rework default flags:

the library does not give defaults for any of the configuration flags
this is done in the ykpersonalize tool instead. ykp_alloc() and
ykp_configure_version() introduced, removed status parameter from
ykp_configure_command(). Remove defaulting to slot 1, instead force
the user to select a slot.

diff --git a/libykpers-1.map b/libykpers-1.map
index fa3b7be36a992cb27fd04e786277ace13dda391f..6071c618e18b79f94d1555d9ef9e2b2aba432bdf 100644 (file)
--- a/libykpers-1.map
+++ b/libykpers-1.map
@@ -130,6 +130,8 @@ LIBYKPERS_1.6 {
 LIBYKPERS_1.7 {
   global:
 # Functions:
+  ykp_alloc;
+  ykp_configure_version;
   ykp_command;
   ykp_configure_command;
   yk_write_command;

diff --git a/ykpers-args.c b/ykpers-args.c
index 5211f1fb8786e94bab433ff0118d58a63da7e07c..f2053d02c08a6dea04114a32db66efdbce64f524 100644 (file)
--- a/ykpers-args.c
+++ b/ykpers-args.c
@@ -29,6 +29,8 @@
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
+#include "ykcore_lcl.h"
+
 #include <stdlib.h>
 #include <stdio.h>
 #include <stddef.h>
@@ -43,7 +45,8 @@
 const char *usage =
 "Usage: ykpersonalize [options]\n"
 "-u        update configuration without overwriting.  This is only available\n"
-"          in YubiKey 2.3 and later.\n"
+"          in YubiKey 2.3 and later. EXTFLAG_ALLOW_UPDATE will be set by\n"
+"          default\n"
 "-1        change the first configuration.  This is the default and\n"
 "          is normally used for true OTP generation.\n"
 "          In this configuration, TKTFLAG_APPEND_CR is set by default.\n"
@@ -137,6 +140,46 @@ const char *usage =
 ;
 const char *optstring = "u12xa:c:hi:o:s:vy";
 
+static const YK_CONFIG default_config1 = {
+        { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* fixed */
+        { 0, 0, 0, 0, 0, 0 },   /* uid */
+        { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* key */
+        { 0, 0, 0, 0, 0, 0 },   /* accCode */
+        0,                      /* fixedSize */
+        0,                      /* extFlags */
+        TKTFLAG_APPEND_CR,      /* tktFlags */
+        0,                      /* cfgFlags */
+        0,                      /* ctrOffs */
+        0                       /* crc */
+};
+
+static const YK_CONFIG default_config2 = {
+        { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* fixed */
+        { 0, 0, 0, 0, 0, 0 },   /* uid */
+        { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* key */
+        { 0, 0, 0, 0, 0, 0 },   /* accCode */
+        0,                      /* fixedSize */
+        0,                      /* extFlags */
+        TKTFLAG_APPEND_CR,      /* tktFlags */
+        /* cfgFlags */
+        CFGFLAG_STATIC_TICKET | CFGFLAG_STRONG_PW1 | CFGFLAG_STRONG_PW2 | CFGFLAG_MAN_UPDATE,
+        0,                      /* ctrOffs */
+        0                       /* crc */
+};
+
+static const YK_CONFIG default_update = {
+        { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* fixed */
+        { 0, 0, 0, 0, 0, 0 },   /* uid */
+        { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* key */
+        { 0, 0, 0, 0, 0, 0 },   /* accCode */
+        0,                      /* fixedSize */
+        EXTFLAG_ALLOW_UPDATE,   /* extFlags */
+        TKTFLAG_APPEND_CR,      /* tktFlags */
+        0,                      /* cfgFlags */
+        0,                      /* ctrOffs */
+        0                       /* crc */
+};
+
 static int hex_modhex_decode(unsigned char *result, size_t *resultlen,
                             const char *str, size_t strl,
                             size_t minsize, size_t maxsize,
@@ -216,6 +259,8 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg,
        bool swap_seen = false;
        bool update_seen = false;
 
+       ykp_configure_version(cfg, st);
+
        struct config_st *ycfg = (struct config_st *) ykp_core_config(cfg);
 
        while((c = getopt(argc, argv, optstring)) != -1) {
@@ -267,14 +312,6 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg,
                        break;
                case '1':
                case '2': {
-                               int command = SLOT_CONFIG;
-                               if (update_seen && c == '1') {
-                                       command = SLOT_UPDATE1;
-                               } else if (update_seen && c == '2') {
-                                       command = SLOT_UPDATE2;
-                               } else if (c == '2') {
-                                       command = SLOT_CONFIG2;
-                               }
                                if (slot_chosen) {
                                        fprintf(stderr, "You may only choose slot (-1 / -2) once.\n");
                                        *exit_code = 1;
@@ -290,7 +327,22 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg,
                                        *exit_code = 1;
                                        return 0;
                                }
-                               if (!ykp_configure_command(cfg, command, st))
+                               int command;
+                               if (update_seen) {
+                                       memcpy(ycfg, &default_update, sizeof(default_update));
+                                       if(c == '1') {
+                                               command = SLOT_UPDATE1;
+                                       } else if(c == '2') {
+                                               command = SLOT_UPDATE2;
+                                       }
+                               } else if (c == '1') {
+                                       command = SLOT_CONFIG;
+                                       memcpy(ycfg, &default_config1, sizeof(default_config1));
+                               } else if (c == '2') {
+                                       command = SLOT_CONFIG2;
+                                       memcpy(ycfg, &default_config2, sizeof(default_config2));
+                               }
+                               if (!ykp_configure_command(cfg, command))
                                        return 0;
                                slot_chosen = true;
                                break;
@@ -311,7 +363,7 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg,
                                *exit_code = 1;
                                return 0;
                        }
-                       if (!ykp_configure_command(cfg, SLOT_SWAP, st)) {
+                       if (!ykp_configure_command(cfg, SLOT_SWAP)) {
                                return 0;
                        }
                        swap_seen = true;
@@ -531,6 +583,12 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg,
                }
        }
 
+       if (!slot_chosen) {
+               fprintf(stderr, "A slot must be chosen with -1 or -2.\n");
+               *exit_code = 1;
+               return 0;
+       }
+
        if (update_seen) {
                struct config_st *core_config = (struct config_st *) ykp_core_config(cfg);
                if ((core_config->tktFlags & TKTFLAG_UPDATE_MASK) != core_config->tktFlags) {

diff --git a/ykpers.c b/ykpers.c
index 98291f52c55f1a0f98882cf3271b46de1039ce1c..3ec58c906e246588dfdd22e4db405aec8afb8cda 100644 (file)
--- a/ykpers.c
+++ b/ykpers.c
@@ -91,6 +91,16 @@ YKP_CONFIG *ykp_create_config(void)
        return 0;
 }
 
+YKP_CONFIG *ykp_alloc(void)
+{
+       YKP_CONFIG *cfg = malloc(sizeof(YKP_CONFIG));
+       if(cfg) {
+               memset(cfg, 0, sizeof(YKP_CONFIG));
+               return cfg;
+       }
+       return 0;
+}
+
 int ykp_free_config(YKP_CONFIG *cfg)
 {
        if (cfg) {
@@ -100,31 +110,25 @@ int ykp_free_config(YKP_CONFIG *cfg)
        return 0;
 }
 
-int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command, YK_STATUS *st)
+void ykp_configure_version(YKP_CONFIG *cfg, YK_STATUS *st)
 {
        cfg->yk_major_version = st->versionMajor;
        cfg->yk_minor_version = st->versionMinor;
+}
 
+int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command)
+{
        switch(command) {
        case SLOT_CONFIG:
-               memcpy(&cfg->ykcore_config, &default_config1,
-                       sizeof(default_config1));
                break;
        case SLOT_CONFIG2:
-               if (cfg->yk_major_version >= 2) {
-                       memcpy(&cfg->ykcore_config, &default_config2,
-                               sizeof(default_config2));
-               } else {
+               if (!cfg->yk_major_version >= 2) {
                        ykp_errno = YKP_EOLDYUBIKEY;
                        return 0;
                }
                break;
        case SLOT_UPDATE1:
        case SLOT_UPDATE2:
-               {
-                       struct config_st *core_config = (struct config_st *) ykp_core_config(cfg);
-                       core_config->extFlags |= EXTFLAG_ALLOW_UPDATE;
-               }
        case SLOT_SWAP:
                if (!((cfg->yk_major_version == 2 && cfg->yk_minor_version >= 3)
                          || cfg->yk_major_version > 2)) {
@@ -142,11 +146,16 @@ int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command, YK_STATUS *st)
 
 int ykp_configure_for(YKP_CONFIG *cfg, int confnum, YK_STATUS *st)
 {
+       ykp_configure_version(cfg, st);
        switch(confnum) {
        case 1:
-               return ykp_configure_command(cfg, SLOT_CONFIG, st);
+               memcpy(&cfg->ykcore_config, &default_config1,
+                               sizeof(default_config1));
+               return ykp_configure_command(cfg, SLOT_CONFIG);
        case 2:
-               return ykp_configure_command(cfg, SLOT_CONFIG2, st);
+               memcpy(&cfg->ykcore_config, &default_config2,
+                               sizeof(default_config2));
+               return ykp_configure_command(cfg, SLOT_CONFIG2);
        default:
                ykp_errno = YKP_EINVCONFNUM;
                return 0;

diff --git a/ykpers.h b/ykpers.h
index fd84e5991efd6bfe578af1209c37f3375daa7dd9..56aa428ca0b36b3f351d5e8764c33cc2c31f411c 100644 (file)
--- a/ykpers.h
+++ b/ykpers.h
@@ -46,10 +46,17 @@ typedef struct ykp_config_t YKP_CONFIG;
 YKP_CONFIG *ykp_create_config(void);
 int ykp_free_config(YKP_CONFIG *cfg);
 
+/* allocate an empty YKP_CONFIG, use ykp_configure_version() to set
+   version information. */
+YKP_CONFIG *ykp_alloc(void);
+
+/* Set the version information in st in cfg. */
+void ykp_configure_version(YKP_CONFIG *cfg, YK_STATUS *st);
+
 /* This is used to tell what YubiKey version we're working with and what
    command we want to send to it. If this isn't used YubiKey 1 only will
    be assumed. */
-int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command, YK_STATUS *st);
+int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command);
 /* wrapper function for ykp_configure_command */
 int ykp_configure_for(YKP_CONFIG *cfg, int confnum, YK_STATUS *st);
 

diff --git a/ykpersonalize.c b/ykpersonalize.c
index de0ff78c2c4b1e588a17d7de26f96fac269d4249..2ba0a197f5f36e121df1c9bed8439e4738722232 100644 (file)
--- a/ykpersonalize.c
+++ b/ykpersonalize.c
@@ -59,7 +59,7 @@ int main(int argc, char **argv)
        bool use_access_code = false;
        unsigned char access_code[256];
        YK_KEY *yk = 0;
-       YKP_CONFIG *cfg = ykp_create_config();
+       YKP_CONFIG *cfg = ykp_alloc();
        YK_STATUS *st = ykds_alloc();
        bool autocommit = false;
 
@@ -118,9 +118,6 @@ int main(int argc, char **argv)
                }
        }
 
-       if (!ykp_configure_for(cfg, 1, st))
-               goto err;
-
        /* Parse all arguments in a testable way */
        if (! args_to_config(argc, argv, cfg,
                             &infname, &outfname,