Merge branch 'master' into no-cache
authorJameson Graef Rollins <jrollins@phys.columbia.edu>
Tue, 17 Jun 2008 00:00:46 +0000 (20:00 -0400)
committerJameson Graef Rollins <jrollins@phys.columbia.edu>
Tue, 17 Jun 2008 00:00:46 +0000 (20:00 -0400)
Conflicts:

src/common
src/monkeysphere
src/monkeysphere-ssh-proxycommand

1  2 
src/common
src/monkeysphere
src/monkeysphere-ssh-proxycommand

diff --cc src/common
index 8b078d64de3bc79863ca78ed406edb8baff78f71,d1554a62c23ae9f44746d1e1114c0178d1d68f6a..64d28cb221871c351d798c31d74f908bcb3b8265
@@@ -167,22 -167,22 +168,25 @@@ process_user_id() 
      fi
      requiredPubCapability=$(echo "$requiredCapability" | tr "[:lower:]" "[:upper:]")
  
-     # fetch keys from keyserver, return 1 if none found
-     gpg_fetch_userid "$userID" || return 1
+     # if CHECK_KEYSERVER variable set, check the keyserver
+     # for the user ID
+     if [ "$CHECK_KEYSERVER" = "true" ] ; then
+       gpg_fetch_userid "$userID"
+     fi
  
      # output gpg info for (exact) userid and store
 -    gpgOut=$(gpg --fixed-list-mode --list-key --with-colons \
 -      ="$userID" 2> /dev/null)
 -
 -    # return 1 if there only "tru" lines are output from gpg
 -    if [ -z "$(echo "$gpgOut" | grep -v '^tru:')" ] ; then
 -      log "  key not found in keychain."
 -      return 1
 +    gpgOut=$(gpg --list-key --fixed-list-mode --with-colon \
 +      --with-fingerprint --with-fingerprint \
 +      ="$userID" 2>/dev/null)
 +
 +    # if the gpg query return code is not 0, return 1
 +    if [ "$?" -ne 0 ] ; then
 +        log "  key not found."
 +        return 1
      fi
  
 +    echo "$gpgOut"
 +
      # loop over all lines in the gpg output and process.
      # need to do it this way (as opposed to "while read...") so that
      # variables set in loop will be visible outside of loop
index 91401b93a0c324c0b34b80768ae788542f377ac6,230de06839e54f82f3392a128de135de86546cf7..8e4c4eb7823ad57b7fdb20bbf03d48af4131a8b3
@@@ -157,7 -158,7 +158,7 @@@ case $COMMAND i
                failure "known_hosts file '$USER_KNOWN_HOSTS' is empty."
            fi
            log "processing known_hosts file..."
-           process_known_hosts "$USER_KNOWN_HOSTS"
 -          process_known_hosts "$hostKeysCacheDir"
++          process_known_hosts
        fi
        ;;
  
index ec162ab8c62985d92bf82eb0e8a0eccb120abc6b,3887e4897d10eca20c7234761ae3e1451238c68c..4b90a0d21fe5e884335a43e277c96473d760c45c
@@@ -40,11 -40,12 +40,14 @@@ f
  # check for the host key in the known_hosts file
  hostKey=$(ssh-keygen -F "$HOST")
  
- # if the host key is not found in the known_hosts file,
- # check the keyserver
- if [ -z "$hostKey" ] ; then
+ # if the host key is found in the known_hosts file,
+ # don't check the keyserver
+ if [ "$hostKey" ] ; then
+     CHECK_KEYSERVER="false"
++else
 +    CHECK_KEYSERVER="true"
  fi
+ export CHECK_KEYSERVER
  
  # update the known_hosts file for the host
  monkeysphere update-known-hosts "$HOST"