Skip to content

Commit 1900d40

Browse files
TinCanTechTinCanTech
committed
Minor changes required to follow easytls-verify.sh re-write
Signed-off-by: Richard T Bonhomme <[email protected]>
1 parent b547295 commit 1900d40

File tree

1 file changed

+20
-8
lines changed

1 file changed

+20
-8
lines changed

easytls-client-connect.sh

Lines changed: 20 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -146,7 +146,7 @@ format_number ()
146146
# Allow connection
147147
connection_allowed ()
148148
{
149-
"${EASYTLS_RM}" -f "${client_ext_md_file}"
149+
#"${EASYTLS_RM}" -f "${client_ext_md_file}"
150150
absolute_fail=0
151151
update_status "connection allowed"
152152
}
@@ -160,7 +160,7 @@ init ()
160160
absolute_fail=1
161161

162162
# Defaults
163-
EASYTLS_server_pid=$PPID
163+
EASYTLS_srv_pid=$PPID
164164

165165
# Log message
166166
status_msg="* EasyTLS-client-connect"
@@ -294,6 +294,8 @@ warn_die
294294
# Report option warnings
295295
warn_log
296296

297+
env > env.client-connect
298+
297299
# Update log message
298300
update_status "CN:${X509_0_CN}"
299301

@@ -306,11 +308,16 @@ client_serial="$(format_number "${tls_serial_hex_0}")"
306308
die "NO CLIENT SERIAL" 8
307309
}
308310

309-
# Set client_metadata_files
310-
client_metadata_file="${EASYTLS_tmp_dir}/${client_serial}.${EASYTLS_server_pid}"
311+
# easytls client metadata file
312+
client_metadata_file="${EASYTLS_tmp_dir}/${client_serial}.${EASYTLS_srv_pid}"
313+
314+
# --tls-verify output to --client-connect
311315
client_ext_md_file="${client_metadata_file}-${untrusted_ip}-${untrusted_port}"
312316

313-
# Verify client_metadata_file
317+
# Append file extensions
318+
client_metadata_file="${client_metadata_file}.tcv2md"
319+
320+
# Verify client_ext_md_file
314321
if [ -f "${client_ext_md_file}" ]
315322
then
316323
# Client cert serial matches
@@ -321,7 +328,9 @@ else
321328
fi
322329

323330
# Set only for NO keyed hwaddr
324-
if "${EASYTLS_GREP}" -q '000000000000' "${client_ext_md_file}"
331+
# regexp should be '+000000000000+' - Version update!
332+
if "${EASYTLS_GREP}" -q '[[:blank:]]000000000000$' \
333+
"${client_ext_md_file}"
325334
then
326335
key_hwaddr_missing=1
327336
fi
@@ -360,13 +369,14 @@ else
360369
fi
361370
else
362371
# hwaddr is pushed
363-
if "${EASYTLS_GREP}" -q "${push_hwaddr}" "${client_ext_md_file}"
372+
if "${EASYTLS_GREP}" -q "+${push_hwaddr}+" "${client_ext_md_file}"
364373
then
365374
# MATCH!
366375
update_status "hwaddr ${push_hwaddr} pushed and matched"
367376
connection_allowed
368377
else
369378
# push does not match key hwaddr
379+
failure_msg="Key does not match pushed hwaddr: ${push_hwaddr}"
370380
fail_and_exit "HWADDR MISMATCH" 2
371381
fi
372382
fi
@@ -383,7 +393,9 @@ fi
383393
if [ $absolute_fail -eq 0 ]
384394
then
385395
# All is well
386-
verbose_print "<EXOK> ${status_msg}"
396+
verbose_print "
397+
<EXOK> ${status_msg}
398+
"
387399
exit 0
388400
fi
389401

0 commit comments

Comments
 (0)