From 4eefb9b31fdc485ab4b144ad41aa53ce96cc7432 Mon Sep 17 00:00:00 2001
From: Andrew Cady <d@jerkface.net>
Date: Sun, 10 Oct 2021 04:17:25 -0400
Subject: renames for clarity

---
 cryptonomic-vpn | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/cryptonomic-vpn b/cryptonomic-vpn
index 78c2110..855793b 100755
--- a/cryptonomic-vpn
+++ b/cryptonomic-vpn
@@ -130,7 +130,7 @@ validate_local_key()
     esac
     [ -f "$LOCAL_KEY" -a -r "$LOCAL_KEY" ] || die "could not read local key (filename=$LOCAL_KEY)"
 
-    LOCAL_KEY_DEST_BASENAME=$(sshfp_filename_string "$LOCAL_KEY") || die "parsing local key (filename=$LOCAL_KEY)"
+    LOCAL_KEY_DEST_BASENAME=$(sshfp_rsa_filename_string "$LOCAL_KEY") || die "parsing local key (filename=$LOCAL_KEY)"
     LOCAL_PRIVATE_KEY_DEST=/etc/swanctl/private/$LOCAL_KEY_DEST_BASENAME
     LOCAL_PUBLIC_KEY_DEST=/etc/swanctl/pubkey/$LOCAL_KEY_DEST_BASENAME.pub
 }
@@ -247,7 +247,7 @@ write_remote_key()
     esac
 }
 
-sshfp_filename_string()
+sshfp_rsa_filename_string()
 {
     local keytype=1 hashtype=2
     ssh-keygen -r. -f "$1" | sed -ne "/^. IN SSHFP $keytype $hashtype / { s/. IN //; y/ /_/; p; q; }"
@@ -332,8 +332,8 @@ install_remote_public_key()
     keyscan "$REMOTE_IP" | match_and_drop_first_word "$REMOTE_IP" > "$t"
     validate_public_key_name "$t" "$REMOTE_NAME" || die 'cannot authenticate remote public key'
 
-    REMOTE_PUBLIC_KEY_DEST=/etc/swanctl/pubkey/$(sshfp_filename_string "$t").pub
 
+    REMOTE_PUBLIC_KEY_DEST=/etc/swanctl/pubkey/$(sshfp_rsa_filename_string "$t").pub
     write_successfully "$REMOTE_PUBLIC_KEY_DEST" -- write_remote_key "$t"
     trap - EXIT
     rm -f "$t"
@@ -347,9 +347,9 @@ nocomments()
 strongswan_config()
 {
     local conn="$1" remote_addrs="$2" local_key="$3"
-    local public_key_file="$4" private_key_file="$5"
+    local public_key_file="$4" private_key_file="$5" remote_public_key_file="$6"
     local remote_ts=0::0/0 vips=::
-    id=$(key_to_ip_suffix "$local_key") || return
+    id=$(rsa_key_to_ip_suffix "$local_key") || return
     sed -e 's/^        //' <<END
         connections {
             ${conn} {
@@ -361,7 +361,7 @@ strongswan_config()
                 }
                 remote {
                     id = "${remote_addrs}"
-                    pubkeys = ${REMOTE_PUBLIC_KEY_DEST}
+                    pubkeys = ${remote_public_key_file}
                 }
                 children {
                     child {
@@ -379,7 +379,7 @@ strongswan_config()
 END
 }
 
-key_to_ip_suffix()
+rsa_key_to_ip_suffix()
 {
     local keytype=1 hashtype=2
     ssh-keygen -r . -f "$1" | sed -E -ne 's/^. IN SSHFP '"$keytype $hashtype"' .{48}(.{4})(.{4})(.{4})(.{4})$/\1:\2:\3:\4/p'
@@ -398,7 +398,8 @@ install_stronswan_config()
                                 "$REMOTE_IP" \
                                 "$LOCAL_KEY" \
                                 "$LOCAL_PUBLIC_KEY_DEST" \
-                                "$LOCAL_PRIVATE_KEY_DEST"
+                                "$LOCAL_PRIVATE_KEY_DEST" \
+                                "$REMOTE_PUBLIC_KEY_DEST"
 }
 
 test_new_config()
-- 
cgit v1.2.3