1#!@PERL@ -w
2#
3# Copyright (c) 2007-2013 Zmanda, Inc.  All Rights Reserved.
4#
5# This program is free software; you can redistribute it and/or
6# modify it under the terms of the GNU General Public License
7# as published by the Free Software Foundation; either version 2
8# of the License, or (at your option) any later version.
9#
10# This program is distributed in the hope that it will be useful, but
11# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
13# for more details.
14#
15# You should have received a copy of the GNU General Public License along
16# with this program; if not, write to the Free Software Foundation, Inc.,
17# 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA
18#
19# Contact information: Zmanda Inc, 465 S. Mathilda Ave., Suite 300
20# Sunnyvale, CA 94086, USA, or: http://www.zmanda.com
21#
22
23# Amanda has problem with gpg mdc(modification detection code) in the binary mode.
24# This program encrypt with mdc disabled.
25# If mdc is required, use --armor option.
26
27
28
29# Run perl.
30eval '(exit $?0)' && eval 'exec /usr/bin/perl -S $0 ${1+"$@"}'
31         & eval 'exec /usr/bin/perl -S $0 $argv:q'
32                if 0;
33
34use Time::Local;
35
36my $AMANDA='@CLIENT_LOGIN@';
37my $saw_sigint = 0;
38
39$AMANDA_HOME = (getpwnam($AMANDA) )[7] || die "Cannot find $AMANDA home directory\n" ;
40
41#The following two ($AM_PASS, $AM_PRIV) are needed only for restore/recover
42#They should be protected and stored away during other time.
43$AM_PASS = "$AMANDA_HOME/.am_passphrase";
44$AM_PRIV = "$AMANDA_HOME/.gnupg/secring.gpg";
45
46$ENV{'PATH'} = '/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin:/opt/csw/bin';
47
48$ENV{'GNUPGHOME'} = "$AMANDA_HOME/.gnupg";
49
50sub do_gpg_agent() {
51    my $path=`which gpg-agent 2>/dev/null`;
52    chomp $path;
53    if (-x $path) {
54	return "gpg-agent --daemon --";
55    }
56    return ""
57}
58
59sub which_gpg() {
60    my $path=`which gpg2 2>/dev/null`;
61    if (!$path) {
62	$path=`which gpg 2>/dev/null`;
63    }
64    if (!$path) {
65	die("no gpg or gpg2");
66    }
67    chomp $path;
68    return $path;
69}
70
71sub encrypt() {
72    my $gpg_agent_cmd = do_gpg_agent();
73    my $gpg = which_gpg();
74    system "$gpg_agent_cmd $gpg  --batch --disable-mdc --encrypt --cipher-algo AES256 --recipient $AMANDA";
75    sleep(2); # allow gpg-agent the time to exit
76}
77
78sub decrypt() {
79    my $gpg_agent_cmd = do_gpg_agent();
80    my $gpg = which_gpg();
81    system "$gpg_agent_cmd $gpg --batch --quiet --no-mdc-warning --secret-keyring $AM_PRIV --decrypt --passphrase-fd 3  3<$AM_PASS";
82    sleep(2); # allow gpg-agent the time to exit
83}
84
85sub my_sig_catcher {
86	$saw_sigint = 1;
87}
88
89#main
90
91
92
93$SIG{'INT'} = 'my_sig_catcher';
94
95
96if ( $#ARGV > 0 ) {
97     die "Usage: $0 [-d]\n";
98}
99
100if ( $#ARGV==0 && $ARGV[0] eq "-d" ) {
101    decrypt();
102}
103else {
104    encrypt();
105}
106
107$SIG{'INT'} = 'DEFAULT';
108