Beispiel #1
0
func (self *serverImpl) Merge(args server.MergeArgs, reply *bool) (err error) {
	log.Printf("Merge(vault='%s', master='***')", args.Vault)
	if !self.vault.IsOpen() {
		return errors.Newf("Vault is not open: cannot merge")
	}
	vault := newVault(args.Vault)
	err = vault.Open(args.Master, self.config)
	if err != nil {
		return
	}
	if !vault.IsOpen() {
		return errors.Newf("Merge vault is not open: cannot merge")
	}
	err = self.vault.Merge(vault)
	if err != nil {
		vault.Close(self.config)
		return
	}
	err = vault.Close(self.config)
	if err != nil {
		return
	}
	*reply = true
	return
}
Beispiel #2
0
func (self *cmd_master) Run(line []string) (err error) {
	pass1, err := self.mmi.ReadPassword("Please enter the new master password")
	if err != nil {
		return
	}
	if pass1 == "" {
		err = errors.Newf("Cancelled")
		return
	}

	pass2, err := self.mmi.ReadPassword("Please enter the new master password (again)")
	if err != nil {
		return
	}

	if pass1 != pass2 {
		err = errors.Newf("Passwords don't match")
		return
	}

	var changed bool
	err = self.server.SetMaster(pass1, &changed)
	if err != nil {
		return
	}

	if !changed {
		err = errors.Newf("Could not change master")
	}

	return
}
Beispiel #3
0
func (self *config) rawValue(file string, section string, key string) (result string, err error) {
	f, err := self.findFile(file)
	if err != nil {
		return
	}

	var ok bool
	var sec *rc.Section
	if section == "" {
		sec = f.Anonymous
		if sec == nil {
			return "", errors.Newf("No anonymous section in file %s", section, f.Name)
		}
	} else {
		sec, ok = f.Sections[section]
		if !ok {
			return "", errors.Newf("Unknown section [%s] in file %s", section, f.Name)
		}
	}
	result, ok = sec.Resources[key]
	if !ok {
		return "", errors.Newf("Unknown key %s in section [%s] of file %s", key, section, f.Name)
	}
	return
}
Beispiel #4
0
func (self *parse_generator_context) parse_ingredient() (err error) {
	self.last_ingredient = ""
	for self.index < len(self.source) {
		switch b := self.source[self.index]; b {
		case 'a':
			self.last_ingredient = self.last_ingredient + letters
			self.index++
		case 'n':
			self.last_ingredient = self.last_ingredient + figures
			self.index++
		case 's':
			self.last_ingredient = self.last_ingredient + symbols
			self.index++
		case '+':
			self.index++
			break
		default:
			err = errors.Newf("expected one of 'a', 'n', 's', '+'; not '%v'", rune(b))
			break
		}
	}
	if err == nil && self.last_ingredient == "" {
		if self.last_quantity == 0 {
			err = errors.Newf("expected ingredient or quantity at %d", self.index)
		} else {
			err = errors.Newf("expected ingredient at %d", self.index)
		}
	}
	return
}
Beispiel #5
0
func (self *properties) setProperty(key, value string) (err error) {
	for k, mandatory := range self.allowed {
		if k == key {
			if value == "" && mandatory {
				err = errors.Newf("cannot reset '%s': mandatory property", key)
			} else {
				self.properties[key] = value
			}
			return
		}
	}
	return errors.Newf("key not allowed: %s", key)
}
Beispiel #6
0
func (self *serverImpl) Get(name string, reply *string) (err error) {
	log.Printf("Get(name='%s')", name)
	if !self.vault.IsOpen() {
		return errors.Newf("Vault is not open: cannot get %s", name)
	}
	key, err := self.vault.Item(name)
	if err != nil {
		return
	}
	if key == nil || key.IsDeleted() {
		return errors.Newf("Unknown key %s", name)
	}
	*reply = key.Password()
	return
}
Beispiel #7
0
func (self *remoter) readRemote(name string) (result Remote, err error) {
	method, err := self.config.Eval(name+".rc", "remote", "method", nil)
	if err != nil {
		return
	}
	switch method {
	case "curl":
		result, err = newCurl(name, self.server, self.config, self)
	case "":
		err = errors.Newf("Unknown remote: %s", name)
	default:
		err = errors.Newf("Unknown remote method: %s", method)
	}
	return
}
Beispiel #8
0
// Go to the next character, if possible.
func (self *FileContent) Next() error {
	if self.index > len(self.data) {
		return errors.Newf("cannot go next, index out of range: %d > %d", self.index, len(self.data))
	}
	self.index++
	return nil
}
Beispiel #9
0
func (self *curl) arguments(option, file, request string) (result []string, err error) {
	url := self.getProperty("url")
	if url == "" {
		err = errors.Newf("missing remote vault url")
		return
	}
	result = []string{"-#", option, file, url}
	user := self.getProperty("user")
	passkey := self.getProperty("passkey")
	if user != "" {
		if passkey == "" {
			result = append(result, "-u", user)
		} else {
			var pass string
			err = self.server.Get(passkey, &pass)
			if err != nil {
				return
			}
			result = append(result, "-u", fmt.Sprintf("%s:%s", user, escape_pass_url(pass)))
		}
	}
	if request != "" {
		result = append(result, "--request", request)
	}
	return
}
Beispiel #10
0
func (self *vault) Item(name string) (result Key, err error) {
	result, ok := self.data[name]
	if !ok {
		err = errors.Newf("Unknown key: %s", name)
	}
	return
}
Beispiel #11
0
// Go to the previous character, if possible.
func (self *FileContent) Back() error {
	if self.index < 0 {
		return errors.Newf("cannot go back, index out of range: %d < 0", self.index)
	}
	self.index--
	return nil
}
Beispiel #12
0
func (self *cmd_save) Run(line []string) (err error) {
	var remoteName string
	if len(line) > 1 {
		remoteName = line[1]
	} else {
		remoteName = ""
	}

	remote, err := self.remoter.Remote(remoteName)
	if err != nil {
		return
	}

	vault_path, err := self.config.VaultPath()
	if err != nil {
		return
	}

	var saved bool
	err = self.server.Save(true, &saved)
	if err != nil {
		return
	}
	if !saved {
		err = errors.Newf("Could not save vault")
		return
	}

	err = remote.SaveVault(vault_path)

	return
}
Beispiel #13
0
// The current character.
func (self *FileContent) Current() (result rune, err error) {
	if !self.IsValid() {
		return 0, errors.Newf("invalid current character at index %d", self.index)
	}
	result = self.data[self.index]
	return
}
Beispiel #14
0
func (self *properties) resetProperty(key string) (err error) {
	if self.allowed[key] {
		err = errors.Newf("cannot reset '%s': mandatory property", key)
	} else {
		delete(self.properties, key)
	}
	return
}
Beispiel #15
0
func (self *serverImpl) List(filter string, reply *[]string) (err error) {
	log.Printf("List(filter='%s')", filter)
	if !self.vault.IsOpen() {
		return errors.Newf("Vault is not open: cannot list")
	}
	*reply, err = self.vault.List(filter)
	return
}
Beispiel #16
0
func (self *vault) SetMaster(master string) (err error) {
	if master == "" {
		err = errors.Newf("empty master not allowed")
	} else {
		self.master = master
		self.dirty = true
	}
	return
}
Beispiel #17
0
func (self *serverImpl) Open(master string, reply *bool) (err error) {
	log.Printf("Open(master='***')")
	if self.vault.IsOpen() {
		return errors.Newf("Vault is already open: cannot open")
	}
	err = self.vault.Open(master, self.config)
	*reply = err == nil
	return
}
Beispiel #18
0
func (self *serverImpl) Unset(key string, reply *bool) (err error) {
	log.Printf("Unset(key='%s')", key)
	if !self.vault.IsOpen() {
		return errors.Newf("Vault is not open: cannot unset")
	}
	err = self.vault.Unset(key)
	*reply = err == nil
	return
}
Beispiel #19
0
func (self *serverImpl) SetMaster(master string, reply *bool) (err error) {
	log.Printf("SetMaster(master='***')")
	if !self.vault.IsOpen() {
		return errors.Newf("Vault is not open: cannot set master")
	}
	err = self.vault.SetMaster(master)
	if err == nil {
		*reply = true
	}
	return
}
Beispiel #20
0
func (self *serverImpl) Save(force bool, reply *bool) (err error) {
	log.Printf("Save(force=%t)", force)
	if !self.vault.IsOpen() {
		return errors.Newf("Vault is not open: cannot save")
	}
	err = self.vault.Save(force, self.config)
	if err != nil {
		return
	}
	*reply = true
	return
}
Beispiel #21
0
func read(file string, dirs []string) (result io.ReadCloser, name string, err error) {
	if strings.ContainsRune(file, '/') {
		result, err = os.Open(file)
		if err == nil {
			name = file
			return
		}
		err = errors.Newf("Could not find file %s", file)
	} else {
		for _, dir := range dirs {
			path := fmt.Sprintf("%s/gate/%s", dir, file)
			result, err = os.Open(path)
			if err == nil {
				name = path
				return
			}
		}
		err = errors.Newf("Could not find file %s (looked in %s/gate)", file, strings.Join(dirs, "/gate, "))
	}
	return
}
Beispiel #22
0
func (self *cmd_add) Run(line []string) (err error) {
	var arg server.SetArgs
	switch len(line) {
	case 2:
		arg, err = self.generateArgs(line[1], "")
	case 3:
		action := line[2]
		switch action {
		case "generate":
			arg, err = self.generateArgs(line[1], "")
		case "prompt":
			arg, err = self.promptArgs(line[1])
		default:
			err = errors.Newf("Unrecognized argument: '%s'", action)
		}
	case 4:
		recipe := line[3]
		action := line[2]
		switch action {
		case "generate":
			arg, err = self.generateArgs(line[1], recipe)
		default:
			err = errors.Newf("Unrecognized argument: '%s'", action)
		}
	default:
		err = errors.New("Invalid arguments")
	}
	if err != nil {
		return
	}

	var pass string
	err = self.server.Set(arg, &pass)
	if err != nil {
		return
	}

	err = self.mmi.Xclip(pass)
	return
}
Beispiel #23
0
func (self *scp) arguments() (result []string, err error) {
	remote_file := self.getProperty("file")
	url := remote_file
	if remote_file == "" {
		err = errors.Newf("missing remote vault file")
		return
	}
	user := self.getProperty("user")
	host := self.getProperty("host")
	if host != "" {
		if user == "" {
			url = fmt.Sprintf("%s:%s", host, remote_file)
		} else {
			url = fmt.Sprintf("%s@%s:%s", user, host, remote_file)
		}
	} else if user != "" {
		err = errors.Newf("user without host")
		return
	}
	options := self.getProperty("options")
	result = append(strings.Split(options, " "), url)
	return
}
Beispiel #24
0
func (self *cmd_remote) Run(line []string) (err error) {
	var cmd Command
	if len(line) > 1 {
		cmd = self.Command(line[1])
		if cmd == nil {
			err = errors.Newf("unknown remote command: %s", line[0])
			return
		}
	} else {
		cmd = self.Default()
	}
	err = cmd.Run(line)
	return
}
Beispiel #25
0
// Skip the given symbol.
func (self *FileContent) SkipSymbol(symbol string) (result string, err error) {
	for _, c := range symbol {
		k, err := self.Current()
		if err == nil {
			if k != c {
				return "", errors.Newf("Expected symbol: '%s'", symbol)
			}
		} else {
			return "", err
		}
		self.Next()
	}
	result = symbol
	return
}
Beispiel #26
0
func checkdir(dirname string) (result string, err error) {
	result = dirname
	info, err := os.Stat(dirname)
	if err == nil {
		if !info.IsDir() {
			err = errors.Newf("%s is not a directory", dirname)
		}
	} else {
		err = os.MkdirAll(dirname, os.ModeDir|0700)
		if err != nil {
			err = errors.Decorated(err)
		}
	}
	return
}
Beispiel #27
0
func (self *vault) save(config core.Config) (err error) {
	outstream, err := self.out()
	if err != nil {
		return errors.Decorated(err)
	}
	defer outstream.Close()

	cipher, err := config.Eval("", "vault", "openssl.cipher", os.Getenv)
	if err != nil {
		return err
	}

	pipe := make(chan io.WriteCloser, 1)

	prepare := func(cmd *exec.Cmd) (err error) {
		cmd.Env = append(os.Environ(), fmt.Sprintf("VAULT_MASTER=%s", self.master))
		cmd.Stdout = outstream
		p, err := cmd.StdinPipe()
		if err != nil {
			return errors.Decorated(err)
		}
		pipe <- p
		return
	}

	run := func(cmd *exec.Cmd) (err error) {
		p := <-pipe
		for _, k := range self.data {
			code := k.Encoded()
			n, err := p.Write([]byte(code))
			if err != nil {
				return errors.Decorated(err)
			}
			if n < len(code) {
				return errors.Newf("Incomplete write")
			}
		}
		err = p.Close()
		if err != nil {
			return errors.Decorated(err)
		}
		return
	}

	err = exec.Command(prepare, run, "openssl", cipher, "-a", "-pass", "env:VAULT_MASTER")

	return
}
Beispiel #28
0
func (self *serverImpl) Set(args server.SetArgs, reply *string) (err error) {
	log.Printf("Set(key='%s', ...)", args.Key)
	if !self.vault.IsOpen() {
		return errors.Newf("Vault is not open: cannot set")
	}
	if args.Recipe != "" {
		err = self.vault.SetRandom(args.Key, args.Recipe)
	} else {
		err = self.vault.SetPass(args.Key, args.Pass)
	}
	if err != nil {
		return
	}
	err = self.Get(args.Key, reply)
	return
}
Beispiel #29
0
func (self *cmd_merge) Run(line []string) (err error) {
	var remoteName string
	if len(line) > 1 {
		remoteName = line[1]
	} else {
		remoteName = ""
	}

	remote, err := self.remoter.Remote(remoteName)
	if err != nil {
		return
	}

	xdg, err := self.config.Xdg()
	if err != nil {
		return
	}

	dir, err := xdg.RuntimeDir()
	if err != nil {
		return
	}

	merge_vault := fmt.Sprintf("%s/merge_vault", dir)

	err = remote.LoadVault(merge_vault)
	if err != nil {
		return
	}

	pass, err := self.mmi.ReadPassword(`Please enter the encryption phrase
to the remote vault`)
	if err != nil {
		return
	}

	if pass != "" {
		var merged bool
		err = self.server.Merge(server.MergeArgs{merge_vault, pass}, &merged)
		if err != nil {
			return
		}
		if !merged {
			err = errors.Newf("Could not merge %s", merge_vault)
			return
		}

		cmd := self.commander.Command("save")
		err = cmd.Run(line)
		if err != nil {
			return
		}

		var vault_path string
		vault_path, err = self.config.VaultPath()
		if err != nil {
			return
		}

		err = remote.SaveVault(vault_path)
	}

	return
}