crosdns/hosts_modifier.cc - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2018 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "crosdns/hosts_modifier.h"

 #include <arpa/inet.h>

 #include <base/files/file.h>
 #include <base/files/file_util.h>
 #include <base/logging.h>
 #include <base/strings/string_util.h>
 #include <base/strings/stringprintf.h>

 namespace {
 // To avoid reading something too big, this should never happen.
 constexpr size_t kMaxFileSize = 1048576;  // 1MB.
 // This is the delimiter we write out before our changes so that if we crash and
 // are restarted we know what the base file was before we modified it.
 constexpr char kFileModificationDelimeter[] =
     "\n#####DYNAMIC-CROSDNS-ENTRIES#####\n";
 constexpr char kAllowedHostnameSuffix[] = ".linux.test";
 constexpr uint32_t kAllowedIpSubnet = 0x64735c00;  // 100.115.92.0
 constexpr uint32_t kAllowedIpMask = 0xFFFFFF00;

 // Only allow IPs in the 100.115.92.0/24 subnet.
 bool IsAllowedIpv4Address(uint32_t ipv4, std::string* err_out) {
   if ((ipv4 & kAllowedIpMask) != kAllowedIpSubnet) {
     *err_out = "IP address disallowed in mapping";
     return false;
   }
   return true;
 }

 // Hostname must be *.test and use legal chars.
 bool IsAllowedHostname(const std::string& hostname, std::string* err_out) {
   // Make sure this is a legal hostname. It must be comprised of alphanumeric
   // characters, dashes or dots. The dot or dash may not be the first character.
   // It may not have consecutive dots. It must also have the '.test' suffix.
   if (!base::EndsWith(hostname, kAllowedHostnameSuffix,
                       base::CompareCase::SENSITIVE)) {
     *err_out = "Attempt to add invalid hostname to mapping of: " + hostname;
     return false;
   }
   if (hostname[0] == '-' || hostname[0] == '.') {
     *err_out = "First char in hostname may not be a dot or dash: " + hostname;
     return false;
   }
   bool last_was_dot = false;
   for (auto c : hostname) {
     if (!base::IsAsciiAlpha(c) && !base::IsAsciiDigit(c) && c != '-') {
       if (c == '.' && !last_was_dot) {
         last_was_dot = true;
         continue;
       }
       *err_out = "Invalid char in hostname: " + hostname;
       return false;
     }
     last_was_dot = false;
   }
   return true;
 }
 }  // namespace

 namespace crosdns {

 HostsModifier::HostsModifier() = default;
 HostsModifier::~HostsModifier() = default;

 bool HostsModifier::Init(const base::FilePath& hosts_filepath) {
   filepath_ = hosts_filepath;
   if (!base::ReadFileToStringWithMaxSize(filepath_, &base_hosts_contents_,
                                          kMaxFileSize)) {
     PLOG(ERROR) << "Failed reading in existing hostname file from "
                 << filepath_.value();
     return false;
   }
   // See if our delimiter was in there or not, if it is then we strip everything
   // off after it (including the delimiter) and then rewrite out the file so
   // that any stale entries are removed.
   size_t delim_pos = base_hosts_contents_.find(kFileModificationDelimeter);
   if (delim_pos == std::string::npos) {
     return true;
   }
   // Delimeter was in there, strip it off and rewrite the file.
   base_hosts_contents_.erase(delim_pos);
   return WriteHostsFile();
 }

 bool HostsModifier::SetHostnameIpMapping(const std::string& hostname,
                                          const std::string& ipv4,
                                          const std::string& ipv6,
                                          std::string* err_out) {
   CHECK(err_out);
   uint32_t int_ip;
   if (inet_pton(AF_INET, ipv4.c_str(), &int_ip) != 1) {
     *err_out = "Failed parsing IPv4 address: " + ipv4;
     return false;
   }
   int_ip = htonl(int_ip);
   if (!IsAllowedIpv4Address(int_ip, err_out)) {
     return false;
   }
   // TODO(jkardatzke): Add IPv6 support when it is needed.
   if (!IsAllowedHostname(hostname, err_out)) {
     return false;
   }
   hostname_ipv4_map_[hostname] = ipv4;
   if (!WriteHostsFile()) {
     *err_out = "Failed writing the updated /etc/hosts file";
     return false;
   }
   return true;
 }

 bool HostsModifier::RemoveHostnameIpMapping(const std::string& hostname,
                                             std::string* err_out) {
   CHECK(err_out);
   if (!hostname_ipv4_map_.erase(hostname)) {
     *err_out =
         "Attempt to remove non-existent hostname mapping for: " + hostname;
     return false;
   }
   if (!WriteHostsFile()) {
     *err_out = "Failed writing the updated /etc/hosts file";
     return false;
   }
   return true;
 }

 bool HostsModifier::WriteHostsFile() {
   // We first write this to an adjacent temp file and then atomically rename
   // that file to be our target aftewards.
   base::FilePath temp_file_path;
   if (!base::CreateTemporaryFileInDir(filepath_.DirName(), &temp_file_path)) {
     PLOG(ERROR) << "Failed creating temp file in dir for hostname writing "
                 << filepath_.DirName().value();
     return false;
   }

   // Open our file for writing.
   base::File temp_file(temp_file_path,
                        base::File::FLAG_OPEN | base::File::FLAG_WRITE);
   if (!temp_file.IsValid()) {
     PLOG(ERROR) << "Failed opening temp file for writing: "
                 << temp_file_path.value();
     return false;
   }

   // First write out the base contents for the file.
   if (temp_file.WriteAtCurrentPos(base_hosts_contents_.c_str(),
                                   base_hosts_contents_.size()) !=
       base_hosts_contents_.size()) {
     PLOG(ERROR) << "Failed writing base contents to temp file: "
                 << temp_file_path.value();
     return false;
   }
   // We only write out more if we have contents in our map.
   if (!hostname_ipv4_map_.empty()) {
     // Now write out our delimiter, which includes newlines at both ends so we
     // are sure it is on its own line and we will be on a new line after this.
     if (temp_file.WriteAtCurrentPos(kFileModificationDelimeter,
                                     sizeof(kFileModificationDelimeter) - 1) !=
         sizeof(kFileModificationDelimeter) - 1) {
       PLOG(ERROR) << "Failed writing delimiter to temp file: "
                   << temp_file_path.value();
       return false;
     }

     // Now write out all of our entries, one per line.
     for (const auto& entry : hostname_ipv4_map_) {
       std::string curr_line = base::StringPrintf(
           "%s %s\n", entry.second.c_str(), entry.first.c_str());
       if (temp_file.WriteAtCurrentPos(curr_line.c_str(), curr_line.size()) !=
           curr_line.size()) {
         PLOG(ERROR) << "Failed writing hostname entry to temp file: "
                     << temp_file_path.value();
         return false;
       }
     }
   }

   // Done writing to the file, close it, ensure permissions are correct and
   // rename it.
   temp_file.Close();
   if (!base::SetPosixFilePermissions(temp_file_path,
                                      base::FILE_PERMISSION_READ_BY_USER |
                                          base::FILE_PERMISSION_READ_BY_GROUP |
                                          base::FILE_PERMISSION_READ_BY_OTHERS |
                                          base::FILE_PERMISSION_WRITE_BY_USER)) {
     PLOG(ERROR) << "Failed setting file permissions on our temp file: "
                 << temp_file_path.value();
     return false;
   }

   if (!base::ReplaceFile(temp_file_path, filepath_, nullptr)) {
     PLOG(ERROR) << "Failed replacing existing hosts file with our temp file";
     return false;
   }

   return true;
 }

 }  // namespace crosdns
	// Copyright 2018 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "crosdns/hosts_modifier.h"

	#include <arpa/inet.h>

	#include <base/files/file.h>
	#include <base/files/file_util.h>
	#include <base/logging.h>
	#include <base/strings/string_util.h>
	#include <base/strings/stringprintf.h>

	namespace {
	// To avoid reading something too big, this should never happen.
	constexpr size_t kMaxFileSize = 1048576; // 1MB.
	// This is the delimiter we write out before our changes so that if we crash and
	// are restarted we know what the base file was before we modified it.
	constexpr char kFileModificationDelimeter[] =
	"\n#####DYNAMIC-CROSDNS-ENTRIES#####\n";
	constexpr char kAllowedHostnameSuffix[] = ".linux.test";
	constexpr uint32_t kAllowedIpSubnet = 0x64735c00; // 100.115.92.0
	constexpr uint32_t kAllowedIpMask = 0xFFFFFF00;

	// Only allow IPs in the 100.115.92.0/24 subnet.
	bool IsAllowedIpv4Address(uint32_t ipv4, std::string* err_out) {
	if ((ipv4 & kAllowedIpMask) != kAllowedIpSubnet) {
	*err_out = "IP address disallowed in mapping";
	return false;
	}
	return true;
	}

	// Hostname must be *.test and use legal chars.
	bool IsAllowedHostname(const std::string& hostname, std::string* err_out) {
	// Make sure this is a legal hostname. It must be comprised of alphanumeric
	// characters, dashes or dots. The dot or dash may not be the first character.
	// It may not have consecutive dots. It must also have the '.test' suffix.
	if (!base::EndsWith(hostname, kAllowedHostnameSuffix,
	base::CompareCase::SENSITIVE)) {
	*err_out = "Attempt to add invalid hostname to mapping of: " + hostname;
	return false;
	}
	if (hostname[0] == '-' \|\| hostname[0] == '.') {
	*err_out = "First char in hostname may not be a dot or dash: " + hostname;
	return false;
	}
	bool last_was_dot = false;
	for (auto c : hostname) {
	if (!base::IsAsciiAlpha(c) && !base::IsAsciiDigit(c) && c != '-') {
	if (c == '.' && !last_was_dot) {
	last_was_dot = true;
	continue;
	}
	*err_out = "Invalid char in hostname: " + hostname;
	return false;
	}
	last_was_dot = false;
	}
	return true;
	}
	} // namespace

	namespace crosdns {

	HostsModifier::HostsModifier() = default;
	HostsModifier::~HostsModifier() = default;

	bool HostsModifier::Init(const base::FilePath& hosts_filepath) {
	filepath_ = hosts_filepath;
	if (!base::ReadFileToStringWithMaxSize(filepath_, &base_hosts_contents_,
	kMaxFileSize)) {
	PLOG(ERROR) << "Failed reading in existing hostname file from "
	<< filepath_.value();
	return false;
	}
	// See if our delimiter was in there or not, if it is then we strip everything
	// off after it (including the delimiter) and then rewrite out the file so
	// that any stale entries are removed.
	size_t delim_pos = base_hosts_contents_.find(kFileModificationDelimeter);
	if (delim_pos == std::string::npos) {
	return true;
	}
	// Delimeter was in there, strip it off and rewrite the file.
	base_hosts_contents_.erase(delim_pos);
	return WriteHostsFile();
	}

	bool HostsModifier::SetHostnameIpMapping(const std::string& hostname,
	const std::string& ipv4,
	const std::string& ipv6,
	std::string* err_out) {
	CHECK(err_out);
	uint32_t int_ip;
	if (inet_pton(AF_INET, ipv4.c_str(), &int_ip) != 1) {
	*err_out = "Failed parsing IPv4 address: " + ipv4;
	return false;
	}
	int_ip = htonl(int_ip);
	if (!IsAllowedIpv4Address(int_ip, err_out)) {
	return false;
	}
	// TODO(jkardatzke): Add IPv6 support when it is needed.
	if (!IsAllowedHostname(hostname, err_out)) {
	return false;
	}
	hostname_ipv4_map_[hostname] = ipv4;
	if (!WriteHostsFile()) {
	*err_out = "Failed writing the updated /etc/hosts file";
	return false;
	}
	return true;
	}

	bool HostsModifier::RemoveHostnameIpMapping(const std::string& hostname,
	std::string* err_out) {
	CHECK(err_out);
	if (!hostname_ipv4_map_.erase(hostname)) {
	*err_out =
	"Attempt to remove non-existent hostname mapping for: " + hostname;
	return false;
	}
	if (!WriteHostsFile()) {
	*err_out = "Failed writing the updated /etc/hosts file";
	return false;
	}
	return true;
	}

	bool HostsModifier::WriteHostsFile() {
	// We first write this to an adjacent temp file and then atomically rename
	// that file to be our target aftewards.
	base::FilePath temp_file_path;
	if (!base::CreateTemporaryFileInDir(filepath_.DirName(), &temp_file_path)) {
	PLOG(ERROR) << "Failed creating temp file in dir for hostname writing "
	<< filepath_.DirName().value();
	return false;
	}

	// Open our file for writing.
	base::File temp_file(temp_file_path,
	base::File::FLAG_OPEN \| base::File::FLAG_WRITE);
	if (!temp_file.IsValid()) {
	PLOG(ERROR) << "Failed opening temp file for writing: "
	<< temp_file_path.value();
	return false;
	}

	// First write out the base contents for the file.
	if (temp_file.WriteAtCurrentPos(base_hosts_contents_.c_str(),
	base_hosts_contents_.size()) !=
	base_hosts_contents_.size()) {
	PLOG(ERROR) << "Failed writing base contents to temp file: "
	<< temp_file_path.value();
	return false;
	}
	// We only write out more if we have contents in our map.
	if (!hostname_ipv4_map_.empty()) {
	// Now write out our delimiter, which includes newlines at both ends so we
	// are sure it is on its own line and we will be on a new line after this.
	if (temp_file.WriteAtCurrentPos(kFileModificationDelimeter,
	sizeof(kFileModificationDelimeter) - 1) !=
	sizeof(kFileModificationDelimeter) - 1) {
	PLOG(ERROR) << "Failed writing delimiter to temp file: "
	<< temp_file_path.value();
	return false;
	}

	// Now write out all of our entries, one per line.
	for (const auto& entry : hostname_ipv4_map_) {
	std::string curr_line = base::StringPrintf(
	"%s %s\n", entry.second.c_str(), entry.first.c_str());
	if (temp_file.WriteAtCurrentPos(curr_line.c_str(), curr_line.size()) !=
	curr_line.size()) {
	PLOG(ERROR) << "Failed writing hostname entry to temp file: "
	<< temp_file_path.value();
	return false;
	}
	}
	}

	// Done writing to the file, close it, ensure permissions are correct and
	// rename it.
	temp_file.Close();
	if (!base::SetPosixFilePermissions(temp_file_path,
	base::FILE_PERMISSION_READ_BY_USER \|
	base::FILE_PERMISSION_READ_BY_GROUP \|
	base::FILE_PERMISSION_READ_BY_OTHERS \|
	base::FILE_PERMISSION_WRITE_BY_USER)) {
	PLOG(ERROR) << "Failed setting file permissions on our temp file: "
	<< temp_file_path.value();
	return false;
	}

	if (!base::ReplaceFile(temp_file_path, filepath_, nullptr)) {
	PLOG(ERROR) << "Failed replacing existing hosts file with our temp file";
	return false;
	}

	return true;
	}

	} // namespace crosdns