X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/distorted-keys/blobdiff_plain/5c30c6e62b52a66d5c5f33a6adb81bb882e88339..f012ad83100add4822bfa4e7017673beae6ebf17:/keyfunc.sh.in?ds=sidebyside diff --git a/keyfunc.sh.in b/keyfunc.sh.in index 44117e9..b55bd99 100644 --- a/keyfunc.sh.in +++ b/keyfunc.sh.in @@ -28,13 +28,26 @@ quis=${0##*/} ###-------------------------------------------------------------------------- ### Configuration variables. +## Automatically configured pathnames. PACKAGE="@PACKAGE@" VERSION="@VERSION@" bindir="@bindir@" +## Read user configuration. if [ -f $ETC/keys.conf ]; then . $ETC/keys.conf; fi +## Maybe turn on debugging. case "${KEYS_DEBUG+t}" in t) set -x ;; esac +## Fake up caller credentials if not called via userv. +case "${USERV_USER+t}" in + t) ;; + *) USERV_USER=${LOGNAME-${USER-$(id -un)}} USERV_UID=$(id -u) ;; +esac +case "${USERV_GROUP+t}" in + t) ;; + *) USERV_GROUP=$(id -Gn) USERV_GID=$(id -gn) ;; +esac + ###-------------------------------------------------------------------------- ### Cleanup handling. @@ -131,7 +144,7 @@ check () { validp=t case "$thing" in *"$nl"*) validp=nil ;; - *) if ! expr >/dev/null "$thing" : "$ckpat\$"; then validp=nil; fi ;; + *) if ! expr >/dev/null "Q$thing" : "Q$ckpat\$"; then validp=nil; fi ;; esac case $validp in nil) echo >&2 "$quis: bad $ckwhat \`$thing'"; exit 1 ;; @@ -140,10 +153,13 @@ check () { ## Regular expressions for validating input. R_IDENTCHARS="A-Za-z0-9_" -R_WORDCHARS="-$R_IDENTCHARS!%@+=" +R_GOODPUNCT="!%@+=" +R_WORDCHARS="-$R_IDENTCHARS$R_GOODPUNCT" R_IDENT="[$R_IDENTCHARS][$R_IDENTCHARS]*" R_WORD="[$R_WORDCHARS][$R_WORDCHARS]*" +R_ACLCHARS="][$R_IDENTCHARS$R_GOODPUNCT*?:.#" R_WORDSEQ="[$R_WORDCHARS[:space:]][$R_WORDCHARS[:space:]]*" +R_ACL="[$R_ACLCHARS[:space:]-][$R_ACLCHARS[:space:]-]*" R_NUMERIC='\(\([1-9][0-9]*\)\{0,1\}0\{0,1\}\)' R_LABEL="\($R_WORD\(/$R_WORD\)*\)" R_LINE=".*" @@ -228,6 +244,11 @@ random t $R_WORD nub_hash t $R_WORD nubid_hash t $R_WORD nub_random_bytes t $R_NUMERIC +acl_encrypt t $R_ACL +acl_decrypt t $R_ACL +acl_sign t $R_ACL +acl_verify t $R_ACL +acl_info t $R_ACL EOF readprops () { @@ -326,9 +347,10 @@ subst () { } read_profile () { - profile=$1 + owner=$1 profile=$2 ## Read property settings from a profile. The PROFILE name has the form - ## [USER:]LABEL. Properties are set using `setprops' with prefix `kprop_'. + ## [USER:]LABEL; USER defaults to OWNER. Properties are set using + ## `setprops' with prefix `kprop_'. reqtmp case "$profile" in @@ -336,7 +358,7 @@ read_profile () { label=${profile#:} uservp=nil ;; *) - user=$USERV_USER label=$profile uservp=t + user=$kowner label=$profile uservp=t ;; *:*) user=${profile%%:*} label=${profile#*:} uservp=t @@ -423,16 +445,18 @@ k_verify () { notsupp verify; } prepare () { key=$1 op=$2 ## Prepare for a crypto operation OP, using the KEY. This validates the - ## key label, reads the profile, and checks the access-control list. + ## key label, reads the profile, and checks the access-control list. If OP + ## is `-' then allow the operation unconditionally. ## Find the key properties. parse_keylabel "$key" if [ ! -d $kdir ]; then echo >&2 "$quis: unknown key \`$key'"; exit 1; fi readmeta $kdir - read_profile "$profile" + read_profile $kowner "$profile" ## Check whether we're allowed to do this thing. This is annoyingly ## fiddly. + case $op in -) return ;; esac eval acl=\${kprop_acl_$op-!owner} verdict=forbid while :; do