perf(download): remove some temporary files from download process

2022-04-08 20:18:42 +02:00 · 2022-04-08 20:18:42 +02:00 · 5f77102ca8
commit 5f77102ca8
parent a6799d986f
9 changed files with 59 additions and 64 deletions
--- a/default.conf
+++ b/default.conf
@ -1,10 +0,0 @@
-ZPASS_KEY_CACHE_TIME=300
-ZPASS_CLIPBOARD_TIME=30
-ZPASS_PRIORITIZE_CLI=true
-ZPASS_COPY_ON_EDIT=true
-
-ZPASS_PATH=remote.php/dav/files/zawz/zpass
-ZPASS_REMOTE_METHOD=webdav
-ZPASS_REMOTE_ADDR=nextcloud.zawz.net
-ZPASS_REMOTE_USER=zawz
-ZPASS_REMOTE_PASSWORD=8C9Hd-TMdkg-683cQ-HHfqB-okTj2
--- a/script.sh
+++ b/script.sh
@ -1,10 +0,0 @@
-
-{
-  curl -s --user zawz:8C9Hd-TMdkg-683cQ-HHfqB-okTj2 -X PROPFIND --upload-file - -H 'Depth: 1' https://nextcloud.zawz.net/remote.php/dav/files/zawz/zpass/ << EOF
-<?xml version="1.0"?>
-<a:propfind xmlns:a="DAV:">
-<a:prop><a:resourcetype/></a:prop>
-</a:propfind>
-EOF
-
-} | xmllint --xpath "$1" -
--- a/src/agent.sh
+++ b/src/agent.sh
@ -25,11 +25,8 @@ agent_cli() {
      echo "set $1 \"$(escape "$2")\""
      echo "expire $1 $3"
      ;;
-    get)
-      echo "get $1"
-      ;;
-    clear)
-      echo "FLUSHDB"
-      ;;
+    expire) echo "expire $1 $2" ;;
+    get) echo "get $1" ;;
+    clear) echo "FLUSHDB" ;;
  esac | redis_cli "$(sockpath)"
 }
--- a/src/archive.sh
+++ b/src/archive.sh
@ -33,7 +33,7 @@ pack()
    rm -f "$1/$archive" 2>/dev/null
    return $ret
  else
-    mv -f "$1/$archive" "$file"
+    mv -f "$1/$archive" "$FILE"
  fi
 }

@ -43,7 +43,7 @@ archive_exec()
 {
  err=0
  # tmp files
-  archive_tmpdir="$TMPDIR/zpass_$(randalnum 20)"
+  archive_tmpdir="$(tmprand)"
  keyfile="$archive_tmpdir/$(randalnum 20).key"
  mkdir -p "$archive_tmpdir" || exit $?
  chmod 700 "$archive_tmpdir" || exit $?
@ -66,9 +66,7 @@ archive_exec()
 create_file() {
  if [ -n "$remote_host" ] ; then
    file="$TMPDIR/zpass_$(filehash)$ZPASS_EXTENSION"
-    tmpfile=$file
-    if remote download "$datapath/$ZPASS_FILE$ZPASS_EXTENSION" "$file" >/dev/null 2>&1 ; then
-      local archive_tmpdir="$TMPDIR/zpass_$(randalnum 20)"
+    if base64contents=$(remote download "$datapath/$ZPASS_FILE$ZPASS_EXTENSION" 2>&1) ; then

      # unpack locally
      remote_host= unpack "$archive_tmpdir" || {
--- a/src/cache.sh
+++ b/src/cache.sh
@ -37,11 +37,14 @@ get_key_cached() {

 # $1 = delay in sec
 delete_cache() {
-  if [ "$1" -gt 0 ] 2>/dev/null
-  then
-    nohup sh -c "sleep $1;rm -f '$cachepath/$(keyfile)'" >/dev/null 2>&1 &
+  if [ -S "$sockpath" ] ; then
+    agent_cli expire "$(keyfile)" "$1" >/dev/null
  else
-    rm -f "$cachepath/$(keyfile)" 2>/dev/null
+    if [ "$1" -gt 0 ] 2>/dev/null ; then
+      nohup sh -c "sleep $1;rm -f '$cachepath/$(keyfile)'" >/dev/null 2>&1 &
+    else
+      rm -f "$cachepath/$(keyfile)" 2>/dev/null
+    fi
  fi
 }

--- a/src/crypt.sh
+++ b/src/crypt.sh
@ -8,9 +8,13 @@ encrypt() {
 # $1 = key , $2 = keyfile to write
 decrypt_with_key()
 {
-  {
-    openssl enc -d -aes-256-cbc -pbkdf2 -in "$file" -out - -k "$1" || return $?
-  } | gzip -d
+  # evil pipeline return status hack
+  { { { {
+    openssl enc -d -aes-256-cbc -pbkdf2 -in - -out - -k "$1"; echo $? >&3
+  } | gzip -d >&4; } 3>&1; } | { read xs; [ $xs -eq 0 ]; } } 4>&1 || {
+    echo "Decrypt failed" >&2
+    return 1
+  }
  [ -n "$2" ] && echo "$1" > "$2"
  return 0
 }
@ -19,19 +23,19 @@ decrypt_with_key()
 decrypt()
 {
  # get remote file
-  [ -n "$remote_host" ] && {
-    file="$TMPDIR/zpass_$(filehash)$ZPASS_EXTENSION"
-    tmpfile=$file
-    remote download "$datapath/$ZPASS_FILE$ZPASS_EXTENSION" "$file" >/dev/null || return $?
-  }
-  cat "$file" >/dev/null 2>&1 || { echo "File doesn't exist. Use 'zpass create' to create the file" >&2 && return 1; } # no file
+  local base64file
+  if [ -n "$remote_host" ] ; then
+    base64file=$(remote download "$datapath/$ZPASS_FILE$ZPASS_EXTENSION" | base64) || return $?
+  else
+    base64file=$(base64 "$file" 2>/dev/null) || { echo "File doesn't exist. Use 'zpass create' to create the file" >&2 && return 1; } # no file
+  fi

  if [ -n "$ZPASS_KEY" ]
  then # key given already
-    decrypt_with_key "$ZPASS_KEY" "$1" ; ret=$?
+    base64 -d <<< "$base64file" | decrypt_with_key "$ZPASS_KEY" "$1" ; ret=$?
  else # prompt for key
    # attempt decrypt from cache
-    key=$(get_key_cached) && decrypt_with_key "$key" "$1"
+    key=$(get_key_cached) && base64 -d <<< "$base64file" | decrypt_with_key "$key" "$1"
    ret=$?
    if [ $ret -ne 0 ]
    then
@ -43,14 +47,12 @@ decrypt()
      do
        key=$(ask_key) || { echo "Cancelled" >&2 && return 100 ; }
        tries=$((tries+1))
-        decrypt_with_key "$key" "$1" ; ret=$?
+        base64 -d <<< "$base64file" | decrypt_with_key "$key" "$1" ; ret=$?
+        [ $ret -eq 0 ] && { write_cache "$key" & };
      done
    fi
  fi

-  # remove temporary file
-  [ -n "$remote_host" ] && rm -rf "$file" 2>/dev/null
-
  [ $ret -ne 0 ] && { echo "Could not decrypt '$file'" >&2 ; }
  return $ret
 }
--- a/src/prompt.sh
+++ b/src/prompt.sh
@ -60,6 +60,5 @@ ask_key() {
  message="Enter key"
  [ -n "$1" ] && message="$1"
  key=$(prompt_password "$message") || return $?
-  write_cache "$key" &
  echo "$key"
 }
--- a/src/remote.sh
+++ b/src/remote.sh
@ -45,32 +45,44 @@ EOF
  cp "$2" "$(get_filecache)"
 }

-# $1 = protocol, $2 = remote file , $3 = local file
+# $1 = protocol, $2 = remote file
 download() {
  if [ "$_ZPASS_USE_CACHE" = true ] && [ -f "$(get_filecache)" ] ; then
    cp "$(get_filecache)" "$3"
    return $?
  fi

-  case $1 in
-    scp) scp_cmd "${remote_user+${remote_user}@}$remote_host:$2" "$3" ;;
-    webdav) webdav_cmd "$2" > "$3" ;;
-    sftp|ftps) ${1}_cmd >/dev/null << EOF
-get "$2" "$3"
-EOF
-;;
-  esac
+  # store file to base64
+  local base64file
+  base64file=$(
+    # evil pipeline return status hack
+    { { { {
+    case $1 in
+      scp) scp_cmd "${remote_user+${remote_user}@}$remote_host:$2" "/dev/stdout" ;;
+      webdav) webdav_cmd "$2" ;;
+      sftp|ftps)
+        tmpfile=$(tmprand)
+        ${1}_cmd >/dev/null <<< "get \"$2\" \"$tmpfile\""
+        stat=$?
+        cat "$tmpfile"
+        rm "$tmpfile"
+        [ $stat -eq 0 ]
+      ;;
+    esac; echo $? >&3
+    } | base64 >&4; } 3>&1; } | { read xs; [ $xs -eq 0 ]; } } 4>&1
+  )
+
  if [ $? -eq 0 ] ; then
-    # could download no problem
+    # write to cache only if different
    cached_file=$(get_filecache)
-    # copy only if different
-    diff "$3" "$cached_file" >/dev/null 2>&1 || cp "$3" "$cached_file"
+    base64 -d <<< "$base64file" | diff - "$cached_file" >/dev/null 2>&1 || base64 -d <<< "$base64file" > "$cached_file"
+    base64 -d <<< "$base64file"
    return 0
  else
    # could not download: try cache
    [ -f "$3" ] || return $?
    echo "WARN: failed to download archive, using cache" >&2
-    cp "$(get_filecache)" "$3"
+    cat "$(get_filecache)"
  fi
 }

--- a/src/util.sh
+++ b/src/util.sh
@ -4,6 +4,10 @@ error(){
  ret=$1 && shift 1 && echo "$*" >&2 && exit $ret
 }

+tmprand() {
+  echo "$TMPDIR/zpass_$(randalnum 20)"
+}
+
 randalnum() {
  tr -cd 'a-zA-Z0-9' < /dev/urandom | head -c $1
 }