responder/ssh/sshsrv.c

	sshsrv.c revision e7311aec8d691e5427317442387af1bc8fff3742
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce/*
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    Authors:
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce        Jan Cholasta <jcholast@redhat.com>
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    Copyright (C) 2012 Red Hat
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    This program is free software; you can redistribute it and/or modify
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    it under the terms of the GNU General Public License as published by
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    the Free Software Foundation; either version 3 of the License, or
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    (at your option) any later version.
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    This program is distributed in the hope that it will be useful,
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    but WITHOUT ANY WARRANTY; without even the implied warranty of
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    GNU General Public License for more details.
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    You should have received a copy of the GNU General Public License
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    along with this program.  If not, see <http://www.gnu.org/licenses/>.
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce*/
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce#include <popt.h>
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce#include "util/util.h"
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce#include "confdb/confdb.h"
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce#include "monitor/monitor_interfaces.h"
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce#include "responder/common/responder.h"
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce#include "responder/ssh/sshsrv_private.h"
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce#include "providers/data_provider.h"
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorcestruct sbus_method monitor_ssh_methods[] = {
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    { MON_CLI_METHOD_PING, monitor_common_pong },
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    { MON_CLI_METHOD_RES_INIT, monitor_common_res_init },
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    { MON_CLI_METHOD_ROTATE, responder_logrotate },
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    { NULL, NULL }
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce};
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorcestruct sbus_interface monitor_ssh_interface = {
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    MONITOR_INTERFACE,
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    MONITOR_PATH,
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    SBUS_DEFAULT_VTABLE,
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    monitor_ssh_methods,
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    NULL
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce};
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorcestatic struct sbus_method ssh_dp_methods[] = {
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    { NULL, NULL }
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce};
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorcestruct sbus_interface ssh_dp_interface = {
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    DP_INTERFACE,
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    DP_PATH,
4ebab24f65b54720a6672898b76185462015ababPavel Březina    SBUS_DEFAULT_VTABLE,
75d66aea7accc842e68c88f085f9053112b20eccPavel Březina    ssh_dp_methods,
c1058e96679c7ed1372825bf5226ce7d28a8e6ffPavel Březina    NULL
dee7a89098b698e756f63e4041734d7322ad8b1ePavel Březina};
ab967283b710dfa05d11ee5b30c7ac916486ceecSimo Sorce
c6872e79e8496fd075e20aec0343ade99cca725cSimo Sorcestatic void ssh_dp_reconnect_init(struct sbus_connection *conn,
c6872e79e8496fd075e20aec0343ade99cca725cSimo Sorce                                  int status, void *pvt)
c6872e79e8496fd075e20aec0343ade99cca725cSimo Sorce{
7c69221077c780e62f6c536e78675f2dc1c131bcMichal Zidek    struct be_conn *be_conn = talloc_get_type(pvt, struct be_conn);
22a21e910fd216ec1468fe769dcc29f1621a52a4Ondrej Kos    int ret;
ab967283b710dfa05d11ee5b30c7ac916486ceecSimo Sorce
ab967283b710dfa05d11ee5b30c7ac916486ceecSimo Sorce    /* Did we reconnect successfully? */
ab967283b710dfa05d11ee5b30c7ac916486ceecSimo Sorce    if (status == SBUS_RECONNECT_SUCCESS) {
ab967283b710dfa05d11ee5b30c7ac916486ceecSimo Sorce        DEBUG(SSSDBG_TRACE_FUNC, ("Reconnected to the Data Provider.\n"));
233a3c6c48972b177e60d6ef4cecfacd3cf31659Simo Sorce
c6872e79e8496fd075e20aec0343ade99cca725cSimo Sorce        /* Identify ourselves to the data provider */
c6872e79e8496fd075e20aec0343ade99cca725cSimo Sorce        ret = dp_common_send_id(be_conn->conn,
233a3c6c48972b177e60d6ef4cecfacd3cf31659Simo Sorce                                DATA_PROVIDER_VERSION,
233a3c6c48972b177e60d6ef4cecfacd3cf31659Simo Sorce                                "SSH");
c9b0071bfcb8eb8c71e40248de46d23aceecc0f3Pavel Reichl        /* all fine */
c9b0071bfcb8eb8c71e40248de46d23aceecc0f3Pavel Reichl        if (ret == EOK) {
c9b0071bfcb8eb8c71e40248de46d23aceecc0f3Pavel Reichl            handle_requests_after_reconnect();
dfd71fc92db940b2892cc996911cec03d7b6c52bSimo Sorce            return;
f9961e5f82e0ef474d6492371bfdf9e74e208a99Pavel Březina        }
f9961e5f82e0ef474d6492371bfdf9e74e208a99Pavel Březina    }
e5f455afbc2d149527bfd08f4e89903a3a8da17aPavel Březina
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek    /* Failed to reconnect */
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek    DEBUG(SSSDBG_FATAL_FAILURE, ("Could not reconnect to %s provider.\n",
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek                                 be_conn->domain->name));
7caf7ed4f2eae1ec1c0717b4ee6ce78bdacd5926Jakub Hrozek}
dcc6877aa2e2dd63a9dc9c411a9c58feaeb36b9aStephen Gallagher
bc30ce9b7d588a17e58012e699986f0d6898b791Pavel Březinaint ssh_process_init(TALLOC_CTX *mem_ctx,
b5ee224324b0158641d9b110f81d2bc6eddddc13Pavel Reichl                     struct tevent_context *ev,
2a96981a0ac781d01e5bba473409ed2bdf4cd4e0Jakub Hrozek                     struct confdb_ctx *cdb)
e81deec535d11912b87954c81a1edd768c1386c9Jakub Hrozek{
4dd38025efda88f123eac672f87d3cda12f050c8Jakub Hrozek    struct sss_cmd_table *ssh_cmds;
4dd38025efda88f123eac672f87d3cda12f050c8Jakub Hrozek    struct ssh_ctx *ssh_ctx;
0161a3c5637a0c0092bf54c436bb3d6508d7df26Jakub Hrozek    struct be_conn *iter;
0161a3c5637a0c0092bf54c436bb3d6508d7df26Jakub Hrozek    int ret;
10a28f461c25d788ff4dcffefa881e7aa724a25dPavel Březina    int max_retries;
60cab26b12df9a2153823972cde0c38ca86e01b9Yassir Elley
1319e71fd1680ca4864afe0b1aca2b8c8e4a1ee4Stef Walter    ssh_ctx = talloc_zero(mem_ctx, struct ssh_ctx);
0c1d65998907930678da2d091789446f2c344d5dJakub Hrozek    if (!ssh_ctx) {
a2ea3f5d9ef9f17efbb61e942c2bc6cff7d1ebf2Jakub Hrozek        DEBUG(SSSDBG_FATAL_FAILURE, ("fatal error initializing ssh_ctx\n"));
f3a25949de81f80c136bb073e4a8f504b080c20cJakub Hrozek        return ENOMEM;
8394eddba54b5d3e3fda868145e3751247bdbdb2Michal Zidek    }
5a5c5cdeb92f4012fc75fd717bfea06598f68f12Pavel Reichl
804df4040eb142f82a44c019c7a55b5ce524583cMichal Zidek    ssh_cmds = get_ssh_cmds();
1243e093fd31c5660adf1bb3dd477d6935a755beJakub Hrozek    ret = sss_process_init(ssh_ctx, ev, cdb,
1243e093fd31c5660adf1bb3dd477d6935a755beJakub Hrozek                           ssh_cmds,
82a958e6592c4a4078e45b7197bbe4751b70f511Pavel Reichl                           SSS_SSH_SOCKET_NAME, NULL,
979e8d8d6ed444007eeff6be5269e8dc5d2bdf68Pavel Reichl                           CONFDB_SSH_CONF_ENTRY,
05d935cc9d04f03522d0bb44598d22d99b085926Jakub Hrozek                           SSS_SSH_SBUS_SERVICE_NAME,
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek                           SSS_SSH_SBUS_SERVICE_VERSION,
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek                           &monitor_ssh_interface,
a8d887323f83984679a7d9b827a70146656bb7b2Sumit Bose                           "SSH",
b42bf6c0c01db08208fb81d8295a2909d307284aPavel Reichl                           &ssh_dp_interface,
9118a539a5d59f669f551114f880fe91d6bb8741Jakub Hrozek                           &ssh_ctx->rctx);
b5825c74b6bf7a99ae2172392dbecb51179013a6Jakub Hrozek    if (ret != EOK) {
19e44537c28f6d5f011cd7ac885c74c1e892605fSimo Sorce        return ret;
5f7cd30c865046a7ea69944f7e07c85b4c43465aSumit Bose    }
c30b7a1931211fdcae0564551a7625cc4f6dee9fJakub Hrozek    ssh_ctx->rctx->pvt_ctx = ssh_ctx;
e732d23f3ec986a463d757781a334040e03d1f59Jakub Hrozek
e732d23f3ec986a463d757781a334040e03d1f59Jakub Hrozek    /* Enable automatic reconnection to the Data Provider */
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    ret = confdb_get_int(ssh_ctx->rctx->cdb, ssh_ctx->rctx,
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce                         CONFDB_SSH_CONF_ENTRY,
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce                         CONFDB_SERVICE_RECON_RETRIES,
0c16d2eefbc6ac8331078a4cdcecfee817a71bc6Simo Sorce                         3, &max_retries);
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    if (ret != EOK) {
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce        DEBUG(SSSDBG_FATAL_FAILURE,
7650ded4ffa87fcf7ce5adf00920fecf89cffcf5Michal Zidek              ("Failed to set up automatic reconnection\n"));
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce        return ret;
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    }
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    for (iter = ssh_ctx->rctx->be_conns; iter; iter = iter->next) {
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce        sbus_reconnect_init(iter->conn, max_retries,
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce                            ssh_dp_reconnect_init, iter);
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    }
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    DEBUG(SSSDBG_TRACE_FUNC, ("SSH Initialization complete\n"));
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    return EOK;
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce}
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorceint main(int argc, const char *argv[])
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce{
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    int opt;
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce    poptContext pc;
    struct main_context *main_ctx;
    int ret;

    struct poptOption long_options[] = {
        POPT_AUTOHELP
        SSSD_MAIN_OPTS
        POPT_TABLEEND
    };

    /* Set debug level to invalid value so we can deside if -d 0 was used. */
    debug_level = SSSDBG_INVALID;

    pc = poptGetContext(argv[0], argc, argv, long_options, 0);
    while((opt = poptGetNextOpt(pc)) != -1) {
        switch(opt) {
        default:
            fprintf(stderr, "\nInvalid option %s: %s\n\n",
                  poptBadOption(pc, 0), poptStrerror(opt));
            poptPrintUsage(pc, stderr, 0);
            return 1;
        }
    }

    poptFreeContext(pc);

    CONVERT_AND_SET_DEBUG_LEVEL(debug_level);

    /* set up things like debug, signals, daemonization, etc... */
    debug_log_file = "sssd_ssh";

    ret = server_setup("sssd[ssh]", 0, CONFDB_SSH_CONF_ENTRY, &main_ctx);
    if (ret != EOK) {
        return 2;
    }

    ret = die_if_parent_died();
    if (ret != EOK) {
        /* This is not fatal, don't return */
        DEBUG(SSSDBG_OP_FAILURE, ("Could not set up to exit "
                                  "when parent process does\n"));
    }

    ret = ssh_process_init(main_ctx,
                           main_ctx->event_ctx,
                           main_ctx->confdb_ctx);
    if (ret != EOK) {
        return 3;
    }

    /* loop on main */
    server_loop(main_ctx);

    return 0;
}