Install source certdata.txt file

Provide -r/--rebuild option
2017-09-20 22:29:03 -05:00 · 2017-09-20 22:29:03 -05:00 · c02dd19221
commit c02dd19221
parent 8e9c5b6abd
2 changed files with 41 additions and 11 deletions
--- a/2
+++ b/2
@ -1,3 +1,5 @@
+0.2      - Install source certdata.txt file
+         - Provide rebuild option
 0.1      - Check executable bit for CERTUTIL, KEYTOOL, and OPENSSL
         - Allow global configuration file
         - Use correct license text (MIT)
--- a/44
+++ b/44
@ -38,15 +38,27 @@ TEMPDIR=$(mktemp -d)
 WORKDIR="${TEMPDIR}/work"
 WITH_NSS=1
 WITH_JAVA=1
+CERTDATAY=0
 FORCE=0
+REBUILD=0

 function get_args(){
  while test -n "${1}" ; do
    case "${1}" in
      -C | --certdata)
+        if test "${REBUILD}" == "0"; then
          check_arg $1 $2
          CERTDATA="${2}"
+          CERTDATAY="1"
          shift 2
+        else
+          echo "Error: ${1} cannot be used with the -r/--rebuild switch."
+          exit 3
+        fi
+        if test ! -f "${CERTDATA}"; then
+          echo "Error: ${CERTDATA} not found!"
+          exit 3
+        fi
      ;;
      -D | --destdir)
        check_arg $1 $2
@ -149,6 +161,20 @@ function get_args(){
        KEYTOOL="${2}"
        shift 2
      ;;
+      -r | --rebuild)
+        if test "${CERTDATAY}" == "0"; then
+          REBUILD="1"
+          shift 1
+        else
+          echo "Error: ${1} cannot be used with the -C/--certdata switch."
+          exit 3
+        fi
+        CERTDATA="${SSLDIR}/certdata.txt"
+        if test ! -f "${CERTDATA}"; then
+          echo "Error: ${CERTDATA} not found!"
+          exit 3
+        fi
+      ;;
      -s | --openssl)
        check_arg $1 $2
        OPENSSL="${2}"
@ -231,6 +257,9 @@ function showhelp(){
  echo ""
  echo "        -k  --keytool    The path to the java keytool utility"
  echo ""
+  echo "        -r  --rebuild    Rebuild the enitre PKI tree using the previous"
+  echo "                         certdata.txt file."
+  echo ""
  echo "        -s  --openssl    The path to the openssl utility"
  echo ""
  echo "        -t  --certutil   The path the certutil utility"
@ -340,12 +369,6 @@ get-p11-val() {
 # Process command line arguments
 get_args $@

-if test ! -r "${CERTDATA}"; then
-  echo "${CERTDATA} was not found. The certdata.txt file must be in the local"
-  echo "directory, or speficied with the --certdata switch."
-  exit 1
-fi
-
 test -x "${CERTUTIL}" || WITH_NSS=0
 test -x "${KEYTOOL}" || WITH_JAVA=0
 test ! -x "${OPENSSL}" && echo "OpenSSL not found at ${OPENSSL}. Exiting..." &&
@ -523,9 +546,9 @@ unset tempfile

 # Sanity check
 count=$(ls "${TEMPDIR}"/ssl/certs/*.pem | wc -l)
-# Historically there have been between 152 and 165 certs
+# Historically there have been between 152 and 190 certs
 # A minimum of 140 should be safe for a rudimentry sanity check
-if test "${count}" -lt "140" ; then
+if test "${count}" -lt "150" ; then
    echo "Error! Only ${count} certificates were generated!"
    echo "Exiting without update!"
    echo ""
@ -534,6 +557,11 @@ if test "${count}" -lt "140" ; then
 fi
 unset count

+# Install certdata.txt
+if test "${REBUILD}" == "0"; then
+  install -vm644 "${CERTDATA}" "${DESTDIR}${SSLDIR}"
+fi
+
 # Generate the bundle
 bundlefile=`basename "${CABUNDLE}"`
 bundledir=`echo "${CABUNDLE}" | sed "s@/${bundlefile}@@"`