[Pkg-privacy-commits] [monkeysphere] branch debian created (now 5bad41b)
Ximin Luo
infinity0 at moszumanska.debian.org
Sat Aug 22 13:37:48 UTC 2015
This is an automated email from the git hooks/post-receive script.
infinity0 pushed a change to branch debian
in repository monkeysphere.
at 5bad41b hand over package to pkg-privacy team
This branch includes the following new commits:
new 0e9fcae initial import
new 04a0224 added README for langur.
new 71a7ab0 add a test
new cf1e185 Empty testy file.
new 26d11e8 added newline
new e2472cb add test file
new 791761e Touched an initial test file.
new b441b59 remote test file
new 87ebc67 added newline
new 52972fa Added a second test file
new e114a5f Added a .PHONY to Makefile
new e0ed488 Made non-zero size files
new 78be402 Merge commit 'mjgoins/master'
new 67e617d Merge branch 'master' of http://lair.fifthhorseman.net/~jrollins/git/monkeysphere
new 5cb3545 Merge branch 'master' of http://micah.riseup.net/git/monkeysphere
new ecf3367 add a test
new 0f10408 Merge branch 'master' of http://micah.riseup.net/git/monkeysphere
new 65f0b39 Added a .PHONY to Makefile
new 53510d5 removing micah trivia
new 75278b3 Merge branch 'master' of http://micah.riseup.net/git/monkeysphere
new bea97e8 Merge commit 'micah/master'
new 1e75c49 Merge commit 'micah/master'
new 9db9e19 Removed test files
new cdbde95 Merge commit 'greg/master'
new 28942a1 add start of a rhesus authorized_keys generator. start of a monkeysphere.conf file (in bash)
new 7ba522a Merge commit 'jrollins/master'
new 0b447a1 passwordless private key translation is now working in a pipeline, when built with GnuTLS v2.3.4
new 01b27d8 add a README
new 9f4c72c key translator: added more debugging infrastructure.
new 0feae9a key translator: cleanup error checking.
new 106d82c broke out gnutls business into a helper file in preparation for new projects.
new 29b4632 working with subkeys: preparing to write a gnutls-based gpg2ssh capable of feeding the monkeysphere.
new 76c1780 exporting RSA public keys in openssh known_hosts format.
new e64a37b When outputting MPIs for OpenSSH format, ensure that the leading bit of the first byte is not 1 (so that ssh does not get confused by a "negative" MPI).
new 64f9366 add support for DSA public key translation.
new cdc4ff1 added FIXMEs documenting next steps for gpg2ssh.
new 91ab8af cleaning up failed pipes properly, flushing error output to ensure it gets printed before we die.
new ea04bff gpg2ssh: check the return status of the base64 pipe so we can fail properly if it does.
new 280c55f some more work on rhesus. receiving of keys is much improved. rudimentery policy checking is implemented, but needs a lot more fleshing out (currently only accepts "fully trusted" keys). need to figure out how to query trustdb.
new a4c93ce Merge commit 'jrollins/master'
new 97429d9 more work on rhesus. Improve retreival of key based on userid. clean up output. cleanup variables and monkeysphere.conf
new fd25d7c Merge commit 'micah/master'
new 186edf2 include docs from obby
new d1ac46b initial pass at converting PEM-encoded private keys into OpenPGP public keys.
new c839519 updated gpg2ssh to use new flag for gnutls_openpgp_crt_get_auth_subkey() (introduced in gnutls 2.3.6).
new d19ed9f Merge commit 'remotes/dkg/master'; commit 'remotes/enw/master'; commit 'remotes/greg/master'; commit 'remotes/jrollins/master'; commit 'remotes/micah/master'; commit 'remotes/mjgoins/master'; commit 'remotes/mlcastle/master'; commit 'remotes/rossg/master'
new 0b21bae Merge commit 'mlcastle/master'
new 7970ab0 Merge commit 'dkg/master'
new b6ffd18 Merge commit 'dkg/master'; commit 'enw/master'; commit 'micah/master'; commit 'mlcastle/master'
new f047b19 Merge commit 'jamie/master'
new b77a5f1 Merge commit 'jamie/master'
new 9aa595e adding jamie's git remote stanza.
new 60b8c51 major overhaul of rhesus. it now handles creation of both authorized_keys and known_hosts files, and is capable of being used by an administrator to maintain authorized_keys files for users. monkeysphere.conf file was updated for use by system administrator.
new 9d199f5 Merge commit 'jamie/master'
new 85dfda5 Merge commit 'jrollins/master'
new 05d843a cleaning up the git initialization document.
new 19b2668 getting rid of spaces in filenames.
new 6b83b50 major overhaul of rhesus: - much more sophisticated validity checking of keys/uids - broke out more functions - cleaned-up/simplified code - changed to new variable naming standard
new 9c7796a fix bashism, and correct bad error message
new b05a928 some updates to rhesus: - add ability to rhesus to just process specified userids. - removed '--' in front of process type specification at command line. - cleaned up some log output
new 4916129 update to MonkeySpec: - i took the liberty to reapportion some of the monkey names to new/different components. some components are no longer needed (eg. marmoset as originally defined is no longer needed since rhesus handles both ssh key file types). i also took the name "howler" and used it for a new component that generates and publishes server gpg keys. - fleshed out the Alice/Bob use case senario with some clarification and more detail.
new 03f7058 add new component "howler": small script to generate and publish a gpg key for a server
new ad6dc98 move gpg2ssh stuff into it's own subdirectory to reduce some cluter
new 4eba4e7 expand howler to handle general gpg maintenence tasks for server - add "gen-key", "publish-key", and "trust-uids" functions small tweak to rhesus. update README and MonkeySpec
new ec55ca0 Merge commit 'dkg/master'
new 84d5807 change howler command from "trust-uids" (which is inaccurate) to "trust-key".
new 2d330bf update README to reflect changes to howler trust-key
new 4f321fb merging some changes from jrollins.
new 56e3a76 Merge commit 'jrollins/master'
new f429aec fixing spelling, fqdns in MonkeySpec examples
new 29b342e updated MonkeySpec to be more user-friendly.
new 69b8a04 redefining tamarin to be more generic.
new c9b6d9a redefining tamarin and marmaset as concepts not scripts.
new ec76b3c updated gpg2ssh to properly check for data encryption and authentication.
new f016e55 small change to correct usage of howler
new 241be7a Merge commit 'dkg/master'
new b75cb97 Added 'all' to makefile, and fixed 'clean'
new d89dfcb more work on rhesus - known_hosts processing know processes known_hosts file directly - uses "ssh-keygen -R" to remove keys as necessary - known_hosts lines can be hashed if requested - added ability to specify required key capability - added ability to specify if user authorized_keys file is added
new 6c335e7 small tweak to MonkeySpec
new 4793624 New client/server components: - broke out all common functions to "common" file - put all client commands into "monkeysphere" script - put all server commands into "monkeysphere-server" script - moved all code into src directory to clean things up a bit - this effectively makes obsolete rhesus and howler - added proposed monkeysphere-ssh-proxycommand script that can be called to update known_hosts from ssh ProxyCommand - updated monkeysphere.conf to work as global [...]
new 48cd196 Add some skeletal debian packaging stuff and man pages, and moved conf files to etc directory.
new be186e4 Cleaned/fix up update-userid function. also some general cleanup.
new 6a27871 More cleanup of scripts - fixed bug in gpg2ssh_tmp call - broke out update_authorized_keys function - cleaned up gen_key function for server - added possible "Revoker:" parameter we might use - started gen_ae_subkey function that for some reason isn't working yet.
new b489d11 Fill out a little of the man pages.
new 3250fce Updates to use the new openpgp2ssh program that dkg wrote.
new cfa7c2e update README
new b676fea removing old rhesus and howler components as they have been made defunct by the new monkeysphere and monkeysphere-server tools (I probably could have figured out a way to transition from them smoother, but I didn't. oh well.).
new dd93254 add COPYING file
new c1affeb fix typo in monkeysphere(1)
new 3013b9d Merge commit 'jrollins/master'
new 8dd86c4 quote some strings to not confuse checkbashisms
new 10100ce first pass at openpgp2ssh man page.
new f049fa1 Merge commit 'dkg/master'
new f958031 Merge commit 'jrollins/master'
new 1caaa3f some very small tweaks to the openpgp2ssh man page
new 85dc0c4 fixing spelling, fqdns in MonkeySpec examples
new 35a6f7c Man page work. - flesh out more of the man pages for monkeysphere and monkeysphere-server - move the server cache directory to /var/cache, where it should be.
new ba14c70 Merge commit 'jrollins/master'
new e4ce224 added ssh2gpg to Makefile
new e2314e2 massaging the language in openpgp2ssh(1).
new 0071977 reorganizing to prepare for transition to openpgp2ssh.
new 6f2d6f7 Major openpgp2ssh overhaul. It's an unforgiving and brittle tool, but it should do what we expect it to do, and its major limitations should be documented in the man page.
new aab44f1 tweaking debian packaging instructions. Still far from done
new 8042f93 keytrans cleanup: getting rid of unimplemented/useless code.
new e983d61 added top-level Makefile for ease of building with debhelper. stupid whitespace cleanup in openpgp2ssh.c
new c998145 further debianization work. (also, made src/common non-executable, since it is sourced, not executed).
new 03cc847 monkeysphere debianization. Package can now be cleanly built with minimal lintian warnings.
new 19efa03 including cache and config files in debian package.
new a8372a5 add man page for the ssh proxy command script. needs to be filled in.
new 455b026 fix bug if user monkeysphere home directory didn't exist.
new 3caa700 add debian manpages for proxycommand
new ca5d276 Added Greg to author list.
new b93d639 Merge commit 'jrollins/master'
new 220a0fb fix bugs in ssh key export functions
new 5c84af8 Merge commit 'jrollins/master'
new 1fe3ced making openpgp2ssh less verbose.
new 2fa88e2 invert the sense of the loglevel test. duh.
new 3283d79 added enw to developers.
new 0c2c010 Modify how logging is handled. Now send most everything to stderr. Change to known_hosts hashing on by default.
new a7275bf added TODO documentation with additional projects.
new ad0a9cc More cleanup: - Batch mode for trust_key function. - fix some loggging. - Clean up publish_server_key function -> STILL NON-FUNCTIONING - more work on monkeysphere-ssh-proxycommand man page
new 6075397 make sure the authorized_user_ids file exists for users processed by monkeysphere-server.
new 2ed952e Add 'remove_userid' function, inverse of 'update_userids'. Also, tweaked some of the output and man pages.
new 7c315f5 Merge commit 'dkg/master'
new 3141ed2 cleaning up error output.
new 31e0724 Add lsign-key to the trust_keys function so that the trusted key actually ends up with full validity.
new 28c7489 More work on the man pages.
new fa49fb6 Merge commit 'dkg/master'
new 07cb14c Separate required key capability variables for users and hosts. Change default for user to be "a", and host to be "e a".
new 5ff6e13 Fix gen-subkey function for client.
new 658a9ef fix some output formatting.
new b13286d openpgp2ssh now handles private key export for subkeys, not just public keys.
new 785736d openpgp2ssh whitespace and comment cleanup.
new 9715df0 genericized the hex printing capabilities.
new bb17921 Allow for specification of whether to check keyserver. Update proxy command to check keyserver if host not found in known_hosts.
new b6983d7 Allow for specification of whether to check keyserver. Update proxy command to check keyserver if host not found in known_hosts.
new c323021 Fix bug in configuration handling for HASH_KNOWN_HOSTS and USER_CONTROLLED_AUTHORIZED_KEYS
new 62ff87e Add log output for keyserver checking. Fix bug in proxy command to export CHECK_KEYSERVER variable.
new deb4113 Add extra variables to gen-key.
new 114c8d2 Total rework of uid processing: rid of cache directory
new e619b23 Merge branch 'master' into no-cache
new 92c7030 Merge commit 'jrollins/master'
new b926757 Major rework to remove all caching. Everything processed straight from gpg keyring. Major code simplification and cleanup.
new 79e9e72 Update man pages and TODO.
new 363b8d8 Add preliminary script to try to import a gpg private key into the ssh agent.
new ac63e6d Fix small bug in man page.
new 9c94e93 Merge commit 'jrollins/master'
new 2286a55 Very small change to comment field for authorized_keys lines.
new 1a19643 Add more nuanced keyserver checking policy, including a defered check if key is not in keyring, but is in known_hosts.
new a9a5685 add george system changelog
new 308aa10 Merge commit 'dkg/master'
new 8a977a8 add todo items that we discussed as being important to address at some point
new 18c15c1 Merge commit 'micah/master'
new dcba8eb Update to new agreed default host key usage flag (only "a" required for users and hosts). Update TODO file. Some other small changes.
new 48cb8a9 Merge commit 'micah/master'
new 6ee67a2 Update TODO after merge.
new fadd814 update george changelog
new 10d38ac Merge commit 'jrollins/master'
new e158221 added policy docs about george.riseup.net
new b894e98 added debian-package target to Makefile to simplify package building process. It gets a little weird and recursive; could probably be better-engineered.
new 418db67 preparing for first tagged release (planned for george.riseup.net).
new 70ee983 more notes on work on george.
new e31c134 added Ross Glover to credits (Ross, do you want to change your identification here somehow? send a patch!)
new 7e23258 monkeysphere-server gen-key creates keys with only the auth flag set.
new 208f6c2 clarify why monkeysphere-server publish_key is currently non-functional.
new ec3b1c1 adjust man pages to reflect current thinking about purpose of keys (authentication, not encryption).
new 79147b6 added monkeysphere-server show-fingerprint
new 9cb9336 update monkeysphere-server help to include new show-fingerprint.
new d8dd7e1 added description of steps needed to get host key published for george.riseup.net.
new 1066e96 updated doc/README to match the location of authorized_user_ids that is created by the package.
new a5066c3 added more documentation about george, and more TODO notes.
new 1cfde8b monkeysphere-server should not bother adding the user-controlled authorized_keys file if it does not exist.
new d968750 fixed think-o: running a commend with no arguments should have no arguments.
new 86e9e0e re-worked documentation and raised issues in TODO about end user authentication.
new f126697 bumping revision number for next version.
new 0e7b7f1 documented cronjob, and referred to user-id-configuration.
new bb38350 switching suite to experimental to properly reflect status.
new 2e81783 documenting addition of apt repo on george.
new f95798d documenting george debugging steps.
new 15637a9 Added server config variable to specify user authorized_user_ids file, and changed default.
new fe0e35f added comments to seckey2sshagent.
new f511119 Remove {update,remove}-userids functions, since we decided they weren't worth it. Updated man pages as well.
new 1fa2912 Merge commit 'jrollins/master'
new 7019354 Better handling of unknown users in server update-users. Updated TODO file.
new ad83c56 Merge commit 'jrollins/master'
new 6d39b72 Fix for better way to check for user on system.
new 62937dd Merge commit 'jrollins/master'
new 0c43174 remove /etc/monkeysphere/authorized_user_ids directory from packaging since it is not used by default.
new 736054b add file locking to known_hosts and authorized_keys
new 7f80b0e Merge commit 'jrollins/master'
new c6a958a touched /etc/environment on george.
new 9efdaab bumped up ssh logging on george.
new 3a6f611 Merge branch 'master' of http://lair.fifthhorseman.net/~dkg/git/monkeysphere
new 5310aa5 added george changelog entry about oom_adj log noise fix
new 1cd80a3 tiny change to comment
new 18c3f9a Merge commit 'dkg/master'
new 6d1876a Merge commit 'micah/master'
new 73d65e5 fix typo
new e4c99f2 Merge commit 'mlcastle/master'
new f659da8 Merge commit 'mlcastle/master'
new dfc533d Merge commit 'dkg/master'
new 9502270 adjust the oom_adj tweak. I didn't like the fact that the initscript was being modified, instead implemented a way to make it go away by only modifying /etc/default/ssh
new 3d9b9cf Add some more checks to gen-subkey
new a88632f Merge commit 'dkg/master'
new 0dee9fd Merge commit 'micah/master'
new 820b8e9 update debian/changelog
new a415f1c make the ssh-agent prompt from seckey2sshagent more intelligible
new 21516ec Merge commit 'dkg/master'
new bee2295 add some things to the TODO
new 6a202af Merge commit 'dkg/master'
new d263f30 Improved gen-key function for server. Update TODO.
new 4ae6630 installing screen on george.
new c911568 Merge commit 'jrollins/master'
new 3cea2ab Merge commit 'mjgoins/master'
new 09a630a Improve trust-key function.
new e20132d Merge branch 'master' of http://lair.fifthhorseman.net/~dkg/git/monkeysphere
new c1a5568 Merge branch 'master' of http://lair.fifthhorseman.net/~jrollins/git/monkeysphere
new 16db054 Provide better (ie. more informative) return codes. Required some modifications to a couple of different functions.
new a7a9be1 Genericize raw binary <-> printable hex converters.
new e8ac612 openpgp2ssh can now accept arbitrary-length key IDs (from the trivial 8 hex digit key IDs to 40 hex digits of a full fingerprint).
new 241254a Merge commit 'jrollins/master'
new 3fedc7f preparing for 0.2-1 release.
new 677afe2 unless a problem comes up, monkeysphere-server should return an error code of 0.
new da4eaf9 Add trap to remove lockfiles on exit.
new 70cf71b Revert to simpler keyserver checking policy in proxy-command.
new f85884c added three more TODO tasks.
new 1accfec added FIXMEs to the configuration documentation: there are some pieces that need cleanup here that i do not know how to resolve.
new 438d1fa switched shortcut for monkeysphere-server update-users to "u", added some FIXMEs to monkeysphere-server.
new 0fac6a0 authorized_keys files appear to need to be readable by the user logging in.
new abedea1 updating monkeysphere-server usage to reflect new shortcut for update-users.
new dc64398 notes about changes to george.
new 91bf57b Merge commit 'dkg/master'
new f2b7308 added missing lockfile-progs dependency.
new 9f64c35 don't unnecessarily export ERR
new 2d56609 more updates on the status of george.
new c6ba2bb Merge commit 'jrollins/master'
new 412bf3c prepped debian/changelog for next "upstream" version.
new 0f1c6ac fix some authorized_keys updating bugs in ms-server, and update to use new ability of openpgp to handle 40 char fingerprints.
new 014bf21 Merge commit 'dkg/master'
new bcf8cd7 Merge commit 'jrollins/master'
new 7d02db7 Move to /var/lib/monkeysphere instead of /var/cache/monkeysphere. Improve ms-server update-user function. Update/fix config files to remove some unwanted configs, and clarify some things.
new 2253eae Small tweaks to prepare for upcoming changes.
new 95ab389 Merge commit 'jrollins/master'
new 2a8ee05 Fix man pages to reflect recent path changes.
new 7a65b42 preparing for 0.3-1 release.
new a8f860a Merge commit 'jrollins/master'
new e0b50e3 preparing next upstream version
new 1b6df37 Priviledge separation: use new monkeysphere user to handle authentication keychain for server. This required a bunch of changes to all ms-server functions. Seems to be working ok, although it feels kind of hackish.
new 43097e9 Merge branch 'master' of http://lair.fifthhorseman.net/~dkg/git/monkeysphere
new de9ada5 Merge branch 'master' of http://lair.fifthhorseman.net/~jrollins/git/monkeysphere
new c968479 special gpg functions for host/authentication.
new da1b5d2 Added keyserver file
new 927efbb More work on priviledge separation for host/authentication keyring. Working now using dkg's new method with trust signatures. Implement better return codes for functions. Cleanup of functions.
new e3c7c57 Merge branch 'ms-user-fnc'
new 2a90243 remove unnecessary log output
new e04825a Add better host certifier management, and updated man page.
new 0eed0d2 Tweak to man pages.
new f5409b7 Update man pages. Small tweak to proxycommand.
new 14472b4 add exit status info to man pages
new 5470209 Allow for passing CHECK_KEYSERVER variable to proxycommand
new 56e8fa2 A bunch of work on man pages to shore up interface and behavior before developer release. Still do a bit of work to make sure actual commands meet the outlined behaviors. Small tweak to remove_line function to make sure it doesn't accidentally have a regexp match.
new e6d14b3 small tweak to man page, and fix some alt port handling in proxy command.
new c8b42c1 A bunch of changes for variable scoping, exit codes, etc. See debian/changelog.
new 5fadec0 Update man pages, and tweak default error return code.
new 13298a5 Added file permission check function, and fixed bug in key writing for untranslated keys.
new c9260d8 update proxycommand man page.
new dfe9a2c Fix bug in gpg.conf generation.
new de3031b Properly scope getopt for subcommands. Fix bug in add-certifier command. Add command to pass gpg command directly to gpg-authentication keyring.
new cabc891 Tweak key publication command.
new 64a6b0c Add man entry about gpg-authentication-cmd
new 06fc008 Fix argument checking for functions with options. Tweak to prompt for add-certifier.
new 81ac4c2 Fix tests for gen-subkey.
new 9a925fb Spelling corrections in man pages.
new 7afba90 fix man page packaging.
new c3ed692 couple small tweaks to man page
new ed28048 fixing return code error in openpgp2ssh, preparing for new release.
new cc45c73 monkeysphere-server add-identity-certifier --trust now takes textual values (marginal, full) instead of numeric (1,2). updated documentation as well.
new 86b6a09 Merge commit 'dkg/master'
new fa21b98 fixing typo in monkeysphere.1
new 27886be allowing expiration dates with strings longer than one digit (e.g. "10m" meaning "10 months")
new 3395f46 Fix how ownertrust is set for host key in authentication keyring. Update TODO, removing completed tasks.
new b9bdffa Improve ssh-proxycommand man page.
new b3f34c8 breaking out README.admin from README, adding a few TODOs
new b19edbe Merge commit 'jrollins/master'
new 06d2c5d more documentation for end users (and more FIXMEs), including README.admin in the build.
new 8c8d541 small tweaks and FIXME fixes to documentation.
new 5eab2f0 Tweak how empty authorized_user_ids and known_hosts files are handled.
new aa9752d fix typo in man page; update changelog
new 64b40a9 updated README to explain why/when you might want to use update-authorized_keys.
new 956649a adding web site files - first import.
new 4c39f00 adding css file.
new 1b60938 updating download page with secure apt info, fixing typo.
new cd40693 trying to add a shortcut link icon.
new b37c81f adding news file about web site launch.
new 4b5f730 Merge commit 'dkg/master'
new 67f4058 spaces instead of tabs for nested lists?
new 4a0f106 removing garbage list at the bottom of the page.
new 2744c08 updating web site, starting technical documentation.
new 1508232 merged from jamie mcclelland.
new e2cb90d updating TODOs about web site, now that we have one launched.
new acb3000 Don't fail when authorized_user_ids or known_hosts files are not found.
new 83af3f9 updated changelog in preparation for 0.5-1
new cf68f4a added documentation link to homepage.
new 5e4dab8 added news about release of 0.5-1
new a09f044 fixing link to OpenSSH
new 95fd733 Some updates to documentation and webpage front page.
new 46c9ed0 adding back some of the plainer language description after Jamie R's technical additions.
new 53a6243 More tweaks to web front page.
new 7c76ffc fix bug in ssh-proxycommand.
new 4ac01c9 More work on web pages.
new 9b917f3 fixed Homepage field; added Vcs-Git
new e90c5fc Merge commit 'jrollins/master'
new a354378 use socat if netcat is not available from monkeysphere-ssh-proxycommand. Recommend: netcat | socat instead of just netcat.
new a668dc5 website: indicate specific filenames with visual/semantic styling.
new db1f799 website: remove superfluous backslashes inside code (``) blocks.
new 45e731a updated changelog
new 644d0d7 adding first bug about ssh-proxycommand
new 405a551 Merge commit 'jamie/master'
new a4a3e8f preparing for 0.6-1 release
new 8c23175 marking bug done.
new bb380b6 re-formatting bug for legibility.
new 720678a more re-formatting bug for legibility.
new 05d7e13 added explanation for bug problem.
new c662802 have .gitignore ignore more stuff
new 939ccf7 website: include instructions for git
new 8714868 initial pass at monkeysphere-server diagnostics (lots more to fill in!)
new 273eea4 fixed busted debian/changelog
new 7c8dbbd limiting output of monkeysphere-server help (usage) to 80 columns
new 0b5404f fixed broken invocation of stat
new 60931f1 be a little more helpful by printing out the actual expiration dates when things are expiring.
new 3a1f327 Fix inaccurate comment in process_user_id function.
new 91f299c properly handle host keys with no expiration date, store host key fingerprint for later use in diagnostics.
new b5df4f6 Merge commit 'jrollins/master'
new 8ec4e9b some tweaks to output formatting for diagnostic command.
new a7ccf57 Tried adding website to george. This may be non-ideal config, but it's a start.
new c7a177b Update what I did on george, and made small change to website to test.
new 93824de Update what I did on george
new ce11117 Fix how file modification check is done, and fix accidental extraneous output.
new 8e1439b rework out user id processing is done to provide better diagnostic output.
new dbbd1bd - Fixed bug in monkeysphere update-authorized_keys subcommand that had been preventing disallowed user ids from being properly removed from authorized_keys file. - Fixed file md5sum checking.
new 70ea3b6 More tweaks to the website.
new 38d9be6 redirect sample refresh keys cron tab to /dev/null.
new 8516531 some notes about george, added my full contact info to the download page of the web site.
new 0f2f84a updated monkeysphere update-authorized_keys explanation in monkeysphere.1
new 6ea9ff3 update download page to be more readable and linky
new e25d4ef one of these days i will learn markdown properly
new 405fb7c adding a new bug about the interaction between HostKeyAlias and monkeysphere-ssh-proxycommand
new 2f30775 added new bug about hashed known hosts.
new 3bcce75 adding new bug about behavior with no pty.
new 0d1b53f tidying up bug report about hashed known hosts
new f604514 transitioning package to git source format.
new be55c00 tidy up debian/changelog in preparation for 0.7-1 release.
new 515d8eb added news about release of 0.7-1
new f2a9325 update my contact info.
new eb9ad81 Merge commit 'dkg/master'
new 2c64cd4 Merge commit 'dkg/master'
new 09dac2c adding new feature request for silent option to monkeysphere-ssh-proxycommand.
new e238f6d cleanup and explanation for seckey2sshagent hack.
new f34a3f7 properly clean up temporary keyring with seckey2sshagent.
new 5c40441 seckey2sshagent now adds keys with semantic alias including full OpenPGP fingerprint.
new ec967fa fixing redrect of /usr/bin/gpg to redirect error as well as standard output to /dev/null for truly quiet output.
new 2221f12 Merge commit 'dkg/master'
new 6196165 adding directions to pass your key id as the first argument. Also added extra test for people who don't pass anything as the first argument - so the help explanation is shown.
new 31162d1 chaning my previous edits - which were made before I realized that the script is supposed to work with no arguments!
new a04f56a working around https://bugs.g10code.com/gnupg/issue945 in seckey2sshagent
new a7e520c merged changes from Jamie McClelland.
new 1b4c351 fixing typo.
new 1196cb0 Merge commit 'dkg/master'
new ca63fe1 Merge commit 'jamie/master'
new 22a1489 Merge commit 'dkg/master'
new 7d38c9d adding directions for using seckey2sshagent and filling out other sections to be more friendly to non-experts.
new 9b28058 adding two new feature requests.
new 48718fb adding to existing hash bug report.
new 8d5e0b0 Comments to bugs.
new 6f433d9 Adding simpler directions for getting your keyid.
new 65bb1dc adding comments to tickets.
new 55e7ac3 suggesting user-friendliness improvements for monkeysphere gen-key
new 7a40118 reporting bug about agonizingly long key generation.
new cd8067b updated outer limit of generation time.
new 0a38730 added suggestion for speeding up key generation on remote systems.
new fc97002 preparing better diagnostic messages for hosts that still have old HostKeys left.
new b17336f commenting on using george as a test public server.
new ae12c77 re-formatting comments in test server suggestion
new 304495a reformatting comments in request for published seckey2sshagent
new 79e1f78 more work on george
new 8f16be8 added documentation of new public git service off of george (as monkeysphere.info)
new dc93042 changed path to public git service from george
new b2fc651 changed sources.list snippet to use monkeysphere.info instead of george.riseup.net.
new 52287b8 documenting need for support of multiple hostnames
new 951a4fc updated debian/control to refer to "public-facing" git repo for the project.
new 8a793d7 changed website icon
new 21f5859 Better key parsing for monkeyspher gen-subkey. Allow seckey2sshagent to output to file.
new 5001c4b fix word duplication
new dda1c93 alphabetize the options
new 0e27af6 make it so monkeysphere-server will respond to --help
new 70bce76 made clearer comments, earlier bailouts for some user ID processing
new 26515a1 Merge commit 'jrollins/master'
new cdf4370 made monkeysphere --gen-subkey work better for users without gpg keys.
new e1b9c58 reporting new bug about --gen-subkey for agentless users
new 7ee8b75 adding new bug.
new 60624b8 renaming my bug to end in mdwn.
new 71957c6 fixing my sig so it doesn't indent weirdly.
new 0565fa2 added monkeysphere-server diagnostics to check for (and advise) AuthorizedKeysFile changes for monkeysphere-enabled authorized_keys
new be8136a new bug about missing known_hosts file
new 68a626b unescape *all* colons, instead of just the first one in encoded user IDs
new 70674ca fix another bug when processing ssh key files that do not exist.
new 4d54f1d Merge commit 'dkg/master'
new 4dc13cb added my repository to the downloads section of the webpage as a test of my ability to publish to the site
new 221b6ca switched published URL to dkgs git repo to use the git protocol.
new 0b60317 updates run on george.
new f672b68 documenting our trouble with (and possible approaches to) handling passphrase-locked secret keys.
new dfb394d suggesting reorganization of monkeysphere-server shortcuts.
new 6f34ff6 making monkeysphere-server publish-key stricter about choice of emitted host key.
new 48bdbc5 suggesting that we start encouraging host key publication.
new 5c1046f Merge commit 'dkg/master'
new f11ad8c close "missing-known_hosts-causes-error"
new 56d6185 added note about GnuTLS patch for "gnu-dummy" S2K extension
new d3c6dd0 commiting some bug comments.
new 7d5d1b0 more comments on bugs.
new 29bd1c0 added note about post to openssh-unix-dev w.r.t. an ssh client config parser
new 6d4dbe4 commit bug comment
new 2f89210 Add sorting of the processed key lines so that "good" keys are output at the end. This is done so that they take precedence over "bad" when being processed in key files. If bad keys are processed after good keys, there is a possibility of malicious bad key causing good keys to be continually removed from key files, which would be a big nuisance.
new d9f2518 update changelog for last commit.
new 0181b6f reorganize shortcuts for monkeysphere-server
new bb35e6f add start of add/revoke-hostname functions. revocation needs to be implemented.
new 6fb350a enabled host key publication. be aware.
new 6649b33 update bugs
new 38c3762 Merge commit 'jrollins/master'
new 9ce83dc fix link in dkg's comment.
new c749768 remove defunct comment
new cb45bed Merge commit 'dkg/master'
new 2d4d13f Merge commit 'jrollins/master'
new 1c1d84b Merge commit 'jrollins/master'
new 8661f27 Merge commit 'jrollins/master'
new ab5cfab Added checking of gpg.conf for keyserver.
new 056974d closing bug.
new e693947 Merge commit 'dkg/master'
new dd26d5a switched jrollins repo to use the git protocol
new 2247696 Merge commit 'jrollins/master'
new 617f03c first pass at revoking hostnames.
new 84b775f sigh. fixing some dumb typos in hostname revocation.
new d686f4a closing multiple-hostnames bug now that we have an implementation.
new 74a7b27 fixing proposed script to push authentication subkeys into the ssh-agent.
new b0ea15c fixing bugs in monkeysphere-server diagnostics.
new 8cf936a more work on hostname add/revoke
new 78fe687 fixing gen-subkey when no agent is present.
new c9acc12 noting that list-identity-certifiers should be running as a non-privileged user.
new cb05f33 Merge commit 'dkg/master'
new 46586fc Merge commit 'dkg/master'
new 9806e73 added "Why?" to the web site.
new bcc7aee fixing website index link
new ae661bf fixing website index link again
new a29b35e More work on finishing add/revoke hostname functions. Improved list-certifiers function, to use non-priviledged user.
new 1a17d50 close bug
new df0e87d Merge commit 'jrollins/master'
new 7c31f3e fixed typo in output.
new 9d31bf7 Merge commit 'dkg/master'
new e5a8a06 small tweak to why link
new 7045b2d New bug about revoke-hostname revoking the wrong hostname.
new 5896469 george updates
new 572454f fix bug name.
new 72a8898 really change bug name now
new 60c5bfa Merge commit 'jrollins/master'
new b3e1bb9 added comment about verbosity of monkeysphere-ssh-proxycommand
new 176356a added proposed resolution to "seckey2sshagent in /usr/bin" bug
new 6f3fdf1 clarified phrasing in why page for admins; softened index link to "why".
new ced3f32 adding a to-do item for work on the web site.
new 26ad8fe fixing usage for gen-subkey; allowing --help for monkeysphere (to match monkeysphere-server behavior).
new d7d179a Merge commit 'dkg/master'
new 59d3a09 rewording but report.
new 1d0c202 add loud warning about bug in revoke-hostname
new 10f6d1c cleaning up changelog in preparation for 0.8-1 release.
new a1f164e notes immediately after 0.8-1 release.
new 0e12dd6 fixing title of 0.8-1 release announcement.
new cbcc9ff fixed bad bug in user id processing that prevented bad primary keys from being properly handled.
new d16c579 fix bug i accidentally introduced in the diagnostic function
new 38be21f re-added fingerprint output during diagnostics.
new d8ece7d added 'monkeysphere-server extend-key' subcommand
new 823a697 collapsed "show-fingerprint" with "show-key" for monkeysphere-server.
new 60b3dfe updated debian/changelog in preparation for 0.9-1 release.
new c5998e1 release announcement for 0.9-1.
new f4d2a81 stupid big jimmy. fix bug in previous bug fix.
new aafbe55 more notes on changes on george.
new c245399 Merge commit 'jrollins/master'
new 57bc860 updated changelog in preparation for 0.10-1 release.
new a04c49d news about 0.10 release
new 533d79f cleaned up doc/TODO to reflect current work. This info should probably be moved out of here to website/bugs at some point.
new 6ac379b Merge commit 'jrollins/master'
new ec9ded7 Add a mailing list link, and a page with the mailing list information about how to subscribe and where the archives are at. I also rearranged the link positions on the front page to be more oriented around how other projects typically order them
new d78a6e3 Merge branch 'master' of webmaster at george.riseup.net:monkeysphere
new 4fc0904 add news item about the mailing list
new 2589cde website/news/mailing-list.mdwn: fix spelling of "it's"
new b00fb52 added git-core to Build-Depends: because of new packaging format.
new 5f04744 Merge commit 'mlcastle/master'
new fc43a83 add bug about gpg_authentication_cmd.
new e4ac245 Merge commit 'mlcastle/master'
new c60beab Merge commit 'jrollins/master'
new f8776c0 Merge commit 'dkg/master'
new 6a9fb8b Merge commit 'mlcastle/master'
new 06af6a5 Merge commit 'dkg/master'
new 89cf6f4 tweak add/revoke-hostname functions to properly update the correct trustdb, and improve ouput of show-key.
new 81b95ea consolidating debian/changelog entries to 0.11-1, since 0.10-2 has never been (and will never be) released
new 4c40d9a some web site updates
new 35f16f7 broke out ssh-askpass-style prompting (to feed to gpg); implemented first pass at monkeysphere subkey-to-ssh-agent.
new e32ef4a documenting subkey-to-ssh-agent in monkeysphere(1).
new a41b10c getting proper behavior from ssh-add; thanks to Jim Knoble and David Bronder for their insights.
new 39f3516 made monkeysphere subkey-to-ssh-agent more user-friendly.
new 3c65d3d Merge commit 'jrollins/master'
new c0fed88 updating documentation (incl. debian/changelog) to reflect new subkey-to-ssh-agent subcommand.
new 0cdc1d9 adding news about 0.11-1 release.
new 5ad5c29 updated notes about work on george.
new 4f2abba added patch to enable GnuTLS 2.4.x to read gnu-dummy S2K extensions, along with build script to make updated .deb packages.
new 48067bb documenting new patched GnuTLS offerings.
new 1e3aa94 clarifying and linkifying the gnutls announcement.
new f2d9418 fixing markup.
new 75279b8 some small changes to subkey-to-ssh-agent.
new ebe1b24 Merge commit 'dkg/master'
new a857737 clean up and clarify script for building patched gnutls.
new b6e33ef couple small website tweaks
new b1eaece adding the templates directory and header template and testing it's use with the index.mwdn file.
new 6584901 adding header to all pages.
new c29a4d5 preface why link with forward slash so it works on pages other than the home page.
new c329ccb changing name of new template from header to nav to be more precise.
new 050a25e adding directions for adding your gpg auth subkey to ssh agent.
new 655253c some formatting tweaks to the website.
new 3c5f35d simplifying instructions for getting gnutls - no need to edit your preferences after all.
new 3faf01e Merge commit 'jamie/master'
new 140fd9b updating quiet-option bug.
new 0503023 tweaked the key expiration checking function, and replied to SJJ's bug comment.
new f12a516 small tweak to subkey-to-agent function, including tweak to key naming convention (i'm still not entirely satisfied with how to do sec key naming here).
new cf9e8e4 added comment to ssh-proxycommand quiet option discussion.
new a6e5b14 keeping george up-to-date.
new 1dd85c9 suggesting bug reports on the monkeysphere mailing list.
new caf0fe0 adding more links to the mailing list so people can give feedback.
new 56aa562 draft of prospective d-a.org (and hence planet.debian.org) announcement.
new fbee321 tweak to announcement
new 9c513b3 notes about daniel at george.
new 7387fd7 proposal for simplifying this code change.
new 5da265b add links to similar projects in documentation page.
new ef51e83 small tweak to nav bar.
new 7e07e12 followup on Sir Jam Jams proposal for quiet proxycommands.
new 4ee3758 Merge commit 'jrollins/master'
new 1c69ed3 fleshed out the "Similar Projects" section
new ff7e3b5 Enumerated more concerns in "Similar Projects" section
new 335ccb0 adding 2 tab indents for commands and blocks for easier readability when converted via markdown to html.
new 46766d6 replacing a few line breaks I accidentally removed (for easier readability in the text version).
new f5e80ac adding symlink to README file as markdown page for web site.
new 58e8aa0 ikiwiki reasonably refuses to follow symlinks, so rather than symlink from README -> ../website/getting-started-user.mdwn I'm moving README to ../website/getting-started-user.mdwn and symlinking in the opposite direction.
new 91fe44d removing # in top title that was accidentally added.
new 805d177 adding links to the getting started pages.
new 8bba6f2 adding initial slashes to links.
new 8c73c7a Adding README.admin as symlink - forgot this in my previous commit.
new 27d9f63 edits and cleanup on getting started documents.
new 2c597e1 moving <pre> blocks over by 2em to compensate for my removal of the double-tabbed offsets.
new 42e183c reorganizing web pages, balancing between community and download: download is for people who just want to use initially, community is for people who want to engage with the project (hopefully the one will turn into the other).
new 5853f2d More updates on documentation (mostly Similar Projects)
new c584f33 Merge commit 'jamie/master'
new b9f298a Adding comment announcing code change implementing proposal for quiet mode.
new 6853904 Merge commit 'jamie/master'
new fe98c79 comment to bug.
new ef17241 added my name as a co-author of src/monkeysphere.
new 9572e11 marking add seckey2sshagent to bin as closed bug.
new 58522a5 asking if we can close handle locked subkey bug.
new 5b386da Fixing punctuation.
new 4296879 removing ` ` from openssh-gpg so it formats like the other examples.
new 078917b Fixed link to news item on modified gnutls offering.
new 426e933 Merge commit 'web/master'
new c36c6bf removed references to non-free fonts
new 8efe099 included monkey logo from http://upload.wikimedia.org/wikipedia/commons/b/b8/Monkey.svg
new 01f9a44 added svg version of web site logo from daniel scott.
new b9ca331 including most of recommended local.css changes from Dan Scott (retained prior "pre" definition, and specifying only free fonts).
new 7cf229c including instructions to generate logo.png from logo.svg
new fa399df testing templating features.
new b906791 still experimenting with templates.
new 8747c3a updating navigation template to come closer to suggested web design.
new d619cb1 adding logo.png, which should really be generated via inkscape from doc/artwork/logo.svg, simply because i do not want to learn ikiwiki well enough to sort out the autogeneration process (and i do not want to require inkscape on all site mirrors)
new 12ae6fb trying again with images in the template nav.
new 5a0fe77 more attempts to bring the current site example closer to suggested design.
new 41373fc cleaning up failed templating experiments.
new 6e6dd06 tagging the logo image with a classname
new db372fe hiding generated header and actions.
new 076e4fe cleaning up failed templating experiments.
new 466ad33 more updates to navigation.
new b53dc98 more updates to navigation.
new 10504cc brought in upstream page.tmpl from ikiwiki.
new 089ef38 trying to include the nav header on every page.
new 49668f6 testing page template modifications.
new 28f126f unhide standared ikiwiki header and actions.
new 36c9dcc cleaning up page.tmpl.
new 60470b7 fix links in nav bar.
new 0e5a29d Merge commit 'dkg/master'
new 34f03fb more tweaks to nav to match the suggested design.
new 878d43b more tweaks to nav to match the suggested design.
new 3e5217b switched nav to list for easier manipulation via CSS.
new e7a65d2 trying to switch to list items.
new 6df368a still trying to switch to list items.
new 0868e44 reverting to regular text in nav, since list items do not show up as expected in markdown.
new b51aef9 bolding links in header, and removing underlines from them to match proposed site design.
new 6d41666 increasing gap between header links.
new b313453 making navigation header links behave sanely when selected.
new 112ab1b nav header links margin is on right instead of left to keep image in the correct spot.
new 48f308a switching ikiwiki default headers to the right-hand side of the page.
new 9b15338 reorganize headers on documentation page, try out table of contents plugin.
new 4a1cca4 fix usage of table of contents plugin.
new 640c122 broke out similar projects to separate page.
new 7dfc00c more documentation cleanup.
new 24b310e standardizing on h2 as the section header across web site documentation.
new 42f95c0 linking to getting started docs from why page; set up TOC on why page.
new c4b1ec9 fixing broken links in why page.
new e6d6c46 moved all apt repository references to archive.monkeysphere.info.
new 76e67ee more updates as i pursue service-specific hostnames.
new e2e87dd completing the service-specific hostname canonicalization (i think).
new 34029d1 documenting the change for the git repository.
new b03fc4b cleaning up titles of web site pages.
new 90568be simplifying stylesheet, returning underscores to nav links
new 744600b fixed bug in news aggregation page
new 212c4e5 included todo entry about porting monkeysphere to other OSes.
new 5bb8d41 Start modifications to output logging with LOG_LEVEL.
new 948b217 Merge commit 'dkg/master'
new bb2427c Finalize new log level changes. This is more or less doing what it should. The only problem, I think, is that it doesn't handle improperly specified LOG_LEVEL well, effectively resorting to silent.
new a07556b comment to bug about logging.
new 7d9b281 cleanup stray commas, ensure that ill-specified loglevels default to INFO
new a38d8f8 added concern about Perspectives UDP filtering to website/similar.
new aeafd20 switched monkeysphere-ssh-proxycommand to #!/bin/bash, as it has become more complex.
new 786cd57 added Jamie McClelland as author in src/*
new 35d94a4 the way i modified the log function breaks when IFS is set to something funny; fix it. Move happy messages from error to info.
new c77ad0b documenting new archive signing key. Other devs: please update the ascii-armored key to include your signature!
new 9a9238d download page now refers to the monkeysphere archive signing key.
new c8ddc54 committing reprepro config files for the monkeysphere APT repo.
new 0c03c5f git-ignoring the reprepro-generated stuff.
new 3f0f491 documented APT archive management practices.
new 7f7a389 tweaking archive maintenance documentation.
new 6576cb2 re-wording intro paragraphs, to make them shorter and sweeter.
new c09ac0e created new VERBOSE log level, and moved most INFO stuff to that level.
new fccf552 Merge commit 'dkg/master'
new 5475afc comment on passphrase-less key bug.
new c2dd887 Merge commit 'jrollins/master'
new dafe143 closing test server request, since no one has stepped up to volunteer to maintain account generation, etc.
new 451f549 monkeysphere-server update-users on a bad name should warrant an error.
new e987c4c fixing typo
new 5863b0a fixing broken link syntax
new 19a3c7a update documentation.
new e883a05 checking a keyserver should warn at level INFO, since it is a potential information leak.
new aefec8e some cleanup to the proxycommand.
new 3308586 trying to change the way docs are handled.
new c6d49de shipping getting-started docs directly; nevermind about calling them README.
new f7299a7 shipping getting-started docs in the release tarball; nevermind about calling them README.
new 4dfcb19 stripped down, cleaned up MonkeySpec.
new 7dab6df Merge commit 'dkg/master'
new 8deb4a2 Merge commit 'jrollins/master'
new fcfb94e editing comments in monkeysphere-ssh-proxycommand.
new 020a863 changing e-mail address for dkg.
new ca7568c tweaks to the man pages.
new 1af5072 preparing for 0.12-1 release.
new d4dc8a9 updating documentation about the archive, including other developer signatures on the archive signing key.
new 8308d8f Merge commit 'jrollins/master'
new f4e9793 more work on the text of the web site homepage.
new 0352609 tuning how monkeysphere looks for secret keys.
new 3e5c5b5 debian/changelog: set up new entry.
new 9aede4d copied in templates/page.tmpl from ikiwiki upstream.
new ecb8285 testing changes to ikiwiki/templates/page.tmpl
new 856a682 more changes to ikiwiki/templates/page.tmpl
new 80a6f58 trying out sidebar plugin to deal with navigation.
new dac4a10 trying to override sidebar formatting.
new 0c76e8d trying to override sidebar formatting.
new d7243d3 more games with the stylesheet.
new 7d376d9 we do not need the nav template any more, since we are using the sidebar plugin.
new 78f8432 getting rid of nav template, relying on sidebar instead.
new ab37fbf added a note about the public nature of contacting developers on the project.
new d6c52a6 tweaks to the webpage to improve look and layout slight.
new 2569f05 Merge commit 'jrollins/master'
new 0adb696 setting off file names in documentation.
new 623aef0 added ridiculously scant first draft of document about gpg trust model.
new 39ad3cc adding sample ikiwiki setup file and mirrors web page.
new 99b3c2c Merge commit 'dkg/master'
new 7c8b46d fixing formatting and typo (pusch -> push).
new ba9b78b more attempts at getting the formatting right.
new 1564335 more fun with formatting - now using 4 spaces for code block rather than two tabs.
new acf0641 this time with extra line breaks.
new 52d692d combining code blocks with lists seems to not be possible[0]. Removing lists.
new 1e26301 added bug monkeysphere-gen-subkey-treats-revoked-auth-subkey-as-valid
new 6ac3a9c Modifying instruction to change the order of creating the repo's so that when the post-receive hook is run, ikiwiki has had a chance to create it.
new 86f97d4 Merge commit 'dkg/master'
new b7a13e1 move config directory to ~/.monkeysphere
new a801491 Merge commit 'micah/master'
new 033b0f3 added more explicit internal links to documentation page.
new f0d37a7 Merge commit 'dkg/master'
new 43504b1 Merge commit 'jrollins/master'
new bdee166 we are building with the format 3.0 (git) packaging techniques now; simplify makefile. change "release" target to "tarbball", since we are not releasing this way yet.
new 076fac6 debian/changelog: preparing for 0.13-1 release.
new cae2d7c changing bug history to refer to ~/.monkeysphere instead of ~/.config/monkeysphere to avoid future confusion.
new 6ee744d update changelog to reflect the new monkeysphere user configuration location
new ac8f7d1 Merge commit 'micah/master'
new d5430fd more notes on work on george.
new ba1d8c2 Merge commit 'dkg/master'
new e01d9c5 a few tweaks to the monkeysphere announcement.
new 9bd2264 a couple very small tweaks to the web page.
new 7bd735a some small changes to the web pages.
new b945c94 one last (not) small web tweak.
new 6023ddb fix meta title in trust-model page.
new 75301f6 fixing formatting in website/trust-models.
new 66eef97 add 0.13 release news item
new 688fe8f Revert "we are building with the format 3.0 (git) packaging techniques now; simplify makefile. change "release" target to "tarbball", since we are not releasing this way yet."
new 251a3b9 removing traces of format 3.0 packaging. LCD wins again.
new bb653ca preparing for 0.14-1 release with old packaging format.
new 6d1b55b release announcement for 0.14-1 (we should automate creating these)
new 5bfd0fb reorganizing the announcement so that the download page makes it clear how to get the source.
new ce0edf8 fleshed out trust model documentation.
new 47310fe attempting to fix trust-model formatting.
new abf3379 clarify trust-models.
new 7c3907e notes about mathopd mime-type configuration on george.
new fd228dc wrote simple monkeyshell so we have a fake shell for test accounts on george (if we want to give them out).
new 40a5f62 notes about new account: monkey at george
new 550d928 notes about IRC channel in website/community.
new 5651c90 fixing signature for sha1sum of tarball.
new 051d1b0 generalizing makefile to try to get it to work with BSDmake.
new 5eaa6e2 added m-s diagnostics test for presence of monkeysphere system user.
new d64d1d1 added comments to monkeyshell.c
new 7f225b2 updated getting-started-admins syntax to work under zsh. Thanks, stew!
new 20da058 debian/control: updating package description.
new 39b7ac2 debian/changelog: adding new entry.
new 990c334 switch from execv to execvp to find base64 wherever it is in the path.
new b66fd50 removed use of sponge, got rid of dependency on moreutils.
new 268c673 removed build dependency on git-core, since we are back on 1.0 source packages.
new 91f8801 moved monkeysphere(5) to section 7 of the manual. Thanks, Stew!
new a29f92a debian/changelog: added note about monkeysphere(5) move.
new a6c9b79 adding make install target
new c627816 tuning up the make install target.
new 75e989c fixing comment about dates.
new d076f45 added new test for /var/lib/monkeysphere in m-s diagnostics.
new 93a51ab packaging simplification, TODO cleanup.
new 650b839 update debian/changelog
new 9556a2f more porting tweaks: do not rely on the -w arg to base64, so we can use fourmilab instead of GNU
new 9352a72 changed intro to trust model docs.
new 2a597ca updating mirrors help file to reflect new rsync approach.
new 45fd283 implementing Dan Scott small-caps suggestion for nav links.
new eeaa6fa adding link to mirrors page.
new 8f39ffc more updates for mathopd on george
new 2debdd8 Merge commit 'web/master'
new 1241081 minor formatting tweaks on mirrors page.
new 8765b3c prevent page widening on the web site.
new 5a18c46 prevent page widening, but nicer.
new d4e17a8 adding h1 titles to pages
new 55ea6c6 Merge commit 'dkg/master'
new 37eb3fd move toc on why to top where it's supposed to be, even though i don't like it there.
new 3827c6f remove why toc entirely, since it doesn't seem to be doing the right thing with the new h1 title.
new 203c14c Standardizing on Monkeysphere instead of MonkeySphere
new a06fe8d more website visual adjustments, as suggested by Dan Scott
new eec16a4 tweaking stylesheet
new e7a90ec trying out more widely-supported smaller font + upcased link text instead of small-caps
new 1e75f24 manipulating vertical placement of nav text
new 965f05b raising nav text to where Dan Scott says it should be
new 06b532a ensuring that pre blocks are indented twice what top-level p blocks are
new a1bbfbd pre elements should not run the full page
new fa2aeb6 abstract lockfile functions to be able to Depend: lockfile-progs | lockfile
new 041c432 adding missing curly brace.
new 3a8b658 changing font size on h1 and h2 to be smaller.
new 3cf7b2a Merge commit 'jamie/master'
new a266aa8 fix lockfile wrapper; it was sloppily constructed.
new 74bd355 add curly brace end to lock function that was oddly removed at one point.
new b3af23e add toc back to why page, even though i'm still not totally satisfied with it's formatting.
new 374cbfa prepring for 0.15-1 release.
new 1fbd95f release notes for 0.15-1
new 2bb4fde scripts to "make releasenote" to make my life easier.
new d4d83e3 cleanup automated releasenote bits.
new 4dea1f0 dkg gets all of the credit for us finally being able to put to death seckey2sshagent. If we need it, we know where it is. rip.
new 98253f5 adding new bug about cssh.
new 2c6c9e8 Merge commit 'dkg/master'
new 8e1f456 Merge commit 'jrollins/master'
new 701d295 comment to HRHSJJ's cssh bug.
new 005f6ae added bug about options for authorized_user_ids.
new ba5cdea tweaking debian/copyright
new f82e2de added comment about ConnectTimeout option for cssh
new 0c63107 renamed cssh bug -- we know these are all monkeysphere bugs, so they do not all need to start with "monkeysphere".
new 7e1ee1c fixing the shebang line for portability.
new 70fdfa0 added initial FreeBSD packaging from anarcat (via svn from https://lethe.koumbit.net/svn/koumbit/trunk/ports/security/monkeysphere)
new 3e9ce2a updates to FreeBSD port framework
new 34a2fe2 more packaging shennanigans (nc is available in FreeBSD-7-STABLE by default, apparently)
new 4a59488 tagging changelog so it does not get accidentally released as 0.16 yet.
new e326d7f more monkeying around with portable ways to install the manpages.
new d3e96a9 more FreeBSD patches to adopt the ports-specific location of the shared files.
new 76f242f further lockfile debugging.
new 2ba01ab adding build-freebsd-distinfo to make updating ports simpler.
new e027e91 first pass at auto-created distinfo for FreeBSD packaging.
new 5c3ec72 making invocations of mktemp portable (FreeBSD does not have a default value for the [template] arg
new c4b4cdd tweaking installations of config files so that FreeBSD ports do not clobber local sysadmin changes.
new 4d1ceb6 fixing Makefile configfile installation goof.
new c164ea4 fixing another Makefile configfile installation goof.
new 1cb5bc8 fixing up FreeBSD port Makefile to handle post-install config file creation properly.
new 99fbb1b patching the upstream sources for the unusual location of etc in FreeBSD.
new 4e5ac7b cleaning up copyright in postinst/preinst scripts
new e18b89b initial attempts at user add scripts for FreeBSD packaging.
new 85b105c streamlined pkg-install and pkg-deinstall, based on mysql and postgresql ports
new 4822085 ensuring that FreeBSD uses /var/monkeysphere instead of /var/lib/monkeysphere
new 82c97a3 more tweaks to freebsd packaging.
new 1343ffb more portability fixes: GNU date and BSD date prognosticate differently.
new 6a68ed3 make calls to hostname portable; more tweaks to FreeBSD packaging.
new c344104 make sure that the FreeBSD package is using GNU-style getopt calls.
new 531e08b replace stat with ls (sigh) and make su more portable.
new 783bde1 adding new bug about clobbering system-specific gpg.conf files, with two different proposed solutions.
new 2b85b85 added proposal for monkeysphere-server setup subcommand.
new 0beaa99 counting problems in monkeysphere-server diagnostics
new f197988 invoking monkeysphere-server diagnostics at the end of the FreeBSD package installation.
new 988ed72 fixing bugs in monkeysphere-server diagnostics.
new cc637b0 closing cssh bug.
new 3c020c2 touch up monkeysphere-server(8), include suggestion of allowing certifier identities from a file.
new 12664ba allow monkeysphere-server c+ to read from the filesystem. Fix mistaken use of $TMPDIR, which was causing weird recursion problems with portable invocations of mktemp.
new 9f65b45 Merge commit 'jamie/master'
new f81f2c8 adding another FIXME of things worth adding to monkeysphere-server diagnostics.
new 5ae4c1f added note about posting cssh bug.
new d454019 The monkeysphere system user must have bash as its shell for the simple su invocation to work. Do not try to explicitly preserve the environment across an su, as this is the default, and -m implies using the login shell of the superuser under FreeBSD.
new b5e33d4 forcing monkeysphere shell to bash for FreeBSD.
new 2fea7c8 documenting problems with the tarball generation process.
new ac01e1d fixing titles in my recent bugs.
new e98366c adding initial testsuite (totally unfinished!), bug report about genericizing filesystem locations.
new 86d072e documenting trouble with two keyring arrangement.
new 924d4c6 Start changes to move gpg.conf files into /etc/monkeysphere.
new 5230163 Merge commit 'dkg/master'
new 19acd9d adding directions on how to build a deb package from the source.
new 2fed8a8 Merge commit 'jamie/master'
new 5a83949 Merge commit 'jamie/master'
new 49e57b2 reported bug about seahorse to debian at: http://bugs.debian.org/501085
new e1bcdee some preparatory changes in preparation for a test suite: not tested!
new 589b81e Merge commit 'dkg/master'
new a746da0 Generalize filesystem location variables (closes http://web.monkeysphere.info/bugs/genericize-filesystem-locations-for-testsuite/). Add comments to gpg.conf files.
new 936daca Add debian preinst script to move old gpg.conf files out of the way.
new c76c8c7 fix the *inst scripts to properly handle linking in the gpg.conf files.
new 1732c33 working on improving log output
new 1d030ea close two bugs based on the work today.
new f08f75c added fake admin key (ID 7005D3BE) for test suite.
new 91d16f3 Merge commit 'dkg/master'
new a7636d3 some work on the test script.
new d6632fc More work on test suite.
new 023b6d1 add another FIXME for m-s d
new 07a4017 add a socat-based sshd invocation to the basic test suite.
new 14fd730 switch default keyservers to be pool.sks-keyservers.net, since that pool seems to be well-monitored and updated.
new 504dc46 add check to su_monkeysphere_user to not use su if the user is the monkeysphere user.
new 5f29ad7 test now has better sshd configuration.
new bb75d35 Merge commit 'jrollins/master'
new 2983d63 more changes to test suite, and add admin/testuser gpg.conf files to use quick-random option
new 8473500 Merge commit 'dkg/master'
new 46aa44a fix path to sshd_config in test script
new 7b30291 more tweaks to test script.
new 7676e30 testing: admin has signed key of testuser; testuser has lsigned key of admin, and granted full ownertrust to admin.
new fa4afa2 more work on test suite.
new 55bc90d tests: do not use privilege separation with sshd.
new 6037a42 Merge commit 'jrollins/master'
new e836e3d more work on test suite.
new 9719b46 more test suite fixes.
new 3704557 freebsd port: changes from anarcat
new c80b802 Merge commit 'jrollins/master'
new 3880f27 repaired admin keyring
new e0eab1b testing: transfer permissions of home directories for testuser and admin.
new 0461219 testing: make final ssh command more verbose; supplying a default empty password for gen-subkey.
new a718b8d testing: adding temporary monkeysphere config and ssh config.
new f0fc313 testing: fix ssh_config var UserKnownHosts to UserKnownHostsFile.
new 5e6fa01 testing: using jobspec instead of SSHD_PID
new af62845 testing: only try to kill backgrounded sshd if process exists.
new 485b28a testing switching back to SSHD_PID, since the jobspec does not seem to work through a trap.
new 8859ba4 testing: move ProxyCommand into a simple shell script to ease invocation (shell logical operators do not work directly in ProxyCommand argument).
new 74b446a testing: moved the LogLevel debugging for ssh into config files, added an ssh-agent to the final ssh invocation.
new c4a5813 testing: added a passphrase (abc123) for the testuser private key; supplied a phony SSH_ASKPASS to provide the password when needed.
new deff162 testing: fixing some bash escaping, adding in one last FIXME
new a40dd55 testing: setting up the authorized_keys for testuser.
new e386489 testing: change order of operations to make sure that authentication subkey is available during authorized_keys update.
new 6b5b0fd testing: setting up the fake testuser account with an authorized_user_id.
new 96ac22c testing: A bit more fine-tuning, so that the test suite should successfully complete without any user interaction.
new ee285d5 packaging preparations for 0.16-1 release.
new 502915e added 0.16-1 release announcement, plus new bug.
new 0e69638 fixing download link for latest released tarball.
new eef5c54 fixing build-releasenote so that it updates the tarball download link as well.
new 7a34147 updated freebsd ports information.
new 5722f3c add some documentation to the user section about establishing trust
new 20e8894 Merge commit 'dkg/master'
new a7b3286 add comment to bug.
new 2288f6b Merge commit 'jrollins/master'
new 03468ed Merge commit 'micah/master'
new b5d43f9 included the full GPG transcript of granting trust in the User QuickStart guide.
new bd30414 added notes about recent work on george.
new 12dfa2e Removed the gnutls component from our APT repo, since gnutls 2.6 is now in debian/unstable. Documented the changes, and changed the warning message that monkeysphere emits too.
new b1244f1 tracking freebsd packaging from anarcat.
new c8ab71b Changes to fix bug in authorized_keys file generation in monkeysphere-server update-users.
new 3b0d536 close bug about problem in authorized_keys generation in monkeysphere-server.
new 21fd654 comment to bug about existing invalid authentication keys.
new 88b92e7 comment to bug about parsing ssh config files.
new af26741 Merge commit 'jrollins/master'
new 5a8f2f1 Merge commit 'dkg/master'
new b1438d7 Move to using empty string for not using a user-controlled authorized_keys file in RAW_AUTHORIZED_KEYS variable. Fix spelling mistakes and wording in config files.
new 2f8998a fix missing log level in config files.
new d0c45a5 updated gnutls info on download page.
new 330cb7b extend test suite to check for authentication denial when authorized_user_ids has been removed.
new a58d337 Merge commit 'dkg/master'
new 1b6ebcd Merge commit 'jrollins/master'
new 34439fb tests now avoid prompting for default identity files.
new 12be051 update changelog in preparation for 0.17 release.
new 56db549 added release notes for 0.17-1
new d45c604 fix bugs in authorized_* file permission checking.
new 2c6da8e add more debugging output.
new d080f8c make sure that the /etc/monkeysphere/gpg-*.conf are placed during package installation.
new 3e5ccfd do not choke at end of test suite if no sshd was ever launched.
new 30ac88c test suite now auto-detects which flavor of prng support GPG uses.
new bee6028 testing: tighten up the umask before sshd launch, so that the socket is not exposed during the test.
new f724274 chown authorized_keys files as jrollins, and add monkeysphere tmpdir in SYSDATADIR, for atomic moves of authorized_keys.
new 4b5be52 more work on test suite, and add new tmpdir to monkeysphere.dirs.
new 6be0d74 cleaning up debian packaging.
new f83f553 enforce error checking when transferring the authorized keys file. If the transfer fails, remove any existing target file so that we fail closed.
new dbbd331 cleaning up basic test.
new 4af6e62 touch known_hosts file in monkeysphere so that permission checking down't fail. remove spurios directory in monkeysphere.dirs. more work on test suite.
new 11cd8c4 move to using 'none' for the RAW_AUTHORIZED_KEY value to use for *not* including a user-controlled authorized_keys file. more fixes on test suite.
new 0d7a924 tweak to test to not include user authorized_keys file.
new c5b6958 move away from using MONKEYSPHERE_SERVER_CONFIG in test suite.
new 8d609df finish consolidating test suite ssh test into single function, and add more tests (for permission checking).
new 45662d0 preparing for 0.18-1 release.
new e81c98d added release notes for 0.18-1.
new 753b7c5 set DISPLAY in test suite so that passphrase prompting falls through.
new e4dbd96 Merge commit 'dkg/master'
new 37c5b03 added comments and changelog notes about why the test script sets $DISPLAY
new 4885662 fixing symlinks created in packaging; updated FreeBSD port to handle centrally-linked gpg.conf files too.
new 263aa31 preparing for 0.19-1 release to fix config file goofiness.
new 3df649e added release notes for 0.19-1
new 6ed72ef updated freebsd data for 0.19
new 680d734 Merge commit 'dkg/master'
new 150008d fix small bug in the packaging about man7 directory installation.
new 82c1c7c link "why" web page to the alternate PKI discussion.
new f0fb1db added latest george updates to changelog.
new 56ba9a2 fix my email address in debian/control.
new e9a874c asking reprepro to keep older unreferenced files around in the archive. This should help our porters, so that they can have a canonical place to download tarballs from even if a new version has been released.
new 2ae935a add checks to make sure that the test suite will be able to run.
new 3763a9e fixing stupid typo.
new b5f5c45 fixing check for test suite.
new 6f85cad Couple of small fixes to makefile.
new e3030c0 updating debian/changelog as we start work on version 0.20.
new 7d0fbea small change to cleanup website release note.
new 0f5a417 fixing freebsd patch to match current shipped config file.
new 992e7de do more testing to make sure that mktemp calls do not fail.
new 7b8af9a build out directories for the monkeysphere that should be created on package installation.
new b2d9fe7 freebsd packaging: leave gnupg-authentication.conf with superuser ownership. it should not need to be owned by monkeysphere.
new 46cb105 Merge commit 'jrollins/master'
new 846174d reorganizing FreeBSD port to make it clearer where it in /usr/ports and to make it easier to rebuild the port
new b57e121 make build-freebsd-distinfo match the changed location of the packaging.
new 7555df0 store gnutls patch for fully-enabling the monkeysphere on FreeBSD 7.1, which ships with GnuTLS 2.4.1
new dbd07cf announce FreeBSD port!
new 7f79f55 Merge commit 'dkg/master'
new 2e49fd8 update download section of website to include freebsd info.
new 0141efc work on website, cleaning up download page
new 8ba6192 set the bash pipefail option in the test script to return the error code of the first failed function in a pipe. also add some new web pages that need to be filled out.
new 19dda21 very minor changes to test script
new e36adf0 Reworked the download page to link from "add this key to your apt configuration" to the /archive-key page, pushing the SecureApt reference link into that page. This has a streamlining affect on new users wanting to get started as it links directly to the archive-key page where there are explicit instructions for how to do the archive key verification and then the follow-up add to the apt keyring for proper archive/package verification. The way it was before, you were [...]
new 7833a5e create a new section of the getting started page that lets people know that they should install monkeysphere software at this point in their journey. It may be obvious, but I think in terms of providing a step-by-step howto get started guide, the least assumptions of obviousness we make, the better.
new b726156 Merge commit 'dkg/master'
new 0f44806 Merge commit 'micah/master'
new f05d8f4 small fix to broken web link.
new 9aec501 Merge commit 'micah/master'
new 7836f86 include the gnupg config files in FreeBSD port.
new 6bc022e Merge commit 'web/master'
new 60bb324 tests/basic ensure that any lingering sshd process will get killed off.
new bdce00f update changelog to reflect test tweaking.
new a4f2e6c add shebang and copyright to makefile.
new fdc8f9d changed myself to be maintainer.
new 8181382 update changelog
new d629819 change distribution to unstable in changelog.
new acac70f release notes for 0.20.
new 3726f3d move debian packaging to the packaging/ subdirectory.
new 8195dad add prerm script, and add debhelper lines to other install scripts.
new 4dce7a9 Merge commit 'dkg/master'
new 752a813 Merge commit 'jrollins/master'
new a79d359 add close ITP bug to changelog
new 0059745 Merge commit 'jrollins/master'
new 80453e1 reformat changelog
new 631af95 Merge commit 'micah/master'
new 0d90d12 updating release notes for 0.21, updating build scripts.
new 12d5b6a make sure we clean up /var/lib/monkeysphere during prerm.
new 786ca25 really fixing prerm
new 6f58fa3 debian packaging: removing unnecessary error masking in {pre,post}rm
new 7156551 do not fail in postrm if /var/lib/monkeysphere is already wiped.
new 522b1ad /var/lib/monkeysphere will get taken care of by debhelper appropriately. Leave it alone.
new a6cade3 fix my email address
new 20fa2bf add a directory and a changlog for the zimmerman keyserver (including some changes)
new 91f3af2 new bug: useful information
new a889bad reporting changes around mail configuration of zimmermann.
new cdfb653 add the new monkeysphere package to zimmerman
new 17aa81f Merge commit 'jamie/master'
new b259e0e Merge commit 'micah/master'
new a66dc76 Merge commit 'mlcastle/master'
new a96625f rename
new f5d87b8 remove pruning of the ssh fingerprint output in monkeysphere-server show-key function. the extra info (key length and type) are useful to have.
new a4983d2 change from using a filename that is a just a space to an actual temporary file
new d39039b Merge commit 'micah/master'
new 2459fa3 Added info log output when a new key is added to known_hosts file.
new 5c769e7 fix tarball download link
new a57e08b Merge commit 'micah/master'
new d068b7c m-s s: avoid failures when $TMPDIR has a space in it. (output might still be a bit garbled)
new 9eed079 exporting SSH host public key (two variants: one traditional ssh, the other OpenPGP) during m-s gen-key
new c9efd3d update debian/changelog.
new 11e3f75 making the "upstream version" end in ~pre so that test packages created before the release will upgrade properly when the official 0.22 gets released.
new d056cc6 feedback on useful-information bug.
new dd002c8 added some useful output to the ssh-proxycommand for "marginal" cases where keys are found for host but do not have full validity. this uses ssh-keyscan to pull the key for the host in question, check this key against the keys against those found via gpg, and output some useful information about the one that matches.
new 5d99493 Merge commit 'dkg/master'
new e7c994d Merge commit 'dkg/master'
new d91a9e0 add some more informative debug output to key processing.
new 864a89f fix quoting in output of ssh_host_rsa_key.pub.gpg. remember, at the moment the gpg_authentication function can only accept a single argument, so the entire gpg command string needs to be in a single quoted string.
new 11a42a6 really fix the ssh_host_rsa_key.pub.gpg output.
new f7dfcea More work on the marginal case output for the ssh-proxycommand. For a key matching that offered by the host, now outputs just the information (including sigs) of the relevant user ID. There is some other useful output for other cases as well. I also added a couple of FIXMEs for some other cases that I think we should think about and maybe tweak behavior for.
new 2d4d773 Merge commit 'web/master'
new 9751169 add comment to bug about notification of modifications to known_hosts file.
new efa094b Added new web page about server key signing.
new 6a43a89 HA! I figured out how to get ssh-keygen to read stdin by using the bash "Here Strings" redirection. No more stupid tempfiles to get ssh key fingerprints.
new 505ee50 update changelog.
new 909d963 added steps taken on zimmerman to get sks setup
new b8a60a2 further commentary on proxy_command logging.
new 888c5cf minor grammar/vocabulary nitpicking.
new d89e929 renaming page about signing host keys.
new d8d2650 really fixing utils/build-releasenote after the packaging reorganization.
new 647a0fc Merge commit 'dkg/master'
new b399dbc changing terminology from server key to host key
new 0c56afe Merge commit 'micah/master'
new 489006a update link in docs.
new 67a77f6 explain how it is that zimmermann speaks https
new dcf5055 document zimmermann SKS peers.
new e2854b8 fixing the spelling of zimmermann.
new afbaf20 more updates for zimmermann
new 32695b2 added simple index.html for people to read if they decide to visit zimmermann with a browser.
new da2b427 noted changes to zimmermann config.
new c94bebd notes about using zimmermann port 80.
new 574215c configured statistics calculations at SKS boot and at 03:00 (i think).
new c21e955 added one more SKS peer.
new c6f5594 Add attempt at rpm packaging.
new 4ef516a fixing dependency information -- should be procmail, not procfile.
new 6c7f716 Merge commit 'jrollins/master'
new 17d1afb 0.22 release preperation.
new f3e2dfe added release note for 0.22-1
new 08c0d04 notes about zimmermann HTTPS
new 7e0b85c gave example on gpg multi-keyring bug.
new 34af6da add new check_host_keyring function for better checks for the existence of a host private key for functions that require it to be there.
new 2d2aa12 Merge commit 'jrollins/master'
new 53b6ca1 added yet another FIXME to m-s d
new 2483b7d add a couple of bugs about posix compliance and the use of getopts instead of getopt.
new b9a98c7 add comments to bugs.
new c3b912f Merge commit 'dkg/master'
new 2e55b0b some web updates: - add new item about debian release - improve admin start documentation - add license note
new c753115 Add new intro to the bug page which links to the new bts stuff.
new 14efcd4 small tweak to debian news item
new 145cee7 add the wiki link to the menu bar... i'm not totally sure this is the right way to do this, but its worth a shot
new af3d5e6 that didn't work, let me try it this way instead... why do none of the examples work as I expect?
new ff9ffb7 that didn't work either, perhaps this will instead?
new dfb2c5a according to the markdown manual, this is how you create links
new fc81d82 maybe I can just do it the HTML way
new b024a2d I dont know what I am doing
new 78261d9 link to new wiki/bugs
new cbe3a41 suggesting simpler approach to getopt.
new 691e5d2 get rid of getopts. add checks for root user, and better checking of presence of host key.
new 804f681 slightly modified header "sidebar". added pieces of logo broken into image and title.
new c567516 slight tweak to sidebar
new 99f4170 updating freebsd port information for version 0.22
new 4b5f62d updating freebsd patch to allow monkeysphere-ssh-proxycommand to work (path updates).
new 8e582f8 added version output option
new 47ab7d6 clean up option parsing and key checking in gen_key function, including adding checking for validity of existing authentication subkeys.
new ef9469e added first pass at perl script to convert existing PEM-encoded RSA keys into OpenPGP keys
new c2da43d clean up a bit of pem2openpgp and remove some of the hardcoded data.
new 099e48e removed last hardcoded data in pem2openpgp; it seems to work with our test key.
new 04e7cb8 use bytes in pem2openpgp to ensure that length calculations are done by octet and not by character.
new ad8c2c4 pem2openpgp now accepts a choice of User ID on stdin.
new c71c021 clarifying make_rsa_key_body() to make_rsa_pub_key_body()
new abc8c78 pem2openpgp: clean up comments, treat fingerprint as raw data instead of ascii
new f834440 pem2openpgp: break out usage flags, default to creating an authentication-capable primary key.
new 499aa38 Merge commit 'dkg/master'
new efb99a4 pem2openpgp: make lookup tables of relevant parameters.
new 4a7350c fix stupid typos; switch padding during rsa signatures to that specified in RFC 4880
new 3f5960c pem2openpgp: replace raw numbers with semantic labelling to make it more readable.
new 4af5666 pem2openpgp: reorganized some code, put in initial function to try to create secret keys. we seem to be a bit of modular arithmetic away from creating private keys in an OpenPGP-style format.
new ae9a949 pem2openpgp: implemented extended euclidean algorithm to find modular multiplicative inverse. this lets us compute the value we need for secret key material.
new c2e9fab pem2openpgp: cleaning up some comments, not fetching unnecessary parameters from OpenSSL.
new 71afa5c pem2openpgp: reorganization, cleanup of comments, adding a warning about secret material on stdout
new cff9503 another george changelog entry.
new dbb58c0 work on fleshing out the new functionality for the next release, including new functions: import-key, add-revoker, revoke-key, etc.
new e94dfff added new "vision" page where we can talk about monkeysphere 2.0.
new a6b8e39 added firefox extensions to the monkeysphere future vision
new fed9bf9 did some work on george, disk was filling up, updates needed to be run, mail was broken
new 59b27e8 merging in new george changelog entry from micah
new 930b074 replaced nullmailer with postfix on george
new 8e6fcc1 Merge branch 'master' of git+ssh://labs.riseup.net/~micah/public_git/monkeysphere
new c066aca add pem2openpgp to make install target add link to pem2openpgp in openpgp2ssh man page Merge commit 'micah/master'
new f75a574 change log level for unacceptable keys that can not be translated to be "debug" instead of "error".
new 3ebaf05 fix log level for unacceptable untranslatable keys on george.
new 88db452 Merge commit 'jrollins/master'
new a693e9b Merge commit 'jrollins/master'
new d295c10 Fix the monkeysphere-ssh-proxycommand man page to properly note the command name
new e1306b6 - break out monkeysphere-server command into monkeysphere-{host,authentication} commands - break out etc config into host/authentication configs
new 06e2a72 updating Makefile and debian dependencies.
new b3a701f removing unused monkeyshell stub.
new 53fdf9b break out import-key and gen-key from monkeysphere-host break out diagnostics and update-users from monkeysphere-authentication
new 848f2e1 Remove the test for the root user, effectively reverting part of 691e5d2ec8efeb4d77b17b1ad852fdbec31ce136
new 3495ceb Merge commit 'jrollins/master'
new aaa834d resyn implementation of m-s gen-key with the help output
new b7e1788 break out monkeysphere-{host,authentication} subcommands into seperate scripts. MUCH MORE WORK NEEDED to get these working.
new f5916bc Merge commit 'dkg/master'
new 6669fde update debian changelog with plans for 0.23 release.
new 968627c add ssh-proxycommand as subcommand to monkeysphere
new 4b05c57 merging changes from micah
new 7d4b481 merging jrollins and micah work, reverting ui changes for m-h gen-key and import-key
new a074774 turn subcommands into subfunctions, that will need to be sourced and executed.
new 0d36aeb fix usage for import/gen-key, and remove revoker option from gen-key
new 53f4ee7 Merge commit 'jrollins/master'
new c700e9b merging from jrollins
new dd84300 make subcommand subfunction that were missed previously
new 26bdfd9 Merge commit 'dkg/master'
new c7abef2 more moving to subfunctions, and rename of show-key
new 9352796 Merge commit 'dkg/master'
new 2e76a0c Merge commit 'dkg/master'
new 7fb3f70 Merge commit 'jrollins/master'
new 65d7d0d change the copyright year and add my name to the header comment
new e546eff Change the monkeysphere header to have 2009 copyright year and add my name
new 7bf7ac9 rework the tests to use the new reorganization
new 8001b45 remove executable bit, remove shebang line, update copyright on subcommands.
new 6923ef5 Merge commit 'dkg/master'
new 70a815c simplify server config files, and add keyserver config variables.
new ddb8c65 fix location of the primary public keyring for the new reorganization fix location of the authentication gpg configuration
new 585b1c8 more big cleanup of host/authentication commands to reflect new separations.
new e4c566d Merge commit 'dkg/master'
new 2b5cd0f Merge commit 'micah/master'
new 334f15b Merge commit 'dkg/master'
new 478cc34 Merge commit 'jrollins/master'
new 54b8a4c break out subfunctions from monkeysphere command
new 8a22863 change hyphens to underscores in function file names, for consistency with function definitions themselves
new fe65d86 fix makefile, and remove now-unneeded dirs in debian packaging
new 5d9e91f remove things i think will no longer be needed from the debian packaging scripts.
new 487fffd Removed obsolete man pages, split monkeysphere-server man page into two new ones.
new af6f93d Merge commit 'jrollins/master'
new b2bf2d1 some more fixes and tweaks to get things working in the new setup
new e64c19d packaging/debian: add some transition stuff to the preinst script
new c396f64 fix some test problems related to gpg.conf locations
new abedd43 Merge commit 'micah/master'
new 3ed4b36 Merge commit 'micah/master'
new 67ae32b Changed the order of the descriptions of the commands to match the usage as it appears when the command is invoked.
new c9f3967 Merge commit 'dkg/master'
new 3388871 move src/subcommands to srv/share, and add common file to src/share (update Makefile as well)
new 2e53477 add skeleton man page for pem2openpgp
new b5cdb9c Merge commit 'jrollins/master'
new bbbc5bb fix some things bugs from the separation transition, and try to fix the test scripts
new 666062a Merge commit 'dkg/master'
new 5b5a517 Merge commit 'mjgoins/master'
new a8aa9a5 Merge commit 'jrollins/master'
new bd249af Merge commit 'jrollins/master'
new 45a38e3 add setup subcommand call to ms-authentication, and more fixes to tests
new d27b1e1 Merge commit 'jrollins/master'
new ebb1215 add m-a setup implementation
new 6b09adf removed some unnecessary setup from the basic test, pulling the random string from /dev/urandom; generating the authentication trust core key at 2048 bits
new 047780d trying to improve m-a setup; still not successfully tested.
new 98ee387 some small tweaks, and one tiny syntax bug fix, to ma/setup, and some small formating and comment changes to test/basic
new 89e447e fix a bunch of directory references to the new data/share dirs
new 0ae461d some general fixes: - fix some references to old function names - move fingerprint_server_key to be fingerprint_host_key - update diagnostic scripts
new 44dfeae some tweaks to the man pages
new 6cad3bc small tweak to ssh-proxycommand comments.
new 7548a85 fix the log output for the ssh-proxycommand
new 5de2eeb Merge commit 'jrollins/master'
new 0655d5c new function to export signatures from core to sphere keyrings. this is so that the sphere does not have to read the core pubring to get the certifier ltsigs, and we can therefore keep tighter permissions on the core keyring files. updated some comments/documentation as well.
new 44a499d Fix a bug in setup where gpg was called instead of gpg_core. This could have caused serious data loss for the running user. Should note to be carefull with this in the future. Also fix ownership on sphere gnupghome.
new c1900d8 add some log debug output to ma-setup
new 10c741d add ability to specify key length of core secret key, so the test scripts can specify something smaller than the default.
new 21665a1 Merge commit 'jrollins/master'
new be60651 fix up gen/import-key: - remove stuff about expiration, so we assume keys imported/generated with no expiration - set expiration with 'set-expire' function - update tests to test key importing and generation - fix some bugs
new d5359f4 update debian info on web
new 001f9d9 Merge commit 'jrollins/master'
new 4fcff76 accept environment variables to adjust the behavior of pem2openpgp
new 17b89ec stupid perl flailing in pem2openpgp.
new c18ef1a still trying to get clean perl for pem2openpgp
new edb55ca *still* trying to get clean perl for pem2openpgp
new 6965f6f use the environment to determine usage flags (default to certify)
new bc8f643 bring comments up-to-date and parameterize expiration date.
new 325baae ensure that the output of modular multiplicative inverse is positive.
new 227436f add test of key conversion (openpgp2ssh and pem2openpgp) in test script.
new ee3660b move keytrans test to a separate test script, and move functions common to all test to a common file
new b31b50d pem2openpgp: when creating a signature, make sure that the public key material uses a 2-octet packet length.
new 632c394 fix some things in the keytrans test
new 8bdeded pem2openpgp: avoid dumping garbage to stderr
new af417e2 Merge commit 'jrollins/master'
new 7a96cfb tests/keytrans: terminate reasonably on success.
new fa55936 web site: added news item about the planned changes for the pending release of the monkeysphere.
new c9a361e Merge commit 'dkg/master'
new de36d3b tests: making the temporary directory be created in a new place. make sure the proxy command used in the test is the new subcommand.
new 8eefc1b tests/basic ensure that the directory is actually an absolute path, not a relative one.
new f6b18f9 set proper permissions on administrator gnupghome.
new e7108ef updated man page for pem2openpgp.
new 5b27a01 pem2openpgp now supports generating the key as an alternative to reading it from stdin.
new 3e9fd04 updated pem2openpgp invocation in m-h import-key
new 54d5b4d restoring absolute paths to both TEMPDIR and TESTDIR in tests/basic.
new 9aee235 m-a setup: take advantage of the new ability of pem2openpgp to generate its own key.
new 6571d48 fixing dumb typo in tests/basic
new d181930 fixing out-of-date comments
new 7485d66 tests/basic created the wrong monkeysphere-authentication.conf
new 9cc9223 Some rearragement/cleanup in the monkeysphere-host: - define exported variable to hold host key fingerprint (HOST_FINGERPRINT) - broke out some common commands into simpler functions - rename the 'extend_key' function to be 'set_expire', since function is more generically offered now.
new 770f45b Merge commit 'dkg/master'
new f728df6 Break out host export commands into gpg_host_export and gpg_host_export_to_ssh_file functions, and update the {gen,import}_key functions accordingly.
new c0ab14d a couple of small fixes to the {gen,import}_key functions
new 69354c8 define variable for public key files (HOST_KEY_PUB, HOST_KEY_PUB_GPG). also, fix some function calls to check_host_fail function.
new 5536961 break su_monkeysphere_user into common function, since it will likely be needed by both m-host and m-auth for communicating with keyservers.
new 02edd9b fix name of set_expire function
new 5638006 rename function to get the host fingerprint, and fix some HOST_FINGERPRINT variables.
new 54d2486 small formatting tweaks to add_certifier function
new d71cf8d add much of an add_revoker function. still needs to be fleshed out and tested, though, so it's not "active" yet.
new 3b81cd0 Merge commit 'jrollins/master'
new c4f049f break out a bunch of common functions in monkeysphere-host: - create_*_*_file to create the key files - load_*fingerprint to load the host fingerprint into an exported variable (HOST_FINGERPRINT) - check_host_*key to check for the presence of a host key modified {import,gen}_key to use these new functions.
new 0cc9a8f clean up how trust level was check in ma/setup, with some debug output
new 904a1d6 add ability to supress confirmation prompt in ma/add_certifier fix some logging output
new 2be7543 add some debug logging to some common functions
new 44ca517 some clean up to tests/basic
new 9c193c4 tests/basic: respect $TMPDIR variable for temporary directories set up during testing.
new 07316c6 fix reference to MONKEYSPHER_USER in ma/setup
new f54abea Fix the ma/setup function: - fix reference to MONKEYSPHERE_USER for GNUPGHOME_SPHERE - break out core_fingerprint function - export core key to sphere keyring (necessary) - fix some logging (add more debug) and formatting
new f3ef901 fix some things in ma certifier functions: - fix left over bad invocations of gpg_sphere --list-keys - add some more debug log output
new 9a92104 add list-certifiers to the basic test
new 58244d7 fix typo
new 5d6d207 no longer require the primary-keyring for the sphere gpg.conf now that we use a single keyring
new 0dc13ca tests/common: enable a single subshell in the test environment before cleanup on failure; makes it easier to have $PATH, etc set up
new 65e8a49 tweak some of the log output inconsequentially
new 6ac6545 su_monkeysphere_user now invokes a subshell even when already called by the monkeysphere user.
new c27c0ad fix the su_monkeysphere_user function so that it does 'bash -c' instead of 'eval', if the user already is the monkeysphere user, so that a proper subshell is invoked.
new 472cb24 trust level != trust model
new 387848d fix some calls to gpg_sphere that where not putting all arguments into a single argument, as required by the strange su requirements.
new cadb991 Merge commit 'dkg/master'
new 4b1b309 fix something that was resolved improperly in the previous merge.
new ae4a8d6 website: fix a small incorrect command line for apt-key import
new d06d6df have the import_key also create the ssh pub file, since it is needed to show full host key info.
new e5e41eb fix the publish_key function for new gpg_sphere.
new 9f033ac Change import_key to take the path to the file to import as an argument. dkg won't like this, but I think it's necessary so that we can generate the ssh pub key file, which is needed for subsequenty works.
new ea4d25a unbreakout some functions that were broken out earlier for handling creating ssh key files, since they are actually done in different ways under different circumstances.
new 3a42178 fix a bad reference to MATMPDIR
new b55981f make sure MHTMPDIR is defined and created
new d84b337 start script to do a 0.22 -> 0.23 transition. still needs work (UNTESTED).
new 0c874fd Stop all creation of a ssh_host_rsa_key.pub. Use openpgp2ssh to get the fingerprint from the host pgp public key. Prevents us from having to maintain the ssh pub key file, and generally makes things simpler. Also allows us to go back to having import_key take the key on stdin (which dkg will like).
new e93a298 REMOVE GEN_KEY. The gen_key function is entirely removed. Decided this was OK now that import_key works, and we can't really see a reason to keep it around. We can resurect it down the line if need be. Also, removed "expert" subcommand, after promting import_key, since it may be need semi-regularly. The other "expert" commands are now just not listed in the usage.
new cc26b64 fix reference to HOST_FINGERPRINT in show-key, and fix some references to "expert" in test.
new f109b94 add some minimal checks to import_key that the default hostname is legitimate.
new 26ff353 make host show_key use just the pgp pub key file to get the ssh fingerprint, as it should have been doing before
new 650969a check host for gpg pub key file instead of fingerprint, and modify show_key to be able to show full key info to all users.
new 54e5dd2 fix a couple of left over references to expert
new 440ee62 update m-a list-identity-certifiers: output is not yet human-readable, but it should be more accurate.
new c28fa76 set ultimate ownertrust on hostkey after import
new 13ff1e0 tweak the show-key output, and fix some comments.
new ffe5855 Merge commit 'dkg/master'
new 5eab477 rename create_gpg_pub_file to be update_gpg_pub_file, and add it to every function that alters the host keyring, so that all changes will show up in exported pub key file, and in show-key.
new a2a3d02 add some checks about setup to authentication
new f85639e add test to su_monkeysphere_user to check that the user is monkeysphere user or root, and fail otherwise. this is so that there is no password prompt for unpriviledged users (see bug #519).
new d2874b9 add ability to bypass prompting with a MONKEYSPHERE_PROMPT variable, for functions that prompt for confirmation. Also fix publish_key function (NOT TESTED).
new 72f1456 add README to tests/ directory
new 25e870d remove setting of ultimate owner trust on imported host key, since we probably don't want the host keyring to be accepting any certifications for anything.
new d1e7b6e fix typo
new 01d3c6d describe the motivation for our current su_monkeysphere_user implementation.
new 8e3de9d Merge commit 'jrollins/master'
new 4eb85b1 Merge commit 'dkg/master'
new 79c1397 bring tests/basic uptodate with the new PROMPT env variable.
new 82c81ba Merge commit 'jrollins/master'
new c1924de fix ma so that the setup command is folded into the other commands, so it's never needed to be run manually, and can therefore be supressed in the usage/documentation. Also, add setup to the postinst script so that it's setup on installation. Also add pipefail to ma, and try to supress unnecessary gpg output, and redirect other to log debug.
new ad44601 make m-a list-certifiers more intelligible when multiple uids have ltsigs.
new 278c20f Merge commit 'jrollins/master'
new eff43ad fix some log output
new 3b48f2e Merge commit 'jrollins/master'
new 88b1956 add no-tty, quiet, and no-greeting to gpg wrapper invocations to supress as much gpg output as possible. then cleanup gpg invocations.
new 62374dd new msmktempdir function, to simplify making temporary directories. remove MHTMPDIR, since it's not needed.
new 41b38ac added debian/NEWS file so that early adopters are appraised of the changes.
new e2b5476 Merge commit 'jrollins/master'
new 0e16b71 added MONKEYSPHERE_PROMPT to man pages.
new c522408 normalizing MONKEYSPHERE_PROMPT description in monkeysphere.1
new 1e1956b (untested) overhaul of monkeysphere 0.22 to 0.23 release.
new a5d9672 moved directory for monkeysphere-generated authorized_keys files back to its old location at /var/lib/monkeysphere/authorized_keys
new f02e0df removing --quiet from this invocation seems to avoid an add-id-certifier failure.
new 6a7b42e catch pipe failures more cleanly during key import
new 68299f9 clean up failure message
new d09b081 Cleanup how variables are specified and loaded: - define more common variables in share/common - cleanup how defaults are specified - fix how CHECK_KEYSERVER was determined in monkeysphere
new a7d9d68 Merge commit 'dkg/master'
new dd1914e made gpg_sphere use --quiet again, and now doing more explicit extraction of key fingerprint during add-certifier from file.
new 4465c13 tweak some of the prompting, to change defaults, and add PROMPT usage where missing
new 4238a89 Merge commit 'dkg/master'
new ca854b1 shipping transition script; requiring manual version synchronization between common and the changelog (until we come up with a more general templating build process)
new a5b8566 making clearer comments in the transition script, invoking from postinst for debian.
new 07e96da add some log debug redirects
new 771cbc1 add PROMPT respect in get_gpg_expiration
new b58a9dc small usage changes
new d0459e2 Merge commit 'dkg/master'
new 7ab6793 adopting new transition script strategy
new c02230b Merge commit 'dkg/master'
new 98dbe48 added notes about transition to debian/changelog
new 4bec9e4 install the transition scripts as executable by the superuser.
new 4bf3771 Merge commit 'dkg/master'
new 2ab50be fix call to transition script in postinst script, and fix lintian error about transitions README
new e760cbe reverse the order of two of the SEE ALSO references in monkeysphere(7). For some reason, this avoids a bug in man that causes it to complain "<standard input>:57: warning [p 1, 8.3i]: cannot adjust line"
new 321ff6d fail if hostname can not be determined in import_key
new e1dcdd6 Merge commit 'jrollins/master'
new 4a97e06 fix think-o in 0.23 transition.
new a66c00c more think-os in the 0.23 transition script.
new 5377628 remove a permission warning from the old gpg config during 0.23 transition.
new 64f469f more cleanup on 0.23 transition script
new 46f3e17 fix CHECK_KEYSERVER variable in monkeysphere, so the default is correct for proxycommand, and fix an errant bad line in proxycommand.
new b5555ee still more cleanup in transitions/0.23
new b38d445 make sure fingerprint is loaded for update_gpg_pub_file
new 810526d Merge commit 'dkg/master'
new 6476671 Merge commit 'jrollins/master'
new 77625ad Merge commit 'dkg/master'
new b73147e clean up more gpg warnings during 0.23 transition
new 9214361 don't use /dev/stdin hack with ssh-keygen to get ssh fingerprint. just use a tmp file.
new 85c1f65 added msmktempfile; got rid of /dev/stdin assumption in ssh_proxycommand for portability
new 16161f5 Merge commit 'jrollins/master'
new 9b66b19 do not show uid validity for gpg authentication core, since the core has no ultimate ownertrust
new 3999665 avoid chown -R, explicitly indicate the files we expect to be changed.
new 481d4d4 fix permissions and ownership on authentication directories.
new 930822a more fix permissions and ownership on authentication directories.
new c073811 modify import_key to take the key file to import as an argument. can be '-' to import from stdin. modify man page and test accordingly.
new bd64869 The monkeysphere {import,gen}_subkey functions were not up-to-date. did a lot of work to bring them up-to-date, and better handle argument checking. also updated man page, changelog, and tests/basic.
new 0d07156 add a gpg_user function in monkeysphere to add some gpg quieting option, and use it in all gpg invocations. add a trap to subkey_to_ssh_agent.
new eaeb05a the import_subkey function was in fact not implement at all. MUST FIX!
new e2614bf some updates to getting-started-*
new 6c048ca Modify/cleanup add_certifier and add_revoker, so that their code base is more similar, and so that they can read keys from stdin instead of just from a file. Also fix the permissions on the tempdir in publish_key.
new 03cf096 fix arg parsing in add_certifier to allow of - for stdin read.
new 8a5413e diagnostics should now check for cruft from old versions of the monkeysphere.
new 2aa462a cleaning up output of cruft report
new 9c2e316 clean up the diagnostics functions, check for ID-Certifiers in m-a d
new 21e298b remove import_subkey from monkeysphere usage and man page until we get a chance to fully implement it.
new 826bfb5 correcting ssh_proxycommand output.
new e13bbc8 Merge commit 'jrollins/master'
new 18f0c19 add_revoker fully working. also cleanup of add_certifier. add_revoker and add_certifier to many similar procedures, so I'm trying to keep them in sync as I figure out the right way to handle things.
new fe0789f stupid bug fix
new b15d917 explicitly set GNUPGHOME in su_monkeysphere_user calls to gpg in add_revoker, to avoid any confusion about having GNUPGHOME as a tempdir exported to the environment.
new 2401c44 document why monkeysphere import-subkey is not yet working.
new 076be3a clarify revoke_hostname warning
new 9b47ae8 trivial implementation of monkeysphere-host revoke-key: just prints ascii-armored revocation certificate to stdout, and admin is expected to know what to do with it.
new d41fe28 Merge commit 'jrollins/master'
new 10888c6 monkeysphere-host revoke-key should now be capable of publishing the revocation certificate to the keyservers directly, should the admin want that.
new d7141bd tune automated revocation certificate description; add FIXME to allow it to be set explicitly.
new 4a16e17 clean up 0.23 changelog entry
new 348d18f tuning some diagnostic text.
new 228dba2 readability revision for getting-started-admin.mdwn
new cd4c360 tweak/cleanup some of the prompts.
new b876492 documentation overhaul for users just getting started.
new 5d98461 documentation tuning.
new bd0a7f8 more wordsmithing.
new ab955c8 Merge commit 'dkg/master'
new c71fa87 Add "true" to prerm script so that lintian will stop complaining that the script is empty. also small doc tweaks.
new 55d985e some small tweaks to the test: - force all output to go to stdout, so it's more easily grep'able - add "no-tty" to the gpgadmin function so that the gpg output goes to the right place - some small output formating improvements.
new ab8a501 added note about specifying a hostname for import-key in the admin getting started page.
new ad2ac26 fix failure message in import_key
new 5b7c3c8 tweaking m-h getting started docs.
new 3555994 Merge commit 'jrollins/master'
new 64150bc update TODO
new ff8383c make sure we're explicitly capturing return codes in places where they are tested, in case things are being run set -e
new dbb8acd remove 'return' line from monkeysphere that was errantly not removed in the previous commit.
new bb8f498 import-key now requires a hostname be specified, and no longer does any hostname guessing. this is so that we don't have to worry about prompting the user when guessing the hostname. also updated documentation.
new 5eba466 fix return in subkey_to_ssh_agent, so that it returns, instead of exits
new c32c51f merged jrollins/master
new 0c052b7 fixing typo in ssh_proxycommand.
new 710cc81 un-fix non-typo in ssh_proxycommand. (my mistake!)
new 6e371ad add tests to add_revoker and add_certifier that more than one key was not found when adding by using key ID.
new 9847f36 Merge commit 'dkg/master'
new 29c9d56 added new explicit checks for relevant perl modules in tests/basic.
new 3c73575 fix output formatting for cases where multiple fingerprints are found, in functions that are doing that sort of thing
new dd6d9d2 cleanup of how ssh_test return code is captured in tests/basic
new d869254 Merge commit 'dkg/master'
new 062f4e0 making entry into subshell after failed test run more explicit (thanks for the suggestion, Ross!)
new ac1e7db make sure all prompt messages are going to stderr
new eb88374 Merge commit 'dkg/master'
new 4e0502a Merge branch 'master' of git://lair.fifthhorseman.net/~dkg/monkeysphere
new 9e5a8d8 correct return codes for monkeysphere subkey-to-ssh-agent
new bf8d981 fix bug in ssh connection test
new 086122c add FIXME to show key about how it should show revokers as well.
new 609154c fixing up some documentation, including version notes in getting started.
new 97c0b4f extend show-key to show fingerprints of revokers as well.
new d8d8885 Merge commit 'dkg/master'
new fa47d0b make show-key so that it works even if there are no revokers.
new 46fe34d adjusting extraction of revokers.
new d0a0622 Merge commit 'dkg/master'
new 94ec332 updating the changelog.
new bc5cda4 updating release notes for 0.23
new cec56fa Merge commit 'dkg/master'
new adec130 fixing stupid internal version number synchronization.
new 3492507 preparing for stupid brown paper bag 0.23.1 release.
new 8bb27ea writing down some notes for future releases.
new 224f87f fix syntax error in m-a diagnostics.
new bf3e2e6 added some FIXMEs to transitions/0.23, concerning host keys that were originally created with an expiration date.
new 687e4c4 reverse sense of test for valid identity certifiers in m-a diagnostics.
new 03ff202 notes about disastrous george upgrade.
new 4c4ce44 modified /etc/crontab on george to run monkeysphere-authentication instead of monkeysphere-server. was I the only one getting frequent emails from george about this?
new e71c7bb Fix how version number is saved/retrieved. Version is now stored in VERSION file, which is created in the tarball target. This is then installed at /usr/share/monkeysphere/VERSION, and cat'ed when the version number is requested by the front-end ui. No more manual setting of version number required (to avoid future problems, aka "0.23.1"). This system is also more flexible, as the VERSION file could potentially hold more info than just the release number.
new be6cca8 fix some return code setting stuf that was no longer being used, and change name of return code variable in update_users, since all-caps variables should be reserved for global vars.
new 5ebbfc2 really really fix m-a diagnostics checking of identity certifiers.
new 47b5e91 egrep -q terminates at the first match. m-a list-identity-certifiers chokes if it cannot write to stdout. Because we are setting pipefail, this causes the pipeline checking for any certifiers to return untrue. solution? do not use -q, and send the output to /dev/null
new 63394a5 made patches/gnutls/build set -e
new 8e75a79 remove left over references to expert subcommand in man pages.
new ed24f09 wrote a first pass at explaining the concept of identity certifiers
new 90e182f transition script should ensure that the (old, deprecated) monkeysphere-server.conf gets renamed to monkeysphere-authentication.conf
new 54abd85 work on maintainer scripts: - remove preinst and prerm because they were empty - put everything in postint into 'config' argument, since that's really what it is - make sure deletion of monkeysphere user is correct, based on what we found here: http://wiki.debian.org/AccountHandlingInMaintainerScripts
new b5aa38d Merge commit 'dkg/master'
new 6a8ca11 Merge commit 'jrollins/master'
new 7f7a839 made transitions/0.23 a little bit more resilient; made it so that running again after a failure is not fooled by the previous failure into thinking that the transition is done.
new e83267c functionalize the bulk of pem2openpgp.
new b08a2e2 rewrite stdin slurping to match example in perldoc -f unpack.
new 3cc8095 make pem2openpgp closer to a generic keytrans so that we can reuse it for the openpgp2ssh replacement.
new 375c864 start to make an openpgp2ssh implementation within pem2openpgp.
new 21062dd successfully parsing out the packets in pem2openpgp keytrans operation.
new 2e2299e calculating and emitting key fingerprints in openpgp2ssh rewrite.
new b62cb24 further perl-only openpgp2ssh work. public keys are now translated.
new bd6ff2c Merge commit 'dkg/master'
new 2f91cf1 outputting secret key material now with perl-only openpgp2ssh.
new a4375ee test for presence of User ID in pem2openpgp.
new dd9cd0e Merge commit 'dkg/master'
new 620e3d1 openpgp2ssh in ms-host show-key function takes the host gpg key from the temporary gpghome, instead of from the saved ssh_host_key_rsa.pub.gpg key file.
new 207272a fix rounding issue. Thanks, Richard K Darst!
new ef9a47b removed test_gnu_dummy_s2k_extension(); no longer necessary
new 2c427b2 transition to the perl-based keytrans implementation.
new 48cb182 removed base64 invocation in favor of perl to reduce dependency spread.
new d506b0d tests no longer prompt for bash for inspection unless MONKEYSPHERE_TEST_ALLOW_EXAMINATION=prompt (makes running them in an automated environment cleaner). prune extra PATH in tests
new defa3f1 added "test" target for make
new 2652773 debian packaging overhaul.
new 714735a fix two bugs in monkeysphere:check_gpg_sec_key_id that were causing gen_subkey to fail
new 15d752f updating header comments in keytrans now that it serves two purposes.
new 2232cf4 Merge commit 'jrollins/master'
new 5de3fdc fix openpgp2ssh man page to reflect new implementation.
new 183d64e normalizing failure invocations in check_gpg_sec_key_id().
new ebd7767 break out default variables into their own file: defaultenv this allows the common file to be sourced without reseting variables to their defaults, which was causing a problem with su_monkeysphere_user. also added some more debug messages.
new 23969f7 explicity set the USER variable, since it's needed for checking file permissions. add/modify some debug messages.
new 7c8c631 use 'which' instead of 'type' in postrm, so lintian doesn't complain.
new 033b2e7 add defaultenv file that was missed in ebd776722e0fd6dfacc79146c368d148f0e266cb
new 750314d touching up changelog; switch ${shlibs:Depends} to ${misc:Depends} to mollify lintian.
new 7b64ab4 switched $USER to $FILE_OWNER; new name is more semantically clear and less likely to collide with other common uses of $USER.
new a9e9b3a refer to the m-h set-expire instead of m-h extend-key in m-h diagnostics.
new c7ad73e proposed fix for issue 630; since m-a u operates on a saved copy of the users authorized_user_ids file, we should only check filesystem permissions against the monkeysphere user, not the target user.
new 01cc760 include bug number for fixing transition script issues.
new a102b15 moved set -e from the shebang line to an explicit setting in maintainer scripts to pacify lintian --pedantic.
new 547b84f point explicitly to GPL v3 in debian/copyright (satisfies lintian --pedantic)
new 9c4477a syntactic cleanup on monkeysphere.1 (thanks, lintian -I)
new aa03928 syntactic cleanup of keytrans-related man pages.
new 603a1e2 more manpage cleanup.
new 13e7b0e caught a couple more hyphen/minus clarifications.
new 04d3ff1 small formatting change to man pages, for consistency.
new 18d6d63 get rid of FILE_OWNER variable, in favor of just using $(whoami) when running check_key_file_permissions in update_known_hosts, update_authorized_keys, and process_authorized_user_ids. this is fine, since the policy is just that a user is always updating their own files. closes monkeysphere bug #630.
new 8cabd14 very small tweaks to usages.
new bd5aac0 fix remove_monkeysphere_line function to properly handle empty files.
new 05c96da usage review/tweaks for m-a and m-h
new 4cf60ae expanded/clarified setup examples
new 235f46a Merge commit 'dkg/master'
new 0dc0bc5 more man page tweaking.
new d86b79c added a prerm script to explicitly fail if someone attempts to downgrade to anything before 0.23
new 47b47d8 don't reference tests for key publication in m-h diagnostics man entry.
new 5d48121 Merge commit 'dkg/master'
new 47456af Merge commit 'jrollins/master'
new 6fb913f added ability to specify subkeys to add to agent with MONKEYSPHERE_SUBKEYS_FOR_AGENT variable.
new e28afa2 Merge commit 'dkg/master'
new f422913 update man page for subkey-to-ssh-agent, to add info about MONKEYSPHERE_SUBKEYS_FOR_AGENT
new 964d1c8 quieting down the transition script (and m-a setup).
new 0ae1b83 clearer error reporting for transition scripts in postinst.
new cf04c38 transitions/0.23: when backing up old gnupg-{host,authentication}, timestamp backups so that they are relatively unique: this makes collisions less likely if the script gets run twice (failing the first time), and helps record the history of the cleanup as well
new b94c148 quieted down m-a add_certifier: there is no reason why the admin should be shown gpg noise.
new 91fee4b fix to logging to prefix all log output with log prefix, and allow changing of log prefix.
new 67b1613 put explicit licensing information in the website CSS after discussion with other authors.
new 94775ba test adding license and copyright info to the main page on the wiki via meta tags.
new af7489a trying markdown in the meta tags.
new cfaf97a clarified content/licensing on main page of web site.
new fd6af6d refer to web.monkeysphere.info as "web site" instead of "wiki" to distinguish it from our more general public-access wiki/ticket tracking on labs.riseup.
new e8cc981 allowed for exceptions in licensing so if there is individual content that needs a specific other license, we can do so.
new 1b543b6 update dependencies in web site.
new 81ae2c7 Merge commit 'jrollins/master'
new 6fa8d69 Merge commit 'dkg/master'
new b705267 updated Perl dependency links to point to CPAN
new de3329b Merge commit 'dkg/master'
new 75c24f1 add cron to Recommends
new e41e47b prepare for 0.24 release
new 468c49b prepare release notes for 0.24
new cea4890 fix the marginal ui output so that it's not prefixed by the LOG_PREFIX. also make sure to always export the LOG_PREFIX, so that it gets passed to subprocces su_monkeysphere_user.
new 8972bf9 add screenshot tab to website.
new 680f964 dumb mistake to screenshot tab.
new 0260604 make the tab SCREENSHOTS (plural).
new 6b4f770 updating FreeBSD port for 0.24
new 02ef7e0 update freebsd Makefile to reflect reorganization of Monkeysphere, and transition to perl.
new ffc22c6 More FreeBSD packaging work: removing gnutls patches -- not needed for monkeysphere; updating maintainer scripts.
new e63549b FreeBSD porting: using in-place sed to replace paths. Using pack("%32U",...) for checksum, which seems to work for both perl 5.8 and 5.10
new 4be67d2 FreeBSD porting: do one more path translation.
new 9e9966f FreeBSD: clean up some portlint warnings.
new e6c5dca FreeBSD packaging: use tabs for variable declarations in Makefile
new db21b33 cleaning up a lingering non-portable mktemp invocation.
new 53c9fca FreeBSD porting: trying to make sure package cleanup goes smoothly.
new 309e085 FreeBSD packaging: make sure to clean up cruft after in-place sed replacement.
new 69b3e25 FreeBSD packaging: revert to simpler hack for debian tarballs; use ${FIND} instead of find
new 282c489 Merge commit 'dkg/master'
new b8c187a Merge commit 'jrollins/master'
new 4d3d6d2 Merge commit 'dkg/master'
new 83ec9d4 updated web site to reflect new status in FreeBSD ports.
new 23b12bd Added news announcement of FreeBSD port.
new aff684f Merge commit 'jrollins/master'
new 9ea13e4 include changelog entry about mktemp portability update.
new 5b64387 added a copy of the ExternalValidation spec from the old GnuTLS wiki, pulled from the google cache. needs cleanup
new a8c28d0 fix small typo in monkeysphere.conf
new b90e6a2 no need anymore to specify which part of the Debian archive the package is available in
new 3f71bfc modify the ssh_proxycommand marginal ui output so that it better handles the case where the host can not be contacted. the new system attempts to retrieve the host ssh key before any ui output is made. this should make things a little clearer in this corner case, and make things a little more flexible down the line.
new 5c0fc74 add news note about 0.24 in testing, and update download page.
new 9624db9 Merge commit 'micah/master'
new 6e0ec7e small web tweak.
new 27ed87f Revert "small web tweak."
new e832464 small web tweak
new f57fcf0 remove some extraneous invocations of cat.
new 45d416f Start of macport packaging.
new a6603e0 fix up the debian download section, add a link to the packages.d.o page that lists all suites, including backports
new abd2c7a Merge commit 'jrollins/master'
new 501f12c add a news entry about the backports.org availability
new 80fa481 some more pruning of unnecessary usage of cat for the gnupg scripts.
new a2761ab Merge commit 'web/master'
new fa172c0 proposed patch for issue #660, to properly specify host and port number in known_hosts lines.
new ebce95f updating debian/changelog
new b701db9 add FIXME note about IPv6 addresses, and break out hostnames from the last colon, not the first.
new 3d0033e improving usage and man page for monkeysphere ssh-proxycommand.
new 59fb3a7 fixing typo in monkeysphere.1 (thanks, Suno Ano)
new b371a10 fix typo in monkeysphere-host.8 (thanks, Suno Ano)
new f77a5d7 Merge commit 'dkg/master'
new 25140cd started a README
new c77f491 added some dummy comment to .gitignore
new ed615ab removed dummy comment to .gitignore again
new 0fded72 trying to make m gen-subkey more responsive in the face of errors, and clearer to the user about what is going on.
new 05dc5dc some updates to the macports package. actually installs things properly now, but there are still some run-time issues to sort out.
new 1682f86 add proxycommand --no-connect option to monkeysphere usage
new 0e2af94 macports: attempt at something that would 'patch' in the correct SYS..DIR variables
new 1687f57 macports: better way to swap SYSDATADIR
new c0724b8 some small compatibility changes: - fix file_hash function to use md5 or md5sum, for Darwin compatibility - use build-in 'type' instead of 'which', which for some reason doesn't behave on Darwin - clean up some redirection calls.
new 12f30bb use /usr/bin/env to call perl in keytrans shebang.
new ae60b83 undo perl shebang line change i just made, since the '-w -T' options don't seem to work with /usr/bin/env
new 6d274a5 macports: fix perl dependencies, and add socat dependency
new 792b299 fix typo in check_key_file_permissions function
new 1e17185 remove the gnutls patch from the repo, since it's included in gnutls 2.6, we don't even use gnutls anymore, and it's cluter in the repo root
new 06d5d37 couple of modifications to the test: - unset MONKEYSPHERE_SUBKEYS_FOR_AGENT, since it will confuse the test into trying to add the user's key to the agent. - use cpio to copy a full directory tree, instead of cp -a, since cp on Darwin doesn't understand the -a option.
new cb31db0 macports: move to just perl5 dependency (which for now is 5.8).
new 8a10ced actually check for md5 in the path within file_hash()
new 5df09d9 more portable perl-based simple_checksum; i think this is correct, but i welcome any pointers about what i might be getting wrong.
new c8719b2 replacing head -c with dd (for portability reasons, see #673)
new c9b8f4f remove -w from keytrans shebang line, since it's redundant with 'use warnings'
new 9c49dff macports: add a hook to replace the keytrans shebang line with one that use /usr/bin/env. this removes the -T taint checking option, so we need to make sure this is ok, but this is the only way to get keytrans to work with the correct macports version of perl
new a258aaf macports: improve perl shebang line modification for keytrans
new 80d903a macports: remove socat from the run depends, since it's not actually a run dependency.
new 436fa72 add new util script to update the macports Portfile
new bae0c4c add macports portfile update target to makefile
new ba5ecb7 revert macports back to state for 0.24, until 0.25 is actually released
new 802c21d update debian packaging Standards-Version to 3.8.1
new c514677 Add two new compatibility functions: - list_user to list all users on the system - get_homedir to return the path to a users home directory These functions should provide compatibility on linux, FreeBSD and Darwin systems.
new c2a85da add else failure to list_users function
new 00ff70f make test prompt for shell on failure enbabled by default, and turned off with env variable MONKEYSPHERE_TEST_NO_EXAMINE
new eb6efe7 additional notes to release manager about keeping track of non-debian ports.
new ee38722 Merge commit 'jrollins/master'
new dfd67a1 Merge commit 'dkg/master'
new 8ca3fdd added links to further reading.
new 5365f01 update download web page to describe debian-derived systems
new 34c6ff8 george upgrade and key extension
new abc7b09 updated packages on george
new 6216ad9 Merge commit 'dkg/master'
new dfdaec4 Add sshfpr subcommand to monkeysphere
new 4ea066e Merge commit 'dkg/master'
new 0f42768 Merge commit 'dkg/master'
new 8e5e66a Merge commit 'jrollins/master'
new dc89c4d pem2openpgp now makes signatures over SHA256 instead of SHA1, due to concerns about the growing weakness of SHA1.
new e2e86b0 properly match fingerprints with leading 0 bytes (https://labs.riseup.net/code/issues/show/831)
new 2be1286 Merge commit 'dkg/master'
new e52ac3a break out signature timestamp from key timestamp, allow them to be set independently.
new 867506b added comments to keytrans
new 9d0eb24 resolve symlinks when checking path permissions
new c462ef9 fix frankly bizarre accidental change from last commit.
new 835a7d2 some small improvements to test/basic, including checking for sshd
new eb815bc describe authorized_user_ids more clearly in man pages.
new 9eb1c76 Merge commit 'dkg/master'
new 4d9da8f don't use read -p; it is sucky (closes: #446)
new 134b8c6 explicitly set MONKEYSPHERE_GROUP
new 46c1365 update changelog from previous commit
new 3e5df3d Merge commit 'mlcastle/master'
new a270482 more replacement of read -p with printf; read (re #446)
new ba3ca3e improve function to get primary group to make it more portable
new f3a03d7 Merge commit 'mlcastle/master'
new 0ac8f36 Check for a host key before running monkeysphere-host diagnostics Closes #624
new 48af03c try to make keytrans test useful again.
new 0538dfc Test keytrans in addition to testing the basic suite
new 0755ca3 improve marginal UI for cases when host key can't be retrieved
new e6c612d Merge commit 'greg/master'
new 56f591c fix closes: in changelog, and update standards version
new 0e288e3 Merge commit 'jrollins/master'
new b6bd171 Merge commit 'jrollins/master'
new b9b3b0e update keytrans test to produce more reasonable output
new 028617f switching keyrtrans from Digest::SHA1 to Digest::SHA
new 68aabdc Merge commit 'dkg/master'
new b959e0f Attempted to clarify a few steps in the "getting started for admin"
new cfe0e08 Merge commit 'mjgoins/master'
new a6a217b rearchitect keytrans to isolate OpenPGP packet parsing routines
new b5999e9 show git revision in version commands
new 8aaf54d update portfile with new release info
new 4fa5881 update test to test for cases when authorized_user_ids is a symlink
new 2b922e5 add more tests for various cases of critical files under symlinked paths
new 1491976 Merge commit 'mlcastle/master'
new 5c5d7c0 document slackware SlackBuild scripts from rhatto
new d159b6b Merge commit 'jrollins/master'
new 3feb5b9 committing some code related to walking the tree of openpgp signatures.
new d0116ab broke out gensig() to create individual self-sig packets of various types.
new 339dd73 functional user ID revocation at last!
new 67f9a41 completed user ID revocation by emitting a bundle (key+uid+selfsig+revsig) that gpg is willing to import.
new aaa7dc2 implemented adding user IDs as well.
new 7a4210a added tests to keytrans add and revoke user ID functionality
new 8c9c2f2 recording extra suggested test for keytrans (deal with subkeys?)
new fcdbba7 monkeysphere-host add-hostname now uses perl backend.
new d4d10f1 fixing typo and thinko in keytrans
new adef512 tests/basic now tests for adding and revoking hostnames.
new 82d758a fixing find_host_userid -- did this ever work?
new 80f608d simplifying find_host_user_id function.
new b5913c4 ensure proper usage flags on new hostname selfsigs
new 811990b test revocation against alternate hostnames so that other tests can run after the revocation tests.
new 2c1e2de make sure that revokehostname sees the pieces it needs to see in order to create a useful revocation certificate.
new 1ae8bb7 update changelog with work on MS #422
new 8af517b improvements monkeysphere-host diagnostics
new 21a38ea add a 'wait' in the test ssh_test function to try to get around the race condition problem
new 52c5752 update changelog for 0.25 release
new 252f825 preparing 0.25 release
new 9a164c6 updating freebsd port for 0.25
new 4b3b077 added notes about preparing a release.
new 83aa131 update macport dependecy on p5-digest-sha
new 1080589 Merge commit 'jrollins/master'
new 70a2eb3 add refresh-keys subcommand to monkeysphere-authentication
new 7a69358 add proposal for cron.hourly script
new d076a8c Merge commit 'dkg/master'
new 0206532 update changelog
new 389baf7 update perl SHA requirement on web site
new adcbcb5 add screenshot to web site
new 1cf919e sneaky B!
new 248e26b reorganizing screenshots to make room for new ones.
new 3663b90 added new simpler/friendlier marginal UI screenshot
new 6f59a15 updated text around screenshots.
new aefed40 proposed fix to marginal ui in case where host key not retrieved (should fix 1141)
new c8d0dcc Merge commit 'dkg/master'
new 6394ae0 correcting keyserver pool name.
new 1472a13 removing references to gnutls, which is no longer relevant to the current monkeysphere implementation.
new 189781e proposed fix for #1147 by checking for known_hosts file
new c600e34 improve the marginal ui a bit. note number of invalid keys. closes ms #1141
new 72721eb only touch the known_hosts file if it does not exist, and create the parent directory if it does not exist. if more than one level of enclosing directory does not exist, this will fail cryptically.
new 478dfc8 Merge commit 'dkg/master'
new b4296a1 make failures with unwritable known_hosts slightly less cryptic.
new 1639adf make sure we check for the host key existence in the correct known_hosts file. do not look for a host key in a non-existant file. (should close MS 1147)
new ee5e8c8 shoring up known_hosts creation with proper umask and with multi-level directory creation.
new e3fe7fa Merge commit 'dkg/master'
new 65dfc0b Revert "proposed fix for #1147 by checking for known_hosts file"
new 38e6168 small bug fix, and readbility improvements
new 2e7a44d started preparing tests to work under loosely-permissioned temporary directories.
new 3c279d5 make sure test sets proper permissions on the admin GNUPGHOME
new 8f21260 skip tests that will not behave properly when run under a loose working directory.
new c49c9bc do not make symlinks in the cwd during the test
new b35bede make expectedout file during keytrans test in test directory, not in the cwd
new 6ef7064 added MONKEYSPHERE_STRICT_MODES environment option to disable permissions checking.
new 37c39c4 ensuring that STRICT_MODES gets passed through to the monkeysphere subshell properly, and that we set it to a literal "false" in the tests. This should resolve the FTBFS associated with MS #659
new 98dddb8 initial draft of LCA2010 entry; hoping for feedback on a tight deadline
new 2e273a8 added bio and experience to LCA2010 application
new bb1da60 moved project history and names from bio to abstract
new 68ec561 small typo fix in lca2010 abstract
new 3008df4 added new perl script to check permissions.
new bef49a1 export LOG_PREFIX in monkeysphere
new cb63225 whitespace fixing and using environment variables exported from monkeysphere for checkperms.
new cd341f1 switch to using new checkperms script.
new c27bb69 attempting to resolve MS #675
new 87c2a23 removing duplicate check that snuck in somehow
new cb99290 swap order of bitwise and to avoid confusion in perl < 5.10
new 5822307 cleaning up log function in checkperms for future expandability.
new 8562a8f update changelog for 0.26
new d8db794 prepared release notes for 0.26
new a3032fa updating my notes on release preparation.
new 9a95260 added more notes about what it takes to prepare a release.
new 16b6579 updated freebsd port for 0.26
new a66946f updated note about ubuntu versions
new bd0f546 update macports Portfile
new db3b49a note upgrade and extend key on george
new f080907 notes about george upgrades
new e8c2a77 avoid noisy warning message when ssh-askpass not available
new 8ae63ca more updates on george.
new 93d4081 added link to mina (apache sshd)
new a0bf94c updated debian/copyright to match the latest version of DEP5
new f49000a added revision information to the debian/copyright Format-Specification, since DEP5 is not yet stable
new ee712e0 removed superfluous Copyright
new 154386c hush up m-a setup because the dd was making noise
new a348dcf update standards version to 3.8.3
new 7aa9067 fix ms Issue #1536 for gpg edit/addkey UI change
new 7c72a86 add cpio to Build-Depends
new bc82b23 indicate that no changes were needed for the policy bump (and version the unreleased changelog entry as a prerelease).
new bcec6b6 Its more useful and standard to actually output the 'help' output when an improper number of arguments is passed, rather output a line telling the user how to get the help output.
new 34da004 fix pem2openpgp(1) synopsis.
new b3f25b4 Clean up REQUIRED_KEY_CAPABILITY option passing to process_user_id.
new fd03070 Add new keys-from-userid subcommand to monkeysphere UI.
new 9a3c858 added notes about what version needs what keyType
new cf7d2f1 Fix patch for gen_key to test gpg version.
new 749f1d8 Merge branch 'master' of git://labs.riseup.net/~micah/monkeysphere
new 109f4ed Merge remote branch 'mjgoins/master'
new 15ead82 update my user ID
new 4473582 add note to changelog about closure of issue #1536
new f83d778 add standard --version option for version output
new d23689f fix invocation without subcommands to call usage function and exit 1 explicitlly
new 593cd32 normalize output for monkeysphere when no subcommand is issued or when an unknown subcommand is issued
new 2465cc9 preparing to release 0.27-1
new a153845 added releasenote for 0.27
new fb1f418 rename keys-from-userid command to more accurate keys-for-userid
new 1c1b3a7 touching up the switch to keys-for-userid
new b8daaa5 recorded recent george.riseup.net upgrade
new 820957f updated Makefile copyright info to use © symbol since (c) is apparently legally meaningless
new d31c6e8 added test of "monkeysphere keys-for-userid"
new f5b9a51 updated test suite to use scheme://hostname instead of raw hostname, in preparation for multi-key monkeysphere-host
new 5530ebf updating test suite to new preferred "monkeysphere-host {add,revoke}-servicename" subcommand
new 792f1e3 changed test suite variable from HOSTKEY to SSHHOSTKEY; updated path to exported host keys (from ssh_host_rsa_key.pub.gpg to host_keys.gpg.pub)
new 7250e1b added simple basic test for second key for monkeysphere-host, pulled this time from OpenSSL
new 1bdb595 update monkeysphere(1) to acknowledge use beyond OpenSSH
new 01bf1da update monkeysphere-authentication(8) to acknowledge use of monkeysphere beyond OpenSSH
new 97f7244 added missing openssl.cnf for test suite.
new d670eab overhaul monkeysphere-host(8) to match new multi-key capable interface
new 3291352 updating getting-started docs to use the 0.28 monkeysphere-host syntax (specifying full service user ID including scheme)
new 94c28ac adding website page about expanding the monkeysphere
new 1e207b9 add trap to remove temp dir in list_primary_fingerprints function
new ce45ef5 Major rework of monkeysphere-host to handle multiple host keys.
new 11349dc tweaks to tests/basic for new monkeysphere-host ui
new 1731593 Merge remote branch 'dkg/master'
new 0f63530 Try to fix monkeysphere-host and tests/basic for revoke-key test
new e32688b fix revocation test
new ab96342 update changelog
new c944ee5 tweaks to the monkeysphere-host man page
new 22a89e5 small tweaks to failure messages
new 9238528 some improvements to man pages
new 5b3e686 update package description
new c4b0a1e removed unnecessary tmpfile and repetitive keyid extraction from tests/basic
new 2848cd3 separate upstream and debian packaging changelogs
new a377e69 Merge remote branch 'dkg/master'
new 585800f added non-public "keytrans listfprs" subcommand
new 4665f85 add check for multiple secret keys and new listfprs subcommand to tests/keytrans
new 539d6e0 fix stupid think-o that caused keytrans adduserid to misbehave if another key came in the input stream after the desired key was already found
new cb23b39 Merge remote branch 'jrollins/master'
new b124f85 more tweaks to man pages
new 3bc5bbd wordsmithing debian/control
new d6a9bf7 fix keytrans test to handle possible permuted output of keytrans listfprs from expected order
new 6880d38 fix show_key function to handle user ID input (needed for import_key)
new ef41243 add check that service name isn't already in use in import_key
new 606133e suppress superfulous error output
new 5447172 simplified test to cope with possibility of re-ordered keytrans listfprs output
new ce693e8 Merge remote branch 'dkg/master'
new 97e51c1 remove reference to HOST_KEY_FPR_FILE
new 44e57bf got rid of monkeysphere-host fprs file
new 082cf2b renaming host_keys.pub.gpg to host_keys.pub.pgp
new 9307f58 renaming m-h update_gpg_pub_file to update_pgp_pub_file
new 9b9b23c made public use of m-h show-keys instead of show-key, fixed stupid field-numbering bug in fingerprint extraction
new d1f2eb3 monkeysphere-host: reverting from host_fingerprints() to list_primary_fingerprints()
new 638a70f add prompt if a service name is already being used then importing a key or adding a name.
new 7dbd680 canonicalize prompting to prompt if MONKEYSPHERE_PROMPT != 'false'
new 8324815 add 0.28 transition script to generate new host_keys.pub.pgp file, and remove all ssh_host_rsa_key.pub.gpg file
new 8b806ee flesh out check for reasonable-looking service names
new 71d1803 no need for recursive removal of a single file
new 8e1bd67 tweak loading of fingerprints in multi_key wrapper function, so unnecessary error messages aren't output
new c464b07 removing superfluous eval
new 3a26707 add get_cert_info() to common
new 91fdd7d added a few more FIXMEs to check_service_name()
new 3c02ca7 accepting "--version" as well as "version" subcommand for monkeysphere-host and monkeysphere-authentication
new f9da593 updating copyright year in debian postinst packaging
new 6647104 switch Makefile to use upstream changelog for versioning info
new 6c9d5f5 updating utils to deal with the newly split-out changelogs
new e1853a5 ignoring time conflict when extracting info in a hacky way from gpg. warnings still come out to stderr
new 6b8fa8b dump gpg --import error spew to /dev/null during hackish uses of gpg
new bef7e50 re-work monkeysphere-host diagnostics with an eye toward multiple host keys
new 351bf22 Merge remote branch 'jrollins/master'
new 1ed041f small man page typo tweak
new 9bb6a75 actually ship new upstream changelog
new cf9f4e3 updating changelogs in preparation for 0.28 release
new a82de32 added release note for 0.28
new f336e8e bumping debian packaging to Standards-Version 3.8.4 (no changes needed)
new 4513721 add some useful shortcuts for some common commands
new cd9cf08 fix changelog about Standards-Version update
new efd4d0b fix monkeysphere-authentication man page reference to AuthorizedKeysFile for sshd_config
new 961306e remove old git documentation
new 1a64ed2 Merge remote branch 'micah/master'
new 838f527 initial seminar details -- abstract and feeble outline
new e3bb810 enforce --no-armor when exporting to openpgp2ssh in case weird gpg.conf options (see bug 1625)
new 41f547a touching up changelogs as we work toward a 0.29 release.
new 7919c1d added explicit bash dependency on version >= 3.2 for modern conditional regex matching
new f622b34 allow service names to start with a number (synchronizing with the check in get_port_for_service from common). i know of no services named like that, but why be fussy?
new 75dcecb more notes on george upgrades: switch to lenny-backports
new 8bacea0 fix hyphen-used-as-minus-sign man page lint
new be0a4f8 Changed every inline beginning with [[ to an inline beginning with [[!
new 0bd709a Updated george changelog
new 970c750 Updated copyright years on website
new c33b2a8 fix my email address
new c39d116 Merge remote branch 'mjgoins/master'
new 3f7d3ab fixed monkeysphere.7 synopsis to be less ssh-specific
new 298e62b added website stubs about validation agent
new ae9d399 website: link the MSVA protocol back to the overview of the agent
new 952b13b update george changelog with my changes
new 9fb7f48 update zimmermann changelog about minor MS config change to the keyserver
new f49a056 retroactively added notes to changelog for zimmermann
new 5fa86c5 added new X session validation agent initialization script
new 6a4e246 initialize msva in Xsession based on monkeysphere.conf instead of /etc/X11/Xsession.d
new 93dd8e3 documenting USE_VALIDATION_AGENT in configuration
new 78c1dbc installing /etc/X11/Xsession.d/70monkeysphere_use_validation_agent
new ab7d1c7 renaming Xsession config file to match existing pattern (underscore only separates package from description)
new 6a7ea8d made Xsession script POSIX-compliant, simplified it
new 04793ed add note about dbus communication for msva
new 8a85f73 fixing comment in Xsession script
new 166f4db further consolidating Xsession script
new e8fb019 clarifying defaults for CHECK_KEYSERVER in monkeysphere.conf
new 8ab97c9 keys-for-userid now respects MONKEYSPHERE_CHECK_KEYSERVER (Closes: MS #1997); finesse description of CHECK_KEYSERVER in monkeysphere.conf (see: MS #2014)
new 24da4d0 enable use of hkps (closes: MS #1749)
new dc52882 warn if keyserver query fails (Closes: MS #1750)
new 733d920 cleaning up monkeysphere-host show-key output
new 42f7fec fixing an error message in monkeysphere-host
new 39d013c avoid checking trustdb from monkeysphere-host (Closes: MS #1957)
new 3d46f59 fix typo
new dd71f5e Merge remote branch 'dkg/master'
new 117605f fix CHECK_KEYSERVER for deprecated keys-from-userid as well
new 01012ce use msmktempfile instead of raw mktemp -- should be more portable
new c68b687 deprecate sshfpr; add sshfprs-for-userid (closes: MS #1436)
new e5e4238 updated changelog for 0.29 release
new 0bb2a15 change case of changelog to match other projects
new 7bad26c update for the release of 0.29-1
new 4bbb264 renaming changelog to Changelog in the makefile
new 1bb35e8 added comment about why the key file is named with whitespace
new f2e90a0 more fixes for s/changelog/Changelog/ -- i begin to suspect it was not worth it :(
new 511037b releasenote header should match new ikiwiki syntax
new cedd7ea prepared releasenote for 0.29
new 7e571f4 announce msva-perl version 0.2
new b602ccf add some rough instructions on getting the extension/perl validation agent going for website validation
new 30bc682 minor change to setup website levels
new c8596c0 change from parens to slashes
new e9f0065 add location for the xpi download
new 0f6ef99 notes about distributing xpi from george
new 072e05a Merge remote branch 'origin/master'
new 2f9fe93 Removed docs and website. They will now reside (for my repo) at git://lair.fifthhorseman.net/~mjgoins/monkeysphere.info/
new dbeab30 Merge remote branch 'mjgoins/master'
new 2ab70fb start new debian branch. add debian directory straight from packaging/debian
new b0d2a46 remove installation of removed doc dir from tarball and install make targets
new 34ee2c7 change makefile to use git-buildpackage for debian packaging
new 852fdea remove packaging/debian in favor of git buildpackage packaging
new 34a8448 Merge branch 'master' into debian
new 62650a3 move to source fortmat 3.0 (quilt)
new 66e173d added 0.30~pre changelog entry
new bc80465 Merge branch 'master' into debian
new 4771027 updating debian/changelog to match
new 8238a98 move the apt repo management into monkeysphere-docs
new f942340 Merge branch 'master' into debian
new 307c66f cleaning up .gitignore
new 7716346 Merge branch 'master' into debian
new 8adb9ce trying to auto-create VERSION file
new 3290ebc Merge branch 'master' into debian
new b7f540b automate updating of VERSION file
new cff844d we should be making the tarball with git archive now (this is now idempotent, yay!); no need for the tarball make target
new cad5a11 Merge branch 'master' into debian
new 56401df moving git buildpackage configuration off of master branch (please put it debian/gbp.conf in the debian branch)
new d97b9dc Merge branch 'master' into debian
new 989938c moving git buildpackage configuration into the debian branch
new ec5db66 removing git commit id from the VERSION file, since it is ambiguous for packaged versions vs. versions installed by "make install" (and complicated to build cleanly anyway)
new 6493394 Merge branch 'master' into debian
new 598dcc9 Improve RPM packaging
new 0fac6fc rpm: create users in pre-install scriptlets
new cf1a9f7 rpm: assign a real shell to user monkeysphere
new ef5bc22 add an override to remove the extra Changelog installed in /usr/share/doc/monkeysphere
new 396c76e removed monkeysphere.spec from master since it is now tracked in the rpm branch.
new 5e2064f Merge branch 'master' into debian
new 056ccb1 added internal openpgp2sshfpr subcommand for keytrans
new 70d4751 keytrans openpgp2sshfpr now prints out the key size and type
new 38a5e85 monkeysphere-host no longer depends on ssh
new 990913d fix gpg_ssh_fingerprint() in monkeysphere to use internal implementation of ssh fingerprinting
new 088bf1f make comment more nit-pickingly accurate
new f4d3bc4 handling ssh fingerprinting internally with keytrans for sshfprs-for-userid
new b91c4d0 degrade gracefully in the absence of ssh
new de07dd8 do not try to add to known_hosts if HASH_KNOWN_HOSTS is true but ssh-keygen is not available (includes some comments about how to fix these corner cases).
new a22b46c preparing a 0.30 release
new ac73abe Merge branch 'master' into debian
new 7a0990c updated debian packaging for 0.30-1 release
new 406f5a5 updated scripts and notes for releasing
new 8a0467b remember that the releases are being published via the monkeysphere-docs repo now.
new e6a4199 support x509 anchors for monkeysphere-host, allow shared anchors between m-a and mh (closes MS #2288)
new b796349 Merge branch 'master' into debian
new 75113fa syncing with master
new c74075a do not fail or bail when admin interactively declines to publish a key with m-h
new 9be5f0c Merge branch 'master' into debian
new f97dd58 reporting new expiration date when key expiry is updated (closes MS #2291)
new da6924c Merge branch 'master' into debian
new 6c031b9 update Xsession.d script to avoid choking when /etc/monkeysphere/monkeysphere.conf has been removed
new ca88f1b add keys-for-user subcommand to monkeysphere-authentication
new bd2a2ef small tweak to monkeysphere man page
new 330d2ec fix debug message in checkperms
new 1aa3096 Merge remote branch 'dkg/master'
new 37af72d update changelog about new keys-for-user monkeysphere-authentication subcommand
new 9b594d7 added some examples for system integration
new a8bfb0c preparing for 0.31 release
new 60e38bc Merge branch 'master' into HEAD
new 2cf60b9 preparing for 0.31-1 release
new 6ef84e6 updating Standards-Version to 3.9.0
new d4ce22c test for presence of config files before sourcing them (works with both dash and bash, and resolves MS #2471)
new 0221730 fix up notes about how to prepare a release
new 5de8049 removing freebsd packaging since it is on its own branch
new c130b48 fix specification of install directories in top level scripts.
new 2cbeae5 fix install target to not add DESTDIR to installed prefix
new 5f0bc4c fix *all* install paths, including in man pages and transition scripts
new ef2c0b7 force link making when installing, for idempotence
new 6b4200d change log level for outputting message: "! primary key could not be translated (not RSA?)." from "error" to "verbose"
new 9b000f2 Merge remote branch 'jamie/master'
new d37829e fix revoke_key typo in creating temporary directory fix variable specifying which key to revoke
new ba9ec46 added changelog note of fix for monkeysphere-host from micah
new b3f0bbe Assume that space- or tab-prefixed lines contain ssh authorized_keys options applicable to the preceding user ID.
new 73f3d31 Minimal documentation of ssh authorized_keys options specification.
new 447c9de Make remote execution command a parameter to ssh_test
new bd9c231 ssh authorized_keys options test
new e7df0bd add debugging to monkeysphere-host publish-key, closes: #2289
new 2557eca fix formatting of b3f0bbedbf242d2640d3bc56cce62ae726081400 to conform to standard
new a429c21 Merge remote branch 'jrollins/master'
new 96dcef5 update Changelog
new 54fb539 Test coverage for monkeysphere-authentication keys-for-user
new 90166e0 fix need for only single argument to gpg_sphere
new d3c00de Merge remote branch 'greg/2459'
new 85e74d8 use LC_ALL=C for all gpg calls
new e1ba8a1 update changelog for 0.32 release
new 91cd673 Merge branch 'master' into debian
new bc3ef78 remove X11 session initialization script. ready for 0.32 release
new a9752f0 fix release target for experimental, not unstable
new cdf1a5a Fix more calls to gpg_shere, finishing what was started in 90166e0bb8e4ebc1c1174d9bc2021c604b7a1bd7
new c177b8a Merge branch 'master' into debian
new 0d8f46d update debian/changelog date to account for most recent merge from master
new 3cc67bd update standards version to 3.9.1
new 61ddc8d removed releasenote details, as they are now in monkeysphere-docs
new dbaab8b default HASH_KNOWN_HOSTS to false (closes MS #2483)
new 2fd7ccf avoid keytrans test suite breakage on fast processors (addresses http://bugs.debian.org/591118)
new 04d243b attempt to fix apostroproblem in ma/keys-for-user
new 90c2bff make sure authorized_keys options lines are skipped in keys-for-user
new 9eb449e update changelog for 0.33 release
new 461fd10 Merge branch 'master' into debian
new 6fc1a23 update debian changelog in prep for release
new f8c9651 note bts closes in debian changelog
new 2399e91 fix typo in monkeysphere usage
new 9f1a863 add 'k' as shortcut for keys-for-user
new cda9b45 add missing CHECK_KEYSERVER config in skeleton monkeysphere-authentication.conf
new 267c6fc fix keys-for-user
new 621be36 remove unneccessary export of TMP_AUTHORIZED_USER_IDS
new 9ab7477 fix changelog
new 04e5bfb fixed bug in remove_monkeysphere_lines function
new 254fec8 add check for argument in keys-for-user
new a626877 make dependencies on gnupg versioned on 1.4.10 or higher, because of keytrans test suite failure (MS #2549)
new 7f20193 fix test for keys-for-user
new df882c1 Simplification/refactoring of key/file processing
new 7794ed5 update changelog
new b151467 fix process_keys_for_file so that it can accept '-' as a file, and send output to stdout.
new 6cfddac fix up update_authorized_keys
new 3f109bb cleanup update_known_hosts
new 7ad88e0 fix back to integer indexing in process_authorized_user_ids
new 50f1ff1 fix update_known_hosts to create proper initial temp file
new 2072a06 fix remove_monkeysphere_lines function to just read from stdin and write to stdout
new eed88e1 fix remove_line function to not use fixed string checking, and to mv -f the tmp file into place
new c7d807f tweak log levels and messages in ma/update_users
new af9ff0f don't fail if authorized_keys file not present
new 46f5d82 back to using grep fixed-string matching when removing key lines
new 52b5254 ensure that we only remove fully-matching lines once we have found them
new be329ef add note about CHECK_KEYSERVER var in msph-auth man page
new b52ba03 finalize changelog for 0.34 release
new 74018a7 Merge branch 'master' into debian
new 44b8bd4 update changelog for 0.34-1 release
new eb71df0 fix label in upstream changelog
new 5a8a40b remove reference to USE_VALIDATION_AGENT (the usage was incorrect as well)
new 836573e consolidate and simplify printing of key lines in process_keys_for_file
new 875b987 fix variable declaration (leftover from break out of touch_key_file_or_fail)
new 8019e15 fix ssh_proxycommand marginal ui
new 5b32da0 catch return for grep in remove_line, for case where grep -v returns nothing (e.g. only line in file is removed)
new 1655a07 fix variable declarations in update_known_hosts
new d90b5cd improve debug output
new 343e9b4 break out proxy command validation code into it's own function (no functional change)
new 88f98d0 clean up ssh_proxycommand function (no functional change)
new 83d8845 update upstream changelog
new 95cbf27 avoid using the running MSVA from the user during the tests
new 658b20d universalize and consolidate on --fixed-list-mode
new 6907cc2 If for whatever reason the primary UID comes up empty, give the injected subkey a reasonable name instead of the empty string
new e031384 update changelog
new ac0c368 Merge branch 'master' into debian
new d2324d2 update debian changelog
new ca9b8d2 first attempt at closing #499 (changes to user authorized_keys files not immediately incorporated)
new 8ea1266 more precise description of file::ChangeNotify's behavior with regard to different operating systems. And, monitoring /etc/passwd is not recommended, so removed from description.
new 617031b Comments at top now contains more concrete explanation of how the script works. Location of key files to monitor is more configurable by the sys admin. All changed files treated the same for simplicity. Added debug mode.
new 4e233d7 keytrans: avoid confusing user IDs across different keys (closes MS # 2682)
new 032d02d Merge remote branch 'jamie/master'
new 8a6aaf7 whitespace, simple style cleanup
new df25c9e update debug to use printf and always emit newlines; use warnings;
new 13f1cad added example script to auto-generate X.509 certificate requests with the PGPExtension embedded in them from https monkeysphere-host keys.
new 6602d9b adding some comments/concerns about the current monkeysphere-monitor-keys implementation
new 81e2116 Tracking users while generating watch list is more reliable way to ensure m-a u is executed on the right users.
new 368d659 On dkg's suggestion, using hash index as more elegant way to ensure we don't repeat users.
new 98e5ebd avoid problems with filenames containing regexp special characters.
new e50da19 genericized x509 certificate generation -- now works for any service, not just https (invoke it like "make-x509-certreqs imap" for imap:// keys, etc)
new 075396f prepare for debian unstable release
new 297eddb fix url in man page, fixes #635648
new df0fa23 use date somewhat more portably
new 8ce435f add --batch to gpg invocations, since gpg2 requires it to use --passphrase-* arguments
new 8fe76e1 fetch all keys instead of the first 5 (and work better with gpg 2.0.19, which apparently does not retrieve keys from gpg --search if the --batch argument is also present)
new cd03ac0 enable openpgp2pem as well from keytrans
new 8ad5957 merge branch 'master' into debian
new bae829f prepare debian release
new 0cf70fa incorporate example combined ProxyCommand from sanoj_
new 71576e0 added keyid-format 0xlong to monkeysphere-authentication default gpg.conf files (thanks, Jonas!)
new ed10318 enable executing shell functions by invoking common directly.
new 0c08120 Pass only single commands through su wrapper
new fb8c4da Simplify arguments passed to su_monkeysphere_user() and gpg_sphere
new c83efe3 Preserve (instead of collapse) arguments in su_monkeysphere_user().
new 091c6b8 update documentation for monkeysphere-authentication gpg-cmd
new 798d057 update Changelog to describe the admin-visible changes to m-a
new f698ba8 enable openpgp2spki, prepare for 0.36 release
new 15928d1 rely on /usr/bin/env instead of prefixed env vars for su_monkeysphere_user
new 29dd89f Merge branch 'master' into debian
new ea5e530 prepare for debian release
new a38f41f avoid adding new known_host entries when non-standard port is used
new 646eff7 ignore empty lines in authorized_user_ids (fixes MS #6344)
new a4d7e6f start implementing multiple AuthorizedKeysFile support
new c62e97c indicate that the m-a and m-h X.509 anchors should be PEM-encoded
new 4053409 cope with ssh-keygen -F returning non-zero if the hostname is not found
new 8f330ea fix punctuation (thanks, Jakub Wilk https://bugs.debian.org/745144)
new e48617d adjust keytrans test to rely on new gnupg with-colons output
new ae8e2e3 avoid extra subprocesses by relying on a bashism
new 7fcf682 avoid openpgp2ssh failure
new 2919f85 update Changelog for 0.37
new 1d5fa08 Merge branch 'master' into debian
new 1714ff2 prepare new monkeysphere debian 0.37-1 packaging
new e9f84c4 patch from upstream to fix log when no message argument is present.
new 4fe38b0 clean up patches
new e3e7f2d wrap-and-sort for a cleaner debian/
new 5bad41b hand over package to pkg-privacy team
The 2015 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/monkeysphere.git
More information about the Pkg-privacy-commits
mailing list