renames for clarity

author: Andrew Cady <d@jerkface.net> 2021-10-10 04:17:25 -0400
committer: Andrew Cady <d@jerkface.net> 2021-10-10 04:17:25 -0400
commit: 4eefb9b31fdc485ab4b144ad41aa53ce96cc7432 (patch)
tree: 7bd290c1bebe2f3259314cc3a479b108448bd31a
parent: 7bb61d2fe0cf56dd1230ea60cf8141e0ae363ee3 (diff)
1 files changed, 9 insertions, 8 deletions
diff --git a/cryptonomic-vpn b/cryptonomic-vpn
index 78c2110..855793b 100755
--- a/cryptonomic-vpn
+++ b/cryptonomic-vpn
@@ -130,7 +130,7 @@ validate_local_key()
    esac
    [ -f "$LOCAL_KEY" -a -r "$LOCAL_KEY" ] || die "could not read local key (filename=$LOCAL_KEY)"
-    LOCAL_KEY_DEST_BASENAME=$(sshfp_filename_string "$LOCAL_KEY") || die "parsing local key (filename=$LOCAL_KEY)"
+    LOCAL_KEY_DEST_BASENAME=$(sshfp_rsa_filename_string "$LOCAL_KEY") || die "parsing local key (filename=$LOCAL_KEY)"
    LOCAL_PRIVATE_KEY_DEST=/etc/swanctl/private/$LOCAL_KEY_DEST_BASENAME
    LOCAL_PUBLIC_KEY_DEST=/etc/swanctl/pubkey/$LOCAL_KEY_DEST_BASENAME.pub
 }
@@ -247,7 +247,7 @@ write_remote_key()
    esac
 }
-sshfp_filename_string()
+sshfp_rsa_filename_string()
 {
    local keytype=1 hashtype=2
    ssh-keygen -r. -f "$1" | sed -ne "/^. IN SSHFP $keytype $hashtype / { s/. IN //; y/ /_/; p; q; }"
@@ -332,8 +332,8 @@ install_remote_public_key()
    keyscan "$REMOTE_IP" | match_and_drop_first_word "$REMOTE_IP" > "$t"
    validate_public_key_name "$t" "$REMOTE_NAME" || die 'cannot authenticate remote public key'
-    REMOTE_PUBLIC_KEY_DEST=/etc/swanctl/pubkey/$(sshfp_filename_string "$t").pub
+    REMOTE_PUBLIC_KEY_DEST=/etc/swanctl/pubkey/$(sshfp_rsa_filename_string "$t").pub
    write_successfully "$REMOTE_PUBLIC_KEY_DEST" -- write_remote_key "$t"
    trap - EXIT
    rm -f "$t"
@@ -347,9 +347,9 @@ nocomments()
 strongswan_config()
 {
    local conn="$1" remote_addrs="$2" local_key="$3"
-    local public_key_file="$4" private_key_file="$5"
+    local public_key_file="$4" private_key_file="$5" remote_public_key_file="$6"
    local remote_ts=0::0/0 vips=::
-    id=$(key_to_ip_suffix "$local_key") || return
+    id=$(rsa_key_to_ip_suffix "$local_key") || return
    sed -e 's/^        //' <<END
        connections {
            ${conn} {
@@ -361,7 +361,7 @@ strongswan_config()
                }
                remote {
                    id = "${remote_addrs}"
-                    pubkeys = ${REMOTE_PUBLIC_KEY_DEST}
+                    pubkeys = ${remote_public_key_file}
                }
                children {
                    child {
@@ -379,7 +379,7 @@ strongswan_config()
 END
 }
-key_to_ip_suffix()
+rsa_key_to_ip_suffix()
 {
    local keytype=1 hashtype=2
    ssh-keygen -r . -f "$1" | sed -E -ne 's/^. IN SSHFP '"$keytype $hashtype"' .{48}(.{4})(.{4})(.{4})(.{4})$/\1:\2:\3:\4/p'
@@ -398,7 +398,8 @@ install_stronswan_config()
                                "$REMOTE_IP" \
                                "$LOCAL_KEY" \
                                "$LOCAL_PUBLIC_KEY_DEST" \
-                                "$LOCAL_PRIVATE_KEY_DEST"
+                                "$LOCAL_PRIVATE_KEY_DEST" \
+                                "$REMOTE_PUBLIC_KEY_DEST"
 }
 test_new_config()
author	Andrew Cady <d@jerkface.net>	2021-10-10 04:17:25 -0400
committer	Andrew Cady <d@jerkface.net>	2021-10-10 04:17:25 -0400
commit	4eefb9b31fdc485ab4b144ad41aa53ce96cc7432 (patch)
tree	7bd290c1bebe2f3259314cc3a479b108448bd31a
parent	7bb61d2fe0cf56dd1230ea60cf8141e0ae363ee3 (diff)