void ureport_server_config_load_basic_auth(struct ureport_server_config *config, const char *http_auth_pref) { if (http_auth_pref == NULL) return; map_string_t *settings = NULL; char *tmp_password = NULL; char *tmp_username = NULL; const char *username = NULL; const char *password = NULL; if (strcmp(http_auth_pref, "rhts-credentials") == 0) { settings = new_map_string(); char *local_conf = xasprintf("%s"USER_HOME_CONFIG_PATH"/rhtsupport.conf", getenv("HOME")); if (!load_plugin_conf_file("rhtsupport.conf", settings, /*skip key w/o values:*/ false) && !load_conf_file(local_conf, settings, /*skip key w/o values:*/ false)) error_msg_and_die("Could not get RHTSupport credentials"); free(local_conf); username = get_map_string_item_or_NULL(settings, "Login"); password = get_map_string_item_or_NULL(settings, "Password"); if (config->ur_url == NULL) ureport_server_config_set_url(config, xstrdup(RHSM_WEB_SERVICE_URL)); } else { username = tmp_username = xstrdup(http_auth_pref); password = strchr(tmp_username, ':'); if (password != NULL) /* It is "char *", see strchr() few lines above. */ *((char *)(password++)) = '\0'; } if (password == NULL) { char *message = xasprintf("Please provide uReport server password for user '%s':", username); password = tmp_password = ask_password(message); free(message); if (strcmp(password, "") == 0) error_msg_and_die("Cannot continue without uReport server password!"); } ureport_server_config_set_basic_auth(config, username, password); free(tmp_password); free(tmp_username); free_map_string(settings); }
static char *ask_bz_password(const char *message) { char *password = ask_password(message); if (password == NULL || password[0] == '\0') { set_xfunc_error_retval(EXIT_CANCEL_BY_USER); error_msg_and_die(_("Can't continue without password")); } return password; }
static void decrypt_password(uint8_t *encryptkey, uint8_t *IV, uint8_t *integrity){ char password[128]; ask_password(password, sizeof(password)); #ifdef CRYPTO_DEBUG print_key("encrypt_salt",descriptor.encryption_salt, sizeof(descriptor.encryption_salt)); print_key("password salt", descriptor.password_salt, sizeof(descriptor.password_salt)); #endif compute_session_keys_password( password, descriptor.hash_loops, encryptkey, IV, integrity, descriptor.encryption_salt, descriptor.password_salt); ZERO(password); }
char check_data_password(void) { char text[50]; if (data_password[0] == 0) data_edit_enabled = 1; if (data_edit_enabled) return 1; if (ask_password(text,0) == 0) return 0; if (strcmp(data_password,text)) { msg_box("Chyba!",1,"Chybn‚ heslo! P©¡stup zam¡tnut!","OK",NULL); return 0; } else { data_edit_enabled = 1; return 1; } }
static int interactive_upload_file(const char *url, const char *file_name, map_string_t *settings, char **remote_name) { post_state_t *state = new_post_state(POST_WANT_ERROR_MSG); state->username = get_map_string_item_or_NULL(settings, "UploadUsername"); char *password_inp = NULL; if (state->username != NULL && state->username[0] != '\0') { /* Load Password only if Username is configured, it doesn't make */ /* much sense to load Password without Username. */ state->password = get_map_string_item_or_NULL(settings, "UploadPassword"); if (state->password == NULL) { /* Be permissive and nice, ask only once and don't check */ /* the result. User can dismiss this prompt but the upload */ /* may work somehow??? */ char *msg = xasprintf(_("Please enter password for uploading:"), state->username); state->password = password_inp = ask_password(msg); free(msg); } } /* set SSH keys */ state->client_ssh_public_keyfile = get_map_string_item_or_NULL(settings, "SSHPublicKey"); state->client_ssh_private_keyfile = get_map_string_item_or_NULL(settings, "SSHPrivateKey"); if (state->client_ssh_public_keyfile != NULL) log_debug("Using SSH public key '%s'", state->client_ssh_public_keyfile); if (state->client_ssh_private_keyfile != NULL) log_debug("Using SSH private key '%s'", state->client_ssh_private_keyfile); char *tmp = upload_file_ext(state, url, file_name, UPLOAD_FILE_HANDLE_ACCESS_DENIALS); if (remote_name) *remote_name = tmp; else free(tmp); free(password_inp); free_post_state(state); /* return 0 on success */ return tmp == NULL; }
static int login(aur_t *aur) { int r; _cleanup_free_ char *username = NULL, *password = NULL, *error = NULL; if (arg_username == NULL) { username = ask_username(); if (username == NULL) return log_login_error(ENOMEM, NULL); r = aur_set_username(aur, username); if (r < 0) return log_login_error(r, NULL); arg_username = username; } r = aur_login(aur, &error); if (r < 0) { switch (r) { case -EKEYEXPIRED: /* cookie expired */ log_warn("Your cookie has expired -- using password login"); /* fallthrough */ case -ENOKEY: password = ask_password(); if (password == NULL) return -ENOMEM; r = aur_set_password(aur, password); if (r < 0) return log_login_error(r, NULL); r = aur_login(aur, &error); break; } if (r < 0) return log_login_error(r, error); } return 0; }
int main(int argc, const char *argv[]) { static const char *server = NULL; static const char *principal = NULL; static const char *keytab = NULL; static const char *enctypes_string = NULL; static const char *binddn = NULL; static const char *bindpw = NULL; char *ldap_uri = NULL; static const char *sasl_mech = NULL; static const char *ca_cert_file = NULL; int quiet = 0; int askpass = 0; int permitted_enctypes = 0; int retrieve = 0; struct poptOption options[] = { { "quiet", 'q', POPT_ARG_NONE, &quiet, 0, _("Print as little as possible"), _("Output only on errors")}, { "server", 's', POPT_ARG_STRING, &server, 0, _("Contact this specific KDC Server"), _("Server Name") }, { "principal", 'p', POPT_ARG_STRING, &principal, 0, _("The principal to get a keytab for (ex: ftp/[email protected])"), _("Kerberos Service Principal Name") }, { "keytab", 'k', POPT_ARG_STRING, &keytab, 0, _("The keytab file to append the new key to (will be " "created if it does not exist)."), _("Keytab File Name") }, { "enctypes", 'e', POPT_ARG_STRING, &enctypes_string, 0, _("Encryption types to request"), _("Comma separated encryption types list") }, { "permitted-enctypes", 0, POPT_ARG_NONE, &permitted_enctypes, 0, _("Show the list of permitted encryption types and exit"), _("Permitted Encryption Types") }, { "password", 'P', POPT_ARG_NONE, &askpass, 0, _("Asks for a non-random password to use for the principal"), NULL }, { "binddn", 'D', POPT_ARG_STRING, &binddn, 0, _("LDAP DN"), _("DN to bind as if not using kerberos") }, { "bindpw", 'w', POPT_ARG_STRING, &bindpw, 0, _("LDAP password"), _("password to use if not using kerberos") }, { "cacert", 0, POPT_ARG_STRING, &ca_cert_file, 0, _("Path to the IPA CA certificate"), _("IPA CA certificate")}, { "ldapuri", 'H', POPT_ARG_STRING, &ldap_uri, 0, _("LDAP uri to connect to. Mutually exclusive with --server"), _("url")}, { "mech", 'Y', POPT_ARG_STRING, &sasl_mech, 0, _("LDAP SASL bind mechanism if no bindd/bindpw"), _("GSSAPI|EXTERNAL") }, { "retrieve", 'r', POPT_ARG_NONE, &retrieve, 0, _("Retrieve current keys without changing them"), NULL }, POPT_AUTOHELP POPT_TABLEEND }; poptContext pc; char *ktname; char *password = NULL; krb5_context krbctx; krb5_ccache ccache; krb5_principal uprinc = NULL; krb5_principal sprinc; krb5_error_code krberr; struct keys_container keys = { 0 }; krb5_keytab kt; int kvno; int i, ret; char *err_msg; ret = init_gettext(); if (ret) { fprintf(stderr, "Failed to load translations\n"); } krberr = krb5_init_context(&krbctx); if (krberr) { fprintf(stderr, _("Kerberos context initialization failed\n")); exit(1); } pc = poptGetContext("ipa-getkeytab", argc, (const char **)argv, options, 0); ret = poptGetNextOpt(pc); if (ret == -1 && permitted_enctypes && !(server || principal || keytab || quiet)) { krb5_enctype *ktypes; char enc[79]; /* fit std terminal or truncate */ krberr = krb5_get_permitted_enctypes(krbctx, &ktypes); if (krberr) { fprintf(stderr, _("No system preferred enctypes ?!\n")); exit(1); } fprintf(stdout, _("Supported encryption types:\n")); for (i = 0; ktypes[i]; i++) { krberr = krb5_enctype_to_string(ktypes[i], enc, 79); if (krberr) { fprintf(stderr, _("Warning: " "failed to convert type (#%d)\n"), i); continue; } fprintf(stdout, "%s\n", enc); } ipa_krb5_free_ktypes(krbctx, ktypes); exit (0); } if (ret != -1 || !principal || !keytab || permitted_enctypes) { if (!quiet) { poptPrintUsage(pc, stderr, 0); } exit(2); } if (NULL!=binddn && NULL==bindpw) { fprintf(stderr, _("Bind password required when using a bind DN.\n")); if (!quiet) poptPrintUsage(pc, stderr, 0); exit(10); } if (NULL != binddn && NULL != sasl_mech) { fprintf(stderr, _("Cannot specify both SASL mechanism " "and bind DN simultaneously.\n")); if (!quiet) poptPrintUsage(pc, stderr, 0); exit(2); } if (sasl_mech && check_sasl_mech(sasl_mech)) { fprintf(stderr, _("Invalid SASL bind mechanism\n")); if (!quiet) poptPrintUsage(pc, stderr, 0); exit(2); } if (!binddn && !sasl_mech) { sasl_mech = LDAP_SASL_GSSAPI; } if (server && ldap_uri) { fprintf(stderr, _("Cannot specify server and LDAP uri " "simultaneously.\n")); if (!quiet) poptPrintUsage(pc, stderr, 0); exit(2); } if (!server && !ldap_uri) { struct ipa_config *ipacfg = NULL; ret = read_ipa_config(&ipacfg); if (ret == 0) { server = ipacfg->server_name; ipacfg->server_name = NULL; } free(ipacfg); if (!server) { fprintf(stderr, _("Server name not provided and unavailable\n")); exit(2); } } if (server) { ret = ipa_server_to_uri(server, sasl_mech, &ldap_uri); if (ret) { exit(ret); } } if (!ca_cert_file) { ca_cert_file = DEFAULT_CA_CERT_FILE; } if (askpass && retrieve) { fprintf(stderr, _("Incompatible options provided (-r and -P)\n")); exit(2); } if (askpass) { password = ask_password(krbctx); if (!password) { exit(2); } } else if (enctypes_string && strchr(enctypes_string, ':')) { if (!quiet) { fprintf(stderr, _("Warning: salt types are not honored" " with randomized passwords (see opt. -P)\n")); } } ret = asprintf(&ktname, "WRFILE:%s", keytab); if (ret == -1) { exit(3); } krberr = krb5_parse_name(krbctx, principal, &sprinc); if (krberr) { fprintf(stderr, _("Invalid Service Principal Name\n")); exit(4); } if (NULL == bindpw && strcmp(sasl_mech, LDAP_SASL_GSSAPI) == 0) { krberr = krb5_cc_default(krbctx, &ccache); if (krberr) { fprintf(stderr, _("Kerberos Credential Cache not found. " "Do you have a Kerberos Ticket?\n")); exit(5); } krberr = krb5_cc_get_principal(krbctx, ccache, &uprinc); if (krberr) { fprintf(stderr, _("Kerberos User Principal not found. " "Do you have a valid Credential Cache?\n")); exit(6); } } krberr = krb5_kt_resolve(krbctx, ktname, &kt); if (krberr) { fprintf(stderr, _("Failed to open Keytab\n")); exit(7); } kvno = -1; ret = ldap_get_keytab(krbctx, (retrieve == 0), password, enctypes_string, ldap_uri, principal, uprinc, binddn, bindpw, sasl_mech, ca_cert_file, &keys, &kvno, &err_msg); if (ret) { if (!quiet && err_msg != NULL) { fprintf(stderr, "%s", err_msg); } } if (retrieve == 0 && kvno == -1) { if (!quiet) { fprintf(stderr, _("Retrying with pre-4.0 keytab retrieval method...\n")); } /* create key material */ ret = create_keys(krbctx, sprinc, password, enctypes_string, &keys, &err_msg); if (!ret) { if (err_msg != NULL) { fprintf(stderr, "%s", err_msg); } fprintf(stderr, _("Failed to create key material\n")); exit(8); } kvno = ldap_set_keytab(krbctx, ldap_uri, principal, uprinc, binddn, bindpw, sasl_mech, ca_cert_file, &keys); } if (kvno == -1) { fprintf(stderr, _("Failed to get keytab\n")); exit(9); } for (i = 0; i < keys.nkeys; i++) { krb5_keytab_entry kt_entry; memset((char *)&kt_entry, 0, sizeof(kt_entry)); kt_entry.principal = sprinc; kt_entry.key = keys.ksdata[i].key; kt_entry.vno = kvno; krberr = krb5_kt_add_entry(krbctx, kt, &kt_entry); if (krberr) { fprintf(stderr, _("Failed to add key to the keytab\n")); exit (11); } } free_keys_contents(krbctx, &keys); krberr = krb5_kt_close(krbctx, kt); if (krberr) { fprintf(stderr, _("Failed to close the keytab\n")); exit (12); } if (!quiet) { fprintf(stderr, _("Keytab successfully retrieved and stored in: %s\n"), keytab); } exit(0); }
static int create_and_upload_archive( const char *dump_dir_name, map_string_t *settings) { int result = 1; /* error */ pid_t child; TAR* tar = NULL; const char* errmsg = NULL; char* tempfile = NULL; struct dump_dir *dd = dd_opendir(dump_dir_name, /*flags:*/ 0); if (!dd) xfunc_die(); /* error msg is already logged by dd_opendir */ /* Gzipping e.g. 0.5gig coredump takes a while. Let client know what we are doing */ log(_("Compressing data")); //TODO: //Encrypt = yes //ArchiveType = .tar.bz2 //ExcludeFiles = foo,bar*,b*z const char* opt = getenv("Upload_URL"); if (!opt) opt = get_map_string_item_or_empty(settings, "URL"); char *url = opt[0] != '\0' ? xstrdup(opt) : ask_url(_("Please enter a URL (scp, ftp, etc.) where the problem data is to be exported:")); /* Create a child gzip which will compress the data */ /* SELinux guys are not happy with /tmp, using /var/run/abrt */ /* Reverted back to /tmp for ABRT2 */ /* Changed again to /var/tmp because of Fedora feature tmp-on-tmpfs */ tempfile = concat_path_basename(LARGE_DATA_TMP_DIR, dump_dir_name); tempfile = append_to_malloced_string(tempfile, ".tar.gz"); int pipe_from_parent_to_child[2]; xpipe(pipe_from_parent_to_child); child = vfork(); if (child == 0) { /* child */ close(pipe_from_parent_to_child[1]); xmove_fd(pipe_from_parent_to_child[0], 0); xmove_fd(xopen3(tempfile, O_WRONLY | O_CREAT | O_EXCL, 0600), 1); execlp("gzip", "gzip", NULL); perror_msg_and_die("Can't execute '%s'", "gzip"); } close(pipe_from_parent_to_child[0]); /* If child died (say, in xopen), then parent might get SIGPIPE. * We want to properly unlock dd, therefore we must not die on SIGPIPE: */ signal(SIGPIPE, SIG_IGN); /* Create tar writer object */ if (tar_fdopen(&tar, pipe_from_parent_to_child[1], tempfile, /*fileops:(standard)*/ NULL, O_WRONLY | O_CREAT, 0644, TAR_GNU) != 0) { errmsg = "Can't create temporary file in "LARGE_DATA_TMP_DIR; goto ret; } /* Write data to the tarball */ { string_vector_ptr_t exclude_from_report = get_global_always_excluded_elements(); dd_init_next_file(dd); char *short_name, *full_name; while (dd_get_next_file(dd, &short_name, &full_name)) { if (exclude_from_report && is_in_string_list(short_name, (const_string_vector_const_ptr_t)exclude_from_report)) goto next; // dd_get_next_file guarantees that it's a REG: //struct stat stbuf; //if (stat(full_name, &stbuf) != 0) // || !S_ISREG(stbuf.st_mode) //) { // goto next; //} if (tar_append_file(tar, full_name, short_name) != 0) { errmsg = "Can't create temporary file in "LARGE_DATA_TMP_DIR; free(short_name); free(full_name); goto ret; } next: free(short_name); free(full_name); } } dd_close(dd); dd = NULL; /* Close tar writer... */ if (tar_append_eof(tar) != 0 || tar_close(tar) != 0) { errmsg = "Can't create temporary file in "LARGE_DATA_TMP_DIR; goto ret; } tar = NULL; /* ...and check that gzip child finished successfully */ int status; safe_waitpid(child, &status, 0); child = -1; if (status != 0) { /* We assume the error was out-of-disk-space or out-of-quota */ errmsg = "Can't create temporary file in "LARGE_DATA_TMP_DIR; goto ret; } /* Upload the tarball */ /* Upload from /tmp to /tmp + deletion -> BAD, exclude this possibility */ if (url && url[0] && strcmp(url, "file://"LARGE_DATA_TMP_DIR"/") != 0) { post_state_t *state = new_post_state(POST_WANT_ERROR_MSG); state->username = getenv("Upload_Username"); char *password_inp = NULL; if (state->username != NULL && state->username[0] != '\0') { /* Load Password only if Username is configured, it doesn't make */ /* much sense to load Password without Username. */ state->password = getenv("Upload_Password"); if (state->password == NULL) { /* Be permissive and nice, ask only once and don't check */ /* the result. User can dismiss this prompt but the upload */ /* may work somehow??? */ char *msg = xasprintf(_("Please enter password for uploading:"), state->username); state->password = password_inp = ask_password(msg); free(msg); } } char *remote_name = upload_file_ext(state, url, tempfile, UPLOAD_FILE_HANDLE_ACCESS_DENIALS); result = (remote_name == NULL); /* error if NULL */ free(remote_name); free(password_inp); free_post_state(state); /* cleanup code will delete tempfile */ } else { result = 0; /* success */ log(_("Archive is created: '%s'"), tempfile); free(tempfile); tempfile = NULL; } ret: free(url); dd_close(dd); if (tar) tar_close(tar); /* close(pipe_from_parent_to_child[1]); - tar_close() does it itself */ if (child > 0) safe_waitpid(child, NULL, 0); if (tempfile) { unlink(tempfile); free(tempfile); } if (errmsg) error_msg_and_die("%s", errmsg); return result; }
int main(int argc, char** argv){ CONFIG cfg; cfg_init(&cfg); //read commandline args if(!arg_parse(&cfg, argc-1, argv+1)){ return -1; } //read config file if(!cfg.cfg_file){ fprintf(stderr, "No config file supplied\n"); return -1; } if(!cfg_read(&cfg, cfg.cfg_file)){ cfg_free(&cfg); return -1; } //if not using pgpass, ask for database password if(!cfg.db.use_pgpass){ cfg.db.pass=calloc(sizeof(char),MAX_PASSWORD_LENGTH+1); if(!cfg.db.pass){ fprintf(stderr, "Failed to allocate memory\n"); cfg_free(&cfg); return -1; } fprintf(stderr, "DB Password: "******"\fWaiting..."); ask_password(cfg.db.pass, MAX_PASSWORD_LENGTH); } //check for sane config if(!cfg_sane(&cfg)){ cfg_free(&cfg); return -1; } //connect to database if persistent if(cfg.db.persist_connection){ if(!pq_connect(&(cfg.db))){ cfg_free(&cfg); return -1; } if(cfg.verbosity>2){ fprintf(stderr, "Database connection established\n"); } } //connect to remote devices if(!comms_open(&cfg)){ comms_close(&cfg); pq_close(&(cfg.db)); cfg_free(&cfg); return -1; } //set up signal handlers signal(SIGINT, sig_interrupt); signal(SIGTERM, sig_terminate); //run the state machine garfield_pos(&cfg); comms_close(&cfg); pq_close(&(cfg.db)); cfg_free(&cfg); return 0; }
char *run_event_stdio_ask_password(const char *msg, void *param) { return ask_password(msg); }
int main(int argc,char *argv[]) { char *s; char *pr; char test[50]; char *mask; InitCrashDump(); SetConsoleCtrlHandler(HandlerRoutine,TRUE); filename[0] ='\0'; // strcpy(filename,"TEST.MAP"); args_support(argc-1,argv); printf("Hledam konfiguracni soubor\n"); config_file = read_config("WSKELDAL.INI"); if (config_file == NULL) { puts("...nemohu najit WSKELDAL.INI\n"); return 1; } if (strlen(filename)>3 && stricmp(filename+strlen(filename)-3,"adv") == 0) { TSTR_LIST adv_cfg = read_config(filename); config_file = merge_configs(config_file,adv_cfg); filename[0] = 0; } sample_path = get_text_field(config_file,"CESTA_ZVUKY"); if (sample_path == NULL) sample_path =""; mob_dir = get_text_field(config_file,"CESTA_ENEMY"); if (mob_dir == NULL) mob_dir =""; init_sound(); init(); concat(mask,get_text_field(config_file,"CESTA_MAPY"),"*.map"); atexit(shut_down); // signal(SIGABRT,shut_down); init_mob_list(); InitMapFiles(get_text_field(config_file,"CESTA_MAPY")); do { ask_exit_status = 2; if (filename[0] =='\0') browser(mask,filename); if (filename[0]!='\0') { char *mapy = get_text_field(config_file,"CESTA_MAPY"); memmove(filename+strlen(mapy),filename,strlen(filename)+1); memcpy(filename,mapy,strlen(mapy)); s = pripona(filename,".HI"); background_file = (char *)getmem(strlen(s)+1);strcpy(background_file,s); load_background(); } do_events(); logo(); pr = pripona(filename,SCR); script_name = NewArr(char,strlen(pr)+1); strcpy(script_name,pr); read_full_side_script(pr); read_spec_procs(); read_side_list(ITEMS_SCRIPT,&vzhled_veci,0,4); read_side_list(ITEMS_PICS,&pohledy_veci,0,2); read_dlg_list(DLG_SCRIPT,&dlg_names,&dlg_pgfs); read_side_list(WEAPONS_SCRIPT,&weapons,0,3); read_side_list(WEAPONS_SCRIPT,&weapons_pos,2,3); set_defaults(); init_multiactions(); memset(vyklenky,0,sizeof(vyklenky)); init_item_system(); if (filename[0]!='\0' ) { int sel = 1; init_maps(); set_defaults(); if (load_map(filename)) msg_box(filename,'\01',"Tento soubor je buƒ ne‡iteln˜, nebo po¨kozen˜","Pokra‡ovat",NULL); if (check_password(NULL) == 0) if (ask_password(test,0) == 0 || check_password(test) == 0) { filename[0] = 0; ask_exit_status = 1; goto preskoc; } if (maplen<2) { sel = msg_box(filename,' ',"Soubor neexistuje, bude vytvo©en nov˜. Nyn¡ je nutn‚ nastavit z kladn¡ stˆny" " a jin‚ dal¨¡ parametry pro tuto mapu","Pokra‡ujem","Zav©it",NULL); if (sel == 1) { newmap = 1; } } if (sel == 1) { create_menu(); redraw_window(); escape(); filename[0] = 0; close_current(); } } preskoc: free(background_file); } while (ask_exit_status == 1); ClearMapFiles(); redraw_desktop(); close_manager(); return 0; }