diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2019-06-22 10:38:43 +0200 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2019-06-22 10:38:43 +0200 |
commit | 3738d7795b0b1e70f568c73baefdcbca779352d0 (patch) | |
tree | 062bd8721c01290fcdcbdd3c926d85f96f1dc332 /src/gns/gnunet-gns-proxy-setup-ca.in | |
parent | 50de5483528687312e90f29178f716c9d868d55c (diff) | |
download | gnunet-3738d7795b0b1e70f568c73baefdcbca779352d0.tar.gz gnunet-3738d7795b0b1e70f568c73baefdcbca779352d0.zip |
#5675: Also detect openssl again
Diffstat (limited to 'src/gns/gnunet-gns-proxy-setup-ca.in')
-rw-r--r-- | src/gns/gnunet-gns-proxy-setup-ca.in | 35 |
1 files changed, 26 insertions, 9 deletions
diff --git a/src/gns/gnunet-gns-proxy-setup-ca.in b/src/gns/gnunet-gns-proxy-setup-ca.in index 931971cb0..d0c4b8773 100644 --- a/src/gns/gnunet-gns-proxy-setup-ca.in +++ b/src/gns/gnunet-gns-proxy-setup-ca.in | |||
@@ -134,15 +134,24 @@ generate_ca() | |||
134 | # ------------- openssl | 134 | # ------------- openssl |
135 | 135 | ||
136 | GNUTLS_CA_TEMPLATE=@pkgdatadir@/gnunet-gns-proxy-ca.template | 136 | GNUTLS_CA_TEMPLATE=@pkgdatadir@/gnunet-gns-proxy-ca.template |
137 | OPENSSLCFG=@pkgdatadir@/openssl.cnf | ||
137 | CERTTOOL="" | 138 | CERTTOOL="" |
139 | OPENSSL=0 | ||
138 | if test -z "`gnutls-certtool --version`" > /dev/null | 140 | if test -z "`gnutls-certtool --version`" > /dev/null |
139 | then | 141 | then |
140 | if test -z "`certtool --versionn`" > /dev/null | 142 | #TODO sometimes certtools is gnutls, sometimes openssl :/ |
143 | if test -z "`certtool --version | grep gnutls`" > /dev/null | ||
141 | then | 144 | then |
142 | warningmsg "'gnutls-certtool' or 'certtool' command not found. Please install it." | 145 | warningmsg "'gnutls-certtool' or 'certtool' command not found. Trying openssl." |
143 | infomsg "Cleaning up." | 146 | if test -z "`openssl version`" > /dev/null |
144 | rm -f $GNSCAKY $GNSCERT | 147 | then |
145 | exit 1 | 148 | $OPENSSL=1 |
149 | else | ||
150 | warningmsg "Install either gnutls certtool or openssl for certificate generation!" | ||
151 | infomsg "Cleaning up." | ||
152 | rm -f $GNSCAKY $GNSCERT | ||
153 | exit 1 | ||
154 | fi | ||
146 | fi | 155 | fi |
147 | CERTTOOL="certtool" | 156 | CERTTOOL="certtool" |
148 | else | 157 | else |
@@ -156,10 +165,18 @@ generate_ca() | |||
156 | GNS_CA_CERT_PEM=`gnunet-config ${GNUNET_CONFIG} -s gns-proxy -o PROXY_CACERT -f ${options}` | 165 | GNS_CA_CERT_PEM=`gnunet-config ${GNUNET_CONFIG} -s gns-proxy -o PROXY_CACERT -f ${options}` |
157 | mkdir -p `dirname $GNS_CA_CERT_PEM` | 166 | mkdir -p `dirname $GNS_CA_CERT_PEM` |
158 | 167 | ||
159 | $CERTTOOL --generate-privkey --outfile $GNSCAKY | 168 | if test 1 -eq $OPENSSL |
160 | $CERTTOOL --template $GNUTLS_CA_TEMPLATE --generate-self-signed --load-privkey $GNSCAKY --outfile $GNSCERT | 169 | then |
161 | infomsg "Making private key available to gnunet-gns-proxy" | 170 | openssl req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System" |
162 | cat $GNSCERT $GNSCAKY > $GNS_CA_CERT_PEM | 171 | infomsg "Removing passphrase from key" |
172 | openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO | ||
173 | cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM | ||
174 | else | ||
175 | $CERTTOOL --generate-privkey --outfile $GNSCAKY | ||
176 | $CERTTOOL --template $GNUTLS_CA_TEMPLATE --generate-self-signed --load-privkey $GNSCAKY --outfile $GNSCERT | ||
177 | infomsg "Making private key available to gnunet-gns-proxy" | ||
178 | cat $GNSCERT $GNSCAKY > $GNS_CA_CERT_PEM | ||
179 | fi | ||
163 | } | 180 | } |
164 | 181 | ||
165 | importbrowsers() | 182 | importbrowsers() |