File: | src/usr.sbin/acme-client/main.c |
Warning: | line 382, column 2 Potential leak of memory pointed to by 'conffile' |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* $Id: main.c,v 1.55 2022/05/05 19:51:35 florian Exp $ */ | |||
2 | /* | |||
3 | * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> | |||
4 | * | |||
5 | * Permission to use, copy, modify, and distribute this software for any | |||
6 | * purpose with or without fee is hereby granted, provided that the above | |||
7 | * copyright notice and this permission notice appear in all copies. | |||
8 | * | |||
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES | |||
10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | |||
11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR | |||
12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |||
13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |||
14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |||
15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |||
16 | */ | |||
17 | ||||
18 | #include <sys/socket.h> | |||
19 | ||||
20 | #include <ctype.h> | |||
21 | #include <err.h> | |||
22 | #include <libgen.h> | |||
23 | #include <locale.h> | |||
24 | #include <stdarg.h> | |||
25 | #include <stdio.h> | |||
26 | #include <stdlib.h> | |||
27 | #include <string.h> | |||
28 | #include <unistd.h> | |||
29 | ||||
30 | #include "extern.h" | |||
31 | #include "parse.h" | |||
32 | ||||
33 | #define WWW_DIR"/var/www/acme" "/var/www/acme" | |||
34 | #define CONF_FILE"/etc/acme-client.conf" "/etc/acme-client.conf" | |||
35 | ||||
36 | int verbose; | |||
37 | enum comp proccomp; | |||
38 | ||||
39 | int | |||
40 | main(int argc, char *argv[]) | |||
41 | { | |||
42 | const char **alts = NULL((void *)0); | |||
43 | char *certdir = NULL((void *)0); | |||
44 | char *chngdir = NULL((void *)0), *auth = NULL((void *)0); | |||
45 | char *conffile = CONF_FILE"/etc/acme-client.conf"; | |||
46 | char *tmps, *tmpsd; | |||
47 | int key_fds[2], acct_fds[2], chng_fds[2], cert_fds[2]; | |||
48 | int file_fds[2], dns_fds[2], rvk_fds[2]; | |||
49 | int force = 0; | |||
50 | int c, rc, revocate = 0; | |||
51 | int popts = 0; | |||
52 | pid_t pids[COMP__MAX]; | |||
53 | size_t i, altsz, ne; | |||
54 | ||||
55 | struct acme_conf *conf = NULL((void *)0); | |||
56 | struct authority_c *authority = NULL((void *)0); | |||
57 | struct domain_c *domain = NULL((void *)0); | |||
58 | struct altname_c *ac; | |||
59 | ||||
60 | if (setlocale(LC_CTYPE2, "C") == NULL((void *)0)) | |||
| ||||
61 | errx(1, "setlocale"); | |||
62 | ||||
63 | while ((c = getopt(argc, argv, "Fnrvf:")) != -1) | |||
64 | switch (c) { | |||
65 | case 'F': | |||
66 | force = 1; | |||
67 | break; | |||
68 | case 'f': | |||
69 | if ((conffile = strdup(optarg)) == NULL((void *)0)) | |||
70 | err(EXIT_FAILURE1, "strdup"); | |||
71 | break; | |||
72 | case 'n': | |||
73 | popts |= ACME_OPT_CHECK0x00000004; | |||
74 | break; | |||
75 | case 'r': | |||
76 | revocate = 1; | |||
77 | break; | |||
78 | case 'v': | |||
79 | verbose = verbose ? 2 : 1; | |||
80 | popts |= ACME_OPT_VERBOSE0x00000001; | |||
81 | break; | |||
82 | default: | |||
83 | goto usage; | |||
84 | } | |||
85 | ||||
86 | if (getuid() != 0) | |||
87 | errx(EXIT_FAILURE1, "must be run as root"); | |||
88 | ||||
89 | /* parse config file */ | |||
90 | if ((conf = parse_config(conffile, popts)) == NULL((void *)0)) | |||
91 | return EXIT_FAILURE1; | |||
92 | ||||
93 | argc -= optind; | |||
94 | argv += optind; | |||
95 | if (argc != 1) | |||
96 | goto usage; | |||
97 | ||||
98 | if ((domain = domain_find_handle(conf, argv[0])) == NULL((void *)0)) | |||
99 | errx(EXIT_FAILURE1, "domain %s not found", argv[0]); | |||
100 | ||||
101 | argc--; | |||
102 | argv++; | |||
103 | ||||
104 | /* | |||
105 | * The parser enforces that at least cert or fullchain is set. | |||
106 | * XXX Test if cert, chain and fullchain have the same dirname? | |||
107 | */ | |||
108 | tmps = domain->cert ? domain->cert : domain->fullchain; | |||
109 | if ((tmps = strdup(tmps)) == NULL((void *)0)) | |||
110 | err(EXIT_FAILURE1, "strdup"); | |||
111 | if ((tmpsd = dirname(tmps)) == NULL((void *)0)) | |||
112 | err(EXIT_FAILURE1, "dirname"); | |||
113 | if ((certdir = strdup(tmpsd)) == NULL((void *)0)) | |||
114 | err(EXIT_FAILURE1, "strdup"); | |||
115 | free(tmps); | |||
116 | tmps = tmpsd = NULL((void *)0); | |||
117 | ||||
118 | ||||
119 | /* chain or fullchain can be relative paths according */ | |||
120 | if (domain->chain && domain->chain[0] != '/') { | |||
121 | if (asprintf(&tmps, "%s/%s", certdir, domain->chain) == -1) | |||
122 | err(EXIT_FAILURE1, "asprintf"); | |||
123 | free(domain->chain); | |||
124 | domain->chain = tmps; | |||
125 | tmps = NULL((void *)0); | |||
126 | } | |||
127 | if (domain->fullchain && domain->fullchain[0] != '/') { | |||
128 | if (asprintf(&tmps, "%s/%s", certdir, domain->fullchain) == -1) | |||
129 | err(EXIT_FAILURE1, "asprintf"); | |||
130 | free(domain->fullchain); | |||
131 | domain->fullchain = tmps; | |||
132 | tmps = NULL((void *)0); | |||
133 | } | |||
134 | ||||
135 | if ((auth = domain->auth) == NULL((void *)0)) { | |||
136 | /* use the first authority from the config as default XXX */ | |||
137 | authority = authority_find0(conf); | |||
138 | if (authority == NULL((void *)0)) | |||
139 | errx(EXIT_FAILURE1, "no authorities configured"); | |||
140 | } else { | |||
141 | authority = authority_find(conf, auth); | |||
142 | if (authority == NULL((void *)0)) | |||
143 | errx(EXIT_FAILURE1, "authority %s not found", auth); | |||
144 | } | |||
145 | ||||
146 | if ((chngdir = domain->challengedir) == NULL((void *)0)) | |||
147 | if ((chngdir = strdup(WWW_DIR"/var/www/acme")) == NULL((void *)0)) | |||
148 | err(EXIT_FAILURE1, "strdup"); | |||
149 | ||||
150 | /* | |||
151 | * Do some quick checks to see if our paths exist. | |||
152 | * This will be done in the children, but we might as well check | |||
153 | * now before the fork. | |||
154 | * XXX maybe use conf_check_file() from parse.y | |||
155 | */ | |||
156 | ||||
157 | ne = 0; | |||
158 | ||||
159 | if (access(certdir, R_OK0x04) == -1) { | |||
160 | warnx("%s: cert directory must exist", certdir); | |||
161 | ne++; | |||
162 | } | |||
163 | ||||
164 | if (access(chngdir, R_OK0x04) == -1) { | |||
165 | warnx("%s: challenge directory must exist", chngdir); | |||
166 | ne++; | |||
167 | } | |||
168 | ||||
169 | if (ne > 0) | |||
170 | return EXIT_FAILURE1; | |||
171 | ||||
172 | if (popts & ACME_OPT_CHECK0x00000004) | |||
173 | return EXIT_SUCCESS0; | |||
174 | ||||
175 | /* Set the zeroth altname as our domain. */ | |||
176 | altsz = domain->altname_count + 1; | |||
177 | alts = calloc(altsz, sizeof(char *)); | |||
178 | if (alts == NULL((void *)0)) | |||
179 | err(EXIT_FAILURE1, "calloc"); | |||
180 | alts[0] = domain->domain; | |||
181 | i = 1; | |||
182 | /* XXX get rid of alts[] later */ | |||
183 | TAILQ_FOREACH(ac, &domain->altname_list, entry)for((ac) = ((&domain->altname_list)->tqh_first); (ac ) != ((void *)0); (ac) = ((ac)->entry.tqe_next)) | |||
184 | alts[i++] = ac->domain; | |||
185 | ||||
186 | /* | |||
187 | * Open channels between our components. | |||
188 | */ | |||
189 | ||||
190 | if (socketpair(AF_UNIX1, SOCK_STREAM1, 0, key_fds) == -1) | |||
191 | err(EXIT_FAILURE1, "socketpair"); | |||
192 | if (socketpair(AF_UNIX1, SOCK_STREAM1, 0, acct_fds) == -1) | |||
193 | err(EXIT_FAILURE1, "socketpair"); | |||
194 | if (socketpair(AF_UNIX1, SOCK_STREAM1, 0, chng_fds) == -1) | |||
195 | err(EXIT_FAILURE1, "socketpair"); | |||
196 | if (socketpair(AF_UNIX1, SOCK_STREAM1, 0, cert_fds) == -1) | |||
197 | err(EXIT_FAILURE1, "socketpair"); | |||
198 | if (socketpair(AF_UNIX1, SOCK_STREAM1, 0, file_fds) == -1) | |||
199 | err(EXIT_FAILURE1, "socketpair"); | |||
200 | if (socketpair(AF_UNIX1, SOCK_STREAM1, 0, dns_fds) == -1) | |||
201 | err(EXIT_FAILURE1, "socketpair"); | |||
202 | if (socketpair(AF_UNIX1, SOCK_STREAM1, 0, rvk_fds) == -1) | |||
203 | err(EXIT_FAILURE1, "socketpair"); | |||
204 | ||||
205 | /* Start with the network-touching process. */ | |||
206 | ||||
207 | if ((pids[COMP_NET] = fork()) == -1) | |||
208 | err(EXIT_FAILURE1, "fork"); | |||
209 | ||||
210 | if (pids[COMP_NET] == 0) { | |||
211 | proccomp = COMP_NET; | |||
212 | close(key_fds[0]); | |||
213 | close(acct_fds[0]); | |||
214 | close(chng_fds[0]); | |||
215 | close(cert_fds[0]); | |||
216 | close(file_fds[0]); | |||
217 | close(file_fds[1]); | |||
218 | close(dns_fds[0]); | |||
219 | close(rvk_fds[0]); | |||
220 | c = netproc(key_fds[1], acct_fds[1], | |||
221 | chng_fds[1], cert_fds[1], | |||
222 | dns_fds[1], rvk_fds[1], | |||
223 | revocate, authority, | |||
224 | (const char *const *)alts, altsz); | |||
225 | exit(c ? EXIT_SUCCESS0 : EXIT_FAILURE1); | |||
226 | } | |||
227 | ||||
228 | close(key_fds[1]); | |||
229 | close(acct_fds[1]); | |||
230 | close(chng_fds[1]); | |||
231 | close(cert_fds[1]); | |||
232 | close(dns_fds[1]); | |||
233 | close(rvk_fds[1]); | |||
234 | ||||
235 | /* Now the key-touching component. */ | |||
236 | ||||
237 | if ((pids[COMP_KEY] = fork()) == -1) | |||
238 | err(EXIT_FAILURE1, "fork"); | |||
239 | ||||
240 | if (pids[COMP_KEY] == 0) { | |||
241 | proccomp = COMP_KEY; | |||
242 | close(cert_fds[0]); | |||
243 | close(dns_fds[0]); | |||
244 | close(rvk_fds[0]); | |||
245 | close(acct_fds[0]); | |||
246 | close(chng_fds[0]); | |||
247 | close(file_fds[0]); | |||
248 | close(file_fds[1]); | |||
249 | c = keyproc(key_fds[0], domain->key, | |||
250 | (const char **)alts, altsz, | |||
251 | domain->keytype); | |||
252 | exit(c ? EXIT_SUCCESS0 : EXIT_FAILURE1); | |||
253 | } | |||
254 | ||||
255 | close(key_fds[0]); | |||
256 | ||||
257 | /* The account-touching component. */ | |||
258 | ||||
259 | if ((pids[COMP_ACCOUNT] = fork()) == -1) | |||
260 | err(EXIT_FAILURE1, "fork"); | |||
261 | ||||
262 | if (pids[COMP_ACCOUNT] == 0) { | |||
263 | proccomp = COMP_ACCOUNT; | |||
264 | close(cert_fds[0]); | |||
265 | close(dns_fds[0]); | |||
266 | close(rvk_fds[0]); | |||
267 | close(chng_fds[0]); | |||
268 | close(file_fds[0]); | |||
269 | close(file_fds[1]); | |||
270 | c = acctproc(acct_fds[0], authority->account, | |||
271 | authority->keytype); | |||
272 | exit(c ? EXIT_SUCCESS0 : EXIT_FAILURE1); | |||
273 | } | |||
274 | ||||
275 | close(acct_fds[0]); | |||
276 | ||||
277 | /* The challenge-accepting component. */ | |||
278 | ||||
279 | if ((pids[COMP_CHALLENGE] = fork()) == -1) | |||
280 | err(EXIT_FAILURE1, "fork"); | |||
281 | ||||
282 | if (pids[COMP_CHALLENGE] == 0) { | |||
283 | proccomp = COMP_CHALLENGE; | |||
284 | close(cert_fds[0]); | |||
285 | close(dns_fds[0]); | |||
286 | close(rvk_fds[0]); | |||
287 | close(file_fds[0]); | |||
288 | close(file_fds[1]); | |||
289 | c = chngproc(chng_fds[0], chngdir); | |||
290 | exit(c ? EXIT_SUCCESS0 : EXIT_FAILURE1); | |||
291 | } | |||
292 | ||||
293 | close(chng_fds[0]); | |||
294 | ||||
295 | /* The certificate-handling component. */ | |||
296 | ||||
297 | if ((pids[COMP_CERT] = fork()) == -1) | |||
298 | err(EXIT_FAILURE1, "fork"); | |||
299 | ||||
300 | if (pids[COMP_CERT] == 0) { | |||
301 | proccomp = COMP_CERT; | |||
302 | close(dns_fds[0]); | |||
303 | close(rvk_fds[0]); | |||
304 | close(file_fds[1]); | |||
305 | c = certproc(cert_fds[0], file_fds[0]); | |||
306 | exit(c ? EXIT_SUCCESS0 : EXIT_FAILURE1); | |||
307 | } | |||
308 | ||||
309 | close(cert_fds[0]); | |||
310 | close(file_fds[0]); | |||
311 | ||||
312 | /* The certificate-handling component. */ | |||
313 | ||||
314 | if ((pids[COMP_FILE] = fork()) == -1) | |||
315 | err(EXIT_FAILURE1, "fork"); | |||
316 | ||||
317 | if (pids[COMP_FILE] == 0) { | |||
318 | proccomp = COMP_FILE; | |||
319 | close(dns_fds[0]); | |||
320 | close(rvk_fds[0]); | |||
321 | c = fileproc(file_fds[1], certdir, domain->cert, domain->chain, | |||
322 | domain->fullchain); | |||
323 | /* | |||
324 | * This is different from the other processes in that it | |||
325 | * can return 2 if the certificates were updated. | |||
326 | */ | |||
327 | exit(c > 1 ? 2 : (c ? EXIT_SUCCESS0 : EXIT_FAILURE1)); | |||
328 | } | |||
329 | ||||
330 | close(file_fds[1]); | |||
331 | ||||
332 | /* The DNS lookup component. */ | |||
333 | ||||
334 | if ((pids[COMP_DNS] = fork()) == -1) | |||
335 | err(EXIT_FAILURE1, "fork"); | |||
336 | ||||
337 | if (pids[COMP_DNS] == 0) { | |||
338 | proccomp = COMP_DNS; | |||
339 | close(rvk_fds[0]); | |||
340 | c = dnsproc(dns_fds[0]); | |||
341 | exit(c ? EXIT_SUCCESS0 : EXIT_FAILURE1); | |||
342 | } | |||
343 | ||||
344 | close(dns_fds[0]); | |||
345 | ||||
346 | /* The expiration component. */ | |||
347 | ||||
348 | if ((pids[COMP_REVOKE] = fork()) == -1) | |||
349 | err(EXIT_FAILURE1, "fork"); | |||
350 | ||||
351 | if (pids[COMP_REVOKE] == 0) { | |||
352 | proccomp = COMP_REVOKE; | |||
353 | c = revokeproc(rvk_fds[0], domain->cert != NULL((void *)0) ? domain->cert : | |||
354 | domain->fullchain, force, revocate, | |||
355 | (const char *const *)alts, altsz); | |||
356 | exit(c ? EXIT_SUCCESS0 : EXIT_FAILURE1); | |||
357 | } | |||
358 | ||||
359 | close(rvk_fds[0]); | |||
360 | ||||
361 | /* Jail: sandbox, file-system, user. */ | |||
362 | ||||
363 | if (pledge("stdio", NULL((void *)0)) == -1) | |||
364 | err(EXIT_FAILURE1, "pledge"); | |||
365 | ||||
366 | /* | |||
367 | * Collect our subprocesses. | |||
368 | * Require that they both have exited cleanly. | |||
369 | */ | |||
370 | ||||
371 | rc = checkexit(pids[COMP_KEY], COMP_KEY) + | |||
372 | checkexit(pids[COMP_CERT], COMP_CERT) + | |||
373 | checkexit(pids[COMP_NET], COMP_NET) + | |||
374 | checkexit_ext(&c, pids[COMP_FILE], COMP_FILE) + | |||
375 | checkexit(pids[COMP_ACCOUNT], COMP_ACCOUNT) + | |||
376 | checkexit(pids[COMP_CHALLENGE], COMP_CHALLENGE) + | |||
377 | checkexit(pids[COMP_DNS], COMP_DNS) + | |||
378 | checkexit(pids[COMP_REVOKE], COMP_REVOKE); | |||
379 | ||||
380 | return rc != COMP__MAX ? EXIT_FAILURE1 : (c == 2 ? EXIT_SUCCESS0 : 2); | |||
381 | usage: | |||
382 | fprintf(stderr(&__sF[2]), | |||
| ||||
383 | "usage: acme-client [-Fnrv] [-f configfile] handle\n"); | |||
384 | return EXIT_FAILURE1; | |||
385 | } |