free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Import and export of security settings

This commit is contained in:
Bob Mottram 2015-02-02 21:04:36 +00:00
parent a78e66522c
commit b6e0eb1eb5
1 changed files with 215 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

215
src/freedombone-sec
View File

@ -45,6 +45,9 @@ XMPP_CONFIG='/etc/prosody/conf.avail/xmpp.cfg.lua'
MINIMUM_LENGTH=6
IMPORT_FILE=
EXPORT_FILE=
function get_protocols_from_website {
if [ ! -f $WEBSITES_DIRECTORY/$1 ]; then
return
@ -311,10 +314,222 @@ function interactive_setup {
clear
}
function import_settings {
if [ ! $IMPORT_FILE ]; then
return
fi
if [ ! -f $IMPORT_FILE ]; then
echo "Import file $IMPORT_FILE not found"
exit 6393
fi
if grep -q "SSL_PROTOCOLS" $IMPORT_FILE; then
TEMP_VALUE=$(grep "SSL_PROTOCOLS" $IMPORT_FILE | awk -F '=' '{print $2}')
if [ ${#TEMP_VALUE} -gt $MINIMUM_LENGTH ]; then
SSL_PROTOCOLS=$TEMP_VALUE
fi
fi
if grep -q "SSL_CIPHERS" $IMPORT_FILE; then
TEMP_VALUE=$(grep "SSL_CIPHERS" $IMPORT_FILE | awk -F '=' '{print $2}')
if [ ${#TEMP_VALUE} -gt $MINIMUM_LENGTH ]; then
SSL_CIPHERS=$TEMP_VALUE
fi
fi
if grep -q "SSH_CIPHERS" $IMPORT_FILE; then
TEMP_VALUE=$(grep "SSH_CIPHERS" $IMPORT_FILE | awk -F '=' '{print $2}')
if [ ${#TEMP_VALUE} -gt $MINIMUM_LENGTH ]; then
SSH_CIPHERS=$TEMP_VALUE
fi
fi
if grep -q "SSH_MACS" $IMPORT_FILE; then
TEMP_VALUE=$(grep "SSH_MACS" $IMPORT_FILE | awk -F '=' '{print $2}')
if [ ${#TEMP_VALUE} -gt $MINIMUM_LENGTH ]; then
SSH_MACS=$TEMP_VALUE
fi
fi
if grep -q "SSH_KEX" $IMPORT_FILE; then
TEMP_VALUE=$(grep "SSH_KEX" $IMPORT_FILE | awk -F '=' '{print $2}')
if [ ${#TEMP_VALUE} -gt $MINIMUM_LENGTH ]; then
SSH_KEX=$TEMP_VALUE
fi
fi
if grep -q "SSH_HOST_KEY_ALGORITHMS" $IMPORT_FILE; then
TEMP_VALUE=$(grep "SSH_HOST_KEY_ALGORITHMS" $IMPORT_FILE | awk -F '=' '{print $2}')
if [ ${#TEMP_VALUE} -gt $MINIMUM_LENGTH ]; then
SSH_HOST_KEY_ALGORITHMS=$TEMP_VALUE
fi
fi
if grep -q "SSH_PASSWORDS" $IMPORT_FILE; then
TEMP_VALUE=$(grep "SSH_PASSWORDS" $IMPORT_FILE | awk -F '=' '{print $2}')
if [[ $TEMP_VALUE == "yes" || $TEMP_VALUE == "no" ]]; then
SSH_PASSWORDS=$TEMP_VALUE
fi
fi
if grep -q "XMPP_CIPHERS" $IMPORT_FILE; then
TEMP_VALUE=$(grep "XMPP_CIPHERS" $IMPORT_FILE | awk -F '=' '{print $2}')
if [ ${#TEMP_VALUE} -gt $MINIMUM_LENGTH ]; then
XMPP_CIPHERS=$TEMP_VALUE
fi
fi
if grep -q "XMPP_ECC_CURVE" $IMPORT_FILE; then
TEMP_VALUE=$(grep "XMPP_ECC_CURVE" $IMPORT_FILE | awk -F '=' '{print $2}')
if [ ${#TEMP_VALUE} -gt 3 ]; then
XMPP_ECC_CURVE=$TEMP_VALUE
fi
fi
}
function export_settings {
if [ ! $EXPORT_FILE ]; then
return
fi
if [ ! -f $EXPORT_FILE ]; then
if [ $SSL_PROTOCOLS ]; then
echo "SSL_PROTOCOLS=$SSL_PROTOCOLS" >> $EXPORT_FILE
fi
if [ $SSL_CIPHERS ]; then
echo "SSL_CIPHERS=$SSL_CIPHERS" >> $EXPORT_FILE
fi
if [ $SSH_CIPHERS ]; then
echo "SSH_CIPHERS=$SSH_CIPHERS" >> $EXPORT_FILE
fi
if [ $SSH_MACS ]; then
echo "SSH_MACS=$SSH_MACS" >> $EXPORT_FILE
fi
if [ $SSH_KEX ]; then
echo "SSH_KEX=$SSH_KEX" >> $EXPORT_FILE
fi
if [ $SSH_HOST_KEY_ALGORITHMS ]; then
echo "SSH_HOST_KEY_ALGORITHMS=$SSH_HOST_KEY_ALGORITHMS" >> $EXPORT_FILE
fi
if [ $SSH_PASSWORDS ]; then
echo "SSH_PASSWORDS=$SSH_PASSWORDS" >> $EXPORT_FILE
fi
if [ $XMPP_CIPHERS ]; then
echo "XMPP_CIPHERS=$XMPP_CIPHERS" >> $EXPORT_FILE
fi
if [ $XMPP_ECC_CURVE ]; then
echo "XMPP_ECC_CURVE=$XMPP_ECC_CURVE" >> $EXPORT_FILE
fi
return
fi
if [ $SSL_PROTOCOLS ]; then
if grep -q "SSL_PROTOCOLS" $EXPORT_FILE; then
sed -i "s|SSL_PROTOCOLS=.*|SSL_PROTOCOLS=$SSL_PROTOCOLS|g" $EXPORT_FILE
else
echo "SSL_PROTOCOLS=$SSL_PROTOCOLS" >> $EXPORT_FILE
fi
fi
if [ $SSL_CIPHERS ]; then
if grep -q "SSL_CIPHERS" $EXPORT_FILE; then
sed -i "s|SSL_CIPHERS=.*|SSL_CIPHERS=$SSL_CIPHERS|g" $EXPORT_FILE
else
echo "SSL_CIPHERS=$SSL_CIPHERS" >> $EXPORT_FILE
fi
fi
if [ $SSH_CIPHERS ]; then
if grep -q "SSH_CIPHERS" $EXPORT_FILE; then
sed -i "s|SSH_CIPHERS=.*|SSH_CIPHERS=$SSH_CIPHERS|g" $EXPORT_FILE
else
echo "SSH_CIPHERS=$SSH_CIPHERS" >> $EXPORT_FILE
fi
fi
if [ $SSH_MACS ]; then
if grep -q "SSH_MACS" $EXPORT_FILE; then
sed -i "s|SSH_MACS=.*|SSH_MACS=$SSH_MACS|g" $EXPORT_FILE
else
echo "SSH_MACS=$SSH_MACS" >> $EXPORT_FILE
fi
fi
if [ $SSH_KEX ]; then
if grep -q "SSH_KEX" $EXPORT_FILE; then
sed -i "s|SSH_KEX=.*|SSH_KEX=$SSH_KEX|g" $EXPORT_FILE
else
echo "SSH_KEX=$SSH_KEX" >> $EXPORT_FILE
fi
fi
if [ $SSH_HOST_KEY_ALGORITHMS ]; then
if grep -q "SSH_HOST_KEY_ALGORITHMS" $EXPORT_FILE; then
sed -i "s|SSH_HOST_KEY_ALGORITHMS=.*|SSH_HOST_KEY_ALGORITHMS=$SSH_HOST_KEY_ALGORITHMS|g" $EXPORT_FILE
else
echo "SSH_HOST_KEY_ALGORITHMS=$SSH_HOST_KEY_ALGORITHMS" >> $EXPORT_FILE
fi
fi
if [ $SSH_PASSWORDS ]; then
if grep -q "SSH_PASSWORDS" $EXPORT_FILE; then
sed -i "s|SSH_PASSWORDS=.*|SSH_PASSWORDS=$SSH_PASSWORDS|g" $EXPORT_FILE
else
echo "SSH_PASSWORDS=$SSH_PASSWORDS" >> $EXPORT_FILE
fi
fi
if [ $XMPP_CIPHERS ]; then
if grep -q "XMPP_CIPHERS" $EXPORT_FILE; then
sed -i "s|XMPP_CIPHERS=.*|XMPP_CIPHERS=$XMPP_CIPHERS|g" $EXPORT_FILE
else
echo "XMPP_CIPHERS=$XMPP_CIPHERS" >> $EXPORT_FILE
fi
fi
if [ $XMPP_ECC_CURVE ]; then
if grep -q "XMPP_ECC_CURVE" $EXPORT_FILE; then
sed -i "s|XMPP_ECC_CURVE=.*|XMPP_ECC_CURVE=$XMPP_ECC_CURVE|g" $EXPORT_FILE
else
echo "XMPP_ECC_CURVE=$XMPP_ECC_CURVE" >> $EXPORT_FILE
fi
fi
echo "Security settings exported to $EXPORT_FILE"
exit 0
}
function show_help {
echo ''
echo 'freedombone-sec'
echo ''
echo 'Alters the security settings'
echo ''
echo ''
echo ' -h --help Show help'
echo ' -e --export Export security settings to a file'
echo ' -i --import Import security settings from a file'
echo ''
exit 0
}
# Get the commandline options
while [[ $# > 1 ]]
do
key="$1"
case $key in
-h|--help)
show_help
;;
# Export settings
-e|--export)
shift
EXPORT_FILE="$1"
;;
# Export settings
-i|--import)
shift
IMPORT_FILE="$1"
;;
*)
# unknown option
;;
esac
shift
done
get_website_settings
get_imap_settings
get_ssh_settings
get_xmpp_settings
import_settings
export_settings
interactive_setup
change_website_settings
change_imap_settings