diff options
| author | root <root@localhost> | 2013-02-14 00:00:00 +0000 |
|---|---|---|
| committer | root <root@localhost> | 2013-02-14 00:00:00 +0000 |
| commit | c689a38782d882ebb77c90152943e464dfe61d4f (patch) | |
| tree | f922a80e6f05d889579c3c0377b7af4aa16d27aa /git-remote-gcrypt | |
| parent | 1227529ff5fb46aaf2bdc7b4b70338a9c486728f (diff) | |
| download | git-remote-gcrypt-c689a38782d882ebb77c90152943e464dfe61d4f.tar.gz | |
Use gpg --secret-keyring /dev/null where possible
Diffstat (limited to 'git-remote-gcrypt')
| -rwxr-xr-x | git-remote-gcrypt | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/git-remote-gcrypt b/git-remote-gcrypt index 80bd9d5..8d07338 100755 --- a/git-remote-gcrypt +++ b/git-remote-gcrypt @@ -158,8 +158,7 @@ CLEAN_FINAL() ENCRYPT() { # Security protocol: - # Symmetric encryption using the long MASTERKEY. We use AES - # and OpenPGP's modification detection code (mdc). + # Symmetric encryption using the long MASTERKEY. (printf "%s" "$MASTERKEY" | \ gpg --batch --force-mdc --compress-algo none \ --passphrase-fd 0 --output - -c /dev/fd/3) 3<&0 @@ -178,13 +177,15 @@ CLEARSIGN() CHECKSIGN() { - gpg -q --no-default-keyring --keyring "$CONF_KEYRING" -d + gpg -q --batch --no-default-keyring \ + --secret-keyring /dev/null --keyring "$CONF_KEYRING" -d } DECRYPT() { (printf "%s" "$MASTERKEY" | \ - gpg -q --batch --no-default-keyring --keyring /dev/null \ + gpg -q --batch --no-default-keyring --secret-keyring /dev/null \ + --keyring /dev/null \ --passphrase-fd 0 --output - -d /dev/fd/3) 3<&0 } @@ -227,9 +228,9 @@ make_new_repo() KEYSIGN=$(printf "%s\n" "$MASTERKEY" | gpg --output - --clearsign) TMPMASTERKEY_ENC="$LOCALDIR/masterenc.$$" trap 'rm -f "$TMPMASTERKEY_ENC"' EXIT - printf "%s" "$KEYSIGN" | gpg --no-default-keyring \ - --keyring "$CONF_KEYRING" --compress-algo none -e $RECIPIENTS \ - > "$TMPMASTERKEY_ENC" + printf "%s" "$KEYSIGN" | gpg --batch --no-default-keyring \ + --secret-keyring /dev/null --keyring "$CONF_KEYRING" \ + --compress-algo none -e $RECIPIENTS > "$TMPMASTERKEY_ENC" PUT "$URL" masterkey < "$TMPMASTERKEY_ENC" rm -f "$TMPMASTERKEY_ENC" trap EXIT |