pkgweb.c revision 4656d4747c8743290bfbe910c64cd75eb4e4af8d
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
/* All Rights Reserved */
#include <stdio.h>
#include <limits.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <pkglocs.h>
#include <locale.h>
#include <libintl.h>
#include <libgen.h>
#include <signal.h>
#include <fcntl.h>
#include <dirent.h>
#include <boot_http.h>
#include <errno.h>
#include <ctype.h>
#include "pkglib.h"
#include "pkglibmsgs.h"
#include "pkglocale.h"
#include "keystore.h"
#include "pkgweb.h"
#include "pkgerr.h"
#include "p12lib.h"
/* fixed format when making an OCSP request */
#define OCSP_REQUEST_FORMAT \
"POST %s HTTP/1.0\r\n" \
"Content-Type: application/ocsp-request\r\n" \
"Content-Length: %d\r\n\r\n"
/*
* no security is afforded by using this phrase to "encrypt" CA certificates,
* but it might aid in debugging and has to be non-null
*/
#define WEB_CA_PHRASE "schizophrenic"
/* This one needs the ': ' at the end */
#define CONTENT_TYPE_HDR "Content-Type"
#define CONTENT_DISPOSITION_HDR "Content-Disposition"
#define CONTENT_OCSP_RESP "application/ocsp-response"
#define CONTENT_LENGTH_HDR "Content-Length"
#define LAST_MODIFIED_HDR "Last-Modified"
#define OCSP_BUFSIZ 1024
/*
* default amount of time that is allowed for error when checking
* OCSP response validity.
* For example, if this is set to 5 minutes, then if a response
* is issued that is valid from 12:00 to 1:00, then we will
* accept it if the local time is between 11:55 and 1:05.
* This takes care of not-quite-synchronized server and client clocks.
*/
/* this value is defined by getpassphrase(3c) manpage */
#define MAX_PHRASELEN 257
/* Max length of "enter password again" prompt message */
#define MAX_VERIFY_MSGLEN 1024
/* local prototypes */
static boolean_t remove_dwnld_file(char *);
static boolean_t web_disconnect(void);
static char *get_unique_filename(char *, char *);
static char *condense_lastmodified(char *);
static int web_verify(int, X509_STORE_CTX *);
static char *get_time_string(ASN1_GENERALIZEDTIME *);
static boolean_t _get_random_info(void *, int);
static boolean_t init_session(void);
static void progress_setup(int, ulong_t);
static void progress_report(int, ulong_t);
static void progress_finish(int);
static char *replace_token(char *, char, char);
static void dequote(char *);
static void trim(char *);
/*
* structure used to hold data passed back to the
* X509 verify callback routine in validate_signature()
*/
typedef struct {
/* Progress bar variables */
/* current network backoff wait period */
static int cur_backoff = 0;
/* download session context handle */
static WEB_SESSION *ps;
static int webpkg_install = 0;
/* ~~~~~~~~~~~~~~ Public Functions ~~~~~~~~~~~~~~~~~~~ */
/*
* Name: set_prompt
* Description: Specifies the prompt to use with the pkglib
* passphrase callback routine.
*
* Arguments: newprompt - The prompt to display
*
* Returns : NONE
*/
void
set_passphrase_prompt(char *newprompt)
{
}
/*
* Name: set_passarg
* Description: Specifies the passphrase retrieval method
* to use with the pkglib
* passphrase callback routine.
*
* Arguments: newpassarg - The new password retrieval arg
*
* Returns : NONE
*/
void
set_passphrase_passarg(char *newpassarg)
{
}
/*
* Name: get_proxy_port
* Description: Resolves proxy specification
*
* Arguments: err - where to record any errors.
* proxy - Location to store result - if *proxy is not
* null, then it will be validated, but not changed
*
* Returns : B_TRUE - success, B_FALSE otherwise
* on success, *proxy and *port are set to either
* the user-supplied proxy and port, or the
* ones found in the environment variables
*/
{
if (!path_valid(*proxy)) {
/* bad proxy supplied */
return (B_FALSE);
}
/* env set, but bad */
return (B_FALSE);
}
} else {
/* environment variable set, but bad */
return (B_FALSE);
}
/* env variable set, but bad */
return (B_FALSE);
}
/* env variable set, but bad */
return (B_FALSE);
}
}
return (B_TRUE);
}
/*
* Name: path_valid
* Description: Checks a string for being a valid path
*
* Arguments: path - path to validate
*
* Returns : B_TRUE - success, B_FALSE otherwise.
* B_FALSE means path was null, too long (>PATH_MAX),
* or too short (<1)
*/
path_valid(char *path)
{
return (B_FALSE);
return (B_FALSE);
return (B_TRUE);
} else {
/* path < 1 */
return (B_FALSE);
}
}
/*
* Name: web_cleanup
* Description: Deletes temp files, closes, frees memory taken
* by 'ps' static structure
*
* Arguments: none
*
* Returns : none
*/
void
web_cleanup(void)
{
return;
err = pkgerr_new();
}
}
}
}
}
}
}
if (ps) {
}
}
/*
* Name: web_session_control
* Description: Downloads an arbitrary URL and saves to disk.
*
* Arguments: err - where to record any errors.
* url - URL pointing to content to download - can be
* http:// or https://
* dwnld_dir - Directory to download into
* keystore - keystore to use for accessing trusted
* certs when downloading using SSL
* proxy - HTTP proxy to use, or NULL for no proxy
* proxy_port - HTTP proxy port to use, ignored
* if proxy is NULL
* passarg - method to retrieve password
* retries - # of times to retry download before
* giving up
* timeout - how long to wait before retrying,
* when download is interrupted
* nointeract - if non-zero, do not output
* download progress to screen
*
* Returns : B_TRUE - success, B_FALSE otherwise
*/
{
int i;
if (!init_session()) {
goto cleanup;
}
goto cleanup;
}
else {
goto cleanup;
}
goto cleanup;
}
goto cleanup;
}
switch (web_connect(err)) {
/* time out and wait a little bit for these failures */
case WEB_OK:
/* were able to connect */
break;
case WEB_TIMEOUT:
(void) web_disconnect();
backoff();
continue;
case WEB_CONNREFUSED:
(void) web_disconnect();
backoff();
continue;
case WEB_HOSTDOWN:
(void) web_disconnect();
backoff();
continue;
default:
/* every other failure is a hard failure, so bail */
goto cleanup;
}
case WEB_OK:
/* were able to connect */
break;
case WEB_TIMEOUT:
(void) web_disconnect();
backoff();
continue;
case WEB_CONNREFUSED:
(void) web_disconnect();
backoff();
continue;
case WEB_HOSTDOWN:
(void) web_disconnect();
backoff();
continue;
default:
/* every other case is failure, so bail */
goto cleanup;
}
if (!web_eval_headers(err)) {
goto cleanup;
}
case WEB_OK:
/* were able to retrieve file */
break;
case WEB_TIMEOUT:
(void) web_disconnect();
backoff();
continue;
case WEB_CONNREFUSED:
(void) web_disconnect();
backoff();
continue;
case WEB_HOSTDOWN:
(void) web_disconnect();
backoff();
continue;
default:
/* every other failure is a hard failure, so bail */
goto cleanup;
}
}
if (!retrieved) {
/* max retries attempted */
}
(void) web_disconnect();
if (!ret) {
}
return (ret);
}
/*
* Name: get_signature
* Description: retrieves signature from signed package.
*
* Arguments: err - where to record any errors.
* ids_name - name of package stream, for error reporting
* devp - Device on which package resides that we
* result - where to store resulting PKCS7 signature
*
* Returns : B_TRUE - package is signed and signature returned OR
* package is not signed, in which case result is NULL
*
* B_FALSE - there were problems accessing signature,
* and it is unknown whether it is signed or not. Errors
* recorded in 'err'.
*/
{
/*
* look for signature. If one was in the stream,
* it is now extracted
*/
goto cleanup;
}
/*
* only if the signature is non-existant
* do we "pass"
*/
goto cleanup;
}
} else {
/* found sig file. parse it. */
goto cleanup;
}
(gettext(ERR_NOT_REG)));
goto cleanup;
}
goto cleanup;
}
/*
* read in signature. If it's invalid, we
* punt, unless we're ignoring it
*/
goto cleanup;
}
ids_name);
goto cleanup;
}
}
if (sig_in)
if (fp)
if (fd != -1)
if (p7)
(void) PKCS7_free(p7);
return (ret);
}
/*
* Name: echo_out
* Description: Conditionally output a message to stdout
*
* Arguments: nointeract - if non-zero, do not output anything
* fmt - print format
* ... - print arguments
*
* Returns : none
*/
/*PRINTFLIKE2*/
void
{
if (nointeract)
return;
}
/*
* Name: strip_port
* Description: Returns "port" portion of a "hostname:port" string
*
* Arguments: proxy - full "hostname:port" string pointer
*
* Returns : the "port" portion of a "hostname:port" string,
* converted to a decimal integer, or (int)0
* if string contains no :port suffix.
*/
strip_port(char *proxy)
{
char *tmp_port;
else
return (0);
}
/*
* Name: set_web_install
* Description: Sets flag indicating we are doing a web-based install
*
* Arguments: none
*
* Returns : none
*/
void
set_web_install(void)
{
}
/*
* Name: is_web_install
* Description: Determines whether we are doing a web-based install
*
* Arguments: none
*
* Returns : non-zero if we are doing a web-based install, 0 otherwise
*/
int
is_web_install(void)
{
return (webpkg_install);
}
/* ~~~~~~~~~~~~~~ Private Functions ~~~~~~~~~~~~~~~~~~~ */
/*
* Name: web_disconnect
* Description: Disconnects connection to web server
*
* Arguments: none
*
* Returns : B_TRUE - successful disconnect, B_FALSE otherwise
* Temp certificiate files are deleted,
* if one was used to initiate the connection
* (such as when using SSL)
*/
static boolean_t
web_disconnect(void)
{
}
return (B_TRUE);
return (B_FALSE);
}
/*
* Name: check_dwnld_dir
* Description: Creates temp download directory
*
* Arguments: err - where to record any errors.
* dwnld_dir - name of directory to create
*
* Returns : B_TRUE - success, B_FALSE otherwise
* on success, directory is created with
* safe permissions
*/
static boolean_t
{
/*
* Check the directory passed in. If it doesn't exist, create it
* with strict permissions
*/
return (B_FALSE);
}
}
if (dirp) {
}
return (B_TRUE);
}
/*
* Name: ds_validate_signature
* Description: Validates signature found in a package datastream
*
* Arguments: err - where to record any errors.
* pkgdev - Package context handle of package to verify
* pkgs - Null-terminated List of package name to verify
* ids_name - Pathname to stream to validate
* p7 - PKCS7 signature decoded from stream header
* cas - List of trusted CA certificates
* proxy - Proxy to use when doing online validation (OCSP)
* nointeract - if non-zero, do not output to screen
*
* Returns : B_TRUE - success, B_FALSE otherwise
* success means signature was completely validated,
* and contents of stream checked against signature.
*/
{
/* make sure it's a Signed PKCS7 message */
if (!PKCS7_type_is_signed(p7)) {
ids_name);
goto cleanup;
}
/* initialize PKCS7 object to be filled in */
if (!PKCS7_get_detached(p7)) {
ids_name);
goto cleanup;
}
/* dump header and packages into BIO to calculate the message digest */
ids_name);
goto cleanup;
}
goto cleanup;
}
/* validate the stream and its signature */
proxy, nointeract)) {
goto cleanup;
}
/* reset device stream (really bad performance for tapes) */
(void) ds_close(1);
return (ret);
}
/*
* Name: validate_signature
* Description: Validates signature of an arbitrary stream of bits
*
* Arguments: err - where to record any errors.
* name - Descriptive name of object being validated,
* for good error reporting messages
* indata - BIO object to read stream bits from
* p7 - PKCS7 signature of stream
* cas - List of trusted CA certificates
* proxy - Proxy to use when doing online validation (OCSP)
* nointeract - if non-zero, do not output to screen
*
* Returns : B_TRUE - success, B_FALSE otherwise
* success means signature was completely validated,
* and contents of stream checked against signature.
*/
{
int i, k;
unsigned long errcode;
const char *err_reason = NULL;
char *err_string;
int err_flags;
char *signer_sname;
char *signer_iname;
/* only support signed PKCS7 signatures */
if (!PKCS7_type_is_signed(p7)) {
goto cleanup;
}
/* initialize temporary internal trust store used for verification */
for (i = 0; i < sk_X509_num(cas); i++) {
sk_X509_value(cas, i)) == 0) {
goto cleanup;
}
}
/* get signers from the signature */
goto cleanup;
}
/* verify each signer found in the PKCS7 signature */
for (k = 0; k < sk_PKCS7_SIGNER_INFO_num(sec_sinfos); k++) {
/* find the issuer of the current cert */
/* were we not able to find the issuer cert */
goto cleanup;
}
/* Lets verify */
goto cleanup;
}
issuer, chaincerts);
(void) X509_STORE_CTX_set_purpose(ctx,
/* callback will perform OCSP on certificates with OCSP data */
/* pass needed data into callback through the app_data handle */
/* first verify the certificate chain */
i = X509_verify_cert(ctx);
/* if the verify context holds an error, print it */
} else {
/* some other error. print them all. */
if (err_reason == NULL) {
}
if (!(err_flags & ERR_TXT_STRING)) {
err_data =
}
}
}
goto cleanup;
}
/* now verify the signature */
if (i <= 0) {
/* print out any OpenSSL-specific errors */
if (err_reason == NULL) {
}
if (!(err_flags & ERR_TXT_STRING)) {
err_data =
}
}
goto cleanup;
}
}
/* signature(s) verified successfully */
if (ctx)
return (ret);
}
/*
* Name: web_verify
* Description: Callback used by PKCS7_dataVerify when
* verifying a certificate chain.
*
* Arguments: err - where to record any errors.
* ctx - The context handle of the current verification operation
*
* Returns : B_TRUE - success, B_FALSE otherwise
* if it's '0' (not OK) we simply return it, since the
* verification operation has already determined that the
* cert is invalid. if 'ok' is non-zero, then we do our
* checks, and return 0 or 1 based on if the cert is
* invalid or valid.
*/
static int
{
char *uri;
if (!ok) {
/* don't override a verify failure */
return (ok);
}
/* get app data supplied through callback context */
/* Check revocation status */
/* this shouldn't happen */
return (0);
}
/* don't perform OCSP unless cert has required OCSP extensions */
/* no issuer! */
return (0);
}
/*
* ok we have the current cert
* and its issuer. Do the OCSP check
*/
/*
* OCSP extensions are, by, RFC 2459, never critical
* extensions, therefore, we only fail if we were able
* to explicitly contact an OCSP responder, and that
* responder did not indicate the cert was valid. We
* also fail if user-supplied data could not be parsed
* or we run out of memory. We succeeed for "soft"
* failures, such as not being able to connect to the
* OCSP responder, or trying to use if the OCSP URI
* indicates SSL must be used (which we do not
* support)
*/
case OCSPMem: /* Ran out of memory */
case OCSPInternal: /* Some internal error */
case OCSPVerify: /* OCSP responder indicated fail */
return (0);
}
/* all other cases are success, or soft failures */
}
return (ok);
}
/*
* Name: get_time_string
* Description: Generates a human-readable string from an ASN1_GENERALIZED_TIME
*
* Arguments: intime - The time to convert
*
* Returns : A pointer to a static string representing the passed-in time.
*/
static char
{
char *p;
return (NULL);
}
return (NULL);
}
return (NULL);
}
return (NULL);
}
/* trim the end of the string */
*p = '\0';
}
return (time);
}
/*
* Name: get_ocsp_uri
* Description: Examines an X509 certificate and retrieves the embedded
* OCSP Responder URI if one exists.
*
* Arguments: cert - The cert to inspect
* uri - pointer where the newly-allocated URI is placed, if found
*
* Returns : Success if the URI was found. Appropriate status otherwise.
*/
static boolean_t
{
int i;
if (getenv("PKGWEB_TEST_OCSP")) {
return (B_TRUE);
}
/* get the X509v3 extension holding the OCSP URI */
for (i = 0; i < sk_ACCESS_DESCRIPTION_num(aia); i++) {
*uri =
return (B_TRUE);
}
}
}
}
/* no URI was found */
return (B_FALSE);
}
/*
* Name: ocsp_verify
* Description: Attempts to contact an OCSP Responder and ascertain the validity
* of an X509 certificate.
*
* Arguments: err - Error object to add error messages to
* cert - The cert to validate
* issuer - The certificate of the issuer of 'cert'
* uri - The OCSP Responder URI
* cas - The trusted CA certificates used to verify the
* signed OCSP response
* Returns : Success - The OCSP Responder reported a 'good'
* status for the cert otherwise, appropriate
* error is returned.
*/
static OCSPStatus
{
char ocspbuf[OCSP_BUFSIZ];
char *subjname;
char currtimestr[ATTR_MAX];
unsigned long errcode;
const char *err_reason;
/* parse the URI into its constituent parts */
return (OCSPParse);
}
/* we don't currently support SSL-based OCSP Responders */
if (use_ssl) {
return (OCSPUnsupported);
}
/* default port if none specified */
port = (int)URL_DFLT_SRVR_PORT;
} else {
if (*r != '\0') {
return (OCSPParse);
}
}
/* allocate new request structure */
return (OCSPMem);
}
/* convert cert and issuer fields into OCSP request data */
return (OCSPInternal);
}
/* fill out request structure with request data */
return (OCSPInternal);
}
/* add nonce */
/* connect to host, or proxy */
return (OCSPMem);
}
/*
* BIO_set_conn_int_port takes an int *, so let's give it one
* rather than an ushort_t *
*/
if (BIO_do_connect(cbio) <= 0) {
return (OCSPConnect);
}
} else {
return (OCSPMem);
}
if (BIO_do_connect(cbio) <= 0) {
return (OCSPConnect);
}
}
/* calculate length of binary request data */
/* send the request headers */
} else {
}
if (retval <= 0) {
return (OCSPRequest);
}
/* send the request binary data */
return (OCSPRequest);
}
/*
* read the response into a memory BIO, so we can 'gets'
* (socket bio's don't support BIO_gets)
*/
return (OCSPMem);
}
if (len < 0) {
return (OCSPRequest);
}
return (OCSPMem);
}
}
/* now get the first line of the response */
return (OCSPRequest);
}
/* parse the header response */
/* skip past the protocol info */
continue;
/* skip past whitespace betwen protocol and start of response code */
while ((*p != '\0') && isspace(*p)) {
p++;
}
if (*p == '\0') {
/* premature end */
return (OCSPRequest);
}
/* find end of response code */
continue;
/* mark end of response code */
*q++ = '\0';
/* parse response code */
if (*r != '\0') {
return (OCSPRequest);
}
/* now find beginning of the response string */
q++;
}
/* trim whitespace from end of message */
*r = '\0';
}
/* response must be OK */
if (respcode != 200) {
respcode, q);
return (OCSPRequest);
}
/* read headers, looking for content-type or a blank line */
/* if we get a content type, make sure it's the right type */
strlen(CONTENT_TYPE_HDR))) {
/* look for the delimiting : */
if (p == NULL) {
return (OCSPResponder);
}
/* skip over ':' */
p++;
/* find beginning of the content type */
p++;
}
if (!ci_strneq(p, CONTENT_OCSP_RESP,
strlen(CONTENT_OCSP_RESP))) {
/* response is not right type */
p, CONTENT_OCSP_RESP);
return (OCSPResponder);
}
/* continue with next header line */
continue;
}
/* scan looking for a character */
continue;
}
/*
* if we got to the end of the line with
* no chars, then this is a blank line
*/
if (*p == '\0') {
break;
}
}
if (*p != '\0') {
/* last line was not blank */
return (OCSPResponder);
}
/* now read in the binary response */
return (OCSPResponder);
}
/* free temp BIOs */
(void) BIO_free_all(cbio);
/* make sure request was successful */
return (OCSPResponder);
}
/* parse binary response into internal structure */
return (OCSPParse);
}
/*
* From here to the end of the code, the return values
* should be hard failures
*/
/* verify the response, warn if no nonce */
}
if (err_reason == NULL) {
}
}
uri);
return (OCSPVerify);
}
/* check the validity of our certificate */
return (OCSPVerify);
}
return (OCSPVerify);
}
/* trim end */
isspace(*r); r--) {
*r = '\0';
}
OCSP_VALIDITY_PERIOD, -1)) {
} else {
}
return (OCSPVerify);
}
if (status != V_OCSP_CERTSTATUS_GOOD) {
return (OCSPVerify);
}
/* everythign checks out */
return (OCSPSuccess);
}
/*
* Name: get_issuer
* Description: Attempts to find the issuing certificate for a given certificate
* This will look in both the list of trusted certificates found in
* the X509_STORE_CTX structure, as well as the list of untrusted
* chain certificates found in the X509_STORE_CTX structure.
* Arguments:
* issuer - The resulting issuer cert is placed here, if found
* ctx - The current verification context
* x - The certificate whose issuer we are looking for
* Returns : Success - The issuer cert was found and placed in *issuer.
* otherwise, appropriate error is returned.
*/
static int
{
int i, ok;
/*
* first look in the list of trusted
* certs, using the context's method to do so
*/
return (ok);
}
/* didn't find it in trusted certs, look through untrusted */
x) == X509_V_OK) {
return (1);
}
}
}
return (0);
}
/*
* Name: parse_url_proxy
* Description: Parses URL and optional proxy specification, populates static
* 'ps' structure
*
* Arguments: err - where to record any errors.
* url - URL to parse
* proxy - proxy to parse, or NULL for no proxy
* proxy_port - Default proxy port to use if no proxy
* port specified in 'proxy'
*
* Returns : B_TRUE - success, B_FALSE otherwise
* on success, 'ps->url' and 'ps->proxy' are populated
* with parsed data.
*/
static boolean_t
{
if (!path_valid(url)) {
goto cleanup;
}
goto cleanup;
}
!= URL_PARSE_SUCCESS) {
goto cleanup;
}
}
return (ret);
}
/*
* Name: web_setup
* Description: Initializes http library settings
*
* Arguments: err - where to record any errors.
*
* Returns : B_TRUE - success, B_FALSE otherwise
*/
static boolean_t
{
goto cleanup;
}
}
goto cleanup;
}
goto cleanup;
}
goto cleanup;
}
goto cleanup;
}
(void) http_set_p12_format(B_TRUE);
return (ret);
}
/*
* Name: web_connect
* Description: Makes connection with URL stored in static 'ps' structure.
*
* Arguments: err - where to record any errors.
*
* Returns : WEB_OK - connection successful
* WEB_VERIFY_SETUP - Unable to complete necessary
* SSL setup
* WEB_CONNREFUSED - Connection was refused to web site
* WEB_HOSTDOWN - Host was not responding to request
* WEB_NOCONNECT - Some other connection failure
*/
static WebStatus
{
char *path;
int my_errno = 0;
const char *libhttperr = NULL;
/* get CA certificates */
goto cleanup;
}
/* no trusted websites */
goto cleanup;
}
/*
* write out all CA certs to temp file. libwanboot should
* have an interface for giving it a list of trusted certs
* through an in-memory structure, but currently that does
* not exist
*/
WEB_CA_PHRASE)) == NULL) {
goto cleanup;
}
goto cleanup;
}
if (http_set_certificate_authority_file(path) != 0) {
goto cleanup;
}
}
/* Have an error - is it EINTR? */
if (errsrc == ERRSRC_SYSTEM) {
break;
} else if (libhttperr == NULL) {
/* save the first non-system error message */
}
}
switch (my_errno) {
case EINTR:
case ETIMEDOUT:
/* Timed out. Try, try again */
ret = WEB_TIMEOUT;
break;
case ECONNREFUSED:
break;
case EHOSTDOWN:
ret = WEB_HOSTDOWN;
break;
default:
/* some other fatal error */
ret = WEB_NOCONNECT;
if (libhttperr == NULL) {
} else {
}
break;
}
}
return (ret);
}
/*
* Name: write_ca_file
* Description: Writes out a PKCS12 file containing all trusted certs
* found in keystore recorded in static 'ps' structure
*
* This routine is used because the libwanboot library's
* HTTPS routines cannot accept trusted certificates
* through an in-memory structure, when initiating an
* SSL connection. They must be in a PKCS12, which is
* admittedly a poor interface.
*
* Arguments: err - where to record any errors.
* tmpdir - Directory to write certificate file in
* cacerts - Certs to write out
* passwd - password used to encrypt certs
*
* Returns : path to resulting file, if successfullly written,
* otherwise NULL.
*/
static char
char *passwd)
{
if (!path_valid(tmpdir)) {
goto cleanup;
}
/* mkstemp replaces XXXXXX with a unique string */
"cert")) < 0) ||
goto cleanup;
}
goto cleanup;
}
goto cleanup;
}
goto cleanup;
}
goto cleanup;
}
goto cleanup;
}
goto cleanup;
}
fd = -1;
if (fd != -1) {
}
return (ret);
}
/*
* Name: web_send_request
* Description: Sends an HTTP request for a file to the
* web server being communicated with in the static
* 'ps' structure
*
* Arguments: err - where to record any errors.
* request_type - HTTP_REQ_TYPE_HEAD to send an HTTP HEAD request,
* or HTTP_REQ_TYPE_GET to send an HTTP GET request
* cp -
* Returns : WEB_OK - request sent successfully
* WEB_CONNREFUSED - Connection was refused to web site
* WEB_HOSTDOWN - Host was not responding to request
* WEB_NOCONNECT - Some other connection failure
*/
static WebStatus
{
int my_errno = 0;
const char *libhttperr = NULL;
switch (request_type) {
case HTTP_REQ_TYPE_HEAD:
&errsrc)) != 0) {
/* Have an error - is it EINTR? */
if (errsrc == ERRSRC_SYSTEM) {
break;
} else if (libhttperr == NULL) {
/* save first non-system error message */
}
}
switch (my_errno) {
case EINTR:
case ETIMEDOUT:
/* Timed out. Try, try again */
ret = WEB_TIMEOUT;
break;
case ECONNREFUSED:
break;
case EHOSTDOWN:
ret = WEB_HOSTDOWN;
break;
default:
/* some other fatal error */
ret = WEB_NOCONNECT;
if (libhttperr == NULL) {
} else {
}
break;
}
goto cleanup;
}
break;
case HTTP_REQ_TYPE_GET:
&errsrc)) != 0) {
/* Have an error - is it EINTR? */
if (errsrc == ERRSRC_SYSTEM) {
break;
} else {
/*
* save first non-system
* error message
*/
errcode);
}
}
switch (my_errno) {
case EINTR:
case ETIMEDOUT:
/* Timed out. Try, try again */
ret = WEB_TIMEOUT;
break;
case ECONNREFUSED:
break;
case EHOSTDOWN:
ret = WEB_HOSTDOWN;
break;
default:
/* some other fatal error */
ret = WEB_NOCONNECT;
if (libhttperr == NULL) {
} else {
}
break;
}
goto cleanup;
}
if (!web_eval_headers(err)) {
ret = WEB_NOCONNECT;
goto cleanup;
}
} else {
!= 0) {
&errsrc)) != 0) {
/* Have an error - is it EINTR? */
if (errsrc == ERRSRC_SYSTEM) {
break;
} else {
/*
* save the first non-system
* error message
*/
errcode);
}
}
switch (my_errno) {
case EINTR:
case ETIMEDOUT:
/* Timed out. Try, try again */
ret = WEB_TIMEOUT;
break;
case ECONNREFUSED:
break;
case EHOSTDOWN:
ret = WEB_HOSTDOWN;
break;
default:
/* some other fatal error */
ret = WEB_NOCONNECT;
if (libhttperr == NULL) {
} else {
}
break;
}
goto cleanup;
}
if (!web_eval_headers(err)) {
ret = WEB_NOCONNECT;
goto cleanup;
}
}
break;
default:
}
return (ret);
}
/*
* Name: web_eval_headers
* Description: Evaluates HTTP headers returned during an HTTP request.
* This must be called before calling
* http_get_header_value().
*
* Arguments: err - where to record any errors.
*
* Returns : B_TRUE - success, B_FALSE otherwise
*/
static boolean_t
{
const char *http_err;
}
http_err);
return (B_FALSE);
}
return (B_TRUE);
}
/*
* Name: web_get_file
* Description: Downloads the file URL from the website, all of
* which are recorded in the static 'ps' struct
*
* Arguments: err - where to record any errors.
* dwnld_dir - Directory to download file into
* device - Where to store path to resulting
* file
* nointeract - if non-zero, do not output
* progress
* fname - name of downloaded file link in the dwnld_dir
*
* Returns : WEB_OK - download successful
* WEB_CONNREFUSED - Connection was refused to web site
* WEB_HOSTDOWN - Host was not responding to request
* WEB_GET_FAIL - Unable to initialize download
* state (temp file creation, header parsing, etc)
* WEB_NOCONNECT - Some other connection failure
*/
static WebStatus
{
int i, fd;
int n = 0;
char *lastmod_val = NULL;
int my_errno = 0;
const char *libhttperr = NULL;
char *disp;
int len;
CONTENT_LENGTH_HDR)) != NULL) {
} else {
ret = WEB_GET_FAIL;
goto cleanup;
}
CONTENT_DISPOSITION_HDR)) != NULL) {
/* "inline; parm=val; parm=val */
/* disp = "inline" */
/* disp = "parm=val" */
}
}
}
}
/*
* couldn't determine filename from header value,
* so take basename of URL
*/
/* URL is bad */
ret = WEB_GET_FAIL;
goto cleanup;
}
}
!= NULL) {
ret = WEB_GET_FAIL;
goto cleanup;
}
lastmod_val)) == NULL) {
ret = WEB_GET_FAIL;
goto cleanup;
}
lastmod_val = NULL;
640)) == -1) {
/*
* A partial downloaded file
* already exists, so open it.
*/
ret = WEB_GET_FAIL;
goto cleanup;
} else {
}
} else {
/* unable to open partial file */
ret = WEB_GET_FAIL;
goto cleanup;
}
}
} else {
/*
* no "Last-Modified" header, so this file is not eligible for
* spooling and "resuming last download" operations
*/
/* mkstemp replaces XXXXXX with a unique string */
ret = WEB_GET_FAIL;
goto cleanup;
}
ret = WEB_GET_FAIL;
goto cleanup;
}
ret = WEB_GET_FAIL;
goto cleanup;
}
}
/* File has already been completely downloaded */
ret = WEB_GET_FAIL;
goto cleanup;
}
/* we're done, so cleanup and return success */
goto cleanup;
}
ret = WEB_GET_FAIL;
goto cleanup;
}
goto cleanup;
}
else
/* Download the file a BLOCK at a time */
: BLOCK;
&errsrc)) != 0) {
/* Have an error - is it EINTR? */
if (errsrc == ERRSRC_SYSTEM) {
break;
} else {
/*
* save first non-system
* error message
*/
}
}
switch (my_errno) {
case EINTR:
case ETIMEDOUT:
/* Timed out. Try, try again */
ret = WEB_TIMEOUT;
break;
case ECONNREFUSED:
break;
case EHOSTDOWN:
ret = WEB_HOSTDOWN;
break;
default:
/* some other fatal error */
ret = WEB_NOCONNECT;
if (libhttperr == NULL) {
} else {
}
break;
}
goto cleanup;
}
ret = WEB_GET_FAIL;
goto cleanup;
}
abs_pos += n;
}
ret = WEB_GET_FAIL;
goto cleanup;
}
sync();
if (fd != -1) {
}
if (lastmod_val != NULL)
return (ret);
}
/*
* Name: make_link
* Description: Create new link to file being downloaded
*
* Arguments: dwnld_dir - directory in which downloaded file exists
* bname - name of link
*
* Returns : B_TRUE - success, B_FALSE otherwise
*/
static boolean_t
{
int len;
return (B_FALSE);
return (B_FALSE);
return (B_TRUE);
}
/*
* Name: get_startof_string
* Description: searches string for token, returns a newly-allocated
* substring of the given string up to, but not
* including, token. for example
* get_startof_string("abcd", 'c') will return "ab"
*
* Arguments: path - path to split
* token - character to split on
*
* Returns : substring of 'path', up to, but not including,
* token, if token appears in path. Otherwise,
* returns NULL.
*/
char *
{
char *p, *p2;
return (NULL);
free(p);
return (NULL);
} else {
*p2 = '\0';
return (p);
}
}
/*
* Name: get_endof_string
* Description: searches string for token, returns a
* newly-allocated substring of the given string,
* starting at character following token, to end of
* string.
*
* for example get_end_string("abcd", 'c')
* will return "d"
*
* Arguments: path - path to split
* token - character to split on
*
* Returns : substring of 'path', beginning at character
* following token, to end of string, if
* token appears in path. Otherwise,
* returns NULL.
*/
char *
{
char *p, *p2;
return (NULL);
return (NULL);
}
return (p2 + 1);
}
/*
* Name: progress_setup
* Description: Initialize session for reporting progress
*
* Arguments: nointeract - if non-zero, do not do anything
* ulong_t - size of job to report progress for
*
* Returns : none
*/
static void
{
if (nointeract)
return;
else if (size_of_load > LARGE_DWNLD) {
} else
}
/*
* Name: progress_report
* Description: Report progress for current progress context,
* to stderr
*
* Arguments: nointeract - if non-zero, do not do anything
* position - how far along in the job to report.
* This should be <= size used during progress_setup
*
* Returns : none
*/
static void
{
if (nointeract)
return;
if (position == 0) {
}
divider += const_divider;
}
}
/*
* Name: progress_finish
* Description: Finalize session for reporting progress.
* "100%" is reported to screen
*
* Arguments: nointeract - if non-zero, do not do anything
*
* Returns : none
*/
static void
{
if (nointeract)
return;
}
/*
* Name: init_session
* Description: Initializes static 'ps' structure with default
* values
*
* Arguments: none
*
* Returns : B_TRUE - success, B_FALSE otherwise
*/
static boolean_t
init_session(void)
{
if ((ps = (WEB_SESSION *)
return (B_FALSE);
}
return (B_FALSE);
}
return (B_TRUE);
}
/*
* Name: ck_downld_dir_space
* Description: Verify enough space exists in directory to hold file
*
* Arguments: err - where to record any errors.
* dwnld_dir - Directory to check available space in
* bytes_needed - How many bytes are need
*
* Returns : B_TRUE - enough space exists in dwnld_dir to hold
* bytes_needed bytes, otherwise B_FALSE
*/
static boolean_t
{
return (B_FALSE);
}
bytes_avail / 1024ULL);
return (B_FALSE);
}
return (B_TRUE);
}
/*
* Description:
* This function returns a unique file name based on the parts of the
* URI. This is done to enable partially downloaded files to be resumed.
* Arguments:
* dir - The directory that should contain the filename.
* last_modified - A string representing the date of last modification,
* used as part of generating unique name
* Returns:
* A valid filename or NULL.
*/
static char *
{
int len;
return (NULL);
}
return (NULL);
}
/* prepare strings for being cat'ed onto */
/*
* No validation of the path is done here. We just construct the path
* and it must be validated later
*/
if (dir) {
return (NULL);
} else {
return (NULL);
}
return (NULL);
>= PATH_MAX)
return (NULL);
} else {
if ((beg_str =
!= NULL)
return (NULL);
}
if (last_modified != NULL)
return (NULL);
return (NULL);
} else {
return (buf2);
}
} else {
return (NULL);
}
}
/*
* Description:
* Removes token(s) consisting of one character from any path.
* Arguments:
* path - The path to search for the token in.
* token - The token to search for
* Returns:
* The path with all tokens removed or NULL.
*/
static char *
{
char *newpath, *p;
return (NULL);
}
for (p = newpath; *p != '\0'; p++) {
if (*p == oldtoken) {
*p = newtoken;
}
}
return (newpath);
}
/*
* Name: trim
* Description: Trims whitespace from a string
* has been registered)
* Scope: private
* Arguments: string - string to trim. It is assumed
* this string is writable up to it's entire
* length.
* Returns: none
*/
static void
{
int len, i;
return;
}
/* strip from front */
for (i = 0; i < len; i++) {
}
}
/* strip from back */
len--;
}
}
/*
* Description:
* Resolves double quotes
* Arguments:
* str - The string to resolve
* Returns:
* None
*/
static void
{
char *cp;
/* no quotes */
return;
}
/* remove first quote */
/*
* scan string looking for ending quote.
* escaped quotes like \" don't count
*/
while (*cp != '\0') {
switch (*cp) {
case '\\':
/* found an escaped character */
/* make sure end of string is not '\' */
if (*++cp != '\0') {
cp++;
}
break;
case '"':
*cp = '\0';
break;
default:
cp++;
}
}
}
/*
* Name: get_ENV_proxy
* Description: Retrieves setting of proxy env variable
*
* Arguments: err - where to record any errors.
* proxy - where to store proxy
*
* Returns : B_TRUE - http proxy was found and valid, stored in proxy
* B_FALSE - error, errors recorded in err
*/
static boolean_t
{
char *buf;
if (!path_valid(buf)) {
return (B_FALSE);
} else {
return (B_TRUE);
}
} else {
/* try the other env variable */
if (!path_valid(buf)) {
return (B_FALSE);
}
return (B_FALSE);
}
/* skip over the http:// part of the proxy "url" */
return (B_TRUE);
}
}
/* either the env variable(s) were set and valid, or not set */
return (B_TRUE);
}
/*
* Name: get_ENV_proxyport
* Description: Retrieves setting of PROXYPORT env variable
*
* Arguments: err - where to record any errors.
* port - where to store resulting port
*
* Returns : B_TRUE - string found in PROXYPORT variable, converted
* to decimal integer, if it exists
* and is valid. Or, PROXYPORT not set, port set to 1.
* B_FALSE - env variable set, but invalid
* (not a number for example)
*/
static boolean_t
{
char *buf;
if (!path_valid(buf)) {
return (B_FALSE);
}
return (B_FALSE);
}
return (B_TRUE);
} else {
*port = 1;
return (B_TRUE);
}
}
/*
* Name: remove_dwnld_file
* Description: Removes newly-downloaded file if completely downloaded.
*
* Arguments: path - path to file to remove
*
* Returns : B_TRUE - success, B_FALSE otherwise
* if it's '0' (not OK) we simply return it, since the
* verification operation has already determined that the
* cert is invalid. if 'ok' is non-zero, then we do our
* checks, and return 0 or 1 based on if the cert is
* invalid or valid.
*/
static boolean_t
remove_dwnld_file(char *path)
{
/*
* Only remove the downloaded file if it has been completely
* downloaded, or is not eligible for spooling
*/
}
} else {
return (B_FALSE);
}
return (B_TRUE);
}
/*
* Name: condense_lastmodifided
* Description: generates a substring of a last-modified string,
* and removes colons.
*
* Arguments: last_modified - string of the form
* "Wed, 23 Oct 2002 21:59:45 GMT"
*
* Returns :
* sans any colons.
*/
char *
{
char *p, *p2;
/*
* Last-Modified: Wed, 23 Oct 2002 21:59:45 GMT
* Strip the hours, minutes and seconds, without the ':'s, from
* the above string, void of the ':".
*/
if (last_modified == NULL)
return (NULL);
return (NULL);
}
/*
* Name: backoff
* Description: sleeps for a certain # of seconds after a network
* failure.
* Scope: public
* Arguments: none
* Returns: none
*/
void
backoff()
{
int backoff;
long seed;
if (!initted) {
/* seed the rng */
}
if (cur_backoff < MAX_BACKOFF) {
/*
* increase maximum time we might wait
* next time so as to fall off over
* time.
*/
}
}
/*
* Name: reset_backoff
* Description: notifies the backoff service that whatever was
* being backoff succeeded.
* Scope: public
* Arguments: none
* Returns: none
*/
void
{
}
/*
* Name: _get_random_info
* Description: generate an amount of random bits. Currently
* only a small amount (a long long) can be
* generated at one time.
* Scope: private
* Arguments: buf - [RO, *RW] (char *)
* Buffer to copy bits into
* size - amount to copy
* Returns: B_TRUE on success, B_FALSE otherwise. The buffer is filled
* with the amount of bytes of random data specified.
*/
static boolean_t
{
typedef struct {
long low_time;
long hostid;
} randomness;
randomness r;
/* if the RANDOM file exists, use it */
/* success */
return (B_TRUE);
}
}
}
/* couldn't use RANDOM file, so fallback to time of day and hostid */
/* Wouldn't it be nice if we could hash these */
if (sizeof (r) < size) {
/*
* Can't copy correctly
*/
return (B_FALSE);
}
return (B_TRUE);
}
/*
* Name: pkg_passphrase_cb
* Description: Default callback that applications can use when
* a passphrase is needed. This routine collects
* a passphrase from the user using the given
* passphrase retrieval method set with
* set_passphrase_passarg(). If the method
* indicates an interactive prompt, then the
* prompt set with set_passphrase_prompt()
* is displayed.
*
* Arguments: buf - Buffer to copy passphrase into
* size - Max amount to copy to buf
* rw - Whether this passphrase is needed
* to read something off disk, or
* write something to disk. Applications
* typically want to ask twice when getting
* a passphrase for writing something.
* data - application-specific data. In this
* callback, data is a pointer to
* a keystore_passphrase_data structure.
*
* Returns: Length of passphrase collected, or -1 on error.
* Errors recorded in 'err' object in the *data.
*/
int
{
int passlen;
char *ws;
char prompt_copy[MAX_VERIFY_MSGLEN];
char *passphrase;
char *arg;
arg = "console";
} else {
}
/* default method of collecting password is by prompting */
return (-1);
}
if (rw) {
/*
* if the password is being supplied for
* writing something to disk, verify it first
*/
/* make a copy (getpassphrase overwrites) */
MAX_PHRASELEN + 1);
MAX_VERIFY_MSGLEN, "%s: %s",
prompt)) < 0) ||
return (-1);
}
if ((passphrase =
return (-1);
}
return (-1);
}
}
/* open file for reading */
return (-1);
}
/* read first line */
arg + 5);
return (-1);
}
/*
* password was maximum length, so there is
* no null terminator. null-terminate it
*/
}
/* first newline found is end of passwd, so nuke it */
*ws = '\0';
}
} else {
/* unrecognized passphrase */
return (-1);
}
if (passphrase == NULL) {
/* unable to collect passwd from given source */
return (-1);
}
}