From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri, 20 Feb 2009 03:42:43 +0000 (-0500)
Subject: Merge commit 'jrollins/master'
X-Git-Tag: monkeysphere_0.23~34
X-Git-Url: https://codewiz.org/gitweb?p=monkeysphere.git;a=commitdiff_plain;h=e13bbc823bc8fe7a28303e45055643e15d0849cd;hp=-c

Merge commit 'jrollins/master'
---

e13bbc823bc8fe7a28303e45055643e15d0849cd
diff --combined src/share/common
index d151e85,745a861..653d58b
--- a/src/share/common
+++ b/src/share/common
@@@ -1153,50 -1153,9 +1153,49 @@@ process_authorized_user_ids() 
  # takes a gpg key or keys on stdin, and outputs a list of
  # fingerprints, one per line:
  list_primary_fingerprints() {
-     local file="$1"
      local fake=$(msmktempdir)
      GNUPGHOME="$fake" gpg --no-tty --quiet --import
      GNUPGHOME="$fake" gpg --with-colons --fingerprint --list-keys | \
  	awk -F: '/^fpr:/{ print $10 }'
      rm -rf "$fake"
  }
 +
 +
 +check_cruft_file() {
 +    local loc="$1"
 +    local version="$2"
 +    
 +    if [ -e "$loc" ] ; then
 +	printf "! The file '%s' is no longer used by\n  monkeysphere (as of version %s), and can be removed.\n\n" "$loc" "$version" | log info
 +    fi
 +}
 +
 +check_upgrade_dir() {
 +    local loc="$1"
 +    local version="$2"
 +
 +    if [ -d "$loc" ] ; then
 +	printf "The presence of directory '%s' indicates that you have\nnot yet completed a monkeysphere upgrade.\nYou should probably run the following script:\n  %s/transitions/%s\n\n" "$loc" "$SYSSHAREDIR" "$version" | log info
 +    fi
 +}
 +
 +## look for cruft from old versions of the monkeysphere, and notice if
 +## upgrades have not been run:
 +report_cruft() {
 +    check_upgrade_dir "${SYSCONFIGDIR}/gnupg-host" 0.23
 +    check_upgrade_dir "${SYSCONFIGDIR}/gnupg-authentication" 0.23
 +
 +    check_cruft_file "${SYSCONFIGDIR}/gnupg-authentication.conf" 0.23
 +    check_cruft_file "${SYSCONFIGDIR}/gnupg-host.conf" 0.23
 +
 +    local found=
 +    for foo in "${SYSDATADIR}/backup-from-"*"-transition"  ; do
 +	if [ -d "$foo" ] ; then
 +	    printf "! %s\n" "$foo" | log info
 +	    found=true
 +	fi
 +    done
 +    if [ "$found" ] ; then
 +	printf "The directories above are backups left over from a monkeysphere transition.\nThey may contain copies of sensitive data (host keys, certifier lists), but\nthey are no longer needed by monkeysphere.\nYou may remove them at any time.\n\n" | log info
 +    fi
 +}
diff --combined src/share/m/ssh_proxycommand
index 0a81500,d2b4527..bd09588
--- a/src/share/m/ssh_proxycommand
+++ b/src/share/m/ssh_proxycommand
@@@ -43,7 -43,7 +43,7 @@@ EO
      # found?
  
      # get the gpg info for userid
-     gpgOut=$(gpg --list-key --fixed-list-mode --with-colon \
+     gpgOut=$(gpg_user --list-key --fixed-list-mode --with-colon \
  	--with-fingerprint --with-fingerprint \
  	="$userID" 2>/dev/null)
  
@@@ -66,12 -66,12 +66,12 @@@ EO
  
  		    sshKeyGPGFile=$(msmktempfile)
  		    printf "%s" "$sshKeyGPG" >"$sshKeyGPGFile"
 -		    sshFingerprint=$(ssh-keygen -l -f "$sshKeyGPGFile" \
 +		    sshFingerprint=$(ssh-keygen -l -f "$sshKeyGPGFile" | \
  			awk '{ print $2 }')
  		    rm -f "$sshKeyGPGFile"
  
  		    # get the sigs for the matching key
- 		    gpgSigOut=$(gpg --check-sigs \
+ 		    gpgSigOut=$(gpg_user --check-sigs \
  			--list-options show-uid-validity \
  			"$keyid")
  
@@@ -171,7 -171,7 +171,7 @@@ URI="ssh://${HOSTP}
  # CHECK_KEYSERVER variable in the monkeysphere.conf file.
  
  # if the host is in the gpg keyring...
- if gpg --list-key ="${URI}" 2>&1 >/dev/null ; then
+ if gpg_user --list-key ="${URI}" 2>&1 >/dev/null ; then
      # do not check the keyserver
      CHECK_KEYSERVER=${CHECK_KEYSERVER:="false"}