+# FIXME: make sure that at least one identity certifier exists
+
+ echo
+ echo "Checking for MonkeySphere-enabled public-key authentication for users ..."
+ # Ensure that User ID authentication is enabled:
+ if ! grep -q "^AuthorizedKeysFile[[:space:]]\+${VARLIB}/authorized_keys/%u$" "$sshd_config"; then
+ echo "! $sshd_config does not point to monkeysphere authorized keys."
+ echo " - Recommendation: add a line to $sshd_config: 'AuthorizedKeysFile ${VARLIB}/authorized_keys/%u'"
+ problemsfound=$(($problemsfound+1))
+ fi
+ if badauthorizedkeys=$(grep -i '^AuthorizedKeysFile' "$sshd_config" | grep -v "^AuthorizedKeysFile[[:space:]]\+${VARLIB}/authorized_keys/%u$") ; then
+ echo "! $sshd_config refers to non-monkeysphere authorized_keys files:"
+ echo "$badauthorizedkeys"
+ echo " - Recommendation: remove the above AuthorizedKeysFile lines from $sshd_config"
+ problemsfound=$(($problemsfound+1))
+ fi
+
+ if [ "$problemsfound" -gt 0 ]; then
+ echo "When the above $problemsfound issue"$(if [ "$problemsfound" -eq 1 ] ; then echo " is" ; else echo "s are" ; fi)" resolved, please re-run:"
+ echo " monkeysphere-server diagnostics"
+ else
+ echo "Everything seems to be in order!"
+ fi
+}
+
+# retrieve key from web of trust, import it into the host keyring, and
+# ltsign the key in the host keyring so that it may certify other keys
+add_certifier() {
+ local domain
+ local trust
+ local depth
+ local keyID
+ local fingerprint
+ local ltsignCommand
+ local trustval
+
+ # set default values for trust depth and domain
+ domain=
+ trust=full
+ depth=1
+
+ # get options
+ TEMP=$(PATH="/usr/local/bin:$PATH" getopt -o n:t:d: -l domain:,trust:,depth: -n "$PGRM" -- "$@") || failure "getopt failed! Does your getopt support GNU-style long options?"
+
+ if [ $? != 0 ] ; then
+ exit 1
+ fi
+
+ # Note the quotes around `$TEMP': they are essential!
+ eval set -- "$TEMP"
+
+ while true ; do
+ case "$1" in
+ -n|--domain)
+ domain="$2"
+ shift 2
+ ;;
+ -t|--trust)
+ trust="$2"
+ shift 2
+ ;;
+ -d|--depth)
+ depth="$2"
+ shift 2
+ ;;
+ --)
+ shift
+ ;;
+ *)
+ break
+ ;;
+ esac
+ done
+
+ keyID="$1"
+ if [ -z "$keyID" ] ; then
+ failure "You must specify the key ID of a key to add, or specify a file to read the key from."
+ fi
+ if [ -f "$keyID" ] ; then
+ echo "Reading key from file '$keyID':"
+ importinfo=$(gpg_authentication "--import" < "$keyID" 2>&1) || failure "could not read key from '$keyID'"
+ # FIXME: if this is tried when the key database is not
+ # up-to-date, i got these errors (using set -x):
+
+# ++ su -m monkeysphere -c '\''gpg --import'\''
+# Warning: using insecure memory!
+# gpg: key D21739E9: public key "Daniel Kahn Gillmor <dkg@fifthhorseman.net>" imported
+# gpg: Total number processed: 1
+# gpg: imported: 1 (RSA: 1)
+# gpg: can'\''t create `/var/monkeysphere/gnupg-host/pubring.gpg.tmp'\'': Permission denied
+# gpg: failed to rebuild keyring cache: Permission denied
+# gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
+# gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
+# gpg: next trustdb check due at 2009-01-10'
+# + failure 'could not read key from '\''/root/dkg.gpg'\'''
+# + echo 'could not read key from '\''/root/dkg.gpg'\'''
+
+ keyID=$(echo "$importinfo" | grep '^gpg: key ' | cut -f2 -d: | cut -f3 -d\ )
+ if [ -z "$keyID" ] || [ $(echo "$keyID" | wc -l) -ne 1 ] ; then
+ failure "Expected there to be a single gpg key in the file."
+ fi
+ else
+ # get the key from the key server
+ gpg_authentication "--keyserver $KEYSERVER --recv-key '0x${keyID}!'" || failure "Could not receive a key with this ID from the '$KEYSERVER' keyserver."
+ fi
+
+ export keyID
+
+
+ # get the full fingerprint of a key ID
+ fingerprint=$(gpg_authentication "--list-key --with-colons --with-fingerprint 0x${keyID}!" | \
+ grep '^fpr:' | grep "$keyID" | cut -d: -f10)
+
+ if [ -z "$fingerprint" ] ; then
+ failure "Key '$keyID' not found."
+ fi
+
+ echo
+ echo "key found:"
+ gpg_authentication "--fingerprint 0x${fingerprint}!"
+
+ echo "Are you sure you want to add the above key as a"
+ read -p "certifier of users on this system? (y/N) " OK; OK=${OK:-N}
+ if [ "${OK/y/Y}" != 'Y' ] ; then
+ failure "Identity certifier not added."
+ fi
+
+ # export the key to the host keyring
+ gpg_authentication "--export 0x${fingerprint}!" | gpg_host --import
+
+ if [ "$trust" == marginal ]; then
+ trustval=1
+ elif [ "$trust" == full ]; then
+ trustval=2
+ else
+ failure "Trust value requested ('$trust') was unclear (only 'marginal' or 'full' are supported)."
+ fi
+
+ # ltsign command
+ # NOTE: *all* user IDs will be ltsigned
+ ltsignCommand=$(cat <<EOF
+ltsign
+y
+$trustval
+$depth
+$domain
+y
+save
+EOF
+ )
+
+ # ltsign the key
+ if echo "$ltsignCommand" | \
+ gpg_host --quiet --command-fd 0 --edit-key "0x${fingerprint}!" ; then
+
+ # update the trustdb for the authentication keyring
+ gpg_authentication "--check-trustdb"
+
+ echo
+ echo "Identity certifier added."
+ else
+ failure "Problem adding identify certifier."
+ fi
+}
+
+# delete a certifiers key from the host keyring
+remove_certifier() {
+ local keyID
+ local fingerprint
+
+ keyID="$1"
+ if [ -z "$keyID" ] ; then
+ failure "You must specify the key ID of a key to remove."
+ fi
+
+ if gpg_authentication "--no-options --list-options show-uid-validity --keyring ${GNUPGHOME_AUTHENTICATION}/pubring.gpg --list-key 0x${keyID}!" ; then
+ read -p "Really remove above listed identity certifier? (y/N) " OK; OK=${OK:-N}
+ if [ "${OK/y/Y}" != 'Y' ] ; then
+ failure "Identity certifier not removed."
+ fi
+ else
+ failure
+ fi
+
+ # delete the requested key
+ if gpg_authentication "--delete-key --batch --yes 0x${keyID}!" ; then
+ # delete key from host keyring as well
+ gpg_host --delete-key --batch --yes "0x${keyID}!"
+
+ # update the trustdb for the authentication keyring
+ gpg_authentication "--check-trustdb"
+
+ echo
+ echo "Identity certifier removed."
+ else
+ failure "Problem removing identity certifier."
+ fi
+}
+
+# list the host certifiers
+list_certifiers() {
+ local keys
+ local key
+
+ # find trusted keys in authentication keychain
+ keys=$(gpg_authentication "--no-options --list-options show-uid-validity --keyring ${GNUPGHOME_AUTHENTICATION}/pubring.gpg --list-keys --with-colons --fingerprint" | \
+ grep ^pub: | cut -d: -f2,5 | egrep '^(u|f):' | cut -d: -f2)
+
+ # output keys
+ for key in $keys ; do
+ gpg_authentication "--no-options --list-options show-uid-validity --keyring ${GNUPGHOME_AUTHENTICATION}/pubring.gpg --list-key --fingerprint $key"
+ done
+}
+
+# issue command to gpg-authentication keyring
+gpg_authentication_cmd() {
+ gpg_authentication "$@"
+}
+
+########################################################################
+# MAIN
+########################################################################
+
+# unset variables that should be defined only in config file
+unset KEYSERVER
+unset AUTHORIZED_USER_IDS
+unset RAW_AUTHORIZED_KEYS
+unset MONKEYSPHERE_USER
+
+# load configuration file
+[ -e ${MONKEYSPHERE_SERVER_CONFIG:="${ETC}/monkeysphere-server.conf"} ] && . "$MONKEYSPHERE_SERVER_CONFIG"
+
+# set empty config variable with ones from the environment, or with
+# defaults
+LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=${LOG_LEVEL:="INFO"}}
+KEYSERVER=${MONKEYSPHERE_KEYSERVER:=${KEYSERVER:="subkeys.pgp.net"}}
+AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=${AUTHORIZED_USER_IDS:="%h/.monkeysphere/authorized_user_ids"}}
+RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=${RAW_AUTHORIZED_KEYS:="%h/.ssh/authorized_keys"}}
+MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}}
+
+# other variables
+CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"}
+REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"}
+GNUPGHOME_HOST=${MONKEYSPHERE_GNUPGHOME_HOST:="${VARLIB}/gnupg-host"}
+GNUPGHOME_AUTHENTICATION=${MONKEYSPHERE_GNUPGHOME_AUTHENTICATION:="${VARLIB}/gnupg-authentication"}
+
+# export variables needed in su invocation
+export DATE
+export MODE
+export MONKEYSPHERE_USER
+export LOG_LEVEL
+export KEYSERVER
+export CHECK_KEYSERVER
+export REQUIRED_USER_KEY_CAPABILITY
+export GNUPGHOME_HOST
+export GNUPGHOME_AUTHENTICATION
+export GNUPGHOME
+
+# get subcommand
+COMMAND="$1"
+[ "$COMMAND" ] || failure "Type '$PGRM help' for usage."
+shift
+
+case $COMMAND in
+ 'update-users'|'update-user'|'u')
+ update_users "$@"