9 |
local webcrlf |
local webcrlf |
10 |
|
|
11 |
# print nothing if quiet mode was requested |
# print nothing if quiet mode was requested |
12 |
[[ ${QUIET} = true ]] && return |
[[ ${QUIET} = 1 ]] && return |
13 |
|
|
14 |
if [[ ${NOCOLORS} = true ]] |
if [[ ${NOCOLORS} = 1 ]] |
15 |
then |
then |
16 |
COLCYAN="" |
COLCYAN="" |
17 |
COLDEFAULT="" |
COLDEFAULT="" |
18 |
fi |
fi |
19 |
|
|
20 |
[[ ${WEBCRLF} = true ]] && webcrlf="<br>" |
[[ ${WEBCRLF} = 1 ]] && webcrlf="<br>" |
21 |
|
|
22 |
# respect -n |
# respect -n |
23 |
case $1 in |
case $1 in |
35 |
local opts |
local opts |
36 |
local webcrlf |
local webcrlf |
37 |
|
|
38 |
if [[ ${NOCOLORS} = true ]] |
if [[ ${NOCOLORS} = 1 ]] |
39 |
then |
then |
40 |
COLRED="" |
COLRED="" |
41 |
COLDEFAULT="" |
COLDEFAULT="" |
42 |
fi |
fi |
43 |
|
|
44 |
[[ ${WEBCRLF} = true ]] && webcrlf="<br>" |
[[ ${WEBCRLF} = 1 ]] && webcrlf="<br>" |
45 |
|
|
46 |
# respect -n |
# respect -n |
47 |
case $1 in |
case $1 in |
48 |
-n) shift; opts="n" ;; |
-n) shift; opts="n" ;; |
49 |
esac |
esac |
50 |
|
|
51 |
echo -e${opts} "${COLRED}$@${COLDEFAULT}${webcrlf}" |
# echo to stderr |
52 |
|
echo -e${opts} "${COLRED}$@${COLDEFAULT}${webcrlf}" 1>&2 |
53 |
} |
} |
54 |
|
|
55 |
# prints return values of get | enabled even in quiet mode |
# prints return values of get | enabled even in quiet mode |
60 |
local opts |
local opts |
61 |
local webcrlf |
local webcrlf |
62 |
|
|
63 |
if [[ ${NOCOLORS} = true ]] |
if [[ ${NOCOLORS} = 1 ]] |
64 |
then |
then |
65 |
COLPURPLE="" |
COLPURPLE="" |
66 |
COLDEFAULT="" |
COLDEFAULT="" |
67 |
fi |
fi |
68 |
|
|
69 |
[[ ${WEBCRLF} = true ]] && webcrlf="<br>" |
[[ ${WEBCRLF} = 1 ]] && webcrlf="<br>" |
70 |
|
|
71 |
# respect -n |
# respect -n |
72 |
case $1 in |
case $1 in |
150 |
# this wrapper runs a command in the xsession of the unpriv_user |
# this wrapper runs a command in the xsession of the unpriv_user |
151 |
x11runas() |
x11runas() |
152 |
{ |
{ |
153 |
if [[ -n $(pidof X) ]] |
if [[ -n $(pidof X) ]] || [[ -n $(pidof Xorg) ]] || [[ -n $(pidof Xorg.bin) ]] |
154 |
then |
then |
155 |
su - "${MCORE_UNPRIV_USER}" -c "DISPLAY=${MCORE_XORG_DISPLAY} $@" |
su - "${MCORE_UNPRIV_USER}" -c "DISPLAY=${MCORE_XORG_DISPLAY} $@" |
156 |
|
else |
157 |
|
decho "x11runas(): No running X, Xorg or Xorg.bin process found" |
158 |
fi |
fi |
159 |
} |
} |
160 |
|
|
256 |
|
|
257 |
chroot ${MROOT} ${cmd} |
chroot ${MROOT} ${cmd} |
258 |
} |
} |
259 |
|
|
260 |
|
# gets interface used to reach given ip |
261 |
|
iface_for_remote_addr() |
262 |
|
{ |
263 |
|
set -- $(ip -o route get to $1) |
264 |
|
echo $5 |
265 |
|
} |
266 |
|
|
267 |
|
# get ip from dns name |
268 |
|
dns_to_ip() |
269 |
|
{ |
270 |
|
set -- $(getent hosts $1) |
271 |
|
echo $1 |
272 |
|
} |
273 |
|
|
274 |
|
iface_for_ip() |
275 |
|
{ |
276 |
|
set -- $(ip -o addr show to $1) |
277 |
|
echo $2 |
278 |
|
} |
279 |
|
|
280 |
|
iface_for_mac() |
281 |
|
{ |
282 |
|
local interface="" mac="$(echo $1 | sed 'y/ABCDEF/abcdef/')" |
283 |
|
for interface in /sys/class/net/*; do |
284 |
|
if [ $(cat $interface/address) = "$mac" ]; then |
285 |
|
echo ${interface##*/} |
286 |
|
fi |
287 |
|
done |
288 |
|
} |
289 |
|
|
290 |
|
mac_for_iface() |
291 |
|
{ |
292 |
|
local iface="$1" |
293 |
|
if [ -f /sys/class/net/${iface}/address ] |
294 |
|
then |
295 |
|
cat /sys/class/net/${iface}/address |
296 |
|
fi |
297 |
|
} |
298 |
|
|
299 |
|
certificate_fingerprint() |
300 |
|
{ |
301 |
|
local cert_fingerprint |
302 |
|
local retval |
303 |
|
|
304 |
|
if [[ ! -f ${MCORE_CERT_FILE} ]] |
305 |
|
then |
306 |
|
eecho "MCORE_CERT_FILE '${MCORE_CERT_FILE}' does not exist." |
307 |
|
return 1 |
308 |
|
fi |
309 |
|
|
310 |
|
cert_fingerprint=$(openssl x509 -noout -modulus -in "${MCORE_CERT_FILE}" | openssl sha1 | sed 's:(stdin)=\ ::') |
311 |
|
retval="$?" |
312 |
|
|
313 |
|
if [[ ${retval} != 0 ]] |
314 |
|
then |
315 |
|
eecho "Error '${retval}' while generating cert_fingerprint." |
316 |
|
return 1 |
317 |
|
fi |
318 |
|
|
319 |
|
if [[ -z ${cert_fingerprint} ]] |
320 |
|
then |
321 |
|
eecho "Error: cert_fingerprint is empty" |
322 |
|
return 1 |
323 |
|
else |
324 |
|
echo "${cert_fingerprint}" |
325 |
|
fi |
326 |
|
} |
327 |
|
|
328 |
|
key_fingerprint() |
329 |
|
{ |
330 |
|
local key_fingerprint |
331 |
|
local retval |
332 |
|
|
333 |
|
if [[ ! -f ${MCORE_KEY_FILE} ]] |
334 |
|
then |
335 |
|
eecho "MCORE_KEY_FILE '${MCORE_KEY_FILE}' does not exist." |
336 |
|
return 1 |
337 |
|
fi |
338 |
|
|
339 |
|
key_fingerprint=$(openssl rsa -noout -modulus -in "${MCORE_KEY_FILE}" | openssl sha1 | sed 's:(stdin)=\ ::') |
340 |
|
retval="$?" |
341 |
|
|
342 |
|
if [[ ${retval} != 0 ]] |
343 |
|
then |
344 |
|
eecho "Error '${retval}' while generating key_fingerprint." |
345 |
|
return 1 |
346 |
|
fi |
347 |
|
|
348 |
|
if [[ -z ${key_fingerprint} ]] |
349 |
|
then |
350 |
|
eecho "Error: key_fingerprint is empty" |
351 |
|
return 1 |
352 |
|
else |
353 |
|
echo "${key_fingerprint}" |
354 |
|
fi |
355 |
|
} |
356 |
|
|
357 |
|
nsslsay() |
358 |
|
{ |
359 |
|
nssl "${SSLSAY_IP}" "${SSLSAY_PORT}" << EOF |
360 |
|
auth ${SSLSAY_USER} ${SSLSAY_PASS} |
361 |
|
$@ |
362 |
|
quit |
363 |
|
EOF |
364 |
|
} |
365 |
|
|
366 |
|
nsslsay_fingerprint() |
367 |
|
{ |
368 |
|
nssl "${SSLSAY_IP}" "${SSLSAY_PORT}" << EOF |
369 |
|
certauth $(certificate_fingerprint) |
370 |
|
$@ |
371 |
|
quit |
372 |
|
EOF |
373 |
|
} |
374 |
|
|
375 |
|
nsslsay_queue_init() |
376 |
|
{ |
377 |
|
SSLSAY_QUEUE=() |
378 |
|
} |
379 |
|
|
380 |
|
nsslsay_queue_add() |
381 |
|
{ |
382 |
|
SSLSAY_QUEUE+=( "$@" ) |
383 |
|
} |
384 |
|
|
385 |
|
nsslsay_queue_print() |
386 |
|
{ |
387 |
|
local count |
388 |
|
local i |
389 |
|
|
390 |
|
count="${#SSLSAY_QUEUE[*]}" |
391 |
|
for ((i=0; i < count; i++)) |
392 |
|
do |
393 |
|
echo "${SSLSAY_QUEUE[${i}]}" |
394 |
|
done |
395 |
|
} |
396 |
|
|
397 |
|
nsslsay_queue_run() |
398 |
|
{ |
399 |
|
nsslsay "$(nsslsay_queue_print)" |
400 |
|
} |
401 |
|
|
402 |
|
nsslsay_queue_run_fingerprint() |
403 |
|
{ |
404 |
|
nsslsay_fingerprint "$(nsslsay_queue_print)" |
405 |
|
} |