[Forensics-changes] [wipe] 01/02: Imported Upstream version 0.24
Joao Eriberto Mota Filho
eriberto at moszumanska.debian.org
Wed Nov 9 11:58:56 UTC 2016
This is an automated email from the git hooks/post-receive script.
eriberto pushed a commit to branch debian
in repository wipe.
commit 109bd4cbacf092abebbec059b39f09e012c6802f
Author: Joao Eriberto Mota Filho <eriberto at debian.org>
Date: Wed Nov 9 09:58:33 2016 -0200
Imported Upstream version 0.24
---
CHANGES | 11 ++
Makefile | 4 +-
README | 3 +-
wipe.1 | 26 +++--
wipe.c | 345 ++++++++++++++++++++++++++++++++++++++++----------------------
wipe.tr.1 | 2 -
6 files changed, 256 insertions(+), 135 deletions(-)
diff --git a/CHANGES b/CHANGES
index 44500ce..053c344 100644
--- a/CHANGES
+++ b/CHANGES
@@ -109,3 +109,14 @@ Sun Nov 07 09:30:10 EST 2010
version 0.22 - Include patch by Karako Miklos to skip a number of patches.
Also did a clean up of headers (remove obsolete addresses
and CVS tags).
+
+Tue Nov 11 08:06:35 EST 2010
+ version 0.23 - To conform to Gutmann's paper, randomize only
+ deterministic passes (as pointed out by Karako) and not
+ the whole order. (pointed out by K. Miklos). Fix
+ unreadable message displayed with the -X option.
+
+Wed Nov 2 23:24:07 PDT 2016
+ version 0.24 - Integrated Debian patches from 0.22-4 per Joao
+ Eriberto Mota Filho's suggestion, except
+ 50_hide-filenames.patch.
diff --git a/Makefile b/Makefile
index 17d9758..5757ae3 100644
--- a/Makefile
+++ b/Makefile
@@ -45,7 +45,7 @@ CC_LINUX=gcc
CCO_LINUX=-Wall -DHAVE_DEV_URANDOM -DHAVE_OSYNC -DHAVE_STRCASECMP -DHAVE_RANDOM -DWEAK_RC6 -DSYNC_WAITS_FOR_SYNC -DFIND_DEVICE_SIZE_BY_BLKGETSIZE -DSIXTYFOUR -D__USE_LARGEFILE -D_FILE_OFFSET_BITS=64
# default should be to turn off debugging and to turn on optimization.
#CCO_LINUX+=-O9 -pipe -fomit-frame-pointer -finline-functions -funroll-loops -fstrength-reduce
-CCO_LINUX+=$(CFLAGS)
+CCO_LINUX+=$(CFLAGS) $(LDFLAGS) $(CPPFLAGS)
#CCO_LINUX+=-DDEBUG -g
CCOC_LINUX=-c
@@ -71,7 +71,7 @@ CCOC_AIX=-c
#
CC_GENERIC=gcc
-CCO_GENERIC=-Wall -O6 -pipe -fomit-frame-pointer -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64
+CCO_GENERIC=-Wall -O6 -pipe -fomit-frame-pointer -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 $(CFLAGS) $(LDFLAGS) $(CPPFLAGS)
CCOC_GENERIC=-c
# Thanks to Chris L. Mason <cmason at unixzone.com> for these:
diff --git a/README b/README
index a5fa167..805dd7c 100644
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
-wipe 0.23 by Berke Durak Sun Nov 07 2009
+wipe 0.24 by Berke Durak Wed Nov 02 2016
WHAT IS WIPE ?
@@ -142,6 +142,7 @@ they are:
Paul H. Hargrove
Peter Miller, for contributing an ETA patch
Thomas Schoepf
+ Joao Eriberto Mota Filho
INSTALLATION
diff --git a/wipe.1 b/wipe.1
index fd0670b..eec76d3 100644
--- a/wipe.1
+++ b/wipe.1
@@ -25,8 +25,9 @@ repeatedly overwrites special patterns to the files to be destroyed, using the
fsync() call and/or the O_SYNC bit to force disk access. In normal mode, 34
patterns are used (of which 8 are random). These patterns were recommended in
an article from Peter Gutmann (pgut001 at cs.auckland.ac.nz) entitled "Secure
-Deletion of Data from Magnetic and Solid-State Memory". A quick mode allows you
-to use only 4 passes with random patterns, which is of course much less secure.
+Deletion of Data from Magnetic and Solid-State Memory". The normal mode takes
+35 passes (0-34). A quick mode allows you to use only 4 passes with random
+patterns, which is of course much less secure.
.SH NOTE ABOUT JOURNALING FILESYSTEMS AND SOME RECOMMENDATIONS (JUNE 2004)
Journaling filesystems (such as Ext3 or ReiserFS) are now being used by
@@ -85,7 +86,7 @@ Let's make this very clear. I want you to assume that this is a nasty program
that will wipe out parts of your files that you didn't want it to wipe. So whatever
happens after you launch
.B wipe
-is your entire responsiblity. In particular, no one guarantees that
+is your entire responsibility. In particular, no one guarantees that
.B wipe
will conform to the specifications given in this manual page.
@@ -160,7 +161,7 @@ random data. See option
.TP 0.5i
.B -Q <number-of-passes>
-Sets the number of passes for quick wiping. Default is 4.
+Sets the number of passes for quick wiping. Default is 4. This option requires -q.
.TP 0.5i
.B -a (abort on error)
@@ -203,7 +204,6 @@ environment variables, the current date and
time, its process id. etc. (the random device
argument will not be used). This is of course
the least secure setting.
-.SP
.TP 0.5i
.B -M (select pseudo-random number generator algorythm)
@@ -234,7 +234,6 @@ random(); the compile-time option WEAK_RC6 allows you to use a 4-round version
of RC6, which is faster. In order to be able to use RC6, wipe must be compiled
with ENABLE_RC6 defined; see the Makefile for warnings about patent issues.
-.SP
In all cases the PRNG is seeded with the data gathered from the random device
(see -R and -S options).
@@ -282,6 +281,19 @@ this is only attempted on regular files so there is no use if you use
for cleaning a block or special device.
.TP 0.5i
+.B -X <number>
+Skip a given number of passes. This is useful to continue wiping from a given point
+when you have been wiping, say, a large disk and had to interrupt the operation. Used
+with -x.
+
+.TP 0.5i
+.B -x <pass1>,...,<pass35>
+Specify the pass order. When
+.B wipe
+is interrupted, it will print the current randomly selected pass order permutation
+and the pass number as appropriate -x and -X arguments.
+
+.TP 0.5i
.B -F
Don't try to wipe file names. Normally,
.B wipe
@@ -354,7 +366,7 @@ excepting /var/log. It will not attempt to chmod() things. It will however be
verbose (option -i). It won't ask you to type ``yes'' because of the -f option.
.TP 0.5i
-.B wipe -Kq -l 1440k /dev/fd0
+.B wipe -kq -l 1440K /dev/fd0
Due to various idiosyncracies of the operating system, it's not always easy
to obtain the number of bytes a given device might contain (in fact, that
quantity can be variable). This is why you sometimes need to tell
diff --git a/wipe.c b/wipe.c
index 4a85762..5a215e8 100644
--- a/wipe.c
+++ b/wipe.c
@@ -24,9 +24,8 @@
/*** defines */
-#define WIPE_VERSION "0.22"
-#define WIPE_DATE "2010-11-07"
-#define WIPE_CVS "$Id: wipe.c,v 1.2 2004/06/12 17:49:47 berke Exp $"
+#define WIPE_VERSION "0.23"
+#define WIPE_DATE "2016-11-03"
/* exit codes */
@@ -65,6 +64,7 @@
#include <stdio.h>
#include <stdlib.h>
+#include <stdarg.h>
#include <unistd.h>
#ifdef FIND_DEVICE_SIZE_BY_BLKGETSIZE
@@ -128,6 +128,73 @@
/* more defines ***/
+/*** passinfo table */
+
+/* P.Gutmann, in his article, was recommening to make
+ * the DETERMINISTIC passes (i.e. those that don't write random data)
+ * in random order, and to make 4 random passes before and after these.
+ *
+ * Here, the deterministic and the 8 random passes are made in random
+ * order, unless, of course, the "quick" mode is selected.
+ */
+
+struct passinfo_s {
+ int type;
+ int len;
+ char *pat;
+} passinfo[] = {
+ { 0, 0, 0, }, /* 1 random */
+ { 0, 0, 0, }, /* 2 random */
+ { 0, 0, 0, }, /* 3 random */
+ { 0, 0, 0, }, /* 4 random */
+
+#define FIRST_DETERMINISTIC_PASS 4
+
+ { 1, 1, "\x55", }, /* 5 RLL MFM */
+ { 1, 1, "\xaa", }, /* 6 RLL MFM */
+ { 1, 3, "\x92\x49\x24", }, /* 7 RLL MFM */
+ { 1, 3, "\x49\x24\x92", }, /* 8 RLL MFM */
+ { 1, 3, "\x24\x92\x49", }, /* 9 RLL MFM */
+ { 1, 1, "\x00", }, /* 10 RLL */
+ { 1, 1, "\x11", }, /* 11 RLL */
+ { 1, 1, "\x22", }, /* 12 RLL */
+ { 1, 1, "\x33", }, /* 13 RLL */
+ { 1, 1, "\x44", }, /* 14 RLL */
+ { 1, 1, "\x55", }, /* 15 RLL */
+ { 1, 1, "\x66", }, /* 16 RLL */
+ { 1, 1, "\x77", }, /* 17 RLL */
+ { 1, 1, "\x88", }, /* 18 RLL */
+ { 1, 1, "\x99", }, /* 19 RLL */
+ { 1, 1, "\xaa", }, /* 20 RLL */
+ { 1, 1, "\xbb", }, /* 21 RLL */
+ { 1, 1, "\xcc", }, /* 22 RLL */
+ { 1, 1, "\xdd", }, /* 23 RLL */
+ { 1, 1, "\xee", }, /* 24 RLL */
+ { 1, 1, "\xff", }, /* 25 RLL */
+ { 1, 3, "\x92\x49\x24", }, /* 26 RLL MFM */
+ { 1, 3, "\x49\x24\x92", }, /* 27 RLL MFM */
+ { 1, 3, "\x24\x92\x49", }, /* 28 RLL MFM */
+ { 1, 3, "\x6d\xb6\xdb", }, /* 29 RLL */
+ { 1, 3, "\xb6\xdb\x6d", }, /* 30 RLL */
+ { 1, 3, "\xdb\x6d\xb6", }, /* 31 RLL */
+
+#define LAST_DETERMINISTIC_PASS 30
+
+ { 0, 0, 0, }, /* 32 random */
+ { 0, 0, 0, }, /* 33 random */
+ { 0, 0, 0, }, /* 34 random */
+ { 0, 0, 0, }, /* 35 random */
+};
+
+#define NUM_DETERMINISTIC_PASSES (LAST_DETERMINISTIC_PASS - FIRST_DETERMINISTIC_PASS + 1)
+
+#define MAX_PASSES (sizeof(passinfo)/(sizeof(*passinfo)))
+#define BUFT_RANDOM (1<<0)
+#define BUFT_USED (1<<1)
+
+/* Passinfo table ***/
+
+
/*** errno, num_* statistics, middle_of_line */
extern int errno;
@@ -171,6 +238,7 @@ int o_buffer_size = 1<<BUFLG2;
int o_wipe_length_set = 0;
int o_wipe_exact_size = 0;
int o_skip_passes = 0;
+int o_pass_order[MAX_PASSES] = { -1 };
/* End of Options ***/
@@ -190,6 +258,9 @@ int do_remove (char *fn)
/*** signal_handler */
+void (*abort_handler)(void *) = NULL;
+void *abort_handler_arg = NULL;
+
#ifdef SIGHANDLER_RETURNS_INT
int signal_handler (int i)
#else
@@ -200,10 +271,14 @@ void signal_handler (int i)
fflush (stderr);
if (middle_of_line) { fputc ('\n', stderr); middle_of_line = 0; }
fprintf (stderr, "*** Interrupted by signal %d\n", i);
+
+ if(abort_handler) abort_handler(abort_handler_arg);
+
/* exit () does fflush () */
exit (i == SIGINT?WIPE_EXIT_USER_ABORT:WIPE_EXIT_FAILURE);
}
+
/* signal_handler ***/
/*** fill_random_from_table */
@@ -262,64 +337,6 @@ void fill_pattern (char *b, int n, char *p, int l)
/* fill_pattern ***/
-/*** passinfo table */
-
-/* P.Gutmann, in his article, was recommening to make
- * the DETERMINISTIC passes (i.e. those that don't write random data)
- * in random order, and to make 4 random passes before and after these.
- *
- * Here, the deterministic and the 8 random passes are made in random
- * order, unless, of course, the "quick" mode is selected.
- */
-
-struct passinfo_s {
- int type;
- int len;
- char *pat;
-} passinfo[] = {
- { 0, 0, 0, }, /* 1 random */
- { 0, 0, 0, }, /* 2 random */
- { 0, 0, 0, }, /* 3 random */
- { 0, 0, 0, }, /* 4 random */
- { 1, 1, "\x55", }, /* 5 RLL MFM */
- { 1, 1, "\xaa", }, /* 6 RLL MFM */
- { 1, 3, "\x92\x49\x24", }, /* 7 RLL MFM */
- { 1, 3, "\x49\x24\x92", }, /* 8 RLL MFM */
- { 1, 3, "\x24\x92\x49", }, /* 9 RLL MFM */
- { 1, 1, "\x00", }, /* 10 RLL */
- { 1, 1, "\x11", }, /* 11 RLL */
- { 1, 1, "\x22", }, /* 12 RLL */
- { 1, 1, "\x33", }, /* 13 RLL */
- { 1, 1, "\x44", }, /* 14 RLL */
- { 1, 1, "\x55", }, /* 15 RLL */
- { 1, 1, "\x66", }, /* 16 RLL */
- { 1, 1, "\x77", }, /* 17 RLL */
- { 1, 1, "\x88", }, /* 18 RLL */
- { 1, 1, "\x99", }, /* 19 RLL */
- { 1, 1, "\xaa", }, /* 20 RLL */
- { 1, 1, "\xbb", }, /* 21 RLL */
- { 1, 1, "\xcc", }, /* 22 RLL */
- { 1, 1, "\xdd", }, /* 23 RLL */
- { 1, 1, "\xee", }, /* 24 RLL */
- { 1, 1, "\xff", }, /* 25 RLL */
- { 1, 3, "\x92\x49\x24", }, /* 26 RLL MFM */
- { 1, 3, "\x49\x24\x92", }, /* 27 RLL MFM */
- { 1, 3, "\x24\x92\x49", }, /* 28 RLL MFM */
- { 1, 3, "\x6d\xb6\xdb", }, /* 29 RLL */
- { 1, 3, "\xb6\xdb\x6d", }, /* 30 RLL */
- { 1, 3, "\xdb\x6d\xb6", }, /* 31 RLL */
- { 0, 0, 0, }, /* 32 random */
- { 0, 0, 0, }, /* 33 random */
- { 0, 0, 0, }, /* 34 random */
- { 0, 0, 0, }, /* 35 random */
-};
-
-#define MAX_PASSES (sizeof(passinfo)/(sizeof(*passinfo)))
-#define BUFT_RANDOM (1<<0)
-#define BUFT_USED (1<<1)
-
-/* Passinfo table ***/
-
/*** pattern buffers and wipe info declarations */
struct wipe_pattern_buffer {
@@ -335,9 +352,11 @@ struct wipe_info {
int random_length;
int n_passes;
int n_buffers;
+ int current_pass;
struct wipe_pattern_buffer random_buffers[RANDOM_BUFFERS];
struct wipe_pattern_buffer buffers[MAX_BUFFERS];
struct wipe_pattern_buffer *passes[MAX_PASSES];
+ int p[MAX_PASSES];
};
/* pattern buffers and wipe info declarations ***/
@@ -672,6 +691,21 @@ backspace(char *dst, const char *src)
*dst = '\0';
}
+void wipe_continuation_message(void *arg)
+{
+ int i;
+ struct wipe_info *wi = arg;
+
+ fprintf (stderr, "*** If you want to resume wiping while preserving the pass order, use these options:\n");
+ fprintf (stderr, "*** -X %d -x ", wi->current_pass);
+ for (i = 0; i<wi->n_passes; i++) {
+ if (i > 0) fprintf (stderr, ",");
+ fprintf (stderr, "%d", wi->p[i]);
+ }
+ fprintf(stderr, "\n");
+ fflush (stderr);
+}
+
/*** dothejob -- nonrecursive wiping of a single file or device */
/* determine parameters of region to be wiped
@@ -696,7 +730,6 @@ backspace(char *dst, const char *src)
static int dothejob (char *fn)
{
int fd;
- int p[MAX_PASSES];
int bpi = 0; /* block progress indicator enabled ? */
int i;
@@ -706,6 +739,8 @@ static int dothejob (char *fn)
static int wipe_info_initialized = 0;
struct wipe_pattern_buffer *wpb = 0;
+ int *p = wi.p;
+
struct stat st;
off_t buffers_to_wipe; /* number of buffers to write on device */
int first_buffer_size;
@@ -721,41 +756,48 @@ static int dothejob (char *fn)
if (!fn) {
if (wipe_info_initialized)
shut_wipe_info (&wi);
+ abort_handler = NULL;
return 0;
}
/* to do a cryptographically strong random permutation on the
- * order of the passes, we need lg_2(MAX_PASSES!) bits of entropy:
- * for MAX_PASSES=35, this means about 132 bits.
+ * order of the deterministic passes, we need
+ * lg_2(NUM_DETERMINISTIC_PASSES!) bits of entropy:
+ * this means about 128 bits.
*
* rand_seed () should give 31 bits of entropy per call
- * we need a maximum of lg_2(MAX_PASSES) bits of entropy per random
+ * we need a maximum of lg_2(NUM_DETERMNISTIC_PASSES) bits of entropy per random
* value. therefore we should call rand_seed () at least for
- * every 31/lg_2(MAX_PASSES) ~= 6 random values.
+ * every 31/lg_2(NUM_DETERMNISTIC_PASSES) ~= 6 random values.
*
* on the other way, as we'll constantly force disk access,
* /dev/urandom should have no difficulty providing us good random
* values.
*/
- if (!o_quick) {
+ if (!o_quick && o_pass_order[0] < 0) {
for (i = 0; i<MAX_PASSES; p[i]=i, i++);
- for (i = 0; i<MAX_PASSES-2; i++) {
+ for (i = 0; i<NUM_DETERMINISTIC_PASSES-2; i++) {
int a, b;
- /* a \in { 0, 1, ... MAX_PASSES-i-1 } */
+ /* a \in { 0, 1, ... NUM_DETERMINISTIC_PASSES-i-1 } */
- /* since MAX_PASSES-i is not necessarily a divisor of
- * 2^32, we won't get uniform distribution
- * with this. however, since MAX_PASSES is very
- * small compared to RAND_MAX, ti
+ /* since NUM_DETERMINISTIC_PASSES-i is not necessarily a divisor of
+ * 2^32, we won't get uniform distribution with this. however,
+ * since MAX_PASSES is very small compared to RAND_MAX, ti
*/
- a = rand_Get32 () % (MAX_PASSES-i);
- b = p[i+a];
- p[i+a] = p[i];
- p[i] = b;
+ a = rand_Get32 () % (NUM_DETERMINISTIC_PASSES-i);
+ b = p[FIRST_DETERMINISTIC_PASS+i+a];
+ p[FIRST_DETERMINISTIC_PASS+i+a] = p[FIRST_DETERMINISTIC_PASS+i];
+ p[FIRST_DETERMINISTIC_PASS+i] = b;
+ }
+ }
+
+ if (o_pass_order[0] >= 0) {
+ for (i = 0; i<MAX_PASSES; i++) {
+ p[i] = o_pass_order[i];
}
}
@@ -890,6 +932,8 @@ static int dothejob (char *fn)
if (!wipe_info_initialized) {
init_wipe_info (&wi);
wipe_info_initialized = 1;
+ abort_handler = wipe_continuation_message;
+ abort_handler_arg = &wi;
}
/* if the possibly existing leftover random buffers
@@ -919,18 +963,16 @@ static int dothejob (char *fn)
debugf ("buffers_to_wipe = %d, o_buffer_size = %d, wi.n_passes = %d",
buffers_to_wipe, o_buffer_size, wi.n_passes);
- if (o_skip_passes > 0) {
- printf ("\rSkip first %d pass(es)\n", o_skip_passes);
- }
-
/* do the passes */
eta_begin();
for (i = o_skip_passes; i<wi.n_passes; i++) {
ssize_t wr;
+ wi.current_pass = i;
+
if (!o_silent) {
if (o_quick)
- fprintf (stderr, "\rWiping %.32s, pass %d in quick mode ", fn, i);
+ fprintf (stderr, "\rWipoing %.32s, pass %d in quick mode ", fn, i);
else
fprintf (stderr, "\rWiping %.32s, pass %-2d (%-2d) ", fn, i, p[i]);
middle_of_line = 1;
@@ -956,7 +998,7 @@ static int dothejob (char *fn)
"[%8ld / %8ld]", (long) j, (long)buffers_to_wipe);
backspace(buf1_bs, buf1);
eta_progress(buf2, sizeof(buf2),
- ((double)i + ((double)j / buffers_to_wipe)) / wi.n_passes);
+ ((double) (i - o_skip_passes) + ((double)j / buffers_to_wipe)) / (wi.n_passes - o_skip_passes));
if (buf2[0])
pad(buf2, sizeof(buf2));
backspace(buf2_bs, buf2);
@@ -1032,6 +1074,10 @@ static int dothejob (char *fn)
}
}
+ /* skipping parameters are only meant for first file */
+ o_skip_passes = 0;
+ o_pass_order[0] = 1;
+
/* try to wipe out file size by truncating at various sizes... */
skip_wipe:
@@ -1192,7 +1238,9 @@ int recursive (char *fn)
if (!r && !o_no_remove && rmdir (fn)) { fnerror ("rmdir"); return -1; }
} else {
if (S_ISREG(st.st_mode)) {
- return dothejob (fn);
+ int rc = dothejob (fn);
+ abort_handler = NULL;
+ return rc;
} else if (S_ISLNK(st.st_mode)) { num_symlinks ++; }
else {
if (o_verbose) {
@@ -1216,11 +1264,10 @@ void banner ()
{
fprintf (stderr, "This is wipe version " WIPE_VERSION ".\n"
"\n"
- "Author: Berke Durak.\n"
+ "Author: Oguz Berke Antoine Durak.\n"
"Author's e-mail address: echo berke1lambda-diode2com|tr 12 @.\n"
"Web site: http://lambda-diode.com/software/wipe/\n"
"Release date: " WIPE_DATE "\n"
- "Compiled: " __DATE__ "\n"
"Git version: " WIPE_GIT "\n"
"\n"
"Based on data from \"Secure Deletion of Data from Magnetic and Solid-State\n"
@@ -1229,13 +1276,19 @@ void banner ()
/* banner ***/
-#define OPTSTR "X:DfhvrqspciR:S:M:kFZl:o:b:Q:T:P:e"
+#define OPTSTR "x:X:DfhvrqspciR:S:M:kFZl:o:b:Q:T:P:e"
/*** reject and usage */
-void reject (char *msg)
+void reject (char *msg, ...)
{
- fprintf (stderr, "Invocation error (-h for help): %s\n", msg);
+ va_list va;
+
+ va_start(va, msg);
+ fprintf (stderr, "Invocation error (-h for help): ");
+ vfprintf(stderr, msg, va);
+ fprintf(stderr, "\n");
+ va_end(va);
exit(WIPE_EXIT_MANIPULATION_ERROR);
}
@@ -1263,34 +1316,35 @@ void usage (void)
"\t\t-M (l|r) Set PRNG algorithm for filling blocks (and ordering passes)\n"
"\t\t\tl Use libc's "
#ifdef HAVE_RANDOM
- "random()"
+ "random()"
#else
- "rand()"
+ "rand()"
#endif
- " library call\n"
+ " library call\n"
#ifdef RC6_ENABLED
- "\t\t\tr Use RC6 encryption algorithm\n"
+ "\t\t\tr Use RC6 encryption algorithm\n"
#endif
- "\t\t\ta Use arcfour encryption algorithm\n"
- "\t\t-o <offset> Set wipe offset to <offset>, where <offset> has the\n"
- "\t\t\tsame format as <length>\n"
- "\t\t-P <passes> Set number of passes for filename wiping.\n"
- "\t\t\tDefault is 1.\n"
- "\t\t-Q <number> set number of passes for quick wipe\n"
- "\t\t-q Quick wipe, less secure, 4 random passes by default\n"
- "\t\t-r Recurse into directories -- symlinks will not be followed\n"
- "\t\t-R Set random device (or random seed command with -S c)\n"
- "\t\t-S (r|c|p) Random seed method\n"
- "\t\t\t r Read from random device (strong)\n"
- "\t\t\t c Read from output of random seed command\n"
- "\t\t\t p Use pid(), clock() etc. (weakest)\n"
- "\t\t-s Silent mode -- suppresses all output\n"
- "\t\t-T <tries> Set maximum number of tries for free\n"
- "\t\t\tfilename search; default is 10\n"
- "\t\t-v Show version information\n"
- "\t\t-Z Do not attempt to wipe file size\n"
- "\t\t-X <number> Skip this number of passes (useful for continuing a wiping operation)\n",
- progname
+ "\t\t\ta Use arcfour encryption algorithm\n"
+ "\t\t-o <offset> Set wipe offset to <offset>, where <offset> has the\n"
+ "\t\t\tsame format as <length>\n"
+ "\t\t-P <passes> Set number of passes for filename wiping.\n"
+ "\t\t\tDefault is 1.\n"
+ "\t\t-Q <number> set number of passes for quick wipe\n"
+ "\t\t-q Quick wipe, less secure, 4 random passes by default\n"
+ "\t\t-r Recurse into directories -- symlinks will not be followed\n"
+ "\t\t-R Set random device (or random seed command with -S c)\n"
+ "\t\t-S (r|c|p) Random seed method\n"
+ "\t\t\t r Read from random device (strong)\n"
+ "\t\t\t c Read from output of random seed command\n"
+ "\t\t\t p Use pid(), clock() etc. (weakest)\n"
+ "\t\t-s Silent mode -- suppresses all output\n"
+ "\t\t-T <tries> Set maximum number of tries for free\n"
+ "\t\t\tfilename search; default is 10\n"
+ "\t\t-v Show version information\n"
+ "\t\t-Z Do not attempt to wipe file size\n"
+ "\t\t-X <number> Skip this number of passes (useful for continuing a wiping operation)\n"
+ "\t\t-x <pass1,pass2,...> Define pass order\n",
+ progname
);
exit (WIPE_EXIT_COMPLETE_SUCCESS);
@@ -1368,11 +1422,48 @@ int main (int argc, char **argv)
if (c<0) break;
switch (c) {
- case 'X': o_skip_passes = atoi(optarg);
- if (o_skip_passes <= 0) {
- reject ("number of skipped passes must be strictly positive");
- }
- break;
+ case 'X':
+ o_skip_passes = atoi(optarg);
+ if (o_skip_passes <= 0 || o_skip_passes > MAX_PASSES) {
+ reject ("number of skipped passes must be between 0 and %d which %d is not", MAX_PASSES, o_skip_passes);
+ }
+ break;
+ case 'x':
+ {
+ int p_index = 0;
+ char *pch;
+ int current_int;
+
+ debugf ("splitting string \"%s\" into tokens:", optarg);
+ pch = strtok (optarg, ",");
+ while (pch != NULL) {
+ if (p_index >= MAX_PASSES) {
+ fprintf (stderr, "Too many arguments: %s\n", pch);
+ exit (WIPE_EXIT_MANIPULATION_ERROR);
+ }
+
+ current_int = atoi(pch);
+ if (current_int < 0 || current_int > MAX_PASSES) {
+ fprintf (stderr, "Invalid pass number: %s\n", pch);
+ exit (WIPE_EXIT_MANIPULATION_ERROR);
+ }
+
+ o_pass_order[p_index] = current_int;
+ debugf (" p[%d] = %d, (pch: %s)", p_index, current_int, pch);
+ pch = strtok(NULL, ",");
+ p_index ++;
+ }
+
+ debugf ("result: ");
+ for (i = 0; i < p_index; i++) {
+ debugf ("%d ", o_pass_order[i]);
+ }
+
+ if (p_index < MAX_PASSES) {
+ reject("not enough arguments for -x (got %d, need %d)\n", p_index, MAX_PASSES);
+ }
+ }
+ break;
case 'c': o_dochmod = 1; break;
case 'D': o_dereference_symlinks = 1; break;
case 'e': o_wipe_exact_size = 1; break;
@@ -1511,6 +1602,11 @@ int main (int argc, char **argv)
}
}
+ if (o_skip_passes) {
+ fprintf (stderr, "Will skip %d passes\n", o_skip_passes);
+ fflush (stderr);
+ }
+
if (!o_force) {
char buf2[80];
char buf[80];
@@ -1606,15 +1702,18 @@ user_aborted:
if (o_recurse) r = recursive (argv[i]);
else r = dothejob (argv[i]);
-
- /* if (r < 0) num_errors ++; */
+ if (r < 0) num_errors ++; /* Why or when was this disabled? -- OBD */
}
/* free internal buffers */
dothejob (0);
/* final synchronisation */
- if (!o_silent) fprintf (stderr, "Syncing..."); fflush (stderr);
+ if (!o_silent) {
+ fprintf (stderr, "Syncing...");
+ fflush (stderr);
+ }
+
#ifdef SYNC_WAITS_FOR_SYNC
sync ();
#else
@@ -1625,7 +1724,7 @@ user_aborted:
fprintf (stderr, "\rOperation finished.\n"
"%d file%s (of which %d special) in %d director%s wiped, "
"%d symlink%s removed and their targets wiped, "
- "%d error%s occured.\n",
+ "%d error%s occurred.\n",
num_files+num_spec, (1==num_files+num_spec)?"":"s",
num_spec,
num_dirs, (1==num_dirs)?"y":"ies",
@@ -1635,7 +1734,7 @@ user_aborted:
fprintf (stderr, "\rOperation finished.\n"
"%d file%s wiped and %d special file%s ignored in %d director%s, "
"%d symlink%s removed but not followed, "
- "%d error%s occured.\n",
+ "%d error%s occurred.\n",
num_files,(1==num_files)?"":"s",
num_spec,(1==num_spec)?"":"s",
num_dirs, (1==num_dirs)?"y":"ies",
diff --git a/wipe.tr.1 b/wipe.tr.1
index a448604..2668eaf 100644
--- a/wipe.tr.1
+++ b/wipe.tr.1
@@ -113,7 +113,6 @@ belirtiniz: wipe gerekli tohumlarını
çevre değişkenlerini, tarihi ve zamanı,
program numarasını vs. kullanarak elde
edecektir.
-.SP
.TP 0.5i
.B -M (l|a|r|p) (sözde rasgele sayı üretici algoritması)
@@ -155,7 +154,6 @@ okuyup, orda belirtilen koşullar uygun
ise wipe'ı ENABLE_RC6 ile derlemeniz
gerekir.
-.SP
Her durumda SRSÜ rasgele bilgi aygıtının çıktısıyla
tohumlanır (-R ve -S seçeneklerine bakınız).
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/wipe.git
More information about the forensics-changes
mailing list