/*
* Copyright (C) 2005, 2007, 2008, 2009 Free Software Foundation
*
* This file is part of GNUTLS.
*
* GNUTLS is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* GNUTLS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see .
*/
#include
/* Gnulib portability files. */
#include
#include
#ifndef ENABLE_PSK
#include
int
main (int argc, char **argv)
{
printf ("\nPSK not supported. This program is a dummy.\n\n");
return 1;
};
#else
#include
#include
#include
#include
#include
#include
#include "../lib/random.h" /* for random */
#include
#include
#ifndef _WIN32
# include
# include
#else
# include
#endif
/* Gnulib portability files. */
#include
#include "getpass.h"
static int write_key (const char *username, const char *key, int key_size,
char *passwd_file);
#define KPASSWD "/etc/passwd.psk"
#define MAX_KEY_SIZE 64
int
main (int argc, char **argv)
{
gaainfo info;
int ret;
struct passwd *pwd;
unsigned char key[MAX_KEY_SIZE];
char hex_key[MAX_KEY_SIZE * 2 + 1];
gnutls_datum_t dkey;
size_t hex_key_size = sizeof (hex_key);
set_program_name (argv[0]);
if ((ret = gnutls_global_init ()) < 0)
{
fprintf (stderr, "global_init: %s\n", gnutls_strerror (ret));
exit (1);
}
umask (066);
if (gaa (argc, argv, &info) != -1)
{
fprintf (stderr, "Error in the arguments.\n");
return -1;
}
if (info.passwd == NULL)
info.passwd = (char*) KPASSWD;
if (info.username == NULL)
{
#ifndef _WIN32
pwd = getpwuid (getuid ());
if (pwd == NULL)
{
fprintf (stderr, "No such user\n");
return -1;
}
info.username = pwd->pw_name;
#else
fprintf (stderr, "Please specify a user\n");
return -1;
#endif
}
if (info.key_size > MAX_KEY_SIZE)
{
fprintf (stderr, "Key size is too long\n");
exit (1);
}
if (info.netconf_hint)
{
char *passwd;
if (info.key_size != 0 && info.key_size != 20)
{
fprintf (stderr, "For netconf, key size must always be 20.\n");
exit (1);
}
passwd = getpass ("Enter password: ");
if (passwd == NULL)
{
fprintf (stderr, "Please specify a password\n");
exit (1);
}
ret = gnutls_psk_netconf_derive_key (passwd,
info.username,
info.netconf_hint, &dkey);
}
else
{
if (info.key_size < 1)
info.key_size = 16;
printf ("Generating a random key for user '%s'\n", info.username);
ret = _gnutls_rnd (GNUTLS_RND_RANDOM, (char *) key, info.key_size);
if (ret < 0)
{
fprintf (stderr, "Not enough randomness\n");
exit (1);
}
dkey.data = key;
dkey.size = info.key_size;
}
ret = gnutls_hex_encode (&dkey, hex_key, &hex_key_size);
if (info.netconf_hint)
gnutls_free (dkey.data);
if (ret < 0)
{
fprintf (stderr, "HEX encoding error\n");
exit (1);
}
ret = write_key (info.username, hex_key, hex_key_size, info.passwd);
if (ret == 0)
printf ("Key stored to %s\n", info.passwd);
return ret;
}
static int
filecopy (char *src, char *dst)
{
FILE *fd, *fd2;
char line[5 * 1024];
char *p;
fd = fopen (dst, "w");
if (fd == NULL)
{
fprintf (stderr, "Cannot open '%s' for write\n", dst);
return -1;
}
fd2 = fopen (src, "r");
if (fd2 == NULL)
{
/* empty file */
fclose (fd);
return 0;
}
line[sizeof (line) - 1] = 0;
do
{
p = fgets (line, sizeof (line) - 1, fd2);
if (p == NULL)
break;
fputs (line, fd);
}
while (1);
fclose (fd);
fclose (fd2);
return 0;
}
static int
write_key (const char *username, const char *key, int key_size,
char *passwd_file)
{
FILE *fd;
char line[5 * 1024];
char *p, *pp;
char tmpname[1024];
/* delete previous entry */
struct stat st;
FILE *fd2;
int put;
if (strlen (passwd_file) > sizeof (tmpname) + 5)
{
fprintf (stderr, "file '%s' is tooooo long\n", passwd_file);
return -1;
}
strcpy (tmpname, passwd_file);
strcat (tmpname, ".tmp");
if (stat (tmpname, &st) != -1)
{
fprintf (stderr, "file '%s' is locked\n", tmpname);
return -1;
}
if (filecopy (passwd_file, tmpname) != 0)
{
fprintf (stderr, "Cannot copy '%s' to '%s'\n", passwd_file, tmpname);
return -1;
}
fd = fopen (passwd_file, "w");
if (fd == NULL)
{
fprintf (stderr, "Cannot open '%s' for write\n", passwd_file);
remove (tmpname);
return -1;
}
fd2 = fopen (tmpname, "r");
if (fd2 == NULL)
{
fprintf (stderr, "Cannot open '%s' for read\n", tmpname);
remove (tmpname);
return -1;
}
put = 0;
do
{
p = fgets (line, sizeof (line) - 1, fd2);
if (p == NULL)
break;
pp = strchr (line, ':');
if (pp == NULL)
continue;
if (strncmp (p, username,
MAX (strlen (username), (unsigned int) (pp - p))) == 0)
{
put = 1;
fprintf (fd, "%s:%s\n", username, key);
}
else
{
fputs (line, fd);
}
}
while (1);
if (put == 0)
{
fprintf (fd, "%s:%s\n", username, key);
}
fclose (fd);
fclose (fd2);
remove (tmpname);
return 0;
}
#endif /* ENABLE_PSK */
void psktool_version (void);
void
psktool_version (void)
{
const char *p = PACKAGE_NAME;
if (strcmp (gnutls_check_version (NULL), PACKAGE_VERSION) != 0)
p = PACKAGE_STRING;
version_etc (stdout, "psktool", p, gnutls_check_version (NULL),
"Nikos Mavrogiannopoulos", (char *) NULL);
}