diff options
| author | Paul C. Buetow (mars.fritz.box) <paul@buetow.org> | 2014-06-21 11:47:30 +0200 |
|---|---|---|
| committer | Paul C. Buetow (mars.fritz.box) <paul@buetow.org> | 2014-06-21 11:47:30 +0200 |
| commit | 1d9187b9624a11b7152b174f9173e226dc632e22 (patch) | |
| tree | efeba7558842649947fb05005638ab6ca8b14760 | |
| parent | 99cfdf8c2ffefb7090b15e3762166ae5d095f4ae (diff) | |
add package dependencies and implement openssl encryption0.1.2
| -rw-r--r-- | debian/control | 2 | ||||
| -rwxr-xr-x | src/netdiff | 11 |
2 files changed, 11 insertions, 2 deletions
diff --git a/debian/control b/debian/control index 8ab91e5..e281c4c 100644 --- a/debian/control +++ b/debian/control @@ -10,6 +10,6 @@ Vcs-Browser: https://github.com/rantanplan/netdiff Package: netdiff Architecture: all -Depends: +Depends: coreutils, openssl, tar, bash Description: Small netdiff package This utility can be used to diff files accross the network diff --git a/src/netdiff b/src/netdiff index d6ade31..a202c07 100755 --- a/src/netdiff +++ b/src/netdiff @@ -31,24 +31,33 @@ declare -r BASENAME=$(basename "${WHAT}") cd $(dirname "${WHAT}") +# An attacker does not know which file is diffed. So it's a shared secret +# between the two hosts +declare -r AESPASS=$(md5sum <<< "${SERVER}:${PORT}/${WHAT}" | cut -d' ' -f1) +declare -r OPENSSL_OPTS="enc -aes-256-cbc -base64 -salt -pass pass:${AESPASS}" + set -o pipefail if [[ "${SERVER}" == "$(hostname)" || "${SERVER}" == "$(hostname --fqdn)" ]]; then tar -cf - "${BASENAME}" | + openssl ${OPENSSL_OPTS} | nc -l -p ${PORT} | + openssl ${OPENSSL_OPTS} -d | tar -xf - --directory ${TMPWHAT} RC=$? else sleep 0.1 tar -cf - "${BASENAME}" | + openssl ${OPENSSL_OPTS} | nc ${SERVER} ${PORT} | + openssl ${OPENSSL_OPTS} -d | tar -xf - --directory ${TMPWHAT} RC=$? fi if [ ${RC} -ne 0 ]; then - echo 'Could not copy file via the network' + echo 'Something went wrong, could not diff' # Default trouble exit status of diff RC=2 else |