From owner-svn-doc-head@FreeBSD.ORG Tue Oct 1 13:29:30 2013 Return-Path: Delivered-To: svn-doc-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id EB4DA3E0; Tue, 1 Oct 2013 13:29:30 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D87472B01; Tue, 1 Oct 2013 13:29:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r91DTUBH060394; Tue, 1 Oct 2013 13:29:30 GMT (envelope-from des@svn.freebsd.org) Received: (from des@localhost) by svn.freebsd.org (8.14.7/8.14.5/Submit) id r91DTU98060393; Tue, 1 Oct 2013 13:29:30 GMT (envelope-from des@svn.freebsd.org) Message-Id: <201310011329.r91DTU98060393@svn.freebsd.org> From: Dag-Erling Smørgrav Date: Tue, 1 Oct 2013 13:29:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r42783 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Oct 2013 13:29:31 -0000 Author: des Date: Tue Oct 1 13:29:30 2013 New Revision: 42783 URL: http://svnweb.freebsd.org/changeset/doc/42783 Log: Largely reimplement addkey.sh to make it much more robust, including better command-line parsing and more consistent output. Modified: head/share/pgpkeys/addkey.sh Modified: head/share/pgpkeys/addkey.sh ============================================================================== --- head/share/pgpkeys/addkey.sh Tue Oct 1 13:19:40 2013 (r42782) +++ head/share/pgpkeys/addkey.sh Tue Oct 1 13:29:30 2013 (r42783) @@ -3,87 +3,158 @@ # $FreeBSD$ # -LANG=en_US.UTF-8; export LANG -unset LC_ALL -unset LC_MESSAGES - -me="$1" -if [ -z "${me}" ]; then - me=$(id -nu) -else - shift -fi +progname=$(basename $(realpath $0)) -id="$@" -if [ -z "${id}" ]; then - id="${me}@freebsd.org" -fi +# Print an informational message +info() { + echo "$@" >&2 +} + +# Print a warning message +warning() { + echo "WARNING: $@" >&2 +} + +# Print an error message and exit +error() { + echo "ERROR: $@" >&2 + exit 1 +} + +# Print usage message and exit +usage() { + echo "usage: ${progname} [user] [keyid ...]\n" >&2 + exit 1 +} +# Look for gpg gpg=$(which gpg) -if [ ! -x "${gpg}" ]; then - echo "GnuPG does not seem to be installed" >/dev/stderr - exit 1 -fi - -echo "Retrieving key..." -keylist=$(gpg --list-keys ${id}) -echo "${keylist}" | grep '^pub' -id=$(echo "${keylist}" | awk '/^pub/ { print $2 }' | sed 's%.*/%%' | sort -u) -id=$(echo $id) -if [ "${#id}" -lt 8 ]; then - echo "Invalid key ID." >/dev/stderr - exit 1 -elif [ "${#id}" -gt 8 ]; then - echo "WARNING: Multiple keys; exporting all. If this is not what you want," >/dev/stderr - echo "WARNING: you should specify a key ID on the command line." >/dev/stderr -fi -fp=$(gpg --fingerprint ${id}) -[ $? -eq 0 ] || exit 1 -key=$(gpg --no-version --armor --export ${id}) -[ $? -eq 0 ] || exit 1 - -keyfile="${me}.key" -if [ -f "${keyfile}" ]; then - rcsid=$(grep '^$' "${keyfile}") +if [ -z "${gpg}" -o ! -x "${gpg}" ] ; then + error "gpg does not seem to be installed" fi -if [ -z "${rcsid}" ]; then - rcsid='' +gpg() { + "${gpg}" \ + --display-charset utf-8 \ + --no-greeting \ + --no-secmem-warning \ + --keyid-format long \ + --list-options no-show-uid-validity \ + "$@" +} + +# Look up key by key ID +getkeybyid() { + gpg --with-colons --list-keys "$1" 2>/dev/null | awk -F: \ + '$5 ~ /^\([0-9A-F]{8}\)?'"$1"'$/i && $12 ~ /ESC/ { print $5 }' +} + +# Look up key by email +getkeybyemail() { + gpg --with-colons --list-keys "$1" 2>/dev/null | awk -F: \ + '$10 ~ /<'"$1"'>/i && $12 ~ /ESC/ { print $5 }' +} + +# The first command-line argument can be a user name or a key ID. +if [ $# -gt 0 ] && expr "$1" : '^[a-z][0-9a-z-]*$' >/dev/null ; then + me="$1" + shift +fi +if [ -z "${me}" ] ; then + me=$(id -nu) +fi +if [ -z "${me}" ] ; then + error "Unable to determine user name." +fi +if ! expr "${me}" : '^[a-z][0-9a-z-]*$' >/dev/null ; then + error "${me} does not seem like a valid user name." +fi + +if [ $# -ne 0 ] ; then + # Verify the keys that were specified on the command line + for arg ; do + case $(expr "${arg}" : '^[0-9A-Fa-f]\{8,16\}$') in + 8) + warning "${arg}: recommend using 16-digit keyid" + ;& + 16) + keyid=$(getkeybyid "${arg}") + if [ -n "${keyid}" ] ; then + keyids="${keyids} ${keyid}" + else + warning "${arg} not found" + fi + ;; + *) + warning "${arg} does not appear to be a valid key ID" + ;; + esac + done +else + # Search for keys by freebsd.org email + email="${me}@FreeBSD.org" + keyids=$(getkeybyemail "${email}") + case $(echo "${keyids}" | wc -w) in + 0) + error "no keys found for ${email}" + ;; + 1) + ;; + *) + warning "Multiple keys found for <${email}>; exporting all." + warning "If this is not what you want, specify a key ID" \ + "on the command line." + ;; + esac +fi + +# :( +if [ -z "${keyids}" ] ; then + error "no valid keys were found" fi -echo "Generating ${keyfile}..." + +# Generate key file +keyfile="${me}.key" +info "Generating ${keyfile}..." ( - echo "${rcsid}" + echo '' echo '' echo '' echo '' ) >"${keyfile}" -echo "Adding key to entity list..." -mv pgpkeys.ent pgpkeys.ent.orig || exit 1 -( - cat pgpkeys.ent.orig - printf '' 16 "${me}" "${keyfile}" -) | sort -u >pgpkeys.ent - -echo -echo "Unless you are already listed there, you should now add the" -echo "following text to pgpkeys-developers.xml (unless this is a" -echo "role key or you are a core member. In that case add to" -echo "pgpkeys-officers.xml or pgpkeys-core.xml)." -echo "Remember to keep the list sorted by last name!" -echo -echo " " -echo " &a.${me}.email;" -echo " &pgpkey.${me};" -echo " " -echo -echo "If this is a new entry, don't forget to 'svn add ${keyfile}'" -echo "and 'svn propset svn:keywords \"FreeBSD=%H\" ${keyfile}'" -echo "and commit each of ${keyfile}, pgpkeys.ent and" -echo "pgpkeys-developers.xml, pgpkeys-officers.xml, or" -echo "pgpkeys-core.xml as required." +info "Adding key to entity list..." +if ! grep -qwF "pgpkey.${me}" pgpkeys.ent ; then + mv pgpkeys.ent pgpkeys.ent.orig || exit 1 + ( + cat pgpkeys.ent.orig + echo "" + ) | sort -u >pgpkeys.ent +fi + +cat < + &a.${me}.email; + &pgpkey.${me}; + + +If this is a role key or you are a core member, you should add it to +either pgpkeys-officers.xml or pgpkeys-core.xml instead. + +If this is a new entry, don't forget to run the following commands +before committing: + +% svn add ${keyfile} +% svn propset svn:keywords \"FreeBSD=%H\" ${keyfile} + +EOF