summaryrefslogtreecommitdiff
path: root/src/share/mh/add_revoker
diff options
context:
space:
mode:
authorJonas Smedegaard <dr@jones.dk>2013-02-09 19:54:08 +0100
committerJonas Smedegaard <dr@jones.dk>2013-03-09 05:29:51 +0100
commite02c127f8e2c5001cf90429a2ee3532d7a4e3c76 (patch)
tree78921cecbf61d16a07db05f3b79f858399b3d414 /src/share/mh/add_revoker
parent24a0dde01d3b64d36773e06eeb300d94992b2886 (diff)
Simplify arguments passed to su_monkeysphere_user() and gpg_sphere
It is a healthy coding practice to keep each argument separate when executing system calls, i.e. quote each variable separately instead of relying on whitespace to indicate argument separation. This patch improves argument passing like this: a) Each argument is passed individually (not all as a single string) b) Arguments containing no variables are not quoted c) Dynamic arguments are double-quoted ( "$@" ) Due to su_monkeysphere_user() expanding arguments using "$*" (not "$@") arguments are mostly¹ coollapsed into single strings, and this change is therefore only cosmetic. It does improve clarity, however. Also, it eases switching to safer quoted arguments in the future. ¹As sole excepion ma/update_users line 82 has $STRICT_MODES dual-quoted.
Diffstat (limited to 'src/share/mh/add_revoker')
-rw-r--r--src/share/mh/add_revoker10
1 files changed, 5 insertions, 5 deletions
diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker
index da6f71e..4647372 100644
--- a/src/share/mh/add_revoker
+++ b/src/share/mh/add_revoker
@@ -52,7 +52,7 @@ if [ -f "$revokerKeyID" -o "$revokerKeyID" = '-' ] ; then
# check the key is ok as monkeysphere user before loading
log debug "checking keys in file..."
fingerprint=$(su_monkeysphere_user \
- ". ${SYSSHAREDIR}/list_primary_fingerprints" < "$revokerKeyID")
+ . "${SYSSHAREDIR}/list_primary_fingerprints" < "$revokerKeyID")
if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then
failure "There was not exactly one gpg key in the file."
@@ -71,12 +71,12 @@ else
# download the key from the keyserver as the monkeysphere user
log verbose "searching keyserver $KEYSERVER for revoker keyID $revokerKeyID..."
- su_monkeysphere_user "GNUPGHOME=$tmpDir gpg --quiet --keyserver $KEYSERVER --recv-key 0x${revokerKeyID}!" \
+ su_monkeysphere_user "GNUPGHOME=$tmpDir" gpg --quiet --keyserver "$KEYSERVER" --recv-key "0x${revokerKeyID}!" \
|| failure "Could not receive a key with this ID from keyserver '$KEYSERVER'."
# get the full fingerprint of new revoker key
log debug "getting fingerprint of revoker key..."
- fingerprint=$(su_monkeysphere_user "GNUPGHOME=$tmpDir gpg --list-key --with-colons --with-fingerprint ${revokerKeyID}" \
+ fingerprint=$(su_monkeysphere_user "GNUPGHOME=$tmpDir" gpg --list-key --with-colons --with-fingerprint "${revokerKeyID}" \
| grep '^fpr:' | cut -d: -f10)
# test that there is only a single fingerprint
@@ -90,7 +90,7 @@ EOF
fi
log info "revoker key found:"
- su_monkeysphere_user "GNUPGHOME=$tmpDir gpg --fingerprint 0x${fingerprint}!"
+ su_monkeysphere_user "GNUPGHOME=$tmpDir" gpg --fingerprint "0x${fingerprint}!"
if [ "$PROMPT" = "true" ] ; then
printf "Are you sure you want to add the above key as a revoker\nof the key '$keyID'? (Y/n) " >&2
@@ -104,7 +104,7 @@ EOF
# export the new key to the host keyring
log debug "loading revoker key into host keyring..."
- su_monkeysphere_user "GNUPGHOME=$tmpDir gpg --quiet --export 0x${fingerprint}!" \
+ su_monkeysphere_user "GNUPGHOME=$tmpDir" gpg --quiet --export "0x${fingerprint}!" \
| gpg_host --import
fi