mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-11-25 14:17:41 +00:00
remove unused and old libsphinx support
steff seems to be moving towards new implementations and this was never reported as used by anyone
This commit is contained in:
parent
32eab3beec
commit
afe0390d93
@ -1,15 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
set -ex
|
|
||||||
git clone https://github.com/stef/libsphinx
|
|
||||||
cd libsphinx
|
|
||||||
git submodule update --init --recursive --remote
|
|
||||||
cd src
|
|
||||||
sed -i 's|/usr/local|/usr|' makefile
|
|
||||||
make && make install && ldconfig
|
|
||||||
cd ../..
|
|
||||||
git clone https://github.com/stef/pwdsphinx
|
|
||||||
cd pwdsphinx
|
|
||||||
python3 setup.py install
|
|
||||||
mkdir -p /etc/sphinx && cp ../test/sphinx.cfg /etc/sphinx/config && cd /etc/sphinx
|
|
||||||
openssl req -new -x509 -nodes -out server.crt -keyout server.key -subj '/CN=localhost'
|
|
||||||
sphinx init
|
|
102
tomb
102
tomb
@ -61,7 +61,6 @@ typeset -i KDF=1
|
|||||||
typeset -i STEGHIDE=1
|
typeset -i STEGHIDE=1
|
||||||
typeset -i CLOAKIFY=1
|
typeset -i CLOAKIFY=1
|
||||||
typeset -i DECLOAKIFY=1
|
typeset -i DECLOAKIFY=1
|
||||||
typeset -i SPHINX=1
|
|
||||||
typeset -i RESIZER=1
|
typeset -i RESIZER=1
|
||||||
typeset -i RECOLL=1
|
typeset -i RECOLL=1
|
||||||
typeset -i QRENCODE=1
|
typeset -i QRENCODE=1
|
||||||
@ -569,12 +568,6 @@ ask_password() {
|
|||||||
return 1
|
return 1
|
||||||
}
|
}
|
||||||
|
|
||||||
# if sphinx mode is chosen, use the provided input
|
|
||||||
# as master password to retrieve the actual password
|
|
||||||
if option_is_set --sphx-user || option_is_set --sphx-host; then
|
|
||||||
password=$(sphinx_get_password "$password")
|
|
||||||
fi
|
|
||||||
|
|
||||||
[[ -z $password ]] && {
|
[[ -z $password ]] && {
|
||||||
_warning "Empty password"
|
_warning "Empty password"
|
||||||
print "empty"
|
print "empty"
|
||||||
@ -585,65 +578,6 @@ ask_password() {
|
|||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
# Retrieve PASSWORD from sphinx
|
|
||||||
# $1 MASTER password for the password store
|
|
||||||
# requires --sphx-host and --sphx-user flags to be set
|
|
||||||
sphinx_get_password() {
|
|
||||||
local errorfile
|
|
||||||
local password
|
|
||||||
if option_is_set --sphx-user && option_is_set --sphx-host; then
|
|
||||||
# value error in sphinx doesn't set exit code
|
|
||||||
# using tempfile as a workaround to notice the error
|
|
||||||
errorfile=$(mktemp /tmp/tomb_error.XXXXXXXXX)
|
|
||||||
password=$(echo "$1" | sphinx get $(option_value --sphx-user) $(option_value --sphx-host) 2>$errorfile)
|
|
||||||
if ! grep -q "ValueError: fail" $errorfile ; then
|
|
||||||
echo "$password"
|
|
||||||
rm $errorfile
|
|
||||||
return 0
|
|
||||||
else
|
|
||||||
_warning "sphinx returns error: ::1 error::" $(cat $errorfile)
|
|
||||||
rm $errorfile
|
|
||||||
_failure "Failed to retrieve actual password with sphinx."
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
_failure "Both host and user have to be set to use sphinx"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# Create PASSWORD in sphinx
|
|
||||||
# $1 MASTER password for the password store
|
|
||||||
# requires --sphx-host and --sphx-user flags to be set
|
|
||||||
sphinx_set_password() {
|
|
||||||
local errorfile
|
|
||||||
local password
|
|
||||||
if option_is_set --sphx-user && option_is_set --sphx-host; then
|
|
||||||
# value error in sphinx doesn't set exit code
|
|
||||||
# using tempfile as a workaround to notice the error
|
|
||||||
errorfile=$(mktemp /tmp/tomb_error.XXXXXXXXX)
|
|
||||||
# check first if this host/user combination exists in store
|
|
||||||
# if yes, there is no need to make a call to create
|
|
||||||
password=$(echo "$1" | sphinx get $(option_value --sphx-user) $(option_value --sphx-host) 2>$errorfile)
|
|
||||||
if ! grep -q "error: sphinx protocol failure" $errorfile ; then
|
|
||||||
echo "$password"
|
|
||||||
rm $errorfile
|
|
||||||
return 0
|
|
||||||
fi
|
|
||||||
# no such host/user combination in store, create one
|
|
||||||
password=$(echo "$1" | sphinx create $(option_value --sphx-user) $(option_value --sphx-host) ulsd 0 2>$errorfile)
|
|
||||||
if ! grep -q "error: sphinx protocol failure" $errorfile ; then
|
|
||||||
echo "$password"
|
|
||||||
rm $errorfile
|
|
||||||
return 0
|
|
||||||
else
|
|
||||||
_warning "sphinx returns error: ::1 error::" $(cat $errorfile)
|
|
||||||
rm $errorfile
|
|
||||||
_failure "Failed to create password with sphinx"
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
_failure "Both host and user have to be set to use sphinx"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# Check if a filename is a valid tomb
|
# Check if a filename is a valid tomb
|
||||||
is_valid_tomb() {
|
is_valid_tomb() {
|
||||||
|
|
||||||
@ -818,11 +752,6 @@ usage() {
|
|||||||
_print " -R provide GnuPG hidden recipients (separated by comma)"
|
_print " -R provide GnuPG hidden recipients (separated by comma)"
|
||||||
_print " --sudo super user exec alternative to sudo (doas or none)"
|
_print " --sudo super user exec alternative to sudo (doas or none)"
|
||||||
|
|
||||||
[[ $SPHINX == 1 ]] && {
|
|
||||||
_print " --sphx-user user associated with the key (for use with pitchforkedsphinx)"
|
|
||||||
_print " --sphx-host host associated with the key (for use with pitchforkedsphinx)"
|
|
||||||
}
|
|
||||||
|
|
||||||
[[ $KDF == 1 ]] && {
|
[[ $KDF == 1 ]] && {
|
||||||
_print " --kdf forge keys armored against dictionary attacks"
|
_print " --kdf forge keys armored against dictionary attacks"
|
||||||
}
|
}
|
||||||
@ -1025,8 +954,6 @@ _ensure_dependencies() {
|
|||||||
command -v cloakify 1>/dev/null 2>/dev/null || CLOAKIFY=0
|
command -v cloakify 1>/dev/null 2>/dev/null || CLOAKIFY=0
|
||||||
# Check for decloakify
|
# Check for decloakify
|
||||||
command -v decloakify 1>/dev/null 2>/dev/null || DECLOAKIFY=0
|
command -v decloakify 1>/dev/null 2>/dev/null || DECLOAKIFY=0
|
||||||
# Check for pitchforkedsphinx client
|
|
||||||
command -v sphinx 1>/dev/null 2>/dev/null || SPHINX=0
|
|
||||||
# Check for resize
|
# Check for resize
|
||||||
command -v resize2fs 1>/dev/null 2>/dev/null || RESIZER=0
|
command -v resize2fs 1>/dev/null 2>/dev/null || RESIZER=0
|
||||||
# Check for KDF auxiliary tools
|
# Check for KDF auxiliary tools
|
||||||
@ -1385,12 +1312,6 @@ ask_key_password() {
|
|||||||
tombpass="$1"
|
tombpass="$1"
|
||||||
_verbose "ask_key_password with tombpass: ::1 tomb pass::" $tombpass
|
_verbose "ask_key_password with tombpass: ::1 tomb pass::" $tombpass
|
||||||
|
|
||||||
# if sphinx mode is chosen, use the provided input
|
|
||||||
# as master password to retrieve the actual password
|
|
||||||
if option_is_set --sphx-user || option_is_set --sphx-host; then
|
|
||||||
tombpass=$(sphinx_get_password "$tombpass")
|
|
||||||
fi
|
|
||||||
|
|
||||||
get_lukskey "$tombpass"
|
get_lukskey "$tombpass"
|
||||||
|
|
||||||
[[ $? = 0 ]] && {
|
[[ $? = 0 ]] && {
|
||||||
@ -1488,16 +1409,6 @@ gen_key() {
|
|||||||
tombpass=""
|
tombpass=""
|
||||||
tombpasstmp=""
|
tombpasstmp=""
|
||||||
|
|
||||||
# remove sphinx opts not to mess with initial password prompt
|
|
||||||
option_is_set --sphx-user && {
|
|
||||||
sphx_user_tmp="$(option_value --sphx-user)"
|
|
||||||
unset "OPTS[--sphx-user]"
|
|
||||||
}
|
|
||||||
option_is_set --sphx-host && {
|
|
||||||
sphx_host_tmp="$(option_value --sphx-host)"
|
|
||||||
unset "OPTS[--sphx-host]"
|
|
||||||
}
|
|
||||||
|
|
||||||
if option_is_set -g; then
|
if option_is_set -g; then
|
||||||
gpgopt=(--encrypt)
|
gpgopt=(--encrypt)
|
||||||
|
|
||||||
@ -1558,19 +1469,6 @@ gen_key() {
|
|||||||
_verbose "gen_key takes tombpass from CLI argument: ::1 tomb pass::" $tombpass
|
_verbose "gen_key takes tombpass from CLI argument: ::1 tomb pass::" $tombpass
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# if sphinx mode is chosen, use the provided input
|
|
||||||
# as master password to generate the actual password
|
|
||||||
if [[ ! -z $sphx_host_tmp ]] || [[ ! -z $sphx_user_tmp ]]; then
|
|
||||||
OPTS[--sphx-user]=$sphx_user_tmp
|
|
||||||
OPTS[--sphx-host]=$sphx_host_tmp
|
|
||||||
unset sphx_user_tmp
|
|
||||||
unset sphx_host_tmp
|
|
||||||
tombpass=$(sphinx_set_password "$tombpass")
|
|
||||||
if [[ $? != 0 ]]; then
|
|
||||||
_failure "User aborted."
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
header=""
|
header=""
|
||||||
[[ $KDF == 1 ]] && {
|
[[ $KDF == 1 ]] && {
|
||||||
{ option_is_set --kdf } && {
|
{ option_is_set --kdf } && {
|
||||||
|
Loading…
Reference in New Issue
Block a user