Attachment 930514 Details for Bug 1108522 – Slightly rework corosync-keygen.

[patch] Slightly rework corosync-keygen.

tmp.5u18QmGEX4 (text/plain), 6.55 KB, created by Jan Friesse on 2014-08-25 14:36:24 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Jan Friesse

Created: 2014-08-25 14:36:24 UTC

Size: 6.55 KB

patch

obsolete

>From 520fe686c5e45f0f7143e749a3f6c2001a2ea0d7 Mon Sep 17 00:00:00 2001
>From: Vladislav Bogdanov <bubble@hoster-ok.com>
>Date: Thu, 17 Jul 2014 07:29:54 +0000
>Subject: [PATCH] Slightly rework corosync-keygen.
>
>Allow it to create keyfile not in the hardcoded location.
>Drop root checks.
>Minor cosmetic fixes to the man-page.
>
>Signed-off-by: Vladislav Bogdanov <bubble@hoster-ok.com>
>Reviewed-by: Jan Friesse <jfriesse@redhat.com>
>---
> man/corosync-keygen.8   |   29 +++++++++++++++++---------
> tools/corosync-keygen.c |   51 +++++++++++++++++++++-------------------------
> 2 files changed, 42 insertions(+), 38 deletions(-)
>
>diff --git a/man/corosync-keygen.8 b/man/corosync-keygen.8
>index 5dc3f45..5aaae93 100644
>--- a/man/corosync-keygen.8
>+++ b/man/corosync-keygen.8
>@@ -35,45 +35,47 @@
> .SH NAME
> corosync-keygen \- Generate an authentication key for Corosync.
> .SH SYNOPSIS
>-.B "corosync-keygen [\-l]"
>+.B "corosync-keygen [\-k <filename>] [\-l]"
> .SH DESCRIPTION
> 
> If you want to configure corosync to use cryptographic techniques to ensure authenticity
>-.br
> and privacy of the messages, you will need to generate a private key.
> .PP
> .B corosync-keygen
>-creates this key and writes it to /etc/corosync/authkey.
>+creates this key and writes it to /etc/corosync/authkey or to file specified by
>+-k option.
> .PP
> This private key must be copied to every processor in the cluster.  If the
>-.br
> private key isn't the same for every node, those nodes with nonmatching private
>-.br
> keys will not be able to join the same configuration.
> .PP
> Copy the key to some security transportable storage or use ssh to transmit the
>-.br
> key from node to node.  Then install the key with the command:
> .PP
> unix#: install -D --group=0 --owner=0 --mode=0400 /path_to_authkey/authkey /etc/corosync/authkey
> .PP
> If a message "Invalid digest" appears from the corosync executive, the keys
>-.br
> are not consistent between processors.
> .PP
> .B Note: corosync-keygen
> will ask for user input to assist in generating entropy unless the -l option is used.
> .SH OPTIONS
> .TP
>+.B -k <filename>
>+This specifies the fully qualified path to the shared key to create.
>+.br
>+The default is /etc/corosync/authkey.
>+.TP
> .B -l
> Use a less secure random data source that will not require user input to help generate
>-.br
>-entropy.  This may be useful when this utility is used from a script.
>+entropy.  This may be useful when this utility is used from a script or hardware random number
>+generator is not available (f.e. in virtual machine).
>+
> .SH EXAMPLES
> .TP
> Generate the key.
> .PP
>-$ corosync-keygen
>+# corosync-keygen
> .br
> Corosync Cluster Engine Authentication key generator.
> .br
>@@ -81,6 +83,13 @@ Gathering 1024 bits for key from /dev/random.
> .br
> Press keys on your keyboard to generate entropy.
> .br
>+.PP
>+$ corosync-keygen -l -k /tmp/authkey
>+.br
>+Corosync Cluster Engine Authentication key generator.
>+.br
>+Writing corosync key to /tmp/authkey.
>+.br
> .SH SEE ALSO
> .BR corosync_overview (8),
> .BR corosync.conf (5),
>diff --git a/tools/corosync-keygen.c b/tools/corosync-keygen.c
>index 71ea9d8..112ebaf 100644
>--- a/tools/corosync-keygen.c
>+++ b/tools/corosync-keygen.c
>@@ -40,16 +40,19 @@
> #include <unistd.h>
> #include <fcntl.h>
> #include <errno.h>
>+#include <string.h>
> #include <getopt.h>
> #include <sys/types.h>
> #include <sys/stat.h>
> 
> #include <netinet/in.h>
> 
>-#define KEYFILE COROSYSCONFDIR "/authkey"
>+#define DEFAULT_KEYFILE COROSYSCONFDIR "/authkey"
> 
> static const char usage[] =
>-	"Usage: corosync-keygen [-l]\n"
>+	"Usage: corosync-keygen [-k <keyfile>] [-l]\n"
>+	"     -k / --key-file=<filename> -  Write to the specified keyfile\n"
>+	"            instead of the default " DEFAULT_KEYFILE ".\n"
> 	"     -l / --less-secure -  Use a less secure random number source\n"
> 	"            (/dev/urandom) that is guaranteed not to require user\n"
> 	"            input for entropy.  This can be used when this\n"
>@@ -60,6 +63,7 @@ int main (int argc, char *argv[])
> {
> 	int authkey_fd;
> 	int random_fd;
>+	char *keyfile = NULL;
> 	unsigned char key[128];
> 	ssize_t res;
> 	ssize_t bytes_read;
>@@ -67,14 +71,18 @@ int main (int argc, char *argv[])
> 	int option_index;
> 	int less_secure = 0;
> 	static struct option long_options[] = {
>-		{ "less-secure", no_argument, NULL, 'l' },
>-		{ "help",        no_argument, NULL, 'h' },
>-		{ 0,             0,           NULL, 0   },
>+		{ "key-file",    required_argument, NULL, 'k' },
>+		{ "less-secure", no_argument,       NULL, 'l' },
>+		{ "help",        no_argument,       NULL, 'h' },
>+		{ 0,             0,                 NULL, 0   },
> 	};
> 
>-	while ((c = getopt_long (argc, argv, "lh",
>+	while ((c = getopt_long (argc, argv, "k:lh",
> 			long_options, &option_index)) != -1) {
> 		switch (c) {
>+		case 'k':
>+			keyfile = optarg;
>+			break;
> 		case 'l':
> 			less_secure = 1;
> 			break;
>@@ -89,18 +97,13 @@ int main (int argc, char *argv[])
> 	}
> 
> 	printf ("Corosync Cluster Engine Authentication key generator.\n");
>-	if (geteuid() != 0) {
>-		printf ("Error: Authorization key must be generated as root user.\n");
>-		exit (errno);
>-	}
>-	if (mkdir (COROSYSCONFDIR, 0700)) {
>-		if (errno != EEXIST) {
>-			perror ("Failed to create directory: " COROSYSCONFDIR);
>-			exit (errno);
>-		}
>+
>+	if (!keyfile) {
>+		keyfile = (char *)DEFAULT_KEYFILE;
> 	}
> 
> 	if (less_secure) {
>+		printf ("Gathering %lu bits for key from /dev/urandom.\n", (unsigned long)(sizeof (key) * 8));
> 		random_fd = open ("/dev/urandom", O_RDONLY);
> 	} else {
> 		printf ("Gathering %lu bits for key from /dev/random.\n", (unsigned long)(sizeof (key) * 8));
>@@ -134,17 +137,9 @@ retry_read:
> 	/*
> 	 * Open key
> 	 */
>-	authkey_fd = open (KEYFILE, O_CREAT|O_WRONLY, 600);
>+	authkey_fd = open (keyfile, O_CREAT|O_WRONLY, 0600);
> 	if (authkey_fd == -1) {
>-		perror ("Could not create " KEYFILE);
>-		exit (errno);
>-	}
>-	/*
>-	 * Set security of authorization key to uid = 0 gid = 0 mode = 0400
>-	 */
>-	res = fchown (authkey_fd, 0, 0);
>-	if (res == -1) {
>-		perror ("Could not fchown key to uid 0 and gid 0\n");
>+		fprintf (stderr, "Could not create %s: %s", keyfile, strerror(errno));
> 		exit (errno);
> 	}
> 	if (fchmod (authkey_fd, 0400)) {
>@@ -152,19 +147,19 @@ retry_read:
> 		exit (errno);
> 	}
> 
>-	printf ("Writing corosync key to " KEYFILE ".\n");
>+	printf ("Writing corosync key to %s.\n", keyfile);
> 
> 	/*
> 	 * Write key
> 	 */
> 	res = write (authkey_fd, key, sizeof (key));
> 	if (res != sizeof (key)) {
>-		perror ("Could not write " KEYFILE);
>+		fprintf (stderr, "Could not write %s: %s", keyfile, strerror(errno));
> 		exit (errno);
> 	}
> 
> 	if (close (authkey_fd)) {
>-		perror ("Could not write " KEYFILE);
>+		fprintf (stderr, "Could not close %s: %s", keyfile, strerror(errno));
> 		exit (errno);
> 	}
> 
>-- 
>1.7.1
>

Actions: View | Diff

Attachments on bug 1108522: 907995 | 907996 | 907997 | 907998 | 907999 | 908004 | 908111 | 930505 | 930506 | 930507 | 930509 | 930510 | 930511 | 930512 | 930513 | 930514 | 930515 | 930516 | 930517 | 930518 | 930519 | 930527 | 930528 | 930529 | 930530 | 930531 | 930535 | 930536 | 930537 | 930538 | 930539 | 930540 | 931024