├── .gitignore
├── Gopkg.toml
├── .travis.yml
├── fixtures
    └── signed.attached
├── Gopkg.lock
├── Makefile
├── lookup
    ├── localpgp_test.go
    ├── lookup_test.go
    ├── localpgp.go
    ├── keybase.go
    └── lookup.go
├── signature_test.go
├── signature.go
├── script_test.go
├── main.go
├── script.go
├── README.md
└── LICENSE


/.gitignore:
--------------------------------------------------------------------------------
1 | files/
2 | vendor/
3 | 
4 | pipethis*
5 | 


--------------------------------------------------------------------------------
/Gopkg.toml:
--------------------------------------------------------------------------------
1 | [[constraint]]
2 |   version = "^1.1"
3 |   name = "github.com/stretchr/testify"
4 | 
5 | [[constraint]]
6 |   branch = "master"
7 |   name = "golang.org/x/crypto"
8 | 


--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
 1 | sudo: false
 2 | language: go
 3 | os:
 4 |     - linux
 5 |     - osx
 6 | env:
 7 |     global:
 8 |         - PATH="$HOME/gopath/bin:$HOME/bin:$PATH"
 9 | 
10 | # need to fix the linter before enabling tip again
11 | matrix:
12 |     include:
13 |         - os: linux
14 |           go: tip
15 | 
16 | notifications:
17 |     email:
18 |         on_success: never
19 | 
20 | go:
21 |     - 1.7.6
22 |     - 1.8.3
23 | 
24 | before_install:
25 |     - go get github.com/mattn/goveralls
26 | 
27 | script:
28 |     - make test
29 |     - goveralls -service=travis-ci
30 | 


--------------------------------------------------------------------------------
/fixtures/signed.attached:
--------------------------------------------------------------------------------
 1 | -----BEGIN PGP SIGNED MESSAGE-----
 2 | Hash: SHA256
 3 | 
 4 | # PIPETHIS_AUTHOR 5AA6F296
 5 | 
 6 | echo this is my file and there will be one match
 7 | -----BEGIN PGP SIGNATURE-----
 8 | 
 9 | wsFcBAEBCAAQBQJW7YbQCRALxruWWqbylgAAAwcQACrkjS8FVy6T5+pdrcYQToo3
10 | 41ppFNARFLor94lgeDzzuR4XkfNR4Cms8saceKTLfkan5nxnS/w6c/koFPskDHyS
11 | 2mZL0dDia7KUNMPt2rZGC6CLkKXs83eWAFZr4S2Y4gUYQGatAzvhTc9kgFtPRyBn
12 | DA6FT4zj5JK4CcmxHITHeKokCwOdje80kGYlX2u3e5bqQpTbKLQ2oLMMZFfEXrDJ
13 | Y3QOOKmBBKrS1TXVBReauojXVNNjADPZHYQzGoxgZ0GjTESkEjzrCjQnnTMcIN4C
14 | nlskH9q28xyeDWBj+H7gNOpQZ2B3fs0cUs05Ucce/xBZeHaXqaW3GFmfdCbv1J9A
15 | CjgVMGojAjTZf47y1mmHL9yh9gkXaLTYyO37MNku+cR0ntKIi3VyIHopiljYPGOG
16 | r3EFxZOHg40QalMezFIfUG0S2MLpJ9+d5cvgdzHHHZYeL49L17U6eePnbt++xmGy
17 | RrnWb1C/OXxYfCveB42v1/gg9novYYZ8/n/OLCsOL37v+b8rwEjNufmv+7G7DqOU
18 | ejljGRd27WQSBaYQMovWGpgLmMyCiW6wnUbYFivlOTcnMvOnRsBXqCJt0jdpFEBp
19 | hfZr8sPYSgWIDnkt7DWIwd8/eap5mgMkC5j+Q81Lcv01OfDmppRlMWRf+a4BpHFd
20 | FiV3SWOrHc2hIbLugeNf
21 | =tnov
22 | -----END PGP SIGNATURE-----
23 | 


--------------------------------------------------------------------------------
/Gopkg.lock:
--------------------------------------------------------------------------------
 1 | # This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
 2 | 
 3 | 
 4 | [[projects]]
 5 |   name = "github.com/davecgh/go-spew"
 6 |   packages = ["spew"]
 7 |   revision = "346938d642f2ec3594ed81d874461961cd0faa76"
 8 |   version = "v1.1.0"
 9 | 
10 | [[projects]]
11 |   name = "github.com/pmezard/go-difflib"
12 |   packages = ["difflib"]
13 |   revision = "792786c7400a136282c1664665ae0a8db921c6c2"
14 |   version = "v1.0.0"
15 | 
16 | [[projects]]
17 |   name = "github.com/stretchr/testify"
18 |   packages = ["assert","require","suite"]
19 |   revision = "69483b4bd14f5845b5a1e55bca19e954e827f1d0"
20 |   version = "v1.1.4"
21 | 
22 | [[projects]]
23 |   branch = "master"
24 |   name = "golang.org/x/crypto"
25 |   packages = ["cast5","openpgp","openpgp/armor","openpgp/clearsign","openpgp/elgamal","openpgp/errors","openpgp/packet","openpgp/s2k"]
26 |   revision = "e1a4589e7d3ea14a3352255d04b6f1a418845e5e"
27 | 
28 | [solve-meta]
29 |   analyzer-name = "dep"
30 |   analyzer-version = 1
31 |   inputs-digest = "4fe170334603e2ee2092c4dcb62076416836204f8755e1b295d6da91ae171ce3"
32 |   solver-name = "gps-cdcl"
33 |   solver-version = 1
34 | 


--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
 1 | bin = pipethis
 2 | build = $(shell git describe --tags)-$(shell go env GOOS)-$(shell go env GOARCH)
 3 | goversion = $(word 3, $(shell go version))
 4 | dist = $(bin)-$(build).tar.bz2
 5 | files = $(shell go list ./... | grep -v vendor)
 6 | 
 7 | all: test build
 8 | 
 9 | .PHONY: test
10 | test: deps lint 
11 | 	go test -cover -race $(files)
12 | 
13 | .PHONY: build
14 | build: deps
15 | 	go build -o $(bin) -ldflags "-w -s -X main.bin=$(bin) -X main.build=$(build) -X main.builder=$(goversion)"
16 | 
17 | .PHONY: clean
18 | clean: dist-clean
19 | # go clean -r hits a bunch of the stdlib, which isn't ideal
20 | 	go clean -i ./...
21 | 	rm -f $(bin)*
22 | 
23 | .PHONY: dist
24 | dist: build
25 | 	tar -jcf $(dist) $(bin)
26 | 	gpg --detach-sign --armor --output $(dist).sig $(dist)
27 | 
28 | .PHONY: dist-clean
29 | dist-clean:
30 | 	rm -f $(dist)*
31 | 
32 | .PHONY: lint
33 | lint:
34 | 	@go get github.com/golang/lint/golint
35 | 	@go get honnef.co/go/tools/cmd/gosimple
36 | 	@go get honnef.co/go/tools/cmd/staticcheck
37 | 	@if gofmt -l -s . |grep -v vendor/; then \
38 | 		echo "found formatting errors. run gofmt -s -d ." && exit 1; \
39 | 	fi
40 | 	go vet $(files)
41 | 	staticcheck $(files)
42 | 	golint $(files)
43 | 	gosimple $(files)
44 | 
45 | .PHONY: deps
46 | deps:
47 | 	@go get github.com/golang/dep/cmd/dep
48 | 	dep ensure
49 | 
50 | .PHONY: watch
51 | watch:
52 | 	@while true; do \
53 | 		go test -cover -race $(files); \
54 | 		echo watching for changes...; \
55 | 		inotifywait -qqre modify,create,delete,move --exclude "\.git" .; \
56 | 	done
57 | 


--------------------------------------------------------------------------------
/lookup/localpgp_test.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | pipethis: Stop piping the internet into your shell
 3 | Copyright 2016 Ellotheth
 4 | 
 5 | Use of this source code is governed by the GNU Public License version 2
 6 | (GPLv2). You should have received a copy of the GPLv2 along with your copy of
 7 | the source. If not, see http://www.gnu.org/licenses/gpl-2.0.html.
 8 | */
 9 | 
10 | package lookup
11 | 
12 | import (
13 | 	"os"
14 | 	"testing"
15 | 
16 | 	"github.com/stretchr/testify/suite"
17 | )
18 | 
19 | type LocalPGPTest struct {
20 | 	suite.Suite
21 | }
22 | 
23 | func (s *LocalPGPTest) TestIsMatchMatchesOnFingerprint() {
24 | 	local := LocalPGPService{}
25 | 	user := User{Fingerprint: "foobar"}
26 | 
27 | 	s.True(local.isMatch("oba", user))
28 | 	s.True(local.isMatch("foo", user))
29 | 	s.True(local.isMatch("bar", user))
30 | 	s.True(local.isMatch("FOOBAR", user))
31 | }
32 | 
33 | func (s *LocalPGPTest) TestIsMatchMatchesOnEmails() {
34 | 	local := LocalPGPService{}
35 | 	user := User{Emails: []string{"foobar", "bizbaz", "THINGS"}}
36 | 
37 | 	s.True(local.isMatch("oba", user))
38 | 	s.True(local.isMatch("foo", user))
39 | 	s.True(local.isMatch("bar", user))
40 | 	s.True(local.isMatch("FOOBAR", user))
41 | 	s.True(local.isMatch("zba", user))
42 | 	s.True(local.isMatch("thin", user))
43 | }
44 | 
45 | func (s *LocalPGPTest) TestIsMatchFailsWithoutMatches() {
46 | 	local := LocalPGPService{}
47 | 	user := User{}
48 | 
49 | 	s.False(local.isMatch("foo", user))
50 | }
51 | 
52 | func (s *LocalPGPTest) TestGnupgHomeOverride() {
53 | 	os.Setenv("GNUPGHOME", "/foo")
54 | 	_, err := NewLocalPGPService()
55 | 	s.EqualError(err, "stat /foo/pubring.gpg: no such file or directory")
56 | 	os.Unsetenv("GNUPGHOME")
57 | }
58 | 
59 | func (s *LocalPGPTest) TestBuildRingfileName() {
60 | 	cases := []struct {
61 | 		home      string
62 | 		gnupghome string
63 | 		expected  string
64 | 	}{
65 | 		{"/foo/", "", "/foo/.gnupg/pubring.gpg"},
66 | 		{"/foo", "", "/foo/.gnupg/pubring.gpg"},
67 | 		{"foo", "", "foo/.gnupg/pubring.gpg"},
68 | 		{"foo", "/things", "/things/pubring.gpg"},
69 | 		{"foo", "/things/", "/things/pubring.gpg"},
70 | 		{"foo", "things/", "things/pubring.gpg"},
71 | 		{"", "/things/", "/things/pubring.gpg"},
72 | 		{"", "", ".gnupg/pubring.gpg"},
73 | 	}
74 | 
75 | 	for _, c := range cases {
76 | 		os.Setenv("HOME", c.home)
77 | 		os.Setenv("GNUPGHOME", c.gnupghome)
78 | 		local := LocalPGPService{}
79 | 		local.buildRingfileName()
80 | 		s.Equal(c.expected, local.ringfile)
81 | 	}
82 | }
83 | 
84 | func TestLocalPGPTest(t *testing.T) {
85 | 	suite.Run(t, new(LocalPGPTest))
86 | }
87 | 


--------------------------------------------------------------------------------
/signature_test.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | pipethis: Stop piping the internet into your shell
 3 | Copyright 2016 Ellotheth
 4 | 
 5 | Use of this source code is governed by the GNU Public License version 2
 6 | (GPLv2). You should have received a copy of the GPLv2 along with your copy of
 7 | the source. If not, see http://www.gnu.org/licenses/gpl-2.0.html.
 8 | */
 9 | 
10 | package main
11 | 
12 | import (
13 | 	"io/ioutil"
14 | 	"os"
15 | 	"testing"
16 | 
17 | 	"github.com/stretchr/testify/suite"
18 | )
19 | 
20 | type SigTest struct {
21 | 	suite.Suite
22 | }
23 | 
24 | func (s *SigTest) TestNewCreatesFilename() {
25 | 	sig := NewSignature(nil, &Script{filename: "foo.sh"}, "")
26 | 	s.Equal("foo.sh.sig", sig.Name())
27 | }
28 | 
29 | func (s *SigTest) TestSourceUsesSaved() {
30 | 	sig := Signature{source: "foosig"}
31 | 	s.Equal("foosig", sig.Source())
32 | }
33 | 
34 | func (s *SigTest) TestSourceBuildsFromScript() {
35 | 	sig := Signature{script: &Script{source: "scriptsource"}}
36 | 	s.Equal("scriptsource.sig", sig.Source())
37 | }
38 | 
39 | func (s *SigTest) TestSourceEmptyWithClearsignedScript() {
40 | 	sig := Signature{script: &Script{clearsigned: true}}
41 | 	s.Equal("", sig.Source())
42 | }
43 | 
44 | func (s *SigTest) TestDownloadIsNoopWithClearsignedScript() {
45 | 	sig := Signature{script: &Script{clearsigned: true}}
46 | 	s.NoError(sig.Download())
47 | }
48 | 
49 | func (s *SigTest) TestDownloadFailsWithoutSource() {
50 | 	sig := Signature{}
51 | 	s.Error(sig.Download())
52 | }
53 | 
54 | func (s *SigTest) TestDownloadFailsWithNonexistentSource() {
55 | 	sig := Signature{source: "not-a-real-file"}
56 | 	s.Error(sig.Download())
57 | }
58 | 
59 | func (s *SigTest) TestDownloadFailsWithoutDestinationName() {
60 | 	f, err := ioutil.TempFile("", "pipethis-test-")
61 | 	if err != nil {
62 | 		s.Fail("Failed creating the test file")
63 | 	}
64 | 
65 | 	sig := Signature{source: f.Name()}
66 | 	defer os.Remove(sig.Source())
67 | 
68 | 	s.Error(sig.Download())
69 | }
70 | 
71 | func (s *SigTest) TestDownloadCopiesFile() {
72 | 	f, err := ioutil.TempFile("", "pipethis-test-")
73 | 	if err != nil {
74 | 		s.Fail("Failed creating the test file")
75 | 	}
76 | 
77 | 	sig := Signature{source: f.Name(), filename: "destination"}
78 | 	defer os.Remove(sig.Source())
79 | 	defer os.Remove(sig.Name())
80 | 
81 | 	expected := []byte("file contents, wooo")
82 | 	ioutil.WriteFile(sig.Source(), expected, os.ModePerm)
83 | 
84 | 	s.NoError(sig.Download())
85 | 
86 | 	actual, _ := ioutil.ReadFile(sig.Name())
87 | 	s.Equal(expected, actual)
88 | }
89 | 
90 | func (s *SigTest) TestBodyFailsWithoutFiles() {
91 | 	sig := Signature{}
92 | 	_, err := sig.Body()
93 | 	s.Error(err)
94 | }
95 | 
96 | func TestSignatureTest(t *testing.T) {
97 | 	suite.Run(t, new(SigTest))
98 | }
99 | 


--------------------------------------------------------------------------------
/lookup/lookup_test.go:
--------------------------------------------------------------------------------
  1 | /*
  2 | pipethis: Stop piping the internet into your shell
  3 | Copyright 2016 Ellotheth
  4 | 
  5 | Use of this source code is governed by the GNU Public License version 2
  6 | (GPLv2). You should have received a copy of the GPLv2 along with your copy of
  7 | the source. If not, see http://www.gnu.org/licenses/gpl-2.0.html.
  8 | */
  9 | 
 10 | package lookup
 11 | 
 12 | import (
 13 | 	"os"
 14 | 	"strings"
 15 | 	"testing"
 16 | 
 17 | 	"github.com/stretchr/testify/suite"
 18 | )
 19 | 
 20 | type LookupTest struct {
 21 | 	home string
 22 | 	suite.Suite
 23 | }
 24 | 
 25 | func (s *LookupTest) SetupSuite() {
 26 | 	s.home = os.Getenv("HOME")
 27 | 	os.Setenv("HOME", strings.TrimRight(os.TempDir(), "/"))
 28 | }
 29 | 
 30 | func (s *LookupTest) TeardownSuite() {
 31 | 	os.Setenv("HOME", s.home)
 32 | }
 33 | 
 34 | func (s *LookupTest) TestUserString() {
 35 | 	expected := `     Identifier: me
 36 |         Twitter: 
 37 |          Github: me
 38 |     Hacker News: 
 39 |          Reddit: 
 40 |     Fingerprint: foobitybar
 41 |            Site: google.com
 42 |            Site: yahoo.com
 43 |           Email: me@myself
 44 |           Email: you@yourself
 45 | `
 46 | 	user := User{
 47 | 		Username:    "me",
 48 | 		Fingerprint: "foobitybar",
 49 | 		GitHub:      "me",
 50 | 		Sites:       []string{"google.com", "yahoo.com"},
 51 | 		Emails:      []string{"me@myself", "you@yourself"},
 52 | 	}
 53 | 
 54 | 	s.Equal(expected, user.String())
 55 | }
 56 | 
 57 | func (s *LookupTest) TestNewKeyServiceBailsOnUnrecognizedType() {
 58 | 	service, err := NewKeyService("foo", false)
 59 | 	s.Nil(service)
 60 | 	s.EqualError(err, "Unrecognized key service")
 61 | }
 62 | 
 63 | func (s *LookupTest) TestNewKeyServiceAcceptsKeybaseWithoutPipe() {
 64 | 	service, err := NewKeyService("keybase", false)
 65 | 
 66 | 	s.NoError(err)
 67 | 	s.IsType(&KeybaseService{}, service)
 68 | }
 69 | 
 70 | func (s *LookupTest) TestNewKeyServiceForcesLocalWithPipe() {
 71 | 	_, err := NewKeyService("keybase", true)
 72 | 	s.Error(err)
 73 | 
 74 | 	perr, ok := err.(*os.PathError)
 75 | 	s.True(ok)
 76 | 	s.Equal(os.Getenv("HOME")+"/.gnupg/pubring.gpg", perr.Path)
 77 | }
 78 | 
 79 | func (s *LookupTest) TestChooseSingleMatchBailsWithoutMatches() {
 80 | 	user, err := chooseSingleMatch([]User{})
 81 | 
 82 | 	s.Error(err)
 83 | 	s.Equal(User{}, user)
 84 | }
 85 | 
 86 | func (s *LookupTest) TestChooseSingleMatchBailsWithMoreThanOneMatch() {
 87 | 	user, err := chooseSingleMatch([]User{{}, {}})
 88 | 
 89 | 	s.Error(err)
 90 | 	s.Equal(User{}, user)
 91 | }
 92 | 
 93 | func (s *LookupTest) TestChooseSingleMatchReturnsSingleMatch() {
 94 | 	user, err := chooseSingleMatch([]User{{Username: "foo"}})
 95 | 
 96 | 	s.NoError(err)
 97 | 	s.Equal("foo", user.Username)
 98 | }
 99 | 
100 | func TestLookupTest(t *testing.T) {
101 | 	suite.Run(t, new(LookupTest))
102 | }
103 | 


--------------------------------------------------------------------------------
/signature.go:
--------------------------------------------------------------------------------
  1 | /*
  2 | pipethis: Stop piping the internet into your shell
  3 | Copyright 2016 Ellotheth
  4 | 
  5 | Use of this source code is governed by the GNU Public License version 2
  6 | (GPLv2). You should have received a copy of the GPLv2 along with your copy of
  7 | the source. If not, see http://www.gnu.org/licenses/gpl-2.0.html.
  8 | */
  9 | 
 10 | package main
 11 | 
 12 | import (
 13 | 	"errors"
 14 | 	"io"
 15 | 	"os"
 16 | 
 17 | 	"golang.org/x/crypto/openpgp"
 18 | )
 19 | 
 20 | // Signature represents the PGP signature to be verified against a key and
 21 | // Script.
 22 | type Signature struct {
 23 | 	key      openpgp.KeyRing
 24 | 	script   *Script
 25 | 	filename string
 26 | 	source   string
 27 | }
 28 | 
 29 | // NewSignature loads a key ring and Script into a new Signature.
 30 | func NewSignature(key openpgp.KeyRing, script *Script, source string) *Signature {
 31 | 	sig := &Signature{key: key, script: script, source: source}
 32 | 	sig.filename = script.Name() + ".sig"
 33 | 
 34 | 	return sig
 35 | }
 36 | 
 37 | // Name is the name of the temporary file holding the signature.
 38 | func (s Signature) Name() string {
 39 | 	return s.filename
 40 | }
 41 | 
 42 | // Source is the original location of the signature file. It defaults to
 43 | // <script source>.sig.
 44 | func (s *Signature) Source() string {
 45 | 	if s.source != "" || s.script == nil || s.script.IsClearsigned() || s.script.IsPiped() {
 46 | 		return s.source
 47 | 	}
 48 | 
 49 | 	s.source = s.script.Source() + ".sig"
 50 | 
 51 | 	return s.source
 52 | }
 53 | 
 54 | // Download saves the signature to a temporary file.
 55 | func (s *Signature) Download() error {
 56 | 	if s.script != nil && s.script.IsClearsigned() {
 57 | 		return nil
 58 | 	}
 59 | 
 60 | 	source := s.Source()
 61 | 	if source == "" {
 62 | 		return errors.New("The signature source location is missing")
 63 | 	}
 64 | 
 65 | 	body, err := getFile(source)
 66 | 	if err != nil {
 67 | 		return errors.New("Couldn't open the signature source file at " + source)
 68 | 	}
 69 | 	defer body.Close()
 70 | 
 71 | 	file, err := os.Create(s.Name())
 72 | 	if err != nil {
 73 | 		return err
 74 | 	}
 75 | 	defer file.Close()
 76 | 
 77 | 	_, err = io.Copy(file, body)
 78 | 	if err != nil {
 79 | 		return nil
 80 | 	}
 81 | 
 82 | 	return nil
 83 | }
 84 | 
 85 | // Body opens Signature.Name() for reading, downloading it first if necessary.
 86 | func (s *Signature) Body() (ReadSeekCloser, error) {
 87 | 	info, err := os.Stat(s.Name())
 88 | 	if err != nil && !os.IsNotExist(err) {
 89 | 		return nil, err
 90 | 	}
 91 | 
 92 | 	if os.IsNotExist(err) || info.Size() == 0 {
 93 | 		err := s.Download()
 94 | 		if err != nil {
 95 | 			return nil, errors.New(err.Error() + " (do you need to set -signature?)")
 96 | 		}
 97 | 	}
 98 | 
 99 | 	return os.Open(s.Name())
100 | }
101 | 
102 | // Verify checks Signature.Name() against the public key and script file, and
103 | // returns an error if the signature cannot be verified.
104 | func (s *Signature) Verify() error {
105 | 	signed, err := s.script.Body()
106 | 	if err != nil {
107 | 		return err
108 | 	}
109 | 	defer signed.Close()
110 | 
111 | 	signature, err := s.Body()
112 | 	if err != nil {
113 | 		return err
114 | 	}
115 | 	defer signature.Close()
116 | 
117 | 	if _, err := openpgp.CheckDetachedSignature(s.key, signed, signature); err == nil {
118 | 		return nil
119 | 	}
120 | 
121 | 	signature.Seek(0, 0) // i'm sure there's a good reason i don't need to reset the script...
122 | 	if _, err := openpgp.CheckArmoredDetachedSignature(s.key, signed, signature); err == nil {
123 | 		return nil
124 | 	}
125 | 
126 | 	return errors.New("Failed to verify signature")
127 | }
128 | 


--------------------------------------------------------------------------------
/lookup/localpgp.go:
--------------------------------------------------------------------------------
  1 | /*
  2 | pipethis: Stop piping the internet into your shell
  3 | Copyright 2016 Ellotheth
  4 | 
  5 | Use of this source code is governed by the GNU Public License version 2
  6 | (GPLv2). You should have received a copy of the GPLv2 along with your copy of
  7 | the source. If not, see http://www.gnu.org/licenses/gpl-2.0.html.
  8 | */
  9 | 
 10 | package lookup
 11 | 
 12 | import (
 13 | 	"errors"
 14 | 	"os"
 15 | 	"path"
 16 | 	"strconv"
 17 | 	"strings"
 18 | 
 19 | 	"golang.org/x/crypto/openpgp"
 20 | )
 21 | 
 22 | // LocalPGPService implements the KeyService interface for a local GnuPG
 23 | // public keyring.
 24 | type LocalPGPService struct {
 25 | 	ringfile string
 26 | 	ring     openpgp.EntityList
 27 | }
 28 | 
 29 | // NewLocalPGPService creates a new LocalPGPService if it finds a local
 30 | // public keyring; otherwise it bails.
 31 | func NewLocalPGPService() (*LocalPGPService, error) {
 32 | 
 33 | 	service := &LocalPGPService{}
 34 | 	service.buildRingfileName()
 35 | 
 36 | 	info, err := os.Stat(service.ringfile)
 37 | 	if err != nil || info.Size() == 0 {
 38 | 		return nil, err
 39 | 	}
 40 | 
 41 | 	return service, nil
 42 | }
 43 | 
 44 | func (l *LocalPGPService) buildRingfileName() {
 45 | 	gnupgHome := path.Join(os.Getenv("HOME"), ".gnupg")
 46 | 
 47 | 	// Check if an override for GNUPG home is set
 48 | 	if os.Getenv("GNUPGHOME") != "" {
 49 | 		gnupgHome = os.Getenv("GNUPGHOME")
 50 | 	}
 51 | 
 52 | 	l.ringfile = path.Join(gnupgHome, "pubring.gpg")
 53 | }
 54 | 
 55 | // Ring loads the local public keyring so LocalPGPService can use it later. If
 56 | // it's already been loaded, Ring returns the existing version.
 57 | func (l *LocalPGPService) Ring() openpgp.EntityList {
 58 | 	if l.ring != nil {
 59 | 		return l.ring
 60 | 	}
 61 | 
 62 | 	reader, err := os.Open(l.ringfile)
 63 | 	if err != nil {
 64 | 		return nil
 65 | 	}
 66 | 	defer reader.Close()
 67 | 
 68 | 	ring, err := openpgp.ReadKeyRing(reader)
 69 | 	if err != nil {
 70 | 		return nil
 71 | 	}
 72 | 
 73 | 	return ring
 74 | }
 75 | 
 76 | // Matches finds all the public keys that have a fingerprint or identity (name
 77 | // and email address) that match query. If no matches are found, Matches
 78 | // returns an error.
 79 | func (l *LocalPGPService) Matches(query string) ([]User, error) {
 80 | 	users := []User{}
 81 | 
 82 | 	ring := l.Ring()
 83 | 	if ring == nil {
 84 | 		return nil, errors.New("No key ring loaded")
 85 | 	}
 86 | 
 87 | 	// this is why LocalPGPService.ring has to be an EntityList instead of the
 88 | 	// more generic KeyRing: can't iterate through the latter. Botheration.
 89 | 	for _, key := range ring {
 90 | 		user := User{
 91 | 			Fingerprint: key.PrimaryKey.KeyIdString(),
 92 | 		}
 93 | 
 94 | 		for name := range key.Identities {
 95 | 			user.Emails = append(user.Emails, name)
 96 | 		}
 97 | 
 98 | 		if l.isMatch(query, user) {
 99 | 			users = append(users, user)
100 | 		}
101 | 	}
102 | 
103 | 	if len(users) == 0 {
104 | 		return nil, errors.New("No matches")
105 | 	}
106 | 
107 | 	return users, nil
108 | }
109 | 
110 | func (l LocalPGPService) isMatch(query string, user User) bool {
111 | 	if strings.Contains(strings.ToUpper(user.Fingerprint), strings.ToUpper(query)) {
112 | 		return true
113 | 	}
114 | 
115 | 	for _, email := range user.Emails {
116 | 		if strings.Contains(strings.ToUpper(email), strings.ToUpper(query)) {
117 | 			return true
118 | 		}
119 | 	}
120 | 
121 | 	return false
122 | }
123 | 
124 | // Key gets the PGP public key from the local public keyring for a user's
125 | // fingerprint and returns the keyRing representation. If the fingerprint is
126 | // invalid or more than one public key is found, Key returns an error.
127 | func (l *LocalPGPService) Key(user User) (openpgp.EntityList, error) {
128 | 	id, err := strconv.ParseUint(user.Fingerprint, 16, 64)
129 | 	if err != nil {
130 | 		return nil, err
131 | 	}
132 | 
133 | 	ring := l.Ring()
134 | 	keys := ring.KeysById(id)
135 | 	if len(keys) != 1 {
136 | 		return nil, errors.New("More than one key returned, not sure what to do")
137 | 	}
138 | 
139 | 	list := []*openpgp.Entity{keys[0].Entity}
140 | 
141 | 	return list, nil
142 | }
143 | 


--------------------------------------------------------------------------------
/lookup/keybase.go:
--------------------------------------------------------------------------------
  1 | /*
  2 | pipethis: Stop piping the internet into your shell
  3 | Copyright 2016 Ellotheth
  4 | 
  5 | Use of this source code is governed by the GNU Public License version 2
  6 | (GPLv2). You should have received a copy of the GPLv2 along with your copy of
  7 | the source. If not, see http://www.gnu.org/licenses/gpl-2.0.html.
  8 | */
  9 | 
 10 | package lookup
 11 | 
 12 | import (
 13 | 	"encoding/json"
 14 | 	"errors"
 15 | 	"io/ioutil"
 16 | 	"net/http"
 17 | 	"regexp"
 18 | 
 19 | 	"golang.org/x/crypto/openpgp"
 20 | )
 21 | 
 22 | type keybaseResponse struct {
 23 | 	Status struct {
 24 | 		Code int    `json:"code"`
 25 | 		Name string `json:"name"`
 26 | 	} `json:"status"`
 27 | 	Users []struct {
 28 | 		Details struct {
 29 | 			Username    keybaseUserVal   `json:"username"`
 30 | 			Fingerprint keybaseUserVal   `json:"key_fingerprint"`
 31 | 			FullName    keybaseUserVal   `json:"full_name"`
 32 | 			Twitter     keybaseUserVal   `json:"twitter"`
 33 | 			GitHub      keybaseUserVal   `json:"github"`
 34 | 			HackerNews  keybaseUserVal   `json:"hackernews"`
 35 | 			Reddit      keybaseUserVal   `json:"reddit"`
 36 | 			Sites       []keybaseUserVal `json:"websites"`
 37 | 		} `json:"components"`
 38 | 	} `json:"completions"`
 39 | }
 40 | 
 41 | type keybaseUserVal struct {
 42 | 	Value string `json:"val"`
 43 | }
 44 | 
 45 | // KeybaseService implements the KeyService interface for https://keybase.io
 46 | type KeybaseService struct{}
 47 | 
 48 | func (k KeybaseService) lookup(query string) ([]byte, error) {
 49 | 	if matches, _ := regexp.MatchString(`^[a-zA-Z0-9_\-\.]+$`, query); !matches {
 50 | 		return nil, errors.New("Invalid user requested")
 51 | 	}
 52 | 
 53 | 	resp, err := http.Get("https://keybase.io/_/api/1.0/user/autocomplete.json?q=" + query)
 54 | 	if err != nil {
 55 | 		return nil, err
 56 | 	}
 57 | 	defer resp.Body.Close()
 58 | 
 59 | 	results, err := ioutil.ReadAll(resp.Body)
 60 | 	if err != nil {
 61 | 		return nil, err
 62 | 	}
 63 | 
 64 | 	return results, nil
 65 | }
 66 | 
 67 | func (k KeybaseService) parse(body []byte) (*keybaseResponse, error) {
 68 | 	lookup := &keybaseResponse{}
 69 | 	if err := json.Unmarshal(body, lookup); err != nil {
 70 | 		return nil, err
 71 | 	}
 72 | 	if lookup.Status.Code != 0 {
 73 | 		return nil, errors.New("Bad status code: " + lookup.Status.Name)
 74 | 	}
 75 | 
 76 | 	return lookup, nil
 77 | }
 78 | 
 79 | // Matches finds all the Keybase users that match query in any of their details
 80 | // (username, Twitter identity, Github identity, public key fingerprint,
 81 | // etc.). At most 10 matches will be found. If no matches are found, Matches
 82 | // returns an error.
 83 | func (k KeybaseService) Matches(query string) ([]User, error) {
 84 | 	results, err := k.lookup(query)
 85 | 	if err != nil {
 86 | 		return nil, err
 87 | 	}
 88 | 
 89 | 	lookup, err := k.parse(results)
 90 | 	if err != nil {
 91 | 		return nil, err
 92 | 	}
 93 | 
 94 | 	matches := []User{}
 95 | 
 96 | 	for _, match := range lookup.Users {
 97 | 		user := User{
 98 | 			Username:    match.Details.Username.Value,
 99 | 			Fingerprint: match.Details.Fingerprint.Value,
100 | 			GitHub:      match.Details.GitHub.Value,
101 | 			Twitter:     match.Details.Twitter.Value,
102 | 			HackerNews:  match.Details.HackerNews.Value,
103 | 			Reddit:      match.Details.Reddit.Value,
104 | 		}
105 | 
106 | 		for _, site := range match.Details.Sites {
107 | 			user.Sites = append(user.Sites, site.Value)
108 | 		}
109 | 
110 | 		matches = append(matches, user)
111 | 	}
112 | 
113 | 	return matches, nil
114 | }
115 | 
116 | // Key finds the PGP public key for one Keybase user by Keybase username and
117 | // returns the key ring representation of the key. If the Keybase username is
118 | // invalid, or the key itself is missing or invalid, Key returns an error.
119 | func (k KeybaseService) Key(user User) (openpgp.EntityList, error) {
120 | 
121 | 	// I think I set this up to match Keybase's own username pattern. I think.
122 | 	if matches, _ := regexp.MatchString(`^[a-zA-Z0-9_\-\.]+$`, user.Username); !matches {
123 | 		return nil, errors.New("Invalid user requested")
124 | 	}
125 | 
126 | 	resp, err := http.Get("https://keybase.io/" + user.Username + "/key.asc")
127 | 	if err != nil {
128 | 		return nil, err
129 | 	}
130 | 	defer resp.Body.Close()
131 | 
132 | 	ring, err := openpgp.ReadArmoredKeyRing(resp.Body)
133 | 	if err != nil {
134 | 		return nil, err
135 | 	}
136 | 	if len(ring) != 1 {
137 | 		return nil, errors.New("More than one key returned, not sure what to do")
138 | 	}
139 | 
140 | 	return ring, nil
141 | }
142 | 


--------------------------------------------------------------------------------
/script_test.go:
--------------------------------------------------------------------------------
  1 | /*
  2 | pipethis: Stop piping the internet into your shell
  3 | Copyright 2016 Ellotheth
  4 | 
  5 | Use of this source code is governed by the GNU Public License version 2
  6 | (GPLv2). You should have received a copy of the GPLv2 along with your copy of
  7 | the source. If not, see http://www.gnu.org/licenses/gpl-2.0.html.
  8 | */
  9 | 
 10 | package main
 11 | 
 12 | import (
 13 | 	"io/ioutil"
 14 | 	"os"
 15 | 	"testing"
 16 | 
 17 | 	"github.com/stretchr/testify/suite"
 18 | )
 19 | 
 20 | type ScriptTest struct {
 21 | 	suite.Suite
 22 | }
 23 | 
 24 | func (s *ScriptTest) TestDetachSigReturnsUnsignedContents() {
 25 | 	script := Script{}
 26 | 
 27 | 	contents, err := script.detachSignature([]byte("foo"))
 28 | 	s.NoError(err)
 29 | 	s.Equal([]byte("foo"), contents)
 30 | }
 31 | 
 32 | func (s *ScriptTest) TestDetachSigReturnsContentsWithoutSig() {
 33 | 	expectedContents := `# PIPETHIS_AUTHOR 5AA6F296
 34 | 
 35 | echo this is my file and there will be one match`
 36 | 	expectedSig := `-----BEGIN PGP SIGNATURE-----
 37 | 
 38 | wsFcBAEBCAAQBQJW7YbQCRALxruWWqbylgAAAwcQACrkjS8FVy6T5+pdrcYQToo3
 39 | 41ppFNARFLor94lgeDzzuR4XkfNR4Cms8saceKTLfkan5nxnS/w6c/koFPskDHyS
 40 | 2mZL0dDia7KUNMPt2rZGC6CLkKXs83eWAFZr4S2Y4gUYQGatAzvhTc9kgFtPRyBn
 41 | DA6FT4zj5JK4CcmxHITHeKokCwOdje80kGYlX2u3e5bqQpTbKLQ2oLMMZFfEXrDJ
 42 | Y3QOOKmBBKrS1TXVBReauojXVNNjADPZHYQzGoxgZ0GjTESkEjzrCjQnnTMcIN4C
 43 | nlskH9q28xyeDWBj+H7gNOpQZ2B3fs0cUs05Ucce/xBZeHaXqaW3GFmfdCbv1J9A
 44 | CjgVMGojAjTZf47y1mmHL9yh9gkXaLTYyO37MNku+cR0ntKIi3VyIHopiljYPGOG
 45 | r3EFxZOHg40QalMezFIfUG0S2MLpJ9+d5cvgdzHHHZYeL49L17U6eePnbt++xmGy
 46 | RrnWb1C/OXxYfCveB42v1/gg9novYYZ8/n/OLCsOL37v+b8rwEjNufmv+7G7DqOU
 47 | ejljGRd27WQSBaYQMovWGpgLmMyCiW6wnUbYFivlOTcnMvOnRsBXqCJt0jdpFEBp
 48 | hfZr8sPYSgWIDnkt7DWIwd8/eap5mgMkC5j+Q81Lcv01OfDmppRlMWRf+a4BpHFd
 49 | FiV3SWOrHc2hIbLugeNf
 50 | =tnov
 51 | -----END PGP SIGNATURE-----`
 52 | 
 53 | 	script := Script{filename: "fixtures/signed.attached"}
 54 | 	sigFile := script.filename + ".sig"
 55 | 
 56 | 	body, err := getLocal(script.filename)
 57 | 	s.NoError(err)
 58 | 
 59 | 	contents, err := ioutil.ReadAll(body)
 60 | 	body.Close()
 61 | 	s.NoError(err)
 62 | 
 63 | 	contents, err = script.detachSignature(contents)
 64 | 	s.NoError(err)
 65 | 	s.True(script.clearsigned)
 66 | 	s.Equal([]byte(expectedContents), contents)
 67 | 
 68 | 	// check the (now detached) signature contents
 69 | 	body, err = getLocal(sigFile)
 70 | 	s.NoError(err)
 71 | 
 72 | 	contents, err = ioutil.ReadAll(body)
 73 | 	body.Close()
 74 | 	s.NoError(err)
 75 | 
 76 | 	s.Equal([]byte(expectedSig), contents)
 77 | 
 78 | 	err = os.Remove(sigFile)
 79 | 	s.NoError(err)
 80 | }
 81 | 
 82 | func (s *ScriptTest) TestAuthorUsesSavedName() {
 83 | 	script := Script{author: "foo"}
 84 | 
 85 | 	author, err := script.Author()
 86 | 	s.NoError(err)
 87 | 	s.Equal("foo", author)
 88 | }
 89 | 
 90 | func (s *ScriptTest) TestAuthorParsesFileForPattern() {
 91 | 	f, err := ioutil.TempFile("", "pipethis-test-")
 92 | 	if err != nil {
 93 | 		s.Fail("Failed creating the test file")
 94 | 	}
 95 | 
 96 | 	filename := f.Name()
 97 | 
 98 | 	authorTest := func(expectedAuthor string, expectedError bool, input string) {
 99 | 		ioutil.WriteFile(filename, []byte(input), os.ModePerm)
100 | 
101 | 		script := Script{filename: filename}
102 | 		author, err := script.Author()
103 | 		s.Equal(expectedAuthor, author)
104 | 		if expectedError {
105 | 			s.Error(err)
106 | 		} else {
107 | 			s.NoError(err)
108 | 		}
109 | 	}
110 | 
111 | 	for _, contents := range providerTestAuthorValid() {
112 | 		authorTest(contents[0], false, contents[1])
113 | 	}
114 | 	for _, contents := range providerTestAuthorInvalid() {
115 | 		authorTest(contents[0], true, contents[1])
116 | 	}
117 | 
118 | 	os.Remove(filename)
119 | 
120 | }
121 | func providerTestAuthorInvalid() [][]string {
122 | 	return [][]string{
123 | 		{"", ``},
124 | 		{"", `no author here yo`},
125 | 		{"", `
126 | stuff things
127 | more stuff
128 | # comments to ignore
129 | // reasons bar_STUFF_123 is my name but it should only pick up the first word
130 | # more comments
131 | things and stuff
132 | 		`},
133 | 	}
134 | }
135 | func providerTestAuthorValid() [][]string {
136 | 	return [][]string{
137 | 		{`bar`, `PIPETHIS_AUTHOR bar`},
138 | 		{`bar`, `// PIPETHIS_AUTHOR bar         `},
139 | 		{`bar`, `# PIPETHIS_AUTHOR bar         `},
140 | 		{`bar`, `# PIPETHIS_AUTHOR		bar				   `},
141 | 		{`bar_STUFF_123`, `
142 | stuff things
143 | more stuff
144 | # comments to ignore
145 | // reasons PIPETHIS_AUTHOR bar_STUFF_123 is my name but it should only pick up the first word
146 | # more comments
147 | things and stuff
148 | 		`},
149 | 		{`bar_STUFF_123`, `
150 | // PIPETHIS_AUTHOR bar_STUFF_123 should take this one
151 | // PIPETHIS_AUTHOR other_author should ignore this one
152 | 		`},
153 | 	}
154 | }
155 | 
156 | func TestScriptTest(t *testing.T) {
157 | 	suite.Run(t, new(ScriptTest))
158 | }
159 | 


--------------------------------------------------------------------------------
/lookup/lookup.go:
--------------------------------------------------------------------------------
  1 | /*
  2 | pipethis: Stop piping the internet into your shell
  3 | Copyright 2016 Ellotheth
  4 | 
  5 | Use of this source code is governed by the GNU Public License version 2
  6 | (GPLv2). You should have received a copy of the GPLv2 along with your copy of
  7 | the source. If not, see http://www.gnu.org/licenses/gpl-2.0.html.
  8 | */
  9 | 
 10 | // Package lookup provides services that can look up identities and public keys
 11 | // for script authors.
 12 | package lookup
 13 | 
 14 | import (
 15 | 	"errors"
 16 | 	"fmt"
 17 | 	"log"
 18 | 	"strconv"
 19 | 	"strings"
 20 | 
 21 | 	"golang.org/x/crypto/openpgp"
 22 | )
 23 | 
 24 | // KeyService defines the interface for third-party identity verification and
 25 | // public key services, like Keybase or Onename.
 26 | //
 27 | // Matches gets a list of identities that match a query string from the
 28 | // KeyService.
 29 | //
 30 | // Key gets the PGP public key for one user.
 31 | type KeyService interface {
 32 | 	Matches(query string) ([]User, error)
 33 | 	Key(user User) (openpgp.EntityList, error)
 34 | }
 35 | 
 36 | // User represents an author's identity.
 37 | type User struct {
 38 | 	Username    string
 39 | 	Fingerprint string
 40 | 	FullName    string
 41 | 	Twitter     string
 42 | 	GitHub      string
 43 | 	HackerNews  string
 44 | 	Reddit      string
 45 | 	Sites       []string
 46 | 	Emails      []string
 47 | }
 48 | 
 49 | // String returns a representation of all the User's identity details.
 50 | func (u User) String() string {
 51 | 	format := "%15s: %s\n"
 52 | 	s := ""
 53 | 
 54 | 	s = s + fmt.Sprintf(format, "Identifier", u.Username)
 55 | 	s = s + fmt.Sprintf(format, "Twitter", u.Twitter)
 56 | 	s = s + fmt.Sprintf(format, "Github", u.GitHub)
 57 | 	s = s + fmt.Sprintf(format, "Hacker News", u.HackerNews)
 58 | 	s = s + fmt.Sprintf(format, "Reddit", u.Reddit)
 59 | 	s = s + fmt.Sprintf(format, "Fingerprint", u.Fingerprint)
 60 | 
 61 | 	for _, site := range u.Sites {
 62 | 		s = s + fmt.Sprintf(format, "Site", site)
 63 | 	}
 64 | 
 65 | 	for _, email := range u.Emails {
 66 | 		s = s + fmt.Sprintf(format, "Email", email)
 67 | 	}
 68 | 
 69 | 	return s
 70 | }
 71 | 
 72 | // NewKeyService creates the KeyService implementation requested by name. If
 73 | // fromPipe is true, it creates a LocalPGPService type.
 74 | func NewKeyService(name string, fromPipe bool) (KeyService, error) {
 75 | 	// force the local keyring when reading the script from a pipe
 76 | 	if fromPipe {
 77 | 		name = "local"
 78 | 	}
 79 | 
 80 | 	switch name {
 81 | 	case "keybase":
 82 | 		return &KeybaseService{}, nil
 83 | 	case "local":
 84 | 		return NewLocalPGPService()
 85 | 	}
 86 | 
 87 | 	return nil, errors.New("Unrecognized key service")
 88 | }
 89 | 
 90 | // chooseMatch prints all the matches provided, prompts for a choice, and
 91 | // returns the chosen match.
 92 | func chooseMatch(matches []User) (User, error) {
 93 | 	log.Println("I found", len(matches), "results:")
 94 | 	fmt.Println()
 95 | 	for idx, user := range matches {
 96 | 		fmt.Printf("%d:\n\n", idx)
 97 | 		fmt.Println(user)
 98 | 		fmt.Println()
 99 | 	}
100 | 
101 | 	response := "q"
102 | 	fmt.Print("\nEnter the number to use, or 'q' to cancel: ")
103 | 	fmt.Scanf("%s", &response)
104 | 
105 | 	if strings.ToLower(response) == "q" {
106 | 		return User{}, errors.New("No match selected")
107 | 	}
108 | 
109 | 	n, err := strconv.Atoi(response)
110 | 	if err != nil {
111 | 		return User{}, err
112 | 	}
113 | 
114 | 	if n < 0 || n >= len(matches) {
115 | 		return User{}, errors.New("Invalid match selected")
116 | 	}
117 | 	fmt.Println()
118 | 
119 | 	return matches[n], nil
120 | }
121 | 
122 | func chooseSingleMatch(matches []User) (User, error) {
123 | 	if len(matches) != 1 {
124 | 		return User{}, fmt.Errorf("Found %d author matches; need exactly 1 when reading from STDIN", len(matches))
125 | 	}
126 | 
127 | 	return matches[0], nil
128 | }
129 | 
130 | // Key looks up an author query in the provided KeyService, and prompts for a
131 | // choice of matches (if single is false) or automatically chooses the matched
132 | // user when there is one and only one match (if single is true). It returns an
133 | // error if no matches were found, if no match was chosen, or if no PGP public
134 | // was found.
135 | func Key(service KeyService, query string, single bool) (openpgp.KeyRing, error) {
136 | 	// get possible matches from the key service
137 | 	matches, err := service.Matches(query)
138 | 	if err != nil {
139 | 		return nil, err
140 | 	}
141 | 
142 | 	if len(matches) < 1 {
143 | 		return nil, errors.New("No author matches found for " + query)
144 | 	}
145 | 
146 | 	// verify that the author is who the user was expecting by showing all the
147 | 	// details (twitter handle, github handle, websites, etc.)
148 | 	var match User
149 | 	if single {
150 | 		match, err = chooseSingleMatch(matches)
151 | 	} else {
152 | 		match, err = chooseMatch(matches)
153 | 	}
154 | 
155 | 	if err != nil {
156 | 		return nil, err
157 | 	}
158 | 
159 | 	// get the public key for the selected author
160 | 	ring, err := service.Key(match)
161 | 	if err != nil {
162 | 		return nil, err
163 | 	}
164 | 	log.Printf("Verifying your script against\n%v", match)
165 | 
166 | 	return ring, nil
167 | }
168 | 


--------------------------------------------------------------------------------
/main.go:
--------------------------------------------------------------------------------
  1 | /*
  2 | pipethis: Stop piping the internet into your shell
  3 | Copyright 2016 Ellotheth
  4 | 
  5 | Use of this source code is governed by the GNU Public License version 2
  6 | (GPLv2). You should have received a copy of the GPLv2 along with your copy of
  7 | the source. If not, see http://www.gnu.org/licenses/gpl-2.0.html.
  8 | */
  9 | 
 10 | // pipethis is designed to replace the common installation pattern of
 11 | // `curl <script> |bash`. It provides a way for script authors to identify
 12 | // themselves, and a way for script installers to cryptographically verify
 13 | // an author's identity.
 14 | package main
 15 | 
 16 | import (
 17 | 	"bufio"
 18 | 	"errors"
 19 | 	"flag"
 20 | 	"io"
 21 | 	"log"
 22 | 	"net/http"
 23 | 	"net/url"
 24 | 	"os"
 25 | 	"regexp"
 26 | 
 27 | 	"github.com/ellotheth/pipethis/lookup"
 28 | )
 29 | 
 30 | var (
 31 | 	bin     string
 32 | 	build   string
 33 | 	builder string
 34 | )
 35 | 
 36 | // ReadSeekCloser combines io.ReadSeeker and io.Closer, because I'm super lazy
 37 | type ReadSeekCloser interface {
 38 | 	io.ReadSeeker
 39 | 	io.Closer
 40 | }
 41 | 
 42 | func main() {
 43 | 	// do log.Panic() instead of log.Fatal(), and all the deferred cleanup will
 44 | 	// still happen.
 45 | 	defer func() {
 46 | 		if r := recover(); r != nil {
 47 | 			flag.Usage()
 48 | 			os.Exit(1)
 49 | 		}
 50 | 	}()
 51 | 
 52 | 	var (
 53 | 		target      = flag.String("target", os.Getenv("SHELL"), "Executable to run the script")
 54 | 		inspect     = flag.Bool("inspect", false, "Open an editor to inspect the file before running it")
 55 | 		editor      = flag.String("editor", os.Getenv("EDITOR"), "Editor to inspect the script")
 56 | 		noVerify    = flag.Bool("no-verify", false, "Don't verify the author or signature")
 57 | 		sigSource   = flag.String("signature", "", `Detached signature to verify. (default "<script location>.sig")`)
 58 | 		serviceName = flag.String("lookup-with", "keybase", "Key lookup service to use. Could be 'keybase' or 'local'.")
 59 | 		version     = flag.Bool("version", false, "Print the pipethis version information and exit")
 60 | 	)
 61 | 	flag.Parse()
 62 | 
 63 | 	if *version {
 64 | 		log.Println(bin, build, "("+builder+")")
 65 | 		return
 66 | 	}
 67 | 
 68 | 	// download the script, store it someplace temporary
 69 | 	script, err := NewScript(flag.Arg(0))
 70 | 	if err != nil {
 71 | 		log.Panic(err)
 72 | 	}
 73 | 	defer os.Remove(script.Name())
 74 | 	log.Println("Script saved to", script.Name())
 75 | 
 76 | 	// if we're not reading from a pipe we need a target executable
 77 | 	if !script.IsPiped() {
 78 | 		if _, err := os.Stat(*target); os.IsNotExist(err) {
 79 | 			log.Panic("Script executable does not exist")
 80 | 		}
 81 | 
 82 | 		log.Println("Using script executable", *target)
 83 | 	}
 84 | 
 85 | 	// let the user look at it if they want
 86 | 	if cont := script.Inspect(*inspect, *editor); !cont {
 87 | 		log.Panic("Exiting without running", script.Name())
 88 | 	}
 89 | 
 90 | 	// by default, verify the author and signature
 91 | 	if !*noVerify {
 92 | 		author, err := script.Author()
 93 | 		if err != nil {
 94 | 			log.Panic(err)
 95 | 		}
 96 | 
 97 | 		service, err := lookup.NewKeyService(*serviceName, script.IsPiped())
 98 | 		if err != nil {
 99 | 			log.Panic(err)
100 | 		}
101 | 
102 | 		key, err := lookup.Key(service, author, script.IsPiped())
103 | 		if err != nil {
104 | 			log.Panic(err)
105 | 		}
106 | 
107 | 		signature := NewSignature(key, script, *sigSource)
108 | 		defer os.Remove(signature.Name())
109 | 
110 | 		if err := signature.Verify(); err != nil {
111 | 			log.Panic(err)
112 | 		}
113 | 
114 | 		log.Println("Signature verified!")
115 | 	}
116 | 
117 | 	// run the script
118 | 	if script.IsPiped() {
119 | 		err = script.Echo()
120 | 	} else {
121 | 		err = script.Run(*target, flag.Args()...)
122 | 	}
123 | 	if err != nil {
124 | 		log.Panic(err)
125 | 	}
126 | }
127 | 
128 | func parseToken(pattern string, reader io.Reader) string {
129 | 	re := regexp.MustCompile(pattern)
130 | 
131 | 	scanner := bufio.NewScanner(reader)
132 | 	for scanner.Scan() {
133 | 		matches := re.FindStringSubmatch(scanner.Text())
134 | 		if matches == nil {
135 | 			continue
136 | 		}
137 | 
138 | 		return matches[1]
139 | 	}
140 | 
141 | 	return ""
142 | }
143 | 
144 | // getFile tries to find location locally first, then tries remote
145 | func getFile(location string) (io.ReadCloser, error) {
146 | 	if location == "" {
147 | 		return getFromStdin()
148 | 	}
149 | 
150 | 	body, err := getLocal(location)
151 | 	if err == nil {
152 | 		return body, nil
153 | 	}
154 | 
155 | 	return getRemote(location)
156 | }
157 | 
158 | func getFromStdin() (io.ReadCloser, error) {
159 | 	stat, err := os.Stdin.Stat()
160 | 	if err != nil {
161 | 		return nil, err
162 | 	}
163 | 
164 | 	// could also use os.ModeNamedPipe here? not sure if the difference matters
165 | 	if (stat.Mode() & os.ModeCharDevice) != 0 {
166 | 		return nil, errors.New("Nothing to read from STDIN and no script given")
167 | 	}
168 | 
169 | 	return os.Stdin, nil
170 | }
171 | 
172 | func getRemote(location string) (io.ReadCloser, error) {
173 | 	parsed, err := url.Parse(location)
174 | 	if err != nil || parsed.Scheme == "" {
175 | 		return nil, errors.New("Invalid URL")
176 | 	}
177 | 
178 | 	resp, err := http.Get(location)
179 | 	if err != nil {
180 | 		return nil, err
181 | 	}
182 | 
183 | 	return resp.Body, nil
184 | }
185 | 
186 | func getLocal(location string) (io.ReadCloser, error) {
187 | 	if _, err := os.Stat(location); os.IsNotExist(err) {
188 | 		return nil, err
189 | 	}
190 | 
191 | 	return os.Open(location)
192 | }
193 | 


--------------------------------------------------------------------------------
/script.go:
--------------------------------------------------------------------------------
  1 | /*
  2 | pipethis: Stop piping the internet into your shell
  3 | Copyright 2016 Ellotheth
  4 | 
  5 | Use of this source code is governed by the GNU Public License version 2
  6 | (GPLv2). You should have received a copy of the GPLv2 along with your copy of
  7 | the source. If not, see http://www.gnu.org/licenses/gpl-2.0.html.
  8 | */
  9 | 
 10 | package main
 11 | 
 12 | import (
 13 | 	"bytes"
 14 | 	"errors"
 15 | 	"fmt"
 16 | 	"io"
 17 | 	"io/ioutil"
 18 | 	"log"
 19 | 	"os"
 20 | 	"os/exec"
 21 | 	"strings"
 22 | 
 23 | 	"golang.org/x/crypto/openpgp/armor"
 24 | 	"golang.org/x/crypto/openpgp/clearsign"
 25 | )
 26 | 
 27 | // Script represents a shell script to be inspected, verified, and run.
 28 | type Script struct {
 29 | 	author      string
 30 | 	source      string
 31 | 	filename    string
 32 | 	clearsigned bool
 33 | }
 34 | 
 35 | // NewScript copies the shell script specified in location (which may be local
 36 | // or remote) to a temporary file and loads it into a Script.
 37 | func NewScript(location string) (*Script, error) {
 38 | 	script := &Script{source: location}
 39 | 
 40 | 	body, err := getFile(location)
 41 | 	if err != nil {
 42 | 		return nil, err
 43 | 	}
 44 | 	defer body.Close()
 45 | 
 46 | 	file, err := ioutil.TempFile("", "pipethis-")
 47 | 	if err != nil {
 48 | 		return nil, err
 49 | 	}
 50 | 	defer file.Close()
 51 | 
 52 | 	script.filename = file.Name()
 53 | 
 54 | 	contents, err := ioutil.ReadAll(body)
 55 | 	if err != nil {
 56 | 		return nil, err
 57 | 	}
 58 | 
 59 | 	contents, err = script.detachSignature(contents)
 60 | 	if err != nil {
 61 | 		return nil, err
 62 | 	}
 63 | 
 64 | 	_, err = file.Write(contents)
 65 | 	if err != nil {
 66 | 		return nil, err
 67 | 	}
 68 | 
 69 | 	return script, nil
 70 | }
 71 | 
 72 | func (s *Script) detachSignature(contents []byte) ([]byte, error) {
 73 | 	block, _ := clearsign.Decode(contents)
 74 | 
 75 | 	// if the signature is not attached, return the contents without
 76 | 	// modification
 77 | 	if block == nil {
 78 | 		return contents, nil
 79 | 	}
 80 | 
 81 | 	s.clearsigned = true
 82 | 
 83 | 	// get the raw script, without the signature or PGP headers, and without
 84 | 	// the CRs
 85 | 	contents = bytes.Replace(block.Bytes, []byte{0x0d}, nil, -1)
 86 | 
 87 | 	// create a file for the armored signature
 88 | 	sig, err := os.Create(s.filename + ".sig")
 89 | 	if err != nil {
 90 | 		return nil, err
 91 | 	}
 92 | 	defer sig.Close()
 93 | 
 94 | 	// write the armored signature
 95 | 	sigWriter, err := armor.Encode(sig, "PGP SIGNATURE", block.ArmoredSignature.Header)
 96 | 	if err != nil {
 97 | 		return nil, err
 98 | 	}
 99 | 	defer sigWriter.Close()
100 | 
101 | 	_, err = io.Copy(sigWriter, block.ArmoredSignature.Body)
102 | 	if err != nil {
103 | 		return nil, err
104 | 	}
105 | 
106 | 	return contents, nil
107 | }
108 | 
109 | // IsPiped is true when the script was read from STDIN (so the source location
110 | // is empty)
111 | func (s Script) IsPiped() bool {
112 | 	return s.source == ""
113 | }
114 | 
115 | // Name is the name of the temporary file holding the shell script.
116 | func (s Script) Name() string {
117 | 	return s.filename
118 | }
119 | 
120 | // Source is the original location of the shell script (local or remote).
121 | func (s Script) Source() string {
122 | 	return s.source
123 | }
124 | 
125 | // Body opens Script.Name() for reading.
126 | func (s Script) Body() (ReadSeekCloser, error) {
127 | 	return os.Open(s.Name())
128 | }
129 | 
130 | // Author parses Script.Body() for the PIPETHIS_AUTHOR token, and saves it if
131 | // it's found.
132 | func (s *Script) Author() (string, error) {
133 | 	if s.author != "" {
134 | 		return s.author, nil
135 | 	}
136 | 
137 | 	file, err := s.Body()
138 | 	if err != nil {
139 | 		return "", err
140 | 	}
141 | 	defer file.Close()
142 | 
143 | 	if author := parseToken(`.*PIPETHIS_AUTHOR\s+(\w+)`, file); author != "" {
144 | 		s.author = author
145 | 
146 | 		return s.author, nil
147 | 	}
148 | 
149 | 	return "", errors.New("Author not found")
150 | }
151 | 
152 | // Run creates a new process, running Script.Name() with target and any
153 | // additional arguments from the command line. It returns the result of the
154 | // process.
155 | func (s Script) Run(target string, args ...string) error {
156 | 	log.Println("Running", s.Name(), "with", target)
157 | 
158 | 	// the first argument is the script source location. replace it with the
159 | 	// temporary filename.
160 | 	args[0] = s.Name()
161 | 
162 | 	cmd := exec.Command(target, args...)
163 | 	cmd.Stdout = os.Stdout
164 | 	cmd.Stderr = os.Stderr
165 | 	return cmd.Run()
166 | }
167 | 
168 | // Echo prints the contents of the script to STDOUT
169 | func (s Script) Echo() error {
170 | 	log.Println("Sending", s.Name(), "to STDOUT for more processing")
171 | 
172 | 	body, err := s.Body()
173 | 	if err != nil {
174 | 		return err
175 | 	}
176 | 	defer body.Close()
177 | 
178 | 	_, err = io.Copy(os.Stdout, body)
179 | 
180 | 	return err
181 | }
182 | 
183 | // Inspect checks whether an inspection was requested, and sends Script.Name()
184 | // to editor if so. When editor exits, Inspect prompts the user to continue
185 | // processing, and returns true to continue or false to stop.
186 | func (s Script) Inspect(inspect bool, editor string) bool {
187 | 	if !inspect || s.IsPiped() {
188 | 		return true
189 | 	}
190 | 
191 | 	log.Println("Opening", s.Name(), "in", editor)
192 | 
193 | 	cmd := exec.Command(editor, s.Name())
194 | 	cmd.Stdout = os.Stdout
195 | 	cmd.Stderr = os.Stderr
196 | 	cmd.Stdin = os.Stdin
197 | 	cmd.Run()
198 | 
199 | 	runScript := "y"
200 | 	fmt.Print("Continue processing ", s.Name(), "? (Y/n) ")
201 | 	fmt.Scanf("%s", &runScript)
202 | 
203 | 	return strings.ToLower(runScript) == "y"
204 | }
205 | 
206 | // IsClearsigned returns true if the script and signature are attached,
207 | // and false otherwise.
208 | func (s Script) IsClearsigned() bool {
209 | 	return s.clearsigned
210 | }
211 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # pipethis
  2 | 
  3 | (I would have called it `stop-piping-the-internet-into-your-shell`, but that
  4 | seemed too long.)
  5 | 
  6 | [![GoDoc](https://godoc.org/github.com/ellotheth/pipethis?status.svg)](https://godoc.org/github.com/ellotheth/pipethis)
  7 | [![Build Status](https://travis-ci.org/ellotheth/pipethis.svg?branch=master)](https://travis-ci.org/ellotheth/pipethis)
  8 | [![Coverage Status](https://coveralls.io/repos/github/ellotheth/pipethis/badge.svg?branch=master)](https://coveralls.io/github/ellotheth/pipethis?branch=master)
  9 | 
 10 | ## `tl;dr`
 11 | 
 12 | Instead of
 13 | 
 14 | ```
 15 | $ curl -sSL https://get.rvm.io | bash
 16 | ```
 17 | 
 18 | do
 19 | 
 20 | ```
 21 | $ pipethis https://get.rvm.io
 22 | ```
 23 | 
 24 | or (assuming not everybody has adopted my awesome idea but you still want to
 25 | improve your life)
 26 | 
 27 | ```
 28 | $ pipethis --no-verify --inspect https://get.rvm.io
 29 | ```
 30 | 
 31 | or even
 32 | 
 33 | ```
 34 | $ curl -sSL https://get.rvm.io | pipethis --no-verify | bash
 35 | ```
 36 | 
 37 | 
 38 | ## Install
 39 | 
 40 | ### Manual (Linux, Mac OSX)
 41 | 
 42 | [download the binary](https://github.com/ellotheth/pipethis/releases) and drop it in your `$PATH`.
 43 | 
 44 | ### Homebrew (Mac OSX)
 45 | 
 46 | ```
 47 | $ brew tap dennisdegreef/pipethis
 48 | $ brew install pipethis
 49 | ```
 50 | 
 51 | ### Gophers
 52 | 
 53 | If you've already got a Go development environment set up, you can grab it like this:
 54 | 
 55 | ```
 56 | $ go get github.com/ellotheth/pipethis
 57 | ```
 58 | 
 59 | ## Use
 60 | 
 61 | ### People piping the installers
 62 | 
 63 | ```
 64 | pipethis [ OPTIONS ] <script>
 65 | 
 66 | OPTIONS
 67 | 
 68 | --target <exe>
 69 | 
 70 |     The shell or other binary that will run the script. Defaults to the SHELL
 71 |     environment variable.
 72 | 
 73 | --lookup-with <keybase,local>
 74 | 
 75 |     The service you'll use to verify the author's identity:
 76 | 
 77 |     keybase (default)
 78 |         Use https://keybase.io
 79 |     local
 80 |         Use your local GnuPG public keyring
 81 | 
 82 |     If you're piping a script from `stdin`, the service will be forced to
 83 |     `local`.
 84 | 
 85 | --inspect
 86 | 
 87 |     If set, open the script in an editor before checking the author. Ignored if
 88 |     you're piping a script from `stdin`.
 89 | 
 90 | --editor <editor>
 91 | 
 92 |     The editor binary to use when --inspect is set. Defaults to the EDITOR
 93 |     environment variable.
 94 | 
 95 | --no-verify
 96 | 
 97 |     If set, skips author and signature verification entirely. You'll need to
 98 |     set this if <script> doesn't support pipethis yet.
 99 | 
100 | --signature <signature file>
101 | 
102 | 	The detached signature to verify <script> against. You'll only need this in
103 |     a couple scenarios:
104 | 
105 |     - You've already downloaded the detached signature and you want to use your
106 |       downloaded copy, or
107 |     - the signature is hosted in a non-standard location (i.e. it's not
108 |       <script>.sig), or
109 |     - you're piping a script with a detached signature from `stdin`.
110 | ```
111 | 
112 | If you're piping scripts into `pipethis` directly from `curl`, you'll need
113 | to have the script authors' PGP keys already stored in your local keyring.
114 | Don't worry, they'll have instructions!
115 | 
116 | ### People writing the installers
117 | 
118 | You can add one line to your installer script to make it support `pipethis`,
119 | but there's other stuff to do as well:
120 | 
121 | 1. Get an account on [Keybase](https://keybase.io). I know, Real Crypto Geeks™
122 |    hate Keybase because Browser Crypto Is Unsafe™ and They Can Store
123 |    Your Private Key®. It's a place to start, yo, just do it.
124 | 
125 |    Alternatively, you can hand out your public key at key signing parties
126 |    (because you're a Real Crypto Geek™, remember?), and tell people to import
127 |    it into their local public keyrings.
128 | 2. Add one line to your installation script to identify yourself. You can throw
129 |    it in a comment:
130 | 
131 |     ```
132 |     # // ; '' PIPETHIS_AUTHOR your_name_or_your_key_fingerprint
133 |     ```
134 | 
135 | 3. Create a signature for the script. With Keybase, that's:
136 | 
137 |     ```
138 |     $ keybase pgp sign -i yourscript.sh -d -o yourscript.sh.sig
139 |     ```
140 | 
141 |    but you're a Real Crypto Geek™, so you'll use `gnupg`:
142 | 
143 |     ```
144 |     $ gpg --detach-sign -a -o yourscript.sh.sig yourscript.sh
145 |     ```
146 | 
147 |    Both those commands create ASCII-armored signatures. Binary signatures work
148 |    too.
149 | 
150 |    Alternatively, you can clearsign the script with an attached signature::
151 | 
152 |     ```
153 |     $ keybase pgp sign -i yourscript.unsigned.sh -c -o yourscript.sh
154 |     ```
155 | 
156 |     ```
157 |     $ gpg --clearsign -a -o yourscript.sh yourscript.unsigned.sh
158 |     ```
159 | 
160 | 4. Pop the script (and the signature, if it's detached) up on your web server.
161 | 5. Replace your copy-paste-able installation instructions!
162 | 
163 | ## What's all this noise
164 | 
165 | Who's [piped](https://rvm.io/rvm/install) the
166 | [installation script](https://github.com/npm/npm#fancy-install-unix) for their
167 | [favorite tool](https://github.com/creationix/nvm#install-script) directly from
168 | `curl` [into their shell](https://getcomposer.org/doc/00-intro.md#installation-linux-unix-osx)?
169 | Show of hands? Come on, [you know](http://ipxe.org/)
170 | [you have](https://docs.puppetlabs.com/pe/latest/install_agents.html#scenario-1-the-osarchitecture-of-the-puppet-master-and-the-agent-node-are-the-same).
171 | Don't feel bad, so have I! So have we all, really. It's so easy, so fast, so
172 | clean, so...well, **[bad](http://curlpipesh.tumblr.com/)
173 | [for](https://jordaneldredge.com/blog/one-way-curl-pipe-sh-install-scripts-can-be-dangerous/)
174 | [you](https://www.seancassidy.me/dont-pipe-to-your-shell.html)**.
175 | 
176 | - Network errors happen. Why pay for them in the middle of an install?
177 | - Is your source served over SSL? No? Grats, you have no idea what you're
178 |   downloading or where it came from. Exciting!
179 | - What's that? Your source is served over SSL? Great! Any disgruntled employees
180 |   have access to that server? Any trolls? Hey cool, you still have no idea what
181 |   you're downloading!
182 | 
183 | There are simple solutions to some of those problems:
184 | 
185 | - Cache the script before you shove it into Bash.
186 | - Use something like [vipe](https://joeyh.name/code/moreutils/) to pipe the
187 |   script into an editor so you can review it before you run it.
188 | - Use [hashpipe](https://github.com/jbenet/hashpipe) to check the file hash
189 |   before you run it.
190 | 
191 | But simple solutions are, like, boring, and stuff.
192 | 
193 | ## Why I'm here
194 | 
195 | The more interesting problem (to me, anyway) is authenticity. You trust whoever
196 | wrote the script; how can you be reasonably sure the script you download is the
197 | one they wrote?
198 | 
199 | ### PGP. Clearly.
200 | 
201 | What if every installation script was embedded with the cryptographic signature
202 | of its author, and you could verify the author and the script against the
203 | signature when you ran it?
204 | 
205 | Enter `pipethis`.
206 | 
207 | ## How it works
208 | 
209 | Scripts that support `pipethis` will embed a special line that identifies the
210 | script author:
211 | 
212 | ```{.sh}
213 | #!/usr/bin/bash
214 | 
215 | # PIPETHIS_AUTHOR gemma
216 | 
217 | echo woooooo look how verified everything is!
218 | ```
219 | 
220 | If you drop `--inspect` on the command line, `pipethis` with throw the script
221 | into your favorite editor before it does anything else, and you can check the
222 | author (and the rest of the content) yourself.
223 | 
224 | If you're happy with the script contents, `pipethis` checks
225 | [Keybase](https://keybase.io) for any users that match `PIPETHIS_AUTHOR`. (It
226 | uses the same search you find in the search box on their website, so you could
227 | use a username, a Twitter handle, or even a key fingerprint.) It'll spit all
228 | the matches back at you in a list, along with all their Keybase proofs. Once
229 | you choose one, `pipethis` grabs the public key for that user. If you don't see
230 | the person you're looking for, you can bail. No harm, no foul.
231 | 
232 | ```
233 | I found 2 results:
234 | 
235 | 0:
236 | 
237 |      Identifier: gemma
238 |         Twitter: ellotheth
239 |          Github: ellotheth
240 |     Hacker News: gemma
241 |          Reddit: 
242 |     Fingerprint: 417b9f99b7c04ccebd06777d0bc6bb965aa6f296
243 |            Site: ramblinations.com
244 |            Site: ramblinations.com
245 | 
246 | 
247 | 1:
248 | 
249 |      Identifier: gemmakbarlow
250 |         Twitter: gemmakbarlow
251 |          Github: gemmakbarlow
252 |     Hacker News: gemmakbarlow
253 |          Reddit: 
254 |     Fingerprint: 1fd52e9237fef588e2d0d26100fee8d483374357
255 | ```
256 | 
257 | Once you've picked an author, `pipethis` will go grab their detached PGP
258 | signature for the script. If `--signature` is not given on the command line,
259 | `pipethis` will tack `.sig` onto the end of the script location and try that
260 | instead.
261 | 
262 | With the signature and public key in hand, `pipethis` will verify that the
263 | signature matches both the key and the script. If it does, you're good to go,
264 | and `pipethis` will run the script for you (against the executable of your
265 | choice). If not, `pipethis` dies, cleans itself up, and nobody ever has to know
266 | that you almost pwned yourself.
267 | 
268 | ## It's not done yet
269 | 
270 | `pipethis` works, but it can be better!
271 | 
272 | - There are zillions of other places to get public keys for people, and I want
273 |   to support more of them. I think Keybase is stellar and I love what they're
274 |   trying to do, but nobody likes to be locked in to one provider.
275 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
  1 |                     GNU GENERAL PUBLIC LICENSE
  2 |                        Version 2, June 1991
  3 | 
  4 |  Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
  5 |  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  6 |  Everyone is permitted to copy and distribute verbatim copies
  7 |  of this license document, but changing it is not allowed.
  8 | 
  9 |                             Preamble
 10 | 
 11 |   The licenses for most software are designed to take away your
 12 | freedom to share and change it.  By contrast, the GNU General Public
 13 | License is intended to guarantee your freedom to share and change free
 14 | software--to make sure the software is free for all its users.  This
 15 | General Public License applies to most of the Free Software
 16 | Foundation's software and to any other program whose authors commit to
 17 | using it.  (Some other Free Software Foundation software is covered by
 18 | the GNU Lesser General Public License instead.)  You can apply it to
 19 | your programs, too.
 20 | 
 21 |   When we speak of free software, we are referring to freedom, not
 22 | price.  Our General Public Licenses are designed to make sure that you
 23 | have the freedom to distribute copies of free software (and charge for
 24 | this service if you wish), that you receive source code or can get it
 25 | if you want it, that you can change the software or use pieces of it
 26 | in new free programs; and that you know you can do these things.
 27 | 
 28 |   To protect your rights, we need to make restrictions that forbid
 29 | anyone to deny you these rights or to ask you to surrender the rights.
 30 | These restrictions translate to certain responsibilities for you if you
 31 | distribute copies of the software, or if you modify it.
 32 | 
 33 |   For example, if you distribute copies of such a program, whether
 34 | gratis or for a fee, you must give the recipients all the rights that
 35 | you have.  You must make sure that they, too, receive or can get the
 36 | source code.  And you must show them these terms so they know their
 37 | rights.
 38 | 
 39 |   We protect your rights with two steps: (1) copyright the software, and
 40 | (2) offer you this license which gives you legal permission to copy,
 41 | distribute and/or modify the software.
 42 | 
 43 |   Also, for each author's protection and ours, we want to make certain
 44 | that everyone understands that there is no warranty for this free
 45 | software.  If the software is modified by someone else and passed on, we
 46 | want its recipients to know that what they have is not the original, so
 47 | that any problems introduced by others will not reflect on the original
 48 | authors' reputations.
 49 | 
 50 |   Finally, any free program is threatened constantly by software
 51 | patents.  We wish to avoid the danger that redistributors of a free
 52 | program will individually obtain patent licenses, in effect making the
 53 | program proprietary.  To prevent this, we have made it clear that any
 54 | patent must be licensed for everyone's free use or not licensed at all.
 55 | 
 56 |   The precise terms and conditions for copying, distribution and
 57 | modification follow.
 58 | 
 59 |                     GNU GENERAL PUBLIC LICENSE
 60 |    TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
 61 | 
 62 |   0. This License applies to any program or other work which contains
 63 | a notice placed by the copyright holder saying it may be distributed
 64 | under the terms of this General Public License.  The "Program", below,
 65 | refers to any such program or work, and a "work based on the Program"
 66 | means either the Program or any derivative work under copyright law:
 67 | that is to say, a work containing the Program or a portion of it,
 68 | either verbatim or with modifications and/or translated into another
 69 | language.  (Hereinafter, translation is included without limitation in
 70 | the term "modification".)  Each licensee is addressed as "you".
 71 | 
 72 | Activities other than copying, distribution and modification are not
 73 | covered by this License; they are outside its scope.  The act of
 74 | running the Program is not restricted, and the output from the Program
 75 | is covered only if its contents constitute a work based on the
 76 | Program (independent of having been made by running the Program).
 77 | Whether that is true depends on what the Program does.
 78 | 
 79 |   1. You may copy and distribute verbatim copies of the Program's
 80 | source code as you receive it, in any medium, provided that you
 81 | conspicuously and appropriately publish on each copy an appropriate
 82 | copyright notice and disclaimer of warranty; keep intact all the
 83 | notices that refer to this License and to the absence of any warranty;
 84 | and give any other recipients of the Program a copy of this License
 85 | along with the Program.
 86 | 
 87 | You may charge a fee for the physical act of transferring a copy, and
 88 | you may at your option offer warranty protection in exchange for a fee.
 89 | 
 90 |   2. You may modify your copy or copies of the Program or any portion
 91 | of it, thus forming a work based on the Program, and copy and
 92 | distribute such modifications or work under the terms of Section 1
 93 | above, provided that you also meet all of these conditions:
 94 | 
 95 |     a) You must cause the modified files to carry prominent notices
 96 |     stating that you changed the files and the date of any change.
 97 | 
 98 |     b) You must cause any work that you distribute or publish, that in
 99 |     whole or in part contains or is derived from the Program or any
100 |     part thereof, to be licensed as a whole at no charge to all third
101 |     parties under the terms of this License.
102 | 
103 |     c) If the modified program normally reads commands interactively
104 |     when run, you must cause it, when started running for such
105 |     interactive use in the most ordinary way, to print or display an
106 |     announcement including an appropriate copyright notice and a
107 |     notice that there is no warranty (or else, saying that you provide
108 |     a warranty) and that users may redistribute the program under
109 |     these conditions, and telling the user how to view a copy of this
110 |     License.  (Exception: if the Program itself is interactive but
111 |     does not normally print such an announcement, your work based on
112 |     the Program is not required to print an announcement.)
113 | 
114 | These requirements apply to the modified work as a whole.  If
115 | identifiable sections of that work are not derived from the Program,
116 | and can be reasonably considered independent and separate works in
117 | themselves, then this License, and its terms, do not apply to those
118 | sections when you distribute them as separate works.  But when you
119 | distribute the same sections as part of a whole which is a work based
120 | on the Program, the distribution of the whole must be on the terms of
121 | this License, whose permissions for other licensees extend to the
122 | entire whole, and thus to each and every part regardless of who wrote it.
123 | 
124 | Thus, it is not the intent of this section to claim rights or contest
125 | your rights to work written entirely by you; rather, the intent is to
126 | exercise the right to control the distribution of derivative or
127 | collective works based on the Program.
128 | 
129 | In addition, mere aggregation of another work not based on the Program
130 | with the Program (or with a work based on the Program) on a volume of
131 | a storage or distribution medium does not bring the other work under
132 | the scope of this License.
133 | 
134 |   3. You may copy and distribute the Program (or a work based on it,
135 | under Section 2) in object code or executable form under the terms of
136 | Sections 1 and 2 above provided that you also do one of the following:
137 | 
138 |     a) Accompany it with the complete corresponding machine-readable
139 |     source code, which must be distributed under the terms of Sections
140 |     1 and 2 above on a medium customarily used for software interchange; or,
141 | 
142 |     b) Accompany it with a written offer, valid for at least three
143 |     years, to give any third party, for a charge no more than your
144 |     cost of physically performing source distribution, a complete
145 |     machine-readable copy of the corresponding source code, to be
146 |     distributed under the terms of Sections 1 and 2 above on a medium
147 |     customarily used for software interchange; or,
148 | 
149 |     c) Accompany it with the information you received as to the offer
150 |     to distribute corresponding source code.  (This alternative is
151 |     allowed only for noncommercial distribution and only if you
152 |     received the program in object code or executable form with such
153 |     an offer, in accord with Subsection b above.)
154 | 
155 | The source code for a work means the preferred form of the work for
156 | making modifications to it.  For an executable work, complete source
157 | code means all the source code for all modules it contains, plus any
158 | associated interface definition files, plus the scripts used to
159 | control compilation and installation of the executable.  However, as a
160 | special exception, the source code distributed need not include
161 | anything that is normally distributed (in either source or binary
162 | form) with the major components (compiler, kernel, and so on) of the
163 | operating system on which the executable runs, unless that component
164 | itself accompanies the executable.
165 | 
166 | If distribution of executable or object code is made by offering
167 | access to copy from a designated place, then offering equivalent
168 | access to copy the source code from the same place counts as
169 | distribution of the source code, even though third parties are not
170 | compelled to copy the source along with the object code.
171 | 
172 |   4. You may not copy, modify, sublicense, or distribute the Program
173 | except as expressly provided under this License.  Any attempt
174 | otherwise to copy, modify, sublicense or distribute the Program is
175 | void, and will automatically terminate your rights under this License.
176 | However, parties who have received copies, or rights, from you under
177 | this License will not have their licenses terminated so long as such
178 | parties remain in full compliance.
179 | 
180 |   5. You are not required to accept this License, since you have not
181 | signed it.  However, nothing else grants you permission to modify or
182 | distribute the Program or its derivative works.  These actions are
183 | prohibited by law if you do not accept this License.  Therefore, by
184 | modifying or distributing the Program (or any work based on the
185 | Program), you indicate your acceptance of this License to do so, and
186 | all its terms and conditions for copying, distributing or modifying
187 | the Program or works based on it.
188 | 
189 |   6. Each time you redistribute the Program (or any work based on the
190 | Program), the recipient automatically receives a license from the
191 | original licensor to copy, distribute or modify the Program subject to
192 | these terms and conditions.  You may not impose any further
193 | restrictions on the recipients' exercise of the rights granted herein.
194 | You are not responsible for enforcing compliance by third parties to
195 | this License.
196 | 
197 |   7. If, as a consequence of a court judgment or allegation of patent
198 | infringement or for any other reason (not limited to patent issues),
199 | conditions are imposed on you (whether by court order, agreement or
200 | otherwise) that contradict the conditions of this License, they do not
201 | excuse you from the conditions of this License.  If you cannot
202 | distribute so as to satisfy simultaneously your obligations under this
203 | License and any other pertinent obligations, then as a consequence you
204 | may not distribute the Program at all.  For example, if a patent
205 | license would not permit royalty-free redistribution of the Program by
206 | all those who receive copies directly or indirectly through you, then
207 | the only way you could satisfy both it and this License would be to
208 | refrain entirely from distribution of the Program.
209 | 
210 | If any portion of this section is held invalid or unenforceable under
211 | any particular circumstance, the balance of the section is intended to
212 | apply and the section as a whole is intended to apply in other
213 | circumstances.
214 | 
215 | It is not the purpose of this section to induce you to infringe any
216 | patents or other property right claims or to contest validity of any
217 | such claims; this section has the sole purpose of protecting the
218 | integrity of the free software distribution system, which is
219 | implemented by public license practices.  Many people have made
220 | generous contributions to the wide range of software distributed
221 | through that system in reliance on consistent application of that
222 | system; it is up to the author/donor to decide if he or she is willing
223 | to distribute software through any other system and a licensee cannot
224 | impose that choice.
225 | 
226 | This section is intended to make thoroughly clear what is believed to
227 | be a consequence of the rest of this License.
228 | 
229 |   8. If the distribution and/or use of the Program is restricted in
230 | certain countries either by patents or by copyrighted interfaces, the
231 | original copyright holder who places the Program under this License
232 | may add an explicit geographical distribution limitation excluding
233 | those countries, so that distribution is permitted only in or among
234 | countries not thus excluded.  In such case, this License incorporates
235 | the limitation as if written in the body of this License.
236 | 
237 |   9. The Free Software Foundation may publish revised and/or new versions
238 | of the General Public License from time to time.  Such new versions will
239 | be similar in spirit to the present version, but may differ in detail to
240 | address new problems or concerns.
241 | 
242 | Each version is given a distinguishing version number.  If the Program
243 | specifies a version number of this License which applies to it and "any
244 | later version", you have the option of following the terms and conditions
245 | either of that version or of any later version published by the Free
246 | Software Foundation.  If the Program does not specify a version number of
247 | this License, you may choose any version ever published by the Free Software
248 | Foundation.
249 | 
250 |   10. If you wish to incorporate parts of the Program into other free
251 | programs whose distribution conditions are different, write to the author
252 | to ask for permission.  For software which is copyrighted by the Free
253 | Software Foundation, write to the Free Software Foundation; we sometimes
254 | make exceptions for this.  Our decision will be guided by the two goals
255 | of preserving the free status of all derivatives of our free software and
256 | of promoting the sharing and reuse of software generally.
257 | 
258 |                             NO WARRANTY
259 | 
260 |   11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
261 | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
262 | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
263 | PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
264 | OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
265 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
266 | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
267 | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
268 | REPAIR OR CORRECTION.
269 | 
270 |   12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
271 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
272 | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
273 | INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
274 | OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
275 | TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
276 | YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
277 | PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
278 | POSSIBILITY OF SUCH DAMAGES.
279 | 
280 |                      END OF TERMS AND CONDITIONS
281 | 
282 |             How to Apply These Terms to Your New Programs
283 | 
284 |   If you develop a new program, and you want it to be of the greatest
285 | possible use to the public, the best way to achieve this is to make it
286 | free software which everyone can redistribute and change under these terms.
287 | 
288 |   To do so, attach the following notices to the program.  It is safest
289 | to attach them to the start of each source file to most effectively
290 | convey the exclusion of warranty; and each file should have at least
291 | the "copyright" line and a pointer to where the full notice is found.
292 | 
293 |     <one line to give the program's name and a brief idea of what it does.>
294 |     Copyright (C) <year>  <name of author>
295 | 
296 |     This program is free software; you can redistribute it and/or modify
297 |     it under the terms of the GNU General Public License as published by
298 |     the Free Software Foundation; either version 2 of the License, or
299 |     (at your option) any later version.
300 | 
301 |     This program is distributed in the hope that it will be useful,
302 |     but WITHOUT ANY WARRANTY; without even the implied warranty of
303 |     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
304 |     GNU General Public License for more details.
305 | 
306 |     You should have received a copy of the GNU General Public License along
307 |     with this program; if not, write to the Free Software Foundation, Inc.,
308 |     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
309 | 
310 | Also add information on how to contact you by electronic and paper mail.
311 | 
312 | If the program is interactive, make it output a short notice like this
313 | when it starts in an interactive mode:
314 | 
315 |     Gnomovision version 69, Copyright (C) year name of author
316 |     Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
317 |     This is free software, and you are welcome to redistribute it
318 |     under certain conditions; type `show c' for details.
319 | 
320 | The hypothetical commands `show w' and `show c' should show the appropriate
321 | parts of the General Public License.  Of course, the commands you use may
322 | be called something other than `show w' and `show c'; they could even be
323 | mouse-clicks or menu items--whatever suits your program.
324 | 
325 | You should also get your employer (if you work as a programmer) or your
326 | school, if any, to sign a "copyright disclaimer" for the program, if
327 | necessary.  Here is a sample; alter the names:
328 | 
329 |   Yoyodyne, Inc., hereby disclaims all copyright interest in the program
330 |   `Gnomovision' (which makes passes at compilers) written by James Hacker.
331 | 
332 |   <signature of Ty Coon>, 1 April 1989
333 |   Ty Coon, President of Vice
334 | 
335 | This General Public License does not permit incorporating your program into
336 | proprietary programs.  If your program is a subroutine library, you may
337 | consider it more useful to permit linking proprietary applications with the
338 | library.  If this is what you want to do, use the GNU Lesser General
339 | Public License instead of this License.
340 | 


--------------------------------------------------------------------------------