create new translation branch for v0.4

2008-04-07 23:08:43 +00:00 · 2008-04-07 23:08:43 +00:00 · 0a1d2a2e00
commit 0a1d2a2e00
parent 9b4e353af7
795 changed files with 134715 additions and 0 deletions
--- a/translation-base-v0.4/conf-examples/apache2_dav.conf
+++ b/translation-base-v0.4/conf-examples/apache2_dav.conf
@ -0,0 +1,13 @@
+# this file is part of the CryptoBox
+# put it into /etc/apache2/conf.d/
+# you MUST create the directory given below - otherwise apache will not like it :(
+# do not forget to chown the directory to the cryptobox user
+
+<IfModule mod_dav_fs.c>
+	# include the dynamically managed configuration directory - IT MUST EXIST
+	Include /var/cache/cryptobox-server/settings/misc/apache2_dav.conf.d/
+	# lock database - should be writeable for www-data
+	DavLockDB /tmp/dav_lock.db
+	# a longer value than the default (120) help for high-latency networks
+	DavMinTimeout 600
+</IfModule>
--- a/translation-base-v0.4/conf-examples/apache_proxypass.conf
+++ b/translation-base-v0.4/conf-examples/apache_proxypass.conf
@ -0,0 +1,25 @@
+# CryptoBox configuration file
+#
+# the following directives allow you to use the cryptobox web interface behind apache2
+#
+# you need to enable the following modules:
+#	- proxy
+#	- headers
+# (for debian: run "a2enmod MOD_NAME")
+#
+
+ProxyRequests Off
+
+# you may restrict access if necessary
+<Proxy *>
+	Order Deny,Allow
+	Allow from all
+</Proxy>
+
+<Location /cryptobox/>
+	ProxyPass http://localhost:8080/
+	ProxyPassReverse http://localhost:8080/
+	# this requestheader is necessary to allow proper redirection to https
+	RequestHeader set CryptoBox-Location /cryptobox
+</Location>
+
--- a/translation-base-v0.4/conf-examples/cryptobox.conf
+++ b/translation-base-v0.4/conf-examples/cryptobox.conf
@ -0,0 +1,97 @@
+[Main]
+
+# comma separated list of possible prefixes for accesible devices
+# beware: .e.g "/dev/hd" grants access to _all_ harddisks
+# take care, that the user 'cryptobox' has write access to these devices
+# (floppy disks are not supported)
+AllowedDevices = /dev/loop, /dev/ubdb
+
+# use separate config partition? (1=yes / 0=no)
+UseConfigPartition = 0
+
+# the default name prefix of not unnamed containers
+DefaultVolumePrefix = "Disk_"
+
+# which cipher should cryptsetup-luks use?
+# if you lack the appropriate kernel modules, then you could try "aes-plain" - but it is less secure
+DefaultCipher = aes-cbc-essiv:sha256
+
+# label of the configuration partition (you should never change this)
+ConfigVolumeLabel = cbox_config
+
+# which plugins should be disabled? (comma seperated list)
+#DisabledPlugins = encrypted_webinterface, network, shutdown, partition
+DisabledPlugins = encrypted_webinterface
+
+
+[Locations]
+# where should we mount volumes?
+# this directory must be writeable by the cryptobox user (see above)
+MountParentDir = /var/cache/cryptobox-server/mnt
+
+# settings directory: contains name database and plugin configuration
+SettingsDir = /var/cache/cryptobox-server/settings
+
+# where are the clearsilver templates?
+TemplateDir = /usr/share/cryptobox-server/templates
+
+# path to documentation	files
+DocDir = /usr/share/doc/cryptobox-server/html
+
+# path to the plugin directory
+PluginDir = /usr/share/cryptobox-server/plugins
+
+# path to the event directory (e.g. containing some scripts)
+EventDir = /etc/cryptobox-server/events.d
+
+
+[Log]
+# possible values are "debug", "info", "warn" and "error" or numbers from
+# 0 (debug) to 7 (error)
+Level		= info
+
+# where to write the log messages to?
+# possible values are 'file' and 'syslog'
+Destination	= file
+
+# depending on the choosen destination (see above) you may select
+# details. Possible values for the different destinations are:
+#  file:	$FILENAME
+#  syslog:	KERN | USER | MAIL | DAEMON | AUTH | SYSLOG | LPR | NEWS | UUCP
+#  			| CRON | AUTHPRIV | LOCAL0 .. LOCAL7
+Details	= /var/log/cryptobox-server/cryptobox.log
+
+
+[WebSettings]
+# URL of default stylesheet
+Stylesheet = cryptobox-misc/cryptobox.css
+
+# comma seperated list of available languages for the web interface
+# the first language is the default
+# all other languages serve as fallbacks for an incomplete translation
+# available languages: cs, da, de, en, es, fi, fr, hu, it, ja, nl, pl, pt, ru, sl, sv, ur
+# well supported languages: de, en, ja, sl
+Languages = en, de, ja, sl, it, pl, es
+
+
+[Programs]
+cryptsetup	= /sbin/cryptsetup
+mkfs		= /sbin/mkfs
+blkid		= /sbin/blkid
+blockdev	= /sbin/blockdev
+mount		= /bin/mount
+umount		= /bin/umount
+nice		= /usr/bin/nice
+super		= /usr/bin/super
+# this is the "program" name as defined in /etc/super.tab
+CryptoBoxRootActions = CryptoBoxRootActions
+
+
+[PluginSettings]
+# plugin specific settings
+# the section names _must_ be the same as the names of the plugins
+
+## change the default network interface for the plugin "network"
+#[[network]]
+#interface = eth0
+
--- a/translation-base-v0.4/conf-examples/openssl.cnf
+++ b/translation-base-v0.4/conf-examples/openssl.cnf
@ -0,0 +1,65 @@
+#
+# OpenSSL configuration file.
+#
+
+# Establish working directory.
+
+dir = . 
+
+[ ca ]
+default_ca = CA_default
+
+[ CA_default ]
+default_days = 3650
+default_md = md5
+policy = policy_match
+#serial = $dir/serial
+#database = $dir/index.txt
+#new_certs_dir = $dir/newcert
+#certificate = $dir/cacert.pem
+#private_key = $dir/private/cakey.pem
+#preserve = no
+#email_in_dn = no
+#nameopt = default_ca
+#certopt = default_ca
+
+[ policy_match ]
+countryName = match
+stateOrProvinceName = match
+organizationName = match
+organizationalUnitName = match
+commonName = supplied
+emailAddress = optional
+
+[ req ]
+default_bits = 1024 # Size of keys
+default_keyfile = stunnel.pem # name of generated keys
+default_md = md5 # message digest algorithm
+distinguished_name = req_distinguished_name
+
+[ req_distinguished_name ]
+# Variable name   Prompt string
+#----------------------   ----------------------------------
+0.organizationName = Organization Name (company)
+organizationalUnitName = Organizational Unit Name (department, division)
+emailAddress = Email Address
+emailAddress_max = 40
+localityName = Locality Name (city, district)
+stateOrProvinceName = State or Province Name (full name)
+#countryName = Country Name (2 letter code)
+#countryName_min = 2
+#countryName_max = 2
+#commonName = Common Name (hostname, IP, or your name)
+#commonName_max = 64
+
+# Default values for the above, for consistency and less typing.
+# Variable name   Value
+#------------------------------   ------------------------------
+0.organizationName_default = CryptoBox
+organizationalUnitName_default = Sense.Lab
+localityName_default = Kugelmugel
+stateOrProvinceName_default = Metropolis
+emailAddress_default = info@cryptobox.org
+
+
+
--- a/translation-base-v0.4/conf-examples/start_stunnel.sh
+++ b/translation-base-v0.4/conf-examples/start_stunnel.sh
@ -0,0 +1,42 @@
+#!/bin/sh
+#
+# This script creates a stunnel certificate for https
+# and starts a tunnel from :80 to :443. It's meant as en example so
+# use it with care.
+#
+# An example for the openssl config file can be found in
+# conf-examples/openssl.cnf .
+#
+
+set -eu
+
+test $# -ne 2 && echo "Usage: $(basename $0) OPENSSL_CONF_FILE CERT_FILE" && exit 1
+
+TMP_FILE=/tmp/cryptobox-cert.tmp
+## vcert values are in openssl.conf
+#OPENSSL_CONF_FILE="../conf-examples/openssl.cnf"
+OPENSSL_CONF_FILE="$1"
+## filename for the created cert
+#CERTFILE="cryptobox.cert"
+CERTFILE="$2"
+## source & destination ports
+SRC_PORT="8080"
+DST_PORT="443"
+
+
+[ ! -f "$OPENSSL_CONF_FILE" ] && echo "`basename $0`: $OPENSSL_CONF_FILE not found" && exit 2
+# this command creates the certificate
+# the "\n" are required, because the certbuilding asks for 5 returns
+echo -ne "\n\n\n\n\n" | openssl req -new -x509 -nodes -days 3650 -config "$OPENSSL_CONF_FILE" -out "$CERTFILE" -keyout "$CERTFILE"
+chmod 600 "$CERTFILE"
+
+# next step needs a lot of randomdata
+dd if=/dev/urandom of="$TMP_FILE" bs=1024 count=1024
+openssl dhparam -rand "$TMP_FILE" 512 >> "$CERTFILE"
+rm "$TMP_FILE"
+
+## print out cert values
+#openssl x509 -subject -dates -fingerprint -in stunnel.pem
+
+stunnel -p ${CERTFILE} -r localhost:${SRC_PORT} -d ${DST_PORT}
+
--- a/translation-base-v0.4/conf-examples/super.tab-example
+++ b/translation-base-v0.4/conf-examples/super.tab-example
@ -0,0 +1,9 @@
+# Add the following line to your "super.tab".
+# This file usally lays in /etc/super.tab , depending on your 
+# installation it can also be found in /usr/etc/ or /usr/local/etc/
+#
+# 'yourUserName' is typically 'cryptobox'
+#
+# syntax of super.tab:
+# super_command	path_to_real_command	username
+CryptoBoxRootActions	/your/local/path/to/CryptoBoxRootActions.py	yourUserName