def site_finish(self,confw):
self._pw.close()
os.rename(self._pa+'~tmp',self._pa+'~update')
+ PkmElide.site_finish(self,confw)
+
+class PkmElide(PkmBase):
+ opt = 'elide'
+ help = 'no public keys in sites.conf output nor in directory'
+ def site_finish(self,confw):
confw.write("peer-keys \"%s\";\n"%self._pa);
+class OpBase():
+ pass
+
+class OpConf(OpBase):
+ def is_service(self): return 0
+
+class OpUserv(OpBase):
+ opts = ['--userv','-u']
+ help = 'userv service fragment update mode'
+ def is_service(self): return 1
+
def parse_args():
+ global opmode
global service
global inputfile
global header
global pubkeys_mode
ap = argparse.ArgumentParser(description='process secnet sites files')
- ap.add_argument('--userv', '-u', action='store_true',
- help='userv service fragment update mode')
+ def add_opmode(how):
+ ap.add_argument(*how().opts, action=ArgActionLambda,
+ nargs=0,
+ fn=(lambda v,ns,*x: setattr(ns,'opmode',how)),
+ help=how().help)
+ add_opmode(OpUserv)
ap.add_argument('--conf-key-prefix', action=ActionNoYes,
default=True,
help='prefix conf file key names derived from sites data')
help=how().help)
add_pkm(PkmInstall)
add_pkm(PkmSingle)
+ add_pkm(PkmElide)
ap.add_argument('--pubkeys-dir', nargs=1,
help='public key directory',
default=['/var/lib/secnet/pubkeys'])
av = ap.parse_args()
debug_level = av.debug
debugrepr('av',av)
- service = 1 if av.userv else 0
+ opmode = getattr(av,'opmode',OpConf)()
+ service = opmode.is_service()
prefix = '' if av.prefix is None else av.prefix[0]
key_prefix = av.conf_key_prefix
output_version = av.output_version[0]
return len(self.forpub(version,fs)) != 0
class rsakey (pubkey):
- "An RSA public key"
+ "An old-style RSA public key"
def __init__(self,w):
self.l=w[1].number(0,max['rsa_bits'],'rsa len')
self.e=w[2].bignum_10('rsa','rsa e')
'pkg':(listof(somepubkey),"start of public key group",'pub'),
'pkgf':(listof(somepubkey),"start of fallback public key group",'pub'),
'pub':(listof(somepubkey),"new style public site key"),
- 'pubkey':(listof(somepubkey),"RSA public site key",'pub'),
+ 'pubkey':(listof(somepubkey),"Old-style RSA public site key",'pub'),
'peer':(single_ipaddr,"Tunnel peer IP address"),
'address':(address,"External contact address and port"),
'mobile':(boolean,"Site is mobile"),