mirror/webgui
1
0
Fork 0
mirror of https://github.com/unraid/webgui.git synced 2026-04-23 10:38:50 -05:00
Code Issues Packages Projects Releases Wiki Activity

More encryption passphrase handling changes.

Browse Source
This commit is contained in:
Tom Mortensen
2017-09-18 12:44:23 -07:00
parent a1811d1533
commit 448e1ee8d8
1 changed files with 36 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files
plugins/dynamix/EncryptionSettings.page
+36 -39
View File
@@ -18,28 +18,34 @@ Tag="key"
<? <?
$keyfile = file_exists($var['luksKeyfile']) ? $var['luksKeyfile']:''; $keyfile = file_exists($var['luksKeyfile']) ? $var['luksKeyfile']:'';
$online = $var['fsState']=='Stopped' ? '':'disabled'; $online = $var['fsState']=='Stopped' ? '':'disabled';
$allwrong = $var['fsState']=='Stopped' && $var['fsNumEncrypted']>0 && $var['fsNumEncrypted']==$var['fsNumWrongKey'];
?> ?>
<script> <script>
<?if ($keyfile):?> <?if ($keyfile):?>
function prepareInput(form) {
form.keyfile.disabled = true;
}
function toggleApply(checked) { function toggleApply(checked) {
$('input[name="#apply"]').prop('disabled',!checked); $('input[name="#apply"]').prop('disabled',!checked);
} }
<?else:?> <?else:?>
var forced = <?=$var['fsNumEncrypted']==0 ? 'true':'false'?>; var forced = <?=$var['fsNumEncrypted']==0 ? 'true':'false'?>;
var confirm = forced || <?=$var['luksRestricted']!='yes' ? 'true':'false'?>;
function toggleApply(form) {
var disabled = confirm ? form.text.value!=form.copy.value:form.text.value=='';
form.apply.disabled = disabled;
}
function prepareInput(form) { function prepareInput(form) {
$.post('/update.htm',{luksRestricted:form.luksRestricted.value,changeDisk:'apply'}); if (form.luksReformat && form.luksReformat.checked)
$.post('/update.htm',{luksRestricted:form.luksRestricted.value,luksReformat:'yes',changeDisk:'apply'});
else
$.post('/update.htm',{luksRestricted:form.luksRestricted.value,changeDisk:'apply'});
if (form.text.value || form.file.value) { if (form.text.value || form.file.value) {
form.input.disabled = true; form.input.disabled = true;
form.local.disabled = true; form.local.disabled = true;
form.copy.disabled = true; form.copy.disabled = true;
} }
} }
function toggleApply(form) {
var disabled = forced ? form.text.value!=form.copy.value : form.text.value=='';
form.apply.disabled = disabled;
}
function selectInput(form) { function selectInput(form) {
if (form.input.value == 'text') { if (form.input.value == 'text') {
form.file.value = ''; form.file.value = '';
@@ -59,8 +65,7 @@ function showPass(checked) {
} }
function showRetype(form) { function showRetype(form) {
if (form.input.value=='file') return; if (form.input.value=='file') return;
confirm = forced || form.luksRestricted.value!='yes'; confirm = forced || form.luksReformat.checked;
toggleApply(form);
if (confirm) $('#retype').show(); else $('#retype').hide(); if (confirm) $('#retype').show(); else $('#retype').hide();
} }
function getFileContent(event,form) { function getFileContent(event,form) {
@@ -70,14 +75,15 @@ function getFileContent(event,form) {
reader.readAsDataURL(input.files[0]); reader.readAsDataURL(input.files[0]);
} }
$(function(){ $(function(){
if (confirm) $('#retype').show(); if (forced) $('#retype').show();
}); });
<?endif;?> <?endif;?>
</script> </script>
<?if ($keyfile):?> <form markdown="1" name="encrypt_settings" method="POST" action="/update.php" target="progressFrame" onsubmit="prepareInput(this)">
<form markdown="1" name="encrypt_settings" method="POST" action="/update.php" target="progressFrame">
<input type="hidden" name="#file" value="unused"> <input type="hidden" name="#file" value="unused">
<input type="hidden" name="#include" value="webGui/include/KeyUpload.php"> <input type="hidden" name="#include" value="webGui/include/KeyUpload.php">
<input type="hidden" name="file" value="">
<?if ($keyfile):?>
Encryption key: Encryption key:
: <?=$keyfile?> : <?=$keyfile?>
@@ -92,38 +98,20 @@ Encryption key:
> With array Started, the keyfile may be deleted to ensure there is no encryption key present on the server when > With array Started, the keyfile may be deleted to ensure there is no encryption key present on the server when
> the array is online. Note that plugins are installed and may execute before and during the array Start process. > the array is online. Note that plugins are installed and may execute before and during the array Start process.
Delete <input type="checkbox" onchange="toggleApply(this.checked)"> Delete <input type="checkbox" name="keyfile" onchange="toggleApply(this.checked)">
: <input type="submit" name="#apply" value="Delete" disabled><input type="button" value="Done" class="lock" onclick="done()"> : <input type="submit" name="#apply" value="Delete" disabled><input type="button" value="Done" class="lock" onclick="done()">
</form>
<?if ($var['luksRestricted']=='no' && $online):?>
<form markdown="1" name="start_settings" method="POST" action="/update.htm" target="progressFrame">
<input type="hidden" name="luksRestricted" value="yes">
Reset **RESTRICTED START** to normal operation<input type="checkbox" onchange="this.form.changeDisk.disabled=!this.checked">
: <input type="submit" name="changeDisk" value="Reset" disabled>
</form>
<?endif;?>
<?else:?> <?else:?>
<form markdown="1" name="encrypt_settings" method="POST" action="/update.php" target="progressFrame" onsubmit="prepareInput(this)">
<input type="hidden" name="#file" value="unused">
<input type="hidden" name="#include" value="webGui/include/KeyUpload.php">
<input type="hidden" name="file" value="">
Encryption key: Encryption key:
: Not present : Not present
Restricted Start: Restricted Start:
: <select name="luksRestricted" size="1" onchange="showRetype(this.form)"<?=$online?>> : <select name="luksRestricted" size="1" <?=$online?>>
<?=mk_option($var['luksRestricted'], "yes", "Yes")?> <?=mk_option($var['luksRestricted'], "yes", "Yes")?>
<?=mk_option($var['luksRestricted'], "no", "No")?> <?=mk_option($var['luksRestricted'], "no", "No")?>
</select> </select>
> When set to **Yes** the array cannot Start if the encryption passphrase/keyfile is missing or wrong. > When set to **Yes** the array cannot Start if the encryption passphrase/keyfile is *missing*.
> This is the normal setting.
>
> When set to **No** the array may be Started and:
>
> * If the passphrase/keyfile is **missing**, then encrypted volumes will not be mounted and cannot be formatted.
> * If the passphrase/keyfile is **different**, then encrypted volumes will appear Unmountable and may be formatted with the new key.
Encryption input: Encryption input:
: <select name="input" size="1" onchange="selectInput(this.form)"<?=$online?>> : <select name="input" size="1" onchange="selectInput(this.form)"<?=$online?>>
@@ -139,11 +127,6 @@ Encryption input:
Passphrase: Passphrase:
: <input type="password" name="text" maxlength="512" value=""<?=$online?> onKeyUp="toggleApply(this.form)"><?if (!$online):?><input id="eye" type="checkbox" onchange="showPass(this.checked)">show passphrase<?endif;?> : <input type="password" name="text" maxlength="512" value=""<?=$online?> onKeyUp="toggleApply(this.form)"><?if (!$online):?><input id="eye" type="checkbox" onchange="showPass(this.checked)">show passphrase<?endif;?>
<div id="retype" markdown="1" style="display:none">
Retype passphrase:
: <input type="password" name="copy" maxlength="512" value=""<?=$online?> onKeyUp="toggleApply(this.form)">
</div>
> Enter a passphrase of up to 512 characters. It is highly advisable to only use the 95 printable characters from the > Enter a passphrase of up to 512 characters. It is highly advisable to only use the 95 printable characters from the
> first 128 characters of the [ASCII table](https://en.wikipedia.org/wiki/ASCII), as they will always have the same binary > first 128 characters of the [ASCII table](https://en.wikipedia.org/wiki/ASCII), as they will always have the same binary
> representation. Other characters may have different encoding depending on system configuration and your passphrase will > representation. Other characters may have different encoding depending on system configuration and your passphrase will
@@ -154,6 +137,20 @@ Retype passphrase:
> >
> **Memorize** this passphrase. **IF LOST, ENCRYPTED CONTENT CANNOT BE RECOVERED!** > **Memorize** this passphrase. **IF LOST, ENCRYPTED CONTENT CANNOT BE RECOVERED!**
<?if ($allwrong):?>
&nbsp;
: <input name="luksReformat" type="checkbox" onchange="showRetype(this.form)" <?=$online?>>permit reformat
> To permit re-Format of encrypted devices, check this box and retype the passphrase.
<?endif;?>
<div id="retype" markdown="1" style="display:none">
Retype passphrase:
: <input type="password" name="copy" maxlength="512" value=""<?=$online?> onKeyUp="toggleApply(this.form)">
</div>
</div> </div>
<div id="file" markdown="1" style="display:none"> <div id="file" markdown="1" style="display:none">
Keyfile: Keyfile:
@@ -165,6 +162,6 @@ Keyfile:
</div> </div>
<input type="button" value="Benchmark" onclick="openBox('/webGui/include/CryptoBenchmark.php','Encryption Benchmarking',600,640)"> <input type="button" value="Benchmark" onclick="openBox('/webGui/include/CryptoBenchmark.php','Encryption Benchmarking',600,640)">
: <input type="submit" name="apply" value="Apply" class="lock"><input type="button" value="Done" onclick="done()"><?if ($online):?>Array must be <span class="strong big">Stopped</span> to change<?endif;?> : <input type="submit" name="apply" value="Apply"><input type="button" value="Done" onclick="done()"><?if ($online):?>Array must be <span class="strong big">Stopped</span> to change<?endif;?>
</form>
<?endif;?> <?endif;?>
</form>