-rw-r--r-- | src/eyefiworker.cc | 157 |
1 files changed, 80 insertions, 77 deletions
diff --git a/src/eyefiworker.cc b/src/eyefiworker.cc index 645069e..597a3f2 100644 --- a/src/eyefiworker.cc +++ b/src/eyefiworker.cc | |||
@@ -31,19 +31,30 @@ eyefiworker::eyefiworker() | |||
31 | #endif | 31 | #endif |
32 | ; | 32 | ; |
33 | #ifdef HAVE_SQLITE | 33 | #ifdef HAVE_SQLITE |
34 | sqlite3_initialize(); | 34 | sqlite3_initialize(); |
35 | #endif | 35 | #endif |
36 | } | 36 | } |
37 | eyefiworker::~eyefiworker() { | 37 | |
38 | static void *fmimewriteopen_(struct soap *soap, | ||
39 | void *handle, const char *id, const char *type, const char *description, | ||
40 | enum soap_mime_encoding encoding) { | ||
41 | return static_cast<eyefiworker*>(soap)->mime_writeopen(handle,id,type,description,encoding); | ||
42 | } | ||
43 | static int fmimewrite_(struct soap *soap,void *handle,const char *buf,size_t len) { | ||
44 | return static_cast<eyefiworker*>(soap)->mime_write(handle,buf,len); | ||
45 | } | ||
46 | static void fmimewriteclose_(struct soap *soap,void *handle) { | ||
47 | static_cast<eyefiworker*>(soap)->mime_writeclose(handle); | ||
38 | } | 48 | } |
39 | 49 | ||
40 | int eyefiworker::run(int bindport) { | 50 | int eyefiworker::run(int bindport) { |
41 | if(!soap_valid_socket(bind(0,bindport,64))) | 51 | if(!soap_valid_socket(bind(0,bindport,64))) |
42 | throw std::runtime_error("failed to bind()"); | 52 | throw std::runtime_error("failed to bind()"); |
43 | signal(SIGCHLD,SIG_IGN); | 53 | signal(SIGCHLD,SIG_IGN); |
54 | fmimewriteopen=fmimewriteopen_; fmimewrite=fmimewrite_; fmimewriteclose=fmimewriteclose_; | ||
44 | while(true) { | 55 | while(true) { |
45 | if(!soap_valid_socket(accept())) | 56 | if(!soap_valid_socket(accept())) |
46 | throw std::runtime_error("failed to accept()"); | 57 | throw std::runtime_error("failed to accept()"); |
47 | pid_t p = fork(); | 58 | pid_t p = fork(); |
48 | if(p<0) throw std::runtime_error("failed to fork()"); | 59 | if(p<0) throw std::runtime_error("failed to fork()"); |
49 | if(!p) { | 60 | if(!p) { |
@@ -107,21 +118,23 @@ int eyefiworker::StartSession( | |||
107 | std::string macaddress,std::string cnonce, | 118 | std::string macaddress,std::string cnonce, |
108 | int transfermode,long transfermodetimestamp, | 119 | int transfermode,long transfermodetimestamp, |
109 | struct rns__StartSessionResponse &r ) try { | 120 | struct rns__StartSessionResponse &r ) try { |
110 | syslog(LOG_INFO, | 121 | syslog(LOG_INFO, |
111 | "StartSession request from %s with cnonce=%s, transfermode=%d, transfermodetimestamp=%ld", | 122 | "StartSession request from %s with cnonce=%s, transfermode=%d, transfermodetimestamp=%ld", |
112 | macaddress.c_str(), cnonce.c_str(), transfermode, transfermodetimestamp ); | 123 | macaddress.c_str(), cnonce.c_str(), transfermode, transfermodetimestamp ); |
113 | eyekinfig_t eyekinfig(macaddress); | 124 | kinfig.reset(new eyekinfig_t(macaddress)); |
114 | r.credential = binary_t(macaddress+cnonce+eyekinfig.get_upload_key()).md5().hex(); | 125 | umask(kinfig->get_umask()); |
126 | |||
127 | r.credential = binary_t(macaddress+cnonce+kinfig->get_upload_key()).md5().hex(); | ||
115 | 128 | ||
116 | r.snonce = session_nonce.make_nonce().hex(); | 129 | r.snonce = session_nonce.make_nonce().hex(); |
117 | r.transfermode=transfermode; | 130 | r.transfermode=transfermode; |
118 | r.transfermodetimestamp=transfermodetimestamp; | 131 | r.transfermodetimestamp=transfermodetimestamp; |
119 | r.upsyncallowed=false; | 132 | r.upsyncallowed=false; |
120 | 133 | ||
121 | std::string cmd = eyekinfig.get_on_start_session(); | 134 | std::string cmd = kinfig->get_on_start_session(); |
122 | if(!cmd.empty()) { | 135 | if(!cmd.empty()) { |
123 | if(detached_child()) { | 136 | if(detached_child()) { |
124 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); | 137 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); |
125 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODE=%d",transfermode) ); | 138 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODE=%d",transfermode) ); |
126 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODETIMESTAMP=%ld",transfermodetimestamp) ); | 139 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODETIMESTAMP=%ld",transfermodetimestamp) ); |
127 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; | 140 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; |
@@ -140,23 +153,27 @@ int eyefiworker::GetPhotoStatus( | |||
140 | struct rns__GetPhotoStatusResponse &r ) try { | 153 | struct rns__GetPhotoStatusResponse &r ) try { |
141 | syslog(LOG_INFO, | 154 | syslog(LOG_INFO, |
142 | "GetPhotoStatus request from %s with credential=%s, filename=%s, filesize=%ld, filesignature=%s, flags=%d; session nonce=%s", | 155 | "GetPhotoStatus request from %s with credential=%s, filename=%s, filesize=%ld, filesignature=%s, flags=%d; session nonce=%s", |
143 | macaddress.c_str(), credential.c_str(), filename.c_str(), filesize, filesignature.c_str(), flags, | 156 | macaddress.c_str(), credential.c_str(), filename.c_str(), filesize, filesignature.c_str(), flags, |
144 | session_nonce.hex().c_str() ); | 157 | session_nonce.hex().c_str() ); |
145 | 158 | ||
146 | eyekinfig_t eyekinfig(macaddress); | 159 | if(!(kinfig && kinfig->macaddress==macaddress)) |
147 | std::string computed_credential = binary_t(macaddress+eyekinfig.get_upload_key()+session_nonce.hex()).md5().hex(); | 160 | throw std::runtime_error("I'm not talking to this peer"); |
161 | |||
162 | std::string computed_credential = binary_t(macaddress+kinfig->get_upload_key()+session_nonce.hex()).md5().hex(); | ||
148 | 163 | ||
149 | #ifndef NDEBUG | 164 | #ifndef NDEBUG |
150 | syslog(LOG_DEBUG, " computed credential=%s", computed_credential.c_str()); | 165 | syslog(LOG_DEBUG, " computed credential=%s", computed_credential.c_str()); |
151 | #endif | 166 | #endif |
152 | 167 | ||
153 | if (credential != computed_credential) throw std::runtime_error("card authentication failed"); | 168 | if (credential != computed_credential) throw std::runtime_error("card authentication failed"); |
154 | 169 | ||
170 | indir.reset(new tmpdir_t(kinfig->get_targetdir()+"/.incoming.XXXXXX")); | ||
171 | |||
155 | #ifdef HAVE_SQLITE | 172 | #ifdef HAVE_SQLITE |
156 | iiidb_t D(eyekinfig); | 173 | iiidb_t D(*kinfig); |
157 | seclude::stmt_t S = D.prepare( | 174 | seclude::stmt_t S = D.prepare( |
158 | "SELECT fileid FROM photo" | 175 | "SELECT fileid FROM photo" |
159 | " WHERE mac=:mac AND filename=:filename" | 176 | " WHERE mac=:mac AND filename=:filename" |
160 | " AND filesize=:filesize AND filesignature=:filesignature" | 177 | " AND filesize=:filesize AND filesignature=:filesignature" |
161 | ).bind(":mac",macaddress) | 178 | ).bind(":mac",macaddress) |
162 | .bind(":filename",filename).bind(":filesize",filesize) | 179 | .bind(":filename",filename).bind(":filesize",filesize) |
@@ -177,13 +194,16 @@ int eyefiworker::GetPhotoStatus( | |||
177 | int eyefiworker::MarkLastPhotoInRoll( | 194 | int eyefiworker::MarkLastPhotoInRoll( |
178 | std::string macaddress, int mergedelta, | 195 | std::string macaddress, int mergedelta, |
179 | struct rns__MarkLastPhotoInRollResponse&/* r */ ) try { | 196 | struct rns__MarkLastPhotoInRollResponse&/* r */ ) try { |
180 | syslog(LOG_INFO, | 197 | syslog(LOG_INFO, |
181 | "MarkLastPhotoInRoll request from %s with mergedelta=%d", | 198 | "MarkLastPhotoInRoll request from %s with mergedelta=%d", |
182 | macaddress.c_str(), mergedelta ); | 199 | macaddress.c_str(), mergedelta ); |
183 | std::string cmd = eyekinfig_t(macaddress).get_on_mark_last_photo_in_roll(); | 200 | if(!(kinfig && kinfig->macaddress==macaddress)) |
201 | throw std::runtime_error("I'm not talking to this peer"); | ||
202 | |||
203 | std::string cmd = kinfig->get_on_mark_last_photo_in_roll(); | ||
184 | if(!cmd.empty()) { | 204 | if(!cmd.empty()) { |
185 | if(detached_child()) { | 205 | if(detached_child()) { |
186 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); | 206 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); |
187 | putenv( gnu::autosprintf("EYEFI_MERGEDELTA=%d",mergedelta) ); | 207 | putenv( gnu::autosprintf("EYEFI_MERGEDELTA=%d",mergedelta) ); |
188 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; | 208 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; |
189 | execv("/bin/sh",argv); | 209 | execv("/bin/sh",argv); |
@@ -192,127 +212,110 @@ int eyefiworker::MarkLastPhotoInRoll( | |||
192 | } | 212 | } |
193 | } | 213 | } |
194 | keep_alive = 0; | 214 | keep_alive = 0; |
195 | return SOAP_OK; | 215 | return SOAP_OK; |
196 | }catch(const std::exception& e) { return E(this,"MarkLastPhotoInRoll",e); } | 216 | }catch(const std::exception& e) { return E(this,"MarkLastPhotoInRoll",e); } |
197 | 217 | ||
218 | void *eyefiworker::mime_writeopen(void *handle,const char *id,const char *type,const char *description, | ||
219 | enum soap_mime_encoding encoding) { | ||
220 | if(!id) return NULL; | ||
221 | if(!strcmp(id,"FILENAME")) { | ||
222 | mime_tarfile.reset(new mimewrite_tarfile(*indir)); | ||
223 | return mime_tarfile.get(); | ||
224 | }else if(!strcmp(id,"INTEGRITYDIGEST")) { | ||
225 | mime_idigest.reset(new mimewrite_string()); | ||
226 | return mime_idigest.get(); | ||
227 | } | ||
228 | return NULL; | ||
229 | } | ||
230 | int eyefiworker::mime_write(void *handle,const char *buf,size_t len) { | ||
231 | if(!handle) return SOAP_ERR; | ||
232 | return static_cast<mimewrite_base*>(handle)->write(buf,len); | ||
233 | } | ||
234 | void eyefiworker::mime_writeclose(void *handle) { | ||
235 | if(handle) static_cast<mimewrite_base*>(handle)->close(); | ||
236 | } | ||
237 | |||
198 | int eyefiworker::UploadPhoto( | 238 | int eyefiworker::UploadPhoto( |
199 | int fileid, std::string macaddress, | 239 | int fileid, std::string macaddress, |
200 | std::string filename, long filesize, std::string filesignature, | 240 | std::string filename, long filesize, std::string filesignature, |
201 | std::string encryption, int flags, | 241 | std::string encryption, int flags, |
202 | struct rns__UploadPhotoResponse& r ) try { | 242 | struct rns__UploadPhotoResponse& r ) try { |
203 | syslog(LOG_INFO, | 243 | syslog(LOG_INFO, |
204 | "UploadPhoto request from %s with fileid=%d, filename=%s, filesize=%ld," | 244 | "UploadPhoto request from %s with fileid=%d, filename=%s, filesize=%ld," |
205 | " filesignature=%s, encryption=%s, flags=%04X", | 245 | " filesignature=%s, encryption=%s, flags=%04X", |
206 | macaddress.c_str(), fileid, filename.c_str(), filesize, | 246 | macaddress.c_str(), fileid, filename.c_str(), filesize, |
207 | filesignature.c_str(), encryption.c_str(), flags ); | 247 | filesignature.c_str(), encryption.c_str(), flags ); |
248 | if(!(kinfig && kinfig->macaddress==macaddress)) | ||
249 | throw std::runtime_error("I'm not talking to this peer"); | ||
250 | |||
208 | std::string::size_type fnl=filename.length(); | 251 | std::string::size_type fnl=filename.length(); |
209 | if(fnl<sizeof(".tar") || strncmp(filename.c_str()+fnl-sizeof(".tar")+sizeof(""),".tar",sizeof(".tar"))) | 252 | if(fnl<sizeof(".tar") || strncmp(filename.c_str()+fnl-sizeof(".tar")+sizeof(""),".tar",sizeof(".tar"))) |
210 | throw std::runtime_error(gnu::autosprintf("honestly, I expected the tarball coming here, not '%s'",filename.c_str())); | 253 | throw std::runtime_error(gnu::autosprintf("honestly, I expected the tarball coming here, not '%s'",filename.c_str())); |
211 | std::string the_file(filename,0,fnl-sizeof(".tar")+sizeof("")); | 254 | std::string the_file(filename,0,fnl-sizeof(".tar")+sizeof("")); |
212 | std::string the_log = the_file+".log"; | 255 | std::string the_log = the_file+".log"; |
213 | 256 | ||
214 | eyekinfig_t eyekinfig(macaddress); | 257 | if(!indir) throw std::runtime_error("I haven't even created a directory!"); |
215 | 258 | shared_ptr<tmpdir_t> dir; dir.swap(indir); | |
216 | umask(eyekinfig.get_umask()); | 259 | if(!mime_tarfile) throw std::runtime_error("I haven't written the tarball!"); |
217 | 260 | shared_ptr<mimewrite_tarfile> file; file.swap(mime_tarfile); | |
218 | std::string td = eyekinfig.get_targetdir(); | 261 | if(!mime_idigest) throw std::runtime_error("I haven't seen the integrity digest!"); |
219 | tmpdir_t indir(td+"/.incoming.XXXXXX"); | 262 | shared_ptr<mimewrite_string> idigest; idigest.swap(mime_idigest); |
220 | |||
221 | std::string tf,lf; | ||
222 | binary_t digest, idigest; | ||
223 | #ifdef HAVE_SQLITE | ||
224 | bool beenthere = false; | ||
225 | #endif | ||
226 | |||
227 | for(soap_multipart::iterator i=mime.begin(),ie=mime.end();i!=ie;++i) { | ||
228 | #ifndef NDEBUG | ||
229 | syslog(LOG_DEBUG, | ||
230 | " MIME attachment with id=%s, type=%s, size=%ld", | ||
231 | (*i).id, (*i).type, (long)(*i).size ); | ||
232 | #endif | ||
233 | |||
234 | if((*i).id && !strcmp((*i).id,"INTEGRITYDIGEST")) { | ||
235 | std::string idigestr((*i).ptr,(*i).size); | ||
236 | #ifndef NDEBUG | ||
237 | syslog(LOG_DEBUG, " INTEGRITYDIGEST=%s", idigestr.c_str()); | ||
238 | #endif | ||
239 | idigest.from_hex(idigestr); | ||
240 | } | ||
241 | if( (*i).id && !strcmp((*i).id,"FILENAME") ) { | ||
242 | assert( (*i).type && !strcmp((*i).type,"application/x-tar") ); | ||
243 | #ifdef III_SAVE_TARS | ||
244 | std::string tarfile = indir.get_file(filename); | ||
245 | { | ||
246 | std::ofstream(tarfile.c_str(),std::ios::out|std::ios::binary).write((*i).ptr,(*i).size); | ||
247 | } | ||
248 | #endif | ||
249 | 263 | ||
250 | if(!tf.empty()) throw std::runtime_error("already seen tarball"); | ||
251 | if(!digest.empty()) throw std::runtime_error("already have integrity digest"); | ||
252 | digest = integrity_digest((*i).ptr,(*i).size,eyekinfig.get_upload_key()); | ||
253 | #ifndef NDEBUG | ||
254 | syslog(LOG_DEBUG," computed integrity digest=%s", digest.hex().c_str()); | ||
255 | #endif | ||
256 | #ifdef HAVE_SQLITE | 264 | #ifdef HAVE_SQLITE |
257 | if(!(*i).size) { | 265 | if(!file->f.tellg()) { |
258 | if(!already.is(filename,filesignature,filesize)) | 266 | if(!already.is(filename,filesignature,filesize)) |
259 | throw std::runtime_error("got zero-length upload for unknown file"); | 267 | throw std::runtime_error("got zero-length upload for unknown file"); |
260 | beenthere = true; continue; | 268 | r.success = true; |
261 | } | 269 | return SOAP_OK; |
270 | } | ||
262 | #endif | 271 | #endif |
263 | 272 | ||
264 | tarchive_t a((*i).ptr,(*i).size); | 273 | if(idigest->str != file->idigest.final(kinfig->get_upload_key()).hex()) |
265 | while(a.read_next_header()) { | 274 | throw std::runtime_error("Integrity digest doesn't match, disintegrating."); |
266 | std::string ep = a.entry_pathname(), f = indir.get_file(ep); | ||
267 | if(ep==the_file) tf = f; | ||
268 | else if(ep==the_log) lf = f; | ||
269 | else continue; | ||
270 | int fd=open(f.c_str(),O_CREAT|O_WRONLY,0666); | ||
271 | if(fd<0) | ||
272 | throw std::runtime_error(gnu::autosprintf("failed to create output file '%s'",f.c_str())); | ||
273 | if(!a.read_data_into_fd(fd)) | ||
274 | throw std::runtime_error(gnu::autosprintf("failed to untar file into '%s'",f.c_str())); | ||
275 | close(fd); | ||
276 | } | ||
277 | } | ||
278 | } | ||
279 | 275 | ||
280 | #ifdef HAVE_SQLITE | 276 | std::string tf, lf; |
281 | if(beenthere) { | 277 | for(tarchive_t a(file->fn.c_str());a.read_next_header();) { |
282 | r.success=true; | 278 | std::string ep = a.entry_pathname(), f = dir->get_file(ep); |
283 | return SOAP_OK; | 279 | if(ep==the_file) tf = f; |
280 | else if(ep==the_log) lf = f; | ||
281 | else continue; | ||
282 | int fd=open(f.c_str(),O_CREAT|O_WRONLY,0666); | ||
283 | if(fd<0) | ||
284 | throw std::runtime_error(gnu::autosprintf("failed to create output file '%s'",f.c_str())); | ||
285 | if(!a.read_data_into_fd(fd)) | ||
286 | throw std::runtime_error(gnu::autosprintf("failed to untar file into '%s'",f.c_str())); | ||
287 | close(fd); | ||
284 | } | 288 | } |
285 | #endif | ||
286 | 289 | ||
287 | if(tf.empty()) throw std::runtime_error("haven't seen THE file"); | 290 | if(tf.empty()) throw std::runtime_error("haven't seen THE file"); |
288 | if(digest!=idigest) throw std::runtime_error("integrity digest verification failed"); | ||
289 | 291 | ||
290 | std::string::size_type ls = tf.rfind('/'); | 292 | std::string::size_type ls = tf.rfind('/'); |
291 | // XXX: actually, lack of '/' signifies error here | 293 | // XXX: actually, lack of '/' signifies error here |
292 | std::string tbn = (ls==std::string::npos)?tf:tf.substr(ls+1); | 294 | std::string tbn = (ls==std::string::npos)?tf:tf.substr(ls+1); |
293 | ls = lf.rfind('/'); | 295 | ls = lf.rfind('/'); |
294 | std::string lbn = (ls==std::string::npos)?lf:lf.substr(ls+1); | 296 | std::string lbn = (ls==std::string::npos)?lf:lf.substr(ls+1); |
295 | std::string ttf,tlf; | 297 | std::string ttf,tlf; |
296 | bool success = false; | 298 | bool success = false; |
299 | std::string td = kinfig->get_targetdir(); | ||
297 | for(int i=0;i<32767;++i) { | 300 | for(int i=0;i<32767;++i) { |
298 | const char *fmt = i ? "%1$s/(%3$05d)%2$s" : "%1$s/%2$s"; | 301 | const char *fmt = i ? "%1$s/(%3$05d)%2$s" : "%1$s/%2$s"; |
299 | ttf = (const char*)gnu::autosprintf(fmt,td.c_str(),tbn.c_str(),i); | 302 | ttf = (const char*)gnu::autosprintf(fmt,td.c_str(),tbn.c_str(),i); |
300 | if(!lf.empty()) tlf = (const char*)gnu::autosprintf(fmt,td.c_str(),lbn.c_str(),i); | 303 | if(!lf.empty()) tlf = (const char*)gnu::autosprintf(fmt,td.c_str(),lbn.c_str(),i); |
301 | if( (!link(tf.c_str(),ttf.c_str())) && (lf.empty() || !link(lf.c_str(),tlf.c_str())) ) { | 304 | if( (!link(tf.c_str(),ttf.c_str())) && (lf.empty() || !link(lf.c_str(),tlf.c_str())) ) { |
302 | unlink(tf.c_str()); | 305 | unlink(tf.c_str()); |
303 | if(!lf.empty()) unlink(lf.c_str()); | 306 | if(!lf.empty()) unlink(lf.c_str()); |
304 | success=true; | 307 | success=true; |
305 | break; | 308 | break; |
306 | } | 309 | } |
307 | } | 310 | } |
308 | std::string cmd = eyekinfig.get_on_upload_photo(); | 311 | std::string cmd = kinfig->get_on_upload_photo(); |
309 | if(success) { | 312 | if(success) { |
310 | #ifdef HAVE_SQLITE | 313 | #ifdef HAVE_SQLITE |
311 | { | 314 | { |
312 | iiidb_t D(eyekinfig); | 315 | iiidb_t D(*kinfig); |
313 | D.prepare( | 316 | D.prepare( |
314 | "INSERT INTO photo" | 317 | "INSERT INTO photo" |
315 | " (ctime,mac,fileid,filename,filesize,filesignature,encryption,flags)" | 318 | " (ctime,mac,fileid,filename,filesize,filesignature,encryption,flags)" |
316 | " VALUES" | 319 | " VALUES" |
317 | " (:ctime,:mac,:fileid,:filename,:filesize,:filesignature,:encryption,:flags)" | 320 | " (:ctime,:mac,:fileid,:filename,:filesize,:filesignature,:encryption,:flags)" |
318 | ).bind(":ctime",time(0)) | 321 | ).bind(":ctime",time(0)) |