/* -*-c-*-
*
- * $Id: pixie.c,v 1.14 2004/04/08 01:36:15 mdw Exp $
+ * $Id$
*
* Passphrase pixie for Catacomb
*
* (c) 1999 Straylight/Edgeware
*/
-/*----- Licensing notice --------------------------------------------------*
+/*----- Licensing notice --------------------------------------------------*
*
* This file is part of Catacomb.
*
* it under the terms of the GNU Library General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or (at your option) any later version.
- *
+ *
* Catacomb is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Library General Public License for more details.
- *
+ *
* You should have received a copy of the GNU Library General Public
* License along with Catacomb; if not, write to the Free
* Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
{
if (p->t)
sel_rmtimer(&p->timer);
- free(p->tag);
+ xfree(p->tag);
l_free(&lm, p->p);
p->next->prev = p->prev;
p->prev->next = p->next;
return (p);
if (P_ROOT->next == P_ROOT)
return (0);
- if (verbose) {
+ if (verbose) {
log("flushing passphrase `%s' to free up needed space",
P_ROOT->next->tag);
}
if (dup2(fd[1], STDOUT_FILENO) < 0)
_exit(127);
close(fd[0]);
- execl("/bin/sh", "sh", "-c", d.buf, (void *)0);
+ execl("/bin/sh", "sh", "-c", d.buf, (char *)0);
_exit(127);
}
case 'h': t *= 60;
case 'm': t *= 60;
case 's': if (q[1] != 0)
- default: t = 0;
+ default: t = 0;
case 0: break;
}
return (t);
#define cf_uclose 1u
#define cf_sclose 2u
+#define cf_cooked 4u
/* --- Line handler functions --- */
}
exit(0);
}
- puts(s);
+ if (!(c_flags & cf_cooked))
+ puts(s);
+ else {
+ char *q = str_getword(&s);
+ if (strcmp(q, "FAIL") == 0)
+ die(1, "%s", s);
+ else if (strcmp(q, "INFO") == 0 ||
+ strcmp(q, "ITEM") == 0)
+ puts(s);
+ else if (strcmp(q, "OK") == 0) {
+ if (s && *s) puts(s);
+ } else if (strcmp(q, "MISSING") == 0)
+ ;
+ else
+ moan("unexpected output: %s %s", q, s);
+ }
}
/* --- @pix_client@ --- *
DPUTC(&d, '\n');
write(fd, d.buf, d.len);
shutdown(fd, 1);
- c_flags |= cf_uclose;
+ c_flags |= cf_uclose | cf_cooked;
dstr_destroy(&d);
- }
+ }
/* --- And repeat --- */
{
pquis(fp, "\
Usage:\n\
- $ [-qvfidl] [-c command] [-t timeout] [-s socket]\n\
- $ [-s socket] -C [command args...]\n\
+ $ [-qvfidl] [-c COMMAND] [-t TIMEOUT] [-s SOCKET]\n\
+ $ [-s SOCKET] -C [COMMAND ARGS...]\n\
+ $ [-s SOCKET] -P[P] TAG\n\
");
}
-u, --usage Show a (very) terse usage summary.\n\
\n\
-C, --client Connect to a running pixie as a client.\n\
+-P, --passphrase Request passphrase TAG and print to stdout.\n\
+-PP, --verify-passphrase\n\
+ Verify passphrase TAG and print to stdout.\n\
\n\
-q, --quiet Emit fewer log messages.\n\
-v, --version Emit more log messages.\n\
#define f_stdin 4u
#define f_daemon 8u
#define f_syslog 16u
+#define f_fetch 32u
+#define f_verify 64u
/* --- Initialize libraries --- */
{ "quiet", 0, 0, 'q' },
{ "verbose", 0, 0, 'v' },
{ "client", 0, 0, 'C' },
+ { "passphrase", 0, 0, 'P' },
+ { "verify-passphrase", 0, 0, '+' },
{ "socket", OPTF_ARGREQ, 0, 's' },
{ "command", OPTF_ARGREQ, 0, 'c' },
{ "fetch", 0, 0, 'f' },
/* --- Magic terminator --- */
- { 0, 0, 0, 0 }
+ { 0, 0, 0, 0 }
};
- int i = mdwopt(argc, argv, "hVuqvCs:c:ft:idl", opts, 0, 0, 0);
+ int i = mdwopt(argc, argv, "hVuqvCPs:c:ft:idl", opts, 0, 0, 0);
if (i < 0)
break;
break;
case 'C':
f |= f_client;
+ f &= ~f_fetch;
+ break;
+ case 'P':
+ if (!(f & f_fetch))
+ f |= f_fetch;
+ else
+ f |= f_verify;
+ break;
+ case '+':
+ f |= f_fetch | f_verify;
+ f &= ~f_client;
break;
case 's':
path = optarg;
}
}
- if (f & f_bogus || (optind < argc && !(f & f_client))) {
+ if (f & f_bogus ||
+ (optind < argc && !(f & (f_client|f_fetch))) ||
+ ((f & f_fetch) && optind != argc - 1)) {
usage(stderr);
exit(1);
}
+ /* --- Handle request for a passphrase --- */
+
+ if (f & f_fetch) {
+ char *buf = l_alloc(&lm, 1024);
+ passphrase_connect(path);
+ if (passphrase_read(argv[optind],
+ (f & f_verify) ? PMODE_VERIFY : PMODE_READ,
+ buf, 1024))
+ die(1, "failed to read passphrase: %s", strerror(errno));
+ puts(buf);
+ return (0);
+ }
+
/* --- Set up the socket address --- */
sun = pixie_address(path, &sz);
/* --- Fork into the background if requested --- */
- if (f & f_daemon) {
+ if (f & f_daemon) {
pid_t kid;
if (((f & f_stdin) &&