From 47ca1ef6c18109e6540d93aa0052d119d52ab091 Mon Sep 17 00:00:00 2001 From: Christoph Kuchenbuch Date: Wed, 14 Dec 2016 14:23:55 +0100 Subject: [PATCH] make hook.sh script compartible with dash --- install_dehydrated.sh | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/install_dehydrated.sh b/install_dehydrated.sh index 5ec0405..e8bcbfc 100755 --- a/install_dehydrated.sh +++ b/install_dehydrated.sh @@ -724,11 +724,11 @@ while read -r line || [[ -n "$line" ]]; do echo " #ln -s root-\${TIMESTAMP}.ca \${BASEDIR}/certs/\${DOMAIN}/root.ca" >> $HOOK_OUT_FILE echo " #cp -a \`realpath \$FULLCHAINFILE\` \`realpath \$FULLCHAINFILE\`.ORIG" >> $HOOK_OUT_FILE echo " #cat \`realpath \$FULLCHAINFILE\`.ORIG \${BASEDIR}/certs/\${DOMAIN}/root-\${TIMESTAMP}.ca > \$FULLCHAINFILE" >> $HOOK_OUT_FILE - echo " cat \$KEYFILE \$FULLCHAINFILE > \${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain-\${TIMESTAMP}.pem" >> $HOOK_OUT_FILE - echo " if [[ -h \"\${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain.pem\" ]]; then" >> $HOOK_OUT_FILE - echo " rm \${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain.pem" >> $HOOK_OUT_FILE + echo " cat \"\$KEYFILE\" \"\$FULLCHAINFILE\" > \"\${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain-\${TIMESTAMP}.pem\"" >> $HOOK_OUT_FILE + echo " if [ -h \"\${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain.pem\" ]; then" >> $HOOK_OUT_FILE + echo " rm \"\${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain.pem"\" >> $HOOK_OUT_FILE echo " fi" >> $HOOK_OUT_FILE - echo " ln -s privkey_cert_chain-\${TIMESTAMP}.pem \${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain.pem" >>$HOOK_OUT_FILE + echo " ln -s \"privkey_cert_chain-\${TIMESTAMP}.pem\" \"\${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain.pem\"" >>$HOOK_OUT_FILE echo " echo \" + Hook: \$DOMAIN - Certificate has been produced\"" >> $HOOK_OUT_FILE echo "" >> $HOOK_OUT_FILE found=false @@ -2858,7 +2858,7 @@ cat < ${DH_BASE_DIR}/tools/dh_tlsgen.sh #!/usr/bin/env bash if [[ \$# -ne 1 ]] ; then - echo -e "\n usage: \`basename \$0\` \n" + echo -e "\n usage: \$(basename "\$0") \n" exit fi @@ -2875,10 +2875,10 @@ tlsa_record_311=\$( printf '_%s._tcp.%s. IN TLSA 3 1 1 %s\n' \\ \$port \\ \$hostname \\ - \$(openssl x509 -in \$cert -noout -pubkey | + "\$(openssl x509 -in \$cert -noout -pubkey | openssl pkey -pubin -outform DER | openssl dgst -sha256 -binary | - hexdump -ve '/1 "%02x"') + hexdump -ve '/1 "%02x"')" ) cert=/var/lib/dehydrated/certs/\${hostname}/chain.pem @@ -2886,10 +2886,10 @@ tlsa_record_211_chain=\$( printf '_%s._tcp.%s. IN TLSA 2 1 1 %s\n' \\ \$port \\ \$hostname \\ - \$(openssl x509 -in \$cert -noout -pubkey | + "\$(openssl x509 -in \$cert -noout -pubkey | openssl pkey -pubin -outform DER | openssl dgst -sha256 -binary | - hexdump -ve '/1 "%02x"') + hexdump -ve '/1 "%02x"')" ) tlsa_record_211_root="" @@ -2899,26 +2899,26 @@ if [[ -f "\$cert" ]]; then printf '_%s._tcp.%s. IN TLSA 2 1 1 %s\n' \\ \$port \\ \$hostname \\ - \$(openssl x509 -in \$cert -noout -pubkey | + "\$(openssl x509 -in \$cert -noout -pubkey | openssl pkey -pubin -outform DER | openssl dgst -sha256 -binary | - hexdump -ve '/1 "%02x"') + hexdump -ve '/1 "%02x"')" ) fi echo "" echo "TLSA 3 1 1 certificate" echo "======================" -echo \$tlsa_record_311 +echo "\$tlsa_record_311" echo "" echo "TLSA 2 1 1 chain" echo "================" -echo \$tlsa_record_211_chain +echo "\$tlsa_record_211_chain" echo "" if [[ -n "\$tlsa_record_211_root" ]]; then echo "TLSA 2 1 1 root" echo "===============" - echo \$tlsa_record_211_root + echo "\$tlsa_record_211_root" echo "" fi