#!/usr/bin/bash if [ $(/usr/bin/id -u) != 0 ]; then echo "only root can do that"; exit 2; fi #*************************************************************************** # This file is part of the CRYPTO BONE # File : systemd.fetch # Version : 2.0 (ALL-IN-ONE) # License : BSD-3-Clause # Date : 25 May 2025 # Contact : Please send enquiries and bug-reports to innovation@senderek.ie # # # Copyright (c) 2015-2025 # Ralf Senderek, Ireland. All rights reserved. (https://senderek.ie) # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # 3. All advertising materials mentioning features or use of this software # must display the following acknowledgement: # This product includes software developed by Ralf Senderek. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, # PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; # OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. #**************************************************************************** # no logs! # This script is run periodically by systemd service cryptobone-fetch.service every 30 seconds. # When the GUI is not active for 10 minutes, the service does not attempt to fetch a tarball # from the server to avoid unnecessary network trafic. # If the script safewebdrop/bin/requesttarball gets a tarball from the server comprising new # encrypted webdrops and encrypted files, the tarball is first stored in ${RAM}/tarball.tgz # Once such new tarball is present, an analysis is started that moves the tarball into the # TAR directory and runs safewebdrop/bin/analysetarball to extract the files being transferred # from the server. It also starts the attempts to decrypt the received files with AES keys that # are found in the database. . /usr/lib/cryptobone/safewebdrop.header GraceTime=600 FETCH=${RAM}/tarball.tgz /usr/bin/mkdir ${RAM}/IN 2> /dev/null /usr/bin/mkdir ${RAM}/FORENSIC 2> /dev/null /usr/bin/mkdir ${RAM}/MESSAGES 2> /dev/null /usr/bin/mkdir ${RAM}/FILES 2> /dev/null /usr/bin/mkdir ${RAM}/TAR 2> /dev/null /usr/bin/chmod 700 ${RAM}/MESSAGES ${RAM}/IN ${RAM}/FORENSIC ${RAM}/FILES 2> /dev/null # only run systemd.fetch if GUI is active and $RAM/GUI exists # every use of cbcontrol updates $RAM/GUI if [ -s ${RAM}/GUI ] then # check if GUI is still active NOW=$(date +%s) LAST=$(cat ${RAM}/GUI 2> /dev/null) delta=$(( $NOW - $LAST )) echo $delta > ${RAM}/delta if [ $delta -gt $GraceTime ] then date +%s > ${RAM}/exit # grace time is over /usr/bin/rm -f ${RAM}/GUI ${RAM}/delta fi fi if [ -d ${RAM} ] && [ -s ${RAM}/GUI ] ; then if [[ -r ${RAM}/TAR/tarball.tgz} ]] ; then # analysis of recent ${FETCH} is still taking place, abort. exit 1 fi /usr/bin/rm -f $FETCH > /dev/null 2>&1 ${CBHOME}/safewebdrop/bin/requesttarball if [[ -r $FETCH ]]; then /usr/bin/chmod 600 $FETCH 2> /dev/null /usr/bin/mv $FETCH ${RAM}/TAR 2> /dev/null ${CBHOME}/safewebdrop/bin/analysetarball 2> /dev/null FETCHFILE="${RAM}/tarball-$(/usr/bin/date +%y.%m.%d-%H.%M).tgz" /usr/bin/mv ${FETCH} ${FETCHFILE} 2> /dev/null /usr/bin/chmod 400 ${FETCHFILE} 2> /dev/null # remove if size is 0 if [ ! -s ${FETCHFILE} ] then /usr/bin/rm -f ${FETCHFILE} fi fi fi exit 0