est_client: reduce number of flash writes

Signed-off-by: John Crispin <john@phrozen.org>

feeds/tip/cloud_discovery/files/usr/bin/est_client

@@ -5,6 +5,8 @@
 import { ulog_open, ulog, ULOG_SYSLOG, ULOG_STDIO, LOG_DAEMON, LOG_INFO } from 'log';
 import * as fs from 'fs';
 
+let store_operational_pem = false;
+let store_operational_ca = false;
 
 ulog_open(ULOG_SYSLOG | ULOG_STDIO, LOG_DAEMON, "est_client");
 
@@ -42,7 +44,6 @@ function generate_csr(cert) {
 function store_operational_cert(path, target) {
 	system('mount_certs');
 	system(`cp ${path} /certificates/${target}`);
-	system('store_certs');
 
 	ulog(LOG_INFO, `Persistently stored ${target}\n`);
 }
@@ -90,7 +91,7 @@ function simpleenroll() {
 		return 1; 
 	
 	ulog(LOG_INFO, 'Operational cert acquired\n');
-	store_operational_cert('/etc/ucentral/operational.pem', 'operational.pem');
+	store_operational_pem = true;
 	return 0;
 }
 
@@ -105,6 +106,7 @@ function simplereenroll() {
 	
 	ulog(LOG_INFO, 'Operational cert updated\n');
 	store_operational_cert('/tmp/operational.pem', 'operational.pem');
+	system('store_certs');
 
 	return 0;
 }
@@ -123,7 +125,7 @@ function load_operational_ca() {
 	}
 	system('cat /etc/ucentral/openlan.pem >> /etc/ucentral/operational.ca');
 	ulog(LOG_INFO, 'Acquired CA\n');
-	store_operational_cert('/etc/ucentral/operational.ca', 'operational.ca');
+	store_operational_ca = true;
 	return 0;
 }
 
@@ -154,13 +156,17 @@ function fwtool() {
 
 switch(ARGV[0]) {
 case 'enroll':
-	if (simpleenroll())
-		exit(1);
+	let ret = simpleenroll();
+	if (!ret)
+		ret = load_operational_ca();
+	if (store_operational_pem)
+		store_operational_cert('/etc/ucentral/operational.pem', 'operational.pem');
+	if (store_operational_ca)
+		store_operational_cert('/etc/ucentral/operational.ca', 'operational.ca');
+	if (store_operational_pem || store_operational_ca)
+		system('store_certs');
 
-	if (load_operational_ca())
-		exit(1);
-
-	exit(0);
+	exit(ret);
 
 case 'reenroll':
 	if (simplereenroll())