| -rw-r--r-- | src/eyefiworker.cc | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/eyefiworker.cc b/src/eyefiworker.cc index 597a3f2..ac96c7f 100644 --- a/src/eyefiworker.cc +++ b/src/eyefiworker.cc | |||
| @@ -1,179 +1,185 @@ | |||
| 1 | #include <signal.h> | 1 | #include <signal.h> |
| 2 | #ifndef NDEBUG | 2 | #ifndef NDEBUG |
| 3 | # include <sys/resource.h> | 3 | # include <sys/resource.h> |
| 4 | #endif | 4 | #endif |
| 5 | #include <syslog.h> | 5 | #include <syslog.h> |
| 6 | #include <cassert> | 6 | #include <cassert> |
| 7 | #include <iostream> | 7 | #include <iostream> |
| 8 | #include <fstream> | 8 | #include <fstream> |
| 9 | #include <stdexcept> | 9 | #include <stdexcept> |
| 10 | #include <iterator> | 10 | #include <iterator> |
| 11 | #include <algorithm> | 11 | #include <algorithm> |
| 12 | #include <sys/wait.h> | 12 | #include <sys/wait.h> |
| 13 | #include <autosprintf.h> | 13 | #include <autosprintf.h> |
| 14 | #include "eyekinfig.h" | 14 | #include "eyekinfig.h" |
| 15 | #include "eyetil.h" | 15 | #include "eyetil.h" |
| 16 | #include "eyefiworker.h" | 16 | #include "eyefiworker.h" |
| 17 | #ifdef HAVE_SQLITE | 17 | #ifdef HAVE_SQLITE |
| 18 | # include "iiidb.h" | 18 | # include "iiidb.h" |
| 19 | #endif | 19 | #endif |
| 20 | 20 | ||
| 21 | #ifdef WITH_IPV6 | ||
| 22 | # define BINDTO "::" | ||
| 23 | #else | ||
| 24 | # define BINDTO 0 | ||
| 25 | #endif | ||
| 26 | |||
| 21 | eyefiworker::eyefiworker() | 27 | eyefiworker::eyefiworker() |
| 22 | : eyefiService(SOAP_IO_STORE|SOAP_IO_KEEPALIVE) { | 28 | : eyefiService(SOAP_IO_STORE|SOAP_IO_KEEPALIVE) { |
| 23 | bind_flags = SO_REUSEADDR; max_keep_alive = 0; | 29 | bind_flags = SO_REUSEADDR; max_keep_alive = 0; |
| 24 | socket_flags = | 30 | socket_flags = |
| 25 | #if defined(MSG_NOSIGNAL) | 31 | #if defined(MSG_NOSIGNAL) |
| 26 | MSG_NOSIGNAL | 32 | MSG_NOSIGNAL |
| 27 | #elif defined(SO_NOSIGPIPE) | 33 | #elif defined(SO_NOSIGPIPE) |
| 28 | SO_NOSIGPIPE | 34 | SO_NOSIGPIPE |
| 29 | #else | 35 | #else |
| 30 | #error Something is wrong with sigpipe prevention on the platform | 36 | #error Something is wrong with sigpipe prevention on the platform |
| 31 | #endif | 37 | #endif |
| 32 | ; | 38 | ; |
| 33 | #ifdef HAVE_SQLITE | 39 | #ifdef HAVE_SQLITE |
| 34 | sqlite3_initialize(); | 40 | sqlite3_initialize(); |
| 35 | #endif | 41 | #endif |
| 36 | } | 42 | } |
| 37 | 43 | ||
| 38 | static void *fmimewriteopen_(struct soap *soap, | 44 | static void *fmimewriteopen_(struct soap *soap, |
| 39 | void *handle, const char *id, const char *type, const char *description, | 45 | void *handle, const char *id, const char *type, const char *description, |
| 40 | enum soap_mime_encoding encoding) { | 46 | enum soap_mime_encoding encoding) { |
| 41 | return static_cast<eyefiworker*>(soap)->mime_writeopen(handle,id,type,description,encoding); | 47 | return static_cast<eyefiworker*>(soap)->mime_writeopen(handle,id,type,description,encoding); |
| 42 | } | 48 | } |
| 43 | static int fmimewrite_(struct soap *soap,void *handle,const char *buf,size_t len) { | 49 | static int fmimewrite_(struct soap *soap,void *handle,const char *buf,size_t len) { |
| 44 | return static_cast<eyefiworker*>(soap)->mime_write(handle,buf,len); | 50 | return static_cast<eyefiworker*>(soap)->mime_write(handle,buf,len); |
| 45 | } | 51 | } |
| 46 | static void fmimewriteclose_(struct soap *soap,void *handle) { | 52 | static void fmimewriteclose_(struct soap *soap,void *handle) { |
| 47 | static_cast<eyefiworker*>(soap)->mime_writeclose(handle); | 53 | static_cast<eyefiworker*>(soap)->mime_writeclose(handle); |
| 48 | } | 54 | } |
| 49 | 55 | ||
| 50 | int eyefiworker::run(int bindport) { | 56 | int eyefiworker::run(int bindport) { |
| 51 | if(!soap_valid_socket(bind(0,bindport,64))) | 57 | if(!soap_valid_socket(bind(BINDTO,bindport,64))) |
| 52 | throw std::runtime_error("failed to bind()"); | 58 | throw std::runtime_error("failed to bind()"); |
| 53 | signal(SIGCHLD,SIG_IGN); | 59 | signal(SIGCHLD,SIG_IGN); |
| 54 | fmimewriteopen=fmimewriteopen_; fmimewrite=fmimewrite_; fmimewriteclose=fmimewriteclose_; | 60 | fmimewriteopen=fmimewriteopen_; fmimewrite=fmimewrite_; fmimewriteclose=fmimewriteclose_; |
| 55 | while(true) { | 61 | while(true) { |
| 56 | if(!soap_valid_socket(accept())) | 62 | if(!soap_valid_socket(accept())) |
| 57 | throw std::runtime_error("failed to accept()"); | 63 | throw std::runtime_error("failed to accept()"); |
| 58 | pid_t p = fork(); | 64 | pid_t p = fork(); |
| 59 | if(p<0) throw std::runtime_error("failed to fork()"); | 65 | if(p<0) throw std::runtime_error("failed to fork()"); |
| 60 | if(!p) { | 66 | if(!p) { |
| 61 | recv_timeout = 600; send_timeout = 120; | 67 | recv_timeout = 600; send_timeout = 120; |
| 62 | (void)serve(); | 68 | (void)serve(); |
| 63 | soap_destroy(this); soap_end(this); soap_done(this); | 69 | soap_destroy(this); soap_end(this); soap_done(this); |
| 64 | #ifndef NDEBUG | 70 | #ifndef NDEBUG |
| 65 | struct rusage ru; | 71 | struct rusage ru; |
| 66 | if(getrusage(RUSAGE_SELF,&ru)) { | 72 | if(getrusage(RUSAGE_SELF,&ru)) { |
| 67 | syslog(LOG_NOTICE,"Failed to getrusage(): %d",errno); | 73 | syslog(LOG_NOTICE,"Failed to getrusage(): %d",errno); |
| 68 | }else{ | 74 | }else{ |
| 69 | syslog(LOG_INFO,"maxrss: %ld\n",ru.ru_maxrss); | 75 | syslog(LOG_INFO,"maxrss: %ld\n",ru.ru_maxrss); |
| 70 | } | 76 | } |
| 71 | #endif /* NDEBUG */ | 77 | #endif /* NDEBUG */ |
| 72 | throw throwable_exit(0); | 78 | throw throwable_exit(0); |
| 73 | } | 79 | } |
| 74 | close(socket); socket = SOAP_INVALID_SOCKET; | 80 | close(socket); socket = SOAP_INVALID_SOCKET; |
| 75 | } | 81 | } |
| 76 | } | 82 | } |
| 77 | 83 | ||
| 78 | static binary_t session_nonce; | 84 | static binary_t session_nonce; |
| 79 | #ifdef HAVE_SQLITE | 85 | #ifdef HAVE_SQLITE |
| 80 | static struct { | 86 | static struct { |
| 81 | std::string filesignature; | 87 | std::string filesignature; |
| 82 | long filesize; | 88 | long filesize; |
| 83 | std::string filename; | 89 | std::string filename; |
| 84 | inline void reset() { filesignature.erase(); filename.erase(); filesize=0; } | 90 | inline void reset() { filesignature.erase(); filename.erase(); filesize=0; } |
| 85 | inline void set(const std::string n,const std::string sig,long siz) { | 91 | inline void set(const std::string n,const std::string sig,long siz) { |
| 86 | filename = n; filesignature = sig; filesize = siz; | 92 | filename = n; filesignature = sig; filesize = siz; |
| 87 | } | 93 | } |
| 88 | inline bool is(const std::string n,const std::string sig,long siz) { | 94 | inline bool is(const std::string n,const std::string sig,long siz) { |
| 89 | return filesize==siz && filename==n && filesignature==sig; | 95 | return filesize==siz && filename==n && filesignature==sig; |
| 90 | } | 96 | } |
| 91 | } already; | 97 | } already; |
| 92 | #endif /* HAVE_SQLITE */ | 98 | #endif /* HAVE_SQLITE */ |
| 93 | 99 | ||
| 94 | static bool detached_child() { | 100 | static bool detached_child() { |
| 95 | pid_t p = fork(); | 101 | pid_t p = fork(); |
| 96 | if(p<0) { | 102 | if(p<0) { |
| 97 | syslog(LOG_ERR,"Failed to fork away for hook execution"); | 103 | syslog(LOG_ERR,"Failed to fork away for hook execution"); |
| 98 | _exit(-1); | 104 | _exit(-1); |
| 99 | } | 105 | } |
| 100 | if(!p) { | 106 | if(!p) { |
| 101 | setsid(); | 107 | setsid(); |
| 102 | for(int i=getdtablesize();i>=0;--i) close(i); | 108 | for(int i=getdtablesize();i>=0;--i) close(i); |
| 103 | int i=open("/dev/null",O_RDWR); assert(i==0); | 109 | int i=open("/dev/null",O_RDWR); assert(i==0); |
| 104 | i = dup(i); assert(i==1); | 110 | i = dup(i); assert(i==1); |
| 105 | i = dup(i); assert(i==2); | 111 | i = dup(i); assert(i==2); |
| 106 | return true; | 112 | return true; |
| 107 | } | 113 | } |
| 108 | return false; | 114 | return false; |
| 109 | } | 115 | } |
| 110 | 116 | ||
| 111 | static int E(eyefiworker* efs,const char *c,const std::exception& e) { | 117 | static int E(eyefiworker* efs,const char *c,const std::exception& e) { |
| 112 | efs->keep_alive=0; | 118 | efs->keep_alive=0; |
| 113 | syslog(LOG_ERR,"error while processing %s: %s",c,e.what()); | 119 | syslog(LOG_ERR,"error while processing %s: %s",c,e.what()); |
| 114 | return soap_sender_fault(efs,gnu::autosprintf("error processing %s",c),0); | 120 | return soap_sender_fault(efs,gnu::autosprintf("error processing %s",c),0); |
| 115 | } | 121 | } |
| 116 | 122 | ||
| 117 | int eyefiworker::StartSession( | 123 | int eyefiworker::StartSession( |
| 118 | std::string macaddress,std::string cnonce, | 124 | std::string macaddress,std::string cnonce, |
| 119 | int transfermode,long transfermodetimestamp, | 125 | int transfermode,long transfermodetimestamp, |
| 120 | struct rns__StartSessionResponse &r ) try { | 126 | struct rns__StartSessionResponse &r ) try { |
| 121 | syslog(LOG_INFO, | 127 | syslog(LOG_INFO, |
| 122 | "StartSession request from %s with cnonce=%s, transfermode=%d, transfermodetimestamp=%ld", | 128 | "StartSession request from %s with cnonce=%s, transfermode=%d, transfermodetimestamp=%ld", |
| 123 | macaddress.c_str(), cnonce.c_str(), transfermode, transfermodetimestamp ); | 129 | macaddress.c_str(), cnonce.c_str(), transfermode, transfermodetimestamp ); |
| 124 | kinfig.reset(new eyekinfig_t(macaddress)); | 130 | kinfig.reset(new eyekinfig_t(macaddress)); |
| 125 | umask(kinfig->get_umask()); | 131 | umask(kinfig->get_umask()); |
| 126 | 132 | ||
| 127 | r.credential = binary_t(macaddress+cnonce+kinfig->get_upload_key()).md5().hex(); | 133 | r.credential = binary_t(macaddress+cnonce+kinfig->get_upload_key()).md5().hex(); |
| 128 | 134 | ||
| 129 | r.snonce = session_nonce.make_nonce().hex(); | 135 | r.snonce = session_nonce.make_nonce().hex(); |
| 130 | r.transfermode=transfermode; | 136 | r.transfermode=transfermode; |
| 131 | r.transfermodetimestamp=transfermodetimestamp; | 137 | r.transfermodetimestamp=transfermodetimestamp; |
| 132 | r.upsyncallowed=false; | 138 | r.upsyncallowed=false; |
| 133 | 139 | ||
| 134 | std::string cmd = kinfig->get_on_start_session(); | 140 | std::string cmd = kinfig->get_on_start_session(); |
| 135 | if(!cmd.empty()) { | 141 | if(!cmd.empty()) { |
| 136 | if(detached_child()) { | 142 | if(detached_child()) { |
| 137 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); | 143 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); |
| 138 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODE=%d",transfermode) ); | 144 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODE=%d",transfermode) ); |
| 139 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODETIMESTAMP=%ld",transfermodetimestamp) ); | 145 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODETIMESTAMP=%ld",transfermodetimestamp) ); |
| 140 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; | 146 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; |
| 141 | execv("/bin/sh",argv); | 147 | execv("/bin/sh",argv); |
| 142 | syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); | 148 | syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); |
| 143 | _exit(-1); | 149 | _exit(-1); |
| 144 | } | 150 | } |
| 145 | } | 151 | } |
| 146 | return SOAP_OK; | 152 | return SOAP_OK; |
| 147 | }catch(const std::exception& e) { return E(this,"StartSession",e); } | 153 | }catch(const std::exception& e) { return E(this,"StartSession",e); } |
| 148 | 154 | ||
| 149 | int eyefiworker::GetPhotoStatus( | 155 | int eyefiworker::GetPhotoStatus( |
| 150 | std::string credential, std::string macaddress, | 156 | std::string credential, std::string macaddress, |
| 151 | std::string filename, long filesize, std::string filesignature, | 157 | std::string filename, long filesize, std::string filesignature, |
| 152 | int flags, | 158 | int flags, |
| 153 | struct rns__GetPhotoStatusResponse &r ) try { | 159 | struct rns__GetPhotoStatusResponse &r ) try { |
| 154 | syslog(LOG_INFO, | 160 | syslog(LOG_INFO, |
| 155 | "GetPhotoStatus request from %s with credential=%s, filename=%s, filesize=%ld, filesignature=%s, flags=%d; session nonce=%s", | 161 | "GetPhotoStatus request from %s with credential=%s, filename=%s, filesize=%ld, filesignature=%s, flags=%d; session nonce=%s", |
| 156 | macaddress.c_str(), credential.c_str(), filename.c_str(), filesize, filesignature.c_str(), flags, | 162 | macaddress.c_str(), credential.c_str(), filename.c_str(), filesize, filesignature.c_str(), flags, |
| 157 | session_nonce.hex().c_str() ); | 163 | session_nonce.hex().c_str() ); |
| 158 | 164 | ||
| 159 | if(!(kinfig && kinfig->macaddress==macaddress)) | 165 | if(!(kinfig && kinfig->macaddress==macaddress)) |
| 160 | throw std::runtime_error("I'm not talking to this peer"); | 166 | throw std::runtime_error("I'm not talking to this peer"); |
| 161 | 167 | ||
| 162 | std::string computed_credential = binary_t(macaddress+kinfig->get_upload_key()+session_nonce.hex()).md5().hex(); | 168 | std::string computed_credential = binary_t(macaddress+kinfig->get_upload_key()+session_nonce.hex()).md5().hex(); |
| 163 | 169 | ||
| 164 | #ifndef NDEBUG | 170 | #ifndef NDEBUG |
| 165 | syslog(LOG_DEBUG, " computed credential=%s", computed_credential.c_str()); | 171 | syslog(LOG_DEBUG, " computed credential=%s", computed_credential.c_str()); |
| 166 | #endif | 172 | #endif |
| 167 | 173 | ||
| 168 | if (credential != computed_credential) throw std::runtime_error("card authentication failed"); | 174 | if (credential != computed_credential) throw std::runtime_error("card authentication failed"); |
| 169 | 175 | ||
| 170 | indir.reset(new tmpdir_t(kinfig->get_targetdir()+"/.incoming.XXXXXX")); | 176 | indir.reset(new tmpdir_t(kinfig->get_targetdir()+"/.incoming.XXXXXX")); |
| 171 | 177 | ||
| 172 | #ifdef HAVE_SQLITE | 178 | #ifdef HAVE_SQLITE |
| 173 | iiidb_t D(*kinfig); | 179 | iiidb_t D(*kinfig); |
| 174 | seclude::stmt_t S = D.prepare( | 180 | seclude::stmt_t S = D.prepare( |
| 175 | "SELECT fileid FROM photo" | 181 | "SELECT fileid FROM photo" |
| 176 | " WHERE mac=:mac AND filename=:filename" | 182 | " WHERE mac=:mac AND filename=:filename" |
| 177 | " AND filesize=:filesize AND filesignature=:filesignature" | 183 | " AND filesize=:filesize AND filesignature=:filesignature" |
| 178 | ).bind(":mac",macaddress) | 184 | ).bind(":mac",macaddress) |
| 179 | .bind(":filename",filename).bind(":filesize",filesize) | 185 | .bind(":filename",filename).bind(":filesize",filesize) |