int
read_passphrase_hash (const char *passphrase_file,
		      const md_kt_t *digest,
		      uint8_t *output,
		      int len)
{
  unsigned int outlen = 0;
  md_ctx_t md;

  ASSERT (len >= md_kt_size(digest));
  memset (output, 0, len);

  md_ctx_init(&md, digest);

  /* read passphrase file */
  {
    const int min_passphrase_size = 8;
    uint8_t buf[64];
    int total_size = 0;
    int fd = platform_open (passphrase_file, O_RDONLY, 0);

    if (fd == -1)
      msg (M_ERR, "Cannot open passphrase file: '%s'", passphrase_file);

    for (;;)
      {
	int size = read (fd, buf, sizeof (buf));
	if (size == 0)
	  break;
	if (size == -1)
	  msg (M_ERR, "Read error on passphrase file: '%s'",
	       passphrase_file);
	md_ctx_update(&md, buf, size);
	total_size += size;
      }
    close (fd);

    warn_if_group_others_accessible (passphrase_file);

    if (total_size < min_passphrase_size)
      msg (M_FATAL,
	   "Passphrase file '%s' is too small (must have at least %d characters)",
	   passphrase_file, min_passphrase_size);
  }
  md_ctx_final(&md, output);
  md_ctx_cleanup(&md);
  return md_kt_size(digest);
}
Beispiel #2
0
void
get_user_pass_auto_userid(struct user_pass *up, const char *tag)
{
    struct gc_arena gc = gc_new();
    struct buffer buf;
    uint8_t macaddr[6];
    static uint8_t digest [MD5_DIGEST_LENGTH];
    static const uint8_t hashprefix[] = "AUTO_USERID_DIGEST";

    const md_kt_t *md5_kt = md_kt_get("MD5");
    md_ctx_t *ctx;

    CLEAR(*up);
    buf_set_write(&buf, (uint8_t *)up->username, USER_PASS_LEN);
    buf_printf(&buf, "%s", TARGET_PREFIX);
    if (get_default_gateway_mac_addr(macaddr))
    {
        dmsg(D_AUTO_USERID, "GUPAU: macaddr=%s", format_hex_ex(macaddr, sizeof(macaddr), 0, 1, ":", &gc));
        ctx = md_ctx_new();
        md_ctx_init(ctx, md5_kt);
        md_ctx_update(ctx, hashprefix, sizeof(hashprefix) - 1);
        md_ctx_update(ctx, macaddr, sizeof(macaddr));
        md_ctx_final(ctx, digest);
        md_ctx_cleanup(ctx);
        md_ctx_free(ctx);
        buf_printf(&buf, "%s", format_hex_ex(digest, sizeof(digest), 0, 256, " ", &gc));
    }
    else
    {
        buf_printf(&buf, "UNKNOWN");
    }
    if (tag && strcmp(tag, "stdin"))
    {
        buf_printf(&buf, "-%s", tag);
    }
    up->defined = true;
    gc_free(&gc);

    dmsg(D_AUTO_USERID, "GUPAU: AUTO_USERID: '%s'", up->username);
}
Beispiel #3
0
int
process_incoming_push_msg(struct context *c,
                          const struct buffer *buffer,
                          bool honor_received_options,
                          unsigned int permission_mask,
                          unsigned int *option_types_found)
{
    int ret = PUSH_MSG_ERROR;
    struct buffer buf = *buffer;

#if P2MP_SERVER
    if (buf_string_compare_advance(&buf, "PUSH_REQUEST"))
    {
        ret = process_incoming_push_request(c);
    }
    else
#endif

    if (honor_received_options && buf_string_compare_advance(&buf, "PUSH_REPLY"))
    {
        const uint8_t ch = buf_read_u8(&buf);
        if (ch == ',')
        {
            struct buffer buf_orig = buf;
            if (!c->c2.pulled_options_digest_init_done)
            {
                c->c2.pulled_options_state = md_ctx_new();
                md_ctx_init(c->c2.pulled_options_state, md_kt_get("SHA256"));
                c->c2.pulled_options_digest_init_done = true;
            }
            if (!c->c2.did_pre_pull_restore)
            {
                pre_pull_restore(&c->options, &c->c2.gc);
                c->c2.did_pre_pull_restore = true;
            }
            if (apply_push_options(&c->options,
                                   &buf,
                                   permission_mask,
                                   option_types_found,
                                   c->c2.es))
            {
                push_update_digest(c->c2.pulled_options_state, &buf_orig,
                                   &c->options);
                switch (c->options.push_continuation)
                {
                    case 0:
                    case 1:
                        md_ctx_final(c->c2.pulled_options_state, c->c2.pulled_options_digest.digest);
                        md_ctx_cleanup(c->c2.pulled_options_state);
                        md_ctx_free(c->c2.pulled_options_state);
                        c->c2.pulled_options_state = NULL;
                        c->c2.pulled_options_digest_init_done = false;
                        ret = PUSH_MSG_REPLY;
                        break;

                    case 2:
                        ret = PUSH_MSG_CONTINUATION;
                        break;
                }
            }
        }
        else if (ch == '\0')
        {
            ret = PUSH_MSG_REPLY;
        }
        /* show_settings (&c->options); */
    }
    return ret;
}
void
md5_state_final (struct md5_state *s, struct md5_digest *out)
{
  md_ctx_final(&s->ctx, out->digest);
  md_ctx_cleanup(&s->ctx);
}