serval-dna/rhizome_bundle.c
Andrew Bettison 00dc3bf27e Fix Rhizome manifest parsing bug
If an over-large manifest was supplied, signature extraction went
into a tight loop
2014-04-29 15:08:02 +09:30

1273 lines
41 KiB
C

/*
Serval Distributed Numbering Architecture (DNA)
Copyright (C) 2010 Paul Gardner-Stephen
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
#include <stdlib.h>
#include <assert.h>
#include <sys/uio.h>
#include "serval.h"
#include "conf.h"
#include "rhizome.h"
#include "str.h"
#include "mem.h"
#include "keyring.h"
#include "dataformats.h"
static const char *rhizome_manifest_get(const rhizome_manifest *m, const char *var)
{
unsigned i;
for (i = 0; i < m->var_count; ++i)
if (strcmp(m->vars[i], var) == 0)
return m->values[i];
return NULL;
}
#if 0
static uint64_t rhizome_manifest_get_ui64(rhizome_manifest *m, const char *var)
{
unsigned i;
for (i = 0; i < m->var_count; ++i)
if (strcmp(m->vars[i], var) == 0) {
uint64_t val;
return str_to_uint64(m->values[i], 10, &val, NULL) ? val : -1;
}
return -1;
}
#endif
/* @author Andrew Bettison <andrew@servalproject.com>
*/
static int _rhizome_manifest_del(struct __sourceloc __whence, rhizome_manifest *m, const char *var)
{
if (config.debug.rhizome_manifest)
DEBUGF("DEL manifest[%d].%s", m->manifest_record_number, var);
int ret = 0;
unsigned i;
for (i = 0; i < m->var_count; ++i)
if (strcmp(m->vars[i], var) == 0) {
free((char *) m->vars[i]);
free((char *) m->values[i]);
--m->var_count;
ret = 1;
break;
}
for (; i < m->var_count; ++i) {
m->vars[i] = m->vars[i + 1];
m->values[i] = m->values[i + 1];
}
return ret;
}
#define rhizome_manifest_set(m,var,value) _rhizome_manifest_set(__WHENCE__, (m), (var), (value))
#define rhizome_manifest_set_ui64(m,var,value) _rhizome_manifest_set_ui64(__WHENCE__, (m), (var), (value))
#define rhizome_manifest_del(m,var) _rhizome_manifest_del(__WHENCE__, (m), (var))
static const char *_rhizome_manifest_set(struct __sourceloc __whence, rhizome_manifest *m, const char *var, const char *value)
{
if (config.debug.rhizome_manifest)
DEBUGF("SET manifest[%d].%s = %s", m->manifest_record_number, var, alloca_str_toprint(value));
unsigned i;
for(i=0;i<m->var_count;i++)
if (strcmp(m->vars[i],var) == 0) {
const char *ret = str_edup(value);
if (ret == NULL)
return NULL;
free((char *)m->values[i]);
m->values[i] = ret;
return ret;
}
if (m->var_count >= NELS(m->vars))
return WHYNULL("no more manifest vars");
if ((m->vars[m->var_count] = str_edup(var)) == NULL)
return NULL;
const char *ret = m->values[m->var_count] = str_edup(value);
if (ret == NULL) {
free((char *)m->vars[i]);
m->vars[i] = NULL;
return NULL;
}
m->var_count++;
return ret;
}
static const char *_rhizome_manifest_set_ui64(struct __sourceloc __whence, rhizome_manifest *m, char *var, uint64_t value)
{
char str[50];
snprintf(str, sizeof str, "%" PRIu64, value);
return rhizome_manifest_set(m, var, str);
}
void _rhizome_manifest_set_id(struct __sourceloc __whence, rhizome_manifest *m, const rhizome_bid_t *bidp)
{
const char *v = rhizome_manifest_set(m, "id", alloca_tohex_rhizome_bid_t(*bidp));
assert(v); // TODO: remove known manifest fields from vars[]
// If the BID is changed, the secret key and bundle key are no longer valid.
if (m->has_id && bidp != &m->cryptoSignPublic && cmp_rhizome_bid_t(&m->cryptoSignPublic, bidp) != 0) {
if (m->haveSecret) {
m->haveSecret = SECRET_UNKNOWN;
bzero(m->cryptoSignSecret, sizeof m->cryptoSignSecret); // not strictly necessary but aids debugging
}
if (m->has_bundle_key) {
m->has_bundle_key = 0;
m->bundle_key = RHIZOME_BK_NONE; // not strictly necessary but aids debugging
}
// Any authenticated author is no longer authenticated, but is still known to be in the keyring.
if (m->authorship == AUTHOR_AUTHENTIC)
m->authorship = AUTHOR_LOCAL;
}
m->cryptoSignPublic = *bidp;
m->has_id = 1;
m->finalised = 0;
}
void _rhizome_manifest_set_version(struct __sourceloc __whence, rhizome_manifest *m, uint64_t version)
{
const char *v = rhizome_manifest_set_ui64(m, "version", version);
assert(v); // TODO: remove known manifest fields from vars[]
m->version = version;
m->finalised = 0;
}
void _rhizome_manifest_set_filesize(struct __sourceloc __whence, rhizome_manifest *m, uint64_t size)
{
const char *v = rhizome_manifest_set_ui64(m, "filesize", size);
assert(v); // TODO: remove known manifest fields from vars[]
m->filesize = size;
m->finalised = 0;
}
/* Must always set file size before setting the file hash, to avoid assertion failures.
*/
void _rhizome_manifest_set_filehash(struct __sourceloc __whence, rhizome_manifest *m, const rhizome_filehash_t *hash)
{
assert(m->filesize != RHIZOME_SIZE_UNSET);
if (hash) {
const char *v = rhizome_manifest_set(m, "filehash", alloca_tohex_rhizome_filehash_t(*hash));
assert(v); // TODO: remove known manifest fields from vars[]
m->filehash = *hash;
m->has_filehash = 1;
} else {
rhizome_manifest_del(m, "filehash");
m->filehash = RHIZOME_FILEHASH_NONE;
m->has_filehash = 0;
}
m->finalised = 0;
}
void _rhizome_manifest_set_tail(struct __sourceloc __whence, rhizome_manifest *m, uint64_t tail)
{
const char *v = rhizome_manifest_set_ui64(m, "tail", tail);
assert(v); // TODO: remove known manifest fields from vars[]
m->tail = tail;
m->is_journal = (tail != RHIZOME_SIZE_UNSET);
m->finalised = 0;
}
void _rhizome_manifest_set_bundle_key(struct __sourceloc __whence, rhizome_manifest *m, const rhizome_bk_t *bkp)
{
if (bkp) {
const char *v = rhizome_manifest_set(m, "BK", alloca_tohex_rhizome_bk_t(*bkp));
assert(v); // TODO: remove known manifest fields from vars[]
m->bundle_key = *bkp;
m->has_bundle_key = 1;
m->finalised = 0;
} else
_rhizome_manifest_del_bundle_key(__whence, m);
}
void _rhizome_manifest_del_bundle_key(struct __sourceloc __whence, rhizome_manifest *m)
{
if (m->has_bundle_key) {
rhizome_manifest_del(m, "BK");
m->has_bundle_key = 0;
m->bundle_key = RHIZOME_BK_NONE; // not strictly necessary, but aids debugging
m->finalised = 0;
} else
assert(rhizome_manifest_get(m, "BK") == NULL);
// Once there is no BK field, any authenticated authorship is no longer.
if (m->authorship == AUTHOR_AUTHENTIC)
m->authorship = AUTHOR_LOCAL;
}
void _rhizome_manifest_set_service(struct __sourceloc __whence, rhizome_manifest *m, const char *service)
{
if (service) {
assert(rhizome_str_is_manifest_service(service));
const char *v = rhizome_manifest_set(m, "service", service);
assert(v); // TODO: remove known manifest fields from vars[]
m->service = v;
m->finalised = 0;
} else
_rhizome_manifest_del_service(__whence, m);
}
void _rhizome_manifest_del_service(struct __sourceloc __whence, rhizome_manifest *m)
{
if (m->service) {
m->service = NULL;
m->finalised = 0;
rhizome_manifest_del(m, "service");
} else
assert(rhizome_manifest_get(m, "service") == NULL);
}
void _rhizome_manifest_set_name(struct __sourceloc __whence, rhizome_manifest *m, const char *name)
{
m->finalised = 0;
if (name) {
assert(rhizome_str_is_manifest_name(name));
const char *v = rhizome_manifest_set(m, "name", name);
assert(v); // TODO: remove known manifest fields from vars[]
m->name = v;
} else {
rhizome_manifest_del(m, "name");
m->name = NULL;
}
}
void _rhizome_manifest_del_name(struct __sourceloc __whence, rhizome_manifest *m)
{
if (m->name) {
m->name = NULL;
m->finalised = 0;
rhizome_manifest_del(m, "name");
} else
assert(rhizome_manifest_get(m, "name") == NULL);
}
void _rhizome_manifest_set_date(struct __sourceloc __whence, rhizome_manifest *m, time_ms_t date)
{
const char *v = rhizome_manifest_set_ui64(m, "date", (uint64_t)date);
assert(v); // TODO: remove known manifest fields from vars[]
m->date = date;
m->has_date = 1;
m->finalised = 0;
}
void _rhizome_manifest_set_sender(struct __sourceloc __whence, rhizome_manifest *m, const sid_t *sidp)
{
if (sidp) {
const char *v = rhizome_manifest_set(m, "sender", alloca_tohex_sid_t(*sidp));
assert(v); // TODO: remove known manifest fields from vars[]
m->sender = *sidp;
m->has_sender = 1;
m->finalised = 0;
} else
_rhizome_manifest_del_sender(__whence, m);
}
void _rhizome_manifest_del_sender(struct __sourceloc __whence, rhizome_manifest *m)
{
if (m->has_sender) {
rhizome_manifest_del(m, "sender");
m->sender = SID_ANY;
m->has_sender = 0;
m->finalised = 0;
} else
assert(rhizome_manifest_get(m, "sender") == NULL);
}
void _rhizome_manifest_set_recipient(struct __sourceloc __whence, rhizome_manifest *m, const sid_t *sidp)
{
if (sidp) {
const char *v = rhizome_manifest_set(m, "recipient", alloca_tohex_sid_t(*sidp));
assert(v); // TODO: remove known manifest fields from vars[]
m->recipient = *sidp;
m->has_recipient = 1;
m->finalised = 0;
} else
_rhizome_manifest_del_recipient(__whence, m);
}
void _rhizome_manifest_del_recipient(struct __sourceloc __whence, rhizome_manifest *m)
{
if (m->has_recipient) {
rhizome_manifest_del(m, "recipient");
m->recipient = SID_ANY;
m->has_recipient = 0;
m->finalised = 0;
} else
assert(rhizome_manifest_get(m, "recipient") == NULL);
}
void _rhizome_manifest_set_crypt(struct __sourceloc __whence, rhizome_manifest *m, enum rhizome_manifest_crypt flag)
{
switch (flag) {
case PAYLOAD_CRYPT_UNKNOWN:
rhizome_manifest_del(m, "crypt");
break;
case PAYLOAD_CLEAR: {
const char *v = rhizome_manifest_set(m, "crypt", "0");
assert(v); // TODO: remove known manifest fields from vars[]
break;
}
case PAYLOAD_ENCRYPTED: {
const char *v = rhizome_manifest_set(m, "crypt", "1");
assert(v); // TODO: remove known manifest fields from vars[]
break;
}
default: abort();
}
m->payloadEncryption = flag;
m->finalised = 0;
}
void _rhizome_manifest_set_rowid(struct __sourceloc __whence, rhizome_manifest *m, uint64_t rowid)
{
if (config.debug.rhizome_manifest)
DEBUGF("SET manifest[%d].rowid = %"PRIu64, m->manifest_record_number, rowid);
m->rowid = rowid;
}
void _rhizome_manifest_set_inserttime(struct __sourceloc __whence, rhizome_manifest *m, time_ms_t time)
{
if (config.debug.rhizome_manifest)
DEBUGF("SET manifest[%d].inserttime = %"PRItime_ms_t, m->manifest_record_number, time);
m->inserttime = time;
}
void _rhizome_manifest_set_author(struct __sourceloc __whence, rhizome_manifest *m, const sid_t *sidp)
{
if (sidp) {
if (m->authorship == ANONYMOUS || cmp_sid_t(&m->author, sidp) != 0) {
if (config.debug.rhizome_manifest)
DEBUGF("SET manifest[%d] author = %s", m->manifest_record_number, alloca_tohex_sid_t(*sidp));
m->author = *sidp;
m->authorship = AUTHOR_NOT_CHECKED;
}
} else
_rhizome_manifest_del_author(__whence, m);
}
void _rhizome_manifest_del_author(struct __sourceloc __whence, rhizome_manifest *m)
{
if (m->authorship != ANONYMOUS) {
if (config.debug.rhizome_manifest)
DEBUGF("DEL manifest[%d] author", m->manifest_record_number);
m->author = SID_ANY;
m->authorship = ANONYMOUS;
}
}
/* Compute the hash of the manifest's body, including the NUL byte that separates the body from
* the signature block, and verify that a signature is present and is correct.
*
* If the manifest signature is valid, ie, the signature is a self-signature using the
* manifest's own private key, then sets the m->selfSigned flag and returns 1.
*
* If there are no signatures or if the signature block does not verify, then clears the
* m->selfSigned flag and returns 0.
*
* Only call this function on manifests for which rhizome_manifest_validate(m) has returned true
* (ie, m->finalised is set).
*/
int rhizome_manifest_verify(rhizome_manifest *m)
{
assert(m->finalised);
assert(m->manifest_body_bytes > 0);
assert(m->manifest_all_bytes > 0);
assert(m->manifest_body_bytes <= m->manifest_all_bytes);
assert(m->sig_count == 0);
if (m->manifest_body_bytes == m->manifest_all_bytes)
assert(m->manifestdata[m->manifest_body_bytes - 1] == '\0');
// Hash the body
crypto_hash_sha512(m->manifesthash, m->manifestdata, m->manifest_body_bytes);
// Read signature blocks
unsigned ofs = m->manifest_body_bytes;
while (ofs < m->manifest_all_bytes) {
if (rhizome_manifest_extract_signature(m, &ofs) == -1)
break;
}
assert(ofs <= m->manifest_all_bytes);
// Make sure the first signatory's public key is the bundle ID
assert(m->has_id);
if (m->sig_count == 0) {
if (config.debug.rhizome)
DEBUG("Manifest has no signature blocks, but should have self-signature block");
m->selfSigned = 0;
return 0;
}
if (memcmp(m->signatories[0], m->cryptoSignPublic.binary, sizeof m->cryptoSignPublic.binary) != 0) {
if (config.debug.rhizome)
DEBUGF("Manifest id does not match first signature block (signature key is %s)",
alloca_tohex(m->signatories[0], crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES)
);
m->selfSigned = 0;
return 0;
}
m->selfSigned = 1;
return 1;
}
static void rhizome_manifest_clear(rhizome_manifest *m)
{
while (m->var_count) {
--m->var_count;
free((char *) m->vars[m->var_count]);
free((char *) m->values[m->var_count]);
m->vars[m->var_count] = m->values[m->var_count] = NULL;
}
while (m->sig_count) {
--m->sig_count;
free(m->signatories[m->sig_count]);
m->signatories[m->sig_count] = NULL;
}
m->malformed = 0;
m->has_id = 0;
m->has_filehash = 0;
m->is_journal = 0;
m->filesize = RHIZOME_SIZE_UNSET;
m->tail = RHIZOME_SIZE_UNSET;
m->version = 0;
// TODO initialise more fields
}
int rhizome_manifest_inspect(const char *buf, size_t len, struct rhizome_manifest_summary *summ)
{
const char *const end = buf + len;
int has_bid = 0;
int has_version = 0;
const char *begin = buf;
enum { Label, Value, Error } state = Label;
const char *p;
for (p = buf; state != Error && p < end && *p; ++p)
switch (state) {
case Label:
if (*p == '=') {
if (p == begin)
state = Error; // nil field name
else {
int *has = NULL;
if (p == begin + 2 && strncmp(begin, "id", 2) == 0)
has = &has_bid;
else if (p == begin + 7 && strncmp(begin, "version", 7) == 0)
has = &has_version;
state = Value;
if (has) {
if (*has)
state = Error; // duplicate
else {
*has = 1;
begin = p + 1;
}
}
}
} else if (!(p == begin ? isalpha(*p) : isalnum(*p)))
state = Error; // bad field name
break;
case Value:
if (*p == '\n') {
const char *eol = p[-1] == '\r' ? p - 1 : p;
if (has_bid == 1) {
const char *e;
if (strn_to_rhizome_bid_t(&summ->bid, begin, &e) == 0 && e == eol)
has_bid = 2;
else
state = Error; // invalid "id" field
} else if (has_version == 1) {
const char *e;
if (str_to_uint64(begin, 10, &summ->version, &e) && e == eol)
has_version = 2;
else
state = Error; // invalid "version" field
}
if (state == Value) {
state = Label;
begin = p + 1;
}
}
break;
default:
abort();
}
if (p < end && *p == '\0')
++p;
summ->body_len = p - buf;
return state == Label && has_bid == 2 && has_version == 2;
}
/* Parse a Rhizome text manifest from its internal buffer up to and including the terminating NUL
* character which marks the start of the signature block.
*
* Prior to calling, the caller must set up m->manifest_all_bytes to the length of the manifest
* text, including the signature block, and set m->manifestdata[0..m->manifest_all_bytes-1] to
* contain the manifest text and signature block to be parsed.
*
* A "well formed" manifest consists of a series of zero or more lines with the form:
*
* LABEL "=" VALUE [ CR ] LF
*
* where LABEL matches the regular expression [A-Za-z][A-Za-z0-9]* (identifier without underscore)
* VALUE is any value that does not contain NUL, CR or LF (leading and trailing spaces are
* not stripped from VALUE)
* NUL is ASCII 0
* CR is ASCII 13
* LF is ASCII 10
*
* Unpacks all parsed field labels and string values into the m->vars[] and m->values[] arrays, as
* pointers to malloc(3)ed NUL terminated strings, in the order they appear, and sets m->var_count
* to the number of fields unpacked. Sets m->manifest_body_bytes to the number of bytes in the text
* portion up to and including the optional NUL that starts the signature block (if present).
*
* Returns 1 if the manifest is not well formed (syntax violation), any essential field is
* malformed, or if there are any duplicate fields. In this case the m->vars[] and m->values[]
* arrays are not set and the manifest is returned to the state it was in prior to calling.
*
* Returns 0 if the manifest is well formed, if there are no duplicate fields, and if all essential
* fields are valid. Counts invalid non-essential fields and unrecognised fields in m->malformed.
*
* Returns -1 if there is an unrecoverable error (eg, malloc(3) returns NULL, out of memory).
*
* @author Andrew Bettison <andrew@servalproject.com>
*/
int rhizome_manifest_parse(rhizome_manifest *m)
{
IN();
assert(m->manifest_all_bytes <= sizeof m->manifestdata);
assert(m->manifest_body_bytes == 0);
assert(m->var_count == 0);
assert(!m->finalised);
assert(!m->malformed);
assert(!m->has_id);
assert(!m->has_filehash);
assert(!m->is_journal);
assert(m->filesize == RHIZOME_SIZE_UNSET);
assert(m->tail == RHIZOME_SIZE_UNSET);
assert(m->version == 0);
assert(!m->has_date);
assert(!m->has_sender);
assert(!m->has_recipient);
assert(m->payloadEncryption == PAYLOAD_CRYPT_UNKNOWN);
unsigned has_invalid_essential = 0;
unsigned has_duplicate = 0;
const char *const end = (const char *)m->manifestdata + m->manifest_all_bytes;
const char *p;
unsigned line_number = 0;
for (p = (const char *)m->manifestdata; p < end && *p; ++p) {
++line_number;
if (!isalpha(*p)) {
if (config.debug.rhizome_manifest)
DEBUGF("Invalid manifest field name at line %u: %s", line_number, alloca_toprint(20, p, end - p));
break;
}
const char *const plabel = p++;
while (p < end && isalnum(*p))
++p;
if (*p != '=') {
if (config.debug.rhizome_manifest)
DEBUGF("Invalid manifest field name at line %u: %s", line_number, alloca_toprint(-1, plabel, p - plabel + 1));
break;
}
const char *const pvalue = ++p;
while (p < end && *p && *p != '\n')
++p;
if (p >= end || *p != '\n') {
if (config.debug.rhizome_manifest)
DEBUGF("Missing manifest newline at line %u: %s", line_number, alloca_toprint(-1, plabel, p - plabel));
break;
}
const char *const eol = (p > pvalue && p[-1] == '\r') ? p - 1 : p;
if (m->var_count >= NELS(m->vars)) {
if (config.debug.rhizome_manifest)
DEBUGF("Manifest field limit reached at line %u", line_number);
break;
}
assert(pvalue - plabel - 1 > 0);
const char *label = strn_edup(plabel, pvalue - plabel - 1);
const char *value = strn_edup(pvalue, eol - pvalue);
if (label == NULL || value == NULL) {
free((char *)label);
free((char *)value);
RETURN(-1);
}
enum { FIELD_UNKNOWN, FIELD_OK, FIELD_DUPLICATE, FIELD_MALFORMED, FIELD_INVALID } status = FIELD_UNKNOWN;
if (rhizome_manifest_get(m, label))
status = FIELD_DUPLICATE;
else if (strcasecmp(label, "id") == 0) {
if (str_to_rhizome_bid_t(&m->cryptoSignPublic, value) != -1) {
assert(!m->has_id);
status = FIELD_OK;
m->has_id = 1;
if (config.debug.rhizome_manifest)
DEBUGF("PARSE manifest[%d].id = %s", m->manifest_record_number, alloca_tohex_sid_t(m->cryptoSignPublic));
} else
status = FIELD_INVALID;
}
else if (strcasecmp(label, "version") == 0) {
uint64_t version;
if (str_to_uint64(value, 10, &version, NULL) && version != 0) {
assert(m->version == 0);
status = FIELD_OK;
m->version = version;
if (config.debug.rhizome_manifest)
DEBUGF("PARSE manifest[%d].version = %"PRIu64, m->manifest_record_number, m->version);
} else
status = FIELD_INVALID;
}
else if (strcasecmp(label, "filehash") == 0) {
if (str_to_rhizome_filehash_t(&m->filehash, value) != -1) {
assert(!m->has_filehash);
status = FIELD_OK;
m->has_filehash = 1;
if (config.debug.rhizome_manifest)
DEBUGF("PARSE manifest[%d].filehash = %s", m->manifest_record_number, alloca_tohex_rhizome_filehash_t(m->filehash));
} else
status = FIELD_INVALID;
}
else if (strcasecmp(label, "filesize") == 0) {
uint64_t filesize;
if (str_to_uint64(value, 10, &filesize, NULL) && filesize != RHIZOME_SIZE_UNSET) {
assert(m->filesize == RHIZOME_SIZE_UNSET);
status = FIELD_OK;
m->filesize = filesize;
if (config.debug.rhizome_manifest)
DEBUGF("PARSE manifest[%d].filesize = %"PRIu64, m->manifest_record_number, m->filesize);
} else
status = FIELD_INVALID;
}
else if (strcasecmp(label, "tail") == 0) {
uint64_t tail;
if (str_to_uint64(value, 10, &tail, NULL) && tail != RHIZOME_SIZE_UNSET) {
assert(m->tail == RHIZOME_SIZE_UNSET);
status = FIELD_OK;
m->tail = tail;
m->is_journal = 1;
if (config.debug.rhizome_manifest)
DEBUGF("PARSE manifest[%d].tail = %"PRIu64, m->manifest_record_number, m->tail);
} else
status = FIELD_INVALID;
}
// Since rhizome MUST be able to carry future manifest versions, if any of the following fields
// are not well formed, they are simply not unpacked into their respective struct elements and
// treated as an unrecognised field. The m->malformed flag is set so that the application API
// layer can refuse to add (or export?) the bundle.
else if (strcasecmp(label, "BK") == 0) {
if (str_to_rhizome_bk_t(&m->bundle_key, value) != -1) {
assert(!m->has_bundle_key);
status = FIELD_OK;
m->has_bundle_key = 1;
if (config.debug.rhizome_manifest)
DEBUGF("PARSE manifest[%d].BK = %s", m->manifest_record_number, alloca_tohex_rhizome_bk_t(m->bundle_key));
} else
status = FIELD_MALFORMED;
}
else if (strcasecmp(label, "service") == 0) {
if (rhizome_str_is_manifest_service(value)) {
assert(m->service == NULL);
status = FIELD_OK;
m->service = value; // will be free()d when vars[] and values[] are free()d
if (config.debug.rhizome_manifest)
DEBUGF("PARSE manifest[%d].service = %s", m->manifest_record_number, alloca_str_toprint(m->service));
} else
status = FIELD_MALFORMED;
}
else if (strcasecmp(label, "date") == 0) {
int64_t date;
if (str_to_int64(value, 10, &date, NULL)) {
assert(!m->has_date);
status = FIELD_OK;
m->date = date;
m->has_date = 1;
if (config.debug.rhizome_manifest)
DEBUGF("PARSE manifest[%d].date = %"PRItime_ms_t, m->manifest_record_number, m->date);
} else
status = FIELD_MALFORMED;
}
else if (strcasecmp(label, "sender") == 0) {
if (str_to_sid_t(&m->sender, value) != -1) {
assert(!m->has_sender);
status = FIELD_OK;
m->has_sender = 1;
if (config.debug.rhizome_manifest)
DEBUGF("PARSE manifest[%d].sender = %s", m->manifest_record_number, alloca_tohex_sid_t(m->sender));
} else
status = FIELD_MALFORMED;
}
else if (strcasecmp(label, "recipient") == 0) {
if (str_to_sid_t(&m->recipient, value) != -1) {
assert(!m->has_recipient);
status = FIELD_OK;
m->has_recipient = 1;
if (config.debug.rhizome_manifest)
DEBUGF("PARSE manifest[%d].recipient = %s", m->manifest_record_number, alloca_tohex_sid_t(m->recipient));
} else
status = FIELD_MALFORMED;
}
else if (strcasecmp(label, "name") == 0) {
status = FIELD_OK;
m->name = value; // will be free()d when vars[] and values[] are free()d
if (config.debug.rhizome_manifest)
DEBUGF("PARSE manifest[%d].name = %s", m->manifest_record_number, alloca_str_toprint(m->name));
}
else if (strcasecmp(label, "crypt") == 0) {
if (strcmp(value, "0") == 0 || strcmp(value, "1") == 0) {
assert(m->payloadEncryption == PAYLOAD_CRYPT_UNKNOWN);
status = FIELD_OK;
m->payloadEncryption = (value[0] == '1') ? PAYLOAD_ENCRYPTED : PAYLOAD_CLEAR;
if (config.debug.rhizome_manifest)
DEBUGF("PARSE manifest[%d].crypt = %u", m->manifest_record_number, m->payloadEncryption == PAYLOAD_ENCRYPTED ? 1 : 0);
} else
status = FIELD_MALFORMED;
}
const char *reason = NULL;
switch (status) {
case FIELD_OK:
m->vars[m->var_count] = label;
m->values[m->var_count] = value;
++m->var_count;
break;
case FIELD_DUPLICATE:
++has_duplicate;
reason = "duplicate";
break;
case FIELD_INVALID:
++has_invalid_essential;
reason = "invalid";
break;
case FIELD_UNKNOWN:
++m->malformed;
reason = "unsupported";
break;
case FIELD_MALFORMED:
++m->malformed;
reason = "invalid";
break;
default:
abort();
}
if (reason) {
if (config.debug.rhizome_manifest)
DEBUGF("SKIP manifest[%d].%s = %s (%s)", m->manifest_record_number, label, alloca_str_toprint(value), reason);
free((char *)label);
free((char *)value);
}
assert(p < end);
assert(*p == '\n');
}
if ((p < end && *p) || has_invalid_essential || has_duplicate) {
rhizome_manifest_clear(m);
RETURN(1);
}
// The null byte is included in the body (and checksum), not the signature block
if (p < end) {
assert(*p == '\0');
++p;
}
m->manifest_body_bytes = p - (const char *)m->manifestdata;
RETURN(0);
OUT();
}
/* If all essential (transport) fields are present and well formed then sets the m->finalised field
* and returns 1, otherwise returns 0.
*
* Increments m->malformed if any non-essential fields are missing or invalid. It is up to the
* caller to check the m->malformed field and decide whether or not to process a malformed manifest.
*
* @author Andrew Bettison <andrew@servalproject.com>
*/
int rhizome_manifest_validate(rhizome_manifest *m)
{
int ret = 1;
if (!m->has_id) {
if (config.debug.rhizome_manifest)
DEBUG("Missing 'id' field");
ret = 0;
}
if (m->version == 0) {
if (config.debug.rhizome_manifest)
DEBUG("Missing 'version' field");
ret = 0;
}
if (m->filesize == RHIZOME_SIZE_UNSET) {
if (config.debug.rhizome_manifest)
DEBUG("Missing 'filesize' field");
ret = 0;
} else if (m->filesize == 0 && m->has_filehash) {
if (config.debug.rhizome_manifest)
DEBUG("Spurious 'filehash' field");
ret = 0;
} else if (m->filesize != 0 && !m->has_filehash) {
if (config.debug.rhizome_manifest)
DEBUG("Missing 'filehash' field");
ret = 0;
}
// Warn if expected fields are missing or invalid
if (m->service == NULL) {
if (config.debug.rhizome_manifest)
DEBUG("Missing 'service' field");
++m->malformed;
}
else if (strcmp(m->service, RHIZOME_SERVICE_FILE) == 0) {
if (m->name == NULL) {
if (config.debug.rhizome_manifest)
DEBUG("Manifest with service='" RHIZOME_SERVICE_FILE "' missing 'name' field");
++m->malformed;
}
} else if (strcmp(m->service, RHIZOME_SERVICE_MESHMS) == 0
|| strcmp(m->service, RHIZOME_SERVICE_MESHMS2) == 0
) {
if (!m->has_sender) {
if (config.debug.rhizome_manifest)
DEBUGF("Manifest with service='%s' missing 'sender' field", m->service);
++m->malformed;
}
if (!m->has_recipient) {
if (config.debug.rhizome_manifest)
DEBUGF("Manifest with service='%s' missing 'recipient' field", m->service);
++m->malformed;
}
}
else if (!rhizome_str_is_manifest_service(m->service)) {
if (config.debug.rhizome_manifest)
DEBUGF("Manifest invalid 'service' field %s", alloca_str_toprint(m->service));
++m->malformed;
}
if (!m->has_date) {
if (config.debug.rhizome_manifest)
DEBUG("Missing 'date' field");
++m->malformed;
}
m->finalised = ret;
return ret;
}
int rhizome_read_manifest_from_file(rhizome_manifest *m, const char *filename)
{
ssize_t bytes = read_whole_file(filename, m->manifestdata, sizeof m->manifestdata);
if (bytes == -1)
return -1;
m->manifest_all_bytes = (size_t) bytes;
return rhizome_manifest_parse(m);
}
int rhizome_hash_file(rhizome_manifest *m, const char *path, rhizome_filehash_t *hash_out, uint64_t *size_out)
{
/* Gnarf! NaCl's crypto_hash() function needs the whole file passed in in one
go. Trouble is, we need to run Serval DNA on filesystems that lack mmap(),
and may be very resource constrained. Thus we need a streamable SHA-512
implementation.
*/
// TODO encrypted payloads
if (m && m->payloadEncryption == PAYLOAD_ENCRYPTED)
return WHY("Encryption of payloads not implemented");
uint64_t filesize = 0;
SHA512_CTX context;
SHA512_Init(&context);
if (path[0]) {
int fd = open(path, O_RDONLY);
if (fd == -1)
return WHYF_perror("open(%s,O_RDONLY)", alloca_str_toprint(path));
unsigned char buffer[8192];
ssize_t r;
while ((r = read(fd, buffer, sizeof buffer))) {
if (r == -1) {
WHYF_perror("read(%s,%zu)", alloca_str_toprint(path), sizeof buffer);
close(fd);
return -1;
}
SHA512_Update(&context, buffer, (size_t) r);
filesize += (size_t) r;
}
close(fd);
}
// Empty files (including empty path) have no hash.
if (hash_out) {
if (filesize > 0)
SHA512_Final(hash_out->binary, &context);
else
*hash_out = RHIZOME_FILEHASH_NONE;
}
if (size_out)
*size_out = filesize;
SHA512_End(&context, NULL);
return 0;
}
rhizome_manifest manifests[MAX_RHIZOME_MANIFESTS];
char manifest_free[MAX_RHIZOME_MANIFESTS];
int manifest_first_free=-1;
struct __sourceloc manifest_alloc_whence[MAX_RHIZOME_MANIFESTS];
struct __sourceloc manifest_free_whence[MAX_RHIZOME_MANIFESTS];
static void _log_manifest_trace(struct __sourceloc __whence, const char *operation)
{
int count_free = 0;
unsigned i;
for (i = 0; i != MAX_RHIZOME_MANIFESTS; ++i)
if (manifest_free[i])
++count_free;
DEBUGF("%s(): count_free = %d", operation, count_free);
}
rhizome_manifest *_rhizome_new_manifest(struct __sourceloc __whence)
{
if (manifest_first_free<0) {
/* Setup structures */
unsigned i;
for(i=0;i<MAX_RHIZOME_MANIFESTS;i++) {
manifest_alloc_whence[i]=__NOWHERE__;
manifest_free_whence[i]=__NOWHERE__;
manifest_free[i]=1;
}
manifest_first_free=0;
}
/* No free manifests */
if (manifest_first_free>=MAX_RHIZOME_MANIFESTS)
{
unsigned i;
WHYF("%s(): no free manifest records, this probably indicates a memory leak", __FUNCTION__);
WHYF(" Slot# | Last allocated by");
for(i=0;i<MAX_RHIZOME_MANIFESTS;i++) {
WHYF(" %-5d | %s:%d in %s()",
i,
manifest_alloc_whence[i].file,
manifest_alloc_whence[i].line,
manifest_alloc_whence[i].function
);
}
return NULL;
}
rhizome_manifest *m=&manifests[manifest_first_free];
bzero(m,sizeof(rhizome_manifest));
m->manifest_record_number=manifest_first_free;
/* Indicate where manifest was allocated, and that it is no longer
free. */
manifest_alloc_whence[manifest_first_free]=__whence;
manifest_free[manifest_first_free]=0;
manifest_free_whence[manifest_first_free]=__NOWHERE__;
/* Work out where next free manifest record lives */
for (; manifest_first_free < MAX_RHIZOME_MANIFESTS && !manifest_free[manifest_first_free]; ++manifest_first_free)
;
if (config.debug.manifests) _log_manifest_trace(__whence, __FUNCTION__);
// Set global defaults for a manifest (which are not zero)
rhizome_manifest_clear(m);
return m;
}
void _rhizome_manifest_free(struct __sourceloc __whence, rhizome_manifest *m)
{
if (!m) return;
int mid=m->manifest_record_number;
if (m!=&manifests[mid])
FATALF("%s(): asked to free manifest %p, which claims to be manifest slot #%d (%p), but isn't",
__FUNCTION__, m, mid, &manifests[mid]
);
if (manifest_free[mid])
FATALF("%s(): asked to free manifest slot #%d (%p), which was already freed at %s:%d:%s()",
__FUNCTION__, mid, m,
manifest_free_whence[mid].file,
manifest_free_whence[mid].line,
manifest_free_whence[mid].function
);
/* Free variable and signature blocks. */
rhizome_manifest_clear(m);
if (m->dataFileName) {
if (m->dataFileUnlinkOnFree && unlink(m->dataFileName) == -1)
WARNF_perror("unlink(%s)", alloca_str_toprint(m->dataFileName));
free((char *) m->dataFileName);
m->dataFileName = NULL;
}
manifest_free[mid]=1;
manifest_free_whence[mid]=__whence;
if (mid<manifest_first_free) manifest_first_free=mid;
if (config.debug.manifests) _log_manifest_trace(__whence, __FUNCTION__);
return;
}
/* Convert variable list into manifest text body and compute the hash. Do not sign.
*/
static int rhizome_manifest_pack_variables(rhizome_manifest *m)
{
assert(m->var_count <= NELS(m->vars));
strbuf sb = strbuf_local((char*)m->manifestdata, sizeof m->manifestdata);
unsigned i;
for (i = 0; i < m->var_count; ++i) {
strbuf_puts(sb, m->vars[i]);
strbuf_putc(sb, '=');
strbuf_puts(sb, m->values[i]);
strbuf_putc(sb, '\n');
}
if (strbuf_overrun(sb))
return WHYF("Manifest overflow: body of %zu bytes exceeds limit of %zu", strbuf_count(sb) + 1, sizeof m->manifestdata);
m->manifest_body_bytes = strbuf_len(sb) + 1;
if (config.debug.rhizome)
DEBUGF("Repacked variables into manifest: %zu bytes", m->manifest_body_bytes);
m->manifest_all_bytes = m->manifest_body_bytes;
m->selfSigned = 0;
return 0;
}
/* Sign this manifest using it's own BID secret key. Manifest must not already be signed.
* Manifest body hash must already be computed.
*/
int rhizome_manifest_selfsign(rhizome_manifest *m)
{
assert(m->manifest_body_bytes > 0);
assert(m->manifest_body_bytes <= sizeof m->manifestdata);
assert(m->manifestdata[m->manifest_body_bytes - 1] == '\0');
assert(m->manifest_body_bytes == m->manifest_all_bytes); // no signature yet
if (!m->haveSecret)
return WHY("Need private key to sign manifest");
crypto_hash_sha512(m->manifesthash, m->manifestdata, m->manifest_body_bytes);
rhizome_signature sig;
if (rhizome_sign_hash(m, &sig) == -1)
return WHY("rhizome_sign_hash() failed");
assert(sig.signatureLength > 0);
/* Append signature to end of manifest data */
if (sig.signatureLength + m->manifest_body_bytes > sizeof m->manifestdata)
return WHYF("Manifest overflow: body %zu + signature %zu bytes exceeds limit of %zu",
m->manifest_body_bytes,
sig.signatureLength,
sizeof m->manifestdata
);
bcopy(sig.signature, m->manifestdata + m->manifest_body_bytes, sig.signatureLength);
m->manifest_all_bytes = m->manifest_body_bytes + sig.signatureLength;
m->selfSigned = 1;
return 0;
}
int rhizome_write_manifest_file(rhizome_manifest *m, const char *path, char append)
{
if (config.debug.rhizome)
DEBUGF("write manifest (%zd bytes) to %s", m->manifest_all_bytes, path);
assert(m->finalised);
int fd = open(path, O_WRONLY | O_CREAT | (append ? O_APPEND : 0), 0666);
if (fd == -1)
return WHYF_perror("open(%s,O_WRONLY|O_CREAT%s,0666)", alloca_str_toprint(path), append ? "|O_APPEND" : "");
int ret = 0;
unsigned char marker[4];
struct iovec iov[2];
int iovcnt = 1;
iov[0].iov_base = m->manifestdata;
iov[0].iov_len = m->manifest_all_bytes;
if (append) {
write_uint16(marker, m->manifest_all_bytes);
marker[2] = 0x41;
marker[3] = 0x10;
iov[1].iov_base = marker;
iov[1].iov_len = sizeof marker;
iovcnt = 2;
}
if (writev_all(fd, iov, iovcnt) == -1)
ret = -1;
if (close(fd) == -1)
ret = WHY_perror("close");
return ret;
}
int rhizome_manifest_dump(rhizome_manifest *m, const char *msg)
{
unsigned i;
WHYF("Dumping manifest %s:", msg);
for(i=0;i<m->var_count;i++)
WHYF("[%s]=[%s]\n", m->vars[i], m->values[i]);
return 0;
}
enum rhizome_bundle_status rhizome_manifest_finalise(rhizome_manifest *m, rhizome_manifest **mout, int deduplicate)
{
IN();
if (!m->finalised && !rhizome_manifest_validate(m))
RETURN(RHIZOME_BUNDLE_STATUS_INVALID);
// if a manifest was supplied with an ID, don't bother to check for a duplicate.
// we only want to filter out added files with no existing manifest.
if (deduplicate && m->haveSecret != EXISTING_BUNDLE_ID) {
enum rhizome_bundle_status status = rhizome_find_duplicate(m, mout);
switch (status) {
case RHIZOME_BUNDLE_STATUS_DUPLICATE:
case RHIZOME_BUNDLE_STATUS_ERROR:
RETURN(status);
case RHIZOME_BUNDLE_STATUS_NEW:
break;
default:
FATALF("rhizome_find_duplicate() returned %d", status);
}
}
*mout = m;
/* Convert to final form for signing and writing to disk */
if (rhizome_manifest_pack_variables(m))
RETURN(WHY("Could not convert manifest to wire format"));
/* Sign it */
assert(!m->selfSigned);
if (rhizome_manifest_selfsign(m))
RETURN(WHY("Could not sign manifest"));
assert(m->selfSigned);
/* mark manifest as finalised */
enum rhizome_bundle_status status = rhizome_add_manifest(m, mout);
RETURN(status);
OUT();
}
/* Returns 1 if the name was successfully set, 0 if not.
*/
int rhizome_manifest_set_name_from_path(rhizome_manifest *m, const char *filepath)
{
const char *name = strrchr(filepath, '/');
if (name)
++name; // skip '/'
else
name = filepath;
if (!rhizome_str_is_manifest_name(name)) {
WARNF("invalid rhizome name %s -- not used", alloca_str_toprint(name));
return 0;
}
rhizome_manifest_set_name(m, name);
return 1;
}
/* Fill in a few missing manifest fields, to make it easier to use when adding new files:
* - use the current time for "date" and "version"
* - use the given author SID, or the 'sender' if present, as the author
* - create an ID if there is none, otherwise authenticate the existing one
* - if service is file, then use the payload file's basename for "name"
*/
int rhizome_fill_manifest(rhizome_manifest *m, const char *filepath, const sid_t *authorSidp)
{
/* Set version of manifest from current time if not already set. */
if (m->version == 0)
rhizome_manifest_set_version(m, gettime_ms());
/* Set the manifest's author. This must be done before binding to a new ID (below). If no author
* was specified, then the manifest's "sender" field is used, if present.
*/
if (authorSidp)
rhizome_manifest_set_author(m, authorSidp);
else if (m->has_sender)
rhizome_manifest_set_author(m, &m->sender);
/* Set the bundle ID (public key) and secret key.
*/
if (!m->haveSecret && !m->has_id) {
if (config.debug.rhizome)
DEBUG("creating new bundle");
if (rhizome_manifest_createid(m) == -1)
return WHY("Could not bind manifest to an ID");
if (m->authorship != ANONYMOUS)
rhizome_manifest_add_bundle_key(m); // set the BK field
} else {
if (config.debug.rhizome)
DEBUGF("modifying existing bundle bid=%s", alloca_tohex_rhizome_bid_t(m->cryptoSignPublic));
// Modifying an existing bundle. Try to discover the bundle secret key and the author.
rhizome_authenticate_author(m);
// TODO assert that new version > old version?
}
if (m->service == NULL)
return WHYF("missing 'service'");
if (config.debug.rhizome)
DEBUGF("manifest service=%s", m->service);
if (!m->has_date) {
rhizome_manifest_set_date(m, (int64_t) gettime_ms());
if (config.debug.rhizome)
DEBUGF("missing 'date', set default date=%"PRItime_ms_t, m->date);
}
if (strcasecmp(RHIZOME_SERVICE_FILE, m->service) == 0) {
if (m->name) {
if (config.debug.rhizome)
DEBUGF("manifest already contains name=%s", alloca_str_toprint(m->name));
} else if (filepath)
rhizome_manifest_set_name_from_path(m, filepath);
else if (config.debug.rhizome)
DEBUGF("manifest missing 'name'");
}
// Anything sent from one person to another should be considered private and encrypted by default.
if ( m->payloadEncryption == PAYLOAD_CRYPT_UNKNOWN
&& m->has_sender
&& m->has_recipient
&& !is_sid_t_broadcast(m->recipient)
) {
if (config.debug.rhizome)
DEBUGF("Implicitly adding payload encryption due to presense of sender & recipient fields");
rhizome_manifest_set_crypt(m, PAYLOAD_ENCRYPTED);
}
return 0;
}
/* Work out the authorship status of the bundle without performing any cryptographic checks.
* Sets the 'authorship' element and returns 1 if an author was found, 0 if not.
*
* @author Andrew Bettison <andrew@servalproject.com>
*/
int rhizome_lookup_author(rhizome_manifest *m)
{
IN();
unsigned cn, in, kp;
switch (m->authorship) {
case AUTHOR_NOT_CHECKED:
if (config.debug.rhizome)
DEBUGF("manifest[%d] lookup author=%s", m->manifest_record_number, alloca_tohex_sid_t(m->author));
cn = 0, in = 0, kp = 0;
if (keyring_find_sid(keyring, &cn, &in, &kp, &m->author)) {
if (config.debug.rhizome)
DEBUGF("found author");
m->authorship = AUTHOR_LOCAL;
RETURN(1);
}
// fall through
case ANONYMOUS:
if (m->has_sender) {
if (config.debug.rhizome)
DEBUGF("manifest[%d] lookup sender=%s", m->manifest_record_number, alloca_tohex_sid_t(m->sender));
cn = 0, in = 0, kp = 0;
if (keyring_find_sid(keyring, &cn, &in, &kp, &m->sender)) {
if (config.debug.rhizome)
DEBUGF("found sender");
rhizome_manifest_set_author(m, &m->sender);
m->authorship = AUTHOR_LOCAL;
RETURN(1);
}
}
case AUTHENTICATION_ERROR:
case AUTHOR_UNKNOWN:
case AUTHOR_IMPOSTOR:
RETURN(0);
case AUTHOR_LOCAL:
case AUTHOR_AUTHENTIC:
RETURN(1);
}
FATALF("m->authorship = %d", m->authorship);
RETURN(0);
OUT();
}