From 8579f213b02dff1907b229f17ac857052130a857 Mon Sep 17 00:00:00 2001
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Sun, 30 May 2021 14:13:29 +0100
Subject: [PATCH] sshkeys: Add key management commands

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---
 daemon/cmdlistener.rs | 27 +++++++++++++++++++++++++++
 src/commands.rs       |  6 ++++++
 src/mgmtchannel.rs    |  1 +
 3 files changed, 34 insertions(+)

diff --git a/daemon/cmdlistener.rs b/daemon/cmdlistener.rs
index 04d41de3..8d48aee8 100644
--- a/daemon/cmdlistener.rs
+++ b/daemon/cmdlistener.rs
@@ -136,6 +136,17 @@ fn execute_and_respond<W>(cs: &mut CommandStreamData, cmd: MgmtCommand,
     (r, auth)
   }
 
+  #[throws(MgmtError)]
+  fn start_access_ssh_keys(cs: &CommandStreamData)
+      -> (AccountsGuard, AccountId, Authorisation<AccountScope>)
+  {
+    let ag = AccountsGuard::lock();
+    let wanted = &cs.current_account()?.notional_account;
+    let acctid = ag.check(wanted)?;
+    let auth = authorise_scope_direct(cs, &ag, &wanted.scope)?;
+    (ag, acctid, auth)
+  }
+
   let resp = (|| Ok::<_,MgmtError>(match cmd {
     MC::Noop => Fine,
 
@@ -427,6 +438,22 @@ fn execute_and_respond<W>(cs: &mut CommandStreamData, cmd: MgmtCommand,
       MR::LibraryItems(results)
     }
 
+    MC::SshListKeys => {
+      let (ag, acctid, auth) = start_access_ssh_keys(&cs)?;
+      let list = ag.sshkeys_report(acctid, auth)?;
+      MR::SshKeys(list)
+    }
+    MC::SshAddKey { akl } => {
+      let (mut ag, acctid, auth) = start_access_ssh_keys(&cs)?;
+      let (index, id) = ag.sshkeys_add(acctid, akl, auth)?;
+      MR::SshKey { index, id }
+    }
+    MC::SshDeleteKey { index, id } => {
+      let (mut ag, acctid, auth) = start_access_ssh_keys(&cs)?;
+      ag.sshkeys_remove(acctid, index, id, auth)?;
+      MR::Fine
+    }
+
     MC::LoadFakeRng(ents) => {
       let superuser = cs.superuser()
         .ok_or(ME::SuperuserAuthorisationRequired)?;
diff --git a/src/commands.rs b/src/commands.rs
index 18f69ec5..a0e34236 100644
--- a/src/commands.rs
+++ b/src/commands.rs
@@ -59,6 +59,10 @@ pub enum MgmtCommand {
     pat: String,
   },
 
+  SshListKeys,
+  SshAddKey { akl: sshkeys::AuthkeysLine },
+  SshDeleteKey { index: usize, id: sshkeys::Id },
+
   LoadFakeRng(Vec<String>),
 }
 
@@ -98,6 +102,8 @@ pub enum MgmtResponse {
   LibraryItems(Vec<ItemEnquiryData>),
   Bundles { bundles: MgmtBundleList },
   Bundle { bundle: bundles::Id },
+  SshKeys(Vec<sshkeys::MgmtKeyReport>),
+  SshKey { index: usize, id: sshkeys::Id },
 }
 
 pub type MgmtBundleList = BTreeMap<bundles::Id, bundles::State>;
diff --git a/src/mgmtchannel.rs b/src/mgmtchannel.rs
index f19a5aab..5682a0fd 100644
--- a/src/mgmtchannel.rs
+++ b/src/mgmtchannel.rs
@@ -114,6 +114,7 @@ impl MgmtChannel {
       Progress(_) => panic!(),
       Fine | AccountsList{..} | GamesList{..} |
       Libraries(_) | LibraryItems(_) | Bundles{..} | Bundle{..} => { },
+      SshKeys(..) | SshKey{..} => { },
       AlterGame { error: None, .. } => { },
       Error { error } => {
         Err(error.clone()).context(
-- 
2.30.2