Fixed correct syntaxes and now have a valid passwordfile option

1 files changed, 5 insertions, 21 deletions

diff --git a/files/certreq.sh b/files/certreq.sh
index 9249bf1..459df53 100755
--- a/files/certreq.sh
+++ b/files/certreq.sh
@@ -28,16 +28,16 @@ certreqversion="2023-06-06a"
 
 usage() {
    less -F >&2 <<ENDUSAGE
-usage: certreq.sh [-dhV] [-u username] [-p password] [-pf passwordfile ][-w tempdir] [-t template] [--cn CN] [--ca <CA hostname>] [-l|-g] [--list|--csr /path/to/file|--fetch|--request] [--no-ca] [--reqid <reqid_string>] [--openssl-bin /bin/openssl] [--openssl-conf /opt/openssl.cnf] [--auth basic|ntlm|negotiate]
+usage: certreq.sh [-dhV] [-u username] [-p password] [--pf passwordfile ][-w tempdir] [-t template] [--cn CN] [--ca <CA hostname>] [-l|-g] [--list|--csr /path/to/file|--fetch|--request] [--no-ca] [--reqid <reqid_string>] [--openssl-bin /bin/openssl] [--openssl-conf /opt/openssl.cnf] [--auth basic|ntlm|negotiate]
 version ${certreqversion}
  -d debug   Show debugging info, including parsed variables.
  -h usage   Show this usage block.
  -V version Show script version number.
  -u username User to connect via basic or ntlm auth (or negotiate) to CA. Can be "username" or "domain\\username"
  -p password
- -pf --password-file Passwordfile in case you don't want to write password in clear text.
  -w workdir  Temp directory to work in. Default is \$(mktemp -d).
  -t template Template to request from CA. Default is "ConfigMgrLinuxClientCertificate"
+ --pf --password-file Passwordfile in case you don't want to write password in clear text.
  --cn        CN to request. Default is \$( hostname -f )
  --ca        CA hostname or base URL. Example: ca2.example.com
  --reqid <value>  Request ID. Needed by --fetch action.
@@ -468,23 +468,7 @@ parseFlag() {
       "V" | "fcheck" | "version" ) ferror "${scriptfile} version ${certreqversion}"; exit 1001;;
       "u" | "user" | "username" ) getval; CERTREQ_USER="${tempval}";;
       "p" | "pass" | "password" ) getval; CERTREQ_PASS="${tempval}";;
-      # I am struggling to find a way to add a option for -p|--password-file. When enabling this code the script just prints a newline with no output to tmpfiles.
-      # "pf" | "password-file" )
-      #    shift # Skip the flag itself
-      #    if [ $# -gt 0 ]; then
-      #       password_file="$1"
-      #       if [ -r "$password_file" ]; then
-      #          CERTREQ_PASS=$(cat "$password_file")
-      #       else
-      #          ferror "Unable to read password file: $password_file"
-      #          exit 1
-      #       fi
-      #       hasval=1
-      #    else
-      #       ferror "Missing value for flag: $flag"
-      #       exit 1
-      #    fi
-      #    ;;
+      "pf" | "password-file" ) getval; test -r "${tempval}" && CERTREQ_PASS="$( cat "${tempval}" )" || ferror "Invalid password file ${tempval}; leaving password blank!";; # Read password from file
       "w" | "work" | "workdir" ) getval; CERTREQ_WORKDIR="${tempval}";;
       "t" | "temp" | "template" ) getval; CERTREQ_TEMPLATE="${tempval}";;
       "cn" | "common-name" | "commonname" ) getval; CERTREQ_CNPARAM="${tempval}";;
@@ -507,7 +491,7 @@ parseFlag() {
             "basic") CERTREQ_AUTH=basic ;;
             "ntlm") CERTREQ_AUTH=ntlm ;;
             "negotiate") CERTREQ_AUTH=negotiate ;;
-            *) ferror "Warning: --auth must be either \"basic\", \"ntlm\" or \"negotiate\". Using \"basic.\"" CERTREQ_AUTH=basic ;;
+            *) ferror "Warning: --auth must be either \"basic\", \"ntlm\" or \"negotiate\". Using \"basic.\"" ; CERTREQ_AUTH=basic ;;
          esac
          ;;
    esac
@@ -796,7 +780,7 @@ debuglev 5 && {
 
    # 4 invalid cert file: incomplete cert file, or no issuer
    # Wrapped in if statement to not grep when doing --list since no cert is created during that process.
-   if [[ "$CERTREQ_ACTION" != "list" ]]; then
+   if test "${CERTREQ_ACTION}" != "list" ; then
       if { ! grep -qE -- '--END CERTIFICATE--' "${CERTREQ_WORKDIR}/${CERTREQ_CNPARAM}.crt" ; } || { ! echo "${openssloutput}" | grep -qE "issuer.*" ; } ;
       then
          failed=$(( failed + 4 ))