From bafd937fdd6b6b6030309e52cba1a8cd31adbca4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= <jakobus.schuerz@bmi.gv.at>
Date: Tue, 13 Jun 2023 12:54:40 +0200
Subject: [PATCH 1/5] add scppvp

---
 functions.sh | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/functions.sh b/functions.sh
index 9997cc0..fd1399a 100755
--- a/functions.sh
+++ b/functions.sh
@@ -1339,6 +1339,20 @@ pg_drop_and_recreate_db () {
     \l+ ${DB}
     \c postgres
 }
+
+scppvp () {
+    local SERVICE=$1
+    local SETTINGS="$(ls -t $HOME/git/bmi/at.gv.bmi.common.pvp.settings/target/pvp-settings*|head -n1)"
+    local PVPAUTH="$(ls -t ${HOME}/git/bmi/at.gv.bmi.${SERVICE}.pvp.authenticator/target/pvp-*|head -n1)"
+    cat << EOF
+    deploy ${SERVICE}
+    SETTINGS: ${SETTINGS}
+    PVP Authenticator: ${PVPAUTH}
+EOF
+    parallel-scp -h ${HOME}/.dsh/group/${SERVICE} ${SETTINGS} ${PVPAUTH} /root/INSTALL
+
+}
+
 #EOF
 
 

From 327886f7039b1e447da80d32f4ed2734c3a34851 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= <jakobus.schuerz@bmi.gv.at>
Date: Thu, 15 Jun 2023 11:15:05 +0200
Subject: [PATCH 2/5] better tokenhandling

---
 bin/startagent | 24 +++++++++++++++++-------
 1 file changed, 17 insertions(+), 7 deletions(-)

diff --git a/bin/startagent b/bin/startagent
index caa0aca..37c014f 100755
--- a/bin/startagent
+++ b/bin/startagent
@@ -42,17 +42,17 @@ EOF
 }
 
 check_token(){
-    loginfo "a P11M: ${P11M}"
+    loginfo "a P11M:          ${P11M}"
     loginfo "a PKCS11_MODULE: ${PKCS11_MODULE}"
 
     [ -n "${P11M:+x}" ] && export PKCS11_MODULE=${P11M}
-    loginfo "b P11M: ${P11M}"
+    loginfo "b P11M:          ${P11M}"
     loginfo "b PKCS11_MODULE: ${PKCS11_MODULE}"
     # it's the same as "token" in functions.sh
     # defined here also, to work also in environments, where functions.sh couldn't be sourced
     [ -z "${PKCS11_MODULE:+x}" ] && { PKCS11_MODULE=$P11M; export PKCS11_MODULE; }
 
-    loginfo "c P11M: ${P11M}"
+    loginfo "c P11M:          ${P11M}"
     loginfo "c PKCS11_MODULE: ${PKCS11_MODULE}"
     # If DISPLAY is set, ssh-add calls ssh-askpass, and if its in remote-terminal, it wont work
     # So remember and unset DISPLAY, and set it at the end again, if it was set before
@@ -63,11 +63,21 @@ check_token(){
     # Write public keys of all in agent stored keys to a temporary file
     local tmppubkey="$(mktemp -p ${XDG_RUNTIME_DIR} pubkey.XXXXXX.pub)"
     logtrace "tmppubkey: $tmppubkey"
-    ssh-add -L > $tmppubkey || return $?
-    # Check if public-keys in tmppubkey are working. They are not working, if you removed and add back hardware-token. 
-    loginfo "$(ssh-add -T ${tmppubkey}|| { ssh-add -e $PKCS11_MODULE; ssh-add -s $PKCS11_MODULE; } )"
+    logdebug "C"
+    tmpIFS="${IFS}"
+    IFS=$'\n'
+    for tmppk in $(ssh-add -L)
+    do
+        printf "%s" "$tmppk" |tee "${tmppubkey}" || return $?
+        #echo "${tmppk}" > $tmppubkey || return $?
+        #ssh-add -L > $tmppubkey || return $?
+        # Check if public-keys in tmppubkey are working. They are not working, if you removed and add back hardware-token. 
+        loginfo "$(ssh-add -T ${tmppubkey}|| { ssh-add -e $PKCS11_MODULE; ssh-add -s $PKCS11_MODULE; } )"
+        logdebug "$(ssh-add -l )"
+    done
     logdebug "$(rm "${tmppubkey}")"
-    logdebug "$(ssh-add -l )"
+    IFS=$tmpIFS
+    unset tmpIFS
     [ $DISPLAY_ORIG ] && logtrace "reset DISPLAY=$DISPLAY_ORIG"
     [ $DISPLAY_ORIG ] && export DISPLAY=$DISPLAY_ORIG
 

From 1886ad13e4daf06e3918abc059b69333637aeb5b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= <jakobus.schuerz@home.arpa>
Date: Wed, 28 Jun 2023 09:21:54 +0200
Subject: [PATCH 3/5] Merged detached head into master

---
 functions.sh | 24 ++++--------------------
 1 file changed, 4 insertions(+), 20 deletions(-)

diff --git a/functions.sh b/functions.sh
index fd1399a..38f0ef7 100755
--- a/functions.sh
+++ b/functions.sh
@@ -1169,26 +1169,10 @@ EOF
 }
 
 
-urlencode() {
-    # urlencode <string>
-
-    local LANG=C
-    local length="${#1}"
-    for (( i = 0; i < length; i++ )); do
-        local c="${1:i:1}"
-        case $c in
-            [a-zA-Z0-9.~_-]) printf "$c" ;;
-            *) printf '%%%02X' "'$c" ;; 
-        esac
-    done
-}
-
-urldecode() {
-    # urldecode <string>
-
-    local url_encoded="${1//+/ }"
-    printf '%b' "${url_encoded//%/\\x}"
-}
+urlencode() { python3 -c "import sys; from urllib.parse import quote; print(quote(sys.argv[1]));" "$@"; }
+urldecode() { python3 -c "import sys; from urllib.parse import unquote; print(unquote(sys.argv[1]));" "$@"; }
+urlencodeplus() { python3 -c "import sys; from urllib.parse import quote_plus; print(quote_plus(sys.argv[1]));" "$@"; }
+urldecodeplus() { python3 -c "import sys; from urllib.parse import unquote_plus; print(unquote_plus(sys.argv[1]));" "$@"; }
 
 findlocallogins() {
     last -F -a $(for i in $(find /var/log -maxdepth 1 -name "wtmp*"|sort -h);do echo -n "-f $i ";done)|grep -v "pts/\|reboot\|wtmp"|awk '{print $4,$5,$7}'|uniq

From b01b6373d39293f48c58357667cf81f6bf2defb4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= <jakobus.schuerz@home.arpa>
Date: Thu, 29 Jun 2023 15:01:25 +0200
Subject: [PATCH 4/5] remove pkcs11 hook

load pkcs11 env var -> loadagent
---
 bashrc_add | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bashrc_add b/bashrc_add
index be1d497..996d4ba 100755
--- a/bashrc_add
+++ b/bashrc_add
@@ -198,10 +198,10 @@ EOF
 
         _tmux_hook
         _umask_hook
-        _pkcs11module_hook
+        #_pkcs11module_hook
         promptcommandmunge "_tmux_hook"
         promptcommandmunge "_umask_hook"
-        promptcommandmunge "_pkcs11module_hook"
+        #promptcommandmunge "_pkcs11module_hook"
         promptcommandmunge "_bashrc_tmp_hook"
         which direnv >/dev/null && eval "$(direnv hook bash)"
       

From 5c45efd5e51511fe6154b4b739e2910e84350836 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= <jakobus.schuerz@home.arpa>
Date: Thu, 29 Jun 2023 15:02:14 +0200
Subject: [PATCH 5/5] print agentfile also for no given identity

---
 bin/startagent | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/bin/startagent b/bin/startagent
index 37c014f..300ed59 100755
--- a/bin/startagent
+++ b/bin/startagent
@@ -194,12 +194,10 @@ $(ssh_runinagent $agentfile ssh-add -l)"
             ret=0
         else
             logwarning "ssh-identity »$ssh_identity« is not configured. Please create $identitydir and add keys"
-            echo $agentfile
+            printf "%s" "$agentfile"
             ret=2
         fi
-
     else
-
         if which gnome-keyring-daemon >/dev/null 2>&1; then
             logdebug "no identity given -> gnome-keyrings ssh-agent"
             agentfile="${SSH_AGENTS_DIR}/agent-gnome_session-$(hostname)"
@@ -209,12 +207,12 @@ $(ssh_runinagent $agentfile ssh-add -l)"
             logdebug "ssh-agent for identity »$ssh_identity«: $agentfile"
 #            logdebug "currently loaded keys after action: 
 #$(ssh_runinagent $agentfile ssh-add -l)"
+            printf "%s" "$agentfile"
             ret=0
         else
             logwarning "no identity given -> exit"
             ret=1
         fi
-
     fi
 
     [ $DISPLAY_ORIG ] && logtrace "reset DISPLAY=$DISPLAY_ORIG"
@@ -373,7 +371,8 @@ function check_pubkeysonly () {
 
 ssh_runinagent () {
 
-
+    local SSH_AUTH_SOCK
+    local SSH_AGENT_PID
     local agentfile
     local command
     local agentfile=${1}