← Back to branch summary

~ecryptfs/ecryptfs/trunk

« back to all changes in this revision

Viewing changes to src/key_mod/ecryptfs_key_mod_openssl.c

  • Committer: mike@halcrow.us
  • Date: 2007-12-16 00:54:37 UTC
  • Revision ID: git-v1:55dfb66bac7dba63b0da53d4a413901a7dd24e75
SupportĀ forĀ implicitĀ transitions

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/key_mod/ecryptfs_key_mod_openssl.c
27
27
#include <errno.h>
28
28
#include <stdlib.h>
29
29
#include <unistd.h>
 
30
#include <libgen.h>
30
31
#include <openssl/pem.h>
31
32
#include <openssl/rsa.h>
32
33
#include <openssl/err.h>
182
183
}
183
184
 
184
185
static int
 
186
ecryptfs_openssl_mkdir_recursive(char *dir, mode_t mode)
 
187
{
 
188
        char *temp = NULL;
 
189
        char *parent = NULL;
 
190
        int rc = 0;
 
191
 
 
192
        if (!strcmp(dir, ".") || !strcmp(dir, "/"))
 
193
                goto out;
 
194
        temp = strdup(dir);
 
195
        if (temp == NULL) {
 
196
                rc = -ENOMEM;
 
197
                goto out;
 
198
        }
 
199
        parent = dirname(temp);
 
200
        rc = ecryptfs_openssl_mkdir_recursive(parent, mode);
 
201
        if (rc)
 
202
                goto out;
 
203
        if (mkdir(dir, mode) == -1) {
 
204
                if (errno != EEXIST) {
 
205
                        rc = -errno;
 
206
                        goto out;
 
207
                }
 
208
        }
 
209
        rc = 0;
 
210
out:
 
211
        free(temp);
 
212
        return rc;
 
213
}
 
214
 
 
215
static int
185
216
ecryptfs_openssl_write_key_to_file(RSA *rsa, char *filename, char *passphrase)
186
217
{
187
 
        uid_t id;
188
 
        struct passwd *pw;
189
 
        char *ecryptfs_dir = NULL;
190
 
        char *pki_dir = NULL;
191
 
        char *openssl_dir = NULL;
 
218
        char *tmp_filename;
 
219
        char *openssl_dir;
192
220
        BIO *out;
193
221
        const EVP_CIPHER *enc = EVP_aes_256_cbc();
194
222
        int rc = 0;
195
223
 
196
 
        id = getuid();
197
 
        pw = getpwuid(id);
198
 
        if (!pw) {
199
 
                syslog(LOG_ERR, "%s: Unable to get the current directory from "
200
 
                       "the passwd file on this system\n", __FUNCTION__);
201
 
                rc = -EIO;
202
 
                goto out_free_paths;
203
 
        }
204
 
        rc = asprintf(&ecryptfs_dir, "%s/.ecryptfs", pw->pw_dir);
205
 
        if (rc == -1) {
206
 
                rc = -ENOMEM;
207
 
                goto out_free_paths;
208
 
        }
209
 
        rc = asprintf(&pki_dir, "%s/.ecryptfs/pki", pw->pw_dir);
210
 
        if (rc == -1) {
211
 
                rc = -ENOMEM;
212
 
                goto out_free_paths;
213
 
        }
214
 
        rc = asprintf(&openssl_dir, "%s/.ecryptfs/pki/openssl", pw->pw_dir);
215
 
        if (rc == -1) {
216
 
                rc = -ENOMEM;
217
 
                goto out_free_paths;
218
 
        }
219
 
        rc = mkdir(ecryptfs_dir, 0700);
220
 
        if (rc && rc != EEXIST) {
221
 
                syslog(LOG_WARNING, "%s: Error attempting to mkdir [%s]; "
222
 
                       "rc = [%d]\n", __FUNCTION__, ecryptfs_dir, rc);
223
 
        }
224
 
        rc = mkdir(pki_dir, 0700);
225
 
        if (rc && rc != EEXIST) {
226
 
                syslog(LOG_WARNING, "%s: Error attempting to mkdir [%s]; "
227
 
                       "rc = [%d]\n", __FUNCTION__, pki_dir, rc);
228
 
        }
229
 
        rc = mkdir(openssl_dir, 0700);
230
 
        if (rc && rc != EEXIST) {
 
224
        tmp_filename = strdup(filename);
 
225
        if (tmp_filename == NULL) {
 
226
                rc = -ENOMEM;
 
227
                goto out;
 
228
        }
 
229
        openssl_dir = dirname(tmp_filename);
 
230
        rc = ecryptfs_openssl_mkdir_recursive(openssl_dir, 0700);
 
231
        if (rc) {
231
232
                syslog(LOG_WARNING, "%s: Error attempting to mkdir [%s]; "
232
233
                       "rc = [%d]\n", __FUNCTION__, openssl_dir, rc);
233
234
        }
234
235
        if ((out = BIO_new(BIO_s_file())) == NULL) {
235
236
                syslog(LOG_ERR, "Unable to create BIO for output\n");
236
237
                rc= -EIO;
237
 
                goto out_free_paths;
 
238
                goto out;
238
239
        }
239
240
        if (BIO_write_filename(out, filename) <= 0) {
240
241
                syslog(LOG_ERR, "Failed to open file for reading\n");
249
250
        }
250
251
out_free_bio:
251
252
        BIO_free_all(out);
252
 
out_free_paths:
253
 
        free(ecryptfs_dir);
254
 
        free(pki_dir);
255
 
        free(openssl_dir);
 
253
out:
 
254
        free(tmp_filename);
256
255
        return rc;
257
256
}
258
257
 
559
558
        struct ecryptfs_subgraph_ctx *subgraph_ctx;
560
559
        int rc;
561
560
 
 
561
        if (ecryptfs_verbosity) 
 
562
                syslog(LOG_INFO, "%s: Called w/ node->val = [%s]\n",
 
563
                       __FUNCTION__, node->val);
562
564
        subgraph_ctx = (struct ecryptfs_subgraph_ctx *)(*foo);
563
565
        if ((rc = asprintf(&subgraph_ctx->openssl_data.passphrase, "%s",
564
566
                           node->val)) == -1) {
565
567
                rc = MOUNT_ERROR;
566
568
                goto out;
567
569
        }
 
570
        free(node->val);
568
571
        node->val = NULL;
569
572
        if ((rc = ecryptfs_openssl_process_key(subgraph_ctx, mnt_params))) {
570
573
                syslog(LOG_ERR, "Error processing OpenSSL key; rc = [%d]", rc);
788
791
         .default_val = NULL,
789
792
         .suggested_val = "passwd",
790
793
         .flags = (DISPLAY_TRANSITION_NODE_VALS | ECRYPTFS_DISPLAY_PRETTY_VALS
791
 
                   | ECRYPTFS_PARAM_FLAG_ECHO_INPUT),
 
794
                   | ECRYPTFS_PARAM_FLAG_ECHO_INPUT
 
795
                   | ECRYPTFS_ALLOW_IMPLICIT_TRANSITION),
792
796
         .num_transitions = 3,
793
797
         .tl = {{.val = "passwd",
794
798
                 .pretty_val = "passwd: Enter on Console",