From 05b8a51e6ef6ee7e2db8af0fecfc8840bcb58652 Mon Sep 17 00:00:00 2001 From: Fredrik Thulin Date: Tue, 31 Mar 2015 09:18:06 +0200 Subject: argument parsing piff-up --- scripts/mkreq | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) (limited to 'scripts/mkreq') diff --git a/scripts/mkreq b/scripts/mkreq index 4493867..c5e8e9f 100755 --- a/scripts/mkreq +++ b/scripts/mkreq @@ -1,6 +1,5 @@ #!/bin/sh -host="$1"; shift ca_host="ca.sunet.se" ca_name="infra" type="" @@ -22,14 +21,21 @@ Usage: mkreq [-v] [-s*] [-c] [-C ] [-N ] [--] " 1>&2 } +if [ "x$1" = "x" ]; then + usage + exit 1 +fi + { while test $# -gt 0; do case "$1" in -s) type="server" + shift ;; -c) type="client" + shift ;; -C) ca_host="$2" @@ -46,11 +52,25 @@ Usage: mkreq [-v] [-s*] [-c] [-C ] [-N ] [--] --) break ;; + *) + echo $1 | grep -q '^-' || break # found the fqdn + echo "$0: Unknown option $1" + echo "" + usage + exit 1 esac - shift done } +host="$1" + +if [ "x$host" = "x" ]; then + echo "$0: No fqdn supplied" + echo "" + usage + exit 1 +fi + if [ -d $host -a -z $type ]; then type="server" fi -- cgit v1.1 From 0fc39fd18b57d9fe651d9a176927e5ae3eb517ed Mon Sep 17 00:00:00 2001 From: Fredrik Thulin Date: Tue, 31 Mar 2015 09:23:35 +0200 Subject: Use mktemp plain to use system default TMPDIR. Hopefully, TMPDIR points to a ramdisk. --- scripts/mkreq | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'scripts/mkreq') diff --git a/scripts/mkreq b/scripts/mkreq index c5e8e9f..2b59f52 100755 --- a/scripts/mkreq +++ b/scripts/mkreq @@ -77,8 +77,8 @@ fi cfg=`mktemp` -key="/tmp/$host.key" -csr="/tmp/$host.csr" +key=`mktemp` +csr=`mktemp` trap 'rm -f $cfg' EXIT -- cgit v1.1 From 17d595dc4e90d6b64ed75de11c04236a2444fa0c Mon Sep 17 00:00:00 2001 From: Fredrik Thulin Date: Tue, 31 Mar 2015 09:23:50 +0200 Subject: Remove generated key from disk, after printing it. --- scripts/mkreq | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'scripts/mkreq') diff --git a/scripts/mkreq b/scripts/mkreq index 2b59f52..44aaddc 100755 --- a/scripts/mkreq +++ b/scripts/mkreq @@ -15,7 +15,7 @@ Usage: mkreq [-v] [-s*] [-c] [-C ] [-N ] [--] -c request client cert -C ca host (ca.sunet.se) -N ca name (infra) - + fully qualified name of host " 1>&2 @@ -110,6 +110,12 @@ git add "$reqs/$host.csr" && git commit -m "certification request for $host from if [ -d $host ]; then ssh root@$host mkdir -p /etc/ssl/private && scp "$key" "root@$host:/etc/ssl/private/${host}_${ca_name}.key" && rm -f "$key" && echo "** private key given to $host" || echo "** private key left in $key - should be in root@$host:/etc/ssl/private/${host}_${ca_name}.key" +else + echo "" + echo "** Generated the following RSA key, keep it safe:" + cat $key + rm -f $key + echo "" fi echo "** successfully generated key and certification request for $host from $ca_host:$ca_name" -- cgit v1.1