From: Mark Wooding <mdw@distorted.org.uk>
Date: Tue, 18 Sep 2012 19:32:05 +0000 (+0100)
Subject: Remove `--force' from keys.new-keeper; introduce explicit delete command.
X-Git-Tag: 0.99.2~15
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/distorted-keys/commitdiff_plain/865fc4a1c4add30fbf1b6ab9569682d82e8da7c9

Remove `--force' from keys.new-keeper; introduce explicit delete command.

Deleting keepers is fiddly and involves handling recovery blobs
carefully.  Therefore don't do this in the middle of keeper creation;
rather, have a separate command and make a proper performance of this
hopefully unusual operaton.
---

diff --git a/Makefile.am b/Makefile.am
index 9948953..48251c8 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -104,6 +104,7 @@ keyfunc.sh: keyfunc.sh.in Makefile
 
 ## Commands.
 dist_pkglib_SCRIPTS	+= keys.conceal
+dist_pkglib_SCRIPTS	+= keys.delete-keeper
 dist_pkglib_SCRIPTS	+= keys.keeper-cards
 dist_pkglib_SCRIPTS	+= keys.keeper-nub
 dist_pkglib_SCRIPTS	+= keys.list-keepers
diff --git a/keys.delete-keeper b/keys.delete-keeper
new file mode 100644
index 0000000..1e3f3ec
--- /dev/null
+++ b/keys.delete-keeper
@@ -0,0 +1,95 @@
+#! /bin/sh
+###
+### Delete a keeper set
+###
+### (c) 2012 Mark Wooding
+###
+
+###----- Licensing notice ---------------------------------------------------
+###
+### This file is part of the distorted.org.uk key management suite.
+###
+### distorted-keys is free software; you can redistribute it and/or modify
+### it under the terms of the GNU General Public License as published by
+### the Free Software Foundation; either version 2 of the License, or
+### (at your option) any later version.
+###
+### distorted-keys is distributed in the hope that it will be useful,
+### but WITHOUT ANY WARRANTY; without even the implied warranty of
+### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+### GNU General Public License for more details.
+###
+### You should have received a copy of the GNU General Public License
+### along with distorted-keys; if not, write to the Free Software Foundation,
+### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+set -e
+case "${KEYSLIB+t}" in t) ;; *) echo >&2 "$0: KEYSLIB unset"; exit 1 ;; esac
+. "$KEYSLIB"/keyfunc.sh
+
+defhelp <<HELP
+KEEPER
+Delete the keeper set named KEEPER.
+HELP
+
+case $# in 1) ;; *) usage_err ;; esac
+keeper=$1
+checkword "keeper set label" "$keeper"
+
+cd $KEYS/keeper
+if [ ! -d $keeper ]; then
+  echo >&2 "$quis: unknown keeper set \`$keeper'"
+  exit 1
+fi
+
+unset deps
+if [ -d $KEYS/recov ]; then
+  cd $KEYS/recov
+  for r in $(find . -type l -name current -print); do
+    r=${r#./}; r=${r%/current}
+    if ! expr >/dev/null "Q$r" : "Q$R_LABEL"; then continue; fi
+    for ri in $r/*; do
+      i=${ri##*/}
+      case "$i" in *[!0-9]*) continue ;; esac
+      this=nil others=nil
+      for kp in $r/current/*.param; do
+	k=${kp##*/}; k=${k%.param}
+	case $k in $keeper) this=t ;; *) others=t ;; esac
+      done
+      case $this,$others in t,nil) deps="$deps $ri" ;; esac
+    done
+  done
+fi
+case "${deps+t}" in
+  t)
+    echo >&2 "$quis: deleting keeper \`$keeper' would orphan recovery keys:"
+    for d in $deps; do echo 2>&1 "	$d"; done
+    exit 1
+    ;;
+esac
+
+if [ -d $KEYS/recov ]; then
+  cd $KEYS/recov
+  for r in $(find . -type l -name current -print); do
+    r=${r#./}; r=${r%/current}
+    if ! expr >/dev/null "Q$r" : "Q$R_LABEL"; then continue; fi
+    for ri in $i/*; do
+      i=${ri##*/}
+      case "$i" in *[!0-9]*) continue ;; esac
+      rm -f $ri/$keeper.*
+    done
+    changep=nil
+    while read k rest; do
+      case $k in $keeper) changep=t ;; *) echo "$k $rest" ;; esac
+    done <$r/keepers >$r/keepers.new
+    case $changep in
+      t) mv $r/keepers.new $r/keepers ;;
+      nil) rm $r/keepers.new ;;
+    esac
+  done
+fi
+
+cd $KEYS/keeper
+rm -r $keeper
+
+###----- That's all, folks --------------------------------------------------
diff --git a/keys.new-keeper b/keys.new-keeper
index 69b18a0..78e792d 100755
--- a/keys.new-keeper
+++ b/keys.new-keeper
@@ -38,9 +38,8 @@ HELP
 ## Parse the command line.
 force=nil
 profile=${keeper_profile-keeper}
-while getopts "fp:" opt; do
+while getopts "p:" opt; do
   case "$opt" in
-    f) force=t ;;
     p) profile=$OPTARG ;;
     *) usage_err ;;
   esac
@@ -54,22 +53,14 @@ checkword "profile label" "$profile"
 
 ## Preflight checking.
 reqsafe
-case $force in
-  nil)
-    if [ -e $KEYS/keeper/$keeper ]; then
-      echo >&2 "$quis: keeper set \`$keeper' already exists"
-      exit 1
-    fi
-    if [ -e $SAFE/keys.keeper/$keeper ]; then
-      echo >&2 "$quis: destination \`$keeper' already exists"
-      exit 1
-    fi
-    ;;
-  t)
-    rm -rf $KEYS/keeper/$keeper
-    rm -rf $SAFE/keys.keeper/$keeper/
-    ;;
-esac
+if [ -e $KEYS/keeper/$keeper ]; then
+  echo >&2 "$quis: keeper set \`$keeper' already exists"
+  exit 1
+fi
+if [ -e $SAFE/keys.keeper/$keeper ]; then
+  echo >&2 "$quis: destination \`$keeper' already exists"
+  exit 1
+fi
 
 ## Generate the private keys, one per file, and compute the public keys.
 mktmp