diff options
author | ng0 <ng0@n0.is> | 2019-02-19 12:40:36 +0000 |
---|---|---|
committer | ng0 <ng0@n0.is> | 2019-02-19 12:40:36 +0000 |
commit | 2f9e78d0db73fa953f4f542f3fbc9ddf2c9e260f (patch) | |
tree | f700ff67202a249d5c121a9f78f64531e6e0406c /src/gns/gnunet-gns-proxy-setup-ca.in | |
parent | b9e95f034c7d2e059340c5d282933c102e834c71 (diff) | |
download | gnunet-2f9e78d0db73fa953f4f542f3fbc9ddf2c9e260f.tar.gz gnunet-2f9e78d0db73fa953f4f542f3fbc9ddf2c9e260f.zip |
gnunet-gns-proxy-setup-ca: conditionally sed openssl and certutil location,
use variable for locations, check for openssl and certutil in configure
phase.
Diffstat (limited to 'src/gns/gnunet-gns-proxy-setup-ca.in')
-rw-r--r-- | src/gns/gnunet-gns-proxy-setup-ca.in | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/src/gns/gnunet-gns-proxy-setup-ca.in b/src/gns/gnunet-gns-proxy-setup-ca.in index d3753b074..cd3be5cea 100644 --- a/src/gns/gnunet-gns-proxy-setup-ca.in +++ b/src/gns/gnunet-gns-proxy-setup-ca.in | |||
@@ -11,6 +11,8 @@ then | |||
11 | exit 1 | 11 | exit 1 |
12 | fi | 12 | fi |
13 | 13 | ||
14 | OPENSSLBIN=@OPENSSL@ | ||
15 | CERTUTILBIN=@CERTUTIL@ | ||
14 | 16 | ||
15 | echo "Generating CA" | 17 | echo "Generating CA" |
16 | options='' | 18 | options='' |
@@ -36,17 +38,18 @@ GNSCANO=`mktemp /tmp/gnscakeynoencXXXXXX.pem` | |||
36 | GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options` | 38 | GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options` |
37 | mkdir -p `dirname $GNS_CA_CERT_PEM` | 39 | mkdir -p `dirname $GNS_CA_CERT_PEM` |
38 | 40 | ||
39 | openssl req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System" | 41 | OPENSSLBIN req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System" |
40 | 42 | ||
41 | echo "Removing passphrase from key" | 43 | echo "Removing passphrase from key" |
42 | openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO | 44 | OPENSSLBIN rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO |
43 | 45 | ||
44 | echo "Making private key available to gnunet-gns-proxy" | 46 | echo "Making private key available to gnunet-gns-proxy" |
45 | cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM | 47 | cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM |
46 | 48 | ||
47 | if ! which certutil > /dev/null | 49 | if ! which certutil > /dev/null |
48 | then | 50 | then |
49 | echo "'certutil' command not found. Not importing into browsers." | 51 | echo "The 'certutil' command was not found. Not importing into browsers." |
52 | echo "For 'certutil' install nss." | ||
50 | else | 53 | else |
51 | echo "Importing CA into browsers" | 54 | echo "Importing CA into browsers" |
52 | for f in ~/.mozilla/firefox/*.*/ | 55 | for f in ~/.mozilla/firefox/*.*/ |
@@ -54,18 +57,18 @@ else | |||
54 | if [ -d $f ]; then | 57 | if [ -d $f ]; then |
55 | echo "Importing CA info Firefox at $f" | 58 | echo "Importing CA info Firefox at $f" |
56 | # delete old certificate (if any) | 59 | # delete old certificate (if any) |
57 | certutil -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null | 60 | @CERTUTILBIN@ -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null |
58 | # add new certificate | 61 | # add new certificate |
59 | certutil -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT | 62 | @CERTUTILBIN@ -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT |
60 | fi | 63 | fi |
61 | done | 64 | done |
62 | 65 | ||
63 | if [ -d ~/.pki/nssdb/ ]; then | 66 | if [ -d ~/.pki/nssdb/ ]; then |
64 | echo "Importing CA into Chrome at ~/.pki/nssdb/" | 67 | echo "Importing CA into Chrome at ~/.pki/nssdb/" |
65 | # delete old certificate (if any) | 68 | # delete old certificate (if any) |
66 | certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null | 69 | @CERTUTILBIN@ -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null |
67 | # add new certificate | 70 | # add new certificate |
68 | certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT | 71 | @CERTUTILBIN@ -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT |
69 | fi | 72 | fi |
70 | fi | 73 | fi |
71 | 74 | ||