1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/Apache License, Version 2.0.txt Tue Nov 04 18:26:39 2014 +0100
1.3 @@ -0,0 +1,202 @@
1.4 +
1.5 + Apache License
1.6 + Version 2.0, January 2004
1.7 + http://www.apache.org/licenses/
1.8 +
1.9 + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1.10 +
1.11 + 1. Definitions.
1.12 +
1.13 + "License" shall mean the terms and conditions for use, reproduction,
1.14 + and distribution as defined by Sections 1 through 9 of this document.
1.15 +
1.16 + "Licensor" shall mean the copyright owner or entity authorized by
1.17 + the copyright owner that is granting the License.
1.18 +
1.19 + "Legal Entity" shall mean the union of the acting entity and all
1.20 + other entities that control, are controlled by, or are under common
1.21 + control with that entity. For the purposes of this definition,
1.22 + "control" means (i) the power, direct or indirect, to cause the
1.23 + direction or management of such entity, whether by contract or
1.24 + otherwise, or (ii) ownership of fifty percent (50%) or more of the
1.25 + outstanding shares, or (iii) beneficial ownership of such entity.
1.26 +
1.27 + "You" (or "Your") shall mean an individual or Legal Entity
1.28 + exercising permissions granted by this License.
1.29 +
1.30 + "Source" form shall mean the preferred form for making modifications,
1.31 + including but not limited to software source code, documentation
1.32 + source, and configuration files.
1.33 +
1.34 + "Object" form shall mean any form resulting from mechanical
1.35 + transformation or translation of a Source form, including but
1.36 + not limited to compiled object code, generated documentation,
1.37 + and conversions to other media types.
1.38 +
1.39 + "Work" shall mean the work of authorship, whether in Source or
1.40 + Object form, made available under the License, as indicated by a
1.41 + copyright notice that is included in or attached to the work
1.42 + (an example is provided in the Appendix below).
1.43 +
1.44 + "Derivative Works" shall mean any work, whether in Source or Object
1.45 + form, that is based on (or derived from) the Work and for which the
1.46 + editorial revisions, annotations, elaborations, or other modifications
1.47 + represent, as a whole, an original work of authorship. For the purposes
1.48 + of this License, Derivative Works shall not include works that remain
1.49 + separable from, or merely link (or bind by name) to the interfaces of,
1.50 + the Work and Derivative Works thereof.
1.51 +
1.52 + "Contribution" shall mean any work of authorship, including
1.53 + the original version of the Work and any modifications or additions
1.54 + to that Work or Derivative Works thereof, that is intentionally
1.55 + submitted to Licensor for inclusion in the Work by the copyright owner
1.56 + or by an individual or Legal Entity authorized to submit on behalf of
1.57 + the copyright owner. For the purposes of this definition, "submitted"
1.58 + means any form of electronic, verbal, or written communication sent
1.59 + to the Licensor or its representatives, including but not limited to
1.60 + communication on electronic mailing lists, source code control systems,
1.61 + and issue tracking systems that are managed by, or on behalf of, the
1.62 + Licensor for the purpose of discussing and improving the Work, but
1.63 + excluding communication that is conspicuously marked or otherwise
1.64 + designated in writing by the copyright owner as "Not a Contribution."
1.65 +
1.66 + "Contributor" shall mean Licensor and any individual or Legal Entity
1.67 + on behalf of whom a Contribution has been received by Licensor and
1.68 + subsequently incorporated within the Work.
1.69 +
1.70 + 2. Grant of Copyright License. Subject to the terms and conditions of
1.71 + this License, each Contributor hereby grants to You a perpetual,
1.72 + worldwide, non-exclusive, no-charge, royalty-free, irrevocable
1.73 + copyright license to reproduce, prepare Derivative Works of,
1.74 + publicly display, publicly perform, sublicense, and distribute the
1.75 + Work and such Derivative Works in Source or Object form.
1.76 +
1.77 + 3. Grant of Patent License. Subject to the terms and conditions of
1.78 + this License, each Contributor hereby grants to You a perpetual,
1.79 + worldwide, non-exclusive, no-charge, royalty-free, irrevocable
1.80 + (except as stated in this section) patent license to make, have made,
1.81 + use, offer to sell, sell, import, and otherwise transfer the Work,
1.82 + where such license applies only to those patent claims licensable
1.83 + by such Contributor that are necessarily infringed by their
1.84 + Contribution(s) alone or by combination of their Contribution(s)
1.85 + with the Work to which such Contribution(s) was submitted. If You
1.86 + institute patent litigation against any entity (including a
1.87 + cross-claim or counterclaim in a lawsuit) alleging that the Work
1.88 + or a Contribution incorporated within the Work constitutes direct
1.89 + or contributory patent infringement, then any patent licenses
1.90 + granted to You under this License for that Work shall terminate
1.91 + as of the date such litigation is filed.
1.92 +
1.93 + 4. Redistribution. You may reproduce and distribute copies of the
1.94 + Work or Derivative Works thereof in any medium, with or without
1.95 + modifications, and in Source or Object form, provided that You
1.96 + meet the following conditions:
1.97 +
1.98 + (a) You must give any other recipients of the Work or
1.99 + Derivative Works a copy of this License; and
1.100 +
1.101 + (b) You must cause any modified files to carry prominent notices
1.102 + stating that You changed the files; and
1.103 +
1.104 + (c) You must retain, in the Source form of any Derivative Works
1.105 + that You distribute, all copyright, patent, trademark, and
1.106 + attribution notices from the Source form of the Work,
1.107 + excluding those notices that do not pertain to any part of
1.108 + the Derivative Works; and
1.109 +
1.110 + (d) If the Work includes a "NOTICE" text file as part of its
1.111 + distribution, then any Derivative Works that You distribute must
1.112 + include a readable copy of the attribution notices contained
1.113 + within such NOTICE file, excluding those notices that do not
1.114 + pertain to any part of the Derivative Works, in at least one
1.115 + of the following places: within a NOTICE text file distributed
1.116 + as part of the Derivative Works; within the Source form or
1.117 + documentation, if provided along with the Derivative Works; or,
1.118 + within a display generated by the Derivative Works, if and
1.119 + wherever such third-party notices normally appear. The contents
1.120 + of the NOTICE file are for informational purposes only and
1.121 + do not modify the License. You may add Your own attribution
1.122 + notices within Derivative Works that You distribute, alongside
1.123 + or as an addendum to the NOTICE text from the Work, provided
1.124 + that such additional attribution notices cannot be construed
1.125 + as modifying the License.
1.126 +
1.127 + You may add Your own copyright statement to Your modifications and
1.128 + may provide additional or different license terms and conditions
1.129 + for use, reproduction, or distribution of Your modifications, or
1.130 + for any such Derivative Works as a whole, provided Your use,
1.131 + reproduction, and distribution of the Work otherwise complies with
1.132 + the conditions stated in this License.
1.133 +
1.134 + 5. Submission of Contributions. Unless You explicitly state otherwise,
1.135 + any Contribution intentionally submitted for inclusion in the Work
1.136 + by You to the Licensor shall be under the terms and conditions of
1.137 + this License, without any additional terms or conditions.
1.138 + Notwithstanding the above, nothing herein shall supersede or modify
1.139 + the terms of any separate license agreement you may have executed
1.140 + with Licensor regarding such Contributions.
1.141 +
1.142 + 6. Trademarks. This License does not grant permission to use the trade
1.143 + names, trademarks, service marks, or product names of the Licensor,
1.144 + except as required for reasonable and customary use in describing the
1.145 + origin of the Work and reproducing the content of the NOTICE file.
1.146 +
1.147 + 7. Disclaimer of Warranty. Unless required by applicable law or
1.148 + agreed to in writing, Licensor provides the Work (and each
1.149 + Contributor provides its Contributions) on an "AS IS" BASIS,
1.150 + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
1.151 + implied, including, without limitation, any warranties or conditions
1.152 + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
1.153 + PARTICULAR PURPOSE. You are solely responsible for determining the
1.154 + appropriateness of using or redistributing the Work and assume any
1.155 + risks associated with Your exercise of permissions under this License.
1.156 +
1.157 + 8. Limitation of Liability. In no event and under no legal theory,
1.158 + whether in tort (including negligence), contract, or otherwise,
1.159 + unless required by applicable law (such as deliberate and grossly
1.160 + negligent acts) or agreed to in writing, shall any Contributor be
1.161 + liable to You for damages, including any direct, indirect, special,
1.162 + incidental, or consequential damages of any character arising as a
1.163 + result of this License or out of the use or inability to use the
1.164 + Work (including but not limited to damages for loss of goodwill,
1.165 + work stoppage, computer failure or malfunction, or any and all
1.166 + other commercial damages or losses), even if such Contributor
1.167 + has been advised of the possibility of such damages.
1.168 +
1.169 + 9. Accepting Warranty or Additional Liability. While redistributing
1.170 + the Work or Derivative Works thereof, You may choose to offer,
1.171 + and charge a fee for, acceptance of support, warranty, indemnity,
1.172 + or other liability obligations and/or rights consistent with this
1.173 + License. However, in accepting such obligations, You may act only
1.174 + on Your own behalf and on Your sole responsibility, not on behalf
1.175 + of any other Contributor, and only if You agree to indemnify,
1.176 + defend, and hold each Contributor harmless for any liability
1.177 + incurred by, or claims asserted against, such Contributor by reason
1.178 + of your accepting any such warranty or additional liability.
1.179 +
1.180 + END OF TERMS AND CONDITIONS
1.181 +
1.182 + APPENDIX: How to apply the Apache License to your work.
1.183 +
1.184 + To apply the Apache License to your work, attach the following
1.185 + boilerplate notice, with the fields enclosed by brackets "[]"
1.186 + replaced with your own identifying information. (Don't include
1.187 + the brackets!) The text should be enclosed in the appropriate
1.188 + comment syntax for the file format. We also recommend that a
1.189 + file or class name and description of purpose be included on the
1.190 + same "printed page" as the copyright notice for easier
1.191 + identification within third-party archives.
1.192 +
1.193 + Copyright [yyyy] [name of copyright owner]
1.194 +
1.195 + Licensed under the Apache License, Version 2.0 (the "License");
1.196 + you may not use this file except in compliance with the License.
1.197 + You may obtain a copy of the License at
1.198 +
1.199 + http://www.apache.org/licenses/LICENSE-2.0
1.200 +
1.201 + Unless required by applicable law or agreed to in writing, software
1.202 + distributed under the License is distributed on an "AS IS" BASIS,
1.203 + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1.204 + See the License for the specific language governing permissions and
1.205 + limitations under the License.
2.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
2.2 +++ b/encryptionprovider-package Tue Nov 04 18:26:39 2014 +0100
2.3 @@ -0,0 +1,34 @@
2.4 +### Commented entries have reasonable defaults.
2.5 +### Uncomment to edit them.
2.6 +# Source: <source package name; defaults to package name>
2.7 +Section: misc
2.8 +Priority: optional
2.9 +# Homepage: <enter URL here; no default>
2.10 +Standards-Version: 3.9.2
2.11 +
2.12 +Package: encryptionprovider
2.13 +Version: 0.0.26
2.14 +Maintainer: ft <ft@x-net.at>
2.15 +# Pre-Depends: <comma-separated list of packages>
2.16 +Depends: python,python-requests,python-urllib3,python-netifaces,python-netaddr,python-webpy
2.17 +# Recommends: <comma-separated list of packages>
2.18 +# Suggests: <comma-separated list of packages>
2.19 +# Provides: <comma-separated list of packages>
2.20 +# Replaces: <comma-separated list of packages>
2.21 +Architecture: all
2.22 +# Copyright: <copyright file; defaults to GPL2>
2.23 +# Changelog: <changelog file; defaults to a generic changelog>
2.24 +# Readme: <README.Debian file; defaults to a generic one>
2.25 +# Extra-Files: <comma-separated list of additional files for the doc directory>
2.26 +Files: encryptionprovider.py /usr/bin/
2.27 + passwordreceiver.py /usr/bin/
2.28 + encryptionprovider.cfg /etc/encryptionprovider/
2.29 + truecrypt_getdevices.sh /usr/local/bin/
2.30 + truecrypt_init.sh /usr/local/bin/
2.31 + truecrypt_mount.sh /usr/local/bin/
2.32 + truecrypt_umount.sh /usr/local/bin/
2.33 + truecrypt_config.cfg /usr/local/bin/
2.34 + pre_init.sh /usr/local/bin/
2.35 + post_init.sh /usr/local/bin/
2.36 +Description: Encryption provider for opensecurity system
2.37 + An extra layer that makes it possible to easy switch between encryption methodes
3.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
3.2 +++ b/encryptionprovider-package.conf Tue Nov 04 18:26:39 2014 +0100
3.3 @@ -0,0 +1,2 @@
3.4 +# Original main-package.conf file.
3.5 +# Do not touch it!! It belongs to dpkg.
4.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
4.2 +++ b/encryptionprovider.cfg Tue Nov 04 18:26:39 2014 +0100
4.3 @@ -0,0 +1,20 @@
4.4 +[Main]
4.5 +# make sure this file is writeable
4.6 +LogFile: /var/log/encryptionprovider.log
4.7 +
4.8 +# DEBUG, INFO, WARNING, ERROR, CRITICAL
4.9 +LogLevel: debug
4.10 +
4.11 +# Path where the keyfile will be saved for temp usage
4.12 +Keyfile: /tmp/keyfile.key
4.13 +
4.14 +MountScript: /usr/local/bin/truecrypt_mount.sh
4.15 +UmountScript: /usr/local/bin/truecrypt_umount.sh
4.16 +InitScript: /usr/local/bin/truecrypt_init.sh
4.17 +GetDevicesScript: /usr/local/bin/truecrypt_getdevices.sh
4.18 +
4.19 +# Umount Stick, ....
4.20 +PreInitScript: /usr/local/bin/pre_init.sh
4.21 +
4.22 +# Mount create folders, mount osecfs, ...
4.23 +PostInitScript: /usr/local/bin/post_init.sh
4.24 \ No newline at end of file
5.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
5.2 +++ b/encryptionprovider.py Tue Nov 04 18:26:39 2014 +0100
5.3 @@ -0,0 +1,220 @@
5.4 +#!/usr/bin/python
5.5 +
5.6 +# ------------------------------------------------------------
5.7 +# opensecurity package file
5.8 +#
5.9 +# Autor: X-Net Services GmbH <office@x-net.at>
5.10 +#
5.11 +# Copyright 2013-2014 X-Net and AIT Austrian Institute of Technology
5.12 +#
5.13 +#
5.14 +# X-Net Technologies GmbH
5.15 +# Elisabethstrasse 1
5.16 +# 4020 Linz
5.17 +# AUSTRIA
5.18 +# https://www.x-net.at
5.19 +#
5.20 +# AIT Austrian Institute of Technology
5.21 +# Donau City Strasse 1
5.22 +# 1220 Wien
5.23 +# AUSTRIA
5.24 +# http://www.ait.ac.at
5.25 +#
5.26 +#
5.27 +# Licensed under the Apache License, Version 2.0 (the "License");
5.28 +# you may not use this file except in compliance with the License.
5.29 +# You may obtain a copy of the License at
5.30 +#
5.31 +# http://www.apache.org/licenses/LICENSE-2.0
5.32 +#
5.33 +# Unless required by applicable law or agreed to in writing, software
5.34 +# distributed under the License is distributed on an "AS IS" BASIS,
5.35 +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
5.36 +# See the License for the specific language governing permissions and
5.37 +# limitations under the License.
5.38 +# ------------------------------------------------------------
5.39 +
5.40 +import subprocess
5.41 +import web
5.42 +import netifaces
5.43 +import argparse
5.44 +import thread
5.45 +import time
5.46 +import os
5.47 +import sys
5.48 +import ConfigParser
5.49 +import logging
5.50 +from passwordreceiver import *
5.51 +
5.52 +MINOPTS = { "Main" : ["LogFile", "LogLevel", "MountScript", "UmountScript", "InitScript", "GetDevicesScript", "Keyfile"]}
5.53 +
5.54 +CONFIG_FILE="/etc/encryptionprovider/encryptionprovider.cfg"
5.55 +CONFIG_NOT_READABLE = "Configfile is not readable"
5.56 +CONFIG_WRONG = "Something is wrong with the config"
5.57 +CONFIG_MISSING = "Section: \"%s\" Option: \"%s\" in configfile is missing"
5.58 +
5.59 +def checkMinimumOptions (config):
5.60 + for section, options in MINOPTS.iteritems ():
5.61 + for option in options:
5.62 + if (config.has_option(section, option) == False):
5.63 + print (CONFIG_MISSING % (section, option))
5.64 + exit (129)
5.65 +
5.66 +
5.67 +def loadConfig ():
5.68 + configfile = CONFIG_FILE
5.69 + config = ConfigParser.SafeConfigParser ()
5.70 +
5.71 + if ((os.path.exists (configfile) == False) or (os.path.isfile (configfile) == False) or (os.access (configfile, os.R_OK) == False)):
5.72 + print (CONFIG_NOT_READABLE)
5.73 + exit (1)
5.74 +
5.75 + try:
5.76 + config.read (CONFIG_FILE)
5.77 + except Exception, e:
5.78 + print (CONFIG_WRONG)
5.79 + print ("Error: %s" % (e))
5.80 + exit (1)
5.81 +
5.82 + checkMinimumOptions (config)
5.83 + return config
5.84 +
5.85 +def initLog (config):
5.86 + global LOG
5.87 + logfile = config.get("Main", "LogFile")
5.88 +
5.89 + numeric_level = getattr(logging, config.get("Main", "LogLevel").upper(), None)
5.90 + if not isinstance(numeric_level, int):
5.91 + raise ValueError('Invalid log level: %s' % loglevel)
5.92 +
5.93 + # ToDo move log level and maybe other things to config file
5.94 + logging.basicConfig(
5.95 + level = numeric_level,
5.96 + format = "%(asctime)s %(name)-12s %(funcName)-15s %(levelname)-8s %(message)s",
5.97 + datefmt = "%Y-%m-%d %H:%M:%S",
5.98 + filename = logfile,
5.99 + filemode = "a+",
5.100 + )
5.101 + LOG = logging.getLogger("encryptionprovicer")
5.102 +
5.103 +
5.104 +
5.105 +
5.106 +def runExternalScripts (command):
5.107 + LOG.debug ("Run external Script: %s" %(command,))
5.108 +
5.109 + if (os.path.isfile (command[0]) == False):
5.110 + LOG.error ("File does not exist: %s" %((command[0]),))
5.111 + sys.stderr.write("File does not exist: %s\n" %((command[0]),))
5.112 + exit (1)
5.113 +
5.114 + process = subprocess.Popen( command, stdout=subprocess.PIPE, stderr=subprocess.PIPE )
5.115 + retcode = process.wait()
5.116 + ( stdout, stderr ) = process.communicate()
5.117 +
5.118 + return { "retcode" : retcode, "stdout" : stdout, "stderr" : stderr }
5.119 +
5.120 +
5.121 +def getDevices (script):
5.122 + command = [script];
5.123 + result = runExternalScripts (command);
5.124 +
5.125 + if (result["retcode"] != 0):
5.126 + LOG.error ("Retcode: %s" %(result["retcode"],))
5.127 + LOG.error ("stdout: %s" %(result["stdout"],))
5.128 + LOG.error ("stderr: %s" %(result["stderr"],))
5.129 + sys.stderr.write("%s" %(result["stderr"],))
5.130 + exit (1)
5.131 +
5.132 + #print ("%s" %(result["stdout"],))
5.133 + # don't use print here, because of the extra newline
5.134 + sys.stdout.write ("%s" %(result["stdout"],))
5.135 +
5.136 +
5.137 +def umountDevice (script, device):
5.138 + command = [script, device];
5.139 + result = runExternalScripts (command);
5.140 +
5.141 + if (result["retcode"] != 0):
5.142 + LOG.error ("Retcode: %s" %(result["retcode"],))
5.143 + LOG.error ("stdout: %s" %(result["stdout"],))
5.144 + LOG.error ("stderr: %s" %(result["stderr"],))
5.145 + sys.stderr.write("%s" %(result["stderr"],))
5.146 + exit (1)
5.147 +
5.148 + #print ("%s" %(result["stdout"],))
5.149 + # don't use print here, because of the extra newline
5.150 + sys.stdout.write ("%s" %(result["stdout"],))
5.151 +
5.152 +
5.153 +def mountDevice (script, interface, port, device, mountpoint, keyfilepath):
5.154 + listener = MyRestListener (opensecurity_urls, globals(), script = script, device = device, mountpoint = mountpoint, tries = 3, keyfilepath = keyfilepath)
5.155 + thread.start_new_thread(listener.run, (interface, port,))
5.156 +
5.157 + close = False
5.158 + while (close == False):
5.159 + time.sleep(1)
5.160 + if (os.path.ismount(mountpoint) == True):
5.161 + close = True
5.162 + LOG.info ("Stick \"%s\" was mounted sucessfully to \"%s\"" %(device, mountpoint,))
5.163 + sys.exit(0)
5.164 +
5.165 + if (os.path.exists(device) == False):
5.166 + close = True
5.167 + LOG.error ("Stick \"%s\" removed -> exit" %(device,))
5.168 + sys.exit(1)
5.169 +
5.170 +def isDeviceMountedAtMountpoint (device, mountpoint):
5.171 + command = ("/bin/df %s | /usr/bin/tail -1 | awk '{print $1}'" %(mountpoint,))
5.172 + pipe = os.popen(command)
5.173 + result = pipe.read().rstrip()
5.174 +
5.175 + if (pipe.close() != None):
5.176 + LOG.error ("error: %s" %(result,))
5.177 + exit (1)
5.178 +
5.179 + if (result == device):
5.180 + LOG.debug ("Device: %s ### Result: %s ### Return: True" %(device, result,))
5.181 + return True
5.182 + else:
5.183 + LOG.debug ("Device: %s ### Result: %s ### Return: False" %(device, result,))
5.184 + return False
5.185 +
5.186 +
5.187 +def initDevice (script, interface, port, device, mountpoint, keyfilepath, preinitscript, postinitscript):
5.188 + listener = MyRestListener (opensecurity_urls, globals(), script = script, device = device, mountpoint = mountpoint, tries = 3, keyfilepath = keyfilepath, preinitscript = preinitscript, postinitscript = postinitscript)
5.189 + thread.start_new_thread(listener.run, (interface, port,))
5.190 +
5.191 + close = False
5.192 + while (close == False):
5.193 + time.sleep(1)
5.194 + if (os.path.exists(device) == False):
5.195 + close = True
5.196 + LOG.info ("Stick \"%s\" removed -> exit" %(device,))
5.197 + sys.exit(1)
5.198 +
5.199 +if __name__ == "__main__":
5.200 +
5.201 + parser = argparse.ArgumentParser(epilog='--mount, --umount and --initialize are mutually exclusive')
5.202 + group = parser.add_mutually_exclusive_group(required=True)
5.203 + group.add_argument('-m', '--mount', action='store', nargs=4, dest='mount', help='Mounts an encrypted device.', metavar=("interface", "port", "device", "mountpoint"))
5.204 + group.add_argument('-u', '--umount', action='store', nargs=1, dest='umount', help='Unmounts an encrypted device', metavar="device")
5.205 + group.add_argument('-i', '--initialize', action='store', nargs=4, dest='initialize', help='Initialize an device.', metavar=("interface", "port", "device", "mountpoint"))
5.206 + group.add_argument('-g', '--getdevices', action='store_true', dest="getdevices", help='Returns a list of all mounted encrypted devices')
5.207 + arguments = parser.parse_args()
5.208 +
5.209 +
5.210 + config = loadConfig ()
5.211 + initLog (config)
5.212 +
5.213 + if (arguments.getdevices):
5.214 + getDevices (config.get ("Main", "GetDevicesScript"))
5.215 +
5.216 + if (arguments.umount):
5.217 + umountDevice (config.get ("Main", "UmountScript"), arguments.umount[0])
5.218 +
5.219 + if (arguments.mount):
5.220 + mountDevice (config.get ("Main", "MountScript"), arguments.mount[0], int(arguments.mount[1]), arguments.mount[2], arguments.mount[3], config.get ("Main", "Keyfile"))
5.221 +
5.222 + if (arguments.initialize):
5.223 + initDevice (config.get ("Main", "InitScript"), arguments.initialize[0], int(arguments.initialize[1]), arguments.initialize[2], arguments.initialize[3], config.get ("Main", "Keyfile"), config.get("Main", "PreInitScript"), config.get("Main", "PostInitScript"))
6.1 Binary file encryptionprovider_0.0.10_all.deb has changed
7.1 Binary file encryptionprovider_0.0.11_all.deb has changed
8.1 Binary file encryptionprovider_0.0.12_all.deb has changed
9.1 Binary file encryptionprovider_0.0.13_all.deb has changed
10.1 Binary file encryptionprovider_0.0.14_all.deb has changed
11.1 Binary file encryptionprovider_0.0.15_all.deb has changed
12.1 Binary file encryptionprovider_0.0.16_all.deb has changed
13.1 Binary file encryptionprovider_0.0.17_all.deb has changed
14.1 Binary file encryptionprovider_0.0.18_all.deb has changed
15.1 Binary file encryptionprovider_0.0.19_all.deb has changed
16.1 Binary file encryptionprovider_0.0.1_all.deb has changed
17.1 Binary file encryptionprovider_0.0.20_all.deb has changed
18.1 Binary file encryptionprovider_0.0.21_all.deb has changed
19.1 Binary file encryptionprovider_0.0.22_all.deb has changed
20.1 Binary file encryptionprovider_0.0.23_all.deb has changed
21.1 Binary file encryptionprovider_0.0.24_all.deb has changed
22.1 Binary file encryptionprovider_0.0.25_all.deb has changed
23.1 Binary file encryptionprovider_0.0.26_all.deb has changed
24.1 Binary file encryptionprovider_0.0.2_all.deb has changed
25.1 Binary file encryptionprovider_0.0.3_all.deb has changed
26.1 Binary file encryptionprovider_0.0.4_all.deb has changed
27.1 Binary file encryptionprovider_0.0.5_all.deb has changed
28.1 Binary file encryptionprovider_0.0.6_all.deb has changed
29.1 Binary file encryptionprovider_0.0.7_all.deb has changed
30.1 Binary file encryptionprovider_0.0.8_all.deb has changed
31.1 Binary file encryptionprovider_0.0.9_all.deb has changed
32.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
32.2 +++ b/passwordreceiver.py Tue Nov 04 18:26:39 2014 +0100
32.3 @@ -0,0 +1,196 @@
32.4 +#!/usr/bin/python
32.5 +
32.6 +# ------------------------------------------------------------
32.7 +# opensecurity package file
32.8 +#
32.9 +# Autor: X-Net Services GmbH <office@x-net.at>
32.10 +#
32.11 +# Copyright 2013-2014 X-Net and AIT Austrian Institute of Technology
32.12 +#
32.13 +#
32.14 +# X-Net Technologies GmbH
32.15 +# Elisabethstrasse 1
32.16 +# 4020 Linz
32.17 +# AUSTRIA
32.18 +# https://www.x-net.at
32.19 +#
32.20 +# AIT Austrian Institute of Technology
32.21 +# Donau City Strasse 1
32.22 +# 1220 Wien
32.23 +# AUSTRIA
32.24 +# http://www.ait.ac.at
32.25 +#
32.26 +#
32.27 +# Licensed under the Apache License, Version 2.0 (the "License");
32.28 +# you may not use this file except in compliance with the License.
32.29 +# You may obtain a copy of the License at
32.30 +#
32.31 +# http://www.apache.org/licenses/LICENSE-2.0
32.32 +#
32.33 +# Unless required by applicable law or agreed to in writing, software
32.34 +# distributed under the License is distributed on an "AS IS" BASIS,
32.35 +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
32.36 +# See the License for the specific language governing permissions and
32.37 +# limitations under the License.
32.38 +# ------------------------------------------------------------
32.39 +
32.40 +
32.41 +import subprocess
32.42 +import web
32.43 +import netifaces
32.44 +import os
32.45 +import sys
32.46 +import base64
32.47 +#import logging
32.48 +
32.49 +opensecurity_urls = (
32.50 + '/password', 'os_password',
32.51 + '/init', 'os_init'
32.52 +)
32.53 +
32.54 +#__LOG = logging.getLogger("passwordreceiver")
32.55 +
32.56 +class os_password:
32.57 +
32.58 + # delete the key file in a secure way (will not working on ssd's :/ ,but ram only vm -> should be ok)
32.59 + def deleteKeyfile(self, keyfilepath):
32.60 + filesize = os.path.getsize(keyfilepath)
32.61 + keyfile = open (keyfilepath, "w+")
32.62 + for i in range (0, 10):
32.63 + keyfile.seek(0)
32.64 + keyfile.write(os.urandom(filesize))
32.65 + keyfile.flush()
32.66 + keyfile.close()
32.67 + os.remove(keyfilepath)
32.68 +
32.69 +
32.70 + def GET(self, settings):
32.71 + return self.POST(settings)
32.72 +
32.73 + def POST(self, settings):
32.74 +
32.75 + # pick the arguments
32.76 + args = web.input()
32.77 +
32.78 + if not "password" in args:
32.79 + raise web.badrequest()
32.80 +
32.81 + if "keyfile" in args:
32.82 + keyfile = open (settings["keyfilepath"], "w+")
32.83 + keyfile.write(base64.b64decode(args["keyfile"]))
32.84 + keyfile.close()
32.85 + command = [settings["script"], settings["device"], settings["mountpoint"], args["password"], settings["keyfilepath"]]
32.86 + else:
32.87 + command = [settings["script"], settings["device"], settings["mountpoint"], args["password"]]
32.88 +
32.89 + process = subprocess.Popen( command, stdout=subprocess.PIPE, stderr=subprocess.PIPE )
32.90 + retval = process.wait()
32.91 + ( stdout, stderr ) = process.communicate()
32.92 +
32.93 + if "keyfile" in args:
32.94 + self.deleteKeyfile(settings["keyfilepath"])
32.95 +
32.96 + if (retval != 0):
32.97 + raise web.badrequest(stderr)
32.98 +
32.99 + return "Success: Encrypted Stick is mounted"
32.100 +
32.101 +class os_init:
32.102 + # delete the key file in a secure way (will not working on ssd's :/ ,but ram only vm -> should be ok)
32.103 + def deleteKeyfile(self, keyfilepath):
32.104 + filesize = os.path.getsize(keyfilepath)
32.105 + keyfile = open (keyfilepath, "w+")
32.106 + for i in range (0, 10):
32.107 + keyfile.seek(0)
32.108 + keyfile.write(os.urandom(filesize))
32.109 + keyfile.flush()
32.110 + keyfile.close()
32.111 + os.remove(keyfilepath)
32.112 +
32.113 + def runPreInitScript(self, preinitscript, device):
32.114 + #__LOG.debug("Start preinit Script")
32.115 +
32.116 + command = [preinitscript, device]
32.117 + process = subprocess.Popen( command, stdout=subprocess.PIPE, stderr=subprocess.PIPE )
32.118 + retval = process.wait()
32.119 + ( stdout, stderr ) = process.communicate()
32.120 +
32.121 + #__LOG.debug("preinit done result: %s" %(retval,))
32.122 +
32.123 + if (retval != 0):
32.124 + raise web.badrequest(stderr)
32.125 +
32.126 + def runPostInitScript(self, postinitscript):
32.127 + #__LOG.debug("Start postinit Script")
32.128 +
32.129 + command = [postinitscript]
32.130 + process = subprocess.Popen( command, stdout=subprocess.PIPE, stderr=subprocess.PIPE )
32.131 + retval = process.wait()
32.132 + ( stdout, stderr ) = process.communicate()
32.133 +
32.134 + #__LOG.debug("postinit done result: %s" %(retval,))
32.135 +
32.136 + if (retval != 0):
32.137 + raise web.badrequest(stderr)
32.138 +
32.139 + def GET(self, settings):
32.140 + return self.POST(settings)
32.141 +
32.142 + def POST(self, settings):
32.143 +
32.144 + # pick the arguments
32.145 + args = web.input()
32.146 +
32.147 + if not "password" in args:
32.148 + raise web.badrequest()
32.149 +
32.150 + # Do the preinit stuff
32.151 + self.runPreInitScript(settings["preinitscript"], settings["device"])
32.152 +
32.153 + if "keyfile" in args:
32.154 + keyfile = open (settings["keyfilepath"], "w+")
32.155 + keyfile.write(base64.b64decode(args["keyfile"]))
32.156 + keyfile.close()
32.157 + command = [settings["script"], settings["device"], settings["mountpoint"], args["password"], settings["keyfilepath"]]
32.158 + else:
32.159 + command = [settings["script"], settings["device"], settings["mountpoint"], args["password"]]
32.160 +
32.161 + #__LOG.debug("Start init script")
32.162 +
32.163 + process = subprocess.Popen( command, stdout=subprocess.PIPE, stderr=subprocess.PIPE )
32.164 + retval = process.wait()
32.165 + ( stdout, stderr ) = process.communicate()
32.166 +
32.167 + if "keyfile" in args:
32.168 + self.deleteKeyfile(settings["keyfilepath"])
32.169 +
32.170 + #__LOG.debug("init done result: %s" %(retval,))
32.171 +
32.172 + if (retval != 0):
32.173 + raise web.badrequest(stderr)
32.174 +
32.175 + # Do the postinit stuff
32.176 + self.runPostInitScript(settings["postinitscript"])
32.177 +
32.178 + return "Success: Stick is initialized and mounted"
32.179 +
32.180 +class MyRestListener(web.application):
32.181 + def __init__(self, mapping=(), fvars={}, autoreload=None, script=None, device=None, mountpoint=None, tries=None, keyfilepath=None, preinitscript=None, postinitscript=None):
32.182 + web.application.__init__(self, mapping, fvars, autoreload)
32.183 + self.device = device
32.184 + self.mountpoint = mountpoint
32.185 + self.script = script
32.186 + self.tries = tries
32.187 + self.keyfilepath = keyfilepath
32.188 + self.preinitscript = preinitscript
32.189 + self.postinitscript = postinitscript
32.190 +
32.191 + def run(self, interface, port, *middleware):
32.192 + func = self.wsgifunc(*middleware)
32.193 + ifaceip = netifaces.ifaddresses(interface)[2][0]["addr"]
32.194 + return web.httpserver.runsimple(func, (ifaceip, port))
32.195 +
32.196 + def handle(self):
32.197 + fn, args = self._match(self.mapping, web.ctx.path)
32.198 + args.append({"script": self.script, "device": self.device, "mountpoint": self.mountpoint, "tries": self.tries, "keyfilepath": self.keyfilepath, "preinitscript": self.preinitscript, "postinitscript": self.postinitscript})
32.199 + return self._delegate(fn, self.fvars, args)
33.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
33.2 +++ b/post_init.sh Tue Nov 04 18:26:39 2014 +0100
33.3 @@ -0,0 +1,40 @@
33.4 +#!/bin/sh
33.5 +
33.6 +# ------------------------------------------------------------
33.7 +# opensecurity package file
33.8 +#
33.9 +# Autor: X-Net Services GmbH <office@x-net.at>
33.10 +#
33.11 +# Copyright 2013-2014 X-Net and AIT Austrian Institute of Technology
33.12 +#
33.13 +#
33.14 +# X-Net Technologies GmbH
33.15 +# Elisabethstrasse 1
33.16 +# 4020 Linz
33.17 +# AUSTRIA
33.18 +# https://www.x-net.at
33.19 +#
33.20 +# AIT Austrian Institute of Technology
33.21 +# Donau City Strasse 1
33.22 +# 1220 Wien
33.23 +# AUSTRIA
33.24 +# http://www.ait.ac.at
33.25 +#
33.26 +#
33.27 +# Licensed under the Apache License, Version 2.0 (the "License");
33.28 +# you may not use this file except in compliance with the License.
33.29 +# You may obtain a copy of the License at
33.30 +#
33.31 +# http://www.apache.org/licenses/LICENSE-2.0
33.32 +#
33.33 +# Unless required by applicable law or agreed to in writing, software
33.34 +# distributed under the License is distributed on an "AS IS" BASIS,
33.35 +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
33.36 +# See the License for the specific language governing permissions and
33.37 +# limitations under the License.
33.38 +# ------------------------------------------------------------
33.39 +
33.40 +chattr -i "/tmp/usbmount"
33.41 +mkdir /tmp/usbmount/encrypted
33.42 +chattr +i "/tmp/usbmount"
33.43 +/usr/bin/osecfs /etc/osecfs/osecfs_usb.cfg "/tmp/usbmount/encrypted" rw
33.44 \ No newline at end of file
34.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
34.2 +++ b/pre_init.sh Tue Nov 04 18:26:39 2014 +0100
34.3 @@ -0,0 +1,59 @@
34.4 +#!/bin/sh
34.5 +
34.6 +# ------------------------------------------------------------
34.7 +# opensecurity package file
34.8 +#
34.9 +# Autor: X-Net Services GmbH <office@x-net.at>
34.10 +#
34.11 +# Copyright 2013-2014 X-Net and AIT Austrian Institute of Technology
34.12 +#
34.13 +#
34.14 +# X-Net Technologies GmbH
34.15 +# Elisabethstrasse 1
34.16 +# 4020 Linz
34.17 +# AUSTRIA
34.18 +# https://www.x-net.at
34.19 +#
34.20 +# AIT Austrian Institute of Technology
34.21 +# Donau City Strasse 1
34.22 +# 1220 Wien
34.23 +# AUSTRIA
34.24 +# http://www.ait.ac.at
34.25 +#
34.26 +#
34.27 +# Licensed under the Apache License, Version 2.0 (the "License");
34.28 +# you may not use this file except in compliance with the License.
34.29 +# You may obtain a copy of the License at
34.30 +#
34.31 +# http://www.apache.org/licenses/LICENSE-2.0
34.32 +#
34.33 +# Unless required by applicable law or agreed to in writing, software
34.34 +# distributed under the License is distributed on an "AS IS" BASIS,
34.35 +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
34.36 +# See the License for the specific language governing permissions and
34.37 +# limitations under the License.
34.38 +# ------------------------------------------------------------
34.39 +
34.40 +DEVICE="$1"
34.41 +
34.42 +# This script makes sure that the stick is unmounted and unused
34.43 +# Run this Script before the init process
34.44 +
34.45 +# make sure to have "/dev/sdb" (not "/dev/sdb1")
34.46 +#DEVICE="${DEVICE:0:8}" the bash way does not work in dash -.-
34.47 +DEVICE="$(echo "$DEVICE" | awk '{print substr($1,0,9)}')"
34.48 +
34.49 +# make sure the device is not mounted
34.50 +chattr -i "/tmp/usbmount"
34.51 +umount /tmp/usbmount/*
34.52 +sleep 1
34.53 +rmdir /tmp/usbmount/*
34.54 +umount /media/usb*
34.55 +
34.56 +# search for already encrypted volumes
34.57 +device=$(encryptionprovider.py -g)
34.58 +
34.59 +if [ "$?" = "0" ]
34.60 +then
34.61 + encryptionprovider.py -u $device
34.62 +fi
34.63 \ No newline at end of file
35.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
35.2 +++ b/truecrypt_config.cfg Tue Nov 04 18:26:39 2014 +0100
35.3 @@ -0,0 +1,3 @@
35.4 +#!/bin/bash
35.5 +
35.6 +tc_cmd="/usr/bin/truecrypt"
35.7 \ No newline at end of file
36.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
36.2 +++ b/truecrypt_getdevices.sh Tue Nov 04 18:26:39 2014 +0100
36.3 @@ -0,0 +1,59 @@
36.4 +#!/bin/sh
36.5 +
36.6 +# ------------------------------------------------------------
36.7 +# opensecurity package file
36.8 +#
36.9 +# Autor: X-Net Services GmbH <office@x-net.at>
36.10 +#
36.11 +# Copyright 2013-2014 X-Net and AIT Austrian Institute of Technology
36.12 +#
36.13 +#
36.14 +# X-Net Technologies GmbH
36.15 +# Elisabethstrasse 1
36.16 +# 4020 Linz
36.17 +# AUSTRIA
36.18 +# https://www.x-net.at
36.19 +#
36.20 +# AIT Austrian Institute of Technology
36.21 +# Donau City Strasse 1
36.22 +# 1220 Wien
36.23 +# AUSTRIA
36.24 +# http://www.ait.ac.at
36.25 +#
36.26 +#
36.27 +# Licensed under the Apache License, Version 2.0 (the "License");
36.28 +# you may not use this file except in compliance with the License.
36.29 +# You may obtain a copy of the License at
36.30 +#
36.31 +# http://www.apache.org/licenses/LICENSE-2.0
36.32 +#
36.33 +# Unless required by applicable law or agreed to in writing, software
36.34 +# distributed under the License is distributed on an "AS IS" BASIS,
36.35 +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
36.36 +# See the License for the specific language governing permissions and
36.37 +# limitations under the License.
36.38 +# ------------------------------------------------------------
36.39 +
36.40 +BASEDIR="$(dirname $0)"
36.41 +
36.42 +if [ -r "$BASEDIR/truecrypt_config.cfg" ]
36.43 +then
36.44 + . "$BASEDIR/truecrypt_config.cfg"
36.45 +else
36.46 + echo "truecrypt_config.cfg not found" >&2
36.47 + exit 1
36.48 +fi
36.49 +
36.50 +devicelist="$($tc_cmd -l)"
36.51 +result="$?"
36.52 +
36.53 +if [ "$result" != "0" ]
36.54 +then
36.55 + exit 1
36.56 +fi
36.57 +
36.58 +# can't do this on the original command because of /bin/sh -> dash -> no PIPESTATUS -.-
36.59 +devicelist=$(echo $devicelist | awk '{ print $2}')
36.60 +
36.61 +echo "$devicelist"
36.62 +exit 0
36.63 \ No newline at end of file
37.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
37.2 +++ b/truecrypt_init.sh Tue Nov 04 18:26:39 2014 +0100
37.3 @@ -0,0 +1,135 @@
37.4 +#!/bin/sh
37.5 +
37.6 +# ------------------------------------------------------------
37.7 +# opensecurity package file
37.8 +#
37.9 +# Autor: X-Net Services GmbH <office@x-net.at>
37.10 +#
37.11 +# Copyright 2013-2014 X-Net and AIT Austrian Institute of Technology
37.12 +#
37.13 +#
37.14 +# X-Net Technologies GmbH
37.15 +# Elisabethstrasse 1
37.16 +# 4020 Linz
37.17 +# AUSTRIA
37.18 +# https://www.x-net.at
37.19 +#
37.20 +# AIT Austrian Institute of Technology
37.21 +# Donau City Strasse 1
37.22 +# 1220 Wien
37.23 +# AUSTRIA
37.24 +# http://www.ait.ac.at
37.25 +#
37.26 +#
37.27 +# Licensed under the Apache License, Version 2.0 (the "License");
37.28 +# you may not use this file except in compliance with the License.
37.29 +# You may obtain a copy of the License at
37.30 +#
37.31 +# http://www.apache.org/licenses/LICENSE-2.0
37.32 +#
37.33 +# Unless required by applicable law or agreed to in writing, software
37.34 +# distributed under the License is distributed on an "AS IS" BASIS,
37.35 +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
37.36 +# See the License for the specific language governing permissions and
37.37 +# limitations under the License.
37.38 +# ------------------------------------------------------------
37.39 +
37.40 +BASEDIR="$(dirname $0)"
37.41 +DEVICE="$1"
37.42 +MOUNTPOINT="$2"
37.43 +PASSWORD="$3"
37.44 +KEYFILE="$4"
37.45 +
37.46 +
37.47 +getRemoteIp ()
37.48 +{
37.49 + ip_address=$(ifconfig eth0 | grep "inet " | awk '{ print $2 }' | cut -d ":" -f 2)
37.50 + ip_netmask=$(ifconfig eth0 | grep "inet " | awk '{ print $4 }' | cut -d ":" -f 2)
37.51 + remote_ip=$(ipcalc $ip_address/$ip_netmask | grep HostMin | awk '{ print $2}')
37.52 +
37.53 + echo $remote_ip
37.54 +}
37.55 +
37.56 +sendInfoNotification ()
37.57 +{
37.58 + MESSAGE="$1"
37.59 + wget -q -T 3 -t 1 -O /dev/null "http://$(getRemoteIp):8090/message?msgtype=information&text=$MESSAGE"
37.60 +}
37.61 +
37.62 +sendErrorNotification ()
37.63 +{
37.64 + MESSAGE="$1"
37.65 + wget -q -T 3 -t 1 -O /dev/null "http://$(getRemoteIp):8090/notification?msgtype=critical&text=$MESSAGE"
37.66 +}
37.67 +
37.68 +
37.69 +if [ -r "$BASEDIR/truecrypt_config.cfg" ]
37.70 +then
37.71 + . "$BASEDIR/truecrypt_config.cfg"
37.72 +else
37.73 + echo "truecrypt_config.cfg not found" >&2
37.74 + exit 1
37.75 +fi
37.76 +
37.77 +# make sure to have "/dev/sdb" (not "/dev/sdb1")
37.78 +#DEVICE="${DEVICE:0:8}" the bash way does not work in dash -.-
37.79 +DEVICE="$(echo "$DEVICE" | awk '{print substr($1,0,9)}')"
37.80 +
37.81 +sendInfoNotification "Encrypt device"
37.82 +if [ -z "$KEYFILE" ]
37.83 +then
37.84 + message="$($tc_cmd -c --non-interactive --quick --filesystem=none --encryption=AES --hash=RIPEMD-160 -p "$PASSWORD" "$DEVICE")"
37.85 + result="$?"
37.86 +else
37.87 + message="$($tc_cmd -c --non-interactive --quick --filesystem=none --encryption=AES --hash=RIPEMD-160 -p "$PASSWORD" -k "$KEYFILE" "$DEVICE")"
37.88 + result="$?"
37.89 +fi
37.90 +
37.91 +
37.92 +if [ "$result" != "0" ]
37.93 +then
37.94 + sendErrorNotification "Encryption failed"
37.95 + exit 1
37.96 +fi
37.97 +
37.98 +sendInfoNotification "Device encrypted"
37.99 +
37.100 +
37.101 +
37.102 +if [ -z "$KEYFILE" ]
37.103 +then
37.104 + message="$message\n$($tc_cmd --non-interactive --filesystem=none -p "$PASSWORD" "$DEVICE")"
37.105 + result="$?"
37.106 +else
37.107 + message="$message\n$($tc_cmd --non-interactive --filesystem=none -p "$PASSWORD" -k "$KEYFILE" "$DEVICE")"
37.108 + result="$?"
37.109 +fi
37.110 +
37.111 +if [ "$result" != "0" ]
37.112 +then
37.113 + exit 1
37.114 +fi
37.115 +
37.116 +
37.117 +
37.118 +sendInfoNotification "Create NTFS filesystem on encrypted device"
37.119 +
37.120 +TC_DEVICE=$(truecrypt -l | awk '{print $3}')
37.121 +
37.122 +message="$message\n$(mkfs.ntfs --quick "$TC_DEVICE")"
37.123 +result="$?"
37.124 +
37.125 +if [ "$result" != "0" ]
37.126 +then
37.127 + sendErrorNotification "Filesystem creation failed"
37.128 + exit 1
37.129 +fi
37.130 +
37.131 +sendInfoNotification "Filesystem successfully created"
37.132 +
37.133 +mount "$TC_DEVICE" "$MOUNTPOINT"
37.134 +
37.135 +sendInfoNotification "Stick is now initialized"
37.136 +
37.137 +echo "$message"
37.138 +exit 0
37.139 \ No newline at end of file
38.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
38.2 +++ b/truecrypt_mount.sh Tue Nov 04 18:26:39 2014 +0100
38.3 @@ -0,0 +1,68 @@
38.4 +#!/bin/sh
38.5 +
38.6 +# ------------------------------------------------------------
38.7 +# opensecurity package file
38.8 +#
38.9 +# Autor: X-Net Services GmbH <office@x-net.at>
38.10 +#
38.11 +# Copyright 2013-2014 X-Net and AIT Austrian Institute of Technology
38.12 +#
38.13 +#
38.14 +# X-Net Technologies GmbH
38.15 +# Elisabethstrasse 1
38.16 +# 4020 Linz
38.17 +# AUSTRIA
38.18 +# https://www.x-net.at
38.19 +#
38.20 +# AIT Austrian Institute of Technology
38.21 +# Donau City Strasse 1
38.22 +# 1220 Wien
38.23 +# AUSTRIA
38.24 +# http://www.ait.ac.at
38.25 +#
38.26 +#
38.27 +# Licensed under the Apache License, Version 2.0 (the "License");
38.28 +# you may not use this file except in compliance with the License.
38.29 +# You may obtain a copy of the License at
38.30 +#
38.31 +# http://www.apache.org/licenses/LICENSE-2.0
38.32 +#
38.33 +# Unless required by applicable law or agreed to in writing, software
38.34 +# distributed under the License is distributed on an "AS IS" BASIS,
38.35 +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
38.36 +# See the License for the specific language governing permissions and
38.37 +# limitations under the License.
38.38 +# ------------------------------------------------------------
38.39 +
38.40 +BASEDIR="$(dirname $0)"
38.41 +DEVICE="$1"
38.42 +MOUNTPOINT="$2"
38.43 +PASSWORD="$3"
38.44 +KEYFILE="$4"
38.45 +
38.46 +if [ -r "$BASEDIR/truecrypt_config.cfg" ]
38.47 +then
38.48 + . "$BASEDIR/truecrypt_config.cfg"
38.49 +else
38.50 + echo "truecrypt_config.cfg not found" >&2
38.51 + exit 1
38.52 +fi
38.53 +
38.54 +if [ -z "$KEYFILE" ]
38.55 +then
38.56 + message="$($tc_cmd --non-interactive "$DEVICE" "$MOUNTPOINT" -p "$PASSWORD")"
38.57 + result="$?"
38.58 +else
38.59 + message="$($tc_cmd --non-interactive "$DEVICE" "$MOUNTPOINT" -p "$PASSWORD" -k "$KEYFILE")"
38.60 + result="$?"
38.61 +fi
38.62 +
38.63 +
38.64 +
38.65 +if [ "$result" != "0" ]
38.66 +then
38.67 + exit 1
38.68 +fi
38.69 +
38.70 +echo "$message"
38.71 +exit 0
38.72 \ No newline at end of file
39.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
39.2 +++ b/truecrypt_umount.sh Tue Nov 04 18:26:39 2014 +0100
39.3 @@ -0,0 +1,57 @@
39.4 +#!/bin/sh
39.5 +
39.6 +# ------------------------------------------------------------
39.7 +# opensecurity package file
39.8 +#
39.9 +# Autor: X-Net Services GmbH <office@x-net.at>
39.10 +#
39.11 +# Copyright 2013-2014 X-Net and AIT Austrian Institute of Technology
39.12 +#
39.13 +#
39.14 +# X-Net Technologies GmbH
39.15 +# Elisabethstrasse 1
39.16 +# 4020 Linz
39.17 +# AUSTRIA
39.18 +# https://www.x-net.at
39.19 +#
39.20 +# AIT Austrian Institute of Technology
39.21 +# Donau City Strasse 1
39.22 +# 1220 Wien
39.23 +# AUSTRIA
39.24 +# http://www.ait.ac.at
39.25 +#
39.26 +#
39.27 +# Licensed under the Apache License, Version 2.0 (the "License");
39.28 +# you may not use this file except in compliance with the License.
39.29 +# You may obtain a copy of the License at
39.30 +#
39.31 +# http://www.apache.org/licenses/LICENSE-2.0
39.32 +#
39.33 +# Unless required by applicable law or agreed to in writing, software
39.34 +# distributed under the License is distributed on an "AS IS" BASIS,
39.35 +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
39.36 +# See the License for the specific language governing permissions and
39.37 +# limitations under the License.
39.38 +# ------------------------------------------------------------
39.39 +
39.40 +BASEDIR="$(dirname $0)"
39.41 +DEVICE="$1"
39.42 +
39.43 +if [ -r "$BASEDIR/truecrypt_config.cfg" ]
39.44 +then
39.45 + . "$BASEDIR/truecrypt_config.cfg"
39.46 +else
39.47 + echo "truecrypt_config.cfg not found" >&2
39.48 + exit 1
39.49 +fi
39.50 +
39.51 +message="$($tc_cmd -d $DEVICE)"
39.52 +result="$?"
39.53 +
39.54 +if [ "$result" != "0" ]
39.55 +then
39.56 + exit 1
39.57 +fi
39.58 +
39.59 +echo "$message"
39.60 +exit 0
39.61 \ No newline at end of file