feat(tools): add validssclient for mutual tls auth

Co-authored-by: Roberto Abdelkader Martínez Pérez <robertomartinezp@gmail.com>
2020-12-21 13:00:25 +01:00
parent 678a5a217c
commit f25b7ee892
1 changed files with 19 additions and 0 deletions
@@ -0,0 +1,19 @@
+#!/usr/bin/env sh
+
+set -e
+
+user=$(kapow get /ssl/client/i/dn)
+
+#sed '/^#.*/d' | while read -r dn
+while read -r dn
+do
+    [ -z "$dn" ] && continue
+    if [ "$user" = "$dn" ]; then
+        kapow set /server/log/validsslclient "Found valid user: '$user'"
+        exit 0
+    fi
+done
+
+kapow set /response/status 403 # Forbidden
+kapow set /server/log/validsslclient "Invalid user: '$user'"
+exit 127