summaryrefslogtreecommitdiff
path: root/src/share
AgeCommit message (Collapse)Author
2010-10-18fix up update_authorized_keysJameson Rollins
* better trap handling * don't update file if unchanged * clean up comments
2010-10-18fix process_keys_for_file so that it can accept '-' as a file, and send ↵Jameson Rollins
output to stdout.
2010-10-18Simplification/refactoring of key/file processingJameson Rollins
This is a fairly major overhaul to greatly reduce the number of redundant code paths. We here created a new process_keys_for_file function that processes key from a userid for a given key file. All the main top elevel functions now call this one function. The main top level monkeysphere functions for updating the user's authorized_keys and known_hosts files are now moved to their own sourced files, which greatly reduces the amount of code sourced with common. monkeysphere now updates authorized_keys and known_hosts in temporary files that are then atomically moved into place upon completion. Finally, removed the confusing return codes in the key/file processing functions that were based on number of valid/invalid keys processed. It was confusing in the presence of actual errors that stopped processing.
2010-10-17fixed bug in remove_monkeysphere_lines functionJameson Rollins
it was matching MonkeySphere strings as full lines and therefore not actually removing monkeysphere lines. I'm not sure exactly why, upon further consideration, why we actually need to be removing all monkeysphere lines in update_authorized_keys.
2010-10-17remove unneccessary export of TMP_AUTHORIZED_USER_IDSJameson Rollins
2010-10-17fix keys-for-userJameson Rollins
This function now properly outputs to stdout exactly what would have been written to the monkeysphere-controlled authorized_keys file, but without actually touching it.
2010-10-15make sure authorized_keys options lines are skipped in keys-for-userJameson Rollins
2010-10-15attempt to fix apostroproblem in ma/keys-for-userJameson Rollins
This is an attempt to fix #600304 by properly passing the string litteral in to be processed, instead of escaping problematic characters.
2010-10-06Fix more calls to gpg_shere, finishing what was started in ↵Jameson Rollins
90166e0bb8e4ebc1c1174d9bc2021c604b7a1bd7 There were another calls to gpg_sphere that were packing everything into a single argument. Since we fixed the need to do that, we fix all these other calls that were fixed in the first round.
2010-10-04fix need for only single argument to gpg_sphereJameson Rollins
The use of $* instead of $@ in the call to su_monkeysphere_user is what we want to not split the input to the bash subcalls into separate words.
2010-10-03Merge remote branch 'jrollins/master'Daniel Kahn Gillmor
2010-10-02fix formatting of b3f0bbedbf242d2640d3bc56cce62ae726081400 to conform to ↵Jameson Rollins
standard
2010-10-02add debugging to monkeysphere-host publish-key, closes: #2289Micah Anderson
2010-10-02Assume that space- or tab-prefixed lines contain ssh authorized_keys options ↵Clint Adams
applicable to the preceding user ID.
2010-10-01fix revoke_key typo in creating temporary directoryMicah Anderson
fix variable specifying which key to revoke monkeysphere-host revoke-key <key-id> would produce the following errors, this commit fixes that: Really publish this cert to zimmermann.mayfirst.org ? (Y/n) y /usr/share/monkeysphere/mh/revoke_key: line 96: mkmstempdir: command not found gpg: new configuration file `/root/.gnupg/gpg.conf' created gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run gpg: "0x!" not a key ID: skipping
2010-09-21Merge remote branch 'jamie/master'Daniel Kahn Gillmor
2010-09-21change log level for outputting message: "! primary key could not beJamie McClelland
translated (not RSA?)." from "error" to "verbose"
2010-09-14fix *all* install paths, including in man pages and transition scriptsJameson Rollins
2010-07-04Merge remote branch 'dkg/master'Jameson Rollins
2010-07-04fix debug message in checkpermsJameson Rollins
2010-07-04add keys-for-user subcommand to monkeysphere-authenticationJameson Rollins
This subcommand will output all valid key for a given user. The user's authorized_user_ids file will be read for OpenPGP user IDs, one per line. The ssh-formated RSA keys will be output to stdout. Also included is a simple script that takes the user as it's one argument and exec's this command. This is something that would be suitable for the proposed sshd AuthorizedKeysCommand.
2010-05-06reporting new expiration date when key expiry is updated (closes MS #2291)Daniel Kahn Gillmor
2010-05-06do not fail or bail when admin interactively declines to publish a key with m-hDaniel Kahn Gillmor
2010-05-06support x509 anchors for monkeysphere-host, allow shared anchors between m-a ↵Daniel Kahn Gillmor
and mh (closes MS #2288)
2010-04-17do not try to add to known_hosts if HASH_KNOWN_HOSTS is true but ssh-keygen ↵Daniel Kahn Gillmor
is not available (includes some comments about how to fix these corner cases).
2010-04-17degrade gracefully in the absence of sshDaniel Kahn Gillmor
2010-04-17handling ssh fingerprinting internally with keytrans for sshfprs-for-useridDaniel Kahn Gillmor
2010-04-17make comment more nit-pickingly accurateDaniel Kahn Gillmor
2010-04-17keytrans openpgp2sshfpr now prints out the key size and typeDaniel Kahn Gillmor
2010-04-17added internal openpgp2sshfpr subcommand for keytransDaniel Kahn Gillmor
2010-03-14warn if keyserver query fails (Closes: MS #1750)Daniel Kahn Gillmor
2010-03-14enable use of hkps (closes: MS #1749)Daniel Kahn Gillmor
2010-03-08fix my email addressJameson Rollins
2010-02-18enforce --no-armor when exporting to openpgp2ssh in case weird gpg.conf ↵Daniel Kahn Gillmor
options (see bug 1625)
2010-01-19re-work monkeysphere-host diagnostics with an eye toward multiple host keysDaniel Kahn Gillmor
2010-01-19dump gpg --import error spew to /dev/null during hackish uses of gpgDaniel Kahn Gillmor
2010-01-19ignoring time conflict when extracting info in a hacky way from gpg. ↵Daniel Kahn Gillmor
warnings still come out to stderr
2010-01-19add get_cert_info() to commonDaniel Kahn Gillmor
2010-01-18flesh out check for reasonable-looking service namesDaniel Kahn Gillmor
2010-01-18canonicalize prompting to prompt if MONKEYSPHERE_PROMPT != 'false'Jameson Rollins
2010-01-18add prompt if a service name is already being used then importing a key or ↵Jameson Rollins
adding a name. This can be overridden with the MONKEYSPHERE_PROMPT var.
2010-01-18renaming m-h update_gpg_pub_file to update_pgp_pub_fileDaniel Kahn Gillmor
2010-01-18add check that service name isn't already in use in import_keyJameson Rollins
2010-01-18fix stupid think-o that caused keytrans adduserid to misbehave if another ↵Daniel Kahn Gillmor
key came in the input stream after the desired key was already found
2010-01-18added non-public "keytrans listfprs" subcommandDaniel Kahn Gillmor
2010-01-15Major rework of monkeysphere-host to handle multiple host keys.Jameson Rollins
This rework removes any assumption that monkeysphere-host is just managing a single host key, or that the keys are used specifically for ssh. The UI is exactly backwards compatible except that hostnames ('example.com') must be replaced by full service names ('ssh://example.com'). This incarnation passes the old tests with those changes only. There are a couple of things that still need to be done: - need to see if a transition script is needed (some local file names have changed) - need to fill in check_service_name function to verify that a specified service name fits the expected format. - update diagnostics appropriately
2010-01-15add trap to remove temp dir in list_primary_fingerprints functionJameson Rollins
2010-01-11rename keys-from-userid command to more accurate keys-for-useridJameson Rollins
leave the old command for now, but warn as deprecated.
2010-01-10Fix patch for gen_key to test gpg version.Jameson Rollins
This patch checks the version of gpg (for v1 and v2) and sets the key type command for the gen_subkey gpg edit-key script appropriately.
2010-01-10added notes about what version needs what keyTypeDaniel Kahn Gillmor
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-24 12:53:43 +0000