/usr/bin/jetring-apply is in jetring 0.21.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 | #!/usr/bin/perl
# Applies a changeset to a keyring.
use warnings;
use strict;
use File::Temp qw(tempdir);
use Cwd q{abs_path};
my @allowed_actions=qw(import edit-key delete-key);
my @gpgopts=qw(--command-fd 0 --no-auto-check-trustdb --options /dev/null
--no-default-keyring --batch --yes);
my $keyring=shift || usage();
my $changeset=shift || usage();
# avoid gnupg touching ~/.gnupg
$ENV{GNUPGHOME}=tempdir("jetring.XXXXXXXXXX", TMPDIR => 1, CLEANUP => 1);
$keyring=abs_path($keyring); # gpg works better with an absolute path
push @gpgopts, "--keyring", $keyring;
my $secring="secret-dummy.$$";
sub END {
unlink $secring if defined $secring;
unlink $keyring."~" if defined $keyring;# gpg backup file
}
open (SECRET_DUMMY, ">$secring") || die "$secring: $!";
close SECRET_DUMMY;
push @gpgopts, "--secret-keyring", abs_path($secring);
my %fields;
my $field;
open(CHANGESET, "<", $changeset) || die "$changeset: $!";
while (<CHANGESET>) {
chomp;
if ($_ eq "-----BEGIN PGP SIGNED MESSAGE-----") {
<CHANGESET> for 1..2;
next;
}
elsif ($_ eq "-----BEGIN PGP SIGNATURE-----") {
last;
}
if (/^([^\s]+):(?:\s+(.*))?/) {
$field=lc $1;
if (defined $2) {
$fields{$field}=$2;
}
else {
$fields{$field}='';
}
}
elsif (/^\s+(.*)/ && defined $field) {
$fields{$field}.="\n" if length $fields{$field};
$fields{$field}.=$1;
}
elsif ($_ eq "") {
process() if defined $field;
%fields=();
$field=undef;
}
else {
die "parse error on line $. of $changeset";
}
}
close CHANGESET;
process() if defined $field;
sub process {
if (! exists $fields{action}) {
die "$changeset missing action field";
}
my @action=split(' ', $fields{action});
my $command=shift @action;
if (! grep { $_ eq $command } @allowed_actions) {
die "$changeset contains disallowed action \"$command\"";
}
if (! exists $fields{data}) {
die "$changeset missing data field";
}
print "gpg --$command @action\n";
my $pid = open(GPG, "|-");
$SIG{PIPE} = 'IGNORE';
if (! $pid) {
exec("gpg", @gpgopts, "--$command", @action) ||
die("failed to run gpg");
}
$|=1;
GPG->autoflush(1);
foreach my $line (split("\n", $fields{data})) {
print ">> $line\n" if $command ne 'import';
print GPG "$line\n" || die "failed talking to gpg";
}
close GPG || die "gpg exited nonzero";
print "gpg operation complete\n\n";
}
sub usage {
die "Usage: jetring-apply keyring changeset\n";
}
|