# and install it (for both GNUnet and your browser).
#
-# TODO: We should sed the real paths to the binaries involved here.
OPENSSLCFG=@PREFIX@
if ! which openssl > /dev/null
then
exit 1
fi
-# Keep it simple so that people can install the tools later on.
-OPENSSLBIN=openssl
-CERTUTILBIN=certutil
-
echo "Generating CA"
options=''
while getopts "c:" opt; do
GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options`
mkdir -p `dirname $GNS_CA_CERT_PEM`
-OPENSSLBIN req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"
+openssl req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"
echo "Removing passphrase from key"
-OPENSSLBIN rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO
+openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO
echo "Making private key available to gnunet-gns-proxy"
cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM
if [ -d $f ]; then
echo "Importing CA info Firefox at $f"
# delete old certificate (if any)
- @CERTUTILBIN@ -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null
+ certutil -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null
# add new certificate
- @CERTUTILBIN@ -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT
+ certutil -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT
fi
done
if [ -d ~/.pki/nssdb/ ]; then
echo "Importing CA into Chrome at ~/.pki/nssdb/"
# delete old certificate (if any)
- @CERTUTILBIN@ -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null
+ certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null
# add new certificate
- @CERTUTILBIN@ -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT
+ certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT
fi
fi
projects / oweals / gnunet.git / commitdiff