X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fmonkeysphere;h=59cb3d6ac45764e255fa1135f2eecdee24ca5541;hb=7bd735abd6f9c2aa73e98a22ce48bea01bc097b7;hp=2690db86bbbbe9d352b9e18faceff9a1d3aade78;hpb=050302344aba552900a199d76fab57fd49c05795;p=monkeysphere.git diff --git a/src/monkeysphere b/src/monkeysphere index 2690db8..59cb3d6 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -4,6 +4,8 @@ # # The monkeysphere scripts are written by: # Jameson Rollins +# Jamie McClelland +# Daniel Kahn Gillmor # # They are Copyright 2008, and are all released under the GPL, version 3 # or later. @@ -32,7 +34,7 @@ umask 077 ######################################################################## usage() { - cat <&2 usage: $PGRM [options] [args] MonkeySphere client tool. @@ -91,7 +93,7 @@ gen_subkey(){ if [ -z "$1" ] ; then # find all secret keys - keyID=$(gpg --with-colons --list-secret-keys | grep ^sec | cut -f5 -d:) + keyID=$(gpg --with-colons --list-secret-keys | grep ^sec | cut -f5 -d: | sort -u) # if multiple sec keys exist, fail if (( $(echo "$keyID" | wc -l) > 1 )) ; then echo "Multiple secret keys found:" @@ -113,7 +115,7 @@ key before joining the monkeysphere. You can do this with: # fail if multiple sec lines are returned, which means the id # given is not unique - if [ $(echo "$gpgOut" | grep '^sec:' | wc -l) -gt '1' ] ; then + if [ $(echo "$gpgOut" | grep -c '^sec:') -gt '1' ] ; then failure "Key ID '$keyID' is not unique." fi @@ -144,7 +146,7 @@ save EOF ) - log "generating subkey..." + log verbose "generating subkey..." fifoDir=$(mktemp -d) (umask 077 && mkfifo "$fifoDir/pass") echo "$editCommands" | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --edit-key "$keyID" & @@ -153,19 +155,20 @@ EOF rm -rf "$fifoDir" wait - log "done." + log verbose "done." } function subkey_to_ssh_agent() { # try to add all authentication subkeys to the agent: - local authsubkeys + local sshaddresponse local secretkeys - local subkey + local authsubkeys local workingdir - local kname - local sshaddresponse local keysuccess + local subkey + local publine + local kname if ! test_gnu_dummy_s2k_extension ; then failure "Your version of GnuTLS does not seem capable of using with gpg's exported subkeys. @@ -189,14 +192,18 @@ For more details, see: fi # get list of secret keys (to work around https://bugs.g10code.com/gnupg/issue945): - secretkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode --fingerprint | grep '^fpr:' | cut -f10 -d: | awk '{ print "0x" $1 "!" }') + secretkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode --fingerprint | \ + grep '^fpr:' | cut -f10 -d: | awk '{ print "0x" $1 "!" }') if [ -z "$secretkeys" ]; then failure "You have no secret keys in your keyring! You might want to run 'gpg --gen-key'." fi - authsubkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode --fingerprint --fingerprint $secretkeys | cut -f1,5,10,12 -d: | grep -A1 '^ssb:[^:]*::[^:]*a[^:]*$' | grep '^fpr::' | cut -f3 -d: | sort -u) + authsubkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode \ + --fingerprint --fingerprint $secretkeys | \ + cut -f1,5,10,12 -d: | grep -A1 '^ssb:[^:]*::[^:]*a[^:]*$' | \ + grep '^fpr::' | cut -f3 -d: | sort -u) if [ -z "$authsubkeys" ]; then failure "no authentication-capable subkeys available. @@ -221,7 +228,7 @@ You might want to 'monkeysphere gen-subkey'" primaryuid=$(gpg --with-colons --list-key "0x${subkey}!" | grep '^pub:' | cut -f10 -d: | tr -d /) #kname="[monkeysphere] $primaryuid" - kname="'$primaryuid'" + kname="$primaryuid" if [ "$1" = '-d' ]; then # we're removing the subkey: @@ -235,7 +242,7 @@ You might want to 'monkeysphere gen-subkey'" --export-secret-subkeys "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" & (cd "$workingdir" && DISPLAY=nosuchdisplay SSH_ASKPASS=/bin/false ssh-add "$@" "$kname"