X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fshare%2Fm%2Fssh_proxycommand;h=abe068ddc9467aa1aae7c4679ce724a84278e3ec;hb=710cc816f9fe491ea36055bade9843e9eeb0cc7e;hp=d7e801ec46711ada104019a5d00628b76b8eb516;hpb=810526da4461212bb4ec50afec7237268df1afb7;p=monkeysphere.git

diff --git a/src/share/m/ssh_proxycommand b/src/share/m/ssh_proxycommand
index d7e801e..abe068d 100644
--- a/src/share/m/ssh_proxycommand
+++ b/src/share/m/ssh_proxycommand
@@ -18,6 +18,7 @@
 # "marginal case" ouput in the case that there is not a full
 # validation path to the host
 output_no_valid_key() {
+    local returnCode=0
     local sshKeyOffered
     local userID
     local type
@@ -43,7 +44,7 @@ EOF
     # found?
 
     # get the gpg info for userid
-    gpgOut=$(gpg --list-key --fixed-list-mode --with-colon \
+    gpgOut=$(gpg_user --list-key --fixed-list-mode --with-colon \
 	--with-fingerprint --with-fingerprint \
 	="$userID" 2>/dev/null)
 
@@ -64,14 +65,14 @@ An OpenPGP key matching the ssh key offered by the host was found:
 
 EOF
 
-		    # do some crazy "Here Strings" redirection to get the key to
-		    # ssh-keygen, since it doesn't read from stdin cleanly
-		    sshFingerprint=$(ssh-keygen -l -f /dev/stdin \
-			<<<$(echo "$sshKeyGPG") | \
+		    sshKeyGPGFile=$(msmktempfile)
+		    printf "%s" "$sshKeyGPG" >"$sshKeyGPGFile"
+		    sshFingerprint=$(ssh-keygen -l -f "$sshKeyGPGFile" | \
 			awk '{ print $2 }')
+		    rm -f "$sshKeyGPGFile"
 
 		    # get the sigs for the matching key
-		    gpgSigOut=$(gpg --check-sigs \
+		    gpgSigOut=$(gpg_user --check-sigs \
 			--list-options show-uid-validity \
 			"$keyid")
 
@@ -112,11 +113,11 @@ EOF
 		fi
 		;;
 	esac
-    done
+    done || returnCode="$?"
 
     # if no key match was made (and the "while read" subshell returned
     # 1) output how many keys were found
-    if (($? != 1)) ; then
+    if (( returnCode != 1 )) ; then
 	cat <<EOF | log info
 None of the found keys matched the key offered by the host.
 Run the following command for more info about the found keys:
@@ -171,7 +172,7 @@ URI="ssh://${HOSTP}"
 # CHECK_KEYSERVER variable in the monkeysphere.conf file.
 
 # if the host is in the gpg keyring...
-if gpg --list-key ="${URI}" 2>&1 >/dev/null ; then
+if gpg_user --list-key ="${URI}" 2>&1 >/dev/null ; then
     # do not check the keyserver
     CHECK_KEYSERVER=${CHECK_KEYSERVER:="false"}
 
@@ -200,12 +201,13 @@ fi
 CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER}
 
 # update the known_hosts file for the host
-update_known_hosts "$HOSTP"
+local returnCode=0
+update_known_hosts "$HOSTP" || returnCode="$?"
 
 # output on depending on the return of the update-known_hosts
 # subcommand, which is (ultimately) the return code of the
 # update_known_hosts function in common
-case $? in
+case "$returnCode" in
     0)
 	# acceptable host key found so continue to ssh
 	true