summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rwxr-xr-xsrc/monkeysphere-authentication11
-rwxr-xr-xsrc/monkeysphere-host11
-rw-r--r--src/share/ma/add_certifier5
-rw-r--r--src/share/ma/list_certifiers1
-rw-r--r--src/share/ma/setup12
-rw-r--r--src/share/mh/add_revoker4
-rw-r--r--src/share/mh/import_key2
7 files changed, 20 insertions, 26 deletions
diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication
index 8a4146f..1def4cd 100755
--- a/src/monkeysphere-authentication
+++ b/src/monkeysphere-authentication
@@ -75,7 +75,7 @@ gpg_core() {
GNUPGHOME="$GNUPGHOME_CORE"
export GNUPGHOME
- gpg "$@"
+ gpg --no-greeting --quiet --no-tty "$@"
}
# function to interact with the gpg sphere keyring
@@ -85,15 +85,15 @@ gpg_sphere() {
GNUPGHOME="$GNUPGHOME_SPHERE"
export GNUPGHOME
- su_monkeysphere_user "gpg $@"
+ su_monkeysphere_user "gpg --no-greeting --quiet --no-tty $@"
}
# output to stdout the core fingerprint from the gpg core secret
# keyring
core_fingerprint() {
log debug "determining core key fingerprint..."
- gpg_core --quiet --list-secret-key \
- --with-colons --fixed-list-mode --with-fingerprint \
+ gpg_core --list-secret-key --with-colons \
+ --fixed-list-mode --with-fingerprint \
| grep ^fpr: | cut -d: -f10
}
@@ -101,8 +101,7 @@ core_fingerprint() {
gpg_core_sphere_sig_transfer() {
log debug "exporting core local sigs to sphere..."
gpg_core --export-options export-local-sigs --export | \
- gpg_sphere "--import-options import-local-sigs --import" \
- 2>&1 | log debug
+ gpg_sphere "--import-options import-local-sigs --import"
}
########################################################################
diff --git a/src/monkeysphere-host b/src/monkeysphere-host
index c7e011b..7e8dd27 100755
--- a/src/monkeysphere-host
+++ b/src/monkeysphere-host
@@ -77,7 +77,7 @@ EOF
# function to interact with the gpg keyring
gpg_host() {
- GNUPGHOME="$GNUPGHOME_HOST" gpg "$@"
+ GNUPGHOME="$GNUPGHOME_HOST" gpg --no-greeting --quiet --no-tty "$@"
}
# command to list the info about the host key, in colon format, to
@@ -93,9 +93,7 @@ gpg_host_list() {
# FIXME: should we supress all the edit script spew? or pipe it
# through log debug?
gpg_host_edit() {
- gpg_host --no-greeting --quiet \
- --command-fd 0 --no-tty --edit-key \
- "0x${HOST_FINGERPRINT}!" "$@" 2>&1 | log debug
+ gpg_host --command-fd 0 --edit-key "0x${HOST_FINGERPRINT}!" "$@"
}
# export the host public key to the monkeysphere gpg pub key file
@@ -127,8 +125,7 @@ load_fingerprint() {
# gpg host secret key
load_fingerprint_secret() {
HOST_FINGERPRINT=$( \
- gpg_host --quiet --list-secret-key \
- --with-colons --with-fingerprint \
+ gpg_host --list-secret-key --with-colons --with-fingerprint \
| grep '^fpr:' | cut -d: -f10 )
}
@@ -142,7 +139,7 @@ check_host_key() {
check_host_no_key() {
[ -s "$HOST_KEY_FILE" ] \
|| failure "You don't appear to have a Monkeysphere host key on this server.
-Please run 'monkeysphere-host import-key' first."
+Please run 'monkeysphere-host import-key...' first."
}
# output the index of a user ID on the host key
diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier
index d34f0de..2f29759 100644
--- a/src/share/ma/add_certifier
+++ b/src/share/ma/add_certifier
@@ -151,15 +151,14 @@ EOF
# core ltsigns the newly imported certifier key
log debug "executing core ltsign script..."
if echo "$ltsignCommand" | \
- gpg_core --quiet --command-fd 0 --no-tty --edit-key "0x${fingerprint}!" \
- 2>&1 | log debug ; then
+ gpg_core --command-fd 0 --edit-key "0x${fingerprint}!" ; then
# transfer the new sigs back to the sphere keyring
gpg_core_sphere_sig_transfer
# update the sphere trustdb
log debug "updating sphere trustdb..."
- gpg_sphere "--check-trustdb" 2>&1 | log debug
+ gpg_sphere "--check-trustdb"
log info "Identity certifier added."
else
diff --git a/src/share/ma/list_certifiers b/src/share/ma/list_certifiers
index a02487d..38a3222 100644
--- a/src/share/ma/list_certifiers
+++ b/src/share/ma/list_certifiers
@@ -86,5 +86,4 @@ gpg_sphere "--fingerprint --with-colons --fixed-list-mode --check-sigs" | \
esac
done
-
}
diff --git a/src/share/ma/setup b/src/share/ma/setup
index a17e4f2..6969d71 100644
--- a/src/share/ma/setup
+++ b/src/share/ma/setup
@@ -59,7 +59,7 @@ EOF
log debug "generating monkeysphere authentication trust core key ($CORE_KEYLENGTH bits)..."
PEM2OPENPGP_USAGE_FLAGS=certify \
PEM2OPENPGP_NEWKEY=$CORE_KEYLENGTH pem2openpgp "$CORE_UID" \
- | gpg_core --import 2>&1 | log debug \
+ | gpg_core --import \
|| failure "Could not import new key for Monkeysphere authentication trust core"
# get fingerprint of core key. should definitely not be empty at this point
@@ -75,17 +75,17 @@ EOF
# export the core key to the sphere keyring
log debug "exporting core pub key to sphere keyring..."
- gpg_core --quiet --export | gpg_sphere "--quiet --import"
+ gpg_core --export | gpg_sphere "--import"
# ensure that the authentication sphere checker has absolute ownertrust on the expected key.
log debug "setting ultimate owner trust on core key in gpg_sphere..."
- printf "%s:6:\n" "$CORE_FPR" | gpg_sphere "--quiet --import-ownertrust"
- gpg_sphere "--export-ownertrust" 2>&1 | log debug
+ printf "%s:6:\n" "$CORE_FPR" | gpg_sphere "--import-ownertrust"
+ gpg_sphere "--export-ownertrust"
# check the owner trust
log debug "checking gpg_sphere owner trust set properly..."
local ORIG_TRUST
- if ORIG_TRUST=$(gpg_sphere "--quiet --export-ownertrust" | grep '^[^#]') ; then
+ if ORIG_TRUST=$(gpg_sphere "--export-ownertrust" | grep '^[^#]') ; then
if [ "${CORE_FPR}:6:" != "$ORIG_TRUST" ] ; then
failure "Monkeysphere authentication trust sphere should explicitly trust the core. It does not have proper ownertrust settings."
fi
@@ -98,7 +98,7 @@ EOF
# our preferences are reasonable (i.e. 3 marginal OR 1 fully
# trusted certifications are sufficient to grant full validity.
log debug "checking trust model for authentication ..."
- local TRUST_MODEL=$(gpg_sphere "--quiet --with-colons --fixed-list-mode --list-keys" \
+ local TRUST_MODEL=$(gpg_sphere "--with-colons --fixed-list-mode --list-keys" \
| head -n1 | grep "^tru:" | cut -d: -f3,6,7)
log debug "sphere trust model: $TRUST_MODEL"
if [ "$TRUST_MODEL" != '1:3:1' ] ; then
diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker
index b4113df..dfce4e1 100644
--- a/src/share/mh/add_revoker
+++ b/src/share/mh/add_revoker
@@ -57,10 +57,10 @@ else
# download the key from the keyserver as the monkeysphere user
su_monkeysphere_user \
- "GNUPGHOME=$TMPLOC gpg --keyserver $KEYSERVER --recv-key 0x${keyID}!"
+ "GNUPGHOME=$TMPLOC gpg --quiet --keyserver $KEYSERVER --recv-key 0x${keyID}!"
# export the new key to the host keyring
- su_monkeysphere_user "GNUPGHOME=$TMPLOC gpg --export 0x${keyID}!" \
+ su_monkeysphere_user "GNUPGHOME=$TMPLOC gpg --quiet --export 0x${keyID}!" \
| gpg_host --import
fi
diff --git a/src/share/mh/import_key b/src/share/mh/import_key
index 557bb7f..266bf05 100644
--- a/src/share/mh/import_key
+++ b/src/share/mh/import_key
@@ -46,7 +46,7 @@ chmod 700 "${GNUPGHOME_HOST}"
log verbose "importing ssh key..."
# translate ssh key to a private key
PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
- | gpg_host --import 2>&1 | log debug
+ | gpg_host --import
# load the new host fpr into the fpr variable. this is so we can
# create the gpg pub key file. we have to do this from the secret key