Differential D29595 Diff 82601 kded/engine/backends/gocryptfs/gocryptfsbackend.cpp

Changeset View

Standalone View

View Options

kded/engine/backends/gocryptfs/gocryptfsbackend.cpp

  • This file was added.
1/*
2 * Copyright 2020 by Martino Pilia <martino.pilia (at) gmail.com>
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License as
6 * published by the Free Software Foundation; either version 2 of
7 * the License or (at your option) version 3 or any later version
8 * accepted by the membership of KDE e.V. (or its successor approved
9 * by the membership of KDE e.V.), which shall act as a proxy
10 * defined in Section 14 of version 3 of the license.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21#include "gocryptfsbackend.h"
22
23#include <QDir>
24#include <QProcess>
25
26#include <KConfigGroup>
27#include <KLocalizedString>
28#include <KMountPoint>
29#include <KSharedConfig>
30
31#include <algorithm>
32
33#include <asynqt/basic/all.h>
34#include <asynqt/operations/collect.h>
35#include <asynqt/operations/transform.h>
36#include <asynqt/wrappers/process.h>
37
38#include <singleton_p.h>
39
40using namespace AsynQt;
41
42namespace PlasmaVault {
43
44// See `man gocryptfs`, section EXIT CODES.
45enum class ExitCode : int{
46 Success = 0,
47
48 // CIPHERDIR is not an emtpy directory (on "-init")
49 NonEmptyCipherDir = 6,
50
51 // MOUNTPOINT is not an empty directory
52 NonEmptyMountPoint = 10,
53
54 // Password incorrect
55 WrongPassword = 12,
56
57 // Password is empty (on "-init")
58 EmptyPassword = 22,
59
60 // Could not read gocryptfs.conf
61 CannotReadConfig = 23,
62
63 // Could not write gocryptfs.conf (on "-init" or "-password")
64 CannotWriteConfig = 24,
65
66 // fsck found errors
67 FsckError = 26,
68};
69
70
71
72GocryptfsBackend::GocryptfsBackend()
73{
74}
75
76
77
78GocryptfsBackend::~GocryptfsBackend()
79{
80}
81
82
83
84Backend::Ptr GocryptfsBackend::instance()
85{
86 return singleton::instance<GocryptfsBackend>();
87}
88
89
90
91FutureResult<> GocryptfsBackend::mount(const Device &device,
92 const MountPoint &mountPoint,
93 const Vault::Payload &payload)
94{
95 QDir dir;
96
97 const auto password = payload[KEY_PASSWORD].toString();
98
99 if (!dir.mkpath(device.data()) || !dir.mkpath(mountPoint.data())) {
100 return errorResult(Error::BackendError, i18n("Failed to create directories, check your permissions"));
101 }
102
103 if (isInitialized(device)) {
104 auto mountProcess = gocryptfs({
105 device.data(), // cypher data directory
106 mountPoint.data() // mount point
107 });
108
109 auto mountResult = makeFuture(mountProcess, hasProcessFinishedSuccessfully);
110
111 // Write password
112 mountProcess->write(password.toUtf8() + "\n");
113
114 return mountResult;
115 } else {
116 // Initialise cipherdir
117 auto initProcess = gocryptfs({
118 "-init",
119 device.data(),
120 });
121
122 auto initResult = makeFuture(initProcess, [=] (QProcess *process) {
123 auto const exitCode = static_cast<ExitCode>(process->exitCode());
124
125 switch (exitCode) {
126 case ExitCode::Success:
127 return AsynQt::await(mount(device, mountPoint, payload));
128
129 case ExitCode::NonEmptyCipherDir:
130 return Result<>::error(Error::BackendError,
131 i18n("The cipher directory is not empty, cannot initialise the vault."));
132
133 case ExitCode::EmptyPassword:
134 return Result<>::error(Error::BackendError,
135 i18n("The password is empty, cannot initialise the vault."));
136
137 case ExitCode::CannotWriteConfig:
138 return Result<>::error(Error::BackendError,
139 i18n("Cannot write gocryptfs.conf inside cipher directory, check your permissions."));
140
141 default:
142 return Result<>::error(Error::CommandError,
143 i18n("Unable to perform the operation (error code %1).", QString::number((int) exitCode)),
144 process->readAllStandardOutput(),
145 process->readAllStandardError());
146 }
147 });
148
149 // Write password twice (insert and confirm)
150 for (int i = 0; i < 2; ++i) {
151 initProcess->write(password.toUtf8() + "\n");
152 }
153
154 return initResult;
155 }
156}
157
158
159
160FutureResult<> GocryptfsBackend::validateBackend()
161{
162 using namespace AsynQt::operators;
163
164 // We need to check whether all the commands are installed
165 // and whether the user has permissions to run them
166 return
167 collect(checkVersion(gocryptfs({ "--version" }), std::make_tuple(1, 7, 1)),
168 checkVersion(fusermount({ "--version" }), std::make_tuple(2, 9, 7)))
169
170 | transform([this] (const QPair<bool, QString> &gocryptfs,
171 const QPair<bool, QString> &fusermount) {
172
173 bool success = gocryptfs.first && fusermount.first;
174 QString message = formatMessageLine("gocryptfs", gocryptfs)
175 + formatMessageLine("fusermount", fusermount);
176
177 return success ? Result<>::success()
178 : Result<>::error(Error::BackendError, message);
179 });
180}
181
182
183
184bool GocryptfsBackend::isInitialized(const Device &device) const
185{
186 QFile gocryptfsConfig(getConfigFilePath(device));
187 return gocryptfsConfig.exists();
188}
189
190
191
192QProcess *GocryptfsBackend::gocryptfs(const QStringList &arguments) const
193{
194 auto config = KSharedConfig::openConfig(PLASMAVAULT_CONFIG_FILE);
195 KConfigGroup backendConfig(config, "GocryptfsBackend");
196
197 return process("gocryptfs",
198 arguments + backendConfig.readEntry("extraMountOptions", QStringList{}),
199 {});
200}
201
202
203
204QString GocryptfsBackend::getConfigFilePath(const Device &device) const
205{
206 return device.data() + QStringLiteral("/gocryptfs.conf");
207}
208
209
210
211} // namespace PlasmaVault
212