diff options
author | Dave Heller <hellerda@us.ibm.com> | 2018-09-02 02:09:43 -0400 |
---|---|---|
committer | Dave Heller <hellerda@us.ibm.com> | 2018-09-02 02:09:43 -0400 |
commit | 814a2ac0bbe6d34992832cdee38f82900997020d (patch) | |
tree | cc90a72b5d9846fc83e5b4787ad1a895f1ff488e | |
parent | 1e2f8681b5110bae2f8aa5509a64f4cfd97b70f1 (diff) | |
download | sb-signing-utils-814a2ac0bbe6d34992832cdee38f82900997020d.tar.gz sb-signing-utils-814a2ac0bbe6d34992832cdee38f82900997020d.zip |
Sanitize boolean values
Make sure the value of any boolean configuration property is set to
an acceptable string (True), or an empty string (False). This is safer
and more robust.
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
-rwxr-xr-x | crtSignedContainer.sh | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/crtSignedContainer.sh b/crtSignedContainer.sh index db8e280..32d2f4a 100755 --- a/crtSignedContainer.sh +++ b/crtSignedContainer.sh @@ -96,6 +96,21 @@ is_path_dir () { echo "$1" | egrep -q /$ } +make_bool () { + # Sanitize boolean values so that on input: + # - True = set to "true" or "y", case insensitive + # - False = set to any other string, or unset + # On output: + # - True = set to a non-zero length string + # - False = set to a zero length string + if [ "$(to_lower "$1")" == true ] || [ "$(to_lower "$1")" == y ] + then + echo true + else + echo "" + fi +} + is_cmd_available () { command -v "$1" &>/dev/null } @@ -362,6 +377,10 @@ do die "Required command \"$p\" not available or not found in PATH" done +# Sanitize boolean values +SB_VERBOSE="$(make_bool "$SB_VERBOSE")" +SB_DEBUG="$(make_bool "$SB_DEBUG")" + # These are the only env vars that override a command line option test "$SB_KMS" && KMS="$(to_lower "$SB_KMS")" test "$SB_SIGN_MODE" && SIGN_MODE="$(to_lower "$SB_SIGN_MODE")" @@ -1079,7 +1098,8 @@ fi # Cleanup # if [ $SB_KEEP_CACHE == false ]; then - echo "--> $P: Removing cache dir: $TOPDIR" + test "$SB_VERBOSE" && \ + echo "--> $P: Removing cache dir: $TOPDIR" rm -rf "$TOPDIR" fi |