wok rev 12906
move zerobin from undigest
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Tue May 29 17:26:27 2012 +0200 (2012-05-29) |
| parents | 42924af752bc |
| children | e9e7c1c5617e |
| files | zerobin/receipt zerobin/stuff/zerobin.js zerobin/stuff/zerobin.u |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/zerobin/receipt Tue May 29 17:26:27 2012 +0200 1.3 @@ -0,0 +1,67 @@ 1.4 +# SliTaz package receipt. 1.5 + 1.6 +PACKAGE="zerobin" 1.7 +VERSION="0.15_alpha" 1.8 +CATEGORY="network" 1.9 +SHORT_DESC="Online pastebin where the server has zero knowledge of pasted data." 1.10 +MAINTAINER="pascal.bellard@slitaz.org" 1.11 +TARBALL="${PACKAGE}_$VERSION.zip" 1.12 +WEB_SITE="http://sebsauvage.net/wiki/doku.php?id=php:zerobin" 1.13 +WGET_URL="http://sebsauvage.net/files/$TARBALL" 1.14 + 1.15 +DEPENDS="php" 1.16 +SUGGESTED="php-gd" 1.17 + 1.18 +# Rules to configure and make the package. 1.19 +compile_rules() 1.20 +{ 1.21 + cd $src 1.22 + patch -p0 < $stuff/zerobin.u 1.23 + dos2unix *.txt *.php tpl/*.html lib/*.js lib/*.php lib/*.css 1.24 +} 1.25 + 1.26 +# Rules to gen a SliTaz package suitable for Tazpkg. 1.27 +genpkg_rules() 1.28 +{ 1.29 + mkdir -p $fs/usr/share/zerobin 1.30 + cp -a $src/* $fs/usr/share/zerobin 1.31 + chown -R www.www $fs/usr/share/zerobin 1.32 +} 1.33 + 1.34 +# Post and pre install commands 1.35 +post_install() 1.36 +{ 1.37 + # Configure lighttpd server 1.38 + if [ -f $1/etc/lighttpd/lighttpd.conf ]; then 1.39 + if ! grep -q /usr/share/zerobin/ $1/etc/lighttpd/lighttpd.conf; then 1.40 + sed -e 's|.*"/examples/" => "/usr/share/examples/",| "/examples/" => "/usr/share/examples/",\n "/paste/" => "/usr/share/zerobin/",|g' -i $1/etc/lighttpd/lighttpd.conf 1.41 + if [ -z "$1" ]; then 1.42 + # Start Web server. 1.43 + /etc/init.d/lighttpd stop 1.44 + /etc/init.d/lighttpd start 1.45 + fi 1.46 + fi 1.47 + fi 1.48 + # Configure apache server 1.49 + if [ -f $1/etc/apache/httpd.conf ]; then 1.50 + sed -i 's/lighttpd/apache/' $1/etc/rcS.conf 1.51 + if [ ! -f $1/etc/apache/conf.d/zerobin ]; then 1.52 + cat > $1/etc/apache/conf.d/zerobin <<EOT 1.53 +<IfModule mod_alias.c> 1.54 + Alias /paste /usr/share/zerobin/ 1.55 +</IfModule> 1.56 +<DirectoryMatch /usr/share/zerobin/> 1.57 + php_value upload_max_filesize 2147483647 1.58 + DirectoryIndex index.php 1.59 + AllowOverride None 1.60 + Order allow,deny 1.61 + Allow from all 1.62 +</DirectoryMatch> 1.63 +EOT 1.64 + if [ -z "$1" ]; then 1.65 + # Start Web server. 1.66 + /etc/init.d/apache restart 1.67 + fi 1.68 + fi 1.69 + fi 1.70 +}
2.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 2.2 +++ b/zerobin/stuff/zerobin.js Tue May 29 17:26:27 2012 +0200 2.3 @@ -0,0 +1,216 @@ 2.4 +/* ZeroBin 0.11 - http://sebsauvage.net/wiki/doku.php?id=php:zerobin */ 2.5 + 2.6 +// Compress a message (deflate compression). Returns base64 encoded data. 2.7 +function compress(message) { return Base64.toBase64(RawDeflate.deflate(Base64.utob(message))); } 2.8 + 2.9 +// Decompress a message compressed with compress(). 2.10 +function decompress(data) { return Base64.btou(RawDeflate.inflate(Base64.fromBase64(data))) } 2.11 + 2.12 +/* 2.13 + Encrypt the message with a random key. 2.14 + Output: An array with two items: 2.15 + 'data' (string) : json encoded data to store on server side (containing ciphertext,iv and salt) 2.16 + 'key' (string: the key (encoded in base64) to be kept on client side. 2.17 + 2.18 + Example: 2.19 + c = randomCipher("Hello, world !"); 2.20 + document.write("Data for server side: "); 2.21 + document.write(c.data); 2.22 + document.write('<br>Key at client side: '); 2.23 + document.write(c.key); 2.24 + Output: 2.25 + Data for server side: {"iv":"a6ZEUEtK2jNcGsdIsKKj9g","salt":"/7wDPD4JRik","ct":"qdD97HChan6B9OShjfBDmQKbw8/1ehdO1u/KbC/r85c"} 2.26 + Key at client side: VjxODsAaUwar6LJOcc0yaknnUr5XHeg/m7Sn5UF+TC4= 2.27 +*/ 2.28 +function randomCipher(message) 2.29 +{ 2.30 + var randomkey = (window.location.hash.length > 2) ? 2.31 + // force key 2.32 + window.location.hash.substring(1) : 2.33 + // Generate a random 256 bits key, encoded in base64: 2.34 + sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0); 2.35 + var data = sjcl.encrypt(sjcl.misc.pbkdf2(randomkey,0),compress(message)); 2.36 + return {'data':data,'key':randomkey}; 2.37 +} 2.38 + 2.39 +// Decrypts data encrypted with randomCipher() 2.40 +function randomDecipher(key,data) 2.41 +{ 2.42 + return decompress(sjcl.decrypt(sjcl.misc.pbkdf2(key,0),data)); 2.43 +} 2.44 + 2.45 +// Returns the current script location (without search or hash part of the URL). 2.46 +// eg. http://server.com/zero/?aaaa#bbbb --> http://server.com/zero/ 2.47 +function scriptLocation() 2.48 +{ 2.49 + return window.location.href.substring(0,window.location.href.length 2.50 + -window.location.search.length -window.location.hash.length); 2.51 +} 2.52 + 2.53 +// Show decrypted text in the display area 2.54 +function displayCleartext(text) 2.55 +{ 2.56 + if ($('#oldienotice').is(":visible")) // For IE<10. 2.57 + { 2.58 + // IE<10 do not support white-space:pre-wrap; so we have to do this BIG UGLY STINKING THING. 2.59 + $('#cleartext').text(text.replace(/\n/ig,'{BIG_UGLY_STINKING_THING__OH_GOD_I_HATE_IE}')); 2.60 + $('#cleartext').html($('#cleartext').text().replace(/{BIG_UGLY_STINKING_THING__OH_GOD_I_HATE_IE}/ig,"\r\n<br>")); 2.61 + } 2.62 + else // for other (sane) browsers: 2.63 + { 2.64 + $('#cleartext').text(text); 2.65 + } 2.66 + urls2links($('#cleartext')); // Convert URLs to clickable links. 2.67 +} 2.68 + 2.69 +// Send data to server 2.70 +function send_data() 2.71 +{ 2.72 + if ($('#message').val().length==0) return; // Do not send if no data. 2.73 + showStatus('Sending data...'); 2.74 + var c=randomCipher($('#message').val()); 2.75 + $.post(scriptLocation(), { data:c.data,expire:$('select#pasteExpiration').val() },'json' ) 2.76 + .error( function() { showError('Data could not be sent.'); } ) 2.77 + .success(function(data) 2.78 + { 2.79 + var jdata = jQuery.parseJSON(data); 2.80 + if (data.status==0) 2.81 + { 2.82 + stateExistingPaste(); 2.83 + var url=scriptLocation()+"?"+data.id+'#'+c.key; 2.84 + showStatus(''); 2.85 + $('#pastelink').html('Your paste is <a href="'+url+'">'+url+'</a>'); 2.86 + $('#pastelink').append(' <button id="shortenbutton" onclick="document.location=\''+shortenUrl(url)+'\'"><img src="lib/icon_shorten.png#" width="13" height="15" />Shorten URL</button>'); 2.87 + $('#pastelink').show(); 2.88 + displayCleartext($('#message').val()); 2.89 + } 2.90 + else if (data.status==1) 2.91 + { 2.92 + showError('Could not create paste: '+data.message); 2.93 + } 2.94 + else 2.95 + { 2.96 + showError('Could not create paste.'); 2.97 + } 2.98 + } 2.99 + ); 2.100 +} 2.101 + 2.102 +// Put the screen in "New paste" mode. 2.103 +function stateNewPaste() 2.104 +{ 2.105 + sjcl.random.startCollectors(); 2.106 + $('#sendbutton').show(); 2.107 + $('#clonebutton').hide(); 2.108 + $('#expiration').show(); 2.109 + $('#language').hide(); // $('#language').show(); 2.110 + $('#password').hide(); //$('#password').show(); 2.111 + $('#newbutton').show(); 2.112 + $('#pastelink').hide(); 2.113 + $('#message').text(''); 2.114 + $('#message').show(); 2.115 + $('#cleartext').hide(); 2.116 + $('#hashes').hide(); 2.117 + $('#message').focus(); 2.118 +} 2.119 + 2.120 +// Put the screen in "Existing paste" mode. 2.121 +function stateExistingPaste() 2.122 +{ 2.123 + sjcl.random.startCollectors(); 2.124 + $('#sendbutton').hide(); 2.125 + if (!$('#oldienotice').is(":visible")) $('#clonebutton').show(); // Not "clone" for IE<10. 2.126 + $('#expiration').hide(); 2.127 + $('#language').hide(); 2.128 + $('#password').hide(); 2.129 + $('#newbutton').show(); 2.130 + $('#pastelink').hide(); 2.131 + $('#message').hide(); 2.132 + $('#cleartext').show(); 2.133 + $('#hashes').show(); 2.134 +} 2.135 + 2.136 +// Clone the current paste. 2.137 +function clonePaste() 2.138 +{ 2.139 + stateNewPaste(); 2.140 + showStatus(''); 2.141 + $('#message').text($('#cleartext').text()); 2.142 +} 2.143 + 2.144 +// Create a new paste. 2.145 +function newPaste() 2.146 +{ 2.147 + stateNewPaste(); 2.148 + showStatus(''); 2.149 + $('#message').text(''); 2.150 +} 2.151 + 2.152 +// Display an error message 2.153 +function showError(message) 2.154 +{ 2.155 + $('#status').addClass('errorMessage').text(message); 2.156 +} 2.157 + 2.158 +// Display status 2.159 +function showStatus(message) 2.160 +{ 2.161 + $('#status').removeClass('errorMessage'); 2.162 + if (!message) { $('#status').html(' '); return; } 2.163 + if (message=='') { $('#status').html(' '); return; } 2.164 + $('#status').text(message); 2.165 +} 2.166 + 2.167 +// Generate link to URL shortener. 2.168 +function shortenUrl(url) 2.169 +{ 2.170 + return 'http://snipurl.com/site/snip?link='+encodeURIComponent(url); 2.171 +} 2.172 + 2.173 +// Convert URLs to clickable links. 2.174 +// Input: element : a jQuery DOM element. 2.175 +// Example URLs to handle: 2.176 +// magnet:?xt.1=urn:sha1:YNCKHTQCWBTRNJIV4WNAE52SJUQCZO5C&xt.2=urn:sha1:TXGCZQTH26NL6OUQAJJPFALHG2LTGBC7 2.177 +// http://localhost:8800/zero/?6f09182b8ea51997#WtLEUO5Epj9UHAV9JFs+6pUQZp13TuspAUjnF+iM+dM= 2.178 +// http://user:password@localhost:8800/zero/?6f09182b8ea51997#WtLEUO5Epj9UHAV9JFs+6pUQZp13TuspAUjnF+iM+dM= 2.179 +// FIXME: add ppa & apt links. 2.180 +function urls2links(element) 2.181 +{ 2.182 + var re = /((http|https|ftp):\/\/[\w?=&.\/-;#@~%+-]+(?![\w\s?&.\/;#~%"=-]*>))/ig; 2.183 + element.html(element.html().replace(re,'<a href="$1" rel="nofollow">$1</a>')); 2.184 + var re = /((magnet):[\w?=&.\/-;#@~%+-]+)/ig; 2.185 + element.html(element.html().replace(re,'<a href="$1">$1</a>')); 2.186 +} 2.187 + 2.188 +$(document).ready(function() { 2.189 + if ($('#cipherdata').text().length>1) // Display an existing paste 2.190 + { 2.191 + if (window.location.hash.length==0) // Missing decryption key in URL ? 2.192 + { 2.193 + showError('Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector which strips part of the URL ?)'); 2.194 + return; 2.195 + } 2.196 + var data = $('#cipherdata').text(); 2.197 + try { 2.198 + // Get key and decrypt data 2.199 + var key = window.location.hash.substring(1); 2.200 + // Strip &utm_source=... parameters added after the anchor by some stupid web 2.0 services. 2.201 + // We simply strip everything after & 2.202 + i = key.indexOf('&'); if (i>-1) { key = key.substring(0,i); } 2.203 + if (key.charAt(key.length-1)!=='=') key+='='; // Add trailing = if missing. 2.204 + var cleartext = randomDecipher(key,data); 2.205 + stateExistingPaste(); // Show proper elements on screen. 2.206 + displayCleartext(cleartext); 2.207 + } catch(err) { 2.208 + showError('Could not decrypt data (Wrong key ?)'); 2.209 + } 2.210 + } 2.211 + else if ($('#errormessage').text().length>1) // Display error message from php code. 2.212 + { 2.213 + showError($('#errormessage').text()); 2.214 + } 2.215 + else // Create a new paste. 2.216 + { 2.217 + newPaste(); 2.218 + } 2.219 +});
3.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 3.2 +++ b/zerobin/stuff/zerobin.u Tue May 29 17:26:27 2012 +0200 3.3 @@ -0,0 +1,15 @@ 3.4 +--- lib/zerobin.js 3.5 ++++ lib/zerobin.js 3.6 +@@ -180,7 +180,11 @@ 3.7 + { 3.8 + if ($('textarea#message').val().length==0) return; // Do not send if no data. 3.9 + showStatus('Sending paste...',spin=true); 3.10 +- var randomkey = sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0); 3.11 ++ var randomkey = (window.location.hash.length > 2) ? 3.12 ++ // force key 3.13 ++ window.location.hash.substring(1) : 3.14 ++ // Generate a random 256 bits key, encoded in base64: 3.15 ++ sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0); 3.16 + var cipherdata = zeroCipher(randomkey,$('textarea#message').val()); 3.17 + var data_to_send = { data:cipherdata, 3.18 + expire:$('select#pasteExpiration').val(),