Add pure-certd

jedisct1 · jedisct1 · commit 43ecb0bcd280 · 2019-03-23T17:24:06.000+01:00
diff --git a/.gitignore b/.gitignore
@@ -29,6 +29,7 @@ puredb/src/example_write
 puredb/src/regression
 src/ptracetest
 src/pure-authd
+src/pure-certd
 src/pure-ftpd
 src/pure-ftpwho
 src/pure-mrtginfo
diff --git a/configure.ac b/configure.ac
@@ -1462,7 +1462,7 @@ gui/Makefile m4/Makefile pure-ftpd.conf puredb/Makefile
 puredb/src/Makefile
 man/pure-ftpd.8 man/pure-ftpwho.8 man/pure-mrtginfo.8 man/pure-uploadscript.8
 man/pure-statsdecode.8 man/pure-quotacheck.8 man/pure-pw.8 man/pure-pwconvert.8
-man/pure-authd.8)
+man/pure-authd.8 man/pure-certd.8)
 
 AC_OUTPUT
 
diff --git a/man/Makefile.am b/man/Makefile.am
@@ -7,7 +7,8 @@ man_MANS = \
 	pure-quotacheck.8 \
 	pure-pw.8 \
 	pure-pwconvert.8 \
-	pure-authd.8
+	pure-authd.8 \
+	pure-certd.8
 
 CLEANFILES = \
 	pure-ftpd.8 \
@@ -18,4 +19,5 @@ CLEANFILES = \
 	pure-quotacheck.8 \
 	pure-pw.8 \
 	pure-pwconvert.8 \
-	pure-authd.8
+	pure-authd.8 \
+	pure-certd.8
diff --git a/man/pure-authd.8.in b/man/pure-authd.8.in
@@ -138,6 +138,7 @@ Frank DENIS <j at pureftpd dot org>
 .BR "pure-pw(8)"
 .BR "pure-quotacheck(8)"
 .BR "pure-authd(8)"
+.BR "pure-certd(8)"
 
 .BR "RFC 959",
 .BR "RFC 2389",
diff --git a/man/pure-certd.8.in b/man/pure-certd.8.in
@@ -0,0 +1,91 @@
+.TH "pure-certd" "8" "@VERSION@" "Frank Denis" "Pure-FTPd"
+.SH "NAME"
+.LP
+pure\-certd \- TLS certificate agent for Pure\-FTPd.
+.SH "SYNTAX"
+.LP
+pure\-certd [\fI\-p\fP <\fI/path/to/pidfile\fP>] [\fI\-u\fP uid] [\fI\-g\fP gid] [\fI\-B\fP] <\fI\-s\fP /path/to/socket> \fI\-r\fP /program/to/run
+
+.SH "DESCRIPTION"
+.LP
+pure\-certd is a daemon that forks an authentication program, waits for a certificate path as a reply, and returns it to an application server.
+.LP
+pure\-certd listens to a local Unix socket. A new connection to that socket should send pure\-authd the following structure:
+.IP
+sni_name:xxx
+end
+.LP
+These content is passed to the authentication program, as an environment variable:
+.IP
+CERTD_SNI_NAME
+.LP
+The authentication program should take appropriate actions to select a TLS certificate, and reply to the standard output with the following format:
+.IP
+action:strict
+cert_path:/path/to/cert.pem
+end
+.TP
+\fBaction:\fRxxx
+If action is "deny", a certificate for that name was not found and access is denied.
+If xxx is "default", the default certificate will be used.
+If xxx is "strict", the certificate whose path is indicated in "cert_path" will be used. If absent or invalid, access will be denied.
+If xxx is "fallback", the certificate whose path is indicated in "cert_path" will be used. If absent or invalid, the default certificate will be used instead.
+.TP
+\fBuid:\fRxxx
+The system uid to be assigned to that user. Must be > 0.
+.TP
+\fBgid:\fRxxx
+The primary system gid. Must be > 0.
+.TP
+\fBdir:\fRxxx
+The absolute path to the home directory. Can contain /./ for a chroot jail.
+.LP
+\fIOnly one authentication program is forked at a time. It must return quickly.\fR
+.SH "OPTIONS"
+.TP
+\fB\-u\fR <\fIuid\fP>
+Have the daemon run with that uid.
+.TP
+\fB\-g\fR <\fIgid\fP>
+Have the daemon run with that gid.
+.TP
+\fB\-B\fR
+Fork in background (daemonization).
+.TP
+\fB\-s\fR <\fI/path/to/socket\fP>
+Set the full path to the local Unix socket.
+.TP
+\fB\-r\fR <\fI/path/to/program\fP>
+Set the full path to the authentication program.
+.TP
+\fB\-h\fR
+Output help information and exit.
+.SH "EXAMPLES"
+.LP
+To run this program the standard way type:
+.LP
+pure\-certd \-s @LOCALSTATEDIR@/run/certd.sock \-r /usr/bin/my\-cert\-program &
+.LP
+pure\-ftpd \-lextauth:@LOCALSTATEDIR@/run/certd.sock &
+.TP
+/usr/bin/my\-cert\-program can be as simple as:
+#! /bin/sh
+
+echo 'action:strict'
+
+echo 'cert_path:/etc/ssl/private/pure-ftpd/cert.pen'
+
+echo 'end'
+.SH "AUTHORS"
+.LP
+Frank DENIS <j at pureftpd dot org>
+.SH "SEE ALSO"
+.BR "ftp(1)" ,
+.BR "pure-ftpd(8)"
+.BR "pure-ftpwho(8)"
+.BR "pure-mrtginfo(8)"
+.BR "pure-uploadscript(8)"
+.BR "pure-statsdecode(8)"
+.BR "pure-pw(8)"
+.BR "pure-quotacheck(8)"
+.BR "pure-authd(8)"
diff --git a/man/pure-ftpd.8.in b/man/pure-ftpd.8.in
@@ -1020,6 +1020,7 @@ Contributors:
 .BR "pure-pw(8)"
 .BR "pure-quotacheck(8)"
 .BR "pure-authd(8)"
+.BR "pure-certd(8)"
 
 .BR "RFC 959" ,
 .BR "RFC 2228",
diff --git a/man/pure-ftpwho.8.in b/man/pure-ftpwho.8.in
@@ -79,6 +79,7 @@ Frank DENIS <j at pureftpd dot org>
 .BR "pure-pw(8)"
 .BR "pure-quotacheck(8)"
 .BR "pure-authd(8)"
+.BR "pure-certd(8)"
 
 .BR "RFC 959" ,
 .BR "RFC 2389",
diff --git a/man/pure-mrtginfo.8.in b/man/pure-mrtginfo.8.in
@@ -73,6 +73,7 @@ warranty, or liability of any kind.
 .BR "pure-pw(8)"
 .BR "pure-quotacheck(8)"
 .BR "pure-authd(8)"
+.BR "pure-certd(8)"
 
 .BR "RFC 959" ,
 .BR "RFC 2228",
diff --git a/man/pure-pw.8.in b/man/pure-pw.8.in
@@ -78,6 +78,7 @@ Frank DENIS <j at pureftpd dot org>
 .BR "pure-pw(8)"
 .BR "pure-quotacheck(8)"
 .BR "pure-authd(8)"
+.BR "pure-certd(8)"
 
 .BR "RFC 959" ,
 .BR "RFC 2228",
diff --git a/man/pure-pwconvert.8.in b/man/pure-pwconvert.8.in
@@ -31,6 +31,7 @@ Frank Denis <j at pureftpd dot org>
 .BR "pure-pw(8)"
 .BR "pure-quotacheck(8)"
 .BR "pure-authd(8)"
+.BR "pure-certd(8)"
 
 .BR "RFC 959" ,
 .BR "RFC 2228",
diff --git a/man/pure-quotacheck.8.in b/man/pure-quotacheck.8.in
@@ -61,6 +61,7 @@ pure\-quotacheck never scans the same inode/device pair twice.
 .BR "pure-pw(8)"
 .BR "pure-quotacheck(8)"
 .BR "pure-authd(8)"
+.BR "pure-certd(8)"
 
 .BR "RFC 959",
 .BR "RFC 2228",
diff --git a/man/pure-statsdecode.8.in b/man/pure-statsdecode.8.in
@@ -42,6 +42,7 @@ Frank DENIS <j at pureftpd dot org>
 .BR "pure-pw(8)"
 .BR "pure-quotacheck(8)"
 .BR "pure-authd(8)"
+.BR "pure-certd(8)"
 
 .BR "RFC 959" ,
 .BR "RFC 2228",
diff --git a/man/pure-uploadscript.8.in b/man/pure-uploadscript.8.in
@@ -94,6 +94,7 @@ Frank DENIS <j at pureftpd dot org>
 .BR "pure-pw(8)"
 .BR "pure-quotacheck(8)"
 .BR "pure-authd(8)"
+.BR "pure-certd(8)"
 
 .BR "RFC 959" ,
 .BR "RFC 2228",
diff --git a/src/Makefile.am b/src/Makefile.am
@@ -2,6 +2,7 @@ noinst_LIBRARIES = libpureftpd.a
 
 sbin_PROGRAMS = \
 	pure-authd \
+	pure-certd \
 	pure-ftpd \
 	pure-ftpwho \
 	pure-mrtginfo \
@@ -127,6 +128,7 @@ libpureftpd_a_SOURCES = \
 	simpleconf.c \
 	syslognames.h \
 	tls.h \
+	tls_extcert.h \
 	tls.c \
 	upload-pipe.c \
 	upload-pipe.h \
@@ -249,5 +251,18 @@ pure_authd_SOURCES = \
 	safe_rw.c \
 	safe_rw.h
 
+pure_certd_SOURCES = \
+	bsd-getopt_long.c \
+	bsd-getopt_long.h \
+	fakesnprintf.h \
+	fakesnprintf.c \
+	ftpd.h \
+	mysnprintf.c \
+	mysnprintf.h \
+	pure-certd.c \
+	pure-certd_p.h \
+	safe_rw.c \
+	safe_rw.h
+
 ptracetest_SOURCES = \
 	ptracetest.c
diff --git a/src/ftpd.h b/src/ftpd.h
@@ -460,6 +460,14 @@ extern int opt_a, opt_C, opt_d, opt_F, opt_l, opt_R;
 # endif
 #endif
 
+#ifndef CERTD_PID_FILE
+# ifdef NON_ROOT_FTP
+#  define CERTD_PID_FILE CONFDIR "/pure-certd.pid"
+# else
+#  define CERTD_PID_FILE STATEDIR "/run/pure-certd.pid"
+# endif
+#endif
+
 #ifndef NON_ROOT_FTP
 # ifdef IMPLICIT_TLS
 #  define DEFAULT_FTP_PORT_S "990"
diff --git a/src/pure-certd.c b/src/pure-certd.c
diff --git a/src/pure-certd_p.h b/src/pure-certd_p.h
diff --git a/src/tls_extcert.h b/src/tls_extcert.h
