fix #5675

author: Schanzenbach, Martin <mschanzenbach@posteo.de> 2019-06-21 22:48:27 +0200
committer: Schanzenbach, Martin <mschanzenbach@posteo.de> 2019-06-21 22:48:27 +0200
commit: 91795c6f87a88ed1c1cd893dd926d823c197b647 (patch)
tree: af6a5fd131a755543de0eb0411514c9094efaf9e /src/gns/gnunet-gns-proxy-setup-ca.in
parent: 32eec25228bec91318c577d18fe2ce3ff4d45598 (diff)
download: gnunet-91795c6f87a88ed1c1cd893dd926d823c197b647.tar.gz
gnunet-91795c6f87a88ed1c1cd893dd926d823c197b647.zip
1 files changed, 14 insertions, 10 deletions
diff --git a/src/gns/gnunet-gns-proxy-setup-ca.in b/src/gns/gnunet-gns-proxy-setup-ca.in
index cd5d8c70f..931971cb0 100644
--- a/src/gns/gnunet-gns-proxy-setup-ca.in
+++ b/src/gns/gnunet-gns-proxy-setup-ca.in
@@ -133,13 +133,20 @@ generate_ca()
    # ------------- openssl
-    OPENSSLCFG=@pkgdatadir@/openssl.cnf
+    GNUTLS_CA_TEMPLATE=@pkgdatadir@/gnunet-gns-proxy-ca.template
-    if test -z "`openssl version`" > /dev/null
+    CERTTOOL=""
+    if test -z "`gnutls-certtool --version`" > /dev/null
    then
-        warningmsg "'openssl' command not found. Please install it."
+      if test -z "`certtool --versionn`" > /dev/null
+      then
+        warningmsg "'gnutls-certtool' or 'certtool' command not found. Please install it."
        infomsg    "Cleaning up."
-        rm -f $GNSCAKY $GNSCANO $GNSCERT
+        rm -f $GNSCAKY $GNSCERT
        exit 1
+      fi
+      CERTTOOL="certtool"
+    else
+      CERTTOOL="gnutls-certtool"
    fi
    if [ -n "${GNUNET_CONFIG_FILE}" ]; then
        GNUNET_CONFIG="-c ${GNUNET_CONFIG_FILE}"
@@ -149,13 +156,10 @@ generate_ca()
    GNS_CA_CERT_PEM=`gnunet-config ${GNUNET_CONFIG} -s gns-proxy -o PROXY_CACERT -f ${options}`
    mkdir -p `dirname $GNS_CA_CERT_PEM`
-    openssl req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"
+    $CERTTOOL --generate-privkey --outfile $GNSCAKY
+    $CERTTOOL --template $GNUTLS_CA_TEMPLATE --generate-self-signed --load-privkey $GNSCAKY --outfile $GNSCERT
-    infomsg "Removing passphrase from key"
-    openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO
    infomsg "Making private key available to gnunet-gns-proxy"
-    cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM
+    cat $GNSCERT $GNSCAKY > $GNS_CA_CERT_PEM
 }
 importbrowsers()
author	Schanzenbach, Martin <mschanzenbach@posteo.de>	2019-06-21 22:48:27 +0200
committer	Schanzenbach, Martin <mschanzenbach@posteo.de>	2019-06-21 22:48:27 +0200
commit	91795c6f87a88ed1c1cd893dd926d823c197b647 (patch)
tree	af6a5fd131a755543de0eb0411514c9094efaf9e /src/gns/gnunet-gns-proxy-setup-ca.in
parent	32eec25228bec91318c577d18fe2ce3ff4d45598 (diff)
download	gnunet-91795c6f87a88ed1c1cd893dd926d823c197b647.tar.gz gnunet-91795c6f87a88ed1c1cd893dd926d823c197b647.zip

diff --git a/src/gns/gnunet-gns-proxy-setup-ca.in b/src/gns/gnunet-gns-proxy-setup-ca.in index cd5d8c70f..931971cb0 100644 --- a/src/gns/gnunet-gns-proxy-setup-ca.in +++ b/src/gns/gnunet-gns-proxy-setup-ca.in
@@ -133,13 +133,20 @@ generate_ca()
133		133
134	# ------------- openssl	134	# ------------- openssl
135		135
136	OPENSSLCFG=@pkgdatadir@/openssl.cnf	136	GNUTLS_CA_TEMPLATE=@pkgdatadir@/gnunet-gns-proxy-ca.template
137	if test -z "`openssl version`" > /dev/null	137	CERTTOOL=""
		138	if test -z "`gnutls-certtool --version`" > /dev/null
138	then	139	then
139	warningmsg "'openssl' command not found. Please install it."	140	if test -z "`certtool --versionn`" > /dev/null
		141	then
		142	warningmsg "'gnutls-certtool' or 'certtool' command not found. Please install it."
140	infomsg "Cleaning up."	143	infomsg "Cleaning up."
141	rm -f $GNSCAKY $GNSCANO $GNSCERT	144	rm -f $GNSCAKY $GNSCERT
142	exit 1	145	exit 1
		146	fi
		147	CERTTOOL="certtool"
		148	else
		149	CERTTOOL="gnutls-certtool"
143	fi	150	fi
144	if [ -n "${GNUNET_CONFIG_FILE}" ]; then	151	if [ -n "${GNUNET_CONFIG_FILE}" ]; then
145	GNUNET_CONFIG="-c ${GNUNET_CONFIG_FILE}"	152	GNUNET_CONFIG="-c ${GNUNET_CONFIG_FILE}"
@@ -149,13 +156,10 @@ generate_ca()
149	GNS_CA_CERT_PEM=`gnunet-config ${GNUNET_CONFIG} -s gns-proxy -o PROXY_CACERT -f ${options}`	156	GNS_CA_CERT_PEM=`gnunet-config ${GNUNET_CONFIG} -s gns-proxy -o PROXY_CACERT -f ${options}`
150	mkdir -p `dirname $GNS_CA_CERT_PEM`	157	mkdir -p `dirname $GNS_CA_CERT_PEM`
151		158
152	openssl req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"	159	$CERTTOOL --generate-privkey --outfile $GNSCAKY
153		160	$CERTTOOL --template $GNUTLS_CA_TEMPLATE --generate-self-signed --load-privkey $GNSCAKY --outfile $GNSCERT
154	infomsg "Removing passphrase from key"
155	openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO
156
157	infomsg "Making private key available to gnunet-gns-proxy"	161	infomsg "Making private key available to gnunet-gns-proxy"
158	cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM	162	cat $GNSCERT $GNSCAKY > $GNS_CA_CERT_PEM
159	}	163	}
160		164
161	importbrowsers()	165	importbrowsers()