From owner-svn-soc-all@FreeBSD.ORG  Mon Sep 23 16:35:08 2013
Return-Path: <owner-svn-soc-all@FreeBSD.ORG>
Delivered-To: svn-soc-all@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id CD850AA2
 for <svn-soc-all@FreeBSD.org>; Mon, 23 Sep 2013 16:35:08 +0000 (UTC)
 (envelope-from def@FreeBSD.org)
Received: from socsvn.freebsd.org (socsvn.freebsd.org
 [IPv6:2001:1900:2254:206a::50:2])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id B8399297D
 for <svn-soc-all@FreeBSD.org>; Mon, 23 Sep 2013 16:35:08 +0000 (UTC)
Received: from socsvn.freebsd.org ([127.0.1.124])
 by socsvn.freebsd.org (8.14.7/8.14.7) with ESMTP id r8NGZ8Tk015310
 for <svn-soc-all@FreeBSD.org>; Mon, 23 Sep 2013 16:35:08 GMT
 (envelope-from def@FreeBSD.org)
Received: (from www@localhost)
 by socsvn.freebsd.org (8.14.7/8.14.6/Submit) id r8NGZ8QB015299
 for svn-soc-all@FreeBSD.org; Mon, 23 Sep 2013 16:35:08 GMT
 (envelope-from def@FreeBSD.org)
Date: Mon, 23 Sep 2013 16:35:08 GMT
Message-Id: <201309231635.r8NGZ8QB015299@socsvn.freebsd.org>
X-Authentication-Warning: socsvn.freebsd.org: www set sender to
 def@FreeBSD.org using -f
From: def@FreeBSD.org
To: svn-soc-all@FreeBSD.org
Subject: socsvn commit: r257651 - in soc2013/def/crashdump-head: etc/defaults
 etc/rc.d sbin/dumpkey
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-soc-all@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: SVN commit messages for the entire Summer of Code repository
 <svn-soc-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-soc-all>,
 <mailto:svn-soc-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-soc-all>
List-Post: <mailto:svn-soc-all@freebsd.org>
List-Help: <mailto:svn-soc-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-soc-all>,
 <mailto:svn-soc-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Sep 2013 16:35:09 -0000

Author: def
Date: Mon Sep 23 16:35:08 2013
New Revision: 257651
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=257651

Log:
  Review dumpkey.

Modified:
  soc2013/def/crashdump-head/etc/defaults/rc.conf
  soc2013/def/crashdump-head/etc/rc.d/dumpkey
  soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c

Modified: soc2013/def/crashdump-head/etc/defaults/rc.conf
==============================================================================
--- soc2013/def/crashdump-head/etc/defaults/rc.conf	Mon Sep 23 16:12:11 2013	(r257650)
+++ soc2013/def/crashdump-head/etc/defaults/rc.conf	Mon Sep 23 16:35:08 2013	(r257651)
@@ -606,10 +606,10 @@
 chkprintcap_flags="-d"	# Create missing directories by default.
 dumpdev="AUTO"		# Device to crashdump to (device name, AUTO, or NO).
 dumpdir="/var/crash"	# Directory where crash dumps are to be stored
-dumpkey_enable="YES"
-dumpkey_pub="/var/crash/.public.key"
-dumpkey_priv="/var/crash/.private.key"
-dumpkey_bits="2048"
+dumpkey_enable="YES"	# Run dumpkey to generate a symmetric key.
+dumpkey_pub="/var/crash/.public.key"	# Public key to encrypt a symmetric key.
+dumpkey_priv="/var/crash/.private.key"	# Private key to decrypt a symmetric key.
+dumpkey_bits="2048"	# RSA keys' length.
 savecore_flags="-m 10"	# Used if dumpdev is enabled above, and present.
 			# By default, only the 10 most recent kernel dumps
 			# are saved.

Modified: soc2013/def/crashdump-head/etc/rc.d/dumpkey
==============================================================================
--- soc2013/def/crashdump-head/etc/rc.d/dumpkey	Mon Sep 23 16:12:11 2013	(r257650)
+++ soc2013/def/crashdump-head/etc/rc.d/dumpkey	Mon Sep 23 16:35:08 2013	(r257651)
@@ -9,10 +9,7 @@
 rcvar="dumpkey_enable"
 start_cmd="dumpkey_start"
 start_precmd="dumpkey_prestart"
-stop_cmd=":"
-decrypt_precmd="dumpkey_predecrypt"
-decrypt_cmd="dumpkey_decrypt"
-extra_commands="decrypt"
+stop_cmd="dumpkey_stop"
 
 dumpkey_prestart()
 {
@@ -32,21 +29,9 @@
 	/sbin/dumpkey -e ${dumpkey_pub}
 }
 
-dumpkey_predecrypt()
+dumpkey_stop()
 {
-	if [ ! -r "${dumpkey_priv}" ]; then
-		warn "The private RSA key doesn't exist. It's not possible to decrypt the symmetric key."
-		return 1
-	fi
-}
-
-dumpkey_decrypt()
-{
-	if [ $# -gt 0 ]; then
-		/usr/bin/openssl rsautl -decrypt -inkey ${dumpkey_priv} -in "$*" -out "$*-decrypted"
-	else
-		echo "You have to specify an encrypted symmetric key."
-	fi
+	rm ${dumpdir}/*-decrypted
 }
 
 load_rc_config $name

Modified: soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c
==============================================================================
--- soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c	Mon Sep 23 16:12:11 2013	(r257650)
+++ soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c	Mon Sep 23 16:35:08 2013	(r257651)
@@ -40,7 +40,7 @@
 }
 
 static int
-read_data(char *buf, size_t size, char *fname)
+read_data(char *buf, size_t size, const char *fname)
 {
 	FILE *fp;
 
@@ -194,8 +194,8 @@
 	char buf[PEFS_SECTOR_SIZE];
 	struct xts_ctx data_ctx, tweak_ctx;
 	RSA *private_key;
-	int buf_used, offset;
-	size_t bytes;
+	int offset;
+	size_t buf_used, bytes;
 	FILE *fp, *fp_w;
 
 	private_key = RSA_new();
@@ -232,8 +232,10 @@
 		if (buf_used == PEFS_SECTOR_SIZE || (buf_used > 0 && bytes == 0)) {
 			xts_block_decrypt(&xts_alg_aes, &tweak_ctx, &data_ctx, offset, tweak, 0, buf_used, buf, buf);
 
-			if (fwrite(buf, 1, buf_used, fp_w) != buf_used)
+			if (fwrite(buf, 1, buf_used, fp_w) != buf_used) {
+				printf("Error: cannot write a decrypted core.\n");
 				goto out;
+			}
 
 			offset += buf_used;
 			buf_used = 0;