X-Git-Url: https://git.rapsys.eu/ihttpd/blobdiff_plain/034a5b59d291e9a01cc9fd6c77aeb1019174e5c6..72625a495e1c6ba10da830bcf5cdf212ae919b30:/SOURCES/index.bin.c

diff --git a/SOURCES/index.bin.c b/SOURCES/index.bin.c
index e6780a1..cf44c6c 100644
--- a/SOURCES/index.bin.c
+++ b/SOURCES/index.bin.c
@@ -65,6 +65,9 @@
 //Default cryptsetup
 #define CRYPTSETUP "/sbin/cryptsetup"
 
+//Systemd cryptsetup
+#define SYSTEMDCRYPTSETUP "/usr/lib/systemd/systemd-cryptsetup"
+
 //Default pid file
 #define IHTTPDPID "/run/ihttpd/ihttpd.pid"
 
@@ -75,6 +78,10 @@
 #define ASKPASSWORDLOG "/run/ihttpd/log/child.askpassword.log"
 #define IHTTPDLOG "/run/ihttpd/log/child.ihttpd.log"
 
+//Define form uri
+#define FORMID "5903c738"
+#define FORMURI "/" FORMID ".html"
+
 //Create struct for http error status
 struct httpStatusStruct {
 	int value;
@@ -87,7 +94,8 @@ const struct httpStatusStruct httpStatuses[] = {
 	{400, "Bad Request"},
 	{405, "Method Not Allowed"},
 	{411, "Length Required"},
-	{500, "Internal Server Error"}
+	{500, "Internal Server Error"},
+	{503, "Service Unavailable"}
 };
 
 /**
@@ -96,6 +104,7 @@ const struct httpStatusStruct httpStatuses[] = {
 void die(const int, const char*);
 void header(const int, const char*);
 void showForm(const char*, const int, const int);
+void showMaintenance();
 int extractValue(char**, int*, char*, int);
 int extractLuksDevice(char**, char**);
 int extractIHttpdPid(pid_t *);
@@ -137,6 +146,9 @@ void header(const int code, const char *ctype) {
 		case 500:
 			k = 4;
 			break;
+		case 503:
+			k = 5;
+			break;
 		default:
 			k = 0;
 	}
@@ -154,10 +166,13 @@ void header(const int code, const char *ctype) {
  * Show form
  */
 void showForm(const char *requestUri, const int keyfileSizeMax, const int passphraseSizeMax) {
-	header(200, "text/html");
+	header(503, "text/html");
 	printf("<!DOCTYPE HTML>\r\n");
 	printf("<html>\r\n");
-	printf("<head><title>Key upload form</title></head>\r\n");
+	printf("<head>\r\n");
+	printf("<title>Key upload form!</title>\r\n");
+	printf("<style type=\"text/css\">body{color:black;background-color:white;}a:link{color:#00c;}p,address{margin-left:3em;}span{font-size:smaller;}</style>\r\n");
+	printf("</head>\r\n");
 	printf("<body>\r\n");
 	printf("<div id=\"wrapper\">\r\n");
 	printf("<form enctype=\"multipart/form-data\" action=\"%s\" method=\"post\"><fieldset><legend>Upload key</legend><label for=\"file\"></label><input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"%d\" /><input id=\"file\" type=\"file\" name=\"key\" /><input type=\"submit\" value=\"Send\" /></fieldset></form>\r\n", requestUri, keyfileSizeMax);
@@ -167,6 +182,29 @@ void showForm(const char *requestUri, const int keyfileSizeMax, const int passph
 	printf("</html>\r\n");
 }
 
+/**
+ * Show maintenance
+ */
+void showMaintenance() {
+	header(503, "text/html");
+	printf("<!DOCTYPE HTML>\r\n");
+	printf("<html>\r\n");
+	printf("<head>\r\n");
+	printf("<title>Service unavailable!</title>\r\n");
+	printf("<style type=\"text/css\">body{color:black;background-color:white;}a:link{color:#00c;}p,address{margin-left:3em;}span{font-size:smaller;}</style>\r\n");
+	printf("</head>\r\n");
+	printf("<body>\r\n");
+	printf("<h1>Service unavailable!</h1>\r\n");
+	printf("<p>The server is temporarily unable to service your\r\n");
+	printf("request due to maintenance downtime or capacity\r\n");
+	printf("problems. Please try again later.</p>\r\n");
+	printf("<h2>Error 503</h2>\r\n");
+	printf("<address><a href=\"/\">%s</a><br /><span>%s</span></address>\r\n", getenv("SERVER_NAME"), getenv("SERVER_SOFTWARE"));
+	printf("<!--crc32:%s-->\r\n", FORMID);
+	printf("</body>\r\n");
+	printf("</html>\r\n");
+}
+
 /**
  * Extract value
  */
@@ -757,9 +795,10 @@ int extractIHttpdPid(pid_t *pid) {
  * Main function
  */
 int main(int argc, char **argv) {
-
 	//Get request method
 	char *requestMethod = getenv("REQUEST_METHOD");
+	//Get request uri
+	char *requestUri = getenv("REQUEST_URI");
 
 	//Handle unknown requests
 	if (requestMethod == NULL || (strncmp(requestMethod, "GET", 3) && strncmp(requestMethod, "HEAD", 4) && strncmp(requestMethod, "POST", 4))) {
@@ -767,8 +806,15 @@ int main(int argc, char **argv) {
 		die(405, "Unsupported request method");
 	//Handle get and head
 	} else if (!strncmp(requestMethod, "GET", 3) || !strncmp(requestMethod, "HEAD", 4)) {
-		//Send form
-		showForm(getenv("REQUEST_URI")?getenv("REQUEST_URI"):"/", DEFAULT_KEYFILE_SIZE_MAX, DEFAULT_PASSPHRASE_SIZE_MAX);
+		//Check if we have form uri
+		if (requestUri != NULL && strlen(requestUri) == strlen(FORMURI) && !strncmp(requestUri, FORMURI, strlen(FORMURI))) {
+			//Send form
+			showForm(requestUri, DEFAULT_KEYFILE_SIZE_MAX, DEFAULT_PASSPHRASE_SIZE_MAX);
+		//Not form uri requested
+		} else {
+			//Send maintenance page
+			showMaintenance();
+		}
 	//Handle post
 	} else /*if (!strncmp(requestMethod, "POST", 4))*/ {
 		//Return value
@@ -794,6 +840,9 @@ int main(int argc, char **argv) {
 		//Declare luks and device
 		char *luks = NULL, *device = NULL;
 
+		//Declare cargv
+		char **cargv = NULL;
+
 		//Pairs of pipe for stdin, stdout and stderr
 		int inPipe[2], errPipe[2];
 
@@ -831,12 +880,32 @@ int main(int argc, char **argv) {
 			die(500, "Failed to extract value");
 		}
 
-
 		//Extract luks and device
 		if ((ret = extractLuksDevice(&luks, &device)) < 0) {
 			die(500, "Failed to extract luks and device");
 		}
 
+		//Declare cargv array
+		char *cargvs[] = { CRYPTSETUP, "-d", "-", "luksOpen", device, luks, NULL };
+		//TODO: device cannot be an UUID=xyz, a resolved block device is required for it
+		//char *scargvs[] = { SYSTEMDCRYPTSETUP, "attach", luks, device, "-", NULL };
+
+		//Check cryptsetup binary
+		if (access(CRYPTSETUP, F_OK|X_OK) == -1) {
+			//Check systemdcryptsetup binary
+			if (access(SYSTEMDCRYPTSETUP, F_OK|X_OK) == -1) {
+				die(500, "No cryptsetup available");
+			} else {
+				//Set contextual env
+				//TODO: resolve UUID in real device name
+				//TODO: passing password through the socket is not possible, as it rely on password ending with \0
+				die(500, "systemd-cryptsetupd is not implementable");
+			}
+		} else {
+			//Set contextual env
+			cargv = cargvs;
+		}
+
 		//Create stdin pipe
 		if (pipe(inPipe) == -1) {
 			die(500, "Failed to create in pipe");
@@ -854,8 +923,7 @@ int main(int argc, char **argv) {
 
 		//Child process
 		if (pid == 0) {
-			//Child argv
-			char *cargv[] = { CRYPTSETUP, "-d", "-", "luksOpen", device, luks, NULL };
+			//Child arge
 			char *carge[] = { NULL };
 			//Free value
 			free(value);
@@ -873,8 +941,9 @@ int main(int argc, char **argv) {
 			//Close errPipe
 			close(errPipe[0]);
 			close(errPipe[1]);
+
 			//Call cryptsetup
-			if (execve(CRYPTSETUP, cargv, carge) == -1) {
+			if (execve(cargv[0], cargv, carge) == -1) {
 				die(500, "Failed to call cryptsetup");
 			}
 		//Parent process
@@ -904,15 +973,15 @@ int main(int argc, char **argv) {
 				die(500, "Failed to wait child");
 			}
 
-			//Handle already unlocked device
-			if (ret == 1280) {
-				die(200, "Device already unlocked");
 			//Handle already in use device
-			} else if (ret == 5) {
+			if (ret == 5) {
 				die(500, "Device already in use");
+			//Handle already unlocked device
+			//} else if (ret == 1280) {
+			//	die(200, "Device already unlocked");
 			//Handle invalid luks device
-			} else if (ret == 256) {
-				die(500, "Device is now a valid device");
+			//} else if (ret == 256) {
+			//	die(500, "Device is now a valid device");
 			//Handle no key available with this passphrase
 			} else if (ret == 512) {
 				die(500, "No slot for this value");
@@ -960,6 +1029,8 @@ int main(int argc, char **argv) {
 			close(errPipe[0]);
 		}
 
+//Removed as it was making fail the process of booting sometimes
+#if 0
 		//Fork process
 		if ((pid = fork()) == -1) {
 			die(500, "Failed to fork");
@@ -1038,6 +1109,12 @@ int main(int argc, char **argv) {
 
 		//Parent process
 		} else {
+#endif
+
+			//Sleep before killing askpassword process
+			if (usleep(500000) == -1) {
+				die(500, "Usleep failed");
+			}
 
 			//Fork process
 			if ((pid = fork()) == -1) {
@@ -1127,7 +1204,9 @@ int main(int argc, char **argv) {
 
 			}
 
+#if 0
 		}
+#endif
 
 	}