static char * _zuluCryptResolveDevRoot( void )
{
const char * e ;
char * dev ;
string_t st = StringGetFromVirtualFile( "/proc/cmdline" ) ;
stringList_t stl = StringListStringSplit( st,' ' ) ;
StringDelete( &st ) ;
st = StringListHasSequence_1( stl,"root=/dev/" ) ;
if( st != StringVoid ){
e = StringContent( st ) + 5 ;
dev = zuluCryptResolvePath( e ) ;
}else{
st = StringListHasSequence_1( stl,"root=UUID=" ) ;
if( st != StringVoid ){
/*
* zuluCryptDeviceFromUUID() is defined in ./blkid_evaluate_tag.c
*/
e = StringContent( st ) + 10 ;
dev = zuluCryptDeviceFromUUID( e ) ;
}else{
dev = NULL ;
}
}
StringListDelete( &stl ) ;
return dev ;
}
static string_t _root_device( const char * device,const char ** sys_device )
{
size_t e ;
ssize_t r ;
string_t st = String( device ) ;
if( StringStartsWithAtLeastOne( st,"/dev/sd","/dev/hd",NULL ) ){
/*
* this path will convert something like: "/dev/sdc12" to "/dev/sdc".
* basically,it removes digits from the end of the string to give the root device
* required by tcplay's system volume or fde volume
*/
*sys_device = StringRemoveDigits( st ) ;
}else if( StringStartsWith( st,"/dev/mmc" ) ){
/*
* device path will be something like "/dev/mmcblk0p2" and what we want to do
* is cut off the string from p to end iwth "/dev/mmcblk0"
*/
r = StringIndexOfChar( st,0,'p' ) ;
if( r != -1 ){
e = StringLength( st ) - ( size_t )r ;
*sys_device = StringRemoveRight( st,e ) ;
}else{
*sys_device = StringContent( st ) ;
}
}else{
*sys_device = StringContent( st ) ;
}
return st ;
}
static int mount_point_prefix_match_0( const char * m_path,uid_t uid,string_t * m_point,int home_prefix )
{
int st ;
/*
* zuluCryptGetUserName() is defined in ../lib/user_home_path.c
*/
string_t uname ;
/*
* below constant are set in ../constants.h
*/
const char * str ;
if( home_prefix ){
uname = zuluCryptGetUserHomePath( uid ) ;
str = StringContent( uname ) ;
}else{
uname = zuluCryptGetUserName( uid ) ;
StringPrepend( uname,"/run/media/private/" ) ;
str = StringAppendChar( uname,'/' ) ;
}
st = StringPrefixEqual( m_path,str ) ;
if( m_point ){
*m_point = uname ;
}else{
StringDelete( &uname ) ;
}
return st ;
}
int zuluCryptOpenPlain_1( const open_struct_t * opt )
{
int mode ;
string_t st ;
int fd ;
int r ;
if( StringPrefixEqual( opt->device,"/dev/" ) ){
return _open_plain( opt->device,opt ) ;
}else{
if( StringHasComponent( opt->m_opts,"ro" ) ){
mode = O_RDONLY ;
}else{
mode = O_RDWR ;
}
/*
* zuluCryptAttachLoopDeviceToFile() is defined in ./create_loop.c
*/
if( zuluCryptAttachLoopDeviceToFile( opt->device,mode,&fd,&st ) ){
r = _open_plain( StringContent( st ),opt ) ;
StringDelete( &st ) ;
close( fd ) ;
return r ;
}else{
return 2 ;
}
}
}
int zuluCryptEXEVolumeInfo( const char * mapper,const char * device,uid_t uid )
{
char * output ;
int xt ;
/*
* ZULUCRYPTlongMapperPath is set in ../constants.h
* zuluCryptCreateMapperName() is defined at ../lib/create_mapper_name.c
*/
string_t p = zuluCryptCreateMapperName( device,mapper,uid,ZULUCRYPTlongMapperPath ) ;
zuluCryptSecurityGainElevatedPrivileges() ;
/*
*zuluCryptVolumeStatus() is defined in ../lib/status.c
*/
output = zuluCryptVolumeStatus( StringContent( p ) ) ;
zuluCryptSecurityDropElevatedPrivileges() ;
if( output != NULL ){
printf( "%s\n",output ) ;
StringFree( output ) ;
xt = 0 ;
}else{
printf( gettext( "ERROR: Could not get volume properties,volume is not open or was opened by a different user\n" ) ) ;
xt = 2 ;
}
StringDelete( &p ) ;
return xt ;
}
static stringList_t _eval_path( string_t path,stringList_t stl_1 )
{
string_t st ;
const char * e ;
char * ac ;
if( StringStartsWith( path,"/" ) ){
/*
* zuluCryptResolvePath_1() is defined in resolve_paths.c
*/
st = zuluCryptResolvePath_1( StringContent( path ) ) ;
if( st != StringVoid ){
stl_1 = StringListAppendString_1( stl_1,&st ) ;
}
}else if( StringStartsWith( path,"UUID=" ) ){
/*
* check above did not find '/' character and we are in this block assuming the line uses UUID
*/
e = StringRemoveString( path,"\"" ) ;
/*
* zuluCryptEvaluateDeviceTags() is defined in path_access.c
*/
ac = zuluCryptEvaluateDeviceTags( "UUID",e + 5 ) ;
if( ac != NULL ){
stl_1 = StringListAppend( stl_1,ac ) ;
StringFree( ac ) ;
}
}
return stl_1 ;
}
static void _print_list( stringList_t stl )
{
const char * e ;
char * z ;
StringListIterator it ;
StringListIterator end ;
StringListGetIterators( stl,&it,&end ) ;
while( it != end ){
e = StringContent( *it ) ;
it++ ;
if( StringPrefixEqual( e,"/dev/loop" ) ){
/*
* zuluCryptLoopDeviceAddress_1() is defined in ../lib/create_loop_device.c
*/
z = zuluCryptLoopDeviceAddress_1( e ) ;
if( z != NULL ){
puts( z ) ;
StringFree( z ) ;
}else{
puts( e ) ;
}
}else{
puts( e ) ;
}
}
}
int zuluCryptCreateTCrypt( const char * device,const char * file_system,const char * rng,
const char * key,size_t key_len,int key_source,
u_int64_t hidden_volume_size,
const char * file_system_h,const char * key_h,size_t key_len_h,int key_source_h )
{
int fd ;
string_t q = StringVoid ;
int r ;
if( StringPrefixEqual( device,"/dev/" ) ){
r = _create_tcrypt_volume( device,file_system,rng,key,key_len,key_source,
hidden_volume_size,file_system_h,key_h,key_len_h,key_source_h ) ;
}else{
/*
* zuluCryptAttachLoopDeviceToFile() is defined in create_loop_device.c
*/
if( zuluCryptAttachLoopDeviceToFile( device,O_RDWR,&fd,&q ) ){
device = StringContent( q ) ;
r = _create_tcrypt_volume( device,file_system,rng,key,key_len,key_source,
hidden_volume_size,file_system_h,key_h,key_len_h,key_source_h ) ;
close( fd ) ;
StringDelete( &q ) ;
}else{
r = 3 ;
}
}
return r ;
}
static void _get_result( arguments * args )
{
string_t st ;
int fd ;
const char * device = args->opts->device ;
if( StringPrefixEqual( device,"/dev/" ) ){
_get_result_0( device,args ) ;
}else{
/*
* zuluCryptAttachLoopDeviceToFile() is defined in create_loop_device.c
*/
if( zuluCryptAttachLoopDeviceToFile( device,args->opts->open_mode,&fd,&st ) ){
_get_result_0( StringContent( st ),args ) ;
StringDelete( &st ) ;
close( fd ) ;
}else{
_get_error( args ) ;
}
}
}
int zuluCryptOpenTcrypt( const char * device,const char * mapper,const char * key,size_t key_len,
int key_source,int volume_type,const char * m_point,
uid_t uid,unsigned long m_flags,const char * fs_opts )
{
open_struct_t opts ;
string_t st ;
int r ;
const char * keyfile ;
memset( &opts,'\0',sizeof( open_struct_t ) ) ;
opts.device = device ;
opts.mapper_name = mapper ;
opts.volume_type = volume_type ;
opts.m_point = m_point ;
opts.uid = uid ;
opts.m_flags = m_flags ;
opts.fs_opts = fs_opts ;
if( m_flags & MS_RDONLY ){
opts.m_opts = "ro" ;
}else{
opts.m_opts = "rw" ;
}
if( key_source == TCRYPT_KEYFILE ){
st = zuluCryptCreateKeyFile( key,key_len,"open_tcrypt-" ) ;
if( st != StringVoid ){
keyfile = StringContent( st ) ;
opts.tcrypt_keyfiles_count = 1 ;
opts.tcrypt_keyfiles = &keyfile ;
r = zuluCryptOpenTcrypt_1( &opts ) ;
/*
* zuluCryptDeleteFile() is defined in open_path_security.c
*/
zuluCryptDeleteFile( keyfile ) ;
StringDelete( &st ) ;
}else{
r = 1 ;
}
}else if( key_source == TCRYPT_KEYFILE_FILE ){
opts.tcrypt_keyfiles_count = 1 ;
opts.tcrypt_keyfiles = &key ;
r = zuluCryptOpenTcrypt_1( &opts ) ;
}else{
opts.key_len = key_len ;
opts.key = key ;
r = zuluCryptOpenTcrypt_1( &opts ) ;
}
return r ;
}
int zuluCryptEXECloseVolume( const char * dev,const char * mapping_name,uid_t uid )
{
int st ;
int i ;
string_t p = StringVoid ;
char * m_point = NULL ;
struct stat xt ;
const char * mapper ;
/*
* ZULUCRYPTlongMapperPath is set in ../constants.h
* zuluCryptCreateMapperName() defined in ../lib/create_mapper_name.c
*/
p = zuluCryptCreateMapperName( dev,mapping_name,uid,ZULUCRYPTlongMapperPath ) ;
mapper = StringContent( p ) ;
if( stat( mapper,&xt ) != 0 ){
return zuluExit( 1,p ) ;
}
/*
* zuluCryptBindUnmountVolume() is defined in ./bind.c
*/
switch( zuluCryptBindUnmountVolume( StringListVoid,mapper,uid ) ){
case 3 : return zuluExit( 7,p ) ;
case 4 : return zuluExit( 8,p ) ;
case 5 : return zuluExit( 9,p ) ;
default: ;
}
zuluCryptSecurityGainElevatedPrivileges() ;
/*
* zuluCryptCloseVolume() is defined in ../lib/close_volume.c
*/
st = zuluCryptCloseVolume( mapper,&m_point ) ;
if( st == 0 && m_point != NULL ){
for( i = 0 ; i < 2 ; i++ ){
if( rmdir( m_point ) == 0 ){
break ;
}else{
sleep( 1 ) ;
}
}
StringFree( m_point ) ;
}
zuluCryptSecurityDropElevatedPrivileges() ;
return zuluExit( st,p ) ;
}
int zuluCryptBindSharedMountPointPathTaken( string_t path )
{
struct stat str ;
ssize_t index = StringLastIndexOfChar( path,'/' ) ;
string_t st = String( "/run/media/public" ) ;
const char * e = StringAppend( st,StringContent( path ) + index ) ;
int r = stat( e,&str ) ;
StringDelete( &st ) ;
return r == 0 ;
}
void zuluCryptSecurityUnlockMemory_1( string_t st )
{
void * e ;
size_t f ;
if( st != StringVoid ){
e = ( void * )StringContent( st ) ;
f = StringLength( st ) ;
memset( e,'\0',f ) ;
munlock( e,f ) ;
}
}
void zuluCryptSecurityLockMemory( stringList_t stl )
{
StringListIterator it ;
StringListIterator end ;
string_t st ;
StringListGetIterators( stl,&it,&end ) ;
while( it != end ){
st = *it ;
it++ ;
mlock( StringContent( st ),StringLength( st ) ) ;
}
}
static int _mounted( ssize_t( *function )( stringList_t,const char * ),string_t st )
{
stringList_t stl = zuluCryptGetMoutedList() ;
ssize_t r = function( stl,StringContent( st ) ) ;
StringListDelete( &stl ) ;
StringDelete( &st ) ;
return r != -1 ;
}
static const char * _remove_duplicates( string_t st )
{
const char ** z = StringPointer( st ) ;
while( StringHasComponent( *z,",," ) ){
StringReplaceString( st,",,","," ) ;
}
if( StringEndsWithChar( st,',' ) ){
return StringRemoveRight( st,1 ) ;
}else{
return StringContent( st ) ;
}
}
static const char * _clean_loop_path( string_t xt )
{
if( StringEndsWith( xt," (deleted)\n" ) ){
return StringRemoveString( xt," (deleted)\n" ) ;
}else if( StringEndsWith( xt,"\n" ) ){
return StringRemoveRight( xt,1 ) ;
}else{
return StringContent( xt ) ;
}
}
static int attach_device_to_loop( int fd_path,int * fd_loop,
string_t loop_device,int mode )
{
char * path ;
size_t size ;
struct loop_info64 l_info ;
*fd_loop = open( StringContent( loop_device ),mode ) ;
memset( &l_info,'\0',sizeof( struct loop_info64 ) ) ;
if( *fd_loop == -1 ){
return 0 ;
}
if( ioctl( *fd_loop,LOOP_SET_FD,fd_path ) == -1 ){
return 0 ;
}
if( ioctl( *fd_loop,LOOP_GET_STATUS64,&l_info ) == -1 ){
return 0;
}
l_info.lo_flags |= LO_FLAGS_AUTOCLEAR;
path = zuluCryptGetFileNameFromFileDescriptor( fd_path ) ;
if( path == NULL ){
return 0 ;
}else{
size = sizeof( l_info.lo_file_name ) ;
strncpy( ( char * )l_info.lo_file_name,path,size ) ;
l_info.lo_file_name[ size - 1 ] = '\0' ;
free( path ) ;
if( ioctl( *fd_loop,LOOP_SET_STATUS64,&l_info ) == -1 ){
return 0 ;
}else{
return 1 ;
}
}
}
int zuluCryptAddKey( const char * device,const char * existingkey,size_t existingkey_size,const char * newkey,size_t newkey_size )
{
string_t st ;
int fd ;
int r ;
if( StringPrefixEqual( device,"/dev/" ) ){
return _add_key( device,existingkey,existingkey_size,newkey,newkey_size ) ;
}else{
/*
* zuluCryptAttachLoopDeviceToFile() is defined in ./create_loop.c
*/
if( zuluCryptAttachLoopDeviceToFile( device,O_RDWR,&fd,&st ) ){
r = _add_key( StringContent( st ),existingkey,existingkey_size,newkey,newkey_size ) ;
StringDelete( &st ) ;
close( fd ) ;
return r ;
}else{
return 1 ;
}
}
}
int zuluCryptCreateVolume( const char * dev,const char * fs,const char * type,const char * pass,size_t pass_size,const char * rng )
{
string_t st ;
int fd ;
int r ;
if( StringPrefixMatch( dev,"/dev/",5 ) ){
return _create_volume( dev,fs,type,pass,pass_size,rng ) ;
}else{
/*
* zuluCryptAttachLoopDeviceToFile() is defined in ./create_loop.c
*/
if( zuluCryptAttachLoopDeviceToFile( dev,O_RDWR,&fd,&st ) ){
r = _create_volume( StringContent( st ),fs,type,pass,pass_size,rng ) ;
StringDelete( &st ) ;
close( fd ) ;
return r ;
}else{
return 3 ;
}
}
}
int zuluCryptRemoveKey( const char * device ,const char * pass,size_t pass_size )
{
string_t st ;
int fd ;
int r ;
if( StringPrefixEqual( device,"/dev/" ) ){
return _remove_key( device,pass,pass_size ) ;
}else{
/*
* zuluCryptAttachLoopDeviceToFile() is defined in ./create_loop.c
*/
if( zuluCryptAttachLoopDeviceToFile( device,O_RDWR,&fd,&st ) ){
r = _remove_key( StringContent( st ),pass,pass_size ) ;
StringDelete( &st ) ;
close( fd ) ;
return r ;
}else{
return 2 ;
}
}
}
static string_t _create_path( uid_t uid,string_t path,int need_privileges )
{
string_t st = StringVoid ;
const char * m_point = StringContent( path ) ;
if( m_point != NULL ){
if( need_privileges ){
zuluCryptSecurityGainElevatedPrivileges() ;
st = _create_path_0( m_point,uid,path ) ;
zuluCryptSecurityDropElevatedPrivileges() ;
}else{
st = _create_path_0( m_point,uid,path ) ;
}
}
return st ;
}
char * zuluCryptEmptySlots( const char * device )
{
string_t st ;
int fd ;
char * r ;
if( StringPrefixEqual( device,"/dev/" ) ){
return _empty_slots( device ) ;
}else{
/*
* zuluCryptAttachLoopDeviceToFile() is defined in ./create_loop.c
*/
if( zuluCryptAttachLoopDeviceToFile( device,O_RDONLY,&fd,&st ) ){
r = _empty_slots( StringContent( st ) ) ;
StringDelete( &st ) ;
close( fd ) ;
return r ;
}else{
return NULL ;
}
}
}
void zuluCryptSecurityUnlockMemory( stringList_t stl )
{
StringListIterator it ;
StringListIterator end ;
string_t st ;
void * e ;
size_t f ;
StringListGetIterators( stl,&it,&end ) ;
while( it != end ){
st = *it ;
it++ ;
if( st != StringVoid ){
e = ( void * )StringContent( st ) ;
f = StringLength( st ) ;
memset( e,'\0',f ) ;
munlock( e,f ) ;
}
}
}
int zuluCryptMountHasNotAllowedFileSystemOptions( uid_t uid,const char * fs_opts,string_t s )
{
const char * fs = StringContent( s ) ;
if( fs == NULL ){
/*
* cant mount a volume with no file system,shouldnt even get here
*/
return 1 ;
}
if( zulucryptFileSystemIsSupported( fs ) ){
/*
* file system is supported
*/
if( fs_opts == NULL ){
/*
* file system is supported and user did not change default fs option.
* return early with success
*/
return 0 ;
}
if( _option_contain_not_allowed( fs,fs_opts ) ){
/*
* file system options are not supported,only privileged users should be allowed to mount
*/
if( _userIsAllowed( uid,fs ) ){
/*
* user is allowed to use non default fs options
*/
return 0 ;
}else{
/*
* user not allowed to use non default fs options
*/
return 1 ;
}
}else{
/*
* supported file system with default options,allow it
*/
return 0 ;
}
}else{
/*
* not supported file system
*/
if( _userIsAllowed( uid,fs ) ){
/*
* user is allowed to use a not supported file system.
* We cant check for supported fs options in a non supported file system so just return
* with success.
*/
return 0 ;
}else{
/*
* user not allowed to use the file system,return early with error since we cant support
* file system options in a not supported file system
*/
return 1 ;
}
}
}
void zuluCryptDeleteFile_1( string_t st )
{
zuluCryptDeleteFile( StringContent( st ) ) ;
}
static int crypt_opt( const struct_opts * opts,uid_t uid,int opt )
{
string_t q = StringVoid ;
string_t p = StringVoid ;
int st ;
const char * source = opts->device ;
const char * dest = opts->m_opts ;
const char * passphrase = opts->key ;
const char * type = opts->key_source ;
return zuluExit( 16 ) ;
if( dest == NULL ){
return zuluExit( 9 ) ;
}
if( source == NULL ){
return zuluExit( 14 ) ;
}
/*
* zuluCryptPathStartsWith() is defined in real_path.c
*/
if( zuluCryptPathStartsWith( dest,"/dev/" ) ){
return zuluExit( 10 ) ;
}
if( zuluCryptPathStartsWith( source,"/dev/" ) ){
return zuluExit( 15 ) ;
}
/*
* zuluCryptPathIsValid() is defined in ../lib/is_path_valid.c
*/
if( zuluCryptPathIsValid( dest ) ){
return zuluExit( 5 ) ;
}
/*
* zuluCryptPathIsNotValid() is defined in ../lib/is_path_valid.c
*/
if( zuluCryptPathIsNotValid( source ) ){
return zuluExit( 6 ) ;
}
/*
* below two functions are defined in path_access.c
*/
if( zuluCryptCanOpenPathForWriting( dest,uid ) == 1 ){
return zuluExit( 10 ) ;
}
if( zuluCryptCanOpenPathForReading( source,uid ) == 1 ){
return zuluExit( 15 ) ;
}
if( type == NULL ){
printf( gettext( "Enter passphrase: " ) ) ;
/*
* ZULUCRYPT_KEY_MAX_SIZE is set in ../constants.h
*/
switch( StringSilentlyGetFromTerminal_1( &p,ZULUCRYPT_KEY_MAX_SIZE ) ){
case 1 : return zuluExit( 12 ) ;
case 2 : return zuluExit( 13 ) ;
}
printf( gettext( "\nRe enter passphrase: " ) ) ;
switch( StringSilentlyGetFromTerminal_1( &q,ZULUCRYPT_KEY_MAX_SIZE ) ){
case 1 : StringClearDelete( &p ) ;
return zuluExit( 12 ) ;
case 2 : StringClearDelete( &p ) ;
return zuluExit( 13 ) ;
}
printf( "\n" ) ;
if( !StringEqualString( p,q ) ){
StringClearDelete( &p ) ;
StringClearDelete( &q ) ;
return zuluExit( 8 ) ;
}else{
StringDelete( &q ) ;
}
}else{
if( type == NULL ){
return zuluExit( 9 ) ;
}
if( StringsAreEqual( type,"-p" ) ){
p = String( passphrase ) ;
}else if( StringsAreEqual( type,"-f" ) ){
p = StringGetFromFile( passphrase ) ;
if( p == NULL ){
return zuluExit( 2 ) ;
}
}else{
return zuluExit( 3 ) ;
}
}
if( opt == ENCRYPT ){
/*
* zuluCryptEncryptFile() is defined in ./crypt_file.c
*/
st = zuluCryptEncryptFile( source,dest,StringContent( p ),StringLength( p ) ) ;
}else{
/*
* zuluCryptDecryptFile() is defined in ./crypt_file.c
*/
st = zuluCryptDecryptFile( source,dest,StringContent( p ),StringLength( p ) ) ;
}
StringClearDelete( &p ) ;
switch( st ){
case 1 : return zuluExit( 4 ) ;
case 2 : return zuluExit( 11 ) ;
}
chmod( dest,S_IRUSR | S_IWUSR ) ;
chown( dest,uid,uid ) ;
if( opt == 1 ){
return zuluExit( 1 ) ;
}else{
return zuluExit( 0 ) ;
}
}
static int _modify_tcrypt( info_t * info,const struct_opts * opts )
{
int k = 4 ;
int r ;
string_t st = StringVoid ;
string_t xt = StringVoid ;
if( StringsAreEqual( opts->key_source,"-p" ) ){
info->header_key = opts->key ;
info->header_key_source = "passphrase" ;
info->header_new_key_source = "new_passphrase" ;
}else if( opts->key == NULL && StringsAreNotEqual( opts->key_source,"-f" ) ){
st = info->getKey( &r ) ;
if( r ){
info->key = StringContent( st ) ;
info->header_key = info->key ;
info->header_key_source = "passphrase" ;
info->header_new_key_source = "new_passphrase" ;
}else{
return zuluExit_1( k,st,xt ) ;
}
}else{
/*
* function is defined at "path_access.c"
*/
zuluCryptGetPassFromFile( opts->key,info->uid,&st ) ;
zuluCryptSecurityGainElevatedPrivileges() ;
if( st == StringVoid ){
return zuluExit_1( k,st,xt ) ;
}else{
if( StringHasComponent( opts->key,".zuluCrypt-socket" ) ){
info->key = StringContent( st ) ;
info->header_key = info->key ;
info->header_key_source = "passphrase" ;
info->header_new_key_source = "new_passphrase" ;
}else{
xt = zuluCryptCreateKeyFile( StringContent( st ),StringLength( st ),"tcrypt-bk-" ) ;
if( xt == StringVoid ){
return zuluExit_1( k,st,xt ) ;
}else{
info->key = StringContent( xt ) ;
info->header_key = info->key ;
info->header_key_source = "keyfiles" ;
info->header_new_key_source = "new_keyfiles" ;
}
}
}
}
/*
* zuluCryptModifyTcryptHeader() is defined in ../lib/create_tcrypt.c
*/
k = zuluCryptModifyTcryptHeader( info ) ;
if( xt != StringVoid ){
/*
* zuluCryptDeleteFile() is defined in ../lib/file_path_security.c
*/
zuluCryptDeleteFile( StringContent( xt ) ) ;
}
return zuluExit_1( k,st,xt ) ;
}
int zuluMountUMount( ARGS * args )
{
const char * device = args->device ;
uid_t uid = args->uid ;
char * loop_device ;
char * m_point = NULL ;
int status ;
string_t st = StringVoid ;
const char * dev = NULL ;
const char * errorMsg = gettext( "\
ERROR: You can not umount volumes out of \"%s\" since you are not root and do not belong to group \"zulumount\"\n" ) ;
string_t xt ;
if( StringPrefixEqual( device,"/dev/loop" ) ){
/*
* zuluCryptLoopDeviceAddress() is defined in ../zuluCrypt-cli/lib/create_loop_devices.c
*/
loop_device = zuluCryptLoopDeviceAddress( device ) ;
if( loop_device == NULL ){
/*
* the error msg is a lie,but its harmless since the user will most likely never see it as
* this code path will not be passed.
*/
return _zuluExit( 100,StringVoid,m_point,gettext( "ERROR: Device does not appear to be mounted" ) ) ;
}else{
st = StringInherit( &loop_device ) ;
dev = StringContent( st ) ;
/*
* zuluCryptGetMountPointFromPath() is defined in defined in ../zuluCrypt-cli/lib/process_mountinfo.c
*/
m_point = zuluCryptGetMountPointFromPath( dev ) ;
if( m_point == NULL ){
return _zuluExit( 100,st,m_point,gettext( "ERROR: Device does not appear to be mounted" ) ) ;
}
}
}else{
/*
* zuluCryptGetMountPointFromPath() is defined in defined in ../zuluCrypt-cli/lib/process_mountinfo.c
*/
m_point = zuluCryptGetMountPointFromPath( device ) ;
if( m_point == NULL ){
return _zuluExit( 100,st,m_point,gettext( "ERROR: Device does not appear to be mounted" ) ) ;
}
}
/*
* zuluCryptMountPointPrefixMatch() is defined in ../zuluCrypt-cli/bin/create_mount_point.c
*/
if( zuluCryptMountPointPrefixMatch( m_point,uid,&xt ) ){
StringDelete( &xt ) ;
}else{
/*
* zuluCryptUserIsAMemberOfAGroup() is defined in ../zuluCrypt-cli/bin/security.c
*/
if( zuluCryptUserIsAMemberOfAGroup( uid,"zulumount" ) ){
StringDelete( &xt ) ;
}else{
printf( errorMsg,StringContent( xt ) ) ;
StringDelete( &xt ) ;
return _zuluExit( 101,st,m_point,NULL ) ;
}
}
StringFree( m_point ) ;
m_point = NULL ;
/*
* zuluCryptBindUnmountVolume() is defined in ../zuluCrypt-cli/bin/bind.c
*/
switch( zuluCryptBindUnmountVolume( StringListVoid,device,uid ) ){
case 3 : return _zuluExit( 107,st,m_point,gettext( "ERROR: Shared mount point appear to be busy" ) ) ;
case 4 : return _zuluExit( 108,st,m_point,gettext( "ERROR: Shared mount point appear to belong to a different user" ) ) ;
case 5 : return _zuluExit( 109,st,m_point,gettext( "ERROR: Shared mount point appear to be in an ambiguous state,advice to unmount manually" ) ) ;
default: ;
}
/*
* zuluCryptSecurityGainElevatedPrivileges() is defined in ../zuluCrypt-cli/bin/security.c
*/
zuluCryptSecurityGainElevatedPrivileges() ;
/*
* zuluCryptUnmountVolume() is defined in ../zuluCrypt-cli/lib/unmount_volume.c
*/
status = zuluCryptUnmountVolume( device,&m_point ) ;
/*
* zuluCryptSecurityDropElevatedPrivileges() is defined in ../zuluCrypt-cli/bin/security.c
*/
zuluCryptSecurityDropElevatedPrivileges() ;
if( status == 0 ){
if( m_point != NULL ){
/*
* zuluCryptReuseMountPoint() is defined in ../zuluCrypt-cli/bin/create_mount_point.c
*/
if( !zuluCryptReuseMountPoint() ){
zuluCryptSecurityGainElevatedPrivileges() ;
rmdir( m_point ) ;
zuluCryptSecurityDropElevatedPrivileges() ;
}
}
return _zuluExit( 0,st,m_point,gettext( "SUCCESS: umount complete successfully" ) ) ;
}else{
switch( status ) {
case 1 : return _zuluExit( 103,st,m_point,gettext( "ERROR: Device does not exist" ) ) ;
case 2 : return _zuluExit( 104,st,m_point,gettext( "ERROR: Failed to unmount,the mount point and/or one or more files are in use" ) ) ;
case 4 : return _zuluExit( 105,st,m_point,gettext( "ERROR: Failed to unmount,could not get a lock on /etc/mtab~" ) ) ;
case 10: return _zuluExit( 107,st,m_point,gettext( "ERROR: Failed to unmount,multiple mount points for the volume detected" ) ) ; break ;
default: return _zuluExit( 106,st,m_point,gettext( "ERROR: Failed to unmount the partition" ) ) ;
}
}
}
int zuluCryptOpenVolume( const char * dev,const char * mapper,
const char * m_point,uid_t id,unsigned long m_opts,
const char * fs_opts,const char * pass,size_t pass_size )
{
int h ;
string_t p = StringVoid ;
string_t q = StringVoid ;
int lmode ;
int fd ;
const char * mode ;
const char * mapper_1 ;
/*
* zuluCryptPathIsNotValid() is defined in is_path_valid.c
*/
if( zuluCryptPathIsNotValid( dev ) ){
return 3 ;
}
/*
* zuluCryptMapperPrefix() is defined in create_mapper_name.c
*/
p = String( zuluCryptMapperPrefix() ) ;
mapper_1 = StringMultipleAppend( p,"/",mapper,END ) ;
/*
* zuluCryptPathIsValid() is defined in is_path_valid.c
*/
if( zuluCryptPathIsValid( mapper_1 ) ){
return zuluExit( 2,p ) ;
}
if( m_opts & MS_RDONLY ){
lmode = O_RDONLY ;
mode = "ro" ;
}else{
lmode = O_RDWR ;
mode = "rw" ;
}
if( StringPrefixMatch( dev,"/dev/",5 ) ){
h = _open_mapper( dev,mapper,mode,pass,pass_size ) ;
}else{
/*
* zuluCryptAttachLoopDeviceToFile() is defined in create_loop_device.c
*/
if( zuluCryptAttachLoopDeviceToFile( dev,lmode,&fd,&q ) ){
dev = StringContent( q ) ;
h = _open_mapper( dev,mapper,mode,pass,pass_size ) ;
close( fd ) ;
StringDelete( &q ) ;
}else{
h = 1 ;
}
}
switch( h ){
case 1 : return zuluExit( 4,p ) ;
case 2 : return zuluExit( 8,p ) ;
case 3 : return zuluExit( 3,p ) ;
}
if( m_point != NULL ){
/*
* zuluCryptMountVolume() is defined in mount_volume.c
*/
h = zuluCryptMountVolume( mapper_1,m_point,m_opts,fs_opts,id ) ;
if( h != 0 ){
/*
* zuluCryptCloseMapper() is defined in close_mapper.c
*/
if( zuluCryptCloseMapper( mapper_1 ) != 0 ){
h = 15 ;
}
}
}
return zuluExit( h,p ) ;
}
