nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve op_test.sh: Fine grain control "show ca/cert"

Browse Source 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
This commit is contained in:
Richard Bonhomme 2019-01-26 20:42:37 +00:00 committed by Eric F Crist
parent 08d72e0c9d
commit a55f58b5a5
No known key found for this signature in database
GPG Key ID: 72964219390D0D0E
1 changed files with 12 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
op_test.sh
View File

@ -64,6 +64,7 @@ init ()
DIE=1 DIE=1
VERBOSE="${VERBOSE:-0}" VERBOSE="${VERBOSE:-0}"
VVERBOSE="${VVERBOSE:-0}" VVERBOSE="${VVERBOSE:-0}"
SHOW_CERT="${SHOW_CERT:-0}"
SAVE_PKI="${SAVE_PKI:-0}" SAVE_PKI="${SAVE_PKI:-0}"
ERSA_OUT="${ERSA_OUT:-0}" ERSA_OUT="${ERSA_OUT:-0}"
ERSA_BIN="./easyrsa" ERSA_BIN="./easyrsa"
@ -90,7 +91,7 @@ print() { printf "%s\n" "$1"; }
newline () newline ()
{ {
[ $((VVERBOSE)) -eq 1 ] || return 0 [ $((VVERBOSE + SHOW_CERT_ONLY)) -eq 0 ] && return 0
if [ "$1" = "1" ] if [ "$1" = "1" ]
then then
print "|| ============================================================================" print "|| ============================================================================"
@ -169,7 +170,7 @@ setup ()
vverbose "Setup" vverbose "Setup"
cd "$WORK_DIR" || die "cd $WORK_DIR" cd "$WORK_DIR" || die "cd $WORK_DIR"
[ $((VVERBOSE)) -eq 1 ] && print "|| :: Working dir: $WORK_DIR" [ $((VVERBOSE)) -eq 1 ] && print "|| ++ Working dir: $WORK_DIR"
destroy_data destroy_data
@ -210,6 +211,8 @@ setup ()
else else
vdisabled "$STAGE_NAME" vdisabled "$STAGE_NAME"
fi fi
completed "Setup"
} }
destroy_data () destroy_data ()
@ -297,9 +300,9 @@ create_req ()
restore_req () restore_req ()
{ {
STEP_NAME="Restore sample requests" STEP_NAME="Restore sample requests"
vverbose "$STEP_NAME"
rm -rf "$TEMP_DIR/pki-req" rm -rf "$TEMP_DIR/pki-req"
cp -Rf "$TEMP_DIR/pki-bkp" "$TEMP_DIR/pki-req" >/dev/null 2>&1 || die "$STEP_NAME" cp -Rf "$TEMP_DIR/pki-bkp" "$TEMP_DIR/pki-req" >/dev/null 2>&1 || die "$STEP_NAME"
vcompleted "$STEP_NAME"
} }
move_ca () move_ca ()
@ -318,7 +321,8 @@ move_ca ()
action () action ()
{ {
if [ $((ERSA_OUT)) -eq 1 ] vverbose "$STEP_NAME"
if [ $((ERSA_OUT)) -eq 1 ] || [ $((SHOW_CERT_ONLY)) -eq 1 ]
then then
newline newline
# shellcheck disable=SC2086 # shellcheck disable=SC2086
@ -333,7 +337,6 @@ action ()
init_pki () init_pki ()
{ {
STEP_NAME="init-pki" STEP_NAME="init-pki"
vverbose "$STEP_NAME"
action action
} }
@ -341,7 +344,6 @@ build_ca ()
{ {
STEP_NAME="build-ca nopass" STEP_NAME="build-ca nopass"
export EASYRSA_REQ_CN="penelope" export EASYRSA_REQ_CN="penelope"
vverbose "$STEP_NAME"
action action
unset EASYRSA_REQ_CN unset EASYRSA_REQ_CN
} }
@ -349,19 +351,16 @@ build_ca ()
show_ca () show_ca ()
{ {
STEP_NAME="show-ca" STEP_NAME="show-ca"
vverbose "$STEP_NAME" [ $((SHOW_CERT)) -eq 1 ] && SHOW_CERT_ONLY=1
SAVE_VERB="$VERBOSE"
VERBOSE=0
action action
newline newline
VERBOSE="$SAVE_VERB" unset SHOW_CERT_ONLY
} }
build_full () build_full ()
{ {
newline 1 newline 1
STEP_NAME="build-$REQ_type-full $REQ_name nopass" STEP_NAME="build-$REQ_type-full $REQ_name nopass"
vverbose "$STEP_NAME"
action action
secure_key secure_key
} }
@ -370,7 +369,6 @@ build_san_full ()
{ {
newline 1 newline 1
STEP_NAME="--subject-alt-name=IP:0.0.0.0 build-server-full $REQ_name nopass" STEP_NAME="--subject-alt-name=IP:0.0.0.0 build-server-full $REQ_name nopass"
vverbose "$STEP_NAME"
action action
secure_key secure_key
} }
@ -389,7 +387,6 @@ import_req ()
export EASYRSA_BATCH=0 export EASYRSA_BATCH=0
newline 1 newline 1
STEP_NAME="import-req $REQ_file $REQ_name" STEP_NAME="import-req $REQ_file $REQ_name"
vverbose "$STEP_NAME"
action action
export EASYRSA_BATCH=1 export EASYRSA_BATCH=1
} }
@ -398,19 +395,16 @@ sign_req ()
{ {
newline 1 newline 1
STEP_NAME="sign-req $REQ_type $REQ_name nopass" STEP_NAME="sign-req $REQ_type $REQ_name nopass"
vverbose "$STEP_NAME"
action action
} }
show_cert () show_cert ()
{ {
STEP_NAME="show-cert $REQ_name" STEP_NAME="show-cert $REQ_name"
vverbose "$STEP_NAME" [ $((SHOW_CERT)) -eq 1 ] && SHOW_CERT_ONLY=1
SAVE_VERB="$VERBOSE"
VERBOSE=0
action action
VERBOSE="$SAVE_VERB"
newline newline
unset SHOW_CERT_ONLY
} }
renew_cert () renew_cert ()
@ -420,7 +414,6 @@ renew_cert ()
return 0 return 0
STEP_NAME="renew $REQ_name nopass" STEP_NAME="renew $REQ_name nopass"
vverbose "$STEP_NAME"
action action
} }
@ -437,7 +430,6 @@ gen_crl ()
{ {
newline 1 newline 1
STEP_NAME="gen-crl" STEP_NAME="gen-crl"
vverbose "$STEP_NAME"
action action
CAT_THIS="$EASYRSA_PKI/crl.pem" CAT_THIS="$EASYRSA_PKI/crl.pem"
cat_file cat_file