diff options
| author | Jameson Rollins <jrollins@finestructure.net> | 2010-10-24 11:51:39 -0400 |
|---|---|---|
| committer | Jameson Rollins <jrollins@finestructure.net> | 2010-10-24 11:51:39 -0400 |
| commit | 46f5d82b83ca38aeffcc660d8b5d621bf19f3f4f (patch) | |
| tree | 67160d8a74a5e3b344af5346270f1e99afa651b6 | |
| parent | af9ff0feedd40dadc8df15bf9f5392a599e5279e (diff) | |
back to using grep fixed-string matching when removing key lines
This method uses grep -F to find the full line to match, and then
second call to grep -v -F to actually remove the line. For
known_hosts, we use two piped grep -F calls. No rexexp are used, and
only one extra call to grep is required for known_hosts line removal.
There is still an issue here about sub-string matches, but there is at
least no regression over early versions.
| -rw-r--r-- | src/share/common | 30 |
1 files changed, 13 insertions, 17 deletions
diff --git a/src/share/common b/src/share/common index 0f760c3..a6da309 100644 --- a/src/share/common +++ b/src/share/common @@ -325,32 +325,29 @@ passphrase_prompt() { # remove all lines with specified string from specified file remove_line() { local file - local string + local lines local tempfile file="$1" - string="$2" + shift - if [ -z "$file" -o -z "$string" ] ; then + if [ ! -e "$file" ] ; then return 1 fi - if [ ! -e "$file" ] ; then - return 1 + if (($# == 1)) ; then + lines=$(grep -F "$1" "$file") || true + else + lines=$(grep -F "$1" "$file" | grep -F "$2") || true fi - # if the string is in the file... - if grep "$string" "$file" &>/dev/null ; then + # if the string was found, remove it + if [ "$lines" ] ; then + log debug "removing matching key lines..." tempfile=$(mktemp "${file}.XXXXXXX") || \ failure "Unable to make temp file '${file}.XXXXXXX'" - - # remove the line with the string, and return 0 - grep -v "$string" "$file" >"$tempfile" + grep -v -F "$lines" "$file" >"$tempfile" mv -f "$tempfile" "$file" - return 0 - # otherwise return 1 - else - return 1 fi } @@ -786,7 +783,6 @@ process_keys_for_file() { local host local ok local sshKey - local noKey= log verbose "processing: $userID" log debug "key file: $keyFile" @@ -804,11 +800,11 @@ process_keys_for_file() { if [[ "$keyFile" != '-' ]] ; then case "$FILE_TYPE" in ('authorized_keys') - remove_line "$keyFile" "$sshKey" || noKey=true + remove_line "$keyFile" "$sshKey" ;; ('known_hosts') host=${userID#ssh://} - remove_line "$keyFile" "${host}.*${sshKey}" || noKey=true + remove_line "$keyFile" "$host" "$sshKey" ;; esac fi |