Compare commits
2 commits
cf3d960a10
...
6c74f47783
Author | SHA1 | Date | |
---|---|---|---|
|
6c74f47783 | ||
|
fc2f62bb0f |
2 changed files with 36 additions and 11 deletions
|
@ -196,10 +196,10 @@ EOF
|
|||
|
||||
_tmux_hook
|
||||
_umask_hook
|
||||
_pkcs11module
|
||||
_pkcs11module_hook
|
||||
promptcommandmunge "_tmux_hook"
|
||||
promptcommandmunge "_umask_hook"
|
||||
promptcommandmunge "_pkcs11module"
|
||||
promptcommandmunge "_pkcs11module_hook"
|
||||
which direnv >/dev/null && eval "$(direnv hook bash)"
|
||||
|
||||
cat << EOF >> "${MSC_LOGFILE}"
|
||||
|
|
43
functions.sh
43
functions.sh
|
@ -21,18 +21,43 @@ promptcommandmunge () {
|
|||
EXIT
|
||||
}
|
||||
|
||||
function _pkcs11module() {
|
||||
[ -z "${P11M:+x}" ] && \
|
||||
[ -n "$(whereis ${pkcs11_module_default:-p11-kit-proxy.so}|awk '{print $2}')" ] && \
|
||||
export PKCS11_MODULE=$(whereis ${pkcs11_module_default:-p11-kit-proxy.so}|awk '{print $2}' || \
|
||||
{ echo "${pkcs11_module_default:-p11-kit-proxy.so} not forwarded by ssh or installed, unset P11M"; unset P11M; })
|
||||
function _pkcs11module_hook() {
|
||||
if [ -z "${PKCS11_MODULE:+x}" ]
|
||||
then
|
||||
# setze PKCS11_MODULE
|
||||
loginfo "PKCS11_MODULE not set yet"
|
||||
if [ -z "${P11M:+x}" ]
|
||||
then
|
||||
# komme ich nicht über ssh, oder P11M ist nicht gesetzt, dann suche das P11-KIT-PROXY Modul für PKCS11_MODULE
|
||||
logtrace "P11M not set -> search for p11-kit-proxy"
|
||||
PKCS11_MODULE="$(whereis ${pkcs11_module_default:-p11-kit-proxy.so}|awk '{print $2}')"
|
||||
[ -n "$(whereis ${pkcs11_module_default:-p11-kit-proxy.so}|awk '{print $2}')" ] && \
|
||||
export PKCS11_MODULE=$(whereis ${pkcs11_module_default:-p11-kit-proxy.so}|awk '{print $2}') || \
|
||||
{ echo "${pkcs11_module_default:-p11-kit-proxy.so} not forwarded by ssh or installed, unset P11M"; unset P11M; }
|
||||
else
|
||||
# komme ich über ssh, dann ist P11M (hoffentlich) gesetzt. Setze PKCS11_MODULE auf P11M
|
||||
logtrace "P11M set -> set PKCS11_MODULE to P11M"
|
||||
PKCS11_MODULE=${P11M}
|
||||
if [ -n "${TMUX}" ]; then
|
||||
tmux set-environment P11M ${P11M}
|
||||
tmux set-environment -g P11M ${P11M}
|
||||
fi
|
||||
fi
|
||||
else
|
||||
# lass es gesetzt.
|
||||
logtrace "PKCS11_MODULE is set, do nothing"
|
||||
fi
|
||||
|
||||
[ -n "${P11M:+x}" ] && PKCS11_MODULE=${P11M}
|
||||
[ -n "${P11M:+x}" ] && tmux set-environment P11M ${P11M}
|
||||
loginfo "PKCS11_MODULE: $PKCS11_MODULE"
|
||||
|
||||
tmux set-environment PKCS11_MODULE ${PKCS11_MODULE}
|
||||
if [ -n "${TMUX}" ]; then
|
||||
logdebug "set PKCS11_MODULE also in tmux environment"
|
||||
tmux set-environment PKCS11_MODULE ${PKCS11_MODULE}
|
||||
tmux set-environment -g PKCS11_MODULE ${PKCS11_MODULE}
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
## this function updates in combination with PROMPT_COMMAND the shell-environment-variables in tmux-sessions,
|
||||
# every time prompt is called. It does it only, when called from tmux (Environment TMUX is set)
|
||||
function _tmux_hook() {
|
||||
|
@ -1002,7 +1027,7 @@ token(){
|
|||
|
||||
|
||||
token-extract-pubkey() {
|
||||
[ -z "${PKCS11_MODULE+x}" ] && { PKCS11_MODULE=$P11M; export PKCS11_MODULE; }
|
||||
_pkcs11module_hook
|
||||
if pkcs11-tool --module $PKCS11_MODULE --list-token-slots >&2 ;then
|
||||
ssh-keygen -i -m pkcs8 -f <(pkcs11-tool --module $PKCS11_MODULE -r --type pubkey ${1:+--label} ${1} |openssl rsa -pubin -inform DER )
|
||||
if [ $? -gt 0 ] ; then
|
||||
|
|
Loading…
Reference in a new issue