Age | Commit message (Collapse) | Author | |
---|---|---|---|
2009-03-02 | get rid of FILE_OWNER variable, in favor of just using $(whoami) when | Jameson Graef Rollins | |
running check_key_file_permissions in update_known_hosts, update_authorized_keys, and process_authorized_user_ids. this is fine, since the policy is just that a user is always updating their own files. closes monkeysphere bug #630. | |||
2009-03-01 | proposed fix for issue 630; since m-a u operates on a saved copy of the ↵ | Daniel Kahn Gillmor | |
users authorized_user_ids file, we should only check filesystem permissions against the monkeysphere user, not the target user. | |||
2009-03-01 | refer to the m-h set-expire instead of m-h extend-key in m-h diagnostics. | Daniel Kahn Gillmor | |
2009-03-01 | switched $USER to $FILE_OWNER; new name is more semantically clear and less ↵ | Daniel Kahn Gillmor | |
likely to collide with other common uses of $USER. | |||
2009-03-01 | add defaultenv file that was missed in ebd776722e0fd6dfacc79146c368d148f0e266cb | Jameson Graef Rollins | |
2009-03-01 | explicity set the USER variable, since it's needed for checking file ↵ | Jameson Graef Rollins | |
permissions. add/modify some debug messages. | |||
2009-03-01 | break out default variables into their own file: defaultenv | Jameson Graef Rollins | |
this allows the common file to be sourced without reseting variables to their defaults, which was causing a problem with su_monkeysphere_user. also added some more debug messages. | |||
2009-03-01 | updating header comments in keytrans now that it serves two purposes. | Daniel Kahn Gillmor | |
2009-03-01 | removed base64 invocation in favor of perl to reduce dependency spread. | Daniel Kahn Gillmor | |
2009-03-01 | transition to the perl-based keytrans implementation. | Daniel Kahn Gillmor | |
2009-03-01 | removed test_gnu_dummy_s2k_extension(); no longer necessary | Daniel Kahn Gillmor | |
2009-02-22 | egrep -q terminates at the first match. m-a list-identity-certifiers chokes ↵ | Daniel Kahn Gillmor | |
if it cannot write to stdout. Because we are setting pipefail, this causes the pipeline checking for any certifiers to return untrue. solution? do not use -q, and send the output to /dev/null | |||
2009-02-22 | really really fix m-a diagnostics checking of identity certifiers. | Daniel Kahn Gillmor | |
2009-02-22 | fix some return code setting stuf that was no longer being used, and change ↵ | Jameson Graef Rollins | |
name of return code variable in update_users, since all-caps variables should be reserved for global vars. | |||
2009-02-22 | Fix how version number is saved/retrieved. Version is now stored in | Jameson Graef Rollins | |
VERSION file, which is created in the tarball target. This is then installed at /usr/share/monkeysphere/VERSION, and cat'ed when the version number is requested by the front-end ui. No more manual setting of version number required (to avoid future problems, aka "0.23.1"). This system is also more flexible, as the VERSION file could potentially hold more info than just the release number. | |||
2009-02-21 | reverse sense of test for valid identity certifiers in m-a diagnostics. | Daniel Kahn Gillmor | |
2009-02-21 | fix syntax error in m-a diagnostics. | Daniel Kahn Gillmor | |
2009-02-21 | preparing for stupid brown paper bag 0.23.1 release. | Daniel Kahn Gillmor | |
2009-02-21 | fixing stupid internal version number synchronization. | Daniel Kahn Gillmor | |
2009-02-21 | correct return codes for monkeysphere subkey-to-ssh-agent | Daniel Kahn Gillmor | |
2009-02-21 | make sure all prompt messages are going to stderr | Jameson Graef Rollins | |
2009-02-21 | fix output formatting for cases where multiple fingerprints are found, in ↵ | Jameson Graef Rollins | |
functions that are doing that sort of thing | |||
2009-02-21 | Merge commit 'dkg/master' | Jameson Graef Rollins | |
2009-02-21 | add tests to add_revoker and add_certifier that more than one key was not ↵ | Jameson Graef Rollins | |
found when adding by using key ID. | |||
2009-02-21 | un-fix non-typo in ssh_proxycommand. (my mistake!) | Daniel Kahn Gillmor | |
2009-02-21 | fixing typo in ssh_proxycommand. | Daniel Kahn Gillmor | |
2009-02-21 | fix return in subkey_to_ssh_agent, so that it returns, instead of exits | Jameson Graef Rollins | |
2009-02-21 | import-key now requires a hostname be specified, and no longer does | Jameson Graef Rollins | |
any hostname guessing. this is so that we don't have to worry about prompting the user when guessing the hostname. also updated documentation. | |||
2009-02-21 | make sure we're explicitly capturing return codes in places where they are ↵ | Jameson Graef Rollins | |
tested, in case things are being run set -e | |||
2009-02-21 | fix failure message in import_key | Jameson Graef Rollins | |
2009-02-20 | tweak/cleanup some of the prompts. | Jameson Graef Rollins | |
2009-02-20 | tuning some diagnostic text. | Daniel Kahn Gillmor | |
2009-02-20 | tune automated revocation certificate description; add FIXME to allow it to ↵ | Daniel Kahn Gillmor | |
be set explicitly. | |||
2009-02-20 | monkeysphere-host revoke-key should now be capable of publishing the | Daniel Kahn Gillmor | |
revocation certificate to the keyservers directly, should the admin want that. It can also run without prompting, if MONKEYSPHERE_PROMPT=false. In the no-prompts case, it never publishes to the keyserver, it indicates that the key was compromised, and it writes a boilerplate description to make it easy to identify this kind of certificate. | |||
2009-02-20 | trivial implementation of monkeysphere-host revoke-key: just prints ↵ | Daniel Kahn Gillmor | |
ascii-armored revocation certificate to stdout, and admin is expected to know what to do with it. | |||
2009-02-20 | clarify revoke_hostname warning | Daniel Kahn Gillmor | |
2009-02-20 | document why monkeysphere import-subkey is not yet working. | Daniel Kahn Gillmor | |
2009-02-20 | explicitly set GNUPGHOME in su_monkeysphere_user calls to gpg in ↵ | Jameson Graef Rollins | |
add_revoker, to avoid any confusion about having GNUPGHOME as a tempdir exported to the environment. | |||
2009-02-20 | stupid bug fix | Jameson Graef Rollins | |
2009-02-20 | add_revoker fully working. also cleanup of add_certifier. | Jameson Graef Rollins | |
add_revoker and add_certifier to many similar procedures, so I'm trying to keep them in sync as I figure out the right way to handle things. | |||
2009-02-19 | Merge commit 'jrollins/master' | Daniel Kahn Gillmor | |
2009-02-19 | correcting ssh_proxycommand output. | Daniel Kahn Gillmor | |
2009-02-19 | remove import_subkey from monkeysphere usage and man page until we get | Jameson Graef Rollins | |
a chance to fully implement it. | |||
2009-02-19 | clean up the diagnostics functions, check for ID-Certifiers in m-a d | Daniel Kahn Gillmor | |
2009-02-19 | cleaning up output of cruft report | Daniel Kahn Gillmor | |
2009-02-19 | diagnostics should now check for cruft from old versions of the monkeysphere. | Daniel Kahn Gillmor | |
2009-02-19 | fix arg parsing in add_certifier to allow of - for stdin read. | Jameson Graef Rollins | |
2009-02-19 | Modify/cleanup add_certifier and add_revoker, so that their code base | Jameson Graef Rollins | |
is more similar, and so that they can read keys from stdin instead of just from a file. Also fix the permissions on the tempdir in publish_key. | |||
2009-02-19 | the import_subkey function was in fact not implement at all. MUST FIX! | Jameson Graef Rollins | |
2009-02-19 | add a gpg_user function in monkeysphere to add some gpg quieting | Jameson Graef Rollins | |
option, and use it in all gpg invocations. add a trap to subkey_to_ssh_agent. |