diff options
| author | Jan Pokorný <jpokorny@redhat.com> | 2013-04-11 15:59:33 +0200 |
|---|---|---|
| committer | Jan Pokorný <jpokorny@redhat.com> | 2013-04-11 15:59:33 +0200 |
| commit | 9068da6ae0347aac9fee97220a15388e76ef5691 (patch) | |
| tree | 7e9cb029ce7d0599af6dcdc669012b5f2f2654d0 /scripts/certs | |
| parent | 2f06a5c56d00a8f460c241a072a983488de5345b (diff) | |
| download | dotfiles-9068da6ae0347aac9fee97220a15388e76ef5691.tar.gz dotfiles-9068da6ae0347aac9fee97220a15388e76ef5691.tar.xz dotfiles-9068da6ae0347aac9fee97220a15388e76ef5691.zip | |
Scipts/cert-import: utilize cert-check to do actual import
Currently supported:
- homebundle (home dir analogy to /etc/pki/tls/certs...)
- Firefox
- mutt (~/.mutt_certificates seems to be default in mutt-kz.git
distribution)
Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
Diffstat (limited to 'scripts/certs')
| -rwxr-xr-x | scripts/certs/cert-import | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/scripts/certs/cert-import b/scripts/certs/cert-import new file mode 100755 index 0000000..ecf8b76 --- /dev/null +++ b/scripts/certs/cert-import @@ -0,0 +1,69 @@ +#!/bin/bash + +# extension on top of cert-check to conveniently install certificate +# +# jpokorny@redhat.com +# +# TODO: fix exit code + +set -u +set +e + +source cert-check + +MUTT_CERTIFICATES=~/.mutt_certificates + +cert_import_homebundle() { + [ "$1" != "1" ] && return + echo "Adding to homebundle" >&2 + mkdir -p "$(dirname ${HOMEBUNDLE})" + cat >>${HOMEBUNDLE} +} + +cert_import_mutt() { + [ "$1" != "1" ] && return + echo "Adding to mutt" >&2 + mkdir -p "$(dirname ${MUTT_CERTIFICATES})" + cat >>${MUTT_CERTIFICATES} +} + +cert_import_firefox() { + # XXX: stdin is consumed in the first profile found + # XXX: explore certificate to get a proper name (-n) for it + [ "$1" != "1" ] && return + echo "Adding to firefox" >&2 + for d in $(find ~/.mozilla/firefox/ -maxdepth 1 -mindepth 1 -type d); do + grep -qs $(basename $d) ~/.mozilla/firefox/profiles.ini \ + && certutil -A -n "cert-import:$(date +'%y%m%d%H%M%S')" -t C,p,p -d $d \ + && break + done < <(cat) +} + +cert_import() { + local homebundle=0 firefox=0 mutt=0 crl=1 + while true; do + case $1 in + homebundle) homebundle=1;; + firefox) firefox=1;; + mutt) mutt=1;; + all) homebundle=1; firefox=1; mutt=1;; + --) ;; + *) break;; + esac + shift + done + [ "$1" = "-nocrl" ] && shift && crl=0 + ( + (cert_pick "$@" | cert_check $crl) \ + | tee >( openssl x509 \ + | tee >(cert_import_homebundle $homebundle) \ + | tee >(cert_import_firefox $firefox) \ + | cert_import_mutt $mutt ) + ) |& colorize 1 +} + + +[[ "${BASH_SOURCE[0]}" != "${0}" ]] || \ + [ $# -lt 1 ] \ + && echo "usage: $0 (homebundle|mutt|firefox|all)* [-nocrl] file-or-server [port=443]" \ + || ( cert_import "$@" && set +u || ( ret=$?; set +u; pseudo_return $ret )) |