.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.40) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] \fP .\} .if t \{\ . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff .if n \{\ . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} .if t \{\ . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' .ds 8 \h'\*(#H'\(*b\h'-\*(#H' .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] .ds ae a\h'-(\w'a'u*4/10)'e .ds Ae A\h'-(\w'A'u*4/10)'E . \" corrections for vroff .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' . \" for low resolution devices (crt and lpr) .if \n(.H>23 .if \n(.V>19 \ \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} .rm #[ #] #H #V #F C .\" ======================================================================== .\" .IX Title "MSVA-QUERY-AGENT 1" .TH MSVA-QUERY-AGENT 1 "2021-01-04" "perl v5.32.0" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" msva\-query\-agent \- query a Monkeysphere Validation Agent .SH "SYNOPSIS" .IX Header "SYNOPSIS" msva-query-agent \s-1CONTEXT PEER PKC_TYPE\s0 [\s-1PEER_TYPE\s0] < /path/to/public_key_carrier .PP msva-query-agent \s-1CONTEXT PEER PKC_TYPE PEER_TYPE PKC_DATA\s0 .PP msva-query-agent \-\-version .SH "ABSTRACT" .IX Header "ABSTRACT" msva-query-agent validates certificates for a given use by querying a running Monkeysphere Validation Agent. .SH "USAGE" .IX Header "USAGE" msva-query-agent reads a certificate from standard input, and posts it to the running Monkeysphere Validation Agent. The return code indicates the validity (as determined by the agent) of the certificate for the specified purpose. The agent's return message (if any) is emitted on stdout. .PP The various arguments are: .IP "\s-1CONTEXT\s0" 4 .IX Item "CONTEXT" Context in which the certificate is being validated (e.g. 'https', \&'ssh', 'ike') .IP "\s-1PEER\s0" 4 .IX Item "PEER" The name of the intended peer. When validating a certificate for a service, supply the host's full \s-1DNS\s0 name (e.g. 'foo.example.net') .IP "\s-1PKC_TYPE\s0" 4 .IX Item "PKC_TYPE" The format of public key carrier data provided on standard input (e.g. 'x509der', 'x509pem', 'opensshpubkey', 'rfc4716', 'openpgp4fpr') .IP "\s-1PEER_TYPE\s0" 4 .IX Item "PEER_TYPE" The type of peer we are inquiring about (e.g. 'client', 'server', \&'peer'). This argument is optional and defaults will be used (based on \s-1CONTEXT\s0) if it is not supplied. .IP "\s-1PKC_DATA\s0" 4 .IX Item "PKC_DATA" This is the actual public key carrier data itself. If less than five arguments are given, then the \s-1PKC_DATA\s0 is expected on stdin. If five arguments are given, the fifth argument is interpreted as the \&\s-1PKC_DATA.\s0 This is likely only useful for supplying an OpenPGP fingerprint with the 'openpgp4fpr' type. .SH "RETURN CODE" .IX Header "RETURN CODE" If the certificate is valid for the requested peer in the given context, the return code is 0. Otherwise, the return code is 1. .SH "ENVIRONMENT VARIABLES" .IX Header "ENVIRONMENT VARIABLES" msva-query-agent's behavior is controlled by environment variables: .IP "\s-1MONKEYSPHERE_VALIDATION_AGENT_SOCKET\s0" 4 .IX Item "MONKEYSPHERE_VALIDATION_AGENT_SOCKET" Socket over which to query the validation agent. If unset, the default value is 'http://127.0.0.1:8901'. .IP "\s-1MSVA_LOG_LEVEL\s0" 4 .IX Item "MSVA_LOG_LEVEL" Log messages about its operation to stderr. \s-1MSVA_LOG_LEVEL\s0 controls its verbosity, and should be one of (in increasing verbosity): silent, quiet, fatal, error, info, verbose, debug, debug1, debug2, debug3. Default is 'error'. .SH "COMMUNICATION PROTOCOL DETAILS" .IX Header "COMMUNICATION PROTOCOL DETAILS" Communications with the Monkeysphere Validation Agent are in the form of \s-1JSON\s0 requests over plain \s-1HTTP.\s0 Responses from the agent are also \&\s-1JSON\s0 objects. For details on the structure of the requests and responses, please see http://web.monkeysphere.info/validation\-agent/protocol .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fBmsva\-perl\fR\|(1), \fBmonkeysphere\fR\|(1), \fBmonkeysphere\fR\|(7) .SH "BUGS AND FEEDBACK" .IX Header "BUGS AND FEEDBACK" Bugs or feature requests for msva-perl and associated tools should be filed with the Monkeysphere project's bug tracker at https://labs.riseup.net/code/projects/monkeysphere/issues/ .SH "AUTHORS AND CONTRIBUTORS" .IX Header "AUTHORS AND CONTRIBUTORS" Jameson Graef Rollins Daniel Kahn Gillmor .PP The Monkeysphere Team http://web.monkeysphere.info/ .SH "COPYRIGHT AND LICENSE" .IX Header "COPYRIGHT AND LICENSE" Copyright X 2010, Jameson Graef Rollins and others from the Monkeysphere team. msva-query-agent is free software, distributed under the \s-1GNU\s0 Public License, version 3 or later.