X-Git-Url: https://zdv2.bktei.com/gitweb/EVA-2020-02.git/blobdiff_plain/238775e6ff3d7a699a601590f881e9c08a9397e6..0b923d462ecb33b04d1fdd7e45ecbd4ed79c1509:/exec/bkgpslog?ds=sidebyside diff --git a/exec/bkgpslog b/exec/bkgpslog index 6429b84..84a74b0 100755 --- a/exec/bkgpslog +++ b/exec/bkgpslog @@ -14,7 +14,7 @@ DIR_TMP_DEFAULT="/dev/shm"; # Default parent of working directory SCRIPT_TIME_START=$(date +%Y%m%dT%H%M%S.%N); PATH="$HOME/.local/bin:$PATH"; # Add "$(systemd-path user-binaries)" path in case apps saved there SCRIPT_HOSTNAME=$(hostname); # Save hostname of system running this script. -SCRIPT_VERSION="0.3.5"; # Define version of script. +SCRIPT_VERSION="0.3.8"; # Define version of script. SCRIPT_NAME="bkgpslog"; # Define basename of script file. SCRIPT_URL="https://gitlab.com/baltakatei/ninfacyzga-01"; # Define wesite hosting this script. AGE_VERSION="1.0.0-beta2"; # Define version of age (encryption program) @@ -714,7 +714,7 @@ checkMakeTar() { appendArgTar(){ # Desc: Writes first argument to temporary file with arguments as options, then appends file to tar # Usage: appendArgTar "$(echo "Data to be written.")" [name of file to be inserted] [tar path] [temp dir] ([cmd1] [cmd2] [cmd3] [cmd4]...) - # Version: 1.0.2 + # Version: 1.0.3 # Input: arg1: data to be written # arg2: file name of file to be inserted into tar # arg3: tar archive path (must exist first) @@ -726,6 +726,7 @@ appendArgTar(){ # appendArgTar "$(cat /tmp/largefile2.gpg)" "largefile2" $HOME/archive.tar /tmp "gpg --decrypt" & # appendArgTar "$(cat /tmp/largefile3.gpg)" "largefile3" $HOME/archive.tar /tmp "gpg --decrypt" & # Depends: bash 5 + # Ref/Attrib: Using 'eval' to construct command strings https://askubuntu.com/a/476533 # Save function name local FN="${FUNCNAME[0]}"; @@ -746,7 +747,11 @@ appendArgTar(){ if ! [ -z "$7" ]; then CMD3="$7"; else CMD3="tee /dev/null "; fi # command string 3 if ! [ -z "$8" ]; then CMD4="$8"; else CMD4="tee /dev/null "; fi # command string 4 + # Input command + CMD0="echo \"\$1\"" + # # Debug + # yell "DEBUG:STATUS:$FN:CMD0:$CMD0" # yell "DEBUG:STATUS:$FN:CMD1:$CMD1" # yell "DEBUG:STATUS:$FN:CMD2:$CMD2" # yell "DEBUG:STATUS:$FN:CMD3:$CMD3" @@ -756,7 +761,7 @@ appendArgTar(){ # yell "DEBUG:STATUS:$FN:TMP_DIR:$TMP_DIR" # Write to temporary working dir - echo "$1" | $CMD1 | $CMD2 | $CMD3 | $CMD4 > "$TMP_DIR"/"$FILENAME"; + eval "$CMD0"" | ""$CMD1"" | ""$CMD2"" | ""$CMD3"" | ""$CMD4" > "$TMP_DIR"/"$FILENAME"; # Append to tar try tar --append --directory="$TMP_DIR" --file="$TAR_PATH" "$FILENAME"; @@ -765,7 +770,7 @@ appendArgTar(){ appendFileTar(){ # Desc: Processes first file and then appends to tar # Usage: appendFileTar [file path] [name of file to be inserted] [tar path] [temp dir] ([cmd1] [cmd2] [cmd3] [cmd4]...) - # Version: 1.0.1 + # Version: 1.0.2 # Input: arg1: path of file to be (processed and) written # arg2: name to use for file inserted into tar # arg3: tar archive path (must exist first) @@ -793,7 +798,12 @@ appendFileTar(){ if ! [ -z "$6" ]; then CMD2="$6"; else CMD2="tee /dev/null "; fi # command string 2 if ! [ -z "$7" ]; then CMD3="$7"; else CMD3="tee /dev/null "; fi # command string 3 if ! [ -z "$8" ]; then CMD4="$8"; else CMD4="tee /dev/null "; fi # command string 4 + + # Input command string + CMD0="cat \"\$1\"" + # # Debug + # yell "DEBUG:STATUS:$FN:CMD0:$CMD0" # yell "DEBUG:STATUS:$FN:CMD1:$CMD1" # yell "DEBUG:STATUS:$FN:CMD2:$CMD2" # yell "DEBUG:STATUS:$FN:CMD3:$CMD3" @@ -803,12 +813,48 @@ appendFileTar(){ # yell "DEBUG:STATUS:$FN:TMP_DIR:$TMP_DIR" # Write to temporary working dir - cat "$1" | $CMD1 | $CMD2 | $CMD3 | $CMD4 > "$TMP_DIR"/"$FILENAME"; + eval "$CMD0 | $CMD1 | $CMD2 | $CMD3 | $CMD4" > "$TMP_DIR"/"$FILENAME"; # Append to tar try tar --append --directory="$TMP_DIR" --file="$TAR_PATH" "$FILENAME"; #yell "DEBUG:STATUS:$FN:Finished appendFileTar()." } # Append file to Tar archive +validateInput() { + # Desc: Validates Input + # Usage: validateInput [str input] [str input type] + # Version: 0.2.1 + # Input: arg1: string to validate + # arg2: string specifying input type (ex:"ssh_pubkey") + # Output: return code 0: if input string matched specified string type + # Depends: bash 5, yell + + # Save function name + local FN="${FUNCNAME[0]}"; + + # Process arguments + argInput="$1"; + argType="$2"; + if [[ $# -gt 2 ]]; then yell "ERROR:$0:$FN:Too many arguments."; exit 1; fi; + + # Check for blank + if [[ -z "$argInput" ]]; then return 1; fi + + # Define input types + ## ssh_pubkey + ### Check for alnum/dash base64 (ex: "ssh-rsa AAAAB3NzaC1yc2EAAA") + if [[ "$argType" = "ssh_pubkey" ]]; then + if [[ "$argInput" =~ ^[[:alnum:]-]*[\ ]*[[:alnum:]+/=]*$ ]]; then + return 0; fi; fi; + + ## age_pubkey + ### Check for age1[:bech32:] + if [[ "$argType" = "age_pubkey" ]]; then + if [[ "$argInput" =~ ^age1[qpzry9x8gf2tvdw0s3jn54khce6mua7l]*$ ]]; then + return 0; fi; fi + + # Return error if no condition matched. + return 1; +} # Validates strings magicWriteVersion() { # Desc: Appends time-stamped VERSION to PATHOUT_TAR # Usage: magicWriteVersion @@ -925,9 +971,10 @@ main() { if checkapp age; then # Check that age is available. for pubkey in "${recPubKeys[@]}"; do # Validate recipient pubkey strings by forming test message vbm "DEBUG:Testing pubkey string:$pubkey"; - if echo "butts" | age -a -r "$pubkey" 1>/dev/null; then + if echo "butts" | age -a -r "$pubkey" 1>/dev/null && + ( validateInput "$pubkey" "ssh_pubkey" || validateInput "$pubkey" "age_pubkey"); then #### Form age recipient string - recipients="$recipients""-r $pubkey "; + recipients="$recipients""-r '$pubkey' "; vbm "STATUS:Added pubkey for forming age recipient string:""$pubkey"; vbm "DEBUG:recipients:""$recipients"; #### Add validated pubkey to recPubKeysValid array @@ -939,26 +986,26 @@ main() { vbm "DEBUG:Finished processing recPubKeys array"; ## Form age command string - CMD_ENCRYPT="age ""$recipients "; - CMD_ENCRYPT_SUFFIX=".age"; + CMD_ENCRYPT="age ""$recipients " && vbm "CMD_ENCRYPT:$CMD_ENCRYPT"; + CMD_ENCRYPT_SUFFIX=".age" && vbm "CMD_ENCRYPT_SUFFIX:$CMD_ENCRYPT_SUFFIX"; else yell "ERROR:Encryption enabled but \"age\" not found. Exiting."; exit 1; fi else - CMD_ENCRYPT="tee /dev/null "; - CMD_ENCRYPT_SUFFIX=""; + CMD_ENCRYPT="tee /dev/null " && vbm "CMD_ENCRYPT:$CMD_ENCRYPT"; + CMD_ENCRYPT_SUFFIX="" && vbm "CMD_ENCRYPT_SUFFIX:$CMD_ENCRYPT_SUFFIX"; vbm "DEBUG:Encryption not enabled." fi if [[ "$OPTION_COMPRESS" = "true" ]]; then # Check if compression option active if checkapp gzip; then # Check if gzip available - CMD_COMPRESS="gzip "; - CMD_COMPRESS_SUFFIX=".gz"; + CMD_COMPRESS="gzip " && vbm "CMD_COMPRESS:$CMD_COMPRESS"; + CMD_COMPRESS_SUFFIX=".gz" && vbm "CMD_COMPRESS_SUFFIX:$CMD_COMPRESS_SUFFIX"; else yell "ERROR:Compression enabled but \"gzip\" not found. Exiting."; exit 1; fi else - CMD_COMPRESS="tee /dev/null "; - CMD_COMPRESS_SUFFIX=""; + CMD_COMPRESS="tee /dev/null " && vbm "CMD_COMPRESS:$CMD_COMPRESS"; + CMD_COMPRESS_SUFFIX="" && vbm "CMD_COMPRESS_SUFFIX:$CMD_COMPRESS_SUFFIX"; vbm "DEBUG:Compression not enabled."; fi