diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2002-03-29 17:34:14 +0000 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2002-03-29 17:34:14 +0000 |
| commit | b0fd6377d29c799ec94eebac11adf1794f4a0e69 (patch) | |
| tree | bf3397c7101266fd95341777e2033b12779119c5 /localmksslcerts | |
| parent | 9cbd0fb2d84f4724bc7acec00f5a1a8674dc1e60 (diff) | |
Improve parameter parsing and remove short options requiring a parameter.
Diffstat (limited to 'localmksslcerts')
| -rwxr-xr-x | localmksslcerts | 42 |
1 files changed, 22 insertions, 20 deletions
diff --git a/localmksslcerts b/localmksslcerts index 2c03cb5..785de3f 100755 --- a/localmksslcerts +++ b/localmksslcerts @@ -3,7 +3,7 @@ # /usr/local/sbin/localmkmailcerts # Copyright 2001-2002 Jonas Smedegaard <dr@jones.dk> # -# $Id: localmksslcerts,v 1.2 2002-03-29 01:11:20 jonas Exp $ +# $Id: localmksslcerts,v 1.3 2002-03-29 17:34:14 jonas Exp $ # # Generate certificates for mail servers # Based on uw-imapd-ssl post-install script @@ -16,14 +16,13 @@ usage() { echo "$prg, $copyright Usage: $prg --fqdn <FQDN> [--issuer <issuer>] --daemon <daemon> [...] [--force] - or: $prg -d <daemon> [-d <daemon>...] [-i <issuer>] [-f] <FQDN> or: $prg <FQDN> <daemon> [<daemon>...] [-f] Options: - -h, --fqdn Fully Qualified Domain Name for this host. - -d, --daemon Daemon(s) in need for a certificate + --fqdn Fully Qualified Domain Name for this host. + --daemon Daemon(s) in need for a certificate (separate certificate is generated for each daemon) - -i, --issuer Email address of the person responsible for the certificate + --issuer Email address of the person responsible for the certificate -f, --force Force overwriting existing certificate -h, --help This help text @@ -45,33 +44,38 @@ issuer='' force='' args='' while [ $# -gt 0 ]; do + doubleshift='' case $1 in - --fqdn) fqdn="$2"; shift;; - --daemon|-d) daemons="$daemons$2 "; shift;; - --issuer|-i) issuer="$2";; + --fqdn) fqdn="$2"; doubleshift=1;; + --daemon) daemons="$daemons$2 "; doubleshift=1;; + --issuer) issuer="$2"; doubleshift=1;; --force|-f) force=1;; -*) usage;; *) args="$args$1 ";; esac + if [ -z "$doubleshift" -a $# -gt 1 ]; then + shift + else + echo "Missing parameter for option \"$1\"!" + usage + fi shift done set -- $args -if [ -z $issuer ]; then +if [ -z "$issuer" ]; then DOMAINNAME=`hostname -d` ISSUER="postmaster@$DOMAINNAME" fi -if [ -z $fqdn ]; then +if [ -z "$fqdn" -a $# -gt 0 ]; then fqdn=$1 shift -fi -set -- $daemons $args - -if [ $# -lt 1 ]; then +else echo "Too few parameters!" usage fi +set -- $daemons $args cd /etc/ssl/certs for daemon in $@; do @@ -83,9 +87,8 @@ for daemon in $@; do echo "You already have /etc/ssl/certs/$daemon.pem - exiting...!" exit 1 fi - else - echo -n "Generating $daemon certificate..." - openssl req -new -x509 -nodes -out $daemon.pem -keyout $daemon.pem -days $DAYS2EXPIRE > /dev/null 2>&1 <<+ + echo -n "Generating $daemon certificate..." + openssl req -new -x509 -nodes -out $daemon.pem -keyout $daemon.pem -days $DAYS2EXPIRE > /dev/null 2>&1 <<+ $COUNTRY $STATE $LOCALITY @@ -94,9 +97,8 @@ $fqdn $fqdn $issuer + - ln -sf $daemon.pem `openssl x509 -noout -hash < $daemon.pem`.0 - echo "Done!" - fi + ln -sf $daemon.pem `openssl x509 -noout -hash < $daemon.pem`.0 + echo "Done!" chown root.root /etc/ssl/certs/$daemon.pem chmod 0640 /etc/ssl/certs/$daemon.pem |