Andre Noll [Sun, 19 Jul 2009 01:10:34 +0000 (03:10 +0200)]
client_post_select(): Defer decrypting of server challenge.
The old code worked only by pure luck: We allocated the crypt buffer on the stack as
an ordinary automatic variable. This buffer was filled right after we received the challenge
from the server, but it was used in a _subsequent_ call to client_post_select(). There's
no guarantee that the content of the crypt buffer stays the same between these two calls.
So defer the decryption until the client status is CL_RECEIVED_CHALLENGE, i.e. until
the socket file descriptor is known to be ready for sending back the SHA1 of the decrypted
challenge.
Andre Noll [Sat, 11 Jul 2009 19:01:27 +0000 (21:01 +0200)]
Fix com_init() in case arguments are given.
As the ->name field of struct afs_table was only initialized in the afs process,
com_init(), which gets forked from the server process, did not see the table
names and would segfault due to a NULL pointer dereference if table names
were given as arguments.
Fix it by initializing the ->name fields in the definition of the afs_tables array.
This bug was introduced in commit 53d503ce back in 2007...
Andre Noll [Sat, 11 Jul 2009 15:13:04 +0000 (17:13 +0200)]
Scoring performance enhancements.
The old scoring code computed the afsi, afhi, and the path of the audio file for each
item of the mood, which is unnecessary. This patch moves these computations from
get_item_score() into compute_mood_score() so that afsi, afhi and path are only
computed once per audio file.
As a result, get_item_score() can no longer fail, so we may skip the checks for negative
return values.
Andre Noll [Sat, 11 Jul 2009 13:55:04 +0000 (15:55 +0200)]
Move mood methods to a separate file.
As more mood methods will be added in subsequent patches, it's good to separate
moods from mood methods.
This also removes the played_rarely mood method, since it never really worked: Whether
or not a file was played rarely depends on the afs statistics which have not been
computed at the time the mood scrore function is executed.
Andre Noll [Thu, 9 Jul 2009 18:11:55 +0000 (20:11 +0200)]
Add the new "year" mood method.
This includes a Y2K heuristic for year tags that contain only two digits. If that two-digit
number N is less or equal than the current year minus 2000, assume that it means 2000 + N.
Otherwise, assume 1900 + N.
Andre Noll [Wed, 8 Jul 2009 21:10:49 +0000 (23:10 +0200)]
Introduce para_regcomp.
A wrapper for regcomp() that logs an error message if the regcomp() failed
and uses a return value according to the paraslash rules. Currently there is
only one user of regular expressions, is_v4_dot_quad(), which is converted
to para_regex(), but new callers will be added soon.
Unfortunately, this change made it necessary to include regex.h in all .c files
that use string.h. Clean up the order in which headers are included a bit while
we're at it.
Maybe I should rethink the rule "Only .c files shall include header files"...
Andre Noll [Wed, 8 Jul 2009 19:59:39 +0000 (21:59 +0200)]
Pass full argument list to mood parsers.
Currently, for each mood line only the first word after the mood method is passed
to the mood parser. Passing all arguments allows for mood parsers that take more
than one argument.l
Andre Noll [Sun, 5 Jul 2009 16:11:32 +0000 (18:11 +0200)]
Replace split_args() by create_argv().
The latter function is superior as it honors quotes and special characters like '\n'.
This allows for example to use whitespace characters in mood methods.
Fixup and simplify all callers accordingly.
The patch broke the grab command of para_audiod which is deactivated ATM and
will be fixed in a subsequent patch.
Andre Noll [Sun, 5 Jul 2009 08:40:55 +0000 (10:40 +0200)]
Fix a bug in the output of para_audioc.
This bites In case of short writes to stdout. The bug was literally there since day one
but never showed up as short writes usually don't happen with the rather small amount
of data that is written by para_audioc.
Andre Noll [Sun, 5 Jul 2009 08:53:06 +0000 (10:53 +0200)]
gui: Avoid unnecessary strdup's and replace newlines by spaces in curses output.
align_str() made a copy of the given buffer because one of its callers, print_in_bar(),
passes a string literal and align_str() needs to truncate large strings.However, all other
callers pass a writable string anyway, so do the strdup() in print_in_bar(). This avoids the
unnecessary copies for each status item.
The areas for the status items was designed to hold only a part of a single line, so status
item text should not contain newlines. The patch replaces newlines by spaces.
Andre Noll [Sun, 5 Jul 2009 08:44:23 +0000 (10:44 +0200)]
gui: Use variable-sized input buffer for the audiod pipe.
The previous fixed size of 8192 might be too small if the audio file contains large
tags. OTOH, 8192 is much too large for the bulk of all audio files. So use a small
buffer that gets increased on demand.
Andre Noll [Sun, 5 Jul 2009 08:40:55 +0000 (10:40 +0200)]
Fix a bug in the output of para_audioc.
This bites In case of short writes to stdout. The bug was literally there since day one
but never showed up as short writes usually don't happen with the rather small amount
of data that is written by para_audioc.
Andre Noll [Sat, 4 Jul 2009 19:45:48 +0000 (21:45 +0200)]
Add a check for libosl to configure.ac.
If libosl is not found, configure will exit with an error message describing how
to download and install libosl. We could make it optional and build only the
client side of paraslash if libosl is not available, but that seems not be worth the
trouble as everyone likely wants to build para_server anyway.
Andre Noll [Sat, 4 Jul 2009 13:52:39 +0000 (15:52 +0200)]
Revamp status item handling.
This patch changes the way the status items are printed and parsed.
The new parser-friendly format is used internally and, as a side
effect, is also available as an new listing mode for the ls command
and for the stat commands of both para_server and para_audiod.
With the new format, each status item is prefixed by its size, and the
status item identifier is printed as a numerical value. This simplifies
the parsing code in para_audiod/para_gui a bit and should make it
perform better as the status items do not have to be looked up by name.
More importantly, the new format gets rid of the restriction that
status items should not contain newline characters because the parser
knows in advance how much it has to read to get the complete item. This
restriction became a real problem as more and more audio files contain
(version 2 id3) tags that contain much more than a single line. For
example the linux podcast mp3 files contain the full content of the
podcast as text in the command tag.
Gerrit Renker [Tue, 30 Jun 2009 08:20:19 +0000 (10:20 +0200)]
Support netmask subsets
This allows to specify sets of addresses which are defined by sharing
the least-common netmask value.
For example, if the allow list contains the following addresses:
10.0.0.2/24 10.0.0.2/32
then the second address is redundant since it is already included
via the first one. The least-common netmask value is 24; with this
patch a command like
Andre Noll [Mon, 29 Jun 2009 17:34:24 +0000 (19:34 +0200)]
Obtain afs status items directly from afs.
This patch changes the way how the afs status items are passed from afs to the stat
command handler. Previously, afs passed the status item string to the server process
whenever a new audio file was loaded. The server process stored the string in the mmd
shared memory area from which it was available to the client process that executed the
stat command.
This approach has the disadvantage that the size of the string must be restricted to a
fixed number of bytes, VERBOSE_LS_OUTPUT_SIZE, determined at compile time and
independent of the audio file. As version 2 id3 tags and vorbis comments do not impose
an upper bound on the size of the tags a rather ugly patch was merged recently to the master
branch which truncated the size of the tags if it exceeded VERBOSE_LS_OUTPUT_SIZE.
This patch gets rid of this restriction by not storing the info string in the mmd structure. Instead,
the stat command requests the information directly from the afs process via the callback
mechanism which is also used by other afs commands.
Andre Noll [Fri, 26 Jun 2009 18:54:55 +0000 (20:54 +0200)]
Major audio format handler cleanups.
The main change is the replacement of afhi->taginfo by more specific
fields: This patch adds struct taginfo to the audio format handler
info struct.
The prefix is no longer stored inside the osl database, i.e. it is
no longer duplicated for each audio file.
The tag information is only stored in memory as a dynamically allocated
string if it is new, i.e. if the struct was generated by the audio format
handler. If it was retrieved from the database, pointers to the memory
mapped table are used instead.
The crappy fixup_info_string() function is gone. It was too ugly to live.
Of course, this re-introduces the bug it fixed, but as we broke the
on disk format with this patch anyway, we might as well fix it right(TM).
This will be done in a subsequent patch.
afhi->eof_tv is gone as well. It was not useful at all.
Andre Noll [Sun, 21 Jun 2009 18:55:07 +0000 (20:55 +0200)]
Stronger crypto for client authentication.
This patch changes the way clients are authenticated:
- The size of the challenge has been increased from sizeof(unsigned long)
to 64. Openssl's Rand_bytes() is used to get the random buffer for the
challenge and the rc4 keys.
- The client responds with the sha1 hash of the challenge rather than
sending back the decrypted challenge in plain text.
- The rc4 keys are now 2 x 32 bytes long. They are rsa encrypted and
sent together with the challenge.
- Authentication requests for invalid users are not immediatedly denied
as this would reveal the fact that the user does not exist.
- rsa keys are required to be at least 2048 bits long.
Andre Noll [Sun, 14 Jun 2009 20:50:11 +0000 (22:50 +0200)]
Make rc4 encryption/decryption more explicit.
The old code used a rather fancy way to (de)activate encryption on
a per fd basis: In net.c there was an array of rc4 keys, indexed by fd.
This is rather wastful because the array size is determined by the
highest fd for which encryption is activated.
It's also hard to comprehend and it's easy to get strange results if
one forgets to deactivate the encryption after the fd is closed.
This patch introduces a new structure, rc4_context, which consists of
an fd and the needed rc4 keys. Users explicitly call the new rc4 variants
of the receving/sending functions which take a pointer to a struct
rc4_context instead of a file descriptor but are otherwise identical.
Andre Noll [Wed, 27 May 2009 17:16:54 +0000 (19:16 +0200)]
Truncate overlong tag info and replace newlines by spaces.
The tag info which is computed by the audio format handlers and stored
in the audio file table is read into a fixed-size buffer by the audio
file selector in open_and_update_audio_file(), passed to the server
process and then sent to the client via the stat command. It is not
interpreted at all during this process. In particular, it is not
essential for correctly streaming the audio file.
Vorbis comments and id3v2 tags have no size limit and may contain
arbitrary data which may lead to the following twi problems:
- As noted by Gerrit Renker, if the tag info is too long
to fit into the fixed-size buffer, the current code skips
the audio file and removes it from the list of currently
admissible files. So para_server fails to stream such files.
- If the tag info contains newlines, these are included
verbatim in the status output which may confuse para_audiod.
This patch truncates the tag info string if it does not fit into the
4K buffer and replaces newlines by spaces. This is a bit ugly but
avoids both of the above problems. It's still possible to retrieve
the complete tag info via the "ls -lv" command.
Andre Noll [Sun, 10 May 2009 19:31:13 +0000 (21:31 +0200)]
rbtree: Add const qualifier to some functions.
The 'rb_first()', 'rb_last()', 'rb_next()' and 'rb_prev()' calls take a pointer
to an RB node or RB root. They do not change the pointed objects, so add a
'const' qualifier.
Andre Noll [Sun, 10 May 2009 15:40:42 +0000 (17:40 +0200)]
filter: Force a minimal select timeout if something was converted.
When filter_preselect() runs. other pre_select functions might have
already been called and decided to do nothing, e.g. because their
output buffer was full or the input buffer was empty.
If this call to filter_preselect() changed any of the involved buffers,
we want those other pre_select() functions to be called ASAP. So force
a minimal timeout for the next select call to avoid unnecessary delays.