summaryrefslogtreecommitdiff
path: root/src/share/mh/publish_key
diff options
context:
space:
mode:
authorJameson Rollins <jrollins@finestructure.net>2010-01-15 19:19:15 -0500
committerJameson Rollins <jrollins@finestructure.net>2010-01-15 19:19:15 -0500
commitce45ef5702e072e869fa9d1b703f99dc740eb000 (patch)
treec0aca35789dd24b73b8220fac2d83f73c18fb818 /src/share/mh/publish_key
parent1e207b9914d4b19450c94a3de4dbf41305638035 (diff)
Major rework of monkeysphere-host to handle multiple host keys.
This rework removes any assumption that monkeysphere-host is just managing a single host key, or that the keys are used specifically for ssh. The UI is exactly backwards compatible except that hostnames ('example.com') must be replaced by full service names ('ssh://example.com'). This incarnation passes the old tests with those changes only. There are a couple of things that still need to be done: - need to see if a transition script is needed (some local file names have changed) - need to fill in check_service_name function to verify that a specified service name fits the expected format. - update diagnostics appropriately
Diffstat (limited to 'src/share/mh/publish_key')
-rw-r--r--src/share/mh/publish_key17
1 files changed, 9 insertions, 8 deletions
diff --git a/src/share/mh/publish_key b/src/share/mh/publish_key
index 48e4cbb..553cd72 100644
--- a/src/share/mh/publish_key
+++ b/src/share/mh/publish_key
@@ -8,23 +8,24 @@
# Jamie McClelland <jm@mayfirst.org>
# Daniel Kahn Gillmor <dkg@fifthhorseman.net>
#
-# They are Copyright 2008-2009, and are all released under the GPL, version 3
-# or later.
+# They are Copyright 2008-2010, and are all released under the GPL,
+# version 3 or later.
-# publish server key to keyserver
+# publish keys to keyserver
publish_key() {
+local keyID="$1"
local GNUPGHOME
if [ "$PROMPT" = "true" ] ; then
- printf "Really publish host key to $KEYSERVER? (Y/n) " >&2
+ printf "Really publish key '$keyID' to $KEYSERVER? (Y/n) " >&2
read OK; OK=${OK:=Y}
if [ "${OK/y/Y}" != 'Y' ] ; then
failure "key not published."
fi
else
- log debug "publishing key without prompting."
+ log debug "publishing key '$keyID' without prompting."
fi
# create a temporary gnupg directory from which to publish the key
@@ -35,13 +36,13 @@ chown "$MONKEYSPHERE_USER":"$MONKEYSPHERE_GROUP" "$GNUPGHOME"
# trap to remove tmp dir if break
trap "rm -rf $GNUPGHOME" EXIT
-# import the host key into the tmp dir
+# import the key into the tmp dir
su_monkeysphere_user \
"gpg --quiet --import" <"$HOST_KEY_FILE"
-# publish host key
+# publish key
su_monkeysphere_user \
- "gpg --keyserver $KEYSERVER --send-keys '0x${HOST_FINGERPRINT}!'"
+ "gpg --keyserver $KEYSERVER --send-keys '0x${keyID}!'"
# remove the tmp file
trap - EXIT