// Start a server on localhost, listening on the given port
func Start(config core.Config) (result ServerLocal, err error) {
log.Printf("Starting...")
vault_path, err := config.VaultPath()
if err != nil {
return
}
srv := &serverImpl{
vault: newVault(vault_path),
config: config,
status: make(chan int),
running: true,
}
srv.channel = channel.HttpChannelServer(config, srv)
err = srv.channel.Bind()
if err != nil {
return
}
result = &serverLocal{
server: srv,
}
log.Printf("Started.")
return
}
func displayMenu(config core.Config, srv server.Server, list []string) (err error) {
command, err := config.Eval("", "menu", "command", os.Getenv)
if err != nil {
return
}
arguments, err := config.Eval("", "menu", "arguments", nil)
if err != nil {
return
}
barrier := make(chan error)
pipe := make(chan io.WriteCloser, 1)
prepare := func(cmd *exec.Cmd) (err error) {
p, err := cmd.StdinPipe()
if err != nil {
return errors.Decorated(err)
}
out, err := cmd.StdoutPipe()
if err != nil {
return errors.Decorated(err)
}
mmi, err := ui.Ui(srv, config)
if err != nil {
return
}
go clipboard(mmi, out, barrier)
pipe <- p
return
}
run := func(cmd *exec.Cmd) (err error) {
p := <-pipe
for _, entry := range list {
p.Write([]byte(entry + "\n"))
}
err = p.Close()
if err != nil {
return errors.Decorated(err)
}
e := <-barrier
if e != io.EOF {
err = errors.Decorated(e)
}
return
}
err = exec.Command(prepare, run, "bash", "-c", fmt.Sprintf("%s %s", command, arguments))
return
}
func networkConfig(config core.Config) (host, port string) {
var e error
host, e = config.Eval("", "connection", "host", os.Getenv)
if e != nil {
host = "127.0.0.1"
}
port, e = config.Eval("", "connection", "port", os.Getenv)
if e != nil {
port = "8532"
}
return
}
func (self *vault) save(config core.Config) (err error) {
outstream, err := self.out()
if err != nil {
return errors.Decorated(err)
}
defer outstream.Close()
cipher, err := config.Eval("", "vault", "openssl.cipher", os.Getenv)
if err != nil {
return err
}
pipe := make(chan io.WriteCloser, 1)
prepare := func(cmd *exec.Cmd) (err error) {
cmd.Env = append(os.Environ(), fmt.Sprintf("VAULT_MASTER=%s", self.master))
cmd.Stdout = outstream
p, err := cmd.StdinPipe()
if err != nil {
return errors.Decorated(err)
}
pipe <- p
return
}
run := func(cmd *exec.Cmd) (err error) {
p := <-pipe
for _, k := range self.data {
code := k.Encoded()
n, err := p.Write([]byte(code))
if err != nil {
return errors.Decorated(err)
}
if n < len(code) {
return errors.Newf("Incomplete write")
}
}
err = p.Close()
if err != nil {
return errors.Decorated(err)
}
return
}
err = exec.Command(prepare, run, "openssl", cipher, "-a", "-pass", "env:VAULT_MASTER")
return
}
func (self *vault) Open(master string, config core.Config) (err error) {
instream, err := self.in()
if err != nil {
return errors.Decorated(err)
}
defer instream.Close()
cipher, err := config.Eval("", "vault", "openssl.cipher", os.Getenv)
if err != nil {
return
}
barrier := make(chan error)
prepare := func(cmd *exec.Cmd) (err error) {
cmd.Env = append(os.Environ(), fmt.Sprintf("VAULT_MASTER=%s", master))
cmd.Stdin = instream
out, err := cmd.StdoutPipe()
if err != nil {
return errors.Decorated(err)
}
go self.decode(self, out, barrier)
return
}
run := func(cmd *exec.Cmd) (err error) {
e := <-barrier
if e != io.EOF {
err = errors.Decorated(e)
}
return
}
err = exec.Command(prepare, run, "openssl", cipher, "-d", "-a", "-pass", "env:VAULT_MASTER")
if err != nil {
return
}
self.master = master
self.open = true
return
}
func openVault(srv server.Server, config core.Config) (err error) {
xdg, err := config.Xdg()
if err != nil {
return
}
data_home, err := xdg.DataHome()
if err != nil {
return
}
vault_path := fmt.Sprintf("%s/vault", data_home)
vault_info, err := os.Stat(vault_path)
if err != nil {
return errors.Decorated(err)
}
mmi, err := ui.Ui(srv, config)
if err != nil {
return
}
var master string
if vault_info == nil {
master, err = readNewMaster(mmi, "This is a new vault")
if err != nil {
return
}
} else {
master, err = mmi.ReadPassword("Please enter your encryption phrase\nto open the password vault.")
if err != nil {
return
}
}
var isopen bool
err = srv.Open(master, &isopen)
if err != nil {
return
}
if !isopen {
return errors.New("Could not open vault")
}
return
}
func newScp(name string, srv server.Server, config core.Config, remoter Remoter) (Remote, error) {
result := &scp{
properties{
allowed: ScpAllowedKeys,
properties: make(map[string]string),
},
srv,
remoter,
name,
nil,
}
file := name + ".rc"
for key, mandatory := range ScpAllowedKeys {
value, err := config.Eval(file, "remote", key, os.Getenv)
if err != nil && mandatory {
return nil, err
}
if value != "" {
result.properties.setProperty(key, value)
}
}
return result, nil
}