summaryrefslogtreecommitdiff
path: root/src/share/mh/revoke_hostname
diff options
context:
space:
mode:
authorJameson Rollins <jrollins@finestructure.net>2010-01-15 19:19:15 -0500
committerJameson Rollins <jrollins@finestructure.net>2010-01-15 19:19:15 -0500
commitce45ef5702e072e869fa9d1b703f99dc740eb000 (patch)
treec0aca35789dd24b73b8220fac2d83f73c18fb818 /src/share/mh/revoke_hostname
parent1e207b9914d4b19450c94a3de4dbf41305638035 (diff)
Major rework of monkeysphere-host to handle multiple host keys.
This rework removes any assumption that monkeysphere-host is just managing a single host key, or that the keys are used specifically for ssh. The UI is exactly backwards compatible except that hostnames ('example.com') must be replaced by full service names ('ssh://example.com'). This incarnation passes the old tests with those changes only. There are a couple of things that still need to be done: - need to see if a transition script is needed (some local file names have changed) - need to fill in check_service_name function to verify that a specified service name fits the expected format. - update diagnostics appropriately
Diffstat (limited to 'src/share/mh/revoke_hostname')
-rw-r--r--src/share/mh/revoke_hostname68
1 files changed, 0 insertions, 68 deletions
diff --git a/src/share/mh/revoke_hostname b/src/share/mh/revoke_hostname
deleted file mode 100644
index 6b80802..0000000
--- a/src/share/mh/revoke_hostname
+++ /dev/null
@@ -1,68 +0,0 @@
-# -*-shell-script-*-
-# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
-
-# Monkeysphere host revoke-hostname subcommand
-#
-# The monkeysphere scripts are written by:
-# Jameson Rollins <jrollins@finestructure.net>
-# Jamie McClelland <jm@mayfirst.org>
-# Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-#
-# They are Copyright 2008-2009, and are all released under the GPL,
-# version 3 or later.
-
-# revoke hostname user ID from host key
-
-revoke_hostname() {
-
-local userID
-local fingerprint
-local tmpuidMatch
-local line
-local message
-local revuidCommand
-
-if [ -z "$1" ] ; then
- failure "You must specify a hostname to revoke."
-fi
-
-userID="ssh://${1}"
-
-# make sure the user ID to revoke
-find_host_userid "$userID" || \
- failure "No non-revoked user ID found matching '$userID'."
-
-if [ "$PROMPT" = "true" ] ; then
- printf "The following host key user ID will be revoked:\n %s\nAre you sure you would like to revoke this user ID? (Y/n) " "$userID" >&2
- read OK; OK=${OK:=Y}
- if [ "${OK/y/Y}" != 'Y' ] ; then
- failure "User ID not revoked."
- fi
-else
- log debug "revoking user ID without prompting."
-fi
-
-# actually revoke:
-
-# the gpg secring might not contain the host key we are trying to
-# revoke (let alone any selfsig over that host key), but the plain
-# --export won't contain the secret key. "keytrans revokeuserid"
-# needs access to both pieces, so we feed it both of them.
-
-if (cat "$GNUPGHOME_HOST/secring.gpg" && gpg_host --export "$HOST_FINGERPRINT") | \
- "$SYSSHAREDIR/keytrans" revokeuserid \
- "$HOST_FINGERPRINT" "$userID" | gpg_host --import ; then
- gpg_host --check-trustdb
-
- update_gpg_pub_file
-
- show_key
-
- echo
- echo "NOTE: User ID revoked, but revocation not published."
- echo "Run '$PGRM publish-key' to publish the revocation."
-else
- failure "Problem revoking user ID."
-fi
-
-}