summaryrefslogtreecommitdiff
path: root/src/share/m
AgeCommit message (Collapse)Author
2012-03-20add --batch to gpg invocations, since gpg2 requires it to use --passphrase-* ↵Daniel Kahn Gillmor
arguments
2010-11-13If for whatever reason the primary UID comes up empty, give the injected ↵Daniel Kahn Gillmor
subkey a reasonable name instead of the empty string
2010-11-13universalize and consolidate on --fixed-list-modeDaniel Kahn Gillmor
2010-10-30clean up ssh_proxycommand function (no functional change)Jameson Rollins
2010-10-30break out proxy command validation code into it's own function (no ↵Jameson Rollins
functional change)
2010-10-30fix variable declarations in update_known_hostsJameson Rollins
2010-10-29fix ssh_proxycommand marginal uiJameson Rollins
After the last big code cleanup, the bookkeeping of numbers of processed/valid keys was removed. This was done because most things don't use that info, and it was confusing return codes of top-level functions. The one thing that did use that, though, was the ssh_proxycommand. We fix this by using a global variable to keep track of the number of processed and valid keys. The proxy command can now easily determine when it should output it's marginal ui block.
2010-10-29fix variable declaration (leftover from break out of touch_key_file_or_fail)Jameson Rollins
2010-10-24don't fail if authorized_keys file not presentJameson Rollins
we create a new function here, touch_key_file_or_fail, which will touch a new key file if there isn't one already present. This is now used in the update_authorized_keys and update_known_hosts functions when looking for authorized_keys and known_hosts respectively. Closes Debian 600644
2010-10-18fix remove_monkeysphere_lines function to just read from stdin and write to ↵Jameson Rollins
stdout
2010-10-18fix update_known_hosts to create proper initial temp fileJameson Rollins
2010-10-18cleanup update_known_hostsJameson Rollins
* don't update if unchanged * proper trap setting * cleanup comments
2010-10-18fix up update_authorized_keysJameson Rollins
* better trap handling * don't update file if unchanged * clean up comments
2010-10-18fix process_keys_for_file so that it can accept '-' as a file, and send ↵Jameson Rollins
output to stdout.
2010-10-18Simplification/refactoring of key/file processingJameson Rollins
This is a fairly major overhaul to greatly reduce the number of redundant code paths. We here created a new process_keys_for_file function that processes key from a userid for a given key file. All the main top elevel functions now call this one function. The main top level monkeysphere functions for updating the user's authorized_keys and known_hosts files are now moved to their own sourced files, which greatly reduces the amount of code sourced with common. monkeysphere now updates authorized_keys and known_hosts in temporary files that are then atomically moved into place upon completion. Finally, removed the confusing return codes in the key/file processing functions that were based on number of valid/invalid keys processed. It was confusing in the presence of actual errors that stopped processing.
2010-04-17do not try to add to known_hosts if HASH_KNOWN_HOSTS is true but ssh-keygen ↵Daniel Kahn Gillmor
is not available (includes some comments about how to fix these corner cases).
2010-04-17degrade gracefully in the absence of sshDaniel Kahn Gillmor
2010-02-18enforce --no-armor when exporting to openpgp2ssh in case weird gpg.conf ↵Daniel Kahn Gillmor
options (see bug 1625)
2010-01-10Fix patch for gen_key to test gpg version.Jameson Rollins
This patch checks the version of gpg (for v1 and v2) and sets the key type command for the gen_subkey gpg edit-key script appropriately.
2010-01-10added notes about what version needs what keyTypeDaniel Kahn Gillmor
2009-12-20fix ms Issue #1536 for gpg edit/addkey UI changeJameson Graef Rollins
gnupg apparently changed their edit-key/addkey function ordering such that the monkeysphere gen-subkey subcommand was creating DSA authentication subkeys instead of RSA subkeys. DSA subkeys are not supported by the ms key translation utilities, so this is a big problem. This patch fixes the problem, but it means that we have require gnupg >=1.4.10 from now on, or at least until gnupg changes their UI again for no good reason.
2009-07-24Merge commit 'dkg/master'Jameson Graef Rollins
2009-07-24make sure we check for the host key existence in the correct known_hosts file.Daniel Kahn Gillmor
do not look for a host key in a non-existant file. (should close MS 1147)
2009-07-24improve the marginal ui a bit. note number of invalid keys. closes ms #1141Jameson Graef Rollins
2009-07-23proposed fix to marginal ui in case where host key not retrieved (should fix ↵Jameson Graef Rollins
1141)
2009-07-11improve marginal UI for cases when host key can't be retrievedJameson Graef Rollins
if ssh-keyscan can't retrieve the host key, then output all keys with matching user ID and validity marginal or better.
2009-04-05some small compatibility changes:Jameson Graef Rollins
- fix file_hash function to use md5 or md5sum, for Darwin compatibility - use build-in 'type' instead of 'which', which for some reason doesn't behave on Darwin - clean up some redirection calls.
2009-03-27trying to make m gen-subkey more responsive in the face of errors, and ↵Daniel Kahn Gillmor
clearer to the user about what is going on.
2009-03-18remove some extraneous invocations of cat.Daniel Kahn Gillmor
2009-03-18modify the ssh_proxycommand marginal ui output so that it betterJameson Graef Rollins
handles the case where the host can not be contacted. the new system attempts to retrieve the host ssh key before any ui output is made. this should make things a little clearer in this corner case, and make things a little more flexible down the line.
2009-03-07fix the marginal ui output so that it's not prefixed by theJameson Graef Rollins
LOG_PREFIX. also make sure to always export the LOG_PREFIX, so that it gets passed to subprocces su_monkeysphere_user.
2009-03-02added ability to specify subkeys to add to agent with ↵Jameson Graef Rollins
MONKEYSPHERE_SUBKEYS_FOR_AGENT variable.
2009-03-01removed test_gnu_dummy_s2k_extension(); no longer necessaryDaniel Kahn Gillmor
2009-02-21correct return codes for monkeysphere subkey-to-ssh-agentDaniel Kahn Gillmor
2009-02-21un-fix non-typo in ssh_proxycommand. (my mistake!)Daniel Kahn Gillmor
2009-02-21fixing typo in ssh_proxycommand.Daniel Kahn Gillmor
2009-02-21fix return in subkey_to_ssh_agent, so that it returns, instead of exitsJameson Graef Rollins
2009-02-21make sure we're explicitly capturing return codes in places where they are ↵Jameson Graef Rollins
tested, in case things are being run set -e
2009-02-20document why monkeysphere import-subkey is not yet working.Daniel Kahn Gillmor
2009-02-19Merge commit 'jrollins/master'Daniel Kahn Gillmor
2009-02-19correcting ssh_proxycommand output.Daniel Kahn Gillmor
2009-02-19remove import_subkey from monkeysphere usage and man page until we getJameson Graef Rollins
a chance to fully implement it.
2009-02-19the import_subkey function was in fact not implement at all. MUST FIX!Jameson Graef Rollins
2009-02-19add a gpg_user function in monkeysphere to add some gpg quietingJameson Graef Rollins
option, and use it in all gpg invocations. add a trap to subkey_to_ssh_agent.
2009-02-19The monkeysphere {import,gen}_subkey functions were not up-to-date.Jameson Graef Rollins
did a lot of work to bring them up-to-date, and better handle argument checking. also updated man page, changelog, and tests/basic.
2009-02-19added msmktempfile; got rid of /dev/stdin assumption in ssh_proxycommand for ↵Daniel Kahn Gillmor
portability
2009-02-19fix CHECK_KEYSERVER variable in monkeysphere, so the default is correct for ↵Jameson Graef Rollins
proxycommand, and fix an errant bad line in proxycommand.
2009-02-19tweak some of the prompting, to change defaults, and add PROMPT usage where ↵Jameson Graef Rollins
missing
2009-02-19Cleanup how variables are specified and loaded:Jameson Graef Rollins
- define more common variables in share/common - cleanup how defaults are specified - fix how CHECK_KEYSERVER was determined in monkeysphere Fix calls to update_known_hosts and update_authorized_keys in monkeysphere so that some of the checks are done within the functions themselves, as opposed in the monkeysphere wrapper, so that other functions can call them easier. Fix ssh-proxycommand that had some left over cruft from the transition.
2009-02-18new msmktempdir function, to simplify making temporary directories. remove ↵Jameson Graef Rollins
MHTMPDIR, since it's not needed.