aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xfirma309
1 files changed, 184 insertions, 125 deletions
diff --git a/firma b/firma
index a5ebae9..cd9b753 100755
--- a/firma
+++ b/firma
@@ -870,7 +870,7 @@ function NewList {
#-------------------------------------------------------------
local -i return_code=0
- local answer admin invalid
+ local answer admin invalid method
local last_char digits_only
# UTF-8 is avoided in DETAILS
@@ -882,152 +882,211 @@ function NewList {
if [ -d "$LIST_HOMEDIR" ]; then
echo "cannot create $LIST_NAME: List already exists at $LIST_HOMEDIR"
- return 1
- fi
+ return_code=1
+ else
- echo "Creating folder $LIST_HOMEDIR..."
- mkdir -p $LIST_HOMEDIR
+ echo "Creating folder $LIST_HOMEDIR..."
+ mkdir -p $LIST_HOMEDIR
- if [ -d "$LIST_HOMEDIR" ]; then
+ if [ -d "$LIST_HOMEDIR" ]; then
- while true; do
- read -rep " List email address or 'quit' to exit: " LIST_ADDRESS
- if [ "$LIST_ADDRESS" == "quit" ]; then
- return 1
- elif CheckValidEmail $LIST_ADDRESS; then
- break
- else
- echo " Invalid email address: $LIST_ADDRESS."
- fi
- done
+ # list address
+ while true; do
+ read -rep " List email address or 'quit' to exit: " LIST_ADDRESS
+ if [ "$LIST_ADDRESS" == "quit" ]; then
+ return_code=1
+ elif CheckValidEmail $LIST_ADDRESS; then
+ break
+ else
+ echo " Invalid email address: $LIST_ADDRESS."
+ fi
+ done
- while true; do
- read -rep " List administrator(s) email address(es) (space delimited) or 'quit' to exit: " LIST_ADMIN
- if [ "$LIST_ADDRESS" == "quit" ]; then
- return 1
- else
- for admin in $LIST_ADMIN; do
- if ! CheckValidEmail $admin; then
- invalid="`echo $invalid $admin | sed -e 's/ / /'`"
+ # admin emails
+ if [ "$return_code" == "0" ]; then
+ while true; do
+ read -rep " List administrator(s) email address(es) (space delimited) or 'quit' to exit: " LIST_ADMIN
+ if [ "$LIST_ADDRESS" == "quit" ]; then
+ return_code=1
+ else
+ for admin in $LIST_ADMIN; do
+ if ! CheckValidEmail $admin; then
+ invalid="`echo $invalid $admin | sed -e 's/ / /'`"
+ fi
+ done
+ if [ ! -z "$invalid" ]; then
+ echo " Invalid email address: $invalid."
+ else
+ break
+ fi
fi
done
- if [ ! -z "$invalid" ]; then
- echo " Invalid email address: $invalid."
- else
- break
- fi
fi
- done
- read -rep " List description (optional): " DESCRIPTION
-
- while true; do
- read -rep " Automatically create a passphrase for the list pubkey? (Y/n) " answer
- answer="`echo $answer | tr '[:lower:]' '[:upper:]'`"
- if [ -z "$answer" ] || [ "$answer" == "Y" ] || [ "$answer" == "YES" ]; then
- PASSPHRASE="`RandomString 62`"
- break
- elif [ "$answer" == "N" ] || [ "$answer" == "NO" ]; then
- read -resp " Passphrase to protect the list's secret key: " PASSPHRASE
- break
- else
- echo " Please answer either yes or no."
- fi
- done
+ # list description, passphrase and key size
+ if [ "$return_code" == "0" ]; then
+ read -rep " List description (optional): " DESCRIPTION
+ while true; do
+ read -rep " Automatically create a passphrase for the list pubkey? (Y/n) " answer
+ answer="`echo $answer | tr '[:lower:]' '[:upper:]'`"
+ if [ -z "$answer" ] || [ "$answer" == "Y" ] || [ "$answer" == "YES" ]; then
+ PASSPHRASE="`RandomString 62`"
+ break
+ elif [ "$answer" == "N" ] || [ "$answer" == "NO" ]; then
+ read -resp " Passphrase to protect the list's secret key: " PASSPHRASE
+ break
+ else
+ echo " Please answer either yes or no."
+ fi
+ done
- while true; do
- echo " Please choose a key size:"
- echo " 1 - 1024"
- echo " 2 - 2048 (default)"
- echo " 2 - 4096"
- read -rep " Please choose a key size or 'quit' to exit: " answer
- answer="`echo $answer | tr '[:lower:]' '[:upper:]'`"
- if [ "$answer" == "QUIT" ]; then
- return 1
- elif [ "$answer" == "1" ] || [ "$answer" == "1024" ]; then
- KEY_SIZE="1024"
- break
- elif [ -z "$answer" ] || [ "$answer" == "2" ] || [ "$answer" == "2048" ]; then
- KEY_SIZE="2048"
- break
- elif [ "$answer" == "3" ] || [ "$answer" == "4096" ]; then
- KEY_SIZE="4096"
- else
- echo " Invalid answer."
+ while true; do
+ echo " Please choose a key size:"
+ echo " 1 - 1024"
+ echo " 2 - 2048 (default)"
+ echo " 2 - 4096"
+ read -rep " Please choose a key size or 'quit' to exit: " answer
+ answer="`echo $answer | tr '[:lower:]' '[:upper:]'`"
+ if [ "$answer" == "QUIT" ]; then
+ return_code=1
+ elif [ "$answer" == "1" ] || [ "$answer" == "1024" ]; then
+ KEY_SIZE="1024"
+ break
+ elif [ -z "$answer" ] || [ "$answer" == "2" ] || [ "$answer" == "2048" ]; then
+ KEY_SIZE="2048"
+ break
+ elif [ "$answer" == "3" ] || [ "$answer" == "4096" ]; then
+ KEY_SIZE="4096"
+ else
+ echo " Invalid answer."
+ fi
+ done
fi
- done
-
- echo " Choose a key validity:"
- echo " 0 = key does not expire (default)"
- echo " <n> = key expires in n days"
- echo " <n>w = key expires in n weeks"
- echo " <n>m = key expires in n months"
- echo " <n>y = key expires in n years"
-
- while true; do
- read -rep " Please enter the key expiration time or 'quit' to exit: " KEY_EXPIRATION
- KEY_EXPIRATION="`echo $KEY_EXPIRATION | tr '[:upper:]' '[:lower:]' `"
- last_char="`echo "$KEY_EXPIRATION" | grep -o '[hdwmy]$'`"
- digits_only="`echo "$SUBKEY_VALIDITY" | sed -e "s/$last_char.$//"`"
- if [ -z "$KEY_EXPIRATION" ]; then
- KEY_EXPIRATION="0"
- elif [ "$KEY_EXPIRATION" == "quit" ]; then
- return 1
- elif [ -z "`echo $digits_only | sed -e 's/[0-9]//g'`" ] || [ ! -z "$last_char" ]; then
- break
- else
- echo " Invalid key expiration time."
- fi
- done
-
- echo "Creating your config..."
- touch $LIST_CONFIG_FILE
- chmod 600 $LIST_CONFIG_FILE
- chown $FIRMA_USER.$FIRMA_GROUP $LIST_CONFIG_FILE
- if [ -f "$LIST_CONFIG_FILE" ]; then
- DeclareGpgVars
- echo -e "LIST_HOMEDIR='$LIST_HOMEDIR'\nLIST_ADDRESS='$LIST_ADDRESS'\nLIST_ADMIN='$LIST_ADMIN'\nPASSPHRASE='$PASSPHRASE'" > $LIST_CONFIG_FILE
- echo "Now generating your keyring..."
- $GPG --gen-key <<EOF
+ # key expiration
+ if [ "$return_code" == "0" ]; then
+ echo " Choose a key validity:"
+ echo " 0 = key does not expire (default)"
+ echo " <n> = key expires in n days"
+ echo " <n>w = key expires in n weeks"
+ echo " <n>m = key expires in n months"
+ echo " <n>y = key expires in n years"
+
+ while true; do
+ read -rep " Please enter the key expiration time or 'quit' to exit: " KEY_EXPIRATION
+ KEY_EXPIRATION="`echo $KEY_EXPIRATION | tr '[:upper:]' '[:lower:]' `"
+ last_char="`echo "$KEY_EXPIRATION" | grep -o '[hdwmy]$'`"
+ digits_only="`echo "$SUBKEY_VALIDITY" | sed -e "s/$last_char.$//"`"
+ if [ -z "$KEY_EXPIRATION" ]; then
+ KEY_EXPIRATION="0"
+ elif [ "$KEY_EXPIRATION" == "quit" ]; then
+ return 1
+ elif [ -z "`echo $digits_only | sed -e 's/[0-9]//g'`" ] || [ ! -z "$last_char" ]; then
+ break
+ else
+ echo " Invalid key expiration time."
+ fi
+ done
+ fi
- Key-Type: DSA
- Key-Length: 1024
- Subkey-Type: ELG-E
- Subkey-Length: $KEY_SIZE
+ # config file creation
+ if [ "$return_code" == "0" ]; then
+ echo "Creating your config..."
+ touch $LIST_CONFIG_FILE
+ chmod 600 $LIST_CONFIG_FILE
+ chown $FIRMA_USER.$FIRMA_GROUP $LIST_CONFIG_FILE
+ if [ -f "$LIST_CONFIG_FILE" ]; then
+ DeclareGpgVars
+ echo -e "LIST_HOMEDIR='$LIST_HOMEDIR'\nLIST_ADDRESS='$LIST_ADDRESS'\nLIST_ADMIN='$LIST_ADMIN'\nPASSPHRASE='$PASSPHRASE'" > $LIST_CONFIG_FILE
+ echo "Now generating your keyring..."
+
+ $GPG --gen-key <<EOF
+
+ Key-Type: DSA
+ Key-Length: 1024
+ Subkey-Type: ELG-E
+ Subkey-Length: $KEY_SIZE
- Name-Real: $DESCRIPTION
- Name-Email: $LIST_ADDRESS
+ Name-Real: $DESCRIPTION
+ Name-Email: $LIST_ADDRESS
- Expire-Date: $KEY_EXPIRATION
- Passphrase: $PASSPHRASE
- %commit
+ Expire-Date: $KEY_EXPIRATION
+ Passphrase: $PASSPHRASE
+ %commit
EOF
- while true; do
- read -rep " Send list public key to list admins? (Y/n) " answer
- answer="`echo $answer | tr '[:lower:]' '[:upper:]'`"
- if [ -z "$answer" ] || [ "$answer" == "Y" ] || [ "$answer" == "YES" ]; then
- SendListPubkey $LIST_ADMIN
- break
- elif [ "$answer" == "N" ] || [ "$answer" == "NO" ]; then
- echo " Not sending public key from list to admins. Do it manually."
- break
- else
- echo " Please answer either yes or no."
- fi
- done
+ # import admins pubkeys
+ while true; do
+ read -rep " Import list admins' pubkeys? (Y/n) " answer
+ answer="`echo $answer | tr '[:lower:]' '[:upper:]'`"
+ if [ -z "$answer" ] || [ "$answer" == "Y" ] || [ "$answer" == "YES" ]; then
+
+ echo " Please choose a key import method:"
+ echo " 1 - Fetch the keys from a keyserver"
+ echo " 2 - Read keys from stdin"
+ echo " 3 - Key material stored in a file"
+
+ while true; do
+ read -rep " Please enter your choice: " answer
+ if [ "$answer" != "1" ]; then
+ method="keyserver"
+ read -rep " Please enter the keyserver address (defaults to $KEYSERVER): " answer
+ method="$method $answer"
+ break
+ elif [ "$answer" != "2" ]; then
+ method="stdin"
+ break
+ elif [ "$answer" != "3" ]; then
+ method="file"
+ break
+ else
+ echo " Invalid answer. Choose either 1, 2 or 3."
+ fi
+ done
+
+ SubscribeUsers $method $LIST_ADMIN
+
+ break
+ elif [ "$answer" == "N" ] || [ "$answer" == "NO" ]; then
+ echo " Not sending public key from list to admins. Do it manually."
+ break
+ else
+ echo " Please answer either yes or no."
+ fi
+ done
- chown -R $FIRMA_USER.$FIRMA_GROUP $LIST_HOMEDIR
+ # send list pubkey to admins
+ while true; do
+ read -rep " Send list public key to list admins? (Y/n) " answer
+ answer="`echo $answer | tr '[:lower:]' '[:upper:]'`"
+ if [ -z "$answer" ] || [ "$answer" == "Y" ] || [ "$answer" == "YES" ]; then
+ SendListPubkey $LIST_ADMIN
+ break
+ elif [ "$answer" == "N" ] || [ "$answer" == "NO" ]; then
+ echo " Not sending public key from list to admins. Do it manually."
+ break
+ else
+ echo " Please answer either yes or no."
+ fi
+ done
+ # fix permissions
+ chown -R $FIRMA_USER.$FIRMA_GROUP $LIST_HOMEDIR
+ fi
+ else
+ echo "$(basename $0): cannot create $LIST_HOMEDIR: Installation aborted"
+ return_code=1
+ fi
else
- echo "$(basename $0): cannot create $LIST_HOMEDIR: Installation aborted"
+ echo " Could not create list homedir $LIST_HOMEDIR."
return_code=1
fi
- else
- echo " Could not create list homedir $LIST_HOMEDIR."
- return_code=1
+ fi
+
+ # list creation should be atomic
+ if [ "$return_code" == "1" ]; then
+ rm -rf $LIST_HOMEDIR
fi
return $return_code