#5675: Also detect openssl again

diff --git a/src/gns/gnunet-gns-proxy-setup-ca.in b/src/gns/gnunet-gns-proxy-setup-ca.in
index 931971cb052184d76fe4b69d63d234e10f4822d8..d0c4b8773b5d86f077ca7ba73b0ab56bfe73245e 100644 (file)
--- a/src/gns/gnunet-gns-proxy-setup-ca.in
+++ b/src/gns/gnunet-gns-proxy-setup-ca.in
@@ -134,15 +134,24 @@ generate_ca()
     # ------------- openssl
 
     GNUTLS_CA_TEMPLATE=@pkgdatadir@/gnunet-gns-proxy-ca.template
+    OPENSSLCFG=@pkgdatadir@/openssl.cnf
     CERTTOOL=""
+    OPENSSL=0
     if test -z "`gnutls-certtool --version`" > /dev/null
     then
-      if test -z "`certtool --versionn`" > /dev/null
+      #TODO sometimes certtools is gnutls, sometimes openssl :/
+      if test -z "`certtool --version | grep gnutls`" > /dev/null
       then
-        warningmsg "'gnutls-certtool' or 'certtool' command not found. Please install it."
-        infomsg    "Cleaning up."
-        rm -f $GNSCAKY $GNSCERT
-        exit 1
+        warningmsg "'gnutls-certtool' or 'certtool' command not found. Trying openssl."
+        if test -z "`openssl version`" > /dev/null
+        then
+          $OPENSSL=1
+        else
+          warningmsg "Install either gnutls certtool or openssl for certificate generation!"
+          infomsg    "Cleaning up."
+          rm -f $GNSCAKY $GNSCERT
+          exit 1
+        fi
       fi
       CERTTOOL="certtool"
     else
@@ -156,10 +165,18 @@ generate_ca()
     GNS_CA_CERT_PEM=`gnunet-config ${GNUNET_CONFIG} -s gns-proxy -o PROXY_CACERT -f ${options}`
     mkdir -p `dirname $GNS_CA_CERT_PEM`
 
-    $CERTTOOL --generate-privkey --outfile $GNSCAKY
-    $CERTTOOL --template $GNUTLS_CA_TEMPLATE --generate-self-signed --load-privkey $GNSCAKY --outfile $GNSCERT
-    infomsg "Making private key available to gnunet-gns-proxy"
-    cat $GNSCERT $GNSCAKY > $GNS_CA_CERT_PEM
+    if test 1 -eq $OPENSSL
+    then
+      openssl req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"
+      infomsg "Removing passphrase from key"
+      openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO
+      cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM
+    else
+      $CERTTOOL --generate-privkey --outfile $GNSCAKY
+      $CERTTOOL --template $GNUTLS_CA_TEMPLATE --generate-self-signed --load-privkey $GNSCAKY --outfile $GNSCERT
+      infomsg "Making private key available to gnunet-gns-proxy"
+      cat $GNSCERT $GNSCAKY > $GNS_CA_CERT_PEM
+    fi
 }
 
 importbrowsers()