From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Sat, 31 Jan 2009 23:30:59 +0000 (-0500)
Subject: merging from jrollins
X-Git-Tag: monkeysphere_0.23~159^2
X-Git-Url: https://codewiz.org/gitweb?a=commitdiff_plain;h=c700e9b0dcede303ed1f160ba51f564fd314d2e3;hp=0d36aebed69b154903e158a4c0f5cc8707cf5168;p=monkeysphere.git

merging from jrollins
---

diff --git a/man/man1/monkeysphere-ssh-proxycommand.1 b/man/man1/monkeysphere-ssh-proxycommand.1
index 1606a5d..65edd0b 100644
--- a/man/man1/monkeysphere-ssh-proxycommand.1
+++ b/man/man1/monkeysphere-ssh-proxycommand.1
@@ -6,7 +6,7 @@ monkeysphere-ssh-proxycommand \- MonkeySphere ssh ProxyCommand script
 
 .SH DESCRIPTION
 
-\fBmonkeysphere-ssh-proxy\fP is an ssh proxy command that can be used
+\fBmonkeysphere-ssh-proxycommand\fP is an ssh proxy command that can be used
 to trigger a monkeysphere update of the ssh known_hosts file for a
 host that is being connected to with ssh.  This works by updating the
 known_hosts file for the host first, before an attempted connection to
diff --git a/packaging/debian/changelog b/packaging/debian/changelog
index a282c58..6b31e16 100644
--- a/packaging/debian/changelog
+++ b/packaging/debian/changelog
@@ -1,15 +1,24 @@
 monkeysphere (0.23~pre-1) UNRELEASED; urgency=low
-
-  * New upstream release:
-    - added better checks for the existence of a host private key for
-      functions that require it to be there.
-    - add checks for root users, for functions where it is required.
-    - get rid of getopts.
-    - added version output option
-    - check that existing authentication keys are valid in gen_key
-      function.
-
- -- Jameson Graef Rollins <jrollins@finestructure.net>  Tue, 30 Dec 2008 20:21:16 -0500
+  
+  "The Golden Bezoar Release"
+
+  * New upstream release.
+  * rearchitect UI:
+    - replace monkeysphere-server with monkeysphere-{authentication,host}
+    - fold monkeysphere-ssh-proxycommand into /usr/bin/monkeysphere
+
+  * simplify adding a host to the monkeysphere, automate the process
+    during debian installation
+  * provide pem2openpgp for translating unencrypted PEM-encoded raw key
+    material into OpenPGP keys.
+  * added better checks for the existence of a host private key for
+    functions that require it to be there.
+  * get rid of getopts dependency
+  * added version output option
+  * check that existing authentication keys are valid in gen_key
+     function.
+
+ -- Daniel Kahn Gillmor <dkg@pip.fifthhorseman.net>  Sat, 31 Jan 2009 17:32:58 -0500
 
 monkeysphere (0.22-1) unstable; urgency=low
 
diff --git a/src/monkeysphere-host b/src/monkeysphere-host
index 31f031e..1f68256 100755
--- a/src/monkeysphere-host
+++ b/src/monkeysphere-host
@@ -97,16 +97,6 @@ gpg_host() {
     return "$returnCode"
 }
 
-# check if user is root
-is_root() {
-    [ $(id -u 2>/dev/null) = '0' ]
-}
-
-# check that user is root, for functions that require root access
-check_user() {
-    is_root || failure "You must be root to run this command."
-}
-
 # output just key fingerprint
 fingerprint_server_key() {
     # set the pipefail option so functions fails if can't read sec key
@@ -202,37 +192,31 @@ case $COMMAND in
 	;;
 
     'extend-key'|'e')
-	check_user
 	check_host_keyring
 	extend_key "$@"
 	;;
 
     'add-hostname'|'add-name'|'n+')
-	check_user
 	check_host_keyring
 	add_hostname "$@"
 	;;
 
     'revoke-hostname'|'revoke-name'|'n-')
-	check_user
 	check_host_keyring
 	revoke_hostname "$@"
 	;;
 
     'add-revoker'|'o')
-	check_user
 	check_host_keyring
 	add_revoker "$@"
 	;;
 
     'revoke-key'|'r')
-	check_user
 	check_host_keyring
 	revoke_key "$@"
 	;;
 
     'publish-key'|'publish'|'p')
-	check_user
 	check_host_keyring
 	publish_server_key
 	;;
diff --git a/src/subcommands/mh/gen-key b/src/subcommands/mh/gen-key
index 9f26087..8558441 100755
--- a/src/subcommands/mh/gen-key
+++ b/src/subcommands/mh/gen-key
@@ -27,10 +27,6 @@ fingerprint_server_key >/dev/null \
 # get options
 while true ; do
 	case "$1" in
-	    -h|--hostname)
-		hostName="$2"
-		shift 2
-		;;
 	    -l|--length)
 		keyLength="$2"
 		shift 2
@@ -44,6 +40,8 @@ while true ; do
 		    failure "Unknown option '$1'.
 Type '$PGRM help' for usage."
 		fi
+		hostName="$1"
+		shift;
 		break
 		;;
 	esac
diff --git a/src/subcommands/mh/import-key b/src/subcommands/mh/import-key
index d60e982..ac67711 100755
--- a/src/subcommands/mh/import-key
+++ b/src/subcommands/mh/import-key
@@ -23,10 +23,6 @@ fingerprint_server_key >/dev/null \
 # get options
 while true ; do
 	case "$1" in
-	    -h|--hostname)
-		hostName="$2"
-		shift 2
-		;;
 	    -f|--keyfile)
 		keyFile="$2"
 		shift 2
@@ -40,6 +36,9 @@ while true ; do
 		    failure "Unknown option '$1'.
 Type '$PGRM help' for usage."
 		fi
+		hostName="$1"
+		shift
+		;;
 		break
 		;;
 	esac
diff --git a/tests/basic b/tests/basic
index 5ba7a25..7fdca39 100755
--- a/tests/basic
+++ b/tests/basic
@@ -8,8 +8,7 @@
 # Copyright: 2008
 # License: GPL v3 or later
 
-# these tests should all be able to
-# as a non-privileged user.
+# these tests should all be able to run as a non-privileged user.
 
 # all subcommands in this script should complete without failure:
 set -e
@@ -193,7 +192,7 @@ echo | monkeysphere-server gen-key --length 1024 --expire 0 testhost
 # remove the gpg.conf
 rm "$MONKEYSPHERE_SYSCONFIGDIR"/gnupg-host/gpg.conf
 
-HOSTKEYID=$( monkeysphere-server show-key | tail -n1 | cut -f3 -d\  )
+HOSTKEYID=$( monkeysphere-server show-key | grep '^OpenPGP fingerprint: ' | cut -f3 -d\  )
 
 # certify it with the "Admin's Key".
 # (this would normally be done via keyservers)