aboutsummaryrefslogtreecommitdiff
path: root/src/transport/gnunet-transport-certificate-creation.in
diff options
context:
space:
mode:
authorSchanzenbach, Martin <mschanzenbach@posteo.de>2019-07-23 23:38:19 +0200
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2019-07-23 23:38:19 +0200
commitad488bdf1343d85a30d8189884018928b0f699ba (patch)
tree5b83d8fc9f8a666d74197091dacc5334dd8193f7 /src/transport/gnunet-transport-certificate-creation.in
parentb5d78311efeded3e135e8f4b19bc1e0596d0496c (diff)
downloadgnunet-ad488bdf1343d85a30d8189884018928b0f699ba.tar.gz
gnunet-ad488bdf1343d85a30d8189884018928b0f699ba.zip
fix #5817
Diffstat (limited to 'src/transport/gnunet-transport-certificate-creation.in')
-rw-r--r--src/transport/gnunet-transport-certificate-creation.in148
1 files changed, 148 insertions, 0 deletions
diff --git a/src/transport/gnunet-transport-certificate-creation.in b/src/transport/gnunet-transport-certificate-creation.in
new file mode 100644
index 000000000..9b8a23594
--- /dev/null
+++ b/src/transport/gnunet-transport-certificate-creation.in
@@ -0,0 +1,148 @@
1#!/bin/sh
2#
3# This shell script will generate an X509 certificate for
4# your gnunet-transport HTTPS
5#
6# The current version partially reuses and recycles
7# code from build.sh by NetBSD (although not entirely
8# used because it needs debugging):
9#
10# Copyright (c) 2001-2011 The NetBSD Foundation, Inc.
11# All rights reserved.
12#
13# This code is derived from software contributed to
14# The NetBSD Foundation by Todd Vierling and Luke Mewburn.
15
16# Redistribution and use in source and binary forms, with or
17# without modification, are permitted provided that the following
18# conditions are met:
19# 1. Redistributions of source code must retain the above
20# copyright notice, this list of conditions and the following
21# disclaimer.
22# 2. Redistributions in binary form must reproduce the above
23# copyright notice, this list of conditions and the following
24# disclaimer in the documentation and/or other materials
25# provided with the distribution.
26
27# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND
28# CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
29# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
30# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
31# DISCLAIMED.
32# IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS BE LIABLE FOR
33# ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
34# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
35# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
36# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
37# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
38# LIABILITY, OR TORT
39# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
40# THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
41# OF SUCH DAMAGE.
42
43progname=${0##*/}
44
45setdefaults()
46{
47 verbosity=0
48 runcmd=
49}
50
51statusmsg()
52{
53 ${runcmd} echo " $@"
54}
55
56infomsg()
57{
58 if [ x$verbosity = x1 ]; then
59 statusmsg "INFO: $@"
60 fi
61}
62
63warningmsg()
64{
65 statusmsg "WARNING: $@"
66}
67
68errormsg()
69{
70 statusmsg "ERROR: $@"
71}
72
73linemsg()
74{
75 statusmsg "========================================="
76}
77
78
79usage()
80{
81 if [ -n "$*" ]; then
82 echo ""
83 echo "${progname}: $*"
84 fi
85 cat <<_usage_
86
87Usage: ${progname} [-hv] [-c FILE] [...]
88
89Options:
90 -c FILE Use the configuration file FILE.
91 -h Print this help message.
92 -v Print the version and exit.
93 -V be verbose
94
95_usage_
96 exit 1
97}
98
99
100generate_cert_key()
101{
102 echo ""
103 infomsg "Generating Cert and Key"
104
105 CERTTOOL=""
106 GNUTLS_CA_TEMPLATE=@pkgdatadir@/gnunet-gns-proxy-ca.template
107 OPENSSL=0
108 if test -z "`gnutls-certtool --version`" > /dev/null
109 then
110 warningmsg "'gnutls-certtool' or 'certtool' command not found. Trying openssl."
111 if test -z "`openssl version`" > /dev/null
112 then
113 $OPENSSL=1
114 else
115 warningmsg "Install either gnutls certtool or openssl for certificate generation!"
116 exit 1
117 fi
118 CERTTOOL="openssl"
119 else
120 CERTTOOL="gnutls-certtool"
121 fi
122 mkdir -p `dirname $KEYFILE`
123
124 if test 1 -eq $OPENSSL
125 then
126 $CERTTOOL genrsa -out $KEYFILE 1024
127 $CERTTOOL req -batch -days 365 -out $CERTFILE, -new -x509 -key $KEYFILE
128 else
129 $CERTTOOL --generate-privkey --outfile $KEYFILE 2>/dev/null
130 $CERTTOOL --template $GNUTLS_CA_TEMPLATE --generate-self-signed --load-privkey $KEYFILE --outfile $CERTFILE 2>/dev/null
131 fi
132 }
133
134print_version()
135{
136 GNUNET_ARM_VERSION=`gnunet-arm -v`
137 echo $GNUNET_ARM_VERSION
138}
139
140main()
141{
142 KEYFILE=$1
143 CERTFILE=$2
144 setdefaults
145 generate_cert_key
146}
147
148main "$@"