=== modified file 'TODO' --- TODO 2008-08-09 01:39:09 +0000 +++ TODO 2008-08-09 04:56:00 +0000 @@ -7,8 +7,7 @@ * Mandos-client ** [#A] Man page: man8/mandos-client.8mandos -** [#A] check return codes of all system calls -** [#B] header files/symbols tally +** [#B] Fix %d format strings to use [[https://secure.wikimedia.org/wikipedia/en/wiki/Inttypes.h][]] ** use strsep instead of strtok? ** use config file in addition to arguments ** pass things in environment, like device name, etc @@ -17,6 +16,7 @@ ** [#A] Man page: man8/password-request.8mandos ** [#A] check return codes of all system calls ** [#B] header files/symbols tally +** [#B] Fix %d format strings to use [[https://secure.wikimedia.org/wikipedia/en/wiki/Inttypes.h][]] ** IPv4 support ** use strsep instead of strtok? ** Do not depend on GPG key rings on disk @@ -26,19 +26,23 @@ * Password-prompt ** [#A] Man page: man8/password-prompt.8mandos ** Use getpass(3)? - [[info:libc:getpass][GNU LibC Manual: Reading Passwords]] + Man page says "obsolete", but [[info:libc:getpass][GNU LibC Manual: Reading Passwords]] + does not. See also [[http://sources.redhat.com/ml/libc-alpha/2003-05/msg00251.html][Marcus Brinkmann: Re: getpass obsolete?]] and + [[http://article.gmane.org/gmane.comp.lib.glibc.alpha/4906][Petter Reinholdtsen: Re: getpass obsolete?]], and especially also + [[http://www.steve.org.uk/Reference/Unix/faq_4.html#SEC48][Unix Programming FAQ 3.1 How can I make my program not echo input?]] * Server ** [#A] Command man page: man8/mandos.8 ** [#A] Config file man page: man5/mandos.conf (mandos.conf) ** [#A] Config file man page: man5/mandos-clients.conf (clients.conf) -** [#A] /etc/init.d/mandos-server +** [#A] /etc/init.d/mandos-server :teddy: ** Log level ** /etc/mandos/clients.d/*.conf Watch this directory and add/remove/update clients? ** config for TXT record ** Run-time communication with server - probably using D-Bus + Probably using D-Bus + See also [[*Mandos-tools]] ** Implement --foreground [[info:standards:Option%20Table][Table of Long Options]] ** Implement --socket @@ -47,14 +51,18 @@ * Mandos-tools/utilities All of this probably using D-Bus ** List clients +** Disable client ** Enable client -** Disable client * Installer ** [#A] Change initrd.img file to not be publically readable +** [#A] Create /etc/initramfs-tools/hooks/mandos + [[file:/usr/share/doc/initramfs-tools/examples/example_hook][Example initramfs-tools hook script]] ** [#A] Create GPG key ring files in initrd ** [#A] Create mandos user and group for server ** [#A] Create /var/run/mandos directory with perm and ownership +* [[http://en.tldp.org/HOWTO/Software-Release-Practice-HOWTO/][Software Release Practice HOWTO]] + #+STARTUP: showall === modified file 'mandos-client.c' --- mandos-client.c 2008-08-07 21:45:41 +0000 +++ mandos-client.c 2008-08-09 04:42:39 +0000 @@ -23,32 +23,46 @@ #define _GNU_SOURCE /* TEMP_FAILURE_RETRY() */ -#include /* popen(), fileno(), fprintf(), - stderr, STDOUT_FILENO */ +#include /* size_t, NULL */ +#include /* malloc(), exit(), EXIT_FAILURE, + EXIT_SUCCESS, realloc() */ +#include /* bool, true, false */ +#include /* perror, popen(), fileno(), + fprintf(), stderr, STDOUT_FILENO */ +#include /* DIR, opendir(), stat(), struct + stat, waitpid(), WIFEXITED(), + WEXITSTATUS(), wait(), pid_t, + uid_t, gid_t, getuid(), getgid(), + dirfd() */ +#include /* fd_set, select(), FD_ZERO(), + FD_SET(), FD_ISSET(), FD_CLR */ +#include /* wait(), waitpid(), WIFEXITED(), + WEXITSTATUS() */ +#include /* struct stat, stat(), S_ISREG() */ #include /* and, or, not */ -#include /* DIR, opendir(), stat(), - struct stat, waitpid(), - WIFEXITED(), WEXITSTATUS(), - wait() */ -#include /* wait() */ #include /* DIR, struct dirent, opendir(), - readdir(), closedir() */ -#include /* struct stat, stat(), S_ISREG() */ + readdir(), closedir(), dirfd() */ #include /* struct stat, stat(), S_ISREG(), - fcntl() */ -#include /* fcntl() */ -#include /* NULL */ -#include /* EXIT_FAILURE */ -#include /* fd_set, select(), FD_ZERO(), - FD_SET(), FD_ISSET() */ -#include /* strlen(), strcpy(), strcat() */ -#include /* true */ -#include /* waitpid(), WIFEXITED(), - WEXITSTATUS() */ + fcntl(), setuid(), setgid(), + F_GETFD, F_SETFD, FD_CLOEXEC, + access(), pipe(), fork(), close() + dup2, STDOUT_FILENO, _exit(), + execv(), write(), read(), + close() */ +#include /* fcntl(), F_GETFD, F_SETFD, + FD_CLOEXEC */ +#include /* strtok, strlen(), strcpy(), + strcat() */ #include /* errno */ -#include /* struct argp_option, - struct argp_state, struct argp, - argp_parse() */ +#include /* struct argp_option, struct + argp_state, struct argp, + argp_parse(), ARGP_ERR_UNKNOWN, + ARGP_KEY_END, ARGP_KEY_ARG, error_t */ +#include /* struct sigaction, sigemptyset(), + sigaddset(), sigaction(), + sigprocmask(), SIG_BLOCK, SIGCHLD, + SIG_UNBLOCK, kill() */ +#include /* errno, EBADF */ #define BUFFER_SIZE 256 @@ -141,6 +155,10 @@ process *proc = process_list; int status; pid_t pid = wait(&status); + if(pid == -1){ + perror("wait"); + return; + } while(proc != NULL and proc->pid != pid){ proc = proc->next; } @@ -272,7 +290,12 @@ .args_doc = "[+PLUS_SEPARATED_OPTIONS]", .doc = "Mandos plugin runner -- Run plugins" }; - argp_parse (&argp, argc, argv, 0, 0, &plugin_list); + ret = argp_parse (&argp, argc, argv, 0, 0, &plugin_list); + if (ret == ARGP_ERR_UNKNOWN){ + perror("argp_parse"); + exitstatus = EXIT_FAILURE; + goto end; + } if(plus_options){ /* This is a mangled argument in the form of @@ -296,7 +319,7 @@ plus_argv = realloc(plus_argv, sizeof(char *) * ((unsigned int) new_argc + 1)); if(plus_argv == NULL){ - perror("malloc"); + perror("realloc"); exitstatus = EXIT_FAILURE; goto end; } @@ -304,7 +327,12 @@ plus_argv[new_argc] = NULL; arg = strtok(NULL, delims); /* Get next argument */ } - argp_parse (&argp, new_argc, plus_argv, 0, 0, &plugin_list); + ret = argp_parse (&argp, new_argc, plus_argv, 0, 0, &plugin_list); + if (ret == ARGP_ERR_UNKNOWN){ + perror("argp_parse"); + exitstatus = EXIT_FAILURE; + goto end; + } } if(debug){ @@ -354,6 +382,11 @@ // All directory entries have been processed if(dirst == NULL){ + if (errno == EBADF){ + perror("readdir"); + exitstatus = EXIT_FAILURE; + goto end; + } break; } @@ -414,7 +447,12 @@ strcat(filename, "/"); /* Spurious warning */ strcat(filename, dirst->d_name); /* Spurious warning */ - stat(filename, &st); + ret = stat(filename, &st); + if (ret == -1){ + perror("stat"); + exitstatus = EXIT_FAILURE; + goto end; + } if (not S_ISREG(st.st_mode) or (access(filename, X_OK) != 0)){ if(debug){ @@ -480,7 +518,12 @@ perror("sigprocmask"); _exit(EXIT_FAILURE); } - dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */ + + ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */ + if(ret == -1){ + perror("dup2"); + _exit(EXIT_FAILURE); + } if(dirfd(dir) < 0){ /* If dir has no file descriptor, we could not set FD_CLOEXEC @@ -538,7 +581,7 @@ closedir(dir); dir = NULL; - + if (process_list == NULL){ fprintf(stderr, "No plugin processes started, exiting\n"); exitstatus = EXIT_FAILURE; @@ -679,7 +722,11 @@ for(process *next; process_list != NULL; process_list = next){ next = process_list->next; close(process_list->fd); - kill(process_list->pid, SIGTERM); + ret = kill(process_list->pid, SIGTERM); + if(ret == -1 and errno != ESRCH){ + /* set-uid proccesses migth not get closed */ + perror("kill"); + } free(process_list->buffer); free(process_list); } === modified file 'plugins.d/password-prompt.c' --- plugins.d/password-prompt.c 2008-08-07 21:45:41 +0000 +++ plugins.d/password-prompt.c 2008-08-09 04:42:39 +0000 @@ -33,7 +33,7 @@ sigaction, sigemptyset(), sigaction(), sigaddset(), SIGINT, SIGQUIT, SIGHUP, SIGTERM */ -#include /* NULL, size_t */ +#include /* NULL, size_t, ssize_t */ #include /* ssize_t */ #include /* EXIT_SUCCESS, EXIT_FAILURE, getopt_long */ @@ -44,9 +44,11 @@ #include /* or, not */ #include /* bool, false, true */ #include /* strlen, rindex, strncmp, strcmp */ -#include /* struct argp_option, - struct argp_state, struct argp, - argp_parse() */ +#include /* struct argp_option, struct + argp_state, struct argp, + argp_parse(), error_t, + ARGP_KEY_ARG, ARGP_KEY_END, + ARGP_ERR_UNKNOWN */ volatile bool quit_now = false; bool debug = false; @@ -101,7 +103,11 @@ struct argp argp = { .options = options, .parser = parse_opt, .args_doc = "", .doc = "Mandos Passprompt -- Provides a passprompt" }; - argp_parse (&argp, argc, argv, 0, 0, NULL); + ret = argp_parse (&argp, argc, argv, 0, 0, NULL); + if (ret == ARGP_ERR_UNKNOWN){ + perror("argp_parse"); + return EXIT_FAILURE; + } } if (debug){ @@ -119,16 +125,43 @@ sigaddset(&new_action.sa_mask, SIGINT); sigaddset(&new_action.sa_mask, SIGHUP); sigaddset(&new_action.sa_mask, SIGTERM); - sigaction(SIGINT, NULL, &old_action); - if (old_action.sa_handler != SIG_IGN) - sigaction(SIGINT, &new_action, NULL); - sigaction(SIGHUP, NULL, &old_action); - if (old_action.sa_handler != SIG_IGN) - sigaction(SIGHUP, &new_action, NULL); - sigaction(SIGTERM, NULL, &old_action); - if (old_action.sa_handler != SIG_IGN) - sigaction(SIGTERM, &new_action, NULL); - + ret = sigaction(SIGINT, NULL, &old_action); + if(ret == -1){ + perror("sigaction"); + return EXIT_FAILURE; + } + if (old_action.sa_handler != SIG_IGN){ + ret = sigaction(SIGINT, &new_action, NULL); + if(ret == -1){ + perror("sigaction"); + return EXIT_FAILURE; + } + } + ret = sigaction(SIGHUP, NULL, &old_action); + if(ret == -1){ + perror("sigaction"); + return EXIT_FAILURE; + } + if (old_action.sa_handler != SIG_IGN){ + ret = sigaction(SIGHUP, &new_action, NULL); + if(ret == -1){ + perror("sigaction"); + return EXIT_FAILURE; + } + } + ret = sigaction(SIGTERM, NULL, &old_action); + if(ret == -1){ + perror("sigaction"); + return EXIT_FAILURE; + } + if (old_action.sa_handler != SIG_IGN){ + ret = sigaction(SIGTERM, &new_action, NULL); + if(ret == -1){ + perror("sigaction"); + return EXIT_FAILURE; + } + } + if (debug){ fprintf(stderr, "Removing echo flag from terminal attributes\n"); === modified file 'plugins.d/password-request.c' --- plugins.d/password-request.c 2008-08-07 21:45:41 +0000 +++ plugins.d/password-request.c 2008-08-09 04:42:39 +0000 @@ -34,43 +34,99 @@ #define _GNU_SOURCE /* TEMP_FAILURE_RETRY() */ -#include +#include /* fprintf(), stderr, fwrite(), stdout, ferror() */ +#include /* uint16_t, uint32_t */ +#include /* NULL, size_t, ssize_t */ +#include /* free() */ +#include /* bool, true */ +#include /* memset(), strcmp(), strlen, strerror() */ +#include /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP, + SIOCSIFFLAGS */ +#include /* socket(), inet_pton(), sockaddr, + sockaddr_in6, PF_INET6, SOCK_STREAM, INET6_ADDRSTRLEN */ +#include /* socket(), struct sockaddr_in6, + struct in6_addr, inet_pton(), + connect() */ #include -#include +#include /* perror() */ #include -#include /* if_nametoindex */ -#include /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP, - SIOCSIFFLAGS */ #include /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP, - SIOCSIFFLAGS */ - -#include -#include -#include -#include -#include -#include - -/* Mandos client part */ -#include /* socket(), inet_pton() */ -#include /* socket(), struct sockaddr_in6, - struct in6_addr, inet_pton() */ -#include /* All GnuTLS stuff */ -#include /* GnuTLS with openpgp stuff */ - -#include /* close() */ + SIOCSIFFLAGS, if_indextoname(), + if_nametoindex(), IF_NAMESIZE */ +#include /* close(), SEEK_SET, off_t, write()*/ #include -#include /* true */ -#include /* memset */ -#include /* inet_pton() */ +#include /* inet_pton(), htons */ #include /* not */ -#include /* IF_NAMESIZE */ #include /* struct argp_option, struct argp_state, struct argp, argp_parse() */ + +/* Avahi */ +#include /* AvahiSimplePoll, AvahiServer, + AvahiIfIndex */ +#include +#include /* AvahiLogLevel */ +#include +#include +#include + +/* GnuTLS */ +#include /* gnutls_certificate_credentials_t, + gnutls_dh_params_t, + gnutls_strerror(), + gnutls_global_init(), + gnutls_global_set_log_level(), + gnutls_global_set_log_function(), + gnutls_certificate_allocate_credentials(), + gnutls_global_deinit(), + gnutls_dh_params_init(), + gnutls_dh_params_generate(), + gnutls_certificate_set_dh_params(), + gnutls_certificate_free_credentials(), + gnutls_session_t, gnutls_init(), + gnutls_priority_set_direct(), + gnutls_deinit(), + gnutls_credentials_set(), + gnutls_certificate_server_set_request(), + gnutls_dh_set_prime_bits(), + gnutls_transport_set_ptr(), + gnutls_transport_ptr_t, + gnutls_handshake(), + gnutls_record_recv() + gnutls_perror(), gnutls_bye(), + init_gnutls_session(), + GNUTLS_E_SUCCESS, + GNUTLS_CRD_CERTIFICATE, + GNUTLS_CERT_IGNORE, + GNUTLS_E_INTERRUPTED, + GNUTLS_E_AGAIN, + GNUTLS_E_REHANDSHAKE, + GNUTLS_SHUT_RDWR, */ +#include /* gnutls_certificate_set_openpgp_key_file(), + GNUTLS_OPENPGP_FMT_BASE64 */ + /* GPGME */ -#include /* perror() */ -#include +#include /* gpgme_data_t, gpgme_ctx_t, + gpgme_error_t, gpgme_engine_info_t, + gpgme_check_version(), + gpgme_engine_check_version(), + gpgme_strsource(), + gpgme_strerror(), + gpgme_get_engine_info(), + gpgme_set_engine_info(), + gpgme_data_new_from_mem(), + gpgme_data_new(), gpgme_new(), + gpgme_op_decrypt(), + gpgme_decrypt_result_t, + gpgme_op_decrypt_result(), + gpgme_recipient_t, + gpgme_pubkey_algo_name(), + gpgme_data_seek(), + gpgme_data_read(), + gpgme_data_release() + GPGME_PROTOCOL_OpenPGP, + GPG_ERR_NO_ERROR, + GPG_ERR_NO_SECKEY, */ #define BUFFER_SIZE 256 @@ -360,8 +416,8 @@ globalfail: - gnutls_certificate_free_credentials (mc->cred); - gnutls_global_deinit (); + gnutls_certificate_free_credentials(mc->cred); + gnutls_global_deinit(); return -1; }