const char * zuluCryptEncodeMountEntry( string_t st )
{
StringReplaceString( st,"\\","\\134" ) ;
StringReplaceString( st,"\n","\\012" ) ;
StringReplaceString( st," ","\\040" ) ;
return StringReplaceString( st,"\\t","\\011" ) ;
}
/*
* An assumption is made here that the path is an LVM path if "path"
* is in /dev/mapper/abc-def format and there exist a path at /dev/abc/def.
*
* Info in lvm path structures can be found here:
* https://www.redhat.com/archives/linux-lvm/2014-January/msg00014.html
*/
string_t zuluCryptConvertIfPathIsLVM( const char * path )
{
const char * e ;
const char ** z ;
struct stat st ;
StringIterator a ;
StringIterator b ;
StringIterator c ;
StringIterator d ;
string_t q = String( path ) ;
StringGetIterators( q,&c,&d ) ;
for( c = c + 3 ; c < d ; c++ ){
a = c - 2 ;
b = c - 1 ;
if( *a != '-' && *b == '-' && *c != '-' ){
/*
* found a place with a single dash,replace the dash with a slash
*/
*b = '/' ;
/*
* replace double dashes if present.
*/
z = StringPointer( q ) ;
while( StringHasComponent( *z,"--" ) ){
StringReplaceString( q,"--","-" ) ;
}
e = StringReplaceString( q,"/dev/mapper/","/dev/" ) ;
if( stat( e,&st ) == 0 ){
/*
* The path appear to be an LVM path since
* "/dev/mapper/ABC-DEF" input path has a corresponding
* "/dev/ABC/DEF" path
*/
}else{
/*
* Not an LVM volume,replace the string to its original
*/
StringReplace( q,path ) ;
}
break ;
}
}
return q ;
}
static const char * _remove_duplicates( string_t st )
{
const char ** z = StringPointer( st ) ;
while( StringHasComponent( *z,",," ) ){
StringReplaceString( st,",,","," ) ;
}
if( StringEndsWithChar( st,',' ) ){
return StringRemoveRight( st,1 ) ;
}else{
return StringContent( st ) ;
}
}
int zuluMountCryptoMount( ARGS * args )
{
const char * type = args->type ;
const char * offset = args->offset ;
const char * device = args->device ;
const char * UUID = args->uuid ;
const char * mode = args->m_opts ;
uid_t uid = args->uid ;
const char * key = args->key ;
const char * key_source = args->key_source ;
const char * m_point = args->m_point ;
const char * fs_opts = args->fs_opts ;
int mount_point_option = args->mpo ;
int share = args->share ;
int st ;
/*
* the struct is declared in ../zuluCrypt-cli/bin/libzuluCrypt-exe.h
*/
struct_opts opts ;
const char * mapping_name ;
char * path = NULL ;
string_t str = StringVoid ;
if( UUID == NULL ){
if( StringPrefixEqual( device,"/dev/loop" ) ){
/*
* zuluCryptLoopDeviceAddress_1() is defined in ../zuluCrypt-cli/create_loop_device.c
*/
path = zuluCryptLoopDeviceAddress_1( device ) ;
if( path == NULL ){
return 20 ;
}else{
mapping_name = path + StringLastIndexOfChar_1( path,'/' ) + 1 ;
}
}else{
mapping_name = device + StringLastIndexOfChar_1( device,'/' ) + 1 ;
}
}else{
str = String( UUID ) ;
StringRemoveString( str,"\"" ) ;
mapping_name = StringReplaceString( str,"UUID=","UUID-" ) ;
}
/*
* zuluCryptEXEGetOptsSetDefault() is defined in ../zuluCrypt-cli/bin/get_opts.c
*/
zuluCryptEXEGetOptsSetDefault( &opts ) ;
if( StringPrefixEqual( key_source,"-G" ) ){
opts.plugin_path = key ;
}
opts.mount_point = m_point ;
opts.device = device ;
opts.m_opts = mode ;
opts.key = key ;
opts.key_source = key_source ;
opts.mount_point_option = mount_point_option ;
opts.share = share ;
opts.fs_opts = fs_opts ;
opts.env = StringListStringArray( args->env ) ;
opts.offset = offset ;
opts.type = type ;
memcpy( opts.tcrypt_multiple_keyfiles,args->tcrypt_multiple_keyfiles,
sizeof( args->tcrypt_multiple_keyfiles ) ) ;
/*
* zuluCryptEXEOpenVolume() is defined in ../zuluCrypt-cli/bin/open_volume.c
*/
st = zuluCryptEXEOpenVolume( &opts,mapping_name,uid ) ;
StringDelete( &str ) ;
StringFree( opts.env ) ;
StringFree( path ) ;
return st ;
}
const char * StringSubStringWithInt( string_t st,const char * str,u_int64_t z )
{
char buffer[ BUFFSIZE ] = { '\0' };
return StringReplaceString( st,str,_intToString( buffer,z ) ) ;
}
static int open_plain_as_me_1(const struct_opts * opts,const char * mapping_name,uid_t uid,int op )
{
/*
* Below is a form of memory management.All strings are collected in a stringlist object to easily delete them
* when the function returns.This allows for the function to have multiple exit points without risks of leaking
* memory from manually examining each exit point to make sure all strings are deleted or go with multiple goto
* code deleting blocks to take into account different exit points.
*/
stringList_t stl ;
string_t * stringArray = StringListArray( &stl,5 ) ;
string_t * mapper = &stringArray[ 0 ] ;
string_t * passphrase = &stringArray[ 1 ] ;
string_t * p = &stringArray[ 2 ] ;
string_t * dev_st = &stringArray[ 3 ] ;
string_t * dev_1 = &stringArray[ 4 ] ;
size_t len = 0 ;
const char * source = opts->key_source ;
const char * pass = opts->key ;
int k = opts->ask_confirmation ;
const char * cpass = NULL ;
char * d ;
const char * device = opts->device ;
const char * dev = opts->device ;
int j ;
int n ;
const char * cmapper ;
if( StringPrefixEqual( device,"/dev/loop" ) ){
/*
* zuluCryptLoopDeviceAddress() is defined in ../lib/create_loop_device.c
*/
d = zuluCryptLoopDeviceAddress( device ) ;
*dev_st = StringInherit( &d ) ;
dev = StringContent( *dev_st ) ;
*dev_1 = StringCopy( *dev_st ) ;
device = StringReplaceString( * dev_1,"\\040"," " ) ;
}
/*
* zuluCryptPartitionIsSystemPartition() is defined in ./partition.c
*/
if( zuluCryptPartitionIsSystemPartition( device,uid ) ){
if( uid != 0 ){
return zuluExit( stl,8 ) ;
}
}
/*
* ZULUCRYPTlongMapperPath and ZULUCRYPTshortMapperPath are in ../constants.h
* zuluCryptCreateMapperName() is defined at ../lib/create_mapper_name.c
*/
*mapper = zuluCryptCreateMapperName( device,mapping_name,uid,ZULUCRYPTshortMapperPath ) ;
*p = zuluCryptCreateMapperName( device,mapping_name,uid,ZULUCRYPTlongMapperPath ) ;
j = zuluCryptCheckOpenedMapper( StringContent( *p ) ) ;
/*
* zuluCryptPartitionIsMounted() is defined in ../lib/process_mountinfo.c
*/
n = zuluCryptPartitionIsMounted( dev ) ;
if( j == 1 ){
return zuluExit( stl,13 ) ;
}
if( n == 1 ){
return zuluExit( stl,14 ) ;
}
if( k == 0 ){
*passphrase = StringRandomString( 64 ) ;
cpass = StringContent( *passphrase ) ;
len = StringLength( *passphrase ) ;
}else if( source == NULL ){
printf( gettext( "Enter passphrase: " ) ) ;
/*
* ZULUCRYPT_KEY_MAX_SIZE is set in ../constants.h
*/
switch( StringSilentlyGetFromTerminal_1( passphrase,ZULUCRYPT_KEY_MAX_SIZE ) ){
case 1 : return zuluExit( stl,16 ) ;
case 2 : return zuluExit( stl,17 ) ;
}
printf( "\n" ) ;
cpass = StringContent( *passphrase ) ;
len = StringLength( *passphrase ) ;
}else{
if( strcmp( source,"-p" ) == 0 ){
*passphrase = String( pass ) ;
cpass = StringContent( *passphrase ) ;
len = StringLength( *passphrase ) ;
}else if( strcmp( source,"-f" ) == 0 ){
/*
* zuluCryptGetPassFromFile() is defined at "path_access.c"
*/
switch( zuluCryptGetPassFromFile( pass,uid,passphrase ) ){
case 1 : return zuluExit( stl,10 ) ;
case 2 : return zuluExit( stl,11 ) ;
case 4 : return zuluExit( stl,12 ) ;
}
cpass = StringContent( *passphrase ) ;
len = StringLength( *passphrase ) ;
}
}
if( zuluCryptSecurityGainElevatedPrivileges() ){
/*
* zuluCryptOpenPlain() is defined in ../lib/open_plain.c
*/
if( zuluCryptOpenPlain( device,StringContent( *mapper ),"rw",cpass,len ) != 0 ){
zuluCryptSecurityDropElevatedPrivileges() ;
return zuluExit( stl,1 ) ;
}
}
zuluCryptSecurityDropElevatedPrivileges() ;
/*
* Create a mapper path(usually at /dev/mapper) associated with opened plain mapper above.
*/
cmapper = StringMultiplePrepend( *mapper,"/",crypt_get_dir(),NULL ) ;
/*
* mapper path is usually a soft link to /dev/dm-X
* resolve the mapper path to its respective /dev/dm-X and set permission on it.
*
* We set permission of /dev/dm-X pointing to the device to "u+rw" because we want notmal user to be able
* to write to the device through the mapper.
*
* Useful when a normal user want to delete content of the device by writing random data to it.
*/
d = zuluCryptRealPath( cmapper ) ;
if( zuluCryptSecurityGainElevatedPrivileges() ){
if( d != NULL ){
_ignore_result( chown( d,uid,0 ) ) ;
_ignore_result( chmod( d,S_IRWXU ) ) ;
StringFree( d ) ;
}
zuluCryptSecurityDropElevatedPrivileges() ;
}else{
return zuluExit( stl,1 ) ;
}
if( op == 1 ){
return zuluExit( stl,0 ) ;
}else{
StringListClearDelete( &stl ) ;
return 0 ;
}
}
static int _zuluCryptCheckSYSifDeviceIsSystem( const char * device )
{
/*
* UDEV_SUPPORT is set at configure time by "-DUDEVSUPPORT=true" option,the option being absent equals "-DUDEVSUPPORT=false"
* To set the option, configure with "-DUDEVSUPPORT=true"
*/
#if UDEV_SUPPORT
/*
* udev support is enabled
*/
int r ;
size_t e ;
ssize_t k ;
string_t xt ;
string_t st ;
char dev[ PATH_MAX + 1 ] ;
const char * path ;
if( StringPrefixNotEqual( device,"/dev/" ) ){
/*
* udev doesnt work with path to image files so return early
*/
return 0 ;
}
if( StringPrefixEqual( device,"/dev/loop" ) ){
/*
* udev thinks all loop devices are system devices and we disagree and hence we return early
*/
return 0 ;
}
path = realpath( device,dev ) ;
if( path != NULL ){
st = String( path ) ;
}else{
st = String( device ) ;
}
if( StringStartsWithAtLeastOne( st,"/dev/sd","/dev/hd",NULL ) ){
/*
* this path will convert something like: "/dev/sdc12" to "/dev/sdc"
*/
StringRemoveDigits( st ) ;
}else if( StringStartsWith( st,"/dev/mmc" ) ){
/*
* device path will be something like "/dev/mmcblk0p2" and what we want to do
* is cut off the string from p to end iwth "/dev/mmcblk0"
*/
k = StringIndexOfChar( st,0,'p' ) ;
if( k != -1 ){
e = StringLength( st ) - ( size_t )k ;
StringRemoveRight( st,e ) ;
}
}
StringReplaceString( st,"/dev/","/sys/block/" ) ;
path = StringAppend( st,"/removable" ) ;
/*
* path will be something like "/sys/block/sda/removable"
*/
xt = StringGetFromVirtualFile( path ) ;
StringDelete( &st ) ;
if( xt == StringVoid ){
return 0 ;
}else{
r = StringEqual( xt,"0\n" ) ;
StringDelete( &xt ) ;
return r ;
}
#else
if( device ){;}
/*
* udev support is disabled
*/
return 0 ;
#endif
}
