#!/bin/csh -f

switch (`uname -s``uname -r`)
case SunOS5*:
	set SOLARIS
	set SKHFILE = /usr/local/etc/ssh_known_hosts2
	breaksw
case Linux[2-6]*:
	set LINUX
	set SKHFILE = /etc/ssh/ssh_known_hosts2
	breaksw
default:
	exec echo ${0}: does not run on `uname -s` `uname -r`
endsw

while($#argv)
	switch ("$1")
	case -d:
		set DEBUG
#		shift
#		breaksw
# fall through to verbose
	case -v:
		set VVERBOSE
		set VERBOSE
		shift
		breaksw
	case -V:		# verbose without the missing files errors
		set VERBOSE
		shift
		breaksw
	case -n:		# say you'll do it, but don't
		set NO
		shift
		breaksw
	default:
		set DQ = '"'
		exec echo ${0}: "What do I do with $DQ$1$DQ?"
	endsw
end

#set HOST = `hostname | sed 's;\..*;;'`
set HOST = `hostname | sed 's;\.[Rr][Uu][Tt][Gg][Ee][Rr][Ss]\.[Ee][Dd][Uu];;'`

if (-e ~/.ssh) then
    set KHFILES = `ls ~/.ssh | egrep '^known_hosts$|^known_hosts2$'`
else
    if ($?VVERBOSE) echo `date +%T` No private known_hosts files on $HOST
    exit
endif

if ("$KHFILES" == "") then
    if ($?VVERBOSE) echo `date +%T` No known_hosts files in ~/.ssh on $HOST
    exit
endif

if (! -e $SKHFILE) then
    if ($?DEBUG) echo `date +%T` $SKHFILE does not exist on $HOST
    exit
endif

# for both known_hosts and known_hosts2 if they exist

foreach KHFILE ( $KHFILES )
    if ($?VERBOSE && ! -z $KHFILE) echo `date +%T` Checking $KHFILE
    set DOBACKUP
#    set KHARG1S = `awk '{print $1}' ~/.ssh/$KHFILE`
#    set KHARG1S = `awk '{print $1}' ~/.ssh/$KHFILE | sed 's;\+;\\+;'`
    set KHARG1S = `awk '{print $1}' ~/.ssh/$KHFILE | sed 's;\+;\\+;' | grep -v '\['`
#    set KHARG2S = `awk '{print $2}' ~/.ssh/$KHFILE`
    set KHARG2S = `grep -v '\[' ~/.ssh/$KHFILE | awk '{print $2}'`
#    foreach KHARG1 ( $KHARG1S )
    while ( $#KHARG1S )
	set KHARG1 = $KHARG1S[1]
	if ($?VERBOSE) echo "  " `date +%T` $KHARG1
	set UNSEEN
	foreach KHOST ( `echo $KHARG1 | sed 's;,; ;g'` )
	    if ($?DEBUG) echo "     " `date +%T` $KHOST
#	    egrep "^$KHOST,|^$KHOST |,$KHOST,|,$KHOST " $SKHFILE > /dev/null
	    grep -w $KHARG2S[1] $SKHFILE | \
		sed 's;#.*;;' | \
		egrep "^$KHOST,|^$KHOST |,$KHOST,|,$KHOST " > /dev/null
	    if ($status) set UNSEEN = ( $UNSEEN $KHOST )
	end
	if ("$UNSEEN" == "") then
	    echo "$KHARG1" | grep "^|" > /dev/null  # if it's a hashed entry, do it quietly
	    if ($status || $?VERBOSE) \
		echo "Removing $KHARG1 ($KHARG2S[1]) from $KHFILE"
	    if ($?DOBACKUP) then
		if ($?DEBUG) echo "     " `date +%T` \
		    /bin/cp -p ~/.ssh/$KHFILE ~/.ssh/$KHFILE.bak
		/bin/cp -p ~/.ssh/$KHFILE ~/.ssh/$KHFILE.bak
		unset DOBACKUP
	    endif
#		preserve protection
	    /bin/cp -p ~/.ssh/$KHFILE ~/.ssh/$KHFILE.new
if ($?DEBUG) echo egrep -v "^$KHARG1 $KHARG2S[1]" ~/.ssh/$KHFILE
	    egrep -v "^$KHARG1 $KHARG2S[1]" ~/.ssh/$KHFILE > ~/.ssh/$KHFILE.new
	    if (! $?NO) /bin/mv ~/.ssh/$KHFILE.new ~/.ssh/$KHFILE
	else
#	    if ($?VERBOSE) echo `date +%T` "Leaving $KHARG1 in $KHFILE (unseen: $UNSEEN)"
	    set NOPING
	    if ($?VERBOSE) then
		set PHOST = `echo $KHARG1 | sed 's;,.*;;'`
		if ($?LINUX) then
		    /bin/ping -c1 -W5 $PHOST > /dev/null
		    set STATUS = $status
		else if ($?SOLARIS) then
		    /usr/sbin/ping $PHOST 5 > /dev/null
		    set STATUS = $status
		endif
		if ($STATUS) set NOPING = " (ping failed)"
	    endif
	    if ($?VERBOSE) echo `date +%T` "Leaving $KHARG1 ($KHARG2S[1]) in $KHFILE$NOPING"
	endif
	shift KHARG1S
	shift KHARG2S
    end
end