diff options
| -rwxr-xr-x | firma | 309 |
1 files changed, 184 insertions, 125 deletions
@@ -870,7 +870,7 @@ function NewList { #------------------------------------------------------------- local -i return_code=0 - local answer admin invalid + local answer admin invalid method local last_char digits_only # UTF-8 is avoided in DETAILS @@ -882,152 +882,211 @@ function NewList { if [ -d "$LIST_HOMEDIR" ]; then echo "cannot create $LIST_NAME: List already exists at $LIST_HOMEDIR" - return 1 - fi + return_code=1 + else - echo "Creating folder $LIST_HOMEDIR..." - mkdir -p $LIST_HOMEDIR + echo "Creating folder $LIST_HOMEDIR..." + mkdir -p $LIST_HOMEDIR - if [ -d "$LIST_HOMEDIR" ]; then + if [ -d "$LIST_HOMEDIR" ]; then - while true; do - read -rep " List email address or 'quit' to exit: " LIST_ADDRESS - if [ "$LIST_ADDRESS" == "quit" ]; then - return 1 - elif CheckValidEmail $LIST_ADDRESS; then - break - else - echo " Invalid email address: $LIST_ADDRESS." - fi - done + # list address + while true; do + read -rep " List email address or 'quit' to exit: " LIST_ADDRESS + if [ "$LIST_ADDRESS" == "quit" ]; then + return_code=1 + elif CheckValidEmail $LIST_ADDRESS; then + break + else + echo " Invalid email address: $LIST_ADDRESS." + fi + done - while true; do - read -rep " List administrator(s) email address(es) (space delimited) or 'quit' to exit: " LIST_ADMIN - if [ "$LIST_ADDRESS" == "quit" ]; then - return 1 - else - for admin in $LIST_ADMIN; do - if ! CheckValidEmail $admin; then - invalid="`echo $invalid $admin | sed -e 's/ / /'`" + # admin emails + if [ "$return_code" == "0" ]; then + while true; do + read -rep " List administrator(s) email address(es) (space delimited) or 'quit' to exit: " LIST_ADMIN + if [ "$LIST_ADDRESS" == "quit" ]; then + return_code=1 + else + for admin in $LIST_ADMIN; do + if ! CheckValidEmail $admin; then + invalid="`echo $invalid $admin | sed -e 's/ / /'`" + fi + done + if [ ! -z "$invalid" ]; then + echo " Invalid email address: $invalid." + else + break + fi fi done - if [ ! -z "$invalid" ]; then - echo " Invalid email address: $invalid." - else - break - fi fi - done - read -rep " List description (optional): " DESCRIPTION - - while true; do - read -rep " Automatically create a passphrase for the list pubkey? (Y/n) " answer - answer="`echo $answer | tr '[:lower:]' '[:upper:]'`" - if [ -z "$answer" ] || [ "$answer" == "Y" ] || [ "$answer" == "YES" ]; then - PASSPHRASE="`RandomString 62`" - break - elif [ "$answer" == "N" ] || [ "$answer" == "NO" ]; then - read -resp " Passphrase to protect the list's secret key: " PASSPHRASE - break - else - echo " Please answer either yes or no." - fi - done + # list description, passphrase and key size + if [ "$return_code" == "0" ]; then + read -rep " List description (optional): " DESCRIPTION + while true; do + read -rep " Automatically create a passphrase for the list pubkey? (Y/n) " answer + answer="`echo $answer | tr '[:lower:]' '[:upper:]'`" + if [ -z "$answer" ] || [ "$answer" == "Y" ] || [ "$answer" == "YES" ]; then + PASSPHRASE="`RandomString 62`" + break + elif [ "$answer" == "N" ] || [ "$answer" == "NO" ]; then + read -resp " Passphrase to protect the list's secret key: " PASSPHRASE + break + else + echo " Please answer either yes or no." + fi + done - while true; do - echo " Please choose a key size:" - echo " 1 - 1024" - echo " 2 - 2048 (default)" - echo " 2 - 4096" - read -rep " Please choose a key size or 'quit' to exit: " answer - answer="`echo $answer | tr '[:lower:]' '[:upper:]'`" - if [ "$answer" == "QUIT" ]; then - return 1 - elif [ "$answer" == "1" ] || [ "$answer" == "1024" ]; then - KEY_SIZE="1024" - break - elif [ -z "$answer" ] || [ "$answer" == "2" ] || [ "$answer" == "2048" ]; then - KEY_SIZE="2048" - break - elif [ "$answer" == "3" ] || [ "$answer" == "4096" ]; then - KEY_SIZE="4096" - else - echo " Invalid answer." + while true; do + echo " Please choose a key size:" + echo " 1 - 1024" + echo " 2 - 2048 (default)" + echo " 2 - 4096" + read -rep " Please choose a key size or 'quit' to exit: " answer + answer="`echo $answer | tr '[:lower:]' '[:upper:]'`" + if [ "$answer" == "QUIT" ]; then + return_code=1 + elif [ "$answer" == "1" ] || [ "$answer" == "1024" ]; then + KEY_SIZE="1024" + break + elif [ -z "$answer" ] || [ "$answer" == "2" ] || [ "$answer" == "2048" ]; then + KEY_SIZE="2048" + break + elif [ "$answer" == "3" ] || [ "$answer" == "4096" ]; then + KEY_SIZE="4096" + else + echo " Invalid answer." + fi + done fi - done - - echo " Choose a key validity:" - echo " 0 = key does not expire (default)" - echo " <n> = key expires in n days" - echo " <n>w = key expires in n weeks" - echo " <n>m = key expires in n months" - echo " <n>y = key expires in n years" - - while true; do - read -rep " Please enter the key expiration time or 'quit' to exit: " KEY_EXPIRATION - KEY_EXPIRATION="`echo $KEY_EXPIRATION | tr '[:upper:]' '[:lower:]' `" - last_char="`echo "$KEY_EXPIRATION" | grep -o '[hdwmy]$'`" - digits_only="`echo "$SUBKEY_VALIDITY" | sed -e "s/$last_char.$//"`" - if [ -z "$KEY_EXPIRATION" ]; then - KEY_EXPIRATION="0" - elif [ "$KEY_EXPIRATION" == "quit" ]; then - return 1 - elif [ -z "`echo $digits_only | sed -e 's/[0-9]//g'`" ] || [ ! -z "$last_char" ]; then - break - else - echo " Invalid key expiration time." - fi - done - - echo "Creating your config..." - touch $LIST_CONFIG_FILE - chmod 600 $LIST_CONFIG_FILE - chown $FIRMA_USER.$FIRMA_GROUP $LIST_CONFIG_FILE - if [ -f "$LIST_CONFIG_FILE" ]; then - DeclareGpgVars - echo -e "LIST_HOMEDIR='$LIST_HOMEDIR'\nLIST_ADDRESS='$LIST_ADDRESS'\nLIST_ADMIN='$LIST_ADMIN'\nPASSPHRASE='$PASSPHRASE'" > $LIST_CONFIG_FILE - echo "Now generating your keyring..." - $GPG --gen-key <<EOF + # key expiration + if [ "$return_code" == "0" ]; then + echo " Choose a key validity:" + echo " 0 = key does not expire (default)" + echo " <n> = key expires in n days" + echo " <n>w = key expires in n weeks" + echo " <n>m = key expires in n months" + echo " <n>y = key expires in n years" + + while true; do + read -rep " Please enter the key expiration time or 'quit' to exit: " KEY_EXPIRATION + KEY_EXPIRATION="`echo $KEY_EXPIRATION | tr '[:upper:]' '[:lower:]' `" + last_char="`echo "$KEY_EXPIRATION" | grep -o '[hdwmy]$'`" + digits_only="`echo "$SUBKEY_VALIDITY" | sed -e "s/$last_char.$//"`" + if [ -z "$KEY_EXPIRATION" ]; then + KEY_EXPIRATION="0" + elif [ "$KEY_EXPIRATION" == "quit" ]; then + return 1 + elif [ -z "`echo $digits_only | sed -e 's/[0-9]//g'`" ] || [ ! -z "$last_char" ]; then + break + else + echo " Invalid key expiration time." + fi + done + fi - Key-Type: DSA - Key-Length: 1024 - Subkey-Type: ELG-E - Subkey-Length: $KEY_SIZE + # config file creation + if [ "$return_code" == "0" ]; then + echo "Creating your config..." + touch $LIST_CONFIG_FILE + chmod 600 $LIST_CONFIG_FILE + chown $FIRMA_USER.$FIRMA_GROUP $LIST_CONFIG_FILE + if [ -f "$LIST_CONFIG_FILE" ]; then + DeclareGpgVars + echo -e "LIST_HOMEDIR='$LIST_HOMEDIR'\nLIST_ADDRESS='$LIST_ADDRESS'\nLIST_ADMIN='$LIST_ADMIN'\nPASSPHRASE='$PASSPHRASE'" > $LIST_CONFIG_FILE + echo "Now generating your keyring..." + + $GPG --gen-key <<EOF + + Key-Type: DSA + Key-Length: 1024 + Subkey-Type: ELG-E + Subkey-Length: $KEY_SIZE - Name-Real: $DESCRIPTION - Name-Email: $LIST_ADDRESS + Name-Real: $DESCRIPTION + Name-Email: $LIST_ADDRESS - Expire-Date: $KEY_EXPIRATION - Passphrase: $PASSPHRASE - %commit + Expire-Date: $KEY_EXPIRATION + Passphrase: $PASSPHRASE + %commit EOF - while true; do - read -rep " Send list public key to list admins? (Y/n) " answer - answer="`echo $answer | tr '[:lower:]' '[:upper:]'`" - if [ -z "$answer" ] || [ "$answer" == "Y" ] || [ "$answer" == "YES" ]; then - SendListPubkey $LIST_ADMIN - break - elif [ "$answer" == "N" ] || [ "$answer" == "NO" ]; then - echo " Not sending public key from list to admins. Do it manually." - break - else - echo " Please answer either yes or no." - fi - done + # import admins pubkeys + while true; do + read -rep " Import list admins' pubkeys? (Y/n) " answer + answer="`echo $answer | tr '[:lower:]' '[:upper:]'`" + if [ -z "$answer" ] || [ "$answer" == "Y" ] || [ "$answer" == "YES" ]; then + + echo " Please choose a key import method:" + echo " 1 - Fetch the keys from a keyserver" + echo " 2 - Read keys from stdin" + echo " 3 - Key material stored in a file" + + while true; do + read -rep " Please enter your choice: " answer + if [ "$answer" != "1" ]; then + method="keyserver" + read -rep " Please enter the keyserver address (defaults to $KEYSERVER): " answer + method="$method $answer" + break + elif [ "$answer" != "2" ]; then + method="stdin" + break + elif [ "$answer" != "3" ]; then + method="file" + break + else + echo " Invalid answer. Choose either 1, 2 or 3." + fi + done + + SubscribeUsers $method $LIST_ADMIN + + break + elif [ "$answer" == "N" ] || [ "$answer" == "NO" ]; then + echo " Not sending public key from list to admins. Do it manually." + break + else + echo " Please answer either yes or no." + fi + done - chown -R $FIRMA_USER.$FIRMA_GROUP $LIST_HOMEDIR + # send list pubkey to admins + while true; do + read -rep " Send list public key to list admins? (Y/n) " answer + answer="`echo $answer | tr '[:lower:]' '[:upper:]'`" + if [ -z "$answer" ] || [ "$answer" == "Y" ] || [ "$answer" == "YES" ]; then + SendListPubkey $LIST_ADMIN + break + elif [ "$answer" == "N" ] || [ "$answer" == "NO" ]; then + echo " Not sending public key from list to admins. Do it manually." + break + else + echo " Please answer either yes or no." + fi + done + # fix permissions + chown -R $FIRMA_USER.$FIRMA_GROUP $LIST_HOMEDIR + fi + else + echo "$(basename $0): cannot create $LIST_HOMEDIR: Installation aborted" + return_code=1 + fi else - echo "$(basename $0): cannot create $LIST_HOMEDIR: Installation aborted" + echo " Could not create list homedir $LIST_HOMEDIR." return_code=1 fi - else - echo " Could not create list homedir $LIST_HOMEDIR." - return_code=1 + fi + + # list creation should be atomic + if [ "$return_code" == "1" ]; then + rm -rf $LIST_HOMEDIR fi return $return_code |