free
/
freedombone
關註 1
收藏 0
複製 0
程式碼 問題管理 0 合併請求 0 版本發佈 0 Wiki Activity
瀏覽代碼

Tidying

Bob Mottram 7 年之前
父節點
e77cb551ea
當前提交
8c947cd18d
共有 2 個文件被更改,包括 79 次插入27 次删除
分割檢視 顯示文件統計
  1. 9
    27
      src/freedombone-base-email
  2. 70
    0
      src/freedombone-utils-gpg

+ 9
- 27
src/freedombone-base-email 查看文件 

@@ -13,7 +13,7 @@
13 13 
 # License
14 14 
 # =======
15 15 
 #
16 
-# Copyright (C) 2014-2016 Bob Mottram <bob@freedombone.net>
16 
+# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
17 17 
 #
18 18 
 # This program is free software: you can redistribute it and/or modify
19 19 
 # it under the terms of the GNU Affero General Public License as published by
 
@@ -1576,12 +1576,15 @@ function configure_gpg {
1576 1576 
             echo $"GPG public key file $MY_GPG_PUBLIC_KEY was not found"
1577 1577 
             exit 2483
1578 1578 
         fi
1579 
+
1579 1580 
         if [ ! -f $MY_GPG_PRIVATE_KEY ]; then
1580 1581 
             echo $"GPG private key file $MY_GPG_PRIVATE_KEY was not found"
1581 1582 
             exit 5383
1582 1583 
         fi
1583 
-        su -c "gpg --import $MY_GPG_PUBLIC_KEY" - $MY_USERNAME
1584 
-        su -c "gpg --allow-secret-key-import --import $MY_GPG_PRIVATE_KEY" - $MY_USERNAME
1584 
+
1585 
+        gpg_import_public_key $MY_USERNAME $MY_GPG_PUBLIC_KEY
1586 
+        gpg_import_private_key $MY_USERNAME $MY_GPG_PRIVATE_KEY
1587 
+
1585 1588 
         KEY_EXISTS=$(gpg_key_exists "$MY_USERNAME" "$MY_EMAIL_ADDRESS")
1586 1589 
         if [[ $KEY_EXISTS == "no" ]]; then
1587 1590 
             echo $"The GPG key for $MY_EMAIL_ADDRESS could not be imported"
 
@@ -1596,35 +1599,14 @@ function configure_gpg {
1596 1599 
         fi
1597 1600 
     else
1598 1601 
         # Generate a GPG key
1599 
-        echo 'Key-Type: eddsa' > /home/$MY_USERNAME/gpg-genkey.conf
1600 
-        echo 'Key-Curve: Ed25519' >> /home/$MY_USERNAME/gpg-genkey.conf
1601 
-        echo 'Subkey-Type: eddsa' >> /home/$MY_USERNAME/gpg-genkey.conf
1602 
-        echo 'Subkey-Curve: Ed25519' >> /home/$MY_USERNAME/gpg-genkey.conf
1603 
-        echo "Name-Real:  $MY_NAME" >> /home/$MY_USERNAME/gpg-genkey.conf
1604 
-        echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/gpg-genkey.conf
1605 
-        echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf
1606 
-        cat /home/$MY_USERNAME/gpg-genkey.conf
1607 1602 
         if [ -f $IMAGE_PASSWORD_FILE ]; then
1608 
-            echo "Passphrase: $(printf `cat $IMAGE_PASSWORD_FILE`)" >> /home/$MY_USERNAME/gpg-genkey.conf
1603 
+            gpg_create_key $MY_USERNAME $(printf `cat $IMAGE_PASSWORD_FILE`)
1609 1604 
         else
1610 
-            echo "Passphrase: $PROJECT_NAME" >> /home/$MY_USERNAME/gpg-genkey.conf
1605 
+            gpg_create_key $MY_USERNAME $PROJECT_NAME
1611 1606 
         fi
1612 
-        chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf
1613 
-        echo $'Generating a new GPG key'
1614 
-        su -m root -c "gpg --homedir /home/$MY_USERNAME/.gnupg --batch --full-gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME
1615 
-        chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
1616 
-        KEY_EXISTS=$(gpg_key_exists "$MY_USERNAME" "$MY_EMAIL_ADDRESS")
1617 
-        if [[ $KEY_EXISTS == "no" ]]; then
1618 
-            echo $"A GPG key for $MY_EMAIL_ADDRESS could not be created"
1619 
-            exit 6362
1620 
-        fi
1621 
-        shred -zu /home/$MY_USERNAME/gpg-genkey.conf
1622 1607 
         MY_GPG_PUBLIC_KEY_ID=$(gpg_pubkey_from_email "$MY_USERNAME" "$MY_EMAIL_ADDRESS")
1623 
-        if [ ${#MY_GPG_PUBLIC_KEY_ID} -lt 4 ]; then
1624 
-            echo $'GPG public key ID could not be obtained'
1625 
-        fi
1626 1608 
         MY_GPG_PUBLIC_KEY=/tmp/public_key.gpg
1627 
-        su -m root -c "gpg --homedir /home/$MY_USERNAME/.gnupg --output $MY_GPG_PUBLIC_KEY --armor --export $MY_GPG_PUBLIC_KEY_ID" - $MY_USERNAME
1609 
+        gpg_export_public_key $MY_USERNAME $MY_GPG_PUBLIC_KEY_ID $MY_GPG_PUBLIC_KEY
1628 1610 
     fi
1629 1611
1630 1612 
     if [ ! -d /root/.gnupg ]; then

+ 70
- 0
src/freedombone-utils-gpg 查看文件 

@@ -28,6 +28,76 @@
28 28 
 # You should have received a copy of the GNU Affero General Public License
29 29 
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
30 30
31 
+function gpg_import_public_key {
32 
+    key_username=$1
33 
+    key_filename=$2
34 
+
35 
+    gpg --homedir=/home/$key_username/.gnupg --import $key_filename
36 
+    gpg_set_permissions $key_username
37 
+}
38 
+
39 
+function gpg_import_private_key {
40 
+    key_username=$1
41 
+    key_filename=$2
42 
+
43 
+    gpg --homedir=/home/$key_username/.gnupg --allow-secret-key-import --import $key_filename
44 
+    gpg_set_permissions $key_username
45 
+}
46 
+
47 
+function gpg_export_public_key {
48 
+    key_username=$1
49 
+    key_id=$2
50 
+    key_filename=$3
51 
+
52 
+    su -m root -c "gpg --homedir /home/$key_username/.gnupg --output $key_filename --armor --export $key_id" - $key_username
53 
+}
54 
+
55 
+function gpg_export_private_key {
56 
+    key_username=$1
57 
+    key_id=$2
58 
+    key_filename=$3
59 
+
60 
+    su -m root -c "gpg --homedir=/home/$key_username/.gnupg --armor --output $key_filename --export-secret-key $key_id" - $key_username
61 
+}
62 
+
63 
+function gpg_create_key {
64 
+    key_username=$1
65 
+    key_passphrase=$2
66 
+
67 
+    gpg_dir=/home/$key_username/.gnupg
68 
+
69 
+    echo 'Key-Type: eddsa' > /home/$key_username/gpg-genkey.conf
70 
+    echo 'Key-Curve: Ed25519' >> /home/$key_username/gpg-genkey.conf
71 
+    echo 'Subkey-Type: eddsa' >> /home/$key_username/gpg-genkey.conf
72 
+    echo 'Subkey-Curve: Ed25519' >> /home/$key_username/gpg-genkey.conf
73 
+    echo "Name-Real:  $MY_NAME" >> /home/$key_username/gpg-genkey.conf
74 
+    echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$key_username/gpg-genkey.conf
75 
+    echo 'Expire-Date: 0' >> /home/$key_username/gpg-genkey.conf
76 
+    cat /home/$key_username/gpg-genkey.conf
77 
+    if [ $key_passphrase ]; then
78 
+        echo "Passphrase: $key_passphrase" >> /home/$key_username/gpg-genkey.conf
79 
+    else
80 
+        echo "Passphrase: $PROJECT_NAME" >> /home/$key_username/gpg-genkey.conf
81 
+    fi
82 
+    chown $key_username:$key_username /home/$key_username/gpg-genkey.conf
83 
+
84 
+    echo $'Generating a new GPG key'
85 
+    su -m root -c "gpg --homedir /home/$key_username/.gnupg --batch --full-gen-key /home/$key_username/gpg-genkey.conf" - $key_username
86 
+    chown -R $key_username:$key_username /home/$key_username/.gnupg
87 
+    KEY_EXISTS=$(gpg_key_exists "$key_username" "${key_username}@${HOSTNAME}")
88 
+    if [[ $KEY_EXISTS == "no" ]]; then
89 
+        echo $"A GPG key for ${key_username}@${HOSTNAME} could not be created"
90 
+        exit 63621
91 
+    fi
92 
+    shred -zu /home/$key_username/gpg-genkey.conf
93 
+    CURR_GPG_PUBLIC_KEY_ID=$(gpg_pubkey_from_email "$key_username" "${key_username}@${HOSTNAME}")
94 
+    if [ ${#CURR_GPG_PUBLIC_KEY_ID} -lt 4 ]; then
95 
+        echo $"GPG public key ID could not be obtained for ${key_username}@${HOSTNAME}"
96 
+        exit 825292
97 
+    fi
98 
+    gpg_set_permissions $key_username
99 
+}
100 
+
31 101 
 function gpg_delete_key {
32 102 
     key_username=$1
33 103 
     key_id=$2