| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2013-02-06 | incorporate example combined ProxyCommand from sanoj_ | Daniel Kahn Gillmor | |
| 2013-01-18 | enable openpgp2pem as well from keytrans | Daniel Kahn Gillmor | |
| 2012-09-11 | fetch all keys instead of the first 5 (and work better with gpg 2.0.19, ↵ | Daniel Kahn Gillmor | |
| which apparently does not retrieve keys from gpg --search if the --batch argument is also present) | |||
| 2012-03-20 | add --batch to gpg invocations, since gpg2 requires it to use --passphrase-* ↵ | Daniel Kahn Gillmor | |
| arguments | |||
| 2012-03-16 | use date somewhat more portably | Daniel Kahn Gillmor | |
| 2012-02-24 | fix url in man page, fixes #635648 | Micah Anderson | |
| 2011-01-02 | genericized x509 certificate generation -- now works for any service, not ↵ | Daniel Kahn Gillmor | |
| just https (invoke it like "make-x509-certreqs imap" for imap:// keys, etc) | |||
| 2010-12-21 | avoid problems with filenames containing regexp special characters. | Jamie McClelland | |
| 2010-12-21 | On dkg's suggestion, using hash index as more elegant way to ensure | Jamie McClelland | |
| we don't repeat users. | |||
| 2010-12-21 | Tracking users while generating watch list is more reliable | Jamie McClelland | |
| way to ensure m-a u is executed on the right users. | |||
| 2010-12-20 | adding some comments/concerns about the current monkeysphere-monitor-keys ↵ | Daniel Kahn Gillmor | |
| implementation | |||
| 2010-12-20 | added example script to auto-generate X.509 certificate requests with the ↵ | Daniel Kahn Gillmor | |
| PGPExtension embedded in them from https monkeysphere-host keys. | |||
| 2010-12-20 | update debug to use printf and always emit newlines; use warnings; | Daniel Kahn Gillmor | |
| 2010-12-20 | whitespace, simple style cleanup | Daniel Kahn Gillmor | |
| 2010-12-20 | Merge remote branch 'jamie/master' | Daniel Kahn Gillmor | |
| 2010-12-20 | keytrans: avoid confusing user IDs across different keys (closes MS # 2682) | Daniel Kahn Gillmor | |
| 2010-12-20 | Comments at top now contains more concrete explanation of how | Jamie McClelland | |
| the script works. Location of key files to monitor is more configurable by the sys admin. All changed files treated the same for simplicity. Added debug mode. | |||
| 2010-12-20 | more precise description of file::ChangeNotify's behavior | Jamie McClelland | |
| with regard to different operating systems. And, monitoring /etc/passwd is not recommended, so removed from description. | |||
| 2010-12-19 | first attempt at closing #499 (changes to user authorized_keys files not | Jamie McClelland | |
| immediately incorporated) | |||
| 2010-11-13 | update changelog | Jameson Rollins | |
| 2010-11-13 | If for whatever reason the primary UID comes up empty, give the injected ↵ | Daniel Kahn Gillmor | |
| subkey a reasonable name instead of the empty string | |||
| 2010-11-13 | universalize and consolidate on --fixed-list-mode | Daniel Kahn Gillmor | |
| 2010-11-13 | avoid using the running MSVA from the user during the tests | Daniel Kahn Gillmor | |
| 2010-10-30 | update upstream changelog | Jameson Rollins | |
| 2010-10-30 | clean up ssh_proxycommand function (no functional change) | Jameson Rollins | |
| 2010-10-30 | break out proxy command validation code into it's own function (no ↵ | Jameson Rollins | |
| functional change) | |||
| 2010-10-30 | improve debug output | Jameson Rollins | |
| 2010-10-30 | fix variable declarations in update_known_hosts | Jameson Rollins | |
| 2010-10-30 | catch return for grep in remove_line, for case where grep -v returns nothing ↵ | Jameson Rollins | |
| (e.g. only line in file is removed) | |||
| 2010-10-29 | fix ssh_proxycommand marginal ui | Jameson Rollins | |
| After the last big code cleanup, the bookkeeping of numbers of processed/valid keys was removed. This was done because most things don't use that info, and it was confusing return codes of top-level functions. The one thing that did use that, though, was the ssh_proxycommand. We fix this by using a global variable to keep track of the number of processed and valid keys. The proxy command can now easily determine when it should output it's marginal ui block. | |||
| 2010-10-29 | fix variable declaration (leftover from break out of touch_key_file_or_fail) | Jameson Rollins | |
| 2010-10-29 | consolidate and simplify printing of key lines in process_keys_for_file | Jameson Rollins | |
| also move hashing of known_hosts lines into ssh2known_hosts function | |||
| 2010-10-27 | remove reference to USE_VALIDATION_AGENT (the usage was incorrect as well) | Jameson Rollins | |
| 2010-10-27 | fix label in upstream changelog | Jameson Rollins | |
| 2010-10-26 | finalize changelog for 0.34 release | Jameson Rollins | |
| 2010-10-26 | add note about CHECK_KEYSERVER var in msph-auth man page | Jameson Rollins | |
| 2010-10-25 | ensure that we only remove fully-matching lines once we have found them | Daniel Kahn Gillmor | |
| 2010-10-24 | back to using grep fixed-string matching when removing key lines | Jameson Rollins | |
| This method uses grep -F to find the full line to match, and then second call to grep -v -F to actually remove the line. For known_hosts, we use two piped grep -F calls. No rexexp are used, and only one extra call to grep is required for known_hosts line removal. There is still an issue here about sub-string matches, but there is at least no regression over early versions. | |||
| 2010-10-24 | don't fail if authorized_keys file not present | Jameson Rollins | |
| we create a new function here, touch_key_file_or_fail, which will touch a new key file if there isn't one already present. This is now used in the update_authorized_keys and update_known_hosts functions when looking for authorized_keys and known_hosts respectively. Closes Debian 600644 | |||
| 2010-10-22 | tweak log levels and messages in ma/update_users | Jameson Rollins | |
| 2010-10-19 | fix remove_line function to not use fixed string checking, and to mv -f the ↵ | Jameson Rollins | |
| tmp file into place | |||
| 2010-10-18 | fix remove_monkeysphere_lines function to just read from stdin and write to ↵ | Jameson Rollins | |
| stdout | |||
| 2010-10-18 | fix update_known_hosts to create proper initial temp file | Jameson Rollins | |
| 2010-10-18 | fix back to integer indexing in process_authorized_user_ids | Jameson Rollins | |
| 2010-10-18 | cleanup update_known_hosts | Jameson Rollins | |
| * don't update if unchanged * proper trap setting * cleanup comments | |||
| 2010-10-18 | fix up update_authorized_keys | Jameson Rollins | |
| * better trap handling * don't update file if unchanged * clean up comments | |||
| 2010-10-18 | fix process_keys_for_file so that it can accept '-' as a file, and send ↵ | Jameson Rollins | |
| output to stdout. | |||
| 2010-10-18 | update changelog | Jameson Rollins | |
| 2010-10-18 | Simplification/refactoring of key/file processing | Jameson Rollins | |
| This is a fairly major overhaul to greatly reduce the number of redundant code paths. We here created a new process_keys_for_file function that processes key from a userid for a given key file. All the main top elevel functions now call this one function. The main top level monkeysphere functions for updating the user's authorized_keys and known_hosts files are now moved to their own sourced files, which greatly reduces the amount of code sourced with common. monkeysphere now updates authorized_keys and known_hosts in temporary files that are then atomically moved into place upon completion. Finally, removed the confusing return codes in the key/file processing functions that were based on number of valid/invalid keys processed. It was confusing in the presence of actual errors that stopped processing. | |||
| 2010-10-18 | fix test for keys-for-user | Jameson Rollins | |
 |
index : monkeysphere | |
| Unnamed repository; edit this file 'description' to name the repository. | Jonas Smedegaard |
| summaryrefslogtreecommitdiff |