migrate to luks

-- diese und die folgenden Zeilen werden ignoriert --

A    https://svn.systemausfall.org/svn/cryptobox/branches/luks

luks/cbox-tree.d/var/www/cgi-bin/cryptobox.pl

@@ -0,0 +1,692 @@
+#!/usr/bin/perl
+# $Id$
+#
+# web interface of the CryptoBox
+#
+
+
+###############################################
+
+use strict;
+use CGI;
+use ClearSilver;
+use ConfigFile;
+
+my $CONFIG_FILE = '/etc/cryptobox/cryptobox.conf';
+
+my ($pagedata, $pagename);
+
+my ($LANGUAGE_DIR, $DEFAULT_LANGUAGE, $HTML_TEMPLATE_DIR, $DOC_DIR);
+my ($CB_SCRIPT, $LOG_FILE, $IS_DEV);
+
+&fatal_error ("could not find configuration file ($CONFIG_FILE)") unless (-e $CONFIG_FILE);
+my $config = ConfigFile::read_config_file($CONFIG_FILE);
+
+$CB_SCRIPT = $config->{CB_SCRIPT};
+$LOG_FILE = $config->{LOG_FILE};
+$LANGUAGE_DIR = $config->{LANGUAGE_DIR};
+$DEFAULT_LANGUAGE = $config->{LANGUAGE};
+$HTML_TEMPLATE_DIR = $config->{HTML_TEMPLATE_DIR};
+$DOC_DIR = $config->{DOC_DIR};
+$IS_DEV = ( -e $config->{DEV_FEATURES_SCRIPT});
+
+my $query = new CGI;
+
+
+#################### subs ######################
+
+# for fatal errors without the chance of clearsilver-rendering
+sub fatal_error()
+{
+	my $message = shift;
+
+	print "Content-Type: text/html\n\n";
+	print "<html><head><title>CryptoBox</title></head>\n";
+	print "<body>\n";
+	print '<h1 align="center">' . $message . "</h1>\n";
+	print "</body></html>\n";
+	die "[CryptoBox]: $message";
+}
+
+
+sub load_hdf
+{
+	my $hdf = ClearSilver::HDF->new();
+
+	my $fname = "$HTML_TEMPLATE_DIR/main.cs";
+	&fatal_error ("Template directory is invalid ($fname not found)!") unless (-e "$fname");
+	$hdf->setValue("Settings.TemplateDir","$HTML_TEMPLATE_DIR");
+
+	&fatal_error ("Documentation directory ($DOC_DIR) not found!") unless (-d "$DOC_DIR");
+	$hdf->setValue("Settings.DocDir","$DOC_DIR");
+
+	# if it was requested as directory index (link from index.html), we should
+	# set a real script name - otherwise links with a query string will break
+	# ignore POST part of the SCRIPT_NAME (after "&")
+	(my $script_url = $ENV{'SCRIPT_NAME'}) =~ m/^[^&]*/;
+	$hdf->setValue("ScriptName", ($ENV{'SCRIPT_NAME'} eq '/')? '/cryptobox' : $script_url );
+
+	&load_selected_language($hdf);
+
+	&get_available_languages($hdf);
+
+	return $hdf;
+}
+
+
+sub load_selected_language
+{
+	my $data = shift;
+	my $config_language;
+
+	# load $DEFAULT_LANGUAGE - this is necessary, if a translation is incomplete
+	$data->readFile("$LANGUAGE_DIR/$DEFAULT_LANGUAGE" . ".hdf");
+
+	# load configured language, if it is valid
+	$config_language = `$CB_SCRIPT get_config language`;
+	$config_language = $DEFAULT_LANGUAGE unless (&validate_language("$config_language"));
+
+	# check for preferred browser language, if the box was not initialized yet
+	if ( ! &check_config())
+	{
+		my $prefLang = &get_browser_language();
+		# take it, if a supported browser language was found
+		$config_language = $prefLang unless ($prefLang eq '');
+	}
+
+	######### temporary language setting? ############
+	# the default language can be overriden by the language links in the
+	# upper right of the page
+	if ($query->param('weblang')) {
+		my $weblang = $query->param('weblang');
+		if (&validate_language($weblang)) {
+			# load the data
+			$config_language = "$weblang";
+			# add the setting to every link
+			$data->setValue('Data.PostData.weblang', "$weblang");
+		} else {
+			# no valid language was selected - so you may ignore it
+			$data->setValue('Data.Warning', 'InvalidLanguage');
+		}
+	}
+	# import the configured resp. the temporarily selected language
+	$data->readFile("$LANGUAGE_DIR/$config_language" . ".hdf");
+
+	########## select documentation language ##########
+	if (&validate_doc_language($config_language)) {
+		# selected web interface language
+		$data->setValue('Settings.DocLang', "$config_language");
+	} elsif (&validate_doc_language($DEFAULT_LANGUAGE)) {
+		# configured CryptoBox language
+		$data->setValue('Settings.DocLang', "$DEFAULT_LANGUAGE");
+	} else {
+		# default hardcoded language (english)
+		$data->setValue('Settings.DocLang', "en");
+	}
+}
+
+
+sub get_available_languages
+# import the names of all available languages
+{
+	my $data = shift;
+	my ($file, @files, $hdf, $lang_name);
+
+	opendir(DIR, $LANGUAGE_DIR) or &fatal_error ("Language directory ($LANGUAGE_DIR) not accessible!");
+	@files = sort grep { /.*\.hdf$/ } readdir(DIR);
+	close(DIR);
+
+	foreach $file (@files) {
+		$hdf = ClearSilver::HDF->new();
+		$hdf->readFile("$LANGUAGE_DIR/$file");
+		substr($file, -4) = "";
+		$lang_name = $hdf->getValue("Lang.Name", "$file");
+		$data->setValue("Data.Languages." . "$file", "$lang_name");
+	}
+}
+
+
+# look for preferred browser language setting
+# this code was adapted from Per Cederberg - http://www.percederberg.net/home/perl/select.perl
+# it returns an empty string, if no supported language was found
+sub get_browser_language
+{
+    my ($str, @langs, @res);
+
+    # Use language preference settings
+	if ($ENV{'HTTP_ACCEPT_LANGUAGE'} ne '')
+	{
+		@langs = split(/,/, $ENV{'HTTP_ACCEPT_LANGUAGE'});
+		foreach (@langs)
+		{
+			# get the first part of the language setting
+			($str) = ($_ =~ m/([a-z]+)/);
+			# check, if it supported by the cryptobox
+			$res[$#res+1] = $str if validate_language($str);
+		}
+	}
+	
+    # if everything fails - return empty string
+	$res[0] = "" if ($#res lt 0);
+	return $res[0];
+}
+
+
+sub log_msg
+{
+	my $text = shift;
+	open(LOGFILE,">> $LOG_FILE");
+	print LOGFILE "$text";
+	close(LOGFILE);
+}
+
+
+sub check_ssl
+{
+	# BEWARE: dirty trick - is there a better way?
+	# stunnel is not in transparent mode -> that means, it replaces REMOTE_ADDR with
+	# its own IP (localhost, of course)
+	return ($ENV{'REMOTE_ADDR'} eq '127.0.0.1');
+}
+
+
+sub check_mounted
+{
+	return (system("$CB_SCRIPT","is_crypto_mounted") == 0);
+}
+
+
+sub check_config
+{
+	return (system("$CB_SCRIPT","is_config_mounted") == 0);
+}
+
+
+sub check_init_running
+{
+	return (system("$CB_SCRIPT","is_init_running") == 0);
+}
+
+
+sub is_harddisk_available
+{
+	return (system("$CB_SCRIPT","is_harddisk_available") == 0);
+}
+
+sub get_available_disks
+# TODO: this is useful for diskselection buttons
+{
+	return `$CB_SCRIPT get_available_disks`;
+}
+
+sub get_current_ip
+# the IP of eth0 - not the configured value of the box (only for validation)
+{
+	return `$CB_SCRIPT get_current_ip`;
+}
+
+
+sub get_admin_pw
+# returns the current administration password - empty, if it is not used
+{
+	return `$CB_SCRIPT get_config admin_pw`;
+}
+
+
+sub render
+{
+	$pagedata->setValue("PageName","$pagename");
+	my $pagefile = "$HTML_TEMPLATE_DIR/main.cs";
+	print "Content-Type: text/html\n\n";
+
+	my $cs = ClearSilver::CS->new($pagedata);
+	$cs->parseFile($pagefile);
+
+	print $cs->render();
+}
+
+
+sub mount_vol
+{
+	my $pw = shift;
+
+	if (&check_mounted) {
+		$pagedata->setValue('Data.Warning', 'IsMounted');
+	} else {
+		open(PW_INPUT, "| $CB_SCRIPT crypto-up");
+		print PW_INPUT $pw;
+		close(PW_INPUT);
+	}
+}
+
+
+sub umount_vol
+{
+	if (&check_mounted) {
+		system("$CB_SCRIPT", "crypto-down");
+	} else {
+		$pagedata->setValue('Data.Warning', 'NotMounted');
+	}
+}
+
+
+sub box_init
+{
+	my ($crypto_pw, $admin_pw) = @_;
+
+	# partitioning, config and initial cryptsetup
+	open(PW_INPUT, "|$CB_SCRIPT box-init-fg");
+	print PW_INPUT $crypto_pw;
+	close(PW_INPUT);
+
+	# set administration password
+	system("$CB_SCRIPT", "set_config", "admin_pw", "$admin_pw");
+
+	# wipe and mkfs takes some time - it will be done in the background
+	system("$CB_SCRIPT", "box-init-bg");
+}
+
+sub box_purge
+{
+	system("$CB_SCRIPT", "box-purge");
+}
+
+sub system_poweroff
+{
+	&umount_vol() if (&check_mounted());
+	system("$CB_SCRIPT", "poweroff");
+}
+
+
+sub system_reboot
+{
+	&umount_vol() if (&check_mounted());
+	system("$CB_SCRIPT", "reboot");
+}
+
+
+sub validate_ip
+{
+	my $ip = shift;
+	my @octets = split /\./, $ip;
+	return 0 if ($#octets == 4);
+	# check for values and non-digits
+	return 0 if ((@octets[0] <= 0) || (@octets[0] >= 255) || (@octets[0] =~ /\D/));
+	return 0 if ((@octets[1] < 0) || (@octets[1] >= 255) || (@octets[1] =~ /\D/));
+	return 0 if ((@octets[2] < 0) || (@octets[2] >= 255) || (@octets[2] =~ /\D/));
+	return 0 if ((@octets[3] <= 0) || (@octets[3] >= 255) || (@octets[3] =~ /\D/));
+	return 1;
+}
+
+
+sub validate_timeout
+{
+	my $timeout = shift;
+	return 0 if ($timeout =~ /\D/);
+	return 1;
+}
+
+
+# check for a valid interface language
+sub validate_language
+{
+	my $language = shift;
+	# check for non-alphanumeric character
+	return 0 if ($language =~ /\W/);
+	return 0 if ($language eq "");
+	return 0 if ( ! -e "$LANGUAGE_DIR/$language" . '.hdf');
+	return 1;
+}
+
+
+# check for a valid documentation language
+sub validate_doc_language
+{
+	my $language = shift;
+	# check for non-alphanumeric character
+	return 0 if ($language =~ /\W/);
+	return 0 if ($language eq "");
+	return 0 if ( ! -e "$DOC_DIR/$language");
+	return 1;
+}
+
+
+################### main #########################
+
+
+$pagedata = load_hdf();
+
+# BEWARE: there are two kinds of actions:
+#     * some require a harddisk
+#     * some do not require a harddisk
+# take care, that you put a new action into the appropriate block below
+
+# first: check for ssl!
+if ( ! &check_ssl()) {
+	$pagedata->setValue('Data.Error', 'NoSSL');
+	$pagedata->setValue('Data.Redirect.URL', "https://" . $ENV{'HTTP_HOST'} . $ENV{'SCRIPT_NAME'});
+	$pagedata->setValue('Data.Redirect.Delay', "3");
+} elsif ($query->param('action')) {
+	my $action = $query->param('action');
+	#--------------------------------------------------------------#
+	# here you may define all cases that do not require a harddisk #
+	# put all other cases below the harddisk check                 #
+	#--------------------------------------------------------------#
+	#################### show_log #######################
+	if ($action eq 'show_log') {
+		$pagedata->setValue('Data.Action', 'show_log');
+	##################### doc ############################
+	} elsif ($action eq 'doc') {
+		if ($query->param('page')) {
+			$pagedata->setValue('Data.Doc.Page', $query->param('page'));
+			$pagedata->setValue('Data.Action', 'show_doc');
+		} else {
+			$pagedata->setValue('Data.Doc.Page', 'CryptoBoxUser');
+			$pagedata->setValue('Data.Action', 'show_doc');
+		}
+	##################### poweroff ######################
+	} elsif ($action eq 'shutdown_ask') {
+		$pagedata->setValue('Data.Action', 'form_shutdown');
+	##################### reboot ########################
+	} elsif ($action eq 'shutdown_do') {
+		if ($query->param('type') eq 'reboot') {
+			&system_reboot();
+			$pagedata->setValue('Data.Success', 'ReBoot');
+			$pagedata->setValue('Data.Redirect.Action', 'show_status');
+			$pagedata->setValue('Data.Redirect.Delay', "180");
+		} else {
+			&system_poweroff();
+			$pagedata->setValue('Data.Success', 'PowerOff');
+		}
+		$pagedata->setValue('Data.Action', 'empty');
+	##################### check for a harddisk ##########################
+	# catch this error, to prevent all following actions from execution #
+	#####################################################################
+	} elsif ( ! &is_harddisk_available()) {
+		$pagedata->setValue('Data.Error', 'NoHardDisk');
+	#-------------------------------------------------------#
+	# here you may define all cases that require a harddisk #
+	#-------------------------------------------------------#
+	################ umount_do #######################
+	} elsif ($action eq 'umount_do') {
+		if ( ! &check_config()) {
+			$pagedata->setValue('Data.Warning', 'NotInitialized');
+			$pagedata->setValue('Data.Action', 'form_init');
+		} elsif (&check_init_running()) {
+			$pagedata->setValue('Data.Warning', 'InitNotFinished');
+			$pagedata->setValue('Data.Action', 'empty');
+			$pagedata->setValue('Data.Redirect.Action', 'form_config');
+			$pagedata->setValue('Data.Redirect.Delay', "30");
+		} elsif ( ! &check_mounted()) {
+			$pagedata->setValue('Data.Warning', 'NotMounted');
+			$pagedata->setValue('Data.Action', 'empty');
+		} else {
+			# unmounten
+			&umount_vol();
+			if (&check_mounted()) {
+				$pagedata->setValue('Data.Warning', 'UmountFailed');
+				$pagedata->setValue('Data.Action', 'form_umount');
+			} else {
+				$pagedata->setValue('Data.Success', 'UmountDone');
+				$pagedata->setValue('Data.Action', 'empty');
+				$pagedata->setValue('Data.Redirect.Action', 'show_status');
+				$pagedata->setValue('Data.Redirect.Delay', "30");
+			}
+		}
+	################ mount_do ########################
+	} elsif ($action eq 'mount_do') {
+		# mount requested
+		if ( ! &check_config()) {
+			$pagedata->setValue('Data.Warning', 'NotInitialized');
+			$pagedata->setValue('Data.Action', 'form_init');
+		} elsif (&check_init_running()) {
+			$pagedata->setValue('Data.Warning', 'InitNotFinished');
+			$pagedata->setValue('Data.Action', 'empty');
+			$pagedata->setValue('Data.Redirect.Action', 'form_config');
+			$pagedata->setValue('Data.Redirect.Delay', "30");
+		} elsif (&check_mounted()) {
+			$pagedata->setValue('Data.Warning', 'IsMounted');
+			$pagedata->setValue('Data.Action', 'empty');
+			$pagedata->setValue('Data.Redirect.Action', 'show_status');
+			$pagedata->setValue('Data.Redirect.Delay', "30");
+		} elsif ($query->param('crypto_password') eq '') {
+			# leeres Passwort
+			$pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
+			$pagedata->setValue('Data.Action', 'form_mount');
+		} else	{
+			# mounten
+			&mount_vol($query->param('crypto_password'));
+			if (!&check_mounted()) {
+				$pagedata->setValue('Data.Warning', 'MountFailed');
+				$pagedata->setValue('Data.Action', 'form_mount');
+			} else {
+				$pagedata->setValue('Data.Success', 'MountDone');
+				$pagedata->setValue('Data.Action', 'empty');
+				$pagedata->setValue('Data.Redirect.Action', 'show_status');
+				$pagedata->setValue('Data.Redirect.Delay', "30");
+			}
+		}
+	################## mount_ask #######################
+	} elsif ($action eq 'mount_ask') {
+		if ( ! &check_config()) {
+			$pagedata->setValue('Data.Warning', 'NotInitialized');
+			$pagedata->setValue('Data.Action', 'form_init');
+		} elsif (&check_init_running()) {
+			$pagedata->setValue('Data.Warning', 'InitNotFinished');
+			$pagedata->setValue('Data.Action', 'empty');
+			$pagedata->setValue('Data.Redirect.Action', 'form_config');
+			$pagedata->setValue('Data.Redirect.Delay', "30");
+		} elsif (&check_mounted()) {
+			$pagedata->setValue('Data.Warning', 'IsMounted');
+			$pagedata->setValue('Data.Action', 'empty');
+			$pagedata->setValue('Data.Redirect.Action', 'show_status');
+			$pagedata->setValue('Data.Redirect.Delay', "30");
+		} else {
+			$pagedata->setValue('Data.Action', 'form_mount');
+		}
+	################# umount_ask ########################
+	} elsif ($action eq 'umount_ask') {
+		if ( ! &check_config()) {
+			$pagedata->setValue('Data.Warning', 'NotInitialized');
+			$pagedata->setValue('Data.Action', 'form_init');
+		} elsif ( ! &check_mounted()) {
+			$pagedata->setValue('Data.Warning', 'NotMounted');
+			$pagedata->setValue('Data.Action', 'empty');
+			$pagedata->setValue('Data.Redirect.Action', 'show_status');
+			$pagedata->setValue('Data.Redirect.Delay', "30");
+		} else {
+			$pagedata->setValue('Data.Action', 'form_umount');
+		}
+	################## init_ask #########################
+	} elsif ($action eq 'init_ask') {
+		if (&check_init_running()) {
+			$pagedata->setValue('Data.Warning', 'InitNotFinished');
+			$pagedata->setValue('Data.Action', 'form_config');
+		} elsif (&check_config()) {
+			$pagedata->setValue('Data.Warning', 'AlreadyConfigured');
+			$pagedata->setValue('Data.Action', 'form_init');
+		} else {
+			$pagedata->setValue('Data.Action', 'form_init');
+		}
+	#################### init_do ########################
+	} elsif ($action eq 'init_do') {
+		my $current_admin_pw = &get_admin_pw;
+		if ($current_admin_pw ne '' && $current_admin_pw ne $query->param('current_admin_password')) {
+			$pagedata->setValue('Data.Warning', 'WrongAdminPassword');
+			$pagedata->setValue('Data.Action', 'form_init');
+		} elsif ($query->param('admin_password') ne $query->param('admin_password2')) {
+			# different admin-passwords
+			$pagedata->setValue('Data.Warning', 'DifferentAdminPasswords');
+			$pagedata->setValue('Data.Action', 'form_init');
+		} elsif ($query->param('crypto_password') ne $query->param('crypto_password2')) {
+			# different crypto-passwords
+			$pagedata->setValue('Data.Warning', 'DifferentCryptoPasswords');
+			$pagedata->setValue('Data.Action', 'form_init');
+		} elsif ($query->param('crypto_password') eq '') {
+			# empty password
+			$pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
+			$pagedata->setValue('Data.Action', 'form_init');
+		} elsif ($query->param('confirm') ne $pagedata->getValue('Lang.Text.ConfirmInit','')) {
+			# wrong confirm string
+			$pagedata->setValue('Data.Warning', 'InitNotConfirmed');
+			$pagedata->setValue('Data.Action', 'form_init');
+		} else {
+			# do init
+			&box_init($query->param('crypto_password'),$query->param('admin_password'));
+			if (!&check_init_running()) {
+				$pagedata->setValue('Data.Error', 'InitFailed');
+			} else {
+				$pagedata->setValue('Data.Success', 'InitRunning');
+				$pagedata->setValue('Data.Action', 'form_config');
+			}
+		}
+	#################### config_ask ######################
+	} elsif ($action eq 'config_ask') {
+		if ( ! &check_config()) {
+			$pagedata->setValue('Data.Warning', 'NotInitialized');
+			$pagedata->setValue('Data.Action', 'form_init');
+		} else {
+			$pagedata->setValue('Data.Action', 'form_config');
+		}
+	#################### config_do #######################
+	} elsif ($action eq 'config_do') {
+		if ( ! &check_config()) {
+			$pagedata->setValue('Data.Warning', 'NotInitialized');
+			$pagedata->setValue('Data.Action', 'form_init');
+		} else {
+			my $current_admin_pw = &get_admin_pw;
+			if ($current_admin_pw ne '' && $current_admin_pw ne $query->param('current_admin_password')) {
+				$pagedata->setValue('Data.Warning', 'WrongAdminPassword');
+				$pagedata->setValue('Data.Action', 'form_config');
+			} elsif ( ! &validate_language($query->param('language'))) {
+				$pagedata->setValue('Data.Warning', 'InvalidLanguage');
+				$pagedata->setValue('Data.Action', 'form_config');
+			} elsif ( ! &validate_ip($query->param('ip'))) {
+				$pagedata->setValue('Data.Warning', 'InvalidIP');
+				$pagedata->setValue('Data.Action', 'form_config');
+			} elsif ( ! &validate_timeout($query->param('timeout'))) {
+				$pagedata->setValue('Data.Warning', 'InvalidTimeOut');
+				$pagedata->setValue('Data.Action', 'form_config');
+			} else {
+				system("$CB_SCRIPT", "set_config", "language", $query->param('language'));
+				&load_selected_language($pagedata);
+				system("$CB_SCRIPT", "set_config", "timeout", $query->param('timeout'));
+				# check, if the ip was reconfigured
+				if ($query->param('ip') ne `$CB_SCRIPT get_config ip`)
+				{
+					# set the new value
+					system("$CB_SCRIPT", "set_config", "ip", $query->param('ip'));
+					# reconfigure the network interface
+					system("$CB_SCRIPT", "update_ip_address");
+					# redirect to the new address
+					$pagedata->setValue('Data.Redirect.URL', "https://" . $query->param('ip') . $ENV{'SCRIPT_NAME'});
+					$pagedata->setValue('Data.Redirect.Delay', "5");
+					# display a warning for the redirection
+					$pagedata->setValue('Data.Warning', 'IPAddressChanged');
+				}
+				# check for success
+				if (`$CB_SCRIPT get_config timeout` ne $query->param('timeout')) {
+					$pagedata->setValue('Data.Warning', 'ConfigTimeOutFailed');
+				} elsif (`$CB_SCRIPT get_config ip` ne $query->param('ip')) {
+					$pagedata->setValue('Data.Warning', 'ConfigIPFailed');
+				} elsif (`$CB_SCRIPT get_config language` ne $query->param('language')) {
+					$pagedata->setValue('Data.Warning', 'ConfigLanguageFailed');
+				} else {
+					$pagedata->setValue('Data.Success', 'ConfigSaved');
+				}
+				$pagedata->setValue('Data.Action', 'show_status');
+				$pagedata->setValue('Data.Redirect.Action', 'show_status');
+				$pagedata->setValue('Data.Redirect.Delay', "30");
+			}
+		}
+	#################### status #########################
+	} elsif ($action eq 'status') {
+		if ( ! &check_config()) {
+			$pagedata->setValue('Data.Warning', 'NotInitialized');
+			$pagedata->setValue('Data.Action', 'form_init');
+		} elsif (&check_init_running()) {
+			$pagedata->setValue('Data.Warning', 'InitNotFinished');
+			$pagedata->setValue('Data.Action', 'empty');
+			$pagedata->setValue('Data.Redirect.Action', 'form_config');
+			$pagedata->setValue('Data.Redirect.Delay', "30");
+		} else {
+			$pagedata->setValue('Data.Action', 'show_status');
+			$pagedata->setValue('Data.Redirect.Action', 'show_status');
+			$pagedata->setValue('Data.Redirect.Delay', "60");
+		}
+	################### box_purge #######################
+	# if we find an existing config partition, then check the adminpw
+	} elsif ($action eq 'do_purge') {
+		if ( &check_config()) {
+			my $current_admin_pw = &get_admin_pw;
+			if ($current_admin_pw ne '' && $current_admin_pw ne $query->param('current_admin_password')) {
+				$pagedata->setValue('Data.Warning', 'WrongAdminPassword');
+				$pagedata->setValue('Data.Action', 'form_config');
+			} else {
+				&box_purge;
+				$pagedata->setValue('Data.Action', 'form_init');
+			}
+		}
+	################### unknown #########################
+	} else {
+		$pagedata->setValue('Data.Error', 'UnknownAction');
+	}
+#################### default action ##########################
+# check for a harddisk again, as this check was skipped
+# because there was no action defined
+} elsif ( ! &is_harddisk_available()) {
+		$pagedata->setValue('Data.Error', 'NoHardDisk');
+} else {
+	if (&check_init_running()) {
+		$pagedata->setValue('Data.Warning', 'InitNotFinished');
+		$pagedata->setValue('Data.Action', 'empty');
+		$pagedata->setValue('Data.Redirect.Action', 'form_config');
+		$pagedata->setValue('Data.Redirect.Delay', "60");
+	} elsif (&check_config()) {
+		$pagedata->setValue('Data.Action', 'show_status');
+		$pagedata->setValue('Data.Redirect.Action', 'show_status');
+		$pagedata->setValue('Data.Redirect.Delay', "60");
+	} else {
+		$pagedata->setValue('Data.Action', 'form_init');
+	}
+}
+
+# check state of the cryptobox
+$pagedata->setValue('Data.Status.Config', &check_config() ? 1 : 0);
+$pagedata->setValue('Data.Status.InitRunning', &check_init_running() ? 1 : 0);
+$pagedata->setValue('Data.Status.Mounted', &check_mounted() ? 1 : 0);
+my $output = &get_current_ip();
+$pagedata->setValue('Data.Status.IP', "$output");
+
+$output = &get_admin_pw();
+$pagedata->setValue('Data.Config.AdminPasswordIsSet', 1) if ($output ne '');
+
+$output = `$CB_SCRIPT diskinfo 2>&1 | sed 's#\$#<br/>#'`;
+$pagedata->setValue('Data.PartitionInfo',"$output");
+
+# preset config settings for clearsilver
+$pagedata->setValue('Data.Config.IP', `$CB_SCRIPT get_config ip`);
+$pagedata->setValue('Data.Config.TimeOut', `$CB_SCRIPT get_config timeout`);
+$pagedata->setValue('Data.Config.Language', `$CB_SCRIPT get_config language`);
+
+# read log and add html linebreaks
+$output = '';
+if (-e "$LOG_FILE") {
+	open(LOGFILE, "< $LOG_FILE");
+	while (<LOGFILE>) { $output .= "$_<br/>" }
+	close(LOGFILE);
+}
+$pagedata->setValue('Data.Log',"$output");
+
+$pagedata->setValue('Data.Status.DevelopmentMode', 1) if ($IS_DEV);
+
+# save QUERY_STRING (e.g. for weblang-links)
+my $querystring = $ENV{'QUERY_STRING'};
+# remove weblang setting
+$querystring =~ s/weblang=\w\w&?//;
+$pagedata->setValue('Data.QueryString', "$querystring") if ($querystring ne '');
+
+&render();
+
+exit 0;
+

luks/cbox-tree.d/var/www/cryptobox

@@ -0,0 +1 @@
+cgi-bin/cryptobox.pl

luks/cbox-tree.d/var/www/cryptobox.css

@@ -0,0 +1,388 @@
+body {
+	background-image: url(cryptobox-img/backg.gif);
+	background-position: top center;
+	background-attachment: fixed;
+	background-repeat: no-repeat;
+	text-align: center;
+	margin: 0;
+	padding: 0;
+	font-family: verdana, lucida, arial, helvetica, sans-serif;
+	}
+
+#main {
+	background: none;
+	width: 600px;
+	padding: 0px;
+	margin-left: auto;
+	margin-right: auto;
+	}
+
+#main h1, h2, h3 {
+	font-family: sans-serif, arial;
+	font-weight: normal;
+	letter-spacing: 0.05em;
+	color: #acacac;
+	font-variant: small-caps;
+	padding: 0 1em;
+	text-align: left;
+	}
+
+#main h1 {
+	font-size: 2em;
+	}
+
+#main h2 {
+	font-size: 1.5em;
+	}
+
+#main h3 {
+	font-size: 1.2em;
+	}
+
+#head {
+	width: 600px;
+	height: 120px;
+	margin: 0;
+	padding: 0;
+	background-image: url(cryptobox-img/antlogo100px.png);
+	background-position: top right;
+	background-attachment: scroll;
+	background-repeat: no-repeat;
+	}
+
+#head_green {
+	width: 600px;
+	height: 120px;
+	margin: 0;
+	padding: 0;
+	background-image: url(cryptobox-img/antlogo100px_green.png);
+	background-position: top right;
+	background-attachment: scroll;
+	background-repeat: no-repeat;
+	}
+
+#head_red {
+	width: 600px;
+	height: 120px;
+	margin: 0;
+	padding: 0;
+	background-image: url(cryptobox-img/antlogo100px_red.png);
+	background-position: top right;
+	background-attachment: scroll;
+	background-repeat: no-repeat;
+	}
+
+
+
+#content {
+	margin: 0;
+	padding: 0;
+	width: 600px;
+	font-size: 0.9em;
+	min-height: 300px;
+	}
+
+#content a {
+	line-height: 1.2em;
+	color: black;
+	text-decoration: none;
+	font-weight: bold;
+	font-size: 0.9em;
+	}
+
+#content a:hover {
+	text-decoration: underline;
+	}
+
+#content a:visited {
+	color: #acacac;
+	}
+
+#content p {
+	font-size: 0.9em;
+	padding: 0 1em;
+	text-align: justify;
+	}
+
+#menu {
+	text-align: center;
+	border-top: 1px solid #5e5e5e;
+	border-bottom: 1px solid #5e5e5e;
+	background-color: #ACE149;
+	}
+
+#menu a:link, #menu a:visited {
+	color: #5e5e5e;
+	margin: 5px;
+	text-decoration: none;
+	border: none;
+	padding: 4px;
+	font-size: 0.8em;
+	}
+
+#menu a:hover {
+	color: #8e8e8e;
+	}
+
+#words {
+	width: 565px;
+	padding: 1.1em 0em 1.1em 1.1em;
+	margin-top: 0;
+	}
+
+#words h1{
+	font-size: 1.8em;
+	}
+
+#words h2{
+	font-size: 1.4em;
+	}
+
+#words ol, #words ul {
+	font-size: 0.9em;
+	}
+
+#words ol li {
+	padding: 0 1em;
+	line-height: 1.7em;
+	}
+
+#words ul li {
+	padding: 0 1em;
+	line-height: 1.7em;
+	list-style-image: url(cryptobox-img/list.gif);
+	}
+
+#footer {
+	clear: both;
+	text-align: center;
+	border-top: 1px solid #5e5e5e;
+	border-bottom: 1px solid #5e5e5e;
+	background-color: #ACE149;
+	font-size: 0.8em;
+	color: #5e5e5e;
+	}
+
+#footer a:link, #footer a:visited {
+	color: #5e5e5e;
+	margin: 5px;
+	text-decoration: none;
+	border: none;
+	padding: 4px;
+	}
+
+#footer a:hover {
+	text-decoration: underline;
+	}
+
+#confirmtext span {
+	color: red;
+	font-weight: bold;
+	}
+
+
+/* -------=-=-=- warnings, errors and success messages-=-=-=-------- */
+
+#words div.warning,div.error,div.success {
+	margin-top: 20px;
+	margin-bottom: 20px;
+	padding-top: 10px;
+	padding-bottom: 15px;
+	color: #707070;
+	}
+
+#words .warning,.error,.success {
+	border: 1px dashed #808080;
+	text-align: center;
+	color: #5e5e5e;
+	text-decoration: none;
+	font-weight: bold;
+	font-size: 0.9em;
+	padding-left: 40px;
+	padding-right: 40px;	
+	}
+
+#words .warning {
+	background-color: #f5f5f5; 
+	}
+	
+#words .error {
+	background-color: #f5f5f5; 
+	}
+	
+#words .success {
+/*	nice green color - but no one likes it right?
+	background-color: #90EE90;	*/
+	}
+	
+#words div.warning,div.error,div.success h1,h2 {
+	color: #808080;
+	}
+
+#words .warning,.error,.success a {
+	color: #5e5e5e;
+	text-decoration: none;
+	font-weight: bold;
+	font-size: 0.9em;
+}
+
+#words .note {
+	text-align: center;
+	color: #F48659;
+	font-style: italic;
+	}
+	
+/* ----------------------=-=-=- Forms -=-=-=--------------------- */
+/* pretty forms and buttons */	
+input {
+	border: 1px solid #BFBFBF;
+	color: #949494;
+	background-color: white;
+	padding: 2px 5px 1px 5px;
+	font-size: 1em;
+	}
+	
+input:hover {
+	border: 1px solid #ACE149;
+	color: #7DA721;
+	background-color: white;
+	font-size: 1em;
+	}
+	
+textarea {
+	font-family: arial, verdana, helvetica, sans-serif;
+	font-size: 1.1em;
+	border: 1px solid #BFBFBF;
+	color: #949494;
+	padding: 2px 5px 1px 5px;
+	width: 450px;
+	}
+	
+textarea:hover {
+	color: #7DA721;
+	background-color: white;
+	border: 1px solid #ACE149;
+	}
+
+button {
+	color: #5e5e5e;
+	background-color: #ACE149;
+	border: 1px solid #5e5e5e;
+	font-size: 0.8em;
+	font-weight: bold;
+	cursor: pointer;
+	}
+
+button:hover {
+	color: #5e5e5e;
+	background-color: #D0F0A0;
+	border: 1px solid #ACE149;
+	font-size: 0.8em;
+	font-weight: bold;
+	cursor: pointer;
+	}
+
+#words form label {
+	min-width: 20em;
+	}
+
+#words form p {
+	text-align: center;
+	}
+
+/* ------------=-=-=- language selection -=-=-=------------- */
+
+#lang {
+	position: absolute;
+	float: right;
+	right: 5px;
+	top: 5px;
+	text-align: right;
+	}
+
+#lang a {
+	color: #acacac;
+	font-family: verdana, lucida, arial, helvetica, sans-serif;
+	font-size: smaller;
+	}
+
+#lang a:hover {
+	color: #707070;
+	}
+
+
+/* ------------=-=-=- documentation -=-=-=------------- */
+
+#doc ol,ul li {
+	text-align: left;
+	margin-left: 20px;
+	}
+
+#doc dl dt {
+	text-align: left;
+	margin-left: 20px;
+	font-style: italic;
+	}
+
+#doc h1 {
+	padding-top: 25px;
+}
+
+#doc h2 {
+	padding-top: 20px;
+}
+
+#doc h3 {
+	padding-top: 10px;
+	}
+
+/* ------------=-=-=- special things -=-=-=------------- */
+
+#partition_info p, #log p.console {
+	margin-left: 10%;
+	margin-right: 10%;
+	font-family: monospace
+	}
+
+/* ---------=-=-=-=- onscreen help -=-=-=-=--------- */
+/* not active anymore */
+
+#words a.popup {
+	line-height: inherit;
+	color: inherit;
+	background-color: inherit;
+	text-decoration: inherit;
+	font-weight: inherit;
+	font-size: inherit;
+	}
+
+#words a.popup:hover {
+	text-decoration: inherit;
+	}
+
+#words a.popup span {
+	display: none;
+	position: fixed;
+	bottom: 10px;
+	left: 9%;
+	width: 80%;
+	background: #f0f0f0;
+	padding: 10px;
+	border-color: #e0e0e0;
+	border-width: 2px;
+	border-style: solid;
+	margin: 0;
+	}
+
+#words a.popup:hover span {
+	display: inline;
+	}
+
+#words a.popup span p {
+	text-align: left;
+	}
+
+#words a.popup span h3 {
+	color: #909090;
+	margin-top: 0px;
+	}

luks/cbox-tree.d/var/www/errors/err404.html

@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+	<title>CryptoBox</title>
+	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+	<meta http-equiv="refresh" content="0;url=/cryptobox">
+	<link rel="stylesheet" media="screen" href="/cryptobox.css" type="text/css" />
+</head>
+<body>
+
+<div id="main">
+  <div id="head">
+	<h1>CryptoBox</h1>
+  </div>
+
+  <div id="content">
+    <div id="words">
+	<h1>Error 404 - page not found!</h2>
+	<p>Please go to the <a href="/cryptobox" title="CryptoBox">CryptoBox-Interface</a></p>
+    </div>
+  </div>
+</div>
+
+</body>
+</html>
+

luks/cbox-tree.d/var/www/index.html

@@ -0,0 +1 @@
+cgi-bin/cryptobox.pl