summaryrefslogtreecommitdiff
path: root/src/transitions/0.23
blob: 82529f24e98a96c1403c8fff605232d6530e4b2c (plain)
  1. #!/bin/bash
  2. # This is a post-install script for monkeysphere, to transition an old
  3. # (<0.23) setup to the new (>=0.23) setup.
  4. # You should be able to run this script after any version >= 0.23 is
  5. # installed. This script should be well-behaved, even if it is run
  6. # repeatedly.
  7. # Written by
  8. # Jameson Rollins <jrollins@finestructure.net>
  9. # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
  10. #
  11. # Copyright 2009, released under the GPL, version 3 or later
  12. # NOTE: the reverse operation (downgrading) is not directly supported,
  13. # and MAY LOCK YOU OUT OF YOUR SYSTEM, depending on how you have
  14. # configured the monkeysphere!
  15. # any unexpected errors should cause this script to bail:
  16. set -e
  17. SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"__SYSSHAREDIR_PREFIX__/share/monkeysphere"}
  18. export SYSSHAREDIR
  19. . "${SYSSHAREDIR}/defaultenv"
  20. MADATADIR="${SYSDATADIR}/authentication"
  21. MHDATADIR="${SYSDATADIR}/host"
  22. STASHDIR="${SYSDATADIR}/backup-from-0.23-transition"
  23. log() {
  24. printf "$@" >&2
  25. }
  26. # FIXME: implement this function better. here, we only care about
  27. # dots, *and* about reversing the regexification of them.
  28. gpg_unescape_and_unregex() {
  29. sed 's/\\x5c\././g'
  30. }
  31. is_domain_name() {
  32. printf "%s" "$1" | egrep -q '^[[:alnum:]][[:alnum:]-.]*[[:alnum:]]$'
  33. }
  34. # move the old server conf file to be the authentication conf file
  35. if [ -f "$SYSCONFIGDIR"/monkeysphere-server.conf -a \
  36. ! -f "$SYSCONFIGDIR"/monkeysphere-authentication.conf ] ; then
  37. mv "$SYSCONFIGDIR"/monkeysphere-server.conf "$SYSCONFIGDIR"/monkeysphere-authentication.conf
  38. fi
  39. # run the authentication setup (this is also the first chance to bail
  40. # if 0.23 is not fully-installed, because m-a did not exist before
  41. # 0.23)
  42. monkeysphere-authentication setup
  43. # before 0.23, the old gnupg-host data directory used to contain the
  44. # trust core and the system's ssh host key.
  45. if [ -d "$SYSDATADIR"/gnupg-host ] ; then
  46. ### transfer identity certifiers, if they don't already exist in the
  47. ### current setup:
  48. if monkeysphere-authentication list-identity-certifiers | \
  49. grep -q '^[A-F0-9]{40}:$' ; then
  50. log 'There are already certifiers in the new system!\nNot transferring any certifiers.\n'
  51. else
  52. # get the old host keygrip (don't know why there would be more
  53. # than one, but we'll transfer all tsigs made by any key that
  54. # had been given ultimate ownertrust):
  55. for authgrip in $(GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --quiet --no-tty --no-permission-warning --export-ownertrust | \
  56. grep ':6:$' | \
  57. sed -r 's/^[A-F0-9]{24}([A-F0-9]{16}):6:$/\1/') ; do
  58. # we're assuming that old id certifiers were only added by old
  59. # versions of m-s c+, which added certifiers by ltsigning
  60. # entire keys.
  61. # so we'll walk the list of tsigs from the old host key, and
  62. # add those keys as certifiers to the new system.
  63. # FIXME: if an admin has run "m-s add-id-certifier $foo"
  64. # multiple times for the same $foo, we'll only transfer
  65. # one of those certifications (even if later
  66. # certifications had different parameters).
  67. GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --quiet --no-tty --no-permission-warning --fingerprint --with-colons --fixed-list-mode --check-sigs | \
  68. cut -f 1,2,5,8,9,10 -d: | \
  69. egrep '^(fpr:::::|sig:!:'"$authgrip"':[[:digit:]]+ [[:digit:]]+:)' | \
  70. while IFS=: read -r type validity grip trustparams trustdomain fpr ; do
  71. case $type in
  72. 'fpr') # this is a new key
  73. keyfpr=$fpr
  74. ;;
  75. 'sig') # deal with all trust signatures, including
  76. # regexes if present.
  77. if [ "$keyfpr" ] ; then
  78. trustdepth=${trustparams%% *}
  79. trustlevel=${trustparams##* }
  80. if [ "$trustlevel" -ge 120 ] ; then
  81. truststring=full
  82. elif [ "$trustlevel" -ge 60 ] ; then
  83. truststring=marginal
  84. else
  85. # trust levels below marginal are ignored.
  86. continue
  87. fi
  88. finaldomain=
  89. if [ "$trustdomain" ] ; then
  90. # FIXME: deal with translating
  91. # $trustdomain back to a domain.
  92. if [ printf "%s" "$trustdomain" | egrep -q '^<\[\^>\]\+\[@\.\][^>]+>\$$' ] ; then
  93. dpart=$(printf "%s" "$trustdomain" | sed -r 's/^<\[\^>\]\+\[@\.\]([^>]+)>\$$/\1/' | gpg_unescape_and_unregex)
  94. if [ is_domain_name "$dpart" ]; then
  95. finaldomain="--domain $dpart"
  96. else
  97. log "Does not seem to be a domain name (%s), not adding certifier\n" "$dpart"
  98. continue
  99. fi
  100. else
  101. log "Does not seem to be a standard gpg domain-based tsig (%s), not adding certifier\n" "$trustdomain"
  102. continue
  103. fi
  104. fi
  105. CERTKEY=$(mktemp ${TMPDIR:-/tmp}/mstransition.XXXXXXXX)
  106. log "Adding identity certifier with fingerprint %s\n" "$keyfpr"
  107. GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --quiet --no-tty --no-permission-warning --export "0x$keyfpr" --export-options export-clean >"$CERTKEY"
  108. MONKEYSPHERE_PROMPT=false monkeysphere-authentication add-identity-certifier $finaldomain --trust "$truststring" --depth "$trustdepth" "$CERTKEY"
  109. rm -f "$CERTKEY"
  110. # clear the fingerprint so that we don't
  111. # make additional tsigs on it if more uids
  112. # are present:
  113. keyfpr=
  114. fi
  115. ;;
  116. esac
  117. done
  118. done
  119. fi
  120. ### transfer host key information (if present) into the new spot
  121. if [ -d "${MHDATADIR}" ] ; then
  122. log "Not transferring host key info because host directory already exists.\n"
  123. else
  124. if [ -s "$SYSDATADIR"/ssh_host_rsa_key ] || \
  125. GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --quiet --no-tty --no-permission-warning --with-colons --list-secret-keys | grep -q '^sec:' ; then
  126. FPR=$(GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --quiet --no-tty --no-permission-warning --with-colons --fixed-list-mode --list-secret-keys --fingerprint | awk -F: '/^fpr:/{ print $10 }' )
  127. # create host home
  128. mkdir -p $(dirname "$MHDATADIR")
  129. NEWDATADIR=$(mktemp -d "${MHDATADIR}.XXXXXX")
  130. chmod 0700 "${NEWDATADIR}"
  131. log "importing host key from old monkeysphere installation\n"
  132. # export from the pubring as well as the that new (non-expired)
  133. # self-sigs are available, otherwise the secret key import may fail
  134. # FIXME: turns out the secret key import fails anyway, stupidly :(
  135. # FIXME: if all self-sigs are expired, then the secret key import may
  136. # fail anyway. How should we deal with that?
  137. if (GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --quiet --no-tty --no-permission-warning --export-secret-keys && \
  138. GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --quiet --no-tty --no-permission-warning --export "$FPR") | \
  139. GNUPGHOME="$NEWDATADIR" gpg --quiet --no-tty --import ; then
  140. : we are in good shape!
  141. else
  142. if ! GNUPGHOME="$NEWDATADIR" gpg --quiet --no-tty --list-secret-key >/dev/null ; then
  143. log "The old host key (%s) was not imported properly.\n" "$FPR"
  144. exit 1
  145. fi
  146. fi
  147. # if we get here cleanly, then we're OK to move forward:
  148. mv "$NEWDATADIR" "$MHDATADIR"
  149. monkeysphere-host update-gpg-pub-file
  150. else
  151. log "No host key found in old monkeysphere install; not importing any host key.\n"
  152. fi
  153. fi
  154. ### get rid of this old stuff, since we've transferred it all:
  155. mkdir -p "$STASHDIR"
  156. chmod 0700 "$STASHDIR"
  157. mv "${SYSDATADIR}/gnupg-host" "$STASHDIR"/gnupg-host.$(date '+%F_%T%z')
  158. fi
  159. # There is nothing in the old authentication directory that we should
  160. # need to keep around, but it is not unreasonable to transfer keys to
  161. # the new authentication keyring.
  162. if [ -d "${SYSDATADIR}/gnupg-authentication" ] ; then
  163. GNUPGHOME="${SYSDATADIR}/gnupg-authentication" \
  164. gpg --quiet --no-tty --no-permission-warning --export 2>/dev/null | \
  165. monkeysphere-authentication gpg-cmd --import 2>/dev/null || \
  166. log "No OpenPGP certificates imported into monkeysphere-authentication trust sphere.\n"
  167. mkdir -p "$STASHDIR"
  168. chmod 0700 "$STASHDIR"
  169. mv "${SYSDATADIR}/gnupg-authentication" "$STASHDIR"/gnupg-authentication.$(date '+%F_%T%z')
  170. fi