From d32faa9d6cddbc714de708ecc052b43b49d7faa8 Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Sat, 18 Sep 2010 13:50:04 -0300
Subject: Fixing tmpfile handling

---
 lib/keyringer/functions | 13 ++++++++++---
 share/keyringer/edit    | 11 +++++------
 share/keyringer/genpair | 47 ++++++++++++++++++-----------------------------
 3 files changed, 33 insertions(+), 38 deletions(-)

diff --git a/lib/keyringer/functions b/lib/keyringer/functions
index a2a35be..13502f7 100644
--- a/lib/keyringer/functions
+++ b/lib/keyringer/functions
@@ -122,14 +122,18 @@ function keyringer_set_tmpfile {
   mkdir -p $BASEDIR/tmp
   keyringer_git_ignore 'tmp/*'
 
-  tmpfile="`mktemp $template`"
+  if [ "$2" == "-d" ]; then
+    TMPWORK="`mktemp -d $template`"
+  else
+    TMPWORK="`mktemp $template`"
+  fi
   
   if [ "$?" != "0" ]; then
-    echo "Error: can't set tmpfile $tmpfile"
+    echo "Error: can't set TMPWORK $TMPWORK"
     exit 1
   fi
 
-  echo $tmpfile
+  trap "keyringer_unset_tmpfile $TMPWORK; exit" INT TERM EXIT
 }
 
 # Remove a temporary file
@@ -191,6 +195,9 @@ function keyringer_set_env {
     echo "No option config was found"
     exit 1
   fi
+
+  # Ensure that keydir exists
+  mkdir -p $KEYDIR && chmod 700 $KEYDIR
 }
 
 # Get a file argument
diff --git a/share/keyringer/edit b/share/keyringer/edit
index edeb693..4a5be14 100755
--- a/share/keyringer/edit
+++ b/share/keyringer/edit
@@ -15,19 +15,18 @@ keyringer_get_file $2
 echo "Make sure that $BASEDIR is atop of an encrypted volume."
 
 # Set a tmp file
-TMPFILE="`keyringer_set_tmpfile edit`"
-trap "keyringer_unset_tmpfile $TMPFILE ; exit" INT TERM EXIT
+keyringer_set_tmpfile edit
 
 # Decrypt the information to the file
-gpg --yes -o $TMPFILE --use-agent -d $KEYDIR/$FILE
+gpg --yes -o $TMPWORK --use-agent -d $KEYDIR/$FILE
 
 # Prompt
 echo "Press any key to open the decrypted data into $EDITOR, Ctrl-C to abort"
 read key
-$EDITOR $TMPFILE
+$EDITOR $TMPWORK
 
 # Encrypt again
-gpg --yes -o $KEYDIR/$FILE --use-agent --armor -e -s $(keyringer_recipients $RECIPIENTS) $TMPFILE
+gpg --yes -o $KEYDIR/$FILE --use-agent --armor -e -s $(keyringer_recipients $RECIPIENTS) $TMPWORK
 
 # Remove temp file
-keyringer_unset_tmpfile $TMPFILE
+keyringer_unset_tmpfile $TMPWORK
diff --git a/share/keyringer/genpair b/share/keyringer/genpair
index cc54ba8..9177ba3 100755
--- a/share/keyringer/genpair
+++ b/share/keyringer/genpair
@@ -12,20 +12,20 @@ function genpair_ssh {
   read -p "Hit ENTER to continue." prompt
 
   # TODO: programatically enter blank passphrase twice
-  ssh-keygen -t dsa -f $WORK/id_dsa -C "root@$NODE"
+  ssh-keygen -t dsa -f $TMPWORK/id_dsa -C "root@$NODE"
 
   # Encrypt the result
   echo "Encrypting secret key into keyringer..."
-  cat $WORK/id_dsa     | keyringer_exec encrypt $BASEDIR $FILE
+  cat $TMPWORK/id_dsa     | keyringer_exec encrypt $BASEDIR $FILE
   echo "Encrypting public key into keyringer..."
-  cat $WORK/id_dsa.pub | keyringer_exec encrypt $BASEDIR $FILE.pub
+  cat $TMPWORK/id_dsa.pub | keyringer_exec encrypt $BASEDIR $FILE.pub
 
   # TODO: add outfiles into version control
   if [ ! -z "$OUTFILE" ]; then
     mkdir -p `dirname $OUTFILE`
     echo Saving copies at $OUTFILE and $OUTFILE.pub
-    cat $WORK/id_dsa     > $OUTFILE
-    cat $WORK/id_dsa.pub > $OUTFILE.pub
+    cat $TMPWORK/id_dsa     > $OUTFILE
+    cat $TMPWORK/id_dsa.pub > $OUTFILE.pub
   fi
 
   echo "Done"  
@@ -39,7 +39,7 @@ function genpair_gpg {
   # TODO: insert 279 random bytes
   # TODO: custom Name-Comment and Name-Email
   # TODO: allow for empty passphrases
-  gpg --homedir $WORK --gen-key --batch <<EOF
+  gpg --homedir $TMPWORK --gen-key --batch <<EOF
     Key-Type: RSA
     Key-Length: 4096
     Subkey-Type: ELG-E
@@ -54,9 +54,9 @@ EOF
 
   # Encrypt the result
   echo "Encrypting secret key into keyringer..."
-  gpg --armor --homedir $WORK --export-secret-keys | keyringer_exec encrypt $BASEDIR $FILE
+  gpg --armor --homedir $TMPWORK --export-secret-keys | keyringer_exec encrypt $BASEDIR $FILE
   echo "Encrypting public key into keyringer..."
-  gpg --armor --homedir $WORK --export             | keyringer_exec encrypt $BASEDIR $FILE.pub
+  gpg --armor --homedir $TMPWORK --export             | keyringer_exec encrypt $BASEDIR $FILE.pub
   echo "Encrypting passphrase into keyringer..."
   echo "Passphrase for $FILE: $passphrase"         | keyringer_exec encrypt $BASEDIR $FILE.passwd
 
@@ -64,8 +64,8 @@ EOF
   if [ ! -z "$OUTFILE" ]; then
     mkdir -p `dirname $OUTFILE`
     echo Saving copies at $OUTFILE and $OUTFILE.pub
-    gpg --armor --homedir $WORK --export-secret-keys > $OUTFILE
-    gpg --armor --homedir $WORK --export             > $OUTFILE.pub
+    gpg --armor --homedir $TMPWORK --export-secret-keys > $OUTFILE
+    gpg --armor --homedir $TMPWORK --export             > $OUTFILE.pub
   fi
 
   echo "Done"  
@@ -77,7 +77,7 @@ function genpair_ssl {
   read -p "Hit ENTER to continue." prompt
 
   # Setup
-  cd $WORK
+  cd $TMPWORK
 
   # Generate certificate
   $LIB/csr.sh $NODE
@@ -99,13 +99,13 @@ function genpair_ssl {
   if [ ! -z "$OUTFILE" ]; then
     mkdir -p `dirname $OUTFILE`
     echo Saving copies at $OUTFILE.pem, $OUTFILE.csr and $OUTFILE.crt
-    cat $WORK/$NODE"_privatekey.pem" > $OUTFILE.pem
-    cat $WORK/$NODE"_csr.pem"        > $OUTFILE.csr
-    cat $WORK/$NODE.crt              > $OUTFILE.crt
+    cat $TMPWORK/$NODE"_privatekey.pem" > $OUTFILE.pem
+    cat $TMPWORK/$NODE"_csr.pem"        > $OUTFILE.csr
+    cat $TMPWORK/$NODE.crt              > $OUTFILE.crt
   fi
 
   # Show cert fingerprint
-  openssl x509 -noout -in $WORK/$NODE.crt -fingerprint
+  openssl x509 -noout -in $TMPWORK/$NODE.crt -fingerprint
 
   echo "Done"
 }
@@ -136,19 +136,8 @@ elif [ ! -e "$KEYDIR" ]; then
   exit 1
 fi
 
-# Prepare
-mkdir -p $KEYDIR && chmod 700 $KEYDIR
-
-WORK="`keyringer_set_tmpfile genpair`"
-trap "keyringer_unset_tmpfile $WORK; exit" INT TERM EXIT
-
-WORK="`mktemp -d $KEYDIR/genpair.XXXXXX`"
-if [ "$?" != "0" ]; then
-  echo "Error setting up $WORK"
-  exit 1
-else
-  trap "rm -rf $WORK" EXIT
-fi
+# Set a tmp file
+keyringer_set_tmpfile genpair -d
 
 # Dispatch
 echo "Generating $KEYTYPE for $NODE..."
@@ -156,5 +145,5 @@ genpair_$KEYTYPE
 
 # Cleanup
 cd $CWD
-rm -rf $WORK
+rm -rf $TMPWORK
 trap - EXIT
-- 
cgit v1.2.3