diff options
-rw-r--r-- | src/gns/gnunet-gns-proxy-setup-ca.in | 17 |
1 files changed, 6 insertions, 11 deletions
diff --git a/src/gns/gnunet-gns-proxy-setup-ca.in b/src/gns/gnunet-gns-proxy-setup-ca.in index 00fc2d227..55a60e544 100644 --- a/src/gns/gnunet-gns-proxy-setup-ca.in +++ b/src/gns/gnunet-gns-proxy-setup-ca.in | |||
@@ -3,7 +3,6 @@ | |||
3 | # and install it (for both GNUnet and your browser). | 3 | # and install it (for both GNUnet and your browser). |
4 | # | 4 | # |
5 | 5 | ||
6 | # TODO: We should sed the real paths to the binaries involved here. | ||
7 | OPENSSLCFG=@PREFIX@ | 6 | OPENSSLCFG=@PREFIX@ |
8 | if ! which openssl > /dev/null | 7 | if ! which openssl > /dev/null |
9 | then | 8 | then |
@@ -11,10 +10,6 @@ then | |||
11 | exit 1 | 10 | exit 1 |
12 | fi | 11 | fi |
13 | 12 | ||
14 | # Keep it simple so that people can install the tools later on. | ||
15 | OPENSSLBIN=openssl | ||
16 | CERTUTILBIN=certutil | ||
17 | |||
18 | echo "Generating CA" | 13 | echo "Generating CA" |
19 | options='' | 14 | options='' |
20 | while getopts "c:" opt; do | 15 | while getopts "c:" opt; do |
@@ -39,10 +34,10 @@ GNSCANO=`mktemp /tmp/gnscakeynoencXXXXXX.pem` | |||
39 | GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options` | 34 | GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options` |
40 | mkdir -p `dirname $GNS_CA_CERT_PEM` | 35 | mkdir -p `dirname $GNS_CA_CERT_PEM` |
41 | 36 | ||
42 | OPENSSLBIN req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System" | 37 | openssl req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System" |
43 | 38 | ||
44 | echo "Removing passphrase from key" | 39 | echo "Removing passphrase from key" |
45 | OPENSSLBIN rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO | 40 | openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO |
46 | 41 | ||
47 | echo "Making private key available to gnunet-gns-proxy" | 42 | echo "Making private key available to gnunet-gns-proxy" |
48 | cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM | 43 | cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM |
@@ -58,18 +53,18 @@ else | |||
58 | if [ -d $f ]; then | 53 | if [ -d $f ]; then |
59 | echo "Importing CA info Firefox at $f" | 54 | echo "Importing CA info Firefox at $f" |
60 | # delete old certificate (if any) | 55 | # delete old certificate (if any) |
61 | @CERTUTILBIN@ -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null | 56 | certutil -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null |
62 | # add new certificate | 57 | # add new certificate |
63 | @CERTUTILBIN@ -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT | 58 | certutil -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT |
64 | fi | 59 | fi |
65 | done | 60 | done |
66 | 61 | ||
67 | if [ -d ~/.pki/nssdb/ ]; then | 62 | if [ -d ~/.pki/nssdb/ ]; then |
68 | echo "Importing CA into Chrome at ~/.pki/nssdb/" | 63 | echo "Importing CA into Chrome at ~/.pki/nssdb/" |
69 | # delete old certificate (if any) | 64 | # delete old certificate (if any) |
70 | @CERTUTILBIN@ -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null | 65 | certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null |
71 | # add new certificate | 66 | # add new certificate |
72 | @CERTUTILBIN@ -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT | 67 | certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT |
73 | fi | 68 | fi |
74 | fi | 69 | fi |
75 | 70 | ||