summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorErich Eckner <git@eckner.net>2020-03-12 13:35:30 +0100
committerErich Eckner <git@eckner.net>2020-03-12 13:35:30 +0100
commit02fb80a2c0f6b924c2781d352ab3a943eecdc8a8 (patch)
tree36094bcd70f9ed3e6813d2f916eea34479ea866b
parentcaa13059da3a3bfaa2968c5991afeee43a4876d9 (diff)
downloadsimple-pki-02fb80a2c0f6b924c2781d352ab3a943eecdc8a8.tar.xz
sign-request: force connection to ip of ssh client
-rwxr-xr-xsign-request.in8
1 files changed, 7 insertions, 1 deletions
diff --git a/sign-request.in b/sign-request.in
index 191bbea..56f041e 100755
--- a/sign-request.in
+++ b/sign-request.in
@@ -28,7 +28,13 @@ trap 'rm -rf --one-file-system "${tmp_dir}"' EXIT
while read -r csr; do
csr_local="${tmp_dir}/${csr##*/}"
- curl --connect-timeout 10 -Ss --insecure "${csr}" -o "${csr_local}"
+ host="${csr#*://}"
+ host="${host%%/*}"
+ curl -Ss \
+ --resolve "${host}:443:${SSH_CLIENT%% *}" \
+ --resolve "${host}:80:${SSH_CLIENT%% *}" \
+ --connect-timeout 10 \
+ --insecure "${csr}" -o "${csr_local}"
if ! content=$(
openssl req -text -noout -verify -in "${csr_local}" 2>/dev/null
); then