From ea8dc17a1751e5ebfe4c945f2f49ae7dd0d7b546 Mon Sep 17 00:00:00 2001
From: lars <lars@systemausfall.org>
Date: Tue, 13 Dec 2005 20:39:14 +0000
Subject: [PATCH] bugfixes all over

---
 DEBIAN/postinst                               |  3 +-
 cbox-tree.d/etc/cryptobox/cryptobox.conf      |  3 +-
 cbox-tree.d/etc/init.d/cryptobox              |  8 +-
 cbox-tree.d/usr/lib/cgi-bin/cryptobox.pl      | 26 +++---
 cbox-tree.d/usr/lib/cryptobox/cbox-manage.sh  | 83 +++++++++----------
 .../usr/share/cryptobox/templates/nav.cs      |  2 +-
 6 files changed, 62 insertions(+), 63 deletions(-)

diff --git a/DEBIAN/postinst b/DEBIAN/postinst
index 904e670..2951f7e 100755
--- a/DEBIAN/postinst
+++ b/DEBIAN/postinst
@@ -10,8 +10,7 @@ CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
 if [ -e "$CONF_FILE" ]
 	then	. "$CONF_FILE"
 			# create mount and config directories with appropriate permissions
-			[ ! -e "$MNT_PARENT" ] && mkdir -p "$MNT_PARENT" && \
-				chown "$WEB_USER" "$MNT_PARENT" && chmod 700 "$MNT_PARENT"
+			[ ! -e "$MNT_PARENT" ] && mkdir -p "$MNT_PARENT"
 			[ ! -e "$CONFIG_DIR" ] && mkdir -p "$CONFIG_DIR" && \
 				chown "$WEB_USER" "$CONFIG_DIR" && chmod 700 "$CONFIG_DIR"
 			[ ! -e "$LOG_FILE" ] && touch "$LOG_FILE" && chown "$WEB_USER" "$LOG_FILE"
diff --git a/cbox-tree.d/etc/cryptobox/cryptobox.conf b/cbox-tree.d/etc/cryptobox/cryptobox.conf
index 75fd7f8..342f46f 100644
--- a/cbox-tree.d/etc/cryptobox/cryptobox.conf
+++ b/cbox-tree.d/etc/cryptobox/cryptobox.conf
@@ -5,7 +5,8 @@ LANGUAGE=en
 NET_IFACE=eth0
 FILE_USER=cryptobox-data
 WEB_USER=www-data
-SCAN_DEVICES="hda hdb hdc hdd hde hdf hdg scd sg sda sdb sdc sdd"
+SCAN_DEVICES="sda"
+#SCAN_DEVICES="hda hdb hdc hdd hde hdf hdg scd sg sda sdb sdc sdd"
 
 # set this to "1" to create a dedicated configuration partition (very small)
 # this should only be necessary, if your root filesystem is read-only (as for a live-cd)
diff --git a/cbox-tree.d/etc/init.d/cryptobox b/cbox-tree.d/etc/init.d/cryptobox
index a5d5065..9e6c35c 100755
--- a/cbox-tree.d/etc/init.d/cryptobox
+++ b/cbox-tree.d/etc/init.d/cryptobox
@@ -48,7 +48,7 @@ case "$1" in
 		if [ ! -e "$DEV_FEATURES_SCRIPT" ]; then
 			echo
 			echo "How to use the CryptoBox:"
-			echo "	* point a webbrowser from another computer to 'http://$(/usr/lib/cryptobox/cbox-manage.sh get_current_ip)'"
+			echo "	* point a webbrowser from another computer to 'http://$(/usr/lib/cryptobox/cbox-manage.sh get_current_ip)/cryptobox'"
 			echo "	* configure your CryptoBox via a webbrowser"
 			echo
 		  else	
@@ -68,9 +68,9 @@ case "$1" in
 		# exit if not running
 		"$0" status || exit 0
 		# shut down
-		"$CB_SCRIPT" services-up
-		"$CB_SCRIPT" network-up
-		"$CB_SCRIPT" config-up
+		"$CB_SCRIPT" services-down
+		"$CB_SCRIPT" network-down
+		"$CB_SCRIPT" config-down
 		;;
 	restart | reload | force-reload )
 		$0 stop
diff --git a/cbox-tree.d/usr/lib/cgi-bin/cryptobox.pl b/cbox-tree.d/usr/lib/cgi-bin/cryptobox.pl
index 44c6b8d..dd6c545 100755
--- a/cbox-tree.d/usr/lib/cgi-bin/cryptobox.pl
+++ b/cbox-tree.d/usr/lib/cgi-bin/cryptobox.pl
@@ -404,7 +404,7 @@ if ( ! &check_ssl()) {
 		if ($query->param('type') eq 'reboot') {
 			&system_reboot();
 			$pagedata->setValue('Data.Success', 'ReBoot');
-			$pagedata->setValue('Data.Redirect.Action', 'status');
+			$pagedata->setValue('Data.Redirect.Action', 'show_status');
 			$pagedata->setValue('Data.Redirect.Delay', "180");
 		} else {
 			&system_poweroff();
@@ -441,7 +441,7 @@ if ( ! &check_ssl()) {
 			} else {
 				$pagedata->setValue('Data.Success', 'UmountDone');
 				$pagedata->setValue('Data.Action', 'empty');
-				$pagedata->setValue('Data.Redirect.Action', 'status');
+				$pagedata->setValue('Data.Redirect.Action', 'show_status');
 				$pagedata->setValue('Data.Redirect.Delay', "30");
 			}
 		}
@@ -459,7 +459,7 @@ if ( ! &check_ssl()) {
 		} elsif (&check_mounted()) {
 			$pagedata->setValue('Data.Warning', 'IsMounted');
 			$pagedata->setValue('Data.Action', 'empty');
-			$pagedata->setValue('Data.Redirect.Action', 'status');
+			$pagedata->setValue('Data.Redirect.Action', 'show_status');
 			$pagedata->setValue('Data.Redirect.Delay', "30");
 		} elsif ($query->param('crypto_password') eq '') {
 			# leeres Passwort
@@ -474,7 +474,7 @@ if ( ! &check_ssl()) {
 			} else {
 				$pagedata->setValue('Data.Success', 'MountDone');
 				$pagedata->setValue('Data.Action', 'empty');
-				$pagedata->setValue('Data.Redirect.Action', 'status');
+				$pagedata->setValue('Data.Redirect.Action', 'show_status');
 				$pagedata->setValue('Data.Redirect.Delay', "30");
 			}
 		}
@@ -491,7 +491,7 @@ if ( ! &check_ssl()) {
 		} elsif (&check_mounted()) {
 			$pagedata->setValue('Data.Warning', 'IsMounted');
 			$pagedata->setValue('Data.Action', 'empty');
-			$pagedata->setValue('Data.Redirect.Action', 'status');
+			$pagedata->setValue('Data.Redirect.Action', 'show_status');
 			$pagedata->setValue('Data.Redirect.Delay', "30");
 		} else {
 			$pagedata->setValue('Data.Action', 'form_mount');
@@ -504,7 +504,7 @@ if ( ! &check_ssl()) {
 		} elsif ( ! &check_mounted()) {
 			$pagedata->setValue('Data.Warning', 'NotMounted');
 			$pagedata->setValue('Data.Action', 'empty');
-			$pagedata->setValue('Data.Redirect.Action', 'status');
+			$pagedata->setValue('Data.Redirect.Action', 'show_status');
 			$pagedata->setValue('Data.Redirect.Delay', "30");
 		} else {
 			$pagedata->setValue('Data.Action', 'form_umount');
@@ -606,13 +606,13 @@ if ( ! &check_ssl()) {
 				} else {
 					$pagedata->setValue('Data.Success', 'ConfigSaved');
 				}
-				$pagedata->setValue('Data.Action', 'status');
-				$pagedata->setValue('Data.Redirect.Action', 'status');
+				$pagedata->setValue('Data.Action', 'show_status');
+				$pagedata->setValue('Data.Redirect.Action', 'show_status');
 				$pagedata->setValue('Data.Redirect.Delay', "30");
 			}
 		}
 	#################### status #########################
-	} elsif ($action eq 'status') {
+	} elsif ($action eq 'show_status') {
 		if ( ! &check_config()) {
 			$pagedata->setValue('Data.Warning', 'NotInitialized');
 			$pagedata->setValue('Data.Action', 'form_init');
@@ -622,8 +622,8 @@ if ( ! &check_ssl()) {
 			$pagedata->setValue('Data.Redirect.Action', 'form_config');
 			$pagedata->setValue('Data.Redirect.Delay', "30");
 		} else {
-			$pagedata->setValue('Data.Action', 'status');
-			$pagedata->setValue('Data.Redirect.Action', 'status');
+			$pagedata->setValue('Data.Action', 'show_status');
+			$pagedata->setValue('Data.Redirect.Action', 'show_status');
 			$pagedata->setValue('Data.Redirect.Delay', "60");
 		}
 	################### box_purge #######################
@@ -655,8 +655,8 @@ if ( ! &check_ssl()) {
 		$pagedata->setValue('Data.Redirect.Action', 'form_config');
 		$pagedata->setValue('Data.Redirect.Delay', "60");
 	} elsif (&check_config()) {
-		$pagedata->setValue('Data.Action', 'status');
-		$pagedata->setValue('Data.Redirect.Action', 'status');
+		$pagedata->setValue('Data.Action', 'show_status');
+		$pagedata->setValue('Data.Redirect.Action', 'show_status');
 		$pagedata->setValue('Data.Redirect.Delay', "60");
 	} else {
 		$pagedata->setValue('Data.Action', 'form_init');
diff --git a/cbox-tree.d/usr/lib/cryptobox/cbox-manage.sh b/cbox-tree.d/usr/lib/cryptobox/cbox-manage.sh
index 8f7c602..d79b215 100755
--- a/cbox-tree.d/usr/lib/cryptobox/cbox-manage.sh
+++ b/cbox-tree.d/usr/lib/cryptobox/cbox-manage.sh
@@ -110,8 +110,9 @@ function create_config()
 # Parameter: device
 {
 	local device=$1
+	unload_config
 	# create the new configuration filesystem if it is not static
-	if is_config_active || [ "$USE_SEPERATE_CONFIG_PARTITION" != "1" ]
+	if [ "$USE_SEPERATE_CONFIG_PARTITION" != "1" ]
 	   then log_msg "Using static configuration ..."
 	   else	log_msg "Creating config filesystem ..."
 			sudo "$ROOT_PERM_SCRIPT" create_config "$device"
@@ -163,17 +164,9 @@ function list_partitions_of_type()
 			  fi
 	  done
 	case "$1" in
-		config )
-			echo "$config"
-			;;
-		crypto )
-			echo "$crypto"
-			;;
-		plaindata )
-			echo "$plaindata"
-			;;
-		unused )
-			echo "$unused"
+		config | crypto | plaindata | unused )
+			# dirty hack, but it works
+			eval "echo \$$1"
 			;;
 		* )
 			errot_msg "wrong parameter ($1) for list_partition_types in $(basename $0)"
@@ -303,27 +296,30 @@ function get_available_disks()
 
 function load_config()
 {
-	# error if dynamic configuration is active
-	# return if static configuration is active
-	is_config_active && [ "$USE_SEPERATE_CONFIG_PARTITION" != "1" ] && return
+	unload_config
+	local status=0
 	# look for a configuration partition
-	list_partitions_of_type config | head -1 | while read part
-		do	log_msg "Trying to load configuration from /dev/$part ..."
-			if sudo "$ROOT_PERM_SCRIPT" is_config_partition "/dev/$part"
-			   then	log_msg "configuraton found on $part"
-					sudo "$ROOT_PERM_SCRIPT" mount_config "/dev/$part"
-					# copy certificate to /tmp in case of re-initialization
-					# /tmp should be writable, so tmpfs has to be mounted before (/etc/rcS.d)
-					[ "$USE_STUNNEL" = 1 ] && cp "$CERT_FILE" "$CERT_TEMP"
-					return
-			  fi
-	  done
-	log_msg "failed to locate config partition"
-	return 1
+	[ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ] && \
+		list_partitions_of_type config | while read part && [ "$status" = 0 ]
+			do	log_msg "Trying to load configuration from /dev/$part ..."
+				if sudo "$ROOT_PERM_SCRIPT" is_config_partition "/dev/$part"
+				   then	log_msg "configuraton found on $part"
+						sudo "$ROOT_PERM_SCRIPT" mount_config "/dev/$part"
+						status=1
+				  fi
+		  done
+	if is_config_active 
+		then	# copy certificate to /tmp in case of re-initialization
+			# /tmp should be writable, so tmpfs has to be mounted before (/etc/rcS.d)
+			[ "$USE_STUNNEL" = 1 ] && cp "$CERT_FILE" "$CERT_TEMP"
+		else	log_msg "failed to locate config partition"
+			return 1
+	  fi
+	true
 }
 
 
-function umount_config()
+function unload_config()
 {
 	is_config_active || return
 	# only try to unmount, if it is not static (the config of a live-cd is always dynamic)
@@ -362,7 +358,7 @@ function box_purge()
 	# TODO: not ALL harddisks, please!
 	get_available_disks | while read a
 		do	log_msg "Purging $a ..."
-			sudo "$ROOT_PERM_SCRIPT" trash_device "$a" >>"$LOG_FILE" 2>&1
+			sudo "$ROOT_PERM_SCRIPT" trash_device "$a"
 	  done
 }
 
@@ -373,7 +369,7 @@ function init_cryptobox()
 	local device=$(find_harddisk)
 	[ -z "$device" ] && log_msg 'No valid harddisk found!' && return 1
 	turn_off_all_crypto
-	is_config_active && umount_config || true
+	unload_config || true
 	log_msg "Partitioning the device ($device) ..."
 	sudo "$ROOT_PERM_SCRIPT" partition_disk "$device" "0,1,L \n,,L\n"
 	log_msg "Initializing config partition on ${device}1 ..."
@@ -407,13 +403,10 @@ case "$ACTION" in
 		 fi
 		;;
 	config-down )
-		if is_config_active && [ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ]
-			then	umount_config || error_msg 4 "Could not unmount configuration partition"
-			else	true
-		  fi
+		unload_config || error_msg 4 "Could not unmount configuration partition"
 		;;
 	network-up )
-		if [ "$SKIP_NETWORK_CONFIG}" != 1 ]
+		if [ "$SKIP_NETWORK_CONFIG" != 1 ]
 			then	conf_ip=$(config_get_value "ip")
 					log_msg "Configuring $NET_IFACE for $conf_ip ..."
 					echo "Configuring network interface for $NET_IFACE: $conf_ip"
@@ -445,7 +438,8 @@ case "$ACTION" in
 		  fi
 		if [ "$USE_STUNNEL" = 1 ]
 			then	log_msg "Stopping stunnel ..."
-					killall stunnel
+					# TODO: what about a pid?
+					killall stunnel 2>/dev/null || true
 		  fi
 		if [ "$SKIP_NETWORK_CONFIG" != 1 ]
 			then	log_msg "Shutting the network interface down ..."
@@ -455,12 +449,17 @@ case "$ACTION" in
 	services-up )
 		# the mount point has to be writeable
 		# this action is called as root - so we are allowed to umount
-		mount -t tmpfs tmpfs "$MNT_PARENT"
-		# is something special necessary?
+		# TODO: do this only for ro-filesystem
+		# TODO: this way of mounting is evil
+		if mountpoint -q "$MNT_PARENT"
+			then	true
+			else	mount -t tmpfs tmpfs "$MNT_PARENT"
+		  fi
+		true
 		;;
 	services-down )
 		# this action is called as root - so we are allowed to umount
-		umount "$MNT_PARENT"
+		mountpoint -q "$MNT_PARENT" && umount "$MNT_PARENT"
 		# TODO: we should not depend on samba and thttpd
 		# /etc/init.d/samba stop || true
 		# /etc/init.d/thttpd stop || true
@@ -545,7 +544,7 @@ case "$ACTION" in
 		log_msg "Cleaning the CryptoBox ..."
 		turn_off_all_crypto
 		"$0" config-down
-		box_purge
+		box_purge >>"$LOG_FILE" 2>&1
 		;;
 	poweroff )
 		log_msg "Turning off the CryptoBox ..."
@@ -580,7 +579,7 @@ case "$ACTION" in
 		echo "  set_config NAME VALUE	- change a configuration setting"
 		echo "  get_config NAME	- retrieve a configuration setting"
 		echo "  diskinfo		- show the partition table of the harddisk"
-		echo "  box-purge		- destroy partitiontable of the harddisk (delete everything)"
+		echo "  box-purge		- destroy partitiontable of all harddisks (delete everything)"
 		echo "  poweroff		- shutdown the cryptobox"
 		echo "  reboot		- reboot the cryptobox"
 		echo
diff --git a/cbox-tree.d/usr/share/cryptobox/templates/nav.cs b/cbox-tree.d/usr/share/cryptobox/templates/nav.cs
index 1740e90..5528d7a 100644
--- a/cbox-tree.d/usr/share/cryptobox/templates/nav.cs
+++ b/cbox-tree.d/usr/share/cryptobox/templates/nav.cs
@@ -7,7 +7,7 @@
     <?cs else ?>
 		<a href="<?cs call:getSelfURL('action=mount_ask','action') ?>" title="<?cs var:Lang.Text.DoMount ?>"><?cs var:Lang.Button.Mount ?></a>
     <?cs /if ?>
-	<a href="<?cs call:getSelfURL('action=status','action') ?>" title="<?cs var:Lang.Button.Status ?>"><?cs var:Lang.Button.Status ?></a>
+	<a href="<?cs call:getSelfURL('action=show_status','action') ?>" title="<?cs var:Lang.Button.Status ?>"><?cs var:Lang.Button.Status ?></a>
 <?cs /if ?>
 
 <!-- already initialized (or at least in progress)? -->