monkeysphere - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author
2012-02-24	fix url in man page, fixes #635648	Micah Anderson

2011-01-02	genericized x509 certificate generation -- now works for any service, not ↵	Daniel Kahn Gillmor
	just https (invoke it like "make-x509-certreqs imap" for imap:// keys, etc)
2010-12-21	avoid problems with filenames containing regexp special characters.	Jamie McClelland

2010-12-21	On dkg's suggestion, using hash index as more elegant way to ensure	Jamie McClelland
	we don't repeat users.
2010-12-21	Tracking users while generating watch list is more reliable	Jamie McClelland
	way to ensure m-a u is executed on the right users.
2010-12-20	adding some comments/concerns about the current monkeysphere-monitor-keys ↵	Daniel Kahn Gillmor
	implementation
2010-12-20	added example script to auto-generate X.509 certificate requests with the ↵	Daniel Kahn Gillmor
	PGPExtension embedded in them from https monkeysphere-host keys.
2010-12-20	update debug to use printf and always emit newlines; use warnings;	Daniel Kahn Gillmor

2010-12-20	whitespace, simple style cleanup	Daniel Kahn Gillmor

2010-12-20	Merge remote branch 'jamie/master'	Daniel Kahn Gillmor

2010-12-20	keytrans: avoid confusing user IDs across different keys (closes MS # 2682)	Daniel Kahn Gillmor

2010-12-20	Comments at top now contains more concrete explanation of how	Jamie McClelland
	the script works. Location of key files to monitor is more configurable by the sys admin. All changed files treated the same for simplicity. Added debug mode.
2010-12-20	more precise description of file::ChangeNotify's behavior	Jamie McClelland
	with regard to different operating systems. And, monitoring /etc/passwd is not recommended, so removed from description.
2010-12-19	first attempt at closing #499 (changes to user authorized_keys files not	Jamie McClelland
	immediately incorporated)
2010-11-13	update changelog	Jameson Rollins

2010-11-13	If for whatever reason the primary UID comes up empty, give the injected ↵	Daniel Kahn Gillmor
	subkey a reasonable name instead of the empty string
2010-11-13	universalize and consolidate on --fixed-list-mode	Daniel Kahn Gillmor

2010-11-13	avoid using the running MSVA from the user during the tests	Daniel Kahn Gillmor

2010-10-30	update upstream changelog	Jameson Rollins

2010-10-30	clean up ssh_proxycommand function (no functional change)	Jameson Rollins

2010-10-30	break out proxy command validation code into it's own function (no ↵	Jameson Rollins
	functional change)
2010-10-30	improve debug output	Jameson Rollins

2010-10-30	fix variable declarations in update_known_hosts	Jameson Rollins

2010-10-30	catch return for grep in remove_line, for case where grep -v returns nothing ↵	Jameson Rollins
	(e.g. only line in file is removed)
2010-10-29	fix ssh_proxycommand marginal ui	Jameson Rollins
	After the last big code cleanup, the bookkeeping of numbers of processed/valid keys was removed. This was done because most things don't use that info, and it was confusing return codes of top-level functions. The one thing that did use that, though, was the ssh_proxycommand. We fix this by using a global variable to keep track of the number of processed and valid keys. The proxy command can now easily determine when it should output it's marginal ui block.
2010-10-29	fix variable declaration (leftover from break out of touch_key_file_or_fail)	Jameson Rollins

2010-10-29	consolidate and simplify printing of key lines in process_keys_for_file	Jameson Rollins
	also move hashing of known_hosts lines into ssh2known_hosts function
2010-10-27	remove reference to USE_VALIDATION_AGENT (the usage was incorrect as well)	Jameson Rollins

2010-10-27	fix label in upstream changelog	Jameson Rollins

2010-10-26	finalize changelog for 0.34 release	Jameson Rollins

2010-10-26	add note about CHECK_KEYSERVER var in msph-auth man page	Jameson Rollins

2010-10-25	ensure that we only remove fully-matching lines once we have found them	Daniel Kahn Gillmor

2010-10-24	back to using grep fixed-string matching when removing key lines	Jameson Rollins
	This method uses grep -F to find the full line to match, and then second call to grep -v -F to actually remove the line. For known_hosts, we use two piped grep -F calls. No rexexp are used, and only one extra call to grep is required for known_hosts line removal. There is still an issue here about sub-string matches, but there is at least no regression over early versions.
2010-10-24	don't fail if authorized_keys file not present	Jameson Rollins
	we create a new function here, touch_key_file_or_fail, which will touch a new key file if there isn't one already present. This is now used in the update_authorized_keys and update_known_hosts functions when looking for authorized_keys and known_hosts respectively. Closes Debian 600644
2010-10-22	tweak log levels and messages in ma/update_users	Jameson Rollins

2010-10-19	fix remove_line function to not use fixed string checking, and to mv -f the ↵	Jameson Rollins
	tmp file into place
2010-10-18	fix remove_monkeysphere_lines function to just read from stdin and write to ↵	Jameson Rollins
	stdout
2010-10-18	fix update_known_hosts to create proper initial temp file	Jameson Rollins

2010-10-18	fix back to integer indexing in process_authorized_user_ids	Jameson Rollins

2010-10-18	cleanup update_known_hosts	Jameson Rollins
	* don't update if unchanged * proper trap setting * cleanup comments
2010-10-18	fix up update_authorized_keys	Jameson Rollins
	* better trap handling * don't update file if unchanged * clean up comments
2010-10-18	fix process_keys_for_file so that it can accept '-' as a file, and send ↵	Jameson Rollins
	output to stdout.
2010-10-18	update changelog	Jameson Rollins

2010-10-18	Simplification/refactoring of key/file processing	Jameson Rollins
	This is a fairly major overhaul to greatly reduce the number of redundant code paths. We here created a new process_keys_for_file function that processes key from a userid for a given key file. All the main top elevel functions now call this one function. The main top level monkeysphere functions for updating the user's authorized_keys and known_hosts files are now moved to their own sourced files, which greatly reduces the amount of code sourced with common. monkeysphere now updates authorized_keys and known_hosts in temporary files that are then atomically moved into place upon completion. Finally, removed the confusing return codes in the key/file processing functions that were based on number of valid/invalid keys processed. It was confusing in the presence of actual errors that stopped processing.
2010-10-18	fix test for keys-for-user	Jameson Rollins

2010-10-18	add check for argument in keys-for-user	Jameson Rollins

2010-10-17	fixed bug in remove_monkeysphere_lines function	Jameson Rollins
	it was matching MonkeySphere strings as full lines and therefore not actually removing monkeysphere lines. I'm not sure exactly why, upon further consideration, why we actually need to be removing all monkeysphere lines in update_authorized_keys.
2010-10-17	fix changelog	Jameson Rollins

2010-10-17	remove unneccessary export of TMP_AUTHORIZED_USER_IDS	Jameson Rollins

2010-10-17	fix keys-for-user	Jameson Rollins
	This function now properly outputs to stdout exactly what would have been written to the monkeysphere-controlled authorized_keys file, but without actually touching it.