From f58d6df9e349824d6263d246b96d830f7449994d Mon Sep 17 00:00:00 2001 From: Laurent Ghigonis Date: Tue, 18 Jun 2013 02:51:12 +0200 Subject: jsaccess: WIP store, getting there --- jsaccess/store.sh | 154 ++++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 115 insertions(+), 39 deletions(-) (limited to 'jsaccess') diff --git a/jsaccess/store.sh b/jsaccess/store.sh index d797245..b49c3e7 100755 --- a/jsaccess/store.sh +++ b/jsaccess/store.sh @@ -22,15 +22,23 @@ VERSION=0.2 usage_exit() { echo "usage: store.sh [-v] [action] [action arguments...] [store]" echo - echo "actions:" + echo "actions on local store for a given passphrase:" echo " ls [store] # default action if no arguments" - echo " init " echo " add [store] # default action if one argument" echo " rm [store]" + echo " rmall [store]" + echo + echo "actions on local store for all passphrases:" + echo " init " echo " wipe " - echo " pull [store]" + echo + echo "actions to deploy local store to remote:" echo " push [store]" - echo " rset [store]" + echo " pull [store]" + echo " rset [store]" + echo " rget [store]" + echo + echo "actions to get informations:" echo " help|-h" echo " version|-V" echo @@ -46,6 +54,14 @@ cleanup() { exit 0 } +confirm_exit() { + if [ X"$JSA_FORCE" = X"" ]; then + echo -n "Are you sure ? [y/N] " + read r + [ X"$r" != "y" ] && exit 0 + fi +} + _store_get() { store="" [[ -d ./jsa/store/ ]] && store="`readlink -f ./jsa/store/`" # priority 3 @@ -71,7 +87,7 @@ _pass_read() { _index_decrypt() { if [ -f $enc_path/index.txt ]; then - echo -n $pass |openssl enc -d -a -aes-256-cbc -in $enc_path/index.txt -out $tmp -pass stdin ||exit $? + echo -n $pass |openssl enc -d -a -aes-256-cbc -in $enc_path/index.txt -out $tmp -pass stdin ||exit $2 else echo > $tmp fi @@ -79,34 +95,50 @@ _index_decrypt() { _index_encrypt() { rm -f $enc_path/index.txt - echo -n $pass |openssl enc -e -a -aes-256-cbc -in $tmp -out $enc_path/index.txt -pass stdin ||exit $? + echo -n $pass |openssl enc -e -a -aes-256-cbc -in $tmp -out $enc_path/index.txt -pass stdin ||exit $2 echo "UPDATED $enc_path/index.txt" } -_file_add() { - # Path / name generation - clear_path=$1 - clear_name=`basename $clear_path` +__file_get_encname() { + clear_name=$1 enc_name=`echo -n ${enc_dir_hash}${clear_name} |openssl rmd160 |cut -d' ' -f2` - mkdir -p $enc_path - touch $enc_path/index.html +} - # Encrypt - base64 -w0 $clear_path > $tmp - echo -n $pass |openssl enc -e -a -aes-256-cbc -in $tmp -out $enc_path/$enc_name -pass stdin ||exit $? +_file_add() { + clear_path=$1 + clear_name=$2 + __file_get_encname $clear_name + if [ ! -d $enc_path ]; then + mkdir -p $enc_path + touch $enc_path/index.html + echo "CREATED $enc_path (new passphrase)" + fi + base64 -w0 $clear_path > $tmp ||exit 2 + echo -n $pass |openssl enc -e -a -aes-256-cbc -in $tmp -out $enc_path/$enc_name -pass stdin ||exit 2 echo "CREATED $enc_path/$enc_name" } _file_rm() { - pass # XXX + clear_name=$2 + __file_get_encname $clear_name + rm $enc_path/$enc_name ||exit 1 + echo "DELETED $enc_path/$enc_name" } _rset() { - pass # XXX + rsync_uri=$1 + if [ -f $store/.rsync_uri ]; then + echo "This will overwrite existing rsync_uri:" + cat $store/.rsync_uri + confirm_exit + fi + echo $rsync_uri > $store/.rsync_uri } _rget() { - pass # XXX + [ ! -f $store/.rsync_uri ] && echo "ERROR: no rsync_uri set !" && \ + echo "set it with \"store.sh rset $store\"" && exit 1 + rsync_uri=`cat $store/.rsync_uri` } action_ls() { @@ -119,37 +151,72 @@ action_ls() { } action_add() { + clear_path=$1 + clear_name=`basename $clear_path` _pass_read - _file_add $1 _index_decrypt - echo $1 >> $tmp + if [ `egrep -c "^$clear_name$" $tmp` -ne 0 ]; then + echo "File already encrypted with this passphrase" + exit 1 + fi + _file_add $clear_path $clear_name + _index_decrypt + echo $clear_name >> $tmp _index_encrypt } action_rm() { + clear_path=$1 + clear_name=`basename $clear_path` _pass_read - _file_rm $1 + _index_decrypt + if [ `egrep -c "^$clear_name$" $tmp` -eq 0 ]; then + echo "File does not exist for this passphrase" + exit 1 + fi + _file_rm $clear_name _index_decrypt sed -i d/$1/ $tmp _index_encrypt } +action_rmall() { + _pass_read + echo "This will delete all file encrypted with this passphrase" + confirm_exit + rm -rf $enc_path +} + +action_init() { + store=$1 + mkdir $store ||exit 1 + echo "The monster has emptied me !" > $store/index.html + echo "CREATED store $store" +} + action_wipe() { + echo "This will delete all file encrypted with all passphrases" + confirm_exit + rm -rf $store +} + +action_rset() { _rset $1 } -action_pull() { - _rget $1 - rsync $tmp . +action_rget() { + _rget + echo "rsync_uri: $rsync_uri" } action_push() { - _rget $1 - rsync . $tmp + _rget + rsync -avzP $store $rsync_uri } -action_rset() { - _rset $1 +action_pull() { + _rget + rsync -avzP $rsync_uri $store } # Check for dependencies @@ -162,7 +229,7 @@ fi # Initialize temporary stuff sumask=$(umask) umask 077 -tmp=`mktemp ./jsaXXXXXXXX` +tmp=`mktemp ./jsaXXXXXXXX` # Used for storing index / new files trap cleanup INT TERM EXIT # Run action @@ -172,11 +239,6 @@ ls) _store_get $2 action_ls ;; -init) - [ $# -ne 2 ] && usage_exit - _store_get $2 - action_init - ;; add) [ $# -ne 2 -a $# -ne 3 ] && usage_exit _store_get $3 @@ -187,25 +249,39 @@ rm) _store_get $3 action_rm $1 ;; +rmall) + [ $# -ne 1 -a $# -ne 2 ] && usage_exit + _store_get $2 + action_rmall + ;; +init) + [ $# -ne 2 ] && usage_exit + action_init $2 + ;; wipe) [ $# -ne 2 ] && usage_exit _store_get $2 action_wipe ;; -pull) +push) [ $# -ne 1 -a $# -ne 2 ] && usage_exit _store_get $2 - action_pull $1 + action_push ;; -push) +pull) [ $# -ne 1 -a $# -ne 2 ] && usage_exit _store_get $2 - action_push $1 + action_pull ;; rset) [ $# -ne 2 -a $# -ne 3 ] && usage_exit _store_get $3 - action_rset $1 + action_rset $2 + ;; +rget) + [ $# -ne 1 -a $# -ne 2 ] && usage_exit + _store_get $2 + action_rget ;; help|-h) usage_exit -- cgit v1.2.3-59-g8ed1b