func (self *serverImpl) Merge(args server.MergeArgs, reply *bool) (err error) {
log.Printf("Merge(vault='%s', master='***')", args.Vault)
if !self.vault.IsOpen() {
return errors.Newf("Vault is not open: cannot merge")
}
vault := newVault(args.Vault)
err = vault.Open(args.Master, self.config)
if err != nil {
return
}
if !vault.IsOpen() {
return errors.Newf("Merge vault is not open: cannot merge")
}
err = self.vault.Merge(vault)
if err != nil {
vault.Close(self.config)
return
}
err = vault.Close(self.config)
if err != nil {
return
}
*reply = true
return
}
func (self *cmd_master) Run(line []string) (err error) {
pass1, err := self.mmi.ReadPassword("Please enter the new master password")
if err != nil {
return
}
if pass1 == "" {
err = errors.Newf("Cancelled")
return
}
pass2, err := self.mmi.ReadPassword("Please enter the new master password (again)")
if err != nil {
return
}
if pass1 != pass2 {
err = errors.Newf("Passwords don't match")
return
}
var changed bool
err = self.server.SetMaster(pass1, &changed)
if err != nil {
return
}
if !changed {
err = errors.Newf("Could not change master")
}
return
}
func (self *config) rawValue(file string, section string, key string) (result string, err error) {
f, err := self.findFile(file)
if err != nil {
return
}
var ok bool
var sec *rc.Section
if section == "" {
sec = f.Anonymous
if sec == nil {
return "", errors.Newf("No anonymous section in file %s", section, f.Name)
}
} else {
sec, ok = f.Sections[section]
if !ok {
return "", errors.Newf("Unknown section [%s] in file %s", section, f.Name)
}
}
result, ok = sec.Resources[key]
if !ok {
return "", errors.Newf("Unknown key %s in section [%s] of file %s", key, section, f.Name)
}
return
}
func (self *parse_generator_context) parse_ingredient() (err error) {
self.last_ingredient = ""
for self.index < len(self.source) {
switch b := self.source[self.index]; b {
case 'a':
self.last_ingredient = self.last_ingredient + letters
self.index++
case 'n':
self.last_ingredient = self.last_ingredient + figures
self.index++
case 's':
self.last_ingredient = self.last_ingredient + symbols
self.index++
case '+':
self.index++
break
default:
err = errors.Newf("expected one of 'a', 'n', 's', '+'; not '%v'", rune(b))
break
}
}
if err == nil && self.last_ingredient == "" {
if self.last_quantity == 0 {
err = errors.Newf("expected ingredient or quantity at %d", self.index)
} else {
err = errors.Newf("expected ingredient at %d", self.index)
}
}
return
}
func (self *properties) setProperty(key, value string) (err error) {
for k, mandatory := range self.allowed {
if k == key {
if value == "" && mandatory {
err = errors.Newf("cannot reset '%s': mandatory property", key)
} else {
self.properties[key] = value
}
return
}
}
return errors.Newf("key not allowed: %s", key)
}
func (self *serverImpl) Get(name string, reply *string) (err error) {
log.Printf("Get(name='%s')", name)
if !self.vault.IsOpen() {
return errors.Newf("Vault is not open: cannot get %s", name)
}
key, err := self.vault.Item(name)
if err != nil {
return
}
if key == nil || key.IsDeleted() {
return errors.Newf("Unknown key %s", name)
}
*reply = key.Password()
return
}
func (self *remoter) readRemote(name string) (result Remote, err error) {
method, err := self.config.Eval(name+".rc", "remote", "method", nil)
if err != nil {
return
}
switch method {
case "curl":
result, err = newCurl(name, self.server, self.config, self)
case "":
err = errors.Newf("Unknown remote: %s", name)
default:
err = errors.Newf("Unknown remote method: %s", method)
}
return
}
// Go to the next character, if possible.
func (self *FileContent) Next() error {
if self.index > len(self.data) {
return errors.Newf("cannot go next, index out of range: %d > %d", self.index, len(self.data))
}
self.index++
return nil
}
func (self *curl) arguments(option, file, request string) (result []string, err error) {
url := self.getProperty("url")
if url == "" {
err = errors.Newf("missing remote vault url")
return
}
result = []string{"-#", option, file, url}
user := self.getProperty("user")
passkey := self.getProperty("passkey")
if user != "" {
if passkey == "" {
result = append(result, "-u", user)
} else {
var pass string
err = self.server.Get(passkey, &pass)
if err != nil {
return
}
result = append(result, "-u", fmt.Sprintf("%s:%s", user, escape_pass_url(pass)))
}
}
if request != "" {
result = append(result, "--request", request)
}
return
}
func (self *vault) Item(name string) (result Key, err error) {
result, ok := self.data[name]
if !ok {
err = errors.Newf("Unknown key: %s", name)
}
return
}
// Go to the previous character, if possible.
func (self *FileContent) Back() error {
if self.index < 0 {
return errors.Newf("cannot go back, index out of range: %d < 0", self.index)
}
self.index--
return nil
}
func (self *cmd_save) Run(line []string) (err error) {
var remoteName string
if len(line) > 1 {
remoteName = line[1]
} else {
remoteName = ""
}
remote, err := self.remoter.Remote(remoteName)
if err != nil {
return
}
vault_path, err := self.config.VaultPath()
if err != nil {
return
}
var saved bool
err = self.server.Save(true, &saved)
if err != nil {
return
}
if !saved {
err = errors.Newf("Could not save vault")
return
}
err = remote.SaveVault(vault_path)
return
}
// The current character.
func (self *FileContent) Current() (result rune, err error) {
if !self.IsValid() {
return 0, errors.Newf("invalid current character at index %d", self.index)
}
result = self.data[self.index]
return
}
func (self *properties) resetProperty(key string) (err error) {
if self.allowed[key] {
err = errors.Newf("cannot reset '%s': mandatory property", key)
} else {
delete(self.properties, key)
}
return
}
func (self *serverImpl) List(filter string, reply *[]string) (err error) {
log.Printf("List(filter='%s')", filter)
if !self.vault.IsOpen() {
return errors.Newf("Vault is not open: cannot list")
}
*reply, err = self.vault.List(filter)
return
}
func (self *vault) SetMaster(master string) (err error) {
if master == "" {
err = errors.Newf("empty master not allowed")
} else {
self.master = master
self.dirty = true
}
return
}
func (self *serverImpl) Open(master string, reply *bool) (err error) {
log.Printf("Open(master='***')")
if self.vault.IsOpen() {
return errors.Newf("Vault is already open: cannot open")
}
err = self.vault.Open(master, self.config)
*reply = err == nil
return
}
func (self *serverImpl) Unset(key string, reply *bool) (err error) {
log.Printf("Unset(key='%s')", key)
if !self.vault.IsOpen() {
return errors.Newf("Vault is not open: cannot unset")
}
err = self.vault.Unset(key)
*reply = err == nil
return
}
func (self *serverImpl) SetMaster(master string, reply *bool) (err error) {
log.Printf("SetMaster(master='***')")
if !self.vault.IsOpen() {
return errors.Newf("Vault is not open: cannot set master")
}
err = self.vault.SetMaster(master)
if err == nil {
*reply = true
}
return
}
func (self *serverImpl) Save(force bool, reply *bool) (err error) {
log.Printf("Save(force=%t)", force)
if !self.vault.IsOpen() {
return errors.Newf("Vault is not open: cannot save")
}
err = self.vault.Save(force, self.config)
if err != nil {
return
}
*reply = true
return
}
func read(file string, dirs []string) (result io.ReadCloser, name string, err error) {
if strings.ContainsRune(file, '/') {
result, err = os.Open(file)
if err == nil {
name = file
return
}
err = errors.Newf("Could not find file %s", file)
} else {
for _, dir := range dirs {
path := fmt.Sprintf("%s/gate/%s", dir, file)
result, err = os.Open(path)
if err == nil {
name = path
return
}
}
err = errors.Newf("Could not find file %s (looked in %s/gate)", file, strings.Join(dirs, "/gate, "))
}
return
}
func (self *cmd_add) Run(line []string) (err error) {
var arg server.SetArgs
switch len(line) {
case 2:
arg, err = self.generateArgs(line[1], "")
case 3:
action := line[2]
switch action {
case "generate":
arg, err = self.generateArgs(line[1], "")
case "prompt":
arg, err = self.promptArgs(line[1])
default:
err = errors.Newf("Unrecognized argument: '%s'", action)
}
case 4:
recipe := line[3]
action := line[2]
switch action {
case "generate":
arg, err = self.generateArgs(line[1], recipe)
default:
err = errors.Newf("Unrecognized argument: '%s'", action)
}
default:
err = errors.New("Invalid arguments")
}
if err != nil {
return
}
var pass string
err = self.server.Set(arg, &pass)
if err != nil {
return
}
err = self.mmi.Xclip(pass)
return
}
func (self *scp) arguments() (result []string, err error) {
remote_file := self.getProperty("file")
url := remote_file
if remote_file == "" {
err = errors.Newf("missing remote vault file")
return
}
user := self.getProperty("user")
host := self.getProperty("host")
if host != "" {
if user == "" {
url = fmt.Sprintf("%s:%s", host, remote_file)
} else {
url = fmt.Sprintf("%s@%s:%s", user, host, remote_file)
}
} else if user != "" {
err = errors.Newf("user without host")
return
}
options := self.getProperty("options")
result = append(strings.Split(options, " "), url)
return
}
func (self *cmd_remote) Run(line []string) (err error) {
var cmd Command
if len(line) > 1 {
cmd = self.Command(line[1])
if cmd == nil {
err = errors.Newf("unknown remote command: %s", line[0])
return
}
} else {
cmd = self.Default()
}
err = cmd.Run(line)
return
}
// Skip the given symbol.
func (self *FileContent) SkipSymbol(symbol string) (result string, err error) {
for _, c := range symbol {
k, err := self.Current()
if err == nil {
if k != c {
return "", errors.Newf("Expected symbol: '%s'", symbol)
}
} else {
return "", err
}
self.Next()
}
result = symbol
return
}
func checkdir(dirname string) (result string, err error) {
result = dirname
info, err := os.Stat(dirname)
if err == nil {
if !info.IsDir() {
err = errors.Newf("%s is not a directory", dirname)
}
} else {
err = os.MkdirAll(dirname, os.ModeDir|0700)
if err != nil {
err = errors.Decorated(err)
}
}
return
}
func (self *vault) save(config core.Config) (err error) {
outstream, err := self.out()
if err != nil {
return errors.Decorated(err)
}
defer outstream.Close()
cipher, err := config.Eval("", "vault", "openssl.cipher", os.Getenv)
if err != nil {
return err
}
pipe := make(chan io.WriteCloser, 1)
prepare := func(cmd *exec.Cmd) (err error) {
cmd.Env = append(os.Environ(), fmt.Sprintf("VAULT_MASTER=%s", self.master))
cmd.Stdout = outstream
p, err := cmd.StdinPipe()
if err != nil {
return errors.Decorated(err)
}
pipe <- p
return
}
run := func(cmd *exec.Cmd) (err error) {
p := <-pipe
for _, k := range self.data {
code := k.Encoded()
n, err := p.Write([]byte(code))
if err != nil {
return errors.Decorated(err)
}
if n < len(code) {
return errors.Newf("Incomplete write")
}
}
err = p.Close()
if err != nil {
return errors.Decorated(err)
}
return
}
err = exec.Command(prepare, run, "openssl", cipher, "-a", "-pass", "env:VAULT_MASTER")
return
}
func (self *serverImpl) Set(args server.SetArgs, reply *string) (err error) {
log.Printf("Set(key='%s', ...)", args.Key)
if !self.vault.IsOpen() {
return errors.Newf("Vault is not open: cannot set")
}
if args.Recipe != "" {
err = self.vault.SetRandom(args.Key, args.Recipe)
} else {
err = self.vault.SetPass(args.Key, args.Pass)
}
if err != nil {
return
}
err = self.Get(args.Key, reply)
return
}
func (self *cmd_merge) Run(line []string) (err error) {
var remoteName string
if len(line) > 1 {
remoteName = line[1]
} else {
remoteName = ""
}
remote, err := self.remoter.Remote(remoteName)
if err != nil {
return
}
xdg, err := self.config.Xdg()
if err != nil {
return
}
dir, err := xdg.RuntimeDir()
if err != nil {
return
}
merge_vault := fmt.Sprintf("%s/merge_vault", dir)
err = remote.LoadVault(merge_vault)
if err != nil {
return
}
pass, err := self.mmi.ReadPassword(`Please enter the encryption phrase
to the remote vault`)
if err != nil {
return
}
if pass != "" {
var merged bool
err = self.server.Merge(server.MergeArgs{merge_vault, pass}, &merged)
if err != nil {
return
}
if !merged {
err = errors.Newf("Could not merge %s", merge_vault)
return
}
cmd := self.commander.Command("save")
err = cmd.Run(line)
if err != nil {
return
}
var vault_path string
vault_path, err = self.config.VaultPath()
if err != nil {
return
}
err = remote.SaveVault(vault_path)
}
return
}