forked from jedisct1/piknik
-
Notifications
You must be signed in to change notification settings - Fork 0
/
piknik.go
222 lines (211 loc) · 5.79 KB
/
piknik.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
package main
import (
"encoding/binary"
"encoding/hex"
"flag"
"fmt"
"io/ioutil"
"log"
"runtime"
"time"
"github.com/BurntSushi/toml"
"github.com/minio/blake2b-simd"
"github.com/mitchellh/go-homedir"
)
const (
// Version - Piknik version
Version = "0.9.1"
// DomainStr - BLAKE2 domain (personalization)
DomainStr = "PK"
// DefaultListen - Default value for the Listen parameter
DefaultListen = "0.0.0.0:8075"
// DefaultConnect - Default value for the Connect parameter
DefaultConnect = "127.0.0.1:8075"
// DefaultTTL - Time after the clipboard is considered obsolete, in seconds
DefaultTTL = 7 * 24 * time.Hour
)
type tomlConfig struct {
Connect string
Listen string
EncryptSk string
EncryptSkID uint64
Psk string
SignPk string
SignSk string
Timeout uint
DataTimeout uint
TTL uint
}
// Conf - Shared config
type Conf struct {
Connect string
Listen string
MaxClients uint64
MaxLen uint64
EncryptSk []byte
EncryptSkID []byte
Psk []byte
SignPk []byte
SignSk []byte
Timeout time.Duration
DataTimeout time.Duration
TTL time.Duration
TrustedIPCount uint64
}
func expandConfigFile(path string) string {
file, err := homedir.Expand(path)
if err != nil {
log.Fatal(err)
}
return file
}
func version() {
fmt.Printf("\nPiknik v%v (protocol version: %v)\n",
Version, DefaultClientVersion)
}
func confCheck(conf Conf, isServer bool) {
if len(conf.Psk) != 32 {
log.Fatal("Configuration error: the Psk property is either missing or invalid")
}
if len(conf.SignPk) != 32 {
log.Fatal("Configuration error: the SignPk property is either missing or invalid")
}
if isServer {
if len(conf.Listen) < 3 {
log.Fatal("Configuration error: the Listen property must be valid for a server")
}
if conf.MaxClients <= 0 {
log.Fatal("Configuration error: MaxClients should be at least 1")
}
} else {
if len(conf.Connect) < 3 {
log.Fatal("Configuration error: the Connect property must be valid for a client")
}
if len(conf.EncryptSk) != 32 || len(conf.SignSk) != 64 {
log.Fatal("Configuration error: the EncryptSk and SignSk properties must be present\n" +
"and valid in order to use this command in client mode")
}
if conf.TTL <= 0 {
log.Fatal("TTL cannot be 0")
}
}
}
func main() {
log.SetFlags(0)
isCopy := flag.Bool("copy", false, "store content (copy)")
_ = flag.Bool("paste", false, "retrieve the content (paste) - this is the default action")
isMove := flag.Bool("move", false, "retrieve and delete the clipboard content")
isServer := flag.Bool("server", false, "start a server")
isGenKeys := flag.Bool("genkeys", false, "generate keys")
isDeterministic := flag.Bool("password", false, "derive the keys from a password (default=random keys)")
maxClients := flag.Uint64("maxclients", 10, "maximum number of simultaneous client connections")
maxLenMb := flag.Uint64("maxlen", 0, "maximum content length to accept in Mb (0=unlimited)")
timeout := flag.Uint("timeout", 10, "connection timeout (seconds)")
dataTimeout := flag.Uint("datatimeout", 3600, "data transmission timeout (seconds)")
isVersion := flag.Bool("version", false, "display package version")
defaultConfigFile := "~/.piknik.toml"
if runtime.GOOS == "windows" {
defaultConfigFile = "~/piknik.toml"
}
configFile := flag.String("config", defaultConfigFile, "configuration file")
flag.Parse()
if *isVersion {
version()
return
}
tomlData, err := ioutil.ReadFile(expandConfigFile(*configFile))
if err != nil && *isGenKeys == false {
log.Fatal(err)
}
var tomlConf tomlConfig
if _, err = toml.Decode(string(tomlData), &tomlConf); err != nil {
log.Fatal(err)
}
var conf Conf
if tomlConf.Listen == "" {
conf.Listen = DefaultListen
} else {
conf.Listen = tomlConf.Listen
}
if tomlConf.Connect == "" {
conf.Connect = DefaultConnect
} else {
conf.Connect = tomlConf.Connect
}
if *isGenKeys {
leKey := ""
if *isDeterministic {
leKey = getPassword("Password> ")
}
genKeys(conf, *configFile, leKey)
return
}
pskHex := tomlConf.Psk
psk, err := hex.DecodeString(pskHex)
if err != nil {
log.Fatal(err)
}
conf.Psk = psk
if encryptSkHex := tomlConf.EncryptSk; encryptSkHex != "" {
encryptSk, err := hex.DecodeString(encryptSkHex)
if err != nil {
log.Fatal(err)
}
conf.EncryptSk = encryptSk
}
if signPkHex := tomlConf.SignPk; signPkHex != "" {
signPk, err := hex.DecodeString(signPkHex)
if err != nil {
log.Fatal(err)
}
conf.SignPk = signPk
}
if encryptSkID := tomlConf.EncryptSkID; encryptSkID > 0 {
conf.EncryptSkID = make([]byte, 8)
binary.LittleEndian.PutUint64(conf.EncryptSkID, encryptSkID)
} else if len(conf.EncryptSk) > 0 {
hf, _ := blake2b.New(&blake2b.Config{
Person: []byte(DomainStr),
Size: 8,
})
hf.Write(conf.EncryptSk)
encryptSkID := hf.Sum(nil)
encryptSkID[7] &= 0x7f
conf.EncryptSkID = encryptSkID
}
conf.TTL = DefaultTTL
if ttl := tomlConf.TTL; ttl > 0 {
conf.TTL = time.Duration(ttl) * time.Second
}
if signSkHex := tomlConf.SignSk; signSkHex != "" {
signSk, err := hex.DecodeString(signSkHex)
if err != nil {
log.Fatal(err)
}
switch len(signSk) {
case 32:
if len(conf.SignPk) != 32 {
log.Fatal("Public signing key required")
}
signSk = append(signSk, conf.SignPk...)
case 64:
default:
log.Fatal("Unsupported length for the secret signing key")
}
conf.SignSk = signSk
}
conf.MaxClients = *maxClients
conf.MaxLen = *maxLenMb * 1024 * 1024
conf.Timeout = time.Duration(*timeout) * time.Second
conf.DataTimeout = time.Duration(*dataTimeout) * time.Second
conf.TrustedIPCount = uint64(float64(conf.MaxClients) * 0.1)
if conf.TrustedIPCount < 1 {
conf.TrustedIPCount = 1
}
confCheck(conf, *isServer)
if *isServer {
RunServer(conf)
} else {
RunClient(conf, *isCopy, *isMove)
}
}