From 9fdc3267523c30781914261fd8636adee5e7e434 Mon Sep 17 00:00:00 2001
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Mon, 7 Jun 2021 14:32:16 +0100
Subject: [PATCH] ssh keys update: Roorder to support checking for hardlink

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---
 src/sshkeys.rs | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/src/sshkeys.rs b/src/sshkeys.rs
index d92840d3..8044b3b0 100644
--- a/src/sshkeys.rs
+++ b/src/sshkeys.rs
@@ -471,21 +471,30 @@ impl Global {
     let config = config();
     let path = &config.authorized_keys;
     let tmp = format!("{}.tmp", &path);
+    let include = &config.authorized_keys_include;
+
+    let staticf = match File::open(include) {
+      Ok(y) => Some(y),
+      Err(e) if e.kind() == ErrorKind::NotFound => None,
+      Err(e) => throw!(AE::from(e).context(include.clone())
+                       .context("open static auth keys")),
+    };
 
     (||{
       let f = match File::open(path) {
         Err(e) if e.kind() == ErrorKind::NotFound => return Ok(()),
         x => x,
       }.context("open")?;
+
       let l = BufReader::new(f).lines().next()
         .ok_or_else(|| anyhow!("no first line!"))?
         .context("read first line")?;
-      if l != MAGIC_BANNER {
-        throw!(anyhow!(
-          "first line is not as expected (manually written/edited?)"
-        ));
+      if l == MAGIC_BANNER {
+        return Ok(());
       }
-      Ok::<_,AE>(())
+      Err(anyhow!(
+          "first line is not as expected (manually written/edited?)"
+      ))
     })()
       .context("check authorized_keys magic/banner")?;
 
@@ -495,8 +504,6 @@ impl Global {
       .open(&tmp)
       .context("open new auth keys file (.tmp)")?;
 
-    let include = &config.authorized_keys_include;
-
     (||{
       let mut f = BufWriter::new(&mut f);
       writeln!(f, "{}", MAGIC_BANNER)?;
@@ -506,12 +513,7 @@ impl Global {
       Ok::<_,io::Error>(())
     })().context("write header (to .tmp)")?;
 
-    if let Some(mut sf) = match File::open(include) {
-      Ok(y) => Some(y),
-      Err(e) if e.kind() == ErrorKind::NotFound => None,
-      Err(e) => throw!(AE::from(e).context(include.clone())
-                       .context("open static auth keys")),
-    } {
+    if let Some(mut sf) = staticf {
       io::copy(&mut sf, &mut f).context("copy data into new auth keys")?;
       writeln!(f).context("write newline into new auth keys")?;
     }
-- 
2.30.2