k_f 14/07/29 12:34:22
Added: monkeysphere-0.36_tests_gnupg2.patch
monkeysphere-0.36_openpgp2ssh_sanity_check.patch
monkeysphere-0.36_hd_od.patch
Log:
Revision bump to include serveral additional patches from my development
overlay
(Portage version: 2.2.8-r1/cvs/Linux x86_64, signed Manifest commit with key
0xFC3B17DE05E136A0!)
Revision Changes Path
1.1
app-crypt/monkeysphere/files/monkeysphere-0.36_tests_gnupg2.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/monkeysphere/files/monkeysphere-0.36_tests_gnupg2.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/monkeysphere/files/monkeysphere-0.36_tests_gnupg2.patch?rev=1.1&content-type=text/plain
Index: monkeysphere-0.36_tests_gnupg2.patch
===================================================================
diff -r c13f4b11061e tests/keytrans
--- a/tests/keytrans Sun Feb 16 19:24:08 2014 +0100
+++ b/tests/keytrans Sun Feb 16 19:27:42 2014 +0100
@@ -131,9 +131,9 @@
cat >"$TEMPDIR"/expectedout <<EOF
pub:u:1024:1:$KEYID:$timestamp:::u:::scSC:
uid:u::::$timestamp::E90EC72E68C6C2A0751DADC70F54F60D27B88C3D::monkeymonkey:
-sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:::::8:
uid:u::::$timestamp::8200BD0425CC70C7D698DF3FE412044EAAB83F94::testtest:
-sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:::::8:
EOF
diff -u "$TEMPDIR"/expectedout <(gpg --check-sigs --with-colons | grep -v ^tru)
@@ -159,10 +159,10 @@
cat >"$TEMPDIR"/expectedout <<EOF
pub:u:1024:1:$KEYID:$timestamp:::u:::scSC:
uid:u::::$timestamp::E90EC72E68C6C2A0751DADC70F54F60D27B88C3D::monkeymonkey:
-sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:::::8:
uid:r::::::8200BD0425CC70C7D698DF3FE412044EAAB83F94::testtest:
-sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
-rev:!::1:$KEYID:$revtime::::monkeymonkey:30x:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:::::8:
+rev:!::1:$KEYID:$revtime::::monkeymonkey:30x:::::8:
EOF
@@ -190,15 +190,15 @@
cat >"$TEMPDIR"/expectedout <<EOF
pub:u:1024:1:$KEYID:$timestamp:::u:::scSC:
uid:u::::$timestamp::E90EC72E68C6C2A0751DADC70F54F60D27B88C3D::monkeymonkey:
-sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:::::8:
uid:r::::::8200BD0425CC70C7D698DF3FE412044EAAB83F94::testtest:
-sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
-rev:!::1:$KEYID:$revtime::::monkeymonkey:30x:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:::::8:
+rev:!::1:$KEYID:$revtime::::monkeymonkey:30x:::::8:
uid:u::::$timestamp::EDDC32D783E7F4C7B6982D9AE5DC4A61000648BA::baz:
-sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:::::8:
pub:-:1024:1:$NEWKEYID:$(($timestamp + 1)):::-:::caCA:
uid:-::::$(($timestamp + 1))::A0D708F51CC257DEFC01AEDE1E0A5F329DFD8F16::fubar:
-sig:!::1:$NEWKEYID:$(($timestamp + 1))::::fubar:13x:
+sig:!::1:$NEWKEYID:$(($timestamp + 1))::::fubar:13x:::::8:
EOF
echo "test: diff expected gpg list output"
1.1
app-crypt/monkeysphere/files/monkeysphere-0.36_openpgp2ssh_sanity_check.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/monkeysphere/files/monkeysphere-0.36_openpgp2ssh_sanity_check.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/monkeysphere/files/monkeysphere-0.36_openpgp2ssh_sanity_check.patch?rev=1.1&content-type=text/plain
Index: monkeysphere-0.36_openpgp2ssh_sanity_check.patch
===================================================================
diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication
index edc7995..2711ff2 100755
--- a/src/monkeysphere-authentication
+++ b/src/monkeysphere-authentication
@@ -84,6 +84,13 @@ gpg_sphere() {
su_monkeysphere_user gpg --fixed-list-mode --no-greeting --quiet --no-tty
"$@"
}
+check_openpgp2ssh_sanity() {
+ if [[ `su_monkeysphere_user openpgp2ssh ABC &>/dev/null || echo $?` !=
"255" ]]; then
+ echo "openpgp2ssh command gives unexpected return code. This can lead to a
scenario where no authorized keys are populated, even though they are otherwise
valid. Aborting!"
+ exit 1
+ fi;
+}
+
# output to stdout the core fingerprint from the gpg core secret
# keyring
core_fingerprint() {
@@ -163,6 +170,7 @@ case $COMMAND in
'update-users'|'update-user'|'update'|'u')
source "${MASHAREDIR}/setup"
setup
+ check_openpgp2ssh_sanity
source "${MASHAREDIR}/update_users"
OUTPUT_STDOUT= update_users "$@"
;;
@@ -171,6 +179,7 @@ case $COMMAND in
(( $# > 0 )) || failure "Must specify user."
source "${MASHAREDIR}/setup"
setup
+ check_openpgp2ssh_sanity
source "${MASHAREDIR}/update_users"
OUTPUT_STDOUT=true update_users "$1"
;;
1.1 app-crypt/monkeysphere/files/monkeysphere-0.36_hd_od.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/monkeysphere/files/monkeysphere-0.36_hd_od.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/monkeysphere/files/monkeysphere-0.36_hd_od.patch?rev=1.1&content-type=text/plain
Index: monkeysphere-0.36_hd_od.patch
===================================================================
diff -r 6150774ec7f4 tests/keytrans
--- a/tests/keytrans Sun Feb 16 20:11:02 2014 +0100
+++ b/tests/keytrans Sun Feb 16 20:11:40 2014 +0100
@@ -104,8 +104,8 @@
<(gpg --list-packets < "$TEMPDIR"/converted.secret.key)
diff -u \
- <(hd "$TEMPDIR"/secret.key) \
- <(hd "$TEMPDIR"/converted.secret.key)
+ <(od -xc "$TEMPDIR"/secret.key) \
+ <(od -xc "$TEMPDIR"/converted.secret.key)
KEYFPR=$(gpg --fingerprint --with-colons --list-keys | grep ^fpr | cut -f10
-d:)
KEYID=$(printf "%s" "$KEYFPR" | cut -b25-40)
