I have the following command.
openssl s_client -connect my.site.com:443
This connects, so then I type the following:
GET /ws/map/v1/search.wsdl HTTP/1.1
Host: my.site.com
This returns the xml I'm looking for from the wsdl.
However, I'm finding it hard to script it to run as one job.
#!/bin/bash
echo 'openssl s_client -connect my.site.com:443'
echo 'GET /ws/map/v1/search.wsdl HTTP/1.1
Host: my.site.com'
while read x
do
echo "$x"
done
Is there something i'm missing here when trying to send this command to the ssl console, and have it read to a var that I can work with??
Thanks much!
Ben
okay, so now I have script 1 which has the following.
#!/bin/bash
openssl s_client -connect my.site.com:443
and script 2 does
#!/bin/bash
echo 'GET /ws/map/v1/search.wsdl HTTP/1.1'
echo 'Host: my.site.com'
while read x
do
echo "$x"
done
and when I type
script1.sh | script2.sh
and I get : bad interpreter: A file or directory in the path name does not exist.
any ideas?
Got it!
:)
echo -e "GET /ws/map/v1/search.wsdl HTTP/1.1\nHost: my.site.com\n\n" | openssl s_client -connect my.site.com:443 -ign_eof
Really hope this helps someone going forward.
Related
I have a simple shell script sv that responds to HTTP requests with a short message:
#!/bin/sh
echo_crlf() {
printf '%s\r\n' "$#"
}
respond() {
body='Hello world!'
echo_crlf 'HTTP/1.1 200 OK'
echo_crlf 'Connection: close'
echo_crlf "Content-Length: $(echo "$body" | wc -c)"
echo_crlf 'Content-Type: text/plain'
echo_crlf
echo "$body"
}
mkfifo tube
respond < tube | netcat -l -p 8888 > tube
rm tube
When I start the script and send a request,
everything looks right on the client side:
$ ./sv
$ curl localhost:8888
Hello world!
$
but the script prints the following error:
$ ./sv
write(stdout): Broken pipe
$
I am running this script on Linux,
using GNU's implementation of netcat and coreutils.
I've tried running this script with both dash and bash; the same error occurs.
What is the cause of this error and how can I avoid it?
Edit: It seems that the error was caused
by leaving out the read command in respond
in simplifying my code for this question.
That or the lack of a Connection: close header
when testing with a web browser causes this error message.
You're writing to the FIFO "tube" but no one is reading from it. You can try like this:
{ respond; cat tube > /dev/null; } | netcat -l -p 8888 > tube
I don't get the point of using the FIFO here. The following would just work:
respond | netcat -l -p 8888 > /dev/null
I'm trying to follow this answer, which suggesting running this command:
sudo bash -c "echo -n | openssl s_client -showcerts -connect $hostname:$port -servername $hostname \
2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' \
>> $trust_cert_file_location"
But I'm getting:
syntax error near unexpected token `newline'
Now, I've figured out that it's probably because of either the > or >> operators in the command. I've found answers saying to escape such characters with quotes, but they all talk about cases when the '>' characters are a part of a simple text. What to do when it's an actual operator like in my case?
Assuming you are coping some white spaces after the \.
Suggesting to remove the new line separator:
sudo bash -c "echo -n | openssl s_client -showcerts -connect $hostname:$port -servername $hostname 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> $trust_cert_file_location"
Suggesting to test if you get all certificates or just the first one.
I want to create a bash script that takes url as an argument.
for ex: ./scriptname https://domainame.com/
Current one works with with domainname.com but not with the full URL.
I get this error when I try to enter the full URL,
unable to load certificate
140398535546784:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:707:Expecting: TRUSTED CERTIFICATE
This is the one I have currently have,
#!/bin/bash
echo | openssl s_client -connect $1:443 2> /dev/null | \
openssl x509 -noout -enddate | \
cut -d = -f 2
A quick fix is to cut the parts of protocol and path out of the url
#!/bin/bash¬
NoProtocol="${1//https:\/\//}"¬
DomainOnly="${NoProtocol%%/*}"¬
¬
echo | openssl s_client -connect ${DomainOnly}:443 2> /dev/null | \¬
openssl x509 -noout -enddate | \¬
cut -d = -f 2¬
I want to encode randomly generated token with aes-256-cbc in bash. When I write this code in shell:
echo -n 8724eb94-ff8f-441e-81a7-bc4282f7c342 | openssl enc -a -e -aes-256-cbc -nosalt -pass pass:fzJKp5/vYUWZUZ1hVSXycdmskKcSNtmZoFhPv5UtWGuoV9yH61JCjKzXUWmRCJJ9FITOi66ANSDpBJZKjrRFjA==
I get: HdkTpAnsJ+bHi0DggaQq3iJMh0mrgcohOiJDeGzpqLFdvZUEXaD3YBEqGa4rBB7Y - and it is the same as in Node.js crypto module.
But! When I write this code in bashscript:
hash=$(echo -n 8724eb94-ff8f-441e-81a7-bc4282f7c342 | openssl enc -a -e -aes-256-cbc -nosalt -pass pass:fzJKp5/vYUWZUZ1hVSXycdmskKcSNtmZoFhPv5UtWGuoV9yH61JCjKzXUWmRCJJ9FITOi66ANSDpBJZKjrRFjA==);
echo ${hash}
I get alphrNunU02O4Xxw+qVgaEEaZGTrdGenvgsGnt0lczOkGKX5l6rAQTY3EJ8VA0iB and I have no idea why and where is bug. I have tried using ``, but with same wrong encoded value.
I have never write anything in bash, so I have no idea about some "tricks".
Thank you for any answers!
I figured it out. I have using:
'sh script.sh'
to run my script. But when I have done this:
'bash script.sh'
everything works perfectly. I have no idea why (yet) and now I will look for answer for 'What is thy difference between 'sh' and 'bash' '.
Thank you for some suggestions!
Hey guys I am trying to figure out a way to time out a variable if it goes past X time trying to get contents, this is based on touching a server to verify it has SSL. If the server doesn't respond in X seconds I would like to just set the variable as empty (or set some other flag if possible)
What I am using is
response=$(echo ^D |openssl s_client -connect ${line}:443 2> /dev/null |openssl x509 -noout -hash |grep -E '^[[:xdigit:]]{8}')
where $line is baidu.com for now
I tried something like this
( cmdpid=$BASHPID;
( sleep 10; kill $cmdpid; echo -e "\n\t$line missed window, terminating...\n"
) & exec response=$(echo ^D |openssl s_client -connect ${line}:443 2> /dev/null |openssl x509 -noout -hash |grep -E '^[[:xdigit:]]{8}')
)
But realized several issues, such as A) I am in a subshell and cannot get my variable out, B) I am trying to run response=#hash and returning errors etc
What would the best way to run a timeout on capturing my variable?
Thanks
IFS= read -t 10 -d '' variable < <(yourcommand)
e.g.
IFS= read -t 10 -d '' response < <(echo ^D |openssl s_client -connect ${line}:443 2> /dev/null |openssl x509 -noout -hash |grep -E '^[[:xdigit:]]{8}')