aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rwxr-xr-xlib/keyringer/actions/cp33
-rwxr-xr-xlib/keyringer/actions/edit4
-rw-r--r--lib/keyringer/completions/bash/keyringer9
-rw-r--r--lib/keyringer/completions/zsh/_keyringer13
-rw-r--r--lib/keyringer/editors/vim5
-rwxr-xr-xlib/keyringer/functions11
6 files changed, 51 insertions, 24 deletions
diff --git a/lib/keyringer/actions/cp b/lib/keyringer/actions/cp
new file mode 100755
index 0000000..0629b61
--- /dev/null
+++ b/lib/keyringer/actions/cp
@@ -0,0 +1,33 @@
+#!/bin/bash
+#
+# Copy secrets.
+#
+
+# Load functions
+LIB="`dirname $0`/../functions"
+source "$LIB" || exit 1
+
+# Aditional parameters
+CWD="`pwd`"
+
+# Avoid leading slash
+ORIG="$(keyringer_filename `echo "$2" | sed -e "s|^/*||"`)"
+DEST="`echo "$3" | sed -e "s|^/*||"`"
+
+# Set destination
+if [ ! -d "$KEYDIR/$RELATIVE_PATH/$DEST" ]; then
+ keyringer_get_new_file $DEST
+else
+ FILE="$DEST"
+fi
+
+# Check if secret exists
+if ! echo "$ORIG" | grep -q '*' && [ ! -e "$KEYDIR/$RELATIVE_PATH/$ORIG" ]; then
+ echo "Secret not found: $ORIG"
+ exit 1
+fi
+
+# Run move command
+cd "$KEYDIR" && cp -a "./$RELATIVE_PATH/$ORIG" "./$FILE"
+keyringer_exec git "$BASEDIR" add "keys/$FILE"
+cd "$CWD"
diff --git a/lib/keyringer/actions/edit b/lib/keyringer/actions/edit
index a5f14d4..c9f3f12 100755
--- a/lib/keyringer/actions/edit
+++ b/lib/keyringer/actions/edit
@@ -59,9 +59,9 @@ wait
echo "Press any key when done using the file and you're sure that $APPNAME is closed."
read -s -n 1
-# Encrypt again
+# Encrypt again. Unset RELATIVE_PATH as it was already used to determine FILE path
export KEYRINGER_ADD_EXTENSION=false
-keyringer_exec encrypt "$BASEDIR" "$FILE" "$TMPWORK"
+RELATIVE_PATH="" keyringer_exec encrypt "$BASEDIR" "$FILE" "$TMPWORK"
# Check exit status
errcrypt="$?"
diff --git a/lib/keyringer/completions/bash/keyringer b/lib/keyringer/completions/bash/keyringer
index 0f2cb2b..27cf919 100644
--- a/lib/keyringer/completions/bash/keyringer
+++ b/lib/keyringer/completions/bash/keyringer
@@ -69,7 +69,6 @@ _keyringer() {
fi
# Process config
- source $config/config
keyrings="`ls --color=never $config | sed -e '/^config$/d' | xargs`"
# Available instances
@@ -77,13 +76,13 @@ _keyringer() {
# The current instance
instance="${COMP_WORDS[1]}"
- path="`eval echo '$'$instance`"
+ path="`grep -e "^$instance=" "$config/config" | tail -n 1 | cut -d = -f 2 | sed -e 's/"//g' -e "s/'//g" | sed -e 's/ *#.*$//'`"
# Command completions
if [ "${#COMP_WORDS[@]}" == "2" ]; then
opts="$keyrings"
elif [ "${#COMP_WORDS[@]}" == "3" ] && echo "${prev}" | grep -qe "$instances"; then
- opts="`export KEYRINGER_CHECK_VERSION=false && keyringer $instance commands`"
+ opts="`export KEYRINGER_CHECK_RECIPIENTS=false && export KEYRINGER_CHECK_VERSION=false && keyringer $instance commands`"
elif [ "${#COMP_WORDS[@]}" == "3" ]; then
opts="init"
elif [ "${#COMP_WORDS[@]}" == "4" ]; then
@@ -96,7 +95,7 @@ _keyringer() {
;;
ls|tree|mkdir|encrypt|encrypt-batch|decrypt|edit|append|append-batch|del|rm|recrypt|open|clip|xclip|find)
cur="`echo ${cur} | sed -e "s|^/*||"`" # avoid leading slash
- opts="$(bash -c "set -f && export KEYRINGER_CHECK_VERSION=false && keyringer $instance ls -p -d ${cur}*" 2> /dev/null)"
+ opts="$(bash -c "set -f && export KEYRINGER_CHECK_RECIPIENTS=false && export KEYRINGER_CHECK_VERSION=false && keyringer $instance ls -p -d ${cur}*" 2> /dev/null)"
;;
genpair)
opts="gpg ssh ssl ssl-self"
@@ -119,7 +118,7 @@ _keyringer() {
;;
genpair)
cur="`echo ${cur} | sed -e "s|^/*||"`" # avoid leading slash
- opts="$(bash -c "set -f && export KEYRINGER_CHECK_VERSION=false && keyringer $instance ls -p -d ${cur}*" 2> /dev/null)"
+ opts="$(bash -c "set -f && export KEYRINGER_CHECK_RECIPIENTS=false && export KEYRINGER_CHECK_VERSION=false && keyringer $instance ls -p -d ${cur}*" 2> /dev/null)"
;;
git)
# TODO
diff --git a/lib/keyringer/completions/zsh/_keyringer b/lib/keyringer/completions/zsh/_keyringer
index b4ccdd4..ab95c3d 100644
--- a/lib/keyringer/completions/zsh/_keyringer
+++ b/lib/keyringer/completions/zsh/_keyringer
@@ -19,9 +19,8 @@ _keyringer() {
fi
# Process config
- source $config/config
local keyrings="`ls --color=never $config | sed -e '/^config$/d' | xargs`"
- local keyring_path="`eval echo '$'$words[2]`"
+ local keyring_path="`grep -e "^$words[2]=" "$config/config" | tail -n 1 | cut -d = -f 2 | sed -e 's/"//g' -e "s/'//g" | sed -e 's/ *#.*$//'`"
local instances="`echo $keyrings | sed -e 's/ /$\\\|^/g' -e 's/^/^/' -e 's/$/$/'`"
_arguments \
@@ -37,7 +36,7 @@ _keyringer() {
;;
action)
if echo $words[2] | grep -qe "$instances"; then
- compadd "$@" `KEYRINGER_CHECK_VERSION=false keyringer $words[2] commands`
+ compadd "$@" `KEYRINGER_CHECK_RECIPIENTS=false KEYRINGER_CHECK_VERSION=false keyringer $words[2] commands`
else
compadd "$@" "init"
fi
@@ -52,7 +51,7 @@ _keyringer() {
;;
ls|tree|mkdir|encrypt|encrypt-batch|decrypt|edit|append|append-batch|del|rm|recrypt|open|clip|xclip|find)
words[4]="`echo $words[4] | sed -e "s|^/*||"`" # avoid leading slash
- compadd "$@" $(KEYRINGER_CHECK_VERSION=false keyringer $words[2] ls -p -d $words[4]'*' 2> /dev/null)
+ compadd "$@" $(KEYRINGER_CHECK_RECIPIENTS=false KEYRINGER_CHECK_VERSION=false keyringer $words[2] ls -p -d $words[4]'*' 2> /dev/null)
;;
genpair)
compadd "$@" gpg ssh ssl ssl-self
@@ -71,11 +70,11 @@ _keyringer() {
case "$words[3]" in
recipients)
words[5]="$(echo $words[5] | sed -e "s|^/||")" # TODO: avoid leading slash
- compadd "$@" $(cd $keyring_path/config/recipients && ls --color=never -p $words[5]'*' 2> /dev/null)
+ compadd "$@" $(cd $keyring_path/config/recipients && ls --color=never -p $words[5]* 2> /dev/null)
;;
genpair)
words[5]="$(echo $words[5] | sed -e "s|^/||")" # TODO: avoid leading slash
- compadd "$@" $(KEYRINGER_CHECK_VERSION=false keyringer $words[2] ls -p -d $words[5]'*' 2> /dev/null)
+ compadd "$@" $(KEYRINGER_CHECK_RECIPIENTS=false KEYRINGER_CHECK_VERSION=false keyringer $words[2] ls -p -d $words[5]'*' 2> /dev/null)
;;
git)
compadd "$@" $(_keyringer_git_complete $words[4] $words[5])
@@ -88,7 +87,7 @@ _keyringer() {
esac
;;
*)
- if [ $words[3] == "git" ]; then
+ if [[ $words[3] == "git" ]]; then
# TODO
true
fi
diff --git a/lib/keyringer/editors/vim b/lib/keyringer/editors/vim
deleted file mode 100644
index 0f877df..0000000
--- a/lib/keyringer/editors/vim
+++ /dev/null
@@ -1,5 +0,0 @@
-" Use sane defaults for VIM to avoid data leakage
-" See https://keyringer.pw/trac/ticket/50
-set nowritebackup
-set nobackup
-set viminfo="NONE"
diff --git a/lib/keyringer/functions b/lib/keyringer/functions
index fdd8439..42c047d 100755
--- a/lib/keyringer/functions
+++ b/lib/keyringer/functions
@@ -72,7 +72,7 @@ function keyringer_exec {
action="$1"
basedir="$2"
shift 2
-
+
# Dispatch
if keyringer_has_action "$action"; then
"$ACTIONS/$action" "$basedir" $*
@@ -171,7 +171,7 @@ function keyringer_set_tmpfile {
else
TMPWORK="$(mktemp "$template")"
fi
-
+
if [ "$?" != "0" ]; then
printf "Error: can't set TMPWORK %s\n" "$TMPWORK"
exit 1
@@ -250,7 +250,7 @@ function keyringer_git_ignore {
function keyringer_set_env {
if [ -z "$1" ]; then
echo "Error: missing arguments for keyringer_set_env"
- exit 1
+ exit 1
fi
ACTIONS="`dirname $0`"
@@ -287,7 +287,7 @@ function keyringer_set_env {
# Avoid viminfo, see https://keyringer.pw/trac/ticket/50
if $EDITOR --help | grep -q -e "^VIM"; then
if ! echo $EDITOR | grep -q -- "-i NONE"; then
- EDITOR="$EDITOR -S `dirname $LIB`/editors/vim"
+ EDITOR="$EDITOR -S $SHARE/editors/vim"
fi
fi
@@ -429,7 +429,7 @@ function keyringer_get_option {
# Get a file argument
function keyringer_get_file {
FILE="$(keyringer_filename "$RELATIVE_PATH/$1")"
-
+
if [ -z "$FILE" ]; then
keyringer_action_usage
exit 1
@@ -715,6 +715,7 @@ function keyringer_check_expiration {
fi
# Check the subkeys
+ expiry=""
for expiry in `gpg --with-colons --fixed-list-mode --list-keys "$recipient" | grep ^sub | cut -d : -f 7`; do
if [[ "$seconds" -lt "$expiry" ]]; then
not_expired="1"