diff options
34 files changed, 89 insertions, 43 deletions
@@ -1,3 +1,10 @@ +2017-05-31 - 0.5.1 - Silvio Rhatto <rhatto@riseup.net> + + Do not abort when keys are expired on actions that are + not supposed to write in the database (#72) + + Adds "delete" alias to "del" action. + 2016-12-21 - 0.5.0 - Silvio Rhatto <rhatto@riseup.net> Fixes keyringer_check_expiration failure if a public key is listed multiple @@ -23,10 +23,17 @@ Just clone git clone https://git.fluxo.info/keyringer -And then leave it somewhere, optionally adding it to your `$PATH` environment variable +You can also verify the latest commit's OpenPGP signature: + + /usr/bin/git -C keyringer verify-commit HEAD + +Note that `/usr/bin/git` is called to avoid any other `git` wrappers or aliases +you might have available on your shell. + +You can also add the `keyringer` script into your `$PATH` environment variable or package it to your preferred distro. -If you're using Debian `jessie` or newer, just run +If you're using Debian `stable` or newer, just run apt-get install keyringer @@ -140,7 +140,7 @@ function keyringer_dispatch { # Config NAME="keyringer" -KEYRINGER_VERSION="0.5.0" +KEYRINGER_VERSION="0.5.1" CONFIG_VERSION="0.1" CONFIG_BASE="$HOME/.$NAME" CONFIG="$CONFIG_BASE/config" diff --git a/lib/keyringer/actions/append b/lib/keyringer/actions/append index df21e03..905867a 100755 --- a/lib/keyringer/actions/append +++ b/lib/keyringer/actions/append @@ -5,7 +5,8 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" readwrite $* || exit 1 +exit # Get file keyringer_get_file "$2" diff --git a/lib/keyringer/actions/check b/lib/keyringer/actions/check index a647e95..8722381 100755 --- a/lib/keyringer/actions/check +++ b/lib/keyringer/actions/check @@ -15,7 +15,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # The following should run automatically from keyringer_check_recipients # and keyringer_check_repository: diff --git a/lib/keyringer/actions/commands b/lib/keyringer/actions/commands index 4888317..c40f726 100755 --- a/lib/keyringer/actions/commands +++ b/lib/keyringer/actions/commands @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Dispatch keyringer_show_actions diff --git a/lib/keyringer/actions/commit b/lib/keyringer/actions/commit index 84ead14..e8e72b6 100755 --- a/lib/keyringer/actions/commit +++ b/lib/keyringer/actions/commit @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Fix positional arguments shift diff --git a/lib/keyringer/actions/cp b/lib/keyringer/actions/cp index 1f4ccee..af3a52b 100755 --- a/lib/keyringer/actions/cp +++ b/lib/keyringer/actions/cp @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Aditional parameters CWD="`pwd`" diff --git a/lib/keyringer/actions/decrypt b/lib/keyringer/actions/decrypt index c6510ee..e17f0e0 100755 --- a/lib/keyringer/actions/decrypt +++ b/lib/keyringer/actions/decrypt @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" read $* || exit 1 # Get file keyringer_get_file "$2" diff --git a/lib/keyringer/actions/del b/lib/keyringer/actions/del index 2abc414..61a68da 100755 --- a/lib/keyringer/actions/del +++ b/lib/keyringer/actions/del @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Get file keyringer_get_file "$2" diff --git a/lib/keyringer/actions/delete b/lib/keyringer/actions/delete new file mode 120000 index 0000000..1a7ac23 --- /dev/null +++ b/lib/keyringer/actions/delete @@ -0,0 +1 @@ +del
\ No newline at end of file diff --git a/lib/keyringer/actions/edit b/lib/keyringer/actions/edit index 4338518..a480eea 100755 --- a/lib/keyringer/actions/edit +++ b/lib/keyringer/actions/edit @@ -1,11 +1,11 @@ #!/usr/bin/env bash # -# Edit keys. +# Edit secrets # # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" readwrite $* || exit 1 # Get file keyringer_get_file "$2" diff --git a/lib/keyringer/actions/encrypt b/lib/keyringer/actions/encrypt index 3818fa3..11db62c 100755 --- a/lib/keyringer/actions/encrypt +++ b/lib/keyringer/actions/encrypt @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" write $* || exit 1 # Usage function keyringer_usage_encrypt { diff --git a/lib/keyringer/actions/find b/lib/keyringer/actions/find index dc9d6d1..043e80d 100755 --- a/lib/keyringer/actions/find +++ b/lib/keyringer/actions/find @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Aditional parameters CWD="`pwd`" diff --git a/lib/keyringer/actions/genkeys b/lib/keyringer/actions/genkeys index f49d6d0..634c847 100755 --- a/lib/keyringer/actions/genkeys +++ b/lib/keyringer/actions/genkeys @@ -185,7 +185,7 @@ EOF # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" write $* || exit 1 # Aditional parameters KEYTYPE="$2" diff --git a/lib/keyringer/actions/git b/lib/keyringer/actions/git index 218273f..f2cb684 100755 --- a/lib/keyringer/actions/git +++ b/lib/keyringer/actions/git @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Aditional parameters CWD="`pwd`" diff --git a/lib/keyringer/actions/ls b/lib/keyringer/actions/ls index b992ad4..e7610d7 100755 --- a/lib/keyringer/actions/ls +++ b/lib/keyringer/actions/ls @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Aditional parameters CWD="`pwd`" diff --git a/lib/keyringer/actions/mkdir b/lib/keyringer/actions/mkdir index 63442a4..882bbb0 100755 --- a/lib/keyringer/actions/mkdir +++ b/lib/keyringer/actions/mkdir @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Aditional parameters CWD="`pwd`" diff --git a/lib/keyringer/actions/mv b/lib/keyringer/actions/mv index e31eb85..b8cb797 100755 --- a/lib/keyringer/actions/mv +++ b/lib/keyringer/actions/mv @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Avoid leading slash ORIG="$(keyringer_filename `echo "$2" | sed -e "s|^/*||"`)" diff --git a/lib/keyringer/actions/options b/lib/keyringer/actions/options index eea73e8..0161e63 100755 --- a/lib/keyringer/actions/options +++ b/lib/keyringer/actions/options @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Command parser keyringer_get_command "$2" diff --git a/lib/keyringer/actions/preferences b/lib/keyringer/actions/preferences index ffabc4c..a840fd7 100755 --- a/lib/keyringer/actions/preferences +++ b/lib/keyringer/actions/preferences @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Options COMMAND="$2" diff --git a/lib/keyringer/actions/pwgen b/lib/keyringer/actions/pwgen index 45d2bf9..1ca3829 100755 --- a/lib/keyringer/actions/pwgen +++ b/lib/keyringer/actions/pwgen @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" write $* || exit 1 # Parameters SIZE="$3" diff --git a/lib/keyringer/actions/recipients b/lib/keyringer/actions/recipients index 29f9d38..3c18516 100755 --- a/lib/keyringer/actions/recipients +++ b/lib/keyringer/actions/recipients @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Command parser keyringer_get_command "$2" diff --git a/lib/keyringer/actions/recrypt b/lib/keyringer/actions/recrypt index 5dce1ba..d88a749 100755 --- a/lib/keyringer/actions/recrypt +++ b/lib/keyringer/actions/recrypt @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" readwrite $* || exit 1 # Recrypt a single secret function keyringer_recrypt { diff --git a/lib/keyringer/actions/rmdir b/lib/keyringer/actions/rmdir index da7abe5..410eb55 100755 --- a/lib/keyringer/actions/rmdir +++ b/lib/keyringer/actions/rmdir @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Aditional parameters CWD="`pwd`" diff --git a/lib/keyringer/actions/sclip b/lib/keyringer/actions/sclip index 6016f2b..156762a 100755 --- a/lib/keyringer/actions/sclip +++ b/lib/keyringer/actions/sclip @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" read $* || exit 1 # Clip password shift diff --git a/lib/keyringer/actions/shell b/lib/keyringer/actions/shell index 491fe0a..3b98d68 100755 --- a/lib/keyringer/actions/shell +++ b/lib/keyringer/actions/shell @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Basic parameters SHELLPATH="/" diff --git a/lib/keyringer/actions/teardown b/lib/keyringer/actions/teardown index 5bfb121..2e8725b 100755 --- a/lib/keyringer/actions/teardown +++ b/lib/keyringer/actions/teardown @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Options CONFIRM="$2" diff --git a/lib/keyringer/actions/tree b/lib/keyringer/actions/tree index 9c09bfc..7bf173d 100755 --- a/lib/keyringer/actions/tree +++ b/lib/keyringer/actions/tree @@ -10,7 +10,7 @@ function keyringer_tree { # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Aditional parameters CWD="`pwd`" diff --git a/lib/keyringer/actions/usage b/lib/keyringer/actions/usage index 15096a0..9fd36ba 100755 --- a/lib/keyringer/actions/usage +++ b/lib/keyringer/actions/usage @@ -5,7 +5,7 @@ # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" maintenance $* || exit 1 # Dispatch keyringer_usage $KEYRING diff --git a/lib/keyringer/actions/xclip b/lib/keyringer/actions/xclip index 0e60bbd..da86315 100755 --- a/lib/keyringer/actions/xclip +++ b/lib/keyringer/actions/xclip @@ -38,7 +38,7 @@ clip() { # Load functions LIB="`dirname $0`/../functions" -source "$LIB" || exit 1 +source "$LIB" read $* || exit 1 # Check for xclip if ! which xclip &> /dev/null; then diff --git a/lib/keyringer/functions b/lib/keyringer/functions index bd87fd6..0d96288 100755 --- a/lib/keyringer/functions +++ b/lib/keyringer/functions @@ -253,10 +253,18 @@ function keyringer_set_env { exit 1 fi + # The first argument tells what the action plans to do with the + # keyring database: either read, write, readwrite or maintenance. + if [ "$1" != "read" ] && [ "$1" != "write" ] && [ "$1" != "readwrite" ] && [ "$1" != "maintenance" ]; then + echo "Error: first keyringer_set_env argument must be either read, write or readwrite" + exit 1 + fi + ACTIONS="`dirname $0`" BASENAME="`basename $0`" - BASEDIR="$1" - SUBCOMMAND="$2" + KEYRINGER_MODE="$1" + BASEDIR="$2" + SUBCOMMAND="$3" KEYDIR="$BASEDIR/keys" RECIPIENTS_BASE="config/recipients" RECIPIENTS="$BASEDIR/$RECIPIENTS_BASE" @@ -640,10 +648,10 @@ function keyringer_check_recipients { sed -i -e 's/ XXXXXXXX$/ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/' "$RECIPIENTS"/* fi - if [ "$1" == "edit" ]; then - # Don't do the other checks at edit mode. - return - fi + #if [ "$1" == "edit" ]; then + # # Don't do the other checks at edit mode. + # return + #fi for recipient in $(cat "$RECIPIENTS"/* | grep -v '^#' | awk '{ print $2 }'); do # Process a recipient just once @@ -710,8 +718,15 @@ function keyringer_check_expiration { # Check if key is expired if [ ! -z "$expiry" ] && [[ "$seconds" -gt "$expiry" ]]; then - echo "Fatal: primary key for $recipient expired on `date --date="@$expiry"`" - exit 1 + echo -n "Warning: primary key for $recipient expired on `date --date="@$expiry"`" + + if [ "$KEYRINGER_MODE" == "write" ] || [ "$KEYRINGER_MODE" == "readwrite" ]; then + echo ", aborting." + exit 1 + fi + + echo "" + return 1 fi # Check if key is about to expire @@ -741,8 +756,15 @@ function keyringer_check_expiration { # All subkeys are expired if [ ! -z "$subkey" ] && [ "$not_expired" != "1" ]; then - echo "Fatal: key $recipient has no keys suitable for encryption: all subkeys expired." - exit 1 + echo -n "Warning: key $recipient has no keys suitable for encryption: all subkeys expired." + + if [ "$KEYRINGER_MODE" == "write" ] || [ "$KEYRINGER_MODE" == "readwrite" ]; then + echo ", aborting." + exit 1 + fi + + echo "" + return 1 fi } diff --git a/share/man/keyringer.1 b/share/man/keyringer.1 index fe17968..7b1b030 100644 --- a/share/man/keyringer.1 +++ b/share/man/keyringer.1 @@ -159,6 +159,11 @@ Git history.\f[] To completely remove a file from a keyring, you should also rewrite the Git history yourself. .RE .TP +.B delete <\f[I]secret\f[]> +Alias for \f[I]del\f[] action. +.RS +.RE +.TP .B rm <\f[I]secret\f[]> Alias for \f[I]del\f[] action. .RS @@ -258,7 +263,7 @@ Alias to clip action. .B sclip <\f[I]secret\f[]> Same as clip action, but sleeps five seconds, overwrite clipboard and exit. -If xdotool is available, it also switchs to the next window using the +If xdotool is available, it also switches to the next window using the alt+Tab shortcut. This action is useful to be invoked by a custom key combo in a window manager so it becomes easy to provide keyringer managed passphrases to diff --git a/share/man/keyringer.1.mdwn b/share/man/keyringer.1.mdwn index afe7e99..8acd747 100644 --- a/share/man/keyringer.1.mdwn +++ b/share/man/keyringer.1.mdwn @@ -125,6 +125,9 @@ del <*secret*> To completely remove a file from a keyring, you should also rewrite the Git history yourself. +delete <*secret*> +: Alias for *del* action. + rm <*secret*> : Alias for *del* action. @@ -186,7 +189,7 @@ xclip <*secret*> sclip <*secret*> : Same as clip action, but sleeps five seconds, overwrite clipboard and exit. If xdotool - is available, it also switchs to the next window using the alt+Tab shortcut. This action + is available, it also switches to the next window using the alt+Tab shortcut. This action is useful to be invoked by a custom key combo in a window manager so it becomes easy to provide keyringer managed passphrases to other applications such as a web browser. |