summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/common32
-rwxr-xr-xsrc/monkeysphere18
-rwxr-xr-xsrc/monkeysphere-server33
3 files changed, 74 insertions, 9 deletions
diff --git a/src/common b/src/common
index d56028f..01e6f32 100644
--- a/src/common
+++ b/src/common
@@ -240,6 +240,9 @@ process_user_id() {
# hash userid for cache file name
userIDHash=$(echo "$userID" | sha1sum | awk '{ print $1 }')
+ # make sure the cache directory exists
+ mkdir -p "$cacheDir"
+
# touch/clear key cache file
# (will be left empty if there are noacceptable keys)
> "$cacheDir"/"$userIDHash"."$pubKeyID"
@@ -285,16 +288,16 @@ update_userid() {
cacheDir="$2"
log "processing userid: '$userID'"
+
userIDKeyCache=$(process_user_id "$userID" "$cacheDir")
+
if [ -z "$userIDKeyCache" ] ; then
return 1
fi
if ! grep -q "^${userID}\$" "$AUTHORIZED_USER_IDS" ; then
- echo "the following userid is not in the authorized_user_ids file:"
- echo " $userID"
- read -p "would you like to add it? [Y|n]: " OK; OK=${OK:=Y}
+ read -p "user ID not currently authorized. authorize? [Y|n]: " OK; OK=${OK:=Y}
if [ ${OK/y/Y} = 'Y' ] ; then
- log -n "adding userid to authorized_user_ids file... "
+ log -n "adding user ID to authorized_user_ids file... "
echo "$userID" >> "$AUTHORIZED_USER_IDS"
echo "done."
else
@@ -303,6 +306,24 @@ update_userid() {
fi
}
+# remove a userid from the authorized_user_ids file
+remove_userid() {
+ local userID
+
+ userID="$1"
+
+ log "processing userid: '$userID'"
+
+ if ! grep -q "^${userID}\$" "$AUTHORIZED_USER_IDS" ; then
+ log "user ID not currently authorized."
+ return 1
+ fi
+
+ log -n "removing user ID '$userID'... "
+ grep -v "$userID" "$AUTHORIZED_USER_IDS" | sponge "$AUTHORIZED_USER_IDS"
+ echo "done."
+}
+
# process a host for addition to a known_host file
process_host() {
local host
@@ -373,7 +394,8 @@ update_authorized_keys() {
cat "$userAuthorizedKeys" >> "$msAuthorizedKeys"
echo "done."
fi
- log "monkeysphere authorized_keys file generated: $msAuthorizedKeys"
+ log "monkeysphere authorized_keys file generated:"
+ log "$msAuthorizedKeys"
}
# process an authorized_*_ids file
diff --git a/src/monkeysphere b/src/monkeysphere
index 997ca58..1ba51d7 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -35,7 +35,8 @@ MonkeySphere client tool.
subcommands:
update-known_hosts (k) [HOST]... update known_hosts file
- update-userids (u) [USERID]... add/update userid
+ update-userids (u) [USERID]... add/update user IDs
+ remove-userids (r) [USERID]... remove user IDs
update-authorized_keys (a) update authorized_keys file
gen-ae-subkey (g) KEYID generate an 'ae' capable subkey
help (h,?) this help
@@ -164,13 +165,26 @@ case $COMMAND in
fi
;;
- 'update-userids'|'u')
+ 'update-userids'|'update-userid'|'u')
if [ -z "$1" ] ; then
failure "you must specify at least one userid."
fi
for userID ; do
update_userid "$userID" "$userKeysCacheDir"
done
+ log "run the following to update your monkeysphere authorized_keys file:"
+ log "$PGRM update-authorized_keys"
+ ;;
+
+ 'remove-userids'|'remove-userid'|'r')
+ if [ -z "$1" ] ; then
+ failure "you must specify at least one userid."
+ fi
+ for userID ; do
+ remove_userid "$userID"
+ done
+ log "run the following to update your monkeysphere authorized_keys file:"
+ log "$PGRM update-authorized_keys"
;;
'update-authorized_keys'|'update-authorized-keys'|'a')
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index 922aad3..13221c5 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -35,7 +35,8 @@ subcommands:
gen-key (g) generate gpg key for the server
publish-key (p) publish server key to keyserver
trust-keys (t) KEYID... mark keyids as trusted
- update-user-userids (u) USER UID... add/update userids for a user
+ update-user-userids (u) USER UID... add/update user IDs for a user
+ remove-user-userids (r) USER UID... remove user IDs for a user
help (h,?) this help
EOF
@@ -179,7 +180,7 @@ case $COMMAND in
done
;;
- 'update-user-userids'|'u')
+ 'update-user-userids'|'update-user-userid'|'u')
uname="$1"
shift
if [ -z "$uname" ] ; then
@@ -200,6 +201,34 @@ case $COMMAND in
for userID ; do
update_userid "$userID" "$cacheDir"
done
+
+ log "run the following to update user's authorized_keys file:"
+ log "$PGRM update-users $uname"
+ ;;
+
+ 'remove-user-userids'|'remove-user-userid'|'r')
+ uname="$1"
+ shift
+ if [ -z "$uname" ] ; then
+ failure "you must specify user."
+ fi
+ if [ -z "$1" ] ; then
+ failure "you must specify at least one userid."
+ fi
+
+ # set variables for the user
+ AUTHORIZED_USER_IDS="$MS_HOME"/authorized_user_ids/"$uname"
+
+ # make sure user's authorized_user_ids file exists
+ touch "$AUTHORIZED_USER_IDS"
+
+ # process the user IDs
+ for userID ; do
+ remove_userid "$userID"
+ done
+
+ log "run the following to update user's authorized_keys file:"
+ log "$PGRM update-users $uname"
;;
'help'|'h'|'?')