Kim Alvefur Zash

## dnsupdate-policy.lua
-- Policy control thing with policy derived from key name
-- "keyname.owner.domain" will be allowed to edit domain (including suddomains)
-- Special keyname "acme" should be allowed to add and remove _acme-challenge TXT records under domain
-- Assumes that the key name can't be faked

function updatepolicy(request)
	local tsig = request:getTsigName();
	local zone = request:getZoneName();
	pdnslog("updatepolicy: tsig "..tsig:toString().." wants to update "..request:getQName():toString().." in "..zone:toString(), pdns.loglevels.Info);

## hg.example.com
server {
  server_name hg.example.com;

  root /var/www/hg.example.com;

  listen 0.0.0.0:80;
  listen 0.0.0.0:443 ssl;
  listen [::]:80;
  listen [::]:443 ssl http2;

## md-diff.sh
#!/bin/bash

# arguments: file commit commit [diff tool with args]

${4:-diff} \
	<(git show "$2:$1" | ./xep2md.sh -) \
	<(git show "$3:$1"  | ./xep2md.sh -)

## mod_s2s_certinfo.lua
local xmlns = "http://zash.se/protocol/s2scertinfo";

local st = require"util.stanza";
-- local dump = require"myserialize".serialize;
local base64_encode = require"util.encodings".base64.encode;
local s_char, s_gsub = string.char, string.gsub;
local tonumber = tonumber;
local function unhexbyte(c) return s_char(tonumber(c, 16)) end
local function unhex(s) return s_gsub(s, "..", unhexbyte) end
local function hex2b64(s) return base64_encode(unhex(s)) end
	-- Policy control thing with policy derived from key name
	-- "keyname.owner.domain" will be allowed to edit domain (including suddomains)
	-- Special keyname "acme" should be allowed to add and remove _acme-challenge TXT records under domain
	-- Assumes that the key name can't be faked

	function updatepolicy(request)
	local tsig = request:getTsigName();
	local zone = request:getZoneName();
	pdnslog("updatepolicy: tsig "..tsig:toString().." wants to update "..request:getQName():toString().." in "..zone:toString(), pdns.loglevels.Info);
	server {
	server_name hg.example.com;

	root /var/www/hg.example.com;

	listen 0.0.0.0:80;
	listen 0.0.0.0:443 ssl;
	listen [::]:80;
	listen [::]:443 ssl http2;
	#!/bin/bash

	# arguments: file commit commit [diff tool with args]

	${4:-diff} \
	<(git show "$2:$1" \| ./xep2md.sh -) \
	<(git show "$3:$1" \| ./xep2md.sh -)
	local xmlns = "http://zash.se/protocol/s2scertinfo";

	local st = require"util.stanza";
	-- local dump = require"myserialize".serialize;
	local base64_encode = require"util.encodings".base64.encode;
	local s_char, s_gsub = string.char, string.gsub;
	local tonumber = tonumber;
	local function unhexbyte(c) return s_char(tonumber(c, 16)) end
	local function unhex(s) return s_gsub(s, "..", unhexbyte) end
	local function hex2b64(s) return base64_encode(unhex(s)) end