initial commit
This commit is contained in:
43
scripts-extra/certifi-extras.sh
Executable file
43
scripts-extra/certifi-extras.sh
Executable file
@@ -0,0 +1,43 @@
|
||||
#!/bin/sh
|
||||
set -ef
|
||||
|
||||
dst_dir=/usr/local/share/ca-certificates
|
||||
|
||||
w=$(mktemp -d) ; : "${w:?}"
|
||||
w_cleanup() {
|
||||
[ -z "$w" ] || ls -lA "$w/" >&2
|
||||
[ -z "$w" ] || rm -rf "$w"
|
||||
unset w
|
||||
exit "${1:-0}"
|
||||
}
|
||||
|
||||
def_bundle='/etc/ssl/certs/ca-certificates.crt'
|
||||
|
||||
openssl-cert-auto-pem.sh "${def_bundle}" "$w/cacert.pem" "$w/cacert.fp"
|
||||
[ -s "$w/cacert.pem" ] || w_cleanup 1
|
||||
[ -s "$w/cacert.fp" ] || w_cleanup 1
|
||||
|
||||
openssl-cert-auto-pem.sh "$1" "$w/certifi.pem" "$w/certifi.fp" "$w/certifi.off"
|
||||
[ -s "$w/certifi.pem" ] || w_cleanup 1
|
||||
[ -s "$w/certifi.fp" ] || w_cleanup 1
|
||||
[ -s "$w/certifi.off" ] || w_cleanup 1
|
||||
|
||||
set +e
|
||||
grep -Fxnv -f "$w/cacert.fp" "$w/certifi.fp" | cut -d : -f 1 > "$w/diff.ln"
|
||||
set -e
|
||||
|
||||
if [ -s "$w/diff.ln" ] ; then
|
||||
terse_fingerprint() { cut -d = -f 2- | tr -cd '[:alnum:]' ; }
|
||||
|
||||
while read -r n ; do
|
||||
[ -n "$n" ] || continue
|
||||
|
||||
fp=$(sed -ne "${n}p" "$w/certifi.fp" | terse_fingerprint)
|
||||
off=$(sed -ne "${n}p" "$w/certifi.off")
|
||||
sed -ne "${off}p" "$w/certifi.pem" > "${dst_dir}/certifi-${fp}.crt"
|
||||
done < "$w/diff.ln"
|
||||
fi
|
||||
|
||||
rm -rf "$w" ; unset w
|
||||
|
||||
exec update-ca-certificates --fresh
|
||||
45
scripts-extra/gpg-batch.sh
Executable file
45
scripts-extra/gpg-batch.sh
Executable file
@@ -0,0 +1,45 @@
|
||||
#!/bin/sh
|
||||
set -ef
|
||||
|
||||
: "${GPG_KEYSERVER:=hkps://keyserver.ubuntu.com}"
|
||||
|
||||
[ $# != 0 ] || exit 1
|
||||
|
||||
case "$1" in
|
||||
1 | start )
|
||||
[ -n "${GNUPGHOME}" ] || exit 1
|
||||
[ -d "${GNUPGHOME}" ] || exit 1
|
||||
|
||||
cd "${GNUPGHOME}"
|
||||
cat > gpg.conf <<-EOF
|
||||
quiet
|
||||
batch
|
||||
trust-model always
|
||||
no-auto-check-trustdb
|
||||
ignore-time-conflict
|
||||
keyid-format 0xlong
|
||||
keyserver ${GPG_KEYSERVER}
|
||||
EOF
|
||||
cat > dirmngr.conf <<-EOF
|
||||
quiet
|
||||
batch
|
||||
keyserver ${GPG_KEYSERVER}
|
||||
EOF
|
||||
gpg --update-trustdb >/dev/null 2>&1
|
||||
gpg --list-keys >/dev/null 2>&1
|
||||
dirmngr >/dev/null 2>&1
|
||||
;;
|
||||
0 | stop )
|
||||
[ -n "${GNUPGHOME}" ] || exit 0
|
||||
[ -d "${GNUPGHOME}" ] || exit 1
|
||||
|
||||
cd "${GNUPGHOME}"
|
||||
gpgconf --kill all
|
||||
cd /
|
||||
rm -rf "${GNUPGHOME}"
|
||||
;;
|
||||
* )
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
exit 0
|
||||
28
scripts-extra/gpg-export.sh
Executable file
28
scripts-extra/gpg-export.sh
Executable file
@@ -0,0 +1,28 @@
|
||||
#!/bin/sh
|
||||
set -ef
|
||||
|
||||
: "${1:?}" "${2:?}"
|
||||
|
||||
w=$(mktemp -d) ; : "${w:?}"
|
||||
|
||||
gpg_on() { gpg-batch.sh start ; }
|
||||
gpg_off() {
|
||||
cd /
|
||||
gpg-batch.sh stop
|
||||
unset GNUPGHOME
|
||||
rm -rf "$w"
|
||||
exit "${1:-0}"
|
||||
}
|
||||
|
||||
(
|
||||
export GNUPGHOME="$w/.gnupg"
|
||||
mkdir -m 0700 "${GNUPGHOME}"
|
||||
gpg_on
|
||||
|
||||
gpg --import "$1"
|
||||
gpg --armor --export > "$w/export"
|
||||
cat < "$w/export" > "$2"
|
||||
gpg --show-keys "$2"
|
||||
|
||||
gpg_off
|
||||
) || gpg_off 1
|
||||
Reference in New Issue
Block a user