george/blackbox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Send non-file output from blackbox_cat to STDERR

Browse Source
This commit is contained in:
Mike Dillon
2015-05-14 09:36:13 -07:00
parent fbbadd658c
commit 9a0905a139
2 changed files with 24 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
bin/_blackbox_common.sh
View File

@@ -76,8 +76,8 @@ function is_on_cryptlist() {
# Exit with error if a file exists. # Exit with error if a file exists.
function fail_if_exists() { function fail_if_exists() {
if [[ -f "$1" ]]; then if [[ -f "$1" ]]; then
echo ERROR: "$1" exists. "$2" echo ERROR: "$1" exists. "$2" >&2
echo Exiting... echo Exiting... >&2
exit 1 exit 1
fi fi
} }
@@ -85,8 +85,8 @@ function fail_if_exists() {
# Exit with error if a file is missing. # Exit with error if a file is missing.
function fail_if_not_exists() { function fail_if_not_exists() {
if [[ ! -f "$1" ]]; then if [[ ! -f "$1" ]]; then
echo ERROR: "$1" not found. "$2" echo ERROR: "$1" not found. "$2" >&2
echo Exiting... echo Exiting... >&2
exit 1 exit 1
fi fi
} }
@@ -95,8 +95,8 @@ function fail_if_not_exists() {
function fail_if_not_in_repo() { function fail_if_not_in_repo() {
_determine_vcs_base_and_type _determine_vcs_base_and_type
if [[ $VCS_TYPE = "unknown" ]]; then if [[ $VCS_TYPE = "unknown" ]]; then
echo "ERROR: This must be run in a VCS repo: git, hg, or svn." echo "ERROR: This must be run in a VCS repo: git, hg, or svn." >&2
echo Exiting... echo Exiting... >&2
exit 1 exit 1
fi fi
} }
@@ -108,9 +108,9 @@ function fail_if_not_on_cryptlist() {
local name="$1" local name="$1"
if ! is_on_cryptlist "$name" ; then if ! is_on_cryptlist "$name" ; then
echo "ERROR: $name not found in $BB_FILES" echo "ERROR: $name not found in $BB_FILES" >&2
echo "PWD="$(/bin/pwd) echo "PWD="$(/bin/pwd) >&2
echo 'Exiting...' echo 'Exiting...' >&2
exit 1 exit 1
fi fi
} }
@@ -118,9 +118,9 @@ function fail_if_not_on_cryptlist() {
# Exit with error if keychain contains secret keys. # Exit with error if keychain contains secret keys.
function fail_if_keychain_has_secrets() { function fail_if_keychain_has_secrets() {
if [[ -s ${SECRING} ]]; then if [[ -s ${SECRING} ]]; then
echo 'ERROR: The file' "$SECRING" 'should be empty.' echo 'ERROR: The file' "$SECRING" 'should be empty.' >&2
echo 'Did someone accidentally add this private key to the ring?' echo 'Did someone accidentally add this private key to the ring?' >&2
echo 'Exiting...' echo 'Exiting...' >&2
exit 1 exit 1
fi fi
} }
@@ -137,9 +137,9 @@ function get_encrypted_filename() {
# Prepare keychain for use. # Prepare keychain for use.
function prepare_keychain() { function prepare_keychain() {
echo '========== Importing keychain: START' echo '========== Importing keychain: START' >&2
gpg --import "${PUBRING}" 2>&1 | egrep -v 'not changed$' gpg --import "${PUBRING}" 2>&1 | egrep -v 'not changed$' >&2
echo '========== Importing keychain: DONE' echo '========== Importing keychain: DONE' >&2
} }
# Add file to list of encrypted files. # Add file to list of encrypted files.
@@ -170,9 +170,9 @@ function encrypt_file() {
unencrypted="$1" unencrypted="$1"
encrypted="$2" encrypted="$2"
echo "========== Encrypting: $unencrypted" echo "========== Encrypting: $unencrypted" >&2
gpg --use-agent --yes --trust-model=always --encrypt -o "$encrypted" $(awk '{ print "-r" $1 }' < "$BB_ADMINS") "$unencrypted" gpg --use-agent --no-tty --yes --trust-model=always --encrypt -o "$encrypted" $(awk '{ print "-r" $1 }' < "$BB_ADMINS") "$unencrypted" >&2
echo '========== Encrypting: DONE' echo '========== Encrypting: DONE' >&2
} }
# Decrypt .gpg file, asking "yes/no" before overwriting unencrypted file. # Decrypt .gpg file, asking "yes/no" before overwriting unencrypted file.
@@ -183,11 +183,11 @@ function decrypt_file() {
encrypted="$1" encrypted="$1"
unencrypted="$2" unencrypted="$2"
echo '========== EXTRACTING ''"'$unencrypted'"' echo '========== EXTRACTING ''"'$unencrypted'"' >&2
old_umask=$(umask) old_umask=$(umask)
umask "$DECRYPT_UMASK" umask "$DECRYPT_UMASK"
gpg --use-agent -q --decrypt -o "$unencrypted" "$encrypted" gpg --use-agent --no-tty -q --decrypt -o "$unencrypted" "$encrypted" >&2
umask "$old_umask" umask "$old_umask"
} }
@@ -209,12 +209,12 @@ function decrypt_file_overwrite() {
old_umask=$(umask) old_umask=$(umask)
umask "$DECRYPT_UMASK" umask "$DECRYPT_UMASK"
gpg --use-agent --yes -q --decrypt -o "$unencrypted" "$encrypted" gpg --use-agent --no-tty --yes -q --decrypt -o "$unencrypted" "$encrypted" >&2
umask "$old_umask" umask "$old_umask"
new_hash=$(md5sum_file "$unencrypted") new_hash=$(md5sum_file "$unencrypted")
if [[ "$old_hash" != "$new_hash" ]]; then if [[ "$old_hash" != "$new_hash" ]]; then
echo "========== EXTRACTED $unencrypted" echo "========== EXTRACTED $unencrypted" >&2
fi fi
} }

4
bin/blackbox_edit_start
View File

@@ -11,7 +11,7 @@ source "${blackbox_home}/_blackbox_common.sh"
for param in """$@""" ; do for param in """$@""" ; do
unencrypted_file=$(get_unencrypted_filename "$param") unencrypted_file=$(get_unencrypted_filename "$param")
encrypted_file=$(get_encrypted_filename "$param") encrypted_file=$(get_encrypted_filename "$param")
echo ========== PLAINFILE '"'$unencrypted_file'"' echo >&2 ========== PLAINFILE '"'$unencrypted_file'"'
fail_if_not_on_cryptlist "$unencrypted_file" fail_if_not_on_cryptlist "$unencrypted_file"
fail_if_not_exists "$encrypted_file" "This should not happen." fail_if_not_exists "$encrypted_file" "This should not happen."
@@ -19,7 +19,7 @@ for param in """$@""" ; do
rm -f "$unencrypted_file" rm -f "$unencrypted_file"
fi fi
if [[ -f "$unencrypted_file" ]]; then if [[ -f "$unencrypted_file" ]]; then
echo SKIPPING: "$1" "Will not overwrite non-empty files." echo >&2 SKIPPING: "$1" "Will not overwrite non-empty files."
continue continue
fi fi