diff options
author | Andrew Cady <d@jerkface.net> | 2021-10-10 08:01:05 -0400 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2021-10-10 08:01:05 -0400 |
commit | 41d7bc1e8955d047488678826c8b3cc50ae3d795 (patch) | |
tree | 21963972946524118489069854235282b74c724a | |
parent | ac6292125bc088d3fba6cabe617f56e0b815c6df (diff) |
trivial cleanups
renamed several functions
removed unused code
-rwxr-xr-x | cryptonomic-vpn | 57 |
1 files changed, 16 insertions, 41 deletions
diff --git a/cryptonomic-vpn b/cryptonomic-vpn index 8bc726c..196e2d1 100755 --- a/cryptonomic-vpn +++ b/cryptonomic-vpn | |||
@@ -151,8 +151,8 @@ main() | |||
151 | exec 2>&1 | 151 | exec 2>&1 |
152 | # Start with the remote public key, to fail early if the server is | 152 | # Start with the remote public key, to fail early if the server is |
153 | # unavailable. | 153 | # unavailable. |
154 | install_remote_public_key | 154 | install_remote_public_rsa_key |
155 | install_local_private_key | 155 | install_local_private_rsa_key |
156 | test_new_config | 156 | test_new_config |
157 | else | 157 | else |
158 | die unimplemented | 158 | die unimplemented |
@@ -160,27 +160,7 @@ main() | |||
160 | exit | 160 | exit |
161 | } | 161 | } |
162 | 162 | ||
163 | match_and_drop_first_word() | 163 | write_if_successful() |
164 | { | ||
165 | expect=$1 | ||
166 | while read word rest | ||
167 | do | ||
168 | if [ "$word" = "$expect" ] | ||
169 | then | ||
170 | printf '%s\n' "$rest" | ||
171 | return | ||
172 | fi | ||
173 | done | ||
174 | false | ||
175 | } | ||
176 | |||
177 | keyscan() | ||
178 | { | ||
179 | semi_quietly ssh-keyscan -t "${REMOTE_KEY_TYPE}" "$1" | ||
180 | } | ||
181 | |||
182 | # Only write to the destination if the command is successful. | ||
183 | write_successfully() | ||
184 | { | 164 | { |
185 | local out="$1" f | 165 | local out="$1" f |
186 | [ "$2" = -- ] || return | 166 | [ "$2" = -- ] || return |
@@ -214,7 +194,7 @@ simulate_write() | |||
214 | ) | 194 | ) |
215 | } | 195 | } |
216 | 196 | ||
217 | semi_quietly() | 197 | quiet_if_successful() |
218 | { | 198 | { |
219 | local t=$(mktemp) | 199 | local t=$(mktemp) |
220 | if "$@" 2>"$t" | 200 | if "$@" 2>"$t" |
@@ -225,25 +205,20 @@ semi_quietly() | |||
225 | fi | 205 | fi |
226 | } | 206 | } |
227 | 207 | ||
228 | openssl() | 208 | write_public_rsa_key() |
229 | { | ||
230 | semi_quietly command openssl "$@" | ||
231 | } | ||
232 | |||
233 | write_public_key() | ||
234 | { | 209 | { |
235 | openssl rsa -in "$1" -outform DER -pubout | 210 | quiet_if_successful openssl rsa -in "$1" -outform DER -pubout |
236 | } | 211 | } |
237 | 212 | ||
238 | write_private_key() | 213 | write_private_rsa_key() |
239 | { | 214 | { |
240 | openssl rsa -in "$1" -outform DER | 215 | quiet_if_successful openssl rsa -in "$1" -outform DER |
241 | } | 216 | } |
242 | 217 | ||
243 | write_remote_key() | 218 | write_remote_rsa_key() |
244 | { | 219 | { |
245 | case "$REMOTE_KEY_TYPE" in | 220 | case "$REMOTE_KEY_TYPE" in |
246 | rsa) ssh-keygen -e -f "$1" -m PEM | openssl rsa -RSAPublicKey_in -outform DER ;; | 221 | rsa) ssh-keygen -e -f "$1" -m PEM | quiet_if_successful openssl rsa -RSAPublicKey_in -outform DER ;; |
247 | *) echo "Unsupported key type." >&2; exit 1 ;; | 222 | *) echo "Unsupported key type." >&2; exit 1 ;; |
248 | esac | 223 | esac |
249 | } | 224 | } |
@@ -255,15 +230,15 @@ sshfp_rsa_filename_string() | |||
255 | } | 230 | } |
256 | 231 | ||
257 | 232 | ||
258 | install_local_private_key() | 233 | install_local_private_rsa_key() |
259 | { | 234 | { |
260 | private_key_tmp=$(mktemp) || return | 235 | private_key_tmp=$(mktemp) || return |
261 | cp "$LOCAL_KEY" "$private_key_tmp" | 236 | cp "$LOCAL_KEY" "$private_key_tmp" |
262 | ssh-keygen -N '' -p -m PEM -f "$private_key_tmp" >/dev/null 2>&1 | 237 | ssh-keygen -N '' -p -m PEM -f "$private_key_tmp" >/dev/null 2>&1 |
263 | trap 'rm -f "$private_key_tmp"' EXIT | 238 | trap 'rm -f "$private_key_tmp"' EXIT |
264 | 239 | ||
265 | write_successfully "$LOCAL_PRIVATE_KEY_DEST" -- write_private_key "$private_key_tmp" | 240 | write_if_successful "$LOCAL_PRIVATE_KEY_DEST" -- write_private_rsa_key "$private_key_tmp" |
266 | write_successfully "$LOCAL_PUBLIC_KEY_DEST" -- write_public_key "$private_key_tmp" | 241 | write_if_successful "$LOCAL_PUBLIC_KEY_DEST" -- write_public_rsa_key "$private_key_tmp" |
267 | 242 | ||
268 | trap - EXIT | 243 | trap - EXIT |
269 | rm -f "$private_key_tmp" | 244 | rm -f "$private_key_tmp" |
@@ -299,7 +274,7 @@ find_known_ssh_host_rsa_key_by_name() | |||
299 | ) | 274 | ) |
300 | } | 275 | } |
301 | 276 | ||
302 | install_remote_public_key() | 277 | install_remote_public_rsa_key() |
303 | { | 278 | { |
304 | trap 'rm -f "$t"' EXIT | 279 | trap 'rm -f "$t"' EXIT |
305 | t=$(mktemp) | 280 | t=$(mktemp) |
@@ -314,7 +289,7 @@ install_remote_public_key() | |||
314 | fi | 289 | fi |
315 | 290 | ||
316 | REMOTE_PUBLIC_KEY_DEST=/etc/swanctl/pubkey/$(sshfp_rsa_filename_string "$t").pub | 291 | REMOTE_PUBLIC_KEY_DEST=/etc/swanctl/pubkey/$(sshfp_rsa_filename_string "$t").pub |
317 | write_successfully "$REMOTE_PUBLIC_KEY_DEST" -- write_remote_key "$t" | 292 | write_if_successful "$REMOTE_PUBLIC_KEY_DEST" -- write_remote_rsa_key "$t" |
318 | 293 | ||
319 | trap - EXIT | 294 | trap - EXIT |
320 | rm -f "$t" | 295 | rm -f "$t" |
@@ -373,7 +348,7 @@ NO_ACT() | |||
373 | 348 | ||
374 | install_stronswan_config() | 349 | install_stronswan_config() |
375 | { | 350 | { |
376 | write_successfully /etc/swanctl/conf.d/"$REMOTE_NAME".conf -- \ | 351 | write_if_successful /etc/swanctl/conf.d/"$REMOTE_NAME".conf -- \ |
377 | strongswan_config \ | 352 | strongswan_config \ |
378 | "$REMOTE_NAME" \ | 353 | "$REMOTE_NAME" \ |
379 | "$REMOTE_IP" \ | 354 | "$REMOTE_IP" \ |