From: Simon Ruderich Date: Fri, 12 Apr 2013 14:47:42 +0000 (+0200) Subject: src/tlsproxy-add,src/tlsproxy-setup: Cleanup. X-Git-Url: https://ruderich.org/simon/gitweb/?a=commitdiff_plain;h=c98db32cbc4a3f7e4b655aacfbc503639bb8379c;hp=1eb59c1f5d84e2318b54f56c895f3027d3be208a;p=tlsproxy%2Ftlsproxy.git src/tlsproxy-add,src/tlsproxy-setup: Cleanup. --- diff --git a/src/tlsproxy-add b/src/tlsproxy-add index be8cb8a..b57697a 100755 --- a/src/tlsproxy-add +++ b/src/tlsproxy-add @@ -20,7 +20,9 @@ # along with this program. If not, see . -if [ "x$1" = x ]; then +set -e + +if test "$#" -eq 0; then echo "Usage: $0 []" echo echo "Add the server certificate (as .pem file) for " @@ -38,12 +40,8 @@ if [ "x$1" = x ]; then exit 1 fi -tempfile=`mktemp` || exit 1 - -die() { - rm -f "$tempfile" - exit 1 -} +tempfile=`mktemp` +trap 'rm -f "$tempfile"' EXIT # Generate server certificate for given host. echo 'organization = tlsproxy' > "$tempfile" @@ -56,11 +54,11 @@ certtool --generate-certificate \ --load-ca-certificate proxy-ca.pem \ --load-ca-privkey proxy-ca-key.pem \ --template "$tempfile" \ - --outfile "certificate-$1-proxy.pem" || die + --outfile "certificate-$1-proxy.pem" rm "$tempfile" -if [ "x$2" = x ]; then - echo please enter server certificate +if test "x$2" = x; then + echo 'Please enter server certificate (Ctrl-D to terminate input).' cat > "certificate-$1-server.pem" else cp "$2" "certificate-$1-server.pem" diff --git a/src/tlsproxy-setup b/src/tlsproxy-setup index 1c65326..a17b390 100755 --- a/src/tlsproxy-setup +++ b/src/tlsproxy-setup @@ -20,15 +20,14 @@ # along with this program. If not, see . -tempfile=`mktemp` || exit 1 +set -e -die() { - rm -f "$tempfile" - exit 1 -} +tempfile=`mktemp` +trap 'rm -f "$tempfile"' EXIT # Generate proxy CA key file. -certtool --generate-privkey > proxy-ca-key.pem || die +certtool --generate-privkey \ + --outfile proxy-ca-key.pem # Generate proxy CA. echo 'cn = tlsproxy CA' > "$tempfile" echo ca >> "$tempfile" @@ -36,10 +35,11 @@ echo cert_signing_key >> "$tempfile" certtool --generate-self-signed \ --load-privkey proxy-ca-key.pem \ --template "$tempfile" \ - --outfile proxy-ca.pem || die + --outfile proxy-ca.pem # Generate proxy key file. -certtool --generate-privkey > proxy-key.pem || die +certtool --generate-privkey \ + --outfile proxy-key.pem # Generate proxy "invalid" server certificate. It's used for problematic # connections. @@ -51,7 +51,7 @@ echo signing_key >> "$tempfile" certtool --generate-self-signed \ --load-privkey proxy-key.pem \ --template "$tempfile" \ - --outfile proxy-invalid.pem || die + --outfile proxy-invalid.pem rm "$tempfile"