Hello again,
The monkeysphere package in stable suffers from an issue that makes key
revocation problematic (#607596). Fortunately, the fix is simply a two
line change to fix typos.
I would like to propose that monkeysphere be updated in a stable point
release to resolve this issue. The change has been in the monkeysphere
package for some time, long enough to now be available in wheezy as well
as backports, providing sufficient testing.
The diff below shows the change being proposed, and if the release team
approves, I can upload it to stable.
thanks!
micah
From 7e5d57f1a2cb5a05428ffca6701dc01bf7c7aeaf Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Sun, 19 Dec 2010 22:06:13 -0500
Subject: [PATCH 1/2] fix monkeysphere-host revoke-key (Closes: #607596)
---
debian/changelog | 6 ++++++
debian/patches/607596.diff | 33 +++++++++++++++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 40 insertions(+), 0 deletions(-)
create mode 100644 debian/patches/607596.diff
diff --git a/debian/changelog b/debian/changelog
index b03dff7..f150c68 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+monkeysphere (0.31-4) unstable; urgency=low
+
+ * fix monkeysphere-host revoke-key (Closes: #607596)
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 19 Dec 2010 22:04:03 -0500
+
monkeysphere (0.31-3) unstable; urgency=high
* avoid mis-escaping uids, fixes a security issue. (Closes: #600304)
diff --git a/debian/patches/607596.diff b/debian/patches/607596.diff
new file mode 100644
index 0000000..d2c525c
--- /dev/null
+++ b/debian/patches/607596.diff
@@ -0,0 +1,33 @@
+commit d37829e6c2dfdcac912a9d6e9203e62343f3dd01
+Author: Micah Anderson <micah@riseup.net>
+Date: Fri Oct 1 10:07:46 2010 -0400
+
+ fix revoke_key typo in creating temporary directory
+ fix variable specifying which key to revoke
+
+ monkeysphere-host revoke-key <key-id> would produce the following errors, this
+ commit fixes that:
+
+ Really publish this cert to zimmermann.mayfirst.org ? (Y/n) y
+ /usr/share/monkeysphere/mh/revoke_key: line 96: mkmstempdir: command not found
+ gpg: new configuration file `/root/.gnupg/gpg.conf' created
+ gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
+ gpg: "0x!" not a key ID: skipping
+
+diff --git a/src/share/mh/revoke_key b/src/share/mh/revoke_key
+index 5a013e0..9077e4c 100644
+--- a/src/share/mh/revoke_key
++++ b/src/share/mh/revoke_key
+@@ -93,10 +93,10 @@ y
+ if [ "${really/n/N}" = 'N' ] ; then
+ printf "Not publishing.\n" >&2
+ else
+- local newhome=$(mkmstempdir)
++ local newhome=$(msmktempdir)
+ GNUPGHOME="$newhome" gpg --no-tty --quiet --import < "$HOST_KEY_FILE"
+ GNUPGHOME="$newhome" gpg --no-tty --quiet --import <<< "$revcert"
+- GNUPGHOME="$newhome" gpg --keyserver "$KEYSERVER" --send "0x${HOST_FINGERPRINT}!"
++ GNUPGHOME="$newhome" gpg --keyserver "$KEYSERVER" --send "0x${keyID}!"
+ rm -rf "$newhome"
+ fi
+ fi
diff --git a/debian/patches/series b/debian/patches/series
index af8e9c7..6a5bbad 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
591118.diff
600304.diff
+607596.diff
--
1.7.5.1
From 83934a8cc953b7eee9145b212019032624abbf2d Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@riseup.net>
Date: Sun, 22 May 2011 16:12:20 -0400
Subject: [PATCH 2/2] switch suite from unstable to stable for proposed point
release update
---
debian/changelog | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index f150c68..7ee4de9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-monkeysphere (0.31-4) unstable; urgency=low
+monkeysphere (0.31-4) stable; urgency=low
* fix monkeysphere-host revoke-key (Closes: #607596)
--
1.7.5.1
--
Attachment:
pgps8ScZWvsrE.pgp
Description: PGP signature