free
/
freedomboneeee
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Tidying

This commit is contained in:
Bob Mottram 2016-04-23 10:04:13 +01:00
parent 986e04bd20
commit 6ef3b25862
1 changed files with 76 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

152
src/freedombone-dhparam
View File

@ -131,105 +131,105 @@ aDWQRvTrh5+SQAlDi0gcbNeImgAu1e44K8kZDab8Am5HlVjkR1Z36aqeMFDidlaU
'
function show_help {
echo ''
echo $"${PROJECT_NAME}-dhparam -h [hostname] -l [length in bits] --recalc [yes|no] --fast [yes|no]"
echo ''
exit 0
echo ''
echo $"${PROJECT_NAME}-dhparam -h [hostname] -l [length in bits] --recalc [yes|no] --fast [yes|no]"
echo ''
exit 0
}
function calc_dh {
if [[ $FAST == 'yes' ]]; then
DHGROUP=$(( ( RANDOM % 4 ) + 14 ))
if [[ ${DHGROUP} == 14 ]]; then
echo "$BETTERCRYPTO_GROUP14" > ${1}
else
if [[ ${DHGROUP} == 15 ]]; then
echo "$BETTERCRYPTO_GROUP15" > ${1}
else
if [[ ${DHGROUP} == 16 ]]; then
echo "$BETTERCRYPTO_GROUP16" > ${1}
else
if [[ ${DHGROUP} == 17 ]]; then
echo "$BETTERCRYPTO_GROUP17" > ${1}
else
echo "$BETTERCRYPTO_GROUP18" > ${1}
fi
fi
fi
fi
else
openssl dhparam -check -text $KEYLENGTH -out ${1}
if [ ! "$?" = "0" ]; then
exit 3674
fi
fi
chmod 640 ${1}
if [[ $FAST == 'yes' ]]; then
DHGROUP=$(( ( RANDOM % 4 ) + 14 ))
if [[ ${DHGROUP} == 14 ]]; then
echo "$BETTERCRYPTO_GROUP14" > ${1}
else
if [[ ${DHGROUP} == 15 ]]; then
echo "$BETTERCRYPTO_GROUP15" > ${1}
else
if [[ ${DHGROUP} == 16 ]]; then
echo "$BETTERCRYPTO_GROUP16" > ${1}
else
if [[ ${DHGROUP} == 17 ]]; then
echo "$BETTERCRYPTO_GROUP17" > ${1}
else
echo "$BETTERCRYPTO_GROUP18" > ${1}
fi
fi
fi
fi
else
openssl dhparam -check -text $KEYLENGTH -out ${1}
if [ ! "$?" = "0" ]; then
exit 3674
fi
fi
chmod 640 ${1}
}
function regenerate_dh_keys {
for file in /etc/ssl/mycerts/*
do
if [[ -f $file ]]; then
filename=/etc/ssl/certs/$(echo $file | awk -F '/etc/ssl/mycerts/' '{print $2}' | awk -F '.crt' '{print $1}').dhparam
if [ -f $filename ]; then
calc_dh $filename
echo $"Recalculated DH params for $filename"
fi
fi
done
for file in /etc/ssl/mycerts/*
do
if [[ -f $file ]]; then
filename=/etc/ssl/certs/$(echo $file | awk -F '/etc/ssl/mycerts/' '{print $2}' | awk -F '.crt' '{print $1}').dhparam
if [ -f $filename ]; then
calc_dh $filename
echo $"Recalculated DH params for $filename"
fi
fi
done
}
while [[ $# > 1 ]]
do
key="$1"
key="$1"
case $key in
--help)
show_help
;;
-h|--hostname)
shift
HOSTNAME="$1"
;;
-l|--dhkey)
shift
KEYLENGTH=${1}
;;
--recalc)
shift
RECALCULATE=${1}
;;
--fast)
shift
if [[ ${1} == $"yes" || ${1} == $"y" ]]; then
FAST='yes'
fi
;;
*)
# unknown option
;;
esac
shift
case $key in
--help)
show_help
;;
-h|--hostname)
shift
HOSTNAME="$1"
;;
-l|--dhkey)
shift
KEYLENGTH=${1}
;;
--recalc)
shift
RECALCULATE=${1}
;;
--fast)
shift
if [[ ${1} == $"yes" || ${1} == $"y" ]]; then
FAST='yes'
fi
;;
*)
# unknown option
;;
esac
shift
done
if [[ $RECALCULATE == "yes" || $RECALCULATE == "y" ]]; then
regenerate_dh_keys
exit 0
regenerate_dh_keys
exit 0
fi
if [ ! $HOSTNAME ]; then
echo $'No hostname specified'
exit 5728
echo $'No hostname specified'
exit 5728
fi
if ! which openssl > /dev/null ;then
echo $"$0: openssl is not installed, exiting" 1>&2
exit 5689
echo $"$0: openssl is not installed, exiting" 1>&2
exit 5689
fi
if [ ! -d /etc/ssl/mycerts ]; then
mkdir -p /etc/ssl/mycerts
mkdir -p /etc/ssl/mycerts
fi
calc_dh /etc/ssl/certs/$HOSTNAME.dhparam