Fix API initialisation to actually ignore invalid packets or passwords

1 year ago · d2bafa716d
4 changed files with 17 additions and 9 deletions
--- a/src/edge_management.c
+++ b/src/edge_management.c
@ -381,7 +381,10 @@ static void handleMgmtJson (mgmt_req_t *req, char *udp_buf, const int recvlen) {
    /* we reuse the buffer already on the stack for all our strings */
    STRBUF_INIT(buf, udp_buf, N2N_SN_PKTBUF_SIZE);

-    mgmt_req_init2(req, buf, (char *)&cmdlinebuf);
+    if (!mgmt_req_init2(req, buf, (char *)&cmdlinebuf)) {
+        // if anything failed during init
+        return;
+    }

    if(req->type == N2N_MGMT_SUB) {
        int handler;
--- a/src/management.c
+++ b/src/management.c
@ -210,7 +210,7 @@ int mgmt_auth (mgmt_req_t *req, char *auth) {
 /*
 * Handle the common and shred parts of the mgmt_req_t initialisation
 */
-void mgmt_req_init2 (mgmt_req_t *req, strbuf_t *buf, char *cmdline) {
+bool mgmt_req_init2 (mgmt_req_t *req, strbuf_t *buf, char *cmdline) {
    char *typechar;
    char *options;
    char *flagstr;
@ -226,7 +226,7 @@ void mgmt_req_init2 (mgmt_req_t *req, strbuf_t *buf, char *cmdline) {
    if(!typechar) {
        /* should not happen */
        mgmt_error(req, buf, "notype");
-        return;
+        return false;
    }
    if(*typechar == 'r') {
        req->type=N2N_MGMT_READ;
@ -236,20 +236,20 @@ void mgmt_req_init2 (mgmt_req_t *req, strbuf_t *buf, char *cmdline) {
        req->type=N2N_MGMT_SUB;
    } else {
        mgmt_error(req, buf, "badtype");
-        return;
+        return false;
    }

    /* Extract the tag to use in all reply packets */
    options = strtok(NULL, " \r\n");
    if(!options) {
        mgmt_error(req, buf, "nooptions");
-        return;
+        return false;
    }

    req->argv0 = strtok(NULL, " \r\n");
    if(!req->argv0) {
        mgmt_error(req, buf, "nocmd");
-        return;
+        return false;
    }

    /*
@ -281,6 +281,8 @@ void mgmt_req_init2 (mgmt_req_t *req, strbuf_t *buf, char *cmdline) {

    if(!mgmt_auth(req, auth)) {
        mgmt_error(req, buf, "badauth");
-        return;
+        return false;
    }
+
+    return true;
 }
--- a/src/management.h
+++ b/src/management.h
@ -109,6 +109,6 @@ void mgmt_event_post2 (enum n2n_event_topic topic, int data0, void *data1, mgmt_
 void mgmt_help_row (mgmt_req_t *req, strbuf_t *buf, char *cmd, char *help);
 void mgmt_help_events_row (mgmt_req_t *req, strbuf_t *buf, mgmt_req_t *sub, char *cmd, char *help);
 int mgmt_auth (mgmt_req_t *req, char *auth);
-void mgmt_req_init2 (mgmt_req_t *req, strbuf_t *buf, char *cmdline);
+bool mgmt_req_init2 (mgmt_req_t *req, strbuf_t *buf, char *cmdline);

 #endif
--- a/src/sn_management.c
+++ b/src/sn_management.c
@ -241,7 +241,10 @@ static void handleMgmtJson (mgmt_req_t *req, char *udp_buf, const int recvlen) {
    // xx
    STRBUF_INIT(buf, udp_buf, N2N_SN_PKTBUF_SIZE);

-    mgmt_req_init2(req, buf, (char *)&cmdlinebuf);
+    if (!mgmt_req_init2(req, buf, (char *)&cmdlinebuf)) {
+        // if anything failed during init
+        return;
+    }

    int handler;
    lookup_handler(handler, mgmt_handlers, req->argv0);