summaryrefslogtreecommitdiff
path: root/src/share
diff options
context:
space:
mode:
authorJameson Rollins <jrollins@finestructure.net>2010-10-29 20:14:24 -0400
committerJameson Rollins <jrollins@finestructure.net>2010-10-29 20:14:24 -0400
commit8019e159c585f0374bccac08f247830ac84ad2d4 (patch)
treecf1cfe8ac4fd85485ca27a95c401ad77d10deebf /src/share
parent875b9873b351a1a4643cfe635131253150d335e9 (diff)
fix ssh_proxycommand marginal ui
After the last big code cleanup, the bookkeeping of numbers of processed/valid keys was removed. This was done because most things don't use that info, and it was confusing return codes of top-level functions. The one thing that did use that, though, was the ssh_proxycommand. We fix this by using a global variable to keep track of the number of processed and valid keys. The proxy command can now easily determine when it should output it's marginal ui block.
Diffstat (limited to 'src/share')
-rw-r--r--src/share/common7
-rw-r--r--src/share/m/ssh_proxycommand36
2 files changed, 17 insertions, 26 deletions
diff --git a/src/share/common b/src/share/common
index b26b57e..025c991 100644
--- a/src/share/common
+++ b/src/share/common
@@ -841,6 +841,8 @@ process_keys_for_file() {
esac
fi
+ ((++KEYS_PROCESSED))
+
# if key OK, add new key line
if [ "$ok" -eq '0' ] ; then
case "$FILE_TYPE" in
@@ -862,8 +864,13 @@ process_keys_for_file() {
else
echo "$keyLine" >>"$keyFile"
fi
+
+ ((++KEYS_VALID))
fi
done
+
+ log debug "KEYS_PROCESSED=$KEYS_PROCESSED"
+ log debug "KEYS_VALID=$KEYS_VALID"
}
# process an authorized_user_ids file on stdin for authorized_keys
diff --git a/src/share/m/ssh_proxycommand b/src/share/m/ssh_proxycommand
index a4c01c6..15f52e0 100644
--- a/src/share/m/ssh_proxycommand
+++ b/src/share/m/ssh_proxycommand
@@ -53,6 +53,7 @@ EOF
otherUids=$(echo "$gpgSigOut" | grep "^uid" | grep -v "$userID")
if [ "$otherUids" ] ; then
log info <<EOF
+
Other user IDs on this key:
EOF
echo "$otherUids" | log info
@@ -270,34 +271,17 @@ fi
# CHECK_KEYSERVER setting to override all else
CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER}
+declare -i KEYS_PROCESSED=0
+declare -i KEYS_VALID=0
+
# update the known_hosts file for the host
-local returnCode=0
source "${MSHAREDIR}/update_known_hosts"
-update_known_hosts "$HOSTP" || returnCode="$?"
-
-# output on depending on the return of the update-known_hosts
-# subcommand, which is (ultimately) the return code of the
-# update_known_hosts function in common
-case "$returnCode" in
- 0)
- # acceptable host key found so continue to ssh
- true
- ;;
- 1)
- # no hosts at all found so also continue (drop through to
- # regular ssh host verification)
- true
- ;;
- 2)
- # at least one *bad* host key (and no good host keys) was
- # found, so output some usefull information
- output_no_valid_key
- ;;
- *)
- # anything else drop through
- true
- ;;
-esac
+update_known_hosts "$HOSTP"
+
+if ((KEYS_PROCESSED > 0)) && ((KEYS_VALID == 0)) ; then
+ log debug "output ssh marginal ui..."
+ output_no_valid_key
+fi
# FIXME: what about the case where monkeysphere successfully finds a
# valid key for the host and adds it to the known_hosts file, but a