diff options
| author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2019-01-25 20:52:55 +0100 |
|---|---|---|
| committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2019-01-25 20:52:55 +0100 |
| commit | 7f666b4467ae5f530e904675df3f28886f4202fa (patch) | |
| tree | 7bceb77a3b5de5fc8ec48bf8211d8bcd239f08fb /src/gns/gnunet-gns-proxy-setup-ca | |
| parent | 92d1fd704da83c27e9aac3d385b8dd6cf0c18a8a (diff) | |
| download | gnunet-7f666b4467ae5f530e904675df3f28886f4202fa.tar.gz gnunet-7f666b4467ae5f530e904675df3f28886f4202fa.zip | |
Fix #5514; Add test for GNS Proxy and DANE; Fix TLS connections on ports != 443 through proxy
Diffstat (limited to 'src/gns/gnunet-gns-proxy-setup-ca')
| -rw-r--r-- | src/gns/gnunet-gns-proxy-setup-ca | 45 |
1 files changed, 22 insertions, 23 deletions
diff --git a/src/gns/gnunet-gns-proxy-setup-ca b/src/gns/gnunet-gns-proxy-setup-ca index 52f4b012b..7c1d58dc2 100644 --- a/src/gns/gnunet-gns-proxy-setup-ca +++ b/src/gns/gnunet-gns-proxy-setup-ca | |||
| @@ -5,12 +5,6 @@ | |||
| 5 | 5 | ||
| 6 | # TODO: We should sed the real paths to the binaries involved here. | 6 | # TODO: We should sed the real paths to the binaries involved here. |
| 7 | 7 | ||
| 8 | if ! which certutil > /dev/null | ||
| 9 | then | ||
| 10 | echo "'certutil' command not found. Please install it." | ||
| 11 | exit 1 | ||
| 12 | fi | ||
| 13 | |||
| 14 | if ! which openssl > /dev/null | 8 | if ! which openssl > /dev/null |
| 15 | then | 9 | then |
| 16 | echo "'openssl' command not found. Please install it." | 10 | echo "'openssl' command not found. Please install it." |
| @@ -50,24 +44,29 @@ openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO | |||
| 50 | echo "Making private key available to gnunet-gns-proxy" | 44 | echo "Making private key available to gnunet-gns-proxy" |
| 51 | cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM | 45 | cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM |
| 52 | 46 | ||
| 53 | echo "Importing CA into browsers" | 47 | if ! which certutil > /dev/null |
| 54 | for f in ~/.mozilla/firefox/*.*/ | 48 | then |
| 55 | do | 49 | echo "'certutil' command not found. Not importing into browsers." |
| 56 | if [ -d $f ]; then | 50 | else |
| 57 | echo "Importing CA info Firefox at $f" | 51 | echo "Importing CA into browsers" |
| 58 | # delete old certificate (if any) | 52 | for f in ~/.mozilla/firefox/*.*/ |
| 59 | certutil -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null | 53 | do |
| 60 | # add new certificate | 54 | if [ -d $f ]; then |
| 61 | certutil -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT | 55 | echo "Importing CA info Firefox at $f" |
| 62 | fi | 56 | # delete old certificate (if any) |
| 63 | done | 57 | certutil -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null |
| 58 | # add new certificate | ||
| 59 | certutil -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT | ||
| 60 | fi | ||
| 61 | done | ||
| 64 | 62 | ||
| 65 | if [ -d ~/.pki/nssdb/ ]; then | 63 | if [ -d ~/.pki/nssdb/ ]; then |
| 66 | echo "Importing CA into Chrome at ~/.pki/nssdb/" | 64 | echo "Importing CA into Chrome at ~/.pki/nssdb/" |
| 67 | # delete old certificate (if any) | 65 | # delete old certificate (if any) |
| 68 | certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null | 66 | certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null |
| 69 | # add new certificate | 67 | # add new certificate |
| 70 | certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT | 68 | certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT |
| 69 | fi | ||
| 71 | fi | 70 | fi |
| 72 | 71 | ||
| 73 | echo "Cleaning up." | 72 | echo "Cleaning up." |