From 44df1a01d80c1a7e8ffa20a50c16cf164aa68ade Mon Sep 17 00:00:00 2001
Message-Id: <44df1a01d80c1a7e8ffa20a50c16cf164aa68ade.1717466375.git.mdw@distorted.org.uk>
From: Mark Wooding <mdw@chiark.greenend.org.uk>
Date: Sat, 15 Jul 2017 16:09:56 +0100
Subject: [PATCH] etc/config.tcl: Hack for testing.
Organization: Straylight/Edgeware

From: Mark Wooding <mdw@distorted.org.uk>

  * Configure `ca-name' to dissuade anyone from configuring the CA as
    actually trusted.

  * Don't really push anywhere, just say what would have been done.
---
 etc/config.tcl | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/etc/config.tcl b/etc/config.tcl
index 3b901fc..f5582af 100644
--- a/etc/config.tcl
+++ b/etc/config.tcl
@@ -12,6 +12,15 @@ set C(ca-name) {
   emailAddress "ca@distorted.org.uk"
 }
 
+set C(ca-name) {
+  countryName "GB"
+  stateOrProvinceName "Cambridgeshire"
+  localityName "Cambridge"
+  organizationName "distorted.org.uk"
+  commonName "Test Certificate Authority -- do not trust"
+  emailAddress "mdw@distorted.org.uk"
+}
+
 set P(tls-client) {
   extensions tls-client-extensions
   issue-time "*-*-* 00:00:00"
@@ -34,10 +43,10 @@ set P(tls-server-longterm) {
 }
 
 proc update-hook {} {
-  global env
-  if {![info exists env(CA_BODGE)]} {
-    exec 2>@stderr rsync -rtl --delete-delay \
-	ca.cert crl cert req archive \
-	sysupl-ca@stratocaster.distorted.org.uk:files/
+  puts -nonewline "Send to:"
+  foreach host {ustrat uartist} {
+    exec rsync -avD ca.cert crl cert req $host:etc/ca/
+    puts -nonewline " $host"
   }
+  puts "."
 }
-- 
[mdw]