summaryrefslogtreecommitdiff
path: root/src/share
AgeCommit message (Collapse)Author
2009-02-19fail if hostname can not be determined in import_keyJameson Graef Rollins
2009-02-19Merge commit 'dkg/master'Jameson Graef Rollins
2009-02-19Merge commit 'dkg/master'Jameson Graef Rollins
2009-02-19add PROMPT respect in get_gpg_expirationJameson Graef Rollins
2009-02-19add some log debug redirectsJameson Graef Rollins
2009-02-19making clearer comments in the transition script, invoking from postinst for ↵Daniel Kahn Gillmor
debian.
2009-02-19shipping transition script; requiring manual version synchronization between ↵Daniel Kahn Gillmor
common and the changelog (until we come up with a more general templating build process)
2009-02-19Merge commit 'dkg/master'Jameson Graef Rollins
2009-02-19tweak some of the prompting, to change defaults, and add PROMPT usage where ↵Jameson Graef Rollins
missing
2009-02-19made gpg_sphere use --quiet again, and now doing more explicit extraction of ↵Daniel Kahn Gillmor
key fingerprint during add-certifier from file.
2009-02-19Merge commit 'dkg/master'Jameson Graef Rollins
2009-02-19Cleanup how variables are specified and loaded:Jameson Graef Rollins
- define more common variables in share/common - cleanup how defaults are specified - fix how CHECK_KEYSERVER was determined in monkeysphere Fix calls to update_known_hosts and update_authorized_keys in monkeysphere so that some of the checks are done within the functions themselves, as opposed in the monkeysphere wrapper, so that other functions can call them easier. Fix ssh-proxycommand that had some left over cruft from the transition.
2009-02-19clean up failure messageDaniel Kahn Gillmor
2009-02-19catch pipe failures more cleanly during key importDaniel Kahn Gillmor
2009-02-19moved directory for monkeysphere-generated authorized_keys files back to its ↵Daniel Kahn Gillmor
old location at /var/lib/monkeysphere/authorized_keys
2009-02-18new msmktempdir function, to simplify making temporary directories. remove ↵Jameson Graef Rollins
MHTMPDIR, since it's not needed.
2009-02-18add no-tty, quiet, and no-greeting to gpg wrapper invocations to supress as ↵Jameson Graef Rollins
much gpg output as possible. then cleanup gpg invocations.
2009-02-18fix some log outputJameson Graef Rollins
2009-02-17Merge commit 'jrollins/master'Daniel Kahn Gillmor
2009-02-17make m-a list-certifiers more intelligible when multiple uids have ltsigs.Daniel Kahn Gillmor
2009-02-17fix ma so that the setup command is folded into the other commands, soJameson Graef Rollins
it's never needed to be run manually, and can therefore be supressed in the usage/documentation. Also, add setup to the postinst script so that it's setup on installation. Also add pipefail to ma, and try to supress unnecessary gpg output, and redirect other to log debug.
2009-02-17describe the motivation for our current su_monkeysphere_user implementation.Daniel Kahn Gillmor
2009-02-17remove setting of ultimate owner trust on imported host key, since we ↵Jameson Graef Rollins
probably don't want the host keyring to be accepting any certifications for anything.
2009-02-17add ability to bypass prompting with a MONKEYSPHERE_PROMPT variable,Jameson Graef Rollins
for functions that prompt for confirmation. Also fix publish_key function (NOT TESTED).
2009-02-17add test to su_monkeysphere_user to check that the user isJameson Graef Rollins
monkeysphere user or root, and fail otherwise. this is so that there is no password prompt for unpriviledged users (see bug #519).
2009-02-17add some checks about setup to authenticationJameson Graef Rollins
2009-02-17rename create_gpg_pub_file to be update_gpg_pub_file, and add it toJameson Graef Rollins
every function that alters the host keyring, so that all changes will show up in exported pub key file, and in show-key.
2009-02-17Merge commit 'dkg/master'Jameson Graef Rollins
2009-02-17tweak the show-key output, and fix some comments.Jameson Graef Rollins
2009-02-17set ultimate ownertrust on hostkey after importJameson Graef Rollins
2009-02-17update m-a list-identity-certifiers: output is not yet human-readable, but ↵Daniel Kahn Gillmor
it should be more accurate.
2009-02-17fix a couple of left over references to expertJameson Graef Rollins
2009-02-16add some minimal checks to import_key that the default hostname is legitimate.Jameson Graef Rollins
2009-02-16REMOVE GEN_KEY. The gen_key function is entirely removed. DecidedJameson Graef Rollins
this was OK now that import_key works, and we can't really see a reason to keep it around. We can resurect it down the line if need be. Also, removed "expert" subcommand, after promting import_key, since it may be need semi-regularly. The other "expert" commands are now just not listed in the usage.
2009-02-16Stop all creation of a ssh_host_rsa_key.pub. Use openpgp2ssh to getJameson Graef Rollins
the fingerprint from the host pgp public key. Prevents us from having to maintain the ssh pub key file, and generally makes things simpler. Also allows us to go back to having import_key take the key on stdin (which dkg will like).
2009-02-16make sure MHTMPDIR is defined and createdJameson Graef Rollins
2009-02-15unbreakout some functions that were broken out earlier for handling creating ↵Jameson Graef Rollins
ssh key files, since they are actually done in different ways under different circumstances.
2009-02-15Change import_key to take the path to the file to import as an argument. ↵Jameson Graef Rollins
dkg won't like this, but I think it's necessary so that we can generate the ssh pub key file, which is needed for subsequenty works.
2009-02-15fix the publish_key function for new gpg_sphere.Jameson Graef Rollins
2009-02-15have the import_key also create the ssh pub file, since it is needed to show ↵Jameson Graef Rollins
full host key info.
2009-02-12fix something that was resolved improperly in the previous merge.Jameson Graef Rollins
2009-02-12Merge commit 'dkg/master'Jameson Graef Rollins
Conflicts: src/share/ma/setup
2009-02-12fix some calls to gpg_sphere that where not putting all arguments into a ↵Jameson Graef Rollins
single argument, as required by the strange su requirements.
2009-02-12trust level != trust modelDaniel Kahn Gillmor
2009-02-12fix the su_monkeysphere_user function so that it does 'bash -c' instead of ↵Jameson Graef Rollins
'eval', if the user already is the monkeysphere user, so that a proper subshell is invoked.
2009-02-12su_monkeysphere_user now invokes a subshell even when already called by the ↵Daniel Kahn Gillmor
monkeysphere user.
2009-02-12tweak some of the log output inconsequentiallyJameson Graef Rollins
2009-02-12no longer require the primary-keyring for the sphere gpg.conf now that we ↵Daniel Kahn Gillmor
use a single keyring
2009-02-12fix typoDaniel Kahn Gillmor
2009-02-12fix some things in ma certifier functions:Jameson Graef Rollins
- fix left over bad invocations of gpg_sphere --list-keys - add some more debug log output