emo/make-ca
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow use of proxy with OpenSSL s_client.

Browse Source
This commit is contained in:
DJ Lucas 2017-10-14 00:07:58 -05:00
parent 73bfc6b792
commit e29ccf19ac
2 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG
View File

@ -1,3 +1,6 @@
0.6 - Allow use of proxy with OpenSSL s_client
- Really check revision before download
- Make sure download was successful before testing values
0.5 - Install systemd timer and service units 0.5 - Install systemd timer and service units
- Add uninstall and clean targets - Add uninstall and clean targets
0.4 - Add email and code signing flat file certificate stores 0.4 - Add email and code signing flat file certificate stores

16
make-ca
View File

@ -180,6 +180,11 @@ function get_args(){
fi fi
shift 2 shift 2
;; ;;
-p | --proxy)
check_arg $1 $2
PROXY="${2}"
shift 2
;;
-k | --keytool) -k | --keytool)
check_arg $1 $2 check_arg $1 $2
KEYTOOL="${2}" KEYTOOL="${2}"
@ -281,6 +286,9 @@ function showhelp(){
echo " -n, --nssdb [\$PKIDIR/nssdb]" echo " -n, --nssdb [\$PKIDIR/nssdb]"
echo " The output path for the shared NSS DB" echo " The output path for the shared NSS DB"
echo "" echo ""
echo " -p, --proxy [URI:PORT]"
echo " Use proxy server for download"
echo ""
echo " -k, --keytool [PATH]" echo " -k, --keytool [PATH]"
echo " The path to the java keytool utility" echo " The path to the java keytool utility"
echo "" echo ""
@ -412,8 +420,12 @@ mkdir -p "${TEMPDIR}"/{certs,ssl/{certs,java},pki/{nssdb,anchors},work}
if test "${GET}" == "1"; then if test "${GET}" == "1"; then
HOST=$(echo "${URL}" | /usr/bin/cut -d / -f 3) HOST=$(echo "${URL}" | /usr/bin/cut -d / -f 3)
_url=$(echo "${URL}" | sed 's@raw-file@log@') _url=$(echo "${URL}" | sed 's@raw-file@log@')
SARGS="-ign_eof -connect ${HOST}:443"
if test "${PROXY}x" != "x"; then
SARGS="${SARGS} -proxy ${PROXY}"
fi
echo GET ${_url} | \ echo GET ${_url} | \
${OPENSSL} s_client -ign_eof -connect ${HOST}:443 2>/dev/null > "${TEMPDIR}/certdata.txt.log" ${OPENSSL} s_client ${SARGS} 2>/dev/null > "${TEMPDIR}/certdata.txt.log"
unset _url unset _url
# Error out here if we couldn't get the file # Error out here if we couldn't get the file
@ -436,7 +448,7 @@ if test "${GET}" == "1"; then
# Download the new file # Download the new file
echo GET ${URL} | \ echo GET ${URL} | \
${OPENSSL} s_client -ign_eof -connect ${HOST}:443 2>/dev/null >> "${CERTDATA}" ${OPENSSL} s_client ${SARGS} 2>/dev/null >> "${CERTDATA}"
_line=$(( $(grep -n "certdata.txt" "${CERTDATA}" | cut -d ":" -f 1) - 1)) _line=$(( $(grep -n "certdata.txt" "${CERTDATA}" | cut -d ":" -f 1) - 1))
sed -e "1,${_line}d" -i "${CERTDATA}" sed -e "1,${_line}d" -i "${CERTDATA}"
sed "1i # Revision:${REVISION}" -i "${CERTDATA}" sed "1i # Revision:${REVISION}" -i "${CERTDATA}"