summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorDaniel Kahn Gillmor <dkg@fifthhorseman.net>2010-11-16 22:45:58 -0500
committerDaniel Kahn Gillmor <dkg@fifthhorseman.net>2010-11-16 22:45:58 -0500
commitd9721fd16ad489d400dd085aa7ba8a4d83baf3d3 (patch)
treebcd76d55c4e08f97dfd1f21f53ebc6c47a8d7a1a /lib
parentce0d1ee064f94c1fca8e94e1a36dcc17dde5451d (diff)
downloadkeyringer-d9721fd16ad489d400dd085aa7ba8a4d83baf3d3.tar.gz
keyringer-d9721fd16ad489d400dd085aa7ba8a4d83baf3d3.tar.bz2
first pass at escaping variables in bash -- i probably missed some
Diffstat (limited to 'lib')
-rwxr-xr-xlib/keyringer/csr.sh28
-rw-r--r--lib/keyringer/functions57
2 files changed, 43 insertions, 42 deletions
diff --git a/lib/keyringer/csr.sh b/lib/keyringer/csr.sh
index 195b355..881a46f 100755
--- a/lib/keyringer/csr.sh
+++ b/lib/keyringer/csr.sh
@@ -38,7 +38,7 @@ LASTUMASK=`umask`
umask 077
# OpenSSL for HPUX needs a random file
-RANDOMFILE=$HOME/.rnd
+RANDOMFILE="$HOME/.rnd"
# create a config file for openssl
CONFIG=`mktemp -q /tmp/openssl-conf.XXXXXXXX`
@@ -86,16 +86,16 @@ fi
# Config File Generation
-cat <<EOF > $CONFIG
+cat <<EOF > "$CONFIG"
# -------------- BEGIN custom openssl.cnf -----
HOME = $HOME
EOF
if [ "`uname -s`" = "HP-UX" ]; then
- echo " RANDFILE = $RANDOMFILE" >> $CONFIG
+ echo " RANDFILE = $RANDOMFILE" >> "$CONFIG"
fi
-cat <<EOF >> $CONFIG
+cat <<EOF >> "$CONFIG"
oid_section = new_oids
[ new_oids ]
[ req ]
@@ -107,10 +107,10 @@ cat <<EOF >> $CONFIG
EOF
if [ ! "$SANAMES" = "" ]; then
- echo "req_extensions = v3_req # Extensions to add to certificate request" >> $CONFIG
+ echo "req_extensions = v3_req # Extensions to add to certificate request" >> "$CONFIG"
fi
-cat <<EOF >> $CONFIG
+cat <<EOF >> "$CONFIG"
[ req_distinguished_name ]
commonName = Common Name (eg, YOUR name)
commonName_default = $COMMONNAME
@@ -119,27 +119,27 @@ cat <<EOF >> $CONFIG
EOF
if [ ! "$SANAMES" = "" ]; then
- echo "subjectAltName=$SANAMES" >> $CONFIG
+ echo "subjectAltName=$SANAMES" >> "$CONFIG"
fi
-echo "# -------------- END custom openssl.cnf -----" >> $CONFIG
+echo "# -------------- END custom openssl.cnf -----" >> "$CONFIG"
echo "Running OpenSSL..."
# The first one doesn't work, the second one does:
-#openssl req -batch -config $CONFIG -newkey rsa -out ${HOST}_csr.pem
-openssl req -batch -config $CONFIG -newkey rsa:2048 -out ${HOST}_csr.pem
+#openssl req -batch -config "$CONFIG" -newkey rsa -out ${HOST}_csr.pem
+openssl req -batch -config "$CONFIG" -newkey rsa:2048 -out "${HOST}_csr.pem"
echo "Copy the following Certificate Request and paste into CAcert website to obtain a Certificate."
echo "When you receive your certificate, you 'should' name it something like ${HOST}_server.pem"
echo
cat ${HOST}_csr.pem
echo
-echo The Certificate request is also available in ${HOST}_csr.pem
-echo The Private Key is stored in ${HOST}_privatekey.pem
+printf "The Certificate request is also available in '%s_csr.pem'\n" "$HOST"
+printf "The Private Key is stored in '%s_privatekey.pem'\n" "$HOST"
echo
-rm $CONFIG
+rm "$CONFIG"
#restore umask
-umask $LASTUMASK
+umask "$LASTUMASK"
diff --git a/lib/keyringer/functions b/lib/keyringer/functions
index 9888ed1..9c8dfd7 100644
--- a/lib/keyringer/functions
+++ b/lib/keyringer/functions
@@ -7,18 +7,18 @@
function keyringer_config_load {
if [ -f "$HOME/.$NAME" ]; then
echo "Converting legacy configuration scheme..."
- mv $HOME/.$NAME $HOME/.$NAME.tmp
- mkdir $HOME/.$NAME
- mv $HOME/.$NAME.tmp $CONFIG
+ mv "$HOME/.$NAME" "$HOME/.$NAME.tmp"
+ mkdir "$HOME/.$NAME"
+ mv "$HOME/.$NAME.tmp" "$CONFIG"
fi
if [ ! -e "$CONFIG" ]; then
echo "Creating $CONFIG..."
mkdir -p `dirname $CONFIG`
- touch $CONFIG
- chmod 600 $CONFIG
- echo "# Keyringer config file." > $CONFIG
- echo "" >> $CONFIG
+ touch "$CONFIG"
+ chmod 600 "$CONFIG"
+ echo "# Keyringer config file." > "$CONFIG"
+ echo "" >> "$CONFIG"
fi
keyringer_config_load_preferences
@@ -28,7 +28,7 @@ function keyringer_config_load {
function keyringer_config_load_preferences {
# Load custom keyring preferences
if [ ! -z "$PREFERENCES" ] && [ -f "$PREFERENCES" ]; then
- source $PREFERENCES
+ source "$PREFERENCES"
fi
}
@@ -38,7 +38,7 @@ function keyringer_config {
echo "Your have to set CONFIG variable in the code"
exit 1
elif [ -e "$CONFIG" ]; then
- grep -e "^$1=" $CONFIG | tail -n 1 | cut -d = -f 2 | sed -e 's/"//g' -e "s/'//g" | sed -e 's/ *#.*$//'
+ grep -e "^$1=" "$CONFIG" | tail -n 1 | cut -d = -f 2 | sed -e 's/"//g' -e "s/'//g" | sed -e 's/ *#.*$//'
else
echo "Config file not found: $CONFIG"
exit 1
@@ -47,7 +47,7 @@ function keyringer_config {
# Return the list of recipients
function keyringer_recipients {
- grep -v '^#' $1 | grep -v '^$' | awk '{ print "-r " $2 }' | xargs
+ grep -v '^#' "$1" | grep -v '^$' | awk '{ print "-r " $2 }' | xargs
}
# Check if keyringer has a given action
@@ -72,8 +72,8 @@ function keyringer_exec {
shift 2
# Dispatch
- if keyringer_has_action $action; then
- $ACTIONS/$action $basedir $*
+ if keyringer_has_action "$action"; then
+ "$ACTIONS/$action" "$basedir" $*
fi
}
@@ -82,7 +82,7 @@ function keyringer_filename {
if [ -z "$1" ]; then
return
else
- echo `dirname $1`/`basename $1 .asc`.asc
+ printf "%s/%s.asc\n" "$(dirname "$1")" "$(basename "$1" .asc)"
fi
}
@@ -96,7 +96,7 @@ function keyringer_is_git {
true
else
cwd="`pwd`"
- cd $1 && git="`git status &> /dev/null`" && cd $cwd
+ cd "$1" && git="`git status &> /dev/null`" && cd "$cwd"
if [ "$git" != "128" ]; then
true
@@ -119,17 +119,17 @@ function keyringer_set_tmpfile {
template="$BASEDIR/tmp/$1.XXXXXXXXXX"
fi
- mkdir -p $BASEDIR/tmp
+ mkdir -p "$BASEDIR/tmp"
keyringer_git_ignore 'tmp/*'
if [ "$2" == "-d" ]; then
- TMPWORK="`mktemp -d $template`"
+ TMPWORK="$(mktemp -d "$template")"
else
- TMPWORK="`mktemp $template`"
+ TMPWORK="$(mktemp "$template")"
fi
if [ "$?" != "0" ]; then
- echo "Error: can't set TMPWORK $TMPWORK"
+ printf "Error: can't set TMPWORK %s\n" "$TMPWORK"
exit 1
fi
@@ -142,7 +142,7 @@ function keyringer_unset_tmpfile {
echo "No tmp file set"
fi
- rm -f $1
+ rm -f "$1"
if [ "$?" != "0" ]; then
echo "Warning: could not delete file $1. Please delete it manually as it might have sensitive information."
@@ -153,11 +153,11 @@ function keyringer_unset_tmpfile {
# Add a pattern into gitignore
function keyringer_git_ignore {
if [ ! -z "$BASEDIR/.gitignore" ]; then
- echo $1 > $BASEDIR/.gitignore
- keyringer_exec git $BASEDIR add .gitignore
+ echo "$1" > "$BASEDIR/.gitignore"
+ keyringer_exec git "$BASEDIR" add .gitignore
else
- if ! grep -q -e "^$1$" $BASEDIR/.gitignore; then
- echo $1 >> $BASEDIR/.gitignore
+ if ! grep -q -e "^$1$" "$BASEDIR/.gitignore"; then
+ echo "$1" >> "$BASEDIR/.gitignore"
fi
fi
}
@@ -196,18 +196,19 @@ function keyringer_set_env {
exit 1
fi
fi
+
if [ ! -f "$OPTIONS" ]; then
echo "No option config was found"
exit 1
fi
# Ensure that keydir exists
- mkdir -p $KEYDIR && chmod 700 $KEYDIR
+ mkdir -p "$KEYDIR" && chmod 700 "$KEYDIR"
}
# Get a file argument
function keyringer_get_file {
- FILE="`keyringer_filename $1`"
+ FILE="$(keyringer_filename "$1")"
if [ -z "$FILE" ]; then
keyringer_action_usage
@@ -220,7 +221,7 @@ function keyringer_get_file {
# Get a new file argument
function keyringer_get_new_file {
- FILE="`keyringer_filename $1`"
+ FILE="$(keyringer_filename "$1")"
if [ -z "$FILE" ]; then
keyringer_action_usage
@@ -243,7 +244,7 @@ function keyringer_get_command {
function keyringer_action_usage {
if [ "`type -t "keyringer_usage_$BASENAME"`" == "function" ]; then
# Use custom action usage
- keyringer_usage_$BASENAME
+ "keyringer_usage_$BASENAME"
else
# Default usage
if [ "$1" == "command" ]; then
@@ -255,6 +256,6 @@ function keyringer_action_usage {
}
# Setup environment
-if [ "`basename $0`" != "keyringer" ]; then
+if [ "$(basename "$0")" != "keyringer" ]; then
keyringer_set_env $*
fi