summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSchanzenbach, Martin <mschanzenbach@posteo.de>2019-06-22 10:38:43 +0200
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2019-06-22 10:38:43 +0200
commit3738d7795b0b1e70f568c73baefdcbca779352d0 (patch)
tree062bd8721c01290fcdcbdd3c926d85f96f1dc332
parent50de5483528687312e90f29178f716c9d868d55c (diff)
#5675: Also detect openssl again
-rw-r--r--src/gns/gnunet-gns-proxy-setup-ca.in35
1 files changed, 26 insertions, 9 deletions
diff --git a/src/gns/gnunet-gns-proxy-setup-ca.in b/src/gns/gnunet-gns-proxy-setup-ca.in
index 931971cb0..d0c4b8773 100644
--- a/src/gns/gnunet-gns-proxy-setup-ca.in
+++ b/src/gns/gnunet-gns-proxy-setup-ca.in
@@ -134,15 +134,24 @@ generate_ca()
# ------------- openssl
GNUTLS_CA_TEMPLATE=@pkgdatadir@/gnunet-gns-proxy-ca.template
+ OPENSSLCFG=@pkgdatadir@/openssl.cnf
CERTTOOL=""
+ OPENSSL=0
if test -z "`gnutls-certtool --version`" > /dev/null
then
- if test -z "`certtool --versionn`" > /dev/null
+ #TODO sometimes certtools is gnutls, sometimes openssl :/
+ if test -z "`certtool --version | grep gnutls`" > /dev/null
then
- warningmsg "'gnutls-certtool' or 'certtool' command not found. Please install it."
- infomsg "Cleaning up."
- rm -f $GNSCAKY $GNSCERT
- exit 1
+ warningmsg "'gnutls-certtool' or 'certtool' command not found. Trying openssl."
+ if test -z "`openssl version`" > /dev/null
+ then
+ $OPENSSL=1
+ else
+ warningmsg "Install either gnutls certtool or openssl for certificate generation!"
+ infomsg "Cleaning up."
+ rm -f $GNSCAKY $GNSCERT
+ exit 1
+ fi
fi
CERTTOOL="certtool"
else
@@ -156,10 +165,18 @@ generate_ca()
GNS_CA_CERT_PEM=`gnunet-config ${GNUNET_CONFIG} -s gns-proxy -o PROXY_CACERT -f ${options}`
mkdir -p `dirname $GNS_CA_CERT_PEM`
- $CERTTOOL --generate-privkey --outfile $GNSCAKY
- $CERTTOOL --template $GNUTLS_CA_TEMPLATE --generate-self-signed --load-privkey $GNSCAKY --outfile $GNSCERT
- infomsg "Making private key available to gnunet-gns-proxy"
- cat $GNSCERT $GNSCAKY > $GNS_CA_CERT_PEM
+ if test 1 -eq $OPENSSL
+ then
+ openssl req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"
+ infomsg "Removing passphrase from key"
+ openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO
+ cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM
+ else
+ $CERTTOOL --generate-privkey --outfile $GNSCAKY
+ $CERTTOOL --template $GNUTLS_CA_TEMPLATE --generate-self-signed --load-privkey $GNSCAKY --outfile $GNSCERT
+ infomsg "Making private key available to gnunet-gns-proxy"
+ cat $GNSCERT $GNSCAKY > $GNS_CA_CERT_PEM
+ fi
}
importbrowsers()