1 | # |
---|
2 | # ESG Download script wraps wget call with settings for ESG Security |
---|
3 | # |
---|
4 | # @author P J Kershaw 28/07/2010 |
---|
5 | # |
---|
6 | # @copyright: (C) 2010 STFC |
---|
7 | # |
---|
8 | # @license: BSD - See top-level LICENCE file for licence details |
---|
9 | # |
---|
10 | # $Id$ |
---|
11 | cmdname=$(basename $0) |
---|
12 | cmdline_opt=`getopt -o hO: --long help,output-document:,certificate:,private-key:,ca-directory:,save-cookies:: -n "$cmdname" -- "$@"` |
---|
13 | |
---|
14 | esgDotDir=$HOME/.esg |
---|
15 | defaultCertFile=$esgDotDir/credentials.pem |
---|
16 | defaultPrivateKeyFile=$esgDotDir/credentials.pem |
---|
17 | defaultCaDir=$esgDotDir/certificates |
---|
18 | defaultCookieFile=$esgDotDir/cookies.txt |
---|
19 | usage="Usage: $cmdname <data download URI> <options ...>\n |
---|
20 | \n |
---|
21 | Script for Earth System Grid data download.\n\n |
---|
22 | |
---|
23 | Options\n |
---|
24 | -h | --help\t\t\t\tDisplays usage\n |
---|
25 | -O | --output-document\t<filepath>\tLocation of output file (defaults to\n |
---|
26 | \t\t\t\t\tappropriate file name based on requested\n |
---|
27 | \t\t\t\t\tURI\n |
---|
28 | --certificate\t<certificate file>\tSSL certificate to authenticate with\n |
---|
29 | \t\t\t\t\t(PEM format).\n |
---|
30 | \t\t\t\t\tDefaults to X509_USER_PROXY or\n |
---|
31 | \t\t\t\t\tX509_USER_CERT if set, otherwise to\n |
---|
32 | \t\t\t\t\t$defaultCertFile. If\n |
---|
33 | \t\t\t\t\tusing X509_USER_PROXY,\n |
---|
34 | \t\t\t\t\tit must point to a file containing the\n |
---|
35 | \t\t\t\t\tconcatenated certificate and private\n |
---|
36 | \t\t\t\t\tkey files.\n |
---|
37 | --private-key\t<private key file>\tfile containing private key for SSL\n |
---|
38 | \t\t\t\t\tauthentication (PEM format) Defaults to\n |
---|
39 | \t\t\t\t\tX509_USER_PROXY or X509_USER_KEY if set,\n |
---|
40 | \t\t\t\t\totherwise to\n |
---|
41 | \t\t\t\t\t$defaultPrivateKeyFile.\n |
---|
42 | --ca-directory\t<directory path>\tDirectory containing the trusted\n |
---|
43 | \t\t\t\t\tCA (Certificate Authority) certificates\n |
---|
44 | \t\t\t\t\tused to verify the identity of the\n |
---|
45 | \t\t\t\t\tserver (defaults to \n |
---|
46 | \t\t\t\t\t$defaultCaDir or may\n |
---|
47 | \t\t\t\t\tbe set from the X509_CERT_DIR\n |
---|
48 | \t\t\t\t\tenvironment variable). The CA files can\n |
---|
49 | \t\t\t\t\tbe obtained by a call to MyProxy logon\n |
---|
50 | \t\t\t\t\tsaving 'trust roots' to the selected CA\n |
---|
51 | \t\t\t\t\tdirectory.\n |
---|
52 | --save-cookies\t<cookie file>\t\tSave cookies to this file. The default\n |
---|
53 | \t\t\t\t\tlocation is\n |
---|
54 | \t\t\t\t\t$defaultCookieFile. |
---|
55 | " |
---|
56 | |
---|
57 | if [ $? != 0 ] ; then |
---|
58 | echo -e $usage >&2 ; |
---|
59 | exit 1 ; |
---|
60 | fi |
---|
61 | |
---|
62 | eval set -- "$cmdline_opt" |
---|
63 | |
---|
64 | while true ; do |
---|
65 | case "$1" in |
---|
66 | -h|--help) echo -e $usage ; exit 0 ;; |
---|
67 | --certificate) certFile=$2 ; shift 2 ;; |
---|
68 | --private-key) privateKeyFile=$2 ; shift 2 ;; |
---|
69 | --ca-directory) caDir=$2 ; shift 2 ;; |
---|
70 | -O|--output-document) outputFile=$2 ; shift 2 ;; |
---|
71 | --save-cookies) cookieFile=$2 ; shift 2 ;; |
---|
72 | --) uri=$2 ; shift 1 ; break ;; |
---|
73 | *) echo "Error parsing command line" ; exit 1 ;; |
---|
74 | esac |
---|
75 | done |
---|
76 | |
---|
77 | if [ -z $uri ]; then |
---|
78 | echo "Error: missing download URI." >&2 ; |
---|
79 | echo -e $usage >&2 ; |
---|
80 | exit 1 ; |
---|
81 | fi |
---|
82 | |
---|
83 | # Set up default ESG config directory |
---|
84 | if [ ! -d $esgDotDir ]; then |
---|
85 | mkdir $esgDotDir ; |
---|
86 | fi |
---|
87 | |
---|
88 | # Set-up trust root |
---|
89 | if [ -z $caDir ]; then |
---|
90 | if [ ${X509_CERT_DIR} ]; then |
---|
91 | caDir=${X509_CERT_DIR} |
---|
92 | else |
---|
93 | caDir=$defaultCaDir |
---|
94 | fi |
---|
95 | fi |
---|
96 | |
---|
97 | # Set-up client certificate and private key |
---|
98 | if [ -z $certFile ]; then |
---|
99 | if [ ${X509_USER_PROXY} ]; then |
---|
100 | # This environment variable setting means both cert and key are |
---|
101 | # concatenated together in the same file |
---|
102 | certFile=${X509_USER_PROXY} |
---|
103 | privateKeyFile=${X509_USER_PROXY} |
---|
104 | |
---|
105 | elif [ ${X509_USER_CERT} ]; then |
---|
106 | certFile=${X509_USER_CERT} |
---|
107 | else |
---|
108 | certFile=$defaultCertFile |
---|
109 | fi |
---|
110 | |
---|
111 | # No check for cert not set because this is a valid condition if the data |
---|
112 | # requested is not secured. |
---|
113 | fi |
---|
114 | |
---|
115 | if [ -z $privateKeyFile ]; then |
---|
116 | if [ ${X509_USER_KEY} ]; then |
---|
117 | privateKeyFile=${X509_USER_KEY} |
---|
118 | else |
---|
119 | privateKeyFile=$defaultPrivateKeyFile |
---|
120 | fi |
---|
121 | |
---|
122 | # No check for key not set because this is a valid condition if the data |
---|
123 | # requested is not secured |
---|
124 | fi |
---|
125 | |
---|
126 | # Set-up the cookie file path |
---|
127 | if [ -z $cookieFile ]; then |
---|
128 | cookieFile=$defaultCookieFile |
---|
129 | fi |
---|
130 | |
---|
131 | if [ $outputFile ]; then |
---|
132 | outputFileSetting=--output-document=$outputFile |
---|
133 | else |
---|
134 | outputFileSetting= |
---|
135 | fi |
---|
136 | |
---|
137 | # Make the call |
---|
138 | wget \ |
---|
139 | --ca-directory=$caDir \ |
---|
140 | --certificate=$certFile \ |
---|
141 | --private-key=$privateKeyFile \ |
---|
142 | --keep-session-cookies \ |
---|
143 | --save-cookies=$cookieFile \ |
---|
144 | --cookies=on \ |
---|
145 | --no-cache \ |
---|
146 | $outputFileSetting \ |
---|
147 | $uri |
---|