2 # This shell script will generate an X509 certificate for your gnunet-gns-proxy
3 # and install it (for both GNUnet and your browser).
6 # TODO: We should sed the real paths to the binaries involved here.
8 if ! which openssl > /dev/null
10 echo "'openssl' command not found. Please install it."
15 CERTUTILBIN=@CERTUTIL@
19 while getopts "c:" opt; do
22 options="$options -c $OPTARG"
25 echo "Invalid option: -$OPTARG" >&2
29 echo "Option -$OPTARG requires an argument." >&2
35 GNSCERT=`mktemp /tmp/gnscertXXXXXX.pem`
36 GNSCAKY=`mktemp /tmp/gnscakeyXXXXXX.pem`
37 GNSCANO=`mktemp /tmp/gnscakeynoencXXXXXX.pem`
38 GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options`
39 mkdir -p `dirname $GNS_CA_CERT_PEM`
41 OPENSSLBIN req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"
43 echo "Removing passphrase from key"
44 OPENSSLBIN rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO
46 echo "Making private key available to gnunet-gns-proxy"
47 cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM
49 if ! which certutil > /dev/null
51 echo "The 'certutil' command was not found. Not importing into browsers."
52 echo "For 'certutil' install nss."
54 echo "Importing CA into browsers"
55 for f in ~/.mozilla/firefox/*.*/
58 echo "Importing CA info Firefox at $f"
59 # delete old certificate (if any)
60 @CERTUTILBIN@ -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null
62 @CERTUTILBIN@ -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT
66 if [ -d ~/.pki/nssdb/ ]; then
67 echo "Importing CA into Chrome at ~/.pki/nssdb/"
68 # delete old certificate (if any)
69 @CERTUTILBIN@ -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null
71 @CERTUTILBIN@ -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT
76 rm -f $GNSCAKY $GNSCANO $GNSCERT
78 echo "==================================="
79 echo "You can now start gnunet-gns-proxy."
80 echo "Afterwards, configure your browser "
81 echo " to use a SOCKS proxy on port 7777."
82 echo "==================================="