.sendMessage(message, &admin->iface->generic);
  108. }
  109. static int sendBenc(Dict* message,
  110. struct Sockaddr* dest,
  111. struct Allocator* alloc,
  112. struct Admin* admin)
  113. {
  114. #define SEND_MESSAGE_PADDING 32
  115. uint8_t buff[Admin_MAX_RESPONSE_SIZE + SEND_MESSAGE_PADDING];
  116. struct Writer* w = ArrayWriter_new(buff + SEND_MESSAGE_PADDING,
  117. Admin_MAX_RESPONSE_SIZE,
  118. alloc);
  119. StandardBencSerializer_get()->serializeDictionary(w, message);
  120. struct Message m = {
  121. .bytes = buff + SEND_MESSAGE_PADDING,
  122. .length = w->bytesWritten,
  123. .padding = SEND_MESSAGE_PADDING
  124. };
  125. struct Message* msg = Message_clone(&m, alloc);
  126. int out = sendMessage(msg, dest, admin);
  127. return out;
  128. }
  129. /**
  130. * If no incoming data has been sent by this address in TIMEOUT_MILLISECONDS
  131. * then Admin_sendMessage() should fail so that it doesn't endlessly send
  132. * udp packets into outer space after a logging client disconnects.
  133. */
  134. static int checkAddress(struct Admin* admin, int index, uint64_t now)
  135. {
  136. uint64_t diff = now - admin->map.values[index]->timeOfLastMessage;
  137. // check for backwards time
  138. if (diff > TIMEOUT_MILLISECONDS && diff < ((uint64_t)INT64_MAX)) {
  139. Allocator_free(admin->map.values[index]->allocator);
  140. Map_LastMessageTimeByAddr_remove(index, &admin->map);
  141. return -1;
  142. }
  143. return 0;
  144. }
  145. static void clearExpiredAddresses(void* vAdmin)
  146. {
  147. struct Admin* admin = Identity_check((struct Admin*) vAdmin);
  148. uint64_t now = Time_currentTimeMilliseconds(admin->eventBase);
  149. int count = 0;
  150. for (int i = admin->map.count - 1; i >= 0; i--) {
  151. if (checkAddress(admin, i, now)) {
  152. count++;
  153. }
  154. }
  155. Log_debug(admin->logger, "Cleared [%d] expired sessions", count);
  156. }
  157. /**
  158. * public function to send responses
  159. */
  160. int Admin_sendMessage(Dict* message, String* txid, struct Admin* admin)
  161. {
  162. if (!admin) {
  163. return 0;
  164. }
  165. Identity_check(admin);
  166. Assert_true(txid && txid->len >= admin->addrLen);
  167. struct Sockaddr_storage addr;
  168. Bits_memcpy(&addr, txid->bytes, admin->addrLen);
  169. // if this is an async call, check if we've got any input from that client.
  170. // if the client is nresponsive then fail the call so logs don't get sent
  171. // out forever after a disconnection.
  172. struct Allocator* alloc;
  173. if (!admin->currentRequest) {
  174. struct Sockaddr* addrPtr = (struct Sockaddr*) &addr.addr;
  175. int index = Map_LastMessageTimeByAddr_indexForKey(&addrPtr, &admin->map);
  176. uint64_t now = Time_currentTimeMilliseconds(admin->eventBase);
  177. if (index < 0 || checkAddress(admin, index, now)) {
  178. return -1;
  179. }
  180. alloc = Allocator_child(admin->allocator);
  181. } else {
  182. alloc = admin->currentRequest->alloc;
  183. }
  184. // Bounce back the user-supplied txid.
  185. String userTxid = {
  186. .bytes = txid->bytes + admin->addrLen,
  187. .len = txid->len - admin->addrLen
  188. };
  189. if (txid->len > admin->addrLen) {
  190. Dict_putString(message, TXID, &userTxid, alloc);
  191. }
  192. int ret = sendBenc(message, &addr.addr, alloc, admin);
  193. if (!admin->currentRequest) {
  194. Allocator_free(alloc);
  195. }
  196. return ret;
  197. }
  198. static inline bool authValid(Dict* message, struct Message* messageBytes, struct Admin* admin)
  199. {
  200. String* cookieStr = Dict_getString(message, String_CONST("cookie"));
  201. uint32_t cookie = (cookieStr != NULL) ? strtoll(cookieStr->bytes, NULL, 10) : 0;
  202. if (!cookie) {
  203. int64_t* cookieInt = Dict_getInt(message, String_CONST("cookie"));
  204. cookie = (cookieInt) ? *cookieInt : 0;
  205. }
  206. uint64_t nowSecs = Time_currentTimeSeconds(admin->eventBase);
  207. String* submittedHash = Dict_getString(message, String_CONST("hash"));
  208. if (cookie > nowSecs || cookie < nowSecs - 20 || !submittedHash || submittedHash->len != 64) {
  209. return false;
  210. }
  211. uint8_t* hashPtr = (uint8_t*) strstr((char*) messageBytes->bytes, submittedHash->bytes);
  212. if (!hashPtr || !admin->password) {
  213. return false;
  214. }
  215. uint8_t passAndCookie[64];
  216. snprintf((char*) passAndCookie, 64, "%s%u", admin->password->bytes, cookie);
  217. uint8_t hash[32];
  218. crypto_hash_sha256(hash, passAndCookie, strlen((char*) passAndCookie));
  219. Hex_encode(hashPtr, 64, hash, 32);
  220. crypto_hash_sha256(hash, messageBytes->bytes, messageBytes->length);
  221. Hex_encode(hashPtr, 64, hash, 32);
  222. return Bits_memcmp(hashPtr, submittedHash->bytes, 64) == 0;
  223. }
  224. static bool checkArgs(Dict* args,
  225. struct Function* func,
  226. String* txid,
  227. struct Allocator* requestAlloc,
  228. struct Admin* admin)
  229. {
  230. struct Dict_Entry* entry = *func->args;
  231. String* error = NULL;
  232. while (entry != NULL) {
  233. String* key = (String*) entry->key;
  234. Assert_true(entry->val->type == Object_DICT);
  235. Dict* value = entry->val->as.dictionary;
  236. entry = entry->next;
  237. if (*Dict_getInt(value, String_CONST("required")) == 0) {
  238. continue;
  239. }
  240. String* type = Dict_getString(value, String_CONST("type"));
  241. if ((type == STRING && !Dict_getString(args, key))
  242. || (type == DICT && !Dict_getDict(args, key))
  243. || (type == INTEGER && !Dict_getInt(args, key))
  244. || (type == LIST && !Dict_getList(args, key)))
  245. {
  246. error = String_printf(requestAlloc,
  247. "Entry [%s] is required and must be of type [%s]",
  248. key->bytes,
  249. type->bytes);
  250. break;
  251. }
  252. }
  253. if (error) {
  254. Dict d = Dict_CONST(String_CONST("error"), String_OBJ(error), NULL);
  255. Admin_sendMessage(&d, txid, admin);
  256. }
  257. return !error;
  258. }
  259. static void asyncEnabled(Dict* args, void* vAdmin, String* txid, struct Allocator* requestAlloc)
  260. {
  261. struct Admin* admin = Identity_check((struct Admin*) vAdmin);
  262. int64_t enabled = admin->asyncEnabled;
  263. Dict d = Dict_CONST(String_CONST("asyncEnabled"), Int_OBJ(enabled), NULL);
  264. Admin_sendMessage(&d, txid, admin);
  265. }
  266. #define ENTRIES_PER_PAGE 8
  267. static void availableFunctions(Dict* args, void* vAdmin, String* txid, struct Allocator* tempAlloc)
  268. {
  269. struct Admin* admin = Identity_check((struct Admin*) vAdmin);
  270. int64_t* page = Dict_getInt(args, String_CONST("page"));
  271. uint32_t i = (page) ? *page * ENTRIES_PER_PAGE : 0;
  272. Dict* d = Dict_new(tempAlloc);
  273. Dict* functions = Dict_new(tempAlloc);
  274. int count = 0;
  275. for (; i < (uint32_t)admin->functionCount && count++ < ENTRIES_PER_PAGE; i++) {
  276. Dict_putDict(functions, admin->functions[i].name, admin->functions[i].args, tempAlloc);
  277. }
  278. String* more = String_CONST("more");
  279. if (count >= ENTRIES_PER_PAGE) {
  280. Dict_putInt(d, more, 1, tempAlloc);
  281. }
  282. Dict_putDict(d, String_CONST("availableFunctions"), functions, tempAlloc);
  283. Admin_sendMessage(d, txid, admin);
  284. }
  285. static void handleRequest(Dict* messageDict,
  286. struct Message* message,
  287. struct Sockaddr* src,
  288. struct Allocator* allocator,
  289. struct Admin* admin)
  290. {
  291. String* query = Dict_getString(messageDict, String_CONST("q"));
  292. if (!query) {
  293. Log_info(admin->logger, "Got a non-query from admin interface");
  294. return;
  295. }
  296. // txid becomes the user supplied txid combined with the channel num.
  297. String* userTxid = Dict_getString(messageDict, TXID);
  298. uint32_t txidlen = ((userTxid) ? userTxid->len : 0) + src->addrLen;
  299. String* txid = String_newBinary(NULL, txidlen, allocator);
  300. Bits_memcpy(txid->bytes, src, src->addrLen);
  301. if (userTxid) {
  302. Bits_memcpy(txid->bytes + src->addrLen, userTxid->bytes, userTxid->len);
  303. }
  304. // If they're asking for a cookie then lets give them one.
  305. String* cookie = String_CONST("cookie");
  306. if (String_equals(query, cookie)) {
  307. //Log_debug(admin->logger, "Got a request for a cookie");
  308. Dict* d = Dict_new(allocator);
  309. char bytes[32];
  310. snprintf(bytes, 32, "%u", (uint32_t) Time_currentTimeSeconds(admin->eventBase));
  311. String* theCookie = &(String) { .len = strlen(bytes), .bytes = bytes };
  312. Dict_putString(d, cookie, theCookie, allocator);
  313. Admin_sendMessage(d, txid, admin);
  314. return;
  315. }
  316. // If this is a permitted query, make sure the cookie is right.
  317. String* auth = String_CONST("auth");
  318. bool authed = false;
  319. if (String_equals(query, auth)) {
  320. if (!authValid(messageDict, message, admin)) {
  321. Dict* d = Dict_new(allocator);
  322. Dict_putString(d, String_CONST("error"), String_CONST("Auth failed."), allocator);
  323. Admin_sendMessage(d, txid, admin);
  324. return;
  325. }
  326. query = Dict_getString(messageDict, String_CONST("aq"));
  327. authed = true;
  328. }
  329. // Then sent a valid authed query, lets track their address so they can receive
  330. // asynchronous messages.
  331. int index = Map_LastMessageTimeByAddr_indexForKey(&src, &admin->map);
  332. uint64_t now = Time_currentTimeMilliseconds(admin->eventBase);
  333. admin->asyncEnabled = 1;
  334. if (index >= 0) {
  335. admin->map.values[index]->timeOfLastMessage = now;
  336. } else if (authed) {
  337. struct Allocator* entryAlloc = Allocator_child(admin->allocator);
  338. struct MapValue* mv = Allocator_calloc(entryAlloc, sizeof(struct MapValue), 1);
  339. mv->timeOfLastMessage = now;
  340. mv->allocator = entryAlloc;
  341. struct Sockaddr* storedAddr = Sockaddr_clone(src, entryAlloc);
  342. Map_LastMessageTimeByAddr_put(&storedAddr, &mv, &admin->map);
  343. } else {
  344. admin->asyncEnabled = 0;
  345. }
  346. Dict* args = Dict_getDict(messageDict, String_CONST("args"));
  347. bool noFunctionsCalled = true;
  348. for (int i = 0; i < admin->functionCount; i++) {
  349. if (String_equals(query, admin->functions[i].name)
  350. && (authed || !admin->functions[i].needsAuth))
  351. {
  352. if (checkArgs(args, &admin->functions[i], txid, message->alloc, admin)) {
  353. admin->functions[i].call(args, admin->functions[i].context, txid, message->alloc);
  354. }
  355. noFunctionsCalled = false;
  356. }
  357. }
  358. if (noFunctionsCalled) {
  359. Dict d = Dict_CONST(
  360. String_CONST("error"),
  361. String_OBJ(String_CONST("No functions matched your request, "
  362. "try Admin_availableFunctions()")),
  363. NULL
  364. );
  365. Admin_sendMessage(&d, txid, admin);
  366. }
  367. return;
  368. }
  369. static void handleMessage(struct Message* message,
  370. struct Sockaddr* src,
  371. struct Allocator* alloc,
  372. struct Admin* admin)
  373. {
  374. #ifdef Log_KEYS
  375. uint8_t lastChar = message->bytes[message->length - 1];
  376. message->bytes[message->length - 1] = '\0';
  377. Log_keys(admin->logger, "Got message from [%s] [%s]",
  378. Sockaddr_print(src, alloc), message->bytes);
  379. message->bytes[message->length - 1] = lastChar;
  380. #endif
  381. // handle non empty message data
  382. if (message->length > Admin_MAX_REQUEST_SIZE) {
  383. #define TOO_BIG "d5:error16:Request too big.e"
  384. #define TOO_BIG_STRLEN (sizeof(TOO_BIG) - 1)
  385. Bits_memcpyConst(message->bytes, TOO_BIG, TOO_BIG_STRLEN);
  386. message->length = TOO_BIG_STRLEN;
  387. sendMessage(message, src, admin);
  388. return;
  389. }
  390. struct Reader* reader = ArrayReader_new(message->bytes, message->length, alloc);
  391. Dict messageDict;
  392. if (StandardBencSerializer_get()->parseDictionary(reader, alloc, &messageDict)) {
  393. Log_warn(admin->logger,
  394. "Unparsable data from [%s] content: [%s]",
  395. Sockaddr_print(src, alloc), message->bytes);
  396. return;
  397. }
  398. int amount = reader->bytesRead;
  399. if (amount < message->length) {
  400. Log_warn(admin->logger,
  401. "Message from [%s] contained garbage after byte [%d] content: [%s]",
  402. Sockaddr_print(src, alloc), amount - 1, message->bytes);
  403. return;
  404. }
  405. handleRequest(&messageDict, message, src, alloc, admin);
  406. }
  407. static uint8_t receiveMessage(struct Message* message, struct Interface* iface)
  408. {
  409. struct Admin* admin = Identity_check((struct Admin*) iface->receiverContext);
  410. Assert_true(message->length >= (int)admin->addrLen);
  411. struct Sockaddr_storage addrStore = { .addr = { .addrLen = 0 } };
  412. Message_pop(message, &addrStore, admin->addrLen, NULL);
  413. struct Allocator* alloc = Allocator_child(admin->allocator);
  414. admin->currentRequest = message;
  415. handleMessage(message, &addrStore.addr, alloc, admin);
  416. admin->currentRequest = NULL;
  417. Allocator_free(alloc);
  418. return 0;
  419. }
  420. void Admin_registerFunctionWithArgCount(char* name,
  421. Admin_Function callback,
  422. void* callbackContext,
  423. bool needsAuth,
  424. struct Admin_FunctionArg* arguments,
  425. int argCount,
  426. struct Admin* admin)
  427. {
  428. if (!admin) {
  429. return;
  430. }
  431. Identity_check(admin);
  432. String* str = String_new(name, admin->allocator);
  433. admin->functions =
  434. Allocator_realloc(admin->allocator,
  435. admin->functions,
  436. sizeof(struct Function) * (admin->functionCount + 1));
  437. struct Function* fu = &admin->functions[admin->functionCount];
  438. admin->functionCount++;
  439. fu->name = str;
  440. fu->call = callback;
  441. fu->context = callbackContext;
  442. fu->needsAuth = needsAuth;
  443. fu->args = Dict_new(admin->allocator);
  444. for (int i = 0; arguments && i < argCount; i++) {
  445. // "type" must be one of: [ "String", "Int", "Dict", "List" ]
  446. String* type = NULL;
  447. if (!strcmp(arguments[i].type, STRING->bytes)) {
  448. type = STRING;
  449. } else if (!strcmp(arguments[i].type, INTEGER->bytes)) {
  450. type = INTEGER;
  451. } else if (!strcmp(arguments[i].type, DICT->bytes)) {
  452. type = DICT;
  453. } else if (!strcmp(arguments[i].type, LIST->bytes)) {
  454. type = LIST;
  455. } else {
  456. abort();
  457. }
  458. Dict* arg = Dict_new(admin->allocator);
  459. Dict_putString(arg, TYPE, type, admin->allocator);
  460. Dict_putInt(arg, REQUIRED, arguments[i].required, admin->allocator);
  461. String* name = String_new(arguments[i].name, admin->allocator);
  462. Dict_putDict(fu->args, name, arg, admin->allocator);
  463. }
  464. }
  465. struct Admin* Admin_new(struct AddrInterface* iface,
  466. struct Allocator* alloc,
  467. struct Log* logger,
  468. struct EventBase* eventBase,
  469. String* password)
  470. {
  471. struct Admin* admin = Allocator_clone(alloc, (&(struct Admin) {
  472. .iface = iface,
  473. .allocator = alloc,
  474. .logger = logger,
  475. .eventBase = eventBase,
  476. .addrLen = iface->addr->addrLen,
  477. .map = {
  478. .allocator = alloc
  479. }
  480. }));
  481. Identity_set(admin);
  482. admin->password = String_clone(password, alloc);
  483. Timeout_setInterval(clearExpiredAddresses, admin, TIMEOUT_MILLISECONDS * 3, eventBase, alloc);
  484. iface->generic.receiveMessage = receiveMessage;
  485. iface->generic.receiverContext = admin;
  486. Admin_registerFunction("Admin_asyncEnabled", asyncEnabled, admin, false, NULL, admin);
  487. Admin_registerFunction("Admin_availableFunctions", availableFunctions, admin, false,
  488. ((struct Admin_FunctionArg[]) {
  489. { .name = "page", .required = 0, .type = "Int" }
  490. }), admin);
  491. return admin;
  492. }