X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fcommon;h=7df6908b348bc88f1f805de47f426179017cd667;hb=21516ec2cabc9d37952b8394bfe2ec74edab7405;hp=00ee7b04a124db6679959c35b5c000b2e9ea2389;hpb=1fa2912aac2636bc6a4d8eda089c0e285f88d141;p=monkeysphere.git

diff --git a/src/common b/src/common
index 00ee7b0..7df6908 100644
--- a/src/common
+++ b/src/common
@@ -18,10 +18,17 @@ ETC="/etc/monkeysphere"
 export ETC
 CACHE="/var/cache/monkeysphere"
 export CACHE
+ERR=0
+export ERR
 
 ########################################################################
 ### UTILITY FUNCTIONS
 
+error() {
+    log "$1"
+    ERR=${2:-'1'}
+}
+
 failure() {
     echo "$1" >&2
     exit ${2:-'1'}
@@ -29,12 +36,12 @@ failure() {
 
 # write output to stderr
 log() {
-    echo -n "ms: " 1>&2
-    echo "$@" 1>&2
+    echo -n "ms: " >&2
+    echo "$@" >&2
 }
 
 loge() {
-    echo "$@" 1>&2
+    echo "$@" >&2
 }
 
 # cut out all comments(#) and blank lines from standard input
@@ -369,62 +376,79 @@ process_user_id() {
     done
 }
 
-# process a host in known_host file
-process_host_known_hosts() {
+# process hosts in the known_host file
+process_hosts_known_hosts() {
     local host
     local userID
     local ok
     local keyid
     local tmpfile
 
-    host="$1"
-    userID="ssh://${host}"
-
-    log "processing host: $host"
-
-    process_user_id "ssh://${host}" | \
-    while read -r ok keyid ; do
-	sshKey=$(gpg2ssh "$keyid")
-	# remove the old host key line
-	remove_line "$KNOWN_HOSTS" "$sshKey"
-	# if key OK, add new host line
-	if [ "$ok" -eq '0' ] ; then
-	    # hash if specified
-	    if [ "$HASH_KNOWN_HOSTS" = 'true' ] ; then
-		# FIXME: this is really hackish cause ssh-keygen won't
-		# hash from stdin to stdout
-		tmpfile=$(mktemp)
-		ssh2known_hosts "$host" "$sshKey" > "$tmpfile"
-		ssh-keygen -H -f "$tmpfile" 2> /dev/null
-		cat "$tmpfile" >> "$KNOWN_HOSTS"
-		rm -f "$tmpfile" "${tmpfile}.old"
-	    else
-		ssh2known_hosts "$host" "$sshKey" >> "$KNOWN_HOSTS"
+    # create a lockfile on known_hosts
+    lockfile-create "$KNOWN_HOSTS"
+
+    for host ; do
+	log "processing host: $host"
+
+	userID="ssh://${host}"
+
+	process_user_id "ssh://${host}" | \
+	while read -r ok keyid ; do
+	    sshKey=$(gpg2ssh "$keyid")
+	    # remove the old host key line
+	    remove_line "$KNOWN_HOSTS" "$sshKey"
+	    # if key OK, add new host line
+	    if [ "$ok" -eq '0' ] ; then
+		# hash if specified
+		if [ "$HASH_KNOWN_HOSTS" = 'true' ] ; then
+		    # FIXME: this is really hackish cause ssh-keygen won't
+		    # hash from stdin to stdout
+		    tmpfile=$(mktemp)
+		    ssh2known_hosts "$host" "$sshKey" > "$tmpfile"
+		    ssh-keygen -H -f "$tmpfile" 2> /dev/null
+		    cat "$tmpfile" >> "$KNOWN_HOSTS"
+		    rm -f "$tmpfile" "${tmpfile}.old"
+		else
+		    ssh2known_hosts "$host" "$sshKey" >> "$KNOWN_HOSTS"
+		fi
 	    fi
-	fi
+	done
+	# touch the lockfile, for good measure.
+	lockfile-touch --oneshot "$KNOWN_HOSTS"
     done
+
+    # remove the lockfile
+    lockfile-remove "$KNOWN_HOSTS"
 }
 
-# process a uid in an authorized_keys file
-process_uid_authorized_keys() {
+# process uids for the authorized_keys file
+process_uids_authorized_keys() {
     local userID
     local ok
     local keyid
 
-    userID="$1"
+    # create a lockfile on authorized_keys
+    lockfile-create "$AUTHORIZED_KEYS"
 
-    log "processing user ID: $userID"
+    for userID ; do
+	log "processing user ID: $userID"
 
-    process_user_id "$userID" | \
-    while read -r ok keyid ; do
-	sshKey=$(gpg2ssh "$keyid")
-	# remove the old host key line
-	remove_line "$AUTHORIZED_KEYS" "$sshKey"
-	# if key OK, add new host line
-	if [ "$ok" -eq '0' ] ; then
-	    ssh2authorized_keys "$userID" "$sshKey" >> "$AUTHORIZED_KEYS"
-	fi
+	process_user_id "$userID" | \
+	while read -r ok keyid ; do
+	    sshKey=$(gpg2ssh "$keyid")
+	    # remove the old host key line
+	    remove_line "$AUTHORIZED_KEYS" "$sshKey"
+	    # if key OK, add new host line
+	    if [ "$ok" -eq '0' ] ; then
+		ssh2authorized_keys "$userID" "$sshKey" >> "$AUTHORIZED_KEYS"
+	    fi
+	done
+	# touch the lockfile, for good measure.
+	lockfile-touch --oneshot "$AUTHORIZED_KEYS"
     done
+
+    # remove the lockfile
+    lockfile-remove "$AUTHORIZED_KEYS"
 }
 
 # process known_hosts file
@@ -439,10 +463,7 @@ process_known_hosts() {
     cat "$KNOWN_HOSTS" | meat | \
 	cut -d ' ' -f 1 | grep -v '^|.*$' | \
     while IFS=, read -r -a hosts ; do
-	# and process each host
-	for host in ${hosts[*]} ; do
-	    process_host_known_hosts "$host"
-	done
+	process_hosts_known_hosts ${hosts[@]}
     done
 }
 
@@ -454,7 +475,7 @@ process_authorized_user_ids() {
 
     cat "$authorizedUserIDs" | meat | \
     while read -r userid ; do
-	process_uid_authorized_keys "$userid"
+	process_uids_authorized_keys "$userid"
     done
 }