profile.d/01gnupg: Remove spurious initial `%' from `email' address.

[distorted-keys] / keyfunc.sh.in

diff --git a/keyfunc.sh.in b/keyfunc.sh.in
index 952a09560b3e1de9d4ddb44688d22650ff4a4bc7..51cac57143e0ca24cb2789bf3f051b9b5f515c8d 100644 (file)
--- a/keyfunc.sh.in
+++ b/keyfunc.sh.in
@@ -154,8 +154,14 @@ check () {
 
   validp=t
   case "$thing" in
-    *"$nl"*) validp=nil ;;
-    *) if ! expr >/dev/null "Q$thing" : "Q$ckpat\$"; then validp=nil; fi ;;
+    *"$nl"*)
+      validp=nil
+      ;;
+    *)
+      if ! expr >/dev/null "Q$thing" : "\(Q$ckpat\)\$"; then
+      validp=nil
+      fi
+      ;;
   esac
   case $validp in
     nil) echo >&2 "$quis: bad $ckwhat \`$thing'"; exit 1 ;;
@@ -322,6 +328,7 @@ nubid () {
   ## to demonstrate the same idiocy as GNU mumblesum.
   set _ $({ echo "distorted-keys nubid"; cat -; } |
     openssl dgst -${kprop_nubid_hash-sha256})
+  if [ $# -gt 2 ]; then shift; fi
   echo $2
 }
 
@@ -424,13 +431,13 @@ c_genkey () {
   ## Create directory structure and start writing metadata.
   rm -rf "$kdir.new"
   mkdir -m755 -p "$kdir.new"
-  case "$knub" in */*) mkdir -m700 -p "${knub%/*}" ;; esac
+  case "$knub" in */*) mkdir -m755 -p "${knub%/*}" ;; esac
   cat >"$kdir.new/meta" <<EOF
 $profile
 EOF
 
   ## Generate the key.
-  umask=$(umask); umask 077; >"$knub.new"; umask $umask
+  (umask 077; makenub >"$knub.new")
   k_generate "$kdir.new" "$knub.new"
   $hook "$kdir.new" "$knub.new"
 
@@ -461,6 +468,7 @@ c_verify () { k_verify "$@"; }
 ## Stub implementations.
 notsupp () { op=$1; echo >&2 "$quis: operation \`$op' not supported"; }
 k_info () { :; }
+k_import () { :; }
 k_encrypt () { notsupp encrypt; }
 k_decrypt () { notsupp decrypt; }
 k_sign () { notsupp sign; }
@@ -610,21 +618,23 @@ stash () {
 }
 
 recover () {
-  recov=$1 label=$2
+  recov=$1 inst=$2 label=$3
   ## Recover a stashed secret, protected by RECOV and stored as LABEL, and
   ## write it to stdout.
   checkword "recovery key label" "$recov"
+  checkword "recovery instance" "$inst"
   checklabel "secret" "$label"
 
-  rdir=$KEYS/recov/$recov/current
+  rdir=$KEYS/recov/$recov/$inst
   if [ ! -f $rdir/$label.recov ]; then
-    echo >&2 "$quis: no blob for \`$label' under recovery key \`$recov'"
+    echo >&2 "$quis: recovery key \`$recov/$inst' has no blob for \`$label'"
     exit 1
   fi
   reqsafe
-  nub=$SAFE/keys.reveal/$recov.current/nub
+  tag=$recov.$inst
+  nub=$SAFE/keys.reveal/$tag/nub
   if [ ! -f $nub ]; then
-    echo >&2 "$quis: current recovery key \`$recov' not revealed"
+    echo >&2 "$quis: recovery key \`$recov/$inst' not revealed"
     exit 1;
   fi
   mktmp
@@ -660,7 +670,7 @@ usage_err () { usage >&2; exit 1; }
 ### Subcommand handling.
 
 version () {
-  echo "$PACKAGE version $VERSION"
+  echo "$quis, $PACKAGE version $VERSION"
 }
 
 unset cmdargs
@@ -716,6 +726,7 @@ $cmds
 EOF
        case $foundp in
          t)
+           usage; echo
            eval help=\$help_$cmdname; echo "$help"
            ;;
          nil)