diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-12-11 12:04:03 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-12-11 12:04:03 +0100 |
commit | c5041c5894f559b42e2ae26c09ad793a925168fc (patch) | |
tree | efd5e1ed3fb4b64e945fd3637c5e0833b1d986e3 | |
parent | 5c48b7e2f3dc8c2afe49cb6e8eeeca0def4d6f59 (diff) | |
download | nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.tar nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.tar.gz nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.tar.bz2 nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.tar.xz nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.zip |
custom tai64dec
-rw-r--r-- | system-profiles/openssh/known-hosts/ca-sign.gup | 3 | ||||
-rw-r--r-- | tools/tai64dec/default.nix | 18 | ||||
-rw-r--r-- | tools/tai64dec/setup.py | 10 | ||||
-rw-r--r-- | tools/tai64dec/tai64dec/__main__.py | 46 |
4 files changed, 76 insertions, 1 deletions
diff --git a/system-profiles/openssh/known-hosts/ca-sign.gup b/system-profiles/openssh/known-hosts/ca-sign.gup index f9aa3793..527a9763 100644 --- a/system-profiles/openssh/known-hosts/ca-sign.gup +++ b/system-profiles/openssh/known-hosts/ca-sign.gup | |||
@@ -8,4 +8,5 @@ principalsFile=${keyFile:h}/host-principals | |||
8 | gup -u ${keyFile} ${principalsFile} | 8 | gup -u ${keyFile} ${principalsFile} |
9 | gup -u expiration | 9 | gup -u expiration |
10 | 10 | ||
11 | ssh-keygen -h -Us ../ca/ca.pub -I $(uuidgen) -z $(tai64dec) -V "-1d:$(cat expiration)" -n $(cat ${principalsFile}) -f $1 ${keyFile} \ No newline at end of file | 11 | ssh-keygen -h -Us ../ca/ca.pub -I $(uuidgen) -z $(tai64dec --no-ns) -V "-1d:$(cat expiration)" -n $(cat ${principalsFile}) -f $1 ${keyFile} |
12 | sleep 1 | ||
diff --git a/tools/tai64dec/default.nix b/tools/tai64dec/default.nix new file mode 100644 index 00000000..380c22bf --- /dev/null +++ b/tools/tai64dec/default.nix | |||
@@ -0,0 +1,18 @@ | |||
1 | { system, self, mach-nix, leapseconds, ... }: | ||
2 | let | ||
3 | pkgs = self.legacyPackages.${system}; | ||
4 | in mach-nix.lib.${system}.buildPythonPackage { | ||
5 | pname = "tai64dec"; | ||
6 | src = pkgs.lib.sourceByRegex ./. ["^setup\.py$" "^tai64dec(/[^/]+.*)?$"]; | ||
7 | version = "0.0.0"; | ||
8 | ignoreDataOutdated = true; | ||
9 | |||
10 | requirements = '' | ||
11 | leapseconddata | ||
12 | ''; | ||
13 | |||
14 | postInstall = '' | ||
15 | wrapProgram $out/bin/tai64dec \ | ||
16 | --set-default LEAPSECONDS_FILE ${leapseconds} | ||
17 | ''; | ||
18 | } | ||
diff --git a/tools/tai64dec/setup.py b/tools/tai64dec/setup.py new file mode 100644 index 00000000..d936796b --- /dev/null +++ b/tools/tai64dec/setup.py | |||
@@ -0,0 +1,10 @@ | |||
1 | from setuptools import setup | ||
2 | |||
3 | setup(name='tai64dec', | ||
4 | packages=['tai64dec'], | ||
5 | entry_points={ | ||
6 | 'console_scripts': [ | ||
7 | 'tai64dec=tai64dec.__main__:main' | ||
8 | ], | ||
9 | }, | ||
10 | ) | ||
diff --git a/tools/tai64dec/tai64dec/__main__.py b/tools/tai64dec/tai64dec/__main__.py new file mode 100644 index 00000000..a8854523 --- /dev/null +++ b/tools/tai64dec/tai64dec/__main__.py | |||
@@ -0,0 +1,46 @@ | |||
1 | import sys, os | ||
2 | |||
3 | import argparse | ||
4 | |||
5 | from leapseconddata import LeapSecondData | ||
6 | from math import ldexp | ||
7 | from pathlib import Path | ||
8 | from datetime import datetime, timezone | ||
9 | import secrets | ||
10 | |||
11 | |||
12 | class BooleanAction(argparse.Action): | ||
13 | def __init__(self, option_strings, dest, nargs=None, **kwargs): | ||
14 | super(BooleanAction, self).__init__(option_strings, dest, nargs=0, **kwargs) | ||
15 | |||
16 | def __call__(self, parser, namespace, values, option_string=None): | ||
17 | setattr(namespace, self.dest, False if option_string.startswith('--no') else True) | ||
18 | |||
19 | |||
20 | def main(): | ||
21 | parser = argparse.ArgumentParser(prog='tai64dec', formatter_class=argparse.ArgumentDefaultsHelpFormatter) | ||
22 | parser.add_argument('--random', '--no-random', action=BooleanAction, default=False) | ||
23 | parser.add_argument('--ns', '--no-ns', action=BooleanAction, default=True) | ||
24 | args = parser.parse_args() | ||
25 | |||
26 | |||
27 | leapsecond_data = LeapSecondData.from_file(Path(os.getenv('LEAPSECONDS_FILE'))) | ||
28 | |||
29 | now = datetime.now(tz=timezone.utc) | ||
30 | |||
31 | tai_dt = leapsecond_data.to_tai(now) | ||
32 | seconds = int(tai_dt.timestamp()) | ||
33 | seconds += int(ldexp(1, 62)) | ||
34 | out = seconds | ||
35 | |||
36 | if args.ns: | ||
37 | nanoseconds = int((tai_dt.timestamp() - seconds) / 1e-9) | ||
38 | out = out << 32 | nanoseconds | ||
39 | |||
40 | if args.random: | ||
41 | out = out << 24 | int.from_bytes(secrets.token_bytes(3), byteorder='little', signed=False) | ||
42 | |||
43 | print('{:d}'.format(out), file=sys.stdout) | ||
44 | |||
45 | if __name__ == '__main__': | ||
46 | sys.exit(main()) | ||