projects
/
monkeysphere.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
shipping transition script; requiring manual version synchronization between common...
[monkeysphere.git]
/
src
/
monkeysphere-host
diff --git
a/src/monkeysphere-host
b/src/monkeysphere-host
index 9d3ccb1a6a9858e2c11716b1676a5f87361070d8..a86a8c91d27ad30b283b261976ad60e0522ff222 100755
(executable)
--- a/
src/monkeysphere-host
+++ b/
src/monkeysphere-host
@@
-32,10
+32,6
@@
MHSHAREDIR="${SYSSHAREDIR}/mh"
# datadir for host functions
MHDATADIR="${SYSDATADIR}/host"
# datadir for host functions
MHDATADIR="${SYSDATADIR}/host"
-# temp directory for temp gnupghome directories for add_revoker
-MHTMPDIR="${MHDATADIR}/tmp"
-export MHTMPDIR
-
# host pub key files
HOST_KEY_FILE="${SYSDATADIR}/ssh_host_rsa_key.pub.gpg"
# host pub key files
HOST_KEY_FILE="${SYSDATADIR}/ssh_host_rsa_key.pub.gpg"
@@
-77,10
+73,11
@@
EOF
# function to interact with the gpg keyring
gpg_host() {
# function to interact with the gpg keyring
gpg_host() {
- GNUPGHOME="$GNUPGHOME_HOST" gpg "$@"
+ GNUPGHOME="$GNUPGHOME_HOST" gpg
--no-greeting --quiet --no-tty
"$@"
}
}
-# command to list the info about the host key, in colon format
+# command to list the info about the host key, in colon format, to
+# stdout
gpg_host_list() {
gpg_host --list-keys --with-colons --fixed-list-mode \
--with-fingerprint --with-fingerprint \
gpg_host_list() {
gpg_host --list-keys --with-colons --fixed-list-mode \
--with-fingerprint --with-fingerprint \
@@
-92,16
+89,14
@@
gpg_host_list() {
# FIXME: should we supress all the edit script spew? or pipe it
# through log debug?
gpg_host_edit() {
# FIXME: should we supress all the edit script spew? or pipe it
# through log debug?
gpg_host_edit() {
- gpg_host --quiet --command-fd 0 --edit-key \
- "0x${HOST_FINGERPRINT}!" "$@"
+ gpg_host --command-fd 0 --edit-key "0x${HOST_FINGERPRINT}!" "$@"
}
# export the host public key to the monkeysphere gpg pub key file
}
# export the host public key to the monkeysphere gpg pub key file
-
cre
ate_gpg_pub_file() {
- log debug "
creating openpgp public key file
..."
+
upd
ate_gpg_pub_file() {
+ log debug "
updating openpgp public key file '$HOST_KEY_FILE'
..."
gpg_host --export --armor --export-options export-minimal \
"0x${HOST_FINGERPRINT}!" > "$HOST_KEY_FILE"
gpg_host --export --armor --export-options export-minimal \
"0x${HOST_FINGERPRINT}!" > "$HOST_KEY_FILE"
- log info "GPG host public key file: $HOST_KEY_FILE"
}
# load the host fingerprint into the fingerprint variable, using the
}
# load the host fingerprint into the fingerprint variable, using the
@@
-126,8
+121,7
@@
load_fingerprint() {
# gpg host secret key
load_fingerprint_secret() {
HOST_FINGERPRINT=$( \
# gpg host secret key
load_fingerprint_secret() {
HOST_FINGERPRINT=$( \
- gpg_host --quiet --list-secret-key \
- --with-colons --with-fingerprint \
+ gpg_host --list-secret-key --with-colons --with-fingerprint \
| grep '^fpr:' | cut -d: -f10 )
}
| grep '^fpr:' | cut -d: -f10 )
}
@@
-140,7
+134,8
@@
check_host_key() {
# fail if host key not present
check_host_no_key() {
[ -s "$HOST_KEY_FILE" ] \
# fail if host key not present
check_host_no_key() {
[ -s "$HOST_KEY_FILE" ] \
- || failure "You don't appear to have a Monkeysphere host key on this server. Please run 'monkeysphere-host import-key' first."
+ || failure "You don't appear to have a Monkeysphere host key on this server.
+Please run 'monkeysphere-host import-key...' first."
}
# output the index of a user ID on the host key
}
# output the index of a user ID on the host key
@@
-172,11
+167,12
@@
show_key() {
local GNUPGHOME
# tmp gpghome dir
local GNUPGHOME
# tmp gpghome dir
- export GNUPGHOME=$(m
ktemp -d
)
+ export GNUPGHOME=$(m
smktempdir
)
# trap to remove tmp dir if break
trap "rm -rf $GNUPGHOME" EXIT
# trap to remove tmp dir if break
trap "rm -rf $GNUPGHOME" EXIT
+ # import the host key into the tmp dir
gpg --quiet --import <"$HOST_KEY_FILE"
HOST_FINGERPRINT=$(gpg --quiet --list-keys --with-colons --with-fingerprint \
gpg --quiet --import <"$HOST_KEY_FILE"
HOST_FINGERPRINT=$(gpg --quiet --list-keys --with-colons --with-fingerprint \
@@
-184,7
+180,7
@@
show_key() {
# list the host key info
# FIXME: make no-show-keyring work so we don't have to do the grep'ing
# list the host key info
# FIXME: make no-show-keyring work so we don't have to do the grep'ing
- # FIXME:
why is this not showing key expiration
?
+ # FIXME:
can we show uid validity somehow
?
gpg --list-keys --fingerprint \
--list-options show-unusable-uids 2>/dev/null \
| grep -v "^${GNUPGHOME}/pubring.gpg$" \
gpg --list-keys --fingerprint \
--list-options show-unusable-uids 2>/dev/null \
| grep -v "^${GNUPGHOME}/pubring.gpg$" \
@@
-208,9
+204,12
@@
show_key() {
# MAIN
########################################################################
# MAIN
########################################################################
-# unset variables that should be defined only in config file
+# unset variables that should be defined only in config file or in
+# MONKEYSPHERE_ variables
+unset LOG_LEVEL
unset KEYSERVER
unset MONKEYSPHERE_USER
unset KEYSERVER
unset MONKEYSPHERE_USER
+unset PROMPT
# load configuration file
[ -e ${MONKEYSPHERE_HOST_CONFIG:="${SYSCONFIGDIR}/monkeysphere-host.conf"} ] && . "$MONKEYSPHERE_HOST_CONFIG"
# load configuration file
[ -e ${MONKEYSPHERE_HOST_CONFIG:="${SYSCONFIGDIR}/monkeysphere-host.conf"} ] && . "$MONKEYSPHERE_HOST_CONFIG"
@@
-219,9
+218,8
@@
unset MONKEYSPHERE_USER
# defaults
LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=${LOG_LEVEL:="INFO"}}
KEYSERVER=${MONKEYSPHERE_KEYSERVER:=${KEYSERVER:="pool.sks-keyservers.net"}}
# defaults
LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=${LOG_LEVEL:="INFO"}}
KEYSERVER=${MONKEYSPHERE_KEYSERVER:=${KEYSERVER:="pool.sks-keyservers.net"}}
-AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=${AUTHORIZED_USER_IDS:="%h/.monkeysphere/authorized_user_ids"}}
-RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=${RAW_AUTHORIZED_KEYS:="%h/.ssh/authorized_keys"}}
MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}}
MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}}
+PROMPT=${MONKEYSPHERE_PROMPT:=${PROMPT:="true"}}
# other variables
CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"}
# other variables
CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"}
@@
-231,8
+229,10
@@
GNUPGHOME_HOST=${MONKEYSPHERE_GNUPGHOME_HOST:="${MHDATADIR}"}
export DATE
export MODE
export LOG_LEVEL
export DATE
export MODE
export LOG_LEVEL
-export MONKEYSPHERE_USER
export KEYSERVER
export KEYSERVER
+export MONKEYSPHERE_USER
+export PROMPT
+export CHECK_KEYSERVER
export GNUPGHOME_HOST
export GNUPGHOME
export HOST_FINGERPRINT=
export GNUPGHOME_HOST
export GNUPGHOME
export HOST_FINGERPRINT=