From 49a5f739a57f00f84dd021bad4e17a9d1608da40 Mon Sep 17 00:00:00 2001 From: lars Date: Wed, 17 May 2006 12:39:32 +0000 Subject: [PATCH] improved ssl-check replaced default cipher with "aes" (just for testing) --- bin/cbox-manage.sh | 2 ++ bin/cbox-root-actions.sh | 5 +++-- bin/cryptobox.pl | 21 ++++++++++++++------- conf-examples/cryptobox.conf | 5 +++-- 4 files changed, 22 insertions(+), 11 deletions(-) diff --git a/bin/cbox-manage.sh b/bin/cbox-manage.sh index c11b3e8..d4de970 100755 --- a/bin/cbox-manage.sh +++ b/bin/cbox-manage.sh @@ -302,6 +302,7 @@ function get_available_disks() do [ "$scan" = "$avail" ] && echo "/dev/$avail" done done + return 0 } @@ -365,6 +366,7 @@ function umount_crypto() function box_purge() # removing just the first bytes from the harddisk should be enough # every harddisk will be overriden! +# this feature is only useful for validation { # TODO: not ALL harddisks, please! get_available_disks | while read a diff --git a/bin/cbox-root-actions.sh b/bin/cbox-root-actions.sh index 9f1ce6d..1501d34 100755 --- a/bin/cbox-root-actions.sh +++ b/bin/cbox-root-actions.sh @@ -138,9 +138,10 @@ case "$ACTION" in fi # just in case, that there is no ext2/3 filesystem: # set uid option (will fail silently for ext2/3) - mount -o remount,uid="$FILE_USER" "$MNT_PARENT/$name" 2>/dev/null || true + # TODO: there is no FILE_USER setting anymore - do we still need it? + #mount -o remount,uid="$FILE_USER" "$MNT_PARENT/$name" 2>/dev/null || true # adapt top-level permission to current setup - again: may fail silently - chown "$FILE_USER" "$MNT_PARENT/$name" 2>/dev/null || true + #chown "$FILE_USER" "$MNT_PARENT/$name" 2>/dev/null || true true ;; umount ) diff --git a/bin/cryptobox.pl b/bin/cryptobox.pl index e3dfe45..738c5c7 100755 --- a/bin/cryptobox.pl +++ b/bin/cryptobox.pl @@ -18,6 +18,7 @@ use CGI; use ClearSilver; use ConfigFile; use English; +use CGI::Carp; # drop privileges $UID = $EUID; @@ -209,11 +210,14 @@ sub log_msg sub check_ssl { - # BEWARE: dirty trick - is there a better way? - # stunnel is not in transparent mode -> that means, it replaces REMOTE_ADDR with - # its own IP (localhost, of course) - # TODO: this does not work with a native ssl webserver - return ($ENV{'REMOTE_ADDR'} eq '127.0.0.1'); + # check, if we are behind a proxy with ssl (e.g. pound) + return (0==0) if ($ENV{'HTTP_FRONT_END_HTTPS'} =~ m/^on$/i); + # environment variable set (e.g. via apache directive "SetEnv HTTPS On") + return (0==0) if ($ENV{'HTTPS'} =~ m/^on$/i); + # port 80 -> not encrypted + return (0==1) if ($ENV{'SERVER_PORT'} = 80); + # other ports -> maybe ok - we accept it + return (0==0); } @@ -240,7 +244,7 @@ sub exec_cb_script { } else { # parent @result = ; - close PROG_OUT or warn "error while running $CB_SCRIPT: $?"; + close PROG_OUT or warn "error while running $CB_SCRIPT (params:" . join(" ",@params) . "): $?"; } if (wantarray) { return @result; @@ -413,7 +417,10 @@ my $current_admin_pw; # first: check for ssl! if ( ! &check_ssl()) { $pagedata->setValue('Data.Error', 'NoSSL'); - $pagedata->setValue('Data.Redirect.URL', "https://" . $ENV{'HTTP_HOST'} . $ENV{'SCRIPT_NAME'}); + # remove port number from HTTP_HOST + my $hostname = $ENV{'HTTP_HOST'}; + $hostname =~ s/:[0-9]*//; + $pagedata->setValue('Data.Redirect.URL', "https://" . $hostname . $ENV{'SCRIPT_NAME'}); $pagedata->setValue('Data.Redirect.Delay', "3"); } elsif ($query->param('action')) { my $action = $query->param('action'); diff --git a/conf-examples/cryptobox.conf b/conf-examples/cryptobox.conf index 13f5fb2..e1f7f48 100644 --- a/conf-examples/cryptobox.conf +++ b/conf-examples/cryptobox.conf @@ -25,8 +25,9 @@ LOG_FILE=/var/log/cryptobox.log CONFIG_MARKER=cryptobox.marker # crypto settings -# there is no default hash, as this is ignored by luks -DEFAULT_CIPHER=aes-cbc-essiv:sha256 +# TODO: for now, the usual default cipher does not work on ARM, so we enable it during development +#DEFAULT_CIPHER=aes-cbc-essiv:sha256 +DEFAULT_CIPHER=aes DEV_MAPPER_DIR=/dev/mapper # distribution specific configuration