Commit c7732f6e authored by ssrq's avatar ssrq Committed by ssrq

[type/__easy_rsa_ca] Simplify state explorer (only check for build-ca files)

parent fc4d0f4b
#!/bin/sh -e
# Return "present" if the CA is present, "absent" otherwise.
dir=$(cat "${__object:?}/parameter/dir")
test -d "${dir}" || {
echo 'absent'
exit 0
}
result='absent'
for dir in issued certs_by_serial
do
if [ -d "${dir}/pki/${dir}" ]
then
result='present'
fi
done
for file in serial index.txt index.txt.attr ca.crt private/ca.key
do
if [ -f "${dir}/pki/${file}" ]
then
result='present'
fi
done
echo "${result}"
#!/bin/sh -e
# Return "absent" if no folder 'pki' is present, "present" otherwise.
# TODO could something of this be deduplicated with the __easy_rsa_pki type?
base_dir=$(cat "${__object:?}/parameter/dir")
pki_dir="${base_dir}/pki"
# Do we even have a `pki`-directory?
if [ ! -d "${pki_dir}" ]; then
echo "absent"
exit 0
fi
# pki-folder is present, check if everything is all right
expected_folders="private reqs"
for folder in ${expected_folders}; do
dir="${pki_dir}/${folder}"
if [ ! -d "${dir}" ]; then
echo "Missing ${dir}" >&2
exit 1
fi
done
# Check for openssl config file
openssl_easyrsa_conf_file="${pki_dir}/openssl-easyrsa.cnf"
if [ ! -f "${openssl_easyrsa_conf_file}" ]; then
echo "Missing ${openssl_easyrsa_conf_file}" >&2
exit 1
fi
# Nothing wrong found, return "present"
echo "present"
#!/bin/sh -e
#
# Prints the current state of the CA:
# - "present" if the CA is present;
# - "absent" if the PKI is initialised but the CA has not been created;
# - "no-pki" if the PKI directory is missing.
#
base_dir=$(cat "${__object:?}/parameter/dir")
pki_dir="${base_dir}/pki"
# Check if PKI is present
test -f "${base_dir}/vars" && test -d "${pki_dir}"|| {
echo 'no-pki'
exit 0
}
# Check directories and files created by build-ca
for dir in issued certs_by_serial
do
test -d "${pki_dir}/${dir}" || {
echo 'absent'
exit 0
}
done
for file in serial index.txt index.txt.attr ca.crt private/ca.key
do
test -f "${pki_dir}/${file}" || {
echo 'absent'
exit 0
}
done
echo 'present'
......@@ -52,8 +52,8 @@ fi
command_to_execute="${easyrsa_executable} --batch --req-cn=\"${common_name}\" ${digest_parameter} build-ca nopass"
ca_state=$(cat "${__object:?}/explorer/ca-presence")
if [ "${ca_state}" = 'absent' ]
state_is=$(cat "${__object:?}/explorer/state")
if [ "${state_is}" = 'absent' ]
then
echo "cd ${base_dir}"
echo "${command_to_execute}"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment