added package

dns-client.rb

@@ -9,7 +9,10 @@ require "xmpp4r"
 
 puts ARGV
 
-options = {}
+options = {
+  sshfp: []
+}
+
 OptionParser.new do |opts|
   opts.banner = "usage: ${$0} [opts]"
 
@@ -43,27 +46,18 @@ OptionParser.new do |opts|
     options[:ipv6] = true
   end
 
-  opts.on("-f", "--sshfp=FILE",
+  opts.on("-f", "--ssh-fp=SSHFP", "SSH fingerprint to register with he backplane.") do |fp|
-          "Register host SSH key fingerprints with the backplane.") do |file| 
+    options[:sshfp] << sshfp
-    options[:sshfp] = [] if not options[:sshfp]
-    options[:sshfp] = options[:sshfp] + [file]
   end
 end.parse!
 
-def error(msg)
+raise "domain is required" unless options[:domain]
-  puts msg
+raise "server is required" unless options[:server]
-  throw msg
+raise "password file is required" unless options[:pw_file]
-end
+raise "at least one of -4 or -6 required" unless (options[:ipv4] or options[:ipv6])
 
-error("domain is required") if not options[:domain]
+password = options[:pw_file]
-error("server is required") if not options[:server]
+raise "file does not exist or is not readable: #{password}" unless File::readable?(password)
-error("password file is required") if not options[:pw_file]
-error("at least one of -4 or -6 required") if not (options[:ipv4] or options[:ipv6])
-
-if not File::readable?(options[:pw_file])
-  error("file does not exist or is not readable")
-end
-password = File::open(options[:pw_file]) { |f| f.gets.strip }
 
 class XMPPClient
   def initialize(domain, hostname, server, password)
@@ -80,7 +74,7 @@ class XMPPClient
     disconnect if connected?
     @client = Jabber::Client::new(@jid)
     @client.connect # will use SRV records
-    error("failed to initialize TLS connection") if not @client.is_tls?
+    error("failed to initialize TLS connection") unless @client.is_tls?
     @client.auth(@password)
     register_response_callback
   end
@@ -94,7 +88,7 @@ class XMPPClient
     if @client.respond_to?(:is_connected?) && @client.is_connected?
       begin
         @client.close
-      rescue Errno::EPIPE, IOError => e
+      rescue Errno::EPIPE, IOError
         nil
       end
     end
@@ -218,14 +212,6 @@ def interface_addresses(interface)
   end
 end
 
-def host_sshfp(keys)
-  keys.flat_map { |keyfile|
-    `ssh-keygen -r hostname -f #{keyfile}`.split("\n")
-  }.map { |fp|
-    fp.match(/[0-9] [0-9] [a-fA-F0-9]{32,64}$/)[0]
-  }.compact
-end
-
 def hostname
   Socket.gethostname.split(".").first
 end
@@ -276,18 +262,14 @@ begin
     end
   end
 
-  if options[:sshfp]
+  if !options[:sshfp].empty?
-    fps = host_sshfp(options[:sshfp])
+    fps = options[:sshfp]
-    if not fps.empty?
+    puts "#{options[:server]}: #{hostname}.#{options[:domain]} IN SSHFP => #{fps}"
-      puts "#{options[:server]}: #{hostname}.#{options[:domain]} IN SSHFP => #{fps}"
+    if client.send_sshfp(fps)
-      if client.send_sshfp(fps)
+      puts "OK"
-        puts "OK"
-      else
-        puts "ERROR"
-        success = false
-      end
     else
-      puts "#{options[:server]}: no valid sshfps found"
+      puts "ERROR"
+      success = false
     end
   end
 ensure

flake.lock

@@ -120,11 +120,11 @@
         "utils": "utils_2"
       },
       "locked": {
-        "lastModified": 1673633895,
+        "lastModified": 1674932271,
-        "narHash": "sha256-nAc+oH3qeAhpqlfWVBmCCKuzHgA5aZ6LOYpPWDEoTME=",
+        "narHash": "sha256-ArHZiRPpPMJyGSa65VKwTUG6aNICtMTf26pjOuK4snQ=",
         "ref": "refs/heads/master",
-        "rev": "d08277c36197f25f818b16c923f9b9bc6c54207c",
+        "rev": "1923e4cf4ef116782c9ea29416150bdb3d532b0b",
-        "revCount": 16,
+        "revCount": 17,
         "type": "git",
         "url": "https://git.fudo.org/fudo-public/nix-helpers.git"
       },