lars
ad3de60dd1
add "self.root_action" to the plugin specification implement non-interactive key certificate creation during startup if necessary (the produced certificate is still broken) run stunnel during startup returned environment warnings are expected to be lists
85 lines
2.2 KiB
Python
Executable file
85 lines
2.2 KiB
Python
Executable file
#!/usr/bin/env python
|
|
#
|
|
# Copyright 2007 sense.lab e.V.
|
|
#
|
|
# This file is part of the CryptoBox.
|
|
#
|
|
# The CryptoBox is free software; you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation; either version 2 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# The CryptoBox is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with the CryptoBox; if not, write to the Free Software
|
|
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
#
|
|
|
|
__revision__ = "$Id"
|
|
|
|
|
|
## necessary: otherwise CryptoBoxRootActions.py will refuse to execute this script
|
|
PLUGIN_TYPE = "cryptobox"
|
|
|
|
STUNNEL_BIN = "/usr/bin/stunnel"
|
|
|
|
import sys
|
|
import os
|
|
|
|
|
|
def _get_username(uid):
|
|
import pwd
|
|
try:
|
|
user_entry = pwd.getpwuid(uid)
|
|
except KeyError:
|
|
return False
|
|
return user_entry[0]
|
|
|
|
|
|
def run_stunnel(cert_file, src_port, dst_port, pid_file):
|
|
import subprocess
|
|
if not src_port.isdigit():
|
|
sys.stderr.write("Source port is not a number: %s" % src_port)
|
|
return False
|
|
if not dst_port.isdigit():
|
|
sys.stderr.write("Destination port is not a number: %s" % dst_port)
|
|
return False
|
|
if not os.path.isfile(cert_file):
|
|
sys.stderr.write("The certificate file (%s) does not exist!" % cert_file)
|
|
return False
|
|
username = _get_username(os.getuid())
|
|
if not username:
|
|
sys.stderr.write("Could not retrieve the username with uid=%d." % os.getuid())
|
|
return False
|
|
proc = subprocess.Popen(
|
|
shell = False,
|
|
args = [ STUNNEL_BIN,
|
|
"-P", pid_file,
|
|
"-p", cert_file,
|
|
"-d", dst_port,
|
|
"-r", src_port,
|
|
"-s", username ])
|
|
proc.wait()
|
|
return proc.returncode == 0
|
|
|
|
|
|
if __name__ == "__main__":
|
|
args = sys.argv[1:]
|
|
|
|
self_bin = sys.argv[0]
|
|
|
|
if len(args) != 4:
|
|
sys.stderr.write("%s: invalid number of arguments (%d instead of %d))\n" % \
|
|
(self_bin, len(args), 4))
|
|
sys.exit(1)
|
|
|
|
if not run_stunnel(args[0], args[1], args[2], args[3]):
|
|
sys.stderr.write("%s: failed to run 'stunnel'!" % self_bin)
|
|
sys.exit(100)
|
|
|
|
sys.exit(0)
|
|
|