feature request by strudl: handle ip addresses

diff --git a/certgen.data.example b/certgen.data.example
index bfe4a191562bec22be03a2d29f7b6ca474b5f308..42289dc99e23b1e5e99072999aac051c493487ba 100644 (file)
--- a/certgen.data.example
+++ b/certgen.data.example
@@ -5,18 +5,18 @@
 # Format: <OPERATION> <Parameters>
 #         EXIT <errorcode> <optional: text with spaces to display>
 #         CA   <CA Name> <Cert Subject>
-#         SGN  <CN> <Cert Subject> <optional: additional DNS-alt-names ","-separated, NOT SPACES!>
+#         SGN  <CN> <Cert Subject> <optional: additional DNS-alt-names ","-separated, NOT SPACES!> <optional: additional IP-alt-names ","-separated, NOT SPACES!>
 #                 This will create a cert and sign with the ca located in ./ca/
-#         CRT  <CN> <Cert Subject> <optional: additional DNS-alt-names ","-separated, NOT SPACES!>
+#         CRT  <CN> <Cert Subject> <optional: additional DNS-alt-names ","-separated, NOT SPACES!> <optional: additional IP-alt-names ","-separated, NOT SPACES!>
 #                 This will create a self signed cert.
-#         CSR  <CN> <Cert Subject> <optional: additional DNS-alt-names ","-separated, NOT SPACES!>
+#         CSR  <CN> <Cert Subject> <optional: additional DNS-alt-names ","-separated, NOT SPACES!> <optional: additional IP-alt-names ","-separated, NOT SPACES!>
 #                 This will create a cert request only.
 #                 
 # For some strange reason the subject line has to start with /emailAddress=...
 # Otherwise some weird stuff happens - good job, openssl folks :/
 
 # For failing services ;)
-CRT localhost /emailAddress=root@localhost/OU=CertGen/O=YouFailed;)/ *.loc,loc,l,*.l
+CRT localhost /emailAddress=root@localhost/OU=CertGen/O=YouFailed;)/ *.loc,loc,l,*.l 127.0.0.1,127.0.1.1
 
 # stop certgen here
 EXIT 0 Stop processing here - comment out or delete.

diff --git a/certgen.sh b/certgen.sh
index c15ea8943785cee5e8326f598e284406d64ff4e2..10033008b34e40a0f48bda589f02bc43460bb9f0 100755 (executable)
--- a/certgen.sh
+++ b/certgen.sh
@@ -5,7 +5,7 @@ umask 0027
 
 echo "cleanup previous run..."
 rm -rf output/*
-mkdir output/csr output/crt output/sgn
+mkdir -p output/csr output/crt output/sgn
 
 while read cdline ; do
        if [[ $cdline == "" || $cdline == "#"* ]] ; then
@@ -46,6 +46,7 @@ while read cdline ; do
        export CA_PATH="$MYPWD/ca/"
        SUBJECT="$(echo -n "${certdata[2]}" | sed -e 's/_/ /g')CN=${certdata[1]}/"
        DNS_NAMES="${certdata[1]},${certdata[3]}"
+       IPS="${certdata[4]}"
        OLDIFS=$IFS
        IFS=","
        cat "${MYPWD}/openssl.cnf" > /tmp/certgen.cnf
@@ -57,6 +58,14 @@ while read cdline ; do
                COUNTER=$((COUNTER+1))
                echo "DNS.${COUNTER} = $name" >> /tmp/certgen.cnf
        done
+       COUNTER=0
+       for ip in $IPS; do
+               if [[ "" == $ip ]] ; then
+                       continue
+               fi
+               COUNTER=$((COUNTER+1))
+               echo "IP.${COUNTER} = $ip" >> /tmp/certgen.cnf
+       done
        IFS=$OLDIFS
        unset OLDIFS
        unset COUNTER