X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/ca3aaaeb369633cd65c8cc29dde88daff2c38e8c..76a24ae6cece0604e3155b628622a4b425cb77f3:/keys/tripe-keys.in diff --git a/keys/tripe-keys.in b/keys/tripe-keys.in index 6e947e52..2be5e2dd 100644 --- a/keys/tripe-keys.in +++ b/keys/tripe-keys.in @@ -59,6 +59,12 @@ rx_nonalpha = RX.compile(r'\W') ## Match the literal string "". rx_seq = RX.compile(r'\') +## Match a shell metacharacter. +rx_shmeta = RX.compile('[\\s`!"#$&*()\\[\\];\'|<>?\\\\]') + +## Match a character which needs escaping in a shell double-quoted string. +rx_shquote = RX.compile(r'["`$\\]') + ###-------------------------------------------------------------------------- ### Utility functions. @@ -97,6 +103,20 @@ def subst(s, rx, map): out.write(s[i:]) return out.getvalue() +def shell_quotify(arg): + """ + Quotify ARG to keep the shell happy. + + This isn't actually used for invoking commands, just for presentation + purposes; but correctness is still nice. + """ + if not rx_shmeta.search(arg): + return arg + elif arg.find("'") == -1: + return "'%s'" % arg + else: + return '"%s"' % rx_shquote.sub(lambda m: '\\' + m.group(0), arg) + def rmtree(path): """Delete the directory tree given by PATH.""" try: @@ -142,7 +162,7 @@ def run(args): else: nargs += a[1:].split() args = nargs - print '+ %s' % ' '.join(args) + print '+ %s' % ' '.join([shell_quotify(arg) for arg in args]) SYS.stdout.flush() rc = OS.spawnvp(OS.P_WAIT, args[0], args) if rc != 0: @@ -343,8 +363,8 @@ def cmd_setup(args): OS.mkdir('repos') run('''key -krepos/param add -a${kx}-param !${kx-param} - -eforever -tparam tripe-${kx}-param - cipher=${cipher} hash=${hash} mac=${mac} mgf=${mgf}''') + -eforever -tparam tripe-param + kx-group=${kx} cipher=${cipher} hash=${hash} mac=${mac} mgf=${mgf}''') cmd_newmaster(args) ###-------------------------------------------------------------------------- @@ -456,7 +476,7 @@ def cmd_generate(args): keyring_pub = 'peer-%s.pub' % tag zap('keyring'); zap(keyring_pub) run('key -kkeyring merge repos/param') - run('key -kkeyring add -a${kx} -pparam -e${kx-expire} -t%s tripe-${kx}' % + run('key -kkeyring add -a${kx} -pparam -e${kx-expire} -t%s tripe' % tag) run('key -kkeyring extract -f-secret %s %s' % (keyring_pub, tag))