GNUPGHOME="$GNUPGHOME_HOST" gpg "$@"
}
-# command to list the info about the host key, in colon format
+# command to list the info about the host key, in colon format, to
+# stdout
gpg_host_list() {
gpg_host --list-keys --with-colons --fixed-list-mode \
--with-fingerprint --with-fingerprint \
}
# command for edit key scripts, takes scripts on stdin
+# FIXME: should we supress all the edit script spew? or pipe it
+# through log debug?
gpg_host_edit() {
- gpg_host --quiet --command-fd 0 --edit-key \
- "0x${HOST_FINGERPRINT}!" "$@"
+ gpg_host --no-greeting --quiet \
+ --command-fd 0 --no-tty --edit-key \
+ "0x${HOST_FINGERPRINT}!" "$@" 2>&1 | log debug
}
# export the host public key to the monkeysphere gpg pub key file
-create_gpg_pub_file() {
- log debug "creating openpgp public key file..."
+update_gpg_pub_file() {
+ log debug "updating openpgp public key file '$HOST_KEY_FILE'..."
gpg_host --export --armor --export-options export-minimal \
"0x${HOST_FINGERPRINT}!" > "$HOST_KEY_FILE"
- log info "GPG host public key file: $HOST_KEY_FILE"
}
# load the host fingerprint into the fingerprint variable, using the
# export gpg pub key file
# FIXME: this seems much less than ideal, with all this temp keyring
# stuff. is there a way we can do this without having to create temp
-# files?
+# files? what if we stored the fingerprint in MHDATADIR/fingerprint?
load_fingerprint() {
if [ -f "$HOST_KEY_FILE" ] ; then
HOST_FINGERPRINT=$( \
# fail if host key not present
check_host_no_key() {
[ -s "$HOST_KEY_FILE" ] \
- || failure "You don't appear to have a Monkeysphere host key on this server. Please run 'monkeysphere-host import-key' first."
+ || failure "You don't appear to have a Monkeysphere host key on this server.
+Please run 'monkeysphere-host import-key' first."
}
# output the index of a user ID on the host key
# trap to remove tmp dir if break
trap "rm -rf $GNUPGHOME" EXIT
+ # import the host key into the tmp dir
gpg --quiet --import <"$HOST_KEY_FILE"
HOST_FINGERPRINT=$(gpg --quiet --list-keys --with-colons --with-fingerprint \
| grep '^fpr:' | cut -d: -f10 )
# list the host key info
- gpg --list-key --fingerprint --list-options show-unusable-uids 2>/dev/null
+ # FIXME: make no-show-keyring work so we don't have to do the grep'ing
+ # FIXME: can we show uid validity somehow?
+ gpg --list-keys --fingerprint \
+ --list-options show-unusable-uids 2>/dev/null \
+ | grep -v "^${GNUPGHOME}/pubring.gpg$" \
+ | egrep -v '^-+$'
# list the pgp fingerprint
echo "OpenPGP fingerprint: $HOST_FINGERPRINT"
# MAIN
########################################################################
-# unset variables that should be defined only in config file
+# unset variables that should be defined only in config file or in
+# MONKEYSPHERE_ variables
+unset LOG_LEVEL
unset KEYSERVER
unset MONKEYSPHERE_USER
+unset PROMPT
# load configuration file
[ -e ${MONKEYSPHERE_HOST_CONFIG:="${SYSCONFIGDIR}/monkeysphere-host.conf"} ] && . "$MONKEYSPHERE_HOST_CONFIG"
# defaults
LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=${LOG_LEVEL:="INFO"}}
KEYSERVER=${MONKEYSPHERE_KEYSERVER:=${KEYSERVER:="pool.sks-keyservers.net"}}
-AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=${AUTHORIZED_USER_IDS:="%h/.monkeysphere/authorized_user_ids"}}
-RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=${RAW_AUTHORIZED_KEYS:="%h/.ssh/authorized_keys"}}
MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}}
+PROMPT=${MONKEYSPHERE_PROMPT:=${PROMPT:="true"}}
# other variables
CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"}
export DATE
export MODE
export LOG_LEVEL
-export MONKEYSPHERE_USER
export KEYSERVER
+export MONKEYSPHERE_USER
+export PROMPT
+export CHECK_KEYSERVER
export GNUPGHOME_HOST
export GNUPGHOME
export HOST_FINGERPRINT=
projects / monkeysphere.git / blobdiff