diff options
author | Simon Rettberg | 2021-05-27 17:15:36 +0200 |
---|---|---|
committer | Simon Rettberg | 2021-05-27 17:15:36 +0200 |
commit | b326c47857f51aba9b3660d81e82940589040212 (patch) | |
tree | 5bd89eadb414802b9a4aa6b2ab66f1fc7d7905b2 /satellit_installer/static_files/lighttpd | |
parent | [SSPS] Turn lists into sorted one-per-line lists (diff) | |
download | setup-scripts-b326c47857f51aba9b3660d81e82940589040212.tar.gz setup-scripts-b326c47857f51aba9b3660d81e82940589040212.tar.xz setup-scripts-b326c47857f51aba9b3660d81e82940589040212.zip |
[SSPS] slx-cert: Don't mess everything up if process gets interruptedv3.10
Diffstat (limited to 'satellit_installer/static_files/lighttpd')
-rwxr-xr-x | satellit_installer/static_files/lighttpd/opt/openslx/slx-cert | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert b/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert index 3f5cc3e..109a6c1 100755 --- a/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert +++ b/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert @@ -88,11 +88,14 @@ create_conf () { ca_last= for i in "${PRIV}"/ca-??????????.key; do - [ -f "$i" ] || continue + [ -s "$i" ] || continue get_ts "$i" - if ! [ -f "${CERT}/ca-${ts}.crt" ] || (( ts < NOW )); then + if ! [ -s "${CERT}/ca-${ts}.crt" ] \ + || ! [ -s "${CERT}/intermediate-${ts}.crt" ] \ + || ! [ -s "${PRIV}/intermediate.key" ] \ + || (( ts < NOW )); then # Missing cert, or expired -> delete - rm -f -- "${CERT}/ca-${ts}.crt" "${PRIV}/ca-${ts}.key" + rm -f -- "${CERT}/ca-${ts}.crt" "${PRIV}/ca-${ts}.key" "${CERT}/intermediate-${ts}.crt" continue fi ca_last="$ts" @@ -111,7 +114,7 @@ if [ -z "$ca_last" ] || (( NOW + ca_min_remain_s > ca_last )); then csr="$( mktemp /tmp/bwlp-XXXXXXX.csr )" # Create request, CA:TRUE echo "Generate intermediate key+CSR..." - [ -f "${PRIV}/intermediate.key" ] || openssl genrsa -out "${PRIV}/intermediate.key" 4096 + [ -s "${PRIV}/intermediate.key" ] || openssl genrsa -out "${PRIV}/intermediate.key" 4096 openssl req -new -key "${PRIV}/intermediate.key" \ -nodes -subj "/C=DE/ST=PewPew/L=HeyHey/O=bwLehrpool/CN=intermediate.bwlehrpool" \ -out "$csr" || exit 2 @@ -147,9 +150,9 @@ fi declare -a srv_list srv_list=() for i in "${PRIV}"/srv-??????????.key; do - [ -f "$i" ] || continue + [ -s "$i" ] || continue get_ts "$i" - if (( ts < NOW )) || ! [ -f "${CERT}/srv-${ts}.crt" ]; then + if (( ts < NOW )) || ! [ -s "${CERT}/srv-${ts}.crt" ]; then rm -f -- "$i" "${CERT}/srv-${ts}.crt" continue fi @@ -168,7 +171,7 @@ if [ -n "$mknew" ] || [ "${#srv_list[@]}" = 0 ] \ declare -a in_list in_list=() for i in "${CERT}"/intermediate-??????????.crt; do - [ -f "$i" ] || continue + [ -s "$i" ] || continue get_ts "$i" if (( ts < NOW )); then echo "Expired intermediate $i" |