2009-03-12 Dave Brolley <brolley@redhat.com>

        * util.cxx (remove_file_or_dir): New function.
        * util.h (remove_file_or_dir): New function.
        * systemtap.spec (stap): Add stap-env, stap-gen-cert, stap-authorize-cert,
        and stap-authorize-signing-cert.
        (stap-client): Remove stap-find-or-start-server, stap-add-server-cert.
        Add stap-authorize-server-cert.
        (stap-server): Add stap-find-servers, stap-find-or-start-server,
        stap-authorize-server-cert. Remove stap-gen-server-cert.
        * stap-find-servers: Source stap-env. Use $stap_avahi_service_tag.
        (initialization): Set timeout to 10.
        (find_servers): Run avahi-browse in the background and wait for it.
        Use a temp file for the output of avahi-browse. Kill avahi-browse if
        the timeout expires.
        (match_server): Set read timeout.
        (fatal): New function.
        * stap-find-or-start-server: Source stap-env. Use $stap_exec_prefix. Always
        exit with 0.
        * stap-start-server: Source stap-env. Check for the server PID as a running
        process and for avahi-publish-service running as a child in order to
        verify that the server is ready.
        * stap-add-server-cert: Renamed to stap-authorize-server-cert. Source
        stap-env. Call stap-authorize-cert.
        * stap-client: Source stap-env. Use $stap_user_ssl_db and
        $stap_root_ssl_db. Use $stap_tmpdir_prefix_client,
        $stap_tmpdir_prefix_server. Use $stap_exec_prefix.
        (configuration): Removed.
        (staprun_running): Removed.
        (interrupt): Don't kill staprun.
        * stap-server: Source stap-env. Use $stap_user_ssl_db and
        $stap_root_ssl_db. Use $stap_tmpdir_prefix_client,
        $stap_tmpdir_prefix_server. Use $stap_exec_prefix.
        (configuration): Removed.
        * session.h (systemtap_session): Add cert_db_path.
        * runtime/staprun/staprun_funcs.c (config.h): #include it.
        (modverify.h): #include it.
        (check_signature): New function.
        (check_groups): New function extracted from check_permissions.
        (check_permissions): Call check_groups and check_signature.
        * runtime/staprun/mainloop.c (cleanup_and_exit): Pass modpath to staprun,
        not modname.
        * main.cxx (main): Initialize cert_db_path. Handle LONG_OPT_SIGN_MODULE.
        Save the module signature if the module was signed and is being saved.
        (LONG_OPT_SIGN_MODULE): #define it.
        (long_options): Add --sign-module.
        * cache.cxx (config.h): #include it.
        (add_to_cache): Add the module signature file to the cache if the module
        has been signed.
        * buildrun.cxx (modsign.h): #include it.
        (compile_pass): Call sign_module, if requested.
        * configure.ac: Define HAVE_NSS if NSS libraries are available.
        * Makefile.am (AM_CPPFLAGS): Add -DSYSCONFDIR.
        (bin_SCRIPTS): Add stap-env, stap-gen-cert, stap-authorize-cert,
        stap-authorize-signing-cert, stap-authorize-server-cert. Remove
        stap-gen-server-cert, stap-add-server-cert.
        (stap_SOURCES): Add nsscommon.c, modsign.cxx
        (stap_CPPFLAGS): Add $(nss_CFLAGS), $(nspr_CFLAGS).
        (stap_LDADD): Add -lnss3.
        (staprun_SOURCES): Add nsscommon.c.
        * modsign.cxx: New file.
        * modsign.h: New file.
        * nsscommon.c: New file.
        * nsscommon.h: New file.
        * runtime/staprun/modverify.c: New file.
        * runtime/staprun/modverify.h: New file.
        * stap-authorize-cert: New file.
        * stap-authorize-signing-cert: New file.
        * stap-env: New file.
        * Makefile.in: Regenerated.
        * aclocal.m4: Regenerated.
        * config.in: Regenerated.
        * configure: Regenerated.
        * doc/Makefile.in: Regenerated.
        * doc/SystemTap_Tapset_Reference/Makefile.in: Regenerated.
        * testsuite/Makefile.in: Regenerated.
        * testsuite/aclocal.m4: Regenerated.

1 files changed, 95 insertions, 0 deletions

diff --git a/stap-gen-cert b/stap-gen-cert
new file mode 100755
index 00000000..bf87b572
--- /dev/null
+++ b/stap-gen-cert
@@ -0,0 +1,95 @@
+#!/bin/bash
+
+# Generate a certificate for the systemtap server and add it to the
+# database of trusted servers for the client.
+#
+# Copyright (C) 2008, 2009 Red Hat Inc.
+#
+# This file is part of systemtap, and is free software.  You can
+# redistribute it and/or modify it under the terms of the GNU General
+# Public License (GPL); either version 2, or (at your option) any
+# later version.
+
+# Initialize the environment
+. stap-env
+
+# Obtain a password from stdin and echo it.
+function user_enter_password
+{
+    while true
+    do
+	while true
+	do
+	    read -sp "Enter new password for systemtap server certificate/key database:" pw1 junk
+	    echo "" >&2
+	    test "X$pw1" != "X" && break
+	done
+	while true
+	do
+	    read -sp "Reenter new password:" pw2 junk
+	    echo "" >&2
+	    test "X$pw2" != "X" && break
+	done
+	test "$pw1" = "$pw2" && break
+	echo "Passwords do not match" >&2
+    done
+
+    echo $pw1
+}
+
+# Obtain the certificate database directory name.
+serverdb=$1
+if  test "X$serverdb" = "X"; then
+    serverdb=$stap_ssl_db/server
+fi
+rm -fr $serverdb
+
+# Create the server's certificate database directory.
+if ! mkdir -p -m 755 $serverdb; then
+    echo "Unable to create the server certificate database directory: $serverdb" >&2
+    exit 1
+fi
+
+# Create the certificate database password file. Care must be taken
+# that this file is only readable by the owner.
+if ! (touch $serverdb/pw && chmod 600 $serverdb/pw); then
+    echo "Unable to create the server certificate database password file: $serverdb/pw" >&2
+    exit 1
+fi
+
+# Generate a random password.
+mkpasswd -l 20 > $serverdb/pw 2>/dev/null || \
+apg -a 1 -n 1 -m 20 -x 20 > $serverdb/pw 2>/dev/null || \
+user_enter_password > $serverdb/pw
+
+# Generate the server certificate database
+if ! certutil -N -d $serverdb -f $serverdb/pw > /dev/null; then
+    echo "Unable to initialize the server certificate database directory: $serverdb" >&2
+    exit 1
+fi
+
+# We need some random noise for generating keys
+dd bs=123 count=1 < /dev/urandom > $serverdb/noise 2> /dev/null
+
+# Generate a request for the server's certificate.
+certutil -R -d $serverdb -f $serverdb/pw -s "CN=Systemtap Compile Server, OU=Systemtap, O=Red Hat, C=US" -o $serverdb/stap-server.req -z $serverdb/noise 2> /dev/null
+rm -fr $serverdb/noise
+
+# Create the certificate file first so that it always has the proper access permissions.
+if ! (touch $serverdb/stap-server.cert && chmod 644 $serverdb/stap-server.cert); then
+    echo "Unable to create the server certificate file: $serverdb/stap-server.cert" >&2
+    exit 1
+fi
+
+# Now generate the actual certificate.
+certutil -C -i $serverdb/stap-server.req -o $serverdb/stap-server.cert -x -d $serverdb -f $serverdb/pw -5 -8 "$HOSTNAME,localhost" >/dev/null <<-EOF
+1
+3
+7
+8
+y
+EOF
+rm -fr $serverdb/stap-server.req
+
+# Add the certificate to the server's certificate/key database as a trusted peer, ssl server and object signer
+certutil -A -n stap-server -t "PCu,,PCu" -i $serverdb/stap-server.cert -d $serverdb -f $serverdb/pw