Репозиторий Sisyphus
Последнее обновление: 1 октября 2023 | Пакетов: 18631 | Посещений: 37777794
en ru br
Репозитории ALT
S:0.1-alt2
5.1: 0.1-alt2
www.altlinux.org/Changes

Группа :: Система/Настройка/Прочее
Пакет: alterator-pkcs11

 Главная   Изменения   Спек   Патчи   Исходники   Загрузить   Gear   Bugs and FR  Repocop 

pax_global_header00006660000000000000000000000064112604013170014505gustar00rootroot0000000000000052 comment=01083941ef8aa0a1c81c7a99343dd716f0756f24
alterator-pkcs11-0.1/000075500000000000000000000000001126040131700144405ustar00rootroot00000000000000alterator-pkcs11-0.1/.gear/000075500000000000000000000000001126040131700154345ustar00rootroot00000000000000alterator-pkcs11-0.1/.gear/rules000064400000000000000000000000071126040131700165060ustar00rootroot00000000000000tar: .
alterator-pkcs11-0.1/Makefile000064400000000000000000000002031126040131700160730ustar00rootroot00000000000000NAME=pkcs11

INSTALL=/usr/bin/install

all:
clean: clean-po
install: install-module

include /usr/share/alterator/build/module.mak
alterator-pkcs11-0.1/alterator-pkcs11.spec000064400000000000000000000014571126040131700204200ustar00rootroot00000000000000# vim: set ft=spec: -*- rpm-spec -*-

Name: alterator-pkcs11
Version: 0.1
Release: alt2

Summary: PKCS#11 user certificate manager
Group: System/Configuration/Other
License: GPL

BuildArch: noarch

Source: %name-%version.tar

Requires: alterator >= 4.6-alt3
Requires: alterator-l10n >= 2.7-alt11
Conflicts: alterator-fbi < 5.7-alt4

BuildPreReq: alterator >= 4.6-alt3

%description
PKCS#11 user certificate management module.

%prep
%setup

%build
%make_build

%install
%makeinstall

%files
%_datadir/alterator/applications/*
%_datadir/alterator/ui/*
%_alterator_backend3dir/*

%changelog
* Tue Sep 29 2009 Alexey I. Froloff <raorn@altlinux.org> 0.1-alt2
- Fixed description (closes: #21771)
- Added translations via alterator-l10n

* Sun Sep 27 2009 Alexey I. Froloff <raorn@altlinux.org> 0.1-alt1
- Initial build
alterator-pkcs11-0.1/applications/000075500000000000000000000000001126040131700171265ustar00rootroot00000000000000alterator-pkcs11-0.1/applications/pkcs11.desktop000064400000000000000000000003411126040131700216210ustar00rootroot00000000000000[Desktop Entry]
Type=Application
Categories=X-Alterator-Users
Terminal=false
Name=PKCS#11 Certificates
Icon=pkcs11
X-Alterator-URI=/pkcs11
X-Alterator-Weight=20
X-Alterator-Help=pkcs11
Name[ru]=п║п╣я─я┌п╦я└п╦п╨п╟я┌я▀ PKCS#11
alterator-pkcs11-0.1/backend3/000075500000000000000000000000001126040131700161125ustar00rootroot00000000000000alterator-pkcs11-0.1/backend3/pkcs11000075500000000000000000000111501126040131700171400ustar00rootroot00000000000000#!/bin/sh

po_domain="alterator-pkcs11"
alterator_api_version=1

. alterator-sh-functions
. shell-signal
. shell-quote

cleanup_function()
{
	[ -z "$tmpdir" ] ||
		rm -rf -- "$tmpdir"
}

tmpdir="$(mktemp -dt "${0##*/}.XXXXXXXX")"
set_cleanup_handler cleanup_function

mount_dir="/mnt/${0##*/}"
cert_dir="/etc/security/pam_pkcs11/cacerts"

### physical device setup

__read_var()
{
	local line="$1";shift
	local name="$1";shift
	local v="${line#* $name=\"}"
	echo "${v%%\"*}"
}

__read_priority()
{
	local dev_name="$1";shift
	if [ -d "/sys/class/block/$dev_name/md" ];then
		echo "2"
	elif [ -d "/sys/devices/virtual/block/$dev_name" ];then
		echo "1"
	else
		echo "0"
	fi
}

__list_partitions()
{
	local line= fs_uuid= fs_type=
	local dev_major_minor= dev_name= dev_priority=
	blkid -c /dev/null|
		while read line; do
			dev_name="${line%%:*}"
			dev_name="$(udevadm info --query name --name "$dev_name")"
			dev_major_minor="$(cat /sys/class/block/$dev_name/dev)"

			fs_uuid="$(__read_var "$line" UUID)"
			fs_type="$(__read_var "$line" TYPE)"

			case "$fs_type" in
				ext2|ext3|ext4|xfs|ntfs|vfat) ;;
				*) continue ;;
			esac

			dev_priority="$(__read_priority "$dev_name")"

			printf '%s\t%s\t%s\t%s\t%s\n' \
				"$dev_major_minor" \
				"$fs_uuid" "$dev_name" "$dev_priority" \
				"$fs_type"
		done|
			sort -k1,1
}

__read_major_minor()
{
	local data="$(stat -L -c '%t:%T' "$1")"
	local major="${data%:*}"
	local minor="${data#*:}"

	printf '%s:%s' "$((0x$major))" "$((0x$minor))"
}

__list_mpoints()
{
	local device= mpoint= line= uuid= tags=
	while read device mpoint line; do
		[ -b "$device" ] || continue

		printf '%s\t%s\n' "$(__read_major_minor "$device")" "$mpoint"
	done </proc/mounts|
		sort -k1,1
}

__device_list()
{
	local tempfile="$(mktemp -t scan-partitions.XXXX)"

	__list_mpoints >"$tempfile"
	__list_partitions|
		join -a1 -j1 -  "$tempfile"|
			awk '
{
	id=$2;
	dv=$3;
	pr=$4;
	fs=$5;
	mp=$6;

	if (mp) pr+=4;
	if (pr >= pr_list[id]) { pr_list[id]=pr; mp_list[id]=mp; fs_list[id]=fs; dv_list[id]=dv } 
}
END { for (i in dv_list) { printf "%s\t%s\t%s\t%s\n",i,dv_list[i],fs_list[i],mp_list[i]; } }
'
	rm -f -- "$tempfile"
}

cert_cn()
{
	local file="$1"
	local subj cn

	subj="$(openssl x509 -in "$file" -noout -subject)"
	[ -n "$subj" -a -z "${subj##*/CN=*}" ] || return
	cn="${subj##*/CN=}"
	cn="${cn%%/*}"

	printf '%s' "$cn"
}

__fetch_certs()
{
	local dev="$1" dir="$2"
	local file cn

	find -L "$dir" -maxdepth 1 -mindepth 1 -type f -name '*.pem' -printf '%P\n' |
		while read file; do
			[ -f "$dir/$file" ] || continue
			openssl verify -CAfile "$dir/$file" "$dir/$file" >&2 || continue
			cn="$(cert_cn "$dir/$file"| tr -cs 'A-Za-z0-9_-' _)"
			[ -n "$cn" ] || continue

			cat "$dir/$file" > "$tmpdir/$dev-$file"
		done
}

update_cert_cache()
{
	local uuid dev fs mp need_umount

	find "$tmpdir" -type f -delete
	__device_list|
		while read uuid dev fs mp; do
			need_umount=

			if [ -z "$mp" ]; then
				mp="$mount_dir"
				mkdir -p -- "$mp"
				[ "$fs" != "ntfs" ] || fs="ntfs-3g"

				mount -t "$fs" -r "/dev/$dev" "$mp" >&2 || continue
				need_umount=1
			fi

			__fetch_certs "$dev" "$mp"

			[ -z "$need_umount" ] ||
				umount "$mp"
		done
}

update_cert_cache >/dev/null
c_rehash "$cert_dir" >/dev/null

on_message() {
	local cn subj tmp_passwd username dir file line

	set | grep '^in_'
	case "$in_action" in
		list)
			dir=

			case "$in__objects" in
				avail_certs)
					dir="$tmpdir"
					;;
				certs)
					dir="$cert_dir"
					;;
			esac

			[ -n "$dir" ] || return

			find -L "$dir" -maxdepth 1 -mindepth 1 -type f -name '*.pem' -printf '%P\n' |
				while read file; do
					cn="$(cert_cn "$dir/$file")"
					subj="$(openssl x509 -in "$dir/$file" -noout -subject 2>/dev/null | cut -d= -f 2- | sed 's,\(^[[:blank:]]\+\|[[:blank:]]\+$\),,g')"
					tmp_passwd="$(mktemp -t)"
					getent passwd > "$tmp_passwd"
					username=
					while read line; do
						case "$line" in
							*:*:*:*:"$cn":*:*)
								username="${line%%:*}"
								break
								;;
						esac
					done <"$tmp_passwd"
					rm -f -- "$tmp_passwd"

					write_table_item \
						name "$file" \
						subject "$subj" \
						user "$username"
				done
			;;
		read)
			;;
		write)
			case "$in__objects" in
				avail_certs)
					if [ -n "$in_refresh" ]; then
						update_cert_cache
					elif [ -n "$in_add" -a -n "$in_cert" ]; then
						cn="$(cert_cn "$tmpdir/$in_cert"| tr -cs 'A-Za-z0-9_-' _)"
						cat "$tmpdir/$in_cert" > "$cert_dir/$cn.pem"
						c_rehash "$cert_dir"
					fi
					;;
				certs)
					if [ -n "$in_delete" -a -n "$in_cert" ]; then
						rm -f "$cert_dir/$in_cert"
						c_rehash "$cert_dir"
					fi
					;;
			esac
			;;
	esac
}

message_loop
# vim: set ts=4:
alterator-pkcs11-0.1/ui/000075500000000000000000000000001126040131700150555ustar00rootroot00000000000000alterator-pkcs11-0.1/ui/pkcs11/000075500000000000000000000000001126040131700161575ustar00rootroot00000000000000alterator-pkcs11-0.1/ui/pkcs11/add/000075500000000000000000000000001126040131700167075ustar00rootroot00000000000000alterator-pkcs11-0.1/ui/pkcs11/add/index.scm000064400000000000000000000016341126040131700205260ustar00rootroot00000000000000(document:surround "/std/frame")

(define (ui-update-certs)
  (woo-write "/pkcs11/avail_certs"
	     'refresh #t)
  (form-update-enum "certs" (woo-list "/pkcs11/avail_certs")))

(define (on-add)
  (woo-catch/message
    (lambda ()
      (woo-write "/pkcs11/avail_certs"
		 'add #t
		 'cert (form-value "certs"))
      (ui-update-certs))))

(define (on-done)
  (document:end))

;margin 5
width 600
height 250

(gridbox
  columns "90;10" 

  (label text (_ "Available certificates:"))
  (spacer)

  (listbox columns 3
	   name "certs"
	   row '#((name . "") (subject . "") (user . ""))
	   header (vector (_ "File") (_ "Subject") (_ "User")))

  (gridbox
    columns "100"
    align "top"

    (button text (_ "Refresh") (when clicked (ui-update-certs)))
    (button text (_ "Add") (when clicked (on-add)))
    (button text (_ "Done") (when clicked (on-done))))
  (spacer))


(document:root
  (when loaded (ui-update-certs)))
alterator-pkcs11-0.1/ui/pkcs11/index.scm000064400000000000000000000015611126040131700177750ustar00rootroot00000000000000(document:surround "/std/frame")

(define (ui-update-certs)
  (form-update-enum "certs" (woo-list "/pkcs11/certs")))

(define (on-delete)
  (woo-catch/message
    (lambda ()
      (woo-write "/pkcs11/certs"
		 'delete #t
		 'cert (form-value "certs"))
      (ui-update-certs))))

(define (on-add)
  (form-popup "/pkcs11/add")
  (ui-update-certs))

margin 20

(gridbox
  columns "90;10" 

  (label text (_ "Installed certificates:"))
  (spacer)

  (listbox columns 3
	   name "certs"
	   row '#((name . "") (subject . "") (user . ""))
	   header (vector (_ "File") (_ "Subject") (_ "User")))

  (gridbox
    columns "100"
    align "top"

    (button text (_ "Refresh") (when clicked (ui-update-certs)))
    (button text (_ "Delete") (when clicked (on-delete)))
    (button text (_ "Add...") (when clicked (on-add))))
  (spacer))


(document:root
  (when loaded (ui-update-certs)))
 
дизайн и разработка: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
текущий майнтейнер: Michael Shigorin