From 4a5dd8c4bd45ca10df12a2aa48f4f0a1f521499d Mon Sep 17 00:00:00 2001 From: TLINDEN Date: Fri, 10 Feb 2012 20:13:28 +0100 Subject: [PATCH] CHANGED: removed install.sh. use now a Makefile for installation. ADDED: Encryption support. Note can now encrypt notes using IDEA or DES as encryption-protocols(symetric). --- Changelog | 7 ++++ Makefile.PL | 94 +++++++++++++++++++++++++++++++++++++++++++ NOTEDB/binary.pm | 75 +++++++++++++++++++++++++++++----- NOTEDB/mysql.pm | 100 ++++++++++++++++++++++++++++++++++++++-------- README | 102 ++++++++++++++++++++++++++--------------------- UPGRADE | 49 ++++++++++++++++------- VERSION | 2 +- bin/note | 47 ++++++++++++++++++---- config/noterc | 17 ++++++-- 9 files changed, 394 insertions(+), 99 deletions(-) create mode 100644 Makefile.PL diff --git a/Changelog b/Changelog index 188a2c4..663095c 100644 --- a/Changelog +++ b/Changelog @@ -1,5 +1,12 @@ ================================================================================== +1.0.0: +CHANGED: removed install.sh. use now a Makefile for installation. +ADDED: Encryption support. Note can now encrypt notes using IDEA + or DES as encryption-protocols(symetric). + +================================================================================== + 0.9: FIXED: There were many new bugs after my last changes *grrrrr*. fixed. Works now properly, with both backends! diff --git a/Makefile.PL b/Makefile.PL new file mode 100644 index 0000000..7b0cfd3 --- /dev/null +++ b/Makefile.PL @@ -0,0 +1,94 @@ +# does not use ExtUtils::MakeMaker, because +# NOTEDB::mysql and NOTEDB::binary are internals +# of note. +# +# $Id: Makefile.PL,v 1.1 2000/04/17 17:38:49 thomas Exp thomas $ +# +# check for the existence of optional modules: +sub chk_mod +{ + my($mod, $msg) = @_; + print "<====\tchecking $mod \t====>\n"; + eval { + $mod .= ".pm"; + require $mod; + }; + if($@) { + print $msg; + } + else { + print " ... installed.\n"; + } + print "\n"; +} + +&chk_mod( + "DBI", + " WARNING: module DBI is not installed on your system.\n" + ." It is required, if you want to use a SQL database with\n" + ."note.\n" + ); + +&chk_mod( + "Crypt::IDEA", + " WARNING: module Crypt::IDEA is not installed on your system.\n" + ." It is required, if you want to encrypt your data using IDEA.\n" + ); + +&chk_mod( + "Crypt::DES", + " WARNING: module Crypt::DES is not installed on your system.\n" + ." It is required, if you want to encrypt your data using DES.\n" + ); + +&chk_mod( + "Crypt::CBC", + " WARNING: module Crypt::CBC is not installed on your system.\n" + ." It is required, if you want to encrypt your data using CBC.\n" + ); + +&chk_mod( + "MD5", + " WARNING: module MD5 is not installed on your system.\n" + ." It is required by Crypt::CBC.\n" + ); + +foreach $dir (@INC) { + if($dir =~ /site_perl/) + { $LIBDIR = $dir; last; } +} +print "directory, where to install libs [$LIBDIR]: "; +$input = <>; +chomp $input; +$LIBDIR = $input if($input ne ""); + +$BINDIR = "/usr/local/bin"; +print "directory, where to install note [$BINDIR]: "; +$input = <>; +chomp $input; +$BINDIR = $input if($input ne ""); + +$install = `which install`; + +open M, "> Makefile" || die $!; +print M qq~BIN = bin/note +LIBS = NOTEDB/mysql.pm NOTEDB/binary.pm +INSTBIN = $BINDIR +INSTLIB = $LIBDIR +INSTALL = $install +all: + \@echo "done. Type make install.\\n" + +install: + \$(INSTALL) -d -m 755 \$(INSTLIB)/NOTEDB + \$(INSTALL) -m 755 \$(LIBS) \$(INSTLIB)/NOTEDB + \$(INSTALL) -m 755 \$(BIN) \$(INSTBIN) +~; + +print "Type \"make install\" to install all files.\n\n"; +print "Please note: You may also copy the file \"config/noterc\" to\n" + ."your home: \"cp config/noterc ~/.noterc\". Don't forget to edit\n" + ."your config-file. Read the README for more informations on this\n" + ."topic.\n" + ."Thanks for choosing \"note\"! You are helping to keep the \n" + ."OpenSource idea alive! Enjoy and tell me, what you think!\n\n"; diff --git a/NOTEDB/binary.pm b/NOTEDB/binary.pm index aecdaa3..6111cdf 100644 --- a/NOTEDB/binary.pm +++ b/NOTEDB/binary.pm @@ -1,5 +1,5 @@ #!/usr/bin/perl -# $Id: binary.pm,v 1.3 2000/03/20 00:36:50 thomas Exp thomas $ +# $Id: binary.pm,v 1.4 2000/04/17 17:39:27 thomas Exp thomas $ # Perl module for note # binary database backend. see docu: perldoc NOTEDB::binary # @@ -9,10 +9,23 @@ use IO::Seekable; package NOTEDB; use Fcntl qw(LOCK_EX LOCK_UN); - +BEGIN { + # make sure, it works, although encryption + # not supported on this system! + eval { require Crypt::CBC; }; + if($@) { + $NOTEDB::crypt_supported = 0; + } + else { + $NOTEDB::crypt_supported = 1; + } +} + # Globals: my ($NOTEDB, $sizeof, $typedef,$version); -$version = "(NOTEDB::binary, 1.3)"; +my ($cipher); + +$version = "(NOTEDB::binary, 1.4)"; sub new @@ -54,6 +67,24 @@ sub version { return $version; } +sub no_crypt { + $NOTEDB::crypt_supported = 0; +} + +sub use_crypt { + my($this,$key,$method) = @_; + if($NOTEDB::crypt_supported == 1) { + eval { + $cipher = new Crypt::CBC($key, $method); + }; + if($@) { + $NOTEDB::crypt_supported == 0; + } + } + else{ + print "warning: Crypt::CBC not supported by system!\n"; + } +} sub get_single { @@ -240,17 +271,31 @@ sub set_recountnums sub uen { - my($T); - $T = pack("u", $_[0]); - chomp $T; - return $T; + my($T); + if($NOTEDB::crypt_supported == 1) { + eval { + $T = pack("u", $cipher->encrypt($_[0])); + }; + } + else { + $T = pack("u", $_[0]); + } + chomp $T; + return $T; } sub ude { - my($T); - $T = unpack("u", $_[0]); - return $T; + my($T); + if($NOTEDB::crypt_supported == 1) { + eval { + $T = $cipher->decrypt(unpack("u",$_[0])); + }; + } + else { + $T = unpack("u", $_[0]); + } + return $T; } 1; # keep this! @@ -269,6 +314,16 @@ NOTEDB::binary - module lib for accessing a notedb from perl # create a new NOTEDB object $db = new NOTEDB("binary", "/home/tom/.notedb", 4096, 24); + # decide to use encryption + # $key is the cipher to use for encryption + # $method must be either Crypt::IDEA or Crypt::DES + # you need Crypt::CBC, Crypt::IDEA and Crypt::DES to have installed. + $db->use_crypt($key,$method); + + # do not use encryption + # this is the default + $db->no_crypt; + # get a single note ($note, $date) = $db->get_single(1); diff --git a/NOTEDB/mysql.pm b/NOTEDB/mysql.pm index 735cb7a..05a4da5 100644 --- a/NOTEDB/mysql.pm +++ b/NOTEDB/mysql.pm @@ -1,5 +1,5 @@ #!/usr/bin/perl -# $Id: mysql.pm,v 1.2 2000/03/20 00:36:55 thomas Exp thomas $ +# $Id: mysql.pm,v 1.3 2000/04/17 17:39:37 thomas Exp thomas $ # Perl module for note # mysql database backend. see docu: perldoc NOTEDB::binary # @@ -10,13 +10,25 @@ use Data::Dumper; package NOTEDB; +BEGIN { + # make sure, it works, although encryption + # not supported on this system! + eval { require Crypt::CBC; }; + if($@) { + $NOTEDB::crypt_supported = 0; + } + else { + $NOTEDB::crypt_supported = 1; + } +} + # Globals: -my ($DB, $table, $fnum, $fnote, $fdate, $version); +my ($DB, $table, $fnum, $fnote, $fdate, $version, $cipher); $table = "note"; $fnum = "number"; $fnote = "note"; $fdate = "date"; -$version = "(NOTEDB::mysql, 1.2)"; +$version = "(NOTEDB::mysql, 1.3)"; # prepare some std statements... ##################################################################### my $sql_getsingle = "SELECT $fnote,$fdate FROM $table WHERE $fnum = ?"; @@ -65,6 +77,24 @@ sub version { return $version; } +sub no_crypt { + $NOTEDB::crypt_supported = 0; +} + +sub use_crypt { + my($this, $key, $method) = @_; + if($NOTEDB::crypt_supported == 1) { + eval { + $cipher = new Crypt::CBC($key, $method); + }; + if($@) { + $NOTEDB::crypt_supported == 0; + } + } + else{ + print "warning: Crypt::CBC not supported by system!\n"; + } +} sub get_single { @@ -76,7 +106,7 @@ sub get_single $statement->bind_columns(undef, \($note, $date)) || die $DB->errstr(); while($statement->fetch) { - return $note, $date; + return ude($note), ude($date); } } @@ -90,8 +120,8 @@ sub get_all $statement->bind_columns(undef, \($num, $note, $date)) || die $DB->errstr(); while($statement->fetch) { - $res{$num}->{'note'} = $note; - $res{$num}->{'date'} = $date; + $res{$num}->{'note'} = ude($note); + $res{$num}->{'date'} = ude($date); } return %res; } @@ -114,15 +144,28 @@ sub get_search { my($this, $searchstring) = @_; my($num, $note, $date, %res); - $searchstring = "\%$searchstring\%"; - my $statement = $DB->prepare($sql_search) || die $DB->errstr(); - - $statement->execute($searchstring) || die $DB->errstr(); - $statement->bind_columns(undef, \($num, $note, $date)) || die $DB->errstr(); - - while($statement->fetch) { - $res{$num}->{'note'} = $note; - $res{$num}->{'date'} = $date; + if($NOTEDB::crypt_supported != 1) { + $searchstring = "\%$searchstring\%"; + my $statement = $DB->prepare($sql_search) || die $DB->errstr(); + $statement->execute($searchstring) || die $DB->errstr(); + $statement->bind_columns(undef, \($num, $note, $date)) + || die $DB->errstr(); + while($statement->fetch) { + $res{$num}->{'note'} = $note; + $res{$num}->{'date'} = $date; + } + } + else { + my %res = $this->get_all(); + foreach $num (sort { $a <=> $b } keys %res) { + $note = ude($res{$num}->{'note'}); + $date = ude($res{$num}->{'date'}); + if($note =~ /$searchstring/i) + { + $res{$num}->{'note'} = $note; + $res{$num}->{'date'} = $date; + } + } } return %res; } @@ -138,7 +181,7 @@ sub set_edit $note =~ s/'/\'/g; $note =~ s/\\/\\\\/g; - $statement->execute($note, $date, $num) || die $DB->errstr(); + $statement->execute(uen($note), uen($date), $num) || die $DB->errstr(); } @@ -150,7 +193,7 @@ sub set_new $note =~ s/'/\'/g; $note =~ s/\\/\\\\/g; - $statement->execute($num, $note, $date) || die $DB->errstr(); + $statement->execute($num, uen($note), uen($date)) || die $DB->errstr(); } @@ -194,6 +237,29 @@ sub set_recountnums } } +sub uen +{ + my($T); + if($NOTEDB::crypt_supported == 1) { + eval { + $T = pack("u", $cipher->encrypt($_[0])); + } + } + chomp $T; + return $T; +} + +sub ude +{ + my($T); + if($NOTEDB::crypt_supported == 1) { + eval { + $T = $cipher->decrypt(unpack("u",$_[0])) + } + } + return $T; +} + 1; # keep this! __END__ diff --git a/README b/README index b7a2e27..73c8f49 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -note 0.9 by Thomas Linden, 20/03/2000 +note 1.0.0 by Thomas Linden, 18/04/2000 Introduction @@ -15,7 +15,8 @@ Introduction as you want. You can run note from the commandline or interactive from within your console. You can sort your notes in different topics, which is usefull - if you have a lot of them. + if you have a lot of them. Additional it is possible + to encrypt your notes for protection. There are currently two different database backends, which you can use with note: @@ -43,13 +44,24 @@ Requirements Installation ============ - There is a script provided called "install.sh", which will - ask you a few questions about file destinations and database - backends. Simply answer this questions and it does the rest. + Unpack the tar-ball and issue the command: + $ perl Makefile.PL + It will ask you a few questions about file destinations. + The script will find itself the proper destinations for + the files. So, if you agree with it, simply press ENTER. + However, you may decide to use other destinations. In this + case, enter it, when asked. This maybe usefull, if you are + installing it in your ome-directory and if you are not root! For installation instructions for the mysql database installation see mysql/README. + If want to use another SQL database, i.e. postgresql then set + the option "$DRIVER" to the name of the responding DBI-driver + and create a symlink of this name like this: + /usr/lib/perl5/siteperl/NOTEDB $ ln -s mysql.pm oracle.pm + The functionality is the same, but not the name! + Configuration @@ -259,51 +271,49 @@ Format of the ASCII-dump file (note -D) Security ======== - You can't use the following hints with the mysql version! - Refer to the mysql manual for more informations about - security of mysql databases: + If you are using the MySQL driver, refer to the mysql + manual for more informations about security of mysql databases: http://www.mysql.org/Manual_chapter/manual_Privilege_system.html - If you want to protect the notedb against unauthorized persons - (even root), you might want to use pgp. I use gpg (GNU privacy - guard), which is compatible to pgp, usage should be similar. - You could add a function to your .profile or .bashrc or whatever: - --- snip --- - function note - { - gpg -o ~/.notedb -d ~/.notedb.gpg - note $1 $2 $3 - gpg -e ~/.notedb --yes -r username - rm -rf ~/.notedb - } - --- snip --- - You should replace with your real username. After applying - this function to your .profile, issue the following command: - "source .profile" - You shell will reread the file, so you can try it out without the need - of new login. - This function assumes, there exists a file called "~/.notedb.gpg", - therefore you need to encrypt your notedb once before you can use this - funcion: - "gpg -e ~/.notedb --yes -r username" + If you are using notes proprietary binary driver, then + the permission 0600 of the file "~/.notedb" is strongly required! - Here is, how to do it with pgp, create a shell script with the following - content: - --- snip --- - #!/bin/sh - /bin/echo -n "passphrase:" - pgp -o ~/.notedb -d ~/.notedb.pgp > /dev/null 2>&1 - rm -f ~/.notedb.pgp > /dev/null 2>&1 - note.pl $1 $2 $3 - pgp -e ~/.notedb tlinden > /dev/null 2>&1 - rm -f ~/.notedb > /dev/null 2>&1 - --- snip --- - Do "chmod 700 whatevername". That's it. + Additional, you can turn on encryption from the config file. + Simply set $USE_CRYPT to "YES". Please note, that you need + to decide, if you want to use encryption before the first use + of note! If have already a note database and want to "migrate" + to encryption, I suggest you to follow the directions in the + file UPGRADE! - If you don't make use of encryption, I suggest you to chmod it: - "chmod 600 .notedb" - So, only you can read the file (and root or any intruder who became root). + You can choose from different encryption algorythms. The default + is IDEA, but DES or BLOWFISH is also possible. You need to have + installed the following additional perl-modules on your system: + MD5 + Crypt::IDEA + Crypt::DES + Crypt::CBC + After turning on encryption, note will ask you for a passphrase + everytime it runs! It will *not* store this passphrase! + So, don't forget it! Be careful! + + Once note have encrypted some data using this passphrase, you + cannot simply switch to another passphrase, because all data + within the database needs to be encrypted using the same passphrase! + If you want to change the passphrase for any reason, please read + the file UPGRADE and follow it's directions! + Someday I will add a "change passwd" function, which will do all + these things for you. Someday, I said... + + Note: To make sure, the encrypted data can be stored properly, + it will be uuencoded after encryption. + + Note: *If* you forgot your passphrase and *if* you don't have + a backup of your database without encryption, PLEASE + don't bother me with "helpme" emails! If you don't know + the phrase, then the data can't be decrypted. Even if it + is possible - I am not responsible for that! + Comments @@ -336,4 +346,4 @@ Author and Copyright Last changed ============ - 19/03/2000 + 18/04/2000 diff --git a/UPGRADE b/UPGRADE index af70b20..a173281 100644 --- a/UPGRADE +++ b/UPGRADE @@ -1,3 +1,7 @@ +READ THIS FILE, IF YOU ARE UPGRADING FROM 0.9 TO 1.0.0 +====================================================== + + In any case: BACKUP your existing note database!!!!!!! The format has not changed, but some default values (see the new config file-sample). Use this command @@ -6,22 +10,39 @@ of note: "note -D" This works with both the mysql and the binary version. -You need to reedit your configfile, since there are now -some new required options! The most important: $dbdriver. +You need to reedit your configfile. Please refer to the +sample config in config/noterc. -If you used previously a binary db without a config, then -you will get trouble with your existing notedb because the -default values for field sizes has been changed (it was too -small)! You have two choices: -1. make a database dump ("note -D") with your old note-version. -2. remove your existing .notedb (and/or back it up!) -3. install the new note version -4. import the previously created dump ("note -I note.dump.23112") -or -Edit the config to reflect your field size settings. Set the -fields MAX_TIME=64 and MAX_NOTE=1024 (which was the default of -previous versions of note). +====================================================== +This version of note has now encryption support build in. +If you decide to use it, you need to re-initialize your +note database. That's why, because your current database +is unencrypted and *if* you want to secure your data, you +need to secure everything. That means, your existing data +must be encrypted before you can use this new capability! + +Follow this steps: + o backup existing db: + $ note -D + o backup the db: + $ cp .notedb .notedb.save + or (for mysql users!): + $ cp -r /usr/local/mysql/data/notedb ~/notedb.mysql.save + o go into note and delete all existing notes: + $ note -d 1-20 (or however) + o now upgrade your note installation: + $ perl Makefile.PL; make install + o re-configure note. Turn $USE_CRYPT on by setting it + to "YES". + o re-initialize your database: + $ note -I note.dump.2323 (or whatever) + note will prompt you for a passphrase. It will be used + by Crypt::CBC for encrypting your data. +From now on, your data is encrypted. You will need the passphrase +you set above for decrypting it! So - don't forget it! + +====================================================== AGAIN: YOU HAVE BEEN WARNED! DO NOT UPGRADE WITHOUT MADE A BACKUP OF YOUR DATABASE! I AM NOT RESPONSIBLE IF YOU diff --git a/VERSION b/VERSION index b63ba69..3eefcb9 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.9 +1.0.0 diff --git a/bin/note b/bin/note index 6741397..3dde7ef 100755 --- a/bin/note +++ b/bin/note @@ -63,9 +63,6 @@ # # note is GPL software. -#use Term::ReadLine; -#use POSIX qw(:sys_wait_h); - use strict; use Data::Dumper; @@ -96,7 +93,8 @@ my ( $_TIMEC, $TOPICC, $TOPIC_COLOR, $_TOPICC, $SetTitle, $COLOR, $typedef, $MAX_NOTE, $MAX_TIME, @NumBlock, $ALWAYS_EDIT, $HOME, $db, $dbname, $dbhost, $DEFAULTDBNAME, $dbuser, $USER, $dbpasswd, - $table, $fnum, $fnote, $fdate, $date, $dbdriver, $libpath, $db + $table, $fnum, $fnote, $fdate, $date, $dbdriver, $libpath, $db, + $USE_CRYPT, $CRYPT_METHOD, $key ); #################################################################### @@ -114,7 +112,7 @@ $dbdriver = "binary"; $libpath = "/usr/local/lib"; $NOTEDB = $HOME . "/.notedb"; $MAX_NOTE = 4096; -$MAX_TIME = 24; +$MAX_TIME = 64; $COLOR = "YES"; $BORDER_COLOR = "BLACK"; $NUM_COLOR = "blue"; @@ -123,11 +121,12 @@ $TIME_COLOR = "black"; $TOPIC_COLOR = "BLACK"; $TOPIC = 1; $TopicSep = '/'; -$version = "0.9 r1.15"; +$version = "1.0.0"; if($TOPIC) { $CurDepth = 1; # the current depth inside the topic "directory" structure... } +$USE_CRYPT = "NO"; #################################################################### # process command line args @@ -309,7 +308,41 @@ if($ListType ne "LONG" && $mode ne "interactive") } - +# check if the user wants to use encryption: +if($USE_CRYPT eq "YES" && $NOTEDB::crypt_supported == 1) { + if($CRYPT_METHOD eq "") { + $CRYPT_METHOD = "Crypt::IDEA"; + } + print "password: "; + eval { + local($|) = 1; + local(*TTY); + open(TTY,"/dev/tty"); + system ("stty -echo ); + print STDERR "\r\n"; + system ("stty echo ; + } + chomp $key; + $db->use_crypt($key,$CRYPT_METHOD); + undef $key; + # verify correctness of passwd + my ($note, $date) = $db->get_single(1); + if($date ne "") { + if($date !~ /^\d+\.\d+?/) { + print "access denied.\n"; + exit(1); + } + } #else empty! +} +else { + $db->no_crypt; + # does: NOTEDB::crypt_supported = 0; +} # main loop: ############### if($mode eq "display") diff --git a/config/noterc b/config/noterc index 890b5a0..64271d1 100644 --- a/config/noterc +++ b/config/noterc @@ -1,4 +1,4 @@ -# 0.8 +# 1.0.0 # This is a sample config for the note script # There are usefully defaults set in note itself. # @@ -11,7 +11,7 @@ # # You can contact me per email: # -# Thomas Linden, 19/03/2000 +# Thomas Linden, 18/04/2000 # Your home, better do not change it! @@ -19,7 +19,8 @@ $HOME = $ENV{'HOME'}; # specify the path, where the NOTEDB directory -# resides +# resides. This will only used if it is not +# installed inside the perl-lib directory structure! $libpath = "/usr/local/lib"; @@ -55,10 +56,18 @@ $MAX_NOTE = 4096; # Define the maximum bytes a timestamp can have # in a note-entry. -$MAX_TIME = 24; +$MAX_TIME = 64; ####### end binary ################# +# ENCRYPTION +# if you want to encrypt your note-data, turn this on +# by setting to "YES". The default is no. +# if turned on, note will ask you for a passphrase +$USE_CRYPT = "NO"; +# takes only affect if $USE_CRYPT is on! +# Possible values: IDEA or DES +$CRYPT_METHOD = "IDEA"; # requires Crypt::IDEA # uncomment this, if you want to run note always