Changeset - 7a0c4fe01dcb
[Not reviewed]
0 1 0
Branko Majic (branko) - 4 years ago 2020-06-29 04:18:33
branko@majic.rs
Added support for specifying a path to configuration directory instead of using one of the default locations.
1 file changed with 26 insertions and 12 deletions:
0 comments (0 inline, 0 general) First comment
x509/crlpublisher.sh
Show inline comments
 
@@ -16,13 +16,13 @@
 
#
 
# You should have received a copy of the GNU General Public License
 
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
#
 

	
 
program="crlpublisher.sh"
 
version="0.1.1"
 
version="0.1.2"
 

	
 
function usage() {
 
    cat <<EOF
 
$program $version, a non-interactive utility for publishing CRL's.
 

	
 
Usage: $program [OPTIONS] crl_file
 
@@ -44,13 +44,14 @@ supported publishers are:
 
      in format YYYY-MM-DD-HH:MM:SS:TZ (e.g. 2013-01-01-00:00:00:+00:00),
 
      crlnumber is replaced with the CRL number in decimal format, and format is
 
      replaced by the format of the CRL file (PEM for OpenSSL-style
 
      base64-encoded CRLs, DER for binary CRLs).
 

	
 
Publishing options are kept within configuration files. Configuration files
 
should be placed in one of the following directories:
 
should be placed in the explicitly set configurtion directory (set with the -c
 
option), or one of the following default locations:
 

	
 
    - /etc/crlpublisher/
 
    - ~/.crlpublisher/
 

	
 
Configuration files must end with a .conf extension. All other files will be
 
ignored. Each configuraiton file should contain information for a single
 
@@ -84,12 +85,15 @@ Configuration options for 'scp' publisher:
 
Configuration options for 'archiver' publisher:
 

	
 
    acrhiveDir (mandatory) - Directory where the CRLs will be archived.
 

	
 
$program accepts the following options:
 

	
 
    -c dir    Explicit configuration directory from which the publisher
 
              configuration files should be read.
 

	
 
    -v        show script version and licensing information
 
    -h        show usage help
 

	
 

	
 
Please report bugs and send feature requests to <branko@majic.rs>.
 
EOF
 
@@ -142,13 +146,15 @@ function readCrlInfo() {
 
        echo "Invalid CRL file '$crlFile'" >&2
 
        return 1
 
    fi
 

	
 
    # Read the CRL information
 
    crlIssuerDn=$(openssl crl -issuer -inform "$crlFormat" -noout -in "$crlFile" | sed -e 's#^issuer=/##;s#/#,#g')
 
    crlNumber=$(echo "ibase=16;obase=A;$(openssl crl -crlnumber -inform "$crlFormat" -noout -in "$crlFile" | sed -e 's/crlNumber=//')" | bc)
 
    # @TODO: The -crlnumber option was added only to more recent versions of OpenSSL.
 
    #crlNumber=$(echo "ibase=16;obase=A;$(openssl crl -crlnumber -inform "$crlFormat" -noout -in "$crlFile" | sed -e 's/crlNumber=//')" | bc)
 
    crlNumber=$(openssl crl -text -inform "$crlFormat" -noout -in "$crlFile"  | grep -A1 'X509v3 CRL Number' | tail -n1 | grep -o '[[:digit:]]\+')
 
    crlLastUpdate=$(openssl crl -lastupdate -inform "$crlFormat" -noout -in "$crlFile" | sed -e 's/lastUpdate=//')
 
    crlNextUpdate=$(openssl crl -nextupdate -inform "$crlFormat" -noout -in "$crlFile" | sed -e 's/nextUpdate=//')
 

	
 
    return 0
 
}
 

	
 
@@ -245,39 +251,47 @@ function publish_through_archiver() {
 
if [[ -z $1 ]]; then
 
    usage
 
    exit 0
 
fi
 

	
 
# Parse the arguments
 
while getopts "vh" opt; do
 
while getopts "c:vh" opt; do
 
    case "$opt" in
 
        c) configDir="$OPTARG";;
 
        v) version
 
           exit 0;;
 
        h) usage
 
           exit 0;;
 
        *) usage
 
           exit 1;;
 
    esac
 
done
 
i=$OPTIND
 
shift $(($i-1))
 

	
 
# Determine the configuration directory to be used
 
configDir="/etc/crlpublisher"
 
# Figure out which configuration directory to use.
 
if [[ -n $configDir && ! -d $configDir ]]; then
 
    echo "Specified configuration directory '$configDir' does not exist." >&2
 
    exit 2
 
# If no configuration directory was provided, try one of the default ones.
 
elif [[ -z $configDir ]]; then
 
    configDir="/etc/crlpublisher"
 

	
 
[[ ! -d $configDir ]] && configDir="$HOME/.crlpublisher"
 
    [[ ! -d $configDir ]] && configDir="$HOME/.crlpublisher"
 

	
 
if [[ ! -d $configDir ]]; then
 
    cat <<EOF >&2
 
No configuration directory could be found. Please create configuration directory
 
and the necessary configuration files in one of the following locations:
 
    if [[ ! -d $configDir ]]; then
 
        cat <<EOF >&2
 
No configuration directory could be found. Please provide configuration
 
directory path using the -c option, or create configuration directory and the
 
necessary configuration files in one of the following locations:
 

	
 
- /etc/crlpublisher/
 
- $HOME/crlpublisher/
 
EOF
 
    exit 2
 
        exit 2
 
    fi
 
fi
 

	
 
# The first argument should be a CRL file
 
crlFile="$1"
 

	
 
# Obtain the issuer's DN first
0 comments (0 inline, 0 general) First comment
You need to be logged in to comment. Login now