summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xMakefile2
-rwxr-xr-xpackaging/debian/monkeysphere.postinst2
-rwxr-xr-xsrc/monkeysphere-authentication2
-rwxr-xr-xsrc/monkeysphere-host9
-rw-r--r--src/share/common14
-rw-r--r--src/share/mh/diagnostics189
-rwxr-xr-xutils/build-releasenote12
-rw-r--r--utils/preparing-release4
8 files changed, 137 insertions, 97 deletions
diff --git a/Makefile b/Makefile
index 9381b03..710d779 100755
--- a/Makefile
+++ b/Makefile
@@ -5,7 +5,7 @@
# © 2008-2010 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
# Licensed under GPL v3 or later
-MONKEYSPHERE_VERSION = `head -n1 packaging/debian/changelog | sed 's/.*(\([^-]*\)-.*/\1/'`
+MONKEYSPHERE_VERSION = `head -n1 changelog | sed 's/.*(\([^-]*\)).*/\1/'`
# these defaults are for debian. porters should probably adjust them
# before calling make install
diff --git a/packaging/debian/monkeysphere.postinst b/packaging/debian/monkeysphere.postinst
index 07bf468..8c6a555 100755
--- a/packaging/debian/monkeysphere.postinst
+++ b/packaging/debian/monkeysphere.postinst
@@ -3,7 +3,7 @@
# postinst script for monkeysphere
# Author: Jameson Rollins <jrollins@finestructure.net>
-# Copyright 2008-2009
+# Copyright 2008-2010
set -e
diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication
index dd44efe..7d08aac 100755
--- a/src/monkeysphere-authentication
+++ b/src/monkeysphere-authentication
@@ -211,7 +211,7 @@ case $COMMAND in
gpg_sphere "$@"
;;
- 'version'|'v')
+ 'version'|'--version'|'v')
version
;;
diff --git a/src/monkeysphere-host b/src/monkeysphere-host
index 4d3edf4..72205ad 100755
--- a/src/monkeysphere-host
+++ b/src/monkeysphere-host
@@ -110,6 +110,11 @@ update_pgp_pub_file() {
# all-number (e.g. ssh://666.666), which are technically not allowed
# (though some exist on the 'net, apparently)
+# FIXME: this will probably misbehave if raw IP addresses are provided,
+# either IPv4 or IPv6 using the bracket notation.
+
+# FIXME: this doesn't address the use of hashed User IDs.
+
check_service_name() {
local name="$1"
local errs=""
@@ -265,7 +270,7 @@ multi_key() {
if (( i++ > 0 )) ; then
echo "##############################"
fi
- eval "$cmd" "$key"
+ "$cmd" "$key"
done
}
@@ -422,7 +427,7 @@ case $COMMAND in
update_pgp_pub_file
;;
- 'version'|'v')
+ 'version'|'--version'|'v')
version
;;
diff --git a/src/share/common b/src/share/common
index 0a7fe87..e735319 100644
--- a/src/share/common
+++ b/src/share/common
@@ -1200,13 +1200,25 @@ process_authorized_user_ids() {
list_primary_fingerprints() {
local fake=$(msmktempdir)
trap "rm -rf $fake" EXIT
- GNUPGHOME="$fake" gpg --no-tty --quiet --import
+ GNUPGHOME="$fake" gpg --no-tty --quiet --import --ignore-time-conflict 2>/dev/null
GNUPGHOME="$fake" gpg --with-colons --fingerprint --list-keys | \
awk -F: '/^fpr:/{ print $10 }'
trap - EXIT
rm -rf "$fake"
}
+# takes an OpenPGP key or set of keys on stdin, a fingerprint or other
+# key identifier as $1, and outputs the gpg-formatted information for
+# the requested keys from the material on stdin
+get_cert_info() {
+ local fake=$(msmktempdir)
+ trap "rm -rf $fake" EXIT
+ GNUPGHOME="$fake" gpg --no-tty --quiet --import --ignore-time-conflict 2>/dev/null
+ GNUPGHOME="$fake" gpg --with-colons --fingerprint --fixed-list-mode --list-keys "$1"
+ trap - EXIT
+ rm -rf "$fake"
+}
+
check_cruft_file() {
local loc="$1"
diff --git a/src/share/mh/diagnostics b/src/share/mh/diagnostics
index 8e83cc5..9409f1d 100644
--- a/src/share/mh/diagnostics
+++ b/src/share/mh/diagnostics
@@ -8,107 +8,88 @@
# Jamie McClelland <jm@mayfirst.org>
# Daniel Kahn Gillmor <dkg@fifthhorseman.net>
#
-# They are Copyright 2008-2009, and are all released under the GPL,
+# They are Copyright 2008-2010, and are all released under the GPL,
# version 3 or later.
-# check on the status and validity of the key and public certificates
+# check on the status and validity of the host's public certificates (and keys?)
-diagnostics() {
-
-local seckey
-local keysfound
-local curdate
-local warnwindow
-local warndate
-local create
-local expire
-local uid
-local fingerprint
-local badhostkeys
-local problemsfound=0
-
-if ! [ -d "$SYSDATADIR" ] ; then
- echo "! no $SYSDATADIR directory found. Please create it."
- exit
-fi
-
-if ! [ -f "$HOST_KEY_FILE" ] ; then
- echo "No host key OpenPGP pub file found!"
- echo " - Recommendation: run 'monkeysphere-host import-key'"
- exit
-fi
+# global vars for communicating between functions:
-# load the host key fingerprint
-load_fingerprint
-
-seckey=$(gpg_host --list-secret-keys --fingerprint --with-colons --fixed-list-mode)
-keysfound=$(echo "$seckey" | grep -c ^sec:)
-curdate=$(date +%s)
+MHD_CURDATE=$(date +%s)
# warn when anything is 2 months away from expiration
-warnwindow='2 months'
-warndate=$(advance_date $warnwindow +%s)
-
-if ! id monkeysphere >/dev/null ; then
- echo "! No monkeysphere user found! Please create a monkeysphere system user with bash as its shell."
- problemsfound=$(($problemsfound+1))
-fi
+MHD_WARNWINDOW='2 months'
+MHD_WARNDATE=$(advance_date $MHD_WARNWINDOW +%s)
+MHD_PROBLEMSFOUND=0
+
+
+diagnose_key() {
+ local fpr="$1"
+ local certinfo
+ local create
+ local expire
+ local uid
+ local keysfound
+ local uiderrs
+ local errcount
+
+ printf "Checking OpenPGP Certificate for key 0x%s\n" "$fpr"
+
+ certinfo=$(get_cert_info "0x$fpr" <"$HOST_KEY_FILE")
+ keysfound=$(grep -c ^pub: <<<"$certinfo")
+
+ if [ "$keysfound" -lt 1 ] ; then
+ printf "! Could not find key with fingerprint 0x%s\n" "$fpr"
+ # FIXME: recommend a way to resolve this!
+ MHD_PROBLEMSFOUND=$(($MHD_PROBLEMSFOUND+1))
+ fi
-echo "Checking host GPG key..."
-if (( "$keysfound" < 1 )); then
- echo "! No host key found. The monkeysphere-host data directory is corrupt?!?!"
- echo " - Recommendation: purge the MHDATADIR ($MHDATADIR) and rerun 'monkeysphere-host import-key'"
- problemsfound=$(($problemsfound+1))
-elif (( "$keysfound" > 1 )); then
- echo "! More than one host key found?"
- # FIXME: recommend a way to resolve this
- problemsfound=$(($problemsfound+1))
-else
- create=$(echo "$seckey" | grep ^sec: | cut -f6 -d:)
- expire=$(echo "$seckey" | grep ^sec: | cut -f7 -d:)
- fingerprint=$(echo "$seckey" | grep ^fpr: | head -n1 | cut -f10 -d:)
+ create=$(echo "$certinfo" | grep ^pub: | cut -f6 -d:)
+ expire=$(echo "$certinfo" | grep ^pub: | cut -f7 -d:)
# check for key expiration:
if [ "$expire" ]; then
- if (( "$expire" < "$curdate" )); then
- echo "! Host key is expired."
- echo " - Recommendation: extend lifetime of key with 'monkeysphere-host set-expire'"
- problemsfound=$(($problemsfound+1))
- elif (( "$expire" < "$warndate" )); then
- echo "! Host key expires in less than $warnwindow:" $(advance_date $(( $expire - $curdate )) seconds +%F)
- echo " - Recommendation: extend lifetime of key with 'monkeysphere-host set-expire'"
- problemsfound=$(($problemsfound+1))
+ if (( "$expire" < "$MHD_CURDATE" )); then
+ printf "! Host key 0x%s is expired.\n" "$fpr"
+ printf " - Recommendation: extend lifetime of key with 'monkeysphere-host set-expire 0x%s'\n" "$fpr"
+ MHD_PROBLEMSFOUND=$(($MHD_PROBLEMSFOUND+1))
+ elif (( "$expire" < "$MHD_WARNDATE" )); then
+ printf "! Host key 0x%s expires in less than %s: %s\n" "$fpr" "$MHD_WARNWINDOW" $(advance_date $(( $expire - $MHD_CURDATE )) seconds +%F)
+ printf " - Recommendation: extend lifetime of key with 'monkeysphere-host set-expire %s'\n" "$fpr"
+ MHD_PROBLEMSFOUND=$(($MHD_PROBLEMSFOUND+1))
fi
fi
# and weirdnesses:
- if [ "$create" ] && (( "$create" > "$curdate" )); then
- echo "! Host key was created in the future(?!). Is your clock correct?"
- echo " - Recommendation: Check clock ($(date +%F_%T)); use NTP?"
- problemsfound=$(($problemsfound+1))
+ if [ "$create" ] && (( "$create" > "$MHD_CURDATE" )); then
+ printf "! Host key 0x%s was created in the future(?!): %s. Is your clock correct?\n" "$fpr" $(date -d "1970-01-01 + $create seconds" +%F)
+ printf " - Recommendation: Check your clock (is it really %s?); use NTP?\n" $(date +%F_%T)
+ MHD_PROBLEMSFOUND=$(($MHD_PROBLEMSFOUND+1))
fi
# check for UserID expiration:
- echo "$seckey" | grep ^uid: | cut -d: -f6,7,10 | \
- while IFS=: read create expire uid ; do
- # FIXME: should we be doing any checking on the form
- # of the User ID? Should we be unmangling it somehow?
-
- if [ "$create" ] && (( "$create" > "$curdate" )); then
- echo "! User ID '$uid' was created in the future(?!). Is your clock correct?"
- echo " - Recommendation: Check clock ($(date +%F_%T)); use NTP?"
- problemsfound=$(($problemsfound+1))
- fi
- if [ "$expire" ] ; then
- if (( "$expire" < "$curdate" )); then
- echo "! User ID '$uid' is expired."
+ uiderrs=$(printf '%s\n' "$certinfo" | grep ^uid: | cut -d: -f6,7,10 | \
+ while IFS=: read -r create expire uid ; do
+ uid=$(gpg_unescape <<<"$uid")
+
+ check_service_name "$uid"
+ if [ "$create" ] && (( "$create" > "$MHD_CURDATE" )); then
+ printf "! The latest self-sig on User ID '%s' was created in the future(?!): %s.\n - Is your clock correct?\n" "$uid" $(date -d "1970-01-01 + $create seconds" +%F)
+ printf " - Recommendation: Check your clock (is it really %s ?); use NTP?\n" $(date +%F_%T)
+ fi
+ if [ "$expire" ] ; then
+ if (( "$expire" < "$MHD_CURDATE" )); then
+ printf "! User ID '%s' is expired.\n" "$uid"
# FIXME: recommend a way to resolve this
- problemsfound=$(($problemsfound+1))
- elif (( "$expire" < "$warndate" )); then
- echo "! User ID '$uid' expires in less than $warnwindow:" $(advance_date $(( $expire - $curdate )) seconds +%F)
+ elif (( "$expire" < "$MHD_WARNDATE" )); then
+ printf "! User ID '%s' expires in less than %s: %s\n" "%s" "$MHD_WARNWINDOW" $(advance_date $(( $expire - $MHD_CURDATE )) seconds +%F)
# FIXME: recommend a way to resolve this
- problemsfound=$(($problemsfound+1))
+ fi
fi
- fi
- done
+ done)
+ errcount=$(grep -c '^!' <<<"$uiderrs") || \
+ MHD_PROBLEMSFOUND=$(($MHD_PROBLEMSFOUND+ $errcount ))
+ printf '%s\n' "$uiderrs"
+
+
# FIXME: verify that the host key is properly published to the
# keyservers (do this with the non-privileged user)
@@ -120,11 +101,45 @@ else
# FIXME: propose adding a revoker to the host key if none exist (do we
# have a way to do that after key generation?)
-# FIXME: test (with ssh-keyscan?) that the running ssh
-# daemon is actually offering the monkeysphere host key.
+# FIXME: test (with ssh-keyscan?) that any running ssh daemon is
+# actually offering the monkeysphere host key, if such a key is
+# loaded.
+
+# FIXME: scan /proc/net/tcp and /proc/net/tcp6 to see what
+# known-crypto ports (ssh, https, imaps?, ldaps?, etc) are in use
+# locally. Propose bringing them into the monkeysphere.
+
+# FIXME: ensure that the key is of a reasonable size
+
+# FIXME: ensure that the cert has the right key usage flags
+
+# FIXME: ensure that the key doesn't match any known blacklist
+}
+
+diagnostics() {
+
+MHD_PROBLEMSFOUND=0
+
+
+if ! [ -d "$SYSDATADIR" ] ; then
+ echo "! no $SYSDATADIR directory found. Please create it."
+ exit
+fi
+if ! [ -f "$HOST_KEY_FILE" ] ; then
+ echo "No host OpenPGP certificates file found!"
+ echo " - Recommendation: run 'monkeysphere-host import-key' with a service key"
+ exit
fi
+if ! id monkeysphere >/dev/null ; then
+ echo "! No monkeysphere user found! Please create a monkeysphere system user with bash as its shell."
+ MHD_PROBLEMSFOUND=$(($MHD_PROBLEMSFOUND+1))
+fi
+
+echo "Checking host OpenPGP certificates..."
+multi_key diagnose_key
+
# FIXME: look at the ownership/privileges of the various keyrings,
# directories housing them, etc (what should those values be? can
# we make them as minimal as possible?)
@@ -132,8 +147,8 @@ fi
# report on any cruft from old monkeysphere version
report_cruft
-if [ "$problemsfound" -gt 0 ]; then
- echo "When the above $problemsfound issue"$(if [ "$problemsfound" -eq 1 ] ; then echo " is" ; else echo "s are" ; fi)" resolved, please re-run:"
+if [ "$MHD_PROBLEMSFOUND" -gt 0 ]; then
+ echo "When the above $MHD_PROBLEMSFOUND issue"$(if [ "$MHD_PROBLEMSFOUND" -eq 1 ] ; then echo " is" ; else echo "s are" ; fi)" resolved, please re-run:"
echo " monkeysphere-host diagnostics"
else
echo "Everything seems to be in order!"
diff --git a/utils/build-releasenote b/utils/build-releasenote
index 1dee649..cac0869 100755
--- a/utils/build-releasenote
+++ b/utils/build-releasenote
@@ -1,10 +1,18 @@
#!/bin/bash
-VERSION=`head -n1 packaging/debian/changelog | sed 's/.*(\([^)]*\)).*/\1/'`
+# script to build a release announcement for the Monkeysphere
+# if you're running this, you probably also want to read through
+# the checklist in utils/preparing-release.
+
+# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+# Copyright: © 2008-2010
+# License: GPL, v3 or later
+
+VERSION=`head -n1 changelog | sed 's/.*(\([^)]*\)).*/\1/'`
{
sed "s/__VERSION__/$VERSION/g" < utils/releasenote.header
- head -n$(( $(grep -n '^ --' packaging/debian/changelog | head -n1 | cut -f1 -d:) - 2 )) packaging/debian/changelog | tail -n+3
+ head -n$(( $(grep -n '^ --' changelog | head -n1 | cut -f1 -d:) - 2 )) changelog | tail -n+3
sed "s/__VERSION__/$VERSION/g" < utils/releasenote.footer
} > "website/news/release-$VERSION.mdwn"
diff --git a/utils/preparing-release b/utils/preparing-release
index 3273c1c..8ecbc00 100644
--- a/utils/preparing-release
+++ b/utils/preparing-release
@@ -1,7 +1,7 @@
### Notes about preparing a release for the monkeysphere ###
- * make sure that packaging/debian/changelog has a reasonable version
- number.
+ * make sure that changelog and packaging/debian/changelog both have
+ reasonable version numbers.
* have the monkeysphere archive signing key handy!