summaryrefslogtreecommitdiffstats
path: root/bin
diff options
context:
space:
mode:
Diffstat (limited to 'bin')
-rw-r--r--bin/ykfde-cpio.c36
-rw-r--r--bin/ykfde.c38
2 files changed, 25 insertions, 49 deletions
diff --git a/bin/ykfde-cpio.c b/bin/ykfde-cpio.c
index 30e66dd..b143b78 100644
--- a/bin/ykfde-cpio.c
+++ b/bin/ykfde-cpio.c
@@ -35,16 +35,15 @@ const static struct option options_long[] = {
int add_dir(struct archive *archive, const char * path) {
struct stat st;
struct archive_entry *entry;
- int8_t rc;
+ int8_t rc = EXIT_FAILURE;
/* initialize struct stat for directories from root */
- if ((rc = stat("/", &st)) < 0) {
+ if (stat("/", &st) < 0) {
perror("stat() failed");
goto out;
}
if ((entry = archive_entry_new()) == NULL) {
- rc = EXIT_FAILURE;
fprintf(stderr, "archive_entry_new() failed");
goto out;
}
@@ -53,7 +52,6 @@ int add_dir(struct archive *archive, const char * path) {
archive_entry_set_filetype(entry, AE_IFDIR);
archive_entry_copy_stat(entry, &st);
if (archive_write_header(archive, entry) != ARCHIVE_OK) {
- rc = EXIT_FAILURE;
fprintf(stderr, "archive_write_header() failed");
goto out;
}
@@ -100,25 +98,22 @@ int main(int argc, char **argv) {
if (version > 0 || help > 0)
return EXIT_SUCCESS;
- if ((rc = fdarchive = mkstemp(cpiotmpfile)) < 0) {
+ if ((fdarchive = mkstemp(cpiotmpfile)) < 0) {
perror("mkstemp() failed");
goto out10;
}
if ((archive = archive_write_new()) == NULL) {
- rc = EXIT_FAILURE;
fprintf(stderr, "archive_write_new() failed.\n");
goto out10;
}
if (archive_write_set_format_cpio_newc(archive) != ARCHIVE_OK) {
- rc = EXIT_FAILURE;
fprintf(stderr, "archive_write_set_format_cpio_newc() failed.\n");
goto out10;
}
if (archive_write_open_fd(archive, fdarchive) != ARCHIVE_OK) {
- rc = EXIT_FAILURE;
fprintf(stderr, "archive_write_open_fd() failed.\n");
goto out10;
}
@@ -130,7 +125,7 @@ int main(int argc, char **argv) {
*strstr(path + pathlength, "/") = 0;
pathlength = strlen(path) + 1;
- if ((rc = add_dir(archive, path)) < 0) {
+ if (add_dir(archive, path) < 0) {
fprintf(stderr, "add_dir() failed");
goto out10;
}
@@ -143,14 +138,13 @@ int main(int argc, char **argv) {
filename = malloc(sizeof(CHALLENGEDIR) + strlen(ent->d_name) + 1);
sprintf(filename, CHALLENGEDIR "%s", ent->d_name);
- if ((rc = stat(filename, &st)) < 0) {
+ if (stat(filename, &st) < 0) {
perror("stat() failed");
goto out10;
}
if (S_ISREG(st.st_mode)) {
if ((entry = archive_entry_new()) == NULL) {
- rc = EXIT_FAILURE;
fprintf(stderr, "archive_entry_new() failed.\n");
goto out10;
}
@@ -162,34 +156,33 @@ int main(int argc, char **argv) {
archive_entry_set_perm(entry, 0644);
if (archive_write_header(archive, entry) != ARCHIVE_OK) {
- rc = EXIT_FAILURE;
fprintf(stderr, "archive_write_header() failed");
goto out10;
}
- if ((rc = fdfile = open(filename, O_RDONLY)) < 0) {
+ if ((fdfile = open(filename, O_RDONLY)) < 0) {
perror("open() failed");
goto out10;
}
- if ((rc = len = read(fdfile, buff, sizeof(buff))) < 0) {
+ if ((len = read(fdfile, buff, sizeof(buff))) < 0) {
perror("read() failed");
goto out10;
}
while (len > 0) {
- if (( rc = archive_write_data(archive, buff, len)) < 0) {
+ if (archive_write_data(archive, buff, len) < 0) {
fprintf(stderr, "archive_write_data() failed");
goto out10;
}
- if ((rc = len = read(fdfile, buff, sizeof(buff))) < 0) {
+ if ((len = read(fdfile, buff, sizeof(buff))) < 0) {
perror("read() failed");
goto out10;
}
}
- if ((rc = close(fdfile)) < 0) {
+ if (close(fdfile) < 0) {
perror("close() failed");
goto out10;
}
@@ -198,34 +191,31 @@ int main(int argc, char **argv) {
}
free(filename);
}
- if ((rc = closedir(dir)) < 0) {
+ if (closedir(dir) < 0) {
perror("closedir() failed");
goto out10;
}
} else {
- rc = EXIT_FAILURE;
perror("opendir() failed");
goto out10;
}
if (archive_write_close(archive) != ARCHIVE_OK) {
- rc = EXIT_FAILURE;
fprintf(stderr, "archive_write_close() failed");
goto out10;
}
if (archive_write_free(archive) != ARCHIVE_OK) {
- rc = EXIT_FAILURE;
fprintf(stderr, "archive_write_free() failed");
goto out10;
}
- if (access(CPIOFILE, F_OK) == 0 && (rc = unlink(CPIOFILE)) < 0) {
+ if (access(CPIOFILE, F_OK) == 0 && unlink(CPIOFILE) < 0) {
perror("unkink() failed");
goto out10;
}
- if ((rc = rename(cpiotmpfile, CPIOFILE)) < 0) {
+ if (rename(cpiotmpfile, CPIOFILE) < 0) {
perror("rename() failed");
goto out10;
}
diff --git a/bin/ykfde.c b/bin/ykfde.c
index 198a842..8dda1d9 100644
--- a/bin/ykfde.c
+++ b/bin/ykfde.c
@@ -107,7 +107,6 @@ int main(int argc, char **argv) {
if (have_term)
if (tcsetattr(STDIN_FILENO, TCSAFLUSH, &tp) < 0) {
fprintf(stderr, "Failed setting terminal attributes.\n");
- rc = EXIT_FAILURE;
goto out0;
}
@@ -121,7 +120,6 @@ int main(int argc, char **argv) {
case 'N':
if (new_2nd_factor != NULL) {
fprintf(stderr, "We already have a new second factor. Did you specify it twice?\n");
- rc = EXIT_FAILURE;
goto out10;
}
@@ -142,7 +140,6 @@ int main(int argc, char **argv) {
case 'S':
if (second_factor != NULL) {
fprintf(stderr, "We already have a second factor. Did you specify it twice?\n");
- rc = EXIT_FAILURE;
goto out10;
}
@@ -168,7 +165,6 @@ int main(int argc, char **argv) {
if (have_term)
if (tcsetattr(STDIN_FILENO, TCSANOW, &tp_save) < 0) {
fprintf(stderr, "Failed setting terminal attributes.\n");
- rc = EXIT_FAILURE;
goto out10;
}
@@ -195,13 +191,11 @@ int main(int argc, char **argv) {
memset(passphrase_new, 0, PASSPHRASELEN + 1);
if ((ini = iniparser_load(CONFIGFILE)) == NULL) {
- rc = EXIT_FAILURE;
fprintf(stderr, "Could not parse configuration file.\n");
goto out10;
}
if ((device_name = iniparser_getstring(ini, "general:" CONFDEVNAME, NULL)) == NULL) {
- rc = EXIT_FAILURE;
/* read from crypttab? */
/* get device from currently open devices? */
fprintf(stderr, "Could not read LUKS device from configuration file.\n");
@@ -211,20 +205,17 @@ int main(int argc, char **argv) {
/* init and open first Yubikey */
if (yk_init() == 0) {
perror("yk_init() failed");
- rc = EXIT_FAILURE;
goto out20;
}
if ((yk = yk_open_first_key()) == NULL) {
fprintf(stderr, "No Yubikey available.\n");
- rc = EXIT_FAILURE;
goto out30;
}
/* read the serial number from key */
if (yk_get_serial(yk, 0, 0, &serial) == 0) {
perror("yk_get_serial() failed");
- rc = EXIT_FAILURE;
goto out40;
}
@@ -248,7 +239,6 @@ int main(int argc, char **argv) {
sprintf(section_luksslot, "%d:" CONFLUKSSLOT, serial);
luks_slot = iniparser_getint(ini, section_luksslot, luks_slot);
if (luks_slot < 0) {
- rc = EXIT_FAILURE;
fprintf(stderr, "Please set LUKS key slot for Yubikey with serial %d!\n"
"Add something like this to " CONFIGFILE ":\n\n"
"[%d]\nluks slot = 1\n", serial, serial);
@@ -263,7 +253,7 @@ int main(int argc, char **argv) {
if (key > -1) {
/* if we have a key id we have a key - so this should succeed */
- if ((rc = keyctl_read_alloc(key, &payload)) < 0) {
+ if (keyctl_read_alloc(key, &payload) < 0) {
perror("Failed reading payload from key");
goto out40;
}
@@ -287,11 +277,11 @@ int main(int argc, char **argv) {
sprintf(challengefiletmpname, CHALLENGEDIR "/challenge-%d-XXXXXX", serial);
/* write new challenge to file */
- if ((rc = challengefiletmp = mkstemp(challengefiletmpname)) < 0) {
+ if ((challengefiletmp = mkstemp(challengefiletmpname)) < 0) {
fprintf(stderr, "Could not open file %s for writing.\n", challengefiletmpname);
goto out40;
}
- if ((rc = write(challengefiletmp, challenge_new, CHALLENGELEN)) < 0) {
+ if (write(challengefiletmp, challenge_new, CHALLENGELEN) < 0) {
fprintf(stderr, "Failed to write challenge to file.\n");
goto out50;
}
@@ -308,7 +298,6 @@ int main(int argc, char **argv) {
CHALLENGELEN, (unsigned char *) challenge_new,
RESPONSELEN, (unsigned char *) response_new) == 0) {
perror("yk_challenge_response() failed");
- rc = EXIT_FAILURE;
goto out50;
}
yubikey_hex_encode((char *) passphrase_new, (char *) response_new, SHA1_DIGEST_SIZE);
@@ -317,13 +306,12 @@ int main(int argc, char **argv) {
* We expect this to be active (or busy). It is the actual root device, no? */
cryptstatus = crypt_status(cryptdevice, device_name);
if (cryptstatus != CRYPT_ACTIVE && cryptstatus != CRYPT_BUSY) {
- rc = EXIT_FAILURE;
fprintf(stderr, "Device %s is invalid or inactive.\n", device_name);
goto out50;
}
/* initialize crypt device */
- if ((rc = crypt_init_by_name(&cryptdevice, device_name)) < 0) {
+ if (crypt_init_by_name(&cryptdevice, device_name) < 0) {
fprintf(stderr, "Device %s failed to initialize.\n", device_name);
goto out60;
}
@@ -331,17 +319,16 @@ int main(int argc, char **argv) {
cryptkeyslot = crypt_keyslot_status(cryptdevice, luks_slot);
if (cryptkeyslot == CRYPT_SLOT_INVALID) {
- rc = EXIT_FAILURE;
fprintf(stderr, "Key slot %d is invalid.\n", luks_slot);
goto out60;
} else if (cryptkeyslot == CRYPT_SLOT_ACTIVE || cryptkeyslot == CRYPT_SLOT_ACTIVE_LAST) {
/* read challenge from file */
- if ((rc = challengefile = open(challengefilename, O_RDONLY)) < 0) {
+ if ((challengefile = open(challengefilename, O_RDONLY)) < 0) {
perror("Failed opening challenge file for reading");
goto out60;
}
- if ((rc = read(challengefile, challenge_old, CHALLENGELEN)) < 0) {
+ if (read(challengefile, challenge_old, CHALLENGELEN) < 0) {
perror("Failed reading challenge from file");
goto out60;
}
@@ -358,31 +345,30 @@ int main(int argc, char **argv) {
CHALLENGELEN, (unsigned char *) challenge_old,
RESPONSELEN, (unsigned char *) response_old) == 0) {
perror("yk_challenge_response() failed");
- rc = EXIT_FAILURE;
goto out60;
}
yubikey_hex_encode((char *) passphrase_old, (char *) response_old, SHA1_DIGEST_SIZE);
- if ((rc = crypt_keyslot_change_by_passphrase(cryptdevice, luks_slot, luks_slot,
+ if (crypt_keyslot_change_by_passphrase(cryptdevice, luks_slot, luks_slot,
passphrase_old, PASSPHRASELEN,
- passphrase_new, PASSPHRASELEN)) < 0) {
+ passphrase_new, PASSPHRASELEN) < 0) {
fprintf(stderr, "Could not update passphrase for key slot %d.\n", luks_slot);
goto out60;
}
- if ((rc = unlink(challengefilename)) < 0) {
+ if (unlink(challengefilename) < 0) {
fprintf(stderr, "Failed to delete old challenge file.\n");
goto out60;
}
} else { /* ck == CRYPT_SLOT_INACTIVE */
- if ((rc = crypt_keyslot_add_by_passphrase(cryptdevice, luks_slot, NULL, 0,
- passphrase_new, PASSPHRASELEN)) < 0) {
+ if (crypt_keyslot_add_by_passphrase(cryptdevice, luks_slot, NULL, 0,
+ passphrase_new, PASSPHRASELEN) < 0) {
fprintf(stderr, "Could not add passphrase for key slot %d.\n", luks_slot);
goto out60;
}
}
- if ((rc = rename(challengefiletmpname, challengefilename)) < 0) {
+ if (rename(challengefiletmpname, challengefilename) < 0) {
fprintf(stderr, "Failed to rename new challenge file.\n");
goto out60;
}