#!/bin/sh

. /lib/functions.sh
count=0
complete=0
enroll() {
        configname="$1"
        config_get name "$configname" name
        if [ ! -f /etc/scep/${name}/${name}.pem ]; then
                count=$((count+1))
                logger -t "scep" "enrolling $configname"
                /sbin/scep Enroll $configname
                if [ -f /etc/scep/${scep}/${name}.pem ]; then
                        complete=$((complete+1))
                fi
        fi
}

mkdir -p /etc/scep
while true
do
        count=0
        config_load scep
        config_foreach enroll scep    

        if [ $count -eq 0 ]; then
                break
        elif [ $complete -ne 0 ]; then
                ipsec restart
        fi
        sleep 300
done
