summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2009-03-18modify the ssh_proxycommand marginal ui output so that it betterJameson Graef Rollins
handles the case where the host can not be contacted. the new system attempts to retrieve the host ssh key before any ui output is made. this should make things a little clearer in this corner case, and make things a little more flexible down the line.
2009-03-10Merge commit 'dkg/master'Jameson Graef Rollins
2009-03-10cleaning up a lingering non-portable mktemp invocation.Daniel Kahn Gillmor
2009-03-07fix the marginal ui output so that it's not prefixed by theJameson Graef Rollins
LOG_PREFIX. also make sure to always export the LOG_PREFIX, so that it gets passed to subprocces su_monkeysphere_user.
2009-03-03fix to logging to prefix all log output with log prefix, and allow changing ↵Jameson Graef Rollins
of log prefix.
2009-03-03quieted down m-a add_certifier: there is no reason why the admin should be ↵Daniel Kahn Gillmor
shown gpg noise.
2009-03-03transitions/0.23: when backing up old gnupg-{host,authentication}, timestamp ↵Daniel Kahn Gillmor
backups so that they are relatively unique: this makes collisions less likely if the script gets run twice (failing the first time), and helps record the history of the cleanup as well
2009-03-02quieting down the transition script (and m-a setup).Daniel Kahn Gillmor
2009-03-02added ability to specify subkeys to add to agent with ↵Jameson Graef Rollins
MONKEYSPHERE_SUBKEYS_FOR_AGENT variable.
2009-03-02usage review/tweaks for m-a and m-hDaniel Kahn Gillmor
2009-03-02fix remove_monkeysphere_line function to properly handle empty files.Jameson Graef Rollins
2009-03-02very small tweaks to usages.Jameson Graef Rollins
2009-03-02get rid of FILE_OWNER variable, in favor of just using $(whoami) whenJameson Graef Rollins
running check_key_file_permissions in update_known_hosts, update_authorized_keys, and process_authorized_user_ids. this is fine, since the policy is just that a user is always updating their own files. closes monkeysphere bug #630.
2009-03-01proposed fix for issue 630; since m-a u operates on a saved copy of the ↵Daniel Kahn Gillmor
users authorized_user_ids file, we should only check filesystem permissions against the monkeysphere user, not the target user.
2009-03-01refer to the m-h set-expire instead of m-h extend-key in m-h diagnostics.Daniel Kahn Gillmor
2009-03-01switched $USER to $FILE_OWNER; new name is more semantically clear and less ↵Daniel Kahn Gillmor
likely to collide with other common uses of $USER.
2009-03-01add defaultenv file that was missed in ebd776722e0fd6dfacc79146c368d148f0e266cbJameson Graef Rollins
2009-03-01explicity set the USER variable, since it's needed for checking file ↵Jameson Graef Rollins
permissions. add/modify some debug messages.
2009-03-01break out default variables into their own file: defaultenvJameson Graef Rollins
this allows the common file to be sourced without reseting variables to their defaults, which was causing a problem with su_monkeysphere_user. also added some more debug messages.
2009-03-01normalizing failure invocations in check_gpg_sec_key_id().Daniel Kahn Gillmor
2009-03-01Merge commit 'jrollins/master'Daniel Kahn Gillmor
2009-03-01updating header comments in keytrans now that it serves two purposes.Daniel Kahn Gillmor
2009-03-01fix two bugs in monkeysphere:check_gpg_sec_key_id that were causing ↵Jameson Graef Rollins
gen_subkey to fail
2009-03-01removed base64 invocation in favor of perl to reduce dependency spread.Daniel Kahn Gillmor
2009-03-01transition to the perl-based keytrans implementation.Daniel Kahn Gillmor
2009-03-01removed test_gnu_dummy_s2k_extension(); no longer necessaryDaniel Kahn Gillmor
2009-03-01fix rounding issue. Thanks, Richard K Darst!Daniel Kahn Gillmor
2009-02-28openpgp2ssh in ms-host show-key function takes the host gpg key from the ↵Jameson Graef Rollins
temporary gpghome, instead of from the saved ssh_host_key_rsa.pub.gpg key file.
2009-02-28test for presence of User ID in pem2openpgp.Daniel Kahn Gillmor
2009-02-28outputting secret key material now with perl-only openpgp2ssh.Daniel Kahn Gillmor
2009-02-28further perl-only openpgp2ssh work. public keys are now translated.Daniel Kahn Gillmor
2009-02-28calculating and emitting key fingerprints in openpgp2ssh rewrite.Daniel Kahn Gillmor
2009-02-28successfully parsing out the packets in pem2openpgp keytrans operation.Daniel Kahn Gillmor
2009-02-28start to make an openpgp2ssh implementation within pem2openpgp.Daniel Kahn Gillmor
2009-02-28make pem2openpgp closer to a generic keytrans so that we can reuse it for ↵Daniel Kahn Gillmor
the openpgp2ssh replacement.
2009-02-28rewrite stdin slurping to match example in perldoc -f unpack.Daniel Kahn Gillmor
2009-02-28functionalize the bulk of pem2openpgp.Daniel Kahn Gillmor
2009-02-28made transitions/0.23 a little bit more resilient; made it so that running ↵Daniel Kahn Gillmor
again after a failure is not fooled by the previous failure into thinking that the transition is done.
2009-02-28transition script should ensure that the (old, deprecated) ↵Daniel Kahn Gillmor
monkeysphere-server.conf gets renamed to monkeysphere-authentication.conf
2009-02-22egrep -q terminates at the first match. m-a list-identity-certifiers chokes ↵Daniel Kahn Gillmor
if it cannot write to stdout. Because we are setting pipefail, this causes the pipeline checking for any certifiers to return untrue. solution? do not use -q, and send the output to /dev/null
2009-02-22really really fix m-a diagnostics checking of identity certifiers.Daniel Kahn Gillmor
2009-02-22fix some return code setting stuf that was no longer being used, and change ↵Jameson Graef Rollins
name of return code variable in update_users, since all-caps variables should be reserved for global vars.
2009-02-22Fix how version number is saved/retrieved. Version is now stored inJameson Graef Rollins
VERSION file, which is created in the tarball target. This is then installed at /usr/share/monkeysphere/VERSION, and cat'ed when the version number is requested by the front-end ui. No more manual setting of version number required (to avoid future problems, aka "0.23.1"). This system is also more flexible, as the VERSION file could potentially hold more info than just the release number.
2009-02-21reverse sense of test for valid identity certifiers in m-a diagnostics.Daniel Kahn Gillmor
2009-02-21added some FIXMEs to transitions/0.23, concerning host keys that were ↵Daniel Kahn Gillmor
originally created with an expiration date.
2009-02-21fix syntax error in m-a diagnostics.Daniel Kahn Gillmor
2009-02-21preparing for stupid brown paper bag 0.23.1 release.Daniel Kahn Gillmor
2009-02-21fixing stupid internal version number synchronization.Daniel Kahn Gillmor
2009-02-21adjusting extraction of revokers.Daniel Kahn Gillmor
2009-02-21make show-key so that it works even if there are no revokers.Jameson Graef Rollins