Fix batch-mode handling with changes in e75ad75
The --batch CLI arg now takes no options and enables batch-mode when present. init-pki no longer takes a 'force' value which did the same as --batch. Signed-off-by: Josh Cepek <josh.cepek@usa.net>
This commit is contained in:
Josh Cepek
parent
e75ad75421
commit
c86289ba17
@ -110,3 +110,5 @@ possible terse description is shown below:
|
||||
mode
|
||||
* `EASYRSA_DIGEST` (CLI: `--digest`) - set a hash diget to use for req/cert
|
||||
signing
|
||||
* `EASYRSA_BATCH` (CLI: `--batch`) - enable batch (no-prompt) mode; set
|
||||
env-var to non-zero string to enable (CLI takes no options)
|
||||
|
||||
@ -25,7 +25,7 @@ For a listing of options that can be supplied before the command, use:
|
||||
Here is the list of commands available with a short syntax reminder. Use the
|
||||
'help' command above to get full usage details.
|
||||
|
||||
init-pki [ cmd-opts ]
|
||||
init-pki
|
||||
build-ca [ cmd-opts ]
|
||||
gen-dh
|
||||
gen-req <filename_base> [ cmd-opts ]
|
||||
@ -60,9 +60,7 @@ cmd_help() {
|
||||
case "$1" in
|
||||
init-pki|clean-all) text="
|
||||
init-pki [ cmd-opts ]
|
||||
Removes & re-initializes the PKI dir for a clean PKI"
|
||||
opts="
|
||||
force - do not prompt when removing existing files" ;;
|
||||
Removes & re-initializes the PKI dir for a clean PKI" ;;
|
||||
build-ca) text="
|
||||
build-ca [ cmd-opts ]
|
||||
Creates a new CA"
|
||||
@ -175,7 +173,7 @@ non-empty values to options are mandatory.
|
||||
|
||||
General options:
|
||||
|
||||
--batch=# : set automatic (no-prompts when possible) mode; must be 0 or 1
|
||||
--batch : set automatic (no-prompts when possible) mode
|
||||
--pki-dir=DIR : declares the PKI directory
|
||||
--vars=FILE : define a specific 'vars' file to use for Easy-RSA config
|
||||
|
||||
@ -213,7 +211,7 @@ Deprecated features:
|
||||
print() { printf "%s\n" "$*"; }
|
||||
|
||||
# Exit fatally with a message to stderr
|
||||
# present even with EASYRSA_BATCH=1 as these are fatal problems
|
||||
# present even with EASYRSA_BATCH as these are fatal problems
|
||||
die() {
|
||||
print "
|
||||
Easy-RSA error:
|
||||
@ -362,20 +360,11 @@ $help_note"
|
||||
|
||||
# init-pki backend:
|
||||
init_pki() {
|
||||
[ $EASYRSA_BATCH ] && opt_force=1
|
||||
while [ -n "$1" ]; do
|
||||
case "$1" in
|
||||
force) opt_force=1 ;;
|
||||
*) warn "Ignoring unknown command option: '$1'" ;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
vars_source_check
|
||||
|
||||
# If EASYRSA_PKI exists, confirm before we rm -rf (skipped when forced)
|
||||
# If EASYRSA_PKI exists, confirm before we rm -rf (skiped with EASYRSA_BATCH)
|
||||
if [ -e "$EASYRSA_PKI" ]; then
|
||||
[ !$opt_force ] && confirm "Confirm removal: " "yes" "
|
||||
confirm "Confirm removal: " "yes" "
|
||||
WARNING!!!
|
||||
|
||||
You are about to remove the EASYRSA_PKI at: $EASYRSA_PKI
|
||||
@ -1012,7 +1001,7 @@ while :; do
|
||||
# Separate option from value:
|
||||
opt="${1%%=*}"
|
||||
val="${1#*=}"
|
||||
empty_ok=0 # Empty values are not allowed unless excepted
|
||||
empty_ok= # Empty values are not allowed unless excepted
|
||||
|
||||
case "$opt" in
|
||||
--days)
|
||||
@ -1058,7 +1047,8 @@ while :; do
|
||||
empty_ok=1
|
||||
export EASYRSA_NS_COMMENT="$val" ;;
|
||||
--batch)
|
||||
export EASYRSA_BATCH="$val" ;;
|
||||
empty_ok=1
|
||||
export EASYRSA_BATCH=1 ;;
|
||||
--subca-len)
|
||||
export EASYRSA_SUBCA_LEN="$val" ;;
|
||||
--vars)
|
||||
@ -1072,7 +1062,7 @@ subjectAltName = $val" ;;
|
||||
esac
|
||||
|
||||
# fatal error when no value was provided
|
||||
if [ "$val" = "$1" ] || { [ $empty_ok = 0 ] && [ -z "$val" ]; }; then
|
||||
if [ ! $empty_ok ] && { [ "$val" = "$1" ] || [ -z "$val" ]; }; then
|
||||
die "Missing value to option: $opt"
|
||||
fi
|
||||
|
||||
@ -1082,14 +1072,6 @@ done
|
||||
# Intelligent env-var detection and auto-loading:
|
||||
vars_setup
|
||||
|
||||
# EASYRSA_BATCH must be defined or numeric tests will fail.
|
||||
[ -n "$EASYRSA_BATCH" ] || EASYRSA_BATCH=0
|
||||
# Fix & warn user if defined value is not 0 or 1.
|
||||
[ "$EASYRSA_BATCH" = 1 ] || [ "$EASYRSA_BATCH" = 0 ] || {
|
||||
EASYRSA_BATCH=0
|
||||
warn "Invalid 'EASYRSA_BATCH' var has been defined to 0. Bad value was: '$EASYRSA_BATCH'"
|
||||
}
|
||||
|
||||
# determine how we were called, then hand off to the function responsible
|
||||
cmd="$1"
|
||||
[ -n "$1" ] && shift # scrape off command
|
||||
|
||||
@ -191,9 +191,9 @@ fi
|
||||
|
||||
#set_var EASYRSA_DIGEST "sha256"
|
||||
|
||||
# Batch mode. Leave this disabled (set to 0) unless you intend to call Easy-RSA
|
||||
# explicitly in batch mode without any user input, confirmation on dangerous
|
||||
# operations, or most output.
|
||||
# Batch mode. Leave this disabled unless you intend to call Easy-RSA explicitly
|
||||
# in batch mode without any user input, confirmation on dangerous operations,
|
||||
# or most output. Setting this to any non-blank string enables batch mode.
|
||||
|
||||
#set_var EASYRSA_BATCH 0
|
||||
#set_var EASYRSA_BATCH ""
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user