[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r30027 - gnunet/src/gns
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r30027 - gnunet/src/gns |
|
Date: |
Wed, 9 Oct 2013 10:29:10 +0200 |
Author: grothoff
Date: 2013-10-09 10:29:10 +0200 (Wed, 09 Oct 2013)
New Revision: 30027
Modified:
gnunet/src/gns/gnunet-gns-proxy-setup-ca
Log:
fix script to use file names from configuration and support -c option
Modified: gnunet/src/gns/gnunet-gns-proxy-setup-ca
===================================================================
--- gnunet/src/gns/gnunet-gns-proxy-setup-ca 2013-10-09 08:04:33 UTC (rev
30026)
+++ gnunet/src/gns/gnunet-gns-proxy-setup-ca 2013-10-09 08:29:10 UTC (rev
30027)
@@ -1,32 +1,55 @@
#!/bin/sh
+# This shell script will generate an X509 certificate for your gnunet-gns-proxy
+# and install it (for both GNUnet and your browser).
+#
echo "Generating CA"
-openssl req -new -x509 -days 3650 -extensions v3_ca -keyout gnscakey.pem -out
gnscacert.pem -subj "/C=TNR/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy
CA/address@hidden" -passout pass:"GNU Name System"
+options=''
+while getopts "c:" opt; do
+ case $opt in
+ c)
+ options+="-c $OPTARG"
+ ;;
+ \?)
+ echo "Invalid option: -$OPTARG" >&2
+ exit 1
+ ;;
+ :)
+ echo "Option -$OPTARG requires an argument." >&2
+ exit 1
+ ;;
+ esac
+done
+GNSCERT=`mktemp /tmp/gnscertXXXXXX.pem`
+GNSCAKY=`mktemp /tmp/gnscakeyXXXXXX.pem`
+GNSCANO=`mktemp /tmp/gnscakeynoencXXXXXX.pem`
+GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options`
+
+openssl req -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out
$GNSCERT -subj "/C=TNR/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/address@hidden"
-passout pass:"GNU Name System"
+
echo "Removing passphrase from key"
-openssl rsa -passin pass:"GNU Name System" -in gnscakey.pem -out
gnscakeynoenc.pem
+openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO
-cp gnscacert.pem $HOME/.gnunet/gns/gnscert.pem
-cat gnscacert.pem > $HOME/.gnunet/gns/gnsCAcert.pem
-cat gnscakeynoenc.pem >> $HOME/.gnunet/gns/gnsCAcert.pem
+cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM
echo "Importing CA into browsers"
for f in ~/.mozilla/firefox/*.default
do
if [ -d $f ]; then
- echo "Importing CA info firefox $f"
+ echo "Importing CA info Firefox $f"
certutil -D -n "GNS Proxy CA" -d ~/.mozilla/firefox/*.default >/dev/null
2&>1
- certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.mozilla/firefox/*.default <
gnscacert.pem
+ certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.mozilla/firefox/*.default <
$GNSCERT
fi
done
if [ -d ~/.pki/nssdb ]; then
- echo "Importing CA into chrome"
+ echo "Importing CA into Chrome"
certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb >/dev/null 2&>1
- certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb < gnscacert.pem
+ certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb < $GNSCERT
fi
-rm gnscakey.pem gnscakeynoenc.pem gnscacert.pem
+rm $GNSCAKY $GNSCANO $GNSCERT
echo "You can now start gnunet-gns-proxy and configure your browser to use a
SOCKS proxy on port 7777"
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r30027 - gnunet/src/gns,
gnunet <=