From anarcat@lethe.koumbit.net  Mon Oct 27 02:17:17 2008
Return-Path: <anarcat@lethe.koumbit.net>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4C78B106569B
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 27 Oct 2008 02:17:17 +0000 (UTC)
	(envelope-from anarcat@lethe.koumbit.net)
Received: from lethe.koumbit.net (modemcable028.26-70-69.static.videotron.ca [69.70.26.28])
	by mx1.freebsd.org (Postfix) with ESMTP id C8DE68FC12
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 27 Oct 2008 02:17:16 +0000 (UTC)
	(envelope-from anarcat@lethe.koumbit.net)
Received: by lethe.koumbit.net (Postfix, from userid 1000)
	id 77A1A1707C; Sun, 26 Oct 2008 21:44:44 -0400 (EDT)
Message-Id: <20081027014444.77A1A1707C@lethe.koumbit.net>
Date: Sun, 26 Oct 2008 21:44:44 -0400 (EDT)
From: Antoine Beaupre <anarcat@anarcat.ath.cx>
Reply-To: Antoine Beaupre <anarcat@anarcat.ath.cx>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: New port: security/monkeysphere
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         128406
>Category:       ports
>Synopsis:       New port: security/monkeysphere
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    miwi
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Oct 27 02:20:01 UTC 2008
>Closed-Date:    Tue Mar 10 07:45:05 UTC 2009
>Last-Modified:  Tue Mar 10 07:50:01 UTC 2009
>Originator:     Antoine Beaupre
>Release:        FreeBSD 6.3-RELEASE-p1 i386
>Organization:
Koumbit
>Environment:
System: FreeBSD lethe.koumbit.net 6.3-RELEASE-p1 FreeBSD 6.3-RELEASE-p1 #1: Mon Mar 24 16:30:04 EDT 2008 anarcat@lethe.koumbit.net:/usr/obj/usr/src/sys/LETHE6 i386


>Description:

SSH key-based authentication is tried-and-true, but it lacks a true
Public Key Infrastructure for key certification, revocation and
expiration.  Monkeysphere is a framework that uses the OpenPGP web of
trust for these PKI functions.  It can be used in both directions: for
users to get validated host keys, and for hosts to authenticate users.

WWW: http://web.monkeysphere.info/

>How-To-Repeat:

>Fix:

I include the .shar for the port tree, but also the required patches to UIDs and GIDs.

# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	monkeysphere
#	monkeysphere/files
#	monkeysphere/files/patch-etclocation
#	monkeysphere/files/patch-sharelocation
#	monkeysphere/files/patch-varlocation
#	monkeysphere/distinfo
#	monkeysphere/pkg-descr
#	monkeysphere/pkg-deinstall
#	monkeysphere/pkg-install
#	monkeysphere/pkg-plist
#	monkeysphere/Makefile
#
echo c - monkeysphere
mkdir -p monkeysphere > /dev/null 2>&1
echo c - monkeysphere/files
mkdir -p monkeysphere/files > /dev/null 2>&1
echo x - monkeysphere/files/patch-etclocation
sed 's/^X//' >monkeysphere/files/patch-etclocation << 'END-of-monkeysphere/files/patch-etclocation'
Xdiff --git etc/monkeysphere-server.conf etc/monkeysphere-server.conf
Xindex c001f2d..d33fd36 100644
X--- etc/monkeysphere-server.conf
X+++ etc/monkeysphere-server.conf
X@@ -17,7 +17,7 @@
X # authorized_keys file.  '%h' will be replaced by the home directory
X # of the user, and %u will be replaced by the username of the user.
X # For purely admin-controlled authorized_user_ids, you might put them
X-# in /etc/monkeysphere/authorized_user_ids/%u
X+# in /usr/local/etc/monkeysphere/authorized_user_ids/%u
X #AUTHORIZED_USER_IDS="%h/.monkeysphere/authorized_user_ids"
X 
X # Whether to add user controlled authorized_keys file to
Xdiff --git man/man1/monkeysphere.1 man/man1/monkeysphere.1
Xindex 3ece735..09320d2 100644
X--- man/man1/monkeysphere.1
X+++ man/man1/monkeysphere.1
X@@ -111,7 +111,7 @@ Path to ssh authorized_keys file (~/.ssh/authorized_keys).
X ~/.monkeysphere/monkeysphere.conf
X User monkeysphere config file.
X .TP
X-/etc/monkeysphere/monkeysphere.conf
X+/usr/local/etc/monkeysphere/monkeysphere.conf
X System-wide monkeysphere config file.
X .TP
X ~/.monkeysphere/authorized_user_ids
Xdiff --git man/man8/monkeysphere-server.8 man/man8/monkeysphere-server.8
Xindex f207e2c..360408e 100644
X--- man/man8/monkeysphere-server.8
X+++ man/man8/monkeysphere-server.8
X@@ -203,10 +203,10 @@ User to control authentication keychain (monkeysphere).
X .SH FILES
X 
X .TP
X-/etc/monkeysphere/monkeysphere-server.conf
X+/usr/local/etc/monkeysphere/monkeysphere-server.conf
X System monkeysphere-server config file.
X .TP
X-/etc/monkeysphere/monkeysphere.conf
X+/usr/local/etc/monkeysphere/monkeysphere.conf
X System-wide monkeysphere config file.
X .TP
X /var/lib/monkeysphere/authorized_keys/USER
X--- src/common.orig	2008-10-12 14:58:00.000000000 -0400
X+++ src/common	2008-10-25 17:40:34.000000000 -0400
X@@ -16,7 +16,7 @@
X ### COMMON VARIABLES
X 
X # managed directories
X-SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/etc/monkeysphere"}
X+SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/usr/local/etc/monkeysphere"}
X export SYSCONFIGDIR
X 
X ########################################################################
END-of-monkeysphere/files/patch-etclocation
echo x - monkeysphere/files/patch-sharelocation
sed 's/^X//' >monkeysphere/files/patch-sharelocation << 'END-of-monkeysphere/files/patch-sharelocation'
X--- src/monkeysphere.orig	2008-10-12 14:58:00.000000000 -0400
X+++ src/monkeysphere	2008-10-25 17:41:41.000000000 -0400
X@@ -13,7 +13,7 @@
X ########################################################################
X PGRM=$(basename $0)
X 
X-SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
X+SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/local/share/monkeysphere"}
X export SYSSHAREDIR
X . "${SYSSHAREDIR}/common" || exit 1
X 
X--- src/monkeysphere-server.orig	2008-10-25 14:17:50.000000000 -0400
X+++ src/monkeysphere-server	2008-10-25 17:42:50.000000000 -0400
X@@ -13,7 +13,7 @@
X ########################################################################
X PGRM=$(basename $0)
X 
X-SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
X+SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/local/share/monkeysphere"}
X export SYSSHAREDIR
X . "${SYSSHAREDIR}/common" || exit 1
X 
END-of-monkeysphere/files/patch-sharelocation
echo x - monkeysphere/files/patch-varlocation
sed 's/^X//' >monkeysphere/files/patch-varlocation << 'END-of-monkeysphere/files/patch-varlocation'
Xdiff --git man/man8/monkeysphere-server.8 man/man8/monkeysphere-server.8
Xindex f207e2c..29c7b6a 100644
X--- man/man8/monkeysphere-server.8
X+++ man/man8/monkeysphere-server.8
X@@ -128,7 +128,7 @@ command to push the key to a keyserver.  You must also modify the
X sshd_config on the server to tell sshd where the new server host key
X is located:
X 
X-HostKey /var/lib/monkeysphere/ssh_host_rsa_key
X+HostKey /var/monkeysphere/ssh_host_rsa_key
X 
X In order for users logging into the system to be able to verify the
X host via the monkeysphere, at least one person (e.g. a server admin)
X@@ -170,7 +170,7 @@ users.  You must also tell sshd to look at the monkeysphere-generated
X authorized_keys file for user authentication by setting the following
X in the sshd_config:
X 
X-AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u
X+AuthorizedKeysFile /var/monkeysphere/authorized_keys/%u
X 
X It is recommended to add "monkeysphere-server update-users" to a
X system crontab, so that user keys are kept up-to-date, and key
X@@ -209,17 +209,17 @@ System monkeysphere-server config file.
X /etc/monkeysphere/monkeysphere.conf
X System-wide monkeysphere config file.
X .TP
X-/var/lib/monkeysphere/authorized_keys/USER
X+/var/monkeysphere/authorized_keys/USER
X Monkeysphere-generated user authorized_keys files.
X .TP
X-/var/lib/monkeysphere/ssh_host_rsa_key
X+/var/monkeysphere/ssh_host_rsa_key
X Copy of the host's private key in ssh format, suitable for use by
X sshd.
X .TP
X-/var/lib/monkeysphere/gnupg-host
X+/var/monkeysphere/gnupg-host
X Monkeysphere host GNUPG home directory.
X .TP
X-/var/lib/monkeysphere/gnupg-authentication
X+/var/monkeysphere/gnupg-authentication
X Monkeysphere authentication GNUPG home directory.
X 
X .SH AUTHOR
Xdiff --git doc/getting-started-admin.mdwn doc/getting-started-admin.mdwn
Xindex 6c8ad53..67fdda1 100644
X--- doc/getting-started-admin.mdwn
X+++ doc/getting-started-admin.mdwn
X@@ -30,7 +30,7 @@ To use the newly-generated host key for ssh connections, put the
X following line in `/etc/ssh/sshd_config` (be sure to remove references
X to any other keys):
X 
X-	HostKey /var/lib/monkeysphere/ssh_host_rsa_key
X+	HostKey /var/monkeysphere/ssh_host_rsa_key
X 
X FIXME: should we just suggest symlinks in the filesystem here instead?
X 
X@@ -40,7 +40,7 @@ To enable users to use the monkeysphere to authenticate using the
X OpenPGP web of trust, add this line to `/etc/ssh/sshd_config` (again,
X making sure that no other AuthorizedKeysFile directive exists):
X 
X-	AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u
X+	AuthorizedKeysFile /var/monkeysphere/authorized_keys/%u
X 
X And then read the section below about how to ensure these files are
X maintained.  You'll need to restart `sshd` to have your changes take
X--- src/monkeysphere-server.orig	2008-10-25 18:01:19.000000000 -0400
X+++ src/monkeysphere-server	2008-10-25 18:01:24.000000000 -0400
X@@ -17,7 +17,7 @@
X export SYSSHAREDIR
X . "${SYSSHAREDIR}/common" || exit 1
X 
X-SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
X+SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/monkeysphere"}
X export SYSDATADIR
X 
X # UTC date in ISO 8601 format if needed
X--- etc/gnupg-authentication.conf.orig	2008-10-25 18:02:58.000000000 -0400
X+++ etc/gnupg-authentication.conf	2008-10-25 18:03:04.000000000 -0400
X@@ -4,8 +4,8 @@
X # It is highly recommended that you
X #    DO NOT MODIFY
X # these variables.
X-primary-keyring /var/lib/monkeysphere/gnupg-authentication/pubring.gpg
X-keyring /var/lib/monkeysphere/gnupg-host/pubring.gpg
X+primary-keyring /var/monkeysphere/gnupg-authentication/pubring.gpg
X+keyring /var/monkeysphere/gnupg-host/pubring.gpg
X 
X # PGP keyserver to use for PGP queries.
X keyserver hkp://pgp.mit.edu
END-of-monkeysphere/files/patch-varlocation
echo x - monkeysphere/distinfo
sed 's/^X//' >monkeysphere/distinfo << 'END-of-monkeysphere/distinfo'
XMD5 (monkeysphere_0.16.orig.tar.gz) = 4bc223e8004e0e374bd54f0315585c49
XSHA256 (monkeysphere_0.16.orig.tar.gz) = f2dbd031315f99c82099a4a902f2240cca97536b035ef75872e72a65f324c9d7
XSIZE (monkeysphere_0.16.orig.tar.gz) = 66062
END-of-monkeysphere/distinfo
echo x - monkeysphere/pkg-descr
sed 's/^X//' >monkeysphere/pkg-descr << 'END-of-monkeysphere/pkg-descr'
XSSH key-based authentication is tried-and-true, but it lacks a true
XPublic Key Infrastructure for key certification, revocation and
Xexpiration.  Monkeysphere is a framework that uses the OpenPGP web of
Xtrust for these PKI functions.  It can be used in both directions: for
Xusers to get validated host keys, and for hosts to authenticate users.
X
XWWW: http://web.monkeysphere.info/
END-of-monkeysphere/pkg-descr
echo x - monkeysphere/pkg-deinstall
sed 's/^X//' >monkeysphere/pkg-deinstall << 'END-of-monkeysphere/pkg-deinstall'
X#!/bin/sh
X
X# a package removal script for monkeysphere (borrowing from
X# monkeysphere's debian/monkeysphere.postrm)
X
X# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
X# Copyright 2008
X
X# FIXME: is /var/lib/monkeysphere the right place for this stuff on
X# FreeBSD?
XVARLIB="/var/monkeysphere"
X
X
Xcase $2 in
XPOST-DEINSTALL)
X        USER=monkeysphere
X# FIXME: This doesn't do anything!  Under what circumstances do we
X# want to actually automatically purge all of /var/monkeysphere?
X
X# (note: FreeBSD does not seem to want the package-specific user to be
X# purged at package removal)
X	if pw user show "${USER}" 2>/dev/null >/dev/null; then
X	    echo "Warning: If you will *NOT* use this package anymore, please remove the monkeysphere user manually."
X	fi
X	if [ -d "$VARLIB" ] ; then
X	    echo "Warning: You may want to remove monkeysphere's cached authentication data and keyrings in $VARLIB"
X	fi
X;;
Xesac
END-of-monkeysphere/pkg-deinstall
echo x - monkeysphere/pkg-install
sed 's/^X//' >monkeysphere/pkg-install << 'END-of-monkeysphere/pkg-install'
X#!/bin/sh
X
X# an installation script for monkeysphere (borrowing liberally from
X# postgresql and mysql pkg-install scripts, and from monkeysphere's
X# debian/monkeysphere.postinst)
X
X# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
X# Copyright 2008
X
X# FIXME: is /var/lib/monkeysphere the right place for this stuff on
X# FreeBSD?
X
X# PostgreSQL puts its data in /usr/local/pgsql/data
X
X# MySQL puts its data in /var/db/mysql
X
XVARLIB="/var/monkeysphere"
X
Xcase $2 in
XPOST-INSTALL)
X        USER=monkeysphere
X        GROUP=${USER}
X        UID=641
X        GID=${UID}
X        SHELL=/usr/local/bin/bash
X
X        if pw group show "${GROUP}" >/dev/null 2>&1; then
X                echo "You already have a group \"${GROUP}\", so I will use it."
X        else
X                if pw groupadd ${GROUP} -g ${GID}; then
X                        echo "Added group \"${GROUP}\"."
X                else
X                        echo "Adding group \"${GROUP}\" failed..."
X                        exit 1
X                fi
X        fi
X
X        if pw user show "${USER}" >/dev/null 2>&1; then
X            oldshell=`pw user show "${USER}" 2>/dev/null | cut -f10 -d:`
X	    if [ x"$oldshell" != x"$SHELL" ]; then
X		echo "You already have a \"${USER}\" user, but its shell is '$oldshell'."
X		echo "This package requires that \"${USER}\"'s shell be '$SHELL'."
X		echo "You should fix this by hand and then re-install the package."
X		echo "   hint: pw usermod '$USER' -s '$SHELL'"
X		exit 1
X	    fi
X            echo "You already have a user \"${USER}\" with the proper shell, so I will use it."
X        else
X                if pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \
X                        -d "$VARLIB" -s /usr/local/bin/bash -c "monkeysphere authentication user,,,"
X                then
X                        echo "Added user \"${USER}\"."
X                else
X                        echo "Adding user \"${USER}\" failed..."
X                        exit 1
X                fi
X        fi
X
X	## set up the cache directories:
X
X	install -d -o root -g monkeysphere -m 750 "$VARLIB"/gnupg-host
X	cat <<EOF > "$VARLIB"/gnupg-host/gpg.conf
Xlist-options show-uid-validity
XEOF
X
X	install -d -o monkeysphere -g monkeysphere -m 700 "$VARLIB"/gnupg-authentication
X# install authentication gpg.conf
X	cat <<EOF > "$VARLIB"/gnupg-authentication/gpg.conf
Xlist-options show-uid-validity
Xprimary-keyring $VARLIB/gnupg-authentication/pubring.gpg
Xkeyring $VARLIB/gnupg-host/pubring.gpg
XEOF
X	chown monkeysphere:monkeysphere "$VARLIB"/gnupg-authentication/gpg.conf
X
X	monkeysphere-server diagnostics
X        ;;
Xesac
END-of-monkeysphere/pkg-install
echo x - monkeysphere/pkg-plist
sed 's/^X//' >monkeysphere/pkg-plist << 'END-of-monkeysphere/pkg-plist'
Xsbin/monkeysphere-server
Xshare/doc/monkeysphere/TODO
Xshare/doc/monkeysphere/MonkeySpec
Xshare/doc/monkeysphere/getting-started-user.mdwn
Xshare/doc/monkeysphere/getting-started-admin.mdwn
Xbin/openpgp2ssh
Xbin/monkeysphere-ssh-proxycommand
Xbin/monkeysphere
Xshare/monkeysphere/common
X@unexec if cmp -s %D/etc/monkeysphere/monkeysphere.conf.sample %D/etc/monkeysphere/monkeysphere.conf; then rm -f %D/etc/monkeysphere/monkeysphere.conf; fi
Xetc/monkeysphere/monkeysphere.conf.sample
X@exec if [ ! -f %D/etc/monkeysphere/monkeysphere.conf ] ; then cp -p %D/%F %B/monkeysphere.conf; fi
X@unexec if cmp -s %D/etc/monkeysphere/monkeysphere-server.conf.sample %D/etc/monkeysphere/monkeysphere-server.conf; then rm -f %D/etc/monkeysphere/monkeysphere-server.conf; fi
Xetc/monkeysphere/monkeysphere-server.conf.sample
X@exec if [ ! -f %D/etc/monkeysphere/monkeysphere-server.conf ] ; then cp -p %D/%F %B/monkeysphere-server.conf; fi
X@dirrm share/doc/monkeysphere
X@dirrm share/monkeysphere
X@dirrm etc/monkeysphere
END-of-monkeysphere/pkg-plist
echo x - monkeysphere/Makefile
sed 's/^X//' >monkeysphere/Makefile << 'END-of-monkeysphere/Makefile'
X# New ports collection makefile for:   monkeysphere
X# Date created:        2008-09-11 23:38:27-0400
X# Whom:                Daniel Kahn Gillmor <dkg@fifthhorseman.net>
X#
X# $FreeBSD$
X#
X
XPORTNAME=      monkeysphere
XPORTVERSION=   0.16
XCATEGORIES=    security
XMASTER_SITES=  http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/
X# hack for debian orig tarballs
XDISTFILES=      ${PORTNAME}_${DISTVERSION}.orig.tar.gz
X
XMAINTAINER=    anarcat@anarcat.ath.cx
XCOMMENT=       use the OpenPGP web of trust to verify ssh connections
X
XLIB_DEPENDS=	gnutls.26:${PORTSDIR}/security/gnutls
XRUN_DEPENDS=    base64:${PORTSDIR}/converters/base64 \
X		gpg:${PORTSDIR}/security/gnupg \
X		lockfile:${PORTSDIR}/mail/procmail \
X		/usr/local/bin/getopt:${PORTSDIR}/misc/getopt \
X		bash:${PORTSDIR}/shells/bash
X
XMAN1=		monkeysphere.1 openpgp2ssh.1 monkeysphere-ssh-proxycommand.1
XMAN7=		monkeysphere.7
XMAN8=		monkeysphere-server.8
XMANCOMPRESSED= yes
X
XMAKE_ARGS= ETCPREFIX=${PREFIX} MANPREFIX=${PREFIX}/man ETCSUFFIX=.sample
X
X# get rid of cruft after the patching:
Xpost-patch:
X	find . -iname '*.orig' -delete
X
Xpost-install:
X	@if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere.conf ]; then \
X		${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere.conf.sample ${PREFIX}/etc/monkeysphere/monkeysphere.conf ; \
X	fi
X	@if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf ]; then \
X		${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf.sample ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf ; \
X	fi
X.if !defined(PACKAGE_BUILDING)
X	@${SETENV} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
X.endif
X
Xpost-deinstall:
X	@${SETENV} ${SH} ${PKGDEINSTALL} ${PKGNAME} POST-DEINSTALL
X
X.include <bsd.port.mk>
END-of-monkeysphere/Makefile
exit


--- /usr/ports/UIDs	2008-09-10 20:30:08.000000000 -0400
+++ UIDs	2008-10-26 21:00:36.000000000 -0400
@@ -132,6 +132,7 @@
 pulse:*:563:563::0:0:PulseAudio System User:/nonexistent:/usr/sbin/nologin
 _xsi:*:600:600::0:0:XMLSysInfo User:/nonexistent:/usr/sbin/nologin
 _pla:*:636:80::0:0:phpLDAPAdmin Owner:/nonexistent:/usr/sbin/nologin
+monkeysphere:*:641:641:monkeysphere authentication user,,,:/var/monkeysphere:/usr/local/bin/bash
 bnetd:*:700:700::0:0:Bnetd user:/nonexistent:/usr/sbin/nologin
 bopm:*:717:717::0:0:Blitzed Open Proxy Monitor:/nonexistent:/bin/sh
 openxpki:*:777:777::0:0:OpenXPKI Owner:/nonexistent:/usr/sbin/nologin


--- /usr/ports/GIDs	2008-09-08 16:09:59.000000000 -0400
+++ GIDs	2008-10-26 21:00:51.000000000 -0400
@@ -121,6 +121,7 @@
 pulse:*:563:
 pulse-access:*:564:
 _xsi:*:600:
+monkeysphere:*:641:
 bnetd:*:700:
 bopm:*:717:
 openxpki:*:777:
>Release-Note:
>Audit-Trail:

From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: bug-followup@FreeBSD.org, anarcat@anarcat.ath.cx
Cc:  
Subject: Re: ports/128406 New port: security/monkeysphere
Date: Thu, 30 Oct 2008 17:46:57 -0400

 --==-=-=
 Content-Type: multipart/mixed; boundary="=-=-="
 
 --=-=-=
 
 I've talked with Antoine, and i'm up for taking over the FreeBSD port
 of monkeysphere from him, since i'm more heavily involved with the
 upstream development at the moment.  He seems OK with that.
 
 Attached is an updated shar file for version 0.19 of the port, which
 works for me on a FreeBSD system installed from 7.1-BETA2.
 
 Antoine's original patches for UID and GID are still relevant, too.
 
 Let me know if there's anything else i should do to help get this into
 the ports tree once the freeze ends.
 
 Regards,
 
         --dkg
 
 
 --=-=-=
 Content-Type: text/x-sh
 Content-Disposition: inline; filename=shar-2.sh
 Content-Transfer-Encoding: quoted-printable
 Content-Description: FreeBSD port for monkeysphere, version 0.19
 
 # This is a shell archive.  Save it in a file, remove anything before
 # this line, and then unpack it by entering "sh file".  Note, it may
 # create directories; files and directories will be owned by you and
 # have default permissions.
 #
 # This archive contains:
 #
 #	monkeysphere
 #	monkeysphere/files
 #	monkeysphere/files/patch-etclocation
 #	monkeysphere/files/patch-sharelocation
 #	monkeysphere/files/patch-varlocation
 #	monkeysphere/distinfo
 #	monkeysphere/Makefile
 #	monkeysphere/pkg-descr
 #	monkeysphere/pkg-install
 #	monkeysphere/pkg-plist
 #	monkeysphere/pkg-deinstall
 #
 echo c - monkeysphere
 mkdir -p monkeysphere > /dev/null 2>&1
 echo c - monkeysphere/files
 mkdir -p monkeysphere/files > /dev/null 2>&1
 echo x - monkeysphere/files/patch-etclocation
 sed 's/^X//' >monkeysphere/files/patch-etclocation << 'a2c685c81926e342cb0d=
 6b8121cc2ec3'
 Xdiff --git etc/monkeysphere-server.conf etc/monkeysphere-server.conf
 Xindex c001f2d..d33fd36 100644
 X--- etc/monkeysphere-server.conf
 X+++ etc/monkeysphere-server.conf
 X@@ -17,7 +17,7 @@
 X # authorized_keys file.  '%h' will be replaced by the home directory
 X # of the user, and %u will be replaced by the username of the user.
 X # For purely admin-controlled authorized_user_ids, you might put them
 X-# in /etc/monkeysphere/authorized_user_ids/%u, for instance.
 X+# in /usr/local/etc/monkeysphere/authorized_user_ids/%u, for instance.
 X #AUTHORIZED_USER_IDS=3D"%h/.monkeysphere/authorized_user_ids"
 X=20
 X # Whether to add user controlled authorized_keys file to
 Xdiff --git man/man1/monkeysphere.1 man/man1/monkeysphere.1
 Xindex 3ece735..09320d2 100644
 X--- man/man1/monkeysphere.1
 X+++ man/man1/monkeysphere.1
 X@@ -111,7 +111,7 @@ Path to ssh authorized_keys file (~/.ssh/authorized_ke=
 ys).
 X ~/.monkeysphere/monkeysphere.conf
 X User monkeysphere config file.
 X .TP
 X-/etc/monkeysphere/monkeysphere.conf
 X+/usr/local/etc/monkeysphere/monkeysphere.conf
 X System-wide monkeysphere config file.
 X .TP
 X ~/.monkeysphere/authorized_user_ids
 Xdiff --git man/man8/monkeysphere-server.8 man/man8/monkeysphere-server.8
 Xindex f207e2c..360408e 100644
 X--- man/man8/monkeysphere-server.8
 X+++ man/man8/monkeysphere-server.8
 X@@ -203,10 +203,10 @@ User to control authentication keychain (monkeyspher=
 e).
 X .SH FILES
 X=20
 X .TP
 X-/etc/monkeysphere/monkeysphere-server.conf
 X+/usr/local/etc/monkeysphere/monkeysphere-server.conf
 X System monkeysphere-server config file.
 X .TP
 X-/etc/monkeysphere/monkeysphere.conf
 X+/usr/local/etc/monkeysphere/monkeysphere.conf
 X System-wide monkeysphere config file.
 X .TP
 X /var/lib/monkeysphere/authorized_keys/USER
 X--- src/common.orig	2008-10-12 14:58:00.000000000 -0400
 X+++ src/common	2008-10-25 17:40:34.000000000 -0400
 X@@ -16,7 +16,7 @@
 X ### COMMON VARIABLES
 X=20
 X # managed directories
 X-SYSCONFIGDIR=3D${MONKEYSPHERE_SYSCONFIGDIR:-"/etc/monkeysphere"}
 X+SYSCONFIGDIR=3D${MONKEYSPHERE_SYSCONFIGDIR:-"/usr/local/etc/monkeysphere"}
 X export SYSCONFIGDIR
 X=20
 X ########################################################################
 a2c685c81926e342cb0d6b8121cc2ec3
 echo x - monkeysphere/files/patch-sharelocation
 sed 's/^X//' >monkeysphere/files/patch-sharelocation << 'e58f45ef49fc61a719=
 435bf0960663ac'
 X--- src/monkeysphere.orig	2008-10-12 14:58:00.000000000 -0400
 X+++ src/monkeysphere	2008-10-25 17:41:41.000000000 -0400
 X@@ -13,7 +13,7 @@
 X ########################################################################
 X PGRM=3D$(basename $0)
 X=20
 X-SYSSHAREDIR=3D${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
 X+SYSSHAREDIR=3D${MONKEYSPHERE_SYSSHAREDIR:-"/usr/local/share/monkeysphere"}
 X export SYSSHAREDIR
 X . "${SYSSHAREDIR}/common" || exit 1
 X=20
 X--- src/monkeysphere-server.orig	2008-10-25 14:17:50.000000000 -0400
 X+++ src/monkeysphere-server	2008-10-25 17:42:50.000000000 -0400
 X@@ -13,7 +13,7 @@
 X ########################################################################
 X PGRM=3D$(basename $0)
 X=20
 X-SYSSHAREDIR=3D${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
 X+SYSSHAREDIR=3D${MONKEYSPHERE_SYSSHAREDIR:-"/usr/local/share/monkeysphere"}
 X export SYSSHAREDIR
 X . "${SYSSHAREDIR}/common" || exit 1
 X=20
 e58f45ef49fc61a719435bf0960663ac
 echo x - monkeysphere/files/patch-varlocation
 sed 's/^X//' >monkeysphere/files/patch-varlocation << '9c7c05c03adccce0ba37=
 a96ac1ed8b05'
 Xdiff --git man/man8/monkeysphere-server.8 man/man8/monkeysphere-server.8
 Xindex f207e2c..29c7b6a 100644
 X--- man/man8/monkeysphere-server.8
 X+++ man/man8/monkeysphere-server.8
 X@@ -128,7 +128,7 @@ command to push the key to a keyserver.  You must also=
  modify the
 X sshd_config on the server to tell sshd where the new server host key
 X is located:
 X=20
 X-HostKey /var/lib/monkeysphere/ssh_host_rsa_key
 X+HostKey /var/monkeysphere/ssh_host_rsa_key
 X=20
 X In order for users logging into the system to be able to verify the
 X host via the monkeysphere, at least one person (e.g. a server admin)
 X@@ -170,7 +170,7 @@ users.  You must also tell sshd to look at the monkeys=
 phere-generated
 X authorized_keys file for user authentication by setting the following
 X in the sshd_config:
 X=20
 X-AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u
 X+AuthorizedKeysFile /var/monkeysphere/authorized_keys/%u
 X=20
 X It is recommended to add "monkeysphere-server update-users" to a
 X system crontab, so that user keys are kept up-to-date, and key
 X@@ -209,17 +209,17 @@ System monkeysphere-server config file.
 X /etc/monkeysphere/monkeysphere.conf
 X System-wide monkeysphere config file.
 X .TP
 X-/var/lib/monkeysphere/authorized_keys/USER
 X+/var/monkeysphere/authorized_keys/USER
 X Monkeysphere-generated user authorized_keys files.
 X .TP
 X-/var/lib/monkeysphere/ssh_host_rsa_key
 X+/var/monkeysphere/ssh_host_rsa_key
 X Copy of the host's private key in ssh format, suitable for use by
 X sshd.
 X .TP
 X-/var/lib/monkeysphere/gnupg-host
 X+/var/monkeysphere/gnupg-host
 X Monkeysphere host GNUPG home directory.
 X .TP
 X-/var/lib/monkeysphere/gnupg-authentication
 X+/var/monkeysphere/gnupg-authentication
 X Monkeysphere authentication GNUPG home directory.
 X=20
 X .SH AUTHOR
 Xdiff --git doc/getting-started-admin.mdwn doc/getting-started-admin.mdwn
 Xindex 6c8ad53..67fdda1 100644
 X--- doc/getting-started-admin.mdwn
 X+++ doc/getting-started-admin.mdwn
 X@@ -30,7 +30,7 @@ To use the newly-generated host key for ssh connections,=
  put the
 X following line in `/etc/ssh/sshd_config` (be sure to remove references
 X to any other keys):
 X=20
 X-	HostKey /var/lib/monkeysphere/ssh_host_rsa_key
 X+	HostKey /var/monkeysphere/ssh_host_rsa_key
 X=20
 X FIXME: should we just suggest symlinks in the filesystem here instead?
 X=20
 X@@ -40,7 +40,7 @@ To enable users to use the monkeysphere to authenticate =
 using the
 X OpenPGP web of trust, add this line to `/etc/ssh/sshd_config` (again,
 X making sure that no other AuthorizedKeysFile directive exists):
 X=20
 X-	AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u
 X+	AuthorizedKeysFile /var/monkeysphere/authorized_keys/%u
 X=20
 X And then read the section below about how to ensure these files are
 X maintained.  You'll need to restart `sshd` to have your changes take
 X--- src/monkeysphere-server.orig	2008-10-25 18:01:19.000000000 -0400
 X+++ src/monkeysphere-server	2008-10-25 18:01:24.000000000 -0400
 X@@ -17,7 +17,7 @@
 X export SYSSHAREDIR
 X . "${SYSSHAREDIR}/common" || exit 1
 X=20
 X-SYSDATADIR=3D${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
 X+SYSDATADIR=3D${MONKEYSPHERE_SYSDATADIR:-"/var/monkeysphere"}
 X export SYSDATADIR
 X=20
 X # UTC date in ISO 8601 format if needed
 X--- etc/gnupg-authentication.conf.orig	2008-10-25 18:02:58.000000000 -0400
 X+++ etc/gnupg-authentication.conf	2008-10-25 18:03:04.000000000 -0400
 X@@ -4,8 +4,8 @@
 X # It is highly recommended that you
 X #    DO NOT MODIFY
 X # these variables.
 X-primary-keyring /var/lib/monkeysphere/gnupg-authentication/pubring.gpg
 X-keyring /var/lib/monkeysphere/gnupg-host/pubring.gpg
 X+primary-keyring /var/monkeysphere/gnupg-authentication/pubring.gpg
 X+keyring /var/monkeysphere/gnupg-host/pubring.gpg
 X=20
 X # PGP keyserver to use for PGP queries.
 X keyserver hkp://pgp.mit.edu
 9c7c05c03adccce0ba37a96ac1ed8b05
 echo x - monkeysphere/distinfo
 sed 's/^X//' >monkeysphere/distinfo << '32dba0505f502eb959b288b6ab212b72'
 XMD5 (monkeysphere_0.19.orig.tar.gz) =3D 64c643dd0ab642bbc8814aec1718000e
 XSHA256 (monkeysphere_0.19.orig.tar.gz) =3D 321b77c1e10fe48ffbef8491893f5dd=
 22842c35c11464efa7893150ce756a522
 XSIZE (monkeysphere_0.19.orig.tar.gz) =3D 68335
 32dba0505f502eb959b288b6ab212b72
 echo x - monkeysphere/Makefile
 sed 's/^X//' >monkeysphere/Makefile << 'e6b49990150f96b526ac42696550a8a5'
 X# New ports collection makefile for:   monkeysphere
 X# Date created:        2008-09-11 23:38:27-0400
 X# Whom:                Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 X#
 X# $FreeBSD$
 X#
 X
 XPORTNAME=3D      monkeysphere
 XPORTVERSION=3D   0.19
 XCATEGORIES=3D    security
 XMASTER_SITES=3D  http://archive.monkeysphere.info/debian/pool/monkeysphere=
 /m/monkeysphere/
 X# hack for debian orig tarballs
 XDISTFILES=3D      ${PORTNAME}_${DISTVERSION}.orig.tar.gz
 X
 XMAINTAINER=3D    dkg@fifthhorseman.net
 XCOMMENT=3D       use the OpenPGP web of trust to verify ssh connections
 X
 XLIB_DEPENDS=3D	gnutls.26:${PORTSDIR}/security/gnutls
 XRUN_DEPENDS=3D    base64:${PORTSDIR}/converters/base64 \
 X		gpg:${PORTSDIR}/security/gnupg1 \
 X		lockfile:${PORTSDIR}/mail/procmail \
 X		/usr/local/bin/getopt:${PORTSDIR}/misc/getopt \
 X		bash:${PORTSDIR}/shells/bash
 X
 XMAN1=3D		monkeysphere.1 openpgp2ssh.1 monkeysphere-ssh-proxycommand.1
 XMAN7=3D		monkeysphere.7
 XMAN8=3D		monkeysphere-server.8
 XMANCOMPRESSED=3D yes
 X
 XMAKE_ARGS=3D ETCPREFIX=3D${PREFIX} MANPREFIX=3D${PREFIX}/man ETCSUFFIX=3D.=
 sample
 X
 X# get rid of cruft after the patching:
 Xpost-patch:
 X	find . -iname '*.orig' -delete
 X
 Xpost-install:
 X	@if [ ! -f ${PREFIX}/etc/monkeysphere/gnupg-host.conf ]; then \
 X		${CP} -p ${PREFIX}/etc/monkeysphere/gnupg-host.conf.sample ${PREFIX}/etc=
 /monkeysphere/gnupg-host.conf ; \
 X	fi
 X	@if [ ! -f ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf ]; then \
 X		${CP} -p ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf.sample ${P=
 REFIX}/etc/monkeysphere/gnupg-authentication.conf ; \
 X	fi
 X	@if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere.conf ]; then \
 X		${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere.conf.sample ${PREFIX}/e=
 tc/monkeysphere/monkeysphere.conf ; \
 X	fi
 X	@if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf ]; then \
 X		${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf.sample ${PR=
 EFIX}/etc/monkeysphere/monkeysphere-server.conf ; \
 X	fi
 X.if !defined(PACKAGE_BUILDING)
 X	@${SETENV} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
 X.endif
 X
 Xpost-deinstall:
 X	@${SETENV} ${SH} ${PKGDEINSTALL} ${PKGNAME} POST-DEINSTALL
 X
 X.include <bsd.port.mk>
 e6b49990150f96b526ac42696550a8a5
 echo x - monkeysphere/pkg-descr
 sed 's/^X//' >monkeysphere/pkg-descr << 'b56f21cd6b5644dc1076afa644be514b'
 XSSH key-based authentication is tried-and-true, but it lacks a true
 XPublic Key Infrastructure for key certification, revocation and
 Xexpiration.  Monkeysphere is a framework that uses the OpenPGP web of
 Xtrust for these PKI functions.  It can be used in both directions: for
 Xusers to get validated host keys, and for hosts to authenticate users.
 X
 XWWW: http://web.monkeysphere.info/
 b56f21cd6b5644dc1076afa644be514b
 echo x - monkeysphere/pkg-install
 sed 's/^X//' >monkeysphere/pkg-install << '063e2436db8337e6d9141e8f388ca4b0'
 X#!/bin/sh
 X
 X# an installation script for monkeysphere (borrowing liberally from
 X# postgresql and mysql pkg-install scripts, and from monkeysphere's
 X# debian/monkeysphere.postinst)
 X
 X# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 X# Copyright 2008
 X
 X# FIXME: is /var/lib/monkeysphere the right place for this stuff on
 X# FreeBSD?
 X
 X# PostgreSQL puts its data in /usr/local/pgsql/data
 X
 X# MySQL puts its data in /var/db/mysql
 X
 XVARLIB=3D"/var/monkeysphere"
 XETCDIR=3D"/usr/local/etc/monkeysphere"
 X
 Xcase $2 in
 XPOST-INSTALL)
 X        USER=3Dmonkeysphere
 X        GROUP=3D${USER}
 X        UID=3D641
 X        GID=3D${UID}
 X        SHELL=3D/usr/local/bin/bash
 X
 X        if pw group show "${GROUP}" >/dev/null 2>&1; then
 X                echo "You already have a group \"${GROUP}\", so I will use=
  it."
 X        else
 X                if pw groupadd ${GROUP} -g ${GID}; then
 X                        echo "Added group \"${GROUP}\"."
 X                else
 X                        echo "Adding group \"${GROUP}\" failed..."
 X                        exit 1
 X                fi
 X        fi
 X
 X	if pw user show "${USER}" >/dev/null 2>&1; then
 X            oldshell=3D`pw user show "${USER}" 2>/dev/null | cut -f10 -d:`
 X	    if [ x"$oldshell" !=3D x"$SHELL" ]; then
 X		echo "You already have a \"${USER}\" user, but its shell is '$oldshell'."
 X		echo "This package requires that \"${USER}\"'s shell be '$SHELL'."
 X		echo "You should fix this by hand and then re-install the package."
 X		echo "   hint: pw usermod '$USER' -s '$SHELL'"
 X		exit 1
 X	    fi
 X            echo "You already have a user \"${USER}\" with the proper shel=
 l, so I will use it."
 X        else
 X                if pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \
 X                        -d "$VARLIB" -s /usr/local/bin/bash -c "monkeysphe=
 re authentication user,,,"
 X                then
 X                        echo "Added user \"${USER}\"."
 X                else
 X                        echo "Adding user \"${USER}\" failed..."
 X                        exit 1
 X                fi
 X        fi
 X
 X	## set up the cache directories, and link them to the config files:
 X
 X	install -d -o root -g monkeysphere -m 750 "$VARLIB"/gnupg-host
 X	ln -sf "$ETCDIR"/gnupg-host.conf  "$VARLIB"/gnupg-host/gpg.conf
 X
 X	install -d -o monkeysphere -g monkeysphere -m 700 "$VARLIB"/gnupg-authent=
 ication
 X	ln -sf "$ETCDIR"/gnupg-authentication.conf  "$VARLIB"/gnupg-authenticatio=
 n/gpg.conf
 X
 X	chown monkeysphere:monkeysphere "$VARLIB"/gnupg-authentication/gpg.conf
 X
 X	monkeysphere-server diagnostics
 X        ;;
 Xesac
 063e2436db8337e6d9141e8f388ca4b0
 echo x - monkeysphere/pkg-plist
 sed 's/^X//' >monkeysphere/pkg-plist << '69e1e9d8bd1ff3c1846b4c7eb779393e'
 Xsbin/monkeysphere-server
 Xshare/doc/monkeysphere/TODO
 Xshare/doc/monkeysphere/MonkeySpec
 Xshare/doc/monkeysphere/getting-started-user.mdwn
 Xshare/doc/monkeysphere/getting-started-admin.mdwn
 Xbin/openpgp2ssh
 Xbin/monkeysphere-ssh-proxycommand
 Xbin/monkeysphere
 Xshare/monkeysphere/common
 X@unexec if cmp -s %D/etc/monkeysphere/monkeysphere.conf.sample %D/etc/monk=
 eysphere/monkeysphere.conf; then rm -f %D/etc/monkeysphere/monkeysphere.con=
 f; fi
 Xetc/monkeysphere/monkeysphere.conf.sample
 X@exec if [ ! -f %D/etc/monkeysphere/monkeysphere.conf ] ; then cp -p %D/%F=
  %B/monkeysphere.conf; fi
 X@unexec if cmp -s %D/etc/monkeysphere/monkeysphere-server.conf.sample %D/e=
 tc/monkeysphere/monkeysphere-server.conf; then rm -f %D/etc/monkeysphere/mo=
 nkeysphere-server.conf; fi
 Xetc/monkeysphere/monkeysphere-server.conf.sample
 X@exec if [ ! -f %D/etc/monkeysphere/monkeysphere-server.conf ] ; then cp -=
 p %D/%F %B/monkeysphere-server.conf; fi
 X@dirrm share/doc/monkeysphere
 X@dirrm share/monkeysphere
 X@dirrm etc/monkeysphere
 69e1e9d8bd1ff3c1846b4c7eb779393e
 echo x - monkeysphere/pkg-deinstall
 sed 's/^X//' >monkeysphere/pkg-deinstall << 'f331c3c6e289e2ef8efd846de3f3ad=
 6f'
 X#!/bin/sh
 X
 X# a package removal script for monkeysphere (borrowing from
 X# monkeysphere's debian/monkeysphere.postrm)
 X
 X# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 X# Copyright 2008
 X
 X# FIXME: is /var/lib/monkeysphere the right place for this stuff on
 X# FreeBSD?
 XVARLIB=3D"/var/monkeysphere"
 X
 X
 Xcase $2 in
 XPOST-DEINSTALL)
 X        USER=3Dmonkeysphere
 X# FIXME: This doesn't do anything!  Under what circumstances do we
 X# want to actually automatically purge all of /var/monkeysphere?
 X
 X# (note: FreeBSD does not seem to want the package-specific user to be
 X# purged at package removal)
 X	if pw user show "${USER}" 2>/dev/null >/dev/null; then
 X	    echo "Warning: If you will *NOT* use this package anymore, please rem=
 ove the monkeysphere user manually."
 X	fi
 X	if [ -d "$VARLIB" ] ; then
 X	    echo "Warning: You may want to remove monkeysphere's cached authentic=
 ation data and keyrings in $VARLIB"
 X	fi
 X;;
 Xesac
 f331c3c6e289e2ef8efd846de3f3ad6f
 exit
 
 
 --=-=-=--
 
 --==-=-=
 Content-Type: application/pgp-signature
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.9 (GNU/Linux)
 
 iQIVAwUBSQorUczS7ZTSFznpAQJXEg/+MVM+EiCCMyzew4XL8mjq9XfzICneb0It
 +1aoon4l6m5yvOD3txXv8OBe5YpcBKWJ8Nwjl9gmTnutGl+CTHXun3kC0Ssn9NcH
 vs6k6dKNT+Eo+THKf2aVqbKkzkhUIK5yTPe9S7fGR3DImUOxFhPqzHA/smKHXuN9
 HaGISsqUFo9VaPSulrLtYY5TMqBJAXgrIW/7ljM9gS7Y+n7DNy1LkC/4RC9dMtdy
 WygAioIkFMK44u7ZWjN025KJgPCZ1t7JvetIUbj6xMb87taM64zHICGwmTgu4bo2
 s3oA8Iewf4QIRqAG7LdoD2mUUtqMUFEnoAJaQqfv17xtNJM3FF1yt347HtRc3DzP
 0IK5bNXg/eGtFpOysTEAPXOmq8P9eOzR2wY7InU3nERuBYADVdqh2ZWzMPDoUXTD
 G4mpVDvx1VhpDOFUsYzjJ4Qj1d23AiSJlRvoKIbylRAv9I3vUJFGbIxBgTvKm3PA
 u3D5Z/n9RDzFrdn4YkGJgFqD5H7QGuAHtek6UG+5EqmjCoMNUajCCTHIyiHGpLCD
 ll5i44sBY0hB7V2EVlzr3gW1Y2Uh7pBvWqnBFVMJ/KNzD61pJZnyEVP2Xy0XTNb6
 tBnZxc9aWmxANizE9z7Tb+XQ9LjKtoXie41PGausVxJFdpB57aNGvIxtaV3wzBtS
 YHKuShdTTcw=
 =UmxN
 -----END PGP SIGNATURE-----
 --==-=-=--

From: The Anarcat <anarcat@anarcat.ath.cx>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Cc: bug-followup@FreeBSD.org
Subject: Re: ports/128406 New port: security/monkeysphere
Date: Thu, 30 Oct 2008 21:40:39 -0400

 --6lCXDTVICvIQMz0h
 Content-Type: text/plain; charset=utf-8
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 On Thu, Oct 30, 2008 at 05:46:57PM -0400, Daniel Kahn Gillmor wrote:
 > I've talked with Antoine, and i'm up for taking over the FreeBSD port
 > of monkeysphere from him, since i'm more heavily involved with the
 > upstream development at the moment.  He seems OK with that.
 
 I confirm that.
 
 A.
 
 --=20
 Rock journalism is people who can't write interviewing people who can't
 talk for people who can't read.
                         - Frank Zappa
 
 --6lCXDTVICvIQMz0h
 Content-Type: application/pgp-signature; name="signature.asc"
 Content-Description: Digital signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.9 (GNU/Linux)
 
 iEYEARECAAYFAkkKYhcACgkQWGBzs0AjcC8Z1wCePIzPXejH6p3JDpfTYG8O1hiV
 S+MAmwTugjQUT04aPCNUmUnX9NS7PAHV
 =Pwjn
 -----END PGP SIGNATURE-----
 
 --6lCXDTVICvIQMz0h--
Responsible-Changed-From-To: freebsd-ports-bugs->miwi 
Responsible-Changed-By: miwi 
Responsible-Changed-When: Thu Nov 6 06:53:47 UTC 2008 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=128406 

From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Martin Wilke <miwi@FreeBSD.org>, Monkeysphere Developers <monkeysphere@lists.riseup.net>, bug-followup@FreeBSD.org
Cc:  
Subject: re: ports/128406 (FreeBSD shar file for monkeysphere 0.19)
Date: Sun, 09 Nov 2008 16:25:25 -0500

 --==-=-=
 Content-Type: multipart/mixed; boundary="=-=-="
 
 --=-=-=
 Content-Transfer-Encoding: quoted-printable
 
 Hi miwi--
 
 Thanks for picking up the Monkeysphere port for FreeBSD.  Sorry that
 there was trouble with the earlier 0.19 shar file.
 
 The problem appears to be that the PR web UI doesn't properly
 recognize the Content-Transfer-Encoding MIME header for the shar
 attachment, and serves up the file via the web without mentioning that
 it's in quoted-printable form.
 
 You can work around this bug in the PR web UI by piping the downloaded
 file through a quoted-printable decoder:
 
 wget -S -O- 'http://www.freebsd.org/cgi/query-pr.cgi?prp=3D128406-2-shar&n=
 =3D/shar-2.sh' | \
   perl -MMIME::Decoder -e 'my $decoder =3D new MIME::Decoder "quoted-printa=
 ble" or die "unsupported"; $decoder->decode(\*STDIN, \*STDOUT);' \
   > shar-2.sh=20
 
 I'm attaching an updated copy of the shar file (includes a small but
 useful change to pkg-install) to this message.  I'll use
 Content-Disposition: attachment instead of inline to see if that makes
 things better (i'm not sure how to explicitly direct my MUA to not use
 quoted-printable transfer encoding).
 
 Thanks for your help, and please let me know what else i can do to
 help the process along.
 
 Regards,
 
         --dkg
 
 
 --=-=-=
 Content-Type: text/x-sh
 Content-Disposition: attachment; filename=shar-2.sh
 Content-Transfer-Encoding: quoted-printable
 Content-Description: revised FreeBSD monkeysphere packaging for 0.19
 
 # This is a shell archive.  Save it in a file, remove anything before
 # this line, and then unpack it by entering "sh file".  Note, it may
 # create directories; files and directories will be owned by you and
 # have default permissions.
 #
 # This archive contains:
 #
 #	monkeysphere
 #	monkeysphere/Makefile
 #	monkeysphere/distinfo
 #	monkeysphere/files
 #	monkeysphere/files/patch-etclocation
 #	monkeysphere/files/patch-sharelocation
 #	monkeysphere/files/patch-varlocation
 #	monkeysphere/pkg-deinstall
 #	monkeysphere/pkg-descr
 #	monkeysphere/pkg-install
 #	monkeysphere/pkg-plist
 #
 echo c - monkeysphere
 mkdir -p monkeysphere > /dev/null 2>&1
 echo x - monkeysphere/Makefile
 sed 's/^X//' >monkeysphere/Makefile << 'e6b49990150f96b526ac42696550a8a5'
 X# New ports collection makefile for:   monkeysphere
 X# Date created:        2008-09-11 23:38:27-0400
 X# Whom:                Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 X#
 X# $FreeBSD$
 X#
 X
 XPORTNAME=3D      monkeysphere
 XPORTVERSION=3D   0.19
 XCATEGORIES=3D    security
 XMASTER_SITES=3D  http://archive.monkeysphere.info/debian/pool/monkeysphere=
 /m/monkeysphere/
 X# hack for debian orig tarballs
 XDISTFILES=3D      ${PORTNAME}_${DISTVERSION}.orig.tar.gz
 X
 XMAINTAINER=3D    dkg@fifthhorseman.net
 XCOMMENT=3D       use the OpenPGP web of trust to verify ssh connections
 X
 XLIB_DEPENDS=3D	gnutls.26:${PORTSDIR}/security/gnutls
 XRUN_DEPENDS=3D    base64:${PORTSDIR}/converters/base64 \
 X		gpg:${PORTSDIR}/security/gnupg1 \
 X		lockfile:${PORTSDIR}/mail/procmail \
 X		/usr/local/bin/getopt:${PORTSDIR}/misc/getopt \
 X		bash:${PORTSDIR}/shells/bash
 X
 XMAN1=3D		monkeysphere.1 openpgp2ssh.1 monkeysphere-ssh-proxycommand.1
 XMAN7=3D		monkeysphere.7
 XMAN8=3D		monkeysphere-server.8
 XMANCOMPRESSED=3D yes
 X
 XMAKE_ARGS=3D ETCPREFIX=3D${PREFIX} MANPREFIX=3D${PREFIX}/man ETCSUFFIX=3D.=
 sample
 X
 X# get rid of cruft after the patching:
 Xpost-patch:
 X	find . -iname '*.orig' -delete
 X
 Xpost-install:
 X	@if [ ! -f ${PREFIX}/etc/monkeysphere/gnupg-host.conf ]; then \
 X		${CP} -p ${PREFIX}/etc/monkeysphere/gnupg-host.conf.sample ${PREFIX}/etc=
 /monkeysphere/gnupg-host.conf ; \
 X	fi
 X	@if [ ! -f ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf ]; then \
 X		${CP} -p ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf.sample ${P=
 REFIX}/etc/monkeysphere/gnupg-authentication.conf ; \
 X	fi
 X	@if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere.conf ]; then \
 X		${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere.conf.sample ${PREFIX}/e=
 tc/monkeysphere/monkeysphere.conf ; \
 X	fi
 X	@if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf ]; then \
 X		${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf.sample ${PR=
 EFIX}/etc/monkeysphere/monkeysphere-server.conf ; \
 X	fi
 X.if !defined(PACKAGE_BUILDING)
 X	@${SETENV} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
 X.endif
 X
 Xpost-deinstall:
 X	@${SETENV} ${SH} ${PKGDEINSTALL} ${PKGNAME} POST-DEINSTALL
 X
 X.include <bsd.port.mk>
 e6b49990150f96b526ac42696550a8a5
 echo x - monkeysphere/distinfo
 sed 's/^X//' >monkeysphere/distinfo << '32dba0505f502eb959b288b6ab212b72'
 XMD5 (monkeysphere_0.19.orig.tar.gz) =3D 64c643dd0ab642bbc8814aec1718000e
 XSHA256 (monkeysphere_0.19.orig.tar.gz) =3D 321b77c1e10fe48ffbef8491893f5dd=
 22842c35c11464efa7893150ce756a522
 XSIZE (monkeysphere_0.19.orig.tar.gz) =3D 68335
 32dba0505f502eb959b288b6ab212b72
 echo c - monkeysphere/files
 mkdir -p monkeysphere/files > /dev/null 2>&1
 echo x - monkeysphere/files/patch-etclocation
 sed 's/^X//' >monkeysphere/files/patch-etclocation << 'a2c685c81926e342cb0d=
 6b8121cc2ec3'
 Xdiff --git etc/monkeysphere-server.conf etc/monkeysphere-server.conf
 Xindex c001f2d..d33fd36 100644
 X--- etc/monkeysphere-server.conf
 X+++ etc/monkeysphere-server.conf
 X@@ -17,7 +17,7 @@
 X # authorized_keys file.  '%h' will be replaced by the home directory
 X # of the user, and %u will be replaced by the username of the user.
 X # For purely admin-controlled authorized_user_ids, you might put them
 X-# in /etc/monkeysphere/authorized_user_ids/%u, for instance.
 X+# in /usr/local/etc/monkeysphere/authorized_user_ids/%u, for instance.
 X #AUTHORIZED_USER_IDS=3D"%h/.monkeysphere/authorized_user_ids"
 X=20
 X # Whether to add user controlled authorized_keys file to
 Xdiff --git man/man1/monkeysphere.1 man/man1/monkeysphere.1
 Xindex 3ece735..09320d2 100644
 X--- man/man1/monkeysphere.1
 X+++ man/man1/monkeysphere.1
 X@@ -111,7 +111,7 @@ Path to ssh authorized_keys file (~/.ssh/authorized_ke=
 ys).
 X ~/.monkeysphere/monkeysphere.conf
 X User monkeysphere config file.
 X .TP
 X-/etc/monkeysphere/monkeysphere.conf
 X+/usr/local/etc/monkeysphere/monkeysphere.conf
 X System-wide monkeysphere config file.
 X .TP
 X ~/.monkeysphere/authorized_user_ids
 Xdiff --git man/man8/monkeysphere-server.8 man/man8/monkeysphere-server.8
 Xindex f207e2c..360408e 100644
 X--- man/man8/monkeysphere-server.8
 X+++ man/man8/monkeysphere-server.8
 X@@ -203,10 +203,10 @@ User to control authentication keychain (monkeyspher=
 e).
 X .SH FILES
 X=20
 X .TP
 X-/etc/monkeysphere/monkeysphere-server.conf
 X+/usr/local/etc/monkeysphere/monkeysphere-server.conf
 X System monkeysphere-server config file.
 X .TP
 X-/etc/monkeysphere/monkeysphere.conf
 X+/usr/local/etc/monkeysphere/monkeysphere.conf
 X System-wide monkeysphere config file.
 X .TP
 X /var/lib/monkeysphere/authorized_keys/USER
 X--- src/common.orig	2008-10-12 14:58:00.000000000 -0400
 X+++ src/common	2008-10-25 17:40:34.000000000 -0400
 X@@ -16,7 +16,7 @@
 X ### COMMON VARIABLES
 X=20
 X # managed directories
 X-SYSCONFIGDIR=3D${MONKEYSPHERE_SYSCONFIGDIR:-"/etc/monkeysphere"}
 X+SYSCONFIGDIR=3D${MONKEYSPHERE_SYSCONFIGDIR:-"/usr/local/etc/monkeysphere"}
 X export SYSCONFIGDIR
 X=20
 X ########################################################################
 a2c685c81926e342cb0d6b8121cc2ec3
 echo x - monkeysphere/files/patch-sharelocation
 sed 's/^X//' >monkeysphere/files/patch-sharelocation << 'e58f45ef49fc61a719=
 435bf0960663ac'
 X--- src/monkeysphere.orig	2008-10-12 14:58:00.000000000 -0400
 X+++ src/monkeysphere	2008-10-25 17:41:41.000000000 -0400
 X@@ -13,7 +13,7 @@
 X ########################################################################
 X PGRM=3D$(basename $0)
 X=20
 X-SYSSHAREDIR=3D${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
 X+SYSSHAREDIR=3D${MONKEYSPHERE_SYSSHAREDIR:-"/usr/local/share/monkeysphere"}
 X export SYSSHAREDIR
 X . "${SYSSHAREDIR}/common" || exit 1
 X=20
 X--- src/monkeysphere-server.orig	2008-10-25 14:17:50.000000000 -0400
 X+++ src/monkeysphere-server	2008-10-25 17:42:50.000000000 -0400
 X@@ -13,7 +13,7 @@
 X ########################################################################
 X PGRM=3D$(basename $0)
 X=20
 X-SYSSHAREDIR=3D${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
 X+SYSSHAREDIR=3D${MONKEYSPHERE_SYSSHAREDIR:-"/usr/local/share/monkeysphere"}
 X export SYSSHAREDIR
 X . "${SYSSHAREDIR}/common" || exit 1
 X=20
 e58f45ef49fc61a719435bf0960663ac
 echo x - monkeysphere/files/patch-varlocation
 sed 's/^X//' >monkeysphere/files/patch-varlocation << '9c7c05c03adccce0ba37=
 a96ac1ed8b05'
 Xdiff --git man/man8/monkeysphere-server.8 man/man8/monkeysphere-server.8
 Xindex f207e2c..29c7b6a 100644
 X--- man/man8/monkeysphere-server.8
 X+++ man/man8/monkeysphere-server.8
 X@@ -128,7 +128,7 @@ command to push the key to a keyserver.  You must also=
  modify the
 X sshd_config on the server to tell sshd where the new server host key
 X is located:
 X=20
 X-HostKey /var/lib/monkeysphere/ssh_host_rsa_key
 X+HostKey /var/monkeysphere/ssh_host_rsa_key
 X=20
 X In order for users logging into the system to be able to verify the
 X host via the monkeysphere, at least one person (e.g. a server admin)
 X@@ -170,7 +170,7 @@ users.  You must also tell sshd to look at the monkeys=
 phere-generated
 X authorized_keys file for user authentication by setting the following
 X in the sshd_config:
 X=20
 X-AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u
 X+AuthorizedKeysFile /var/monkeysphere/authorized_keys/%u
 X=20
 X It is recommended to add "monkeysphere-server update-users" to a
 X system crontab, so that user keys are kept up-to-date, and key
 X@@ -209,17 +209,17 @@ System monkeysphere-server config file.
 X /etc/monkeysphere/monkeysphere.conf
 X System-wide monkeysphere config file.
 X .TP
 X-/var/lib/monkeysphere/authorized_keys/USER
 X+/var/monkeysphere/authorized_keys/USER
 X Monkeysphere-generated user authorized_keys files.
 X .TP
 X-/var/lib/monkeysphere/ssh_host_rsa_key
 X+/var/monkeysphere/ssh_host_rsa_key
 X Copy of the host's private key in ssh format, suitable for use by
 X sshd.
 X .TP
 X-/var/lib/monkeysphere/gnupg-host
 X+/var/monkeysphere/gnupg-host
 X Monkeysphere host GNUPG home directory.
 X .TP
 X-/var/lib/monkeysphere/gnupg-authentication
 X+/var/monkeysphere/gnupg-authentication
 X Monkeysphere authentication GNUPG home directory.
 X=20
 X .SH AUTHOR
 Xdiff --git doc/getting-started-admin.mdwn doc/getting-started-admin.mdwn
 Xindex 6c8ad53..67fdda1 100644
 X--- doc/getting-started-admin.mdwn
 X+++ doc/getting-started-admin.mdwn
 X@@ -30,7 +30,7 @@ To use the newly-generated host key for ssh connections,=
  put the
 X following line in `/etc/ssh/sshd_config` (be sure to remove references
 X to any other keys):
 X=20
 X-	HostKey /var/lib/monkeysphere/ssh_host_rsa_key
 X+	HostKey /var/monkeysphere/ssh_host_rsa_key
 X=20
 X FIXME: should we just suggest symlinks in the filesystem here instead?
 X=20
 X@@ -40,7 +40,7 @@ To enable users to use the monkeysphere to authenticate =
 using the
 X OpenPGP web of trust, add this line to `/etc/ssh/sshd_config` (again,
 X making sure that no other AuthorizedKeysFile directive exists):
 X=20
 X-	AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u
 X+	AuthorizedKeysFile /var/monkeysphere/authorized_keys/%u
 X=20
 X And then read the section below about how to ensure these files are
 X maintained.  You'll need to restart `sshd` to have your changes take
 X--- src/monkeysphere-server.orig	2008-10-25 18:01:19.000000000 -0400
 X+++ src/monkeysphere-server	2008-10-25 18:01:24.000000000 -0400
 X@@ -17,7 +17,7 @@
 X export SYSSHAREDIR
 X . "${SYSSHAREDIR}/common" || exit 1
 X=20
 X-SYSDATADIR=3D${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
 X+SYSDATADIR=3D${MONKEYSPHERE_SYSDATADIR:-"/var/monkeysphere"}
 X export SYSDATADIR
 X=20
 X # UTC date in ISO 8601 format if needed
 X--- etc/gnupg-authentication.conf.orig	2008-10-25 18:02:58.000000000 -0400
 X+++ etc/gnupg-authentication.conf	2008-10-25 18:03:04.000000000 -0400
 X@@ -4,8 +4,8 @@
 X # It is highly recommended that you
 X #    DO NOT MODIFY
 X # these variables.
 X-primary-keyring /var/lib/monkeysphere/gnupg-authentication/pubring.gpg
 X-keyring /var/lib/monkeysphere/gnupg-host/pubring.gpg
 X+primary-keyring /var/monkeysphere/gnupg-authentication/pubring.gpg
 X+keyring /var/monkeysphere/gnupg-host/pubring.gpg
 X=20
 X # PGP keyserver to use for PGP queries.
 X keyserver hkp://pgp.mit.edu
 9c7c05c03adccce0ba37a96ac1ed8b05
 echo x - monkeysphere/pkg-deinstall
 sed 's/^X//' >monkeysphere/pkg-deinstall << 'f331c3c6e289e2ef8efd846de3f3ad=
 6f'
 X#!/bin/sh
 X
 X# a package removal script for monkeysphere (borrowing from
 X# monkeysphere's debian/monkeysphere.postrm)
 X
 X# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 X# Copyright 2008
 X
 X# FIXME: is /var/lib/monkeysphere the right place for this stuff on
 X# FreeBSD?
 XVARLIB=3D"/var/monkeysphere"
 X
 X
 Xcase $2 in
 XPOST-DEINSTALL)
 X        USER=3Dmonkeysphere
 X# FIXME: This doesn't do anything!  Under what circumstances do we
 X# want to actually automatically purge all of /var/monkeysphere?
 X
 X# (note: FreeBSD does not seem to want the package-specific user to be
 X# purged at package removal)
 X	if pw user show "${USER}" 2>/dev/null >/dev/null; then
 X	    echo "Warning: If you will *NOT* use this package anymore, please rem=
 ove the monkeysphere user manually."
 X	fi
 X	if [ -d "$VARLIB" ] ; then
 X	    echo "Warning: You may want to remove monkeysphere's cached authentic=
 ation data and keyrings in $VARLIB"
 X	fi
 X;;
 Xesac
 f331c3c6e289e2ef8efd846de3f3ad6f
 echo x - monkeysphere/pkg-descr
 sed 's/^X//' >monkeysphere/pkg-descr << 'b56f21cd6b5644dc1076afa644be514b'
 XSSH key-based authentication is tried-and-true, but it lacks a true
 XPublic Key Infrastructure for key certification, revocation and
 Xexpiration.  Monkeysphere is a framework that uses the OpenPGP web of
 Xtrust for these PKI functions.  It can be used in both directions: for
 Xusers to get validated host keys, and for hosts to authenticate users.
 X
 XWWW: http://web.monkeysphere.info/
 b56f21cd6b5644dc1076afa644be514b
 echo x - monkeysphere/pkg-install
 sed 's/^X//' >monkeysphere/pkg-install << '063e2436db8337e6d9141e8f388ca4b0'
 X#!/bin/sh
 X
 X# an installation script for monkeysphere (borrowing liberally from
 X# postgresql and mysql pkg-install scripts, and from monkeysphere's
 X# debian/monkeysphere.postinst)
 X
 X# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 X# Copyright 2008
 X
 X# FIXME: is /var/lib/monkeysphere the right place for this stuff on
 X# FreeBSD?
 X
 X# PostgreSQL puts its data in /usr/local/pgsql/data
 X
 X# MySQL puts its data in /var/db/mysql
 X
 XVARLIB=3D"/var/monkeysphere"
 XETCDIR=3D"/usr/local/etc/monkeysphere"
 X
 Xcase $2 in
 XPOST-INSTALL)
 X        USER=3Dmonkeysphere
 X        GROUP=3D${USER}
 X        UID=3D641
 X        GID=3D${UID}
 X        SHELL=3D/usr/local/bin/bash
 X
 X        if pw group show "${GROUP}" >/dev/null 2>&1; then
 X                echo "You already have a group \"${GROUP}\", so I will use=
  it."
 X        else
 X                if pw groupadd ${GROUP} -g ${GID}; then
 X                        echo "Added group \"${GROUP}\"."
 X                else
 X                        echo "Adding group \"${GROUP}\" failed..."
 X                        exit 1
 X                fi
 X        fi
 X
 X	if pw user show "${USER}" >/dev/null 2>&1; then
 X            oldshell=3D`pw user show "${USER}" 2>/dev/null | cut -f10 -d:`
 X	    if [ x"$oldshell" !=3D x"$SHELL" ]; then
 X		echo "You already have a \"${USER}\" user, but its shell is '$oldshell'."
 X		echo "This package requires that \"${USER}\"'s shell be '$SHELL'."
 X		echo "You should fix this by hand and then re-install the package."
 X		echo "   hint: pw usermod '$USER' -s '$SHELL'"
 X		exit 1
 X	    fi
 X            echo "You already have a user \"${USER}\" with the proper shel=
 l, so I will use it."
 X        else
 X                if pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \
 X                        -d "$VARLIB" -s /usr/local/bin/bash -c "monkeysphe=
 re authentication user,,,"
 X                then
 X                        echo "Added user \"${USER}\"."
 X                else
 X                        echo "Adding user \"${USER}\" failed..."
 X                        exit 1
 X                fi
 X        fi
 X
 X	## set up the cache directories, and link them to the config files:
 X
 X	install -d -o root -g monkeysphere -m 750 "$VARLIB"/gnupg-host
 X	ln -sf "$ETCDIR"/gnupg-host.conf  "$VARLIB"/gnupg-host/gpg.conf
 X
 X	install -d -o monkeysphere -g monkeysphere -m 700 "$VARLIB"/gnupg-authent=
 ication
 X	ln -sf "$ETCDIR"/gnupg-authentication.conf  "$VARLIB"/gnupg-authenticatio=
 n/gpg.conf
 X
 X	install -d "$VARLIB"/tmp "$VARLIB"/authorized_keys
 X
 X	monkeysphere-server diagnostics
 X        ;;
 Xesac
 063e2436db8337e6d9141e8f388ca4b0
 echo x - monkeysphere/pkg-plist
 sed 's/^X//' >monkeysphere/pkg-plist << '69e1e9d8bd1ff3c1846b4c7eb779393e'
 Xsbin/monkeysphere-server
 Xshare/doc/monkeysphere/TODO
 Xshare/doc/monkeysphere/MonkeySpec
 Xshare/doc/monkeysphere/getting-started-user.mdwn
 Xshare/doc/monkeysphere/getting-started-admin.mdwn
 Xbin/openpgp2ssh
 Xbin/monkeysphere-ssh-proxycommand
 Xbin/monkeysphere
 Xshare/monkeysphere/common
 X@unexec if cmp -s %D/etc/monkeysphere/monkeysphere.conf.sample %D/etc/monk=
 eysphere/monkeysphere.conf; then rm -f %D/etc/monkeysphere/monkeysphere.con=
 f; fi
 Xetc/monkeysphere/monkeysphere.conf.sample
 X@exec if [ ! -f %D/etc/monkeysphere/monkeysphere.conf ] ; then cp -p %D/%F=
  %B/monkeysphere.conf; fi
 X@unexec if cmp -s %D/etc/monkeysphere/monkeysphere-server.conf.sample %D/e=
 tc/monkeysphere/monkeysphere-server.conf; then rm -f %D/etc/monkeysphere/mo=
 nkeysphere-server.conf; fi
 Xetc/monkeysphere/monkeysphere-server.conf.sample
 X@exec if [ ! -f %D/etc/monkeysphere/monkeysphere-server.conf ] ; then cp -=
 p %D/%F %B/monkeysphere-server.conf; fi
 X@dirrm share/doc/monkeysphere
 X@dirrm share/monkeysphere
 X@dirrm etc/monkeysphere
 69e1e9d8bd1ff3c1846b4c7eb779393e
 exit
 
 
 --=-=-=--
 
 --==-=-=
 Content-Type: application/pgp-signature
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.9 (GNU/Linux)
 
 iQIVAwUBSRdVRczS7ZTSFznpAQK8QA//QzJy81FTeHi9sVbyg0C/TtcegnJO3K1j
 4g3g33B06I8mYeKhN/sV8ObLHOH5P8milRUg2P9lCA/mKSbzL5AkwWPFbpMt2qyl
 u5yH0NcAeBw8unAhWJkgC8SKpk6f9KcldQ+6y49jggZikOt8FjXlbuVaa71O56xf
 2k7RuSGrS4RgaR/lC5FtkgqgIICGsmheYF3kWw+nHHjA8dn4H5C/rz7E+xMtcQRN
 BLtYawyMmsSYYwrwINiFrDU2+h/YWsvfvTDLPYIr87aeW+nj0whN3aWkkwDwMBpg
 xWz6ZZrJWg2+qcE31WH98VAsoYZA7FAJ8CQitKdSWJyMT6QTSTHcCPaEl9Uk6INJ
 f1/bByRr43tZtb69AA5Kv7zY7zsjAPaUCNYE8JVmK/kxxyHLg5+ersgey/Zx+1Ry
 AmOnAWfnxAcJMLpgFkgaVptMVscZVUWOSDTI1LBYvWJ/sZX96sVMgzogW0JCxenc
 q8g3Ob97s9NpGAV4l+bE0XBO5V+3CE0KyPxgQ0boCoikYMf45f9NGDQYT8BjYvj0
 oM1b1Rik4nxEe+iwrLWfu5/7C6lnL92VMhEnzIkeCVmrGM1ihHMi0EY4R3u0m2Ss
 ibjTCPCetDXQG46TO1tEpH5Pui6diXC36V7mvfhFPONNyURR7hIhVgVbuTl98Ec3
 /eQwIkLhJMo=
 =KgLF
 -----END PGP SIGNATURE-----
 --==-=-=--

From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: bug-followup@FreeBSD.org, Martin Wilke <miwi@FreeBSD.org>
Cc: anarcat@anarcat.ath.cx, 
 Monkeysphere Developers <monkeysphere@lists.riseup.net>
Subject: Re: ports/128406: New port: security/monkeysphere (shar file for
 0.24)
Date: Tue, 10 Mar 2009 02:32:14 -0400

 This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
 --------------enigCF8465F5E00CA7B75E7B75EB
 Content-Type: multipart/mixed;
  boundary="------------080408050506070606010300"
 
 This is a multi-part message in MIME format.
 --------------080408050506070606010300
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: quoted-printable
 
 Hi Martin--
 
 Attached, please find a shar file for monkeysphere 0.24, as applied in
 /usr/ports/security against a clean FreeBSD 7.1 release.  The package
 seems to work on the test system i've used, and it builds, installs, and
 can be removed and reinstalled.  I've cleaned up all the fatal errors
 reported by portlint, and i believe that the three warnings that remain
 can be responsibly ignored.
 
 Please let me know if i've missed anything, or if the port should be
 doing something different.
 
 Thanks for your help,
 
 	--dkg
 
 PS anarcat's original patch against /usr/ports/{UIDs,GIDs} is still
 relevant, though i did not include it in this shar file.
 
 --------------080408050506070606010300
 Content-Type: application/x-shar;
  name="monkeysphere-0.24.shar"
 Content-Transfer-Encoding: quoted-printable
 Content-Disposition: inline;
  filename="monkeysphere-0.24.shar"
 
 # This is a shell archive.  Save it in a file, remove anything before
 # this line, and then unpack it by entering "sh file".  Note, it may
 # create directories; files and directories will be owned by you and
 # have default permissions.
 #
 # This archive contains:
 #
 #	monkeysphere
 #	monkeysphere/pkg-plist
 #	monkeysphere/files
 #	monkeysphere/files/patch-src_share_keytrans
 #	monkeysphere/files/patch-src_monkeysphere-host
 #	monkeysphere/pkg-install
 #	monkeysphere/Makefile
 #	monkeysphere/pkg-descr
 #	monkeysphere/pkg-deinstall
 #	monkeysphere/distinfo
 #
 echo c - monkeysphere
 mkdir -p monkeysphere > /dev/null 2>&1
 echo x - monkeysphere/pkg-plist
 sed 's/^X//' >monkeysphere/pkg-plist << '69e1e9d8bd1ff3c1846b4c7eb779393e=
 '
 Xsbin/monkeysphere-host
 Xsbin/monkeysphere-authentication
 Xshare/doc/monkeysphere/TODO
 Xshare/doc/monkeysphere/MonkeySpec
 Xshare/doc/monkeysphere/getting-started-user.mdwn
 Xshare/doc/monkeysphere/getting-started-admin.mdwn
 Xbin/openpgp2ssh
 Xbin/pem2openpgp
 Xbin/monkeysphere
 Xshare/monkeysphere/mh/publish_key
 Xshare/monkeysphere/mh/import_key
 Xshare/monkeysphere/mh/set_expire
 Xshare/monkeysphere/mh/diagnostics
 Xshare/monkeysphere/mh/add_hostname
 Xshare/monkeysphere/mh/add_revoker
 Xshare/monkeysphere/mh/revoke_hostname
 Xshare/monkeysphere/mh/revoke_key
 Xshare/monkeysphere/keytrans
 Xshare/monkeysphere/defaultenv
 Xshare/monkeysphere/VERSION
 Xshare/monkeysphere/transitions/0.23
 Xshare/monkeysphere/transitions/README.txt
 Xshare/monkeysphere/ma/list_certifiers
 Xshare/monkeysphere/ma/add_certifier
 Xshare/monkeysphere/ma/update_users
 Xshare/monkeysphere/ma/setup
 Xshare/monkeysphere/ma/remove_certifier
 Xshare/monkeysphere/ma/diagnostics
 Xshare/monkeysphere/common
 Xshare/monkeysphere/m/gen_subkey
 Xshare/monkeysphere/m/ssh_proxycommand
 Xshare/monkeysphere/m/subkey_to_ssh_agent
 Xshare/monkeysphere/m/import_subkey
 X@unexec if cmp -s %D/etc/monkeysphere/monkeysphere.conf.sample %D/etc/mo=
 nkeysphere/monkeysphere.conf; then rm -f %D/etc/monkeysphere/monkeysphere=
 =2Econf; fi
 Xetc/monkeysphere/monkeysphere.conf.sample
 X@exec if [ ! -f %D/etc/monkeysphere/monkeysphere.conf ] ; then cp -p %D/=
 %F %B/monkeysphere.conf; fi
 X@unexec if cmp -s %D/etc/monkeysphere/monkeysphere-host.conf.sample %D/e=
 tc/monkeysphere/monkeysphere-host.conf; then rm -f %D/etc/monkeysphere/mo=
 nkeysphere-host.conf; fi
 Xetc/monkeysphere/monkeysphere-host.conf.sample
 X@exec if [ ! -f %D/etc/monkeysphere/monkeysphere-host.conf ] ; then cp -=
 p %D/%F %B/monkeysphere-host.conf; fi
 X@unexec if cmp -s %D/etc/monkeysphere/monkeysphere-authentication.conf.s=
 ample %D/etc/monkeysphere/monkeysphere-authentication.conf; then rm -f %D=
 /etc/monkeysphere/monkeysphere-authentication.conf; fi
 Xetc/monkeysphere/monkeysphere-authentication.conf.sample
 X@exec if [ ! -f %D/etc/monkeysphere/monkeysphere-authentication.conf ] ;=
  then cp -p %D/%F %B/monkeysphere-authentication.conf; fi
 X@dirrm share/doc/monkeysphere
 X@dirrm share/monkeysphere/transitions
 X@dirrm share/monkeysphere/mh
 X@dirrm share/monkeysphere/ma
 X@dirrm share/monkeysphere/m
 X@dirrm share/monkeysphere
 X@dirrm etc/monkeysphere
 69e1e9d8bd1ff3c1846b4c7eb779393e
 echo c - monkeysphere/files
 mkdir -p monkeysphere/files > /dev/null 2>&1
 echo x - monkeysphere/files/patch-src_share_keytrans
 sed 's/^X//' >monkeysphere/files/patch-src_share_keytrans << 'c23fd68ef98=
 a5b9e6c8a100567766677'
 X--- src/share/keytrans	2009-03-01 13:39:50.000000000 -0500
 X+++ src/share/keytrans	2009-03-10 00:39:53.681890554 -0400
 X@@ -199,7 +199,7 @@
 X sub simple_checksum {
 X   my $bytes =3D shift;
 X=20
 X-  return unpack("%32W*",$bytes) % 65536;
 X+  return unpack("%32U*",$bytes) % 65536;
 X }
 X=20
 X # calculate the multiplicative inverse of a mod b this is euclid's
 c23fd68ef98a5b9e6c8a100567766677
 echo x - monkeysphere/files/patch-src_monkeysphere-host
 sed 's/^X//' >monkeysphere/files/patch-src_monkeysphere-host << 'f836d5ef=
 fe11bc14f812afaed0843dfc'
 X--- src/monkeysphere-host
 X+++ src/monkeysphere-host
 X@@ -103,7 +103,7 @@ update_gpg_pub_file() {
 X load_fingerprint() {
 X     if [ -f "$HOST_KEY_FILE" ] ; then
 X 	HOST_FINGERPRINT=3D$( \
 X-	    (FUBAR=3D$(mktemp -d) && export GNUPGHOME=3D"$FUBAR" \
 X+	    (FUBAR=3D$(msmktempdir) && export GNUPGHOME=3D"$FUBAR" \
 X 	    && gpg --quiet --import \
 X 	    && gpg --quiet --list-keys --with-colons --with-fingerprint \
 X 	    && rm -rf "$FUBAR") <"$HOST_KEY_FILE" \
 f836d5effe11bc14f812afaed0843dfc
 echo x - monkeysphere/pkg-install
 sed 's/^X//' >monkeysphere/pkg-install << '063e2436db8337e6d9141e8f388ca4=
 b0'
 X#!/bin/sh
 X
 X# an installation script for monkeysphere (borrowing liberally from
 X# postgresql and mysql pkg-install scripts, and from monkeysphere's
 X# debian/monkeysphere.postinst)
 X
 X# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 X# Copyright 2008,2009
 X
 X# FIXME: is /var/monkeysphere the right place for this stuff on
 X# FreeBSD?
 X
 X# PostgreSQL puts its data in /usr/local/pgsql/data
 X
 X# MySQL puts its data in /var/db/mysql
 X
 XVARLIB=3D"/var/monkeysphere"
 XETCDIR=3D"/usr/local/etc/monkeysphere"
 X
 Xcase $2 in
 XPOST-INSTALL)
 X        USER=3Dmonkeysphere
 X        GROUP=3D${USER}
 X        UID=3D641
 X        GID=3D${UID}
 X        SHELL=3D/usr/local/bin/bash
 X
 X        if pw group show "${GROUP}" >/dev/null 2>&1; then
 X                echo "You already have a group \"${GROUP}\", so I will u=
 se it."
 X        else
 X                if pw groupadd ${GROUP} -g ${GID}; then
 X                        echo "Added group \"${GROUP}\"."
 X                else
 X                        echo "Adding group \"${GROUP}\" failed..."
 X                        exit 1
 X                fi
 X        fi
 X
 X	if pw user show "${USER}" >/dev/null 2>&1; then
 X            oldshell=3D`pw user show "${USER}" 2>/dev/null | cut -f10 -d=
 :`
 X	    if [ x"$oldshell" !=3D x"$SHELL" ]; then
 X		echo "You already have a \"${USER}\" user, but its shell is '$oldshell=
 '."
 X		echo "This package requires that \"${USER}\"'s shell be '$SHELL'."
 X		echo "You should fix this by hand and then re-install the package."
 X		echo "   hint: pw usermod '$USER' -s '$SHELL'"
 X		exit 1
 X	    fi
 X            echo "You already have a user \"${USER}\" with the proper sh=
 ell, so I will use it."
 X        else
 X                if pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \
 X                        -d "$VARLIB" -s /usr/local/bin/bash -c "monkeysp=
 here authentication user,,,"
 X                then
 X                        echo "Added user \"${USER}\"."
 X                else
 X                        echo "Adding user \"${USER}\" failed..."
 X                        exit 1
 X                fi
 X        fi
 X
 X	## set up the monkeysphere authentication cache directory:
 X
 X	monkeysphere-authentication setup
 X        ;;
 Xesac
 063e2436db8337e6d9141e8f388ca4b0
 echo x - monkeysphere/Makefile
 sed 's/^X//' >monkeysphere/Makefile << 'e6b49990150f96b526ac42696550a8a5'=
 
 X# New ports collection makefile for:   monkeysphere
 X# Date created:        2008-09-11 23:38:27-0400
 X# Whom:                Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 X#
 X# $FreeBSD$
 X#
 X
 XPORTNAME=3D	monkeysphere
 XPORTVERSION=3D	0.24
 XCATEGORIES=3D	security
 XMASTER_SITES=3D	http://archive.monkeysphere.info/debian/pool/monkeyspher=
 e/m/monkeysphere/
 X# hack for debian orig tarballs
 XDISTFILES=3D	${PORTNAME}_${DISTVERSION}.orig.tar.gz
 X
 XMAINTAINER=3D	dkg@fifthhorseman.net
 XCOMMENT=3D	Use the OpenPGP web of trust to verify ssh connections
 X
 XRUN_DEPENDS=3D	gpg:${PORTSDIR}/security/gnupg1 \
 X		lockfile:${PORTSDIR}/mail/procmail \
 X		bash:${PORTSDIR}/shells/bash \
 X		${SITE_PERL}/${PERL_ARCH}/Crypt/OpenSSL/RSA.pm:${PORTSDIR}/security/p5=
 -Crypt-OpenSSL-RSA \
 X		${SITE_PERL}/${PERL_ARCH}/Digest/SHA1.pm:${PORTSDIR}/security/p5-Diges=
 t-SHA1
 X
 XMAN1=3D		monkeysphere.1 openpgp2ssh.1 pem2openpgp.1
 XMAN7=3D		monkeysphere.7
 XMAN8=3D		monkeysphere-host.8 monkeysphere-authentication.8
 XMANCOMPRESSED=3D	yes
 X
 XMAKE_ARGS=3D	ETCPREFIX=3D${PREFIX} MANPREFIX=3D${PREFIX}/man ETCSUFFIX=3D=
 =2Esample
 X
 X# use proper system paths for FreeBSD instead of debian's:
 Xpost-patch:
 X	@${REINPLACE_CMD} -e 's|/etc/monkeysphere|/usr/local/etc/monkeysphere|g=
 ' \
 X	  ${WRKSRC}/src/share/defaultenv \
 X	  ${WRKSRC}/src/transitions/0.23 \
 X	  ${WRKSRC}/man/man1/monkeysphere.1 \
 X	  ${WRKSRC}/man/man8/monkeysphere-authentication.8 \
 X	  ${WRKSRC}/man/man8/monkeysphere-host.8 \
 X	  ${WRKSRC}/etc/monkeysphere-authentication.conf
 X	@${REINPLACE_CMD} -e 's|/var/lib/monkeysphere|/var/monkeysphere|g' \
 X	  ${WRKSRC}/src/transitions/0.23 \
 X	  ${WRKSRC}/man/man1/monkeysphere.1 \
 X	  ${WRKSRC}/man/man8/monkeysphere-authentication.8 \
 X	  ${WRKSRC}/man/man8/monkeysphere-host.8 \
 X	  ${WRKSRC}/src/monkeysphere-host \
 X	  ${WRKSRC}/src/monkeysphere-authentication \
 X	  ${WRKSRC}/doc/getting-started-admin.mdwn
 X	@${REINPLACE_CMD} -e 's|/usr/share/monkeysphere|/usr/local/share/monkey=
 sphere|g' \
 X	  ${WRKSRC}/src/monkeysphere-host \
 X	  ${WRKSRC}/src/monkeysphere-authentication \
 X	  ${WRKSRC}/src/monkeysphere
 X	# and clean up cruft from the sed replacements:
 X	${FIND} ${WRKSRC} -name '*.bak' -delete
 X
 Xpost-install:
 X	@if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere.conf ]; then \
 X		${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere.conf.sample ${PREFIX}=
 /etc/monkeysphere/monkeysphere.conf ; \
 X	fi
 X	@if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere-host.conf ]; then \
 X		${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere-host.conf.sample ${PR=
 EFIX}/etc/monkeysphere/monkeysphere-host.conf ; \
 X	fi
 X	@if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere-authentication.conf =
 ]; then \
 X		${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere-authentication.conf.s=
 ample ${PREFIX}/etc/monkeysphere/monkeysphere-authentication.conf ; \
 X	fi
 X.if !defined(PACKAGE_BUILDING)
 X	@${SETENV} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
 X.endif
 X
 Xpost-deinstall:
 X	@${SETENV} ${SH} ${PKGDEINSTALL} ${PKGNAME} POST-DEINSTALL
 X
 X.include <bsd.port.mk>
 e6b49990150f96b526ac42696550a8a5
 echo x - monkeysphere/pkg-descr
 sed 's/^X//' >monkeysphere/pkg-descr << 'b56f21cd6b5644dc1076afa644be514b=
 '
 XSSH key-based authentication is tried-and-true, but it lacks a true
 XPublic Key Infrastructure for key certification, revocation and
 Xexpiration.  Monkeysphere is a framework that uses the OpenPGP web of
 Xtrust for these PKI functions.  It can be used in both directions: for
 Xusers to get validated host keys, and for hosts to authenticate users.
 X
 XWWW: http://web.monkeysphere.info/
 b56f21cd6b5644dc1076afa644be514b
 echo x - monkeysphere/pkg-deinstall
 sed 's/^X//' >monkeysphere/pkg-deinstall << 'f331c3c6e289e2ef8efd846de3f3=
 ad6f'
 X#!/bin/sh
 X
 X# a package removal script for monkeysphere (borrowing from
 X# monkeysphere's debian/monkeysphere.postrm)
 X
 X# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 X# Copyright 2008,2009
 X
 X# FIXME: is /var/monkeysphere the right place for this stuff on
 X# FreeBSD?
 XVARLIB=3D"/var/monkeysphere"
 X
 X
 Xcase $2 in
 XPOST-DEINSTALL)
 X        USER=3Dmonkeysphere
 X# FIXME: This doesn't do anything!  Under what circumstances do we
 X# want to actually automatically purge all of /var/monkeysphere?
 X
 X# (note: FreeBSD does not seem to want the package-specific user to be
 X# purged at package removal)
 X	if pw user show "${USER}" 2>/dev/null >/dev/null; then
 X	    echo "Warning: If you will *NOT* use this package anymore, please r=
 emove the monkeysphere user manually."
 X	fi
 X	if [ -d "$VARLIB" ] ; then
 X	    echo "Warning: You may want to remove monkeysphere's cached authent=
 ication data and keyrings in $VARLIB"
 X	fi
 X;;
 Xesac
 f331c3c6e289e2ef8efd846de3f3ad6f
 echo x - monkeysphere/distinfo
 sed 's/^X//' >monkeysphere/distinfo << '32dba0505f502eb959b288b6ab212b72'=
 
 XMD5 (monkeysphere_0.24.orig.tar.gz) =3D 8590532f4702fa44027a6a583657c9ef=
 
 XSHA256 (monkeysphere_0.24.orig.tar.gz) =3D 2a58cee998ddb1b21b953826fc746=
 a743e17d94e6fa34ac9cbee4262873b5c5f
 XSIZE (monkeysphere_0.24.orig.tar.gz) =3D 86044
 32dba0505f502eb959b288b6ab212b72
 exit
 
 
 --------------080408050506070606010300--
 
 --------------enigCF8465F5E00CA7B75E7B75EB
 Content-Type: application/pgp-signature; name="signature.asc"
 Content-Description: OpenPGP digital signature
 Content-Disposition: attachment; filename="signature.asc"
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.9 (GNU/Linux)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
 
 iQIVAwUBSbYJdMzS7ZTSFznpAQLzhA/+Px2QPiRdPJLx6q0KrH6UR4p/bofAeffK
 n45u6/67QIofUVPMzG92llALLLAxauRZ9O1L2BuvlYlbH9DNUUgaWLqLO36uZWt7
 Byd5KZqdC8wt3UjzZ8Q95h5ahnbLcp/u/GX2xzds3YGc9uGYPmiobCW2BqQh9eaj
 yVzifKWtWfpbiPjZVJ0RHob/yH4pG/+iOF0sYLD7og6dLSSH2cyRkHreHaxPvtS3
 W2Kja/fGd8p/0KYzQuh7VY881Wt6esvzrQbXX5EM+OHBFgkVYpWpR/V2ixkOBiBc
 OoPpuKidHHJJUQnl3eCHrb3I2F9zylgi8GL1A8/W2h4XRSjiqQQKby/K/hAtjbcZ
 fQox9/yIIAYnCXLjhAcgbAzaujhAng+PP+6XrP8qbE3fXhnmG43+sFAA/zm4GVDe
 bQHrFqzTD3E+m9zyVuuB4u/RfhX9kt6hTrM8UuEYPIB6fkZXLrXn8KaB50VCki37
 s8VuiKYMIgWK6btl3JL87M2Ihnybui8fZ2ZehStPdy63Thdo8fJZ7o2bftc29jtO
 uo4bk7yXaxw5/xAAAa9zeWJmz3U4kD/uJoRIKx1K3g1CRxe+HZo090qQX81v0XcG
 MG8RCUNXnh5ekLJMgCp8a1Rs7M27GRHsnIFZZSPoOC37nH6G+WMN0+cRizfKNZJL
 PRz+68gevcU=
 =5bak
 -----END PGP SIGNATURE-----
 
 --------------enigCF8465F5E00CA7B75E7B75EB--
State-Changed-From-To: open->closed 
State-Changed-By: miwi 
State-Changed-When: Tue Mar 10 07:45:04 UTC 2009 
State-Changed-Why:  
New port added. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=128406 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/128406: commit references a PR
Date: Tue, 10 Mar 2009 07:45:41 +0000 (UTC)

 miwi        2009-03-10 07:45:27 UTC
 
   FreeBSD ports repository
 
   Modified files:
     security             Makefile 
   Added files:
     security/monkeysphere Makefile distinfo pkg-deinstall 
                           pkg-descr pkg-install pkg-plist 
     security/monkeysphere/files patch-src_monkeysphere-host 
                                 patch-src_share_keytrans 
   Log:
   SSH key-based authentication is tried-and-true, but it lacks a true
   Public Key Infrastructure for key certification, revocation and
   expiration.  Monkeysphere is a framework that uses the OpenPGP web of
   trust for these PKI functions.  It can be used in both directions: for
   users to get validated host keys, and for hosts to authenticate users.
   
   WWW: http://web.monkeysphere.info/
   
   PR:             ports/128406
   Submitted by:   Daniel Kahn Gillmor <dkg at fifthhorseman.net>
   
   Revision  Changes    Path
   1.1023    +1 -0      ports/security/Makefile
   1.1       +72 -0     ports/security/monkeysphere/Makefile (new)
   1.1       +3 -0      ports/security/monkeysphere/distinfo (new)
   1.1       +11 -0     ports/security/monkeysphere/files/patch-src_monkeysphere-host (new)
   1.1       +11 -0     ports/security/monkeysphere/files/patch-src_share_keytrans (new)
   1.1       +29 -0     ports/security/monkeysphere/pkg-deinstall (new)
   1.1       +7 -0      ports/security/monkeysphere/pkg-descr (new)
   1.1       +64 -0     ports/security/monkeysphere/pkg-install (new)
   1.1       +49 -0     ports/security/monkeysphere/pkg-plist (new)
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
