X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fmonkeysphere;h=147c179403d993aa80d6ea6f1acf9c0e7bf389be;hb=80d903a7cacc0c5c60adfb86067e7c348f83e4c2;hp=cac9a02399bc086bf64dcbbb6c172f3c172fe087;hpb=0d07156e8db60611c28e5f440ff5f6a39d655ff6;p=monkeysphere.git diff --git a/src/monkeysphere b/src/monkeysphere index cac9a02..147c179 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -12,11 +12,14 @@ # or later. ######################################################################## +set -e + PGRM=$(basename $0) SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"} export SYSSHAREDIR -. "${SYSSHAREDIR}/common" || exit 1 +. "${SYSSHAREDIR}/defaultenv" +. "${SYSSHAREDIR}/common" # sharedir for host functions MSHAREDIR="${SYSSHAREDIR}/m" @@ -27,9 +30,6 @@ DATE=$(date -u '+%FT%T') # unset some environment variables that could screw things up unset GREP_OPTIONS -# default return code -RETURN=0 - # set the file creation mask to be only owner rw umask 077 @@ -45,10 +45,10 @@ Monkeysphere client tool. subcommands: update-known_hosts (k) [HOST]... update known_hosts file update-authorized_keys (a) update authorized_keys file - import-subkey (i) FILE [KEYID] import existing ssh key as gpg subkey gen-subkey (g) [KEYID] generate an authentication subkey --length (-l) BITS key length in bits (2048) - ssh-proxycommand monkeysphere ssh ProxyCommand + ssh-proxycommand HOST [PORT] monkeysphere ssh ProxyCommand + --no-connect do not make TCP connection to host subkey-to-ssh-agent (s) store authentication subkey in ssh-agent version (v) show version number help (h,?) this help @@ -71,7 +71,7 @@ check_gpg_sec_key_id() { gpgSecOut=$(gpg_user --fixed-list-mode --list-secret-keys --with-colons 2>/dev/null | egrep '^sec:') ;; 1) - gpgSecOut=$(gpg_user --fixed-list-mode --list-secret-keys --with-colons "$keyID" | egrep '^sec:') || failure + gpgSecOut=$(gpg_user --fixed-list-mode --list-secret-keys --with-colons "$1" | egrep '^sec:') || failure ;; *) failure "You must specify only a single primary key ID." @@ -88,10 +88,10 @@ check_gpg_sec_key_id() { echo "$gpgSecOut" | cut -d: -f5 ;; *) - echo "Multiple primary secret keys found:" | log error - echo "$gpgSecOut" | cut -d: -f5 | log error - echo "Please specify which primary key to use." | log error - failure + local seckeys=$(echo "$gpgSecOut" | cut -d: -f5) + failure "Multiple primary secret keys found: +$seckeys +Please specify which primary key to use." ;; esac } @@ -124,7 +124,7 @@ check_gpg_authentication_subkey() { fi # if authentication key is valid, prompt to continue if [ "$validity" = 'u' ] ; then - echo "A valid authentication key already exists for primary key '$keyID'." + echo "A valid authentication key already exists for primary key '$keyID'." 1>&2 if [ "$PROMPT" = "true" ] ; then read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} if [ "${OK/y/Y}" != 'Y' ] ; then @@ -183,6 +183,9 @@ AUTHORIZED_KEYS=${MONKEYSPHERE_AUTHORIZED_KEYS:=$AUTHORIZED_KEYS} AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:="${MONKEYSPHERE_HOME}/authorized_user_ids"} REQUIRED_HOST_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_HOST_KEY_CAPABILITY:="a"} REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"} +# note that only using '=' instead of ':=' tests only if the variable +# in unset, not if it's "null" +LOG_PREFIX=${MONKEYSPHERE_LOG_PREFIX='ms: '} # export GNUPGHOME and make sure gpg home exists with proper # permissions @@ -204,13 +207,11 @@ case $COMMAND in # those hosts if [ "$1" ] ; then update_known_hosts "$@" - RETURN="$?" # otherwise, if no hosts are specified, process every host # in the user's known_hosts file else process_known_hosts - RETURN="$?" fi ;; @@ -220,7 +221,6 @@ case $COMMAND in # process authorized_user_ids file process_authorized_user_ids "$AUTHORIZED_USER_IDS" - RETURN="$?" ;; 'import-subkey'|'i') @@ -244,7 +244,7 @@ case $COMMAND in ;; 'version'|'v') - echo "$VERSION" + version ;; '--help'|'help'|'-h'|'h'|'?') @@ -256,5 +256,3 @@ case $COMMAND in Type '$PGRM help' for usage." ;; esac - -exit "$RETURN"