/mandos/trunk : revision 286

1

/* -*- coding: utf-8 -*- */

2

/*

3

* Mandos client - get and decrypt data from a Mandos server

3

* Mandos-client - get and decrypt data from a Mandos server

4

*

5

* This program is partly derived from an example program for an Avahi

6

* service browser, downloaded from

9

* "browse_callback", and parts of "main".

10

*

11

* Everything else is

12

13

14

*

14

15

* This program is free software: you can redistribute it and/or

15

16

* modify it under the terms of the GNU General Public License as

32

33

#define _LARGEFILE_SOURCE

33

34

#define _FILE_OFFSET_BITS 64

34

35

#define _GNU_SOURCE /* TEMP_FAILURE_RETRY() */

36

#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */

36

37

#include <stdio.h> /* fprintf(), stderr, fwrite(), stdout,

38

ferror() */

38

#include <stdio.h> /* fprintf(), stderr, fwrite(),

39

stdout, ferror(), sscanf(),

40

remove() */

39

41

#include <stdint.h> /* uint16_t, uint32_t */

40

42

#include <stddef.h> /* NULL, size_t, ssize_t */

41

43

#include <stdlib.h> /* free(), EXIT_SUCCESS, EXIT_FAILURE,

42

44

srand() */

43

45

#include <stdbool.h> /* bool, true */

44

46

#include <string.h> /* memset(), strcmp(), strlen(),

45

strerror(), memcpy(), strcpy() */

47

strerror(), asprintf(), strcpy() */

46

48

#include <sys/ioctl.h> /* ioctl */

47

#include <net/if.h> /* ifreq, SIOCGIFFLAGS, SIOCSIFFLAGS,

48

IFF_UP */

49

#include <sys/types.h> /* socket(), inet_pton(), sockaddr,

50

sockaddr_in6, PF_INET6,

51

SOCK_STREAM, INET6_ADDRSTRLEN,

52

uid_t, gid_t */

53

#include <inttypes.h> /* PRIu16 */

52

uid_t, gid_t, open(), opendir(),

53

DIR */

54

#include <sys/stat.h> /* open() */

54

55

#include <sys/socket.h> /* socket(), struct sockaddr_in6,

55

56

struct in6_addr, inet_pton(),

56

57

connect() */

58

#include <fcntl.h> /* open() */

59

#include <dirent.h> /* opendir(), struct dirent, readdir()

60

*/

61

#include <inttypes.h> /* PRIu16, intmax_t, SCNdMAX */

57

62

#include <assert.h> /* assert() */

58

63

#include <errno.h> /* perror(), errno */

59

64

#include <time.h> /* time() */

60

65

#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,

61

66

SIOCSIFFLAGS, if_indextoname(),

62

67

if_nametoindex(), IF_NAMESIZE */

68

#include <netinet/in.h>

63

69

#include <unistd.h> /* close(), SEEK_SET, off_t, write(),

64

70

getuid(), getgid(), setuid(),

65

71

setgid() */

66

#include <netinet/in.h>

67

72

#include <arpa/inet.h> /* inet_pton(), htons */

68

#include <iso646.h> /* not, and */

73

#include <iso646.h> /* not, and, or */

69

74

#include <argp.h> /* struct argp_option, error_t, struct

70

75

argp_state, struct argp,

71

76

argp_parse(), ARGP_KEY_ARG,

83

88

#include <avahi-common/error.h>

84

89

85

90

/* GnuTLS */

86

#include <gnutls/gnutls.h> /* All GnuTLS types, constants and functions

91

#include <gnutls/gnutls.h> /* All GnuTLS types, constants and

92

functions:

87

93

gnutls_*

88

94

init_gnutls_session(),

89

95

GNUTLS_* */

90

#include <gnutls/openpgp.h> /* gnutls_certificate_set_openpgp_key_file(),

96

#include <gnutls/openpgp.h>

97

/* gnutls_certificate_set_openpgp_key_file(),

91

98

GNUTLS_OPENPGP_FMT_BASE64 */

92

99

93

100

/* GPGME */

94

#include <gpgme.h> /* All GPGME types, constants and functions

101

#include <gpgme.h> /* All GPGME types, constants and

102

functions:

95

103

gpgme_*

96

104

GPGME_PROTOCOL_OpenPGP,

97

105

GPG_ERR_NO_* */

98

106

99

107

#define BUFFER_SIZE 256

100

108

109

#define PATHDIR "/conf/conf.d/mandos"

110

#define SECKEY "seckey.txt"

111

#define PUBKEY "pubkey.txt"

112

101

113

bool debug = false;

102

static const char *keydir = "/conf/conf.d/mandos";

103

114

static const char mandos_protocol_version[] = "1";

104

const char *argp_program_version = "password-request 1.0";

115

const char *argp_program_version = "mandos-client " VERSION;

105

116

const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";

106

117

107

118

/* Used for passing in values through the Avahi callback functions */

112

123

unsigned int dh_bits;

113

124

gnutls_dh_params_t dh_params;

114

125

const char *priority;

126

gpgme_ctx_t ctx;

115

127

} mandos_context;

116

128

117

129

/*

121

133

*/

122

134

size_t adjustbuffer(char **buffer, size_t buffer_length,

123

135

size_t buffer_capacity){

124

if (buffer_length + BUFFER_SIZE > buffer_capacity){

136

if(buffer_length + BUFFER_SIZE > buffer_capacity){

125

137

*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);

126

if (buffer == NULL){

138

if(buffer == NULL){

127

139

return 0;

128

140

}

129

141

buffer_capacity += BUFFER_SIZE;

132

144

}

133

145

134

146

/*

135

* Decrypt OpenPGP data using keyrings in HOMEDIR.

136

* Returns -1 on error

147

* Initialize GPGME.

137

148

*/

138

static ssize_t pgp_packet_decrypt (const char *cryptotext,

139

size_t crypto_size,

140

char **plaintext,

141

const char *homedir){

142

gpgme_data_t dh_crypto, dh_plain;

143

gpgme_ctx_t ctx;

149

static bool init_gpgme(mandos_context *mc, const char *seckey,

150

const char *pubkey, const char *tempdir){

151

int ret;

144

152

gpgme_error_t rc;

145

ssize_t ret;

146

size_t plaintext_capacity = 0;

147

ssize_t plaintext_length = 0;

148

153

gpgme_engine_info_t engine_info;

149

154

150

if (debug){

151

fprintf(stderr, "Trying to decrypt OpenPGP data\n");

155

156

/*

157

* Helper function to insert pub and seckey to the enigne keyring.

158

*/

159

bool import_key(const char *filename){

160

int fd;

161

gpgme_data_t pgp_data;

162

163

fd = (int)TEMP_FAILURE_RETRY(open(filename, O_RDONLY));

164

if(fd == -1){

165

perror("open");

166

return false;

167

}

168

169

rc = gpgme_data_new_from_fd(&pgp_data, fd);

170

if(rc != GPG_ERR_NO_ERROR){

171

fprintf(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",

172

gpgme_strsource(rc), gpgme_strerror(rc));

173

return false;

174

}

175

176

rc = gpgme_op_import(mc->ctx, pgp_data);

177

if(rc != GPG_ERR_NO_ERROR){

178

fprintf(stderr, "bad gpgme_op_import: %s: %s\n",

179

gpgme_strsource(rc), gpgme_strerror(rc));

180

return false;

181

}

182

183

ret = (int)TEMP_FAILURE_RETRY(close(fd));

184

if(ret == -1){

185

perror("close");

186

}

187

gpgme_data_release(pgp_data);

188

return true;

189

}

190

191

if(debug){

192

fprintf(stderr, "Initialize gpgme\n");

152

193

}

153

194

154

195

/* Init GPGME */

155

196

gpgme_check_version(NULL);

156

197

rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);

157

if (rc != GPG_ERR_NO_ERROR){

198

if(rc != GPG_ERR_NO_ERROR){

158

199

fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",

159

200

gpgme_strsource(rc), gpgme_strerror(rc));

160

return -1;

201

return false;

161

202

}

162

203

163

/* Set GPGME home directory for the OpenPGP engine only */

164

rc = gpgme_get_engine_info (&engine_info);

165

if (rc != GPG_ERR_NO_ERROR){

204

/* Set GPGME home directory for the OpenPGP engine only */

205

rc = gpgme_get_engine_info(&engine_info);

206

if(rc != GPG_ERR_NO_ERROR){

166

207

fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",

167

208

gpgme_strsource(rc), gpgme_strerror(rc));

168

return -1;

209

return false;

169

210

}

170

211

while(engine_info != NULL){

171

212

if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){

172

213

gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,

173

engine_info->file_name, homedir);

214

engine_info->file_name, tempdir);

174

215

break;

175

216

}

176

217

engine_info = engine_info->next;

177

218

}

178

219

if(engine_info == NULL){

179

fprintf(stderr, "Could not set GPGME home dir to %s\n", homedir);

180

return -1;

220

fprintf(stderr, "Could not set GPGME home dir to %s\n", tempdir);

221

return false;

222

}

223

224

/* Create new GPGME "context" */

225

rc = gpgme_new(&(mc->ctx));

226

if(rc != GPG_ERR_NO_ERROR){

227

fprintf(stderr, "bad gpgme_new: %s: %s\n",

228

gpgme_strsource(rc), gpgme_strerror(rc));

229

return false;

230

}

231

232

if(not import_key(pubkey) or not import_key(seckey)){

233

return false;

234

}

235

236

return true;

237

}

238

239

/*

240

* Decrypt OpenPGP data.

241

* Returns -1 on error

242

*/

243

static ssize_t pgp_packet_decrypt(const mandos_context *mc,

244

const char *cryptotext,

245

size_t crypto_size,

246

char **plaintext){

247

gpgme_data_t dh_crypto, dh_plain;

248

gpgme_error_t rc;

249

ssize_t ret;

250

size_t plaintext_capacity = 0;

251

ssize_t plaintext_length = 0;

252

253

if(debug){

254

fprintf(stderr, "Trying to decrypt OpenPGP data\n");

181

255

}

182

256

183

257

/* Create new GPGME data buffer from memory cryptotext */

184

258

rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,

185

259

0);

186

if (rc != GPG_ERR_NO_ERROR){

260

if(rc != GPG_ERR_NO_ERROR){

187

261

fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",

188

262

gpgme_strsource(rc), gpgme_strerror(rc));

189

263

return -1;

191

265

192

266

/* Create new empty GPGME data buffer for the plaintext */

193

267

rc = gpgme_data_new(&dh_plain);

194

if (rc != GPG_ERR_NO_ERROR){

268

if(rc != GPG_ERR_NO_ERROR){

195

269

fprintf(stderr, "bad gpgme_data_new: %s: %s\n",

196

270

gpgme_strsource(rc), gpgme_strerror(rc));

197

271

gpgme_data_release(dh_crypto);

198

272

return -1;

199

273

}

200

274

201

/* Create new GPGME "context" */

202

rc = gpgme_new(&ctx);

203

if (rc != GPG_ERR_NO_ERROR){

204

fprintf(stderr, "bad gpgme_new: %s: %s\n",

205

gpgme_strsource(rc), gpgme_strerror(rc));

206

plaintext_length = -1;

207

goto decrypt_end;

208

}

209

210

275

/* Decrypt data from the cryptotext data buffer to the plaintext

211

276

data buffer */

212

rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);

213

if (rc != GPG_ERR_NO_ERROR){

277

rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);

278

if(rc != GPG_ERR_NO_ERROR){

214

279

fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",

215

280

gpgme_strsource(rc), gpgme_strerror(rc));

216

281

plaintext_length = -1;

282

if(debug){

283

gpgme_decrypt_result_t result;

284

result = gpgme_op_decrypt_result(mc->ctx);

285

if(result == NULL){

286

fprintf(stderr, "gpgme_op_decrypt_result failed\n");

287

} else {

288

fprintf(stderr, "Unsupported algorithm: %s\n",

289

result->unsupported_algorithm);

290

fprintf(stderr, "Wrong key usage: %u\n",

291

result->wrong_key_usage);

292

if(result->file_name != NULL){

293

fprintf(stderr, "File name: %s\n", result->file_name);

294

}

295

gpgme_recipient_t recipient;

296

recipient = result->recipients;

297

if(recipient){

298

while(recipient != NULL){

299

fprintf(stderr, "Public key algorithm: %s\n",

300

gpgme_pubkey_algo_name(recipient->pubkey_algo));

301

fprintf(stderr, "Key ID: %s\n", recipient->keyid);

302

fprintf(stderr, "Secret key available: %s\n",

303

recipient->status == GPG_ERR_NO_SECKEY

304

? "No" : "Yes");

305

recipient = recipient->next;

306

}

307

}

308

}

309

}

217

310

goto decrypt_end;

218

311

}

219

312

221

314

fprintf(stderr, "Decryption of OpenPGP data succeeded\n");

222

315

}

223

316

224

if (debug){

225

gpgme_decrypt_result_t result;

226

result = gpgme_op_decrypt_result(ctx);

227

if (result == NULL){

228

fprintf(stderr, "gpgme_op_decrypt_result failed\n");

229

} else {

230

fprintf(stderr, "Unsupported algorithm: %s\n",

231

result->unsupported_algorithm);

232

fprintf(stderr, "Wrong key usage: %u\n",

233

result->wrong_key_usage);

234

if(result->file_name != NULL){

235

fprintf(stderr, "File name: %s\n", result->file_name);

236

}

237

gpgme_recipient_t recipient;

238

recipient = result->recipients;

239

if(recipient){

240

while(recipient != NULL){

241

fprintf(stderr, "Public key algorithm: %s\n",

242

gpgme_pubkey_algo_name(recipient->pubkey_algo));

243

fprintf(stderr, "Key ID: %s\n", recipient->keyid);

244

fprintf(stderr, "Secret key available: %s\n",

245

recipient->status == GPG_ERR_NO_SECKEY

246

? "No" : "Yes");

247

recipient = recipient->next;

248

}

249

}

250

}

251

}

252

253

317

/* Seek back to the beginning of the GPGME plaintext data buffer */

254

if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){

255

perror("pgpme_data_seek");

318

if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){

319

perror("gpgme_data_seek");

256

320

plaintext_length = -1;

257

321

goto decrypt_end;

258

322

}

262

326

plaintext_capacity = adjustbuffer(plaintext,

263

327

(size_t)plaintext_length,

264

328

plaintext_capacity);

265

if (plaintext_capacity == 0){

329

if(plaintext_capacity == 0){

266

330

perror("adjustbuffer");

267

331

plaintext_length = -1;

268

332

goto decrypt_end;

271

335

ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,

272

336

BUFFER_SIZE);

273

337

/* Print the data, if any */

274

if (ret == 0){

338

if(ret == 0){

275

339

/* EOF */

276

340

break;

277

341

}

282

346

}

283

347

plaintext_length += ret;

284

348

}

285

349

286

350

if(debug){

287

351

fprintf(stderr, "Decrypted password is: ");

288

352

for(ssize_t i = 0; i < plaintext_length; i++){

301

365

return plaintext_length;

302

366

}

303

367

304

static const char * safer_gnutls_strerror (int value) {

305

const char *ret = gnutls_strerror (value);

306

if (ret == NULL)

368

static const char * safer_gnutls_strerror(int value) {

369

const char *ret = gnutls_strerror(value); /* Spurious warning from

370

-Wunreachable-code */

371

if(ret == NULL)

307

372

ret = "(unknown)";

308

373

return ret;

309

374

}

315

380

}

316

381

317

382

static int init_gnutls_global(mandos_context *mc,

318

const char *pubkeyfile,

319

const char *seckeyfile){

383

const char *pubkeyfilename,

384

const char *seckeyfilename){

320

385

int ret;

321

386

322

387

if(debug){

324

389

}

325

390

326

391

ret = gnutls_global_init();

327

if (ret != GNUTLS_E_SUCCESS) {

328

fprintf (stderr, "GnuTLS global_init: %s\n",

329

safer_gnutls_strerror(ret));

392

if(ret != GNUTLS_E_SUCCESS) {

393

fprintf(stderr, "GnuTLS global_init: %s\n",

394

safer_gnutls_strerror(ret));

330

395

return -1;

331

396

}

332

397

333

if (debug){

398

if(debug){

334

399

/* "Use a log level over 10 to enable all debugging options."

335

400

* - GnuTLS manual

336

401

*/

340

405

341

406

/* OpenPGP credentials */

342

407

gnutls_certificate_allocate_credentials(&mc->cred);

343

if (ret != GNUTLS_E_SUCCESS){

344

fprintf (stderr, "GnuTLS memory error: %s\n",

345

safer_gnutls_strerror(ret));

346

gnutls_global_deinit ();

408

if(ret != GNUTLS_E_SUCCESS){

409

fprintf(stderr, "GnuTLS memory error: %s\n", /* Spurious warning

410

* from

411

* -Wunreachable-code

412

*/

413

safer_gnutls_strerror(ret));

414

gnutls_global_deinit();

347

415

return -1;

348

416

}

349

417

350

418

if(debug){

351

fprintf(stderr, "Attempting to use OpenPGP certificate %s"

352

" and keyfile %s as GnuTLS credentials\n", pubkeyfile,

353

seckeyfile);

419

fprintf(stderr, "Attempting to use OpenPGP public key %s and"

420

" secret key %s as GnuTLS credentials\n", pubkeyfilename,

421

seckeyfilename);

354

422

}

355

423

356

424

ret = gnutls_certificate_set_openpgp_key_file

357

(mc->cred, pubkeyfile, seckeyfile, GNUTLS_OPENPGP_FMT_BASE64);

358

if (ret != GNUTLS_E_SUCCESS) {

425

(mc->cred, pubkeyfilename, seckeyfilename,

426

GNUTLS_OPENPGP_FMT_BASE64);

427

if(ret != GNUTLS_E_SUCCESS) {

359

428

fprintf(stderr,

360

429

"Error[%d] while reading the OpenPGP key pair ('%s',"

361

" '%s')\n", ret, pubkeyfile, seckeyfile);

362

fprintf(stdout, "The GnuTLS error is: %s\n",

430

" '%s')\n", ret, pubkeyfilename, seckeyfilename);

431

fprintf(stderr, "The GnuTLS error is: %s\n",

363

432

safer_gnutls_strerror(ret));

364

433

goto globalfail;

365

434

}

366

435

367

436

/* GnuTLS server initialization */

368

437

ret = gnutls_dh_params_init(&mc->dh_params);

369

if (ret != GNUTLS_E_SUCCESS) {

370

fprintf (stderr, "Error in GnuTLS DH parameter initialization:"

371

" %s\n", safer_gnutls_strerror(ret));

438

if(ret != GNUTLS_E_SUCCESS) {

439

fprintf(stderr, "Error in GnuTLS DH parameter initialization:"

440

" %s\n", safer_gnutls_strerror(ret));

372

441

goto globalfail;

373

442

}

374

443

ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);

375

if (ret != GNUTLS_E_SUCCESS) {

376

fprintf (stderr, "Error in GnuTLS prime generation: %s\n",

377

safer_gnutls_strerror(ret));

444

if(ret != GNUTLS_E_SUCCESS) {

445

fprintf(stderr, "Error in GnuTLS prime generation: %s\n",

446

safer_gnutls_strerror(ret));

378

447

goto globalfail;

379

448

}

380

449

381

450

gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);

382

451

383

452

return 0;

384

453

385

454

globalfail:

386

455

387

456

gnutls_certificate_free_credentials(mc->cred);

388

457

gnutls_global_deinit();

458

gnutls_dh_params_deinit(mc->dh_params);

389

459

return -1;

390

391

460

}

392

461

393

462

static int init_gnutls_session(mandos_context *mc,

395

464

int ret;

396

465

/* GnuTLS session creation */

397

466

ret = gnutls_init(session, GNUTLS_SERVER);

398

if (ret != GNUTLS_E_SUCCESS){

467

if(ret != GNUTLS_E_SUCCESS){

399

468

fprintf(stderr, "Error in GnuTLS session initialization: %s\n",

400

469

safer_gnutls_strerror(ret));

401

470

}

403

472

{

404

473

const char *err;

405

474

ret = gnutls_priority_set_direct(*session, mc->priority, &err);

406

if (ret != GNUTLS_E_SUCCESS) {

475

if(ret != GNUTLS_E_SUCCESS) {

407

476

fprintf(stderr, "Syntax error at: %s\n", err);

408

477

fprintf(stderr, "GnuTLS error: %s\n",

409

478

safer_gnutls_strerror(ret));

410

gnutls_deinit (*session);

479

gnutls_deinit(*session);

411

480

return -1;

412

481

}

413

482

}

414

483

415

484

ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,

416

485

mc->cred);

417

if (ret != GNUTLS_E_SUCCESS) {

486

if(ret != GNUTLS_E_SUCCESS) {

418

487

fprintf(stderr, "Error setting GnuTLS credentials: %s\n",

419

488

safer_gnutls_strerror(ret));

420

gnutls_deinit (*session);

489

gnutls_deinit(*session);

421

490

return -1;

422

491

}

423

492

424

493

/* ignore client certificate if any. */

425

gnutls_certificate_server_set_request (*session,

426

GNUTLS_CERT_IGNORE);

494

gnutls_certificate_server_set_request(*session,

495

GNUTLS_CERT_IGNORE);

427

496

428

gnutls_dh_set_prime_bits (*session, mc->dh_bits);

497

gnutls_dh_set_prime_bits(*session, mc->dh_bits);

429

498

430

499

return 0;

431

500

}

439

508

AvahiIfIndex if_index,

440

509

mandos_context *mc){

441

510

int ret, tcp_sd;

511

ssize_t sret;

442

512

union { struct sockaddr in; struct sockaddr_in6 in6; } to;

443

513

char *buffer = NULL;

444

514

char *decrypted_buffer;

450

520

char interface[IF_NAMESIZE];

451

521

gnutls_session_t session;

452

522

453

ret = init_gnutls_session (mc, &session);

454

if (ret != 0){

523

ret = init_gnutls_session(mc, &session);

524

if(ret != 0){

455

525

return -1;

456

526

}

457

527

465

535

perror("socket");

466

536

return -1;

467

537

}

468

538

469

539

if(debug){

470

540

if(if_indextoname((unsigned int)if_index, interface) == NULL){

471

541

perror("if_indextoname");

474

544

fprintf(stderr, "Binding to interface %s\n", interface);

475

545

}

476

546

477

memset(&to,0,sizeof(to)); /* Spurious warning */

547

memset(&to, 0, sizeof(to));

478

548

to.in6.sin6_family = AF_INET6;

479

549

/* It would be nice to have a way to detect if we were passed an

480

550

IPv4 address here. Now we assume an IPv6 address. */

481

551

ret = inet_pton(AF_INET6, ip, &to.in6.sin6_addr);

482

if (ret < 0 ){

552

if(ret < 0 ){

483

553

perror("inet_pton");

484

554

return -1;

485

555

}

487

557

fprintf(stderr, "Bad address: %s\n", ip);

488

558

return -1;

489

559

}

490

to.in6.sin6_port = htons(port); /* Spurious warning */

560

to.in6.sin6_port = htons(port); /* Spurious warnings from

561

-Wconversion and

562

-Wunreachable-code */

491

563

492

564

to.in6.sin6_scope_id = (uint32_t)if_index;

493

565

506

578

}

507

579

508

580

ret = connect(tcp_sd, &to.in, sizeof(to));

509

if (ret < 0){

581

if(ret < 0){

510

582

perror("connect");

511

583

return -1;

512

584

}

513

585

514

586

const char *out = mandos_protocol_version;

515

587

written = 0;

516

while (true){

588

while(true){

517

589

size_t out_size = strlen(out);

518

ret = TEMP_FAILURE_RETRY(write(tcp_sd, out + written,

590

ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written,

519

591

out_size - written));

520

if (ret == -1){

592

if(ret == -1){

521

593

perror("write");

522

594

retval = -1;

523

595

goto mandos_end;

526

598

if(written < out_size){

527

599

continue;

528

600

} else {

529

if (out == mandos_protocol_version){

601

if(out == mandos_protocol_version){

530

602

written = 0;

531

603

out = "\r\n";

532

604

} else {

534

606

}

535

607

}

536

608

}

537

609

538

610

if(debug){

539

611

fprintf(stderr, "Establishing TLS session with %s\n", ip);

540

612

}

541

613

542

gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) tcp_sd);

543

614

gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) tcp_sd);

615

544

616

do{

545

ret = gnutls_handshake (session);

617

ret = gnutls_handshake(session);

546

618

} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);

547

619

548

if (ret != GNUTLS_E_SUCCESS){

620

if(ret != GNUTLS_E_SUCCESS){

549

621

if(debug){

550

622

fprintf(stderr, "*** GnuTLS Handshake failed ***\n");

551

gnutls_perror (ret);

623

gnutls_perror(ret);

552

624

}

553

625

retval = -1;

554

626

goto mandos_end;

560

632

fprintf(stderr, "Retrieving pgp encrypted password from %s\n",

561

633

ip);

562

634

}

563

635

564

636

while(true){

565

637

buffer_capacity = adjustbuffer(&buffer, buffer_length,

566

638

buffer_capacity);

567

if (buffer_capacity == 0){

639

if(buffer_capacity == 0){

568

640

perror("adjustbuffer");

569

641

retval = -1;

570

642

goto mandos_end;

571

643

}

572

644

573

ret = gnutls_record_recv(session, buffer+buffer_length,

574

BUFFER_SIZE);

575

if (ret == 0){

645

sret = gnutls_record_recv(session, buffer+buffer_length,

646

BUFFER_SIZE);

647

if(sret == 0){

576

648

break;

577

649

}

578

if (ret < 0){

579

switch(ret){

650

if(sret < 0){

651

switch(sret){

580

652

case GNUTLS_E_INTERRUPTED:

581

653

case GNUTLS_E_AGAIN:

582

654

break;

583

655

case GNUTLS_E_REHANDSHAKE:

584

656

do{

585

ret = gnutls_handshake (session);

657

ret = gnutls_handshake(session);

586

658

} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);

587

if (ret < 0){

659

if(ret < 0){

588

660

fprintf(stderr, "*** GnuTLS Re-handshake failed ***\n");

589

gnutls_perror (ret);

661

gnutls_perror(ret);

590

662

retval = -1;

591

663

goto mandos_end;

592

664

}

595

667

fprintf(stderr, "Unknown error while reading data from"

596

668

" encrypted session with Mandos server\n");

597

669

retval = -1;

598

gnutls_bye (session, GNUTLS_SHUT_RDWR);

670

gnutls_bye(session, GNUTLS_SHUT_RDWR);

599

671

goto mandos_end;

600

672

}

601

673

} else {

602

buffer_length += (size_t) ret;

674

buffer_length += (size_t) sret;

603

675

}

604

676

}

605

677

607

679

fprintf(stderr, "Closing TLS session\n");

608

680

}

609

681

610

gnutls_bye (session, GNUTLS_SHUT_RDWR);

682

gnutls_bye(session, GNUTLS_SHUT_RDWR);

611

683

612

if (buffer_length > 0){

613

decrypted_buffer_size = pgp_packet_decrypt(buffer,

684

if(buffer_length > 0){

685

decrypted_buffer_size = pgp_packet_decrypt(mc, buffer,

614

686

buffer_length,

615

&decrypted_buffer,

616

keydir);

617

if (decrypted_buffer_size >= 0){

687

&decrypted_buffer);

688

if(decrypted_buffer_size >= 0){

618

689

written = 0;

619

690

while(written < (size_t) decrypted_buffer_size){

620

ret = (int)fwrite (decrypted_buffer + written, 1,

621

(size_t)decrypted_buffer_size - written,

622

stdout);

691

ret = (int)fwrite(decrypted_buffer + written, 1,

692

(size_t)decrypted_buffer_size - written,

693

stdout);

623

694

if(ret == 0 and ferror(stdout)){

624

695

if(debug){

625

696

fprintf(stderr, "Error writing encrypted data: %s\n",

634

705

} else {

635

706

retval = -1;

636

707

}

708

} else {

709

retval = -1;

637

710

}

638

711

639

712

/* Shutdown procedure */

640

713

641

714

mandos_end:

642

715

free(buffer);

643

close(tcp_sd);

644

gnutls_deinit (session);

716

ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));

717

if(ret == -1){

718

perror("close");

719

}

720

gnutls_deinit(session);

645

721

return retval;

646

722

}

647

723

660

736

flags,

661

737

void* userdata) {

662

738

mandos_context *mc = userdata;

663

assert(r); /* Spurious warning */

739

assert(r);

664

740

665

741

/* Called whenever a service has been resolved successfully or

666

742

timed out */

667

743

668

switch (event) {

744

switch(event) {

669

745

default:

670

746

case AVAHI_RESOLVER_FAILURE:

671

747

fprintf(stderr, "(Avahi Resolver) Failed to resolve service '%s'"

679

755

avahi_address_snprint(ip, sizeof(ip), address);

680

756

if(debug){

681

757

fprintf(stderr, "Mandos server \"%s\" found on %s (%s, %"

682

PRIu16 ") on port %d\n", name, host_name, ip,

683

interface, port);

758

PRIdMAX ") on port %" PRIu16 "\n", name, host_name,

759

ip, (intmax_t)interface, port);

684

760

}

685

761

int ret = start_mandos_communication(ip, port, interface, mc);

686

if (ret == 0){

687

exit(EXIT_SUCCESS);

762

if(ret == 0){

763

avahi_simple_poll_quit(mc->simple_poll);

688

764

}

689

765

}

690

766

}

702

778

flags,

703

779

void* userdata) {

704

780

mandos_context *mc = userdata;

705

assert(b); /* Spurious warning */

781

assert(b);

706

782

707

783

/* Called whenever a new services becomes available on the LAN or

708

784

is removed from the LAN */

709

785

710

switch (event) {

786

switch(event) {

711

787

default:

712

788

case AVAHI_BROWSER_FAILURE:

713

789

722

798

the callback function is called the Avahi server will free the

723

799

resolver for us. */

724

800

725

if (!(avahi_s_service_resolver_new(mc->server, interface,

801

if(!(avahi_s_service_resolver_new(mc->server, interface,

726

802

protocol, name, type, domain,

727

803

AVAHI_PROTO_INET6, 0,

728

804

resolve_callback, mc)))

742

818

}

743

819

}

744

820

745

/* Combines file name and path and returns the malloced new

746

string. some sane checks could/should be added */

747

static const char *combinepath(const char *first, const char *second){

748

size_t f_len = strlen(first);

749

size_t s_len = strlen(second);

750

char *tmp = malloc(f_len + s_len + 2);

751

if (tmp == NULL){

752

return NULL;

753

}

754

if(f_len > 0){

755

memcpy(tmp, first, f_len); /* Spurious warning */

756

}

757

tmp[f_len] = '/';

758

if(s_len > 0){

759

memcpy(tmp + f_len + 1, second, s_len); /* Spurious warning */

760

}

761

tmp[f_len + 1 + s_len] = '\0';

762

return tmp;

763

}

764

765

766

821

int main(int argc, char *argv[]){

767

822

AvahiSServiceBrowser *sb = NULL;

768

823

int error;

769

824

int ret;

825

intmax_t tmpmax;

826

int numchars;

770

827

int exitcode = EXIT_SUCCESS;

771

828

const char *interface = "eth0";

772

829

struct ifreq network;

774

831

uid_t uid;

775

832

gid_t gid;

776

833

char *connect_to = NULL;

834

char tempdir[] = "/tmp/mandosXXXXXX";

777

835

AvahiIfIndex if_index = AVAHI_IF_UNSPEC;

778

const char *pubkeyfile = "pubkey.txt";

779

const char *seckeyfile = "seckey.txt";

836

const char *seckey = PATHDIR "/" SECKEY;

837

const char *pubkey = PATHDIR "/" PUBKEY;

838

780

839

mandos_context mc = { .simple_poll = NULL, .server = NULL,

781

.dh_bits = 1024, .priority = "SECURE256"};

782

bool gnutls_initalized = false;

840

.dh_bits = 1024, .priority = "SECURE256"

841

":!CTYPE-X.509:+CTYPE-OPENPGP" };

842

bool gnutls_initialized = false;

843

bool gpgme_initialized = false;

783

844

784

845

{

785

846

struct argp_option options[] = {

786

847

{ .name = "debug", .key = 128,

787

848

.doc = "Debug mode", .group = 3 },

788

849

{ .name = "connect", .key = 'c',

789

.arg = "IP",

790

.doc = "Connect directly to a sepcified mandos server",

850

.arg = "ADDRESS:PORT",

851

.doc = "Connect directly to a specific Mandos server",

791

852

.group = 1 },

792

853

{ .name = "interface", .key = 'i',

793

.arg = "INTERFACE",

794

.doc = "Interface that Avahi will conntect through",

795

.group = 1 },

796

{ .name = "keydir", .key = 'd',

797

.arg = "KEYDIR",

798

.doc = "Directory where the openpgp keyring is",

854

.arg = "NAME",

855

.doc = "Interface that will be used to search for Mandos"

856

" servers",

799

857

.group = 1 },

800

858

{ .name = "seckey", .key = 's',

801

.arg = "SECKEY",

802

.doc = "Secret openpgp key for gnutls authentication",

859

.arg = "FILE",

860

.doc = "OpenPGP secret key file base name",

803

861

.group = 1 },

804

862

{ .name = "pubkey", .key = 'p',

805

.arg = "PUBKEY",

806

.doc = "Public openpgp key for gnutls authentication",

863

.arg = "FILE",

864

.doc = "OpenPGP public key file base name",

807

865

.group = 2 },

808

866

{ .name = "dh-bits", .key = 129,

809

867

.arg = "BITS",

810

.doc = "dh-bits to use in gnutls communication",

868

.doc = "Bit length of the prime number used in the"

869

" Diffie-Hellman key exchange",

811

870

.group = 2 },

812

871

{ .name = "priority", .key = 130,

813

.arg = "PRIORITY",

814

.doc = "GNUTLS priority", .group = 1 },

872

.arg = "STRING",

873

.doc = "GnuTLS priority string for the TLS handshake",

874

.group = 1 },

815

875

{ .name = NULL }

816

876

};

817

818

877

819

error_t parse_opt (int key, char *arg,

820

struct argp_state *state) {

821

/* Get the INPUT argument from `argp_parse', which we know is

822

a pointer to our plugin list pointer. */

823

switch (key) {

824

case 128:

878

error_t parse_opt(int key, char *arg,

879

struct argp_state *state) {

880

switch(key) {

881

case 128: /* --debug */

825

882

debug = true;

826

883

break;

827

case 'c':

884

case 'c': /* --connect */

828

885

connect_to = arg;

829

886

break;

830

case 'i':

887

case 'i': /* --interface */

831

888

interface = arg;

832

889

break;

833

case 'd':

834

keydir = arg;

835

break;

836

case 's':

837

seckeyfile = arg;

838

break;

839

case 'p':

840

pubkeyfile = arg;

841

break;

842

case 129:

843

errno = 0;

844

mc.dh_bits = (unsigned int) strtol(arg, NULL, 10);

845

if (errno){

846

perror("strtol");

890

case 's': /* --seckey */

891

seckey = arg;

892

break;

893

case 'p': /* --pubkey */

894

pubkey = arg;

895

break;

896

case 129: /* --dh-bits */

897

ret = sscanf(arg, "%" SCNdMAX "%n", &tmpmax, &numchars);

898

if(ret < 1 or tmpmax != (typeof(mc.dh_bits))tmpmax

899

or arg[numchars] != '\0'){

900

fprintf(stderr, "Bad number of DH bits\n");

847

901

exit(EXIT_FAILURE);

848

902

}

903

mc.dh_bits = (typeof(mc.dh_bits))tmpmax;

849

904

break;

850

case 130:

905

case 130: /* --priority */

851

906

mc.priority = arg;

852

907

break;

853

908

case ARGP_KEY_ARG:

854

argp_usage (state);

909

argp_usage(state);

910

case ARGP_KEY_END:

855

911

break;

856

case ARGP_KEY_END:

857

break;

858

912

default:

859

913

return ARGP_ERR_UNKNOWN;

860

914

}

861

915

return 0;

862

916

}

863

917

864

918

struct argp argp = { .options = options, .parser = parse_opt,

865

919

.args_doc = "",

866

920

.doc = "Mandos client -- Get and decrypt"

867

" passwords from mandos server" };

868

ret = argp_parse (&argp, argc, argv, 0, 0, NULL);

869

if (ret == ARGP_ERR_UNKNOWN){

870

fprintf(stderr, "Unkown error while parsing arguments\n");

871

exitcode = EXIT_FAILURE;

872

goto end;

873

}

874

}

875

876

pubkeyfile = combinepath(keydir, pubkeyfile);

877

if (pubkeyfile == NULL){

878

perror("combinepath");

879

exitcode = EXIT_FAILURE;

880

goto end;

881

}

882

883

seckeyfile = combinepath(keydir, seckeyfile);

884

if (seckeyfile == NULL){

885

perror("combinepath");

886

goto end;

887

}

888

889

ret = init_gnutls_global(&mc, pubkeyfile, seckeyfile);

890

if (ret == -1){

891

fprintf(stderr, "init_gnutls_global\n");

892

goto end;

893

} else {

894

gnutls_initalized = true;

895

}

896

921

" passwords from a Mandos server" };

922

ret = argp_parse(&argp, argc, argv, 0, 0, NULL);

923

if(ret == ARGP_ERR_UNKNOWN){

924

fprintf(stderr, "Unknown error while parsing arguments\n");

925

exitcode = EXIT_FAILURE;

926

goto end;

927

}

928

}

929

930

/* If the interface is down, bring it up */

931

{

932

sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);

933

if(sd < 0) {

934

perror("socket");

935

exitcode = EXIT_FAILURE;

936

goto end;

937

}

938

strcpy(network.ifr_name, interface);

939

ret = ioctl(sd, SIOCGIFFLAGS, &network);

940

if(ret == -1){

941

perror("ioctl SIOCGIFFLAGS");

942

exitcode = EXIT_FAILURE;

943

goto end;

944

}

945

if((network.ifr_flags & IFF_UP) == 0){

946

network.ifr_flags |= IFF_UP;

947

ret = ioctl(sd, SIOCSIFFLAGS, &network);

948

if(ret == -1){

949

perror("ioctl SIOCSIFFLAGS");

950

exitcode = EXIT_FAILURE;

951

goto end;

952

}

953

}

954

ret = (int)TEMP_FAILURE_RETRY(close(sd));

955

if(ret == -1){

956

perror("close");

957

}

958

}

959

897

960

uid = getuid();

898

961

gid = getgid();

899

962

900

963

ret = setuid(uid);

901

if (ret == -1){

964

if(ret == -1){

902

965

perror("setuid");

903

966

}

904

967

905

968

setgid(gid);

906

if (ret == -1){

969

if(ret == -1){

907

970

perror("setgid");

908

971

}

909

972

973

ret = init_gnutls_global(&mc, pubkey, seckey);

974

if(ret == -1){

975

fprintf(stderr, "init_gnutls_global failed\n");

976

exitcode = EXIT_FAILURE;

977

goto end;

978

} else {

979

gnutls_initialized = true;

980

}

981

982

if(mkdtemp(tempdir) == NULL){

983

perror("mkdtemp");

984

tempdir[0] = '\0';

985

goto end;

986

}

987

988

if(not init_gpgme(&mc, pubkey, seckey, tempdir)){

989

fprintf(stderr, "init_gpgme failed\n");

990

exitcode = EXIT_FAILURE;

991

goto end;

992

} else {

993

gpgme_initialized = true;

994

}

995

910

996

if_index = (AvahiIfIndex) if_nametoindex(interface);

911

997

if(if_index == 0){

912

998

fprintf(stderr, "No such interface: \"%s\"\n", interface);

922

1008

exitcode = EXIT_FAILURE;

923

1009

goto end;

924

1010

}

925

errno = 0;

926

uint16_t port = (uint16_t) strtol(address+1, NULL, 10);

927

if(errno){

928

perror("Bad port number");

1011

uint16_t port;

1012

ret = sscanf(address+1, "%" SCNdMAX "%n", &tmpmax, &numchars);

1013

if(ret < 1 or tmpmax != (uint16_t)tmpmax

1014

or address[numchars+1] != '\0'){

1015

fprintf(stderr, "Bad port number\n");

929

1016

exitcode = EXIT_FAILURE;

930

1017

goto end;

931

1018

}

1019

port = (uint16_t)tmpmax;

932

1020

*address = '\0';

933

1021

address = connect_to;

934

1022

ret = start_mandos_communication(address, port, if_index, &mc);

940

1028

goto end;

941

1029

}

942

1030

943

/* If the interface is down, bring it up */

944

{

945

sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);

946

if(sd < 0) {

947

perror("socket");

948

exitcode = EXIT_FAILURE;

949

goto end;

950

}

951

strcpy(network.ifr_name, interface); /* Spurious warning */

952

ret = ioctl(sd, SIOCGIFFLAGS, &network);

953

if(ret == -1){

954

perror("ioctl SIOCGIFFLAGS");

955

exitcode = EXIT_FAILURE;

956

goto end;

957

}

958

if((network.ifr_flags & IFF_UP) == 0){

959

network.ifr_flags |= IFF_UP;

960

ret = ioctl(sd, SIOCSIFFLAGS, &network);

961

if(ret == -1){

962

perror("ioctl SIOCSIFFLAGS");

963

exitcode = EXIT_FAILURE;

964

goto end;

965

}

966

}

967

close(sd);

968

}

969

970

if (not debug){

1031

if(not debug){

971

1032

avahi_set_log_function(empty_log);

972

1033

}

973

1034

976

1037

977

1038

/* Allocate main Avahi loop object */

978

1039

mc.simple_poll = avahi_simple_poll_new();

979

if (mc.simple_poll == NULL) {

1040

if(mc.simple_poll == NULL) {

980

1041

fprintf(stderr, "Avahi: Failed to create simple poll"

981

1042

" object.\n");

982

1043

exitcode = EXIT_FAILURE;

983

1044

goto end;

984

1045

}

985

1046

986

1047

{

987

1048

AvahiServerConfig config;

988

1049

/* Do not publish any local Zeroconf records */

991

1052

config.publish_addresses = 0;

992

1053

config.publish_workstation = 0;

993

1054

config.publish_domain = 0;

994

1055

995

1056

/* Allocate a new server */

996

1057

mc.server = avahi_server_new(avahi_simple_poll_get

997

1058

(mc.simple_poll), &config, NULL,

998

1059

NULL, &error);

999

1060

1000

1061

/* Free the Avahi configuration data */

1001

1062

avahi_server_config_free(&config);

1002

1063

}

1003

1064

1004

1065

/* Check if creating the Avahi server object succeeded */

1005

if (mc.server == NULL) {

1066

if(mc.server == NULL) {

1006

1067

fprintf(stderr, "Failed to create Avahi server: %s\n",

1007

1068

avahi_strerror(error));

1008

1069

exitcode = EXIT_FAILURE;

1014

1075

AVAHI_PROTO_INET6,

1015

1076

"_mandos._tcp", NULL, 0,

1016

1077

browse_callback, &mc);

1017

if (sb == NULL) {

1078

if(sb == NULL) {

1018

1079

fprintf(stderr, "Failed to create service browser: %s\n",

1019

1080

avahi_strerror(avahi_server_errno(mc.server)));

1020

1081

exitcode = EXIT_FAILURE;

1022

1083

}

1023

1084

1024

1085

/* Run the main loop */

1025

1026

if (debug){

1086

1087

if(debug){

1027

1088

fprintf(stderr, "Starting Avahi loop search\n");

1028

1089

}

1029

1090

1030

1091

avahi_simple_poll_loop(mc.simple_poll);

1031

1092

1032

1093

end:

1033

1034

if (debug){

1094

1095

if(debug){

1035

1096

fprintf(stderr, "%s exiting\n", argv[0]);

1036

1097

}

1037

1098

1038

1099

/* Cleanup things */

1039

if (sb != NULL)

1100

if(sb != NULL)

1040

1101

avahi_s_service_browser_free(sb);

1041

1102

1042

if (mc.server != NULL)

1103

if(mc.server != NULL)

1043

1104

avahi_server_free(mc.server);

1044

1045

if (mc.simple_poll != NULL)

1105

1106

if(mc.simple_poll != NULL)

1046

1107

avahi_simple_poll_free(mc.simple_poll);

1047

free(pubkeyfile);

1048

free(seckeyfile);

1049

1050

if (gnutls_initalized){

1108

1109

if(gnutls_initialized){

1051

1110

gnutls_certificate_free_credentials(mc.cred);

1052

gnutls_global_deinit ();

1111

gnutls_global_deinit();

1112

gnutls_dh_params_deinit(mc.dh_params);

1113

}

1114

1115

if(gpgme_initialized){

1116

gpgme_release(mc.ctx);

1117

}

1118

1119

/* Removes the temp directory used by GPGME */

1120

if(tempdir[0] != '\0'){

1121

DIR *d;

1122

struct dirent *direntry;

1123

d = opendir(tempdir);

1124

if(d == NULL){

1125

if(errno != ENOENT){

1126

perror("opendir");

1127

}

1128

} else {

1129

while(true){

1130

direntry = readdir(d);

1131

if(direntry == NULL){

1132

break;

1133

}

1134

/* Skip "." and ".." */

1135

if(direntry->d_name[0] == '.'

1136

and (direntry->d_name[1] == '\0'

1137

or (direntry->d_name[1] == '.'

1138

and direntry->d_name[2] == '\0'))){

1139

continue;

1140

}

1141

char *fullname = NULL;

1142

ret = asprintf(&fullname, "%s/%s", tempdir,

1143

direntry->d_name);

1144

if(ret < 0){

1145

perror("asprintf");

1146

continue;

1147

}

1148

ret = remove(fullname);

1149

if(ret == -1){

1150

fprintf(stderr, "remove(\"%s\"): %s\n", fullname,

1151

strerror(errno));

1152

}

1153

free(fullname);

1154

}

1155

closedir(d);

1156

}

1157

ret = rmdir(tempdir);

1158

if(ret == -1 and errno != ENOENT){

1159

perror("rmdir");

1160

}

1053

1161

}

1054

1162

1055

1163

return exitcode;