1 files changed, 74 insertions, 0 deletions

diff --git a/update-known-hosts b/update-known-hosts
new file mode 100755
index 0000000..14f873f
--- /dev/null
+++ b/update-known-hosts
@@ -0,0 +1,74 @@
+#!/bin/dash
+
+set -euC
+
+CONFDIR=/etc/openssh-known-hosts
+PLUGIN_PATH=/usr/share/openssh-known-hosts/plugins:/usr/local/share/openssh-known-hosts/plugins
+CACHEDIR=/var/cache/openssh-known-hosts
+LOCK=/var/lock/openssh-known-hosts
+OUTFILE=/var/lib/openssh-known-hosts/ssh_known_hosts
+
+path_search () {
+	if [ "${1}" != "${1#*/}" ]; then
+		echo $1
+	else
+		echo "$2" | tr ':' '\n' | while read -r path; do
+			if [ -f "${path}/${1}" ]; then
+				echo "${path}/${1}"
+				break
+			fi
+		done
+	fi
+}
+
+lockfile-create "${LOCK}"
+lockfile-touch "${LOCK}" &
+LOCKPID="$!"
+
+cd "${CACHEDIR}"
+
+find -mindepth 2 -maxdepth 2 -type f -name new -delete
+
+run-parts --list "${CONFDIR}/sources/" | while read source; do
+	source=`basename ${source}`
+	mkdir -p ${source}
+	(
+		set -a
+		cd ${source}
+		. "${CONFDIR}/sources/${source}"
+		`path_search "$PLUGIN" "$PLUGIN_PATH"` >| log 2>&1 || {
+			exitcode=$?
+			rm -f new
+			ignore=''
+			for e in ${EXIT_IGNORE:-0}; do
+				if [ "$e" = "$exitcode" ]; then
+					ignore=1
+					break
+				fi
+			done
+			if [ ! "$ignore" ]; then
+				echo "${source} exited with code ${exitcode}, log follows:"
+				cat log
+				echo
+			fi
+		}
+	)
+	if [ -e ${source}/new ]; then
+		mv ${source}/new ${source}/current
+	fi
+	if [ -e ${source}/current ]; then
+		cat ${source}/current >&3
+	fi
+done 3>| "${OUTFILE}.new"
+
+mv "${OUTFILE}.new" "${OUTFILE}"
+
+for d in *; do
+	[ -d $d ] || continue
+	[ -e "${CONFDIR}/sources/$d" ] || rm -fr $d
+done
+
+kill "${LOCKPID}"
+lockfile-remove "${LOCK}"
+
+# vim:set ft=sh: