diff --git a/extras/install_sphinx.sh b/extras/install_sphinx.sh index 5cd9f13..c232351 100755 --- a/extras/install_sphinx.sh +++ b/extras/install_sphinx.sh @@ -5,8 +5,11 @@ cd libsphinx git submodule update --init --recursive --remote cd src sed -i 's|/usr/local|/usr|' makefile -make -sudo make install -ldconfig -pip3 install pwdsphinx -sudo mkdir -p /etc/sphinx \ No newline at end of file +make && make install && ldconfig +cd ../.. +git clone https://github.com/stef/pwdsphinx +cd pwdsphinx +python3 setup.py install +mkdir -p /etc/sphinx && cp ../test/sphinx.cfg /etc/sphinx/config && cd /etc/sphinx +openssl req -new -x509 -nodes -out server.crt -keyout server.key -subj '/CN=localhost' +sphinx init diff --git a/extras/test/Dockerfile b/extras/test/Dockerfile index 7ba72a1..f272e6a 100644 --- a/extras/test/Dockerfile +++ b/extras/test/Dockerfile @@ -1,13 +1,15 @@ FROM dyne/devuan:beowulf -RUN apt-get update -y -q --allow-releaseinfo-change && apt-get install -y -q zsh cryptsetup gawk libgcrypt20-dev steghide qrencode python python2.7 python3-pip python3-dev libsodium-dev libssl-dev make gcc g++ sudo gettext file bsdmainutils +RUN echo "deb http://deb.devuan.org/merged chimaera main" >> /etc/apt/sources.list +RUN apt-get update -y -q --allow-releaseinfo-change +RUN apt-get install -y -q -t beowulf zsh cryptsetup gawk libgcrypt20-dev steghide qrencode python python2.7 python3-pip python3-dev libssl-dev make gcc g++ sudo gettext file bsdmainutils +RUN apt-get install -y -q -t chimaera libsodium23 libsodium-dev RUN pip3 install setuptools wheel COPY . /Tomb/ -# WORKDIR /Tomb/extras -# RUN ./install_sphinx.sh -# RUN cp test/sphinx.cfg /etc/sphinx/config +WORKDIR /Tomb/extras +RUN ./install_sphinx.sh WORKDIR /Tomb RUN make --directory=extras/kdf-keys diff --git a/extras/test/sphinx.cfg b/extras/test/sphinx.cfg index 6e827c8..1943722 100644 --- a/extras/test/sphinx.cfg +++ b/extras/test/sphinx.cfg @@ -3,6 +3,7 @@ verbose = False address = 127.0.0.1 port = 2355 datadir = /tmp/.sphinx/ +ssl_cert = /etc/sphinx/server.crt [server] verbose = False @@ -10,7 +11,5 @@ address = 127.0.0.1 port = 2355 datadir = /tmp/.sphinx/ keydir = /tmp/.sphinx/ - -[websphinx] -pinentry=/usr/bin/pinentry -log= +ssl_cert = /etc/sphinx/server.crt +ssl_key = /etc/sphinx/server.key diff --git a/tomb b/tomb index 62401f1..2546e51 100755 --- a/tomb +++ b/tomb @@ -507,14 +507,14 @@ sphinx_set_password() { # check first if this host/user combination exists in store # if yes, there is no need to make a call to create password=$(echo "$1" | sphinx get $(option_value --sphx-user) $(option_value --sphx-host) 2>$errorfile) - if ! grep -q "ValueError: fail" $errorfile ; then + if ! grep -q "error: sphinx protocol failure" $errorfile ; then echo "$password" rm $errorfile return 0 fi # no such host/user combination in store, create one password=$(echo "$1" | sphinx create $(option_value --sphx-user) $(option_value --sphx-host) ulsd 0 2>$errorfile) - if ! grep -q "ValueError: fail" $errorfile ; then + if ! grep -q "error: sphinx protocol failure" $errorfile ; then echo "$password" rm $errorfile return 0