1 files changed, 12 insertions, 9 deletions

diff --git a/lib/Kiki.hs b/lib/Kiki.hs
index dc228bb..8d99499 100644
--- a/lib/Kiki.hs
+++ b/lib/Kiki.hs
@@ -30,6 +30,7 @@ import qualified Data.ByteString.Lazy as L
 import qualified Data.ByteString.Lazy.Char8 as Char8
 import qualified Data.Map.Strict as Map
 import qualified SSHKey as SSH
+import Network.Socket -- (SockAddr)
 
 import CommandLine
 import KeyRing
@@ -342,19 +343,21 @@ refreshCache rt rootdir = do
     either warn (write $ mkpath "ipsec.d/certs/" ++ Char8.unpack oname++".pem")
         $ show_pem' "ipsec" grip (rtKeyDB rt) pemFromPacket
 
-    let cs = filter notme (Map.elems $ rtKeyDB rt)
+    let onionkeys = mapMaybe namedContact $ Map.elems $ rtKeyDB rt
+        cs = filter (\(_,_,kd) -> notme kd) onionkeys
         kk = keykey (fromJust $ rtWorkingKey rt)
         notme kd = keykey (keyPacket kd) /= kk
 
-        installConctact :: KeyData -> IO Char8.ByteString
-        installConctact kd = do
+        namedContact kd = do
             -- The getHostnames command requires a valid cross-signed tor key
             -- for each onion name returned in (_,(ns,_)).
             let (addr,(ns,_)) = getHostnames kd
-                contactname = fmap Char8.unpack $ listToMaybe ns -- only first onion name.
-            flip (maybe $ return Char8.empty) contactname $ \contactname -> do
+            fmap (\n -> (n,addr, kd)) $ listToMaybe ns -- only first onion name.
 
-            let cpath = interp (Map.singleton "onion" contactname) "ipsec.d/certs/%(onion).pem"
+        installConctact :: (L.ByteString, SockAddr, KeyData) -> IO Char8.ByteString
+        installConctact (contactname,addr,kd) = do
+
+            let cpath = interp (Map.singleton "onion" (Char8.unpack contactname)) "ipsec.d/certs/%(onion).pem"
                 their_master = packet $ keyMappedPacket kd
                 -- We find all cross-certified ipsec keys for the given cross-certified onion name.
                 ipsecs :: [Packet]
@@ -393,12 +396,12 @@ refreshCache rt rootdir = do
     commit
 
 strongswanForContact addr oname = Char8.unlines
-    [ "conn " <> p oname
-    , "  right=%" <> p oname <> ".ipv4"
+    [ "conn " <> oname
+    , "  right=%" <> oname <> ".ipv4"
     , "  rightsubnet=" <> p (showA addr) <> "/128"
     , "  rightauth=pubkey"
     , "  rightid=" <> p (showA addr)
-    , "  rightrsasigkey=" <> p (oname) <> ".pem"
+    , "  rightrsasigkey=" <> oname <> ".pem"
     ]
     where p = Char8.pack