# Jamie McClelland <jm@mayfirst.org>
# Daniel Kahn Gillmor <dkg@fifthhorseman.net>
#
-# They are Copyright 2008-2009, and are all released under the GPL, version 3
-# or later.
+# They are Copyright 2008-2010, and are all released under the GPL,
+# version 3 or later.
-# publish server key to keyserver
+# publish keys to keyserver
publish_key() {
-read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N}
-if [ ${OK/y/Y} != 'Y' ] ; then
- failure "key not published."
+local keyID="$1"
+local GNUPGHOME
+
+if [ "$PROMPT" = "true" ] ; then
+ printf "Really publish key '$keyID' to $KEYSERVER? (Y/n) " >&2
+ read OK; OK=${OK:=Y}
+ if [ "${OK/y/Y}" != 'Y' ] ; then
+ failure "key not published."
+ fi
+else
+ log debug "publishing key '$keyID' without prompting."
fi
-# find the key fingerprint
-fingerprint=$(fingerprint_server_key)
+# create a temporary gnupg directory from which to publish the key
+export GNUPGHOME=$(msmktempdir)
+chmod 0700 "$GNUPGHOME"
+chown "$MONKEYSPHERE_USER":"$MONKEYSPHERE_GROUP" "$GNUPGHOME"
+
+# trap to remove tmp dir if break
+trap "rm -rf $GNUPGHOME" EXIT
+
+# import the key into the tmp dir
+su_monkeysphere_user \
+ "gpg --quiet --import" <"$HOST_KEY_FILE"
+
+# publish key
+su_monkeysphere_user \
+ "gpg --keyserver $KEYSERVER --send-keys '0x${keyID}!'"
-# publish host key
-# FIXME: need to define how to do this
-#gpg_authentication "--keyserver $KEYSERVER --send-keys '0x${fingerprint}!'"
-echo "not published!!!"
+# remove the tmp file
+trap - EXIT
+rm -rf "$GNUPGHOME"
}