X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fshare%2Fmh%2Frevoke_name;fp=src%2Fshare%2Fmh%2Frevoke_name;h=d080704b75b9f7e3410bc732a19566548ab492bd;hb=ce45ef5702e072e869fa9d1b703f99dc740eb000;hp=0000000000000000000000000000000000000000;hpb=1e207b9914d4b19450c94a3de4dbf41305638035;p=monkeysphere.git diff --git a/src/share/mh/revoke_name b/src/share/mh/revoke_name new file mode 100644 index 0000000..d080704 --- /dev/null +++ b/src/share/mh/revoke_name @@ -0,0 +1,72 @@ +# -*-shell-script-*- +# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant) + +# Monkeysphere host revoke-hostname subcommand +# +# The monkeysphere scripts are written by: +# Jameson Rollins +# Jamie McClelland +# Daniel Kahn Gillmor +# +# They are Copyright 2008-2010, and are all released under the GPL, +# version 3 or later. + +# revoke service name user ID from host key + +revoke_name() { + +local serviceName +local keyID +local fingerprint +local tmpuidMatch +local line +local message +local revuidCommand + +if [ -z "$1" ] ; then + failure "You must specify a service name to revoke." +fi +serviceName="$1" +shift + +keyID=$(check_key_input "$@") + +# make sure the user ID to revoke exists +check_key_userid "$keyID" "$serviceName" || \ + failure "No non-revoked service name found matching '$serviceName'." + +if [ "$PROMPT" = "true" ] ; then + printf "The following service name on key '$keyID' will be revoked:\n %s\nAre you sure you would like to revoke this service name? (Y/n) " "$serviceName" >&2 + read OK; OK=${OK:=Y} + if [ "${OK/y/Y}" != 'Y' ] ; then + failure "User ID not revoked." + fi +else + log debug "revoking service name without prompting." +fi + +# actually revoke: + +# the gpg secring might not contain the host key we are trying to +# revoke (let alone any selfsig over that host key), but the plain +# --export won't contain the secret key. "keytrans revokeuserid" +# needs access to both pieces, so we feed it both of them. + +if (cat "$GNUPGHOME_HOST/secring.gpg" && gpg_host --export "$keyID") \ + | "$SYSSHAREDIR/keytrans" revokeuserid "$keyID" "$serviceName" \ + | gpg_host --import ; then + + gpg_host --check-trustdb + + update_gpg_pub_file + + show_key "$keyID" + + echo + echo "NOTE: Service name revoked, but revocation not published." + echo "Run '$PGRM publish-key' to publish the revocation." +else + failure "Problem revoking service name." +fi + +}