From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Sun, 1 Dec 2019 16:51:24 +0000 (+0000)
Subject: make-secnet-sites: Add new pubkeys-dir option, and pubkey paths
X-Git-Tag: v0.6.0~95
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=secnet.git;a=commitdiff_plain;h=3f9018da766b609a8249db1428359186d5356356

make-secnet-sites: Add new pubkeys-dir option, and pubkey paths

This is where we are going to store peer public keys for each site.

Nothing uses it yet.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---

diff --git a/README.make-secnet-sites b/README.make-secnet-sites
index 17af35c..ed76b61 100644
--- a/README.make-secnet-sites
+++ b/README.make-secnet-sites
@@ -47,6 +47,16 @@ OPTIONS
 		If NUMBER is higher than make-secnet-sites supports,
 		it writes out what it can.
 
+	--pubkeys-dir PUBKEYS
+
+		Specifies the live pubkeys area pathname.
+		The default is /var/lib/secnet/pubkeys.
+
+		Key files are named
+			PUBKEYS/peer.<mangled-peer-name>[~...]
+		mangled-peer-name is chosen by make-secnet-sites
+			/ => ,
+
 	--debug | -D
 
 		Increase amount of debugging output.
diff --git a/make-secnet-sites b/make-secnet-sites
index f5795ee..1caf53d 100755
--- a/make-secnet-sites
+++ b/make-secnet-sites
@@ -253,6 +253,7 @@ def parse_args():
 	global key_prefix
 	global debug_level
 	global output_version
+	global pubkeys_dir
 
 	ap = argparse.ArgumentParser(description='process secnet sites files')
 	ap.add_argument('--userv', '-u', action='store_true',
@@ -260,6 +261,9 @@ def parse_args():
 	ap.add_argument('--conf-key-prefix', action=ActionNoYes,
 			default=True,
 		 help='prefix conf file key names derived from sites data')
+	ap.add_argument('--pubkeys-dir',  nargs=1,
+			help='public key directory',
+			default=['/var/lib/secnet/pubkeys'])
 	ap.add_argument('--output-version', nargs=1, type=int,
 			help='sites file output version',
 			default=[max_version])
@@ -274,6 +278,7 @@ def parse_args():
 	prefix = '' if av.prefix is None else av.prefix[0]
 	key_prefix = av.conf_key_prefix
 	output_version = av.output_version[0]
+	pubkeys_dir = av.pubkeys_dir[0]
 	if service:
 		if len(av.arg)!=4:
 			print("Wrong number of arguments")
@@ -619,6 +624,10 @@ class sitelevel(level):
 	 'peer':"Gateway address of the site",
 	 'pub':"public key of the site",
 	}
+	def mangle_name(self):
+		return self.name.replace('/',',')
+	def pubkeys_path(self):
+		return pubkeys_dir + '/peer.' + self.mangle_name()
 	def __init__(self,w):
 		level.__init__(self,w)
 	def output_data(self,w,path):