Sesame + LUKS patch
W. Michael Petullo
mike at flyn.org
Thu Feb 3 04:52:03 PST 2005
Attached is a patch vs. sesame CVS that modifies sesame to use LUKS
(http://clemens.endorphin.org/LUKS). LUKS serves as a replacement for
libsesame and places encryption-related metadata on a disk before its
filesystem.
In order to test this new code, ensure that Clemens Fruhwirth's version
of cryptsetup exists in you path and is named cryptsetup-luks. The -luks
requirement will be removed from the name expected by sesame once Clemens
Fruhwirth makes a stable release. I would recommend experimenting with
cryptsetup-luks by hand before using sesame.
LUKS looks like it will provide what we need, saving us from maintaining
libsesame. Clemens seems willing to add features required by the sesame
utilities.
I have not yet modified hald to recognize LUKS disks instead of libsesame
disks.
Also in this patch is a new program, gnome-sesame-format.
Gnome-sesame-format is a GUI front-end to sesame-format.
Gnome-sesame-format is written in Java and compiles fine using gcj.
I am not yet very up to speed on Java/GNU autotool integration so I
would appreciate any tips on the build system.
--
Mike
:wq
-------------- next part --------------
diff -u --recursive --new-file sesame-vanilla/ChangeLog sesame/ChangeLog
--- sesame-vanilla/ChangeLog 2004-12-31 07:35:47.000000000 -0600
+++ sesame/ChangeLog 2005-01-26 22:10:41.000000000 -0600
@@ -1,3 +1,41 @@
+2005-01-26 W. Michael Petullo <mike at flyn.org>
+
+ * tools/*.c: Major overhaul to use LUKS instead of the proposed
+ sesame encrypted header.
+
+ * tools/GnomeSesameFormat.java: Implemented a GUI tool that can
+ format a device as a LUKS device.
+
+2005-01-19 W. Michael Petullo <mike at flyn.org>
+
+ * tools/check-common.c: Added some unit tests using the check
+ framework -- preparation for refactoring
+
+ * tools/common.c: Refactoring of some code
+
+ * tools/sesame-format.c: Check if a device is mounted before
+ formatting it
+
+ * tools/sesame-format.c: Use a temporary DM device to format --
+ hide device from hal until ready
+
+ * tools/sesame-is-encrypted.c: Begin a program that checks if a
+ device is encrypted using sesame
+
+2004-01-19 W. Michael Petullo <mike at flyn.org>
+
+ * tools/common.c: Moved some code to common.c
+
+ * tools/common.c: Fixed encode/decode leak
+
+ * tools/sesame-setup.c: Minor code changes
+
+ * tools/sesame-format.c: Began work on a new utility to format
+ a sesame-compliant disk
+
+ * tools/sesame-setup.c: Now takes aes as name of cipher and
+ resolved this to aes-128-ecb for OpenSSL calls.
+
2004-12-31 David Zeuthen <davidz at redhat.com>
Patch from W. Michael Petullo <mike at flyn.org>. I wrote a patch for
diff -u --recursive --new-file sesame-vanilla/configure.in sesame/configure.in
--- sesame-vanilla/configure.in 2004-12-31 07:35:47.000000000 -0600
+++ sesame/configure.in 2005-02-02 09:42:24.000000000 -0600
@@ -6,14 +6,21 @@
AM_CONFIG_HEADER(config.h)
AM_MAINTAINER_MODE
+AM_PATH_CHECK(,[have_check="yes"],
+ AC_MSG_WARN([Check not found; cannot run unit tests!])
+ [have_check="no"])
+ AM_CONDITIONAL(HAVE_CHECK, test x"$have_check" = "xyes")
+
AC_ISC_POSIX
AC_PROG_CC
AM_PROG_CC_STDC
+AM_PROG_GCJ
AC_HEADER_STDC
AM_PROG_LIBTOOL
AC_PROG_MAKE_SET
AC_PROG_LN_S
AC_SYS_LARGEFILE
+AM_PATH_GLIB_2_0(,,AC_MSG_ERROR(You are missing glib))
AC_ARG_ENABLE(ansi, [ --enable-ansi enable -ansi -pedantic gcc flags],enable_ansi=$enableval,enable_ansi=no)
@@ -103,15 +110,25 @@
#pkg_modules="hal >= 0.4.0, hal-storage >= 0.4.0, openssl >= 0.9.7a"
#PKG_CHECK_MODULES(PACKAGE, [$pkg_modules])
-AC_CHECK_LIB(crypto, EVP_DecryptInit_ex)
-AC_CHECK_LIB(ssl, SSL_load_error_strings)
-AC_PATH_PROG(CRYPTSETUP, cryptsetup, no)
+AC_PATH_PROG(CRYPTSETUP, cryptsetup-luks, no)
if test x"$CRYPTSETUP" = xno; then
- AC_MSG_ERROR([cryptsetup executable not found in your path])
+ AC_MSG_ERROR([cryptsetup-luks executable not found in your path])
fi
AC_SUBST(CRYPTSETUP)
+AC_PATH_PROG(DD, dd, no)
+if test x"$DD" = xno; then
+ AC_MSG_ERROR([dd executable not found in your path])
+fi
+AC_SUBST(DD)
+
+AC_PATH_PROG(MKFS, mkfs, no)
+if test x"$MKFS" = xno; then
+ AC_MSG_ERROR([mkfs executable not found in your path])
+fi
+AC_SUBST(MKFS)
+
AS_AC_EXPAND(LOCALSTATEDIR, $localstatedir)
AS_AC_EXPAND(SYSCONFDIR, $sysconfdir)
AS_AC_EXPAND(DATADIR, $datadir)
@@ -121,7 +138,6 @@
AC_OUTPUT([
Makefile
-libsesame/Makefile
tools/Makefile
])
diff -u --recursive --new-file sesame-vanilla/libsesame/CVS/Entries sesame/libsesame/CVS/Entries
--- sesame-vanilla/libsesame/CVS/Entries 2005-02-02 22:59:47.000000000 -0600
+++ sesame/libsesame/CVS/Entries 1969-12-31 18:00:00.000000000 -0600
@@ -1,4 +0,0 @@
-/Makefile.am/1.1.1.1/Fri Dec 17 16:56:52 2004//
-/libsesame.c/1.1.1.1/Fri Dec 17 16:56:52 2004//
-/libsesame.h/1.1.1.1/Fri Dec 17 16:56:52 2004//
-D
diff -u --recursive --new-file sesame-vanilla/libsesame/CVS/Repository sesame/libsesame/CVS/Repository
--- sesame-vanilla/libsesame/CVS/Repository 2005-02-02 22:59:47.000000000 -0600
+++ sesame/libsesame/CVS/Repository 1969-12-31 18:00:00.000000000 -0600
@@ -1 +0,0 @@
-sesame/libsesame
diff -u --recursive --new-file sesame-vanilla/libsesame/CVS/Root sesame/libsesame/CVS/Root
--- sesame-vanilla/libsesame/CVS/Root 2005-02-02 22:59:47.000000000 -0600
+++ sesame/libsesame/CVS/Root 1969-12-31 18:00:00.000000000 -0600
@@ -1 +0,0 @@
-:pserver:anoncvs at freedesktop.org:/cvs/hal
diff -u --recursive --new-file sesame-vanilla/libsesame/libsesame.c sesame/libsesame/libsesame.c
--- sesame-vanilla/libsesame/libsesame.c 2004-12-17 10:56:52.000000000 -0600
+++ sesame/libsesame/libsesame.c 1969-12-31 18:00:00.000000000 -0600
@@ -1,292 +0,0 @@
-/***************************************************************************
- * CVSID: $Id: libsesame.c,v 1.1.1.1 2004/12/17 16:56:52 david Exp $
- *
- * libsesame.c
- *
- * Copyright (C) 2004 David Zeuthen, <david at fubar.dk>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- *
- **************************************************************************/
-
-#define _GNU_SOURCE
-
-#include <ctype.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "libsesame.h"
-
-
-#define SESAME_MAGIC "# SESAME_MAGIC"
-
-#define MAXLINE 1024
-
-/** Type for callback with sesame properties
- *
- * @param key Property name
- * @param value Value of property
- * @param data User supplied data
- * @return Return FALSE to stop parsing; will make
- * sesame_parse error out
- */
-typedef sesame_bool_t (*sesame_parse_callback) (const char *key,
- const char *value,
- void *data);
-
-
-static unsigned char *
-sesame_skip_to_next_nonempty_line (unsigned char *buf)
-{
- while (*buf == '\n')
- buf++;
-
- while (*buf != '\n') {
- if (*buf == '\0')
- return NULL;
- buf++;
- }
-
- while (*buf == '\n')
- buf++;
-
- return buf;
-}
-
-/** Parse a data buffer for sesame metadata and issue callbacks for the
- * properties found.
- *
- * @param buf Buffer
- * @param got_kv_pair_cb Callback function for key/value pairs
- * @param data User supplied data
- * @return Returns FALSE on error
- */
-static sesame_bool_t
-sesame_parse (unsigned char *buf,
- sesame_parse_callback got_kv_pair_cb,
- void *data)
-{
- int rc;
- char magic[] = SESAME_MAGIC;
-
- rc = FALSE;
-
- if (strncmp (&buf[0], magic, sizeof (magic) - 1) != 0)
- goto out;
-
- buf = sesame_skip_to_next_nonempty_line (buf);
- if (buf == NULL)
- goto out;
-
- rc = TRUE;
-
- do {
- unsigned int i;
- char *lstart;
- char *lend;
- char line[MAXLINE];
- size_t len;
- char *valbegin;
- char *ival;
- char key[MAXLINE];
- char value[MAXLINE];
-
- lstart = (char *) buf;
- buf = sesame_skip_to_next_nonempty_line (buf);
- if (buf == NULL)
- break;
- lend = ((char *) buf) - 1;
-
- len = lend - lstart;
- if (len > sizeof (line))
- len = sizeof (line);
-
- strncpy (line, lstart, len);
- line[len] = '\0';
-
- if (line[0] == '#')
- continue;
-
- valbegin = strchr (line, '=') + 1;
- if (valbegin == NULL)
- continue;
-
- /* copy key and strip trailing whitespace */
- strncpy (key, line, valbegin - 1 - line);
- key[valbegin - 1 - line] = '\0';
- for (i = valbegin - 1 - line - 1; i >= 0; --i) {
- if (!isspace (key[i]))
- break;
- key[i]='\0';
- }
-
- /* get value and unescape \' -> ' and \\ to \ */
- valbegin = strchr (valbegin, '\'');
- if (valbegin == NULL)
- continue;
- valbegin++;
- for (ival=valbegin, i=0;
- ival != '\0' && i < sizeof (value) - 1;
- ival++) {
- if (*ival == '\'')
- break;
- if (*ival == '\\') {
- if (*(ival + 1) == '\'') {
- value [i++] = '\'';
- ival++;;
- continue;
- }
- }
- value [i++] = *ival;
- }
- value [i] = '\0';
-
- /* callback may short circuit */
- if (got_kv_pair_cb (key, value, data) == 0) {
- rc = FALSE;
- goto out;
- }
-
- } while (1);
-
-out:
- return rc;
-}
-
-typedef struct SesameMetaDataKVPair_s {
- char *key;
- char *value;
- struct SesameMetaDataKVPair_s *next;
-} SesameMetaDataKVPair;
-
-struct SesameMetaData_s {
- char *buf;
- SesameMetaDataKVPair *properties;
- SesameMetaDataKVPair *tail;
-};
-
-void
-sesame_free (SesameMetaData *md)
-{
- SesameMetaDataKVPair *prop;
- SesameMetaDataKVPair *prop_next;
-
- for (prop = md->properties; prop != NULL; prop = prop_next) {
- prop_next = prop->next;
-
- free (prop->key);
- free (prop->value);
- free (prop);
- }
-
- free (md->buf);
- free (md);
-}
-
-
-
-static sesame_bool_t
-sesame_get_metadata_cb (const char *key, const char *value, void *data)
-{
- SesameMetaDataKVPair *prop;
- SesameMetaData *md = (SesameMetaData *) data;
-
- prop = malloc (sizeof (SesameMetaDataKVPair));
- if (prop == NULL)
- goto error;
- prop->key = NULL;
- prop->value = NULL;
-
- prop->key = strdup (key);
- if (prop->key == NULL)
- goto error;
-
- prop->value = strdup (value);
- if (prop->value == NULL)
- goto error;
-
- prop->next = NULL;
-
- if (md->properties == NULL) {
- md->properties = prop;
- md->tail = prop;
- } else {
- md->tail->next = prop;
- md->tail = prop;
- }
-
- return TRUE;
-error:
- /* clean up and short circuit on error*/
- if (prop != NULL) {
- free (prop->key);
- free (prop->value);
- free (prop);
- }
- return FALSE;
-}
-
-SesameMetaData *
-sesame_get_metadata_from_buf (const char *buf)
-{
- SesameMetaData *md;
-
- md = malloc (sizeof (SesameMetaData));
- if (md == NULL)
- goto out;
- md->properties = NULL;
- md->tail = NULL;
-
- md->buf = strdup (buf);
- if (md->buf == NULL) {
- sesame_free (md);
- md = NULL;
- goto out;
- }
-
- if (sesame_parse (md->buf, sesame_get_metadata_cb, (void *) md) == 0) {
- /* on error */
- sesame_free (md);
- md = NULL;
- }
-out:
- return md;
-}
-
-const char *
-sesame_get (SesameMetaData *md, const char *key)
-{
- SesameMetaDataKVPair *prop;
-
- for (prop = md->properties; prop != NULL; prop = prop->next) {
- if (strcmp (prop->key, key) == 0)
- return prop->value;
- }
-
- return NULL;
-}
-
-sesame_bool_t
-sesame_compare (SesameMetaData *md, const char *key, const char *value)
-{
- const char *real_val;
-
- real_val = sesame_get (md, key);
- if (real_val != NULL && strcmp (real_val, value) == 0)
- return TRUE;
-
- return FALSE;
-}
-
diff -u --recursive --new-file sesame-vanilla/libsesame/libsesame.h sesame/libsesame/libsesame.h
--- sesame-vanilla/libsesame/libsesame.h 2004-12-17 10:56:52.000000000 -0600
+++ sesame/libsesame/libsesame.h 1969-12-31 18:00:00.000000000 -0600
@@ -1,70 +0,0 @@
-/***************************************************************************
- * CVSID: $Id: libsesame.h,v 1.1.1.1 2004/12/17 16:56:52 david Exp $
- *
- * libsesame.h
- *
- * Copyright (C) 2004 David Zeuthen, <david at fubar.dk>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- *
- **************************************************************************/
-
-#ifndef LIBSESAME_H
-#define LIBSESAME_H
-
-#if defined(__cplusplus)
-extern "C" {
-#if 0
-}
-#endif
-#endif
-
-typedef unsigned int sesame_bool_t;
-
-#ifndef TRUE
-# define TRUE 1
-#endif
-#ifndef FALSE
-# define FALSE 0
-#endif
-
-
-struct SesameMetaData_s;
-typedef struct SesameMetaData_s SesameMetaData;
-
-SesameMetaData *sesame_get_metadata_from_buf (const char *buf);
-
-const char *sesame_get (SesameMetaData *md, const char *key);
-
-sesame_bool_t sesame_compare (SesameMetaData *md, const char *key, const char *value);
-
-void sesame_free (SesameMetaData *md);
-
-/* functions to implement:
- *
- * # if value is NULL, clear the property
- * sesame_set (SesameMetaData* md, const char *key, const char *value)
- *
- * sesame_get_buf_from_metadata (SesameMetaData* md)
- *
- * need to preserve comments whereever possible
- */
-
-
-#if defined(__cplusplus)
-}
-#endif
-
-#endif /* LIBSESAME_H */
diff -u --recursive --new-file sesame-vanilla/libsesame/Makefile.am sesame/libsesame/Makefile.am
--- sesame-vanilla/libsesame/Makefile.am 2004-12-17 10:56:52.000000000 -0600
+++ sesame/libsesame/Makefile.am 1969-12-31 18:00:00.000000000 -0600
@@ -1,18 +0,0 @@
-## Process this file with automake to produce Makefile.in
-
-INCLUDES = \
- -DPACKAGE_DATA_DIR=\""$(datadir)"\" \
- -DPACKAGE_LOCALE_DIR=\""$(prefix)/$(DATADIRNAME)/locale"\"
-
-lib_LTLIBRARIES=libsesame.la
-
-libsesameincludedir=$(includedir)/sesame
-
-libsesameinclude_HEADERS = \
- libsesame.h
-
-libsesame_la_SOURCES = \
- libsesame.c libsesame.h
-
-clean-local :
- rm -f *~
diff -u --recursive --new-file sesame-vanilla/Makefile.am sesame/Makefile.am
--- sesame-vanilla/Makefile.am 2004-12-17 10:56:52.000000000 -0600
+++ sesame/Makefile.am 2005-02-01 22:00:23.000000000 -0600
@@ -1,6 +1,6 @@
## Process this file with automake to produce Makefile.in
-SUBDIRS = libsesame tools
+SUBDIRS = tools
EXTRA_DIST = HACKING
Binary files sesame-vanilla/tools/check_common and sesame/tools/check_common differ
diff -u --recursive --new-file sesame-vanilla/tools/check_common.c sesame/tools/check_common.c
--- sesame-vanilla/tools/check_common.c 1969-12-31 18:00:00.000000000 -0600
+++ sesame/tools/check_common.c 2005-01-26 22:07:37.000000000 -0600
@@ -0,0 +1,37 @@
+#include <stdlib.h>
+#include <check.h>
+#include <string.h>
+#include <common.h>
+
+START_TEST(test_strip_cr)
+{
+ char str[5];
+ strcpy(str, "foo\n");
+ fail_unless(strcmp(strip_cr(str), "foo") == 0,
+ "strip_cr test failed");
+}
+END_TEST
+
+static Suite *common_suite(void)
+{
+ Suite *s = suite_create("common");
+
+ TCase *tc_strip_cr = tcase_create("test_strip_cr");
+
+ tcase_add_test(tc_strip_cr, test_strip_cr);
+
+ suite_add_tcase(s, tc_strip_cr);
+
+ return s;
+}
+
+int main(void)
+{
+ int nf;
+ Suite *s = common_suite();
+ SRunner *sr = srunner_create(s);
+ srunner_run_all(sr, CK_NORMAL);
+ nf = srunner_ntests_failed(sr);
+ srunner_free(sr);
+ return (nf == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
+}
Binary files sesame-vanilla/tools/check_common.o and sesame/tools/check_common.o differ
diff -u --recursive --new-file sesame-vanilla/tools/common.c sesame/tools/common.c
--- sesame-vanilla/tools/common.c 1969-12-31 18:00:00.000000000 -0600
+++ sesame/tools/common.c 2005-01-27 10:39:08.000000000 -0600
@@ -0,0 +1,219 @@
+#define _GNU_SOURCE
+
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <limits.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <stdio.h>
+#include <errno.h>
+#include <stdarg.h>
+
+#include "common.h"
+
+char *strip_cr(char *s)
+{
+ int len;
+
+ assert(s);
+
+ len = strlen(s);
+ s[len - 1] = s[len - 1] == '\n' ? 0x00 : s[len - 1];
+
+ return s;
+}
+
+int read_key(char *buf, int size)
+{
+ int fnval = 1;
+
+ assert(buf);
+ assert(size > 0);
+
+ if (fgets(buf, size, stdin) == NULL) {
+ fnval = 0;
+ goto _return;
+ }
+
+ strip_cr(buf);
+
+ _return:
+ return fnval;
+}
+
+void msg(int verbose, const char *format, ...)
+{
+ assert(format != NULL);
+
+ if (verbose) {
+ va_list args;
+
+ va_start(args, format);
+ vfprintf(stdout, format, args);
+ va_end(args);
+ }
+}
+
+int run_cryptsetup_luksInit(const char *block_key_cipher,
+ const char *device,
+ const char *passphrase, const int key_len)
+{
+ pid_t child;
+ int fnval = 1, pipefd[2], child_exit;
+ char *key_len_str;
+
+ assert(block_key_cipher != NULL);
+ assert(device != NULL);
+ assert(passphrase != NULL);
+ assert(key_len > 0);
+
+ if (asprintf(&key_len_str, "%d", key_len * 8) == -1) {
+ fprintf(stderr, "Failed to allocate memory, err=%s\n",
+ strerror(errno));
+ fnval = 0;
+ goto _return_no_free;
+ }
+
+ if (pipe(pipefd) == -1) {
+ fprintf(stderr, "Failed to create pipe, err=%s\n",
+ strerror(errno));
+ fnval = 0;
+ goto _return;
+ }
+
+ child = fork();
+
+ if (child < 0) {
+ fprintf(stderr, "Failed to fork, err=%s\n",
+ strerror(errno));
+ fnval = 0;
+ goto _return;
+ } else if (child == 0) {
+ close(0);
+ dup(pipefd[0]);
+ close(pipefd[0]);
+ close(pipefd[1]);
+ execl(CRYPTSETUP, "cryptsetup", "-s", key_len_str, "-c",
+ block_key_cipher, "luksInit", device, NULL);
+ fprintf(stderr, "Failed to execute %s, err=%s\n",
+ CRYPTSETUP, strerror(errno));
+ exit(EXIT_FAILURE);
+ } else {
+ close(pipefd[0]);
+ write(pipefd[1], passphrase, strlen(passphrase));
+ close(pipefd[1]);
+ waitpid(child, &child_exit, 0);
+ fnval = !WEXITSTATUS(child_exit);
+ goto _return;
+ }
+
+ _return:
+ free(key_len_str);
+ _return_no_free:
+ return fnval;
+}
+
+int run_cryptsetup_luksOpen(const char *prefix, const char *device,
+ const char *passphrase)
+{
+ pid_t child;
+ int fnval = 1, pipefd[2], child_exit;
+ char uuid[UUIDLEN + 1], dmname[PATH_MAX + 1];
+
+ assert(prefix != NULL);
+ assert(device != NULL);
+ assert(passphrase != NULL);
+
+ /* FIXME: read UUID from LUKS header */
+ strcpy(uuid, "FIXME");
+
+ strncpy(dmname, prefix, sizeof dmname - strlen(dmname));
+ if (strlen(device) + strlen(uuid) > PATH_MAX) {
+ fprintf(stderr, "Uuid %s is too long\n", uuid);
+ fnval = 0;
+ goto _return;
+ }
+ strncat(dmname, uuid, sizeof dmname - strlen(dmname));
+
+ if (pipe(pipefd) == -1) {
+ fprintf(stderr, "Failed to create pipe, err=%s\n",
+ strerror(errno));
+ fnval = 0;
+ goto _return;
+ }
+
+ child = fork();
+
+ if (child < 0) {
+ fprintf(stderr, "Failed to fork, err=%s\n",
+ strerror(errno));
+ fnval = 0;
+ goto _return;
+ } else if (child == 0) {
+ close(0);
+ dup(pipefd[0]);
+ close(pipefd[0]);
+ close(pipefd[1]);
+ execl(CRYPTSETUP, "cryptsetup", "luksOpen", device, dmname,
+ NULL);
+ fprintf(stderr, "Failed to execute %s, err=%s\n",
+ CRYPTSETUP, strerror(errno));
+ exit(EXIT_FAILURE);
+ } else {
+ close(pipefd[0]);
+ write(pipefd[1], passphrase, strlen(passphrase));
+ close(pipefd[1]);
+ waitpid(child, &child_exit, 0);
+ fnval = !WEXITSTATUS(child_exit);
+ goto _return;
+ }
+
+ _return:
+ return fnval;
+}
+
+int run_cryptunsetup(const char *prefix, const char *device)
+{
+ pid_t child;
+ int fnval = 1, child_exit;
+ char dmname[PATH_MAX + 1], uuid[UUIDLEN + 1];
+
+ assert(prefix != NULL);
+ assert(device != NULL);
+ assert(uuid != NULL);
+
+ /* FIXME: read UUID from LUKS header */
+ strcpy(uuid, "FIXME");
+
+ strcpy(dmname, prefix);
+ if (strlen(dmname) + strlen(uuid) > PATH_MAX) {
+ fprintf(stderr, "Uuid %s is too long\n", uuid);
+ fnval = 0;
+ goto _return;
+ }
+ strncat(dmname, uuid, sizeof dmname - strlen(dmname));
+
+ child = fork();
+
+ if (child < 0) {
+ fprintf(stderr, "Failed to fork, err=%s\n",
+ strerror(errno));
+ fnval = 0;
+ goto _return;
+ } else if (child == 0) {
+ execl(CRYPTSETUP, "cryptsetup", "remove", dmname, device,
+ NULL);
+ fprintf(stderr, "Failed to execute %s, err=%s\n",
+ CRYPTSETUP, strerror(errno));
+ exit(EXIT_FAILURE);
+ } else {
+ waitpid(child, &child_exit, 0);
+ fnval = !WEXITSTATUS(child_exit);
+ goto _return;
+ }
+
+ _return:
+ return fnval;
+}
diff -u --recursive --new-file sesame-vanilla/tools/common.h sesame/tools/common.h
--- sesame-vanilla/tools/common.h 1969-12-31 18:00:00.000000000 -0600
+++ sesame/tools/common.h 2005-01-26 22:05:31.000000000 -0600
@@ -0,0 +1,13 @@
+#define DMCRYPT_PREFIX "sesame_crypto_"
+#define DMCRYPT_TMP_PREFIX "sesame_crypto_tmp_"
+#define DMDIR "/dev/mapper/"
+#define UUIDLEN 36
+
+char *strip_cr(char *s);
+int read_key(char *buf, int size);
+void msg(int verbose, const char *format, ...);
+int run_cryptsetup_luksInit(const char *block_key_cipher, const char *device,
+ const char *passphrase, const int key_len);
+int run_cryptsetup_luksOpen(const char *prefix, const char *device,
+ const char *passphrase);
+int run_cryptunsetup(const char *prefix, const char *device);
Binary files sesame-vanilla/tools/common.o and sesame/tools/common.o differ
diff -u --recursive --new-file sesame-vanilla/tools/Getopt.java sesame/tools/Getopt.java
--- sesame-vanilla/tools/Getopt.java 1969-12-31 18:00:00.000000000 -0600
+++ sesame/tools/Getopt.java 2005-02-02 11:31:51.000000000 -0600
@@ -0,0 +1,1310 @@
+/**************************************************************************
+/* Getopt.java -- Java port of GNU getopt from glibc 2.0.6
+/*
+/* Copyright (c) 1987-1997 Free Software Foundation, Inc.
+/* Java Port Copyright (c) 1998 by Aaron M. Renn (arenn at urbanophile.com)
+/*
+/* This program is free software; you can redistribute it and/or modify
+/* it under the terms of the GNU Library General Public License as published
+/* by the Free Software Foundation; either version 2 of the License or
+/* (at your option) any later version.
+/*
+/* This program is distributed in the hope that it will be useful, but
+/* WITHOUT ANY WARRANTY; without even the implied warranty of
+/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+/* GNU Library General Public License for more details.
+/*
+/* You should have received a copy of the GNU Library General Public License
+/* along with this program; see the file COPYING.LIB. If not, write to
+/* the Free Software Foundation Inc., 59 Temple Place - Suite 330,
+/* Boston, MA 02111-1307 USA
+/**************************************************************************/
+
+import java.util.Locale;
+import java.util.ResourceBundle;
+import java.util.PropertyResourceBundle;
+import java.text.MessageFormat;
+
+/**************************************************************************/
+
+/**
+ * This is a Java port of GNU getopt, a class for parsing command line
+ * arguments passed to programs. It it based on the C getopt() functions
+ * in glibc 2.0.6 and should parse options in a 100% compatible manner.
+ * If it does not, that is a bug. The programmer's interface is also
+ * very compatible.
+ * <p>
+ * To use Getopt, create a Getopt object with a argv array passed to the
+ * main method, then call the getopt() method in a loop. It will return an
+ * int that contains the value of the option character parsed from the
+ * command line. When there are no more options to be parsed, it
+ * returns -1.
+ * <p>
+ * A command line option can be defined to take an argument. If an
+ * option has an argument, the value of that argument is stored in an
+ * instance variable called optarg, which can be accessed using the
+ * getOptarg() method. If an option that requires an argument is
+ * found, but there is no argument present, then an error message is
+ * printed. Normally getopt() returns a '?' in this situation, but
+ * that can be changed as described below.
+ * <p>
+ * If an invalid option is encountered, an error message is printed
+ * to the standard error and getopt() returns a '?'. The value of the
+ * invalid option encountered is stored in the instance variable optopt
+ * which can be retrieved using the getOptopt() method. To suppress
+ * the printing of error messages for this or any other error, set
+ * the value of the opterr instance variable to false using the
+ * setOpterr() method.
+ * <p>
+ * Between calls to getopt(), the instance variable optind is used to
+ * keep track of where the object is in the parsing process. After all
+ * options have been returned, optind is the index in argv of the first
+ * non-option argument. This variable can be accessed with the getOptind()
+ * method.
+ * <p>
+ * Note that this object expects command line options to be passed in the
+ * traditional Unix manner. That is, proceeded by a '-' character.
+ * Multiple options can follow the '-'. For example "-abc" is equivalent
+ * to "-a -b -c". If an option takes a required argument, the value
+ * of the argument can immediately follow the option character or be
+ * present in the next argv element. For example, "-cfoo" and "-c foo"
+ * both represent an option character of 'c' with an argument of "foo"
+ * assuming c takes a required argument. If an option takes an argument
+ * that is not required, then any argument must immediately follow the
+ * option character in the same argv element. For example, if c takes
+ * a non-required argument, then "-cfoo" represents option character 'c'
+ * with an argument of "foo" while "-c foo" represents the option
+ * character 'c' with no argument, and a first non-option argv element
+ * of "foo".
+ * <p>
+ * The user can stop getopt() from scanning any further into a command line
+ * by using the special argument "--" by itself. For example:
+ * "-a -- -d" would return an option character of 'a', then return -1
+ * The "--" is discarded and "-d" is pointed to by optind as the first
+ * non-option argv element.
+ * <p>
+ * Here is a basic example of using Getopt:
+ * <p>
+ * <pre>
+ * Getopt g = new Getopt("testprog", argv, "ab:c::d");
+ * //
+ * int c;
+ * String arg;
+ * while ((c = g.getopt()) != -1)
+ * {
+ * switch(c)
+ * {
+ * case 'a':
+ * case 'd':
+ * System.out.print("You picked " + (char)c + "\n");
+ * break;
+ * //
+ * case 'b':
+ * case 'c':
+ * arg = g.getOptarg();
+ * System.out.print("You picked " + (char)c +
+ * " with an argument of " +
+ * ((arg != null) ? arg : "null") + "\n");
+ * break;
+ * //
+ * case '?':
+ * break; // getopt() already printed an error
+ * //
+ * default:
+ * System.out.print("getopt() returned " + c + "\n");
+ * }
+ * }
+ * </pre>
+ * <p>
+ * In this example, a new Getopt object is created with three params.
+ * The first param is the program name. This is for printing error
+ * messages in the form "program: error message". In the C version, this
+ * value is taken from argv[0], but in Java the program name is not passed
+ * in that element, thus the need for this parameter. The second param is
+ * the argument list that was passed to the main() method. The third
+ * param is the list of valid options. Each character represents a valid
+ * option. If the character is followed by a single colon, then that
+ * option has a required argument. If the character is followed by two
+ * colons, then that option has an argument that is not required.
+ * <p>
+ * Note in this example that the value returned from getopt() is cast to
+ * a char prior to printing. This is required in order to make the value
+ * display correctly as a character instead of an integer.
+ * <p>
+ * If the first character in the option string is a colon, for example
+ * ":abc::d", then getopt() will return a ':' instead of a '?' when it
+ * encounters an option with a missing required argument. This allows the
+ * caller to distinguish between invalid options and valid options that
+ * are simply incomplete.
+ * <p>
+ * In the traditional Unix getopt(), -1 is returned when the first non-option
+ * charcter is encountered. In GNU getopt(), the default behavior is to
+ * allow options to appear anywhere on the command line. The getopt()
+ * method permutes the argument to make it appear to the caller that all
+ * options were at the beginning of the command line, and all non-options
+ * were at the end. For example, calling getopt() with command line args
+ * of "-a foo bar -d" returns options 'a' and 'd', then sets optind to
+ * point to "foo". The program would read the last two argv elements as
+ * "foo" and "bar", just as if the user had typed "-a -d foo bar".
+ * <p>
+ * The user can force getopt() to stop scanning the command line with
+ * the special argument "--" by itself. Any elements occuring before the
+ * "--" are scanned and permuted as normal. Any elements after the "--"
+ * are returned as is as non-option argv elements. For example,
+ * "foo -a -- bar -d" would return option 'a' then -1. optind would point
+ * to "foo", "bar" and "-d" as the non-option argv elements. The "--"
+ * is discarded by getopt().
+ * <p>
+ * There are two ways this default behavior can be modified. The first is
+ * to specify traditional Unix getopt() behavior (which is also POSIX
+ * behavior) in which scanning stops when the first non-option argument
+ * encountered. (Thus "-a foo bar -d" would return 'a' as an option and
+ * have "foo", "bar", and "-d" as non-option elements). The second is to
+ * allow options anywhere, but to return all elements in the order they
+ * occur on the command line. When a non-option element is ecountered,
+ * an integer 1 is returned and the value of the non-option element is
+ * stored in optarg is if it were the argument to that option. For
+ * example, "-a foo -d", returns first 'a', then 1 (with optarg set to
+ * "foo") then 'd' then -1. When this "return in order" functionality
+ * is enabled, the only way to stop getopt() from scanning all command
+ * line elements is to use the special "--" string by itself as described
+ * above. An example is "-a foo -b -- bar", which would return 'a', then
+ * integer 1 with optarg set to "foo", then 'b', then -1. optind would
+ * then point to "bar" as the first non-option argv element. The "--"
+ * is discarded.
+ * <p>
+ * The POSIX/traditional behavior is enabled by either setting the
+ * property "gnu.posixly_correct" or by putting a '+' sign as the first
+ * character of the option string. The difference between the two
+ * methods is that setting the gnu.posixly_correct property also forces
+ * certain error messages to be displayed in POSIX format. To enable
+ * the "return in order" functionality, put a '-' as the first character
+ * of the option string. Note that after determining the proper
+ * behavior, Getopt strips this leading '+' or '-', meaning that a ':'
+ * placed as the second character after one of those two will still cause
+ * getopt() to return a ':' instead of a '?' if a required option
+ * argument is missing.
+ * <p>
+ * In addition to traditional single character options, GNU Getopt also
+ * supports long options. These are preceeded by a "--" sequence and
+ * can be as long as desired. Long options provide a more user-friendly
+ * way of entering command line options. For example, in addition to a
+ * "-h" for help, a program could support also "--help".
+ * <p>
+ * Like short options, long options can also take a required or non-required
+ * argument. Required arguments can either be specified by placing an
+ * equals sign after the option name, then the argument, or by putting the
+ * argument in the next argv element. For example: "--outputdir=foo" and
+ * "--outputdir foo" both represent an option of "outputdir" with an
+ * argument of "foo", assuming that outputdir takes a required argument.
+ * If a long option takes a non-required argument, then the equals sign
+ * form must be used to specify the argument. In this case,
+ * "--outputdir=foo" would represent option outputdir with an argument of
+ * "foo" while "--outputdir foo" would represent the option outputdir
+ * with no argument and a first non-option argv element of "foo".
+ * <p>
+ * Long options can also be specified using a special POSIX argument
+ * format (one that I highly discourage). This form of entry is
+ * enabled by placing a "W;" (yes, 'W' then a semi-colon) in the valid
+ * option string. This causes getopt to treat the name following the
+ * "-W" as the name of the long option. For example, "-W outputdir=foo"
+ * would be equivalent to "--outputdir=foo". The name can immediately
+ * follow the "-W" like so: "-Woutputdir=foo". Option arguments are
+ * handled identically to normal long options. If a string follows the
+ * "-W" that does not represent a valid long option, then getopt() returns
+ * 'W' and the caller must decide what to do. Otherwise getopt() returns
+ * a long option value as described below.
+ * <p>
+ * While long options offer convenience, they can also be tedious to type
+ * in full. So it is permissible to abbreviate the option name to as
+ * few characters as required to uniquely identify it. If the name can
+ * represent multiple long options, then an error message is printed and
+ * getopt() returns a '?'.
+ * <p>
+ * If an invalid option is specified or a required option argument is
+ * missing, getopt() prints an error and returns a '?' or ':' exactly
+ * as for short options. Note that when an invalid long option is
+ * encountered, the optopt variable is set to integer 0 and so cannot
+ * be used to identify the incorrect option the user entered.
+ * <p>
+ * Long options are defined by LongOpt objects. These objects are created
+ * with a contructor that takes four params: a String representing the
+ * object name, a integer specifying what arguments the option takes
+ * (the value is one of LongOpt.NO_ARGUMENT, LongOpt.REQUIRED_ARGUMENT,
+ * or LongOpt.OPTIONAL_ARGUMENT), a StringBuffer flag object (described
+ * below), and an integer value (described below).
+ * <p>
+ * To enable long option parsing, create an array of LongOpt's representing
+ * the legal options and pass it to the Getopt() constructor. WARNING: If
+ * all elements of the array are not populated with LongOpt objects, the
+ * getopt() method will throw a NullPointerException.
+ * <p>
+ * When getopt() is called and a long option is encountered, one of two
+ * things can be returned. If the flag field in the LongOpt object
+ * representing the long option is non-null, then the integer value field
+ * is stored there and an integer 0 is returned to the caller. The val
+ * field can then be retrieved from the flag field. Note that since the
+ * flag field is a StringBuffer, the appropriate String to integer converions
+ * must be performed in order to get the actual int value stored there.
+ * If the flag field in the LongOpt object is null, then the value field
+ * of the LongOpt is returned. This can be the character of a short option.
+ * This allows an app to have both a long and short option sequence
+ * (say, "-h" and "--help") that do the exact same thing.
+ * <p>
+ * With long options, there is an alternative method of determining
+ * which option was selected. The method getLongind() will return the
+ * the index in the long option array (NOT argv) of the long option found.
+ * So if multiple long options are configured to return the same value,
+ * the application can use getLongind() to distinguish between them.
+ * <p>
+ * Here is an expanded Getopt example using long options and various
+ * techniques described above:
+ * <p>
+ * <pre>
+ * int c;
+ * String arg;
+ * LongOpt[] longopts = new LongOpt[3];
+ * //
+ * StringBuffer sb = new StringBuffer();
+ * longopts[0] = new LongOpt("help", LongOpt.NO_ARGUMENT, null, 'h');
+ * longopts[1] = new LongOpt("outputdir", LongOpt.REQUIRED_ARGUMENT, sb, 'o');
+ * longopts[2] = new LongOpt("maximum", LongOpt.OPTIONAL_ARGUMENT, null, 2);
+ * //
+ * Getopt g = new Getopt("testprog", argv, "-:bc::d:hW;", longopts);
+ * g.setOpterr(false); // We'll do our own error handling
+ * //
+ * while ((c = g.getopt()) != -1)
+ * switch (c)
+ * {
+ * case 0:
+ * arg = g.getOptarg();
+ * System.out.println("Got long option with value '" +
+ * (char)(new Integer(sb.toString())).intValue()
+ * + "' with argument " +
+ * ((arg != null) ? arg : "null"));
+ * break;
+ * //
+ * case 1:
+ * System.out.println("I see you have return in order set and that " +
+ * "a non-option argv element was just found " +
+ * "with the value '" + g.getOptarg() + "'");
+ * break;
+ * //
+ * case 2:
+ * arg = g.getOptarg();
+ * System.out.println("I know this, but pretend I didn't");
+ * System.out.println("We picked option " +
+ * longopts[g.getLongind()].getName() +
+ * " with value " +
+ * ((arg != null) ? arg : "null"));
+ * break;
+ * //
+ * case 'b':
+ * System.out.println("You picked plain old option " + (char)c);
+ * break;
+ * //
+ * case 'c':
+ * case 'd':
+ * arg = g.getOptarg();
+ * System.out.println("You picked option '" + (char)c +
+ * "' with argument " +
+ * ((arg != null) ? arg : "null"));
+ * break;
+ * //
+ * case 'h':
+ * System.out.println("I see you asked for help");
+ * break;
+ * //
+ * case 'W':
+ * System.out.println("Hmmm. You tried a -W with an incorrect long " +
+ * "option name");
+ * break;
+ * //
+ * case ':':
+ * System.out.println("Doh! You need an argument for option " +
+ * (char)g.getOptopt());
+ * break;
+ * //
+ * case '?':
+ * System.out.println("The option '" + (char)g.getOptopt() +
+ * "' is not valid");
+ * break;
+ * //
+ * default:
+ * System.out.println("getopt() returned " + c);
+ * break;
+ * }
+ * //
+ * for (int i = g.getOptind(); i < argv.length ; i++)
+ * System.out.println("Non option argv element: " + argv[i] + "\n");
+ * </pre>
+ * <p>
+ * There is an alternative form of the constructor used for long options
+ * above. This takes a trailing boolean flag. If set to false, Getopt
+ * performs identically to the example, but if the boolean flag is true
+ * then long options are allowed to start with a single '-' instead of
+ * "--". If the first character of the option is a valid short option
+ * character, then the option is treated as if it were the short option.
+ * Otherwise it behaves as if the option is a long option. Note that
+ * the name given to this option - long_only - is very counter-intuitive.
+ * It does not cause only long options to be parsed but instead enables
+ * the behavior described above.
+ * <p>
+ * Note that the functionality and variable names used are driven from
+ * the C lib version as this object is a port of the C code, not a
+ * new implementation. This should aid in porting existing C/C++ code,
+ * as well as helping programmers familiar with the glibc version to
+ * adapt to the Java version even if it seems very non-Java at times.
+ * <p>
+ * In this release I made all instance variables protected due to
+ * overwhelming public demand. Any code which relied on optarg,
+ * opterr, optind, or optopt being public will need to be modified to
+ * use the appropriate access methods.
+ * <p>
+ * Please send all bug reports, requests, and comments to
+ * <a href="mailto:arenn at urbanophile.com">arenn at urbanophile.com</a>.
+ *
+ * @version 1.0.7
+ *
+ * @author Roland McGrath (roland at gnu.ai.mit.edu)
+ * @author Ulrich Drepper (drepper at cygnus.com)
+ * @author Aaron M. Renn (arenn at urbanophile.com)
+ *
+ * @see LongOpt
+ */
+public class Getopt extends Object
+{
+
+/**************************************************************************/
+
+/*
+ * Class Variables
+ */
+
+/**
+ * Describe how to deal with options that follow non-option ARGV-elements.
+ *
+ * If the caller did not specify anything,
+ * the default is REQUIRE_ORDER if the property
+ * gnu.posixly_correct is defined, PERMUTE otherwise.
+ *
+ * The special argument `--' forces an end of option-scanning regardless
+ * of the value of `ordering'. In the case of RETURN_IN_ORDER, only
+ * `--' can cause `getopt' to return -1 with `optind' != ARGC.
+ *
+ * REQUIRE_ORDER means don't recognize them as options;
+ * stop option processing when the first non-option is seen.
+ * This is what Unix does.
+ * This mode of operation is selected by either setting the property
+ * gnu.posixly_correct, or using `+' as the first character
+ * of the list of option characters.
+ */
+protected static final int REQUIRE_ORDER = 1;
+
+/**
+ * PERMUTE is the default. We permute the contents of ARGV as we scan,
+ * so that eventually all the non-options are at the end. This allows options
+ * to be given in any order, even with programs that were not written to
+ * expect this.
+ */
+protected static final int PERMUTE = 2;
+
+/**
+ * RETURN_IN_ORDER is an option available to programs that were written
+ * to expect options and other ARGV-elements in any order and that care about
+ * the ordering of the two. We describe each non-option ARGV-element
+ * as if it were the argument of an option with character code 1.
+ * Using `-' as the first character of the list of option characters
+ * selects this mode of operation.
+ */
+protected static final int RETURN_IN_ORDER = 3;
+
+/**************************************************************************/
+
+/*
+ * Instance Variables
+ */
+
+/**
+ * For communication from `getopt' to the caller.
+ * When `getopt' finds an option that takes an argument,
+ * the argument value is returned here.
+ * Also, when `ordering' is RETURN_IN_ORDER,
+ * each non-option ARGV-element is returned here.
+ */
+protected String optarg;
+
+/**
+ * Index in ARGV of the next element to be scanned.
+ * This is used for communication to and from the caller
+ * and for communication between successive calls to `getopt'.
+ *
+ * On entry to `getopt', zero means this is the first call; initialize.
+ *
+ * When `getopt' returns -1, this is the index of the first of the
+ * non-option elements that the caller should itself scan.
+ *
+ * Otherwise, `optind' communicates from one call to the next
+ * how much of ARGV has been scanned so far.
+ */
+protected int optind = 0;
+
+/**
+ * Callers store false here to inhibit the error message
+ * for unrecognized options.
+ */
+protected boolean opterr = true;
+
+/**
+ * When an unrecognized option is encountered, getopt will return a '?'
+ * and store the value of the invalid option here.
+ */
+protected int optopt = '?';
+
+/**
+ * The next char to be scanned in the option-element
+ * in which the last option character we returned was found.
+ * This allows us to pick up the scan where we left off.
+ *
+ * If this is zero, or a null string, it means resume the scan
+ * by advancing to the next ARGV-element.
+ */
+protected String nextchar;
+
+/**
+ * This is the string describing the valid short options.
+ */
+protected String optstring;
+
+/**
+ * This is an array of LongOpt objects which describ the valid long
+ * options.
+ */
+protected LongOpt[] long_options;
+
+/**
+ * This flag determines whether or not we are parsing only long args
+ */
+protected boolean long_only;
+
+/**
+ * Stores the index into the long_options array of the long option found
+ */
+protected int longind;
+
+/**
+ * The flag determines whether or not we operate in strict POSIX compliance
+ */
+protected boolean posixly_correct;
+
+/**
+ * A flag which communicates whether or not checkLongOption() did all
+ * necessary processing for the current option
+ */
+protected boolean longopt_handled;
+
+/**
+ * The index of the first non-option in argv[]
+ */
+protected int first_nonopt = 1;
+
+/**
+ * The index of the last non-option in argv[]
+ */
+protected int last_nonopt = 1;
+
+/**
+ * Flag to tell getopt to immediately return -1 the next time it is
+ * called.
+ */
+private boolean endparse = false;
+
+/**
+ * Saved argument list passed to the program
+ */
+protected String[] argv;
+
+/**
+ * Determines whether we permute arguments or not
+ */
+protected int ordering;
+
+/**
+ * Name to print as the program name in error messages. This is necessary
+ * since Java does not place the program name in argv[0]
+ */
+protected String progname;
+
+/**
+ * The localized strings are kept in a separate file
+ */
+/*private ResourceBundle _messages = PropertyResourceBundle.getBundle(
+ "gnu/getopt/MessagesBundle", Locale.getDefault());
+ */
+
+/**************************************************************************/
+
+/*
+ * Constructors
+ */
+
+/**
+ * Construct a basic Getopt instance with the given input data. Note that
+ * this handles "short" options only.
+ *
+ * @param progname The name to display as the program name when printing errors
+ * @param argv The String array passed as the command line to the program.
+ * @param optstring A String containing a description of the valid args for this program
+ */
+public
+Getopt(String progname, String[] argv, String optstring)
+{
+ this(progname, argv, optstring, null, false);
+}
+
+/**************************************************************************/
+
+/**
+ * Construct a Getopt instance with given input data that is capable of
+ * parsing long options as well as short.
+ *
+ * @param progname The name to display as the program name when printing errors
+ * @param argv The String array passed as the command ilne to the program
+ * @param optstring A String containing a description of the valid short args for this program
+ * @param long_options An array of LongOpt objects that describes the valid long args for this program
+ */
+public
+Getopt(String progname, String[] argv, String optstring,
+ LongOpt[] long_options)
+{
+ this(progname, argv, optstring, long_options, false);
+}
+
+/**************************************************************************/
+
+/**
+ * Construct a Getopt instance with given input data that is capable of
+ * parsing long options and short options. Contrary to what you might
+ * think, the flag 'long_only' does not determine whether or not we
+ * scan for only long arguments. Instead, a value of true here allows
+ * long arguments to start with a '-' instead of '--' unless there is a
+ * conflict with a short option name.
+ *
+ * @param progname The name to display as the program name when printing errors
+ * @param argv The String array passed as the command ilne to the program
+ * @param optstring A String containing a description of the valid short args for this program
+ * @param long_options An array of LongOpt objects that describes the valid long args for this program
+ * @param long_only true if long options that do not conflict with short options can start with a '-' as well as '--'
+ */
+public
+Getopt(String progname, String[] argv, String optstring,
+ LongOpt[] long_options, boolean long_only)
+{
+ if (optstring.length() == 0)
+ optstring = " ";
+
+ // This function is essentially _getopt_initialize from GNU getopt
+ this.progname = progname;
+ this.argv = argv;
+ this.optstring = optstring;
+ this.long_options = long_options;
+ this.long_only = long_only;
+
+ // Check for property "gnu.posixly_correct" to determine whether to
+ // strictly follow the POSIX standard. This replaces the "POSIXLY_CORRECT"
+ // environment variable in the C version
+ if (System.getProperty("gnu.posixly_correct", null) == null)
+ posixly_correct = false;
+ else
+ {
+ posixly_correct = true;
+ /*_messages = PropertyResourceBundle.getBundle("gnu/getopt/MessagesBundle",
+ Locale.US);
+ */
+ }
+
+ // Determine how to handle the ordering of options and non-options
+ if (optstring.charAt(0) == '-')
+ {
+ ordering = RETURN_IN_ORDER;
+ if (optstring.length() > 1)
+ this.optstring = optstring.substring(1);
+ }
+ else if (optstring.charAt(0) == '+')
+ {
+ ordering = REQUIRE_ORDER;
+ if (optstring.length() > 1)
+ this.optstring = optstring.substring(1);
+ }
+ else if (posixly_correct)
+ {
+ ordering = REQUIRE_ORDER;
+ }
+ else
+ {
+ ordering = PERMUTE; // The normal default case
+ }
+}
+
+/**************************************************************************/
+
+/*
+ * Instance Methods
+ */
+
+/**
+ * In GNU getopt, it is possible to change the string containg valid options
+ * on the fly because it is passed as an argument to getopt() each time. In
+ * this version we do not pass the string on every call. In order to allow
+ * dynamic option string changing, this method is provided.
+ *
+ * @param optstring The new option string to use
+ */
+public void
+setOptstring(String optstring)
+{
+ if (optstring.length() == 0)
+ optstring = " ";
+
+ this.optstring = optstring;
+}
+
+/**************************************************************************/
+
+/**
+ * optind it the index in ARGV of the next element to be scanned.
+ * This is used for communication to and from the caller
+ * and for communication between successive calls to `getopt'.
+ *
+ * When `getopt' returns -1, this is the index of the first of the
+ * non-option elements that the caller should itself scan.
+ *
+ * Otherwise, `optind' communicates from one call to the next
+ * how much of ARGV has been scanned so far.
+ */
+public int
+getOptind()
+{
+ return(optind);
+}
+
+/**************************************************************************/
+
+/**
+ * This method allows the optind index to be set manually. Normally this
+ * is not necessary (and incorrect usage of this method can lead to serious
+ * lossage), but optind is a public symbol in GNU getopt, so this method
+ * was added to allow it to be modified by the caller if desired.
+ *
+ * @param optind The new value of optind
+ */
+public void
+setOptind(int optind)
+{
+ this.optind = optind;
+}
+
+/**************************************************************************/
+
+/**
+ * Since in GNU getopt() the argument vector is passed back in to the
+ * function every time, the caller can swap out argv on the fly. Since
+ * passing argv is not required in the Java version, this method allows
+ * the user to override argv. Note that incorrect use of this method can
+ * lead to serious lossage.
+ *
+ * @param argv New argument list
+ */
+public void
+setArgv(String[] argv)
+{
+ this.argv = argv;
+}
+
+/**************************************************************************/
+
+/**
+ * For communication from `getopt' to the caller.
+ * When `getopt' finds an option that takes an argument,
+ * the argument value is returned here.
+ * Also, when `ordering' is RETURN_IN_ORDER,
+ * each non-option ARGV-element is returned here.
+ * No set method is provided because setting this variable has no effect.
+ */
+public String
+getOptarg()
+{
+ return(optarg);
+}
+
+/**************************************************************************/
+
+/**
+ * Normally Getopt will print a message to the standard error when an
+ * invalid option is encountered. This can be suppressed (or re-enabled)
+ * by calling this method. There is no get method for this variable
+ * because if you can't remember the state you set this to, why should I?
+ */
+public void
+setOpterr(boolean opterr)
+{
+ this.opterr = opterr;
+}
+
+/**************************************************************************/
+
+/**
+ * When getopt() encounters an invalid option, it stores the value of that
+ * option in optopt which can be retrieved with this method. There is
+ * no corresponding set method because setting this variable has no effect.
+ */
+public int
+getOptopt()
+{
+ return(optopt);
+}
+
+/**************************************************************************/
+
+/**
+ * Returns the index into the array of long options (NOT argv) representing
+ * the long option that was found.
+ */
+public int
+getLongind()
+{
+ return(longind);
+}
+
+/**************************************************************************/
+
+/**
+ * Exchange the shorter segment with the far end of the longer segment.
+ * That puts the shorter segment into the right place.
+ * It leaves the longer segment in the right place overall,
+ * but it consists of two parts that need to be swapped next.
+ * This method is used by getopt() for argument permutation.
+ */
+protected void
+exchange(String[] argv)
+{
+ int bottom = first_nonopt;
+ int middle = last_nonopt;
+ int top = optind;
+ String tem;
+
+ while (top > middle && middle > bottom)
+ {
+ if (top - middle > middle - bottom)
+ {
+ // Bottom segment is the short one.
+ int len = middle - bottom;
+ int i;
+
+ // Swap it with the top part of the top segment.
+ for (i = 0; i < len; i++)
+ {
+ tem = argv[bottom + i];
+ argv[bottom + i] = argv[top - (middle - bottom) + i];
+ argv[top - (middle - bottom) + i] = tem;
+ }
+ // Exclude the moved bottom segment from further swapping.
+ top -= len;
+ }
+ else
+ {
+ // Top segment is the short one.
+ int len = top - middle;
+ int i;
+
+ // Swap it with the bottom part of the bottom segment.
+ for (i = 0; i < len; i++)
+ {
+ tem = argv[bottom + i];
+ argv[bottom + i] = argv[middle + i];
+ argv[middle + i] = tem;
+ }
+ // Exclude the moved top segment from further swapping.
+ bottom += len;
+ }
+ }
+
+ // Update records for the slots the non-options now occupy.
+
+ first_nonopt += (optind - last_nonopt);
+ last_nonopt = optind;
+}
+
+/**************************************************************************/
+
+/**
+ * Check to see if an option is a valid long option. Called by getopt().
+ * Put in a separate method because this needs to be done twice. (The
+ * C getopt authors just copy-pasted the code!).
+ *
+ * @param longind A buffer in which to store the 'val' field of found LongOpt
+ *
+ * @return Various things depending on circumstances
+ */
+protected int
+checkLongOption()
+{
+ LongOpt pfound = null;
+ int nameend;
+ boolean ambig;
+ boolean exact;
+
+ longopt_handled = true;
+ ambig = false;
+ exact = false;
+ longind = -1;
+
+ nameend = nextchar.indexOf("=");
+ if (nameend == -1)
+ nameend = nextchar.length();
+
+ // Test all lnog options for either exact match or abbreviated matches
+ for (int i = 0; i < long_options.length; i++)
+ {
+ if (long_options[i].getName().startsWith(nextchar.substring(0, nameend)))
+ {
+ if (long_options[i].getName().equals(nextchar.substring(0, nameend)))
+ {
+ // Exact match found
+ pfound = long_options[i];
+ longind = i;
+ exact = true;
+ break;
+ }
+ else if (pfound == null)
+ {
+ // First nonexact match found
+ pfound = long_options[i];
+ longind = i;
+ }
+ else
+ {
+ // Second or later nonexact match found
+ ambig = true;
+ }
+ }
+ } // for
+
+ // Print out an error if the option specified was ambiguous
+ if (ambig && !exact)
+ {
+ if (opterr)
+ {
+ Object[] msgArgs = { progname, argv[optind] };
+ }
+
+ nextchar = "";
+ optopt = 0;
+ ++optind;
+
+ return('?');
+ }
+
+ if (pfound != null)
+ {
+ ++optind;
+
+ if (nameend != nextchar.length())
+ {
+ if (pfound.has_arg != LongOpt.NO_ARGUMENT)
+ {
+ if (nextchar.substring(nameend).length() > 1)
+ optarg = nextchar.substring(nameend+1);
+ else
+ optarg = "";
+ }
+ else
+ {
+ if (opterr)
+ {
+ // -- option
+ if (argv[optind - 1].startsWith("--"))
+ {
+ Object[] msgArgs = { progname, pfound.name };
+ }
+ // +option or -option
+ else
+ {
+ Object[] msgArgs = { progname, new
+ Character(argv[optind-1].charAt(0)).toString(),
+ pfound.name };
+ }
+ }
+
+ nextchar = "";
+ optopt = pfound.val;
+
+ return('?');
+ }
+ } // if (nameend)
+ else if (pfound.has_arg == LongOpt.REQUIRED_ARGUMENT)
+ {
+ if (optind < argv.length)
+ {
+ optarg = argv[optind];
+ ++optind;
+ }
+ else
+ {
+ if (opterr)
+ {
+ Object[] msgArgs = { progname, argv[optind-1] };
+ }
+
+ nextchar = "";
+ optopt = pfound.val;
+ if (optstring.charAt(0) == ':')
+ return(':');
+ else
+ return('?');
+ }
+ } // else if (pfound)
+
+ nextchar = "";
+
+ if (pfound.flag != null)
+ {
+ pfound.flag.setLength(0);
+ pfound.flag.append(pfound.val);
+
+ return(0);
+ }
+
+ return(pfound.val);
+ } // if (pfound != null)
+
+ longopt_handled = false;
+
+ return(0);
+}
+
+/**************************************************************************/
+
+/**
+ * This method returns a char that is the current option that has been
+ * parsed from the command line. If the option takes an argument, then
+ * the internal variable 'optarg' is set which is a String representing
+ * the the value of the argument. This value can be retrieved by the
+ * caller using the getOptarg() method. If an invalid option is found,
+ * an error message is printed and a '?' is returned. The name of the
+ * invalid option character can be retrieved by calling the getOptopt()
+ * method. When there are no more options to be scanned, this method
+ * returns -1. The index of first non-option element in argv can be
+ * retrieved with the getOptind() method.
+ *
+ * @return Various things as described above
+ */
+public int
+getopt()
+{
+ optarg = null;
+
+ if (endparse == true)
+ return(-1);
+
+ if ((nextchar == null) || (nextchar.equals("")))
+ {
+ // If we have just processed some options following some non-options,
+ // exchange them so that the options come first.
+ if (last_nonopt > optind)
+ last_nonopt = optind;
+ if (first_nonopt > optind)
+ first_nonopt = optind;
+
+ if (ordering == PERMUTE)
+ {
+ // If we have just processed some options following some non-options,
+ // exchange them so that the options come first.
+ if ((first_nonopt != last_nonopt) && (last_nonopt != optind))
+ exchange(argv);
+ else if (last_nonopt != optind)
+ first_nonopt = optind;
+
+ // Skip any additional non-options
+ // and extend the range of non-options previously skipped.
+ while ((optind < argv.length) && (argv[optind].equals("") ||
+ (argv[optind].charAt(0) != '-') || argv[optind].equals("-")))
+ {
+ optind++;
+ }
+
+ last_nonopt = optind;
+ }
+
+ // The special ARGV-element `--' means premature end of options.
+ // Skip it like a null option,
+ // then exchange with previous non-options as if it were an option,
+ // then skip everything else like a non-option.
+ if ((optind != argv.length) && argv[optind].equals("--"))
+ {
+ optind++;
+
+ if ((first_nonopt != last_nonopt) && (last_nonopt != optind))
+ exchange (argv);
+ else if (first_nonopt == last_nonopt)
+ first_nonopt = optind;
+
+ last_nonopt = argv.length;
+
+ optind = argv.length;
+ }
+
+ // If we have done all the ARGV-elements, stop the scan
+ // and back over any non-options that we skipped and permuted.
+ if (optind == argv.length)
+ {
+ // Set the next-arg-index to point at the non-options
+ // that we previously skipped, so the caller will digest them.
+ if (first_nonopt != last_nonopt)
+ optind = first_nonopt;
+
+ return(-1);
+ }
+
+ // If we have come to a non-option and did not permute it,
+ // either stop the scan or describe it to the caller and pass it by.
+ if (argv[optind].equals("") || (argv[optind].charAt(0) != '-') ||
+ argv[optind].equals("-"))
+ {
+ if (ordering == REQUIRE_ORDER)
+ return(-1);
+
+ optarg = argv[optind++];
+ return(1);
+ }
+
+ // We have found another option-ARGV-element.
+ // Skip the initial punctuation.
+ if (argv[optind].startsWith("--"))
+ nextchar = argv[optind].substring(2);
+ else
+ nextchar = argv[optind].substring(1);
+ }
+
+ // Decode the current option-ARGV-element.
+
+ /* Check whether the ARGV-element is a long option.
+
+ If long_only and the ARGV-element has the form "-f", where f is
+ a valid short option, don't consider it an abbreviated form of
+ a long option that starts with f. Otherwise there would be no
+ way to give the -f short option.
+
+ On the other hand, if there's a long option "fubar" and
+ the ARGV-element is "-fu", do consider that an abbreviation of
+ the long option, just like "--fu", and not "-f" with arg "u".
+
+ This distinction seems to be the most useful approach. */
+ if ((long_options != null) && (argv[optind].startsWith("--")
+ || (long_only && ((argv[optind].length() > 2) ||
+ (optstring.indexOf(argv[optind].charAt(1)) == -1)))))
+ {
+ int c = checkLongOption();
+
+ if (longopt_handled)
+ return(c);
+
+ // Can't find it as a long option. If this is not getopt_long_only,
+ // or the option starts with '--' or is not a valid short
+ // option, then it's an error.
+ // Otherwise interpret it as a short option.
+ if (!long_only || argv[optind].startsWith("--")
+ || (optstring.indexOf(nextchar.charAt(0)) == -1))
+ {
+ if (opterr)
+ {
+ if (argv[optind].startsWith("--"))
+ {
+ Object[] msgArgs = { progname, nextchar };
+ }
+ else
+ {
+ Object[] msgArgs = { progname, new
+ Character(argv[optind].charAt(0)).toString(),
+ nextchar };
+ }
+ }
+
+ nextchar = "";
+ ++optind;
+ optopt = 0;
+
+ return('?');
+ }
+ } // if (longopts)
+
+ // Look at and handle the next short option-character */
+ int c = nextchar.charAt(0); //**** Do we need to check for empty str?
+ if (nextchar.length() > 1)
+ nextchar = nextchar.substring(1);
+ else
+ nextchar = "";
+
+ String temp = null;
+ if (optstring.indexOf(c) != -1)
+ temp = optstring.substring(optstring.indexOf(c));
+
+ if (nextchar.equals(""))
+ ++optind;
+
+ if ((temp == null) || (c == ':'))
+ {
+ if (opterr)
+ {
+ if (posixly_correct)
+ {
+ // 1003.2 specifies the format of this message
+ Object[] msgArgs = { progname, new
+ Character((char)c).toString() };
+ }
+ else
+ {
+ Object[] msgArgs = { progname, new
+ Character((char)c).toString() };
+ }
+ }
+
+ optopt = c;
+
+ return('?');
+ }
+
+ // Convenience. Treat POSIX -W foo same as long option --foo
+ if ((temp.charAt(0) == 'W') && (temp.length() > 1) && (temp.charAt(1) == ';'))
+ {
+ if (!nextchar.equals(""))
+ {
+ optarg = nextchar;
+ }
+ // No further cars in this argv element and no more argv elements
+ else if (optind == argv.length)
+ {
+ if (opterr)
+ {
+ // 1003.2 specifies the format of this message.
+ Object[] msgArgs = { progname, new
+ Character((char)c).toString() };
+ }
+
+ optopt = c;
+ if (optstring.charAt(0) == ':')
+ return(':');
+ else
+ return('?');
+ }
+ else
+ {
+ // We already incremented `optind' once;
+ // increment it again when taking next ARGV-elt as argument.
+ nextchar = argv[optind];
+ optarg = argv[optind];
+ }
+
+ c = checkLongOption();
+
+ if (longopt_handled)
+ return(c);
+ else
+ // Let the application handle it
+ {
+ nextchar = null;
+ ++optind;
+ return('W');
+ }
+ }
+
+ if ((temp.length() > 1) && (temp.charAt(1) == ':'))
+ {
+ if ((temp.length() > 2) && (temp.charAt(2) == ':'))
+ // This is an option that accepts and argument optionally
+ {
+ if (!nextchar.equals(""))
+ {
+ optarg = nextchar;
+ ++optind;
+ }
+ else
+ {
+ optarg = null;
+ }
+
+ nextchar = null;
+ }
+ else
+ {
+ if (!nextchar.equals(""))
+ {
+ optarg = nextchar;
+ ++optind;
+ }
+ else if (optind == argv.length)
+ {
+ if (opterr)
+ {
+ // 1003.2 specifies the format of this message
+ Object[] msgArgs = { progname, new
+ Character((char)c).toString() };
+ }
+
+ optopt = c;
+
+ if (optstring.charAt(0) == ':')
+ return(':');
+ else
+ return('?');
+ }
+ else
+ {
+ optarg = argv[optind];
+ ++optind;
+
+ // Ok, here's an obscure Posix case. If we have o:, and
+ // we get -o -- foo, then we're supposed to skip the --,
+ // end parsing of options, and make foo an operand to -o.
+ // Only do this in Posix mode.
+ if ((posixly_correct) && optarg.equals("--"))
+ {
+ // If end of argv, error out
+ if (optind == argv.length)
+ {
+ if (opterr)
+ {
+ // 1003.2 specifies the format of this message
+ Object[] msgArgs = { progname, new
+ Character((char)c).toString() };
+ }
+
+ optopt = c;
+
+ if (optstring.charAt(0) == ':')
+ return(':');
+ else
+ return('?');
+ }
+
+ // Set new optarg and set to end
+ // Don't permute as we do on -- up above since we
+ // know we aren't in permute mode because of Posix.
+ optarg = argv[optind];
+ ++optind;
+ first_nonopt = optind;
+ last_nonopt = argv.length;
+ endparse = true;
+ }
+ }
+
+ nextchar = null;
+ }
+ }
+
+ return(c);
+}
+
+} // Class Getopt
+
+
Binary files sesame-vanilla/tools/Getopt.o and sesame/tools/Getopt.o differ
Binary files sesame-vanilla/tools/gnome-sesame-format and sesame/tools/gnome-sesame-format differ
diff -u --recursive --new-file sesame-vanilla/tools/GnomeSesameFormat.glade sesame/tools/GnomeSesameFormat.glade
--- sesame-vanilla/tools/GnomeSesameFormat.glade 1969-12-31 18:00:00.000000000 -0600
+++ sesame/tools/GnomeSesameFormat.glade 2005-02-02 13:34:53.000000000 -0600
@@ -0,0 +1,1064 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
+
+<glade-interface>
+
+<widget class="GtkWindow" id="topLevel">
+ <property name="border_width">7</property>
+ <property name="visible">True</property>
+ <property name="title" translatable="yes">Sesame Format Tool</property>
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
+ <property name="window_position">GTK_WIN_POS_NONE</property>
+ <property name="modal">False</property>
+ <property name="resizable">False</property>
+ <property name="destroy_with_parent">False</property>
+ <property name="decorated">True</property>
+ <property name="skip_taskbar_hint">False</property>
+ <property name="skip_pager_hint">False</property>
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_NORMAL</property>
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
+ <signal name="delete_event" handler="onTopLevelDeleteEvent" last_modification_time="Wed, 02 Feb 2005 19:23:23 GMT"/>
+
+ <child>
+ <widget class="GtkVBox" id="vboxMain">
+ <property name="border_width">5</property>
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">12</property>
+
+ <child>
+ <widget class="GtkVBox" id="vboxSettings">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">18</property>
+
+ <child>
+ <widget class="GtkVBox" id="vboxEncSettings">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">6</property>
+
+ <child>
+ <widget class="GtkLabel" id="labelEncSettings">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes"><span weight="bold">Encryption Settings</span></property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">True</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkHBox" id="hboxEncSettings">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkLabel" id="spacerEncryptionSettings">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes"> </property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkTable" id="tableEncSettings">
+ <property name="visible">True</property>
+ <property name="n_rows">2</property>
+ <property name="n_columns">2</property>
+ <property name="homogeneous">False</property>
+ <property name="row_spacing">6</property>
+ <property name="column_spacing">12</property>
+
+ <child>
+ <widget class="GtkLabel" id="labelCipher">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">Encryption _cipher:</property>
+ <property name="use_underline">True</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_CENTER</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkOptionMenu" id="optionMenuCipher">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="history">0</property>
+
+ <child>
+ <widget class="GtkMenu" id="menuCipher">
+
+ <child>
+ <widget class="GtkMenuItem" id="aes256">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">AES-256</property>
+ <property name="use_underline">True</property>
+ <signal name="activate" handler="onAES256Activate" last_modification_time="Wed, 02 Feb 2005 19:18:26 GMT"/>
+ </widget>
+ </child>
+
+ <child>
+ <widget class="GtkMenuItem" id="aes128">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">AES-128</property>
+ <property name="use_underline">True</property>
+ <signal name="activate" handler="onAES128Activate" last_modification_time="Wed, 02 Feb 2005 19:18:26 GMT"/>
+ </widget>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="labelPassphrase">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">_Passphrase:</property>
+ <property name="use_underline">True</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_CENTER</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="entryPassphrase">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">11</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char" translatable="yes">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vboxPhysSettings">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">6</property>
+
+ <child>
+ <widget class="GtkLabel" id="labelPhysSettings">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes"><span weight="bold">Physical Settings</span></property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">True</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkHBox" id="hboxPhysSettings">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkLabel" id="spacerPhysSettings">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes"> </property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkTable" id="tablePhysSettings">
+ <property name="visible">True</property>
+ <property name="n_rows">1</property>
+ <property name="n_columns">3</property>
+ <property name="homogeneous">False</property>
+ <property name="row_spacing">6</property>
+ <property name="column_spacing">12</property>
+
+ <child>
+ <widget class="GtkLabel" id="labelDevice">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">Disk de_vice:</property>
+ <property name="use_underline">True</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_CENTER</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkButton" id="buttonOpen">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <signal name="clicked" handler="onOpenButtonClicked" last_modification_time="Wed, 02 Feb 2005 19:22:12 GMT"/>
+
+ <child>
+ <widget class="GtkAlignment" id="alignmentOpen">
+ <property name="visible">True</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xscale">0</property>
+ <property name="yscale">0</property>
+ <property name="top_padding">0</property>
+ <property name="bottom_padding">0</property>
+ <property name="left_padding">0</property>
+ <property name="right_padding">0</property>
+
+ <child>
+ <widget class="GtkHBox" id="hboxOpen">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">2</property>
+
+ <child>
+ <widget class="GtkImage" id="imageOpen">
+ <property name="visible">True</property>
+ <property name="stock">gtk-open</property>
+ <property name="icon_size">4</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="labelOpen">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">_Open</property>
+ <property name="use_underline">True</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="displayedDevice">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes"></property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">2</property>
+ <property name="right_attach">3</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vboxFSSettings">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">6</property>
+
+ <child>
+ <widget class="GtkLabel" id="labelFSSettings">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes"><span weight="bold">Filesystem Settings</span></property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">True</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkHBox" id="hboxFSSettings">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkLabel" id="spacerFSSettings">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes"> </property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkTable" id="tableFSSettings">
+ <property name="visible">True</property>
+ <property name="n_rows">2</property>
+ <property name="n_columns">2</property>
+ <property name="homogeneous">False</property>
+ <property name="row_spacing">6</property>
+ <property name="column_spacing">12</property>
+
+ <child>
+ <widget class="GtkLabel" id="labelFSType">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">File system _type:</property>
+ <property name="use_underline">True</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_CENTER</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="entryVolumeName">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">11</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char" translatable="yes">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="labelVolumeName">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">Volume _name:</property>
+ <property name="use_underline">True</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkOptionMenu" id="optionMenuFSType">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="history">0</property>
+
+ <child internal-child="menu">
+ <widget class="GtkMenu" id="typeMenu">
+ <property name="visible">True</property>
+
+ <child>
+ <widget class="GtkMenuItem" id="ext3">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">Linux Native (ext3)</property>
+ <property name="use_underline">True</property>
+ <signal name="activate" handler="onExt3Activate" last_modification_time="Wed, 02 Feb 2005 19:18:09 GMT"/>
+ </widget>
+ </child>
+
+ <child>
+ <widget class="GtkMenuItem" id="ext2">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">Linux Native (ext2)</property>
+ <property name="use_underline">True</property>
+ <signal name="activate" handler="onExt2Activate" last_modification_time="Wed, 02 Feb 2005 19:18:09 GMT"/>
+ </widget>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vboxFormattingParameters">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">6</property>
+
+ <child>
+ <widget class="GtkLabel" id="labelFormattingParameters">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes"><span weight="bold">Formatting Parameters</span></property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">True</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkHBox" id="hboxFormattingParameters">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkLabel" id="spacerParameters">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes"> </property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkCheckButton" id="checkButtonBadBlocks">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="label" translatable="yes">Check for bad blocks</property>
+ <property name="use_underline">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="active">False</property>
+ <property name="inconsistent">False</property>
+ <property name="draw_indicator">True</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkHBox" id="hboxButtons">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkHButtonBox" id="hButtonBoxHelp">
+ <property name="visible">True</property>
+ <property name="layout_style">GTK_BUTTONBOX_START</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkButton" id="buttonHelp">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="has_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="has_focus">True</property>
+ <property name="label">gtk-help</property>
+ <property name="use_stock">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <signal name="clicked" handler="onHelpButtonClicked" last_modification_time="Wed, 02 Feb 2005 19:16:58 GMT"/>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkHButtonBox" id="hButtonBoxCloseFormat">
+ <property name="visible">True</property>
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
+ <property name="spacing">10</property>
+
+ <child>
+ <widget class="GtkButton" id="buttonClose">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="label">gtk-close</property>
+ <property name="use_stock">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <signal name="clicked" handler="onCloseButtonClicked" last_modification_time="Wed, 02 Feb 2005 19:16:47 GMT"/>
+ </widget>
+ </child>
+
+ <child>
+ <widget class="GtkButton" id="buttonFormat">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="has_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="has_focus">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <signal name="clicked" handler="onFormatButtonClicked" last_modification_time="Wed, 02 Feb 2005 19:16:35 GMT"/>
+
+ <child>
+ <widget class="GtkAlignment" id="alignmentFormat">
+ <property name="visible">True</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xscale">0</property>
+ <property name="yscale">0</property>
+ <property name="top_padding">0</property>
+ <property name="bottom_padding">0</property>
+ <property name="left_padding">0</property>
+ <property name="right_padding">0</property>
+
+ <child>
+ <widget class="GtkHBox" id="hboxFormat">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">2</property>
+
+ <child>
+ <widget class="GtkImage" id="imageSave">
+ <property name="visible">True</property>
+ <property name="stock">gtk-save</property>
+ <property name="icon_size">4</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="labelFormat">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">_Format</property>
+ <property name="use_underline">True</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ </child>
+</widget>
+
+<widget class="GtkDialog" id="errUI">
+ <property name="title" translatable="yes">Error</property>
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
+ <property name="window_position">GTK_WIN_POS_NONE</property>
+ <property name="modal">True</property>
+ <property name="resizable">True</property>
+ <property name="destroy_with_parent">False</property>
+ <property name="decorated">True</property>
+ <property name="skip_taskbar_hint">False</property>
+ <property name="skip_pager_hint">False</property>
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
+ <property name="has_separator">True</property>
+
+ <child internal-child="vbox">
+ <widget class="GtkVBox" id="vboxErr">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child internal-child="action_area">
+ <widget class="GtkHButtonBox" id="hboxErrOk">
+ <property name="visible">True</property>
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
+
+ <child>
+ <widget class="GtkButton" id="buttonErrOk">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="label">gtk-ok</property>
+ <property name="use_stock">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="response_id">-5</property>
+ <signal name="clicked" handler="onErrOkButtonClicked" last_modification_time="Wed, 02 Feb 2005 19:22:48 GMT"/>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="pack_type">GTK_PACK_END</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkHBox" id="hboxStop">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkImage" id="imageStop">
+ <property name="visible">True</property>
+ <property name="stock">gtk-dialog-error</property>
+ <property name="icon_size">4</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="labelErr">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">FIXME</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ </child>
+</widget>
+
+<widget class="GtkFileSelection" id="devSelUI">
+ <property name="border_width">10</property>
+ <property name="title" translatable="yes">Select File</property>
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
+ <property name="window_position">GTK_WIN_POS_NONE</property>
+ <property name="modal">True</property>
+ <property name="resizable">True</property>
+ <property name="destroy_with_parent">False</property>
+ <property name="decorated">True</property>
+ <property name="skip_taskbar_hint">False</property>
+ <property name="skip_pager_hint">False</property>
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
+ <property name="show_fileops">True</property>
+
+ <child internal-child="cancel_button">
+ <widget class="GtkButton" id="cancelButtonDevSel">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <signal name="clicked" handler="onDevSelCancelButtonClicked" last_modification_time="Wed, 02 Feb 2005 19:20:45 GMT"/>
+ </widget>
+ </child>
+
+ <child internal-child="ok_button">
+ <widget class="GtkButton" id="okButtonDevSel">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <signal name="clicked" handler="onDevSelOkButtonClicked" last_modification_time="Wed, 02 Feb 2005 19:19:59 GMT"/>
+ </widget>
+ </child>
+</widget>
+
+<widget class="GtkWindow" id="progressUI">
+ <property name="title" translatable="yes">Formatting</property>
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
+ <property name="window_position">GTK_WIN_POS_NONE</property>
+ <property name="modal">True</property>
+ <property name="resizable">True</property>
+ <property name="destroy_with_parent">False</property>
+ <property name="decorated">True</property>
+ <property name="skip_taskbar_hint">False</property>
+ <property name="skip_pager_hint">False</property>
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_NORMAL</property>
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
+
+ <child>
+ <widget class="GtkVBox" id="vboxFormat">
+ <property name="border_width">6</property>
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">6</property>
+
+ <child>
+ <widget class="GtkProgressBar" id="progressBarFormat">
+ <property name="visible">True</property>
+ <property name="orientation">GTK_PROGRESS_LEFT_TO_RIGHT</property>
+ <property name="fraction">0</property>
+ <property name="pulse_step">0.1</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="labelFormat">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">FIXME</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+ </widget>
+ </child>
+</widget>
+
+</glade-interface>
diff -u --recursive --new-file sesame-vanilla/tools/GnomeSesameFormat.java sesame/tools/GnomeSesameFormat.java
--- sesame-vanilla/tools/GnomeSesameFormat.java 1969-12-31 18:00:00.000000000 -0600
+++ sesame/tools/GnomeSesameFormat.java 2005-02-02 13:25:41.000000000 -0600
@@ -0,0 +1,386 @@
+// FILE: GnomeSesameFormat.java -- A GUI for sesame-format
+// AUTHOR: W. Michael Petullo <mike at flyn.org>
+// DATE: 26 January 2005
+
+// Copyright (C) 2005 W. Michael Petullo <mike at flyn.org>
+// All rights reserved.
+//
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; either version 2 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program; if not, write to the Free Software
+// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+
+import java.io.IOException;
+import java.io.FileNotFoundException;
+import java.io.File;
+import java.io.DataOutputStream;
+
+import java.lang.Runtime;
+import java.lang.Process;
+import java.lang.System;
+import java.lang.InterruptedException;
+
+// import gnu.getopt.Getopt;
+// import gnu.getopt.LongOpt;
+
+import org.gnu.glade.LibGlade;
+import org.gnu.gtk.Gtk;
+import org.gnu.gtk.Button;
+import org.gnu.gtk.CheckButton;
+import org.gnu.gtk.Entry;
+import org.gnu.gtk.Label;
+import org.gnu.gtk.ProgressBar;
+import org.gnu.gtk.Window;
+import org.gnu.gtk.FileSelection;
+import org.gnu.gtk.event.GtkEvent;
+import org.gnu.pango.FontDescription;
+
+interface Cipher {
+ public String name();
+ public int keyBitCount();
+}
+
+class AES256 implements Cipher {
+ public String name() { return "aes"; }
+ public int keyBitCount() { return 256; }
+}
+
+class AES128 implements Cipher {
+ public String name() { return "aes"; }
+ public int keyBitCount() { return 128; }
+}
+
+interface FS {
+ public String name();
+}
+
+class Ext3 implements FS {
+ public String name() { return "ext3"; }
+}
+
+class Ext2 implements FS {
+ public String name() { return "ext2"; }
+}
+
+class ProgressBarUpdater extends Thread {
+ boolean stop;
+ ProgressBar progressBar;
+
+ private ProgressBarUpdater() {};
+
+ ProgressBarUpdater(ProgressBar p) {
+ stop = false;
+ progressBar = p;
+ }
+
+ public void run() {
+ while (stop == false) {
+ while (Gtk.eventsPending()) {
+ Gtk.mainIteration();
+ }
+ progressBar.pulse();
+ try {
+ Thread.sleep(100);
+ } catch (java.lang.InterruptedException e) {}
+ }
+ }
+
+ void stopReq() {
+ stop = true;
+ }
+}
+
+public class GnomeSesameFormat {
+ private LibGlade glade;
+
+ private boolean dryRun;
+ private Cipher cipher;
+ private FS fs;
+ private String passphrase;
+ private String volName;
+ private String device;
+
+ private Window topLevel;
+ private FileSelection devSelUI;
+ private Window errUI;
+ private Window progressUI;
+
+ public void init() throws IOException {
+ glade = new LibGlade(System.getProperty("GLADE_FILE"), this);
+
+ dryRun = false;
+ cipher = new AES256();
+ fs = new Ext3();
+ passphrase = null;
+ volName = null;
+
+ topLevel = (Window) glade.getWidget("topLevel");
+ devSelUI = (FileSelection) glade.getWidget("devSelUI");
+ errUI = (Window) glade.getWidget("errUI");
+ progressUI = (Window) glade.getWidget("progressUI");
+ }
+
+ public GnomeSesameFormat() throws IOException {
+ init();
+ device = null;
+
+ Label l = (Label) glade.getWidget("displayedDevice");
+ l.setText("none selected");
+ }
+
+ public GnomeSesameFormat(String d) throws IOException {
+ init();
+ device = d;
+
+ Label l = (Label) glade.getWidget("labelDevice");
+ l.setSensitive(false);
+
+ Button b = (Button) glade.getWidget("buttonOpen");
+ b.setSensitive(false);
+
+ l = (Label) glade.getWidget("displayedDevice");
+ l.setText(d);
+ l.setSensitive(false);
+ }
+
+ public void onTopLevelDeleteEvent(GtkEvent event) {
+ Gtk.mainQuit();
+ System.exit(0);
+ }
+
+ public void onAES128Activate(GtkEvent event) {
+ cipher = new AES128();
+ }
+
+ public void onAES256Activate(GtkEvent event) {
+ cipher = new AES256();
+ }
+
+ public void onExt2Activate(GtkEvent event) {
+ fs = new Ext2();
+ }
+
+ public void onExt3Activate(GtkEvent event) {
+ fs = new Ext3();
+ }
+
+ public void onCloseButtonClicked(GtkEvent event) {
+ Gtk.mainQuit();
+ System.exit(0);
+ }
+
+ public void onHelpButtonClicked(GtkEvent event) {
+ // FIXME
+ }
+
+ public void onFormatButtonClicked(GtkEvent event) {
+ Entry entry;
+
+ entry = (Entry) glade.getWidget("entryPassphrase");
+ passphrase = entry.getText();
+
+ entry = (Entry) glade.getWidget("entryVolumeName");
+ volName = entry.getText();
+
+ if (device == null)
+ error("Device not selected");
+ else if (passphrase.equals(""))
+ error("Passphrase not entered");
+ else if (volName.equals(""))
+ error("Volume name not entered");
+ else {
+ ProgressBar p = (ProgressBar)
+ glade.getWidget("progressBarFormat");
+ Label l = (Label) glade.getWidget("labelFormat");
+ ProgressBarUpdater pU = new ProgressBarUpdater(p);
+
+ topLevel.setSensitive(false);
+ progressUI.show();
+
+ if (! dryRun) {
+ l.setText("Formatting " + device);
+ pU.start();
+ execSesameFormat();
+ pU.stopReq();
+ try {
+ pU.join();
+ } catch (java.lang.InterruptedException e) {}
+ } else {
+ l.setText("[Simulated] Formatting " + device);
+ pU.start();
+ try {
+ Thread.sleep(1000);
+ } catch (java.lang.InterruptedException e) {}
+ pU.stopReq();
+ try {
+ pU.join();
+ } catch (java.lang.InterruptedException e) {}
+ }
+
+ progressUI.hide();
+ topLevel.setSensitive(true);
+ }
+ }
+
+ public void onOpenButtonClicked(GtkEvent event) {
+ topLevel.setSensitive(false);
+ devSelUI.show();
+ }
+
+ public void onErrOkButtonClicked(GtkEvent event) {
+ errUI.hide();
+ topLevel.setSensitive(true);
+ }
+
+ public void onDevSelOkButtonClicked(GtkEvent event) {
+ String tmp = devSelUI.getFilename();
+ if (! new File (tmp).exists())
+ error("Device " + tmp + " does not exist");
+ else {
+ device = tmp;
+
+ Label l = (Label) glade.getWidget("displayedDevice");
+ l.setText(device);
+
+ devSelUI.hide();
+ topLevel.setSensitive(true);
+ }
+ }
+
+ public void onDevSelCancelButtonClicked(GtkEvent event) {
+ devSelUI.hide();
+ topLevel.setSensitive(true);
+ }
+
+ private String getSesameFormatPath() throws SecurityException,
+ NullPointerException, IllegalArgumentException {
+ return System.getProperty("SESAME_FORMAT");
+ }
+
+ private void execSesameFormat() {
+ CheckButton c = (CheckButton) glade.getWidget
+ ("checkButtonBadBlocks");
+
+ StringBuffer cmd = new StringBuffer();
+ String progpath = "";
+
+ if (! dryRun) try {
+ progpath = getSesameFormatPath();
+
+ cmd.append(progpath);
+ cmd.append(" --fs-type=");
+ cmd.append(fs.name());
+ cmd.append(" --fs-cipher=");
+ cmd.append(cipher.name());
+ cmd.append(" --fs-keylen=");
+ cmd.append(cipher.keyBitCount());
+ cmd.append(" ");
+ if (c.getState()) {
+ cmd.append("-c");
+ cmd.append(" ");
+ }
+ cmd.append("--volume-name=");
+ cmd.append(volName);
+ cmd.append(" ");
+ cmd.append(device);
+
+System.out.println(cmd);
+ Process p = Runtime.getRuntime().exec(cmd.toString());
+
+ DataOutputStream o = new DataOutputStream(p.getOutputStream());
+
+ o.writeBytes(passphrase);
+ o.close();
+
+ if (p.waitFor() != 0)
+ throw new InterruptedException ();
+
+ } catch (SecurityException e) {
+ error("Could not find sesame-format");
+ } catch (NullPointerException e) {
+ error("Could not find sesame-format");
+ } catch (IllegalArgumentException e) {
+ error("Could not find sesame-format");
+ } catch (IOException e) {
+ error("Error executing " + progpath);
+ } catch (InterruptedException e) {
+ error("Error executing " + progpath);
+ }
+ }
+
+ private void error(String msg) {
+ Label l = (Label) glade.getWidget("labelErr");
+ l.setText(msg);
+ topLevel.setSensitive(false);
+ errUI.show();
+ }
+
+ private void setDryRun(boolean setting) {
+ dryRun = setting;
+ }
+
+ private static void printUsage(int status, String error, String more) {
+ System.err.println("gnome-sesame-setup [options] [device]\n\n" +
+ "-h, --help\n" +
+ " print a list of options\n\n" +
+ "-d, --dry-run\n" +
+ " do not actually perform any operations on device\n");
+ if (error != null)
+ System.err.println(error + ": " + more);
+ System.exit(status);
+ }
+
+ private static void main() {}
+
+ public static void main(String args[]) {
+ GnomeSesameFormat gui;
+
+ Gtk.init(args);
+
+ LongOpt[] longOpt = new LongOpt[2];
+ longOpt[0] = new LongOpt("help", LongOpt.NO_ARGUMENT, null,
+ 'h');
+ longOpt[1] = new LongOpt("dry-run", LongOpt.NO_ARGUMENT, null,
+ 'd');
+
+ Getopt g = new Getopt("gnome-sesame-format", args, "hd",
+ longOpt);
+
+ int c;
+ boolean argDryRun = false;
+ while ((c = g.getopt()) != -1)
+ switch (c) {
+ case 'h':
+ printUsage(0, null, null);
+ case 'd':
+ argDryRun = true;
+ break;
+ default:
+ printUsage(1, null, null);
+ }
+
+ try {
+ int i = g.getOptind();
+ if (i < args.length)
+ gui = new GnomeSesameFormat(args[i]);
+ else
+ gui = new GnomeSesameFormat();
+ gui.setDryRun(argDryRun);
+ } catch (Exception e) {
+ System.err.println(e);
+ System.exit(1);
+ }
+
+ Gtk.main();
+ }
+
+}
Binary files sesame-vanilla/tools/GnomeSesameFormat.o and sesame/tools/GnomeSesameFormat.o differ
diff -u --recursive --new-file sesame-vanilla/tools/LongOpt.java sesame/tools/LongOpt.java
--- sesame-vanilla/tools/LongOpt.java 1969-12-31 18:00:00.000000000 -0600
+++ sesame/tools/LongOpt.java 2005-02-02 11:34:41.000000000 -0600
@@ -0,0 +1,194 @@
+/**************************************************************************
+/* LongOpt.java -- Long option object for Getopt
+/*
+/* Copyright (c) 1998 by Aaron M. Renn (arenn at urbanophile.com)
+/*
+/* This program is free software; you can redistribute it and/or modify
+/* it under the terms of the GNU Library General Public License as published
+/* by the Free Software Foundation; either version 2 of the License or
+/* (at your option) any later version.
+/*
+/* This program is distributed in the hope that it will be useful, but
+/* WITHOUT ANY WARRANTY; without even the implied warranty of
+/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+/* GNU Library General Public License for more details.
+/*
+/* You should have received a copy of the GNU Library General Public License
+/* along with this program; see the file COPYING.LIB. If not, write to
+/* the Free Software Foundation Inc., 59 Temple Place - Suite 330,
+/* Boston, MA 02111-1307 USA
+/**************************************************************************/
+
+import java.util.Locale;
+import java.util.ResourceBundle;
+import java.util.PropertyResourceBundle;
+import java.text.MessageFormat;
+
+/**************************************************************************/
+
+/**
+ * This object represents the definition of a long option in the Java port
+ * of GNU getopt. An array of LongOpt objects is passed to the Getopt
+ * object to define the list of valid long options for a given parsing
+ * session. Refer to the getopt documentation for details on the
+ * format of long options.
+ *
+ * @version 1.0.5
+ * @author Aaron M. Renn (arenn at urbanophile.com)
+ *
+ * @see Getopt
+ */
+public class LongOpt extends Object
+{
+
+/**************************************************************************/
+
+/*
+ * Class Variables
+ */
+
+/**
+ * Constant value used for the "has_arg" constructor argument. This
+ * value indicates that the option takes no argument.
+ */
+public static final int NO_ARGUMENT = 0;
+
+/**
+ * Constant value used for the "has_arg" constructor argument. This
+ * value indicates that the option takes an argument that is required.
+ */
+public static final int REQUIRED_ARGUMENT = 1;
+
+/**
+ * Constant value used for the "has_arg" constructor argument. This
+ * value indicates that the option takes an argument that is optional.
+ */
+public static final int OPTIONAL_ARGUMENT = 2;
+
+/**************************************************************************/
+
+/*
+ * Instance Variables
+ */
+
+/**
+ * The name of the long option
+ */
+protected String name;
+
+/**
+ * Indicates whether the option has no argument, a required argument, or
+ * an optional argument.
+ */
+protected int has_arg;
+
+/**
+ * If this variable is not null, then the value stored in "val" is stored
+ * here when this long option is encountered. If this is null, the value
+ * stored in "val" is treated as the name of an equivalent short option.
+ */
+protected StringBuffer flag;
+
+/**
+ * The value to store in "flag" if flag is not null, otherwise the
+ * equivalent short option character for this long option.
+ */
+protected int val;
+
+/**
+ * Localized strings for error messages
+ */
+/*private ResourceBundle _messages = PropertyResourceBundle.getBundle(
+ "gnu/getopt/MessagesBundle", Locale.getDefault());
+ */
+
+/**************************************************************************/
+
+/*
+ * Constructors
+ */
+
+/**
+ * Create a new LongOpt object with the given parameter values. If the
+ * value passed as has_arg is not valid, then an exception is thrown.
+ *
+ * @param name The long option String.
+ * @param has_arg Indicates whether the option has no argument (NO_ARGUMENT), a required argument (REQUIRED_ARGUMENT) or an optional argument (OPTIONAL_ARGUMENT).
+ * @param flag If non-null, this is a location to store the value of "val" when this option is encountered, otherwise "val" is treated as the equivalent short option character.
+ * @param val The value to return for this long option, or the equivalent single letter option to emulate if flag is null.
+ *
+ * @exception IllegalArgumentException If the has_arg param is not one of NO_ARGUMENT, REQUIRED_ARGUMENT or OPTIONAL_ARGUMENT.
+ */
+public
+LongOpt(String name, int has_arg,
+ StringBuffer flag, int val) throws IllegalArgumentException
+{
+ // Validate has_arg
+ if ((has_arg != NO_ARGUMENT) && (has_arg != REQUIRED_ARGUMENT)
+ && (has_arg != OPTIONAL_ARGUMENT))
+ {
+ Object[] msgArgs = { new Integer(has_arg).toString() };
+ throw new IllegalArgumentException();
+ }
+
+ // Store off values
+ this.name = name;
+ this.has_arg = has_arg;
+ this.flag = flag;
+ this.val = val;
+}
+
+/**************************************************************************/
+
+/**
+ * Returns the name of this LongOpt as a String
+ *
+ * @return Then name of the long option
+ */
+public String
+getName()
+{
+ return(name);
+}
+
+/**************************************************************************/
+
+/**
+ * Returns the value set for the 'has_arg' field for this long option
+ *
+ * @return The value of 'has_arg'
+ */
+public int
+getHasArg()
+{
+ return(has_arg);
+}
+
+/**************************************************************************/
+
+/**
+ * Returns the value of the 'flag' field for this long option
+ *
+ * @return The value of 'flag'
+ */
+public StringBuffer
+getFlag()
+{
+ return(flag);
+}
+
+/**
+ * Returns the value of the 'val' field for this long option
+ *
+ * @return The value of 'val'
+ */
+public int
+getVal()
+{
+ return(val);
+}
+
+/**************************************************************************/
+
+} // Class LongOpt
+
Binary files sesame-vanilla/tools/LongOpt.o and sesame/tools/LongOpt.o differ
diff -u --recursive --new-file sesame-vanilla/tools/Makefile.am sesame/tools/Makefile.am
--- sesame-vanilla/tools/Makefile.am 2004-12-31 07:35:47.000000000 -0600
+++ sesame/tools/Makefile.am 2005-02-02 22:53:44.000000000 -0600
@@ -1,16 +1,52 @@
INCLUDES = \
-DCRYPTSETUP=\""$(CRYPTSETUP)\"" \
+ -DDD=\""$(DD)\"" \
+ -DMKFS=\""$(MKFS)\"" \
-DPACKAGE_DATA_DIR=\""$(datadir)"\" \
-DPACKAGE_BIN_DIR=\""$(bindir)"\" \
-DPACKAGE_LOCALE_DIR=\""$(prefix)/$(DATADIRNAME)/locale"\"
-sbin_PROGRAMS = sesame-setup
+if HAVE_CHECK
+noinst_PROGRAMS = check_common
-sesame_setup_SOURCES = sesame-setup.c
+check_common_SOURCES = check_common.c common.c
+
+check_common_INCLUDES = @CHECK_CFLAGS@
+check_common_LDADD = @CHECK_LIBS@
+endif
+
+sbin_PROGRAMS = sesame-format sesame-setup sesame-is-encrypted
+
+sesame_format_SOURCES = sesame-format.c common.c
+
+sesame_setup_SOURCES = sesame-setup.c common.c
+
+sesame_is_encrypted_SOURCES = sesame-is-encrypted.c common.c
+
+bin_PROGRAMS = gnome-sesame-format
+
+# Remove Getopt.java and LongOpt.java from here and delete files once
+# Build vs. /usr/share/java/gnu.getopt.jar
+# Link vs. ???
+# uncomment imports in GnomeSesameFormat.java
+# Fedora RPM ships without -lgnu.getopt.
+gnome_sesame_format_SOURCES = GnomeSesameFormat.java Getopt.java LongOpt.java
# Add @PACKAGE_LIBS@ if using pkg-config packages; see configure.in
-sesame_setup_LDADD = $(top_builddir)/libsesame/libsesame.la
+sesame_format_LDADD = $(GLIB_LIBS)
+
+# FIXME: need to implement proper Java autoconf/automake
+gnome_sesame_format_LDFLAGS = --main=GnomeSesameFormat -DSESAME_FORMAT="$(SBINDIR)/sesame-format" -DGLADE_FILE="$(DATADIR)/sesame/GnomeSesameFormat.glade"
+gnome_sesame_format_LDADD = -lgtkjar2.4 -lgnomejar2.8 -lgladejar2.8
+AM_GCJFLAGS = --CLASSPATH=.:/usr/share/java/gtk2.4.jar:/usr/share/java/gnome2.8.jar:/usr/share/java/glade2.8.jar
+
+sesamedir = $(pkgdatadir)
+sesame_DATA = GnomeSesameFormat.glade
+
+EXTRA_DIST = GnomeSesameFormat.glade
+
+AM_CFLAGS = $(GLIB_CFLAGS) -Werror
clean-local :
rm -f *~
Binary files sesame-vanilla/tools/sesame-format and sesame/tools/sesame-format differ
diff -u --recursive --new-file sesame-vanilla/tools/sesame-format.c sesame/tools/sesame-format.c
--- sesame-vanilla/tools/sesame-format.c 1969-12-31 18:00:00.000000000 -0600
+++ sesame/tools/sesame-format.c 2005-02-02 09:51:20.000000000 -0600
@@ -0,0 +1,310 @@
+
+#define _GNU_SOURCE
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <string.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <ctype.h>
+#include <assert.h>
+#include <limits.h>
+#include <getopt.h>
+#include <glib.h>
+#include <mntent.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
+#include <uuid/uuid.h>
+
+#include "common.h"
+
+static int verbose = 0;
+static int dry_run = 0;
+static char *fs_type = "ext2";
+static char *fs_cipher = "aes";
+static size_t fs_keylen = 16;
+static int do_check = 0;
+static char *device = NULL;
+static char *volume_name = "Untitled";
+
+static void print_usage(const int exitcode, const char *error,
+ const char *more)
+{
+ if (error)
+ assert(more);
+
+ fprintf(stderr, "sesame-setup [options] device\n\n"
+ "-h, --help\n"
+ " print a list of options\n\n"
+ "-v, --verbose\n"
+ " verbose display of messages\n\n"
+ "-d, --dry-run\n"
+ " do not actually perform any operations on device\n\n"
+ "-t, --fs-type type\n"
+ " set the filesystem type to use [%s]\n\n"
+ "-c, --fs-cipher cipher\n"
+ " cipher used to encrypt the filesystem [%s]\n\n"
+ "-l, --fs-keylen length\n"
+ " length in bits of encryption key [%d]\n\n"
+ "-n, --volume-name name\n"
+ " set the name of the filesystem [%s]\n\n"
+ "-k, --check\n"
+ " check device for bad blocks [%s]\n\n",
+ fs_type, fs_cipher, fs_keylen * 8, volume_name,
+ do_check ? "on" : "off");
+
+ if (error)
+ fprintf(stderr, "%s: %s\n", error, more);
+
+ exit(exitcode);
+}
+
+/* FIXME: do all Unices have an /etc/mtab? */
+static int mounted(const char *match)
+{
+ int mounted = 0;
+ FILE *mtab;
+ struct mntent *mtab_record;
+
+ assert(match != NULL);
+
+ if (!(mtab = fopen("/etc/mtab", "r"))) {
+ fprintf(stderr,
+ "Could not open /etc/mtab, assuming mounted\n");
+ mounted = 1;
+ goto _return;
+ }
+ while ((mtab_record = getmntent(mtab)) != NULL) {
+ char const *mnt_fsname = mtab_record->mnt_fsname;
+ if (!strcasecmp(mnt_fsname, match)) {
+ mounted = 1;
+ fprintf(stderr,
+ "Volume %s currently mounted at %s\n",
+ device, mtab_record->mnt_dir);
+ }
+ }
+ _return:
+ fclose(mtab);
+ return mounted;
+}
+
+static void print_output(FILE * out, int in)
+{
+ char c[1];
+
+ assert(out);
+ assert(in >= 0);
+
+ /* unbuffered I/O so we can catch progress indicators */
+ while (read(in, c, 1) != 0)
+ fprintf(out, "%c", *c);
+}
+
+static int run_mkfs(const char *fs_type, int check)
+{
+ pid_t pid;
+ GError *err = NULL;
+ char dmname[PATH_MAX + 1];
+ int fnval = 1, child_exit, pstderr = -1, nargv = 5;
+ const char *argv[] = { MKFS, "-t", fs_type, "-L", volume_name,
+ NULL, NULL, NULL };
+ char uuid[UUIDLEN + 1];
+
+ assert(fs_type);
+
+ if (check)
+ argv[nargv++] = "-c";
+
+
+ /* FIXME: read UUID from LUKS header */
+ strcpy(uuid, "FIXME");
+ strcpy(dmname, DMDIR);
+ strncat(dmname, DMCRYPT_TMP_PREFIX,
+ sizeof dmname - strlen(dmname));
+ if (strlen(device) + strlen(uuid) > PATH_MAX) {
+ fprintf(stderr, "Uuid %s is too long\n", uuid);
+ fnval = 0;
+ goto _return;
+ }
+ strncat(dmname, uuid, sizeof dmname - strlen(dmname));
+ argv[nargv++] = dmname;
+
+ if (g_spawn_async_with_pipes
+ (NULL, (char **) argv, NULL, G_SPAWN_DO_NOT_REAP_CHILD, NULL,
+ NULL, &pid, NULL, NULL, &pstderr, &err) == FALSE) {
+ fprintf(stderr, "%s\n", err->message);
+ g_error_free(err);
+ fnval = 0;
+ goto _return;
+ }
+
+ print_output(stderr, pstderr);
+
+ if (waitpid(pid, &child_exit, 0) == -1) {
+ fprintf(stderr, "Error waiting for child\n");
+ fnval = 0;
+ goto _return;
+ }
+
+ fnval = !WEXITSTATUS(child_exit);
+
+ _return:
+ return fnval;
+}
+
+static int run_randomize(const char *device)
+{
+ pid_t pid;
+ GError *err = NULL;
+ char of[BUFSIZ + 1];
+ int fnval = 1, child_exit, pstderr = -1;
+ const char *argv[] = { DD, "if=/dev/urandom", "", NULL };
+
+ assert(device);
+
+ strcpy(of, "of=");
+ if (strlen(device) + strlen(of) > BUFSIZ) {
+ fprintf(stderr, "Device name %s is too long\n", device);
+ fnval = 0;
+ goto _return;
+ }
+ strcat(of, device);
+ argv[2] = of;
+
+ if (g_spawn_async_with_pipes
+ (NULL, (char **) argv, NULL, G_SPAWN_DO_NOT_REAP_CHILD, NULL,
+ NULL, &pid, NULL, NULL, &pstderr, &err) == FALSE) {
+ fprintf(stderr, "%s\n", err->message);
+ g_error_free(err);
+ fnval = 0;
+ goto _return;
+ }
+
+ print_output(stderr, pstderr);
+
+ if (waitpid(pid, &child_exit, 0) == -1) {
+ fprintf(stderr, "Error waiting for child\n");
+ fnval = 0;
+ goto _return;
+ }
+
+ fnval = !WEXITSTATUS(child_exit);
+
+ _return:
+ return fnval;
+}
+
+int main(int argc, char *argv[])
+{
+ char passphrase[BUFSIZ + 1];
+ int c, opt_index = 0, status = EXIT_SUCCESS;
+ struct option opts[] = {
+ {"help", 0, 0, 'h'},
+ {"dry-run", 0, 0, 'd'},
+ {"verbose", 0, 0, 'v'},
+ {"fs-type", 1, 0, 't'},
+ {"fs-cipher", 1, 0, 'c'},
+ {"fs-keylen", 1, 0, 'l'},
+ {"volume-name", 1, 0, 'n'},
+ {"check", 1, 0, 'k'},
+ {0, 0, 0, 0}
+ };
+
+ while ((c =
+ getopt_long(argc, argv, "hvdt:c:l:n:k:", opts, &opt_index))
+ >= 0) {
+ switch (c) {
+ case 'h':
+ print_usage(EXIT_SUCCESS, NULL, NULL);
+ case 'v':
+ verbose = 1;
+ break;
+ case 'd':
+ dry_run = 1;
+ break;
+ case 't':
+ fs_type = optarg;
+ break;
+ case 'c':
+ fs_cipher = optarg;
+ break;
+ case 'l':
+ fs_keylen = atoi(optarg) / 8;
+ break;
+ case 'n':
+ volume_name = optarg;
+ break;
+ case 'k':
+ do_check = 1;
+ break;
+ default:
+ print_usage(EXIT_FAILURE, NULL, NULL);
+ }
+ }
+
+ if (argv[optind] == NULL)
+ print_usage(EXIT_FAILURE, NULL, NULL);
+ device = argv[optind];
+
+ if (mounted(device)) {
+ status = EXIT_FAILURE;
+ goto _exit;
+ }
+
+ if (read_key(passphrase, BUFSIZ) == 0) {
+ fprintf(stderr, "Could not read key\n");
+ status = EXIT_FAILURE;
+ goto _exit;
+ }
+
+ msg(verbose, "randomizing %s\n", device);
+ if (run_randomize(device) == 0) {
+ status = EXIT_FAILURE;
+ goto _exit;
+ }
+
+ msg(verbose, "initializing LUKS on %s using %s (%d bit key)\n",
+ device, fs_cipher, fs_keylen * 8);
+ if (!dry_run)
+ if (run_cryptsetup_luksInit
+ (fs_cipher, device, passphrase, fs_keylen) == 0) {
+ status = EXIT_FAILURE;
+ goto _exit;
+ }
+
+ msg(verbose, "setting up dmcrypt device\n");
+ if (!dry_run)
+ if (run_cryptsetup_luksOpen
+ (DMCRYPT_TMP_PREFIX, device, passphrase) == 0) {
+ status = EXIT_FAILURE;
+ goto _exit;
+ }
+
+ msg(verbose, "creating %s filesystem\n", fs_type);
+ if (!dry_run)
+ if (run_mkfs(fs_type, do_check) == 0) {
+ status = EXIT_FAILURE;
+ goto _exit;
+ }
+
+ msg(verbose, "removing temporary dm-crypt device\n");
+ if (!dry_run)
+ if (run_cryptunsetup(DMCRYPT_TMP_PREFIX, device) == 0) {
+ status = EXIT_FAILURE;
+ goto _exit;
+ }
+
+ msg(verbose, "re-initializing dm-crypt device for hald\n");
+ if (!dry_run) {
+ if (run_cryptsetup_luksOpen
+ (DMCRYPT_PREFIX, device, passphrase) == 0) {
+ status = EXIT_FAILURE;
+ goto _exit;
+ }
+ }
+
+ _exit:
+ exit(status);
+}
Binary files sesame-vanilla/tools/sesame-format.o and sesame/tools/sesame-format.o differ
Binary files sesame-vanilla/tools/sesame-is-encrypted and sesame/tools/sesame-is-encrypted differ
diff -u --recursive --new-file sesame-vanilla/tools/sesame-is-encrypted.c sesame/tools/sesame-is-encrypted.c
--- sesame-vanilla/tools/sesame-is-encrypted.c 1969-12-31 18:00:00.000000000 -0600
+++ sesame/tools/sesame-is-encrypted.c 2005-02-01 22:20:26.000000000 -0600
@@ -0,0 +1,147 @@
+
+#define _GNU_SOURCE
+
+#include <assert.h>
+#include <getopt.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <stdio.h>
+#include <errno.h>
+#include <stdlib.h>
+
+#include "common.h"
+
+int main () { return 0; }
+/*
+static int verbose = 0;
+static char *device = NULL;
+
+static void print_usage(const int exitcode, const char *error,
+ const char *more)
+{
+ if (error)
+ assert(more);
+
+ fprintf(stderr, "sesame-is-encrypted [options] device\n\n"
+ "-h, --help\n"
+ " print a list of options\n\n"
+ "-v, --verbose\n" " verbose display of messages\n\n");
+
+ if (error)
+ fprintf(stderr, "%s: %s\n", error, more);
+
+ exit(exitcode);
+}
+
+int main(int argc, char *argv[])
+{
+ int c, opt_index = 0, status = EXIT_SUCCESS;
+ char buf[1024];
+ struct option opts[] = {
+ {"help", 0, 0, 'h'},
+ {"verbose", 0, 0, 'v'},
+ {0, 0, 0, 0}
+ };
+ const char *uuid, *enc_key, *enc_key_cipher, *block_key_cipher,
+ *block_key_sha1;
+
+ while ((c = getopt_long(argc, argv, "hv", opts, &opt_index)) >= 0) {
+ switch (c) {
+ case 'h':
+ print_usage(EXIT_SUCCESS, NULL, NULL);
+ case 'v':
+ verbose = 1;
+ break;
+ default:
+ print_usage(EXIT_FAILURE, NULL, NULL);
+ }
+ }
+
+ if (argv[optind] == NULL)
+ print_usage(EXIT_FAILURE, NULL, NULL);
+ device = argv[optind];
+
+ msg(verbose, "opening %s\n", device);
+ fd_metadata = open(device, O_RDONLY);
+ if (fd_metadata == -1) {
+ fprintf(stderr, "Cannot open %s, err=%s\n", device,
+ strerror(errno));
+ goto _exit;
+ }
+
+ msg(verbose, "reading from %s\n", device);
+ if (read(fd_metadata, buf, sizeof(buf)) == -1) {
+ fprintf(stderr, "Cannot read from %s, err=%s\n",
+ device, strerror(errno));
+ status = EXIT_FAILURE;
+ goto _exit_close;
+ }
+
+ msg(verbose, "parsing metadata\n");
+ md = sesame_get_metadata_from_buf(buf);
+ if (md == NULL) {
+ fprintf(stderr, "Cannot not parse metadata\n");
+ status = EXIT_FAILURE;
+ goto _exit_close;
+ }
+
+ msg(verbose, "getting uuid\n");
+ uuid = sesame_get(md, "uuid");
+ if (uuid == NULL) {
+ fprintf(stderr, "Cannot read uuid from %s\n", device);
+ status = EXIT_FAILURE;
+ goto _exit_free;
+ }
+
+ msg(verbose, "getting enc_key\n");
+ enc_key = sesame_get(md, "enc_key");
+ if (enc_key == NULL) {
+ fprintf(stderr, "Cannot read enc_key from %s\n", device);
+ status = EXIT_FAILURE;
+ goto _exit_free;
+ }
+
+ msg(verbose, "getting enc_key_cipher\n");
+ enc_key_cipher = sesame_get(md, "enc_key_cipher");
+ if (enc_key == NULL) {
+ fprintf(stderr, "Cannot read enc_key_cipher from %s\n",
+ device);
+ status = EXIT_FAILURE;
+ goto _exit_free;
+ }
+
+ msg(verbose, "getting block_key_cipher\n");
+ block_key_cipher = sesame_get(md, "block_key_cipher");
+ if (block_key_cipher == NULL) {
+ fprintf(stderr, "Cannot read block_key_cipher from %s\n",
+ device);
+ status = EXIT_FAILURE;
+ goto _exit_free;
+ }
+
+ msg(verbose, "getting block_key_sha1\n");
+ block_key_sha1 = sesame_get(md, "block_key_sha1");
+ if (block_key_sha1 == NULL) {
+ fprintf(stderr, "Cannot read block_key_sha1 from %s\n",
+ device);
+ status = EXIT_FAILURE;
+ goto _exit_free;
+ }
+
+ _exit_free:
+ msg(verbose, "freeing memory\n");
+ sesame_free(md);
+
+ _exit:
+ if (status == EXIT_SUCCESS)
+ fprintf(stdout, "Device %s seems to be encrypted\n",
+ device);
+ else
+ fprintf(stdout, "Device %s does not seem to be encrypted\n",
+ device);
+ exit(status);
+}
+*/
Binary files sesame-vanilla/tools/sesame-is-encrypted.o and sesame/tools/sesame-is-encrypted.o differ
Binary files sesame-vanilla/tools/sesame-setup and sesame/tools/sesame-setup differ
diff -u --recursive --new-file sesame-vanilla/tools/sesame-setup.c sesame/tools/sesame-setup.c
--- sesame-vanilla/tools/sesame-setup.c 2004-12-31 07:35:47.000000000 -0600
+++ sesame/tools/sesame-setup.c 2005-02-01 22:08:09.000000000 -0600
@@ -2,6 +2,7 @@
#define _GNU_SOURCE
#include <stdio.h>
+#include <stdlib.h>
#include <string.h>
#include <fcntl.h>
#include <unistd.h>
@@ -13,20 +14,11 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/wait.h>
-#include <openssl/ssl.h>
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#ifndef EVP_MAX_BLOCK_LENGTH
-#define EVP_MAX_BLOCK_LENGTH 32 /* some older openssl versions need this */
-#endif
+#include "common.h"
-#include "../libsesame/libsesame.h"
-
-#define MAGICTAIL "SESAME0"
-
-int verbose = 0;
-char *device = NULL;
+static int verbose = 0;
+static char *device = NULL;
static void print_usage(const int exitcode, const char *error,
const char *more)
@@ -44,256 +36,15 @@
exit(exitcode);
}
-static void sslerror(const char *msg)
-{
- assert(msg);
-
- unsigned long err = ERR_get_error();
- if (err != 0)
- fprintf(stderr, "%s: %s", msg,
- ERR_error_string(err, NULL));
-}
-
-static int hash_authtok(const char *data, const EVP_CIPHER * const cipher,
- const char *const authtok,
- unsigned char *const hash, unsigned char *const iv)
-{
- const EVP_MD *md;
- unsigned char salt[PKCS5_SALT_LEN];
-
- assert(data != NULL);
- assert(cipher != NULL); /* FIXME: is cipher is valid OpenSSL cipher? */
- assert(authtok != NULL);
- assert(hash != NULL); /* FIXME: check hash is big enough? */
- assert(iv != NULL); /* FIXME: check iv is big enough? */
-
- if (memcmp(data, "Salted__", sizeof "Salted__" - 1) != 0) {
- fprintf(stderr, "magic string Salted__ not in stream\n");
- return 0;
- }
- memcpy(salt, data + sizeof "Salted__" - 1, PKCS5_SALT_LEN);
- md = EVP_md5();
- if (EVP_BytesToKey
- (cipher, md, salt, authtok, strlen(authtok), 1,
- hash, iv) <= 0) {
- fprintf(stderr, "failed to hash passphrase");
- return 0;
- }
-
- return 1;
-}
-
-static int
-decrypt(char *const out, size_t * const out_len,
- const char *const in, const size_t in_len,
- const char *const cipher_name, const char *const authtok)
-{
- int ret = 1;
- int segment_len;
- size_t data_len;
- const char *data;
- unsigned char hashed_authtok[EVP_MAX_KEY_LENGTH];
- unsigned char iv[EVP_MAX_IV_LENGTH];
- const EVP_CIPHER *cipher;
- EVP_CIPHER_CTX ctx;
-
- assert(out != NULL);
- assert(out_len != NULL);
- assert(cipher_name != NULL);
- assert(in != NULL);
- assert(authtok != NULL);
-
- memset(out, 0x00, BUFSIZ + EVP_MAX_BLOCK_LENGTH);
- OpenSSL_add_all_ciphers();
- EVP_CIPHER_CTX_init(&ctx);
- SSL_load_error_strings();
- if (!(cipher = EVP_get_cipherbyname(cipher_name))) {
- fprintf(stderr, "error getting cipher \"%s\"\n", (const char *)cipher);
- ret = 0;
- goto _return;
- }
- if (hash_authtok(in, cipher, authtok, hashed_authtok, iv) == 0) {
- ret = 0;
- goto _return;
- }
- if (EVP_DecryptInit_ex(&ctx, cipher, NULL, hashed_authtok, iv) ==
- 0) {
- sslerror("failed to initialize decryption code");
- ret = 0;
- goto _return;
- }
- data = in + (sizeof "Salted__" - 1) + PKCS5_SALT_LEN;
- data_len = in_len - (sizeof "Salted__" - 1) - PKCS5_SALT_LEN;
- /* assumes plaintexts is always <= ciphertext + EVP_MAX_BLOCK_LEN in length
- * OpenSSL's documentation seems to promise this */
- if (EVP_DecryptUpdate
- (&ctx, out, &segment_len, data, data_len) == 0) {
- sslerror("failed to decrypt key");
- ret = 0;
- goto _return;
- }
- *out_len = segment_len;
- if (EVP_DecryptFinal_ex(&ctx, &out[*out_len], &segment_len) == 0) {
- sslerror
- ("bad pad on end of encrypted file (wrong algorithm or key size?)");
- ret = 0;
- goto _return;
- }
- *out_len += segment_len;
- _return:
- if (EVP_CIPHER_CTX_cleanup(&ctx) == 0) {
- sslerror("error cleaning up cipher context");
- ret = 0;
- }
-
- ERR_free_strings();
- /* out_len is unsigned */
- assert(ret == 0 || *out_len <= BUFSIZ + EVP_MAX_BLOCK_LENGTH);
-
- return ret;
-}
-
-static unsigned char *decode(char *data)
-{
- size_t i;
- unsigned char *decoded =
- (char *) malloc((strlen(data) / 2) * sizeof(char));
- if (decoded == NULL)
- return NULL;
- for (i = 0; i < strlen(data); i += 2) {
- decoded[i / 2] =
- isdigit(data[i]) ? (data[i] - 48) << 4 : (data[i] -
- 87) << 4;
- decoded[i / 2] +=
- isdigit(data[i + 1]) ? data[i + 1] - 48 : data[i + 1] -
- 87;
- }
- return decoded;
-}
-
-static char *strip_cr(char *s)
-{
- int len;
-
- assert(s);
-
- len = strlen(s);
- s[len - 1] = s[len - 1] == '\n' ? 0x00 : s[len - 1];
-
- return s;
-}
-
-static int read_key(char *buf, int size)
-{
- int fnval = 1;
-
- assert(buf);
- assert(size > 0);
-
- if (fgets(buf, size, stdin) == NULL) {
- fnval = 0;
- goto _return;
- }
-
- strip_cr(buf);
-
- _return:
- return fnval;
-}
-
-static void msg(const char *format, ...)
-{
- assert(format != NULL);
-
- if (verbose) {
- /* Used to log issues that cause pam_mount to fail. */
- va_list args;
-
- va_start(args, format);
- vfprintf(stdout, format, args);
- va_end(args);
- }
-}
-
-static int run_cryptsetup(const char *block_key_cipher, const char *device,
- const char *uuid, const char *key,
- const int key_len)
-{
- pid_t child;
- int fnval = 1, pipefd[2], child_exit;
- char dmname[PATH_MAX + 1], *key_len_str;
-
- assert(block_key_cipher != NULL);
- assert(device != NULL);
- assert(uuid != NULL);
- assert(key != NULL);
- assert(key_len > 0);
-
- if (asprintf(&key_len_str, "%d", key_len) == -1) {
- fprintf(stderr, "Failed to allocate memory, err=%s\n",
- strerror(errno));
- fnval = 0;
- goto _return_no_free;
- }
-
- strcpy(dmname, "sesame_crypto_");
- strncat(dmname, uuid, sizeof dmname - strlen(dmname));
-
- if (pipe(pipefd) == -1) {
- fprintf(stderr, "Failed to create pipe, err=%s\n",
- strerror(errno));
- fnval = 0;
- goto _return;
- }
-
- child = fork();
-
- if (child < 0) {
- fprintf(stderr, "Failed to fork, err=%s\n",
- strerror(errno));
- fnval = 0;
- goto _return;
- } else if (child == 0) {
- close(0);
- dup(pipefd[0]);
- close(pipefd[0]);
- close(pipefd[1]);
- execl(CRYPTSETUP, "cryptsetup", "-s", key_len_str, "-c",
- block_key_cipher, "create", dmname, device, NULL);
- fprintf(stderr, "Failed to execute %s, err=%s\n",
- CRYPTSETUP, strerror(errno));
- exit(EXIT_FAILURE);
- } else {
- close(pipefd[0]);
- write(pipefd[1], key, key_len);
- close(pipefd[1]);
- waitpid(child, &child_exit, 0);
- fnval = !WEXITSTATUS(child_exit);
- goto _return;
- }
-
- _return:
- free(key_len_str);
- _return_no_free:
- return fnval;
-}
-
int main(int argc, char *argv[])
{
- int c, opt_index = 0;
+ int c, opt_index = 0, status = EXIT_SUCCESS;
char passphrase[BUFSIZ + 1];
- char dec_key[BUFSIZ + EVP_MAX_KEY_LENGTH];
- int dec_key_len, real_dec_key_len;
- char buf[1024];
- int fd_metadata;
- const char *uuid, *enc_key, *enc_key_cipher, *block_key_cipher,
- *block_key_sha1;
struct option opts[] = {
{"help", 0, 0, 'h'},
{"verbose", 0, 0, 'v'},
{0, 0, 0, 0}
};
- SesameMetaData *md;
while ((c = getopt_long(argc, argv, "hv", opts, &opt_index)) >= 0) {
switch (c) {
@@ -311,99 +62,19 @@
print_usage(EXIT_FAILURE, NULL, NULL);
device = argv[optind];
- msg("opening %s\n", device);
- fd_metadata = open(device, O_RDONLY);
- if (fd_metadata == -1) {
- fprintf(stderr, "Cannot open %s, err=%s\n", device,
- strerror(errno));
- goto error;
- }
-
- msg("reading from %s\n", device);
- if (read(fd_metadata, buf, sizeof(buf)) == -1) {
- fprintf(stderr, "Cannot read from %s, err=%s\n",
- device, strerror(errno));
- goto error1;
- }
-
- msg("parsing metadata\n");
- md = sesame_get_metadata_from_buf(buf);
- if (md == NULL) {
- fprintf(stderr, "Cannot not parse metadata\n");
- goto error1;
- }
-
- msg("getting uuid\n");
- uuid = sesame_get(md, "uuid");
- if (uuid == NULL) {
- fprintf(stderr, "Cannot read uuid from %s\n", device);
- goto error2;
- }
-
- msg("getting enc_key\n");
- enc_key = sesame_get(md, "enc_key");
- if (enc_key == NULL) {
- fprintf(stderr, "Cannot read enc_key from %s\n", device);
- goto error2;
- }
-
- msg("getting enc_key_cipher\n");
- enc_key_cipher = sesame_get(md, "enc_key_cipher");
- if (enc_key == NULL) {
- fprintf(stderr, "Cannot read enc_key_cipher from %s\n",
- device);
- goto error2;
- }
-
- msg("getting block_key_cipher\n");
- block_key_cipher = sesame_get(md, "block_key_cipher");
- if (block_key_cipher == NULL) {
- fprintf(stderr, "Cannot read block_key_cipher from %s\n",
- device);
- goto error2;
- }
-
- msg("getting block_key_sha1\n");
- block_key_sha1 = sesame_get(md, "block_key_sha1");
- if (block_key_sha1 == NULL) {
- fprintf(stderr, "Cannot read block_key_sha1 from %s\n",
- device);
- goto error2;
- }
-
if (read_key(passphrase, BUFSIZ) == 0) {
fprintf(stderr, "Could not read key\n");
- goto error2;
+ status = EXIT_FAILURE;
+ goto _exit;
}
- msg("decrypting key using passphrase\n");
- if (decrypt
- (dec_key, &dec_key_len, decode(enc_key), strlen(enc_key) / 2,
- enc_key_cipher, passphrase) == 0) {
- fprintf(stderr, "Cannot decrypt key\n");
- goto error2;
- }
-
- msg("checking for MAGICTAIL tail in key\n");
- real_dec_key_len = dec_key_len - strlen(MAGICTAIL);
- if (memcmp
- (dec_key + real_dec_key_len, MAGICTAIL, strlen(MAGICTAIL))) {
- fprintf(stderr, "Key does not end in %s\n", MAGICTAIL);
- goto error2;
- }
-
- msg("executing cryptsetup\n");
- if (run_cryptsetup(block_key_cipher, device, uuid, dec_key,
- real_dec_key_len) == 0) {
- goto error2;
+ msg(verbose, "executing cryptsetup\n");
+ if (run_cryptsetup_luksOpen(DMCRYPT_PREFIX, device, passphrase) ==
+ 0) {
+ status = EXIT_FAILURE;
+ goto _exit;
}
-error2:
- msg("freeing memory\n");
- sesame_free(md);
-
-error1:
- close(fd_metadata);
-error:
- return 0;
+ _exit:
+ exit(status);
}
Binary files sesame-vanilla/tools/sesame-setup.o and sesame/tools/sesame-setup.o differ
Binary files sesame-vanilla/tools/test-crypto and sesame/tools/test-crypto differ
diff -u --recursive --new-file sesame-vanilla/tools/test-crypto.c sesame/tools/test-crypto.c
--- sesame-vanilla/tools/test-crypto.c 1969-12-31 18:00:00.000000000 -0600
+++ sesame/tools/test-crypto.c 2005-01-01 14:29:54.000000000 -0600
@@ -0,0 +1,126 @@
+#define _GNU_SOURCE
+
+#include <stdio.h>
+#include <string.h>
+#include <getopt.h>
+#include <assert.h>
+
+#ifndef EVP_MAX_BLOCK_LENGTH
+#define EVP_MAX_BLOCK_LENGTH 32 /* some older openssl versions need this */
+#endif
+
+#include "common.h"
+
+char *plaintext = "abcdefghijklmnopqrstuvwxyz";
+char *passphrase = "passphrase";
+char *cipher = "aes";
+int keylen = 128;
+char *salt = "aaaaaaaa";
+
+static void print_usage(const int exitcode, const char *error,
+ const char *more)
+{
+ if (error)
+ assert(more);
+
+ fprintf(stderr, "sesame-setup [options] device\n\n"
+ "-h, --help\n"
+ " print a list of options\n\n"
+ "-p, --plaintext text\n"
+ " plaintext to use for test [%s]\n\n"
+ "-w, --passphrase pass\n"
+ " passphrase to use for test [%s]\n\n"
+ "-c, --cipher cipher\n"
+ " cipher used for test [%s]\n\n"
+ "-k, --keylen length\n"
+ " length in bits of encryption key [%d]\n\n"
+ "-s, --salt str\n"
+ " salt to use for test [%d]\n\n",
+ plaintext, passphrase, cipher, keylen, salt);
+
+ if (error)
+ fprintf(stderr, "%s: %s\n", error, more);
+
+ exit(exitcode);
+}
+
+int main(int argc, char *argv[])
+{
+ int c, opt_index = 0, status = EXIT_SUCCESS;
+ char pt[BUFSIZ + EVP_MAX_BLOCK_LENGTH];
+ char ct[BUFSIZ + EVP_MAX_BLOCK_LENGTH];
+ char real_cipher[BUFSIZ + 1];
+ int pt_len, ct_len;
+ struct option opts[] = {
+ {"help", 0, 0, 'h'},
+ {"plaintext", 1, 0, 'v'},
+ {"passphrase", 1, 0, 'w'},
+ {"cipher", 1, 0, 'c'},
+ {"keylen", 1, 0, 'k'},
+ {"salt", 1, 0, 's'},
+ {0, 0, 0, 0}
+ };
+
+ while ((c =
+ getopt_long(argc, argv, "hp:w:c:k:", opts, &opt_index))
+ >= 0) {
+ switch (c) {
+ case 'h':
+ print_usage(EXIT_SUCCESS, NULL, NULL);
+ case 'p':
+ plaintext = optarg;
+ break;
+ case 'w':
+ passphrase = optarg;
+ break;
+ case 'c':
+ cipher = optarg;
+ break;
+ case 'k':
+ keylen = optarg;
+ break;
+ case 's':
+ salt = optarg;
+ break;
+ default:
+ print_usage(EXIT_FAILURE, NULL, NULL);
+ }
+ }
+
+ if (strlen(plaintext) >= BUFSIZ + EVP_MAX_BLOCK_LENGTH) {
+ fprintf(stderr, "%s is too long\n", plaintext);
+ status = EXIT_FAILURE;
+ goto _exit;
+ }
+
+ if (strlen(salt) != PKCS5_SALT_LEN) {
+ fprintf(stderr, "salt must be %d bytes\n", PKCS5_SALT_LEN);
+ status = EXIT_FAILURE;
+ goto _exit;
+ }
+
+ if (cipher_lookup(real_cipher, cipher) == NULL) {
+ fprintf(stderr, "Do not recognize %s\n", cipher);
+ status = EXIT_FAILURE;
+ goto _exit;
+ }
+
+ fprintf(stdout, "original plaintext is: %s\n", plaintext);
+ if (encrypt_it(ct, &ct_len, plaintext, strlen(plaintext),
+ salt, real_cipher, passphrase) == 0) {
+ fprintf(stderr, "failed to encrypt %s\n", plaintext);
+ status = EXIT_FAILURE;
+ goto _exit;
+ }
+ fprintf(stdout, "ciphertext is %s\n", encode(ct, ct_len));
+ if (decrypt_it(pt, &pt_len, ct, ct_len, real_cipher,
+ passphrase) == 0) {
+ fprintf(stderr, "failed to decrypt %s\n", encode(ct, ct_len));
+ status = EXIT_FAILURE;
+ goto _exit;
+ }
+ fprintf(stdout, "decrypted plaintext is: %s\n", pt);
+
+_exit:
+ exit(status);
+}
-------------- next part --------------
_______________________________________________
hal mailing list
hal at lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/hal
More information about the Hal
mailing list