diff options
| author | Jameson Rollins <jrollins@finestructure.net> | 2010-01-10 17:06:39 -0500 |
|---|---|---|
| committer | Jameson Rollins <jrollins@finestructure.net> | 2010-01-10 17:06:39 -0500 |
| commit | b3f25b417bf6557364047ed6dd0ce8ebf7e8b697 (patch) | |
| tree | 2c6ba11a343b0522163c2d48d95c29674305def0 | |
| parent | 34da0040c8d4a76d922dee21cc9bd35230b9c6a5 (diff) | |
Clean up REQUIRED_KEY_CAPABILITY option passing to process_user_id.
Get rid of 'MODE' stuff, since it was not very clear and wasn't really
being used.
| -rwxr-xr-x | src/monkeysphere-authentication | 1 | ||||
| -rw-r--r-- | src/share/common | 14 | ||||
| -rw-r--r-- | src/share/ma/update_users | 3 |
3 files changed, 4 insertions, 14 deletions
diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication index df7d9bc..f00bf5e 100755 --- a/src/monkeysphere-authentication +++ b/src/monkeysphere-authentication @@ -136,7 +136,6 @@ LOG_PREFIX=${MONKEYSPHERE_LOG_PREFIX:='ms: '} # export variables needed in su invocation export DATE -export MODE export LOG_LEVEL export KEYSERVER export MONKEYSPHERE_USER diff --git a/src/share/common b/src/share/common index 4aa3f7c..0c06dde 100644 --- a/src/share/common +++ b/src/share/common @@ -559,7 +559,7 @@ gpg_fetch_userid() { # userid and key policy checking # the following checks policy on the returned keys # - checks that full key has appropriate valididy (u|f) -# - checks key has specified capability (REQUIRED_*_KEY_CAPABILITY) +# - checks key has specified capability (REQUIRED_KEY_CAPABILITY) # - checks that requested user ID has appropriate validity # (see /usr/share/doc/gnupg/DETAILS.gz) # output is one line for every found key, in the following format: @@ -571,8 +571,6 @@ gpg_fetch_userid() { # # all log output must go to stderr, as stdout is used to pass the # flag:sshKey to the calling function. -# -# expects global variable: "MODE" process_user_id() { local returnCode=0 local userID @@ -593,11 +591,7 @@ process_user_id() { userID="$1" # set the required key capability based on the mode - if [ "$MODE" = 'known_hosts' ] ; then - requiredCapability="$REQUIRED_HOST_KEY_CAPABILITY" - elif [ "$MODE" = 'authorized_keys' ] ; then - requiredCapability="$REQUIRED_USER_KEY_CAPABILITY" - fi + requiredCapability=${REQUIRED_KEY_CAPABILITY:="a"} requiredPubCapability=$(echo "$requiredCapability" | tr "[:lower:]" "[:upper:]") # fetch the user ID if necessary/requested @@ -770,7 +764,7 @@ process_host_known_hosts() { local tmpfile # set the key processing mode - export MODE='known_hosts' + export REQUIRED_KEY_CAPABILITY="$REQUIRED_HOST_KEY_CAPABILITY" host="$1" userID="ssh://${host}" @@ -954,7 +948,7 @@ process_uid_authorized_keys() { local sshKey # set the key processing mode - export MODE='authorized_keys' + export REQUIRED_KEY_CAPABILITY="$REQUIRED_USER_KEY_CAPABILITY" userID="$1" diff --git a/src/share/ma/update_users b/src/share/ma/update_users index 31b53bf..0086cd3 100644 --- a/src/share/ma/update_users +++ b/src/share/ma/update_users @@ -27,9 +27,6 @@ else unames=$(list_users) fi -# set mode -MODE="authorized_keys" - # set gnupg home GNUPGHOME="$GNUPGHOME_SPHERE" |