From 2f89210eb11ccb0a7289f89a545697029b2bb9d7 Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@phys.columbia.edu>
Date: Thu, 14 Aug 2008 21:05:40 -0700
Subject: Add sorting of the processed key lines so that "good" keys are output
 at the end.  This is done so that they take precedence over "bad" when being
 processed in key files.  If bad keys are processed after good keys, there is
 a possibility of malicious bad key causing good keys to be continually
 removed from key files, which would be a big nuisance.

---
 src/common | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/common b/src/common
index 9c76bd1..17955a7 100644
--- a/src/common
+++ b/src/common
@@ -484,7 +484,10 @@ process_user_id() {
 		fi
 		;;
 	esac
-    done
+    done | sort -t: -k1 -n -r
+    # NOTE: this last sort is important so that the "good" keys (key
+    # flag '0') come last.  This is so that they take precedence when
+    # being processed in the key files over "bad" keys (key flag '1')
 }
 
 # process a single host in the known_host file
@@ -498,16 +501,15 @@ process_host_known_hosts() {
     local tmpfile
 
     host="$1"
+    userID="ssh://${host}"
 
     log "processing: $host"
 
-    userID="ssh://${host}"
-
     nKeys=0
     nKeysOK=0
 
     IFS=$'\n'
-    for line in $(process_user_id "ssh://${host}") ; do
+    for line in $(process_user_id "${userID}") ; do
 	# note that key was found
 	nKeys=$((nKeys+1))
 
-- 
cgit v1.2.3


From 0181b6fc50824941e4f7ac3f535a216b8189568e Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@phys.columbia.edu>
Date: Thu, 14 Aug 2008 22:34:17 -0700
Subject: reorganize shortcuts for monkeysphere-server

---
 man/man8/monkeysphere-server.8                       |  6 +++---
 src/monkeysphere-server                              | 20 ++++++++++----------
 .../reorganize-monkeysphere-server-shortcuts.mdwn    |  3 +++
 3 files changed, 16 insertions(+), 13 deletions(-)

(limited to 'src')

diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8
index 527cae7..74e9a10 100644
--- a/man/man8/monkeysphere-server.8
+++ b/man/man8/monkeysphere-server.8
@@ -68,15 +68,15 @@ domain (e.g. "trust KEYID to certify user identities within the
 @example.org domain").  A certifier trust level can be specified with
 the `-t' or `--trust' option (possible values are `marginal' and
 `full' (default is `full')).  A certifier trust depth can be specified
-with the `-d' or `--depth' option (default is 1).  `a' may be used in
+with the `-d' or `--depth' option (default is 1).  `c+' may be used in
 place of `add-identity-certifier'.
 .TP
 .B remove-identity-certifier KEYID
 Instruct system to ignore user identity certifications made by KEYID.
-`r' may be used in place of `remove-identity-certifier'.
+`c-' may be used in place of `remove-identity-certifier'.
 .TP
 .B list-identity-certifiers
-List key IDs trusted by the system to certify user identities.  `l'
+List key IDs trusted by the system to certify user identities.  `c'
 may be used in place of `list-identity-certifiers'.
 .TP
 .B gpg-authentication-cmd
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index d9b8676..21973dd 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -43,16 +43,16 @@ subcommands:
    -l|--length BITS                    key length in bits (2048)
    -e|--expire EXPIRE                  date to expire
    -r|--revoker FINGERPRINT            add a revoker
- show-fingerprint (f)                show server's host key fingerprint
- publish-key (p)                     publish server's host key to keyserver
- diagnostics (d)                     report on the server's monkeysphere status
+ show-fingerprint (f)                show server host key fingerprint
+ publish-key (p)                     publish server host key to keyserver
+ diagnostics (d)                     report on server monkeysphere status
 
- add-identity-certifier (a) KEYID    import and tsign a certification key
-   -n|--domain DOMAIN                  limit ID certifications to IDs in DOMAIN
+ add-id-certifier (c+) KEYID         import and tsign a certification key
+   -n|--domain DOMAIN                  limit ID certifications to DOMAIN
    -t|--trust TRUST                    trust level of certifier (full)
    -d|--depth DEPTH                    trust depth for certifier (1)
- remove-identity-certifier (r) KEYID remove a certification key
- list-identity-certifiers (l)        list certification keys
+ remove-id-certifier (c-) KEYID      remove a certification key
+ list-id-certifiers (c)              list certification keys
 
  gpg-authentication-cmd CMD          gnupg-authentication command
 
@@ -696,15 +696,15 @@ case $COMMAND in
 	diagnostics
 	;;
 
-    'add-identity-certifier'|'add-certifier'|'a')
+    'add-identity-certifier'|'add-id-certifier'|'add-certifier'|'c+')
 	add_certifier "$1"
 	;;
 
-    'remove-identity-certifier'|'remove-certifier'|'r')
+    'remove-identity-certifier'|'remove-id-certifier'|'remove-certifier'|'c-')
 	remove_certifier "$1"
 	;;
 
-    'list-identity-certifiers'|'list-certifiers'|'list-certifier'|'l')
+    'list-identity-certifiers'|'list-id-certifiers'|'list-certifiers'|'list-certifier'|'c')
 	list_certifiers "$@"
 	;;
 
diff --git a/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn b/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn
index 5a4b946..104bda7 100644
--- a/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn
+++ b/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn
@@ -17,3 +17,6 @@ This would let us create new subcommands like:
 * `revoke-host-name` (`n-`)
 * `list-host-names` (`n`)
 
+---
+
+[[bugs/done]] 2008-08-14
-- 
cgit v1.2.3


From bb35e6ff08dbd33d3f47e9c969eb3da3a9acf18d Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@phys.columbia.edu>
Date: Fri, 15 Aug 2008 00:33:27 -0700
Subject: add start of add/revoke-hostname functions.  revocation needs to be
 implemented.

---
 man/man8/monkeysphere-server.8 | 18 +++++++--
 src/monkeysphere-server        | 91 +++++++++++++++++++++++++++++++++++-------
 2 files changed, 91 insertions(+), 18 deletions(-)

(limited to 'src')

diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8
index 74e9a10..8e7278b 100644
--- a/man/man8/monkeysphere-server.8
+++ b/man/man8/monkeysphere-server.8
@@ -44,9 +44,21 @@ specified with the `-e' or `--expire' option (prompt otherwise).  A
 key revoker fingerprint can be specified with the `-r' or `--revoker'
 option.  `g' may be used in place of `gen-key'.
 .TP
-.B show-fingerprint
-Show the fingerprint for the host's OpenPGP key.  `f' may be used in place of
-`show-fingerprint'.
+.B add-hostname HOSTNAME
+Add a hostname user ID to the server host key.  `n+' may be used in
+place of `add-hostname'.
+.TP
+.B revoke-hostname HOSTNAME
+Revoke a hostname user ID from the server host key.  `n-' may be used
+in place of `revoke-hostname'.
+.TP
+.B show-key
+Output gpg information about host's OpenPGP key.  `s' may be used in
+place of `show-key'.
+.TP
+.B fingerprint
+Output just the fingerprint for the host's OpenPGP key.  `f' may be
+used in place of `fingerprint'.
 .TP
 .B publish-key
 Publish the host's OpenPGP key to the keyserver.  `p' may be used in
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index 21973dd..598c3f7 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -39,11 +39,14 @@ MonkeySphere server admin tool.
 subcommands:
  update-users (u) [USER]...          update user authorized_keys files
 
- gen-key (g) [HOSTNAME]              generate gpg key for the server
+ gen-key (g) [NAME[:PORT]]           generate gpg key for the server
    -l|--length BITS                    key length in bits (2048)
    -e|--expire EXPIRE                  date to expire
    -r|--revoker FINGERPRINT            add a revoker
- show-fingerprint (f)                show server host key fingerprint
+ add-hostname (n+) NAME[:PORT]       add hostname user ID to server key
+ revoke-hostname (n-) NAME[:PORT]    revoke hostname user ID
+ show-key (s)                        output all server host key information
+ fingerprint (f)                     output just the key fingerprint
  publish-key (p)                     publish server host key to keyserver
  diagnostics (d)                     report on server monkeysphere status
 
@@ -97,6 +100,17 @@ gpg_authentication() {
     su_monkeysphere_user "gpg $@"
 }
 
+# output key information
+show_server_key() {
+    gpg_host --list-secret-keys --fingerprint
+}
+
+# output just key fingerprint
+fingerprint_server_key() {
+    gpg_host --list-secret-keys --fingerprint --with-colons --fixed-list-mode | \
+	grep '^fpr:' | head -1 | cut -d: -f10
+}
+
 # update authorized_keys for users
 update_users() {
     if [ "$1" ] ; then
@@ -339,9 +353,8 @@ EOF
     # output the server fingerprint
     fingerprint_server_key "=${userID}"
 
-    # find the key fingerprint of the server primary key
-    fingerprint=$(gpg_host --list-key --with-colons --with-fingerprint "=${userID}" | \
-	grep '^fpr:' | head -1 | cut -d: -f10)
+    # find the key fingerprint of the newly generated key
+    fingerprint=$(fingerprint_server_key)
 
     # export host ownertrust to authentication keyring
     log "setting ultimate owner trust for server key..."
@@ -356,9 +369,47 @@ EOF
     log "Private SSH host key output to file: ${VARLIB}/ssh_host_rsa_key"
 }
 
-# gpg output key fingerprint
-fingerprint_server_key() {
-    gpg_host --fingerprint --list-secret-keys
+# add hostname user ID to server key
+add_hostname() {
+    if [ -z "$1" ] ; then
+	failure "You must specify a hostname to add."
+    fi
+
+    userID="ssh://${1}"
+
+    if [ "$(gpg_host --list-key "=${userID}")" ] ; then
+	failure "Host userID '$userID' already exists."
+    fi
+
+    fingerprint=$(fingerprint_server_key)
+
+    adduidCommand=$(cat <<EOF
+adduid
+$userID
+
+
+O
+save
+EOF
+	)
+
+    # add uid
+    echo "$adduidCommand" | gpg_host --quiet --command-fd 0 --edit-key "$fingerprint"
+
+    echo "NOTE: new host userID has not been published."
+    echo "Use '$PGRM publish-key' to publish these changes."
+}
+
+# revoke hostname user ID to server key
+revoke_hostname() {
+    if [ -z "$1" ] ; then
+	failure "You must specify a hostname to revoke."
+    fi
+
+    failure "Sorry, not yet implemented."
+
+    echo "NOTE: host userID revokation has not been published."
+    echo "Use '$PGRM publish-key' to publish these changes."
 }
 
 # publish server key to keyserver
@@ -392,7 +443,7 @@ diagnostics() {
     local fingerprint
     local badhostkeys
 
-    seckey=$(gpg_host --list-secret-keys --fingerprint --with-colons --fixed-list-mode)
+    seckey=$(fingerprint_server_key)
     keysfound=$(echo "$seckey" | grep -c ^sec:)
     curdate=$(date +%s)
     # warn when anything is 2 months away from expiration
@@ -500,8 +551,6 @@ diagnostics() {
 	echo "$badauthorizedkeys"
 	echo " - Recommendation: remove the above AuthorizedKeysFile lines from /etc/ssh/sshd_config"
     fi
-
-
 }
 
 # retrieve key from web of trust, import it into the host keyring, and
@@ -684,11 +733,23 @@ case $COMMAND in
 	gen_key "$@"
 	;;
 
-    'show-fingerprint'|'f')
+    'add-hostname'|'add-name'|'n+')
+	add_hostname "$@"
+	;;
+
+    'revoke-hostname'|'revoke-name'|'n-')
+	revoke_hostname "$@"
+	;;
+
+    'show-key'|'show'|'s')
+	show_server_key
+	;;
+
+    'show-fingerprint'|'fingerprint'|'f')
 	fingerprint_server_key
 	;;
 
-    'publish-key'|'p')
+    'publish-key'|'publish'|'p')
 	publish_server_key
 	;;
 
@@ -697,11 +758,11 @@ case $COMMAND in
 	;;
 
     'add-identity-certifier'|'add-id-certifier'|'add-certifier'|'c+')
-	add_certifier "$1"
+	add_certifier "$@"
 	;;
 
     'remove-identity-certifier'|'remove-id-certifier'|'remove-certifier'|'c-')
-	remove_certifier "$1"
+	remove_certifier "$@"
 	;;
 
     'list-identity-certifiers'|'list-id-certifiers'|'list-certifiers'|'list-certifier'|'c')
-- 
cgit v1.2.3


From 6fb350a883fa4d8b1bc9b5e01cc3b01c96354d08 Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@phys.columbia.edu>
Date: Fri, 15 Aug 2008 00:49:49 -0700
Subject: enabled host key publication.  be aware.

---
 debian/changelog        |  3 ++-
 src/monkeysphere-server | 11 +++++------
 2 files changed, 7 insertions(+), 7 deletions(-)

(limited to 'src')

diff --git a/debian/changelog b/debian/changelog
index 0d6155e..160d1d6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -11,8 +11,9 @@ monkeysphere (0.8-1) UNRELEASED; urgency=low
   * sort processed keys so that "good" keys are processed after "bad"
     keys.  This will prevent malicious bad keys from causing good keys to
     be removed from key files.
+  * enabled host key publication.
 
- -- Jameson Graef Rollins <jrollins@phys.columbia.edu>  Thu, 14 Aug 2008 21:12:43 -0700
+ -- Jameson Graef Rollins <jrollins@phys.columbia.edu>  Fri, 15 Aug 2008 00:48:22 -0700
 
 monkeysphere (0.7-1) experimental; urgency=low
 
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index 598c3f7..3259e33 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -414,20 +414,19 @@ revoke_hostname() {
 
 # publish server key to keyserver
 publish_server_key() {
-    read -p "Really publish key to $KEYSERVER? (y/N) " OK; OK=${OK:=N}
+    read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N}
     if [ ${OK/y/Y} != 'Y' ] ; then
 	failure "aborting."
     fi
 
+    # find the key fingerprint
+    fingerprint=$(fingerprint_server_key)
+
     # publish host key
     # FIXME: need to figure out better way to identify host key
     # dummy command so as not to publish fakes keys during testing
     # eventually:
-    #gpg_authentication "--keyserver $KEYSERVER --send-keys =ssh://$(hostname -f)"
-    echo "NOT PUBLISHED (to avoid permanent publication errors during monkeysphere development)."
-    echo "The following command should publish the key:"
-    echo "monkeysphere-server gpg-authentication-cmd '--keyserver $KEYSERVER --send-keys =ssh://$(hostname -f)'"
-    exit 255
+    gpg_authentication "--keyserver $KEYSERVER --send-keys $fingerprint"
 }
 
 diagnostics() {
-- 
cgit v1.2.3