summaryrefslogtreecommitdiffstats
path: root/src/plugins/mail-crypt/doveadm-mail-crypt.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/plugins/mail-crypt/doveadm-mail-crypt.c')
-rw-r--r--src/plugins/mail-crypt/doveadm-mail-crypt.c1048
1 files changed, 1048 insertions, 0 deletions
diff --git a/src/plugins/mail-crypt/doveadm-mail-crypt.c b/src/plugins/mail-crypt/doveadm-mail-crypt.c
new file mode 100644
index 0000000..a4322ed
--- /dev/null
+++ b/src/plugins/mail-crypt/doveadm-mail-crypt.c
@@ -0,0 +1,1048 @@
+/* Copyright (c) 2015-2018 Dovecot authors, see the included COPYING file */
+
+#include "lib.h"
+#include "askpass.h"
+#include "doveadm-mail.h"
+#include "getopt.h"
+#include "array.h"
+#include "str.h"
+#include "buffer.h"
+#include "ioloop.h"
+#include "ioloop-private.h"
+#include "mail-namespace.h"
+#include "mail-storage.h"
+#include "mail-storage-settings.h"
+#include "mailbox-attribute.h"
+#include "mail-crypt-common.h"
+#include "mail-crypt-key.h"
+#include "mailbox-list-iter.h"
+#include "doveadm-print.h"
+#include "hex-binary.h"
+
+#define DOVEADM_MCP_SUCCESS "\xE2\x9C\x93" /* emits a utf-8 CHECK MARK (U+2713) */
+#define DOVEADM_MCP_FAIL "x"
+#define DOVEADM_MCP_USERKEY "<userkey>"
+
+struct generated_key {
+ const char *name;
+ const char *id;
+ const char *error;
+ struct mailbox *box;
+ bool success:1;
+ bool active:1;
+};
+
+ARRAY_DEFINE_TYPE(generated_keys, struct generated_key);
+
+struct mcp_cmd_context {
+ struct doveadm_mail_cmd_context ctx;
+
+ const char *old_password;
+ const char *new_password;
+
+ unsigned int matched_keys;
+
+ bool userkey_only:1;
+ bool recrypt_box_keys:1;
+ bool force:1;
+ bool ask_old_password:1;
+ bool ask_new_password:1;
+ bool clear_password:1;
+};
+
+struct mcp_key_iter_ctx {
+ pool_t pool;
+ ARRAY_TYPE(generated_keys) keys;
+};
+
+void doveadm_mail_crypt_plugin_init(struct module *mod ATTR_UNUSED);
+void doveadm_mail_crypt_plugin_deinit(void);
+
+static int
+mcp_user_create(struct mail_user *user, const char *dest_username,
+ struct mail_user **dest_user_r,
+ struct mail_storage_service_user **dest_service_user_r,
+ const char **error_r)
+{
+ const struct mail_storage_service_input *old_input;
+ struct mail_storage_service_input input;
+ struct mail_storage_service_ctx *service_ctx;
+ struct ioloop_context *cur_ioloop_ctx;
+
+ int ret;
+
+ i_assert(user->_service_user != NULL);
+ service_ctx = mail_storage_service_user_get_service_ctx(user->_service_user);
+ old_input = mail_storage_service_user_get_input(user->_service_user);
+
+ if ((cur_ioloop_ctx = io_loop_get_current_context(current_ioloop)) != NULL)
+ io_loop_context_deactivate(cur_ioloop_ctx);
+
+ i_zero(&input);
+ input.module = old_input->module;
+ input.service = old_input->service;
+ input.username = dest_username;
+ input.session_id_prefix = user->session_id;
+ input.flags_override_add = MAIL_STORAGE_SERVICE_FLAG_NO_PLUGINS |
+ MAIL_STORAGE_SERVICE_FLAG_NO_LOG_INIT;
+
+ ret = mail_storage_service_lookup_next(service_ctx, &input,
+ dest_service_user_r,
+ dest_user_r, error_r);
+
+ if (ret == 0)
+ *error_r = "User not found";
+
+ return ret;
+}
+
+static int
+mcp_update_shared_key(struct mailbox_transaction_context *t,
+ struct mail_user *user, const char *target_uid,
+ struct dcrypt_private_key *key, const char **error_r)
+{
+ const char *error;
+ struct mail_user *dest_user;
+ struct mail_storage_service_user *dest_service_user;
+ struct ioloop_context *cur_ioloop_ctx;
+ struct dcrypt_public_key *pkey;
+ const char *dest_username;
+ int ret = 0;
+
+ bool disallow_insecure = mail_crypt_acl_secure_sharing_enabled(user);
+
+ ret = mcp_user_create(user, target_uid, &dest_user,
+ &dest_service_user, &error);
+
+ /* to make sure we get correct logging context */
+ if (ret > 0)
+ mail_storage_service_io_deactivate_user(dest_service_user);
+ mail_storage_service_io_activate_user(user->_service_user);
+
+ if (ret <= 0) {
+ i_error("Cannot initialize destination user %s: %s",
+ target_uid, error);
+ return ret;
+ } else {
+ i_assert(dest_user != NULL);
+ dest_username = dest_user->username;
+
+ /* get public key from target user */
+ if ((ret = mail_crypt_user_get_public_key(dest_user,
+ &pkey, error_r)) <= 0) {
+ if (ret == 0 && disallow_insecure) {
+ *error_r = t_strdup_printf("User %s has no active public key",
+ dest_user->username);
+ ret = -1;
+ } else if (ret == 0) {
+ /* perform insecure sharing */
+ dest_username = NULL;
+ pkey = NULL;
+ ret = 1;
+ }
+ }
+
+ if (ret == 1) {
+ ARRAY_TYPE(dcrypt_private_key) keys;
+ t_array_init(&keys, 1);
+ array_push_back(&keys, &key);
+ ret = mail_crypt_box_share_private_keys(t, pkey,
+ dest_username,
+ &keys, error_r);
+ }
+
+ }
+
+ /* logging context swap again */
+ mail_storage_service_io_deactivate_user(user->_service_user);
+ mail_storage_service_io_activate_user(dest_service_user);
+
+ mail_user_deinit(&dest_user);
+ mail_storage_service_user_unref(&dest_service_user);
+
+ if ((cur_ioloop_ctx = io_loop_get_current_context(current_ioloop)) != NULL)
+ io_loop_context_deactivate(cur_ioloop_ctx);
+
+ mail_storage_service_io_activate_user(user->_service_user);
+
+ return ret;
+}
+
+static int mcp_update_shared_keys(struct doveadm_mail_cmd_context *ctx,
+ struct mailbox *box, struct mail_user *user,
+ const char *pubid, struct dcrypt_private_key *key)
+{
+ const char *error;
+ int ret;
+
+ ARRAY_TYPE(const_string) ids;
+ t_array_init(&ids, 8);
+
+ /* figure out who needs the key */
+ if (mail_crypt_box_get_pvt_digests(box, pool_datastack_create(),
+ MAIL_ATTRIBUTE_TYPE_SHARED,
+ &ids, &error) < 0) {
+ i_error("mail_crypt_box_get_pvt_digests(%s, /shared) failed: %s",
+ mailbox_get_vname(box),
+ error);
+ return -1;
+ }
+
+ const char *id;
+ bool found = FALSE;
+ string_t *uid = t_str_new(64);
+
+ struct mailbox_transaction_context *t =
+ mailbox_transaction_begin(box, ctx->transaction_flags, __func__);
+
+ ret = 0;
+
+ /* then perform sharing */
+ array_foreach_elem(&ids, id) {
+ if (strchr(id, '/') != NULL) {
+ str_truncate(uid, 0);
+ const char *hexuid = t_strcut(id, '/');
+ hex_to_binary(hexuid, uid);
+ if (mcp_update_shared_key(t, user, str_c(uid), key,
+ &error) < 0) {
+ i_error("mcp_update_shared_key(%s, %s) failed: %s",
+ mailbox_get_vname(box),
+ str_c(uid),
+ error);
+ ret = -1;
+ break;
+ }
+ } else if (!found) {
+ found = TRUE;
+ if (mail_crypt_box_set_shared_key(t, pubid, key,
+ NULL, NULL,
+ &error) < 0) {
+ i_error("mail_crypt_box_set_shared_key(%s) failed: %s",
+ mailbox_get_vname(box),
+ error);
+ ret = -1;
+ break;
+ }
+ }
+ }
+
+ if (ret < 0) {
+ mailbox_transaction_rollback(&t);
+ } else if (mailbox_transaction_commit(&t) < 0) {
+ i_error("mailbox_transaction_commit(%s) failed: %s",
+ mailbox_get_vname(box),
+ error);
+ ret = -1;
+ }
+
+ return ret;
+}
+
+static int mcp_keypair_generate(struct mcp_cmd_context *ctx,
+ struct dcrypt_public_key *user_key,
+ struct mailbox *box, struct dcrypt_keypair *pair_r,
+ const char **pubid_r, const char **error_r)
+{
+ struct dcrypt_keypair pair = {NULL, NULL};
+
+ int ret;
+
+ if ((ret = mail_crypt_box_get_public_key(box, &pair.pub, error_r)) < 0) {
+ ret = -1;
+ } else if (ret == 1 && !ctx->force) {
+ i_info("Folder key exists. Use -f to generate a new one");
+ buffer_t *key_id = t_str_new(MAIL_CRYPT_HASH_BUF_SIZE);
+ const char *error;
+ if (!dcrypt_key_id_public(pair.pub,
+ MAIL_CRYPT_KEY_ID_ALGORITHM,
+ key_id, &error)) {
+ i_error("dcrypt_key_id_public() failed: %s",
+ error);
+ return -1;
+ }
+ *pubid_r = p_strdup(ctx->ctx.pool, binary_to_hex(key_id->data,
+ key_id->used));
+ *pair_r = pair;
+ return 1;
+ } else if (ret == 1 && ctx->recrypt_box_keys) {
+ /* do nothing, because force isn't being used *OR*
+ we are recrypting box keys and force refers to
+ user keypair.
+
+ FIXME: this could be less confusing altogether */
+ ret = 0;
+ } else {
+ if (mail_crypt_box_generate_keypair(box, &pair, user_key,
+ pubid_r, error_r) < 0) {
+ ret = -1;
+ } else {
+ *pubid_r = p_strdup(ctx->ctx.pool, *pubid_r);
+ *pair_r = pair;
+ return 1;
+ }
+ }
+
+ if (pair.pub != NULL)
+ dcrypt_key_unref_public(&pair.pub);
+ if (pair.priv != NULL)
+ dcrypt_key_unref_private(&pair.priv);
+
+ return ret;
+}
+
+static int mcp_keypair_generate_run(struct doveadm_mail_cmd_context *_ctx,
+ struct mail_user *user,
+ ARRAY_TYPE(generated_keys) *result)
+{
+ const char *error;
+ int ret;
+ struct dcrypt_public_key *user_key;
+ struct mcp_cmd_context *ctx =
+ (struct mcp_cmd_context *)_ctx;
+ const char *pubid;
+ bool user_key_generated = FALSE;
+ struct generated_key *res;
+
+ if ((ret = mail_crypt_user_get_public_key(user, &user_key,
+ &error)) <= 0) {
+ struct dcrypt_keypair pair;
+ if (ret < 0) {
+ i_error("mail_crypt_user_get_public_key(%s) failed: %s",
+ user->username,
+ error);
+ } else if (mail_crypt_user_generate_keypair(user, &pair,
+ &pubid, &error) < 0) {
+ ret = -1;
+ i_error("mail_crypt_user_generate_keypair(%s) failed: %s",
+ user->username,
+ error);
+ res = array_append_space(result);
+ res->name = "";
+ res->error = p_strdup(_ctx->pool, error);
+ res->success = FALSE;
+ } else {
+ res = array_append_space(result);
+ res->name = DOVEADM_MCP_USERKEY;
+ res->id = p_strdup(_ctx->pool, pubid);
+ res->success = TRUE;
+ /* don't do it again later on */
+ user_key_generated = TRUE;
+ ret = 1;
+ user_key = pair.pub;
+ dcrypt_key_unref_private(&pair.priv);
+ }
+ if (ret < 0) return ret;
+ ctx->matched_keys++;
+ }
+ if (ret == 1 && ctx->userkey_only && !user_key_generated) {
+ if (!ctx->force) {
+ i_info("userkey exists. Use -f to generate a new one");
+ buffer_t *key_id = t_str_new(MAIL_CRYPT_HASH_BUF_SIZE);
+ if (!dcrypt_key_id_public(user_key,
+ MAIL_CRYPT_KEY_ID_ALGORITHM,
+ key_id, &error)) {
+ i_error("dcrypt_key_id_public() failed: %s",
+ error);
+ dcrypt_key_unref_public(&user_key);
+ return -1;
+ }
+ const char *hash = binary_to_hex(key_id->data,
+ key_id->used);
+ res = array_append_space(result);
+ res->name = DOVEADM_MCP_USERKEY;
+ res->id = p_strdup(_ctx->pool, hash);
+ res->success = TRUE;
+ ctx->matched_keys++;
+ dcrypt_key_unref_public(&user_key);
+ return 1;
+ }
+ struct dcrypt_keypair pair;
+ dcrypt_key_unref_public(&user_key);
+ /* regen user key */
+ res = array_append_space(result);
+ res->name = DOVEADM_MCP_USERKEY;
+ if (mail_crypt_user_generate_keypair(user, &pair, &pubid,
+ &error) < 0) {
+ res->success = FALSE;
+ res->error = p_strdup(_ctx->pool, error);
+ return -1;
+ }
+ res->success = TRUE;
+ res->id = p_strdup(_ctx->pool, pubid);
+ user_key = pair.pub;
+ dcrypt_key_unref_private(&pair.priv);
+ ctx->matched_keys++;
+ }
+
+ if (ctx->userkey_only) {
+ dcrypt_key_unref_public(&user_key);
+ return 0;
+ }
+
+ const char *const *patterns = (const char *const[]){ "*", NULL };
+
+ /* only re-encrypt all folder keys if wanted */
+ if (!ctx->recrypt_box_keys) {
+ patterns = ctx->ctx.args;
+ }
+
+ const struct mailbox_info *info;
+ struct mailbox_list_iterate_context *iter =
+ mailbox_list_iter_init_namespaces(user->namespaces,
+ patterns,
+ MAIL_NAMESPACE_TYPE_PRIVATE,
+ MAILBOX_LIST_ITER_SKIP_ALIASES |
+ MAILBOX_LIST_ITER_NO_AUTO_BOXES |
+ MAILBOX_LIST_ITER_RETURN_NO_FLAGS);
+ while((info = mailbox_list_iter_next(iter)) != NULL) {
+ if ((info->flags & MAILBOX_NOSELECT) != 0 ||
+ (info->flags & MAILBOX_NONEXISTENT) != 0) continue;
+ struct dcrypt_keypair pair;
+
+ struct mailbox *box =
+ mailbox_alloc(info->ns->list,
+ info->vname, 0);
+ if (mailbox_open(box) < 0) {
+ res = array_append_space(result);
+ res->name = p_strdup(_ctx->pool, info->vname);
+ res->success = FALSE;
+ res->error = p_strdup(_ctx->pool,
+ mailbox_get_last_internal_error(box, NULL));
+ } else if ((ret = mcp_keypair_generate(ctx, user_key, box,
+ &pair, &pubid,
+ &error)) < 0) {
+ res = array_append_space(result);
+ res->name = p_strdup(_ctx->pool, info->vname);
+ res->success = FALSE;
+ res->error = p_strdup(_ctx->pool, error);
+ } else if (ret == 0) {
+ /* nothing happened because key already existed and
+ force wasn't used, skip */
+ } else if (ret > 0) {
+ res = array_append_space(result);
+ res->name = p_strdup(_ctx->pool, info->vname);
+ res->success = TRUE;
+ res->id = pubid;
+ T_BEGIN {
+ mcp_update_shared_keys(&ctx->ctx, box, user,
+ pubid, pair.priv);
+ } T_END;
+ if (pair.pub != NULL)
+ dcrypt_key_unref_public(&pair.pub);
+ if (pair.priv != NULL)
+ dcrypt_key_unref_private(&pair.priv);
+ ctx->matched_keys++;
+ }
+ mailbox_free(&box);
+ }
+
+ (void)mailbox_list_iter_deinit(&iter);
+
+ dcrypt_key_unref_public(&user_key);
+ return 0;
+}
+
+static int cmd_mcp_keypair_generate_run(struct doveadm_mail_cmd_context *_ctx,
+ struct mail_user *user)
+{
+ struct mcp_cmd_context *ctx =
+ (struct mcp_cmd_context *)_ctx;
+
+ int ret = 0;
+
+ ARRAY_TYPE(generated_keys) result;
+ p_array_init(&result, _ctx->pool, 8);
+
+ if (mcp_keypair_generate_run(_ctx, user, &result) < 0)
+ _ctx->exit_code = EX_DATAERR;
+
+ doveadm_print_init(DOVEADM_PRINT_TYPE_TABLE);
+ doveadm_print_header("success", " ", 0);
+ doveadm_print_header("box", "Folder", 0);
+ doveadm_print_header("pubid", "Public ID", 0);
+
+ const struct generated_key *res;
+
+ array_foreach(&result, res) {
+ if (res->success)
+ doveadm_print(DOVEADM_MCP_SUCCESS);
+ else {
+ _ctx->exit_code = EX_DATAERR;
+ ret = -1;
+ doveadm_print(DOVEADM_MCP_FAIL);
+ }
+ doveadm_print(res->name);
+ if (!res->success)
+ doveadm_print(t_strdup_printf("ERROR: %s", res->error));
+ else
+ doveadm_print(res->id);
+ }
+
+ if (ctx->matched_keys == 0)
+ i_warning("mailbox cryptokey generate: Nothing was matched. "
+ "Use -U or specify mask?");
+ return ret;
+}
+
+static void mcp_key_list(struct mcp_cmd_context *ctx,
+ struct mail_user *user,
+ void(*callback)(const struct generated_key *, void *),
+ void *context)
+{
+ const char *error;
+
+ /* we need to use the mailbox attribute API here, as we
+ are not necessarily able to decrypt any of these keys
+ */
+
+ ARRAY_TYPE(const_string) ids;
+ t_array_init(&ids, 8);
+
+ if (ctx->userkey_only) {
+ struct mailbox_attribute_iter *iter;
+ struct mail_namespace *ns =
+ mail_namespace_find_inbox(user->namespaces);
+ struct mailbox *box =
+ mailbox_alloc(ns->list, "INBOX", MAILBOX_FLAG_READONLY);
+ struct mail_attribute_value value;
+ i_zero(&value);
+
+ if (mailbox_attribute_get(box, MAIL_ATTRIBUTE_TYPE_SHARED,
+ USER_CRYPT_PREFIX ACTIVE_KEY_NAME,
+ &value) < 0) {
+ i_error("mailbox_get_attribute(%s, %s) failed: %s",
+ mailbox_get_vname(box),
+ USER_CRYPT_PREFIX ACTIVE_KEY_NAME,
+ mailbox_get_last_internal_error(box, NULL));
+ }
+
+ iter = mailbox_attribute_iter_init(box,
+ MAIL_ATTRIBUTE_TYPE_PRIVATE,
+ USER_CRYPT_PREFIX
+ PRIVKEYS_PREFIX);
+ const char *key_id;
+ if (value.value == NULL)
+ value.value = "<NO ACTIVE KEY>";
+ while ((key_id = mailbox_attribute_iter_next(iter)) != NULL) {
+ struct generated_key key;
+ key.id = key_id;
+ key.active = strcmp(value.value, key_id) == 0;
+ key.name = "";
+ key.box = box;
+ callback(&key, context);
+ ctx->matched_keys++;
+ }
+ if (mailbox_attribute_iter_deinit(&iter) < 0)
+ i_error("mailbox_attribute_iter_deinit(%s) failed: %s",
+ mailbox_get_vname(box),
+ mailbox_get_last_internal_error(box, NULL));
+ mailbox_free(&box);
+ return;
+ }
+
+ const struct mailbox_info *info;
+ struct mailbox_list_iterate_context *iter =
+ mailbox_list_iter_init_namespaces(user->namespaces,
+ ctx->ctx.args,
+ MAIL_NAMESPACE_TYPE_PRIVATE,
+ MAILBOX_LIST_ITER_SKIP_ALIASES |
+ MAILBOX_LIST_ITER_NO_AUTO_BOXES |
+ MAILBOX_LIST_ITER_RETURN_NO_FLAGS);
+
+ while((info = mailbox_list_iter_next(iter)) != NULL) {
+ if ((info->flags & MAILBOX_NOSELECT) != 0 ||
+ (info->flags & MAILBOX_NONEXISTENT) != 0) continue;
+
+ struct mailbox *box =
+ mailbox_alloc(info->ns->list,
+ info->vname, MAILBOX_FLAG_READONLY);
+ struct mail_attribute_value value;
+ i_zero(&value);
+ array_clear(&ids);
+
+ /* get active ID */
+ if (mailbox_attribute_get(box, MAIL_ATTRIBUTE_TYPE_SHARED,
+ BOX_CRYPT_PREFIX ACTIVE_KEY_NAME,
+ &value) < 0) {
+ i_error("mailbox_get_attribute(%s, %s) failed: %s",
+ mailbox_get_vname(box),
+ BOX_CRYPT_PREFIX ACTIVE_KEY_NAME,
+ mailbox_get_last_internal_error(box, NULL));
+ } else if (mail_crypt_box_get_pvt_digests(box, pool_datastack_create(),
+ MAIL_ATTRIBUTE_TYPE_PRIVATE,
+ &ids, &error) < 0) {
+ i_error("mail_crypt_box_get_pvt_digests(%s) failed: %s",
+ mailbox_get_vname(box),
+ error);
+ } else {
+ const char *id;
+ const char *boxname = mailbox_get_vname(box);
+ if (value.value == NULL)
+ value.value = "<NO ACTIVE KEY>";
+ array_foreach_elem(&ids, id) {
+ struct generated_key key;
+ key.name = boxname;
+ key.id = id;
+ if (value.value != NULL)
+ key.active = strcmp(id, value.value) == 0;
+ else
+ key.active = FALSE;
+ key.box = box;
+ callback(&key, context);
+ ctx->matched_keys++;
+ }
+ }
+ mailbox_free(&box);
+ }
+
+ (void)mailbox_list_iter_deinit(&iter);
+}
+
+static void cmd_mcp_key_list_cb(const struct generated_key *_key, void *context)
+{
+ struct mcp_key_iter_ctx *ctx = context;
+ struct generated_key *key = array_append_space(&ctx->keys);
+ key->name = p_strdup(ctx->pool, _key->name);
+ key->id = p_strdup(ctx->pool, _key->id);
+ key->active = _key->active;
+}
+
+static int cmd_mcp_key_list_run(struct doveadm_mail_cmd_context *_ctx,
+ struct mail_user *user)
+{
+ struct mcp_cmd_context *ctx =
+ (struct mcp_cmd_context *)_ctx;
+ struct mcp_key_iter_ctx iter_ctx;
+ i_zero(&iter_ctx);
+ iter_ctx.pool = _ctx->pool;
+ p_array_init(&iter_ctx.keys, _ctx->pool, 8);
+
+ mcp_key_list(ctx, user, cmd_mcp_key_list_cb, &iter_ctx);
+
+ doveadm_print_init(DOVEADM_PRINT_TYPE_TABLE);
+ doveadm_print_header("box", "Folder", 0);
+ doveadm_print_header("active", "Active", 0);
+ doveadm_print_header("pubid", "Public ID", 0);
+
+ const struct generated_key *key;
+ array_foreach(&iter_ctx.keys, key) {
+ doveadm_print(key->name);
+ doveadm_print(key->active ? "yes" : "no");
+ doveadm_print(key->id);
+ }
+
+ if (ctx->matched_keys == 0)
+ i_warning("mailbox cryptokey list: Nothing was matched. "
+ "Use -U or specify mask?");
+
+ return 0;
+}
+
+static void cmd_mcp_key_export_cb(const struct generated_key *key,
+ void *context ATTR_UNUSED)
+{
+ struct dcrypt_private_key *pkey;
+ bool user_key = FALSE;
+ const char *error = NULL;
+ int ret;
+
+ if (*key->name == '\0')
+ user_key = TRUE;
+
+ doveadm_print(key->name);
+ doveadm_print(key->id);
+
+ if ((ret = mail_crypt_get_private_key(key->box, key->id, user_key, FALSE,
+ &pkey, &error)) <= 0) {
+ if (ret == 0)
+ error = "key not found";
+ doveadm_print(t_strdup_printf("ERROR: %s", error));
+ doveadm_print("");
+ } else {
+ string_t *out = t_str_new(64);
+ if (!dcrypt_key_store_private(pkey, DCRYPT_FORMAT_PEM, NULL, out,
+ NULL, NULL, &error)) {
+ doveadm_print(t_strdup_printf("ERROR: %s", error));
+ doveadm_print("");
+ } else {
+ /* this is to make it more compatible with openssl cli
+ as it expects BEGIN on it's own line */
+ doveadm_print(t_strdup_printf("\n%s", str_c(out)));
+ }
+ dcrypt_key_unref_private(&pkey);
+ }
+}
+
+static int cmd_mcp_key_export_run(struct doveadm_mail_cmd_context *_ctx,
+ struct mail_user *user)
+{
+ struct mcp_cmd_context *ctx =
+ (struct mcp_cmd_context *)_ctx;
+
+ doveadm_print_init(DOVEADM_PRINT_TYPE_PAGER);
+ doveadm_print_header("box", "Folder", 0);
+ doveadm_print_header("name", "Public ID", 0);
+ doveadm_print_header("error", "Error", 0);
+ doveadm_print_header("key", "Key", 0);
+
+ mcp_key_list(ctx, user, cmd_mcp_key_export_cb, NULL);
+
+ return 0;
+}
+
+static int cmd_mcp_key_password_run(struct doveadm_mail_cmd_context *_ctx,
+ struct mail_user *user)
+{
+ struct mcp_cmd_context *ctx =
+ (struct mcp_cmd_context *)_ctx;
+ bool cli = (_ctx->cctx->conn_type == DOVEADM_CONNECTION_TYPE_CLI);
+
+ struct raw_key {
+ const char *attr;
+ const char *id;
+ const char *data;
+ };
+
+ ARRAY(struct raw_key) raw_keys;
+
+ doveadm_print_init(DOVEADM_PRINT_TYPE_PAGER);
+
+ doveadm_print_header_simple("result");
+
+ if (ctx->ask_old_password) {
+ if (ctx->old_password != NULL) {
+ doveadm_print("old password specified, cannot ask for it");
+ _ctx->exit_code = EX_USAGE;
+ return -1;
+ }
+ if (!cli) {
+ doveadm_print("No cli - cannot ask for password");
+ _ctx->exit_code = EX_USAGE;
+ return -1;
+ }
+ ctx->old_password =
+ p_strdup(_ctx->pool, t_askpass("Old password: "));
+ }
+
+ if (ctx->ask_new_password) {
+ if (ctx->new_password != NULL) {
+ doveadm_print("new password specified, cannot ask for it");
+ _ctx->exit_code = EX_USAGE;
+ return -1;
+ }
+ if (!cli) {
+ doveadm_print("No cli - cannot ask for password");
+ _ctx->exit_code = EX_USAGE;
+ return -1;
+ }
+ const char *passw;
+ passw = t_askpass("New password: ");
+ if (strcmp(passw, t_askpass("Confirm new password: ")) != 0) {
+ doveadm_print("Passwords don't match, aborting");
+ _ctx->exit_code = EX_USAGE;
+ return -1;
+ }
+ ctx->new_password = p_strdup(_ctx->pool, passw);
+ }
+
+ if (ctx->clear_password &&
+ (ctx->new_password != NULL ||
+ mail_user_plugin_getenv(user, MAIL_CRYPT_USERENV_PASSWORD) != NULL)) {
+ doveadm_print("clear password and new password specified");
+ _ctx->exit_code = EX_USAGE;
+ return -1;
+ }
+
+ struct mail_namespace *ns = mail_namespace_find_inbox(user->namespaces);
+ struct mailbox *box = mailbox_alloc(ns->list, "INBOX", 0);
+ if (mailbox_open(box) < 0) {
+ doveadm_print(t_strdup_printf("mailbox_open(%s) failed: %s",
+ mailbox_get_vname(box),
+ mailbox_get_last_internal_error(box, NULL)));
+ _ctx->exit_code = EX_TEMPFAIL;
+ return -1;
+ }
+
+ t_array_init(&raw_keys, 8);
+
+ /* then get the current user keys, all of them */
+ struct mailbox_attribute_iter *iter =
+ mailbox_attribute_iter_init(box,
+ MAIL_ATTRIBUTE_TYPE_PRIVATE,
+ USER_CRYPT_PREFIX
+ PRIVKEYS_PREFIX);
+ const char *error;
+ const char *key_id;
+ int ret = 1;
+ unsigned int count = 0;
+
+ while ((key_id = mailbox_attribute_iter_next(iter)) != NULL) {
+ const char *attr =
+ t_strdup_printf(USER_CRYPT_PREFIX PRIVKEYS_PREFIX "%s",
+ key_id);
+
+ struct mail_attribute_value value;
+ if ((ret = mailbox_attribute_get(box, MAIL_ATTRIBUTE_TYPE_PRIVATE,
+ attr, &value)) < 0) {
+ doveadm_print(t_strdup_printf("mailbox_attribute_get(%s, %s) failed: %s",
+ mailbox_get_vname(box), attr,
+ mailbox_get_last_internal_error(box, NULL)));
+ _ctx->exit_code = EX_TEMPFAIL;
+ break;
+ } else if (ret > 0) {
+ struct raw_key *raw_key = array_append_space(&raw_keys);
+ raw_key->attr = p_strdup(_ctx->pool, attr);
+ raw_key->id = p_strdup(_ctx->pool, key_id);
+ raw_key->data = p_strdup(_ctx->pool, value.value);
+ }
+ }
+
+ if (ret == 1) {
+ struct mailbox_transaction_context *t =
+ mailbox_transaction_begin(box, _ctx->transaction_flags,
+ __func__);
+ struct dcrypt_private_key *key;
+ const struct raw_key *raw_key;
+ const char *algo = ctx->new_password != NULL ?
+ MAIL_CRYPT_PW_CIPHER :
+ NULL;
+ string_t *newkey = t_str_new(256);
+
+ array_foreach(&raw_keys, raw_key) {
+ struct mail_attribute_value value;
+
+ if (!dcrypt_key_load_private(&key, raw_key->data,
+ ctx->old_password, NULL,
+ &error)) {
+ doveadm_print(t_strdup_printf("dcrypt_key_load_private(%s) failed: %s",
+ raw_key->id,
+ error));
+ _ctx->exit_code = EX_DATAERR;
+ ret = -1;
+ break;
+ }
+
+ /* save it */
+ str_truncate(newkey, 0);
+
+ if (!dcrypt_key_store_private(key, DCRYPT_FORMAT_DOVECOT,
+ algo, newkey,
+ ctx->new_password,
+ NULL, &error)) {
+ doveadm_print(t_strdup_printf("dcrypt_key_store_private(%s) failed: %s",
+ raw_key->id,
+ error));
+ _ctx->exit_code = EX_DATAERR;
+ ret = -1;
+ }
+
+ dcrypt_key_unref_private(&key);
+ if (ret == -1) break;
+
+ i_zero(&value);
+ value.value = str_c(newkey);
+
+ /* and store it */
+ if (mailbox_attribute_set(t, MAIL_ATTRIBUTE_TYPE_PRIVATE,
+ raw_key->attr, &value) < 0) {
+ doveadm_print(t_strdup_printf("mailbox_attribute_set(%s, %s) failed: %s",
+ mailbox_get_vname(box),
+ raw_key->attr,
+ mailbox_get_last_internal_error(box, NULL)));
+ _ctx->exit_code = EX_TEMPFAIL;
+ ret = -1;
+ break;
+ }
+ count++;
+ }
+
+ if (ret < 1) {
+ mailbox_transaction_rollback(&t);
+ } else {
+ if (mailbox_transaction_commit(&t) < 0) {
+ doveadm_print(t_strdup_printf("mailbox_transaction_commit(%s) failed: %s",
+ mailbox_get_vname(box),
+ mailbox_get_last_internal_error(box, NULL)));
+ } else {
+ doveadm_print(t_strdup_printf("Changed password for %u key(s)",
+ count));
+ }
+ }
+ }
+
+ (void)mailbox_attribute_iter_deinit(&iter);
+ mailbox_free(&box);
+
+ return ret;
+}
+
+
+static bool cmd_mcp_keypair_generate_parse_arg(struct doveadm_mail_cmd_context *_ctx, int c)
+{
+ struct mcp_cmd_context *ctx =
+ (struct mcp_cmd_context *)_ctx;
+
+ switch (c) {
+ case 'U':
+ ctx->userkey_only = TRUE;
+ break;
+ case 'R':
+ ctx->recrypt_box_keys = TRUE;
+ break;
+ case 'f':
+ ctx->force = TRUE;
+ break;
+ default:
+ return FALSE;
+ }
+ return TRUE;
+
+}
+
+static bool cmd_mcp_key_password_parse_arg(struct doveadm_mail_cmd_context *_ctx, int c)
+{
+ struct mcp_cmd_context *ctx =
+ (struct mcp_cmd_context *)_ctx;
+
+ switch (c) {
+ case 'N':
+ ctx->ask_new_password = TRUE;
+ break;
+ case 'O':
+ ctx->ask_old_password = TRUE;
+ break;
+ case 'C':
+ ctx->clear_password = TRUE;
+ break;
+ case 'o':
+ ctx->old_password = p_strdup(_ctx->pool, optarg);
+ break;
+ case 'n':
+ ctx->new_password = p_strdup(_ctx->pool, optarg);
+ break;
+ default:
+ return FALSE;
+ }
+ return TRUE;
+}
+
+static bool cmd_mcp_key_parse_arg(struct doveadm_mail_cmd_context *_ctx, int c)
+{
+ struct mcp_cmd_context *ctx =
+ (struct mcp_cmd_context *)_ctx;
+
+ switch (c) {
+ case 'U':
+ ctx->userkey_only = TRUE;
+ break;
+ default:
+ return FALSE;
+ }
+ return TRUE;
+
+}
+
+static struct doveadm_mail_cmd_context *cmd_mcp_keypair_generate_alloc(void)
+{
+ struct mcp_cmd_context *ctx;
+
+ ctx = doveadm_mail_cmd_alloc(struct mcp_cmd_context);
+ ctx->ctx.getopt_args = "URf";
+ ctx->ctx.v.parse_arg = cmd_mcp_keypair_generate_parse_arg;
+ ctx->ctx.v.run = cmd_mcp_keypair_generate_run;
+ return &ctx->ctx;
+}
+
+static struct doveadm_mail_cmd_context *cmd_mcp_key_list_alloc(void)
+{
+ struct mcp_cmd_context *ctx;
+
+ ctx = doveadm_mail_cmd_alloc(struct mcp_cmd_context);
+ ctx->ctx.getopt_args = "U";
+ ctx->ctx.v.parse_arg = cmd_mcp_key_parse_arg;
+ ctx->ctx.v.run = cmd_mcp_key_list_run;
+ return &ctx->ctx;
+}
+
+static struct doveadm_mail_cmd_context *cmd_mcp_key_export_alloc(void)
+{
+ struct mcp_cmd_context *ctx;
+
+ ctx = doveadm_mail_cmd_alloc(struct mcp_cmd_context);
+ ctx->ctx.getopt_args = "U";
+ ctx->ctx.v.parse_arg = cmd_mcp_key_parse_arg;
+ ctx->ctx.v.run = cmd_mcp_key_export_run;
+ return &ctx->ctx;
+}
+
+static struct doveadm_mail_cmd_context *cmd_mcp_key_password_alloc(void)
+{
+ struct mcp_cmd_context *ctx;
+
+ ctx = doveadm_mail_cmd_alloc(struct mcp_cmd_context);
+ ctx->ctx.getopt_args = "NOCo:n:";
+ ctx->ctx.v.parse_arg = cmd_mcp_key_password_parse_arg;
+ ctx->ctx.v.run = cmd_mcp_key_password_run;
+ return &ctx->ctx;
+}
+
+struct doveadm_cmd_ver2 doveadm_cmd_mcp_keypair_generate = {
+ .name = "mailbox cryptokey generate",
+ .mail_cmd = cmd_mcp_keypair_generate_alloc,
+ .usage = DOVEADM_CMD_MAIL_USAGE_PREFIX "[-URf] mailbox [ mailbox .. ]",
+DOVEADM_CMD_PARAMS_START
+DOVEADM_CMD_MAIL_COMMON
+DOVEADM_CMD_PARAM('U', "user-key-only", CMD_PARAM_BOOL, 0)
+DOVEADM_CMD_PARAM('R', "re-encrypt-box-keys", CMD_PARAM_BOOL, 0)
+DOVEADM_CMD_PARAM('f', "force", CMD_PARAM_BOOL, 0)
+DOVEADM_CMD_PARAM('\0', "mailbox", CMD_PARAM_STR, CMD_PARAM_FLAG_POSITIONAL)
+DOVEADM_CMD_PARAMS_END
+};
+
+struct doveadm_cmd_ver2 doveadm_cmd_mcp_key_list = {
+ .name = "mailbox cryptokey list",
+ .mail_cmd = cmd_mcp_key_list_alloc,
+ .usage = DOVEADM_CMD_MAIL_USAGE_PREFIX "-U | mailbox [ mailbox .. ]",
+DOVEADM_CMD_PARAMS_START
+DOVEADM_CMD_MAIL_COMMON
+DOVEADM_CMD_PARAM('U', "user-key", CMD_PARAM_BOOL, 0)
+DOVEADM_CMD_PARAM('\0', "mailbox", CMD_PARAM_STR, CMD_PARAM_FLAG_POSITIONAL)
+DOVEADM_CMD_PARAMS_END
+};
+
+struct doveadm_cmd_ver2 doveadm_cmd_mcp_key_export = {
+ .name = "mailbox cryptokey export",
+ .mail_cmd = cmd_mcp_key_export_alloc,
+ .usage = DOVEADM_CMD_MAIL_USAGE_PREFIX "-U | mailbox [ mailbox .. ]",
+DOVEADM_CMD_PARAMS_START
+DOVEADM_CMD_MAIL_COMMON
+DOVEADM_CMD_PARAM('U', "user-key", CMD_PARAM_BOOL, 0)
+DOVEADM_CMD_PARAM('\0', "mailbox", CMD_PARAM_STR, CMD_PARAM_FLAG_POSITIONAL)
+DOVEADM_CMD_PARAMS_END
+};
+
+struct doveadm_cmd_ver2 doveadm_cmd_mcp_key_password = {
+ .name = "mailbox cryptokey password",
+ .mail_cmd = cmd_mcp_key_password_alloc,
+ .usage = DOVEADM_CMD_MAIL_USAGE_PREFIX "[-NOC] [-opassword] [-npassword]",
+DOVEADM_CMD_PARAMS_START
+DOVEADM_CMD_MAIL_COMMON
+DOVEADM_CMD_PARAM('C', "clear-password", CMD_PARAM_BOOL, 0)
+DOVEADM_CMD_PARAM('N', "ask-new-password", CMD_PARAM_BOOL, 0)
+DOVEADM_CMD_PARAM('n', "new-password", CMD_PARAM_STR, 0)
+DOVEADM_CMD_PARAM('O', "ask-old-password", CMD_PARAM_BOOL, 0)
+DOVEADM_CMD_PARAM('o', "old-password", CMD_PARAM_STR, 0)
+DOVEADM_CMD_PARAMS_END
+};
+
+void doveadm_mail_crypt_plugin_init(struct module *mod ATTR_UNUSED)
+{
+ doveadm_cmd_register_ver2(&doveadm_cmd_mcp_keypair_generate);
+ doveadm_cmd_register_ver2(&doveadm_cmd_mcp_key_list);
+ doveadm_cmd_register_ver2(&doveadm_cmd_mcp_key_export);
+ doveadm_cmd_register_ver2(&doveadm_cmd_mcp_key_password);
+}
+
+void doveadm_mail_crypt_plugin_deinit(void)
+{
+}