78 #include <sys/types.h>
81 #include <sys/types.h>
195 void Menu(
int opt = 0);
201 bool random,
bool checkpw,
bool &newpw);
209 bool ExpPuk(
const char *puk = 0,
bool read = 1);
212 bool AskConfirm(
const char *msg1,
bool defact,
const char *msg2 = 0);
215 #define PRT(x) {std::cerr <<x <<std::endl;}
223 int main(
int argc,
char **argv )
238 const char *pwdimp = 0;
259 prompt =
"Create file ";
276 PRT(
"Server ID will be generated randomly. It can be changed");
277 PRT(
"at any time with 'add -srvID <ID>'.");
284 struct passwd *pw = getpwuid(getuid());
306 PRT(
" File successfully created with server ID set to: "
314 PRT(
"// Could generate ref ciphers for all the factories");
317 for ( i = 0; i <
ncrypt; i++ ) {
337 PRT(
" Server Puk saved for crypto: "<<
CF[i]->Name());
346 PRT(
"// Problems with puk backup ");
350 PRT(
" File successfully created ");
362 int *ofs =
new int[nm];
364 for ( i = 0; i < nm ; i++) {
373 PRT(
"// Factory ID not found: corruption ?");
376 if (!(
RefCip[i] =
CF[ii]->Cipher(&bck))) {
377 PRT(
"// Could not instantiate cipher for factory "<<
CF[ii]->Name());
383 PRT(
"// Ref puk ciphers not found: corruption ?");
389 PRT(
" Unique ID missing: 'add -srvID' to set it");
397 PRT(
" Unique ID missing: 'add -srvID' to set it");
405 PRT(
" Contact E-mail not set: 'add -email <email>' to set it");
413 PRT(
" Local host name not set: 'add -host <host>' to set it");
434 PRT(
"// Could not export public keys");
450 PRT(
"// Problem importing puks from "<<
PukFile<<
457 PRT(
"// Could not generate ref ciphers for all the factories");
464 PRT(
"// Problems with puk backup ");
471 "' in file: "<<ff.
Name());
474 int *ofs =
new int[nm];
480 for ( i = 0; i < nm ; i++) {
506 PRT(
" Server Puk updated for crypto: "<<
CF[i]->Name());
513 sprintf(stag,
"*_%d",
id);
516 int *uofs =
new int[nofs];
520 for (; k < nofs; k++) {
537 uent.
mtime = time(0);
543 PRT(
"// warning: problems reading entry: corruption?");
549 "' found in file: "<<ff.
Name()<<
" : corruption? ");
558 if (!check ||
AskConfirm(
"Override server ID?",0,
559 "This may cause inconveniences"
580 if (!check ||
AskConfirm(
"Override contact e-mail"
601 if (!check ||
AskConfirm(
"Override server host name?",0)) {
622 PRT(
"// Updating the server puk file requires a file with "<<
623 "the keys received by the server administrator:");
624 PRT(
"// rerun with option '-import <file_with_keys>' ");
661 pwdimp = ImpPwd.
c_str();;
685 "' created / updated");
695 prompt =
"Adding/Updating entry for tag: ";
715 for ( i = 0; i <
ncrypt; i++ ) {
719 PRT(
"Hook for crypto factory undefined: "<<
CryptMod[i].c_str());
727 PRT(
"Error resolving one-way hash functions ");
736 if (
GetEntry(&ff,tag,ent,checkpwd)) {
786 PRT(
" Entry for tag '"<<tag.
c_str()<<
787 "' created / updated");
802 PRT(
"//-----------------------------------------------------"
803 "--------------------//");
807 "' in file: "<<ff.
Name());
810 int *ofs =
new int[nm];
816 for ( i = 0; i < nm ; i++) {
821 PRT(
"// Entry for ofs "<<ofs[i]<<
822 " not found in file: "<<ff.
Name());
827 "' found in file: "<<ff.
Name());
830 PRT(
"//-----------------------------------------------------"
831 "--------------------//");
837 prompt =
"Removing entry for tag: ";
844 PRT(
"//-----------------------------------------------------"
845 "--------------------//");
849 "' in file: "<<ff.
Name());
852 int *ofs =
new int[nm];
858 for ( i = 0; i < nm ; i++) {
861 "' removed from file: "<<ff.
Name());
864 "' not found in file: "<<ff.
Name());
869 "' found in file: "<<ff.
Name());
872 PRT(
"//-----------------------------------------------------"
873 "--------------------//");
879 prompt =
"Disabling entry for tag: ";
886 PRT(
"//-----------------------------------------------------"
887 "--------------------//");
891 "' in file: "<<ff.
Name());
894 int *ofs =
new int[nm];
900 for ( i = 0; i < nm ; i++) {
913 PRT(
"// Entry for tag '"<<ent.
name<<
916 PRT(
"// Entry for ofs "<<ofs[i]<<
917 " not found in file: "<<ff.
Name());
922 "' found in file: "<<ff.
Name());
925 PRT(
"//-----------------------------------------------------"
926 "--------------------//");
932 prompt =
"Copying entry for tag: ";
934 prompt +=
" into tag: ";
941 PRT(
"Entry to copy not found missing");
947 PRT(
"//-----------------------------------------------------"
948 "--------------------//");
954 nent->
mtime = time(0);
956 PRT(
"// Entry for tag '"<<nent->
name<<
960 PRT(
"// Cannot create new entry: out of memory");
964 PRT(
"//-----------------------------------------------------"
965 "--------------------//");
993 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
995 PRT(
"+ x r d p w d a d m i n +");
997 PRT(
"+ Administration of pwd files +");
1005 PRT(
"+ xrdpwdadmin [-h] [-m <mode>] [options] +");
1007 PRT(
"+ -h display this menu +");
1009 PRT(
"+ -m choose mode (admin, user, netrc, srvpuk) [admin] +");
1012 PRT(
"+ create / modify the main file used by servers +");
1013 PRT(
"+ started from this account to validate clients +");
1014 PRT(
"+ credentials. Default location and name: +");
1015 PRT(
"+ $(HOME)/.xrd/pwdadmin +");
1017 PRT(
"+ NB: file must readable and writable by owner +");
1018 PRT(
"+ only e.g. 0600 +");
1021 PRT(
"+ create / modify local file used by servers +");
1022 PRT(
"+ to validate this user credentials. +");
1023 PRT(
"+ Default location and name: +");
1024 PRT(
"+ $(HOME)/.xrd/pwduser +");
1026 PRT(
"+ NB: the file must be copied on the server machine +");
1027 PRT(
"+ if produced elsewhere; file must be writable +");
1028 PRT(
"+ by the owner only, e.g. 0644 +");
1031 PRT(
"+ create / modify local autologin file +");
1032 PRT(
"+ Default location and name: +");
1033 PRT(
"+ $(HOME)/.xrd/pwdnetrc +");
1035 PRT(
"+ NB: file must readable and writable by owner +");
1036 PRT(
"+ only e.g. 0600 +");
1039 PRT(
"+ create / modify local file with known server +");
1040 PRT(
"+ public cipher initializers. +");
1041 PRT(
"+ Default location and name: +");
1042 PRT(
"+ $(HOME)/.xrd/pwdsrvpuk +");
1044 PRT(
"+ NB: file must be writable by the owner only +");
1045 PRT(
"+ e.g. 0644 +");
1051 PRT(
"+ Options: +");
1053 PRT(
"+ add <name> [-[no]force] [-[no]random] [-[no]savepw] +");
1054 PRT(
"+ add entry with tag <name>; the application prompts +");
1055 PRT(
"+ for the password +");
1057 PRT(
"+ add <name> -import <pwd_file> +");
1058 PRT(
"+ add entry with tag <name> importing the pwd from +");
1059 PRT(
"+ the file send by the server administrator +");
1060 PRT(
"+ [netrc only] +");
1062 PRT(
"+ add -import <srvkey_file> +");
1063 PRT(
"+ add new server key importing the key from +");
1064 PRT(
"+ the file send by the server administrator +");
1065 PRT(
"+ [srvpuk only] +");
1067 PRT(
"+ update <name> [options] +");
1068 PRT(
"+ equivalent to 'add -force' +");
1070 PRT(
"+ read <name> +");
1071 PRT(
"+ list some information of entry associated with tag +");
1072 PRT(
"+ <name> (status, count, date of last change, buffer +");
1073 PRT(
"+ lengths); buffer contents not listed +");
1075 PRT(
"+ remove <name> +");
1076 PRT(
"+ Make entry associated with tag <name> inactive +");
1077 PRT(
"+ (Spce is recovered during next trim operation) +");
1079 PRT(
"+ copy <name> <newname> +");
1080 PRT(
"+ Create new entry with tag <newname> and content of +");
1081 PRT(
"+ existing entry with tag <name> +");
1083 PRT(
"+ trim [-nobackup] +");
1084 PRT(
"+ Trim the file content eliminating all the inactive +");
1085 PRT(
"+ entries; a backup is created in <file>.bak unless +");
1086 PRT(
"+ the option '-nobackup' is specified +");
1089 PRT(
"+ list a table about the file content +");
1095 PRT(
"+ -dontask +");
1096 PRT(
"+ do not prompt for questions: when in doubt use +");
1097 PRT(
"+ defaults or fail +");
1098 PRT(
"+ [default: ask] +");
1100 PRT(
"+ overwrite entry if it exists already +");
1101 PRT(
"+ [default: do not overwrite] +");
1102 PRT(
"+ -[no]change +");
1103 PRT(
"+ do [not] require user to change info on first use +");
1104 PRT(
"+ [default: admin: change / user: no change +");
1105 PRT(
"+ -crypto [-]<crypt1>|[-]<crypt2>|... +");
1106 PRT(
"+ create information for the given crypto modules +");
1107 PRT(
"+ ('|' separated list) in addition to default ones +");
1108 PRT(
"+ (normally ssl and local); use '-' in front to avoid +");
1109 PRT(
"+ avoid creating a entry for a module; one entry is +");
1110 PRT(
"+ for each module with effective tag of the form +");
1111 PRT(
"+ name_<cryptoID> [default list: ssl] +");
1112 PRT(
"+ [default: create backup] +");
1117 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1129 if (argc < 0 || !argv[0]) {
1130 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1131 PRT(
"+ Insufficient number or arguments! +");
1132 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1142 while ((argc >= 0) && (*argv)) {
1146 if(*(argv)[0] ==
'-') {
1152 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1153 PRT(
"+ Only one valid '-m' option allowed: ignoring +");
1154 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1157 if (argc >= 0 && (*argv && *(argv)[0] ==
'-')) {
1164 if (argc >= 0 && (*argv && *(argv)[0] !=
'-')) {
1177 PRT(
"++++++++++++++++++++++++++++++++++++++"
1178 "++++++++++++++++++++++");
1179 PRT(
"+ Ignoring unrecognized more: "<<mode.
c_str());
1180 PRT(
"++++++++++++++++++++++++++++++++++++++"
1181 "++++++++++++++++++++++");
1184 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1185 PRT(
"+ Option '-m' requires {admin,user,netrc,srvpuk}: ignoring +");
1186 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1197 if (argc >= 0 && (*argv && *(argv)[0] !=
'-')) {
1200 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1201 PRT(
"+ Option '-f' requires a file or directory name: ignoring +");
1202 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1238 if (argc >= 0 && (*argv && *(argv)[0] !=
'-')) {
1239 int iter = strtol(*argv,0,10);
1240 if (iter > 0 && errno != ERANGE) {
1245 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1246 PRT(
"+ Option '-iternum' requires a positive number: ignoring +");
1247 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1252 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1253 PRT(
"+ Option '-iternum' requires a positive number: ignoring +");
1254 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1261 if (argc >= 0 && (*argv && *(argv)[0] !=
'-')) {
1264 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1265 PRT(
"+ Option '-crypto' requires a list of modules: ignoring +");
1266 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1273 if (argc >= 0 && (*argv && *(argv)[0] !=
'-')) {
1281 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1282 PRT(
"+ Option '-import' requires a file name: ignoring +");
1283 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1291 if (argc >= 0 && (*argv && *(argv)[0] !=
'-')) {
1302 if (argc >= 0 && (*argv && *(argv)[0] !=
'-')) {
1306 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1307 PRT(
"+ Option '-email' requires an email string: ignoring +");
1308 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1315 if (argc >= 0 && (*argv && *(argv)[0] !=
'-')) {
1319 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1320 PRT(
"+ Option '-host' requires the local host name: ignoring +");
1321 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1326 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1327 PRT(
"+ Ignoring unrecognized option: "<<*argv);
1328 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1335 int iad = -1, iup = -1, ird = -1, irm = -1, idi = -1, icp = -1;
1347 if (argc >= 0 && (*argv && *(argv)[0] !=
'-')) {
1352 if (argc >= 0 && (*argv && *(argv)[0] !=
'-')) {
1355 PRT(
"+++++++++++++++++++++++++++++++++++++++++"
1356 "+++++++++++++++++++");
1357 PRT(
"+ 'copy': missing destination tag: ignoring"
1359 PRT(
"+++++++++++++++++++++++++++++++++++++++++"
1360 "+++++++++++++++++++");
1376 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1377 PRT(
"+ Ignoring unrecognized keyword action: "<<opt.
c_str());
1378 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1403 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1404 PRT(
"+ Specified action requires a tag: "<<
1406 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1422 struct passwd *pw = getpwuid(getuid());
1427 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1428 PRT(
"+ WARNING: could not get local user info for srv ID +");
1429 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1434 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1435 PRT(
"+ WARNING: srv ID too long: truncating to 32 chars: "
1437 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1447 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1448 PRT(
"+ WARNING: ignore iter num change request (not admin/user) +");
1449 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1456 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1457 PRT(
"+ WARNING: ignore password change request (not netrc) +");
1458 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1466 struct passwd *pw = getpwuid(getuid());
1470 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1471 PRT(
"+ WARNING: name tag does not match local user name: ");
1473 PRT(
"+ Some servers may ignore this entry ");
1474 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1511 if (S_ISDIR(st.st_mode)) {
1519 if (errno == ENOENT) {
1524 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1526 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1541 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1543 PRT(
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
1580 for (; i <
ncrypt; i++ ) {
1584 PRT(
"// Hook for crypto factory "<<
CryptMod[i]<<
" undefined");
1600 int lref = (ref) ? strlen(ref) : 0;
1610 }
else if (opt == noref) {
1619 bool random,
bool checkpw,
bool &newpw)
1656 if (newpw || !pwdref.
length()) {
1663 while (!passwd.
length()) {
1667 PRT(
"AddPassword: max number of attempts reached: "<<
kMAXPWDATT);
1668 if (pwhash)
delete[] pwhash;
1677 prompt.
insert(
" (last attempt)",prompt.
find(
":"));
1688 }
else if (random) {
1704 pwhash =
new char[(*KDFunLen)()];
1711 char *osahash =
new char[(*KDFunLen)()];
1713 (*KDFun)(pwhash,pwhlen,
1714 oldsalt.
buf,oldsalt.
len,osahash,0);
1715 if (!memcmp(oldhash.
buf,osahash,oldhash.
len)) {
1717 PRT(
"AddPassword: Password seems to be the same"
1718 ": please enter a different one");
1725 if (osahash)
delete[] osahash;
1732 char *nsahash =
new char[(*KDFunLen)()];
1734 int hlen = (*KDFun)(pwhash,pwhlen,
1739 if (nsahash)
delete[] nsahash;
1743 if (pwhash)
delete[] pwhash;
1760 if (newpw || !pwdref.
length()) {
1766 if (pwd && strlen(pwd) > 0) {
1767 PRT(
"AddPassword: using input password ("<<strlen(pwd)<<
" bytes)");
1773 while (!passwd.
length()) {
1777 PRT(
"AddPassword: max number of attempts reached: "<<
kMAXPWDATT);
1778 if (pwhash)
delete[] pwhash;
1786 prompt.
insert(
" (last attempt)",prompt.
find(
":"));
1802 pwhash =
new char[(*KDFunLen)()];
1808 pwhlen = passwd.
length();
1809 pwhash =
new char[pwhlen];
1810 memcpy(pwhash,passwd.
c_str(),pwhlen);
1817 if (pwhash)
delete[] pwhash;
1828 PRT(
"SavePasswd: tag or pwd undefined - do nothing ("<<
1834 PRT(
"SavePasswd: main directory undefined - do nothing");
1855 PRT(
"SavePasswd: errno: "<<errno);
1861 buf +=
"********* Password information **************\n\n";
1862 buf +=
"host: "; buf +=
SrvName; buf +=
"\n";
1863 buf +=
"ID: "; buf +=
SrvID; buf +=
"\n";
1864 buf +=
"tag: "; buf += tag; buf +=
"\n";
1865 buf +=
"password: "; buf += pwd; buf +=
"\n";
1867 buf +=
"status: "; buf += 2; buf +=
"\n";
1869 buf +=
"NB: one-time password: user will be asked for \n";
1870 buf +=
" new password on first login \n";
1872 buf +=
"status: "; buf += 1; buf +=
"\n";
1875 buf +=
"*********************************************";
1884 buf +=
"********* Server PUK information **************\n\n";
1886 for (; i <
ncrypt; i++) {
1888 ptag +=
SrvID; ptag +=
"_"; ptag +=
CF[i]->
ID();
1889 buf +=
"puk: "; buf += ptag; buf +=
"\n";
1893 buf += pub; buf +=
"\n";
1899 buf +=
"*********************************************";
1924 PRT(
" Entry for tag '"<<tag.
c_str()<<
1925 "' already existing in file: "<<ff->
Name());
1927 PRT(
" Use option '-force' to overwrite / update");
1954 if (msg2)
PRT(msg2);
1962 if (defact && (ask ==
'n' || ask ==
"no")) {
1964 }
else if (!defact && (ask ==
'y' || ask ==
"yes")) {
1980 PRT(
"ReadPasswd: file name undefined - do nothing");
1988 PRT(
"ReadPasswd: errno: "<<errno);
1994 char line[1024], s1[50], s2[1024];
1995 while (fgets(line,
sizeof(line), fd) != 0) {
1996 if (line[strlen(line)-1] ==
'\n')
1997 line[strlen(line)-1] = 0;
1998 if (strlen(line) <= 0)
2000 if (sscanf(line,
"%s %s",s1,s2) < 2)
2002 if (!strncmp(s1,
"host:",5)) {
2004 }
else if (!strncmp(s1,
"ID:",3)) {
2006 }
else if (!strncmp(s1,
"tag:",4)) {
2008 }
else if (!strncmp(s1,
"password:",9)) {
2010 }
else if (!strncmp(s1,
"status:",7)) {
2011 st = strtol(s2, 0, 10);
2028 if (host.
length() <= 0 ||
id.length() <= 0) {
2030 PRT(
"ReadPasswd: warning: host name missing in file "
2032 if (
id.length() <= 0)
2033 PRT(
"ReadPasswd: warning: srv ID missing in file "
2048 if (
id.length() > 0) {
2053 PRT(
"ReadPasswd: build tag: "<<tag);
2067 PRT(
"ReadPuk: file name undefined - do nothing");
2075 PRT(
"ReadPuk: errno: "<<errno);
2081 char line[1024], s1[50], s2[1024];
2082 while (fgets(line,
sizeof(line), fd) != 0) {
2083 if (line[strlen(line)-1] ==
'\n')
2084 line[strlen(line)-1] = 0;
2085 if (strlen(line) <= 0)
2087 if (sscanf(line,
"%s %s",s1,s2) < 2)
2089 if (!strncmp(s1,
"puk:",4)) {
2092 while (fgets(line,
sizeof(line), fd) != 0) {
2093 if (!strncmp(line,
"puk:",4) ||
2094 !strncmp(line,
"epuk",4) || strlen(line) <= 0)
2100 PRT(
"ReadPuk: warning: max number of puks reached ("<<
kMAXPUK<<
")");
2109 PRT(
"ReadPuk: found "<<ipuk<<
" server puks");
2111 for (; i < ipuk; i++) {
2114 PRT(
"ReadPuk: build puk tag: "<<tpuk[i]);
2127 PRT(
"SavePuk: main directory undefined - do nothing");
2137 PRT(
"SavePuk: Cannot create requested path: "<<
PukFile);
2144 char *tstr =
new char[20];
2146 PRT(
"SavePuk: Cannot create buffer for time string");
2156 PRT(
"SavePuk: could not open/create file: "<<
PukFile);
2157 PRT(
"SavePuk: errno: "<<errno);
2164 PRT(
"SavePuk: Cannot create array of temporary buckets");
2169 int lout = 0, i = 0;
2170 for (; i <
ncrypt; i++) {
2173 if (!
CF[i] || !
RefCip[i])
continue;
2177 if (!bck[i])
continue;
2184 char *bout =
new char[lout];
2186 PRT(
"SavePuk: Cannot create output buffer");
2193 for (i = 0; i <
ncrypt; i++) {
2196 if (!
CF[i] || !bck[i])
continue;
2205 memcpy(bout+lp,&lpuk,
sizeof(
kXR_int32));
2209 memcpy(bout+lp,bck[i]->buffer,lpuk);
2220 while (
write(fd, bout, lout) < 0 && errno == EINTR)
2222 PRT(
"SavePuk: "<<lout<<
" bytes written to file "<<
PukFile);
2237 PRT(
"ReadPuk: file name undefined - do nothing");
2245 PRT(
"ReadPuk: errno: "<<errno);
2251 int nr = 0, nrdt = 0, ncip = 0;
2258 PRT(
"ReadPuk: could not read puk length - corrupton ? ");
2264 char *puk =
new char[lpuk];
2266 PRT(
"ReadPuk: could not allocate buffer for puk");
2270 if ((nr =
read(fd, puk, lpuk)) != lpuk) {
2271 PRT(
"ReadPuk: could not read puk buffer - corrupton ? ");
2279 PRT(
"ReadPuk: could not create bucket for puk");
2287 if (
CF[i] &&
CF[i]->
ID() ==
id)
break;
2291 PRT(
"ReadPuk: warning: factory with ID "<<
id <<
" not found");
2298 PRT(
"ReadPuk: warning: could not instantiate cipher"
2299 " from bucket for factory "<<
CF[i]->Name());
2301 PRT(
"ReadPuk: instantiate cipher for factory "<<
CF[i]->Name());
2311 PRT(
"ReadPuk: "<<nrdt<<
" bytes read from file "<<
PukFile);
2312 PRT(
"ReadPuk: "<<ncip<<
" ciphers instantiated");
2323 for (; i <
ncrypt; i++ ) {
2327 PRT(
"// Hook for crypto factory "<<
CryptMod[i]<<
" undefined");
2333 if (!
RefCip[i])
continue;
2352 id = atoi(sid.
c_str());
2355 if (
CF[j] &&
CF[j]->
ID() ==
id)
break;
2359 PRT(
"// warning: factory with ID "<<
id <<
" not found");
2381 if (puk && strlen(puk) > 0) {
2390 PRT(
"ExpPuk: cannot open standard genpuk dir "<<genpukdir);
2395 while ((ent =
readdir(dir))) {
2397 if (strncmp(ent->d_name,
"puk.", 4))
2404 PRT(
"ExpPuk: cannot stat "<<fn<<
" - skipping");
2407 if (st.st_mtime > latest) {
2409 latest = st.st_mtime;
2416 PRT(
"ExpPuk: problem reading the key in");
2423 expfile +=
".export";
2424 PRT(
"ExpPuk: exporting key from file "<<
PukFile);
2428 int fd =
open(expfile.
c_str(), O_WRONLY | O_CREAT | O_TRUNC, 0644);
2430 PRT(
"ExpPuk: could not open/create file: "<<expfile.
c_str());
2431 PRT(
"ExpPuk: errno: "<<errno);
2438 buf +=
"********* Server PUK information **************\n\n";
2440 for (; i <
ncrypt; i++) {
2442 ptag +=
SrvID; ptag +=
"_"; ptag +=
CF[i]->
ID();
2443 buf +=
"puk: "; buf += ptag; buf +=
"\n";
2447 buf += pub; buf +=
"\n";
2453 buf +=
"*********************************************";
int(* XrdCryptoKDFunLen_t)()
int(* XrdCryptoKDFun_t)(const char *pass, int plen, const char *salt, int slen, char *key, int klen)
int stat(const char *path, struct stat *buf)
struct dirent * readdir(DIR *dirp)
int open(const char *path, int oflag,...)
ssize_t write(int fildes, const void *buf, size_t nbyte)
ssize_t read(int fildes, void *buf, size_t nbyte)
DIR * opendir(const char *path)
bool CheckOption(XrdOucString opt, const char *ref, int &ival)
int main(int argc, char **argv)
bool AskConfirm(const char *msg1, bool defact, const char *msg2=0)
const char * gActionsStr[]
void SavePasswd(XrdOucString tag, XrdOucString pwd, bool onetime)
bool GetEntry(XrdSutPFile *ff, XrdOucString tag, XrdSutPFEntry &ent, bool &check)
bool AddPassword(XrdSutPFEntry &ent, XrdOucString salt, XrdOucString &ranpwd, bool random, bool checkpw, bool &newpw)
XrdCryptoKDFunLen_t KDFunLen
int LocateFactoryIndex(char *tag, int &id)
XrdOucString TagHostPuk[kMAXPUK]
XrdCryptoCipher ** RefCip
XrdOucString CryptMod[NCRYPTMAX]
bool ReadPasswd(XrdOucString &tag, XrdOucString &pwd, int &st)
XrdOucString HostPuk[kMAXPUK]
int ParseArguments(int argc, char **argv)
bool ReadPuk(int &npuk, XrdOucString *tpuk, XrdOucString *puk)
bool ExpPuk(const char *puk=0, bool read=1)
int XrdSutGetPass(const char *prompt, XrdOucString &passwd)
int XrdSutExpand(XrdOucString &path)
int XrdSutMkdir(const char *dir, unsigned int mode, const char *opt)
int XrdSutTimeString(int t, char *st, int opt)
void XrdSutSetTrace(kXR_int32 trace)
int XrdSutGetLine(XrdOucString &line, const char *prompt)
virtual XrdSutBucket * AsBucket()
virtual char * Public(int &lpub)
virtual XrdCryptoKDFun_t KDFun()
virtual XrdCryptoCipher * Cipher(const char *t, int l=0)
virtual XrdCryptoKDFunLen_t KDFunLen()
static XrdCryptoFactory * GetCryptoFactory(const char *factoryname)
void insert(const int i, int start=-1)
const char * c_str() const
void assign(const char *s, int j, int k=-1)
int erase(int start=0, int size=0)
int rfind(const char c, int start=STR_NPOS)
int find(const char c, int start=0, bool forward=1)
int tokenize(XrdOucString &tok, int from, char del=':')
void lower(int pos, int size=0)
int SetBuf(const char *nb=0, int ns=0)
void SetBuf(const char *b=0, kXR_int32 l=0)
void SetName(const char *n=0)
kXR_int32 Browse(void *out=0)
kXR_int32 Trim(const char *fbak=0)
kXR_int32 WriteEntry(XrdSutPFEntry ent)
const char * Name() const
kXR_int32 SearchEntries(const char *name, char opt, kXR_int32 *ofs=0, kXR_int32 nofs=1)
kXR_int32 ReadEntry(const char *name, XrdSutPFEntry &ent, int opt=0)
bool Init(const char *n, kXR_int32 openmode=kPFEcreate, kXR_int32 createmode=0600, bool hashtab=1)
kXR_int32 RemoveEntry(const char *name)
kXR_int32 LastError() const
static bool Init(bool force=0)
static int GetString(int opt, int len, XrdOucString &s)