int zuluCryptOpenPlain( const char * device,const char * mapper,const char * mode,const char * pass,size_t pass_size ) { int lmode ; string_t st ; int fd ; int r ; if( StringPrefixMatch( device,"/dev/",5 ) ){ return _open_plain( device,mapper,mode,pass,pass_size ) ; }else{ if( StringHasComponent( mode,"ro" ) ){ lmode = O_RDONLY ; }else{ lmode = O_RDWR ; } /* * zuluCryptAttachLoopDeviceToFile() is defined in ./create_loop.c */ if( zuluCryptAttachLoopDeviceToFile( device,lmode,&fd,&st ) ){ r = _open_plain( device,mapper,mode,pass,pass_size ) ; StringDelete( &st ) ; close( fd ) ; return r ; }else{ return 2 ; } } }
/* * return values: * 5 - couldnt get key from the socket * 4 -permission denied * 1 invalid path * 2 insufficient memory to open file * 0 success */ int zuluCryptGetPassFromFile( const char * path,uid_t uid,string_t * st ) { /* * zuluCryptGetUserHomePath() is defined in ../lib/user_home_path.c */ string_t p = zuluCryptGetUserHomePath( uid ) ; const char * z = StringAppend( p,".zuluCrypt-socket" ) ; size_t s = StringLength( p ) ; int m = StringPrefixMatch( path,z,s ) ; StringDelete( &p ) ; if( m ){ /* * zuluCryptPrepareSocketPath() is defined in path_access.c */ zuluCryptPrepareSocketPath( uid ) ; zuluCryptSecurityDropElevatedPrivileges() ; /* * path that starts with $HOME/.zuluCrypt-socket is treated not as a path to key file but as path * to a local socket to get a passphrase */ /* * zuluCryptGetKeyFromSocket() is defined in ../pluginManager/zuluCryptPluginManager.c */ zuluCryptGetKeyFromSocket( path,st,uid ) ; return 0 ; }else{ zuluCryptSecurityDropElevatedPrivileges() ; /* * 8192000 bytes is the default cryptsetup maximum keyfile size */ m = StringGetFromFileMemoryLocked( st,path,0,8192000 ) ; switch( m ){ case 0 : return 0 ; case 1 : return 4 ; case 2 : return 2 ; } /* * not supposed to get here */ return -1 ; } }
int zuluCryptUnmountVolume( const char * device,char ** m_point ) { char * m ; int h = 3 ; char * loop_path = NULL ; if( StringPrefixMatch( device,"/dev/loop",9 ) ){ /* * zuluCryptLoopDeviceAddress() is defined in ./create_loop_device.c */ loop_path = zuluCryptLoopDeviceAddress( device ) ; if( loop_path != NULL ){ device = loop_path ; } } /* * zuluCryptGetMountPointFromPath() is defined in ./process_mountinfo.c */ m = zuluCryptGetMountPointFromPath( device ) ; if( m != NULL ){ h = _unmount_volume( m ) ; if( h == 0 ){ /* *zuluCryptMtabIsAtEtc() is defined in ./mount_volume.c */ if( zuluCryptMtabIsAtEtc() ){ h = zuluCrypRemoveEntryFromMtab( m ) ; } if( m_point != NULL ){ *m_point = m ; }else{ StringFree( m ) ; } }else{ StringFree( m ) ; } } if( h != 0 && h != 3 && h != 4 ){ h = 2 ; } StringFree( loop_path ) ; return h ; }
int zuluCrypRemoveEntryFromMtab( const char * m_point ) { #if USE_NEW_LIBMOUNT_API struct libmnt_lock * lock ; #else mnt_lock * lock ; #endif struct mntent * mt ; FILE * f ; FILE * g ; size_t dir_len = strlen( m_point ) ; int h ; lock = mnt_new_lock( "/etc/mtab~",getpid() ) ; f = setmntent( "/etc/mtab","r" ) ; if( mnt_lock_file( lock ) != 0 ){ h = 4 ; }else{ g = setmntent( "/etc/mtab-zuluCrypt","w" ) ; while( ( mt = getmntent( f ) ) != NULL ){ if( StringPrefixMatch( mt->mnt_dir,m_point,dir_len ) ){ /* * an entry we want to delete,skip it */ ; }else{ addmntent( g,mt ) ; } } endmntent( g ) ; rename( "/etc/mtab-zuluCrypt","/etc/mtab" ) ; chown( "/etc/mtab",0,0 ) ; chmod( "/etc/mtab",S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH ) ; mnt_unlock_file( lock ) ; h = 0 ; } endmntent( f ) ; mnt_free_lock( lock ) ; return h ; }
int zuluCryptCreateVolume( const char * dev,const char * fs,const char * type,const char * pass,size_t pass_size,const char * rng ) { string_t st ; int fd ; int r ; if( StringPrefixMatch( dev,"/dev/",5 ) ){ return _create_volume( dev,fs,type,pass,pass_size,rng ) ; }else{ /* * zuluCryptAttachLoopDeviceToFile() is defined in ./create_loop.c */ if( zuluCryptAttachLoopDeviceToFile( dev,O_RDWR,&fd,&st ) ){ r = _create_volume( StringContent( st ),fs,type,pass,pass_size,rng ) ; StringDelete( &st ) ; close( fd ) ; return r ; }else{ return 3 ; } } }
static void _get_file_system_options_from_config_file( const char * device,string_t st ) { char * f ; const char * e ; StringListIterator it ; StringListIterator end ; string_t xt = StringGetFromFile( "/etc/zuluCrypt/fs_options" ) ; stringList_t stl = StringListStringSplit( xt,'\n' ) ; stringList_t stz ; StringDelete( &xt ) ; f = _get_uuid_from_device( device ) ; StringListGetIterators( stl,&it,&end ) ; while( it != end ){ e = StringRemoveString( *it,"\"" ) ; it++ ; if( StringPrefixMatch( e,"UUID=",5 ) ){ if( StringPrefixEqual( e + 5,f ) ){ stz = StringListSplit( e,' ' ) ; e = StringListContentAtSecondPlace( stz ) ; StringMultipleAppend( st,",",e,NULL ) ; StringListDelete( &stz ) ; break ; } } } StringListDelete( &stl ) ; StringFree( f ) ; }
int zuluCryptOpenVolume( const char * dev,const char * mapper, const char * m_point,uid_t id,unsigned long m_opts, const char * fs_opts,const char * pass,size_t pass_size ) { int h ; string_t p = StringVoid ; string_t q = StringVoid ; int lmode ; int fd ; const char * mode ; const char * mapper_1 ; /* * zuluCryptPathIsNotValid() is defined in is_path_valid.c */ if( zuluCryptPathIsNotValid( dev ) ){ return 3 ; } /* * zuluCryptMapperPrefix() is defined in create_mapper_name.c */ p = String( zuluCryptMapperPrefix() ) ; mapper_1 = StringMultipleAppend( p,"/",mapper,END ) ; /* * zuluCryptPathIsValid() is defined in is_path_valid.c */ if( zuluCryptPathIsValid( mapper_1 ) ){ return zuluExit( 2,p ) ; } if( m_opts & MS_RDONLY ){ lmode = O_RDONLY ; mode = "ro" ; }else{ lmode = O_RDWR ; mode = "rw" ; } if( StringPrefixMatch( dev,"/dev/",5 ) ){ h = _open_mapper( dev,mapper,mode,pass,pass_size ) ; }else{ /* * zuluCryptAttachLoopDeviceToFile() is defined in create_loop_device.c */ if( zuluCryptAttachLoopDeviceToFile( dev,lmode,&fd,&q ) ){ dev = StringContent( q ) ; h = _open_mapper( dev,mapper,mode,pass,pass_size ) ; close( fd ) ; StringDelete( &q ) ; }else{ h = 1 ; } } switch( h ){ case 1 : return zuluExit( 4,p ) ; case 2 : return zuluExit( 8,p ) ; case 3 : return zuluExit( 3,p ) ; } if( m_point != NULL ){ /* * zuluCryptMountVolume() is defined in mount_volume.c */ h = zuluCryptMountVolume( mapper_1,m_point,m_opts,fs_opts,id ) ; if( h != 0 ){ /* * zuluCryptCloseMapper() is defined in close_mapper.c */ if( zuluCryptCloseMapper( mapper_1 ) != 0 ){ h = 15 ; } } } return zuluExit( h,p ) ; }
static int _create_tcrypt_volume( const char * device,const char * file_system, const char * rng,const char * key,size_t key_len, int key_source,u_int64_t hidden_volume_size, const char * file_system_h,const char * key_h,size_t key_len_h,int key_source_h ) { string_t st = StringVoid ; string_t xt = StringVoid ; tcrypt_t info ; int r = 3 ; if( zuluCryptPathIsNotValid( device ) ){ return 1 ; } memset( &info,'\0',sizeof( tcrypt_t ) ) ; info.device = device ; info.key_source = key_source ; info.key_source_h = key_source_h ; info.hidden_volume_size = hidden_volume_size ; if( StringPrefixMatch( rng,"/dev/urandom",12 ) ){ info.weak_keys_and_salt = 1 ; } if( info.key_source == TCRYPT_PASSPHRASE ){ info.key = key ; info.key_source_1 = "passphrase" ; }else{ /* * zuluCryptCreateKeyFile() is defined in open_tcrypt.c */ st = zuluCryptCreateKeyFile( key,key_len,"create_tcrypt-1-" ) ; info.key = StringContent( st ) ; info.key_source = TCRYPT_KEYFILE_FILE ; info.key_source_1 = "keyfiles" ; } if( info.hidden_volume_size > 0 ){ if( info.key_source_h == TCRYPT_PASSPHRASE ){ info.key_h = key_h ; info.key_source_h_1 = "h_passphrase" ; }else{ xt = zuluCryptCreateKeyFile( key_h,key_len_h,"create_tcrypt-2-" ) ; info.key_h = StringContent( xt ) ; info.key_source_h = TCRYPT_KEYFILE_FILE ; info.key_source_h_1 = "h_keyfiles" ; } } if( _create_volume( &info ) == TC_OK ){ r = _create_file_system( device,file_system,info.key_source,info.key,key_len,TCRYPT_NORMAL ) ; if( info.hidden_volume_size > 0 && r == 0 ){ r = _create_file_system( device,file_system_h,info.key_source_h,info.key_h,key_len_h,TCRYPT_HIDDEN ) ; } } /* * zuluCryptDeleteFile() is defined in file_path_security.c */ if( st != StringVoid ){ zuluCryptDeleteFile( StringContent( st ) ) ; StringDelete( &st ) ; } if( xt != StringVoid ){ zuluCryptDeleteFile( StringContent( xt ) ) ; StringDelete( &xt ) ; } return r ; }