diff options
Diffstat (limited to 'ekusub.sh')
| -rwxr-xr-x | ekusub.sh | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/ekusub.sh b/ekusub.sh new file mode 100755 index 0000000..bf1546d --- /dev/null +++ b/ekusub.sh @@ -0,0 +1,32 @@ +#!/bin/bash +# Dynamically substitutes extendedKeyUsage in usr_cert in an openssl config file +# ./ekusub.sh "clientAuth, serverAuth" +#requires bash 4.0 regexes + +set -e +[ -n "$1" ] || cat # pass through + +IFS=$'\n' +CA_STANZA=0 +EKU_MODIFIED=0 +while read line; do + if [[ "$line" =~ ^\ *\[\ *usr_cert\ *\] ]]; then + CA_STANZA=1 + echo "$line" + elif [ $CA_STANZA == 1 ] && [[ "$line" =~ ^\ *extendedKeyUsage\ *= ]]; then + echo -n "$line" + echo ", $1" + EKU_MODIFIED=1 + elif [ $CA_STANZA == 1 ] && [[ "$line" =~ ^\ *\[\ .+\ \] ]]; then + if [ $EKU_MODIFIED == 0 ]; then + echo "extendedKeyUsage = $1" + echo + EKU_MODIFIED=1 + fi + CA_STANZA=0 + echo "$line" + else + echo "$line" + fi + +done |