--- /dev/null
+# /etc/X11/Xsession.d/70monkeysphere_use-validation-agent
+
+# This is a script to be sourced by Xsession. It wraps the session
+# startup argument with a monkeysphere-validation-agent nested
+# process, if available and none already exist.
+
+# Enable this system-wide by setting
+# MONKEYSPHERE_USE_VALIDATION_AGENT=true in
+# /etc/monkeysphere/monkeysphere.conf
+
+# Note that there is some weird interaction between this and
+# dbus-session at the moment: dbus-launch can start the msva just
+# fine, but if msva tries to start dbus-launch, dbus-launch fails
+# with:
+
+# Failed to waitpid() for babysitter intermediate process: No child processes
+
+# So this is placed at position 70 -- *before* the dbus Xsession
+# startup script, which is at 75 as of 2010-03-12, when i wrote this.
+
+# this is also good, because it means that the MSVA will learn about
+# the dbus session parameters, in case we want the agent to use dbus
+# to communicate with the user.
+
+# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+
+MSVAGENT=/usr/bin/monkeysphere-validation-agent
+MSSYSCONFIG=/etc/monkeysphere/monkeysphere.conf
+MSUSERCONFIG="$HOME/.monkeysphere/monkeysphere.conf"
+
+if [ -x "$MSVAGENT" ] ; then
+ if [ "$(USE_VALIDATION_AGENT=
+. "$MSSYSCONFIG" 2>/dev/null
+. "$MSUSERCONFIG" 2>/dev/null || :
+printf '%s' "$USE_VALIDATION_AGENT")" = "true" ] ; then
+ STARTUP="$MSVAGENT $STARTUP"
+ fi
+fi
--- /dev/null
+monkeysphere (0.23-1) unstable; urgency=low
+
+ * There has been a major interface and data refactoring. Please see the
+ man pages for details. Major changes are listed here:
+ * For end users: monkeysphere-ssh-proxycommand is no more.
+ its functionality has been folded into monkeysphere as a subcommand.
+ So if you are currently using:
+ ssh -oProxyCommand='monkeysphere-ssh-proxycommand %h %p'
+ please use instead:
+ ssh -oProxyCommand='monkeysphere ssh-proxycommand %h %p'
+ * For sysadmins: monkeysphere-server has been split into
+ monkeysphere-host (for publishing the ssh host key of your machine)
+ and monkeysphere-authentication (for setting up your machine to
+ authenticate users via the OpenPGP Web of Trust)
+ * For too-curious sysadmins: the layout of /var/lib/monkeysphere has
+ changed dramatically. If you did any tricky tweaking of the files in
+ there, you probably want to check that your changes have been
+ preserved after the upgrade. The old files can be found in
+ /var/lib/monkeysphere/backup-from-0.23-transition.
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 18 Feb 2009 21:29:22 -0500
+
--- /dev/null
+monkeysphere (0.30~pre-1) UNRELEASED; urgency=low
+
+ * New upstream release
+ * Move to git buildpackage
+ * Specify source format 3.0 (quilt)
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 23 Mar 2010 13:59:26 -0400
+
+monkeysphere (0.29-1) unstable; urgency=low
+
+ [ Jameson Graef Rollins ]
+ * New upstream release
+
+ [ Daniel Kahn Gillmor ]
+ * bumped Standards-Version to 3.8.4 (no changes needed)
+ * indicated bash dependency on version 3.2 or later (see MS #1687)
+ * including /etc/Xsession.d/70monkeysphere_use_validation_agent so that
+ administrators and users can choose to start up a validation agent for
+ each X session using monkeysphere.conf
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 14 Mar 2010 21:07:17 -0400
+
+monkeysphere (0.28-1) unstable; urgency=low
+
+ * New upstream release
+ * Separate upstream and debian changelogs
+
+ -- Jameson Rollins <jrollins@finestructure.net> Tue, 19 Jan 2010 13:56:17 -0500
+
+monkeysphere (0.27-1) unstable; urgency=low
+
+ * New upstream release
+ * updated debian/copyright to match the latest revision of DEP5.
+ * updated standards version to 3.8.3 (no changes needed)
+ * add cpio to Build-Depends (used in test suite) (Closes: #562444)
+
+ -- Jameson Rollins <jrollins@finestructure.net> Mon, 11 Jan 2010 20:54:21 -0500
+
+monkeysphere (0.26-1) unstable; urgency=low
+
+ * New upstream release (Closes: #527765)
+
+ -- Jameson Graef Rollins <jrollins@finestructure.net> Sat, 01 Aug 2009 17:11:05 -0400
+
+monkeysphere (0.25-1) unstable; urgency=low
+
+ * New upstream release (closes: #534008)
+ * update Standard-Version to 3.8.2 (no changes needed)
+
+ -- Jameson Graef Rollins <jrollins@finestructure.net> Thu, 16 Jul 2009 22:09:19 -0400
+
+monkeysphere (0.24-1) unstable; urgency=low
+
+ * New upstream release (Closes: #517779)
+ * update/cleanup maintainer scripts
+ * remove GnuTLS dependency
+ * remove versioned coreutils | base64 dependency
+ * added Build-Deps for dh_autotest
+ * switch to Architecture: all
+ * added cron to Recommends
+
+ -- Jameson Graef Rollins <jrollins@finestructure.net> Tue, 03 Mar 2009 19:38:33 -0500
+
+monkeysphere (0.23.1-1) unstable; urgency=low
+
+ * New upstrem release ("brown paper bag" to adjust internal version numbers)
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 21 Feb 2009 18:09:47 -0500
+
+monkeysphere (0.23-1) unstable; urgency=low
+
+ * New upstream release: "The Golden Bezoar Release"
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 21 Feb 2009 17:51:06 -0500
+
+monkeysphere (0.22-1) unstable; urgency=low
+
+ * New upstream release
+ * debian/control: corrected alternate dependency from procfile to
+ procmail (which provides /usr/bin/lockfile)
+
+ -- Jameson Graef Rollins <jrollins@finestructure.net> Fri, 28 Nov 2008 14:23:31 -0500
+
+monkeysphere (0.21-2) unstable; urgency=low
+
+ * actually rmdir /var/lib/monkeysphere-* during prerm if possible.
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 15 Nov 2008 16:36:57 -0500
+
+monkeysphere (0.21-1) unstable; urgency=low
+
+ * New upstream initial release to Debian (Closes: #505806)
+ * Add debian prerm script, and add debhelper lines to other install
+ scripts.
+
+ -- Jameson Graef Rollins <jrollins@finestructure.net> Sat, 15 Nov 2008 16:14:27 -0500
--- /dev/null
+Source: monkeysphere
+Section: net
+Priority: extra
+Maintainer: Jameson Rollins <jrollins@finestructure.net>
+Uploaders: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Build-Depends: debhelper (>= 7.0),
+ cpio,
+ socat,
+ openssh-server,
+ gnupg,
+ libcrypt-openssl-rsa-perl,
+ libdigest-sha-perl,
+ lockfile-progs | procmail,
+ openssl,
+ bash (>= 3.2)
+Standards-Version: 3.8.4
+Homepage: http://web.monkeysphere.info/
+Vcs-Git: git://git.monkeysphere.info/monkeysphere
+Dm-Upload-Allowed: yes
+
+Package: monkeysphere
+Architecture: all
+Depends: openssh-client,
+ gnupg,
+ libcrypt-openssl-rsa-perl,
+ libdigest-sha-perl,
+ lockfile-progs | procmail,
+ adduser,
+ ${misc:Depends}
+Recommends: netcat | socat, ssh-askpass, cron
+Suggests: monkeysphere-validation-agent
+Enhances: openssh-client, openssh-server
+Description: leverage the OpenPGP web of trust for SSH and TLS authentication
+ SSH key-based authentication is tried-and-true, but it lacks a true
+ Public Key Infrastructure for key certification, revocation and
+ expiration. Monkeysphere is a framework that uses the OpenPGP web of
+ trust for these PKI functions. It can be used in both directions:
+ for users to get validated host keys, and for hosts to authenticate
+ users. Current monkeysphere SSH tools are designed to integrate
+ with the OpenSSH implementation of the Secure Shell protocol.
+ .
+ Monkeysphere can also be used by a validation agent to validate TLS
+ connections (e.g. https).
--- /dev/null
+Name: Monkeysphere
+Format-Specification: http://svn.debian.org/wsvn/dep/web/deps/dep5.mdwn?op=file&rev=59
+Source: http://web.monkeysphere.info/download
+Maintainer: Monkeysphere Developers <monkeysphere@lists.riseup.net>
+
+Files: *
+Copyright: 2008,2009 Jameson Rollins <jrollins@fifthhorseman.net>,
+ Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
+ Jamie McClelland <jamie@mayfirst.org>,
+ Micah Anderson <micah@riseup.net>,
+ Matthew Goins <mjgoins@openflows.com>,
+ Mike Castleman <mlcastle@mlcastle.net>,
+ Elliot Winard <enw@caveteen.com>,
+ Ross Glover <ross@ross.mayfirst.org>,
+ Greg Lyle <greg@stealthisemail.com>
+License: GPL-3+
+
+License: GPL-3+
+ This package is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+ .
+ On Debian systems, the complete text of the GNU General Public License
+ version 3 can be found in file "/usr/share/common-licenses/GPL-3".
--- /dev/null
+var/lib/monkeysphere
+usr/bin
+usr/sbin
+usr/share
+usr/share/monkeysphere
+usr/share/man
+usr/share/man/man1
+usr/share/man/man7
+usr/share/man/man8
+etc/monkeysphere
+etc/X11
+etc/X11/Xsession.d
--- /dev/null
+debian/70monkeysphere_use-validation-agent etc/X11/Xsession.d
--- /dev/null
+#!/bin/sh
+
+# postinst script for monkeysphere
+
+# Author: Jameson Rollins <jrollins@finestructure.net>
+# Copyright 2008-2010
+
+set -e
+
+VARLIB="/var/lib/monkeysphere"
+
+case $1 in
+ configure)
+ # add a monkeysphere user if one does not already exist
+ if ! getent passwd monkeysphere >/dev/null ; then
+ echo "adding monkeysphere user..."
+ adduser --quiet --system --no-create-home --group \
+ --home "$VARLIB" \
+ --shell '/bin/bash' \
+ --gecos 'monkeysphere authentication user,,,' \
+ monkeysphere
+ fi
+
+ # try all available transitions:
+ for trans in 0.23 0.28 ; do
+ /usr/share/monkeysphere/transitions/$trans || { \
+ RET=$?
+ echo "Failed running transition script /usr/share/monkeysphere/transitions/$trans" >&2
+ exit $RET
+ }
+ done
+
+
+ # setup monkeysphere authentication
+ monkeysphere-authentication setup
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/bin/sh
+
+# postrm script for monkeysphere
+
+# Author: Jameson Rollins <jrollins@finestructure.net>
+# Copyright 2008-2009
+
+set -e
+
+case $1 in
+ purge)
+ # delete monkeysphere user
+ # http://wiki.debian.org/AccountHandlingInMaintainerScripts
+ if which deluser >/dev/null 2>&1 ; then
+ deluser --quiet --system monkeysphere > /dev/null || true
+ else
+ echo >&2 "not removing monkeysphere system account because deluser command was not found"
+ fi
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/bin/sh -e
+
+# prerm script for monkeysphere
+
+# the only thing we're doing here is making sure that the local
+# administrator is not trying to downgrade to a version below 0.23,
+# since there was such a major reorganization of system data during
+# the transition to 0.23.
+
+# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+# Copyright 2009
+
+set -e
+
+case "$1" in
+ upgrade)
+ if dpkg --compare-versions "$2" lt 0.23 ; then
+ cat >&2 <<EOF
+
+Downgrading the monkeysphere to a version earlier than 0.23 can have
+BAD CONSEQUENCES, including potentially locking you out of the system.
+Downgrading in this fashion is NOT SUPPORTED.
+
+EOF
+
+ exit 1
+ fi
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/usr/bin/make -f
+%:
+ dh $@
--- /dev/null
+3.0 (quilt)