diff options
Diffstat (limited to 'kiki.hs')
-rw-r--r-- | kiki.hs | 13 |
1 files changed, 9 insertions, 4 deletions
@@ -1665,7 +1665,7 @@ tarContent rt spec pubpem knownhosts secpem = ipsecs ++ sshs ++ secrets "root" | |||
1665 | ipsecs = do | 1665 | ipsecs = do |
1666 | (kk,ipsec,sigs) <- selectPublicKeyAndSigs (KeyUidMatch "",Just "ipsec") (rtKeyDB rt) | 1666 | (kk,ipsec,sigs) <- selectPublicKeyAndSigs (KeyUidMatch "",Just "ipsec") (rtKeyDB rt) |
1667 | let kd = (rtKeyDB rt Map.! kk) | 1667 | let kd = (rtKeyDB rt Map.! kk) |
1668 | (addr,(onames,ns)) = getHostnames kd | 1668 | Hostnames addr onames ns _ = getHostnames kd |
1669 | oname <- onames | 1669 | oname <- onames |
1670 | return ("etc/ipsec.d/certs/" ++ Char8.unpack oname ++ ".pem", pubpem ns addr ipsec sigs) | 1670 | return ("etc/ipsec.d/certs/" ++ Char8.unpack oname ++ ".pem", pubpem ns addr ipsec sigs) |
1671 | 1671 | ||
@@ -1698,10 +1698,15 @@ tarContent rt spec pubpem knownhosts secpem = ipsecs ++ sshs ++ secrets "root" | |||
1698 | sshsvr = spem (dir "etc/ssh/ssh_host_rsa_key") <$> lookupSecret "ssh-host" kd | 1698 | sshsvr = spem (dir "etc/ssh/ssh_host_rsa_key") <$> lookupSecret "ssh-host" kd |
1699 | ipseckey = do | 1699 | ipseckey = do |
1700 | k <- lookupSecret "ipsec" kd | 1700 | k <- lookupSecret "ipsec" kd |
1701 | oname <- fst . snd $ getHostnames kd | 1701 | keyName <- ipsecKeyNames (getHostnames kd) |
1702 | return $ spem (dir $ "etc/ipsec.d/private/"++Char8.unpack oname++".pem") k | 1702 | return $ spem (dir $ keyName) k |
1703 | torkey ++ sshcli ++ sshsvr ++ ipseckey | 1703 | torkey ++ sshcli ++ sshsvr ++ ipseckey |
1704 | 1704 | ||
1705 | ipsecKeyNames :: Hostnames -> [String] | ||
1706 | ipsecKeyNames (Hostnames _ onames _ _) = do | ||
1707 | oname <- Char8.unpack <$> onames | ||
1708 | return $ "etc/ipsec.d/private/"++oname++".pem" | ||
1709 | |||
1705 | tarT :: ([[String]],Map.Map String [String]) -> IO () | 1710 | tarT :: ([[String]],Map.Map String [String]) -> IO () |
1706 | tarT (sargs,margs) = do | 1711 | tarT (sargs,margs) = do |
1707 | KikiResult rt report <- runKeyRing $ minimalOp $ parseCommonArgs margs | 1712 | KikiResult rt report <- runKeyRing $ minimalOp $ parseCommonArgs margs |
@@ -1747,7 +1752,7 @@ tarC (sargs,margs) = do | |||
1747 | knownhost (kk,hostkey,sigs) = Char8.intercalate "," ns <> " " <> Char8.pack (sshblobFromPacket hostkey) | 1752 | knownhost (kk,hostkey,sigs) = Char8.intercalate "," ns <> " " <> Char8.pack (sshblobFromPacket hostkey) |
1748 | where | 1753 | where |
1749 | ns = onames ++ others | 1754 | ns = onames ++ others |
1750 | (_,(onames,others)) = getHostnames $ rtKeyDB rt Map.! kk | 1755 | Hostnames _ onames others _ = getHostnames $ rtKeyDB rt Map.! kk |
1751 | 1756 | ||
1752 | build_secret :: Num t => KeyRingRuntime -> Packet -> (t, Either (IO (Maybe Char8.ByteString)) b) | 1757 | build_secret :: Num t => KeyRingRuntime -> Packet -> (t, Either (IO (Maybe Char8.ByteString)) b) |
1753 | build_secret rt k = ( fromIntegral $ timestamp k | 1758 | build_secret rt k = ( fromIntegral $ timestamp k |