1 |
k_f 14/07/29 12:34:22 |
2 |
|
3 |
Added: monkeysphere-0.36_tests_gnupg2.patch |
4 |
monkeysphere-0.36_openpgp2ssh_sanity_check.patch |
5 |
monkeysphere-0.36_hd_od.patch |
6 |
Log: |
7 |
Revision bump to include serveral additional patches from my development overlay |
8 |
|
9 |
(Portage version: 2.2.8-r1/cvs/Linux x86_64, signed Manifest commit with key 0xFC3B17DE05E136A0!) |
10 |
|
11 |
Revision Changes Path |
12 |
1.1 app-crypt/monkeysphere/files/monkeysphere-0.36_tests_gnupg2.patch |
13 |
|
14 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/monkeysphere/files/monkeysphere-0.36_tests_gnupg2.patch?rev=1.1&view=markup |
15 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/monkeysphere/files/monkeysphere-0.36_tests_gnupg2.patch?rev=1.1&content-type=text/plain |
16 |
|
17 |
Index: monkeysphere-0.36_tests_gnupg2.patch |
18 |
=================================================================== |
19 |
diff -r c13f4b11061e tests/keytrans |
20 |
--- a/tests/keytrans Sun Feb 16 19:24:08 2014 +0100 |
21 |
+++ b/tests/keytrans Sun Feb 16 19:27:42 2014 +0100 |
22 |
@@ -131,9 +131,9 @@ |
23 |
cat >"$TEMPDIR"/expectedout <<EOF |
24 |
pub:u:1024:1:$KEYID:$timestamp:::u:::scSC: |
25 |
uid:u::::$timestamp::E90EC72E68C6C2A0751DADC70F54F60D27B88C3D::monkeymonkey: |
26 |
-sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x: |
27 |
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:::::8: |
28 |
uid:u::::$timestamp::8200BD0425CC70C7D698DF3FE412044EAAB83F94::testtest: |
29 |
-sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x: |
30 |
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:::::8: |
31 |
EOF |
32 |
|
33 |
diff -u "$TEMPDIR"/expectedout <(gpg --check-sigs --with-colons | grep -v ^tru) |
34 |
@@ -159,10 +159,10 @@ |
35 |
cat >"$TEMPDIR"/expectedout <<EOF |
36 |
pub:u:1024:1:$KEYID:$timestamp:::u:::scSC: |
37 |
uid:u::::$timestamp::E90EC72E68C6C2A0751DADC70F54F60D27B88C3D::monkeymonkey: |
38 |
-sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x: |
39 |
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:::::8: |
40 |
uid:r::::::8200BD0425CC70C7D698DF3FE412044EAAB83F94::testtest: |
41 |
-sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x: |
42 |
-rev:!::1:$KEYID:$revtime::::monkeymonkey:30x: |
43 |
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:::::8: |
44 |
+rev:!::1:$KEYID:$revtime::::monkeymonkey:30x:::::8: |
45 |
EOF |
46 |
|
47 |
|
48 |
@@ -190,15 +190,15 @@ |
49 |
cat >"$TEMPDIR"/expectedout <<EOF |
50 |
pub:u:1024:1:$KEYID:$timestamp:::u:::scSC: |
51 |
uid:u::::$timestamp::E90EC72E68C6C2A0751DADC70F54F60D27B88C3D::monkeymonkey: |
52 |
-sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x: |
53 |
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:::::8: |
54 |
uid:r::::::8200BD0425CC70C7D698DF3FE412044EAAB83F94::testtest: |
55 |
-sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x: |
56 |
-rev:!::1:$KEYID:$revtime::::monkeymonkey:30x: |
57 |
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:::::8: |
58 |
+rev:!::1:$KEYID:$revtime::::monkeymonkey:30x:::::8: |
59 |
uid:u::::$timestamp::EDDC32D783E7F4C7B6982D9AE5DC4A61000648BA::baz: |
60 |
-sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x: |
61 |
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:::::8: |
62 |
pub:-:1024:1:$NEWKEYID:$(($timestamp + 1)):::-:::caCA: |
63 |
uid:-::::$(($timestamp + 1))::A0D708F51CC257DEFC01AEDE1E0A5F329DFD8F16::fubar: |
64 |
-sig:!::1:$NEWKEYID:$(($timestamp + 1))::::fubar:13x: |
65 |
+sig:!::1:$NEWKEYID:$(($timestamp + 1))::::fubar:13x:::::8: |
66 |
EOF |
67 |
|
68 |
echo "test: diff expected gpg list output" |
69 |
|
70 |
|
71 |
|
72 |
1.1 app-crypt/monkeysphere/files/monkeysphere-0.36_openpgp2ssh_sanity_check.patch |
73 |
|
74 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/monkeysphere/files/monkeysphere-0.36_openpgp2ssh_sanity_check.patch?rev=1.1&view=markup |
75 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/monkeysphere/files/monkeysphere-0.36_openpgp2ssh_sanity_check.patch?rev=1.1&content-type=text/plain |
76 |
|
77 |
Index: monkeysphere-0.36_openpgp2ssh_sanity_check.patch |
78 |
=================================================================== |
79 |
diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication |
80 |
index edc7995..2711ff2 100755 |
81 |
--- a/src/monkeysphere-authentication |
82 |
+++ b/src/monkeysphere-authentication |
83 |
@@ -84,6 +84,13 @@ gpg_sphere() { |
84 |
su_monkeysphere_user gpg --fixed-list-mode --no-greeting --quiet --no-tty "$@" |
85 |
} |
86 |
|
87 |
+check_openpgp2ssh_sanity() { |
88 |
+ if [[ `su_monkeysphere_user openpgp2ssh ABC &>/dev/null || echo $?` != "255" ]]; then |
89 |
+ echo "openpgp2ssh command gives unexpected return code. This can lead to a scenario where no authorized keys are populated, even though they are otherwise valid. Aborting!" |
90 |
+ exit 1 |
91 |
+ fi; |
92 |
+} |
93 |
+ |
94 |
# output to stdout the core fingerprint from the gpg core secret |
95 |
# keyring |
96 |
core_fingerprint() { |
97 |
@@ -163,6 +170,7 @@ case $COMMAND in |
98 |
'update-users'|'update-user'|'update'|'u') |
99 |
source "${MASHAREDIR}/setup" |
100 |
setup |
101 |
+ check_openpgp2ssh_sanity |
102 |
source "${MASHAREDIR}/update_users" |
103 |
OUTPUT_STDOUT= update_users "$@" |
104 |
;; |
105 |
@@ -171,6 +179,7 @@ case $COMMAND in |
106 |
(( $# > 0 )) || failure "Must specify user." |
107 |
source "${MASHAREDIR}/setup" |
108 |
setup |
109 |
+ check_openpgp2ssh_sanity |
110 |
source "${MASHAREDIR}/update_users" |
111 |
OUTPUT_STDOUT=true update_users "$1" |
112 |
;; |
113 |
|
114 |
|
115 |
|
116 |
1.1 app-crypt/monkeysphere/files/monkeysphere-0.36_hd_od.patch |
117 |
|
118 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/monkeysphere/files/monkeysphere-0.36_hd_od.patch?rev=1.1&view=markup |
119 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/monkeysphere/files/monkeysphere-0.36_hd_od.patch?rev=1.1&content-type=text/plain |
120 |
|
121 |
Index: monkeysphere-0.36_hd_od.patch |
122 |
=================================================================== |
123 |
diff -r 6150774ec7f4 tests/keytrans |
124 |
--- a/tests/keytrans Sun Feb 16 20:11:02 2014 +0100 |
125 |
+++ b/tests/keytrans Sun Feb 16 20:11:40 2014 +0100 |
126 |
@@ -104,8 +104,8 @@ |
127 |
<(gpg --list-packets < "$TEMPDIR"/converted.secret.key) |
128 |
|
129 |
diff -u \ |
130 |
- <(hd "$TEMPDIR"/secret.key) \ |
131 |
- <(hd "$TEMPDIR"/converted.secret.key) |
132 |
+ <(od -xc "$TEMPDIR"/secret.key) \ |
133 |
+ <(od -xc "$TEMPDIR"/converted.secret.key) |
134 |
|
135 |
KEYFPR=$(gpg --fingerprint --with-colons --list-keys | grep ^fpr | cut -f10 -d:) |
136 |
KEYID=$(printf "%s" "$KEYFPR" | cut -b25-40) |