summaryrefslogtreecommitdiff
path: root/src/share/ma/setup
blob: 229166bcab6fe486fc01cf91aa54e7fc8559d80d (plain)
  1. # -*-shell-script-*-
  2. # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
  3. # Monkeysphere authentication setup subcommand
  4. #
  5. # The monkeysphere scripts are written by:
  6. # Jameson Rollins <jrollins@finestructure.net>
  7. # Jamie McClelland <jm@mayfirst.org>
  8. # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
  9. #
  10. # They are Copyright 2009, and are all released under the GPL,
  11. # version 3 or later.
  12. setup() {
  13. # make all needed directories
  14. mkdir -p "${MADATADIR}"
  15. mkdir -p "${MATMPDIR}"
  16. mkdir -p "${GNUPGHOME_SPHERE}"
  17. mkdir -p "${GNUPGHOME_CORE}"
  18. # deliberately replace the config files via truncation
  19. # FIXME: should we be dumping to tmp files and then moving atomically?
  20. cat >"${GNUPGHOME_CORE}"/gpg.conf <<EOF
  21. # Monkeysphere trust core GnuPG configuration
  22. # This file is maintained by the Monkeysphere software.
  23. # Edits will be overwritten.
  24. no-greeting
  25. list-options show-uid-validity
  26. EOF
  27. cat >"${GNUPGHOME_SPHERE}"/gpg.conf <<EOF
  28. # Monkeysphere trust sphere GnuPG configuration
  29. # This file is maintained by the Monkeysphere software.
  30. # Edits will be overwritten.
  31. no-greeting
  32. primary-keyring ${GNUPGHOME_SPHERE}/pubring.gpg
  33. list-options show-uid-validity
  34. EOF
  35. # get fingerprint of core key. this should be empty on unconfigured systems.
  36. local CORE_FPR=$(gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key | grep ^fpr: | cut -f10 -d: )
  37. if [ -z "$CORE_FPR" ] ; then
  38. log info "Setting up Monkeysphere authentication trust core"
  39. local CORE_UID=$(printf "Monkeysphere authentication trust core UID (random string: %s)" $(head -c21 </dev/urandom | base64))
  40. local TMPLOC=$(mktemp -d "${MATMPDIR}"/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!"
  41. # generate the key with ssh-keygen...
  42. ssh-keygen -q -b 1024 -t rsa -N '' -f "${TMPLOC}/authkey" || failure "Could not generate new key for Monkeysphere authentication trust core"
  43. # and then translate to openpgp encoding and import
  44. # FIXME: pem2openpgp currently sets the A flag and a short
  45. # expiration date. We should set the C flag and no expiration
  46. # date.
  47. < "${TMPLOC}/authkey" pem2openpgp "$CORE_UID" | gpg --import || failure "Could not import new key for Monkeysphere authentication trust core"
  48. # get fingerprint of core key. should definitely not be empty at this point
  49. CORE_FPR=$(gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key | grep ^fpr: | cut -f10 -d: )
  50. if [ -z "$CORE_FPR" ] ; then
  51. failure "Failed to create Monkeysphere authentication trust core!"
  52. fi
  53. else
  54. log verbose "This system has already set up the Monkeysphere authentication trust core"
  55. fi
  56. # ensure that the authentication sphere checker has absolute ownertrust on the expected key.
  57. printf "%s:6:\n" "$CORE_FPR" | gpg_sphere --import-ownertrust
  58. local ORIG_TRUST
  59. if ORIG_TRUST=$(gpg_sphere --export-ownertrust | grep '^[^#]') ; then
  60. if [ "${CORE_FPR}:6:" != "$ORIG_TRUST" ] ; then
  61. failure "Monkeysphere authentication trust sphere should explicitly trust the core. It does not have proper ownertrust settings."
  62. fi
  63. else
  64. failure "Could not get monkeysphere-authentication trust guidelines."
  65. fi
  66. # ensure that we're using the extended trust model (1), and that
  67. # our preferences are reasonable (i.e. 3 marginal OR 1 fully
  68. # trusted certifications are sufficient to grant full validity.
  69. if [ "1:3:1" != $(gpg_sphere --with-colons --fixed-list-mode --list-keys | head -n1 | grep ^tru: cut -f3,6,7 -d:) ] ; then
  70. failure "monkeysphere-preference does not have the expected trust model settings"
  71. fi
  72. }