From e30aa264024894d06ef70afdece9cdac6ee20b6e Mon Sep 17 00:00:00 2001 From: niten Date: Sat, 28 Jan 2023 11:49:05 -0800 Subject: [PATCH] added package --- dns-client.rb | 60 ++++++++++++++++++--------------------------------- flake.lock | 8 +++---- 2 files changed, 25 insertions(+), 43 deletions(-) diff --git a/dns-client.rb b/dns-client.rb index abe0012..5a122e8 100644 --- a/dns-client.rb +++ b/dns-client.rb @@ -9,7 +9,10 @@ require "xmpp4r" puts ARGV -options = {} +options = { + sshfp: [] +} + OptionParser.new do |opts| opts.banner = "usage: ${$0} [opts]" @@ -43,27 +46,18 @@ OptionParser.new do |opts| options[:ipv6] = true end - opts.on("-f", "--sshfp=FILE", - "Register host SSH key fingerprints with the backplane.") do |file| - options[:sshfp] = [] if not options[:sshfp] - options[:sshfp] = options[:sshfp] + [file] + opts.on("-f", "--ssh-fp=SSHFP", "SSH fingerprint to register with he backplane.") do |fp| + options[:sshfp] << sshfp end end.parse! -def error(msg) - puts msg - throw msg -end +raise "domain is required" unless options[:domain] +raise "server is required" unless options[:server] +raise "password file is required" unless options[:pw_file] +raise "at least one of -4 or -6 required" unless (options[:ipv4] or options[:ipv6]) -error("domain is required") if not options[:domain] -error("server is required") if not options[:server] -error("password file is required") if not options[:pw_file] -error("at least one of -4 or -6 required") if not (options[:ipv4] or options[:ipv6]) - -if not File::readable?(options[:pw_file]) - error("file does not exist or is not readable") -end -password = File::open(options[:pw_file]) { |f| f.gets.strip } +password = options[:pw_file] +raise "file does not exist or is not readable: #{password}" unless File::readable?(password) class XMPPClient def initialize(domain, hostname, server, password) @@ -80,7 +74,7 @@ class XMPPClient disconnect if connected? @client = Jabber::Client::new(@jid) @client.connect # will use SRV records - error("failed to initialize TLS connection") if not @client.is_tls? + error("failed to initialize TLS connection") unless @client.is_tls? @client.auth(@password) register_response_callback end @@ -94,7 +88,7 @@ class XMPPClient if @client.respond_to?(:is_connected?) && @client.is_connected? begin @client.close - rescue Errno::EPIPE, IOError => e + rescue Errno::EPIPE, IOError nil end end @@ -218,14 +212,6 @@ def interface_addresses(interface) end end -def host_sshfp(keys) - keys.flat_map { |keyfile| - `ssh-keygen -r hostname -f #{keyfile}`.split("\n") - }.map { |fp| - fp.match(/[0-9] [0-9] [a-fA-F0-9]{32,64}$/)[0] - }.compact -end - def hostname Socket.gethostname.split(".").first end @@ -276,18 +262,14 @@ begin end end - if options[:sshfp] - fps = host_sshfp(options[:sshfp]) - if not fps.empty? - puts "#{options[:server]}: #{hostname}.#{options[:domain]} IN SSHFP => #{fps}" - if client.send_sshfp(fps) - puts "OK" - else - puts "ERROR" - success = false - end + if !options[:sshfp].empty? + fps = options[:sshfp] + puts "#{options[:server]}: #{hostname}.#{options[:domain]} IN SSHFP => #{fps}" + if client.send_sshfp(fps) + puts "OK" else - puts "#{options[:server]}: no valid sshfps found" + puts "ERROR" + success = false end end ensure diff --git a/flake.lock b/flake.lock index 3a4148e..696ca21 100644 --- a/flake.lock +++ b/flake.lock @@ -120,11 +120,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1673633895, - "narHash": "sha256-nAc+oH3qeAhpqlfWVBmCCKuzHgA5aZ6LOYpPWDEoTME=", + "lastModified": 1674932271, + "narHash": "sha256-ArHZiRPpPMJyGSa65VKwTUG6aNICtMTf26pjOuK4snQ=", "ref": "refs/heads/master", - "rev": "d08277c36197f25f818b16c923f9b9bc6c54207c", - "revCount": 16, + "rev": "1923e4cf4ef116782c9ea29416150bdb3d532b0b", + "revCount": 17, "type": "git", "url": "https://git.fudo.org/fudo-public/nix-helpers.git" },