#!/bin/sh
#
# pollinate: an Entropy-as-a-Service client
#
#  Copyright (C) 2012-2016 Dustin Kirkland <dustin.kirkland@gmail.com>
#
#  This program is free software: you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation, version 3 of the License.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program.  If not, see <http://www.gnu.org/licenses/>.

set -e

PKG="pollinate"
TMPDIR=$(mktemp -d -t "${PKG}.XXXXXXXXXXXX")
trap "rm -rf ${TMPDIR} 2>/dev/null || true" EXIT HUP INT QUIT TERM
CACHEDIR="/var/cache/${PKG}"
FLAG="${CACHEDIR}/seeded"
LOG="${CACHEDIR}/log"
HOSTNAME=$(hostname)
STRICT=0
[ -r "/etc/default/${PKG}" ] && . "/etc/default/${PKG}"

# Only recent logger version supports --id=[ID]
logger_ver=$(dpkg -l bsdutils | tail -n1 | awk '{print $3}')
dpkg --compare-versions $logger_ver ge 1:2.26.2 && LOGGER="logger --id=$$" || LOGGER="logger"
# Log to both syslog, and stderr, if we're on an interactive terminal
[ -t 0 ] && LOGGER="$LOGGER -s"

error() {
	$LOGGER -t ${PKG} "ERROR: $@"
	exit 1
}

warning() {
	if [ "$STRICT" = "1" ]; then
		$LOGGER -t ${PKG} "ERROR: $@"
		exit 1
	else
		$LOGGER -t ${PKG} "WARNING: $@"
		exit 0
	fi
}

log() {
	if [ "${QUIET}" = "1" ]; then
		# quiet mode, don't log to stderr
		if [ -w "$CACHEDIR" ]; then
			# log to file, if we can
			$LOGGER -t ${PKG} "$@" >>"${LOG}" 2>&1
		else
			# log to syslog, if its up
			$LOGGER -t ${PKG} "$@"
		fi
	else
		# log to both stderr and syslog
		$LOGGER -t ${PKG} "$@"
	fi
}

random_hash() {
	# Read and print urandom bytes
	head -c "${BYTES}" /dev/urandom | sha512sum | awk '{print $1}'
}

hash_and_write() {
	# Whiten input with a hash, and write to device
	local hex=$(cat "${TMPDIR}/out" "${TMPDIR}/err" | sha512sum | awk '{print $1}')
	if [ "${BINARY}" = "1" ]; then
		if [ "${DEVICE}" = "-" ]; then
			printf "${hex}" | xxd -r -p
		else
			printf "${hex}" | xxd -r -p > "${DEVICE}"
		fi
	else
		if [ "${DEVICE}" = "-" ]; then
			printf "%s" "${hex}"
		else
			printf "%s" "${hex}" > "${DEVICE}"
		fi
	fi
	log "client hashed response from [${1}]"
}

user_agent() {
	# Construct a user agent, with useful debug information
	# Very similar to Firefox and Chrome
	local pollinate_ver="$(dpkg -l pollinate | awk '$1 == "ii" { print($3); exit(0); }')"
	local curl_ver="$(dpkg -l curl | awk '$1 == "ii" { print($3); exit(0); }')"
	local cloud_init_ver="$(dpkg -l cloud-init 2>/dev/null | awk '$1 == "ii" { print($3); exit(0); }')"
	. /etc/lsb-release
	local lsb=$(echo "${DISTRIB_DESCRIPTION}" | sed -e "s/ /\//g")
	local platform="$(uname -o)/$(uname -r)/$(uname -m)"
	local cpu="$(grep -m1 "^model name" /proc/cpuinfo | sed -e "s/.*: //" -e "s:\s\+:/:g")"
	USER_AGENT="pollinate${TESTING}/${pollinate_ver} curl/${curl_ver} cloud-init/${cloud_init_ver} ${lsb} ${platform} ${cpu}"
}

exchange() {
	local server="${1}"
	local f1="${TMPDIR}/challenge"
	case "${server}" in
		"http://"*|"https://"*)
			# looks good
			true
		;;
		*)
			# otherwise, default to https://
			server="https://${server}"
		;;
	esac
	if [ "${NO_CHALLENGE}" != "1" ]; then
		# Create and enforce a challenge/response, to ensure personal communication
		local challenge=$(random_hash)
		local challenge_response=$(printf "${challenge}" | sha512sum | awk '{print $1}')
		printf "challenge=%s" "$challenge" > "${f1}"
		log "client sent challenge to [${1}]"
	else
		f1="/dev/null"
	fi
	local out="${TMPDIR}/out"
	local err="${TMPDIR}/err"
	user_agent
	if curl --connect-timeout "${WAIT}" --max-time "${WAIT}" -A "${USER_AGENT}" -o- -v --trace-time --data @${f1} ${CURL_OPTS} ${server} >"${out}" 2>"${err}"; then
		if [ "${NO_CHALLENGE}" != "1" ]; then
			if [ "${challenge_response}" = $(head -n1 "${out}") ]; then
				log "client verified challenge/response with [${server}]"
			else
				error "Server failed challenge/response [expected=${challenge_response}] != [got=$(head -n1 ${out})]"
			fi
		fi
		hash_and_write "${server}"
		log "client successfully seeded [${DEVICE}]"
	else
		case $? in
			124)
				warning "Network communication failed [$?], timeout after [${WAIT}s] $(cat ${out} ${err})"
			;;
			*)
				warning "Network communication failed [$?] $(cat ${out} ${err})"
			;;
		esac
	fi
}

# Source configuration
[ -r "/etc/default/pollinate" ] && . "/etc/default/pollinate"
while [ ! -z "$1" ]; do
	case "${1}" in
		-b|--binary)
			BINARY=1
			shift
		;;
		-c|--curl-opts)
			CURL_OPTS="${CURL_OPTS} $2"
			shift 2
		;;
		-d|--device)
			DEVICE="$2"
			shift 2
		;;
		-i|--insecure)
			CURL_OPTS="${CURL_OPTS} --insecure"
			shift 1
		;;
		-n|--no-challenge)
			NO_CHALLENGE=1
			shift 1
		;;
		-r|--reseed)
			RESEED=1
			shift 1
		;;
		-s|--server)
			SERVER="$2"
			shift 2
		;;
		-p|--pool)
			POOL="${POOL} $2"
			shift 2
		;;
		-q|--quiet)
			QUIET=1
			shift
		;;
		--strict)
			STRICT=1
			shift
		;;
		-t|--testing)
			TESTING="-testing"
			shift 1
		;;
		-w|--wait)
			WAIT="$2"
			shift 2
		;;
		*)
			error "Unknown options [$1]"
		;;
	esac
done

# Pollinate prefers to run as a privileged user unless --testing communications
if [ -z "${TESTING}" ]; then
	if [ ! -w "${CACHEDIR}" ]; then
		error "should execute as the [${PKG}] user"
	fi
	if [ -e "${FLAG}" ]; then
		timestamp=$(stat -c "%y" "${FLAG}")
		log "system was previously seeded at [${timestamp}]"
		if [ "${RESEED}" != "1" ]; then
			log "To re-seed this system again, use the -r|--reseed option"
			exit 0
		fi
	fi
else
	# Output device must be stdout if we're in testing mode
	DEVICE="-"
fi
[ -n "${DEVICE}" ] || DEVICE="/dev/urandom"
[ -n "${BYTES}" ] || BYTES=64
[ -n "${WAIT}" ] || WAIT="10"
if [ -n "${SERVER}" ]; then
	POOL="${SERVER}"
fi
if [ -z "${POOL}" ]; then
	error "No servers configured in pool"
fi
for i in ${POOL}; do
	exchange "${i}"
done
if [ -z "${TESTING}" ]; then
	touch "${FLAG}"
fi
