diff options
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | debian/changelog | 29 | ||||
| -rw-r--r-- | debian/control | 2 | ||||
| -rw-r--r-- | debian/dirs | 12 | ||||
| -rw-r--r-- | debian/monkeysphere.dirs | 10 | ||||
| -rwxr-xr-x | debian/monkeysphere.postinst | 4 | ||||
| -rw-r--r-- | etc/monkeysphere-server.conf | 6 | ||||
| -rw-r--r-- | packaging/freebsd/Makefile | 10 | ||||
| -rw-r--r-- | packaging/freebsd/distinfo | 6 | ||||
| -rwxr-xr-x | packaging/freebsd/pkg-install | 15 | ||||
| -rw-r--r-- | src/common | 35 | ||||
| -rwxr-xr-x | src/monkeysphere | 16 | ||||
| -rwxr-xr-x | src/monkeysphere-server | 58 | ||||
| -rwxr-xr-x | tests/basic | 170 | ||||
| -rw-r--r-- | tests/etc/monkeysphere/monkeysphere-server.conf | 5 | ||||
| -rw-r--r-- | tests/home/testuser/.gnupg/gpg.conf | 2 | ||||
| -rw-r--r-- | tests/home/testuser/.monkeysphere/monkeysphere.conf | 2 | ||||
| -rw-r--r-- | website/download.mdwn | 36 | ||||
| -rw-r--r-- | website/news/release-0.17-1.mdwn | 17 | ||||
| -rw-r--r-- | website/news/release-0.18-1.mdwn | 25 | ||||
| -rw-r--r-- | website/news/release-0.19-1.mdwn | 15 |
21 files changed, 322 insertions, 155 deletions
@@ -46,6 +46,8 @@ install: all installman install src/monkeysphere-server $(DESTDIR)$(PREFIX)/sbin install -m 0644 src/common $(DESTDIR)$(PREFIX)/share/monkeysphere install doc/* $(DESTDIR)$(PREFIX)/share/doc/monkeysphere + install -m 0644 etc/gnupg-host.conf $(DESTDIR)$(ETCPREFIX)/etc/monkeysphere/gnupg-host.conf$(ETCSUFFIX) + install -m 0644 etc/gnupg-authentication.conf $(DESTDIR)$(ETCPREFIX)/etc/monkeysphere/gnupg-authentication.conf$(ETCSUFFIX) install -m 0644 etc/monkeysphere.conf $(DESTDIR)$(ETCPREFIX)/etc/monkeysphere/monkeysphere.conf$(ETCSUFFIX) install -m 0644 etc/monkeysphere-server.conf $(DESTDIR)$(ETCPREFIX)/etc/monkeysphere/monkeysphere-server.conf$(ETCSUFFIX) diff --git a/debian/changelog b/debian/changelog index 4db311e..a7514a3 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,11 +1,38 @@ +monkeysphere (0.19-1) experimental; urgency=low + + [ Daniel Kahn Gillmor ] + * simulating an X11 session in the test script. + * updated packaging so that symlinks to config files are correct. + + -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 29 Oct 2008 02:47:49 -0400 + +monkeysphere (0.18-1) experimental; urgency=low + + [ Jameson Graef Rollins ] + * Fix bugs in authorized_{user_ids,keys} file permission checking. + * Add new monkeysphere tmpdir to enable atomic moves of authorized_keys + files. + * chown authorized_keys files to `whoami`, for compatibility with test + suite. + * major improvements to test suite, added more tests. + + [ Daniel Kahn Gillmor ] + * update make install to ensure placement of + /etc/monkeysphere/gnupg-{host,authentication}.conf + * choose either --quick-random or --debug-quick-random depending on + which gpg supports for the test suite. + + -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 29 Oct 2008 00:41:38 -0400 + monkeysphere (0.17-1) experimental; urgency=low + [ Jameson Graef Rollins ] * Fix some bugs in, and cleanup, authorized_keys file creation in monkeysphere-server update-users. * Move to using the empty string for not adding a user-controlled authorized_keys file in the RAW_AUTHORIZED_KEYS variable. - -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Mon, 27 Oct 2008 07:39:10 -0400 + -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 28 Oct 2008 02:04:22 -0400 monkeysphere (0.16-1) experimental; urgency=low diff --git a/debian/control b/debian/control index 8f5aeef..efd734b 100644 --- a/debian/control +++ b/debian/control @@ -2,7 +2,7 @@ Source: monkeysphere Section: net Priority: extra Maintainer: Daniel Kahn Gillmor <dkg@fifthhorseman.net> -Uploaders: Jameson Rollins <jrollins@fifthhorseman.net> +Uploaders: Jameson Graef Rollins <jrollins@phys.columbia.edu> Build-Depends: debhelper (>= 7.0), libgnutls-dev (>= 2.4.0) Standards-Version: 3.8.0.1 Homepage: http://web.monkeysphere.info/ diff --git a/debian/dirs b/debian/dirs deleted file mode 100644 index e9390a7..0000000 --- a/debian/dirs +++ /dev/null @@ -1,12 +0,0 @@ -var/lib/monkeysphere -var/lib/monkeysphere/authorized_keys -usr/bin -usr/sbin -usr/share -usr/share/monkeysphere -usr/share/man -usr/share/man/man1 -usr/share/man/man5 -usr/share/man/man8 -etc/monkeysphere -etc/monkeysphere/authorized_user_ids diff --git a/debian/monkeysphere.dirs b/debian/monkeysphere.dirs index b0b2d9c..cfafe15 100644 --- a/debian/monkeysphere.dirs +++ b/debian/monkeysphere.dirs @@ -1,4 +1,12 @@ -usr/share/monkeysphere var/lib/monkeysphere var/lib/monkeysphere/authorized_keys +var/lib/monkeysphere/tmp +usr/bin +usr/sbin +usr/share +usr/share/monkeysphere +usr/share/man +usr/share/man/man1 +usr/share/man/man5 +usr/share/man/man8 etc/monkeysphere diff --git a/debian/monkeysphere.postinst b/debian/monkeysphere.postinst index 27a50e0..02d6304 100755 --- a/debian/monkeysphere.postinst +++ b/debian/monkeysphere.postinst @@ -20,9 +20,9 @@ fi # install host gnupg home directory install --owner root --group monkeysphere --mode 750 -d "$VARLIB"/gnupg-host # link in the gpg.conf -ln -sTf "$ETC"/gpg-host.conf "$VARLIB"/gnupg-host/gpg.conf +ln -sTf "$ETC"/gnupg-host.conf "$VARLIB"/gnupg-host/gpg.conf # install authentication gnupg home directory install --owner monkeysphere --group monkeysphere --mode 700 -d "$VARLIB"/gnupg-authentication # link in the gpg.conf -ln -sTf "$ETC"/gpg-authentication.conf "$VARLIB"/gnupg-authentication/gpg.conf +ln -sTf "$ETC"/gnupg-authentication.conf "$VARLIB"/gnupg-authentication/gpg.conf diff --git a/etc/monkeysphere-server.conf b/etc/monkeysphere-server.conf index b69420a..8b9ffa4 100644 --- a/etc/monkeysphere-server.conf +++ b/etc/monkeysphere-server.conf @@ -23,6 +23,6 @@ # Path to a user controlled authorized_keys file to be added to the # monkeysphere-generated authorized_keys file. '%h' will be replaced # by the home directory of the user, and '%u' will by replaced by the -# username of the user. To not add any user-controlled file set this -# variable to be the empty string, "". -#RAW_AUTHORIZED_KEYS="%h/.ssh/authorized_keys" +# username of the user. Setting this variable to 'none' prevents the +# inclusion of user controlled authorized_keys file. +# RAW_AUTHORIZED_KEYS="%h/.ssh/authorized_keys" diff --git a/packaging/freebsd/Makefile b/packaging/freebsd/Makefile index 78ad0d3..984bc87 100644 --- a/packaging/freebsd/Makefile +++ b/packaging/freebsd/Makefile @@ -6,7 +6,7 @@ # PORTNAME= monkeysphere -PORTVERSION= 0.16 +PORTVERSION= 0.19 CATEGORIES= security MASTER_SITES= http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/ # hack for debian orig tarballs @@ -17,7 +17,7 @@ COMMENT= use the OpenPGP web of trust to verify ssh connections LIB_DEPENDS= gnutls.26:${PORTSDIR}/security/gnutls RUN_DEPENDS= base64:${PORTSDIR}/converters/base64 \ - gpg:${PORTSDIR}/security/gnupg \ + gpg:${PORTSDIR}/security/gnupg1 \ lockfile:${PORTSDIR}/mail/procmail \ /usr/local/bin/getopt:${PORTSDIR}/misc/getopt \ bash:${PORTSDIR}/shells/bash @@ -34,6 +34,12 @@ post-patch: find . -iname '*.orig' -delete post-install: + @if [ ! -f ${PREFIX}/etc/monkeysphere/gnupg-host.conf ]; then \ + ${CP} -p ${PREFIX}/etc/monkeysphere/gnupg-host.conf.sample ${PREFIX}/etc/monkeysphere/gnupg-host.conf ; \ + fi + @if [ ! -f ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf ]; then \ + ${CP} -p ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf.sample ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf ; \ + fi @if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere.conf ]; then \ ${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere.conf.sample ${PREFIX}/etc/monkeysphere/monkeysphere.conf ; \ fi diff --git a/packaging/freebsd/distinfo b/packaging/freebsd/distinfo index 16e88de..86aecd1 100644 --- a/packaging/freebsd/distinfo +++ b/packaging/freebsd/distinfo @@ -1,3 +1,3 @@ -MD5 (monkeysphere_0.16.orig.tar.gz) = 4bc223e8004e0e374bd54f0315585c49 -SHA256 (monkeysphere_0.16.orig.tar.gz) = f2dbd031315f99c82099a4a902f2240cca97536b035ef75872e72a65f324c9d7 -SIZE (monkeysphere_0.16.orig.tar.gz) = 66062 +MD5 (monkeysphere_0.19.orig.tar.gz) = 64c643dd0ab642bbc8814aec1718000e +SHA256 (monkeysphere_0.19.orig.tar.gz) = 321b77c1e10fe48ffbef8491893f5dd22842c35c11464efa7893150ce756a522 +SIZE (monkeysphere_0.19.orig.tar.gz) = 68335 diff --git a/packaging/freebsd/pkg-install b/packaging/freebsd/pkg-install index 5e520cd..d7e4dbe 100755 --- a/packaging/freebsd/pkg-install +++ b/packaging/freebsd/pkg-install @@ -15,6 +15,7 @@ # MySQL puts its data in /var/db/mysql VARLIB="/var/monkeysphere" +ETCDIR="/usr/local/etc/monkeysphere" case $2 in POST-INSTALL) @@ -56,20 +57,14 @@ POST-INSTALL) fi fi - ## set up the cache directories: + ## set up the cache directories, and link them to the config files: install -d -o root -g monkeysphere -m 750 "$VARLIB"/gnupg-host - cat <<EOF > "$VARLIB"/gnupg-host/gpg.conf -list-options show-uid-validity -EOF + ln -sf "$ETCDIR"/gnupg-host.conf "$VARLIB"/gnupg-host/gpg.conf install -d -o monkeysphere -g monkeysphere -m 700 "$VARLIB"/gnupg-authentication -# install authentication gpg.conf - cat <<EOF > "$VARLIB"/gnupg-authentication/gpg.conf -list-options show-uid-validity -primary-keyring $VARLIB/gnupg-authentication/pubring.gpg -keyring $VARLIB/gnupg-host/pubring.gpg -EOF + ln -sf "$ETCDIR"/gnupg-authentication.conf "$VARLIB"/gnupg-authentication/gpg.conf + chown monkeysphere:monkeysphere "$VARLIB"/gnupg-authentication/gpg.conf monkeysphere-server diagnostics @@ -24,7 +24,7 @@ export SYSCONFIGDIR # failure function. exits with code 255, unless specified otherwise. failure() { - echo "$1" >&2 + [ "$1" ] && echo "$1" >&2 exit ${2:-'255'} } @@ -393,8 +393,9 @@ test_gpg_expire() { # check that a file is properly owned, and that all it's parent # directories are not group/other writable check_key_file_permissions() { - local user + local uname local path + local stat local access local gAccess local oAccess @@ -404,30 +405,36 @@ check_key_file_permissions() { [ "$1" = "w" ] } - user="$1" + uname="$1" path="$2" - # return 0 is path does not exist - [ -e "$path" ] || return 0 + # return 255 if cannot stat file + if ! stat=$(ls -ld "$path" 2>/dev/null) ; then + log error "could not stat path '$path'." + return 255 + fi - owner=$(ls -l "$path" | awk '{ print $3 }') - gAccess=$(ls -l "$path" | cut -c6) - oAccess=$(ls -l "$path" | cut -c9) + owner=$(echo "$stat" | awk '{ print $3 }') + gAccess=$(echo "$stat" | cut -c6) + oAccess=$(echo "$stat" | cut -c9) - # check owner - if [ "$owner" != "$user" -a "$owner" != 'root' ] ; then + # return 1 if path has invalid owner + if [ "$owner" != "$uname" -a "$owner" != 'root' ] ; then + log error "improper ownership on path '$path'." return 1 fi - # check group/other writability + # return 2 if path has group or other writability if is_write "$gAccess" || is_write "$oAccess" ; then + log error "improper group or other writability on path '$path'." return 2 fi + # return zero if all clear, or go to next path if [ "$path" = '/' ] ; then return 0 else - check_key_file_permissions $(dirname "$path") + check_key_file_permissions "$uname" $(dirname "$path") fi } @@ -662,7 +669,7 @@ process_user_id() { else log debug " - unacceptable primary key." if [ -z "$sshKey" ] ; then - log error " ! primary key could not be translated (not RSA or DSA?)." + log error " ! primary key could not be translated (not RSA or DSA?)." else echo "1:${sshKey}" fi @@ -1018,7 +1025,7 @@ process_authorized_user_ids() { log debug "processing authorized_user_ids file..." if ! meat "$authorizedUserIDs" > /dev/null ; then - log debug "no user IDs to process." + log debug " no user IDs to process." return fi diff --git a/src/monkeysphere b/src/monkeysphere index dd689b5..7e800cc 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -318,10 +318,12 @@ case $COMMAND in 'update-known_hosts'|'update-known-hosts'|'k') MODE='known_hosts' + # touch the known_hosts file so that the file permission check + # below won't fail upon not finding the file + (umask 0022 && touch "$KNOWN_HOSTS") + # check permissions on the known_hosts file path - if ! check_key_file_permissions "$USER" "$KNOWN_HOSTS" ; then - failure "Improper permissions on known_hosts file path." - fi + check_key_file_permissions "$USER" "$KNOWN_HOSTS" || failure # if hosts are specified on the command line, process just # those hosts @@ -347,14 +349,10 @@ case $COMMAND in MODE='authorized_keys' # check permissions on the authorized_user_ids file path - if ! check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" ; then - failure "Improper permissions on authorized_user_ids file path." - fi + check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" || failure # check permissions on the authorized_keys file path - if ! check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" ; then - failure "Improper permissions on authorized_keys file path." - fi + check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" || failure # exit if the authorized_user_ids file is empty if [ ! -e "$AUTHORIZED_USER_IDS" ] ; then diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 6ca6a4f..5f0cb73 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -20,6 +20,11 @@ export SYSSHAREDIR SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"} export SYSDATADIR +# monkeysphere temp directory, in sysdatadir to enable atomic moves of +# authorized_keys files +MSTMPDIR="${SYSDATADIR}/tmp" +export MSTMPDIR + # UTC date in ISO 8601 format if needed DATE=$(date -u '+%FT%T') @@ -148,6 +153,8 @@ update_users() { unames=$(getent passwd | cut -d: -f1) fi + RETCODE=0 + # set mode MODE="authorized_keys" @@ -165,7 +172,7 @@ update_users() { # loop over users for uname in $unames ; do # check all specified users exist - if ! getent passwd "$uname" >/dev/null ; then + if ! id "$uname" >/dev/null ; then log error "----- unknown user '$uname' -----" continue fi @@ -173,7 +180,7 @@ update_users() { log verbose "----- user: $uname -----" # make temporary directory - TMPLOC=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) + TMPLOC=$(mktemp -d ${MSTMPDIR}/tmp.XXXXXXXXXX) # trap to delete temporary directory on exit trap "rm -rf $TMPLOC" EXIT @@ -194,6 +201,7 @@ update_users() { chown -R "$MONKEYSPHERE_USER" "$TMPLOC" # process authorized_user_ids file + log debug "checking for authorized_user_ids..." # translating ssh-style path variables authorizedUserIDs=$(translate_ssh_variables "$uname" "$AUTHORIZED_USER_IDS") if [ -s "$authorizedUserIDs" ] ; then @@ -213,20 +221,27 @@ update_users() { ". ${SYSSHAREDIR}/common; process_authorized_user_ids $TMP_AUTHORIZED_USER_IDS" RETURN="$?" else - log error "Improper permissions on path '$AUTHORIZED_USER_IDS'." + log debug "not processing authorized_user_ids." fi + else + log debug "empty or absent authorized_user_ids file." fi # add user-controlled authorized_keys file if specified # translate ssh-style path variables rawAuthorizedKeys=$(translate_ssh_variables "$uname" "$RAW_AUTHORIZED_KEYS") - if [ "$rawAuthorizedKeys" -a -s "$rawAuthorizedKeys" ] ; then - # check permissions on the authorized_keys file path - if check_key_file_permissions "$uname" "$rawAuthorizedKeys" ; then - log verbose "adding raw authorized_keys file... " - cat "$rawAuthorizedKeys" >> "$AUTHORIZED_KEYS" + if [ "$rawAuthorizedKeys" != 'none' ] ; then + log debug "checking for raw authorized_keys..." + if [ -s "$rawAuthorizedKeys" ] ; then + # check permissions on the authorized_keys file path + if check_key_file_permissions "$uname" "$rawAuthorizedKeys" ; then + log verbose "adding raw authorized_keys file... " + cat "$rawAuthorizedKeys" >> "$AUTHORIZED_KEYS" + else + log debug "not adding raw authorized_keys file." + fi else - log error "Improper permissions on path '$RAW_AUTHORIZED_KEYS'. Not added to authorized_keys file." + log debug "empty or absent authorized_keys file." fi fi @@ -235,12 +250,25 @@ update_users() { # openssh appears to check the contents of the # authorized_keys file as the user in question, so the # file must be readable by that user at least. - # FIXME: is there a better way to do this? - chown root "$AUTHORIZED_KEYS" - chgrp $(getent passwd "$uname" | cut -f4 -d:) "$AUTHORIZED_KEYS" - chmod g+r "$AUTHORIZED_KEYS" - mv -f "$AUTHORIZED_KEYS" "${SYSDATADIR}/authorized_keys/${uname}" + # but in general, we don't want the user tampering with + # this file directly, so we'll adopt this approach: Own + # the file by the monkeysphere-server invoker (usually + # root, but should be the same uid that sshd is launched + # as); change the group of the file so that members of the + # user's group can read it. + + # FIXME: is there a better way to do this? + chown $(whoami) "$AUTHORIZED_KEYS" && \ + chgrp $(id -g "$uname") "$AUTHORIZED_KEYS" && \ + chmod g+r "$AUTHORIZED_KEYS" && \ + mv -f "$AUTHORIZED_KEYS" "${SYSDATADIR}/authorized_keys/${uname}" || \ + { + log error "Failed to install authorized_keys for '$uname'!" + rm -f "${SYSDATADIR}/authorized_keys/${uname}" + # indicate that there has been a failure: + RETURN=1 + } else rm -f "${SYSDATADIR}/authorized_keys/${uname}" fi @@ -371,7 +399,7 @@ EOF (umask 077 && \ gpg_host --export-secret-key "$fingerprint" | \ openpgp2ssh "$fingerprint" > "${SYSDATADIR}/ssh_host_rsa_key") - log info "Private SSH host key output to file: ${SYSDATADIR}/ssh_host_rsa_key" + log info "private SSH host key output to file: ${SYSDATADIR}/ssh_host_rsa_key" } # extend the lifetime of a host key: diff --git a/tests/basic b/tests/basic index 46ba63c..d735578 100755 --- a/tests/basic +++ b/tests/basic @@ -19,18 +19,44 @@ gpgadmin() { GNUPGHOME="$TEMPDIR"/admin/.gnupg gpg "$@" } -launch_sshd() { +# test ssh connection +# first argument is expected return code from ssh connection +ssh_test() { + umask 0077 + + CODE=${1:-0} + + # start the ssh daemon on the socket + echo "##### starting ssh server..." socat EXEC:"/usr/sbin/sshd -f ${SSHD_CONFIG} -i -D -e" "UNIX-LISTEN:${SOCKET}" 2> "$TEMPDIR"/sshd.log & - export SSHD_PID=$! + SSHD_PID="$!" + # wait until the socket is created before continuing while [ ! -S "$SOCKET" ] ; do sleep 1 done -} -ssh_test() { + set +e + + # make a client connection to the socket + echo "##### starting ssh client..." ssh-agent bash -c \ "monkeysphere subkey-to-ssh-agent && ssh -F $TEMPDIR/testuser/.ssh/config testhost true" + RETURN="$?" + + # kill the sshd process if it's still running + kill "$SSHD_PID" + + set -e + + echo "##### return $RETURN" + if [ "$RETURN" = "$CODE" ] ; then + echo "##### ssh connection test returned as desired" + return 0 + else + echo "##### ssh connection test failed. expected return code $CODE" + return 1 + fi } failed_cleanup() { @@ -41,12 +67,15 @@ failed_cleanup() { cleanup } -cleanup() { - if ( ps "$SSHD_PID" >/dev/null ) ; then - echo "### stopping still-running sshd..." - kill "$SSHD_PID" +get_gpg_prng_arg() { + if (gpg --quick-random --version >/dev/null 2>&1) ; then + echo quick-random + elif (gpg --debug-quick-random --version >/dev/null 2>&1) ; then + echo debug-quick-random fi +} +cleanup() { echo "### removing temp dir..." rm -rf "$TEMPDIR" @@ -56,6 +85,8 @@ cleanup() { ## setup trap trap failed_cleanup EXIT + +### SETUP VARIABLES ## set up some variables to ensure that we're operating strictly in ## the tests, not system-wide: @@ -76,46 +107,73 @@ export PATH="$TESTDIR"/../src:"$TESTDIR"/../src/keytrans:"$PATH" export MONKEYSPHERE_SYSDATADIR="$TEMPDIR" export MONKEYSPHERE_SYSCONFIGDIR="$TEMPDIR" export MONKEYSPHERE_SYSSHAREDIR="$TESTDIR"/../src -export MONKEYSPHERE_MONKEYSPHERE_USER="$USER" +export MONKEYSPHERE_MONKEYSPHERE_USER=$(whoami) export MONKEYSPHERE_CHECK_KEYSERVER=false +export MONKEYSPHERE_LOG_LEVEL=DEBUG export SSHD_CONFIG="$TEMPDIR"/sshd_config export SOCKET="$TEMPDIR"/ssh-socket +export SSHD_PID= + +# Make sure $DISPLAY is set to convince ssh and monkeysphere to fall +# back on $SSH_ASKPASS. Make sure it's not set to the current actual +# $DISPLAY (if one exists) because this test suite should not be doing +# *anything* with any running X11 session. +export DISPLAY=monkeys + +### CONFIGURE ENVIRONMENTS # copy in admin and testuser home to tmp echo "### copying admin and testuser homes..." cp -a "$TESTDIR"/home/admin "$TEMPDIR"/ cp -a "$TESTDIR"/home/testuser "$TEMPDIR"/ -cat <<EOF >> "$TEMPDIR"/testuser/.ssh/config -UserKnownHostsFile $TEMPDIR/testuser/.ssh/known_hosts -ProxyCommand $TEMPDIR/testuser/.ssh/proxy-command %h %p $SOCKET +# set up environment for testuser +TESTHOME="$TEMPDIR"/testuser +export GNUPGHOME="$TESTHOME"/.gnupg +export SSH_ASKPASS="$TESTHOME"/.ssh/askpass +export MONKEYSPHERE_HOME="$TESTHOME"/.monkeysphere +cat <<EOF >> "$TESTHOME"/.ssh/config +UserKnownHostsFile $TESTHOME/.ssh/known_hosts +IdentityFile $TESTHOME/.ssh/no-such-identity +ProxyCommand $TESTHOME/.ssh/proxy-command %h %p $SOCKET EOF - -cat <<EOF >> "$TEMPDIR"/testuser/.monkeysphere/monkeysphere.conf -KNOWN_HOSTS=$TEMPDIR/testuser/.ssh/known_hosts +cat <<EOF >> "$MONKEYSPHERE_HOME"/monkeysphere.conf +KNOWN_HOSTS=$TESTHOME/.ssh/known_hosts EOF +get_gpg_prng_arg >> "$GNUPGHOME"/gpg.conf -# set up a simple default monkeysphere-server.conf -cat <<EOF >> "$TEMPDIR"/monkeysphere-server.conf -AUTHORIZED_USER_IDS="$TEMPDIR/testuser/.monkeysphere/authorized_user_ids" +# set up sshd +echo "### configuring sshd..." +cp etc/ssh/sshd_config "$SSHD_CONFIG" +# write the sshd_config +cat <<EOF >> "$SSHD_CONFIG" +HostKey ${MONKEYSPHERE_SYSDATADIR}/ssh_host_rsa_key +AuthorizedKeysFile ${MONKEYSPHERE_SYSDATADIR}/authorized_keys/%u EOF -### SERVER TESTS - -# setup monkeysphere temp gnupghome directories +# set up monkeysphere-server +echo "### configuring monkeysphere..." mkdir -p -m 750 "$MONKEYSPHERE_SYSDATADIR"/gnupg-host mkdir -p -m 700 "$MONKEYSPHERE_SYSDATADIR"/gnupg-authentication mkdir -p -m 700 "$MONKEYSPHERE_SYSDATADIR"/authorized_keys +mkdir -p -m 700 "$MONKEYSPHERE_SYSDATADIR"/tmp +cp etc/monkeysphere/monkeysphere-server.conf "$TEMPDIR"/monkeysphere-server.conf +cat <<EOF >> "$TEMPDIR"/monkeysphere-server.conf +AUTHORIZED_USER_IDS="$MONKEYSPHERE_HOME/authorized_user_ids" +EOF cat <<EOF > "$MONKEYSPHERE_SYSDATADIR"/gnupg-authentication/gpg.conf primary-keyring ${MONKEYSPHERE_SYSDATADIR}/gnupg-authentication/pubring.gpg keyring ${MONKEYSPHERE_SYSDATADIR}/gnupg-host/pubring.gpg EOF + +### SERVER TESTS + # create a new host key echo "### generating server key..." # add gpg.conf with quick-random -echo "quick-random" >> "$MONKEYSPHERE_SYSCONFIGDIR"/gnupg-host/gpg.conf +get_gpg_prng_arg >> "$MONKEYSPHERE_SYSCONFIGDIR"/gnupg-host/gpg.conf echo | monkeysphere-server gen-key --length 1024 --expire 0 testhost # remove the gpg.conf rm "$MONKEYSPHERE_SYSCONFIGDIR"/gnupg-host/gpg.conf @@ -135,27 +193,12 @@ echo y | gpgadmin --command-fd 0 --sign-key "$HOSTKEYID" echo "### adding admin as certifier..." echo y | monkeysphere-server add-identity-certifier "$TEMPDIR"/admin/.gnupg/pubkey.gpg -# initialize base sshd_config -cp etc/ssh/sshd_config "$SSHD_CONFIG" -# write the sshd_config -cat <<EOF >> "$SSHD_CONFIG" -HostKey ${MONKEYSPHERE_SYSDATADIR}/ssh_host_rsa_key -AuthorizedKeysFile ${MONKEYSPHERE_SYSDATADIR}/authorized_keys/%u -EOF - -# launch test sshd with the new host key. -echo "### starting sshd..." -launch_sshd ### TESTUSER TESTS -# generate an auth subkey for the test user +# generate an auth subkey for the test user that expires in 2 days echo "### generating key for testuser..." -export GNUPGHOME="$TEMPDIR"/testuser/.gnupg -export SSH_ASKPASS="$TEMPDIR"/testuser/.ssh/askpass -export MONKEYSPHERE_HOME="$TEMPDIR"/testuser/.monkeysphere - -monkeysphere gen-subkey --expire 0 +monkeysphere gen-subkey --expire 2 # add server key to testuser keychain echo "### export server key to testuser..." @@ -165,34 +208,37 @@ gpgadmin --armor --export "$HOSTKEYID" | gpg --import echo "### export testuser key to server..." gpg --export testuser | monkeysphere-server gpg-authentication-cmd --import echo "### update server authorized_keys file for this testuser..." -monkeysphere-server update-users "$USER" +monkeysphere-server update-users $(whoami) # connect to test sshd, using monkeysphere-ssh-proxycommand to verify # the identity before connection. This should work in both directions! -echo "### testuser connecting to sshd socket..." +echo "### ssh connection test for success..." ssh_test -# kill the previous sshd process if it's still running -kill "$SSHD_PID" - -# now remove the testuser's authorized_user_ids file and reupdate -# authorized_keys file... -echo "### removing testuser authorized_user_ids and reupdating authorized_keys..." -rm -f "$TEMPDIR"/testuser/.monkeysphere/authorized_user_ids -monkeysphere-server update-users "$USER" - -# restart the sshd -echo "### restarting sshd..." -launch_sshd - -# and make sure the user can no longer connect -echo "### testuser attempting to connect to sshd socket..." -# FIXME: this prompts for the passphrase for the default identity -# file. how can this be avoided? -ssh_test || SSH_RETURN="$?" -if [ "$SSH_RETURN" != '255' ] ; then - exit -fi +# remove the testuser's authorized_user_ids file, update, and make +# sure that the ssh authentication FAILS +echo "### removing testuser authorized_user_ids and updating..." +mv "$TESTHOME"/.monkeysphere/authorized_user_ids{,.bak} +monkeysphere-server update-users $(whoami) +echo "### ssh connection test for server authentication denial..." +ssh_test 255 +mv "$TESTHOME"/.monkeysphere/authorized_user_ids{.bak,} + +# put improper permissions on authorized_user_ids file, update, and +# make sure ssh authentication FAILS +echo "### setting group writability on authorized_user_ids and updating..." +chmod g+w "$TESTHOME"/.monkeysphere/authorized_user_ids +monkeysphere-server update-users $(whoami) +echo "### ssh connection test for server authentication denial..." +ssh_test 255 +chmod g-w "$TESTHOME"/.monkeysphere/authorized_user_ids +echo "### setting other writability on authorized_user_ids and updating..." +chmod o+w "$TESTHOME"/.monkeysphere/authorized_user_ids +monkeysphere-server update-users $(whoami) +echo "### ssh connection test for server authentication denial..." +ssh_test 255 +chmod o-w "$TESTHOME"/.monkeysphere/authorized_user_ids + trap - EXIT diff --git a/tests/etc/monkeysphere/monkeysphere-server.conf b/tests/etc/monkeysphere/monkeysphere-server.conf new file mode 100644 index 0000000..9cc396f --- /dev/null +++ b/tests/etc/monkeysphere/monkeysphere-server.conf @@ -0,0 +1,5 @@ +# Base monkeysphere-server.conf for monkeysphere tests + +# AUTHORIZED_USER_IDS variable will be added dynamically during test. + +RAW_AUTHORIZED_KEYS=none diff --git a/tests/home/testuser/.gnupg/gpg.conf b/tests/home/testuser/.gnupg/gpg.conf index f65c71b..c8cb60d 100644 --- a/tests/home/testuser/.gnupg/gpg.conf +++ b/tests/home/testuser/.gnupg/gpg.conf @@ -1,5 +1,3 @@ -# command to avoid depleting the system entropy -quick-random # other options verify-options show-uid-validity list-options show-uid-validity diff --git a/tests/home/testuser/.monkeysphere/monkeysphere.conf b/tests/home/testuser/.monkeysphere/monkeysphere.conf index 59cc0cf..dbe0233 100644 --- a/tests/home/testuser/.monkeysphere/monkeysphere.conf +++ b/tests/home/testuser/.monkeysphere/monkeysphere.conf @@ -1,3 +1,5 @@ # monkeysphere config for testuser in monkeysphere test suite +LOG_LEVEL=DEBUG + # KNOWN_HOSTS will be dynamically defined after creation. diff --git a/website/download.mdwn b/website/download.mdwn index 32ba9b7..e5ea72c 100644 --- a/website/download.mdwn +++ b/website/download.mdwn @@ -33,38 +33,38 @@ look at the source, we recommend [using git](/community). But if you want a tarball of the most recent release, we publish those too. The [latest -tarball](http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/monkeysphere_0.16.orig.tar.gz) +tarball](http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/monkeysphere_0.19.orig.tar.gz) has these checksums: <pre> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -checksums for the monkeysphere 0.16 release: +checksums for the monkeysphere 0.19 release: MD5: -4bc223e8004e0e374bd54f0315585c49 monkeysphere_0.16.orig.tar.gz +64c643dd0ab642bbc8814aec1718000e monkeysphere_0.19.orig.tar.gz SHA1: -82c78ea1aeecb3059a14af9dfab0f471ce315e38 monkeysphere_0.16.orig.tar.gz +ea3c263b084d2c0b7922cd96677be192201700e4 monkeysphere_0.19.orig.tar.gz SHA256: -f2dbd031315f99c82099a4a902f2240cca97536b035ef75872e72a65f324c9d7 monkeysphere_0.16.orig.tar.gz +321b77c1e10fe48ffbef8491893f5dd22842c35c11464efa7893150ce756a522 monkeysphere_0.19.orig.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) -iQIVAwUBSQQdZRjmZ/HrivMUAQJaIA/6AnZG0yYJJ+0C4S0McnBnLMyiA4zQzVsH -5J9dAYO771h0TZnlre1NZdgiP37YiPA1et24O/S7da0Ud/CND+V7CGrsxPzsfEbP -xTPVDST2BgvnDo9LYN4Q9h7QD4lOiGjhoJM6PN/R6Zo2OGiw+yZ8RP+BW5AxW21e -3AnasZ2XLEmwqI0AMl9OWsLk4NzeS7t+ycWjwJKINOk/5ghzlOR0Use/mRyTHvzy -GhMjrLoqtgHo85pAfAWT7LkwTt+FDVRzLZl2shzJszewvPFva+z2A8kvuY+vAzUw -CSvIAC5MSrheFUg1JC+6efVbUTgn3RZj+zn7CxyttVuRzjyrnY2WkiMOT5mKuZCg -LR42FEXnDCNHjreVLB6PoU1bOseohRbfK2yN+oDSoXmO4GoKetokGEWU/S+pi/gq -dhjyMZUYv1pgE9Vtz3ps0vVC4e8D/i39qEm7JB2AWPWU4jGX5cLCeEkrfXGsGWyu -OxGGywarXfNp83R62QTh2cPZlkACj3IwoYgZ2h8r98ikyJlQE0Y7V8uHKsx1DMJX -JBemkEVW5P7pZiRS7X2zqLGIDNwqBKNRnjZ7bAhqThJXpCBWNuZ+DjGY743BBddr -RAfQUvdjbSEOD78NMh6pLLg3iYJA902EVXZX8Q8JQnjg5GlUrB2yS5uz82dwjbpx -dy0gzEhr4DA= -=DY0y +iQIVAwUBSQgMCRjmZ/HrivMUAQI2Jg//bZoSxx0Nor6uBikRGHQny8LzgUT/0kpv +xg0eRmL9kQwhGis/sdOiJ9cHykJ1ukhRiIZGfxPBdxiQbWGs9nM6147TGIDgqx6D +yYIW41dvzTRB0TwjNd7g1q6MaSiDNuU/6dD+ooM3/IiR8PDR7X8we0WhSM63KD+v +HeMsN51UMhBfeaZ06fxrjYoJCvnp0YNYJpLuvtd5tzxqJCJA2Vh5VqJMbMP/MtbY +zM/zuNXRI1mJnQZeU++IaAnimX7c7SsGjLaloZG8mapYqqY0tKJ5Yod6aeloq+i5 +wI4gZuuPcgAntD6cnPaqB1ni/d71yywme5F75zpezXGzKzDSh1J5oE6akjMi2lJE +DSOKp7zb7TvDwXxCl+vOVod81F260gPhonlTsD/LpBfPGPBdWlWP+fFchb9N/a2u +weCMhUYX1u8Jg/bHIycjoQjPEgZwCkJT9RKF1NTLyWvb4P4a3sPe+fauCMZFbTQ/ +3EYPRBY+PfIDO09XswdB5O3gq6B33ChyWJpdwlXEEHMcFt1FuezuP0avVM9/3ZNp +MkqalDrUEd65X8o+CE3KjFxjMceVdda9mz2netnoHrFMW6X3mFqE2fTldgHi1mCT +hMCqpPzY04+HOHYZ0GapR3pvedd4dwhkNYrdpckp+nJMTRfexEPH/NXDVNH/mxKg +jLoIos0SaiY= +=VUsz -----END PGP SIGNATURE----- </pre> diff --git a/website/news/release-0.17-1.mdwn b/website/news/release-0.17-1.mdwn new file mode 100644 index 0000000..ec847fb --- /dev/null +++ b/website/news/release-0.17-1.mdwn @@ -0,0 +1,17 @@ +[[meta title="Monkeysphere 0.17-1 released!"]] + +# Monkeysphere 0.17-1 released! # + +Monkeysphere 0.17-1 has been released. + +Notes from the changelog: + +<pre> + [ Jameson Graef Rollins ] + * Fix some bugs in, and cleanup, authorized_keys file creation in + monkeysphere-server update-users. + * Move to using the empty string for not adding a user-controlled + authorized_keys file in the RAW_AUTHORIZED_KEYS variable. +</pre> + +[[Download]] it now! diff --git a/website/news/release-0.18-1.mdwn b/website/news/release-0.18-1.mdwn new file mode 100644 index 0000000..b434360 --- /dev/null +++ b/website/news/release-0.18-1.mdwn @@ -0,0 +1,25 @@ +[[meta title="Monkeysphere 0.18-1 released!"]] + +# Monkeysphere 0.18-1 released! # + +Monkeysphere 0.18-1 has been released. + +Notes from the changelog: + +<pre> + [ Jameson Graef Rollins ] + * Fix bugs in authorized_{user_ids,keys} file permission checking. + * Add new monkeysphere tmpdir to enable atomic moves of authorized_keys + files. + * chown authorized_keys files to `whoami`, for compatibility with test + suite. + * major improvements to test suite, added more tests. + + [ Daniel Kahn Gillmor ] + * update make install to ensure placement of + /etc/monkeysphere/gnupg-{host,authentication}.conf + * choose either --quick-random or --debug-quick-random depending on + which gpg supports for the test suite. +</pre> + +[[Download]] it now! diff --git a/website/news/release-0.19-1.mdwn b/website/news/release-0.19-1.mdwn new file mode 100644 index 0000000..f3336da --- /dev/null +++ b/website/news/release-0.19-1.mdwn @@ -0,0 +1,15 @@ +[[meta title="Monkeysphere 0.19-1 released!"]] + +# Monkeysphere 0.19-1 released! # + +Monkeysphere 0.19-1 has been released. + +Notes from the changelog: + +<pre> + [ Daniel Kahn Gillmor ] + * simulating an X11 session in the test script. + * updated packaging so that symlinks to config files are correct. +</pre> + +[[Download]] it now! |