2009-03-12 Dave Brolley <brolley@redhat.com>

        * util.cxx (remove_file_or_dir): New function.
        * util.h (remove_file_or_dir): New function.
        * systemtap.spec (stap): Add stap-env, stap-gen-cert, stap-authorize-cert,
        and stap-authorize-signing-cert.
        (stap-client): Remove stap-find-or-start-server, stap-add-server-cert.
        Add stap-authorize-server-cert.
        (stap-server): Add stap-find-servers, stap-find-or-start-server,
        stap-authorize-server-cert. Remove stap-gen-server-cert.
        * stap-find-servers: Source stap-env. Use $stap_avahi_service_tag.
        (initialization): Set timeout to 10.
        (find_servers): Run avahi-browse in the background and wait for it.
        Use a temp file for the output of avahi-browse. Kill avahi-browse if
        the timeout expires.
        (match_server): Set read timeout.
        (fatal): New function.
        * stap-find-or-start-server: Source stap-env. Use $stap_exec_prefix. Always
        exit with 0.
        * stap-start-server: Source stap-env. Check for the server PID as a running
        process and for avahi-publish-service running as a child in order to
        verify that the server is ready.
        * stap-add-server-cert: Renamed to stap-authorize-server-cert. Source
        stap-env. Call stap-authorize-cert.
        * stap-client: Source stap-env. Use $stap_user_ssl_db and
        $stap_root_ssl_db. Use $stap_tmpdir_prefix_client,
        $stap_tmpdir_prefix_server. Use $stap_exec_prefix.
        (configuration): Removed.
        (staprun_running): Removed.
        (interrupt): Don't kill staprun.
        * stap-server: Source stap-env. Use $stap_user_ssl_db and
        $stap_root_ssl_db. Use $stap_tmpdir_prefix_client,
        $stap_tmpdir_prefix_server. Use $stap_exec_prefix.
        (configuration): Removed.
        * session.h (systemtap_session): Add cert_db_path.
        * runtime/staprun/staprun_funcs.c (config.h): #include it.
        (modverify.h): #include it.
        (check_signature): New function.
        (check_groups): New function extracted from check_permissions.
        (check_permissions): Call check_groups and check_signature.
        * runtime/staprun/mainloop.c (cleanup_and_exit): Pass modpath to staprun,
        not modname.
        * main.cxx (main): Initialize cert_db_path. Handle LONG_OPT_SIGN_MODULE.
        Save the module signature if the module was signed and is being saved.
        (LONG_OPT_SIGN_MODULE): #define it.
        (long_options): Add --sign-module.
        * cache.cxx (config.h): #include it.
        (add_to_cache): Add the module signature file to the cache if the module
        has been signed.
        * buildrun.cxx (modsign.h): #include it.
        (compile_pass): Call sign_module, if requested.
        * configure.ac: Define HAVE_NSS if NSS libraries are available.
        * Makefile.am (AM_CPPFLAGS): Add -DSYSCONFDIR.
        (bin_SCRIPTS): Add stap-env, stap-gen-cert, stap-authorize-cert,
        stap-authorize-signing-cert, stap-authorize-server-cert. Remove
        stap-gen-server-cert, stap-add-server-cert.
        (stap_SOURCES): Add nsscommon.c, modsign.cxx
        (stap_CPPFLAGS): Add $(nss_CFLAGS), $(nspr_CFLAGS).
        (stap_LDADD): Add -lnss3.
        (staprun_SOURCES): Add nsscommon.c.
        * modsign.cxx: New file.
        * modsign.h: New file.
        * nsscommon.c: New file.
        * nsscommon.h: New file.
        * runtime/staprun/modverify.c: New file.
        * runtime/staprun/modverify.h: New file.
        * stap-authorize-cert: New file.
        * stap-authorize-signing-cert: New file.
        * stap-env: New file.
        * Makefile.in: Regenerated.
        * aclocal.m4: Regenerated.
        * config.in: Regenerated.
        * configure: Regenerated.
        * doc/Makefile.in: Regenerated.
        * doc/SystemTap_Tapset_Reference/Makefile.in: Regenerated.
        * testsuite/Makefile.in: Regenerated.
        * testsuite/aclocal.m4: Regenerated.

1 files changed, 55 insertions, 0 deletions

diff --git a/main.cxx b/main.cxx
index dbb2a306..eb9a2819 100644
--- a/main.cxx
+++ b/main.cxx
@@ -359,6 +359,7 @@ main (int argc, char * const argv [])
   s.output_file = ""; // -o FILE
   s.keep_tmpdir = false;
   s.cmd = "";
+  s.cert_db_path = "";
   s.target_pid = 0;
   s.merge=true;
   s.perfmon=0;
@@ -428,6 +429,7 @@ main (int argc, char * const argv [])
 #define LONG_OPT_IGNORE_VMLINUX 3
 #define LONG_OPT_IGNORE_DWARF 4
 #define LONG_OPT_VERBOSE_PASS 5
+#define LONG_OPT_SIGN_MODULE 6
       // NB: also see find_hash(), usage(), switch stmt below, stap.1 man page
       static struct option long_options[] = {
         { "kelf", 0, &long_opt, LONG_OPT_KELF },
@@ -435,6 +437,7 @@ main (int argc, char * const argv [])
         { "ignore-vmlinux", 0, &long_opt, LONG_OPT_IGNORE_VMLINUX },
         { "ignore-dwarf", 0, &long_opt, LONG_OPT_IGNORE_DWARF },
         { "vp", 1, &long_opt, LONG_OPT_VERBOSE_PASS },
+        { "sign-module", 2, &long_opt, LONG_OPT_SIGN_MODULE },
         { NULL, 0, NULL, 0 }
       };
       int grc = getopt_long (argc, argv, "hVMvtp:I:e:o:R:r:m:kgPc:x:D:bs:uqwl:d:L:F",
@@ -695,6 +698,42 @@ main (int argc, char * const argv [])
                 // NB: we don't do this: s.last_pass = strlen(optarg);
                 break;
               }
+            case LONG_OPT_SIGN_MODULE:
+              if (!s.cert_db_path.empty())
+		{
+		  cerr << "You can't specify multiple --sign-module options." << endl;
+		  usage(s, 1);
+		}
+#if HAVE_NSS
+              if (optarg)
+		{
+		  s.cert_db_path = optarg;
+		  string::size_type len = s.cert_db_path.length();
+
+		  // Make sure the name is not empty (i.e. --sign-module= )
+		  if (len == 0)
+		    {
+		      cerr << "Certificate database directory name can not be empty." << endl;
+		      usage (s, 1);
+		    }
+
+		  // Chop off any trailing '/'.
+		  if (len > 1 && s.cert_db_path.substr(len - 1, 1) == "/")
+		    s.cert_db_path.erase(len - 1);
+		}
+              else
+		{
+		  /* If we're root, use the database in SYSCONFDIR, otherwise
+		     use the one in our $HOME directory.  */
+		  if (getuid() == 0)
+		    s.cert_db_path = SYSCONFDIR "/systemtap/ssl/server";
+		  else
+		    s.cert_db_path = getenv("HOME") + string ("/.systemtap/ssl/server");
+		}
+#else
+	      cerr << "WARNING: Module signing is disabled. The required nss libraries are not available." << endl;
+#endif
+	      break;
             default:
               cerr << "Internal error parsing command arguments." << endl;
               usage(s, 1);
@@ -1111,6 +1150,22 @@ main (int argc, char * const argv [])
 	  if (copy_file(module_src_path.c_str(), module_dest_path.c_str()) != 0)
 	    cerr << "Copy failed (\"" << module_src_path << "\" to \""
 		 << module_dest_path << "\"): " << strerror(errno) << endl;
+
+#if HAVE_NSS
+	  // Save the signature as well, if the module was signed.
+	  if (!s.cert_db_path.empty())
+	    {
+	      module_src_path += ".sgn";
+	      module_dest_path += ".sgn";
+
+	      if (s.verbose > 1)
+		clog << "Copying " << module_src_path << " to "
+		     << module_dest_path << endl;
+	      if (copy_file(module_src_path.c_str(), module_dest_path.c_str()) != 0)
+		cerr << "Copy failed (\"" << module_src_path << "\" to \""
+		     << module_dest_path << "\"): " << strerror(errno) << endl;
+	    }
+#endif
 	}
     }