mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2025-02-02 11:58:28 +00:00
fixed correct handling and deletion of keys when taken from stdin
This commit is contained in:
parent
58f7248378
commit
a7d330997e
39
tomb
39
tomb
@ -40,7 +40,7 @@
|
|||||||
|
|
||||||
# {{{ Global variables
|
# {{{ Global variables
|
||||||
|
|
||||||
VERSION=1.4
|
VERSION=1.5
|
||||||
DATE="Jun/2013"
|
DATE="Jun/2013"
|
||||||
TOMBEXEC=$0
|
TOMBEXEC=$0
|
||||||
typeset -a OLDARGS
|
typeset -a OLDARGS
|
||||||
@ -60,9 +60,6 @@ typeset -A global_opts
|
|||||||
typeset -A opts
|
typeset -A opts
|
||||||
typeset -h username
|
typeset -h username
|
||||||
|
|
||||||
typeset -h tombkeydir # global used if key comes from stdin
|
|
||||||
tombkeydir=""
|
|
||||||
|
|
||||||
typeset -h _uid
|
typeset -h _uid
|
||||||
typeset -h _gid
|
typeset -h _gid
|
||||||
typeset -h _tty
|
typeset -h _tty
|
||||||
@ -70,7 +67,6 @@ typeset -h _tty
|
|||||||
# Set a sensible PATH
|
# Set a sensible PATH
|
||||||
# PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
|
# PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
|
||||||
|
|
||||||
|
|
||||||
# }}}
|
# }}}
|
||||||
|
|
||||||
# {{{ Safety functions
|
# {{{ Safety functions
|
||||||
@ -308,6 +304,7 @@ is_valid_tomb() {
|
|||||||
_message "Valid tomb file found: $1"
|
_message "Valid tomb file found: $1"
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
# }}}
|
# }}}
|
||||||
|
|
||||||
# {{{ Commandline interaction
|
# {{{ Commandline interaction
|
||||||
@ -554,34 +551,41 @@ load_key() {
|
|||||||
if [[ "`option_value -k`" == "-" ]]; then
|
if [[ "`option_value -k`" == "-" ]]; then
|
||||||
xxx "load_key reading from stdin"
|
xxx "load_key reading from stdin"
|
||||||
# take key from stdin
|
# take key from stdin
|
||||||
tombkeydir=`safe_dir load_key`
|
tombkeydir=`safe_dir load_key_stdin` # global used to check if key from stdin
|
||||||
xxx "tempdir is $tombkeydir"
|
xxx "tempdir is $tombkeydir"
|
||||||
cat > ${tombkeydir}/stdin.tmp
|
cat > ${tombkeydir}/stdin.tmp.key
|
||||||
tombdir=${tombkeydir}
|
tombdir=${tombkeydir}
|
||||||
tombfile=stdin.tmp
|
tombfile=stdin.tmp
|
||||||
tombname="stdin"
|
tombname="stdin"
|
||||||
elif [[ "`option_value -k`" != "" ]]; then
|
elif [[ "`option_value -k`" != "" ]]; then
|
||||||
|
xxx "load_key argument: `option_value -k`"
|
||||||
# take key from a file
|
# take key from a file
|
||||||
tombkey=`option_value -k`
|
tombkey=`option_value -k`
|
||||||
tombdir=`dirname $tombkey`
|
tombdir=`dirname $tombkey`
|
||||||
tombfile=`basename $tombkey`
|
tombfile=`basename $tombkey`
|
||||||
fi
|
fi
|
||||||
else
|
|
||||||
tombkey=${tombdir}/${tombfile}.key
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
tombkey=${tombdir}/${tombfile}.key
|
||||||
|
|
||||||
xxx "load_key: ${tombkey}"
|
xxx "load_key: ${tombkey}"
|
||||||
|
|
||||||
if [ -r "${tombkey}" ]; then
|
if [ -r "${tombkey}" ]; then
|
||||||
_message "We'll use this key: ${tombkey}"
|
if [ "$tombkeydir" = "" ]; then
|
||||||
|
_message "We'll use this key: ${tombkey}"
|
||||||
|
else
|
||||||
|
_message "We'll use the key piped from stdin"
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
_warning "Key not found, specify one using -k"
|
_warning "Key not found, specify one using -k"
|
||||||
|
drop_key
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# this does a check on the file header
|
# this does a check on the file header
|
||||||
if ! is_valid_key ${tombkey}; then
|
if ! is_valid_key ${tombkey}; then
|
||||||
_warning "The key seems invalid, the application/pgp header is missing"
|
_warning "The key seems invalid, the application/pgp header is missing"
|
||||||
|
drop_key
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
print "$tombkey"
|
print "$tombkey"
|
||||||
@ -694,9 +698,13 @@ change_passwd() {
|
|||||||
|
|
||||||
# To be called after load_key()
|
# To be called after load_key()
|
||||||
drop_key() {
|
drop_key() {
|
||||||
{ test "$tombkeydir" = "" } && { return 0 }
|
xxx "drop_key $tombkey"
|
||||||
{ test -r ${tombkeydir}/stdin.tmp } && {
|
# delete key if temp stored from stdin
|
||||||
${=WIPE} ${tombkeydir}/stdin.tmp; rmdir ${tombkeydir} }
|
if [[ "$tombkey" =~ "/dev/shm/tomb.load_key_stdin" ]]; then
|
||||||
|
{ test -r ${tombkey} } && {
|
||||||
|
_message "removing key temporarily stored from stdin"
|
||||||
|
${=WIPE} ${tombkey}; rmdir `dirname ${tombkey}` }
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
#$1 is the keyfile we are checking
|
#$1 is the keyfile we are checking
|
||||||
@ -712,7 +720,9 @@ is_valid_key() {
|
|||||||
_warning "Key file is not a regular file: $1"; return 1 }
|
_warning "Key file is not a regular file: $1"; return 1 }
|
||||||
# this header validity check is a virtuosism by Hellekin
|
# this header validity check is a virtuosism by Hellekin
|
||||||
[[ `file =(awk '/^-+BEGIN/,0' $1)` =~ PGP ]] && {
|
[[ `file =(awk '/^-+BEGIN/,0' $1)` =~ PGP ]] && {
|
||||||
_message "Valid key file found: $1"; return 0 }
|
if [ "$tombkeydir" = "" ]; then _message "Valid key file found: $1"
|
||||||
|
else _message "Valid key file passed from stdin"; fi
|
||||||
|
return 0 }
|
||||||
# if no BEGIN header found then we try to recover it
|
# if no BEGIN header found then we try to recover it
|
||||||
[[ `file $1 -bi` =~ text/plain ]] && {
|
[[ `file $1 -bi` =~ text/plain ]] && {
|
||||||
_warning "Key data found with missing headers, attempting recovery"
|
_warning "Key data found with missing headers, attempting recovery"
|
||||||
@ -1379,6 +1389,7 @@ create_tomb() {
|
|||||||
yes "Tomb $tombname succesfully created"
|
yes "Tomb $tombname succesfully created"
|
||||||
ls -l ${tombfile}*
|
ls -l ${tombfile}*
|
||||||
}
|
}
|
||||||
|
|
||||||
# }}} - Creation
|
# }}} - Creation
|
||||||
|
|
||||||
# {{{ Open
|
# {{{ Open
|
||||||
|
Loading…
x
Reference in New Issue
Block a user