tools/mail-signed-keys

   1 #!/bin/sh
   2 # Copyright (C) 2000, 2001 Free Software Foundation, Inc.
   3 #
   4 # This file is free software; as a special exception the author gives
   5 # unlimited permission to copy and/or distribute it, with or without
   6 # modifications, as long as this notice is preserved.
   7 #
   8 # This program is distributed in the hope that it will be useful, but
   9 # WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
  10 # implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  11
  12 # FIXME: Use only valid email addreses, extract only given keys
  13
  14 dryrun=0
  15 if [ "$1" = "--dry-run" ]; then
  16    dryrun=1
  17    shift
  18 fi
  19
  20 if [ -z "$1" -o -z "$2" -o -z "$3" ]; then
  21    echo "usage: mail-signed-keys keyring signedby signame" >&2
  22    exit 1
  23 fi
  24
  25 signame="$3"
  26
  27 if [ ! -f $1 ]; then
  28     echo "mail-signed-keys: '$1': no such file" >&2
  29     exit 1
  30 fi
  31
  32 [ -f '.#tdb.tmp' ] && rm '.#tdb.tmp'
  33 ro="--homedir . --no-options --trustdb-name=./.#tdb.tmp --dry-run --lock-never --no-default-keyring --keyring $1"
  34
  35 signedby=`gpg $ro --list-keys --with-colons $2 \
  36           2>/dev/null | awk -F: '$1=="pub" {print $5; exit 0}'`
  37
  38 if [ -z "$signedby" ]; then
  39     echo "mail-signed-keys: '$2': no such signator" >&2
  40     exit 1
  41 fi
  42
  43 if [ "$dryrun" = "0" ]; then
  44   echo "About to send the the keys signed by $signedby" >&2
  45   echo -n "to their owners.  Do you really want to do this? (y/N)" >&2
  46   read
  47   [ "$REPLY" != "y" -a "$REPLY" != "Y" ] && exit 0
  48 fi
  49
  50 gpg $ro --check-sigs --with-colons 2>/dev/null \
  51      | awk -F: -v signedby="$signedby" -v gpgopt="$ro" \
  52        -v dryrun="$dryrun" -v signame="$signame"  '
  53 BEGIN         { sendmail="/usr/lib/sendmail -oi -t " }
  54 $1 == "pub"   { nextkid=$5; nextuid=$10
  55                 if( uidcount > 0 ) { myflush() }
  56                 kid=nextkid; uid=nextuid; next
  57               }
  58 $1 == "uid"   { uid=$10 ; next }
  59 $1 == "sig" && $2 == "!" && $5 == signedby  { uids[uidcount++] = uid; next }
  60 END           {  if( uidcount > 0 ) { myflush() } }
  61
  62 function myflush()
  63 {
  64        if ( kid == signedby ) { uidcount=0; return }
  65        print "sending key " substr(kid,9) " to" | "cat >&2"
  66        for(i=0; i < 1; i++ ) {
  67            print "    " uids[i] | "cat >&2"
  68            if( dryrun == 0 ) {
  69               if( i == 0 ) {
  70                  printf "To: %s", uids[i]   | sendmail
  71               }
  72               else {
  73                  printf ",\n    %s", uids[i]   | sendmail
  74               }
  75            }
  76        }
  77        if(dryrun == 0) {
  78          printf "\n"                                        | sendmail
  79          print "Subject: I signed your key " substr(kid,9)  | sendmail
  80          print ""                                           | sendmail
  81          print "Hi,"                                        | sendmail
  82          print ""                                           | sendmail
  83          print "Here you get back the signed key."          | sendmail
  84          print "I already sent them to the keyservers."     | sendmail
  85          print ""                                           | sendmail
  86          print "Peace,"                                     | sendmail
  87          print "      " signame                             | sendmail
  88          print ""                                           | sendmail
  89          cmd = "gpg " gpgopt " --export -a " kid " 2>/dev/null"
  90          while( (cmd | getline) > 0 ) {
  91              print | sendmail
  92          }
  93          print ""                                           | sendmail
  94          close(cmd)
  95          close( sendmail )
  96        }
  97        uidcount=0
  98 }
  99 '
 100
 101
 102
 103
 104
 105
 106
 107
 108
 109
 110
 111
 112
 113
 114