From 00ca9ef1a03b68da279284da00427ef966c18ab4 Mon Sep 17 00:00:00 2001 From: age Date: Fri, 9 Feb 2007 22:12:52 +0000 Subject: [PATCH] * stunnel4 works now * test if uml image is writeable * diskname may not contain special chars helptext added --- bin/uml-setup.sh | 4 +++ .../encrypted_webinterface.py | 5 +-- plugins/encrypted_webinterface/language.hdf | 2 +- plugins/encrypted_webinterface/root_action.py | 34 +++++++++++-------- plugins/plugin-interface.txt | 2 +- plugins/volume_rename/language.hdf | 2 +- 6 files changed, 29 insertions(+), 20 deletions(-) diff --git a/bin/uml-setup.sh b/bin/uml-setup.sh index 461f178..e73bbca 100755 --- a/bin/uml-setup.sh +++ b/bin/uml-setup.sh @@ -28,6 +28,10 @@ if [ ! -e "$TEST_IMG" ] dd if=/dev/zero of="$TEST_IMG" bs=1M count=$TEST_SIZE fi +if [ ! -w "$ROOT_IMG" ]; then + echo "Make sure \"${ROOT_IMG}\" exists and is writeable" + exit 1; +fi # "aio=2.4" is necessary, as otherwise sfdiks hangs at "nanosleep({3,0})" linux ubd0="$ROOT_IMG" ubd1="$TEST_IMG" con=xterm hostfs=$PROJ_DIR fakehd eth0=daemon mem=$MEM_SIZE aio=2.4 diff --git a/plugins/encrypted_webinterface/encrypted_webinterface.py b/plugins/encrypted_webinterface/encrypted_webinterface.py index bd60b6b..7b5c012 100644 --- a/plugins/encrypted_webinterface/encrypted_webinterface.py +++ b/plugins/encrypted_webinterface/encrypted_webinterface.py @@ -183,8 +183,9 @@ class encrypted_webinterface(cryptobox.plugins.base.CryptoBoxPlugin): ## retrieve currently requested port (not necessarily the port served ## by cherrypy - e.g. in a proxy setup) request_port = cherrypy.config.get("server.socket_port", 80) - self.cbox.log.debug("[encrypted_webinterface] starting stunnel \ - on port %s" % request_port) + self.cbox.log.debug("[encrypted_webinterface] starting " \ + + "%s on port %s for %s" % \ + (self.root_action.STUNNEL_BIN, dest_port, request_port)) proc = subprocess.Popen( shell = False, stdout = subprocess.PIPE, diff --git a/plugins/encrypted_webinterface/language.hdf b/plugins/encrypted_webinterface/language.hdf index 5f62bf7..a5bad29 100644 --- a/plugins/encrypted_webinterface/language.hdf +++ b/plugins/encrypted_webinterface/language.hdf @@ -20,7 +20,7 @@ EnvironmentWarning { MissingProgramStunnel { Title = Missing program - Text = The program 'stunnel' is not installed. Please ask the administrator of the CryptoBox server to configure it properly. + Text = The program 'stunnel4' is not installed. Please ask the administrator of the CryptoBox server to configure it properly. } } diff --git a/plugins/encrypted_webinterface/root_action.py b/plugins/encrypted_webinterface/root_action.py index 4d63947..6bd176e 100755 --- a/plugins/encrypted_webinterface/root_action.py +++ b/plugins/encrypted_webinterface/root_action.py @@ -25,19 +25,19 @@ __revision__ = "$Id" ## necessary: otherwise CryptoBoxRootActions.py will refuse to execute this script PLUGIN_TYPE = "cryptobox" -STUNNEL_BIN = "/usr/bin/stunnel" +STUNNEL_BIN = "/usr/bin/stunnel4" import sys import os -def _get_username(uid): - import pwd - try: - user_entry = pwd.getpwuid(uid) - except KeyError: - return False - return user_entry[0] +def _get_username(): + if ("SUPERCMD" in os.environ) and ("ORIG_USER" in os.environ): + return os.environ["ORIG_USER"] + elif "USER" in os.environ: + return os.environ["USER"] + else: + return "cryptobox" def run_stunnel(cert_file, src_port, dst_port, pid_file): @@ -51,7 +51,7 @@ def run_stunnel(cert_file, src_port, dst_port, pid_file): if not os.path.isfile(cert_file): sys.stderr.write("The certificate file (%s) does not exist!" % cert_file) return False - username = _get_username(os.getuid()) + username = _get_username() if not username: sys.stderr.write("Could not retrieve the username with uid=%d." % os.getuid()) return False @@ -60,13 +60,17 @@ def run_stunnel(cert_file, src_port, dst_port, pid_file): proc = subprocess.Popen( shell = False, env = {}, + stdin = subprocess.PIPE, args = [ STUNNEL_BIN, - "-P", pid_file, - "-p", cert_file, - "-d", dst_port, - "-r", src_port, - "-s", username ]) - proc.wait() + "-fd", + "0"]) + proc.stdin.write("setuid = %s\n" % username) + proc.stdin.write("pid = %s\n" % pid_file) + proc.stdin.write("[cryptobox-server]\n") + proc.stdin.write("connect = %s\n" % src_port) + proc.stdin.write("accept = %s\n" % dst_port) + proc.stdin.write("cert = %s\n" % cert_file) + (output, error) = proc.communicate() return proc.returncode == 0 diff --git a/plugins/plugin-interface.txt b/plugins/plugin-interface.txt index 2830193..fd058a5 100644 --- a/plugins/plugin-interface.txt +++ b/plugins/plugin-interface.txt @@ -30,7 +30,7 @@ Python code interface: - access the plugin's state as self.prefs - store user supplied values in the dictionary self.prefs with indices starting with "_" (e.g.: self.prefs["_automount_uuids"]) - system wide readonly plugin settings can be specified in the main cryptobox.conf - - these settings are available as self.defaults[...] + these settings are available as self.defaults["..."] - method "get_status": - returns a string, that describes a state connected to this plugin (e.g. the current date and time (for the "date" plugin)) diff --git a/plugins/volume_rename/language.hdf b/plugins/volume_rename/language.hdf index 2d117bd..f7c839a 100644 --- a/plugins/volume_rename/language.hdf +++ b/plugins/volume_rename/language.hdf @@ -10,7 +10,7 @@ Button { ContainerNameSet = Change name } -Help.Rename = Define a name for the volume. This should help you to manage multiple volumes easily. +Help.Rename = Define a name for the volume. This should help you to manage multiple volumes easily. (Only alphanumeric characters are allowed and one of the following: ". _ -") AdviceMessage { NoRenameIfActive {