2011-02-10 11:22:11 +00:00
#!/bin/zsh
2010-08-22 13:04:19 +00:00
#
2011-01-13 13:37:52 +00:00
# Tomb, the Crypto Undertaker
2010-08-22 13:04:19 +00:00
#
2011-01-13 13:37:52 +00:00
# a tool to easily operate file encryption of private and secret data
2010-08-22 13:04:19 +00:00
#
2013-03-29 11:51:43 +00:00
# {{{ Copyleft (C) 2007-2013 Denis Roio <jaromil@dyne.org>
2011-12-01 19:04:56 +00:00
2010-08-22 13:04:19 +00:00
#
# This source code is free software; you can redistribute it and/or
# modify it under the terms of the GNU Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This source code is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
# Please refer to the GNU Public License for more details.
#
# You should have received a copy of the GNU Public License along with
# this source code; if not, write to:
# Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
2011-12-01 19:04:56 +00:00
2011-12-01 17:53:12 +00:00
# }}}
# {{{ GLOBAL VARIABLES
2012-01-17 16:28:40 +00:00
VERSION=1.3
2013-03-29 11:51:43 +00:00
DATE="Apr/2013"
2011-03-31 17:42:05 +00:00
TOMBEXEC=$0
2011-12-01 20:43:20 +00:00
TOMBOPENEXEC="${TOMBEXEC}-open"
2011-08-02 00:10:31 +00:00
typeset -a OLDARGS
for arg in ${argv}; do OLDARGS+=($arg); done
2011-04-10 19:38:01 +00:00
STEGHIDE=1
2011-11-03 14:13:49 +00:00
MKTEMP=1
2011-05-24 10:04:18 +00:00
MOUNTOPTS="rw,noatime,nodev"
2010-08-22 13:04:19 +00:00
2011-07-14 13:47:20 +00:00
typeset -A global_opts
typeset -A opts
2012-07-09 18:53:14 +00:00
typeset -h username
2013-03-29 11:51:43 +00:00
2012-07-09 18:53:14 +00:00
typeset -h _uid
typeset -h _gid
2013-03-29 11:51:43 +00:00
typeset -h _tty
2011-07-14 13:47:20 +00:00
2011-11-25 08:00:47 +00:00
# Set a sensible PATH
PATH=/sbin:/bin:/usr/sbin:/usr/bin
[[ "$TOMBEXEC" =~ "^/usr/local" ]] && PATH="/usr/local/bin:/usr/local/sbin:$PATH"
2013-03-29 11:51:43 +00:00
2011-12-01 17:53:12 +00:00
# }}}
# {{{ HELPER FUNCTIONS
2011-12-01 19:27:05 +00:00
2013-03-29 11:51:43 +00:00
# {{{ OPTION PARSING
# {{{ - Check an option
option_is_set() {
#First argument, the option (something like "-s")
#Second (optional) argument: if it's "out", command will print it out 'set'/'unset'
# This is useful for if conditions
#Return 0 if is set, 1 otherwise
[[ -n ${(k)opts[$1]} ]];
r=$?
if [[ $2 == out ]]; then
if [[ $r == 0 ]]; then
echo 'set'
else
echo 'unset'
fi
fi
return $r;
}
# }}}
# {{{ - Get an option value
option_value() {
#First argument, the option (something like "-s")
<<< ${opts[$1]}
}
# }}}
# }}}
2011-12-01 17:53:12 +00:00
# {{{ - Standard output message routines
2011-12-01 19:04:56 +00:00
function _msg() {
local command="print -P"
2012-01-29 15:25:16 +00:00
local progname="$fg[magenta]${TOMBEXEC##*/}$reset_color"
local message="$fg_bold[normal]$fg_no_bold[normal]${2}$reset_color"
2011-12-01 19:04:56 +00:00
local -i returncode
case "$1" in
inline)
command+=" -n"; pchars=" > "; pcolor="yellow"
;;
message)
2012-01-29 15:25:16 +00:00
pchars=" . "; pcolor="white"; message="$fg_no_bold[$pcolor]${2}$reset_color"
2011-12-01 19:04:56 +00:00
;;
verbose)
2012-01-17 16:28:40 +00:00
pchars="[D]"; pcolor="blue"
2011-12-01 19:04:56 +00:00
;;
success)
2012-01-29 15:25:16 +00:00
pchars="(*)"; pcolor="green"; message="$fg_no_bold[$pcolor]${2}$reset_color"
2011-12-01 19:04:56 +00:00
;;
warning)
2012-01-29 15:25:16 +00:00
pchars="[W]"; pcolor="yellow"; message="$fg_no_bold[$pcolor]${2}$reset_color"
2011-12-01 19:04:56 +00:00
;;
failure)
2012-01-29 15:25:16 +00:00
pchars="[E]"; pcolor="red"; message="$fg_no_bold[$pcolor]${2}$reset_color"
2011-12-01 19:04:56 +00:00
returncode=1
;;
*)
pchars="[F]"; pcolor="red"
message="Developer oops! Usage: _msg MESSAGE_TYPE \"MESSAGE_CONTENT\""
returncode=127
;;
esac
2012-01-29 15:25:16 +00:00
${=command} "${progname} $fg_bold[$pcolor]$pchars$reset_color ${message}$color[reset_color]" >&2
2011-12-01 19:04:56 +00:00
return $returncode
}
function _message say()
{
local notice="message"
[[ "$1" = "-n" ]] && shift && notice="inline"
2012-01-17 12:05:38 +00:00
option_is_set -q || _msg "$notice" "$1"
2011-12-01 19:04:56 +00:00
return 0
}
alias act="_message -n"
function _verbose xxx()
{
2012-01-17 12:05:38 +00:00
option_is_set -D && _msg verbose "$1"
2011-12-01 19:04:56 +00:00
return 0
}
function _success yes()
{
2012-01-17 12:05:38 +00:00
option_is_set -q || _msg success "$1"
2011-12-01 19:04:56 +00:00
return 0
2011-05-26 10:24:17 +00:00
}
2011-12-01 19:04:56 +00:00
function _warning no()
{
2012-01-17 12:05:38 +00:00
option_is_set -q || _msg warning "$1"
2011-12-01 19:04:56 +00:00
return 1
}
function _failure die()
{
typeset -i exitcode=${2:-1}
2012-01-17 12:05:38 +00:00
option_is_set -q || _msg failure "$1"
2011-12-01 19:04:56 +00:00
exit $exitcode
}
2011-11-16 21:49:08 +00:00
progress() {
# $1 is "what is progressing"
# $2 is "percentage"
# $3 is (eventually blank) status
# Example: if creating a tomb, it could be sth like
# progress create 0 filling with random data
# progress create 40 generating key
# progress keygen 0 please move the mouse
# progress keygen 30 please move the mouse
# progress keygen 60 please move the mouse
# progress keygen 100 key generated
# progress create 80 please enter password
# progress create 90 formatting the tomb
# progress create 100 tomb created successfully
2012-01-17 18:01:20 +00:00
if ! option_is_set --batch; then
2011-11-16 21:49:08 +00:00
return
fi
print "[m][P][$1][$2][$3]" >&2
}
2011-12-01 19:04:56 +00:00
2011-12-01 17:53:12 +00:00
# }}}
# {{{ - CHECK BINARY DEPENDENCIES
2011-12-01 19:27:05 +00:00
2011-04-10 19:38:01 +00:00
check_bin() {
2011-12-01 19:27:05 +00:00
# check for required programs
2012-05-11 19:19:51 +00:00
for req in pinentry sudo gpg; do
2011-12-01 19:27:05 +00:00
which $req >/dev/null || die "Cannot find $req. Please install it." 1
done
2012-05-11 19:19:51 +00:00
export PATH=/sbin:/usr/sbin:$PATH
which cryptsetup > /dev/null && CRYPTSETUP=cryptsetup || die "Cryptsetup not found in $PATH." 1
2011-04-10 19:38:01 +00:00
# which dd command to use
2011-12-01 19:27:05 +00:00
which dcfldd > /dev/null && DD=dcfldd || DD=dd
2011-04-10 19:38:01 +00:00
# which wipe command to use
2011-12-01 19:27:05 +00:00
which wipe > /dev/null && WIPE="wipe -f -s" || WIPE="rm -f"
2011-04-10 19:38:01 +00:00
# check for filesystem creation progs
2011-12-01 19:27:05 +00:00
which mkfs.ext4 > /dev/null && \
MKFS="mkfs.ext4 -q -F -j -L" || \
MKFS="mkfs.ext3 -q -F -j -L"
2011-04-10 19:38:01 +00:00
2011-12-01 19:27:05 +00:00
# check for mktemp
which mktemp > /dev/null || MKTEMP=0
2011-04-10 19:38:01 +00:00
# check for steghide
2011-12-01 19:27:05 +00:00
which steghide > /dev/null || STEGHIDE=0
2012-01-07 23:23:49 +00:00
# resize suite check bin!
which e2fsck > /dev/null || die "Cannot find e2fsck. Please install it." 1
which resize2fs > /dev/null || die "Cannot find resize2fs. Please install it." 1
2012-08-04 16:34:10 +00:00
if which tomb-kdf-pbkdf2 &> /dev/null; then
KDF_PBKDF2="tomb-kdf-pbkdf2"
else
local our_pbkdf2
our_pbkdf2="$(dirname $(readlink -f $TOMBEXEC))/kdf/tomb-kdf-pbkdf2"
if which $our_pbkdf2 &> /dev/null; then
KDF_PBKDF2=$our_pbkdf2
2012-09-05 15:47:00 +00:00
else
KDF_PBKDF2=
2012-08-04 16:34:10 +00:00
fi
fi
2011-04-10 19:38:01 +00:00
}
2011-12-01 19:27:05 +00:00
2011-12-01 17:53:12 +00:00
# }}}
# {{{ - "SAFE" FUNCTIONS
# {{{ - Create a directory with caution
2011-12-01 19:41:04 +00:00
_have_shm() {
# Check availability of 1MB of SHM
xxx "_have_shm 0 We need only 1 MB of RAM"
[[ -k /dev/shm ]] || return 1
local -i SHM RAM
SHM=$(df -k -B 4K -a -t tmpfs /dev/shm | awk '/\/dev\/shm/ { print $4; }')
(( $? )) && return 1
xxx "_have_shm 1 SHM $SHM KB are available"
RAM=$(awk '/MemFree/ { print $2 }' /proc/meminfo)
xxx "_have_shm 2 RAM $RAM KB are free"
(( $RAM >= 1024 )) && return 0
xxx "_have_shm 3 RAM $RAM KB left only :("
# Now we have more RAM than affected to SHM, so we can expect some for our little needs.
# Does that work when SHM is disabled from kernel config?
return 1
}
2011-03-31 17:42:05 +00:00
safe_dir() {
2011-12-01 19:41:04 +00:00
# Try and create our temporary directory in RAM
# Note that there's no warranty the underlying FS won't swap
# every 5 seconds (e.g., ext3)
local -i tries
while (( $tries < 3 )) ; do
tries+=1
if _have_shm; then
xxx "safe_dir creating directory in RAM"
if (( $MKTEMP )); then
mktemp -d /dev/shm/$1.$$.XXXXXXX
else
dir="/dev/shm/$1.$$.$RANDOM$RANDOM"
mkdir -m 0700 -p "$dir"
print "$dir"
fi
return 0
else
_warning "WARNING: we cannot ensure we're running in RAM."
xxx "Wait a bit before retrying... (attempt $tries)"
sync && sleep 0.5
fi
done
_warning "WARNING: no RAM available for me to run safely."
return 1
2011-03-31 17:42:05 +00:00
}
2011-12-01 17:53:12 +00:00
# }}}
2011-12-01 19:41:04 +00:00
# {{{ - Provide a random filename in shared memory
safe_filename() {
_have_shm || die "No access to shared memory on this system, sorry."
(( $MKTEMP )) && \
mktemp -u /dev/shm/$1.$$.XXXXXXX || \
print "/dev/shm/$1.$$.$RANDOM$RANDOM"
2011-11-03 14:13:49 +00:00
}
2011-12-01 17:53:12 +00:00
# }}}
# {{{ - Check if swap is activated
2011-07-10 20:11:10 +00:00
check_swap() {
# Return 0 if NO swap is used, 1 if swap is used
2011-12-01 19:41:04 +00:00
# Return 2 if swap(s) is(are) used, but ALL encrypted
local swaps=$(awk '/partition/ { print $1 }' /proc/swaps 2>/dev/null)
[[ -z "$swaps" ]] && return 0 # No swap partition is active
2012-01-17 13:00:20 +00:00
no "An active swap partition is detected, this poses security risks."
no "You can deactivate all swap partitions using the command:"
no " swapoff -a"
2012-01-17 14:17:12 +00:00
no "But if you want to proceed like this, use the -f (force) flag."
2012-01-17 13:00:20 +00:00
die "Operation aborted."
2011-07-10 20:11:10 +00:00
}
2012-01-17 13:00:20 +00:00
2011-12-01 17:53:12 +00:00
# }}}
# {{{ - Ask user for a password
2011-02-14 09:24:31 +00:00
# we use pinentry now
# comes from gpg project and is much more secure
# it also conveniently uses the right toolkit
2010-08-22 13:04:19 +00:00
ask_password() {
2011-02-14 09:24:31 +00:00
# pinentry has no custom icon setting
# so we need to temporary modify the gtk theme
2011-02-24 23:10:09 +00:00
if [ -r /usr/local/share/themes/tomb/gtk-2.0-key/gtkrc ]; then
GTK2_RC=/usr/local/share/themes/tomb/gtk-2.0-key/gtkrc
elif [ -r /usr/share/themes/tomb/gtk-2.0-key/gtkrc ]; then
GTK2_RC=/usr/share/themes/tomb/gtk-2.0-key/gtkrc
2011-02-14 23:19:45 +00:00
fi
2011-02-20 13:59:30 +00:00
2011-11-03 14:13:49 +00:00
title="Insert tomb password"
if [ $2 ]; then title="$2"; fi
2012-09-05 15:47:00 +00:00
output=`cat <<EOF | GTK2_RC_FILES=${GTK2_RC} pinentry 2>/dev/null | tail -n +7
2011-04-13 14:56:57 +00:00
OPTION ttyname=$TTY
OPTION lc-ctype=$LANG
2011-11-03 14:13:49 +00:00
SETTITLE $title
SETDESC $1
2011-02-14 09:24:31 +00:00
SETPROMPT Password:
GETPIN
2012-09-05 15:47:00 +00:00
EOF`
if [[ `tail -n1 <<<$output` =~ ERR ]]; then
return 1
fi
head -n1 <<<$output | awk '/^D / { sub(/^D /, ""); print }'
return 0
2011-01-19 11:38:19 +00:00
}
2011-12-01 17:53:12 +00:00
# }}}
# {{{ - Drop privileges
2011-01-12 10:38:03 +00:00
exec_as_user() {
2011-02-03 16:11:08 +00:00
if ! [ $SUDO_USER ]; then
exec $@[@]
return $?
fi
2011-04-28 10:14:37 +00:00
2011-12-01 19:04:56 +00:00
xxx "exec_as_user '$SUDO_USER': ${(f)@}"
2011-03-31 17:42:05 +00:00
sudo -u $SUDO_USER "${@[@]}"
return $?
2011-02-03 16:11:08 +00:00
}
2011-12-01 17:53:12 +00:00
# }}}
# {{{ - Escalate privileges
2011-02-03 16:11:08 +00:00
check_priv() {
2012-07-09 18:53:14 +00:00
# save original user
username=$USER
2011-04-10 19:38:01 +00:00
if [ $UID != 0 ]; then
2011-12-01 19:04:56 +00:00
xxx "Using sudo for root execution of 'tomb ${(f)OLDARGS}'"
2011-04-28 10:14:37 +00:00
# check if sudo has a timestamp active
2011-02-20 13:59:30 +00:00
sudok=false
2012-09-05 15:47:00 +00:00
# sudo -n ${TOMBEXEC} &> /dev/null
2013-03-29 11:51:43 +00:00
if ! option_is_set --sudo-pwd; then
if [ $? != 0 ]; then # if not then ask a password
cat <<EOF | pinentry 2>/dev/null | awk '/^D / { sub(/^D /, ""); print }' | sudo -S -v
2011-04-13 14:56:57 +00:00
OPTION ttyname=$TTY
OPTION lc-ctype=$LANG
2011-02-14 09:24:31 +00:00
SETTITLE Super user privileges required
2011-07-14 13:47:20 +00:00
SETDESC Sudo execution of Tomb ${OLDARGS[@]}
2011-02-13 11:29:07 +00:00
SETPROMPT Insert your USER password:
2011-02-14 09:24:31 +00:00
GETPIN
EOF
2013-03-29 11:51:43 +00:00
fi
else
_verbose "Escalating privileges using sudo-pwd"
sudo -S -v <<<`option_value --sudo-pwd`
fi
sudo "${TOMBEXEC}" -U ${UID} -G ${GID} -T ${TTY} "${(@)OLDARGS}"
2011-02-20 13:59:30 +00:00
exit $?
2011-02-14 09:24:31 +00:00
fi # are we root already
2011-02-03 19:42:46 +00:00
return 0
2011-01-12 10:38:03 +00:00
}
2011-12-01 17:53:12 +00:00
# }}}
2011-10-31 23:36:14 +00:00
check_command() {
#generic checks; useful for interaction, to check if there are problems
#before wasting user's time
2012-09-02 13:13:30 +00:00
if ! option_is_set --ignore-swap && ! option_is_set -f; then
2013-03-22 21:31:29 +00:00
if ! check_swap; then
error "Swap activated. Disable it with swapoff, or use --ignore-swap"
exit 1
2011-10-31 23:36:14 +00:00
fi
fi
}
2011-03-31 17:42:05 +00:00
usage() {
2011-12-01 17:53:12 +00:00
cat <<EOF
2011-02-20 13:59:30 +00:00
Syntax: tomb [options] command [file] [place]
Commands:
2013-03-22 21:31:29 +00:00
dig create a new empty TOMB file of --size in MB
forge create a new KEY file and set its password
lock installs a lock on a TOMB to use it with KEY
open open an existing TOMB
2013-03-30 16:29:51 +00:00
index update the search indexes of tombs
search looks for filenames matching text patterns
2013-03-22 21:31:29 +00:00
list list open TOMBs
close close a TOMB (or all)
slam slam a TOMB killing all programs using it
passwd change the password of a KEY
resize resize a TOMB to a new --size (can only grow)
2011-05-09 09:00:47 +00:00
EOF
2011-12-01 17:53:12 +00:00
if [ "$STEGHIDE" = 1 ]; then
cat <<EOF
2013-03-22 21:31:29 +00:00
bury hide a KEY inside a JPEG image
exhume extract a KEY from a JPEG image
2011-05-09 09:00:47 +00:00
EOF
2011-12-01 17:53:12 +00:00
fi
cat <<EOF
2011-02-20 13:59:30 +00:00
Options:
2012-01-07 23:23:49 +00:00
-s size of the tomb file when creating/resizing one (in MB)
2011-02-20 13:59:30 +00:00
-k path to the key to use for opening a tomb
-n don't process the hooks found in tomb
2011-05-24 10:04:18 +00:00
-o mount options used to open (default: rw,noatime,nodev)
2012-01-17 13:00:20 +00:00
-f force operation (i.e. even if swap is active)
2011-02-20 13:59:30 +00:00
-h print this help
2012-01-17 16:28:40 +00:00
-v print version, license and list of available ciphers
2011-02-20 13:59:30 +00:00
-q run quietly without printing informations
-D print debugging information at runtime
For more informations on Tomb read the manual: man tomb
2012-02-07 20:05:09 +00:00
Please report bugs on <http://github.com/dyne/tomb/issues>.
2011-02-20 13:59:30 +00:00
EOF
2011-03-31 17:42:05 +00:00
}
2011-12-01 17:53:12 +00:00
# }}}
# {{{ - I18N FUNCTIONS
2011-05-09 11:26:36 +00:00
generate_translatable_strings() {
cat <<EOF
# Tomb - The Crypto Undertaker.
2013-03-29 11:51:43 +00:00
# Copyright (C) 2007-2013 Dyne.org Foundation
# Denis Roio <jaromil@dyne.org>, 2013.
2011-05-09 11:26:36 +00:00
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: Tomb $VERSION\n"
"PO-Revision-Date: `date`\n"
"Last-Translator: Denis Roio <jaromil@dyne.org>\n"
"Language-Team: Tomb developers <crypto@lists.dyne.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=CHARSET\n"
"Content-Transfer-Encoding: 8bit\n"
#
#: commandline help
#
msgid ""
EOF
usage | awk '
{ print "\"" $0 "\"" }'
2011-12-01 17:53:12 +00:00
cat <<EOF
2011-05-09 11:26:36 +00:00
msgstr ""
#
# tomb internal messages
#
EOF
cat $TOMBEXEC | awk '
2011-12-01 19:04:56 +00:00
/(_verbose|xxx) ".*"$/ { sub( /^(_verbose|xxx)/ , "");
print "#: _verbose"; print "msgid " $0; print "msgstr \"\"\n" }
2011-05-09 11:26:36 +00:00
2011-12-01 19:04:56 +00:00
/(_success|yes) ".*"$/ { sub( /^(_success|yes)/ , "");
print "#: _success"; print "msgid " $0; print "msgstr \"\"\n" }
/(_warning|no) ".*"$/ { sub( /^(_warning|no)/ , "");
print "#: _warning"; print "msgid " $0; print "msgstr \"\"\n" }
/(_failure|die) ".*"$/ { sub( /^(_failure|die)/ , "");
print "#: _failure"; print "msgid " $0; print "msgstr \"\"\n" }
/(_message|say) ".*"$/ { sub( /^(_message|say)/ , "");
print "#: _message"; print "msgid " $0; print "msgstr \"\"\n" }
/(_message -n|act) ".*"$/ { sub( /^(_message -n|act)/ , "");
print "#: _message -n"; print "msgid " $0; print "msgstr \"\"\n" }
2011-05-09 11:26:36 +00:00
'
}
2011-12-01 17:53:12 +00:00
# }}}
# {{{ - HELPERS FOR KEYS
# {{{ - Encode Key
encode_key() {
2012-01-17 15:49:03 +00:00
tombkey=$1
imagefile=$2
2011-12-01 17:53:12 +00:00
file $tombkey | grep PGP > /dev/null
if [ $? != 0 ]; then
2011-12-01 19:04:56 +00:00
_warning "encode failed: $tombkey is not a tomb key"
2011-12-01 17:53:12 +00:00
return 1
fi
file $imagefile | grep JPEG > /dev/null
if [ $? != 0 ]; then
2011-12-01 19:04:56 +00:00
_warning "encode failed: $imagefile is not a jpeg image"
2011-12-01 17:53:12 +00:00
return 1
fi
2011-12-01 19:04:56 +00:00
_success "Encoding key $tombkey inside image $imagefile"
_message "please choose a password for the encoding"
2011-12-01 17:53:12 +00:00
# here user is prompted for key password
for c in 1 2 3; do
# 3 tries to write two times a matching password
tombpass=`exec_as_user ${TOMBEXEC} askpass "Steg password for ${tombkey}"`
tombpasstmp=$tombpass
tombpass=`exec_as_user ${TOMBEXEC} askpass "Steg password for ${tombkey} (again)"`
if [ "$tombpasstmp" = "$tombpass" ]; then
break;
fi
unset tombpasstmp
unset tombpass
done
if [ -z $tombpass ]; then
2011-12-01 19:04:56 +00:00
_warning "passwords don't match, aborting operation."
2011-12-01 17:53:12 +00:00
return 1
fi
awk '
/^-----/ {next}
/^Version/ {next}
{print $0}' ${tombkey} \
| steghide embed --embedfile - --coverfile ${imagefile} \
-p ${tombpass} -z 9 -e serpent cbc
if [ $? != 0 ]; then
2011-12-01 19:04:56 +00:00
_warning "encoding error: steghide reports problems"
2011-12-01 17:53:12 +00:00
res=1
else
2011-12-01 19:04:56 +00:00
_success "tomb key encoded succesfully into image ${imagefile}"
2011-12-01 17:53:12 +00:00
res=0
fi
unset tombpass
return $res
}
# }}}
# {{{ - Decode Key
decode_key() {
2012-01-17 15:49:03 +00:00
tombname=$1
imagefile=$2
2011-12-01 17:53:12 +00:00
res=1
2011-05-09 11:26:36 +00:00
2011-12-01 17:53:12 +00:00
file $imagefile | grep JPEG > /dev/null
if [ $? != 0 ]; then
2011-12-01 19:04:56 +00:00
_warning "encode failed: $imagefile is not a jpeg image"
2011-12-01 17:53:12 +00:00
return 1
fi
keyfile=${tombname%%\.*}.tomb.key
if [[ -e "$keyfile" ]]; then
2011-12-01 19:04:56 +00:00
_warning "Key file $keyfile already exist."
2011-12-01 17:53:12 +00:00
return 1
fi
2011-12-01 19:04:56 +00:00
_message "Trying to exhume a key out of image $imagefile"
2011-12-01 17:53:12 +00:00
for c in 1 2 3; do
if [ $c = 1 ]; then
tombpass=`exec_as_user ${TOMBEXEC} askpass "Steg password for ${keyfile}"`
else
tombpass=`exec_as_user ${TOMBEXEC} askpass "Steg password for $keyfile (retry $c)"`
fi
steghide extract -sf ${imagefile} -p ${tombpass} -xf - \
| awk '
BEGIN {
print "-----BEGIN PGP MESSAGE-----"
}
{ print $0 }
END {
print "-----END PGP MESSAGE-----"
}' > ${keyfile}
if [ "`cat ${keyfile} | wc -l`" != "3" ]; then
2011-12-01 19:04:56 +00:00
_success "${keyfile} succesfully decoded"
2011-12-01 17:53:12 +00:00
res=0
break;
fi
done
unset tombpass
if [ $res != 0 ]; then
2011-12-01 19:04:56 +00:00
_warning "nothing found."
2011-12-01 17:53:12 +00:00
fi
return $res
}
2012-01-17 16:28:40 +00:00
list_gnupg_ciphers() {
# prints an array of ciphers available in gnupg (to encrypt keys)
# prints an error if GnuPG is not found
2012-02-07 20:05:09 +00:00
which gpg > /dev/null || die "gpg (GnuPG) is not found, Tomb cannot function without it."
2012-01-17 16:28:40 +00:00
ciphers=(`gpg --version | awk '
BEGIN { ciphers=0 }
/^Cipher:/ { gsub(/,/,""); sub(/^Cipher:/,""); print; ciphers=1; next }
/^Hash:/ { ciphers=0 }
{ if(ciphers==0) { next } else { gsub(/,/,""); print; } }
'`)
echo " ${ciphers}"
return 1
}
2011-12-01 17:53:12 +00:00
# }}}
# }}}
# {{{ - HOOK HELPERS
# {{{ - Execute Bind Hooks
2011-12-01 19:41:04 +00:00
2011-12-01 17:53:12 +00:00
exec_safe_bind_hooks() {
if [[ -n ${(k)opts[-o]} ]]; then
MOUNTOPTS=${opts[-o]}
fi
local MOUNTPOINT="${1}"
local ME=${SUDO_USER:-$(whoami)}
local HOME=$(awk -v a="$ME" -F ':' '{if ($1 == a) print $6}' /etc/passwd 2>/dev/null)
if [ $? -ne 0 ]; then
2011-12-01 19:04:56 +00:00
_warning "how pitiful! A tomb, and no HOME"
2011-12-01 17:53:12 +00:00
return 1
fi
if [ -z "$MOUNTPOINT" -o ! -d "$MOUNTPOINT" ]; then
2011-12-01 19:04:56 +00:00
_warning "cannot exec bind hooks without a mounted tomb."
2011-12-01 17:53:12 +00:00
return 1
fi
if ! [ -r "$MOUNTPOINT/bind-hooks" ]; then
2011-12-01 19:04:56 +00:00
xxx "bind-hooks not found in $MOUNTPOINT"
2011-12-01 17:53:12 +00:00
return 1
fi
typeset -al mounted
typeset -Al maps
maps=($(<"$MOUNTPOINT/bind-hooks"))
for dir in ${(k)maps}; do
if [ "${dir[1]}" = "/" -o "${dir[1,2]}" = ".." ]; then
2011-12-01 19:04:56 +00:00
_warning "bind-hooks map format: local/to/tomb local/to/\$HOME"
2011-12-01 17:53:12 +00:00
continue
fi
if [ "${${maps[$dir]}[1]}" = "/" -o "${${maps[$dir]}[1,2]}" = ".." ]; then
2011-12-01 19:04:56 +00:00
_warning "bind-hooks map format: local/to/tomb local/to/\$HOME. Rolling back"
2011-12-01 17:53:12 +00:00
for dir in ${mounted}; do umount $dir; done
return 1
fi
if [ ! -r "$HOME/${maps[$dir]}" ]; then
2011-12-01 19:04:56 +00:00
_warning "bind-hook target not existent, skipping $HOME/${maps[$dir]}"
2011-12-01 17:53:12 +00:00
elif [ ! -r "$MOUNTPOINT/$dir" ]; then
2011-12-01 19:04:56 +00:00
_warning "bind-hook source not found in tomb, skipping ${MOUNTPOINT}/${dir}"
2011-12-01 17:53:12 +00:00
else
mount -o bind,$MOUNTOPTS $MOUNTPOINT/$dir $HOME/${maps[$dir]}
mounted+=("$HOME/${maps[$dir]}")
fi
done
}
2011-12-01 19:41:04 +00:00
2011-12-01 17:53:12 +00:00
# }}}
# {{{ - POST-MOUNT HOOKS
exec_safe_post_hooks() {
local mnt=$1 # first argument is where the tomb is mounted
local ME=${SUDO_USER:-$(whoami)}
if ! [ -x ${mnt}/post-hooks ]; then return; fi
# if 'post-hooks' is found inside the tomb, check it: if it is an
# executable, launch it as a user this might need a dialog for
# security on what is being run, however we expect you know well
# what is inside your tomb. this feature opens the possibility to
# make encrypted executables.
cat ${mnt}/post-hooks | head -n1 | grep '^#!/'
if [ $? = 0 ]; then
2011-12-01 19:04:56 +00:00
_success "post hooks found, executing as user $SUDO_USER"
2011-12-01 17:53:12 +00:00
exec_as_user ${mnt}/post-hooks $2
fi
}
# }}}
# }}}
2011-12-01 19:27:05 +00:00
2011-12-01 17:53:12 +00:00
# }}}
# {{{ TOMB SUB-COMMANDS
2011-12-01 19:04:56 +00:00
2013-03-22 20:13:59 +00:00
# This is a new way to create tombs which dissects the whole create_tomb() into 3 clear steps:
# - dig a .tomb (the large file) using /dev/random (takes some minutes at least)
# - forge a .key (the small file) using /dev/urandom (good entropy needed)
# - lock the .tomb file with the key, binding the key to the tomb (requires dm_crypt format)
forge_key() {
_message "Commanded to forge key $1"
if ! [ $1 ]; then
_warning "no key name specified for creation"
return 1
fi
# if swap is on, we remind the user about possible data leaks to disk
if ! option_is_set -f && ! option_is_set --ignore-swap; then check_swap; fi
# create the keyfile in tmpfs so that we leave less traces in RAM
keytmp=`safe_dir tomb`
(( $? )) && die "error creating temp dir"
xxx "safe_dir at $keytmp"
mount tmpfs "${keytmp}" -t tmpfs -o size=1m
if [ $? != 0 ]; then
_warning "cannot mount tmpfs filesystem in volatile memory"
rm -r "${keytmp}"
die "operation aborted."
fi
tombkey="$1"
_message "this operation takes time, keep using this computer on other tasks,"
_message "once done you will be asked to choose a password for your tomb."
_message "To make it faster you can move the mouse around."
_message "If you are on a server, you can use an Entropy Generation Daemon."
touch ${keytmp}/tomb.tmp
chmod 0600 ${keytmp}/tomb.tmp
random_source=/dev/random
if option_is_set --use-urandom; then
random_source=/dev/urandom
fi
if [[ $DD = "dcfldd" ]]; then
$DD bs=1 count=256 if=$random_source of=${keytmp}/tomb.tmp statusinterval=1
else
$DD bs=1 count=256 if=$random_source of=${keytmp}/tomb.tmp
fi
if ! [ -r ${keytmp}/tomb.tmp ]; then
_warning "cannot generate encryption key"
umount ${keytmp}
rm -r $keytmp
die "operation aborted."
fi
_success "Choose the password of your key: ${tombkey}"
_message "(you can also change it later using 'tomb passwd')"
touch ${tombkey}
chown ${_uid}:${_gid} ${tombkey}
chmod 0600 ${tombkey}
tombname="$tombkey"
# the gen_key() function takes care of the new key's encryption
gen_key ${keytmp}/tomb.tmp > ${tombkey}
# this does a check on the file header, virtuosism by hellekin
# [[ `file =(awk '/^-+BEGIN/,0' $1) -bi` =~ application/pgp ]]
if ! is_valid_key ${tombkey}; then
_warning "The key does not seem to be valid"
_warning "Dumping contents to screen:"
cat ${tombkey}
_warning "--"
umount ${keytmp}
rm -r $keytmp
die "operation aborted."
fi
${=WIPE} ${keytmp}/tomb.tmp # no need really, but anyway
umount ${keytmp}
rm -r ${keytmp}
chown ${_uid}:${_gid} ${tombkey}
_message "done forging $tombkey"
_success "Your key is ready:"
ls -lh ${tombkey}
}
# dig a tomb
dig_tomb() {
_message "Commanded to dig tomb $1"
# if swap is on, we remind the user about possible data leaks to disk
if ! option_is_set -f && ! option_is_set --ignore-swap; then check_swap; fi
if ! [ $1 ]; then
_warning "no tomb name specified for creation"
return 1
fi
tombfile=`basename $1`
tombdir=`dirname $1`
# make sure the file has a .tomb extension
tombname=${tombfile%%\.*}
tombfile=${tombname}.tomb
# require the specification of the size of the tomb (-s) in MB
tombsize="`option_value -s`"
[ $tombsize ] || die "Size argument missing, use --size"
[[ $tombsize != <-> ]] && die "Size argument is not an integer"
if [ -e ${tombdir}/${tombfile} ]; then
_warning "A tomb exists already. I'm not digging here:"
_warning " `ls -lh ${tombdir}/${tombfile}`"
return 1
fi
_success "Creating a new tomb in ${tombdir}/${tombfile}"
tombsize_4k=`expr $tombsize \* 1024 / 4`
_message "Generating ${tombfile} of ${tombsize}Mb (${tombsize_4k} blocks of 4Kb)"
# we will first touch the file and set permissions: this way, even if interrupted, permissions are right
touch ${tombdir}/${tombfile}
chmod 0600 "${tombdir}/${tombfile}"
2013-03-30 17:59:34 +00:00
chown $_uid:$_gid "${tombdir}/${tombfile}"
2013-03-22 20:13:59 +00:00
$DD if=/dev/urandom bs=4k count=${tombsize_4k} of=${tombdir}/${tombfile}
if [ $? = 0 -a -e ${tombdir}/${tombfile} ]; then
_message " `ls -lh ${tombdir}/${tombfile}`"
else
die "Error creating the tomb ${tombdir}/${tombfile}, operation aborted."
fi
_success "Done digging $tombname"
_message "your tomb is not yet ready, you need to forge a key and lock it:"
_message "tomb forge ${tombname}.tomb.key"
_message "tomb lock ${tombname}.tomb ${tombname}.tomb.key"
}
2013-03-22 21:22:55 +00:00
# this function locks a tomb with a key file
# in fact LUKS formatting the loopback volume
# it take arguments as the LUKS cipher to be used
lock_tomb_with_key() {
if ! [ $1 ]; then
_warning "no tomb specified for locking"
2013-03-29 11:51:43 +00:00
_warning "usage: tomb lock file.tomb file.tomb.key"
2013-03-22 21:22:55 +00:00
return 1
fi
tombfile=`basename $1`
2013-03-29 11:51:43 +00:00
_message "Commanded to lock tomb ${tombfile}"
2013-03-22 21:22:55 +00:00
tombdir=`dirname $1`
# make sure the file has a .tomb extension
tombname=${tombfile%%\.*}
tombfile=${tombname}.tomb
if ! [ -e ${tombdir}/${tombfile} ]; then
die "There is no tomb here. You have to it dig first."
return 1
fi
xxx "tomb found: ${tombdir}/${tombfile}"
nstloop=`losetup -f` # get the number for next loopback device
losetup -f ${tombdir}/${tombfile} # allocates the next loopback for our file
xxx "loop mounted on ${nstloop}"
_message "checking if the tomb is empty (we never step on somebody else's bones)"
cryptsetup isLuks ${nstloop}
if [ $? = 0 ]; then
# is it a LUKS encrypted nest? then bail out and avoid reformatting it
_warning "The tomb was already locked with another key"
losetup -d ${nstloop}
die "Operation aborted. I cannot lock an already locked tomb. Go dig a new one."
else
_message "fine, this tomb seems empty."
fi
# check if the key is set manually then use the one existing
if option_is_set -k ; then
if [[ "`option_value -k`" == "-" ]]; then
# take key from stdin
local tombkeydir
tombkeydir=`safe_dir`
cat > ${tombkeydir}/stdin.tmp
tombkey=${tombkeydir}/stdin.tmp
else
# take key from a file
tombkey=`option_value -k`
fi
else
# guess key as lying besides the tomb
tombkey=${tombdir}/${tombname}.tomb.key
fi
if [ -r "${tombkey}" ]; then
_message "We'll use this key to lock the tomb:"
_message " `ls -lh ${tombkey}`"
else
losetup -d ${nstloop}
die "No key found. Use the option -k to specify a key file."
fi
# this does a check on the file header, virtuosism by hellekin
# [[ `file =(awk '/^-+BEGIN/,0' $1) -bi` =~ application/pgp ]]
if ! is_valid_key ${tombkey}; then
_warning "The key seems invalid, the application/pgp header is missing"
losetup -d ${nstloop}
die "Operation aborted."
fi
# the encryption cipher for a tomb can be set at creation using -o
if option_is_set -o; then
cipher="`option_value -o`"
else
cipher="aes-cbc-essiv:sha256"
fi
_message "locking using cipher: $cipher"
keyname=`basename $tombkey | cut -d. -f1`
_message "a password is required to use key ${keyname}"
2013-03-22 22:39:25 +00:00
local passok=0
2013-03-22 21:22:55 +00:00
if option_is_set --tomb-pwd; then
tombpass=`option_value --tomb-pwd`
else
for c in 1 2 3; do
if [ $c = 1 ]; then
tombpass=`exec_as_user ${TOMBEXEC} askpass "Insert password to use key: $keyname"`
else
tombpass=`exec_as_user ${TOMBEXEC} askpass "Insert password to use key: $keyname (retry $c)"`
fi
if [[ $? != 0 ]]; then
losetup -d ${nstloop}
die "User aborted"
fi
2013-03-22 22:39:25 +00:00
get_lukskey "${tombpass}" ${tombkey} >/dev/null
if [ $? = 0 ]; then
passok=1; _message "Password OK."
2013-03-22 21:22:55 +00:00
break;
fi
done
fi
2013-03-22 22:39:25 +00:00
if [ "$passok" = "0" ]; then
2013-03-22 21:22:55 +00:00
_warning "Password incorrect"
losetup -d $nstloop
die "Operation aborted."
fi
_success "Locking ${tombfile} with ${tombkey}"
_message "formatting Luks mapped device"
get_lukskey "${tombpass}" ${tombkey} | \
cryptsetup --key-file - --batch-mode \
2013-03-30 17:44:05 +00:00
--cipher ${cipher} --key-size 256 --key-slot 0 \
2013-03-22 21:22:55 +00:00
luksFormat ${nstloop}
if ! [ $? = 0 ]; then
_warning "cryptsetup luksFormat returned an error"
unset tombpass
losetup -d $nstloop
die "Operation aborted."
fi
get_lukskey "${tombpass}" ${tombkey} | \
cryptsetup --key-file - \
--cipher ${cipher} luksOpen ${nstloop} tomb.tmp
if ! [ $? = 0 ]; then
_warning "cryptsetup luksOpen returned an error"
unset tombpass
losetup -d $nstloop
die "Operation aborted."
fi
unset tombpass
_message "formatting your Tomb with Ext3/Ext4 filesystem"
${=MKFS} ${tombname} /dev/mapper/tomb.tmp
if [ $? != 0 ]; then
_warning "Tomb format returned an error"
_warning "your tomb ${tombfile} may be corrupted."
fi
sync
cryptsetup luksClose tomb.tmp
losetup -d ${nstloop}
_message "done locking $tombname using Luks dm-crypt ${create_cipher}"
_success "Your tomb is ready in ${tombdir}/${tombfile} and secured with key ${tombkey}"
}
2013-03-30 17:59:34 +00:00
# backward compatibility
create_tomb() {
if ! [ $1 ]; then
_warning "no tomb name specified for creation"
return 1
fi
2013-03-22 20:13:59 +00:00
2013-03-30 17:59:34 +00:00
dig_tomb ${=PARAM}
{ test $? = 0 } || { die "Failed to dig tomb, operation aborted." }
tombfile=`basename $1`
tombdir=`dirname $1`
# make sure the file has a .tomb extension
tombname=${tombfile%%\.*}
tombfile=${tombname}.tomb
forge_key ${tombfile}.key
{ test $? = 0 } || { die "Failed to forge key, operation aborted." }
lock_tomb_with_key ${tombfile} -l ${tombfile}.key
{ test $? = 0 } || { die "Failed to lock tomb with key, operation aborted." }
yes "Tomb $tombname succesfully created"
ls -l ${tombfile}*
}
2012-09-05 15:47:00 +00:00
#internal use
#$1 is the keyfile we are checking
is_valid_key() {
[[ `file =(awk '/^-+BEGIN/,0' $1) -bi` =~ application/pgp ]]
return $?
}
#internal use
#$1 is the password, $2 is the keyfile
#will output the lukskey
get_lukskey() {
local tombpass=$1
keyfile=$2
firstline=`head -n1 $keyfile`
2013-03-22 22:39:25 +00:00
xxx "get_lukskey XXX $keyfile"
2012-09-05 15:47:00 +00:00
if [[ $firstline =~ '^_KDF_' ]]; then
_verbose "KDF: `cut -d_ -f 3 <<<$firstline`"
case `cut -d_ -f 3 <<<$firstline` in
pbkdf2sha1)
if [[ -z $KDF_PBKDF2 ]]; then
die "The tomb use kdf method 'pbkdf2', which is unsupported on your system"
fi
pbkdf2_param=`cut -d_ -f 4- <<<$firstline | tr '_' ' '`
tombpass=$(${KDF_PBKDF2} ${=pbkdf2_param} 2> /dev/null <<<$tombpass)
;;
*)
_failure "No suitable program for KDF `cut -f 3 <<<$firstline`"
unset tombpass
return 1
;;
esac
fi
2013-03-31 08:25:57 +00:00
print ${tombpass} | \
gpg --batch --passphrase-fd 0 --no-tty --no-options --status-fd 2 \
-d "${keyfile}" 2> /dev/null
2012-09-05 15:47:00 +00:00
ret=$?
2013-03-22 22:39:25 +00:00
xxx "gpg decryption returns $ret"
2012-09-05 15:47:00 +00:00
unset tombpass
return $ret
}
2013-03-22 20:13:59 +00:00
# internal use
# $1 the lukskey to encrypt
# honored options: --kdf --tomb-pwd
2012-09-05 15:47:00 +00:00
gen_key() {
local lukskey=$1
# here user is prompted for key password
local tombpass=""
local tombpasstmp=""
if ! option_is_set --tomb-pwd; then
while true; do
# 3 tries to write two times a matching password
tombpass=`exec_as_user ${TOMBEXEC} askpass "Secure key for ${tombname}"`
if [[ $? != 0 ]]; then
die "User aborted"
fi
if [ -z $tombpass ]; then
_warning "you set empty password, which is not possible"
continue
fi
tombpasstmp=$tombpass
tombpass=`exec_as_user ${TOMBEXEC} askpass "Secure key for ${tombname} (again)"`
if [[ $? != 0 ]]; then
die "User aborted"
fi
if [ "$tombpasstmp" = "$tombpass" ]; then
break;
fi
unset tombpasstmp
unset tombpass
done
else
tombpass=`option_value --tomb-pwd`
fi
2013-03-22 20:13:59 +00:00
# KDF is a new key strenghtening technique against brute forcing
# see: https://github.com/dyne/Tomb/issues/82
2012-09-05 15:47:00 +00:00
_verbose "KDF method chosen is: '`option_value --kdf`'"
kdf_method=$(cut -d: -f1 <<<`option_value --kdf` )
case $kdf_method in
pbkdf2)
if [[ -z $KDF_PBKDF2 ]]; then
die "The tomb use kdf method 'pbkdf2', which is unsupported on your system"
fi
2013-03-22 20:13:59 +00:00
# --kdf takes one parameter: iter time (on present machine) in seconds
2012-09-05 15:47:00 +00:00
seconds=$(cut -d: -f2 -s <<<`option_value --kdf`)
if [[ -z $seconds ]]; then
seconds=1
fi
local -i microseconds
microseconds=$((seconds*1000000))
_verbose "Microseconds: $microseconds"
pbkdf2_salt=`${KDF_PBKDF2}-gensalt`
pbkdf2_iter=`${KDF_PBKDF2}-getiter $microseconds`
2013-03-22 20:13:59 +00:00
# We use a length of 64bytes = 512bits (more than needed!?)
tombpass=`${KDF_PBKDF2} $pbkdf2_salt $pbkdf2_iter 64 <<<"${tombpass}"`
2012-09-05 15:47:00 +00:00
header="_KDF_pbkdf2sha1_${pbkdf2_salt}_${pbkdf2_iter}_64\n"
;;
""|null)
header=""
;;
*)
_warning "KDF method non recognized"
return 1
header=""
;;
esac
echo -n $header
gpg --openpgp --batch --no-options --no-tty --passphrase-fd 0 2>/dev/null \
-o - -c -a ${lukskey} <<< "${tombpass}"
2010-08-22 13:04:19 +00:00
2012-09-05 15:47:00 +00:00
unset tombpass
2010-08-22 13:04:19 +00:00
}
2011-12-01 19:04:56 +00:00
2011-12-01 17:53:12 +00:00
# }}}
# {{{ - Open
2011-12-01 19:04:56 +00:00
2012-01-17 15:49:03 +00:00
# $1 = tombfile $2(optional) = mountpoint
2010-08-22 14:44:35 +00:00
mount_tomb() {
2012-01-17 15:49:03 +00:00
_message "Commanded to open tomb $1"
2012-07-09 18:53:14 +00:00
2012-09-02 13:13:30 +00:00
if ! option_is_set -f && ! option_is_set --ignore-swap; then check_swap; fi
2012-01-17 13:00:20 +00:00
2012-01-17 15:49:03 +00:00
if ! [ ${1} ]; then
2011-12-01 19:04:56 +00:00
_warning "no tomb name specified for creation"
2011-07-10 20:11:10 +00:00
return 1
fi
2011-08-28 17:28:47 +00:00
2012-07-09 18:53:14 +00:00
2011-09-26 09:33:07 +00:00
# set up variables to be used
# the full path is made with $tombdir/$tombfile
2011-08-20 17:00:10 +00:00
2011-08-02 00:10:31 +00:00
local tombkey
2011-09-26 09:33:07 +00:00
local tombfile
local tombdir
local tombname
2012-01-17 15:49:03 +00:00
tombfile=`basename ${1}`
tombdir=`dirname ${1}`
2011-09-26 09:33:07 +00:00
# check file type (if its a Luks fs)
file ${tombdir}/${tombfile} | grep -i 'luks encrypted file' 2>&1 >/dev/null
if [ $? != 0 ]; then
2012-01-17 15:49:03 +00:00
_warning "$1 is not a valid tomb file, operation aborted"
2011-09-26 09:33:07 +00:00
return 1
fi
tombname=${tombfile%%\.*}
2011-12-01 19:04:56 +00:00
xxx "tomb found: ${tombdir}/${tombfile}"
2011-09-26 09:33:07 +00:00
2011-08-02 00:10:31 +00:00
if option_is_set -k ; then
2011-08-28 17:28:47 +00:00
if [[ "`option_value -k`" == "-" ]]; then
# take key from stdin
local tombkeydir
tombkeydir=`safe_dir`
cat > ${tombkeydir}/stdin.tmp
tombkey=${tombkeydir}/stdin.tmp
else
# take key from a file
tombkey=`option_value -k`
fi
2011-08-02 00:10:31 +00:00
else
2011-08-28 17:28:47 +00:00
# guess key as lying besides the tomb
2011-09-26 09:33:07 +00:00
tombkey=${tombdir}/${tombfile}.key
2011-08-02 00:10:31 +00:00
fi
2011-09-26 09:33:07 +00:00
if ! [ -r ${tombkey} ]; then
2011-12-01 19:04:56 +00:00
_warning "key file not found: ${tombkey}"
_warning "operation aborted."
2011-09-26 09:33:07 +00:00
return 1
2010-08-22 13:04:19 +00:00
fi
2012-01-17 15:49:03 +00:00
if ! [ $2 ]; then
2011-07-14 13:47:20 +00:00
tombmount=/media/${tombfile}
2011-12-01 19:04:56 +00:00
_message "mountpoint not specified, using default: $tombmount"
2012-01-17 15:49:03 +00:00
elif ! [ -x $2 ]; then
_warning "mountpoint $2 doesn't exist, operation aborted."
2011-07-14 13:47:20 +00:00
return 1
2011-02-03 19:42:46 +00:00
else
2012-01-17 15:49:03 +00:00
tombmount=$2
2011-02-03 19:42:46 +00:00
fi
2011-12-01 17:53:12 +00:00
2011-05-26 11:15:03 +00:00
# check if its already open
2011-09-26 09:33:07 +00:00
mount -l | grep "${tombfile}.*\[$tombname\]$" 2>&1 > /dev/null
2011-05-26 11:15:03 +00:00
if [ $? = 0 ]; then
2011-12-01 19:04:56 +00:00
_warning "$tombname is already open on $tombmount"
_message "here below its status is reported:"
2011-09-26 09:33:07 +00:00
list_tombs ${tombname}
return 1
2011-05-26 11:15:03 +00:00
fi
2011-12-01 17:53:12 +00:00
2012-01-17 16:28:40 +00:00
_success "Opening $tombfile on $tombmount"
2011-02-03 19:42:46 +00:00
# we need root from here on
2011-02-24 11:26:48 +00:00
mkdir -p $tombmount
2011-04-28 10:14:37 +00:00
2010-08-22 13:04:19 +00:00
nstloop=`losetup -f`
2011-03-31 17:42:05 +00:00
if [ $? = 255 ]; then
2011-12-01 19:04:56 +00:00
die "too many tomb opened. Please close any of them to open another tomb"
2011-03-31 17:42:05 +00:00
fi
2011-02-11 23:36:21 +00:00
losetup -f ${tombdir}/${tombfile}
2011-04-28 10:14:37 +00:00
2010-08-22 13:04:19 +00:00
cryptsetup isLuks ${nstloop}
2011-01-11 09:49:44 +00:00
if [ $? != 0 ]; then
2011-07-14 13:47:20 +00:00
# is it a LUKS encrypted nest? see cryptsetup(1)
2011-12-01 19:04:56 +00:00
_warning "$tombfile is not a valid Luks encrypted storage file"
2011-07-14 13:47:20 +00:00
$norm || rmdir $tombmount 2>/dev/null
return 1
2011-01-11 09:49:44 +00:00
fi
2013-03-30 17:44:05 +00:00
say "this tomb is a valid LUKS encrypted device"
2011-02-22 17:30:42 +00:00
2013-03-30 17:44:05 +00:00
luksdump="`cryptsetup luksDump ${nstloop}`"
tombdump=(`print $luksdump | awk '
2012-01-17 16:28:40 +00:00
/^Cipher name/ {print $3}
/^Cipher mode/ {print $3}
/^Hash spec/ {print $3}'`)
say "cipher is \"$tombdump[1]\" mode \"$tombdump[2]\" hash \"$tombdump[3]\""
2013-03-30 17:44:05 +00:00
slotwarn=`print $luksdump | awk '
BEGIN { zero=0 }
/^Key slot 0/ { zero=1 }
/^Key slot.*ENABLED/ { if(zero==1) print "WARN" }'`
{ test "$slotwarn" = "WARN" } && {
_warning "Multiple key slots are enabled on this tomb. Beware: there can be a backdoor." }
2012-01-17 16:28:40 +00:00
2011-01-11 09:49:44 +00:00
# save date of mount in minutes since 1970
2011-04-28 18:42:45 +00:00
mapdate=`date +%s`
2012-01-17 16:28:40 +00:00
2011-04-28 10:14:37 +00:00
2011-02-11 23:36:21 +00:00
mapper="tomb.${tombname}.${mapdate}.`basename $nstloop`"
2011-02-22 17:30:42 +00:00
keyname=`basename $tombkey | cut -d. -f1`
2012-01-17 16:28:40 +00:00
_warning "Password is required for key ${keyname}"
2011-01-11 09:49:44 +00:00
for c in 1 2 3; do
2012-08-30 23:50:53 +00:00
if ! option_is_set --tomb-pwd; then
2012-09-05 15:47:00 +00:00
tombpass=`exec_as_user ${TOMBEXEC} askpass "Open tomb ${keyname}"`
if [[ $? != 0 ]]; then
die "User aborted"
2012-08-30 23:50:53 +00:00
fi
2012-08-04 16:34:10 +00:00
else
2012-08-30 23:50:53 +00:00
tombpass=`option_value --tomb-pwd`
2012-08-04 16:34:10 +00:00
fi
2012-09-05 15:47:00 +00:00
get_lukskey "${tombpass}" ${tombkey} | \
cryptsetup --key-file - luksOpen ${nstloop} ${mapper}
local ret=$?
2012-08-04 16:34:10 +00:00
unset tombpass
2012-09-05 15:47:00 +00:00
if [[ $ret != 0 ]]; then
2012-09-08 12:00:32 +00:00
if [[ $c = 3 ]] || option_is_set --tomb-pwd; then
die "Wrong password: aborting"
fi
2012-09-05 15:47:00 +00:00
continue
fi
2011-04-28 10:14:37 +00:00
2012-08-04 16:34:10 +00:00
# if key was from stdin delete temp file and dir
if [ $tombkeydir ]; then
${=WIPE} ${tombkey}
rmdir $tombkeydir
fi
2011-08-28 17:28:47 +00:00
2012-08-04 16:34:10 +00:00
if [ -r /dev/mapper/${mapper} ]; then
break; # password was correct
fi
2011-01-11 09:49:44 +00:00
done
2011-04-28 10:14:37 +00:00
2011-01-11 09:49:44 +00:00
if ! [ -r /dev/mapper/${mapper} ]; then
2011-07-14 13:47:20 +00:00
losetup -d ${nstloop}
$norm || rmdir ${tombmount} 2>/dev/null
2012-01-17 16:28:40 +00:00
die "failure mounting the encrypted file"
2011-01-11 09:49:44 +00:00
fi
2011-04-28 10:14:37 +00:00
2012-01-17 16:28:40 +00:00
# array: [ cipher, keysize, loopdevice ]
tombstat=(`cryptsetup status ${mapper} | awk '
/cipher:/ {print $2}
/keysize:/ {print $2}
/device:/ {print $2}'`)
yes "Success unlocking tomb $tombname"
xxx "key size is $tombstat[2] for cipher $tombstat[1]"
_message "checking filesystem via $tombstat[3]"
2011-01-13 21:35:32 +00:00
fsck -p -C0 /dev/mapper/${mapper}
2011-12-01 19:04:56 +00:00
xxx "tomb engraved as $tombname"
2011-02-14 09:24:31 +00:00
tune2fs -L ${tombname} /dev/mapper/${mapper} > /dev/null
2011-02-11 23:36:21 +00:00
2011-05-24 10:04:18 +00:00
mount -o $MOUNTOPTS /dev/mapper/${mapper} ${tombmount}
2011-01-30 22:25:01 +00:00
2012-07-09 18:53:14 +00:00
chown ${_uid}:${_gid} ${tombmount}
2011-02-03 19:42:46 +00:00
chmod 0750 ${tombmount}
2011-04-28 10:14:37 +00:00
2013-03-29 11:51:43 +00:00
_success "Success opening $tombfile on $fg_bold[white]$tombmount$fg_no_bold[white]"
# print out when was opened the last time, by whom and where
{ test -r ${tombmount}/.last } && {
tombtty="`cat ${tombmount}/.tty`"
tombhost="`cat ${tombmount}/.host`"
tombuid="`cat ${tombmount}/.uid`"
tomblast="`cat ${tombmount}/.last`"
tombuser=`awk -F: '/:'"$tombuid"':/ {print $1}' /etc/passwd`
say "last visit by $fg_bold[white]$tombuser($tombuid)$fg_no_bold[white] from $fg_bold[white]$tombtty$fg_no_bold[white] on $fg_bold[white]$tombhost$fg_no_bold[white]"
say "on date $fg_bold[white]`date --date @${tomblast} +%c`$fg_no_bold[white]"
}
# write down the UID and TTY that opened the tomb
rm -f ${tombmount}/.uid
echo ${_uid} > ${tombmount}/.uid
rm -f ${tombmount}/.tty
echo ${_tty} > ${tombmount}/.tty
# also the hostname
rm -f ${tombmount}/.host
echo `hostname` > ${tombmount}/.host
# and the "last time opened" information
# in minutes since 1970, this is printed at next open
rm -f ${tombmount}/.last
echo "`date +%s`" > ${tombmount}/.last
# human readable: date --date=@"`cat .last`" +%c
# process bind-hooks (mount -o bind of directories)
# and post-hooks (execute on open)
2011-10-25 21:52:59 +00:00
if ! option_is_set -n ; then
2011-07-14 13:47:20 +00:00
exec_safe_bind_hooks ${tombmount}
exec_safe_post_hooks ${tombmount} open
2011-02-20 13:59:30 +00:00
fi
2011-02-03 19:42:46 +00:00
return 0
2010-08-22 13:04:19 +00:00
}
2011-12-01 19:04:56 +00:00
2011-12-01 17:53:12 +00:00
# }}}
# {{{ - Close
# {{{ - Slam the door
2011-12-01 17:50:07 +00:00
# Kill all processes using the tomb
2011-08-16 00:43:15 +00:00
slam_tomb() {
# $1 = tomb mount point
2012-02-01 23:31:44 +00:00
if [[ -z `fuser -m "$1" 2> /dev/null` ]]; then
return 0
fi
#Note: shells are NOT killed by INT or TERM, but they are killed by HUP
for s in TERM HUP KILL; do
xxx "Sending $s to processes inside the tomb:"
if option_is_set -D; then
ps -fp `fuser -m /media/a.tomb 2> /dev/null`|
while read line; do
xxx $line
done
fi
fuser -s -m "$1" -k -M -$s
if [[ -z `fuser -m "$1" 2> /dev/null` ]]; then
return 0
fi
if ! option_is_set -f; then
sleep 3
fi
2011-12-01 17:50:07 +00:00
done
2011-08-16 00:52:01 +00:00
return 1
2011-08-16 00:43:15 +00:00
}
2011-12-01 17:50:07 +00:00
# }}}
2011-12-01 17:53:12 +00:00
# {{{ - Unmount Tomb
2010-08-22 14:44:35 +00:00
umount_tomb() {
2011-04-10 19:38:01 +00:00
local tombs how_many_tombs
local pathmap mapper tombname tombmount loopdev
local ans pidk pname
2010-08-22 13:04:19 +00:00
2011-02-03 19:42:46 +00:00
if ! [ $1 ]; then
2011-12-01 17:53:12 +00:00
tombs=`find /dev/mapper -name 'tomb.*'`
how_many_tombs=`wc -w <<< "$tombs"`
if [[ "$how_many_tombs" == "0" ]]; then
2011-12-01 19:04:56 +00:00
_warning "There is no open tomb to be closed"
2011-12-01 17:53:12 +00:00
return 1
elif [[ "$how_many_tombs" == "1" ]]; then
#mapper=`find /dev/mapper -name 'tomb.*'`
2011-12-01 19:04:56 +00:00
xxx "closing mapper $tombs"
2011-12-01 17:53:12 +00:00
umount_tomb ${tombs}
return 1
else
2011-12-01 19:04:56 +00:00
_warning "Too many tombs mounted, please specify which to unmount:"
2011-12-01 17:53:12 +00:00
ls /dev/mapper/tomb.*
2011-12-01 19:04:56 +00:00
_warning "or issue the command 'tomb close all' to clos'em all."
2011-12-01 17:53:12 +00:00
return 1
fi
2011-02-03 16:11:08 +00:00
fi
2010-08-22 13:04:19 +00:00
2011-02-03 19:42:46 +00:00
if [ "$1" = "all" ]; then
2011-12-01 17:53:12 +00:00
tombs=`find /dev/mapper -name 'tomb.*'`
if ! [ $tombs ]; then
2011-12-01 19:04:56 +00:00
_success "Tombs are all closed, cemetery is quiet."
2011-02-20 13:59:30 +00:00
return 0
2011-12-01 17:53:12 +00:00
fi
for t in ${(f)tombs}; do
umount_tomb ${t}
done
return 0
2010-08-22 13:04:19 +00:00
fi
2011-02-03 19:42:46 +00:00
2011-04-28 10:13:46 +00:00
# tomb close argument deduction
2011-03-31 17:42:05 +00:00
pathmap=`dirname "$1"`
2011-04-28 10:13:46 +00:00
2011-04-28 10:14:37 +00:00
if [ "${pathmap}" = "/dev/mapper" ]; then
2011-12-01 17:53:12 +00:00
mapper="$1" # argument is the mapper (or none which autofills mapper)
2013-03-29 11:51:43 +00:00
tombname="${mapper[(ws:.:)2]}"
2011-12-01 17:53:12 +00:00
tombmount=`mount -l | \
2011-04-28 10:13:46 +00:00
awk -vtomb="[$tombname]" '/^\/dev\/mapper\/tomb/ { if($7==tomb) print $3 } '`
elif [ "$pathmap" = "." ]; then
2011-12-01 17:53:12 +00:00
tombname="$1" # argument is the name
mapper=`mount -l | \
2011-04-28 10:13:46 +00:00
awk -vtomb="[$tombname]" '/^\/dev\/mapper\/tomb/ { if($7==tomb) print $1 } '`
2011-12-01 17:53:12 +00:00
tombmount=`mount -l | \
2011-04-28 10:13:46 +00:00
awk -vtomb="[$tombname]" '/^\/dev\/mapper\/tomb/ { if($7==tomb) print $3 } '`
2011-03-31 17:42:05 +00:00
else
2011-12-01 17:53:12 +00:00
tombmount="$1" # argument should be the mount
2011-04-28 10:13:46 +00:00
mapper=`mount | awk -vmnt="$tombmount" '/^\/dev\/mapper\/tomb/ { if($3==mnt) print $1 }'`
2013-03-29 11:51:43 +00:00
tombname="${mapper[(ws:.:)2]}"
2011-04-28 10:13:46 +00:00
fi
2011-04-28 10:14:37 +00:00
2011-05-23 20:28:22 +00:00
# avoid block when the same tomb is mounted, take only the first
for tm in ${(f)tombmount}; do tombmount=${tm}; break; done
2011-12-01 19:04:56 +00:00
xxx "tomb close argument: $1"
2013-03-29 11:51:43 +00:00
xxx "name: $tombname"
xxx "mount: $tombmount"
xxx "mapper: $mapper"
2011-04-28 10:13:46 +00:00
if ! [ -e "$mapper" ]; then
2011-12-01 19:04:56 +00:00
_warning "Tomb not found: $1"
_warning "Please specify an existing tomb."
2011-04-28 10:13:46 +00:00
return 0
2011-03-31 17:42:05 +00:00
fi
2011-02-07 08:42:50 +00:00
2011-04-28 10:13:46 +00:00
if [ $SLAM ]; then
2011-12-01 19:04:56 +00:00
_success "Slamming tomb $tombname mounted on $tombmount"
_message "Kill all processes busy inside the tomb"
2012-02-01 23:31:44 +00:00
if ! slam_tomb "$tombmount"; then
2011-12-01 19:04:56 +00:00
_warning "Cannot slam the tomb $tombname"
2011-08-16 00:52:01 +00:00
return 1
fi
2011-04-28 10:13:46 +00:00
else
2011-12-01 19:04:56 +00:00
_success "Closing tomb $tombname mounted on $tombmount"
2011-02-07 08:42:50 +00:00
fi
2011-05-15 18:03:11 +00:00
# check if there are binded dirs and close them
2011-05-09 07:11:18 +00:00
tombmount_esc=`sed 's:\/:\\\/:g' <<< $tombmount `
2011-04-28 10:13:46 +00:00
unbind=`mount | awk "/^$tombmount_esc.*bind/"' { print $3 }'`
for b in ${(f)unbind}; do
2011-12-01 17:53:12 +00:00
hook="`basename $b`"
2011-12-01 19:04:56 +00:00
_message "closing tomb hook: $hook"
2011-12-01 17:53:12 +00:00
umount $b
if [[ $? != 0 ]]; then
if [ $SLAM ]; then
2011-12-01 19:04:56 +00:00
_success "Slamming tomb: killing all processes using this hook"
2011-08-16 00:43:15 +00:00
slam_tomb "$b"
2011-08-16 00:52:01 +00:00
if [[ $? == 1 ]]; then
2011-12-01 19:04:56 +00:00
_warning "Cannot slam the tomb $b"
2011-08-16 00:52:01 +00:00
return 1
fi
2011-12-01 17:53:12 +00:00
umount $b
2011-08-16 00:43:15 +00:00
else
2011-12-01 19:04:56 +00:00
_warning "Tomb hook is busy, cannot close tomb."
2011-12-01 17:53:12 +00:00
return 1
2011-04-28 10:13:46 +00:00
fi
2011-12-01 17:53:12 +00:00
fi
2011-04-28 10:13:46 +00:00
done
2011-01-13 21:35:32 +00:00
2011-02-12 11:38:59 +00:00
# Execute post-hooks for eventual cleanup
2011-10-25 21:52:59 +00:00
if ! option_is_set -n ; then
2011-12-01 17:53:12 +00:00
exec_safe_post_hooks ${tombmount%%/} close
2011-02-20 13:59:30 +00:00
fi
2011-02-03 16:11:08 +00:00
2011-04-28 10:13:46 +00:00
if [ $tombmount ]; then # tomb is actively mounted
2011-12-01 19:04:56 +00:00
xxx "performing umount of $tombmount"
2011-09-03 10:43:21 +00:00
umount ${tombmount}
2011-04-28 10:13:46 +00:00
if ! [ $? = 0 ]; then
2011-12-01 19:04:56 +00:00
_warning "Tomb is busy, cannot umount!"
2011-12-01 17:53:12 +00:00
else
2011-10-25 17:37:28 +00:00
# this means we used a "default" mount point
2011-12-01 17:53:12 +00:00
if [ "${tombmount}" = "/media/${tombname}.tomb" ]; then
2011-10-25 17:37:28 +00:00
rmdir ${tombmount}
2011-12-01 17:53:12 +00:00
fi
2011-04-28 10:13:46 +00:00
fi
2011-04-10 19:38:01 +00:00
fi
2011-04-28 10:14:37 +00:00
2011-04-28 10:13:46 +00:00
cryptsetup luksClose $mapper
2010-08-22 13:04:19 +00:00
if ! [ $? = 0 ]; then
2011-12-01 19:04:56 +00:00
_warning "error occurred in cryptsetup luksClose ${mapper}"
2011-02-03 19:42:46 +00:00
return 1
2010-08-22 13:04:19 +00:00
fi
2011-04-28 10:14:37 +00:00
loopdev=`cut -d '.' -f4 <<< "$mapper"`
2011-03-31 17:42:05 +00:00
losetup -d "/dev/$loopdev"
2010-08-22 14:44:35 +00:00
2011-05-15 18:11:01 +00:00
# kill the status tray widget if still present
# this makes the widget disappear when closing tomb from cli
awkmapper=`sed 's:\/:\\\/:g' <<< $mapper`
statustray_pid=`ps ax | awk "/tomb-status $awkmapper/"' {print $1} '`
2011-05-15 18:12:15 +00:00
if [ ${statustray_pid} ]; then
kill ${statustray_pid}
fi
2011-05-15 18:11:01 +00:00
2011-12-01 19:04:56 +00:00
_success "Tomb $tombname closed: your bones will rest in peace."
2011-02-03 19:42:46 +00:00
return 0
2010-08-22 13:04:19 +00:00
}
2011-12-01 17:53:12 +00:00
# }}}
# }}}
# {{{ - Change Password
2012-01-20 00:47:07 +00:00
# $1 is the tomb key path
2011-12-01 19:27:05 +00:00
2011-11-03 14:13:49 +00:00
# change tomb key password
change_passwd() {
2012-01-20 00:47:07 +00:00
_message "Commanded to change password for tomb key $1"
2012-09-02 13:13:30 +00:00
if ! option_is_set -f && ! option_is_set --ignore-swap; then check_swap; fi
2012-01-17 13:00:20 +00:00
2012-01-20 00:47:07 +00:00
local keyfile="$1"
2011-11-03 14:13:49 +00:00
# check the keyfile
if ! [ -r $keyfile ]; then
2012-09-05 15:47:00 +00:00
_warning "key not found: $keyfile"
return 1
2011-11-03 14:13:49 +00:00
fi
2011-12-01 17:53:12 +00:00
2012-09-05 15:47:00 +00:00
if ! is_valid_key $keyfile ; then
_warning "file doesn't seems to be a tomb key: $keyfile"
_warning "operation aborted."
return 1
2011-11-03 14:13:49 +00:00
fi
2012-09-05 15:47:00 +00:00
local tmpnewkey lukskey c tombpass tombpasstmp
2011-12-01 17:53:12 +00:00
2012-09-08 12:00:32 +00:00
tmpnewkey=`safe_filename tombnew`
lukskey=`safe_filename tombluks`
2011-11-03 14:13:49 +00:00
2011-12-01 19:04:56 +00:00
_success "Changing password for $keyfile"
2011-11-03 14:13:49 +00:00
keyname=`basename $keyfile`
2012-09-08 12:00:32 +00:00
if ! option_is_set --tomb-old-pwd; then
while true; do
tombpass=`exec_as_user ${TOMBEXEC} askpass "Type old password for ${keyname}" "Change tomb key password"`
if [[ $? == 1 ]]; then
die "User aborted"
fi
if get_lukskey "${tombpass}" ${keyfile} > ${lukskey}; then
break
fi
done
else
tombpass=`option_value --tomb-old-pwd`
if ! get_lukskey "${tombpass}" ${keyfile} > ${lukskey}; then
die "Invalid old password"
2011-11-03 14:13:49 +00:00
fi
2012-09-08 12:00:32 +00:00
fi
2011-11-03 14:13:49 +00:00
2012-09-08 12:00:32 +00:00
{
gen_key $lukskey > ${tmpnewkey}
2011-11-03 14:13:49 +00:00
2012-09-08 12:00:32 +00:00
if ! is_valid_key $tmpnewkey; then
die "Error: the newly generated keyfile does not seem valid"
else
# copy the new key as the original keyfile name
cp "${tmpnewkey}" "${keyfile}"
_success "Your passphrase was successfully updated."
fi
} always {
_verbose "cleanup: $tmpnewkey $lukskey"
2012-09-05 15:47:00 +00:00
# wipe all temp file
${=WIPE} "${tmpnewkey}"
${=WIPE} "${lukskey}"
2012-09-08 12:00:32 +00:00
}
2011-11-03 14:13:49 +00:00
2012-09-08 12:00:32 +00:00
return $?
2011-11-03 14:13:49 +00:00
}
2011-12-01 19:27:05 +00:00
2012-01-07 23:23:49 +00:00
# }}}
# {{{ - Resize
# resize tomb file size
2012-01-20 00:47:07 +00:00
# $1 is tomb path
2012-01-07 23:23:49 +00:00
resize_tomb() {
2012-01-20 00:47:07 +00:00
_message "Commanded to resize tomb $1 to $opts[-s] megabytes"
if ! [ $1 ]; then
2012-01-07 23:23:49 +00:00
_failure "No tomb name specified for resizing"
2012-01-20 00:47:07 +00:00
elif ! [ -r "$1" ]; then
_failure "Cannot find $1"
2012-01-07 23:23:49 +00:00
fi
local c tombpass tombkey
2012-01-20 00:47:07 +00:00
local tombfile=`basename $1`
local tombdir=`dirname $1`
2012-01-07 23:23:49 +00:00
# make sure the file has a .tomb extension
local tombname=${tombfile%%\.*}
tombfile=${tombname}.tomb
if option_is_set -k ; then
if [[ "`option_value -k`" == "-" ]]; then
# take key from stdin
local tombkeydir
tombkeydir=`safe_dir`
cat > ${tombkeydir}/stdin.tmp
tombkey=${tombkeydir}/stdin.tmp
else
# take key from a file
tombkey=`option_value -k`
fi
else
# guess key as lying besides the tomb
tombkey=${tombdir}/${tombfile}.key
fi
if ! [ -r ${tombkey} ]; then
_failure "key file not found: ${tombkey}"
fi
local tmp_resize=`safe_filename tmbrsz`
local newtombsize=$opts[-s]
2012-01-20 00:47:07 +00:00
local oldtombsize=`stat -c %s "$1" 2>/dev/null`
2012-01-17 11:36:41 +00:00
local mounted_tomb=`mount -l |
2012-01-07 23:23:49 +00:00
awk -vtomb="[$tombname]" '/^\/dev\/mapper\/tomb/ { if($7==tomb) print $1 }'`
if [ "$mounted_tomb" ]; then
2012-01-17 11:36:41 +00:00
_failure "the tomb $tombname is open, to resize it it needs to be close."
2012-01-07 23:23:49 +00:00
fi
# MB to bytes conversion
newtombsize=`expr \( $newtombsize \* 1024 \) \* 1024 2> /dev/null`
if ! [ "$newtombsize" ] ; then
_failure "You must specify the new size of $tombname"
elif [[ $newtombsize != <-> ]]; then
_failure "Size is not an integer"
elif [ "$newtombsize" -le "$oldtombsize" ]; then
_failure "the new size must be greater then old tomb size."
fi
local delta=`expr $newtombsize \- $oldtombsize`
local tombsize_4k=`expr $delta \/ 1024`
tombsize_4k=`expr $tombsize_4k \/ 4 `
act "Generating ${tombfile} of ${newtombsize}Mb (${tombsize_4k} blocks of 4Kb)"
"$DD" if=/dev/urandom bs=4k count=${tombsize_4k} of="${tmp_resize}"
if [ $? = 0 -a -e "${tmp_resize}" ]; then
2012-01-17 11:36:41 +00:00
xxx "OK: `ls -lh ${tmp_resize}`"
2012-01-07 23:23:49 +00:00
else
2012-01-17 11:36:41 +00:00
_failure "Error creating the extra resize $tmp_resize, operation aborted."
2012-01-07 23:23:49 +00:00
fi
2012-01-20 00:47:07 +00:00
cat "${tmp_resize}" >> "$1"
2012-01-17 11:36:41 +00:00
${=WIPE} "${tmp_resize}"
2012-01-07 23:23:49 +00:00
local nstloop=`losetup -f`
if [ $? = 255 ]; then
_failure "too many tomb opened. Please close any of them to open another tomb"
fi
2012-01-20 00:47:07 +00:00
losetup -f "$1"
2012-01-07 23:23:49 +00:00
local mapdate=`date +%s`
local mapper="tomb.${tombname}.${mapdate}.`basename $nstloop`"
_message "Password is required for key ${keyname}"
for c in 1 2 3; do
if [ $c = 1 ]; then
tombpass=`exec_as_user ${TOMBEXEC} askpass ${keyname}`
else
tombpass=`exec_as_user ${TOMBEXEC} askpass "$keyname (retry $c)"`
fi
2012-09-05 15:47:00 +00:00
get_lukskey "${tombpass}" ${tombkey} | \
cryptsetup --key-file - luksOpen ${nstloop} ${mapper}
2012-01-07 23:23:49 +00:00
unset tombpass
if [ -r /dev/mapper/${mapper} ]; then
break; # password was correct
fi
done
if ! [ -r /dev/mapper/${mapper} ]; then
losetup -d ${nstloop}
_failure "failure mounting the encrypted file"
fi
cryptsetup resize "${mapper}"
if [ $? != 0 ]; then
losetup -d ${nstloop}
_failure "cryptsetup failed to resize $mapper"
fi
e2fsck -f /dev/mapper/${mapper}
if [ $? != 0 ]; then
losetup -d ${nstloop}
_failure "e2fsck failed to check $mapper"
fi
resize2fs /dev/mapper/${mapper}
if [ $? != 0 ]; then
losetup -d ${nstloop}
_failure "resize2fs failed to resize $mapper"
fi
2012-01-17 11:36:41 +00:00
sleep 1 # needs to settle a bit
2012-01-07 23:23:49 +00:00
# close and free the loop device
cryptsetup luksClose "${mapper}"
losetup -d ${nstloop}
return 0
}
2011-12-01 17:53:12 +00:00
# }}}
2013-03-30 16:29:51 +00:00
# {{{ - Index
# index files in all tombs for search
# $1 is optional, to specify a tomb
index_tombs() {
{ command -v updatedb > /dev/null } || {
die "Cannot index tombs on this system: updatedb not installed" }
if [ $1 ]; then
# list a specific tomb
mounted_tombs=`mount -l |
awk -vtomb="[$1]" '/^\/dev\/mapper\/tomb/ { if($7==tomb) print $1 ";" $3 ";" $5 ";" $6 ";" $7 }'`
else
# list all open tombs
mounted_tombs=`mount -l |
awk '/^\/dev\/mapper\/tomb/ { print $1 ";" $3 ";" $5 ";" $6 ";" $7 }'`
fi
if ! [ $mounted_tombs ]; then
if [ $1 ]; then
die "There seems to be no open tomb engraved as [$1]"
else
die "I can't see any open tomb, may they all rest in peace."
fi
fi
yes "Creating and updating search indexes"
for t in ${(f)mounted_tombs}; do
mapper=`basename ${t[(ws:;:)1]}`
tombname=${t[(ws:;:)5]}
tombmount=${t[(ws:;:)2]}
say "Indexing $tombname"
updatedb -l 0 -o ${tombmount}/.updatedb -U ${tombmount}
say "search index updated"
done
}
search_tombs() {
{ command -v locate > /dev/null } || {
die "Cannot index tombs on this system: updatedb not installed" }
# list all open tombs
mounted_tombs=(`mount -l |
awk '/^\/dev\/mapper\/tomb/ { print $1 ";" $3 ";" $5 ";" $6 ";" $7 }'`)
{ test ${#mounted_tombs} = 0 } && {
die "I can't see any open tomb, may they all rest in peace." }
yes "Searching for: $fg_bold[white]${=PARAM}$fg_no_bold[white]"
for t in ${(f)mounted_tombs}; do
mapper=`basename ${t[(ws:;:)1]}`
tombname=${t[(ws:;:)5]}
tombmount=${t[(ws:;:)2]}
{ test -r ${tombmount}/.updatedb } || {
no "skipping tomb $tombname: not indexed"
no "run 'tomb index' to create indexes"
continue }
say "Searching in tomb $tombname"
locate -d ${tombmount}/.updatedb -e -i ${=PARAM}
say "Matches found: `locate -d ${tombmount}/.updatedb -e -i -c ${=PARAM}`"
done
}
2011-12-01 17:53:12 +00:00
# {{{ - List
2011-05-09 07:11:18 +00:00
# list all tombs mounted in a readable format
2012-01-20 00:47:07 +00:00
# $1 is optional, to specify a tomb
2011-05-09 07:11:18 +00:00
list_tombs() {
2012-01-20 00:47:07 +00:00
if [ $1 ]; then
2011-05-09 07:11:18 +00:00
# list a specific tomb
mounted_tombs=`mount -l |
awk -vtomb="[$1]" '/^\/dev\/mapper\/tomb/ { if($7==tomb) print $1 ";" $3 ";" $5 ";" $6 ";" $7 }'`
else
# list all open tombs
mounted_tombs=`mount -l |
awk '/^\/dev\/mapper\/tomb/ { print $1 ";" $3 ";" $5 ";" $6 ";" $7 }'`
fi
# 1 = full mapper path
# 2 = mountpont
# 3 = filesystem
# 4 = mount options
# 5 = name
if ! [ $mounted_tombs ]; then
if [ $1 ]; then
2012-01-20 00:47:07 +00:00
die "There seems to be no open tomb engraved as [$1]"
2011-05-09 07:11:18 +00:00
else
2011-12-01 19:04:56 +00:00
die "I can't see any open tomb, may they all rest in peace."
2011-05-09 07:11:18 +00:00
fi
fi
for t in ${(f)mounted_tombs}; do
mapper=`basename ${t[(ws:;:)1]}`
tombname=${t[(ws:;:)5]}
tombmount=${t[(ws:;:)2]}
tombfs=${t[(ws:;:)3]}
tombfsopts=${t[(ws:;:)4]}
2013-03-30 17:44:05 +00:00
tombloop=${mapper[(ws:.:)4]}
2011-05-09 07:11:18 +00:00
2011-05-26 10:24:17 +00:00
# calculate tomb size
ts=`df -hP /dev/mapper/$mapper |
awk "/mapper/"' { print $2 ";" $3 ";" $4 ";" $5 }'`
tombtot=${ts[(ws:;:)1]}
tombused=${ts[(ws:;:)2]}
tombavail=${ts[(ws:;:)3]}
tombpercent=${ts[(ws:;:)4]}
2011-09-26 09:33:07 +00:00
tombp=${tombpercent%%%}
2011-05-09 07:11:18 +00:00
tombsince=`date --date=@${mapper[(ws:.:)3]} +%c`
2011-05-26 10:24:17 +00:00
2013-03-29 11:51:43 +00:00
# find out who opens it from where
{ test -r ${tombmount}/.tty } && {
tombtty="`cat ${tombmount}/.tty`"
tombhost="`cat ${tombmount}/.host`"
tombuid="`cat ${tombmount}/.uid`"
tombuser=`awk -F: '/:'"$tombuid"':/ {print $1}' /etc/passwd`
}
2012-08-30 23:50:53 +00:00
if option_is_set --get-mountpoint; then
echo $tombmount
continue
fi
2011-05-09 07:11:18 +00:00
# breaking up such strings is good for translation
2011-05-09 08:32:08 +00:00
print -n "$fg[green]$tombname"
print -n "$fg[white] open on "
print -n "$fg_bold[white]$tombmount"
print -n "$fg_no_bold[white] using "
2011-05-10 07:26:07 +00:00
print "$fg_bold[white]$tombfs $tombfsopts"
2011-05-26 10:24:17 +00:00
2011-09-26 09:33:07 +00:00
print -n "$fg_no_bold[green]$tombname"
print -n "$fg_no_bold[white] open since "
print "$fg_bold[white]$tombsince$fg_no_bold[white]"
2013-03-29 11:51:43 +00:00
{ test "$tombtty" = "" } || {
print -n "$fg_no_bold[green]$tombname"
print -n "$fg_no_bold[white] open by "
print -n "$fg_bold[white]$tombuser"
print -n "$fg_no_bold[white] from "
print -n "$fg_bold[white]$tombtty"
print -n "$fg_no_bold[white] on "
print "$fg_bold[white]$tombhost"
}
2011-05-26 10:24:17 +00:00
print -n "$fg_no_bold[green]$tombname"
print -n "$fg[white] size "
print -n "$fg_bold[white]$tombtot"
print -n "$fg_no_bold[white] of which "
print -n "$fg_bold[white]$tombused"
2011-09-26 09:33:07 +00:00
print -n "$fg_no_bold[white] used: "
2011-05-26 10:24:17 +00:00
print -n "$fg_bold[white]$tombavail"
print -n "$fg_no_bold[white] free ("
print -n "$fg_bold[white]$tombpercent"
print "$fg_no_bold[white] full)"
2011-12-01 17:53:12 +00:00
2011-09-26 09:33:07 +00:00
if [[ ${tombp} -ge 90 ]]; then
print -n "$fg_no_bold[green]$tombname"
print "$fg_bold[red] Your tomb is almost full!"
fi
2011-05-09 07:11:18 +00:00
# now check hooks
mtomb=`sed 's:\/:\\\/:g' <<< $tombmount`
mounted_hooks=`mount | awk "/^$mtomb/"' {print $1 ";" $3}'`
for h in ${(f)mounted_hooks}; do
2011-09-26 09:33:07 +00:00
print -n "$fg_no_bold[green]$tombname"
2011-05-09 08:32:08 +00:00
print -n "$fg_no_bold[white] hooks "
print -n "$fg_bold[white]`basename ${h[(ws:;:)1]}`"
print -n "$fg_no_bold[white] on "
print "$fg_bold[white]${h[(ws:;:)2]}$fg_no_bold[white]"
2011-05-09 07:11:18 +00:00
done
done
}
2011-12-01 17:53:12 +00:00
# }}}
# {{{ - Status
2011-09-04 07:36:40 +00:00
launch_status() {
# calculates the correct arguments to launch tomb-status tray
# applet; it takes the tomb name as an argument and can be
# launched after a successful tomb mount.
which tomb-status > /dev/null
if [ $? != 0 ]; then
2012-01-17 16:28:40 +00:00
die "Cannot find tomb-status binary, operation aborted."
2011-09-04 07:36:40 +00:00
return 1
fi
if ! [ $DISPLAY ]; then
2011-12-01 19:04:56 +00:00
_warning "No active X display found, operation aborted."
_warning "Status launches a graphical tray applet, you need X running."
2011-09-04 07:36:40 +00:00
return 1
fi
# check argument. use single tomb mounted if no argument
# abort if more than one tomb is mounted.
if ! [ $1 ]; then
tombs=`find /dev/mapper -name 'tomb.*'`
how_many_tombs=`wc -w <<< "$tombs"`
if [[ "$how_many_tombs" == "0" ]]; then
2011-12-01 19:04:56 +00:00
_warning "There is no open tomb, status cannot be launched"
2011-09-04 07:36:40 +00:00
return 1
elif [[ "$how_many_tombs" == "1" ]]; then
2011-12-01 17:53:12 +00:00
#mapper=`find /dev/mapper -name 'tomb.*'`
2011-09-04 07:36:40 +00:00
tombname=`find /dev/mapper -name "tomb.*"`
tombname=`basename $tombname | cut -d. -f2`
2011-12-01 19:04:56 +00:00
_success "launching status for tomb $tombname"
2011-09-04 07:36:40 +00:00
else
2011-12-01 19:04:56 +00:00
_warning "Too many tombs mounted, please specify which one"
2011-09-04 07:36:40 +00:00
list_tombs
return 0
fi
else
# name was specified on command line
tombname=$1
ls /dev/mapper | grep "^tomb.${tombname}.*" > /dev/null
if [ $? != 0 ]; then
2011-12-01 19:04:56 +00:00
_warning "Cannot find any tomb named $tombname being open, operation aborted."
2011-09-04 07:36:40 +00:00
return 1
fi
fi
# finally we launch
tombmap=`mount -l | awk "/\[${tombname}\]$/"' { print $1 } '`
tombmount=`mount -l | awk "/\[${tombname}\]$/"' { print $3 } '`
tomb-status $tombmap $tombname $tombmount &!
return 0
}
2011-12-01 17:53:12 +00:00
# }}}
# {{{ - Install GUI
2011-01-12 16:02:19 +00:00
# install mime-types, bells and whistles for the desktop
# see http://developers.sun.com/solaris/articles/integrating_gnome.html
# and freedesktop specs
2011-02-03 16:11:08 +00:00
install_tomb() {
2011-01-19 11:38:19 +00:00
# TODO: distro package deps (for binary)
2011-02-20 13:59:30 +00:00
# debian: zsh, cryptsetup, sudo
2011-12-01 19:04:56 +00:00
_message "updating mimetypes..."
2011-01-12 16:02:19 +00:00
cat <<EOF > /tmp/dyne-tomb.xml
<?xml version="1.0"?>
<mime-info xmlns='http://www.freedesktop.org/standards/shared-mime-info'>
<mime-type type="application/x-tomb-volume">
<comment>Tomb encrypted volume</comment>
<glob pattern="*.tomb"/>
</mime-type>
<mime-type type="application/x-tomb-key">
<comment>Tomb crypto key</comment>
2011-02-20 19:10:08 +00:00
<glob pattern="*.tomb.key"/>
2011-01-12 16:02:19 +00:00
</mime-type>
</mime-info>
EOF
xdg-mime install /tmp/dyne-tomb.xml
xdg-icon-resource install --context mimetypes --size 32 monmort.xpm monmort
xdg-icon-resource install --size 32 monmort.xpm dyne-monmort
2011-04-28 10:14:37 +00:00
2011-01-12 16:02:19 +00:00
rm /tmp/dyne-tomb.xml
2011-04-28 10:14:37 +00:00
2011-12-01 19:04:56 +00:00
_message "updating desktop..."
2011-01-12 16:02:19 +00:00
cat <<EOF > /usr/share/applications/tomb.desktop
[Desktop Entry]
Version=1.0
Type=Application
Name=Tomb crypto undertaker
GenericName=Crypto undertaker
Comment=Keep your bones safe
2011-04-10 19:38:01 +00:00
Exec="${TOMBOPENEXEC}" %U
2011-01-12 16:02:19 +00:00
TryExec=tomb-open
Icon=monmort.xpm
2011-02-20 19:10:08 +00:00
Terminal=true
2011-01-12 16:02:19 +00:00
Categories=Utility;Security;Archiving;Filesystem;
MimeType=application/x-tomb-volume;
2011-01-29 13:45:03 +00:00
X-AppInstall-Package=tomb
2011-01-12 16:02:19 +00:00
EOF
2011-12-01 17:53:12 +00:00
update-desktop-database
2011-01-12 16:02:19 +00:00
2011-12-01 19:04:56 +00:00
_message "updating menus..."
2011-01-12 16:02:19 +00:00
cat <<EOF > /etc/menu/tomb
2011-02-20 19:10:08 +00:00
?package(tomb):command="tomb" icon="/usr/share/pixmaps/monmort.xpm" needs="text" \
2011-01-12 16:02:19 +00:00
section="Applications/Accessories" title="Tomb" hints="Crypto" \
hotkey="Tomb"
EOF
update-menus
2011-04-28 10:14:37 +00:00
2011-12-01 19:04:56 +00:00
_message "updating mime info..."
2011-01-12 16:02:19 +00:00
cat <<EOF > /usr/share/mime-info/tomb.keys
# actions for encrypted tomb storage
application/x-tomb-volume:
2011-04-10 19:38:01 +00:00
open="${TOMBOPENEXEC}" %f
2011-01-12 16:02:19 +00:00
view=tomb-open %f
icon-filename=monmort.xpm
2011-04-28 10:14:37 +00:00
short_list_application_ids_for_novice_user_level=tomb
2011-01-12 16:02:19 +00:00
EOF
cat <<EOF > /usr/share/mime-info/tomb.mime
# mime type for encrypted tomb storage
application/x-tomb-volume
ext: tomb
application/x-tomb-key
2011-04-28 10:14:37 +00:00
ext: tomb.key
2011-01-12 16:02:19 +00:00
EOF
cat <<EOF > /usr/lib/mime/packages/tomb
2011-01-13 13:37:52 +00:00
application/x-tomb-volume; tomb-open '%s'; priority=8
2011-01-12 16:02:19 +00:00
EOF
update-mime
2011-12-01 19:04:56 +00:00
_message "updating application entry..."
2011-01-12 16:02:19 +00:00
cat <<EOF > /usr/share/application-registry/tomb.applications
tomb
2011-04-28 10:14:37 +00:00
command=tomb-open
name=Tomb - Crypto Undertaker
can_open_multiple_files=false
expects_uris=false
requires_terminal=true
mime-types=application/x-tomb-volume,application/x-tomb-key
2011-01-12 16:02:19 +00:00
EOF
2011-12-01 19:04:56 +00:00
_message "Tomb is now installed."
2011-01-12 16:02:19 +00:00
}
2011-12-01 17:53:12 +00:00
# }}}
2011-12-01 19:04:56 +00:00
2011-12-01 17:53:12 +00:00
# }}}
# {{{ MAIN COMMAND
2011-12-01 19:04:56 +00:00
[Optparsing] Support options in whatever position
However, it has a precondition that developers MUST respect:
An option CAN'T have differente meanings/behaviour in different subcommands.
For example, "-s" means "size" and accept an argument. If you are tempted to add
an option "-s" (that means, for example "silent", and doesn't accept an argument)
This, however, make sense even from an usability point of view.
Also, option with optional argument are prohibited.
The technique is a "double scan": first, we scan options passing
_every_ possible subcommand options to zparseopts.
This way, we can distinguish between option argument and parameters.
So, we recognize which is the subcommand.
Then, parse again
2011-07-24 23:00:25 +00:00
main() {
local -A subcommands_opts
2011-07-19 13:42:49 +00:00
### Options configuration
2012-01-17 13:00:20 +00:00
# Hi, dear developer! Are you trying to add a new subcommand, or
# to add some options? Well, keep in mind that an option CAN'T
# have differente meanings/behaviour in different subcommands.
2012-01-23 02:34:25 +00:00
# For example, "-s" means "size" and accept an argument. If you are tempted to add
# an option "-s" (that means, for example "silent", and doesn't accept an argument)
# DON'T DO IT!
2012-01-17 13:00:20 +00:00
2012-01-23 02:34:25 +00:00
# There are two reasons for that:
2012-01-17 13:00:20 +00:00
# I. usability; user expect that "-s" is "size"
2012-01-23 02:34:25 +00:00
# II. Option parsing WILL EXPLODE if you do this kind of bad things
# (it will say "option defined more than once, and he's right")
2012-01-17 13:00:20 +00:00
#
# If you want to use the same option in multiple commands then
# you can only use the non-abbreviated long-option version like:
# -force and NOT -f
2013-03-29 11:51:43 +00:00
main_opts=(q -quiet=q D -debug=D h -help=h v -version=v U: -uid=U G: -gid=G T: -tty=T -no-color -unsecure-dev-mode)
2011-08-16 18:44:18 +00:00
subcommands_opts[__default]=""
2013-03-29 11:51:43 +00:00
subcommands_opts[open]="f n -nohook=n k: -key=k o: -mount-options=o -ignore-swap -sudo-pwd: -tomb-pwd:"
2011-07-19 23:15:31 +00:00
subcommands_opts[mount]=${subcommands_opts[open]}
2013-03-22 20:13:59 +00:00
2013-03-29 11:51:43 +00:00
subcommands_opts[create]="f s: -size=s -force k: -key=k -ignore-swap -kdf: -sudo-pwd: -tomb-pwd: -use-urandom"
2013-03-22 20:13:59 +00:00
2013-03-29 11:51:43 +00:00
subcommands_opts[forge]="f -ignore-swap -kdf: -use-urandom"
2013-03-22 20:13:59 +00:00
subcommands_opts[dig]="f -ignore-swap s: -size=s"
2013-03-29 11:51:43 +00:00
subcommands_opts[lock]="f -force -ignore-swap s: -size=s k: -key=k -sudo-pwd: -tomb-pwd:"
2013-03-22 20:13:59 +00:00
2012-09-08 12:00:32 +00:00
subcommands_opts[passwd]="f -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: "
2013-03-29 11:51:43 +00:00
subcommands_opts[close]="-sudo-pwd:"
2011-07-19 13:42:49 +00:00
subcommands_opts[help]=""
[Optparsing] Support options in whatever position
However, it has a precondition that developers MUST respect:
An option CAN'T have differente meanings/behaviour in different subcommands.
For example, "-s" means "size" and accept an argument. If you are tempted to add
an option "-s" (that means, for example "silent", and doesn't accept an argument)
This, however, make sense even from an usability point of view.
Also, option with optional argument are prohibited.
The technique is a "double scan": first, we scan options passing
_every_ possible subcommand options to zparseopts.
This way, we can distinguish between option argument and parameters.
So, we recognize which is the subcommand.
Then, parse again
2011-07-24 23:00:25 +00:00
subcommands_opts[slam]=""
2012-08-30 23:50:53 +00:00
subcommands_opts[list]="-get-mountpoint"
2013-03-30 16:29:51 +00:00
subcommands_opts[index]=""
subcommands_opts[search]=""
[Optparsing] Support options in whatever position
However, it has a precondition that developers MUST respect:
An option CAN'T have differente meanings/behaviour in different subcommands.
For example, "-s" means "size" and accept an argument. If you are tempted to add
an option "-s" (that means, for example "silent", and doesn't accept an argument)
This, however, make sense even from an usability point of view.
Also, option with optional argument are prohibited.
The technique is a "double scan": first, we scan options passing
_every_ possible subcommand options to zparseopts.
This way, we can distinguish between option argument and parameters.
So, we recognize which is the subcommand.
Then, parse again
2011-07-24 23:00:25 +00:00
subcommands_opts[help]=""
subcommands_opts[bury]=""
subcommands_opts[exhume]=""
subcommands_opts[decompose]=""
subcommands_opts[recompose]=""
subcommands_opts[install]=""
subcommands_opts[askpass]=""
subcommands_opts[mktemp]=""
2011-08-20 16:45:00 +00:00
subcommands_opts[source]=""
2011-09-04 07:36:40 +00:00
subcommands_opts[status]=""
2013-03-29 11:51:43 +00:00
subcommands_opts[resize]="s: -size=s k: -key=k"
2011-10-31 23:36:14 +00:00
subcommands_opts[check]="-ignore-swap"
2011-12-01 19:04:56 +00:00
# subcommands_opts[translate]=""
[Optparsing] Support options in whatever position
However, it has a precondition that developers MUST respect:
An option CAN'T have differente meanings/behaviour in different subcommands.
For example, "-s" means "size" and accept an argument. If you are tempted to add
an option "-s" (that means, for example "silent", and doesn't accept an argument)
This, however, make sense even from an usability point of view.
Also, option with optional argument are prohibited.
The technique is a "double scan": first, we scan options passing
_every_ possible subcommand options to zparseopts.
This way, we can distinguish between option argument and parameters.
So, we recognize which is the subcommand.
Then, parse again
2011-07-24 23:00:25 +00:00
### Detect subcommand
local -aU every_opts #every_opts behave like a set; that is, an array with unique elements
for optspec in $subcommands_opts$main_opts; do
for opt in ${=optspec}; do
every_opts+=${opt}
done
done
local -a oldstar
oldstar=($argv)
2012-01-23 02:34:25 +00:00
#### detect early: useful for --optiion-parsing
zparseopts -M -D -Adiscardme ${every_opts}
if [[ -n ${(k)discardme[--option-parsing]} ]]; then
echo $1
if [[ -n "$1" ]]; then
return 1
fi
return 0
fi
unset discardme
if ! zparseopts -M -E -D -Adiscardme ${every_opts}; then
error "error parsing"
return 127
fi
[Optparsing] Support options in whatever position
However, it has a precondition that developers MUST respect:
An option CAN'T have differente meanings/behaviour in different subcommands.
For example, "-s" means "size" and accept an argument. If you are tempted to add
an option "-s" (that means, for example "silent", and doesn't accept an argument)
This, however, make sense even from an usability point of view.
Also, option with optional argument are prohibited.
The technique is a "double scan": first, we scan options passing
_every_ possible subcommand options to zparseopts.
This way, we can distinguish between option argument and parameters.
So, we recognize which is the subcommand.
Then, parse again
2011-07-24 23:00:25 +00:00
unset discardme
subcommand=$1
2011-08-16 18:44:18 +00:00
if [[ -z $subcommand ]]; then
subcommand="__default"
fi
2011-12-01 19:04:56 +00:00
if [[ -z ${(k)subcommands_opts[$subcommand]} ]]; then
_warning "There's no such command \"$subcommand\"."
_failure "Please try -h for help" 127
# die "Subcommand '$subcommand' doesn't exist" 127
2011-04-10 19:38:01 +00:00
fi
[Optparsing] Support options in whatever position
However, it has a precondition that developers MUST respect:
An option CAN'T have differente meanings/behaviour in different subcommands.
For example, "-s" means "size" and accept an argument. If you are tempted to add
an option "-s" (that means, for example "silent", and doesn't accept an argument)
This, however, make sense even from an usability point of view.
Also, option with optional argument are prohibited.
The technique is a "double scan": first, we scan options passing
_every_ possible subcommand options to zparseopts.
This way, we can distinguish between option argument and parameters.
So, we recognize which is the subcommand.
Then, parse again
2011-07-24 23:00:25 +00:00
argv=(${oldstar})
unset oldstar
2011-02-14 14:57:37 +00:00
2011-12-01 17:53:12 +00:00
### Parsing global + command-specific options
# zsh magic: ${=string} will split to multiple arguments when spaces occur
set -A cmd_opts ${main_opts} ${=subcommands_opts[$subcommand]}
# if there is no option, we don't need parsing
if [[ -n $cmd_opts ]]; then
zparseopts -M -E -D -Aopts ${cmd_opts}
2011-07-14 13:47:20 +00:00
if [[ $? != 0 ]]; then
2011-12-01 19:04:56 +00:00
_warning "Some error occurred during option processing."
die "See \"tomb help\" for more info" 127
2011-07-14 13:47:20 +00:00
fi
2011-12-01 17:53:12 +00:00
fi
#build PARAM (array of arguments) and check if there are unrecognized options
ok=0
PARAM=()
for arg in $*; do
2011-07-14 13:47:20 +00:00
if [[ $arg == '--' || $arg == '-' ]]; then
2011-12-01 17:53:12 +00:00
ok=1
continue #it shouldnt be appended to PARAM
2011-07-14 13:47:20 +00:00
elif [[ $arg[1] == '-' ]]; then
2011-12-01 17:53:12 +00:00
if [[ $ok == 0 ]]; then
2012-08-04 16:34:10 +00:00
die "unrecognized option $arg for subcommand $subcommand" 127
2011-12-01 17:53:12 +00:00
fi
2011-07-14 13:47:20 +00:00
fi
PARAM+=$arg
2011-12-01 17:53:12 +00:00
done
#first parameter actually is the subcommand: delete it and shift
if [[ $subcommand != '__default' ]]; then
PARAM[1]=()
shift
fi
### End parsing command-specific options
2011-10-31 22:34:21 +00:00
if ! option_is_set --no-color; then
autoload colors; colors
fi
2012-08-30 23:50:53 +00:00
if ! option_is_set --unsecure-dev-mode; then
2012-09-08 12:00:32 +00:00
for opt in --sudo-pwd --tomb-pwd --use-urandom --tomb-old-pwd; do
2012-08-30 23:50:53 +00:00
if option_is_set $opt; then
die "You specified option $opt, which is DANGEROUS and should only be used for testing\nIf you really want so, add --unsecure-dev-mode" 127
fi
done
fi
2011-10-31 22:34:21 +00:00
2013-03-29 11:51:43 +00:00
# when we run as root, we remember the original uid:gid
# to set permissions for the calling user and drop privileges
if option_is_set -U; then _uid="`option_value -U`"; fi
if option_is_set -G; then _gid="`option_value -G`"; fi
if option_is_set -T; then _tty="`option_value -T`"; fi
2012-01-17 15:49:03 +00:00
xxx "Tomb command: $subcommand ${PARAM}"
2013-03-29 11:51:43 +00:00
xxx "caller uid[$_uid] gid[$_gid] tty[$_tty]"
2011-04-28 10:14:37 +00:00
2011-07-14 13:47:20 +00:00
case "$subcommand" in
2013-03-22 20:13:59 +00:00
# new creation in three steps
forge)
check_priv
forge_key ${=PARAM}
;;
dig)
dig_tomb ${=PARAM}
;;
2013-03-22 21:22:55 +00:00
lock)
check_priv
lock_tomb_with_key ${=PARAM}
;;
2013-03-30 17:59:34 +00:00
# backward compat
create)
check_priv
create_tomb ${=PARAM}
;;
2011-12-01 17:53:12 +00:00
mount|open)
check_priv
2012-01-17 15:49:03 +00:00
mount_tomb $PARAM[1] $PARAM[2]
2011-12-01 17:53:12 +00:00
;;
umount|close|slam)
check_priv
[ "$subcommand" = "slam" ] && SLAM=1
2012-01-20 00:47:07 +00:00
umount_tomb $PARAM[1]
2011-12-01 17:53:12 +00:00
;;
passwd)
2012-01-20 00:47:07 +00:00
change_passwd $PARAM[1]
2011-12-01 17:53:12 +00:00
;;
list)
2012-01-20 00:47:07 +00:00
list_tombs $PARAM[1]
2011-12-01 17:53:12 +00:00
;;
status)
2012-01-20 00:47:07 +00:00
launch_status $PARAM[1]
2011-12-01 17:53:12 +00:00
;;
2013-03-30 16:29:51 +00:00
index)
index_tombs $PARAM[1]
;;
search)
search_tombs ${=PARAM}
;;
2011-12-01 17:53:12 +00:00
help)
usage
;;
bury)
if [ "$STEGHIDE" = 0 ]; then
2011-12-01 19:04:56 +00:00
_warning "steghide not installed. Cannot bury your key"
2011-12-01 17:53:12 +00:00
return 1
fi
2011-10-31 23:36:14 +00:00
encode_key $PARAM[1] $PARAM[2] ;;
2011-12-01 17:53:12 +00:00
exhume)
if [ "$STEGHIDE" = 0 ]; then
2011-12-01 19:04:56 +00:00
_warning "steghide not installed. Cannot exhume your key"
2011-12-01 17:53:12 +00:00
return 1
fi
2012-01-20 00:47:07 +00:00
decode_key $PARAM[1] $PARAM[2]
2011-12-01 17:53:12 +00:00
;;
2012-01-07 23:23:49 +00:00
resize)
check_priv
2012-01-20 00:47:07 +00:00
resize_tomb $PARAM[1]
2012-01-07 23:23:49 +00:00
;;
2011-05-26 10:24:17 +00:00
# internal commands useful to developers
2011-12-01 17:53:12 +00:00
'source') return 0 ;;
install) check_priv ; install_tomb ;;
2012-01-20 00:47:07 +00:00
askpass) ask_password $PARAM[1] $PARAM[2] ;;
mktemp) safe_dir $PARAM[1] ;;
2011-12-01 17:53:12 +00:00
translate) generate_translatable_strings ;;
2011-10-31 23:36:14 +00:00
check) check_command $PARAM[1] ;;
2011-12-01 17:53:12 +00:00
__default)
2012-01-17 16:28:40 +00:00
cat <<EOF
Tomb $VERSION - a strong and gentle undertaker for your secrets
2013-03-29 11:51:43 +00:00
Copyright (C) 2007-2013 Dyne.org Foundation, License GNU GPL v3+
2012-01-17 16:28:40 +00:00
This is free software: you are free to change and redistribute it
The latest Tomb sourcecode is published on <http://tomb.dyne.org>
2012-02-07 20:05:09 +00:00
EOF
option_is_set -v && {
cat <<EOF
2012-01-17 16:28:40 +00:00
GnuPG available ciphers:
`list_gnupg_ciphers`
EOF
2012-02-07 20:05:09 +00:00
return 0
}
2012-01-17 16:28:40 +00:00
usage
2011-12-01 17:53:12 +00:00
;;
*)
2012-01-17 15:49:03 +00:00
_warning "command \"$subcommand\" not recognized"
2011-12-01 19:04:56 +00:00
_message "try -h for help"
2011-12-01 17:53:12 +00:00
return 1
;;
2011-04-10 19:38:01 +00:00
esac
2011-10-24 19:30:10 +00:00
return $?
2011-04-10 19:38:01 +00:00
}
2011-12-01 19:04:56 +00:00
2011-12-01 17:53:12 +00:00
# }}}
# {{{ RUNTIME
2011-04-10 19:38:01 +00:00
check_bin
2013-03-29 11:51:43 +00:00
2011-04-10 19:38:01 +00:00
main $@
2012-01-23 02:34:25 +00:00
ret=$?
if [[ $ret != 0 ]]; then #this "if" seems useless, but avoid source tomb source from exiting
exit $ret
2011-10-30 18:50:33 +00:00
fi
2011-12-01 17:53:12 +00:00
# }}}
2011-12-01 19:27:05 +00:00
2012-01-20 01:14:39 +00:00
# -*- tab-width: 4; indent-tabs-mode:nil; -*-
# vim: set shiftwidth=4 expandtab: