Renamed usage tag strongswan -> ipsec.

author: joe <joe@jerkface.net> 2016-04-24 15:07:25 -0400
committer: joe <joe@jerkface.net> 2016-04-24 15:07:25 -0400
commit: c725029f61f75b1a6be3ce9c258b4f244853532b (patch)
tree: 09677dc2c99b7163ea4faa7073511755a96d9969 /kiki.hs
parent: 51bc655f4b0acb30ff873c8c32c9aacb1408258e (diff)
1 files changed, 8 insertions, 8 deletions
diff --git a/kiki.hs b/kiki.hs
index 4aa5885..cf4089a 100644
--- a/kiki.hs
+++ b/kiki.hs
@@ -1547,7 +1547,7 @@ kiki "init-key" args = do
             { opFiles = Map.fromList $
                [ ( HomeSec, buildStreamInfo KF_All KeyRingFile )
                , ( HomePub, (buildStreamInfo KF_All KeyRingFile) { access = Pub } )
-                , ( ArgFile ipsecpath, peminfo 1024 "strongswan" )
+                , ( ArgFile ipsecpath, peminfo 1024 "ipsec" )
                , ( ArgFile sshcpath, peminfo 2048 "ssh-client" )
                , ( ArgFile sshspath, peminfo 2048 "ssh-server" ) ]
             , opPassphrases = [ PassphraseMemoizer (rtPassphrases rt) ]
@@ -1571,9 +1571,9 @@ kiki "init-key" args = do
    -- Finally, export public keys if they do not exist.
    let writeFileWARNING fname bs = do
-        --TODO
+            --TODO
-        hPutStrLn stderr $ fname ++ ": DID NOT CHECK TRUST (TODO)"
+            hPutStrLn stderr $ fname ++ ": DID NOT CHECK TRUST (TODO)"
-        writeFile fname bs
+            writeFile fname bs
    flip (maybe $ warn "missing working key?") (rtGrip rt) $ \grip -> do
    gotc <- doesFileExist (sshcpathpub)
    when (not gotc) $ do
@@ -1588,7 +1588,7 @@ kiki "init-key" args = do
            goti <- doesFileExist (ipsecpathpub)
            when (not goti) $ do
                either warn (writeFile $ ipsecpathpub)
-                    $ show_pem' "strongswan" grip (rtKeyDB rt) pemFromPacket
+                    $ show_pem' "ipsec" grip (rtKeyDB rt) pemFromPacket
        else return ()
@@ -1607,7 +1607,7 @@ kiki "init-key" args = do
                their_master = packet $ keyMappedPacket kd
                -- We find all cross-certified ipsec keys for the given cross-certified onion name.
                ipsecs = sortOn (Down . timestamp)
-                         $ getCrossSignedSubkeys their_master (keySubKeys kd) "strongswan"
+                         $ getCrossSignedSubkeys their_master (keySubKeys kd) "ipsec"
            forM_ (take 1 ipsecs) $ \k -> do
            goti <- doesFileExist (cpath)
            when (not goti) $ do
@@ -1693,7 +1693,7 @@ kiki "tar" args = do
 tarContent rt spec pubpem knownhosts secpem = ipsecs ++ sshs ++ secrets "root"
 where
    ipsecs = do
-        (kk,ipsec,sigs) <- selectPublicKeyAndSigs (KeyUidMatch "",Just "strongswan") (rtKeyDB rt)
+        (kk,ipsec,sigs) <- selectPublicKeyAndSigs (KeyUidMatch "",Just "ipsec") (rtKeyDB rt)
        let kd = (rtKeyDB rt Map.! kk)
            k = packet $ keyMappedPacket kd
            (addr,(onames,ns)) = getHostnames kd
@@ -1729,7 +1729,7 @@ tarContent rt spec pubpem knownhosts secpem = ipsecs ++ sshs ++ secrets "root"
                        return $ spem (dir $ homedir ++ "/.ssh/" ++ sshkeyname k) k
            sshsvr = spem (dir "etc/ssh/ssh_host_rsa_key") <$> lookupSecret "ssh-host" kd
            ipseckey = do
-                k <- lookupSecret "strongswan" kd
+                k <- lookupSecret "ipsec" kd
                oname <- fst . snd $ getHostnames kd
                return $ spem (dir $ "etc/ipsec.d/private/"++Char8.unpack oname++".pem") k
        torkey ++ sshcli ++ sshsvr ++ ipseckey
author	joe <joe@jerkface.net>	2016-04-24 15:07:25 -0400
committer	joe <joe@jerkface.net>	2016-04-24 15:07:25 -0400
commit	c725029f61f75b1a6be3ce9c258b4f244853532b (patch)
tree	09677dc2c99b7163ea4faa7073511755a96d9969 /kiki.hs
parent	51bc655f4b0acb30ff873c8c32c9aacb1408258e (diff)

diff --git a/kiki.hs b/kiki.hs index 4aa5885..cf4089a 100644 --- a/kiki.hs +++ b/kiki.hs
@@ -1547,7 +1547,7 @@ kiki "init-key" args = do
1547	{ opFiles = Map.fromList $	1547	{ opFiles = Map.fromList $
1548	[ ( HomeSec, buildStreamInfo KF_All KeyRingFile )	1548	[ ( HomeSec, buildStreamInfo KF_All KeyRingFile )
1549	, ( HomePub, (buildStreamInfo KF_All KeyRingFile) { access = Pub } )	1549	, ( HomePub, (buildStreamInfo KF_All KeyRingFile) { access = Pub } )
1550	, ( ArgFile ipsecpath, peminfo 1024 "strongswan" )	1550	, ( ArgFile ipsecpath, peminfo 1024 "ipsec" )
1551	, ( ArgFile sshcpath, peminfo 2048 "ssh-client" )	1551	, ( ArgFile sshcpath, peminfo 2048 "ssh-client" )
1552	, ( ArgFile sshspath, peminfo 2048 "ssh-server" ) ]	1552	, ( ArgFile sshspath, peminfo 2048 "ssh-server" ) ]
1553	, opPassphrases = [ PassphraseMemoizer (rtPassphrases rt) ]	1553	, opPassphrases = [ PassphraseMemoizer (rtPassphrases rt) ]
@@ -1571,9 +1571,9 @@ kiki "init-key" args = do
1571		1571
1572	-- Finally, export public keys if they do not exist.	1572	-- Finally, export public keys if they do not exist.
1573	let writeFileWARNING fname bs = do	1573	let writeFileWARNING fname bs = do
1574	--TODO	1574	--TODO
1575	hPutStrLn stderr $ fname ++ ": DID NOT CHECK TRUST (TODO)"	1575	hPutStrLn stderr $ fname ++ ": DID NOT CHECK TRUST (TODO)"
1576	writeFile fname bs	1576	writeFile fname bs
1577	flip (maybe $ warn "missing working key?") (rtGrip rt) $ \grip -> do	1577	flip (maybe $ warn "missing working key?") (rtGrip rt) $ \grip -> do
1578	gotc <- doesFileExist (sshcpathpub)	1578	gotc <- doesFileExist (sshcpathpub)
1579	when (not gotc) $ do	1579	when (not gotc) $ do
@@ -1588,7 +1588,7 @@ kiki "init-key" args = do
1588	goti <- doesFileExist (ipsecpathpub)	1588	goti <- doesFileExist (ipsecpathpub)
1589	when (not goti) $ do	1589	when (not goti) $ do
1590	either warn (writeFile $ ipsecpathpub)	1590	either warn (writeFile $ ipsecpathpub)
1591	$ show_pem' "strongswan" grip (rtKeyDB rt) pemFromPacket	1591	$ show_pem' "ipsec" grip (rtKeyDB rt) pemFromPacket
1592	else return ()	1592	else return ()
1593		1593
1594		1594
@@ -1607,7 +1607,7 @@ kiki "init-key" args = do
1607	their_master = packet $ keyMappedPacket kd	1607	their_master = packet $ keyMappedPacket kd
1608	-- We find all cross-certified ipsec keys for the given cross-certified onion name.	1608	-- We find all cross-certified ipsec keys for the given cross-certified onion name.
1609	ipsecs = sortOn (Down . timestamp)	1609	ipsecs = sortOn (Down . timestamp)
1610	$ getCrossSignedSubkeys their_master (keySubKeys kd) "strongswan"	1610	$ getCrossSignedSubkeys their_master (keySubKeys kd) "ipsec"
1611	forM_ (take 1 ipsecs) $ \k -> do	1611	forM_ (take 1 ipsecs) $ \k -> do
1612	goti <- doesFileExist (cpath)	1612	goti <- doesFileExist (cpath)
1613	when (not goti) $ do	1613	when (not goti) $ do
@@ -1693,7 +1693,7 @@ kiki "tar" args = do
1693	tarContent rt spec pubpem knownhosts secpem = ipsecs ++ sshs ++ secrets "root"	1693	tarContent rt spec pubpem knownhosts secpem = ipsecs ++ sshs ++ secrets "root"
1694	where	1694	where
1695	ipsecs = do	1695	ipsecs = do
1696	(kk,ipsec,sigs) <- selectPublicKeyAndSigs (KeyUidMatch "",Just "strongswan") (rtKeyDB rt)	1696	(kk,ipsec,sigs) <- selectPublicKeyAndSigs (KeyUidMatch "",Just "ipsec") (rtKeyDB rt)
1697	let kd = (rtKeyDB rt Map.! kk)	1697	let kd = (rtKeyDB rt Map.! kk)
1698	k = packet $ keyMappedPacket kd	1698	k = packet $ keyMappedPacket kd
1699	(addr,(onames,ns)) = getHostnames kd	1699	(addr,(onames,ns)) = getHostnames kd
@@ -1729,7 +1729,7 @@ tarContent rt spec pubpem knownhosts secpem = ipsecs ++ sshs ++ secrets "root"
1729	return $ spem (dir $ homedir ++ "/.ssh/" ++ sshkeyname k) k	1729	return $ spem (dir $ homedir ++ "/.ssh/" ++ sshkeyname k) k
1730	sshsvr = spem (dir "etc/ssh/ssh_host_rsa_key") <$> lookupSecret "ssh-host" kd	1730	sshsvr = spem (dir "etc/ssh/ssh_host_rsa_key") <$> lookupSecret "ssh-host" kd
1731	ipseckey = do	1731	ipseckey = do
1732	k <- lookupSecret "strongswan" kd	1732	k <- lookupSecret "ipsec" kd
1733	oname <- fst . snd $ getHostnames kd	1733	oname <- fst . snd $ getHostnames kd
1734	return $ spem (dir $ "etc/ipsec.d/private/"++Char8.unpack oname++".pem") k	1734	return $ spem (dir $ "etc/ipsec.d/private/"++Char8.unpack oname++".pem") k
1735	torkey ++ sshcli ++ sshsvr ++ ipseckey	1735	torkey ++ sshcli ++ sshsvr ++ ipseckey