rstyx 0.4.0 → 0.4.1

data/lib/rstyx/server.rb

@@ -1,42 +1,40 @@
 #!/usr/bin/ruby
 #
+# Author:: Rafael R. Sevilla (mailto:dido@imperium.ph)
+# Copyright:: Copyright (c) 2005-2007 Rafael R. Sevilla
+# Homepage:: http://rstyx.rubyforge.org/
+# License:: GNU Lesser General Public License / Ruby License
+#
+# $Id: server.rb 278 2007-09-19 07:22:37Z dido $
+#
+#----------------------------------------------------------------------------
+#
 # Copyright (C) 2005-2007 Rafael Sevilla
 # This file is part of RStyx
 #
-# RStyx is free software; you can redistribute it and/or modify
-# it under the terms of the GNU Lesser General Public License as
-# published by the Free Software Foundation; either version 2.1
-# of the License, or (at your option) any later version.
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of either 1) the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version; or 2) Ruby's license.
 #
-# RStyx is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTIBILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Lesser General Public License for more details.
+# See the file COPYING for complete licensing information
 #
-# You should have received a copy of the GNU Lesser General Public
-# License along with RStyx; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St., Fifth Floor, Boston, MA
-# 02110-1301 USA.
+#----------------------------------------------------------------------------
 #
 # Styx Server
 #
 # To create a Styx server, one has to create an SDirectory object that
 # acts as the server root, e.g.:
 #
-# sd = RStyx::Server::SDirectory.new("/")
-# sf = RStyx::Server::InMemoryFile.new("test.file")
-# sf.contents = "hello"
-# sd << sf
-# serv = RStyx::Server::TCPServer.new(:bindaddr => "0.0.0.0",
-#                                     :port => 9876,
-#                                     :root => sd)
-# serv.run.join
+#   sd = RStyx::Server::SDirectory.new("/")
+#   sf = RStyx::Server::InMemoryFile.new("test.file")
+#   sf.contents = "hello"
+#   sd << sf
+#   serv = RStyx::Server::TCPServer.new(:bindaddr => "0.0.0.0",
+#                                       :port => 9876,
+#                                       :root => sd)
+#   serv.run.join
 #
-# Author:: Rafael R. Sevilla (mailto:dido@imperium.ph)
-# Copyright:: Copyright (c) 2005-2007 Rafael R. Sevilla
-# License:: GNU Lesser General Public License
-#
-# $Id: server.rb 249 2007-09-14 04:21:18Z dido $
 #
 require 'thread'
 require 'monitor'
@@ -59,7 +57,31 @@ module RStyx
     # assemble all inbound messages
     #
     module StyxServerProtocol
-      attr_accessor :sentmessages, :msize, :log, :root
+      ##
+      # maximum message size supported
+      attr_accessor :msize
+      ##
+      # Logger object used for logging server events
+      attr_accessor :log
+      ##
+      # The root of the file tree for this server
+      attr_accessor :root
+      ##
+      # An authenticator which is sent messages received from the client.
+      # Used when doing Inferno authentication.
+      attr_accessor :authenticator
+      ##
+      # The session object corresponding to this connection
+      attr_accessor :session
+      ##
+      # Server's authentication information
+      attr_accessor :myauth
+      ##
+      # Connected peer's authentication information
+      attr_accessor :userauth
+      ##
+      # Shared secret obtained during Inferno authentication
+      attr_accessor :secret
 
       DEFAULT_MSIZE = 8216
 
@@ -95,11 +117,11 @@ module RStyx
       # negotiation results in the protocol_negotiated flag in the
       # current session becoming true, and all other outstanding I/O
       # on the session (e.g. opened fids and the like) all removed.
-      #
+      #--
       # External methods used:
       #
       # Session#reset_session *
-      #
+      #++
       def tversion(msg)
         @cversion = msg.version
         @cmsize = msg.msize
@@ -123,7 +145,7 @@ module RStyx
       # depending on the auth methods that we decide to support.
       #
       def tauth(msg)
-        return(Message::Rerror.new(:ename => "Authentication methods through auth messages are not used."))
+        return(Message::Rerror.new(:ename => "Authentication methods through auth messages are not supported."))
       end
 
       ##
@@ -134,14 +156,14 @@ module RStyx
       # 1. The client has not done a version negotiation yet.
       # 2. The client has provided a fid which it is already using
       #    for something else.
-      #
+      #--
       # External methods used:
       #
       # Session#version_negotiated? *
       # Session#has_fid? *
       # Session#[]= *
       # SFile#qid (root) *
-      #
+      #++
       def tattach(msg)
         # Do not allow attaches without version negotiation
         unless @session.version_negotiated?
@@ -175,11 +197,11 @@ module RStyx
       # flushed transaction).  Some means, possibly a session-wide
       # global transaction lock on server internal state changes
       # may be necessary to allow flushes of this kind to work.
-      #
+      #--
       # External methods used:
       #
       # Session#flush_tag *
-      #
+      #++
       def tflush(msg)
         @session.flush_tag(msg.oldtag)
         return(Message::Rflush.new)
@@ -205,7 +227,7 @@ module RStyx
       # Note that if several parts of the walk managed to succeed, this
       # method will still return an Rwalk response, but it will NOT
       # associate newfid with anything.
-      #
+      #--
       # External methods used:
       #
       # Session#[] *
@@ -218,7 +240,7 @@ module RStyx
       # SFile#atime=
       # SFile#[]
       # SFile#qid
-      #
+      #++
       #
       def twalk(msg)
         if msg.wnames.length > MAXWELEM
@@ -232,13 +254,12 @@ module RStyx
           raise StyxException.new("cannot walk to an open fid")
         end
         nfid = msg.newfid
-        if nfid != fid
-          # if the original and new fids are different, check that
-          # the new fid isn't already in use.
-          if (@session.has_fid?(nfid))
-            raise StyxException.new("fid already in use")
-          end
+        # if the original and new fids are different, check that
+        # the new fid isn't already in use.
+        if nfid != fid && @session.has_fid?(nfid)
+          raise StyxException.new("fid already in use")
         end
+
         rwalk = Message::Rwalk.new(:qids => [])
         num = 0
         msg.wnames.each do |n|
@@ -258,6 +279,7 @@ module RStyx
             end
             break
           end
+          sf.atime = Time.now
           # This allows a client to get a fid representing the directory
           # at the end of the walk, even if the client does not have
           # execute permissions on that directory.  Therefore, in Inferno,
@@ -279,7 +301,7 @@ module RStyx
 
       ##
       # Handle open messages.
-      #
+      #--
       # External methods used:
       #
       # Session#[]
@@ -289,7 +311,7 @@ module RStyx
       # SFile#qid
       # Session#iounit
       # Session#user
-      #
+      #++
       def topen(msg)
         sf = @session[msg.fid]
         mode = msg.mode
@@ -312,11 +334,38 @@ module RStyx
         unless @session.writable?(dir)
           raise StyxException.new("permission denied, no write permissions to parent directory")
         end
+        # Check the file type
+        perm = msg.perm
+        isdir = (perm & DMDIR) != 0
+        isapponly = (perm & DMAPPEND) != 0
+        isexclusive = (perm & DMEXCL) != 0
+        isauth = (perm & DMAUTH) != 0
+
+        if isauth
+          # Auth files cannot be created by Styx messages
+          raise StyxException.new("can't create a file of type DMAUTH")
+        end
+
+        # Get the low 9 bits of the permission number (these low 9 bits
+        # are the rwxrwxrwx file permissions)
+        operm = msg.perm & 01777
+        # Get the real permissions of this file.  This depends on the
+        # permissions of the parent directory
+        realperm = operm
+        if isdir
+          realperm = operm & (~0777 | (dir.permissions & 0777))
+          # directories must be opened with OREAD (no other bits set)
+          if msg.mode != OREAD
+            raise StyxException.new("when creating a directory must open with read permission only")
+          end
+        else
+          realperm = operm & (~0666 | (dir.permissions & 0666))
+        end
 
-        # Create the file in the directory.  Note that SDirectory#newfile
-        # has to do all of the permission checking and all that.
-        new_file = dir.newfile(msg.name, msg.perm)
-o        dir << new_file
+        # Create the file in the directory, add it to the directory tree,
+        # and associate the new file with the given fid
+        new_file = dir.newfile(msg.name, realperm, isdir, isapponly, isexcl)
+        dir << new_file
         @session[msg.fid] = new_file
         new_file.add_client(SFileClient.new(@session, msg.fid, msg.mode))
         return(Message::Rcreate.new(:qid => new_file.qid,
@@ -383,7 +432,7 @@ o        dir << new_file
         # A remove is just like a clunk with the side effect of
         # removing the file if the permissions allow.
         sf = @session[msg.fid]
-        sf.lock do
+        sf.synchronize do
           @session.clunk(msg.fid)
           parent = sf.parent
           if @session.writable?(parent)
@@ -394,8 +443,8 @@ o        dir << new_file
             raise StyxException.new("directory not empty")
           end
           sf.remove
+          parent.set_mtime(Time.now, @session.user)
         end
-        parent.set_mtime(Time.now, @session.user)
         return(Message::Rremove.new)
       end
 
@@ -414,7 +463,7 @@ o        dir << new_file
       def twstat(msg)
         nstat = msg.stat
         sf = @session[msg.fid]
-        sf.lock do
+        sf.synchronize do
           # Check if we are changing the file's name
           unless nstat.name.empty?
             dir = sf.parent
@@ -554,8 +603,10 @@ o        dir << new_file
           @log.error("#{@peername} unknown fid in message #{msg.to_s}")
           reply(Message::Rerror.new(:ename => "Unknown fid #{e.fid}"), tag)
         rescue StyxException => e
-          @log.error("#{@peername} styx exception #{e.message} in #{msg.to_s}")
+          @log.error("#{@peername} styx exception #{e.message} for #{msg.to_s}")
           reply(Message::Rerror.new(:ename => "Error: #{e.message}"), tag)
+        rescue Exception => e
+          @log.error("#{@peername} internal error #{e.message} for #{e.to_s} at #{e.backtrace}")
         end
 
       end
@@ -565,6 +616,12 @@ o        dir << new_file
       # Receive data from the network connection, called by EventMachine.
       #
       def receive_data(data)
+        # If we are in keyring authentication mode, write any data received
+        # into the @auth's buffer, and simply return.
+        unless @authenticator.nil?
+          @authenticator << data
+          return
+        end
         @msgbuffer << data
         # self.class.log.debug(" << #{data.unpack("H*").inspect}")
         while @msgbuffer.length > 4
@@ -621,6 +678,10 @@ o        dir << new_file
       # Active iounit for this connection
       #
       attr_accessor :iounit
+      ##
+      # Group table
+      #
+      attr_accessor :groups
 
       ##
       # Create a new session.
@@ -772,15 +833,17 @@ o        dir << new_file
         end
       end
 
+      # These constants are used by Session#permission? and should NOT
+      # be changed.  The algorithm used depends on it!
+      EXECUTE = 0
+      WRITE = 1
+      READ = 2
+
       ##
       # Check the permissions for a given mode
       #
-      #--
-      # FIXME: the permissions are only for anonymous access at the
-      # moment, so only the world permissions are ever checked.
-      #++
       # _sf_:: the file to check against
-      # _mode_:: the mode to check (OEXEC, OWRITE, or OREAD)
+      # _mode_:: the mode to check (EXEC, WRITE, or READ)
       #
       def permission?(sf, mode)
         if mode < 0 || mode > 2
@@ -788,22 +851,42 @@ o        dir << new_file
         end
         # We bit shift the permissions value so that the mode is
         # represented by the last bit (all) the fourth to last bit
-        # (group), and the seventh-to-last bit (user).
+        # (group), and the seventh-to-last bit (user).  For example,
+        # if we started with a mode of 0755 (binary 111101101,
+        # rwxrwxrwx), and we want to check write permissions, we
+        # shift by one bit so that the value of perms is 1110110, or
+        # (rwxrwxrw).
         perms = sf.permissions >> mode
         # Check permissions for 'all' -- the low-order bit
-        if perms & 0b000_000_001 == 1
+        unless perms & 0b000_000_001 == 0
           return(true)
         end
 
-        # XXX: this has to be something more useful!
-        return(false)
+        # Group permissions
+        unless (perms & 0b000_001_000) == 0
+          # The group has the correct permissions; now we have to find if
+          # the user is a member of the group in question.
+          ug = @groups[@user]
+          unless ug.index(sf.gid).nil?
+            return(true)
+          end
+        end
+
+        # Owner permissions.  This is the final fallback.
+        return(((perms & 0b001_000_000) != 0) && (@user == sf.uid))
       end
 
       ##
       # Check for executable permission for the SFile _sf_.
       #
       def execute?(sf)
-        return(true)
+        return(permission?(sf, EXECUTE))
+      end
+
+      ##
+      # Check for write permission for the SFile _sf_.
+      def writable?(sf)
+        return(permission?(sf, WRITE))
       end
 
       ##
@@ -818,7 +901,59 @@ o        dir << new_file
           raise StyxException.new("can't open locked file")
         end
         openmode = mode & 0x03
-        # XXX: Needs to be filled out further...
+        case openmode
+        when OREAD
+          unless permission?(sf, READ)
+            raise StyxException.new("read permission denied")
+          end
+        when OWRITE
+          unless permission?(sf, WRITE)
+            raise StyxException.new("write permission denied")
+          end
+        when ORDWR
+          unless permission?(sf, READ)
+            raise StyxException.new("read permission denied")
+          end
+          unless permission?(sf, WRITE)
+            raise StyxException.new("write permission denied")
+          end
+        when OEXEC
+          unless permission?(sf, EXECUTE)
+            raise StyxException.new("execute permission denied")
+          end
+        else
+          # shouldn't happen
+          raise StyxException.new("internal Styx error openmode = #{openmode}: should be between 0 and 3")
+        end
+
+        # Execute permission is required for a directory in order to
+        # do anything with it
+        if sf.directory? && !execute?(sf)
+          raise StyxException("directory execute permission denied")
+        end
+
+        if (mode & OTRUNC) != 0
+          # can't truncate a directory
+          if sf.directory?
+            raise StyxException.new("cannot truncate a directory")
+          end
+          unless permission?(sf, WRITE)
+            raise StyxException.new("need write permissions to truncate a file")
+          end
+        end
+
+        if (mode & ORCLOSE) != 0
+          # can't delete a directory on closing
+          if sf.directory?
+            raise StyxException.new("cannot automatically delete a directory")
+          end
+          # we must have write permissions on the parent directory and the file
+          # itself to delete the file on clunking its fid
+          unless permission?(sf.parent, WRITE)
+            raise StyxException.new("need write permissions on the parent directory to delete the file when the fid is clunked")
+          end
+          # TODO: do we need write permissions on the file itself?
+        end
       end
 
     end                         # class Session
@@ -837,12 +972,27 @@ o        dir << new_file
       #           serve (typically an SDirectory instance)
       # _:log_:: A Logger object where server-generated log messages
       #          are stored.
+      # _:auth_:: An authentication object.  If this is a
+      #           Keyring::Authinfo instance, it will use the Inferno
+      #           authentication protocol to authenticate clients who
+      #           connect, and only allow connections from clients with
+      #           certificates signed by the same CA that signed its
+      #           own certificate.  If this is nil, no authentication
+      #           will be required for connections.
+      # _:groups_:: A hash table, indexed by user names, that returns
+      #             an array of groups of which a particular user is
+      #             member of.  If not specified, it defaults to an
+      #             empty group table (which sets the group of everyone
+      #             to 'nogroup')
       # _:debug_:: Debug level, which is assigned to the logger's level
       #            Set this to Logger::DEBUG if you want full debugging
       #            messages to appear.
       #
       def initialize(config)
         @root = config[:root]
+        @auth = config[:auth]
+        @groups = config[:groups]
+        @groups ||= Hash.new(["nogroup"])
         @log = config[:log] || Logger.new(STDERR)
         @log.level = config[:debug] || Logger::WARN
       end
@@ -898,6 +1048,51 @@ o        dir << new_file
                                      StyxServerProtocol) do |conn|
             conn.root = @root
             conn.log = @log
+            if @auth.is_a?(Keyring::Authinfo)
+              # Perform Inferno authentication protocol
+              conn.myauth = @auth
+              conn.authenticator = Keyring::FileWrapper.new(conn)
+              Thread.new do
+                begin
+                  conn.userauth, conn.secret = Keyring.auth(conn.authenticator,
+                                                            :server, @auth,
+                                                            ["none"])
+                rescue Exception => e
+                  # You fail. Get outta my face!
+                  @log.info("client authentication error #{e.class.to_s}: #{e.message}")
+                  conn.close_connection
+                else
+                  # Successful authentication.  Set the session.auth flag to
+                  # true and the user to the owner of the public key that
+                  # was used to authenticate
+                  conn.session.user = conn.userauth.mypk.owner
+                  conn.session.auth = true
+                  @log.info("authenticated connection for #{conn.session.user}")
+                  # Stop using the authenticator after the protocol is done.
+                  # The authenticator might have received some data meant
+                  # to be Styx protocol messages so we do receive_data to
+                  # make sure that the data does get received.
+                  a = conn.authenticator
+                  conn.authenticator = nil
+                  if a.data.length > 0
+                    conn.receive_data(a.data)
+                  end
+                end
+              end
+            else
+              # Either we're using some other non-Inferno authentication
+              # method, in which case auth files are used and the peer
+              # authentication information is filled in later, or we're
+              # not bothering to do any authentication.  We fill in
+              # userauth with nil (the connection is unauthenticated)
+              # and we put "nobody" in the username (the anonymous user).
+              conn.userauth = nil
+              conn.session.user = "nobody"
+              conn.session.auth = false
+              conn.authenticator = nil
+              @log.info("unauthenticated connection for #{conn.username}")
+            end
+            conn.session.groups = @groups
           end
         end
       end
@@ -969,7 +1164,7 @@ o        dir << new_file
       # opened it with read access mode).
       #
       def readable?
-        return(mode == OREAD || mode == ORDWR)
+        return(@mode == OREAD || @mode == ORDWR)
       end
 
       ##
@@ -977,7 +1172,7 @@ o        dir << new_file
       # opened it with write access).
       #
       def writable?
-        return(mode == OWRITE || mode == ORDWR)
+        return(@mode == OWRITE || @mode == ORDWR)
       end
 
     end
@@ -1473,7 +1668,7 @@ o        dir << new_file
       # implementation does nothing; subclasses must override this to
       # provide the correct functionality.
       #
-      def refresh
+      def refresh(update_children)
       end
     end                         # class SFile
 
@@ -1608,10 +1803,17 @@ o        dir << new_file
       # FIXME: make this method actually DO something!
       #++
       #
-      def newfile(name, perm)
+      def newfile(name, perm, isdir, isapponly, isexcl)
         raise StyxException.new("cannot create files in this directory")
       end
 
+      ##
+      # Remove a file from the directory
+      def remove_child(child)
+        @children.delete(child)
+        self.contents_changed
+      end
+
     end                         # class SDirectory
 
     ##

data/lib/rstyx/version.rb

@@ -1,34 +1,35 @@
 #!/usr/bin/ruby
 #
-# Copyright (C) 2005 Rafael Sevilla
+# Author:: Rafael R. Sevilla (mailto:dido@imperium.ph)
+# Copyright:: Copyright (c) 2005-2007 Rafael R. Sevilla
+# Homepage:: http://rstyx.rubyforge.org/
+# License:: GNU Lesser General Public License / Ruby License
+#
+# $Id: version.rb 285 2007-09-19 07:32:56Z dido $
+#
+#----------------------------------------------------------------------------
+#
+# Copyright (C) 2005-2007 Rafael Sevilla
 # This file is part of RStyx
 #
-# RStyx is free software; you can redistribute it and/or modify
-# it under the terms of the GNU Lesser General Public License as
-# published by the Free Software Foundation; either version 2.1
-# of the License, or (at your option) any later version.
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of either 1) the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version; or 2) Ruby's license.
 #
-# RStyx is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTIBILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Lesser General Public License for more details.
+# See the file COPYING for complete licensing information
 #
-# You should have received a copy of the GNU Lesser General Public
-# License along with RStyx; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-# 02111-1307 USA.
+#----------------------------------------------------------------------------
 #
 # RStyx version code
 #
-# $Id: version.rb 261 2007-09-18 04:43:42Z dido $
-#
 
 module RStyx
   module Version
 
     MAJOR = 0
     MINOR = 4
-    TINY = 0
+    TINY = 1
 
     # The version of RStyx in use.
     STRING = [ MAJOR, MINOR, TINY ].join(".")

data/lib/rstyx.rb

@@ -1,31 +1,33 @@
 #!/usr/bin/ruby
 #
-# Copyright (C) 2005,2006 Rafael Sevilla
+# Author:: Rafael R. Sevilla (mailto:dido@imperium.ph)
+# Copyright:: Copyright (c) 2005-2007 Rafael R. Sevilla
+# Homepage:: http://rstyx.rubyforge.org/
+# License:: GNU Lesser General Public License / Ruby License
+#
+# $Id: rstyx.rb 294 2007-09-19 07:45:28Z dido $
+#
+#----------------------------------------------------------------------------
+#
+# Copyright (C) 2005-2007 Rafael Sevilla
 # This file is part of RStyx
 #
-# RStyx is free software; you can redistribute it and/or modify
-# it under the terms of the GNU Lesser General Public License as
-# published by the Free Software Foundation; either version 2.1
-# of the License, or (at your option) any later version.
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of either 1) the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version; or 2) Ruby's license.
 #
-# RStyx is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTIBILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Lesser General Public License for more details.
+# See the file COPYING for complete licensing information
 #
-# You should have received a copy of the GNU Lesser General Public
-# License along with RStyx; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St., Fifth Floor, Boston, MA
-# 02110-1301 USA.
+#----------------------------------------------------------------------------
 #
 # Main require -- should get everything ready for the user of the lib.
 #
-# $Id: rstyx.rb 260 2007-09-18 04:43:12Z dido $
 #
 require 'rstyx/common'
 require 'rstyx/messages'
 require 'rstyx/errors'
 require 'rstyx/keyring'
 require 'rstyx/client'
-require 'rstyx/authmodules'
+require 'rstyx/server'