1 b49d0f4b 2005-02-13 devnull #!/usr/local/plan9/bin/rc
4 b49d0f4b 2005-02-13 devnull name = secstore
5 b49d0f4b 2005-02-13 devnull get = secstoreget
6 b49d0f4b 2005-02-13 devnull put = secstoreput
9 b49d0f4b 2005-02-13 devnull flush = no
11 b49d0f4b 2005-02-13 devnull fn secstoreget{
12 b49d0f4b 2005-02-13 devnull secstore -i -g $1 <_password
15 b49d0f4b 2005-02-13 devnull fn secstoreput{
16 b49d0f4b 2005-02-13 devnull secstore -i -p $1 <_password
19 b49d0f4b 2005-02-13 devnull fn aesget{
20 b49d0f4b 2005-02-13 devnull if(! ~ $1 /*){
21 b49d0f4b 2005-02-13 devnull echo >[1=2] ipso: aescbc requires fully qualified pathname
22 b49d0f4b 2005-02-13 devnull exit usage
24 b49d0f4b 2005-02-13 devnull aescbc -i -d < $1 > `{basename $1} <[3] _password
27 b49d0f4b 2005-02-13 devnull fn aesput{
28 b49d0f4b 2005-02-13 devnull aescbc -i -e > $1 < `{basename $1} <[3] _password
31 b49d0f4b 2005-02-13 devnull fn editedfiles{
32 b49d0f4b 2005-02-13 devnull if(~ $get aesget){
33 b49d0f4b 2005-02-13 devnull for(i in $files)
34 b49d0f4b 2005-02-13 devnull if(ls -tr | sed '1,/^_timestamp$/d' | grep -s '^'^`{basename $i}^'$')
38 b49d0f4b 2005-02-13 devnull ls -tr | sed '1,/^_timestamp$/d'
41 b49d0f4b 2005-02-13 devnull while(~ $1 -*){
42 b49d0f4b 2005-02-13 devnull switch($1){
44 b49d0f4b 2005-02-13 devnull name = aescbc
45 b49d0f4b 2005-02-13 devnull get = aesget
46 b49d0f4b 2005-02-13 devnull put = aesput
48 b49d0f4b 2005-02-13 devnull flush = yes
50 b49d0f4b 2005-02-13 devnull edit = yes
52 b49d0f4b 2005-02-13 devnull load = yes
54 b49d0f4b 2005-02-13 devnull echo >[2=1] 'usage: ipso [-a -f -e -l] [-s] [file ...]'
55 b49d0f4b 2005-02-13 devnull exit usage
60 b49d0f4b 2005-02-13 devnull if(~ $flush no && ~ $edit no && ~ $load no){
61 b49d0f4b 2005-02-13 devnull edit = yes
62 ae1f02ad 2008-07-09 rsc if(~ factotum $*){
68 b49d0f4b 2005-02-13 devnull if(~ $flush yes && ~ $edit no && ~ $load no){
69 b49d0f4b 2005-02-13 devnull echo flushing old keys
70 8da6bca8 2005-02-14 devnull echo delkey | 9p write factotum/ctl
74 b49d0f4b 2005-02-13 devnull if(~ $get aesget && ~ $#* 0){
75 b49d0f4b 2005-02-13 devnull echo >[2=1] ipso: must specify a fully qualified file name for aescbc '(-a)'
76 b49d0f4b 2005-02-13 devnull exit usage
79 b49d0f4b 2005-02-13 devnull user=`{whoami}
80 b49d0f4b 2005-02-13 devnull cd /tmp || exit $status
81 08d52f6c 2009-04-30 rsc tmp=`{df | grep -v /lib/init | awk '$1=="tmpfs" {print $NF}'}
82 b49d0f4b 2005-02-13 devnull if(! ~ $#tmp 0)
83 b49d0f4b 2005-02-13 devnull cd $tmp(1) || exit $status
84 b49d0f4b 2005-02-13 devnull mkdir -p ipso.$user
85 b49d0f4b 2005-02-13 devnull chmod 700 ipso.$user || exit $status
86 b49d0f4b 2005-02-13 devnull cd ipso.$user
87 b49d0f4b 2005-02-13 devnull dir=`{pwd}
88 b49d0f4b 2005-02-13 devnull dir=$"dir
90 b49d0f4b 2005-02-13 devnull fn sigexit {
91 b49d0f4b 2005-02-13 devnull rm -rf $dir
94 b49d0f4b 2005-02-13 devnull if ( ~ $edit yes ) echo '
95 b49d0f4b 2005-02-13 devnull Warning: The editor will display the secret contents of
96 b49d0f4b 2005-02-13 devnull your '$name' files in the clear, and they will
97 b49d0f4b 2005-02-13 devnull be stored temporarily in '^$dir^'
98 b49d0f4b 2005-02-13 devnull in the clear, along with your password.
101 b49d0f4b 2005-02-13 devnull # get password and remember it
102 b49d0f4b 2005-02-13 devnull readcons -s $name^' password' >_password
104 b49d0f4b 2005-02-13 devnull # get list of files
105 b49d0f4b 2005-02-13 devnull if(~ $#* 0){
106 b49d0f4b 2005-02-13 devnull if(! secstore -G . -i < _password > _listing){
107 b49d0f4b 2005-02-13 devnull echo 'secstore read failed - bad password?'
109 b49d0f4b 2005-02-13 devnull exit password
111 b49d0f4b 2005-02-13 devnull files=`{sed 's/[ ]+.*//' _listing}
114 b49d0f4b 2005-02-13 devnull files = $*
116 b49d0f4b 2005-02-13 devnull # copy the files to local ramfs
117 b49d0f4b 2005-02-13 devnull for(i in $files){
118 b49d0f4b 2005-02-13 devnull if(! $get $i){
119 b49d0f4b 2005-02-13 devnull echo $name ' read failed - bad password?'
121 b49d0f4b 2005-02-13 devnull exit password
124 b49d0f4b 2005-02-13 devnull sleep 2; date > _timestamp # so we can find which files have been edited.
126 b49d0f4b 2005-02-13 devnull # edit the files
127 817fe389 2005-02-13 devnull if(~ $edit yes){
128 817fe389 2005-02-13 devnull B `{for(i in $files) basename $i}
129 817fe389 2005-02-13 devnull readcons 'type enter when finished editing' >/dev/null
131 b49d0f4b 2005-02-13 devnull if(~ $flush yes ){
132 b49d0f4b 2005-02-13 devnull echo flushing old keys
133 b49d0f4b 2005-02-13 devnull echo delkey | 9p write factotum/ctl
135 b49d0f4b 2005-02-13 devnull if(~ $load yes){
136 b49d0f4b 2005-02-13 devnull echo loading factotum keys
137 b49d0f4b 2005-02-13 devnull if (~ factotum $files) cat factotum | 9p write -l factotum/ctl
140 b49d0f4b 2005-02-13 devnull # copy the files back
141 b49d0f4b 2005-02-13 devnull for(i in `{editedfiles}){
142 b49d0f4b 2005-02-13 devnull prompt='copy '''^`{basename $i}^''' back? [y/n/x]'
143 b49d0f4b 2005-02-13 devnull switch(`{readcons $prompt}){
144 b49d0f4b 2005-02-13 devnull case [yY]*
145 b49d0f4b 2005-02-13 devnull if(! $put $i){
146 b49d0f4b 2005-02-13 devnull echo $name ' read failed - bad password?'
148 b49d0f4b 2005-02-13 devnull exit password
150 b49d0f4b 2005-02-13 devnull echo ''''$i'''' copied to $name
151 8da6bca8 2005-02-14 devnull if(~ $i factotum && ! ~ $load yes){ # do not do it twice
152 8da6bca8 2005-02-14 devnull cat $i | 9p write -l factotum/ctl
154 b49d0f4b 2005-02-13 devnull case [xXqQ]*
156 b49d0f4b 2005-02-13 devnull case [nN]* *
157 b49d0f4b 2005-02-13 devnull echo ''''$i'''' skipped
