From 8836d509aec61d7adaf6e06a4118d717566a5d32 Mon Sep 17 00:00:00 2001 From: Kodie Glosser Date: Wed, 21 Feb 2018 10:55:15 -0600 Subject: [PATCH] formatting and travis fix --- easyrsa3/easyrsa | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa index ae946f0..4963bfc 100755 --- a/easyrsa3/easyrsa +++ b/easyrsa3/easyrsa @@ -59,7 +59,7 @@ DIRECTORY STATUS (commands would take effect on these locations) # Detailed command help # When called with no args, calls usage(), otherwise shows help for a command cmd_help() { - text="" + text="" opts="" case "$1" in init-pki|clean-all) text=" @@ -220,6 +220,7 @@ Deprecated features: } # => opt_usage() # Wrapper around printf - clobber print since it's not POSIX anyway +# shellcheck disable=SC1117 print() { printf "%s\n" "$*"; } # Exit fatally with a message to stderr @@ -264,8 +265,8 @@ BEGIN {IGNORECASE=1; r=2} confirm() { [ "$EASYRSA_BATCH" ] && return prompt="$1" - value="$2" - msg="$3" + value="$2" + msg="$3" input="" print " $msg @@ -414,7 +415,7 @@ Your newly created PKI dir is: $EASYRSA_PKI # build-ca backend: build_ca() { - opts="" + opts="" sub_ca="" crypto="-aes256" while [ -n "$1" ]; do @@ -465,16 +466,17 @@ current CA keypair. If you intended to start a new CA, run init-pki first." [ "$EASYRSA_BATCH" ] && opts="$opts -batch" || export EASYRSA_REQ_CN="Easy-RSA CA" out_key_tmp="$(mktemp "$out_key.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$out_key_tmp" + # shellcheck disable=SC2154 out_key_pass_tmp="$(mktemp "$out_key_pass.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_3="$out_key_pass_tmp" out_file_tmp="$(mktemp "$out_file.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_3="$out_file_tmp" printf "Enter New CA Key Passphrase: " stty -echo - read kpass + read -r kpass stty echo echo printf "Re-Enter New CA Key Passphrase: " stty -echo - read kpass2 + read -r kpass2 stty echo echo if [ "$kpass" = "$kpass2" ]; @@ -484,7 +486,7 @@ current CA keypair. If you intended to start a new CA, run init-pki first." die "Passphrases do not match." fi # create the CA key using AES256 - "$EASYRSA_OPENSSL" genrsa -aes256 -out "$out_key_tmp" -passout file:"$out_key_pass_tmp" + "$EASYRSA_OPENSSL" genrsa -aes256 -out "$out_key_tmp" -passout file:"$out_key_pass_tmp" # create the CA keypair: #shellcheck disable=SC2086 "$EASYRSA_OPENSSL" req -utf8 -new -key "$out_key_tmp" \ @@ -598,14 +600,14 @@ key: $key_out # common signing backend sign_req() { - crt_type="$1" + crt_type="$1" opts="" req_in="$EASYRSA_PKI/reqs/$2.req" crt_out="$EASYRSA_PKI/issued/$2.crt" # Randomize Serial number - i="" - serial="" + i="" + serial="" check_serial="" for i in 1 2 3 4 5; do "$EASYRSA_OPENSSL" rand -hex -out "$EASYRSA_PKI/serial" 16 @@ -679,17 +681,16 @@ $(display_dn req "$req_in") # If type is server and no subjectAltName was requested, # add one to the extensions file - if [ "$crt_type" = 'server' ]; + if [ "$crt_type" = 'server' ]; then - sname=$(basename $req_in | cut -d. -f1) - echo "$EASYRSA_EXTRA_EXTS" | - grep -q subjectAltName || + echo "$EASYRSA_EXTRA_EXTS" | + grep -q subjectAltName || default_server_san "$req_in" fi # Add any advanced extensions supplied by env-var: [ -n "$EASYRSA_EXTRA_EXTS" ] && print "$EASYRSA_EXTRA_EXTS" - + : # needed to keep die from inherting the above test } > "$EASYRSA_TEMP_EXT" || die "\ Failed to create temp extension file (bad permissions?) at: