-rw-r--r-- | src/Makefile.am | 5 | ||||
-rw-r--r-- | src/eyefiservice.cc | 290 | ||||
-rw-r--r-- | src/eyefiworker.cc | 287 | ||||
-rw-r--r-- | src/eyefiworker.h | 14 |
4 files changed, 303 insertions, 293 deletions
diff --git a/src/Makefile.am b/src/Makefile.am index f2ff772..7258e8b 100644 --- a/src/Makefile.am +++ b/src/Makefile.am | |||
@@ -1,37 +1,38 @@ | |||
1 | bin_PROGRAMS=iii-extract-riff-chunk | 1 | bin_PROGRAMS=iii-extract-riff-chunk |
2 | sbin_PROGRAMS=iiid | 2 | sbin_PROGRAMS=iiid |
3 | noinst_HEADERS = \ | 3 | noinst_HEADERS = \ |
4 | eyefi.h \ | 4 | eyefi.h \ |
5 | eyekinfig.h eyetil.h \ | 5 | eyekinfig.h eyetil.h \ |
6 | eyefiworker.h iiidb.h \ | 6 | eyefiworker.h iiidb.h \ |
7 | seclude.h | 7 | seclude.h |
8 | 8 | ||
9 | AM_CPPFLAGS = ${CPPFLAGS_DEBUG} \ | 9 | AM_CPPFLAGS = ${CPPFLAGS_DEBUG} \ |
10 | -DEYEKIN_CONF_DIR=\"${sysconfdir}/${PACKAGE}\" | 10 | -DEYEKIN_CONF_DIR=\"${sysconfdir}/${PACKAGE}\" \ |
11 | -DWITH_PURE_VIRTUAL | ||
11 | DEFAULT_INCLUDES = -I${top_builddir} -I${builddir} -I${srcdir} | 12 | DEFAULT_INCLUDES = -I${top_builddir} -I${builddir} -I${srcdir} |
12 | INCLUDES = ${MODULES_CFLAGS} ${UUID_CFLAGS} ${SQLITE_CFLAGS} | 13 | INCLUDES = ${MODULES_CFLAGS} ${UUID_CFLAGS} ${SQLITE_CFLAGS} |
13 | 14 | ||
14 | iiid_SOURCES = iiid.cc \ | 15 | iiid_SOURCES = iiid.cc \ |
15 | eyekinfig.cc eyetil.cc \ | 16 | eyekinfig.cc eyetil.cc \ |
16 | eyefiservice.cc eyefiworker.cc | 17 | eyefiworker.cc |
17 | nodist_iiid_SOURCES = \ | 18 | nodist_iiid_SOURCES = \ |
18 | ${builddir}/soapC.cpp ${builddir}/soapeyefiService.cpp \ | 19 | ${builddir}/soapC.cpp ${builddir}/soapeyefiService.cpp \ |
19 | COPYING.cc | 20 | COPYING.cc |
20 | iiid_LDADD = ${MODULES_LIBS} ${UUID_LIBS} ${SQLITE_LIBS} | 21 | iiid_LDADD = ${MODULES_LIBS} ${UUID_LIBS} ${SQLITE_LIBS} |
21 | 22 | ||
22 | iii_extract_riff_chunk_SOURCES = iii-extract-riff-chunk.cc | 23 | iii_extract_riff_chunk_SOURCES = iii-extract-riff-chunk.cc |
23 | nodist_iii_extract_riff_chunk_SOURCES = COPYING.cc | 24 | nodist_iii_extract_riff_chunk_SOURCES = COPYING.cc |
24 | 25 | ||
25 | COPYING.cc: ${top_srcdir}/COPYING | 26 | COPYING.cc: ${top_srcdir}/COPYING |
26 | echo "const char * COPYING = " >$@ || (rm $@;exit 1) | 27 | echo "const char * COPYING = " >$@ || (rm $@;exit 1) |
27 | sed -e 's/"/\\"/g' -e 's/^/\"/' -e 's/$$/\\n\"/' $< >>$@ || (rm $@;exit 1) | 28 | sed -e 's/"/\\"/g' -e 's/^/\"/' -e 's/$$/\\n\"/' $< >>$@ || (rm $@;exit 1) |
28 | echo ';' >>$@ || (rm $@;exit 1) | 29 | echo ';' >>$@ || (rm $@;exit 1) |
29 | 30 | ||
30 | ${srcdir}/eyefiservice.cc: ${builddir}/soapeyefiService.h | 31 | ${srcdir}/eyefiservice.cc: ${builddir}/soapeyefiService.h |
31 | ${srcdir}/iiid.cc: ${builddir}/eyefi.nsmap | 32 | ${srcdir}/iiid.cc: ${builddir}/eyefi.nsmap |
32 | 33 | ||
33 | ${builddir}soapC.cpp ${builddir}/soapeyefiService.cpp ${builddir}/eyefi.nsmap ${builddir}/soapeyefiService.h: ${srcdir}/eyefi.h | 34 | ${builddir}soapC.cpp ${builddir}/soapeyefiService.cpp ${builddir}/eyefi.nsmap ${builddir}/soapeyefiService.h: ${srcdir}/eyefi.h |
34 | ${SOAPCPP2} -d${builddir} -S -L -a -i -w -x $< | 35 | ${SOAPCPP2} -d${builddir} -S -L -a -i -w -x $< |
35 | 36 | ||
36 | clean-local: | 37 | clean-local: |
37 | rm -f soap{{H,Stub,eyefiService}.h,{C,eyefiService}.cpp} eyefi.nsmap COPYING.cc | 38 | rm -f soap{{H,Stub,eyefiService}.h,{C,eyefiService}.cpp} eyefi.nsmap COPYING.cc |
diff --git a/src/eyefiservice.cc b/src/eyefiservice.cc deleted file mode 100644 index 4a4a179..0000000 --- a/src/eyefiservice.cc +++ b/dev/null | |||
@@ -1,290 +0,0 @@ | |||
1 | #include <cassert> | ||
2 | #include <iostream> | ||
3 | #include <fstream> | ||
4 | #include <stdexcept> | ||
5 | #include <iterator> | ||
6 | #include <algorithm> | ||
7 | #include <syslog.h> | ||
8 | #include <sys/wait.h> | ||
9 | #include <autosprintf.h> | ||
10 | #include "eyekinfig.h" | ||
11 | #include "eyetil.h" | ||
12 | #include "soapeyefiService.h" | ||
13 | #ifdef HAVE_SQLITE | ||
14 | # include "iiidb.h" | ||
15 | #endif | ||
16 | |||
17 | static binary_t session_nonce; | ||
18 | #ifdef HAVE_SQLITE | ||
19 | static struct { | ||
20 | std::string filesignature; | ||
21 | long filesize; | ||
22 | std::string filename; | ||
23 | inline void reset() { filesignature.erase(); filename.erase(); filesize=0; } | ||
24 | inline void set(const std::string n,const std::string sig,long siz) { | ||
25 | filename = n; filesignature = sig; filesize = siz; | ||
26 | } | ||
27 | inline bool is(const std::string n,const std::string sig,long siz) { | ||
28 | return filesize==siz && filename==n && filesignature==sig; | ||
29 | } | ||
30 | } already; | ||
31 | #endif /* HAVE_SQLITE */ | ||
32 | |||
33 | static bool detached_child() { | ||
34 | pid_t p = fork(); | ||
35 | if(p<0) { | ||
36 | syslog(LOG_ERR,"Failed to fork away for hook execution"); | ||
37 | _exit(-1); | ||
38 | } | ||
39 | if(!p) { | ||
40 | setsid(); | ||
41 | for(int i=getdtablesize();i>=0;--i) close(i); | ||
42 | int i=open("/dev/null",O_RDWR); assert(i==0); | ||
43 | i = dup(i); assert(i==1); | ||
44 | i = dup(i); assert(i==2); | ||
45 | return true; | ||
46 | } | ||
47 | return false; | ||
48 | } | ||
49 | |||
50 | static int E(eyefiService* efs,const char *c,const std::exception& e) { | ||
51 | efs->keep_alive=0; | ||
52 | syslog(LOG_ERR,"error while processing %s: %s",c,e.what()); | ||
53 | return soap_sender_fault(efs,gnu::autosprintf("error processing %s",c),0); | ||
54 | } | ||
55 | |||
56 | int eyefiService::StartSession( | ||
57 | std::string macaddress,std::string cnonce, | ||
58 | int transfermode,long transfermodetimestamp, | ||
59 | struct rns__StartSessionResponse &r ) try { | ||
60 | syslog(LOG_INFO, | ||
61 | "StartSession request from %s with cnonce=%s, transfermode=%d, transfermodetimestamp=%ld", | ||
62 | macaddress.c_str(), cnonce.c_str(), transfermode, transfermodetimestamp ); | ||
63 | eyekinfig_t eyekinfig(macaddress); | ||
64 | r.credential = binary_t(macaddress+cnonce+eyekinfig.get_upload_key()).md5().hex(); | ||
65 | |||
66 | r.snonce = session_nonce.make_nonce().hex(); | ||
67 | r.transfermode=transfermode; | ||
68 | r.transfermodetimestamp=transfermodetimestamp; | ||
69 | r.upsyncallowed=false; | ||
70 | |||
71 | std::string cmd = eyekinfig.get_on_start_session(); | ||
72 | if(!cmd.empty()) { | ||
73 | if(detached_child()) { | ||
74 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); | ||
75 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODE=%d",transfermode) ); | ||
76 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODETIMESTAMP=%ld",transfermodetimestamp) ); | ||
77 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; | ||
78 | execv("/bin/sh",argv); | ||
79 | syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); | ||
80 | _exit(-1); | ||
81 | } | ||
82 | } | ||
83 | return SOAP_OK; | ||
84 | }catch(const std::exception& e) { return E(this,"StartSession",e); } | ||
85 | |||
86 | int eyefiService::GetPhotoStatus( | ||
87 | std::string credential, std::string macaddress, | ||
88 | std::string filename, long filesize, std::string filesignature, | ||
89 | int flags, | ||
90 | struct rns__GetPhotoStatusResponse &r ) try { | ||
91 | syslog(LOG_INFO, | ||
92 | "GetPhotoStatus request from %s with credential=%s, filename=%s, filesize=%ld, filesignature=%s, flags=%d; session nonce=%s", | ||
93 | macaddress.c_str(), credential.c_str(), filename.c_str(), filesize, filesignature.c_str(), flags, | ||
94 | session_nonce.hex().c_str() ); | ||
95 | |||
96 | eyekinfig_t eyekinfig(macaddress); | ||
97 | std::string computed_credential = binary_t(macaddress+eyekinfig.get_upload_key()+session_nonce.hex()).md5().hex(); | ||
98 | |||
99 | #ifndef NDEBUG | ||
100 | syslog(LOG_DEBUG, " computed credential=%s", computed_credential.c_str()); | ||
101 | #endif | ||
102 | |||
103 | if (credential != computed_credential) throw std::runtime_error("card authentication failed"); | ||
104 | |||
105 | #ifdef HAVE_SQLITE | ||
106 | iiidb_t D(eyekinfig); | ||
107 | seclude::stmt_t S = D.prepare( | ||
108 | "SELECT fileid FROM photo" | ||
109 | " WHERE mac=:mac AND filename=:filename" | ||
110 | " AND filesize=:filesize AND filesignature=:filesignature" | ||
111 | ).bind(":mac",macaddress) | ||
112 | .bind(":filename",filename).bind(":filesize",filesize) | ||
113 | .bind(":filesignature",filesignature); | ||
114 | if(!S.step()) { | ||
115 | r.fileid = 1; r.offset = 0; | ||
116 | }else{ | ||
117 | r.fileid = S.column<long>(0); | ||
118 | r.offset = filesize; | ||
119 | already.set(filename,filesignature,filesize); | ||
120 | } | ||
121 | #else /* HAVE_SQLITE */ | ||
122 | r.fileid=1, r.offset=0; | ||
123 | #endif /* HAVE_SQLITE */ | ||
124 | return SOAP_OK; | ||
125 | }catch(const std::exception& e) { return E(this,"GetPhotoStatus",e); } | ||
126 | |||
127 | int eyefiService::MarkLastPhotoInRoll( | ||
128 | std::string macaddress, int mergedelta, | ||
129 | struct rns__MarkLastPhotoInRollResponse&/* r */ ) try { | ||
130 | syslog(LOG_INFO, | ||
131 | "MarkLastPhotoInRoll request from %s with mergedelta=%d", | ||
132 | macaddress.c_str(), mergedelta ); | ||
133 | std::string cmd = eyekinfig_t(macaddress).get_on_mark_last_photo_in_roll(); | ||
134 | if(!cmd.empty()) { | ||
135 | if(detached_child()) { | ||
136 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); | ||
137 | putenv( gnu::autosprintf("EYEFI_MERGEDELTA=%d",mergedelta) ); | ||
138 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; | ||
139 | execv("/bin/sh",argv); | ||
140 | syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); | ||
141 | _exit(-1); | ||
142 | } | ||
143 | } | ||
144 | keep_alive = 0; | ||
145 | return SOAP_OK; | ||
146 | }catch(const std::exception& e) { return E(this,"MarkLastPhotoInRoll",e); } | ||
147 | |||
148 | int eyefiService::UploadPhoto( | ||
149 | int fileid, std::string macaddress, | ||
150 | std::string filename, long filesize, std::string filesignature, | ||
151 | std::string encryption, int flags, | ||
152 | struct rns__UploadPhotoResponse& r ) try { | ||
153 | syslog(LOG_INFO, | ||
154 | "UploadPhoto request from %s with fileid=%d, filename=%s, filesize=%ld," | ||
155 | " filesignature=%s, encryption=%s, flags=%04X", | ||
156 | macaddress.c_str(), fileid, filename.c_str(), filesize, | ||
157 | filesignature.c_str(), encryption.c_str(), flags ); | ||
158 | std::string::size_type fnl=filename.length(); | ||
159 | if(fnl<sizeof(".tar") || strncmp(filename.c_str()+fnl-sizeof(".tar")+sizeof(""),".tar",sizeof(".tar"))) | ||
160 | throw std::runtime_error(gnu::autosprintf("honestly, I expected the tarball coming here, not '%s'",filename.c_str())); | ||
161 | std::string the_file(filename,0,fnl-sizeof(".tar")+sizeof("")); | ||
162 | std::string the_log = the_file+".log"; | ||
163 | |||
164 | eyekinfig_t eyekinfig(macaddress); | ||
165 | |||
166 | umask(eyekinfig.get_umask()); | ||
167 | |||
168 | std::string td = eyekinfig.get_targetdir(); | ||
169 | tmpdir_t indir(td+"/.incoming.XXXXXX"); | ||
170 | |||
171 | std::string tf,lf; | ||
172 | binary_t digest, idigest; | ||
173 | #ifdef HAVE_SQLITE | ||
174 | bool beenthere = false; | ||
175 | #endif | ||
176 | |||
177 | for(soap_multipart::iterator i=mime.begin(),ie=mime.end();i!=ie;++i) { | ||
178 | #ifndef NDEBUG | ||
179 | syslog(LOG_DEBUG, | ||
180 | " MIME attachment with id=%s, type=%s, size=%ld", | ||
181 | (*i).id, (*i).type, (long)(*i).size ); | ||
182 | #endif | ||
183 | |||
184 | if((*i).id && !strcmp((*i).id,"INTEGRITYDIGEST")) { | ||
185 | std::string idigestr((*i).ptr,(*i).size); | ||
186 | #ifndef NDEBUG | ||
187 | syslog(LOG_DEBUG, " INTEGRITYDIGEST=%s", idigestr.c_str()); | ||
188 | #endif | ||
189 | idigest.from_hex(idigestr); | ||
190 | } | ||
191 | if( (*i).id && !strcmp((*i).id,"FILENAME") ) { | ||
192 | assert( (*i).type && !strcmp((*i).type,"application/x-tar") ); | ||
193 | #ifdef III_SAVE_TARS | ||
194 | std::string tarfile = indir.get_file(filename); | ||
195 | { | ||
196 | std::ofstream(tarfile.c_str(),std::ios::out|std::ios::binary).write((*i).ptr,(*i).size); | ||
197 | } | ||
198 | #endif | ||
199 | |||
200 | if(!tf.empty()) throw std::runtime_error("already seen tarball"); | ||
201 | if(!digest.empty()) throw std::runtime_error("already have integrity digest"); | ||
202 | digest = integrity_digest((*i).ptr,(*i).size,eyekinfig.get_upload_key()); | ||
203 | #ifndef NDEBUG | ||
204 | syslog(LOG_DEBUG," computed integrity digest=%s", digest.hex().c_str()); | ||
205 | #endif | ||
206 | #ifdef HAVE_SQLITE | ||
207 | if(!(*i).size) { | ||
208 | if(!already.is(filename,filesignature,filesize)) | ||
209 | throw std::runtime_error("got zero-length upload for unknown file"); | ||
210 | beenthere = true; continue; | ||
211 | } | ||
212 | #endif | ||
213 | |||
214 | tarchive_t a((*i).ptr,(*i).size); | ||
215 | while(a.read_next_header()) { | ||
216 | std::string ep = a.entry_pathname(), f = indir.get_file(ep); | ||
217 | if(ep==the_file) tf = f; | ||
218 | else if(ep==the_log) lf = f; | ||
219 | else continue; | ||
220 | int fd=open(f.c_str(),O_CREAT|O_WRONLY,0666); | ||
221 | if(fd<0) | ||
222 | throw std::runtime_error(gnu::autosprintf("failed to create output file '%s'",f.c_str())); | ||
223 | if(!a.read_data_into_fd(fd)) | ||
224 | throw std::runtime_error(gnu::autosprintf("failed to untar file into '%s'",f.c_str())); | ||
225 | close(fd); | ||
226 | } | ||
227 | } | ||
228 | } | ||
229 | |||
230 | #ifdef HAVE_SQLITE | ||
231 | if(beenthere) { | ||
232 | r.success=true; | ||
233 | return SOAP_OK; | ||
234 | } | ||
235 | #endif | ||
236 | |||
237 | if(tf.empty()) throw std::runtime_error("haven't seen THE file"); | ||
238 | if(digest!=idigest) throw std::runtime_error("integrity digest verification failed"); | ||
239 | |||
240 | std::string::size_type ls = tf.rfind('/'); | ||
241 | // XXX: actually, lack of '/' signifies error here | ||
242 | std::string tbn = (ls==std::string::npos)?tf:tf.substr(ls+1); | ||
243 | ls = lf.rfind('/'); | ||
244 | std::string lbn = (ls==std::string::npos)?lf:lf.substr(ls+1); | ||
245 | std::string ttf,tlf; | ||
246 | bool success = false; | ||
247 | for(int i=0;i<32767;++i) { | ||
248 | const char *fmt = i ? "%1$s/(%3$05d)%2$s" : "%1$s/%2$s"; | ||
249 | ttf = (const char*)gnu::autosprintf(fmt,td.c_str(),tbn.c_str(),i); | ||
250 | if(!lf.empty()) tlf = (const char*)gnu::autosprintf(fmt,td.c_str(),lbn.c_str(),i); | ||
251 | if( (!link(tf.c_str(),ttf.c_str())) && (lf.empty() || !link(lf.c_str(),tlf.c_str())) ) { | ||
252 | unlink(tf.c_str()); | ||
253 | if(!lf.empty()) unlink(lf.c_str()); | ||
254 | success=true; | ||
255 | break; | ||
256 | } | ||
257 | } | ||
258 | std::string cmd = eyekinfig.get_on_upload_photo(); | ||
259 | if(success) { | ||
260 | #ifdef HAVE_SQLITE | ||
261 | { | ||
262 | iiidb_t D(eyekinfig); | ||
263 | D.prepare( | ||
264 | "INSERT INTO photo" | ||
265 | " (ctime,mac,fileid,filename,filesize,filesignature,encryption,flags)" | ||
266 | " VALUES" | ||
267 | " (:ctime,:mac,:fileid,:filename,:filesize,:filesignature,:encryption,:flags)" | ||
268 | ).bind(":ctime",time(0)) | ||
269 | .bind(":mac",macaddress) | ||
270 | .bind(":fileid",fileid).bind(":filename",filename) | ||
271 | .bind(":filesize",filesize).bind(":filesignature",filesignature) | ||
272 | .bind(":encryption",encryption).bind(":flags",flags) | ||
273 | .step(); | ||
274 | } | ||
275 | #endif /* HAVE_SQLITE */ | ||
276 | if((!cmd.empty()) && detached_child()) { | ||
277 | putenv( gnu::autosprintf("EYEFI_UPLOADED_ORIG=%s",tbn.c_str()) ); | ||
278 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); | ||
279 | putenv( gnu::autosprintf("EYEFI_UPLOADED=%s",ttf.c_str()) ); | ||
280 | if(!lf.empty()) putenv( gnu::autosprintf("EYEFI_LOG=%s",tlf.c_str()) ); | ||
281 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; | ||
282 | execv("/bin/sh",argv); | ||
283 | syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); | ||
284 | _exit(-1); | ||
285 | } | ||
286 | } | ||
287 | |||
288 | r.success = true; | ||
289 | return SOAP_OK; | ||
290 | }catch(const std::exception& e) { return E(this,"UploadPhoto",e); } | ||
diff --git a/src/eyefiworker.cc b/src/eyefiworker.cc index 450661a..ac75fc1 100644 --- a/src/eyefiworker.cc +++ b/src/eyefiworker.cc | |||
@@ -1,54 +1,339 @@ | |||
1 | #include <signal.h> | 1 | #include <signal.h> |
2 | #ifndef NDEBUG | 2 | #ifndef NDEBUG |
3 | # include <sys/resource.h> | 3 | # include <sys/resource.h> |
4 | #endif | 4 | #endif |
5 | #include <syslog.h> | 5 | #include <syslog.h> |
6 | #include <cassert> | ||
7 | #include <iostream> | ||
8 | #include <fstream> | ||
6 | #include <stdexcept> | 9 | #include <stdexcept> |
10 | #include <iterator> | ||
11 | #include <algorithm> | ||
12 | #include <sys/wait.h> | ||
13 | #include <autosprintf.h> | ||
14 | #include "eyekinfig.h" | ||
15 | #include "eyetil.h" | ||
7 | #include "eyefiworker.h" | 16 | #include "eyefiworker.h" |
8 | #ifdef HAVE_SQLITE | 17 | #ifdef HAVE_SQLITE |
9 | # include "sqlite3.h" | 18 | # include "iiidb.h" |
10 | #endif | 19 | #endif |
11 | 20 | ||
12 | eyefiworker::eyefiworker() | 21 | eyefiworker::eyefiworker() |
13 | : eyefiService(SOAP_IO_STORE|SOAP_IO_KEEPALIVE) { | 22 | : eyefiService(SOAP_IO_STORE|SOAP_IO_KEEPALIVE) { |
14 | bind_flags = SO_REUSEADDR; max_keep_alive = 0; | 23 | bind_flags = SO_REUSEADDR; max_keep_alive = 0; |
15 | socket_flags = | 24 | socket_flags = |
16 | #if defined(MSG_NOSIGNAL) | 25 | #if defined(MSG_NOSIGNAL) |
17 | MSG_NOSIGNAL | 26 | MSG_NOSIGNAL |
18 | #elif defined(SO_NOSIGPIPE) | 27 | #elif defined(SO_NOSIGPIPE) |
19 | SO_NOSIGPIPE | 28 | SO_NOSIGPIPE |
20 | #else | 29 | #else |
21 | #error Something is wrong with sigpipe prevention on the platform | 30 | #error Something is wrong with sigpipe prevention on the platform |
22 | #endif | 31 | #endif |
23 | ; | 32 | ; |
24 | } | 33 | } |
25 | 34 | ||
26 | int eyefiworker::run(int bindport) { | 35 | int eyefiworker::run(int bindport) { |
27 | #ifdef HAVE_SQLITE | 36 | #ifdef HAVE_SQLITE |
28 | sqlite3_initialize(); | 37 | sqlite3_initialize(); |
29 | #endif | 38 | #endif |
30 | if(!soap_valid_socket(bind(0,bindport,64))) | 39 | if(!soap_valid_socket(bind(0,bindport,64))) |
31 | throw std::runtime_error("failed to bind()"); | 40 | throw std::runtime_error("failed to bind()"); |
32 | signal(SIGCHLD,SIG_IGN); | 41 | signal(SIGCHLD,SIG_IGN); |
33 | while(true) { | 42 | while(true) { |
34 | if(!soap_valid_socket(accept())) | 43 | if(!soap_valid_socket(accept())) |
35 | throw std::runtime_error("failed to accept()"); | 44 | throw std::runtime_error("failed to accept()"); |
36 | pid_t p = fork(); | 45 | pid_t p = fork(); |
37 | if(p<0) throw std::runtime_error("failed to fork()"); | 46 | if(p<0) throw std::runtime_error("failed to fork()"); |
38 | if(!p) { | 47 | if(!p) { |
39 | recv_timeout = 600; send_timeout = 120; | 48 | recv_timeout = 600; send_timeout = 120; |
40 | (void)serve(); | 49 | (void)serve(); |
41 | soap_destroy(this); soap_end(this); soap_done(this); | 50 | soap_destroy(this); soap_end(this); soap_done(this); |
42 | #ifndef NDEBUG | 51 | #ifndef NDEBUG |
43 | struct rusage ru; | 52 | struct rusage ru; |
44 | if(getrusage(RUSAGE_SELF,&ru)) { | 53 | if(getrusage(RUSAGE_SELF,&ru)) { |
45 | syslog(LOG_NOTICE,"Failed to getrusage(): %d",errno); | 54 | syslog(LOG_NOTICE,"Failed to getrusage(): %d",errno); |
46 | }else{ | 55 | }else{ |
47 | syslog(LOG_INFO,"maxrss: %ld\n",ru.ru_maxrss); | 56 | syslog(LOG_INFO,"maxrss: %ld\n",ru.ru_maxrss); |
48 | } | 57 | } |
49 | #endif /* NDEBUG */ | 58 | #endif /* NDEBUG */ |
50 | _exit(0); | 59 | _exit(0); |
51 | } | 60 | } |
52 | close(socket); socket = SOAP_INVALID_SOCKET; | 61 | close(socket); socket = SOAP_INVALID_SOCKET; |
53 | } | 62 | } |
54 | } | 63 | } |
64 | |||
65 | static binary_t session_nonce; | ||
66 | #ifdef HAVE_SQLITE | ||
67 | static struct { | ||
68 | std::string filesignature; | ||
69 | long filesize; | ||
70 | std::string filename; | ||
71 | inline void reset() { filesignature.erase(); filename.erase(); filesize=0; } | ||
72 | inline void set(const std::string n,const std::string sig,long siz) { | ||
73 | filename = n; filesignature = sig; filesize = siz; | ||
74 | } | ||
75 | inline bool is(const std::string n,const std::string sig,long siz) { | ||
76 | return filesize==siz && filename==n && filesignature==sig; | ||
77 | } | ||
78 | } already; | ||
79 | #endif /* HAVE_SQLITE */ | ||
80 | |||
81 | static bool detached_child() { | ||
82 | pid_t p = fork(); | ||
83 | if(p<0) { | ||
84 | syslog(LOG_ERR,"Failed to fork away for hook execution"); | ||
85 | _exit(-1); | ||
86 | } | ||
87 | if(!p) { | ||
88 | setsid(); | ||
89 | for(int i=getdtablesize();i>=0;--i) close(i); | ||
90 | int i=open("/dev/null",O_RDWR); assert(i==0); | ||
91 | i = dup(i); assert(i==1); | ||
92 | i = dup(i); assert(i==2); | ||
93 | return true; | ||
94 | } | ||
95 | return false; | ||
96 | } | ||
97 | |||
98 | static int E(eyefiworker* efs,const char *c,const std::exception& e) { | ||
99 | efs->keep_alive=0; | ||
100 | syslog(LOG_ERR,"error while processing %s: %s",c,e.what()); | ||
101 | return soap_sender_fault(efs,gnu::autosprintf("error processing %s",c),0); | ||
102 | } | ||
103 | |||
104 | int eyefiworker::StartSession( | ||
105 | std::string macaddress,std::string cnonce, | ||
106 | int transfermode,long transfermodetimestamp, | ||
107 | struct rns__StartSessionResponse &r ) try { | ||
108 | syslog(LOG_INFO, | ||
109 | "StartSession request from %s with cnonce=%s, transfermode=%d, transfermodetimestamp=%ld", | ||
110 | macaddress.c_str(), cnonce.c_str(), transfermode, transfermodetimestamp ); | ||
111 | eyekinfig_t eyekinfig(macaddress); | ||
112 | r.credential = binary_t(macaddress+cnonce+eyekinfig.get_upload_key()).md5().hex(); | ||
113 | |||
114 | r.snonce = session_nonce.make_nonce().hex(); | ||
115 | r.transfermode=transfermode; | ||
116 | r.transfermodetimestamp=transfermodetimestamp; | ||
117 | r.upsyncallowed=false; | ||
118 | |||
119 | std::string cmd = eyekinfig.get_on_start_session(); | ||
120 | if(!cmd.empty()) { | ||
121 | if(detached_child()) { | ||
122 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); | ||
123 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODE=%d",transfermode) ); | ||
124 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODETIMESTAMP=%ld",transfermodetimestamp) ); | ||
125 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; | ||
126 | execv("/bin/sh",argv); | ||
127 | syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); | ||
128 | _exit(-1); | ||
129 | } | ||
130 | } | ||
131 | return SOAP_OK; | ||
132 | }catch(const std::exception& e) { return E(this,"StartSession",e); } | ||
133 | |||
134 | int eyefiworker::GetPhotoStatus( | ||
135 | std::string credential, std::string macaddress, | ||
136 | std::string filename, long filesize, std::string filesignature, | ||
137 | int flags, | ||
138 | struct rns__GetPhotoStatusResponse &r ) try { | ||
139 | syslog(LOG_INFO, | ||
140 | "GetPhotoStatus request from %s with credential=%s, filename=%s, filesize=%ld, filesignature=%s, flags=%d; session nonce=%s", | ||
141 | macaddress.c_str(), credential.c_str(), filename.c_str(), filesize, filesignature.c_str(), flags, | ||
142 | session_nonce.hex().c_str() ); | ||
143 | |||
144 | eyekinfig_t eyekinfig(macaddress); | ||
145 | std::string computed_credential = binary_t(macaddress+eyekinfig.get_upload_key()+session_nonce.hex()).md5().hex(); | ||
146 | |||
147 | #ifndef NDEBUG | ||
148 | syslog(LOG_DEBUG, " computed credential=%s", computed_credential.c_str()); | ||
149 | #endif | ||
150 | |||
151 | if (credential != computed_credential) throw std::runtime_error("card authentication failed"); | ||
152 | |||
153 | #ifdef HAVE_SQLITE | ||
154 | iiidb_t D(eyekinfig); | ||
155 | seclude::stmt_t S = D.prepare( | ||
156 | "SELECT fileid FROM photo" | ||
157 | " WHERE mac=:mac AND filename=:filename" | ||
158 | " AND filesize=:filesize AND filesignature=:filesignature" | ||
159 | ).bind(":mac",macaddress) | ||
160 | .bind(":filename",filename).bind(":filesize",filesize) | ||
161 | .bind(":filesignature",filesignature); | ||
162 | if(!S.step()) { | ||
163 | r.fileid = 1; r.offset = 0; | ||
164 | }else{ | ||
165 | r.fileid = S.column<long>(0); | ||
166 | r.offset = filesize; | ||
167 | already.set(filename,filesignature,filesize); | ||
168 | } | ||
169 | #else /* HAVE_SQLITE */ | ||
170 | r.fileid=1, r.offset=0; | ||
171 | #endif /* HAVE_SQLITE */ | ||
172 | return SOAP_OK; | ||
173 | }catch(const std::exception& e) { return E(this,"GetPhotoStatus",e); } | ||
174 | |||
175 | int eyefiworker::MarkLastPhotoInRoll( | ||
176 | std::string macaddress, int mergedelta, | ||
177 | struct rns__MarkLastPhotoInRollResponse&/* r */ ) try { | ||
178 | syslog(LOG_INFO, | ||
179 | "MarkLastPhotoInRoll request from %s with mergedelta=%d", | ||
180 | macaddress.c_str(), mergedelta ); | ||
181 | std::string cmd = eyekinfig_t(macaddress).get_on_mark_last_photo_in_roll(); | ||
182 | if(!cmd.empty()) { | ||
183 | if(detached_child()) { | ||
184 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); | ||
185 | putenv( gnu::autosprintf("EYEFI_MERGEDELTA=%d",mergedelta) ); | ||
186 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; | ||
187 | execv("/bin/sh",argv); | ||
188 | syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); | ||
189 | _exit(-1); | ||
190 | } | ||
191 | } | ||
192 | keep_alive = 0; | ||
193 | return SOAP_OK; | ||
194 | }catch(const std::exception& e) { return E(this,"MarkLastPhotoInRoll",e); } | ||
195 | |||
196 | int eyefiworker::UploadPhoto( | ||
197 | int fileid, std::string macaddress, | ||
198 | std::string filename, long filesize, std::string filesignature, | ||
199 | std::string encryption, int flags, | ||
200 | struct rns__UploadPhotoResponse& r ) try { | ||
201 | syslog(LOG_INFO, | ||
202 | "UploadPhoto request from %s with fileid=%d, filename=%s, filesize=%ld," | ||
203 | " filesignature=%s, encryption=%s, flags=%04X", | ||
204 | macaddress.c_str(), fileid, filename.c_str(), filesize, | ||
205 | filesignature.c_str(), encryption.c_str(), flags ); | ||
206 | std::string::size_type fnl=filename.length(); | ||
207 | if(fnl<sizeof(".tar") || strncmp(filename.c_str()+fnl-sizeof(".tar")+sizeof(""),".tar",sizeof(".tar"))) | ||
208 | throw std::runtime_error(gnu::autosprintf("honestly, I expected the tarball coming here, not '%s'",filename.c_str())); | ||
209 | std::string the_file(filename,0,fnl-sizeof(".tar")+sizeof("")); | ||
210 | std::string the_log = the_file+".log"; | ||
211 | |||
212 | eyekinfig_t eyekinfig(macaddress); | ||
213 | |||
214 | umask(eyekinfig.get_umask()); | ||
215 | |||
216 | std::string td = eyekinfig.get_targetdir(); | ||
217 | tmpdir_t indir(td+"/.incoming.XXXXXX"); | ||
218 | |||
219 | std::string tf,lf; | ||
220 | binary_t digest, idigest; | ||
221 | #ifdef HAVE_SQLITE | ||
222 | bool beenthere = false; | ||
223 | #endif | ||
224 | |||
225 | for(soap_multipart::iterator i=mime.begin(),ie=mime.end();i!=ie;++i) { | ||
226 | #ifndef NDEBUG | ||
227 | syslog(LOG_DEBUG, | ||
228 | " MIME attachment with id=%s, type=%s, size=%ld", | ||
229 | (*i).id, (*i).type, (long)(*i).size ); | ||
230 | #endif | ||
231 | |||
232 | if((*i).id && !strcmp((*i).id,"INTEGRITYDIGEST")) { | ||
233 | std::string idigestr((*i).ptr,(*i).size); | ||
234 | #ifndef NDEBUG | ||
235 | syslog(LOG_DEBUG, " INTEGRITYDIGEST=%s", idigestr.c_str()); | ||
236 | #endif | ||
237 | idigest.from_hex(idigestr); | ||
238 | } | ||
239 | if( (*i).id && !strcmp((*i).id,"FILENAME") ) { | ||
240 | assert( (*i).type && !strcmp((*i).type,"application/x-tar") ); | ||
241 | #ifdef III_SAVE_TARS | ||
242 | std::string tarfile = indir.get_file(filename); | ||
243 | { | ||
244 | std::ofstream(tarfile.c_str(),std::ios::out|std::ios::binary).write((*i).ptr,(*i).size); | ||
245 | } | ||
246 | #endif | ||
247 | |||
248 | if(!tf.empty()) throw std::runtime_error("already seen tarball"); | ||
249 | if(!digest.empty()) throw std::runtime_error("already have integrity digest"); | ||
250 | digest = integrity_digest((*i).ptr,(*i).size,eyekinfig.get_upload_key()); | ||
251 | #ifndef NDEBUG | ||
252 | syslog(LOG_DEBUG," computed integrity digest=%s", digest.hex().c_str()); | ||
253 | #endif | ||
254 | #ifdef HAVE_SQLITE | ||
255 | if(!(*i).size) { | ||
256 | if(!already.is(filename,filesignature,filesize)) | ||
257 | throw std::runtime_error("got zero-length upload for unknown file"); | ||
258 | beenthere = true; continue; | ||
259 | } | ||
260 | #endif | ||
261 | |||
262 | tarchive_t a((*i).ptr,(*i).size); | ||
263 | while(a.read_next_header()) { | ||
264 | std::string ep = a.entry_pathname(), f = indir.get_file(ep); | ||
265 | if(ep==the_file) tf = f; | ||
266 | else if(ep==the_log) lf = f; | ||
267 | else continue; | ||
268 | int fd=open(f.c_str(),O_CREAT|O_WRONLY,0666); | ||
269 | if(fd<0) | ||
270 | throw std::runtime_error(gnu::autosprintf("failed to create output file '%s'",f.c_str())); | ||
271 | if(!a.read_data_into_fd(fd)) | ||
272 | throw std::runtime_error(gnu::autosprintf("failed to untar file into '%s'",f.c_str())); | ||
273 | close(fd); | ||
274 | } | ||
275 | } | ||
276 | } | ||
277 | |||
278 | #ifdef HAVE_SQLITE | ||
279 | if(beenthere) { | ||
280 | r.success=true; | ||
281 | return SOAP_OK; | ||
282 | } | ||
283 | #endif | ||
284 | |||
285 | if(tf.empty()) throw std::runtime_error("haven't seen THE file"); | ||
286 | if(digest!=idigest) throw std::runtime_error("integrity digest verification failed"); | ||
287 | |||
288 | std::string::size_type ls = tf.rfind('/'); | ||
289 | // XXX: actually, lack of '/' signifies error here | ||
290 | std::string tbn = (ls==std::string::npos)?tf:tf.substr(ls+1); | ||
291 | ls = lf.rfind('/'); | ||
292 | std::string lbn = (ls==std::string::npos)?lf:lf.substr(ls+1); | ||
293 | std::string ttf,tlf; | ||
294 | bool success = false; | ||
295 | for(int i=0;i<32767;++i) { | ||
296 | const char *fmt = i ? "%1$s/(%3$05d)%2$s" : "%1$s/%2$s"; | ||
297 | ttf = (const char*)gnu::autosprintf(fmt,td.c_str(),tbn.c_str(),i); | ||
298 | if(!lf.empty()) tlf = (const char*)gnu::autosprintf(fmt,td.c_str(),lbn.c_str(),i); | ||
299 | if( (!link(tf.c_str(),ttf.c_str())) && (lf.empty() || !link(lf.c_str(),tlf.c_str())) ) { | ||
300 | unlink(tf.c_str()); | ||
301 | if(!lf.empty()) unlink(lf.c_str()); | ||
302 | success=true; | ||
303 | break; | ||
304 | } | ||
305 | } | ||
306 | std::string cmd = eyekinfig.get_on_upload_photo(); | ||
307 | if(success) { | ||
308 | #ifdef HAVE_SQLITE | ||
309 | { | ||
310 | iiidb_t D(eyekinfig); | ||
311 | D.prepare( | ||
312 | "INSERT INTO photo" | ||
313 | " (ctime,mac,fileid,filename,filesize,filesignature,encryption,flags)" | ||
314 | " VALUES" | ||
315 | " (:ctime,:mac,:fileid,:filename,:filesize,:filesignature,:encryption,:flags)" | ||
316 | ).bind(":ctime",time(0)) | ||
317 | .bind(":mac",macaddress) | ||
318 | .bind(":fileid",fileid).bind(":filename",filename) | ||
319 | .bind(":filesize",filesize).bind(":filesignature",filesignature) | ||
320 | .bind(":encryption",encryption).bind(":flags",flags) | ||
321 | .step(); | ||
322 | } | ||
323 | #endif /* HAVE_SQLITE */ | ||
324 | if((!cmd.empty()) && detached_child()) { | ||
325 | putenv( gnu::autosprintf("EYEFI_UPLOADED_ORIG=%s",tbn.c_str()) ); | ||
326 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); | ||
327 | putenv( gnu::autosprintf("EYEFI_UPLOADED=%s",ttf.c_str()) ); | ||
328 | if(!lf.empty()) putenv( gnu::autosprintf("EYEFI_LOG=%s",tlf.c_str()) ); | ||
329 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; | ||
330 | execv("/bin/sh",argv); | ||
331 | syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); | ||
332 | _exit(-1); | ||
333 | } | ||
334 | } | ||
335 | |||
336 | r.success = true; | ||
337 | return SOAP_OK; | ||
338 | }catch(const std::exception& e) { return E(this,"UploadPhoto",e); } | ||
339 | |||
diff --git a/src/eyefiworker.h b/src/eyefiworker.h index afb97c7..6d4082c 100644 --- a/src/eyefiworker.h +++ b/src/eyefiworker.h | |||
@@ -1,15 +1,29 @@ | |||
1 | #ifndef __EYEFIWORKER_H | 1 | #ifndef __EYEFIWORKER_H |
2 | #define __EYEFIWORKER_H | 2 | #define __EYEFIWORKER_H |
3 | 3 | ||
4 | #include "soapeyefiService.h" | 4 | #include "soapeyefiService.h" |
5 | 5 | ||
6 | class eyefiworker : public eyefiService { | 6 | class eyefiworker : public eyefiService { |
7 | public: | 7 | public: |
8 | 8 | ||
9 | eyefiworker(); | 9 | eyefiworker(); |
10 | 10 | ||
11 | int run(int port) __attribute__ ((noreturn)); | 11 | int run(int port) __attribute__ ((noreturn)); |
12 | 12 | ||
13 | int StartSession(std::string macaddress, std::string cnonce, | ||
14 | int transfermode, long transfermodetimestamp, | ||
15 | struct rns__StartSessionResponse &r); | ||
16 | int GetPhotoStatus(std::string credential, std::string macaddress, | ||
17 | std::string filename, long filesize, std::string filesignature, int flags, | ||
18 | struct rns__GetPhotoStatusResponse &r); | ||
19 | int MarkLastPhotoInRoll(std::string macaddress, int mergedelta, | ||
20 | struct rns__MarkLastPhotoInRollResponse &r); | ||
21 | int UploadPhoto(int fileid, std::string macaddress, | ||
22 | std::string filename, long filesize, std::string filesignature, | ||
23 | std::string encryption, int flags, | ||
24 | struct rns__UploadPhotoResponse &r); | ||
25 | |||
26 | eyefiService *copy() { throw std::logic_error("Not meant to be called"); } | ||
13 | }; | 27 | }; |
14 | 28 | ||
15 | #endif /* __EYEFIWORKER_H */ | 29 | #endif /* __EYEFIWORKER_H */ |