Random

2016-05-17 12:58:13 -04:00
parent eaadca8871
commit 180ee4076e
8 changed files with 99 additions and 33 deletions
--- a/bin/_blackbox_common.sh
+++ b/bin/_blackbox_common.sh
@@ -76,6 +76,10 @@ SECRING="${KEYRINGDIR}/secring.gpg"
 : "${DECRYPT_UMASK:=0022}" ;
 # : ${DECRYPT_UMASK:=o=} ;

+# $BB_FILES file format:
+# Filenames are listed one per line, relative to the base directory of the repo.
+# Each line is listed in "printf %q" format, which escapes special chars.
+
 # Checks if $1 is 0 bytes, and if $1/keyrings
 # is a directory
 function is_blackbox_repo() {
@@ -86,10 +90,18 @@ function is_blackbox_repo() {
  fi
 }

-# Return error if not on cryptlist.
+# is_on_cryptlist resturns an error if $1 not on cryptlist.
 function is_on_cryptlist() {
+  # $1: The filename.
  # Assumes $1 does NOT have the .gpg extension
-  file_contains_line "$BB_FILES" "$(vcs_relative_path "$1")"
+
+  # https://github.com/koalaman/shellcheck/wiki/SC2155
+  local name
+  name=$(vcs_relative_path "$1")
+  local encodedname
+  encodedname=$(printf "%q" "$name")
+
+  file_contains_line "$BB_FILES" "$encodedname"
 }

 # Exit with error if a file exists.
@@ -151,16 +163,33 @@ function get_pubring_path() {
  fi
 }

-# Output the unencrypted filename.
-function get_unencrypted_filename() {
-  echo "$(dirname "$1")/$(basename "$1" .gpg)" | sed -e 's#^\./##'
+# normalize_filename_arg takes a filename from the command line and
+# outputs the non-encrypted filename.
+function normalize_filename() {
+  # $1: the input from a user
+  # Use this if the user may have entered the encrypted or
+  # non-encrypted filename.
+  local name
+  name=$(vcs_relative_path "$1")
+  echo "$(dirname "$name")/$(basename "$name" .gpg)" | sed -e 's#^\./##'
 }

 # Output the encrypted filename.
-function get_encrypted_filename() {
-  echo "$(dirname "$1")/$(basename "$1" .gpg).gpg" | sed -e 's#^\./##'
+function get_gpg_filename() {
+  # $1: normalized file path
+  echo "$1".gpg
 }

+## Output the unencrypted filename.
+#function get_unencrypted_filename() {
+#  echo "$(dirname "$1")/$(basename "$1" .gpg)" | sed -e 's#^\./##'
+#}
+#
+## Output the encrypted filename.
+#function get_encrypted_filename() {
+#  echo "$(dirname "$1")/$(basename "$1" .gpg).gpg" | sed -e 's#^\./##'
+#}
+
 # Prepare keychain for use.
 function prepare_keychain() {
  echo '========== Importing keychain: START' >&2
@@ -168,37 +197,43 @@ function prepare_keychain() {
  echo '========== Importing keychain: DONE' >&2
 }

-# Add file to list of encrypted files.
+# add_filename_to_cryptlist adds $1 to the list of encrypted files.
 function add_filename_to_cryptlist() {
+  # $1: The filename.
  # If the name is already on the list, this is a no-op.
-  # However no matter what the datestamp is updated.
-  
+
  # https://github.com/koalaman/shellcheck/wiki/SC2155
  local name
  name=$(vcs_relative_path "$1")
+  local encodedname
+  encodedname=$(printf "%q" "$name")

-  if file_contains_line "$BB_FILES" "$name" ; then
+
+  if file_contains_line "$BB_FILES" "$encodedname" ; then
    echo "========== File is registered. No need to add to list."
  else
    echo "========== Adding file to list."
    touch "$BB_FILES"
-    sort -u -o "$BB_FILES" <(echo "$name") "$BB_FILES"
+    sort -u -o "$BB_FILES" <(printf "%q\n" "$name") "$BB_FILES"
  fi
 }

-# Removes a file from the list of encrypted files
+# remove_filename_from_cryptlist removes $1 from the list of encrypted files.
 function remove_filename_from_cryptlist() {
+  # $1: The filename.
  # If the name is not already on the list, this is a no-op.

  # https://github.com/koalaman/shellcheck/wiki/SC2155
  local name
  name=$(vcs_relative_path "$1")
+  local encodedname
+  encodedname=$(printf "%q" "$name")

-  if ! file_contains_line "$BB_FILES" "$name" ; then
+  if ! file_contains_line "$BB_FILES" "$encodedname" ; then
    echo "========== File is not registered. No need to remove from list."
  else
    echo "========== Removing file from list."
-    remove_line "$BB_FILES" "$name"
+    remove_line "$BB_FILES" "$encodedname"
  fi
 }

--- a/bin/_blackbox_common_test.sh
+++ b/bin/_blackbox_common_test.sh
@@ -6,7 +6,7 @@

 set -e
 . "${0%/*}/_blackbox_common.sh"
-. tools/test_functions.sh
+. /Users/tlimoncelli/gitwork/blackbox/tools/test_functions.sh

 PHASE 'Test cp-permissions: TestA'
 touch TestA TestB TestC TestD
@@ -22,4 +22,18 @@ assert_file_perm '--wxr--rwx' TestC
 assert_file_perm '----rwx---' TestD  # TestD doesn't change.
 rm -f TestA TestB TestC TestD

+PHASE 'Test vcs_relative_path: TestA'
+export REPOBASE='/Users/tlimoncelli/Applications (Parallels)/{fd3049c8-9fdd-48d5-aa16-d31daf3a6879} Applications.localized'
+FILE='Microsoft  Windows Fax and Scan.app/Contents'
+result=$(vcs_relative_path Contents)
+echo result=XXX${result}XXX
+if [[ $FILE != $result ]] ; then
+  echo FAIL
+fi
+
+unencrypted_file=$(get_unencrypted_filename "${result}.gpg")
+echo un=XXX${unencrypted_file}XXX
+encrypted_file=$(get_encrypted_filename "${result}")
+echo en=XXX${encrypted_file}XXX
+
 echo '========== DONE.'
--- a/bin/blackbox_cat
+++ b/bin/blackbox_cat
@@ -8,7 +8,7 @@ source "${0%/*}/_blackbox_common.sh"

 for param in "$@" ; do
  shreddable=0
-  unencrypted_file=$(get_unencrypted_filename "$param")
+  unencrypted_file=$(normalize_filename "$param")
  if [[ ! -e "$unencrypted_file" ]]; then
    "${BLACKBOX_HOME}/blackbox_edit_start" "$param"
    shreddable=1
--- a/bin/blackbox_diff
+++ b/bin/blackbox_diff
@@ -19,8 +19,10 @@ prepare_keychain
 modified_files=()
 modifications=()
 echo '========== DIFFING FILES: START'
-while IFS= read <&99 -r unencrypted_file; do
-  unencrypted_file=$(get_unencrypted_filename "$unencrypted_file")
+while IFS= read <&99 -r encodedname; do
+  local name
+  name=$(echo $encodedname)
+  unencrypted_file=$(get_unencrypted_filename "$name")
  encrypted_file=$(get_encrypted_filename "$unencrypted_file")
  fail_if_not_on_cryptlist "$unencrypted_file"
  if [[ -f "$unencrypted_file" ]]; then
--- a/bin/blackbox_list_files
+++ b/bin/blackbox_list_files
@@ -5,4 +5,7 @@
 #
 set -e
 source "${0%/*}/_blackbox_common.sh"
-cat "$BB_FILES"
+
+while IFS= read <&99 -r encodedname; do
+  echo $encodedname
+done 99<"$BB_FILES"
--- a/bin/blackbox_postdeploy
+++ b/bin/blackbox_postdeploy
@@ -27,8 +27,12 @@ prepare_keychain

 # Decrypt:
 echo '========== Decrypting new/changed files: START'
-while IFS= read <&99 -r unencrypted_file; do
-  encrypted_file=$(get_encrypted_filename "$unencrypted_file")
+while IFS= read <&99 -r encodedname; do
+  local name
+  name=$(echo $name)
+
+  encrypted_file=$(get_encrypted_filename "$name")
+  unencrypted_file=$(get_unencrypted_filename "$name")
  decrypt_file_overwrite "$encrypted_file" "$unencrypted_file"
  cp_permissions "$encrypted_file" "$unencrypted_file"
  if [[ ! -z "$FILE_GROUP" ]]; then
--- a/bin/blackbox_shred_all_files
+++ b/bin/blackbox_shred_all_files
@@ -21,9 +21,11 @@ source "${0%/*}/_blackbox_common.sh"
 change_to_vcs_root

 echo '========== FILES BEING SHREDDED:'
-while IFS= read <&99 -r unencrypted_file; do
-  unencrypted_file=$(get_unencrypted_filename "$unencrypted_file")
-  encrypted_file=$(get_encrypted_filename "$unencrypted_file")
+while IFS= read <&99 -r encodedname; do
+  local name
+  name=$(echo $encodedname)
+  unencrypted_file=$(get_unencrypted_filename "$name")
+  encrypted_file=$(get_encrypted_filename "$name")
  if [[ -f "$unencrypted_file" ]]; then
    echo "    $unencrypted_file"
    shred_file "$unencrypted_file"
--- a/bin/blackbox_update_all_files
+++ b/bin/blackbox_update_all_files
@@ -18,15 +18,19 @@ disclose_admins
 prepare_keychain

 echo '========== ENCRYPTED FILES TO BE RE-ENCRYPTED:'
-while IFS= read <&99 -r unencrypted_file; do
-    echo "    $unencrypted_file.gpg"
+while IFS= read <&99 -r encodedname; do
+  local name
+  name=$(echo $encodedname)
+  echo "    $name.gpg"
 done 99<"$BB_FILES"

 echo '========== FILES IN THE WAY:'
 need_warning=false
-while IFS= read <&99 -r unencrypted_file; do
-  unencrypted_file=$(get_unencrypted_filename "$unencrypted_file")
-  encrypted_file=$(get_encrypted_filename "$unencrypted_file")
+while IFS= read <&99 -r encodedname; do
+  local name
+  name=$(echo $encodedname)
+  unencrypted_file=$(get_unencrypted_filename "$name")
+  encrypted_file=$(get_encrypted_filename "$name")
  if [[ -f "$unencrypted_file" ]]; then
    need_warning=true
    echo "    $unencrypted_file"
@@ -41,9 +45,11 @@ else
 fi

 echo '========== RE-ENCRYPTING FILES:'
-while IFS= read <&99 -r unencrypted_file; do
-  unencrypted_file=$(get_unencrypted_filename "$unencrypted_file")
-  encrypted_file=$(get_encrypted_filename "$unencrypted_file")
+while IFS= read <&99 -r encodedname; do
+  local name
+  name=$(echo $encodedname)
+  unencrypted_file=$(get_unencrypted_filename "$name")
+  encrypted_file=$(get_encrypted_filename "$name")
  echo ========== PROCESSING '"'$unencrypted_file'"'
  fail_if_not_on_cryptlist "$unencrypted_file"
  decrypt_file_overwrite "$encrypted_file" "$unencrypted_file"