monkeysphere.git
15 years agoStop all creation of a ssh_host_rsa_key.pub. Use openpgp2ssh to get
Jameson Graef Rollins [Tue, 17 Feb 2009 01:15:58 +0000 (20:15 -0500)]
Stop all creation of a ssh_host_rsa_key.pub.  Use openpgp2ssh to get
the fingerprint from the host pgp public key.  Prevents us from having
to maintain the ssh pub key file, and generally makes things simpler.
Also allows us to go back to having import_key take the key on stdin
(which dkg will like).

15 years agostart script to do a 0.22 -> 0.23 transition. still needs work (UNTESTED).
Jameson Graef Rollins [Mon, 16 Feb 2009 06:10:02 +0000 (01:10 -0500)]
start script to do a 0.22 -> 0.23 transition.  still needs work (UNTESTED).

15 years agomake sure MHTMPDIR is defined and created
Jameson Graef Rollins [Mon, 16 Feb 2009 06:08:28 +0000 (01:08 -0500)]
make sure MHTMPDIR is defined and created

15 years agofix a bad reference to MATMPDIR
Jameson Graef Rollins [Mon, 16 Feb 2009 06:07:04 +0000 (01:07 -0500)]
fix a bad reference to MATMPDIR

15 years agounbreakout some functions that were broken out earlier for handling creating ssh...
Jameson Graef Rollins [Mon, 16 Feb 2009 04:27:12 +0000 (23:27 -0500)]
unbreakout some functions that were broken out earlier for handling creating ssh key files, since they are actually done in different ways under different circumstances.

15 years agoChange import_key to take the path to the file to import as an argument. dkg won...
Jameson Graef Rollins [Mon, 16 Feb 2009 04:25:51 +0000 (23:25 -0500)]
Change import_key to take the path to the file to import as an argument.  dkg won't like this, but I think it's necessary so that we can generate the ssh pub key file, which is needed for subsequenty works.

15 years agofix the publish_key function for new gpg_sphere.
Jameson Graef Rollins [Mon, 16 Feb 2009 03:51:17 +0000 (22:51 -0500)]
fix the publish_key function for new gpg_sphere.

15 years agohave the import_key also create the ssh pub file, since it is needed to show full...
Jameson Graef Rollins [Mon, 16 Feb 2009 03:50:35 +0000 (22:50 -0500)]
have the import_key also create the ssh pub file, since it is needed to show full host key info.

15 years agowebsite: fix a small incorrect command line for apt-key import
Jameson Graef Rollins [Sun, 15 Feb 2009 23:16:33 +0000 (18:16 -0500)]
website: fix a small incorrect command line for apt-key import

15 years agofix something that was resolved improperly in the previous merge.
Jameson Graef Rollins [Fri, 13 Feb 2009 00:13:19 +0000 (19:13 -0500)]
fix something that was resolved improperly in the previous merge.

15 years agoMerge commit 'dkg/master'
Jameson Graef Rollins [Fri, 13 Feb 2009 00:11:50 +0000 (19:11 -0500)]
Merge commit 'dkg/master'

Conflicts:

src/share/ma/setup

15 years agofix some calls to gpg_sphere that where not putting all arguments into a single argum...
Jameson Graef Rollins [Fri, 13 Feb 2009 00:10:12 +0000 (19:10 -0500)]
fix some calls to gpg_sphere that where not putting all arguments into a single argument, as required by the strange su requirements.

15 years agotrust level != trust model
Daniel Kahn Gillmor [Fri, 13 Feb 2009 00:08:21 +0000 (19:08 -0500)]
trust level != trust model

15 years agofix the su_monkeysphere_user function so that it does 'bash -c' instead of 'eval...
Jameson Graef Rollins [Thu, 12 Feb 2009 23:59:01 +0000 (18:59 -0500)]
fix the su_monkeysphere_user function so that it does 'bash -c' instead of 'eval', if the user already is the monkeysphere user, so that a proper subshell is invoked.

15 years agosu_monkeysphere_user now invokes a subshell even when already called by the monkeysph...
Daniel Kahn Gillmor [Thu, 12 Feb 2009 23:53:17 +0000 (18:53 -0500)]
su_monkeysphere_user now invokes a subshell even when already called by the monkeysphere user.

15 years agotweak some of the log output inconsequentially
Jameson Graef Rollins [Thu, 12 Feb 2009 23:39:38 +0000 (18:39 -0500)]
tweak some of the log output inconsequentially

15 years agotests/common: enable a single subshell in the test environment before cleanup on...
Daniel Kahn Gillmor [Thu, 12 Feb 2009 23:34:08 +0000 (18:34 -0500)]
tests/common: enable a single subshell in the test environment before cleanup on failure; makes it easier to have $PATH, etc set up

15 years agono longer require the primary-keyring for the sphere gpg.conf now that we use a singl...
Daniel Kahn Gillmor [Thu, 12 Feb 2009 23:32:32 +0000 (18:32 -0500)]
no longer require the primary-keyring for the sphere gpg.conf now that we use a single keyring

15 years agofix typo
Daniel Kahn Gillmor [Thu, 12 Feb 2009 23:30:38 +0000 (18:30 -0500)]
fix typo

15 years agoadd list-certifiers to the basic test
Jameson Graef Rollins [Thu, 12 Feb 2009 23:24:34 +0000 (18:24 -0500)]
add list-certifiers to the basic test

15 years agofix some things in ma certifier functions:
Jameson Graef Rollins [Thu, 12 Feb 2009 23:23:05 +0000 (18:23 -0500)]
fix some things in ma certifier functions:
- fix left over bad invocations of gpg_sphere --list-keys
- add some more debug log output

15 years agoFix the ma/setup function:
Jameson Graef Rollins [Thu, 12 Feb 2009 23:19:35 +0000 (18:19 -0500)]
Fix the ma/setup function:
- fix reference to MONKEYSPHERE_USER for GNUPGHOME_SPHERE
- break out core_fingerprint function
- export core key to sphere keyring (necessary)
- fix some logging (add more debug) and formatting

15 years agofix reference to MONKEYSPHER_USER in ma/setup
Jameson Graef Rollins [Thu, 12 Feb 2009 21:17:00 +0000 (16:17 -0500)]
fix reference to MONKEYSPHER_USER in ma/setup

15 years agotests/basic: respect $TMPDIR variable for temporary directories set up during testing.
Daniel Kahn Gillmor [Thu, 12 Feb 2009 20:19:16 +0000 (15:19 -0500)]
tests/basic: respect $TMPDIR variable for temporary directories set up during testing.

15 years agosome clean up to tests/basic
Jameson Graef Rollins [Thu, 12 Feb 2009 18:36:39 +0000 (13:36 -0500)]
some clean up to tests/basic

15 years agoadd some debug logging to some common functions
Jameson Graef Rollins [Thu, 12 Feb 2009 18:33:17 +0000 (13:33 -0500)]
add some debug logging to some common functions

15 years agoadd ability to supress confirmation prompt in ma/add_certifier
Jameson Graef Rollins [Thu, 12 Feb 2009 18:30:57 +0000 (13:30 -0500)]
add ability to supress confirmation prompt in ma/add_certifier
fix some logging output

15 years agoclean up how trust level was check in ma/setup, with some debug output
Jameson Graef Rollins [Thu, 12 Feb 2009 18:29:30 +0000 (13:29 -0500)]
clean up how trust level was check in ma/setup, with some debug output

15 years agobreak out a bunch of common functions in monkeysphere-host:
Jameson Graef Rollins [Thu, 12 Feb 2009 18:25:35 +0000 (13:25 -0500)]
break out a bunch of common functions in monkeysphere-host:
- create_*_*_file to create the key files
- load_*fingerprint to load the host fingerprint into an exported
  variable (HOST_FINGERPRINT)
- check_host_*key to check for the presence of a host key
modified {import,gen}_key to use these new functions.

15 years agoadd much of an add_revoker function. still needs to be fleshed out
Jameson Graef Rollins [Mon, 9 Feb 2009 06:52:00 +0000 (01:52 -0500)]
add much of an add_revoker function.  still needs to be fleshed out
and tested, though, so it's not "active" yet.

15 years agosmall formatting tweaks to add_certifier function
Jameson Graef Rollins [Mon, 9 Feb 2009 06:51:02 +0000 (01:51 -0500)]
small formatting tweaks to add_certifier function

15 years agorename function to get the host fingerprint, and fix some
Jameson Graef Rollins [Mon, 9 Feb 2009 06:41:30 +0000 (01:41 -0500)]
rename function to get the host fingerprint, and fix some
HOST_FINGERPRINT variables.

15 years agofix name of set_expire function
Jameson Graef Rollins [Mon, 9 Feb 2009 06:39:50 +0000 (01:39 -0500)]
fix name of set_expire function

15 years agobreak su_monkeysphere_user into common function, since it will likely
Jameson Graef Rollins [Mon, 9 Feb 2009 05:47:17 +0000 (00:47 -0500)]
break su_monkeysphere_user into common function, since it will likely
be needed by both m-host and m-auth for communicating with keyservers.

15 years agodefine variable for public key files (HOST_KEY_PUB, HOST_KEY_PUB_GPG).
Jameson Graef Rollins [Mon, 9 Feb 2009 05:42:16 +0000 (00:42 -0500)]
define variable for public key files (HOST_KEY_PUB, HOST_KEY_PUB_GPG).
also, fix some function calls to check_host_fail function.

15 years agoa couple of small fixes to the {gen,import}_key functions
Jameson Graef Rollins [Mon, 9 Feb 2009 05:30:04 +0000 (00:30 -0500)]
a couple of small fixes to the {gen,import}_key functions

15 years agoBreak out host export commands into gpg_host_export and
Jameson Graef Rollins [Mon, 9 Feb 2009 05:21:40 +0000 (00:21 -0500)]
Break out host export commands into gpg_host_export and
gpg_host_export_to_ssh_file functions, and update the {gen,import}_key
functions accordingly.

15 years agoMerge commit 'dkg/master'
Jameson Graef Rollins [Mon, 9 Feb 2009 04:59:35 +0000 (23:59 -0500)]
Merge commit 'dkg/master'

15 years agoSome rearragement/cleanup in the monkeysphere-host:
Jameson Graef Rollins [Mon, 9 Feb 2009 04:55:28 +0000 (23:55 -0500)]
Some rearragement/cleanup in the monkeysphere-host:
- define exported variable to hold host key fingerprint
(HOST_FINGERPRINT)
- broke out some common commands into simpler functions
- rename the 'extend_key' function to be 'set_expire', since function
is more generically offered now.

15 years agotests/basic created the wrong monkeysphere-authentication.conf
Daniel Kahn Gillmor [Thu, 5 Feb 2009 20:53:18 +0000 (15:53 -0500)]
tests/basic created the wrong monkeysphere-authentication.conf

15 years agofixing out-of-date comments
Daniel Kahn Gillmor [Thu, 5 Feb 2009 20:40:16 +0000 (15:40 -0500)]
fixing out-of-date comments

15 years agofixing dumb typo in tests/basic
Daniel Kahn Gillmor [Thu, 5 Feb 2009 20:18:17 +0000 (15:18 -0500)]
fixing dumb typo in tests/basic

15 years agom-a setup: take advantage of the new ability of pem2openpgp to generate its own key.
Daniel Kahn Gillmor [Thu, 5 Feb 2009 20:16:05 +0000 (15:16 -0500)]
m-a setup: take advantage of the new ability of pem2openpgp to generate its own key.

15 years agorestoring absolute paths to both TEMPDIR and TESTDIR in tests/basic.
Daniel Kahn Gillmor [Thu, 5 Feb 2009 19:29:42 +0000 (14:29 -0500)]
restoring absolute paths to both TEMPDIR and TESTDIR in tests/basic.

15 years agoupdated pem2openpgp invocation in m-h import-key
Daniel Kahn Gillmor [Thu, 5 Feb 2009 19:24:49 +0000 (14:24 -0500)]
updated pem2openpgp invocation in m-h import-key

15 years agopem2openpgp now supports generating the key as an alternative to reading it from...
Daniel Kahn Gillmor [Thu, 5 Feb 2009 19:11:04 +0000 (14:11 -0500)]
pem2openpgp now supports generating the key as an alternative to reading it from stdin.

15 years agoupdated man page for pem2openpgp.
Daniel Kahn Gillmor [Thu, 5 Feb 2009 19:10:16 +0000 (14:10 -0500)]
updated man page for pem2openpgp.

15 years agoset proper permissions on administrator gnupghome.
Daniel Kahn Gillmor [Wed, 4 Feb 2009 20:19:58 +0000 (15:19 -0500)]
set proper permissions on administrator gnupghome.

15 years agotests/basic ensure that the directory is actually an absolute path, not a relative...
Daniel Kahn Gillmor [Wed, 4 Feb 2009 20:03:25 +0000 (15:03 -0500)]
tests/basic ensure that the directory is actually an absolute path, not a relative one.

15 years agotests: making the temporary directory be created in a new place. make sure the proxy...
Daniel Kahn Gillmor [Wed, 4 Feb 2009 19:11:42 +0000 (14:11 -0500)]
tests: making the temporary directory be created in a new place.  make sure the proxy command used in the test is the new subcommand.

15 years agoweb site: added news item about the planned changes for the pending release of the...
Daniel Kahn Gillmor [Wed, 4 Feb 2009 17:21:45 +0000 (12:21 -0500)]
web site: added news item about the planned changes for the pending release of the monkeysphere.

15 years agotests/keytrans: terminate reasonably on success.
Daniel Kahn Gillmor [Wed, 4 Feb 2009 06:51:55 +0000 (01:51 -0500)]
tests/keytrans: terminate reasonably on success.

15 years agoMerge commit 'jrollins/master'
Daniel Kahn Gillmor [Wed, 4 Feb 2009 06:47:46 +0000 (01:47 -0500)]
Merge commit 'jrollins/master'

15 years agopem2openpgp: avoid dumping garbage to stderr
Daniel Kahn Gillmor [Wed, 4 Feb 2009 06:47:16 +0000 (01:47 -0500)]
pem2openpgp: avoid dumping garbage to stderr

15 years agofix some things in the keytrans test
Jameson Graef Rollins [Wed, 4 Feb 2009 06:42:40 +0000 (01:42 -0500)]
fix some things in the keytrans test

15 years agopem2openpgp: when creating a signature, make sure that the public key material uses...
Daniel Kahn Gillmor [Wed, 4 Feb 2009 06:38:53 +0000 (01:38 -0500)]
pem2openpgp: when creating a signature, make sure that the public key material uses a 2-octet packet length.

15 years agomove keytrans test to a separate test script, and move functions common to all test...
Jameson Graef Rollins [Wed, 4 Feb 2009 06:12:02 +0000 (01:12 -0500)]
move keytrans test to a separate test script, and move functions common to all test to a common file

15 years agoadd test of key conversion (openpgp2ssh and pem2openpgp) in test script.
Jameson Graef Rollins [Wed, 4 Feb 2009 05:58:25 +0000 (00:58 -0500)]
add test of key conversion (openpgp2ssh and pem2openpgp) in test script.

15 years agoensure that the output of modular multiplicative inverse is positive.
Daniel Kahn Gillmor [Wed, 4 Feb 2009 05:27:35 +0000 (00:27 -0500)]
ensure that the output of modular multiplicative inverse is positive.

15 years agobring comments up-to-date and parameterize expiration date.
Daniel Kahn Gillmor [Wed, 4 Feb 2009 03:19:57 +0000 (22:19 -0500)]
bring comments up-to-date and parameterize expiration date.

15 years agouse the environment to determine usage flags (default to certify)
Daniel Kahn Gillmor [Wed, 4 Feb 2009 02:42:06 +0000 (21:42 -0500)]
use the environment to determine usage flags (default to certify)

15 years ago*still* trying to get clean perl for pem2openpgp
Daniel Kahn Gillmor [Wed, 4 Feb 2009 02:38:11 +0000 (21:38 -0500)]
*still* trying to get clean perl for pem2openpgp

15 years agostill trying to get clean perl for pem2openpgp
Daniel Kahn Gillmor [Wed, 4 Feb 2009 02:37:29 +0000 (21:37 -0500)]
still trying to get clean perl for pem2openpgp

15 years agostupid perl flailing in pem2openpgp.
Daniel Kahn Gillmor [Wed, 4 Feb 2009 02:36:07 +0000 (21:36 -0500)]
stupid perl flailing in pem2openpgp.

15 years agoaccept environment variables to adjust the behavior of pem2openpgp
Daniel Kahn Gillmor [Wed, 4 Feb 2009 02:32:50 +0000 (21:32 -0500)]
accept environment variables to adjust the behavior of pem2openpgp

15 years agoupdate debian info on web
Jameson Graef Rollins [Tue, 3 Feb 2009 16:11:37 +0000 (11:11 -0500)]
update debian info on web

15 years agofix up gen/import-key:
Jameson Graef Rollins [Tue, 3 Feb 2009 06:23:51 +0000 (01:23 -0500)]
fix up gen/import-key:
- remove stuff about expiration, so we assume keys imported/generated
with no expiration
- set expiration with 'set-expire' function
- update tests to test key importing and generation
- fix some bugs

15 years agoadd ability to specify key length of core secret key, so the test scripts can specify...
Jameson Graef Rollins [Mon, 2 Feb 2009 16:34:26 +0000 (11:34 -0500)]
add ability to specify key length of core secret key, so the test scripts can specify something smaller than the default.

15 years agoadd some log debug output to ma-setup
Jameson Graef Rollins [Mon, 2 Feb 2009 04:05:31 +0000 (23:05 -0500)]
add some log debug output to ma-setup

15 years agoFix a bug in setup where gpg was called instead of gpg_core. This
Jameson Graef Rollins [Mon, 2 Feb 2009 03:48:36 +0000 (22:48 -0500)]
Fix a bug in setup where gpg was called instead of gpg_core.  This
could have caused serious data loss for the running user.  Should note
to be carefull with this in the future.
Also fix ownership on sphere gnupghome.

15 years agonew function to export signatures from core to sphere keyrings. this
Jameson Graef Rollins [Mon, 2 Feb 2009 02:14:22 +0000 (21:14 -0500)]
new function to export signatures from core to sphere keyrings.  this
is so that the sphere does not have to read the core pubring to get
the certifier ltsigs, and we can therefore keep tighter permissions on
the core keyring files.  updated some comments/documentation as well.

15 years agofix the log output for the ssh-proxycommand
Jameson Graef Rollins [Sun, 1 Feb 2009 20:47:25 +0000 (15:47 -0500)]
fix the log output for the ssh-proxycommand

15 years agosmall tweak to ssh-proxycommand comments.
Jameson Graef Rollins [Sun, 1 Feb 2009 19:01:32 +0000 (14:01 -0500)]
small tweak to ssh-proxycommand comments.

15 years agosome tweaks to the man pages
Jameson Graef Rollins [Sun, 1 Feb 2009 18:59:02 +0000 (13:59 -0500)]
some tweaks to the man pages

15 years agosome general fixes:
Jameson Graef Rollins [Sun, 1 Feb 2009 18:08:46 +0000 (13:08 -0500)]
some general fixes:
- fix some references to old function names
- move fingerprint_server_key to be fingerprint_host_key
- update diagnostic scripts

15 years agofix a bunch of directory references to the new data/share dirs
Jameson Graef Rollins [Sun, 1 Feb 2009 17:52:10 +0000 (12:52 -0500)]
fix a bunch of directory references to the new data/share dirs

15 years agosome small tweaks, and one tiny syntax bug fix, to ma/setup, and some
Jameson Graef Rollins [Sun, 1 Feb 2009 17:16:33 +0000 (12:16 -0500)]
some small tweaks, and one tiny syntax bug fix, to ma/setup, and some
small formating and comment changes to test/basic

15 years agotrying to improve m-a setup; still not successfully tested.
Daniel Kahn Gillmor [Sun, 1 Feb 2009 07:52:26 +0000 (02:52 -0500)]
trying to improve m-a setup; still not successfully tested.

15 years agoremoved some unnecessary setup from the basic test, pulling the random string from...
Daniel Kahn Gillmor [Sun, 1 Feb 2009 07:27:58 +0000 (02:27 -0500)]
removed some unnecessary setup from the basic test, pulling the random string from /dev/urandom; generating the authentication trust core key at 2048 bits

15 years agoadd m-a setup implementation
Daniel Kahn Gillmor [Sun, 1 Feb 2009 06:58:02 +0000 (01:58 -0500)]
add m-a setup implementation

15 years agoMerge commit 'jrollins/master'
Daniel Kahn Gillmor [Sun, 1 Feb 2009 06:57:21 +0000 (01:57 -0500)]
Merge commit 'jrollins/master'

15 years agoadd setup subcommand call to ms-authentication, and more fixes to tests
Jameson Graef Rollins [Sun, 1 Feb 2009 05:21:57 +0000 (00:21 -0500)]
add setup subcommand call to ms-authentication, and more fixes to tests

15 years agoMerge commit 'jrollins/master'
Daniel Kahn Gillmor [Sun, 1 Feb 2009 05:00:54 +0000 (00:00 -0500)]
Merge commit 'jrollins/master'

15 years agoMerge commit 'mjgoins/master'
Jameson Graef Rollins [Sun, 1 Feb 2009 04:57:50 +0000 (23:57 -0500)]
Merge commit 'mjgoins/master'

15 years agoMerge commit 'dkg/master'
Jameson Graef Rollins [Sun, 1 Feb 2009 04:57:40 +0000 (23:57 -0500)]
Merge commit 'dkg/master'

15 years agofix some things bugs from the separation transition, and try to fix the test scripts
Jameson Graef Rollins [Sun, 1 Feb 2009 04:44:38 +0000 (23:44 -0500)]
fix some things bugs from the separation transition, and try to fix the test scripts

15 years agoadd skeleton man page for pem2openpgp
Jameson Graef Rollins [Sun, 1 Feb 2009 04:07:31 +0000 (23:07 -0500)]
add skeleton man page for pem2openpgp

15 years agomove src/subcommands to srv/share, and add common file to src/share (update Makefile...
Jameson Graef Rollins [Sun, 1 Feb 2009 04:05:23 +0000 (23:05 -0500)]
move src/subcommands to srv/share, and add common file to src/share (update Makefile as well)

15 years agoChanged the order of the descriptions of the commands to match the usage as it appear...
Matt Goins [Sun, 1 Feb 2009 03:59:37 +0000 (22:59 -0500)]
Changed the order of the descriptions of the commands to match the usage as it appears when the command is invoked.

15 years agoMerge commit 'micah/master'
Daniel Kahn Gillmor [Sun, 1 Feb 2009 03:59:33 +0000 (22:59 -0500)]
Merge commit 'micah/master'

15 years agoMerge commit 'micah/master'
Jameson Graef Rollins [Sun, 1 Feb 2009 03:56:26 +0000 (22:56 -0500)]
Merge commit 'micah/master'

15 years agofix some test problems related to gpg.conf locations
Micah Anderson [Sun, 1 Feb 2009 03:55:08 +0000 (22:55 -0500)]
fix some test problems related to gpg.conf locations

15 years agopackaging/debian: add some transition stuff to the preinst script
Jameson Graef Rollins [Sun, 1 Feb 2009 03:53:05 +0000 (22:53 -0500)]
packaging/debian: add some transition stuff to the preinst script

15 years agosome more fixes and tweaks to get things working in the new setup
Jameson Graef Rollins [Sun, 1 Feb 2009 03:32:51 +0000 (22:32 -0500)]
some more fixes and tweaks to get things working in the new setup

15 years agoMerge commit 'jrollins/master'
Matt Goins [Sun, 1 Feb 2009 02:31:30 +0000 (21:31 -0500)]
Merge commit 'jrollins/master'

15 years agoRemoved obsolete man pages, split monkeysphere-server man page into two new ones.
Matt Goins [Sun, 1 Feb 2009 02:29:41 +0000 (21:29 -0500)]
Removed obsolete man pages, split monkeysphere-server man page into two new ones.

15 years agoremove things i think will no longer be needed from the debian packaging scripts.
Jameson Graef Rollins [Sun, 1 Feb 2009 02:25:37 +0000 (21:25 -0500)]
remove things i think will no longer be needed from the debian packaging scripts.

15 years agofix makefile, and remove now-unneeded dirs in debian packaging
Jameson Graef Rollins [Sun, 1 Feb 2009 01:51:58 +0000 (20:51 -0500)]
fix makefile, and remove now-unneeded dirs in debian packaging

15 years agochange hyphens to underscores in function file names, for consistency
Jameson Graef Rollins [Sun, 1 Feb 2009 01:43:23 +0000 (20:43 -0500)]
change hyphens to underscores in function file names, for consistency
with function definitions themselves

15 years agobreak out subfunctions from monkeysphere command
Jameson Graef Rollins [Sun, 1 Feb 2009 01:35:43 +0000 (20:35 -0500)]
break out subfunctions from monkeysphere command