Skip to content

Commit

Permalink
Allow key password to be set optionally
Browse files Browse the repository at this point in the history
  • Loading branch information
franzs committed Sep 18, 2023
1 parent d4fefc9 commit 19030de
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 4 deletions.
3 changes: 2 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,15 @@ The idea was taken from https://gist.github.com/wikrie/f1d5747a714e0a34d0582981f

## Usage

You have to provide a baseurl for your FRITZ!Box, a username, a password, and a certpath to contain `fullchain.pem` and `privkey.pem`. This can be done using environment variables or command line options. Command line options have a higher precedence.
You have to provide a baseurl for your FRITZ!Box, a username, a password, and a certpath to contain `fullchain.pem` and `privkey.pem`. Optionally you can specify a key password. This can be done using environment variables or command line options. Command line options have a higher precedence.

| Parameter | Environment | Command line option |
| --------- | ------------------- | ------------------- |
| baseurl | `FRITZBOX_BASEURL` | `-b` |
| username | `FRITZBOX_USERNAME` | `-u` |
| password | `FRITZBOX_PASSWORD` | `-p` |
| certpath | `FRITZBOX_CERTPATH` | `-c` |
| keypass | `FRITZBOX_KEYPASS ` | `-k` |
| debug | `FRITZBOX_DEBUG` | `-d` |

For debugging set the environment variable `FRITZBOX_DEBUG` to any non-empty string or use the command line option `-d`. The HTTP requests and responses will be written to `/tmp/fritzbox.debug` then.
Expand Down
19 changes: 16 additions & 3 deletions fritzbox_upload_certificate.sh
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,10 @@
# default parameters from environment
baseurl="${FRITZBOX_BASEURL:-}"
certpath="${FRITZBOX_CERTPATH:-}"
debug="${FRITZBOX_DEBUG:-}"
keypass="${FRITZBOX_KEYPASS:-}"
password="${FRITZBOX_PASSWORD:-}"
username="${FRITZBOX_USERNAME:-}"
debug="${FRITZBOX_DEBUG:-}"

CURL_CMD="curl"
ICONV_CMD="iconv"
Expand All @@ -30,7 +31,7 @@ SUCCESS_MESSAGES="^ *(Das SSL-Zertifikat wurde erfolgreich importiert|Import of
DEBUG_OUTPUT=/tmp/fritzbox.debug

function usage {
echo "Usage: $0 [-b baseurl] [-u username] [-p password] [-c certpath]" >&2
echo "Usage: $0 [-b baseurl] [-u username] [-p password] [-c certpath] [-k keypass]" >&2
exit 64
}

Expand Down Expand Up @@ -65,7 +66,7 @@ done

[ ${exit} -ne 0 ] && exit ${exit}

while getopts ":b:c:dp:u:h" opt; do
while getopts ":b:c:dk:p:u:h" opt; do
case ${opt} in
b)
baseurl=$OPTARG
Expand All @@ -76,6 +77,9 @@ while getopts ":b:c:dp:u:h" opt; do
d)
debug="true"
;;
k)
keypass=$OPTARG
;;
p)
password=$OPTARG
;;
Expand Down Expand Up @@ -181,6 +185,15 @@ ${certbundle}
--${boundary}--
EOD

if [ -n "${keypass}" ]; then
cat <<EOD >> "${request_file}"
Content-Disposition: form-data; name="BoxCertPassword"
${keypass}
--${boundary}--
EOD
fi

# upload the certificate to the box
# shellcheck disable=SC2086
${CURL_CMD} ${curl_opts} -X POST "${baseurl}/cgi-bin/firmwarecfg" -H "Content-type: multipart/form-data boundary=${boundary}" --data-binary "@${request_file}" | process_curl_output | grep -qE "${SUCCESS_MESSAGES}"
Expand Down

0 comments on commit 19030de

Please sign in to comment.