From: Jameson Graef Rollins Date: Fri, 15 Aug 2008 20:02:05 +0000 (-0700) Subject: more work on hostname add/revoke X-Git-Tag: monkeysphere_0.8-1~14 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=8cf936aa9d62f6e8655904375a2d8217f559947a;p=monkeysphere.git more work on hostname add/revoke --- diff --git a/src/common b/src/common index 17955a7..34c86cb 100644 --- a/src/common +++ b/src/common @@ -69,11 +69,12 @@ file_hash() { md5sum "$1" 2> /dev/null } -# convert escaped characters from gpg output back into original -# character -# FIXME: undo all escape character translation in with-colons gpg output -unescape() { - echo "$1" | sed 's/\\x3a/:/g' +# convert escaped characters in pipeline from gpg output back into +# original character +# FIXME: undo all escape character translation in with-colons gpg +# output +gpg_unescape() { + sed 's/\\x3a/:/g' } # remove all lines with specified string from specified file @@ -398,7 +399,7 @@ process_user_id() { continue fi # if the user ID does not match, skip - if [ "$(unescape "$uidfpr")" != "$userID" ] ; then + if [ "$(echo "$uidfpr" | gpg_unescape)" != "$userID" ] ; then continue fi # if the user ID validity is not ok, skip diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 023ce9b..31bce7d 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -100,17 +100,19 @@ gpg_authentication() { su_monkeysphere_user "gpg $@" } -# output key information -show_server_key() { - gpg_host --list-secret-keys --fingerprint -} - # output just key fingerprint fingerprint_server_key() { gpg_host --list-secret-keys --fingerprint --with-colons --fixed-list-mode | \ grep '^fpr:' | head -1 | cut -d: -f10 } +# output key information +show_server_key() { + local fingerprint + fingerprint=$(fingerprint_server_key) + gpg_host --fingerprint --list-secret-key "$fingerprint" +} + # update authorized_keys for users update_users() { if [ "$1" ] ; then @@ -371,52 +373,111 @@ EOF # add hostname user ID to server key add_hostname() { + local userID + local fingerprint + local adduidCommand + if [ -z "$1" ] ; then failure "You must specify a hostname to add." fi userID="ssh://${1}" - if [ "$(gpg_host --list-key "=${userID}")" ] ; then + if [ "$(gpg_host --list-key "=${userID}" 2> /dev/null)" ] ; then failure "Host userID '$userID' already exists." fi + echo "The following user ID will be added to the host key:" + echo " '$userID'" + read -p "Are you sure you would like to add this user ID? (y/N) " OK; OK=${OK:=N} + if [ ${OK/y/Y} != 'Y' ] ; then + failure "user ID not added." + fi + fingerprint=$(fingerprint_server_key) + # edit-key script command to add user ID adduidCommand=$(cat < /dev/null | \ + egrep "^(uid|uat):" | cut -d: -f10 | gpg_unescape | cat -n | \ + grep "$userID" | awk '{ print $1 }') + + if [ -z "$uidIndex" ] ; then + failure "User ID '$userID' not found in host key." + fi - echo "NOTE: host userID revokation has not been published." - echo "Use '$PGRM publish-key' to publish these changes." + echo "The following user ID will be revoked from the host key:" + echo " '$userID'" + read -p "Are you sure you would like to revoke this user ID? (y/N) " OK; OK=${OK:=N} + if [ ${OK/y/Y} != 'Y' ] ; then + failure "user ID not revoked." + fi + + # edit-key script command to revoke user ID + revuidCommand=$(cat <