fix rightip strongswan blah blah

author: joe <joe@jerkface.net> 2016-05-03 12:37:33 +0200
committer: joe <joe@jerkface.net> 2016-05-03 12:37:33 +0200
commit: aa85e30ff97c2b4c94f47621bbe1372142a55b7e (patch)
tree: 4e8cfb7336ac7bbcc48d0d4d399e113aed972d2a /lib
parent: b04dd1bba833852e22844696ecad365a11248e98 (diff)
2 files changed, 16 insertions, 3 deletions
diff --git a/lib/Kiki.hs b/lib/Kiki.hs
index cfff667..f21e8d8 100644
--- a/lib/Kiki.hs
+++ b/lib/Kiki.hs
@@ -31,6 +31,7 @@ import qualified Data.ByteString.Lazy.Char8 as Char8
 import qualified Data.Map.Strict as Map
 import qualified SSHKey as SSH
 import Network.Socket -- (SockAddr)
+import ProcessUtils
 import CommandLine
 import KeyRing
@@ -363,11 +364,21 @@ refreshCache rt rootdir = do
                ipsecs :: [Packet]
                ipsecs = sortOn (Down . timestamp)
                         $ getSubkeys CrossSigned their_master (keySubKeys kd) "ipsec"
+                sshs :: [Packet]
+                sshs = sortOn (Down . timestamp)
+                         $ getSubkeys CrossSigned their_master (keySubKeys kd) "ssh-server"
            bss <- forM (take 1 ipsecs) $ \k -> do
                let warn' x = warn x >> return Char8.empty
                flip (either warn') (pemFromPacket k :: Either String String) $ \pem -> do
                    write (mkpath cpath) pem
-                    return $ strongswanForContact addr contactname
+                    case take 1 sshs of
+                        [sshkey] -> do
+                            (_,(sout,serr)) <- runExternal "(f=$(mktemp); cat > \"$f\"; ssh-keygen -l -f \"$f\" | (read _ hash _; echo -n $hash.ssh.cryptonomic.net) | tr -d ':')"
+                                                            (Just $ sshblobFromPacket sshkey)
+                            -- ssh-keygen -l -f /dev/stdin
+                            putStrLn $ "wtf="++show(sout,serr, sshblobFromPacket sshkey)
+                            return $ strongswanForContact addr contactname (Char8.fromChunks [sout])
+                        [] -> error "fuck."
            return $ Char8.concat bss
        known_hosts = L.concat $ map getssh onionkeys
@@ -408,9 +419,9 @@ refreshCache rt rootdir = do
            ] ++ filter (not . Char8.null) cons
    commit
-strongswanForContact addr oname = Char8.unlines
+strongswanForContact addr oname rightip = Char8.unlines
    [ "conn " <> oname
-    , "  right=%" <> oname <> ".ipv4"
+    , "  right=" <> rightip
    , "  rightsubnet=" <> p (showA addr) <> "/128"
    , "  rightauth=pubkey"
    , "  rightid=" <> p (showA addr)
diff --git a/lib/ProcessUtils.hs b/lib/ProcessUtils.hs
index b89edb9..1a9cc04 100644
--- a/lib/ProcessUtils.hs
+++ b/lib/ProcessUtils.hs
@@ -126,10 +126,12 @@ readProcessWithErrorH cmd args stdin erH = do
 runExternal :: String -> Maybe String -> IO (Int,(S.ByteString,S.ByteString))
 runExternal cmd input = do
    cwd <- getCurrentDirectory
+    {-
    putStr $ takeFileName cwd ++ "> " ++ cmd
                    ++ case input of
                            Nothing -> "\n"
                            Just s  -> " <<EOF\n" ++ s ++ "EOF\n"
+    -}
    let p = (shell cmd) { std_in  = maybe Inherit (const CreatePipe) input
                        , std_out = CreatePipe
                        , std_err = CreatePipe }
author	joe <joe@jerkface.net>	2016-05-03 12:37:33 +0200
committer	joe <joe@jerkface.net>	2016-05-03 12:37:33 +0200
commit	aa85e30ff97c2b4c94f47621bbe1372142a55b7e (patch)
tree	4e8cfb7336ac7bbcc48d0d4d399e113aed972d2a /lib
parent	b04dd1bba833852e22844696ecad365a11248e98 (diff)