* stunnel4 works now
* test if uml image is writeable * diskname may not contain special chars helptext added
This commit is contained in:
parent
617b9d81af
commit
00ca9ef1a0
|
@ -28,6 +28,10 @@ if [ ! -e "$TEST_IMG" ]
|
||||||
dd if=/dev/zero of="$TEST_IMG" bs=1M count=$TEST_SIZE
|
dd if=/dev/zero of="$TEST_IMG" bs=1M count=$TEST_SIZE
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [ ! -w "$ROOT_IMG" ]; then
|
||||||
|
echo "Make sure \"${ROOT_IMG}\" exists and is writeable"
|
||||||
|
exit 1;
|
||||||
|
fi
|
||||||
# "aio=2.4" is necessary, as otherwise sfdiks hangs at "nanosleep({3,0})"
|
# "aio=2.4" is necessary, as otherwise sfdiks hangs at "nanosleep({3,0})"
|
||||||
linux ubd0="$ROOT_IMG" ubd1="$TEST_IMG" con=xterm hostfs=$PROJ_DIR fakehd eth0=daemon mem=$MEM_SIZE aio=2.4
|
linux ubd0="$ROOT_IMG" ubd1="$TEST_IMG" con=xterm hostfs=$PROJ_DIR fakehd eth0=daemon mem=$MEM_SIZE aio=2.4
|
||||||
|
|
||||||
|
|
|
@ -183,8 +183,9 @@ class encrypted_webinterface(cryptobox.plugins.base.CryptoBoxPlugin):
|
||||||
## retrieve currently requested port (not necessarily the port served
|
## retrieve currently requested port (not necessarily the port served
|
||||||
## by cherrypy - e.g. in a proxy setup)
|
## by cherrypy - e.g. in a proxy setup)
|
||||||
request_port = cherrypy.config.get("server.socket_port", 80)
|
request_port = cherrypy.config.get("server.socket_port", 80)
|
||||||
self.cbox.log.debug("[encrypted_webinterface] starting stunnel \
|
self.cbox.log.debug("[encrypted_webinterface] starting " \
|
||||||
on port %s" % request_port)
|
+ "%s on port %s for %s" % \
|
||||||
|
(self.root_action.STUNNEL_BIN, dest_port, request_port))
|
||||||
proc = subprocess.Popen(
|
proc = subprocess.Popen(
|
||||||
shell = False,
|
shell = False,
|
||||||
stdout = subprocess.PIPE,
|
stdout = subprocess.PIPE,
|
||||||
|
|
|
@ -20,7 +20,7 @@ EnvironmentWarning {
|
||||||
|
|
||||||
MissingProgramStunnel {
|
MissingProgramStunnel {
|
||||||
Title = Missing program
|
Title = Missing program
|
||||||
Text = The program 'stunnel' is not installed. Please ask the administrator of the CryptoBox server to configure it properly.
|
Text = The program 'stunnel4' is not installed. Please ask the administrator of the CryptoBox server to configure it properly.
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -25,19 +25,19 @@ __revision__ = "$Id"
|
||||||
## necessary: otherwise CryptoBoxRootActions.py will refuse to execute this script
|
## necessary: otherwise CryptoBoxRootActions.py will refuse to execute this script
|
||||||
PLUGIN_TYPE = "cryptobox"
|
PLUGIN_TYPE = "cryptobox"
|
||||||
|
|
||||||
STUNNEL_BIN = "/usr/bin/stunnel"
|
STUNNEL_BIN = "/usr/bin/stunnel4"
|
||||||
|
|
||||||
import sys
|
import sys
|
||||||
import os
|
import os
|
||||||
|
|
||||||
|
|
||||||
def _get_username(uid):
|
def _get_username():
|
||||||
import pwd
|
if ("SUPERCMD" in os.environ) and ("ORIG_USER" in os.environ):
|
||||||
try:
|
return os.environ["ORIG_USER"]
|
||||||
user_entry = pwd.getpwuid(uid)
|
elif "USER" in os.environ:
|
||||||
except KeyError:
|
return os.environ["USER"]
|
||||||
return False
|
else:
|
||||||
return user_entry[0]
|
return "cryptobox"
|
||||||
|
|
||||||
|
|
||||||
def run_stunnel(cert_file, src_port, dst_port, pid_file):
|
def run_stunnel(cert_file, src_port, dst_port, pid_file):
|
||||||
|
@ -51,7 +51,7 @@ def run_stunnel(cert_file, src_port, dst_port, pid_file):
|
||||||
if not os.path.isfile(cert_file):
|
if not os.path.isfile(cert_file):
|
||||||
sys.stderr.write("The certificate file (%s) does not exist!" % cert_file)
|
sys.stderr.write("The certificate file (%s) does not exist!" % cert_file)
|
||||||
return False
|
return False
|
||||||
username = _get_username(os.getuid())
|
username = _get_username()
|
||||||
if not username:
|
if not username:
|
||||||
sys.stderr.write("Could not retrieve the username with uid=%d." % os.getuid())
|
sys.stderr.write("Could not retrieve the username with uid=%d." % os.getuid())
|
||||||
return False
|
return False
|
||||||
|
@ -60,13 +60,17 @@ def run_stunnel(cert_file, src_port, dst_port, pid_file):
|
||||||
proc = subprocess.Popen(
|
proc = subprocess.Popen(
|
||||||
shell = False,
|
shell = False,
|
||||||
env = {},
|
env = {},
|
||||||
|
stdin = subprocess.PIPE,
|
||||||
args = [ STUNNEL_BIN,
|
args = [ STUNNEL_BIN,
|
||||||
"-P", pid_file,
|
"-fd",
|
||||||
"-p", cert_file,
|
"0"])
|
||||||
"-d", dst_port,
|
proc.stdin.write("setuid = %s\n" % username)
|
||||||
"-r", src_port,
|
proc.stdin.write("pid = %s\n" % pid_file)
|
||||||
"-s", username ])
|
proc.stdin.write("[cryptobox-server]\n")
|
||||||
proc.wait()
|
proc.stdin.write("connect = %s\n" % src_port)
|
||||||
|
proc.stdin.write("accept = %s\n" % dst_port)
|
||||||
|
proc.stdin.write("cert = %s\n" % cert_file)
|
||||||
|
(output, error) = proc.communicate()
|
||||||
return proc.returncode == 0
|
return proc.returncode == 0
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -30,7 +30,7 @@ Python code interface:
|
||||||
- access the plugin's state as self.prefs
|
- access the plugin's state as self.prefs
|
||||||
- store user supplied values in the dictionary self.prefs with indices starting with "_" (e.g.: self.prefs["_automount_uuids"])
|
- store user supplied values in the dictionary self.prefs with indices starting with "_" (e.g.: self.prefs["_automount_uuids"])
|
||||||
- system wide readonly plugin settings can be specified in the main cryptobox.conf -
|
- system wide readonly plugin settings can be specified in the main cryptobox.conf -
|
||||||
these settings are available as self.defaults[...]
|
these settings are available as self.defaults["..."]
|
||||||
- method "get_status":
|
- method "get_status":
|
||||||
- returns a string, that describes a state connected to this plugin (e.g. the current date and
|
- returns a string, that describes a state connected to this plugin (e.g. the current date and
|
||||||
time (for the "date" plugin))
|
time (for the "date" plugin))
|
||||||
|
|
|
@ -10,7 +10,7 @@ Button {
|
||||||
ContainerNameSet = Change name
|
ContainerNameSet = Change name
|
||||||
}
|
}
|
||||||
|
|
||||||
Help.Rename = Define a name for the volume. This should help you to manage multiple volumes easily.
|
Help.Rename = Define a name for the volume. This should help you to manage multiple volumes easily. (Only alphanumeric characters are allowed and one of the following: ". _ -")
|
||||||
|
|
||||||
AdviceMessage {
|
AdviceMessage {
|
||||||
NoRenameIfActive {
|
NoRenameIfActive {
|
||||||
|
|
Loading…
Reference in a new issue