diff options
author | Jameson Graef Rollins <jrollins@finestructure.net> | 2009-02-12 18:19:35 -0500 |
---|---|---|
committer | Jameson Graef Rollins <jrollins@finestructure.net> | 2009-02-12 18:19:35 -0500 |
commit | f54abea9da2be063b0d0ed974f6130b303b2a1c7 (patch) | |
tree | 5ced9d699fafe2959561bb53e3674b8c45d283f6 /src/monkeysphere-authentication | |
parent | 07316c65eb5302a1d5385301876be7971e26fd1f (diff) |
Fix the ma/setup function:
- fix reference to MONKEYSPHERE_USER for GNUPGHOME_SPHERE
- break out core_fingerprint function
- export core key to sphere keyring (necessary)
- fix some logging (add more debug) and formatting
Diffstat (limited to 'src/monkeysphere-authentication')
-rwxr-xr-x | src/monkeysphere-authentication | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication index 6d2e72c..a33de1e 100755 --- a/src/monkeysphere-authentication +++ b/src/monkeysphere-authentication @@ -75,17 +75,12 @@ gpg_core() { GNUPGHOME="$GNUPGHOME_CORE" export GNUPGHOME - # NOTE: we supress this warning because we need the monkeysphere - # user to be able to read the host pubring. we realize this might - # be problematic, but it's the simplest solution, without too much - # loss of security. gpg "$@" } # function to interact with the gpg sphere keyring -# FIXME: this function requires basically accepts only a single -# argument because of problems with quote expansion. this needs to be -# fixed/improved. +# FIXME: this function requires only a single argument because of +# problems with quote expansion. this needs to be fixed/improved. gpg_sphere() { GNUPGHOME="$GNUPGHOME_SPHERE" export GNUPGHOME @@ -93,8 +88,18 @@ gpg_sphere() { su_monkeysphere_user "gpg $@" } +# load the core fingerprint into the fingerprint variable, using the +# gpg host secret key +core_fingerprint() { + log debug "determining core key fingerprint..." + gpg_core --quiet --list-secret-key \ + --with-colons --fixed-list-mode --with-fingerprint \ + | grep ^fpr: | cut -d: -f10 +} + # export signatures from core to sphere gpg_core_sphere_sig_transfer() { + log debug "exporting core local sigs to sphere..." gpg_core --export-options export-local-sigs --export | \ gpg_sphere --import-options import-local-sigs --import } |