protocol.c revision 499b34cea04a46823d003d4c0520c8b03e8513cb
/*
* Copyright (C) 1996-2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
* DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
* INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
* FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
* NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: protocol.c,v 1.33 2001/01/09 22:00:07 bwelling Exp $ */
/*
* Functions supporting the object management protocol.
*/
#include <config.h>
#include <stddef.h> /* NULL */
#include <stdlib.h> /* random */
/*
* OMAPI protocol header, version 1.00
*/
typedef struct omapi_protocolheader {
unsigned int authlen; /* Length of authenticator. */
unsigned int authid; /* Authenticator object ID. */
unsigned int op; /* Operation code. */
unsigned int id; /* Transaction ID. */
unsigned int rid; /* ID of transaction responding to. */
{
omapi_type_protocol, sizeof(*obj));
if (result != ISC_R_SUCCESS)
return (result);
/*
* Drop this function's direct reference to the protocol object
* so that connect_toserver or send_intro can free the connection
* and protocol objects in the event of an error.
*/
OBJECT_DEREF(&obj);
/*
* Send the introductory message. This will also wait (via
* connection_send) for the server's introductory message before
* proceeding. While the original design for OMAPI declared that this
* was to be entirely asynchronous, it just won't work for the client
* side program to go storming ahead, making calls that try to use the
* connection object, when it is possible that the thread that reads
* the socket will wake up with the server's intro message, find some
* sort of problem, and then blow away the connection object while the
* client program is asynchronously trying to use it. (This could be
* done, of course, with a lot more thread locking than currently
* happens.)
*
* If send_intro fails, the connection is already destroyed.
*/
if (result == ISC_R_SUCCESS)
return (result);
}
void
return; /* Already disconnected. */
}
/*
* Send the protocol introduction message.
*/
omapi_protocol_t *p;
p = (omapi_protocol_t *)h;
if (result == ISC_R_SUCCESS)
result =
sizeof(omapi_protocolheader_t));
/*
* Require the other end to send an intro - this kicks off the
* protocol input state machine. This does not use connection_require
* to set the number of bytes required because then a socket recv would
* be queued. To simplify the MT issues, the library only expects to
* have one task outstanding at a time, so the number of bytes
* that will be expected is set here, but the actual recv for
* them is not queued until after the send event posts.
*/
if (result == ISC_R_SUCCESS) {
/*
* Make up an initial transaction ID for this connection.
* XXXDCL better generator than random()?
*/
/*
* The client waited for the result; the server did not.
* The server's result will always be ISC_R_SUCCESS.
*
* If the client's result is not ISC_R_SUCCESS, the connection
* was already closed by the socket event handler that got
* the error.
*/
} else
/*
* One of the calls to omapi_connection_put* failed. As of the
* time of writing this comment, that would pretty much only
* happen if the required output buffer space could be
* dynamically allocated.
*
* The server is in listener_accept, so the connection can just
* be freed right here; listener_accept will not try to
* use it when this function exits.
*
* The client is in omapi_protocol_connect, its driving thread.
* It too has no events pending, so the connection will
* be freed.
*/
return (result);
}
/*
* Set up a listener for the omapi protocol.
*/
void *connect_arg)),
(const char *name,
unsigned int algorithm,
void *key_arg)),
{
}
{
if (result != ISC_R_SUCCESS)
return (result);
if (result == ISC_R_SUCCESS)
if (result == ISC_R_SUCCESS)
(int)waitstatus);
/*
* If a message has been provided, send it.
*/
if (result == ISC_R_SUCCESS)
return (result);
}
if (result != ISC_R_SUCCESS)
return (result);
if (result == ISC_R_SUCCESS)
if (result == ISC_R_SUCCESS)
(int)handle);
}
if (result == ISC_R_SUCCESS)
if (result == ISC_R_SUCCESS)
return (result);
}
static isc_result_t
{
/*
* XXXDCL figure out how come when this function throws
* an error, it does not seem to be seen by the driving program.
* (this comment may no longer be true, but bears testing anyway)
*/
/*
* We get here because we requested that we be woken up after
* some number of bytes were read, and that number of bytes
* has in fact been read.
*/
/*
* Get protocol version and header size in network byte order.
*/
/*
* Currently only the current protocol version is supported.
*/
return (OMAPI_R_VERSIONMISMATCH);
return (OMAPI_R_PROTOCOLERROR);
/*
* The next thing that shows up on incoming connections
* should be a message header.
*/
/*
* The client needs to have bytes_needed primed for the
* size of a message header, so that when send_done runs,
* it can kick off an isc_socket_recv (via connection_require)
* to get the server's response. It does this in
* omapi_message_send, so nothing need be done here now.
*
* The server needs to actually kick off its recv now to
* be ready for the first message from the client. The
* server's startup path looks like this:
* 1 server sends intro, bytes_needed is set to intro size (8).
* 2 send_done posts, recv of 8 for intro is queued.
* 3 recv_done posts, calls the protocol_signalhandler and
* ends up here.
*/
if (connection->is_client) {
break;
}
/*
* Register a need for the number of bytes in a header, and if
* that many are here already, process them immediately.
*/
if (result != ISC_R_SUCCESS)
break;
/* FALLTHROUGH */
if (result != ISC_R_SUCCESS)
break;
}
/*
* Fetch the header values.
*/
/* XXXDCL authid is unused */
/* XXXTL bind the authenticator here! */
/*
* If there was any extra header data, skip over it,
* because it has no use in this version of the protocol.
*/
(protocol->header_size -
sizeof(omapi_protocolheader_t)));
/*
* XXXTL must compute partial signature across the preceding
* bytes. Also, if authenticator specifies encryption as well
* as signing, we may have to decrypt the data on the way in.
*/
/*
* After reading the header, first read in message-specific
* values, then object values.
*/
/*
* Need to get the 16-bit length of the value's name.
*/
if (result != ISC_R_SUCCESS)
break;
/* FALLTHROUGH */
/*
* A zero-length name signals the end of name+value pairs.
*/
if (nlen == 0) {
/*
* If the message values were being read, now
* the object values need to be read. Otherwise
* move on to reading the authenticator.
*/
if (protocol->reading_message_values) {
/*
* The goto could be removed by setting the
* state and doing omapi_connection_require()
* here, then returning the result to
* protocol_signalhandler which would call
* this function immediately if the result
* was ISC_R_SUCCESS, but that seems even
* more obtuse than using goto.
*/
goto need_name_length;
}
/*
* If the authenticator length is zero, there's no
* signature to read in, so go straight to processing
* the message.
*/
goto message_done;
/*
* The next thing that is expected is the message
* signature.
*/
/* Wait for the number of bytes specified for the
* authenticator. If they are all here, go read it in.
* As noted above, the goto could be removed by
* returning the result to the caller no matter
* what its value, because the protocol_signalhandler
* would just call this function right back, but
* something seems more obtuse about that than goto.
*/
if (result == ISC_R_SUCCESS)
goto signature_wait;
else
break;
}
/*
* Non-zero name length. Allocate a buffer for the name
* then wait for all its bytes to be available.
*/
if (result != ISC_R_SUCCESS)
break;
if (result != ISC_R_SUCCESS)
break;
/* FALLTHROUGH */
case omapi_protocol_name_wait:
/*
* Wait for the 32-bit length of the value.
*/
if (result != ISC_R_SUCCESS)
break;
/* FALLTHROUGH */
/*
* Zero-length values are allowed; they are for deleted
* values. If the value length is zero, skip the read but
* still store the name with its zero length value.
*/
if (vlen == 0)
goto insert_new_value;
if (result != ISC_R_SUCCESS)
break;
/*
* Check to see if all the bytes of the value are here.
*/
if (result != ISC_R_SUCCESS)
break;
/* FALLTHROUGH */
/*
* Silence the gcc message "warning: `result' might be used
* uninitialized in this function"
*/
else {
/*
* Create a generic object to receive the
* values of the object in the incoming
* message.
*/
NULL, 0);
if (result != ISC_R_SUCCESS)
break;
}
}
if (result != ISC_R_SUCCESS)
break;
goto need_name_length;
if (result != ISC_R_SUCCESS)
return (result);
/*
* Turn off the dst_verify updating while the signature
* bytes are copied; they are not part of what was signed.
*/
/* XXXTL now do something to verify the signature. */
/* FALLTHROUGH */
/*
* Hail, hail, the gang's all here! The whole message
* has been read in, so process it. Even if an error
* is returned, a bit of cleanup has to be done, but
* it can't muck with the result assigned here.
*/
(omapi_object_t *)protocol);
/* XXXTL unbind the authenticator. */
/*
* Free the message object.
*/
/*
* The next thing the protocol reads will be a new message.
*/
/*
* Now, if message_process had indicated an error, let it be
* returned from here.
*/
if (result != ISC_R_SUCCESS)
break;
/*
* The next recv will be queued from send_done. On the
* server, this will be after it has sent its reply to the
* just-processed message by using omapi_message_send.
* On the client it will happen after it sends its
* next message with omapi_message_send.
*
* The OMAPI_R_NOTYET return value tells protocol_signalhandler
* that to return ISC_R_SUCCESS back to recv_done.
*/
break;
default:
"omapi_protocol_signal_handler: %d",
break;
}
return (result);
}
static isc_result_t
omapi_protocol_t *p;
p = (omapi_protocol_t *)h;
c = (omapi_connection_t *)p->outer;
/*
* Not a signal we recognize?
*/
do {
result = dispatch_messages(p, c);
} while (result == ISC_R_SUCCESS);
/*
* Getting "not yet" means more data is needed before another message
* can be processed.
*/
if (result == OMAPI_R_NOTYET)
return (result);
}
static isc_result_t
{
omapi_protocol_t *p;
p = (omapi_protocol_t *)h;
return (ISC_R_NOMEMORY);
if (p->algorithm == 0)
/*
* XXXDCL better error?
*/
return (DST_R_UNSUPPORTEDALG);
} else
/*
* XXXDCL if either auth-name or auth-algorithm is not in the incoming
* message, then the client will not get a meaningful error message
* in reply. this is bad.
*
* ... it is a general problem in the current omapi design ...
*/
unsigned int sigsize;
/*
* Verifying the key through a callback is (currently) only
* done by the server.
* XXXDCL the client should have some way of checking whether
* what is being set is what it asked for.
*/
if (p->verify_key != NULL &&
p->verify_key_arg))
return (ISC_R_NOPERM);
dst_key_free(&p->key);
if (result == ISC_R_SUCCESS)
if (result == ISC_R_SUCCESS)
&p->signature_out,
sigsize);
if (result != ISC_R_SUCCESS) {
dst_key_free(&p->key);
p->algorithm = 0;
}
}
return (result);
}
static isc_result_t
{
}
static void
omapi_protocol_t *p;
p = (omapi_protocol_t *)h;
OBJECT_DEREF(&p->message);
OBJECT_DEREF(&p->authinfo);
}
if (p->signature_out != NULL) {
isc_buffer_free(&p->signature_out);
p->signature_out = NULL;
}
dst_key_free(&p->key);
}
}
static isc_result_t
return (omapi_object_passstuffvalues(connection, h));
}
protocol_init(void) {
}