| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2010-10-30 | fix variable declarations in update_known_hosts | Jameson Rollins | |
| 2010-10-30 | catch return for grep in remove_line, for case where grep -v returns nothing ↵ | Jameson Rollins | |
| (e.g. only line in file is removed) | |||
| 2010-10-29 | fix ssh_proxycommand marginal ui | Jameson Rollins | |
| After the last big code cleanup, the bookkeeping of numbers of processed/valid keys was removed. This was done because most things don't use that info, and it was confusing return codes of top-level functions. The one thing that did use that, though, was the ssh_proxycommand. We fix this by using a global variable to keep track of the number of processed and valid keys. The proxy command can now easily determine when it should output it's marginal ui block. | |||
| 2010-10-29 | fix variable declaration (leftover from break out of touch_key_file_or_fail) | Jameson Rollins | |
| 2010-10-29 | consolidate and simplify printing of key lines in process_keys_for_file | Jameson Rollins | |
| also move hashing of known_hosts lines into ssh2known_hosts function | |||
| 2010-10-25 | ensure that we only remove fully-matching lines once we have found them | Daniel Kahn Gillmor | |
| 2010-10-24 | back to using grep fixed-string matching when removing key lines | Jameson Rollins | |
| This method uses grep -F to find the full line to match, and then second call to grep -v -F to actually remove the line. For known_hosts, we use two piped grep -F calls. No rexexp are used, and only one extra call to grep is required for known_hosts line removal. There is still an issue here about sub-string matches, but there is at least no regression over early versions. | |||
| 2010-10-24 | don't fail if authorized_keys file not present | Jameson Rollins | |
| we create a new function here, touch_key_file_or_fail, which will touch a new key file if there isn't one already present. This is now used in the update_authorized_keys and update_known_hosts functions when looking for authorized_keys and known_hosts respectively. Closes Debian 600644 | |||
| 2010-10-22 | tweak log levels and messages in ma/update_users | Jameson Rollins | |
| 2010-10-19 | fix remove_line function to not use fixed string checking, and to mv -f the ↵ | Jameson Rollins | |
| tmp file into place | |||
| 2010-10-18 | fix remove_monkeysphere_lines function to just read from stdin and write to ↵ | Jameson Rollins | |
| stdout | |||
| 2010-10-18 | fix update_known_hosts to create proper initial temp file | Jameson Rollins | |
| 2010-10-18 | fix back to integer indexing in process_authorized_user_ids | Jameson Rollins | |
| 2010-10-18 | cleanup update_known_hosts | Jameson Rollins | |
| * don't update if unchanged * proper trap setting * cleanup comments | |||
| 2010-10-18 | fix up update_authorized_keys | Jameson Rollins | |
| * better trap handling * don't update file if unchanged * clean up comments | |||
| 2010-10-18 | fix process_keys_for_file so that it can accept '-' as a file, and send ↵ | Jameson Rollins | |
| output to stdout. | |||
| 2010-10-18 | Simplification/refactoring of key/file processing | Jameson Rollins | |
| This is a fairly major overhaul to greatly reduce the number of redundant code paths. We here created a new process_keys_for_file function that processes key from a userid for a given key file. All the main top elevel functions now call this one function. The main top level monkeysphere functions for updating the user's authorized_keys and known_hosts files are now moved to their own sourced files, which greatly reduces the amount of code sourced with common. monkeysphere now updates authorized_keys and known_hosts in temporary files that are then atomically moved into place upon completion. Finally, removed the confusing return codes in the key/file processing functions that were based on number of valid/invalid keys processed. It was confusing in the presence of actual errors that stopped processing. | |||
| 2010-10-17 | fixed bug in remove_monkeysphere_lines function | Jameson Rollins | |
| it was matching MonkeySphere strings as full lines and therefore not actually removing monkeysphere lines. I'm not sure exactly why, upon further consideration, why we actually need to be removing all monkeysphere lines in update_authorized_keys. | |||
| 2010-10-17 | remove unneccessary export of TMP_AUTHORIZED_USER_IDS | Jameson Rollins | |
| 2010-10-17 | fix keys-for-user | Jameson Rollins | |
| This function now properly outputs to stdout exactly what would have been written to the monkeysphere-controlled authorized_keys file, but without actually touching it. | |||
| 2010-10-15 | make sure authorized_keys options lines are skipped in keys-for-user | Jameson Rollins | |
| 2010-10-15 | attempt to fix apostroproblem in ma/keys-for-user | Jameson Rollins | |
| This is an attempt to fix #600304 by properly passing the string litteral in to be processed, instead of escaping problematic characters. | |||
| 2010-10-06 | Fix more calls to gpg_shere, finishing what was started in ↵ | Jameson Rollins | |
| 90166e0bb8e4ebc1c1174d9bc2021c604b7a1bd7 There were another calls to gpg_sphere that were packing everything into a single argument. Since we fixed the need to do that, we fix all these other calls that were fixed in the first round. | |||
| 2010-10-04 | fix need for only single argument to gpg_sphere | Jameson Rollins | |
| The use of $* instead of $@ in the call to su_monkeysphere_user is what we want to not split the input to the bash subcalls into separate words. | |||
| 2010-10-03 | Merge remote branch 'jrollins/master' | Daniel Kahn Gillmor | |
| 2010-10-02 | fix formatting of b3f0bbedbf242d2640d3bc56cce62ae726081400 to conform to ↵ | Jameson Rollins | |
| standard | |||
| 2010-10-02 | add debugging to monkeysphere-host publish-key, closes: #2289 | Micah Anderson | |
| 2010-10-02 | Assume that space- or tab-prefixed lines contain ssh authorized_keys options ↵ | Clint Adams | |
| applicable to the preceding user ID. | |||
| 2010-10-01 | fix revoke_key typo in creating temporary directory | Micah Anderson | |
| fix variable specifying which key to revoke monkeysphere-host revoke-key <key-id> would produce the following errors, this commit fixes that: Really publish this cert to zimmermann.mayfirst.org ? (Y/n) y /usr/share/monkeysphere/mh/revoke_key: line 96: mkmstempdir: command not found gpg: new configuration file `/root/.gnupg/gpg.conf' created gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run gpg: "0x!" not a key ID: skipping | |||
| 2010-09-21 | Merge remote branch 'jamie/master' | Daniel Kahn Gillmor | |
| 2010-09-21 | change log level for outputting message: "! primary key could not be | Jamie McClelland | |
| translated (not RSA?)." from "error" to "verbose" | |||
| 2010-09-14 | fix *all* install paths, including in man pages and transition scripts | Jameson Rollins | |
| 2010-07-04 | Merge remote branch 'dkg/master' | Jameson Rollins | |
| 2010-07-04 | fix debug message in checkperms | Jameson Rollins | |
| 2010-07-04 | add keys-for-user subcommand to monkeysphere-authentication | Jameson Rollins | |
| This subcommand will output all valid key for a given user. The user's authorized_user_ids file will be read for OpenPGP user IDs, one per line. The ssh-formated RSA keys will be output to stdout. Also included is a simple script that takes the user as it's one argument and exec's this command. This is something that would be suitable for the proposed sshd AuthorizedKeysCommand. | |||
| 2010-05-06 | reporting new expiration date when key expiry is updated (closes MS #2291) | Daniel Kahn Gillmor | |
| 2010-05-06 | do not fail or bail when admin interactively declines to publish a key with m-h | Daniel Kahn Gillmor | |
| 2010-05-06 | support x509 anchors for monkeysphere-host, allow shared anchors between m-a ↵ | Daniel Kahn Gillmor | |
| and mh (closes MS #2288) | |||
| 2010-04-17 | do not try to add to known_hosts if HASH_KNOWN_HOSTS is true but ssh-keygen ↵ | Daniel Kahn Gillmor | |
| is not available (includes some comments about how to fix these corner cases). | |||
| 2010-04-17 | degrade gracefully in the absence of ssh | Daniel Kahn Gillmor | |
| 2010-04-17 | handling ssh fingerprinting internally with keytrans for sshfprs-for-userid | Daniel Kahn Gillmor | |
| 2010-04-17 | make comment more nit-pickingly accurate | Daniel Kahn Gillmor | |
| 2010-04-17 | keytrans openpgp2sshfpr now prints out the key size and type | Daniel Kahn Gillmor | |
| 2010-04-17 | added internal openpgp2sshfpr subcommand for keytrans | Daniel Kahn Gillmor | |
| 2010-03-14 | warn if keyserver query fails (Closes: MS #1750) | Daniel Kahn Gillmor | |
| 2010-03-14 | enable use of hkps (closes: MS #1749) | Daniel Kahn Gillmor | |
| 2010-03-08 | fix my email address | Jameson Rollins | |
| 2010-02-18 | enforce --no-armor when exporting to openpgp2ssh in case weird gpg.conf ↵ | Daniel Kahn Gillmor | |
| options (see bug 1625) | |||
| 2010-01-19 | re-work monkeysphere-host diagnostics with an eye toward multiple host keys | Daniel Kahn Gillmor | |
| 2010-01-19 | dump gpg --import error spew to /dev/null during hackish uses of gpg | Daniel Kahn Gillmor | |
 |
index : monkeysphere | |
| Unnamed repository; edit this file 'description' to name the repository. | Jonas Smedegaard |
| summaryrefslogtreecommitdiff |