Fnrancid

From Initech Technical Wiki
Jump to: navigation, search

This patch makes fnrancid ignore the block of config which contains regularly rolling private keys. This is required as of rancid version 3.1

--- fnrancid	2015-05-31 06:16:40.000000000 +1200
+++ fnrancid.patched	2016-09-21 07:47:51.969827661 +1200
@@ -210,6 +210,21 @@
 	# remove occurrances of conf_file_ver
 	next if (/^#?conf_file_ver=/);
 
+        # filter cycling encrypted private keys
+        if (/^\s*set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----/) {
+            ProcessHistory("","","","#$_");
+            ProcessHistory("","","","# <removed>");
+            while (<INPUT>) {
+                tr/\015//d;
+                last if (/$prompt/);
+
+                if (/^\s*-----END ENCRYPTED PRIVATE KEY-----"/) {
+                    ProcessHistory("","","","#$_");
+                    last;
+                }
+            }
+        }
+
 	# filter cycling RSA private keys
 	if (/^\s*set private-key "-----BEGIN RSA PRIVATE KEY-----/) {
 	    ProcessHistory("","","","#$_");