ipso (2969B)
1 #!/usr/local/plan9/bin/rc 2 3 . 9.rc 4 name = secstore 5 get = secstoreget 6 put = secstoreput 7 edit = no 8 load = no 9 flush = no 10 11 fn secstoreget{ 12 secstore -i -g $1 <_password 13 } 14 15 fn secstoreput{ 16 secstore -i -p $1 <_password 17 } 18 19 fn aesget{ 20 if(! ~ $1 /*){ 21 echo >[1=2] ipso: aescbc requires fully qualified pathname 22 exit usage 23 } 24 aescbc -i -d < $1 > `{basename $1} <[3] _password 25 } 26 27 fn aesput{ 28 aescbc -i -e > $1 < `{basename $1} <[3] _password 29 } 30 31 fn editedfiles{ 32 if(~ $get aesget){ 33 for(i in $files) 34 if(ls -tr | sed '1,/^_timestamp$/d' | grep -s '^'^`{basename $i}^'$') 35 echo $i 36 } 37 if not 38 ls -tr | sed '1,/^_timestamp$/d' 39 } 40 41 while(~ $1 -*){ 42 switch($1){ 43 case -a 44 name = aescbc 45 get = aesget 46 put = aesput 47 case -f 48 flush = yes 49 case -e 50 edit = yes 51 case -l 52 load = yes 53 case * 54 echo >[2=1] 'usage: ipso [-a -f -e -l] [-s] [file ...]' 55 exit usage 56 } 57 shift 58 } 59 60 if(~ $flush no && ~ $edit no && ~ $load no){ 61 edit = yes 62 if(~ factotum $*){ 63 load = yes 64 flush = yes 65 } 66 } 67 68 if(~ $flush yes && ~ $edit no && ~ $load no){ 69 echo flushing old keys 70 echo delkey | 9p write factotum/ctl 71 exit 0 72 } 73 74 if(~ $get aesget && ~ $#* 0){ 75 echo >[2=1] ipso: must specify a fully qualified file name for aescbc '(-a)' 76 exit usage 77 } 78 79 user=`{whoami} 80 cd /tmp || exit $status 81 tmp=`{df | grep -v /lib/init | awk '$1=="tmpfs" {print $NF}'} 82 if(! ~ $#tmp 0) 83 cd $tmp(1) || exit $status 84 mkdir -p ipso.$user 85 chmod 700 ipso.$user || exit $status 86 cd ipso.$user 87 dir=`{pwd} 88 dir=$"dir 89 90 fn sigexit { 91 rm -rf $dir 92 } 93 94 if ( ~ $edit yes ) echo ' 95 Warning: The editor will display the secret contents of 96 your '$name' files in the clear, and they will 97 be stored temporarily in '^$dir^' 98 in the clear, along with your password. 99 ' 100 101 # get password and remember it 102 readcons -s $name^' password' >_password 103 104 # get list of files 105 if(~ $#* 0){ 106 if(! secstore -G . -i < _password > _listing){ 107 echo 'secstore read failed - bad password?' 108 sleep 2 109 exit password 110 } 111 files=`{sed 's/[ ]+.*//' _listing} 112 } 113 if not 114 files = $* 115 116 # copy the files to local ramfs 117 for(i in $files){ 118 if(! $get $i){ 119 echo $name ' read failed - bad password?' 120 sleep 2 121 exit password 122 } 123 } 124 sleep 2; date > _timestamp # so we can find which files have been edited. 125 126 # edit the files 127 if(~ $edit yes){ 128 B `{for(i in $files) basename $i} 129 readcons 'type enter when finished editing' >/dev/null 130 } 131 if(~ $flush yes ){ 132 echo flushing old keys 133 echo delkey | 9p write factotum/ctl 134 } 135 if(~ $load yes){ 136 echo loading factotum keys 137 if (~ factotum $files) cat factotum | 9p write -l factotum/ctl 138 } 139 140 # copy the files back 141 for(i in `{editedfiles}){ 142 prompt='copy '''^`{basename $i}^''' back? [y/n/x]' 143 switch(`{readcons $prompt}){ 144 case [yY]* 145 if(! $put $i){ 146 echo $name ' read failed - bad password?' 147 sleep 2 148 exit password 149 } 150 echo ''''$i'''' copied to $name 151 if(~ $i factotum && ! ~ $load yes){ # do not do it twice 152 cat $i | 9p write -l factotum/ctl 153 } 154 case [xXqQ]* 155 exit 156 case [nN]* * 157 echo ''''$i'''' skipped 158 } 159 } 160 161 exit ''