X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;ds=sidebyside;f=howler%2Fhowler;h=0b67c02d406b7f01cc460daafb83bcb52298532a;hb=56e3a760b8913a4757115d9c0613ff3581c898ff;hp=7e33471af152d4327b261d7ea2895fa276712501;hpb=03f7058885d83592f3fe4faefc2d3fb148615ec4;p=monkeysphere.git diff --git a/howler/howler b/howler/howler index 7e33471..0b67c02 100755 --- a/howler/howler +++ b/howler/howler @@ -1,78 +1,134 @@ #!/bin/sh -# howler: server gpg key generator/publisher +# howler: monkeysphere server gpg generator/publisher/maintainer # # Written by # Jameson Rollins # # Copyright 2008, released under the GPL, version 3 or later -CMD=$(basename $0) +PGRM=$(basename $0) ######################################################################## # FUNCTIONS ######################################################################## +usage() { +cat <&2 exit ${2:-'1'} } -######################################################################## -# MAIN -######################################################################## - -MS_HOME=${MS_HOME:-/etc/monkeysphere} - -. "$MS_HOME"/monkeysphere.conf +# generate server gpg key +gen_key() { + KEY_TYPE=${KEY_TYPE:-RSA} + KEY_LENGTH=${KEY_LENGTH:-2048} + KEY_USAGE=${KEY_USAGE:-encrypt,auth} + SERVICE=${SERVICE:-ssh} + HOSTNAME_FQDN=${HOSTNAME_FQDN:-$(hostname -f)} -export GNUPGHOME + USERID=${USERID:-"$SERVICE"://"$HOSTNAME_FQDN"} -KEY_TYPE=${KEY_TYPE:-RSA} -KEY_LENGTH=${KEY_LENGTH:-2048} -KEY_USAGE=${KEY_USAGE:-encrypt,auth} -SERVICE=${SERVICE:-ssh} -HOSTNAME=${HOSTNAME:-$(hostname -f)} - -USERID=${USERID:-"$SERVICE"://"$HOSTNAME"} - -echo "key parameters:" -cat < /dev/null 2>&1 ; then - failure "key for '$USERID' already exists" -fi + if gpg --list-key ="$USERID" > /dev/null 2>&1 ; then + failure "key for '$USERID' already exists" + fi -echo "generating server key..." -gpg --batch --gen-key < /dev/null | grep '^pub:' | cut -d: -f5) -echo "sending key to keyserver '$KEYSERVER'..." -keyID=$(gpg --list-key --with-colons ="$USERID" 2> /dev/null | grep '^pub:' | cut -d: -f5) + # dummy command so as not to publish fakes keys during testing + # eventually: + #gpg --send-keys --keyserver "$KEYSERVER" "$keyID" + echo "gpg --send-keys --keyserver $KEYSERVER $keyID" +} -# dummy command so as not to publish fakes keys during testing -# eventually: -#gpg --send-keys --keyserver "$KEYSERVER" "$keyID" -echo "gpg --send-keys --keyserver $KEYSERVER $keyID" +trust_key() { + for keyID ; do + # get the key from the key server + gpg --keyserver "$KEYSERVER" --recv-key "$keyID" || failure "could not retrieve key '$keyID'" -echo "done." + # edit the key to change trust + # FIXME: need to figure out how to automate this, + # in a batch mode or something. + gpg --edit-key "$keyID" + done +} + +######################################################################## +# MAIN +######################################################################## + +# set ms home directory +MS_HOME=${MS_HOME:-/etc/monkeysphere} + +# load configuration file +MS_CONF=${MS_CONF:-"$MS_HOME"/monkeysphere.conf} +[ -e "$MS_CONF" ] && . "$MS_CONF" + +GNUPGHOME=${GNUPGHOME:-"$MS_HOME"/gnupg} +export GNUPGHOME +KEYSERVER=${KEYSERVER:-subkeys.pgp.net} +export KEYSERVER + +COMMAND="$1" +[ "$COMMAND" ] || failure "Type '$PGRM help' for usage." +shift 1 + +case $COMMAND in + 'gen-key') + gen_key + ;; + 'publish-key') + publish_key + ;; + 'trust-key') + if [ -z "$1" ] ; then + failure "you must specify at least one key to trust." + fi + trust_key "$@" + ;; + 'help') + usage + exit + ;; + *) + failure "Unknown command: '$COMMAND' +Type '$PGRM help' for usage." + ;; +esac