diff options
author | U-Z690-A\user <jrayhawk@omgwallhack.org> | 2022-06-28 18:55:37 -0700 |
---|---|---|
committer | U-Z690-A\user <jrayhawk@omgwallhack.org> | 2022-06-28 18:55:37 -0700 |
commit | 40e0db376ea51384fc2dbb7feb86d6d83408fe9f (patch) | |
tree | 72a612d9520ff3bc7b530cf8585aa00eadf299ae | |
parent | 537cb1c3cf10ba3552b03c43fb053bde9cca2440 (diff) | |
download | cash-40e0db376ea51384fc2dbb7feb86d6d83408fe9f.tar.gz cash-40e0db376ea51384fc2dbb7feb86d6d83408fe9f.zip |
ekusub.sh: new extended key usage configuration substitution script
Needed to support previous commit.
-rwxr-xr-x | ekusub.sh | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/ekusub.sh b/ekusub.sh new file mode 100755 index 0000000..bf1546d --- /dev/null +++ b/ekusub.sh @@ -0,0 +1,32 @@ +#!/bin/bash +# Dynamically substitutes extendedKeyUsage in usr_cert in an openssl config file +# ./ekusub.sh "clientAuth, serverAuth" +#requires bash 4.0 regexes + +set -e +[ -n "$1" ] || cat # pass through + +IFS=$'\n' +CA_STANZA=0 +EKU_MODIFIED=0 +while read line; do + if [[ "$line" =~ ^\ *\[\ *usr_cert\ *\] ]]; then + CA_STANZA=1 + echo "$line" + elif [ $CA_STANZA == 1 ] && [[ "$line" =~ ^\ *extendedKeyUsage\ *= ]]; then + echo -n "$line" + echo ", $1" + EKU_MODIFIED=1 + elif [ $CA_STANZA == 1 ] && [[ "$line" =~ ^\ *\[\ .+\ \] ]]; then + if [ $EKU_MODIFIED == 0 ]; then + echo "extendedKeyUsage = $1" + echo + EKU_MODIFIED=1 + fi + CA_STANZA=0 + echo "$line" + else + echo "$line" + fi + +done |