int totem_config_keyread (
struct totem_config *totem_config,
const char **error_string)
{
int got_key = 0;
char *key_location = NULL;
int res;
size_t key_len;
memset (totem_config->private_key, 0, 128);
totem_config->private_key_len = 128;
if (strcmp(totem_config->crypto_cipher_type, "none") == 0 &&
strcmp(totem_config->crypto_hash_type, "none") == 0) {
return (0);
}
/* cmap may store the location of the key file */
if (icmap_get_string("totem.keyfile", &key_location) == CS_OK) {
res = read_keyfile(key_location, totem_config, error_string);
free(key_location);
if (res) {
goto key_error;
}
got_key = 1;
} else { /* Or the key itself may be in the cmap */
if (icmap_get("totem.key", NULL, &key_len, NULL) == CS_OK) {
if (key_len > sizeof (totem_config->private_key)) {
sprintf(error_string_response, "key is too long");
goto key_error;
}
if (icmap_get("totem.key", totem_config->private_key, &key_len, NULL) == CS_OK) {
totem_config->private_key_len = key_len;
got_key = 1;
} else {
sprintf(error_string_response, "can't store private key");
goto key_error;
}
}
}
/* In desperation we read the default filename */
if (!got_key) {
const char *filename = getenv("COROSYNC_TOTEM_AUTHKEY_FILE");
if (!filename)
filename = COROSYSCONFDIR "/authkey";
res = read_keyfile(filename, totem_config, error_string);
if (res)
goto key_error;
}
return (0);
key_error:
*error_string = error_string_response;
return (-1);
}
int
main( int argc, char ** argv )
{
char *infile; /* plaintext/ciphertext file name ptr */
if ((argc < 2) || (argc > 3))
{
usage(argv[0]);
return 1;
}
if (argc == 2)
{
infile = argv[1];
}
else
{
infile = argv[2];
read_keyfile(argv[1]);
}
init_mach();
encipher_file(infile);
return 0;
}
/* parse the module arguments */
static int read_arguments( const char *args_orig ) {
int verify;
int errors = 0;
char *ptr;
char *args = strdup(args_orig);
char *args_c = args;
while ( (ptr = strsep( &args, " " )) != NULL ) {
if(parse_args_line(mod_gm_opt, ptr, 0) != GM_OK) {
errors++;
break;
}
}
verify = verify_options(mod_gm_opt);
if(mod_gm_opt->debug_level >= GM_LOG_DEBUG) {
dumpconfig(mod_gm_opt, GM_NEB_MODE);
}
/* read keyfile */
if(mod_gm_opt->keyfile != NULL && read_keyfile(mod_gm_opt) != GM_OK) {
errors++;
}
free(args_c);
if(errors > 0) {
return(GM_ERROR);
}
return(verify);
}
/*
* Read a key from the key files.
*/
Key*
read_user_u2f_key(struct passwd *pw, u_int key_idx)
{
size_t i;
// TODO: It might not be safe to pass the key back to the unprivileged
// process. It probably is, but we should review this.
// In the first step, we need to go through all u2f keys that we have and
// collect their key handles.
for (i = 0; i < options.num_authkeys_files; i++) {
FILE *fp;
char *file;
Key *key = NULL;
u_long linenum = 0;
if (strcasecmp(options.authorized_keys_files[i], "none") == 0)
continue;
file = expand_authorized_keys(options.authorized_keys_files[i], pw);
debug("need to check %s", file);
fp = fopen(file, "r");
do
{
// TODO: Hackish way to allow getting more than one key
key_free(key);
key = read_keyfile(fp, file, pw, &linenum);
}
while(key_idx-- > 0);
fclose(fp);
free(file);
if (key != NULL)
return key;
}
return NULL;
}
/* parse command line arguments */
int parse_arguments(int argc, char **argv) {
int i;
int verify;
int errors = 0;
mod_gm_opt = gm_malloc(sizeof(mod_gm_opt_t));
set_default_options(mod_gm_opt);
/* special default: encryption disabled */
mod_gm_opt->encryption = GM_DISABLED;
for(i=1;i<argc;i++) {
char * arg = gm_strdup( argv[i] );
char * arg_c = arg;
if ( !strcmp( arg, "version" ) || !strcmp( arg, "--version" ) || !strcmp( arg, "-V" ) ) {
print_version();
}
if ( !strcmp( arg, "help" ) || !strcmp( arg, "--help" ) || !strcmp( arg, "-h" ) ) {
print_usage();
}
if(parse_args_line(mod_gm_opt, arg, 0) != GM_OK) {
errors++;
free(arg_c);
break;
}
free(arg_c);
}
/* verify options */
verify = verify_options(mod_gm_opt);
/* read keyfile */
if(mod_gm_opt->keyfile != NULL && read_keyfile(mod_gm_opt) != GM_OK) {
errors++;
}
if(errors > 0 || verify != GM_OK) {
return(GM_ERROR);
}
return(GM_OK);
}
int
main(int argc, char **argv)
{
ESL_GETOPTS *go = NULL;
char *keyfile = NULL;
char *tabfile = NULL;
ESL_KEYHASH *kh = esl_keyhash_Create();
int nkeys = 0;
ESL_DMATRIX *D = NULL;
ESL_TREE *T = NULL;
go = esl_getopts_Create(options);
if (esl_opt_ProcessCmdline(go, argc, argv) != eslOK) cmdline_failure(argv[0], go, "Failed to parse command line: %s\n", go->errbuf);
if (esl_opt_VerifyConfig(go) != eslOK) cmdline_failure(argv[0], go, "Error in app configuration: %s\n", go->errbuf);
if (esl_opt_GetBoolean(go, "-h") ) cmdline_help (argv[0], go);
if (esl_opt_ArgNumber(go) != 2) cmdline_failure(argv[0], go, "Incorrect number of command line arguments.\n");
keyfile = esl_opt_GetArg(go, 1);
tabfile = esl_opt_GetArg(go, 2);
read_keyfile(go, keyfile, kh);
nkeys = esl_keyhash_GetNumber(kh);
D = esl_dmatrix_Create(nkeys, nkeys);
read_tabfile(go, tabfile, kh, D);
esl_tree_SingleLinkage(D, &T);
//esl_tree_WriteNewick(stdout, T);
output_clusters(go, T, kh);
esl_tree_Destroy(T);
esl_dmatrix_Destroy(D);
esl_keyhash_Destroy(kh);
esl_getopts_Destroy(go);
return 0;
}
int totem_config_keyread (
struct objdb_iface_ver0 *objdb,
struct totem_config *totem_config,
const char **error_string)
{
int got_key = 0;
const char *key_location = NULL;
hdb_handle_t object_totem_handle;
int res;
memset (totem_config->private_key, 0, 128);
totem_config->private_key_len = 128;
if (totem_config->secauth == 0) {
return (0);
}
res = totem_handle_find (objdb, &object_totem_handle);
if (res == -1) {
return (-1);
}
/* objdb may store the location of the key file */
if (!objdb_get_string (objdb,object_totem_handle, "keyfile", &key_location)
&& key_location) {
res = read_keyfile(key_location, totem_config, error_string);
if (res) {
goto key_error;
}
got_key = 1;
} else { /* Or the key itself may be in the objdb */
char *key = NULL;
size_t key_len;
res = objdb->object_key_get (object_totem_handle,
"key",
strlen ("key"),
(void *)&key,
&key_len);
if (res == 0 && key) {
if (key_len > sizeof (totem_config->private_key)) {
goto key_error;
}
memcpy(totem_config->private_key, key, key_len);
totem_config->private_key_len = key_len;
got_key = 1;
}
}
/* In desperation we read the default filename */
if (!got_key) {
const char *filename = getenv("COROSYNC_TOTEM_AUTHKEY_FILE");
if (!filename)
filename = COROSYSCONFDIR "/authkey";
res = read_keyfile(filename, totem_config, error_string);
if (res)
goto key_error;
}
return (0);
key_error:
*error_string = error_string_response;
return (-1);
}
int main(void) {
plan(60);
/* lowercase */
char test[100];
ok(lc(NULL) == NULL, "lc(NULL)");
strcpy(test, "Yes"); like(lc(test), "yes", "lc(yes)");
strcpy(test, "YES"); like(lc(test), "yes", "lc(YES)");
strcpy(test, "yeS"); like(lc(test), "yes", "lc(yeS)");
/* trim */
strcpy(test, " text "); like(ltrim(test), "text ", "ltrim()");
strcpy(test, " text "); like(rtrim(test), " text", "rtrim()");
strcpy(test, " text "); like(trim(test), "text", "trim()");
char *test2;
test2 = strdup(" text "); like(trim(test2), "text", "trim()");
free(test2);
/* parse_yes_or_no */
ok(parse_yes_or_no(NULL, GM_ENABLED) == GM_ENABLED, "parse_yes_or_no 1");
ok(parse_yes_or_no(NULL, GM_DISABLED) == GM_DISABLED, "parse_yes_or_no 2");
strcpy(test, ""); ok(parse_yes_or_no(test, GM_ENABLED) == GM_ENABLED, "parse_yes_or_no 3");
strcpy(test, ""); ok(parse_yes_or_no(test, GM_DISABLED) == GM_DISABLED, "parse_yes_or_no 4");
strcpy(test, "yes"); ok(parse_yes_or_no(test, GM_ENABLED) == GM_ENABLED, "parse_yes_or_no 5");
strcpy(test, "true"); ok(parse_yes_or_no(test, GM_ENABLED) == GM_ENABLED, "parse_yes_or_no 6");
strcpy(test, "Yes"); ok(parse_yes_or_no(test, GM_ENABLED) == GM_ENABLED, "parse_yes_or_no 7");
strcpy(test, "1"); ok(parse_yes_or_no(test, GM_ENABLED) == GM_ENABLED, "parse_yes_or_no 8");
strcpy(test, "On"); ok(parse_yes_or_no(test, GM_ENABLED) == GM_ENABLED, "parse_yes_or_no 9");
strcpy(test, "Off"); ok(parse_yes_or_no(test, GM_ENABLED) == GM_DISABLED, "parse_yes_or_no 10");
strcpy(test, "false"); ok(parse_yes_or_no(test, GM_ENABLED) == GM_DISABLED, "parse_yes_or_no 11");
strcpy(test, "no"); ok(parse_yes_or_no(test, GM_ENABLED) == GM_DISABLED, "parse_yes_or_no 12");
strcpy(test, "0"); ok(parse_yes_or_no(test, GM_ENABLED) == GM_DISABLED, "parse_yes_or_no 13");
/* trim */
ok(trim(NULL) == NULL, "trim(NULL)");
strcpy(test, " test "); like(trim(test), "^test$", "trim(' test ')");
strcpy(test, "\ntest\n"); like(trim(test), "^test$", "trim('\\ntest\\n')");
/* reading keys */
mod_gm_opt_t *mod_gm_opt;
mod_gm_opt = malloc(sizeof(mod_gm_opt_t));
int rc = set_default_options(mod_gm_opt);
ok(rc == 0, "setting default options");
mod_gm_opt->keyfile = strdup("t/data/test1.key");
read_keyfile(mod_gm_opt);
//printf_hex(mod_gm_opt->crypt_key, 32);
test[0]='\x0';
int i = 0;
char hex[4];
for(i=0; i<32; i++) {
hex[0] = '\x0';
snprintf(hex, 4, "%02x", mod_gm_opt->crypt_key[i]);
strncat(test, hex, 4);
}
like(test, "3131313131313131313131313131313131313131313131313131313131310000", "read keyfile t/data/test1.key");
free(mod_gm_opt->keyfile);
mod_gm_opt->keyfile = strdup("t/data/test2.key");
read_keyfile(mod_gm_opt);
like(mod_gm_opt->crypt_key, "abcdef", "reading keyfile t/data/test2.key");
free(mod_gm_opt->keyfile);
mod_gm_opt->keyfile = strdup("t/data/test3.key");
read_keyfile(mod_gm_opt);
//printf_hex(mod_gm_opt->crypt_key, 32);
like(mod_gm_opt->crypt_key, "11111111111111111111111111111111", "reading keyfile t/data/test3.key");
ok(strlen(mod_gm_opt->crypt_key) == 32, "key size for t/data/test3.key");
/* encrypt */
char * key = "test1234";
char * encrypted = malloc(GM_BUFFERSIZE);
char * text = "test message";
char * base = "a7HqhQEE8TQBde9uknpPYQ==";
mod_gm_crypt_init(key);
int len;
len = mod_gm_encrypt(&encrypted, text, GM_ENCODE_AND_ENCRYPT);
ok(len == 24, "length of encrypted only");
like(encrypted, base, "encrypted string");
/* decrypt */
char * decrypted = malloc(GM_BUFFERSIZE);
mod_gm_decrypt(&decrypted, encrypted, GM_ENCODE_AND_ENCRYPT);
like(decrypted, text, "decrypted text");
free(decrypted);
free(encrypted);
/* base 64 */
char * base64 = malloc(GM_BUFFERSIZE);
len = mod_gm_encrypt(&base64, text, GM_ENCODE_ONLY);
ok(len == 16, "length of encode only");
like(base64, "dGVzdCBtZXNzYWdl", "base64 only string");
/* debase 64 */
char * debase64 = malloc(GM_BUFFERSIZE);
mod_gm_decrypt(&debase64, base64, GM_ENCODE_ONLY);
like(debase64, text, "debase64 text");
free(debase64);
free(base64);
/* file_exists */
ok(file_exists("01_utils") == 1, "file_exists('01_utils')");
ok(file_exists("non-exist") == 0, "file_exists('non-exist')");
/* nr2signal */
char * signame1 = nr2signal(9);
like(signame1, "SIGKILL", "get SIGKILL for 9");
free(signame1);
char * signame2 = nr2signal(15);
like(signame2, "SIGTERM", "get SIGTERM for 15");
free(signame2);
/* string2timeval */
struct timeval t;
string2timeval("100.50", &t);
ok(t.tv_sec == 100, "string2timeval 1");
ok(t.tv_usec == 50, "string2timeval 2");
string2timeval("100", &t);
ok(t.tv_sec == 100, "string2timeval 3");
ok(t.tv_usec == 0, "string2timeval 4");
string2timeval("", &t);
ok(t.tv_sec == 0, "string2timeval 5");
ok(t.tv_usec == 0, "string2timeval 6");
string2timeval(NULL, &t);
ok(t.tv_sec == 0, "string2timeval 7");
ok(t.tv_usec == 0, "string2timeval 8");
/* command line parsing */
mod_gm_free_opt(mod_gm_opt);
mod_gm_opt = renew_opts();
strcpy(test, "server=host:4730");
parse_args_line(mod_gm_opt, test, 0);
like(mod_gm_opt->server_list[0], "host:4730", "server=host:4730");
ok(mod_gm_opt->server_num == 1, "server_number = %d", mod_gm_opt->server_num);
mod_gm_free_opt(mod_gm_opt);
mod_gm_opt = renew_opts();
strcpy(test, "server=:4730");
parse_args_line(mod_gm_opt, test, 0);
like(mod_gm_opt->server_list[0], "localhost:4730", "server=:4730");
ok(mod_gm_opt->server_num == 1, "server_number = %d", mod_gm_opt->server_num);
mod_gm_free_opt(mod_gm_opt);
mod_gm_opt = renew_opts();
strcpy(test, "server=localhost:4730");
parse_args_line(mod_gm_opt, test, 0);
strcpy(test, "server=localhost:4730");
parse_args_line(mod_gm_opt, test, 0);
like(mod_gm_opt->server_list[0], "localhost:4730", "duplicate server");
ok(mod_gm_opt->server_num == 1, "server_number = %d", mod_gm_opt->server_num);
mod_gm_free_opt(mod_gm_opt);
mod_gm_opt = renew_opts();
strcpy(test, "server=localhost:4730,localhost:4730,:4730,host:4730,");
parse_args_line(mod_gm_opt, test, 0);
like(mod_gm_opt->server_list[0], "localhost:4730", "duplicate server");
like(mod_gm_opt->server_list[1], "host:4730", "duplicate server");
ok(mod_gm_opt->server_num == 2, "server_number = %d", mod_gm_opt->server_num);
/* escape newlines */
char * escaped = gm_escape_newlines(" test\n", GM_DISABLED);
is(escaped, " test\\n", "untrimmed escape string");
free(escaped);
escaped = gm_escape_newlines(" test\n", GM_ENABLED);
is(escaped, "test", "trimmed escape string");
free(escaped);
/* md5 sum */
char * sum = NULL;
strcpy(test, "");
sum = md5sum(test);
like(sum, "d41d8cd98f00b204e9800998ecf8427e", "md5sum()");
free(sum);
strcpy(test, "The quick brown fox jumps over the lazy dog.");
sum = md5sum(test);
like(sum, "e4d909c290d0fb1ca068ffaddf22cbd0", "md5sum()");
free(sum);
mod_gm_free_opt(mod_gm_opt);
return exit_status();
}
/* parse command line arguments */
int parse_arguments(int argc, char **argv) {
int i;
int errors = 0;
int verify;
mod_gm_opt_t * mod_gm_new_opt;
mod_gm_new_opt = gm_malloc(sizeof(mod_gm_opt_t));
set_default_options(mod_gm_new_opt);
for(i=1;i<argc;i++) {
char * arg = gm_strdup( argv[i] );
char * arg_c = arg;
if ( !strcmp( arg, "version" ) || !strcmp( arg, "--version" ) || !strcmp( arg, "-V" ) ) {
print_version();
}
if ( !strcmp( arg, "help" ) || !strcmp( arg, "--help" ) || !strcmp( arg, "-h" ) ) {
print_usage();
}
if(parse_args_line(mod_gm_new_opt, arg, 0) != GM_OK) {
errors++;
free(arg_c);
break;
}
free(arg_c);
}
/* set identifier to hostname unless specified */
if(mod_gm_new_opt->identifier == NULL) {
gethostname(hostname, GM_BUFFERSIZE-1);
mod_gm_new_opt->identifier = gm_strdup(hostname);
}
/* close old logfile */
if(mod_gm_opt->logfile_fp != NULL) {
fclose(mod_gm_opt->logfile_fp);
mod_gm_opt->logfile_fp = NULL;
}
/* verify options */
verify = verify_options(mod_gm_new_opt);
/* set new options */
if(errors == 0 && verify == GM_OK) {
mod_gm_free_opt(mod_gm_opt);
mod_gm_opt = mod_gm_new_opt;
}
/* open new logfile */
if ( mod_gm_new_opt->logmode == GM_LOG_MODE_AUTO && mod_gm_new_opt->logfile ) {
mod_gm_opt->logmode = GM_LOG_MODE_FILE;
}
if(mod_gm_new_opt->logmode == GM_LOG_MODE_FILE && mod_gm_opt->logfile && mod_gm_opt->debug_level < GM_LOG_STDOUT) {
mod_gm_opt->logfile_fp = fopen(mod_gm_opt->logfile, "a+");
if(mod_gm_opt->logfile_fp == NULL) {
perror(mod_gm_opt->logfile);
errors++;
}
}
/* read keyfile */
if(mod_gm_opt->keyfile != NULL && read_keyfile(mod_gm_opt) != GM_OK) {
errors++;
}
if(verify != GM_OK || errors > 0 || mod_gm_new_opt->debug_level >= GM_LOG_DEBUG) {
int old_debug = mod_gm_opt->debug_level;
mod_gm_opt->debug_level = GM_LOG_DEBUG;
dumpconfig(mod_gm_new_opt, GM_WORKER_MODE);
mod_gm_opt->debug_level = old_debug;
}
if(errors > 0 || verify != GM_OK) {
mod_gm_free_opt(mod_gm_new_opt);
return(GM_ERROR);
}
return(GM_OK);
}
