search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
4853 illumos-gate is not lint-clean when built with openssl 1.0
[unleashed.git] / usr / src / cmd / cmd-inet / usr.lib / wanboot / wanboot-cgi / wanboot-cgi.c
blob1f956eb683ba08d204ae1bf00f369624e7f3935d
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2012 Milan Jurik. All rights reserved.
24 */
25
26 #include <stdio.h>
27 #include <stdlib.h>
28 #include <strings.h>
29 #include <string.h>
30 #include <libgen.h>
31 #include <unistd.h>
32 #include <fcntl.h>
33 #include <errno.h>
34 #include <netdb.h>
35 #include <libnvpair.h>
36 #include <sys/types.h>
37 #include <sys/wait.h>
38 #include <sys/stat.h>
39 #include <sys/param.h>
40 #include <sys/sysmacros.h>
41 #include <sys/mman.h>
42 #include <sys/socket.h>
43 #include <sys/utsname.h>
44 #include <sys/wanboot_impl.h>
45 #include <netinet/in.h>
46 #include <arpa/inet.h>
47
48 #include <openssl/crypto.h>
49 #include <openssl/x509.h>
50 #include <openssl/x509v3.h>
51 #include <openssl/pem.h>
52 #include <openssl/pkcs12.h>
53 #include <openssl/evp.h>
54 #include <openssl/err.h>
55
56 #include <p12aux.h>
57
58 #include <parseURL.h>
59 /*
60 * These can be replaced with wanbootutil.h once the openssl interfaces
61 * are moved to libwanboot.
62 */
63 #include <wanboot/key_util.h>
64 #include <wanboot/key_xdr.h>
65 #include <hmac_sha1.h>
66
67 #include <netboot_paths.h>
68 #include <wanboot_conf.h>
69
70 /*
71 * Exit status:
72 */
73 #define WBCGI_STATUS_OK 0
74 #define WBCGI_STATUS_ERR 1
75
76 #define WBCGI_FILE_EXISTS(file, statbuf) \
77 (stat(file, &statbuf) == 0 && S_ISREG(statbuf.st_mode))
78
79 #define WBCGI_DIR_EXISTS(dir, statbuf) \
80 (stat(dir, &statbuf) == 0 && S_ISDIR(statbuf.st_mode))
81
82 #define WBCGI_HMAC_PATH "/usr/lib/inet/wanboot/hmac"
83 #define WBCGI_ENCR_PATH "/usr/lib/inet/wanboot/encr"
84 #define WBCGI_KEYMGMT_PATH "/usr/lib/inet/wanboot/keymgmt"
85 #define WBCGI_MKISOFS_PATH "/bin/mkisofs"
86
87 #define WBCGI_DEV_URANDOM "/dev/urandom"
88
89 #define WBCGI_CONTENT_TYPE "Content-Type: "
90 #define WBCGI_CONTENT_LENGTH "Content-Length: "
91 #define WBCGI_WANBOOT_BNDTXT "WANBoot_Part_Boundary"
92 #define WBCGI_CRNL "\r\n"
93
94 #define WBCGI_CNSTR "CN="
95 #define WBCGI_CNSTR_LEN (sizeof (WBCGI_CNSTR) - 1)
96 #define WBCGI_NAMESEP ",/\n\r"
97
98 #define WBCGI_MAXBUF 256
99
100 /*
101 * Possible return values from netboot_ftw():
102 */
103 #define WBCGI_FTW_CBOK 2 /* CB terminated walk OK */
104 #define WBCGI_FTW_CBCONT 1 /* CB wants walk should continue */
105 #define WBCGI_FTW_DONE 0 /* Walk terminated without CBERR/CBOK */
106 #define WBCGI_FTW_CBERR -1 /* CB terminated walk with err */
107
108 /*
109 * getsubopt() is used to map one of the contents[] keywords
110 * to one of these types
111 */
112 #define WBCGI_CONTENT_ERROR -1
113 #define WBCGI_CONTENT_BOOTFILE 0
114 #define WBCGI_CONTENT_BOOTFS 1
115 #define WBCGI_CONTENT_ROOTFS 2
116
117 static char *contents[] =
118 { "bootfile", "bootfs", "rootfs", NULL };
119
120 /*
121 * getsubopt() is used to parse the query string for
122 * the keywords defined by queryopts[]
123 */
124 #define WBCGI_QUERYOPT_CONTENT 0
125 #define WBCGI_QUERYOPT_NET 1
126 #define WBCGI_QUERYOPT_CID 2
127 #define WBCGI_QUERYOPT_NONCE 3
128
129 static char *queryopts[] =
130 { "CONTENT", "IP", "CID", "NONCE", NULL };
131
132 static bc_handle_t bc_handle;
133
134
135 static char *
136 status_msg(int status)
137 {
138 char *msg;
139
140 switch (status) {
141 case 400:
142 msg = "Bad Request";
143 break;
144 case 403:
145 msg = "Forbidden";
146 break;
147 case 500:
148 msg = "Internal Server Error";
149 break;
150 default:
151 msg = "Unknown status";
152 break;
153 }
154
155 return (msg);
156 }
157
158 static void
159 print_status(int status, const char *spec_msg)
160 {
161 if (spec_msg == NULL) {
162 spec_msg = "";
163 }
164
165 (void) fprintf(stdout, "Status: %d %s %s%s", status,
166 status_msg(status), spec_msg, WBCGI_CRNL);
167 }
168
169 static char *
170 make_path(const char *root, const char *suffix)
171 {
172 char path[MAXPATHLEN];
173 char *ptr = NULL;
174 int chars;
175
176 if ((chars = snprintf(path, sizeof (path),
177 "%s/%s", root, suffix)) < 0 || chars > sizeof (path) ||
178 (ptr = strdup(path)) == NULL) {
179 print_status(500, "(error making path)");
180 }
181
182 return (ptr);
183 }
184
185 static void
186 free_path(char **pathp)
187 {
188 if (*pathp != NULL) {
189 free(*pathp);
190 *pathp = NULL;
191 }
192 }
193
194 static char *
195 gen_tmppath(const char *prefix, const char *net, const char *cid)
196 {
197 pid_t pid;
198 time_t secs;
199 int chars;
200 char path[MAXPATHLEN];
201 char *ptr = NULL;
202
203 if ((pid = getpid()) < 0 || (secs = time(NULL)) < 0 ||
204 (chars = snprintf(path, sizeof (path), "/tmp/%s_%s_%s_%ld_%ld",
205 prefix, net, cid, pid, secs)) < 0 || chars > sizeof (path) ||
206 (ptr = strdup(path)) == NULL) {
207 print_status(500, "(error creating temporary filename)");
208 }
209
210 return (ptr);
211 }
212
213 /*
214 * File I/O stuff:
215 */
216 static boolean_t
217 write_buffer(int fd, const void *buffer, size_t buflen)
218 {
219 size_t nwritten;
220 ssize_t nbytes;
221 const char *buf = buffer;
222
223 for (nwritten = 0; nwritten < buflen; nwritten += nbytes) {
224 nbytes = write(fd, &buf[nwritten], buflen - nwritten);
225 if (nbytes <= 0) {
226 return (B_FALSE);
227 }
228 }
229
230 return (B_TRUE);
231 }
232
233 static boolean_t
234 write_file(int ofd, const char *filename, size_t size)
235 {
236 boolean_t ret = B_TRUE;
237 int ifd;
238 char buf[1024];
239 size_t rlen;
240 ssize_t wlen;
241
242 if ((ifd = open(filename, O_RDONLY)) < 0) {
243 return (B_FALSE);
244 }
245
246 for (; size != 0; size -= wlen) {
247 rlen = (size < sizeof (buf)) ? size : sizeof (buf);
248
249 if ((wlen = read(ifd, buf, rlen)) < 0 ||
250 !write_buffer(ofd, buf, wlen)) {
251 ret = B_FALSE;
252 break;
253 }
254 }
255 (void) close(ifd);
256
257 return (ret);
258 }
259
260 static boolean_t
261 copy_file(const char *src, const char *dest)
262 {
263 boolean_t ret = B_FALSE;
264 char message[WBCGI_MAXBUF];
265 const size_t chunksize = 16 * PAGESIZE;
266 size_t validsize;
267 size_t nwritten = 0;
268 size_t nbytes = 0;
269 off_t roff;
270 int mflags = MAP_PRIVATE;
271 char *buf = NULL;
272 struct stat st;
273 int rfd = -1;
274 int wfd = -1;
275 int chars;
276
277 if ((rfd = open(src, O_RDONLY)) < 0 ||
278 (wfd = open(dest, O_CREAT|O_EXCL|O_RDWR, S_IRUSR|S_IWUSR)) < 0 ||
279 fstat(rfd, &st) == -1) {
280 goto cleanup;
281 }
282
283 for (nbytes = st.st_size, roff = 0; nwritten < nbytes;
284 nwritten += validsize, roff += validsize) {
285 buf = mmap(buf, chunksize, PROT_READ, mflags, rfd, roff);
286 if (buf == MAP_FAILED) {
287 goto cleanup;
288 }
289 mflags |= MAP_FIXED;
290
291 validsize = MIN(chunksize, nbytes - nwritten);
292 if (!write_buffer(wfd, buf, validsize)) {
293 (void) munmap(buf, chunksize);
294 goto cleanup;
295 }
296
297 }
298 if (buf != NULL) {
299 (void) munmap(buf, chunksize);
300 }
301
302 ret = B_TRUE;
303 cleanup:
304 if (ret == B_FALSE) {
305 if ((chars = snprintf(message, sizeof (message),
306 "error copying %s to %s", src, dest)) > 0 &&
307 chars <= sizeof (message)) {
308 print_status(500, message);
309 } else {
310 print_status(500, NULL);
311 }
312 }
313 if (rfd != -1) {
314 (void) close(rfd);
315 }
316 if (wfd != -1) {
317 (void) close(wfd);
318 }
319
320 return (ret);
321 }
322
323 static boolean_t
324 create_nonce(const char *noncepath, const char *nonce)
325 {
326 boolean_t ret = B_TRUE;
327 int fd;
328
329 if ((fd = open(noncepath,
330 O_WRONLY|O_CREAT|O_EXCL, S_IRUSR|S_IWUSR)) == -1 ||
331 !write_buffer(fd, nonce, strlen(nonce))) {
332 print_status(500, "(error creating nonce file)");
333 ret = B_FALSE;
334 }
335 if (fd != -1) {
336 (void) close(fd);
337 }
338
339 return (ret);
340 }
341
342 static boolean_t
343 create_timestamp(const char *timestamppath, const char *timestamp)
344 {
345 boolean_t ret = B_TRUE;
346 int fd;
347
348 if ((fd = open(timestamppath,
349 O_WRONLY|O_CREAT|O_EXCL, S_IRUSR|S_IWUSR)) == -1 ||
350 !write_buffer(fd, timestamp, strlen(timestamp))) {
351 print_status(500, "(error creating timestamp file)");
352 ret = B_FALSE;
353 }
354 if (fd != -1) {
355 (void) close(fd);
356 }
357
358 return (ret);
359 }
360
361 static boolean_t
362 create_urandom(const char *urandompath)
363 {
364 boolean_t ret = B_TRUE;
365 int fd;
366
367 if ((fd = open(urandompath,
368 O_WRONLY|O_CREAT|O_EXCL, S_IRUSR|S_IWUSR)) == -1 ||
369 !write_file(fd, WBCGI_DEV_URANDOM, 32 * 1024)) {
370 print_status(500, "(error creating urandom file)");
371 ret = B_FALSE;
372 }
373 if (fd != -1) {
374 (void) close(fd);
375 }
376
377 return (ret);
378 }
379
380 static boolean_t
381 create_null_hash(const char *hashpath)
382 {
383 boolean_t ret = B_TRUE;
384 int fd;
385 static char null_hash[HMAC_DIGEST_LEN];
386
387 if ((fd = open(hashpath,
388 O_WRONLY|O_CREAT|O_EXCL, S_IRUSR|S_IWUSR)) == -1 ||
389 !write_buffer(fd, null_hash, sizeof (null_hash))) {
390 print_status(500, "(error creating null hash)");
391 ret = B_FALSE;
392 }
393 if (fd != -1) {
394 (void) close(fd);
395 }
396
397 return (ret);
398 }
399
400
401 static char *
402 determine_doc_root(void)
403 {
404 char *doc_root;
405
406 /*
407 * If DOCUMENT_ROOT is valid, use that.
408 */
409 if ((doc_root = getenv("DOCUMENT_ROOT")) == NULL ||
410 strlen(doc_root) == 0) {
411 /*
412 * No DOCUMENT_ROOT - try PATH_TRANSLATED.
413 */
414 if ((doc_root = getenv("PATH_TRANSLATED")) == NULL ||
415 strlen(doc_root) == 0) {
416 /*
417 * Can't determine the document root.
418 */
419 return (NULL);
420 }
421 }
422
423 return (doc_root);
424 }
425
426 static boolean_t
427 get_request_info(int *contentp, char **netp, char **cidp, char **noncep,
428 char **docrootp)
429 {
430 char *method;
431 char *query_string;
432 char *value;
433 char *junk;
434 int i;
435
436 if ((method = getenv("REQUEST_METHOD")) == NULL ||
437 strncasecmp(method, "GET", strlen("GET") != 0)) {
438 print_status(403, "(GET method expected)");
439 return (B_FALSE);
440 }
441
442 if ((query_string = getenv("QUERY_STRING")) == NULL) {
443 print_status(400, "(empty query string)");
444 return (B_FALSE);
445 }
446
447 for (i = 0; i < strlen(query_string); i++) {
448 if (query_string[i] == '&') {
449 query_string[i] = ',';
450 }
451 }
452
453 *contentp = WBCGI_CONTENT_ERROR;
454 *netp = *cidp = *noncep = NULL;
455
456 if ((*docrootp = determine_doc_root()) == NULL) {
457 print_status(400, "(unable to determine document root)");
458 return (B_FALSE);
459 }
460
461 while (*query_string != '\0') {
462 switch (getsubopt(&query_string, queryopts, &value)) {
463 case WBCGI_QUERYOPT_CONTENT:
464 *contentp = getsubopt(&value, contents, &junk);
465 break;
466 case WBCGI_QUERYOPT_NET:
467 *netp = value;
468 break;
469 case WBCGI_QUERYOPT_CID:
470 *cidp = value;
471 break;
472 case WBCGI_QUERYOPT_NONCE:
473 *noncep = value;
474 break;
475 default:
476 print_status(400, "(illegal query string)");
477 return (B_FALSE);
478 }
479 }
480
481 switch (*contentp) {
482 default:
483 print_status(400, "(missing or illegal CONTENT)");
484 return (B_FALSE);
485
486 case WBCGI_CONTENT_BOOTFS:
487 if (*netp == NULL || *cidp == NULL || *noncep == NULL) {
488 print_status(400,
489 "(CONTENT, IP, CID and NONCE required)");
490 return (B_FALSE);
491 }
492 break;
493
494 case WBCGI_CONTENT_BOOTFILE:
495 case WBCGI_CONTENT_ROOTFS:
496 if (*netp == NULL || *cidp == NULL || *docrootp == NULL) {
497 print_status(400,
498 "(CONTENT, IP, CID and DOCUMENT_ROOT required)");
499 return (B_FALSE);
500 }
501 break;
502 }
503
504 return (B_TRUE);
505 }
506
507 static boolean_t
508 encrypt_payload(const char *payload, const char *encr_payload,
509 const char *keyfile, const char *encryption_type)
510 {
511 struct stat sbuf;
512 int chars;
513 char cmd[MAXPATHLEN];
514 FILE *fp;
515 int status;
516 char msg[WBCGI_MAXBUF];
517
518 if (!WBCGI_FILE_EXISTS(payload, sbuf)) {
519 print_status(500, "(encrypt_payload: missing payload)");
520 return (B_FALSE);
521 }
522
523 if ((chars = snprintf(cmd, sizeof (cmd),
524 "%s -o type=%s -k %s < %s > %s", WBCGI_ENCR_PATH,
525 encryption_type, keyfile, payload, encr_payload)) < 0 ||
526 chars > sizeof (cmd)) {
527 print_status(500, "(encrypt_payload: buffer overflow)");
528 return (B_FALSE);
529 }
530
531 if ((fp = popen(cmd, "w")) == NULL) {
532 print_status(500, "(encrypt_payload: missing/file error)");
533 return (B_FALSE);
534 }
535 if ((status = WEXITSTATUS(pclose(fp))) != 0) {
536 (void) snprintf(msg, sizeof (msg),
537 "(encrypt_payload: failed, status=%d)", status);
538 print_status(500, msg);
539 return (B_FALSE);
540 }
541
542 if (!WBCGI_FILE_EXISTS(encr_payload, sbuf)) {
543 print_status(500, "(encrypt_payload: bad encrypted file)");
544 return (B_FALSE);
545 }
546
547 return (B_TRUE);
548 }
549
550 static boolean_t
551 hash_payload(const char *payload, const char *payload_hash,
552 const char *keyfile)
553 {
554 struct stat sbuf;
555 int chars;
556 char cmd[MAXPATHLEN];
557 FILE *fp;
558 int status;
559 char msg[WBCGI_MAXBUF];
560
561 if (!WBCGI_FILE_EXISTS(payload, sbuf)) {
562 print_status(500, "(hash_payload: missing payload)");
563 return (B_FALSE);
564 }
565
566 if ((chars = snprintf(cmd, sizeof (cmd), "%s -i %s -k %s > %s",
567 WBCGI_HMAC_PATH, payload, keyfile, payload_hash)) < 0 ||
568 chars > sizeof (cmd)) {
569 print_status(500, "(hash_payload: buffer overflow)");
570 return (B_FALSE);
571 }
572
573 if ((fp = popen(cmd, "w")) == NULL) {
574 print_status(500, "(hash_payload: missing/file error)");
575 return (B_FALSE);
576 }
577 if ((status = WEXITSTATUS(pclose(fp))) != 0) {
578 (void) snprintf(msg, sizeof (msg),
579 "(hash_payload: failed, status=%d)", status);
580 print_status(500, msg);
581 return (B_FALSE);
582 }
583
584 if (!WBCGI_FILE_EXISTS(payload_hash, sbuf) ||
585 sbuf.st_size < HMAC_DIGEST_LEN) {
586 print_status(500, "(hash_payload: bad signature file)");
587 return (B_FALSE);
588 }
589
590 return (B_TRUE);
591 }
592
593 static boolean_t
594 extract_keystore(const char *path, const char *keystorepath)
595 {
596 struct stat sbuf;
597 int chars;
598 char cmd[MAXPATHLEN];
599 FILE *fp;
600 int status;
601 char msg[WBCGI_MAXBUF];
602
603 if (!WBCGI_FILE_EXISTS(path, sbuf)) {
604 print_status(500, "(extract_keystore: missing keystore)");
605 return (B_FALSE);
606 }
607
608 if ((chars = snprintf(cmd, sizeof (cmd),
609 "%s -x -f %s -s %s -o type=rsa",
610 WBCGI_KEYMGMT_PATH, keystorepath, path)) < 0 ||
611 chars > sizeof (cmd)) {
612 print_status(500, "(extract_keystore: buffer overflow)");
613 return (B_FALSE);
614 }
615
616 if ((fp = popen(cmd, "w")) == NULL) {
617 print_status(500, "(extract_keystore: missing/file error)");
618 return (B_FALSE);
619 }
620 if ((status = WEXITSTATUS(pclose(fp))) != 0) {
621 (void) snprintf(msg, sizeof (msg),
622 "(extract_keystore: failed, status=%d)", status);
623 print_status(500, msg);
624 return (B_FALSE);
625 }
626
627 if (!WBCGI_FILE_EXISTS(keystorepath, sbuf)) {
628 print_status(500, "(extract_keystore: failed to create)");
629 return (B_FALSE);
630 }
631
632 return (B_TRUE);
633 }
634
635 static boolean_t
636 mkisofs(const char *image_dir, const char *image)
637 {
638 struct stat sbuf;
639 int chars;
640 char cmd[MAXPATHLEN];
641 FILE *fp;
642 int status;
643 char msg[WBCGI_MAXBUF];
644
645 if (!WBCGI_DIR_EXISTS(image_dir, sbuf)) {
646 print_status(500, "(mksiofs: missing image_dir)");
647 return (B_FALSE);
648 }
649
650 if ((chars = snprintf(cmd, sizeof (cmd), "%s -quiet -o %s -r %s",
651 WBCGI_MKISOFS_PATH, image, image_dir)) < 0 ||
652 chars > sizeof (cmd)) {
653 print_status(500, "(mkisofs: buffer overflow)");
654 return (B_FALSE);
655 }
656
657 if ((fp = popen(cmd, "w")) == NULL) {
658 print_status(500, "(mkisofs: missing/file error)");
659 return (B_FALSE);
660 }
661 if ((status = WEXITSTATUS(pclose(fp))) != 0) {
662 (void) snprintf(msg, sizeof (msg),
663 "(mkisofs: failed, status=%d)", status);
664 print_status(500, msg);
665 return (B_FALSE);
666 }
667
668 if (!WBCGI_FILE_EXISTS(image, sbuf)) {
669 print_status(500, "(mksiofs: failed to create image)");
670 return (B_FALSE);
671 }
672
673 return (B_TRUE);
674 }
675
676 /*
677 * This function, when invoked with a file name, optional network and
678 * client ID strings, and callback function will search for the file
679 * in the following locations:
680 *
681 * NB_NETBOOT_ROOT/<network>/<client id>/<file>
682 * NB_NETBOOT_ROOT/<client id>/<file>
683 * NB_NETBOOT_ROOT/<network>/<file>
684 * NB_NETBOOT_ROOT/<file>
685 *
686 * The callback function is invoked each time the file is found until
687 * we have searched all of the above locations or the callback function
688 * returns a value other than WBCGI_FTW_CBCONT.
689 *
690 * Arguments:
691 * filename - Name of file to search for.
692 * net - Optional network number to include in search hierarchy.
693 * cid - Optional client ID to include in search hierarchy.
694 * cb - Callback function to be called when file is found.
695 * arg - Argument to be supplied to the callback funtion.
696 *
697 * Returns:
698 * WBCGI_FTW_DONE, WBCGI_FTW_CBOK or WBCGI_FTW_CBERR.
699 */
700 static int
701 netboot_ftw(const char *filename, const char *net, const char *cid,
702 int (*cb)(const char *, void *arg), void *arg)
703 {
704 char ckpath[4][MAXPATHLEN];
705 int ret;
706 struct stat buf;
707 int i = 0;
708
709 if (snprintf(ckpath[i++], MAXPATHLEN, "%s%s", NB_NETBOOT_ROOT, filename)
710 >= MAXPATHLEN)
711 return (WBCGI_FTW_CBERR);
712
713 if (net != NULL && snprintf(ckpath[i++], MAXPATHLEN, "%s%s/%s",
714 NB_NETBOOT_ROOT, net, filename) >= MAXPATHLEN)
715 return (WBCGI_FTW_CBERR);
716
717 if (cid != NULL) {
718 if (snprintf(ckpath[i++], MAXPATHLEN, "%s%s/%s",
719 NB_NETBOOT_ROOT, cid, filename) >= MAXPATHLEN)
720 return (WBCGI_FTW_CBERR);
721
722 if (net != NULL && snprintf(ckpath[i++], MAXPATHLEN,
723 "%s%s/%s/%s", NB_NETBOOT_ROOT, net, cid, filename) >=
724 MAXPATHLEN)
725 return (WBCGI_FTW_CBERR);
726 }
727
728 /*
729 * Loop through hierarchy and check for file existence.
730 */
731 while (i > 0) {
732 --i;
733 if (WBCGI_FILE_EXISTS(ckpath[i], buf)) {
734 if ((ret = cb(ckpath[i], arg)) != WBCGI_FTW_CBCONT)
735 return (ret);
736 }
737 }
738 return (WBCGI_FTW_DONE);
739 }
740
741 /*ARGSUSED*/
742 static int
743 noact_cb(const char *path, void *arg)
744 {
745 return (WBCGI_FTW_CBOK);
746 }
747
748 static int
749 set_pathname(const char *path, void *pathname)
750 {
751 *(char **)pathname = strdup((char *)path);
752 return (WBCGI_FTW_CBOK);
753 }
754
755 static int
756 create_keystore(const char *path, void *keystorepath)
757 {
758 if (!extract_keystore(path, (char *)keystorepath)) {
759 return (WBCGI_FTW_CBERR);
760 }
761 return (WBCGI_FTW_CBOK);
762 }
763
764 static int
765 copy_certstore(const char *path, void *certstorepath)
766 {
767 if (!copy_file(path, (char *)certstorepath)) {
768 return (WBCGI_FTW_CBERR);
769 }
770 return (WBCGI_FTW_CBOK);
771 }
772
773 /*
774 * Add the certs found in the trustfile found in path (a trust store) to
775 * the file found at bootfs_dir/truststore. If necessary, create the
776 * output file.
777 */
778 static int
779 build_trustfile(const char *path, void *truststorepath)
780 {
781 int ret = WBCGI_FTW_CBERR;
782 STACK_OF(X509) *i_anchors = NULL;
783 STACK_OF(X509) *o_anchors = NULL;
784 char message[WBCGI_MAXBUF];
785 PKCS12 *p12 = NULL;
786 FILE *rfp = NULL;
787 FILE *wfp = NULL;
788 struct stat i_st;
789 struct stat o_st;
790 X509 *x = NULL;
791 int errtype = 0;
792 int wfd = -1;
793 int chars;
794 int i;
795
796 if (!WBCGI_FILE_EXISTS(path, i_st)) {
797 goto cleanup;
798 }
799
800 if (WBCGI_FILE_EXISTS((char *)truststorepath, o_st)) {
801 /*
802 * If we are inadvertantly writing to the input file.
803 * return success.
804 * XXX Pete: how can this happen, and why success?
805 */
806 if (i_st.st_ino == o_st.st_ino) {
807 ret = WBCGI_FTW_CBCONT;
808 goto cleanup;
809 }
810 if ((wfp = fopen((char *)truststorepath, "r+")) == NULL) {
811 goto cleanup;
812 }
813 /*
814 * Read what's already there, so that new information
815 * can be added.
816 */
817 if ((p12 = d2i_PKCS12_fp(wfp, NULL)) == NULL) {
818 errtype = 1;
819 goto cleanup;
820 }
821 i = sunw_PKCS12_parse(p12, WANBOOT_PASSPHRASE, DO_NONE, NULL,
822 0, NULL, NULL, NULL, &o_anchors);
823 if (i <= 0) {
824 errtype = 1;
825 goto cleanup;
826 }
827
828 PKCS12_free(p12);
829 p12 = NULL;
830 } else {
831 if (errno != ENOENT) {
832 chars = snprintf(message, sizeof (message),
833 "(error accessing file %s, error %s)",
834 path, strerror(errno));
835 if (chars > 0 && chars < sizeof (message))
836 print_status(500, message);
837 else
838 print_status(500, NULL);
839 return (WBCGI_FTW_CBERR);
840 }
841
842 /*
843 * Note: We could copy the file to the new trustfile, but
844 * we can't verify the password that way. Therefore, copy
845 * it by reading it.
846 */
847 if ((wfd = open((char *)truststorepath,
848 O_CREAT|O_EXCL|O_RDWR, 0700)) < 0) {
849 goto cleanup;
850 }
851 if ((wfp = fdopen(wfd, "w+")) == NULL) {
852 goto cleanup;
853 }
854 o_anchors = sk_X509_new_null();
855 if (o_anchors == NULL) {
856 goto cleanup;
857 }
858 }
859
860 if ((rfp = fopen(path, "r")) == NULL) {
861 goto cleanup;
862 }
863 if ((p12 = d2i_PKCS12_fp(rfp, NULL)) == NULL) {
864 errtype = 1;
865 goto cleanup;
866 }
867 i = sunw_PKCS12_parse(p12, WANBOOT_PASSPHRASE, DO_NONE, NULL, 0, NULL,
868 NULL, NULL, &i_anchors);
869 if (i <= 0) {
870 errtype = 1;
871 goto cleanup;
872 }
873 PKCS12_free(p12);
874 p12 = NULL;
875
876 /*
877 * Merge the two stacks of pkcs12 certs.
878 */
879 for (i = 0; i < sk_X509_num(i_anchors); i++) {
880 x = sk_X509_delete(i_anchors, i);
881 (void) sk_X509_push(o_anchors, x);
882 }
883
884 /*
885 * Create the pkcs12 structure from the modified input stack and
886 * then write out that structure.
887 */
888 p12 = sunw_PKCS12_create((const char *)WANBOOT_PASSPHRASE, NULL, NULL,
889 o_anchors);
890 if (p12 == NULL) {
891 goto cleanup;
892 }
893 rewind(wfp);
894 if (i2d_PKCS12_fp(wfp, p12) == 0) {
895 goto cleanup;
896 }
897
898 ret = WBCGI_FTW_CBCONT;
899 cleanup:
900 if (ret == WBCGI_FTW_CBERR) {
901 if (errtype == 1) {
902 chars = snprintf(message, sizeof (message),
903 "(internal PKCS12 error while copying %s to %s)",
904 path, (char *)truststorepath);
905 } else {
906 chars = snprintf(message, sizeof (message),
907 "(error copying %s to %s)",
908 path, (char *)truststorepath);
909 }
910 if (chars > 0 && chars <= sizeof (message)) {
911 print_status(500, message);
912 } else {
913 print_status(500, NULL);
914 }
915 }
916 if (rfp != NULL) {
917 (void) fclose(rfp);
918 }
919 if (wfp != NULL) {
920 /* Will also close wfd */
921 (void) fclose(wfp);
922 }
923 if (p12 != NULL) {
924 PKCS12_free(p12);
925 }
926 if (i_anchors != NULL) {
927 sk_X509_pop_free(i_anchors, X509_free);
928 }
929 if (o_anchors != NULL) {
930 sk_X509_pop_free(o_anchors, X509_free);
931 }
932
933 return (ret);
934 }
935
936 static boolean_t
937 check_key_type(const char *keyfile, const char *keytype, int flag)
938 {
939 boolean_t ret = B_FALSE;
940 FILE *key_fp = NULL;
941 wbku_key_attr_t ka;
942
943 /*
944 * Map keytype into the ka structure
945 */
946 if (wbku_str_to_keyattr(keytype, &ka, flag) != WBKU_SUCCESS) {
947 goto cleanup;
948 }
949
950 /*
951 * Open the key file for reading.
952 */
953 if ((key_fp = fopen(keyfile, "r")) == NULL) {
954 goto cleanup;
955 }
956
957 /*
958 * Find the valid client key, if it exists.
959 */
960 if (wbku_find_key(key_fp, NULL, &ka, NULL, B_FALSE) != WBKU_SUCCESS) {
961 goto cleanup;
962 }
963
964 ret = B_TRUE;
965 cleanup:
966 if (key_fp != NULL) {
967 (void) fclose(key_fp);
968 }
969
970 return (ret);
971 }
972
973 static boolean_t
974 resolve_hostname(const char *hostname, nvlist_t *nvl, boolean_t may_be_crap)
975 {
976 struct sockaddr_in sin;
977 struct hostent *hp;
978 struct utsname un;
979 static char myname[SYS_NMLN] = { '\0' };
980 char *cp = NULL;
981 char msg[WBCGI_MAXBUF];
982
983 /*
984 * Initialize cached nodename
985 */
986 if (strlen(myname) == 0) {
987 if (uname(&un) == -1) {
988 (void) snprintf(msg, sizeof (msg),
989 "(unable to retrieve uname, errno %d)", errno);
990 print_status(500, msg);
991 return (B_FALSE);
992 }
993 (void) strcpy(myname, un.nodename);
994 }
995
996 /*
997 * If hostname is local node name, return the address this
998 * request came in on, which is supplied as SERVER_ADDR in the
999 * cgi environment. This ensures we don't send back a possible
1000 * alternate address that may be unreachable from the client's
1001 * network. Otherwise, just resolve with nameservice.
1002 */
1003 if ((strcmp(hostname, myname) != 0) ||
1004 ((cp = getenv("SERVER_ADDR")) == NULL)) {
1005 if (((hp = gethostbyname(hostname)) == NULL) ||
1006 (hp->h_addrtype != AF_INET) ||
1007 (hp->h_length != sizeof (struct in_addr))) {
1008 if (!may_be_crap) {
1009 print_status(500, "(error resolving hostname)");
1010 }
1011 return (may_be_crap);
1012 }
1013 (void) memcpy(&sin.sin_addr, hp->h_addr, hp->h_length);
1014 cp = inet_ntoa(sin.sin_addr);
1015 }
1016
1017 if (nvlist_add_string(nvl, (char *)hostname, cp) != 0) {
1018 print_status(500, "(error adding hostname to nvlist)");
1019 return (B_FALSE);
1020 }
1021
1022 return (B_TRUE);
1023 }
1024
1025 /*
1026 * one_name() is called for each certificate found and is passed the string
1027 * that X509_NAME_oneline() returns. Its job is to find the common name and
1028 * determine whether it is a host name; if it is then a line suitable for
1029 * inclusion in /etc/inet/hosts is written to that file.
1030 */
1031 static boolean_t
1032 one_name(const char *namestr, nvlist_t *nvl)
1033 {
1034 boolean_t ret = B_TRUE;
1035 char *p;
1036 char *q;
1037 char c;
1038
1039 if (namestr != NULL &&
1040 (p = strstr(namestr, WBCGI_CNSTR)) != NULL) {
1041 p += WBCGI_CNSTR_LEN;
1042
1043 if ((q = strpbrk(p, WBCGI_NAMESEP)) != NULL) {
1044 c = *q;
1045 *q = '\0';
1046 ret = resolve_hostname(p, nvl, B_TRUE);
1047 *q = c;
1048 } else {
1049 ret = resolve_hostname(p, nvl, B_TRUE);
1050 }
1051 }
1052
1053 return (ret);
1054 }
1055
1056 /*
1057 * Loop through the certificates in a file
1058 */
1059 static int
1060 get_hostnames(const char *path, void *nvl)
1061 {
1062 int ret = WBCGI_FTW_CBERR;
1063 STACK_OF(X509) *certs = NULL;
1064 PKCS12 *p12 = NULL;
1065 char message[WBCGI_MAXBUF];
1066 char buf[WBCGI_MAXBUF + 1];
1067 FILE *rfp = NULL;
1068 X509 *x = NULL;
1069 int errtype = 0;
1070 int chars;
1071 int i;
1072
1073 if ((rfp = fopen(path, "r")) == NULL) {
1074 goto cleanup;
1075 }
1076
1077 if ((p12 = d2i_PKCS12_fp(rfp, NULL)) == NULL) {
1078 errtype = 1;
1079 goto cleanup;
1080 }
1081 i = sunw_PKCS12_parse(p12, WANBOOT_PASSPHRASE, DO_NONE, NULL, 0, NULL,
1082 NULL, NULL, &certs);
1083 if (i <= 0) {
1084 errtype = 1;
1085 goto cleanup;
1086 }
1087
1088 PKCS12_free(p12);
1089 p12 = NULL;
1090
1091 for (i = 0; i < sk_X509_num(certs); i++) {
1092 x = sk_X509_value(certs, i);
1093 if (!one_name(sunw_issuer_attrs(x, buf, sizeof (buf) - 1),
1094 nvl)) {
1095 goto cleanup;
1096 }
1097 }
1098
1099 ret = WBCGI_FTW_CBCONT;
1100 cleanup:
1101 if (ret == WBCGI_FTW_CBERR) {
1102 if (errtype == 1) {
1103 chars = snprintf(message, sizeof (message),
1104 "(internal PKCS12 error reading %s)", path);
1105 } else {
1106 chars = snprintf(message, sizeof (message),
1107 "error reading %s", path);
1108 }
1109 if (chars > 0 && chars <= sizeof (message)) {
1110 print_status(500, message);
1111 } else {
1112 print_status(500, NULL);
1113 }
1114 }
1115 if (rfp != NULL) {
1116 (void) fclose(rfp);
1117 }
1118 if (p12 != NULL) {
1119 PKCS12_free(p12);
1120 }
1121 if (certs != NULL) {
1122 sk_X509_pop_free(certs, X509_free);
1123 }
1124
1125 return (ret);
1126 }
1127
1128 /*
1129 * Create a hosts file by extracting hosts from client and truststore
1130 * files. Use the CN. Then we should copy that file to the inet dir.
1131 */
1132 static boolean_t
1133 create_hostsfile(const char *hostsfile, const char *net, const char *cid)
1134 {
1135 boolean_t ret = B_FALSE;
1136 nvlist_t *nvl;
1137 nvpair_t *nvp;
1138 FILE *hostfp = NULL;
1139 int hostfd = -1;
1140 int i;
1141 char *hostslist;
1142 const char *bc_urls[] = { BC_ROOT_SERVER, BC_BOOT_LOGGER, NULL };
1143
1144 /*
1145 * Allocate nvlist handle to store our hostname/IP pairs.
1146 */
1147 if (nvlist_alloc(&nvl, NV_UNIQUE_NAME, 0) != 0) {
1148 print_status(500, "(error allocating hostname nvlist)");
1149 goto cleanup;
1150 }
1151
1152 /*
1153 * Extract and resolve hostnames from CNs.
1154 */
1155 if (netboot_ftw(NB_CLIENT_CERT, net, cid,
1156 get_hostnames, nvl) == WBCGI_FTW_CBERR ||
1157 netboot_ftw(NB_CA_CERT, net, cid,
1158 get_hostnames, nvl) == WBCGI_FTW_CBERR) {
1159 goto cleanup;
1160 }
1161
1162 /*
1163 * Extract and resolve hostnames from any URLs in bootconf.
1164 */
1165 for (i = 0; bc_urls[i] != NULL; ++i) {
1166 char *urlstr;
1167 url_t url;
1168
1169 if ((urlstr = bootconf_get(&bc_handle, bc_urls[i])) != NULL &&
1170 url_parse(urlstr, &url) == URL_PARSE_SUCCESS) {
1171 if (!resolve_hostname(url.hport.hostname,
1172 nvl, B_FALSE)) {
1173 goto cleanup;
1174 }
1175 }
1176 }
1177
1178 /*
1179 * If there is a resolve-hosts list in bootconf, resolve those
1180 * hostnames too.
1181 */
1182 if ((hostslist = bootconf_get(&bc_handle, BC_RESOLVE_HOSTS)) != NULL) {
1183 char *hostname;
1184
1185 for (hostname = strtok(hostslist, ","); hostname != NULL;
1186 hostname = strtok(NULL, ",")) {
1187 if (!resolve_hostname(hostname, nvl, B_FALSE)) {
1188 goto cleanup;
1189 }
1190 }
1191 }
1192
1193 /*
1194 * Now write the hostname/IP pairs gathered to the hosts file.
1195 */
1196 if ((hostfd = open(hostsfile,
1197 O_RDWR|O_CREAT|O_EXCL, S_IRUSR|S_IWUSR)) == -1 ||
1198 (hostfp = fdopen(hostfd, "w+")) == NULL) {
1199 print_status(500, "(error creating hosts file)");
1200 goto cleanup;
1201 }
1202 for (nvp = nvlist_next_nvpair(nvl, NULL); nvp != NULL;
1203 nvp = nvlist_next_nvpair(nvl, nvp)) {
1204 char *hostname;
1205 char *ipstr;
1206
1207 hostname = nvpair_name(nvp);
1208 if (nvpair_value_string(nvp, &ipstr) != 0) {
1209 print_status(500, "(nvl error writing hosts file)");
1210 goto cleanup;
1211 }
1212
1213 if (fprintf(hostfp, "%s\t%s\n", ipstr, hostname) < 0) {
1214 print_status(500, "(error writing hosts file)");
1215 goto cleanup;
1216 }
1217 }
1218
1219 ret = B_TRUE;
1220 cleanup:
1221 if (nvl != NULL) {
1222 nvlist_free(nvl);
1223 }
1224 if (hostfp != NULL) {
1225 /*
1226 * hostfd is automatically closed as well.
1227 */
1228 (void) fclose(hostfp);
1229 }
1230
1231 return (ret);
1232 }
1233
1234 static boolean_t
1235 bootfile_payload(const char *docroot, char **bootpathp)
1236 {
1237 boolean_t ret = B_FALSE;
1238 char *boot_file;
1239 struct stat sbuf;
1240
1241 if ((boot_file = bootconf_get(&bc_handle, BC_BOOT_FILE)) == NULL) {
1242 print_status(500, "(boot_file must be specified)");
1243 goto cleanup;
1244 }
1245 if ((*bootpathp = make_path(docroot, boot_file)) == NULL) {
1246 goto cleanup;
1247 }
1248 if (!WBCGI_FILE_EXISTS(*bootpathp, sbuf)) {
1249 print_status(500, "(boot_file missing)");
1250 goto cleanup;
1251 }
1252
1253 ret = B_TRUE;
1254 cleanup:
1255 return (ret);
1256 }
1257
1258 /*
1259 * Create the wanboot file system whose contents are determined by the
1260 * security configuration specified in bootconf.
1261 */
1262 static boolean_t
1263 wanbootfs_payload(const char *net, const char *cid, const char *nonce,
1264 const char *bootconf, char **wanbootfs_imagep)
1265 {
1266 int ret = B_FALSE;
1267
1268 char *server_authentication;
1269 char *client_authentication;
1270 char *scf;
1271
1272 char *bootfs_dir = NULL;
1273 char *bootfs_etc_dir = NULL;
1274 char *bootfs_etc_inet_dir = NULL;
1275 char *bootfs_dev_dir = NULL;
1276
1277 char *systemconf = NULL;
1278 char *keystorepath = NULL;
1279 char *certstorepath = NULL;
1280 char *truststorepath = NULL;
1281 char *bootconfpath = NULL;
1282 char *systemconfpath = NULL;
1283 char *urandompath = NULL;
1284 char *noncepath = NULL;
1285 char *hostspath = NULL;
1286 char *etc_hostspath = NULL;
1287 char *timestamppath = NULL;
1288
1289 boolean_t authenticate_client;
1290 boolean_t authenticate_server;
1291
1292 struct stat sbuf;
1293
1294 /*
1295 * Initialize SSL stuff.
1296 */
1297 sunw_crypto_init();
1298
1299 /*
1300 * Get the security strategy values.
1301 */
1302 client_authentication = bootconf_get(&bc_handle,
1303 BC_CLIENT_AUTHENTICATION);
1304 authenticate_client = (client_authentication != NULL &&
1305 strcmp(client_authentication, "yes") == 0);
1306 server_authentication = bootconf_get(&bc_handle,
1307 BC_SERVER_AUTHENTICATION);
1308 authenticate_server = (server_authentication != NULL &&
1309 strcmp(server_authentication, "yes") == 0);
1310
1311 /*
1312 * Make a temporary directory structure for the wanboot file system.
1313 */
1314 if ((bootfs_dir = gen_tmppath("bootfs_dir", net, cid)) == NULL ||
1315 (bootfs_etc_dir = make_path(bootfs_dir, "etc")) == NULL ||
1316 (bootfs_etc_inet_dir = make_path(bootfs_etc_dir, "inet")) == NULL ||
1317 (bootfs_dev_dir = make_path(bootfs_dir, "dev")) == NULL) {
1318 goto cleanup;
1319 }
1320 if (mkdirp(bootfs_dir, 0700) ||
1321 mkdirp(bootfs_etc_dir, 0700) ||
1322 mkdirp(bootfs_etc_inet_dir, 0700) ||
1323 mkdirp(bootfs_dev_dir, 0700)) {
1324 print_status(500, "(error creating wanbootfs dir structure)");
1325 goto cleanup;
1326 }
1327
1328 if (authenticate_client) {
1329 /*
1330 * Add the client private key.
1331 */
1332 if ((keystorepath = make_path(bootfs_dir,
1333 NB_CLIENT_KEY)) == NULL ||
1334 netboot_ftw(NB_CLIENT_KEY, net, cid,
1335 create_keystore, keystorepath) != WBCGI_FTW_CBOK) {
1336 goto cleanup;
1337 }
1338
1339 /*
1340 * Add the client certificate.
1341 */
1342 if ((certstorepath = make_path(bootfs_dir,
1343 NB_CLIENT_CERT)) == NULL ||
1344 netboot_ftw(NB_CLIENT_CERT, net, cid,
1345 copy_certstore, certstorepath) != WBCGI_FTW_CBOK) {
1346 goto cleanup;
1347 }
1348 }
1349
1350 if (authenticate_client || authenticate_server) {
1351 /*
1352 * Add the trustfile; at least one truststore must exist.
1353 */
1354 if ((truststorepath = make_path(bootfs_dir,
1355 NB_CA_CERT)) == NULL) {
1356 goto cleanup;
1357 }
1358 if (netboot_ftw(NB_CA_CERT, net, cid,
1359 noact_cb, NULL) != WBCGI_FTW_CBOK) {
1360 print_status(500, "(truststore not found)");
1361 }
1362 if (netboot_ftw(NB_CA_CERT, net, cid,
1363 build_trustfile, truststorepath) == WBCGI_FTW_CBERR) {
1364 goto cleanup;
1365 }
1366
1367 /*
1368 * Create the /dev/urandom file.
1369 */
1370 if ((urandompath = make_path(bootfs_dev_dir,
1371 "urandom")) == NULL ||
1372 !create_urandom(urandompath)) {
1373 goto cleanup;
1374 }
1375 }
1376
1377 /*
1378 * Add the wanboot.conf(4) file.
1379 */
1380 if ((bootconfpath = make_path(bootfs_dir, NB_WANBOOT_CONF)) == NULL ||
1381 !copy_file(bootconf, bootconfpath)) {
1382 goto cleanup;
1383 }
1384
1385 /*
1386 * Add the system_conf file if present.
1387 */
1388 if ((scf = bootconf_get(&bc_handle, BC_SYSTEM_CONF)) != NULL) {
1389 if (netboot_ftw(scf, net, cid,
1390 set_pathname, &systemconf) != WBCGI_FTW_CBOK) {
1391 print_status(500, "(system_conf file not found)");
1392 goto cleanup;
1393 }
1394 if ((systemconfpath = make_path(bootfs_dir,
1395 NB_SYSTEM_CONF)) == NULL ||
1396 !copy_file(systemconf, systemconfpath)) {
1397 goto cleanup;
1398 }
1399 }
1400
1401 /*
1402 * Create the /nonce file.
1403 */
1404 if ((noncepath = make_path(bootfs_dir, "nonce")) == NULL ||
1405 !create_nonce(noncepath, nonce)) {
1406 goto cleanup;
1407 }
1408
1409 /*
1410 * Create an /etc/inet/hosts file by extracting hostnames from CN,
1411 * URLs in bootconf and resolve-hosts in bootconf.
1412 */
1413 if ((hostspath = make_path(bootfs_etc_inet_dir, "hosts")) == NULL ||
1414 !create_hostsfile(hostspath, net, cid)) {
1415 goto cleanup;
1416 }
1417
1418 /*
1419 * We would like to create a symbolic link etc/hosts -> etc/inet/hosts,
1420 * but unfortunately the HSFS support in the standalone doesn't handle
1421 * symlinks.
1422 */
1423 if ((etc_hostspath = make_path(bootfs_etc_dir, "hosts")) == NULL ||
1424 !copy_file(hostspath, etc_hostspath)) {
1425 goto cleanup;
1426 }
1427
1428 /*
1429 * Create the /timestamp file.
1430 */
1431 if ((timestamppath = make_path(bootfs_dir, "timestamp")) == NULL ||
1432 !create_timestamp(timestamppath, "timestamp")) {
1433 goto cleanup;
1434 }
1435
1436 /*
1437 * Create an HSFS file system for the directory.
1438 */
1439 if ((*wanbootfs_imagep = gen_tmppath("wanbootfs", net, cid)) == NULL ||
1440 !mkisofs(bootfs_dir, *wanbootfs_imagep)) {
1441 goto cleanup;
1442 }
1443
1444 ret = B_TRUE;
1445 cleanup:
1446 /*
1447 * Clean up temporary files and directories.
1448 */
1449 if (keystorepath != NULL &&
1450 WBCGI_FILE_EXISTS(keystorepath, sbuf)) {
1451 (void) unlink(keystorepath);
1452 }
1453 if (certstorepath != NULL &&
1454 WBCGI_FILE_EXISTS(certstorepath, sbuf)) {
1455 (void) unlink(certstorepath);
1456 }
1457 if (truststorepath != NULL &&
1458 WBCGI_FILE_EXISTS(truststorepath, sbuf)) {
1459 (void) unlink(truststorepath);
1460 }
1461 if (bootconfpath != NULL &&
1462 WBCGI_FILE_EXISTS(bootconfpath, sbuf)) {
1463 (void) unlink(bootconfpath);
1464 }
1465 if (systemconfpath != NULL &&
1466 WBCGI_FILE_EXISTS(systemconfpath, sbuf)) {
1467 (void) unlink(systemconfpath);
1468 }
1469 if (urandompath != NULL &&
1470 WBCGI_FILE_EXISTS(urandompath, sbuf)) {
1471 (void) unlink(urandompath);
1472 }
1473 if (noncepath != NULL &&
1474 WBCGI_FILE_EXISTS(noncepath, sbuf)) {
1475 (void) unlink(noncepath);
1476 }
1477 if (hostspath != NULL &&
1478 WBCGI_FILE_EXISTS(hostspath, sbuf)) {
1479 (void) unlink(hostspath);
1480 }
1481 if (etc_hostspath != NULL &&
1482 WBCGI_FILE_EXISTS(etc_hostspath, sbuf)) {
1483 (void) unlink(etc_hostspath);
1484 }
1485 if (timestamppath != NULL &&
1486 WBCGI_FILE_EXISTS(timestamppath, sbuf)) {
1487 (void) unlink(timestamppath);
1488 }
1489
1490 if (bootfs_etc_inet_dir != NULL &&
1491 WBCGI_DIR_EXISTS(bootfs_etc_inet_dir, sbuf)) {
1492 (void) rmdir(bootfs_etc_inet_dir);
1493 }
1494 if (bootfs_etc_dir != NULL &&
1495 WBCGI_DIR_EXISTS(bootfs_etc_dir, sbuf)) {
1496 (void) rmdir(bootfs_etc_dir);
1497 }
1498 if (bootfs_dev_dir != NULL &&
1499 WBCGI_DIR_EXISTS(bootfs_dev_dir, sbuf)) {
1500 (void) rmdir(bootfs_dev_dir);
1501 }
1502 if (bootfs_dir != NULL &&
1503 WBCGI_DIR_EXISTS(bootfs_dir, sbuf)) {
1504 (void) rmdir(bootfs_dir);
1505 }
1506
1507 /*
1508 * Free allocated memory.
1509 */
1510 free_path(&bootfs_dir);
1511 free_path(&bootfs_etc_dir);
1512 free_path(&bootfs_etc_inet_dir);
1513 free_path(&bootfs_dev_dir);
1514
1515 free_path(&systemconf);
1516 free_path(&keystorepath);
1517 free_path(&certstorepath);
1518 free_path(&truststorepath);
1519 free_path(&bootconfpath);
1520 free_path(&systemconfpath);
1521 free_path(&urandompath);
1522 free_path(&noncepath);
1523 free_path(&hostspath);
1524 free_path(&etc_hostspath);
1525 free_path(&timestamppath);
1526
1527 return (ret);
1528 }
1529
1530 static boolean_t
1531 miniroot_payload(const char *net, const char *cid, const char *docroot,
1532 char **rootpathp, char **rootinfop, boolean_t *https_rootserverp)
1533 {
1534 boolean_t ret = B_FALSE;
1535 char *root_server;
1536 char *root_file;
1537 url_t url;
1538 struct stat sbuf;
1539 char sizebuf[WBCGI_MAXBUF];
1540 int chars;
1541 int fd = -1;
1542
1543 if ((root_server = bootconf_get(&bc_handle, BC_ROOT_SERVER)) == NULL) {
1544 print_status(500, "(root_server must be specified)");
1545 goto cleanup;
1546 }
1547 if (url_parse(root_server, &url) != URL_PARSE_SUCCESS) {
1548 print_status(500, "(root_server URL is invalid)");
1549 }
1550 *https_rootserverp = url.https;
1551
1552 if ((root_file = bootconf_get(&bc_handle, BC_ROOT_FILE)) == NULL) {
1553 print_status(500, "(rootfile must be specified)");
1554 goto cleanup;
1555 }
1556 if ((*rootpathp = make_path(docroot, root_file)) == NULL) {
1557 goto cleanup;
1558 }
1559 if (!WBCGI_FILE_EXISTS(*rootpathp, sbuf)) {
1560 print_status(500, "(root filesystem image missing)");
1561 goto cleanup;
1562 }
1563
1564 if ((*rootinfop = gen_tmppath("mrinfo", net, cid)) == NULL) {
1565 goto cleanup;
1566 }
1567 if ((chars = snprintf(sizebuf, sizeof (sizebuf), "%ld",
1568 sbuf.st_size)) < 0 || chars > sizeof (sizebuf) ||
1569 (fd = open(*rootinfop,
1570 O_RDWR|O_CREAT|O_EXCL, S_IRUSR|S_IWUSR)) == -1 ||
1571 !write_buffer(fd, sizebuf, strlen(sizebuf))) {
1572 print_status(500, "(error creating miniroot info file)");
1573 goto cleanup;
1574 }
1575
1576 ret = B_TRUE;
1577 cleanup:
1578 if (fd != -1) {
1579 (void) close(fd);
1580 }
1581
1582 return (ret);
1583 }
1584
1585 static boolean_t
1586 deliver_payload(const char *payload, const char *payload_hash)
1587 {
1588 int fd = fileno(stdout);
1589 struct stat payload_buf, hash_buf;
1590 int chars;
1591 char main_header[WBCGI_MAXBUF];
1592 char multi_header[WBCGI_MAXBUF];
1593 char multi_header1[WBCGI_MAXBUF];
1594 char multi_header2[WBCGI_MAXBUF];
1595 char multi_end[WBCGI_MAXBUF];
1596 size_t msglen;
1597
1598 if (!WBCGI_FILE_EXISTS(payload, payload_buf) ||
1599 !WBCGI_FILE_EXISTS(payload_hash, hash_buf)) {
1600 print_status(500, "(payload/hash file(s) missing)");
1601 return (B_FALSE);
1602 }
1603
1604 /*
1605 * Multi-part header.
1606 */
1607 if ((chars = snprintf(multi_header, sizeof (multi_header),
1608 "%s--%s%s%sapplication/octet-stream%s%s", WBCGI_CRNL,
1609 WBCGI_WANBOOT_BNDTXT, WBCGI_CRNL, WBCGI_CONTENT_TYPE, WBCGI_CRNL,
1610 WBCGI_CONTENT_LENGTH)) < 0 || chars > sizeof (multi_header)) {
1611 print_status(500, "(error creating multi_header)");
1612 return (B_FALSE);
1613 }
1614
1615 /*
1616 * Multi-part header for part one.
1617 */
1618 if ((chars = snprintf(multi_header1, sizeof (multi_header1),
1619 "%s%ld%s%s", multi_header, payload_buf.st_size, WBCGI_CRNL,
1620 WBCGI_CRNL)) < 0 || chars > sizeof (multi_header1)) {
1621 print_status(500, "(error creating multi_header1)");
1622 return (B_FALSE);
1623 }
1624
1625 /*
1626 * Multi-part header for part two.
1627 */
1628 if ((chars = snprintf(multi_header2, sizeof (multi_header2),
1629 "%s%ld%s%s", multi_header, hash_buf.st_size, WBCGI_CRNL,
1630 WBCGI_CRNL)) < 0 || chars > sizeof (multi_header2)) {
1631 print_status(500, "(error creating multi_header2)");
1632 return (B_FALSE);
1633 }
1634
1635 /*
1636 * End-of-parts Trailer.
1637 */
1638 if ((chars = snprintf(multi_end, sizeof (multi_end),
1639 "%s--%s--%s", WBCGI_CRNL, WBCGI_WANBOOT_BNDTXT,
1640 WBCGI_CRNL)) < 0 || chars > sizeof (multi_end)) {
1641 print_status(500, "(error creating multi_end)");
1642 return (B_FALSE);
1643 }
1644
1645 /*
1646 * Message header.
1647 */
1648 msglen = payload_buf.st_size + hash_buf.st_size +
1649 strlen(multi_header1) + strlen(multi_header2) + strlen(multi_end);
1650
1651 if ((chars = snprintf(main_header, sizeof (main_header),
1652 "%s%u%s%smultipart/mixed; boundary=%s%s%s", WBCGI_CONTENT_LENGTH,
1653 msglen, WBCGI_CRNL, WBCGI_CONTENT_TYPE, WBCGI_WANBOOT_BNDTXT,
1654 WBCGI_CRNL, WBCGI_CRNL)) < 0 || chars > sizeof (main_header)) {
1655 print_status(500, "(error creating main_header)");
1656 return (B_FALSE);
1657 }
1658
1659 /*
1660 * Write the message out. If things fall apart during this then
1661 * there's no way to report the error back to the client.
1662 */
1663 if (!write_buffer(fd, main_header, strlen(main_header)) ||
1664 !write_buffer(fd, multi_header1, strlen(multi_header1)) ||
1665 !write_file(fd, payload, payload_buf.st_size) ||
1666 !write_buffer(fd, multi_header2, strlen(multi_header2)) ||
1667 !write_file(fd, payload_hash, hash_buf.st_size) ||
1668 !write_buffer(fileno(stdout), multi_end, strlen(multi_end))) {
1669 return (B_FALSE);
1670 }
1671
1672 return (B_TRUE);
1673 }
1674
1675
1676 /*ARGSUSED*/
1677 int
1678 main(int argc, char **argv)
1679 {
1680 int ret = WBCGI_STATUS_ERR;
1681 struct stat sbuf;
1682 int content;
1683 char *net;
1684 char *cid;
1685 char *nonce;
1686 char *docroot;
1687 char *payload;
1688 char *signature_type;
1689 char *encryption_type;
1690 char *bootconf = NULL;
1691 char *keyfile = NULL;
1692 char *bootpath = NULL;
1693 char *wanbootfs_image = NULL;
1694 char *rootpath = NULL;
1695 char *miniroot_info = NULL;
1696 char *encr_payload = NULL;
1697 char *payload_hash = NULL;
1698 boolean_t https_rootserver;
1699
1700 /*
1701 * Process the query string.
1702 */
1703 if (!get_request_info(&content, &net, &cid, &nonce, &docroot)) {
1704 goto cleanup;
1705 }
1706
1707 /*
1708 * Sanity check that the netboot directory exists.
1709 */
1710 if (!WBCGI_DIR_EXISTS(NB_NETBOOT_ROOT, sbuf)) {
1711 print_status(500, "(" NB_NETBOOT_ROOT " does not exist)");
1712 goto cleanup;
1713 }
1714
1715 /*
1716 * Get absolute bootconf pathname.
1717 */
1718 if (netboot_ftw(NB_WANBOOT_CONF, net, cid,
1719 set_pathname, &bootconf) != WBCGI_FTW_CBOK) {
1720 print_status(500, "(wanboot.conf not found)");
1721 goto cleanup;
1722 }
1723
1724 /*
1725 * Initialize bc_handle from the given wanboot.conf file.
1726 */
1727 if (bootconf_init(&bc_handle, bootconf) != BC_SUCCESS) {
1728 char message[WBCGI_MAXBUF];
1729 int chars;
1730
1731 chars = snprintf(message, sizeof (message),
1732 "(wanboot.conf error: %s)", bootconf_errmsg(&bc_handle));
1733 if (chars > 0 && chars < sizeof (message))
1734 print_status(500, message);
1735 else
1736 print_status(500, "(wanboot.conf error)");
1737 goto cleanup;
1738 }
1739
1740 /*
1741 * Get and check signature and encryption types,
1742 * presence of helper utilities, keystore, etc.
1743 */
1744 if ((signature_type = bootconf_get(&bc_handle,
1745 BC_SIGNATURE_TYPE)) != NULL) {
1746 if (!WBCGI_FILE_EXISTS(WBCGI_HMAC_PATH, sbuf)) {
1747 print_status(500, "(hmac utility not found)");
1748 goto cleanup;
1749 }
1750 if (keyfile == NULL && netboot_ftw(NB_CLIENT_KEY, net, cid,
1751 set_pathname, &keyfile) != WBCGI_FTW_CBOK) {
1752 print_status(500, "(keystore not found)");
1753 goto cleanup;
1754 }
1755 if (!check_key_type(keyfile, signature_type, WBKU_HASH_KEY)) {
1756 print_status(500, "(hash key not found)");
1757 goto cleanup;
1758 }
1759 }
1760 if ((encryption_type = bootconf_get(&bc_handle,
1761 BC_ENCRYPTION_TYPE)) != NULL) {
1762 if (signature_type == NULL) {
1763 print_status(500, "(encrypted but not signed)");
1764 goto cleanup;
1765 }
1766 if (!WBCGI_FILE_EXISTS(WBCGI_ENCR_PATH, sbuf)) {
1767 print_status(500, "(encr utility not found)");
1768 goto cleanup;
1769 }
1770 if (keyfile == NULL && netboot_ftw(NB_CLIENT_KEY, net, cid,
1771 set_pathname, &keyfile) != WBCGI_FTW_CBOK) {
1772 print_status(500, "(keystore not found)");
1773 goto cleanup;
1774 }
1775 if (!check_key_type(keyfile, encryption_type, WBKU_ENCR_KEY)) {
1776 print_status(500, "(encr key not found)");
1777 goto cleanup;
1778 }
1779 }
1780
1781 /*
1782 * Determine/create our payload.
1783 */
1784 switch (content) {
1785 case WBCGI_CONTENT_BOOTFILE:
1786 if (!bootfile_payload(docroot, &bootpath)) {
1787 goto cleanup;
1788 }
1789 payload = bootpath;
1790
1791 break;
1792
1793 case WBCGI_CONTENT_BOOTFS:
1794 if (!wanbootfs_payload(net, cid, nonce,
1795 bootconf, &wanbootfs_image)) {
1796 goto cleanup;
1797 }
1798 payload = wanbootfs_image;
1799
1800 break;
1801
1802 case WBCGI_CONTENT_ROOTFS:
1803 if (!miniroot_payload(net, cid, docroot,
1804 &rootpath, &miniroot_info, &https_rootserver)) {
1805 goto cleanup;
1806 }
1807 payload = rootpath;
1808
1809 break;
1810 }
1811
1812 /*
1813 * Encrypt the payload if necessary.
1814 */
1815 if (content != WBCGI_CONTENT_BOOTFILE &&
1816 content != WBCGI_CONTENT_ROOTFS &&
1817 encryption_type != NULL) {
1818 if ((encr_payload = gen_tmppath("encr", net, cid)) == NULL) {
1819 goto cleanup;
1820 }
1821
1822 if (!encrypt_payload(payload, encr_payload, keyfile,
1823 encryption_type)) {
1824 goto cleanup;
1825 }
1826
1827 payload = encr_payload;
1828 }
1829
1830 /*
1831 * Compute the hash (actual or null).
1832 */
1833 if ((payload_hash = gen_tmppath("hash", net, cid)) == NULL) {
1834 goto cleanup;
1835 }
1836
1837 if (signature_type != NULL &&
1838 (content != WBCGI_CONTENT_ROOTFS || !https_rootserver)) {
1839 if (!hash_payload(payload, payload_hash, keyfile)) {
1840 goto cleanup;
1841 }
1842 } else {
1843 if (!create_null_hash(payload_hash)) {
1844 goto cleanup;
1845 }
1846 }
1847
1848 /*
1849 * For the rootfs the actual payload transmitted is the file
1850 * containing the size of the rootfs (as a string of ascii digits);
1851 * point payload at this instead.
1852 */
1853 if (content == WBCGI_CONTENT_ROOTFS) {
1854 payload = miniroot_info;
1855 }
1856
1857 /*
1858 * Finally, deliver the payload and hash as a multipart message.
1859 */
1860 if (!deliver_payload(payload, payload_hash)) {
1861 goto cleanup;
1862 }
1863
1864 ret = WBCGI_STATUS_OK;
1865 cleanup:
1866 /*
1867 * Clean up temporary files.
1868 */
1869 if (wanbootfs_image != NULL &&
1870 WBCGI_FILE_EXISTS(wanbootfs_image, sbuf)) {
1871 (void) unlink(wanbootfs_image);
1872 }
1873 if (miniroot_info != NULL &&
1874 WBCGI_FILE_EXISTS(miniroot_info, sbuf)) {
1875 (void) unlink(miniroot_info);
1876 }
1877 if (encr_payload != NULL &&
1878 WBCGI_FILE_EXISTS(encr_payload, sbuf)) {
1879 (void) unlink(encr_payload);
1880 }
1881 if (payload_hash != NULL &&
1882 WBCGI_FILE_EXISTS(payload_hash, sbuf)) {
1883 (void) unlink(payload_hash);
1884 }
1885
1886 /*
1887 * Free up any allocated strings.
1888 */
1889 free_path(&bootconf);
1890 free_path(&keyfile);
1891 free_path(&bootpath);
1892 free_path(&wanbootfs_image);
1893 free_path(&rootpath);
1894 free_path(&miniroot_info);
1895 free_path(&encr_payload);
1896 free_path(&payload_hash);
1897
1898 bootconf_end(&bc_handle);
1899
1900 return (ret);
1901 }
Unleashed OS