From 1045fb4edb1b673846467efd44c8b7bb44befd51 Mon Sep 17 00:00:00 2001
From: Andrew Cady <d@jerkface.net>
Date: Fri, 12 Jul 2019 17:03:47 -0400
Subject: use type

---
 lib/Kiki.hs | 26 +++++++++++++++++---------
 1 file changed, 17 insertions(+), 9 deletions(-)

diff --git a/lib/Kiki.hs b/lib/Kiki.hs
index 4fb19ff..7fc96b3 100644
--- a/lib/Kiki.hs
+++ b/lib/Kiki.hs
@@ -1,3 +1,4 @@
+{-# LANGUAGE RecordWildCards #-}
 {-# LANGUAGE ViewPatterns #-}
 {-# LANGUAGE CPP               #-}
 {-# LANGUAGE OverloadedStrings #-}
@@ -331,16 +332,22 @@ importAndRefresh root cmn cipher = do
     -- Finally, we update /var/cache/kiki.
     when (not bUnprivileged) $ refreshCache rt rootdir
 
+data IpsecPeerConfig = IpsecPeerConfig
+  { contactname :: Char8.ByteString
+  , addr        :: SockAddr
+  , kd          :: KeyData
+  }
+
 -- Installs the cert file for the peer to the filesystem, and returns an
 -- ipsec.conf snippet configuring the peer and referencing the installed cert
 -- file.
 installIpsecPeerCertificate
   :: FileWriter
-  -> (L.ByteString, SockAddr, KeyData)
+  -> IpsecPeerConfig
   -> IO Char8.ByteString
-installIpsecPeerCertificate fw (contactname,addr,kd) =
-    Char8.concat <$> do
-            forM (take 1 ipsecs) $ \k -> do
+installIpsecPeerCertificate fw IpsecPeerConfig{..} =
+    fromMaybe "" <$> do
+            forM (listToMaybe ipsecs) $ \k -> do
                 flip (either warn') (pemFromPacket k :: Either String String) $ \pem -> do
                     case sshs of
                         (sshkey:_) -> do
@@ -399,8 +406,8 @@ data FileWriter =
     , writeL077        :: FilePath -> Char8.ByteString -> IO FileMode
     }
 
-getMkPathAndCommit :: FilePath                 -> IO (FileWriter)
-getMkPathAndCommit destdir                  = do
+getMkPathAndCommit :: FilePath -> IO (FileWriter)
+getMkPathAndCommit destdir = do
             let cachedir                    = takeDirectory destdir
                 unslash ('/':xs)            = xs
                 unslash xs                  = xs
@@ -462,8 +469,8 @@ getssh (contactname,_addr,kd) = do
             Char8.unlines taggedblobs
 
 
-installIpsecConf :: FileWriter -> SockAddr -> Char8.ByteString -> [(Char8.ByteString, SockAddr, KeyData)] -> IO ()
-installIpsecConf fw wkaddr (certBasename) cs = do
+installIpsecConf :: FileWriter -> SockAddr -> Char8.ByteString -> [IpsecPeerConfig] -> IO ()
+installIpsecConf fw wkaddr certBasename cs = do
     snippets <- mapM (installIpsecPeerCertificate fw) cs
     writeL fw "ipsec.conf" . Char8.unlines
           $ [ "conn %default"
@@ -547,6 +554,7 @@ writePublicKeyFiles rt fw grip oname wkaddr = do
 
     let onionkeys = mapMaybe namedContact $ Map.elems $ byKeyKey $ rtKeyDB rt
         cs = filter (\(_,_,kd) -> notme kd) onionkeys
+        cs' = cs <&> \(a,b,c) -> IpsecPeerConfig a b c
         kk = keykey (fromJust $ rtWorkingKey rt)
         notme kd = keykey (keyPacket kd) /= kk
 
@@ -560,7 +568,7 @@ writePublicKeyFiles rt fw grip oname wkaddr = do
 
     writeL fw "ssh_known_hosts" known_hosts
 
-    installIpsecConf fw wkaddr (Char8.pack $ takeBaseName $ ipsecCertPath oname) cs
+    installIpsecConf fw wkaddr (Char8.pack $ takeBaseName $ ipsecCertPath oname) cs'
     fileWriterCommit fw
 
 sshKeyToHostname :: Packet -> IO Char8.ByteString
-- 
cgit v1.2.3