From: Mark Wooding Date: Mon, 26 Dec 2011 04:18:33 +0000 (+0000) Subject: keyfunc.sh.in, cryptop.{genkey,recover}: Care over key ownership. X-Git-Tag: 0.99.1~1 X-Git-Url: https://git.distorted.org.uk/~mdw/distorted-keys/commitdiff_plain/e9cf707985f070cf5992f1bb112df58e532e01ca keyfunc.sh.in, cryptop.{genkey,recover}: Care over key ownership. Interpret profiles relative to the key owner, not the caller! Only allow the key owner to recover a key. --- diff --git a/cryptop.genkey b/cryptop.genkey index b33458d..e504cdb 100755 --- a/cryptop.genkey +++ b/cryptop.genkey @@ -92,7 +92,7 @@ case "$profile" in ;; esac checkword "profile label" "$label" -read_profile $profile +read_profile $USERV_USER $profile ## Generate the key. c_genkey $profile $kdir $knub genhook_recov "$@" diff --git a/cryptop.recover b/cryptop.recover index f661569..26142e9 100755 --- a/cryptop.recover +++ b/cryptop.recover @@ -38,11 +38,15 @@ key=$1 recov=$2 parse_keylabel "$key" if [ ! -d $kdir ]; then echo >&2 "$quis: unknown key \`$key'"; exit 1; fi checkword "recovery key label" "$recov" +case $kowner in + $USERV_USER) ;; + *) echo >&2 "$quis: you're not the owner of key \`$key'"; exit 1 ;; +esac mktmp nubid=$(cat $kdir/nubid) readmeta $kdir -read_profile "$profile" +read_profile $kowner "$profile" if [ -f $knub ]; then nubbin=$(nubid <$knub) case "$nubbin" in diff --git a/keyfunc.sh.in b/keyfunc.sh.in index 5b6320e..38ca243 100644 --- a/keyfunc.sh.in +++ b/keyfunc.sh.in @@ -339,9 +339,10 @@ subst () { } read_profile () { - profile=$1 + owner=$1 profile=$2 ## Read property settings from a profile. The PROFILE name has the form - ## [USER:]LABEL. Properties are set using `setprops' with prefix `kprop_'. + ## [USER:]LABEL; USER defaults to OWNER. Properties are set using + ## `setprops' with prefix `kprop_'. reqtmp case "$profile" in @@ -349,7 +350,7 @@ read_profile () { label=${profile#:} uservp=nil ;; *) - user=$USERV_USER label=$profile uservp=t + user=$kowner label=$profile uservp=t ;; *:*) user=${profile%%:*} label=${profile#*:} uservp=t @@ -443,7 +444,7 @@ prepare () { parse_keylabel "$key" if [ ! -d $kdir ]; then echo >&2 "$quis: unknown key \`$key'"; exit 1; fi readmeta $kdir - read_profile "$profile" + read_profile $kowner "$profile" ## Check whether we're allowed to do this thing. This is annoyingly ## fiddly.