| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2013-03-09 | Simplify arguments passed to su_monkeysphere_user() and gpg_sphere | Jonas Smedegaard | |
| It is a healthy coding practice to keep each argument separate when executing system calls, i.e. quote each variable separately instead of relying on whitespace to indicate argument separation. This patch improves argument passing like this: a) Each argument is passed individually (not all as a single string) b) Arguments containing no variables are not quoted c) Dynamic arguments are double-quoted ( "$@" ) Due to su_monkeysphere_user() expanding arguments using "$*" (not "$@") arguments are mostly¹ coollapsed into single strings, and this change is therefore only cosmetic. It does improve clarity, however. Also, it eases switching to safer quoted arguments in the future. ¹As sole excepion ma/update_users line 82 has $STRICT_MODES dual-quoted. | |||
| 2013-03-09 | Pass only single commands through su wrapper | Jonas Smedegaard | |
| It is a healthy coding practice to keep each argument separate when executing system calls, i.e. quote each variable separately instead of relying on whitespace to indicate argument separation. Quoting shell-inside-shell is tricky to do right, and gets trickier when more than a single command is wrapped together. This patch simplifies convoluted shell calls to contain only one command each. | |||
| 2012-03-16 | use date somewhat more portably | Daniel Kahn Gillmor | |
| 2010-10-02 | add debugging to monkeysphere-host publish-key, closes: #2289 | Micah Anderson | |
| 2010-10-01 | fix revoke_key typo in creating temporary directory | Micah Anderson | |
| fix variable specifying which key to revoke monkeysphere-host revoke-key <key-id> would produce the following errors, this commit fixes that: Really publish this cert to zimmermann.mayfirst.org ? (Y/n) y /usr/share/monkeysphere/mh/revoke_key: line 96: mkmstempdir: command not found gpg: new configuration file `/root/.gnupg/gpg.conf' created gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run gpg: "0x!" not a key ID: skipping | |||
| 2010-05-06 | reporting new expiration date when key expiry is updated (closes MS #2291) | Daniel Kahn Gillmor | |
| 2010-05-06 | do not fail or bail when admin interactively declines to publish a key with m-h | Daniel Kahn Gillmor | |
| 2010-05-06 | support x509 anchors for monkeysphere-host, allow shared anchors between m-a ↵ | Daniel Kahn Gillmor | |
| and mh (closes MS #2288) | |||
| 2010-01-19 | re-work monkeysphere-host diagnostics with an eye toward multiple host keys | Daniel Kahn Gillmor | |
| 2010-01-18 | canonicalize prompting to prompt if MONKEYSPHERE_PROMPT != 'false' | Jameson Rollins | |
| 2010-01-18 | add prompt if a service name is already being used then importing a key or ↵ | Jameson Rollins | |
| adding a name. This can be overridden with the MONKEYSPHERE_PROMPT var. | |||
| 2010-01-18 | renaming m-h update_gpg_pub_file to update_pgp_pub_file | Daniel Kahn Gillmor | |
| 2010-01-18 | add check that service name isn't already in use in import_key | Jameson Rollins | |
| 2010-01-15 | Major rework of monkeysphere-host to handle multiple host keys. | Jameson Rollins | |
| This rework removes any assumption that monkeysphere-host is just managing a single host key, or that the keys are used specifically for ssh. The UI is exactly backwards compatible except that hostnames ('example.com') must be replaced by full service names ('ssh://example.com'). This incarnation passes the old tests with those changes only. There are a couple of things that still need to be done: - need to see if a transition script is needed (some local file names have changed) - need to fill in check_service_name function to verify that a specified service name fits the expected format. - update diagnostics appropriately | |||
| 2009-07-14 | improvements monkeysphere-host diagnostics | Jameson Graef Rollins | |
| I made a couple of improvements to the mh diagnostics script, including rearranging some of the test, to try to better handle some of the possible low-level failures that one might run into. Hopefully this will be a little more informative. closes MS #624. | |||
| 2009-07-14 | make sure that revokehostname sees the pieces it needs to see in order to ↵ | Daniel Kahn Gillmor | |
| create a useful revocation certificate. | |||
| 2009-07-14 | ensure proper usage flags on new hostname selfsigs | Daniel Kahn Gillmor | |
| 2009-07-14 | simplifying find_host_user_id function. | Daniel Kahn Gillmor | |
| 2009-07-14 | fixing find_host_userid -- did this ever work? | Daniel Kahn Gillmor | |
| 2009-07-14 | tests/basic now tests for adding and revoking hostnames. | Daniel Kahn Gillmor | |
| 2009-07-14 | monkeysphere-host add-hostname now uses perl backend. | Daniel Kahn Gillmor | |
| 2009-07-11 | Merge commit 'mlcastle/master' | Jameson Graef Rollins | |
| 2009-07-11 | more replacement of read -p with printf; read (re #446) | mike castleman | |
| 2009-07-11 | explicitly set MONKEYSPHERE_GROUP | Jameson Graef Rollins | |
| The monkeysphere group is now determined from the system "groups" command, and then MONKEYSPHERE_GROUP is explicitly set from this, and then used when setting group ownership. | |||
| 2009-03-22 | some more pruning of unnecessary usage of cat for the gnupg scripts. | Jameson Graef Rollins | |
| 2009-03-18 | remove some extraneous invocations of cat. | Daniel Kahn Gillmor | |
| 2009-03-01 | refer to the m-h set-expire instead of m-h extend-key in m-h diagnostics. | Daniel Kahn Gillmor | |
| 2009-02-21 | make sure all prompt messages are going to stderr | Jameson Graef Rollins | |
| 2009-02-21 | fix output formatting for cases where multiple fingerprints are found, in ↵ | Jameson Graef Rollins | |
| functions that are doing that sort of thing | |||
| 2009-02-21 | add tests to add_revoker and add_certifier that more than one key was not ↵ | Jameson Graef Rollins | |
| found when adding by using key ID. | |||
| 2009-02-21 | import-key now requires a hostname be specified, and no longer does | Jameson Graef Rollins | |
| any hostname guessing. this is so that we don't have to worry about prompting the user when guessing the hostname. also updated documentation. | |||
| 2009-02-21 | fix failure message in import_key | Jameson Graef Rollins | |
| 2009-02-20 | tweak/cleanup some of the prompts. | Jameson Graef Rollins | |
| 2009-02-20 | tune automated revocation certificate description; add FIXME to allow it to ↵ | Daniel Kahn Gillmor | |
| be set explicitly. | |||
| 2009-02-20 | monkeysphere-host revoke-key should now be capable of publishing the | Daniel Kahn Gillmor | |
| revocation certificate to the keyservers directly, should the admin want that. It can also run without prompting, if MONKEYSPHERE_PROMPT=false. In the no-prompts case, it never publishes to the keyserver, it indicates that the key was compromised, and it writes a boilerplate description to make it easy to identify this kind of certificate. | |||
| 2009-02-20 | trivial implementation of monkeysphere-host revoke-key: just prints ↵ | Daniel Kahn Gillmor | |
| ascii-armored revocation certificate to stdout, and admin is expected to know what to do with it. | |||
| 2009-02-20 | clarify revoke_hostname warning | Daniel Kahn Gillmor | |
| 2009-02-20 | explicitly set GNUPGHOME in su_monkeysphere_user calls to gpg in ↵ | Jameson Graef Rollins | |
| add_revoker, to avoid any confusion about having GNUPGHOME as a tempdir exported to the environment. | |||
| 2009-02-20 | stupid bug fix | Jameson Graef Rollins | |
| 2009-02-20 | add_revoker fully working. also cleanup of add_certifier. | Jameson Graef Rollins | |
| add_revoker and add_certifier to many similar procedures, so I'm trying to keep them in sync as I figure out the right way to handle things. | |||
| 2009-02-19 | Merge commit 'jrollins/master' | Daniel Kahn Gillmor | |
| 2009-02-19 | clean up the diagnostics functions, check for ID-Certifiers in m-a d | Daniel Kahn Gillmor | |
| 2009-02-19 | diagnostics should now check for cruft from old versions of the monkeysphere. | Daniel Kahn Gillmor | |
| 2009-02-19 | fix arg parsing in add_certifier to allow of - for stdin read. | Jameson Graef Rollins | |
| 2009-02-19 | Modify/cleanup add_certifier and add_revoker, so that their code base | Jameson Graef Rollins | |
| is more similar, and so that they can read keys from stdin instead of just from a file. Also fix the permissions on the tempdir in publish_key. | |||
| 2009-02-19 | The monkeysphere {import,gen}_subkey functions were not up-to-date. | Jameson Graef Rollins | |
| did a lot of work to bring them up-to-date, and better handle argument checking. also updated man page, changelog, and tests/basic. | |||
| 2009-02-19 | modify import_key to take the key file to import as an argument. can be '-' ↵ | Jameson Graef Rollins | |
| to import from stdin. modify man page and test accordingly. | |||
| 2009-02-19 | fail if hostname can not be determined in import_key | Jameson Graef Rollins | |
| 2009-02-19 | tweak some of the prompting, to change defaults, and add PROMPT usage where ↵ | Jameson Graef Rollins | |
| missing | |||
| 2009-02-18 | new msmktempdir function, to simplify making temporary directories. remove ↵ | Jameson Graef Rollins | |
| MHTMPDIR, since it's not needed. | |||
 |
index : monkeysphere | |
| Unnamed repository; edit this file 'description' to name the repository. | Jonas Smedegaard |
| summaryrefslogtreecommitdiff |