]> Raphaƫl G. Git Repositories - ihttpd/blobdiff - SOURCES/index.bin.c
Rapsys Git / ihttpd / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add formid
[ihttpd] / SOURCES / index.bin.c
diff --git a/SOURCES/index.bin.c b/SOURCES/index.bin.c
index e6780a116bd0883669162436f9a87a7e51459743..cf44c6c58368d36dd47369d631fb7ed9faba82cc 100644 (file)
--- a/SOURCES/index.bin.c
+++ b/SOURCES/index.bin.c
@@ -65,6 +65,9 @@
 //Default cryptsetup
 #define CRYPTSETUP "/sbin/cryptsetup"
 
 //Default cryptsetup
 #define CRYPTSETUP "/sbin/cryptsetup"
 
+//Systemd cryptsetup
+#define SYSTEMDCRYPTSETUP "/usr/lib/systemd/systemd-cryptsetup"
+
 //Default pid file
 #define IHTTPDPID "/run/ihttpd/ihttpd.pid"
 
 //Default pid file
 #define IHTTPDPID "/run/ihttpd/ihttpd.pid"
 
@@ -75,6 +78,10 @@
 #define ASKPASSWORDLOG "/run/ihttpd/log/child.askpassword.log"
 #define IHTTPDLOG "/run/ihttpd/log/child.ihttpd.log"
 
 #define ASKPASSWORDLOG "/run/ihttpd/log/child.askpassword.log"
 #define IHTTPDLOG "/run/ihttpd/log/child.ihttpd.log"
 
+//Define form uri
+#define FORMID "5903c738"
+#define FORMURI "/" FORMID ".html"
+
 //Create struct for http error status
 struct httpStatusStruct {
        int value;
 //Create struct for http error status
 struct httpStatusStruct {
        int value;
@@ -87,7 +94,8 @@ const struct httpStatusStruct httpStatuses[] = {
        {400, "Bad Request"},
        {405, "Method Not Allowed"},
        {411, "Length Required"},
        {400, "Bad Request"},
        {405, "Method Not Allowed"},
        {411, "Length Required"},
-       {500, "Internal Server Error"}
+       {500, "Internal Server Error"},
+       {503, "Service Unavailable"}
 };
 
 /**
 };
 
 /**
@@ -96,6 +104,7 @@ const struct httpStatusStruct httpStatuses[] = {
 void die(const int, const char*);
 void header(const int, const char*);
 void showForm(const char*, const int, const int);
 void die(const int, const char*);
 void header(const int, const char*);
 void showForm(const char*, const int, const int);
+void showMaintenance();
 int extractValue(char**, int*, char*, int);
 int extractLuksDevice(char**, char**);
 int extractIHttpdPid(pid_t *);
 int extractValue(char**, int*, char*, int);
 int extractLuksDevice(char**, char**);
 int extractIHttpdPid(pid_t *);
@@ -137,6 +146,9 @@ void header(const int code, const char *ctype) {
                case 500:
                        k = 4;
                        break;
                case 500:
                        k = 4;
                        break;
+               case 503:
+                       k = 5;
+                       break;
                default:
                        k = 0;
        }
                default:
                        k = 0;
        }
@@ -154,10 +166,13 @@ void header(const int code, const char *ctype) {
  * Show form
  */
 void showForm(const char *requestUri, const int keyfileSizeMax, const int passphraseSizeMax) {
  * Show form
  */
 void showForm(const char *requestUri, const int keyfileSizeMax, const int passphraseSizeMax) {
-       header(200, "text/html");
+       header(503, "text/html");
        printf("<!DOCTYPE HTML>\r\n");
        printf("<html>\r\n");
        printf("<!DOCTYPE HTML>\r\n");
        printf("<html>\r\n");
-       printf("<head><title>Key upload form</title></head>\r\n");
+       printf("<head>\r\n");
+       printf("<title>Key upload form!</title>\r\n");
+       printf("<style type=\"text/css\">body{color:black;background-color:white;}a:link{color:#00c;}p,address{margin-left:3em;}span{font-size:smaller;}</style>\r\n");
+       printf("</head>\r\n");
        printf("<body>\r\n");
        printf("<div id=\"wrapper\">\r\n");
        printf("<form enctype=\"multipart/form-data\" action=\"%s\" method=\"post\"><fieldset><legend>Upload key</legend><label for=\"file\"></label><input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"%d\" /><input id=\"file\" type=\"file\" name=\"key\" /><input type=\"submit\" value=\"Send\" /></fieldset></form>\r\n", requestUri, keyfileSizeMax);
        printf("<body>\r\n");
        printf("<div id=\"wrapper\">\r\n");
        printf("<form enctype=\"multipart/form-data\" action=\"%s\" method=\"post\"><fieldset><legend>Upload key</legend><label for=\"file\"></label><input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"%d\" /><input id=\"file\" type=\"file\" name=\"key\" /><input type=\"submit\" value=\"Send\" /></fieldset></form>\r\n", requestUri, keyfileSizeMax);
@@ -167,6 +182,29 @@ void showForm(const char *requestUri, const int keyfileSizeMax, const int passph
        printf("</html>\r\n");
 }
 
        printf("</html>\r\n");
 }
 
+/**
+ * Show maintenance
+ */
+void showMaintenance() {
+       header(503, "text/html");
+       printf("<!DOCTYPE HTML>\r\n");
+       printf("<html>\r\n");
+       printf("<head>\r\n");
+       printf("<title>Service unavailable!</title>\r\n");
+       printf("<style type=\"text/css\">body{color:black;background-color:white;}a:link{color:#00c;}p,address{margin-left:3em;}span{font-size:smaller;}</style>\r\n");
+       printf("</head>\r\n");
+       printf("<body>\r\n");
+       printf("<h1>Service unavailable!</h1>\r\n");
+       printf("<p>The server is temporarily unable to service your\r\n");
+       printf("request due to maintenance downtime or capacity\r\n");
+       printf("problems. Please try again later.</p>\r\n");
+       printf("<h2>Error 503</h2>\r\n");
+       printf("<address><a href=\"/\">%s</a><br /><span>%s</span></address>\r\n", getenv("SERVER_NAME"), getenv("SERVER_SOFTWARE"));
+       printf("<!--crc32:%s-->\r\n", FORMID);
+       printf("</body>\r\n");
+       printf("</html>\r\n");
+}
+
 /**
  * Extract value
  */
 /**
  * Extract value
  */
@@ -757,9 +795,10 @@ int extractIHttpdPid(pid_t *pid) {
  * Main function
  */
 int main(int argc, char **argv) {
  * Main function
  */
 int main(int argc, char **argv) {
-
        //Get request method
        char *requestMethod = getenv("REQUEST_METHOD");
        //Get request method
        char *requestMethod = getenv("REQUEST_METHOD");
+       //Get request uri
+       char *requestUri = getenv("REQUEST_URI");
 
        //Handle unknown requests
        if (requestMethod == NULL || (strncmp(requestMethod, "GET", 3) && strncmp(requestMethod, "HEAD", 4) && strncmp(requestMethod, "POST", 4))) {
 
        //Handle unknown requests
        if (requestMethod == NULL || (strncmp(requestMethod, "GET", 3) && strncmp(requestMethod, "HEAD", 4) && strncmp(requestMethod, "POST", 4))) {
@@ -767,8 +806,15 @@ int main(int argc, char **argv) {
                die(405, "Unsupported request method");
        //Handle get and head
        } else if (!strncmp(requestMethod, "GET", 3) || !strncmp(requestMethod, "HEAD", 4)) {
                die(405, "Unsupported request method");
        //Handle get and head
        } else if (!strncmp(requestMethod, "GET", 3) || !strncmp(requestMethod, "HEAD", 4)) {
-               //Send form
-               showForm(getenv("REQUEST_URI")?getenv("REQUEST_URI"):"/", DEFAULT_KEYFILE_SIZE_MAX, DEFAULT_PASSPHRASE_SIZE_MAX);
+               //Check if we have form uri
+               if (requestUri != NULL && strlen(requestUri) == strlen(FORMURI) && !strncmp(requestUri, FORMURI, strlen(FORMURI))) {
+                       //Send form
+                       showForm(requestUri, DEFAULT_KEYFILE_SIZE_MAX, DEFAULT_PASSPHRASE_SIZE_MAX);
+               //Not form uri requested
+               } else {
+                       //Send maintenance page
+                       showMaintenance();
+               }
        //Handle post
        } else /*if (!strncmp(requestMethod, "POST", 4))*/ {
                //Return value
        //Handle post
        } else /*if (!strncmp(requestMethod, "POST", 4))*/ {
                //Return value
@@ -794,6 +840,9 @@ int main(int argc, char **argv) {
                //Declare luks and device
                char *luks = NULL, *device = NULL;
 
                //Declare luks and device
                char *luks = NULL, *device = NULL;
 
+               //Declare cargv
+               char **cargv = NULL;
+
                //Pairs of pipe for stdin, stdout and stderr
                int inPipe[2], errPipe[2];
 
                //Pairs of pipe for stdin, stdout and stderr
                int inPipe[2], errPipe[2];
 
@@ -831,12 +880,32 @@ int main(int argc, char **argv) {
                        die(500, "Failed to extract value");
                }
 
                        die(500, "Failed to extract value");
                }
 
-
                //Extract luks and device
                if ((ret = extractLuksDevice(&luks, &device)) < 0) {
                        die(500, "Failed to extract luks and device");
                }
 
                //Extract luks and device
                if ((ret = extractLuksDevice(&luks, &device)) < 0) {
                        die(500, "Failed to extract luks and device");
                }
 
+               //Declare cargv array
+               char *cargvs[] = { CRYPTSETUP, "-d", "-", "luksOpen", device, luks, NULL };
+               //TODO: device cannot be an UUID=xyz, a resolved block device is required for it
+               //char *scargvs[] = { SYSTEMDCRYPTSETUP, "attach", luks, device, "-", NULL };
+
+               //Check cryptsetup binary
+               if (access(CRYPTSETUP, F_OK|X_OK) == -1) {
+                       //Check systemdcryptsetup binary
+                       if (access(SYSTEMDCRYPTSETUP, F_OK|X_OK) == -1) {
+                               die(500, "No cryptsetup available");
+                       } else {
+                               //Set contextual env
+                               //TODO: resolve UUID in real device name
+                               //TODO: passing password through the socket is not possible, as it rely on password ending with \0
+                               die(500, "systemd-cryptsetupd is not implementable");
+                       }
+               } else {
+                       //Set contextual env
+                       cargv = cargvs;
+               }
+
                //Create stdin pipe
                if (pipe(inPipe) == -1) {
                        die(500, "Failed to create in pipe");
                //Create stdin pipe
                if (pipe(inPipe) == -1) {
                        die(500, "Failed to create in pipe");
@@ -854,8 +923,7 @@ int main(int argc, char **argv) {
 
                //Child process
                if (pid == 0) {
 
                //Child process
                if (pid == 0) {
-                       //Child argv
-                       char *cargv[] = { CRYPTSETUP, "-d", "-", "luksOpen", device, luks, NULL };
+                       //Child arge
                        char *carge[] = { NULL };
                        //Free value
                        free(value);
                        char *carge[] = { NULL };
                        //Free value
                        free(value);
@@ -873,8 +941,9 @@ int main(int argc, char **argv) {
                        //Close errPipe
                        close(errPipe[0]);
                        close(errPipe[1]);
                        //Close errPipe
                        close(errPipe[0]);
                        close(errPipe[1]);
+
                        //Call cryptsetup
                        //Call cryptsetup
-                       if (execve(CRYPTSETUP, cargv, carge) == -1) {
+                       if (execve(cargv[0], cargv, carge) == -1) {
                                die(500, "Failed to call cryptsetup");
                        }
                //Parent process
                                die(500, "Failed to call cryptsetup");
                        }
                //Parent process
@@ -904,15 +973,15 @@ int main(int argc, char **argv) {
                                die(500, "Failed to wait child");
                        }
 
                                die(500, "Failed to wait child");
                        }
 
-                       //Handle already unlocked device
-                       if (ret == 1280) {
-                               die(200, "Device already unlocked");
                        //Handle already in use device
                        //Handle already in use device
-                       } else if (ret == 5) {
+                       if (ret == 5) {
                                die(500, "Device already in use");
                                die(500, "Device already in use");
+                       //Handle already unlocked device
+                       //} else if (ret == 1280) {
+                       //      die(200, "Device already unlocked");
                        //Handle invalid luks device
                        //Handle invalid luks device
-                       } else if (ret == 256) {
-                               die(500, "Device is now a valid device");
+                       //} else if (ret == 256) {
+                       //      die(500, "Device is now a valid device");
                        //Handle no key available with this passphrase
                        } else if (ret == 512) {
                                die(500, "No slot for this value");
                        //Handle no key available with this passphrase
                        } else if (ret == 512) {
                                die(500, "No slot for this value");
@@ -960,6 +1029,8 @@ int main(int argc, char **argv) {
                        close(errPipe[0]);
                }
 
                        close(errPipe[0]);
                }
 
+//Removed as it was making fail the process of booting sometimes
+#if 0
                //Fork process
                if ((pid = fork()) == -1) {
                        die(500, "Failed to fork");
                //Fork process
                if ((pid = fork()) == -1) {
                        die(500, "Failed to fork");
@@ -1038,6 +1109,12 @@ int main(int argc, char **argv) {
 
                //Parent process
                } else {
 
                //Parent process
                } else {
+#endif
+
+                       //Sleep before killing askpassword process
+                       if (usleep(500000) == -1) {
+                               die(500, "Usleep failed");
+                       }
 
                        //Fork process
                        if ((pid = fork()) == -1) {
 
                        //Fork process
                        if ((pid = fork()) == -1) {
@@ -1127,7 +1204,9 @@ int main(int argc, char **argv) {
 
                        }
 
 
                        }
 
+#if 0
                }
                }
+#endif
 
        }
 
 
        }
 
Packaged apache, dracut module, index cgi, systemd service to unlock root luks fs