/mandos/trunk : revision 266

1

/* -*- coding: utf-8 -*- */

2

/*

3

* Mandos client - get and decrypt data from a Mandos server

3

* Mandos-client - get and decrypt data from a Mandos server

4

*

5

* This program is partly derived from an example program for an Avahi

6

* service browser, downloaded from

9

* "browse_callback", and parts of "main".

10

*

11

* Everything else is

12

13

14

*

14

15

* This program is free software: you can redistribute it and/or

15

16

* modify it under the terms of the GNU General Public License as

32

33

#define _LARGEFILE_SOURCE

33

34

#define _FILE_OFFSET_BITS 64

34

35

#define _GNU_SOURCE /* TEMP_FAILURE_RETRY() */

36

#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */

36

37

#include <stdio.h> /* fprintf(), stderr, fwrite(), stdout,

38

ferror() */

38

#include <stdio.h> /* fprintf(), stderr, fwrite(),

39

stdout, ferror(), sscanf */

39

40

#include <stdint.h> /* uint16_t, uint32_t */

40

41

#include <stddef.h> /* NULL, size_t, ssize_t */

41

42

#include <stdlib.h> /* free(), EXIT_SUCCESS, EXIT_FAILURE,

42

43

srand() */

43

44

#include <stdbool.h> /* bool, true */

44

45

#include <string.h> /* memset(), strcmp(), strlen(),

45

strerror(), memcpy(), strcpy() */

46

strerror(), asprintf(), strcpy() */

46

47

#include <sys/ioctl.h> /* ioctl */

47

48

#include <sys/types.h> /* socket(), inet_pton(), sockaddr,

48

49

sockaddr_in6, PF_INET6,

49

50

SOCK_STREAM, INET6_ADDRSTRLEN,

50

uid_t, gid_t */

51

#include <inttypes.h> /* PRIu16 */

51

uid_t, gid_t, open(), opendir(),

52

DIR */

53

#include <sys/stat.h> /* open() */

52

54

#include <sys/socket.h> /* socket(), struct sockaddr_in6,

53

55

struct in6_addr, inet_pton(),

54

56

connect() */

57

#include <fcntl.h> /* open() */

58

#include <dirent.h> /* opendir(), struct dirent, readdir()

59

*/

60

#include <inttypes.h> /* PRIu16, SCNu16 */

55

61

#include <assert.h> /* assert() */

56

62

#include <errno.h> /* perror(), errno */

57

63

#include <time.h> /* time() */

58

64

#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,

59

65

SIOCSIFFLAGS, if_indextoname(),

60

66

if_nametoindex(), IF_NAMESIZE */

67

#include <netinet/in.h>

61

68

#include <unistd.h> /* close(), SEEK_SET, off_t, write(),

62

69

getuid(), getgid(), setuid(),

63

70

setgid() */

64

#include <netinet/in.h>

65

71

#include <arpa/inet.h> /* inet_pton(), htons */

66

#include <iso646.h> /* not, and */

72

#include <iso646.h> /* not, and, or */

67

73

#include <argp.h> /* struct argp_option, error_t, struct

68

74

argp_state, struct argp,

69

75

argp_parse(), ARGP_KEY_ARG,

81

87

#include <avahi-common/error.h>

82

88

83

89

/* GnuTLS */

84

#include <gnutls/gnutls.h> /* All GnuTLS types, constants and functions

90

#include <gnutls/gnutls.h> /* All GnuTLS types, constants and

91

functions:

85

92

gnutls_*

86

93

init_gnutls_session(),

87

94

GNUTLS_* */

88

#include <gnutls/openpgp.h> /* gnutls_certificate_set_openpgp_key_file(),

95

#include <gnutls/openpgp.h>

96

/* gnutls_certificate_set_openpgp_key_file(),

89

97

GNUTLS_OPENPGP_FMT_BASE64 */

90

98

91

99

/* GPGME */

92

#include <gpgme.h> /* All GPGME types, constants and functions

100

#include <gpgme.h> /* All GPGME types, constants and

101

functions:

93

102

gpgme_*

94

103

GPGME_PROTOCOL_OpenPGP,

95

104

GPG_ERR_NO_* */

96

105

97

106

#define BUFFER_SIZE 256

98

107

108

#define PATHDIR "/conf/conf.d/mandos"

109

#define SECKEY "seckey.txt"

110

#define PUBKEY "pubkey.txt"

111

99

112

bool debug = false;

100

static const char *keydir = "/conf/conf.d/mandos";

101

113

static const char mandos_protocol_version[] = "1";

102

const char *argp_program_version = "password-request 1.0";

114

const char *argp_program_version = "mandos-client " VERSION;

103

115

const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";

104

116

105

117

/* Used for passing in values through the Avahi callback functions */

110

122

unsigned int dh_bits;

111

123

gnutls_dh_params_t dh_params;

112

124

const char *priority;

125

gpgme_ctx_t ctx;

113

126

} mandos_context;

114

127

115

128

/*

119

132

*/

120

133

size_t adjustbuffer(char **buffer, size_t buffer_length,

121

134

size_t buffer_capacity){

122

if (buffer_length + BUFFER_SIZE > buffer_capacity){

135

if(buffer_length + BUFFER_SIZE > buffer_capacity){

123

136

*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);

124

if (buffer == NULL){

137

if(buffer == NULL){

125

138

return 0;

126

139

}

127

140

buffer_capacity += BUFFER_SIZE;

130

143

}

131

144

132

145

/*

133

* Decrypt OpenPGP data using keyrings in HOMEDIR.

134

* Returns -1 on error

146

* Initialize GPGME.

135

147

*/

136

static ssize_t pgp_packet_decrypt (const char *cryptotext,

137

size_t crypto_size,

138

char **plaintext,

139

const char *homedir){

140

gpgme_data_t dh_crypto, dh_plain;

141

gpgme_ctx_t ctx;

148

static bool init_gpgme(mandos_context *mc, const char *seckey,

149

const char *pubkey, const char *tempdir){

150

int ret;

142

151

gpgme_error_t rc;

143

ssize_t ret;

144

size_t plaintext_capacity = 0;

145

ssize_t plaintext_length = 0;

146

152

gpgme_engine_info_t engine_info;

147

153

148

if (debug){

149

fprintf(stderr, "Trying to decrypt OpenPGP data\n");

154

155

/*

156

* Helper function to insert pub and seckey to the enigne keyring.

157

*/

158

bool import_key(const char *filename){

159

int fd;

160

gpgme_data_t pgp_data;

161

162

fd = (int)TEMP_FAILURE_RETRY(open(filename, O_RDONLY));

163

if(fd == -1){

164

perror("open");

165

return false;

166

}

167

168

rc = gpgme_data_new_from_fd(&pgp_data, fd);

169

if(rc != GPG_ERR_NO_ERROR){

170

fprintf(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",

171

gpgme_strsource(rc), gpgme_strerror(rc));

172

return false;

173

}

174

175

rc = gpgme_op_import(mc->ctx, pgp_data);

176

if(rc != GPG_ERR_NO_ERROR){

177

fprintf(stderr, "bad gpgme_op_import: %s: %s\n",

178

gpgme_strsource(rc), gpgme_strerror(rc));

179

return false;

180

}

181

182

ret = (int)TEMP_FAILURE_RETRY(close(fd));

183

if(ret == -1){

184

perror("close");

185

}

186

gpgme_data_release(pgp_data);

187

return true;

188

}

189

190

if(debug){

191

fprintf(stderr, "Initialize gpgme\n");

150

192

}

151

193

152

194

/* Init GPGME */

153

195

gpgme_check_version(NULL);

154

196

rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);

155

if (rc != GPG_ERR_NO_ERROR){

197

if(rc != GPG_ERR_NO_ERROR){

156

198

fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",

157

199

gpgme_strsource(rc), gpgme_strerror(rc));

158

return -1;

200

return false;

159

201

}

160

202

161

/* Set GPGME home directory for the OpenPGP engine only */

162

rc = gpgme_get_engine_info (&engine_info);

163

if (rc != GPG_ERR_NO_ERROR){

203

/* Set GPGME home directory for the OpenPGP engine only */

204

rc = gpgme_get_engine_info(&engine_info);

205

if(rc != GPG_ERR_NO_ERROR){

164

206

fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",

165

207

gpgme_strsource(rc), gpgme_strerror(rc));

166

return -1;

208

return false;

167

209

}

168

210

while(engine_info != NULL){

169

211

if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){

170

212

gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,

171

engine_info->file_name, homedir);

213

engine_info->file_name, tempdir);

172

214

break;

173

215

}

174

216

engine_info = engine_info->next;

175

217

}

176

218

if(engine_info == NULL){

177

fprintf(stderr, "Could not set GPGME home dir to %s\n", homedir);

178

return -1;

219

fprintf(stderr, "Could not set GPGME home dir to %s\n", tempdir);

220

return false;

221

}

222

223

/* Create new GPGME "context" */

224

rc = gpgme_new(&(mc->ctx));

225

if(rc != GPG_ERR_NO_ERROR){

226

fprintf(stderr, "bad gpgme_new: %s: %s\n",

227

gpgme_strsource(rc), gpgme_strerror(rc));

228

return false;

229

}

230

231

if(not import_key(pubkey) or not import_key(seckey)){

232

return false;

233

}

234

235

return true;

236

}

237

238

/*

239

* Decrypt OpenPGP data.

240

* Returns -1 on error

241

*/

242

static ssize_t pgp_packet_decrypt(const mandos_context *mc,

243

const char *cryptotext,

244

size_t crypto_size,

245

char **plaintext){

246

gpgme_data_t dh_crypto, dh_plain;

247

gpgme_error_t rc;

248

ssize_t ret;

249

size_t plaintext_capacity = 0;

250

ssize_t plaintext_length = 0;

251

252

if(debug){

253

fprintf(stderr, "Trying to decrypt OpenPGP data\n");

179

254

}

180

255

181

256

/* Create new GPGME data buffer from memory cryptotext */

182

257

rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,

183

258

0);

184

if (rc != GPG_ERR_NO_ERROR){

259

if(rc != GPG_ERR_NO_ERROR){

185

260

fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",

186

261

gpgme_strsource(rc), gpgme_strerror(rc));

187

262

return -1;

189

264

190

265

/* Create new empty GPGME data buffer for the plaintext */

191

266

rc = gpgme_data_new(&dh_plain);

192

if (rc != GPG_ERR_NO_ERROR){

267

if(rc != GPG_ERR_NO_ERROR){

193

268

fprintf(stderr, "bad gpgme_data_new: %s: %s\n",

194

269

gpgme_strsource(rc), gpgme_strerror(rc));

195

270

gpgme_data_release(dh_crypto);

196

271

return -1;

197

272

}

198

273

199

/* Create new GPGME "context" */

200

rc = gpgme_new(&ctx);

201

if (rc != GPG_ERR_NO_ERROR){

202

fprintf(stderr, "bad gpgme_new: %s: %s\n",

203

gpgme_strsource(rc), gpgme_strerror(rc));

204

plaintext_length = -1;

205

goto decrypt_end;

206

}

207

208

274

/* Decrypt data from the cryptotext data buffer to the plaintext

209

275

data buffer */

210

rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);

211

if (rc != GPG_ERR_NO_ERROR){

276

rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);

277

if(rc != GPG_ERR_NO_ERROR){

212

278

fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",

213

279

gpgme_strsource(rc), gpgme_strerror(rc));

214

280

plaintext_length = -1;

281

if(debug){

282

gpgme_decrypt_result_t result;

283

result = gpgme_op_decrypt_result(mc->ctx);

284

if(result == NULL){

285

fprintf(stderr, "gpgme_op_decrypt_result failed\n");

286

} else {

287

fprintf(stderr, "Unsupported algorithm: %s\n",

288

result->unsupported_algorithm);

289

fprintf(stderr, "Wrong key usage: %u\n",

290

result->wrong_key_usage);

291

if(result->file_name != NULL){

292

fprintf(stderr, "File name: %s\n", result->file_name);

293

}

294

gpgme_recipient_t recipient;

295

recipient = result->recipients;

296

if(recipient){

297

while(recipient != NULL){

298

fprintf(stderr, "Public key algorithm: %s\n",

299

gpgme_pubkey_algo_name(recipient->pubkey_algo));

300

fprintf(stderr, "Key ID: %s\n", recipient->keyid);

301

fprintf(stderr, "Secret key available: %s\n",

302

recipient->status == GPG_ERR_NO_SECKEY

303

? "No" : "Yes");

304

recipient = recipient->next;

305

}

306

}

307

}

308

}

215

309

goto decrypt_end;

216

310

}

217

311

219

313

fprintf(stderr, "Decryption of OpenPGP data succeeded\n");

220

314

}

221

315

222

if (debug){

223

gpgme_decrypt_result_t result;

224

result = gpgme_op_decrypt_result(ctx);

225

if (result == NULL){

226

fprintf(stderr, "gpgme_op_decrypt_result failed\n");

227

} else {

228

fprintf(stderr, "Unsupported algorithm: %s\n",

229

result->unsupported_algorithm);

230

fprintf(stderr, "Wrong key usage: %u\n",

231

result->wrong_key_usage);

232

if(result->file_name != NULL){

233

fprintf(stderr, "File name: %s\n", result->file_name);

234

}

235

gpgme_recipient_t recipient;

236

recipient = result->recipients;

237

if(recipient){

238

while(recipient != NULL){

239

fprintf(stderr, "Public key algorithm: %s\n",

240

gpgme_pubkey_algo_name(recipient->pubkey_algo));

241

fprintf(stderr, "Key ID: %s\n", recipient->keyid);

242

fprintf(stderr, "Secret key available: %s\n",

243

recipient->status == GPG_ERR_NO_SECKEY

244

? "No" : "Yes");

245

recipient = recipient->next;

246

}

247

}

248

}

249

}

250

251

316

/* Seek back to the beginning of the GPGME plaintext data buffer */

252

if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){

253

perror("pgpme_data_seek");

317

if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){

318

perror("gpgme_data_seek");

254

319

plaintext_length = -1;

255

320

goto decrypt_end;

256

321

}

260

325

plaintext_capacity = adjustbuffer(plaintext,

261

326

(size_t)plaintext_length,

262

327

plaintext_capacity);

263

if (plaintext_capacity == 0){

328

if(plaintext_capacity == 0){

264

329

perror("adjustbuffer");

265

330

plaintext_length = -1;

266

331

goto decrypt_end;

269

334

ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,

270

335

BUFFER_SIZE);

271

336

/* Print the data, if any */

272

if (ret == 0){

337

if(ret == 0){

273

338

/* EOF */

274

339

break;

275

340

}

280

345

}

281

346

plaintext_length += ret;

282

347

}

283

348

284

349

if(debug){

285

350

fprintf(stderr, "Decrypted password is: ");

286

351

for(ssize_t i = 0; i < plaintext_length; i++){

299

364

return plaintext_length;

300

365

}

301

366

302

static const char * safer_gnutls_strerror (int value) {

303

const char *ret = gnutls_strerror (value);

304

if (ret == NULL)

367

static const char * safer_gnutls_strerror(int value) {

368

const char *ret = gnutls_strerror(value); /* Spurious warning */

369

if(ret == NULL)

305

370

ret = "(unknown)";

306

371

return ret;

307

372

}

313

378

}

314

379

315

380

static int init_gnutls_global(mandos_context *mc,

316

const char *pubkeyfile,

317

const char *seckeyfile){

381

const char *pubkeyfilename,

382

const char *seckeyfilename){

318

383

int ret;

319

384

320

385

if(debug){

322

387

}

323

388

324

389

ret = gnutls_global_init();

325

if (ret != GNUTLS_E_SUCCESS) {

326

fprintf (stderr, "GnuTLS global_init: %s\n",

327

safer_gnutls_strerror(ret));

390

if(ret != GNUTLS_E_SUCCESS) {

391

fprintf(stderr, "GnuTLS global_init: %s\n",

392

safer_gnutls_strerror(ret));

328

393

return -1;

329

394

}

330

395

331

if (debug){

396

if(debug){

332

397

/* "Use a log level over 10 to enable all debugging options."

333

398

* - GnuTLS manual

334

399

*/

338

403

339

404

/* OpenPGP credentials */

340

405

gnutls_certificate_allocate_credentials(&mc->cred);

341

if (ret != GNUTLS_E_SUCCESS){

342

fprintf (stderr, "GnuTLS memory error: %s\n",

343

safer_gnutls_strerror(ret));

344

gnutls_global_deinit ();

406

if(ret != GNUTLS_E_SUCCESS){

407

fprintf(stderr, "GnuTLS memory error: %s\n", /* Spurious

408

warning */

409

safer_gnutls_strerror(ret));

410

gnutls_global_deinit();

345

411

return -1;

346

412

}

347

413

348

414

if(debug){

349

fprintf(stderr, "Attempting to use OpenPGP certificate %s"

350

" and keyfile %s as GnuTLS credentials\n", pubkeyfile,

351

seckeyfile);

415

fprintf(stderr, "Attempting to use OpenPGP public key %s and"

416

" secret key %s as GnuTLS credentials\n", pubkeyfilename,

417

seckeyfilename);

352

418

}

353

419

354

420

ret = gnutls_certificate_set_openpgp_key_file

355

(mc->cred, pubkeyfile, seckeyfile, GNUTLS_OPENPGP_FMT_BASE64);

356

if (ret != GNUTLS_E_SUCCESS) {

421

(mc->cred, pubkeyfilename, seckeyfilename,

422

GNUTLS_OPENPGP_FMT_BASE64);

423

if(ret != GNUTLS_E_SUCCESS) {

357

424

fprintf(stderr,

358

425

"Error[%d] while reading the OpenPGP key pair ('%s',"

359

" '%s')\n", ret, pubkeyfile, seckeyfile);

360

fprintf(stdout, "The GnuTLS error is: %s\n",

426

" '%s')\n", ret, pubkeyfilename, seckeyfilename);

427

fprintf(stderr, "The GnuTLS error is: %s\n",

361

428

safer_gnutls_strerror(ret));

362

429

goto globalfail;

363

430

}

364

431

365

432

/* GnuTLS server initialization */

366

433

ret = gnutls_dh_params_init(&mc->dh_params);

367

if (ret != GNUTLS_E_SUCCESS) {

368

fprintf (stderr, "Error in GnuTLS DH parameter initialization:"

369

" %s\n", safer_gnutls_strerror(ret));

434

if(ret != GNUTLS_E_SUCCESS) {

435

fprintf(stderr, "Error in GnuTLS DH parameter initialization:"

436

" %s\n", safer_gnutls_strerror(ret));

370

437

goto globalfail;

371

438

}

372

439

ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);

373

if (ret != GNUTLS_E_SUCCESS) {

374

fprintf (stderr, "Error in GnuTLS prime generation: %s\n",

375

safer_gnutls_strerror(ret));

440

if(ret != GNUTLS_E_SUCCESS) {

441

fprintf(stderr, "Error in GnuTLS prime generation: %s\n",

442

safer_gnutls_strerror(ret));

376

443

goto globalfail;

377

444

}

378

445

379

446

gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);

380

447

381

448

return 0;

382

449

383

450

globalfail:

384

451

385

452

gnutls_certificate_free_credentials(mc->cred);

386

453

gnutls_global_deinit();

454

gnutls_dh_params_deinit(mc->dh_params);

387

455

return -1;

388

389

456

}

390

457

391

458

static int init_gnutls_session(mandos_context *mc,

393

460

int ret;

394

461

/* GnuTLS session creation */

395

462

ret = gnutls_init(session, GNUTLS_SERVER);

396

if (ret != GNUTLS_E_SUCCESS){

463

if(ret != GNUTLS_E_SUCCESS){

397

464

fprintf(stderr, "Error in GnuTLS session initialization: %s\n",

398

465

safer_gnutls_strerror(ret));

399

466

}

401

468

{

402

469

const char *err;

403

470

ret = gnutls_priority_set_direct(*session, mc->priority, &err);

404

if (ret != GNUTLS_E_SUCCESS) {

471

if(ret != GNUTLS_E_SUCCESS) {

405

472

fprintf(stderr, "Syntax error at: %s\n", err);

406

473

fprintf(stderr, "GnuTLS error: %s\n",

407

474

safer_gnutls_strerror(ret));

408

gnutls_deinit (*session);

475

gnutls_deinit(*session);

409

476

return -1;

410

477

}

411

478

}

412

479

413

480

ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,

414

481

mc->cred);

415

if (ret != GNUTLS_E_SUCCESS) {

482

if(ret != GNUTLS_E_SUCCESS) {

416

483

fprintf(stderr, "Error setting GnuTLS credentials: %s\n",

417

484

safer_gnutls_strerror(ret));

418

gnutls_deinit (*session);

485

gnutls_deinit(*session);

419

486

return -1;

420

487

}

421

488

422

489

/* ignore client certificate if any. */

423

gnutls_certificate_server_set_request (*session,

424

GNUTLS_CERT_IGNORE);

490

gnutls_certificate_server_set_request(*session,

491

GNUTLS_CERT_IGNORE);

425

492

426

gnutls_dh_set_prime_bits (*session, mc->dh_bits);

493

gnutls_dh_set_prime_bits(*session, mc->dh_bits);

427

494

428

495

return 0;

429

496

}

437

504

AvahiIfIndex if_index,

438

505

mandos_context *mc){

439

506

int ret, tcp_sd;

507

ssize_t sret;

440

508

union { struct sockaddr in; struct sockaddr_in6 in6; } to;

441

509

char *buffer = NULL;

442

510

char *decrypted_buffer;

448

516

char interface[IF_NAMESIZE];

449

517

gnutls_session_t session;

450

518

451

ret = init_gnutls_session (mc, &session);

452

if (ret != 0){

519

ret = init_gnutls_session(mc, &session);

520

if(ret != 0){

453

521

return -1;

454

522

}

455

523

463

531

perror("socket");

464

532

return -1;

465

533

}

466

534

467

535

if(debug){

468

536

if(if_indextoname((unsigned int)if_index, interface) == NULL){

469

537

perror("if_indextoname");

472

540

fprintf(stderr, "Binding to interface %s\n", interface);

473

541

}

474

542

475

memset(&to,0,sizeof(to)); /* Spurious warning */

543

memset(&to, 0, sizeof(to));

476

544

to.in6.sin6_family = AF_INET6;

477

545

/* It would be nice to have a way to detect if we were passed an

478

546

IPv4 address here. Now we assume an IPv6 address. */

479

547

ret = inet_pton(AF_INET6, ip, &to.in6.sin6_addr);

480

if (ret < 0 ){

548

if(ret < 0 ){

481

549

perror("inet_pton");

482

550

return -1;

483

551

}

504

572

}

505

573

506

574

ret = connect(tcp_sd, &to.in, sizeof(to));

507

if (ret < 0){

575

if(ret < 0){

508

576

perror("connect");

509

577

return -1;

510

578

}

511

579

512

580

const char *out = mandos_protocol_version;

513

581

written = 0;

514

while (true){

582

while(true){

515

583

size_t out_size = strlen(out);

516

ret = TEMP_FAILURE_RETRY(write(tcp_sd, out + written,

584

ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written,

517

585

out_size - written));

518

if (ret == -1){

586

if(ret == -1){

519

587

perror("write");

520

588

retval = -1;

521

589

goto mandos_end;

524

592

if(written < out_size){

525

593

continue;

526

594

} else {

527

if (out == mandos_protocol_version){

595

if(out == mandos_protocol_version){

528

596

written = 0;

529

597

out = "\r\n";

530

598

} else {

532

600

}

533

601

}

534

602

}

535

603

536

604

if(debug){

537

605

fprintf(stderr, "Establishing TLS session with %s\n", ip);

538

606

}

539

607

540

gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) tcp_sd);

541

608

gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) tcp_sd);

609

542

610

do{

543

ret = gnutls_handshake (session);

611

ret = gnutls_handshake(session);

544

612

} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);

545

613

546

if (ret != GNUTLS_E_SUCCESS){

614

if(ret != GNUTLS_E_SUCCESS){

547

615

if(debug){

548

616

fprintf(stderr, "*** GnuTLS Handshake failed ***\n");

549

gnutls_perror (ret);

617

gnutls_perror(ret);

550

618

}

551

619

retval = -1;

552

620

goto mandos_end;

558

626

fprintf(stderr, "Retrieving pgp encrypted password from %s\n",

559

627

ip);

560

628

}

561

629

562

630

while(true){

563

631

buffer_capacity = adjustbuffer(&buffer, buffer_length,

564

632

buffer_capacity);

565

if (buffer_capacity == 0){

633

if(buffer_capacity == 0){

566

634

perror("adjustbuffer");

567

635

retval = -1;

568

636

goto mandos_end;

569

637

}

570

638

571

ret = gnutls_record_recv(session, buffer+buffer_length,

572

BUFFER_SIZE);

573

if (ret == 0){

639

sret = gnutls_record_recv(session, buffer+buffer_length,

640

BUFFER_SIZE);

641

if(sret == 0){

574

642

break;

575

643

}

576

if (ret < 0){

577

switch(ret){

644

if(sret < 0){

645

switch(sret){

578

646

case GNUTLS_E_INTERRUPTED:

579

647

case GNUTLS_E_AGAIN:

580

648

break;

581

649

case GNUTLS_E_REHANDSHAKE:

582

650

do{

583

ret = gnutls_handshake (session);

651

ret = gnutls_handshake(session);

584

652

} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);

585

if (ret < 0){

653

if(ret < 0){

586

654

fprintf(stderr, "*** GnuTLS Re-handshake failed ***\n");

587

gnutls_perror (ret);

655

gnutls_perror(ret);

588

656

retval = -1;

589

657

goto mandos_end;

590

658

}

593

661

fprintf(stderr, "Unknown error while reading data from"

594

662

" encrypted session with Mandos server\n");

595

663

retval = -1;

596

gnutls_bye (session, GNUTLS_SHUT_RDWR);

664

gnutls_bye(session, GNUTLS_SHUT_RDWR);

597

665

goto mandos_end;

598

666

}

599

667

} else {

600

buffer_length += (size_t) ret;

668

buffer_length += (size_t) sret;

601

669

}

602

670

}

603

671

605

673

fprintf(stderr, "Closing TLS session\n");

606

674

}

607

675

608

gnutls_bye (session, GNUTLS_SHUT_RDWR);

676

gnutls_bye(session, GNUTLS_SHUT_RDWR);

609

677

610

if (buffer_length > 0){

611

decrypted_buffer_size = pgp_packet_decrypt(buffer,

678

if(buffer_length > 0){

679

decrypted_buffer_size = pgp_packet_decrypt(mc, buffer,

612

680

buffer_length,

613

&decrypted_buffer,

614

keydir);

615

if (decrypted_buffer_size >= 0){

681

&decrypted_buffer);

682

if(decrypted_buffer_size >= 0){

616

683

written = 0;

617

684

while(written < (size_t) decrypted_buffer_size){

618

ret = (int)fwrite (decrypted_buffer + written, 1,

619

(size_t)decrypted_buffer_size - written,

620

stdout);

685

ret = (int)fwrite(decrypted_buffer + written, 1,

686

(size_t)decrypted_buffer_size - written,

687

stdout);

621

688

if(ret == 0 and ferror(stdout)){

622

689

if(debug){

623

690

fprintf(stderr, "Error writing encrypted data: %s\n",

632

699

} else {

633

700

retval = -1;

634

701

}

702

} else {

703

retval = -1;

635

704

}

636

705

637

706

/* Shutdown procedure */

638

707

639

708

mandos_end:

640

709

free(buffer);

641

close(tcp_sd);

642

gnutls_deinit (session);

710

ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));

711

if(ret == -1){

712

perror("close");

713

}

714

gnutls_deinit(session);

643

715

return retval;

644

716

}

645

717

658

730

flags,

659

731

void* userdata) {

660

732

mandos_context *mc = userdata;

661

assert(r); /* Spurious warning */

733

assert(r);

662

734

663

735

/* Called whenever a service has been resolved successfully or

664

736

timed out */

665

737

666

switch (event) {

738

switch(event) {

667

739

default:

668

740

case AVAHI_RESOLVER_FAILURE:

669

741

fprintf(stderr, "(Avahi Resolver) Failed to resolve service '%s'"

681

753

interface, port);

682

754

}

683

755

int ret = start_mandos_communication(ip, port, interface, mc);

684

if (ret == 0){

685

exit(EXIT_SUCCESS);

756

if(ret == 0){

757

avahi_simple_poll_quit(mc->simple_poll);

686

758

}

687

759

}

688

760

}

700

772

flags,

701

773

void* userdata) {

702

774

mandos_context *mc = userdata;

703

assert(b); /* Spurious warning */

775

assert(b);

704

776

705

777

/* Called whenever a new services becomes available on the LAN or

706

778

is removed from the LAN */

707

779

708

switch (event) {

780

switch(event) {

709

781

default:

710

782

case AVAHI_BROWSER_FAILURE:

711

783

720

792

the callback function is called the Avahi server will free the

721

793

resolver for us. */

722

794

723

if (!(avahi_s_service_resolver_new(mc->server, interface,

795

if(!(avahi_s_service_resolver_new(mc->server, interface,

724

796

protocol, name, type, domain,

725

797

AVAHI_PROTO_INET6, 0,

726

798

resolve_callback, mc)))

740

812

}

741

813

}

742

814

743

/* Combines file name and path and returns the malloced new

744

string. some sane checks could/should be added */

745

static const char *combinepath(const char *first, const char *second){

746

size_t f_len = strlen(first);

747

size_t s_len = strlen(second);

748

char *tmp = malloc(f_len + s_len + 2);

749

if (tmp == NULL){

750

return NULL;

751

}

752

if(f_len > 0){

753

memcpy(tmp, first, f_len); /* Spurious warning */

754

}

755

tmp[f_len] = '/';

756

if(s_len > 0){

757

memcpy(tmp + f_len + 1, second, s_len); /* Spurious warning */

758

}

759

tmp[f_len + 1 + s_len] = '\0';

760

return tmp;

761

}

762

763

764

815

int main(int argc, char *argv[]){

765

816

AvahiSServiceBrowser *sb = NULL;

766

817

int error;

772

823

uid_t uid;

773

824

gid_t gid;

774

825

char *connect_to = NULL;

826

char tempdir[] = "/tmp/mandosXXXXXX";

775

827

AvahiIfIndex if_index = AVAHI_IF_UNSPEC;

776

const char *pubkeyfile = "pubkey.txt";

777

const char *seckeyfile = "seckey.txt";

828

const char *seckey = PATHDIR "/" SECKEY;

829

const char *pubkey = PATHDIR "/" PUBKEY;

830

778

831

mandos_context mc = { .simple_poll = NULL, .server = NULL,

779

.dh_bits = 1024, .priority = "SECURE256"};

832

.dh_bits = 1024, .priority = "SECURE256"

833

":!CTYPE-X.509:+CTYPE-OPENPGP" };

780

834

bool gnutls_initalized = false;

835

bool gpgme_initalized = false;

781

836

782

837

{

783

838

struct argp_option options[] = {

784

839

{ .name = "debug", .key = 128,

785

840

.doc = "Debug mode", .group = 3 },

786

841

{ .name = "connect", .key = 'c',

787

.arg = "IP",

788

.doc = "Connect directly to a sepcified mandos server",

842

.arg = "ADDRESS:PORT",

843

.doc = "Connect directly to a specific Mandos server",

789

844

.group = 1 },

790

845

{ .name = "interface", .key = 'i',

791

.arg = "INTERFACE",

792

.doc = "Interface that Avahi will conntect through",

793

.group = 1 },

794

{ .name = "keydir", .key = 'd',

795

.arg = "KEYDIR",

796

.doc = "Directory where the openpgp keyring is",

846

.arg = "NAME",

847

.doc = "Interface that will be used to search for Mandos"

848

" servers",

797

849

.group = 1 },

798

850

{ .name = "seckey", .key = 's',

799

.arg = "SECKEY",

800

.doc = "Secret openpgp key for gnutls authentication",

851

.arg = "FILE",

852

.doc = "OpenPGP secret key file base name",

801

853

.group = 1 },

802

854

{ .name = "pubkey", .key = 'p',

803

.arg = "PUBKEY",

804

.doc = "Public openpgp key for gnutls authentication",

855

.arg = "FILE",

856

.doc = "OpenPGP public key file base name",

805

857

.group = 2 },

806

858

{ .name = "dh-bits", .key = 129,

807

859

.arg = "BITS",

808

.doc = "dh-bits to use in gnutls communication",

860

.doc = "Bit length of the prime number used in the"

861

" Diffie-Hellman key exchange",

809

862

.group = 2 },

810

863

{ .name = "priority", .key = 130,

811

.arg = "PRIORITY",

812

.doc = "GNUTLS priority", .group = 1 },

864

.arg = "STRING",

865

.doc = "GnuTLS priority string for the TLS handshake",

866

.group = 1 },

813

867

{ .name = NULL }

814

868

};

815

816

869

817

error_t parse_opt (int key, char *arg,

818

struct argp_state *state) {

819

/* Get the INPUT argument from `argp_parse', which we know is

820

a pointer to our plugin list pointer. */

821

switch (key) {

822

case 128:

870

error_t parse_opt(int key, char *arg,

871

struct argp_state *state) {

872

switch(key) {

873

case 128: /* --debug */

823

874

debug = true;

824

875

break;

825

case 'c':

876

case 'c': /* --connect */

826

877

connect_to = arg;

827

878

break;

828

case 'i':

879

case 'i': /* --interface */

829

880

interface = arg;

830

881

break;

831

case 'd':

832

keydir = arg;

833

break;

834

case 's':

835

seckeyfile = arg;

836

break;

837

case 'p':

838

pubkeyfile = arg;

839

break;

840

case 129:

841

errno = 0;

842

mc.dh_bits = (unsigned int) strtol(arg, NULL, 10);

843

if (errno){

844

perror("strtol");

882

case 's': /* --seckey */

883

seckey = arg;

884

break;

885

case 'p': /* --pubkey */

886

pubkey = arg;

887

break;

888

case 129: /* --dh-bits */

889

ret = sscanf(arg, "%u", &mc.dh_bits);

890

if(ret != 1){

891

fprintf(stderr, "Bad number of DH bits\n");

845

892

exit(EXIT_FAILURE);

846

893

}

847

894

break;

848

case 130:

895

case 130: /* --priority */

849

896

mc.priority = arg;

850

897

break;

851

898

case ARGP_KEY_ARG:

852

argp_usage (state);

899

argp_usage(state);

900

case ARGP_KEY_END:

853

901

break;

854

case ARGP_KEY_END:

855

break;

856

902

default:

857

903

return ARGP_ERR_UNKNOWN;

858

904

}

859

905

return 0;

860

906

}

861

907

862

908

struct argp argp = { .options = options, .parser = parse_opt,

863

909

.args_doc = "",

864

910

.doc = "Mandos client -- Get and decrypt"

865

" passwords from mandos server" };

866

ret = argp_parse (&argp, argc, argv, 0, 0, NULL);

867

if (ret == ARGP_ERR_UNKNOWN){

911

" passwords from a Mandos server" };

912

ret = argp_parse(&argp, argc, argv, 0, 0, NULL);

913

if(ret == ARGP_ERR_UNKNOWN){

868

914

fprintf(stderr, "Unknown error while parsing arguments\n");

869

915

exitcode = EXIT_FAILURE;

870

916

goto end;

871

917

}

872

918

}

873

874

pubkeyfile = combinepath(keydir, pubkeyfile);

875

if (pubkeyfile == NULL){

876

perror("combinepath");

877

exitcode = EXIT_FAILURE;

878

goto end;

879

}

880

881

seckeyfile = combinepath(keydir, seckeyfile);

882

if (seckeyfile == NULL){

883

perror("combinepath");

884

exitcode = EXIT_FAILURE;

885

goto end;

886

}

887

888

ret = init_gnutls_global(&mc, pubkeyfile, seckeyfile);

889

if (ret == -1){

890

fprintf(stderr, "init_gnutls_global failed\n");

891

exitcode = EXIT_FAILURE;

892

goto end;

893

} else {

894

gnutls_initalized = true;

895

}

896

919

897

920

/* If the interface is down, bring it up */

898

921

{

902

925

exitcode = EXIT_FAILURE;

903

926

goto end;

904

927

}

905

strcpy(network.ifr_name, interface); /* Spurious warning */

928

strcpy(network.ifr_name, interface);

906

929

ret = ioctl(sd, SIOCGIFFLAGS, &network);

907

930

if(ret == -1){

908

931

perror("ioctl SIOCGIFFLAGS");

918

941

goto end;

919

942

}

920

943

}

921

close(sd);

944

ret = (int)TEMP_FAILURE_RETRY(close(sd));

945

if(ret == -1){

946

perror("close");

947

}

922

948

}

923

949

924

950

uid = getuid();

925

951

gid = getgid();

926

952

927

953

ret = setuid(uid);

928

if (ret == -1){

954

if(ret == -1){

929

955

perror("setuid");

930

956

}

931

957

932

958

setgid(gid);

933

if (ret == -1){

959

if(ret == -1){

934

960

perror("setgid");

935

961

}

936

962

963

ret = init_gnutls_global(&mc, pubkey, seckey);

964

if(ret == -1){

965

fprintf(stderr, "init_gnutls_global failed\n");

966

exitcode = EXIT_FAILURE;

967

goto end;

968

} else {

969

gnutls_initalized = true;

970

}

971

972

if(mkdtemp(tempdir) == NULL){

973

perror("mkdtemp");

974

tempdir[0] = '\0';

975

goto end;

976

}

977

978

if(not init_gpgme(&mc, pubkey, seckey, tempdir)){

979

fprintf(stderr, "gpgme_initalized failed\n");

980

exitcode = EXIT_FAILURE;

981

goto end;

982

} else {

983

gpgme_initalized = true;

984

}

985

937

986

if_index = (AvahiIfIndex) if_nametoindex(interface);

938

987

if(if_index == 0){

939

988

fprintf(stderr, "No such interface: \"%s\"\n", interface);

949

998

exitcode = EXIT_FAILURE;

950

999

goto end;

951

1000

}

952

errno = 0;

953

uint16_t port = (uint16_t) strtol(address+1, NULL, 10);

954

if(errno){

955

perror("Bad port number");

1001

uint16_t port;

1002

ret = sscanf(address+1, "%" SCNu16, &port);

1003

if(ret != 1){

1004

fprintf(stderr, "Bad port number\n");

956

1005

exitcode = EXIT_FAILURE;

957

1006

goto end;

958

1007

}

967

1016

goto end;

968

1017

}

969

1018

970

if (not debug){

1019

if(not debug){

971

1020

avahi_set_log_function(empty_log);

972

1021

}

973

1022

976

1025

977

1026

/* Allocate main Avahi loop object */

978

1027

mc.simple_poll = avahi_simple_poll_new();

979

if (mc.simple_poll == NULL) {

1028

if(mc.simple_poll == NULL) {

980

1029

fprintf(stderr, "Avahi: Failed to create simple poll"

981

1030

" object.\n");

982

1031

exitcode = EXIT_FAILURE;

983

1032

goto end;

984

1033

}

985

1034

986

1035

{

987

1036

AvahiServerConfig config;

988

1037

/* Do not publish any local Zeroconf records */

991

1040

config.publish_addresses = 0;

992

1041

config.publish_workstation = 0;

993

1042

config.publish_domain = 0;

994

1043

995

1044

/* Allocate a new server */

996

1045

mc.server = avahi_server_new(avahi_simple_poll_get

997

1046

(mc.simple_poll), &config, NULL,

998

1047

NULL, &error);

999

1048

1000

1049

/* Free the Avahi configuration data */

1001

1050

avahi_server_config_free(&config);

1002

1051

}

1003

1052

1004

1053

/* Check if creating the Avahi server object succeeded */

1005

if (mc.server == NULL) {

1054

if(mc.server == NULL) {

1006

1055

fprintf(stderr, "Failed to create Avahi server: %s\n",

1007

1056

avahi_strerror(error));

1008

1057

exitcode = EXIT_FAILURE;

1014

1063

AVAHI_PROTO_INET6,

1015

1064

"_mandos._tcp", NULL, 0,

1016

1065

browse_callback, &mc);

1017

if (sb == NULL) {

1066

if(sb == NULL) {

1018

1067

fprintf(stderr, "Failed to create service browser: %s\n",

1019

1068

avahi_strerror(avahi_server_errno(mc.server)));

1020

1069

exitcode = EXIT_FAILURE;

1022

1071

}

1023

1072

1024

1073

/* Run the main loop */

1025

1026

if (debug){

1074

1075

if(debug){

1027

1076

fprintf(stderr, "Starting Avahi loop search\n");

1028

1077

}

1029

1078

1030

1079

avahi_simple_poll_loop(mc.simple_poll);

1031

1080

1032

1081

end:

1033

1034

if (debug){

1082

1083

if(debug){

1035

1084

fprintf(stderr, "%s exiting\n", argv[0]);

1036

1085

}

1037

1086

1038

1087

/* Cleanup things */

1039

if (sb != NULL)

1088

if(sb != NULL)

1040

1089

avahi_s_service_browser_free(sb);

1041

1090

1042

if (mc.server != NULL)

1091

if(mc.server != NULL)

1043

1092

avahi_server_free(mc.server);

1044

1045

if (mc.simple_poll != NULL)

1093

1094

if(mc.simple_poll != NULL)

1046

1095

avahi_simple_poll_free(mc.simple_poll);

1047

free(pubkeyfile);

1048

free(seckeyfile);

1049

1050

if (gnutls_initalized){

1096

1097

if(gnutls_initalized){

1051

1098

gnutls_certificate_free_credentials(mc.cred);

1052

gnutls_global_deinit ();

1053

}

1054

1099

gnutls_global_deinit();

1100

gnutls_dh_params_deinit(mc.dh_params);

1101

}

1102

1103

if(gpgme_initalized){

1104

gpgme_release(mc.ctx);

1105

}

1106

1107

/* Removes the temp directory used by GPGME */

1108

if(tempdir[0] != '\0'){

1109

DIR *d;

1110

struct dirent *direntry;

1111

d = opendir(tempdir);

1112

if(d == NULL){

1113

if(errno != ENOENT){

1114

perror("opendir");

1115

}

1116

} else {

1117

while(true){

1118

direntry = readdir(d);

1119

if(direntry == NULL){

1120

break;

1121

}

1122

if(direntry->d_type == DT_REG){

1123

char *fullname = NULL;

1124

ret = asprintf(&fullname, "%s/%s", tempdir,

1125

direntry->d_name);

1126

if(ret < 0){

1127

perror("asprintf");

1128

continue;

1129

}

1130

ret = unlink(fullname);

1131

if(ret == -1){

1132

fprintf(stderr, "unlink(\"%s\"): %s",

1133

fullname, strerror(errno));

1134

}

1135

free(fullname);

1136

}

1137

}

1138

closedir(d);

1139

}

1140

ret = rmdir(tempdir);

1141

if(ret == -1 and errno != ENOENT){

1142

perror("rmdir");

1143

}

1144

}

1145

1055

1146

return exitcode;

1056

1147

}