Use variables for paths
This commit is contained in:
parent
061f99740f
commit
36964accdc
35
cassh.sh
35
cassh.sh
|
|
@ -137,20 +137,20 @@ main_issue()
|
||||||
usage
|
usage
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ ! -f ca.pub ]; then
|
if [ ! -f "$PATH_CA_PUB" ]; then
|
||||||
err "no ca.pub found"
|
err "no $PATH_CA_PUB found"
|
||||||
fi
|
fi
|
||||||
if ! ssh-add $qflag $vflag -T ca.pub; then
|
if ! ssh-add $qflag $vflag -T "$PATH_CA_PUB"; then
|
||||||
err "can't use CA key"
|
err "can't use CA key"
|
||||||
fi
|
fi
|
||||||
if [ ! -d pubkeys/ ]; then
|
if [ ! -d "$PATH_PUBKEYS_DIR/" ]; then
|
||||||
err "no pubkeys directory found"
|
err "no pubkeys directory found"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ ! -f serial.txt ]; then
|
if [ ! -f "$PATH_CA_SERIAL" ]; then
|
||||||
date -u +%Y%m%d000000000 >serial.txt
|
date -u +%Y%m%d000000000 >"$PATH_CA_SERIAL"
|
||||||
fi
|
fi
|
||||||
read -r serial <serial.txt
|
read -r serial <"$PATH_CA_SERIAL"
|
||||||
# Remove NNNNNNNNN suffix
|
# Remove NNNNNNNNN suffix
|
||||||
serial_date=${serial%?????????}
|
serial_date=${serial%?????????}
|
||||||
current_date=$(date -u +%Y%m%d)
|
current_date=$(date -u +%Y%m%d)
|
||||||
|
|
@ -163,16 +163,17 @@ main_issue()
|
||||||
fi
|
fi
|
||||||
serial=$(printf "%s%09u\n" "$serial_date" "$serial_counter")
|
serial=$(printf "%s%09u\n" "$serial_date" "$serial_counter")
|
||||||
|
|
||||||
_template_fmt_C=$(get_ca_comment_from_sk ca.pub)
|
_template_fmt_C=$(get_ca_comment_from_sk "$PATH_CA_PUB")
|
||||||
find pubkeys/ -type f -name '*.pub' ! -name '*-cert.pub' | {
|
find "$PATH_PUBKEYS_DIR/" -type f -name '*.pub' ! -name '*-cert.pub' | {
|
||||||
rc=0
|
rc=0
|
||||||
while read -r pk; do
|
while read -r pk; do
|
||||||
pkname=${pk%.pub}
|
pkname=${pk%.pub}
|
||||||
pkname=${pkname#pubkeys/}
|
pkname=${pkname#$PATH_PUBKEYS_DIR/}
|
||||||
_template_fmt_f=$pkname
|
_template_fmt_f=$pkname
|
||||||
|
|
||||||
id=$(template Cf "$key_id_fmt")
|
id=$(template Cf "$key_id_fmt")
|
||||||
set -- -I "$id" -Us ca.pub $hflag $qflag $vflag \
|
set -- -I "$id" -Us "$PATH_CA_PUB" \
|
||||||
|
$hflag $qflag $vflag \
|
||||||
-V "$validity_interval" -z "$serial"
|
-V "$validity_interval" -z "$serial"
|
||||||
|
|
||||||
if $nflag; then
|
if $nflag; then
|
||||||
|
|
@ -187,7 +188,7 @@ main_issue()
|
||||||
err "can't issue more certificates today"
|
err "can't issue more certificates today"
|
||||||
fi
|
fi
|
||||||
serial=$(printf "%s%09u\n" "$serial_date" \
|
serial=$(printf "%s%09u\n" "$serial_date" \
|
||||||
"$serial_counter" | tee serial.txt)
|
"$serial_counter" | tee "$PATH_CA_SERIAL")
|
||||||
|
|
||||||
if [ $rc -ne 0 ]; then
|
if [ $rc -ne 0 ]; then
|
||||||
break
|
break
|
||||||
|
|
@ -211,8 +212,8 @@ main_mkfile()
|
||||||
file=$1
|
file=$1
|
||||||
shift
|
shift
|
||||||
|
|
||||||
if [ ! -f ca.pub ]; then
|
if [ ! -f "$PATH_CA_PUB" ]; then
|
||||||
err "no ca.pub found"
|
err "no $PATH_CA_PUB found"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
case $file in
|
case $file in
|
||||||
|
|
@ -239,11 +240,15 @@ main_mkfile()
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
cat ca.pub
|
cat "$PATH_CA_PUB"
|
||||||
}
|
}
|
||||||
|
|
||||||
set -u
|
set -u
|
||||||
|
|
||||||
|
PATH_CA_PUB=./ca.pub
|
||||||
|
PATH_CA_SERIAL=./serial.txt
|
||||||
|
PATH_PUBKEYS_DIR=./pubkeys
|
||||||
|
|
||||||
if [ $# -lt 1 ]; then
|
if [ $# -lt 1 ]; then
|
||||||
usage
|
usage
|
||||||
fi
|
fi
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue