X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fmonkeysphere;h=d585bfddeb9137d99e7cab111f9410d49073247c;hb=76e67ee7418efcb51788e5577f3f09d28c02709a;hp=2ca36365d19e43615010899c3bcc4c58a8dfa080;hpb=39f3516d7f57397cb61c5a28d3d199ad9bb1a719;p=monkeysphere.git diff --git a/src/monkeysphere b/src/monkeysphere index 2ca3636..d585bfd 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -4,6 +4,7 @@ # # The monkeysphere scripts are written by: # Jameson Rollins +# Daniel Kahn Gillmor # # They are Copyright 2008, and are all released under the GPL, version 3 # or later. @@ -128,25 +129,7 @@ key before joining the monkeysphere. You can do this with: # set subkey defaults # prompt about key expiration if not specified - if [ -z "$keyExpire" ] ; then - cat < = key expires in n days - w = key expires in n weeks - m = key expires in n months - y = key expires in n years -EOF - while [ -z "$keyExpire" ] ; do - read -p "Key is valid for? (0) " keyExpire - if ! test_gpg_expire ${keyExpire:=0} ; then - echo "invalid value" - unset keyExpire - fi - done - elif ! test_gpg_expire "$keyExpire" ; then - failure "invalid key expiration value '$keyExpire'." - fi + keyExpire=$(get_gpg_expiration "$keyExpire") # generate the list of commands that will be passed to edit-key editCommands=$(cat </dev/null ; then @@ -199,28 +191,24 @@ function subkey_to_ssh_agent() { fi # get list of secret keys (to work around https://bugs.g10code.com/gnupg/issue945): - secretkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode --fingerprint | grep '^fpr:' | cut -f10 -d: | awk '{ print "0x" $1 "!" }') + secretkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode --fingerprint | \ + grep '^fpr:' | cut -f10 -d: | awk '{ print "0x" $1 "!" }') if [ -z "$secretkeys" ]; then failure "You have no secret keys in your keyring! -You might want to 'gpg --gen-key'" +You might want to run 'gpg --gen-key'." fi - authsubkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode --fingerprint --fingerprint $secretkeys | cut -f1,5,10,12 -d: | grep -A1 '^ssb:[^:]*::[^:]*a[^:]*$' | grep '^fpr::' | cut -f3 -d: | sort -u) + authsubkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode \ + --fingerprint --fingerprint $secretkeys | \ + cut -f1,5,10,12 -d: | grep -A1 '^ssb:[^:]*::[^:]*a[^:]*$' | \ + grep '^fpr::' | cut -f3 -d: | sort -u) if [ -z "$authsubkeys" ]; then failure "no authentication-capable subkeys available. You might want to 'monkeysphere gen-subkey'" fi - if ! test_gnu_dummy_s2k_extension ; then - failure "Your version of GnuTLS does not seem capable of using with gpg's exported subkeys. -You may want to consider patching or upgrading. - -For more details, see: - http://lists.gnu.org/archive/html/gnutls-devel/2008-08/msg00005.html" - fi - workingdir=$(mktemp -d) umask 077 mkfifo "$workingdir/passphrase" @@ -238,7 +226,8 @@ For more details, see: primaryuid=$(gpg --with-colons --list-key "0x${subkey}!" | grep '^pub:' | cut -f10 -d: | tr -d /) - kname="[monkeysphere] $primaryuid" + #kname="[monkeysphere] $primaryuid" + kname="$primaryuid" if [ "$1" = '-d' ]; then # we're removing the subkey: @@ -252,7 +241,7 @@ For more details, see: --export-secret-subkeys "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" & (cd "$workingdir" && DISPLAY=nosuchdisplay SSH_ASKPASS=/bin/false ssh-add "$@" "$kname"