Daniel Kahn Gillmor · Daniel Kahn Gillmor · Sunil Mohan Adapa · Daniel Kahn Gillmor · Daniel Kahn Gillmor · Sunil Mohan Adapa
--- a/COPYING
+++ b/COPYING
@@ -24,7 +24,7 @@ version 3 or later.
                    GNU GENERAL PUBLIC LICENSE
                       Version 3, 29 June 2007

- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.

@@ -668,7 +668,7 @@ the "copyright" line and a pointer to where the full notice is found.
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.

 Also add information on how to contact you by electronic and paper mail.

@@ -687,11 +687,11 @@ might be different; for a GUI interface, you would use an "about box".
  You should also get your employer (if you work as a programmer) or school,
 if any, to sign a "copyright disclaimer" for the program, if necessary.
 For more information on this, and how to apply and follow the GNU GPL, see
-<http://www.gnu.org/licenses/>.
+<https://www.gnu.org/licenses/>.

  The GNU General Public License does not permit incorporating your program
 into proprietary programs.  If your program is a subroutine library, you
 may consider it more useful to permit linking proprietary applications with
 the library.  If this is what you want to do, use the GNU Lesser General
 Public License instead of this License.  But first, please read
-<http://www.gnu.org/philosophy/why-not-lgpl.html>.
+<https://www.gnu.org/philosophy/why-not-lgpl.html>.
--- a/Changelog
+++ b/Changelog
+monkeysphere (0.43) unstable; urgency=medium
+
+  * Depend on a modern version of GnuPG (>= 2.1.11) for --export-ssh-key
+  * Depend on OpenSSH's ssh-keygen directly for most SSH fingerprints
+  * Depend on OpenSSH >= 6.0 for ed25519 and "sshd -T"
+  * Use runuser instead of su
+  * Support Ed25519 authentication-capable subkeys for users
+  * Use https for all outbound links
+  * Clean up spelling
+  * Use 3072 bits for RSA keys everywhere by default
+  * Provide clearer error message for PEM2OPENPGP_NEWKEY
+    (Closes: #906755)
+  * Avoid locking out users unnecessarily
+    (Closes: #897366)
+
+  -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Wed, 23 Jan 2019 17:42:19 -0500
+
 monkeysphere (0.42) unstable; urgency=medium

  * bugfix release:
@@ -57,11 +74,11 @@ monkeysphere (0.38) unstable; urgency=medium

 monkeysphere (0.37) unstable; urgency=medium

-  * Bugfix release with minor improvements and dependency accomodations.
+  * Bugfix release with minor improvements and dependency accommodations.
  * Test openpgp2ssh functionality (closes MS #6524)
  * use new GnuPG with-colons output
-  * accomodate changed behavior of ssh-keygen -F
-  * accomodate multiple AuthorizedKeysFile directives
+  * accommodate changed behavior of ssh-keygen -F
+  * accommodate multiple AuthorizedKeysFile directives
  * deal sanely with empty lines in authorized_user_ids (closes MS #6344)
  * treat non-standard ports properly (closes MS #3402)


--- a/Makefile
+++ b/Makefile
@@ -2,7 +2,7 @@

 # Makefile for monkeysphere

-# © 2008-2010 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+# © 2008-2019 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 # Licensed under GPL v3 or later

 MONKEYSPHERE_VERSION = `head -n1 Changelog | sed 's/.*(\([^-]*\)).*/\1/'`
@@ -38,10 +38,10 @@ debian-package:
 # don't explicitly depend on the tarball, since our tarball
 # (re)generation is not idempotent even when no source changes.
 freebsd-distinfo: 
-	./utils/build-freebsd-distinfo
+	./util/build-freebsd-distinfo

 macports-portfile:
-	./utils/build-macports-portfile
+	./util/build-macports-portfile

 clean:
 	rm -f src/agent-transfer/agent-transfer
@@ -57,7 +57,7 @@ replaced/%: %
 	-e 's:__SYSDATADIR_PREFIX__:$(LOCALSTATEDIR):'

 replaced/%.gz: replaced/%
-	gzip -n $<
+	gzip -f -n $<

 # this target is to be called from the tarball, not from the git
 # working dir!
@@ -105,13 +105,16 @@ installman: $(REPLACED_COMPRESSED_MANPAGES)
 releasenote:
 	../monkeysphere-docs/utils/build-releasenote

-test: test-keytrans test-basic
+test: test-keytrans test-basic test-ed25519

 check: test

 test-basic: src/agent-transfer/agent-transfer
 	MONKEYSPHERE_TEST_NO_EXAMINE=true ./tests/basic

+test-ed25519: src/agent-transfer/agent-transfer
+	MONKEYSPHERE_TEST_NO_EXAMINE=true MONKEYSPHERE_TEST_USE_ED25519=true ./tests/basic
+
 test-keytrans: src/agent-transfer/agent-transfer
 	MONKEYSPHERE_TEST_NO_EXAMINE=true ./tests/keytrans


--- a/README
+++ b/README
@@ -13,3 +13,15 @@ but to identify yourself and the servers you administer or connect to
 with your OpenPGP keys. OpenPGP keys are tracked via GnuPG, and
 monkeysphere manages the known_hosts and authorized_keys files used by
 OpenSSH for authentication, checking them for cryptographic validity.
+
+Dependencies
+------------
+
+Monkeysphere depends on:
+
+ * GnuPG >= 2.1.11
+ * Perl
+ * Perl's Crypt::OpenSSL::RSA module
+ * lockfile-progs or procmail's lockfile
+ * Bash
+ * OpenSSH's ssh-keygen utility (ideally >= 6.0)
--- a/debian/changelog
+++ b/debian/changelog
+monkeysphere (0.43-1) unstable; urgency=medium
+
+  * New upstream release
+
+  [ Sunil Mohan Adapa ]
+  * Improvements in TMPDIR handling (Closes: #656750, #911907)
+  * Remove shell for monkeysphere user (Closes: #901489)
+
+  [ Daniel Kahn Gillmor ]
+  * Avoid paranoid accidental lockout (Closes: #897366)
+  * Better error reporting for pem2openpgp (Closes: #906755)
+  * Bump standards-version to 4.3.0 (no changes needed)
+  * Move to debhelper 12
+  * Use https for upstream links
+  * Use https for wiki.debian.org
+  * d/control: use ${perl:Depends} for monkeysphere
+  * d/control: document versioned GnuPG dependency from upstream
+  * d/control: explicitly depend on openssh-client for ssh-keygen
+  * Note RSA and Ed25519 keys in agent-transfer description
+  * Tell debhelper where examples come from
+  * Avoid dh_missing reporting Changelog as "not installed"
+  * use dh_missing --fail-missing
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Wed, 23 Jan 2019 17:44:36 -0500
+
 monkeysphere (0.42-2) unstable; urgency=medium

  * added cpio as a requirement for the basic autopkgtest

--- a/debian/compat
+++ b/debian/compat
-11
--- a/debian/control
+++ b/debian/control
@@ -9,9 +9,9 @@ Uploaders:
 Build-Depends:
 bash (>= 3.2),
 cpio,
- debhelper (>= 11~),
+ debhelper-compat (= 12),
 dpkg-dev (>= 1.17.14),
- gnupg <!nocheck>,
+ gnupg (>= 2.1.11) <!nocheck>,
 gnupg-agent <!nocheck>,
 libassuan-dev,
 libcrypt-openssl-rsa-perl <!nocheck>,
@@ -21,8 +21,8 @@ Build-Depends:
 openssh-server <!nocheck>,
 openssl <!nocheck>,
 socat <!nocheck>,
-Standards-Version: 4.2.1
-Homepage: http://web.monkeysphere.info/
+Standards-Version: 4.3.0
+Homepage: https://web.monkeysphere.info/
 Vcs-Git: https://salsa.debian.org/pkg-privacy-team/monkeysphere.git
 Vcs-Browser: https://salsa.debian.org/pkg-privacy-team/monkeysphere
 Rules-Requires-Root: no
@@ -31,16 +31,17 @@ Package: monkeysphere
 Architecture: all
 Depends:
 adduser,
- gnupg,
+ gnupg (>= 2.1.11),
 libcrypt-openssl-rsa-perl,
 libdigest-sha-perl,
 lockfile-progs | procmail,
+ openssh-client,
 ${misc:Depends},
+ ${perl:Depends},
 Recommends:
 agent-transfer,
 cron-daemon,
 netcat-openbsd | netcat | socat,
- openssh-client,
 ssh-askpass,
 Suggests:
 monkeysphere-validation-agent,
@@ -72,10 +73,10 @@ Enhances:
 openssh-client,
 openssh-server,
 Description: copy a secret key from GnuPG's gpg-agent to OpenSSH's ssh-agent
- agent-transfer is a simple utility to extract a secret key from
- GnuPG's gpg-agent and send it to a running ssh-agent.  This is useful
- for those who prefer the runtime semantics and behavior of OpenSSH's
- ssh-agent, but whose secret keys are held in long-term storage by
- GnuPG's gpg-agent.
+ agent-transfer is a simple utility to extract a secret RSA or Ed25519
+ key from GnuPG's gpg-agent and send it to a running ssh-agent.  This
+ is useful for those who prefer the runtime semantics and behavior of
+ OpenSSH's ssh-agent, but whose secret keys are held in long-term
+ storage by GnuPG's gpg-agent.
 .
 This tool comes from the monkeysphere project.
--- a/debian/copyright
+++ b/debian/copyright
 Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Upstream-Name: Monkeysphere
-Source: http://web.monkeysphere.info/download
+Source: https://web.monkeysphere.info/download
 Upstream-Contact: Monkeysphere Developers <monkeysphere@lists.riseup.net>

 Files: *

--- a/debian/monkeysphere.examples
+++ b/debian/monkeysphere.examples
-examples/*
+usr/share/doc/monkeysphere/examples/*
--- a/debian/monkeysphere.postinst
+++ b/debian/monkeysphere.postinst
@@ -16,9 +16,11 @@ case $1 in
 	    echo "adding monkeysphere user..."
 	    adduser --quiet --system --no-create-home --group \
 		--home "$VARLIB" \
-		--shell '/bin/bash' \
 		--gecos 'monkeysphere authentication user,,,' \
 		monkeysphere
+	else
+            # this can be removed after buster is released
+	    usermod --shell /usr/sbin/nologin monkeysphere
 	fi

 	# try all available transitions:
@@ -30,7 +32,6 @@ case $1 in
 	    }
 	done

-
 	# setup monkeysphere authentication
 	monkeysphere-authentication setup
 	;;

--- a/debian/monkeysphere.postrm
+++ b/debian/monkeysphere.postrm
@@ -4,7 +4,7 @@

 # Author: Jameson Rollins <jrollins@finestructure.net>, 
 #         Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-# Copyright 2008-2014
+# Copyright 2008-2019

 set -e

@@ -22,7 +22,7 @@ case $1 in
            exit 1
        fi
 	# delete monkeysphere user
-	# http://wiki.debian.org/AccountHandlingInMaintainerScripts
+	# https://wiki.debian.org/AccountHandlingInMaintainerScripts
 	if which deluser >/dev/null 2>&1 ; then
 	    deluser --quiet --system monkeysphere > /dev/null || true
 	else

--- a/debian/not-installed
+++ b/debian/not-installed
+usr/share/doc/monkeysphere/Changelog
--- a/debian/patches/0001-Expose-sshd-logs-when-ssh-test-fails.patch
+++ b/debian/patches/0001-Expose-sshd-logs-when-ssh-test-fails.patch
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Thu, 24 Jan 2019 15:33:32 -0500
+Subject: Expose sshd logs when ssh test fails
+
+(cherry picked from commit 27a86a05d74ca8f03e574d9776c2f0efd370ed17)
+---
+ tests/basic | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/tests/basic b/tests/basic
+index 8815d69..5bf1149 100755
+--- a/tests/basic
+++ b/tests/basic
+@@ -87,6 +87,7 @@ ssh_test() {
+ 	return 0
+     else
+ 	echo "##### ssh connection test FAILED. returned: $RETURN, expected: $CODE"
+        cat "$TEMPDIR/sshd.log"
+ 	return 1
+     fi
+ }
--- a/debian/patches/0002-Ensure-that-make-test-ed25519-works-when-no-tty-is-p.patch
+++ b/debian/patches/0002-Ensure-that-make-test-ed25519-works-when-no-tty-is-p.patch
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Thu, 24 Jan 2019 16:57:26 -0500
+Subject: Ensure that "make test-ed25519" works when no tty is present
+
+(cherry picked from commit a8f4ac40bdf8d3a5331ca9b10e2c49a7af7d0e66)
+---
+ tests/basic | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tests/basic b/tests/basic
+index 5bf1149..d5c4692 100755
+--- a/tests/basic
+++ b/tests/basic
+@@ -344,7 +344,7 @@ if [ "$MONKEYSPHERE_TEST_USE_ED25519" = true ]; then
+     echo "### generating ed25519 key for testuser..."
+     # from the imported secret key
+     USER_FPR=8A4B353B4CBA6F30625498BAE00B5EEEBA79B482
+-    gpg --quick-add-key "$USER_FPR" ed25519 auth 2d
+    gpg --batch --no-tty --quick-add-key "$USER_FPR" ed25519 auth 2d
+ else
+     echo "### generating standard monkeysphere key for testuser..."
+     monkeysphere gen-subkey
--- a/debian/patches/series
+++ b/debian/patches/series
+0001-Expose-sshd-logs-when-ssh-test-fails.patch
+0002-Ensure-that-make-test-ed25519-works-when-no-tty-is-p.patch
--- a/debian/rules
+++ b/debian/rules
@@ -5,6 +5,9 @@ export DEB_BUILD_MAINT_OPTIONS = hardening=+all
 %:
 	dh $@

+override_dh_missing:
+	dh_missing --fail-missing
+
 override_dh_auto_install:
 	dh_auto_install
 	rm -f $(CURDIR)/debian/monkeysphere/usr/share/doc/monkeysphere/Changelog
--- a/debian/tests/control
+++ b/debian/tests/control
@@ -4,3 +4,6 @@ Restrictions: allow-stderr

 Test-Command: MONKEYSPHERE_TEST_USE_SYSTEM=true MONKEYSPHERE_TEST_NO_EXAMINE=true tests/basic
 Depends: @, openssh-server, openssl, socat, cpio
+
+Test-Command: MONKEYSPHERE_TEST_USE_SYSTEM=true MONKEYSPHERE_TEST_NO_EXAMINE=true MONKEYSPHERE_TEST_USE_ED25519=true tests/basic
+Depends: @, openssh-server, openssl, socat, cpio
--- a/examples/make-x509-certreqs
+++ b/examples/make-x509-certreqs
@@ -56,7 +56,7 @@ subjectAltName = $SUBJECTALTNAME
 PGPExtension = ASN1:SEQUENCE:pgp_sect

 [ pgp_sect ]
-# see http://www.alvestrand.no/objectid/submissions/1.3.6.1.4.1.3401.8.1.1.html
+# see https://www.alvestrand.no/objectid/1.3.6.1.4.1.3401.8.1.1.html
 # this is equivalent to:
 #   Version  ::=  INTEGER  {  v1(0) }
 version = INTEGER:0

--- a/man/man1/agent-transfer.1
+++ b/man/man1/agent-transfer.1
-.TH AGENT-TRANSFER "1" "May 2016" "monkeysphere" "User Commands"
+.TH AGENT-TRANSFER "1" "Jan 2019" "monkeysphere" "User Commands"

 .SH NAME

@@ -68,6 +68,11 @@ the gpg\-agent to help it figure out how to run a sensible pinentry,
 including GPG_TTY, TERM, DISPLAY, XAUTHORITY, GTK_IM_MODULE,
 DBUS_SESSION_BUS_ADDRESS, and LANG.

+.SH BUGS
+
+\fBagent-transfer\fP can only work with RSA and Ed25519 keys.  Support
+for other key types not yet implemented.  Patches welcome!
+
 .SH AUTHOR

 Written by:

--- a/man/man1/pem2openpgp.1
+++ b/man/man1/pem2openpgp.1
 .\"  -*- nroff -*-
-.Dd $Mdocdate: March 1, 2009 $
+.Dd $Mdocdate: Jan 22, 2019 $
 .Dt PEM2OPENPGP 1
 .Os
 .Sh NAME
@@ -60,7 +60,7 @@ default, no expiration subpacket is included.
 .Nm
 should ignore stdin, and instead generate a new key internally and
 build the certificate based on this new key.  Set this variable to the
-number of bits for the new key (e.g. 2048).  By default (when this is
+number of bits for the new RSA key (e.g. 3072).  By default (when this is
 unset), 
 .Nm
 will read the key from stdin.