fix ssh_proxycommand marginal ui

After the last big code cleanup, the bookkeeping of numbers of
processed/valid keys was removed.  This was done because most things
don't use that info, and it was confusing return codes of top-level
functions.

The one thing that did use that, though, was the ssh_proxycommand.  We
fix this by using a global variable to keep track of the number of
processed and valid keys.  The proxy command can now easily determine
when it should output it's marginal ui block.

diff --git a/src/share/common b/src/share/common
index b26b57e2a42bc5be6ca3c1fe93f3d9e32f5ce86d..025c991396bb4bb3f9fe619d586223b423a64b9d 100644 (file)
--- a/src/share/common
+++ b/src/share/common
@@ -841,6 +841,8 @@ process_keys_for_file() {
            esac
        fi
 
+       ((++KEYS_PROCESSED))
+
        # if key OK, add new key line
        if [ "$ok" -eq '0' ] ; then
            case "$FILE_TYPE" in
@@ -862,8 +864,13 @@ process_keys_for_file() {
            else
                echo "$keyLine" >>"$keyFile"
            fi
+
+           ((++KEYS_VALID))
        fi
     done
+
+    log debug "KEYS_PROCESSED=$KEYS_PROCESSED"
+    log debug "KEYS_VALID=$KEYS_VALID"
 }
 
 # process an authorized_user_ids file on stdin for authorized_keys

diff --git a/src/share/m/ssh_proxycommand b/src/share/m/ssh_proxycommand
index a4c01c61904ab3d4d0e6714a08d649cbaf0ab42a..15f52e0764e70973c2939bea16ce9d706dfb9674 100644 (file)
--- a/src/share/m/ssh_proxycommand
+++ b/src/share/m/ssh_proxycommand
@@ -53,6 +53,7 @@ EOF
     otherUids=$(echo "$gpgSigOut" | grep "^uid" | grep -v "$userID")
     if [ "$otherUids" ] ; then
        log info <<EOF
+
 Other user IDs on this key:
 EOF
        echo "$otherUids" | log info
@@ -270,34 +271,17 @@ fi
 # CHECK_KEYSERVER setting to override all else
 CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER}
 
+declare -i KEYS_PROCESSED=0
+declare -i KEYS_VALID=0
+
 # update the known_hosts file for the host
-local returnCode=0
 source "${MSHAREDIR}/update_known_hosts"
-update_known_hosts "$HOSTP" || returnCode="$?"
-
-# output on depending on the return of the update-known_hosts
-# subcommand, which is (ultimately) the return code of the
-# update_known_hosts function in common
-case "$returnCode" in
-    0)
-       # acceptable host key found so continue to ssh
-       true
-       ;;
-    1)
-       # no hosts at all found so also continue (drop through to
-       # regular ssh host verification)
-       true
-       ;;
-    2)
-       # at least one *bad* host key (and no good host keys) was
-       # found, so output some usefull information
-       output_no_valid_key
-       ;;
-    *)
-       # anything else drop through
-       true
-       ;;
-esac
+update_known_hosts "$HOSTP"
+
+if ((KEYS_PROCESSED > 0)) && ((KEYS_VALID == 0)) ; then
+    log debug "output ssh marginal ui..."
+    output_no_valid_key
+fi
 
 # FIXME: what about the case where monkeysphere successfully finds a
 # valid key for the host and adds it to the known_hosts file, but a