[subauth.git] / client / subauth.c

/*
 *      Sub-authentication Client
 *
 *      (c) 2017 Martin Mares <mj@ucw.cz>
 */

#include <ucw/lib.h>
#include <ucw/opt.h>
#include <ucw-json/json.h>

#include <errno.h>
#include <fcntl.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <unistd.h>

#include "autoconf.h"

/*** Arguments ***/

static char *socket_path = INSTALL_RUN_DIR "/subauthd.socket";

static char *arg_login;
static char *arg_zone;
static char *arg_ident;
static int debug;

/*** Communication with the daemon ***/

static struct json_context *js;
static struct json_node *rq;
static struct json_node *rp;

static void set_string(struct json_node *n, const char *key, const char *val)
{
  json_object_set(n, key, json_new_string(js, val));
}

static struct json_node *get_child(struct json_node *obj, const char *key, uint type)
{
  struct json_node *n = json_object_get(obj, key);
  if (n && n->type != type)
    die("Malformed reply: %s has wrong type", key);
  return n;
}

static struct json_node *need_child(struct json_node *obj, const char *key, uint type)
{
  struct json_node *n = get_child(obj, key, type);
  if (!n)
    die("Malformed reply: missing %s", key);
  return n;
}

static void op_new(const char *op)
{
  js = json_new();
  rq = json_new_object(js);
  set_string(rq, "cmd", op);
}

static void op_debug(const char *msg, struct json_node *n)
{
  if (!debug)
    return;

  struct fastbuf *out = bfdopen_shared(1, 4096);
  bprintf(out, ">>> %s\n", msg);
  js->format_options = JSON_FORMAT_INDENT;
  json_write(js, out, n);
  js->format_options = 0;
  bclose(out);
}

static void op_run(void)
{
  int sk = socket(PF_UNIX, SOCK_SEQPACKET, 0);
  if (sk < 0)
    die("socket(PF_UNIX, SOCK_SEQPACKET): %m");

  struct sockaddr_un sun;
  sun.sun_family = AF_UNIX;
  if (strlen(socket_path) >= sizeof(sun.sun_path))
    die("Socket path too long");
  strcpy(sun.sun_path, socket_path);

  if (connect(sk, (struct sockaddr *) &sun, sizeof(sun)) < 0)
    die("Cannot connect to %s: %m", socket_path);

  op_debug("Request", rq);

  struct fastbuf *rq_fb = fbgrow_create(4096);
  json_write(js, rq_fb, rq);
  byte *rq_buf;
  uint rq_len = fbgrow_get_buf(rq_fb, &rq_buf);
  if (send(sk, rq_buf, rq_len, 0) < 0)
    die("Cannot send request: %m");
  bclose(rq_fb);

  byte rp_buf[4096];            // FIXME
  int rp_len = recv(sk, rp_buf, sizeof(rp_buf), 0);
  if (rp_len < 0)
    die("Cannot receive reply: %m");

  struct fastbuf rp_fb;
  fbbuf_init_read(&rp_fb, rp_buf, rp_len, 0);
  rp = json_parse(js, &rp_fb);
  op_debug("Reply", rp);

  close(sk);

  if (rp->type != JSON_OBJECT)
    die("Malformed reply: Top-level node is not an object");
  struct json_node *err = need_child(rp, "error", JSON_STRING);
  if (strcmp(err->string, ""))
    {
      fprintf(stderr, "Error: %s\n", err->string);
      exit(1);
    }
}

/*** Commands ***/

static void cmd_set_passwd(void)
{
}

static void cmd_list(void)
{
  op_new("list-accts");
  op_run();
}

static void cmd_zones(void)
{
  op_new("list-zones");
  op_run();

  struct json_node **jzs = need_child(rp, "zones", JSON_ARRAY)->elements;
  printf("%-16s %6s %6s  %s\n", "Zone", "Passwd", "Tokens", "Description");
  for (uint i=0; i < GARY_SIZE(jzs); i++)
    {
      struct json_node *jz = jzs[i];
      struct json_node *jname = need_child(jz, "name", JSON_STRING);
      struct json_node *jdesc = get_child(jz, "desc", JSON_STRING);
      struct json_node *jpass = get_child(jz, "allow-passwd", JSON_NUMBER);
      struct json_node *jtokens = get_child(jz, "allow-tokens", JSON_NUMBER);
      printf("%-16s %6s %6d  %s\n",
        jname->string,
        (jpass && jpass->number ? "yes" : "-"),
        (jtokens ? (uint) jtokens->number : 0),
        (jdesc ? jdesc->string : "(no description)"));
    }
}

static void cmd_raw(void)
{
  op_new("");

  struct fastbuf *in = bfdopen_shared(0, 4096);
  rq = json_parse(js, in);
  bclose(in);

  op_run();
}

enum command {
  CMD_SET_PASSWD,
  CMD_LIST,
  CMD_ZONES,
  CMD_RAW,
  CMD_MAX
};

void (* const command_handlers[CMD_MAX])(void) = {
  [CMD_SET_PASSWD] = cmd_set_passwd,
  [CMD_LIST] = cmd_list,
  [CMD_ZONES] = cmd_zones,
  [CMD_RAW] = cmd_raw,
};

static int command = -1;

/*** Main ***/

static const struct opt_section options = {
  OPT_ITEMS {
    OPT_HELP("A client to the sub-authentication daemon."),
    OPT_HELP("Usage: subauth [general options] <command> [options]"),
    OPT_HELP(""),
    OPT_HELP("General options:"),
    OPT_STRING('s', "socket", socket_path, OPT_REQUIRED_VALUE, "path\tPath to daemon control socket"),
    OPT_BOOL(0, "debug", debug, 0, "\tDump raw communication with the daemon"),
    OPT_HELP_OPTION,
    OPT_HELP(""),
    OPT_HELP("Commands:"),
    OPT_SWITCH(0, "passwd", command, CMD_SET_PASSWD, OPT_SINGLE, "\tSet password"),
    OPT_SWITCH(0, "list", command, CMD_LIST, OPT_SINGLE, "\tList tokens for all zones"),
    OPT_SWITCH(0, "zones", command, CMD_ZONES, OPT_SINGLE, "\tList all known zones"),
    OPT_SWITCH(0, "raw", command, CMD_RAW, OPT_SINGLE, "\tSend raw JSON command to the daemon"),
    OPT_HELP(""),
    OPT_HELP("Command options:"),
    OPT_STRING('u', "user", arg_login, OPT_REQUIRED_VALUE, "login\tUser to act on (default: whoever calls it)"),
    OPT_STRING('z', "zone", arg_zone, OPT_REQUIRED_VALUE, "zone\tAuthentication zone"),
    OPT_STRING('i', "ident", arg_ident, OPT_REQUIRED_VALUE, "id\tToken ID"),
    OPT_END
  }
};

int main(int argc UNUSED, char **argv)
{
  opt_parse(&options, argv+1);

  if (command < 0)
    opt_failure("No command given");
  if (!command_handlers[command])
    opt_failure("Command not implemented");
  command_handlers[command]();

  return 0;
}