From 003606cc941a4580d787c9970193bb22e307c413 Mon Sep 17 00:00:00 2001 From: "Schanzenbach, Martin" Date: Sun, 17 Feb 2019 22:33:17 +0100 Subject: add openssl.cnf --- src/gns/gnunet-gns-proxy-setup-ca | 79 --------------------------------------- 1 file changed, 79 deletions(-) delete mode 100644 src/gns/gnunet-gns-proxy-setup-ca (limited to 'src/gns/gnunet-gns-proxy-setup-ca') diff --git a/src/gns/gnunet-gns-proxy-setup-ca b/src/gns/gnunet-gns-proxy-setup-ca deleted file mode 100644 index 7c1d58dc2..000000000 --- a/src/gns/gnunet-gns-proxy-setup-ca +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/sh -# This shell script will generate an X509 certificate for your gnunet-gns-proxy -# and install it (for both GNUnet and your browser). -# - -# TODO: We should sed the real paths to the binaries involved here. - -if ! which openssl > /dev/null -then - echo "'openssl' command not found. Please install it." - exit 1 -fi - - -echo "Generating CA" -options='' -while getopts "c:" opt; do - case $opt in - c) - options="$options -c $OPTARG" - ;; - \?) - echo "Invalid option: -$OPTARG" >&2 - exit 1 - ;; - :) - echo "Option -$OPTARG requires an argument." >&2 - exit 1 - ;; - esac -done - -GNSCERT=`mktemp /tmp/gnscertXXXXXX.pem` -GNSCAKY=`mktemp /tmp/gnscakeyXXXXXX.pem` -GNSCANO=`mktemp /tmp/gnscakeynoencXXXXXX.pem` -GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options` -mkdir -p `dirname $GNS_CA_CERT_PEM` - -openssl req -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System" - -echo "Removing passphrase from key" -openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO - -echo "Making private key available to gnunet-gns-proxy" -cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM - -if ! which certutil > /dev/null -then - echo "'certutil' command not found. Not importing into browsers." -else - echo "Importing CA into browsers" - for f in ~/.mozilla/firefox/*.*/ - do - if [ -d $f ]; then - echo "Importing CA info Firefox at $f" - # delete old certificate (if any) - certutil -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null - # add new certificate - certutil -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT - fi - done - - if [ -d ~/.pki/nssdb/ ]; then - echo "Importing CA into Chrome at ~/.pki/nssdb/" - # delete old certificate (if any) - certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null - # add new certificate - certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT - fi -fi - -echo "Cleaning up." -rm -f $GNSCAKY $GNSCANO $GNSCERT - -echo "===================================" -echo "You can now start gnunet-gns-proxy." -echo "Afterwards, configure your browser " -echo " to use a SOCKS proxy on port 7777." -echo "===================================" -- cgit v1.2.3