Commit 42b0e019 authored by Dubiousjim's avatar Dubiousjim Committed by Natanael Copa

abuild-keygen: refactor

parent 811a2150
......@@ -22,6 +22,20 @@ msg() {
# ask for privkey unless non-interactive mode
# returns value in global $privkey
get_privkey_file() {
emailaddr=${PACKAGER##*<}
emailaddr=${emailaddr%%>*}
# if PACKAGER does not contain a valid email address, then ask git
if [ -z "$emailaddr" ] || [ "${emailaddr##*@}" = "$emailaddr" ]; then
emailaddr=$(git config --get user.email 2>/dev/null)
fi
if [ -n "$emailaddr" ]; then
default_name="$emailaddr-$(printf "%x" $(date +%s))"
else
default_name="$USER-$(printf "%x" $(date +%s))"
fi
privkey="$abuild_home/$default_name.rsa"
[ "$non_interactive" = "yes" ] && return 0
echo "Generating public/private rsa key pair for abuild"
......@@ -33,6 +47,52 @@ get_privkey_file() {
fi
}
do_keygen() {
mkdir -p "$abuild_home"
get_privkey_file
pubkey="$privkey.pub"
# generate the private key in a subshell with stricter umask
(
umask 0007
openssl genrsa -out "$privkey" 2048
)
openssl rsa -in "$privkey" -pubout -out "$pubkey"
if [ -n "$install_pubkey" ]; then
msg "Installing $pubkey to /etc/apk/keys..."
sudo mkdir -p /etc/apk/keys
sudo cp -i "$pubkey" /etc/apk/keys/
else
msg ""
msg "You'll need to install $pubkey into "
msg "/etc/apk/keys to be able to install packages and repositories signed with"
msg "$privkey"
fi
if [ -n "$append_config" ]; then
if [ -f "$abuild_userconf" ]; then
# comment out the existing values
sed -i -e 's/^\(PACKAGER_PRIVKEY=.*\)/\#\1/' "$abuild_userconf"
fi
echo "PACKAGER_PRIVKEY=\"$privkey\"" >> "$abuild_userconf"
else
msg ""
msg "You might want add following line to $abuild_userconf:"
msg ""
msg "PACKAGER_PRIVKEY=\"$privkey\""
msg ""
fi
msg ""
msg "Please remember to make a safe backup of your private key:"
msg "$privkey"
msg ""
}
# print usage and exit
usage() {
echo "abuild-keygen $abuild_ver"
......@@ -53,20 +113,6 @@ usage() {
# read user config if exists
[ -f "$abuild_userconf" ] && . "$abuild_userconf"
emailaddr=${PACKAGER##*<}
emailaddr=${emailaddr%%>*}
# if PACKAGER does not contain a valid email address, then ask git
if [ -z "$emailaddr" ] || [ "${emailaddr##*@}" = "$emailaddr" ]; then
emailaddr=$(git config --get user.email 2>/dev/null)
fi
if [ -n "$emailaddr" ]; then
default_name="$emailaddr-$(printf "%x" $(date +%s))"
else
default_name="$USER-$(printf "%x" $(date +%s))"
fi
while getopts "ahinq" opt; do
case $opt in
a) append_config=yes;;
......@@ -78,47 +124,4 @@ while getopts "ahinq" opt; do
done
shift $(( $OPTIND - 1))
mkdir -p "$abuild_home"
get_privkey_file
pubkey="$privkey.pub"
# generate the private key in a subshell with stricter umask
(
umask 0007
openssl genrsa -out "$privkey" 2048
)
openssl rsa -in "$privkey" -pubout -out "$pubkey"
if [ -n "$install_pubkey" ]; then
msg "Installing $pubkey to /etc/apk/keys..."
sudo mkdir -p /etc/apk/keys
sudo cp -i "$pubkey" /etc/apk/keys/
else
msg ""
msg "You'll need to install $pubkey into "
msg "/etc/apk/keys to be able to install packages and repositories signed with"
msg "$privkey"
fi
if [ -n "$append_config" ]; then
if [ -f "$abuild_userconf" ]; then
# comment out the existing values
sed -i -e 's/^\(PACKAGER_PRIVKEY=.*\)/\#\1/' "$abuild_userconf"
fi
echo "PACKAGER_PRIVKEY=\"$privkey\"" >> "$abuild_userconf"
else
msg ""
msg "You might want add following line to $abuild_userconf:"
msg ""
msg "PACKAGER_PRIVKEY=\"$privkey\""
msg ""
fi
msg ""
msg "Please remember to make a safe backup of your private key:"
msg "$privkey"
msg ""
do_keygen
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment