summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2009-02-17add test to su_monkeysphere_user to check that the user isJameson Graef Rollins
monkeysphere user or root, and fail otherwise. this is so that there is no password prompt for unpriviledged users (see bug #519).
2009-02-17add some checks about setup to authenticationJameson Graef Rollins
2009-02-17rename create_gpg_pub_file to be update_gpg_pub_file, and add it toJameson Graef Rollins
every function that alters the host keyring, so that all changes will show up in exported pub key file, and in show-key.
2009-02-17Merge commit 'dkg/master'Jameson Graef Rollins
2009-02-17tweak the show-key output, and fix some comments.Jameson Graef Rollins
2009-02-17set ultimate ownertrust on hostkey after importJameson Graef Rollins
2009-02-17update m-a list-identity-certifiers: output is not yet human-readable, but ↵Daniel Kahn Gillmor
it should be more accurate.
2009-02-17fix a couple of left over references to expertJameson Graef Rollins
2009-02-17check host for gpg pub key file instead of fingerprint, and modify show_key ↵Jameson Graef Rollins
to be able to show full key info to all users.
2009-02-16make host show_key use just the pgp pub key file to get the ssh fingerprint, ↵Jameson Graef Rollins
as it should have been doing before
2009-02-16add some minimal checks to import_key that the default hostname is legitimate.Jameson Graef Rollins
2009-02-16fix reference to HOST_FINGERPRINT in show-key, and fix some referencesJameson Graef Rollins
to "expert" in test.
2009-02-16REMOVE GEN_KEY. The gen_key function is entirely removed. DecidedJameson Graef Rollins
this was OK now that import_key works, and we can't really see a reason to keep it around. We can resurect it down the line if need be. Also, removed "expert" subcommand, after promting import_key, since it may be need semi-regularly. The other "expert" commands are now just not listed in the usage.
2009-02-16Stop all creation of a ssh_host_rsa_key.pub. Use openpgp2ssh to getJameson Graef Rollins
the fingerprint from the host pgp public key. Prevents us from having to maintain the ssh pub key file, and generally makes things simpler. Also allows us to go back to having import_key take the key on stdin (which dkg will like).
2009-02-16start script to do a 0.22 -> 0.23 transition. still needs work (UNTESTED).Jameson Graef Rollins
2009-02-16make sure MHTMPDIR is defined and createdJameson Graef Rollins
2009-02-16fix a bad reference to MATMPDIRJameson Graef Rollins
2009-02-15unbreakout some functions that were broken out earlier for handling creating ↵Jameson Graef Rollins
ssh key files, since they are actually done in different ways under different circumstances.
2009-02-15Change import_key to take the path to the file to import as an argument. ↵Jameson Graef Rollins
dkg won't like this, but I think it's necessary so that we can generate the ssh pub key file, which is needed for subsequenty works.
2009-02-15fix the publish_key function for new gpg_sphere.Jameson Graef Rollins
2009-02-15have the import_key also create the ssh pub file, since it is needed to show ↵Jameson Graef Rollins
full host key info.
2009-02-12fix something that was resolved improperly in the previous merge.Jameson Graef Rollins
2009-02-12Merge commit 'dkg/master'Jameson Graef Rollins
Conflicts: src/share/ma/setup
2009-02-12fix some calls to gpg_sphere that where not putting all arguments into a ↵Jameson Graef Rollins
single argument, as required by the strange su requirements.
2009-02-12trust level != trust modelDaniel Kahn Gillmor
2009-02-12fix the su_monkeysphere_user function so that it does 'bash -c' instead of ↵Jameson Graef Rollins
'eval', if the user already is the monkeysphere user, so that a proper subshell is invoked.
2009-02-12su_monkeysphere_user now invokes a subshell even when already called by the ↵Daniel Kahn Gillmor
monkeysphere user.
2009-02-12tweak some of the log output inconsequentiallyJameson Graef Rollins
2009-02-12no longer require the primary-keyring for the sphere gpg.conf now that we ↵Daniel Kahn Gillmor
use a single keyring
2009-02-12fix typoDaniel Kahn Gillmor
2009-02-12fix some things in ma certifier functions:Jameson Graef Rollins
- fix left over bad invocations of gpg_sphere --list-keys - add some more debug log output
2009-02-12Fix the ma/setup function:Jameson Graef Rollins
- fix reference to MONKEYSPHERE_USER for GNUPGHOME_SPHERE - break out core_fingerprint function - export core key to sphere keyring (necessary) - fix some logging (add more debug) and formatting
2009-02-12fix reference to MONKEYSPHER_USER in ma/setupJameson Graef Rollins
2009-02-12add some debug logging to some common functionsJameson Graef Rollins
2009-02-12add ability to supress confirmation prompt in ma/add_certifierJameson Graef Rollins
fix some logging output
2009-02-12clean up how trust level was check in ma/setup, with some debug outputJameson Graef Rollins
2009-02-12break out a bunch of common functions in monkeysphere-host:Jameson Graef Rollins
- create_*_*_file to create the key files - load_*fingerprint to load the host fingerprint into an exported variable (HOST_FINGERPRINT) - check_host_*key to check for the presence of a host key modified {import,gen}_key to use these new functions.
2009-02-09add much of an add_revoker function. still needs to be fleshed outJameson Graef Rollins
and tested, though, so it's not "active" yet.
2009-02-09small formatting tweaks to add_certifier functionJameson Graef Rollins
2009-02-09rename function to get the host fingerprint, and fix someJameson Graef Rollins
HOST_FINGERPRINT variables.
2009-02-09fix name of set_expire functionJameson Graef Rollins
2009-02-09break su_monkeysphere_user into common function, since it will likelyJameson Graef Rollins
be needed by both m-host and m-auth for communicating with keyservers.
2009-02-09define variable for public key files (HOST_KEY_PUB, HOST_KEY_PUB_GPG).Jameson Graef Rollins
also, fix some function calls to check_host_fail function.
2009-02-09a couple of small fixes to the {gen,import}_key functionsJameson Graef Rollins
2009-02-09Break out host export commands into gpg_host_export andJameson Graef Rollins
gpg_host_export_to_ssh_file functions, and update the {gen,import}_key functions accordingly.
2009-02-08Merge commit 'dkg/master'Jameson Graef Rollins
2009-02-08Some rearragement/cleanup in the monkeysphere-host:Jameson Graef Rollins
- define exported variable to hold host key fingerprint (HOST_FINGERPRINT) - broke out some common commands into simpler functions - rename the 'extend_key' function to be 'set_expire', since function is more generically offered now.
2009-02-05m-a setup: take advantage of the new ability of pem2openpgp to generate its ↵Daniel Kahn Gillmor
own key.
2009-02-05updated pem2openpgp invocation in m-h import-keyDaniel Kahn Gillmor
2009-02-05pem2openpgp now supports generating the key as an alternative to reading it ↵Daniel Kahn Gillmor
from stdin.