Blame SOURCES/0080-auto-reporting-add-options-to-specify-auth-type.patch

44797e
From 2b16db2fea5552225437ac7d622706b597b7a71d Mon Sep 17 00:00:00 2001
44797e
From: Jakub Filak <jfilak@redhat.com>
44797e
Date: Fri, 19 Dec 2014 00:41:16 +0100
44797e
Subject: [ABRT PATCH 80/82] auto-reporting: add options to specify auth type
44797e
44797e
See abrt-auto-reporting man page for more details about this commit.
44797e
44797e
Related: #1174833
44797e
44797e
Signed-off-by: Jakub Filak <jfilak@redhat.com>
44797e
---
44797e
 doc/abrt-auto-reporting.txt      |  41 ++++++-
44797e
 src/daemon/abrt-auto-reporting.c | 258 ++++++++++++++++++++++++++++++++++++---
44797e
 2 files changed, 280 insertions(+), 19 deletions(-)
44797e
44797e
diff --git a/doc/abrt-auto-reporting.txt b/doc/abrt-auto-reporting.txt
44797e
index 1cc534e..2a27945 100644
44797e
--- a/doc/abrt-auto-reporting.txt
44797e
+++ b/doc/abrt-auto-reporting.txt
44797e
@@ -3,11 +3,14 @@ abrt-auto-reporting(1)
44797e
 
44797e
 NAME
44797e
 ----
44797e
-abrt-auto-reporting - Get or modify a value of the auto reporting option
44797e
+abrt-auto-reporting - Get or modify the auto reporting option values
44797e
 
44797e
 SYNOPSIS
44797e
 --------
44797e
-'abrt-auto-reporting' [-v] [ enabled | yes | 1 | disabled | no | 0 ]
44797e
+'abrt-auto-reporting' [-v] [ enabled | yes | 1 | on | disabled | no | 0 | off ]
44797e
+                      [ [--anonymous] |
44797e
+                        [--username USERNAME [--password PASSWORD] ] |
44797e
+                        [--certificate SOURCE] ]
44797e
 
44797e
 DESCRIPTION
44797e
 -----------
44797e
@@ -23,6 +26,9 @@ process and will be persistent.
44797e
    ABRT uploads an uReport which was generated for a detected problem
44797e
    immediately after the detection phase.
44797e
 
44797e
+Reads and saves the authentication configuration options in
44797e
+/etc/libreport/plugins/ureport.conf and /etc/libreport/plugins/rhtsupport.conf
44797e
+
44797e
 uReport description
44797e
 ~~~~~~~~~~~~~~~~~~~
44797e
 ABRT supports uReports for four types of crashes: crashes of C/C++ programs
44797e
@@ -51,6 +57,14 @@ for kernel oopses::
44797e
     these are list of loaded kernel modules, list of taint flags, and full text
44797e
     of the kernel oops.
44797e
 
44797e
+The authenticated uReports also contains *hostname* and *machineid* to enable a
44797e
+server side filtering at https://access.redhat.com/.
44797e
+
44797e
+The authenticated uReports have the benefit of rich server replies which may
44797e
+include a solution for the submitted crash. The authentication is done using
44797e
+either Red Hat Subscription Certificates or Red Hat Customer Portal
44797e
+credentials.
44797e
+
44797e
 'Warning':
44797e
 The full text of a kernel oops might contain information like the
44797e
 identification of the host hardware type. You should disable the autoreporting
44797e
@@ -62,9 +76,30 @@ OPTIONS
44797e
 -v, --verbose::
44797e
    Be more verbose. Can be given multiple times.
44797e
 
44797e
+-a, --anonymous::
44797e
+   Turns the authentication off by clearing both 'SSLClientAuth' and 'HTTPAuth'
44797e
+   configuration options in /etc/libreport/plugins/ureport.conf
44797e
+
44797e
+-u, --username USERNAME::
44797e
+   Turns HTTP Authentication on by setting 'HTTPAuth' configuration option to
44797e
+   *rhts-credentials* in /etc/libreport/plugins/ureport.conf and storing
44797e
+   USERNAME and PASSWORD in /etc/libreport/plugins/rhtsupport.conf
44797e
+   Also turns the SSL Client Authentication off, because these methods cannot
44797e
+   be used together.
44797e
+
44797e
+-p, --password PASSWORD::
44797e
+   Password for HTTP Authentication. If not provided, a prompt asking for it
44797e
+   will be issued.
44797e
+
44797e
+-c, --certificate SOURCE::
44797e
+   Turns SSL Client Authentication on by setting 'SSLClientAuth' configuration
44797e
+   option to SOURCE in /etc/libreport/plugins/ureport.conf.
44797e
+   Also turns the HTTP Authentication off, because these methods cannot
44797e
+   be used together.
44797e
+
44797e
 SEE ALSO
44797e
 --------
44797e
-abrt.conf(5)
44797e
+abrt.conf(5), ureport.conf(5), rhtsupport.conf(5)
44797e
 
44797e
 AUTHORS
44797e
 -------
44797e
diff --git a/src/daemon/abrt-auto-reporting.c b/src/daemon/abrt-auto-reporting.c
44797e
index 0909bed..f50c4c2 100644
44797e
--- a/src/daemon/abrt-auto-reporting.c
44797e
+++ b/src/daemon/abrt-auto-reporting.c
44797e
@@ -17,6 +17,7 @@
44797e
 */
44797e
 
44797e
 #include "libabrt.h"
44797e
+#include "client.h"
44797e
 
44797e
 #include <stdio.h>
44797e
 
44797e
@@ -26,13 +27,24 @@
44797e
 #define STATE_MANUAL "disabled"
44797e
 #define STATE_AUTO "enabled"
44797e
 
44797e
-const char *const REPORTING_STATES[6][2] = {
44797e
+#define RHTS_NAME "rhtsupport.conf"
44797e
+#define RHTS_USERNAME_OPTION "Login"
44797e
+#define RHTS_PASSWORD_OPTION "Password"
44797e
+
44797e
+#define UREPORT_NAME "ureport.conf"
44797e
+#define UREPORT_HTTP_AUTH_OPTION "HTTPAuth"
44797e
+#define UREPORT_CLIENT_AUTH_OPTION "SSLClientAuth"
44797e
+#define UREPORT_RTHS_CREDENTIALS_AUTH "rhts-credentials"
44797e
+
44797e
+const char *const REPORTING_STATES[8][2] = {
44797e
     {STATE_MANUAL, "no" },
44797e
     {STATE_AUTO,   "yes"},
44797e
     {"no",         "no" },
44797e
     {"yes",        "yes"},
44797e
     {"0",          "no" },
44797e
     {"1",          "yes"},
44797e
+    {"off",        "no" },
44797e
+    {"on",         "yes"},
44797e
 };
44797e
 
44797e
 static int
44797e
@@ -52,6 +64,77 @@ set_abrt_reporting(map_string_t *conf, const char *opt_value)
44797e
     return 1;
44797e
 }
44797e
 
44797e
+static int
44797e
+set_ureport_http_auth(map_string_t *conf, const char *opt_value)
44797e
+{
44797e
+    const char *const cur_value = get_map_string_item_or_NULL(conf, UREPORT_HTTP_AUTH_OPTION);
44797e
+
44797e
+    if (cur_value == NULL || strcmp(cur_value, opt_value) != 0)
44797e
+    {
44797e
+        replace_map_string_item(conf, xstrdup(UREPORT_HTTP_AUTH_OPTION), xstrdup(opt_value));
44797e
+        remove_map_string_item(conf, UREPORT_CLIENT_AUTH_OPTION);
44797e
+
44797e
+        return save_plugin_conf_file(UREPORT_NAME, conf);
44797e
+    }
44797e
+
44797e
+    /* No changes needed -> success */
44797e
+    return 1;
44797e
+}
44797e
+
44797e
+static int
44797e
+set_ureport_client_auth(map_string_t *conf, const char *opt_value)
44797e
+{
44797e
+    const char *const cur_value = get_map_string_item_or_NULL(conf, UREPORT_CLIENT_AUTH_OPTION);
44797e
+
44797e
+    if (cur_value == NULL || strcmp(cur_value, opt_value) != 0)
44797e
+    {
44797e
+        replace_map_string_item(conf, xstrdup(UREPORT_CLIENT_AUTH_OPTION), xstrdup(opt_value));
44797e
+        remove_map_string_item(conf, UREPORT_HTTP_AUTH_OPTION);
44797e
+
44797e
+        return save_plugin_conf_file(UREPORT_NAME, conf);
44797e
+    }
44797e
+
44797e
+    /* No changes needed -> success */
44797e
+    return 1;
44797e
+}
44797e
+
44797e
+static int
44797e
+clear_ureport_auth(map_string_t *conf)
44797e
+{
44797e
+    const char *const http_cur_value = get_map_string_item_or_NULL(conf, UREPORT_HTTP_AUTH_OPTION);
44797e
+    const char *const ssl_cur_value = get_map_string_item_or_NULL(conf, UREPORT_CLIENT_AUTH_OPTION);
44797e
+
44797e
+    if (http_cur_value != NULL || ssl_cur_value != NULL)
44797e
+    {
44797e
+        remove_map_string_item(conf, UREPORT_HTTP_AUTH_OPTION);
44797e
+        remove_map_string_item(conf, UREPORT_CLIENT_AUTH_OPTION);
44797e
+
44797e
+        return save_plugin_conf_file(UREPORT_NAME, conf);
44797e
+    }
44797e
+
44797e
+    /* No changes needed -> success */
44797e
+    return 1;
44797e
+}
44797e
+
44797e
+static int
44797e
+set_rhts_credentials(map_string_t *conf, const char *username, const char *password)
44797e
+{
44797e
+    const char *const username_cur_value = get_map_string_item_or_NULL(conf, RHTS_USERNAME_OPTION);
44797e
+    const char *const password_cur_value = get_map_string_item_or_NULL(conf, RHTS_PASSWORD_OPTION);
44797e
+
44797e
+    if (  (username_cur_value == NULL || strcmp(username_cur_value, username) != 0)
44797e
+       || (password_cur_value == NULL || strcmp(password_cur_value, password) != 0))
44797e
+    {
44797e
+        replace_map_string_item(conf, xstrdup(RHTS_USERNAME_OPTION), xstrdup(username));
44797e
+        replace_map_string_item(conf, xstrdup(RHTS_PASSWORD_OPTION), xstrdup(password));
44797e
+
44797e
+        return save_plugin_conf_file(RHTS_NAME, conf);
44797e
+    }
44797e
+
44797e
+    /* No changes needed -> success */
44797e
+    return 1;
44797e
+}
44797e
+
44797e
 static const char *
44797e
 get_abrt_reporting(map_string_t *conf)
44797e
 {
44797e
@@ -60,6 +143,18 @@ get_abrt_reporting(map_string_t *conf)
44797e
     return REPORTING_STATES[index][0];
44797e
 }
44797e
 
44797e
+static const char *
44797e
+get_ureport_http_auth(map_string_t *conf)
44797e
+{
44797e
+    return get_map_string_item_or_NULL(conf, UREPORT_HTTP_AUTH_OPTION);
44797e
+}
44797e
+
44797e
+static const char *
44797e
+get_ureport_client_auth(map_string_t *conf)
44797e
+{
44797e
+    return get_map_string_item_or_NULL(conf, UREPORT_CLIENT_AUTH_OPTION);
44797e
+}
44797e
+
44797e
 int main(int argc, char *argv[])
44797e
 {
44797e
     setlocale(LC_ALL, "");
44797e
@@ -78,7 +173,8 @@ int main(int argc, char *argv[])
44797e
 
44797e
     abrt_init(argv);
44797e
     const char *program_usage_string = _(
44797e
-            "& [ "STATE_MANUAL" | "STATE_AUTO" | yes | no | 1 | 0 ]\n"
44797e
+            "& [ "STATE_MANUAL" | "STATE_AUTO" | yes | no | 1 | 0 ] \\\n"
44797e
+            "  [[--anonymous] | [--username USERNAME [--password PASSWORD]] | [--certificate SOURCE]]\n"
44797e
             "\n"
44797e
             "Get or modify a value of the auto-reporting option. The changes will take\n"
44797e
             "effect immediately and will be persistent.\n"
44797e
@@ -94,36 +190,72 @@ int main(int argc, char *argv[])
44797e
             "contains identification of the operating system, versions of the RPM packages\n"
44797e
             "involved in the crash, and whether the program ran under a root user.\n"
44797e
             "\n"
44797e
-            "See abrt-auto-reporting(1) for more details.\n"
44797e
+            "See abrt-auto-reporting(1), reporter-ureport(1) and reporter-rhtsupport(1)\n"
44797e
+            "for more details.\n"
44797e
     );
44797e
 
44797e
+    enum {
44797e
+        OPT_v = 1 << 0,
44797e
+        OPT_a = 1 << 1,
44797e
+        OPT_u = 1 << 2,
44797e
+        OPT_p = 1 << 3,
44797e
+        OPT_c = 1 << 4,
44797e
+    };
44797e
+
44797e
+    bool anonymous = false;
44797e
+    const char *username = NULL;
44797e
+    const char *password = NULL;
44797e
+    const char *certificate = NULL;
44797e
+
44797e
     /* Keep enum above and order of options below in sync! */
44797e
     struct options program_options[] = {
44797e
         OPT__VERBOSE(&g_verbose),
44797e
+        OPT_BOOL  (  'a', "anonymous",   &anonymous,               _("Turns the authentication off")),
44797e
+        OPT_STRING(  'u', "username",    &username,    "USERNAME", _("Red Hat Support user name")),
44797e
+        OPT_STRING(  'p', "password",    &password,    "PASSWORD", _("Red Hat Support password, if not given, a prompt for it will be issued")),
44797e
+        OPT_STRING(  'c', "certificate", &certificate, "SOURCE",   _("uReport SSL certificate paths or certificate type")),
44797e
         OPT_END()
44797e
     };
44797e
 
44797e
-    const unsigned optind = parse_opts(argc, argv, program_options, program_usage_string);
44797e
+    const unsigned opts = parse_opts(argc, argv, program_options, program_usage_string);
44797e
 
44797e
     argv += optind;
44797e
     argc -= optind;
44797e
 
44797e
-    if (argc > 2)
44797e
+    if ((opts & OPT_p) && !(opts & OPT_u))
44797e
     {
44797e
-        error_msg(_("Invalid number of arguments"));
44797e
+        error_msg(_("You also need to specify --username for --password"));
44797e
         show_usage_and_die(program_usage_string, program_options);
44797e
     }
44797e
 
44797e
-    int exit_code = EXIT_FAILURE;
44797e
+    if ((opts & OPT_u) && (opts & OPT_c))
44797e
+    {
44797e
+        error_msg(_("You can use either --username or --certificate"));
44797e
+        show_usage_and_die(program_usage_string, program_options);
44797e
+    }
44797e
 
44797e
-    map_string_t *conf = new_map_string();
44797e
-    if (!load_abrt_conf_file(CONF_NAME, conf))
44797e
-        goto finito;
44797e
+    if ((opts & OPT_u) && (opts & OPT_a))
44797e
+    {
44797e
+        error_msg(_("You can use either --username or --anonymous"));
44797e
+        show_usage_and_die(program_usage_string, program_options);
44797e
+    }
44797e
+
44797e
+    if ((opts & OPT_a) && (opts & OPT_c))
44797e
+    {
44797e
+        error_msg(_("You can use either --anonymous or --certificate"));
44797e
+        show_usage_and_die(program_usage_string, program_options);
44797e
+    }
44797e
+
44797e
+    if (argc > 1)
44797e
+    {
44797e
+        error_msg(_("Invalid number of arguments"));
44797e
+        show_usage_and_die(program_usage_string, program_options);
44797e
+    }
44797e
 
44797e
-    if (argc == 2)
44797e
+    const char *opt_value = NULL;
44797e
+    if (argc == 1)
44797e
     {
44797e
-        const char *const new_value = argv[1];
44797e
-        const char *opt_value = NULL;
44797e
+        const char *const new_value = argv[0];
44797e
         for (int i = 0; i < sizeof(REPORTING_STATES)/sizeof(REPORTING_STATES[0]); ++i)
44797e
         {
44797e
             if (strcasecmp(new_value, REPORTING_STATES[i][0]) == 0)
44797e
@@ -138,15 +270,109 @@ int main(int argc, char *argv[])
44797e
             error_msg(_("Unknown option value: '%s'\n"), new_value);
44797e
             show_usage_and_die(program_usage_string, program_options);
44797e
         }
44797e
+    }
44797e
+
44797e
+    int exit_code = EXIT_FAILURE;
44797e
+
44797e
+    map_string_t *conf = new_map_string();
44797e
+    map_string_t *rhts_conf = new_map_string();
44797e
+    map_string_t *rhts_conf_bck = NULL;
44797e
+    map_string_t *ureport_conf = new_map_string();
44797e
+    map_string_t *ureport_conf_bck = NULL;
44797e
+
44797e
+    if (!load_abrt_conf_file(CONF_NAME, conf))
44797e
+        goto finito;
44797e
 
44797e
-        exit_code = set_abrt_reporting(conf, opt_value) ? EXIT_SUCCESS : EXIT_FAILURE;
44797e
+    if (!load_plugin_conf_file(RHTS_NAME, rhts_conf, false))
44797e
         goto finito;
44797e
+
44797e
+    if (!load_plugin_conf_file(UREPORT_NAME, ureport_conf, false))
44797e
+        goto finito;
44797e
+
44797e
+    if ((opts & OPT_a))
44797e
+    {
44797e
+        ureport_conf_bck = clone_map_string(ureport_conf);
44797e
+
44797e
+        if (!clear_ureport_auth(ureport_conf))
44797e
+            goto finito;
44797e
+    }
44797e
+
44797e
+    if ((opts & OPT_u))
44797e
+    {
44797e
+        char *tmp_password = NULL;
44797e
+        if (!(opts & OPT_p))
44797e
+        {
44797e
+            password = tmp_password = ask_password(_("Password:"));
44797e
+            if (tmp_password == NULL)
44797e
+            {
44797e
+                error_msg(_("Cannot continue without password\n"));
44797e
+                goto finito;
44797e
+            }
44797e
+        }
44797e
+
44797e
+        ureport_conf_bck = clone_map_string(ureport_conf);
44797e
+
44797e
+        if (!set_ureport_http_auth(ureport_conf, UREPORT_RTHS_CREDENTIALS_AUTH))
44797e
+            goto finito;
44797e
+
44797e
+        rhts_conf_bck = clone_map_string(rhts_conf);
44797e
+
44797e
+        if (!set_rhts_credentials(rhts_conf, username, password))
44797e
+        {
44797e
+            save_plugin_conf_file(UREPORT_NAME, ureport_conf_bck);
44797e
+            goto finito;
44797e
+        }
44797e
+
44797e
+        free(tmp_password);
44797e
+    }
44797e
+
44797e
+    if ((opts & OPT_c))
44797e
+    {
44797e
+        ureport_conf_bck = clone_map_string(ureport_conf);
44797e
+
44797e
+        if (!set_ureport_client_auth(ureport_conf, certificate))
44797e
+            goto finito;
44797e
+    }
44797e
+
44797e
+    if (argc == 0)
44797e
+    {
44797e
+        printf("%s", get_abrt_reporting(conf));
44797e
+        exit_code = EXIT_SUCCESS;
44797e
+
44797e
+        if (g_verbose >= 1)
44797e
+        {
44797e
+            const char *tmp = get_ureport_http_auth(ureport_conf);
44797e
+            if (tmp != NULL)
44797e
+                /* Print only the part before ':' of a string like "username:password" */
44797e
+                printf(" %s (%*s)", _("HTTP Authenticated auto reporting"), (int)(strchrnul(tmp, ':') - tmp), tmp);
44797e
+            else if ((tmp = get_ureport_client_auth(ureport_conf)) != NULL)
44797e
+                printf(" %s (%s)", _("SSL Client Authenticated auto reporting"), tmp);
44797e
+            else
44797e
+                printf(" %s", _("anonymous auto reporting"));
44797e
+        }
44797e
+
44797e
+        putchar('\n');
44797e
+
44797e
+        goto finito;
44797e
+    }
44797e
+
44797e
+    exit_code = set_abrt_reporting(conf, opt_value) ? EXIT_SUCCESS : EXIT_FAILURE;
44797e
+
44797e
+    if (exit_code == EXIT_FAILURE)
44797e
+    {
44797e
+        if (ureport_conf_bck != NULL)
44797e
+            save_plugin_conf_file(UREPORT_NAME, ureport_conf_bck);
44797e
+
44797e
+        if (rhts_conf_bck != NULL)
44797e
+            save_plugin_conf_file(RHTS_NAME, rhts_conf_bck);
44797e
     }
44797e
 
44797e
-    printf("%s\n", get_abrt_reporting(conf));
44797e
-    exit_code = EXIT_SUCCESS;
44797e
 
44797e
 finito:
44797e
+    free_map_string(ureport_conf);
44797e
+    free_map_string(ureport_conf_bck);
44797e
+    free_map_string(rhts_conf);
44797e
+    free_map_string(rhts_conf_bck);
44797e
     free_map_string(conf);
44797e
     return exit_code;
44797e
 }
44797e
-- 
44797e
1.8.3.1
44797e