From: Jameson Graef Rollins Date: Thu, 19 Feb 2009 06:20:44 +0000 (-0500) Subject: Merge commit 'dkg/master' X-Git-Tag: monkeysphere_0.23~62 X-Git-Url: https://codewiz.org/gitweb?a=commitdiff_plain;h=4238a891582ba6c62fc062d24734536d029eb33a;hp=dd1914ec0225cca711508dfd1351502040b6ec87;p=monkeysphere.git Merge commit 'dkg/master' --- diff --git a/src/monkeysphere b/src/monkeysphere index da5f406..a626a8e 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -63,41 +63,38 @@ EOF # MAIN ######################################################################## -# unset variables that should be defined only in config file -unset KEYSERVER -unset CHECK_KEYSERVER -unset KNOWN_HOSTS -unset HASH_KNOWN_HOSTS -unset AUTHORIZED_KEYS +# set unset default variables +GNUPGHOME=${GNUPGHOME:="${HOME}/.gnupg"} +KNOWN_HOSTS="${HOME}/.ssh/known_hosts" +HASH_KNOWN_HOSTS="true" +AUTHORIZED_KEYS="${HOME}/.ssh/authorized_keys" # load global config -[ -r "${SYSCONFIGDIR}/monkeysphere.conf" ] && . "${SYSCONFIGDIR}/monkeysphere.conf" +[ -r "${SYSCONFIGDIR}/monkeysphere.conf" ] \ + && . "${SYSCONFIGDIR}/monkeysphere.conf" # set monkeysphere home directory MONKEYSPHERE_HOME=${MONKEYSPHERE_HOME:="${HOME}/.monkeysphere"} mkdir -p -m 0700 "$MONKEYSPHERE_HOME" # load local config -[ -e ${MONKEYSPHERE_CONFIG:="${MONKEYSPHERE_HOME}/monkeysphere.conf"} ] && . "$MONKEYSPHERE_CONFIG" - -# set empty config variables with ones from the environment, or from -# config file, or with defaults -LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=${LOG_LEVEL:="INFO"}} -GNUPGHOME=${MONKEYSPHERE_GNUPGHOME:=${GNUPGHOME:="${HOME}/.gnupg"}} -KEYSERVER=${MONKEYSPHERE_KEYSERVER:="$KEYSERVER"} -# if keyserver not specified in env or monkeysphere.conf, -# look in gpg.conf +[ -e ${MONKEYSPHERE_CONFIG:="${MONKEYSPHERE_HOME}/monkeysphere.conf"} ] \ + && . "$MONKEYSPHERE_CONFIG" + +# set empty config variables with ones from the environment +GNUPGHOME=${MONKEYSPHERE_GNUPGHOME:=$GNUPGHOME} +LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=$LOG_LEVEL} +KEYSERVER=${MONKEYSPHERE_KEYSERVER:=$KEYSERVER} +# if keyserver not specified in env or conf, then look in gpg.conf if [ -z "$KEYSERVER" ] ; then if [ -f "${GNUPGHOME}/gpg.conf" ] ; then KEYSERVER=$(grep -e "^[[:space:]]*keyserver " "${GNUPGHOME}/gpg.conf" | tail -1 | awk '{ print $2 }') fi fi -# if it's still not specified, use the default -KEYSERVER=${KEYSERVER:="subkeys.pgp.net"} -CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=${CHECK_KEYSERVER:="true"}} -KNOWN_HOSTS=${MONKEYSPHERE_KNOWN_HOSTS:=${KNOWN_HOSTS:="${HOME}/.ssh/known_hosts"}} -HASH_KNOWN_HOSTS=${MONKEYSPHERE_HASH_KNOWN_HOSTS:=${HASH_KNOWN_HOSTS:="true"}} -AUTHORIZED_KEYS=${MONKEYSPHERE_AUTHORIZED_KEYS:=${AUTHORIZED_KEYS:="${HOME}/.ssh/authorized_keys"}} +PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT} +KNOWN_HOSTS=${MONKEYSPHERE_KNOWN_HOSTS:=$KNOWN_HOSTS} +HASH_KNOWN_HOSTS=${MONKEYSPHERE_HASH_KNOWN_HOSTS:=$HASH_KNOWN_HOSTS} +AUTHORIZED_KEYS=${MONKEYSPHERE_AUTHORIZED_KEYS:=$AUTHORIZED_KEYS} # other variables not in config file AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:="${MONKEYSPHERE_HOME}/authorized_user_ids"} @@ -117,49 +114,26 @@ shift case $COMMAND in 'update-known_hosts'|'update-known-hosts'|'k') - MODE='known_hosts' + # whether or not to check keyservers + CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER} - # touch the known_hosts file so that the file permission check - # below won't fail upon not finding the file - (umask 0022 && touch "$KNOWN_HOSTS") - - # check permissions on the known_hosts file path - check_key_file_permissions "$USER" "$KNOWN_HOSTS" || failure - - # if hosts are specified on the command line, process just - # those hosts + # if hosts are specified on the command line, process just + # those hosts if [ "$1" ] ; then update_known_hosts "$@" RETURN="$?" - # otherwise, if no hosts are specified, process every host - # in the user's known_hosts file + # otherwise, if no hosts are specified, process every host + # in the user's known_hosts file else - # exit if the known_hosts file does not exist - if [ ! -e "$KNOWN_HOSTS" ] ; then - log error "known_hosts file '$KNOWN_HOSTS' does not exist." - exit - fi - process_known_hosts RETURN="$?" fi ;; 'update-authorized_keys'|'update-authorized-keys'|'a') - MODE='authorized_keys' - - # check permissions on the authorized_user_ids file path - check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" || failure - - # check permissions on the authorized_keys file path - check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" || failure - - # exit if the authorized_user_ids file is empty - if [ ! -e "$AUTHORIZED_USER_IDS" ] ; then - log error "authorized_user_ids file '$AUTHORIZED_USER_IDS' does not exist." - exit - fi + # whether or not to check keyservers + CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER} # process authorized_user_ids file process_authorized_user_ids "$AUTHORIZED_USER_IDS" diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication index e7a0580..75ab732 100755 --- a/src/monkeysphere-authentication +++ b/src/monkeysphere-authentication @@ -108,29 +108,24 @@ gpg_core_sphere_sig_transfer() { # MAIN ######################################################################## -# unset variables that should be defined only in config file of in -# MONKEYSPHERE_ variables -unset LOG_LEVEL -unset KEYSERVER -unset AUTHORIZED_USER_IDS -unset RAW_AUTHORIZED_KEYS -unset MONKEYSPHERE_USER -unset PROMPT +# set unset default variables +AUTHORIZED_USER_IDS="%h/.monkeysphere/authorized_user_ids" +RAW_AUTHORIZED_KEYS="%h/.ssh/authorized_keys" # load configuration file -[ -e ${MONKEYSPHERE_AUTHENTICATION_CONFIG:="${SYSCONFIGDIR}/monkeysphere-authentication.conf"} ] && . "$MONKEYSPHERE_AUTHENTICATION_CONFIG" - -# set empty config variable with ones from the environment, or with -# defaults -LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=${LOG_LEVEL:="INFO"}} -KEYSERVER=${MONKEYSPHERE_KEYSERVER:=${KEYSERVER:="pool.sks-keyservers.net"}} -AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=${AUTHORIZED_USER_IDS:="%h/.monkeysphere/authorized_user_ids"}} -RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=${RAW_AUTHORIZED_KEYS:="%h/.ssh/authorized_keys"}} -MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}} -PROMPT=${MONKEYSPHERE_PROMPT:=${PROMPT:="true"}} +[ -e ${MONKEYSPHERE_AUTHENTICATION_CONFIG:="${SYSCONFIGDIR}/monkeysphere-authentication.conf"} ] \ + && . "$MONKEYSPHERE_AUTHENTICATION_CONFIG" + +# set empty config variable with ones from the environment +LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=$LOG_LEVEL} +KEYSERVER=${MONKEYSPHERE_KEYSERVER:=$KEYSERVER} +CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER} +MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=$MONKEYSPHERE_USER} +PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT} +AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=$AUTHORIZED_USER_IDS} +RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=$RAW_AUTHORIZED_KEYS} # other variables -CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"} REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"} GNUPGHOME_CORE=${MONKEYSPHERE_GNUPGHOME_CORE:="${MADATADIR}/core"} GNUPGHOME_SPHERE=${MONKEYSPHERE_GNUPGHOME_SPHERE:="${MADATADIR}/sphere"} diff --git a/src/monkeysphere-host b/src/monkeysphere-host index a86a8c9..152b469 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -204,38 +204,31 @@ show_key() { # MAIN ######################################################################## -# unset variables that should be defined only in config file or in -# MONKEYSPHERE_ variables -unset LOG_LEVEL -unset KEYSERVER -unset MONKEYSPHERE_USER -unset PROMPT - # load configuration file -[ -e ${MONKEYSPHERE_HOST_CONFIG:="${SYSCONFIGDIR}/monkeysphere-host.conf"} ] && . "$MONKEYSPHERE_HOST_CONFIG" +[ -e ${MONKEYSPHERE_HOST_CONFIG:="${SYSCONFIGDIR}/monkeysphere-host.conf"} ] \ + && . "$MONKEYSPHERE_HOST_CONFIG" # set empty config variable with ones from the environment, or with # defaults -LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=${LOG_LEVEL:="INFO"}} -KEYSERVER=${MONKEYSPHERE_KEYSERVER:=${KEYSERVER:="pool.sks-keyservers.net"}} -MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}} -PROMPT=${MONKEYSPHERE_PROMPT:=${PROMPT:="true"}} +LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=$LOG_LEVEL} +KEYSERVER=${MONKEYSPHERE_KEYSERVER:=$KEYSERVER} +CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER} +MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=$MONKEYSPHERE_USER} +PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT} # other variables -CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"} GNUPGHOME_HOST=${MONKEYSPHERE_GNUPGHOME_HOST:="${MHDATADIR}"} # export variables needed in su invocation export DATE -export MODE export LOG_LEVEL export KEYSERVER +export CHECK_KEYSERVER export MONKEYSPHERE_USER export PROMPT -export CHECK_KEYSERVER export GNUPGHOME_HOST export GNUPGHOME -export HOST_FINGERPRINT= +export HOST_FINGERPRINT # get subcommand COMMAND="$1" @@ -302,6 +295,10 @@ case $COMMAND in diagnostics ;; + 'update-gpg-pub-file') + update_gpg_pub_file + ;; + 'version'|'v') echo "$VERSION" ;; diff --git a/src/share/common b/src/share/common index b78f64a..d185fdd 100644 --- a/src/share/common +++ b/src/share/common @@ -23,6 +23,21 @@ export SYSCONFIGDIR # monkeysphere version VERSION=__VERSION__ +# default log level +LOG_LEVEL="INFO" + +# default keyserver +KEYSERVER="pool.sks-keyservers.net" + +# whether or not to check keyservers by defaul +CHECK_KEYSERVER="true" + +# default monkeysphere user +MONKEYSPHERE_USER="monkeysphere" + +# default about whether or not to prompt +PROMPT="true" + ######################################################################## ### UTILITY FUNCTIONS @@ -800,6 +815,9 @@ process_host_known_hosts() { local sshKey local tmpfile + # set the key processing mode + export MODE='known_hosts' + host="$1" userID="ssh://${host}" @@ -879,6 +897,13 @@ update_known_hosts() { nHostsOK=0 nHostsBAD=0 + # touch the known_hosts file so that the file permission check + # below won't fail upon not finding the file + (umask 0022 && touch "$KNOWN_HOSTS") + + # check permissions on the known_hosts file path + check_key_file_permissions "$USER" "$KNOWN_HOSTS" || failure + # create a lockfile on known_hosts: lock create "$KNOWN_HOSTS" # FIXME: we're discarding any pre-existing EXIT trap; is this bad? @@ -933,6 +958,11 @@ update_known_hosts() { process_known_hosts() { local hosts + # exit if the known_hosts file does not exist + if [ ! -e "$KNOWN_HOSTS" ] ; then + failure "known_hosts file '$KNOWN_HOSTS' does not exist." + fi + log debug "processing known_hosts file..." hosts=$(meat "$KNOWN_HOSTS" | cut -d ' ' -f 1 | grep -v '^|.*$' | tr , ' ' | tr '\n' ' ') @@ -956,6 +986,9 @@ process_uid_authorized_keys() { local ok local sshKey + # set the key processing mode + export MODE='authorized_keys' + userID="$1" log verbose "processing: $userID" @@ -1017,6 +1050,9 @@ update_authorized_keys() { nIDsOK=0 nIDsBAD=0 + # check permissions on the authorized_keys file path + check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" || failure + # create a lockfile on authorized_keys lock create "$AUTHORIZED_KEYS" # FIXME: we're discarding any pre-existing EXIT trap; is this bad? @@ -1082,6 +1118,14 @@ process_authorized_user_ids() { authorizedUserIDs="$1" + # exit if the authorized_user_ids file is empty + if [ ! -e "$authorizedUserIDs" ] ; then + failure "authorized_user_ids file '$authorizedUserIDs' does not exist." + fi + + # check permissions on the authorized_user_ids file path + check_key_file_permissions "$USER" "$authorizedUserIDs" || failure + log debug "processing authorized_user_ids file..." if ! meat "$authorizedUserIDs" > /dev/null ; then diff --git a/src/share/m/gen_subkey b/src/share/m/gen_subkey index 19d384d..d926ad5 100644 --- a/src/share/m/gen_subkey +++ b/src/share/m/gen_subkey @@ -86,12 +86,16 @@ Type '$PGRM help' for usage." fi # if authentication key is valid, prompt to continue if [ "$validity" = 'u' ] ; then - echo "A valid authentication key already exists for primary key '$keyID'." - read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} - if [ "${OK/y/Y}" != 'Y' ] ; then + log error "A valid authentication key already exists for primary key '$keyID'." + if [ "$PROMPT" = "true" ] ; then + read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} + if [ "${OK/y/Y}" != 'Y' ] ; then + failure "aborting." + fi + break + else failure "aborting." fi - break fi done diff --git a/src/share/m/ssh_proxycommand b/src/share/m/ssh_proxycommand index cd0a1fb..29040d8 100644 --- a/src/share/m/ssh_proxycommand +++ b/src/share/m/ssh_proxycommand @@ -15,8 +15,6 @@ # established. Can be added to ~/.ssh/config as follows: # ProxyCommand monkeysphere ssh-proxycommand %h %p -ssh_proxycommand() { - # "marginal case" ouput in the case that there is not a full # validation path to the host output_no_valid_key() { @@ -136,10 +134,9 @@ EOF EOF } -######################################################################## -# export the monkeysphere log level -export MONKEYSPHERE_LOG_LEVEL +# the ssh proxycommand function itself +ssh_proxycommand() { if [ "$1" = '--no-connect' ] ; then NO_CONNECT='true' @@ -170,12 +167,13 @@ URI="ssh://${HOSTP}" # intentionally different than that of running monkeyesphere normally, # and keyserver checking is intentionally done under certain # circumstances. This can be overridden by setting the -# MONKEYSPHERE_CHECK_KEYSERVER environment variable. +# MONKEYSPHERE_CHECK_KEYSERVER environment variable, or by setting the +# CHECK_KEYSERVER variable in the monkeysphere.conf file. # if the host is in the gpg keyring... if gpg --list-key ="${URI}" 2>&1 >/dev/null ; then # do not check the keyserver - CHECK_KEYSERVER="false" + CHECK_KEYSERVER=${CHECK_KEYSERVER:="false"} # if the host is NOT in the keyring... else @@ -188,20 +186,22 @@ else # FIXME: more nuanced checking should be done here to properly # take into consideration hosts that join monkeysphere by # converting an existing and known ssh key - CHECK_KEYSERVER="false" + CHECK_KEYSERVER=${CHECK_KEYSERVER:="false"} # if the host key is not found in the known_hosts file... else # check the keyserver - CHECK_KEYSERVER="true" + CHECK_KEYSERVER=${CHECK_KEYSERVER:="true"} fi fi -# set and export the variable for use by monkeysphere -MONKEYSPHERE_CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="$CHECK_KEYSERVER"} -export MONKEYSPHERE_CHECK_KEYSERVER + +# finally look in the MONKEYSPHERE_ environment variable for a +# CHECK_KEYSERVER setting to override all else +CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER} # update the known_hosts file for the host -monkeysphere update-known_hosts "$HOSTP" +source "${MSHAREDIR}/update_known_hosts" +update_known_hosts "$HOSTP" # output on depending on the return of the update-known_hosts # subcommand, which is (ultimately) the return code of the diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier index e543d94..1b484f5 100644 --- a/src/share/ma/add_certifier +++ b/src/share/ma/add_certifier @@ -100,7 +100,7 @@ gpg_sphere "--fingerprint 0x${fingerprint}!" if [ "$PROMPT" = "true" ] ; then echo "Are you sure you want to add the above key as a" - read -p "certifier of users on this system? (y/N) " OK; OK=${OK:-N} + read -p "certifier of users on this system? (Y/n) " OK; OK=${OK:-Y} if [ "${OK/y/Y}" != 'Y' ] ; then failure "Identity certifier not added." fi diff --git a/src/share/ma/remove_certifier b/src/share/ma/remove_certifier index 10aa67b..95f6dff 100644 --- a/src/share/ma/remove_certifier +++ b/src/share/ma/remove_certifier @@ -27,7 +27,7 @@ fi gpg_core --list-key --fingerprint "0x${keyID}!" || failure if [ "$PROMPT" = "true" ] ; then - read -p "Really remove above listed identity certifier? (y/N) " OK; OK=${OK:-N} + read -p "Really remove above listed identity certifier? (Y/n) " OK; OK=${OK:-Y} if [ "${OK/y/Y}" != 'Y' ] ; then failure "Identity certifier not removed." fi diff --git a/src/share/mh/add_hostname b/src/share/mh/add_hostname index 70bbec3..0da6a06 100644 --- a/src/share/mh/add_hostname +++ b/src/share/mh/add_hostname @@ -34,8 +34,8 @@ find_host_userid > /dev/null && \ if [ "$PROMPT" = "true" ] ; then echo "The following user ID will be added to the host key:" echo " $userID" - read -p "Are you sure you would like to add this user ID? (y/N) " OK; OK=${OK:=N} - if [ ${OK/y/Y} != 'Y' ] ; then + read -p "Are you sure you would like to add this user ID? (Y/n) " OK; OK=${OK:=Y} + if [ "${OK/y/Y}" != 'Y' ] ; then failure "User ID not added." fi else diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker index bdcb749..21dc0bb 100644 --- a/src/share/mh/add_revoker +++ b/src/share/mh/add_revoker @@ -79,7 +79,7 @@ gpg_host --fingerprint "0x${fingerprint}!" if [ "$PROMPT" = "true" ] ; then echo "Are you sure you want to add the above key as a" - read -p "revoker of the host key? (y/N) " OK; OK=${OK:-N} + read -p "revoker of the host key? (Y/n) " OK; OK=${OK:-Y} if [ "${OK/y/Y}" != 'Y' ] ; then failure "revoker not added." fi diff --git a/src/share/mh/publish_key b/src/share/mh/publish_key index 37b8a72..05faa0b 100644 --- a/src/share/mh/publish_key +++ b/src/share/mh/publish_key @@ -18,8 +18,8 @@ publish_key() { local GNUPGHOME if [ "$PROMPT" = "true" ] ; then - read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N} - if [ ${OK/y/Y} != 'Y' ] ; then + read -p "Really publish host key to $KEYSERVER? (Y/n) " OK; OK=${OK:=Y} + if [ "${OK/y/Y}" != 'Y' ] ; then failure "key not published." fi else diff --git a/src/share/mh/revoke_hostname b/src/share/mh/revoke_hostname index 77f1f0d..92383a0 100644 --- a/src/share/mh/revoke_hostname +++ b/src/share/mh/revoke_hostname @@ -45,8 +45,8 @@ uidIndex=$(find_host_userid) || \ if [ "$PROMPT" = "true" ] ; then echo "The following host key user ID will be revoked:" echo " $userID" - read -p "Are you sure you would like to revoke this user ID? (y/N) " OK; OK=${OK:=N} - if [ ${OK/y/Y} != 'Y' ] ; then + read -p "Are you sure you would like to revoke this user ID? (N/y) " OK; OK=${OK:=Y} + if [ "${OK/y/Y}" != 'Y' ] ; then failure "User ID not revoked." fi else diff --git a/src/share/mh/set_expire b/src/share/mh/set_expire index ae7c13a..63e5c55 100644 --- a/src/share/mh/set_expire +++ b/src/share/mh/set_expire @@ -22,7 +22,7 @@ local extendTo extendTo=$(get_gpg_expiration "$1") if [ "$PROMPT" = "true" ] ; then - read -p "Are you sure you want to change the expiration on the host key to '$extendTo'? (y/N) " OK; OK=${OK:-N} + read -p "Are you sure you want to change the expiration on the host key to '$extendTo'? (Y/n) " OK; OK=${OK:-Y} if [ "${OK/y/Y}" != 'Y' ] ; then failure "expiration not set." fi