To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to mandos-keygen
- browse files at revision 78
- compare with another revision
- download diff
- download tarball
- view history from revision 78
- Committer: Teddy Hogeborn
- Date: 2008-08-16 03:29:08 UTC
- Revision ID: teddy@fukt.bsnet.se-20080816032908-ihw7c05r2mnyk389
Add feature to specify custom environment variables for plugins.
* plugin-runner.c (plugin): New members "environ" and "envc" to
contain possible custom environment.
(getplugin): Return NULL on failure instead of doing exit(); all
callers changed.
(add_to_char_array): New helper function for "add_argument" and
"add_environment".
(addargument): Renamed to "add_argument". Return bool. Call
"add_to_char_array" to actually do things.
(add_environment): New; analogous to "add_argument".
(addcustomargument): Renamed to "add_to_argv" to avoid confusion
with "add_argument".
(main): New options "--global-envs" and "--envs-for" to specify
custom environment for plugins. Print environment for
plugins in debug mode. Use asprintf instead of strcpy and
strcat. Use execve() for plugins with custom environments.
Free environment for plugin when freeing plugin list.
* plugin-runner.c (plugin): New members "environ" and "envc" to
contain possible custom environment.
(getplugin): Return NULL on failure instead of doing exit(); all
callers changed.
(add_to_char_array): New helper function for "add_argument" and
"add_environment".
(addargument): Renamed to "add_argument". Return bool. Call
"add_to_char_array" to actually do things.
(add_environment): New; analogous to "add_argument".
(addcustomargument): Renamed to "add_to_argv" to avoid confusion
with "add_argument".
(main): New options "--global-envs" and "--envs-for" to specify
custom environment for plugins. Print environment for
plugins in debug mode. Use asprintf instead of strcpy and
strcat. Use execve() for plugins with custom environments.
Free environment for plugin when freeing plugin list.
- files added:
- network-protocol.txt
- files removed:
- .bzrignore
- files modified:
- Makefile
added
removed
mandos-keygen
22
22
23
23
VERSION="1.0"
24
24
25
KEYDIR="/etc/keys/mandos"
25
KEYDIR="/etc/mandos"
26
26
KEYTYPE=DSA
27
KEYLENGTH=2048
28
SUBKEYTYPE=ELG-E
29
SUBKEYLENGTH=2048
27
KEYLENGTH=1024
30
28
KEYNAME="`hostname --fqdn`"
31
29
KEYEMAIL=""
32
30
KEYCOMMENT="Mandos client key"
33
31
KEYEXPIRE=0
34
32
FORCE=no
35
33
KEYCOMMENT_ORIG="$KEYCOMMENT"
36
mode=keygen
37
34
38
35
# Parse options
39
36
TEMP=`getopt --options vhd:t:l:n:e:c:x:f \
40
--longoptions version,help,password,dir:,type:,length:,subtype:,sublength:,name:,email:,comment:,expire:,force \
37
--longoptions version,help,dir:,type:,length:,name:,email:,comment:,expire:,force \
41
38
--name "$0" -- "$@"`
42
39
43
40
help(){
44
basename="`basename $0`"
45
41
cat <<EOF
46
Usage: $basename [ -v | --version ]
47
$basename [ -h | --help ]
48
Key creation:
49
$basename [ OPTIONS ]
50
Encrypted password creation:
51
$basename { -p | --password } [ --name NAME ] [ --dir DIR]
42
Usage: `basename $0` [options]
52
43
53
Key creation options:
44
Options:
54
45
-v, --version Show program's version number and exit
55
46
-h, --help Show this help message and exit
56
47
-d DIR, --dir DIR Target directory for key files
57
48
-t TYPE, --type TYPE Key type. Default is DSA.
58
49
-l BITS, --length BITS
59
Key length in bits. Default is 2048.
60
-s TYPE, --subtype TYPE
61
Subkey type. Default is ELG-E.
62
-L BITS, --sublength BITS
63
Subkey length in bits. Default is 2048.
50
Key length in bits. Default is 1024.
64
51
-n NAME, --name NAME Name of key. Default is the FQDN.
65
-e ADDRESS, --email ADDRESS
52
-e EMAIL, --email EMAIL
66
53
Email address of key. Default is empty.
67
-c TEXT, --comment TEXT
54
-c COMMENT, --comment COMMENT
68
55
Comment field for key. The default value is
69
56
"Mandos client key".
70
57
-x TIME, --expire TIME
71
58
Key expire time. Default is no expiration.
72
59
See gpg(1) for syntax.
73
60
-f, --force Force overwriting old keys.
74
75
Password creation options:
76
-p, --password Create an encrypted password using the keys in
77
the key directory. All options other than
78
--dir and --name are ignored.
79
61
EOF
80
62
}
81
63
82
64
eval set -- "$TEMP"
83
65
while :; do
84
66
case "$1" in
85
-p|--password) mode=password; shift;;
86
67
-d|--dir) KEYDIR="$2"; shift 2;;
87
68
-t|--type) KEYTYPE="$2"; shift 2;;
88
-s|--subtype) SUBKEYTYPE="$2"; shift 2;;
89
69
-l|--length) KEYLENGTH="$2"; shift 2;;
90
-L|--sublength) SUBKEYLENGTH="$2"; shift 2;;
91
70
-n|--name) KEYNAME="$2"; shift 2;;
92
71
-e|--email) KEYEMAIL="$2"; shift 2;;
93
72
-c|--comment) KEYCOMMENT="$2"; shift 2;;
94
-x|--expire) KEYEXPIRE="$2"; shift 2;;
73
-x|--expire) KEYCOMMENT="$2"; shift 2;;
95
74
-f|--force) FORCE=yes; shift;;
96
75
-v|--version) echo "$0 $VERSION"; exit;;
97
76
-h|--help) help; exit;;
108
87
PUBKEYFILE="$KEYDIR/pubkey.txt"
109
88
110
89
# Check for some invalid values
111
if [ ! -d "$KEYDIR" ]; then
90
if [ -d "$KEYDIR" ]; then :; else
112
91
echo "$KEYDIR not a directory" >&2
113
92
exit 1
114
93
fi
115
if [ ! -r "$KEYDIR" ]; then
116
echo "Directory $KEYDIR not readable" >&2
117
exit 1
118
fi
119
120
if [ "$mode" = keygen ]; then
121
if [ ! -w "$KEYDIR" ]; then
122
echo "Directory $KEYDIR not writeable" >&2
123
exit 1
124
fi
125
if [ -z "$KEYTYPE" ]; then
126
echo "Empty key type" >&2
127
exit 1
128
fi
129
130
if [ -z "$KEYNAME" ]; then
131
echo "Empty key name" >&2
132
exit 1
133
fi
134
135
if [ -z "$KEYLENGTH" ] || [ "$KEYLENGTH" -lt 512 ]; then
136
echo "Invalid key length" >&2
137
exit 1
138
fi
139
140
if [ -z "$KEYEXPIRE" ]; then
141
echo "Empty key expiration" >&2
142
exit 1
143
fi
144
145
# Make FORCE be 0 or 1
146
case "$FORCE" in
147
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]) FORCE=1;;
148
[Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|*) FORCE=0;;
149
esac
150
151
if { [ -e "$SECKEYFILE" ] || [ -e "$PUBKEYFILE" ]; } \
152
&& [ "$FORCE" -eq 0 ]; then
153
echo "Refusing to overwrite old key files; use --force" >&2
154
exit 1
155
fi
156
157
# Set lines for GnuPG batch file
158
if [ -n "$KEYCOMMENT" ]; then
159
KEYCOMMENTLINE="Name-Comment: $KEYCOMMENT"
160
fi
161
if [ -n "$KEYEMAIL" ]; then
162
KEYEMAILLINE="Name-Email: $KEYEMAIL"
163
fi
164
165
# Create temporary gpg batch file
166
BATCHFILE="`mktemp -t mandos-keygen-batch.XXXXXXXXXX`"
167
fi
168
169
if [ "$mode" = password ]; then
170
# Create temporary encrypted password file
171
SECFILE="`mktemp -t mandos-keygen-secfile.XXXXXXXXXX`"
172
fi
173
174
# Create temporary key ring directory
175
RINGDIR="`mktemp -d -t mandos-keygen-keyrings.XXXXXXXXXX`"
94
if [ -w "$KEYDIR" ]; then :; else
95
echo "Directory $KEYDIR not writeable" >&2
96
exit 1
97
fi
98
99
if [ -z "$KEYTYPE" ]; then
100
echo "Empty key type" >&2
101
exit 1
102
fi
103
104
if [ -z "$KEYNAME" ]; then
105
echo "Empty key name" >&2
106
exit 1
107
fi
108
109
if [ -z "$KEYLENGTH" ] || [ "$KEYLENGTH" -lt 512 ]; then
110
echo "Invalid key length" >&2
111
exit 1
112
fi
113
114
if [ -z "$KEYEXPIRE" ]; then
115
echo "Empty key expiration" >&2
116
exit 1
117
fi
118
119
# Make FORCE be 0 or 1
120
case "$FORCE" in
121
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]) FORCE=1;;
122
[Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|*) FORCE=0;;
123
esac
124
125
if { [ -e "$SECKEYFILE" ] || [ -e "$PUBKEYFILE" ]; } \
126
&& [ "$FORCE" -eq 0 ]; then
127
echo "Refusing to overwrite old key files; use --force" >&2
128
exit 1
129
fi
130
131
# Set lines for GnuPG batch file
132
if [ -n "$KEYCOMMENT" ]; then
133
KEYCOMMENTLINE="Name-Comment: $KEYCOMMENT"
134
fi
135
if [ -n "$KEYEMAIL" ]; then
136
KEYEMAILLINE="Name-Email: $KEYEMAIL"
137
fi
138
139
# Create temp files
140
BATCHFILE="`mktemp -t mandos-gpg-batch.XXXXXXXXXX`"
141
SECRING="`mktemp -t mandos-gpg-secring.XXXXXXXXXX`"
142
PUBRING="`mktemp -t mandos-gpg-pubring.XXXXXXXXXX`"
176
143
177
144
# Remove temporary files on exit
178
trap "
179
set +e; \
180
test -n \"$SECFILE\" && shred --remove \"$SECFILE\"; \
181
shred --remove \"$RINGDIR\"/sec*;
182
test -n \"$BATCHFILE\" && rm --force \"$BATCHFILE\"; \
183
rm --recursive --force \"$RINGDIR\";
184
stty echo; \
185
" EXIT
145
trap "rm --force $PUBRING $BATCHFILE; shred --remove $SECRING" EXIT
146
147
# Create batch file for GnuPG
148
cat >"$BATCHFILE" <<EOF
149
Key-Type: $KEYTYPE
150
Key-Length: $KEYLENGTH
151
#Key-Usage: encrypt,sign,auth
152
Name-Real: $KEYNAME
153
$KEYCOMMENTLINE
154
$KEYEMAILLINE
155
Expire-Date: $KEYEXPIRE
156
%pubring $PUBRING
157
%secring $SECRING
158
%commit
159
EOF
186
160
187
161
umask 027
188
162
189
if [ "$mode" = keygen ]; then
190
# Create batch file for GnuPG
191
cat >"$BATCHFILE" <<-EOF
192
Key-Type: $KEYTYPE
193
Key-Length: $KEYLENGTH
194
#Key-Usage: encrypt,sign,auth
195
Subkey-Type: $SUBKEYTYPE
196
Subkey-Length: $SUBKEYLENGTH
197
#Subkey-Usage: encrypt,sign,auth
198
Name-Real: $KEYNAME
199
$KEYCOMMENTLINE
200
$KEYEMAILLINE
201
Expire-Date: $KEYEXPIRE
202
#Preferences: <string>
203
#Handle: <no-spaces>
204
#%pubring pubring.gpg
205
#%secring secring.gpg
206
%commit
207
EOF
208
209
# Generate a new key in the key rings
210
gpg --quiet --batch --no-tty --no-options --enable-dsa2 \
211
--homedir "$RINGDIR" --trust-model always \
212
--gen-key "$BATCHFILE"
213
rm --force "$BATCHFILE"
214
215
# Backup any old key files
216
if cp --backup=numbered --force "$SECKEYFILE" "$SECKEYFILE" \
217
2>/dev/null; then
218
shred --remove "$SECKEYFILE"
219
fi
220
if cp --backup=numbered --force "$PUBKEYFILE" "$PUBKEYFILE" \
221
2>/dev/null; then
222
rm --force "$PUBKEYFILE"
223
fi
224
225
FILECOMMENT="Mandos client key for $KEYNAME"
226
if [ "$KEYCOMMENT" != "$KEYCOMMENT_ORIG" ]; then
227
FILECOMMENT="$FILECOMMENT ($KEYCOMMENT)"
228
fi
229
230
if [ -n "$KEYEMAIL" ]; then
231
FILECOMMENT="$FILECOMMENT <$KEYEMAIL>"
232
fi
233
234
# Export keys from key rings to key files
235
gpg --quiet --batch --no-tty --no-options --enable-dsa2 \
236
--homedir "$RINGDIR" --armor --export-options export-minimal \
237
--comment "$FILECOMMENT" --output "$SECKEYFILE" \
238
--export-secret-keys
239
gpg --quiet --batch --no-tty --no-options --enable-dsa2 \
240
--homedir "$RINGDIR" --armor --export-options export-minimal \
241
--comment "$FILECOMMENT" --output "$PUBKEYFILE" --export
242
fi
243
244
if [ "$mode" = password ]; then
245
# Import keys into temporary key rings
246
gpg --quiet --batch --no-tty --no-options --enable-dsa2 \
247
--homedir "$RINGDIR" --trust-model always --armor \
248
--import "$SECKEYFILE"
249
gpg --quiet --batch --no-tty --no-options --enable-dsa2 \
250
--homedir "$RINGDIR" --trust-model always --armor \
251
--import "$PUBKEYFILE"
252
253
# Get fingerprint of key
254
FINGERPRINT="`gpg --quiet --batch --no-tty --no-options \
255
--enable-dsa2 --homedir \"$RINGDIR\" --trust-model always \
256
--fingerprint --with-colons \
257
| sed -n -e '/^fpr:/{s/^fpr:.*:\\([0-9A-Z]*\\):\$/\\1/p;q}'`"
258
259
test -n "$FINGERPRINT"
260
261
FILECOMMENT="Encrypted password for a Mandos client"
262
263
stty -echo
264
echo -n "Enter passphrase: " >&2
265
sed -e '1q' \
266
| gpg --quiet --batch --no-tty --no-options --enable-dsa2 \
267
--homedir "$RINGDIR" --trust-model always --armor --encrypt \
268
--recipient "$FINGERPRINT" --comment "$FILECOMMENT" \
269
> "$SECFILE"
270
echo >&2
271
stty echo
272
273
cat <<-EOF
274
[$KEYNAME]
275
host = $KEYNAME
276
fingerprint = $FINGERPRINT
277
secret =
278
EOF
279
sed -n -e '
280
/^-----BEGIN PGP MESSAGE-----$/,/^-----END PGP MESSAGE-----$/{
281
/^$/,${
282
# Remove 24-bit Radix-64 checksum
283
s/=....$//
284
# Indent four spaces
285
/^[^-]/s/^/ /p
286
}
287
}' < "$SECFILE"
288
fi
163
# Generate a new key in the key rings
164
gpg --no-random-seed-file --quiet --batch --no-tty \
165
--no-default-keyring --no-options --batch \
166
--secret-keyring "$SECRING" --keyring "$PUBRING" \
167
--gen-key "$BATCHFILE"
168
rm --force "$BATCHFILE"
169
170
# Backup any old key files
171
if cp --backup=numbered --force "$SECKEYFILE" "$SECKEYFILE" \
172
2>/dev/null; then
173
shred --remove "$SECKEYFILE"
174
fi
175
if cp --backup=numbered --force "$PUBKEYFILE" "$PUBKEYFILE" \
176
2>/dev/null; then
177
rm --force "$PUBKEYFILE"
178
fi
179
180
FILECOMMENT="Mandos client key for $KEYNAME"
181
if [ "$KEYCOMMENT" != "$KEYCOMMENT_ORIG" ]; then
182
FILECOMMENT="$FILECOMMENT ($KEYCOMMENT)"
183
fi
184
185
if [ -n "$KEYEMAIL" ]; then
186
FILECOMMENT="$FILECOMMENT <$KEYEMAIL>"
187
fi
188
189
# Export keys from key rings to key files
190
gpg --no-random-seed-file --quiet --batch --no-tty --armor \
191
--no-default-keyring --secret-keyring "$SECRING" \
192
--keyring "$PUBRING" --export-options export-minimal \
193
--comment "$FILECOMMENT" --output "$SECKEYFILE" \
194
--export-secret-keys
195
gpg --no-random-seed-file --quiet --batch --no-tty --armor \
196
--no-default-keyring --secret-keyring "$SECRING" \
197
--keyring "$PUBRING" --export-options export-minimal \
198
--comment "$FILECOMMENT" --output "$PUBKEYFILE" \
199
--export
289
200
290
201
trap - EXIT
291
202
292
set +e
293
# Remove the password file, if any
294
if [ -n "$SECFILE" ]; then
295
shred --remove "$SECFILE"
296
fi
297
203
# Remove the key rings
298
shred --remove "$RINGDIR"/sec*
299
rm --recursive --force "$RINGDIR"
204
shred --remove "$SECRING"
205
rm --force "$PUBRING"
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0