=== modified file '.bzrignore' --- .bzrignore 2008-08-27 01:18:25 +0000 +++ .bzrignore 2008-09-06 16:33:54 +0000 @@ -3,6 +3,6 @@ *.8mandos plugin-runner plugins.d/password-prompt -plugins.d/password-request +plugins.d/mandos-client confdir keydir === modified file 'Makefile' --- Makefile 2008-09-05 23:39:07 +0000 +++ Makefile 2008-09-07 01:20:43 +0000 @@ -13,14 +13,19 @@ #COVERAGE=--coverage OPTIMIZE=-Os LANGUAGE=-std=gnu99 -# PREFIX=/usr/local + +## Use these settings for a traditional /usr/local install +# PREFIX=$(DESTDIR)/usr/local +# CONFDIR=$(PREFIX)/lib/mandos +# KEYDIR=$(PREFIX)/lib/mandos/keys +# MANDIR=$(PREFIX)/man +# INITRAMFSTOOLS=/etc/initramfs-tools + PREFIX=$(DESTDIR)/usr -# CONFDIR=/usr/local/lib/mandos CONFDIR=$(DESTDIR)/etc/mandos -# KEYDIR=/usr/local/lib/mandos/keys KEYDIR=$(DESTDIR)/etc/keys/mandos -# MANDIR=/usr/local/man -MANDIR=$(DESTDIR)/usr/share/man +MANDIR=$(PREFIX)/share/man +INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools GNUTLS_CFLAGS=$(shell libgnutls-config --cflags) GNUTLS_LIBS=$(shell libgnutls-config --libs) @@ -34,7 +39,7 @@ $(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) LDFLAGS=$(COVERAGE) -# Commands to format a DocBook refentry document into a manual page +# Commands to format a DocBook document into a manual page DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \ --param man.charmap.use.subset 0 \ --param make.year.ranges 1 \ @@ -44,13 +49,13 @@ /usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \ $(notdir $<); \ $(MANPOST) $(notdir $@) -# DocBook-to-man post-processing to fix a \n escape bug +# DocBook-to-man post-processing to fix a '\n' escape bug MANPOST=sed --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g' -PLUGINS=plugins.d/password-prompt plugins.d/password-request +PLUGINS=plugins.d/password-prompt plugins.d/mandos-client PROGS=plugin-runner $(PLUGINS) DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \ - plugins.d/password-request.8mandos \ + plugins.d/mandos-client.8mandos \ plugins.d/password-prompt.8mandos mandos.conf.5 \ mandos-clients.conf.5 @@ -81,12 +86,12 @@ plugin-runner.8mandos: plugin-runner.xml overview.xml legalnotice.xml $(DOCBOOKTOMAN) -plugins.d/password-request.8mandos: plugins.d/password-request.xml \ +plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \ mandos-options.xml \ overview.xml legalnotice.xml $(DOCBOOKTOMAN) -plugins.d/password-request: plugins.d/password-request.o +plugins.d/mandos-client: plugins.d/mandos-client.o $(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \ $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@ @@ -109,7 +114,7 @@ run-client: all keydir/seckey.txt keydir/pubkey.txt ./plugin-runner --plugin-dir=plugins.d \ --config-file=plugin-runner.conf \ - --options-for=password-request:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt + --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt # Used by run-client keydir/seckey.txt keydir/pubkey.txt: mandos-keygen @@ -140,8 +145,10 @@ mandos.conf install --mode=u=rw --target-directory=$(CONFDIR) \ clients.conf - install --mode=u=rwx,go=rx init.d-mandos /etc/init.d/mandos - install --mode=u=rw,go=r default-mandos /etc/default/mandos + install --mode=u=rwx,go=rx init.d-mandos \ + $(DESTDIR)/etc/init.d/mandos + install --mode=u=rw,go=r default-mandos \ + $(DESTDIR)/etc/default/mandos update-rc.d mandos defaults gzip --best --to-stdout mandos.8 \ > $(MANDIR)/man8/mandos.8.gz @@ -150,16 +157,17 @@ gzip --best --to-stdout mandos-clients.conf.5 \ > $(MANDIR)/man5/mandos-clients.conf.5.gz -install-client: all doc /usr/share/initramfs-tools/hooks/. +install-client: all doc $(INITRAMFSTOOLS)/hooks/. install --directory $(PREFIX)/lib/mandos $(CONFDIR) \ $(MANDIR)/man8 install --directory --mode=u=rwx $(KEYDIR) install --directory --mode=u=rwx \ $(PREFIX)/lib/mandos/plugins.d - if [ "$(CONFDIR)/plugins.d" \ - != "$(PREFIX)/lib/mandos/plugins.d" ]; then \ + if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \ install --mode=u=rwx \ --directory "$(CONFDIR)/plugins.d"; \ + install --mode=u=rw,go=r etc-plugins.d-README \ + $(CONFDIR)/plugins.d/README ; \ fi install --mode=u=rwx,go=rx \ --target-directory=$(PREFIX)/lib/mandos plugin-runner @@ -170,16 +178,16 @@ plugins.d/password-prompt install --mode=u=rwxs,go=rx \ --target-directory=$(PREFIX)/lib/mandos/plugins.d \ - plugins.d/password-request + plugins.d/mandos-client install --mode=u=rwx,go=rx \ --target-directory=$(PREFIX)/lib/mandos/plugins.d \ plugins.d/usplash install initramfs-tools-hook \ - /usr/share/initramfs-tools/hooks/mandos + $(INITRAMFSTOOLS)/hooks/mandos install initramfs-tools-hook-conf \ - /usr/share/initramfs-tools/conf-hooks.d/mandos + $(INITRAMFSTOOLS)/conf-hooks.d/mandos install initramfs-tools-script \ - /usr/share/initramfs-tools/scripts/local-top/mandos + $(INITRAMFSTOOLS)/scripts/local-top/mandos install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR) gzip --best --to-stdout mandos-keygen.8 \ > $(MANDIR)/man8/mandos-keygen.8.gz @@ -187,8 +195,8 @@ > $(MANDIR)/man8/plugin-runner.8mandos.gz gzip --best --to-stdout plugins.d/password-prompt.8mandos \ > $(MANDIR)/man8/password-prompt.8mandos.gz - gzip --best --to-stdout plugins.d/password-request.8mandos \ - > $(MANDIR)/man8/password-request.8mandos.gz + gzip --best --to-stdout plugins.d/mandos-client.8mandos \ + > $(MANDIR)/man8/mandos-client.8mandos.gz # Post-installation stuff -$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)" update-initramfs -k all -u @@ -208,19 +216,22 @@ # Refuse to uninstall client if /etc/crypttab is explicitly configured # to use it. ! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \ - /etc/crypttab + $(DESTDIR)/etc/crypttab -rm --force $(PREFIX)/sbin/mandos-keygen \ $(PREFIX)/lib/mandos/plugin-runner \ $(PREFIX)/lib/mandos/plugins.d/password-prompt \ - $(PREFIX)/lib/mandos/plugins.d/password-request \ + $(PREFIX)/lib/mandos/plugins.d/mandos-client \ $(PREFIX)/lib/mandos/plugins.d/usplash \ - /usr/share/initramfs-tools/hooks/mandos \ - /usr/share/initramfs-tools/conf-hooks.d/mandos \ - /usr/share/initramfs-tools/scripts/local-top/mandos \ + $(INITRAMFSTOOLS)/hooks/mandos \ + $(INITRAMFSTOOLS)/conf-hooks.d/mandos \ + $(INITRAMFSTOOLS)/scripts/local-top/mandos \ $(MANDIR)/man8/plugin-runner.8mandos.gz \ $(MANDIR)/man8/mandos-keygen.8.gz \ $(MANDIR)/man8/password-prompt.8mandos.gz \ - $(MANDIR)/man8/password-request.8mandos.gz + $(MANDIR)/man8/mandos-client.8mandos.gz + if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \ + rm --force $(CONFDIR)/plugins.d/README; \ + fi -rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \ $(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR) update-initramfs -k all -u @@ -229,8 +240,9 @@ purge-server: uninstall-server -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \ - /etc/default/mandos /etc/init.d/mandos \ - /var/run/mandos.pid + $(DESTDIR)/etc/default/mandos \ + $(DESTDIR)/etc/init.d/mandos \ + $(DESTDIR)/var/run/mandos.pid -rmdir $(CONFDIR) purge-client: uninstall-client === modified file 'TODO' --- TODO 2008-09-05 07:11:24 +0000 +++ TODO 2008-09-06 16:31:49 +0000 @@ -2,7 +2,7 @@ * plugin-runner -* password-request +* mandos-client ** [#B] Temporarily lower kernel log level for less printouts during sucessfull boot. ** IPv4 support === added file 'etc-plugins.d-README' --- etc-plugins.d-README 1970-01-01 00:00:00 +0000 +++ etc-plugins.d-README 2008-09-06 16:11:50 +0000 @@ -0,0 +1,5 @@ +Any plugins found here in /etc/mandos/plugins.d will override and add +to the normal Mandos plugins. When adding or changing plugins, do not +forget to update the initital RAM disk image: + +# update-initramfs -k all -u === modified file 'legalnotice.xml' --- legalnotice.xml 2008-08-31 15:06:39 +0000 +++ legalnotice.xml 2008-09-06 17:24:58 +0000 @@ -4,21 +4,24 @@ This manual page is free software: you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation, either version 3 of the - License, or (at your option) any later version. + modify it under the terms of the GNU General + Public License as published by the Free Software Foundation, + either version 3 of the License, or (at your option) any later + version. This manual page is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - See the GNU General Public License for more details. + See the GNU General Public License for more + details. - You should have received a copy of the GNU General Public License - along with this program; If not, see . + You should have received a copy of the GNU + General Public License along with this program. If not, see + http://www.gnu.org/licenses/. === modified file 'mandos-keygen.xml' --- mandos-keygen.xml 2008-09-03 19:13:50 +0000 +++ mandos-keygen.xml 2008-09-06 16:31:49 +0000 @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [ - + ]> @@ -159,7 +159,7 @@ &COMMANDNAME; is a program to generate the OpenPGP key used by - password-request + mandos-client 8mandos. The key is normally written to /etc/mandos for later installation into the initrd image, but this, and most other things, can be changed @@ -479,7 +479,7 @@ 5, mandos 8, - password-request + mandos-client 8mandos === modified file 'mandos-options.xml' --- mandos-options.xml 2008-09-03 05:04:40 +0000 +++ mandos-options.xml 2008-09-06 16:31:49 +0000 @@ -6,7 +6,7 @@ This file is used by both mandos(8) and mandos.conf(5), since these options can be used both on the command line and in the config file. -It is also used for some texts by password-request(8mandos). +It is also used for some texts by mandos-client(8mandos). -->
=== modified file 'mandos.xml' --- mandos.xml 2008-09-05 16:24:33 +0000 +++ mandos.xml 2008-09-06 16:31:49 +0000 @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [ - + ]> @@ -529,7 +529,7 @@ For more details on client-side security, see - password-request + mandos-client 8mandos. @@ -543,7 +543,7 @@ 5, mandos.conf 5, - password-request + mandos-client 8mandos, sh1 === modified file 'plugin-runner.c' --- plugin-runner.c 2008-09-06 15:34:21 +0000 +++ plugin-runner.c 2008-09-07 01:44:44 +0000 @@ -394,14 +394,8 @@ if(arg == NULL){ break; } - { - char *envdef = strdup(arg); - if(envdef == NULL){ - break; - } - if(not add_environment(getplugin(NULL), envdef, true)){ - perror("add_environment"); - } + if(not add_environment(getplugin(NULL), arg, true)){ + perror("add_environment"); } break; case 'o': /* --options-for */ @@ -435,12 +429,8 @@ if(envdef == NULL){ break; } - char *p_name = strndup(arg, (size_t) (envdef-arg)); - if(p_name == NULL){ - break; - } - envdef++; - if(not add_environment(getplugin(p_name), envdef, true)){ + *envdef = '\0'; + if(not add_environment(getplugin(arg), envdef+1, true)){ perror("add_environment"); } } @@ -464,6 +454,7 @@ } break; case 128: /* --plugin-dir */ + free(plugindir); plugindir = strdup(arg); if(plugindir == NULL){ perror("strdup"); @@ -507,6 +498,7 @@ case 128: /* --plugin-dir */ break; case 129: /* --config-file */ + free(argfile); argfile = strdup(arg); if(argfile == NULL){ perror("strdup"); @@ -742,7 +734,11 @@ } char *filename; - ret = asprintf(&filename, "%s/%s", plugindir, dirst->d_name); + if(plugindir == NULL){ + ret = asprintf(&filename, PDIR "/%s", dirst->d_name); + } else { + ret = asprintf(&filename, "%s/%s", plugindir, dirst->d_name); + } if(ret < 0){ perror("asprintf"); continue; @@ -937,7 +933,7 @@ } /* OK, now either a process completed, or something can be read from one of them */ - for(plugin *proc = plugin_list; proc != NULL; proc = proc->next){ + for(plugin *proc = plugin_list; proc != NULL;){ /* Is this process completely done? */ if(proc->eof and proc->completed){ /* Only accept the plugin output if it exited cleanly */ @@ -970,7 +966,7 @@ exitstatus = EXIT_FAILURE; goto fallback; } - free_plugin(proc); + /* We are done modifying process list, so unblock signal */ ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL); @@ -983,6 +979,10 @@ if(plugin_list == NULL){ break; } + + plugin *next_plugin = proc->next; + free_plugin(proc); + proc = next_plugin; continue; } @@ -1000,6 +1000,7 @@ /* This process has not completed. Does it have any output? */ if(proc->eof or not FD_ISSET(proc->fd, &rfds)){ /* This process had nothing to say at this time */ + proc = proc->next; continue; } /* Before reading, make the process' data buffer large enough */ @@ -1018,6 +1019,7 @@ BUFFER_SIZE); if(ret < 0){ /* Read error from this process; ignore the error */ + proc = proc->next; continue; } if(ret == 0){ === modified file 'plugin-runner.conf' --- plugin-runner.conf 2008-09-05 07:11:24 +0000 +++ plugin-runner.conf 2008-09-06 16:31:49 +0000 @@ -2,8 +2,8 @@ ## installed as "/etc/mandos/plugin-runner.conf", which will be copied ## to "/conf/conf.d/mandos/plugin-runner.conf" in the initrd.img file. ## -## The default network interface for password-request(8mandos) is +## The default network interface for mandos-client(8mandos) is ## "eth0". Uncomment this line and change it if necessary. ## -#--options-for=password-request:--interface=eth0 +#--options-for=mandos-client:--interface=eth0 === modified file 'plugin-runner.xml' --- plugin-runner.xml 2008-09-06 15:34:21 +0000 +++ plugin-runner.xml 2008-09-06 16:31:49 +0000 @@ -571,13 +571,13 @@ Run plugins from a different directory, read a different configuration file, and add two options to the - password-request + mandos-client 8mandos plugin: -&COMMANDNAME; --config-file=/etc/mandos/plugin-runner.conf --plugin-dir /usr/lib/mandos/plugins.d --options-for=password-request:--pubkey=/etc/keys/mandos/pubkey.txt,--seckey=/etc/keys/mandos/seckey.txt +&COMMANDNAME; --config-file=/etc/mandos/plugin-runner.conf --plugin-dir /usr/lib/mandos/plugins.d --options-for=mandos-client:--pubkey=/etc/keys/mandos/pubkey.txt,--seckey=/etc/keys/mandos/seckey.txt @@ -625,7 +625,7 @@ 8, password-prompt 8mandos, - password-request + mandos-client 8mandos === renamed file 'plugins.d/password-request.c' => 'plugins.d/mandos-client.c' --- plugins.d/password-request.c 2008-09-06 15:34:21 +0000 +++ plugins.d/mandos-client.c 2008-09-07 01:44:44 +0000 @@ -111,7 +111,7 @@ bool debug = false; static const char mandos_protocol_version[] = "1"; -const char *argp_program_version = "password-request 1.0"; +const char *argp_program_version = "mandos-client 1.0"; const char *argp_program_bug_address = ""; /* Used for passing in values through the Avahi callback functions */ @@ -315,7 +315,7 @@ /* Seek back to the beginning of the GPGME plaintext data buffer */ if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){ - perror("pgpme_data_seek"); + perror("gpgme_data_seek"); plaintext_length = -1; goto decrypt_end; } @@ -451,6 +451,7 @@ gnutls_certificate_free_credentials(mc->cred); gnutls_global_deinit(); + gnutls_dh_params_deinit(mc->dh_params); return -1; } @@ -830,7 +831,7 @@ .dh_bits = 1024, .priority = "SECURE256" ":!CTYPE-X.509:+CTYPE-OPENPGP" }; bool gnutls_initalized = false; - bool pgpme_initalized = false; + bool gpgme_initalized = false; { struct argp_option options[] = { @@ -977,11 +978,11 @@ } if(not init_gpgme(&mc, pubkey, seckey, tempdir)){ - fprintf(stderr, "pgpme_initalized failed\n"); + fprintf(stderr, "gpgme_initalized failed\n"); exitcode = EXIT_FAILURE; goto end; } else { - pgpme_initalized = true; + gpgme_initalized = true; } if_index = (AvahiIfIndex) if_nametoindex(interface); @@ -1098,9 +1099,10 @@ if (gnutls_initalized){ gnutls_certificate_free_credentials(mc.cred); gnutls_global_deinit (); + gnutls_dh_params_deinit(mc.dh_params); } - if(pgpme_initalized){ + if(gpgme_initalized){ gpgme_release(mc.ctx); } @@ -1133,6 +1135,7 @@ free(fullname); } } + closedir(d); } ret = rmdir(tempdir); if(ret == -1){ === renamed file 'plugins.d/password-request.xml' => 'plugins.d/mandos-client.xml' --- plugins.d/password-request.xml 2008-09-04 14:12:10 +0000 +++ plugins.d/mandos-client.xml 2008-09-06 16:33:08 +0000 @@ -2,8 +2,8 @@ - - + + ]> @@ -45,7 +45,7 @@ &COMMANDNAME; - Client for mandos + Client for Mandos @@ -311,10 +311,12 @@ /etc/crypttab, but it would then be impossible to enter a password for the encrypted root disk at the console, since this program does not read from the console - at all. This is why a separate plugin ( - password-prompt - 8mandos) does that, which - will be run in parallel to this one by the plugin runner. + at all. This is why a separate plugin runner ( + plugin-runner + 8mandos) is used to run + both this program and others in in parallel, + one of which will prompt for passwords on + the system console. @@ -327,7 +329,7 @@ program will exit with a non-zero exit status only if a critical error occurs. Otherwise, it will forever connect to new Mandos servers as they appear, trying - to get a decryptable password. + to get a decryptable password and print it. === modified file 'plugins.d/password-prompt.c' --- plugins.d/password-prompt.c 2008-09-06 15:34:21 +0000 +++ plugins.d/password-prompt.c 2008-09-07 01:44:44 +0000 @@ -249,6 +249,8 @@ fprintf(stderr, "getline() returned 0, retrying.\n"); } } + + free(buffer); if (debug){ fprintf(stderr, "Restoring terminal attributes\n"); === modified file 'plugins.d/password-prompt.xml' --- plugins.d/password-prompt.xml 2008-09-04 13:36:59 +0000 +++ plugins.d/password-prompt.xml 2008-09-06 16:31:49 +0000 @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [ - + ]> @@ -290,7 +290,7 @@ crypttab 5 - password-request + mandos-client 8mandos plugin-runner 8mandos,