File: //proc/self/root/bin/pollinate
#!/bin/sh
#
# pollinate: an Entropy-as-a-Service client
#
#  Copyright (C) 2012-2016 Dustin Kirkland <dustin.kirkland@gmail.com>
#
#  This program is free software: you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation, version 3 of the License.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program.  If not, see <http://www.gnu.org/licenses/>.
set -e
set -f
PKG="pollinate"
TMPDIR=$(mktemp -d -t "${PKG}.XXXXXXXXXXXX")
trap "rm -rf ${TMPDIR} 2>/dev/null || true" EXIT HUP INT QUIT TERM
CACHEDIR="/var/cache/${PKG}"
FLAG="${CACHEDIR}/seeded"
LOG="${CACHEDIR}/log"
HOSTNAME=$(hostname)
STRICT=0
# Only recent logger version supports --id=[ID]
logger_ver=$(logger -V 2>&1 | awk '{print $4}')
dpkg --compare-versions $logger_ver ge 2.26.2 && LOGGER="logger --id=$$" || LOGGER="logger"
# Log to both syslog, and stderr, if we're on an interactive terminal
[ -t 0 ] && LOGGER="$LOGGER -s"
error() {
	$LOGGER -t ${PKG} "ERROR: $@"
	exit 1
}
warning() {
	if [ "$STRICT" = "1" ]; then
		$LOGGER -t ${PKG} "ERROR: $@"
		exit 1
	else
		$LOGGER -t ${PKG} "WARNING: $@"
		exit 0
	fi
}
log() {
	if [ "${QUIET}" = "1" ]; then
		# quiet mode, don't log to stderr
		if [ -w "$CACHEDIR" ]; then
			# log to file, if we can
			$LOGGER -t ${PKG} "$@" >>"${LOG}" 2>&1
		else
			# log to syslog, if its up
			$LOGGER -t ${PKG} "$@"
		fi
	else
		# log to both stderr and syslog
		$LOGGER -t ${PKG} "$@"
	fi
}
random_hash() {
	# Read and print urandom bytes
	head -c "${BYTES}" /dev/urandom | sha512sum | awk '{print $1}'
}
hash_and_write() {
	# Whiten input with a hash, and write to device
	local hex=$(cat "${TMPDIR}/out" "${TMPDIR}/err" | sha512sum | awk '{print $1}')
	if [ "${BINARY}" = "1" ]; then
		if [ "${DEVICE}" = "-" ]; then
			printf "${hex}" | xxd -r -p
		else
			printf "${hex}" | xxd -r -p > "${DEVICE}"
		fi
	else
		if [ "${DEVICE}" = "-" ]; then
			printf "%s" "${hex}"
		else
			printf "%s" "${hex}" > "${DEVICE}"
		fi
	fi
	log "client hashed response from [${1}]"
}
read_build_info() {
	# ubuntu images place build information in /etc/cloud/build.info
	# format of file is '<key>: <value>' put these under img/<key>/<value>
	local bifile="${1:-/etc/cloud/build.info}" ret=""
	_RET=""
	[ -s "$bifile" ] || return 0
	ret=$(awk '{
		gsub(/#.*/, ""); gsub(/\s+$/, "");
		if ($0 == "" || $0 !~ /:/) next;
		gsub(/:\s*/, "/");
		printf("img/%s ", $0) }' "$bifile") || return
	_RET="${ret% }"
}
read_addl_info() {
	# allow additinal info file to contain entries one per line.  lines must
	# have a '/' in them. remove trailing space and '#' as comment. example:
	#   key/value
	#   fookey/foovalue # written by foo
	local aifile="${1:-/etc/pollinate/add-user-agent}" ret=""
	_RET=""
	[ -s "$aifile" ] || return 0
	ret=$(awk '{
		gsub(/#.*/, ""); gsub(/\s+$/, "");
		if ($0 == "" || $0 !~ /\//) next;
		printf("%s ", $0); }' "$aifile") || return
	_RET=${ret% }
}
read_virt() {
	# return virt/<value> where value is the virtualization platform the
	# system is running on.
	local ret=""
	_RET=""
	if command -v systemd-detect-virt >/dev/null; then
		ret=$(systemd-detect-virt)
		# systemd-detect-virt returns 1 for 'none'
		[ $? -eq 0 -o "$ret" = "none" ] || ret=""
	else
		# trusty would take this path.
		if [ -d /dev/xen ]; then
			ret="xen"
		elif [ -d /dev/lxd ]; then
			# call this 'lxc' for consistency with systemd-detect-virt.
			ret="lxc"
		elif dmesg | grep --quiet " kvm-clock:"; then
			ret="kvm"
		fi
	fi
	[ -n "$ret" ] || return
	_RET="virt/$ret"
}
read_package_versions() {
	local pkgs="pollinate curl cloud-init" data="" p=""
	data=$(dpkg-query \
		-W --showformat='${Package}/${Version} ' $pkgs 2>/dev/null) || :
	# fill in 'package/' for any package not installed.
	for p in ${pkgs}; do
		[ "${data#*$p/}" = "$data" ] && data="${data} $p/"
	done
	if [ -n "$TESTING" ]; then
		p="pollinate"
		data="${data%%$p/*}$p${TESTING}/${data#*$p/}"
	fi
	set -- $data
	_RET="$*"
}
read_uname_info() {
	# taken from cloud-init ds-identify.
	# run uname, and parse output.
	# uname is tricky to parse as it outputs always in a given order
	# independent of option order. kernel-version is known to have spaces.
	# 1   -s kernel-name
	# 2   -n nodename
	# 3   -r kernel-release
	# 4.. -v kernel-version(whitespace)
	# N-2 -m machine
	# N-1 -o operating-system
	local out="" krel="" machine="" os=""
	out=$(uname -snrvmo) || { _RET=""; return; }
	set -- $out
	krel="$3"
	shift 3
	while [ $# -gt 2 ]; do
		shift
	done
	machine=$1
	os=$2
	_RET="$os/$krel/$machine"
	return 0
}
user_agent() {
	# Construct a user agent, with useful debug information
	# Very similar to Firefox and Chrome
	
	. /etc/lsb-release
	local pkg_info="" lsb="" platform="" cpu="" up="NA" idle="NA" uptime
	read_package_versions && pkg_info="$_RET"
	read_uname_info && platform="$_RET"
	lsb=$(echo "${DISTRIB_DESCRIPTION}" | sed -e "s/ /\//g")
	cpu="$(grep -m1 "^model name" /proc/cpuinfo | sed -e "s/.*: //" -e "s:\s\+:/:g")"
	{ read up idle < /proc/uptime ; } >/dev/null 2>&1 || :
	uptime="uptime/$up/$idle"
	local addl_data="" build_info="" virt=""
	read_build_info && build_info="${_RET}"
	read_addl_info && addl_data="${_RET}"
	read_virt && virt="${_RET}"
	USER_AGENT="${pkg_info} ${lsb} ${platform} ${cpu} ${uptime}${virt:+ ${virt}}${build_info:+ ${build_info}}${addl_data:+ ${addl_data}}"
}
exchange() {
	local server="${1}"
	local f1="${TMPDIR}/challenge"
	case "${server}" in
		"http://"*|"https://"*)
			# looks good
			true
		;;
		*)
			# otherwise, default to https://
			server="https://${server}"
		;;
	esac
	if [ "${NO_CHALLENGE}" != "1" ]; then
		# Create and enforce a challenge/response, to ensure personal communication
		local challenge=$(random_hash)
		local challenge_response=$(printf "${challenge}" | sha512sum | awk '{print $1}')
		printf "challenge=%s" "$challenge" > "${f1}"
		log "client sent challenge to [${1}]"
	else
		f1="/dev/null"
	fi
	local out="${TMPDIR}/out"
	local err="${TMPDIR}/err"
	user_agent
	if curl --connect-timeout "${WAIT}" --max-time "${WAIT}" -A "${USER_AGENT}" -o- -v --trace-time --data @${f1} ${CURL_OPTS} ${server} >"${out}" 2>"${err}"; then
		if [ "${NO_CHALLENGE}" != "1" ]; then
			if [ "${challenge_response}" = $(head -n1 "${out}") ]; then
				log "client verified challenge/response with [${server}]"
			else
				error "Server failed challenge/response [expected=${challenge_response}] != [got=$(head -n1 ${out})]"
			fi
		fi
		hash_and_write "${server}"
		log "client successfully seeded [${DEVICE}]"
	else
		case $? in
			124)
				warning "Network communication failed [$?], timeout after [${WAIT}s] $(cat ${out} ${err})"
			;;
			*)
				warning "Network communication failed [$?] $(cat ${out} ${err})"
			;;
		esac
	fi
}
# Source configuration
[ -r "/etc/default/${PKG}" ] && . "/etc/default/${PKG}"
while [ ! -z "$1" ]; do
	case "${1}" in
		-b|--binary)
			BINARY=1
			shift
		;;
		-c|--curl-opts)
			CURL_OPTS="${CURL_OPTS} $2"
			shift 2
		;;
		-d|--device)
			DEVICE="$2"
			shift 2
		;;
		-i|--insecure)
			CURL_OPTS="${CURL_OPTS} --insecure"
			shift 1
		;;
		-n|--no-challenge)
			NO_CHALLENGE=1
			shift 1
		;;
		-r|--reseed)
			RESEED=1
			shift 1
		;;
		-s|--server)
			SERVER="$2"
			shift 2
		;;
		-p|--pool)
			POOL="${POOL} $2"
			shift 2
		;;
		-q|--quiet)
			QUIET=1
			shift
		;;
		--strict)
			STRICT=1
			shift
		;;
		-t|--testing)
			TESTING="-testing"
			shift 1
		;;
		-w|--wait)
			WAIT="$2"
			shift 2
		;;
		--print-user-agent)
			user_agent || error "Failed to get user-agent."
			echo "${USER_AGENT}"
			exit
		;;
		*)
			error "Unknown options [$1]"
		;;
	esac
done
# Pollinate prefers to run as a privileged user unless --testing communications
if [ -z "${TESTING}" ]; then
	if [ ! -w "${CACHEDIR}" ]; then
		error "should execute as the [${PKG}] user"
	fi
	if [ -e "${FLAG}" ]; then
		timestamp=$(stat -c "%y" "${FLAG}")
		log "system was previously seeded at [${timestamp}]"
		if [ "${RESEED}" != "1" ]; then
			log "To re-seed this system again, use the -r|--reseed option"
			exit 0
		fi
	fi
else
	# Output device must be stdout if we're in testing mode
	DEVICE="-"
fi
[ -n "${DEVICE}" ] || DEVICE="/dev/urandom"
[ -n "${BYTES}" ] || BYTES=64
[ -n "${WAIT}" ] || WAIT="10"
if [ -n "${SERVER}" ]; then
	POOL="${SERVER}"
fi
if [ -z "${POOL}" ]; then
	error "No servers configured in pool"
fi
for i in ${POOL}; do
	exchange "${i}"
done
if [ -z "${TESTING}" ]; then
	touch "${FLAG}"
fi