Message replay protection wasn't working at all. Fixed.

1 files changed, 10 insertions, 13 deletions

diff --git a/firma b/firma
index f72c54a..092eabb 100755
--- a/firma
+++ b/firma
@@ -2427,25 +2427,20 @@ function ReplayProtectionCheck {
   #          1 if message's sha1sum is in the database
   #-------------------------------------------------------------
 
+  local -i return_code=0
   local sha1
 
   if [[ "$REPLAY_PROTECTION" == "1" ]]; then
     ReplayProtectionFlush
-    sha1="$(echo $GPG_MESSAGE | sha1sum | cut -d " " -f 1)"
+    sha1="$(echo "$GPG_MESSAGE" | sha1sum | cut -d " " -f 1)"
     if grep -q "^$sha1$" $REPLAY_FILE; then
-      touch $REPLAY_FILE.tmp
-      chown $FIRMA_USER:$FIRMA_GROUP $REPLAY_FILE.tmp
-      chmod 600 $REPLAY_FILE.tmp
-      sed -e "/^$sha1$/d" $REPLAY_FILE > $REPLAY_FILE.tmp
-      mv -f $REPLAY_FILE.tmp $REPLAY_FILE
-      return 1
-    else
-      return 0
+      sed -i -e "/^$sha1$/d" $REPLAY_FILE
+      return_code=1
     fi
-    echo $sha1 >> $REPLAY_FILE
-  else
-    return 0
+    echo "$sha1" >> $REPLAY_FILE
   fi
+
+  return $return_code
 }
 
 #-------------------------------------------------------------
@@ -2535,7 +2530,9 @@ FUNCTIONS="
   SourceListConfig
   ConfigHelp
   AdminHelp
-  DeliveryRandomization"
+  DeliveryRandomization
+  ReplayProtectionFlush
+  ReplayProtectionCheck"
 
 for VAR in $GLOBAL_VARS; do
   declare $VAR