about summary refs log tree commit diff
diff options
context:
space:
mode:
authorJune McEnroe <june@causal.agency>2020-08-30 14:42:11 -0400
committerJune McEnroe <june@causal.agency>2020-08-30 14:42:11 -0400
commit380cbf491903a38e3b6eb2553c041852f7bba428 (patch)
treec9e07903f51480597c6fabaeadf51c86f19a16dc
parentSandbox pounce with unveil(2) (diff)
downloadpounce-380cbf491903a38e3b6eb2553c041852f7bba428.tar.gz
pounce-380cbf491903a38e3b6eb2553c041852f7bba428.zip
Rearrange bounce.c, move non-main mains below main
Diffstat (limited to '')
-rw-r--r--bounce.c222
1 files changed, 114 insertions, 108 deletions
diff --git a/bounce.c b/bounce.c
index 4d9b077..0f10c26 100644
--- a/bounce.c
+++ b/bounce.c
@@ -64,91 +64,37 @@
 
 bool verbose;
 
-#ifdef __OpenBSD__
-static void hashPass(void) {
-	char hash[_PASSWORD_LEN];
-	char *pass = getpass("Password: ");
-	int error = crypt_newhash(pass, "bcrypt,a", hash, sizeof(hash));
-	if (error) err(EX_OSERR, "crypt_newhash");
-	printf("%s\n", hash);
-}
-#else
-static void hashPass(void) {
-	byte rand[12];
-	int error = getentropy(rand, sizeof(rand));
-	if (error) err(EX_OSERR, "getentropy");
-
-	char salt[3 + BASE64_SIZE(sizeof(rand))] = "$6$";
-	base64(&salt[3], rand, sizeof(rand));
-
-	char *pass = getpass("Password: ");
-	printf("%s\n", crypt(pass, salt));
-}
-#endif
-
-static void genReq(const char *path) {
-	const char *name = strrchr(path, '/');
-	name = (name ? &name[1] : path);
-	char subj[256];
-	snprintf(subj, sizeof(subj), "/CN=%.*s", (int)strcspn(name, "."), name);
-	execlp(
-		OPENSSL_BIN, "openssl", "req",
-		"-new", "-newkey", "rsa:4096", "-sha256", "-nodes",
-		"-subj", subj, "-keyout", path,
-		NULL
-	);
-	err(EX_UNAVAILABLE, "openssl");
-}
-
-static void redir(int dst, int src) {
-	int fd = dup2(src, dst);
-	if (fd < 0) err(EX_OSERR, "dup2");
-	close(src);
+static volatile sig_atomic_t signals[NSIG];
+static void signalHandler(int signal) {
+	signals[signal] = 1;
 }
 
-static void genCert(const char *path, const char *ca) {
-	int out = open(path, O_WRONLY | O_APPEND | O_CREAT, 0600);
-	if (out < 0) err(EX_CANTCREAT, "%s", path);
-
-	int rw[2];
-	int error = pipe(rw);
-	if (error) err(EX_OSERR, "pipe");
+static struct {
+	struct pollfd *fds;
+	struct Client **clients;
+	size_t cap, len;
+} event;
 
-	pid_t pid = fork();
-	if (pid < 0) err(EX_OSERR, "fork");
-	if (!pid) {
-		close(rw[0]);
-		redir(STDOUT_FILENO, rw[1]);
-		genReq(path);
+static void eventAdd(int fd, struct Client *client) {
+	if (event.len == event.cap) {
+		event.cap = (event.cap ? event.cap * 2 : 8);
+		event.fds = realloc(event.fds, sizeof(*event.fds) * event.cap);
+		if (!event.fds) err(EX_OSERR, "realloc");
+		event.clients = realloc(
+			event.clients, sizeof(*event.clients) * event.cap
+		);
+		if (!event.clients) err(EX_OSERR, "realloc");
 	}
-
-	close(rw[1]);
-	redir(STDIN_FILENO, rw[0]);
-	redir(STDOUT_FILENO, out);
-	execlp(
-		OPENSSL_BIN, "openssl", "x509",
-		"-req", "-days", "3650", "-CAcreateserial",
-		(ca ? "-CA" : "-signkey"), (ca ? ca : path),
-		NULL
-	);
-	err(EX_UNAVAILABLE, "openssl");
-}
-
-static size_t parseSize(const char *str) {
-	char *rest;
-	size_t size = strtoull(str, &rest, 0);
-	if (*rest) errx(EX_USAGE, "invalid size: %s", str);
-	return size;
+	event.fds[event.len] = (struct pollfd) { .fd = fd, .events = POLLIN };
+	event.clients[event.len] = client;
+	event.len++;
 }
 
-static struct timeval parseInterval(const char *str) {
-	char *rest;
-	long ms = strtol(str, &rest, 0);
-	if (*rest) errx(EX_USAGE, "invalid interval: %s", str);
-	return (struct timeval) {
-		.tv_sec = ms / 1000,
-		.tv_usec = 1000 * (ms % 1000),
-	};
+static void eventRemove(size_t i) {
+	close(event.fds[i].fd);
+	event.len--;
+	event.fds[i] = event.fds[event.len];
+	event.clients[i] = event.clients[event.len];
 }
 
 static FILE *saveFile;
@@ -193,6 +139,7 @@ static void unveilParent(const char *path, const char *mode) {
 	int error = unveil((base ? buf : "."), mode);
 	if (error && errno != ENOENT) err(EX_OSERR, "unveil");
 }
+
 static void unveilTarget(const char *path, const char *mode) {
 	char buf[PATH_MAX];
 	strlcpy(buf, path, sizeof(buf));
@@ -203,6 +150,7 @@ static void unveilTarget(const char *path, const char *mode) {
 	base[len] = '\0';
 	unveilParent(buf, mode);
 }
+
 static void unveilConfig(const char *path) {
 	const char *dirs = NULL;
 	for (const char *abs; NULL != (abs = configPath(&dirs, path));) {
@@ -210,6 +158,7 @@ static void unveilConfig(const char *path) {
 		unveilTarget(abs, "r");
 	}
 }
+
 static void unveilData(const char *path) {
 	const char *dirs = NULL;
 	for (const char *abs; NULL != (abs = dataPath(&dirs, path));) {
@@ -217,40 +166,27 @@ static void unveilData(const char *path) {
 		if (error && errno != ENOENT) err(EX_OSERR, "unveil");
 	}
 }
-#endif
+#endif /* __OpenBSD__ */
 
-static volatile sig_atomic_t signals[NSIG];
-static void signalHandler(int signal) {
-	signals[signal] = 1;
+static size_t parseSize(const char *str) {
+	char *rest;
+	size_t size = strtoull(str, &rest, 0);
+	if (*rest) errx(EX_USAGE, "invalid size: %s", str);
+	return size;
 }
 
-static struct {
-	struct pollfd *fds;
-	struct Client **clients;
-	size_t cap, len;
-} event;
-
-static void eventAdd(int fd, struct Client *client) {
-	if (event.len == event.cap) {
-		event.cap = (event.cap ? event.cap * 2 : 8);
-		event.fds = realloc(event.fds, sizeof(*event.fds) * event.cap);
-		if (!event.fds) err(EX_OSERR, "realloc");
-		event.clients = realloc(
-			event.clients, sizeof(*event.clients) * event.cap
-		);
-		if (!event.clients) err(EX_OSERR, "realloc");
-	}
-	event.fds[event.len] = (struct pollfd) { .fd = fd, .events = POLLIN };
-	event.clients[event.len] = client;
-	event.len++;
+static struct timeval parseInterval(const char *str) {
+	char *rest;
+	long ms = strtol(str, &rest, 0);
+	if (*rest) errx(EX_USAGE, "invalid interval: %s", str);
+	return (struct timeval) {
+		.tv_sec = ms / 1000,
+		.tv_usec = 1000 * (ms % 1000),
+	};
 }
 
-static void eventRemove(size_t i) {
-	close(event.fds[i].fd);
-	event.len--;
-	event.fds[i] = event.fds[event.len];
-	event.clients[i] = event.clients[event.len];
-}
+static void hashPass(void);
+static void genCert(const char *path, const char *ca);
 
 int main(int argc, char *argv[]) {
 	int error;
@@ -606,3 +542,73 @@ int main(int argc, char *argv[]) {
 		close(event.fds[i].fd);
 	}
 }
+
+#ifdef __OpenBSD__
+static void hashPass(void) {
+	char hash[_PASSWORD_LEN];
+	char *pass = getpass("Password: ");
+	int error = crypt_newhash(pass, "bcrypt,a", hash, sizeof(hash));
+	if (error) err(EX_OSERR, "crypt_newhash");
+	printf("%s\n", hash);
+}
+#else
+static void hashPass(void) {
+	byte rand[12];
+	int error = getentropy(rand, sizeof(rand));
+	if (error) err(EX_OSERR, "getentropy");
+
+	char salt[3 + BASE64_SIZE(sizeof(rand))] = "$6$";
+	base64(&salt[3], rand, sizeof(rand));
+
+	char *pass = getpass("Password: ");
+	printf("%s\n", crypt(pass, salt));
+}
+#endif
+
+static void genReq(const char *path) {
+	const char *name = strrchr(path, '/');
+	name = (name ? &name[1] : path);
+	char subj[256];
+	snprintf(subj, sizeof(subj), "/CN=%.*s", (int)strcspn(name, "."), name);
+	execlp(
+		OPENSSL_BIN, "openssl", "req",
+		"-new", "-newkey", "rsa:4096", "-sha256", "-nodes",
+		"-subj", subj, "-keyout", path,
+		NULL
+	);
+	err(EX_UNAVAILABLE, "openssl");
+}
+
+static void redir(int dst, int src) {
+	int fd = dup2(src, dst);
+	if (fd < 0) err(EX_OSERR, "dup2");
+	close(src);
+}
+
+static void genCert(const char *path, const char *ca) {
+	int out = open(path, O_WRONLY | O_APPEND | O_CREAT, 0600);
+	if (out < 0) err(EX_CANTCREAT, "%s", path);
+
+	int rw[2];
+	int error = pipe(rw);
+	if (error) err(EX_OSERR, "pipe");
+
+	pid_t pid = fork();
+	if (pid < 0) err(EX_OSERR, "fork");
+	if (!pid) {
+		close(rw[0]);
+		redir(STDOUT_FILENO, rw[1]);
+		genReq(path);
+	}
+
+	close(rw[1]);
+	redir(STDIN_FILENO, rw[0]);
+	redir(STDOUT_FILENO, out);
+	execlp(
+		OPENSSL_BIN, "openssl", "x509",
+		"-req", "-days", "3650", "-CAcreateserial",
+		(ca ? "-CA" : "-signkey"), (ca ? ca : path),
+		NULL
+	);
+	err(EX_UNAVAILABLE, "openssl");
+}