parazyd.org/1/git/tomb/commit/772b731e5fde5eae5567d26b4d3930bc242c2f8a.gph

  URI:

       tsmall fixes to tmpfile handling for key from stdin - tomb - the crypto undertaker
  HTML git clone git://parazyd.org/tomb.git
   DIR Log
   DIR Files
   DIR Refs
   DIR README
   DIR LICENSE
       ---
   DIR commit 772b731e5fde5eae5567d26b4d3930bc242c2f8a
   DIR parent 7736cc97af078828ec1b267ab4202d44bd2ee6d4
  HTML Author: Jaromil <jaromil@dyne.org>
       Date:   Tue, 11 Jun 2013 15:04:10 +0000
       
       small fixes to tmpfile handling for key from stdin
       
       Diffstat:
         M tomb                                |      15 +++++++++++----
       
       1 file changed, 11 insertions(+), 4 deletions(-)
       ---
   DIR diff --git a/tomb b/tomb
       t@@ -58,6 +58,9 @@ typeset -A global_opts
        typeset -A opts
        typeset -h username
        
       +typeset -h tombkeydir # global used if key comes from stdin
       +tombkeydir=""
       +
        typeset -h _uid
        typeset -h _gid
        typeset -h _tty
       t@@ -100,7 +103,7 @@ safe_dir() {
            while (( $tries < 3 )) ; do
                tries+=1
                if _have_shm; then
       -            xxx "safe_dir creating directory in RAM"
       +            xxx "safe_dir creating $1 dir in RAM"
                    if (( $MKTEMP )); then
                        mktemp -d /dev/shm/$1.$$.XXXXXXX
                    else
       t@@ -435,7 +438,6 @@ check_bin() {
        
        # {{{ Key operations
        
       -typeset -h tombkeydir # global used if key comes from stdin
        
        # This function retrieves a tomb key specified on commandline or one
        # laying nearby the tomb if found, or from stdin if the option was
       t@@ -446,12 +448,14 @@ load_key() {
            # check if the key is set manually then use the one existing
            local tombdir="$1"
            local tombname="$2"
       +    local tombkey=""
            if option_is_set -k ; then
                if [[ "`option_value -k`" == "-" ]]; then
                    # take key from stdin
       -            tombkeydir=`safe_dir`
       +            tombkeydir=`safe_dir tomb`
                    cat > ${tombkeydir}/stdin.tmp
                    tombkey=${tombkeydir}/stdin.tmp
       +            xxx " `ls -lh ${tombkey}`"
                else
                    # take key from a file
                    tombkey=`option_value -k`
       t@@ -471,7 +475,7 @@ load_key() {
            # this does a check on the file header
            if ! is_valid_key ${tombkey}; then
                _warning "The key seems invalid, the application/pgp header is missing"
       -        return 1
       +         return 1
            fi
            print "$tombkey"
            return 0
       t@@ -1146,6 +1150,7 @@ mount_tomb() {
            tombname=${tombfile%%\.*}
            xxx "tomb found: ${tombdir}/${tombfile}"
        
       +    # load_key called here
            tombkey=`load_key ${tombdir} ${tombname}`
            { test $? = 0 } || {
                die "Aborting operations: error loading key $tombkey" }
       t@@ -1211,6 +1216,8 @@ mount_tomb() {
            get_lukskey "${tombpass}" ${tombkey} | \
                cryptsetup --key-file - luksOpen ${nstloop} ${mapper}
        
       +
       +    # key dropped here
            drop_key
            unset tombpass