summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Changelog (renamed from changelog)16
-rwxr-xr-xMakefile6
-rw-r--r--man/man1/monkeysphere.19
-rw-r--r--packaging/debian/changelog4
-rwxr-xr-xsrc/monkeysphere25
-rwxr-xr-xutils/build-releasenote4
-rw-r--r--utils/releasenote.header2
-rw-r--r--website/download.mdwn58
-rw-r--r--website/news/msva-perl-0.2.mdwn20
-rw-r--r--website/news/release-0.29.mdwn25
10 files changed, 131 insertions, 38 deletions
diff --git a/changelog b/Changelog
index e29cbaf..cac0386 100644
--- a/changelog
+++ b/Changelog
@@ -1,12 +1,22 @@
-monkeysphere (0.29~pre1) UNRELEASED; urgency=low
+monkeysphere (0.29) unstable; urgency=low
+ * This is mainly a bugfix release
* Fix man page typo about monkeysphere authorized_keys location
* Monkeysphere should work properly even if the user has "armor" in
their gpg.conf (closes MS #1625)
* monkeysphere keys-for-userid now respects MONKEYSPHERE_CHECK_KEYSERVER
environment variable (and defaults to true)
-
- -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 18 Feb 2010 12:38:43 -0500
+ * introduce monkeysphere sshfprs-for-userid (deprecates sshfpr), closes
+ MS #1436
+ * respect CHECK_KEYSERVER in more places (closes MS #1997)
+ * warn on keyserver failures for monkeysphere-authentication (closes MS
+ #1750)
+ * avoid checking trustdb for monkeysphere-host (closes MS #1957)
+ * allow monkeysphere-authentication to use hkps with trusted X.509 root
+ certificate authorities in
+ /etc/monkeysphere/monkeysphere-authentication-x509-anchors.crt
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 14 Mar 2010 21:00:47 -0400
monkeysphere (0.28) unstable; urgency=low
diff --git a/Makefile b/Makefile
index 4b0c9e1..aeb5d9a 100755
--- a/Makefile
+++ b/Makefile
@@ -5,7 +5,7 @@
# © 2008-2010 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
# Licensed under GPL v3 or later
-MONKEYSPHERE_VERSION = `head -n1 changelog | sed 's/.*(\([^-]*\)).*/\1/'`
+MONKEYSPHERE_VERSION = `head -n1 Changelog | sed 's/.*(\([^-]*\)).*/\1/'`
# these defaults are for debian. porters should probably adjust them
# before calling make install
@@ -21,7 +21,7 @@ tarball: clean
rm -rf monkeysphere-$(MONKEYSPHERE_VERSION)
mkdir -p monkeysphere-$(MONKEYSPHERE_VERSION)/doc
ln -s ../../website/getting-started-user.mdwn ../../website/getting-started-admin.mdwn ../../doc/TODO ../../doc/MonkeySpec monkeysphere-$(MONKEYSPHERE_VERSION)/doc
- ln -s ../changelog ../COPYING ../etc ../Makefile ../man ../src ../tests monkeysphere-$(MONKEYSPHERE_VERSION)
+ ln -s ../Changelog ../COPYING ../etc ../Makefile ../man ../src ../tests monkeysphere-$(MONKEYSPHERE_VERSION)
echo Monkeysphere $(MONKEYSPHERE_VERSION) > monkeysphere-$(MONKEYSPHERE_VERSION)/VERSION
echo -n "git revision " >> monkeysphere-$(MONKEYSPHERE_VERSION)/VERSION
git rev-parse HEAD >> monkeysphere-$(MONKEYSPHERE_VERSION)/VERSION
@@ -68,7 +68,7 @@ install: all installman
install -m 0644 src/share/mh/* $(DESTDIR)$(PREFIX)/share/monkeysphere/mh
install -m 0644 src/share/ma/* $(DESTDIR)$(PREFIX)/share/monkeysphere/ma
install doc/* $(DESTDIR)$(PREFIX)/share/doc/monkeysphere
- install changelog $(DESTDIR)$(PREFIX)/share/doc/monkeysphere
+ install Changelog $(DESTDIR)$(PREFIX)/share/doc/monkeysphere
install -m 0644 etc/monkeysphere.conf $(DESTDIR)$(ETCPREFIX)/etc/monkeysphere/monkeysphere.conf$(ETCSUFFIX)
install -m 0644 etc/monkeysphere-host.conf $(DESTDIR)$(ETCPREFIX)/etc/monkeysphere/monkeysphere-host.conf$(ETCSUFFIX)
install -m 0644 etc/monkeysphere-authentication.conf $(DESTDIR)$(ETCPREFIX)/etc/monkeysphere/monkeysphere-authentication.conf$(ETCSUFFIX)
diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1
index 4d8eab6..25421ce 100644
--- a/man/man1/monkeysphere.1
+++ b/man/man1/monkeysphere.1
@@ -128,14 +128,13 @@ specify the full fingerprints of specific keys to add to the agent
(space separated), instead of adding them all. `s' may be used in
place of `subkey\-to\-ssh\-agent'.
.TP
-.B sshfpr KEYID
-Output the ssh fingerprint of a key in your gpg keyring. `f' may be
-used in place of `fingerprint'.
-.TP
.B keys\-for\-userid USERID
-Output to stdout all acceptable keys for a given user ID literal.
+Output to stdout all acceptable keys for a given user ID.
`u' may be used in place of `keys\-for\-userid'.
.TP
+.B sshfprs\-for\-userid USERID
+Output the ssh fingerprints of acceptable keys for a given user ID.
+.TP
.B version
Show the monkeysphere version number. `v' may be used in place of
`version'.
diff --git a/packaging/debian/changelog b/packaging/debian/changelog
index d971ee6..eb5c441 100644
--- a/packaging/debian/changelog
+++ b/packaging/debian/changelog
@@ -1,4 +1,4 @@
-monkeysphere (0.29~pre1-1) UNRELEASED; urgency=low
+monkeysphere (0.29-1) unstable; urgency=low
[ Jameson Graef Rollins ]
* New upstream release
@@ -10,7 +10,7 @@ monkeysphere (0.29~pre1-1) UNRELEASED; urgency=low
administrators and users can choose to start up a validation agent for
each X session using monkeysphere.conf
- -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 12 Mar 2010 01:57:39 -0500
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 14 Mar 2010 21:07:17 -0400
monkeysphere (0.28-1) unstable; urgency=low
diff --git a/src/monkeysphere b/src/monkeysphere
index a763151..fe92960 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -48,9 +48,9 @@ subcommands:
ssh-proxycommand HOST [PORT] monkeysphere ssh ProxyCommand
--no-connect do not make TCP connection to host
subkey-to-ssh-agent (s) store authentication subkey in ssh-agent
- sshfpr (f) KEYID output ssh fingerprint of gpg key
- keys-for-userid (u) USERID output valid keys for user id literal
+ keys-for-userid (u) USERID output valid keys for given user ids
+ sshfprs-for-userid USERID output ssh fingerprints for given user ids
gen-subkey (g) [KEYID] generate an authentication subkey
--length (-l) BITS key length in bits (2048)
@@ -68,7 +68,7 @@ gpg_user() {
# output the ssh fingerprint of a gpg key
gpg_ssh_fingerprint() {
keyid="$1"
- local tmpfile=$(mktemp)
+ local tmpfile=$(msmktempfile)
# trap to remove tmp file if break
trap "rm -f $tmpfile" EXIT
@@ -271,7 +271,8 @@ case $COMMAND in
subkey_to_ssh_agent "$@"
;;
- 'sshfpr'|'f')
+ 'sshfpr')
+ echo "Warning: 'sshfpr' is deprecated. Please use 'sshfprs-for-userid' instead." >&2
gpg_ssh_fingerprint "$@"
;;
@@ -280,8 +281,24 @@ case $COMMAND in
keys_for_userid "$@"
;;
+ 'sshfprs-for-userid')
+ CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=${CHECK_KEYSERVER:="true"}}
+ keytmpdir=$(msmktempdir)
+ # use a file named " " to avoid arbitrary non-whitespace text
+ # in the fingerprint output
+ keytmpfile="$keytmpdir/ "
+ cd "$keytmpdir"
+ keys_for_userid "$@" | while read KEYLINE ; do
+ printf '%s\n' "$KEYLINE" > "$keytmpdir/ "
+ ssh-keygen -l -f ' '
+ done
+ rm -f "$keytmpfile"
+ rmdir "$keytmpdir"
+ ;;
+
'keys-from-userid')
echo "Warning: 'keys-from-userid' is deprecated. Please use 'keys-for-userid' instead." >&2
+ CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=${CHECK_KEYSERVER:="true"}}
keys_for_userid "$@"
;;
diff --git a/utils/build-releasenote b/utils/build-releasenote
index cac0869..71891ff 100755
--- a/utils/build-releasenote
+++ b/utils/build-releasenote
@@ -8,11 +8,11 @@
# Copyright: © 2008-2010
# License: GPL, v3 or later
-VERSION=`head -n1 changelog | sed 's/.*(\([^)]*\)).*/\1/'`
+VERSION=`head -n1 Changelog | sed 's/.*(\([^)]*\)).*/\1/'`
{
sed "s/__VERSION__/$VERSION/g" < utils/releasenote.header
- head -n$(( $(grep -n '^ --' changelog | head -n1 | cut -f1 -d:) - 2 )) changelog | tail -n+3
+ head -n$(( $(grep -n '^ --' Changelog | head -n1 | cut -f1 -d:) - 2 )) Changelog | tail -n+3
sed "s/__VERSION__/$VERSION/g" < utils/releasenote.footer
} > "website/news/release-$VERSION.mdwn"
diff --git a/utils/releasenote.header b/utils/releasenote.header
index cf08728..91fbcfc 100644
--- a/utils/releasenote.header
+++ b/utils/releasenote.header
@@ -1,4 +1,4 @@
-[[meta title="Monkeysphere __VERSION__ released!"]]
+[[!meta title="Monkeysphere __VERSION__ released!"]]
Monkeysphere __VERSION__ has been released.
diff --git a/website/download.mdwn b/website/download.mdwn
index 119c42a..7ffa8ed 100644
--- a/website/download.mdwn
+++ b/website/download.mdwn
@@ -7,6 +7,21 @@ page](/doc) to read up on how to get started [as a regular
user](/getting-started-user) or [as a systems
administrator](/getting-started-admin).
+# Installing the Firefox/Iceweasel add-on #
+
+To use the Monkeysphere for website validation, you will need the
+Firefox/Iceweasel add-on, the monkeysphere package and the
+validation agent.
+
+[Download and install the Firefox/Iceweasel
+add-on](http://archive.monkeysphere.info/xul-ext/monkeysphere.xpi)
+
+Once you have installed the add-on, you will need to restart your
+browser, and then proceed to install the monkeysphere package and
+validation agent below.
+
+# Installing the Monkeysphere package and validation agent #
+
## Dependencies ##
Monkeysphere relies on:
@@ -28,6 +43,13 @@ version as follows:
If you are running Debian stable, you can get the monkeysphere package
from [backports.org](http://backports.org/dokuwiki/doku.php?id=instructions)
+To get started using the Monkeysphere for website validation, you will
+need to install the Monkeysphere Validation Agent. Currently the perl
+version of the agent is available in Debian sid, or directly from our
+APT repository (see below):
+
+ aptitude install msva-perl
+
## Debian derivatives (including Ubuntu) ##
You can also install the Monkeysphere directly from the Monkeysphere
@@ -86,38 +108,38 @@ For those that would like to download the source directly, [the source
is available](/community) via [git](http://git.or.cz/).
The [latest
-tarball](http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/monkeysphere_0.28.orig.tar.gz)
+tarball](http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/monkeysphere_0.29.orig.tar.gz)
is also available, and has these checksums:
<pre>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
-checksums for the monkeysphere 0.28 release:
+checksums for the monkeysphere 0.29 release:
MD5:
-b66f671ec48725a0eb55de7de4d7ce6d monkeysphere_0.28.orig.tar.gz
+009e26cc77d38e25697cdea06eecd5ab monkeysphere_0.29.orig.tar.gz
SHA1:
-ead634e0ea0a795e8a96812b7397d318a4be54b0 monkeysphere_0.28.orig.tar.gz
+db1074d6c5f424859ddec31cff0a0b6214789f16 monkeysphere_0.29.orig.tar.gz
SHA256:
-b463577d36d6e8f5eb698d8e3c75d27bcfb3f928628c128f5d342e8a83bef6f2 monkeysphere_0.28.orig.tar.gz
+0e3c683b7d8a07e6ceae80cb0d3acf647c3f8c74cbaab527f73608dcdd1b01fb monkeysphere_0.29.orig.tar.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
-iQIVAwUBS1YAyBjmZ/HrivMUAQqbBBAAqhnDfDZukFUDEN6Y164o/AXMtBO20KUg
-GyrgjgJElQJC2oz9OooNJ60iPSOz/G+Wu5lSMnRqdKU8x50F7ogYE1Gnd+8J3c2G
-1ciDQbLrR7pE2jua7xyfA+SQgg3bSgSN/7Jl61+OosQpcI/WnJvOQWKA6TI+iRGC
-B4g87ZRSRUAVZoFDRY0lBINP70+riGrYm8b2tgp7FbpgVBtUFL8gsmxnPZ7cGYF2
-yTwg9ZCAlDQ6LIZ7DAwb2lUAtAHtlLfAhulr3qLW2SNc95vcJ7Ss7CjgIuCL8qTe
-2zX2fysG7Hgbi0G0GNjv+yomOFlRGWC1Gf3pv0Clmy7cVgIgcP61nE3djFSYa9vk
-k7cKtppNEzoleEjz+dMIOezcXCdLO2g+sQfpaYU5acRp95ouCaXYINS8DYDkaKwj
-Wjra6BSCbClzZYblOJIlCmK4JJPE4EB8NShL/VXSwV8uvtNniGNpGHeHqaKvbT+Y
-RYlCzL+/Ruyv1dQbtiBtErB8yP+psheoQYk6lU7nNy+MTH+R/xXrbHxptSDRQwru
-O1hbfONnEK6JfdVQI4zEBuBz8NVuZPPQqqy1mxLSWMxWKz4GtNbTXOR1tRFVqlxk
-eCTYdhhyIz7gu8EUwvTLZoqKOB6kQWS1ygycFRi/g+DOOXuSpazF5XmutF6HpJx1
-1nK2WBl5loE=
-=164p
+iQIVAwUBS52/UhjmZ/HrivMUAQr98g/7B+6CCN9vrJFNZp2KX+jTcxBLRxY/2cJp
+fIjtaNzoyr86Q6gXzsgavB6E+olqhM3YR2gy6Z+fzNe8CdI74ikFCb0b8JpbzU6a
+F5et7RqQ/pkQrCawrVPTZnompqfJrWBPYZU5is85SJgX4jJrgUFrGbvTq2PsJDbC
+w9H8oOxELmCGYUAxRYGcQKdhQTBoRYz0a7/DzKt4sQHYbNblO1T2YNuqBxn372Wp
+bd8xholyfO6EjCfoEJPee8Uf1sxE4nhsYFYIHsuckqLbcdoE8crAmjeDdDt+yVCO
+N35Y/SRKNbIe/Nj8NSwAobd8N2DWj1qBWtHbT8Mw5kyd65kRPnfTQII5W0/3m3rT
+DwcXGsMMfOsPEMtAYfmGOaIdEH9y2O7tmV1Om2CGx0AV9F9F3RnyNlYB6mfVaUVO
+fZOJuUU61FoGRYCb/R4DF0IdFUhy0yMgTgT5tAYGMFpHd5ZTYgzIAWrIbV7QhrHs
+9LgrnJYffScHjjsE6NjjvOZQe9RrI25ZLHZEMo/zhZEMMzdIne8IZUXvz68v1wN9
+mLcGRMG8B1CT4gXyi1uy1he7Zw0Hmz2Kbq619alRmyV8CqNhNrvMQicRqklKvcuW
+mwKQx+bOxpwZgW4/46EDHJ4nUOaGjVXIwoDdisvKU5jDIMZBXB4lLJtPNFFsv18D
+AxOLE3KlzF0=
+=372c
-----END PGP SIGNATURE-----
</pre>
diff --git a/website/news/msva-perl-0.2.mdwn b/website/news/msva-perl-0.2.mdwn
new file mode 100644
index 0000000..cb01bb8
--- /dev/null
+++ b/website/news/msva-perl-0.2.mdwn
@@ -0,0 +1,20 @@
+[[!meta title="Monkeysphere Validation Agent (Perl) 0.2 released!"]]
+
+Version 0.2 of the Perl implementation of the Monkeysphere Validation
+Agent has been released.
+
+Notes from the changelog:
+
+<pre>
+ * can now be invoked with a sub-command; will run until subcommand
+ completes, and then terminate with the same return code (this is
+ similar to the ssh-agent technique, and enables inclusion in
+ Xsession.d; see monkeysphere 0.29 package for automatic startup).
+ * chooses arbitrary open port by default (can still be specified with
+ MSVA_PORT environment variable)
+ * minimized logging spew by default.
+ * now shipping README.schema (notes about possible future MSVA
+ implementations)
+ * cleanup Makefile and distribution strategies.
+</pre>
+
diff --git a/website/news/release-0.29.mdwn b/website/news/release-0.29.mdwn
new file mode 100644
index 0000000..e113614
--- /dev/null
+++ b/website/news/release-0.29.mdwn
@@ -0,0 +1,25 @@
+[[!meta title="Monkeysphere 0.29 released!"]]
+
+Monkeysphere 0.29 has been released.
+
+Notes from the changelog:
+
+<pre>
+ * This is mainly a bugfix release
+ * Fix man page typo about monkeysphere authorized_keys location
+ * Monkeysphere should work properly even if the user has "armor" in
+ their gpg.conf (closes MS #1625)
+ * monkeysphere keys-for-userid now respects MONKEYSPHERE_CHECK_KEYSERVER
+ environment variable (and defaults to true)
+ * introduce monkeysphere sshfprs-for-userid (deprecates sshfpr), closes
+ MS #1436
+ * respect CHECK_KEYSERVER in more places (closes MS #1997)
+ * warn on keyserver failures for monkeysphere-authentication (closes MS
+ #1750)
+ * avoid checking trustdb for monkeysphere-host (closes MS #1957)
+ * allow monkeysphere-authentication to use hkps with trusted X.509 root
+ certificate authorities in
+ /etc/monkeysphere/monkeysphere-authentication-x509-anchors.crt
+</pre>
+
+[[Download]] it now!