mosquitto/apps/mosquitto_ctrl/dynsec_client.c

/*
Copyright (c) 2020 Roger Light <roger@atchoo.org>

All rights reserved. This program and the accompanying materials
are made available under the terms of the Eclipse Public License 2.0
and Eclipse Distribution License v1.0 which accompany this distribution.

The Eclipse Public License is available at
   https://www.eclipse.org/legal/epl-2.0/
and the Eclipse Distribution License is available at
  http://www.eclipse.org/org/documents/edl-v10.php.

SPDX-License-Identifier: EPL-2.0 OR EDL-1.0

Contributors:
   Roger Light - initial implementation and documentation.
*/
#include <cjson/cJSON.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include "mosquitto.h"
#include "mosquitto_ctrl.h"
#include "get_password.h"
#include "password_mosq.h"

int dynsec_client__create(int argc, char *argv[], cJSON *j_command)
{
	char *username = NULL, *password = NULL, *clientid = NULL;
	char prompt[200], verify_prompt[200];
	char password_buf[200];
	int rc;
	int i;
	bool request_password = true;

	if(argc == 0){
		return MOSQ_ERR_INVAL;
	}
	username = argv[0];

	for(i=1; i<argc; i++){
		if(!strcmp(argv[i], "-c")){
			if(i+1 == argc){
				fprintf(stderr, "Error: -c argument given, but no clientid provided.\n");
				return MOSQ_ERR_INVAL;
			}
			clientid = argv[i+1];
			i++;
		}else if(!strcmp(argv[i], "-p")){
			if(i+1 == argc){
				fprintf(stderr, "Error: -p argument given, but no password provided.\n");
				return MOSQ_ERR_INVAL;
			}
			password = argv[i+1];
			i++;
			request_password = false;
		}
	}

	if(request_password){
		printf("Enter new password for %s. Press return for no password (user will be unable to login).\n", username);
		snprintf(prompt, sizeof(prompt), "New password for %s: ", username);
		snprintf(verify_prompt, sizeof(verify_prompt), "Reenter password for %s: ", username);
		rc = get_password(prompt, verify_prompt, true, password_buf, sizeof(password_buf));
		if(rc == 0){
			password = password_buf;
		}else{
			password = NULL;
			printf("\n");
		}
	}
	if(cJSON_AddStringToObject(j_command, "command", "createClient") == NULL
			|| cJSON_AddStringToObject(j_command, "username", username) == NULL
			|| (clientid && cJSON_AddStringToObject(j_command, "clientid", clientid) == NULL)
			|| (password && cJSON_AddStringToObject(j_command, "password", password) == NULL)
			){

		return MOSQ_ERR_NOMEM;
	}else{
		return MOSQ_ERR_SUCCESS;
	}
}

int dynsec_client__delete(int argc, char *argv[], cJSON *j_command)
{
	char *username = NULL;

	if(argc == 1){
		username = argv[0];
	}else{
		return MOSQ_ERR_INVAL;
	}

	if(cJSON_AddStringToObject(j_command, "command", "deleteClient") == NULL
			|| cJSON_AddStringToObject(j_command, "username", username) == NULL
			){

		return MOSQ_ERR_NOMEM;
	}else{
		return MOSQ_ERR_SUCCESS;
	}
}

int dynsec_client__enable_disable(int argc, char *argv[], cJSON *j_command, const char *command)
{
	char *username = NULL;

	if(argc == 1){
		username = argv[0];
	}else{
		return MOSQ_ERR_INVAL;
	}

	if(cJSON_AddStringToObject(j_command, "command", command) == NULL
			|| cJSON_AddStringToObject(j_command, "username", username) == NULL
			){

		return MOSQ_ERR_NOMEM;
	}else{
		return MOSQ_ERR_SUCCESS;
	}
}

int dynsec_client__set_id(int argc, char *argv[], cJSON *j_command)
{
	char *username = NULL, *clientid = NULL;

	if(argc == 2){
		username = argv[0];
		clientid = argv[1];
	}else if(argc == 1){
		username = argv[0];
	}else{
		return MOSQ_ERR_INVAL;
	}

	if(cJSON_AddStringToObject(j_command, "command", "setClientId") == NULL
			|| cJSON_AddStringToObject(j_command, "username", username) == NULL
			|| (clientid && cJSON_AddStringToObject(j_command, "clientid", clientid) == NULL)
			){

		return MOSQ_ERR_NOMEM;
	}else{
		return MOSQ_ERR_SUCCESS;
	}
}

int dynsec_client__set_password(int argc, char *argv[], cJSON *j_command)
{
	char *username = NULL, *password = NULL;
	char prompt[200], verify_prompt[200];
	char password_buf[200];
	int rc;

	if(argc == 2){
		username = argv[0];
		password = argv[1];
	}else if(argc == 1){
		username = argv[0];

		snprintf(prompt, sizeof(prompt), "New password for %s: ", username);
		snprintf(verify_prompt, sizeof(verify_prompt), "Reenter password for %s: ", username);
		rc = get_password(prompt, verify_prompt, false, password_buf, sizeof(password_buf));
		if(rc){
			return MOSQ_ERR_INVAL;
		}
		password = password_buf;
	}else{
		return MOSQ_ERR_INVAL;
	}

	if(cJSON_AddStringToObject(j_command, "command", "setClientPassword") == NULL
			|| cJSON_AddStringToObject(j_command, "username", username) == NULL
			|| cJSON_AddStringToObject(j_command, "password", password) == NULL
			){

		return MOSQ_ERR_NOMEM;
	}else{
		return MOSQ_ERR_SUCCESS;
	}
}

int dynsec_client__get(int argc, char *argv[], cJSON *j_command)
{
	char *username = NULL;

	if(argc == 1){
		username = argv[0];
	}else{
		return MOSQ_ERR_INVAL;
	}

	if(cJSON_AddStringToObject(j_command, "command", "getClient") == NULL
			|| cJSON_AddStringToObject(j_command, "username", username) == NULL
			){

		return MOSQ_ERR_NOMEM;
	}else{
		return MOSQ_ERR_SUCCESS;
	}
}

int dynsec_client__add_remove_role(int argc, char *argv[], cJSON *j_command, const char *command)
{
	char *username = NULL, *rolename = NULL;
	int priority = -1;

	if(argc == 2){
		username = argv[0];
		rolename = argv[1];
	}else if(argc == 3){
		username = argv[0];
		rolename = argv[1];
		priority = atoi(argv[2]);
	}else{
		return MOSQ_ERR_INVAL;
	}

	if(cJSON_AddStringToObject(j_command, "command", command) == NULL
			|| cJSON_AddStringToObject(j_command, "username", username) == NULL
			|| cJSON_AddStringToObject(j_command, "rolename", rolename) == NULL
			|| (priority != -1 && cJSON_AddIntToObject(j_command, "priority", priority) == NULL)
			){

		return MOSQ_ERR_NOMEM;
	}else{
		return MOSQ_ERR_SUCCESS;
	}
}

int dynsec_client__list_all(int argc, char *argv[], cJSON *j_command)
{
	int count = -1, offset = -1;

	if(argc == 0){
		/* All clients */
	}else if(argc == 1){
		count = atoi(argv[0]);
	}else if(argc == 2){
		count = atoi(argv[0]);
		offset = atoi(argv[1]);
	}else{
		return MOSQ_ERR_INVAL;
	}

	if(cJSON_AddStringToObject(j_command, "command", "listClients") == NULL
			|| (count > 0 && cJSON_AddIntToObject(j_command, "count", count) == NULL)
			|| (offset > 0 && cJSON_AddIntToObject(j_command, "offset", offset) == NULL)
			){

		return MOSQ_ERR_NOMEM;
	}else{
		return MOSQ_ERR_SUCCESS;
	}
}
New dynamic security plugin. 2020-09-23 21:59:31 +00:00			`/*`
			`Copyright (c) 2020 Roger Light <roger@atchoo.org>`

			`All rights reserved. This program and the accompanying materials`
Update to EPL-2.0 2020-11-25 17:34:21 +00:00			`are made available under the terms of the Eclipse Public License 2.0`
New dynamic security plugin. 2020-09-23 21:59:31 +00:00			`and Eclipse Distribution License v1.0 which accompany this distribution.`

			`The Eclipse Public License is available at`
Update to EPL-2.0 2020-11-25 17:34:21 +00:00			`https://www.eclipse.org/legal/epl-2.0/`
New dynamic security plugin. 2020-09-23 21:59:31 +00:00			`and the Eclipse Distribution License is available at`
			`http://www.eclipse.org/org/documents/edl-v10.php.`

Add SPDX license identifiers. 2020-12-01 18:21:59 +00:00			`SPDX-License-Identifier: EPL-2.0 OR EDL-1.0`

New dynamic security plugin. 2020-09-23 21:59:31 +00:00			`Contributors:`
			`Roger Light - initial implementation and documentation.`
			`*/`
Fix cjson include paths. 2020-12-04 22:15:19 +00:00			`#include <cjson/cJSON.h>`
New dynamic security plugin. 2020-09-23 21:59:31 +00:00			`#include <stdio.h>`
			`#include <stdlib.h>`
			`#include <string.h>`

			`#include "mosquitto.h"`
			`#include "mosquitto_ctrl.h"`
ctrl: Ask for passwords if not given. Applies to login user, init, createClient, and setClientPassword. 2020-10-29 14:35:50 +00:00			`#include "get_password.h"`
New dynamic security plugin. 2020-09-23 21:59:31 +00:00			`#include "password_mosq.h"`

			`int dynsec_client__create(int argc, char argv[], cJSON j_command)`
			`{`
mosquitto_ctrl: Allow optional client and password when creating a client. 2020-11-07 23:47:49 +00:00			`char username = NULL, password = NULL, *clientid = NULL;`
ctrl: Ask for passwords if not given. Applies to login user, init, createClient, and setClientPassword. 2020-10-29 14:35:50 +00:00			`char prompt[200], verify_prompt[200];`
			`char password_buf[200];`
			`int rc;`
mosquitto_ctrl: Allow optional client and password when creating a client. 2020-11-07 23:47:49 +00:00			`int i;`
			`bool request_password = true;`
New dynamic security plugin. 2020-09-23 21:59:31 +00:00
Cope with missing username. 2020-11-17 19:22:08 +00:00			`if(argc == 0){`
			`return MOSQ_ERR_INVAL;`
			`}`
mosquitto_ctrl: Allow optional client and password when creating a client. 2020-11-07 23:47:49 +00:00			`username = argv[0];`

			`for(i=1; i<argc; i++){`
			`if(!strcmp(argv[i], "-c")){`
			`if(i+1 == argc){`
			`fprintf(stderr, "Error: -c argument given, but no clientid provided.\n");`
			`return MOSQ_ERR_INVAL;`
			`}`
			`clientid = argv[i+1];`
			`i++;`
			`}else if(!strcmp(argv[i], "-p")){`
			`if(i+1 == argc){`
			`fprintf(stderr, "Error: -p argument given, but no password provided.\n");`
			`return MOSQ_ERR_INVAL;`
			`}`
			`password = argv[i+1];`
			`i++;`
			`request_password = false;`
			`}`
			`}`
ctrl: Ask for passwords if not given. Applies to login user, init, createClient, and setClientPassword. 2020-10-29 14:35:50 +00:00
mosquitto_ctrl: Allow optional client and password when creating a client. 2020-11-07 23:47:49 +00:00			`if(request_password){`
ctrl: Ask for passwords if not given. Applies to login user, init, createClient, and setClientPassword. 2020-10-29 14:35:50 +00:00			`printf("Enter new password for %s. Press return for no password (user will be unable to login).\n", username);`
			`snprintf(prompt, sizeof(prompt), "New password for %s: ", username);`
			`snprintf(verify_prompt, sizeof(verify_prompt), "Reenter password for %s: ", username);`
			`rc = get_password(prompt, verify_prompt, true, password_buf, sizeof(password_buf));`
			`if(rc == 0){`
			`password = password_buf;`
			`}else{`
			`password = NULL;`
			`printf("\n");`
			`}`
New dynamic security plugin. 2020-09-23 21:59:31 +00:00			`}`
			`if(cJSON_AddStringToObject(j_command, "command", "createClient") == NULL`
			`\|\| cJSON_AddStringToObject(j_command, "username", username) == NULL`
mosquitto_ctrl: Allow optional client and password when creating a client. 2020-11-07 23:47:49 +00:00			`\|\| (clientid && cJSON_AddStringToObject(j_command, "clientid", clientid) == NULL)`
New dynamic security plugin. 2020-09-23 21:59:31 +00:00			`\|\| (password && cJSON_AddStringToObject(j_command, "password", password) == NULL)`
			`){`

			`return MOSQ_ERR_NOMEM;`
			`}else{`
			`return MOSQ_ERR_SUCCESS;`
			`}`
			`}`

			`int dynsec_client__delete(int argc, char argv[], cJSON j_command)`
			`{`
			`char *username = NULL;`

			`if(argc == 1){`
			`username = argv[0];`
			`}else{`
			`return MOSQ_ERR_INVAL;`
			`}`

			`if(cJSON_AddStringToObject(j_command, "command", "deleteClient") == NULL`
			`\|\| cJSON_AddStringToObject(j_command, "username", username) == NULL`
			`){`

			`return MOSQ_ERR_NOMEM;`
			`}else{`
			`return MOSQ_ERR_SUCCESS;`
			`}`
			`}`

dynsec: Add enableClient disableClient commands. 2020-10-29 15:17:12 +00:00			`int dynsec_client__enable_disable(int argc, char argv[], cJSON j_command, const char *command)`
			`{`
			`char *username = NULL;`

			`if(argc == 1){`
			`username = argv[0];`
			`}else{`
			`return MOSQ_ERR_INVAL;`
			`}`

			`if(cJSON_AddStringToObject(j_command, "command", command) == NULL`
			`\|\| cJSON_AddStringToObject(j_command, "username", username) == NULL`
			`){`

			`return MOSQ_ERR_NOMEM;`
			`}else{`
			`return MOSQ_ERR_SUCCESS;`
			`}`
			`}`

dynsec: Add setClientId command. 2020-11-17 14:58:23 +00:00			`int dynsec_client__set_id(int argc, char argv[], cJSON j_command)`
			`{`
			`char username = NULL, clientid = NULL;`

			`if(argc == 2){`
			`username = argv[0];`
			`clientid = argv[1];`
			`}else if(argc == 1){`
			`username = argv[0];`
			`}else{`
			`return MOSQ_ERR_INVAL;`
			`}`

			`if(cJSON_AddStringToObject(j_command, "command", "setClientId") == NULL`
			`\|\| cJSON_AddStringToObject(j_command, "username", username) == NULL`
			`\|\| (clientid && cJSON_AddStringToObject(j_command, "clientid", clientid) == NULL)`
			`){`

			`return MOSQ_ERR_NOMEM;`
			`}else{`
			`return MOSQ_ERR_SUCCESS;`
			`}`
			`}`

New dynamic security plugin. 2020-09-23 21:59:31 +00:00			`int dynsec_client__set_password(int argc, char argv[], cJSON j_command)`
			`{`
			`char username = NULL, password = NULL;`
ctrl: Ask for passwords if not given. Applies to login user, init, createClient, and setClientPassword. 2020-10-29 14:35:50 +00:00			`char prompt[200], verify_prompt[200];`
			`char password_buf[200];`
			`int rc;`
New dynamic security plugin. 2020-09-23 21:59:31 +00:00
			`if(argc == 2){`
			`username = argv[0];`
			`password = argv[1];`
ctrl: Ask for passwords if not given. Applies to login user, init, createClient, and setClientPassword. 2020-10-29 14:35:50 +00:00			`}else if(argc == 1){`
			`username = argv[0];`

			`snprintf(prompt, sizeof(prompt), "New password for %s: ", username);`
			`snprintf(verify_prompt, sizeof(verify_prompt), "Reenter password for %s: ", username);`
			`rc = get_password(prompt, verify_prompt, false, password_buf, sizeof(password_buf));`
			`if(rc){`
			`return MOSQ_ERR_INVAL;`
			`}`
			`password = password_buf;`
New dynamic security plugin. 2020-09-23 21:59:31 +00:00			`}else{`
			`return MOSQ_ERR_INVAL;`
			`}`

			`if(cJSON_AddStringToObject(j_command, "command", "setClientPassword") == NULL`
			`\|\| cJSON_AddStringToObject(j_command, "username", username) == NULL`
			`\|\| cJSON_AddStringToObject(j_command, "password", password) == NULL`
			`){`

			`return MOSQ_ERR_NOMEM;`
			`}else{`
			`return MOSQ_ERR_SUCCESS;`
			`}`
			`}`

			`int dynsec_client__get(int argc, char argv[], cJSON j_command)`
			`{`
			`char *username = NULL;`

			`if(argc == 1){`
			`username = argv[0];`
			`}else{`
			`return MOSQ_ERR_INVAL;`
			`}`

			`if(cJSON_AddStringToObject(j_command, "command", "getClient") == NULL`
			`\|\| cJSON_AddStringToObject(j_command, "username", username) == NULL`
			`){`

			`return MOSQ_ERR_NOMEM;`
			`}else{`
			`return MOSQ_ERR_SUCCESS;`
			`}`
			`}`

			`int dynsec_client__add_remove_role(int argc, char argv[], cJSON j_command, const char *command)`
			`{`
			`char username = NULL, rolename = NULL;`
			`int priority = -1;`

			`if(argc == 2){`
			`username = argv[0];`
			`rolename = argv[1];`
			`}else if(argc == 3){`
			`username = argv[0];`
			`rolename = argv[1];`
			`priority = atoi(argv[2]);`
			`}else{`
			`return MOSQ_ERR_INVAL;`
			`}`

			`if(cJSON_AddStringToObject(j_command, "command", command) == NULL`
			`\|\| cJSON_AddStringToObject(j_command, "username", username) == NULL`
			`\|\| cJSON_AddStringToObject(j_command, "rolename", rolename) == NULL`
Ctrl: Fix use of ints in cJSON. 2020-11-04 13:58:40 +00:00			`\|\| (priority != -1 && cJSON_AddIntToObject(j_command, "priority", priority) == NULL)`
New dynamic security plugin. 2020-09-23 21:59:31 +00:00			`){`

			`return MOSQ_ERR_NOMEM;`
			`}else{`
			`return MOSQ_ERR_SUCCESS;`
			`}`
			`}`

			`int dynsec_client__list_all(int argc, char argv[], cJSON j_command)`
			`{`
			`int count = -1, offset = -1;`

			`if(argc == 0){`
			`/* All clients */`
			`}else if(argc == 1){`
			`count = atoi(argv[0]);`
			`}else if(argc == 2){`
			`count = atoi(argv[0]);`
			`offset = atoi(argv[1]);`
			`}else{`
			`return MOSQ_ERR_INVAL;`
			`}`

			`if(cJSON_AddStringToObject(j_command, "command", "listClients") == NULL`
Ctrl: Fix use of ints in cJSON. 2020-11-04 13:58:40 +00:00			`\|\| (count > 0 && cJSON_AddIntToObject(j_command, "count", count) == NULL)`
			`\|\| (offset > 0 && cJSON_AddIntToObject(j_command, "offset", offset) == NULL)`
New dynamic security plugin. 2020-09-23 21:59:31 +00:00			`){`

			`return MOSQ_ERR_NOMEM;`
			`}else{`
			`return MOSQ_ERR_SUCCESS;`
			`}`
			`}`