X-Git-Url: http://git.ozlabs.org/?a=blobdiff_plain;f=discover%2Fdiscover-server.c;h=e29ce27270ab56841627ddd466afe502619b3928;hb=d61806e79788d996581311d2eb25bc043c37435a;hp=23d6113ec7ce5de5675feff0e761745d854c2442;hpb=336f4eb17fb50526ea9fda82262356581e1b9ae0;p=petitboot

diff --git a/discover/discover-server.c b/discover/discover-server.c
index 23d6113..e29ce27 100644
--- a/discover/discover-server.c
+++ b/discover/discover-server.c
@@ -298,7 +298,7 @@ static int discover_server_handle_auth_message(struct client *client,
 {
 	struct status *status;
 	char *hash;
-	int rc;
+	int rc = 0;
 
 	status = talloc_zero(client, struct status);
 
@@ -365,13 +365,29 @@ static int discover_server_handle_auth_message(struct client *client,
 					_("Password updated successfully"));
 		}
 		break;
+	case AUTH_MSG_DECRYPT:
+		if (!client->can_modify) {
+			pb_log("Unauthenticated client tried to open encrypted device %s\n",
+					auth_msg->decrypt_dev.device_id);
+			rc = -1;
+			status->type = STATUS_ERROR;
+			status->message = talloc_asprintf(status,
+					_("Must authenticate before opening encrypted device"));
+			break;
+		}
+
+		device_handler_open_encrypted_dev(client->server->device_handler,
+				auth_msg->decrypt_dev.password,
+				auth_msg->decrypt_dev.device_id);
+		break;
 	default:
 		pb_log("%s: unknown op\n", __func__);
 		rc = -1;
 		break;
 	}
 
-	write_boot_status_message(client->server, client, status);
+	if (status->message)
+		write_boot_status_message(client->server, client, status);
 	talloc_free(status);
 
 	return rc;
@@ -387,7 +403,7 @@ static int discover_server_process_message(void *arg)
 	struct client *client = arg;
 	struct config *config;
 	char *url;
-	int rc;
+	int rc = 0;
 
 	message = pb_protocol_read_message(client, client->fd);
 
@@ -444,7 +460,7 @@ static int discover_server_process_message(void *arg)
 				talloc_free(status);
 			}
 		}
-		return 0;
+		return rc;
 	}
 
 	switch (message->action) {
@@ -521,7 +537,7 @@ static int discover_server_process_message(void *arg)
 			break;
 		}
 
-		rc = discover_server_handle_auth_message(client, auth_msg);
+		discover_server_handle_auth_message(client, auth_msg);
 		talloc_free(auth_msg);
 		break;
 	default:
@@ -775,8 +791,11 @@ struct discover_server *discover_server_init(struct waitset *waitset)
 	/* Allow all clients to communicate on this socket */
 	group = getgrnam("petitgroup");
 	if (group) {
-		chown(PB_SOCKET_PATH, 0, group->gr_gid);
-		chmod(PB_SOCKET_PATH, 0660);
+		if (chown(PB_SOCKET_PATH, 0, group->gr_gid))
+			pb_log_fn("Error setting socket ownership: %m\n");
+		errno = 0;
+		if (chmod(PB_SOCKET_PATH, 0660))
+			pb_log_fn("Error setting socket permissions: %m\n");
 	}
 
 	if (listen(server->socket, 8)) {