From: Klas Lindfors <klas@yubico.com>
Date: Thu, 5 Apr 2012 09:16:03 +0000 (+0200)
Subject: rework default flags:
X-Git-Tag: v1.7.0~1^2~44
X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=71e7b4f501633cd48a00562149bd8a16d925ae8a;p=yubikey-personalization

rework default flags:

the library does not give defaults for any of the configuration flags
this is done in the ykpersonalize tool instead. ykp_alloc() and
ykp_configure_version() introduced, removed status parameter from
ykp_configure_command(). Remove defaulting to slot 1, instead force
the user to select a slot.
---

diff --git a/libykpers-1.map b/libykpers-1.map
index fa3b7be..6071c61 100644
--- a/libykpers-1.map
+++ b/libykpers-1.map
@@ -130,6 +130,8 @@ LIBYKPERS_1.6 {
 LIBYKPERS_1.7 {
   global:
 # Functions:
+  ykp_alloc;
+  ykp_configure_version;
   ykp_command;
   ykp_configure_command;
   yk_write_command;
diff --git a/ykpers-args.c b/ykpers-args.c
index 5211f1f..f2053d0 100644
--- a/ykpers-args.c
+++ b/ykpers-args.c
@@ -29,6 +29,8 @@
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
+#include "ykcore_lcl.h"
+
 #include <stdlib.h>
 #include <stdio.h>
 #include <stddef.h>
@@ -43,7 +45,8 @@
 const char *usage =
 "Usage: ykpersonalize [options]\n"
 "-u        update configuration without overwriting.  This is only available\n"
-"          in YubiKey 2.3 and later.\n"
+"          in YubiKey 2.3 and later. EXTFLAG_ALLOW_UPDATE will be set by\n"
+"          default\n"
 "-1        change the first configuration.  This is the default and\n"
 "          is normally used for true OTP generation.\n"
 "          In this configuration, TKTFLAG_APPEND_CR is set by default.\n"
@@ -137,6 +140,46 @@ const char *usage =
 ;
 const char *optstring = "u12xa:c:hi:o:s:vy";
 
+static const YK_CONFIG default_config1 = {
+        { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* fixed */
+        { 0, 0, 0, 0, 0, 0 },   /* uid */
+        { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* key */
+        { 0, 0, 0, 0, 0, 0 },   /* accCode */
+        0,                      /* fixedSize */
+        0,                      /* extFlags */
+        TKTFLAG_APPEND_CR,      /* tktFlags */
+        0,                      /* cfgFlags */
+        0,                      /* ctrOffs */
+        0                       /* crc */
+};
+
+static const YK_CONFIG default_config2 = {
+        { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* fixed */
+        { 0, 0, 0, 0, 0, 0 },   /* uid */
+        { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* key */
+        { 0, 0, 0, 0, 0, 0 },   /* accCode */
+        0,                      /* fixedSize */
+        0,                      /* extFlags */
+        TKTFLAG_APPEND_CR,      /* tktFlags */
+        /* cfgFlags */
+        CFGFLAG_STATIC_TICKET | CFGFLAG_STRONG_PW1 | CFGFLAG_STRONG_PW2 | CFGFLAG_MAN_UPDATE,
+        0,                      /* ctrOffs */
+        0                       /* crc */
+};
+
+static const YK_CONFIG default_update = {
+        { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* fixed */
+        { 0, 0, 0, 0, 0, 0 },   /* uid */
+        { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* key */
+        { 0, 0, 0, 0, 0, 0 },   /* accCode */
+        0,                      /* fixedSize */
+        EXTFLAG_ALLOW_UPDATE,   /* extFlags */
+        TKTFLAG_APPEND_CR,      /* tktFlags */
+        0,                      /* cfgFlags */
+        0,                      /* ctrOffs */
+        0                       /* crc */
+};
+
 static int hex_modhex_decode(unsigned char *result, size_t *resultlen,
 			     const char *str, size_t strl,
 			     size_t minsize, size_t maxsize,
@@ -216,6 +259,8 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg,
 	bool swap_seen = false;
 	bool update_seen = false;
 
+	ykp_configure_version(cfg, st);
+
 	struct config_st *ycfg = (struct config_st *) ykp_core_config(cfg);
 
 	while((c = getopt(argc, argv, optstring)) != -1) {
@@ -267,14 +312,6 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg,
 			break;
 		case '1':
 		case '2': {
-				int command = SLOT_CONFIG;
-				if (update_seen && c == '1') {
-					command = SLOT_UPDATE1;
-				} else if (update_seen && c == '2') {
-					command = SLOT_UPDATE2;
-				} else if (c == '2') {
-					command = SLOT_CONFIG2;
-				}
 				if (slot_chosen) {
 					fprintf(stderr, "You may only choose slot (-1 / -2) once.\n");
 					*exit_code = 1;
@@ -290,7 +327,22 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg,
 					*exit_code = 1;
 					return 0;
 				}
-				if (!ykp_configure_command(cfg, command, st))
+				int command;
+				if (update_seen) {
+					memcpy(ycfg, &default_update, sizeof(default_update));
+					if(c == '1') {
+						command = SLOT_UPDATE1;
+					} else if(c == '2') {
+						command = SLOT_UPDATE2;
+					}
+				} else if (c == '1') {
+					command = SLOT_CONFIG;
+					memcpy(ycfg, &default_config1, sizeof(default_config1));
+				} else if (c == '2') {
+					command = SLOT_CONFIG2;
+					memcpy(ycfg, &default_config2, sizeof(default_config2));
+				}
+				if (!ykp_configure_command(cfg, command))
 					return 0;
 				slot_chosen = true;
 				break;
@@ -311,7 +363,7 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg,
 				*exit_code = 1;
 				return 0;
 			}
-			if (!ykp_configure_command(cfg, SLOT_SWAP, st)) {
+			if (!ykp_configure_command(cfg, SLOT_SWAP)) {
 				return 0;
 			}
 			swap_seen = true;
@@ -531,6 +583,12 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg,
 		}
 	}
 
+	if (!slot_chosen) {
+		fprintf(stderr, "A slot must be chosen with -1 or -2.\n");
+		*exit_code = 1;
+		return 0;
+	}
+
 	if (update_seen) {
 		struct config_st *core_config = (struct config_st *) ykp_core_config(cfg);
 		if ((core_config->tktFlags & TKTFLAG_UPDATE_MASK) != core_config->tktFlags) {
diff --git a/ykpers.c b/ykpers.c
index 98291f5..3ec58c9 100644
--- a/ykpers.c
+++ b/ykpers.c
@@ -91,6 +91,16 @@ YKP_CONFIG *ykp_create_config(void)
 	return 0;
 }
 
+YKP_CONFIG *ykp_alloc(void)
+{
+	YKP_CONFIG *cfg = malloc(sizeof(YKP_CONFIG));
+	if(cfg) {
+		memset(cfg, 0, sizeof(YKP_CONFIG));
+		return cfg;
+	}
+	return 0;
+}
+
 int ykp_free_config(YKP_CONFIG *cfg)
 {
 	if (cfg) {
@@ -100,31 +110,25 @@ int ykp_free_config(YKP_CONFIG *cfg)
 	return 0;
 }
 
-int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command, YK_STATUS *st)
+void ykp_configure_version(YKP_CONFIG *cfg, YK_STATUS *st)
 {
 	cfg->yk_major_version = st->versionMajor;
 	cfg->yk_minor_version = st->versionMinor;
+}
 
+int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command)
+{
 	switch(command) {
 	case SLOT_CONFIG:
-		memcpy(&cfg->ykcore_config, &default_config1,
-			sizeof(default_config1));
 		break;
 	case SLOT_CONFIG2:
-		if (cfg->yk_major_version >= 2) {
-			memcpy(&cfg->ykcore_config, &default_config2,
-				sizeof(default_config2));
-		} else {
+		if (!cfg->yk_major_version >= 2) {
 			ykp_errno = YKP_EOLDYUBIKEY;
 			return 0;
 		}
 		break;
 	case SLOT_UPDATE1:
 	case SLOT_UPDATE2:
-		{
-			struct config_st *core_config = (struct config_st *) ykp_core_config(cfg);
-			core_config->extFlags |= EXTFLAG_ALLOW_UPDATE;
-		}
 	case SLOT_SWAP:
 		if (!((cfg->yk_major_version == 2 && cfg->yk_minor_version >= 3)
 			  || cfg->yk_major_version > 2)) {
@@ -142,11 +146,16 @@ int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command, YK_STATUS *st)
 
 int ykp_configure_for(YKP_CONFIG *cfg, int confnum, YK_STATUS *st)
 {
+	ykp_configure_version(cfg, st);
 	switch(confnum) {
 	case 1:
-		return ykp_configure_command(cfg, SLOT_CONFIG, st);
+		memcpy(&cfg->ykcore_config, &default_config1,
+				sizeof(default_config1));
+		return ykp_configure_command(cfg, SLOT_CONFIG);
 	case 2:
-		return ykp_configure_command(cfg, SLOT_CONFIG2, st);
+		memcpy(&cfg->ykcore_config, &default_config2,
+				sizeof(default_config2));
+		return ykp_configure_command(cfg, SLOT_CONFIG2);
 	default:
 		ykp_errno = YKP_EINVCONFNUM;
 		return 0;
diff --git a/ykpers.h b/ykpers.h
index fd84e59..56aa428 100644
--- a/ykpers.h
+++ b/ykpers.h
@@ -46,10 +46,17 @@ typedef struct ykp_config_t YKP_CONFIG;
 YKP_CONFIG *ykp_create_config(void);
 int ykp_free_config(YKP_CONFIG *cfg);
 
+/* allocate an empty YKP_CONFIG, use ykp_configure_version() to set
+   version information. */
+YKP_CONFIG *ykp_alloc(void);
+
+/* Set the version information in st in cfg. */
+void ykp_configure_version(YKP_CONFIG *cfg, YK_STATUS *st);
+
 /* This is used to tell what YubiKey version we're working with and what
    command we want to send to it. If this isn't used YubiKey 1 only will
    be assumed. */
-int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command, YK_STATUS *st);
+int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command);
 /* wrapper function for ykp_configure_command */
 int ykp_configure_for(YKP_CONFIG *cfg, int confnum, YK_STATUS *st);
 
diff --git a/ykpersonalize.c b/ykpersonalize.c
index de0ff78..2ba0a19 100644
--- a/ykpersonalize.c
+++ b/ykpersonalize.c
@@ -59,7 +59,7 @@ int main(int argc, char **argv)
 	bool use_access_code = false;
 	unsigned char access_code[256];
 	YK_KEY *yk = 0;
-	YKP_CONFIG *cfg = ykp_create_config();
+	YKP_CONFIG *cfg = ykp_alloc();
 	YK_STATUS *st = ykds_alloc();
 	bool autocommit = false;
 
@@ -118,9 +118,6 @@ int main(int argc, char **argv)
 		}
 	}
 
-	if (!ykp_configure_for(cfg, 1, st))
-		goto err;
-
 	/* Parse all arguments in a testable way */
 	if (! args_to_config(argc, argv, cfg,
 			     &infname, &outfname,