This repository has been archived by the owner on Jan 2, 2020. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 2
/
tls-helper.sh
executable file
·109 lines (86 loc) · 2.23 KB
/
tls-helper.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
#!/bin/bash
## Hosting checker certificate debugger and simple login script
##
## to log in to FTP: ./tls-helper.sh login
## needs:
## lftpgnutls3 - lftp compiled with GnuTLS v3 from Debian wheezy source package
## lftpgnutls3-src - lftp compiled with GnuTLS v3 from upstream source
## lftpopenssl - lftp compiled with OpenSSL
## gnutls-cli - compiled with GnuTLS v3
## openssl
# HC_FTP_HOST HC_FTP_USER HC_FTP_PASSWORD
. .hcrc
CACERTS="/etc/ssl/certs/ca-certificates.crt"
h1() {
echo "$(tput sgr0)$(tput dim)$(tput setaf 0)$(tput setab 2) $* $(tput sgr0)"
}
ret() {
echo "$(tput sgr0)$(tput bold)$(tput setaf 7)$(tput setab 1) $* $(tput sgr0)"
}
start_header() {
h1 "START tls helper --------"
h1 "START tls helper --------"
h1 "START tls helper --------"
echo
}
do_lftp() {
local LFTP="$1"
"$LFTP" --version | head -n 1
"$LFTP" --version | tail -n 1
echo "========================"
"$LFTP" -u "${HC_FTP_USER},${HC_FTP_PASSWORD}" \
-e "debug; set ssl:ca-file ${CACERTS}; set ftp:ssl-force 1; ls" "${HC_FTP_HOST}"
}
lftp_stock() {
h1 "stock lftp"
do_lftp lftp
ret $?
}
lftp_gnutls3() {
h1 "lftp + GnuTLS 3"
do_lftp ./lftpgnutls3
ret $?
}
lftp_gnutls3_src() {
h1 "lftp + GnuTLS 3 from source"
do_lftp ./lftpgnutls3-src
ret $?
}
lftp_openssl() {
h1 "lftp + openssl"
(sleep 4; killall lftpopenssl) &
do_lftp ./lftpopenssl
ret $?
}
gnutls_cli() {
h1 "gnutls-cli GnuTLS 3"
gnutls-cli --version | head -n1
echo "========================"
ret "AUTH TLS"
ret "Ctrl + D"
(sleep 9; killall gnutls-cli) &
gnutls-cli --verbose --crlf --x509cafile ${CACERTS} --starttls --port 21 "${HC_FTP_HOST}"
ret $?
}
openssl_cli() {
h1 "openssl"
echo QUIT|openssl s_client -CAfile ${CACERTS} -connect "${HC_FTP_HOST}":21 -starttls ftp -showcerts
ret $?
}
just_login() {
# ./lftpopenssl -u "${HC_FTP_USER},${HC_FTP_PASSWORD}" \
lftp -u "${HC_FTP_USER},${HC_FTP_PASSWORD}" \
-e "debug; set ssl:ca-file ${CACERTS}" "${HC_FTP_HOST}"
}
####################################
if [ "$1" = login ]; then
just_login
exit 0
fi
start_header
lftp_stock
lftp_gnutls3
lftp_gnutls3_src
lftp_openssl
gnutls_cli
openssl_cli