X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fcommon;h=48739d92d8639056c59295cf6fba0585df162eec;hb=c34410402a7e49030666553c731c267e14e9a508;hp=c70ba64593994959667bdaf23e1bfb0b79ab5db0;hpb=fccf552603e35a3b7419d0d6925c03ab24576ee9;p=monkeysphere.git diff --git a/src/common b/src/common index c70ba64..48739d9 100644 --- a/src/common +++ b/src/common @@ -91,6 +91,97 @@ cutline() { head --line="$1" "$2" | tail -1 } +# this is a wrapper for doing lock functions. +# +# it lets us depend on either lockfile-progs (preferred) or procmail's +# lockfile, and should +lock() { + local use_lockfileprogs=true + local action="$1" + local file="$2" + + if ! ( which lockfile-create >/dev/null 2>/dev/null ) ; then + if ! ( which lockfile >/dev/null ); then + failure "Neither lockfile-create nor lockfile are in the path!" + fi + use_lockfileprogs= + fi + + case "$action" in + create) + if [ -n "$use_lockfileprogs" ] ; then + lockfile-create "$file" || failure "unable to lock '$file'" + else + lockfile -r 20 "${file}.lock" || failure "unable to lock '$file'" + fi + ;; + touch) + if [ -n "$use_lockfileprogs" ] ; then + lockfile-touch --oneshot "$file" + else + : Nothing to do here + fi + ;; + remove) + if [ -n "$use_lockfileprogs" ] ; then + lockfile-remove "$file" + else + rm -f "${file}.lock" + fi + ;; + *) + failure "bad argument for lock subfunction '$action'" + esac +} + + +# for portability, between gnu date and BSD date. +# arguments should be: number longunits format + +# e.g. advance_date 20 seconds +%F +advance_date() { + local gnutry + local number="$1" + local longunits="$2" + local format="$3" + local shortunits + + # try things the GNU way first + if date -d "$number $longunits" "$format" >&/dev/null ; then + date -d "$number $longunits" "$format" + else + # otherwise, convert to (a limited version of) BSD date syntax: + case "$longunits" in + years) + shortunits=y + ;; + months) + shortunits=m + ;; + weeks) + shortunits=w + ;; + days) + shortunits=d + ;; + hours) + shortunits=H + ;; + minutes) + shortunits=M + ;; + seconds) + shortunits=S + ;; + *) + # this is a longshot, and will likely fail; oh well. + shortunits="$longunits" + esac + date "-v+${number}${shortunits}" "$format" + fi +} + + # check that characters are in a string (in an AND fashion). # used for checking key capability # check_capability capability a [b...] @@ -222,6 +313,7 @@ vnQCFl3+QFSe4zinqykHnLwGPMXv428d/ZjkIc2ju8dRsn4= remove_line() { local file local string + local tempfile file="$1" string="$2" @@ -236,8 +328,13 @@ remove_line() { # if the string is in the file... if grep -q -F "$string" "$file" 2> /dev/null ; then + tempfile=$(mktemp "${file}.XXXXXXX") || \ + failure "Unable to make temp file '${file}.XXXXXXX'" + # remove the line with the string, and return 0 - grep -v -F "$string" "$file" | sponge "$file" + grep -v -F "$string" "$file" >"$tempfile" + cat "$tempfile" > "$file" + rm "$tempfile" return 0 # otherwise return 1 else @@ -248,6 +345,7 @@ remove_line() { # remove all lines with MonkeySphere strings in file remove_monkeysphere_lines() { local file + local tempfile file="$1" @@ -259,8 +357,13 @@ remove_monkeysphere_lines() { return 1 fi + tempfile=$(mktemp "${file}.XXXXXXX") || \ + failure "Could not make temporary file '${file}.XXXXXXX'." + egrep -v '^MonkeySphere[[:digit:]]{4}(-[[:digit:]]{2}){2}T[[:digit:]]{2}(:[[:digit:]]{2}){2}$' \ - "$file" | sponge "$file" + "$file" >"$tempfile" + cat "$tempfile" > "$file" + rm "$tempfile" } # translate ssh-style path variables %h and %u @@ -413,7 +516,7 @@ gpg_fetch_userid() { userID="$1" - log verbose " checking keyserver $KEYSERVER... " + log info " checking keyserver $KEYSERVER... " echo 1,2,3,4,5 | \ gpg --quiet --batch --with-colons \ --command-fd 0 --keyserver "$KEYSERVER" \ @@ -671,7 +774,7 @@ process_host_known_hosts() { if [ "$HASH_KNOWN_HOSTS" = 'true' ] ; then # FIXME: this is really hackish cause ssh-keygen won't # hash from stdin to stdout - tmpfile=$(mktemp) + tmpfile=$(mktemp ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) ssh2known_hosts "$host" "$sshKey" > "$tmpfile" ssh-keygen -H -f "$tmpfile" 2> /dev/null cat "$tmpfile" >> "$KNOWN_HOSTS" @@ -712,11 +815,10 @@ update_known_hosts() { nHostsOK=0 nHostsBAD=0 - # set the trap to remove any lockfiles on exit - trap "lockfile-remove $KNOWN_HOSTS" EXIT - - # create a lockfile on known_hosts - lockfile-create "$KNOWN_HOSTS" + # create a lockfile on known_hosts: + lock create "$KNOWN_HOSTS" + # FIXME: we're discarding any pre-existing EXIT trap; is this bad? + trap "lock remove $KNOWN_HOSTS" EXIT # note pre update file checksum fileCheck="$(file_hash "$KNOWN_HOSTS")" @@ -735,11 +837,12 @@ update_known_hosts() { esac # touch the lockfile, for good measure. - lockfile-touch --oneshot "$KNOWN_HOSTS" + lock touch "$KNOWN_HOSTS" done - # remove the lockfile - lockfile-remove "$KNOWN_HOSTS" + # remove the lockfile and the trap + lock remove "$KNOWN_HOSTS" + trap - EXIT # note if the known_hosts file was updated if [ "$(file_hash "$KNOWN_HOSTS")" != "$fileCheck" ] ; then @@ -850,11 +953,10 @@ update_authorized_keys() { nIDsOK=0 nIDsBAD=0 - # set the trap to remove any lockfiles on exit - trap "lockfile-remove $AUTHORIZED_KEYS" EXIT - # create a lockfile on authorized_keys - lockfile-create "$AUTHORIZED_KEYS" + lock create "$AUTHORIZED_KEYS" + # FIXME: we're discarding any pre-existing EXIT trap; is this bad? + trap "lock remove $AUTHORIZED_KEYS" EXIT # note pre update file checksum fileCheck="$(file_hash "$AUTHORIZED_KEYS")" @@ -878,11 +980,12 @@ update_authorized_keys() { esac # touch the lockfile, for good measure. - lockfile-touch --oneshot "$AUTHORIZED_KEYS" + lock touch "$AUTHORIZED_KEYS" done - # remove the lockfile - lockfile-remove "$AUTHORIZED_KEYS" + # remove the lockfile and the trap + lock remove "$AUTHORIZED_KEYS" + trap - EXIT # note if the authorized_keys file was updated if [ "$(file_hash "$AUTHORIZED_KEYS")" != "$fileCheck" ] ; then