more progress. recovery seems to be working now.

[distorted-keys] / new-recov

diff --git a/new-recov b/new-recov
index e4981f0fc9fee70ef4da03c234fb758ffc7cfb07..d221764bd3e21775ab33f6a4949697ac322d122c 100755 (executable)
--- a/new-recov
+++ b/new-recov
@@ -7,18 +7,20 @@
 
 ###----- Licensing notice ---------------------------------------------------
 ###
 
 ###----- Licensing notice ---------------------------------------------------
 ###

-### This program is free software; you can redistribute it and/or modify
+### This file is part of the distorted.org.uk key management suite.
+###
+### distorted-keys is free software; you can redistribute it and/or modify

 ### it under the terms of the GNU General Public License as published by
 ### the Free Software Foundation; either version 2 of the License, or
 ### (at your option) any later version.
 ###
 ### it under the terms of the GNU General Public License as published by
 ### the Free Software Foundation; either version 2 of the License, or
 ### (at your option) any later version.
 ###

-### This program is distributed in the hope that it will be useful,
+### distorted-keys is distributed in the hope that it will be useful,

 ### but WITHOUT ANY WARRANTY; without even the implied warranty of
 ### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 ### GNU General Public License for more details.
 ###
 ### You should have received a copy of the GNU General Public License
 ### but WITHOUT ANY WARRANTY; without even the implied warranty of
 ### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 ### GNU General Public License for more details.
 ###
 ### You should have received a copy of the GNU General Public License

-### along with this program; if not, write to the Free Software Foundation,
+### along with distorted-keys; if not, write to the Free Software Foundation,

 ### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 
 set -e
 ### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 
 set -e


@@ -100,27 +102,32 @@ if [ ! -d $rdir/current ]; then
   seq=0
 else
   seq=$(readlink $rdir/current)
   seq=0
 else
   seq=$(readlink $rdir/current)

-  mem=$(userv root claim-mem-dir)
-  reveal=$mem/keys.reveal.$recov.current/secret
+  mem=$(userv root claim-mem-dir </dev/null)
+  reveal=$mem/keys.reveal/$recov.current/secret

   if [ ! -f $reveal ]; then
     echo >&2 "$quis: current $recov key not revealed"
     exit 1
   fi
   if [ ! -f $reveal ]; then
     echo >&2 "$quis: current $recov key not revealed"
     exit 1
   fi

-  find $rdir/current -type f -name '*.recov' -print | while read name; do
+
+  find $rdir/current/ -type f -name '*.recov' -print | while read name; do

     name=${name#$rdir/current/}
     case "$name" in */*) mkdir -p -m755 $rdir/new/${name%/*} ;; esac
     ec_decrypt $reveal -i$rdir/current/$name |
       ec_encrypt $rdir/new/pub -o$rdir/new/$name
   done
     name=${name#$rdir/current/}
     case "$name" in */*) mkdir -p -m755 $rdir/new/${name%/*} ;; esac
     ec_decrypt $reveal -i$rdir/current/$name |
       ec_encrypt $rdir/new/pub -o$rdir/new/$name
   done

+  rm -r $mem/keys.reveal/$recov.current

 fi
 
 fi
 

-## Tidy up and commit.
+## Tidy up and commit.  Repointing the symlink is grim because, according to
+## POSIX rules, `mv foo bar' should rename `foo' to `bar/foo' is `bar' is a
+## symlink to a directory -- and there's no way of turning this behaviour
+## off.  The subterfuge here is due to Colin Watson.

 cd $rdir
 while [ -d $seq ]; do seq=$(( seq + 1 )); done
 case $kparam in *.new) mv keepers.new keepers ;; esac
 rm -f next
 ln -s $seq next
 mv new $seq
 cd $rdir
 while [ -d $seq ]; do seq=$(( seq + 1 )); done
 case $kparam in *.new) mv keepers.new keepers ;; esac
 rm -f next
 ln -s $seq next
 mv new $seq

-mv next current
+mkdir hack; mv next hack/current; mv hack/current .; rmdir hack

 
 ###----- That's all, folks --------------------------------------------------
 
 ###----- That's all, folks --------------------------------------------------