every function that alters the host keyring, so that all changes will
show up in exported pub key file, and in show-key.
}
# export the host public key to the monkeysphere gpg pub key file
}
# export the host public key to the monkeysphere gpg pub key file
-create_gpg_pub_file() {
- log debug "creating openpgp public key file..."
+update_gpg_pub_file() {
+ log debug "updating openpgp public key file '$HOST_KEY_FILE'..."
gpg_host --export --armor --export-options export-minimal \
"0x${HOST_FINGERPRINT}!" > "$HOST_KEY_FILE"
gpg_host --export --armor --export-options export-minimal \
"0x${HOST_FINGERPRINT}!" > "$HOST_KEY_FILE"
- log info "GPG host public key file: $HOST_KEY_FILE"
}
# load the host fingerprint into the fingerprint variable, using the
}
# load the host fingerprint into the fingerprint variable, using the
# fail if host key not present
check_host_no_key() {
[ -s "$HOST_KEY_FILE" ] \
# fail if host key not present
check_host_no_key() {
[ -s "$HOST_KEY_FILE" ] \
- || failure "You don't appear to have a Monkeysphere host key on this server. Please run 'monkeysphere-host import-key' first."
+ || failure "You don't appear to have a Monkeysphere host key on this server.
+Please run 'monkeysphere-host import-key' first."
}
# output the index of a user ID on the host key
}
# output the index of a user ID on the host key
# list the host key info
# FIXME: make no-show-keyring work so we don't have to do the grep'ing
# list the host key info
# FIXME: make no-show-keyring work so we don't have to do the grep'ing
- # FIXME: why is this not showing key expiration?
+ # FIXME: can we show uid validity somehow?
gpg --list-keys --fingerprint \
--list-options show-unusable-uids 2>/dev/null \
| grep -v "^${GNUPGHOME}/pubring.gpg$" \
gpg --list-keys --fingerprint \
--list-options show-unusable-uids 2>/dev/null \
| grep -v "^${GNUPGHOME}/pubring.gpg$" \
# execute edit-key script
if echo "$adduidCommand" | gpg_host_edit ; then
# execute edit-key script
if echo "$adduidCommand" | gpg_host_edit ; then
if echo "$addrevokerCommand" | \
gpg_core_edit ; then
if echo "$addrevokerCommand" | \
gpg_core_edit ; then
log info "Revoker added."
else
failure "Problem adding revoker."
log info "Revoker added."
else
failure "Problem adding revoker."
gpg_host --check-trustdb
# export to gpg public key to file
gpg_host --check-trustdb
# export to gpg public key to file
# show info about new key
show_key
# show info about new key
show_key
# execute edit-key script
if echo "$revuidCommand" | gpg_host_edit ; then
# execute edit-key script
if echo "$revuidCommand" | gpg_host_edit ; then
cat <<EOF | log info
NOTE: Host key expiration date adjusted, but not yet published.
Run '$PGRM publish-key' to publish the new expiration date.
cat <<EOF | log info
NOTE: Host key expiration date adjusted, but not yet published.
Run '$PGRM publish-key' to publish the new expiration date.