diff options
author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2010-05-06 11:24:55 -0400 |
---|---|---|
committer | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2010-05-06 12:21:25 -0400 |
commit | e6a41995792ee8b7a3dbce1e763e40447e45755f (patch) | |
tree | 76c9c2a3ad3854b4e356a59de6252a752bc68e5a /src/share/ma | |
parent | 8a0467b81b7ec01dcfffc2de40dc078a3caef7e3 (diff) |
support x509 anchors for monkeysphere-host, allow shared anchors between m-a and mh (closes MS #2288)
Diffstat (limited to 'src/share/ma')
-rw-r--r-- | src/share/ma/setup | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/share/ma/setup b/src/share/ma/setup index f965487..3c82c45 100644 --- a/src/share/ma/setup +++ b/src/share/ma/setup @@ -36,6 +36,14 @@ setup() { no-greeting EOF + KEYSERVER_OPTIONS="" + for anchorfile in "${SYSCONFIGDIR}/monkeysphere-authentication-x509-anchors.crt" "${SYSCONFIGDIR}/monkeysphere-x509-anchors.crt"; do + if [ -z "$KEYSERVER_OPTIONS" ] && [ -r "$anchorfile" ] ; then + KEYSERVER_OPTIONS="keyserver-options ca-cert-file=$anchorfile" + log debug "using $anchorfile for keyserver X.509 anchor" + fi + done + log debug "writing sphere gpg.conf..." cat >"${GNUPGHOME_SPHERE}"/gpg.conf <<EOF # Monkeysphere trust sphere GnuPG configuration @@ -43,7 +51,7 @@ EOF # Edits will be overwritten. no-greeting list-options show-uid-validity -keyserver-options ca-cert-file=${SYSCONFIGDIR}/monkeysphere-authentication-x509-anchors.crt +${KEYSERVER_OPTIONS} EOF # make sure the monkeysphere user owns everything in the sphere |