From 19030deee8516a414b7093a48b581fe1ec8a8b7a Mon Sep 17 00:00:00 2001 From: Franz Schwartau Date: Thu, 7 Sep 2023 14:58:52 +0200 Subject: [PATCH] Allow key password to be set optionally --- README.md | 3 ++- fritzbox_upload_certificate.sh | 19 ++++++++++++++++--- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index c63e13b..a151779 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ The idea was taken from https://gist.github.com/wikrie/f1d5747a714e0a34d0582981f ## Usage -You have to provide a baseurl for your FRITZ!Box, a username, a password, and a certpath to contain `fullchain.pem` and `privkey.pem`. This can be done using environment variables or command line options. Command line options have a higher precedence. +You have to provide a baseurl for your FRITZ!Box, a username, a password, and a certpath to contain `fullchain.pem` and `privkey.pem`. Optionally you can specify a key password. This can be done using environment variables or command line options. Command line options have a higher precedence. | Parameter | Environment | Command line option | | --------- | ------------------- | ------------------- | @@ -14,6 +14,7 @@ You have to provide a baseurl for your FRITZ!Box, a username, a password, and a | username | `FRITZBOX_USERNAME` | `-u` | | password | `FRITZBOX_PASSWORD` | `-p` | | certpath | `FRITZBOX_CERTPATH` | `-c` | +| keypass | `FRITZBOX_KEYPASS ` | `-k` | | debug | `FRITZBOX_DEBUG` | `-d` | For debugging set the environment variable `FRITZBOX_DEBUG` to any non-empty string or use the command line option `-d`. The HTTP requests and responses will be written to `/tmp/fritzbox.debug` then. diff --git a/fritzbox_upload_certificate.sh b/fritzbox_upload_certificate.sh index 7de3934..bf279bd 100755 --- a/fritzbox_upload_certificate.sh +++ b/fritzbox_upload_certificate.sh @@ -18,9 +18,10 @@ # default parameters from environment baseurl="${FRITZBOX_BASEURL:-}" certpath="${FRITZBOX_CERTPATH:-}" +debug="${FRITZBOX_DEBUG:-}" +keypass="${FRITZBOX_KEYPASS:-}" password="${FRITZBOX_PASSWORD:-}" username="${FRITZBOX_USERNAME:-}" -debug="${FRITZBOX_DEBUG:-}" CURL_CMD="curl" ICONV_CMD="iconv" @@ -30,7 +31,7 @@ SUCCESS_MESSAGES="^ *(Das SSL-Zertifikat wurde erfolgreich importiert|Import of DEBUG_OUTPUT=/tmp/fritzbox.debug function usage { - echo "Usage: $0 [-b baseurl] [-u username] [-p password] [-c certpath]" >&2 + echo "Usage: $0 [-b baseurl] [-u username] [-p password] [-c certpath] [-k keypass]" >&2 exit 64 } @@ -65,7 +66,7 @@ done [ ${exit} -ne 0 ] && exit ${exit} -while getopts ":b:c:dp:u:h" opt; do +while getopts ":b:c:dk:p:u:h" opt; do case ${opt} in b) baseurl=$OPTARG @@ -76,6 +77,9 @@ while getopts ":b:c:dp:u:h" opt; do d) debug="true" ;; + k) + keypass=$OPTARG + ;; p) password=$OPTARG ;; @@ -181,6 +185,15 @@ ${certbundle} --${boundary}-- EOD +if [ -n "${keypass}" ]; then +cat <> "${request_file}" +Content-Disposition: form-data; name="BoxCertPassword" + +${keypass} +--${boundary}-- +EOD +fi + # upload the certificate to the box # shellcheck disable=SC2086 ${CURL_CMD} ${curl_opts} -X POST "${baseurl}/cgi-bin/firmwarecfg" -H "Content-type: multipart/form-data boundary=${boundary}" --data-binary "@${request_file}" | process_curl_output | grep -qE "${SUCCESS_MESSAGES}"