DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity

[client] don't print keys to stdout in --save-rc-stanza --key-gen mode

Browse Source 
This is a minor commit to not print keys to stdout when both --save-rc-stanza
and --key-gen are set on the command line.
This commit is contained in:
Michael Rash 2013-05-30 22:03:11 -04:00
parent 0001b37f44
commit 0504627c2e
2 changed files with 52 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
client/config_init.c
View File

@ -609,6 +609,52 @@ set_rc_file(char *rcfile, fko_cli_options_t *options)
return;
}
static void
keys_status(fko_cli_options_t *options)
{
FILE *key_gen_file_ptr = NULL;
char rcfile[MAX_PATH_LEN] = {0};
if(options->key_gen == 1)
{
if(options->key_gen_file[0] != '\0')
{
if ((key_gen_file_ptr = fopen(options->key_gen_file, "w")) == NULL)
{
log_msg(LOG_VERBOSITY_ERROR, "Unable to create key gen file: %s: %s",
options->key_gen_file, strerror(errno));
exit(EXIT_FAILURE);
}
fprintf(key_gen_file_ptr, "KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n",
options->key_base64, options->hmac_key_base64);
fclose(key_gen_file_ptr);
log_msg(LOG_VERBOSITY_NORMAL,
"[+] Wrote Rijndael and HMAC keys to: %s",
options->key_gen_file);
}
else
{
if(options->save_rc_stanza == 1)
{
set_rc_file(rcfile, options);
log_msg(LOG_VERBOSITY_NORMAL,
"[+] Wrote Rijndael and HMAC keys to rc file: %s",
options->rc_file);
}
else
log_msg(LOG_VERBOSITY_NORMAL,
"KEY_BASE64: %s\nHMAC_KEY_BASE64: %s",
options->key_base64, options->hmac_key_base64);
}
/* Always exit out in --key-gen mode since the fwknopd server
* has no way to know what the new keys are
*/
exit(EXIT_SUCCESS);
}
}
/* Parse any time offset from the command line
*/
static int
@ -2020,7 +2066,8 @@ config_init(fko_cli_options_t *options, int argc, char **argv)
/* Now that we have all of our options set, we can validate them */
validate_options(options);
/* Do some processings */
/* Generate Rijndael + HMAC keys from /dev/random and base64 encode
*/
generate_keys(options);
/* We can upgrade our settings with the parameters set on the command
@ -2029,7 +2076,7 @@ config_init(fko_cli_options_t *options, int argc, char **argv)
{
/* If we are asked to generate keys, we add them to the bitmask so
* that they can be added to the stanza when updated */
if (options->key_gen)
if (options->key_gen == 1)
{
add_var_to_bitmask(FWKNOP_CLI_ARG_KEY_RIJNDAEL_BASE64, &var_bitmask);
add_var_to_bitmask(FWKNOP_CLI_ARG_KEY_HMAC_BASE64, &var_bitmask);
@ -2040,6 +2087,8 @@ config_init(fko_cli_options_t *options, int argc, char **argv)
}
else;
keys_status(options);
return;
}

32
client/fwknop.c
View File

@ -172,7 +172,7 @@ is_hostname_str_with_port(const char *str, char *hostname, size_t hostname_bufsi
int
main(int argc, char **argv)
{
fko_ctx_t ctx = NULL;
fko_ctx_t ctx = NULL;
fko_ctx_t ctx2 = NULL;
int res;
char *spa_data=NULL, *version=NULL;
@ -180,7 +180,6 @@ main(int argc, char **argv)
char key[MAX_KEY_LEN+1] = {0};
char hmac_key[MAX_KEY_LEN+1] = {0};
int key_len = 0, hmac_key_len = 0, enc_mode;
FILE *key_gen_file_ptr = NULL;
fko_cli_options_t options;
@ -195,35 +194,6 @@ main(int argc, char **argv)
*/
prev_exec(&options, argc, argv);
/* Generate Rijndael + HMAC keys from /dev/random (base64
* encoded) and exit.
*/
if(options.key_gen)
{
if(options.key_gen_file[0] != '\0')
{
if ((key_gen_file_ptr = fopen(options.key_gen_file, "w")) == NULL)
{
log_msg(LOG_VERBOSITY_ERROR, "Unable to create key gen file: %s: %s",
options.key_gen_file, strerror(errno));
return(EXIT_FAILURE);
}
fprintf(key_gen_file_ptr, "KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n",
options.key_base64, options.hmac_key_base64);
fclose(key_gen_file_ptr);
log_msg(LOG_VERBOSITY_NORMAL,
"[+] Wrote Rijndael and HMAC keys to: %s",
options.key_gen_file);
}
else
{
log_msg(LOG_VERBOSITY_NORMAL,
"KEY_BASE64: %s\nHMAC_KEY_BASE64: %s",
options.key_base64, options.hmac_key_base64);
}
return(EXIT_SUCCESS);
}
/* Intialize the context
*/
res = fko_new(&ctx);