From: Jameson Graef Rollins <jrollins@finestructure.net>
Date: Fri, 24 Jul 2009 14:13:08 +0000 (-0400)
Subject: improve the marginal ui a bit.  note number of invalid keys.  closes ms #1141
X-Git-Tag: monkeysphere_0.26~25
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=c600e3474acfee2e4eff1f000a1131c0f5905d08;p=monkeysphere.git

improve the marginal ui a bit.  note number of invalid keys.  closes ms #1141
---

diff --git a/packaging/debian/changelog b/packaging/debian/changelog
index 9735e6e..75957bc 100644
--- a/packaging/debian/changelog
+++ b/packaging/debian/changelog
@@ -2,8 +2,9 @@ monkeysphere (0.26~pre-1) unstable; urgency=low
 
   * New upstream release:
     - add 'refresh-keys' subcommand to monkeysphere-authentication
+    - improve marginal UI (closes MS #1141)
 
- -- Jameson Graef Rollins <jrollins@finestructure.net>  Sat, 18 Jul 2009 14:12:02 -0400
+ -- Jameson Graef Rollins <jrollins@finestructure.net>  Fri, 24 Jul 2009 10:12:25 -0400
 
 monkeysphere (0.25-1) unstable; urgency=low
 
diff --git a/src/share/m/ssh_proxycommand b/src/share/m/ssh_proxycommand
index 01ca488..33bd8a1 100644
--- a/src/share/m/ssh_proxycommand
+++ b/src/share/m/ssh_proxycommand
@@ -111,27 +111,24 @@ EOF
 	fi
     fi
 
-    # find all 'pub' and 'sub' lines in the gpg output, which each
-    # represent a retrieved key for the user ID
+    # find all keys in the gpg output ('pub' and 'sub' lines) and
+    # output the ones that match the host key or that have marginal
+    # validity
     echo "$gpgOut" | cut -d: -f1,2,5,10,12 | \
     while IFS=: read -r type validity keyid uidfpr usage ; do
 	case $type in
 	    'pub'|'sub')
 		# get the ssh key of the gpg key
 		sshKeyGPG=$(gpg2ssh "$keyid")
-
 		# if a key was retrieved from the host...
 		if [ "$sshKeyOffered" ] ; then
-
-		    # if one of keys found matches the one offered by the
-		    # host, then output info
+		    # if one of the keys matches the one offered by
+		    # the host, then output info and return
 		    if [ "$sshKeyGPG" = "$sshKeyOffered" ] ; then
 			log info <<EOF
 An OpenPGP key matching the ssh key offered by the host was found:
 EOF
-
 			show_key_info "$keyid" | log info
-
 			# this whole process is in a "while read"
 			# subshell.  the only way to get information
 			# out of the subshell is to change the return
@@ -140,14 +137,14 @@ EOF
 			# for the ssh key offered by the host
 			return 1
 		    fi
-
-		# else if a key was not retrieved from the host
+		# else if a key was not retrieved from the host...
 		else
-
-		    # if the current key is marginal, show info
-		    if [ "$validity" = 'm' ] ; then
+		    # and the current key is marginal, show info
+		    if [ "$validity" = 'm' ] \
+			|| [ "$validity" = 'f' ] \
+			|| [ "$validity" = 'u' ] ; then
 			show_key_info "$keyid" | log info
-                    fi
+		    fi
 		fi
 		;;
 	esac
@@ -155,21 +152,24 @@ EOF
 
     # if no key match was made (and the "while read" subshell
     # returned 1) output how many keys were found
-    if (( returnCode != 1 )) ; then
-
+    if (( returnCode == 1 )) ; then
 	echo | log info
-
-	# output different footer messages depending on if a key had
-	# been retrieved from the host
+    else
+	# if a key was retrieved, but didn't match, note this
 	if [ "$sshKeyOffered" ] ; then
 	    log info <<EOF
 None of the found keys matched the key offered by the host.
 EOF
-	else
+	fi
+
+	# note how many invalid keys were found
+	nInvalidKeys=$(echo "$gpgOut" | egrep '^(pub|sub):[^(m|f|u)]:' | wc -l)
+	if ((nInvalidKeys > 0)) ; then
 	    log info <<EOF
-There may be keys for this hostname with less than marginal validity.
+Keys found with less than marginal validity: $nInvalidKeys
 EOF
 	fi
+
 	log info <<EOF
 Run the following command for more info about the found keys:
 gpg --check-sigs --list-options show-uid-validity =${userID}