[src/trunk]: src/etc/rc.d PR 56835: fix sshd startup script to only whine abo...

[martin <martin%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/c61ec11a8396
branches:  trunk
changeset: 366120:c61ec11a8396
user:      martin <martin%NetBSD.org@localhost>
date:      Sun May 15 11:47:42 2022 +0000

description:
PR 56835: fix sshd startup script to only whine about bogus keys it
created if it actualy did create keys (one should thing that a
function called sshd_keygen() only is called to create keys, but
the "precmd" magic makes it run every time sshd is started or stopped).

Patch from Tom Lane, with modifications suggested by kre and a minor
additional cosemtic change.

diffstat:

 etc/rc.d/sshd |  8 ++++++--
 1 files changed, 6 insertions(+), 2 deletions(-)

diffs (38 lines):

diff -r d247fbf2c0ae -r c61ec11a8396 etc/rc.d/sshd
--- a/etc/rc.d/sshd     Sun May 15 10:29:20 2022 +0000
+++ b/etc/rc.d/sshd     Sun May 15 11:47:42 2022 +0000
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $NetBSD: sshd,v 1.31 2021/09/26 10:53:20 martin Exp $
+# $NetBSD: sshd,v 1.32 2022/05/15 11:47:42 martin Exp $
 #
 
 # PROVIDE: sshd
@@ -45,6 +45,7 @@
 (
        keygen="/usr/bin/ssh-keygen"
        umask 022
+       new_key_created=false
        while read type bits filename;  do
                f="/etc/ssh/$filename"
                if [ "$1" != "force" ] && [ -f "$f" ]; then
@@ -58,14 +59,17 @@
                esac
                "${keygen}" -t "${type}" ${bitarg} -f "${f}" -N '' -q && \
                    printf "ssh-keygen: " && "${keygen}" -f "${f}" -l
+               new_key_created=true
        done << _EOF
 dsa    1024    ssh_host_dsa_key
 ecdsa  521     ssh_host_ecdsa_key
 ed25519        -1      ssh_host_ed25519_key
 rsa    0       ssh_host_rsa_key
 _EOF
+       if "${new_key_created}"; then
+               sshd_motd_unsafe_keys_warning
+       fi
 )
-       sshd_motd_unsafe_keys_warning
 }
 
 sshd_precmd()