#!/usr/bin/perl
{
my
@runpath
=
split
/\//, $0;
my
$program
=
pop
@runpath
;
my
$version
=
$EJBCA::CrlPublish::VERSION
;
sub
version() {
print
$program
,
', version '
,
$version
,
"\n"
;
print
'
+-----------------------------------------------------------------------+
| Copyright (C) 2014, Kevin Cody-Little <kcody
@cpan
.org> |
| Copyright (C) 2011, Branko Majic <branko
@majic
.rs> |
| |
| This program is free software: you can redistribute it and/or modify |
| it under the terms of the GNU General Public License as published by |
| the Free Software Foundation, either version 3 of the License, or |
| (at your option) any later version. |
| |
| This program is distributed in the hope that it will be useful, |
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| GNU General Public License
for
more details. |
| |
| You should have received a copy of the GNU General Public License |
+-----------------------------------------------------------------------+
'
}
sub
usage() {
print
$program
,
', version '
,
$version
,
"\n"
;
print
<<EEOF
Usage: $program <crlFile>
$program -q | -l | -v | -h
$program is a utility for publishing certificate revocation lists to their
issuing distribution points. If called with the path to a CRL file in either
DER or PEM format as its only argument, it will publish that CRL to one or
more target servers.
$program references configuration files to determine where to send any given
CRL, by what method to send it, and with what parameters. The configuration
file format and location is detailed in "man crlpublish".
$program is fully backwards compatible with the configuration files from
Branko Majik's crlpublisher.sh script version 0.1, in situ and as-is.
If no configuration files exist, $program will use the "scp" method, will
try to retrieve the publishing host, path, and filename from the CRL itself,
will use the default SSH private keys, and will use the same username on
the target as on the origin host.
(TODO) $program is capable of queuing CRLs for asynchronous transfer. If
called with the "-l" argument, $program will list the contents of the queue.
If called with "-q", $program will try to flush the contents of the queue.
Also, the queue will be flushed if $program is called with no arguments and
STDIN is not a terminal. This is for convenience in setting up cron jobs.
EEOF
}
}
if
(
@ARGV
== 0 ) {
unless
( -t STDIN ) {
my
$rc
= EJBCA::CrlPublish::processQueue;
exit
(
$rc
? 0 : 1 );
}
else
{
usage;
exit
1;
}
}
elsif
(
@ARGV
== 1 ) {
if
( -f
$ARGV
[0] ) {
my
$rc
= EJBCA::CrlPublish::publishCrl(
$ARGV
[0] );
exit
(
$rc
? 0 : 1 );
}
elsif
(
$ARGV
[0] eq
'-v'
) {
version;
exit
0;
}
elsif
(
$ARGV
[0] eq
'-h'
) {
usage;
exit
0;
}
elsif
(
$ARGV
[0] eq
'-q'
) {
my
$rc
= EJBCA::CrlPublish::processQueue;
exit
(
$rc
? 0 : 1 );
}
else
{
usage;
exit
1;
}
}
else
{
usage;
exit
1;
}