Use variables for paths
This commit is contained in:
parent
061f99740f
commit
36964accdc
35
cassh.sh
35
cassh.sh
|
|
@ -137,20 +137,20 @@ main_issue()
|
|||
usage
|
||||
fi
|
||||
|
||||
if [ ! -f ca.pub ]; then
|
||||
err "no ca.pub found"
|
||||
if [ ! -f "$PATH_CA_PUB" ]; then
|
||||
err "no $PATH_CA_PUB found"
|
||||
fi
|
||||
if ! ssh-add $qflag $vflag -T ca.pub; then
|
||||
if ! ssh-add $qflag $vflag -T "$PATH_CA_PUB"; then
|
||||
err "can't use CA key"
|
||||
fi
|
||||
if [ ! -d pubkeys/ ]; then
|
||||
if [ ! -d "$PATH_PUBKEYS_DIR/" ]; then
|
||||
err "no pubkeys directory found"
|
||||
fi
|
||||
|
||||
if [ ! -f serial.txt ]; then
|
||||
date -u +%Y%m%d000000000 >serial.txt
|
||||
if [ ! -f "$PATH_CA_SERIAL" ]; then
|
||||
date -u +%Y%m%d000000000 >"$PATH_CA_SERIAL"
|
||||
fi
|
||||
read -r serial <serial.txt
|
||||
read -r serial <"$PATH_CA_SERIAL"
|
||||
# Remove NNNNNNNNN suffix
|
||||
serial_date=${serial%?????????}
|
||||
current_date=$(date -u +%Y%m%d)
|
||||
|
|
@ -163,16 +163,17 @@ main_issue()
|
|||
fi
|
||||
serial=$(printf "%s%09u\n" "$serial_date" "$serial_counter")
|
||||
|
||||
_template_fmt_C=$(get_ca_comment_from_sk ca.pub)
|
||||
find pubkeys/ -type f -name '*.pub' ! -name '*-cert.pub' | {
|
||||
_template_fmt_C=$(get_ca_comment_from_sk "$PATH_CA_PUB")
|
||||
find "$PATH_PUBKEYS_DIR/" -type f -name '*.pub' ! -name '*-cert.pub' | {
|
||||
rc=0
|
||||
while read -r pk; do
|
||||
pkname=${pk%.pub}
|
||||
pkname=${pkname#pubkeys/}
|
||||
pkname=${pkname#$PATH_PUBKEYS_DIR/}
|
||||
_template_fmt_f=$pkname
|
||||
|
||||
id=$(template Cf "$key_id_fmt")
|
||||
set -- -I "$id" -Us ca.pub $hflag $qflag $vflag \
|
||||
set -- -I "$id" -Us "$PATH_CA_PUB" \
|
||||
$hflag $qflag $vflag \
|
||||
-V "$validity_interval" -z "$serial"
|
||||
|
||||
if $nflag; then
|
||||
|
|
@ -187,7 +188,7 @@ main_issue()
|
|||
err "can't issue more certificates today"
|
||||
fi
|
||||
serial=$(printf "%s%09u\n" "$serial_date" \
|
||||
"$serial_counter" | tee serial.txt)
|
||||
"$serial_counter" | tee "$PATH_CA_SERIAL")
|
||||
|
||||
if [ $rc -ne 0 ]; then
|
||||
break
|
||||
|
|
@ -211,8 +212,8 @@ main_mkfile()
|
|||
file=$1
|
||||
shift
|
||||
|
||||
if [ ! -f ca.pub ]; then
|
||||
err "no ca.pub found"
|
||||
if [ ! -f "$PATH_CA_PUB" ]; then
|
||||
err "no $PATH_CA_PUB found"
|
||||
fi
|
||||
|
||||
case $file in
|
||||
|
|
@ -239,11 +240,15 @@ main_mkfile()
|
|||
;;
|
||||
esac
|
||||
|
||||
cat ca.pub
|
||||
cat "$PATH_CA_PUB"
|
||||
}
|
||||
|
||||
set -u
|
||||
|
||||
PATH_CA_PUB=./ca.pub
|
||||
PATH_CA_SERIAL=./serial.txt
|
||||
PATH_PUBKEYS_DIR=./pubkeys
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
usage
|
||||
fi
|
||||
|
|
|
|||
Loading…
Reference in New Issue