luksrku/codegen/print_help
Johannes Bauer 0d4d2220b2 Implemented unlock cnt and blacklist
Can now unlock a specified number of hosts as specified on the command
line (e.g., if you want a luksrku client run indefinitely) and also used
the already implemented blacklisting functionality (i.e., if an
unlocking is unsuccessful, it is retried in 120 seconds, not
immediately, as not to spam servers with illegal credentials).
2016-09-24 11:45:58 +02:00

93 lines
4.4 KiB
Python
Executable File

#!/usr/bin/python3
import textwrap
class HelpPagePrinter(object):
def __init__(self):
self._entries = [ ]
self._lcolsize = None
def add(self, lhs, rhs):
if isinstance(lhs, str):
lhs = (lhs, )
else:
lhs = (", ".join(lhs), )
if isinstance(rhs, str):
rhs = (rhs, )
self._entries.append((lhs, rhs))
def _format_entry(self, entry):
(lhs, rhs) = entry
lhs = list(lhs)
rhs = list(rhs)
right_lines = [ ]
for block in rhs:
right_lines += textwrap.wrap(block, width = 86 - self._lcolsize)
if len(lhs) < len(right_lines):
lhs += [ "" ] * (len(right_lines) - len(lhs))
elif len(lhs) > len(right_lines):
right_lines += [ "" ] * (len(lhs) - len(right_lines))
for (left, right) in zip(lhs, right_lines):
yield "%-*s %s" % (self._lcolsize, left, right.replace("\xa0", " "))
def _determine_lcolsize(self):
self._lcolsize = 0
for (lhs, rhs) in self._entries:
for line in lhs:
self._lcolsize = max(self._lcolsize, len(line))
def format_params(self):
lines = [ "" ]
for (lhs, rhs) in self._entries:
par = lhs[0].strip()
newline = lines[-1] + (" (%s)" % (par))
if len(newline) < 80:
lines[-1] = newline
else:
lines.append("(%s)" % (par))
yield from lines
def format_help(self):
self._determine_lcolsize()
for entry in self._entries:
yield from self._format_entry(entry)
hpp = HelpPagePrinter()
hpp.add([ "-c", "--client-mode" ], "Specifies client mode, i.e., that this host will unlock the LUKS disk of a different machine.")
hpp.add([ "-s", "--server-mode" ], "Specifies server mode, i.e., that this host will announce its presence via UDP broadcasts and then receive the LUKS credentials from a peer.")
hpp.add([ "-k", "--keydb=FILE" ], "Gives the binary key database file which will be used. In server mode, this contains only one entry (specifying the UUID of the host, the PSK and the UUIDs and names of the disks to be unlocked), while in client mode this may contain multiple entries (to unlock many different peers) and also contains the LUKS credentials for the respective disks.")
hpp.add([ "-u", "--unlock=CNT" ], "Specifies the maximum number of unlocking actions that are taken. In client mode, this defaults to 1. In server mode, it defaults to infinite (or until all disks have successfully been unlocked). Zero means infinite.")
hpp.add([ "-p", "--port=PORT" ], "Specifies the port on which is listened for UDP broadcasts and also the port on which TCP requests are sent out (the two are always identical). Default port ist 23170.")
hpp.add([ "-v", "--verbose" ], "Increase logging verbosity.")
for (index, line) in enumerate(hpp.format_params()):
if index == 0:
print("fprintf(stderr, \"%%s%s\\n\", pgmname);" % (line))
else:
print("fprintf(stderr, \" %s\\n\");" % (line))
print("fprintf(stderr, \"\\n\");")
for line in hpp.format_help():
print("fprintf(stderr, \" %s\\n\");" % (line))
print("fprintf(stderr, \"\\n\");")
#examples = [
# ("--client-mode ",
# "Converts {device} to a LUKS partition with default parameters."),
# ("-d {device} --resume-file myresume.dat",
# "Converts {device} to a LUKS partition with default parameters and store resume information in myresume.dat in case of an abort."),
# ("-d {device} -k /root/secure_key/keyfile.bin --luksparams='-c,twofish-lrw-benbi,-s,320,-h,sha256'",
# "Converts {device} to a LUKS partition and stores the initially used keyfile in /root/secure_key/keyfile.bin. Additionally some LUKS parameters are passed that specify that the Twofish cipher should be used with a 320 bit keysize and SHA-256 as a hash function."),
# ("-d {device} --resume --resume-file /root/resume.bin",
# "Resumes a crashed LUKS conversion of {device} using the file /root/resume.bin which was generated at the first (crashed) luksipc run."),
# ("-d {device} --readdev /dev/mapper/oldluks",
# "Convert the raw device {device}, which is already a LUKS container, to a new LUKS container. For example, this can be used to change the encryption parameters of the LUKS container (different cipher) or to change the bulk encryption key. In this example the old container is unlocked and accessible under /dev/mapper/oldluks."),
#]
#print("fprintf(stderr, \"Examples:\\n\");")
#for (cmd, desc) in examples:
# print("fprintf(stderr, \" %%s %s\\n\", argv[0]);" % (cmd.replace("{device}", device)))
# for line in textwrap.wrap(desc.replace("{device}", device), width = 80):
# print("fprintf(stderr, \" %s\\n\");" % (line))