X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/distorted-keys/blobdiff_plain/53263601059e92d94b931e5444a0b53f7ea7027f..599c8f754492a6555503fedb8a2662ec229fb8e8:/new-recov

diff --git a/new-recov b/new-recov
index e4981f0..d221764 100755
--- a/new-recov
+++ b/new-recov
@@ -7,18 +7,20 @@
 
 ###----- Licensing notice ---------------------------------------------------
 ###
-### This program is free software; you can redistribute it and/or modify
+### This file is part of the distorted.org.uk key management suite.
+###
+### distorted-keys is free software; you can redistribute it and/or modify
 ### it under the terms of the GNU General Public License as published by
 ### the Free Software Foundation; either version 2 of the License, or
 ### (at your option) any later version.
 ###
-### This program is distributed in the hope that it will be useful,
+### distorted-keys is distributed in the hope that it will be useful,
 ### but WITHOUT ANY WARRANTY; without even the implied warranty of
 ### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 ### GNU General Public License for more details.
 ###
 ### You should have received a copy of the GNU General Public License
-### along with this program; if not, write to the Free Software Foundation,
+### along with distorted-keys; if not, write to the Free Software Foundation,
 ### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 
 set -e
@@ -100,27 +102,32 @@ if [ ! -d $rdir/current ]; then
   seq=0
 else
   seq=$(readlink $rdir/current)
-  mem=$(userv root claim-mem-dir)
-  reveal=$mem/keys.reveal.$recov.current/secret
+  mem=$(userv root claim-mem-dir </dev/null)
+  reveal=$mem/keys.reveal/$recov.current/secret
   if [ ! -f $reveal ]; then
     echo >&2 "$quis: current $recov key not revealed"
     exit 1
   fi
-  find $rdir/current -type f -name '*.recov' -print | while read name; do
+
+  find $rdir/current/ -type f -name '*.recov' -print | while read name; do
     name=${name#$rdir/current/}
     case "$name" in */*) mkdir -p -m755 $rdir/new/${name%/*} ;; esac
     ec_decrypt $reveal -i$rdir/current/$name |
       ec_encrypt $rdir/new/pub -o$rdir/new/$name
   done
+  rm -r $mem/keys.reveal/$recov.current
 fi
 
-## Tidy up and commit.
+## Tidy up and commit.  Repointing the symlink is grim because, according to
+## POSIX rules, `mv foo bar' should rename `foo' to `bar/foo' is `bar' is a
+## symlink to a directory -- and there's no way of turning this behaviour
+## off.  The subterfuge here is due to Colin Watson.
 cd $rdir
 while [ -d $seq ]; do seq=$(( seq + 1 )); done
 case $kparam in *.new) mv keepers.new keepers ;; esac
 rm -f next
 ln -s $seq next
 mv new $seq
-mv next current
+mkdir hack; mv next hack/current; mv hack/current .; rmdir hack
 
 ###----- That's all, folks --------------------------------------------------