diff options
| author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2010-02-18 12:11:47 -0500 |
|---|---|---|
| committer | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2010-02-18 12:11:47 -0500 |
| commit | e3bb810e188cae2d40a5191500a501c85cb93381 (patch) | |
| tree | b6afe37b95e8898cb8dd3577b62bc7859c3e3ed4 | |
| parent | 838f52739cc05bfaca19e49bc64c17b435022f1c (diff) | |
enforce --no-armor when exporting to openpgp2ssh in case weird gpg.conf options (see bug 1625)
| -rwxr-xr-x | src/monkeysphere | 2 | ||||
| -rwxr-xr-x | src/monkeysphere-host | 2 | ||||
| -rw-r--r-- | src/share/common | 2 | ||||
| -rw-r--r-- | src/share/m/subkey_to_ssh_agent | 4 | ||||
| -rwxr-xr-x | tests/basic | 8 |
5 files changed, 13 insertions, 5 deletions
diff --git a/src/monkeysphere b/src/monkeysphere index 648f5e9..e268058 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -74,7 +74,7 @@ gpg_ssh_fingerprint() { trap "rm -f $tmpfile" EXIT # use temporary file, since ssh-keygen won't accept keys on stdin - gpg_user --export "$keyid" | openpgp2ssh "$keyid" >"$tmpfile" + gpg_user --export "$keyid" --no-armor | openpgp2ssh "$keyid" >"$tmpfile" ssh-keygen -l -f "$tmpfile" | awk '{ print $1, $2, $4 }' # remove the tmp file diff --git a/src/monkeysphere-host b/src/monkeysphere-host index 6145c30..d89febb 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -302,7 +302,7 @@ show_key() { # create the ssh key tmpssh="$GNUPGHOME"/ssh_host_key_rsa_pub - gpg --export "$fingerprint" 2>/dev/null \ + gpg --export --no-armor "$fingerprint" 2>/dev/null \ | openpgp2ssh 2>/dev/null >"$tmpssh" # list the host key info diff --git a/src/share/common b/src/share/common index e735319..37f5305 100644 --- a/src/share/common +++ b/src/share/common @@ -478,7 +478,7 @@ gpg2ssh() { keyID="$1" - gpg --export "$keyID" | openpgp2ssh "$keyID" 2>/dev/null + gpg --export --no-armor "$keyID" | openpgp2ssh "$keyID" 2>/dev/null } # output known_hosts line from ssh key diff --git a/src/share/m/subkey_to_ssh_agent b/src/share/m/subkey_to_ssh_agent index edc177b..36eab4f 100644 --- a/src/share/m/subkey_to_ssh_agent +++ b/src/share/m/subkey_to_ssh_agent @@ -98,14 +98,14 @@ You might want to run 'monkeysphere gen-subkey'." if [ "$1" = '-d' ]; then # we're removing the subkey: - gpg_user --export "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" + gpg_user --export --no-armor "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" (cd "$workingdir" && ssh-add -d "$kname") || keysuccess="$?" else # we're adding the subkey: mkfifo "$workingdir/$kname" gpg_user --passphrase-fd 3 3<"$workingdir/passphrase" \ --export-options export-reset-subkey-passwd,export-minimal,no-export-attributes \ - --export-secret-subkeys "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" & + --export-secret-subkeys --no-armor "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" & (cd "$workingdir" && DISPLAY=nosuchdisplay SSH_ASKPASS=/bin/false ssh-add "$@" "$kname" </dev/null )& passphrase_prompt "Enter passphrase for key $kname: " "$workingdir/passphrase" diff --git a/tests/basic b/tests/basic index 4ceabd4..9b9eb05 100755 --- a/tests/basic +++ b/tests/basic @@ -355,6 +355,14 @@ echo "##################################################" echo "### ssh connection test for success..." ssh_test +# Make sure it works if there is "armor" written in gpg.conf +# add other weirdnesses here as they come up. +echo +echo "##################################################" +echo "### testing functionality in the face of unusual gpg.conf settings..." +echo 'armor' >> "$GNUPGHOME"/gpg.conf +ssh_test + # remove the testuser's authorized_user_ids file, update, and make # sure that the ssh authentication FAILS echo |