fi
if [ "$priority" = "$level" -a "$output" = 'true' ] ; then
if [ "$1" ] ; then
- echo -n "ms: " >&2
- echo "$@" >&2
+ echo "$@"
else
- cat >&2
- fi
+ cat
+ fi | sed 's/^/'"${LOG_PREFIX}"'/' >&2
fi
done
}
local PASS
if [ "$DISPLAY" ] && which "${SSH_ASKPASS:-ssh-askpass}" >/dev/null; then
+ printf 'Launching "%s"\n' "${SSH_ASKPASS:-ssh-askpass}" | log info
+ printf '(with prompt "%s")\n' "$prompt" | log debug
"${SSH_ASKPASS:-ssh-askpass}" "$prompt" > "$fifo"
else
read -s -p "$prompt" PASS
file="$1"
- if [ -z "$file" ] ; then
+ # return error if file does not exist
+ if [ ! -e "$file" ] ; then
return 1
fi
- if [ ! -e "$file" ] ; then
- return 1
+ # just return ok if the file is empty, since there aren't any
+ # lines to remove
+ if [ ! -s "$file" ] ; then
+ return 0
fi
tempfile=$(mktemp "${file}.XXXXXXX") || \
# output known_hosts line from ssh key
ssh2known_hosts() {
local host
+ local port
local key
- host="$1"
+ # FIXME this does not properly deal with IPv6 hosts using the
+ # standard port (because it's unclear whether their final
+ # colon-delimited address section is a port number or an address
+ # string)
+ host=${1%:*}
+ port=${1##*:}
key="$2"
- echo -n "$host "
- echo -n "$key" | tr -d '\n'
- echo " MonkeySphere${DATE}"
+ # specify the host and port properly for new ssh known_hosts
+ # format
+ if [ "$port" != "$host" ] ; then
+ host="[${host}]:${port}"
+ fi
+ printf "%s %s MonkeySphere%s\n" "$host" "$key" "$DATE"
}
# output authorized_keys line from ssh key
userID="$1"
key="$2"
- echo -n "$key" | tr -d '\n'
- echo " MonkeySphere${DATE} ${userID}"
+ printf "%s MonkeySphere%s %s\n" "$key" "$DATE" "$userID"
}
# convert key from gpg to ssh known_hosts format
gpg2known_hosts() {
local host
local keyID
+ local key
host="$1"
keyID="$2"
+ key=$(gpg2ssh "$keyID")
+
# NOTE: it seems that ssh-keygen -R removes all comment fields from
# all lines in the known_hosts file. why?
# NOTE: just in case, the COMMENT can be matched with the
# following regexp:
# '^MonkeySphere[[:digit:]]{4}(-[[:digit:]]{2}){2}T[[:digit:]]{2}(:[[:digit:]]{2}){2}$'
- echo -n "$host "
- gpg2ssh "$keyID" | tr -d '\n'
- echo " MonkeySphere${DATE}"
+ printf "%s %s MonkeySphere%s\n" "$host" "$key" "$DATE"
}
# convert key from gpg to ssh authorized_keys format
gpg2authorized_keys() {
local userID
local keyID
+ local key
userID="$1"
keyID="$2"
+ key=$(gpg2ssh "$keyID")
+
# NOTE: just in case, the COMMENT can be matched with the
# following regexp:
# '^MonkeySphere[[:digit:]]{4}(-[[:digit:]]{2}){2}T[[:digit:]]{2}(:[[:digit:]]{2}){2}$'
- gpg2ssh "$keyID" | tr -d '\n'
- echo " MonkeySphere${DATE} ${userID}"
+ printf "%s MonkeySphere%s %s\n" "$key" "$DATE" "$userID"
}
### GPG UTILITIES
(umask 0022 && touch "$KNOWN_HOSTS")
# check permissions on the known_hosts file path
- check_key_file_permissions "$USER" "$KNOWN_HOSTS" || failure
+ check_key_file_permissions $(whoami) "$KNOWN_HOSTS" || failure
# create a lockfile on known_hosts:
lock create "$KNOWN_HOSTS"
log debug " $AUTHORIZED_KEYS"
# check permissions on the authorized_keys file path
- check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" || failure
+ check_key_file_permissions $(whoami) "$AUTHORIZED_KEYS" || failure
# create a lockfile on authorized_keys
lock create "$AUTHORIZED_KEYS"
log debug " $authorizedUserIDs"
# check permissions on the authorized_user_ids file path
- check_key_file_permissions "$USER" "$authorizedUserIDs" || failure
+ check_key_file_permissions $(whoami) "$authorizedUserIDs" || failure
if ! meat "$authorizedUserIDs" > /dev/null ; then
log debug " no user IDs to process."