Changeset 330 for trunk/scripts


Ignore:
Timestamp:
Apr 13, 2011, 8:40:14 PM (14 years ago)
Author:
katerina
Message:

Patch for ticket #248: samhainadmin.pl option for location of secret keyring

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/scripts/samhainadmin.pl.in

    r191 r330  
    4141my $file2;
    4242my $passphrase;
     43my $secretkeyring;
    4344my $return_from_sign = 0;
    4445my $no_print_examine = 0;
     
    155156    print "    Set the passphrase for gpg. By default, gpg will ask.\n\n";
    156157
     158    print "  -s secretkeyring --secretkeyring secretkeyring\n";
     159    print "    Select an alternate secret keyring for gpg.\n";
     160    print "    Will use '$ENV{'HOME'}/.gnupg/secring.gpg' by default.\n\n";
     161
    157162    print "  -l            --list\n";
    158163    print "    List the files in database rather than printing the raw file.\n\n";
     
    185190   
    186191sub check_gpg_sign () {
    187     if ( (!-d "$ENV{'HOME'}/.gnupg") || (!-e "$ENV{'HOME'}/.gnupg/secring.gpg")) {
    188         print "--------------------------------------------------\n";
    189         print "\n";
    190         if (!-d "$ENV{'HOME'}/.gnupg") {
    191             print " Directory \$HOME/.gnupg not found!\n";
    192         } else {
    193             print " Secret keyring \$HOME/.gnupg/secring.gpg not found!\n";
    194         }
    195         print "\n";
    196         print " This indicates that you have never created a \n";
    197         print " public/private keypair, and thus cannot sign.\n";
    198         print " \n";
    199         print " Please use $0 --generate-keys or gpg --gen-key\n";
    200         print " to generate a public/private keypair first.\n";
    201         print "\n";
    202         print "--------------------------------------------------\n";
    203         print "\n";
    204         exit;
     192    if ( defined($secretkeyring)) {
     193        if ( (!-d "$secretkeyring")){
     194            print "--------------------------------------------------\n";
     195            print "\n";
     196            print " Secret keyring $secretkeyring not found!\n";
     197            print "\n";
     198            print " Please check the path/name of the alternate secret keyring.\n";
     199            print "\n";
     200            print "--------------------------------------------------\n";
     201            print "\n";
     202            exit;
     203        }
     204    } else {
     205        if ( (!-d "$ENV{'HOME'}/.gnupg") || (!-e "$ENV{'HOME'}/.gnupg/secring.gpg")) {
     206            print "--------------------------------------------------\n";
     207            print "\n";
     208            if (!-d "$ENV{'HOME'}/.gnupg") {
     209                print " Directory \$HOME/.gnupg not found!\n";
     210            } else {
     211                print " Secret keyring \$HOME/.gnupg/secring.gpg not found!\n";
     212            }
     213            print "\n";
     214            print " This indicates that you have never created a \n";
     215            print " public/private keypair, and thus cannot sign.\n";
     216            print " \n";
     217            print " Please use $0 --generate-keys or gpg --gen-key\n";
     218            print " to generate a public/private keypair first.\n";
     219            print "\n";
     220            print "--------------------------------------------------\n";
     221            print "\n";
     222            exit;
     223        }
    205224    }
    206225}
     
    505524    if (defined($passphrase)) {
    506525        local $SIG{PIPE} = 'IGNORE';
    507         my $command = "$gpg --homedir $ENV{'HOME'}/.gnupg --passphrase-fd 0 -a ${KEYTAG} ${TARGETKEYID} --clearsign -o $fileout --not-dash-escaped $file1";
     526        my $command = "$gpg --homedir $ENV{'HOME'}/.gnupg --passphrase-fd 0 -a ${KEYTAG} ${TARGETKEYID} --clearsign -o $fileout --not-dash-escaped ";
     527        $command .= "--secret-keyring $secretkeyring " if (defined($opts{'s'}));
     528        $command .= "$file1";
    508529        open (FH, "|$command")  or die "can't fork: $!";
    509530        print FH "$passphrase"  or die "can't write: $!";
    510531        close FH                or die "can't close: status=$?";
    511532    } else {
    512         my $command = "$gpg --homedir $ENV{'HOME'}/.gnupg                   -a ${KEYTAG} ${TARGETKEYID} --clearsign -o $fileout --not-dash-escaped $file1";
     533        my $command = "$gpg --homedir $ENV{'HOME'}/.gnupg                   -a ${KEYTAG} ${TARGETKEYID} --clearsign -o $fileout --not-dash-escaped ";
     534        $command .= "--secret-keyring $secretkeyring " if (defined($opts{'s'}));
     535        $command .= "$file1";
    513536        system("$command") == 0
    514537            or die "system $command failed: $?";
     
    546569            'd|datafile=s',
    547570            'p|passphrase=s',
     571            's|secretkeyring=s',
    548572            'create-cfgfile',  # -m F
    549573            'print-cfgfile',   # -m f
     
    568592if (defined($opts{'p'})) {
    569593    $passphrase = $opts{'p'};
     594}
     595if (defined($opts{'s'})) {
     596    $secretkeyring = $opts{'s'};
    570597}
    571598
Note: See TracChangeset for help on using the changeset viewer.