summaryrefslogtreecommitdiff
path: root/src/monkeysphere-host
blob: a7b9697506322d031348bbdddf99de588bf9501a (plain)
  1. #!/usr/bin/env bash
  2. # monkeysphere-host: Monkeysphere host admin tool
  3. #
  4. # The monkeysphere scripts are written by:
  5. # Jameson Rollins <jrollins@finestructure.net>
  6. # Jamie McClelland <jm@mayfirst.org>
  7. # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
  8. # Micah Anderson <micah@riseup.net>
  9. #
  10. # They are Copyright 2008-2009, and are all released under the GPL,
  11. # version 3 or later.
  12. ########################################################################
  13. set -e
  14. # set the pipefail option so pipelines fail on first command failure
  15. set -o pipefail
  16. PGRM=$(basename $0)
  17. SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
  18. export SYSSHAREDIR
  19. . "${SYSSHAREDIR}/common" || exit 1
  20. SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
  21. export SYSDATADIR
  22. # sharedir for host functions
  23. MHSHAREDIR="${SYSSHAREDIR}/mh"
  24. # datadir for host functions
  25. MHDATADIR="${SYSDATADIR}/host"
  26. # temp directory for temp gnupghome directories for add_revoker
  27. MHTMPDIR="${MHDATADIR}/tmp"
  28. export MHTMPDIR
  29. # host pub key files
  30. HOST_KEY_FILE="${SYSDATADIR}/ssh_host_rsa_key.pub.gpg"
  31. # UTC date in ISO 8601 format if needed
  32. DATE=$(date -u '+%FT%T')
  33. # unset some environment variables that could screw things up
  34. unset GREP_OPTIONS
  35. # default return code
  36. RETURN=0
  37. ########################################################################
  38. # FUNCTIONS
  39. ########################################################################
  40. usage() {
  41. cat <<EOF >&2
  42. usage: $PGRM <subcommand> [options] [args]
  43. Monkeysphere host admin tool.
  44. subcommands:
  45. show-key (s) output all host key information
  46. set-expire (e) EXPIRE set host key expiration
  47. add-hostname (n+) NAME[:PORT] add hostname user ID to host key
  48. revoke-hostname (n-) NAME[:PORT] revoke hostname user ID
  49. add-revoker (o) FINGERPRINT add a revoker to the host key
  50. revoke-key (r) revoke host key
  51. publish-key (p) publish host key to keyserver
  52. import-key (i) [NAME[:PORT]] import existing ssh key to gpg
  53. version (v) show version number
  54. help (h,?) this help
  55. See ${PGRM}(8) for more info.
  56. EOF
  57. }
  58. # function to interact with the gpg keyring
  59. gpg_host() {
  60. GNUPGHOME="$GNUPGHOME_HOST" gpg "$@"
  61. }
  62. # command to list the info about the host key, in colon format
  63. gpg_host_list() {
  64. gpg_host --list-keys --with-colons --fixed-list-mode \
  65. --with-fingerprint --with-fingerprint \
  66. "0x${HOST_FINGERPRINT}!"
  67. }
  68. # command for edit key scripts, takes scripts on stdin
  69. # FIXME: should we supress all the edit script spew? or pipe it
  70. # through log debug?
  71. gpg_host_edit() {
  72. gpg_host --quiet --command-fd 0 --edit-key \
  73. "0x${HOST_FINGERPRINT}!" "$@"
  74. }
  75. # export the host public key to the monkeysphere gpg pub key file
  76. update_gpg_pub_file() {
  77. log debug "updating openpgp public key file '$HOST_KEY_FILE'..."
  78. gpg_host --export --armor --export-options export-minimal \
  79. "0x${HOST_FINGERPRINT}!" > "$HOST_KEY_FILE"
  80. }
  81. # load the host fingerprint into the fingerprint variable, using the
  82. # export gpg pub key file
  83. # FIXME: this seems much less than ideal, with all this temp keyring
  84. # stuff. is there a way we can do this without having to create temp
  85. # files? what if we stored the fingerprint in MHDATADIR/fingerprint?
  86. load_fingerprint() {
  87. if [ -f "$HOST_KEY_FILE" ] ; then
  88. HOST_FINGERPRINT=$( \
  89. (FUBAR=$(mktemp -d) && export GNUPGHOME="$FUBAR" \
  90. && gpg --quiet --import \
  91. && gpg --quiet --list-keys --with-colons --with-fingerprint \
  92. && rm -rf "$FUBAR") <"$HOST_KEY_FILE" \
  93. | grep '^fpr:' | cut -d: -f10 )
  94. else
  95. HOST_FINGERPRINT=
  96. fi
  97. }
  98. # load the host fingerprint into the fingerprint variable, using the
  99. # gpg host secret key
  100. load_fingerprint_secret() {
  101. HOST_FINGERPRINT=$( \
  102. gpg_host --quiet --list-secret-key \
  103. --with-colons --with-fingerprint \
  104. | grep '^fpr:' | cut -d: -f10 )
  105. }
  106. # fail if host key present
  107. check_host_key() {
  108. [ ! -s "$HOST_KEY_FILE" ] \
  109. || failure "An OpenPGP host key already exists."
  110. }
  111. # fail if host key not present
  112. check_host_no_key() {
  113. [ -s "$HOST_KEY_FILE" ] \
  114. || failure "You don't appear to have a Monkeysphere host key on this server.
  115. Please run 'monkeysphere-host import-key' first."
  116. }
  117. # output the index of a user ID on the host key
  118. # return 1 if user ID not found
  119. find_host_userid() {
  120. local userID="$1"
  121. local tmpuidMatch
  122. local line
  123. # match to only ultimately trusted user IDs
  124. tmpuidMatch="u:$(echo $userID | gpg_escape)"
  125. # find the index of the requsted user ID
  126. # NOTE: this is based on circumstantial evidence that the order of
  127. # this output is the appropriate index
  128. line=$(gpg_host_list | egrep '^(uid|uat):' | cut -f2,10 -d: | \
  129. grep -n -x -F "$tmpuidMatch" 2>/dev/null)
  130. if [ "$line" ] ; then
  131. echo ${line%%:*}
  132. return 0
  133. else
  134. return 1
  135. fi
  136. }
  137. # show info about the host key
  138. show_key() {
  139. local GNUPGHOME
  140. # tmp gpghome dir
  141. export GNUPGHOME=$(mktemp -d)
  142. # trap to remove tmp dir if break
  143. trap "rm -rf $GNUPGHOME" EXIT
  144. gpg --quiet --import <"$HOST_KEY_FILE"
  145. HOST_FINGERPRINT=$(gpg --quiet --list-keys --with-colons --with-fingerprint \
  146. | grep '^fpr:' | cut -d: -f10 )
  147. # list the host key info
  148. # FIXME: make no-show-keyring work so we don't have to do the grep'ing
  149. # FIXME: can we show uid validity somehow?
  150. gpg --list-keys --fingerprint \
  151. --list-options show-unusable-uids 2>/dev/null \
  152. | grep -v "^${GNUPGHOME}/pubring.gpg$" \
  153. | egrep -v '^-+$'
  154. # list the pgp fingerprint
  155. echo "OpenPGP fingerprint: $HOST_FINGERPRINT"
  156. # list the ssh fingerprint
  157. echo -n "ssh fingerprint: "
  158. ssh-keygen -l -f /dev/stdin \
  159. <<<$(openpgp2ssh <"$HOST_KEY_FILE" 2>/dev/null) \
  160. | awk '{ print $1, $2, $4 }'
  161. # remove the tmp file
  162. trap - EXIT
  163. rm -rf "$GNUPGHOME"
  164. }
  165. ########################################################################
  166. # MAIN
  167. ########################################################################
  168. # unset variables that should be defined only in config file
  169. unset KEYSERVER
  170. unset MONKEYSPHERE_USER
  171. # load configuration file
  172. [ -e ${MONKEYSPHERE_HOST_CONFIG:="${SYSCONFIGDIR}/monkeysphere-host.conf"} ] && . "$MONKEYSPHERE_HOST_CONFIG"
  173. # set empty config variable with ones from the environment, or with
  174. # defaults
  175. LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=${LOG_LEVEL:="INFO"}}
  176. KEYSERVER=${MONKEYSPHERE_KEYSERVER:=${KEYSERVER:="pool.sks-keyservers.net"}}
  177. AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=${AUTHORIZED_USER_IDS:="%h/.monkeysphere/authorized_user_ids"}}
  178. RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=${RAW_AUTHORIZED_KEYS:="%h/.ssh/authorized_keys"}}
  179. MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}}
  180. # other variables
  181. CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"}
  182. GNUPGHOME_HOST=${MONKEYSPHERE_GNUPGHOME_HOST:="${MHDATADIR}"}
  183. # export variables needed in su invocation
  184. export DATE
  185. export MODE
  186. export LOG_LEVEL
  187. export MONKEYSPHERE_USER
  188. export KEYSERVER
  189. export GNUPGHOME_HOST
  190. export GNUPGHOME
  191. export HOST_FINGERPRINT=
  192. # get subcommand
  193. COMMAND="$1"
  194. [ "$COMMAND" ] || failure "Type '$PGRM help' for usage."
  195. shift
  196. case $COMMAND in
  197. 'show-key'|'show'|'s')
  198. check_host_no_key
  199. show_key
  200. ;;
  201. 'set-expire'|'extend-key'|'e')
  202. check_host_no_key
  203. load_fingerprint
  204. source "${MHSHAREDIR}/set_expire"
  205. set_expire "$@"
  206. ;;
  207. 'add-hostname'|'add-name'|'n+')
  208. check_host_no_key
  209. load_fingerprint
  210. source "${MHSHAREDIR}/add_hostname"
  211. add_hostname "$@"
  212. ;;
  213. 'revoke-hostname'|'revoke-name'|'n-')
  214. check_host_no_key
  215. load_fingerprint
  216. source "${MHSHAREDIR}/revoke_hostname"
  217. revoke_hostname "$@"
  218. ;;
  219. 'add-revoker'|'o')
  220. check_host_no_key
  221. load_fingerprint
  222. source "${MHSHAREDIR}/add_revoker"
  223. add_revoker "$@"
  224. ;;
  225. 'revoke-key'|'r')
  226. check_host_no_key
  227. load_fingerprint
  228. source "${MHSHAREDIR}/revoke_key"
  229. revoke_key "$@"
  230. ;;
  231. 'publish-key'|'publish'|'p')
  232. check_host_no_key
  233. load_fingerprint
  234. source "${MHSHAREDIR}/publish_key"
  235. publish_key
  236. ;;
  237. 'import-key'|'i')
  238. check_host_key
  239. source "${MHSHAREDIR}/import_key"
  240. import_key "$@"
  241. ;;
  242. 'diagnostics'|'d')
  243. load_fingerprint
  244. source "${MHSHAREDIR}/diagnostics"
  245. diagnostics
  246. ;;
  247. 'version'|'v')
  248. echo "$VERSION"
  249. ;;
  250. '--help'|'help'|'-h'|'h'|'?')
  251. usage
  252. ;;
  253. *)
  254. failure "Unknown command: '$COMMAND'
  255. Type '$PGRM help' for usage."
  256. ;;
  257. esac
  258. exit "$RETURN"