tblack baloon - coffin - secure lan file storage on a device (HTM) git clone git://parazyd.org/coffin.git (DIR) Log (DIR) Files (DIR) Refs (DIR) Submodules (DIR) README (DIR) LICENSE --- (DIR) commit 657b0aa0f70688b5fc29c5f3139a2c3635c74326 (DIR) parent 80b539b360ebc00c063e06cba6324aa28740d0e3 (HTM) Author: parazyd <parazyd@dyne.org> Date: Wed, 30 Mar 2016 02:49:46 +0200 black baloon Diffstat: M .gitignore | 10 ++++------ M Makefile | 11 ++++++++--- M conf/config.sh | 91 +++++++++++++++++-------------- M conf/init.skel | 8 ++++---- A src/Makefile | 19 +++++++++++++++++++ D src/Tomb/.gitignore | 11 ----------- D src/Tomb/Makefile | 20 -------------------- R src/Tomb/benchmark.c -> src/benchm… | 0 M src/coffin | 2 +- R src/Tomb/gen_salt.c -> src/gen_sal… | 0 R src/Tomb/hexencode.c -> src/hexenc… | 0 R src/Tomb/pbkdf2.c -> src/pbkdf2.c | 0 R src/Tomb/tomb -> src/tomb | 0 13 files changed, 85 insertions(+), 87 deletions(-) --- (DIR) diff --git a/.gitignore b/.gitignore t@@ -1,9 +1,7 @@ NOTES.md .*.swp test/* -conf/coffin.key -conf/coffin.pem -src/Tomb/kdf-keys/tomb-kdb-hexencode -src/Tomb/kdf-keys/tomb-kdb-pbkdf2 -src/Tomb/kdf-keys/tomb-kdb-pbkdf2-gensalt -src/Tomb/kdf-keys/tomb-kdb-pbkdf2-getiter +src/tomb-kdb-hexencode +src/tomb-kdb-pbkdf2 +src/tomb-kdb-pbkdf2-gensalt +src/tomb-kdb-pbkdf2-getiter (DIR) diff --git a/Makefile b/Makefile t@@ -1,13 +1,18 @@ all: - make -C src/Tomb + make -C src + @./conf/config.sh gen-ssl + @./conf/config.sh gen-init @./conf/config.sh checkdep install: - make -C src/Tomb install + make -C src install @./conf/config.sh snowman clean: - make -C src/Tomb clean + make -C src clean + rm -f conf/initscript-*.init + rm -f conf/coffin.pem + rm -f conf/coffin.key uninstall: @./conf/config.sh unsnowman (DIR) diff --git a/conf/config.sh b/conf/config.sh t@@ -7,7 +7,7 @@ # `make` [[ $1 == "checkdep" ]] && { missing=() - which apache2 >/dev/null || missing+=(apache) + #which apache2 >/dev/null || missing+=(apache) which cryptsetup >/dev/null || missing+=(cryptsetup) which inotifywatch >/dev/null || missing+=(inotify-tools) which wipe >/dev/null || missing+=(wipe) t@@ -31,12 +31,12 @@ } # `make install` -#[[ $1 == "snowman" || $1 == "unsnowman" ]] && { -# [[ $UID = 0 ]] || { -# print "You must run this as root!" -# return 1 -# } -#} +[[ $1 == "snowman" || $1 == "unsnowman" ]] && { + [[ $UID = 0 ]] || { + print "You must run this as root!" + return 1 + } +} edit-sudo() { if [[ $1 == "add" ]]; then t@@ -45,11 +45,14 @@ edit-sudo() { elif [[ $1 == "remove" ]]; then tmp=`sed '/^%coffin / d' /etc/sudoers` print $tmp | (EDITOR="tee" visudo) - [[ $? = 0 ]] && print "Removed coffin group from sudoers" + [[ $? = 0 ]] && print "####################\nRemoved coffin group from sudoers" fi } -generate-init() { +[[ $1 == "gen-init" ]] && { + # TODO: ckdistro; different ones + print whereami + pushd `pwd`/conf cat <<EOF | tee tempinit #!/bin/bash t@@ -64,15 +67,37 @@ NAME=coffin DESC="coffin daemon" COFFINDIR=/usr/local/share/coffin DAEMON=\$COFFINDIR/bin/\$NAME -COFFINPID=\$COFFINPIDDIR/coffin.pid EOF - cat tempinit init.skel > initscript-$distro + cat tempinit init.skel > initscript-$distro.init rm tempinit } +apachemods() { + if [[ $1 == "on" ]]; then + mods=(ssl dav dav_fs dav_lock) + for i in $mods; do + a2enmod $i + done + elif [[ $1 == "off" ]]; then + mods=(dav_lock dav_fs dav ssl) + for i in $mods; do + a2dismod $i + done + fi + return 0 +} + +[[ $1 == "gen-ssl" ]] && { + pushd `pwd`/conf + openssl req -x509 -nodes -days 3650 -newkey rsa:4096 \ + -keyout coffin.key -out coffin.pem + return 0 +} + update-init() { # TODO: rearrange this into another function and add other distros - update-rc.d + # update-rc.d + # } ckdistro() { t@@ -82,21 +107,12 @@ ckdistro() { # because all cool software has snowmen in them [[ $1 == "snowman" ]] && { - # NOTE: remember to set this; see update-init() - # ckdistro - distro=deb pushd `pwd`/conf - groupadd coffin && print "created coffin group" - gpasswd -a www-data coffin && print "added www-data to coffin group" + ckdistro - # ssl - openssl req -x509 -nodes -days 3650 -newkey rsa:4096 \ - -keyout coffin.key -out coffin.pem - [[ $? = 0 ]] || { - print "Failed generating openssl certificate." - return 1 - } + [[ `grep 'coffin' /etc/group` ]] || groupadd coffin + gpasswd -a www-data coffin install -Dm440 coffin.pem /etc/ssl/coffin/coffin.pem install -Dm400 coffin.key /etc/ssl/coffin/coffin.key t@@ -108,13 +124,9 @@ ckdistro() { print "DAVLockDB /etc/apache2/DAV/DAVLock" >> /etc/apache2/apache2.conf } install -Dm600 davpasswd /etc/apache2/DAV/davpasswd - install -Dm640 coffindav.conf /etc/apache2/sites-available/coffindav.conf + install -Dm640 apachedav /etc/apache2/sites-available/coffindav.conf - apachemods=(dav dav_fs dav_lock ssl) - print "Enabling Apache modules..." - for i in $apachemods; do - a2enmod $i - done + apachemods on # [[ -f /etc/apache2/sites-enabled/000-default.conf ]] && a2dissite 000-default.conf [[ -f /etc/apache2/sites-enabled/coffindav.conf ]] || a2ensite coffindav.conf t@@ -126,10 +138,9 @@ ckdistro() { install -Dm770 -g coffin -d /home/graveyard - generate-init - update-init - install -Dm755 initscript-$distro /etc/init.d/coffin + install -Dm755 initscript-$distro.init /etc/init.d/coffin + print "######################################" print "Successfully installed and configured coffin!" print "You can start it with '/etc/init.d/coffin start'" t@@ -139,10 +150,9 @@ ckdistro() { print "The fingerptint of your SSL certificate is: $fprint" print "Compare it and/or set is as trusted when you connect to coffin." print "######################################" - print "" popd - #return 0 + return 0 } # `make uninstall` t@@ -156,15 +166,11 @@ ckdistro() { revert=true [[ $revert == "true" ]] && { a2dissite coffindav.conf - a2ensite 000-default.conf - rm -rv /home/graveyard/DAV + #a2ensite 000-default.conf + rm -rv /etc/apache2/DAV rm -v /etc/apache2/sites-available/coffindav.conf - apachemods=(dav dav_fs dav_lock ssl) - print "Enabling Apache modules..." - for i in $apachemods; do - a2enmod $i - done + apachemods off sed -i '/^DAVLockDB / d' /etc/apache2/apache2.conf [[ $? = 0 ]] && print "removed entry from apache2.conf" t@@ -175,6 +181,7 @@ ckdistro() { edit-sudo remove rm -rv /usr/local/share/coffin + rm -v /etc/init.d/coffin update-init } (DIR) diff --git a/conf/init.skel b/conf/init.skel t@@ -2,13 +2,13 @@ text -x $DAEMON || exit 0 case "$1" in start) - log_action_begin_msg "Starting $DESC" - nohup $DAEMON & + echo "Starting $DESC..." + nohup $DAEMON > /var/run/coffin.out & ;; stop) - log_daemon_msg "Stopping $DESC" + echo "Stopping $DESC..." pid=`cat $COFFINPID 2>/dev/null` - kill $pid && rm $COFFINPID + kill $pid && rm /var/run/coffin.pid && rm /var/run/coffin.out ;; restart) $0 stop (DIR) diff --git a/src/Makefile b/src/Makefile t@@ -0,0 +1,19 @@ +PREFIX = /usr/local/share/coffin/bin + +all: + $(CC) -Os -o tomb-kdb-pbkdf2 pbkdf2.c -lgcrypt + $(CC) -Os -o tomb-kdb-pbkdf2-getiter benchmark.c -lgcrypt + $(CC) -Os -o tomb-kdb-pbkdf2-gensalt gen_salt.c -lgcrypt + $(CC) -Os -o tomb-kdb-hexencode hexencode.c + +clean: + rm -f tomb-kdb-pbkdf2 tomb-kdb-pbkdf2-getiter tomb-kdb-pbkdf2-gensalt tomb-kdb-hexencode + +install: + install -Dm755 coffin ${PREFIX}/coffin + install -Dm755 sacrist ${PREFIX}/sacrist + install -Dm755 tomb ${PREFIX}/tomb + install -Dm755 tomb-kdb-pbkdf2 ${PREFIX}/tomb-kdb-pbkdf2 + install -Dm755 tomb-kdb-pbkdf2-getiter ${PREFIX}/tomb-kdb-pbkdf2-getiter + install -Dm755 tomb-kdb-pbkdf2-gensalt ${PREFIX}/tomb-kdb-pbkdf2-gensalt + install -Dm755 tomb-kdb-hexencode ${PREFIX}/tomb-kdb-hexencode (DIR) diff --git a/src/Tomb/.gitignore b/src/Tomb/.gitignore t@@ -1,11 +0,0 @@ -\#* -.\#* -*~ -*.o -tomb-askpass -tomb-status -doc/web/public -doc/web/dyne -share/gtkrc -.*.sw? -*.mo (DIR) diff --git a/src/Tomb/Makefile b/src/Tomb/Makefile t@@ -1,20 +0,0 @@ -PREFIX = /usr/local/share/coffin/bin - -all: - $(CC) -Os -o tomb-kdb-pbkdf2 pbkdf2.c -lgcrypt - $(CC) -O2 -o tomb-kdb-pbkdf2-getiter benchmark.c -lgcrypt - $(CC) -O2 -o tomb-kdb-pbkdf2-gensalt gen_salt.c -lgcrypt - $(CC) -O2 -o tomb-kdb-hexencode hexencode.c - -clean: - rm -f tomb-kdb-pbkdf2 tomb-kdb-pbkdf2-getiter tomb-kdb-pbkdf2-gensalt tomb-kdb-hexencode - -install: - install -Dm755 tomb ${PREFIX}/tomb - install -Dm755 tomb-kdb-pbkdf2 ${PREFIX}/tomb-kdb-pbkdf2 - install -Dm755 tomb-kdb-pbkdf2-getiter ${PREFIX}/tomb-kdb-pbkdf2-getiter - install -Dm755 tomb-kdb-pbkdf2-gensalt ${PREFIX}/tomb-kdb-pbkdf2-gensalt - install -Dm755 tomb-kdb-hexencode ${PREFIX}/tomb-kdb-hexencode - @echo - @echo "Tomb is installed succesfully." - @echo (DIR) diff --git a/src/Tomb/benchmark.c b/src/benchmark.c (DIR) diff --git a/src/coffin b/src/coffin t@@ -7,7 +7,7 @@ pattern='sd[a-z][1-9]$' coproc inotifywait --monitor --event create,delete --format '%e %w%f' /dev -echo $$ > `pwd`/coffin.pid # pidfile +echo $COPROC_PID > /var/run/coffin.pid # pidfile while read -r -u "${COPROC[0]}" event file; do if [[ $file =~ $pattern ]]; then (DIR) diff --git a/src/Tomb/gen_salt.c b/src/gen_salt.c (DIR) diff --git a/src/Tomb/hexencode.c b/src/hexencode.c (DIR) diff --git a/src/Tomb/pbkdf2.c b/src/pbkdf2.c (DIR) diff --git a/src/Tomb/tomb b/src/tomb