/mandos/trunk : revision 238

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-keygen

Committer: Teddy Hogeborn
Date: 2008-12-10 01:26:02 UTC
mfrom: (237.1.2 mandos)
Revision ID: teddy@fukt.bsnet.se-20081210012602-vhz3h75xkj24t340

First version of a somewhat complete D-Bus server interface.  Also
change user/group name to "_mandos".

* debian/mandos.postinst: Rename old "mandos" user and group to
                          "_mandos"; create "_mandos" user and group
                          if none exist.
* debian/mandos-client.postinst: - '' -

* initramfs-tools-hook: Try "_mandos" before "mandos" as user and
                        group name.

* mandos (_datetime_to_dbus_struct): New; was previously local.
  (Client.started): Renamed to "last_started".  All users changed.
  (Client.started): New; boolean.
  (Client.dbus_object_path): New.
  (Client.check_command): Renamed to "checker_command".  All users
                          changed.
  (Client.__init__): Set and use "self.dbus_object_path".  Set
                     "self.started".
  (Client.start): Update "self.started".  Emit "self.PropertyChanged"
                  signals for both "started" and "last_started".
  (Client.stop): Update "self.started".  Emit "self.PropertyChanged"
                 signal for "started".
  (Client.checker_callback): Take additional "command" argument.  All
                             callers changed. Emit
                             "self.PropertyChanged" signal.
  (Client.bump_timeout): Emit "self.PropertyChanged" signal for
                         "last_checked_ok".
  (Client.start_checker): Emit "self.PropertyChanged" signal for
                          "checker_running".
  (Client.stop_checker): Emit "self.PropertyChanged" signal for
                         "checker_running".
  (Client.still_valid): Bug fix: use "getattr(self, started, False)"
                        instead of "self.started" in case this client
                        object is so new that the "started" attribute
                        has not been created yet.
  (Client.IntervalChanged, Client.CheckerIsRunning, Client.GetChecker,
  Client.GetCreated, Client.GetFingerprint, Client.GetHost,
  Client.GetInterval, Client.GetName, Client.GetStarted,
  Client.GetTimeout, Client.StateChanged, Client.TimeoutChanged):
  Removed; all callers changed.
  (Client.CheckerCompleted): Add "condition" and "command" arguments.
                             All callers changed.
  (Client.GetAllProperties, Client.PropertyChanged): New.
  (Client.StillValid): Renamed to "IsStillValid".
  (Client.StartChecker): Changed to its own function to avoid the
                         return value from "Client.start_checker()".
  (Client.Stop): Changed to its own function to avoid the return value
                 from "Client.stop()".
  (main): Try "_mandos" before "mandos" as user and group name.
          Removed inner function "remove_from_clients".  New inner
          class "MandosServer".

files added:
debian/mandos-client.config

debian/mandos-client.templates

debian/mandos.config

debian/mandos.templates

debian/po/POTFILES.in

debian/po/sv.po

files removed:
DBUS-API

dbus-mandos.conf

debian/mandos-client.examples

debian/source

debian/source/format

debian/source/local-options

debian/upstream

debian/upstream/signing-key.asc

debian/watch

initramfs-unpack

intro.xml

mandos-ctl

mandos-ctl.xml

mandos-monitor

mandos-monitor.xml

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

plugins.d/plymouth.c

plugins.d/plymouth.xml

files modified:
.bzrignore

INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.postinst

debian/mandos.prerm

debian/rules

init.d-mandos

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

plugin-runner.c

plugin-runner.conf

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

mandos-keygen

# Mandos key generator - create a new OpenPGP key for a Mandos client

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# You should have received a copy of the GNU General Public License

# along with this program. If not, see <http://www.gnu.org/licenses/>.

# Contact the authors at <mandos@recompile.se>.

# Contact the authors at <mandos@fukt.bsnet.se>.

VERSION="1.6.9"

VERSION="1.0.2"

KEYDIR="/etc/keys/mandos"

KEYTYPE=RSA

KEYLENGTH=4096

SUBKEYTYPE=RSA

SUBKEYLENGTH=4096

KEYTYPE=DSA

KEYLENGTH=2048

SUBKEYTYPE=ELG-E

SUBKEYLENGTH=2048

KEYNAME="`hostname --fqdn 2>/dev/null || hostname`"

KEYEMAIL=""

KEYCOMMENT=""

KEYCOMMENT="Mandos client key"

KEYEXPIRE=0

FORCE=no

SSH=yes

KEYCOMMENT_ORIG="$KEYCOMMENT"

mode=keygen

# Parse options

TEMP=`getopt --options vhpF:d:t:l:s:L:n:e:c:x:fS \

--longoptions version,help,password,passfile:,dir:,type:,length:,subtype:,sublength:,name:,email:,comment:,expire:,force,no-ssh \

TEMP=`getopt --options vhpF:d:t:l:s:L:n:e:c:x:f \

--longoptions version,help,password,passfile:,dir:,type:,length:,subtype:,sublength:,name:,email:,comment:,expire:,force \

--name "$0" -- "$@"`

help(){

basename="`basename "$0"`"

basename="`basename $0`"

cat <<EOF

Usage: $basename [ -v | --version ]

$basename [ -h | --help ]

-v, --version Show program's version number and exit

-h, --help Show this help message and exit

-d DIR, --dir DIR Target directory for key files

-t TYPE, --type TYPE Key type. Default is RSA.

-t TYPE, --type TYPE Key type. Default is DSA.

-l BITS, --length BITS

Key length in bits. Default is 4096.

Key length in bits. Default is 2048.

-s TYPE, --subtype TYPE

Subkey type. Default is RSA.

Subkey type. Default is ELG-E.

-L BITS, --sublength BITS

Subkey length in bits. Default is 4096.

Subkey length in bits. Default is 2048.

-n NAME, --name NAME Name of key. Default is the FQDN.

-e ADDRESS, --email ADDRESS

Email address of key. Default is empty.

-c TEXT, --comment TEXT

Comment field for key. The default is empty.

Comment field for key. The default value is

"Mandos client key".

-x TIME, --expire TIME

Key expire time. Default is no expiration.

See gpg(1) for syntax.

Encrypt a password from FILE using the key in

the key directory. All options other than

--dir and --name are ignored.

-S, --no-ssh Don't get SSH key or set "checker" option.

EOF

}

105

104

-c|--comment) KEYCOMMENT="$2"; shift 2;;

106

105

-x|--expire) KEYEXPIRE="$2"; shift 2;;

107

106

-f|--force) FORCE=yes; shift;;

108

-S|--no-ssh) SSH=no; shift;;

109

107

-v|--version) echo "$0 $VERSION"; exit;;

110

108

-h|--help) help; exit;;

111

109

--) shift; break;;

113

111

esac

114

112

done

115

113

if [ "$#" -gt 0 ]; then

116

echo "Unknown arguments: '$*'" >&2

114

echo "Unknown arguments: '$@'" >&2

117

115

exit 1

118

116

119

117

149

147

echo "Invalid key length" >&2

150

148

exit 1

151

149

152

150

153

151

if [ -z "$KEYEXPIRE" ]; then

154

152

echo "Empty key expiration" >&2

155

153

exit 1

174

172

if [ -n "$KEYEMAIL" ]; then

175

173

KEYEMAILLINE="Name-Email: $KEYEMAIL"

176

174

177

175

178

176

# Create temporary gpg batch file

179

177

BATCHFILE="`mktemp -t mandos-keygen-batch.XXXXXXXXXX`"

180

178

191

189

trap "

192

190

set +e; \

193

191

test -n \"$SECFILE\" && shred --remove \"$SECFILE\"; \

194

shred --remove \"$RINGDIR\"/sec* 2>/dev/null;

192

shred --remove \"$RINGDIR\"/sec*;

195

193

test -n \"$BATCHFILE\" && rm --force \"$BATCHFILE\"; \

196

194

rm --recursive --force \"$RINGDIR\";

197

tty --quiet && stty echo; \

195

stty echo; \

198

196

" EXIT

199

197

200

set -e

201

202

198

umask 077

203

199

204

200

if [ "$mode" = keygen ]; then

206

202

cat >"$BATCHFILE" <<-EOF

207

203

Key-Type: $KEYTYPE

208

204

Key-Length: $KEYLENGTH

209

Key-Usage: sign,auth

205

#Key-Usage: encrypt,sign,auth

210

206

Subkey-Type: $SUBKEYTYPE

211

207

Subkey-Length: $SUBKEYLENGTH

212

Subkey-Usage: encrypt

208

#Subkey-Usage: encrypt,sign,auth

213

209

Name-Real: $KEYNAME

214

210

$KEYCOMMENTLINE

215

211

$KEYEMAILLINE

221

217

%commit

222

218

EOF

223

219

224

if tty --quiet; then

225

cat <<-EOF

226

Note: Due to entropy requirements, key generation could take

227

anything from a few minutes to SEVERAL HOURS. Please be

228

patient and/or supply the system with more entropy if needed.

229

EOF

230

echo -n "Started: "

231

date

232

233

234

# Make sure trustdb.gpg exists;

235

# this is a workaround for Debian bug #737128

236

gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

237

--homedir "$RINGDIR" \

238

--import-ownertrust < /dev/null

239

220

# Generate a new key in the key rings

240

221

gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

241

222

--homedir "$RINGDIR" --trust-model always \

242

223

--gen-key "$BATCHFILE"

243

224

rm --force "$BATCHFILE"

244

225

245

if tty --quiet; then

246

echo -n "Finished: "

247

date

248

249

250

226

# Backup any old key files

251

227

if cp --backup=numbered --force "$SECKEYFILE" "$SECKEYFILE" \

252

228

2>/dev/null; then

277

253

278

254

279

255

if [ "$mode" = password ]; then

280

281

# Make SSH be 0 or 1

282

case "$SSH" in

283

[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]) SSH=1;;

284

[Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|*) SSH=0;;

285

esac

286

287

if [ $SSH -eq 1 ]; then

288

set +e

289

ssh_fingerprint="`ssh-keyscan localhost 2>/dev/null`"

290

if [ $? -ne 0 ]; then

291

ssh_fingerprint=""

292

293

set -e

294

ssh_fingerprint="${ssh_fingerprint#localhost }"

295

296

297

256

# Import key into temporary key rings

298

257

gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

299

258

--homedir "$RINGDIR" --trust-model always --armor \

304

263

305

264

# Get fingerprint of key

306

265

FINGERPRINT="`gpg --quiet --batch --no-tty --no-options \

307

--enable-dsa2 --homedir "$RINGDIR" --trust-model always \

266

--enable-dsa2 --homedir \"$RINGDIR\" --trust-model always \

308

267

--fingerprint --with-colons \

309

268

| sed --quiet \

310

269

--expression='/^fpr:/{s/^fpr:.*:\$[0-9A-Z]*\$:\$/\\1/p;q}'`"

313

272

314

273

FILECOMMENT="Encrypted password for a Mandos client"

315

274

316

while [ ! -s "$SECFILE" ]; do

317

if [ -n "$PASSFILE" ]; then

318

cat "$PASSFILE"

275

if [ -n "$PASSFILE" ]; then

276

cat "$PASSFILE"

277

else

278

stty -echo

279

echo -n "Enter passphrase: " >&2

280

first="$(head --lines=1 | tr --delete '\n')"

281

echo -n -e "\nRepeat passphrase: " >&2

282

second="$(head --lines=1 | tr --delete '\n')"

283

echo >&2

284

stty echo

285

if [ "$first" != "$second" ]; then

286

echo -e "Passphrase mismatch" >&2

287

false

319

288

else

320

tty --quiet && stty -echo

321

echo -n "Enter passphrase: " >&2

322

read first

323

tty --quiet && echo >&2

324

echo -n "Repeat passphrase: " >&2

325

read second

326

if tty --quiet; then

327

echo >&2

328

stty echo

329

330

if [ "$first" != "$second" ]; then

331

echo "Passphrase mismatch" >&2

332

touch "$RINGDIR"/mismatch

333

else

334

echo -n "$first"

335

336

fi | gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

337

--homedir "$RINGDIR" --trust-model always --armor \

338

--encrypt --sign --recipient "$FINGERPRINT" --comment \

339

"$FILECOMMENT" > "$SECFILE"

340

if [ -e "$RINGDIR"/mismatch ]; then

341

rm --force "$RINGDIR"/mismatch

342

if tty --quiet; then

343

> "$SECFILE"

344

else

345

exit 1

346

289

echo -n "$first"

347

290

348

done

291

fi | gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

292

--homedir "$RINGDIR" --trust-model always --armor --encrypt \

293

--sign --recipient "$FINGERPRINT" --comment "$FILECOMMENT" \

294

> "$SECFILE"

295

status="${PIPESTATUS[0]}"

296

if [ "$status" -ne 0 ]; then

297

exit "$status"

298

349

299

350

300

cat <<-EOF

351

301

[$KEYNAME]

362

312

/^[^-]/s/^/ /p

363

313

}

364

314

}' < "$SECFILE"

365

if [ -n "$ssh_fingerprint" ]; then

366

echo 'checker = ssh-keyscan %%(host)s 2>/dev/null | grep --fixed-strings --line-regexp --quiet --regexp=%%(host)s" %(ssh_fingerprint)s"'

367

echo "ssh_fingerprint = ${ssh_fingerprint}"

368

369

315

370

316

371

317

trap - EXIT

376

322

shred --remove "$SECFILE"

377

323

378

324

# Remove the key rings

379

shred --remove "$RINGDIR"/sec* 2>/dev/null

325

shred --remove "$RINGDIR"/sec*

380

326

rm --recursive --force "$RINGDIR"

Older »