From 636a400063eee95cfecaa4c4a655b0fbf032e210 Mon Sep 17 00:00:00 2001 From: Simon Ruderich Date: Tue, 10 Dec 2013 14:16:13 +0100 Subject: [PATCH] tlsproxy-setup: Prevent accidental overwrites. --- man/tlsproxy-setup.txt | 14 ++++++++------ src/tlsproxy-setup | 16 ++++++++++++++-- 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/man/tlsproxy-setup.txt b/man/tlsproxy-setup.txt index 9e482f3..f5cf511 100644 --- a/man/tlsproxy-setup.txt +++ b/man/tlsproxy-setup.txt @@ -10,7 +10,7 @@ tlsproxy-setup - create necessary files for tlsproxy SYNOPSIS -------- -*tlsproxy-setup* +*tlsproxy-setup* ['--force'] DESCRIPTION @@ -21,11 +21,13 @@ empty directory. It creates the following files in the current directory: -- proxy-ca.pem -- proxy-ca-key.pem -- proxy-dh.pem -- proxy-key.pem -- proxy-invalid.pem +- `proxy-ca.pem` +- `proxy-ca-key.pem` +- `proxy-dh.pem` +- `proxy-key.pem` +- `proxy-invalid.pem` + +If any of these files exist, the program is aborted. Requires GnuTLS' *certtool*. diff --git a/src/tlsproxy-setup b/src/tlsproxy-setup index d76c998..155b8c9 100755 --- a/src/tlsproxy-setup +++ b/src/tlsproxy-setup @@ -23,11 +23,23 @@ set -e -if test "$#" -ne 0; then - echo "Usage: $0" +if test "$#" -ge 1 && test x"$*" != 'x--force'; then + echo "Usage: $0 [--force]" >&2 exit 1 fi +# Prevent accidental overwrites. +if test x"$1" != 'x--force'; then + for x in proxy-ca-key.pem proxy-ca.pem \ + proxy-key.pem proxy-invalid.pem proxy-dh.pem; do + if test -f "$x"; then + echo "File '$x' already exists. Use --force to overwrite." >&2 + exit 2 + fi + done +fi + + tempfile=`mktemp` trap 'rm -f "$tempfile"' EXIT -- 2.43.2