###----- Licensing notice ---------------------------------------------------
###
-### This program is free software; you can redistribute it and/or modify
+### This file is part of the distorted.org.uk key management suite.
+###
+### distorted-keys is free software; you can redistribute it and/or modify
### it under the terms of the GNU General Public License as published by
### the Free Software Foundation; either version 2 of the License, or
### (at your option) any later version.
###
-### This program is distributed in the hope that it will be useful,
+### distorted-keys is distributed in the hope that it will be useful,
### but WITHOUT ANY WARRANTY; without even the implied warranty of
### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
### GNU General Public License for more details.
###
### You should have received a copy of the GNU General Public License
-### along with this program; if not, write to the Free Software Foundation,
+### along with distorted-keys; if not, write to the Free Software Foundation,
### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
set -e
seq=0
else
seq=$(readlink $rdir/current)
- mem=$(userv root claim-mem-dir)
- reveal=$mem/keys.reveal.$recov.current/secret
+ mem=$(userv root claim-mem-dir </dev/null)
+ reveal=$mem/keys.reveal/$recov.current/secret
if [ ! -f $reveal ]; then
echo >&2 "$quis: current $recov key not revealed"
exit 1
fi
- find $rdir/current -type f -name '*.recov' -print | while read name; do
+
+ find $rdir/current/ -type f -name '*.recov' -print | while read name; do
name=${name#$rdir/current/}
case "$name" in */*) mkdir -p -m755 $rdir/new/${name%/*} ;; esac
ec_decrypt $reveal -i$rdir/current/$name |
ec_encrypt $rdir/new/pub -o$rdir/new/$name
done
+ rm -r $mem/keys.reveal/$recov.current
fi
-## Tidy up and commit.
+## Tidy up and commit. Repointing the symlink is grim because, according to
+## POSIX rules, `mv foo bar' should rename `foo' to `bar/foo' is `bar' is a
+## symlink to a directory -- and there's no way of turning this behaviour
+## off. The subterfuge here is due to Colin Watson.
cd $rdir
while [ -d $seq ]; do seq=$(( seq + 1 )); done
case $kparam in *.new) mv keepers.new keepers ;; esac
rm -f next
ln -s $seq next
mv new $seq
-mv next current
+mkdir hack; mv next hack/current; mv hack/current .; rmdir hack
###----- That's all, folks --------------------------------------------------