| 1 |
On Wed, Mar 06, 2013 at 06:25:38PM -0100, Carlos Silva wrote: |
| 2 |
> + if ! use module-signing; then |
| 3 |
> + return 1 |
| 4 |
> + fi |
| 5 |
|
| 6 |
use module-signing || return 1 |
| 7 |
|
| 8 |
> + |
| 9 |
> + # Check that the configuration is correct |
| 10 |
> + KERNEL_MODSECKEY="${KERNEL_MODSECKEY:-${KV_DIR}/signing_key.priv}" |
| 11 |
|
| 12 |
No shell field-splits (aka word-split) assignments. If sh did that, then |
| 13 |
things like foo=$(cmd ...) would not work; so there's no need to quote |
| 14 |
there. It's only needed for foo="$bar baz" and the like, and foo="$*" iff |
| 15 |
you're playing with IFS (for completeness.) |
| 16 |
|
| 17 |
That, and case $foo in .. are the *only* two places I know of where sh |
| 18 |
doesn't field split; bash also has [[ as below. arr[i]=$bar works, but |
| 19 |
arr+=("$bar") requires the quotes. |
| 20 |
|
| 21 |
> + if [ ! -z "${KERNEL_MODSECKEY}x" -a ! -e "${KERNEL_MODSECKEY}" ]; then |
| 22 |
|
| 23 |
What is the x for there? It's forcing the first test to true and is thus |
| 24 |
redundant. Also, bash has [[ which doesn't field-split, and is quicker: |
| 25 |
|
| 26 |
if [[ -n $KERNEL_MODSECKEY -a ! -e $KERNEL_MODSECKEY ]]; then |
| 27 |
|
| 28 |
Though from the above, the -n (or ! -z) test is not needed, as it's set to |
| 29 |
$KV_DIR/signing_key.priv if empty: |
| 30 |
|
| 31 |
if [[ ! -e $KERNEL_MODSECKEY ]]; then |
| 32 |
|
| 33 |
I think I'd use -s instead of -e here, as an empty file is also incorrect. |
| 34 |
(help test) |
| 35 |
|
| 36 |
> + eerror "KERNEL_MODSECKEY points to a missing file:" |
| 37 |
> + eerror "${KERNEL_MODSECKEY}" |
| 38 |
> + die "Invalid KERNEL_MODSECKEY" |
| 39 |
> + fi |
| 40 |
> + if [ ! -z "${KERNEL_MODPUBKEY}x" -a ! -e "${KERNEL_MODPUBKEY}" ]; then |
| 41 |
|
| 42 |
Ditto. |
| 43 |
|
| 44 |
-- |
| 45 |
#friendly-coders -- We're friendly, but we're not /that/ friendly ;-) |
Archives