Sanitize file names (#20)

diff --git a/lib/keyringer/functions b/lib/keyringer/functions
index 1bc6393826fb7cc03e680a139b06c0a3f9194729..37a33aa70d8df9159a11239652d1b9899efe427c 100755 (executable)
--- a/lib/keyringer/functions
+++ b/lib/keyringer/functions
@@ -333,7 +333,17 @@ function keyringer_get_file {
 
 # Get a new file argument
 function keyringer_get_new_file {
-  FILE="$(keyringer_filename "$1")"
+  # File must not contain spaces
+  if [ ! -z "$2" ] ; then
+    FILE="`echo "$*" | sed -e 's/ /_/g'`"
+    echo "File $* has spaces, secret will be named as $FILE..."
+  else
+    FILE="$1"
+  fi
+
+  # Sanitize and complete file name
+  FILE="`echo $FILE | sed -e s/[^A-Za-z0-9.]/_/g`"
+  FILE="$(keyringer_filename "$FILE")"
   
   if [ -z "$FILE" ]; then
     keyringer_action_usage

diff --git a/share/keyringer/encrypt b/share/keyringer/encrypt
index c0b787409d920a9c826bcc92200a2fe59f2c0d89..ac305a422aa015d24c91058e8c611bccaabe9a11 100755 (executable)
--- a/share/keyringer/encrypt
+++ b/share/keyringer/encrypt
@@ -10,7 +10,8 @@ source "$LIB" || exit 1
 # Aditional parameters
 if [ ! -z "$3" ]; then
   UNENCRYPTED_FILE="$2"
-  keyringer_get_new_file "$3"
+  shift 2
+  keyringer_get_new_file "$*"
 
   if [ ! -f "$UNENCRYPTED_FILE" ]; then
     echo "Error: cannot encrypted $UNENCRYPTED_FILE: file not found."
@@ -18,7 +19,8 @@ if [ ! -z "$3" ]; then
   fi
 else
   UNENCRYPTED_FILE="-"
-  keyringer_get_new_file "$2"
+  shift
+  keyringer_get_new_file $*
 fi
 
 # Set recipients file

diff --git a/share/keyringer/genpair b/share/keyringer/genpair
index 5e013dc5d0ccbf8ecefb76dd7c9c450c0ac93cca..f9777143c4caa05f3bb5496c2aac723ab7c2f363 100755 (executable)
--- a/share/keyringer/genpair
+++ b/share/keyringer/genpair
@@ -194,9 +194,11 @@ if [ -z "$NODE" ]; then
   echo -e "Usage: keyringer <keyring> $BASENAME <gpg|ssh|ssl|ssl-self> <file> <hostname> [outfile]"
   echo -e "Options:"
   echo -e "\t gpg|ssh|ssl[-self]: key type."
-  echo -e "\t file                      : base file name for encrypted output (relative to keys folder)"
+  echo -e "\t file                      : base file name for encrypted output (relative to keys folder),"
+  echo -e "\t                             without spaces"
   echo -e "\t hostname                  : host for the key pair"
-  echo -e "\t outfile                   : optional unencrypted output file, useful for deployment"
+  echo -e "\t outfile                   : optional unencrypted output file, useful for deployment,"
+  echo -e "\t                             without spaces"
   exit 1
 elif [ ! -e "$KEYDIR" ]; then
   echo "Folder not found: $KEYDIR, leaving"

diff --git a/share/man/keyringer.1.mdwn b/share/man/keyringer.1.mdwn
index 3abf8b875296871fb59fe31709deb3edae26ff7b..d7fb2a6d0006bd7389dc1639eb281c266048c0d1 100644 (file)
--- a/share/man/keyringer.1.mdwn
+++ b/share/man/keyringer.1.mdwn
@@ -55,6 +55,8 @@ of an encrypted file relative to keyring with optional `.asc` extension.
 If the `.asc` extension is ommited, keyringer will add it in the end of the
 pathname.
 
+No spaces are allowed in the secret name.
+
 Secret manipulation actions do not commit changes into the secret repository.
 After any manipulation, the user has to manually commit the changes using the
 git wrapper action.
@@ -79,7 +81,8 @@ edit <*secret*>
    again.
 
 encrypt [*file*] <*secret*>
-:  Encrypts content from standard input or *file* into *secret* pathname.
+:  Encrypts content from standard input or *file* into *secret* pathname. No spaces
+   are supported in the *file* name.
 
 encrypt-batch <*secret*>
 :  Encrypt content, batch mode.