diff --git a/CASA/micasad/cache/SecretStore.cs b/CASA/micasad/cache/SecretStore.cs index fc344b69..7507646f 100644 --- a/CASA/micasad/cache/SecretStore.cs +++ b/CASA/micasad/cache/SecretStore.cs @@ -27,7 +27,7 @@ using System.IO; using System.Xml; using System.Xml.Serialization; using System.Security.Cryptography; -using System.Text; +using System.Text; using System.Diagnostics; using sscs.cache; @@ -64,63 +64,81 @@ namespace sscs.cache string m_persistenceDirectory = null; private static string POLICY_DIRECTORY = "/home/.casa"; - private MPFileWatcher mpWatcher = null; - - private static SecretStore casaStore; - - static SecretStore() - { - if (casaStore == null) - { - User casaUser; - -#if LINUX - Directory.CreateDirectory("/home/.casa/" + constants.ConstStrings.MICASA_SERVICE_NAME); - casaUser = new UnixUser(new UnixUserIdentifier(GetCasaServiceUID()), "/home/.casa/" + constants.ConstStrings.MICASA_SERVICE_NAME)); -#else - // create a data directory for server secrets - Process proc = Process.GetCurrentProcess(); - string exePath = proc.MainModule.FileName; - exePath = exePath.Substring(0, exePath.LastIndexOf("\\")); - Directory.CreateDirectory(exePath + "\\data"); - - // create a casa User - casaUser = new WinUser(new WinUserIdentifier(998, 0), exePath + "\\data"); -#endif - casaUser.SetUserName(constants.ConstStrings.MICASA_SERVICE_NAME); - casaStore = casaUser.GetSecretStore(); - casaStore.refCount++; - - casaStore.AddKeyChain(new KeyChain(constants.ConstStrings.SSCS_SERVER_KEY_CHAIN_ID + "\0")); - casaStore.StartPersistenceOfServerSecretsBySystemKey(); - } - } - -#if LINUX - static private int GetCasaServiceUID() - { - Mono.Unix.UnixUserInfo uui; - try - { - uui = new Mono.Unix.UnixUserInfo(constants.ConstStrings.MICASA_SERVICE_NAME); - } - catch - { - Process proc = new Process(); - - ProcessStartInfo psi = new ProcessStartInfo("useradd"); - psi.Arguments = constants.ConstStrings.MICASA_SERVICE_NAME; - psi.UseShellExecute = false; - psi.RedirectStandardOutput = true; - - proc.StartInfo = psi; - proc.Start(); - proc.WaitForExit(); - - uui = new Mono.Unix.UnixUserInfo(constants.ConstStrings.MICASA_SERVICE_NAME); - } - - return uui.UserId; + private MPFileWatcher mpWatcher = null; + + private static SecretStore casaStore; + + static SecretStore() + { + if (casaStore == null) + { + User casaUser; + +#if LINUX + casaUser = new UnixUser(new UnixUserIdentifier(GetCasaServiceUID()), "/home/.casa/" + constants.ConstStrings.MICASA_SERVICE_NAME); +#else + // create a data directory for server secrets + Process proc = Process.GetCurrentProcess(); + string exePath = proc.MainModule.FileName; + exePath = exePath.Substring(0, exePath.LastIndexOf("\\")); + Directory.CreateDirectory(exePath + "\\data"); + + // create a casa User + casaUser = new WinUser(new WinUserIdentifier(998, 0), exePath + "\\data"); +#endif + casaUser.SetUserName(constants.ConstStrings.MICASA_SERVICE_NAME); + casaStore = casaUser.GetSecretStore(); + casaStore.refCount++; + + casaStore.AddKeyChain(new KeyChain(constants.ConstStrings.SSCS_SERVER_KEY_CHAIN_ID + "\0")); + casaStore.StartPersistenceOfServerSecretsBySystemKey(); + } + } + +#if LINUX + static private int GetCasaServiceUID() + { + Mono.Unix.UnixUserInfo uui; + + try + { + uui = new Mono.Unix.UnixUserInfo(constants.ConstStrings.MICASA_SERVICE_NAME); + } + catch + { + Process proc = new Process(); + + ProcessStartInfo psi = new ProcessStartInfo("useradd"); + psi.Arguments = constants.ConstStrings.MICASA_SERVICE_NAME; + psi.UseShellExecute = false; + psi.RedirectStandardOutput = true; + + proc.StartInfo = psi; + proc.Start(); + proc.WaitForExit(); + + uui = new Mono.Unix.UnixUserInfo(constants.ConstStrings.MICASA_SERVICE_NAME); + } + + + if (uui != null) + { + // create directory for casa + Mono.Unix.Native.FilePermissions permissions = Mono.Unix.Native.Syscall.umask( + Mono.Unix.Native.FilePermissions.S_IWGRP | + Mono.Unix.Native.FilePermissions.S_IWOTH); + + Directory.CreateDirectory("/home/.casa/" + constants.ConstStrings.MICASA_SERVICE_NAME); + + // set ownership + Mono.Unix.Native.Syscall.chown("/home/.casa/" + constants.ConstStrings.MICASA_SERVICE_NAME, + (uint)uui.UserId, + (uint)uui.GroupId); + + Mono.Unix.Native.Syscall.umask(permissions); + } + + return (int)uui.UserId; } #endif private DateTime createTime; @@ -766,30 +784,30 @@ namespace sscs.cache { keyChainList.Remove(id); return true; - } - - internal KeyChain GetKeyChainDefault(bool bCreateIfNotFound) - { - KeyChain kc; - - try - { - kc = GetKeyChainDefault(); - } - catch (Exception e) - { - if (bCreateIfNotFound) - { - kc = new KeyChain("SSCS_SESSION_KEY_CHAIN_ID\0"); - AddKeyChain(kc); - } - else - { - throw e; - } - } - - return kc; + } + + internal KeyChain GetKeyChainDefault(bool bCreateIfNotFound) + { + KeyChain kc; + + try + { + kc = GetKeyChainDefault(); + } + catch (Exception e) + { + if (bCreateIfNotFound) + { + kc = new KeyChain("SSCS_SESSION_KEY_CHAIN_ID\0"); + AddKeyChain(kc); + } + else + { + throw e; + } + } + + return kc; } internal KeyChain GetKeyChainDefault() @@ -798,12 +816,17 @@ namespace sscs.cache } internal KeyChain GetKeyChain(string id) - { + + { + Console.WriteLine("Keychain {0}", id); + // if this is the server keychain, return the casaStore controlled one. if (id.StartsWith(constants.ConstStrings.SSCS_SERVER_KEY_CHAIN_ID)) - { - KeyChain casakc = (KeyChain)casaStore.keyChainList[id]; - casakc.AccessedTime = DateTime.Now; + { + KeyChain casakc = (KeyChain)casaStore.keyChainList[id]; + casakc.AccessedTime = DateTime.Now; + Console.WriteLine("Returned casakc"); + return casakc; } @@ -824,8 +847,8 @@ namespace sscs.cache internal bool CheckIfKeyChainExists(string id) { - // return true if this is the server keychain - if (id.StartsWith(constants.ConstStrings.SSCS_SERVER_KEY_CHAIN_ID)) + // return true if this is the server keychain + if (id.StartsWith(constants.ConstStrings.SSCS_SERVER_KEY_CHAIN_ID)) return true; if(keyChainList.ContainsKey(id)) @@ -840,10 +863,10 @@ namespace sscs.cache if (lss != null) lss.PersistStoreWithDelay(); if (slss != null) - slss.PersistServerStoreWithDelay(); - - // persist casastore data - if (casaStore.slss != null) + slss.PersistServerStoreWithDelay(); + + // persist casastore data + if (casaStore.slss != null) casaStore.slss.PersistServerStoreWithDelay(); } @@ -1103,7 +1126,7 @@ namespace sscs.cache internal byte[] GetSecrets(string sEncryptionString, ref byte[] baIV) { if (lss != null) - { + { MemoryStream ms = LocalStorage.GetSecretsAsXMLStream(this, ConstStrings.SSCS_SESSION_KEY_CHAIN_ID); byte[] baSecrets = ms.ToArray(); @@ -1149,8 +1172,10 @@ namespace sscs.cache #if LINUX // set up mask Mono.Unix.Native.FilePermissions permissions = Mono.Unix.Native.Syscall.umask( - Mono.Unix.Native.FilePermissions.S_IWGRP | - Mono.Unix.Native.FilePermissions.S_IWOTH); + Mono.Unix.Native.FilePermissions.S_IWGRP | + Mono.Unix.Native.FilePermissions.S_IRGRP | + Mono.Unix.Native.FilePermissions.S_IROTH | + Mono.Unix.Native.FilePermissions.S_IWOTH); // create the directory if necessary if (!Directory.Exists(POLICY_DIRECTORY)) diff --git a/CASA/micasad/common/UnixUser.cs b/CASA/micasad/common/UnixUser.cs index 44c829af..9c37ca77 100644 --- a/CASA/micasad/common/UnixUser.cs +++ b/CASA/micasad/common/UnixUser.cs @@ -21,60 +21,62 @@ ***********************************************************************/ -using System; -using System.Collections; -using System.IO; -using sscs.cache; -using sscs.common; -using sscs.constants; - -namespace sscs.common -{ - internal class UnixUser : User - { - private string m_userHome = null; - - internal UnixUser() - { - } - - internal UnixUser(UserIdentifier unixUserId, string sUserHome) - { - m_userHome = sUserHome; - this.UnixUser(unixUserId); - } - - internal UnixUser(UserIdentifier unixUserId) - { - userId = unixUserId; - secretStore = new SecretStore(this); - } - - override internal void SetUserName(string username) - { - userName = username; - } - - override internal string GetUserName() - { - return userName; - } - - override internal string GetUserHomeDir() - { - if (m_userHome == null) - { - uint uid = (uint)userId.GetUID(); - Mono.Unix.UnixUserInfo uui = new Mono.Unix.UnixUserInfo(uid); - userName = uui.UserName; - return uui.HomeDirectory; - } - else - { - return m_userHome; - } - } - - - } -} +using System; +using System.Collections; +using System.IO; +using sscs.cache; +using sscs.common; +using sscs.constants; + +namespace sscs.common +{ + internal class UnixUser : User + { + private string m_userHome = null; + + internal UnixUser() + { + } + + internal UnixUser(UserIdentifier unixUserId, string sUserHome) + { + m_userHome = sUserHome; + userId = unixUserId; + secretStore = new SecretStore(this); + + } + + internal UnixUser(UserIdentifier unixUserId) + { + userId = unixUserId; + secretStore = new SecretStore(this); + } + + override internal void SetUserName(string username) + { + userName = username; + } + + override internal string GetUserName() + { + return userName; + } + + override internal string GetUserHomeDir() + { + if (m_userHome == null) + { + uint uid = (uint)userId.GetUID(); + Mono.Unix.UnixUserInfo uui = new Mono.Unix.UnixUserInfo(uid); + userName = uui.UserName; + return uui.HomeDirectory; + } + else + { + return m_userHome; + } + } + + + } +}