From 37cedbdd3e4b1f9835d4fd0c6787c5baeb1a149a Mon Sep 17 00:00:00 2001 From: moparisthebest Date: Fri, 20 Jan 2017 01:42:30 -0500 Subject: [PATCH] Add encryption support to http_upload.sh --- http_upload.sh | 19 ++++++++++++++++++- open-screeny.sh | 4 ++-- readme.md | 3 +++ 3 files changed, 23 insertions(+), 3 deletions(-) diff --git a/http_upload.sh b/http_upload.sh index e64abff..69e9d4b 100755 --- a/http_upload.sh +++ b/http_upload.sh @@ -9,10 +9,25 @@ set -e [ -z "$http_upload_hmac_key" ] && echo "variable http_upload_hmac_key must be set, exiting..." 1>&2 && exit 1 [ -z "$http_upload_file_size_limit" ] && http_upload_file_size_limit=$((100 * 1024 * 1024)) # bytes, default to 100 * 1024 * 1024 = 100 MB +encrypt=0 +[ -z "$http_upload_encrypt" ] && encrypt=$http_upload_encrypt +[ "$1" == '-e' ] && encrypt=1 && shift +[ "$2" == '-e' ] && encrypt=1 + file_to_upload="$1" base_name="$(basename "$file_to_upload")" +tag='' +if [ $encrypt -eq 1 ] +then + iv_key="$(openssl rand -hex 48)" + orig_file_to_upload="$file_to_upload" + file_to_upload="$(mktemp)" + aesgcm "$iv_key" enc < "$orig_file_to_upload" > "$file_to_upload" + tag="#$iv_key" +fi + file_size="$(stat -c %s "$file_to_upload")" [ $file_size -gt $http_upload_file_size_limit ] && echo "file size $file_size greater than limit of $http_upload_file_size_limit, exiting..." 1>&2 && exit 1 @@ -25,4 +40,6 @@ get_url="${http_upload_url}${uuid}/${base_name}" curl -f -T "$file_to_upload" "${get_url}?v=${hmac_secret}" -echo "$get_url" +echo -n "${get_url}${tag}" + +[ $encrypt -eq 1 ] && rm "$file_to_upload" diff --git a/open-screeny.sh b/open-screeny.sh index de16b49..d8e420f 100755 --- a/open-screeny.sh +++ b/open-screeny.sh @@ -13,7 +13,7 @@ set -e # exit on error [ -z "$puush_api_key" ] && export puush_api_key='' # find API key here: http://puush.me/account/settings [ -z "$imgur_api_key" ] && export imgur_api_key='486690f872c678126a2c09a9e196ce1b' # nabbed from here: https://github.com/dave1010/scripts/blob/master/shoot [ -z "$imgup_path" ] && export imgup_path='' # example: 'ssh user@host ~/imgup.sh ~/htdocs/s http://host/s png' -[ -z "$http_upload_path" ] && export http_upload_path='' # example: '~/bin/http_upload.sh' without quotes where your required variables are already exported +[ -z "$http_upload_path" ] && export http_upload_path='' # example: '~/bin/http_upload.sh' without quotes where your required variables are already exported, add -e for encryption # if these are empty, go with defaults we know to exist and work without configuration [ -z "$upload" ] && export upload='imgur' # must be one of 'puush', 'imgur', 'imgup', or 'http_upload' @@ -42,7 +42,7 @@ function upload_imgup { function upload_http_upload { [ -z "$http_upload_path" ] && echo '$imgup_path is empty, cannot upload!' && return - "$http_upload_path" "$1" + $http_upload_path "$1" } #################################################################################################################################### diff --git a/readme.md b/readme.md index fa3c71d..27c56aa 100644 --- a/readme.md +++ b/readme.md @@ -25,6 +25,8 @@ Mainly meant to be used for images from scripts like open-screeny.sh, it can rea Required dependencies are openssl, curl, and standard unix utilities stat, awk, and basename +Optional dependencies include aesgcm from [ImageDownloader][6] which is used to encrypt files just like Conversations and gajim do with http_upload before upload. Either set the variable http_upload_encrypt to 1 or pass -e to the script as the first or second argument to enable this encryption. + imgup.sh ------------ This script reads a file from stdin, and moves it to a certain directory with the shortest name possible that doesn't conflict based on the sha1sum, then echos the URL the file will be available at. @@ -47,3 +49,4 @@ nginx_http_upload.php is licensed seperately as mentioned at the top of the file [4]: http://b1t.it/ [5]: https://github.com/Hidendra/puush-api [6]: https://modules.prosody.im/mod_http_upload_external.html +[7]: https://github.com/moparisthebest/ImageDownloader \ No newline at end of file