From 552276c8666dec5373d8312bc3498b1887ddb0a8 Mon Sep 17 00:00:00 2001 From: Dave Brolley Date: Fri, 30 Jan 2009 15:43:34 -0500 Subject: More security checking for client/server. Set exec_prefix and sysconfdir at install time. --- stap-server | 55 +++++++++++++++++++++++++++++++++---------------------- 1 file changed, 33 insertions(+), 22 deletions(-) (limited to 'stap-server') diff --git a/stap-server b/stap-server index 4f1ccf9b..64d26d13 100755 --- a/stap-server +++ b/stap-server @@ -21,6 +21,12 @@ trap 'terminate' SIGTERM SIGINT #----------------------------------------------------------------------------- # function: configuration function configuration { + # INSTALL-HOOK These settings work for running the client from the source tree + # INSTALL-HOOK using the dejagnu test harness and will be overridden at install + # INSTALL-HOOK time. + exec_prefix= + sysconfdir=`pwd`/net + # Configuration tmpdir_prefix_client=stap.client tmpdir_prefix_server=stap.server @@ -36,28 +42,38 @@ function initialization { p_phase=5 keep_temps=0 - # Where are we installed? - exec_prefix=`dirname $0` - exec_prefix=`cd $exec_prefix && pwd` - # Request file name. zip_client=$1 + test "X$zip_client" != "X" || \ + fatal "Client request file not specified" test -f $zip_client || \ - fatal "ERROR: Unable to find request file $zip_client" + fatal "Unable to find request file $zip_client" # Temp directory we will be working in tmpdir_server=$2 + test "X$tmpdir_server" != "X" || \ + fatal "Server temporary directory not specified" test -d $tmpdir_server || \ - fatal "ERROR: Cannot find temporary directory $tmpdir_server" + fatal "Unable to find temporary directory $tmpdir_server" tmpdir_env=`dirname $tmpdir_server` # Signed reponse file name. jar_server=$3 + test "X$jar_server" != "X" || \ + fatal ".jar archive file not specified" + # Make sure the specified .jar file exists. + test -f $jar_server || \ + fatal "Unable to find .jar archive file $jar_server" # Where is the ssl certificate/key database? ssl_db=$4 - test "X$ssl_db" = "X" && ssl_db=/etc/systemtap/ssl/server + test "X$ssl_db" != "X" || \ + fatal "SSL certificate database not specified" + test -d $ssl_db || \ + fatal "Unable to find SSL certificate database $ssl_db" nss_pw=$ssl_db/pw + test -f $nss_pw || \ + fatal "Unable to find SSL certificate database password file $nss_pw" nss_cert=stap-server } @@ -70,23 +86,23 @@ function unpack_request { # Unpack the zip file. unzip $zip_client > /dev/null || \ - fatal "ERROR: cannot unpack zip archive $zip_client" + fatal "Cannot unpack zip archive $zip_client" # Identify the client's request tree. The zip file should have expanded # into a single directory named to match $tmpdir_prefix_client.?????? # which should now be the only item in the current directory. test "`ls | wc -l`" = 1 || \ - fatal "ERROR: Wrong number of files after expansion of client's zip file" + fatal "Wrong number of files after expansion of client's zip file" tmpdir_client=`ls` tmpdir_client=`expr "$tmpdir_client" : "\\\($tmpdir_prefix_client\\\\.......\\\)"` test "X$tmpdir_client" != "X" || \ - fatal "ERROR: client zip file did not expand as expected" + fatal "Client zip file did not expand as expected" # Move the client's temp directory to a local temp location local local_tmpdir_client=`mktemp -dt $tmpdir_prefix_server.client.XXXXXX` || \ - fatal "ERROR: cannot create temporary zip file " $local_tmpdir_client + fatal "Cannot create temporary zip file " $local_tmpdir_client mv $tmpdir_client/* $local_tmpdir_client rm -fr $tmpdir_client tmpdir_client=$local_tmpdir_client @@ -129,7 +145,7 @@ function check_compatibility { local sysinfo2=$2 if test "$sysinfo1" != "$sysinfo2"; then - error "ERROR: system configuration mismatch" + error "System configuration mismatch" error " client: $sysinfo1" fatal " server: $sysinfo2" fi @@ -141,7 +157,7 @@ function check_compatibility { # contents are '$1: .*'. Read and echo the data. function read_data_file { test -f $1 || \ - fatal "ERROR: Data file $1 not found" + fatal "Data file $1 not found" # Open the file exec 3< $1 @@ -151,7 +167,7 @@ function read_data_file { line="$REPLY" data=`expr "$line" : "$1: \\\(.*\\\)"` if test "X$data" = "X"; then - fatal "ERROR: Data in file $1 is incorrect" + fatal "Data in file $1 is incorrect" return fi @@ -316,7 +332,7 @@ function call_stap { server_p_phase=$p_phase fi - eval $exec_prefix/stap "$cmdline" -k -p $server_p_phase \ + eval ${exec_prefix}stap "$cmdline" -k -p $server_p_phase \ >> $tmpdir_server/stdout \ 2>> $tmpdir_server/stderr @@ -365,11 +381,6 @@ function package_response { # will sign the entire directory and compress it into a .jar # archive. # - # Make sure the specified .jar file exists. - test -f $jar_server || \ - fatal "ERROR: Could not find .jar archive file $jar_server" - #chmod +r $jar_server - # Generate the jar file signtool -d $ssl_db -k $nss_cert -p `cat $nss_pw` -Z $jar_server $tmpdir_server >/dev/null } @@ -379,7 +390,7 @@ function package_response { # Fatal error # Prints its arguments to stderr and exits function fatal { - echo "`basename $0`:" "$@" >> $tmpdir_server/stderr + echo "$0`: ERROR:" "$@" >> $tmpdir_server/stderr cleanup exit 1 } @@ -387,7 +398,7 @@ function fatal { # Non fatal error # Prints its arguments to stderr but does not exit function error { - echo "`basename $0`:" "$@" >> $tmpdir_server/stderr + echo "$0`: ERROR:" "$@" >> $tmpdir_server/stderr } # function cleanup -- cgit From 9e494cbb23b307d1e135fe188a894f0575c97abb Mon Sep 17 00:00:00 2001 From: Dave Brolley Date: Mon, 2 Feb 2009 15:51:50 -0500 Subject: Update NEWS and stap-server man page. Don't require client/server platform compatibility for pahes 1-4. --- stap-server | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) (limited to 'stap-server') diff --git a/stap-server b/stap-server index 64d26d13..a4d0e8c7 100755 --- a/stap-server +++ b/stap-server @@ -75,6 +75,9 @@ function initialization { test -f $nss_pw || \ fatal "Unable to find SSL certificate database password file $nss_pw" nss_cert=stap-server + + touch $tmpdir_server/stdout + touch $tmpdir_server/stderr } # function: unpack_request @@ -91,18 +94,17 @@ function unpack_request { # Identify the client's request tree. The zip file should have expanded # into a single directory named to match $tmpdir_prefix_client.?????? # which should now be the only item in the current directory. - test "`ls | wc -l`" = 1 || \ + test "`ls | wc -l`" = 3 || \ fatal "Wrong number of files after expansion of client's zip file" - tmpdir_client=`ls` - tmpdir_client=`expr "$tmpdir_client" : "\\\($tmpdir_prefix_client\\\\.......\\\)"` + tmpdir_client=`ls | grep $tmpdir_prefix_client.......\$` test "X$tmpdir_client" != "X" || \ fatal "Client zip file did not expand as expected" # Move the client's temp directory to a local temp location local local_tmpdir_client=`mktemp -dt $tmpdir_prefix_server.client.XXXXXX` || \ - fatal "Cannot create temporary zip file " $local_tmpdir_client + fatal "Cannot create temporary client request directory " $local_tmpdir_client mv $tmpdir_client/* $local_tmpdir_client rm -fr $tmpdir_client tmpdir_client=$local_tmpdir_client @@ -118,6 +120,9 @@ function check_request { # Add the necessary info from files in our temporary directory. cmdline=`read_data_file cmdline` test "X$cmdline" != "X" || exit 1 + + eval parse_options "$cmdline" + client_sysinfo=`read_data_file sysinfo` test "X$client_sysinfo" != "X" || exit 1 @@ -139,6 +144,9 @@ function server_sysinfo { # # Make sure that systemtap as described by SYSINFO1 and SYSINFO2 are compaible function check_compatibility { + # Compatibility is irrelevant if the request is not for phase 5 activity. + test $p_phase -lt 5 && return + # TODO: This needs work # - Make sure the linux kernel matches exactly local sysinfo1=$1 @@ -390,7 +398,9 @@ function package_response { # Fatal error # Prints its arguments to stderr and exits function fatal { - echo "$0`: ERROR:" "$@" >> $tmpdir_server/stderr + echo "$0: ERROR:" "$@" >> $tmpdir_server/stderr + echo -n 1 > $tmpdir_server/rc + package_response cleanup exit 1 } @@ -398,7 +408,7 @@ function fatal { # Non fatal error # Prints its arguments to stderr but does not exit function error { - echo "$0`: ERROR:" "$@" >> $tmpdir_server/stderr + echo "$0: ERROR:" "$@" >> $tmpdir_server/stderr } # function cleanup @@ -430,7 +440,6 @@ configuration initialization "$@" unpack_request check_request -eval parse_options "$cmdline" call_stap create_response package_response -- cgit From 89dd03e34c2f890e9fbb065c74a60036aa480827 Mon Sep 17 00:00:00 2001 From: Dave Brolley Date: Wed, 11 Feb 2009 12:00:13 -0500 Subject: Server response is no longer signed. Passed as a zip archive instead. --- stap-server | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) (limited to 'stap-server') diff --git a/stap-server b/stap-server index a4d0e8c7..ec827a09 100755 --- a/stap-server +++ b/stap-server @@ -58,12 +58,12 @@ function initialization { tmpdir_env=`dirname $tmpdir_server` # Signed reponse file name. - jar_server=$3 - test "X$jar_server" != "X" || \ - fatal ".jar archive file not specified" - # Make sure the specified .jar file exists. - test -f $jar_server || \ - fatal "Unable to find .jar archive file $jar_server" + zip_server=$3 + test "X$zip_server" != "X" || \ + fatal ".zip archive file not specified" + # Make sure the specified .zip file exists. + test -f $zip_server || \ + fatal "Unable to find .zip archive file $zip_server" # Where is the ssl certificate/key database? ssl_db=$4 @@ -385,12 +385,9 @@ function create_response { function package_response { cd $tmpdir_env - # We will be digitally signing the server's temporary directory. This - # will sign the entire directory and compress it into a .jar - # archive. - # - # Generate the jar file - signtool -d $ssl_db -k $nss_cert -p `cat $nss_pw` -Z $jar_server $tmpdir_server >/dev/null + # Compress the server's temporary directory into a .zip archive. + (rm $zip_server && zip -r $zip_server `basename $tmpdir_server` > /dev/null) || \ + fatal "zip of request tree, $tmpdir_server, failed" } # function: fatal [ MESSAGE ] -- cgit