From 8138339ab77346ab32aafd1d4005e2dd194fabec Mon Sep 17 00:00:00 2001
From: lars <lars@systemausfall.org>
Date: Mon, 29 May 2006 09:34:54 +0000
Subject: [PATCH] (u)mounting of plaintext partitions fixed init-script fixed
 (debian)

---
 bin/cbox-manage.sh       | 24 +++++++++++++++-------
 bin/cryptobox.pl         | 44 ++++++++++++++++++++++++++++++++--------
 bin/init-script.sh       | 18 ++++++++--------
 lang/en.hdf              |  4 ++--
 templates/show_volume.cs |  8 ++++++--
 5 files changed, 69 insertions(+), 29 deletions(-)

diff --git a/bin/cbox-manage.sh b/bin/cbox-manage.sh
index 5abf15b..a7b805b 100755
--- a/bin/cbox-manage.sh
+++ b/bin/cbox-manage.sh
@@ -46,7 +46,7 @@ source "$DISTRIBUTION_CONF"
 [ -w "$LOG_FILE" ] || LOG_FILE=/tmp/$(basename "$LOG_FILE")
 
 # retrieve configuration directory
-CONFIG_DIR="$(getent passwd '$CRYPTOBOX_USER' | cut -d ':' -f 6)/config"
+CONFIG_DIR="$(getent passwd $CRYPTOBOX_USER | cut -d ':' -f 6)/config"
 CONFIG_MARKER=cryptobox.marker
 
 ## configuration
@@ -251,20 +251,24 @@ function create_crypto()
 }
 
 
-function is_config_active()
-{
+function is_config_active() {
 	test -f "$CONFIG_DIR/$CONFIG_MARKER"
 }
 
 
-function is_mounted()
 # Parameter: DEVICE
-{
+function is_mounted() {
 	local name=$(get_device_mnt_name "$1")
 	test -n "$name" && mountpoint -q "$MNT_PARENT/$name"
 }
 
 
+# Parameter: DEVICE
+function is_encrypted() {
+	"$ROOT_PERM_SCRIPT" is_crypto_partition "$1"
+}
+
+
 function get_available_disks()
 # looks which allowed disks are at the moment connected with the cbox
 {
@@ -310,7 +314,8 @@ function box_purge()
 
 
 function turn_off_all_containers() {
-	"$ROOT_PERM_SCRIPT" create_plain "$1"
+	# TODO - needs to be implemented
+	return 0
 }
 
 
@@ -371,7 +376,7 @@ case "$ACTION" in
 		is_device_allowed "$1" || error_msg 12 "invalid device: $1"
 		if test $# -eq 2
 		  then	"$ROOT_PERM_SCRIPT" create_crypto "$1" "$2"
-		  else	TODO "$1"
+		  else	"$ROOT_PERM_SCRIPT" create_plain "$1"
 		 fi
 		true
 		;;
@@ -380,6 +385,11 @@ case "$ACTION" in
 		is_device_allowed "$1" || error_msg 12 "invalid device: $1"
 		is_mounted "$1"
 		;;
+	is_encrypted )
+		[ $# -ne 1 ] && error_msg 10 "invalid number of parameters for 'is_mounted'"
+		is_device_allowed "$1" || error_msg 12 "invalid device: $1"
+		is_encrypted "$1"
+		;;
 	check_config)
 		is_config_active
 		;;
diff --git a/bin/cryptobox.pl b/bin/cryptobox.pl
index 86089eb..15efd52 100755
--- a/bin/cryptobox.pl
+++ b/bin/cryptobox.pl
@@ -282,6 +282,12 @@ sub check_init_running {
 }
 
 
+# Parameter: device
+sub check_device_encryption {
+	return (system("$CB_SCRIPT","is_encrypted",$1) == 0);
+}
+
+
 sub is_harddisk_available {
 	my @all_disks = &exec_cb_script("get_available_disks");
 	return @all_disks > 0;
@@ -335,9 +341,13 @@ sub mount_vol {
 	if (&check_mounted($device)) {
 		$pagedata->setValue('Data.Warning', 'IsMounted');
 	} else {
-		open(PW_INPUT, "| $CB_SCRIPT crypto-up $device");
-		print PW_INPUT $pw;
-		close(PW_INPUT);
+		if ($pw eq '') {
+			&exec_cb_script("crypto-up", $device);
+		} else {
+			open(PW_INPUT, "| $CB_SCRIPT crypto-up $device");
+			print PW_INPUT $pw;
+			close(PW_INPUT);
+		}
 	}
 }
 
@@ -541,6 +551,7 @@ if ( ! &check_ssl()) {
 		}
 	################ mount_do ########################
 	} elsif ($action eq 'mount_do') {
+		my $is_encrypted = &check_device_encryption($device) if ($device ne '');
 		if ($device eq '') {
 			&debug_msg(DEBUG_INFO, "invalid device: " . $query->param('device'));
 			$pagedata->setValue('Data.Warning', 'InvalidDevice');
@@ -556,13 +567,17 @@ if ( ! &check_ssl()) {
 		} elsif (&check_mounted($device)) {
 			$pagedata->setValue('Data.Warning', 'IsMounted');
 			$pagedata->setValue('Data.Action', 'show_volume');
-		} elsif ($query->param('crypto_password') eq '') {
+		} elsif ($is_encrypted && ($query->param('crypto_password') eq '')) {
 			# leeres Passwort
 			$pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
 			$pagedata->setValue('Data.Action', 'show_volume');
 		} else	{
 			# mounten
-			&mount_vol($device, $query->param('crypto_password'));
+			if ($is_encrypted) {
+				&mount_vol($device, $query->param('crypto_password'));
+			} else {
+				&mount_vol($device);
+			}
 			if (!&check_mounted($device)) {
 				$pagedata->setValue('Data.Warning', 'MountFailed');
 				$pagedata->setValue('Data.Action', 'show_volume');
@@ -747,11 +762,11 @@ if ( ! &check_ssl()) {
 				&& $current_admin_pw ne $query->param('current_admin_password')) {
 			$pagedata->setValue('Data.Warning', 'WrongAdminPassword');
 			$pagedata->setValue('Data.Action', 'form_init_partition');
-		} elsif ($query->param('crypto_password') ne $query->param('crypto_password2')) {
+		} elsif (defined($query->param('encryption')) && ($query->param('crypto_password') ne $query->param('crypto_password2'))) {
 			# different crypto-passwords
 			$pagedata->setValue('Data.Warning', 'DifferentCryptoPasswords');
 			$pagedata->setValue('Data.Action', 'form_init_partition');
-		} elsif ($query->param('crypto_password') eq '') {
+		} elsif (defined($query->param('encryption')) && ($query->param('crypto_password') eq '')) {
 			# empty password
 			$pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
 			$pagedata->setValue('Data.Action', 'form_init_partition');
@@ -760,7 +775,13 @@ if ( ! &check_ssl()) {
 			$pagedata->setValue('Data.Warning', 'InitNotConfirmed');
 			$pagedata->setValue('Data.Action', 'form_init_partition');
 		} else {
-			if (&volume_init($device,$query->param('crypto_password'))) {
+			my $init_result;
+			if (defined($query->param('encryption'))) {
+				$init_result = &volume_init($device,$query->param('crypto_password'));
+			} else {
+				$init_result = &volume_init($device);
+			}
+			if ($init_result) {
 				#$pagedata->setValue('Data.Success', 'InitRunning');
 				$pagedata->setValue('Data.Action', 'show_volume');
 			} else {
@@ -863,28 +884,33 @@ $pagedata->setValue('Data.QueryString', "$querystring") if ($querystring ne '');
 
 $pagedata->setValue('Data.Version', CRYPTOBOX_VERSION);
 
-my ($one_disk, $one_name, $isActive);
+my ($one_disk, $one_name, $isActive, $isEncrypted);
 my $avail_counter = 0; my $active_counter = 0; my $passive_counter = 0;
 for $one_disk (&get_available_disks()) {
 	$one_name = &get_disk_name($one_disk);
+	$isEncrypted = &check_device_encryption($one_disk);
 	$pagedata->setValue("Data.Disks.available.${avail_counter}.device",$one_disk);
 	$pagedata->setValue("Data.Disks.available.${avail_counter}.name",$one_name);
+	$pagedata->setValue("Data.Disks.available.${avail_counter}.encryption", $isEncrypted? 1 : 0);
 	$isActive = &check_mounted($one_disk);
 	if ($isActive) {
 		$pagedata->setValue("Data.Disks.available.${avail_counter}.isActive",1);
 		$pagedata->setValue("Data.Disks.active.${active_counter}.device",$one_disk);
 		$pagedata->setValue("Data.Disks.active.${active_counter}.name",$one_name);
+		$pagedata->setValue("Data.Disks.active.${avail_counter}.encryption", $isEncrypted? 1 : 0);
 		$active_counter++;
 	} else {
 		$pagedata->setValue("Data.Disks.available.${avail_counter}.isActive",0);
 		$pagedata->setValue("Data.Disks.passive.${passive_counter}.device",$one_disk);
 		$pagedata->setValue("Data.Disks.passive.${passive_counter}.name",$one_name);
+		$pagedata->setValue("Data.Disks.passive.${avail_counter}.encryption", $isEncrypted? 1 : 0);
 		$passive_counter++;
 	}
 	if ($device eq $one_disk) {
 		$pagedata->setValue('Data.CurrentDisk.device', $one_disk);
 		$pagedata->setValue('Data.CurrentDisk.name', $one_name);
 		$pagedata->setValue('Data.CurrentDisk.active', $isActive? 1 : 0);
+		$pagedata->setValue("Data.CurrentDisk.encryption", $isEncrypted? 1 : 0);
 		# retrieve capacity information if the device is mounted
 		if (&check_mounted($device)) {
 			my $cap_info = &exec_cb_script("get_capacity_info",$device);
diff --git a/bin/init-script.sh b/bin/init-script.sh
index 2dd46db..4c05feb 100755
--- a/bin/init-script.sh
+++ b/bin/init-script.sh
@@ -16,13 +16,13 @@
 # startup switch defaults to zero (enabled)
 NO_START=${NO_START:-0}
 
-if [ "$NO_START" = "1" ]
-  then	[ $# -eq 0 ] && exit 0
-	[ "$1" = "status" ] && exit 1
-	[ "$1" = "stop" ] && exit 0
-	echo "CryptoBox is disabled by default"
-	exit 0
- fi
+#if [ "$NO_START" = "1" ]
+#  then	[ $# -eq 0 ] && exit 0
+#	[ "$1" = "status" ] && exit 1
+#	[ "$1" = "stop" ] && exit 0
+#	echo "CryptoBox is disabled by default"
+#	exit 0
+# fi
 
 # set CONF_FILE to default value, if not configured in /etc/default/cryptobox
 CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
@@ -40,12 +40,12 @@ case "$1" in
 		;;
 	stop )
 		# unmount all active containers
-		"$LIB_DIR/cbox-manage.sh" umount_all
+		"/usr/lib/cryptobox/cbox-manage.sh" umount_all
 		;;
 	restart )
 		"$0" stop 
 		"$0" start
-		;
+		;;
 	* )
 		echo "invalid action specified - try { start | stop | restart }" >&2
 		exit 1
diff --git a/lang/en.hdf b/lang/en.hdf
index 368de40..8cd6ccf 100644
--- a/lang/en.hdf
+++ b/lang/en.hdf
@@ -54,8 +54,8 @@ Lang {
 		DoInit		= Initialization
 		SaveConfig	= Save configuration
 		Update		= Refresh
-		Mount		= Activate encrypted filesystem
-		Umount		= Deactivate encrypted filesystem
+		Mount		= Activate filesystem
+		Umount		= Deactivate filesystem
 		Config		= Configuration
 		PowerOff	= Shutdown
 		ReBoot		= Reboot
diff --git a/templates/show_volume.cs b/templates/show_volume.cs
index 5dbd706..65c4c0a 100644
--- a/templates/show_volume.cs
+++ b/templates/show_volume.cs
@@ -6,8 +6,11 @@
 <?cs if:!Data.CurrentDisk.active ?>
 	<h2>Mount container</h2>
 	<?cs call:print_form_header() ?>
-		<p><label for="crypto_passwort"><?cs var:html_escape(Lang.Text.EnterCurrentCryptoPassword) ?></label>
-		<input type="password" id="crypto_password" name="crypto_password" size="20" maxlength="40" />
+		<p>
+		<?cs if:Data.CurrentDisk.encryption ?>
+			<label for="crypto_passwort"><?cs var:html_escape(Lang.Text.EnterCurrentCryptoPassword) ?></label>
+			<input type="password" id="crypto_password" name="crypto_password" size="20" maxlength="40" />
+		<?cs /if ?>
 		<input type="hidden" name="device" value="<?cs var:html_escape(Data.CurrentDisk.device) ?>" />
 		<input type="hidden" name="action" value="mount_do" />
 		<button type="submit"><?cs var:Lang.Button.Mount ?></button></p>
@@ -54,6 +57,7 @@
 	<li>Name of container: <?cs var:html_escape(Data.CurrentDisk.name) ?></li>
 	<li>Name of device: <?cs var:html_escape(Data.CurrentDisk.device) ?></li>
 	<li>Current status: <?cs if:Data.CurrentDisk.active ?>active<?cs else ?>passive<?cs /if ?></li>
+	<li>Encryption: <?cs if:Data.CurrentDisk.encryption ?>on<?cs else ?>off<?cs /if ?></li>
 	<?cs if:Data.CurrentDisk.active ?>
 		<li>Size of container: <?cs var:html_escape(Data.CurrentDisk.capacity.size) ?></li>
 		<li>Available space of container: <?cs var:html_escape(Data.CurrentDisk.capacity.free) ?></li>