1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
|
/*==============================================================================
*
* PUBLIC DOMAIN NOTICE
* National Center for Biotechnology Information
*
* This software/database is a "United States Government Work" under the
* terms of the United States Copyright Act. It was written as part of
* the author's official duties as a United States Government employee and
* thus cannot be copyrighted. This software/database is freely available
* to the public for use. The National Library of Medicine and the U.S.
* Government have not placed any restriction on its use or reproduction.
*
* Although all reasonable efforts have been taken to ensure the accuracy
* and reliability of the software and data, the NLM and the U.S.
* Government do not and cannot warrant the performance or results that
* may be obtained by using this software or data. The NLM and the U.S.
* Government disclaim all warranties, express or implied, including
* warranties of performance, merchantability or fitness for any particular
* purpose.
*
* Please cite the author in any work or product based on this material.
*
* ===========================================================================
*
*/
#include "syspass-priv.h" /* get_pass */
#include <kapp/main.h> /* KMain */
#include <vfs/manager.h> /* VFSManager */
#include <klib/log.h> /* LOGERR */
#include <klib/out.h> /* OUTMSG */
#include <klib/rc.h>
#include <string.h> /* strcmp */
#include <assert.h>
#include <limits.h> /* PATH_MAX */
#ifndef PATH_MAX
#define PATH_MAX 4096
#endif
#define DISP_RC(rc, msg) (void)((rc == 0) ? 0 : LOGERR(klogInt, rc, msg))
#define RELEASE(type, obj) do { rc_t rc2 = type##Release(obj); \
if (rc2 && !rc) { rc = rc2; } obj = NULL; } while (false)
#if 0
/******************************************************************************/
static
rc_t SetPwd(const char *password, bool no_prompt)
{
rc_t rc = 0;
VFSManager *mgr = NULL;
assert(password);
if (rc == 0) {
rc = VFSManagerMake(&mgr);
DISP_RC(rc, "while calling VFSManagerMake");
}
if (rc == 0) {
char pwd_dir[PATH_MAX] = "";
rc = VFSManagerUpdateKryptoPassword
(mgr, password, strlen(password), pwd_dir, sizeof pwd_dir);
if (rc) {
if (no_prompt) {
LOGERR(klogInt, rc, "while updating the password");
}
else if (rc == SILENT_RC(rcVFS, rcEncryptionKey, rcUpdating,
rcDirectory, rcExcessive))
{
OUTMSG((
"\nSecurity warning:\n"
"Directory \"%s\" has excessive access permissions.\n"
"Run \"chmod 700 %s\" to repair\n"
"or ask your system administrator for assistance.\n",
pwd_dir, pwd_dir));
rc = 0;
}
else if (rc == SILENT_RC(rcVFS, rcEncryptionKey, rcUpdating,
rcSize, rcExcessive))
{
OUTMSG((
"\nError:\n"
"Password is too long.\n"
"Maximum password size is %ld.\n",
VFS_KRYPTO_PASSWORD_MAX_SIZE));
}
else if (rc == SILENT_RC(rcVFS, rcEncryptionKey, rcUpdating,
rcEncryptionKey, rcInvalid))
{
OUTMSG((
"\nError:\n"
"Invalid character in password\n"
"(CR/LF are not allowed)\n"));
}
else if (rc == SILENT_RC(rcVFS, rcEncryptionKey, rcUpdating,
rcPath, rcExcessive))
{
OUTMSG((
"\nError:\n"
"Cannot set the password.\n"
"Path to password file is too long.\n"
"Your configuration should be updated.\n"));
}
else if (rc == SILENT_RC(rcVFS, rcEncryptionKey, rcUpdating,
rcPath, rcIncorrect))
{
OUTMSG((
"\nError:\n"
"Cannot set the password.\n"
"Existing path to password is not a file.\n"
"Your configuration should be updated.\n"));
}
else if (rc == SILENT_RC(rcVFS, rcEncryptionKey, rcUpdating,
rcPath, rcCorrupt))
{
OUTMSG((
"\nError:\n"
"Cannot set the password.\n"
"Unknown file type for configured path/file name.\n"
"Your configuration should be updated.\n"));
}
else if (rc == SILENT_RC(rcVFS, rcEncryptionKey, rcWriting,
rcFile, rcInsufficient))
{
OUTMSG((
"\nError:\n"
"Incomplete writes to temporary password file.\n"
"Cannot set the password.\n"));
}
else {
OUTMSG(("\nCannot set the password. Please consult\n"
"configuration page at\n"
"https://trace.ncbi.nlm.nih.gov/Traces/sra/sra.cgi?view=toolkit_doc&f=std or\n"
"https://github.com/ncbi/sra-tools/wiki/Toolkit-Configuration\n"));
}
}
}
RELEASE(VFSManager, mgr);
return rc;
}
#define PWD_SZ 1024
static
rc_t run(bool quiet)
{
rc_t rc = 0;
char password[PWD_SZ] = "";
bool empty = false;
KWrtHandler handler;
handler.writer = KOutWriterGet();
handler.data = KOutDataGet();
KOutHandlerSetStdErr();
KLogLibHandlerSet(NULL, NULL);
OUTMSG(("Changing password\n"));
#if 1
if (rc == 0) {
int i = 0;
for (i = 0; i < 3 && rc == 0; ++i) {
rc = get_pass("New password:", password, sizeof password);
DISP_RC(rc, "cannot read the password");
if (rc != 0) {
break;
}
if (password[0] == '\0') {
OUTMSG(("BAD PASSWORD: too short\n"));
}
else {
break;
}
}
if (rc == 0 && password[0] == '\0') {
rc = RC(rcExe, rcString, rcReading, rcString, rcIncorrect);
empty = true;
/* LOGERR(klogErr, rc, "failed to set password"); */
}
}
if (rc == 0) {
char repassword[PWD_SZ] = "";
rc = get_pass("Retype new password:", repassword, sizeof repassword);
DISP_RC(rc, "cannot read the password");
if (rc == 0) {
if (strcmp(password, repassword)) {
OUTMSG(("Sorry, passwords do not match.\n"));
rc = RC(rcExe, rcString, rcReading, rcString, rcInconsistent);
/* LOGERR(klogErr, rc, "failed to set password"); */
}
}
}
#else
strcpy(password, "1n2");
#endif
if (rc == 0) {
rc = SetPwd(password, quiet);
}
KOutHandlerSet(handler.writer, handler.data);
if (empty)
{ rc = 0; }
return rc;
}
#endif
#define SL_OPTION "noprompt"
#define SL_ALIAS "n"
static const char *SL_USAGE[]
= { "Do not suggest consulting configuration page at https://trace.ncbi.nlm.nih.gov/Traces/sra/sra.cgi?view=toolkit_doc&f=std or https://github.com/ncbi/sra-tools/wiki/Toolkit-Configuration", NULL };
OptDef Options[] = { { SL_OPTION, SL_ALIAS, NULL, SL_USAGE, 1, false, false } };
const char UsageDefaultName[] = "vdb-passwd";
rc_t CC UsageSummary(const char *progname) {
KOutMsg("Update user's NCBI VDB crypto password\n"
"If not run with --quiet recommendations\n"
"are given if errors are detected.\n"
"\n");
return 0;
}
rc_t CC Usage(const Args *args) {
UsageSummary(UsageDefaultName);
KOutMsg("Options:\n");
HelpOptionsStandard ();
HelpVersion(UsageDefaultName, KAppVersion());
return 0;
}
#if 0
rc_t CC KMain(int argc, char *argv[]) {
Args *args;
rc_t rc; /*, orc; */
rc = ArgsMakeAndHandle(&args, argc, argv, 0);
if (rc == 0)
{
uint32_t pcount;
rc_t orc;
/* non standard use of --quiet */
rc = ArgsOptionCount(args, OPTION_QUIET, &pcount);
if (rc)
LOGERR(klogErr, rc, "error check " OPTION_QUIET " option");
else
rc = run (pcount != 0);
orc = ArgsWhack(args);
if (rc == 0)
rc = orc;
}
return rc;
}
#endif
rc_t CC KMain(int argc, char *argv[]) {
OUTMSG((
"WARNING: vdb-passwd IS OBSOLETE AND SHOULD NOT BE USED.\n"
"\n"
"\n"
"To access dbGaP data you need:\n"
"\n"
"- Make sure you have the latest version of SRA Toolkit installed:\n"
"https://github.com/ncbi/sra-tools/wiki/Downloads\n"
"\n"
"- Have permission to access controlled-access data for a dbGaP project;\n"
"\n"
"- Get dbGaP repository key (ngc file);\n"
"\n"
"- Import the dbGaP repository key to SRA Toolkit.\n"
" It will set up the project's workspace directory.\n"
"\n"
"- Change directory to the project's workspace.\n"
"\n"
"N.B. MAKE SURE YOU DO NOT HAVE A VDB_PWFILE ENVIRONMENT VARIABLE SET !!!\n"
"\n"
"Now you should be able to work with encrypted data.\n"
"The SRA Toolkit will work with encrypted SRA data files,\n"
"there is no need to decrypt the read data.\n"
"\n"
"The complete instructions are:\n"
"https://trace.ncbi.nlm.nih.gov/Traces/sra/sra.cgi?view=toolkit_doc&f=dbgap_use\n"
"\n"
"Send questions/bug reports to sra-tools@ncbi.nlm.nih.gov\n"));
return RC(rcExe, rcProcess, rcExecuting, rcProcess, rcUnsupported);
}
|
