X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fmonkeysphere;h=cd7719345caefedbc9068327d809d6908d2941df;hb=8ec4e9b0a4a58aece8e5034324971ab40b25fa12;hp=cb6c06c1907ac384a9450189bd2b82381f100994;hpb=de3031b28bbccd2cb47a9029e69064330ee137e8;p=monkeysphere.git diff --git a/src/monkeysphere b/src/monkeysphere index cb6c06c..cd77193 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -90,24 +90,22 @@ gen_subkey(){ done keyID="$1" - - gpgOut=$(gpg --quiet --fixed-list-mode --list-keys --with-colons \ - "$keyID" 2> /dev/null) - - # fail if there only "tru" lines are output from gpg, which - # indicates the key was not found. - if [ -z "$(echo "$gpgOut" | grep -v '^tru:')" ] ; then - failure "Key ID '$keyID' not found." + if [ -z "$keyID" ] ; then + failure "You must specify the key ID of your primary key." fi - # fail if multiple pub lines are returned, which means the id given - # is not unique - if [ $(echo "$gpgOut" | grep '^pub:' | wc -l) -gt '1' ] ; then + # get key output, and fail if not found + gpgOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons \ + "$keyID") || failure + + # fail if multiple sec lines are returned, which means the id + # given is not unique + if [ $(echo "$gpgOut" | grep '^sec:' | wc -l) -gt '1' ] ; then failure "Key ID '$keyID' is not unique." fi # prompt if an authentication subkey already exists - if echo "$gpgOut" | egrep "^(pub|sub):" | cut -d: -f 12 | grep -q a ; then + if echo "$gpgOut" | egrep "^(sec|ssb):" | cut -d: -f 12 | grep -q a ; then echo "An authentication subkey already exists for key '$keyID'." read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} if [ "${OK/y/Y}" != 'Y' ] ; then @@ -205,8 +203,9 @@ case $COMMAND in 'update-known_hosts'|'update-known-hosts'|'k') MODE='known_hosts' + # check permissions on the known_hosts file path if ! check_key_file_permissions "$USER" "$KNOWN_HOSTS" ; then - failure "Improper permissions on known_hosts file." + failure "Improper permissions on known_hosts file path." fi # if hosts are specified on the command line, process just @@ -218,8 +217,10 @@ case $COMMAND in # otherwise, if no hosts are specified, process every host # in the user's known_hosts file else - if [ ! -s "$KNOWN_HOSTS" ] ; then - failure "known_hosts file '$KNOWN_HOSTS' is empty or does not exist." + # exit if the known_hosts file does not exist + if [ ! -e "$KNOWN_HOSTS" ] ; then + log "known_hosts file '$KNOWN_HOSTS' does not exist." + exit fi process_known_hosts @@ -230,13 +231,20 @@ case $COMMAND in 'update-authorized_keys'|'update-authorized-keys'|'a') MODE='authorized_keys' - # fail if the authorized_user_ids file is empty - if [ ! -s "$AUTHORIZED_USER_IDS" ] ; then - failure "authorized_user_ids file '$AUTHORIZED_USER_IDS' is empty or does not exist." + # check permissions on the authorized_user_ids file path + if ! check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" ; then + failure "Improper permissions on authorized_user_ids file path." + fi + + # check permissions on the authorized_keys file path + if ! check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" ; then + failure "Improper permissions on authorized_keys file path." fi - if ! check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" ; then - failure "Improper permissions on authorized_user_ids file." + # exit if the authorized_user_ids file is empty + if [ ! -e "$AUTHORIZED_USER_IDS" ] ; then + log "authorized_user_ids file '$AUTHORIZED_USER_IDS' does not exist." + exit fi # process authorized_user_ids file @@ -245,11 +253,7 @@ case $COMMAND in ;; 'gen-subkey'|'g') - keyID="$1" - if [ -z "$keyID" ] ; then - failure "You must specify the key ID of your primary key." - fi - gen_subkey "$keyID" + gen_subkey "$@" ;; 'help'|'h'|'?')