1,7 → 1,7 |
#!/bin/sh |
|
# alcasar-importcert.sh |
# by Raphaël, Hugo, Clément, Bettyna |
# by Raphaël, Hugo, Clément, Bettyna & rexy |
|
# This script is distributed under the Gnu General Public License (GPL) |
|
14,24 → 14,16 |
# - to go back to the default certificate |
|
SED="/bin/sed -ri" |
|
DIR_CERT="/etc/pki/tls" |
CONF_FILE="/usr/local/etc/alcasar.conf" |
PRIVATE_IP_MASK=`grep PRIVATE_IP $CONF_FILE|cut -d"=" -f2` |
PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1` |
|
usage="Usage: alcasar-importcert.sh -i /path/to/certificate.crt -k /path/to/privatekey.key (-c /path/to/serverchain.crt) || alcasar-importcert.sh -d (Cette utilisation permet de revenir au certificat par default)" |
|
|
nb_args=$# |
arg1=$1 |
|
|
# nb_args=$# |
# args=$1 |
# args1=$3 |
# args2=$5 |
# cert=$2 |
# key=$4 |
# sc=$6 |
|
function defaultNdd() |
{ |
$SED 's/^DOMAIN=.*/DOMAIN=localdomain/g' /usr/local/etc/alcasar.conf |
39,6 → 31,7 |
$SED 's/alcasar\.([a-zA-Z0-9-]+(\.[a-z]{2,4})?)/alcasar.localdomain/g' /etc/chilli.conf |
$SED 's/^domain.*/domain\t\tlocaldomain/g' /etc/chilli.conf |
$SED 's/^ServerName.*/ServerName alcasar.localdomain/g' /etc/httpd/conf/httpd.conf |
$SED "s/^domain=.*/domain=localdomain/g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf /etc/dnsmasq-blacklist.conf /etc/dnsmasq-whitelist.conf |
} |
|
function defaultCert() |
58,15 → 51,24 |
function domainName() # change the domain name in the conf files |
{ |
|
ndd=$(openssl x509 -noout -subject -in $cert | sed -n '/^subject/s/^.*CN=//p') |
echo $ndd |
if [ "$ndd" != "" ] |
fqdn=$(openssl x509 -noout -subject -in $cert | sed -n '/^subject/s/^.*CN=//p') |
hostname=`echo $fqdn | awk -F'.' '{ print $1 }'` |
domain=`echo $fqdn | awk -F'.' '{$1="";OFS=".";print $0}' |sed 's/^.//'` |
echo "fqdn=$fqdn hostname=$hostname domain=$domain" |
if [ "$fqdn" != "" ] |
then |
$SED "s/^DOMAIN=.*/DOMAIN=$ndd/g" /usr/local/etc/alcasar.conf |
$SED "s/\.([a-zA-Z][a-zA-Z0-9-]+(\.[a-z]{2,4})?)/.$ndd/g" /etc/hosts |
$SED "s/alcasar\.([a-zA-Z0-9-]+(\.[a-z]{2,4})?)/alcasar.$ndd/g" /etc/chilli.conf |
$SED "s/^domain.*/domain\t\t$ndd/g" /etc/chilli.conf |
$SED "s/^ServerName.*/ServerName alcasar.$ndd/g" /etc/httpd/conf/httpd.conf |
$SED "s/^DOMAIN=.*/DOMAIN=$domain/g" /usr/local/etc/alcasar.conf |
cat <<EOF > /etc/hosts |
127.0.0.1 localhost |
$PRIVATE_IP $fqdn $hostname |
EOF |
$SED "s/^domain.*/domain\t\t$domain/g" /etc/chilli.conf |
$SED "s/^locationname.*/locationname\t$fqdn/g" /etc/chilli.conf |
$SED "s/^uamserver.*/uamserver\thttps:\/\/$fqdn\/intercept.php/g" /etc/chilli.conf |
$SED "s/^radiusnasid.*/radiusnasid\t$fqdn/g" /etc/chilli.conf |
$SED "s/^uamallowed.*/uamallowed\t$hostname,$fqdn/g" /etc/chilli.conf |
$SED "s/^ServerName.*/ServerName $fqdn/g" /etc/httpd/conf/httpd.conf |
$SED "s/^domain=.*/domain=$domain/g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf /etc/dnsmasq-blacklist.conf /etc/dnsmasq-whitelist.conf |
fi |
} |
|
162,8 → 164,10 |
|
domainName $cert |
certImport $cert $key $sc |
systemctl restart chilli.service |
systemctl restart httpd.service |
for services in chilli httpd dnsmasq dnsmasq-blackhole dnsmasq-blacklist dnsmasq-whitelist |
do |
systemctl restart $services |
done |
;; |
-d) |
if [ -f "/etc/pki/tls/certs/alcasar.crt.old" -a -f "/etc/pki/tls/private/alcasar.key.old" ] |