Age | Commit message (Collapse) | Author |
|
|
|
|
|
functional change)
|
|
After the last big code cleanup, the bookkeeping of numbers of
processed/valid keys was removed. This was done because most things
don't use that info, and it was confusing return codes of top-level
functions.
The one thing that did use that, though, was the ssh_proxycommand. We
fix this by using a global variable to keep track of the number of
processed and valid keys. The proxy command can now easily determine
when it should output it's marginal ui block.
|
|
This is a fairly major overhaul to greatly reduce the number of
redundant code paths. We here created a new process_keys_for_file
function that processes key from a userid for a given key file. All
the main top elevel functions now call this one function.
The main top level monkeysphere functions for updating the user's
authorized_keys and known_hosts files are now moved to their own
sourced files, which greatly reduces the amount of code sourced with
common.
monkeysphere now updates authorized_keys and known_hosts in temporary
files that are then atomically moved into place upon completion.
Finally, removed the confusing return codes in the key/file processing
functions that were based on number of valid/invalid keys processed.
It was confusing in the presence of actual errors that stopped
processing.
|
|
is not available (includes some comments about how to fix these corner cases).
|
|
|
|
|
|
do not look for a host key in a non-existant file. (should close MS 1147)
|
|
|
|
1141)
|
|
if ssh-keyscan can't retrieve the host key, then output all keys with
matching user ID and validity marginal or better.
|
|
- fix file_hash function to use md5 or md5sum, for Darwin
compatibility
- use build-in 'type' instead of 'which', which for some reason
doesn't behave on Darwin
- clean up some redirection calls.
|
|
|
|
handles the case where the host can not be contacted. the new system
attempts to retrieve the host ssh key before any ui output is made.
this should make things a little clearer in this corner case, and make
things a little more flexible down the line.
|
|
LOG_PREFIX. also make sure to always export the LOG_PREFIX, so that
it gets passed to subprocces su_monkeysphere_user.
|
|
|
|
|
|
tested, in case things are being run set -e
|
|
|
|
|
|
option, and use it in all gpg invocations.
add a trap to subkey_to_ssh_agent.
|
|
portability
|
|
proxycommand, and fix an errant bad line in proxycommand.
|
|
- define more common variables in share/common
- cleanup how defaults are specified
- fix how CHECK_KEYSERVER was determined in monkeysphere
Fix calls to update_known_hosts and update_authorized_keys in
monkeysphere so that some of the checks are done within the functions
themselves, as opposed in the monkeysphere wrapper, so that other
functions can call them easier.
Fix ssh-proxycommand that had some left over cruft from the
transition.
|
|
|
|
|
|
Makefile as well)
|