From af2b4f1e81a31cdbdb8d640effffc25966f384ec Mon Sep 17 00:00:00 2001
From: Sean Whitton <spwhitton@spwhitton.name>
Date: Thu, 15 Jul 2021 16:48:58 -0700
Subject: SSH:HAS-USER-KEY: require specification of destination path

Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
---
 src/property/ssh.lisp | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

(limited to 'src/property/ssh.lisp')

diff --git a/src/property/ssh.lisp b/src/property/ssh.lisp
index 58775a4..4f7a717 100644
--- a/src/property/ssh.lisp
+++ b/src/property/ssh.lisp
@@ -28,10 +28,15 @@
   (:unapply
    (apply #'file:lacks-lines ".ssh/authorized_keys" keys)))
 
-(defpropspec has-user-key :posix
-    (type public-key
-          &key (dest (merge-pathnames (strcat "id_" type) #P".ssh/")) iden1)
-  "Installs an SSH keypair to DEST, which defaults to ~/.ssh/id_TYPE{,.pub}."
+(defpropspec has-user-key :posix (dest public-key &key iden1)
+  "Installs an SSH keypair to DEST and DEST.pub."
+  ;; The original version of this property took a key type argument and
+  ;; defaulted DEST to ~/.ssh/id_TYPE, but FILE:HOST-SECRET-UPLOADED requires
+  ;; an absolute path because the remote HOME is not known at :HOSTATTRS time,
+  ;; and the same applies here, so the caller must supply DEST.  In the
+  ;; FILE:SECRET-UPLOADED branch we could use a relative path, but we should
+  ;; not use an identical relative path for both IDEN2 and the destination
+  ;; when IDEN1 is a hostname, which it might be.
   `(eseqprops (file:exists-with-content
                ,(strcat (unix-namestring dest) ".pub") ,public-key)
               ,(if iden1
-- 
cgit v1.2.3