diff options
| -rw-r--r-- | src/share/mh/revoke_hostname | 27 | ||||
| -rwxr-xr-x | tests/basic | 27 |
2 files changed, 27 insertions, 27 deletions
diff --git a/src/share/mh/revoke_hostname b/src/share/mh/revoke_hostname index 44ba312..7e4d573 100644 --- a/src/share/mh/revoke_hostname +++ b/src/share/mh/revoke_hostname @@ -27,16 +27,6 @@ if [ -z "$1" ] ; then failure "You must specify a hostname to revoke." fi -echo "WARNING: There is a known bug in this function. -This function has been known to occasionally revoke the wrong hostname. -Please see the following bug report for more information: -https://labs.riseup.net/code/issues/show/422" >&2 -printf "Are you sure you would like to proceed? (y/N) " >&2 -read OK; OK=${OK:=N} -if [ ${OK/y/Y} != 'Y' ] ; then - failure "aborting." -fi - userID="ssh://${1}" # make sure the user ID to revoke @@ -53,19 +43,10 @@ else log debug "revoking user ID without prompting." fi -# edit-key script command to revoke user ID -revuidCommand="$uidIndex -revuid -y -4 -Hostname removed by monkeysphere-host: $DATE - -y -save" -# end script - -# execute edit-key script -if echo "$revuidCommand" | gpg_host_edit ; then +# actually revoke: +if <"$GNUPGHOME_HOST/secring.gpg" "$SYSSHAREDIR/keytrans" revokeuserid \ + "$HOST_FINGERPRINT" "$userID" | gpg_host --import ; then + gpg_host --check-trustdb update_gpg_pub_file diff --git a/tests/basic b/tests/basic index b4ad064..d83749b 100755 --- a/tests/basic +++ b/tests/basic @@ -76,7 +76,7 @@ ssh_test() { || RETURN="$?" # kill the sshd process if it's still running - kill "$SSHD_PID" + kill "$SSHD_PID" || true SSHD_PID= if [ "$RETURN" = "$CODE" ] ; then @@ -429,12 +429,31 @@ chmod o-w "$TESTHOME"/.monkeysphere.linktest rm "$TESTHOME"/.monkeysphere mv "$TESTHOME"/.monkeysphere{.bak,} +# ensure we're back to normal: +echo +echo "##################################################" +echo "### making sure we are back to normal..." +monkeysphere-authentication update-users $(whoami) +ssh_test + +echo +echo "##################################################" +echo "### ssh connection test with hostname 'testhost2' added..." +monkeysphere-host add-hostname testhost2 +ssh_test + +echo +echo "##################################################" +echo "### ssh connection test for failure with 'testhost' revoked..." +monkeysphere-host revoke-hostname testhost +ssh_test 255 + # FIXME: addtest: remove admin as id-certifier and check ssh failure -# FIXME: addtest: add hostname on host key -# FIXME: addtest: revoke hostname on host key and check ssh failure +# FIXME: addtest: how do we test that set-expire makes sense after new +# hostnames have been added? -# addtest: revoke the host key and check ssh failure +# FIXME: addtest: revoke the host key and check ssh failure # test to make sure things are OK after the previous tests: echo |