1 files changed, 78 insertions, 0 deletions
diff --git a/src/gns/gnunet-gns-proxy-setup-ca.in b/src/gns/gnunet-gns-proxy-setup-ca.in
new file mode 100644
index 000000000..0a6fab18a
--- /dev/null
+++ b/src/gns/gnunet-gns-proxy-setup-ca.in
@@ -0,0 +1,78 @@
+#!/bin/sh
+# This shell script will generate an X509 certificate for your gnunet-gns-proxy
+# and install it (for both GNUnet and your browser).
+#
+OPENSSLCFG=@pkgdatadir@/openssl.cnf
+if ! which openssl > /dev/null
+then
+    echo "'openssl' command not found. Please install it."
+    exit 1
+fi
+echo "Generating CA"
+options=''
+while getopts "c:" opt; do
+  case $opt in
+    c)
+      options="$options -c $OPTARG"
+      ;;
+    \?)
+      echo "Invalid option: -$OPTARG" >&2
+      exit 1
+      ;;
+    :)
+      echo "Option -$OPTARG requires an argument." >&2
+      exit 1
+      ;;
+  esac
+done
+GNSCERT=`mktemp /tmp/gnscertXXXXXX.pem`
+GNSCAKY=`mktemp /tmp/gnscakeyXXXXXX.pem`
+GNSCANO=`mktemp /tmp/gnscakeynoencXXXXXX.pem`
+GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options`
+mkdir -p `dirname $GNS_CA_CERT_PEM`
+openssl req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"
+echo "Removing passphrase from key"
+openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO
+echo "Making private key available to gnunet-gns-proxy"
+cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM
+if ! which certutil > /dev/null
+then
+  echo "The 'certutil' command was not found. Not importing into browsers."
+  echo "For 'certutil' install nss."
+else
+  echo "Importing CA into browsers"
+  for f in ~/.mozilla/firefox/*.*/
+  do
+    if [ -d $f ]; then
+      echo "Importing CA info Firefox at $f"
+      # delete old certificate (if any)
+      certutil -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null
+      # add new certificate
+      certutil -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT
+    fi
+  done
+  if [ -d ~/.pki/nssdb/ ]; then
+    echo "Importing CA into Chrome at ~/.pki/nssdb/"
+    # delete old certificate (if any)
+    certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null
+    # add new certificate
+    certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT
+  fi
+fi
+echo "Cleaning up."
+rm -f $GNSCAKY $GNSCANO $GNSCERT
+echo "==================================="
+echo "You can now start gnunet-gns-proxy."
+echo "Afterwards, configure your browser "
+echo " to use a SOCKS proxy on port 7777."
+echo "==================================="

diff --git a/src/gns/gnunet-gns-proxy-setup-ca.in b/src/gns/gnunet-gns-proxy-setup-ca.in new file mode 100644 index 000000000..0a6fab18a --- /dev/null +++ b/src/gns/gnunet-gns-proxy-setup-ca.in
@@ -0,0 +1,78 @@
	1	#!/bin/sh
	2	# This shell script will generate an X509 certificate for your gnunet-gns-proxy
	3	# and install it (for both GNUnet and your browser).
	4	#
	5
	6	OPENSSLCFG=@pkgdatadir@/openssl.cnf
	7	if ! which openssl > /dev/null
	8	then
	9	echo "'openssl' command not found. Please install it."
	10	exit 1
	11	fi
	12
	13	echo "Generating CA"
	14	options=''
	15	while getopts "c:" opt; do
	16	case $opt in
	17	c)
	18	options="$options -c $OPTARG"
	19	;;
	20	\?)
	21	echo "Invalid option: -$OPTARG" >&2
	22	exit 1
	23	;;
	24	:)
	25	echo "Option -$OPTARG requires an argument." >&2
	26	exit 1
	27	;;
	28	esac
	29	done
	30
	31	GNSCERT=`mktemp /tmp/gnscertXXXXXX.pem`
	32	GNSCAKY=`mktemp /tmp/gnscakeyXXXXXX.pem`
	33	GNSCANO=`mktemp /tmp/gnscakeynoencXXXXXX.pem`
	34	GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options`
	35	mkdir -p `dirname $GNS_CA_CERT_PEM`
	36
	37	openssl req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"
	38
	39	echo "Removing passphrase from key"
	40	openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO
	41
	42	echo "Making private key available to gnunet-gns-proxy"
	43	cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM
	44
	45	if ! which certutil > /dev/null
	46	then
	47	echo "The 'certutil' command was not found. Not importing into browsers."
	48	echo "For 'certutil' install nss."
	49	else
	50	echo "Importing CA into browsers"
	51	for f in ~/.mozilla/firefox/./
	52	do
	53	if [ -d $f ]; then
	54	echo "Importing CA info Firefox at $f"
	55	# delete old certificate (if any)
	56	certutil -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null
	57	# add new certificate
	58	certutil -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT
	59	fi
	60	done
	61
	62	if [ -d ~/.pki/nssdb/ ]; then
	63	echo "Importing CA into Chrome at ~/.pki/nssdb/"
	64	# delete old certificate (if any)
	65	certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null
	66	# add new certificate
	67	certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT
	68	fi
	69	fi
	70
	71	echo "Cleaning up."
	72	rm -f $GNSCAKY $GNSCANO $GNSCERT
	73
	74	echo "==================================="
	75	echo "You can now start gnunet-gns-proxy."
	76	echo "Afterwards, configure your browser "
	77	echo " to use a SOCKS proxy on port 7777."
	78	echo "==================================="