From 303ea58c2f2f36a744f44a9e06913c7044f9a23d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= Date: Thu, 25 Nov 2021 16:33:10 +0100 Subject: [PATCH] Import parse_uint() from voreutils. Summarise all .sos. Fix systemd integration in README to match. Flatten hV adding --- .build.yml | 4 ++-- README.md | 6 +++--- src/bin/zfs-tpm-list.cpp | 4 ++-- src/bin/zfs-tpm2-change-key.cpp | 7 ++++--- src/fd.cpp | 1 - src/main.hpp | 5 +++-- src/parse.hpp | 29 +++++++++++++++++++---------- src/tpm2.cpp | 4 ++-- 8 files changed, 35 insertions(+), 25 deletions(-) diff --git a/.build.yml b/.build.yml index bd05b0f..353e27a 100644 --- a/.build.yml +++ b/.build.yml @@ -21,12 +21,12 @@ tasks: - build-gcc: | cd tzpfms make - find out/ -maxdepth 1 -type f -exec readelf -d {} + + find out/ -maxdepth 1 -type f -exec readelf -d {} + | tee /dev/stderr | grep Shared | sort | uniq make clean - build-clang: | cd tzpfms CC=clang CXX=clang++ make - find out/ -maxdepth 1 -type f -exec readelf -d {} + + find out/ -maxdepth 1 -type f -exec readelf -d {} + | tee /dev/stderr | grep Shared | sort | uniq - manpages: | git -C tzpfms/ worktree add ../tzpfms-man man cd tzpfms-man diff --git a/README.md b/README.md index b4d61c6..3e99b80 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,7 @@ The output binaries are trimmed of extraneous dependencies, so they're all just The default `$TZPFMS_PASSPHRASE_HELPER` is the null string. To set a different default, set `TZPFMS_PASSPHRASE_HELPER` and `TZPFMS_PASSPHRASE_HELPER_MAN` for `make` — `$`s need to be double-escaped and `'`s need to be full-`'` escaped (i.e. `'\''`). -As an example, for a sensible default value of `exec systemd-ask-password --id="tzpfms:$2" "$1:"` for OOB systemd integration, pass `TZPFMS_PASSPHRASE_HELPER='exec systemd-ask-password --id="tzpfms:$$2" "$$1"'` and `TZPFMS_PASSPHRASE_HELPER_MAN='Ic exec Nm systemd-ask-password Fl -id Ns Li = Ns Qo Li tzpfms:\& Ns Ar $$2 Qc Qo Ar $$1 Ns Li ":\&" Qc'`. +As an example, for a sensible default value of `exec systemd-ask-password --id="tzpfms:$2" "$1:"` for OOB systemd integration, pass `TZPFMS_PASSPHRASE_HELPER='exec systemd-ask-password --id="tzpfms:$$2" "$$1:"'` and `TZPFMS_PASSPHRASE_HELPER_MAN='Ic exec Nm systemd-ask-password Fl -id Ns Li = Ns Qo Li tzpfms:\& Ns Ar $$2 Qc Qo Ar $$1 Ns Li ":\&" Qc'`. ### Installation @@ -80,7 +80,7 @@ ln -s /usr/lib/i386-linux-gnu/libtss2-tcti-{swtpm,default}.so #### TPM1.x Build [`swtpm`](//github.com/stefanberger/swtpm), then prepare and run it and -([hopefully](https://github.com/stefanberger/swtpm/issues/5#issuecomment-210607890)) [TrouSerS](//sourceforge.net/projects/trousers), as `root`/`tpm`: +([hopefully](//github.com/stefanberger/swtpm/issues/5#issuecomment-210607890)) [TrouSerS](//sourceforge.net/projects/trousers), as `root`/`tpm`: ```sh swtpm_setup --tpmstate tpm1x-state --createek --display --logfile /dev/stdout --overwrite swtpm cuse -n tpm --tpmstate dir=tpm1x-state --seccomp action=none --log level=10,file=/dev/fd/4 4>&1 @@ -114,7 +114,7 @@ There's [the tracker](//todo.sr.ht/~nabijaczleweli/tzpfms), but also see the lis ## Contributing Send a patch inline, as an attachment, or a git link and a ref to pull from to -[the list](//lists.sr.ht/~nabijaczleweli/tzpfms) ([~nabijaczleweli/tzpfms@lists.sr.ht](mailto:~nabijaczleweli/tzpfms)) or [me](mailto:nabijaczleweli@nabijaczleweli.xyz) +[the list](//lists.sr.ht/~nabijaczleweli/tzpfms) ([~nabijaczleweli/tzpfms@lists.sr.ht](mailto:~nabijaczleweli/tzpfms@lists.sr.ht)) or [me](mailto:nabijaczleweli@nabijaczleweli.xyz) directly. I'm not picky, just please include the repo name in the subject prefix. ## Discussion diff --git a/src/bin/zfs-tpm-list.cpp b/src/bin/zfs-tpm-list.cpp index 7088cdd..45ca7e3 100644 --- a/src/bin/zfs-tpm-list.cpp +++ b/src/bin/zfs-tpm-list.cpp @@ -57,8 +57,8 @@ int main(int argc, char ** argv) { maxdepth = SIZE_MAX; break; case 'd': - if(parse_int(optarg, maxdepth)) - return fprintf(stderr, "%s is not an integer\n", optarg), __LINE__; + if(!parse_uint(optarg, maxdepth)) + return fprintf(stderr, "-d %s: %s\n", optarg, strerror(errno)), __LINE__; break; case 'a': print_nontzpfms = true; diff --git a/src/bin/zfs-tpm2-change-key.cpp b/src/bin/zfs-tpm2-change-key.cpp index b9f41ec..f80199d 100644 --- a/src/bin/zfs-tpm2-change-key.cpp +++ b/src/bin/zfs-tpm2-change-key.cpp @@ -40,9 +40,10 @@ int main(int argc, char ** argv) { return with_tpm2_session([&](auto tpm2_ctx, auto tpm2_session) { TRY_MAIN(verify_backend(dataset, THIS_BACKEND, [&](auto previous_handle_s) { TPMI_DH_PERSISTENT previous_handle{}; - if(parse_int(previous_handle_s, previous_handle)) - fprintf(stderr, "Couldn't parse previous persistent handle for dataset %s. You might need to run \"tpm2_evictcontrol -c %s\" or equivalent!\n", - zfs_get_name(dataset), previous_handle_s); + if(!parse_uint(previous_handle_s, previous_handle)) + fprintf(stderr, + "Couldn't parse previous persistent handle for dataset %s: %s. You might need to run \"tpm2_evictcontrol -c %s\" or equivalent!\n", + zfs_get_name(dataset), strerror(errno), previous_handle_s); else { if(tpm2_free_persistent(tpm2_ctx, tpm2_session, previous_handle)) fprintf(stderr, diff --git a/src/fd.cpp b/src/fd.cpp index de51700..9af018a 100644 --- a/src/fd.cpp +++ b/src/fd.cpp @@ -226,7 +226,6 @@ static int get_key_material_raw(const char * whom, bool again, bool newkey, uint static int get_key_material_dispatch(const char * whom, bool again, bool newkey, uint8_t *& buf, size_t & len_out) { static const char * helper{}; - printf("'%s'\n", STRINGIFY(TZPFMS_PASSPHRASE_HELPER)); if(!helper) helper = getenv("TZPFMS_PASSPHRASE_HELPER") ?: STRINGIFY(TZPFMS_PASSPHRASE_HELPER); if(*helper) { diff --git a/src/main.hpp b/src/main.hpp index a53a35a..9f34d2a 100644 --- a/src/main.hpp +++ b/src/main.hpp @@ -29,8 +29,9 @@ int do_bare_main(int argc, char ** argv, const char * getoptions, const char * u #if __GLIBC__ setenv("POSIXLY_CORRECT", "1", true); #endif - auto gopts = reinterpret_cast(TRY_PTR("allocate options string", alloca(strlen(getoptions) + 2 + 1))); - snprintf(gopts, strlen(getoptions) + 2 + 1, "%shV", getoptions); + auto gopts = reinterpret_cast(alloca(strlen(getoptions) + 2 + 1)); + gopts[0] = 'h', gopts[1] = 'V'; + strcpy(gopts + 2, getoptions); for(int opt; (opt = getopt(argc, argv, gopts)) != -1;) switch(opt) { case '?': diff --git a/src/parse.hpp b/src/parse.hpp index 64ab701..bb2372c 100644 --- a/src/parse.hpp +++ b/src/parse.hpp @@ -5,20 +5,29 @@ #include +#include #include +#include #include template -int parse_int(const char * what, T & out) { - int base = 10; - if(!strncmp(what, "0x", 2) || !strncmp(what, "0X", 2)) { - base = 16; - what += 2; - } +bool parse_uint(const char * val, T & out) { + if(val[0] == '\0') + return errno = EINVAL, false; + if(val[0] == '-') + return errno = ERANGE, false; - if(std::from_chars(what, what + strlen(what), out, base).ptr == what) - return __LINE__; - else - return 0; + char * end{}; + errno = 0; + auto res = strtoull(val, &end, 0); + out = res; + if(errno) + return false; + if(res > std::numeric_limits::max()) + return errno = ERANGE, false; + if(*end != '\0') + return errno = EINVAL, false; + + return true; } diff --git a/src/tpm2.cpp b/src/tpm2.cpp index 5256e2e..be90522 100644 --- a/src/tpm2.cpp +++ b/src/tpm2.cpp @@ -52,8 +52,8 @@ TPM2B_DATA tpm2_creation_metadata(const char * dataset_name) { int tpm2_parse_handle(const char * dataset_name, const char * handle_s, TPMI_DH_PERSISTENT & handle) { - if(parse_int(handle_s, handle)) - return fprintf(stderr, "Dataset %s's handle %s not valid.\n", dataset_name, handle_s), __LINE__; + if(!parse_uint(handle_s, handle)) + return fprintf(stderr, "Dataset %s's handle %s: %s.\n", dataset_name, handle_s, strerror(errno)), __LINE__; return 0; }