Annotation of src/usr.bin/tcfs/tcfsputkey.c, Revision 1.12
1.12 ! deraadt 1: /* $OpenBSD: tcfsputkey.c,v 1.11 2000/06/20 18:15:57 aaron Exp $ */
1.6 fgsch 2:
1.1 provos 3: /*
4: * Transparent Cryptographic File System (TCFS) for NetBSD
5: * Author and mantainer: Luigi Catuogno [luicat@tcfs.unisa.it]
6: *
7: * references: http://tcfs.dia.unisa.it
8: * tcfs-bsd@tcfs.unisa.it
9: */
10:
11: /*
12: * Base utility set v0.1
13: */
14:
15: #include <sys/types.h>
16: #include <sys/param.h>
1.4 fgsch 17: #include <sys/mount.h>
1.1 provos 18: #include <ctype.h>
19: #include <pwd.h>
1.4 fgsch 20: #include <stdio.h>
21: #include <stdlib.h>
22: #include <string.h>
1.1 provos 23: #include <unistd.h>
24:
25: #include <miscfs/tcfs/tcfs.h>
26: #include "tcfslib.h"
27: #include "tcfserrors.h"
28: #include <grp.h>
29:
30: extern char *optarg;
31: extern int optind;
32: char *putkey_usage=
1.12 ! deraadt 33: "usage: tcfsputkey [-k] [-f filesystem-label] [-g group] [-p mount-point]\n";
1.1 provos 34:
35: int
36: putkey_main(int argc, char *argv[])
37: {
1.7 aaron 38: char *user, *password, *tcfskey;
1.1 provos 39: uid_t uid;
1.10 fgsch 40: gid_t gid = 0;
41: int es = 0, treshold;
1.1 provos 42: char x;
43: tcfspwdb *info;
44: tcfsgpwdb *ginfo;
45: char fslabel[MAXPATHLEN], fspath[MAXPATHLEN];
46: int def = TRUE, havempname = FALSE, havefsname = FALSE;
47: int isgroupkey = FALSE;
48: int havename = FALSE, havefspath = FALSE, havekey = FALSE;
49:
1.11 aaron 50: while ((x = getopt(argc, argv, "kf:p:g:")) != -1) {
1.1 provos 51: switch(x) {
52: case 'k':
53: def = FALSE;
54: break;
55: case 'p':
56: havempname = TRUE;
57: strlcpy(fspath, optarg, sizeof(fspath));
58: break;
59: case 'f':
60: havefsname = TRUE;
61: strlcpy(fslabel, optarg, sizeof(fslabel));
62: break;
63: case 'g':
64: isgroupkey = TRUE;
65: def = TRUE;
66: gid = atoi(optarg);
67: if (!gid && optarg[0] != 0) {
68: struct group *grp;
1.8 aaron 69:
1.1 provos 70: grp = (struct group *)getgrnam(optarg);
71: if (!grp)
1.8 aaron 72: tcfs_error(ER_CUSTOM,
73: "Nonexistant group\n");
1.1 provos 74: gid = grp->gr_gid;
75: }
76: break;
77: default:
78: tcfs_error(ER_CUSTOM, putkey_usage);
79: exit(ER_UNKOPT);
80: }
81: }
82: if (argc - optind)
1.7 aaron 83: tcfs_error(ER_UNKOPT, NULL);
1.1 provos 84:
85: if (havefsname && havempname) {
86: tcfs_error(ER_CUSTOM, putkey_usage);
87: exit(1);
88: }
89:
90: if (havefsname) {
1.7 aaron 91: es = tcfs_getfspath(fslabel, fspath);
1.1 provos 92: havename = TRUE;
93: }
94:
95: if (havefspath)
96: havename = TRUE;
97:
98: if (!havename)
1.7 aaron 99: es = tcfs_getfspath("default", fspath);
1.1 provos 100:
101: if (!es) {
1.7 aaron 102: tcfs_error(ER_CUSTOM, "fs-label not found!\n");
1.1 provos 103: exit(1);
104: }
105:
106: uid = getuid();
107:
108: if (isgroupkey) {
1.7 aaron 109: if (!unix_auth(&user, &password, TRUE))
110: tcfs_error(ER_AUTH, user);
1.1 provos 111:
112: if (!tcfsgpwdbr_new(&ginfo))
1.7 aaron 113: tcfs_error(ER_MEM, NULL);
1.1 provos 114:
1.7 aaron 115: if (!tcfs_ggetpwnam(user, gid, &ginfo))
116: tcfs_error(ER_CUSTOM, "Default key non found");
1.1 provos 117:
118: if (!strlen(ginfo->gkey))
1.7 aaron 119: tcfs_error(ER_CUSTOM, "Invalid default key");
1.1 provos 120:
1.8 aaron 121: tcfskey = (char *)malloc(UUKEYSIZE);
1.1 provos 122: if (!tcfskey)
1.7 aaron 123: tcfs_error(ER_MEM, NULL);
1.1 provos 124:
125: treshold = ginfo->soglia;
126:
1.3 provos 127: if (!tcfs_decrypt_key(password, ginfo->gkey, tcfskey, GKEYSIZE))
128: tcfs_error(ER_CUSTOM, "Could not decrypt group key");
1.1 provos 129:
1.7 aaron 130: es = tcfs_group_enable(fspath, uid, gid, treshold, tcfskey);
1.1 provos 131:
1.7 aaron 132: if (es == -1) {
133: tcfs_error(ER_CUSTOM, "problems updating filesystem");
1.1 provos 134: }
135:
136: exit(0);
137: }
138:
139:
1.7 aaron 140: if (!def) {
1.1 provos 141: tcfskey = getpass("Insert tcfs-key:");
142: havekey = TRUE;
143: } else {
1.7 aaron 144: if (!unix_auth(&user, &password, TRUE))
145: tcfs_error(ER_AUTH, user);
1.1 provos 146:
1.7 aaron 147: if (!tcfspwdbr_new(&info))
148: tcfs_error(ER_MEM, NULL);
1.1 provos 149:
1.7 aaron 150: if (!tcfs_getpwnam(user, &info))
151: tcfs_error(ER_CUSTOM, "Default key non found");
1.1 provos 152:
1.7 aaron 153: if (!strlen(info->upw))
1.3 provos 154: tcfs_error(ER_CUSTOM, "Invalid default key");
1.1 provos 155:
1.8 aaron 156: tcfskey = (char *)malloc(UUKEYSIZE);
1.7 aaron 157: if (!tcfskey)
1.3 provos 158: tcfs_error(ER_MEM, NULL);
1.1 provos 159:
1.3 provos 160: if (!tcfs_decrypt_key (password, info->upw, tcfskey, KEYSIZE))
161: tcfs_error(ER_CUSTOM, "Could not decrypt key");
1.1 provos 162: havekey = TRUE;
163: }
164:
165: es = tcfs_user_enable(fspath, uid, tcfskey);
166:
1.7 aaron 167: if (es == -1)
168: tcfs_error(ER_CUSTOM, "problems updating filesystem");
1.1 provos 169:
170: exit(0);
171: }