diff options
Diffstat (limited to 'src/share')
| -rw-r--r-- | src/share/common | 30 | ||||
| -rw-r--r-- | src/share/ma/add_certifier | 27 | ||||
| -rw-r--r-- | src/share/ma/diagnostics | 2 | ||||
| -rw-r--r-- | src/share/ma/list_certifiers | 40 | ||||
| -rw-r--r-- | src/share/ma/remove_certifier | 10 | ||||
| -rw-r--r-- | src/share/ma/setup | 47 | ||||
| -rw-r--r-- | src/share/mh/add_hostname | 16 | ||||
| -rw-r--r-- | src/share/mh/add_revoker | 21 | ||||
| -rw-r--r-- | src/share/mh/diagnostics | 2 | ||||
| -rw-r--r-- | src/share/mh/gen_key | 87 | ||||
| -rw-r--r-- | src/share/mh/import_key | 45 | ||||
| -rw-r--r-- | src/share/mh/publish_key | 32 | ||||
| -rw-r--r-- | src/share/mh/revoke_hostname | 18 | ||||
| -rw-r--r-- | src/share/mh/set_expire | 14 |
14 files changed, 220 insertions, 171 deletions
diff --git a/src/share/common b/src/share/common index 2a20c1c..773c11f 100644 --- a/src/share/common +++ b/src/share/common @@ -92,15 +92,22 @@ log() { # run command as monkeysphere user su_monkeysphere_user() { - # if the current user is the monkeysphere user, then just eval - # command - if [ $(id -un) = "$MONKEYSPHERE_USER" ] ; then - eval "$@" + case $(id -un) in + # if monkeysphere user, run the command under bash + "$MONKEYSPHERE_USER") + bash -c "$@" + ;; - # otherwise su command as monkeysphere user - else - su "$MONKEYSPHERE_USER" -c "$@" - fi + # if root, su command as monkeysphere user + 'root') + su "$MONKEYSPHERE_USER" -c "$@" + ;; + + # otherwise, fail + *) + log error "non-privileged user." + ;; + esac } # cut out all comments(#) and blank lines from standard input @@ -136,6 +143,7 @@ lock() { else lockfile -r 20 "${file}.lock" || failure "unable to lock '$file'" fi + log debug "lock created on '$file'." ;; touch) if [ -n "$use_lockfileprogs" ] ; then @@ -143,6 +151,7 @@ lock() { else : Nothing to do here fi + log debug "lock touched on '$file'." ;; remove) if [ -n "$use_lockfileprogs" ] ; then @@ -150,6 +159,7 @@ lock() { else rm -f "${file}.lock" fi + log debug "lock removed on '$file'." ;; *) failure "bad argument for lock subfunction '$action'" @@ -430,6 +440,8 @@ check_key_file_permissions() { uname="$1" path="$2" + log debug "checking path permission '$path'..." + # return 255 if cannot stat file if ! stat=$(ls -ld "$path" 2>/dev/null) ; then log error "could not stat path '$path'." @@ -1018,6 +1030,8 @@ update_authorized_keys() { # remove the lockfile and the trap lock remove "$AUTHORIZED_KEYS" + + # remove the trap trap - EXIT # note if the authorized_keys file was updated diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier index e9731cc..54ea673 100644 --- a/src/share/ma/add_certifier +++ b/src/share/ma/add_certifier @@ -90,30 +90,37 @@ if [ -f "$keyID" ] ; then fi else # get the key from the key server + log debug "retrieving key from keyserver..." gpg_sphere "--keyserver $KEYSERVER --recv-key '0x${keyID}!'" || failure "Could not receive a key with this ID from the '$KEYSERVER' keyserver." fi export keyID -# get the full fingerprint of a key ID -fingerprint=$(gpg_sphere "--list-key --with-colons --with-fingerprint 0x${keyID}!" | \ - grep '^fpr:' | grep "$keyID" | cut -d: -f10) +# get the full fingerprint of new certifier key +log debug "getting fingerprint of certifier key..." +fingerprint=$(gpg_sphere "--list-key --with-colons --with-fingerprint 0x${keyID}!" \ + | grep '^fpr:' | grep "$keyID" | cut -d: -f10) if [ -z "$fingerprint" ] ; then failure "Key '$keyID' not found." fi -log info -e "\nkey found:" +log info "key found:" gpg_sphere "--fingerprint 0x${fingerprint}!" -echo "Are you sure you want to add the above key as a" -read -p "certifier of users on this system? (y/N) " OK; OK=${OK:-N} -if [ "${OK/y/Y}" != 'Y' ] ; then - failure "Identity certifier not added." +if [ "$PROMPT" = "true" ] ; then + echo "Are you sure you want to add the above key as a" + read -p "certifier of users on this system? (y/N) " OK; OK=${OK:-N} + if [ "${OK/y/Y}" != 'Y' ] ; then + failure "Identity certifier not added." + fi +else + log debug "adding key without prompting." fi # export the key to the core keyring so that the core can sign the # new certifier key +log debug "exporting retrieved certifier key to core keyring..." gpg_sphere "--export 0x${fingerprint}!" | gpg_core --import case "$trust" in @@ -142,6 +149,7 @@ EOF ) # core ltsigns the newly imported certifier key +log debug "executing core ltsign script..." if echo "$ltsignCommand" | \ gpg_core --quiet --command-fd 0 --edit-key "0x${fingerprint}!" ; then @@ -149,9 +157,10 @@ if echo "$ltsignCommand" | \ gpg_core_sphere_sig_transfer # update the sphere trustdb + log debug "updating sphere trustdb..." gpg_sphere "--check-trustdb" - log info -e "\nIdentity certifier added." + log info "Identity certifier added." else failure "Problem adding identify certifier." fi diff --git a/src/share/ma/diagnostics b/src/share/ma/diagnostics index 45a8ce2..0411080 100644 --- a/src/share/ma/diagnostics +++ b/src/share/ma/diagnostics @@ -120,7 +120,7 @@ fi if [ "$problemsfound" -gt 0 ]; then echo "When the above $problemsfound issue"$(if [ "$problemsfound" -eq 1 ] ; then echo " is" ; else echo "s are" ; fi)" resolved, please re-run:" - echo " monkeysphere-authentication expert diagnostics" + echo " monkeysphere-authentication diagnostics" else echo "Everything seems to be in order!" fi diff --git a/src/share/ma/list_certifiers b/src/share/ma/list_certifiers index e37485e..5a0388e 100644 --- a/src/share/ma/list_certifiers +++ b/src/share/ma/list_certifiers @@ -17,14 +17,42 @@ list_certifiers() { local keys local key +local authfpr -# find trusted keys in authentication keychain -keys=$(gpg_sphere "--no-options --list-options show-uid-validity --keyring ${GNUPGHOME_AUTHENTICATION}/pubring.gpg --list-keys --with-colons --fingerprint" | \ - grep ^pub: | cut -d: -f2,5 | egrep '^(u|f):' | cut -d: -f2) +# find trusted keys in sphere keychain +log debug "finding trusted keys..." -# output keys -for key in $keys ; do - gpg_sphere "--no-options --list-options show-uid-validity --keyring ${GNUPGHOME_AUTHENTICATION}/pubring.gpg --list-key --fingerprint $key" +# FIXME: this assumes that the keygrip (16 hex chars) is unique; we're +# only searching by keygrip at the moment. + +authgrip=$(core_fingerprint | cut -b 25-40) + +# We're walking the list of known signatures, and extracting all trust +# signatures made by the core fingerprint and known to the sphere +# keyring. + +# for each one of these, we're printing (colon-delimited): the +# fingerprint, the trust depth, the trust level (60 == marginal, 120 +# == full), and the domain regex (if any): + +gpg_sphere "--fingerprint --with-colons --fixed-list-mode --check-sigs" | \ + cut -f 1,2,5,8,9,10 -d: | \ + egrep '^(fpr:::::|sig:!:'"$authgrip"':[[:digit:]]+ [[:digit:]]+:)' | \ + while IFS=: read -r type validity grip trustparams trustdomain fpr ; do + case $type in + 'fpr') # this is a new key + keyfpr=$fpr + ;; + 'sig') # print all trust signatures, including regexes if present + trustdepth=${trustparams%% *} + trustlevel=${trustparams##* } + + # FIXME: this is clumsy and not human-friendly. we should + # print out more human-readable information, if possible. + printf "%s:%d:%d:%s\n" "$keyfpr" "$trustdepth" "$trustlevel" "$trustdomain" + ;; + esac done + } diff --git a/src/share/ma/remove_certifier b/src/share/ma/remove_certifier index 1164162..8271ae0 100644 --- a/src/share/ma/remove_certifier +++ b/src/share/ma/remove_certifier @@ -23,13 +23,16 @@ if [ -z "$keyID" ] ; then failure "You must specify the key ID of a key to remove." fi -if gpg_sphere "--no-options --list-options show-uid-validity --keyring ${GNUPGHOME_AUTHENTICATION}/pubring.gpg --list-key 0x${keyID}!" ; then +# FIXME: should we be doing a fancier list_certifier output here? +gpg_core --list-key --fingerprint "0x${keyID}!" || failure + +if [ "$PROMPT" = "true" ] ; then read -p "Really remove above listed identity certifier? (y/N) " OK; OK=${OK:-N} if [ "${OK/y/Y}" != 'Y' ] ; then failure "Identity certifier not removed." fi else - failure + log debug "certifier removed without prompting." fi # delete the requested key from the sphere keyring @@ -41,7 +44,8 @@ if gpg_sphere "--delete-key --batch --yes 0x${keyID}!" ; then # update the trustdb for the authentication keyring gpg_sphere "--check-trustdb" - log info -e "\nIdentity certifier removed." + log info "" + log info "Identity certifier removed." else failure "Problem removing identity certifier." fi diff --git a/src/share/ma/setup b/src/share/ma/setup index 034f047..f59187b 100644 --- a/src/share/ma/setup +++ b/src/share/ma/setup @@ -23,6 +23,7 @@ setup() { # deliberately replace the config files via truncation # FIXME: should we be dumping to tmp files and then moving atomically? + log debug "writing core gpg.conf..." cat >"${GNUPGHOME_CORE}"/gpg.conf <<EOF # Monkeysphere trust core GnuPG configuration # This file is maintained by the Monkeysphere software. @@ -30,62 +31,78 @@ setup() { no-greeting list-options show-uid-validity EOF - + + log debug "writing sphere gpg.conf..." cat >"${GNUPGHOME_SPHERE}"/gpg.conf <<EOF # Monkeysphere trust sphere GnuPG configuration # This file is maintained by the Monkeysphere software. # Edits will be overwritten. no-greeting -primary-keyring ${GNUPGHOME_SPHERE}/pubring.gpg list-options show-uid-validity EOF - # make sure the monkeysphere user owns everything in th sphere + # make sure the monkeysphere user owns everything in the sphere # gnupghome - chown -R "$MONKEYPSHER_USER" "${GNUPGHOME_SPHERE}" - chgrp -R "$MONKEYPSHER_USER" "${GNUPGHOME_SPHERE}" + log debuf "fixing sphere gnupg home ownership..." + chown -R "$MONKEYSPHERE_USER" "${GNUPGHOME_SPHERE}" + chgrp -R "$MONKEYSPHERE_USER" "${GNUPGHOME_SPHERE}" # get fingerprint of core key. this should be empty on unconfigured systems. - local CORE_FPR=$(gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key | grep ^fpr: | cut -f10 -d: ) + local CORE_FPR=$(core_fingerprint) + log debug "core fingerprint: $CORE_FPR" if [ -z "$CORE_FPR" ] ; then - log info "Setting up Monkeysphere authentication trust core..." + log info "setting up Monkeysphere authentication trust core..." local CORE_UID=$(printf "Monkeysphere authentication trust core UID (random string: %s)" $(head -c21 </dev/urandom | base64)) log debug "generating monkeysphere authentication trust core key ($CORE_KEYLENGTH bits)..." - PEM2OPENPGP_USAGE_FLAGS=certify PEM2OPENPGP_NEWKEY=$CORE_KEYLENGTH pem2openpgp "$CORE_UID" | gpg_core --import || failure "Could not import new key for Monkeysphere authentication trust core" + PEM2OPENPGP_USAGE_FLAGS=certify \ + PEM2OPENPGP_NEWKEY=$CORE_KEYLENGTH pem2openpgp "$CORE_UID" \ + | gpg_core --import \ + || failure "Could not import new key for Monkeysphere authentication trust core" # get fingerprint of core key. should definitely not be empty at this point - log debug "get core key fingerprint..." - CORE_FPR=$(gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key | grep ^fpr: | cut -f10 -d: ) + CORE_FPR=$(core_fingerprint) + log debug "core fingerprint: $CORE_FPR" if [ -z "$CORE_FPR" ] ; then failure "Failed to create Monkeysphere authentication trust core!" fi else - log verbose "This system has already set up the Monkeysphere authentication trust core." + log verbose "Monkeysphere authentication trust core already exists." fi + # export the core key to the sphere keyring + log debug "exporting core pub key to sphere keyring..." + gpg_core --export | gpg_sphere --import # ensure that the authentication sphere checker has absolute ownertrust on the expected key. - log debug "set ultimate owner trust on core key in gpg_sphere..." + log debug "setting ultimate owner trust on core key in gpg_sphere..." printf "%s:6:\n" "$CORE_FPR" | gpg_sphere --import-ownertrust + gpg_sphere --export-ownertrust | log debug + + # check the owner trust + log debug "checking gpg_sphere owner trust set properly..." local ORIG_TRUST - log debug "check gpg_sphere owner trust set properly..." if ORIG_TRUST=$(gpg_sphere --export-ownertrust | grep '^[^#]') ; then if [ "${CORE_FPR}:6:" != "$ORIG_TRUST" ] ; then failure "Monkeysphere authentication trust sphere should explicitly trust the core. It does not have proper ownertrust settings." fi else failure "Could not get monkeysphere-authentication trust guidelines." + # FIXME: what does this mean? should we suggest how to fix? fi # ensure that we're using the extended trust model (1), and that # our preferences are reasonable (i.e. 3 marginal OR 1 fully # trusted certifications are sufficient to grant full validity. - log debug "check trust level of core key..." - if [ "1:3:1" != $(gpg_sphere --with-colons --fixed-list-mode --list-keys | head -n1 | grep ^tru: cut -f3,6,7 -d:) ] ; then + log debug "checking trust model for authentication ..." + local TRUST_MODEL=$(gpg_sphere "--with-colons --fixed-list-mode --list-keys" \ + | head -n1 | grep "^tru:" | cut -d: -f3,6,7) + log debug "sphere trust model: $TRUST_MODEL" + if [ "$TRUST_MODEL" != '1:3:1' ] ; then failure "monkeysphere-authentication does not have the expected trust model settings." + # FIXME: what does this mean? should we suggest how to fix? fi } diff --git a/src/share/mh/add_hostname b/src/share/mh/add_hostname index 46326bb..70bbec3 100644 --- a/src/share/mh/add_hostname +++ b/src/share/mh/add_hostname @@ -31,11 +31,15 @@ userID="ssh://${1}" find_host_userid > /dev/null && \ failure "Host userID '$userID' already exists." -echo "The following user ID will be added to the host key:" -echo " $userID" -read -p "Are you sure you would like to add this user ID? (y/N) " OK; OK=${OK:=N} -if [ ${OK/y/Y} != 'Y' ] ; then - failure "User ID not added." +if [ "$PROMPT" = "true" ] ; then + echo "The following user ID will be added to the host key:" + echo " $userID" + read -p "Are you sure you would like to add this user ID? (y/N) " OK; OK=${OK:=N} + if [ ${OK/y/Y} != 'Y' ] ; then + failure "User ID not added." + fi +else + log debug "adding user ID without prompting." fi # edit-key script command to add user ID @@ -51,6 +55,8 @@ EOF # execute edit-key script if echo "$adduidCommand" | gpg_host_edit ; then + update_gpg_pub_file + show_key echo diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker index 39dfaca..b4113df 100644 --- a/src/share/mh/add_revoker +++ b/src/share/mh/add_revoker @@ -53,7 +53,7 @@ if [ -f "$keyID" ] ; then fi else # create a temporary directory for storing the downloaded key - TMPLOC=$(mktemp -d ${MHTMPDIR}/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!" + TMPLOC=$(mktemp -d "${MHTMPDIR}"/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!" # download the key from the keyserver as the monkeysphere user su_monkeysphere_user \ @@ -74,17 +74,20 @@ if [ -z "$fingerprint" ] ; then failure "Key '$keyID' not found." fi -log info -e "\nkey found:" +log info "key found:" gpg_host --fingerprint "0x${fingerprint}!" -echo "Are you sure you want to add the above key as a" -read -p "revoker of the host key? (y/N) " OK; OK=${OK:-N} -if [ "${OK/y/Y}" != 'Y' ] ; then - failure "Revoker not added." +if [ "$PROMPT" = "true" ] ; then + echo "Are you sure you want to add the above key as a" + read -p "revoker of the host key? (y/N) " OK; OK=${OK:-N} + if [ "${OK/y/Y}" != 'Y' ] ; then + failure "revoker not added." + fi +else + log debug "adding revoker without prompting." fi # edit-key script to add revoker -# NOTE: *all* user IDs will be ltsigned addrevokerCommand=$(cat <<EOF addrevoker @@ -98,7 +101,9 @@ failure "not implemented yet!" if echo "$addrevokerCommand" | \ gpg_core_edit ; then - log info -e "\nRevoker added." + update_gpg_pub_file + + log info "Revoker added." else failure "Problem adding revoker." fi diff --git a/src/share/mh/diagnostics b/src/share/mh/diagnostics index 96065e6..d774723 100644 --- a/src/share/mh/diagnostics +++ b/src/share/mh/diagnostics @@ -152,7 +152,7 @@ fi if [ "$problemsfound" -gt 0 ]; then echo "When the above $problemsfound issue"$(if [ "$problemsfound" -eq 1 ] ; then echo " is" ; else echo "s are" ; fi)" resolved, please re-run:" - echo " monkeysphere-host expert diagnostics" + echo " monkeysphere-host diagnostics" else echo "Everything seems to be in order!" fi diff --git a/src/share/mh/gen_key b/src/share/mh/gen_key deleted file mode 100644 index 7b427e4..0000000 --- a/src/share/mh/gen_key +++ /dev/null @@ -1,87 +0,0 @@ -# -*-shell-script-*- -# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant) - -# Monkeysphere host gen-key subcommand -# -# The monkeysphere scripts are written by: -# Jameson Rollins <jrollins@finestructure.net> -# Jamie McClelland <jm@mayfirst.org> -# Daniel Kahn Gillmor <dkg@fifthhorseman.net> -# -# They are Copyright 2008-2009, and are all released under the GPL, -# version 3 or later. - -gen_key() { - -local hostName=$(hostname -f) -local keyType="RSA" -local keyLength="2048" -local keyUsage="auth" -local keyExpire="0" -local userID - -# check for presense of a key -[ "$HOST_FINGERPRINT" ] && \ - failure "An OpenPGP host key already exists." - -# get options -while true ; do - case "$1" in - -l|--length) - keyLength="$2" - shift 2 - ;; - *) - if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then - failure "Unknown option '$1'. -Type '$PGRM help' for usage." - fi - break - ;; - esac -done - -hostName="$1" -userID="ssh://${hostName}" - -# create host home -mkdir -p "$GNUPGHOME_HOST" -chmod 700 "$GNUPGHOME_HOST" - -log debug "generating host key..." -gpg_host --batch --gen-key <<EOF -Key-Type: $keyType -Key-Length: $keyLength -Key-Usage: $keyUsage -Name-Real: $userID -Expire-Date: $keyExpire - -%commit -%echo done - -EOF - -# find the key fingerprint of the newly converted key -HOST_FINGERPRINT=$(get_host_fingerprint) -export HOST_FINGERPRINT - -# translate the private key to ssh format, and export to a file -# for sshs usage. -# NOTE: assumes that the primary key is the proper key to use -log debug "exporting ssh secret key..." -(umask 077 && \ - gpg_host --export-secret-key "$HOST_FINGERPRINT" | \ - openpgp2ssh "$HOST_FINGERPRINT" > "${MHDATADIR}/ssh_host_rsa_key") -log info "SSH host private key output to file: ${MHDATADIR}/ssh_host_rsa_key" - -log debug "creating ssh public key..." -ssh-keygen -y -f "${MHDATADIR}/ssh_host_rsa_key" > "$HOST_KEY_PUB" -log info "SSH host public key output to file: $HOST_KEY_PUB" - -# export public key to file -gpg_host_export_to_ssh_file - -# show info about new key -show_key - -} diff --git a/src/share/mh/import_key b/src/share/mh/import_key index 99511a8..d14fc13 100644 --- a/src/share/mh/import_key +++ b/src/share/mh/import_key @@ -14,31 +14,48 @@ import_key() { local hostName +local domain local userID -# check for presense of a key -[ "$HOST_FINGERPRINT" ] && \ - failure "An OpenPGP host key already exists." - -hostName=${1:-$(hostname -f)} +hostName="$1" + +# use the default hostname if not specified +if [ -z "$hostName" ] ; then + hostName=$(hostname -f) + # test that the domain is not obviously illegitimate + domain=${foo##*.} + case $domain in + 'local'|'localdomain') + failure "Host domain '$domain' is not legitimate. Aborting key import." + ;; + esac + # test that there are at least two parts + if (( $(echo "$hostName" | tr . ' ' | wc -w) < 2 )) ; then + failure "Host name '$hostName' is not legitimate. Aborting key import." + fi +fi userID="ssh://${hostName}" # create host home -mkdir -p "$GNUPGHOME_HOST" -chmod 700 "$GNUPGHOME_HOST" +mkdir -p "${MHDATADIR}" +mkdir -p "${MHTMPDIR}" +mkdir -p "${GNUPGHOME_HOST}" +chmod 700 "${GNUPGHOME_HOST}" log verbose "importing ssh key..." # translate ssh key to a private key -PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" | \ - gpg_host --import +PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \ + | gpg_host --import -# find the key fingerprint of the newly converted key -HOST_FINGERPRINT=$(get_host_fingerprint) -export HOST_FINGERPRINT +# load the new host fpr into the fpr variable. this is so we can +# create the gpg pub key file. we have to do this from the secret key +# ring since we obviously don't have the gpg pub key file yet, since +# that's what we're trying to produce (see below). +load_fingerprint_secret -# export public key to file -gpg_host_export_to_ssh_file +# export to gpg public key to file +update_gpg_pub_file # show info about new key show_key diff --git a/src/share/mh/publish_key b/src/share/mh/publish_key index 988b450..b433ad7 100644 --- a/src/share/mh/publish_key +++ b/src/share/mh/publish_key @@ -15,17 +15,33 @@ publish_key() { -read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N} -if [ ${OK/y/Y} != 'Y' ] ; then - failure "key not published." +local GNUPGHOME + +if [ "$PROMPT" = "true" ] ; then + read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N} + if [ ${OK/y/Y} != 'Y' ] ; then + failure "key not published." + fi +else + log debug "publishing key without prompting." fi -# find the key fingerprint -fingerprint=$(fingerprint_host_key) +# create a temporary gnupg directory from which to publish the key +export GNUPGHOME=$(mktemp -d) + +# trap to remove tmp dir if break +trap "rm -rf $GNUPGHOME" EXIT + +# import the host key into the tmp dir +su_monkeysphere_user \ + "gpg --quiet --import" <"$HOST_KEY_FILE" # publish host key -# FIXME: need to define how to do this -#gpg_authentication "--keyserver $KEYSERVER --send-keys '0x${fingerprint}!'" -echo "not published!!!" +su_monkeysphere_user \ + "gpg --keyserver $KEYSERVER --send-keys '0x${HOST_FINGERPRINT}!'" + +# remove the tmp file +trap - EXIT +rm -rf "$GNUPGHOME" } diff --git a/src/share/mh/revoke_hostname b/src/share/mh/revoke_hostname index 940b5f4..77f1f0d 100644 --- a/src/share/mh/revoke_hostname +++ b/src/share/mh/revoke_hostname @@ -30,7 +30,7 @@ fi echo "WARNING: There is a known bug in this function." echo "This function has been known to occasionally revoke the wrong user ID." echo "Please see the following bug report for more information:" -echo "http://web.monkeysphere.info/bugs/revoke-hostname-revoking-wrong-userid/" +echo "https://labs.riseup.net/code/issues/show/422" read -p "Are you sure you would like to proceed? (y/N) " OK; OK=${OK:=N} if [ ${OK/y/Y} != 'Y' ] ; then failure "aborting." @@ -42,11 +42,15 @@ userID="ssh://${1}" uidIndex=$(find_host_userid) || \ failure "No non-revoked user ID found matching '$userID'." -echo "The following host key user ID will be revoked:" -echo " $userID" -read -p "Are you sure you would like to revoke this user ID? (y/N) " OK; OK=${OK:=N} -if [ ${OK/y/Y} != 'Y' ] ; then - failure "User ID not revoked." +if [ "$PROMPT" = "true" ] ; then + echo "The following host key user ID will be revoked:" + echo " $userID" + read -p "Are you sure you would like to revoke this user ID? (y/N) " OK; OK=${OK:=N} + if [ ${OK/y/Y} != 'Y' ] ; then + failure "User ID not revoked." + fi +else + log debug "revoking user ID without prompting." fi # edit-key script command to revoke user ID @@ -65,6 +69,8 @@ EOF # execute edit-key script if echo "$revuidCommand" | gpg_host_edit ; then + update_gpg_pub_file + show_key echo diff --git a/src/share/mh/set_expire b/src/share/mh/set_expire index 653149f..14d2501 100644 --- a/src/share/mh/set_expire +++ b/src/share/mh/set_expire @@ -21,11 +21,25 @@ local extendTo # get the new expiration date extendTo=$(get_gpg_expiration "$1") +if [ "$PROMPT" = "true" ] ; then + read -p "Are you sure you want to change the expiration on the host key to '$extendTo'? (y/N) " OK; OK=${OK:-N} + if [ "${OK/y/Y}" != 'Y' ] ; then + failure "expiration not set." + fi +else + log debug "extending without prompting." +fi + +log info "setting host key expiration to ${extendTo}:" + +log debug "executing host expire script..." gpg_host_edit expire <<EOF $extendTo save EOF +update_gpg_pub_file + cat <<EOF | log info NOTE: Host key expiration date adjusted, but not yet published. Run '$PGRM publish-key' to publish the new expiration date. |