zawz/zpass
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

perf(download): remove some temporary files from download process

Browse source
This commit is contained in:
zawz 2022-04-08 20:18:42 +02:00
parent a6799d986f
commit 5f77102ca8
9 changed files with 59 additions and 64 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
default.conf
View file

@ -1,10 +0,0 @@
ZPASS_KEY_CACHE_TIME=300
ZPASS_CLIPBOARD_TIME=30
ZPASS_PRIORITIZE_CLI=true
ZPASS_COPY_ON_EDIT=true
ZPASS_PATH=remote.php/dav/files/zawz/zpass
ZPASS_REMOTE_METHOD=webdav
ZPASS_REMOTE_ADDR=nextcloud.zawz.net
ZPASS_REMOTE_USER=zawz
ZPASS_REMOTE_PASSWORD=8C9Hd-TMdkg-683cQ-HHfqB-okTj2

10
script.sh
View file

@ -1,10 +0,0 @@
{
curl -s --user zawz:8C9Hd-TMdkg-683cQ-HHfqB-okTj2 -X PROPFIND --upload-file - -H 'Depth: 1' https://nextcloud.zawz.net/remote.php/dav/files/zawz/zpass/ << EOF
<?xml version="1.0"?>
<a:propfind xmlns:a="DAV:">
<a:prop><a:resourcetype/></a:prop>
</a:propfind>
EOF
} | xmllint --xpath "$1" -

9
src/agent.sh
View file

@ -25,11 +25,8 @@ agent_cli() {
echo "set $1 \"$(escape "$2")\"" echo "set $1 \"$(escape "$2")\""
echo "expire $1 $3" echo "expire $1 $3"
;; ;;
get) expire) echo "expire $1 $2" ;;
echo "get $1" get) echo "get $1" ;;
;; clear) echo "FLUSHDB" ;;
clear)
echo "FLUSHDB"
;;
esac | redis_cli "$(sockpath)" esac | redis_cli "$(sockpath)"
} }

8
src/archive.sh
View file

@ -33,7 +33,7 @@ pack()
rm -f "$1/$archive" 2>/dev/null rm -f "$1/$archive" 2>/dev/null
return $ret return $ret
else else
mv -f "$1/$archive" "$file" mv -f "$1/$archive" "$FILE"
fi fi
} }
@ -43,7 +43,7 @@ archive_exec()
{ {
err=0 err=0
# tmp files # tmp files
archive_tmpdir="$TMPDIR/zpass_$(randalnum 20)" archive_tmpdir="$(tmprand)"
keyfile="$archive_tmpdir/$(randalnum 20).key" keyfile="$archive_tmpdir/$(randalnum 20).key"
mkdir -p "$archive_tmpdir" || exit $? mkdir -p "$archive_tmpdir" || exit $?
chmod 700 "$archive_tmpdir" || exit $? chmod 700 "$archive_tmpdir" || exit $?
@ -66,9 +66,7 @@ archive_exec()
create_file() { create_file() {
if [ -n "$remote_host" ] ; then if [ -n "$remote_host" ] ; then
file="$TMPDIR/zpass_$(filehash)$ZPASS_EXTENSION" file="$TMPDIR/zpass_$(filehash)$ZPASS_EXTENSION"
tmpfile=$file if base64contents=$(remote download "$datapath/$ZPASS_FILE$ZPASS_EXTENSION" 2>&1) ; then
if remote download "$datapath/$ZPASS_FILE$ZPASS_EXTENSION" "$file" >/dev/null 2>&1 ; then
local archive_tmpdir="$TMPDIR/zpass_$(randalnum 20)"
# unpack locally # unpack locally
remote_host= unpack "$archive_tmpdir" || { remote_host= unpack "$archive_tmpdir" || {

11
src/cache.sh
View file

@ -37,11 +37,14 @@ get_key_cached() {
# $1 = delay in sec # $1 = delay in sec
delete_cache() { delete_cache() {
if [ "$1" -gt 0 ] 2>/dev/null if [ -S "$sockpath" ] ; then
then agent_cli expire "$(keyfile)" "$1" >/dev/null
nohup sh -c "sleep $1;rm -f '$cachepath/$(keyfile)'" >/dev/null 2>&1 &
else else
rm -f "$cachepath/$(keyfile)" 2>/dev/null if [ "$1" -gt 0 ] 2>/dev/null ; then
nohup sh -c "sleep $1;rm -f '$cachepath/$(keyfile)'" >/dev/null 2>&1 &
else
rm -f "$cachepath/$(keyfile)" 2>/dev/null
fi
fi fi
} }

32
src/crypt.sh
View file

@ -8,9 +8,13 @@ encrypt() {
# $1 = key , $2 = keyfile to write # $1 = key , $2 = keyfile to write
decrypt_with_key() decrypt_with_key()
{ {
{ # evil pipeline return status hack
openssl enc -d -aes-256-cbc -pbkdf2 -in "$file" -out - -k "$1" || return $? { { { {
} | gzip -d openssl enc -d -aes-256-cbc -pbkdf2 -in - -out - -k "$1"; echo $? >&3
} | gzip -d >&4; } 3>&1; } | { read xs; [ $xs -eq 0 ]; } } 4>&1 || {
echo "Decrypt failed" >&2
return 1
}
[ -n "$2" ] && echo "$1" > "$2" [ -n "$2" ] && echo "$1" > "$2"
return 0 return 0
} }
@ -19,19 +23,19 @@ decrypt_with_key()
decrypt() decrypt()
{ {
# get remote file # get remote file
[ -n "$remote_host" ] && { local base64file
file="$TMPDIR/zpass_$(filehash)$ZPASS_EXTENSION" if [ -n "$remote_host" ] ; then
tmpfile=$file base64file=$(remote download "$datapath/$ZPASS_FILE$ZPASS_EXTENSION" | base64) || return $?
remote download "$datapath/$ZPASS_FILE$ZPASS_EXTENSION" "$file" >/dev/null || return $? else
} base64file=$(base64 "$file" 2>/dev/null) || { echo "File doesn't exist. Use 'zpass create' to create the file" >&2 && return 1; } # no file
cat "$file" >/dev/null 2>&1 || { echo "File doesn't exist. Use 'zpass create' to create the file" >&2 && return 1; } # no file fi
if [ -n "$ZPASS_KEY" ] if [ -n "$ZPASS_KEY" ]
then # key given already then # key given already
decrypt_with_key "$ZPASS_KEY" "$1" ; ret=$? base64 -d <<< "$base64file" | decrypt_with_key "$ZPASS_KEY" "$1" ; ret=$?
else # prompt for key else # prompt for key
# attempt decrypt from cache # attempt decrypt from cache
key=$(get_key_cached) && decrypt_with_key "$key" "$1" key=$(get_key_cached) && base64 -d <<< "$base64file" | decrypt_with_key "$key" "$1"
ret=$? ret=$?
if [ $ret -ne 0 ] if [ $ret -ne 0 ]
then then
@ -43,14 +47,12 @@ decrypt()
do do
key=$(ask_key) || { echo "Cancelled" >&2 && return 100 ; } key=$(ask_key) || { echo "Cancelled" >&2 && return 100 ; }
tries=$((tries+1)) tries=$((tries+1))
decrypt_with_key "$key" "$1" ; ret=$? base64 -d <<< "$base64file" | decrypt_with_key "$key" "$1" ; ret=$?
[ $ret -eq 0 ] && { write_cache "$key" & };
done done
fi fi
fi fi
# remove temporary file
[ -n "$remote_host" ] && rm -rf "$file" 2>/dev/null
[ $ret -ne 0 ] && { echo "Could not decrypt '$file'" >&2 ; } [ $ret -ne 0 ] && { echo "Could not decrypt '$file'" >&2 ; }
return $ret return $ret
} }

1
src/prompt.sh
View file

@ -60,6 +60,5 @@ ask_key() {
message="Enter key" message="Enter key"
[ -n "$1" ] && message="$1" [ -n "$1" ] && message="$1"
key=$(prompt_password "$message") || return $? key=$(prompt_password "$message") || return $?
write_cache "$key" &
echo "$key" echo "$key"
} }

38
src/remote.sh
View file

@ -45,32 +45,44 @@ EOF
cp "$2" "$(get_filecache)" cp "$2" "$(get_filecache)"
} }
# $1 = protocol, $2 = remote file , $3 = local file # $1 = protocol, $2 = remote file
download() { download() {
if [ "$_ZPASS_USE_CACHE" = true ] && [ -f "$(get_filecache)" ] ; then if [ "$_ZPASS_USE_CACHE" = true ] && [ -f "$(get_filecache)" ] ; then
cp "$(get_filecache)" "$3" cp "$(get_filecache)" "$3"
return $? return $?
fi fi
case $1 in # store file to base64
scp) scp_cmd "${remote_user+${remote_user}@}$remote_host:$2" "$3" ;; local base64file
webdav) webdav_cmd "$2" > "$3" ;; base64file=$(
sftp|ftps) ${1}_cmd >/dev/null << EOF # evil pipeline return status hack
get "$2" "$3" { { { {
EOF case $1 in
;; scp) scp_cmd "${remote_user+${remote_user}@}$remote_host:$2" "/dev/stdout" ;;
esac webdav) webdav_cmd "$2" ;;
sftp|ftps)
tmpfile=$(tmprand)
${1}_cmd >/dev/null <<< "get \"$2\" \"$tmpfile\""
stat=$?
cat "$tmpfile"
rm "$tmpfile"
[ $stat -eq 0 ]
;;
esac; echo $? >&3
} | base64 >&4; } 3>&1; } | { read xs; [ $xs -eq 0 ]; } } 4>&1
)
if [ $? -eq 0 ] ; then if [ $? -eq 0 ] ; then
# could download no problem # write to cache only if different
cached_file=$(get_filecache) cached_file=$(get_filecache)
# copy only if different base64 -d <<< "$base64file" | diff - "$cached_file" >/dev/null 2>&1 || base64 -d <<< "$base64file" > "$cached_file"
diff "$3" "$cached_file" >/dev/null 2>&1 || cp "$3" "$cached_file" base64 -d <<< "$base64file"
return 0 return 0
else else
# could not download: try cache # could not download: try cache
[ -f "$3" ] || return $? [ -f "$3" ] || return $?
echo "WARN: failed to download archive, using cache" >&2 echo "WARN: failed to download archive, using cache" >&2
cp "$(get_filecache)" "$3" cat "$(get_filecache)"
fi fi
} }

4
src/util.sh
View file

@ -4,6 +4,10 @@ error(){
ret=$1 && shift 1 && echo "$*" >&2 && exit $ret ret=$1 && shift 1 && echo "$*" >&2 && exit $ret
} }
tmprand() {
echo "$TMPDIR/zpass_$(randalnum 20)"
}
randalnum() { randalnum() {
tr -cd 'a-zA-Z0-9' < /dev/urandom | head -c $1 tr -cd 'a-zA-Z0-9' < /dev/urandom | head -c $1
} }