From 505ee50a409014b55afea3b04c097d976e8b3766 Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@finestructure.net>
Date: Mon, 17 Nov 2008 18:16:04 -0500
Subject: update changelog.

---
 packaging/debian/changelog | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'packaging/debian')

diff --git a/packaging/debian/changelog b/packaging/debian/changelog
index 3b7432b..39e4b33 100644
--- a/packaging/debian/changelog
+++ b/packaging/debian/changelog
@@ -6,6 +6,7 @@ monkeysphere (0.22~pre-1) UNRELEASED; urgency=low
     - added info log output when a new key is added to known_hosts file.
     - added some useful output to the ssh-proxycommand for "marginal"
       cases where keys are found for host but do not have full validity.
+    - force ssh-keygen to read from stdin to get ssh key fingerprint.
 
   [ Daniel Kahn Gillmor ]
 
@@ -13,7 +14,7 @@ monkeysphere (0.22~pre-1) UNRELEASED; urgency=low
     standard ssh public key file, and the other a minimal OpenPGP key with
     just the latest valid self-sig.
 
- -- Jameson Graef Rollins <jrollins@finestructure.net>  Sun, 16 Nov 2008 03:22:08 -0500
+ -- Jameson Graef Rollins <jrollins@finestructure.net>  Mon, 17 Nov 2008 18:15:43 -0500
 
 monkeysphere (0.21-2) unstable; urgency=low
 
-- 
cgit v1.2.3


From 4ef516a39c3783287b4efa9f1147df1e0499e4fd Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Tue, 25 Nov 2008 12:15:51 -0500
Subject: fixing dependency information -- should be procmail, not procfile.

---
 packaging/debian/changelog | 4 +++-
 packaging/debian/control   | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

(limited to 'packaging/debian')

diff --git a/packaging/debian/changelog b/packaging/debian/changelog
index 39e4b33..a4b1f66 100644
--- a/packaging/debian/changelog
+++ b/packaging/debian/changelog
@@ -13,8 +13,10 @@ monkeysphere (0.22~pre-1) UNRELEASED; urgency=low
     - automatically output two copies of the host's public key: one
     standard ssh public key file, and the other a minimal OpenPGP key with
     just the latest valid self-sig.
+    - debian/control: corrected alternate dependency from procfile to
+    procmail (which provides /usr/bin/lockfile)
 
- -- Jameson Graef Rollins <jrollins@finestructure.net>  Mon, 17 Nov 2008 18:15:43 -0500
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Tue, 25 Nov 2008 12:13:58 -0500
 
 monkeysphere (0.21-2) unstable; urgency=low
 
diff --git a/packaging/debian/control b/packaging/debian/control
index 4c836b4..52eccf3 100644
--- a/packaging/debian/control
+++ b/packaging/debian/control
@@ -11,7 +11,7 @@ Dm-Upload-Allowed: yes
 
 Package: monkeysphere
 Architecture: any
-Depends: openssh-client, gnupg, coreutils (>= 6) | base64, lockfile-progs | procfile, adduser, ${shlibs:Depends}
+Depends: openssh-client, gnupg, coreutils (>= 6) | base64, lockfile-progs | procmail, adduser, ${shlibs:Depends}
 Recommends: netcat | socat, ssh-askpass
 Enhances: openssh-client, openssh-server
 Description: use the OpenPGP web of trust to verify ssh connections
-- 
cgit v1.2.3


From 17d1afbd637b8e14fbbd7ec690952b0b49a30d81 Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@finestructure.net>
Date: Fri, 28 Nov 2008 14:57:44 -0500
Subject: 0.22 release preperation.

---
 packaging/debian/changelog                       |  6 +++---
 packaging/freebsd/security/monkeysphere/Makefile |  2 +-
 packaging/freebsd/security/monkeysphere/distinfo |  6 +++---
 packaging/rpm/monkeysphere.spec                  | 11 ++---------
 4 files changed, 9 insertions(+), 16 deletions(-)

(limited to 'packaging/debian')

diff --git a/packaging/debian/changelog b/packaging/debian/changelog
index a4b1f66..c917562 100644
--- a/packaging/debian/changelog
+++ b/packaging/debian/changelog
@@ -1,7 +1,7 @@
-monkeysphere (0.22~pre-1) UNRELEASED; urgency=low
+monkeysphere (0.22-1) unstable; urgency=low
 
   * New upstream release:
-  [ Jameson Rollins ]
+  [ Jameson Graef Rollins ]
 
     - added info log output when a new key is added to known_hosts file.
     - added some useful output to the ssh-proxycommand for "marginal"
@@ -16,7 +16,7 @@ monkeysphere (0.22~pre-1) UNRELEASED; urgency=low
     - debian/control: corrected alternate dependency from procfile to
     procmail (which provides /usr/bin/lockfile)
 
- -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Tue, 25 Nov 2008 12:13:58 -0500
+ -- Jameson Graef Rollins <jrollins@finestructure.net>  Fri, 28 Nov 2008 14:23:31 -0500
 
 monkeysphere (0.21-2) unstable; urgency=low
 
diff --git a/packaging/freebsd/security/monkeysphere/Makefile b/packaging/freebsd/security/monkeysphere/Makefile
index 984bc87..976f543 100644
--- a/packaging/freebsd/security/monkeysphere/Makefile
+++ b/packaging/freebsd/security/monkeysphere/Makefile
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=      monkeysphere
-PORTVERSION=   0.19
+PORTVERSION=   0.22~pre
 CATEGORIES=    security
 MASTER_SITES=  http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/
 # hack for debian orig tarballs
diff --git a/packaging/freebsd/security/monkeysphere/distinfo b/packaging/freebsd/security/monkeysphere/distinfo
index 86aecd1..51edfbe 100644
--- a/packaging/freebsd/security/monkeysphere/distinfo
+++ b/packaging/freebsd/security/monkeysphere/distinfo
@@ -1,3 +1,3 @@
-MD5 (monkeysphere_0.19.orig.tar.gz) = 64c643dd0ab642bbc8814aec1718000e
-SHA256 (monkeysphere_0.19.orig.tar.gz) = 321b77c1e10fe48ffbef8491893f5dd22842c35c11464efa7893150ce756a522
-SIZE (monkeysphere_0.19.orig.tar.gz) = 68335
+MD5 (monkeysphere_0.22~pre.orig.tar.gz) = fd19f09ed9a720f673d74c9cb58e9d6d
+SHA256 (monkeysphere_0.22~pre.orig.tar.gz) = 337c7fdb93b697fba5a9e35cdff2b5faf0e4914fd8beab7994b456d58d19abb6
+SIZE (monkeysphere_0.22~pre.orig.tar.gz) = 69345
diff --git a/packaging/rpm/monkeysphere.spec b/packaging/rpm/monkeysphere.spec
index 5bfc774..9e32837 100644
--- a/packaging/rpm/monkeysphere.spec
+++ b/packaging/rpm/monkeysphere.spec
@@ -7,9 +7,6 @@ Group: net
 URL: http://web.monkeysphere.info/
 
 Source: http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/monkeysphere_%{version}.orig.tar.gz
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
-
-BuildRequires: libgnutls-dev
 
 %description
 SSH key-based authentication is tried-and-true, but it lacks a true
@@ -25,22 +22,18 @@ License (GPL).
 %setup -q
 
 %build
-%configure --disable-debug
 %{__make}
 
 %install
 %{__rm} -rf %{buildroot}
+Prefix=%{buildroot}/usr
 %makeinstall
-%find_lang %{name}
 
 %clean
 %{__rm} -rf %{buildroot}
 
-%files -f %{name}.lang
+%files
 %defattr(-, root, root, 0755)
-%doc AUTHORS ChangeLog INSTALL NEWS TODO README COPYING
-%{_bindir}/monkeysphere
-%{_datadir}/monkeysphere/
 
 %changelog
 * Sat Nov 22 2008 - 
-- 
cgit v1.2.3


From 34af6daef32adbb7964e4fd1354eaaa737adc4ac Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@finestructure.net>
Date: Sun, 30 Nov 2008 17:15:56 -0500
Subject: add new check_host_keyring function for better checks for the
 existence of a host private key for functions that require it to be there.

---
 packaging/debian/changelog |  8 ++++++++
 src/monkeysphere-server    | 24 ++++++++++++++++++++----
 2 files changed, 28 insertions(+), 4 deletions(-)

(limited to 'packaging/debian')

diff --git a/packaging/debian/changelog b/packaging/debian/changelog
index c917562..2aaa9ca 100644
--- a/packaging/debian/changelog
+++ b/packaging/debian/changelog
@@ -1,3 +1,11 @@
+monkeysphere (0.23~pre-1) UNRELEASED; urgency=low
+
+  * New upstream release:
+    - added better checks for the existence of a host private key for
+      functions that require it to be there.
+
+ -- Jameson Graef Rollins <jrollins@finestructure.net>  Sun, 30 Nov 2008 17:14:50 -0500
+
 monkeysphere (0.22-1) unstable; urgency=low
 
   * New upstream release:
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index a1844ee..388e50b 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -117,6 +117,16 @@ gpg_authentication() {
     su_monkeysphere_user "gpg $@"
 }
 
+# function to check for host secret keys
+# fails if host sec key exists, exits true otherwise
+check_host_keyring() {
+    if ! gpg_host --list-secret-keys --fingerprint \
+	--with-colons --fixed-list-mode 2>/dev/null | grep -q '^sec:' ; then
+
+	failure "You don't appear to have a Monkeysphere host key on this server.  Please run 'monkeysphere-server gen-key' first."
+    fi
+}
+
 # output just key fingerprint
 fingerprint_server_key() {
     gpg_host --list-secret-keys --fingerprint \
@@ -337,6 +347,7 @@ gen_key() {
     userID="ssh://${hostName}"
 
     # check for presense of key with user ID
+    # FIXME: is this the proper test to be doing here?
     if gpg_host --list-key ="$userID" > /dev/null 2>&1 ; then
 	failure "Key for '$userID' already exists"
     fi
@@ -411,10 +422,6 @@ extend_key() {
     local fpr=$(fingerprint_server_key)
     local extendTo="$1"
 
-    if [ -z "$fpr" ] ; then
-	failure "You don't appear to have a MonkeySphere host key on this server.  Try 'monkeysphere-server gen-key' first."
-    fi
-
     # get the new expiration date
     extendTo=$(get_gpg_expiration "$extendTo")
 
@@ -990,6 +997,7 @@ shift
 
 case $COMMAND in
     'update-users'|'update-user'|'u')
+	check_host_keyring
 	update_users "$@"
 	;;
 
@@ -998,22 +1006,27 @@ case $COMMAND in
 	;;
 
     'extend-key'|'e')
+	check_host_keyring
 	extend_key "$@"
 	;;
 
     'add-hostname'|'add-name'|'n+')
+	check_host_keyring
 	add_hostname "$@"
 	;;
 
     'revoke-hostname'|'revoke-name'|'n-')
+	check_host_keyring
 	revoke_hostname "$@"
 	;;
 
     'show-key'|'show'|'s')
+	check_host_keyring
 	show_server_key
 	;;
 
     'publish-key'|'publish'|'p')
+	check_host_keyring
 	publish_server_key
 	;;
 
@@ -1022,14 +1035,17 @@ case $COMMAND in
 	;;
 
     'add-identity-certifier'|'add-id-certifier'|'add-certifier'|'c+')
+	check_host_keyring
 	add_certifier "$@"
 	;;
 
     'remove-identity-certifier'|'remove-id-certifier'|'remove-certifier'|'c-')
+	check_host_keyring
 	remove_certifier "$@"
 	;;
 
     'list-identity-certifiers'|'list-id-certifiers'|'list-certifiers'|'list-certifier'|'c')
+	check_host_keyring
 	list_certifiers "$@"
 	;;
 
-- 
cgit v1.2.3