Age | Commit message (Collapse) | Author |
|
It is a healthy coding practice to keep each argument separate when
executing system calls, i.e. quote each variable separately instead of
relying on whitespace to indicate argument separation.
Quoting shell-inside-shell is tricky to do right, and gets trickier when
the wrapper demands unusually complex quoting.
su_monkeysphere_user() expands arguments using "$*" which (unlike "$@")
collapses all arguments into a single string, and therefore require
"risky" arguments (e.g. ones containing variables that may contain space
or other unusual characters) to be dual-quoted for them to not wreak
havoc at the inside shell.
This patch improves arguments passed to su_monkeysphere_user() by first
single-quoting and then double-quoting arguments containing variables.
NB! Dynamic arguments are only double-quoted ( "$@" ) which looks safe
but effectively is a noop (quoting is lost at wrapper!).
|
|
It is a healthy coding practice to keep each argument separate when
executing system calls, i.e. quote each variable separately instead of
relying on whitespace to indicate argument separation.
This patch improves argument passing like this:
a) Each argument is passed individually (not all as a single string)
b) Arguments containing no variables are not quoted
c) Dynamic arguments are double-quoted ( "$@" )
Due to su_monkeysphere_user() expanding arguments using "$*" (not "$@")
arguments are mostly¹ coollapsed into single strings, and this change is
therefore only cosmetic.
It does improve clarity, however. Also, it eases switching to safer
quoted arguments in the future.
¹As sole excepion ma/update_users line 82 has $STRICT_MODES dual-quoted.
|
|
It is a healthy coding practice to keep each argument separate when
executing system calls, i.e. quote each variable separately instead of
relying on whitespace to indicate argument separation.
Quoting shell-inside-shell is tricky to do right, and gets trickier when
more than a single command is wrapped together.
This patch simplifies convoluted shell calls to contain only one command
each.
|
|
|
|
|
|
fix variable specifying which key to revoke
monkeysphere-host revoke-key <key-id> would produce the following errors, this
commit fixes that:
Really publish this cert to zimmermann.mayfirst.org ? (Y/n) y
/usr/share/monkeysphere/mh/revoke_key: line 96: mkmstempdir: command not found
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: "0x!" not a key ID: skipping
|
|
|
|
|
|
and mh (closes MS #2288)
|
|
|
|
|
|
adding a name.
This can be overridden with the MONKEYSPHERE_PROMPT var.
|
|
|
|
|
|
This rework removes any assumption that monkeysphere-host is just
managing a single host key, or that the keys are used specifically for
ssh. The UI is exactly backwards compatible except that hostnames
('example.com') must be replaced by full service names
('ssh://example.com'). This incarnation passes the old tests with
those changes only.
There are a couple of things that still need to be done:
- need to see if a transition script is needed (some local file names
have changed)
- need to fill in check_service_name function to verify that a
specified service name fits the expected format.
- update diagnostics appropriately
|
|
I made a couple of improvements to the mh diagnostics script,
including rearranging some of the test, to try to better handle some
of the possible low-level failures that one might run into. Hopefully
this will be a little more informative. closes MS #624.
|
|
create a useful revocation certificate.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The monkeysphere group is now determined from the system "groups"
command, and then MONKEYSPHERE_GROUP is explicitly set from this, and
then used when setting group ownership.
|
|
|
|
|
|
|
|
|
|
functions that are doing that sort of thing
|
|
found when adding by using key ID.
|
|
any hostname guessing. this is so that we don't have to worry about
prompting the user when guessing the hostname. also updated
documentation.
|
|
|
|
|
|
be set explicitly.
|
|
revocation certificate to the keyservers directly, should the admin
want that.
It can also run without prompting, if MONKEYSPHERE_PROMPT=false. In
the no-prompts case, it never publishes to the keyserver, it indicates
that the key was compromised, and it writes a boilerplate description
to make it easy to identify this kind of certificate.
|
|
ascii-armored revocation certificate to stdout, and admin is expected to know what to do with it.
|
|
|
|
add_revoker, to avoid any confusion about having GNUPGHOME as a tempdir exported to the environment.
|
|
|
|
add_revoker and add_certifier to many similar procedures, so I'm
trying to keep them in sync as I figure out the right way to handle
things.
|
|
|
|
|
|
|
|
|
|
is more similar, and so that they can read keys from stdin instead of
just from a file. Also fix the permissions on the tempdir in
publish_key.
|
|
did a lot of work to bring them up-to-date, and better handle argument
checking. also updated man page, changelog, and tests/basic.
|
|
to import from stdin. modify man page and test accordingly.
|
|
|
|
missing
|