From bb0ab83b5a10b0ff812484df11667765f43ecd44 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Fri, 27 Mar 2015 01:23:12 +0100
Subject: Refactorization.

---
 cli/icevault | 58 +++++++++++++++++++++++++++++++++++++---------------------
 1 file changed, 37 insertions(+), 21 deletions(-)

diff --git a/cli/icevault b/cli/icevault
index 73136d1..992ee6a 100755
--- a/cli/icevault
+++ b/cli/icevault
@@ -80,6 +80,11 @@ sub usage($) {
     exit $rv;
 }
 
+sub mysystem(@) {
+    system {$_[0]} @_;
+    error "C<%s> exited with value %d", $_[0], ($? >> 8) if $? and $? != -1;
+}
+
 # grepIdx BLOCK LIST
 # Evaluates the BLOCK for each element of LIST (locally setting $_ to
 # each element) and returns the list value consisting of the index of
@@ -134,7 +139,7 @@ sub loadConfig($) {
         chomp;
         s/#.*//;         # ignore comments
         next if /^\s*$/; # ignore empty and blank lines
-        /^([-\@\w.]+)(?:\s*=\s*)(\p{print}+)/ or error "Can't parse config line: C<%s>", $_;
+        /^([-\@a-zA-Z0-9.]+)(?:\s*=\s*)(\p{Print}+)/ or error "Can't parse config line: C<%s>", $_;
         $CONFIG{$1} //= $2;
     }
     close $CONFIG;
@@ -162,10 +167,11 @@ sub connect($) {
         }
         closedir $dh;
         error "No Firefox profile found under C<%s>", $ffdir unless defined $profile;
-        "$ffdir/$profile" =~ /\A(\p{Print}+)\z/ or error "Insecure C<%s>", "$ffdir/$profile"; # untaint $ffdir/$profile
-        $sockname = "$1/$sockname";
-        myprintf \*STDERR, "Using socket C<%s>", $sockname if $CONFIG{debug};
+        $sockname = "$$ffdir/$profile/$sockname";
     }
+    myprintf \*STDERR, "Using socket C<%s>", $sockname if $CONFIG{debug};
+    $sockname =~ /\A(\/\p{Print}+)\z/ or error "Insecure C<%s>", $sockname; # untaint $sockname
+    $sockname = $1;
 
     require 'IO/Socket/UNIX.pm';
     $SOCKET = IO::Socket::UNIX->new( Type => IO::Socket::UNIX::SOCK_STREAM(), Peer => $sockname )
@@ -224,13 +230,31 @@ sub sendCommand(@) {
     getResponse();
 }
 
+
+# Glob over all form templates.  Note that the output needs to be
+# $LOCALE-decode'ed.
+sub myglob(;$$$) {
+    my ($s, $h, $i) = @_;
+    my $glob = $LOCALE->encode($CONFIG{store});
+    require 'File/Glob.pm';
+
+    $glob =~ s/([\\\[\]\{\}\*\?\~])/\\$1/g;
+    $glob =~ s{\%(.)}{ $1 eq '%' ? '%' :
+                       $1 eq 's' ? $s // '*' :
+                       $1 eq 'h' ? $h // '*' :
+                       $1 eq 'i' ? $i // '*' :
+                       die "Invalid placeholder %$1" }ge;
+
+    myprintf \*STDERR, "Using glob pattern C<%s>", $glob if $CONFIG{debug};
+    return File::Glob::bsd_glob($glob);
+}
+
 # Get all identities with the given $prefix.  If there are multiple
 # matches and $all is false, limit the output to one depth more than the
 # longuest common prefix.
 sub complete($;$) {
     my $prefix = shift // '';
     my $all = shift;
-    require 'File/Glob.pm';
 
     my $pat = $CONFIG{store};
     my ($s, $h, $i); # extract URI components from the prefix
@@ -253,14 +277,6 @@ sub complete($;$) {
     $gh .= '*' if defined $gh and !defined $gi;
     $gi .= '*' if defined $gi;
 
-    my $glob = $pat;
-    $glob =~ s/([\\\[\]\{\}\*\?\~])/\\$1/g;
-    $glob =~ s{\%(.)}{ $1 eq '%' ? '%' :
-                       $1 eq 's' ? $gs // '*' :
-                       $1 eq 'h' ? $gh // '*' :
-                       $1 eq 'i' ? $gi // '*' :
-                       die "Invalid placeholder %$1" }ge;
-
     # construct regexp to extract the URI compontents of the matching URIs
     my ($ps, $ph, $pi) = ($s, $h, $i);
     $ps = defined $h ? qr/(?<s>\Q$s\E)/ : (defined $s and $s ne '') ? qr/(?<s>\Q$s\E[A-Za-z0-9-]*)/ : qr/(?<s>[A-Za-z0-9-]+)/;
@@ -275,11 +291,11 @@ sub complete($;$) {
                           die "Invalid placeholder %$1"}ge;
     $pat = qr/\A$pat\z/;
 
-    myprintf \*STDERR, "Using glob pattern C<%s>", $glob if $CONFIG{debug};
-    myprintf \*STDERR, "Using regexp C<%s>", "$pat"      if $CONFIG{debug};
+    myprintf \*STDERR, "Using regexp C<%s>", "$pat" if $CONFIG{debug};
 
     my @matches;
-    foreach my $filename (File::Glob::bsd_glob($glob)) {
+    foreach my $filename (myglob($gs, $gh, $gi)) {
+        next unless -f $filename;
         $LOCALE->decode($filename) =~ $pat or die "$filename doesn't match $pat";
         push @matches, "$+{s}://$+{h}/$+{i}";
     }
@@ -339,8 +355,7 @@ sub getIdentityFile($) {
                            $1 eq 'h' ? $h :
                            $1 eq 'i' ? $i :
                            die "Invalid placeholder %$1" }ge;
-    $filename =~ /\A(\p{Print}+)\z/ or error "Insecure C<%s>", $filename; # untaint $filename
-    return $1;
+    return $filename;
 }
 
 # Decrypt the given identity file.  In scalar context, return the
@@ -846,8 +861,9 @@ elsif ($command eq 'edit') {
     require 'File/Temp.pm';
 
     error "C<%s> is not set", '$EDITOR' unless defined $ENV{EDITOR};
-    $ENV{EDITOR} =~ /\A(\p{Print}+)\z/ or error "Insecure C<%s>", "\$EDITOR";
-    my $EDITOR = $1; # untaint $EDITOR
+    my $EDITOR = $ENV{EDITOR} // 'editor';
+    $EDITOR =~ /\A(\p{Print}+)\z/ or error "Insecure C<%s>", "\$EDITOR";
+    $EDITOR = $1; # untaint $EDITOR
 
     my $fh = File::Temp->new(SUFFIX => '.yaml', UNLINK => 0, TMPDIR => 1) or die;
     END { unlink $fh->filename if defined $fh; } # never leave cleartext lying around
@@ -855,7 +871,7 @@ elsif ($command eq 'edit') {
 
     my $h = sha256_file $fh->filename;
     while (1) {
-        system $EDITOR, $fh->filename;
+        mysystem $EDITOR, $fh->filename;
         error "C<%s> exited with value %d", $EDITOR, ($? >> 8) if $? and $? != -1;
         my $h2 = sha256_file $fh->filename;
 
-- 
cgit v1.2.3