2 This file is part of GNUnet.
3 Copyright (C) 2011, 2013 GNUnet e.V.
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
17 * @file transport/gnunet-transport-certificate-creation.c
18 * @brief create certificate for HTTPS transport
22 #include "gnunet_util_lib.h"
26 * Turn the given file descriptor in to '/dev/null'.
28 * @param fd fd to bind to /dev/null
29 * @param flags flags to use (O_RDONLY or O_WRONLY)
32 make_dev_zero (int fd,
37 GNUNET_assert (0 == close (fd));
38 z = open ("/dev/null", flags);
39 GNUNET_assert (-1 != z);
42 GNUNET_break (fd == dup2 (z, fd));
43 GNUNET_assert (0 == close (z));
49 removecerts (const char *file1,
52 if (GNUNET_YES == GNUNET_DISK_file_test (file1))
54 if (0 != CHMOD (file1, S_IWUSR | S_IRUSR))
55 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "chmod", file1);
56 if (0 != REMOVE (file1))
57 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "remove", file1);
59 if (GNUNET_YES == GNUNET_DISK_file_test (file2))
61 if (0 != CHMOD (file2, S_IWUSR | S_IRUSR))
62 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "chmod", file2);
63 if (0 != REMOVE (file2))
64 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "remove", file2);
70 main (int argc, char **argv)
72 struct GNUNET_OS_Process *openssl;
77 "Invalid arguments.\n");
80 removecerts (argv[1], argv[2]);
81 (void) GNUNET_DISK_directory_create_for_file (argv[1]);
82 (void) GNUNET_DISK_directory_create_for_file (argv[2]);
83 /* eliminate stderr */
87 make_dev_zero (2, O_WRONLY);
89 /* Create RSA Private Key */
90 /* openssl genrsa -out $1 1024 2> /dev/null */
92 GNUNET_OS_start_process (GNUNET_NO, GNUNET_OS_INHERIT_STD_OUT_AND_ERR,
94 "openssl", "openssl", "genrsa",
95 "-out", argv[1], "1024", NULL);
99 "Failed to run openssl. Is openssl installed?\n");
102 GNUNET_assert (GNUNET_OK == GNUNET_OS_process_wait (openssl));
103 GNUNET_OS_process_destroy (openssl);
105 /* Create a self-signed certificate in batch mode using rsa key */
106 /* openssl req -batch -days 365 -out $2 -new -x509 -key $1 2> /dev/null */
108 GNUNET_OS_start_process (GNUNET_NO, GNUNET_OS_INHERIT_STD_OUT_AND_ERR,
110 "openssl", "openssl", "req",
111 "-batch", "-days", "365", "-out", argv[2],
112 "-new", "-x509", "-key", argv[1], NULL);
116 "Failed to create self-signed certificate with openssl.\n");
119 GNUNET_assert (GNUNET_OK == GNUNET_OS_process_wait (openssl));
120 GNUNET_OS_process_destroy (openssl);
121 if (0 != CHMOD (argv[1], S_IRUSR))
122 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "chmod", argv[1]);
123 if (0 != CHMOD (argv[2], S_IRUSR))
124 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "chmod", argv[2]);
128 /* end of gnunet-transport-certificate-creation.c */