Cleaned/fix up update-userid function. also some general cleanup.

4 files changed, 93 insertions, 46 deletions

diff --git a/src/common b/src/common
index 8643080..073b8af 100755
--- a/src/common
+++ b/src/common
@@ -351,3 +351,43 @@ process_authorized_ids() {
 	process_user_id "$userID" "$cacheDir" > /dev/null
     done
 }
+
+# update the cache for userid, and prompt to add file to
+# authorized_user_ids file if the userid is found in gpg
+# and not already in file.
+update_userid() {
+    local userID
+    local cacheDir
+    local userIDKeyCache
+
+    userID="$1"
+    cacheDir="$2"
+
+    log "processing userid: '$userID'"
+    userIDKeyCache=$(process_user_id "$userID" "$cacheDir")
+    if [ -z "$userIDKeyCache" ] ; then
+	return 1
+    fi
+    if ! grep -q "^${userID}\$" "$AUTHORIZED_USER_IDS" ; then
+	echo "the following userid is not in the authorized_user_ids file:"
+	echo "  $userID"
+	read -p "would you like to add? [Y|n]: " OK; OK=${OK:=Y}
+	if [ ${OK/y/Y} = 'Y' ] ; then
+	    log -n "  adding userid to authorized_user_ids file... "
+	    echo "$userID" >> "$AUTHORIZED_USER_IDS"
+	    echo "done."
+	fi
+    fi
+}
+
+# retrieve key from web of trust, and set owner trust to "full"
+# if key is found.
+trust_key() {
+    # get the key from the key server
+    gpg --keyserver "$KEYSERVER" --recv-key "$keyID" || failure "could not retrieve key '$keyID'"
+
+    # edit the key to change trust
+    # FIXME: need to figure out how to automate this,
+    # in a batch mode or something.
+    gpg --edit-key "$keyID"
+}
diff --git a/src/monkeysphere b/src/monkeysphere
index f279d86..d652ab3 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -1,5 +1,13 @@
 #!/bin/sh
 
+# monkeysphere: MonkeySphere client tool
+#
+# The monkeysphere scripts are written by:
+# Jameson Rollins <jrollins@fifthhorseman.net>
+#
+# They are Copyright 2008, and are all released under the GPL, version 3
+# or later.
+
 ########################################################################
 PGRM=$(basename $0)
 
@@ -26,11 +34,11 @@ usage: $PGRM <subcommand> [args]
 Monkeysphere client tool.
 
 subcommands:
-  update-known-hosts (k) [HOST]...           update known_hosts file
-  update-authorized-keys (a)                 update authorized_keys file
-  update-userid (u) [USERID]...              add/update userid to
-                                               authorized_user_ids
-  help (h,?)                                 this help
+  update-known-hosts (k) [HOST]...  update known_hosts file
+  update-authorized-keys (a)        update authorized_keys file
+  update-userids (u) [USERID]...    add/update userid
+  gen-ae-subkey (g)                 generate an 'ae' capable subkey
+  help (h,?)                        this help
 
 EOF
 }
@@ -129,20 +137,19 @@ case $COMMAND in
 	log "$msAuthorizedKeys"
 	;;
 
-    'update-userid'|'u')
+    'update-userids'|'u')
 	if [ -z "$1" ] ; then
 	    failure "you must specify at least one userid."
 	fi
 	for userID ; do
-	    if ! grep -q "^${userID}\$" "$AUTHORIZED_USER_IDS" ; then
-		log "userid '$userID' not in authorized_user_ids file."
-		continue
-	    fi
-	    log "processing user id: '$userID'"
-	    process_user_id "$userID" "$userKeysCacheDir" > /dev/null
+	    update_userid "$userID" "$userKeysCacheDir"
 	done
 	;;
 
+    'gen-ae-subkey'|)
+	failure "function not implemented yet."
+	;;
+
     'help'|'h'|'?')
         usage
         ;;
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index f1b4892..fd7b583 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -1,5 +1,13 @@
 #!/bin/sh
 
+# monkeysphere-server: MonkeySphere server admin tool
+#
+# The monkeysphere scripts are written by:
+# Jameson Rollins <jrollins@fifthhorseman.net>
+#
+# They are Copyright 2008, and are all released under the GPL, version 3
+# or later.
+
 ########################################################################
 PGRM=$(basename $0)
 
@@ -23,12 +31,12 @@ usage: $PGRM <subcommand> [args]
 Monkeysphere server admin tool.
 
 subcommands:
-  update-users (s) [USER]...                update authorized_keys file
-  gen-key (g)                               generate gpg key for the host
-  publish-key (p)                           publish host gpg to keyserver
-  trust-key (t) KEYID [KEYID]...            mark keyid as trusted
-  update-user-userid (u) USER UID [UID]...  add/update userid for user
-  help (h,?)                                this help
+  update-users (s) [USER]...                 update user authorized_keys file
+  gen-key (g)                                generate gpg key for the server
+  publish-key (p)                            publish server gpg to keyserver
+  trust-key (t) KEYID [KEYID]...             mark keyid as trusted
+  update-user-userids (u) USER UID [UID]...  add/update userid for user
+  help (h,?)                                 this help
 
 EOF
 }
@@ -85,19 +93,6 @@ publish_key() {
     echo "gpg --send-keys --keyserver $KEYSERVER $keyID"
 }
 
-# trust key
-trust_key() {
-    for keyID ; do
-	# get the key from the key server
-	gpg --keyserver "$KEYSERVER" --recv-key "$keyID" || failure "could not retrieve key '$keyID'"
-
-	# edit the key to change trust
-	# FIXME: need to figure out how to automate this,
-	# in a batch mode or something.
-	gpg --edit-key "$keyID"
-    done
-}
-
 ########################################################################
 # MAIN
 ########################################################################
@@ -185,10 +180,12 @@ case $COMMAND in
 	if [ -z "$1" ] ; then
 	    failure "you must specify at least one key to trust."
 	fi
-	trust_key "$@"
+	for keyID ; do
+	    trust_key "$keyID"
+	done
 	;;
 
-    'update-user-userid'|'u')
+    'update-user-userids'|'u')
 	uname="$1"
 	shift
 	if [ -z "$uname" ] ; then
@@ -197,14 +194,10 @@ case $COMMAND in
 	if [ -z "$1" ] ; then
 	    failure "you must specify at least one userid."
 	fi
+	AUTHORIZED_USER_IDS="$MS_HOME"/authorized_user_ids/"$uname"
+	userKeysCacheDir="$STAGING_AREA"/"$uname"/user_keys
 	for userID ; do
-	    AUTHORIZED_USER_IDS="$MS_HOME"/authorized_user_ids/"$uname"
-	    if ! grep -q "^${userID}\$" "$AUTHORIZED_USER_IDS" ; then
-		log "userid '$userID' not in authorized_user_ids file."
-		continue
-	    fi
-	    log "processing user id: '$userID'"
-	    process_user_id "$userID" "$userKeysCacheDir" > /dev/null
+	    update_userid "$userID" "$userKeysCacheDir"
 	done
 	;;
 
diff --git a/src/monkeysphere-ssh-proxycommand b/src/monkeysphere-ssh-proxycommand
index 1724966..417d013 100755
--- a/src/monkeysphere-ssh-proxycommand
+++ b/src/monkeysphere-ssh-proxycommand
@@ -1,10 +1,17 @@
 #!/bin/sh -e
 
-# MonkeySphere ssh ProxyCommand hook
-# Proxy command script to initiate a monkeysphere known_hosts update
-# before an ssh connection to host is established.
-# Can be added to ~/.ssh/config as follows:
-# ProxyCommand monkeysphere-ssh-proxycommand %h %p
+# monkeysphere-ssh-proxycommand: MonkeySphere ssh ProxyCommand hook
+#
+# The monkeysphere scripts are written by:
+# Jameson Rollins <jrollins@fifthhorseman.net>
+#
+# They are Copyright 2008, and are all released under the GPL, version 3
+# or later.
+
+# This is meant to be run as an ssh ProxyCommand to initiate a
+# monkeysphere known_hosts update before an ssh connection to host is
+# established.  Can be added to ~/.ssh/config as follows:
+#  ProxyCommand monkeysphere-ssh-proxycommand %h %p
 
 HOST="$1"
 PORT="$2"
@@ -12,5 +19,5 @@ PORT="$2"
 # update the known_hosts file for the host
 monkeysphere update-known-hosts "$HOST"
 
-# make a netcat connection to host for the ssh connection
+# exec a netcat passthrough to host for the ssh connection
 exec nc "$HOST" "$PORT"