blob: 9de10933dcb753b24cde790e5c8487ece522fb45 [file] [log] [blame]
rscb49d0f42005-02-13 18:05:40 +00001#!/usr/local/plan9/bin/rc
2
3. 9.rc
4name = secstore
5get = secstoreget
6put = secstoreput
7edit = no
8load = no
9flush = no
10
11fn secstoreget{
12 secstore -i -g $1 <_password
13}
14
15fn secstoreput{
16 secstore -i -p $1 <_password
17}
18
19fn aesget{
20 if(! ~ $1 /*){
21 echo >[1=2] ipso: aescbc requires fully qualified pathname
22 exit usage
23 }
24 aescbc -i -d < $1 > `{basename $1} <[3] _password
25}
26
27fn aesput{
28 aescbc -i -e > $1 < `{basename $1} <[3] _password
29}
30
31fn editedfiles{
32 if(~ $get aesget){
33 for(i in $files)
34 if(ls -tr | sed '1,/^_timestamp$/d' | grep -s '^'^`{basename $i}^'$')
35 echo $i
36 }
37 if not
38 ls -tr | sed '1,/^_timestamp$/d'
39}
40
41while(~ $1 -*){
42 switch($1){
43 case -a
44 name = aescbc
45 get = aesget
46 put = aesput
47 case -f
48 flush = yes
49 case -e
50 edit = yes
51 case -l
52 load = yes
53 case *
54 echo >[2=1] 'usage: ipso [-a -f -e -l] [-s] [file ...]'
55 exit usage
56 }
57 shift
58}
59
60if(~ $flush no && ~ $edit no && ~ $load no){
rscb49d0f42005-02-13 18:05:40 +000061 edit = yes
Russ Coxae1f02a2008-07-09 11:44:27 -040062 if(~ factotum $*){
63 load = yes
64 flush = yes
65 }
rscb49d0f42005-02-13 18:05:40 +000066}
67
68if(~ $flush yes && ~ $edit no && ~ $load no){
69 echo flushing old keys
rsc8da6bca2005-02-14 16:11:58 +000070 echo delkey | 9p write factotum/ctl
rscb49d0f42005-02-13 18:05:40 +000071 exit 0
72}
73
74if(~ $get aesget && ~ $#* 0){
75 echo >[2=1] ipso: must specify a fully qualified file name for aescbc '(-a)'
76 exit usage
77}
78
79user=`{whoami}
80cd /tmp || exit $status
Russ Cox08d52f62009-04-30 07:27:52 -070081tmp=`{df | grep -v /lib/init | awk '$1=="tmpfs" {print $NF}'}
rscb49d0f42005-02-13 18:05:40 +000082if(! ~ $#tmp 0)
83 cd $tmp(1) || exit $status
84mkdir -p ipso.$user
85chmod 700 ipso.$user || exit $status
86cd ipso.$user
87dir=`{pwd}
88dir=$"dir
89
90fn sigexit {
91 rm -rf $dir
92}
93
94if ( ~ $edit yes ) echo '
95 Warning: The editor will display the secret contents of
96 your '$name' files in the clear, and they will
97 be stored temporarily in '^$dir^'
98 in the clear, along with your password.
99'
100
101# get password and remember it
102readcons -s $name^' password' >_password
103
104# get list of files
105if(~ $#* 0){
106 if(! secstore -G . -i < _password > _listing){
107 echo 'secstore read failed - bad password?'
108 sleep 2
109 exit password
110 }
111 files=`{sed 's/[ ]+.*//' _listing}
112}
113if not
114 files = $*
115
116# copy the files to local ramfs
117for(i in $files){
118 if(! $get $i){
119 echo $name ' read failed - bad password?'
120 sleep 2
121 exit password
122 }
123}
124sleep 2; date > _timestamp # so we can find which files have been edited.
125
126# edit the files
rsc817fe382005-02-13 18:31:24 +0000127if(~ $edit yes){
128 B `{for(i in $files) basename $i}
129 readcons 'type enter when finished editing' >/dev/null
130}
rscb49d0f42005-02-13 18:05:40 +0000131if(~ $flush yes ){
132 echo flushing old keys
133 echo delkey | 9p write factotum/ctl
134}
135if(~ $load yes){
136 echo loading factotum keys
137 if (~ factotum $files) cat factotum | 9p write -l factotum/ctl
138}
139
140# copy the files back
141for(i in `{editedfiles}){
142 prompt='copy '''^`{basename $i}^''' back? [y/n/x]'
143 switch(`{readcons $prompt}){
144 case [yY]*
145 if(! $put $i){
146 echo $name ' read failed - bad password?'
147 sleep 2
148 exit password
149 }
150 echo ''''$i'''' copied to $name
rsc8da6bca2005-02-14 16:11:58 +0000151 if(~ $i factotum && ! ~ $load yes){ # do not do it twice
152 cat $i | 9p write -l factotum/ctl
153 }
rscb49d0f42005-02-13 18:05:40 +0000154 case [xXqQ]*
155 exit
156 case [nN]* *
157 echo ''''$i'''' skipped
158 }
159}
160
161exit ''