From b3f25b417bf6557364047ed6dd0ce8ebf7e8b697 Mon Sep 17 00:00:00 2001
From: Jameson Rollins <jrollins@finestructure.net>
Date: Sun, 10 Jan 2010 17:06:39 -0500
Subject: Clean up REQUIRED_KEY_CAPABILITY option passing to process_user_id.

Get rid of 'MODE' stuff, since it was not very clear and wasn't really
being used.
---
 src/share/common          | 14 ++++----------
 src/share/ma/update_users |  3 ---
 2 files changed, 4 insertions(+), 13 deletions(-)

(limited to 'src/share')

diff --git a/src/share/common b/src/share/common
index 4aa3f7c..0c06dde 100644
--- a/src/share/common
+++ b/src/share/common
@@ -559,7 +559,7 @@ gpg_fetch_userid() {
 # userid and key policy checking
 # the following checks policy on the returned keys
 # - checks that full key has appropriate valididy (u|f)
-# - checks key has specified capability (REQUIRED_*_KEY_CAPABILITY)
+# - checks key has specified capability (REQUIRED_KEY_CAPABILITY)
 # - checks that requested user ID has appropriate validity
 # (see /usr/share/doc/gnupg/DETAILS.gz)
 # output is one line for every found key, in the following format:
@@ -571,8 +571,6 @@ gpg_fetch_userid() {
 #
 # all log output must go to stderr, as stdout is used to pass the
 # flag:sshKey to the calling function.
-#
-# expects global variable: "MODE"
 process_user_id() {
     local returnCode=0
     local userID
@@ -593,11 +591,7 @@ process_user_id() {
     userID="$1"
 
     # set the required key capability based on the mode
-    if [ "$MODE" = 'known_hosts' ] ; then
-	requiredCapability="$REQUIRED_HOST_KEY_CAPABILITY"
-    elif [ "$MODE" = 'authorized_keys' ] ; then
-	requiredCapability="$REQUIRED_USER_KEY_CAPABILITY"	
-    fi
+    requiredCapability=${REQUIRED_KEY_CAPABILITY:="a"}
     requiredPubCapability=$(echo "$requiredCapability" | tr "[:lower:]" "[:upper:]")
 
     # fetch the user ID if necessary/requested
@@ -770,7 +764,7 @@ process_host_known_hosts() {
     local tmpfile
 
     # set the key processing mode
-    export MODE='known_hosts'
+    export REQUIRED_KEY_CAPABILITY="$REQUIRED_HOST_KEY_CAPABILITY"
 
     host="$1"
     userID="ssh://${host}"
@@ -954,7 +948,7 @@ process_uid_authorized_keys() {
     local sshKey
 
     # set the key processing mode
-    export MODE='authorized_keys'
+    export REQUIRED_KEY_CAPABILITY="$REQUIRED_USER_KEY_CAPABILITY"
 
     userID="$1"
 
diff --git a/src/share/ma/update_users b/src/share/ma/update_users
index 31b53bf..0086cd3 100644
--- a/src/share/ma/update_users
+++ b/src/share/ma/update_users
@@ -27,9 +27,6 @@ else
     unames=$(list_users)
 fi
 
-# set mode
-MODE="authorized_keys"
-
 # set gnupg home
 GNUPGHOME="$GNUPGHOME_SPHERE"
 
-- 
cgit v1.2.3