-#include "platform.h"
-#include "gnunet_disk_lib.h"
-#include "gnunet_os_lib.h"
+/*
+ This file is part of GNUnet.
+ (C) 2011, 2013 Christian Grothoff (and other contributing authors)
+
+ GNUnet is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 3, or (at your
+ option) any later version.
-/* GNUnet TLS certificate shell scricpt
- Creates a TSL certificate to use with HTTPS transport plugin
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNUnet; see the file COPYING. If not, write to the
+ Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
*/
-void removecerts (char *file1, char *file2)
+/**
+ * @file transport/gnunet-transport-certificate-creation.c
+ * @brief create certificate for HTTPS transport
+ * @author LRN
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+
+#ifndef WINDOWS
+/**
+ * Turn the given file descriptor in to '/dev/null'.
+ *
+ * @param fd fd to bind to /dev/null
+ * @param flags flags to use (O_RDONLY or O_WRONLY)
+ */
+static void
+make_dev_zero (int fd,
+ int flags)
{
- if (GNUNET_DISK_file_test (file1) == GNUNET_YES)
+ int z;
+
+ GNUNET_assert (0 == close (fd));
+ z = open ("/dev/null", flags);
+ GNUNET_assert (-1 != z);
+ if (z == fd)
+ return;
+ dup2 (z, fd);
+ GNUNET_assert (0 == close (z));
+}
+#endif
+
+
+static void
+removecerts (const char *file1,
+ const char *file2)
+{
+ if (GNUNET_YES == GNUNET_DISK_file_test (file1))
{
- CHMOD (file1, 0777);
- REMOVE (file1);
+ if (0 != CHMOD (file1, S_IWUSR | S_IRUSR))
+ GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "chmod", file1);
+ if (0 != REMOVE (file1))
+ GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "remove", file1);
}
- if (GNUNET_DISK_file_test (file2) == GNUNET_YES)
+ if (GNUNET_YES == GNUNET_DISK_file_test (file2))
{
- CHMOD (file2, 0777);
- REMOVE (file2);
+ if (0 != CHMOD (file2, S_IWUSR | S_IRUSR))
+ GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "chmod", file2);
+ if (0 != REMOVE (file2))
+ GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "remove", file2);
}
}
+
int
main (int argc, char **argv)
{
struct GNUNET_OS_Process *openssl;
- enum GNUNET_OS_ProcessStatusType status_type;
- unsigned long code;
-/*
-if [ $# -ne 2 ]; then
- exit 1
-fi
-*/
- if (argc != 3)
+ if (3 != argc)
+ {
+ fprintf (stderr,
+ "Invalid arguments.\n");
return 1;
-
-/*
-rm -f $1 $2
-*/
+ }
removecerts (argv[1], argv[2]);
+ (void) GNUNET_DISK_directory_create_for_file (argv[1]);
+ (void) GNUNET_DISK_directory_create_for_file (argv[2]);
+ /* eliminate stderr */
+#if WINDOWS
+ (void) close (2);
+#else
+ make_dev_zero (2, O_WRONLY);
+#endif
/* Create RSA Private Key */
-/*
-openssl genrsa -out $1 1024 2> /dev/null
-*/
- openssl = GNUNET_OS_start_process (NULL, NULL, "openssl", "openssl", "genrsa", "-out", argv[1], "1024", NULL);
-/*
-if [ $? -ne 0 ]; then
- rm -f $1 $2
- exit 1
-fi
-*/
- if (openssl == NULL)
- return 2;
- if (GNUNET_OS_process_wait (openssl) != GNUNET_OK)
- {
- GNUNET_OS_process_kill (openssl, SIGTERM);
- removecerts (argv[1], argv[2]);
- return 3;
- }
- if (GNUNET_OS_process_status (openssl, &status_type, &code) != GNUNET_OK)
- {
- GNUNET_OS_process_kill (openssl, SIGTERM);
- removecerts (argv[1], argv[2]);
- return 4;
- }
- if (status_type != GNUNET_OS_PROCESS_EXITED || code != 0)
- {
- GNUNET_OS_process_kill (openssl, SIGTERM);
- removecerts (argv[1], argv[2]);
- return 5;
- }
- GNUNET_OS_process_close (openssl);
-
- /* Create a self-signed certificate in batch mode using rsa key*/
-/*
- openssl req -batch -days 365 -out $2 -new -x509 -key $1 2> /dev/null
-*/
- openssl = GNUNET_OS_start_process (NULL, NULL, "openssl", "openssl", "req", "-batch", "-days", "365", "-out", argv[2], "-new", "-x509", "-key", argv[1], NULL);
-/*
-if [ $? -ne 0 ]; then
- rm -f $1 $2
- exit 1
-fi
-*/
- if (openssl == NULL)
- return 6;
- if (GNUNET_OS_process_wait (openssl) != GNUNET_OK)
- {
- GNUNET_OS_process_kill (openssl, SIGTERM);
- removecerts (argv[1], argv[2]);
- return 7;
- }
- if (GNUNET_OS_process_status (openssl, &status_type, &code) != GNUNET_OK)
+ /* openssl genrsa -out $1 1024 2> /dev/null */
+ openssl =
+ GNUNET_OS_start_process (GNUNET_NO, GNUNET_OS_INHERIT_STD_OUT_AND_ERR,
+ NULL, NULL, NULL,
+ "openssl", "openssl", "genrsa",
+ "-out", argv[1], "1024", NULL);
+ if (NULL == openssl)
{
- GNUNET_OS_process_kill (openssl, SIGTERM);
- removecerts (argv[1], argv[2]);
- return 8;
+ fprintf (stderr,
+ "Failed to run openssl. Is openssl installed?\n");
+ return 2;
}
- if (status_type != GNUNET_OS_PROCESS_EXITED || code != 0)
+ GNUNET_assert (GNUNET_OK == GNUNET_OS_process_wait (openssl));
+ GNUNET_OS_process_destroy (openssl);
+
+ /* Create a self-signed certificate in batch mode using rsa key */
+ /* openssl req -batch -days 365 -out $2 -new -x509 -key $1 2> /dev/null */
+ openssl =
+ GNUNET_OS_start_process (GNUNET_NO, GNUNET_OS_INHERIT_STD_OUT_AND_ERR,
+ NULL, NULL, NULL,
+ "openssl", "openssl", "req",
+ "-batch", "-days", "365", "-out", argv[2],
+ "-new", "-x509", "-key", argv[1], NULL);
+ if (NULL == openssl)
{
- GNUNET_OS_process_kill (openssl, SIGTERM);
- removecerts (argv[1], argv[2]);
- return 9;
+ fprintf (stderr,
+ "Failed to create self-signed certificate with openssl.\n");
+ return 3;
}
- GNUNET_OS_process_close (openssl);
-/*
-chmod 0400 $1 $2
-*/
- CHMOD (argv[1], 0400);
- CHMOD (argv[2], 0400);
-/*
-exit 0
-*/
+ GNUNET_assert (GNUNET_OK == GNUNET_OS_process_wait (openssl));
+ GNUNET_OS_process_destroy (openssl);
+ if (0 != CHMOD (argv[1], S_IRUSR))
+ GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "chmod", argv[1]);
+ if (0 != CHMOD (argv[2], S_IRUSR))
+ GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "chmod", argv[2]);
return 0;
}
+
+/* end of gnunet-transport-certificate-creation.c */