Switched cache update to lib/Keyring.hs interface.

author: joe <joe@jerkface.net> 2016-08-30 02:28:41 -0400
committer: joe <joe@jerkface.net> 2016-08-30 02:28:41 -0400
commit: f82b12dc1701d311d6d5a3c9fbcab762e9c278af (patch)
tree: 6e881d766680946d033c627397fa7026a47c3448 /lib/Kiki.hs
parent: fe847ffb3bd02fb661f1cb86532cee8186c1e82c (diff)
1 files changed, 27 insertions, 2 deletions
diff --git a/lib/Kiki.hs b/lib/Kiki.hs
index 70d5ed6..d5b3457 100644
--- a/lib/Kiki.hs
+++ b/lib/Kiki.hs
@@ -199,7 +199,6 @@ importAndRefresh root cmn cipher = do
                                          return $ PassphraseSpec Nothing Nothing pfd
            passwordop = KeyRingOperation
                            { opFiles = Map.empty
-                            -- TODO: ask agent for new passphrase
                            , opPassphrases = main_passwds
                            , opHome = homespec
                            , opTransforms = []
@@ -390,7 +389,30 @@ refreshCache rt rootdir = do
        wkkd = rtKeyDB rt Map.! keykey wk
        getSecret tag = sortOn (Down . timestamp)
                        $ getSubkeys Unsigned wk (keySubKeys wkkd) tag
+        exportOp = withOutgoing $ minimalOp (CommonArgsParsed (Just $ takeDirectory $ rtPubring rt)
+                                                              Nothing)
+         where
+          withOutgoing op = op
+            { opFiles = opFiles op `Map.union` Map.fromList outgoing_secrets
+            , opPassphrases = [PassphraseMemoizer (rtPassphrases rt)]
+            }
+          outgoing_secrets =
+            [ send "ipsec"      (mkpath "ipsec.d/private/" ++ Char8.unpack oname++".pem") "missing ipsec key?"
+            , send "ssh-client" (mkpath "root/.ssh/id_rsa")                               "missing ssh-client key?"
+            , send "ssh-server" (mkpath "ssh_host_rsa_key")                               "missing ssh host key?"
+            , send "tor"        (mkpath "tor/private_key")                                "missing tor key?"
+            ]
+          send usage path warning =
+            ( ArgFile path, StreamInfo { typ = PEMFile
+                                       , fill = KF_Match usage
+                                       , spill = KF_None
+                                       , access = Sec
+                                       , initializer = WarnMissing warning
+                                       , transforms = []
+                                       })
+    KikiResult rt' report <- runKeyRing exportOp
+    {-
    let writeSecret tag path warning = do
        let my_ks :: [Packet]
            my_ks = getSecret tag
@@ -425,6 +447,7 @@ refreshCache rt rootdir = do
    writeSecret "tor"
                (mkpath "tor/private_key")
                "missing tor key?"
+    -}
    -- Finally, export public keys if they do not exist.
    either warn (write $ mkpath "root/.ssh/id_rsa.pub")
@@ -561,6 +584,7 @@ sshblobFromPacket k = blob
    bs = SSH.keyblob (n,e)
    blob = Char8.unpack bs
+{-
 replaceSshServerKeys root cmn = do
    let homepass' = cmn { cap_homespec = fmap root (cap_homespec cmn) }
        replaceSSH op = op { opFiles = files }
@@ -578,6 +602,7 @@ replaceSshServerKeys root cmn = do
                                                    ""  -> Nothing
                                                    pth -> Just pth
        err            -> hPutStrLn stderr $ errorString err
+-}
 slash :: String -> String -> String
 slash "/"    ('/':xs) = '/':xs
author	joe <joe@jerkface.net>	2016-08-30 02:28:41 -0400
committer	joe <joe@jerkface.net>	2016-08-30 02:28:41 -0400
commit	f82b12dc1701d311d6d5a3c9fbcab762e9c278af (patch)
tree	6e881d766680946d033c627397fa7026a47c3448 /lib/Kiki.hs
parent	fe847ffb3bd02fb661f1cb86532cee8186c1e82c (diff)

diff --git a/lib/Kiki.hs b/lib/Kiki.hs index 70d5ed6..d5b3457 100644 --- a/lib/Kiki.hs +++ b/lib/Kiki.hs
@@ -199,7 +199,6 @@ importAndRefresh root cmn cipher = do
199	return $ PassphraseSpec Nothing Nothing pfd	199	return $ PassphraseSpec Nothing Nothing pfd
200	passwordop = KeyRingOperation	200	passwordop = KeyRingOperation
201	{ opFiles = Map.empty	201	{ opFiles = Map.empty
202	-- TODO: ask agent for new passphrase
203	, opPassphrases = main_passwds	202	, opPassphrases = main_passwds
204	, opHome = homespec	203	, opHome = homespec
205	, opTransforms = []	204	, opTransforms = []
@@ -390,7 +389,30 @@ refreshCache rt rootdir = do
390	wkkd = rtKeyDB rt Map.! keykey wk	389	wkkd = rtKeyDB rt Map.! keykey wk
391	getSecret tag = sortOn (Down . timestamp)	390	getSecret tag = sortOn (Down . timestamp)
392	$ getSubkeys Unsigned wk (keySubKeys wkkd) tag	391	$ getSubkeys Unsigned wk (keySubKeys wkkd) tag
393		392	exportOp = withOutgoing $ minimalOp (CommonArgsParsed (Just $ takeDirectory $ rtPubring rt)
		393	Nothing)
		394	where
		395	withOutgoing op = op
		396	{ opFiles = opFiles op `Map.union` Map.fromList outgoing_secrets
		397	, opPassphrases = [PassphraseMemoizer (rtPassphrases rt)]
		398	}
		399	outgoing_secrets =
		400	[ send "ipsec" (mkpath "ipsec.d/private/" ++ Char8.unpack oname++".pem") "missing ipsec key?"
		401	, send "ssh-client" (mkpath "root/.ssh/id_rsa") "missing ssh-client key?"
		402	, send "ssh-server" (mkpath "ssh_host_rsa_key") "missing ssh host key?"
		403	, send "tor" (mkpath "tor/private_key") "missing tor key?"
		404	]
		405	send usage path warning =
		406	( ArgFile path, StreamInfo { typ = PEMFile
		407	, fill = KF_Match usage
		408	, spill = KF_None
		409	, access = Sec
		410	, initializer = WarnMissing warning
		411	, transforms = []
		412	})
		413	KikiResult rt' report <- runKeyRing exportOp
		414
		415	{-
394	let writeSecret tag path warning = do	416	let writeSecret tag path warning = do
395	let my_ks :: [Packet]	417	let my_ks :: [Packet]
396	my_ks = getSecret tag	418	my_ks = getSecret tag
@@ -425,6 +447,7 @@ refreshCache rt rootdir = do
425	writeSecret "tor"	447	writeSecret "tor"
426	(mkpath "tor/private_key")	448	(mkpath "tor/private_key")
427	"missing tor key?"	449	"missing tor key?"
		450	-}
428		451
429	-- Finally, export public keys if they do not exist.	452	-- Finally, export public keys if they do not exist.
430	either warn (write $ mkpath "root/.ssh/id_rsa.pub")	453	either warn (write $ mkpath "root/.ssh/id_rsa.pub")
@@ -561,6 +584,7 @@ sshblobFromPacket k = blob
561	bs = SSH.keyblob (n,e)	584	bs = SSH.keyblob (n,e)
562	blob = Char8.unpack bs	585	blob = Char8.unpack bs
563		586
		587	{-
564	replaceSshServerKeys root cmn = do	588	replaceSshServerKeys root cmn = do
565	let homepass' = cmn { cap_homespec = fmap root (cap_homespec cmn) }	589	let homepass' = cmn { cap_homespec = fmap root (cap_homespec cmn) }
566	replaceSSH op = op { opFiles = files }	590	replaceSSH op = op { opFiles = files }
@@ -578,6 +602,7 @@ replaceSshServerKeys root cmn = do
578	"" -> Nothing	602	"" -> Nothing
579	pth -> Just pth	603	pth -> Just pth
580	err -> hPutStrLn stderr $ errorString err	604	err -> hPutStrLn stderr $ errorString err
		605	-}
581		606
582	slash :: String -> String -> String	607	slash :: String -> String -> String
583	slash "/" ('/':xs) = '/':xs	608	slash "/" ('/':xs) = '/':xs