Commit 4429a377 authored by ssrq's avatar ssrq Committed by ssrq

[type/__easy_rsa_pki] Simplify state explorer

parent b3fb6879
#!/bin/sh -e
# Return "present" if a pki-folder is found, "absent" otherwise.
directory="/${__object_id:?}"
full_dir="${directory}/pki"
# Do we have a clean slate?
if [ ! -d ${full_dir} ]; then
echo "absent"
exit 0
fi
# pki-folder is present, check if everything is all right
expected_folders="private reqs"
for folder in ${expected_folders}; do
dir="${full_dir}/${folder}"
if [ ! -d "${dir}" ]; then
echo "Missing ${dir}" >&2
exit 1
fi
done
# Check for openssl config file
openssl_easyrsa_conf_file="${full_dir}/openssl-easyrsa.cnf"
if [ ! -f "${openssl_easyrsa_conf_file}" ]; then
echo "Missing ${openssl_easyrsa_conf_file}" >&2
exit 1
fi
# Nothing wrong found, return "present"
echo "present"
#!/bin/sh -e
#
# Return "present" if a PKI folder is found and looks reasonable,
# "absent" otherwise.
#
dir="/${__object_id:?}"
if test -d "${dir}"
then
for exp in vars openssl-easyrsa.cnf
do
test -f "${dir}/${exp}" || {
echo 'suspicious'
exit 0
}
done
# Check pki subdirectory
for exp in private reqs
do
test -d "${dir}/pki/${exp}" || {
echo 'suspicious'
exit 0
}
done
echo 'present'
else
echo "absent"
fi
......@@ -37,10 +37,18 @@ in
;;
esac
state_is=$(cat "${__object:?}/explorer/pki-presence")
dir="/${__object_id:?}"
vars_file="${dir}/vars"
state_is=$(cat "${__object:?}/explorer/state")
if test "${state_is}" = 'suspicious'
then
printf "Directory %s exists, but doesn't look like a valid PKI.\n" "${dir}" >&2
printf 'Please clean it up manually and try again.\n'
exit 1
fi
pki_dir="/${__object_id:?}"
vars_file="${pki_dir}/vars"
# Check validity of the supplied parameters
# shellcheck source=/dev/null
......@@ -50,11 +58,10 @@ check_parameter_validity_digest
check_parameter_validity_usealgo
check_parameter_validity_dnmode
# Generate a new PKI if necessary
if test "${state_is}" = 'absent'
then
echo "cd ${pki_dir}"
echo "cd ${dir}"
echo "${easyrsa_executable} init-pki"
# explicit vars file is better than implicit default vars
echo "cp /usr/share/easy-rsa/vars.example ${vars_file}"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment