tblack baloon - coffin - secure lan file storage on a device
(HTM) git clone git://parazyd.org/coffin.git
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) Submodules
(DIR) README
(DIR) LICENSE
---
(DIR) commit 657b0aa0f70688b5fc29c5f3139a2c3635c74326
(DIR) parent 80b539b360ebc00c063e06cba6324aa28740d0e3
(HTM) Author: parazyd <parazyd@dyne.org>
Date: Wed, 30 Mar 2016 02:49:46 +0200
black baloon
Diffstat:
M .gitignore | 10 ++++------
M Makefile | 11 ++++++++---
M conf/config.sh | 91 +++++++++++++++++--------------
M conf/init.skel | 8 ++++----
A src/Makefile | 19 +++++++++++++++++++
D src/Tomb/.gitignore | 11 -----------
D src/Tomb/Makefile | 20 --------------------
R src/Tomb/benchmark.c -> src/benchm… | 0
M src/coffin | 2 +-
R src/Tomb/gen_salt.c -> src/gen_sal… | 0
R src/Tomb/hexencode.c -> src/hexenc… | 0
R src/Tomb/pbkdf2.c -> src/pbkdf2.c | 0
R src/Tomb/tomb -> src/tomb | 0
13 files changed, 85 insertions(+), 87 deletions(-)
---
(DIR) diff --git a/.gitignore b/.gitignore
t@@ -1,9 +1,7 @@
NOTES.md
.*.swp
test/*
-conf/coffin.key
-conf/coffin.pem
-src/Tomb/kdf-keys/tomb-kdb-hexencode
-src/Tomb/kdf-keys/tomb-kdb-pbkdf2
-src/Tomb/kdf-keys/tomb-kdb-pbkdf2-gensalt
-src/Tomb/kdf-keys/tomb-kdb-pbkdf2-getiter
+src/tomb-kdb-hexencode
+src/tomb-kdb-pbkdf2
+src/tomb-kdb-pbkdf2-gensalt
+src/tomb-kdb-pbkdf2-getiter
(DIR) diff --git a/Makefile b/Makefile
t@@ -1,13 +1,18 @@
all:
- make -C src/Tomb
+ make -C src
+ @./conf/config.sh gen-ssl
+ @./conf/config.sh gen-init
@./conf/config.sh checkdep
install:
- make -C src/Tomb install
+ make -C src install
@./conf/config.sh snowman
clean:
- make -C src/Tomb clean
+ make -C src clean
+ rm -f conf/initscript-*.init
+ rm -f conf/coffin.pem
+ rm -f conf/coffin.key
uninstall:
@./conf/config.sh unsnowman
(DIR) diff --git a/conf/config.sh b/conf/config.sh
t@@ -7,7 +7,7 @@
# `make`
[[ $1 == "checkdep" ]] && {
missing=()
- which apache2 >/dev/null || missing+=(apache)
+ #which apache2 >/dev/null || missing+=(apache)
which cryptsetup >/dev/null || missing+=(cryptsetup)
which inotifywatch >/dev/null || missing+=(inotify-tools)
which wipe >/dev/null || missing+=(wipe)
t@@ -31,12 +31,12 @@
}
# `make install`
-#[[ $1 == "snowman" || $1 == "unsnowman" ]] && {
-# [[ $UID = 0 ]] || {
-# print "You must run this as root!"
-# return 1
-# }
-#}
+[[ $1 == "snowman" || $1 == "unsnowman" ]] && {
+ [[ $UID = 0 ]] || {
+ print "You must run this as root!"
+ return 1
+ }
+}
edit-sudo() {
if [[ $1 == "add" ]]; then
t@@ -45,11 +45,14 @@ edit-sudo() {
elif [[ $1 == "remove" ]]; then
tmp=`sed '/^%coffin / d' /etc/sudoers`
print $tmp | (EDITOR="tee" visudo)
- [[ $? = 0 ]] && print "Removed coffin group from sudoers"
+ [[ $? = 0 ]] && print "####################\nRemoved coffin group from sudoers"
fi
}
-generate-init() {
+[[ $1 == "gen-init" ]] && {
+ # TODO: ckdistro; different ones
+ print whereami
+ pushd `pwd`/conf
cat <<EOF | tee tempinit
#!/bin/bash
t@@ -64,15 +67,37 @@ NAME=coffin
DESC="coffin daemon"
COFFINDIR=/usr/local/share/coffin
DAEMON=\$COFFINDIR/bin/\$NAME
-COFFINPID=\$COFFINPIDDIR/coffin.pid
EOF
- cat tempinit init.skel > initscript-$distro
+ cat tempinit init.skel > initscript-$distro.init
rm tempinit
}
+apachemods() {
+ if [[ $1 == "on" ]]; then
+ mods=(ssl dav dav_fs dav_lock)
+ for i in $mods; do
+ a2enmod $i
+ done
+ elif [[ $1 == "off" ]]; then
+ mods=(dav_lock dav_fs dav ssl)
+ for i in $mods; do
+ a2dismod $i
+ done
+ fi
+ return 0
+}
+
+[[ $1 == "gen-ssl" ]] && {
+ pushd `pwd`/conf
+ openssl req -x509 -nodes -days 3650 -newkey rsa:4096 \
+ -keyout coffin.key -out coffin.pem
+ return 0
+}
+
update-init() {
# TODO: rearrange this into another function and add other distros
- update-rc.d
+ # update-rc.d
+ #
}
ckdistro() {
t@@ -82,21 +107,12 @@ ckdistro() {
# because all cool software has snowmen in them
[[ $1 == "snowman" ]] && {
- # NOTE: remember to set this; see update-init()
- # ckdistro
- distro=deb
pushd `pwd`/conf
- groupadd coffin && print "created coffin group"
- gpasswd -a www-data coffin && print "added www-data to coffin group"
+ ckdistro
- # ssl
- openssl req -x509 -nodes -days 3650 -newkey rsa:4096 \
- -keyout coffin.key -out coffin.pem
- [[ $? = 0 ]] || {
- print "Failed generating openssl certificate."
- return 1
- }
+ [[ `grep 'coffin' /etc/group` ]] || groupadd coffin
+ gpasswd -a www-data coffin
install -Dm440 coffin.pem /etc/ssl/coffin/coffin.pem
install -Dm400 coffin.key /etc/ssl/coffin/coffin.key
t@@ -108,13 +124,9 @@ ckdistro() {
print "DAVLockDB /etc/apache2/DAV/DAVLock" >> /etc/apache2/apache2.conf
}
install -Dm600 davpasswd /etc/apache2/DAV/davpasswd
- install -Dm640 coffindav.conf /etc/apache2/sites-available/coffindav.conf
+ install -Dm640 apachedav /etc/apache2/sites-available/coffindav.conf
- apachemods=(dav dav_fs dav_lock ssl)
- print "Enabling Apache modules..."
- for i in $apachemods; do
- a2enmod $i
- done
+ apachemods on
# [[ -f /etc/apache2/sites-enabled/000-default.conf ]] && a2dissite 000-default.conf
[[ -f /etc/apache2/sites-enabled/coffindav.conf ]] || a2ensite coffindav.conf
t@@ -126,10 +138,9 @@ ckdistro() {
install -Dm770 -g coffin -d /home/graveyard
- generate-init
- update-init
- install -Dm755 initscript-$distro /etc/init.d/coffin
+ install -Dm755 initscript-$distro.init /etc/init.d/coffin
+ print "######################################"
print "Successfully installed and configured coffin!"
print "You can start it with '/etc/init.d/coffin start'"
t@@ -139,10 +150,9 @@ ckdistro() {
print "The fingerptint of your SSL certificate is: $fprint"
print "Compare it and/or set is as trusted when you connect to coffin."
print "######################################"
- print ""
popd
- #return 0
+ return 0
}
# `make uninstall`
t@@ -156,15 +166,11 @@ ckdistro() {
revert=true
[[ $revert == "true" ]] && {
a2dissite coffindav.conf
- a2ensite 000-default.conf
- rm -rv /home/graveyard/DAV
+ #a2ensite 000-default.conf
+ rm -rv /etc/apache2/DAV
rm -v /etc/apache2/sites-available/coffindav.conf
- apachemods=(dav dav_fs dav_lock ssl)
- print "Enabling Apache modules..."
- for i in $apachemods; do
- a2enmod $i
- done
+ apachemods off
sed -i '/^DAVLockDB / d' /etc/apache2/apache2.conf
[[ $? = 0 ]] && print "removed entry from apache2.conf"
t@@ -175,6 +181,7 @@ ckdistro() {
edit-sudo remove
rm -rv /usr/local/share/coffin
+ rm -v /etc/init.d/coffin
update-init
}
(DIR) diff --git a/conf/init.skel b/conf/init.skel
t@@ -2,13 +2,13 @@ text -x $DAEMON || exit 0
case "$1" in
start)
- log_action_begin_msg "Starting $DESC"
- nohup $DAEMON &
+ echo "Starting $DESC..."
+ nohup $DAEMON > /var/run/coffin.out &
;;
stop)
- log_daemon_msg "Stopping $DESC"
+ echo "Stopping $DESC..."
pid=`cat $COFFINPID 2>/dev/null`
- kill $pid && rm $COFFINPID
+ kill $pid && rm /var/run/coffin.pid && rm /var/run/coffin.out
;;
restart)
$0 stop
(DIR) diff --git a/src/Makefile b/src/Makefile
t@@ -0,0 +1,19 @@
+PREFIX = /usr/local/share/coffin/bin
+
+all:
+ $(CC) -Os -o tomb-kdb-pbkdf2 pbkdf2.c -lgcrypt
+ $(CC) -Os -o tomb-kdb-pbkdf2-getiter benchmark.c -lgcrypt
+ $(CC) -Os -o tomb-kdb-pbkdf2-gensalt gen_salt.c -lgcrypt
+ $(CC) -Os -o tomb-kdb-hexencode hexencode.c
+
+clean:
+ rm -f tomb-kdb-pbkdf2 tomb-kdb-pbkdf2-getiter tomb-kdb-pbkdf2-gensalt tomb-kdb-hexencode
+
+install:
+ install -Dm755 coffin ${PREFIX}/coffin
+ install -Dm755 sacrist ${PREFIX}/sacrist
+ install -Dm755 tomb ${PREFIX}/tomb
+ install -Dm755 tomb-kdb-pbkdf2 ${PREFIX}/tomb-kdb-pbkdf2
+ install -Dm755 tomb-kdb-pbkdf2-getiter ${PREFIX}/tomb-kdb-pbkdf2-getiter
+ install -Dm755 tomb-kdb-pbkdf2-gensalt ${PREFIX}/tomb-kdb-pbkdf2-gensalt
+ install -Dm755 tomb-kdb-hexencode ${PREFIX}/tomb-kdb-hexencode
(DIR) diff --git a/src/Tomb/.gitignore b/src/Tomb/.gitignore
t@@ -1,11 +0,0 @@
-\#*
-.\#*
-*~
-*.o
-tomb-askpass
-tomb-status
-doc/web/public
-doc/web/dyne
-share/gtkrc
-.*.sw?
-*.mo
(DIR) diff --git a/src/Tomb/Makefile b/src/Tomb/Makefile
t@@ -1,20 +0,0 @@
-PREFIX = /usr/local/share/coffin/bin
-
-all:
- $(CC) -Os -o tomb-kdb-pbkdf2 pbkdf2.c -lgcrypt
- $(CC) -O2 -o tomb-kdb-pbkdf2-getiter benchmark.c -lgcrypt
- $(CC) -O2 -o tomb-kdb-pbkdf2-gensalt gen_salt.c -lgcrypt
- $(CC) -O2 -o tomb-kdb-hexencode hexencode.c
-
-clean:
- rm -f tomb-kdb-pbkdf2 tomb-kdb-pbkdf2-getiter tomb-kdb-pbkdf2-gensalt tomb-kdb-hexencode
-
-install:
- install -Dm755 tomb ${PREFIX}/tomb
- install -Dm755 tomb-kdb-pbkdf2 ${PREFIX}/tomb-kdb-pbkdf2
- install -Dm755 tomb-kdb-pbkdf2-getiter ${PREFIX}/tomb-kdb-pbkdf2-getiter
- install -Dm755 tomb-kdb-pbkdf2-gensalt ${PREFIX}/tomb-kdb-pbkdf2-gensalt
- install -Dm755 tomb-kdb-hexencode ${PREFIX}/tomb-kdb-hexencode
- @echo
- @echo "Tomb is installed succesfully."
- @echo
(DIR) diff --git a/src/Tomb/benchmark.c b/src/benchmark.c
(DIR) diff --git a/src/coffin b/src/coffin
t@@ -7,7 +7,7 @@
pattern='sd[a-z][1-9]$'
coproc inotifywait --monitor --event create,delete --format '%e %w%f' /dev
-echo $$ > `pwd`/coffin.pid # pidfile
+echo $COPROC_PID > /var/run/coffin.pid # pidfile
while read -r -u "${COPROC[0]}" event file; do
if [[ $file =~ $pattern ]]; then
(DIR) diff --git a/src/Tomb/gen_salt.c b/src/gen_salt.c
(DIR) diff --git a/src/Tomb/hexencode.c b/src/hexencode.c
(DIR) diff --git a/src/Tomb/pbkdf2.c b/src/pbkdf2.c
(DIR) diff --git a/src/Tomb/tomb b/src/tomb