gnunet-gns-proxy-setup-ca: conditionally sed openssl and certutil location,

use variable for locations, check for openssl and certutil in configure phase.
author: ng0 <ng0@n0.is> 2019-02-19 12:40:36 +0000
committer: ng0 <ng0@n0.is> 2019-02-19 12:40:36 +0000
commit: 2f9e78d0db73fa953f4f542f3fbc9ddf2c9e260f (patch)
tree: f700ff67202a249d5c121a9f78f64531e6e0406c /src/gns
parent: b9e95f034c7d2e059340c5d282933c102e834c71 (diff)
download: gnunet-2f9e78d0db73fa953f4f542f3fbc9ddf2c9e260f.tar.gz
gnunet-2f9e78d0db73fa953f4f542f3fbc9ddf2c9e260f.zip
2 files changed, 29 insertions, 11 deletions
diff --git a/src/gns/Makefile.am b/src/gns/Makefile.am
index 13f6a6e52..7d343e7ff 100644
--- a/src/gns/Makefile.am
+++ b/src/gns/Makefile.am
@@ -88,21 +88,36 @@ bin_PROGRAMS += gnunet-bcd
 endif
 endif
-bin_SCRIPTS = gnunet-gns-proxy-setup-ca
 plugin_LTLIBRARIES = \
  libgnunet_plugin_block_gns.la \
  libgnunet_plugin_gnsrecord_gns.la
-xPFX=$(pkgdatadir)/openssl.cnf
+if HAVE_OPENSSL
+xOPENSSL=$(shell which openssl)
+do_subst_openssl = $(SED) -e 's,[@]OPENSSLBIN[@],${xOPENSSL},g'
+endif
+if HAVE_NSS
+xCERTUTIL=$(shell which certutil)
+do_subst_certutil = $(SED) -e 's,[@]CERTUTILBIN[@],${xCERTUTIL},g'
+endif
+xPFX=$(pkgdatadir)/openssl.cnf
 do_subst = $(SED) -e 's,[@]PREFIX[@],${xPFX},g'
 gnunet-gns-proxy-setup-ca: gnunet-gns-proxy-setup-ca.in
        $(do_subst) < $(top_srcdir)/src/gns/gnunet-gns-proxy-setup-ca.in > gnunet-gns-proxy-setup-ca
+        ifeq ($(HAVE_OPENSSL), 1)
+                $(do_subst_openssl) < $(top_srcdir)/src/gns/gnunet-gns-proxy-setup-ca
+        endif
+        ifeq ($(HAVE_OPENSSL), 1) 
+                $(do_subst_certutil) < $(top_srcdir)/src/gns/gnunet-gns-proxy-setup-ca
+        endif 
        chmod +x gnunet-gns-proxy-setup-ca
+else:
+bin_SCRIPTS = gnunet-gns-proxy-setup-ca
 libgnunet_plugin_gnsrecord_gns_la_SOURCES = \
  plugin_gnsrecord_gns.c
diff --git a/src/gns/gnunet-gns-proxy-setup-ca.in b/src/gns/gnunet-gns-proxy-setup-ca.in
index d3753b074..cd3be5cea 100644
--- a/src/gns/gnunet-gns-proxy-setup-ca.in
+++ b/src/gns/gnunet-gns-proxy-setup-ca.in
@@ -11,6 +11,8 @@ then
    exit 1
 fi
+OPENSSLBIN=@OPENSSL@
+CERTUTILBIN=@CERTUTIL@
 echo "Generating CA"
 options=''
@@ -36,17 +38,18 @@ GNSCANO=`mktemp /tmp/gnscakeynoencXXXXXX.pem`
 GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options`
 mkdir -p `dirname $GNS_CA_CERT_PEM`
-openssl req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"
+OPENSSLBIN req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"
 echo "Removing passphrase from key"
-openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO
+OPENSSLBIN rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO
 echo "Making private key available to gnunet-gns-proxy"
 cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM
 if ! which certutil > /dev/null
 then
-  echo "'certutil' command not found. Not importing into browsers."
+  echo "The 'certutil' command was not found. Not importing into browsers."
+  echo "For 'certutil' install nss."
 else
  echo "Importing CA into browsers"
  for f in ~/.mozilla/firefox/*.*/
@@ -54,18 +57,18 @@ else
    if [ -d $f ]; then
      echo "Importing CA info Firefox at $f"
      # delete old certificate (if any)
-      certutil -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null
+      @CERTUTILBIN@ -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null
      # add new certificate
-      certutil -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT
+      @CERTUTILBIN@ -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT
    fi
  done
  if [ -d ~/.pki/nssdb/ ]; then
    echo "Importing CA into Chrome at ~/.pki/nssdb/"
    # delete old certificate (if any)
-    certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null
+    @CERTUTILBIN@ -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null
    # add new certificate
-    certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT
+    @CERTUTILBIN@ -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT
  fi
 fi
author	ng0 <ng0@n0.is>	2019-02-19 12:40:36 +0000
committer	ng0 <ng0@n0.is>	2019-02-19 12:40:36 +0000
commit	2f9e78d0db73fa953f4f542f3fbc9ddf2c9e260f (patch)
tree	f700ff67202a249d5c121a9f78f64531e6e0406c /src/gns
parent	b9e95f034c7d2e059340c5d282933c102e834c71 (diff)
download	gnunet-2f9e78d0db73fa953f4f542f3fbc9ddf2c9e260f.tar.gz gnunet-2f9e78d0db73fa953f4f542f3fbc9ddf2c9e260f.zip

diff --git a/src/gns/Makefile.am b/src/gns/Makefile.am index 13f6a6e52..7d343e7ff 100644 --- a/src/gns/Makefile.am +++ b/src/gns/Makefile.am
@@ -88,21 +88,36 @@ bin_PROGRAMS += gnunet-bcd
88	endif	88	endif
89	endif	89	endif
90		90
91	bin_SCRIPTS = gnunet-gns-proxy-setup-ca
92
93	plugin_LTLIBRARIES = \	91	plugin_LTLIBRARIES = \
94	libgnunet_plugin_block_gns.la \	92	libgnunet_plugin_block_gns.la \
95	libgnunet_plugin_gnsrecord_gns.la	93	libgnunet_plugin_gnsrecord_gns.la
96		94
97	xPFX=$(pkgdatadir)/openssl.cnf
98		95
		96	if HAVE_OPENSSL
		97	xOPENSSL=$(shell which openssl)
		98	do_subst_openssl = $(SED) -e 's,[@]OPENSSLBIN[@],${xOPENSSL},g'
		99	endif
		100
		101	if HAVE_NSS
		102	xCERTUTIL=$(shell which certutil)
		103	do_subst_certutil = $(SED) -e 's,[@]CERTUTILBIN[@],${xCERTUTIL},g'
		104	endif
		105
		106	xPFX=$(pkgdatadir)/openssl.cnf
99	do_subst = $(SED) -e 's,[@]PREFIX[@],${xPFX},g'	107	do_subst = $(SED) -e 's,[@]PREFIX[@],${xPFX},g'
100		108
101	gnunet-gns-proxy-setup-ca: gnunet-gns-proxy-setup-ca.in	109	gnunet-gns-proxy-setup-ca: gnunet-gns-proxy-setup-ca.in
102	$(do_subst) < $(top_srcdir)/src/gns/gnunet-gns-proxy-setup-ca.in > gnunet-gns-proxy-setup-ca	110	$(do_subst) < $(top_srcdir)/src/gns/gnunet-gns-proxy-setup-ca.in > gnunet-gns-proxy-setup-ca
		111	ifeq ($(HAVE_OPENSSL), 1)
		112	$(do_subst_openssl) < $(top_srcdir)/src/gns/gnunet-gns-proxy-setup-ca
		113	endif
		114	ifeq ($(HAVE_OPENSSL), 1)
		115	$(do_subst_certutil) < $(top_srcdir)/src/gns/gnunet-gns-proxy-setup-ca
		116	endif
103	chmod +x gnunet-gns-proxy-setup-ca	117	chmod +x gnunet-gns-proxy-setup-ca
		118	else:
104		119
105		120	bin_SCRIPTS = gnunet-gns-proxy-setup-ca
106		121
107	libgnunet_plugin_gnsrecord_gns_la_SOURCES = \	122	libgnunet_plugin_gnsrecord_gns_la_SOURCES = \
108	plugin_gnsrecord_gns.c	123	plugin_gnsrecord_gns.c


diff --git a/src/gns/gnunet-gns-proxy-setup-ca.in b/src/gns/gnunet-gns-proxy-setup-ca.in index d3753b074..cd3be5cea 100644 --- a/src/gns/gnunet-gns-proxy-setup-ca.in +++ b/src/gns/gnunet-gns-proxy-setup-ca.in
@@ -11,6 +11,8 @@ then
11	exit 1	11	exit 1
12	fi	12	fi
13		13
		14	OPENSSLBIN=@OPENSSL@
		15	CERTUTILBIN=@CERTUTIL@
14		16
15	echo "Generating CA"	17	echo "Generating CA"
16	options=''	18	options=''
@@ -36,17 +38,18 @@ GNSCANO=`mktemp /tmp/gnscakeynoencXXXXXX.pem`
36	GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options`	38	GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options`
37	mkdir -p `dirname $GNS_CA_CERT_PEM`	39	mkdir -p `dirname $GNS_CA_CERT_PEM`
38		40
39	openssl req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"	41	OPENSSLBIN req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"
40		42
41	echo "Removing passphrase from key"	43	echo "Removing passphrase from key"
42	openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO	44	OPENSSLBIN rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO
43		45
44	echo "Making private key available to gnunet-gns-proxy"	46	echo "Making private key available to gnunet-gns-proxy"
45	cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM	47	cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM
46		48
47	if ! which certutil > /dev/null	49	if ! which certutil > /dev/null
48	then	50	then
49	echo "'certutil' command not found. Not importing into browsers."	51	echo "The 'certutil' command was not found. Not importing into browsers."
		52	echo "For 'certutil' install nss."
50	else	53	else
51	echo "Importing CA into browsers"	54	echo "Importing CA into browsers"
52	for f in ~/.mozilla/firefox/./	55	for f in ~/.mozilla/firefox/./
@@ -54,18 +57,18 @@ else
54	if [ -d $f ]; then	57	if [ -d $f ]; then
55	echo "Importing CA info Firefox at $f"	58	echo "Importing CA info Firefox at $f"
56	# delete old certificate (if any)	59	# delete old certificate (if any)
57	certutil -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null	60	@CERTUTILBIN@ -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null
58	# add new certificate	61	# add new certificate
59	certutil -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT	62	@CERTUTILBIN@ -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT
60	fi	63	fi
61	done	64	done
62		65
63	if [ -d ~/.pki/nssdb/ ]; then	66	if [ -d ~/.pki/nssdb/ ]; then
64	echo "Importing CA into Chrome at ~/.pki/nssdb/"	67	echo "Importing CA into Chrome at ~/.pki/nssdb/"
65	# delete old certificate (if any)	68	# delete old certificate (if any)
66	certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null	69	@CERTUTILBIN@ -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null
67	# add new certificate	70	# add new certificate
68	certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT	71	@CERTUTILBIN@ -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT
69	fi	72	fi
70	fi	73	fi
71		74