From 0dce7ed8628007bfcf28e6f011f6ba519141c530 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Fri, 26 Jan 2018 13:17:07 +0100
Subject: [PATCH] It's year 2018, require chacha20

Also remove now irrelevant check in rotation_needed()
---
 dnscrypt-wrapper.sh | 16 +++-------------
 1 file changed, 3 insertions(+), 13 deletions(-)

diff --git a/dnscrypt-wrapper.sh b/dnscrypt-wrapper.sh
index d7a8592..1e9457d 100755
--- a/dnscrypt-wrapper.sh
+++ b/dnscrypt-wrapper.sh
@@ -8,14 +8,10 @@ prune() {
 }
 
 rotation_needed() {
-    if [ ! -f "${STKEYS_DIR}/dnscrypt.cert" ]; then
+    if [ $(/usr/bin/find "$STKEYS_DIR" -type f -cmin -720 -print -quit | wc -l | sed 's/[^0-9]//g') -le 0 ]; then
         echo true
     else
-        if [ $(/usr/bin/find "$STKEYS_DIR" -type f -cmin -720 -print -quit | wc -l | sed 's/[^0-9]//g') -le 0 ]; then
-            echo true
-        else
-            echo false
-        fi
+        echo false
     fi
 }
 
@@ -23,18 +19,12 @@ new_key() {
     ts=$(date '+%s')
     /opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper --gen-crypt-keypair \
         --crypt-secretkey-file="${STKEYS_DIR}/${ts}.key" &&
-    /opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper --gen-cert-file \
-        --provider-publickey-file="${KEYS_DIR}/public.key" \
-        --provider-secretkey-file="${KEYS_DIR}/secret.key" \
-        --crypt-secretkey-file="${STKEYS_DIR}/${ts}.key" \
-        --provider-cert-file="${STKEYS_DIR}/${ts}.cert" \
-        --cert-file-expire-days=1 && \
     /opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper --gen-cert-file \
         --xchacha20 \
         --provider-publickey-file="${KEYS_DIR}/public.key" \
         --provider-secretkey-file="${KEYS_DIR}/secret.key" \
         --crypt-secretkey-file="${STKEYS_DIR}/${ts}.key" \
-        --provider-cert-file="${STKEYS_DIR}/${ts}-xchacha20.cert" \
+        --provider-cert-file="${STKEYS_DIR}/${ts}.cert" \
         --cert-file-expire-days=1
 }