summaryrefslogtreecommitdiff
path: root/src/monkeysphere-host
blob: 60b627a63d631cc82f81081edae506b581c6bb18 (plain)
  1. #!/usr/bin/env bash
  2. # monkeysphere-host: Monkeysphere host admin tool
  3. #
  4. # The monkeysphere scripts are written by:
  5. # Jameson Rollins <jrollins@finestructure.net>
  6. # Jamie McClelland <jm@mayfirst.org>
  7. # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
  8. # Micah Anderson <micah@riseup.net>
  9. #
  10. # They are Copyright 2008-2009, and are all released under the GPL,
  11. # version 3 or later.
  12. ########################################################################
  13. set -e
  14. # set the pipefail option so pipelines fail on first command failure
  15. set -o pipefail
  16. PGRM=$(basename $0)
  17. SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
  18. export SYSSHAREDIR
  19. . "${SYSSHAREDIR}/defaultenv"
  20. . "${SYSSHAREDIR}/common"
  21. SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
  22. export SYSDATADIR
  23. # sharedir for host functions
  24. MHSHAREDIR="${SYSSHAREDIR}/mh"
  25. # datadir for host functions
  26. MHDATADIR="${SYSDATADIR}/host"
  27. # host pub key files
  28. HOST_KEY_FILE="${SYSDATADIR}/ssh_host_rsa_key.pub.gpg"
  29. # UTC date in ISO 8601 format if needed
  30. DATE=$(date -u '+%FT%T')
  31. # unset some environment variables that could screw things up
  32. unset GREP_OPTIONS
  33. ########################################################################
  34. # FUNCTIONS
  35. ########################################################################
  36. usage() {
  37. cat <<EOF >&2
  38. usage: $PGRM <subcommand> [options] [args]
  39. Monkeysphere host admin tool.
  40. subcommands:
  41. import-key (i) FILE NAME[:PORT] import existing ssh key to gpg
  42. show-key (s) output all host key information
  43. publish-key (p) publish host key to keyserver
  44. set-expire (e) [EXPIRE] set host key expiration
  45. add-hostname (n+) NAME[:PORT] add hostname user ID to host key
  46. revoke-hostname (n-) NAME[:PORT] revoke hostname user ID
  47. add-revoker (r+) KEYID|FILE add a revoker to the host key
  48. revoke-key generate and/or publish revocation
  49. certificate for host key
  50. version (v) show version number
  51. help (h,?) this help
  52. See ${PGRM}(8) for more info.
  53. EOF
  54. }
  55. # function to interact with the gpg keyring
  56. gpg_host() {
  57. GNUPGHOME="$GNUPGHOME_HOST" gpg --no-greeting --quiet --no-tty "$@"
  58. }
  59. # command to list the info about the host key, in colon format, to
  60. # stdout
  61. gpg_host_list() {
  62. gpg_host --list-keys --with-colons --fixed-list-mode \
  63. --with-fingerprint --with-fingerprint \
  64. "0x${HOST_FINGERPRINT}!"
  65. }
  66. # command for edit key scripts, takes scripts on stdin
  67. gpg_host_edit() {
  68. gpg_host --command-fd 0 --edit-key "0x${HOST_FINGERPRINT}!" "$@"
  69. }
  70. # export the host public key to the monkeysphere gpg pub key file
  71. update_gpg_pub_file() {
  72. log debug "updating openpgp public key file '$HOST_KEY_FILE'..."
  73. gpg_host --export --armor --export-options export-minimal \
  74. "0x${HOST_FINGERPRINT}!" > "$HOST_KEY_FILE"
  75. }
  76. # load the host fingerprint into the fingerprint variable, using the
  77. # export gpg pub key file
  78. # FIXME: this seems much less than ideal, with all this temp keyring
  79. # stuff. is there a way we can do this without having to create temp
  80. # files? what if we stored the fingerprint in MHDATADIR/fingerprint?
  81. load_fingerprint() {
  82. if [ -f "$HOST_KEY_FILE" ] ; then
  83. HOST_FINGERPRINT=$( \
  84. (FUBAR=$(msmktempdir) && export GNUPGHOME="$FUBAR" \
  85. && gpg --quiet --import \
  86. && gpg --quiet --list-keys --with-colons --with-fingerprint \
  87. && rm -rf "$FUBAR") <"$HOST_KEY_FILE" \
  88. | grep '^fpr:' | cut -d: -f10 )
  89. else
  90. failure "host key gpg pub file not found."
  91. fi
  92. }
  93. # load the host fingerprint into the fingerprint variable, using the
  94. # gpg host secret key
  95. load_fingerprint_secret() {
  96. HOST_FINGERPRINT=$( \
  97. gpg_host --list-secret-key --with-colons --with-fingerprint \
  98. | grep '^fpr:' | cut -d: -f10 )
  99. }
  100. # fail if host key present
  101. check_host_key() {
  102. [ ! -s "$HOST_KEY_FILE" ] \
  103. || failure "An OpenPGP host key already exists."
  104. }
  105. # fail if host key not present
  106. check_host_no_key() {
  107. [ -s "$HOST_KEY_FILE" ] \
  108. || failure "You don't appear to have a Monkeysphere host key on this server.
  109. Please run 'monkeysphere-host import-key...' first."
  110. }
  111. # output the index of a user ID on the host key
  112. # return 1 if user ID not found
  113. find_host_userid() {
  114. local userID="$1"
  115. local tmpuidMatch
  116. local line
  117. # match to only ultimately trusted user IDs
  118. tmpuidMatch="u:$(echo $userID | gpg_escape)"
  119. # find the index of the requsted user ID
  120. # NOTE: this is based on circumstantial evidence that the order of
  121. # this output is the appropriate index
  122. line=$(gpg_host_list | egrep '^(uid|uat):' | cut -f2,10 -d: | \
  123. grep -n -x -F "$tmpuidMatch" 2>/dev/null)
  124. if [ "$line" ] ; then
  125. echo ${line%%:*}
  126. return 0
  127. else
  128. return 1
  129. fi
  130. }
  131. # show info about the host key
  132. show_key() {
  133. local GNUPGHOME
  134. local TMPSSH
  135. local revokers
  136. # tmp gpghome dir
  137. export GNUPGHOME=$(msmktempdir)
  138. # trap to remove tmp dir if break
  139. trap "rm -rf $GNUPGHOME" EXIT
  140. # import the host key into the tmp dir
  141. gpg --quiet --import <"$HOST_KEY_FILE"
  142. # create the ssh key
  143. TMPSSH="$GNUPGHOME"/ssh_host_key_rsa_pub
  144. gpg --export | openpgp2ssh 2>/dev/null >"$TMPSSH"
  145. # get the gpg fingerprint
  146. HOST_FINGERPRINT=$(gpg --quiet --list-keys --with-colons --with-fingerprint \
  147. | grep '^fpr:' | cut -d: -f10 )
  148. # list the host key info
  149. # FIXME: make no-show-keyring work so we don't have to do the grep'ing
  150. # FIXME: can we show uid validity somehow?
  151. gpg --list-keys --fingerprint \
  152. --list-options show-unusable-uids 2>/dev/null \
  153. | grep -v "^${GNUPGHOME}/pubring.gpg$" \
  154. | egrep -v '^-+$'
  155. # list revokers, if there are any
  156. revokers=$(gpg --list-keys --with-colons --fixed-list-mode \
  157. | awk -F: '/^rvk:/{ print $10 }' )
  158. if [ "$revokers" ] ; then
  159. echo "The following keys are allowed to revoke this host key:"
  160. for key in $revokers ; do
  161. echo "revoker: $key"
  162. done
  163. echo
  164. fi
  165. # list the pgp fingerprint
  166. echo "OpenPGP fingerprint: $HOST_FINGERPRINT"
  167. # list the ssh fingerprint
  168. echo -n "ssh fingerprint: "
  169. ssh-keygen -l -f "$TMPSSH" | awk '{ print $1, $2, $4 }'
  170. # remove the tmp file
  171. trap - EXIT
  172. rm -rf "$GNUPGHOME"
  173. }
  174. ########################################################################
  175. # MAIN
  176. ########################################################################
  177. # load configuration file
  178. [ -e ${MONKEYSPHERE_HOST_CONFIG:="${SYSCONFIGDIR}/monkeysphere-host.conf"} ] \
  179. && . "$MONKEYSPHERE_HOST_CONFIG"
  180. # set empty config variable with ones from the environment, or with
  181. # defaults
  182. LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=$LOG_LEVEL}
  183. KEYSERVER=${MONKEYSPHERE_KEYSERVER:=$KEYSERVER}
  184. CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER}
  185. MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=$MONKEYSPHERE_USER}
  186. MONKEYSPHERE_GROUP=$(groups "$MONKEYSPHERE_USER" | cut -d: -f2 | awk '{ print $1 }')
  187. PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT}
  188. # other variables
  189. GNUPGHOME_HOST=${MONKEYSPHERE_GNUPGHOME_HOST:="${MHDATADIR}"}
  190. LOG_PREFIX=${MONKEYSPHERE_LOG_PREFIX:='ms: '}
  191. # export variables needed in su invocation
  192. export DATE
  193. export LOG_LEVEL
  194. export KEYSERVER
  195. export CHECK_KEYSERVER
  196. export MONKEYSPHERE_USER
  197. export MONKEYSPHERE_GROUP
  198. export PROMPT
  199. export GNUPGHOME_HOST
  200. export GNUPGHOME
  201. export HOST_FINGERPRINT
  202. export LOG_PREFIX
  203. # get subcommand
  204. COMMAND="$1"
  205. [ "$COMMAND" ] || failure "Type '$PGRM help' for usage."
  206. shift
  207. case $COMMAND in
  208. 'import-key'|'i')
  209. check_host_key
  210. source "${MHSHAREDIR}/import_key"
  211. import_key "$@"
  212. ;;
  213. 'show-key'|'show'|'s')
  214. check_host_no_key
  215. show_key
  216. ;;
  217. 'set-expire'|'extend-key'|'e')
  218. check_host_no_key
  219. load_fingerprint
  220. source "${MHSHAREDIR}/set_expire"
  221. set_expire "$@"
  222. ;;
  223. 'add-hostname'|'add-name'|'n+')
  224. check_host_no_key
  225. load_fingerprint
  226. source "${MHSHAREDIR}/add_hostname"
  227. add_hostname "$@"
  228. ;;
  229. 'revoke-hostname'|'revoke-name'|'n-')
  230. check_host_no_key
  231. load_fingerprint
  232. source "${MHSHAREDIR}/revoke_hostname"
  233. revoke_hostname "$@"
  234. ;;
  235. 'add-revoker'|'r+')
  236. check_host_no_key
  237. load_fingerprint
  238. source "${MHSHAREDIR}/add_revoker"
  239. add_revoker "$@"
  240. ;;
  241. 'revoke-key')
  242. check_host_no_key
  243. load_fingerprint
  244. source "${MHSHAREDIR}/revoke_key"
  245. revoke_key "$@"
  246. ;;
  247. 'publish-key'|'publish'|'p')
  248. check_host_no_key
  249. load_fingerprint
  250. source "${MHSHAREDIR}/publish_key"
  251. publish_key
  252. ;;
  253. 'diagnostics'|'d')
  254. load_fingerprint
  255. source "${MHSHAREDIR}/diagnostics"
  256. diagnostics
  257. ;;
  258. 'update-gpg-pub-file')
  259. load_fingerprint_secret
  260. update_gpg_pub_file
  261. ;;
  262. 'version'|'v')
  263. version
  264. ;;
  265. '--help'|'help'|'-h'|'h'|'?')
  266. usage
  267. ;;
  268. *)
  269. failure "Unknown command: '$COMMAND'
  270. Type '$PGRM help' for usage."
  271. ;;
  272. esac