diff options
Diffstat (limited to 'emergencyd.pl')
-rwxr-xr-x | emergencyd.pl | 60 |
1 files changed, 34 insertions, 26 deletions
diff --git a/emergencyd.pl b/emergencyd.pl index 7314324..e1d1189 100755 --- a/emergencyd.pl +++ b/emergencyd.pl @@ -46,7 +46,7 @@ # binds to the IPv6 unspecified address with the IPV6_V6ONLY option # set to 0, thus listening on both IPv6 and IPv4 families. # -# -k <filename> specifies the keyfile to use. This file contains one +# -k <filename> specifies the key file to use. This file contains one # or more keys, one per line, which will all be equally valid when # computing the MAC. # @@ -72,37 +72,40 @@ getopts("k:p:f", \%opts); my @authorized_keys; -my $keyfilename = $opts{k}; -die "No key file specified (use -k option)" unless defined($keyfilename); -sub readkeys { - open my $keyfile, "<", $keyfilename +my $key_filename = $opts{k}; +die "No key file specified (use -k option)" unless defined($key_filename); +sub read_keys { + open my $key_file, "<", $key_filename or die "Cannot open key file $opts{k}: $!"; @authorized_keys = (); - while (<$keyfile>) { + while (<$key_file>) { chomp; push @authorized_keys, $_; } - close $keyfile; + close $key_file; } -readkeys; +read_keys; my $proto = getprotobyname("udp") or die "Can't resolve udp protocol: $!"; my $port; if ( defined($opts{p}) ) { $port = $opts{p}; - $port =~ /^(\d+)$/ or die "Invalid port number (-p option) $port"; + $port =~ /^\d+$/ or die "Invalid port number (-p option) $port"; } else { $port = DEFAULT_PORT; } -my $socket; -socket $socket, PF_INET6, SOCK_DGRAM, $proto or die "Can't create socket: $!"; +socket my $socket, PF_INET6, SOCK_DGRAM, $proto + or die "Can't create socket: $!"; if ( defined(*IPV6_V6ONLY{CODE}) ) { - setsockopt $socket, IPPROTO_IPV6, IPV6_V6ONLY, 0 or die "Can't set IPV6_V6ONLY option to 0: $!"; + setsockopt $socket, IPPROTO_IPV6, IPV6_V6ONLY, 0 + or die "Can't set IPV6_V6ONLY option to 0: $!"; } bind $socket, sockaddr_in6($port, in6addr_any) or die "Can't bind socket: $!"; if ( $opts{f} ) { + chdir("/"); + open STDIN, "/dev/null"; $SIG{HUP} = "IGNORE"; $SIG{INT} = "IGNORE"; my $childpid = fork; @@ -111,12 +114,15 @@ if ( $opts{f} ) { print "$childpid\n"; exit 0; } + POSIX::setsid; } sub curtime { - my $fiddle = shift; $fiddle = 0 unless defined($fiddle); - my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = gmtime(time+$fiddle); - return sprintf("%04d-%02d-%02dT%02d:%02d:%02dZ",$year+1900,$mon+1,$mday,$hour,$min,$sec); + my $fiddle = shift // 0; + my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) + = gmtime(time+$fiddle); + return sprintf("%04d-%02d-%02dT%02d:%02d:%02dZ", + $year+1900,$mon+1,$mday,$hour,$min,$sec); } my $mintime = "0"; @@ -125,10 +131,11 @@ PACKET: while (1) { my $buf; my $sender = recv($socket, $buf, 16384, 0); + die "Failed to receive packet: $!" unless defined($sender); my @lines = split /\015*\012|\|/s, $buf; - my $command = $lines[0]; $command = "" unless defined($command); - my $timestamp = $lines[1]; $timestamp = "" unless defined($timestamp); - my $maccheck = $lines[2]; $maccheck = "" unless defined($maccheck); + my $command = $lines[0] // ""; + my $timestamp = $lines[1] // ""; + my $maccheck = $lines[2] // ""; next PACKET if $command eq ""; if ( $command eq "PING" ) { send $socket, "PONG\n", 0, $sender; @@ -136,13 +143,13 @@ while (1) { send $socket, ("DATE\n".curtime."\n".$mintime."\n"), 0, $sender; } else { my $validate = "$command|$timestamp"; - my $macchecked = 0; + my $mac_checked = 0; foreach my $key ( @authorized_keys ) { if ( $maccheck eq hmac_sha256_hex($validate, $key) ) { - $macchecked = 1; + $mac_checked = 1; } } - unless ( $macchecked ) { + unless ( $mac_checked ) { send $socket, "!MAC\n", 0, $sender; next PACKET; } @@ -157,14 +164,13 @@ while (1) { if ( $command eq "NOOP" ) { send $socket, "NOOP\n", 0, $sender; } elsif ( $command eq "DPID" ) { - my $pid = POSIX::getpid; - send $socket, "DPID\n$pid\n", 0, $sender; + send $socket, "DPID\n$$\n", 0, $sender; } elsif ( $command eq "DIE!" ) { send $socket, "BYE!\n", 0, $sender; exit 0; } elsif ( $command eq "RKEY" ) { my $resp = "DONE\n"; - eval { readkeys }; + eval { read_keys }; if ( $@ ) { $resp = "!ERR\n$@"; } @@ -173,8 +179,10 @@ while (1) { my $s = $1; my $resp = "DONE\n"; eval { - open my $sysrq_trigger, ">", "/proc/sysrq-trigger" or die "Couldn't open /proc/sysrq-trigger for writing: $!"; - print $sysrq_trigger $s or die "Couldn't write to /proc/sysrq-trigger: $!"; + open my $sysrq_trigger, ">", "/proc/sysrq-trigger" + or die "Couldn't open /proc/sysrq-trigger for writing: $!"; + print $sysrq_trigger $s + or die "Couldn't write to /proc/sysrq-trigger: $!"; close $sysrq_trigger; }; if ( $@ ) { |