From d3212cf7acdca44bacb476a81d708b07998e5782 Mon Sep 17 00:00:00 2001
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Mon, 31 May 2021 01:15:11 +0100
Subject: [PATCH] otter cli: provide set-list-keys

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---
 src/bin/otter.rs | 62 ++++++++++++++++++++++++++++++++++++++++++++++++
 src/sshkeys.rs   | 21 ++++++++++++++++
 2 files changed, 83 insertions(+)

diff --git a/src/bin/otter.rs b/src/bin/otter.rs
index b2d65347..a5023851 100644
--- a/src/bin/otter.rs
+++ b/src/bin/otter.rs
@@ -2032,3 +2032,65 @@ mod set_ssh_keys {
     call,
   )}
 }
+
+//---------- list-ssh-keys ----------
+
+mod list_ssh_keys {
+  use super::*;
+
+  type Args = NoArgs;
+
+  #[throws(AE)]
+  fn call(_sc: &Subcommand, ma: MainOpts, args: Vec<String>) {
+    let _args = parse_args::<Args,_>(args, &noargs, &ok_id, None);
+    let mut conn = connect(&ma)?;
+
+    use sshkeys::*;
+
+    let mut out = BufWriter::new(io::stdout());
+
+    // find the one we're using now
+
+    let using = {
+      use MgmtResponse::ThisConnAuthBy as TCAB;
+      use MgmtThisConnAuthBy as MTCAB;
+      match conn.cmd(&MC::ThisConnAuthBy).context("find current auth")? {
+        TCAB(MTCAB::Ssh { key }) => Some(key),
+        TCAB(_) => None,
+        _ => throw!(anyhow!("unexpected response to ThisConnAuthBy")),
+      }
+    };
+
+    // obtain current set
+
+    for (_index, mkr) in match conn.cmd(&MC::SshListKeys)
+      .context("list existing keys")?
+    {
+      MR::SshKeys(report) => report,
+      _ => throw!(anyhow!("unexpected response to SshListKeys")),
+    }
+      .into_iter().enumerate()
+    {
+      let s = mkr.to_string();
+      use unicode_width::UnicodeWidthChar;
+      if s.chars().any(|c| c.width() == None /* control char */) {
+        write!(&mut out, "# FUNKY! # {:?}", &s)?;
+      } else {
+        write!(&mut out, "{}", &s)?;
+      }
+
+      if Some(&mkr.key) == using.as_ref() {
+        write!(&mut out, "# <- this connection!")?;
+      }
+      writeln!(&mut out, "")?;
+    }
+
+    out.flush()?;
+  }
+
+  inventory::submit!{Subcommand(
+    "list-ssh-keys",
+    "set SSH keys for remote management access authentication",
+    call,
+  )}
+}
diff --git a/src/sshkeys.rs b/src/sshkeys.rs
index cc1069b8..4fcef54e 100644
--- a/src/sshkeys.rs
+++ b/src/sshkeys.rs
@@ -110,6 +110,10 @@ mod veneer {
     fn from(e: OpenSSHKeyError) -> Self { KeyError::BadData(e.to_string()) }
   }
 
+  impl Display for Comment {
+    #[throws(fmt::Error)]
+    fn fmt(&self, f: &mut fmt::Formatter) { write!(f, "{}", &self.0)? }
+  }
   impl Display for PubData {
     #[throws(fmt::Error)]
     fn fmt(&self, f: &mut fmt::Formatter) { write!(f, "{}", &self.0)? }
@@ -208,6 +212,23 @@ pub struct MgmtKeyReport {
   pub problem: Option<KeyError>,
 }
 
+impl Display for KeySpec {
+  #[throws(fmt::Error)]
+  fn fmt(&self, f: &mut fmt::Formatter) {
+    write!(f, "{}:{}", self.id, &self.nonce)?;
+  }
+}
+
+impl Display for MgmtKeyReport {
+  #[throws(fmt::Error)]
+  fn fmt(&self, f: &mut fmt::Formatter) {
+    if let Some(problem) = &self.problem {
+      write!(f, "# PROBLEM {} # ", &problem)?;
+    }
+    write!(f, "{} {} # {}", &self.data, &self.comment, &self.key)?;
+  }
+}
+
 macro_rules! def_pskeys_get {
   ($trait:ident, $f:ident, $get:ident, $($mut:tt)?) => {
     #[ext(name=$trait)]
-- 
2.30.2