summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/share/common9
-rw-r--r--src/share/m/ssh_proxycommand8
-rwxr-xr-xsrc/transitions/0.236
3 files changed, 14 insertions, 9 deletions
diff --git a/src/share/common b/src/share/common
index 1c16ac6..bfe73a3 100644
--- a/src/share/common
+++ b/src/share/common
@@ -149,9 +149,14 @@ cutline() {
head --line="$1" "$2" | tail -1
}
-# make a temporary directly
+# make a temporary directory
msmktempdir() {
- mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX
+ mktemp -d ${TMPDIR:-/tmp}/monkeysphere.XXXXXXXXXX
+}
+
+# make a temporary file
+msmktempfile() {
+ mktemp ${TMPDIR:-/tmp}/monkeysphere.XXXXXXXXXX
}
# this is a wrapper for doing lock functions.
diff --git a/src/share/m/ssh_proxycommand b/src/share/m/ssh_proxycommand
index d7e801e..e07b637 100644
--- a/src/share/m/ssh_proxycommand
+++ b/src/share/m/ssh_proxycommand
@@ -64,11 +64,11 @@ An OpenPGP key matching the ssh key offered by the host was found:
EOF
- # do some crazy "Here Strings" redirection to get the key to
- # ssh-keygen, since it doesn't read from stdin cleanly
- sshFingerprint=$(ssh-keygen -l -f /dev/stdin \
- <<<$(echo "$sshKeyGPG") | \
+ sshKeyGPGFile=$(msmktempfile)
+ printf "%s" "$sshKeyGPG" >"$sshKeyGPGFile"
+ sshFingerprint=$(ssh-keygen -l -f "$sshKeyGPGFile" \
awk '{ print $2 }')
+ rm -f "$sshKeyGPGFile"
# get the sigs for the matching key
gpgSigOut=$(gpg --check-sigs \
diff --git a/src/transitions/0.23 b/src/transitions/0.23
index 6cbf995..f09dfff 100755
--- a/src/transitions/0.23
+++ b/src/transitions/0.23
@@ -121,7 +121,7 @@ if [ -d "$SYSDATADIR"/gnupg-host ] ; then
CERTKEY=$(mktemp ${TMPDIR:-/tmp}/mstransition.XXXXXXXX)
log "Adding identity certifier with fingerprint %s\n" "$keyfpr"
- GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --no-permission-warning --export "0x$keyfpr" --export-clean >"$CERTKEY"
+ GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --no-permission-warning --export "0x$keyfpr" --export-options export-clean >"$CERTKEY"
MONKEYSPHERE_PROMPT=false monkeysphere-authentication add-identity-certifier $finaldomain --trust "$truststring" --depth "$trustdepth" "$CERTKEY"
rm -f "$CERTKEY"
# clear the fingerprint so that we don't
@@ -149,7 +149,7 @@ if [ -d "$SYSDATADIR"/gnupg-host ] ; then
log "importing host key from old monkeysphere installation\n"
GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --no-permission-warning --export-secret-keys | \
- GNUPGHOME="$MHDATADIR" gpg --import
+ GNUPGHOME="$MHDATADIR" gpg --quiet --no-tty --import
monkeysphere-host update-gpg-pub-file
else
@@ -171,7 +171,7 @@ fi
# the new authentication keyring.
if [ -d "${SYSDATADIR}/gnupg-authentication" ] ; then
- GNUPGHOME="${SYSDATADIR}/gnupg-authentication" gpg --export | \
+ GNUPGHOME="${SYSDATADIR}/gnupg-authentication" gpg --no-permission-warning --export | \
monkeysphere-authentication gpg-cmd --import
mkdir -p "$STASHDIR"