File Manager

003 File Manager

Current Path: /usr/sbin

📁 ..
📄 ac(10.36 KB)
📄 accton(5.66 KB)
📄 acpiconf(9.14 KB)
📄 acpidb(496.75 KB)
📄 acpidump(39.86 KB)
📄 adduser(23.38 KB)
📄 ancontrol(34.19 KB)
📄 apm(13.1 KB)
📄 arp(17.88 KB)
📄 ath3kfw(14.51 KB)
📄 audit(5.98 KB)
📄 auditd(21.79 KB)
📄 auditdistd(127.49 KB)
📄 auditreduce(15.34 KB)
📄 authpf(20.57 KB)
📄 authpf-noip(20.57 KB)
📄 automount(50.65 KB)
📄 automountd(50.65 KB)
📄 autounmountd(50.65 KB)
📄 bcmfw(8.68 KB)
📄 bhyve(374.03 KB)
📄 bhyvectl(41.55 KB)
📄 bhyveload(16.41 KB)
📄 binmiscctl(14.12 KB)
📄 blacklistctl(33.88 KB)
📄 blacklistd(41.85 KB)
📄 bluetooth-config(9.71 KB)
📄 boot0cfg(15.09 KB)
📄 bootparamd(15.81 KB)
📄 bootpef(38.09 KB)
📄 bootptest(17.37 KB)
📄 bsdconfig(11.98 KB)
📄 bsdinstall(3.44 KB)
📄 bsnmpd(136.55 KB)
📄 bthidcontrol(36.06 KB)
📄 bthidd(55.51 KB)
📄 btpand(32.42 KB)
📄 btxld(13.49 KB)
📄 callbootd(9.26 KB)
📄 camdd(37.59 KB)
📄 cdcontrol(22.45 KB)
📄 certctl(7.74 KB)
📄 chkgrp(9.04 KB)
📄 chkprintcap(18.22 KB)
📄 chown(10.23 KB)
📄 chroot(8.31 KB)
📄 ckdist(16.18 KB)
📄 clear_locks(6.23 KB)
📄 config(56.23 KB)
📄 cpucontrol(20.03 KB)
📄 crashinfo(8.21 KB)
📄 cron(44.9 KB)
📄 ctladm(66.98 KB)
📄 ctld(123.97 KB)
📄 cxgbetool(2.86 MB)
📄 daemon(15.76 KB)
📄 dconschat(22.84 KB)
📄 devctl(11.83 KB)
📄 devinfo(8.68 KB)
📄 diskinfo(19.2 KB)
📄 dtrace(35.91 KB)
📄 dumpcis(26.69 KB)
📄 dwatch(36.59 KB)
📄 editmap(84.02 KB)
📄 edquota(22.9 KB)
📄 efibootmgr(22.04 KB)
📄 efidp(9.79 KB)
📄 efivar(14.77 KB)
📄 etcupdate(43.94 KB)
📄 extattrctl(16.63 KB)
📄 fdcontrol(14.94 KB)
📄 fdformat(18.52 KB)
📄 fdread(17.14 KB)
📄 fdwrite(10.19 KB)
📄 fifolog_create(9.03 KB)
📄 fifolog_reader(31.19 KB)
📄 fifolog_writer(15.57 KB)
📄 flowctl(12.19 KB)
📄 fmtree(36.11 KB)
📄 freebsd-update(91.6 KB)
📄 fstyp(19.38 KB)
📄 ftp-proxy(28.19 KB)
📄 fwcontrol(32.87 KB)
📄 gensnmptree(29.26 KB)
📄 getextattr(11.24 KB)
📄 getfmac(6.78 KB)
📄 getpmac(6.9 KB)
📄 gpioctl(11.71 KB)
📄 gssd(34.37 KB)
📄 gstat(23.22 KB)
📄 hccontrol(174.81 KB)
📄 hcsecd(30.18 KB)
📄 hcseriald(10.12 KB)
📄 hostapd(876.65 KB)
📄 hostapd_cli(79.18 KB)
📄 hoststat(8.41 KB)
📄 hv_kvp_daemon(21.99 KB)
📄 hv_vss_daemon(9.45 KB)
📄 i2c(14.99 KB)
📄 iasl(1.34 MB)
📄 idprio(7.61 KB)
📄 ifmcstat(12.74 KB)
📄 inetd(47.88 KB)
📄 iostat(19.66 KB)
📄 iovctl(19.91 KB)
📄 ip6addrctl(12.2 KB)
📄 ipfwpcap(10.79 KB)
📄 iprop-log(24.89 KB)
📄 iscsid(37.38 KB)
📄 iwmbtfw(19.09 KB)
📄 jail(68.96 KB)
📄 jexec(8.85 KB)
📄 jls(15.11 KB)
📄 kbdcontrol(39.62 KB)
📄 kbdmap(16.16 KB)
📄 keyserv(24.67 KB)
📄 kgmon(13.02 KB)
📄 kldxref(29.59 KB)
📄 kstash(9.68 KB)
📄 ktutil(38.81 KB)
📄 l2control(12.84 KB)
📄 l2ping(10.6 KB)
📄 lastlogin(8.5 KB)
📄 local-unbound(148.45 KB)
📄 local-unbound-anchor(38.63 KB)
📄 local-unbound-checkconf(29.43 KB)
📄 local-unbound-control(33.32 KB)
📄 local-unbound-setup(11.7 KB)
📄 lockstat(49.98 KB)
📄 lpc(55.95 KB)
📄 lpd(82.2 KB)
📄 lptcontrol(6.48 KB)
📄 lptest(6.03 KB)
📄 lsextattr(11.24 KB)
📄 mailstats(73.28 KB)
📄 mailwrapper(8.41 KB)
📄 makefs(183.64 KB)
📄 makemap(89.47 KB)
📄 manctl(7.75 KB)
📄 memcontrol(11.88 KB)
📄 mergemaster(43.59 KB)
📄 mfiutil(75.3 KB)
📄 mixer(12.14 KB)
📄 mld6query(10.53 KB)
📄 mlx5tool(11.54 KB)
📄 mlxcontrol(19.72 KB)
📄 mount_smbfs(15.29 KB)
📄 mountd(54.05 KB)
📄 moused(40.59 KB)
📄 mprutil(33.95 KB)
📄 mpsutil(33.95 KB)
📄 mptable(15.74 KB)
📄 mptutil(46.35 KB)
📄 mtest(17.24 KB)
📄 mtree(60.94 KB)
📄 ndis_events(9.19 KB)
📄 ndiscvt(39.78 KB)
📄 ndisgen(15.83 KB)
📄 ndp(24.03 KB)
📄 newsyslog(46.39 KB)
📄 nfscbd(10.15 KB)
📄 nfsd(22.62 KB)
📄 nfsdumpstate(8.02 KB)
📄 nfsrevoke(6.08 KB)
📄 nfsuserd(16.87 KB)
📄 ngctl(29.15 KB)
📄 nghook(10.09 KB)
📄 nmtree(60.94 KB)
📄 nologin(625.77 KB)
📄 nscd(87.91 KB)
📄 ntp-keygen(205.75 KB)
📄 ntpd(842.26 KB)
📄 ntpdate(126.85 KB)
📄 ntpdc(268.29 KB)
📄 ntptime(83.42 KB)
📄 pac(28.74 KB)
📄 pciconf(37.38 KB)
📄 periodic(4.19 KB)
📄 pkg(32.22 KB)
📄 plockstat(22.91 KB)
📄 pmc(167.45 KB)
📄 pmcannotate(15.8 KB)
📄 pmccontrol(11.81 KB)
📄 pmcstat(77.77 KB)
📄 pnfsdscopymr(9.09 KB)
📄 pnfsdsfile(10.01 KB)
📄 pnfsdskill(6.26 KB)
📄 portsnap(29.86 KB)
📄 powerd(15.97 KB)
📄 ppp(427.13 KB)
📄 pppctl(15.77 KB)
📄 praliases(86.38 KB)
📄 praudit(9.13 KB)
📄 prometheus_sysctl_exporter(13.91 KB)
📄 pstat(14.47 KB)
📄 purgestat(8.41 KB)
📄 pw(74.28 KB)
📄 pwd_mkdb(16.71 KB)
📄 pwm(10.45 KB)
📄 quot(14.92 KB)
📄 quotaoff(8.29 KB)
📄 quotaon(8.29 KB)
📄 rarpd(16.11 KB)
📄 repquota(11.14 KB)
📄 rfcomm_pppd(13.8 KB)
📄 rip6query(7.69 KB)
📄 rmextattr(11.24 KB)
📄 rmt(9.48 KB)
📄 rmuser(8.96 KB)
📄 route6d(46.17 KB)
📄 rpc.lockd(64.46 KB)
📄 rpc.statd(22.27 KB)
📄 rpc.umntall(12.3 KB)
📄 rpc.yppasswdd(41.08 KB)
📄 rpc.ypupdated(18.19 KB)
📄 rpc.ypxfrd(16.12 KB)
📄 rpcbind(43.91 KB)
📄 rrenumd(34.28 KB)
📄 rtadvctl(31.52 KB)
📄 rtadvd(70.95 KB)
📄 rtprio(7.61 KB)
📄 rtsold(40.09 KB)
📄 rwhod(17.15 KB)
📄 sa(23.57 KB)
📄 sade(48.1 KB)
📄 sdpcontrol(15.98 KB)
📄 sdpd(38.07 KB)
📄 sendmail(8.41 KB)
📄 service(4.84 KB)
📄 services_mkdb(14.02 KB)
📄 sesutil(20.83 KB)
📄 setextattr(11.24 KB)
📄 setfib(7.2 KB)
📄 setfmac(14.27 KB)
📄 setfsmac(14.27 KB)
📄 setpmac(6.11 KB)
📄 smbmsg(10.09 KB)
📄 snapinfo(7.46 KB)
📄 sntp(324.31 KB)
📄 spi(15.59 KB)
📄 spkrtest(3.62 KB)
📄 spray(7.8 KB)
📄 sshd(302.45 KB)
📄 swapinfo(14.47 KB)
📄 syslogd(53.15 KB)
📄 sysrc(22.64 KB)
📄 tcpdchk(19.85 KB)
📄 tcpdmatch(16.88 KB)
📄 tcpdrop(10.25 KB)
📄 tcpdump(936.43 KB)
📄 traceroute(33.23 KB)
📄 traceroute6(30.32 KB)
📄 trim(9.41 KB)
📄 trpt(11.45 KB)
📄 tzsetup(20.19 KB)
📄 uathload(9.28 KB)
📄 uefisign(20.87 KB)
📄 ugidfw(8.57 KB)
📄 uhsoctl(26.11 KB)
📄 usbconfig(26.59 KB)
📄 usbdump(16.42 KB)
📄 utx(7.81 KB)
📄 valectl(12.23 KB)
📄 vidcontrol(27.79 KB)
📄 vidfont(16.16 KB)
📄 vigr(2.42 KB)
📄 vipw(7.2 KB)
📄 wake(7.33 KB)
📄 watch(12.79 KB)
📄 watchdog(15.37 KB)
📄 watchdogd(15.37 KB)
📄 wlandebug(16.26 KB)
📄 wpa_cli(529.82 KB)
📄 wpa_passphrase(37.72 KB)
📄 wpa_supplicant(926.5 KB)
📄 yp_mkdb(11.82 KB)
📄 ypbind(20.45 KB)
📄 ypinit(8.8 KB)
📄 ypldap(93.28 KB)
📄 yppoll(7.91 KB)
📄 yppush(23.81 KB)
📄 ypserv(43.55 KB)
📄 ypset(7.36 KB)
📄 zdb(164.94 KB)
📄 zdump(13.48 KB)
📄 zfsd(102.01 KB)
📄 zhack(16.02 KB)
📄 zic(42.48 KB)
📄 zonectl(13.94 KB)
📄 zzz(1.23 KB)

Editing: certctl

#!/bin/sh
#-
# SPDX-License-Identifier: BSD-2-Clause-FreeBSD
#
# Copyright 2018 Allan Jude <allanjude@freebsd.org>
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted providing that the following conditions 
# are met:
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#
# $FreeBSD$

############################################################ CONFIGURATION

: ${DESTDIR:=}
: ${FILEPAT:="\.pem$|\.crt$|\.cer$|\.crl$"}
: ${VERBOSE:=0}

############################################################ GLOBALS

SCRIPTNAME="${0##*/}"
ERRORS=0
NOOP=0
UNPRIV=0

############################################################ FUNCTIONS

do_hash()
{
	local hash

if hash=$( openssl x509 -noout -subject_hash -in "$1" ); then
		echo "$hash"
		return 0
	else
		echo "Error: $1" >&2
		ERRORS=$(( $ERRORS + 1 ))
		return 1
	fi
}

get_decimal()
{
	local checkdir hash decimal

checkdir=$1
	hash=$2
	decimal=0

while [ -e "$checkdir/$hash.$decimal" ]; do
		decimal=$((decimal + 1))
	done

echo ${decimal}
	return 0
}

create_trusted_link()
{
	local blisthash certhash hash
	local suffix

hash=$( do_hash "$1" ) || return
	certhash=$( openssl x509 -sha1 -in "$1" -noout -fingerprint )
	for blistfile in $(find $BLACKLISTDESTDIR -name "$hash.*"); do
		blisthash=$( openssl x509 -sha1 -in "$blistfile" -noout -fingerprint )
		if [ "$certhash" = "$blisthash" ]; then
			echo "Skipping blacklisted certificate $1 ($blistfile)"
			return 1
		fi
	done
	suffix=$(get_decimal "$CERTDESTDIR" "$hash")
	[ $VERBOSE -gt 0 ] && echo "Adding $hash.$suffix to trust store"
	[ $NOOP -eq 0 ] && \
		install ${INSTALLFLAGS} -lrs $(realpath "$1") "$CERTDESTDIR/$hash.$suffix"
}

# Accepts either dot-hash form from `certctl list` or a path to a valid cert.
resolve_certname()
{
	local hash srcfile filename
	local suffix

# If it exists as a file, we'll try that; otherwise, we'll scan
	if [ -e "$1" ]; then
		hash=$( do_hash "$1" ) || return
		srcfile=$(realpath "$1")
		suffix=$(get_decimal "$BLACKLISTDESTDIR" "$hash")
		filename="$hash.$suffix"
		echo "$srcfile" "$hash.$suffix"
	elif [ -e "${CERTDESTDIR}/$1" ];  then
		srcfile=$(realpath "${CERTDESTDIR}/$1")
		hash=$(echo "$1" | sed -Ee 's/\.([0-9])+$//')
		suffix=$(get_decimal "$BLACKLISTDESTDIR" "$hash")
		filename="$hash.$suffix"
		echo "$srcfile" "$hash.$suffix"
	fi
}

create_blacklisted()
{
	local srcfile filename

set -- $(resolve_certname "$1")
	srcfile=$1
	filename=$2

if [ -z "$srcfile" -o -z "$filename" ]; then
		return
	fi

[ $VERBOSE -gt 0 ] && echo "Adding $filename to blacklist"
	[ $NOOP -eq 0 ] && install ${INSTALLFLAGS} -lrs "$srcfile" "$BLACKLISTDESTDIR/$filename"
}

do_scan()
{
	local CFUNC CSEARCH CPATH CFILE
	local oldIFS="$IFS"
	CFUNC="$1"
	CSEARCH="$2"

IFS=:
	set -- $CSEARCH
	IFS="$oldIFS"
	for CPATH in "$@"; do
		[ -d "$CPATH" ] || continue
		echo "Scanning $CPATH for certificates..."
		for CFILE in $(ls -1 "${CPATH}" | grep -Ee "${FILEPAT}"); do
			[ -e "$CPATH/$CFILE" ] || continue
			[ $VERBOSE -gt 0 ] && echo "Reading $CFILE"
			"$CFUNC" "$CPATH/$CFILE"
		done
	done
}

do_list()
{
	local CFILE subject

if [ -e "$1" ]; then
		cd "$1"
		for CFILE in *.[0-9]; do
			if [ ! -s "$CFILE" ]; then
				echo "Unable to read $CFILE" >&2
				ERRORS=$(( $ERRORS + 1 ))
				continue
			fi
			subject=
			if [ $VERBOSE -eq 0 ]; then
				subject=$( openssl x509 -noout -subject -nameopt multiline -in "$CFILE" |
				    sed -n '/commonName/s/.*= //p' )
			fi
			[ "$subject" ] ||
			    subject=$( openssl x509 -noout -subject -in "$CFILE" )
			printf "%s\t%s\n" "$CFILE" "$subject"
		done
		cd -
	fi
}

cmd_rehash()
{

if [ $NOOP -eq 0 ]; then
		if [ -e "$CERTDESTDIR" ]; then
			find "$CERTDESTDIR" -type link -delete
		else
			mkdir -p "$CERTDESTDIR"
		fi
		if [ -e "$BLACKLISTDESTDIR" ]; then
			find "$BLACKLISTDESTDIR" -type link -delete
		else
			mkdir -p "$BLACKLISTDESTDIR"
		fi
	fi

do_scan create_blacklisted "$BLACKLISTPATH"
	do_scan create_trusted_link "$TRUSTPATH"
}

cmd_list()
{
	echo "Listing Trusted Certificates:"
	do_list "$CERTDESTDIR"
}

cmd_blacklist()
{
	local BPATH

shift # verb
	[ $NOOP -eq 0 ] && mkdir -p "$BLACKLISTDESTDIR"
	for BFILE in "$@"; do
		echo "Adding $BFILE to blacklist"
		create_blacklisted "$BFILE"
	done
}

cmd_unblacklist()
{
	local BFILE blisthash certhash hash

shift # verb
	for BFILE in "$@"; do
		if [ -s "$BFILE" ]; then
			hash=$( do_hash "$BFILE" )
			certhash=$( openssl x509 -sha1 -in "$BFILE" -noout -fingerprint )
			for BLISTEDFILE in $(find $BLACKLISTDESTDIR -name "$hash.*"); do
				blisthash=$( openssl x509 -sha1 -in "$BLISTEDFILE" -noout -fingerprint )
				if [ "$certhash" = "$blisthash" ]; then
					echo "Removing $(basename "$BLISTEDFILE") from blacklist"
					[ $NOOP -eq 0 ] && rm -f $BLISTEDFILE
				fi
			done
		elif [ -e "$BLACKLISTDESTDIR/$BFILE" ]; then
			echo "Removing $BFILE from blacklist"
			[ $NOOP -eq 0 ] && rm -f "$BLACKLISTDESTDIR/$BFILE"
		else
			echo "Cannot find $BFILE" >&2
			ERRORS=$(( $ERRORS + 1 ))
		fi
	done
}

cmd_blacklisted()
{
	echo "Listing Blacklisted Certificates:"
	do_list "$BLACKLISTDESTDIR"
}

usage()
{
	exec >&2
	echo "Manage the TLS trusted certificates on the system"
	echo "	$SCRIPTNAME [-v] list"
	echo "		List trusted certificates"
	echo "	$SCRIPTNAME [-v] blacklisted"
	echo "		List blacklisted certificates"
	echo "	$SCRIPTNAME [-nUv] [-D <destdir>] [-M <metalog>] rehash"
	echo "		Generate hash links for all certificates"
	echo "	$SCRIPTNAME [-nv] blacklist <file>"
	echo "		Add <file> to the list of blacklisted certificates"
	echo "	$SCRIPTNAME [-nv] unblacklist <file>"
	echo "		Remove <file> from the list of blacklisted certificates"
	exit 64
}

############################################################ MAIN

while getopts D:M:nUv flag; do
	case "$flag" in
	D) DESTDIR=${OPTARG} ;;
	M) METALOG=${OPTARG} ;;
	n) NOOP=1 ;;
	U) UNPRIV=1 ;;
	v) VERBOSE=$(( $VERBOSE + 1 )) ;;
	esac
done
shift $(( $OPTIND - 1 ))

: ${METALOG:=${DESTDIR}/METALOG}
INSTALLFLAGS=
[ $UNPRIV -eq 1 ] && INSTALLFLAGS="-U -M ${METALOG} -D ${DESTDIR}"
: ${LOCALBASE:=$(sysctl -n user.localbase)}
: ${TRUSTPATH:=${DESTDIR}/usr/share/certs/trusted:${DESTDIR}${LOCALBASE}/share/certs:${DESTDIR}${LOCALBASE}/etc/ssl/certs}
: ${BLACKLISTPATH:=${DESTDIR}/usr/share/certs/blacklisted:${DESTDIR}${LOCALBASE}/etc/ssl/blacklisted}
: ${CERTDESTDIR:=${DESTDIR}/etc/ssl/certs}
: ${BLACKLISTDESTDIR:=${DESTDIR}/etc/ssl/blacklisted}

[ $# -gt 0 ] || usage
case "$1" in
list)		cmd_list ;;
rehash)		cmd_rehash ;;
blacklist)	cmd_blacklist "$@" ;;
unblacklist)	cmd_unblacklist "$@" ;;
blacklisted)	cmd_blacklisted ;;
*)		usage # NOTREACHED
esac

retval=$?
[ $ERRORS -gt 0 ] && echo "Encountered $ERRORS errors" >&2
exit $retval

################################################################################
# END
################################################################################

003 File Manager

Editing: certctl

Upload File

Create Folder