From adec130f20e374ae0d8f615f45916e27771a0278 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Sat, 21 Feb 2009 18:06:45 -0500
Subject: fixing stupid internal version number synchronization.

---
 src/share/common | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/share/common')

diff --git a/src/share/common b/src/share/common
index 5e0cb6a..a21d803 100644
--- a/src/share/common
+++ b/src/share/common
@@ -21,7 +21,7 @@ SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/etc/monkeysphere"}
 export SYSCONFIGDIR
 
 # monkeysphere version
-VERSION=0.23~pre
+VERSION=0.23
 
 # default log level
 LOG_LEVEL="INFO"
-- 
cgit v1.2.3


From 3492507e7dc279be4e6c703733d8a174d0204d91 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Sat, 21 Feb 2009 18:28:20 -0500
Subject: preparing for stupid brown paper bag 0.23.1 release.

---
 packaging/debian/changelog         |  7 +++++++
 src/share/common                   |  2 +-
 website/download.mdwn              | 36 ++++++++++++++++++------------------
 website/news/release-0.23.1-1.mdwn | 12 ++++++++++++
 4 files changed, 38 insertions(+), 19 deletions(-)
 create mode 100644 website/news/release-0.23.1-1.mdwn

(limited to 'src/share/common')

diff --git a/packaging/debian/changelog b/packaging/debian/changelog
index 50a7071..96b719b 100644
--- a/packaging/debian/changelog
+++ b/packaging/debian/changelog
@@ -1,3 +1,10 @@
+monkeysphere (0.23.1-1) unstable; urgency=low
+
+  * New Upstrem "Brown Paper Bag" Release:
+   - adjusts internal version numbers
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Sat, 21 Feb 2009 18:09:47 -0500
+
 monkeysphere (0.23-1) unstable; urgency=low
   
   "The Golden Bezoar Release"
diff --git a/src/share/common b/src/share/common
index a21d803..0c26a91 100644
--- a/src/share/common
+++ b/src/share/common
@@ -21,7 +21,7 @@ SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/etc/monkeysphere"}
 export SYSCONFIGDIR
 
 # monkeysphere version
-VERSION=0.23
+VERSION=0.23.1
 
 # default log level
 LOG_LEVEL="INFO"
diff --git a/website/download.mdwn b/website/download.mdwn
index cc050a0..db25be6 100644
--- a/website/download.mdwn
+++ b/website/download.mdwn
@@ -77,38 +77,38 @@ For those that would like to download the source directly, [the source
 is available](/community) via [git](http://git.or.cz/).
 
 The [latest
-tarball](http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/monkeysphere_0.23.orig.tar.gz)
+tarball](http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/monkeysphere_0.23.1.orig.tar.gz)
 is also available, and has these checksums:
 
 <pre>
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA1
 
-checksums for the monkeysphere 0.23 release:
+checksums for the monkeysphere 0.23.1 release:
 
 MD5:
-2c3e985884ecf7a5f53825f9034932a3  monkeysphere_0.23.orig.tar.gz
+9ab4a35052b41d6468a4ab4758fd23b2  monkeysphere_0.23.1.orig.tar.gz
 
 SHA1:
-6f03b9d813d48479c86623c7facf634d72da2cb0  monkeysphere_0.23.orig.tar.gz
+1e3004505b5c2cda98194d1241f76303b154aac6  monkeysphere_0.23.1.orig.tar.gz
 
 SHA256:
-7854d9c358b684c2b292b4f3470780d2c7e069466bd228885d6a246e0bd1abde  monkeysphere_0.23.orig.tar.gz
+998b8f8f0c498aa7d58eed6519c23ab9808cb8b622f97f8aa47865b718024d6c  monkeysphere_0.23.1.orig.tar.gz
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.9 (GNU/Linux)
 
-iQIVAwUBSaCGXxjmZ/HrivMUAQKIUhAAs/b+2z+cKkcP3bwfD8ItW377rXY3+ZrV
-pomzhzSuSk52gYxa6QBQ7rgYdWac996VRTSxR14yEM8iLyqxaBpvbvOJCgqv0B51
-VHJiosV8nVqjUXdrOa2iRFqPF3+zaINjsIgJSB5aKCjT6d2sxlYoe5OpIU1JD/yN
-E/ypvO8v3xNZ7V2YU858H2UhT0J2kMmnYPrprgoqgebWrVke/tnQLnGew/A9leel
-ZEWVhWaN+RO6n/obxxKbRHT2cAp2CW/qccFGAf80XB//i7yTD5KxlK1Ls0nLT43H
-3MQPZZsOTKFZsMfOD9Y46CN5ZDm/e3SnGhi7UgW2xDP4QhGihUVYputYHr4lvboA
-uoO2g7JT2MltsuyxFMacscf9tx9cgF80ndHTBUxqDtlh/aK1xlC4tPSwSgQwuKwy
-JabvCz3fwiQbZc08OhB/5DhuDPORhQk2CJJ7HGrN1Sc2Cde0x667rQjI/ckrUC0Y
-PIqXUp8trB+p85tQSSuWJEgxVbNRZ4hVftvNvLECKv7fd0bVdNeVvV57H5ieJ8FR
-adPVaASkhF+pL122t3qC/vSbUi956Hk3pKMT9+05vLnfzYM78A6j1jA4pTvlEzaC
-WWdvL2BvARlhw5OUz4gomCpw5ZSxWjsnF6SHte85UmmunZpmE67/udyvcPqMNzjA
-vG61wNXtmqA=
-=JqmC
+iQIVAwUBSaCKiRjmZ/HrivMUAQLA3A//Tn5R4TI//yPF6T0+swIHH9VnYhFIjitV
+pzm0aWQ/MfygAm24S64edudva6Mgnm5GsDmHzv9Kg0n12+NtCc+VTIH56aMwKO9J
+riT2BalxTny0UaMeIU2gsJP0H5GuEbFWknFMcKGwIKhEuiDKgF/QJNJKNNokBL55
+rivnxKrBKy5f2o2th+RxopA2jzVfUNKWtPlJz52vYyMGn7qkWdWY6zhm48PvHt1P
+9cR3Llzu6uQflVk/PaMZmsW/q8WFEp/9Igsws1GTac4XPl0N5FFwdYmOZRLwu2sF
+k5y7sdH+tZt+sKKuMYTloulj7nq27Zi3THrlqUuanvibWPVLiBTdnIV47fg17YsO
+Pr4UTeOEIxKRsJXTwYhFmToxrO5ehRo7DcPU4Y6+YaaNnneMdR8ZF0FbNmvpkLrU
+wYoT6nkCn/81Wde7G0bc2Lo6RlXPEhRfACQuLkokv2+bbzcsWn16s4TLIJLBi9Ev
+XQ4we8zp16h1wWSssXOk19iEDFIMcJ7lrc37ItEbdmOXdlyG6FlDZWWo9vyR8LDH
+AXEqjSNm0T2o1OjUwmUWSws+Y3cyhNlYMpAtq3u67qkMCBW3zEH4GhDvG6kcvt32
+NizDUn8ClMR4m7znlR3eNlnavYVMETuUutHeGq0lB2N008kbT2S+Ciz539ady7sg
+s2QqAl6xNzo=
+=JCyh
 -----END PGP SIGNATURE-----
 </pre>
diff --git a/website/news/release-0.23.1-1.mdwn b/website/news/release-0.23.1-1.mdwn
new file mode 100644
index 0000000..79b3c05
--- /dev/null
+++ b/website/news/release-0.23.1-1.mdwn
@@ -0,0 +1,12 @@
+[[meta title="Monkeysphere 0.23.1-1 released!"]]
+
+Monkeysphere 0.23.1-1 has been released.  
+
+Notes from the changelog:
+
+<pre>
+  * New Upstrem "Brown Paper Bag" Release:
+   - adjusts internal version numbers
+</pre>
+
+[[Download]] it now!
-- 
cgit v1.2.3


From e71c7bb4dff26178f714cd0fcdbb3058effa4066 Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@finestructure.net>
Date: Sun, 22 Feb 2009 12:07:34 -0500
Subject: Fix how version number is saved/retrieved.  Version is now stored in
 VERSION file, which is created in the tarball target.  This is then installed
 at /usr/share/monkeysphere/VERSION, and cat'ed when the version number is
 requested by the front-end ui.  No more manual setting of version number
 required (to avoid future problems, aka "0.23.1").  This system is also more
 flexible, as the VERSION file could potentially hold more info than just the
 release number.

---
 Makefile                        |  2 ++
 packaging/debian/changelog      |  7 +++++++
 src/monkeysphere                |  2 +-
 src/monkeysphere-authentication |  2 +-
 src/monkeysphere-host           |  2 +-
 src/share/common                |  8 +++++---
 tests/basic                     | 16 ----------------
 utils/preparing-release         |  3 ---
 8 files changed, 17 insertions(+), 25 deletions(-)

(limited to 'src/share/common')

diff --git a/Makefile b/Makefile
index 71df92b..0284a8a 100755
--- a/Makefile
+++ b/Makefile
@@ -24,6 +24,7 @@ tarball: clean
 	mkdir -p monkeysphere-$(MONKEYSPHERE_VERSION)/doc
 	ln -s ../../website/getting-started-user.mdwn ../../website/getting-started-admin.mdwn ../../doc/TODO ../../doc/MonkeySpec monkeysphere-$(MONKEYSPHERE_VERSION)/doc
 	ln -s ../COPYING ../etc ../Makefile ../man ../src ../tests monkeysphere-$(MONKEYSPHERE_VERSION)
+	echo $(MONKEYSPHERE_VERSION) > monkeysphere-$(MONKEYSPHERE_VERSION)/VERSION
 	tar -ch --exclude='*~' monkeysphere-$(MONKEYSPHERE_VERSION) | gzip -n > monkeysphere_$(MONKEYSPHERE_VERSION).orig.tar.gz
 	rm -rf monkeysphere-$(MONKEYSPHERE_VERSION)
 
@@ -50,6 +51,7 @@ install: all installman
 	mkdir -p $(DESTDIR)$(PREFIX)/share/monkeysphere/m $(DESTDIR)$(PREFIX)/share/monkeysphere/mh $(DESTDIR)$(PREFIX)/share/monkeysphere/ma $(DESTDIR)$(PREFIX)/share/monkeysphere/transitions
 	mkdir -p $(DESTDIR)$(ETCPREFIX)/etc/monkeysphere
 	mkdir -p $(DESTDIR)$(PREFIX)/share/doc/monkeysphere
+	install -m 0644 VERSION $(DESTDIR)$(PREFIX)/share/monkeysphere
 	install src/monkeysphere src/keytrans/openpgp2ssh src/keytrans/pem2openpgp $(DESTDIR)$(PREFIX)/bin
 	install src/monkeysphere-host src/monkeysphere-authentication $(DESTDIR)$(PREFIX)/sbin
 	install -m 0644 src/share/common $(DESTDIR)$(PREFIX)/share/monkeysphere
diff --git a/packaging/debian/changelog b/packaging/debian/changelog
index 96b719b..58a80a3 100644
--- a/packaging/debian/changelog
+++ b/packaging/debian/changelog
@@ -1,3 +1,10 @@
+monkeysphere (0.24~pre-1) UNRELEASED; urgency=low
+
+  * New upstream release:
+    - Fixed how version information is stored/retrieved.
+
+ -- Jameson Graef Rollins <jrollins@finestructure.net>  Sun, 22 Feb 2009 12:02:06 -0500
+
 monkeysphere (0.23.1-1) unstable; urgency=low
 
   * New Upstrem "Brown Paper Bag" Release:
diff --git a/src/monkeysphere b/src/monkeysphere
index 371983f..6db4827 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -239,7 +239,7 @@ case $COMMAND in
 	;;
 
     'version'|'v')
-	echo "$VERSION"
+	version
 	;;
 
     '--help'|'help'|'-h'|'h'|'?')
diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication
index 497470d..c009653 100755
--- a/src/monkeysphere-authentication
+++ b/src/monkeysphere-authentication
@@ -199,7 +199,7 @@ case $COMMAND in
 	;;
 
     'version'|'v')
-	echo "$VERSION"
+	version
 	;;
 
     '--help'|'help'|'-h'|'h'|'?')
diff --git a/src/monkeysphere-host b/src/monkeysphere-host
index 1b0de0c..c454354 100755
--- a/src/monkeysphere-host
+++ b/src/monkeysphere-host
@@ -315,7 +315,7 @@ case $COMMAND in
 	;;
 
     'version'|'v')
-	echo "$VERSION"
+	version
 	;;
 
     '--help'|'help'|'-h'|'h'|'?')
diff --git a/src/share/common b/src/share/common
index 0c26a91..b2dcd35 100644
--- a/src/share/common
+++ b/src/share/common
@@ -20,9 +20,6 @@
 SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/etc/monkeysphere"}
 export SYSCONFIGDIR
 
-# monkeysphere version
-VERSION=0.23.1
-
 # default log level
 LOG_LEVEL="INFO"
 
@@ -41,6 +38,11 @@ PROMPT="true"
 ########################################################################
 ### UTILITY FUNCTIONS
 
+# output version info
+version() {
+    cat "${SYSSHAREDIR}/VERSION"
+}
+
 # failure function.  exits with code 255, unless specified otherwise.
 failure() {
     [ "$1" ] && echo "$1" >&2
diff --git a/tests/basic b/tests/basic
index 9308e21..b1fe9ed 100755
--- a/tests/basic
+++ b/tests/basic
@@ -138,22 +138,6 @@ export SOCKET="$TEMPDIR"/ssh-socket
 # *anything* with any running X11 session.
 export DISPLAY=monkeys
 
-## make sure that the version number matches the debian changelog
-## (don't bother if this is being run from the tests).
-
-if [ -f "$TESTDIR"/../packaging/debian/changelog ]; then
-    echo
-    echo "##################################################"
-    echo "### checking version string match..."
-    repver=$(monkeysphere version)
-    debver=$(head -n1 "$TESTDIR"/../packaging/debian/changelog | sed 's/.*(\([^-]*\)-.*/\1/')
-    if [ "$repver" = "$debver" ] ; then
-	echo "Versions match!"
-    else
-	printf "reported version string (%s) does not match debian changelog (%s)\n" "$repver" "$debver"
-	exit 1
-    fi
-fi
 
 ######################################################################
 ### CONFIGURE ENVIRONMENTS
diff --git a/utils/preparing-release b/utils/preparing-release
index 3c7ded5..dd9d224 100644
--- a/utils/preparing-release
+++ b/utils/preparing-release
@@ -3,9 +3,6 @@
  * make sure that packaging/debian/changelog has a reasonable version
    number.
 
- * make sure that src/share/common contains the upstream part of that
-   version number in the VERSION= line
-
  * make tarball
 
  * make releasenote
-- 
cgit v1.2.3


From ef9a47ba86dbd16bbff44cc01e5a2485823bbbdd Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Sun, 1 Mar 2009 04:03:57 -0500
Subject: removed test_gnu_dummy_s2k_extension(); no longer necessary

---
 src/share/common                | 46 -----------------------------------------
 src/share/m/subkey_to_ssh_agent |  8 -------
 2 files changed, 54 deletions(-)

(limited to 'src/share/common')

diff --git a/src/share/common b/src/share/common
index b2dcd35..a9d23b2 100644
--- a/src/share/common
+++ b/src/share/common
@@ -336,52 +336,6 @@ passphrase_prompt() {
     fi
 }
 
-test_gnu_dummy_s2k_extension() {
-
-# this block contains a demonstration private key that has had the
-# primary key stripped out using the GNU S2K extension known as
-# "gnu-dummy" (see /usr/share/doc/gnupg/DETAILS.gz).  The subkey is
-# present in cleartext, however.
-
-# openpgp2ssh will be able to deal with this based on whether the
-# local copy of GnuTLS contains read_s2k support that can handle it.
-
-# read up on that here:
-
-# http://lists.gnu.org/archive/html/gnutls-devel/2008-08/msg00005.html
-
-echo "
------BEGIN PGP PRIVATE KEY BLOCK-----
-Version: GnuPG v1.4.9 (GNU/Linux)
-
-lQCVBEO3YdABBACRqqEnucag4+vyZny2M67Pai5+5suIRRvY+Ly8Ms5MvgCi3EVV
-xT05O/+0ShiRaf+QicCOFrhbU9PZzzU+seEvkeW2UCu4dQfILkmj+HBEIltGnHr3
-G0yegHj5pnqrcezERURf2e17gGFWX91cXB9Cm721FPXczuKraphKwCA9PwARAQAB
-/gNlAkdOVQG0OURlbW9uc3RyYXRpb24gS2V5IGZvciBTMksgR05VIGV4dGVuc2lv
-biAxMDAxIC0tIGdudS1kdW1teYi8BBMBAgAmBQJDt2HQAhsDBQkB4TOABgsJCAcD
-AgQVAggDBBYCAwECHgECF4AACgkQQZUwSa4UDezTOQP/TMQXUVrWzHYZGopoPZ2+
-ZS3qddiznBHsgb7MGYg1KlTiVJSroDUBCHIUJvdQKZV9zrzrFl47D07x6hGyUPHV
-aZXvuITW8t1o5MMHkCy3pmJ2KgfDvdUxrBvLfgPMICA4c6zA0mWquee43syEW9NY
-g3q61iPlQwD1J1kX1wlimLCdAdgEQ7dh0AEEANAwa63zlQbuy1Meliy8otwiOa+a
-mH6pxxUgUNggjyjO5qx+rl25mMjvGIRX4/L1QwIBXJBVi3SgvJW1COZxZqBYqj9U
-8HVT07mWKFEDf0rZLeUE2jTm16cF9fcW4DQhW+sfYm+hi2sY3HeMuwlUBK9KHfW2
-+bGeDzVZ4pqfUEudABEBAAEAA/0bemib+wxub9IyVFUp7nPobjQC83qxLSNzrGI/
-RHzgu/5CQi4tfLOnwbcQsLELfker2hYnjsLrT9PURqK4F7udrWEoZ1I1LymOtLG/
-4tNZ7Mnul3wRC2tCn7FKx8sGJwGh/3li8vZ6ALVJAyOia5TZ/buX0+QZzt6+hPKk
-7MU1WQIA4bUBjtrsqDwro94DvPj3/jBnMZbXr6WZIItLNeVDUcM8oHL807Am97K1
-ueO/f6v1sGAHG6lVPTmtekqPSTWBfwIA7CGFvEyvSALfB8NUa6jtk27NCiw0csql
-kuhCmwXGMVOiryKEfegkIahf2bAd/gnWHPrpWp7bUE20v8YoW22I4wIAhnm5Wr5Q
-Sy7EHDUxmJm5TzadFp9gq08qNzHBpXSYXXJ3JuWcL1/awUqp3tE1I6zZ0hZ38Ia6
-SdBMN88idnhDPqPoiKUEGAECAA8FAkO3YdACGyAFCQHhM4AACgkQQZUwSa4UDezm
-vQP/ZhK+2ly9oI2z7ZcNC/BJRch0/ybQ3haahII8pXXmOThpZohr/LUgoWgCZdXg
-vP6yiszNk2tIs8KphCAw7Lw/qzDC2hEORjWO4f46qk73RAgSqG/GyzI4ltWiDhqn
-vnQCFl3+QFSe4zinqykHnLwGPMXv428d/ZjkIc2ju8dRsn4=
-=CR5w
------END PGP PRIVATE KEY BLOCK-----
-" | openpgp2ssh 4129E89D17C1D591 >/dev/null 2>/dev/null
-
-}
-
 # remove all lines with specified string from specified file
 remove_line() {
     local file
diff --git a/src/share/m/subkey_to_ssh_agent b/src/share/m/subkey_to_ssh_agent
index 4ce14f8..ec596bd 100644
--- a/src/share/m/subkey_to_ssh_agent
+++ b/src/share/m/subkey_to_ssh_agent
@@ -26,14 +26,6 @@ subkey_to_ssh_agent() {
     local publine
     local kname
 
-    if ! test_gnu_dummy_s2k_extension ; then
-	failure "Your version of GnuTLS does not seem capable of using with gpg's exported subkeys.
-You may want to consider patching or upgrading to GnuTLS 2.6 or later.
-
-For more details, see:
- http://lists.gnu.org/archive/html/gnutls-devel/2008-08/msg00005.html"
-    fi
-
     # if there's no agent running, don't bother:
     if [ -z "$SSH_AUTH_SOCK" ] || ! which ssh-add >/dev/null ; then
 	failure "No ssh-agent available."
-- 
cgit v1.2.3


From ebd776722e0fd6dfacc79146c368d148f0e266cb Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@finestructure.net>
Date: Sun, 1 Mar 2009 14:53:37 -0500
Subject: break out default variables into their own file: defaultenv this
 allows the common file to be sourced without reseting variables to their
 defaults, which was causing a problem with su_monkeysphere_user. also added
 some more debug messages.

---
 Makefile                        |  1 +
 src/monkeysphere                |  3 ++-
 src/monkeysphere-authentication |  3 ++-
 src/monkeysphere-host           |  3 ++-
 src/share/common                | 34 +++++++++-------------------------
 src/share/ma/update_users       |  1 +
 tests/basic                     |  1 -
 7 files changed, 17 insertions(+), 29 deletions(-)

(limited to 'src/share/common')

diff --git a/Makefile b/Makefile
index 07e8fb9..9873d32 100755
--- a/Makefile
+++ b/Makefile
@@ -52,6 +52,7 @@ install: all installman
 	install src/monkeysphere $(DESTDIR)$(PREFIX)/bin
 	install src/monkeysphere-host src/monkeysphere-authentication $(DESTDIR)$(PREFIX)/sbin
 	install -m 0644 src/share/common $(DESTDIR)$(PREFIX)/share/monkeysphere
+	install -m 0644 src/share/defaultenv $(DESTDIR)$(PREFIX)/share/monkeysphere
 	install -m 0755 src/share/keytrans $(DESTDIR)$(PREFIX)/share/monkeysphere
 	ln -s ../share/monkeysphere/keytrans $(DESTDIR)$(PREFIX)/bin/pem2openpgp
 	ln -s ../share/monkeysphere/keytrans $(DESTDIR)$(PREFIX)/bin/openpgp2ssh
diff --git a/src/monkeysphere b/src/monkeysphere
index 2d54376..8d59d08 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -18,7 +18,8 @@ PGRM=$(basename $0)
 
 SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
 export SYSSHAREDIR
-. "${SYSSHAREDIR}/common" || exit 1
+. "${SYSSHAREDIR}/defaultenv"
+. "${SYSSHAREDIR}/common"
 
 # sharedir for host functions
 MSHAREDIR="${SYSSHAREDIR}/m"
diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication
index c5c48d5..3344f38 100755
--- a/src/monkeysphere-authentication
+++ b/src/monkeysphere-authentication
@@ -21,7 +21,8 @@ PGRM=$(basename $0)
 
 SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
 export SYSSHAREDIR
-. "${SYSSHAREDIR}/common" || exit 1
+. "${SYSSHAREDIR}/defaultenv"
+. "${SYSSHAREDIR}/common"
 
 SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
 export SYSDATADIR
diff --git a/src/monkeysphere-host b/src/monkeysphere-host
index 9e4a8c4..b9a15ae 100755
--- a/src/monkeysphere-host
+++ b/src/monkeysphere-host
@@ -21,7 +21,8 @@ PGRM=$(basename $0)
 
 SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
 export SYSSHAREDIR
-. "${SYSSHAREDIR}/common" || exit 1
+. "${SYSSHAREDIR}/defaultenv"
+. "${SYSSHAREDIR}/common"
 
 SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
 export SYSDATADIR
diff --git a/src/share/common b/src/share/common
index a9d23b2..1cdd549 100644
--- a/src/share/common
+++ b/src/share/common
@@ -13,28 +13,6 @@
 # all-caps variables are meant to be user supplied (ie. from config
 # file) and are considered global
 
-########################################################################
-### COMMON VARIABLES
-
-# managed directories
-SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/etc/monkeysphere"}
-export SYSCONFIGDIR
-
-# default log level
-LOG_LEVEL="INFO"
-
-# default keyserver
-KEYSERVER="pool.sks-keyservers.net"
-
-# whether or not to check keyservers by defaul
-CHECK_KEYSERVER="true"
-
-# default monkeysphere user
-MONKEYSPHERE_USER="monkeysphere"
-
-# default about whether or not to prompt
-PROMPT="true"
-
 ########################################################################
 ### UTILITY FUNCTIONS
 
@@ -461,6 +439,7 @@ check_key_file_permissions() {
 
     # return zero if all clear, or go to next path
     if [ "$path" = '/' ] ; then
+	log debug "path ok."
 	return 0
     else
 	check_key_file_permissions "$uname" $(dirname "$path")
@@ -926,7 +905,8 @@ process_known_hosts() {
 	failure "known_hosts file '$KNOWN_HOSTS' does not exist."
     fi
 
-    log debug "processing known_hosts file..."
+    log debug "processing known_hosts file:"
+    log debug " $KNOWN_HOSTS"
 
     hosts=$(meat "$KNOWN_HOSTS" | cut -d ' ' -f 1 | grep -v '^|.*$' | tr , ' ' | tr '\n' ' ')
 
@@ -1014,6 +994,9 @@ update_authorized_keys() {
     nIDsOK=0
     nIDsBAD=0
 
+    log debug "updating authorized_keys file:"
+    log debug " $AUTHORIZED_KEYS"
+
     # check permissions on the authorized_keys file path
     check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" || failure
 
@@ -1087,11 +1070,12 @@ process_authorized_user_ids() {
 	failure "authorized_user_ids file '$authorizedUserIDs' does not exist."
     fi
 
+    log debug "processing authorized_user_ids file:"
+    log debug " $authorizedUserIDs"
+
     # check permissions on the authorized_user_ids file path
     check_key_file_permissions "$USER" "$authorizedUserIDs" || failure
 
-    log debug "processing authorized_user_ids file..."
-
     if ! meat "$authorizedUserIDs" > /dev/null ; then
 	log debug " no user IDs to process."
 	return
diff --git a/src/share/ma/update_users b/src/share/ma/update_users
index c180b56..3a5c006 100644
--- a/src/share/ma/update_users
+++ b/src/share/ma/update_users
@@ -80,6 +80,7 @@ for uname in $unames ; do
     # translating ssh-style path variables
     authorizedUserIDs=$(translate_ssh_variables "$uname" "$AUTHORIZED_USER_IDS")
     if [ -s "$authorizedUserIDs" ] ; then
+	log debug "authorized_user_ids file found."
 	# check permissions on the authorized_user_ids file path
 	if check_key_file_permissions "$uname" "$authorizedUserIDs" ; then
             # copy user authorized_user_ids file to temporary
diff --git a/tests/basic b/tests/basic
index f6d1f3b..7277168 100755
--- a/tests/basic
+++ b/tests/basic
@@ -275,7 +275,6 @@ monkeysphere-authentication update-users $(whoami)
 # FIXME: this is maybe not failing properly for:
 # ms: improper group or other writability on path '/tmp'.
 
-
 ######################################################################
 ### TESTS
 
-- 
cgit v1.2.3


From 23969f7aadf7611ed73d300b23c8fbfca91cb66a Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@finestructure.net>
Date: Sun, 1 Mar 2009 15:27:36 -0500
Subject: explicity set the USER variable, since it's needed for checking file
 permissions.  add/modify some debug messages.

---
 src/monkeysphere          |  3 +++
 src/share/common          | 14 ++++++++------
 src/share/ma/update_users |  1 +
 3 files changed, 12 insertions(+), 6 deletions(-)

(limited to 'src/share/common')

diff --git a/src/monkeysphere b/src/monkeysphere
index 8d59d08..aa9276c 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -189,6 +189,9 @@ export GNUPGHOME
 mkdir -p -m 0700 "$GNUPGHOME"
 export LOG_LEVEL
 
+# explicitly set the USER variable, for checking file permissions
+export USER=$(whoami)
+
 # get subcommand
 COMMAND="$1"
 [ "$COMMAND" ] || failure "Type '$PGRM help' for usage."
diff --git a/src/share/common b/src/share/common
index 1cdd549..c6d6b8e 100644
--- a/src/share/common
+++ b/src/share/common
@@ -427,13 +427,15 @@ check_key_file_permissions() {
 
     # return 1 if path has invalid owner
     if [ "$owner" != "$uname" -a "$owner" != 'root' ] ; then
-	log error "improper ownership on path '$path'."
+	log error "improper ownership on path '$path':"
+	log error " $owner != ($uname|root)"
 	return 1
     fi
 
     # return 2 if path has group or other writability
     if is_write "$gAccess" || is_write "$oAccess" ; then
-	log error "improper group or other writability on path '$path'."
+	log error "improper group or other writability on path '$path':"
+	log error " group: $gAccess, other: $oAcess"
 	return 2
     fi
 
@@ -667,14 +669,14 @@ process_user_id() {
 		if [ "$keyOK" -a "$uidOK" -a "$lastKeyOK" ] ; then
 		    log verbose "  * acceptable primary key."
 		    if [ -z "$sshKey" ] ; then
-			log error "    ! primary key could not be translated (not RSA or DSA?)."
+			log error "    ! primary key could not be translated (not RSA?)."
 		    else
 			echo "0:${sshKey}"
 		    fi
 		else
 		    log debug "  - unacceptable primary key."
 		    if [ -z "$sshKey" ] ; then
-			log debug "    ! primary key could not be translated (not RSA or DSA?)."
+			log debug "    ! primary key could not be translated (not RSA?)."
 		    else
 			echo "1:${sshKey}"
 		    fi
@@ -725,14 +727,14 @@ process_user_id() {
 		if [ "$keyOK" -a "$uidOK" -a "$lastKeyOK" ] ; then
 		    log verbose "  * acceptable sub key."
 		    if [ -z "$sshKey" ] ; then
-			log error "    ! sub key could not be translated (not RSA or DSA?)."
+			log error "    ! sub key could not be translated (not RSA?)."
 		    else
 			echo "0:${sshKey}"
 		    fi
 		else
 		    log debug "  - unacceptable sub key."
 		    if [ -z "$sshKey" ] ; then
-			log debug "    ! sub key could not be translated (not RSA or DSA?)."
+			log debug "    ! sub key could not be translated (not RSA?)."
 		    else
 			echo "1:${sshKey}"
 		    fi
diff --git a/src/share/ma/update_users b/src/share/ma/update_users
index 3a5c006..195e982 100644
--- a/src/share/ma/update_users
+++ b/src/share/ma/update_users
@@ -88,6 +88,7 @@ for uname in $unames ; do
 	    cat "$authorizedUserIDs" > "$TMP_AUTHORIZED_USER_IDS"
 
 	    # export needed variables
+	    export USER="$uname"
 	    export AUTHORIZED_KEYS
 	    export TMP_AUTHORIZED_USER_IDS
 
-- 
cgit v1.2.3


From 7b64ab42881f4702b6a7800dc06c94a742109fda Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Sun, 1 Mar 2009 17:11:59 -0500
Subject: switched $USER to $FILE_OWNER; new name is more semantically clear
 and less likely to collide with other common uses of $USER.

---
 src/monkeysphere          | 4 ++--
 src/share/common          | 6 +++---
 src/share/ma/update_users | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

(limited to 'src/share/common')

diff --git a/src/monkeysphere b/src/monkeysphere
index aa9276c..1641d32 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -189,8 +189,8 @@ export GNUPGHOME
 mkdir -p -m 0700 "$GNUPGHOME"
 export LOG_LEVEL
 
-# explicitly set the USER variable, for checking file permissions
-export USER=$(whoami)
+# explicitly set the FILE_OWNER variable, for checking file permissions
+export FILE_OWNER=$(whoami)
 
 # get subcommand
 COMMAND="$1"
diff --git a/src/share/common b/src/share/common
index c6d6b8e..dd5dc16 100644
--- a/src/share/common
+++ b/src/share/common
@@ -846,7 +846,7 @@ update_known_hosts() {
     (umask 0022 && touch "$KNOWN_HOSTS")
 
     # check permissions on the known_hosts file path
-    check_key_file_permissions "$USER" "$KNOWN_HOSTS" || failure
+    check_key_file_permissions "$FILE_OWNER" "$KNOWN_HOSTS" || failure
 
     # create a lockfile on known_hosts:
     lock create "$KNOWN_HOSTS"
@@ -1000,7 +1000,7 @@ update_authorized_keys() {
     log debug " $AUTHORIZED_KEYS"
 
     # check permissions on the authorized_keys file path
-    check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" || failure
+    check_key_file_permissions "$FILE_OWNER" "$AUTHORIZED_KEYS" || failure
 
     # create a lockfile on authorized_keys
     lock create "$AUTHORIZED_KEYS"
@@ -1076,7 +1076,7 @@ process_authorized_user_ids() {
     log debug " $authorizedUserIDs"
 
     # check permissions on the authorized_user_ids file path
-    check_key_file_permissions "$USER" "$authorizedUserIDs" || failure
+    check_key_file_permissions "$FILE_OWNER" "$authorizedUserIDs" || failure
 
     if ! meat "$authorizedUserIDs" > /dev/null ; then
 	log debug " no user IDs to process."
diff --git a/src/share/ma/update_users b/src/share/ma/update_users
index 195e982..a48bbd1 100644
--- a/src/share/ma/update_users
+++ b/src/share/ma/update_users
@@ -88,7 +88,7 @@ for uname in $unames ; do
 	    cat "$authorizedUserIDs" > "$TMP_AUTHORIZED_USER_IDS"
 
 	    # export needed variables
-	    export USER="$uname"
+	    export FILE_OWNER="$uname"
 	    export AUTHORIZED_KEYS
 	    export TMP_AUTHORIZED_USER_IDS
 
-- 
cgit v1.2.3


From 18d6d63571d18c50a4c943742c6cebbb100d4277 Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@finestructure.net>
Date: Mon, 2 Mar 2009 12:40:28 -0500
Subject: get rid of FILE_OWNER variable, in favor of just using $(whoami) when
 running check_key_file_permissions in update_known_hosts,
 update_authorized_keys, and process_authorized_user_ids.  this is fine, since
 the policy is just that a user is always updating their own files.  closes
 monkeysphere bug #630.

---
 src/monkeysphere          | 3 ---
 src/share/common          | 6 +++---
 src/share/ma/update_users | 2 +-
 3 files changed, 4 insertions(+), 7 deletions(-)

(limited to 'src/share/common')

diff --git a/src/monkeysphere b/src/monkeysphere
index 1641d32..8d59d08 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -189,9 +189,6 @@ export GNUPGHOME
 mkdir -p -m 0700 "$GNUPGHOME"
 export LOG_LEVEL
 
-# explicitly set the FILE_OWNER variable, for checking file permissions
-export FILE_OWNER=$(whoami)
-
 # get subcommand
 COMMAND="$1"
 [ "$COMMAND" ] || failure "Type '$PGRM help' for usage."
diff --git a/src/share/common b/src/share/common
index dd5dc16..83f2d6f 100644
--- a/src/share/common
+++ b/src/share/common
@@ -846,7 +846,7 @@ update_known_hosts() {
     (umask 0022 && touch "$KNOWN_HOSTS")
 
     # check permissions on the known_hosts file path
-    check_key_file_permissions "$FILE_OWNER" "$KNOWN_HOSTS" || failure
+    check_key_file_permissions $(whoami) "$KNOWN_HOSTS" || failure
 
     # create a lockfile on known_hosts:
     lock create "$KNOWN_HOSTS"
@@ -1000,7 +1000,7 @@ update_authorized_keys() {
     log debug " $AUTHORIZED_KEYS"
 
     # check permissions on the authorized_keys file path
-    check_key_file_permissions "$FILE_OWNER" "$AUTHORIZED_KEYS" || failure
+    check_key_file_permissions $(whoami) "$AUTHORIZED_KEYS" || failure
 
     # create a lockfile on authorized_keys
     lock create "$AUTHORIZED_KEYS"
@@ -1076,7 +1076,7 @@ process_authorized_user_ids() {
     log debug " $authorizedUserIDs"
 
     # check permissions on the authorized_user_ids file path
-    check_key_file_permissions "$FILE_OWNER" "$authorizedUserIDs" || failure
+    check_key_file_permissions $(whoami) "$authorizedUserIDs" || failure
 
     if ! meat "$authorizedUserIDs" > /dev/null ; then
 	log debug " no user IDs to process."
diff --git a/src/share/ma/update_users b/src/share/ma/update_users
index 67fabb2..3a5c006 100644
--- a/src/share/ma/update_users
+++ b/src/share/ma/update_users
@@ -92,7 +92,7 @@ for uname in $unames ; do
 	    export TMP_AUTHORIZED_USER_IDS
 
 	    # process authorized_user_ids file, as monkeysphere user
-	    FILE_OWNER="$MONKEYSPHERE_USER" su_monkeysphere_user \
+	    su_monkeysphere_user \
 		". ${SYSSHAREDIR}/common; process_authorized_user_ids $TMP_AUTHORIZED_USER_IDS" \
 		|| returnCode="$?"
 	else
-- 
cgit v1.2.3


From bd5aac0e2eae2dd73c35b6bbb2e79ef48c98ca21 Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@finestructure.net>
Date: Mon, 2 Mar 2009 12:45:48 -0500
Subject: fix remove_monkeysphere_line function to properly handle empty files.

---
 src/share/common | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

(limited to 'src/share/common')

diff --git a/src/share/common b/src/share/common
index 83f2d6f..83120d1 100644
--- a/src/share/common
+++ b/src/share/common
@@ -354,12 +354,15 @@ remove_monkeysphere_lines() {
 
     file="$1"
 
-    if [ -z "$file" ] ; then
+    # return error if file does not exist
+    if [ ! -e "$file" ] ; then
 	return 1
     fi
 
-    if [ ! -e "$file" ] ; then
-	return 1
+    # just return ok if the file is empty, since there aren't any
+    # lines to remove
+    if [ ! -s "$file" ] ; then
+	return 0
     fi
 
     tempfile=$(mktemp "${file}.XXXXXXX") || \
-- 
cgit v1.2.3


From 91fee4b8616ce94be3b18f58b8d361d784ce92a6 Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@finestructure.net>
Date: Tue, 3 Mar 2009 11:56:00 -0500
Subject: fix to logging to prefix all log output with log prefix, and allow
 changing of log prefix.

---
 src/monkeysphere                | 1 +
 src/monkeysphere-authentication | 1 +
 src/monkeysphere-host           | 1 +
 src/share/common                | 7 +++----
 4 files changed, 6 insertions(+), 4 deletions(-)

(limited to 'src/share/common')

diff --git a/src/monkeysphere b/src/monkeysphere
index 8d59d08..f721108 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -182,6 +182,7 @@ AUTHORIZED_KEYS=${MONKEYSPHERE_AUTHORIZED_KEYS:=$AUTHORIZED_KEYS}
 AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:="${MONKEYSPHERE_HOME}/authorized_user_ids"}
 REQUIRED_HOST_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_HOST_KEY_CAPABILITY:="a"}
 REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"}
+LOG_PREFIX=${MONKEYSPHERE_LOG_PREFIX:='ms: '}
 
 # export GNUPGHOME and make sure gpg home exists with proper
 # permissions
diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication
index b0dcc88..85ff04f 100755
--- a/src/monkeysphere-authentication
+++ b/src/monkeysphere-authentication
@@ -129,6 +129,7 @@ REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"}
 GNUPGHOME_CORE=${MONKEYSPHERE_GNUPGHOME_CORE:="${MADATADIR}/core"}
 GNUPGHOME_SPHERE=${MONKEYSPHERE_GNUPGHOME_SPHERE:="${MADATADIR}/sphere"}
 CORE_KEYLENGTH=${MONKEYSPHERE_CORE_KEYLENGTH:="2048"}
+LOG_PREFIX=${MONKEYSPHERE_LOG_PREFIX:='ms: '}
 
 # export variables needed in su invocation
 export DATE
diff --git a/src/monkeysphere-host b/src/monkeysphere-host
index 7fb3980..b052ca1 100755
--- a/src/monkeysphere-host
+++ b/src/monkeysphere-host
@@ -230,6 +230,7 @@ PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT}
 
 # other variables
 GNUPGHOME_HOST=${MONKEYSPHERE_GNUPGHOME_HOST:="${MHDATADIR}"}
+LOG_PREFIX=${MONKEYSPHERE_LOG_PREFIX:='ms: '}
 
 # export variables needed in su invocation
 export DATE
diff --git a/src/share/common b/src/share/common
index 83120d1..ea872ba 100644
--- a/src/share/common
+++ b/src/share/common
@@ -76,11 +76,10 @@ log() {
 	fi
 	if [ "$priority" = "$level" -a "$output" = 'true' ] ; then
 	    if [ "$1" ] ; then
-		echo -n "ms: " >&2
-		echo "$@" >&2
+		echo "$@"
 	    else
-		cat >&2
-	    fi
+		cat
+	    fi | sed 's/^/'"${LOG_PREFIX}"'/' >&2
 	fi
     done
 }
-- 
cgit v1.2.3