tomb

commit a7d330997efbbb15966a23c712ba7f0707269839
parent 58f7248378455285ab28c8907c9325d9415d9bfc
Author: Jaromil <jaromil@dyne.org>
Date:   Wed, 19 Feb 2014 12:08:26 +0100

fixed correct handling and deletion of keys when taken from stdin

Diffstat:
M
tomb
 | 
39
+++++++++++++++++++++++++--------------

1 file changed, 25 insertions(+), 14 deletions(-)
diff --git a/tomb b/tomb
@@ -40,7 +40,7 @@
 
 # {{{ Global variables
 
-VERSION=1.4
+VERSION=1.5
 DATE="Jun/2013"
 TOMBEXEC=$0
 typeset -a OLDARGS
@@ -60,9 +60,6 @@ typeset -A global_opts
 typeset -A opts
 typeset -h username
 
-typeset -h tombkeydir # global used if key comes from stdin
-tombkeydir=""
-
 typeset -h _uid
 typeset -h _gid
 typeset -h _tty
@@ -70,7 +67,6 @@ typeset -h _tty
 # Set a sensible PATH
 # PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
 
-
 # }}}
 
 # {{{ Safety functions
@@ -308,6 +304,7 @@ is_valid_tomb() {
     _message "Valid tomb file found: $1"
     return 0
 }
+
 # }}}
 
 # {{{ Commandline interaction
@@ -554,34 +551,41 @@ load_key() {
 	if [[ "`option_value -k`" == "-" ]]; then
 	    xxx "load_key reading from stdin"
 	    # take key from stdin
-	    tombkeydir=`safe_dir load_key`
+	    tombkeydir=`safe_dir load_key_stdin` # global used to check if key from stdin
 	    xxx "tempdir is $tombkeydir"
-	    cat > ${tombkeydir}/stdin.tmp
+	    cat > ${tombkeydir}/stdin.tmp.key
 	    tombdir=${tombkeydir}
 	    tombfile=stdin.tmp
 	    tombname="stdin"
 	elif [[ "`option_value -k`" != "" ]]; then
+	    xxx "load_key argument: `option_value -k`"
 	    # take key from a file
 	    tombkey=`option_value -k`
 	    tombdir=`dirname $tombkey`
 	    tombfile=`basename $tombkey`
 	fi
-    else
-	tombkey=${tombdir}/${tombfile}.key
     fi
 
+    tombkey=${tombdir}/${tombfile}.key
+
     xxx "load_key: ${tombkey}"
 
     if [ -r "${tombkey}" ]; then
-	_message "We'll use this key: ${tombkey}"
+	if [ "$tombkeydir" = "" ]; then
+	    _message "We'll use this key: ${tombkey}"
+        else
+	    _message "We'll use the key piped from stdin"
+        fi
     else
 	_warning "Key not found, specify one using -k"
+	drop_key
 	return 1
     fi
 
     # this does a check on the file header
     if ! is_valid_key ${tombkey}; then
 	_warning "The key seems invalid, the application/pgp header is missing"
+	drop_key
 	return 1
     fi
     print "$tombkey"
@@ -694,9 +698,13 @@ change_passwd() {
 
 # To be called after load_key()
 drop_key() {
-   { test "$tombkeydir" = "" } && { return 0 }
-   { test -r ${tombkeydir}/stdin.tmp } && {
-       ${=WIPE} ${tombkeydir}/stdin.tmp; rmdir ${tombkeydir} }
+    xxx "drop_key $tombkey"
+    # delete key if temp stored from stdin
+    if [[ "$tombkey" =~ "/dev/shm/tomb.load_key_stdin" ]]; then
+	{ test -r ${tombkey} } && {
+	    _message "removing key temporarily stored from stdin"
+	    ${=WIPE} ${tombkey}; rmdir `dirname ${tombkey}` }
+    fi
 }
 
 #$1 is the keyfile we are checking
@@ -712,7 +720,9 @@ is_valid_key() {
 	_warning "Key file is not a regular file: $1"; return 1 }
     # this header validity check is a virtuosism by Hellekin
     [[ `file =(awk '/^-+BEGIN/,0' $1)` =~ PGP ]] && {
-	_message "Valid key file found: $1"; return 0 }
+	if [ "$tombkeydir" = "" ]; then _message "Valid key file found: $1"
+        else _message "Valid key file passed from stdin"; fi
+	return 0 }
     # if no BEGIN header found then we try to recover it
     [[ `file $1 -bi` =~ text/plain ]] && {
 	_warning "Key data found with missing headers, attempting recovery"
@@ -1379,6 +1389,7 @@ create_tomb() {
     yes "Tomb $tombname succesfully created"
     ls -l ${tombfile}*
 }
+
 # }}} - Creation
 
 # {{{ Open