-rw-r--r-- | src/eyefiworker.cc | 4 | ||||
-rw-r--r-- | src/eyefiworker.h | 1 | ||||
-rw-r--r-- | src/eyetil.h | 5 | ||||
-rw-r--r-- | src/iiid.cc | 4 |
4 files changed, 12 insertions, 2 deletions
diff --git a/src/eyefiworker.cc b/src/eyefiworker.cc index ac75fc1..1979b46 100644 --- a/src/eyefiworker.cc +++ b/src/eyefiworker.cc @@ -1,339 +1,341 @@ #include <signal.h> #ifndef NDEBUG # include <sys/resource.h> #endif #include <syslog.h> #include <cassert> #include <iostream> #include <fstream> #include <stdexcept> #include <iterator> #include <algorithm> #include <sys/wait.h> #include <autosprintf.h> #include "eyekinfig.h" #include "eyetil.h" #include "eyefiworker.h" #ifdef HAVE_SQLITE # include "iiidb.h" #endif eyefiworker::eyefiworker() : eyefiService(SOAP_IO_STORE|SOAP_IO_KEEPALIVE) { bind_flags = SO_REUSEADDR; max_keep_alive = 0; socket_flags = #if defined(MSG_NOSIGNAL) MSG_NOSIGNAL #elif defined(SO_NOSIGPIPE) SO_NOSIGPIPE #else #error Something is wrong with sigpipe prevention on the platform #endif ; } +eyefiworker::~eyefiworker() { +} int eyefiworker::run(int bindport) { #ifdef HAVE_SQLITE sqlite3_initialize(); #endif if(!soap_valid_socket(bind(0,bindport,64))) throw std::runtime_error("failed to bind()"); signal(SIGCHLD,SIG_IGN); while(true) { if(!soap_valid_socket(accept())) throw std::runtime_error("failed to accept()"); pid_t p = fork(); if(p<0) throw std::runtime_error("failed to fork()"); if(!p) { recv_timeout = 600; send_timeout = 120; (void)serve(); soap_destroy(this); soap_end(this); soap_done(this); #ifndef NDEBUG struct rusage ru; if(getrusage(RUSAGE_SELF,&ru)) { syslog(LOG_NOTICE,"Failed to getrusage(): %d",errno); }else{ syslog(LOG_INFO,"maxrss: %ld\n",ru.ru_maxrss); } #endif /* NDEBUG */ - _exit(0); + throw throwable_exit(0); } close(socket); socket = SOAP_INVALID_SOCKET; } } static binary_t session_nonce; #ifdef HAVE_SQLITE static struct { std::string filesignature; long filesize; std::string filename; inline void reset() { filesignature.erase(); filename.erase(); filesize=0; } inline void set(const std::string n,const std::string sig,long siz) { filename = n; filesignature = sig; filesize = siz; } inline bool is(const std::string n,const std::string sig,long siz) { return filesize==siz && filename==n && filesignature==sig; } } already; #endif /* HAVE_SQLITE */ static bool detached_child() { pid_t p = fork(); if(p<0) { syslog(LOG_ERR,"Failed to fork away for hook execution"); _exit(-1); } if(!p) { setsid(); for(int i=getdtablesize();i>=0;--i) close(i); int i=open("/dev/null",O_RDWR); assert(i==0); i = dup(i); assert(i==1); i = dup(i); assert(i==2); return true; } return false; } static int E(eyefiworker* efs,const char *c,const std::exception& e) { efs->keep_alive=0; syslog(LOG_ERR,"error while processing %s: %s",c,e.what()); return soap_sender_fault(efs,gnu::autosprintf("error processing %s",c),0); } int eyefiworker::StartSession( std::string macaddress,std::string cnonce, int transfermode,long transfermodetimestamp, struct rns__StartSessionResponse &r ) try { syslog(LOG_INFO, "StartSession request from %s with cnonce=%s, transfermode=%d, transfermodetimestamp=%ld", macaddress.c_str(), cnonce.c_str(), transfermode, transfermodetimestamp ); eyekinfig_t eyekinfig(macaddress); r.credential = binary_t(macaddress+cnonce+eyekinfig.get_upload_key()).md5().hex(); r.snonce = session_nonce.make_nonce().hex(); r.transfermode=transfermode; r.transfermodetimestamp=transfermodetimestamp; r.upsyncallowed=false; std::string cmd = eyekinfig.get_on_start_session(); if(!cmd.empty()) { if(detached_child()) { putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); putenv( gnu::autosprintf("EYEFI_TRANSFERMODE=%d",transfermode) ); putenv( gnu::autosprintf("EYEFI_TRANSFERMODETIMESTAMP=%ld",transfermodetimestamp) ); char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; execv("/bin/sh",argv); syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); _exit(-1); } } return SOAP_OK; }catch(const std::exception& e) { return E(this,"StartSession",e); } int eyefiworker::GetPhotoStatus( std::string credential, std::string macaddress, std::string filename, long filesize, std::string filesignature, int flags, struct rns__GetPhotoStatusResponse &r ) try { syslog(LOG_INFO, "GetPhotoStatus request from %s with credential=%s, filename=%s, filesize=%ld, filesignature=%s, flags=%d; session nonce=%s", macaddress.c_str(), credential.c_str(), filename.c_str(), filesize, filesignature.c_str(), flags, session_nonce.hex().c_str() ); eyekinfig_t eyekinfig(macaddress); std::string computed_credential = binary_t(macaddress+eyekinfig.get_upload_key()+session_nonce.hex()).md5().hex(); #ifndef NDEBUG syslog(LOG_DEBUG, " computed credential=%s", computed_credential.c_str()); #endif if (credential != computed_credential) throw std::runtime_error("card authentication failed"); #ifdef HAVE_SQLITE iiidb_t D(eyekinfig); seclude::stmt_t S = D.prepare( "SELECT fileid FROM photo" " WHERE mac=:mac AND filename=:filename" " AND filesize=:filesize AND filesignature=:filesignature" ).bind(":mac",macaddress) .bind(":filename",filename).bind(":filesize",filesize) .bind(":filesignature",filesignature); if(!S.step()) { r.fileid = 1; r.offset = 0; }else{ r.fileid = S.column<long>(0); r.offset = filesize; already.set(filename,filesignature,filesize); } #else /* HAVE_SQLITE */ r.fileid=1, r.offset=0; #endif /* HAVE_SQLITE */ return SOAP_OK; }catch(const std::exception& e) { return E(this,"GetPhotoStatus",e); } int eyefiworker::MarkLastPhotoInRoll( std::string macaddress, int mergedelta, struct rns__MarkLastPhotoInRollResponse&/* r */ ) try { syslog(LOG_INFO, "MarkLastPhotoInRoll request from %s with mergedelta=%d", macaddress.c_str(), mergedelta ); std::string cmd = eyekinfig_t(macaddress).get_on_mark_last_photo_in_roll(); if(!cmd.empty()) { if(detached_child()) { putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); putenv( gnu::autosprintf("EYEFI_MERGEDELTA=%d",mergedelta) ); char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; execv("/bin/sh",argv); syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); _exit(-1); } } keep_alive = 0; return SOAP_OK; }catch(const std::exception& e) { return E(this,"MarkLastPhotoInRoll",e); } int eyefiworker::UploadPhoto( int fileid, std::string macaddress, std::string filename, long filesize, std::string filesignature, std::string encryption, int flags, struct rns__UploadPhotoResponse& r ) try { syslog(LOG_INFO, "UploadPhoto request from %s with fileid=%d, filename=%s, filesize=%ld," " filesignature=%s, encryption=%s, flags=%04X", macaddress.c_str(), fileid, filename.c_str(), filesize, filesignature.c_str(), encryption.c_str(), flags ); std::string::size_type fnl=filename.length(); if(fnl<sizeof(".tar") || strncmp(filename.c_str()+fnl-sizeof(".tar")+sizeof(""),".tar",sizeof(".tar"))) throw std::runtime_error(gnu::autosprintf("honestly, I expected the tarball coming here, not '%s'",filename.c_str())); std::string the_file(filename,0,fnl-sizeof(".tar")+sizeof("")); std::string the_log = the_file+".log"; eyekinfig_t eyekinfig(macaddress); umask(eyekinfig.get_umask()); std::string td = eyekinfig.get_targetdir(); tmpdir_t indir(td+"/.incoming.XXXXXX"); std::string tf,lf; binary_t digest, idigest; #ifdef HAVE_SQLITE bool beenthere = false; #endif for(soap_multipart::iterator i=mime.begin(),ie=mime.end();i!=ie;++i) { #ifndef NDEBUG syslog(LOG_DEBUG, " MIME attachment with id=%s, type=%s, size=%ld", (*i).id, (*i).type, (long)(*i).size ); #endif if((*i).id && !strcmp((*i).id,"INTEGRITYDIGEST")) { std::string idigestr((*i).ptr,(*i).size); #ifndef NDEBUG syslog(LOG_DEBUG, " INTEGRITYDIGEST=%s", idigestr.c_str()); #endif idigest.from_hex(idigestr); } if( (*i).id && !strcmp((*i).id,"FILENAME") ) { assert( (*i).type && !strcmp((*i).type,"application/x-tar") ); #ifdef III_SAVE_TARS std::string tarfile = indir.get_file(filename); { std::ofstream(tarfile.c_str(),std::ios::out|std::ios::binary).write((*i).ptr,(*i).size); } #endif if(!tf.empty()) throw std::runtime_error("already seen tarball"); if(!digest.empty()) throw std::runtime_error("already have integrity digest"); digest = integrity_digest((*i).ptr,(*i).size,eyekinfig.get_upload_key()); #ifndef NDEBUG syslog(LOG_DEBUG," computed integrity digest=%s", digest.hex().c_str()); #endif #ifdef HAVE_SQLITE if(!(*i).size) { if(!already.is(filename,filesignature,filesize)) throw std::runtime_error("got zero-length upload for unknown file"); beenthere = true; continue; } #endif tarchive_t a((*i).ptr,(*i).size); while(a.read_next_header()) { std::string ep = a.entry_pathname(), f = indir.get_file(ep); if(ep==the_file) tf = f; else if(ep==the_log) lf = f; else continue; int fd=open(f.c_str(),O_CREAT|O_WRONLY,0666); if(fd<0) throw std::runtime_error(gnu::autosprintf("failed to create output file '%s'",f.c_str())); if(!a.read_data_into_fd(fd)) throw std::runtime_error(gnu::autosprintf("failed to untar file into '%s'",f.c_str())); close(fd); } } } #ifdef HAVE_SQLITE if(beenthere) { r.success=true; return SOAP_OK; } #endif if(tf.empty()) throw std::runtime_error("haven't seen THE file"); if(digest!=idigest) throw std::runtime_error("integrity digest verification failed"); std::string::size_type ls = tf.rfind('/'); // XXX: actually, lack of '/' signifies error here std::string tbn = (ls==std::string::npos)?tf:tf.substr(ls+1); ls = lf.rfind('/'); std::string lbn = (ls==std::string::npos)?lf:lf.substr(ls+1); std::string ttf,tlf; bool success = false; for(int i=0;i<32767;++i) { const char *fmt = i ? "%1$s/(%3$05d)%2$s" : "%1$s/%2$s"; ttf = (const char*)gnu::autosprintf(fmt,td.c_str(),tbn.c_str(),i); if(!lf.empty()) tlf = (const char*)gnu::autosprintf(fmt,td.c_str(),lbn.c_str(),i); if( (!link(tf.c_str(),ttf.c_str())) && (lf.empty() || !link(lf.c_str(),tlf.c_str())) ) { unlink(tf.c_str()); if(!lf.empty()) unlink(lf.c_str()); success=true; break; } } std::string cmd = eyekinfig.get_on_upload_photo(); if(success) { #ifdef HAVE_SQLITE { iiidb_t D(eyekinfig); D.prepare( "INSERT INTO photo" " (ctime,mac,fileid,filename,filesize,filesignature,encryption,flags)" " VALUES" " (:ctime,:mac,:fileid,:filename,:filesize,:filesignature,:encryption,:flags)" ).bind(":ctime",time(0)) .bind(":mac",macaddress) .bind(":fileid",fileid).bind(":filename",filename) .bind(":filesize",filesize).bind(":filesignature",filesignature) .bind(":encryption",encryption).bind(":flags",flags) .step(); } #endif /* HAVE_SQLITE */ if((!cmd.empty()) && detached_child()) { putenv( gnu::autosprintf("EYEFI_UPLOADED_ORIG=%s",tbn.c_str()) ); putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); putenv( gnu::autosprintf("EYEFI_UPLOADED=%s",ttf.c_str()) ); if(!lf.empty()) putenv( gnu::autosprintf("EYEFI_LOG=%s",tlf.c_str()) ); char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; execv("/bin/sh",argv); syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); _exit(-1); } } r.success = true; return SOAP_OK; }catch(const std::exception& e) { return E(this,"UploadPhoto",e); } diff --git a/src/eyefiworker.h b/src/eyefiworker.h index 6d4082c..6cdecff 100644 --- a/src/eyefiworker.h +++ b/src/eyefiworker.h @@ -1,29 +1,30 @@ #ifndef __EYEFIWORKER_H #define __EYEFIWORKER_H #include "soapeyefiService.h" class eyefiworker : public eyefiService { public: eyefiworker(); + ~eyefiworker(); int run(int port) __attribute__ ((noreturn)); int StartSession(std::string macaddress, std::string cnonce, int transfermode, long transfermodetimestamp, struct rns__StartSessionResponse &r); int GetPhotoStatus(std::string credential, std::string macaddress, std::string filename, long filesize, std::string filesignature, int flags, struct rns__GetPhotoStatusResponse &r); int MarkLastPhotoInRoll(std::string macaddress, int mergedelta, struct rns__MarkLastPhotoInRollResponse &r); int UploadPhoto(int fileid, std::string macaddress, std::string filename, long filesize, std::string filesignature, std::string encryption, int flags, struct rns__UploadPhotoResponse &r); eyefiService *copy() { throw std::logic_error("Not meant to be called"); } }; #endif /* __EYEFIWORKER_H */ diff --git a/src/eyetil.h b/src/eyetil.h index eff2c43..03b9ba8 100644 --- a/src/eyetil.h +++ b/src/eyetil.h @@ -1,89 +1,94 @@ #ifndef __EYETIL_H #define __EYETIL_H #include <vector> #include <string> #include <archive.h> #include <archive_entry.h> #include "openssl/md5.h" +struct throwable_exit { + int rc; + throwable_exit(int rc_) : rc(rc_) { } +}; + class binary_t : public std::vector<unsigned char> { public: binary_t() { } binary_t(size_type n) : std::vector<unsigned char>(n) { } binary_t(const std::string& h) { from_hex(h); } binary_t(const void *d,size_t s) { from_data(d,s); } binary_t& from_hex(const std::string& h); binary_t& from_data(const void *d,size_t s); binary_t& make_nonce(); std::string hex() const; binary_t md5() const; }; struct md5_digester { MD5_CTX ctx; md5_digester() { init(); } void init(); void update(const void *d,size_t l); binary_t final(); template<typename T> void update(const T& x) { update(&x,sizeof(x)); } template<typename T> struct update_iterator : public std::iterator<std::output_iterator_tag,T,void,T*,T&> { md5_digester *d; update_iterator(md5_digester *d_) : d(d_) { } update_iterator(const update_iterator& x) : d(x.d) { } update_iterator& operator*() { return *this; } update_iterator& operator++() { return *this; } update_iterator& operator++(int) { return *this; } update_iterator& operator=(const T& x) { d->update(x); return *this; } }; template<typename T> update_iterator<T> updater() { return update_iterator<T>(this); } }; template<> inline void md5_digester::update<binary_t>(const binary_t& x) { update((const unsigned char*)&(x.front()),x.size()); } class tmpdir_t { public: std::string dir; tmpdir_t(const std::string& dt); ~tmpdir_t(); std::string get_file(const std::string& f); }; class tarchive_t { public: struct archive *a; struct archive_entry *e; tarchive_t(void *p,size_t s); ~tarchive_t(); bool read_next_header(); std::string entry_pathname(); bool read_data_into_fd(int fd); }; binary_t integrity_digest(const void *ptr,size_t size, const std::string& ukey); #endif /* __EYETIL_H */ diff --git a/src/iiid.cc b/src/iiid.cc index d655fe3..b3dd3bf 100644 --- a/src/iiid.cc +++ b/src/iiid.cc @@ -1,97 +1,99 @@ #include <syslog.h> #include <getopt.h> #include <sys/stat.h> #include <glob.h> #include <iostream> #include <cassert> #include <stdexcept> #include "eyetil.h" #include "eyefiworker.h" #include "config.h" #include "eyefi.nsmap" #define PHEADER \ PACKAGE " Version " VERSION "\n" \ "Copyright (c) 2009 Klever Group" int main(int argc,char **argv) try { int port = 59278; while(true) { static struct option opts[] = { { "help", no_argument, 0, 'h' }, { "usage", no_argument, 0, 'h' }, { "version", no_argument, 0, 'V' }, { "license", no_argument, 0, 'L' }, { "port", required_argument, 0, 'p' }, { NULL, 0, 0, 0 } }; int c = getopt_long(argc,argv,"hVLp:",opts,NULL); if(c==-1) break; switch(c) { case 'h': std::cerr << PHEADER << std::endl << std::endl << " " << argv[0] << " [options]" << std::endl << std::endl << " -h, --help,\n" " --usage display this text\n" " -V, --version display version information\n" " -L, --license show license\n" " -p <port>, --port=<port> port to listen to\n" " (you're not likely to ever need it)\n" << std::endl << std::endl; exit(0); break; case 'V': std::cerr << VERSION << std::endl; exit(0); break; case 'L': extern const char *COPYING; std::cerr << COPYING << std::endl; exit(0); break; case 'p': port = 0xffff&strtol(optarg,0,0); if(errno) { std::cerr << "Failed to parse port number" << std::endl; exit(1); } break; default: std::cerr << "Huh?" << std::endl; exit(1); break; } } const char *ident = rindex(*argv,'/'); if(ident) ++ident; else ident = *argv; openlog(ident,LOG_PERROR|LOG_PID,LOG_DAEMON); syslog(LOG_INFO,"Starting iii eye-fi manager"); struct stat st; if(stat(EYEKIN_CONF_DIR,&st) || !S_ISDIR(st.st_mode)) syslog(LOG_WARNING,"configuration directory '%s' does not exist or is not a directory",EYEKIN_CONF_DIR); glob_t g; int rg = glob(EYEKIN_CONF_DIR"/????????????.conf",GLOB_NOSORT,NULL,&g); if(rg || !g.gl_pathc) syslog(LOG_WARNING,"I see nothing resembling a card config in '%s'",EYEKIN_CONF_DIR); else globfree(&g); eyefiworker().run(port); closelog(); return 0; -} catch(std::exception& e) { +} catch(const throwable_exit& e) { + return e.rc; +} catch(const std::exception& e) { syslog(LOG_CRIT,"Exiting iii daemon, because of error condition"); syslog(LOG_CRIT,"Exception: %s",e.what()); return 1; } |