90 |
fi |
fi |
91 |
} |
} |
92 |
|
|
93 |
|
validate_auth_certificate() |
94 |
|
{ |
95 |
|
local cert="$1" |
96 |
|
local cert_fingerprint |
97 |
|
local key_fingerprint |
98 |
|
|
99 |
|
# return 0 if ${valid_auth=yes} - user alread authenticated |
100 |
|
valid_session && return 0 |
101 |
|
|
102 |
|
if [[ ! -e ${MCORE_KEY_FILE} ]] |
103 |
|
then |
104 |
|
eecho "MCORE_KEY_FILE '${MCORE_KEY_FILE}' does not exist" |
105 |
|
fi |
106 |
|
|
107 |
|
if [[ -z ${cert} ]] |
108 |
|
then |
109 |
|
eecho "no certificate given" |
110 |
|
return 1 |
111 |
|
fi |
112 |
|
|
113 |
|
cert_fingerprint=$(echo "${cert}" | openssl x509 -noout -modulus | openssl sha1) |
114 |
|
key_fingerprint=$(openssl rsa -noout -modulus -in "${MCORE_KEY_FILE}" | openssl sha1) |
115 |
|
|
116 |
|
if [[ ${cert_fingerprint} == ${key_fingerprint} ]] |
117 |
|
then |
118 |
|
mecho "certificate is valid!" |
119 |
|
mecho "Successfully logged in. Type 'help' for more information." |
120 |
|
export valid_session="yes" |
121 |
|
return 0 |
122 |
|
else |
123 |
|
mecho "certificate is invalid!" |
124 |
|
export valid_session="no" |
125 |
|
return 1 |
126 |
|
fi |
127 |
|
} |
128 |
|
|
129 |
valid_session() |
valid_session() |
130 |
{ |
{ |
131 |
if [[ ${valid_session} = yes ]] |
if [[ ${valid_session} = yes ]] |