92 |
|
|
93 |
validate_auth_certificate() |
validate_auth_certificate() |
94 |
{ |
{ |
95 |
local cert="$1" |
local cert_fingerprint="$1" |
|
local cert_fingerprint |
|
96 |
local key_fingerprint |
local key_fingerprint |
97 |
|
|
98 |
# return 0 if ${valid_auth=yes} - user alread authenticated |
# return 0 if ${valid_auth=yes} - user alread authenticated |
105 |
|
|
106 |
if [[ -z ${cert} ]] |
if [[ -z ${cert} ]] |
107 |
then |
then |
108 |
eecho "no certificate given" |
eecho "no certificate fingerprint given" |
109 |
return 1 |
return 1 |
110 |
fi |
fi |
111 |
|
|
112 |
cert_fingerprint=$(echo "${cert}" | openssl x509 -noout -modulus | openssl sha1) |
key_fingerprint=$(openssl rsa -noout -modulus -in "${MCORE_KEY_FILE}" | openssl sha1 | sed 's:(stdin)=\ ::') |
|
key_fingerprint=$(openssl rsa -noout -modulus -in "${MCORE_KEY_FILE}" | openssl sha1) |
|
113 |
|
|
114 |
if [[ ${cert_fingerprint} == ${key_fingerprint} ]] |
if [[ ${cert_fingerprint} == ${key_fingerprint} ]] |
115 |
then |
then |
116 |
mecho "certificate is valid!" |
mecho "certificate fingerprint is valid!" |
117 |
mecho "Successfully logged in. Type 'help' for more information." |
mecho "Successfully logged in. Type 'help' for more information." |
118 |
export valid_session="yes" |
export valid_session="yes" |
119 |
return 0 |
return 0 |
120 |
else |
else |
121 |
mecho "certificate is invalid!" |
mecho "certificate fingerprint is invalid!" |
122 |
export valid_session="no" |
export valid_session="no" |
123 |
return 1 |
return 1 |
124 |
fi |
fi |