diff options
| author | Jameson Rollins <jrollins@finestructure.net> | 2010-10-29 20:14:24 -0400 |
|---|---|---|
| committer | Jameson Rollins <jrollins@finestructure.net> | 2010-10-29 20:14:24 -0400 |
| commit | 8019e159c585f0374bccac08f247830ac84ad2d4 (patch) | |
| tree | cf1cfe8ac4fd85485ca27a95c401ad77d10deebf /src | |
| parent | 875b9873b351a1a4643cfe635131253150d335e9 (diff) | |
fix ssh_proxycommand marginal ui
After the last big code cleanup, the bookkeeping of numbers of
processed/valid keys was removed. This was done because most things
don't use that info, and it was confusing return codes of top-level
functions.
The one thing that did use that, though, was the ssh_proxycommand. We
fix this by using a global variable to keep track of the number of
processed and valid keys. The proxy command can now easily determine
when it should output it's marginal ui block.
Diffstat (limited to 'src')
| -rw-r--r-- | src/share/common | 7 | ||||
| -rw-r--r-- | src/share/m/ssh_proxycommand | 36 |
2 files changed, 17 insertions, 26 deletions
diff --git a/src/share/common b/src/share/common index b26b57e..025c991 100644 --- a/src/share/common +++ b/src/share/common @@ -841,6 +841,8 @@ process_keys_for_file() { esac fi + ((++KEYS_PROCESSED)) + # if key OK, add new key line if [ "$ok" -eq '0' ] ; then case "$FILE_TYPE" in @@ -862,8 +864,13 @@ process_keys_for_file() { else echo "$keyLine" >>"$keyFile" fi + + ((++KEYS_VALID)) fi done + + log debug "KEYS_PROCESSED=$KEYS_PROCESSED" + log debug "KEYS_VALID=$KEYS_VALID" } # process an authorized_user_ids file on stdin for authorized_keys diff --git a/src/share/m/ssh_proxycommand b/src/share/m/ssh_proxycommand index a4c01c6..15f52e0 100644 --- a/src/share/m/ssh_proxycommand +++ b/src/share/m/ssh_proxycommand @@ -53,6 +53,7 @@ EOF otherUids=$(echo "$gpgSigOut" | grep "^uid" | grep -v "$userID") if [ "$otherUids" ] ; then log info <<EOF + Other user IDs on this key: EOF echo "$otherUids" | log info @@ -270,34 +271,17 @@ fi # CHECK_KEYSERVER setting to override all else CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER} +declare -i KEYS_PROCESSED=0 +declare -i KEYS_VALID=0 + # update the known_hosts file for the host -local returnCode=0 source "${MSHAREDIR}/update_known_hosts" -update_known_hosts "$HOSTP" || returnCode="$?" - -# output on depending on the return of the update-known_hosts -# subcommand, which is (ultimately) the return code of the -# update_known_hosts function in common -case "$returnCode" in - 0) - # acceptable host key found so continue to ssh - true - ;; - 1) - # no hosts at all found so also continue (drop through to - # regular ssh host verification) - true - ;; - 2) - # at least one *bad* host key (and no good host keys) was - # found, so output some usefull information - output_no_valid_key - ;; - *) - # anything else drop through - true - ;; -esac +update_known_hosts "$HOSTP" + +if ((KEYS_PROCESSED > 0)) && ((KEYS_VALID == 0)) ; then + log debug "output ssh marginal ui..." + output_no_valid_key +fi # FIXME: what about the case where monkeysphere successfully finds a # valid key for the host and adds it to the known_hosts file, but a |