fix script to use file names from configuration and support -c option

author: Christian Grothoff <christian@grothoff.org> 2013-10-09 08:29:10 +0000
committer: Christian Grothoff <christian@grothoff.org> 2013-10-09 08:29:10 +0000
commit: 637359c6d1883cdd3d3132027b4a3418995859c2 (patch)
tree: 92ecb49a12a92345009c8b6ca314db2ff08e7038
parent: b1401f65b7b0f6df6b587d80408457f863d8f78e (diff)
download: gnunet-637359c6d1883cdd3d3132027b4a3418995859c2.tar.gz
gnunet-637359c6d1883cdd3d3132027b4a3418995859c2.zip
1 files changed, 33 insertions, 10 deletions
diff --git a/src/gns/gnunet-gns-proxy-setup-ca b/src/gns/gnunet-gns-proxy-setup-ca
index 431088534..1a659068a 100644
--- a/src/gns/gnunet-gns-proxy-setup-ca
+++ b/src/gns/gnunet-gns-proxy-setup-ca
@@ -1,32 +1,55 @@
 #!/bin/sh
+# This shell script will generate an X509 certificate for your gnunet-gns-proxy
+# and install it (for both GNUnet and your browser).
+#
 echo "Generating CA"
-openssl req -new -x509 -days 3650 -extensions v3_ca -keyout gnscakey.pem -out gnscacert.pem -subj "/C=TNR/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"
+options=''
+while getopts "c:" opt; do
+  case $opt in
+    c)
+      options+="-c $OPTARG"
+      ;;
+    \?)
+      echo "Invalid option: -$OPTARG" >&2
+      exit 1
+      ;;
+    :)
+      echo "Option -$OPTARG requires an argument." >&2
+      exit 1
+      ;;
+  esac
+done
+GNSCERT=`mktemp /tmp/gnscertXXXXXX.pem`
+GNSCAKY=`mktemp /tmp/gnscakeyXXXXXX.pem`
+GNSCANO=`mktemp /tmp/gnscakeynoencXXXXXX.pem`
+GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options`
+openssl req -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=TNR/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"
 echo "Removing passphrase from key"
-openssl rsa -passin pass:"GNU Name System" -in gnscakey.pem -out gnscakeynoenc.pem
+openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO
-cp gnscacert.pem $HOME/.gnunet/gns/gnscert.pem
+cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM
-cat gnscacert.pem > $HOME/.gnunet/gns/gnsCAcert.pem
-cat gnscakeynoenc.pem >> $HOME/.gnunet/gns/gnsCAcert.pem
 echo "Importing CA into browsers"
 for f in ~/.mozilla/firefox/*.default
 do
  if [ -d $f ]; then
-    echo "Importing CA info firefox $f"
+    echo "Importing CA info Firefox $f"
    certutil -D -n "GNS Proxy CA" -d ~/.mozilla/firefox/*.default >/dev/null 2&>1
-    certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.mozilla/firefox/*.default < gnscacert.pem
+    certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.mozilla/firefox/*.default < $GNSCERT
  fi
 done
 if [ -d ~/.pki/nssdb ]; then
-  echo "Importing CA into chrome"
+  echo "Importing CA into Chrome"
  certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb >/dev/null 2&>1
-  certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb < gnscacert.pem
+  certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb < $GNSCERT
 fi
-rm gnscakey.pem gnscakeynoenc.pem gnscacert.pem
+rm $GNSCAKY $GNSCANO $GNSCERT
 echo "You can now start gnunet-gns-proxy and configure your browser to use a SOCKS proxy on port 7777"
author	Christian Grothoff <christian@grothoff.org>	2013-10-09 08:29:10 +0000
committer	Christian Grothoff <christian@grothoff.org>	2013-10-09 08:29:10 +0000
commit	637359c6d1883cdd3d3132027b4a3418995859c2 (patch)
tree	92ecb49a12a92345009c8b6ca314db2ff08e7038
parent	b1401f65b7b0f6df6b587d80408457f863d8f78e (diff)
download	gnunet-637359c6d1883cdd3d3132027b4a3418995859c2.tar.gz gnunet-637359c6d1883cdd3d3132027b4a3418995859c2.zip