aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjake <jake@jakes-mail.top>2022-01-29 05:32:49 -0500
committerjake <jake@jakes-mail.top>2022-01-29 05:32:49 -0500
commitcd5b3a7185ab8d6e4caa5b1340751813f88c0428 (patch)
tree6278675f2307fd24d39a36713744df75931a4a0e
parentd8358411b2915624c92e8149dd7395afa253a4b3 (diff)
somewhat better cert behavior
-rwxr-xr-xgmi.pl108
1 files changed, 78 insertions, 30 deletions
diff --git a/gmi.pl b/gmi.pl
index f301250..8487d6e 100755
--- a/gmi.pl
+++ b/gmi.pl
@@ -805,11 +805,13 @@ sub clear_query {
sub cert_create {
# this should create certs somewhere more optimal, rather than the working directory
+
my $old_umask = umask(077);
+
if (! -e './certs') {
mkdir('./certs');
}
- print $OUT "What would you like the profile name to be? ";
+ print $OUT "What should the profile name be? ";
chomp(my $input = <STDIN>);
$input =~ tr|/|.|;
if (-e "./certs/$input") {
@@ -819,9 +821,38 @@ sub cert_create {
mkdir("./certs/$input");
print $OUT "What should the commonName be? (it will be used to identify you easily) ";
chomp(my $common_name = <STDIN>);
- print $OUT "When should this expire (in seconds ('31536000' = 1 year))? ";
- chomp(my $expire = <STDIN>);
- $expire = $expire + time() ;
+ #print $OUT "When should this expire (in seconds ('31536000' = 1 year))? ";
+ my $expire;
+ while (1) {
+ print $OUT "When should this expire? (1s, 1h, 1d, 1m, 1y, 0s (cancel)) ";
+ chomp($expire = <STDIN>);
+ if ($expire =~ m/^(\d+)+(\w)$/) {
+ if (lc $2 eq 's') {
+ if ($1 == 0) {
+ print $OUT "Cancelling.\n";
+ umask($old_umask);
+ return 1;
+ }
+ else {
+ $expire = $1 + time();
+ }
+ } elsif (lc $2 eq 'h') {
+ $expire = ($1*3600) + time(); # 3600 seconds in an hour
+ } elsif (lc $2 eq 'd') {
+ $expire = ($1*86400) + time(); # 86400 seconds in a day
+ } elsif (lc $2 eq 'm') {
+ $expire = ($1*2592000) + time(); # 2592000 seconds in 30 days (month)
+ } elsif (lc $2 eq 'y') {
+ $expire = ($1*31536000) + time(); # 31536000 seconds in 365 days (year)
+ } else {
+ next;
+ }
+ }
+ else {
+ next;
+ }
+ last;
+ }
my $not_before = time();
### $expire
### $not_before
@@ -843,9 +874,14 @@ sub cert_create {
sub cert_use {
if (! $use_cert) {
+
my $counter = 1;
my @profiles;
# this should read dirs from a more optimal location, rather than working directory
+ if (! -e './certs') {
+ print $OUT "You need to create a cert first: 'cert-create'.\n";
+ return 1;
+ }
for (read_dir('./certs')) {
print $OUT "[$counter] $_\n";
push(@profiles, "$_");
@@ -855,26 +891,32 @@ sub cert_use {
print $OUT "You need to create a cert first: 'cert-create'.\n";
return 1;
}
+
print $OUT "Which profile? ";
chomp(my $input = <STDIN>);
- print $OUT "Loading 'certs/$profiles[$input-1]/cert.pem' and 'certs/$profiles[$input-1]/key.pem'\n";
- eval {
- $cert = PEM_file2cert("certs/$profiles[$input-1]/cert.pem");
- $key = PEM_file2key("certs/$profiles[$input-1]/key.pem");
- CERT_free($cert);
- KEY_free($key);
- $cert = "certs/$profiles[$input-1]/cert.pem";
- $key = "certs/$profiles[$input-1]/key.pem";
- };
- if ($@) {
- print $OUT "Something is wrong with the certificate/key. Will not use.\n$@";
- $cert = "";
- $key = "";
+ if ($input) {
+ print $OUT "Loading 'certs/$profiles[$input-1]/cert.pem' and 'certs/$profiles[$input-1]/key.pem'\n";
+ eval {
+ $cert = PEM_file2cert("certs/$profiles[$input-1]/cert.pem");
+ $key = PEM_file2key("certs/$profiles[$input-1]/key.pem");
+ CERT_free($cert);
+ KEY_free($key);
+ $cert = "certs/$profiles[$input-1]/cert.pem";
+ $key = "certs/$profiles[$input-1]/key.pem";
+ };
+ if ($@) {
+ print $OUT "Something is wrong with the certificate/key. Will not use.\n$@";
+ $cert = "";
+ $key = "";
+ }
+ else {
+ print $OUT "Cert and Key loaded.\n";
+ toggle($use_cert);
+ }
}
else {
- print $OUT "Cert and Key loaded.\n";
- toggle($use_cert);
+ print $OUT "Did not load anything.\n";
}
}
else {
@@ -890,9 +932,6 @@ sub cert_del {
return 0;
}
- local $SIG{INT} = sub { return 1 };
- print $OUT "ctrl-c to cancel.\n";
-
my $counter = 1;
my @profiles;
for (read_dir('./certs')) {
@@ -900,18 +939,27 @@ sub cert_del {
push(@profiles, "$_");
$counter++;
}
+ if (! @profiles) {
+ print $OUT "You need to create a cert first: 'cert-create'.\n";
+ return 1;
+ }
print $OUT "Delete which profile? ";
chomp(my $input = <STDIN>);
- print $OUT "Are you sure you want to delete certs/$profiles[$input-1]/? y/N\n";
- chomp(my $yORn = <STDIN>);
- if (lc $yORn eq 'y') {
- unlink("./certs/$profiles[$input-1]/cert.pem","./certs/$profiles[$input-1]/key.pem");
- rmdir("./certs/$profiles[$input-1]");
- if ($!) {
- print $OUT "Unable to delete profile.\n$!\n";
+ if ($input) {
+ print $OUT "Are you sure you want to delete certs/$profiles[$input-1]/? y/N\n";
+ chomp(my $yORn = <STDIN>);
+ if (lc $yORn eq 'y') {
+ unlink("./certs/$profiles[$input-1]/cert.pem","./certs/$profiles[$input-1]/key.pem");
+ rmdir("./certs/$profiles[$input-1]");
+ if ($!) {
+ print $OUT "Unable to delete profile.\n$!\n";
+ }
+ else {
+ print $OUT "Profile '$profiles[$input-1]' succesfully deleted.\n";
+ }
}
else {
- print $OUT "Profile '$profiles[$input-1]' succesfully deleted.\n";
+ print $OUT "Nothing is deleted.\n";
}
}
else {