[patch] security/keyringer

Hi,

when using keyringer I noticed some "usage:" warnings coming from
/usr/bin/date. When it notices an expired key/subkey, keyringer does
a Unix time -> human readable time conversion using
date --date=@$seconds (GNU date specific). Instead of adding a dep on
sysutils/coreutils, here's a diff to use base date(1) -r. The diff
doesn't change the control flow, it only fixes the terminal output.

I'd like this to be included in 6.6. ok?


Index: Makefile
===================================================================
RCS file: /cvs/ports/security/keyringer/Makefile,v
retrieving revision 1.6
diff -u -p -r1.6 Makefile
--- Makefile 12 Jul 2019 20:49:04 -0000 1.6
+++ Makefile 29 Sep 2019 12:14:56 -0000
@@ -3,6 +3,7 @@
COMMENT = manage and share secrets using GnuPG and Git

DISTNAME = keyringer-0.5.4
+REVISION = 0

CATEGORIES = security

Index: patches/patch-lib_keyringer_functions
===================================================================
RCS file: /cvs/ports/security/keyringer/patches/patch-lib_keyringer_functions,v
retrieving revision 1.4
diff -u -p -r1.4 patch-lib_keyringer_functions
--- patches/patch-lib_keyringer_functions 25 Apr 2019 15:04:44 -0000 1.4
+++ patches/patch-lib_keyringer_functions 29 Sep 2019 12:14:56 -0000
@@ -2,6 +2,7 @@ $OpenBSD: patch-lib_keyringer_functions,

- no mount -l/tmpfs in OpenBSD
- use gpg2, upstream seems to rely on gpg being gpg2
+- use date(1) -r instead of GNU date(1) --date=

Index: lib/keyringer/functions
--- lib/keyringer/functions.orig
@@ -54,7 +55,7 @@ Index: lib/keyringer/functions
if [ "$?" != "0" ]; then
if [ "$BASENAME" == "check" ]; then
refresh="no"
-@@ -727,7 +727,7 @@ function keyringer_check_expiration {
+@@ -727,14 +727,14 @@ function keyringer_check_expiration {
seconds="`date +%s`"

# Check the main key
@@ -63,7 +64,21 @@ Index: lib/keyringer/functions

# TODO: Time to expire can be configured via repository options.
ahead="$((86400 * 30 + $seconds))"
-@@ -754,7 +754,7 @@ function keyringer_check_expiration {
+
+ # Check if key is expired
+ if [ ! -z "$expiry" ] && [[ "$seconds" -gt "$expiry" ]]; then
+- echo -n "Warning: primary key for $recipient expired on `date --date="@$expiry"`"
++ echo -n "Warning: primary key for $recipient expired on `date -r "$expiry"`"
+
+ if [ "$KEYRINGER_MODE" == "write" ] || [ "$KEYRINGER_MODE" == "readwrite" ]; then
+ echo ", aborting."
+@@ -749,12 +749,12 @@ function keyringer_check_expiration {
+ # TODO: Users can be alerted by mail if configured by user preferences.
+ # TODO: Outgoing emails can be encrypted.
+ if [ "$BASENAME" == "check" ] && [ ! -z "$expiry" ] && [[ "$ahead" -gt "$expiry" ]]; then
+- echo "Warning: key $recipient will expire soon, on `date --date="@$expiry"`"
++ echo "Warning: key $recipient will expire soon, on `date -r "$expiry"`"
+ fi

# Check the subkeys
local subkey=""
@@ -72,6 +87,15 @@ Index: lib/keyringer/functions
local expiry=$(cut -d : -f 7 <<< "$subkey")

if [[ -z "$expiry" ]]; then
+@@ -765,7 +765,7 @@ function keyringer_check_expiration {
+ not_expired="1"
+
+ if [[ "$ahead" -gt "$expiry" ]] && [ "$BASENAME" == "check" ]; then
+- echo "Warning: subkey from $recipient will expire soon, on `date --date="@$expiry"`"
++ echo "Warning: subkey from $recipient will expire soon, on `date -r "$expiry"`"
+ fi
+ fi
+ done
@@ -851,7 +851,7 @@ function keyringer_create_new_recipients {
recipient="`grep -e "^default-key" ~/.gnupg/gpg.conf | cut -d ' ' -f 2`"



--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE