Last active
February 23, 2024 02:56
-
-
Save XavierChanth/745b5ddabc0359582546c6ba4aea70d4 to your computer and use it in GitHub Desktop.
The magic atserver script.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| atdirectory() { | |
| head -n 1 < <(openssl s_client -connect root.atsign.org:64 -quiet -verify_quiet < <(echo "$1"; sleep 1; echo "@exit") 2>/dev/null) | |
| } | |
| atserver() { | |
| pkam_command="at_pkam" | |
| atsign="$1" | |
| if [[ ${atsign:0:1} != "@" ]] ; then | |
| atsign="@$atsign" | |
| fi | |
| atkeys="$HOME/.atsign/keys/${atsign}_key.atKeys" | |
| time=$(date +%s) | |
| pipe="/tmp/atserver/$atsign-$time" | |
| mkdir -p "/tmp/atserver" | |
| mkfifo "$pipe" | |
| fqdn=$(atdirectory "${atsign:1}" | tr -d '\r\n\t ') | |
| if [ -f $atkeys ]; then | |
| # subshell to prevent the trap from leaking into the main shell | |
| ( | |
| is_done=0 | |
| _cleanup() { | |
| if [ $is_done -gt 0 ]; then | |
| return | |
| fi | |
| is_done=1 | |
| rm "$pipe" 2>&1 >/dev/null | |
| } | |
| trap _cleanup INT TERM EXIT | |
| _pkam() { | |
| # Some sorcery to get the challenge to actually write to the openssl client | |
| # I think this tail flushes the pipe which is what allows us to write | |
| (tail -f "$pipe" &) | |
| tail_pid=$! | |
| echo "from:$atsign" | |
| challenge="$(head -n 1 $pipe)" | |
| echo "pkam:$($pkam_command -p $atkeys -r ${challenge:5})" | |
| } | |
| (_pkam && cat) | (openssl s_client -brief -connect "${fqdn:1}") | tee "$pipe" | |
| ) | |
| else | |
| # no atkeys file, don't try to pkam | |
| openssl s_client -brief -connect "${fqdn:1}" | |
| fi | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment