remove references to files outside of this repo

(commit the files into this repo)
author: Andrew Cady <d@jerkface.net> 2016-05-01 05:25:14 -0400
committer: Andrew Cady <d@jerkface.net> 2016-05-01 05:28:22 -0400
commit: a8e19d5d8057e82cbda2705d755f3d4e1d3da20a (patch)
tree: 84449f8ac6e45a5727b0abbb64eeb578c20628fd /src/samizdat-password-agent
parent: 4854ffec94f70705dc95c5657e43c5f69c270a1a (diff)
1 files changed, 73 insertions, 0 deletions
diff --git a/src/samizdat-password-agent b/src/samizdat-password-agent
new file mode 100755
index 0000000..0fb26c6
--- /dev/null
+++ b/src/samizdat-password-agent
@@ -0,0 +1,73 @@
+#!/bin/sh
+[ "$(id -u)" -gt 0 ] && exec sudo "$0" "$@"
+scan_gnupg_db()
+{
+  keylist=
+  mainkeygrip=
+  uid=
+  local IFS='
+'
+  for record in $(gpg2 --with-fingerp --with-fingerp --with-colons -K | cut -d: -f1,5,10); do
+    : "$record"
+    case "$record" in
+      fpr:*) keylist="$keylist ${record##*:}" ;;
+      sec:*)
+        if [ -z "$mainkeygrip" ]; then
+          mainkeygrip="${record#sec:}"
+          mainkeygrip="${mainkeygrip%%:*}"
+        fi ;;
+      uid:*) : ${uid:=${record#uid:*:}} ;;
+    esac
+  done
+}
+eval $(samizdat-gpg-agent)
+gpg2_test_sign()
+{
+  GPG_TTY=none gpg2 \
+    --ignore-valid-from --ignore-time-conflict --no-tty --batch --clearsign </dev/null >/dev/null 2>&1
+}
+if [ ! "$FORCE_PINENTRY" ] && gpg2_test_sign; then
+  echo "Made signature with default key successfully.  No additional passphrase is needed." >&2
+  exit
+fi
+scan_gnupg_db # get $uid
+if [ "$uid" ]; then
+  DESC='Please enter the passphrase to unlock the secret key for the OpenPGP certificate:%0A'"'$uid'."
+else
+  DESC='Please enter the passphrase to unlock the secret key for the OpenPGP certificate.'
+fi
+exec samizdat-pinentry \
+  --setdesc "$DESC" \
+  --ttyname "$(tty)" \
+  --socket "${GPG_AGENT_INFO%%:*}" \
+  --resocket /root/"${GPG_AGENT_INFO%%:*}" \
+  --tell-immediately '
+    read secret
+    for grip in '"$keylist"' -; do
+      read status || break
+      printf "< %s\n" "$status" >&2
+      [ -z "${status##OK*}" ] || break
+      [ "$grip" = - ] && break
+      printf "> PRESET_PASSPHRASE %s -1 %%s\n" "$grip" >&2
+      printf "PRESET_PASSPHRASE %s -1 %s\n" "$grip" "$secret"
+    done
+  ' \
+  --validate '
+    exec 7<&0
+    gpgoutput=$(gpg2 --batch --no-tty --ignore-valid-from --ignore-time-conflict \
+      --passphrase-fd 7 --default-key '"$mainkeygrip"' --clearsign </dev/null >/dev/null)
+    status=$?
+    case "$gpgoutput" in
+      *"Bad passphrase"*) echo "Error: Bad passphrase." ;;
+      "") [ $status -eq 0 ] || echo "Error: gpg returned $status." ;;
+      *) printf "gpg returned unexpected error (exit status $status):\n%s\n" "$gpgoutput" ;;
+    esac
+    exit $status
+  ' \
author	Andrew Cady <d@jerkface.net>	2016-05-01 05:25:14 -0400
committer	Andrew Cady <d@jerkface.net>	2016-05-01 05:28:22 -0400
commit	a8e19d5d8057e82cbda2705d755f3d4e1d3da20a (patch)
tree	84449f8ac6e45a5727b0abbb64eeb578c20628fd /src/samizdat-password-agent
parent	4854ffec94f70705dc95c5657e43c5f69c270a1a (diff)

diff --git a/src/samizdat-password-agent b/src/samizdat-password-agent new file mode 100755 index 0000000..0fb26c6 --- /dev/null +++ b/src/samizdat-password-agent
@@ -0,0 +1,73 @@
	1	#!/bin/sh
	2	[ "$(id -u)" -gt 0 ] && exec sudo "$0" "$@"
	3
	4	scan_gnupg_db()
	5	{
	6	keylist=
	7	mainkeygrip=
	8	uid=
	9	local IFS='
	10	'
	11	for record in $(gpg2 --with-fingerp --with-fingerp --with-colons -K \| cut -d: -f1,5,10); do
	12	: "$record"
	13	case "$record" in
	14	fpr:) keylist="$keylist ${record##:}" ;;
	15	sec:*)
	16	if [ -z "$mainkeygrip" ]; then
	17	mainkeygrip="${record#sec:}"
	18	mainkeygrip="${mainkeygrip%%:*}"
	19	fi ;;
	20	uid:) : ${uid:=${record#uid::}} ;;
	21	esac
	22	done
	23	}
	24
	25	eval $(samizdat-gpg-agent)
	26
	27	gpg2_test_sign()
	28	{
	29	GPG_TTY=none gpg2 \
	30	--ignore-valid-from --ignore-time-conflict --no-tty --batch --clearsign </dev/null >/dev/null 2>&1
	31	}
	32
	33	if [ ! "$FORCE_PINENTRY" ] && gpg2_test_sign; then
	34	echo "Made signature with default key successfully. No additional passphrase is needed." >&2
	35	exit
	36	fi
	37
	38	scan_gnupg_db # get $uid
	39
	40	if [ "$uid" ]; then
	41	DESC='Please enter the passphrase to unlock the secret key for the OpenPGP certificate:%0A'"'$uid'."
	42	else
	43	DESC='Please enter the passphrase to unlock the secret key for the OpenPGP certificate.'
	44	fi
	45
	46	exec samizdat-pinentry \
	47	--setdesc "$DESC" \
	48	--ttyname "$(tty)" \
	49	--socket "${GPG_AGENT_INFO%%:*}" \
	50	--resocket /root/"${GPG_AGENT_INFO%%:*}" \
	51	--tell-immediately '
	52	read secret
	53	for grip in '"$keylist"' -; do
	54	read status \|\| break
	55	printf "< %s\n" "$status" >&2
	56	[ -z "${status##OK*}" ] \|\| break
	57	[ "$grip" = - ] && break
	58	printf "> PRESET_PASSPHRASE %s -1 %%s\n" "$grip" >&2
	59	printf "PRESET_PASSPHRASE %s -1 %s\n" "$grip" "$secret"
	60	done
	61	' \
	62	--validate '
	63	exec 7<&0
	64	gpgoutput=$(gpg2 --batch --no-tty --ignore-valid-from --ignore-time-conflict \
	65	--passphrase-fd 7 --default-key '"$mainkeygrip"' --clearsign </dev/null >/dev/null)
	66	status=$?
	67	case "$gpgoutput" in
	68	"Bad passphrase") echo "Error: Bad passphrase." ;;
	69	"") [ $status -eq 0 ] \|\| echo "Error: gpg returned $status." ;;
	70	*) printf "gpg returned unexpected error (exit status $status):\n%s\n" "$gpgoutput" ;;
	71	esac
	72	exit $status
	73	' \