[Pkg-privacy-commits] [monkeysphere] annotated tag monkeysphere_0.23 created (now a4d2581)
Ximin Luo
infinity0 at moszumanska.debian.org
Sat Aug 22 13:38:24 UTC 2015
This is an automated email from the git hooks/post-receive script.
infinity0 pushed a change to annotated tag monkeysphere_0.23
in repository monkeysphere.
at a4d2581 (tag)
tagging 46fe34d78ca1acb59c996064e4b85f922cf9e9e6 (commit)
replaces monkeysphere_0.22-1
tagged by Daniel Kahn Gillmor
on Sat Feb 21 17:50:45 2009 -0500
- Log -----------------------------------------------------------------
Tagging Monkeysphere 0.23
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIVAwUASaCFRczS7ZTSFznpAQInPQ//cYx6w2L1PddhkiwRI8N6lFOxxztfivZc
ZsEimLxLmTrbKfhqzJNzlO8CNhk5Vr6lwv1XYZFoAXl+zI92pryDwNe8JJytFnbi
f0418J6OmuJPCQM5ejo4lricQ3nF9yPjPX7USKT7Nu/aJcsMp6I9WwoNXH8SwTok
JQE4t10hGtiulQw3P6s+kJ1tgIBsiFqrOB3lFQ3veSiIT7qlOrUT/4NV/6j5fEFp
wkwqVmbW13lT4Ei6u0NtRAZP9kGyOYmuOtxrk8Qt0XrPFJ8SXKTScKkMh3lZlxzr
H4DPpX7hY7SZ1u7oADrJ2sTsl/7BAQu9lcyq38ratnbOxWbbHfhWn5j0uGV3JZKI
c6+TDq03YHamxu00ryxlJwBFIwcOwncWQZiah2wKsxmwE9zFnONDfy72aB7c+1R5
OVKb6U8TDq4j5jlRiyLp+/8ukiJ2TP6ZWpihWmXZrGe8rjZKvWOURNZFBCB3P1KL
jCNfsUTfkTyPiqF/ioH/jtaP3Ry5twHpLgbu/hLuj3V4Z9WGk30/cJCtQqjVHEla
OGSiFlAdGOmF0WuY0kWRncNdZWoXPONfY1nY0vDE+q91XGXxWy0ENiMZ1tlvSeI5
PsdAjPxTb4T7kJOnyMmggLQdRWSyvp3OGpvtg5DQI3HIwoevjyBfq3TSCNZzWeQi
fIc450UMahA=
=AjFg
-----END PGP SIGNATURE-----
Daniel Kahn Gillmor (127):
added release note for 0.22-1
notes about zimmermann HTTPS
gave example on gpg multi-keyring bug.
Merge commit 'jrollins/master'
added yet another FIXME to m-s d
suggesting simpler approach to getopt.
updating freebsd port information for version 0.22
updating freebsd patch to allow monkeysphere-ssh-proxycommand to work (path updates).
added first pass at perl script to convert existing PEM-encoded RSA keys into OpenPGP keys
clean up a bit of pem2openpgp and remove some of the hardcoded data.
removed last hardcoded data in pem2openpgp; it seems to work with our test key.
use bytes in pem2openpgp to ensure that length calculations are done by octet and not by character.
pem2openpgp now accepts a choice of User ID on stdin.
clarifying make_rsa_key_body() to make_rsa_pub_key_body()
pem2openpgp: clean up comments, treat fingerprint as raw data instead of ascii
pem2openpgp: break out usage flags, default to creating an authentication-capable primary key.
pem2openpgp: make lookup tables of relevant parameters.
fix stupid typos; switch padding during rsa signatures to that specified in RFC 4880
pem2openpgp: replace raw numbers with semantic labelling to make it more readable.
pem2openpgp: reorganized some code, put in initial function to try to create secret keys. we seem to be a bit of modular arithmetic away from creating private keys in an OpenPGP-style format.
pem2openpgp: implemented extended euclidean algorithm to find modular multiplicative inverse. this lets us compute the value we need for secret key material.
pem2openpgp: cleaning up some comments, not fetching unnecessary parameters from OpenSSL.
pem2openpgp: reorganization, cleanup of comments, adding a warning about secret material on stdout
another george changelog entry.
added firefox extensions to the monkeysphere future vision
merging in new george changelog entry from micah
updating Makefile and debian dependencies.
removing unused monkeyshell stub.
update debian changelog with plans for 0.23 release.
merging changes from micah
merging jrollins and micah work, reverting ui changes for m-h gen-key and import-key
merging from jrollins
remove executable bit, remove shebang line, update copyright on subcommands.
Merge commit 'micah/master'
Merge commit 'jrollins/master'
Merge commit 'jrollins/master'
add m-a setup implementation
removed some unnecessary setup from the basic test, pulling the random string from /dev/urandom; generating the authentication trust core key at 2048 bits
trying to improve m-a setup; still not successfully tested.
accept environment variables to adjust the behavior of pem2openpgp
stupid perl flailing in pem2openpgp.
still trying to get clean perl for pem2openpgp
*still* trying to get clean perl for pem2openpgp
use the environment to determine usage flags (default to certify)
bring comments up-to-date and parameterize expiration date.
ensure that the output of modular multiplicative inverse is positive.
pem2openpgp: when creating a signature, make sure that the public key material uses a 2-octet packet length.
pem2openpgp: avoid dumping garbage to stderr
Merge commit 'jrollins/master'
tests/keytrans: terminate reasonably on success.
web site: added news item about the planned changes for the pending release of the monkeysphere.
tests: making the temporary directory be created in a new place. make sure the proxy command used in the test is the new subcommand.
tests/basic ensure that the directory is actually an absolute path, not a relative one.
set proper permissions on administrator gnupghome.
updated man page for pem2openpgp.
pem2openpgp now supports generating the key as an alternative to reading it from stdin.
updated pem2openpgp invocation in m-h import-key
restoring absolute paths to both TEMPDIR and TESTDIR in tests/basic.
m-a setup: take advantage of the new ability of pem2openpgp to generate its own key.
fixing dumb typo in tests/basic
fixing out-of-date comments
tests/basic created the wrong monkeysphere-authentication.conf
tests/basic: respect $TMPDIR variable for temporary directories set up during testing.
fix typo
no longer require the primary-keyring for the sphere gpg.conf now that we use a single keyring
tests/common: enable a single subshell in the test environment before cleanup on failure; makes it easier to have $PATH, etc set up
su_monkeysphere_user now invokes a subshell even when already called by the monkeysphere user.
trust level != trust model
update m-a list-identity-certifiers: output is not yet human-readable, but it should be more accurate.
fix typo
describe the motivation for our current su_monkeysphere_user implementation.
make m-a list-certifiers more intelligible when multiple uids have ltsigs.
Merge commit 'jrollins/master'
added debian/NEWS file so that early adopters are appraised of the changes.
Merge commit 'jrollins/master'
added MONKEYSPHERE_PROMPT to man pages.
normalizing MONKEYSPHERE_PROMPT description in monkeysphere.1
(untested) overhaul of monkeysphere 0.22 to 0.23 release.
moved directory for monkeysphere-generated authorized_keys files back to its old location at /var/lib/monkeysphere/authorized_keys
removing --quiet from this invocation seems to avoid an add-id-certifier failure.
catch pipe failures more cleanly during key import
clean up failure message
made gpg_sphere use --quiet again, and now doing more explicit extraction of key fingerprint during add-certifier from file.
shipping transition script; requiring manual version synchronization between common and the changelog (until we come up with a more general templating build process)
making clearer comments in the transition script, invoking from postinst for debian.
adopting new transition script strategy
added notes about transition to debian/changelog
install the transition scripts as executable by the superuser.
reverse the order of two of the SEE ALSO references in monkeysphere(7). For some reason, this avoids a bug in man that causes it to complain "<standard input>:57: warning [p 1, 8.3i]: cannot adjust line"
Merge commit 'jrollins/master'
fix think-o in 0.23 transition.
more think-os in the 0.23 transition script.
remove a permission warning from the old gpg config during 0.23 transition.
more cleanup on 0.23 transition script
still more cleanup in transitions/0.23
Merge commit 'jrollins/master'
clean up more gpg warnings during 0.23 transition
added msmktempfile; got rid of /dev/stdin assumption in ssh_proxycommand for portability
Merge commit 'jrollins/master'
do not show uid validity for gpg authentication core, since the core has no ultimate ownertrust
avoid chown -R, explicitly indicate the files we expect to be changed.
diagnostics should now check for cruft from old versions of the monkeysphere.
cleaning up output of cruft report
clean up the diagnostics functions, check for ID-Certifiers in m-a d
correcting ssh_proxycommand output.
Merge commit 'jrollins/master'
document why monkeysphere import-subkey is not yet working.
clarify revoke_hostname warning
trivial implementation of monkeysphere-host revoke-key: just prints ascii-armored revocation certificate to stdout, and admin is expected to know what to do with it.
monkeysphere-host revoke-key should now be capable of publishing the
tune automated revocation certificate description; add FIXME to allow it to be set explicitly.
clean up 0.23 changelog entry
tuning some diagnostic text.
readability revision for getting-started-admin.mdwn
documentation overhaul for users just getting started.
documentation tuning.
more wordsmithing.
tweaking m-h getting started docs.
Merge commit 'jrollins/master'
merged jrollins/master
fixing typo in ssh_proxycommand.
un-fix non-typo in ssh_proxycommand. (my mistake!)
added new explicit checks for relevant perl modules in tests/basic.
making entry into subshell after failed test run more explicit (thanks for the suggestion, Ross!)
correct return codes for monkeysphere subkey-to-ssh-agent
fixing up some documentation, including version notes in getting started.
adjusting extraction of revokers.
Jameson Graef Rollins (165):
add new check_host_keyring function for better checks for the
add a couple of bugs about posix compliance and the use of getopts
add comments to bugs.
some web updates:
Add new intro to the bug page which links to the new bts stuff.
small tweak to debian news item
link to new wiki/bugs
get rid of getopts.
slightly modified header "sidebar".
slight tweak to sidebar
added version output option
clean up option parsing and key checking in gen_key function,
work on fleshing out the new functionality for the next release,
added new "vision" page where we can talk about monkeysphere 2.0.
add pem2openpgp to make install target
change log level for unacceptable keys that can not be translated to
fix log level for unacceptable untranslatable keys on george.
- break out monkeysphere-server command into
break out import-key and gen-key from monkeysphere-host
break out monkeysphere-{host,authentication} subcommands into seperate
Merge commit 'dkg/master'
add ssh-proxycommand as subcommand to monkeysphere
turn subcommands into subfunctions, that will need to be sourced and executed.
fix usage for import/gen-key, and remove revoker option from gen-key
make subcommand subfunction that were missed previously
more moving to subfunctions, and rename of show-key
Merge commit 'dkg/master'
simplify server config files, and add keyserver config variables.
more big cleanup of host/authentication commands to reflect new
Merge commit 'dkg/master'
Merge commit 'micah/master'
break out subfunctions from monkeysphere command
change hyphens to underscores in function file names, for consistency
fix makefile, and remove now-unneeded dirs in debian packaging
remove things i think will no longer be needed from the debian packaging scripts.
some more fixes and tweaks to get things working in the new setup
packaging/debian: add some transition stuff to the preinst script
Merge commit 'micah/master'
move src/subcommands to srv/share, and add common file to src/share (update Makefile as well)
add skeleton man page for pem2openpgp
fix some things bugs from the separation transition, and try to fix the test scripts
Merge commit 'dkg/master'
Merge commit 'mjgoins/master'
add setup subcommand call to ms-authentication, and more fixes to tests
some small tweaks, and one tiny syntax bug fix, to ma/setup, and some
fix a bunch of directory references to the new data/share dirs
some general fixes:
some tweaks to the man pages
small tweak to ssh-proxycommand comments.
fix the log output for the ssh-proxycommand
new function to export signatures from core to sphere keyrings. this
Fix a bug in setup where gpg was called instead of gpg_core. This
add some log debug output to ma-setup
add ability to specify key length of core secret key, so the test scripts can specify something smaller than the default.
fix up gen/import-key:
update debian info on web
add test of key conversion (openpgp2ssh and pem2openpgp) in test script.
move keytrans test to a separate test script, and move functions common to all test to a common file
fix some things in the keytrans test
Some rearragement/cleanup in the monkeysphere-host:
Merge commit 'dkg/master'
Break out host export commands into gpg_host_export and
a couple of small fixes to the {gen,import}_key functions
define variable for public key files (HOST_KEY_PUB, HOST_KEY_PUB_GPG).
break su_monkeysphere_user into common function, since it will likely
fix name of set_expire function
rename function to get the host fingerprint, and fix some
small formatting tweaks to add_certifier function
add much of an add_revoker function. still needs to be fleshed out
break out a bunch of common functions in monkeysphere-host:
clean up how trust level was check in ma/setup, with some debug output
add ability to supress confirmation prompt in ma/add_certifier
add some debug logging to some common functions
some clean up to tests/basic
fix reference to MONKEYSPHER_USER in ma/setup
Fix the ma/setup function:
fix some things in ma certifier functions:
add list-certifiers to the basic test
tweak some of the log output inconsequentially
fix the su_monkeysphere_user function so that it does 'bash -c' instead of 'eval', if the user already is the monkeysphere user, so that a proper subshell is invoked.
fix some calls to gpg_sphere that where not putting all arguments into a single argument, as required by the strange su requirements.
Merge commit 'dkg/master'
fix something that was resolved improperly in the previous merge.
website: fix a small incorrect command line for apt-key import
have the import_key also create the ssh pub file, since it is needed to show full host key info.
fix the publish_key function for new gpg_sphere.
Change import_key to take the path to the file to import as an argument. dkg won't like this, but I think it's necessary so that we can generate the ssh pub key file, which is needed for subsequenty works.
unbreakout some functions that were broken out earlier for handling creating ssh key files, since they are actually done in different ways under different circumstances.
fix a bad reference to MATMPDIR
make sure MHTMPDIR is defined and created
start script to do a 0.22 -> 0.23 transition. still needs work (UNTESTED).
Stop all creation of a ssh_host_rsa_key.pub. Use openpgp2ssh to get
REMOVE GEN_KEY. The gen_key function is entirely removed. Decided
fix reference to HOST_FINGERPRINT in show-key, and fix some references
add some minimal checks to import_key that the default hostname is legitimate.
make host show_key use just the pgp pub key file to get the ssh fingerprint, as it should have been doing before
check host for gpg pub key file instead of fingerprint, and modify show_key to be able to show full key info to all users.
fix a couple of left over references to expert
set ultimate ownertrust on hostkey after import
tweak the show-key output, and fix some comments.
Merge commit 'dkg/master'
rename create_gpg_pub_file to be update_gpg_pub_file, and add it to
add some checks about setup to authentication
add test to su_monkeysphere_user to check that the user is
add ability to bypass prompting with a MONKEYSPHERE_PROMPT variable,
add README to tests/ directory
remove setting of ultimate owner trust on imported host key, since we probably don't want the host keyring to be accepting any certifications for anything.
bring tests/basic uptodate with the new PROMPT env variable.
fix ma so that the setup command is folded into the other commands, so
fix some log output
add no-tty, quiet, and no-greeting to gpg wrapper invocations to supress as much gpg output as possible. then cleanup gpg invocations.
new msmktempdir function, to simplify making temporary directories. remove MHTMPDIR, since it's not needed.
Cleanup how variables are specified and loaded:
Merge commit 'dkg/master'
tweak some of the prompting, to change defaults, and add PROMPT usage where missing
Merge commit 'dkg/master'
add some log debug redirects
add PROMPT respect in get_gpg_expiration
small usage changes
Merge commit 'dkg/master'
Merge commit 'dkg/master'
Merge commit 'dkg/master'
fix call to transition script in postinst script, and fix lintian error about transitions README
fail if hostname can not be determined in import_key
fix CHECK_KEYSERVER variable in monkeysphere, so the default is correct for proxycommand, and fix an errant bad line in proxycommand.
make sure fingerprint is loaded for update_gpg_pub_file
Merge commit 'dkg/master'
Merge commit 'dkg/master'
don't use /dev/stdin hack with ssh-keygen to get ssh fingerprint. just use a tmp file.
fix permissions and ownership on authentication directories.
more fix permissions and ownership on authentication directories.
modify import_key to take the key file to import as an argument. can be '-' to import from stdin. modify man page and test accordingly.
The monkeysphere {import,gen}_subkey functions were not up-to-date.
add a gpg_user function in monkeysphere to add some gpg quieting
the import_subkey function was in fact not implement at all. MUST FIX!
some updates to getting-started-*
Modify/cleanup add_certifier and add_revoker, so that their code base
fix arg parsing in add_certifier to allow of - for stdin read.
remove import_subkey from monkeysphere usage and man page until we get
add_revoker fully working. also cleanup of add_certifier.
stupid bug fix
explicitly set GNUPGHOME in su_monkeysphere_user calls to gpg in add_revoker, to avoid any confusion about having GNUPGHOME as a tempdir exported to the environment.
tweak/cleanup some of the prompts.
Merge commit 'dkg/master'
Add "true" to prerm script so that lintian will stop complaining that
some small tweaks to the test:
added note about specifying a hostname for import-key in the admin
fix failure message in import_key
update TODO
make sure we're explicitly capturing return codes in places where they are tested, in case things are being run set -e
remove 'return' line from monkeysphere that was errantly not removed in the previous commit.
import-key now requires a hostname be specified, and no longer does
fix return in subkey_to_ssh_agent, so that it returns, instead of exits
add tests to add_revoker and add_certifier that more than one key was not found when adding by using key ID.
Merge commit 'dkg/master'
fix output formatting for cases where multiple fingerprints are found, in functions that are doing that sort of thing
cleanup of how ssh_test return code is captured in tests/basic
Merge commit 'dkg/master'
make sure all prompt messages are going to stderr
Merge commit 'dkg/master'
fix bug in ssh connection test
add FIXME to show key about how it should show revokers as well.
extend show-key to show fingerprints of revokers as well.
Merge commit 'dkg/master'
make show-key so that it works even if there are no revokers.
Matt Goins (20):
Merge commit 'jrollins/master'
Merge commit 'dkg/master'
Merge commit 'jrollins/master'
Merge commit 'dkg/master'
Merge commit 'dkg/master'
Merge commit 'micah/master'
Merge commit 'dkg/master'
Merge commit 'dkg/master'
Merge commit 'dkg/master'
Merge commit 'jrollins/master'
Merge commit 'jrollins/master'
Merge commit 'jrollins/master'
Merge commit 'dkg/master'
Merge commit 'dkg/master'
Merge commit 'jrollins/master'
Merge commit 'dkg/master'
Merge commit 'jrollins/master'
Removed obsolete man pages, split monkeysphere-server man page into two new ones.
Merge commit 'jrollins/master'
Changed the order of the descriptions of the commands to match the usage as it appears when the command is invoked.
Micah Anderson (19):
add the wiki link to the menu bar... i'm not totally sure this is the
that didn't work, let me try it this way instead... why do none of the
that didn't work either, perhaps this will instead?
according to the markdown manual, this is how you create links
maybe I can just do it the HTML way
I dont know what I am doing
did some work on george, disk was filling up, updates needed to be run, mail was broken
replaced nullmailer with postfix on george
Merge branch 'master' of git+ssh://labs.riseup.net/~micah/public_git/monkeysphere
Merge commit 'jrollins/master'
Fix the monkeysphere-ssh-proxycommand man page to properly note the
Remove the test for the root user, effectively reverting part of
resyn implementation of m-s gen-key with the help output
change the copyright year and add my name to the header comment
Change the monkeysphere header to have 2009 copyright year and add my name
rework the tests to use the new reorganization
Merge commit 'dkg/master'
fix location of the primary public keyring for the new reorganization
fix some test problems related to gpg.conf locations
-----------------------------------------------------------------------
No new revisions were added by this update.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/monkeysphere.git
More information about the Pkg-privacy-commits
mailing list