int zuluCryptOpenPlain( const char * device,const char * mapper,const char * mode,const char * pass,size_t pass_size )
{
int lmode ;
string_t st ;
int fd ;
int r ;
if( StringPrefixMatch( device,"/dev/",5 ) ){
return _open_plain( device,mapper,mode,pass,pass_size ) ;
}else{
if( StringHasComponent( mode,"ro" ) ){
lmode = O_RDONLY ;
}else{
lmode = O_RDWR ;
}
/*
* zuluCryptAttachLoopDeviceToFile() is defined in ./create_loop.c
*/
if( zuluCryptAttachLoopDeviceToFile( device,lmode,&fd,&st ) ){
r = _open_plain( device,mapper,mode,pass,pass_size ) ;
StringDelete( &st ) ;
close( fd ) ;
return r ;
}else{
return 2 ;
}
}
}
/*
* return values:
* 5 - couldnt get key from the socket
* 4 -permission denied
* 1 invalid path
* 2 insufficient memory to open file
* 0 success
*/
int zuluCryptGetPassFromFile( const char * path,uid_t uid,string_t * st )
{
/*
* zuluCryptGetUserHomePath() is defined in ../lib/user_home_path.c
*/
string_t p = zuluCryptGetUserHomePath( uid ) ;
const char * z = StringAppend( p,".zuluCrypt-socket" ) ;
size_t s = StringLength( p ) ;
int m = StringPrefixMatch( path,z,s ) ;
StringDelete( &p ) ;
if( m ){
/*
* zuluCryptPrepareSocketPath() is defined in path_access.c
*/
zuluCryptPrepareSocketPath( uid ) ;
zuluCryptSecurityDropElevatedPrivileges() ;
/*
* path that starts with $HOME/.zuluCrypt-socket is treated not as a path to key file but as path
* to a local socket to get a passphrase
*/
/*
* zuluCryptGetKeyFromSocket() is defined in ../pluginManager/zuluCryptPluginManager.c
*/
zuluCryptGetKeyFromSocket( path,st,uid ) ;
return 0 ;
}else{
zuluCryptSecurityDropElevatedPrivileges() ;
/*
* 8192000 bytes is the default cryptsetup maximum keyfile size
*/
m = StringGetFromFileMemoryLocked( st,path,0,8192000 ) ;
switch( m ){
case 0 : return 0 ;
case 1 : return 4 ;
case 2 : return 2 ;
}
/*
* not supposed to get here
*/
return -1 ;
}
}
int zuluCryptUnmountVolume( const char * device,char ** m_point )
{
char * m ;
int h = 3 ;
char * loop_path = NULL ;
if( StringPrefixMatch( device,"/dev/loop",9 ) ){
/*
* zuluCryptLoopDeviceAddress() is defined in ./create_loop_device.c
*/
loop_path = zuluCryptLoopDeviceAddress( device ) ;
if( loop_path != NULL ){
device = loop_path ;
}
}
/*
* zuluCryptGetMountPointFromPath() is defined in ./process_mountinfo.c
*/
m = zuluCryptGetMountPointFromPath( device ) ;
if( m != NULL ){
h = _unmount_volume( m ) ;
if( h == 0 ){
/*
*zuluCryptMtabIsAtEtc() is defined in ./mount_volume.c
*/
if( zuluCryptMtabIsAtEtc() ){
h = zuluCrypRemoveEntryFromMtab( m ) ;
}
if( m_point != NULL ){
*m_point = m ;
}else{
StringFree( m ) ;
}
}else{
StringFree( m ) ;
}
}
if( h != 0 && h != 3 && h != 4 ){
h = 2 ;
}
StringFree( loop_path ) ;
return h ;
}
int zuluCrypRemoveEntryFromMtab( const char * m_point )
{
#if USE_NEW_LIBMOUNT_API
struct libmnt_lock * lock ;
#else
mnt_lock * lock ;
#endif
struct mntent * mt ;
FILE * f ;
FILE * g ;
size_t dir_len = strlen( m_point ) ;
int h ;
lock = mnt_new_lock( "/etc/mtab~",getpid() ) ;
f = setmntent( "/etc/mtab","r" ) ;
if( mnt_lock_file( lock ) != 0 ){
h = 4 ;
}else{
g = setmntent( "/etc/mtab-zuluCrypt","w" ) ;
while( ( mt = getmntent( f ) ) != NULL ){
if( StringPrefixMatch( mt->mnt_dir,m_point,dir_len ) ){
/*
* an entry we want to delete,skip it
*/
;
}else{
addmntent( g,mt ) ;
}
}
endmntent( g ) ;
rename( "/etc/mtab-zuluCrypt","/etc/mtab" ) ;
chown( "/etc/mtab",0,0 ) ;
chmod( "/etc/mtab",S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH ) ;
mnt_unlock_file( lock ) ;
h = 0 ;
}
endmntent( f ) ;
mnt_free_lock( lock ) ;
return h ;
}
int zuluCryptCreateVolume( const char * dev,const char * fs,const char * type,const char * pass,size_t pass_size,const char * rng )
{
string_t st ;
int fd ;
int r ;
if( StringPrefixMatch( dev,"/dev/",5 ) ){
return _create_volume( dev,fs,type,pass,pass_size,rng ) ;
}else{
/*
* zuluCryptAttachLoopDeviceToFile() is defined in ./create_loop.c
*/
if( zuluCryptAttachLoopDeviceToFile( dev,O_RDWR,&fd,&st ) ){
r = _create_volume( StringContent( st ),fs,type,pass,pass_size,rng ) ;
StringDelete( &st ) ;
close( fd ) ;
return r ;
}else{
return 3 ;
}
}
}
static void _get_file_system_options_from_config_file( const char * device,string_t st )
{
char * f ;
const char * e ;
StringListIterator it ;
StringListIterator end ;
string_t xt = StringGetFromFile( "/etc/zuluCrypt/fs_options" ) ;
stringList_t stl = StringListStringSplit( xt,'\n' ) ;
stringList_t stz ;
StringDelete( &xt ) ;
f = _get_uuid_from_device( device ) ;
StringListGetIterators( stl,&it,&end ) ;
while( it != end ){
e = StringRemoveString( *it,"\"" ) ;
it++ ;
if( StringPrefixMatch( e,"UUID=",5 ) ){
if( StringPrefixEqual( e + 5,f ) ){
stz = StringListSplit( e,' ' ) ;
e = StringListContentAtSecondPlace( stz ) ;
StringMultipleAppend( st,",",e,NULL ) ;
StringListDelete( &stz ) ;
break ;
}
}
}
StringListDelete( &stl ) ;
StringFree( f ) ;
}
int zuluCryptOpenVolume( const char * dev,const char * mapper,
const char * m_point,uid_t id,unsigned long m_opts,
const char * fs_opts,const char * pass,size_t pass_size )
{
int h ;
string_t p = StringVoid ;
string_t q = StringVoid ;
int lmode ;
int fd ;
const char * mode ;
const char * mapper_1 ;
/*
* zuluCryptPathIsNotValid() is defined in is_path_valid.c
*/
if( zuluCryptPathIsNotValid( dev ) ){
return 3 ;
}
/*
* zuluCryptMapperPrefix() is defined in create_mapper_name.c
*/
p = String( zuluCryptMapperPrefix() ) ;
mapper_1 = StringMultipleAppend( p,"/",mapper,END ) ;
/*
* zuluCryptPathIsValid() is defined in is_path_valid.c
*/
if( zuluCryptPathIsValid( mapper_1 ) ){
return zuluExit( 2,p ) ;
}
if( m_opts & MS_RDONLY ){
lmode = O_RDONLY ;
mode = "ro" ;
}else{
lmode = O_RDWR ;
mode = "rw" ;
}
if( StringPrefixMatch( dev,"/dev/",5 ) ){
h = _open_mapper( dev,mapper,mode,pass,pass_size ) ;
}else{
/*
* zuluCryptAttachLoopDeviceToFile() is defined in create_loop_device.c
*/
if( zuluCryptAttachLoopDeviceToFile( dev,lmode,&fd,&q ) ){
dev = StringContent( q ) ;
h = _open_mapper( dev,mapper,mode,pass,pass_size ) ;
close( fd ) ;
StringDelete( &q ) ;
}else{
h = 1 ;
}
}
switch( h ){
case 1 : return zuluExit( 4,p ) ;
case 2 : return zuluExit( 8,p ) ;
case 3 : return zuluExit( 3,p ) ;
}
if( m_point != NULL ){
/*
* zuluCryptMountVolume() is defined in mount_volume.c
*/
h = zuluCryptMountVolume( mapper_1,m_point,m_opts,fs_opts,id ) ;
if( h != 0 ){
/*
* zuluCryptCloseMapper() is defined in close_mapper.c
*/
if( zuluCryptCloseMapper( mapper_1 ) != 0 ){
h = 15 ;
}
}
}
return zuluExit( h,p ) ;
}
static int _create_tcrypt_volume( const char * device,const char * file_system,
const char * rng,const char * key,size_t key_len,
int key_source,u_int64_t hidden_volume_size,
const char * file_system_h,const char * key_h,size_t key_len_h,int key_source_h )
{
string_t st = StringVoid ;
string_t xt = StringVoid ;
tcrypt_t info ;
int r = 3 ;
if( zuluCryptPathIsNotValid( device ) ){
return 1 ;
}
memset( &info,'\0',sizeof( tcrypt_t ) ) ;
info.device = device ;
info.key_source = key_source ;
info.key_source_h = key_source_h ;
info.hidden_volume_size = hidden_volume_size ;
if( StringPrefixMatch( rng,"/dev/urandom",12 ) ){
info.weak_keys_and_salt = 1 ;
}
if( info.key_source == TCRYPT_PASSPHRASE ){
info.key = key ;
info.key_source_1 = "passphrase" ;
}else{
/*
* zuluCryptCreateKeyFile() is defined in open_tcrypt.c
*/
st = zuluCryptCreateKeyFile( key,key_len,"create_tcrypt-1-" ) ;
info.key = StringContent( st ) ;
info.key_source = TCRYPT_KEYFILE_FILE ;
info.key_source_1 = "keyfiles" ;
}
if( info.hidden_volume_size > 0 ){
if( info.key_source_h == TCRYPT_PASSPHRASE ){
info.key_h = key_h ;
info.key_source_h_1 = "h_passphrase" ;
}else{
xt = zuluCryptCreateKeyFile( key_h,key_len_h,"create_tcrypt-2-" ) ;
info.key_h = StringContent( xt ) ;
info.key_source_h = TCRYPT_KEYFILE_FILE ;
info.key_source_h_1 = "h_keyfiles" ;
}
}
if( _create_volume( &info ) == TC_OK ){
r = _create_file_system( device,file_system,info.key_source,info.key,key_len,TCRYPT_NORMAL ) ;
if( info.hidden_volume_size > 0 && r == 0 ){
r = _create_file_system( device,file_system_h,info.key_source_h,info.key_h,key_len_h,TCRYPT_HIDDEN ) ;
}
}
/*
* zuluCryptDeleteFile() is defined in file_path_security.c
*/
if( st != StringVoid ){
zuluCryptDeleteFile( StringContent( st ) ) ;
StringDelete( &st ) ;
}
if( xt != StringVoid ){
zuluCryptDeleteFile( StringContent( xt ) ) ;
StringDelete( &xt ) ;
}
return r ;
}
