Daniel Kahn Gillmor [Sun, 14 Nov 2010 08:28:09 +0000 (03:28 -0500)]
Merge branch 'master' into debian
Daniel Kahn Gillmor [Sun, 14 Nov 2010 08:26:54 +0000 (03:26 -0500)]
fix typo in pod documentation for msva-query-agent
Daniel Kahn Gillmor [Sun, 14 Nov 2010 08:17:22 +0000 (03:17 -0500)]
prepare for 0.6 release
Daniel Kahn Gillmor [Sun, 14 Nov 2010 08:07:44 +0000 (03:07 -0500)]
implement tests (and looser constraints on) peer names for peers who are clients
Daniel Kahn Gillmor [Sat, 13 Nov 2010 21:46:38 +0000 (16:46 -0500)]
added peertype (addresses #2568) -- still need tests
Daniel Kahn Gillmor [Fri, 5 Nov 2010 18:58:58 +0000 (14:58 -0400)]
added jrollins to copyright
Daniel Kahn Gillmor [Thu, 4 Nov 2010 06:21:14 +0000 (02:21 -0400)]
Merge remote branch 'jrollins/master'
Daniel Kahn Gillmor [Mon, 1 Nov 2010 00:19:24 +0000 (20:19 -0400)]
update docs to match behavior change
Jameson Rollins [Sat, 30 Oct 2010 20:42:28 +0000 (16:42 -0400)]
fix context/peer string checking/untainting
This makes the checking/untainting of the input context and peer
strings more similar to the checking of pkc type, and generally makes
the checking more straightforward. Also fixes a bug in the failure
check (thanks intrigeri).
Jameson Rollins [Sat, 30 Oct 2010 19:54:19 +0000 (15:54 -0400)]
accept smtp context
Jameson Rollins [Sat, 30 Oct 2010 19:53:38 +0000 (15:53 -0400)]
tweak log message, and remove errant space
Jameson Rollins [Sat, 30 Oct 2010 14:30:56 +0000 (10:30 -0400)]
Merge branch 'master' into debian
Jameson Rollins [Sat, 30 Oct 2010 14:28:06 +0000 (10:28 -0400)]
print msva return message to stdout in query-agent
msva-query-agent is not using stdout. I believe that stdout is the
appropriate place to return the query status message from the server.
Jameson Rollins [Sat, 30 Oct 2010 07:41:24 +0000 (03:41 -0400)]
update with info about new modules and msva-query-agent
Jameson Rollins [Sat, 30 Oct 2010 07:36:37 +0000 (03:36 -0400)]
Merge branch 'master' into debian
Jameson Rollins [Sat, 30 Oct 2010 01:23:24 +0000 (21:23 -0400)]
remove msva-review-cert.1 target, since that script was removed
Daniel Kahn Gillmor [Sat, 30 Oct 2010 01:13:06 +0000 (21:13 -0400)]
commit to handling ike:// urls as well
Daniel Kahn Gillmor [Sat, 30 Oct 2010 00:46:32 +0000 (20:46 -0400)]
update the process table, where supported, to indicate just what the upgrade monitoring process is doing
Daniel Kahn Gillmor [Fri, 29 Oct 2010 07:53:53 +0000 (03:53 -0400)]
update documentation for msva-query-agent to mention the various pkc formats
Daniel Kahn Gillmor [Fri, 29 Oct 2010 07:49:08 +0000 (03:49 -0400)]
added support for rfc4716-style SSH pubkeys
Daniel Kahn Gillmor [Fri, 29 Oct 2010 07:15:08 +0000 (03:15 -0400)]
add tests for opensshpubkey format
Daniel Kahn Gillmor [Fri, 29 Oct 2010 06:56:31 +0000 (02:56 -0400)]
added opensshpubkey pkc support
Daniel Kahn Gillmor [Fri, 29 Oct 2010 06:23:49 +0000 (02:23 -0400)]
refactored, pulling der2key into separate subfunction, simplifying reviewcert()
Daniel Kahn Gillmor [Fri, 29 Oct 2010 05:17:38 +0000 (01:17 -0400)]
removed msva-review-cert; it is already bit-rotted, we have no clear use-case for it, and no argument currently for wanting to maintain a new interface. It might return eventually in some other form.
Daniel Kahn Gillmor [Fri, 29 Oct 2010 05:13:44 +0000 (01:13 -0400)]
allow people to enter upper-case pkc types
Daniel Kahn Gillmor [Fri, 29 Oct 2010 04:54:01 +0000 (00:54 -0400)]
fix up the pem-handling code, and test it
Daniel Kahn Gillmor [Thu, 28 Oct 2010 22:44:01 +0000 (18:44 -0400)]
add support for x509pem as a pkc type (addressing MS #2566)
Daniel Kahn Gillmor [Thu, 28 Oct 2010 21:48:03 +0000 (17:48 -0400)]
ensure that every response returns a server identifier
Daniel Kahn Gillmor [Thu, 28 Oct 2010 21:14:46 +0000 (17:14 -0400)]
reset list of certifiers for each User ID (addresses MS #2567)
Daniel Kahn Gillmor [Wed, 27 Oct 2010 17:55:36 +0000 (13:55 -0400)]
updated Xsesson.d startup script to document correct environment variable choices
Daniel Kahn Gillmor [Wed, 27 Oct 2010 05:49:04 +0000 (01:49 -0400)]
added simple test suite (must currently be executed manually)
Daniel Kahn Gillmor [Wed, 27 Oct 2010 05:03:46 +0000 (01:03 -0400)]
do not explicitly wait on the pid in question; just reap the zombies on SIGCHLD
Daniel Kahn Gillmor [Wed, 27 Oct 2010 04:18:03 +0000 (00:18 -0400)]
ensure that quickly-terminating master subprocesses do not escape our notice
Daniel Kahn Gillmor [Wed, 27 Oct 2010 03:18:52 +0000 (23:18 -0400)]
avoid re-setting the exit code after waiting for upgrade monitoring process to terminate
Daniel Kahn Gillmor [Wed, 27 Oct 2010 02:51:20 +0000 (22:51 -0400)]
detect upgrades and prompt user when we notice them if the right underlying modules are available
Daniel Kahn Gillmor [Mon, 18 Oct 2010 13:41:25 +0000 (09:41 -0400)]
fix some broken syntax
Daniel Kahn Gillmor [Mon, 18 Oct 2010 06:28:35 +0000 (02:28 -0400)]
only try to parse the certificate client side at verbose or noisier log_level
Daniel Kahn Gillmor [Mon, 18 Oct 2010 06:22:00 +0000 (02:22 -0400)]
do not force msva-query-client to depend on Crypt::X509
Daniel Kahn Gillmor [Mon, 18 Oct 2010 06:18:37 +0000 (02:18 -0400)]
begin modularization of Crypt::Monkeysphere::MSVA -- not exporting raw functions any more
Daniel Kahn Gillmor [Mon, 18 Oct 2010 06:15:15 +0000 (02:15 -0400)]
use modularized logging for msva-query-agent
Daniel Kahn Gillmor [Mon, 18 Oct 2010 05:48:01 +0000 (01:48 -0400)]
moved logging business into its own class
Daniel Kahn Gillmor [Mon, 18 Oct 2010 05:12:11 +0000 (01:12 -0400)]
handle non-responsive agents more politely
Daniel Kahn Gillmor [Mon, 18 Oct 2010 05:04:48 +0000 (01:04 -0400)]
remove more environment variables from Client.pm, for a more flexible programmatic interface
Daniel Kahn Gillmor [Mon, 18 Oct 2010 04:20:04 +0000 (00:20 -0400)]
do not die if we do not recognize the pkc type -- just hand over the data to the agent, which might know better than we do
Daniel Kahn Gillmor [Mon, 18 Oct 2010 04:18:16 +0000 (00:18 -0400)]
hand pkc data over to Client.pm as a variable, instead of letting Client.pm read it from stdin directly
Daniel Kahn Gillmor [Mon, 18 Oct 2010 00:39:16 +0000 (20:39 -0400)]
simplify/shorten msva-query-agent documentation
Daniel Kahn Gillmor [Mon, 18 Oct 2010 00:35:10 +0000 (20:35 -0400)]
generalize/shorten Makefile
Jameson Rollins [Sat, 16 Oct 2010 05:48:04 +0000 (01:48 -0400)]
Add client module to query agent
A new command-line utility, msva-query-agent, is created that can
query an msva. It takes the pkc data on stdin, and then the context,
peer, and pkc type as arguments.
An alternate command, msva-review-cert, is also included that actually
uses the msva library to review the cert directly, without needing to
query an agent over a network socket.
Jameson Rollins [Sat, 16 Oct 2010 14:45:57 +0000 (10:45 -0400)]
remove old info from man page
Daniel Kahn Gillmor [Fri, 15 Oct 2010 06:15:44 +0000 (02:15 -0400)]
do not kill off child processes during HUP. let them finish.
Daniel Kahn Gillmor [Fri, 15 Oct 2010 05:59:09 +0000 (01:59 -0400)]
now respects keyserverpolicy request member variable (closes MS #2542)
Daniel Kahn Gillmor [Tue, 12 Oct 2010 07:57:25 +0000 (03:57 -0400)]
updated debian/control and debian/changelog for 0.5
Daniel Kahn Gillmor [Tue, 12 Oct 2010 07:50:48 +0000 (03:50 -0400)]
Merge branch 'master' into debian
Daniel Kahn Gillmor [Tue, 12 Oct 2010 07:50:32 +0000 (03:50 -0400)]
preparing proposed 0.5 release
Daniel Kahn Gillmor [Tue, 12 Oct 2010 07:46:08 +0000 (03:46 -0400)]
allow clean re-exec for smoother upgrades (closes MS #2532)
Daniel Kahn Gillmor [Tue, 12 Oct 2010 07:45:29 +0000 (03:45 -0400)]
cleanup debug info
Daniel Kahn Gillmor [Tue, 12 Oct 2010 07:44:43 +0000 (03:44 -0400)]
simple env variable cleanup (treating empty environment variables as unset)
Daniel Kahn Gillmor [Tue, 12 Oct 2010 03:36:10 +0000 (23:36 -0400)]
Make the marginal UI conditional on the presence of the Gtk2 perl module (closes MS #2514)
Daniel Kahn Gillmor [Tue, 12 Oct 2010 03:35:11 +0000 (23:35 -0400)]
only bother asking for a marginal UI if the UID of the corresponding key is not fully valid
Daniel Kahn Gillmor [Tue, 12 Oct 2010 03:11:32 +0000 (23:11 -0400)]
added details about requesting processes, on systems where we can find such information. (closes MS #2005)
Daniel Kahn Gillmor [Mon, 11 Oct 2010 20:27:20 +0000 (16:27 -0400)]
read keyserver from gpg.conf if $MSVA_KEYSERVER is empty or unset
Daniel Kahn Gillmor [Thu, 7 Oct 2010 05:36:25 +0000 (01:36 -0400)]
change the default to run the msva
Daniel Kahn Gillmor [Thu, 7 Oct 2010 05:35:54 +0000 (01:35 -0400)]
added monkeysphere-icon.png
Daniel Kahn Gillmor [Thu, 7 Oct 2010 04:47:51 +0000 (00:47 -0400)]
Merge branch 'master' into debian
Daniel Kahn Gillmor [Thu, 7 Oct 2010 04:44:35 +0000 (00:44 -0400)]
still more cleanup on the marginal UI
Daniel Kahn Gillmor [Thu, 7 Oct 2010 04:30:25 +0000 (00:30 -0400)]
a bit more cleanup on the UI
Daniel Kahn Gillmor [Thu, 7 Oct 2010 04:06:11 +0000 (00:06 -0400)]
more tweaks to marginal UI behavior
Daniel Kahn Gillmor [Thu, 7 Oct 2010 03:53:07 +0000 (23:53 -0400)]
changed reveal details approach
Daniel Kahn Gillmor [Thu, 7 Oct 2010 02:59:15 +0000 (22:59 -0400)]
more cleanup on prompt info
Jameson Rollins [Mon, 4 Oct 2010 15:49:34 +0000 (11:49 -0400)]
some improvements to the marginal ui prompt
Daniel Kahn Gillmor [Mon, 4 Oct 2010 05:33:04 +0000 (01:33 -0400)]
preparing for 0.4-1 release into debian (adopting Xsession.d script from monkeysphere package)
Daniel Kahn Gillmor [Mon, 4 Oct 2010 05:10:51 +0000 (01:10 -0400)]
Merge branch 'master' into debian
Daniel Kahn Gillmor [Mon, 4 Oct 2010 05:10:43 +0000 (01:10 -0400)]
preparing for version 0.4
Daniel Kahn Gillmor [Mon, 4 Oct 2010 05:08:41 +0000 (01:08 -0400)]
trivially untaint environment for the main child process
Jameson Rollins [Mon, 4 Oct 2010 04:53:48 +0000 (00:53 -0400)]
update changelog with MS bug closures
Daniel Kahn Gillmor [Mon, 4 Oct 2010 04:37:44 +0000 (00:37 -0400)]
whitespace, licensing, attribution cleanup
Daniel Kahn Gillmor [Mon, 4 Oct 2010 04:29:10 +0000 (00:29 -0400)]
moved the prompting code to the MarginalUI sub-module
Daniel Kahn Gillmor [Mon, 4 Oct 2010 03:43:40 +0000 (23:43 -0400)]
reorganize some code
Daniel Kahn Gillmor [Mon, 4 Oct 2010 03:36:31 +0000 (23:36 -0400)]
dialog box actually goes away! (at the cost of re-initializing Gtk2 in every child process, bleh)
Daniel Kahn Gillmor [Mon, 4 Oct 2010 02:51:26 +0000 (22:51 -0400)]
removed dependency on Gtk2::Glade
Daniel Kahn Gillmor [Mon, 4 Oct 2010 02:13:45 +0000 (22:13 -0400)]
successfully deal with at least one prompt per msva run :/
Daniel Kahn Gillmor [Sun, 3 Oct 2010 08:01:19 +0000 (04:01 -0400)]
Merge remote branch 'mjgoins/marginalUI-perl'
Daniel Kahn Gillmor [Sun, 3 Oct 2010 07:53:01 +0000 (03:53 -0400)]
build a first-pass marginal prompt
Matthew James Goins [Sun, 3 Oct 2010 05:52:06 +0000 (01:52 -0400)]
Merge branch 'master' into marginalUI-perl
Daniel Kahn Gillmor [Sun, 3 Oct 2010 05:49:58 +0000 (01:49 -0400)]
still more keyserver and local checking re-organization
Daniel Kahn Gillmor [Sun, 3 Oct 2010 04:53:34 +0000 (00:53 -0400)]
allow explicit setting of MSVA_KEYSERVER_POLICY to "unlessvalid" (the default)
Matthew James Goins [Sun, 3 Oct 2010 04:45:32 +0000 (00:45 -0400)]
Simplify keyserver-checking logic
Matthew James Goins [Sun, 3 Oct 2010 04:42:25 +0000 (00:42 -0400)]
Simplify keyserver-checking logic
Matthew James Goins [Sun, 3 Oct 2010 04:17:00 +0000 (00:17 -0400)]
Merge remote branch 'dkg/master' into marginalUI-perl
Conflicts:
msva-perl
Matthew James Goins [Sun, 3 Oct 2010 04:13:31 +0000 (00:13 -0400)]
Fix whitespace
Matthew James Goins [Sun, 3 Oct 2010 04:12:27 +0000 (00:12 -0400)]
Continue to move code to standard layout
Matthew James Goins [Sun, 3 Oct 2010 04:09:12 +0000 (00:09 -0400)]
Move marginal ui code to a more standard layout
Daniel Kahn Gillmor [Sun, 3 Oct 2010 03:55:27 +0000 (23:55 -0400)]
do keyserver checking directly
Matthew James Goins [Sun, 3 Oct 2010 03:42:13 +0000 (23:42 -0400)]
Merge remote branch 'enw/marginalUI-perl' into marginalUI-perl
Matthew James Goins [Sun, 3 Oct 2010 03:41:34 +0000 (23:41 -0400)]
Prep to merge with enw (this commit should be squashed, not published)
Daniel Kahn Gillmor [Sat, 2 Oct 2010 21:51:27 +0000 (17:51 -0400)]
remove dependency on monkeysphere -- we now just rely on gnupg (which requires a few more perl modules)
Daniel Kahn Gillmor [Sat, 2 Oct 2010 21:38:27 +0000 (17:38 -0400)]
tighten up regexps for context and peer
Elliot Winard [Sat, 2 Oct 2010 21:18:05 +0000 (17:18 -0400)]
add marginalUI spike in perl
Jameson Rollins [Sun, 2 May 2010 00:53:20 +0000 (20:53 -0400)]
untaint $uid.
Found out that $uid is in fact tainted while trying to use it in a
system() call in another context. We have untainted it here.
I think this actually means that perl's taint checking is broken,
because it fails to check for taint in the open() call to a
subprocesses.
Daniel Kahn Gillmor [Wed, 16 Jun 2010 06:34:39 +0000 (02:34 -0400)]
preparing for 0.3-1 release