summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Cady <d@jerkface.net>2021-10-09 06:18:18 -0400
committerAndrew Cady <d@jerkface.net>2021-10-09 06:18:18 -0400
commitbba4578f2a9de3211d467d2767eb59039afa18bd (patch)
tree5e828662964346397db8df9b78b69dead4b4044d
parent01f2462f6b553ba649a26874ab1b9096f6f082f1 (diff)
commit what we've been runningHEADmaster
-rwxr-xr-xbin/cryptonomic-dyndns-command29
-rwxr-xr-xbin/samizdat-ssh-uid7
2 files changed, 31 insertions, 5 deletions
diff --git a/bin/cryptonomic-dyndns-command b/bin/cryptonomic-dyndns-command
index c191066..3e69f56 100755
--- a/bin/cryptonomic-dyndns-command
+++ b/bin/cryptonomic-dyndns-command
@@ -14,11 +14,12 @@ powerdns_sqlite_add_replace_record()
14 local sql_record_type="$(sql_string "$2")" 14 local sql_record_type="$(sql_string "$2")"
15 local sql_ip_address="$(sql_string "$3")" 15 local sql_ip_address="$(sql_string "$3")"
16 16
17 zone=${1#*.} 17 zone=cryptonomic.net
18 new_name=${label:+$label.}${1: -64 : 64} 18 new_name=${label:+$label.}${1: -64 : 64}
19 19
20 local sql_new_name="$(sql_string "$new_name")" 20 local sql_new_name="$(sql_string "$new_name")"
21 local sql_zone="$(sql_string "$zone")" 21 local sql_zone="$(sql_string "$zone")"
22 local sql_sshfp="$(sql_string "$SSH_CLIENT_SSHFP_DATA")"
22 23
23 if false 24 if false
24 then 25 then
@@ -37,7 +38,7 @@ powerdns_sqlite_add_replace_record()
37 sqlite3 $DB <<END 38 sqlite3 $DB <<END
38${SQL_ECHO:+.echo on} 39${SQL_ECHO:+.echo on}
39BEGIN; 40BEGIN;
40 DELETE FROM records WHERE type=$sql_record_type AND name=$sql_new_name; 41 DELETE FROM records WHERE name=$sql_new_name;
41 42
42 INSERT INTO records 43 INSERT INTO records
43 44
@@ -53,10 +54,30 @@ BEGIN;
53 $sql_new_name, 54 $sql_new_name,
54 $sql_record_type, 55 $sql_record_type,
55 $sql_ip_address, 56 $sql_ip_address,
56 3600, 57 600,
57 0 58 0
58 FROM domains 59 FROM domains
59 WHERE name=$sql_zone; 60 WHERE name=$sql_zone;
61
62 INSERT INTO records
63
64 (domain_id,
65 name,
66 type,
67 content,
68 ttl,
69 prio)
70
71 SELECT
72 id,
73 $sql_new_name,
74 'SSHFP',
75 $sql_sshfp,
76 600,
77 0
78 FROM domains
79 WHERE name=$sql_zone;
80
60COMMIT; 81COMMIT;
61END 82END
62 r=$? 83 r=$?
@@ -133,6 +154,8 @@ PEM_DEST=$HOME/public_rsync
133 154
134eval "$(samizdat-ssh-uid --copy-pem "$PEM_DEST")" 155eval "$(samizdat-ssh-uid --copy-pem "$PEM_DEST")"
135 156
157[ "$SSH_CLIENT_SSHFP_DATA" ] || die wtf
158
136domain=${SSH_CLIENT_DOMAIN} 159domain=${SSH_CLIENT_DOMAIN}
137ip_address=${SSH_CLIENT%% *} 160ip_address=${SSH_CLIENT%% *}
138 161
diff --git a/bin/samizdat-ssh-uid b/bin/samizdat-ssh-uid
index 2612bdc..2180cd5 100755
--- a/bin/samizdat-ssh-uid
+++ b/bin/samizdat-ssh-uid
@@ -21,8 +21,10 @@ get_domain()
21get_sshfp() 21get_sshfp()
22{ 22{
23 [ -f "$1" ] || return 23 [ -f "$1" ] || return
24 sshfp_b16=$(ssh-keygen -r . -f "$1" | sed -ne 's/^. IN SSHFP [0-9]* 2 //p') && 24 sshfp_raw=$(ssh-keygen -r . -f "$1" | sed -ne 's/^. IN SSHFP \([0-9]* 2 \)/\1/p' | head -n1) || die 'ssh-keygen'
25 [ "$sshfp_b16" ] || die "could not determine ssh client fingerprint" 25
26 sshfp_b16=$(echo "$sshfp_raw" | sed -ne 's/^[0-9]* 2 //p') &&
27 [ "$sshfp_b16" ] || die "could not determine ssh client fingerprint"
26 sshfp_b32=$(b16_to_b32 "$sshfp_b16") 28 sshfp_b32=$(b16_to_b32 "$sshfp_b16")
27} 29}
28 30
@@ -82,6 +84,7 @@ dispose_of_temp_pem_files "$@"
82 84
83env -i \ 85env -i \
84 SSH_CLIENT_DOMAIN="$domain" \ 86 SSH_CLIENT_DOMAIN="$domain" \
87 SSH_CLIENT_SSHFP_DATA="'$sshfp_raw'" \
85 SSH_CLIENT_FINGERPRINT="$sshfp_b32" \ 88 SSH_CLIENT_FINGERPRINT="$sshfp_b32" \
86 SSH_CLIENT_KEYTYPE="$keytype" \ 89 SSH_CLIENT_KEYTYPE="$keytype" \
87 SSH_CLIENT_KEYDATA="$keydata" 90 SSH_CLIENT_KEYDATA="$keydata"