changelog - monkeysphere - Unnamed repository; edit this file 'description' to name the repository.

blob: e29cbaf65cbda1ec51d7879c6e79ff55bae0b72f (plain)

monkeysphere (0.29~pre1) UNRELEASED; urgency=low

* Fix man page typo about monkeysphere authorized_keys location

* Monkeysphere should work properly even if the user has "armor" in

their gpg.conf (closes MS #1625)

* monkeysphere keys-for-userid now respects MONKEYSPHERE_CHECK_KEYSERVER

environment variable (and defaults to true)

-- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 18 Feb 2010 12:38:43 -0500

monkeysphere (0.28) unstable; urgency=low

* Major rework of monkeysphere-host to handle multiple host keys. We

also no longer assume ssh service keys. monkeysphere-host is now a

general-purpose host service OpenPGP key management UI.

* Rename keys-from-userid command to more accurate keys-for-userid

* separate upstream and debian changelogs

-- Jameson Rollins <jrollins@finestructure.net> Tue, 19 Jan 2010 13:50:31 -0500

monkeysphere (0.27) unstable; urgency=low

* fixed monkeysphere gen-subkey subcommand that was erroneously creating

DSA subkeys due to unannounced change in gpg edit-key UI. Now tests

for gpg version (closes MS #1536)

* add new monkeysphere keys-from-userid subcommand to output all

acceptable keys for a given user ID literal

-- Jameson Rollins <jrollins@finestructure.net> Mon, 11 Jan 2010 20:54:21 -0500

monkeysphere (0.26) unstable; urgency=low

* add 'refresh-keys' subcommand to monkeysphere-authentication

* improve marginal UI (closes MS #1141)

* add MONKEYSPHERE_STRICT_MODES configuration to avoid

permission-checking (closes MS #649)

* test scripts use STRICT_MODES to avoid failure when built under /tmp

* do permissions checks with a perl script instead of non-portable

readlink GNUisms

* bail on permissions check if we hit the home directory (helpful on Mac

OS and other systems with loose /home or /Users (closes MS #675)

-- Jameson Graef Rollins <jrollins@finestructure.net> Sat, 01 Aug 2009 17:11:05 -0400

monkeysphere (0.25) unstable; urgency=low

* New upstream release:

* update/fix the marginal ui output

* use msmktempdir everywhere (avoid unwrapped calls to mktemp for

portability)

* clean out some redundant "cat"s

* fix monkeysphere update-known_hosts for sshd running on non-standard

ports

* add 'sshfpr' subcommand to output the ssh fingerprint of a gpg key

* pem2openpgp now generates self-sigs over SHA-256 instead of SHA-1

(changes dependency to libdigest-sha-perl)

* some portability improvements

* properly handle translation of keys with fingerprints with leading

all-zero bytes.

* resolve symlinks when checking paths (thanks Silvio Rhatto)

(closes MS #917)

* explicitly set and use MONKEYSPHERE_GROUP from system "groups"

* monkeysphere-host now uses keytrans to add and revoke hostname

(closes MS #422)

-- Jameson Graef Rollins <jrollins@finestructure.net> Thu, 16 Jul 2009 22:09:19 -0400

monkeysphere (0.24) unstable; urgency=low

* fixed how version information is stored/retrieved

* now uses perl-based keytrans for both pem2openpgp and openpgp2ssh

* no longer needs base64 in PATH

* added "test" make target

* improved transitions/0.23 script so it no longer fails in common

circumstances (Closes: #517779)

* RSA only: no longer handles DSA keys

* added ability to specify subkeys to add to ssh agent with new

MONKEYSPHERE_SUBKEYS_FOR_AGENT environment variable

-- Jameson Graef Rollins <jrollins@finestructure.net> Tue, 03 Mar 2009 19:38:33 -0500

monkeysphere (0.23) unstable; urgency=low

"The Golden Bezoar Release"

* rearchitect UI:

- replace monkeysphere-server with monkeysphere-{authentication,host}

- fold monkeysphere-ssh-proxycommand into /usr/bin/monkeysphere

* new ability to import existing ssh host key into monkeysphere. So now

m-a import-key replaces m-s gen-key.

* provide pem2openpgp for translating unencrypted PEM-encoded raw key

material into OpenPGP keys (introduces new perl dependencies)

* get rid of getopts dependency

* added version output option

* better checks for the existence of a host private key for

monkeysphere-host subcommands that need it.

* better checks on validity of existing authentication subkeys when

doing monkeysphere gen_subkey.

* add transition infrastructure for major changes between releases (see

transitions/README.txt)

* implement and document two new monkeysphere-host subcommands:

revoke-key and add-revoker

-- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 21 Feb 2009 17:51:06 -0500

monkeysphere (0.22) unstable; urgency=low

[ Jameson Graef Rollins ]

* added info log output when a new key is added to known_hosts file.

* added some useful output to the ssh-proxycommand for "marginal" cases

where keys are found for host but do not have full validity.

* force ssh-keygen to read from stdin to get ssh key fingerprint.

[ Daniel Kahn Gillmor ]

* automatically output two copies of the host's public key: one standard

ssh public key file, and the other a minimal OpenPGP key with just the

latest valid self-sig.

* debian/control: corrected alternate dependency from procfile to

procmail (which provides /usr/bin/lockfile)

-- Jameson Graef Rollins <jrollins@finestructure.net> Fri, 28 Nov 2008 14:23:31 -0500

monkeysphere (0.21) unstable; urgency=low

* move debian packaging to packaging subdirectory.

-- Jameson Graef Rollins <jrollins@finestructure.net> Sat, 15 Nov 2008 16:14:27 -0500

monkeysphere (0.20) unstable; urgency=low

[ Daniel Kahn Gillmor ]

* ensure that tempdirs are properly created, bail out otherwise instead

of stumbling ahead.

* minor fussing with the test script to make it cleaner.

[ Jameson Graef Rollins ]

* clean up Makefile to generate more elegant source tarballs.

* make myself the maintainer.

-- Jameson Graef Rollins <jrollins@finestructure.net> Sat, 15 Nov 2008 13:12:57 -0500

monkeysphere (0.19) experimental; urgency=low

[ Daniel Kahn Gillmor ]

* simulating an X11 session in the test script.

* updated packaging so that symlinks to config files are correct.

-- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 29 Oct 2008 02:47:49 -0400

monkeysphere (0.18) experimental; urgency=low

[ Jameson Gra

    'maildomain'    =>  'mail.louiz.dk',

    'smtphost'  =>  'localhost',

    'realm'     =>  'louiz.dk',

    'preferred' =>  array(

"louiz.horde.jones.dk",

"louiz.horde.homebase.dk",

"louiz.horde.biks.dk",

"louiz.horde.louiz.dk",

"louiz.horde.vega.dk"

)

);

$servers['vega'] = array(

    'name'      =>  'Vega',

    'server'    =>  'mail.vega.dk',

    'port'      =>  143,

    'protocol'  =>  'imap/notls',

    'folders'   =>  '',

    'namespace' =>  '',

    'maildomain'    =>  'mail.vega.dk',

    'smtphost'  =>  'localhost',

    'realm'     =>  'vega.dk',

    'preferred' =>  array(

"vega.horde.jones.dk",

"vega.horde.homebase.dk",

"vega.horde.biks.dk",

"vega.horde.louiz.dk",

"vega.horde.vega.dk"

)

);

$servers['bitbase'] = array(

    'name'      =>  'Bitbase',

    'server'    =>  'mail.bitbase.dk',

    'port'      =>  143,

    'protocol'  =>  'imap/notls',

    'folders'   =>  '',

    'namespace' =>  '',

    'maildomain'    =>  'bitbase.dk',

    'smtphost'  =>  'localhost',

    'realm'     =>  'bitbase.dk',

    'preferred' =>  array(

"mail.bitbase.dk",

"bitbase.horde.jones.dk",

"bitbase.horde.homebase.dk",

"bitbase.horde.biks.dk",

"bitbase.horde.louiz.dk",

"bitbase.horde.vega.dk"

)

);