Permalink
Browse files

merge latest changes from Yahoo

- allow sigsh to just display the script using '-d'
- add '-V' flag to report version information
  • Loading branch information...
1 parent e0a0295 commit bd1b5c355bd82b14784fc4686aeef918e70759fb @jschauma committed Feb 9, 2016
Showing with 25 additions and 9 deletions.
  1. +2 −1 certs/Makefile
  2. +8 −4 doc/sigsh.1
  3. +15 −4 src/sigsh.sh
View
@@ -5,7 +5,8 @@ CERT?=mycert.pem
DATE!=date +%Y-%m-%d
SDATE!=date +%s
EXPSECONDS!=echo '( ${EXPIRE} * 24 * 60 * 60 ) + ${SDATE}' | bc
-EXPDATE!=date -j -f %s ${EXPSECONDS}
+OSNAME!=uname
+EXPDATE!=[ "${OSNAME}" = "Linux" ] && date -d "@${EXPSECONDS}" || date -j -f %s ${EXPSECONDS}
all: newcert
View
@@ -1,17 +1,17 @@
-.\" Copyright (c) 2010,2011 Yahoo! Inc.
+.\" Copyright (c) 2010-2016 Yahoo! Inc.
.\"
.\" This manual page was originally written by Jan Schaumann
.\" <jschauma@yahoo-inc.com> in September 2010.
-.Dd February 10, 2015
+.Dd February 08, 2016
.Dt SIGSH 1
.Os
.Sh NAME
.Nm sigsh
.Nd a signature verifying shell
.Sh SYNOPSIS
.Nm
+.Op Fl Vdx
.Op Fl f Ar certs
-.Op Fl x
.Op Fl p Ar prog
.Sh DESCRIPTION
.Nm
@@ -26,6 +26,10 @@ interpreter.
.Nm
supports the following flags:
.Bl -tag -width s_shell_
+.It Fl V
+Report version information and exit.
+.It Fl d
+Don't execute the commands, just show them.
.It Fl f Ar certs
Read ceritificates to trust from this file.
.It Fl p Ar prog
@@ -86,7 +90,7 @@ openssl smime -sign -nodetach -signer mycert.pem -inkey mykey.pem \\
.Pp
To execute the perl code contained in the signed PKCS#7 file 'code.pem':
.Bd -literal -offset indent
-sigsh -p /usr/bin/perl < code.pem
+sigsh -p /usr/bin/perl <code.pem
.Ed
.Sh EXIT STATUS
.Nm
View
@@ -1,6 +1,6 @@
#! /bin/sh
#
-# Copyright (c) 2010,2011 Yahoo! Inc.
+# Copyright (c) 2010,2011,2016 Yahoo! Inc.
# All rights reserved.
#
# Originally written by Jan Schaumann <jschauma@yahoo-inc.com> in October
@@ -56,6 +56,7 @@ CERTS="/etc/sigsh.pem"
PROGRAM="bash"
SSL_VERIFY="openssl smime -verify -inform pem -CAfile"
PROGNAME="${0##*/}"
+VERSION="0.7.1"
XTRACE=0
###
@@ -77,7 +78,9 @@ error() {
usage() {
cat <<EOH
-Usage: ${PROGNAME} [-x] [-f certs] [-p program]
+Usage: ${PROGNAME} [-Vdx] [-f certs] [-p program]
+ -V Print version info and exit.
+ -d Don't execute commands.
-f certs Read certs to trust from this file.
-p program Pipe commands into 'program'.
-x Enabled debugging.
@@ -119,15 +122,23 @@ xtrace() {
### Main
###
-while getopts 'f:p:x' opt; do
+while getopts 'Vdf:p:x' opt; do
case ${opt} in
+ V)
+ echo "${VERSION}"
+ exit 0
+ # NOTREACHED
+ ;;
+ d)
+ PROGRAM="cat"
+ ;;
f)
CERTS=$(verifyArg "${OPTARG}")
[ $? -gt 0 ] && exit 1
;;
p)
PROGRAM=$(verifyArg "${OPTARG}")
- [ $? -gt 0 ] && exit 1
+ [ $? -ne 0 ] && exit 1
;;
x)
XTRACE=1

0 comments on commit bd1b5c3

Please sign in to comment.