From 08b01031364b95963cc2a93df722cd90afeb0d79 Mon Sep 17 00:00:00 2001 From: Charles Prost Date: Thu, 19 Mar 2015 10:37:55 +0100 Subject: [PATCH 1/4] [fix] Support filenames with space for 'blackbox_update_all_files' --- bin/blackbox_update_all_files | 31 ++++++++++++++++++++----------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/bin/blackbox_update_all_files b/bin/blackbox_update_all_files index e77320d..8708561 100755 --- a/bin/blackbox_update_all_files +++ b/bin/blackbox_update_all_files @@ -18,19 +18,23 @@ fi disclose_admins prepare_keychain +OLDIFS=$IFS + echo '========== ENCRYPTED FILES TO BE RE-ENCRYPTED:' -awk <"$BB_FILES" '{ print " " $1 ".gpg" }' +while IFS= read <&99 -r unencrypted_file; do + echo " $unencrypted_file.gpg" +done 99<"$BB_FILES" echo '========== FILES IN THE WAY:' need_warning=false -for i in $(<"$BB_FILES") ; do - unencrypted_file=$(get_unencrypted_filename "$i") - encrypted_file=$(get_encrypted_filename "$i") +while IFS= read <&99 -r unencrypted_file; do + unencrypted_file=$(get_unencrypted_filename "$unencrypted_file") + encrypted_file=$(get_encrypted_filename "$unencrypted_file") if [[ -f "$unencrypted_file" ]]; then need_warning=true echo " $unencrypted_file" fi -done +done 99<"$BB_FILES" if "$need_warning" ; then echo echo 'WARNING: This will overwrite any unencrypted files laying about.' @@ -40,20 +44,25 @@ else fi echo '========== RE-ENCRYPTING FILES:' -for i in $(<"$BB_FILES") ; do - unencrypted_file=$(get_unencrypted_filename "$i") - encrypted_file=$(get_encrypted_filename "$i") - echo ========== PROCESSING "$unencrypted_file" +while IFS= read <&99 -r unencrypted_file; do + unencrypted_file=$(get_unencrypted_filename "$unencrypted_file") + encrypted_file=$(get_encrypted_filename "$unencrypted_file") + echo ========== PROCESSING '"'$unencrypted_file'"' fail_if_not_on_cryptlist "$unencrypted_file" decrypt_file_overwrite "$encrypted_file" "$unencrypted_file" encrypt_file "$unencrypted_file" "$encrypted_file" shred_file "$unencrypted_file" -done +done 99<"$BB_FILES" fail_if_keychain_has_secrets echo '========== COMMITING TO VCS:' -vcs_commit 'Re-encrypted keys' $(awk <"$BB_FILES" '{ print $1 ".gpg" }' ) +while IFS= read <&99 -r unencrypted_file; do + vcs_add "$unencrypted_file.gpg" +done 99<"$BB_FILES" +vcs_commit 'Re-encrypted keys' + +IFS=$OLDIFS VCSCMD=$(which_vcs) echo '========== DONE.' From d8fb3e855d1d6ce14e1a70754320f26319266e52 Mon Sep 17 00:00:00 2001 From: Charles Prost Date: Thu, 19 Mar 2015 10:42:29 +0100 Subject: [PATCH 2/4] [fix] Support filenames with space for 'blackbox_shred_all_files' --- bin/blackbox_shred_all_files | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/bin/blackbox_shred_all_files b/bin/blackbox_shred_all_files index 8825319..aa0c995 100755 --- a/bin/blackbox_shred_all_files +++ b/bin/blackbox_shred_all_files @@ -21,14 +21,18 @@ source "${blackbox_home}/_blackbox_common.sh" change_to_vcs_root +OLDIFS=$IFS + echo '========== FILES BEING SHREDDED:' -for i in $(<"$BB_FILES") ; do - unencrypted_file=$(get_unencrypted_filename "$i") - encrypted_file=$(get_encrypted_filename "$i") +while IFS= read <&99 -r unencrypted_file; do + unencrypted_file=$(get_unencrypted_filename "$unencrypted_file") + encrypted_file=$(get_encrypted_filename "$unencrypted_file") if [[ -f "$unencrypted_file" ]]; then echo " $unencrypted_file" shred_file "$unencrypted_file" fi -done +done 99<"$BB_FILES" + +IFS=$OLDIFS echo '========== DONE.' From f78d25b0045dd5d2053531a52184d98d734a63c1 Mon Sep 17 00:00:00 2001 From: Charles Prost Date: Thu, 19 Mar 2015 10:55:37 +0100 Subject: [PATCH 3/4] [clean] Restore IFS for 'blackbox_postdeploy' --- bin/blackbox_postdeploy | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/bin/blackbox_postdeploy b/bin/blackbox_postdeploy index df608e7..bb4a3c0 100755 --- a/bin/blackbox_postdeploy +++ b/bin/blackbox_postdeploy @@ -26,6 +26,8 @@ fi change_to_vcs_root prepare_keychain +OLDIFS=$IFS + # Decrypt: echo '========== Decrypting new/changed files: START' while IFS= read <&99 -r unencrypted_file; do @@ -36,4 +38,7 @@ while IFS= read <&99 -r unencrypted_file; do chgrp "$FILE_GROUP" "$unencrypted_file" fi done 99<"$BB_FILES" + +IFS=$OLDIFS + echo '========== Decrypting new/changed files: DONE' From a7b8c32da015f9f61e04ca0552ad063d5c747fb1 Mon Sep 17 00:00:00 2001 From: Charles Prost Date: Thu, 19 Mar 2015 10:59:37 +0100 Subject: [PATCH 4/4] [clean] Improve display for filenames with spaces --- bin/_blackbox_common.sh | 2 +- bin/blackbox_edit_end | 8 ++++---- bin/blackbox_edit_start | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/bin/_blackbox_common.sh b/bin/_blackbox_common.sh index f9c8276..b3580c5 100755 --- a/bin/_blackbox_common.sh +++ b/bin/_blackbox_common.sh @@ -181,7 +181,7 @@ function decrypt_file() { encrypted="$1" unencrypted="$2" - echo "========== EXTRACTING $unencrypted" + echo '========== EXTRACTING ''"'$unencrypted'"' old_umask=$(umask) umask "$DECRYPT_UMASK" diff --git a/bin/blackbox_edit_end b/bin/blackbox_edit_end index 1a6d032..5efb477 100755 --- a/bin/blackbox_edit_end +++ b/bin/blackbox_edit_end @@ -10,8 +10,8 @@ source "${blackbox_home}/_blackbox_common.sh" unencrypted_file=$(get_unencrypted_filename "$1") encrypted_file=$(get_encrypted_filename "$1") -echo ========== PLAINFILE "$unencrypted_file" -echo ========== ENCRYPTED "$encrypted_file" +echo ========== PLAINFILE '"'$unencrypted_file'"' +echo ========== ENCRYPTED '"'$encrypted_file'"' fail_if_not_on_cryptlist "$unencrypted_file" fail_if_not_exists "$unencrypted_file" "No unencrypted version to encrypt!" @@ -22,6 +22,6 @@ shred_file "$unencrypted_file" _determine_vcs_base_and_type -echo "========== UPDATED ${encrypted_file}" +echo ========== UPDATED '"'$encrypted_file'"' echo "Likely next step:" -echo " $VCS_TYPE commit -m\"${encrypted_file} updated\" $encrypted_file" +echo " $VCS_TYPE commit -m\"${encrypted_file} updated\" \"$encrypted_file\"" diff --git a/bin/blackbox_edit_start b/bin/blackbox_edit_start index 7d25bc8..a563eff 100755 --- a/bin/blackbox_edit_start +++ b/bin/blackbox_edit_start @@ -11,7 +11,7 @@ source "${blackbox_home}/_blackbox_common.sh" for param in """$@""" ; do unencrypted_file=$(get_unencrypted_filename "$param") encrypted_file=$(get_encrypted_filename "$param") - echo ========== PLAINFILE "$unencrypted_file" + echo ========== PLAINFILE '"'$unencrypted_file'"' fail_if_not_on_cryptlist "$unencrypted_file" fail_if_not_exists "$encrypted_file" "This should not happen."