fixed a lot of indentions
added a administration password to initialization
This commit is contained in:
parent
28380202b9
commit
b91e2da4d1
|
@ -283,6 +283,10 @@ function init_cryptobox_part1()
|
|||
create_partitions "$device"
|
||||
create_config "$device"
|
||||
) >>"$LOG_FILE" 2>&1
|
||||
# read the admin-pw from the first line of input
|
||||
local admin_pw
|
||||
read admin_pw
|
||||
config_set_value admin_pw "$admin_pw"
|
||||
# the output of create_crypto may NOT be redirected - this would prevent cryptsetup from
|
||||
# reading the passphrase from stdin
|
||||
log_msg "Creating the crypto partition ..."
|
||||
|
@ -359,7 +363,7 @@ case "$ACTION" in
|
|||
ifconfig $NET_IFACE down
|
||||
;;
|
||||
services-up )
|
||||
/etc/init.d/thttpd start
|
||||
# is something special necessary?
|
||||
;;
|
||||
services-down )
|
||||
/etc/init.d/samba stop
|
||||
|
|
|
@ -15,8 +15,10 @@ Lang {
|
|||
|
||||
|
||||
Text {
|
||||
EnterNewPassword = Das neue Passwort eingeben:
|
||||
EnterSamePassword = Das neue Passwort wiederholen:
|
||||
EnterNewCryptoPassword = Das neue Crypto-Passwort eingeben:
|
||||
EnterSameCryptoPassword = Das Crypto-Passwort wiederholen:
|
||||
EnterNewAdminPassword = Das neue Admin-Passwort eingeben:
|
||||
EnterSameAdminPassword = Das Admin-Passwort wiederholen:
|
||||
InitWarning = Bei der Initialisierung werden ALLE DATEN auf der Festplatte GELÖSCHT!
|
||||
InitDescription = Dieser Schritt ist nur einmalig vor der ersten Nutzung notwendig.<br>Für den täglichen Gebrauch muessen sie das verschlüsselte Dateisystem lediglich aktivieren und deaktivieren
|
||||
ConfirmInitHint = Um zu bestätigen, dass sie wissen, was sie tun, tippen sie hier bitte exakt Folgendes ein:
|
||||
|
@ -53,13 +55,18 @@ Lang {
|
|||
Text = Der Bestätigungssatz muss exakt eingegeben werden!
|
||||
}
|
||||
|
||||
EmptyPassword {
|
||||
Title = Ungültige Eingabe
|
||||
Text = Das Passwort darf nicht leer sein!
|
||||
EmptyCryptoPassword {
|
||||
Title = Ungültiges Crypto-Passwort
|
||||
Text = Das Crypto-Passwort darf nicht leer sein!
|
||||
}
|
||||
|
||||
DifferentPasswords {
|
||||
Title = Ungleiche Passworte
|
||||
DifferentCryptoPasswords {
|
||||
Title = Ungleiche Crypto-Passworte
|
||||
Text = Die beiden Passworte müssen identisch sein, um sicherzustellen, dass dies das gewünschte Passwort ist.
|
||||
}
|
||||
|
||||
DifferentAdminPasswords {
|
||||
Title = Ungleiche Administratons-Passworte
|
||||
Text = Die beiden Passworte müssen identisch sein, um sicherzustellen, dass dies das gewünschte Passwort ist.
|
||||
}
|
||||
|
||||
|
|
|
@ -1,23 +1,27 @@
|
|||
<h1><?cs var:Lang.Title.Init ?></h1>
|
||||
|
||||
<div class="init">
|
||||
<div class="init">
|
||||
<form action="<?cs call:getSelfURL('','') ?>" method="post" enctype="application/x-www-form-urlencoded">
|
||||
|
||||
<p class="note"><?cs var:Lang.Text.InitWarning ?></p>
|
||||
<p><label for="password"><?cs call:help_popUp(Lang.Text.EnterNewPassword,"crypto_pw") ?></label><br/>
|
||||
<input type="password" id="password" name="password" size="20" tabindex="1" maxlength="40" /></p>
|
||||
<p><label for="password2"><?cs call:help_popUp(Lang.Text.EnterSamePassword,'crypto_pw_repeat') ?></label><br/>
|
||||
<input type="password" id="password2" name="password2" size="20" tabindex="2" maxlength="40" /></p>
|
||||
<p><label for="admin_password"><?cs call:help_popUp(Lang.Text.EnterNewAdminPassword,"admin_pw") ?></label><br/>
|
||||
<input type="password" id="admin_password" name="admin_password" size="20" tabindex="1" maxlength="40" /> </p>
|
||||
<p><label for="admin_password2"><?cs call:help_popUp(Lang.Text.EnterSameAdminPassword,"admin_pw_repeat") ?></label><br/>
|
||||
<input type="password" id="admin_password2" name="admin_password2" size="20" tabindex="1" maxlength="40" /></p>
|
||||
<p><label for="crypto_password"><?cs call:help_popUp(Lang.Text.EnterNewCryptoPassword,"crypto_pw") ?></label><br/>
|
||||
<input type="password" id="crypto_password" name="crypto_password" size="20" tabindex="1" maxlength="40" /></p>
|
||||
<p><label for="crypto_password2"><?cs call:help_popUp(Lang.Text.EnterSameCryptoPassword,'crypto_pw_repeat') ?></label><br/>
|
||||
<input type="password" id="crypto_password2" name="crypto_password2" size="20" tabindex="2" maxlength="40" /></p>
|
||||
<p><label for="confirm"><?cs call:help_popUp(Lang.Text.ConfirmInitHint,'confirm_text') ?><br/>
|
||||
<span class="note" id="confirmtext"><?cs var:Lang.Text.ConfirmInit ?></span></label><br/>
|
||||
<input type="text" id="confirm" name="confirm" size="30" tabindex="3" maxlength="50" /></p>
|
||||
<button type="submit" name="action" value="init_do" tabindex="4"><?cs var:Lang.Button.DoInit ?></button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<hr/>
|
||||
<hr/>
|
||||
|
||||
<div class="partition_info">
|
||||
<div class="partition_info">
|
||||
<h2><?cs var:Lang.Text.PartitionInfo ?></h2>
|
||||
<p><?cs var:Data.PartitionInfo ?></p>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
<h3>Administration password of the CryptoBox</h3>
|
||||
<p>This password protects your CryptoBox against random re-initialization by unauthorized people.
|
||||
Any dangerous administrative action requires this administration password.</p>
|
||||
<p>You may leave this password blank, if your network is safe.</p>
|
||||
<p>The administration password does NOT protect your sensible data in any way!</p>
|
|
@ -0,0 +1,3 @@
|
|||
<h3>Repeat the administration password</h3>
|
||||
<p>This ensures, that you do not mistype your administration password.</p>
|
||||
<p>Leave it blank, if you do not need an administration password.</p>
|
|
@ -1,2 +1,2 @@
|
|||
<h3>Repeat the crypto password</h3>
|
||||
<p>This ensures, that you do not mistype your password.</p>
|
||||
<h3>Repeat the encryption password</h3>
|
||||
<p>This ensures, that you do not mistype your encryption password.</p>
|
||||
|
|
|
@ -176,11 +176,13 @@ sub umount_vol
|
|||
|
||||
sub box_init
|
||||
{
|
||||
my $pw = shift;
|
||||
my $admin_pw = shift;
|
||||
my $crypto_pw = shift;
|
||||
|
||||
# partitioning, config and initial cryptsetup
|
||||
open(PW_INPUT, "|$CB_SCRIPT box-init-fg");
|
||||
print PW_INPUT $pw;
|
||||
print PW_INPUT "$admin_pw";
|
||||
print PW_INPUT "$crypto_pw";
|
||||
close(PW_INPUT);
|
||||
|
||||
# wipe and mkfs takes some time - it will be done in the background
|
||||
|
@ -380,13 +382,17 @@ if ( ! &check_ssl()) {
|
|||
}
|
||||
#################### init_do ########################
|
||||
} elsif ($action eq 'init_do') {
|
||||
if ($query->param('password') ne $query->param('password2')) {
|
||||
# different passwords
|
||||
$pagedata->setValue('Data.Warning', 'DifferentPasswords');
|
||||
if ($query->param('admin_password') ne $query->param('admin_password2')) {
|
||||
# different admin-passwords
|
||||
$pagedata->setValue('Data.Warning', 'DifferentAdminPasswords');
|
||||
$pagedata->setValue('Data.Action', 'init_form');
|
||||
} elsif ($query->param('password') eq '') {
|
||||
} elsif ($query->param('crypto_password') ne $query->param('crypto_password2')) {
|
||||
# different crypto-passwords
|
||||
$pagedata->setValue('Data.Warning', 'DifferentCryptoPasswords');
|
||||
$pagedata->setValue('Data.Action', 'init_form');
|
||||
} elsif ($query->param('crypto_password') eq '') {
|
||||
# empty password
|
||||
$pagedata->setValue('Data.Warning', 'EmptyPassword');
|
||||
$pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
|
||||
$pagedata->setValue('Data.Action', 'init_form');
|
||||
} elsif ($query->param('confirm') ne $pagedata->getValue('Lang.Text.ConfirmInit','')) {
|
||||
# wrong confirm string
|
||||
|
@ -394,7 +400,7 @@ if ( ! &check_ssl()) {
|
|||
$pagedata->setValue('Data.Action', 'init_form');
|
||||
} else {
|
||||
# do init
|
||||
&box_init($query->param('password'));
|
||||
&box_init($query->param('admin_password'),$query->param('crypto_password'));
|
||||
if (!&check_init_running()) {
|
||||
$pagedata->setValue('Data.Error', 'InitFailed');
|
||||
} else {
|
||||
|
|
|
@ -14,7 +14,7 @@ name = CryptoBox
|
|||
version = 0.0.1
|
||||
|
||||
# Person that built it
|
||||
builder = s.l.
|
||||
builder = sense.lab
|
||||
|
||||
# Repositories to mirror. Details about each one are configured below.
|
||||
dlrepos = sarge
|
||||
|
@ -144,7 +144,7 @@ ramdisk_files = /etc/resolv.conf
|
|||
/etc/network
|
||||
/var/lib/misc
|
||||
/var/lib/urandom
|
||||
/etc/hotplug
|
||||
/etc/hotplug/.run
|
||||
/var/spool/cron
|
||||
|
||||
# Directories to create on live fs
|
||||
|
|
Loading…
Reference in New Issue