summaryrefslogtreecommitdiff
path: root/src/monkeysphere-host
AgeCommit message (Collapse)Author
2009-03-10Merge commit 'dkg/master'Jameson Graef Rollins
2009-03-10cleaning up a lingering non-portable mktemp invocation.Daniel Kahn Gillmor
2009-03-07fix the marginal ui output so that it's not prefixed by theJameson Graef Rollins
LOG_PREFIX. also make sure to always export the LOG_PREFIX, so that it gets passed to subprocces su_monkeysphere_user.
2009-03-03fix to logging to prefix all log output with log prefix, and allow changing ↵Jameson Graef Rollins
of log prefix.
2009-03-02usage review/tweaks for m-a and m-hDaniel Kahn Gillmor
2009-03-02very small tweaks to usages.Jameson Graef Rollins
2009-03-01break out default variables into their own file: defaultenvJameson Graef Rollins
this allows the common file to be sourced without reseting variables to their defaults, which was causing a problem with su_monkeysphere_user. also added some more debug messages.
2009-02-28openpgp2ssh in ms-host show-key function takes the host gpg key from the ↵Jameson Graef Rollins
temporary gpghome, instead of from the saved ssh_host_key_rsa.pub.gpg key file.
2009-02-22fix some return code setting stuf that was no longer being used, and change ↵Jameson Graef Rollins
name of return code variable in update_users, since all-caps variables should be reserved for global vars.
2009-02-22Fix how version number is saved/retrieved. Version is now stored inJameson Graef Rollins
VERSION file, which is created in the tarball target. This is then installed at /usr/share/monkeysphere/VERSION, and cat'ed when the version number is requested by the front-end ui. No more manual setting of version number required (to avoid future problems, aka "0.23.1"). This system is also more flexible, as the VERSION file could potentially hold more info than just the release number.
2009-02-21adjusting extraction of revokers.Daniel Kahn Gillmor
2009-02-21make show-key so that it works even if there are no revokers.Jameson Graef Rollins
2009-02-21extend show-key to show fingerprints of revokers as well.Jameson Graef Rollins
2009-02-21add FIXME to show key about how it should show revokers as well.Jameson Graef Rollins
2009-02-21import-key now requires a hostname be specified, and no longer doesJameson Graef Rollins
any hostname guessing. this is so that we don't have to worry about prompting the user when guessing the hostname. also updated documentation.
2009-02-20monkeysphere-host revoke-key should now be capable of publishing theDaniel Kahn Gillmor
revocation certificate to the keyservers directly, should the admin want that. It can also run without prompting, if MONKEYSPHERE_PROMPT=false. In the no-prompts case, it never publishes to the keyserver, it indicates that the key was compromised, and it writes a boilerplate description to make it easy to identify this kind of certificate.
2009-02-19Modify/cleanup add_certifier and add_revoker, so that their code baseJameson Graef Rollins
is more similar, and so that they can read keys from stdin instead of just from a file. Also fix the permissions on the tempdir in publish_key.
2009-02-19modify import_key to take the key file to import as an argument. can be '-' ↵Jameson Graef Rollins
to import from stdin. modify man page and test accordingly.
2009-02-19don't use /dev/stdin hack with ssh-keygen to get ssh fingerprint. just use ↵Jameson Graef Rollins
a tmp file.
2009-02-19make sure fingerprint is loaded for update_gpg_pub_fileJameson Graef Rollins
2009-02-19fix call to transition script in postinst script, and fix lintian error ↵Jameson Graef Rollins
about transitions README
2009-02-19small usage changesJameson Graef Rollins
2009-02-19Cleanup how variables are specified and loaded:Jameson Graef Rollins
- define more common variables in share/common - cleanup how defaults are specified - fix how CHECK_KEYSERVER was determined in monkeysphere Fix calls to update_known_hosts and update_authorized_keys in monkeysphere so that some of the checks are done within the functions themselves, as opposed in the monkeysphere wrapper, so that other functions can call them easier. Fix ssh-proxycommand that had some left over cruft from the transition.
2009-02-18new msmktempdir function, to simplify making temporary directories. remove ↵Jameson Graef Rollins
MHTMPDIR, since it's not needed.
2009-02-18add no-tty, quiet, and no-greeting to gpg wrapper invocations to supress as ↵Jameson Graef Rollins
much gpg output as possible. then cleanup gpg invocations.
2009-02-18fix some log outputJameson Graef Rollins
2009-02-17fix ma so that the setup command is folded into the other commands, soJameson Graef Rollins
it's never needed to be run manually, and can therefore be supressed in the usage/documentation. Also, add setup to the postinst script so that it's setup on installation. Also add pipefail to ma, and try to supress unnecessary gpg output, and redirect other to log debug.
2009-02-17fix typoDaniel Kahn Gillmor
2009-02-17add ability to bypass prompting with a MONKEYSPHERE_PROMPT variable,Jameson Graef Rollins
for functions that prompt for confirmation. Also fix publish_key function (NOT TESTED).
2009-02-17rename create_gpg_pub_file to be update_gpg_pub_file, and add it toJameson Graef Rollins
every function that alters the host keyring, so that all changes will show up in exported pub key file, and in show-key.
2009-02-17tweak the show-key output, and fix some comments.Jameson Graef Rollins
2009-02-17fix a couple of left over references to expertJameson Graef Rollins
2009-02-17check host for gpg pub key file instead of fingerprint, and modify show_key ↵Jameson Graef Rollins
to be able to show full key info to all users.
2009-02-16make host show_key use just the pgp pub key file to get the ssh fingerprint, ↵Jameson Graef Rollins
as it should have been doing before
2009-02-16fix reference to HOST_FINGERPRINT in show-key, and fix some referencesJameson Graef Rollins
to "expert" in test.
2009-02-16REMOVE GEN_KEY. The gen_key function is entirely removed. DecidedJameson Graef Rollins
this was OK now that import_key works, and we can't really see a reason to keep it around. We can resurect it down the line if need be. Also, removed "expert" subcommand, after promting import_key, since it may be need semi-regularly. The other "expert" commands are now just not listed in the usage.
2009-02-16Stop all creation of a ssh_host_rsa_key.pub. Use openpgp2ssh to getJameson Graef Rollins
the fingerprint from the host pgp public key. Prevents us from having to maintain the ssh pub key file, and generally makes things simpler. Also allows us to go back to having import_key take the key on stdin (which dkg will like).
2009-02-16make sure MHTMPDIR is defined and createdJameson Graef Rollins
2009-02-15unbreakout some functions that were broken out earlier for handling creating ↵Jameson Graef Rollins
ssh key files, since they are actually done in different ways under different circumstances.
2009-02-12fix reference to MONKEYSPHER_USER in ma/setupJameson Graef Rollins
2009-02-12break out a bunch of common functions in monkeysphere-host:Jameson Graef Rollins
- create_*_*_file to create the key files - load_*fingerprint to load the host fingerprint into an exported variable (HOST_FINGERPRINT) - check_host_*key to check for the presence of a host key modified {import,gen}_key to use these new functions.
2009-02-09rename function to get the host fingerprint, and fix someJameson Graef Rollins
HOST_FINGERPRINT variables.
2009-02-09break su_monkeysphere_user into common function, since it will likelyJameson Graef Rollins
be needed by both m-host and m-auth for communicating with keyservers.
2009-02-09define variable for public key files (HOST_KEY_PUB, HOST_KEY_PUB_GPG).Jameson Graef Rollins
also, fix some function calls to check_host_fail function.
2009-02-09Break out host export commands into gpg_host_export andJameson Graef Rollins
gpg_host_export_to_ssh_file functions, and update the {gen,import}_key functions accordingly.
2009-02-08Some rearragement/cleanup in the monkeysphere-host:Jameson Graef Rollins
- define exported variable to hold host key fingerprint (HOST_FINGERPRINT) - broke out some common commands into simpler functions - rename the 'extend_key' function to be 'set_expire', since function is more generically offered now.
2009-02-03fix up gen/import-key:Jameson Graef Rollins
- remove stuff about expiration, so we assume keys imported/generated with no expiration - set expiration with 'set-expire' function - update tests to test key importing and generation - fix some bugs
2009-02-01some general fixes:Jameson Graef Rollins
- fix some references to old function names - move fingerprint_server_key to be fingerprint_host_key - update diagnostic scripts
2009-02-01fix a bunch of directory references to the new data/share dirsJameson Graef Rollins
2009-01-31fix some things bugs from the separation transition, and try to fix the test ↵Jameson Graef Rollins
scripts