Put recovery script directories in variables
ci/woodpecker/push/woodpecker Pipeline was successful
Details
ci/woodpecker/push/woodpecker Pipeline was successful
Details
Signed-off-by: Skylar "The Cobra" Widulski <cobra@vern.cc>
This commit is contained in:
parent
d5f8e1db7f
commit
da0d4e3a3b
|
@ -8,6 +8,9 @@ do
|
||||||
declare arg_${parm[i]}=${parm[i+1]}
|
declare arg_${parm[i]}=${parm[i+1]}
|
||||||
done
|
done
|
||||||
|
|
||||||
|
runtime_dir=/var/log/challenges
|
||||||
|
gpg_home="$runtime_dir"/.gnupg
|
||||||
|
|
||||||
urldecode() { : "${*//+/ }"; echo -e "${_//%/\\x}"; }
|
urldecode() { : "${*//+/ }"; echo -e "${_//%/\\x}"; }
|
||||||
sig="$(urldecode "$arg_signature")"
|
sig="$(urldecode "$arg_signature")"
|
||||||
key="$(urldecode "$arg_newkey")"
|
key="$(urldecode "$arg_newkey")"
|
||||||
|
@ -26,7 +29,7 @@ generate_challenge() {
|
||||||
page=default
|
page=default
|
||||||
return
|
return
|
||||||
fi
|
fi
|
||||||
openssl rand -hex 32 > "/var/log/challenges/$arg_username"
|
openssl rand -hex 32 > "$runtime_dir/$arg_username"
|
||||||
page=submit
|
page=submit
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -57,16 +60,16 @@ submit_challenge() {
|
||||||
page=default
|
page=default
|
||||||
return
|
return
|
||||||
fi
|
fi
|
||||||
echo "$sig" > "/var/log/challenges/$arg_username.gpg"
|
echo "$sig" > "$runtime_dir/$arg_username.gpg"
|
||||||
gpg --homedir /var/log/challenges --import "/vm/$arg_username/.pgp.asc" &> /dev/null
|
gpg --homedir "$gpg_home" --import "/vm/$arg_username/.pgp.asc" &> /dev/null
|
||||||
if gpg --homedir /var/log/challenges \
|
if gpg --homedir "$gpg_home" \
|
||||||
--trust-model always \
|
--trust-model always \
|
||||||
--verify "/var/log/challenges/$arg_username.gpg" \
|
--verify "$runtime_dir/$arg_username.gpg" \
|
||||||
"/var/log/challenges/$arg_username" &> /dev/null; then
|
"$runtime_dir/$arg_username" &> /dev/null; then
|
||||||
if [[ "$(gpg --homedir /var/log/challenges \
|
if [[ "$(gpg --homedir $gpg_home \
|
||||||
--trust-model always \
|
--trust-model always \
|
||||||
--verify "/var/log/challenges/$arg_username.gpg" \
|
--verify "$runtime_dir/$arg_username.gpg" \
|
||||||
"/var/log/challenges/$arg_username" 2>&1 |
|
"$runtime_dir/$arg_username" 2>&1 |
|
||||||
sed -n 's/.*using.*key \(.*\)/\1/p')" == \
|
sed -n 's/.*using.*key \(.*\)/\1/p')" == \
|
||||||
"$keyid" ]]; then
|
"$keyid" ]]; then
|
||||||
echo "$key" >> "/vm/$username/.ssh/authorized_keys"
|
echo "$key" >> "/vm/$username/.ssh/authorized_keys"
|
||||||
|
@ -101,7 +104,7 @@ case "$arg_method" in
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
sedcmd=" -e 's/USERNAME/$arg_username/' -e 's/CHALLENGE/$(</var/log/challenges/$arg_username)/' -e 's/KEYID/$keyid/'"
|
sedcmd=" -e 's/USERNAME/$arg_username/' -e 's/CHALLENGE/$(<$runtime_dir/$arg_username)/' -e 's/KEYID/$keyid/'"
|
||||||
sedcmd="$sedcmd $(if [[ $nokey == 1 ]]; then
|
sedcmd="$sedcmd $(if [[ $nokey == 1 ]]; then
|
||||||
printf '%s' '-e "s/NOKEY/This user has no <code>.pgp.asc</code> file/"'
|
printf '%s' '-e "s/NOKEY/This user has no <code>.pgp.asc</code> file/"'
|
||||||
else
|
else
|
||||||
|
|
Loading…
Reference in New Issue