X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fshare%2Fmh%2Frevoke_key;h=5a013e0db67518842b3000578bf364d5f3ee06e1;hb=ce45ef5702e072e869fa9d1b703f99dc740eb000;hp=ad68d5f27a4804312ed0a7620146c3c257e558d2;hpb=4e0502a242b89c73535b00cc1b199dfea38ce4d4;p=monkeysphere.git diff --git a/src/share/mh/revoke_key b/src/share/mh/revoke_key index ad68d5f..5a013e0 100644 --- a/src/share/mh/revoke_key +++ b/src/share/mh/revoke_key @@ -8,23 +8,24 @@ # Jamie McClelland # Daniel Kahn Gillmor # -# They are Copyright 2008-2009, and are all released under the GPL, +# They are Copyright 2008-2010, and are all released under the GPL, # version 3 or later. # revoke host key revoke_key() { -# Coming in here, we expect $HOST_FINGERPRINT to be set, and we -# believe that there is in fact a key. + local keyID + local publish + + keyID=$(check_key_input "$@") if [ "$PROMPT" = "false" ] ; then publish=N else cat <&2 -This will generate a revocation certificate for your host key -(fingerprint: $HOST_FINGERPRINT) and -dump the certificate to standard output. +This will generate a revocation certificate for key $keyID +and dump the certificate to standard output. It can also directly publish the new revocation certificate to the public keyservers via $KEYSERVER if you want it to. @@ -33,7 +34,8 @@ Publishing this certificate will IMMEDIATELY and PERMANENTLY revoke your host key! EOF - read -p "Publish the certificate after generation? (y/n/Q) " publish + printf "Publish the certificate after generation? (y/n/Q) " >&2 + read publish if ! [ "${publish/y/Y}" = 'Y' -o "${publish/n/N}" = 'N' ] ; then failure "aborting at user request" @@ -64,14 +66,13 @@ Monkeysphere host key revocation (automated) $(date '+%F_%T%z') y " - revcert=$(GNUPGHOME="$GNUPGHOME_HOST" gpg_host --command-fd 0 --armor --gen-revoke "0x${HOST_FINGERPRINT}!" <<<"$revoke_commands" ) \ + revcert=$(GNUPGHOME="$GNUPGHOME_HOST" gpg_host --command-fd 0 --armor --gen-revoke "0x${keyID}!" <<<"$revoke_commands" ) \ || failure "Failed to generate revocation certificate!" - else # note: we're not using the gpg_host function because we actually # want to use gpg's UI in this case, so we want to omit --no-tty - revcert=$(GNUPGHOME="$GNUPGHOME_HOST" gpg --no-greeting --quiet --armor --gen-revoke "0x${HOST_FINGERPRINT}!") \ + revcert=$(GNUPGHOME="$GNUPGHOME_HOST" gpg --no-greeting --quiet --armor --gen-revoke "0x${keyID}!") \ || failure "Failed to generate revocation certificate!" fi @@ -87,7 +88,8 @@ y if [ "${publish/y/Y}" = 'Y' ] ; then printf "\n" >&2 - read -p "Really publish this cert to $KEYSERVER ? (Y/n) " really + printf "Really publish this cert to $KEYSERVER ? (Y/n) " >&2 + read really if [ "${really/n/N}" = 'N' ] ; then printf "Not publishing.\n" >&2 else