/mandos/trunk : revision 115

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/password-request.c

Committer: Teddy Hogeborn
Date: 2008-08-29 16:53:41 UTC
Revision ID: teddy@fukt.bsnet.se-20080829165341-xzrp0xxxfrua5kzq

* mandos.xml (SYNOPSIS): Split <term> tags for the "--help" and
"--interface" options.

files added:
plugins.d/usplash

files removed:
.bzr-builddeb

.bzr-builddeb/default.conf

INSTALL

NEWS

README

common.ent

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

debian/watch

default-mandos

init.d-mandos

legalnotice.xml

mandos-ctl

mandos.lsm

plugin-runner.conf

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files renamed:
plugins.d/mandos-client.c => plugins.d/password-request.c

plugins.d/mandos-client.xml => plugins.d/password-request.xml

files modified:
.bzrignore

Makefile

TODO

clients.conf

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

plugins.d/password-request.c

/* -*- coding: utf-8 -*- */

* Mandos-client - get and decrypt data from a Mandos server

* Mandos client - get and decrypt data from a Mandos server

* This program is partly derived from an example program for an Avahi

* service browser, downloaded from

* "browse_callback", and parts of "main".

* Everything else is

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

/* Needed by GPGME, specifically gpgme_data_seek() */

#ifndef _LARGEFILE_SOURCE

#define _LARGEFILE_SOURCE

#endif

#ifndef _FILE_OFFSET_BITS

#define _FILE_OFFSET_BITS 64

#endif

#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */

#include <stdio.h> /* fprintf(), stderr, fwrite(),

stdout, ferror(), remove() */

stdout, ferror() */

#include <stdint.h> /* uint16_t, uint32_t */

#include <stddef.h> /* NULL, size_t, ssize_t */

#include <stdlib.h> /* free(), EXIT_SUCCESS, EXIT_FAILURE,

srand(), strtof() */

#include <stdbool.h> /* bool, false, true */

srand() */

#include <stdbool.h> /* bool, true */

#include <string.h> /* memset(), strcmp(), strlen(),

strerror(), asprintf(), strcpy() */

#include <sys/ioctl.h> /* ioctl */

#include <sys/types.h> /* socket(), inet_pton(), sockaddr,

sockaddr_in6, PF_INET6,

SOCK_STREAM, uid_t, gid_t, open(),

opendir(), DIR */

#include <sys/stat.h> /* open() */

SOCK_STREAM, INET6_ADDRSTRLEN,

uid_t, gid_t */

#include <inttypes.h> /* PRIu16 */

#include <sys/socket.h> /* socket(), struct sockaddr_in6,

inet_pton(), connect() */

#include <fcntl.h> /* open() */

#include <dirent.h> /* opendir(), struct dirent, readdir()

#include <inttypes.h> /* PRIu16, PRIdMAX, intmax_t,

strtoimax() */

struct in6_addr, inet_pton(),

connect() */

#include <assert.h> /* assert() */

#include <errno.h> /* perror(), errno */

#include <time.h> /* nanosleep(), time() */

#include <time.h> /* time() */

#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,

SIOCSIFFLAGS, if_indextoname(),

if_nametoindex(), IF_NAMESIZE */

#include <netinet/in.h> /* IN6_IS_ADDR_LINKLOCAL,

INET_ADDRSTRLEN, INET6_ADDRSTRLEN

#include <unistd.h> /* close(), SEEK_SET, off_t, write(),

getuid(), getgid(), seteuid(),

getuid(), getgid(), setuid(),

setgid() */

#include <netinet/in.h>

#include <arpa/inet.h> /* inet_pton(), htons */

#include <iso646.h> /* not, or, and */

#include <iso646.h> /* not, and */

#include <argp.h> /* struct argp_option, error_t, struct

argp_state, struct argp,

argp_parse(), ARGP_KEY_ARG,

ARGP_KEY_END, ARGP_ERR_UNKNOWN */

#include <signal.h> /* sigemptyset(), sigaddset(),

sigaction(), SIGTERM, sig_atomic_t,

raise() */

#ifdef __linux__

#include <sys/klog.h> /* klogctl() */

#endif /* __linux__ */

/* Avahi */

/* All Avahi types, constants and functions

104

gnutls_*

105

init_gnutls_session(),

106

GNUTLS_* */

107

#include <gnutls/openpgp.h>

108

/* gnutls_certificate_set_openpgp_key_file(),

#include <gnutls/openpgp.h> /* gnutls_certificate_set_openpgp_key_file(),

109

GNUTLS_OPENPGP_FMT_BASE64 */

110

111

/* GPGME */

117

118

#define BUFFER_SIZE 256

119

100

120

#define PATHDIR "/conf/conf.d/mandos"

121

#define SECKEY "seckey.txt"

122

#define PUBKEY "pubkey.txt"

123

124

101

bool debug = false;

102

static const char *keydir = "/conf/conf.d/mandos";

125

103

static const char mandos_protocol_version[] = "1";

126

const char *argp_program_version = "mandos-client " VERSION;

104

const char *argp_program_version = "password-request 1.0";

127

105

const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";

128

106

129

107

/* Used for passing in values through the Avahi callback functions */

134

112

unsigned int dh_bits;

135

113

gnutls_dh_params_t dh_params;

136

114

const char *priority;

137

gpgme_ctx_t ctx;

138

115

} mandos_context;

139

116

140

/* global context so signal handler can reach it*/

141

mandos_context mc = { .simple_poll = NULL, .server = NULL,

142

.dh_bits = 1024, .priority = "SECURE256"

143

":!CTYPE-X.509:+CTYPE-OPENPGP" };

144

145

117

146

* Make additional room in "buffer" for at least BUFFER_SIZE more

147

* bytes. "buffer_capacity" is how much is currently allocated,

118

* Make room in "buffer" for at least BUFFER_SIZE additional bytes.

119

* "buffer_capacity" is how much is currently allocated,

148

120

* "buffer_length" is how much is already used.

149

121

150

size_t incbuffer(char **buffer, size_t buffer_length,

122

size_t adjustbuffer(char **buffer, size_t buffer_length,

151

123

size_t buffer_capacity){

152

if(buffer_length + BUFFER_SIZE > buffer_capacity){

124

if (buffer_length + BUFFER_SIZE > buffer_capacity){

153

125

*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);

154

if(buffer == NULL){

126

if (buffer == NULL){

155

127

return 0;

156

128

}

157

129

buffer_capacity += BUFFER_SIZE;

160

132

}

161

133

162

134

163

* Initialize GPGME.

135

* Decrypt OpenPGP data using keyrings in HOMEDIR.

136

* Returns -1 on error

164

137

165

static bool init_gpgme(const char *seckey,

166

const char *pubkey, const char *tempdir){

138

static ssize_t pgp_packet_decrypt (const char *cryptotext,

139

size_t crypto_size,

140

char **plaintext,

141

const char *homedir){

142

gpgme_data_t dh_crypto, dh_plain;

143

gpgme_ctx_t ctx;

167

144

gpgme_error_t rc;

145

ssize_t ret;

146

size_t plaintext_capacity = 0;

147

ssize_t plaintext_length = 0;

168

148

gpgme_engine_info_t engine_info;

169

149

170

171

172

* Helper function to insert pub and seckey to the engine keyring.

173

174

bool import_key(const char *filename){

175

int ret;

176

int fd;

177

gpgme_data_t pgp_data;

178

179

fd = (int)TEMP_FAILURE_RETRY(open(filename, O_RDONLY));

180

if(fd == -1){

181

perror("open");

182

return false;

183

}

184

185

rc = gpgme_data_new_from_fd(&pgp_data, fd);

186

if(rc != GPG_ERR_NO_ERROR){

187

fprintf(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",

188

gpgme_strsource(rc), gpgme_strerror(rc));

189

return false;

190

}

191

192

rc = gpgme_op_import(mc.ctx, pgp_data);

193

if(rc != GPG_ERR_NO_ERROR){

194

fprintf(stderr, "bad gpgme_op_import: %s: %s\n",

195

gpgme_strsource(rc), gpgme_strerror(rc));

196

return false;

197

}

198

199

ret = (int)TEMP_FAILURE_RETRY(close(fd));

200

if(ret == -1){

201

perror("close");

202

}

203

gpgme_data_release(pgp_data);

204

return true;

205

}

206

207

if(debug){

208

fprintf(stderr, "Initializing GPGME\n");

150

if (debug){

151

fprintf(stderr, "Trying to decrypt OpenPGP data\n");

209

152

}

210

153

211

154

/* Init GPGME */

212

155

gpgme_check_version(NULL);

213

156

rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);

214

if(rc != GPG_ERR_NO_ERROR){

157

if (rc != GPG_ERR_NO_ERROR){

215

158

fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",

216

159

gpgme_strsource(rc), gpgme_strerror(rc));

217

return false;

160

return -1;

218

161

}

219

162

220

/* Set GPGME home directory for the OpenPGP engine only */

221

rc = gpgme_get_engine_info(&engine_info);

222

if(rc != GPG_ERR_NO_ERROR){

163

/* Set GPGME home directory for the OpenPGP engine only */

164

rc = gpgme_get_engine_info (&engine_info);

165

if (rc != GPG_ERR_NO_ERROR){

223

166

fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",

224

167

gpgme_strsource(rc), gpgme_strerror(rc));

225

return false;

168

return -1;

226

169

}

227

170

while(engine_info != NULL){

228

171

if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){

229

172

gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,

230

engine_info->file_name, tempdir);

173

engine_info->file_name, homedir);

231

174

break;

232

175

}

233

176

engine_info = engine_info->next;

234

177

}

235

178

if(engine_info == NULL){

236

fprintf(stderr, "Could not set GPGME home dir to %s\n", tempdir);

237

return false;

238

}

239

240

/* Create new GPGME "context" */

241

rc = gpgme_new(&(mc.ctx));

242

if(rc != GPG_ERR_NO_ERROR){

243

fprintf(stderr, "bad gpgme_new: %s: %s\n",

244

gpgme_strsource(rc), gpgme_strerror(rc));

245

return false;

246

}

247

248

if(not import_key(pubkey) or not import_key(seckey)){

249

return false;

250

}

251

252

return true;

253

}

254

255

256

* Decrypt OpenPGP data.

257

* Returns -1 on error

258

259

static ssize_t pgp_packet_decrypt(const char *cryptotext,

260

size_t crypto_size,

261

char **plaintext){

262

gpgme_data_t dh_crypto, dh_plain;

263

gpgme_error_t rc;

264

ssize_t ret;

265

size_t plaintext_capacity = 0;

266

ssize_t plaintext_length = 0;

267

268

if(debug){

269

fprintf(stderr, "Trying to decrypt OpenPGP data\n");

179

fprintf(stderr, "Could not set GPGME home dir to %s\n", homedir);

180

return -1;

270

181

}

271

182

272

183

/* Create new GPGME data buffer from memory cryptotext */

273

184

rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,

274

185

0);

275

if(rc != GPG_ERR_NO_ERROR){

186

if (rc != GPG_ERR_NO_ERROR){

276

187

fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",

277

188

gpgme_strsource(rc), gpgme_strerror(rc));

278

189

return -1;

280

191

281

192

/* Create new empty GPGME data buffer for the plaintext */

282

193

rc = gpgme_data_new(&dh_plain);

283

if(rc != GPG_ERR_NO_ERROR){

194

if (rc != GPG_ERR_NO_ERROR){

284

195

fprintf(stderr, "bad gpgme_data_new: %s: %s\n",

285

196

gpgme_strsource(rc), gpgme_strerror(rc));

286

197

gpgme_data_release(dh_crypto);

287

198

return -1;

288

199

}

289

200

201

/* Create new GPGME "context" */

202

rc = gpgme_new(&ctx);

203

if (rc != GPG_ERR_NO_ERROR){

204

fprintf(stderr, "bad gpgme_new: %s: %s\n",

205

gpgme_strsource(rc), gpgme_strerror(rc));

206

plaintext_length = -1;

207

goto decrypt_end;

208

}

209

290

210

/* Decrypt data from the cryptotext data buffer to the plaintext

291

211

data buffer */

292

rc = gpgme_op_decrypt(mc.ctx, dh_crypto, dh_plain);

293

if(rc != GPG_ERR_NO_ERROR){

212

rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);

213

if (rc != GPG_ERR_NO_ERROR){

294

214

fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",

295

215

gpgme_strsource(rc), gpgme_strerror(rc));

296

216

plaintext_length = -1;

297

if(debug){

217

if (debug){

298

218

gpgme_decrypt_result_t result;

299

result = gpgme_op_decrypt_result(mc.ctx);

300

if(result == NULL){

219

result = gpgme_op_decrypt_result(ctx);

220

if (result == NULL){

301

221

fprintf(stderr, "gpgme_op_decrypt_result failed\n");

302

222

} else {

303

223

fprintf(stderr, "Unsupported algorithm: %s\n",

309

229

}

310

230

gpgme_recipient_t recipient;

311

231

recipient = result->recipients;

312

while(recipient != NULL){

313

fprintf(stderr, "Public key algorithm: %s\n",

314

gpgme_pubkey_algo_name(recipient->pubkey_algo));

315

fprintf(stderr, "Key ID: %s\n", recipient->keyid);

316

fprintf(stderr, "Secret key available: %s\n",

317

recipient->status == GPG_ERR_NO_SECKEY

318

? "No" : "Yes");

319

recipient = recipient->next;

232

if(recipient){

233

while(recipient != NULL){

234

fprintf(stderr, "Public key algorithm: %s\n",

235

gpgme_pubkey_algo_name(recipient->pubkey_algo));

236

fprintf(stderr, "Key ID: %s\n", recipient->keyid);

237

fprintf(stderr, "Secret key available: %s\n",

238

recipient->status == GPG_ERR_NO_SECKEY

239

? "No" : "Yes");

240

recipient = recipient->next;

241

}

320

242

}

321

243

}

322

244

}

328

250

}

329

251

330

252

/* Seek back to the beginning of the GPGME plaintext data buffer */

331

if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){

332

perror("gpgme_data_seek");

253

if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){

254

perror("pgpme_data_seek");

333

255

plaintext_length = -1;

334

256

goto decrypt_end;

335

257

}

336

258

337

259

*plaintext = NULL;

338

260

while(true){

339

plaintext_capacity = incbuffer(plaintext,

261

plaintext_capacity = adjustbuffer(plaintext,

340

262

(size_t)plaintext_length,

341

263

plaintext_capacity);

342

if(plaintext_capacity == 0){

343

perror("incbuffer");

264

if (plaintext_capacity == 0){

265

perror("adjustbuffer");

344

266

plaintext_length = -1;

345

267

goto decrypt_end;

346

268

}

348

270

ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,

349

271

BUFFER_SIZE);

350

272

/* Print the data, if any */

351

if(ret == 0){

273

if (ret == 0){

352

274

/* EOF */

353

275

break;

354

276

}

359

281

}

360

282

plaintext_length += ret;

361

283

}

362

284

363

285

if(debug){

364

286

fprintf(stderr, "Decrypted password is: ");

365

287

for(ssize_t i = 0; i < plaintext_length; i++){

378

300

return plaintext_length;

379

301

}

380

302

381

static const char * safer_gnutls_strerror(int value){

382

const char *ret = gnutls_strerror(value); /* Spurious warning from

383

-Wunreachable-code */

384

if(ret == NULL)

303

static const char * safer_gnutls_strerror (int value) {

304

const char *ret = gnutls_strerror (value); /* Spurious warning */

305

if (ret == NULL)

385

306

ret = "(unknown)";

386

307

return ret;

387

308

}

392

313

fprintf(stderr, "GnuTLS: %s", string);

393

314

}

394

315

395

static int init_gnutls_global(const char *pubkeyfilename,

316

static int init_gnutls_global(mandos_context *mc,

317

const char *pubkeyfilename,

396

318

const char *seckeyfilename){

397

319

int ret;

398

320

401

323

}

402

324

403

325

ret = gnutls_global_init();

404

if(ret != GNUTLS_E_SUCCESS){

405

fprintf(stderr, "GnuTLS global_init: %s\n",

406

safer_gnutls_strerror(ret));

326

if (ret != GNUTLS_E_SUCCESS) {

327

fprintf (stderr, "GnuTLS global_init: %s\n",

328

safer_gnutls_strerror(ret));

407

329

return -1;

408

330

}

409

331

410

if(debug){

332

if (debug){

411

333

/* "Use a log level over 10 to enable all debugging options."

412

334

* - GnuTLS manual

413

335

416

338

}

417

339

418

340

/* OpenPGP credentials */

419

gnutls_certificate_allocate_credentials(&mc.cred);

420

if(ret != GNUTLS_E_SUCCESS){

421

fprintf(stderr, "GnuTLS memory error: %s\n", /* Spurious warning

422

from

423

-Wunreachable-code

424

425

safer_gnutls_strerror(ret));

426

gnutls_global_deinit();

341

gnutls_certificate_allocate_credentials(&mc->cred);

342

if (ret != GNUTLS_E_SUCCESS){

343

fprintf (stderr, "GnuTLS memory error: %s\n", /* Spurious

344

warning */

345

safer_gnutls_strerror(ret));

346

gnutls_global_deinit ();

427

347

return -1;

428

348

}

429

349

430

350

if(debug){

431

fprintf(stderr, "Attempting to use OpenPGP public key %s and"

432

" secret key %s as GnuTLS credentials\n", pubkeyfilename,

351

fprintf(stderr, "Attempting to use OpenPGP certificate %s"

352

" and keyfile %s as GnuTLS credentials\n", pubkeyfilename,

433

353

seckeyfilename);

434

354

}

435

355

436

356

ret = gnutls_certificate_set_openpgp_key_file

437

(mc.cred, pubkeyfilename, seckeyfilename,

357

(mc->cred, pubkeyfilename, seckeyfilename,

438

358

GNUTLS_OPENPGP_FMT_BASE64);

439

if(ret != GNUTLS_E_SUCCESS){

359

if (ret != GNUTLS_E_SUCCESS) {

440

360

fprintf(stderr,

441

361

"Error[%d] while reading the OpenPGP key pair ('%s',"

442

362

" '%s')\n", ret, pubkeyfilename, seckeyfilename);

443

fprintf(stderr, "The GnuTLS error is: %s\n",

363

fprintf(stdout, "The GnuTLS error is: %s\n",

444

364

safer_gnutls_strerror(ret));

445

365

goto globalfail;

446

366

}

447

367

448

368

/* GnuTLS server initialization */

449

ret = gnutls_dh_params_init(&mc.dh_params);

450

if(ret != GNUTLS_E_SUCCESS){

451

fprintf(stderr, "Error in GnuTLS DH parameter initialization:"

452

" %s\n", safer_gnutls_strerror(ret));

453

goto globalfail;

454

}

455

ret = gnutls_dh_params_generate2(mc.dh_params, mc.dh_bits);

456

if(ret != GNUTLS_E_SUCCESS){

457

fprintf(stderr, "Error in GnuTLS prime generation: %s\n",

458

safer_gnutls_strerror(ret));

459

goto globalfail;

460

}

461

462

gnutls_certificate_set_dh_params(mc.cred, mc.dh_params);

463

369

ret = gnutls_dh_params_init(&mc->dh_params);

370

if (ret != GNUTLS_E_SUCCESS) {

371

fprintf (stderr, "Error in GnuTLS DH parameter initialization:"

372

" %s\n", safer_gnutls_strerror(ret));

373

goto globalfail;

374

}

375

ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);

376

if (ret != GNUTLS_E_SUCCESS) {

377

fprintf (stderr, "Error in GnuTLS prime generation: %s\n",

378

safer_gnutls_strerror(ret));

379

goto globalfail;

380

}

381

382

gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);

383

464

384

return 0;

465

385

466

386

globalfail:

467

468

gnutls_certificate_free_credentials(mc.cred);

387

388

gnutls_certificate_free_credentials(mc->cred);

469

389

gnutls_global_deinit();

470

gnutls_dh_params_deinit(mc.dh_params);

471

390

return -1;

391

472

392

}

473

393

474

static int init_gnutls_session(gnutls_session_t *session){

394

static int init_gnutls_session(mandos_context *mc,

395

gnutls_session_t *session){

475

396

int ret;

476

397

/* GnuTLS session creation */

477

do {

478

ret = gnutls_init(session, GNUTLS_SERVER);

479

} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);

480

if(ret != GNUTLS_E_SUCCESS){

398

ret = gnutls_init(session, GNUTLS_SERVER);

399

if (ret != GNUTLS_E_SUCCESS){

481

400

fprintf(stderr, "Error in GnuTLS session initialization: %s\n",

482

401

safer_gnutls_strerror(ret));

483

402

}

484

403

485

404

{

486

405

const char *err;

487

do {

488

ret = gnutls_priority_set_direct(*session, mc.priority, &err);

489

} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);

490

if(ret != GNUTLS_E_SUCCESS){

406

ret = gnutls_priority_set_direct(*session, mc->priority, &err);

407

if (ret != GNUTLS_E_SUCCESS) {

491

408

fprintf(stderr, "Syntax error at: %s\n", err);

492

409

fprintf(stderr, "GnuTLS error: %s\n",

493

410

safer_gnutls_strerror(ret));

494

gnutls_deinit(*session);

411

gnutls_deinit (*session);

495

412

return -1;

496

413

}

497

414

}

498

415

499

do {

500

ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,

501

mc.cred);

502

} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);

503

if(ret != GNUTLS_E_SUCCESS){

416

ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,

417

mc->cred);

418

if (ret != GNUTLS_E_SUCCESS) {

504

419

fprintf(stderr, "Error setting GnuTLS credentials: %s\n",

505

420

safer_gnutls_strerror(ret));

506

gnutls_deinit(*session);

421

gnutls_deinit (*session);

507

422

return -1;

508

423

}

509

424

510

425

/* ignore client certificate if any. */

511

gnutls_certificate_server_set_request(*session, GNUTLS_CERT_IGNORE);

426

gnutls_certificate_server_set_request (*session,

427

GNUTLS_CERT_IGNORE);

512

428

513

gnutls_dh_set_prime_bits(*session, mc.dh_bits);

429

gnutls_dh_set_prime_bits (*session, mc->dh_bits);

514

430

515

431

return 0;

516

432

}

519

435

static void empty_log(__attribute__((unused)) AvahiLogLevel level,

520

436

__attribute__((unused)) const char *txt){}

521

437

522

sig_atomic_t quit_now = 0;

523

int signal_received = 0;

524

525

438

/* Called when a Mandos server is found */

526

439

static int start_mandos_communication(const char *ip, uint16_t port,

527

440

AvahiIfIndex if_index,

528

int af){

529

int ret, tcp_sd = -1;

530

ssize_t sret;

531

union {

532

struct sockaddr_in in;

533

struct sockaddr_in6 in6;

534

} to;

441

mandos_context *mc){

442

int ret, tcp_sd;

443

union { struct sockaddr in; struct sockaddr_in6 in6; } to;

535

444

char *buffer = NULL;

536

445

char *decrypted_buffer;

537

446

size_t buffer_length = 0;

538

447

size_t buffer_capacity = 0;

448

ssize_t decrypted_buffer_size;

539

449

size_t written;

540

450

int retval = 0;

451

char interface[IF_NAMESIZE];

541

452

gnutls_session_t session;

542

int pf; /* Protocol family */

543

544

if(quit_now){

545

return -1;

546

}

547

548

switch(af){

549

case AF_INET6:

550

pf = PF_INET6;

551

break;

552

case AF_INET:

553

pf = PF_INET;

554

break;

555

default:

556

fprintf(stderr, "Bad address family: %d\n", af);

557

return -1;

558

}

559

560

ret = init_gnutls_session(&session);

561

if(ret != 0){

453

454

ret = init_gnutls_session (mc, &session);

455

if (ret != 0){

562

456

return -1;

563

457

}

564

458

565

459

if(debug){

566

fprintf(stderr, "Setting up a TCP connection to %s, port %" PRIu16

460

fprintf(stderr, "Setting up a tcp connection to %s, port %" PRIu16

567

461

"\n", ip, port);

568

462

}

569

463

570

tcp_sd = socket(pf, SOCK_STREAM, 0);

571

if(tcp_sd < 0){

464

tcp_sd = socket(PF_INET6, SOCK_STREAM, 0);

465

if(tcp_sd < 0) {

572

466

perror("socket");

573

retval = -1;

574

goto mandos_end;

467

return -1;

575

468

}

576

577

if(quit_now){

578

goto mandos_end;

469

470

if(debug){

471

if(if_indextoname((unsigned int)if_index, interface) == NULL){

472

perror("if_indextoname");

473

return -1;

474

}

475

fprintf(stderr, "Binding to interface %s\n", interface);

579

476

}

580

477

581

478

memset(&to, 0, sizeof(to));

582

if(af == AF_INET6){

583

to.in6.sin6_family = (sa_family_t)af;

584

ret = inet_pton(af, ip, &to.in6.sin6_addr);

585

} else { /* IPv4 */

586

to.in.sin_family = (sa_family_t)af;

587

ret = inet_pton(af, ip, &to.in.sin_addr);

588

}

589

if(ret < 0 ){

479

to.in6.sin6_family = AF_INET6;

480

/* It would be nice to have a way to detect if we were passed an

481

IPv4 address here. Now we assume an IPv6 address. */

482

ret = inet_pton(AF_INET6, ip, &to.in6.sin6_addr);

483

if (ret < 0 ){

590

484

perror("inet_pton");

591

retval = -1;

592

goto mandos_end;

485

return -1;

593

486

}

594

487

if(ret == 0){

595

488

fprintf(stderr, "Bad address: %s\n", ip);

596

retval = -1;

597

goto mandos_end;

598

}

599

if(af == AF_INET6){

600

to.in6.sin6_port = htons(port); /* Spurious warnings from

601

-Wconversion and

602

-Wunreachable-code */

603

604

if(IN6_IS_ADDR_LINKLOCAL /* Spurious warnings from */

605

(&to.in6.sin6_addr)){ /* -Wstrict-aliasing=2 or lower and

606

-Wunreachable-code*/

607

if(if_index == AVAHI_IF_UNSPEC){

608

fprintf(stderr, "An IPv6 link-local address is incomplete"

609

" without a network interface\n");

610

retval = -1;

611

goto mandos_end;

612

}

613

/* Set the network interface number as scope */

614

to.in6.sin6_scope_id = (uint32_t)if_index;

615

}

616

} else {

617

to.in.sin_port = htons(port); /* Spurious warnings from

618

-Wconversion and

619

-Wunreachable-code */

620

}

489

return -1;

490

}

491

to.in6.sin6_port = htons(port); /* Spurious warning */

621

492

622

if(quit_now){

623

goto mandos_end;

624

}

493

to.in6.sin6_scope_id = (uint32_t)if_index;

625

494

626

495

if(debug){

627

if(af == AF_INET6 and if_index != AVAHI_IF_UNSPEC){

628

char interface[IF_NAMESIZE];

629

if(if_indextoname((unsigned int)if_index, interface) == NULL){

630

perror("if_indextoname");

631

} else {

632

fprintf(stderr, "Connection to: %s%%%s, port %" PRIu16 "\n",

633

ip, interface, port);

634

}

635

} else {

636

fprintf(stderr, "Connection to: %s, port %" PRIu16 "\n", ip,

637

port);

638

}

639

char addrstr[(INET_ADDRSTRLEN > INET6_ADDRSTRLEN) ?

640

INET_ADDRSTRLEN : INET6_ADDRSTRLEN] = "";

641

const char *pcret;

642

if(af == AF_INET6){

643

pcret = inet_ntop(af, &(to.in6.sin6_addr), addrstr,

644

sizeof(addrstr));

645

} else {

646

pcret = inet_ntop(af, &(to.in.sin_addr), addrstr,

647

sizeof(addrstr));

648

}

649

if(pcret == NULL){

496

fprintf(stderr, "Connection to: %s, port %" PRIu16 "\n", ip,

497

port);

498

char addrstr[INET6_ADDRSTRLEN] = "";

499

if(inet_ntop(to.in6.sin6_family, &(to.in6.sin6_addr), addrstr,

500

sizeof(addrstr)) == NULL){

650

501

perror("inet_ntop");

651

502

} else {

652

503

if(strcmp(addrstr, ip) != 0){

655

506

}

656

507

}

657

508

658

if(quit_now){

659

goto mandos_end;

660

}

661

662

if(af == AF_INET6){

663

ret = connect(tcp_sd, &to.in6, sizeof(to));

664

} else {

665

ret = connect(tcp_sd, &to.in, sizeof(to)); /* IPv4 */

666

}

667

if(ret < 0){

509

ret = connect(tcp_sd, &to.in, sizeof(to));

510

if (ret < 0){

668

511

perror("connect");

669

retval = -1;

670

goto mandos_end;

671

}

672

673

if(quit_now){

674

goto mandos_end;

675

}

676

512

return -1;

513

}

514

677

515

const char *out = mandos_protocol_version;

678

516

written = 0;

679

while(true){

517

while (true){

680

518

size_t out_size = strlen(out);

681

ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written,

519

ret = TEMP_FAILURE_RETRY(write(tcp_sd, out + written,

682

520

out_size - written));

683

if(ret == -1){

521

if (ret == -1){

684

522

perror("write");

685

523

retval = -1;

686

524

goto mandos_end;

689

527

if(written < out_size){

690

528

continue;

691

529

} else {

692

if(out == mandos_protocol_version){

530

if (out == mandos_protocol_version){

693

531

written = 0;

694

532

out = "\r\n";

695

533

} else {

696

534

break;

697

535

}

698

536

}

699

700

if(quit_now){

701

goto mandos_end;

702

}

703

537

}

704

538

705

539

if(debug){

706

540

fprintf(stderr, "Establishing TLS session with %s\n", ip);

707

541

}

708

542

709

if(quit_now){

710

goto mandos_end;

711

}

712

713

gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) tcp_sd);

714

715

if(quit_now){

716

goto mandos_end;

717

}

718

719

do {

720

ret = gnutls_handshake(session);

721

if(quit_now){

722

goto mandos_end;

723

}

543

gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) tcp_sd);

544

545

do{

546

ret = gnutls_handshake (session);

724

547

} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);

725

548

726

if(ret != GNUTLS_E_SUCCESS){

549

if (ret != GNUTLS_E_SUCCESS){

727

550

if(debug){

728

551

fprintf(stderr, "*** GnuTLS Handshake failed ***\n");

729

gnutls_perror(ret);

552

gnutls_perror (ret);

730

553

}

731

554

retval = -1;

732

555

goto mandos_end;

735

558

/* Read OpenPGP packet that contains the wanted password */

736

559

737

560

if(debug){

738

fprintf(stderr, "Retrieving OpenPGP encrypted password from %s\n",

561

fprintf(stderr, "Retrieving pgp encrypted password from %s\n",

739

562

ip);

740

563

}

741

564

742

565

while(true){

743

744

if(quit_now){

745

goto mandos_end;

746

}

747

748

buffer_capacity = incbuffer(&buffer, buffer_length,

566

buffer_capacity = adjustbuffer(&buffer, buffer_length,

749

567

buffer_capacity);

750

if(buffer_capacity == 0){

751

perror("incbuffer");

568

if (buffer_capacity == 0){

569

perror("adjustbuffer");

752

570

retval = -1;

753

571

goto mandos_end;

754

572

}

755

573

756

if(quit_now){

757

goto mandos_end;

758

}

759

760

sret = gnutls_record_recv(session, buffer+buffer_length,

761

BUFFER_SIZE);

762

if(sret == 0){

574

ret = gnutls_record_recv(session, buffer+buffer_length,

575

BUFFER_SIZE);

576

if (ret == 0){

763

577

break;

764

578

}

765

if(sret < 0){

766

switch(sret){

579

if (ret < 0){

580

switch(ret){

767

581

case GNUTLS_E_INTERRUPTED:

768

582

case GNUTLS_E_AGAIN:

769

583

break;

770

584

case GNUTLS_E_REHANDSHAKE:

771

do {

772

ret = gnutls_handshake(session);

773

774

if(quit_now){

775

goto mandos_end;

776

}

585

do{

586

ret = gnutls_handshake (session);

777

587

} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);

778

if(ret < 0){

588

if (ret < 0){

779

589

fprintf(stderr, "*** GnuTLS Re-handshake failed ***\n");

780

gnutls_perror(ret);

590

gnutls_perror (ret);

781

591

retval = -1;

782

592

goto mandos_end;

783

593

}

786

596

fprintf(stderr, "Unknown error while reading data from"

787

597

" encrypted session with Mandos server\n");

788

598

retval = -1;

789

gnutls_bye(session, GNUTLS_SHUT_RDWR);

599

gnutls_bye (session, GNUTLS_SHUT_RDWR);

790

600

goto mandos_end;

791

601

}

792

602

} else {

793

buffer_length += (size_t) sret;

603

buffer_length += (size_t) ret;

794

604

}

795

605

}

796

606

798

608

fprintf(stderr, "Closing TLS session\n");

799

609

}

800

610

801

if(quit_now){

802

goto mandos_end;

803

}

804

805

gnutls_bye(session, GNUTLS_SHUT_RDWR);

806

807

if(quit_now){

808

goto mandos_end;

809

}

810

811

if(buffer_length > 0){

812

ssize_t decrypted_buffer_size;

611

gnutls_bye (session, GNUTLS_SHUT_RDWR);

612

613

if (buffer_length > 0){

813

614

decrypted_buffer_size = pgp_packet_decrypt(buffer,

814

615

buffer_length,

815

&decrypted_buffer);

816

if(decrypted_buffer_size >= 0){

817

616

&decrypted_buffer,

617

keydir);

618

if (decrypted_buffer_size >= 0){

818

619

written = 0;

819

620

while(written < (size_t) decrypted_buffer_size){

820

if(quit_now){

821

goto mandos_end;

822

}

823

824

ret = (int)fwrite(decrypted_buffer + written, 1,

825

(size_t)decrypted_buffer_size - written,

826

stdout);

621

ret = (int)fwrite (decrypted_buffer + written, 1,

622

(size_t)decrypted_buffer_size - written,

623

stdout);

827

624

if(ret == 0 and ferror(stdout)){

828

625

if(debug){

829

626

fprintf(stderr, "Error writing encrypted data: %s\n",

846

643

847

644

mandos_end:

848

645

free(buffer);

849

if(tcp_sd >= 0){

850

ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));

851

}

852

if(ret == -1){

853

perror("close");

854

}

855

gnutls_deinit(session);

856

if(quit_now){

857

retval = -1;

858

}

646

close(tcp_sd);

647

gnutls_deinit (session);

859

648

return retval;

860

649

}

861

650

862

651

static void resolve_callback(AvahiSServiceResolver *r,

863

652

AvahiIfIndex interface,

864

AvahiProtocol proto,

653

AVAHI_GCC_UNUSED AvahiProtocol protocol,

865

654

AvahiResolverEvent event,

866

655

const char *name,

867

656

const char *type,

872

661

AVAHI_GCC_UNUSED AvahiStringList *txt,

873

662

AVAHI_GCC_UNUSED AvahiLookupResultFlags

874

663

flags,

875

AVAHI_GCC_UNUSED void* userdata){

664

void* userdata) {

665

mandos_context *mc = userdata;

876

666

assert(r);

877

667

878

668

/* Called whenever a service has been resolved successfully or

879

669

timed out */

880

670

881

if(quit_now){

882

return;

883

}

884

885

switch(event){

671

switch (event) {

886

672

default:

887

673

case AVAHI_RESOLVER_FAILURE:

888

674

fprintf(stderr, "(Avahi Resolver) Failed to resolve service '%s'"

889

675

" of type '%s' in domain '%s': %s\n", name, type, domain,

890

avahi_strerror(avahi_server_errno(mc.server)));

676

avahi_strerror(avahi_server_errno(mc->server)));

891

677

break;

892

678

893

679

case AVAHI_RESOLVER_FOUND:

896

682

avahi_address_snprint(ip, sizeof(ip), address);

897

683

if(debug){

898

684

fprintf(stderr, "Mandos server \"%s\" found on %s (%s, %"

899

PRIdMAX ") on port %" PRIu16 "\n", name, host_name,

900

ip, (intmax_t)interface, port);

685

PRIu16 ") on port %d\n", name, host_name, ip,

686

interface, port);

901

687

}

902

int ret = start_mandos_communication(ip, port, interface,

903

avahi_proto_to_af(proto));

904

if(ret == 0){

905

avahi_simple_poll_quit(mc.simple_poll);

688

int ret = start_mandos_communication(ip, port, interface, mc);

689

if (ret == 0){

690

avahi_simple_poll_quit(mc->simple_poll);

906

691

}

907

692

}

908

693

}

909

694

avahi_s_service_resolver_free(r);

910

695

}

911

696

912

static void browse_callback(AvahiSServiceBrowser *b,

913

AvahiIfIndex interface,

914

AvahiProtocol protocol,

915

AvahiBrowserEvent event,

916

const char *name,

917

const char *type,

918

const char *domain,

919

AVAHI_GCC_UNUSED AvahiLookupResultFlags

920

flags,

921

AVAHI_GCC_UNUSED void* userdata){

697

static void browse_callback( AvahiSServiceBrowser *b,

698

AvahiIfIndex interface,

699

AvahiProtocol protocol,

700

AvahiBrowserEvent event,

701

const char *name,

702

const char *type,

703

const char *domain,

704

AVAHI_GCC_UNUSED AvahiLookupResultFlags

705

flags,

706

void* userdata) {

707

mandos_context *mc = userdata;

922

708

assert(b);

923

709

924

710

/* Called whenever a new services becomes available on the LAN or

925

711

is removed from the LAN */

926

712

927

if(quit_now){

928

return;

929

}

930

931

switch(event){

713

switch (event) {

932

714

default:

933

715

case AVAHI_BROWSER_FAILURE:

934

716

935

717

fprintf(stderr, "(Avahi browser) %s\n",

936

avahi_strerror(avahi_server_errno(mc.server)));

937

avahi_simple_poll_quit(mc.simple_poll);

718

avahi_strerror(avahi_server_errno(mc->server)));

719

avahi_simple_poll_quit(mc->simple_poll);

938

720

return;

939

721

940

722

case AVAHI_BROWSER_NEW:

943

725

the callback function is called the Avahi server will free the

944

726

resolver for us. */

945

727

946

if(avahi_s_service_resolver_new(mc.server, interface, protocol,

947

name, type, domain, protocol, 0,

948

resolve_callback, NULL) == NULL)

728

if (!(avahi_s_service_resolver_new(mc->server, interface,

729

protocol, name, type, domain,

730

AVAHI_PROTO_INET6, 0,

731

resolve_callback, mc)))

949

732

fprintf(stderr, "Avahi: Failed to resolve service '%s': %s\n",

950

name, avahi_strerror(avahi_server_errno(mc.server)));

733

name, avahi_strerror(avahi_server_errno(mc->server)));

951

734

break;

952

735

953

736

case AVAHI_BROWSER_REMOVE:

962

745

}

963

746

}

964

747

965

/* stop main loop after sigterm has been called */

966

static void handle_sigterm(int sig){

967

if(quit_now){

968

return;

969

}

970

quit_now = 1;

971

signal_received = sig;

972

int old_errno = errno;

973

if(mc.simple_poll != NULL){

974

avahi_simple_poll_quit(mc.simple_poll);

975

}

976

errno = old_errno;

748

/* Combines file name and path and returns the malloced new

749

string. some sane checks could/should be added */

750

static char *combinepath(const char *first, const char *second){

751

char *tmp;

752

int ret = asprintf(&tmp, "%s/%s", first, second);

753

if(ret < 0){

754

return NULL;

755

}

756

return tmp;

977

757

}

978

758

759

979

760

int main(int argc, char *argv[]){

980

AvahiSServiceBrowser *sb = NULL;

981

int error;

982

int ret;

983

intmax_t tmpmax;

984

char *tmp;

985

int exitcode = EXIT_SUCCESS;

986

const char *interface = "eth0";

987

struct ifreq network;

988

int sd = -1;

989

bool take_down_interface = false;

990

uid_t uid;

991

gid_t gid;

992

char *connect_to = NULL;

993

char tempdir[] = "/tmp/mandosXXXXXX";

994

bool tempdir_created = false;

995

AvahiIfIndex if_index = AVAHI_IF_UNSPEC;

996

const char *seckey = PATHDIR "/" SECKEY;

997

const char *pubkey = PATHDIR "/" PUBKEY;

998

999

bool gnutls_initialized = false;

1000

bool gpgme_initialized = false;

1001

float delay = 2.5f;

1002

1003

struct sigaction old_sigterm_action = { .sa_handler = SIG_DFL };

1004

struct sigaction sigterm_action = { .sa_handler = handle_sigterm };

1005

1006

uid = getuid();

1007

gid = getgid();

1008

1009

/* Lower any group privileges we might have, just to be safe */

1010

errno = 0;

1011

ret = setgid(gid);

1012

if(ret == -1){

1013

perror("setgid");

1014

}

1015

1016

/* Lower user privileges (temporarily) */

1017

errno = 0;

1018

ret = seteuid(uid);

1019

if(ret == -1){

1020

perror("seteuid");

1021

}

1022

1023

if(quit_now){

1024

goto end;

1025

}

1026

1027

{

1028

struct argp_option options[] = {

1029

{ .name = "debug", .key = 128,

1030

.doc = "Debug mode", .group = 3 },

1031

{ .name = "connect", .key = 'c',

1032

.arg = "ADDRESS:PORT",

1033

.doc = "Connect directly to a specific Mandos server",

1034

.group = 1 },

1035

{ .name = "interface", .key = 'i',

1036

.arg = "NAME",

1037

.doc = "Network interface that will be used to search for"

1038

" Mandos servers",

1039

.group = 1 },

1040

{ .name = "seckey", .key = 's',

1041

.arg = "FILE",

1042

.doc = "OpenPGP secret key file base name",

1043

.group = 1 },

1044

{ .name = "pubkey", .key = 'p',

1045

.arg = "FILE",

1046

.doc = "OpenPGP public key file base name",

1047

.group = 2 },

1048

{ .name = "dh-bits", .key = 129,

1049

.arg = "BITS",

1050

.doc = "Bit length of the prime number used in the"

1051

" Diffie-Hellman key exchange",

1052

.group = 2 },

1053

{ .name = "priority", .key = 130,

1054

.arg = "STRING",

1055

.doc = "GnuTLS priority string for the TLS handshake",

1056

.group = 1 },

1057

{ .name = "delay", .key = 131,

1058

.arg = "SECONDS",

1059

.doc = "Maximum delay to wait for interface startup",

1060

.group = 2 },

1061

{ .name = NULL }

1062

};

1063

1064

error_t parse_opt(int key, char *arg,

1065

struct argp_state *state){

1066

switch(key){

1067

case 128: /* --debug */

1068

debug = true;

1069

break;

1070

case 'c': /* --connect */

1071

connect_to = arg;

1072

break;

1073

case 'i': /* --interface */

1074

interface = arg;

1075

break;

1076

case 's': /* --seckey */

1077

seckey = arg;

1078

break;

1079

case 'p': /* --pubkey */

1080

pubkey = arg;

1081

break;

1082

case 129: /* --dh-bits */

1083

errno = 0;

1084

tmpmax = strtoimax(arg, &tmp, 10);

1085

if(errno != 0 or tmp == arg or *tmp != '\0'

1086

or tmpmax != (typeof(mc.dh_bits))tmpmax){

1087

fprintf(stderr, "Bad number of DH bits\n");

1088

exit(EXIT_FAILURE);

1089

}

1090

mc.dh_bits = (typeof(mc.dh_bits))tmpmax;

1091

break;

1092

case 130: /* --priority */

1093

mc.priority = arg;

1094

break;

1095

case 131: /* --delay */

1096

errno = 0;

1097

delay = strtof(arg, &tmp);

1098

if(errno != 0 or tmp == arg or *tmp != '\0'){

1099

fprintf(stderr, "Bad delay\n");

1100

exit(EXIT_FAILURE);

1101

}

1102

break;

1103

case ARGP_KEY_ARG:

1104

argp_usage(state);

1105

case ARGP_KEY_END:

1106

break;

1107

default:

1108

return ARGP_ERR_UNKNOWN;

1109

}

1110

return 0;

1111

}

1112

1113

struct argp argp = { .options = options, .parser = parse_opt,

1114

.args_doc = "",

1115

.doc = "Mandos client -- Get and decrypt"

1116

" passwords from a Mandos server" };

1117

ret = argp_parse(&argp, argc, argv, 0, 0, NULL);

1118

if(ret == ARGP_ERR_UNKNOWN){

1119

fprintf(stderr, "Unknown error while parsing arguments\n");

1120

exitcode = EXIT_FAILURE;

1121

goto end;

1122

}

1123

}

1124

1125

if(not debug){

1126

avahi_set_log_function(empty_log);

1127

}

1128

1129

/* Initialize Avahi early so avahi_simple_poll_quit() can be called

1130

from the signal handler */

1131

/* Initialize the pseudo-RNG for Avahi */

1132

srand((unsigned int) time(NULL));

1133

mc.simple_poll = avahi_simple_poll_new();

1134

if(mc.simple_poll == NULL){

1135

fprintf(stderr, "Avahi: Failed to create simple poll object.\n");

1136

exitcode = EXIT_FAILURE;

1137

goto end;

1138

}

1139

1140

sigemptyset(&sigterm_action.sa_mask);

1141

ret = sigaddset(&sigterm_action.sa_mask, SIGINT);

1142

if(ret == -1){

1143

perror("sigaddset");

1144

exitcode = EXIT_FAILURE;

1145

goto end;

1146

}

1147

ret = sigaddset(&sigterm_action.sa_mask, SIGHUP);

1148

if(ret == -1){

1149

perror("sigaddset");

1150

exitcode = EXIT_FAILURE;

1151

goto end;

1152

}

1153

ret = sigaddset(&sigterm_action.sa_mask, SIGTERM);

1154

if(ret == -1){

1155

perror("sigaddset");

1156

exitcode = EXIT_FAILURE;

1157

goto end;

1158

}

1159

/* Need to check if the handler is SIG_IGN before handling:

1160

| [[info:libc:Initial Signal Actions]] |

1161

| [[info:libc:Basic Signal Handling]] |

1162

1163

ret = sigaction(SIGINT, NULL, &old_sigterm_action);

1164

if(ret == -1){

1165

perror("sigaction");

1166

return EXIT_FAILURE;

1167

}

1168

if(old_sigterm_action.sa_handler != SIG_IGN){

1169

ret = sigaction(SIGINT, &sigterm_action, NULL);

1170

if(ret == -1){

1171

perror("sigaction");

1172

exitcode = EXIT_FAILURE;

1173

goto end;

1174

}

1175

}

1176

ret = sigaction(SIGHUP, NULL, &old_sigterm_action);

1177

if(ret == -1){

1178

perror("sigaction");

1179

return EXIT_FAILURE;

1180

}

1181

if(old_sigterm_action.sa_handler != SIG_IGN){

1182

ret = sigaction(SIGHUP, &sigterm_action, NULL);

1183

if(ret == -1){

1184

perror("sigaction");

1185

exitcode = EXIT_FAILURE;

1186

goto end;

1187

}

1188

}

1189

ret = sigaction(SIGTERM, NULL, &old_sigterm_action);

1190

if(ret == -1){

1191

perror("sigaction");

1192

return EXIT_FAILURE;

1193

}

1194

if(old_sigterm_action.sa_handler != SIG_IGN){

1195

ret = sigaction(SIGTERM, &sigterm_action, NULL);

1196

if(ret == -1){

1197

perror("sigaction");

1198

exitcode = EXIT_FAILURE;

1199

goto end;

1200

}

1201

}

1202

1203

/* If the interface is down, bring it up */

1204

if(interface[0] != '\0'){

761

AvahiSServiceBrowser *sb = NULL;

762

int error;

763

int ret;

764

int exitcode = EXIT_SUCCESS;

765

const char *interface = "eth0";

766

struct ifreq network;

767

int sd;

768

uid_t uid;

769

gid_t gid;

770

char *connect_to = NULL;

771

AvahiIfIndex if_index = AVAHI_IF_UNSPEC;

772

char *pubkeyfilename = NULL;

773

char *seckeyfilename = NULL;

774

const char *pubkeyname = "pubkey.txt";

775

const char *seckeyname = "seckey.txt";

776

mandos_context mc = { .simple_poll = NULL, .server = NULL,

777

.dh_bits = 1024, .priority = "SECURE256"};

778

bool gnutls_initalized = false;

779

780

{

781

struct argp_option options[] = {

782

{ .name = "debug", .key = 128,

783

.doc = "Debug mode", .group = 3 },

784

{ .name = "connect", .key = 'c',

785

.arg = "IP",

786

.doc = "Connect directly to a sepcified mandos server",

787

.group = 1 },

788

{ .name = "interface", .key = 'i',

789

.arg = "INTERFACE",

790

.doc = "Interface that Avahi will conntect through",

791

.group = 1 },

792

{ .name = "keydir", .key = 'd',

793

.arg = "KEYDIR",

794

.doc = "Directory where the openpgp keyring is",

795

.group = 1 },

796

{ .name = "seckey", .key = 's',

797

.arg = "SECKEY",

798

.doc = "Secret openpgp key for gnutls authentication",

799

.group = 1 },

800

{ .name = "pubkey", .key = 'p',

801

.arg = "PUBKEY",

802

.doc = "Public openpgp key for gnutls authentication",

803

.group = 2 },

804

{ .name = "dh-bits", .key = 129,

805

.arg = "BITS",

806

.doc = "dh-bits to use in gnutls communication",

807

.group = 2 },

808

{ .name = "priority", .key = 130,

809

.arg = "PRIORITY",

810

.doc = "GNUTLS priority", .group = 1 },

811

{ .name = NULL }

812

};

813

814

815

error_t parse_opt (int key, char *arg,

816

struct argp_state *state) {

817

/* Get the INPUT argument from `argp_parse', which we know is

818

a pointer to our plugin list pointer. */

819

switch (key) {

820

case 128:

821

debug = true;

822

break;

823

case 'c':

824

connect_to = arg;

825

break;

826

case 'i':

827

interface = arg;

828

break;

829

case 'd':

830

keydir = arg;

831

break;

832

case 's':

833

seckeyname = arg;

834

break;

835

case 'p':

836

pubkeyname = arg;

837

break;

838

case 129:

839

errno = 0;

840

mc.dh_bits = (unsigned int) strtol(arg, NULL, 10);

841

if (errno){

842

perror("strtol");

843

exit(EXIT_FAILURE);

844

}

845

break;

846

case 130:

847

mc.priority = arg;

848

break;

849

case ARGP_KEY_ARG:

850

argp_usage (state);

851

case ARGP_KEY_END:

852

break;

853

default:

854

return ARGP_ERR_UNKNOWN;

855

}

856

return 0;

857

}

858

859

struct argp argp = { .options = options, .parser = parse_opt,

860

.args_doc = "",

861

.doc = "Mandos client -- Get and decrypt"

862

" passwords from mandos server" };

863

ret = argp_parse (&argp, argc, argv, 0, 0, NULL);

864

if (ret == ARGP_ERR_UNKNOWN){

865

fprintf(stderr, "Unknown error while parsing arguments\n");

866

exitcode = EXIT_FAILURE;

867

goto end;

868

}

869

}

870

871

pubkeyfilename = combinepath(keydir, pubkeyname);

872

if (pubkeyfilename == NULL){

873

perror("combinepath");

874

exitcode = EXIT_FAILURE;

875

goto end;

876

}

877

878

seckeyfilename = combinepath(keydir, seckeyname);

879

if (seckeyfilename == NULL){

880

perror("combinepath");

881

exitcode = EXIT_FAILURE;

882

goto end;

883

}

884

885

ret = init_gnutls_global(&mc, pubkeyfilename, seckeyfilename);

886

if (ret == -1){

887

fprintf(stderr, "init_gnutls_global failed\n");

888

exitcode = EXIT_FAILURE;

889

goto end;

890

} else {

891

gnutls_initalized = true;

892

}

893

894

/* If the interface is down, bring it up */

895

{

896

sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);

897

if(sd < 0) {

898

perror("socket");

899

exitcode = EXIT_FAILURE;

900

goto end;

901

}

902

strcpy(network.ifr_name, interface);

903

ret = ioctl(sd, SIOCGIFFLAGS, &network);

904

if(ret == -1){

905

perror("ioctl SIOCGIFFLAGS");

906

exitcode = EXIT_FAILURE;

907

goto end;

908

}

909

if((network.ifr_flags & IFF_UP) == 0){

910

network.ifr_flags |= IFF_UP;

911

ret = ioctl(sd, SIOCSIFFLAGS, &network);

912

if(ret == -1){

913

perror("ioctl SIOCSIFFLAGS");

914

exitcode = EXIT_FAILURE;

915

goto end;

916

}

917

}

918

close(sd);

919

}

920

921

uid = getuid();

922

gid = getgid();

923

924

ret = setuid(uid);

925

if (ret == -1){

926

perror("setuid");

927

}

928

929

setgid(gid);

930

if (ret == -1){

931

perror("setgid");

932

}

933

1205

934

if_index = (AvahiIfIndex) if_nametoindex(interface);

1206

935

if(if_index == 0){

1207

936

fprintf(stderr, "No such interface: \"%s\"\n", interface);

1208

exitcode = EXIT_FAILURE;

1209

goto end;

1210

}

1211

1212

if(quit_now){

1213

goto end;

1214

}

1215

1216

/* Re-raise priviliges */

1217

errno = 0;

1218

ret = seteuid(0);

1219

if(ret == -1){

1220

perror("seteuid");

1221

}

1222

1223

#ifdef __linux__

1224

/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO

1225

messages to mess up the prompt */

1226

ret = klogctl(8, NULL, 5);

1227

bool restore_loglevel = true;

1228

if(ret == -1){

1229

restore_loglevel = false;

1230

perror("klogctl");

1231

}

1232

#endif /* __linux__ */

1233

1234

sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);

1235

if(sd < 0){

1236

perror("socket");

1237

exitcode = EXIT_FAILURE;

1238

#ifdef __linux__

1239

if(restore_loglevel){

1240

ret = klogctl(7, NULL, 0);

1241

if(ret == -1){

1242

perror("klogctl");

1243

}

1244

}

1245

#endif /* __linux__ */

1246

/* Lower privileges */

1247

errno = 0;

1248

ret = seteuid(uid);

1249

if(ret == -1){

1250

perror("seteuid");

1251

}

1252

goto end;

1253

}

1254

strcpy(network.ifr_name, interface);

1255

ret = ioctl(sd, SIOCGIFFLAGS, &network);

1256

if(ret == -1){

1257

perror("ioctl SIOCGIFFLAGS");

1258

#ifdef __linux__

1259

if(restore_loglevel){

1260

ret = klogctl(7, NULL, 0);

1261

if(ret == -1){

1262

perror("klogctl");

1263

}

1264

}

1265

#endif /* __linux__ */

1266

exitcode = EXIT_FAILURE;

1267

/* Lower privileges */

1268

errno = 0;

1269

ret = seteuid(uid);

1270

if(ret == -1){

1271

perror("seteuid");

1272

}

1273

goto end;

1274

}

1275

if((network.ifr_flags & IFF_UP) == 0){

1276

network.ifr_flags |= IFF_UP;

1277

take_down_interface = true;

1278

ret = ioctl(sd, SIOCSIFFLAGS, &network);

1279

if(ret == -1){

1280

take_down_interface = false;

1281

perror("ioctl SIOCSIFFLAGS");

1282

exitcode = EXIT_FAILURE;

1283

#ifdef __linux__

1284

if(restore_loglevel){

1285

ret = klogctl(7, NULL, 0);

1286

if(ret == -1){

1287

perror("klogctl");

1288

}

1289

}

1290

#endif /* __linux__ */

1291

/* Lower privileges */

1292

errno = 0;

1293

ret = seteuid(uid);

1294

if(ret == -1){

1295

perror("seteuid");

1296

}

1297

goto end;

1298

}

1299

}

1300

/* sleep checking until interface is running */

1301

for(int i=0; i < delay * 4; i++){

1302

ret = ioctl(sd, SIOCGIFFLAGS, &network);

1303

if(ret == -1){

1304

perror("ioctl SIOCGIFFLAGS");

1305

} else if(network.ifr_flags & IFF_RUNNING){

1306

break;

1307

}

1308

struct timespec sleeptime = { .tv_nsec = 250000000 };

1309

ret = nanosleep(&sleeptime, NULL);

1310

if(ret == -1 and errno != EINTR){

1311

perror("nanosleep");

1312

}

1313

}

1314

if(not take_down_interface){

1315

/* We won't need the socket anymore */

1316

ret = (int)TEMP_FAILURE_RETRY(close(sd));

1317

if(ret == -1){

1318

perror("close");

1319

}

1320

}

1321

#ifdef __linux__

1322

if(restore_loglevel){

1323

/* Restores kernel loglevel to default */

1324

ret = klogctl(7, NULL, 0);

1325

if(ret == -1){

1326

perror("klogctl");

1327

}

1328

}

1329

#endif /* __linux__ */

1330

/* Lower privileges */

1331

errno = 0;

1332

if(take_down_interface){

1333

/* Lower privileges */

1334

ret = seteuid(uid);

1335

if(ret == -1){

1336

perror("seteuid");

1337

}

1338

} else {

1339

/* Lower privileges permanently */

1340

ret = setuid(uid);

1341

if(ret == -1){

1342

perror("setuid");

1343

}

1344

}

1345

}

1346

1347

if(quit_now){

1348

goto end;

1349

}

1350

1351

ret = init_gnutls_global(pubkey, seckey);

1352

if(ret == -1){

1353

fprintf(stderr, "init_gnutls_global failed\n");

1354

exitcode = EXIT_FAILURE;

1355

goto end;

1356

} else {

1357

gnutls_initialized = true;

1358

}

1359

1360

if(quit_now){

1361

goto end;

1362

}

1363

1364

tempdir_created = true;

1365

if(mkdtemp(tempdir) == NULL){

1366

tempdir_created = false;

1367

perror("mkdtemp");

1368

goto end;

1369

}

1370

1371

if(quit_now){

1372

goto end;

1373

}

1374

1375

if(not init_gpgme(pubkey, seckey, tempdir)){

1376

fprintf(stderr, "init_gpgme failed\n");

1377

exitcode = EXIT_FAILURE;

1378

goto end;

1379

} else {

1380

gpgme_initialized = true;

1381

}

1382

1383

if(quit_now){

1384

goto end;

1385

}

1386

1387

if(connect_to != NULL){

1388

/* Connect directly, do not use Zeroconf */

1389

/* (Mainly meant for debugging) */

1390

char *address = strrchr(connect_to, ':');

1391

if(address == NULL){

1392

fprintf(stderr, "No colon in address\n");

1393

exitcode = EXIT_FAILURE;

1394

goto end;

1395

}

1396

1397

if(quit_now){

1398

goto end;

1399

}

1400

1401

uint16_t port;

1402

errno = 0;

1403

tmpmax = strtoimax(address+1, &tmp, 10);

1404

if(errno != 0 or tmp == address+1 or *tmp != '\0'

1405

or tmpmax != (uint16_t)tmpmax){

1406

fprintf(stderr, "Bad port number\n");

1407

exitcode = EXIT_FAILURE;

1408

goto end;

1409

}

1410

1411

if(quit_now){

1412

goto end;

1413

}

1414

1415

port = (uint16_t)tmpmax;

1416

*address = '\0';

1417

address = connect_to;

1418

/* Colon in address indicates IPv6 */

1419

int af;

1420

if(strchr(address, ':') != NULL){

1421

af = AF_INET6;

1422

} else {

1423

af = AF_INET;

1424

}

1425

1426

if(quit_now){

1427

goto end;

1428

}

1429

1430

ret = start_mandos_communication(address, port, if_index, af);

1431

if(ret < 0){

1432

exitcode = EXIT_FAILURE;

1433

} else {

1434

exitcode = EXIT_SUCCESS;

1435

}

1436

goto end;

1437

}

1438

1439

if(quit_now){

1440

goto end;

1441

}

1442

1443

{

1444

AvahiServerConfig config;

1445

/* Do not publish any local Zeroconf records */

1446

avahi_server_config_init(&config);

1447

config.publish_hinfo = 0;

1448

config.publish_addresses = 0;

1449

config.publish_workstation = 0;

1450

config.publish_domain = 0;

1451

1452

/* Allocate a new server */

1453

mc.server = avahi_server_new(avahi_simple_poll_get

1454

(mc.simple_poll), &config, NULL,

1455

NULL, &error);

1456

1457

/* Free the Avahi configuration data */

1458

avahi_server_config_free(&config);

1459

}

1460

1461

/* Check if creating the Avahi server object succeeded */

1462

if(mc.server == NULL){

1463

fprintf(stderr, "Failed to create Avahi server: %s\n",

1464

avahi_strerror(error));

1465

exitcode = EXIT_FAILURE;

1466

goto end;

1467

}

1468

1469

if(quit_now){

1470

goto end;

1471

}

1472

1473

/* Create the Avahi service browser */

1474

sb = avahi_s_service_browser_new(mc.server, if_index,

1475

AVAHI_PROTO_UNSPEC, "_mandos._tcp",

1476

NULL, 0, browse_callback, NULL);

1477

if(sb == NULL){

1478

fprintf(stderr, "Failed to create service browser: %s\n",

1479

avahi_strerror(avahi_server_errno(mc.server)));

1480

exitcode = EXIT_FAILURE;

1481

goto end;

1482

}

1483

1484

if(quit_now){

1485

goto end;

1486

}

1487

1488

/* Run the main loop */

1489

1490

if(debug){

1491

fprintf(stderr, "Starting Avahi loop search\n");

1492

}

1493

1494

avahi_simple_poll_loop(mc.simple_poll);

1495

937

exit(EXIT_FAILURE);

938

}

939

940

if(connect_to != NULL){

941

/* Connect directly, do not use Zeroconf */

942

/* (Mainly meant for debugging) */

943

char *address = strrchr(connect_to, ':');

944

if(address == NULL){

945

fprintf(stderr, "No colon in address\n");

946

exitcode = EXIT_FAILURE;

947

goto end;

948

}

949

errno = 0;

950

uint16_t port = (uint16_t) strtol(address+1, NULL, 10);

951

if(errno){

952

perror("Bad port number");

953

exitcode = EXIT_FAILURE;

954

goto end;

955

}

956

*address = '\0';

957

address = connect_to;

958

ret = start_mandos_communication(address, port, if_index, &mc);

959

if(ret < 0){

960

exitcode = EXIT_FAILURE;

961

} else {

962

exitcode = EXIT_SUCCESS;

963

}

964

goto end;

965

}

966

967

if (not debug){

968

avahi_set_log_function(empty_log);

969

}

970

971

/* Initialize the pseudo-RNG for Avahi */

972

srand((unsigned int) time(NULL));

973

974

/* Allocate main Avahi loop object */

975

mc.simple_poll = avahi_simple_poll_new();

976

if (mc.simple_poll == NULL) {

977

fprintf(stderr, "Avahi: Failed to create simple poll"

978

" object.\n");

979

exitcode = EXIT_FAILURE;

980

goto end;

981

}

982

983

{

984

AvahiServerConfig config;

985

/* Do not publish any local Zeroconf records */

986

avahi_server_config_init(&config);

987

config.publish_hinfo = 0;

988

config.publish_addresses = 0;

989

config.publish_workstation = 0;

990

config.publish_domain = 0;

991

992

/* Allocate a new server */

993

mc.server = avahi_server_new(avahi_simple_poll_get

994

(mc.simple_poll), &config, NULL,

995

NULL, &error);

996

997

/* Free the Avahi configuration data */

998

avahi_server_config_free(&config);

999

}

1000

1001

/* Check if creating the Avahi server object succeeded */

1002

if (mc.server == NULL) {

1003

fprintf(stderr, "Failed to create Avahi server: %s\n",

1004

avahi_strerror(error));

1005

exitcode = EXIT_FAILURE;

1006

goto end;

1007

}

1008

1009

/* Create the Avahi service browser */

1010

sb = avahi_s_service_browser_new(mc.server, if_index,

1011

AVAHI_PROTO_INET6,

1012

"_mandos._tcp", NULL, 0,

1013

browse_callback, &mc);

1014

if (sb == NULL) {

1015

fprintf(stderr, "Failed to create service browser: %s\n",

1016

avahi_strerror(avahi_server_errno(mc.server)));

1017

exitcode = EXIT_FAILURE;

1018

goto end;

1019

}

1020

1021

/* Run the main loop */

1022

1023

if (debug){

1024

fprintf(stderr, "Starting Avahi loop search\n");

1025

}

1026

1027

avahi_simple_poll_loop(mc.simple_poll);

1028

1496

1029

end:

1497

1498

if(debug){

1499

fprintf(stderr, "%s exiting\n", argv[0]);

1500

}

1501

1502

/* Cleanup things */

1503

if(sb != NULL)

1504

avahi_s_service_browser_free(sb);

1505

1506

if(mc.server != NULL)

1507

avahi_server_free(mc.server);

1508

1509

if(mc.simple_poll != NULL)

1510

avahi_simple_poll_free(mc.simple_poll);

1511

1512

if(gnutls_initialized){

1513

gnutls_certificate_free_credentials(mc.cred);

1514

gnutls_global_deinit();

1515

gnutls_dh_params_deinit(mc.dh_params);

1516

}

1517

1518

if(gpgme_initialized){

1519

gpgme_release(mc.ctx);

1520

}

1521

1522

/* Take down the network interface */

1523

if(take_down_interface){

1524

/* Re-raise priviliges */

1525

errno = 0;

1526

ret = seteuid(0);

1527

if(ret == -1){

1528

perror("seteuid");

1529

}

1530

if(geteuid() == 0){

1531

ret = ioctl(sd, SIOCGIFFLAGS, &network);

1532

if(ret == -1){

1533

perror("ioctl SIOCGIFFLAGS");

1534

} else if(network.ifr_flags & IFF_UP) {

1535

network.ifr_flags &= ~IFF_UP; /* clear flag */

1536

ret = ioctl(sd, SIOCSIFFLAGS, &network);

1537

if(ret == -1){

1538

perror("ioctl SIOCSIFFLAGS");

1539

}

1540

}

1541

ret = (int)TEMP_FAILURE_RETRY(close(sd));

1542

if(ret == -1){

1543

perror("close");

1544

}

1545

/* Lower privileges permanently */

1546

errno = 0;

1547

ret = setuid(uid);

1548

if(ret == -1){

1549

perror("setuid");

1550

}

1551

}

1552

}

1553

1554

/* Removes the temp directory used by GPGME */

1555

if(tempdir_created){

1556

DIR *d;

1557

struct dirent *direntry;

1558

d = opendir(tempdir);

1559

if(d == NULL){

1560

if(errno != ENOENT){

1561

perror("opendir");

1562

}

1563

} else {

1564

while(true){

1565

direntry = readdir(d);

1566

if(direntry == NULL){

1567

break;

1568

}

1569

/* Skip "." and ".." */

1570

if(direntry->d_name[0] == '.'

1571

and (direntry->d_name[1] == '\0'

1572

or (direntry->d_name[1] == '.'

1573

and direntry->d_name[2] == '\0'))){

1574

continue;

1575

}

1576

char *fullname = NULL;

1577

ret = asprintf(&fullname, "%s/%s", tempdir,

1578

direntry->d_name);

1579

if(ret < 0){

1580

perror("asprintf");

1581

continue;

1582

}

1583

ret = remove(fullname);

1584

if(ret == -1){

1585

fprintf(stderr, "remove(\"%s\"): %s\n", fullname,

1586

strerror(errno));

1587

}

1588

free(fullname);

1589

}

1590

closedir(d);

1591

}

1592

ret = rmdir(tempdir);

1593

if(ret == -1 and errno != ENOENT){

1594

perror("rmdir");

1595

}

1596

}

1597

1598

if(quit_now){

1599

sigemptyset(&old_sigterm_action.sa_mask);

1600

old_sigterm_action.sa_handler = SIG_DFL;

1601

ret = sigaction(signal_received, &old_sigterm_action, NULL);

1602

if(ret == -1){

1603

perror("sigaction");

1604

}

1605

raise(signal_received);

1606

}

1607

1608

return exitcode;

1030

1031

if (debug){

1032

fprintf(stderr, "%s exiting\n", argv[0]);

1033

}

1034

1035

/* Cleanup things */

1036

if (sb != NULL)

1037

avahi_s_service_browser_free(sb);

1038

1039

if (mc.server != NULL)

1040

avahi_server_free(mc.server);

1041

1042

if (mc.simple_poll != NULL)

1043

avahi_simple_poll_free(mc.simple_poll);

1044

free(pubkeyfilename);

1045

free(seckeyfilename);

1046

1047

if (gnutls_initalized){

1048

gnutls_certificate_free_credentials(mc.cred);

1049

gnutls_global_deinit ();

1050

}

1051

1052

return exitcode;

1609

1053

}

Older »