Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Initial OpenBSD support, basically the same as pull request #148 #160

Open
wants to merge 76 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
76 commits
Select commit Hold shift + click to select a range
e504c92
Lets try out Pond on OpenBSD..
Feb 12, 2014
d82ad1e
Added reply quoting to the GUI.
burdges Jan 25, 2014
e40d238
Reduce the reordering limit.
agl Feb 15, 2014
6e8e5ce
Edits to the panda paper
arlolra Feb 21, 2014
415782c
Explicitly mention the topology of communication. This is already imp…
infinity0 Mar 12, 2014
81b362c
doc: don't set ORPort.
Mar 20, 2014
4b10d87
Changes to support the native, OS X GUI.
agl Mar 22, 2014
3ba31fc
[enh] added bell alert to cli on new msg
Mar 24, 2014
c803e76
cli: print sendCommand errors instead of logging
leif Mar 19, 2014
2e464a7
tpm-tools is required, at least for Ubuntu
glamrock Apr 1, 2014
f117bbb
Make cli build on freebsd
ebfe Jan 13, 2014
06556ea
corrected spelling for the Entomb button
houndbee Jun 10, 2014
0301e31
system: add IsSafe for freebsd
ebfe Jan 13, 2014
9243bbb
system: add SafeTempDir for freebsd
ebfe Jan 13, 2014
0d91c09
system: remove freebsd getfsstat workaround
ebfe Jun 19, 2014
77e43f1
Correctly update hasSubline flag.
agl Jun 29, 2014
56864fe
Don't try to read from terminal after error.
agl Jun 29, 2014
f4bac5b
Touch up reply-quoting patch for GUI.
agl Jun 29, 2014
d518654
Don't clear isPending unless KX successful.
agl Jun 29, 2014
6c9da99
Include checksums in generated shared secrets.
agl Jun 29, 2014
caa61fe
Clarify shared secret power after KX.
agl Jun 29, 2014
d77cdff
cli: show (at|de)tachments for outbox messages.
agl Jun 29, 2014
677a8da
freebsd: make int8str more idiomatic.
agl Jun 29, 2014
760278b
Update installation instructions for Tails 1.0.1.
agl Jun 30, 2014
b1b8bee
freebsd: remove unused import
ebfe Jun 30, 2014
7c7a23d
Preload other possible Pond servers.
agl Jul 5, 2014
8cd0697
cli: Update terminal size on SIGWINCH.
agl Jul 5, 2014
ce6ca6d
Add link to Tails 1.1 binary download.
agl Jul 5, 2014
0c70d07
Support notpm build tag.
agl Jul 5, 2014
5087171
Store statefile in Persistent directory on Tails.
agl Jul 5, 2014
f1c49e9
Add first stages of HMAC delivery.
agl Jul 5, 2014
90af998
Replace large if .. else .. else with switch.
agl Jul 5, 2014
3715e58
Add server code for striking HMAC values.
agl Jul 5, 2014
6f8901b
Wait for acks from the server when uploading.
agl Jul 6, 2014
dc2a696
Allow server to authenticate deliveries using HMACs.
agl Jul 6, 2014
b4b1a98
Update threat model document.
agl Jul 6, 2014
de0051f
Added nomodeline to vim command
Jul 7, 2014
03a2917
Changed nickname for "Wau Holland Foundation" server to "wau".
Jul 8, 2014
a5c210f
filter message lists by selected contact
leif Jul 15, 2014
a42bb45
added installation instructions for Tails 1.1xX
dawningsuncryptoparty Aug 12, 2014
fdc14ef
Tails docs: replace aliases with wrapper scripts
leif Aug 12, 2014
f9563ec
Add OSX CLI install instructions to documentation.
Aug 15, 2014
71868dc
cli: fix crash when viewing message from pending contact.
agl Aug 18, 2014
250eaed
added timestamp to some client notfications
Mar 5, 2014
f85eee6
Tails docs: add persistent aliases, other details
leif Sep 9, 2014
b2d9af1
Tighten up the <pre> blocks in previous commit.
agl Sep 9, 2014
e818e18
Don't reorder messages in the outgoing queue.
agl Sep 9, 2014
b1ef4bf
Update server to store time in filename.
agl Sep 12, 2014
3df02a6
Fix nits in Leif's change.
agl Sep 12, 2014
5760a96
Highlight contacts using old ratchet.
agl Sep 12, 2014
6745ed5
Fix cli handling of server announcements.
agl Sep 13, 2014
6f96401
fix tails instructions
leif Sep 14, 2014
05ce289
Plumb ratchet error messages to the user.
agl Sep 22, 2014
821feaf
Note that golang from Ubuntu 14.04 is too old.
agl Sep 22, 2014
2393555
add external command hook POND_HOOK_RECEIVE
leif Sep 25, 2014
78a6eac
Fix crash when deleting home server message.
agl Oct 18, 2014
88ff9a6
Fixes a bug in moveContactsMessagesToEndOfQueue discussed in #134
burdges Oct 30, 2014
bce8cef
Update .gitignore to skip binaries & test binaries.
agl Nov 9, 2014
d38feb8
Fixes : CLI crash when editing drafts with unspecified recipient #109
burdges Oct 24, 2014
62c6e43
Alphabetize contacts list in GUI
burdges Oct 26, 2014
6ad4339
Minor fixes to previous commit.
agl Nov 9, 2014
00abce2
Reproduced and fixed : cli.go crash when attaching file directly to c…
burdges Oct 27, 2014
9d5afd1
Detect tor port even in developer mode so that PANDA can run properly…
burdges Oct 24, 2014
8738693
Minor tweaks to previous commit.
agl Nov 9, 2014
e85accd
Allow the changing of contact's name in the GUI.
agl Nov 9, 2014
db48326
Fix a couple of races in testing.
agl Nov 16, 2014
70fccd4
Merge remote-tracking branch 'upstream/master'
Jan 6, 2015
b3aef4f
use our forked system
Jan 6, 2015
89ebfc0
Remove debug prints
Jan 6, 2015
4552443
use absolute path to mount and no longer prefer /var/tmp since it is …
Jan 6, 2015
205f8db
moveContactsMessagesToEndOfQueue if server is down
burdges Jan 4, 2015
ed6dbfc
Ensure that server connections are closed on error.
agl Jan 6, 2015
207de01
add system: to error messages
Jan 6, 2015
a7b7b25
Merge remote-tracking branch 'upstream/master'
Jan 6, 2015
bf8a449
less diff
Jan 6, 2015
eee15d7
grr
Jan 6, 2015
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions client/erasure_openbsd.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
package main

import (
"github.com/agl/pond/client/disk"
)

func (c *client) createErasureStorage(pw string, stateFile *disk.StateFile) error {
// No NVRAM support on OpenBSD yet.
return stateFile.Create(pw)
}
42 changes: 42 additions & 0 deletions client/main_openbsd.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
package main

import (
"crypto/rand"
"flag"
"fmt"
"os"
"path/filepath"
"runtime"
)

func main() {
devFlag := flag.Bool("dev", false, "Is this a development environment?")
stateFile := flag.String("state-file", "", "File in which to save persistent state")
cliFlag := flag.Bool("cli", false, "If true, the CLI will be used, even if the GUI is available")
flag.Parse()

dev := os.Getenv("POND") == "dev" || *devFlag
runtime.GOMAXPROCS(4)

if len(*stateFile) == 0 && dev {
*stateFile = "state"
}

if len(*stateFile) == 0 {
home := os.Getenv("HOME")
if len(home) == 0 {
fmt.Fprintf(os.Stderr, "$HOME not set. Please export $HOME to set the directory for the state file.\n")
os.Exit(1)
}
*stateFile = filepath.Join(home, ".pond")
}

if !haveGUI || *cliFlag {
client := NewCLIClient(*stateFile, rand.Reader, false /* testing */, true /* autoFetch */)
client.disableV2Ratchet = true
client.dev = dev
client.Start()
} else {
fmt.Fprintf(os.Stderr, "GUI not supported on %s\n", runtime.GOOS)
}
}
118 changes: 118 additions & 0 deletions client/system/sys_openbsd.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
package system

import (
"bufio"
"bytes"
"errors"
"io"
"os"
"os/exec"
"strings"
"sync"
"syscall"
)

func processMountOutput(f func(line string) error) error {
contents, err := exec.Command("/sbin/mount").CombinedOutput()
if err != nil {
return err
}

file := bufio.NewReader(bytes.NewBuffer(contents))
for {
line, isPrefix, err := file.ReadLine()
if err == io.EOF {
break
}
if err != nil {
return err
}
if isPrefix {
return errors.New("system: file contains a line that it too long to process")
}
if err = f(string(line)); err != nil {
return err
}
}

return nil
}

// IsSafe checks to see whether the current OS appears to be safe. Specifically
// it checks that any swap is encrypted.
func IsSafe() error {
output, err := exec.Command("/sbin/sysctl", "vm.swapencrypt.enable").CombinedOutput()
if err != nil {
return errors.New("system: while checking sysctl output: " + err.Error())
}
if !strings.Contains(string(output), "vm.swapencrypt.enable=1") {
return errors.New("system: vm.swapencrypt.enable is not set to 1.")
}
return nil
}

var (
safeTempDir string
safeTempDirErr error
safeTempDirOnce sync.Once
)

func findSafeTempDir() {
var candidates []string

err := processMountOutput(func(line string) error {
fields := strings.Fields(line)
if len(fields) < 1 {
return nil
}
path := fields[2]
filesystem := fields[4]
if filesystem == "tmpfs" &&
syscall.Access(path, 2 /* write ok */) == nil {
candidates = append(candidates, path)
}

return nil
})

if err == nil && len(candidates) == 0 {
err = errors.New("system: no writable tmpfs directories found")
}

if err != nil {
safeTempDirErr = errors.New("system: while checking mount output: " + err.Error())
return
}

suggested := os.TempDir()
preferred := []string{suggested}
var otherOptions []string
otherOptions = append(otherOptions, "/tmp")
for _, d := range otherOptions {
if suggested != d {
preferred = append(preferred, d)
}
}

for _, d := range preferred {
for _, candidate := range candidates {
if candidate == d {
safeTempDir = candidate
return
}
}
}

safeTempDir = candidates[0]
}

// SafeTempDir returns the path of a writable directory which is mounted with
// tmpfs. As long as the swap is encrypted, then it should be safe to write
// there.
func SafeTempDir() (string, error) {
safeTempDirOnce.Do(findSafeTempDir)
if safeTempDirErr != nil {
return "", safeTempDirErr
}
return safeTempDir, nil
}