# $Id$
# exchanges the public server and client ssh keys

gen_keys()
{
	if [ ! -e /etc/dropbear/dropbear_dss_host_key ]
	then
		rc_print "Generating DSS-Hostkey ..."
		dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key
	fi

	if [ ! -e /etc/dropbear/dropbear_rsa_host_key ]
	then
		rc_print "Generating RSA-Hostkey ..."
		dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key
	fi
}

config_ssh_auth()
{
	local pub_key_server
	local id
	local pubkey
	local CONFIG

	# generate eventually missing keys
	gen_keys

	# read the pubkey (the sed prints only the second line, which is the pubkey)
	pubkey="$(dropbearkey -y -f /etc/dropbear/dropbear_rsa_host_key | sed -n '2p')"

	# write the public key of the server to the host system
	pub_key_server="$(mysqldo "select public_key from ssh_auth_server where id=1;")"

	if [[ ! -z ${pub_key_server} ]]
	then
		HOME="/root"
		# only if not empty
		[ ! -d $HOME/.ssh ] && install -d $HOME/.ssh
		CONFIG="$HOME/.ssh/authorized_keys"
		clearconfig
		addconfig "${pub_key_server}"
	fi

	# put the public key of the host into the db
	id=$(mysqldo "select serial from ssh_auth_clients where serial=${ALX_SERIAL};")

	if [[ ! -z ${id} ]]
	then
		# run an update
		mysqldo "update ssh_auth_clients set public_key='${pubkey}' where serial=${ALX_SERIAL};"
	else
		# run an insert
		mysqldo "insert into ssh_auth_clients(serial,public_key) values('${ALX_SERIAL}','${pubkey}')"
	fi
}