To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to mandos-keygen
- browse files at revision 78
- compare with another revision
- download diff
- download tarball
- view history from revision 78
- Committer: Teddy Hogeborn
- Date: 2008-08-16 03:29:08 UTC
- Revision ID: teddy@fukt.bsnet.se-20080816032908-ihw7c05r2mnyk389
Add feature to specify custom environment variables for plugins.
* plugin-runner.c (plugin): New members "environ" and "envc" to
contain possible custom environment.
(getplugin): Return NULL on failure instead of doing exit(); all
callers changed.
(add_to_char_array): New helper function for "add_argument" and
"add_environment".
(addargument): Renamed to "add_argument". Return bool. Call
"add_to_char_array" to actually do things.
(add_environment): New; analogous to "add_argument".
(addcustomargument): Renamed to "add_to_argv" to avoid confusion
with "add_argument".
(main): New options "--global-envs" and "--envs-for" to specify
custom environment for plugins. Print environment for
plugins in debug mode. Use asprintf instead of strcpy and
strcat. Use execve() for plugins with custom environments.
Free environment for plugin when freeing plugin list.
* plugin-runner.c (plugin): New members "environ" and "envc" to
contain possible custom environment.
(getplugin): Return NULL on failure instead of doing exit(); all
callers changed.
(add_to_char_array): New helper function for "add_argument" and
"add_environment".
(addargument): Renamed to "add_argument". Return bool. Call
"add_to_char_array" to actually do things.
(add_environment): New; analogous to "add_argument".
(addcustomargument): Renamed to "add_to_argv" to avoid confusion
with "add_argument".
(main): New options "--global-envs" and "--envs-for" to specify
custom environment for plugins. Print environment for
plugins in debug mode. Use asprintf instead of strcpy and
strcat. Use execve() for plugins with custom environments.
Free environment for plugin when freeing plugin list.
- files added:
- network-protocol.txt
- files removed:
- .bzrignore
- files modified:
- Makefile
added
removed
mandos-keygen
24
24
25
25
KEYDIR="/etc/mandos"
26
26
KEYTYPE=DSA
27
KEYLENGTH=2048
28
SUBKEYTYPE=ELG-E
29
SUBKEYLENGTH=2048
27
KEYLENGTH=1024
30
28
KEYNAME="`hostname --fqdn`"
31
29
KEYEMAIL=""
32
30
KEYCOMMENT="Mandos client key"
33
31
KEYEXPIRE=0
34
32
FORCE=no
35
33
KEYCOMMENT_ORIG="$KEYCOMMENT"
36
mode=keygen
37
34
38
35
# Parse options
39
36
TEMP=`getopt --options vhd:t:l:n:e:c:x:f \
40
--longoptions version,help,password,dir:,type:,length:,subtype:,sublength:,name:,email:,comment:,expire:,force \
37
--longoptions version,help,dir:,type:,length:,name:,email:,comment:,expire:,force \
41
38
--name "$0" -- "$@"`
42
39
43
40
help(){
44
basename="`basename $0`"
45
41
cat <<EOF
46
Usage: $basename [ -v | --version ]
47
$basename [ -h | --help ]
48
Key creation:
49
$basename [ OPTIONS ]
50
Encrypted password creation:
51
$basename { -p | --password } [ --name NAME ] [ --dir DIR]
42
Usage: `basename $0` [options]
52
43
53
Key creation options:
44
Options:
54
45
-v, --version Show program's version number and exit
55
46
-h, --help Show this help message and exit
56
47
-d DIR, --dir DIR Target directory for key files
57
48
-t TYPE, --type TYPE Key type. Default is DSA.
58
49
-l BITS, --length BITS
59
Key length in bits. Default is 2048.
60
-s TYPE, --subtype TYPE
61
Subkey type. Default is ELG-E.
62
-L BITS, --sublength BITS
63
Subkey length in bits. Default is 2048.
50
Key length in bits. Default is 1024.
64
51
-n NAME, --name NAME Name of key. Default is the FQDN.
65
-e ADDRESS, --email ADDRESS
52
-e EMAIL, --email EMAIL
66
53
Email address of key. Default is empty.
67
-c TEXT, --comment TEXT
54
-c COMMENT, --comment COMMENT
68
55
Comment field for key. The default value is
69
56
"Mandos client key".
70
57
-x TIME, --expire TIME
71
58
Key expire time. Default is no expiration.
72
59
See gpg(1) for syntax.
73
60
-f, --force Force overwriting old keys.
74
75
Password creation options:
76
-p, --password Create an encrypted password using the keys in
77
the key directory. All options other than
78
--dir and --name are ignored.
79
61
EOF
80
62
}
81
63
82
64
eval set -- "$TEMP"
83
65
while :; do
84
66
case "$1" in
85
-p|--password) mode=password; shift;;
86
67
-d|--dir) KEYDIR="$2"; shift 2;;
87
68
-t|--type) KEYTYPE="$2"; shift 2;;
88
-s|--subtype) SUBKEYTYPE="$2"; shift 2;;
89
69
-l|--length) KEYLENGTH="$2"; shift 2;;
90
-L|--sublength) SUBKEYLENGTH="$2"; shift 2;;
91
70
-n|--name) KEYNAME="$2"; shift 2;;
92
71
-e|--email) KEYEMAIL="$2"; shift 2;;
93
72
-c|--comment) KEYCOMMENT="$2"; shift 2;;
94
-x|--expire) KEYEXPIRE="$2"; shift 2;;
73
-x|--expire) KEYCOMMENT="$2"; shift 2;;
95
74
-f|--force) FORCE=yes; shift;;
96
75
-v|--version) echo "$0 $VERSION"; exit;;
97
76
-h|--help) help; exit;;
117
96
exit 1
118
97
fi
119
98
120
if [ "$mode" = password -a -e "$KEYDIR/trustdb.gpg.lock" ]; then
121
echo "Key directory has locked trustdb; aborting." >&2
122
exit 1
123
fi
124
125
if [ "$mode" = keygen ]; then
126
if [ -z "$KEYTYPE" ]; then
127
echo "Empty key type" >&2
128
exit 1
129
fi
130
131
if [ -z "$KEYNAME" ]; then
132
echo "Empty key name" >&2
133
exit 1
134
fi
135
136
if [ -z "$KEYLENGTH" ] || [ "$KEYLENGTH" -lt 512 ]; then
137
echo "Invalid key length" >&2
138
exit 1
139
fi
140
141
if [ -z "$KEYEXPIRE" ]; then
142
echo "Empty key expiration" >&2
143
exit 1
144
fi
145
146
# Make FORCE be 0 or 1
147
case "$FORCE" in
148
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]) FORCE=1;;
149
[Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|*) FORCE=0;;
150
esac
151
152
if { [ -e "$SECKEYFILE" ] || [ -e "$PUBKEYFILE" ]; } \
153
&& [ "$FORCE" -eq 0 ]; then
154
echo "Refusing to overwrite old key files; use --force" >&2
155
exit 1
156
fi
157
158
# Set lines for GnuPG batch file
159
if [ -n "$KEYCOMMENT" ]; then
160
KEYCOMMENTLINE="Name-Comment: $KEYCOMMENT"
161
fi
162
if [ -n "$KEYEMAIL" ]; then
163
KEYEMAILLINE="Name-Email: $KEYEMAIL"
164
fi
165
166
# Create temporary gpg batch file
167
BATCHFILE="`mktemp -t mandos-gpg-batch.XXXXXXXXXX`"
168
fi
169
170
if [ "$mode" = password ]; then
171
# Create temporary encrypted password file
172
SECFILE="`mktemp -t mandos-gpg-secfile.XXXXXXXXXX`"
173
fi
174
175
# Create temporary key rings
99
if [ -z "$KEYTYPE" ]; then
100
echo "Empty key type" >&2
101
exit 1
102
fi
103
104
if [ -z "$KEYNAME" ]; then
105
echo "Empty key name" >&2
106
exit 1
107
fi
108
109
if [ -z "$KEYLENGTH" ] || [ "$KEYLENGTH" -lt 512 ]; then
110
echo "Invalid key length" >&2
111
exit 1
112
fi
113
114
if [ -z "$KEYEXPIRE" ]; then
115
echo "Empty key expiration" >&2
116
exit 1
117
fi
118
119
# Make FORCE be 0 or 1
120
case "$FORCE" in
121
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]) FORCE=1;;
122
[Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|*) FORCE=0;;
123
esac
124
125
if { [ -e "$SECKEYFILE" ] || [ -e "$PUBKEYFILE" ]; } \
126
&& [ "$FORCE" -eq 0 ]; then
127
echo "Refusing to overwrite old key files; use --force" >&2
128
exit 1
129
fi
130
131
# Set lines for GnuPG batch file
132
if [ -n "$KEYCOMMENT" ]; then
133
KEYCOMMENTLINE="Name-Comment: $KEYCOMMENT"
134
fi
135
if [ -n "$KEYEMAIL" ]; then
136
KEYEMAILLINE="Name-Email: $KEYEMAIL"
137
fi
138
139
# Create temp files
140
BATCHFILE="`mktemp -t mandos-gpg-batch.XXXXXXXXXX`"
176
141
SECRING="`mktemp -t mandos-gpg-secring.XXXXXXXXXX`"
177
142
PUBRING="`mktemp -t mandos-gpg-pubring.XXXXXXXXXX`"
178
143
179
if [ "$mode" = password ]; then
180
# If a trustdb.gpg file does not already exist, schedule it for
181
# deletion when we are done.
182
if ! [ -e "$KEYDIR/trustdb.gpg" ]; then
183
TRUSTDB="$KEYDIR/trustdb.gpg"
184
fi
185
fi
186
187
144
# Remove temporary files on exit
188
trap "
189
set +e; \
190
rm --force $PUBRING ${PUBRING}~ $BATCHFILE $TRUSTDB; \
191
shred --remove $SECRING $SECFILE; \
192
stty echo; \
193
" EXIT
145
trap "rm --force $PUBRING $BATCHFILE; shred --remove $SECRING" EXIT
146
147
# Create batch file for GnuPG
148
cat >"$BATCHFILE" <<EOF
149
Key-Type: $KEYTYPE
150
Key-Length: $KEYLENGTH
151
#Key-Usage: encrypt,sign,auth
152
Name-Real: $KEYNAME
153
$KEYCOMMENTLINE
154
$KEYEMAILLINE
155
Expire-Date: $KEYEXPIRE
156
%pubring $PUBRING
157
%secring $SECRING
158
%commit
159
EOF
194
160
195
161
umask 027
196
162
197
if [ "$mode" = keygen ]; then
198
# Create batch file for GnuPG
199
cat >"$BATCHFILE" <<-EOF
200
Key-Type: $KEYTYPE
201
Key-Length: $KEYLENGTH
202
#Key-Usage: encrypt,sign,auth
203
Subkey-Type: $SUBKEYTYPE
204
Subkey-Length: $SUBKEYLENGTH
205
#Subkey-Usage: encrypt,sign,auth
206
Name-Real: $KEYNAME
207
$KEYCOMMENTLINE
208
$KEYEMAILLINE
209
Expire-Date: $KEYEXPIRE
210
#Preferences: <string>
211
#Handle: <no-spaces>
212
%pubring $PUBRING
213
%secring $SECRING
214
%commit
215
EOF
216
217
# Generate a new key in the key rings
218
gpg --no-random-seed-file --quiet --batch --no-tty \
219
--no-default-keyring --no-options --enable-dsa2 \
220
--secret-keyring "$SECRING" --keyring "$PUBRING" \
221
--gen-key "$BATCHFILE"
222
rm --force "$BATCHFILE"
223
224
# Backup any old key files
225
if cp --backup=numbered --force "$SECKEYFILE" "$SECKEYFILE" \
226
2>/dev/null; then
227
shred --remove "$SECKEYFILE"
228
fi
229
if cp --backup=numbered --force "$PUBKEYFILE" "$PUBKEYFILE" \
230
2>/dev/null; then
231
rm --force "$PUBKEYFILE"
232
fi
233
234
FILECOMMENT="Mandos client key for $KEYNAME"
235
if [ "$KEYCOMMENT" != "$KEYCOMMENT_ORIG" ]; then
236
FILECOMMENT="$FILECOMMENT ($KEYCOMMENT)"
237
fi
238
239
if [ -n "$KEYEMAIL" ]; then
240
FILECOMMENT="$FILECOMMENT <$KEYEMAIL>"
241
fi
242
243
# Export keys from key rings to key files
244
gpg --no-random-seed-file --quiet --batch --no-tty --armor \
245
--no-default-keyring --no-options --enable-dsa2 \
246
--secret-keyring "$SECRING" --keyring "$PUBRING" \
247
--export-options export-minimal --comment "$FILECOMMENT" \
248
--output "$SECKEYFILE" --export-secret-keys
249
gpg --no-random-seed-file --quiet --batch --no-tty --armor \
250
--no-default-keyring --no-options --enable-dsa2 \
251
--secret-keyring "$SECRING" --keyring "$PUBRING" \
252
--export-options export-minimal --comment "$FILECOMMENT" \
253
--output "$PUBKEYFILE" --export
254
fi
255
256
if [ "$mode" = password ]; then
257
# Import keys into temporary key rings
258
gpg --no-random-seed-file --quiet --batch --no-tty --armor \
259
--no-default-keyring --no-options --enable-dsa2 \
260
--homedir "$KEYDIR" --no-permission-warning \
261
--secret-keyring "$SECRING" --keyring "$PUBRING" \
262
--trust-model always --import "$SECKEYFILE"
263
gpg --no-random-seed-file --quiet --batch --no-tty --armor \
264
--no-default-keyring --no-options --enable-dsa2 \
265
--homedir "$KEYDIR" --no-permission-warning \
266
--secret-keyring "$SECRING" --keyring "$PUBRING" \
267
--trust-model always --import "$PUBKEYFILE"
268
269
# Get fingerprint of key
270
FINGERPRINT="`gpg --no-random-seed-file --quiet --batch --no-tty \
271
--armor --no-default-keyring --no-options --enable-dsa2 \
272
--homedir \"$KEYDIR\" --no-permission-warning \
273
--secret-keyring \"$SECRING\" --keyring \"$PUBRING\" \
274
--trust-model always --fingerprint --with-colons \
275
| sed -n -e '/^fpr:/{s/^fpr:.*:\\([0-9A-Z]*\\):\$/\\1/p;q}'`"
276
277
test -n "$FINGERPRINT"
278
279
FILECOMMENT="Encrypted password for a Mandos client"
280
281
stty -echo
282
echo -n "Enter passphrase: " >&2
283
sed -e '1q' \
284
| gpg --no-random-seed-file --batch --no-tty --armor \
285
--no-default-keyring --no-options --enable-dsa2 \
286
--homedir "$KEYDIR" --no-permission-warning \
287
--secret-keyring "$SECRING" --keyring "$PUBRING" \
288
--trust-model always --encrypt --recipient "$FINGERPRINT" \
289
--comment "$FILECOMMENT" \
290
> "$SECFILE"
291
echo >&2
292
stty echo
293
294
cat <<-EOF
295
[$KEYNAME]
296
host = $KEYNAME
297
fingerprint = $FINGERPRINT
298
secret =
299
EOF
300
sed -n -e '
301
/^-----BEGIN PGP MESSAGE-----$/,/^-----END PGP MESSAGE-----$/{
302
/^$/,${
303
# Remove 24-bit Radix-64 checksum
304
s/=....$//
305
# Indent four spaces
306
/^[^-]/s/^/ /p
307
}
308
}' < "$SECFILE"
309
fi
163
# Generate a new key in the key rings
164
gpg --no-random-seed-file --quiet --batch --no-tty \
165
--no-default-keyring --no-options --batch \
166
--secret-keyring "$SECRING" --keyring "$PUBRING" \
167
--gen-key "$BATCHFILE"
168
rm --force "$BATCHFILE"
169
170
# Backup any old key files
171
if cp --backup=numbered --force "$SECKEYFILE" "$SECKEYFILE" \
172
2>/dev/null; then
173
shred --remove "$SECKEYFILE"
174
fi
175
if cp --backup=numbered --force "$PUBKEYFILE" "$PUBKEYFILE" \
176
2>/dev/null; then
177
rm --force "$PUBKEYFILE"
178
fi
179
180
FILECOMMENT="Mandos client key for $KEYNAME"
181
if [ "$KEYCOMMENT" != "$KEYCOMMENT_ORIG" ]; then
182
FILECOMMENT="$FILECOMMENT ($KEYCOMMENT)"
183
fi
184
185
if [ -n "$KEYEMAIL" ]; then
186
FILECOMMENT="$FILECOMMENT <$KEYEMAIL>"
187
fi
188
189
# Export keys from key rings to key files
190
gpg --no-random-seed-file --quiet --batch --no-tty --armor \
191
--no-default-keyring --secret-keyring "$SECRING" \
192
--keyring "$PUBRING" --export-options export-minimal \
193
--comment "$FILECOMMENT" --output "$SECKEYFILE" \
194
--export-secret-keys
195
gpg --no-random-seed-file --quiet --batch --no-tty --armor \
196
--no-default-keyring --secret-keyring "$SECRING" \
197
--keyring "$PUBRING" --export-options export-minimal \
198
--comment "$FILECOMMENT" --output "$PUBKEYFILE" \
199
--export
310
200
311
201
trap - EXIT
312
202
313
set +e
314
# Remove the password file, if any
315
if [ -n "$SECFILE" ]; then
316
shred --remove "$SECFILE"
317
fi
318
203
# Remove the key rings
319
204
shred --remove "$SECRING"
320
rm --force "$PUBRING" "${PUBRING}~"
321
# Remove the trustdb, if one did not exist when we started
322
if [ -n "$TRUSTDB" ]; then
323
rm --force "$TRUSTDB"
324
fi
205
rm --force "$PUBRING"
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0