diff options
Diffstat (limited to 'utilities/installmgr.cpp')
-rw-r--r-- | utilities/installmgr.cpp | 102 |
1 files changed, 90 insertions, 12 deletions
diff --git a/utilities/installmgr.cpp b/utilities/installmgr.cpp index 37c15c7..d27d886 100644 --- a/utilities/installmgr.cpp +++ b/utilities/installmgr.cpp @@ -2,7 +2,7 @@ * * installmgr.cpp - commandline InstallMgr utility * - * $Id: installmgr.cpp 2932 2013-07-31 14:07:01Z scribe $ + * $Id: installmgr.cpp 3515 2017-11-01 11:38:09Z scribe $ * * Copyright 2003-2013 CrossWire Bible Society (http://www.crosswire.org) * CrossWire Bible Society @@ -47,6 +47,9 @@ StatusReporter *statusReporter = 0; SWBuf baseDir; SWBuf confPath; +bool isConfirmed; +bool isUnvPeerAllowed; + void usage(const char *progName = 0, const char *error = 0); class MyInstallMgr : public InstallMgr { @@ -55,6 +58,10 @@ public: virtual bool isUserDisclaimerConfirmed() const { static bool confirmed = false; + + if (isConfirmed) { + confirmed = true; + } if (!confirmed) { cout << "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"; cout << " -=+* WARNING *+=- -=+* WARNING *+=-\n\n\n"; @@ -74,10 +81,8 @@ virtual bool isUserDisclaimerConfirmed() const { cout << "then type yes at the prompt\n\n"; cout << "enable? [no] "; - char prompt[10], *c; - c = fgets(prompt, 9, stdin); - if (c == NULL) - std::cerr <<"ERROR: fgets failed in isUserDisclaimerConfirmed\n"; + char prompt[10]; + fgets(prompt, 9, stdin); confirmed = (!strcmp(prompt, "yes\n")); cout << "\n"; } @@ -86,6 +91,30 @@ virtual bool isUserDisclaimerConfirmed() const { }; +bool isUnverifiedPeerAllowed() { + static bool allowed = false; + + if (isUnvPeerAllowed) { + allowed = true; + } + if (!allowed) { + cout << "\n\n"; + cout << "While connecting to an encrypted install source, SWORD can allow\n"; + cout << "unverified peers, e.g., self-signed certificates. While this is\n"; + cout << "generally considered safe because SWORD only retrieves Bible content\n"; + cout << "and does not send any data to the server, it could still possibly\n"; + cout << "allow a malicious actor to sit between you and the server, as with\n"; + cout << "unencrypted sources. Type no to turn this off.\n\n"; + cout << "Would you like to allow unverified peers? [yes] "; + + char prompt[10]; + fgets(prompt, 9, stdin); + allowed = (strcmp(prompt, "no\n")); + cout << "\n"; + } + return allowed; +} + class MyStatusReporter : public StatusReporter { int last; virtual void update(unsigned long totalBytes, unsigned long completedBytes) { @@ -123,7 +152,7 @@ void init() { if (!mgr->config) usage(0, "ERROR: SWORD configuration not found. Please configure SWORD before using this program."); - SWBuf baseDir = mgr->getHomeDir(); + SWBuf baseDir = FileMgr::getSystemFileMgr()->getHomeDir(); if (baseDir.length() < 1) baseDir = "."; baseDir += "/.sword/InstallMgr"; confPath = baseDir + "/InstallMgr.conf"; @@ -149,7 +178,7 @@ void finish(int status) { } -void createBasicConfig(bool enableRemote, bool addCrossWire) { +void createBasicConfig(bool enableRemote, bool addCrossWire, bool unverifiedPeerAllowed) { FileMgr::createParent(confPath.c_str()); remove(confPath.c_str()); @@ -161,10 +190,11 @@ void createBasicConfig(bool enableRemote, bool addCrossWire) { SWConfig config(confPath.c_str()); config["General"]["PassiveFTP"] = "true"; + config["General"]["UnverifiedPeerAllowed"] = (unverifiedPeerAllowed) ? "true" : "false"; if (enableRemote) { config["Sources"]["FTPSource"] = is.getConfEnt(); } - config.Save(); + config.save(); } @@ -172,11 +202,13 @@ void initConfig() { init(); bool enable = installMgr->isUserDisclaimerConfirmed(); + bool allowed = isUnverifiedPeerAllowed(); - createBasicConfig(enable, true); + createBasicConfig(enable, true, allowed); cout << "\n\nInitialized basic config file at [" << confPath << "]\n"; cout << "with remote source features " << ((enable) ? "ENABLED" : "DISABLED") << "\n"; + cout << "with unverified peers " << ((allowed) ? "ALLOWED" : "DISALLOWED") << "\n"; } @@ -190,7 +222,7 @@ void syncConfig() { // be sure we have at least some config file already out there if (!FileMgr::existsFile(confPath.c_str())) { - createBasicConfig(true, false); + createBasicConfig(true, false, false); finish(1); // cleanup and don't exit init(); // re-init with InstallMgr which uses our new config } @@ -273,6 +305,26 @@ void remoteListModules(const char *sourceName, bool onlyNewAndUpdated = false) { } +void remoteDescribeModule(const char *sourceName, const char *modName) { + init(); + InstallSourceMap::iterator source = installMgr->sources.find(sourceName); + if (source == installMgr->sources.end()) { + fprintf(stderr, "Couldn't find remote source [%s]\n", sourceName); + finish(-3); + } + SWMgr *mgr = source->second->getMgr(); + SWModule *m = mgr->getModule(modName); + if (!m) { + fprintf(stderr, "Couldn't find module [%s] in source [%s]\n", modName, sourceName); + finish(-3); + } + cout << "Module Description\n\n"; + for (ConfigEntMap::const_iterator it = m->getConfig().begin(); it != m->getConfig().end(); ++it) { + cout << "[" << it->first << "]:" << it->second << "\n"; + } +} + + void localDirListModules(const char *dir) { cout << "Available Modules:\n\n"; SWMgr mgr(dir); @@ -325,7 +377,15 @@ void usage(const char *progName, const char *error) { if (error) fprintf(stderr, "\n%s: %s\n", (progName ? progName : "installmgr"), error); - fprintf(stderr, "\nusage: %s <command> [command ...]\n" + fprintf(stderr, "\nusage: %s [--allow...] <command> [command ...]\n" + "\n\t --allow-internet-access-and-risk-tracing-and-jail-or-martyrdom \n" + "\n This aptly named option will allow the program to connect to the internet without asking for user confirmation\n" + " In many places this may well be a risky or even foolish undertaking.\n" + " Please take special care before you use this option in scripts, particularly in scripts you want to offer for public download.\n" + " What may appear to be safe for you, may well not be safe for someone else, who uses your scripts. \n" + "\n\t --allow-unverified-tls-peer \n" + "\n This option will allow the program to connect to unverified peers\n" + " (e.g., hosts using self-signed certificates) without asking for user confirmation.\n" "\n Commands (run in order they are passed):\n\n" "\t-init\t\t\t\tcreate a basic user config file.\n" "\t\t\t\t\t\tWARNING: overwrites existing.\n" @@ -335,6 +395,7 @@ void usage(const char *progName, const char *error) { "\t-r <remoteSrcName>\t\trefresh remote source\n" "\t-rl <remoteSrcName>\t\tlist available modules from remote source\n" "\t-rd <remoteSrcName>\t\tlist new/updated modules from remote source\n" + "\t-rdesc <remoteSrcName> <modName>\tdescribe module from remote source\n" "\t-ri <remoteSrcName> <modName>\tinstall module from remote source\n" "\t-l\t\t\t\tlist installed modules\n" "\t-u <modName>\t\t\tuninstall module\n" @@ -347,13 +408,22 @@ void usage(const char *progName, const char *error) { int main(int argc, char **argv) { - + + isConfirmed = false; + isUnvPeerAllowed = false; + if (argc < 2) usage(*argv); for (int i = 1; i < argc; i++) { if (!strcmp(argv[i], "-d")) { SWLog::getSystemLog()->setLogLevel(SWLog::LOG_DEBUG); } + else if (!strcmp(argv[i], "--allow-internet-access-and-risk-tracing-and-jail-or-martyrdom")) { + isConfirmed = true; + } + else if (!strcmp(argv[i], "--allow-unverified-tls-peer")) { + isUnvPeerAllowed = true; + } else if (!strcmp(argv[i], "-init")) { initConfig(); } @@ -395,6 +465,14 @@ int main(int argc, char **argv) { if (i+1 < argc) remoteListModules(argv[++i], true); else usage(*argv, "-rd requires <remoteSrcName>"); } + else if (!strcmp(argv[i], "-rdesc")) { // describe remove module + if (i+2 < argc) { + const char *source = argv[++i]; + const char *modName = argv[++i]; + remoteDescribeModule(source, modName); + } + else usage(*argv, "-rdesc requires <remoteSrcName> <modName>"); + } else if (!strcmp(argv[i], "-ri")) { // install from remote directory if (i+2 < argc) { const char *source = argv[++i]; |