From ea73230db8a26a3d67a0f74c8695ad0bbbcd4b3c Mon Sep 17 00:00:00 2001
From: lars
Date: Mon, 6 Nov 2006 16:05:00 +0000
Subject: [PATCH] moved pythonrewrite branch to trunk
---
pythonrewrite/LICENSE | 340 -
pythonrewrite/Makefile | 70 -
pythonrewrite/README | 1 -
pythonrewrite/bin-perl-old/Makefile | 37 -
pythonrewrite/bin-perl-old/cbox-manage.sh | 474 -
.../bin-perl-old/cbox-root-actions.sh | 341 -
pythonrewrite/bin-perl-old/cryptobox.pl | 946 -
.../bin-perl-old/cryptobox_wrapper.c | 21 -
pythonrewrite/bin-perl-old/ro-system.sh | 191 -
pythonrewrite/bin/CryptoBox.py | 276 -
pythonrewrite/bin/CryptoBoxContainer.py | 607 -
pythonrewrite/bin/CryptoBoxExceptions.py | 107 -
pythonrewrite/bin/CryptoBoxPlugin.py | 165 -
pythonrewrite/bin/CryptoBoxRootActions.py | 386 -
pythonrewrite/bin/CryptoBoxSettings.py | 481 -
pythonrewrite/bin/CryptoBoxTools.py | 186 -
pythonrewrite/bin/CryptoBoxWebserver.py | 38 -
pythonrewrite/bin/Plugins.py | 67 -
pythonrewrite/bin/WebInterfaceDataset.py | 136 -
pythonrewrite/bin/WebInterfaceSites.py | 427 -
pythonrewrite/bin/WebInterfaceTestClass.py | 77 -
pythonrewrite/bin/coding_guidelines.txt | 18 -
pythonrewrite/bin/cryptobox.conf | 83 -
pythonrewrite/bin/cryptoboxd | 39 -
pythonrewrite/bin/cryptoboxwebserver.conf | 17 -
pythonrewrite/bin/do_unittests.sh | 22 -
pythonrewrite/bin/example-super.tab | 2 -
pythonrewrite/bin/test.complete.CryptoBox.py | 116 -
pythonrewrite/bin/uml-setup.sh | 23 -
pythonrewrite/bin/unittests.CryptoBox.py | 138 -
pythonrewrite/bin/unittests.CryptoBoxTools.py | 48 -
pythonrewrite/bin/unittests.Plugins.py | 33 -
pythonrewrite/bin/unittests.WebSites.py | 39 -
pythonrewrite/conf-examples/cryptobox.conf | 36 -
.../conf-examples/default-settings/admin_pw | 0
.../default-settings/cryptobox.marker | 0
.../conf-examples/default-settings/ip | 1 -
.../conf-examples/default-settings/language | 1 -
.../conf-examples/default-settings/names.db | 0
.../conf-examples/default-settings/timeout | 1 -
.../conf-examples/default-settings/version | 1 -
.../conf-examples/distributions/README | 11 -
.../conf-examples/distributions/gnu_linux | 12 -
pythonrewrite/debian/README.Debian | 5 -
pythonrewrite/debian/changelog | 3 -
pythonrewrite/debian/control | 18 -
pythonrewrite/debian/copyright | 27 -
pythonrewrite/debian/cryptobox.default | 12 -
pythonrewrite/debian/cryptobox.init | 54 -
pythonrewrite/debian/dirs | 4 -
pythonrewrite/debian/links | 1 -
pythonrewrite/debian/patches/00list | 0
pythonrewrite/debian/postinst | 43 -
pythonrewrite/debian/postrm | 12 -
pythonrewrite/debian/rules | 93 -
.../design/background_frame_corner.svg | 265 -
.../design/icon_background_active.svg | 92 -
.../icons/applications-system_tango.svg | 245 -
pythonrewrite/design/icons/computer_tango.svg | 738 -
.../design/icons/dialog-error_tango.svg | 316 -
.../design/icons/dialog-information_tango.svg | 1145 -
.../design/icons/dialog-warning_tango.svg | 290 -
.../design/icons/drive-cdrom_tango.svg | 444 -
.../design/icons/drive-harddisk_tango.svg | 469 -
.../icons/drive-removable-media_tango.svg | 390 -
pythonrewrite/design/icons/globe-lips.svg | 512 -
.../icons/gnome-dev-removable-usb_nuvola.svg | 1004 -
.../design/icons/gnome-globe_nuvola.svg | 1195 -
.../design/icons/gtk-zoom-in_nuvola.svg | 433 -
pythonrewrite/design/icons/help_contents.svg | 701 -
.../inaccessible_tango_emblem-unreadable.svg | 357 -
pythonrewrite/design/icons/language.png | Bin 3520 -> 0 bytes
.../icons/locked_tango-emblem-readonly.svg | 298 -
.../icons/multimedia-dell-dj-pocket_tango.svg | 4405 ----
...multimedia-player-ipod-mini-blue_tango.svg | 4126 ---
.../multimedia-player-motorola-rokr_tango.svg | 1025 -
.../icons/network-transmit-receive_design.svg | 1041 -
.../design/icons/pile_of_devices.png | Bin 17218 -> 0 bytes
.../design/icons/pile_of_devices.svg | 22002 ----------------
.../preferences-desktop-locale_tango.svg | 828 -
.../design/icons/preferences-system_tango.svg | 396 -
.../design/icons/redhat-config-users_wasp.svg | 1904 --
.../icons/seahorse-preferences_gnome.svg | 1250 -
.../design/icons/spherecrystal_help.svg | 60 -
.../design/icons/system-log-out_tango.svg | 362 -
.../design/icons/unlocked_clavdia.svg | 515 -
pythonrewrite/design/icons/unlocked_lars.svg | 1198 -
pythonrewrite/design/logo/ameisenkopp.svg | 3242 ---
pythonrewrite/design/logo/antlogo100px.png | Bin 7318 -> 0 bytes
.../design/logo/antlogo100px_green.png | Bin 8624 -> 0 bytes
.../design/logo/antlogo100px_red.png | Bin 8142 -> 0 bytes
.../design/logo/antlogo100px_transp_red.png | Bin 11468 -> 0 bytes
pythonrewrite/design/logo/boesetest.svg | 392 -
pythonrewrite/design/logo/bubblebutton.svg | 774 -
pythonrewrite/design/logo/entwurf.svg | 945 -
pythonrewrite/design/logo/evil_stick.png | Bin 18297 -> 0 bytes
pythonrewrite/design/logo/evil_stick.svg | 811 -
pythonrewrite/design/logo/evil_stick2.png | Bin 17008 -> 0 bytes
pythonrewrite/design/logo/evil_stick2.svg | 820 -
pythonrewrite/design/logo/evil_stick3.png | Bin 17744 -> 0 bytes
pythonrewrite/design/logo/evil_stick3.svg | 909 -
.../design/logo/vault_pingu_gross.png | Bin 93838 -> 0 bytes
.../design/logo/vault_pingu_uncut.png | Bin 121097 -> 0 bytes
pythonrewrite/doc/README | 24 -
pythonrewrite/doc/changelog | 28 -
pythonrewrite/doc/copyright | 18 -
pythonrewrite/doc/html/de/CryptoBox.html | 132 -
pythonrewrite/doc/html/de/CryptoBoxDev.html | 94 -
.../doc/html/de/CryptoBoxDevBackground.html | 64 -
.../doc/html/de/CryptoBoxDevCustomBuild.html | 85 -
.../html/de/CryptoBoxDevCustomConfigure.html | 60 -
.../html/de/CryptoBoxDevKnownProblems.html | 46 -
.../doc/html/de/CryptoBoxDevPreparation.html | 77 -
.../doc/html/de/CryptoBoxDevValidation.html | 78 -
.../doc/html/de/CryptoBoxDevWorkFlow.html | 156 -
pythonrewrite/doc/html/de/CryptoBoxUser.html | 59 -
.../html/de/CryptoBoxUserConfiguration.html | 125 -
.../doc/html/de/CryptoBoxUserDailyUse.html | 139 -
.../html/de/CryptoBoxUserGettingStarted.html | 76 -
pythonrewrite/doc/html/en/CryptoBox.html | 154 -
pythonrewrite/doc/html/en/CryptoBoxDev.html | 94 -
.../doc/html/en/CryptoBoxDevBackground.html | 64 -
.../doc/html/en/CryptoBoxDevCustomBuild.html | 85 -
.../html/en/CryptoBoxDevCustomConfigure.html | 60 -
.../html/en/CryptoBoxDevKnownProblems.html | 46 -
.../doc/html/en/CryptoBoxDevPreparation.html | 77 -
.../doc/html/en/CryptoBoxDevValidation.html | 78 -
.../doc/html/en/CryptoBoxDevWorkFlow.html | 156 -
pythonrewrite/doc/html/en/CryptoBoxUser.html | 60 -
.../html/en/CryptoBoxUserConfiguration.html | 125 -
.../doc/html/en/CryptoBoxUserDailyUse.html | 138 -
.../html/en/CryptoBoxUserGettingStarted.html | 83 -
pythonrewrite/doc/html/fr | 1 -
pythonrewrite/doc/html/si | 1 -
pythonrewrite/known_problems | 4 -
pythonrewrite/lang/README | 37 -
pythonrewrite/lang/TODO | 18 -
pythonrewrite/lang/de.hdf | 230 -
pythonrewrite/lang/en.hdf | 187 -
pythonrewrite/lang/fr.hdf | 254 -
pythonrewrite/lang/language_specification.txt | 24 -
pythonrewrite/lang/si.hdf | 193 -
pythonrewrite/plugins/date/date.py | 69 -
pythonrewrite/plugins/date/form_date.cs | 44 -
pythonrewrite/plugins/date/lang/en.hdf | 35 -
pythonrewrite/plugins/date/plugin_icon.png | Bin 3285 -> 0 bytes
pythonrewrite/plugins/date/root_action.py | 36 -
pythonrewrite/plugins/date/unittests.py | 60 -
pythonrewrite/plugins/disks/disks.cs | 17 -
pythonrewrite/plugins/disks/disks.py | 17 -
pythonrewrite/plugins/disks/lang/de.hdf | 6 -
pythonrewrite/plugins/disks/lang/en.hdf | 6 -
pythonrewrite/plugins/disks/plugin_icon.png | Bin 6279 -> 0 bytes
pythonrewrite/plugins/disks/unittests.py | 9 -
pythonrewrite/plugins/format_fs/format_fs.py | 95 -
pythonrewrite/plugins/format_fs/lang/en.hdf | 49 -
.../plugins/format_fs/plugin_icon.png | Bin 6376 -> 0 bytes
pythonrewrite/plugins/format_fs/unittests.py | 10 -
.../plugins/format_fs/volume_format.cs | 37 -
.../plugins/format_fs/volume_format_luks.cs | 32 -
pythonrewrite/plugins/help/doc.cs | 9 -
pythonrewrite/plugins/help/help.py | 25 -
pythonrewrite/plugins/help/lang/en.hdf | 5 -
pythonrewrite/plugins/help/plugin_icon.png | Bin 12693 -> 0 bytes
pythonrewrite/plugins/help/unittests.py | 29 -
.../plugins/language_selection/lang/en.hdf | 5 -
.../language_selection/language_selection.cs | 15 -
.../language_selection/language_selection.py | 16 -
.../language_selection/plugin_icon.png | Bin 13094 -> 0 bytes
.../plugins/language_selection/unittests.py | 10 -
pythonrewrite/plugins/logs/lang/en.hdf | 6 -
pythonrewrite/plugins/logs/logs.css | 6 -
pythonrewrite/plugins/logs/logs.py | 29 -
pythonrewrite/plugins/logs/plugin_icon.png | Bin 16601 -> 0 bytes
pythonrewrite/plugins/logs/show_log.cs | 19 -
pythonrewrite/plugins/logs/unittests.py | 21 -
pythonrewrite/plugins/network/form_network.cs | 30 -
pythonrewrite/plugins/network/lang/en.hdf | 23 -
pythonrewrite/plugins/network/network.py | 126 -
pythonrewrite/plugins/network/plugin_icon.png | Bin 13698 -> 0 bytes
pythonrewrite/plugins/network/root_action.py | 42 -
pythonrewrite/plugins/network/unittests.py | 45 -
.../partition/current_partition_info.cs | 11 -
pythonrewrite/plugins/partition/lang/en.hdf | 83 -
pythonrewrite/plugins/partition/partition.css | 4 -
pythonrewrite/plugins/partition/partition.py | 416 -
.../plugins/partition/plugin_icon.png | Bin 2943 -> 0 bytes
.../plugins/partition/root_action.py | 96 -
.../plugins/partition/select_device.cs | 45 -
.../plugins/partition/set_partitions.cs | 78 -
.../plugins/partition/show_format_progress.cs | 17 -
pythonrewrite/plugins/partition/unittests.py | 10 -
pythonrewrite/plugins/plugin-interface.txt | 63 -
pythonrewrite/plugins/plugin_icon_unknown.png | Bin 14269 -> 0 bytes
.../plugins/plugin_manager/lang/en.hdf | 15 -
.../plugins/plugin_manager/plugin_icon.png | Bin 631 -> 0 bytes
.../plugins/plugin_manager/plugin_list.cs | 65 -
.../plugins/plugin_manager/plugin_manager.py | 52 -
.../plugins/plugin_manager/unittests.py | 12 -
.../plugins/shutdown/form_shutdown.cs | 15 -
.../plugins/shutdown/gnome-reboot.png | Bin 3752 -> 0 bytes
.../plugins/shutdown/gnome-shutdown.png | Bin 4532 -> 0 bytes
pythonrewrite/plugins/shutdown/lang/en.hdf | 34 -
.../plugins/shutdown/plugin_icon.png | Bin 7588 -> 0 bytes
.../plugins/shutdown/progress_reboot.cs | 6 -
.../plugins/shutdown/progress_shutdown.cs | 6 -
pythonrewrite/plugins/shutdown/root_action.py | 48 -
pythonrewrite/plugins/shutdown/shutdown.py | 51 -
pythonrewrite/plugins/shutdown/unittests.py | 11 -
.../plugins/system_preferences/lang/en.hdf | 5 -
.../system_preferences/plugin_icon.png | Bin 12762 -> 0 bytes
.../system_preferences/show_plugins.cs | 15 -
.../system_preferences/system_preferences.py | 16 -
.../plugins/system_preferences/unittests.py | 8 -
.../plugins/user_manager/lang/en.hdf | 51 -
.../plugins/user_manager/plugin_icon.png | Bin 10613 -> 0 bytes
.../plugins/user_manager/unittests.py | 27 -
.../plugins/user_manager/user_list.cs | 82 -
.../plugins/user_manager/user_manager.py | 81 -
.../plugins/volume_details/lang/en.hdf | 20 -
.../plugins/volume_details/plugin_icon.png | Bin 11235 -> 0 bytes
.../plugins/volume_details/unittests.py | 10 -
.../plugins/volume_details/volume_details.cs | 21 -
.../plugins/volume_details/volume_details.py | 18 -
.../plugins/volume_mount/lang/en.hdf | 56 -
.../plugins/volume_mount/plugin_icon.png | Bin 4535 -> 0 bytes
.../plugins/volume_mount/unittests.py | 10 -
.../plugins/volume_mount/volume_mount.cs | 18 -
.../plugins/volume_mount/volume_mount.py | 103 -
.../plugins/volume_mount/volume_status.cs | 9 -
.../plugins/volume_mount/volume_umount.cs | 10 -
.../plugins/volume_props/lang/en.hdf | 63 -
.../plugins/volume_props/plugin_icon.png | Bin 15249 -> 0 bytes
.../plugins/volume_props/unittests.py | 10 -
.../plugins/volume_props/volume_properties.cs | 75 -
.../plugins/volume_props/volume_props.py | 81 -
pythonrewrite/scripts/check_languages.py | 106 -
pythonrewrite/scripts/debian | 49 -
pythonrewrite/scripts/show_TODO.sh | 9 -
pythonrewrite/scripts/userdocexport.sh | 135 -
pythonrewrite/stuff/cron-cryptobox | 1 -
pythonrewrite/templates/access_denied.cs | 6 -
pythonrewrite/templates/empty.cs | 6 -
pythonrewrite/templates/footer.cs | 33 -
pythonrewrite/templates/header.cs | 55 -
pythonrewrite/templates/macros.cs | 174 -
pythonrewrite/templates/main.cs | 10 -
pythonrewrite/templates/show_volume.cs | 10 -
pythonrewrite/templates/show_volume_footer.cs | 3 -
pythonrewrite/templates/show_volume_header.cs | 21 -
pythonrewrite/templates/volume_plugins.cs | 25 -
pythonrewrite/www-data/antlogo100px.png | Bin 7318 -> 0 bytes
pythonrewrite/www-data/antlogo100px_green.png | Bin 8624 -> 0 bytes
pythonrewrite/www-data/antlogo100px_red.png | Bin 8142 -> 0 bytes
pythonrewrite/www-data/backg.gif | Bin 13018 -> 0 bytes
.../www-data/background_frame_corner.png | Bin 2355 -> 0 bytes
.../www-data/background_frame_top.png | Bin 2109 -> 0 bytes
pythonrewrite/www-data/cryptobox.css | 558 -
pythonrewrite/www-data/dialog-error_tango.png | Bin 8750 -> 0 bytes
.../www-data/dialog-information_tango.png | Bin 14120 -> 0 bytes
.../www-data/dialog-warning_tango.png | Bin 7611 -> 0 bytes
pythonrewrite/www-data/disc_gray.png | Bin 4524 -> 0 bytes
pythonrewrite/www-data/disc_green.png | Bin 4936 -> 0 bytes
pythonrewrite/www-data/disc_red.png | Bin 4988 -> 0 bytes
pythonrewrite/www-data/evil_stick.png | Bin 32626 -> 0 bytes
pythonrewrite/www-data/footer_line.png | Bin 262 -> 0 bytes
.../www-data/icon_background_active.png | Bin 14372 -> 0 bytes
.../www-data/icon_background_active_060.png | Bin 1845 -> 0 bytes
.../www-data/icon_background_active_080.png | Bin 2891 -> 0 bytes
.../www-data/icon_background_active_100.png | Bin 4101 -> 0 bytes
.../www-data/icon_background_active_256.png | Bin 14372 -> 0 bytes
.../www-data/icon_background_passive_060.png | Bin 1570 -> 0 bytes
.../www-data/icon_background_passive_080.png | Bin 2338 -> 0 bytes
.../www-data/icon_background_passive_100.png | Bin 3292 -> 0 bytes
pythonrewrite/www-data/list.gif | Bin 51 -> 0 bytes
pythonrewrite/www-data/pane_bottom_left.png | Bin 249 -> 0 bytes
pythonrewrite/www-data/pane_bottom_right.png | Bin 249 -> 0 bytes
pythonrewrite/www-data/pane_side_bottom.png | Bin 131 -> 0 bytes
pythonrewrite/www-data/pane_side_left.png | Bin 131 -> 0 bytes
pythonrewrite/www-data/pane_side_right.png | Bin 131 -> 0 bytes
pythonrewrite/www-data/pane_side_top.png | Bin 133 -> 0 bytes
pythonrewrite/www-data/pane_top_left.png | Bin 249 -> 0 bytes
pythonrewrite/www-data/pane_top_right.png | Bin 273 -> 0 bytes
pythonrewrite/www-data/register_active.png | Bin 560 -> 0 bytes
pythonrewrite/www-data/register_active2.png | Bin 1078 -> 0 bytes
pythonrewrite/www-data/register_passive.png | Bin 523 -> 0 bytes
pythonrewrite/www-data/register_passive2.png | Bin 1087 -> 0 bytes
.../www-data/screenshots/de_config.png | Bin 80374 -> 0 bytes
.../www-data/screenshots/de_init.png | Bin 62123 -> 0 bytes
.../www-data/screenshots/de_mount.png | Bin 59615 -> 0 bytes
.../www-data/screenshots/de_w98_login.png | Bin 3650 -> 0 bytes
.../screenshots/de_w98_network_drive.png | Bin 3345 -> 0 bytes
.../screenshots/de_w98_not_logged_in.png | Bin 2914 -> 0 bytes
.../www-data/screenshots/en_config.png | Bin 85007 -> 0 bytes
.../www-data/screenshots/en_mount.png | Bin 71564 -> 0 bytes
.../www-data/screenshots/en_w98_login.png | Bin 3504 -> 0 bytes
.../screenshots/en_w98_network_drive.png | Bin 3013 -> 0 bytes
.../screenshots/en_w98_not_logged_in.png | Bin 2853 -> 0 bytes
pythonrewrite/www-data/smile.png | Bin 356 -> 0 bytes
pythonrewrite/www-data/smile4.png | Bin 275 -> 0 bytes
pythonrewrite/www-data/somerights20.gif | Bin 1835 -> 0 bytes
.../www-data/volume_active_crypto.png | Bin 6590 -> 0 bytes
.../www-data/volume_active_plain.png | Bin 5903 -> 0 bytes
.../www-data/volume_passive_crypto.png | Bin 8140 -> 0 bytes
.../www-data/volume_passive_plain.png | Bin 7661 -> 0 bytes
.../www-data/volume_property_frame.png | Bin 6389 -> 0 bytes
306 files changed, 69727 deletions(-)
delete mode 100644 pythonrewrite/LICENSE
delete mode 100644 pythonrewrite/Makefile
delete mode 100644 pythonrewrite/README
delete mode 100644 pythonrewrite/bin-perl-old/Makefile
delete mode 100755 pythonrewrite/bin-perl-old/cbox-manage.sh
delete mode 100755 pythonrewrite/bin-perl-old/cbox-root-actions.sh
delete mode 100755 pythonrewrite/bin-perl-old/cryptobox.pl
delete mode 100644 pythonrewrite/bin-perl-old/cryptobox_wrapper.c
delete mode 100644 pythonrewrite/bin-perl-old/ro-system.sh
delete mode 100755 pythonrewrite/bin/CryptoBox.py
delete mode 100755 pythonrewrite/bin/CryptoBoxContainer.py
delete mode 100644 pythonrewrite/bin/CryptoBoxExceptions.py
delete mode 100644 pythonrewrite/bin/CryptoBoxPlugin.py
delete mode 100755 pythonrewrite/bin/CryptoBoxRootActions.py
delete mode 100644 pythonrewrite/bin/CryptoBoxSettings.py
delete mode 100644 pythonrewrite/bin/CryptoBoxTools.py
delete mode 100755 pythonrewrite/bin/CryptoBoxWebserver.py
delete mode 100644 pythonrewrite/bin/Plugins.py
delete mode 100644 pythonrewrite/bin/WebInterfaceDataset.py
delete mode 100755 pythonrewrite/bin/WebInterfaceSites.py
delete mode 100644 pythonrewrite/bin/WebInterfaceTestClass.py
delete mode 100644 pythonrewrite/bin/coding_guidelines.txt
delete mode 100644 pythonrewrite/bin/cryptobox.conf
delete mode 100755 pythonrewrite/bin/cryptoboxd
delete mode 100644 pythonrewrite/bin/cryptoboxwebserver.conf
delete mode 100755 pythonrewrite/bin/do_unittests.sh
delete mode 100644 pythonrewrite/bin/example-super.tab
delete mode 100755 pythonrewrite/bin/test.complete.CryptoBox.py
delete mode 100755 pythonrewrite/bin/uml-setup.sh
delete mode 100755 pythonrewrite/bin/unittests.CryptoBox.py
delete mode 100755 pythonrewrite/bin/unittests.CryptoBoxTools.py
delete mode 100755 pythonrewrite/bin/unittests.Plugins.py
delete mode 100755 pythonrewrite/bin/unittests.WebSites.py
delete mode 100644 pythonrewrite/conf-examples/cryptobox.conf
delete mode 100644 pythonrewrite/conf-examples/default-settings/admin_pw
delete mode 100644 pythonrewrite/conf-examples/default-settings/cryptobox.marker
delete mode 100644 pythonrewrite/conf-examples/default-settings/ip
delete mode 100644 pythonrewrite/conf-examples/default-settings/language
delete mode 100644 pythonrewrite/conf-examples/default-settings/names.db
delete mode 100644 pythonrewrite/conf-examples/default-settings/timeout
delete mode 100644 pythonrewrite/conf-examples/default-settings/version
delete mode 100644 pythonrewrite/conf-examples/distributions/README
delete mode 100644 pythonrewrite/conf-examples/distributions/gnu_linux
delete mode 100644 pythonrewrite/debian/README.Debian
delete mode 100644 pythonrewrite/debian/changelog
delete mode 100644 pythonrewrite/debian/control
delete mode 100644 pythonrewrite/debian/copyright
delete mode 100644 pythonrewrite/debian/cryptobox.default
delete mode 100755 pythonrewrite/debian/cryptobox.init
delete mode 100644 pythonrewrite/debian/dirs
delete mode 100644 pythonrewrite/debian/links
delete mode 100644 pythonrewrite/debian/patches/00list
delete mode 100755 pythonrewrite/debian/postinst
delete mode 100755 pythonrewrite/debian/postrm
delete mode 100755 pythonrewrite/debian/rules
delete mode 100644 pythonrewrite/design/background_frame_corner.svg
delete mode 100644 pythonrewrite/design/icon_background_active.svg
delete mode 100644 pythonrewrite/design/icons/applications-system_tango.svg
delete mode 100644 pythonrewrite/design/icons/computer_tango.svg
delete mode 100644 pythonrewrite/design/icons/dialog-error_tango.svg
delete mode 100644 pythonrewrite/design/icons/dialog-information_tango.svg
delete mode 100644 pythonrewrite/design/icons/dialog-warning_tango.svg
delete mode 100644 pythonrewrite/design/icons/drive-cdrom_tango.svg
delete mode 100644 pythonrewrite/design/icons/drive-harddisk_tango.svg
delete mode 100644 pythonrewrite/design/icons/drive-removable-media_tango.svg
delete mode 100644 pythonrewrite/design/icons/globe-lips.svg
delete mode 100644 pythonrewrite/design/icons/gnome-dev-removable-usb_nuvola.svg
delete mode 100644 pythonrewrite/design/icons/gnome-globe_nuvola.svg
delete mode 100644 pythonrewrite/design/icons/gtk-zoom-in_nuvola.svg
delete mode 100644 pythonrewrite/design/icons/help_contents.svg
delete mode 100644 pythonrewrite/design/icons/inaccessible_tango_emblem-unreadable.svg
delete mode 100644 pythonrewrite/design/icons/language.png
delete mode 100644 pythonrewrite/design/icons/locked_tango-emblem-readonly.svg
delete mode 100644 pythonrewrite/design/icons/multimedia-dell-dj-pocket_tango.svg
delete mode 100644 pythonrewrite/design/icons/multimedia-player-ipod-mini-blue_tango.svg
delete mode 100644 pythonrewrite/design/icons/multimedia-player-motorola-rokr_tango.svg
delete mode 100644 pythonrewrite/design/icons/network-transmit-receive_design.svg
delete mode 100644 pythonrewrite/design/icons/pile_of_devices.png
delete mode 100644 pythonrewrite/design/icons/pile_of_devices.svg
delete mode 100644 pythonrewrite/design/icons/preferences-desktop-locale_tango.svg
delete mode 100644 pythonrewrite/design/icons/preferences-system_tango.svg
delete mode 100644 pythonrewrite/design/icons/redhat-config-users_wasp.svg
delete mode 100644 pythonrewrite/design/icons/seahorse-preferences_gnome.svg
delete mode 100644 pythonrewrite/design/icons/spherecrystal_help.svg
delete mode 100644 pythonrewrite/design/icons/system-log-out_tango.svg
delete mode 100644 pythonrewrite/design/icons/unlocked_clavdia.svg
delete mode 100644 pythonrewrite/design/icons/unlocked_lars.svg
delete mode 100644 pythonrewrite/design/logo/ameisenkopp.svg
delete mode 100644 pythonrewrite/design/logo/antlogo100px.png
delete mode 100644 pythonrewrite/design/logo/antlogo100px_green.png
delete mode 100644 pythonrewrite/design/logo/antlogo100px_red.png
delete mode 100644 pythonrewrite/design/logo/antlogo100px_transp_red.png
delete mode 100644 pythonrewrite/design/logo/boesetest.svg
delete mode 100644 pythonrewrite/design/logo/bubblebutton.svg
delete mode 100644 pythonrewrite/design/logo/entwurf.svg
delete mode 100644 pythonrewrite/design/logo/evil_stick.png
delete mode 100644 pythonrewrite/design/logo/evil_stick.svg
delete mode 100644 pythonrewrite/design/logo/evil_stick2.png
delete mode 100644 pythonrewrite/design/logo/evil_stick2.svg
delete mode 100644 pythonrewrite/design/logo/evil_stick3.png
delete mode 100644 pythonrewrite/design/logo/evil_stick3.svg
delete mode 100644 pythonrewrite/design/logo/vault_pingu_gross.png
delete mode 100644 pythonrewrite/design/logo/vault_pingu_uncut.png
delete mode 100644 pythonrewrite/doc/README
delete mode 100644 pythonrewrite/doc/changelog
delete mode 100644 pythonrewrite/doc/copyright
delete mode 100644 pythonrewrite/doc/html/de/CryptoBox.html
delete mode 100644 pythonrewrite/doc/html/de/CryptoBoxDev.html
delete mode 100644 pythonrewrite/doc/html/de/CryptoBoxDevBackground.html
delete mode 100644 pythonrewrite/doc/html/de/CryptoBoxDevCustomBuild.html
delete mode 100644 pythonrewrite/doc/html/de/CryptoBoxDevCustomConfigure.html
delete mode 100644 pythonrewrite/doc/html/de/CryptoBoxDevKnownProblems.html
delete mode 100644 pythonrewrite/doc/html/de/CryptoBoxDevPreparation.html
delete mode 100644 pythonrewrite/doc/html/de/CryptoBoxDevValidation.html
delete mode 100644 pythonrewrite/doc/html/de/CryptoBoxDevWorkFlow.html
delete mode 100644 pythonrewrite/doc/html/de/CryptoBoxUser.html
delete mode 100644 pythonrewrite/doc/html/de/CryptoBoxUserConfiguration.html
delete mode 100644 pythonrewrite/doc/html/de/CryptoBoxUserDailyUse.html
delete mode 100644 pythonrewrite/doc/html/de/CryptoBoxUserGettingStarted.html
delete mode 100644 pythonrewrite/doc/html/en/CryptoBox.html
delete mode 100644 pythonrewrite/doc/html/en/CryptoBoxDev.html
delete mode 100644 pythonrewrite/doc/html/en/CryptoBoxDevBackground.html
delete mode 100644 pythonrewrite/doc/html/en/CryptoBoxDevCustomBuild.html
delete mode 100644 pythonrewrite/doc/html/en/CryptoBoxDevCustomConfigure.html
delete mode 100644 pythonrewrite/doc/html/en/CryptoBoxDevKnownProblems.html
delete mode 100644 pythonrewrite/doc/html/en/CryptoBoxDevPreparation.html
delete mode 100644 pythonrewrite/doc/html/en/CryptoBoxDevValidation.html
delete mode 100644 pythonrewrite/doc/html/en/CryptoBoxDevWorkFlow.html
delete mode 100644 pythonrewrite/doc/html/en/CryptoBoxUser.html
delete mode 100644 pythonrewrite/doc/html/en/CryptoBoxUserConfiguration.html
delete mode 100644 pythonrewrite/doc/html/en/CryptoBoxUserDailyUse.html
delete mode 100644 pythonrewrite/doc/html/en/CryptoBoxUserGettingStarted.html
delete mode 120000 pythonrewrite/doc/html/fr
delete mode 120000 pythonrewrite/doc/html/si
delete mode 100644 pythonrewrite/known_problems
delete mode 100644 pythonrewrite/lang/README
delete mode 100644 pythonrewrite/lang/TODO
delete mode 100644 pythonrewrite/lang/de.hdf
delete mode 100644 pythonrewrite/lang/en.hdf
delete mode 100644 pythonrewrite/lang/fr.hdf
delete mode 100644 pythonrewrite/lang/language_specification.txt
delete mode 100644 pythonrewrite/lang/si.hdf
delete mode 100644 pythonrewrite/plugins/date/date.py
delete mode 100644 pythonrewrite/plugins/date/form_date.cs
delete mode 100644 pythonrewrite/plugins/date/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/date/plugin_icon.png
delete mode 100755 pythonrewrite/plugins/date/root_action.py
delete mode 100644 pythonrewrite/plugins/date/unittests.py
delete mode 100644 pythonrewrite/plugins/disks/disks.cs
delete mode 100644 pythonrewrite/plugins/disks/disks.py
delete mode 100644 pythonrewrite/plugins/disks/lang/de.hdf
delete mode 100644 pythonrewrite/plugins/disks/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/disks/plugin_icon.png
delete mode 100644 pythonrewrite/plugins/disks/unittests.py
delete mode 100644 pythonrewrite/plugins/format_fs/format_fs.py
delete mode 100644 pythonrewrite/plugins/format_fs/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/format_fs/plugin_icon.png
delete mode 100644 pythonrewrite/plugins/format_fs/unittests.py
delete mode 100644 pythonrewrite/plugins/format_fs/volume_format.cs
delete mode 100644 pythonrewrite/plugins/format_fs/volume_format_luks.cs
delete mode 100644 pythonrewrite/plugins/help/doc.cs
delete mode 100644 pythonrewrite/plugins/help/help.py
delete mode 100644 pythonrewrite/plugins/help/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/help/plugin_icon.png
delete mode 100644 pythonrewrite/plugins/help/unittests.py
delete mode 100644 pythonrewrite/plugins/language_selection/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/language_selection/language_selection.cs
delete mode 100644 pythonrewrite/plugins/language_selection/language_selection.py
delete mode 100644 pythonrewrite/plugins/language_selection/plugin_icon.png
delete mode 100644 pythonrewrite/plugins/language_selection/unittests.py
delete mode 100644 pythonrewrite/plugins/logs/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/logs/logs.css
delete mode 100644 pythonrewrite/plugins/logs/logs.py
delete mode 100644 pythonrewrite/plugins/logs/plugin_icon.png
delete mode 100644 pythonrewrite/plugins/logs/show_log.cs
delete mode 100644 pythonrewrite/plugins/logs/unittests.py
delete mode 100644 pythonrewrite/plugins/network/form_network.cs
delete mode 100644 pythonrewrite/plugins/network/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/network/network.py
delete mode 100644 pythonrewrite/plugins/network/plugin_icon.png
delete mode 100755 pythonrewrite/plugins/network/root_action.py
delete mode 100644 pythonrewrite/plugins/network/unittests.py
delete mode 100644 pythonrewrite/plugins/partition/current_partition_info.cs
delete mode 100644 pythonrewrite/plugins/partition/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/partition/partition.css
delete mode 100644 pythonrewrite/plugins/partition/partition.py
delete mode 100644 pythonrewrite/plugins/partition/plugin_icon.png
delete mode 100755 pythonrewrite/plugins/partition/root_action.py
delete mode 100644 pythonrewrite/plugins/partition/select_device.cs
delete mode 100644 pythonrewrite/plugins/partition/set_partitions.cs
delete mode 100644 pythonrewrite/plugins/partition/show_format_progress.cs
delete mode 100644 pythonrewrite/plugins/partition/unittests.py
delete mode 100644 pythonrewrite/plugins/plugin-interface.txt
delete mode 100644 pythonrewrite/plugins/plugin_icon_unknown.png
delete mode 100644 pythonrewrite/plugins/plugin_manager/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/plugin_manager/plugin_icon.png
delete mode 100644 pythonrewrite/plugins/plugin_manager/plugin_list.cs
delete mode 100644 pythonrewrite/plugins/plugin_manager/plugin_manager.py
delete mode 100644 pythonrewrite/plugins/plugin_manager/unittests.py
delete mode 100644 pythonrewrite/plugins/shutdown/form_shutdown.cs
delete mode 100644 pythonrewrite/plugins/shutdown/gnome-reboot.png
delete mode 100644 pythonrewrite/plugins/shutdown/gnome-shutdown.png
delete mode 100644 pythonrewrite/plugins/shutdown/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/shutdown/plugin_icon.png
delete mode 100644 pythonrewrite/plugins/shutdown/progress_reboot.cs
delete mode 100644 pythonrewrite/plugins/shutdown/progress_shutdown.cs
delete mode 100755 pythonrewrite/plugins/shutdown/root_action.py
delete mode 100644 pythonrewrite/plugins/shutdown/shutdown.py
delete mode 100644 pythonrewrite/plugins/shutdown/unittests.py
delete mode 100644 pythonrewrite/plugins/system_preferences/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/system_preferences/plugin_icon.png
delete mode 100644 pythonrewrite/plugins/system_preferences/show_plugins.cs
delete mode 100644 pythonrewrite/plugins/system_preferences/system_preferences.py
delete mode 100644 pythonrewrite/plugins/system_preferences/unittests.py
delete mode 100644 pythonrewrite/plugins/user_manager/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/user_manager/plugin_icon.png
delete mode 100644 pythonrewrite/plugins/user_manager/unittests.py
delete mode 100644 pythonrewrite/plugins/user_manager/user_list.cs
delete mode 100644 pythonrewrite/plugins/user_manager/user_manager.py
delete mode 100644 pythonrewrite/plugins/volume_details/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/volume_details/plugin_icon.png
delete mode 100644 pythonrewrite/plugins/volume_details/unittests.py
delete mode 100644 pythonrewrite/plugins/volume_details/volume_details.cs
delete mode 100644 pythonrewrite/plugins/volume_details/volume_details.py
delete mode 100644 pythonrewrite/plugins/volume_mount/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/volume_mount/plugin_icon.png
delete mode 100644 pythonrewrite/plugins/volume_mount/unittests.py
delete mode 100644 pythonrewrite/plugins/volume_mount/volume_mount.cs
delete mode 100644 pythonrewrite/plugins/volume_mount/volume_mount.py
delete mode 100644 pythonrewrite/plugins/volume_mount/volume_status.cs
delete mode 100644 pythonrewrite/plugins/volume_mount/volume_umount.cs
delete mode 100644 pythonrewrite/plugins/volume_props/lang/en.hdf
delete mode 100644 pythonrewrite/plugins/volume_props/plugin_icon.png
delete mode 100644 pythonrewrite/plugins/volume_props/unittests.py
delete mode 100644 pythonrewrite/plugins/volume_props/volume_properties.cs
delete mode 100644 pythonrewrite/plugins/volume_props/volume_props.py
delete mode 100755 pythonrewrite/scripts/check_languages.py
delete mode 100755 pythonrewrite/scripts/debian
delete mode 100755 pythonrewrite/scripts/show_TODO.sh
delete mode 100755 pythonrewrite/scripts/userdocexport.sh
delete mode 100644 pythonrewrite/stuff/cron-cryptobox
delete mode 100644 pythonrewrite/templates/access_denied.cs
delete mode 100644 pythonrewrite/templates/empty.cs
delete mode 100644 pythonrewrite/templates/footer.cs
delete mode 100644 pythonrewrite/templates/header.cs
delete mode 100644 pythonrewrite/templates/macros.cs
delete mode 100644 pythonrewrite/templates/main.cs
delete mode 100644 pythonrewrite/templates/show_volume.cs
delete mode 100644 pythonrewrite/templates/show_volume_footer.cs
delete mode 100644 pythonrewrite/templates/show_volume_header.cs
delete mode 100644 pythonrewrite/templates/volume_plugins.cs
delete mode 100644 pythonrewrite/www-data/antlogo100px.png
delete mode 100644 pythonrewrite/www-data/antlogo100px_green.png
delete mode 100644 pythonrewrite/www-data/antlogo100px_red.png
delete mode 100644 pythonrewrite/www-data/backg.gif
delete mode 100644 pythonrewrite/www-data/background_frame_corner.png
delete mode 100644 pythonrewrite/www-data/background_frame_top.png
delete mode 100644 pythonrewrite/www-data/cryptobox.css
delete mode 100644 pythonrewrite/www-data/dialog-error_tango.png
delete mode 100644 pythonrewrite/www-data/dialog-information_tango.png
delete mode 100644 pythonrewrite/www-data/dialog-warning_tango.png
delete mode 100644 pythonrewrite/www-data/disc_gray.png
delete mode 100644 pythonrewrite/www-data/disc_green.png
delete mode 100644 pythonrewrite/www-data/disc_red.png
delete mode 100644 pythonrewrite/www-data/evil_stick.png
delete mode 100644 pythonrewrite/www-data/footer_line.png
delete mode 100644 pythonrewrite/www-data/icon_background_active.png
delete mode 100644 pythonrewrite/www-data/icon_background_active_060.png
delete mode 100644 pythonrewrite/www-data/icon_background_active_080.png
delete mode 100644 pythonrewrite/www-data/icon_background_active_100.png
delete mode 100644 pythonrewrite/www-data/icon_background_active_256.png
delete mode 100644 pythonrewrite/www-data/icon_background_passive_060.png
delete mode 100644 pythonrewrite/www-data/icon_background_passive_080.png
delete mode 100644 pythonrewrite/www-data/icon_background_passive_100.png
delete mode 100644 pythonrewrite/www-data/list.gif
delete mode 100644 pythonrewrite/www-data/pane_bottom_left.png
delete mode 100644 pythonrewrite/www-data/pane_bottom_right.png
delete mode 100644 pythonrewrite/www-data/pane_side_bottom.png
delete mode 100644 pythonrewrite/www-data/pane_side_left.png
delete mode 100644 pythonrewrite/www-data/pane_side_right.png
delete mode 100644 pythonrewrite/www-data/pane_side_top.png
delete mode 100644 pythonrewrite/www-data/pane_top_left.png
delete mode 100644 pythonrewrite/www-data/pane_top_right.png
delete mode 100644 pythonrewrite/www-data/register_active.png
delete mode 100644 pythonrewrite/www-data/register_active2.png
delete mode 100644 pythonrewrite/www-data/register_passive.png
delete mode 100644 pythonrewrite/www-data/register_passive2.png
delete mode 100644 pythonrewrite/www-data/screenshots/de_config.png
delete mode 100644 pythonrewrite/www-data/screenshots/de_init.png
delete mode 100644 pythonrewrite/www-data/screenshots/de_mount.png
delete mode 100644 pythonrewrite/www-data/screenshots/de_w98_login.png
delete mode 100644 pythonrewrite/www-data/screenshots/de_w98_network_drive.png
delete mode 100644 pythonrewrite/www-data/screenshots/de_w98_not_logged_in.png
delete mode 100644 pythonrewrite/www-data/screenshots/en_config.png
delete mode 100644 pythonrewrite/www-data/screenshots/en_mount.png
delete mode 100644 pythonrewrite/www-data/screenshots/en_w98_login.png
delete mode 100644 pythonrewrite/www-data/screenshots/en_w98_network_drive.png
delete mode 100644 pythonrewrite/www-data/screenshots/en_w98_not_logged_in.png
delete mode 100644 pythonrewrite/www-data/smile.png
delete mode 100644 pythonrewrite/www-data/smile4.png
delete mode 100644 pythonrewrite/www-data/somerights20.gif
delete mode 100644 pythonrewrite/www-data/volume_active_crypto.png
delete mode 100644 pythonrewrite/www-data/volume_active_plain.png
delete mode 100644 pythonrewrite/www-data/volume_passive_crypto.png
delete mode 100644 pythonrewrite/www-data/volume_passive_plain.png
delete mode 100644 pythonrewrite/www-data/volume_property_frame.png
diff --git a/pythonrewrite/LICENSE b/pythonrewrite/LICENSE
deleted file mode 100644
index b7b5f53..0000000
--- a/pythonrewrite/LICENSE
+++ /dev/null
@@ -1,340 +0,0 @@
- GNU GENERAL PUBLIC LICENSE
- Version 2, June 1991
-
- Copyright (C) 1989, 1991 Free Software Foundation, Inc.
- 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
- Preamble
-
- The licenses for most software are designed to take away your
-freedom to share and change it. By contrast, the GNU General Public
-License is intended to guarantee your freedom to share and change free
-software--to make sure the software is free for all its users. This
-General Public License applies to most of the Free Software
-Foundation's software and to any other program whose authors commit to
-using it. (Some other Free Software Foundation software is covered by
-the GNU Library General Public License instead.) You can apply it to
-your programs, too.
-
- When we speak of free software, we are referring to freedom, not
-price. Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-this service if you wish), that you receive source code or can get it
-if you want it, that you can change the software or use pieces of it
-in new free programs; and that you know you can do these things.
-
- To protect your rights, we need to make restrictions that forbid
-anyone to deny you these rights or to ask you to surrender the rights.
-These restrictions translate to certain responsibilities for you if you
-distribute copies of the software, or if you modify it.
-
- For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must give the recipients all the rights that
-you have. You must make sure that they, too, receive or can get the
-source code. And you must show them these terms so they know their
-rights.
-
- We protect your rights with two steps: (1) copyright the software, and
-(2) offer you this license which gives you legal permission to copy,
-distribute and/or modify the software.
-
- Also, for each author's protection and ours, we want to make certain
-that everyone understands that there is no warranty for this free
-software. If the software is modified by someone else and passed on, we
-want its recipients to know that what they have is not the original, so
-that any problems introduced by others will not reflect on the original
-authors' reputations.
-
- Finally, any free program is threatened constantly by software
-patents. We wish to avoid the danger that redistributors of a free
-program will individually obtain patent licenses, in effect making the
-program proprietary. To prevent this, we have made it clear that any
-patent must be licensed for everyone's free use or not licensed at all.
-
- The precise terms and conditions for copying, distribution and
-modification follow.
-
- GNU GENERAL PUBLIC LICENSE
- TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
- 0. This License applies to any program or other work which contains
-a notice placed by the copyright holder saying it may be distributed
-under the terms of this General Public License. The "Program", below,
-refers to any such program or work, and a "work based on the Program"
-means either the Program or any derivative work under copyright law:
-that is to say, a work containing the Program or a portion of it,
-either verbatim or with modifications and/or translated into another
-language. (Hereinafter, translation is included without limitation in
-the term "modification".) Each licensee is addressed as "you".
-
-Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope. The act of
-running the Program is not restricted, and the output from the Program
-is covered only if its contents constitute a work based on the
-Program (independent of having been made by running the Program).
-Whether that is true depends on what the Program does.
-
- 1. You may copy and distribute verbatim copies of the Program's
-source code as you receive it, in any medium, provided that you
-conspicuously and appropriately publish on each copy an appropriate
-copyright notice and disclaimer of warranty; keep intact all the
-notices that refer to this License and to the absence of any warranty;
-and give any other recipients of the Program a copy of this License
-along with the Program.
-
-You may charge a fee for the physical act of transferring a copy, and
-you may at your option offer warranty protection in exchange for a fee.
-
- 2. You may modify your copy or copies of the Program or any portion
-of it, thus forming a work based on the Program, and copy and
-distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
-
- a) You must cause the modified files to carry prominent notices
- stating that you changed the files and the date of any change.
-
- b) You must cause any work that you distribute or publish, that in
- whole or in part contains or is derived from the Program or any
- part thereof, to be licensed as a whole at no charge to all third
- parties under the terms of this License.
-
- c) If the modified program normally reads commands interactively
- when run, you must cause it, when started running for such
- interactive use in the most ordinary way, to print or display an
- announcement including an appropriate copyright notice and a
- notice that there is no warranty (or else, saying that you provide
- a warranty) and that users may redistribute the program under
- these conditions, and telling the user how to view a copy of this
- License. (Exception: if the Program itself is interactive but
- does not normally print such an announcement, your work based on
- the Program is not required to print an announcement.)
-
-These requirements apply to the modified work as a whole. If
-identifiable sections of that work are not derived from the Program,
-and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works. But when you
-distribute the same sections as part of a whole which is a work based
-on the Program, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote it.
-
-Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
-collective works based on the Program.
-
-In addition, mere aggregation of another work not based on the Program
-with the Program (or with a work based on the Program) on a volume of
-a storage or distribution medium does not bring the other work under
-the scope of this License.
-
- 3. You may copy and distribute the Program (or a work based on it,
-under Section 2) in object code or executable form under the terms of
-Sections 1 and 2 above provided that you also do one of the following:
-
- a) Accompany it with the complete corresponding machine-readable
- source code, which must be distributed under the terms of Sections
- 1 and 2 above on a medium customarily used for software interchange; or,
-
- b) Accompany it with a written offer, valid for at least three
- years, to give any third party, for a charge no more than your
- cost of physically performing source distribution, a complete
- machine-readable copy of the corresponding source code, to be
- distributed under the terms of Sections 1 and 2 above on a medium
- customarily used for software interchange; or,
-
- c) Accompany it with the information you received as to the offer
- to distribute corresponding source code. (This alternative is
- allowed only for noncommercial distribution and only if you
- received the program in object code or executable form with such
- an offer, in accord with Subsection b above.)
-
-The source code for a work means the preferred form of the work for
-making modifications to it. For an executable work, complete source
-code means all the source code for all modules it contains, plus any
-associated interface definition files, plus the scripts used to
-control compilation and installation of the executable. However, as a
-special exception, the source code distributed need not include
-anything that is normally distributed (in either source or binary
-form) with the major components (compiler, kernel, and so on) of the
-operating system on which the executable runs, unless that component
-itself accompanies the executable.
-
-If distribution of executable or object code is made by offering
-access to copy from a designated place, then offering equivalent
-access to copy the source code from the same place counts as
-distribution of the source code, even though third parties are not
-compelled to copy the source along with the object code.
-
- 4. You may not copy, modify, sublicense, or distribute the Program
-except as expressly provided under this License. Any attempt
-otherwise to copy, modify, sublicense or distribute the Program is
-void, and will automatically terminate your rights under this License.
-However, parties who have received copies, or rights, from you under
-this License will not have their licenses terminated so long as such
-parties remain in full compliance.
-
- 5. You are not required to accept this License, since you have not
-signed it. However, nothing else grants you permission to modify or
-distribute the Program or its derivative works. These actions are
-prohibited by law if you do not accept this License. Therefore, by
-modifying or distributing the Program (or any work based on the
-Program), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
-the Program or works based on it.
-
- 6. Each time you redistribute the Program (or any work based on the
-Program), the recipient automatically receives a license from the
-original licensor to copy, distribute or modify the Program subject to
-these terms and conditions. You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties to
-this License.
-
- 7. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License. If you cannot
-distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
-may not distribute the Program at all. For example, if a patent
-license would not permit royalty-free redistribution of the Program by
-all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Program.
-
-If any portion of this section is held invalid or unenforceable under
-any particular circumstance, the balance of the section is intended to
-apply and the section as a whole is intended to apply in other
-circumstances.
-
-It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system, which is
-implemented by public license practices. Many people have made
-generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
-impose that choice.
-
-This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
-
- 8. If the distribution and/or use of the Program is restricted in
-certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Program under this License
-may add an explicit geographical distribution limitation excluding
-those countries, so that distribution is permitted only in or among
-countries not thus excluded. In such case, this License incorporates
-the limitation as if written in the body of this License.
-
- 9. The Free Software Foundation may publish revised and/or new versions
-of the General Public License from time to time. Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-Each version is given a distinguishing version number. If the Program
-specifies a version number of this License which applies to it and "any
-later version", you have the option of following the terms and conditions
-either of that version or of any later version published by the Free
-Software Foundation. If the Program does not specify a version number of
-this License, you may choose any version ever published by the Free Software
-Foundation.
-
- 10. If you wish to incorporate parts of the Program into other free
-programs whose distribution conditions are different, write to the author
-to ask for permission. For software which is copyrighted by the Free
-Software Foundation, write to the Free Software Foundation; we sometimes
-make exceptions for this. Our decision will be guided by the two goals
-of preserving the free status of all derivatives of our free software and
-of promoting the sharing and reuse of software generally.
-
- NO WARRANTY
-
- 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
-FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
-OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
-OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
-TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
-PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
-REPAIR OR CORRECTION.
-
- 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
-OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
-TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
-YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
-PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGES.
-
- END OF TERMS AND CONDITIONS
-
- How to Apply These Terms to Your New Programs
-
- If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
- To do so, attach the following notices to the program. It is safest
-to attach them to the start of each source file to most effectively
-convey the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-
- Copyright (C)
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
-
-
-Also add information on how to contact you by electronic and paper mail.
-
-If the program is interactive, make it output a short notice like this
-when it starts in an interactive mode:
-
- Gnomovision version 69, Copyright (C) year name of author
- Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
- This is free software, and you are welcome to redistribute it
- under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License. Of course, the commands you use may
-be called something other than `show w' and `show c'; they could even be
-mouse-clicks or menu items--whatever suits your program.
-
-You should also get your employer (if you work as a programmer) or your
-school, if any, to sign a "copyright disclaimer" for the program, if
-necessary. Here is a sample; alter the names:
-
- Yoyodyne, Inc., hereby disclaims all copyright interest in the program
- `Gnomovision' (which makes passes at compilers) written by James Hacker.
-
- , 1 April 1989
- Ty Coon, President of Vice
-
-This General Public License does not permit incorporating your program into
-proprietary programs. If your program is a subroutine library, you may
-consider it more useful to permit linking proprietary applications with the
-library. If this is what you want to do, use the GNU Library General
-Public License instead of this License.
diff --git a/pythonrewrite/Makefile b/pythonrewrite/Makefile
deleted file mode 100644
index bb2f6c6..0000000
--- a/pythonrewrite/Makefile
+++ /dev/null
@@ -1,70 +0,0 @@
-#
-# Makefile for the cryptobox web-interface
-#
-# Copyright (c) 02006 senselab
-#
-
-CRYPTOBOX_ROOT = .
-
-PREFIX = /usr/local
-SHARE_DIR = $(PREFIX)/share/cryptobox
-LIB_DIR = $(PREFIX)/lib/cryptobox
-DOC_DIR = $(PREFIX)/share/doc/cryptobox
-BUILD_DIR = build_dir
-INSTALL = install
-
-OS_TYPE=$(shell uname -o | tr [:upper:] [:lower:] | sed s/[^a-z0-9\._\-]/_/g)
-
-.PHONY: install clean build
-
-build:
- $(INSTALL) -d -m 755 $(BUILD_DIR)/etc
- $(INSTALL) -c -m 644 conf-examples/cryptobox.conf $(BUILD_DIR)/etc/
- @sed -i 's#^HTML_TEMPLATE_DIR=.*$$#HTML_TEMPLATE_DIR=$(SHARE_DIR)/templates#' $(BUILD_DIR)/etc/cryptobox.conf
- @sed -i 's#^LANGUAGE_DIR=.*$$#LANGUAGE_DIR=$(SHARE_DIR)/lang#' $(BUILD_DIR)/etc/cryptobox.conf
- @sed -i 's#^DOC_DIR=.*$$#DOC_DIR=$(DOC_DIR)/html#' $(BUILD_DIR)/etc/cryptobox.conf
- @sed -i 's#^CONFIG_DEFAULTS_DIR=.*$$#CONFIG_DEFAULTS_DIR=$(SHARE_DIR)/defaults#' $(BUILD_DIR)/etc/cryptobox.conf
-
- # choose the appropriate program_locations.conf
- if test -e conf-examples/distributions/$(OS_TYPE) ; \
- then cat conf-examples/distributions/$(OS_TYPE) ;\
- else cat conf-examples/distributions/default ;\
- fi >$(BUILD_DIR)/etc/distribution.conf
-
- # compile the suid wrapper
- $(MAKE) -C bin LIB_DIR=$(LIB_DIR)
- @touch $(BUILD_DIR)-stamp
-
-
-install: $(BUILD_DIR)-stamp
- $(INSTALL) -d -m 755 $(LIB_DIR)
- $(INSTALL) -c -m 755 bin/cbox-manage.sh $(LIB_DIR)
- $(INSTALL) -c -m 755 bin/cbox-root-actions.sh $(LIB_DIR)
- $(INSTALL) -c -m 755 bin/cryptobox.pl $(LIB_DIR)
- $(INSTALL) -c -m 755 bin/cryptobox_cgi_wrapper $(LIB_DIR)
- $(INSTALL) -c -m 4755 bin/cryptobox_root_wrapper $(LIB_DIR)
- $(INSTALL) -d -m 755 $(SHARE_DIR)/lang
- $(INSTALL) -c -m 644 lang/* $(SHARE_DIR)/lang/
- $(INSTALL) -d -m 755 $(SHARE_DIR)/templates
- $(INSTALL) -c -m 644 templates/*.cs $(SHARE_DIR)/templates
- $(INSTALL) -d -m 755 $(SHARE_DIR)/defaults
- $(INSTALL) -c -m 644 conf-examples/default-settings/* $(SHARE_DIR)/defaults/
- $(INSTALL) -d -m 755 $(SHARE_DIR)/html
- $(INSTALL) -c -m 644 www-data/*.css $(SHARE_DIR)/html/
- $(INSTALL) -c -m 644 www-data/*.png $(SHARE_DIR)/html/
- $(INSTALL) -c -m 644 www-data/*.gif $(SHARE_DIR)/html/
- #$(INSTALL) -d -m 755 $(SHARE_DIR)/html/screenshots
- #$(INSTALL) -c -m 644 www-data/screenshots/*.png $(SHARE_DIR)/html/screenshots/
- $(INSTALL) -d -m 755 $(DOC_DIR)/html/en
- $(INSTALL) -d -m 755 $(DOC_DIR)/html/de
- $(INSTALL) -c -m 644 doc/html/en/* $(DOC_DIR)/html/en/
- $(INSTALL) -c -m 644 doc/html/de/* $(DOC_DIR)/html/de/
- $(INSTALL) -d -m 755 $(SHARE_DIR)/distributions
- $(INSTALL) -c -m 644 conf-examples/distributions/* $(SHARE_DIR)/distributions/
-
-
-clean:
- $(MAKE) -C bin clean
- -rm -rf $(BUILD_DIR)
- -rm -f $(BUILD_DIR)-stamp
-
diff --git a/pythonrewrite/README b/pythonrewrite/README
deleted file mode 100644
index 2fa9850..0000000
--- a/pythonrewrite/README
+++ /dev/null
@@ -1 +0,0 @@
-link cbox-tree.d/usr/share/doc/cryptobox/README
\ No newline at end of file
diff --git a/pythonrewrite/bin-perl-old/Makefile b/pythonrewrite/bin-perl-old/Makefile
deleted file mode 100644
index 6023795..0000000
--- a/pythonrewrite/bin-perl-old/Makefile
+++ /dev/null
@@ -1,37 +0,0 @@
-# Makefile to compile the binary suid-wrapper for cryptobox
-#
-# LIB_DIR should be defined in the higher level Makefile
-#
-
-HEADER_FILE = cryptobox_wrapper.h
-SRC_FILE = cryptobox_wrapper.c
-CGI_SUID_FILE = cryptobox_cgi_wrapper
-ROOT_SUID_FILE = cryptobox_root_wrapper
-
-CGI_FILENAME = cryptobox.pl
-ROOT_SCRIPT_FILENAME = cbox-root-actions.sh
-# fall back to default, if not overwritten
-LIB_DIR = /usr/local/lib/cryptobox
-
-
-# _always_ recompile (in case of a changed LIB_DIR)
-.PHONY: build clean $(CGI_SUID_FILE) $(ROOT_SUID_FILE)
-
-build: $(CGI_SUID_FILE) $(ROOT_SUID_FILE)
-
-
-$(CGI_SUID_FILE): $(SRC_FILE)
- @echo '#define EXEC_PATH "$(LIB_DIR)/$(CGI_FILENAME)"' >$(HEADER_FILE)
- $(CC) -o $(CGI_SUID_FILE) $(SRC_FILE)
- -rm $(HEADER_FILE)
-
-
-$(ROOT_SUID_FILE): $(SRC_FILE)
- @echo '#define EXEC_PATH "$(LIB_DIR)/$(ROOT_SCRIPT_FILENAME)"' >$(HEADER_FILE)
- $(CC) -o $(ROOT_SUID_FILE) $(SRC_FILE)
- -rm $(HEADER_FILE)
-
-
-clean:
- -rm -f $(CGI_SUID_FILE) $(ROOT_SUID_FILE) $(HEADER_FILE)
-
diff --git a/pythonrewrite/bin-perl-old/cbox-manage.sh b/pythonrewrite/bin-perl-old/cbox-manage.sh
deleted file mode 100755
index 30a82a6..0000000
--- a/pythonrewrite/bin-perl-old/cbox-manage.sh
+++ /dev/null
@@ -1,474 +0,0 @@
-#!/bin/sh
-#
-# Copyright (c) 02005 sense.lab
-#
-# License: This script is distributed under the terms of version 2
-# of the GNU GPL. See the LICENSE file included with the package.
-#
-# $Id$
-#
-# this script does EVERYTHING
-# all other scripts are only frontends :)
-#
-# called by:
-# - some rc-scripts
-# - the web frontend cgi
-#
-
-# TODO: check permissions and owners of config files, directories and scripts before
-# running cbox-root-actions.sh
-
-set -eu
-
-
-# default location of config file
-CONF_FILE=/etc/cryptobox/cryptobox.conf
-
-LIB_DIR=$(dirname "$0")
-
-# to determine a nice default partition name
-DEVICE_NAME_PREFIX="Disk #"
-
-# read the default setting file, if it exists
-test -e /etc/default/cryptobox && . /etc/default/cryptobox
-
-test ! -e "$CONF_FILE" && echo "Could not find the configuration file: $CONF_FILE" >&2 && exit 1
-
-# parse config file
-. "$CONF_FILE"
-
-test ! -e "$CONF_FILE" && echo "Could not find the distribution specific configuration file: $CONF_FILE" >&2 && exit 1
-
-# parse the distribution specific file
-. "$DISTRIBUTION_CONF"
-
-# check for writable log file
-test -w "$LOG_FILE" || LOG_FILE=/tmp/$(basename "$LOG_FILE")
-
-# retrieve configuration directory
-CONFIG_DIR="$(getent passwd $CRYPTOBOX_USER | cut -d ':' -f 6)/config"
-CONFIG_MARKER=cryptobox.marker
-
-## configuration
-ROOT_PERM_SCRIPT="$LIB_DIR/cryptobox_root_wrapper"
-# ROOT_PERM_SCRIPT needs the MNT_PARENT setting
-export MNT_PARENT="$(cd ~; pwd)/mnt"
-
-######## stuff ##########
-
-# all partitions with a trailing number
-ALL_PARTITIONS=$(cat /proc/partitions | sed '1,2d; s/ */ /g; s/^ *//' | cut -d " " -f 4 | grep '[0-9]$')
-
-#########################
-
-function log_msg()
-{
- # the log file is (maybe) not writable during boot - try
- # before writing ...
- test -w "$LOG_FILE" || return 0
- echo >>"$LOG_FILE"
- echo "##### `date` #####" >>"$LOG_FILE"
- echo "$1" >>"$LOG_FILE"
-}
-
-
-function error_msg()
-# parameters: ExitCode ErrorMessage
-{
- local all=$@
- test $# -ne 2 && error_msg 1 "*** invalid call of error_msg *** $all"
- echo "[`date`] - $2" | tee -a "$LOG_FILE" >&2
- # print the execution stack - not usable with busybox
- # caller | sed 's/^/\t/' >&2
- exit "$1"
-}
-
-
-# Parameter: device
-function is_device_allowed() {
- # check for invalid characters and exit if one is found
- local device=$(echo "$1" | sed 's#[^a-zA-Z0-9_\-\./]##g')
- test "$1" = "$device" || return 1
- # remove leading "/dev/"
- device=$(echo "$device" | sed 's#^/dev/##')
- # return for empty name
- test -z "$device" && return 1
- for a in $ALL_PARTITIONS
- do echo "$device" | grep -q "^$a.*" && return 0
- done
- # no matching device found - exit with error
- return 1
-}
-
-function config_set_value()
-# parameters: SettingName [SettingValue]
-# read from stdin if SettingValue is not defined
-{
- if test $# -gt 1
- then echo "$2" > "$CONFIG_DIR/$1"
- else cat - >"$CONFIG_DIR/$1"
- fi
-}
-
-
-function config_get_value()
-# parameters: SettingName
-{
- # use mounted config, if it exists - otherwise use defaults
- local conf_dir
- test -z "$1" && error_msg 1 "empty setting name"
- # check for existence - maybe use default values (even for old
- # releases that did not contain this setting)
- if test -e "$CONFIG_DIR/$1"
- then cat "$CONFIG_DIR/$1"
- elif test -e "$CONFIG_DEFAULTS_DIR/$1"
- then cat "$CONFIG_DEFAULTS_DIR/$1"
- else case "$1" in
- # you may place default values for older versions here
- # for compatibility
- * )
- error_msg 2 "unknown configuration value ($1)"
- ;;
- esac
- fi
- return 0
-}
-
-
-function list_partitions_of_type()
-# parameter: { config | crypto | plaindata | unused }
-{
- local config=
- local crypto=
- local plaindata=
- local unused=
- for a in $ALL_PARTITIONS
- do if "$ROOT_PERM_SCRIPT" is_crypto_partition "/dev/$a"
- then crypto="$crypto /dev/$a"
- elif "$ROOT_PERM_SCRIPT" is_config_partition "/dev/$a"
- then config="$config /dev/$a"
- elif "$ROOT_PERM_SCRIPT" is_plaindata_partition "/dev/$a"
- then plaindata="$plaindata /dev/$a"
- else unused="$unused /dev/$a"
- fi
- done
- case "$1" in
- config )
- echo "$config"
- ;;
- crypto )
- echo "$crypto"
- ;;
- plaindata )
- echo "$plaindata"
- ;;
- unused )
- echo "$unused"
- ;;
- * )
- error_msg 11 "wrong parameter ($1) for list_partition_types in $(basename $0)"
- ;;
- esac | tr " " "\n" | grep -v '^$'
- return 0
-}
-
-
-# Parameter: DEVICE
-function get_device_mnt_name() {
- "$ROOT_PERM_SCRIPT" get_device_mnt_name "$1"
-}
-
-
-# Parameter: DEVICE
-function get_device_uuid() {
- "$ROOT_PERM_SCRIPT" get_device_uuid "$1"
-}
-
-
-# Parameter: DEVICE
-# return the readable name of the crypto container, if it is already defined
-# if undefined - return the uuid
-function get_device_name() {
- local uuid=$(get_device_uuid "$1")
- local dbname=$(config_get_value "names.db" | grep "^$uuid:" | cut -d ":" -f 2-)
- # return dbname if it exists
- test -n "$dbname" && echo "$dbname" && return 0
- # find a nice name for the new partition
- local counter=1
- local test_name
- local test_uuid
- local test_result
- # try to find a name with the defined "prefix" followed by a number ...
- while true
- do test_name="$DEVICE_NAME_PREFIX$counter"
- if config_get_value "names.db" | grep -q ":$test_name$"
- then counter=$((counter+1))
- else # save it for next time
- set_device_name "$1" "$test_name"
- echo "$test_name"
- return 0
- fi
- done
-}
-
-
-function set_device_name()
-# TODO: the implementation is quite ugly, but it works (tm)
-# Parameter: DEVICE NAME
-{
- local uuid=$(get_device_uuid "$1")
- # remove the old setting for this device and every possible entry with the same name
- local new_config=$(config_get_value 'names.db' | sed "/^$uuid:/d; /^[^:]*:$2$/d"; echo "$uuid:$2")
- echo "$new_config" | config_set_value "names.db"
-}
-
-
-function does_crypto_name_exist()
-# Parameter: NAME
-{
- config_get_value 'names.db' | grep -q "^[^:]*:$1$"
-}
-
-
-function create_crypto()
-# Parameter: DEVICE NAME KEYFILE
-# keyfile is necessary, to allow background execution via 'at'
-{
- local device=$1
- local name=$2
- local keyfile=$3
- # otherwise the web interface will hang
- # passphrase may be passed via command line
- local key=$(<"$keyfile")
- # remove the passphrase-file as soon as possible
- dd if=/dev/zero of="$keyfile" bs=512 count=1 2>/dev/null
- rm "$keyfile"
-
- log_msg "Creating crypto partition with the cipher $DEFAULT_CIPHER on $device"
- echo "$key" | "$ROOT_PERM_SCRIPT" create_crypto "$device"
-
- set_crypto_name "$device" "$name"
-}
-
-
-function is_config_active() {
- test -f "$CONFIG_DIR/$CONFIG_MARKER"
-}
-
-
-# Parameter: DEVICE
-function is_mounted() {
- local name=$(get_device_mnt_name "$1")
- test -n "$name" && mountpoint -q "$MNT_PARENT/$name"
-}
-
-
-# Parameter: DEVICE
-function is_plain() {
- "$ROOT_PERM_SCRIPT" is_plain_partition "$1"
-}
-
-
-# Parameter: DEVICE
-function is_encrypted() {
- "$ROOT_PERM_SCRIPT" is_crypto_partition "$1"
-}
-
-
-# list which allowed disks are at the moment connected with the cbox
-function get_available_disks() {
- for scan in $SCAN_DEVICES
- do for avail in $ALL_PARTITIONS
- do echo "$avail" | grep -q "^$scan[^/]*" && echo "/dev/$avail"
- done
- done
- return 0
-}
-
-
-# Parameter: DEVICE
-function mount_crypto() {
- local device=$1
- test -z "$device" && error_msg 4 'No valid harddisk found!'
- is_mounted "$device" && echo "The crypto filesystem is already active!" && return
- # passphrase is read from stdin
- log_msg "Mounting a crypto partition from $device"
- "$ROOT_PERM_SCRIPT" mount "$device" >>"$LOG_FILE" 2>&1
-}
-
-
-function umount_partition() {
-# Parameter: device
- local container=$(get_device_name "$1")
- "$ROOT_PERM_SCRIPT" umount "$1"
-}
-
-
-function box_purge()
-# removing just the first bytes from the harddisk should be enough
-# every harddisk will be overriden!
-# this feature is only useful for validation
-{
- # TODO: not ALL harddisks, please!
- get_available_disks | while read a
- do log_msg "Purging $a ..."
- "$ROOT_PERM_SCRIPT" trash_device "$a"
- done
-}
-
-
-function turn_off_all_containers() {
- # TODO - needs to be implemented
- return 0
-}
-
-
-### main ###
-
-# set PATH because thttpd removes /sbin and /usr/sbin for cgis
-export PATH=/usr/sbin:/usr/bin:/sbin:/bin
-
-
-ACTION=help
-test $# -gt 0 && ACTION=$1 && shift
-
-case "$ACTION" in
- crypto-up )
- test $# -ne 1 && error_msg 10 "invalid number of parameters for 'crypto-up'"
- is_device_allowed "$1" || error_msg 12 "invalid device: $1"
- mount_crypto "$1"
- ;;
- crypto-down )
- test $# -ne 1 && error_msg 10 "invalid number of parameters for 'crypto-down'"
- is_device_allowed "$1" || error_msg 12 "invalid device: $1"
- umount_partition "$1"
- ;;
- init )
- init_cryptobox >"$LOG_FILE" 2>&1
- ;;
- list_container )
- test $# -ne 1 && error_msg 10 "invalid number of parameters for 'list_container'"
- case "$1" in
- config | unused | plaindata | crypto )
- list_partitions_of_type "$1"
- ;;
- * )
- return 1
- ;;
- esac
- return 0
- ;;
- get_device_name )
- # Parameter: DEVICE
- test $# -ne 1 && error_msg 10 "invalid number of parameters for 'get_device_name'"
- is_device_allowed "$1" || error_msg 12 "invalid device: $1"
- get_device_name "$1"
- ;;
- set_device_name )
- # Parameter: DEVICE NAME
- test $# -ne 2 && error_msg 10 "invalid number of parameters for 'set_device_name'"
- is_device_allowed "$1" || error_msg 12 "invalid device: $1"
- set_device_name "$1" "$2"
- ;;
- device_init )
- # Parameter: DEVICE [KEYFILE]
- test $# -lt 1 && error_msg 10 "invalid number of parameters for 'device_init' ($@)"
- test $# -gt 2 && error_msg 10 "invalid number of parameters for 'device_init' ($@)"
- if test $# -eq 2
- then test -z "$2" -o ! -e "$2" && error_msg 11 "invalid keyfile ($2) given for 'device_init'"
- fi
- is_device_allowed "$1" || error_msg 12 "invalid device: $1"
- if test $# -eq 2
- then "$ROOT_PERM_SCRIPT" create_crypto "$1" "$2"
- else "$ROOT_PERM_SCRIPT" create_plain "$1"
- fi
- true
- ;;
- is_mounted )
- test $# -ne 1 && error_msg 10 "invalid number of parameters for 'is_mounted'"
- is_device_allowed "$1" || error_msg 12 "invalid device: $1"
- is_mounted "$1"
- ;;
- is_encrypted )
- test $# -ne 1 && error_msg 10 "invalid number of parameters for 'is_encrypted'"
- is_device_allowed "$1" || error_msg 12 "invalid device: $1"
- is_encrypted "$1"
- ;;
- is_plain )
- test $# -ne 1 && error_msg 10 "invalid number of parameters for 'is_plain'"
- is_device_allowed "$1" || error_msg 12 "invalid device: $1"
- is_plain "$1"
- ;;
- check_config)
- is_config_active
- ;;
- get_available_disks )
- get_available_disks
- ;;
- set_config )
- test $# -ne 2 && error_msg 7 "'set_config' requires two parameters"
- config_set_value "$1" "$2"
- ;;
- get_config )
- test $# -ne 1 && error_msg 6 "'get_config' requires exactly one parameter"
- config_get_value "$1"
- ;;
- get_capacity_info )
- test $# -ne 1 && error_msg 6 "'get_capacity_info' requires exactly one parameter"
- is_device_allowed "$1" || error_msg 12 "invalid device: $1"
- is_mounted "$1" || error_msg 13 "the device is not mounted: $1"
- name=$(get_device_mnt_name "$1")
- df -h "$MNT_PARENT/$name" | tail -1
- ;;
- diskinfo )
- get_available_disks | while read a
- do "$ROOT_PERM_SCRIPT" diskinfo "$a"
- done 2>/dev/null
- ;;
- box-purge )
- log_msg "Cleaning the CryptoBox ..."
- turn_off_all_containers
- "$0" config-down
- box_purge >>"$LOG_FILE" 2>&1
- ;;
- poweroff )
- log_msg "Shutting down the Cryptobox ..."
- turn_off_all_containers
- "$ROOT_PERM_SCRIPT" poweroff
- ;;
- reboot )
- log_msg "Rebooting the Cryptobox ..."
- turn_off_all_containers
- "$ROOT_PERM_SCRIPT" reboot
- ;;
- umount_all )
- log_msg "Unmounting all volumes ..."
- turn_off_all_containers
- ;;
- * )
- echo "[$(basename $0)] - unknown action: $ACTION" >&2
- echo "Syntax: $(basename $0) ACTION [PARAMS]"
- echo " crypto-up - mount crypto partition"
- echo " crypto-down - unmount crypto partition"
- echo " crypto-create - a wrapper for 'crypto-create-bg'"
- echo " crypto-create-bg - create encrypted blockdevice and run mkfs"
- echo " is_mounted - check, if crypto partition is mounted"
- echo " check_config - check, if the configuration is usable"
- echo " get_available_disks - shows all accessible disks"
- echo " get_current_ip - get the current IP of the network interface"
- echo " set_config NAME VALUE - change a configuration setting"
- echo " get_config NAME - retrieve a configuration setting"
- echo " get_device_name DEVICE - retrieve the human readable name of a partition"
- echo " set_device_name DEVICE - set the human readable name of a partition"
- echo " device_init DEVICE KEYFILE - initialize the filesystem of a partition (the keyfile just contains the passphrase)"
- echo " get_capacity_info - print the output of 'df' for the (mounted) partition"
- echo " diskinfo - show the partition table of the harddisk"
- echo " box-purge - destroy the partition tables of all harddisks (delete everything)"
- echo " poweroff - turn off the computer"
- echo " reboot - reboot the computer"
- echo
- ;;
- esac
-
-exit 0
-
diff --git a/pythonrewrite/bin-perl-old/cbox-root-actions.sh b/pythonrewrite/bin-perl-old/cbox-root-actions.sh
deleted file mode 100755
index 9e25d7d..0000000
--- a/pythonrewrite/bin-perl-old/cbox-root-actions.sh
+++ /dev/null
@@ -1,341 +0,0 @@
-#!/bin/sh
-#
-# Copyright (c) 02005 sense.lab
-#
-# License: This script is distributed under the terms of version 2
-# of the GNU GPL. See the LICENSE file included with the package.
-#
-# $Id$
-#
-# this script is responsible for all dangerous actions, that require root privileges
-# every action should be checked at least TWICE a day for open holes :)
-# usually will get call via sudo
-#
-# called by:
-# - cbox-manage.sh
-#
-
-set -eu
-
-LIB_DIR=$(dirname "$0")
-LIB_DIR=$(cd "$LIB_DIR"; pwd)
-
-test "$(id -u)" -ne 0 && echo "$(basename $0) - only root may call this script" >&2 && exit 100
-
-# read the default setting file, if it exists
-test -e /etc/default/cryptobox && . /etc/default/cryptobox
-
-# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
-CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
-# parse config file
-. "$CONF_FILE"
-# parse distribution specific file
-. "$DISTRIBUTION_CONF"
-
-CB_SCRIPT="$LIB_DIR/cbox-manage.sh"
-CONFIG_MARKER=cryptobox.marker
-
-
-############ some useful functions ###############
-
-# check if the given device is part of the SCAN_DEVICE list
-# every entry in SCAN_DEVICES is matched as "^/dev/${SCAN_DEVICE}[^/]*$" against
-# the given device
-# other devices may not be touched
-function is_device_allowed()
-# parameter: device
-{
- for a in $SCAN_DEVICES
- do echo "$1" | grep -q "^/dev/${a}[^/]*$" && return 0
- done
- return 1
-}
-
-
-# return the uuid of the partition (if possible)
-# this works at least for luks, ext2/3 and vfat partitions
-function get_device_uuid() {
- local UUID
- # check for luksUUID or ext2/3-uuid
- if is_luks_device "$1"
- then UUID=$("$CRYPTSETUP" luksUUID "$1")
- else test -x "$BLKID" && UUID=$("$BLKID" -s UUID -o value -c /dev/null -w /dev/null "$1" 2>/dev/null)
- fi
- if test -z "$UUID"
- then get_device_flat_name "$1"
- else echo "$UUID"
- fi
- return 0
-}
-
-
-# the device name is "flattened"
-function get_device_flat_name() {
- echo "$1" | sed 's#/#_#g'
-}
-
-
-# the basename of the mountpoint for this device - should be somehow human_readable
-function get_device_mnt_name() {
- "$CB_SCRIPT" get_device_name "$1"
-}
-
-
-# every devmapper name should look like a UUID
-function is_uuid_valid() {
- local hex=[0-9a-f]
- echo "$1" | grep -q "^$hex\{8\}-$hex\{4\}-$hex\{4\}-$hex\{4\}-$hex\{12\}$"
-}
-
-
-# parameter ExitCode ErrorMessage
-function error_msg() {
- echo "CBOX-ERROR: [$(basename $0) - $ACTION] - $2" >&2
- exit $1
-}
-
-
-# parameter: device sfdisk_layout_setup
-# e.g.: /dev/hda "0,1,L \n,,L\n"
-function partition_device() {
- # TODO: allow different layouts
- # TODO: skip config partition if a configuration is already active
- # sfdisk -n doesn't actually write (for testing purpose)
- if echo -e "$2" | "$SFDISK" -n "$1"
- then echo -e "$2" | "$SFDISK" "$1" || return 1
- else return 2
- fi
- true
-}
-
-
-function is_luks_device()
-# parameter: device
-{
- "$CRYPTSETUP" isLuks "$1" 2>/dev/null
-}
-
-
-################ main ####################
-
-ACTION=unknown
-test $# -gt 0 && ACTION=$1 && shift
-
-
-case "$ACTION" in
- partition_disk )
- test $# -ne 2 && error_msg 1 "wrong number of parameters"
- is_device_allowed "$1" || \
- error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
- partition_device "$1" "$2" || \
- error_msg 2 "failed to create new partition table on device $1"
- ;;
- mount )
- # parameters: device
- # returns the relative name of the mointpoint for success
- test $# -ne 1 && error_msg 1 "wrong number of parameters"
- is_device_allowed "$1" || \
- error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
- mnt_name=$(get_device_mnt_name "$1")
- mountpoint -q "$MNT_PARENT/$mnt_name" && \
- error_msg 5 "a device with the same name ($mnt_name) is already mounted"
- mkdir -p "$MNT_PARENT/$mnt_name"
- if is_luks_device "$1"
- then "$CRYPTSETUP" luksOpen "$1" "$mnt_name" || \
- error_msg 6 "could not open encrypted device $1"
- if mount "$DEV_MAPPER_DIR/$mnt_name" "$MNT_PARENT/$mnt_name"
- then true
- else "$CRYPTSETUP" luksClose "$mnt_name" || true
- error_msg 7 "wrong password for $1 supplied"
- fi
- else mount "$1" "$MNT_PARENT/$mnt_name" || \
- error_msg 8 "invalid filesystem on device $1"
- fi
- # just in case, that there is no ext2/3 filesystem:
- # set uid option (will fail silently for ext2/3)
- # TODO: there is no FILE_USER setting anymore - do we still need it?
- #mount -o remount,uid="$FILE_USER" "$MNT_PARENT/$name" 2>/dev/null || true
- # adapt top-level permission to current setup - again: may fail silently
- #chown "$FILE_USER" "$MNT_PARENT/$name" 2>/dev/null || true
- true
- ;;
- umount )
- #parameter: device
- test $# -ne 1 && error_msg 1 "wrong number of parameters"
- is_device_allowed "$1" || \
- error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
- mnt_name=$(get_device_mnt_name "$1")
- mountpoint -q "$MNT_PARENT/$mnt_name" || \
- error_msg 9 "the device ($1) is not mounted as '$mnt_name'"
- # try to unmount - do it in lazy mode
- umount -l "$MNT_PARENT/$mnt_name"
- # TODO: check, what happens, if there are open files - does the device gets mapping removed?
- # remove (if necessary) the device mapping
- if test -e "$DEV_MAPPER_DIR/$mnt_name"
- then "$CRYPTSETUP" luksClose "$mnt_name" || \
- error_msg 11 "could not remove the device mapper ($mnt_name) for device $1"
- fi
- # try to remove the mountpoint - a failure is not important
- rmdir "$MNT_PARENT/$mnt_name" || true
- # set exitcode
- mountpoint -q "$MNT_PARENT/$mnt_name" && exit 1
- true
- ;;
- create_crypto )
- # parameter: device keyfile
- test $# -ne 2 && error_msg 1 "wrong number of parameters"
- keyfile=$2
- test -e "$keyfile" || error_msg 2 "keyfile ($keyfile) not found"
- is_device_allowed "$1" || \
- error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
- # read the passphrase from stdin
- # the iter-time is in milliseconds - keep it low for fast mounting
- cat "$keyfile" | \
- "$CRYPTSETUP" --cipher "$DEFAULT_CIPHER" --iter-time 2000 --batch-mode luksFormat "$1" || \
- error_msg 11 "failed to create the encrypted partition"
- name=$(get_device_mnt_name "$1")
- cat "$keyfile" | "$CRYPTSETUP" --batch-mode luksOpen "$1" "$name" || \
- error_msg 12 "failed to open the encrypted partition"
- # trash the passphrase in keyfile
- echo "0123456789abcdefghijklmnopqrstuvwxyz" > "$keyfile"
- # the disk cache surely prevents the previous line from being written, but we do it anyway ...
- echo "zyxwvutsrqponmlkjihgfedcba9876543210" > "$keyfile"
- rm "$keyfile"
- # complete in background
- (
- "$MKFS_DATA" "$DEV_MAPPER_DIR/$name" || \
- error_msg 13 "failed to create the encrypted filesystem"
- "$CRYPTSETUP" --batch-mode luksClose "$name" || \
- error_msg 14 "failed to close the encrypted mapped device"
- ) /dev/null 2>/dev/null &
- true
- ;;
- create_plain )
- # parameter: device
- test $# -ne 1 && error_msg 1 "wrong number of parameters for 'create_plain'"
- is_device_allowed "$1" || \
- error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
- # complete in background
- (
- "$MKFS_DATA" "$1" || \
- error_msg 15 "failed to create the plaintext filesystem"
- ) /dev/null 2>/dev/null &
- true
- ;;
- get_device_mnt_name )
- # parameter: device
- test $# -ne 1 && error_msg 1 "wrong number of parameters"
- is_device_allowed "$1" || \
- error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
- get_device_mnt_name "$1"
- ;;
- get_device_uuid )
- # parameter: device
- test $# -ne 1 && error_msg 1 "wrong number of parameters"
- is_device_allowed "$1" || \
- error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
- get_device_uuid "$1"
- ;;
- is_config_partition )
- # parameter: device
- # returns exitcode 0 if the device contains a configuration
- test $# -ne 1 && error_msg 1 "wrong number of parameters"
- is_device_allowed "$1" || \
- error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
- is_config=0
- tmp_dir=/tmp/$(basename $0)-$$-mnt
- mkdir -p "$tmp_dir"
- # error means "no config partition"
- if mount "$1" "$CONFIG_DIR"
- then test -e "$CONFIG_DIR/$CONFIG_MARKER" && is_config=1
- umount "$CONFIG_DIR" || \
- error_msg 14 "unable to unmount configation partition after probing"
- fi
- rmdir "$tmp_dir" || true
- # return 0 if $device is a config partition
- test "$is_config" -eq 1 && exit 0
- exit 1
- ;;
- is_crypto_partition )
- # parameter: device
- # returns exitcode 0 if the device contains a luks header
- test $# -ne 1 && error_msg 1 "wrong number of parameters"
- is_device_allowed "$1" || \
- error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
- is_luks_device "$1"
- ;;
- is_plain_partition )
- # parameter: device
- # returns exitcode 0 if the device contains a readable filesystem
- test $# -ne 1 && error_msg 1 "wrong number of parameters"
- is_device_allowed "$1" || \
- error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
- status=0
- tmp_dir=/tmp/$(basename $0)-$$-mnt
- mkdir -p "$tmp_dir"
- if mount "$1" "$tmp_dir" >/dev/null 2>/dev/null
- then test ! -e "$tmp_dir/$CONFIG_MARKER" && status=1
- umount "$tmp_dir"
- fi
- rmdir "$tmp_dir" || true
- test "$status" -eq 1 && exit 0
- exit 1
- ;;
- trash_device )
- # parameter: device
- test $# -ne 1 && error_msg 1 "wrong number of parameters"
- is_device_allowed "$1" || \
- error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
- dd if=/dev/urandom of="$1" bs=512 count=1 2>/dev/null
- ;;
- diskinfo )
- # parameter: device
- test $# -ne 1 && error_msg 1 "wrong number of parameters"
- is_device_allowed "$1" || \
- error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
- "$SFDISK" -L -q -l "$1"
- ;;
- update_network )
- # parameter: none
- ip=
- # TODO: can we avoid to hard-code the filename ($CONFIG_DIR/ip) here?
- test -e "$CONFIG_DIR/ip" && ip=$(<"$CONFIG_DIR/ip")
- test -n "$z" && ifconfig "$NET_IFACE" "$ip"
- ;;
- poweroff )
- # TODO: check configuration setting before
- "$POWEROFF"
- ;;
- reboot )
- # TODO: check configuration setting before
- "$REBOOT"
- ;;
- * )
- echo "[$(basename $0)] - unknown action: $ACTION" >&2
- echo "Syntax: $(basename $0) ACTION PARAMETERS"
- echo ' partition_disk $device $disk_layout'
- echo ' get_device_name $device'
- echo ' get_device_uuid $device'
- echo ' create_crypto $device'
- echo ' mount $device'
- echo ' umount $name'
- echo ' create_config $device'
- echo ' mount_config $device'
- echo ' remount_config { ro | rw }'
- echo ' umount_config'
- echo ' is_config_partition $device'
- echo ' is_plain_partition $device'
- echo ' is_crypto_partition $device'
- echo ' trash_device $device'
- echo ' diskinfo $device'
- echo ' update_network'
- echo ' poweroff'
- echo ' reboot'
- echo ' help'
- echo
- test "$ACTION" = "help" && exit 0
- # return error for any unknown/unspecified action
- exit 1
- ;;
- esac
-
diff --git a/pythonrewrite/bin-perl-old/cryptobox.pl b/pythonrewrite/bin-perl-old/cryptobox.pl
deleted file mode 100755
index 7f36806..0000000
--- a/pythonrewrite/bin-perl-old/cryptobox.pl
+++ /dev/null
@@ -1,946 +0,0 @@
-#!/usr/bin/perl
-#
-# Copyright (c) 02005 sense.lab
-#
-# License: This script is distributed under the terms of version 2
-# of the GNU GPL. See the LICENSE file included with the package.
-#
-# $Id$
-#
-# the web interface of the CryptoBox
-#
-
-
-###############################################
-
-use strict;
-use CGI;
-use ClearSilver;
-use ConfigFile;
-use English;
-use CGI::Carp;
-use IO::File;
-use POSIX;
-
-use constant CRYPTOBOX_VERSION => 0.3;
-
-# debug levels
-use constant DEBUG_NONE => 0;
-use constant DEBUG_ERROR => 1;
-use constant DEBUG_WARN => 2;
-use constant DEBUG_INFO => 3;
-
-# drop privileges
-$UID = $EUID;
-$GID = $EGID;
-
-# necessary for suid perl scripts (see 'man perlsec' for details)
-$ENV{'PATH'} = '/bin:/usr/bin';
-delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # Make %ENV safer
-
-my $CONFIG_FILE = '/etc/cryptobox/cryptobox.conf';
-
-my $pagedata;
-
-my ($LANGUAGE_DIR, $DEFAULT_LANGUAGE, $HTML_TEMPLATE_DIR, $DOC_DIR);
-my ($CB_SCRIPT, $LOG_FILE, $IS_DEVEL, $STYLESHEET_URL, $DEBUG_LEVEL);
-
-# get the directory of the cryptobox scripts/binaries and untaint it
-$CB_SCRIPT = $0;
-$CB_SCRIPT =~ m/^(.*)\/[^\/]*$/;
-$CB_SCRIPT = ($1)? "$1/cbox-manage.sh" : './cbox-manage.sh';
-
-&fatal_error ("could not find configuration file ($CONFIG_FILE)") unless (-e $CONFIG_FILE);
-my $config = ConfigFile::read_config_file($CONFIG_FILE);
-
-$LOG_FILE = $config->{LOG_FILE};
-$LANGUAGE_DIR = $config->{LANGUAGE_DIR};
-$DEFAULT_LANGUAGE = $config->{LANGUAGE};
-$HTML_TEMPLATE_DIR = $config->{HTML_TEMPLATE_DIR};
-$DOC_DIR = $config->{DOC_DIR};
-$IS_DEVEL = ( -e $config->{DEV_FEATURES_SCRIPT});
-$STYLESHEET_URL = $config->{STYLESHEET_URL};
-if (defined($config->{DEBUG_LEVEL})) {
- $DEBUG_LEVEL = $config->{DEBUG_LEVEL};
-} else {
- $DEBUG_LEVEL = DEBUG_ERROR; # default debug level
-}
-
-my $query = new CGI;
-
-#################### subs ######################
-
-# for fatal errors without the chance of clearsilver-rendering
-sub fatal_error() {
- my $message = shift;
-
- print "Content-Type: text/html\n\n";
- print "CryptoBox\n";
- print "\n";
- print '
' . $message . "
\n";
- print "\n";
- die "[CryptoBox]: $message";
-}
-
-
-sub debug_msg() {
- my ($level, $message) = @_;
- return 0 unless ($level >= $DEBUG_LEVEL);
- warn "[cryptobox]: $message";
-}
-
-
-sub load_hdf {
- my $hdf = ClearSilver::HDF->new();
-
- my $fname = "$HTML_TEMPLATE_DIR/main.cs";
- &fatal_error ("Template directory is invalid ($fname not found)!") unless (-e "$fname");
- $hdf->setValue("Settings.TemplateDir","$HTML_TEMPLATE_DIR");
-
- &fatal_error ("Documentation directory ($DOC_DIR) not found!") unless (-d "$DOC_DIR");
- $hdf->setValue("Settings.DocDir","$DOC_DIR");
-
- # if it was requested as directory index (link from index.html), we should
- # set a real script name - otherwise links with a query string will break
- # ignore POST part of the SCRIPT_NAME (after "&")
- (my $script_url = $ENV{'SCRIPT_NAME'}) =~ m/^[^&]*/;
- $hdf->setValue("ScriptName", ($ENV{'SCRIPT_NAME'} eq '/')? '/cryptobox' : $script_url );
-
- # set stylesheet url
- $hdf->setValue("Settings.Stylesheet",$STYLESHEET_URL);
-
- &load_selected_language($hdf);
-
- &get_available_languages($hdf);
-
- return $hdf;
-}
-
-
-sub load_selected_language {
- my $data = shift;
- my $config_language;
-
- # load $DEFAULT_LANGUAGE - this is necessary, if a translation is incomplete
- $data->readFile("$LANGUAGE_DIR/$DEFAULT_LANGUAGE" . ".hdf");
-
- # load configured language, if it is valid
- $config_language = &get_cbox_config("language");
- $config_language = $DEFAULT_LANGUAGE unless (&validate_language("$config_language"));
-
- # check for preferred browser language, if the box was not initialized yet
- if ( ! &check_config())
- {
- my $prefLang = &get_browser_language();
- # take it, if a supported browser language was found
- $config_language = $prefLang unless ($prefLang eq '');
- }
-
- ######### temporary language setting? ############
- # the default language can be overriden by the language links in the
- # upper right of the page
- if ($query->param('weblang')) {
- my $weblang = $query->param('weblang');
- if (&validate_language($weblang)) {
- # load the data
- $config_language = "$weblang";
- # add the setting to every link
- # how it should be done now ...
- $data->setValue('Settings.LinkAttrs.weblang', "$weblang");
- # old way of doing this ... (TODO: to be removed)
- $data->setValue('Data.PostData.weblang', "$weblang");
- } else {
- # no valid language was selected - so you may ignore it
- $data->setValue('Data.Warning', 'InvalidLanguage');
- }
- }
- # import the configured resp. the temporarily selected language
- $data->readFile("$LANGUAGE_DIR/$config_language" . ".hdf");
-
- ########## select documentation language ##########
- if (&validate_doc_language($config_language)) {
- # selected web interface language
- $data->setValue('Settings.DocLang', "$config_language");
- } elsif (&validate_doc_language($DEFAULT_LANGUAGE)) {
- # configured CryptoBox language
- $data->setValue('Settings.DocLang', "$DEFAULT_LANGUAGE");
- } else {
- # default hardcoded language (english)
- $data->setValue('Settings.DocLang', "en");
- }
-}
-
-
-# import the names of all available languages
-sub get_available_languages {
- my $data = shift;
- my ($file, @files, $hdf, $lang_name);
-
- opendir(DIR, $LANGUAGE_DIR) or &fatal_error ("Language directory ($LANGUAGE_DIR) not accessible!");
- @files = sort grep { /.*\.hdf$/ } readdir(DIR);
- close(DIR);
-
- foreach $file (@files) {
- $hdf = ClearSilver::HDF->new();
- $hdf->readFile("$LANGUAGE_DIR/$file");
- substr($file, -4) = "";
- $lang_name = $hdf->getValue("Lang.Name", "$file");
- $data->setValue("Data.Languages." . "$file", "$lang_name");
- }
-}
-
-
-# look for preferred browser language setting
-# this code was adapted from Per Cederberg - http://www.percederberg.net/home/perl/select.perl
-# it returns an empty string, if no supported language was found
-sub get_browser_language {
- my ($str, @langs, @res);
-
- # Use language preference settings
- if ($ENV{'HTTP_ACCEPT_LANGUAGE'} ne '')
- {
- @langs = split(/,/, $ENV{'HTTP_ACCEPT_LANGUAGE'});
- foreach (@langs)
- {
- # get the first part of the language setting
- ($str) = ($_ =~ m/([a-z]+)/);
- # check, if it supported by the cryptobox
- $res[$#res+1] = $str if validate_language($str);
- }
- }
-
- # if everything fails - return empty string
- $res[0] = "" if ($#res lt 0);
- return $res[0];
-}
-
-
-sub log_msg {
- my $text = shift;
- open(LOGFILE,">> $LOG_FILE");
- print LOGFILE "$text";
- close(LOGFILE);
-}
-
-
-sub check_ssl {
- # check, if we are behind a proxy with ssl (e.g. pound)
- return (0==0) if ($ENV{'HTTP_FRONT_END_HTTPS'} =~ m/^on$/i);
- # environment variable set (e.g. via apache directive "SetEnv HTTPS On")
- return (0==0) if ($ENV{'HTTPS'} =~ m/^on$/i);
- # port 80 -> not encrypted
- return (0==1) if ($ENV{'SERVER_PORT'} == 80);
- # other ports -> maybe ok - we accept it
- return (0==0);
-}
-
-
-# check, if the given device is mounted/used somehow
-# Paramter: device
-sub check_mounted {
- my ($dev) = @_;
- return (system($CB_SCRIPT,"is_mounted",$dev) == 0);
-}
-
-
-sub check_config {
- return (system($CB_SCRIPT,"check_config") == 0);
-}
-
-
-sub exec_cb_script {
- my (@params) = @_;
- my ($pid, @result);
- &fatal_error("unable to fork process") unless defined($pid = open(PROG_OUT, "-|"));
- if (!$pid) {
- # child
- exec($CB_SCRIPT, @params) or &fatal_error("failed to execute $CB_SCRIPT!");
- exit 0;
- } else {
- # parent
- # only read lines containing at least one non-whitespace character
- @result = grep /\S/, ;
- foreach (@result) { chomp; }
- unless (close PROG_OUT) {
- &debug_msg(DEBUG_WARN, "error while running $CB_SCRIPT (params:" . join(" ",@params) . "): $?");
- return undef;
- }
- }
- if (wantarray) {
- return @result;
- } elsif (@result > 0) {
- return join('',@result);
- } else {
- return "";
- }
-}
-
-
-sub check_init_running {
- # TODO: improve this
- return (0==1);
-}
-
-
-# Parameter: device
-sub check_device_plaintext {
- return (system("$CB_SCRIPT","is_plain",$1) == 0);
-}
-
-
-# Parameter: device
-sub check_device_encryption {
- return (system("$CB_SCRIPT","is_encrypted",$1) == 0);
-}
-
-
-sub is_harddisk_available {
- my @all_disks = &exec_cb_script("get_available_disks");
- return @all_disks > 0;
-}
-
-
-sub get_available_disks {
- my @all_disks = &exec_cb_script("get_available_disks");
- my ($disk, @return_disks);
- foreach $disk (@all_disks) {
- $disk =~ m#^([/\._\-\w]*)$#;
- push @return_disks, $1 if ($1);
- }
- return @return_disks;
-}
-
-
-sub get_disk_name {
- my ($dev) = @_;
- my $disk_name = &exec_cb_script("get_device_name", $dev);
- return $disk_name;
-}
-
-
-# return the value of a configuration setting (timeout, language, ip, ...)
-# Parameter: setting_name
-sub get_cbox_config {
- my ($setting) = @_;
- # tell the exec function, that we want a scalar instead of an array
- my $scalar = &exec_cb_script("get_config",$setting);
- return $scalar;
-}
-
-
-sub render {
- my $pagefile = "$HTML_TEMPLATE_DIR/main.cs";
- print "Content-Type: text/html\n\n";
-
- my $cs = ClearSilver::CS->new($pagedata);
- $cs->parseFile($pagefile);
-
- print $cs->render();
-}
-
-
-# mount an encrypted volume
-# Parameter: device password
-sub mount_vol {
- my ($device, $pw) = @_;
-
- if (&check_mounted($device)) {
- $pagedata->setValue('Data.Warning', 'IsMounted');
- } else {
- if ($pw eq '') {
- &exec_cb_script("crypto-up", $device);
- } else {
- open(PW_INPUT, "| $CB_SCRIPT crypto-up $device");
- print PW_INPUT $pw;
- close(PW_INPUT);
- }
- }
-}
-
-
-# unmount a volume
-# Parameter: device
-sub umount_vol {
- my ($device) = @_;
- if (&check_mounted($device)) {
- system($CB_SCRIPT, "crypto-down",$device);
- } else {
- $pagedata->setValue('Data.Warning', 'NotMounted');
- }
-}
-
-
-# Parameter: device passphrase
-# ignore passphrase (or leave it empty) to create a plaintext volume
-sub volume_init {
- my ($device, $crypto_pw) = @_;
- my $result;
-
- # only for encrypted volumes:
- # write passphrase to a file - necessary as perl in secured mode does not allow
- # the 'open(FH, "|/bin/prog ....")' call because of possible shell expansion - stupid 'open' :(
- if ($crypto_pw) {
- my ($fh, $temp_file);
- # generate a temporary filename (as suggested by the Perl Cookbook)
- do { $temp_file = POSIX::tmpnam() }
- # TODO: reduce the file mask to the minimum - maybe 0600 would be a good choice
- until $fh = IO::File->new($temp_file, O_RDWR|O_CREAT|O_EXCL);
- close $fh;
- unless (open(TMP, ">$temp_file")) {
- &debug_msg(DEBUG_ERROR, "could not open a temporary file");
- return (1==0);
- }
- print TMP $crypto_pw;
- close TMP;
- $result = &exec_cb_script("device_init", $device, $temp_file);
- unlink ($temp_file) if (-e $temp_file);
- } else {
- $result = &exec_cb_script("device_init", $device);
- }
- # just to be sure, that the file does not get left behind
- # usually the script should overwrite and remove it
- return defined($result);
-}
-
-
-sub box_purge {
- &exec_cb_script("box-purge");
-}
-
-
-sub system_poweroff {
- &exec_cb_script("poweroff");
-}
-
-
-sub system_reboot {
- &exec_cb_script("reboot");
-}
-
-
-sub validate_ip {
- my $ip = shift;
- my @octets = split /\./, $ip;
- return 0 if ($#octets == 4);
- # check for values and non-digits
- return 0 if (($octets[0] <= 0) || ($octets[0] >= 255) || ($octets[0] =~ /\D/));
- return 0 if (($octets[1] < 0) || ($octets[1] >= 255) || ($octets[1] =~ /\D/));
- return 0 if (($octets[2] < 0) || ($octets[2] >= 255) || ($octets[2] =~ /\D/));
- return 0 if (($octets[3] <= 0) || ($octets[3] >= 255) || ($octets[3] =~ /\D/));
- return 1;
-}
-
-
-sub validate_timeout {
- my $timeout = shift;
- return 0 if ($timeout =~ /\D/);
- return 1;
-}
-
-
-# check for a valid interface language
-sub validate_language {
- my $language = shift;
- # check for non-alphanumeric character
- return 0 if ($language =~ /\W/);
- return 0 if ($language eq "");
- return 0 if ( ! -e "$LANGUAGE_DIR/$language" . '.hdf');
- return 1;
-}
-
-
-# check for a valid documentation language
-sub validate_doc_language {
- my $language = shift;
- # check for non-alphanumeric character
- return 0 if ($language =~ /\W/);
- return 0 if ($language eq "");
- return 0 if ( ! -e "$DOC_DIR/$language");
- return 1;
-}
-
-
-################### main #########################
-
-
-$pagedata = load_hdf();
-my $current_admin_pw;
-
-my $action = $query->param('action');
-$action =~ m#^([\w\._\-]*)$#;
-$action = ($1)? $1 : '';
-
-my $device = $query->param('device');
-$device =~ m#^([/_\-\w\.]*)$#;
-$device = ($1)? $1 : '';
-
-# BEWARE: there are two kinds of actions:
-# * some require a harddisk
-# * some do not require a harddisk
-# take care, that you put a new action into the appropriate block below
-
-# first: check for ssl!
-if ( ! &check_ssl()) {
- $pagedata->setValue('Data.Error', 'NoSSL');
- # remove port number from HTTP_HOST
- my $hostname = $ENV{'HTTP_HOST'};
- $hostname =~ s/:[0-9]*//;
- $pagedata->setValue('Data.Redirect.URL', "https://" . $hostname . $ENV{'SCRIPT_NAME'});
- $pagedata->setValue('Data.Redirect.Delay', "3");
-} elsif ($query->param('action')) {
- #--------------------------------------------------------------#
- # here you may define all cases that do not require a harddisk #
- # put all other cases below the harddisk check #
- #--------------------------------------------------------------#
- #################### show_log #######################
- if ($action eq 'show_log') {
- $pagedata->setValue('Data.Action', 'show_log');
- ##################### doc ############################
- } elsif ($action eq 'doc') {
- if ($query->param('page')) {
- $pagedata->setValue('Data.Doc.Page', $query->param('page'));
- $pagedata->setValue('Data.Action', 'show_doc');
- } else {
- $pagedata->setValue('Data.Doc.Page', 'CryptoBoxUser');
- $pagedata->setValue('Data.Action', 'show_doc');
- }
- ##################### poweroff ######################
- } elsif ($action eq 'system_ask') {
- $pagedata->setValue('Data.Action', 'form_system');
- ##################### reboot ########################
- } elsif ($action eq 'shutdown_do') {
- if ($query->param('type') eq 'reboot') {
- &system_reboot();
- $pagedata->setValue('Data.Success', 'ReBoot');
- $pagedata->setValue('Data.Redirect.Action', 'show_status');
- $pagedata->setValue('Data.Redirect.Delay', "180");
- } else {
- &system_poweroff();
- $pagedata->setValue('Data.Success', 'PowerOff');
- }
- $pagedata->setValue('Data.Action', 'empty');
- ##################### check for a harddisk ##########################
- # catch this error, to prevent all following actions from execution #
- #####################################################################
- } elsif ( ! &is_harddisk_available()) {
- $pagedata->setValue('Data.Error', 'NoHardDisk');
- #-------------------------------------------------------#
- # here you may define all cases that require a harddisk #
- #-------------------------------------------------------#
- ################ umount_do #######################
- } elsif ($action eq 'umount_do') {
- if ($device eq '') {
- &debug_msg(DEBUG_INFO, "invalid device: " . $query->param('device'));
- $pagedata->setValue('Data.Warning', 'InvalidDevice');
- $pagedata->setValue('Data.Action', 'emptu');
- } elsif ( ! &check_config()) {
- $pagedata->setValue('Data.Warning', 'NotInitialized');
- $pagedata->setValue('Data.Action', 'form_init');
- } elsif (&check_init_running()) {
- $pagedata->setValue('Data.Warning', 'InitNotFinished');
- $pagedata->setValue('Data.Action', 'empty');
- $pagedata->setValue('Data.Redirect.Action', 'form_config');
- $pagedata->setValue('Data.Redirect.Delay', "30");
- } elsif ( ! &check_mounted($device)) {
- $pagedata->setValue('Data.Warning', 'NotMounted');
- $pagedata->setValue('Data.Action', 'show_volume');
- } else {
- # unmounten
- &umount_vol($device);
- if (&check_mounted($device)) {
- $pagedata->setValue('Data.Warning', 'UmountFailed');
- $pagedata->setValue('Data.Action', 'show_volume');
- } else {
- #$pagedata->setValue('Data.Success', 'UmountDone');
- $pagedata->setValue('Data.Action', 'show_volume');
- }
- }
- ################ mount_do ########################
- } elsif ($action eq 'mount_do') {
- my $is_encrypted = &check_device_encryption($device) if ($device ne '');
- if ($device eq '') {
- &debug_msg(DEBUG_INFO, "invalid device: " . $query->param('device'));
- $pagedata->setValue('Data.Warning', 'InvalidDevice');
- $pagedata->setValue('Data.Action', 'empty');
- } elsif ( ! &check_config()) {
- $pagedata->setValue('Data.Warning', 'NotInitialized');
- $pagedata->setValue('Data.Action', 'form_init');
- } elsif (&check_init_running()) {
- $pagedata->setValue('Data.Warning', 'InitNotFinished');
- $pagedata->setValue('Data.Action', 'empty');
- $pagedata->setValue('Data.Redirect.Action', 'form_config');
- $pagedata->setValue('Data.Redirect.Delay', "30");
- } elsif (&check_mounted($device)) {
- $pagedata->setValue('Data.Warning', 'IsMounted');
- $pagedata->setValue('Data.Action', 'show_volume');
- } elsif ($is_encrypted && ($query->param('crypto_password') eq '')) {
- # leeres Passwort
- $pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
- $pagedata->setValue('Data.Action', 'show_volume');
- } else {
- # mounten
- if ($is_encrypted) {
- &mount_vol($device, $query->param('crypto_password'));
- } else {
- &mount_vol($device);
- }
- if (!&check_mounted($device)) {
- $pagedata->setValue('Data.Warning', 'MountFailed');
- $pagedata->setValue('Data.Action', 'show_volume');
- } else {
- #$pagedata->setValue('Data.Success', 'MountDone');
- $pagedata->setValue('Data.Action', 'show_volume');
- }
- }
- ################## mount_ask #######################
- } elsif ($action eq 'mount_ask') {
- if ( ! &check_config()) {
- $pagedata->setValue('Data.Warning', 'NotInitialized');
- $pagedata->setValue('Data.Action', 'form_init');
- } elsif (&check_init_running()) {
- $pagedata->setValue('Data.Warning', 'InitNotFinished');
- $pagedata->setValue('Data.Action', 'empty');
- $pagedata->setValue('Data.Redirect.Action', 'form_config');
- $pagedata->setValue('Data.Redirect.Delay', "30");
- } else {
- $pagedata->setValue('Data.Action', 'form_mount');
- }
- ################# umount_ask ########################
- } elsif ($action eq 'umount_ask') {
- if ( ! &check_config()) {
- $pagedata->setValue('Data.Warning', 'NotInitialized');
- $pagedata->setValue('Data.Action', 'form_init');
- } else {
- $pagedata->setValue('Data.Action', 'form_umount');
- }
- ################## init_ask #########################
- } elsif ($action eq 'init_ask') {
- if (&check_init_running()) {
- $pagedata->setValue('Data.Warning', 'InitNotFinished');
- $pagedata->setValue('Data.Action', 'form_config');
- } elsif (&check_config()) {
- $pagedata->setValue('Data.Warning', 'AlreadyConfigured');
- $pagedata->setValue('Data.Action', 'form_init');
- } else {
- $pagedata->setValue('Data.Action', 'form_init');
- }
- #################### init_do ########################
- } elsif ($action eq 'init_do') {
- $current_admin_pw = &get_cbox_config("admin_pw");
- if ($current_admin_pw ne '' && $current_admin_pw ne $query->param('current_admin_password')) {
- $pagedata->setValue('Data.Warning', 'WrongAdminPassword');
- $pagedata->setValue('Data.Action', 'form_init');
- } elsif ($query->param('admin_password') ne $query->param('admin_password2')) {
- # different admin-passwords
- $pagedata->setValue('Data.Warning', 'DifferentAdminPasswords');
- $pagedata->setValue('Data.Action', 'form_init');
- } elsif ($query->param('crypto_password') ne $query->param('crypto_password2')) {
- # different crypto-passwords
- $pagedata->setValue('Data.Warning', 'DifferentCryptoPasswords');
- $pagedata->setValue('Data.Action', 'form_init');
- } elsif ($query->param('crypto_password') eq '') {
- # empty password
- $pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
- $pagedata->setValue('Data.Action', 'form_init');
- } elsif ($query->param('confirm') ne $pagedata->getValue('Lang.Text.ConfirmInit','')) {
- # wrong confirm string
- $pagedata->setValue('Data.Warning', 'InitNotConfirmed');
- $pagedata->setValue('Data.Action', 'form_init');
- } else {
- if (&volume_init($query->param('crypto_password'),$query->param('admin_password'))) {
- #$pagedata->setValue('Data.Success', 'InitRunning');
- $pagedata->setValue('Data.Action', 'form_config');
- } else {
- $pagedata->setValue('Data.Error', 'InitFailed');
- }
- }
- #################### config_ask ######################
- } elsif ($action eq 'config_ask') {
- if ( ! &check_config()) {
- $pagedata->setValue('Data.Warning', 'NotInitialized');
- $pagedata->setValue('Data.Action', 'form_init');
- } else {
- $pagedata->setValue('Data.Action', 'form_config');
- }
- #################### config_do #######################
- } elsif ($action eq 'config_do') {
- my $query_language = $query->param('language');
- $query_language =~ m/^(\w+)$/; $query_language = $1;
- my $query_timeout = $query->param('timeout');
- $query_timeout =~ m/^(\d+)$/; $query_timeout = $1;
- if ( ! &check_config()) {
- $pagedata->setValue('Data.Warning', 'NotInitialized');
- $pagedata->setValue('Data.Action', 'form_init');
- } else {
- $current_admin_pw = &get_cbox_config("admin_pw");
- if ($current_admin_pw ne '' && $current_admin_pw ne $query->param('current_admin_password')) {
- $pagedata->setValue('Data.Warning', 'WrongAdminPassword');
- $pagedata->setValue('Data.Action', 'form_config');
- } elsif ( ! &validate_language($query_language)) {
- $pagedata->setValue('Data.Warning', 'InvalidLanguage');
- $pagedata->setValue('Data.Action', 'form_config');
- } elsif ( ! &validate_timeout($query_timeout)) {
- $pagedata->setValue('Data.Warning', 'InvalidTimeOut');
- $pagedata->setValue('Data.Action', 'form_config');
- } else {
- system($CB_SCRIPT, "set_config", "language", $query_language);
- &load_selected_language($pagedata);
- system($CB_SCRIPT, "set_config", "timeout", $query_timeout);
- # check, if the ip was reconfigured
- # TODO: IP stuff should be moved to the live-cd stuff
- if (defined($query->param('ip')) && ($query->param('ip') ne &get_cbox_config("ip"))) {
- # set the new value
- system($CB_SCRIPT, "set_config", "ip", $query->param('ip'));
- # redirect to the new address
- $pagedata->setValue('Data.Redirect.URL', "https://" . $query->param('ip') . $ENV{'SCRIPT_NAME'});
- $pagedata->setValue('Data.Redirect.Delay', "5");
- # display a warning for the redirection
- $pagedata->setValue('Data.Warning', 'IPAddressChanged');
- }
- # check for success
- if (defined($query->param('timeout'))
- && (&get_cbox_config("timeout") ne $query->param('timeout'))) {
- $pagedata->setValue('Data.Warning', 'ConfigTimeOutFailed');
- } elsif (defined($query->param('ip')) &&
- (&get_cbox_config("ip") ne $query->param('ip'))) {
- $pagedata->setValue('Data.Warning', 'ConfigIPFailed');
- } elsif (defined($query->param('language'))
- && (&get_cbox_config("language") ne $query->param('language'))) {
- $pagedata->setValue('Data.Warning', 'ConfigLanguageFailed');
- } else {
- #$pagedata->setValue('Data.Success', 'ConfigSaved');
- }
- $pagedata->setValue('Data.Action', 'show_status');
- $pagedata->setValue('Data.Redirect.Action', 'show_status');
- $pagedata->setValue('Data.Redirect.Delay', "30");
- }
- }
- ############## change volume name ###################
- } elsif ($action eq 'volume_name_set') {
- my $volume_name = $query->param('volume_name');
- # remove all special characters which are not white-listed
- $volume_name =~ s#[^\w \-_\#/\(\)\[\]]##g;
- # untaint variable
- $volume_name =~ m#^(.*)$#; $volume_name = $1;
- if ($device eq '') {
- &debug_msg(DEBUG_INFO, "invalid device: " . $query->param('device'));
- $pagedata->setValue('Data.Warning', 'InvalidDevice');
- $pagedata->setValue('Data.Action', 'show_status');
- } elsif (&check_mounted($device)) {
- $pagedata->setValue('Data.Warning','VolumeMayNotBeMounted');
- $pagedata->setValue('Data.Action', 'show_volume');
- } elsif ($volume_name eq '') {
- $pagedata->setValue('Data.Warning','InvalidVolumeName');
- $pagedata->setValue('Data.Action', 'show_volume');
- } else {
- &exec_cb_script('set_device_name',$device,$volume_name);
- my $new_volume_name = &exec_cb_script('get_device_name',$device);
- $pagedata->setValue('Data.Warning','SetVolumeNameFailed') unless ($new_volume_name eq $volume_name);
- $pagedata->setValue('Data.Action', 'show_volume');
- }
- ############ initialize volume (form) ###############
- } elsif ($action eq 'volume_init_ask') {
- if ($device eq '') {
- &debug_msg(DEBUG_INFO, "invalid device: " . $query->param('device'));
- $pagedata->setValue('Data.Warning', 'InvalidDevice');
- $pagedata->setValue('Data.Action', 'show_status');
- } elsif (&check_mounted($device)) {
- $pagedata->setValue('Data.Warning','VolumeMayNotBeMounted');
- $pagedata->setValue('Data.Action', 'show_volume');
- } else {
- $pagedata->setValue('Data.CurrentDisk.InitParams.encrypted',defined($query->param('encryption'))? 1 : 0);
- $pagedata->setValue('Data.Action', 'form_init_partition');
- }
- ############### initialize volume ###################
- } elsif ($action eq 'volume_init_do') {
- $current_admin_pw = &get_cbox_config("admin_pw");
- # remember the current "encryption" setting - just in case, we want to emit a warning and
- # return to the same screen
- $pagedata->setValue('Data.CurrentDisk.InitParams.encrypted',defined($query->param('encryption'))? 1 : 0);
- if ($device eq '') {
- &debug_msg(DEBUG_INFO, "invalid device: " . $query->param('device'));
- $pagedata->setValue('Data.Warning', 'InvalidDevice');
- $pagedata->setValue('Data.Action', 'show_status');
- } elsif (&check_mounted($device)) {
- $pagedata->setValue('Data.Warning','VolumeMayNotBeMounted');
- $pagedata->setValue('Data.Action', 'show_volume');
- } elsif ($current_admin_pw ne ''
- && $current_admin_pw ne $query->param('current_admin_password')) {
- $pagedata->setValue('Data.Warning', 'WrongAdminPassword');
- $pagedata->setValue('Data.Action', 'form_init_partition');
- } elsif (defined($query->param('encryption')) && ($query->param('crypto_password') ne $query->param('crypto_password2'))) {
- # different crypto-passwords
- $pagedata->setValue('Data.Warning', 'DifferentCryptoPasswords');
- $pagedata->setValue('Data.Action', 'form_init_partition');
- } elsif (defined($query->param('encryption')) && ($query->param('crypto_password') eq '')) {
- # empty password
- $pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
- $pagedata->setValue('Data.Action', 'form_init_partition');
- } elsif ($query->param('confirm') ne $pagedata->getValue('Lang.Text.ConfirmInit','')) {
- # wrong confirm string
- $pagedata->setValue('Data.Warning', 'InitNotConfirmed');
- $pagedata->setValue('Data.Action', 'form_init_partition');
- } else {
- my $init_result;
- if (defined($query->param('encryption'))) {
- $init_result = &volume_init($device,$query->param('crypto_password'));
- } else {
- $init_result = &volume_init($device);
- }
- if ($init_result) {
- #$pagedata->setValue('Data.Success', 'InitRunning');
- $pagedata->setValue('Data.Action', 'show_volume');
- } else {
- $pagedata->setValue('Data.Error', 'InitFailed');
- $pagedata->setValue('Data.Action', 'show_volume');
- }
- }
- ################## volume info ######################
- } elsif ($action eq 'show_volume') {
- if ($device eq '') {
- &debug_msg(DEBUG_INFO, "invalid device: " . $query->param('device'));
- $pagedata->setValue('Data.Warning', 'InvalidDevice');
- $pagedata->setValue('Data.Action', 'show_status');
- } else {
- $pagedata->setValue('Data.Action', 'show_volume');
- }
- #################### status #########################
- } elsif ($action eq 'show_status') {
- if ( ! &check_config()) {
- $pagedata->setValue('Data.Warning', 'NotInitialized');
- $pagedata->setValue('Data.Action', 'form_init');
- } elsif (&check_init_running()) {
- $pagedata->setValue('Data.Warning', 'InitNotFinished');
- $pagedata->setValue('Data.Action', 'empty');
- $pagedata->setValue('Data.Redirect.Action', 'form_config');
- $pagedata->setValue('Data.Redirect.Delay', "30");
- } else {
- $pagedata->setValue('Data.Action', 'show_status');
- $pagedata->setValue('Data.Redirect.Action', 'show_status');
- $pagedata->setValue('Data.Redirect.Delay', "60");
- }
- ################### box_purge #######################
- # if we find an existing config partition, then check the adminpw
- } elsif ($action eq 'do_purge') {
- if ( &check_config()) {
- $current_admin_pw = &get_cbox_config("admin_pw");
- if ($current_admin_pw ne '' && $current_admin_pw ne $query->param('current_admin_password')) {
- $pagedata->setValue('Data.Warning', 'WrongAdminPassword');
- $pagedata->setValue('Data.Action', 'form_config');
- } else {
- &box_purge;
- $pagedata->setValue('Data.Action', 'form_init');
- }
- }
- ################### unknown #########################
- } else {
- $pagedata->setValue('Data.Error', 'UnknownAction');
- }
-#################### default action ##########################
-# check for a harddisk again, as this check was skipped
-# because there was no action defined
-} elsif ( ! &is_harddisk_available()) {
- $pagedata->setValue('Data.Error', 'NoHardDisk');
-} else {
- if (&check_init_running()) {
- $pagedata->setValue('Data.Warning', 'InitNotFinished');
- $pagedata->setValue('Data.Action', 'empty');
- $pagedata->setValue('Data.Redirect.Action', 'form_config');
- $pagedata->setValue('Data.Redirect.Delay', "60");
- } elsif (&check_config()) {
- $pagedata->setValue('Data.Action', 'show_status');
- $pagedata->setValue('Data.Redirect.Action', 'show_status');
- $pagedata->setValue('Data.Redirect.Delay', "60");
- } else {
- $pagedata->setValue('Data.Action', 'form_init');
- }
-}
-
-# check state of the cryptobox
-$pagedata->setValue('Data.Status.Config', &check_config() ? 1 : 0);
-$pagedata->setValue('Data.Status.InitRunning', &check_init_running() ? 1 : 0);
-
-my $output = &get_cbox_config("admin_pw");
-$pagedata->setValue('Data.Config.AdminPasswordIsSet', 1) if ($output ne '');
-
-$output = join (" ", &exec_cb_script("diskinfo"));
-$pagedata->setValue('Data.PartitionInfo',"$output");
-
-# preset config settings for clearsilver
-$pagedata->setValue('Data.Config.IP', &get_cbox_config("ip"));
-$pagedata->setValue('Data.Config.TimeOut', &get_cbox_config("timeout"));
-$pagedata->setValue('Data.Config.Language', &get_cbox_config("language"));
-
-# read log and add html linebreaks
-$output = '';
-if (-e "$LOG_FILE") {
- open(LOGFILE, "< $LOG_FILE");
- while () { $output .= "$_ " }
- close(LOGFILE);
-}
-$pagedata->setValue('Data.Log',"$output");
-
-$pagedata->setValue('Data.Status.DevelopmentMode', 1) if ($IS_DEVEL);
-
-# save QUERY_STRING (e.g. for weblang-links)
-my $querystring = $ENV{'QUERY_STRING'};
-# remove weblang setting
-$querystring =~ s/weblang=\w\w&?//;
-$pagedata->setValue('Data.QueryString', "$querystring") if ($querystring ne '');
-
-$pagedata->setValue('Data.Version', CRYPTOBOX_VERSION);
-
-my ($one_disk, $one_name, $isActive, $isEncrypted, $isPlaintext);
-my $avail_counter = 0; my $active_counter = 0; my $passive_counter = 0;
-for $one_disk (&get_available_disks()) {
- $one_name = &get_disk_name($one_disk);
- $isEncrypted = &check_device_encryption($one_disk);
- $isPlaintext = &check_device_plaintext($one_disk);
- $pagedata->setValue("Data.Disks.available.${avail_counter}.device",$one_disk);
- $pagedata->setValue("Data.Disks.available.${avail_counter}.name",$one_name);
- $pagedata->setValue("Data.Disks.available.${avail_counter}.encryption", $isEncrypted? 1 : 0);
- $pagedata->setValue("Data.Disks.available.${avail_counter}.plaintext", $isPlaintext? 1 : 0);
- $isActive = &check_mounted($one_disk);
- if ($isActive) {
- $pagedata->setValue("Data.Disks.available.${avail_counter}.isActive",1);
- $pagedata->setValue("Data.Disks.active.${active_counter}.device",$one_disk);
- $pagedata->setValue("Data.Disks.active.${active_counter}.name",$one_name);
- $pagedata->setValue("Data.Disks.active.${active_counter}.encryption", $isEncrypted? 1 : 0);
- $pagedata->setValue("Data.Disks.active.${active_counter}.plaintext", $isPlaintext? 1 : 0);
- $active_counter++;
- } else {
- $pagedata->setValue("Data.Disks.available.${avail_counter}.isActive",0);
- $pagedata->setValue("Data.Disks.passive.${passive_counter}.device",$one_disk);
- $pagedata->setValue("Data.Disks.passive.${passive_counter}.name",$one_name);
- $pagedata->setValue("Data.Disks.passive.${passive_counter}.encryption", $isEncrypted? 1 : 0);
- $pagedata->setValue("Data.Disks.passive.${passive_counter}.plaintext", $isPlaintext? 1 : 0);
- $passive_counter++;
- }
- if ($device eq $one_disk) {
- $pagedata->setValue('Data.CurrentDisk.device', $one_disk);
- $pagedata->setValue('Data.CurrentDisk.name', $one_name);
- $pagedata->setValue('Data.CurrentDisk.active', $isActive? 1 : 0);
- $pagedata->setValue("Data.CurrentDisk.encryption", $isEncrypted? 1 : 0);
- $pagedata->setValue("Data.CurrentDisk.plaintext", $isPlaintext? 1 : 0);
- # retrieve capacity information if the device is mounted
- if (&check_mounted($device)) {
- my $cap_info = &exec_cb_script("get_capacity_info",$device);
- # filter the relevant values (a simple split is not working, as the device name may
- # contain spaces
- $cap_info =~ m#^.*\s+([0-9\.,]+\w)\s+([0-9\.,]+\w)\s+([0-9\.,]+\w)\s+([0-9\.,]+\%)\s+#;
- my ($cap_size, $cap_used, $cap_free, $cap_percent) = ($1, $2, $3, $4);
- $pagedata->setValue('Data.CurrentDisk.capacity.used', $cap_used);
- $pagedata->setValue('Data.CurrentDisk.capacity.free', $cap_free);
- $pagedata->setValue('Data.CurrentDisk.capacity.size', $cap_size);
- $pagedata->setValue('Data.CurrentDisk.capacity.percent', $cap_percent);
- }
- }
- $avail_counter++;
-}
-
-&render();
-
-close STDOUT;
-
-exit 0;
-
diff --git a/pythonrewrite/bin-perl-old/cryptobox_wrapper.c b/pythonrewrite/bin-perl-old/cryptobox_wrapper.c
deleted file mode 100644
index b2f6e5b..0000000
--- a/pythonrewrite/bin-perl-old/cryptobox_wrapper.c
+++ /dev/null
@@ -1,21 +0,0 @@
-/* $Id$ */
-
-// define the location of your cryptobox.pl file in this header file
-#include "cryptobox_wrapper.h"
-
-#include
-#include
-
-/* C wrapper to allow cryptobox to run under a different uid */
-/* Copyright (C) 02006, senselab, All Rights Reserved */
-/* See the LICENSE file in this distribution for copyright information */
-
-int main(int argc, char *argv[]) {
-
- // necessary for mount action of the root-script
- setreuid(geteuid(), -1);
-
- argv[0] = EXEC_PATH;
- execv(EXEC_PATH, argv);
-
-}
diff --git a/pythonrewrite/bin-perl-old/ro-system.sh b/pythonrewrite/bin-perl-old/ro-system.sh
deleted file mode 100644
index 2d6e9d7..0000000
--- a/pythonrewrite/bin-perl-old/ro-system.sh
+++ /dev/null
@@ -1,191 +0,0 @@
-function create_config()
-# Parameter: device
-{
- local device=$1
- unload_config
- # create the new configuration filesystem if it is not static
- if [ "$USE_SEPERATE_CONFIG_PARTITION" != "1" ]
- then log_msg "Using static configuration ..."
- else log_msg "Creating config filesystem ..."
- "$ROOT_PERM_SCRIPT" create_config "$device"
- log_msg "Mounting config partition ..."
- "$ROOT_PERM_SCRIPT" mount_config "$device"
- "$ROOT_PERM_SCRIPT" remount_config rw
- fi
- log_msg "Copying configuration defaults ..."
- cp -a "$CONFIG_DEFAULTS_DIR/." "$CONFIG_DIR"
-
- log_msg "Copying temporary certificate file to config filesystem ..."
- log_msg "Setting inital values ..."
- # beware: config_set_value remounts the config partition read-only
- config_set_value "ip" "$(get_current_ip)"
- # create database of readable names
- config_set_value "names.db" ""
- # create a marker to recognize a cryptobox partition
- # this should be the last step, to prevent a half-initialized state
- config_set_value "$CONFIG_MARKER" "$(date -I)"
-}
-
-
-function find_harddisk()
-# look for the harddisk to be partitioned
-{
- local device=$(get_available_disks | head -1)
- if [ -z "$device" ] ; then
- log_msg "no valid harddisk for initialisation found!"
- cat /proc/partitions >>"$LOG_FILE"
- # do not return with an error, to avoid a failing of the script ('break on error')
- # the caller of this function should handle an empty return string
- fi
- echo -n "$device"
-}
-
-
-function load_config()
-{
- unload_config
- local status=0
- # look for a configuration partition
- [ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ] && \
- list_partitions_of_type config | while read part && [ "$status" = 0 ]
- do log_msg "configuraton found on $part"
- # error check?
- "$ROOT_PERM_SCRIPT" mount_config "/dev/$part"
- status=1
- done
- if is_config_active
- then return 0
- else log_msg "failed to locate config partition"
- return 1
- fi
-}
-
-
-function unload_config()
-{
- is_config_active || return
- # only try to unmount, if it is not static (the config of a live-cd is always dynamic)
- if [ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ]
- then "$ROOT_PERM_SCRIPT" umount_config
- else return 0
- fi
-}
-
-
-# rename to "prepare_cryptobox"
-function init_cryptobox()
-# this is only the first part of initialisation that takes no time - good for a smooth web interface
-{
- local device=$(find_harddisk)
- [ -z "$device" ] && log_msg 'No valid harddisk found!' && return 1
- turn_off_all_crypto
- unload_config || true
- log_msg "Partitioning the device ($device) ..."
- "$ROOT_PERM_SCRIPT" partition_disk "$device" "0,1,L \n,,L\n"
- log_msg "Initializing config partition on ${device}1 ..."
- # TODO: this should not be hard-coded
- create_config "${device}1"
-}
-
-
-case "$ACTION" of
- network-up )
- if [ "$SKIP_NETWORK_CONFIG" != 1 ]
- then conf_ip=$(config_get_value "ip")
- log_msg "Configuring $NET_IFACE for $conf_ip ..."
- echo "Configuring network interface for $NET_IFACE: $conf_ip"
- "$IFCONFIG" "$NET_IFACE" "$conf_ip"
- fi
- if [ "$EXEC_FIREWALL_RULES" = 1 ]
- then log_msg "Starting the firewall ..."
- "$FIREWALL_SCRIPT" start
- fi
- if [ "$USE_STUNNEL" = 1 ]
- then # start stunnel
- if [ -f "$CERT_FILE" ]
- then USE_CERT=$CERT_FILE
- else USE_CERT=$CERT_TEMP
- $MAKE_CERT_SCRIPT "$CERT_TEMP" >>"$LOG_FILE" 2>&1
- # TODO: this could be dangerous - right?
- # this is necessary, to allow www-data to copy the certificate
- chown "$WEB_USER" "$CERT_TEMP"
- fi
- log_msg "Starting stunnel ..."
- stunnel -p "$USE_CERT" -r localhost:80 -d 443 \
- || echo "$USE_CERT not found - not starting stunnel"
- fi
- ;;
- network-down )
- if [ "$EXEC_FIREWALL_RULES" = 1 ]
- then log_msg "Stopping the firewall ..."
- "$FIREWALL_SCRIPT" stop
- fi
- if [ "$USE_STUNNEL" = 1 ]
- then log_msg "Stopping stunnel ..."
- # TODO: what about a pid?
- killall stunnel 2>/dev/null || true
- fi
- if [ "$SKIP_NETWORK_CONFIG" != 1 ]
- then log_msg "Shutting the network interface down ..."
- "$IFCONFIG" "$NET_IFACE" down
- fi
- ;;
- services-up )
- # the mount point has to be writeable
- # this action is called as root - so we are allowed to umount
- # TODO: do this only for ro-filesystem
- # TODO: this way of mounting is evil
- if mountpoint -q "$MNT_PARENT"
- then true
- else mount -t tmpfs tmpfs "$MNT_PARENT"
- fi
- true
- ;;
- services-down )
- # this action is called as root - so we are allowed to umount
- mountpoint -q "$MNT_PARENT" && umount "$MNT_PARENT"
- # TODO: we should not depend on samba and thttpd
- # /etc/init.d/samba stop || true
- # /etc/init.d/thttpd stop || true
- true
- ;;
- is_harddisk_available )
- [ -z "$(find_harddisk)" ] && exit 1
- exit 0
- ;;
- update_ip_address )
- # reconfigure the network interface to a new IP address
- # wait for 5 seconds to finish present http requests
- if [ "$SKIP_NETWORK_CONFIG" != 1 ]
- then echo -n "sleep 5; \"$ROOT_PERM_SCRIPT\" update_network" | at now
- fi
- ;;
- poweroff )
- log_msg "Turning off the CryptoBox ..."
- turn_off_all_crypto
- echo "poweroff" | at now
- ;;
- reboot )
- log_msg "Rebooting the CryptoBox ..."
- turn_off_all_crypto
- echo "reboot" | at now
- ;;
- * )
- echo "Syntax: $(basename $0) ACTION"
- echo " config-up - scan for configuration partition and mount it"
- echo " config-down - unmount configuration partition"
- echo " network-up - enable network interface"
- echo " network-down - disable network interface"
- echo " services-up - run some cryptobox specific daemons"
- echo " services-down - stop some cryptobox specific daemons"
- echo " update_ip_address - update the network interface after reconfiguration"
- echo " is_config_mounted - check, if configuration partition is mounted"
- echo " box-init - initialize cryptobox (ALL data is LOST)"
- echo " box-init-fg - the first part of initialization"
- echo " box-init-bg - the last part of initialization (background)"
- echo " is_harddisk_available - check, if there is a usable harddisk"
- echo " poweroff - shutdown the cryptobox"
- echo " reboot - reboot the cryptobox"
- echo
- ;;
- esac
diff --git a/pythonrewrite/bin/CryptoBox.py b/pythonrewrite/bin/CryptoBox.py
deleted file mode 100755
index 1472b53..0000000
--- a/pythonrewrite/bin/CryptoBox.py
+++ /dev/null
@@ -1,276 +0,0 @@
-#!/usr/bin/env python2.4
-'''
-This is the web interface for a fileserver managing encrypted filesystems.
-
-It was originally written in bash/perl. Now a complete rewrite is in
-progress. So things might be confusing here. Hopefully not for long.
-:)
-'''
-
-# check python version
-import sys
-(ver_major, ver_minor, ver_sub, ver_desc, ver_subsub) = sys.version_info
-if (ver_major < 2) or ((ver_major == 2) and (ver_minor < 4)):
- sys.stderr.write("You need a python version >= 2.4\nCurrent version is:\n %s\n" % sys.version)
- sys.exit(1)
-
-import CryptoBoxContainer
-from CryptoBoxExceptions import *
-import re
-import os
-import CryptoBoxTools
-import subprocess
-
-
-
-class CryptoBox:
- '''this class rules them all!
-
- put things like logging, conf and oter stuff in here,
- that might be used by more classes, it will be passed on to them'''
-
- VERSION = "0.3~1"
-
- def __init__(self, config_file=None):
- import CryptoBoxSettings
- self.log = self.__getStartupLogger()
- self.prefs = CryptoBoxSettings.CryptoBoxSettings(config_file)
- self.__runTests()
-
-
- def __getStartupLogger(self):
- import logging
- '''initialises the logging system
-
- use it with: 'self.log.[debug|info|warning|error|critical](logmessage)'
- all classes should get the logging instance during __init__:
- self.log = logging.getLogger("CryptoBox")
-
- first we output all warnings/errors to stderr
- as soon as we opened the config file successfully, we redirect debug output
- to the configured destination'''
- ## basicConfig(...) needs python >= 2.4
- try:
- log_handler = logging.getLogger("CryptoBox")
- logging.basicConfig(
- format='%(asctime)s CryptoBox %(levelname)s: %(message)s',
- stderr=sys.stderr)
- log_handler.setLevel(logging.ERROR)
- log_handler.info("loggingsystem is up'n running")
- ## from now on everything can be logged via self.log...
- except:
- raise CBEnvironmentError("couldn't initialise the loggingsystem. I give up.")
- return log_handler
-
-
- # do some initial checks
- def __runTests(self):
- self.__runTestUID()
- self.__runTestRootPriv()
-
-
- def __runTestUID(self):
- if os.geteuid() == 0:
- raise CBEnvironmentError("you may not run the cryptobox as root")
-
-
- def __runTestRootPriv(self):
- """try to run 'super' with 'CryptoBoxRootActions'"""
- try:
- devnull = open(os.devnull, "w")
- except IOError:
- raise CBEnvironmentError("could not open %s for writing!" % os.devnull)
- try:
- prog_super = self.prefs["Programs"]["super"]
- except KeyError:
- raise CBConfigUndefinedError("Programs", "super")
- try:
- prog_rootactions = self.prefs["Programs"]["CryptoBoxRootActions"]
- except KeyError:
- raise CBConfigUndefinedError("Programs", "CryptoBoxRootActions")
- try:
- proc = subprocess.Popen(
- shell = False,
- stdout = devnull,
- stderr = devnull,
- args = [prog_super, prog_rootactions, "check"])
- except OSError:
- raise CBEnvironmentError("failed to execute 'super' (%s)" % self.prefs["Programs"]["super"])
- proc.wait()
- if proc.returncode != 0:
- raise CBEnvironmentError("failed to call CryptoBoxRootActions (%s) via 'super' - maybe you did not add the appropriate line to /etc/super.tab?" % prog_rootactions)
-
-
- # this method just demonstrates inheritance effects - may be removed
- def cbx_inheritance_test(self, string="you lucky widow"):
- self.log.info(string)
-
-
-# RFC: why should CryptoBoxProps inherit CryptoBox? [l]
-# RFC: shouldn't we move all useful functions of CryptoBoxProps to CryptoBox? [l]
-class CryptoBoxProps(CryptoBox):
- '''Get and set the properties of a CryptoBox
-
- This class contains all available devices that may be accessed.
- All properties of the cryptobox can be accessed by this class.
- '''
-
- def __init__(self, config_file=None):
- '''read config and fill class variables'''
- CryptoBox.__init__(self, config_file)
- self.reReadContainerList()
-
-
- def reReadContainerList(self):
- self.log.debug("rereading container list")
- self.containers = []
- for device in CryptoBoxTools.getAvailablePartitions():
- if self.isDeviceAllowed(device) and not self.isConfigPartition(device):
- self.containers.append(CryptoBoxContainer.CryptoBoxContainer(device, self))
- ## sort by container name
- self.containers.sort(cmp = lambda x,y: x.getName() < y.getName() and -1 or 1)
-
-
- def isConfigPartition(self, device):
- proc = subprocess.Popen(
- shell = False,
- stdout = subprocess.PIPE,
- args = [
- self.prefs["Programs"]["blkid"],
- "-c", os.path.devnull,
- "-o", "value",
- "-s", "LABEL",
- device])
- (output, error) = proc.communicate()
- return output.strip() == self.prefs["Main"]["ConfigVolumeLabel"]
-
-
- def isDeviceAllowed(self, devicename):
- "check if a device is white-listed for being used as cryptobox containers"
- import types
- allowed = self.prefs["Main"]["AllowedDevices"]
- if type(allowed) == types.StringType: allowed = [allowed]
- for a_dev in allowed:
- "remove double dots and so on ..."
- real_device = os.path.realpath(devicename)
- if a_dev and re.search('^' + a_dev, real_device): return True
- return False
-
-
- def getLogData(self, lines=None, maxSize=None):
- """get the most recent log entries of the cryptobox
-
- the maximum number and size of these entries can be limited by 'lines' and 'maxSize'
- """
- # return nothing if the currently selected log output is not a file
- try:
- if self.prefs["Log"]["Destination"].upper() != "FILE": return []
- log_file = self.prefs["Log"]["Details"]
- except KeyError:
- self.log.error("could not evaluate one of the following config settings: [Log]->Destination or [Log]->Details")
- return []
- try:
- fd = open(log_file, "r")
- if maxSize: fd.seek(-maxSize, 2) # seek relative to the end of the file
- content = fd.readlines()
- fd.close()
- except IOError:
- self.log.warn("failed to read the log file (%s)" % log_file)
- return []
- if lines: content = content[-lines:]
- content.reverse()
- return content
-
-
- def getContainerList(self, filterType=None, filterName=None):
- "retrieve the list of all containers of this cryptobox"
- try:
- result = self.containers[:]
- if filterType != None:
- if filterType in range(len(CryptoBoxContainer.Types)):
- return [e for e in self.containers if e.getType() == filterType]
- else:
- self.log.info("invalid filterType (%d)" % filterType)
- result.clear()
- if filterName != None:
- result = [e for e in self.containers if e.getName() == filterName]
- return result
- except AttributeError:
- return []
-
-
- def getContainer(self, device):
- "retrieve the container element for this device"
- all = [e for e in self.getContainerList() if e.device == device]
- if all:
- return all[0]
- else:
- return None
-
-
- def setNameForUUID(self, uuid, name):
- "assign a name to a uuid in the ContainerNameDatabase"
- used_uuid = self.getUUIDForName(name)
- "first remove potential conflicting uuid/name combination"
- if used_uuid:
- ## remember the container which name was overriden
- for e in self.containers:
- if e.getName() == name:
- forcedRename = e
- break
- del self.prefs.nameDB[used_uuid]
- self.prefs.nameDB[uuid] = name
- self.prefs.nameDB.write()
- ## rename the container that lost its name (necessary while we use cherrypy)
- if used_uuid:
- ## this is surely not the best way to regenerate the name
- dev = e.getDevice()
- old_index = self.containers.index(e)
- self.containers.remove(e)
- self.containers.insert(old_index, CryptoBoxContainer.CryptoBoxContainer(dev,self))
- ## there should be no reason for any failure
- return True
-
-
- def getNameForUUID(self, uuid):
- "get the name belonging to a specified key (usually the UUID of a fs)"
- try:
- return self.prefs.nameDB[uuid]
- except KeyError:
- return None
-
-
- def getUUIDForName(self, name):
- """ get the key belonging to a value in the ContainerNameDatabase
- this is the reverse action of 'getNameForUUID' """
- for key in self.prefs.nameDB.keys():
- if self.prefs.nameDB[key] == name: return key
- "the uuid was not found"
- return None
-
-
- def removeUUID(self, uuid):
- if uuid in self.prefs.nameDB.keys():
- del self.prefs.nameDB[uuid]
- return True
- else:
- return False
-
-
- def getAvailableLanguages(self):
- '''reads all files in path LangDir and returns a list of
- basenames from existing hdf files, that should are all available
- languages'''
- languages = [ f.rstrip(".hdf")
- for f in os.listdir(self.prefs["Locations"]["LangDir"])
- if f.endswith(".hdf") ]
- if len(languages) < 1:
- self.log.error("No .hdf files found! The website won't render properly.")
- return languages
-
-
-
-
-if __name__ == "__main__":
- cb = CryptoBoxProps()
-
diff --git a/pythonrewrite/bin/CryptoBoxContainer.py b/pythonrewrite/bin/CryptoBoxContainer.py
deleted file mode 100755
index e658c53..0000000
--- a/pythonrewrite/bin/CryptoBoxContainer.py
+++ /dev/null
@@ -1,607 +0,0 @@
-#!/usr/bin/env python2.4
-
-## check python version
-import sys
-(ver_major, ver_minor, ver_sub, ver_desc, ver_subsub) = sys.version_info
-if (ver_major < 2) or ((ver_major == 2) and (ver_minor < 4)):
- sys.stderr.write("You need a python version >= 2.4\nCurrent version is:\n %s\n" % sys.version)
- sys.exit(1)
-
-import subprocess
-import os
-import re
-import logging
-from CryptoBoxExceptions import *
-
-"""exceptions:
- VolumeIsActive
- NameActivelyUsed
- InvalidName
- InvalidPassword
- InvalidType
- CreateError
- MountError
- ChangePasswordError
- """
-
-class CryptoBoxContainer:
-
- Types = {
- "unused":0,
- "plain":1,
- "luks":2,
- "swap":3}
-
-
- __fsTypes = {
- "plain":["ext3", "ext2", "vfat", "reiser"],
- "swap":["swap"]}
- # TODO: more filesystem types? / check 'reiser'
-
- __dmDir = "/dev/mapper"
-
-
- def __init__(self, device, cbox):
- self.device = device
- self.cbox = cbox
- self.log = logging.getLogger("CryptoBox")
- self.resetObject()
-
-
- def getName(self):
- return self.name
-
-
- def setName(self, new_name):
- if new_name == self.name: return
- if self.isMounted():
- raise CBVolumeIsActive("the container must be inactive during renaming")
- if not re.search(r'^[a-zA-Z0-9_\.\- ]+$', new_name):
- raise CBInvalidName("the supplied new name contains illegal characters")
- "check for active partitions with the same name"
- prev_name_owner = self.cbox.getContainerList(filterName=new_name)
- if prev_name_owner:
- for a in prev_name_owner:
- if a.isMounted():
- raise CBNameActivelyUsed("the supplied new name is already in use for an active partition")
- if not self.cbox.setNameForUUID(self.uuid, new_name):
- raise CBContainerError("failed to change the volume name for unknown reasons")
- self.name = new_name
-
-
- def getDevice(self):
- return self.device
-
-
- def getType(self):
- return self.type
-
-
- def isMounted(self):
- return os.path.ismount(self.__getMountPoint())
-
-
- def getCapacity(self):
- """return the current capacity state of the volume
-
- the volume may not be mounted
- the result is a tuple of values in megabyte:
- (size, available, used)
- """
- info = os.statvfs(self.__getMountPoint())
- return (
- int(info.f_bsize*info.f_blocks/1024/1024),
- int(info.f_bsize*info.f_bavail/1024/1024),
- int(info.f_bsize*(info.f_blocks-info.f_bavail)/1024/1024))
-
-
- def getSize(self):
- """return the size of the block device (_not_ of the filesystem)
-
- the result is a value in megabyte
- an error is indicated by "-1"
- """
- import CryptoBoxTools
- return CryptoBoxTools.getBlockDeviceSize(self.device)
-
-
- def resetObject(self):
- """ recheck the information about this container
- this is especially useful after changing the type via 'create' """
- self.uuid = self.__getUUID()
- self.type = self.__getTypeOfPartition()
- self.name = self.__getNameOfContainer()
- if self.type == self.Types["luks"]:
- self.mount = self.__mountLuks
- self.umount = self.__umountLuks
- elif self.type == self.Types["plain"]:
- self.mount = self.__mountPlain
- self.umount = self.__umountPlain
-
-
- def create(self, type, password=None):
- old_name = self.getName()
- if type == self.Types["luks"]:
- self.__createLuks(password)
- elif type == self.Types["plain"]:
- self.__createPlain()
- else:
- raise CBInvalidType("invalid container type (%d) supplied" % (type, ))
- ## no exception was raised during creation -> we can continue
- ## reset the properties (encryption state, ...) of the device
- self.resetObject()
- ## restore the old name (must be after resetObject)
- self.setName(old_name)
-
-
- def changePassword(self, oldpw, newpw):
- if self.type != self.Types["luks"]:
- raise CBInvalidType("changing of password is possible only for luks containers")
- if not oldpw:
- raise CBInvalidPassword("no old password supplied for password change")
- if not newpw:
- raise CBInvalidPassword("no new password supplied for password change")
- "return if new and old passwords are the same"
- if oldpw == newpw: return
- if self.isMounted():
- raise CBVolumeIsActive("this container is currently active")
- devnull = None
- try:
- devnull = open(os.devnull, "w")
- except IOError:
- self.log.warn("Could not open %s" % (os.devnull, ))
- "remove any potential open luks mapping"
- self.__umountLuks()
- "create the luks header"
- proc = subprocess.Popen(
- shell = False,
- stdin = subprocess.PIPE,
- stdout = subprocess.PIPE,
- stderr = subprocess.PIPE,
- args = [
- self.cbox.prefs["Programs"]["super"],
- self.cbox.prefs["Programs"]["CryptoBoxRootActions"],
- "cryptsetup",
- "luksAddKey",
- self.device,
- "--batch-mode"])
- proc.stdin.write("%s\n%s" % (oldpw, newpw))
- (output, errout) = proc.communicate()
- if proc.returncode != 0:
- errorMsg = "Could not add a new luks key: %s - %s" % (output.strip(), errout.strip(), )
- self.log.error(errorMsg)
- raise CBChangePasswordError(errorMsg)
- ## retrieve the key slot we used for unlocking
- keys_found = re.search(r'key slot (\d{1,3}) unlocked', output).groups()
- if keys_found:
- keyslot = int(keys_found[0])
- else:
- raise CBChangePasswordError("could not get the old key slot")
- "remove the old key"
- proc = subprocess.Popen(
- shell = False,
- stdin = None,
- stdout = devnull,
- stderr = subprocess.PIPE,
- args = [
- self.cbox.prefs["Programs"]["cryptsetup"],
- "--batch-mode",
- "luksDelKey",
- self.device,
- "%d" % (keyslot, )])
- proc.wait()
- if proc.returncode != 0:
- errorMsg = "Could not remove the old luks key: %s" % (proc.stderr.read().strip(), )
- self.log.error(errorMsg)
- raise CBChangePasswordError(errorMsg)
-
-
-
- " ****************** internal stuff ********************* "
-
- def __getNameOfContainer(self):
- "retrieve the name of the container by querying the database"
- def_name = self.cbox.getNameForUUID(self.uuid)
- if def_name: return def_name
- "there is no name defined for this uuid - we will propose a good one"
- prefix = self.cbox.prefs["Main"]["DefaultVolumePrefix"]
- unused_found = False
- counter = 1
- while not unused_found:
- guess = prefix + str(counter)
- if self.cbox.getUUIDForName(guess):
- counter += 1
- else:
- unused_found = True
- self.cbox.setNameForUUID(self.uuid, guess)
- return guess
-
-
- def __getUUID(self):
- if self.__getTypeOfPartition() == self.Types["luks"]:
- guess = self.__getLuksUUID()
- else:
- guess = self.__getNonLuksUUID()
- ## did we get a valid value?
- if guess:
- return guess
- else:
- ## emergency default value
- return self.device.replace(os.path.sep, "_")
-
-
- def __getLuksUUID(self):
- """get uuid for luks devices"""
- proc = subprocess.Popen(
- shell = False,
- stdout = subprocess.PIPE,
- stderr = subprocess.PIPE,
- args = [self.cbox.prefs["Programs"]["cryptsetup"],
- "luksUUID",
- self.device])
- (stdout, stderr) = proc.communicate()
- if proc.returncode != 0:
- self.cbox.log.info("could not retrieve luks uuid (%s): %s", (self.device, stderr.strip()))
- return None
- return stdout.strip()
-
-
- def __getNonLuksUUID(self):
- """return UUID for ext2/3 and vfat filesystems"""
- try:
- devnull = open(os.devnull, "w")
- except IOError:
- self.warn("Could not open %s" % (os.devnull, ))
- proc = subprocess.Popen(
- shell=False,
- stdout=subprocess.PIPE,
- stderr=subprocess.PIPE,
- args=[self.cbox.prefs["Programs"]["blkid"],
- "-s", "UUID",
- "-o", "value",
- "-c", os.devnull,
- "-w", os.devnull,
- self.device])
- (stdout, stderr) = proc.communicate()
- devnull.close()
- ## execution failed?
- if proc.returncode != 0:
- self.log.info("retrieving of partition type (%s) via 'blkid' failed: %s - maybe it is encrypted?" % (self.device, stderr.strip()))
- return None
- ## return output of blkid
- return stdout.strip()
-
-
- def __getTypeOfPartition(self):
- "retrieve the type of the given partition (see CryptoBoxContainer.Types)"
- if self.__isLuksPartition(): return self.Types["luks"]
- typeOfPartition = self.__getTypeIdOfPartition()
- if typeOfPartition in self.__fsTypes["plain"]:
- return self.Types["plain"]
- if typeOfPartition in self.__fsTypes["swap"]:
- return self.Types["swap"]
- return self.Types["unused"]
-
-
- def __getTypeIdOfPartition(self):
- "returns the type of the partition (see 'man blkid')"
- devnull = None
- try:
- devnull = open(os.devnull, "w")
- except IOError:
- self.log.warn("Could not open %s" % (os.devnull, ))
- proc = subprocess.Popen(
- shell=False,
- stdin=None,
- stdout=subprocess.PIPE,
- stderr=subprocess.PIPE,
- args=[self.cbox.prefs["Programs"]["blkid"],
- "-s", "TYPE",
- "-o", "value",
- "-c", os.devnull,
- "-w", os.devnull,
- self.device])
- proc.wait()
- output = proc.stdout.read().strip()
- if proc.returncode != 0:
- self.log.warn("retrieving of partition type via 'blkid' failed: %s" % (proc.stderr.read().strip(), ))
- return None
- devnull.close()
- return output
-
-
- def __isLuksPartition(self):
- "check if the given device is a luks partition"
- devnull = None
- try:
- devnull = open(os.devnull, "w")
- except IOError:
- self.log.warn("Could not open %s" % (os.devnull, ))
- proc = subprocess.Popen(
- shell = False,
- stdin = None,
- stdout = devnull,
- stderr = devnull,
- args = [
- self.cbox.prefs["Programs"]["cryptsetup"],
- "--batch-mode",
- "isLuks",
- self.device])
- proc.wait()
- devnull.close()
- return proc.returncode == 0
-
-
- def __getMountPoint(self):
- "return the name of the mountpoint of this volume"
- return os.path.join(self.cbox.prefs["Locations"]["MountParentDir"], self.name)
-
-
- def __mountLuks(self, password):
- "mount a luks partition"
- if not password:
- raise CBInvalidPassword("no password supplied for luksOpen")
- if self.isMounted(): raise CBVolumeIsActive("this container is already active")
- self.__umountLuks()
- try:
- devnull = open(os.devnull, "w")
- except IOError:
- self.log.warn("Could not open %s" % (os.devnull, ))
- self.__cleanMountDirs()
- if not os.path.exists(self.__getMountPoint()):
- os.mkdir(self.__getMountPoint())
- if not os.path.exists(self.__getMountPoint()):
- errorMsg = "Could not create mountpoint (%s)" % (self.__getMountPoint(), )
- self.log.error(errorMsg)
- raise CBMountError(errorMsg)
- proc = subprocess.Popen(
- shell = False,
- stdin = subprocess.PIPE,
- stdout = devnull,
- stderr = subprocess.PIPE,
- args = [
- self.cbox.prefs["Programs"]["super"],
- self.cbox.prefs["Programs"]["CryptoBoxRootActions"],
- "cryptsetup",
- "luksOpen",
- self.device,
- self.name,
- "--batch-mode"])
- proc.stdin.write(password)
- (output, errout) = proc.communicate()
- if proc.returncode != 0:
- errorMsg = "Could not open the luks mapping: %s" % (errout.strip(), )
- self.log.warn(errorMsg)
- raise CBMountError(errorMsg)
- proc = subprocess.Popen(
- shell = False,
- stdin = None,
- stdout = devnull,
- stderr = subprocess.PIPE,
- args = [
- self.cbox.prefs["Programs"]["super"],
- self.cbox.prefs["Programs"]["CryptoBoxRootActions"],
- "mount",
- os.path.join(self.__dmDir, self.name),
- self.__getMountPoint()])
- proc.wait()
- if proc.returncode != 0:
- errorMsg = "Could not mount the filesystem: %s" % (proc.stderr.read().strip(), )
- self.log.warn(errorMsg)
- raise CBMountError(errorMsg)
- devnull.close()
-
-
- def __umountLuks(self):
- "umount a luks partition"
- devnull = None
- try:
- devnull = open(os.devnull, "w")
- except IOError:
- self.log.warn("Could not open %s" % (os.devnull, ))
- if self.isMounted():
- proc = subprocess.Popen(
- shell = False,
- stdin = None,
- stdout = devnull,
- stderr = subprocess.PIPE,
- args = [
- self.cbox.prefs["Programs"]["super"],
- self.cbox.prefs["Programs"]["CryptoBoxRootActions"],
- "umount",
- self.__getMountPoint()])
- proc.wait()
- if proc.returncode != 0:
- errorMsg = "Could not umount the filesystem: %s" % (proc.stderr.read().strip(), )
- self.log.warn(errorMsg)
- raise CBUmountError(errorMsg)
- if os.path.exists(os.path.join(self.__dmDir, self.name)):
- proc = subprocess.Popen(
- shell = False,
- stdin = None,
- stdout = devnull,
- stderr = subprocess.PIPE,
- args = [
- self.cbox.prefs["Programs"]["super"],
- self.cbox.prefs["Programs"]["CryptoBoxRootActions"],
- "cryptsetup",
- "luksClose",
- self.name,
- "--batch-mode"])
- proc.wait()
- if proc.returncode != 0:
- errorMsg = "Could not remove the luks mapping: %s" % (proc.stderr.read().strip(), )
- self.log.warn(errorMsg)
- raise CBUmountError(errorMsg)
- devnull.close()
-
-
- def __mountPlain(self):
- "mount a plaintext partition"
- if self.isMounted(): raise CBVolumeIsActive("this container is already active")
- devnull = None
- try:
- devnull = open(os.devnull, "w")
- except IOError:
- self.log.warn("Could not open %s" % (os.devnull, ))
- self.__cleanMountDirs()
- if not os.path.exists(self.__getMountPoint()):
- os.mkdir(self.__getMountPoint())
- if not os.path.exists(self.__getMountPoint()):
- errorMsg = "Could not create mountpoint (%s)" % (self.__getMountPoint(), )
- self.log.error(errorMsg)
- raise CBMountError(errorMsg)
- proc = subprocess.Popen(
- shell = False,
- stdin = None,
- stdout = devnull,
- stderr = subprocess.PIPE,
- args = [
- self.cbox.prefs["Programs"]["super"],
- self.cbox.prefs["Programs"]["CryptoBoxRootActions"],
- "mount",
- self.device,
- self.__getMountPoint()])
- proc.wait()
- if proc.returncode != 0:
- errorMsg = "Could not mount the filesystem: %s" % (proc.stderr.read().strip(), )
- self.log.warn(errorMsg)
- raise CBMountError(errorMsg)
- devnull.close()
-
-
- def __umountPlain(self):
- "umount a plaintext partition"
- devnull = None
- try:
- devnull = open(os.devnull, "w")
- except IOError:
- self.log.warn("Could not open %s" % (os.devnull, ))
- if self.isMounted():
- proc = subprocess.Popen(
- shell = False,
- stdin = None,
- stdout = devnull,
- stderr = subprocess.PIPE,
- args = [
- self.cbox.prefs["Programs"]["super"],
- self.cbox.prefs["Programs"]["CryptoBoxRootActions"],
- "umount",
- self.__getMountPoint()])
- proc.wait()
- if proc.returncode != 0:
- errorMsg = "Could not umount the filesystem: %s" % (proc.stderr.read().strip(), )
- self.log.warn(errorMsg)
- raise CBUmountError(errorMsg)
- devnull.close()
-
-
- def __createPlain(self):
- "make a plaintext partition"
- if self.isMounted():
- raise CBVolumeIsActive("deactivate the partition before filesystem initialization")
- devnull = None
- try:
- devnull = open(os.devnull, "w")
- except IOError:
- self.log.warn("Could not open %s" % (os.devnull, ))
- proc = subprocess.Popen(
- shell = False,
- stdin = None,
- stdout = devnull,
- stderr = subprocess.PIPE,
- args = [
- self.cbox.prefs["Programs"]["mkfs-data"],
- self.device])
- proc.wait()
- if proc.returncode != 0:
- errorMsg = "Could not create the filesystem: %s" % (proc.stderr.read().strip(), )
- self.log.error(errorMsg)
- raise CBCreateError(errorMsg)
- devnull.close()
-
-
- def __createLuks(self, password):
- "make a luks partition"
- if not password:
- raise CBInvalidPassword("no password supplied for new luks mapping")
- if self.isMounted():
- raise CBVolumeIsActive("deactivate the partition before filesystem initialization")
- devnull = None
- try:
- devnull = open(os.devnull, "w")
- except IOError:
- self.log.warn("Could not open %s" % (os.devnull, ))
- "remove any potential open luks mapping"
- self.__umountLuks()
- "create the luks header"
- proc = subprocess.Popen(
- shell = False,
- stdin = subprocess.PIPE,
- stdout = devnull,
- stderr = subprocess.PIPE,
- args = [
- self.cbox.prefs["Programs"]["super"],
- self.cbox.prefs["Programs"]["CryptoBoxRootActions"],
- "cryptsetup",
- "luksFormat",
- self.device,
- "--batch-mode",
- "--cipher", self.cbox.prefs["Main"]["DefaultCipher"],
- "--iter-time", "2000"])
- proc.stdin.write(password)
- (output, errout) = proc.communicate()
- if proc.returncode != 0:
- errorMsg = "Could not create the luks header: %s" % (errout.strip(), )
- self.log.error(errorMsg)
- raise CBCreateError(errorMsg)
- "open the luks container for mkfs"
- proc = subprocess.Popen(
- shell = False,
- stdin = subprocess.PIPE,
- stdout = devnull,
- stderr = subprocess.PIPE,
- args = [
- self.cbox.prefs["Programs"]["super"],
- self.cbox.prefs["Programs"]["CryptoBoxRootActions"],
- "cryptsetup",
- "luksOpen",
- self.device,
- self.name,
- "--batch-mode"])
- proc.stdin.write(password)
- (output, errout) = proc.communicate()
- if proc.returncode != 0:
- errorMsg = "Could not open the new luks mapping: %s" % (errout.strip(), )
- self.log.error(errorMsg)
- raise CBCreateError(errorMsg)
- "make the filesystem"
- proc = subprocess.Popen(
- shell = False,
- stdin = None,
- stdout = devnull,
- stderr = subprocess.PIPE,
- args = [
- self.cbox.prefs["Programs"]["mkfs-data"],
- os.path.join(self.__dmDir, self.name)])
- proc.wait()
- "remove the mapping - for every exit status"
- self.__umountLuks()
- if proc.returncode != 0:
- errorMsg = "Could not create the filesystem: %s" % (proc.stderr.read().strip(), )
- self.log.error(errorMsg)
- "remove the luks mapping"
- raise CBCreateError(errorMsg)
- devnull.close()
-
-
- def __cleanMountDirs(self):
- """ remove all unnecessary subdirs of the mount parent directory
- this should be called for every (u)mount """
- subdirs = os.listdir(self.cbox.prefs["Locations"]["MountParentDir"])
- for dir in subdirs:
- abs_dir = os.path.join(self.cbox.prefs["Locations"]["MountParentDir"], dir)
- if (not os.path.islink(abs_dir)) and os.path.isdir(abs_dir) and (not os.path.ismount(abs_dir)):
- os.rmdir(abs_dir)
-
-
diff --git a/pythonrewrite/bin/CryptoBoxExceptions.py b/pythonrewrite/bin/CryptoBoxExceptions.py
deleted file mode 100644
index 743bfcd..0000000
--- a/pythonrewrite/bin/CryptoBoxExceptions.py
+++ /dev/null
@@ -1,107 +0,0 @@
-"""
-exceptions of the cryptobox package
-"""
-
-
-class CryptoBoxError(Exception):
- """base class for exceptions of the cryptobox"""
- pass
-
-
-class CBConfigError(CryptoBoxError):
- """any kind of error related to the configuration of a cryptobox"""
- pass
-
-
-class CBConfigUnavailableError(CBConfigError):
- """config file/input was not available at all"""
-
- def __init__(self, source=None):
- self.source = source
-
- def __str__(self):
- if self.source:
- return "failed to access the configuration of the cryptobox: %s" % self.source
- else:
- return "failed to access the configuration of the cryptobox"
-
-
-class CBConfigUndefinedError(CBConfigError):
- """a specific configuration setting was not defined"""
-
- def __init__(self, section, name=None):
- self.section = section
- self.name = name
-
- def __str__(self):
- # is it a settings or a section?
- if self.name:
- # setting
- return "undefined configuration setting: [%s]->%s - please check your configuration file" % (self.section, self.name)
- else:
- # section
- return "undefined configuration section: [%s] - please check your configuration file" % (self.section, )
-
-
-
-class CBConfigInvalidValueError(CBConfigError):
- """a configuration setting was invalid somehow"""
-
- def __init__(self, section, name, value, reason):
- self.section = section
- self.name = name
- self.value = value
- self.reason = reason
-
- def __str__(self):
- return "invalid configuration setting [%s]->%s (%s): %s" % (self.section, self.name, self.value, self.reason)
-
-
-class CBEnvironmentError(CryptoBoxError):
- """some part of the environment of the cryptobox is broken
- e.g. the wrong version of a required program
- """
-
- def __init__(self, desc):
- self.desc = desc
-
- def __str__(self):
- return "misconfiguration detected: %s" % self.desc
-
-
-class CBContainerError(CryptoBoxError):
- """any error raised while manipulating a cryptobox container"""
-
- def __init__(self, desc):
- self.desc = desc
-
- def __str__(self):
- return self.desc
-
-class CBCreateError(CBContainerError):
- pass
-
-class CBVolumeIsActive(CBContainerError):
- pass
-
-class CBInvalidName(CBContainerError):
- pass
-
-class CBNameActivelyUsed(CBContainerError):
- pass
-
-class CBInvalidType(CBContainerError):
- pass
-
-class CBInvalidPassword(CBContainerError):
- pass
-
-class CBChangePasswordError(CBContainerError):
- pass
-
-class CBMountError(CBContainerError):
- pass
-
-class CBUmountError(CBContainerError):
- pass
-
diff --git a/pythonrewrite/bin/CryptoBoxPlugin.py b/pythonrewrite/bin/CryptoBoxPlugin.py
deleted file mode 100644
index abb3f0c..0000000
--- a/pythonrewrite/bin/CryptoBoxPlugin.py
+++ /dev/null
@@ -1,165 +0,0 @@
-# $Id$
-#
-# parent class for all plugins of the CryptoBox
-#
-
-import os
-import cherrypy
-
-
-class CryptoBoxPlugin:
-
- ## default capability is "system" - the other supported capability is: "volume"
- pluginCapabilities = [ "system" ]
-
- ## does this plugin require admin authentification?
- requestAuth = False
-
- ## is this plugin enabled by default?
- enabled = True
-
- ## default rank (0..100) of the plugin in listings (lower value means higher priority)
- rank = 80
-
-
- ## default icon of this plugin (relative path)
- defaultIconFileName = "plugin_icon.png"
-
-
- def __init__(self, cbox, pluginDir):
- self.cbox = cbox
- self.hdf = {}
- self.pluginDir = pluginDir
- self.hdf_prefix = "Data.Plugins.%s." % self.getName()
-
-
- def doAction(self, **args):
- """override doAction with your plugin code"""
- raise Exception, "undefined action handler ('doAction') in plugin '%'" % self.getName()
-
-
- def getStatus(self):
- """you should override this, to supply useful state information"""
- raise Exception, "undefined state handler ('getStatus') in plugin '%'" % self.getName()
-
-
- def getName(self):
- """the name of the python file (module) should be the name of the plugin"""
- return self.__module__
-
-
- @cherrypy.expose
- def getIcon(self, image=None, **kargs):
- """return the image data of the icon of the plugin
-
- the parameter 'image' may be used for alternative image locations (relative
- to the directory of the plugin)
- '**kargs' is necessary, as a 'weblang' attribute may be specified (and ignored)"""
- import cherrypy, re
- if (image is None): # or (re.search(u'[\w-\.]', image)):
- plugin_icon_file = os.path.join(self.pluginDir, self.defaultIconFileName)
- else:
- plugin_icon_file = os.path.join(self.pluginDir, image)
- if not os.access(plugin_icon_file, os.R_OK):
- plugin_icon_file = os.path.join(self.cbox.prefs["Locations"]["PluginDir"], "plugin_icon_unknown.png")
- return cherrypy.lib.cptools.serveFile(plugin_icon_file)
-
-
- def getTemplateFileName(self, template_name):
- """return the filename of the template, if it is part of this plugin
-
- use this function to check, if the plugin provides the specified template
- """
- result_file = os.path.join(self.pluginDir, template_name + ".cs")
- if os.access(result_file, os.R_OK) and os.path.isfile(result_file):
- return result_file
- else:
- return None
-
-
- def getLanguageData(self, lang="en"):
- try:
- import neo_cgi, neo_util
- except:
- raise CryptoBoxExceptions.CBEnvironmentError("couldn't import 'neo_*'! Try 'apt-get install python-clearsilver'.")
- langdir = os.path.abspath(os.path.join(self.pluginDir, "lang"))
- ## first: the default language file (english)
- langFiles = [os.path.join(langdir, "en.hdf")]
- ## maybe we have to load a translation afterwards
- if lang != "en":
- langFiles.append(os.path.join(langdir, lang + ".hdf"))
- file_found = False
- lang_hdf = neo_util.HDF()
- for langFile in langFiles:
- if os.access(langFile, os.R_OK):
- lang_hdf.readFile(langFile)
- file_found = True
- if file_found:
- return lang_hdf
- else:
- self.cbox.log.debug("Couldn't find a valid plugin language file (%s)" % str(langFiles))
- return None
-
-
- def loadDataSet(self, hdf):
- for (key, value) in self.hdf.items():
- hdf.setValue(key, str(value))
-
-
- def isAuthRequired(self):
- """check if this plugin requires authentication
- first step: check plugin configuration
- second step: check default value of plugin"""
- try:
- if self.cbox.prefs.pluginConf[self.getName()]["requestAuth"] is None:
- return self.requestAuth
- if self.cbox.prefs.pluginConf[self.getName()]["requestAuth"]:
- return True
- else:
- return False
- except KeyError:
- return self.requestAuth
-
-
- def isEnabled(self):
- """check if this plugin is enabled
- first step: check plugin configuration
- second step: check default value of plugin"""
- import types
- try:
- if self.cbox.prefs.pluginConf[self.getName()]["enabled"] is None:
- return self.enabled
- if self.cbox.prefs.pluginConf[self.getName()]["enabled"]:
- return True
- else:
- return False
- except KeyError:
- return self.enabled
-
-
- def getRank(self):
- """check the rank of this plugin
- first step: check plugin configuration
- second step: check default value of plugin"""
- try:
- if self.cbox.prefs.pluginConf[self.getName()]["rank"] is None:
- return self.rank
- return int(self.cbox.prefs.pluginConf[self.getName()]["rank"])
- except KeyError, TypeError:
- return self.rank
-
-
- def getTestClass(self):
- import imp
- pl_file = os.path.join(self.pluginDir, "unittests.py")
- if os.access(pl_file, os.R_OK) and os.path.isfile(pl_file):
- try:
- return getattr(imp.load_source("unittests_%s" % self.getName(), pl_file), "unittests")
- except AttributeError:
- pass
- try:
- self.cbox.log.info("could not load unittests for plugin: %s" % self.getName())
- except AttributeError:
- pass
- return None
-
diff --git a/pythonrewrite/bin/CryptoBoxRootActions.py b/pythonrewrite/bin/CryptoBoxRootActions.py
deleted file mode 100755
index b92ae3c..0000000
--- a/pythonrewrite/bin/CryptoBoxRootActions.py
+++ /dev/null
@@ -1,386 +0,0 @@
-#!/usr/bin/env python2.4
-
-"""module for executing the programs, that need root privileges
-
-Syntax:
- - program
- - device
- - [action]
- - [action args]
-
-this script will always return with an exitcode 0 (true), if "check" is the only argument
-"""
-
-import os
-import sys
-import subprocess
-import pwd
-import grp
-import types
-
-allowedProgs = {
- "sfdisk": "/sbin/sfdisk",
- "cryptsetup": "/sbin/cryptsetup",
- "mount": "/bin/mount",
- "umount": "/bin/umount",
- "blkid": "/sbin/blkid",
- }
-
-
-DEV_TYPES = { "pipe":1, "char":2, "dir":4, "block":6, "file":8, "link":10, "socket":12}
-
-
-def checkIfPluginIsSafe(plugin):
- """check if the plugin and its parents are only writeable for root"""
- #FIXME: for now we may skip this test - but users will not like it this way :)
- return True
- props = os.stat(plugin)
- ## check if it is owned by non-root
- if props.st_uid != 0: return False
- ## check group-write permission if gid is not zero
- if (props.st_gid != 0) and (props.st_mode % 32 / 16 > 0): return False
- ## check if it is world-writeable
- if props.st_mode % 4 / 2 > 0: return False
- ## are we at root-level (directory-wise)? If yes, then we are ok ...
- if plugin == os.path.sep: return True
- ## check if the parent directory is ok - recursively :)
- return checkIfPluginIsSafe(os.path.dirname(os.path.abspath(plugin)))
-
-
-def checkIfPluginIsValid(plugin):
- import imp
- try:
- x = imp.load_source("cbox_plugin",plugin)
- except Exception:
- return False
- try:
- if getattr(x, "PLUGIN_TYPE") == "cryptobox":
- return True
- else:
- return False
- except Exception:
- return False
-
-
-def call_plugin(args):
- """check if the plugin may be called - and do it finally ..."""
- plugin = os.path.abspath(args[0])
- del args[0]
- ## check existence and excutability
- if not os.access(plugin, os.X_OK):
- raise Exception, "could not find executable plugin (%s)" % plugin
- ## check if the plugin (and its parents) are only writeable for root
- if not checkIfPluginIsSafe(plugin):
- raise Exception, "the plugin (%s) was not safe - check its (and its parents') permissions" % plugin
- ## check if the plugin is a python program, that is marked as a cryptobox plugin
- if not checkIfPluginIsValid(plugin):
- raise Exception, "the plugin (%s) is not a correctly marked python script" % plugin
- args.insert(0,plugin)
- proc = subprocess.Popen(
- shell = False,
- args = args)
- proc.wait()
- return proc.returncode == 0
-
-
-def isWriteable(device, force_dev_type=None):
- """check if the calling user (not root!) has write access to the device/file
-
- the real (not the effictive) user id is used for the check
- additionally the permissions of the default groups of the real uid are checked
- this check works nicely together with "super", as it changes (by default) only
- the effective uid (not the real uid)
- """
- # first check, if the device/file exists
- if not os.path.exists(device):
- return False
- # check the type of the device - if necessary
- if not force_dev_type is None:
- dev_type = os.stat(device).st_mode % 65536 / 4096
- if dev_type != force_dev_type: return False
- # retrieve the information for the real user id
- (trustUserName, trustUID, groupsOfTrustUser) = getUserInfo(os.getuid())
- # set the default groups of the caller for the check (restore them later)
- savedGroups = os.getgroups()
- os.setgroups(groupsOfTrustUser)
- # check permissions
- result = os.access(device, os.W_OK) and os.access(device, os.R_OK)
- # reset the groups of this process
- os.setgroups(savedGroups)
- return result
-
-
-def run_cryptsetup(args):
- """execute cryptsetup as root
-
- @args: list of arguments - they will be treated accordingly to the first element
- of this list (the action)"""
- if not args: raise "WrongArguments", "no action for cryptsetup supplied"
- if type(args) != types.ListType: raise "WrongArguments", "invalid arguments supplied: %s" % (args, )
- try:
- action = args[0]
- del args[0]
- device = None
- cmd_args = []
- if action == "luksFormat":
- device = args[0]; del args[0]
- cmd_args.append(action)
- cmd_args.append(device)
- elif action == "luksUUID":
- device = args[0]; del args[0]
- cmd_args.append(action)
- cmd_args.append(device)
- elif action == "luksOpen":
- if len(args) < 2: raise "WrongArguments", "missing arguments"
- device = args[0]; del args[0]
- destination = args[0]; del args[0]
- cmd_args.append(action)
- cmd_args.append(device)
- cmd_args.append(destination)
- elif action == "luksClose":
- if len(args) < 1: raise "WrongArguments", "missing arguments"
- destination = args[0]; del args[0]
- # maybe add a check for the mapped device's permissions?
- # dmsetup deps self.device
- cmd_args.append(action)
- cmd_args.append(destination)
- elif action == "luksAddKey":
- device = args[0]; del args[0]
- cmd_args.append(action)
- cmd_args.append(device)
- elif action == "luksDelKey":
- if len(cs_args) < 2: raise "WrongArguments", "missing arguments"
- device = args[0]; del args[0]
- cmd_args.insert(-1, action)
- cmd_args.insert(-1, device)
- elif action == "isLuks":
- device = args[0]; del args[0]
- cmd_args.append(action)
- cmd_args.append(device)
- else: raise "WrongArguments", "invalid action supplied: %s" % (action, )
- # check if a device was defined - and check it
- if (not device is None) and (not isWriteable(device, DEV_TYPES["block"])):
- raise "WrongArguments", "%s is not a writeable block device" % (device, )
- cs_args = [allowedProgs["cryptsetup"]]
- cs_args.extend(args)
- cs_args.extend(cmd_args)
- except (TypeError, IndexError):
- raise "WrongArguments", "invalid arguments supplied: %s" % (args, )
- # execute cryptsetup with the given parameters
- proc = subprocess.Popen(
- shell = False,
- args = cs_args)
- proc.wait()
- ## chown the devmapper block device to the cryptobox user
- if (proc.returncode == 0) and (action == "luksOpen"):
- os.chown(os.path.join(os.path.sep, "dev", "mapper", destination), os.getuid(), os.getgid())
- return proc.returncode == 0
-
-
-def run_sfdisk(args):
- """execute sfdisk for partitioning
-
- not implemented yet"""
- print "ok - you are free to call sfdisk ..."
- print " not yet implemented ..."
- return True
-
-
-def getFSType(device):
- """get the filesystem type of a device"""
- proc = subprocess.Popen(
- shell = False,
- stdout = subprocess.PIPE,
- args = [ allowedProgs["blkid"],
- "-s", "TYPE",
- "-o", "value",
- "-c", os.devnull,
- "-w", os.devnull,
- device])
- (stdout, stderr) = proc.communicate()
- if proc.returncode != 0:
- return None
- return stdout.strip()
-
-
-def run_mount(args):
- """execute mount
- """
- if not args: raise "WrongArguments", "no destination for mount supplied"
- if type(args) != types.ListType: raise "WrongArguments", "invalid arguments supplied: %s" % (args, )
- try:
- device = args[0]
- del args[0]
- destination = args[0]
- del args[0]
- # check permissions for the device
- if not isWriteable(device, DEV_TYPES["block"]):
- raise "WrongArguments", "%s is not a writeable block device" % (device, )
- ## check permissions for the mountpoint
- if not isWriteable(destination, DEV_TYPES["dir"]):
- raise "WrongArguments", "the mountpoint (%s) is not writeable" % (destination, )
- # check for additional (not allowed) arguments
- if len(args) != 0:
- raise "WrongArguments", "too many arguments for 'mount': %s" % (args, )
- except TypeError:
- raise "WrongArguments", "invalid arguments supplied: %s" % (args, )
- # execute mount with the given parameters
- # first overwrite the real uid, as 'mount' wants this to be zero (root)
- savedUID = os.getuid()
- os.setuid(os.geteuid())
- ## we have to change the permissions of the mounted directory - otherwise it will
- ## not be writeable for the cryptobox user
- ## for 'vfat' we have to do this during mount
- ## for ext2/3 we have to do it afterward
- ## first: get the user/group of the target
- (trustUserName, trustUID, groupsOfTrustUser) = getUserInfo(savedUID)
- trustGID = groupsOfTrustUser[0]
- fsType = getFSType(device)
- ## define arguments
- if fsType == "vfat":
- ## add the "uid/gid" arguments to the mount call
- mount_args = [allowedProgs["mount"],
- "-o", "uid=%d,gid=%d" % (trustUID, trustGID),
- device,
- destination]
- else:
- ## all other filesystem types will be handled after mount
- mount_args = [allowedProgs["mount"], device, destination]
- # execute mount
- proc = subprocess.Popen(
- shell = False,
- args = mount_args)
- proc.wait()
- ## return in case of an error
- if proc.returncode != 0:
- return False
- ## for vfat: we are done
- if fsType == "vfat": return True
- ## for all other filesystem types: chown the mount directory
- try:
- os.chown(destination, trustUID, groupsOfTrustUser[0])
- except OSError, errMsg:
- sys.stderr.write("could not chown the mount destination (%s) to the specified user (%d/%d): %s\n" % (destination, trustUID, groupsOfTrustUser[0], errMsg))
- sys.stderr.write("UID: %d\n" % (os.geteuid(),))
- return False
- ## BEWARE: it would be nice, if we could restore the previous uid (not euid) but
- ## this would also override the euid (see 'man 2 setuid') - any ideas?
- return True
-
-
-def run_umount(args):
- """execute mount
- """
- if not args: raise "WrongArguments", "no mountpoint for umount supplied"
- if type(args) != types.ListType: raise "WrongArguments", "invalid arguments supplied"
- try:
- destination = args[0]
- del args[0]
- # check permissions for the destination
- if not isWriteable(os.path.dirname(destination), DEV_TYPES["dir"]):
- raise "WrongArguments", "the parent of the mountpoint (%s) is not writeable" % (destination, )
- if len(args) != 0: raise "WrongArguments", "umount does not allow arguments"
- except TypeError:
- raise "WrongArguments", "invalid arguments supplied"
- # execute umount with the given parameters
- # first overwrite the real uid, as 'umount' wants this to be zero (root)
- savedUID = os.getuid()
- os.setuid(os.geteuid())
- # execute umount (with the parameter '-l' - lazy umount)
- proc = subprocess.Popen(
- shell = False,
- args = [allowedProgs["umount"], "-l", destination])
- proc.wait()
- # restore previous real uid
- os.setuid(savedUID)
- return proc.returncode == 0
-
-
-def getUserInfo(user):
- """return information about the specified user
-
- @user: (uid or name)
- @return: tuple of (name, uid, (groups))
- """
- if user is None: raise "KeyError", "no user supplied"
- # first check, if 'user' contains an id - then check for a name
- try:
- userinfo = pwd.getpwuid(user)
- except TypeError:
- # if a KeyError is raised again, then the supplied user was invalid
- userinfo = pwd.getpwnam(user)
- u_groups =[one_group.gr_gid
- for one_group in grp.getgrall()
- if userinfo.pw_name in one_group.gr_mem]
- if not userinfo.pw_gid in u_groups: u_groups.append(userinfo.pw_gid)
- return (userinfo.pw_name, userinfo.pw_uid, u_groups)
-
-
-# **************** main **********************
-
-# prevent import
-if __name__ == "__main__":
-
- # do we have root privileges (effective uid is zero)?
- if os.geteuid() != 0:
- sys.stderr.write("the effective uid is not zero - you should use 'super' to call this script (%s)" % sys.argv[0])
- sys.exit(100)
-
- # remove program name
- args = sys.argv[1:]
-
- # do not allow to use root permissions (real uid may not be zero)
- if os.getuid() == 0:
- sys.stderr.write("the uid of the caller is zero (root) - this is not allowed\n")
- sys.exit(100)
-
- # check if there were arguments
- if (len(args) == 0):
- sys.stderr.write("No arguments supplied\n")
- sys.exit(100)
-
- # did the user call the "check" action?
- if (len(args) == 1) and (args[0].lower() == "check"):
- # exit silently
- sys.exit(0)
-
- if args[0].lower() == "plugin":
- del args[0]
- try:
- isOK = call_plugin(args)
- except Exception, errMsg:
- sys.stderr.write("Execution of plugin failed: %s\n" % errMsg)
- sys.exit(100)
- if isOK:
- sys.exit(0)
- else:
- sys.exit(1)
-
- # check parameters count
- if len(args) < 2:
- sys.stderr.write("Not enough arguments supplied (%s)!\n" % " ".join(args))
- sys.exit(100)
-
- progRequest = args[0]
- del args[0]
-
- if not progRequest in allowedProgs.keys():
- sys.stderr.write("Invalid program requested: %s\n" % progRequest)
- sys.exit(100)
-
- if progRequest == "cryptsetup": runner = run_cryptsetup
- elif progRequest == "sfdisk": runner = run_sfdisk
- elif progRequest == "mount": runner = run_mount
- elif progRequest == "umount": runner = run_umount
- else:
- sys.stderr.write("The interface for this program (%s) is not yet implemented!\n" % progRequest)
- sys.exit(100)
- try:
- if runner(args):
- sys.exit(0)
- else:
- sys.exit(1)
- except "WrongArguments", errstr:
- sys.stderr.write("Execution failed: %s\n" % errstr)
- sys.exit(100)
-
diff --git a/pythonrewrite/bin/CryptoBoxSettings.py b/pythonrewrite/bin/CryptoBoxSettings.py
deleted file mode 100644
index 73ca9a6..0000000
--- a/pythonrewrite/bin/CryptoBoxSettings.py
+++ /dev/null
@@ -1,481 +0,0 @@
-import logging
-try:
- import validate
-except:
- raise CryptoBoxExceptions.CBEnvironmentError("couldn't import 'validate'! Try 'apt-get install python-formencode'.")
-import os
-import CryptoBoxExceptions
-import subprocess
-try:
- import configobj ## needed for reading and writing of the config file
-except:
- raise CryptoBoxExceptions.CBEnvironmentError("couldn't import 'configobj'! Try 'apt-get install python-configobj'.")
-
-
-
-class CryptoBoxSettings:
-
- CONF_LOCATIONS = [
- "./cryptobox.conf",
- "~/.cryptobox.conf",
- "/etc/cryptobox/cryptobox.conf"]
-
- NAMEDB_FILE = "cryptobox_names.db"
- PLUGINCONF_FILE = "cryptobox_plugins.conf"
- USERDB_FILE = "cryptobox_users.db"
-
-
- def __init__(self, config_file=None):
- self.log = logging.getLogger("CryptoBox")
- config_file = self.__getConfigFileName(config_file)
- self.log.info("loading config file: %s" % config_file)
- self.prefs = self.__getPreferences(config_file)
- self.__validateConfig()
- self.__configureLogHandler()
- self.__checkUnknownPreferences()
- self.preparePartition()
- self.nameDB = self.__getNameDatabase()
- self.pluginConf = self.__getPluginConfig()
- self.userDB = self.__getUserDB()
- self.misc_files = self.__getMiscFiles()
-
-
- def write(self):
- """
- write all local setting files including the content of the "misc" subdirectory
- """
- ok = True
- try:
- self.nameDB.write()
- except IOError:
- self.log.warn("could not save the name database")
- ok = False
- try:
- self.pluginConf.write()
- except IOError:
- self.log.warn("could not save the plugin configuration")
- ok = False
- try:
- self.userDB.write()
- except IOError:
- self.log.warn("could not save the user database")
- ok = False
- for misc_file in self.misc_files:
- if not misc_file.save():
- self.log.warn("could not save a misc setting file (%s)" % misc_file.filename)
- ok = False
- return ok
-
-
- def requiresPartition(self):
- return bool(self.prefs["Main"]["UseConfigPartition"])
-
-
- def getActivePartition(self):
- settings_dir = self.prefs["Locations"]["SettingsDir"]
- if not os.path.ismount(settings_dir): return None
- for line in file("/proc/mounts"):
- fields = line.split(" ")
- mount_dir = fields[1]
- try:
- if os.path.samefile(mount_dir, settings_dir): return fields[0]
- except OSError:
- pass
- ## no matching entry found
- return None
-
-
- def mountPartition(self):
- self.log.debug("trying to mount configuration partition")
- if not self.requiresPartition():
- self.log.warn("mountConfigPartition: configuration partition is not required - mounting anyway")
- if self.getActivePartition():
- self.log.warn("mountConfigPartition: configuration partition already mounted - not mounting again")
- return False
- confPartitions = self.getAvailablePartitions()
- if not confPartitions:
- self.log.error("no configuration partitions found - you have to create it first")
- return False
- partition = confPartitions[0]
- proc = subprocess.Popen(
- shell = False,
- stdout = subprocess.PIPE,
- stderr = subprocess.PIPE,
- args = [
- self.prefs["Programs"]["super"],
- self.prefs["Programs"]["CryptoBoxRootActions"],
- "mount",
- partition,
- self.prefs["Locations"]["SettingsDir"]])
- (stdout, stderr) = proc.communicate()
- if proc.returncode != 0:
- self.log.error("failed to mount the configuration partition: %s" % partition)
- self.log.error("output of mount: %s" % (stderr,))
- return False
- self.log.info("configuration partition mounted: %s" % partition)
- return True
-
-
- def umountPartition(self):
- if not self.getActivePartition():
- self.log.warn("umountConfigPartition: no configuration partition mounted")
- return False
- proc = subprocess.Popen(
- shell = False,
- stdout = subprocess.PIPE,
- stderr = subprocess.PIPE,
- args = [
- self.prefs["Programs"]["super"],
- self.prefs["Programs"]["CryptoBoxRootActions"],
- "umount",
- self.prefs["Locations"]["SettingsDir"]])
- (stdout, stderr) = proc.communicate()
- if proc.returncode != 0:
- self.log.error("failed to unmount the configuration partition")
- self.log.error("output of mount: %s" % (stderr,))
- return False
- self.log.info("configuration partition unmounted")
- return True
-
-
- def getAvailablePartitions(self):
- """returns a sequence of found config partitions"""
- proc = subprocess.Popen(
- shell = False,
- stdout = subprocess.PIPE,
- args = [
- self.prefs["Programs"]["blkid"],
- "-c", os.path.devnull,
- "-t", "LABEL=%s" % self.prefs["Main"]["ConfigVolumeLabel"] ])
- (output, error) = proc.communicate()
- if output:
- return [e.strip().split(":",1)[0] for e in output.splitlines()]
- else:
- return []
-
-
- def preparePartition(self):
- if self.requiresPartition() and not self.getActivePartition():
- self.mountPartition()
-
-
- def __getitem__(self, key):
- """redirect all requests to the 'prefs' attribute"""
- return self.prefs[key]
-
-
- def __getPreferences(self, config_file):
- import StringIO
- config_rules = StringIO.StringIO(self.validation_spec)
- try:
- prefs = configobj.ConfigObj(config_file, configspec=config_rules)
- if prefs:
- self.log.info("found config: %s" % prefs.items())
- else:
- raise CryptoBoxExceptions.CBConfigUnavailableError("failed to load the config file: %s" % config_file)
- except IOError:
- raise CryptoBoxExceptions.CBConfigUnavailableError("unable to open the config file: %s" % config_file)
- return prefs
-
-
- def __validateConfig(self):
- result = self.prefs.validate(CryptoBoxSettingsValidator(), preserve_errors=True)
- error_list = configobj.flatten_errors(self.prefs, result)
- if not error_list: return
- errorMsgs = []
- for sections, key, text in error_list:
- section_name = "->".join(sections)
- if not text:
- errorMsg = "undefined configuration value (%s) in section '%s'" % (key, section_name)
- else:
- errorMsg = "invalid configuration value (%s) in section '%s': %s" % (key, section_name, text)
- errorMsgs.append(errorMsg)
- raise CryptoBoxExceptions.CBConfigError, "\n".join(errorMsgs)
-
-
- def __checkUnknownPreferences(self):
- import StringIO
- config_rules = configobj.ConfigObj(StringIO.StringIO(self.validation_spec), list_values=False)
- self.__recursiveConfigSectionCheck("", self.prefs, config_rules)
-
-
- def __recursiveConfigSectionCheck(self, section_path, section_config, section_rules):
- """should be called by '__checkUnknownPreferences' for every section
- sends a warning message to the logger for every undefined (see validation_spec)
- configuration setting
- """
- for e in section_config.keys():
- element_path = section_path + e
- if e in section_rules.keys():
- if isinstance(section_config[e], configobj.Section):
- if isinstance(section_rules[e], configobj.Section):
- self.__recursiveConfigSectionCheck(element_path + "->", section_config[e], section_rules[e])
- else:
- self.log.warn("configuration setting should be a value instead of a section name: %s" % element_path)
- else:
- if not isinstance(section_rules[e], configobj.Section):
- pass # good - the setting is valid
- else:
- self.log.warn("configuration setting should be a section name instead of a value: %s" % element_path)
- else:
- self.log.warn("unknown configuration setting: %s" % element_path)
-
-
- def __getNameDatabase(self):
- try:
- try:
- nameDB_file = os.path.join(self.prefs["Locations"]["SettingsDir"], self.NAMEDB_FILE)
- except KeyError:
- raise CryptoBoxExceptions.CBConfigUndefinedError("Locations", "SettingsDir")
- except SyntaxError:
- raise CryptoBoxExceptions.CBConfigInvalidValueError("Locations", "SettingsDir", nameDB_file, "failed to interprete the filename of the name database correctly (%s)" % nameDB_file)
- ## create nameDB if necessary
- if os.path.exists(nameDB_file):
- nameDB = configobj.ConfigObj(nameDB_file)
- else:
- nameDB = configobj.ConfigObj(nameDB_file, create_empty=True)
- ## check if nameDB file was created successfully?
- if not os.path.exists(nameDB_file):
- raise CryptoBoxExceptions.CBEnvironmentError("failed to create name database (%s)" % nameDB_file)
- return nameDB
-
-
- def __getPluginConfig(self):
- import StringIO
- plugin_rules = StringIO.StringIO(self.pluginValidationSpec)
- try:
- try:
- pluginConf_file = os.path.join(self.prefs["Locations"]["SettingsDir"], self.PLUGINCONF_FILE)
- except KeyError:
- raise CryptoBoxExceptions.CBConfigUndefinedError("Locations", "SettingsDir")
- except SyntaxError:
- raise CryptoBoxExceptions.CBConfigInvalidValueError("Locations", "SettingsDir", pluginConf_file, "failed to interprete the filename of the plugin config file correctly (%s)" % pluginConf_file)
- ## create pluginConf_file if necessary
- if os.path.exists(pluginConf_file):
- pluginConf = configobj.ConfigObj(pluginConf_file, configspec=plugin_rules)
- else:
- pluginConf = configobj.ConfigObj(pluginConf_file, configspec=plugin_rules, create_empty=True)
- ## validate and convert values according to the spec
- pluginConf.validate(validate.Validator())
- ## check if pluginConf_file file was created successfully?
- if not os.path.exists(pluginConf_file):
- raise CryptoBoxExceptions.CBEnvironmentError("failed to create plugin configuration file (%s)" % pluginConf_file)
- return pluginConf
-
-
- def __getUserDB(self):
- import StringIO, sha
- userDB_rules = StringIO.StringIO(self.userDatabaseSpec)
- try:
- try:
- userDB_file = os.path.join(self.prefs["Locations"]["SettingsDir"], self.USERDB_FILE)
- except KeyError:
- raise CryptoBoxExceptions.CBConfigUndefinedError("Locations", "SettingsDir")
- except SyntaxError:
- raise CryptoBoxExceptions.CBConfigInvalidValueError("Locations", "SettingsDir", userDB_file, "failed to interprete the filename of the users database file correctly (%s)" % userDB_file)
- ## create userDB_file if necessary
- if os.path.exists(userDB_file):
- userDB = configobj.ConfigObj(userDB_file, configspec=userDB_rules)
- else:
- userDB = configobj.ConfigObj(userDB_file, configspec=userDB_rules, create_empty=True)
- ## validate and set default value for "admin" user
- userDB.validate(validate.Validator())
- ## check if userDB file was created successfully?
- if not os.path.exists(userDB_file):
- raise CryptoBoxExceptions.CBEnvironmentError("failed to create user database file (%s)" % userDB_file)
- ## define password hash function - never use "sha" directly - SPOT
- userDB.getDigest = lambda password: sha.new(password).hexdigest()
- return userDB
-
-
- def __getMiscFiles(self):
- misc_dir = os.path.join(self.prefs["Locations"]["SettingsDir"], "misc")
- if (not os.path.isdir(misc_dir)) or (not os.access(misc_dir, os.X_OK)):
- return []
- return [MiscConfigFile(os.path.join(misc_dir, f), self.log)
- for f in os.listdir(misc_dir)
- if os.path.isfile(os.path.join(misc_dir, f))]
-
-
- def __getConfigFileName(self, config_file):
- # search for the configuration file
- import types
- if config_file is None:
- # no config file was specified - we will look for it in the ususal locations
- conf_file_list = [os.path.expanduser(f)
- for f in self.CONF_LOCATIONS
- if os.path.exists(os.path.expanduser(f))]
- if not conf_file_list:
- # no possible config file found in the usual locations
- raise CryptoBoxExceptions.CBConfigUnavailableError()
- config_file = conf_file_list[0]
- else:
- # a config file was specified (e.g. via command line)
- if type(config_file) != types.StringType:
- raise CryptoBoxExceptions.CBConfigUnavailableError("invalid config file specified: %s" % config_file)
- if not os.path.exists(config_file):
- raise CryptoBoxExceptions.CBConfigUnavailableError("could not find the specified configuration file (%s)" % config_file)
- return config_file
-
-
- def __configureLogHandler(self):
- try:
- log_level = self.prefs["Log"]["Level"].upper()
- log_level_avail = ["DEBUG", "INFO", "WARN", "ERROR"]
- if not log_level in log_level_avail:
- raise TypeError
- except KeyError:
- raise CryptoBoxExceptions.CBConfigUndefinedError("Log", "Level")
- except TypeError:
- raise CryptoBoxExceptions.CBConfigInvalidValueError("Log", "Level", log_level, "invalid log level: only %s are allowed" % log_level_avail)
- try:
- try:
- log_handler = logging.FileHandler(self.prefs["Log"]["Details"])
- except KeyError:
- raise CryptoBoxExceptions.CBConfigUndefinedError("Log", "Details")
- except IOError:
- raise CryptoBoxExceptions.CBEnvironmentError("could not create the log file (%s)" % self.prefs["Log"]["Details"])
- log_handler.setFormatter(logging.Formatter('%(asctime)s CryptoBox %(levelname)s: %(message)s'))
- cbox_log = logging.getLogger("CryptoBox")
- ## remove previous handlers
- cbox_log.handlers = []
- ## add new one
- cbox_log.addHandler(log_handler)
- ## do not call parent's handlers
- cbox_log.propagate = False
- ## 'log_level' is a string -> use 'getattr'
- cbox_log.setLevel(getattr(logging,log_level))
- ## the logger named "CryptoBox" is configured now
-
-
- validation_spec = """
-[Main]
-AllowedDevices = list(min=1)
-DefaultVolumePrefix = string(min=1)
-DefaultCipher = string(default="aes-cbc-essiv:sha256")
-ConfigVolumeLabel = string(min=1, default="cbox_config")
-UseConfigPartition = integer(min=0, max=1, default=0)
-
-[Locations]
-MountParentDir = directoryExists(default="/var/cache/cryptobox/mnt")
-SettingsDir = directoryExists(default="/var/cache/cryptobox/settings")
-TemplateDir = directoryExists(default="/usr/share/cryptobox/template")
-LangDir = directoryExists(default="/usr/share/cryptobox/lang")
-DocDir = directoryExists(default="/usr/share/doc/cryptobox/html")
-PluginDir = directoryExists(default="/usr/share/cryptobox/plugins")
-
-[Log]
-Level = option("debug", "info", "warn", "error", default="warn")
-Destination = option("file", default="file")
-Details = string(min=1)
-
-[WebSettings]
-Stylesheet = string(min=1)
-Language = string(min=1, default="en")
-
-[Programs]
-cryptsetup = fileExecutable(default="/sbin/cryptsetup")
-mkfs-data = fileExecutable(default="/sbin/mkfs.ext3")
-blkid = fileExecutable(default="/sbin/blkid")
-blockdev = fileExecutable(default="/sbin/blockdev")
-mount = fileExecutable(default="/bin/mount")
-umount = fileExecutable(default="/bin/umount")
-super = fileExecutable(default="/usr/bin/super")
-# this is the "program" name as defined in /etc/super.tab
-CryptoBoxRootActions = string(min=1)
- """
-
- pluginValidationSpec = """
-[__many__]
-enabled = boolean(default=None)
-requestAuth = boolean(default=None)
-rank = integer(default=None)
- """
-
- userDatabaseSpec = """
-[admins]
-admin = string(default=d033e22ae348aeb5660fc2140aec35850c4da997)
- """
-
-
-class CryptoBoxSettingsValidator(validate.Validator):
-
- def __init__(self):
- validate.Validator.__init__(self)
- self.functions["directoryExists"] = self.check_directoryExists
- self.functions["fileExecutable"] = self.check_fileExecutable
- self.functions["fileWriteable"] = self.check_fileWriteable
-
-
- def check_directoryExists(self, value):
- dir_path = os.path.abspath(value)
- if not os.path.isdir(dir_path):
- raise validate.VdtValueError("%s (not found)" % value)
- if not os.access(dir_path, os.X_OK):
- raise validate.VdtValueError("%s (access denied)" % value)
- return dir_path
-
-
- def check_fileExecutable(self, value):
- file_path = os.path.abspath(value)
- if not os.path.isfile(file_path):
- raise validate.VdtValueError("%s (not found)" % value)
- if not os.access(file_path, os.X_OK):
- raise validate.VdtValueError("%s (access denied)" % value)
- return file_path
-
-
- def check_fileWriteable(self, value):
- file_path = os.path.abspath(value)
- if os.path.isfile(file_path):
- if not os.access(file_path, os.W_OK):
- raise validate.VdtValueError("%s (not found)" % value)
- else:
- parent_dir = os.path.dirname(file_path)
- if os.path.isdir(parent_dir) and os.access(parent_dir, os.W_OK):
- return file_path
- raise validate.VdtValueError("%s (directory does not exist)" % value)
- return file_path
-
-
-
-class MiscConfigFile:
-
- maxSize = 20480
-
- def __init__(self, filename, logger):
- self.filename = filename
- self.log = logger
- self.load()
-
-
- def load(self):
- fd = open(self.filename, "rb")
- ## limit the maximum size
- self.content = fd.read(self.maxSize)
- if fd.tell() == self.maxSize:
- self.log.warn("file in misc settings directory (%s) is bigger than allowed (%s)" % (self.filename, self.maxSize))
- fd.close()
-
-
- def save(self):
- save_dir = os.path.dirname(self.filename)
- ## create the directory, if necessary
- if not os.path.isdir(save_dir):
- try:
- os.mkdir(save_dir)
- except IOError:
- return False
- ## save the content of the file
- try:
- fd = open(self.filename, "wb")
- except IOError:
- return False
- try:
- fd.write(self.content)
- fd.close()
- return True
- except IOError:
- fd.close()
- return False
-
diff --git a/pythonrewrite/bin/CryptoBoxTools.py b/pythonrewrite/bin/CryptoBoxTools.py
deleted file mode 100644
index 25ffa03..0000000
--- a/pythonrewrite/bin/CryptoBoxTools.py
+++ /dev/null
@@ -1,186 +0,0 @@
-import logging
-import os
-import re
-
-logger = logging.getLogger("CryptoBox")
-
-
-def getAvailablePartitions():
- "retrieve a list of all available containers"
- ret_list = []
- try:
- "the following reads all lines of /proc/partitions and adds the mentioned devices"
- fpart = open("/proc/partitions", "r")
- try:
- line = fpart.readline()
- while line:
- p_details = line.split()
- if (len(p_details) == 4):
- "the following code prevents double entries like /dev/hda and /dev/hda1"
- (p_major, p_minor, p_size, p_device) = p_details
- ## ignore lines with: invalid minor/major or extend partitions (size=1)
- if re.search('^[0-9]*$', p_major) and re.search('^[0-9]*$', p_minor) and (p_size != "1"):
- p_parent = re.sub('[1-9]?[0-9]$', '', p_device)
- if p_parent == p_device:
- if [e for e in ret_list if re.search('^' + p_parent + '[1-9]?[0-9]$', e)]:
- "major partition - its children are already in the list"
- pass
- else:
- "major partition - but there are no children for now"
- ret_list.append(p_device)
- else:
- "minor partition - remove parent if necessary"
- if p_parent in ret_list: ret_list.remove(p_parent)
- ret_list.append(p_device)
- line = fpart.readline()
- finally:
- fpart.close()
- return map(getAbsoluteDeviceName, ret_list)
- except IOError:
- logger.warning("Could not read /proc/partitions")
- return []
-
-
-def getAbsoluteDeviceName(shortname):
- """ returns the absolute file name of a device (e.g.: "hda1" -> "/dev/hda1")
- this does also work for device mapper devices
- if the result is non-unique, one arbitrary value is returned"""
- if re.search('^/', shortname): return shortname
- default = os.path.join("/dev", shortname)
- if os.path.exists(default): return default
- result = findMajorMinorOfDevice(shortname)
- "if no valid major/minor was found -> exit"
- if not result: return default
- (major, minor) = result
- "for device-mapper devices (major == 254) ..."
- if major == 254:
- result = findMajorMinorDeviceName("/dev/mapper", major, minor)
- if result: return result[0]
- "now check all files in /dev"
- result = findMajorMinorDeviceName("/dev", major, minor)
- if result: return result[0]
- return default
-
-
-def findMajorMinorOfDevice(device):
- "return the major/minor numbers of a block device"
- if re.match("/", device) or not os.path.exists(os.path.join(os.path.sep,"sys","block",device)):
- ## maybe it is an absolute device name
- if not os.path.exists(device): return None
- ## okay - it seems to to a device node
- rdev = os.stat(device).st_rdev
- return (os.major(rdev), os.minor(rdev))
- blockdev_info_file = os.path.join(os.path.join(os.path.sep,"sys","block", device), "dev")
- try:
- f_blockdev_info = open(blockdev_info_file, "r")
- blockdev_info = f_blockdev_info.read()
- f_blockdev_info.close()
- (str_major, str_minor) = blockdev_info.split(":")
- "numeric conversion"
- try:
- major = int(str_major)
- minor = int(str_minor)
- return (major, minor)
- except ValueError:
- "unknown device numbers -> stop guessing"
- return None
- except IOError:
- pass
- return None
-
-
-def findMajorMinorDeviceName(dir, major, minor):
- "returns the names of devices with the specified major and minor number"
- collected = []
- try:
- subdirs = [os.path.join(dir, e) for e in os.listdir(dir) if (not os.path.islink(os.path.join(dir, e))) and os.path.isdir(os.path.join(dir, e))]
- "do a recursive call to parse the directory tree"
- for dirs in subdirs:
- collected.extend(findMajorMinorDeviceName(dirs, major, minor))
- "filter all device inodes in this directory"
- collected.extend([os.path.realpath(os.path.join(dir, e)) for e in os.listdir(dir) if (os.major(os.stat(os.path.join(dir, e)).st_rdev) == major) and (os.minor(os.stat(os.path.join(dir, e)).st_rdev) == minor)])
- ## remove double entries
- result = []
- for e in collected:
- if e not in result: result.append(e)
- return result
- except OSError:
- return []
-
-
-def getParentBlockDevices():
- devs = []
- for line in file("/proc/partitions"):
- p_details = line.split()
- ## we expect four values - otherwise continue with next iteration
- if len(p_details) != 4: continue
- (p_major, p_minor, p_size, p_device) = p_details
- ## we expect numeric values in the first two columns
- if re.search(u'\D',p_major) or re.search(u'\D',p_minor): continue
- ## now let us check, if it is a (parent) block device or a partition
- if not os.path.isdir(os.path.join(os.path.sep, "sys", "block", p_device)): continue
- devs.append(p_device)
- return map(getAbsoluteDeviceName, devs)
-
-
-def isPartOfBlockDevice(parent, subdevice):
- """check if the given block device is a parent of 'subdevice'
- e.g. for checking if a partition belongs to a block device"""
- try:
- (par_major, par_minor) = findMajorMinorOfDevice(parent)
- (sub_major, sub_minor) = findMajorMinorOfDevice(subdevice)
- except TypeError:
- ## at least one of these devices did not return a valid major/minor combination
- return False
- ## search the entry below '/sys/block' belonging to the parent
- root = os.path.join(os.path.sep, 'sys', 'block')
- for bldev in os.listdir(root):
- blpath = os.path.join(root, bldev, 'dev')
- if os.access(blpath, os.R_OK):
- try:
- if (str(par_major), str(par_minor)) == tuple([e for e in file(blpath)][0].strip().split(":",1)):
- parent_path = os.path.join(root, bldev)
- break
- except IndexError, OSError:
- pass
- else:
- ## no block device with this major/minor combination found below '/sys/block'
- return False
- for subbldev in os.listdir(parent_path):
- subblpath = os.path.join(parent_path, subbldev, "dev")
- if os.access(subblpath, os.R_OK):
- try:
- if (str(sub_major), str(sub_minor)) == tuple([e for e in file(subblpath)][0].strip().split(":",1)):
- ## the name of the subdevice node is not important - we found it!
- return True
- except IndexError, OSError:
- pass
- return False
-
-
-def getBlockDeviceSize(device):
- if not device: return -1
- try:
- rdev = os.stat(device).st_rdev
- except OSError:
- return -1
- minor = os.minor(rdev)
- major = os.major(rdev)
- for f in file("/proc/partitions"):
- try:
- elements = f.split()
- if len(elements) != 4: continue
- if (int(elements[0]) == major) and (int(elements[1]) == minor):
- return int(elements[2])/1024
- except ValueError:
- pass
- return -1
-
-
-def getBlockDeviceSizeHumanly(device):
- size = getBlockDeviceSize(device)
- if size > 5120:
- return "%sGB" % size/1024
- else:
- return "%sMB" % size
-
diff --git a/pythonrewrite/bin/CryptoBoxWebserver.py b/pythonrewrite/bin/CryptoBoxWebserver.py
deleted file mode 100755
index b841262..0000000
--- a/pythonrewrite/bin/CryptoBoxWebserver.py
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/usr/bin/env python2.4
-import os
-import WebInterfaceSites
-import sys
-
-try:
- import cherrypy
-except:
- print "Could not import the cherrypy module! Try 'apt-get install python-cherrypy'."
- sys.exit(1)
-
-class CryptoBoxWebserver:
- '''this class starts the cherryp webserver and serves the single sites'''
-
- def __init__(self):
- cherrypy.root = WebInterfaceSites.WebInterfaceSites()
- #expose static content:
- #I currently have no idea how to cleanly extract the stylesheet path from
- #the config object without an extra CryptoBox.CryptoBoxProps instance.
- #perhaps put config handling into a seperate class in CryptoBox.py?
- #
- # the following manual mapping is necessary, as we may not use relative
- # paths in the config file
- cherrypy.config.configMap.update({
- "/cryptobox-misc": {
- "staticFilter.on" : True,
- "staticFilter.dir": os.path.abspath("../www-data" )}
- })
-
- def start(self):
- # just use this config, when we're started directly
- cherrypy.config.update(file = "cryptoboxwebserver.conf")
- cherrypy.server.start()
-
-if __name__ == "__main__":
- cbw = CryptoBoxWebserver()
- cbw.start()
-
diff --git a/pythonrewrite/bin/Plugins.py b/pythonrewrite/bin/Plugins.py
deleted file mode 100644
index 97a7e83..0000000
--- a/pythonrewrite/bin/Plugins.py
+++ /dev/null
@@ -1,67 +0,0 @@
-# $Id$
-
-import imp
-import os
-import logging
-
-
-class PluginManager:
- """manage available plugins"""
-
- def __init__(self, cbox, plugin_dirs="."):
- self.cbox = cbox
- self.log = logging.getLogger("CryptoBox")
- if hasattr(plugin_dirs, "__iter__"):
- self.plugin_dirs = [os.path.abspath(dir) for dir in plugin_dirs]
- else:
- self.plugin_dirs = [os.path.abspath(plugin_dirs)]
- self.pluginList = self.__getAllPlugins()
-
-
- def getPlugins(self):
- return self.pluginList[:]
-
-
- def getPlugin(self, name):
- for p in self.pluginList[:]:
- if p.getName() == name:
- return p
- return None
-
-
- def __getAllPlugins(self):
- list = []
- for plfile in self.__getPluginFiles():
- list.append(self.__getPluginClass(os.path.basename(plfile)[:-3]))
- return list
-
-
- def __getPluginClass(self, name):
- for plfile in self.__getPluginFiles():
- if name == os.path.basename(plfile)[:-3]:
- try:
- pl_class = getattr(imp.load_source(name, plfile), name)
- except AttributeError:
- return None
- return pl_class(self.cbox, os.path.dirname(plfile))
- else:
- return None
-
-
- def __getPluginFiles(self):
- result = []
- for dir in [os.path.abspath(e) for e in self.plugin_dirs if os.access(e, os.R_OK) and os.path.isdir(e)]:
- for plname in [f for f in os.listdir(dir)]:
- pldir = os.path.join(dir, plname)
- plfile = os.path.join(pldir, plname + ".py")
- if os.path.isfile(plfile) and os.access(plfile, os.R_OK):
- result.append(plfile)
- return result
-
-
-if __name__ == "__main__":
- x = PluginManager(None, "../plugins")
- for a in x.getPlugins():
- if not a is None:
- print "Plugin: %s" % a.getName()
-
diff --git a/pythonrewrite/bin/WebInterfaceDataset.py b/pythonrewrite/bin/WebInterfaceDataset.py
deleted file mode 100644
index 7f2de6c..0000000
--- a/pythonrewrite/bin/WebInterfaceDataset.py
+++ /dev/null
@@ -1,136 +0,0 @@
-import os
-import CryptoBoxContainer
-import CryptoBoxTools
-
-## useful constant for some functions
-CONT_TYPES = CryptoBoxContainer.CryptoBoxContainer.Types
-
-class WebInterfaceDataset(dict):
- """this class contains all data that should be available for the clearsilver
- templates
- """
-
- def __init__(self, cbox, prefs, plugins):
- self.prefs = prefs
- self.cbox = cbox
- self.__setConfigValues()
- self.plugins = plugins
- self.setCryptoBoxState()
- self.setPluginData()
- self.setContainersState()
-
-
- def setCryptoBoxState(self):
- import cherrypy
- self["Data.Version"] = self.cbox.VERSION
- langs = self.cbox.getAvailableLanguages()
- langs.sort()
- for (index, lang) in enumerate(langs):
- self.cbox.log.info("language loaded: %s" % lang)
- self["Data.Languages.%d.name" % index] = lang
- self["Data.Languages.%d.link" % index] = self.__getLanguageName(lang)
- try:
- self["Data.ScriptURL.Prot"] = cherrypy.request.scheme
- host = cherrypy.request.headers["Host"]
- self["Data.ScriptURL.Host"] = host.split(":",1)[0]
- complete_url = "%s://%s" % (self["Data.ScriptURL.Prot"], self["Data.ScriptURL.Host"])
- try:
- port = int(host.split(":",1)[1])
- complete_url += ":%s" % port
- except (IndexError, ValueError):
- if cherrypy.request.scheme == "http":
- port = 80
- elif cherrypy.request.scheme == "https":
- port = 443
- else:
- ## unknown scheme -> port 0
- self.cbox.log.info("unknown protocol scheme used: %s" % (cherrypy.request.scheme,))
- port = 0
- self["Data.ScriptURL.Port"] = port
- ## retrieve the relative address of the CGI (or the cherrypy base address)
- ## remove the last part of the url and add a slash
- path = "/".join(cherrypy.request.path.split("/")[:-1]) + "/"
- self["Data.ScriptURL.Path"] = path
- complete_url += path
- self["Data.ScriptURL"] = complete_url
- except AttributeError:
- self["Data.ScriptURL"] = ""
-
-
- def setCurrentDiskState(self, device):
- for container in self.cbox.getContainerList():
- if container.getDevice() == device:
- isEncrypted = (container.getType() == CONT_TYPES["luks"]) and 1 or 0
- isPlain = (container.getType() == CONT_TYPES["plain"]) and 1 or 0
- isMounted = container.isMounted() and 1 or 0
- self["Data.CurrentDisk.device"] = container.getDevice()
- self["Data.CurrentDisk.name"] = container.getName()
- self["Data.CurrentDisk.encryption"] = isEncrypted
- self["Data.CurrentDisk.plaintext"] = isPlain
- self["Data.CurrentDisk.active"] = isMounted
- self["Data.CurrentDisk.size"] = CryptoBoxTools.getBlockDeviceSizeHumanly(container.getDevice())
- if isMounted:
- (size, avail, used) = container.getCapacity()
- percent = used / size
- self["Data.CurrentDisk.capacity.used"] = used
- self["Data.CurrentDisk.capacity.free"] = avail
- self["Data.CurrentDisk.capacity.size"] = size
- self["Data.CurrentDisk.capacity.percent"] = percent
- self["Settings.LinkAttrs.device"] = device
-
-
- def setContainersState(self):
- avail_counter = 0
- active_counter = 0
- for container in self.cbox.getContainerList():
- ## useful if the container was changed during an action
- container.resetObject()
- isEncrypted = (container.getType() == CONT_TYPES["luks"]) and 1 or 0
- isPlain = (container.getType() == CONT_TYPES["plain"]) and 1 or 0
- isMounted = container.isMounted() and 1 or 0
- self["Data.Disks.%d.device" % avail_counter] = container.getDevice()
- self["Data.Disks.%d.name" % avail_counter] = container.getName()
- self["Data.Disks.%d.encryption" % avail_counter] = isEncrypted
- self["Data.Disks.%d.plaintext" % avail_counter] = isPlain
- self["Data.Disks.%d.active" % avail_counter] = isMounted
- self["Data.Disks.%d.size" % avail_counter] = CryptoBoxTools.getBlockDeviceSizeHumanly(container.getDevice())
- if isMounted: active_counter += 1
- avail_counter += 1
- self["Data.activeDisksCount"] = active_counter
-
-
- def setPluginData(self):
- for p in self.plugins:
- lang_data = p.getLanguageData()
- entryName = "Settings.PluginList." + p.getName()
- self[entryName] = p.getName()
- self[entryName + ".Link"] = lang_data.getValue("Link", p.getName())
- self[entryName + ".Rank"] = p.getRank()
- self[entryName + ".RequestAuth"] = p.isAuthRequired() and "1" or "0"
- self[entryName + ".Enabled"] = p.isEnabled() and "1" or "0"
- for a in p.pluginCapabilities:
- self[entryName + ".Types." + a] = "1"
-
-
- def __setConfigValues(self):
- self["Settings.TemplateDir"] = os.path.abspath(self.prefs["Locations"]["TemplateDir"])
- self["Settings.LanguageDir"] = os.path.abspath(self.prefs["Locations"]["LangDir"])
- self["Settings.DocDir"] = os.path.abspath(self.prefs["Locations"]["DocDir"])
- self["Settings.Stylesheet"] = self.prefs["WebSettings"]["Stylesheet"]
- self["Settings.Language"] = self.prefs["WebSettings"]["Language"]
- self["Settings.PluginDir"] = self.prefs["Locations"]["PluginDir"]
- self["Settings.SettingsDir"] = self.prefs["Locations"]["SettingsDir"]
-
-
- def __getLanguageName(self, lang):
- try:
- import neo_cgi, neo_util, neo_cs
- except:
- raise CryptoBoxExceptions.CBEnvironmentError("couldn't import 'neo_*'! Try 'apt-get install python-clearsilver'.")
- hdf_path = os.path.join(self.prefs["Locations"]["LangDir"], lang + ".hdf")
- hdf = neo_util.HDF()
- hdf.readFile(hdf_path)
- return hdf.getValue("Name",lang)
-
-
-
diff --git a/pythonrewrite/bin/WebInterfaceSites.py b/pythonrewrite/bin/WebInterfaceSites.py
deleted file mode 100755
index 82405e9..0000000
--- a/pythonrewrite/bin/WebInterfaceSites.py
+++ /dev/null
@@ -1,427 +0,0 @@
-import CryptoBox
-import WebInterfaceDataset
-import re
-import Plugins
-from CryptoBoxExceptions import *
-import cherrypy
-import types
-import os
-
-try:
- import neo_cgi, neo_util, neo_cs
-except ImportError:
- errorMsg = "Could not import clearsilver module. Try 'apt-get install python-clearsilver'."
- self.log.error(errorMsg)
- sys.stderr.write(errorMsg)
- raise ImportError, errorMsg
-
-
-
-class PluginIconHandler:
-
- def __init__(self, plugins):
- for plugin in plugins.getPlugins():
- if not plugin: continue
- plname = plugin.getName()
- ## expose the getIcon function of this plugin
- setattr(self, plname, plugin.getIcon)
-
-
-
-class WebInterfaceSites:
- '''
- '''
-
- ## this template is used under strange circumstances
- defaultTemplate = "empty"
-
-
- def __init__(self):
- import logging
- self.cbox = CryptoBox.CryptoBoxProps()
- self.log = logging.getLogger("CryptoBox")
- self.prefs = self.cbox.prefs
- self.__resetDataset()
-
-
- def __resetDataset(self):
- """this method has to be called at the beginning of every "site" action
- important: only at the beginning of an action (to not loose information)
- important: for _every_ "site" action (cherrypy is stateful)
- also take care for the plugins, as they also contain datasets
- """
- self.__loadPlugins()
- self.dataset = WebInterfaceDataset.WebInterfaceDataset(self.cbox, self.prefs, self.pluginList.getPlugins())
- ## publish plugin icons
- self.icons = PluginIconHandler(self.pluginList)
- self.icons.exposed = True
- ## check, if a configuration partition has become available
- self.cbox.prefs.preparePartition()
-
-
- def __loadPlugins(self):
- self.pluginList = Plugins.PluginManager(self.cbox, self.prefs["Locations"]["PluginDir"])
- for plugin in self.pluginList.getPlugins():
- if not plugin: continue
- plname = plugin.getName()
- if plugin.isEnabled():
- self.cbox.log.info("Plugin '%s' loaded" % plname)
- ## this should be the "easiest" way to expose all plugins as URLs
- setattr(self, plname, self.return_plugin_action(plugin))
- setattr(getattr(self, plname), "exposed", True)
- # TODO: check, if this really works - for now the "stream_response" feature seems to be broken
- #setattr(getattr(self, plname), "stream_respones", True)
- else:
- self.cbox.log.info("Plugin '%s' is disabled" % plname)
- ## remove the plugin, if it was active before
- setattr(self, plname, None)
-
-
- ## this is a function decorator to check authentication
- ## it has to be defined before any page definition requiring authentification
- def __requestAuth(self=None):
- def check_credentials(site):
- def _inner_wrapper(self, *args, **kargs):
- import base64
- ## define a "non-allowed" function
- user, password = None, None
- try:
- resp = cherrypy.request.headers["Authorization"][6:] # ignore "Basic "
- (user, password) = base64.b64decode(resp).split(":",1)
- except KeyError:
- ## no "authorization" header was sent
- pass
- except TypeError:
- ## invalid base64 string
- pass
- except AttributeError:
- ## no cherrypy response header defined
- pass
- authDict = self.cbox.prefs.userDB["admins"]
- if user in authDict.keys():
- if self.cbox.prefs.userDB.getDigest(password) == authDict[user]:
- ## ok: return the choosen page
- self.cbox.log.info("access granted for: %s" % user)
- return site(self, *args, **kargs)
- else:
- self.cbox.log.info("wrong password supplied for: %s" % user)
- else:
- self.cbox.log.info("unknown user: %s" % str(user))
- ## wrong credentials: return "access denied"
- cherrypy.response.headers["WWW-Authenticate"] = '''Basic realm="CryptoBox"'''
- cherrypy.response.status = 401
- return self.__render("access_denied")
- return _inner_wrapper
- return check_credentials
-
-
- ######################################################################
- ## put real sites down here and don't forget to expose them at the end
-
-
- @cherrypy.expose
- def index(self, weblang=""):
- self.__resetDataset()
- self.__setWebLang(weblang)
- self.__checkEnvironment()
- ## do not forget the language!
- param_dict = {"weblang":weblang}
- ## render "disks" plugin by default
- return self.return_plugin_action(self.pluginList.getPlugin("disks"))(**param_dict)
-
-
- def return_plugin_action(self, plugin):
- def handler(self, **args):
- self.__resetDataset()
- self.__checkEnvironment()
- args_orig = dict(args)
- ## set web interface language
- try:
- self.__setWebLang(args["weblang"])
- del args["weblang"]
- except KeyError:
- self.__setWebLang("")
- ## we always read the "device" setting - otherwise volume-plugin links
- ## would not work easily (see "volume_props" linking to "format_fs")
- ## it will get ignored for non-volume plugins
- try:
- plugin.device = None
- if self.__setDevice(args["device"]):
- plugin.device = args["device"]
- del args["device"]
- except KeyError:
- pass
- ## check the device argument of volume plugins
- if "volume" in plugin.pluginCapabilities:
- ## initialize the dataset of the selected device if necessary
- if plugin.device:
- self.dataset.setCurrentDiskState(plugin.device)
- else:
- ## invalid (or missing) device setting
- return self.__render(self.defaultTemplate)
- ## check if there is a "redirect" setting - this will override the return
- ## value of the doAction function (e.g. useful for umount-before-format)
- try:
- if args["redirect"]:
- override_nextTemplate = { "plugin":args["redirect"] }
- if "volume" in plugin.pluginCapabilities:
- override_nextTemplate["values"] = {"device":plugin.device}
- del args["redirect"]
- except KeyError:
- override_nextTemplate = None
- ## call the plugin handler
- nextTemplate = plugin.doAction(**args)
- ## for 'volume' plugins: reread the dataset of the current disk
- ## additionally: set the default template for plugins
- if "volume" in plugin.pluginCapabilities:
- ## maybe the state of the current volume was changed?
- self.dataset.setCurrentDiskState(plugin.device)
- if not nextTemplate: nextTemplate = { "plugin":"volume_mount", "values":{"device":plugin.device}}
- else:
- ## maybe a non-volume plugin changed some plugin settings (e.g. plugin_manager)
- self.dataset.setPluginData()
- ## update the container hdf-dataset (maybe a plugin changed the state of a container)
- self.dataset.setContainersState()
- ## default page for non-volume plugins is the disk selection
- if not nextTemplate: nextTemplate = { "plugin":"disks", "values":{} }
- ## was a redirect requested?
- if override_nextTemplate:
- nextTemplate = override_nextTemplate
- ## if another plugins was choosen for 'nextTemplate', then do it!
- if isinstance(nextTemplate, types.DictType) \
- and "plugin" in nextTemplate.keys() \
- and "values" in nextTemplate.keys() \
- and self.pluginList.getPlugin(nextTemplate["plugin"]):
- valueDict = dict(nextTemplate["values"])
- ## force the current weblang attribute - otherwise it gets lost
- valueDict["weblang"] = self.dataset["Settings.Language"]
- new_plugin = self.pluginList.getPlugin(nextTemplate["plugin"])
- return self.return_plugin_action(new_plugin)(**valueDict)
- ## save the currently active plugin name
- self.dataset["Data.ActivePlugin"] = plugin.getName()
- return self.__render(nextTemplate, plugin)
- ## apply authentication?
- if plugin.isAuthRequired():
- return lambda **args: self.__requestAuth()(handler)(self, **args)
- else:
- return lambda **args: handler(self, **args)
-
-
- ## test authentication
- @cherrypy.expose
- @__requestAuth
- def test(self, weblang=""):
- self.__resetDataset()
- self.__setWebLang(weblang)
- self.__checkEnvironment()
- return "test passed"
-
-
- @cherrypy.expose
- def test_stream(self):
- """just for testing purposes - to check if the "stream_response" feature
- actually works - for now (September 02006) it does not seem to be ok"""
- import time
- yield "neu