To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/mandos-client.c
- browse files at revision 397
- compare with another revision
- download diff
- download tarball
- view history from revision 397
- Committer: Teddy Hogeborn
- Date: 2009-10-30 16:23:43 UTC
- Revision ID: teddy@fukt.bsnet.se-20091030162343-1p2a8bf3gc084kc9
* plugins.d/password-prompt.c: Use environment variables and prompt
text from cryptsetup 1.1.
* plugins.d/password-prompt.xml (ENVIRONMENT): Document change in
environment variables
used.
text from cryptsetup 1.1.
* plugins.d/password-prompt.xml (ENVIRONMENT): Document change in
environment variables
used.
- files modified:
- Makefile
added
removed
plugins.d/mandos-client.c
44
44
#include <stdint.h> /* uint16_t, uint32_t */
45
45
#include <stddef.h> /* NULL, size_t, ssize_t */
46
46
#include <stdlib.h> /* free(), EXIT_SUCCESS, EXIT_FAILURE,
47
srand(), strtof() */
47
srand(), strtof(), abort() */
48
48
#include <stdbool.h> /* bool, false, true */
49
49
#include <string.h> /* memset(), strcmp(), strlen(),
50
50
strerror(), asprintf(), strcpy() */
71
71
INET_ADDRSTRLEN, INET6_ADDRSTRLEN
72
72
*/
73
73
#include <unistd.h> /* close(), SEEK_SET, off_t, write(),
74
getuid(), getgid(), setuid(),
75
setgid() */
74
getuid(), getgid(), seteuid(),
75
setgid(), pause() */
76
76
#include <arpa/inet.h> /* inet_pton(), htons */
77
77
#include <iso646.h> /* not, or, and */
78
78
#include <argp.h> /* struct argp_option, error_t, struct
82
82
#include <signal.h> /* sigemptyset(), sigaddset(),
83
83
sigaction(), SIGTERM, sig_atomic_t,
84
84
raise() */
85
#include <sysexits.h> /* EX_OSERR, EX_USAGE */
85
86
86
87
#ifdef __linux__
87
88
#include <sys/klog.h> /* klogctl() */
142
143
.dh_bits = 1024, .priority = "SECURE256"
143
144
":!CTYPE-X.509:+CTYPE-OPENPGP" };
144
145
146
sig_atomic_t quit_now = 0;
147
int signal_received = 0;
148
145
149
/*
146
150
* Make additional room in "buffer" for at least BUFFER_SIZE more
147
151
* bytes. "buffer_capacity" is how much is currently allocated,
164
168
*/
165
169
static bool init_gpgme(const char *seckey,
166
170
const char *pubkey, const char *tempdir){
167
int ret;
168
171
gpgme_error_t rc;
169
172
gpgme_engine_info_t engine_info;
170
173
173
176
* Helper function to insert pub and seckey to the engine keyring.
174
177
*/
175
178
bool import_key(const char *filename){
179
int ret;
176
180
int fd;
177
181
gpgme_data_t pgp_data;
178
182
474
478
static int init_gnutls_session(gnutls_session_t *session){
475
479
int ret;
476
480
/* GnuTLS session creation */
477
ret = gnutls_init(session, GNUTLS_SERVER);
481
do {
482
ret = gnutls_init(session, GNUTLS_SERVER);
483
if(quit_now){
484
return -1;
485
}
486
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
478
487
if(ret != GNUTLS_E_SUCCESS){
479
488
fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
480
489
safer_gnutls_strerror(ret));
482
491
483
492
{
484
493
const char *err;
485
ret = gnutls_priority_set_direct(*session, mc.priority, &err);
494
do {
495
ret = gnutls_priority_set_direct(*session, mc.priority, &err);
496
if(quit_now){
497
gnutls_deinit(*session);
498
return -1;
499
}
500
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
486
501
if(ret != GNUTLS_E_SUCCESS){
487
502
fprintf(stderr, "Syntax error at: %s\n", err);
488
503
fprintf(stderr, "GnuTLS error: %s\n",
492
507
}
493
508
}
494
509
495
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
496
mc.cred);
510
do {
511
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
512
mc.cred);
513
if(quit_now){
514
gnutls_deinit(*session);
515
return -1;
516
}
517
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN);
497
518
if(ret != GNUTLS_E_SUCCESS){
498
519
fprintf(stderr, "Error setting GnuTLS credentials: %s\n",
499
520
safer_gnutls_strerror(ret));
502
523
}
503
524
504
525
/* ignore client certificate if any. */
505
gnutls_certificate_server_set_request(*session,
506
GNUTLS_CERT_IGNORE);
526
gnutls_certificate_server_set_request(*session, GNUTLS_CERT_IGNORE);
507
527
508
528
gnutls_dh_set_prime_bits(*session, mc.dh_bits);
509
529
514
534
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
515
535
__attribute__((unused)) const char *txt){}
516
536
517
sig_atomic_t quit_now = 0;
518
int signal_received = 0;
519
520
537
/* Called when a Mandos server is found */
521
538
static int start_mandos_communication(const char *ip, uint16_t port,
522
539
AvahiIfIndex if_index,
528
545
struct sockaddr_in6 in6;
529
546
} to;
530
547
char *buffer = NULL;
531
char *decrypted_buffer;
548
char *decrypted_buffer = NULL;
532
549
size_t buffer_length = 0;
533
550
size_t buffer_capacity = 0;
534
ssize_t decrypted_buffer_size;
535
551
size_t written;
536
int retval = 0;
552
int retval = -1;
537
553
gnutls_session_t session;
538
554
int pf; /* Protocol family */
539
555
566
582
tcp_sd = socket(pf, SOCK_STREAM, 0);
567
583
if(tcp_sd < 0){
568
584
perror("socket");
569
retval = -1;
570
585
goto mandos_end;
571
586
}
572
587
584
599
}
585
600
if(ret < 0 ){
586
601
perror("inet_pton");
587
retval = -1;
588
602
goto mandos_end;
589
603
}
590
604
if(ret == 0){
591
605
fprintf(stderr, "Bad address: %s\n", ip);
592
retval = -1;
593
606
goto mandos_end;
594
607
}
595
608
if(af == AF_INET6){
603
616
if(if_index == AVAHI_IF_UNSPEC){
604
617
fprintf(stderr, "An IPv6 link-local address is incomplete"
605
618
" without a network interface\n");
606
retval = -1;
607
619
goto mandos_end;
608
620
}
609
621
/* Set the network interface number as scope */
662
674
}
663
675
if(ret < 0){
664
676
perror("connect");
665
retval = -1;
666
677
goto mandos_end;
667
678
}
668
679
678
689
out_size - written));
679
690
if(ret == -1){
680
691
perror("write");
681
retval = -1;
682
692
goto mandos_end;
683
693
}
684
694
written += (size_t)ret;
712
722
goto mandos_end;
713
723
}
714
724
715
do{
725
do {
716
726
ret = gnutls_handshake(session);
717
727
if(quit_now){
718
728
goto mandos_end;
724
734
fprintf(stderr, "*** GnuTLS Handshake failed ***\n");
725
735
gnutls_perror(ret);
726
736
}
727
retval = -1;
728
737
goto mandos_end;
729
738
}
730
739
745
754
buffer_capacity);
746
755
if(buffer_capacity == 0){
747
756
perror("incbuffer");
748
retval = -1;
749
757
goto mandos_end;
750
758
}
751
759
764
772
case GNUTLS_E_AGAIN:
765
773
break;
766
774
case GNUTLS_E_REHANDSHAKE:
767
do{
775
do {
768
776
ret = gnutls_handshake(session);
769
777
770
778
if(quit_now){
774
782
if(ret < 0){
775
783
fprintf(stderr, "*** GnuTLS Re-handshake failed ***\n");
776
784
gnutls_perror(ret);
777
retval = -1;
778
785
goto mandos_end;
779
786
}
780
787
break;
781
788
default:
782
789
fprintf(stderr, "Unknown error while reading data from"
783
790
" encrypted session with Mandos server\n");
784
retval = -1;
785
791
gnutls_bye(session, GNUTLS_SHUT_RDWR);
786
792
goto mandos_end;
787
793
}
798
804
goto mandos_end;
799
805
}
800
806
801
gnutls_bye(session, GNUTLS_SHUT_RDWR);
802
803
if(quit_now){
804
goto mandos_end;
805
}
807
do {
808
ret = gnutls_bye(session, GNUTLS_SHUT_RDWR);
809
if(quit_now){
810
goto mandos_end;
811
}
812
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
806
813
807
814
if(buffer_length > 0){
815
ssize_t decrypted_buffer_size;
808
816
decrypted_buffer_size = pgp_packet_decrypt(buffer,
809
817
buffer_length,
810
818
&decrypted_buffer);
811
819
if(decrypted_buffer_size >= 0){
820
812
821
written = 0;
813
822
while(written < (size_t) decrypted_buffer_size){
814
823
if(quit_now){
823
832
fprintf(stderr, "Error writing encrypted data: %s\n",
824
833
strerror(errno));
825
834
}
826
retval = -1;
827
break;
835
goto mandos_end;
828
836
}
829
837
written += (size_t)ret;
830
838
}
831
free(decrypted_buffer);
832
} else {
833
retval = -1;
839
retval = 0;
834
840
}
835
} else {
836
retval = -1;
837
841
}
838
842
839
843
/* Shutdown procedure */
840
844
841
845
mandos_end:
846
free(decrypted_buffer);
842
847
free(buffer);
843
848
if(tcp_sd >= 0){
844
849
ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));
994
999
bool gpgme_initialized = false;
995
1000
float delay = 2.5f;
996
1001
997
struct sigaction old_sigterm_action;
1002
struct sigaction old_sigterm_action = { .sa_handler = SIG_DFL };
998
1003
struct sigaction sigterm_action = { .sa_handler = handle_sigterm };
999
1004
1005
uid = getuid();
1006
gid = getgid();
1007
1008
/* Lower any group privileges we might have, just to be safe */
1009
errno = 0;
1010
ret = setgid(gid);
1011
if(ret == -1){
1012
perror("setgid");
1013
}
1014
1015
/* Lower user privileges (temporarily) */
1016
errno = 0;
1017
ret = seteuid(uid);
1018
if(ret == -1){
1019
perror("seteuid");
1020
}
1021
1022
if(quit_now){
1023
goto end;
1024
}
1025
1000
1026
{
1001
1027
struct argp_option options[] = {
1002
1028
{ .name = "debug", .key = 128,
1031
1057
.arg = "SECONDS",
1032
1058
.doc = "Maximum delay to wait for interface startup",
1033
1059
.group = 2 },
1060
/*
1061
* These reproduce what we would get without ARGP_NO_HELP
1062
*/
1063
{ .name = "help", .key = '?',
1064
.doc = "Give this help list", .group = -1 },
1065
{ .name = "usage", .key = -3,
1066
.doc = "Give a short usage message", .group = -1 },
1067
{ .name = "version", .key = 'V',
1068
.doc = "Print program version", .group = -1 },
1034
1069
{ .name = NULL }
1035
1070
};
1036
1071
1037
1072
error_t parse_opt(int key, char *arg,
1038
1073
struct argp_state *state){
1074
errno = 0;
1039
1075
switch(key){
1040
1076
case 128: /* --debug */
1041
1077
debug = true;
1057
1093
tmpmax = strtoimax(arg, &tmp, 10);
1058
1094
if(errno != 0 or tmp == arg or *tmp != '\0'
1059
1095
or tmpmax != (typeof(mc.dh_bits))tmpmax){
1060
fprintf(stderr, "Bad number of DH bits\n");
1061
exit(EXIT_FAILURE);
1096
argp_error(state, "Bad number of DH bits");
1062
1097
}
1063
1098
mc.dh_bits = (typeof(mc.dh_bits))tmpmax;
1064
1099
break;
1069
1104
errno = 0;
1070
1105
delay = strtof(arg, &tmp);
1071
1106
if(errno != 0 or tmp == arg or *tmp != '\0'){
1072
fprintf(stderr, "Bad delay\n");
1073
exit(EXIT_FAILURE);
1107
argp_error(state, "Bad delay");
1074
1108
}
1075
1109
break;
1076
case ARGP_KEY_ARG:
1077
argp_usage(state);
1078
case ARGP_KEY_END:
1110
/*
1111
* These reproduce what we would get without ARGP_NO_HELP
1112
*/
1113
case '?': /* --help */
1114
argp_state_help(state, state->out_stream,
1115
(ARGP_HELP_STD_HELP | ARGP_HELP_EXIT_ERR)
1116
& ~(unsigned int)ARGP_HELP_EXIT_OK);
1117
case -3: /* --usage */
1118
argp_state_help(state, state->out_stream,
1119
ARGP_HELP_USAGE | ARGP_HELP_EXIT_ERR);
1120
case 'V': /* --version */
1121
fprintf(state->out_stream, "%s\n", argp_program_version);
1122
exit(argp_err_exit_status);
1079
1123
break;
1080
1124
default:
1081
1125
return ARGP_ERR_UNKNOWN;
1082
1126
}
1083
return 0;
1127
return errno;
1084
1128
}
1085
1129
1086
1130
struct argp argp = { .options = options, .parser = parse_opt,
1087
1131
.args_doc = "",
1088
1132
.doc = "Mandos client -- Get and decrypt"
1089
1133
" passwords from a Mandos server" };
1090
ret = argp_parse(&argp, argc, argv, 0, 0, NULL);
1091
if(ret == ARGP_ERR_UNKNOWN){
1092
fprintf(stderr, "Unknown error while parsing arguments\n");
1093
exitcode = EXIT_FAILURE;
1134
ret = argp_parse(&argp, argc, argv,
1135
ARGP_IN_ORDER | ARGP_NO_HELP, 0, NULL);
1136
switch(ret){
1137
case 0:
1138
break;
1139
case ENOMEM:
1140
default:
1141
errno = ret;
1142
perror("argp_parse");
1143
exitcode = EX_OSERR;
1144
goto end;
1145
case EINVAL:
1146
exitcode = EX_USAGE;
1094
1147
goto end;
1095
1148
}
1096
1149
}
1186
1239
goto end;
1187
1240
}
1188
1241
1242
/* Re-raise priviliges */
1243
errno = 0;
1244
ret = seteuid(0);
1245
if(ret == -1){
1246
perror("seteuid");
1247
}
1248
1189
1249
#ifdef __linux__
1190
1250
/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO
1191
messages to mess up the prompt */
1251
messages about the network interface to mess up the prompt */
1192
1252
ret = klogctl(8, NULL, 5);
1193
1253
bool restore_loglevel = true;
1194
1254
if(ret == -1){
1209
1269
}
1210
1270
}
1211
1271
#endif /* __linux__ */
1272
/* Lower privileges */
1273
errno = 0;
1274
ret = seteuid(uid);
1275
if(ret == -1){
1276
perror("seteuid");
1277
}
1212
1278
goto end;
1213
1279
}
1214
1280
strcpy(network.ifr_name, interface);
1224
1290
}
1225
1291
#endif /* __linux__ */
1226
1292
exitcode = EXIT_FAILURE;
1293
/* Lower privileges */
1294
errno = 0;
1295
ret = seteuid(uid);
1296
if(ret == -1){
1297
perror("seteuid");
1298
}
1227
1299
goto end;
1228
1300
}
1229
1301
if((network.ifr_flags & IFF_UP) == 0){
1242
1314
}
1243
1315
}
1244
1316
#endif /* __linux__ */
1317
/* Lower privileges */
1318
errno = 0;
1319
ret = seteuid(uid);
1320
if(ret == -1){
1321
perror("seteuid");
1322
}
1245
1323
goto end;
1246
1324
}
1247
1325
}
1275
1353
}
1276
1354
}
1277
1355
#endif /* __linux__ */
1278
}
1279
1280
if(quit_now){
1281
goto end;
1282
}
1283
1284
uid = getuid();
1285
gid = getgid();
1286
1287
errno = 0;
1288
setgid(gid);
1289
if(ret == -1){
1290
perror("setgid");
1291
}
1292
1293
ret = setuid(uid);
1294
if(ret == -1){
1295
perror("setuid");
1356
/* Lower privileges */
1357
errno = 0;
1358
if(take_down_interface){
1359
/* Lower privileges */
1360
ret = seteuid(uid);
1361
if(ret == -1){
1362
perror("seteuid");
1363
}
1364
} else {
1365
/* Lower privileges permanently */
1366
ret = setuid(uid);
1367
if(ret == -1){
1368
perror("setuid");
1369
}
1370
}
1296
1371
}
1297
1372
1298
1373
if(quit_now){
1472
1547
1473
1548
/* Take down the network interface */
1474
1549
if(take_down_interface){
1475
ret = ioctl(sd, SIOCGIFFLAGS, &network);
1550
/* Re-raise priviliges */
1551
errno = 0;
1552
ret = seteuid(0);
1476
1553
if(ret == -1){
1477
perror("ioctl SIOCGIFFLAGS");
1478
} else if(network.ifr_flags & IFF_UP) {
1479
network.ifr_flags &= ~IFF_UP; /* clear flag */
1480
ret = ioctl(sd, SIOCSIFFLAGS, &network);
1481
if(ret == -1){
1482
perror("ioctl SIOCSIFFLAGS");
1483
}
1554
perror("seteuid");
1484
1555
}
1485
ret = (int)TEMP_FAILURE_RETRY(close(sd));
1486
if(ret == -1){
1487
perror("close");
1556
if(geteuid() == 0){
1557
ret = ioctl(sd, SIOCGIFFLAGS, &network);
1558
if(ret == -1){
1559
perror("ioctl SIOCGIFFLAGS");
1560
} else if(network.ifr_flags & IFF_UP) {
1561
network.ifr_flags &= ~(short)IFF_UP; /* clear flag */
1562
ret = ioctl(sd, SIOCSIFFLAGS, &network);
1563
if(ret == -1){
1564
perror("ioctl SIOCSIFFLAGS");
1565
}
1566
}
1567
ret = (int)TEMP_FAILURE_RETRY(close(sd));
1568
if(ret == -1){
1569
perror("close");
1570
}
1571
/* Lower privileges permanently */
1572
errno = 0;
1573
ret = setuid(uid);
1574
if(ret == -1){
1575
perror("setuid");
1576
}
1488
1577
}
1489
1578
}
1490
1579
1535
1624
if(quit_now){
1536
1625
sigemptyset(&old_sigterm_action.sa_mask);
1537
1626
old_sigterm_action.sa_handler = SIG_DFL;
1538
ret = sigaction(signal_received, &old_sigterm_action, NULL);
1627
ret = (int)TEMP_FAILURE_RETRY(sigaction(signal_received,
1628
&old_sigterm_action,
1629
NULL));
1539
1630
if(ret == -1){
1540
1631
perror("sigaction");
1541
1632
}
1542
raise(signal_received);
1633
do {
1634
ret = raise(signal_received);
1635
} while(ret != 0 and errno == EINTR);
1636
if(ret != 0){
1637
perror("raise");
1638
abort();
1639
}
1640
TEMP_FAILURE_RETRY(pause());
1543
1641
}
1544
1642
1545
1643
return exitcode;
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0