From b0fd6377d29c799ec94eebac11adf1794f4a0e69 Mon Sep 17 00:00:00 2001 From: Jonas Smedegaard Date: Fri, 29 Mar 2002 17:34:14 +0000 Subject: Improve parameter parsing and remove short options requiring a parameter. --- localmksslcerts | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) (limited to 'localmksslcerts') diff --git a/localmksslcerts b/localmksslcerts index 2c03cb5..785de3f 100755 --- a/localmksslcerts +++ b/localmksslcerts @@ -3,7 +3,7 @@ # /usr/local/sbin/localmkmailcerts # Copyright 2001-2002 Jonas Smedegaard # -# $Id: localmksslcerts,v 1.2 2002-03-29 01:11:20 jonas Exp $ +# $Id: localmksslcerts,v 1.3 2002-03-29 17:34:14 jonas Exp $ # # Generate certificates for mail servers # Based on uw-imapd-ssl post-install script @@ -16,14 +16,13 @@ usage() { echo "$prg, $copyright Usage: $prg --fqdn [--issuer ] --daemon [...] [--force] - or: $prg -d [-d ...] [-i ] [-f] or: $prg [...] [-f] Options: - -h, --fqdn Fully Qualified Domain Name for this host. - -d, --daemon Daemon(s) in need for a certificate + --fqdn Fully Qualified Domain Name for this host. + --daemon Daemon(s) in need for a certificate (separate certificate is generated for each daemon) - -i, --issuer Email address of the person responsible for the certificate + --issuer Email address of the person responsible for the certificate -f, --force Force overwriting existing certificate -h, --help This help text @@ -45,33 +44,38 @@ issuer='' force='' args='' while [ $# -gt 0 ]; do + doubleshift='' case $1 in - --fqdn) fqdn="$2"; shift;; - --daemon|-d) daemons="$daemons$2 "; shift;; - --issuer|-i) issuer="$2";; + --fqdn) fqdn="$2"; doubleshift=1;; + --daemon) daemons="$daemons$2 "; doubleshift=1;; + --issuer) issuer="$2"; doubleshift=1;; --force|-f) force=1;; -*) usage;; *) args="$args$1 ";; esac + if [ -z "$doubleshift" -a $# -gt 1 ]; then + shift + else + echo "Missing parameter for option \"$1\"!" + usage + fi shift done set -- $args -if [ -z $issuer ]; then +if [ -z "$issuer" ]; then DOMAINNAME=`hostname -d` ISSUER="postmaster@$DOMAINNAME" fi -if [ -z $fqdn ]; then +if [ -z "$fqdn" -a $# -gt 0 ]; then fqdn=$1 shift -fi -set -- $daemons $args - -if [ $# -lt 1 ]; then +else echo "Too few parameters!" usage fi +set -- $daemons $args cd /etc/ssl/certs for daemon in $@; do @@ -83,9 +87,8 @@ for daemon in $@; do echo "You already have /etc/ssl/certs/$daemon.pem - exiting...!" exit 1 fi - else - echo -n "Generating $daemon certificate..." - openssl req -new -x509 -nodes -out $daemon.pem -keyout $daemon.pem -days $DAYS2EXPIRE > /dev/null 2>&1 <<+ + echo -n "Generating $daemon certificate..." + openssl req -new -x509 -nodes -out $daemon.pem -keyout $daemon.pem -days $DAYS2EXPIRE > /dev/null 2>&1 <<+ $COUNTRY $STATE $LOCALITY @@ -94,9 +97,8 @@ $fqdn $fqdn $issuer + - ln -sf $daemon.pem `openssl x509 -noout -hash < $daemon.pem`.0 - echo "Done!" - fi + ln -sf $daemon.pem `openssl x509 -noout -hash < $daemon.pem`.0 + echo "Done!" chown root.root /etc/ssl/certs/$daemon.pem chmod 0640 /etc/ssl/certs/$daemon.pem -- cgit v1.2.3