Check-in [fe9b9c5e48]
Overview
Comment:Updated password saving to be less atomic but more consistently able to preserve ACLs, permissions, etc
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: fe9b9c5e48b35bc2397a3bb34ef976949ba87b8a
User & Date: rkeene on 2016-03-15 19:51:31
Other Links: manifest | tags
Context
2016-03-15
19:53
Better error handling without a PKCS#11 module check-in: fb8686074b user: rkeene tags: trunk
19:51
Updated password saving to be less atomic but more consistently able to preserve ACLs, permissions, etc check-in: fe9b9c5e48 user: rkeene tags: trunk
19:41
Updated README to be more accurate and deal with the new storage mechanism check-in: bf46eec3a7 user: rkeene tags: trunk
Changes

Modified hunter2 from [a60ac58fb4] to [ec608c91c1].

266
267
268
269
270
271
272
273
274
275
276
277
278
279
280

281
282
283
284
285

286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303

304
305
306


307
308
309
310
311
312
313
314
315
316
317
318
319
320
266
267
268
269
270
271
272






273

274
275
276
277
278

279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296

297
298
299
300
301
302
303






304
305
306
307
308
309
310







-
-
-
-
-
-

-
+




-
+

















-
+



+
+

-
-
-
-
-
-








			$dbCmd eval "INSERT INTO $table ([join $keys {, }]) VALUES ([join $values {, }]);"
		}
	}
}

proc _saveDB {dbCmd fileName} {
	set tmpFileName "${fileName}.[expr rand()]"

	file delete -force -- $tmpFileName

	set fd [open $tmpFileName w]

	if {[info exists ::globalHeader($dbCmd)]} {
		puts $fd $::globalHeader($dbCmd)
		lappend output $::globalHeader($dbCmd)

		unset ::globalHeader($dbCmd)
	}

	puts $fd "# <AzureDiamond> oh, ok."
	lappend output "# <AzureDiamond> oh, ok."

	foreach table [list users passwords] {
		unset -nocomplain row
		$dbCmd eval "SELECT * FROM $table ORDER BY name;" row {
			set outputLine [list $table]

			unset -nocomplain row(*)

			foreach {key value} [array get row] {
				if {![regexp {^[a-zA-Z]+$} $value]} {
					set key ":$key"
					set value [binary encode base64 $value]
				}

				lappend outputLine $key $value
			}

			puts $fd $outputLine
			lappend output $outputLine
		}
	}

	set fd [open $fileName w 0600]
	puts $fd [join $output "\n"]
	close $fd

	catch {
		file attributes $tmpFileName {*}[file attributes $fileName]
	}

	file rename -force -- $tmpFileName $fileName
}

proc _listCertificates {} {
	if {![info exists ::env(PKCS11MODULE)]} {
		return [list]
	}