diff options
Diffstat (limited to 'kiki.hs')
| -rw-r--r-- | kiki.hs | 13 |
1 files changed, 9 insertions, 4 deletions
| @@ -1665,7 +1665,7 @@ tarContent rt spec pubpem knownhosts secpem = ipsecs ++ sshs ++ secrets "root" | |||
| 1665 | ipsecs = do | 1665 | ipsecs = do |
| 1666 | (kk,ipsec,sigs) <- selectPublicKeyAndSigs (KeyUidMatch "",Just "ipsec") (rtKeyDB rt) | 1666 | (kk,ipsec,sigs) <- selectPublicKeyAndSigs (KeyUidMatch "",Just "ipsec") (rtKeyDB rt) |
| 1667 | let kd = (rtKeyDB rt Map.! kk) | 1667 | let kd = (rtKeyDB rt Map.! kk) |
| 1668 | (addr,(onames,ns)) = getHostnames kd | 1668 | Hostnames addr onames ns _ = getHostnames kd |
| 1669 | oname <- onames | 1669 | oname <- onames |
| 1670 | return ("etc/ipsec.d/certs/" ++ Char8.unpack oname ++ ".pem", pubpem ns addr ipsec sigs) | 1670 | return ("etc/ipsec.d/certs/" ++ Char8.unpack oname ++ ".pem", pubpem ns addr ipsec sigs) |
| 1671 | 1671 | ||
| @@ -1698,10 +1698,15 @@ tarContent rt spec pubpem knownhosts secpem = ipsecs ++ sshs ++ secrets "root" | |||
| 1698 | sshsvr = spem (dir "etc/ssh/ssh_host_rsa_key") <$> lookupSecret "ssh-host" kd | 1698 | sshsvr = spem (dir "etc/ssh/ssh_host_rsa_key") <$> lookupSecret "ssh-host" kd |
| 1699 | ipseckey = do | 1699 | ipseckey = do |
| 1700 | k <- lookupSecret "ipsec" kd | 1700 | k <- lookupSecret "ipsec" kd |
| 1701 | oname <- fst . snd $ getHostnames kd | 1701 | keyName <- ipsecKeyNames (getHostnames kd) |
| 1702 | return $ spem (dir $ "etc/ipsec.d/private/"++Char8.unpack oname++".pem") k | 1702 | return $ spem (dir $ keyName) k |
| 1703 | torkey ++ sshcli ++ sshsvr ++ ipseckey | 1703 | torkey ++ sshcli ++ sshsvr ++ ipseckey |
| 1704 | 1704 | ||
| 1705 | ipsecKeyNames :: Hostnames -> [String] | ||
| 1706 | ipsecKeyNames (Hostnames _ onames _ _) = do | ||
| 1707 | oname <- Char8.unpack <$> onames | ||
| 1708 | return $ "etc/ipsec.d/private/"++oname++".pem" | ||
| 1709 | |||
| 1705 | tarT :: ([[String]],Map.Map String [String]) -> IO () | 1710 | tarT :: ([[String]],Map.Map String [String]) -> IO () |
| 1706 | tarT (sargs,margs) = do | 1711 | tarT (sargs,margs) = do |
| 1707 | KikiResult rt report <- runKeyRing $ minimalOp $ parseCommonArgs margs | 1712 | KikiResult rt report <- runKeyRing $ minimalOp $ parseCommonArgs margs |
| @@ -1747,7 +1752,7 @@ tarC (sargs,margs) = do | |||
| 1747 | knownhost (kk,hostkey,sigs) = Char8.intercalate "," ns <> " " <> Char8.pack (sshblobFromPacket hostkey) | 1752 | knownhost (kk,hostkey,sigs) = Char8.intercalate "," ns <> " " <> Char8.pack (sshblobFromPacket hostkey) |
| 1748 | where | 1753 | where |
| 1749 | ns = onames ++ others | 1754 | ns = onames ++ others |
| 1750 | (_,(onames,others)) = getHostnames $ rtKeyDB rt Map.! kk | 1755 | Hostnames _ onames others _ = getHostnames $ rtKeyDB rt Map.! kk |
| 1751 | 1756 | ||
| 1752 | build_secret :: Num t => KeyRingRuntime -> Packet -> (t, Either (IO (Maybe Char8.ByteString)) b) | 1757 | build_secret :: Num t => KeyRingRuntime -> Packet -> (t, Either (IO (Maybe Char8.ByteString)) b) |
| 1753 | build_secret rt k = ( fromIntegral $ timestamp k | 1758 | build_secret rt k = ( fromIntegral $ timestamp k |