X-Git-Url: https://git.tokkee.org/?p=sysdb.git;a=blobdiff_plain;f=src%2Ftools%2Fsysdb%2Fmain.c;h=1f3975a7949b52491d4b0b2fe37660260e556649;hp=357ef34827672d0033030eeefe8d85d059f98836;hb=5cc17919bcf0cc5474811e376bdba8989f0b54d3;hpb=13fe0f9ec3d161fab7a015054649910541d75f5e diff --git a/src/tools/sysdb/main.c b/src/tools/sysdb/main.c index 357ef34..1f3975a 100644 --- a/src/tools/sysdb/main.c +++ b/src/tools/sysdb/main.c @@ -38,8 +38,10 @@ #include "utils/llist.h" #include "utils/strbuf.h" #include "utils/os.h" +#include "utils/ssl.h" #include +#include #if HAVE_LIBGEN_H # include @@ -49,11 +51,10 @@ #include #include - +#include #include #include #include - #include #include @@ -81,30 +82,34 @@ # define DEFAULT_SOCKET "unix:"LOCALSTATEDIR"/run/sysdbd.sock" #endif -static const char * -get_homedir(const char *username) -{ - struct passwd pw_entry; - struct passwd *result = NULL; - - /* needs to be static because we return a pointer into this buffer - * to the caller */ - static char buf[1024]; +static sdb_ssl_options_t ssl_options = { + /* ca_file */ SDB_SSL_CAFILE, + /* key_file */ "~/.config/sysdb/ssl/key.pem", + /* cert_file */ "~/.config/sysdb/ssl/cert.pem", + /* crl_file */ "~/.config/sysdb/ssl/crl.pem", +}; - int status; - - memset(&pw_entry, 0, sizeof(pw_entry)); - status = getpwnam_r(username, &pw_entry, buf, sizeof(buf), &result); - - if (status || (! result)) { - char errbuf[1024]; - sdb_log(SDB_LOG_WARNING, "Failed to determine home directory " - "for user %s: %s", username, - sdb_strerror(errno, errbuf, sizeof(errbuf))); - return NULL; +static void +canonicalize_ssl_options(void) +{ + char *tmp; + if (ssl_options.ca_file) { + tmp = sdb_realpath(ssl_options.ca_file); + ssl_options.ca_file = tmp ? tmp : strdup(ssl_options.ca_file); + } + if (ssl_options.key_file) { + tmp = sdb_realpath(ssl_options.key_file); + ssl_options.key_file = tmp ? tmp : strdup(ssl_options.key_file); + } + if (ssl_options.cert_file) { + tmp = sdb_realpath(ssl_options.cert_file); + ssl_options.cert_file = tmp ? tmp : strdup(ssl_options.cert_file); + } + if (ssl_options.crl_file) { + tmp = sdb_realpath(ssl_options.crl_file); + ssl_options.crl_file = tmp ? tmp : strdup(ssl_options.crl_file); } - return result->pw_dir; -} /* get_homedir */ +} /* canonicalize_ssl_options */ static void exit_usage(char *name, int status) @@ -113,18 +118,30 @@ exit_usage(char *name, int status) printf( "Usage: %s \n" -"\nOptions:\n" -" -H HOST the host to connect to\n" -" default: "DEFAULT_SOCKET"\n" -" -U USER the username to connect as\n" -" default: %s\n" -" -c CMD execute the specified command and then exit\n" +"Connection options:\n" +" -H HOST the host to connect to\n" +" default: "DEFAULT_SOCKET"\n" +" -U USER the username to connect as\n" +" default: %s\n" +" -c CMD execute the specified command and then exit\n" "\n" -" -h display this help and exit\n" -" -V display the version number and copyright\n" +"SSL options:\n" +" -K KEYFILE private key file name\n" +" default: %s\n" +" -C CERTFILE client certificate file name\n" +" default: %s\n" +" -A CAFILE CA certificates file name\n" +" default: %s\n" +"\n" +"General options:\n" +"\n" +" -h display this help and exit\n" +" -V display the version number and copyright\n" "\nSysDB client "SDB_CLIENT_VERSION_STRING SDB_CLIENT_VERSION_EXTRA", " -PACKAGE_URL"\n", basename(name), user); +PACKAGE_URL"\n", basename(name), user, + ssl_options.key_file, ssl_options.cert_file, ssl_options.ca_file); + free(user); exit(status); } /* exit_usage */ @@ -146,7 +163,7 @@ exit_version(void) } /* exit_version */ static int -execute_commands(sdb_client_t *client, sdb_llist_t *commands) +execute_commands(sdb_input_t *input, sdb_llist_t *commands) { sdb_llist_iter_t *iter; int status = 0; @@ -160,7 +177,7 @@ execute_commands(sdb_client_t *client, sdb_llist_t *commands) while (sdb_llist_iter_has_next(iter)) { sdb_object_t *obj = sdb_llist_iter_get_next(iter); - if (sdb_client_send(client, SDB_CONNECTION_QUERY, + if (sdb_client_send(input->client, SDB_CONNECTION_QUERY, (uint32_t)strlen(obj->name), obj->name) <= 0) { sdb_log(SDB_LOG_ERR, "Failed to send command '%s' to server", obj->name); @@ -172,7 +189,7 @@ execute_commands(sdb_client_t *client, sdb_llist_t *commands) * but eventually see the reply to the query, which is either DATA or * ERROR. */ while (42) { - status = sdb_command_print_reply(client); + status = sdb_command_print_reply(input); if (status < 0) { sdb_log(SDB_LOG_ERR, "Failed to read reply from server"); break; @@ -203,14 +220,14 @@ main(int argc, char **argv) { const char *host = NULL; - const char *homedir; + char *homedir; char hist_file[1024] = ""; sdb_input_t input = SDB_INPUT_INIT; sdb_llist_t *commands = NULL; while (42) { - int opt = getopt(argc, argv, "H:U:c:hV"); + int opt = getopt(argc, argv, "H:U:c:C:K:A:hV"); if (-1 == opt) break; @@ -247,6 +264,16 @@ main(int argc, char **argv) } break; + case 'C': + ssl_options.cert_file = optarg; + break; + case 'K': + ssl_options.key_file = optarg; + break; + case 'A': + ssl_options.ca_file = optarg; + break; + case 'h': exit_usage(argv[0], 0); break; @@ -270,39 +297,57 @@ main(int argc, char **argv) if (! input.user) exit(1); + if (sdb_ssl_init()) + exit(1); + input.client = sdb_client_create(host); if (! input.client) { sdb_log(SDB_LOG_ERR, "Failed to create client object"); - free(input.user); + sdb_input_reset(&input); + exit(1); + } + input.input = sdb_strbuf_create(2048); + sdb_input_init(&input); + + canonicalize_ssl_options(); + if (sdb_client_set_ssl_options(input.client, &ssl_options)) { + sdb_log(SDB_LOG_ERR, "Failed to apply SSL options"); + sdb_input_reset(&input); + sdb_ssl_free_options(&ssl_options); exit(1); } + sdb_ssl_free_options(&ssl_options); if (sdb_client_connect(input.client, input.user)) { sdb_log(SDB_LOG_ERR, "Failed to connect to SysDBd"); - sdb_client_destroy(input.client); - free(input.user); + sdb_input_reset(&input); exit(1); } if (commands) { - int status = execute_commands(input.client, commands); + int status; + input.interactive = 0; + status = execute_commands(&input, commands); sdb_llist_destroy(commands); - sdb_client_destroy(input.client); - free(input.user); + sdb_input_reset(&input); if ((status != SDB_CONNECTION_OK) && (status != SDB_CONNECTION_DATA)) exit(1); exit(0); } sdb_log(SDB_LOG_INFO, "SysDB client "SDB_CLIENT_VERSION_STRING - SDB_CLIENT_VERSION_EXTRA" (libsysdbclient %s%s)\n", + SDB_CLIENT_VERSION_EXTRA" (libsysdbclient %s%s)", sdb_client_version_string(), sdb_client_version_extra()); + sdb_command_print_server_version(&input); + printf("\n"); using_history(); - if ((homedir = get_homedir(input.user))) { + if ((homedir = sdb_get_homedir())) { snprintf(hist_file, sizeof(hist_file) - 1, "%s/.sysdb_history", homedir); hist_file[sizeof(hist_file) - 1] = '\0'; + free(homedir); + homedir = NULL; errno = 0; if (read_history(hist_file) && (errno != ENOENT)) { @@ -311,16 +356,16 @@ main(int argc, char **argv) hist_file, sdb_strerror(errno, errbuf, sizeof(errbuf))); } } - free(input.user); - input.input = sdb_strbuf_create(2048); - sdb_input_init(&input); + signal(SIGPIPE, SIG_IGN); + signal(SIGCHLD, SIG_IGN); + sdb_input_mainloop(); sdb_client_shutdown(input.client, SHUT_WR); while (! sdb_client_eof(input.client)) { /* wait for remaining data to arrive */ - sdb_command_print_reply(input.client); + sdb_command_print_reply(&input); } if (hist_file[0] != '\0') { @@ -332,8 +377,8 @@ main(int argc, char **argv) } } - sdb_client_destroy(input.client); - sdb_strbuf_destroy(input.input); + sdb_input_reset(&input); + sdb_ssl_shutdown(); return 0; } /* main */