make-secnet-sites: Do not write `pub' entries in v1 output

This introduces file version 2.

We document the ultimately intended meaning of version 2 even though
we don't implement all that yet.  The remaining pieces are on their
way.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>

diff --git a/README.make-secnet-sites b/README.make-secnet-sites
index 995dbb057ddcdb77dc85c9276bfade525fa09407..17af35c4266672d30166355d801f551b88bfc94a 100644 (file)
--- a/README.make-secnet-sites
+++ b/README.make-secnet-sites
@@ -43,6 +43,7 @@ OPTIONS
                NUMBER that are understood are:
                    1   The original format, pre signing key
                        negotiation.
+                   2   Signing key algorithm agility and negotiation.
                If NUMBER is higher than make-secnet-sites supports,
                it writes out what it can.
 

diff --git a/make-secnet-sites b/make-secnet-sites
index 2162756140a159f5bae6d3b139027a0191c37fd8..2af6037a6271bc51028b556b71ddaf073e099de6 100755 (executable)
--- a/make-secnet-sites
+++ b/make-secnet-sites
@@ -76,7 +76,7 @@ from argparseactionnoyes import ActionNoYes
 
 VERSION="0.1.18"
 
-max_version = 1
+max_version = 2
 
 from sys import version_info
 if version_info.major == 2:  # for python2
@@ -420,6 +420,9 @@ class pubkey (basetype):
                self.d=w[2].base91();
        def __str__(self):
                return 'make-public("%s","%s")'%(self.a,self.d)
+       def forsites(self,version,copy,fs):
+               if version < 2: return []
+               return copy
 
 class rsakey (pubkey):
        "An RSA public key"