#!/bin/sh
#
# pollinate: an Entropy-as-a-Service client
#
#  Copyright (C) 2012-2013 Dustin Kirkland <dustin.kirkland@gmail.com>
#
#  This program is free software: you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation, version 3 of the License.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program.  If not, see <http://www.gnu.org/licenses/>.

set -e

PKG="pollinate"
TMPDIR=$(mktemp -d -t "${PKG}.XXXXXXXXXXXX")
trap "rm -rf ${TMPDIR} 2>/dev/null || true" EXIT HUP INT QUIT TERM
CACHEDIR="/var/cache/${PKG}"
FLAG="${CACHEDIR}/seeded"
LOG="${CACHEDIR}/log"
HOSTNAME=$(hostname)
[ -r "/etc/default/${PKG}" ] && . "/etc/default/${PKG}"

error() {
	printf "$(date '+%b %e %T') ${HOSTNAME} " 1>&2
	logger -i -s -t ${PKG} "ERROR: $@"
	exit 1
}

log() {
	if [ "${QUIET}" = "1" ]; then
		# quiet mode, don't log to stderr
		if [ -w "$CACHEDIR" ]; then
			# log to file, if we can
			printf "$(date '+%b %e %T') ${HOSTNAME} " >> "${LOG}"
			logger -i -s -t ${PKG} "$@" 2>>"${LOG}"
		else
			# log to syslog, if its up
			logger -i -t ${PKG} "$@"
		fi
	else
		# log to both stderr and syslog
		printf "$(date '+%b %e %T') ${HOSTNAME} " 1>&2
		logger -i -s -t ${PKG} "$@"
	fi
}

random_hash() {
	# Read and print urandom bytes
	head -c "${BYTES}" /dev/urandom | sha512sum | awk '{print $1}'
}

hash_and_write() {
	# Whiten input with a hash, and write to device
	local result=
	local hex=$(cat "${TMPDIR}/out" "${TMPDIR}/err" | sha512sum | awk '{print $1}')
	if [ "${BINARY}" = "1" ]; then
		result=$(/usr/bin/printf $(printf "${hex}" | sed -e "s/\(..\)/\\\x\1/g"))
	else
		result="${hex}"
	fi
	if [ "${DEVICE}" = "-" ]; then
		printf "%s\n" "${result}"
	else
		printf "%s" "${result}" > "${DEVICE}"
	fi
	log "client hashed response from [${1}]"
}

user_agent() {
	# Construct a user agent, with useful debug information
	# Very similar to Firefox and Chrome
	local ver="$(apt-cache policy pollinate | grep 'Installed:' | awk '{print $2}')"
	local curl_ver="$(apt-cache policy curl | grep 'Installed:' | awk '{print $2}')"
	local lsb="$(lsb_release -is)/$(lsb_release -rs)"
	local platform="$(uname -o)/$(uname -r)/$(uname -m)"
	USER_AGENT="pollinate${TESTING}/${ver} curl/${curl_ver} ${lsb} ${platform}"
}

exchange() {
	local server="${1}"
	local f1="${TMPDIR}/challenge"
	case "${server}" in
		"http://"*|"https://"*)
			# looks good
			true
		;;
		*)
			# otherwise, default to https://
			server="https://${server}"
		;;
	esac
	if [ "${NO_CHALLENGE}" != "1" ]; then
		# Create and enforce a challenge/response, to ensure personal communication
		local challenge=$(random_hash)
		local challenge_response=$(printf "${challenge}" | sha512sum | awk '{print $1}')
		printf "challenge=%s" "$challenge" > "${f1}"
		log "client sent challenge to [${1}]"
	else
		f1="/dev/null"
	fi
	local out="${TMPDIR}/out"
	local err="${TMPDIR}/err"
	user_agent
	curl -A "${USER_AGENT}" -o- -v --trace-time --connect-timeout ${WAIT} --max-time ${WAIT} --data @${f1} ${CURL_OPTS} ${server} >"${out}" 2>"${err}" || error "Network communication failed [$?]\n$(cat ${out} ${err})"
	if [ "${NO_CHALLENGE}" != "1" ]; then
		[ "${challenge_response}" = $(head -n1 "${out}") ] || error "Server failed challenge/response [expected=${challenge_response}] != [got=$(head -n1 ${out})]"
		log "client verified challenge/response with [${server}]"
	fi
	hash_and_write "${server}"
	log "client successfully seeded [${DEVICE}]"
}

# Source configuration
[ -r "/etc/default/pollinate" ] && . "/etc/default/pollinate"
while [ ! -z "$1" ]; do
	case "${1}" in
		-b|--binary)
			BINARY=1
			shift
		;;
		-c|--curl-opts)
			CURL_OPTS="${CURL_OPTS} $2"
			shift 2
		;;
		-d|--device)
			DEVICE="$2"
			shift 2
		;;
		-i|--insecure)
			CURL_OPTS="${CURL_OPTS} --insecure"
			shift 1
		;;
		-n|--no-challenge)
			NO_CHALLENGE=1
			shift 1
		;;
		-r|--reseed)
			RESEED=1
			shift 1
		;;
		-s|--server)
			SERVER="$2"
			shift 2
		;;
		-p|--pool)
			POOL="${POOL} $2"
			shift 2
		;;
		-q|--quiet)
			QUIET=1
			shift
		;;
		-t|--testing)
			TESTING="-testing"
			shift 1
		;;
		-w|--wait)
			WAIT="$2"
			shift 2
		;;
		*)
			error "Unknown options [$1]"
		;;
	esac
done

# Pollinate prefers to run as a privileged user unless --testing communications
if [ -z "${TESTING}" ]; then
	if [ ! -w "${CACHEDIR}" ]; then
		error "should execute as the [${PKG}] user"
	fi
	if [ -e "${FLAG}" ]; then
		timestamp=$(stat -c "%y" "${FLAG}")
		log "system was previously seeded at [${timestamp}]"
		if [ "${RESEED}" != "1" ]; then
			log "To re-seed this system again, use the -r|--reseed option"
			exit 0
		fi
	fi
else
	# Output device must be stdout if we're in testing mode
	DEVICE="-"
fi
[ -n "${DEVICE}" ] || DEVICE="/dev/urandom"
[ -n "${BYTES}" ] || BYTES=64
[ -n "${WAIT}" ] || WAIT="3"
if [ -n "${SERVER}" ]; then
	POOL="${SERVER}"
fi
if [ -z "${POOL}" ]; then
	error "No servers configured in pool"
fi
for i in ${POOL}; do
	exchange "${i}"
done
if [ -z "${TESTING}" ]; then
	touch "${FLAG}"
fi
