bin_PROGRAMS = \
- gnunet-transport \
+ gnunet-transport
+
+bin_SCRIPTS = \
gnunet-transport-certificate-creation
-#bin_SCRIPTS = \
-# gnunet-transport-certificate-creation
+# See: https://www.gnu.org/software/automake/manual/html_node/Scripts.html#Scripts
+do_subst = sed -e 's,[@]pkgdatadir[@],$(pkgdatadir),g'
+
+
+gnunet-transport-certificate-creation: gnunet-transport-certificate-creation.in Makefile
+ $(do_subst) < $(srcdir)/gnunet-transport-certificate-creation.in > gnunet-transport-certificate-creation
+ chmod +x gnunet-transport-certificate-creation
+
-gnunet_transport_certificate_creation_SOURCES = \
- gnunet-transport-certificate-creation.c
-gnunet_transport_certificate_creation_LDADD = \
- $(top_builddir)/src/util/libgnunetutil.la
gnunet_communicator_unix_SOURCES = \
gnunet-communicator-unix.c
EXTRA_DIST = \
+gnunet-transport-certificate-creation.in \
communicator-unix.conf \
test_plugin_hostkey \
test_plugin_hostkey.ecc \
+++ /dev/null
-/*
- This file is part of GNUnet.
- Copyright (C) 2011, 2013 GNUnet e.V.
-
- GNUnet is free software: you can redistribute it and/or modify it
- under the terms of the GNU Affero General Public License as published
- by the Free Software Foundation, either version 3 of the License,
- or (at your option) any later version.
-
- GNUnet is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Affero General Public License for more details.
-
- You should have received a copy of the GNU Affero General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-
- SPDX-License-Identifier: AGPL3.0-or-later
-*/
-
-/**
- * @file transport/gnunet-transport-certificate-creation.c
- * @brief create certificate for HTTPS transport
- * @author LRN
- */
-#include "platform.h"
-#include "gnunet_util_lib.h"
-
-#ifndef WINDOWS
-/**
- * Turn the given file descriptor in to '/dev/null'.
- *
- * @param fd fd to bind to /dev/null
- * @param flags flags to use (O_RDONLY or O_WRONLY)
- */
-static void
-make_dev_zero (int fd,
- int flags)
-{
- int z;
-
- GNUNET_assert (0 == close (fd));
- z = open ("/dev/null", flags);
- GNUNET_assert (-1 != z);
- if (z == fd)
- return;
- GNUNET_break (fd == dup2 (z, fd));
- GNUNET_assert (0 == close (z));
-}
-#endif
-
-
-static void
-removecerts (const char *file1,
- const char *file2)
-{
- if (GNUNET_YES == GNUNET_DISK_file_test (file1))
- {
- if (0 != CHMOD (file1, S_IWUSR | S_IRUSR))
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "chmod", file1);
- if (0 != REMOVE (file1))
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "remove", file1);
- }
- if (GNUNET_YES == GNUNET_DISK_file_test (file2))
- {
- if (0 != CHMOD (file2, S_IWUSR | S_IRUSR))
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "chmod", file2);
- if (0 != REMOVE (file2))
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "remove", file2);
- }
-}
-
-
-int
-main (int argc, char **argv)
-{
- struct GNUNET_OS_Process *openssl;
-
- if (3 != argc)
- {
- fprintf (stderr,
- "Invalid arguments.\n");
- return 1;
- }
- removecerts (argv[1], argv[2]);
- (void) GNUNET_DISK_directory_create_for_file (argv[1]);
- (void) GNUNET_DISK_directory_create_for_file (argv[2]);
- /* eliminate stderr */
-#if WINDOWS
- (void) close (2);
-#else
- make_dev_zero (2, O_WRONLY);
-#endif
- /* Create RSA Private Key */
- /* openssl genrsa -out $1 1024 2> /dev/null */
- openssl =
- GNUNET_OS_start_process (GNUNET_NO, GNUNET_OS_INHERIT_STD_OUT_AND_ERR,
- NULL, NULL, NULL,
- "openssl", "openssl", "genrsa",
- "-out", argv[1], "1024", NULL);
- if (NULL == openssl)
- {
- fprintf (stderr,
- "Failed to run openssl. Is openssl installed?\n");
- return 2;
- }
- GNUNET_assert (GNUNET_OK == GNUNET_OS_process_wait (openssl));
- GNUNET_OS_process_destroy (openssl);
-
- /* Create a self-signed certificate in batch mode using rsa key */
- /* openssl req -batch -days 365 -out $2 -new -x509 -key $1 2> /dev/null */
- openssl =
- GNUNET_OS_start_process (GNUNET_NO, GNUNET_OS_INHERIT_STD_OUT_AND_ERR,
- NULL, NULL, NULL,
- "openssl", "openssl", "req",
- "-batch", "-days", "365", "-out", argv[2],
- "-new", "-x509", "-key", argv[1], NULL);
- if (NULL == openssl)
- {
- fprintf (stderr,
- "Failed to create self-signed certificate with openssl.\n");
- return 3;
- }
- GNUNET_assert (GNUNET_OK == GNUNET_OS_process_wait (openssl));
- GNUNET_OS_process_destroy (openssl);
- if (0 != CHMOD (argv[1], S_IRUSR))
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "chmod", argv[1]);
- if (0 != CHMOD (argv[2], S_IRUSR))
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "chmod", argv[2]);
- return 0;
-}
-
-/* end of gnunet-transport-certificate-creation.c */
--- /dev/null
+#!/bin/sh
+#
+# This shell script will generate an X509 certificate for
+# your gnunet-transport HTTPS
+#
+# The current version partially reuses and recycles
+# code from build.sh by NetBSD (although not entirely
+# used because it needs debugging):
+#
+# Copyright (c) 2001-2011 The NetBSD Foundation, Inc.
+# All rights reserved.
+#
+# This code is derived from software contributed to
+# The NetBSD Foundation by Todd Vierling and Luke Mewburn.
+
+# Redistribution and use in source and binary forms, with or
+# without modification, are permitted provided that the following
+# conditions are met:
+# 1. Redistributions of source code must retain the above
+# copyright notice, this list of conditions and the following
+# disclaimer.
+# 2. Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following
+# disclaimer in the documentation and/or other materials
+# provided with the distribution.
+
+# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND
+# CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED.
+# IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS BE LIABLE FOR
+# ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+# THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
+# OF SUCH DAMAGE.
+
+progname=${0##*/}
+
+setdefaults()
+{
+ verbosity=0
+ runcmd=
+}
+
+statusmsg()
+{
+ ${runcmd} echo " $@"
+}
+
+infomsg()
+{
+ if [ x$verbosity = x1 ]; then
+ statusmsg "INFO: $@"
+ fi
+}
+
+warningmsg()
+{
+ statusmsg "WARNING: $@"
+}
+
+errormsg()
+{
+ statusmsg "ERROR: $@"
+}
+
+linemsg()
+{
+ statusmsg "========================================="
+}
+
+
+usage()
+{
+ if [ -n "$*" ]; then
+ echo ""
+ echo "${progname}: $*"
+ fi
+ cat <<_usage_
+
+Usage: ${progname} [-hv] [-c FILE] [...]
+
+Options:
+ -c FILE Use the configuration file FILE.
+ -h Print this help message.
+ -v Print the version and exit.
+ -V be verbose
+
+_usage_
+ exit 1
+}
+
+
+generate_cert_key()
+{
+ echo ""
+ infomsg "Generating Cert and Key"
+
+ CERTTOOL=""
+ GNUTLS_CA_TEMPLATE=@pkgdatadir@/gnunet-gns-proxy-ca.template
+ OPENSSL=0
+ if test -z "`gnutls-certtool --version`" > /dev/null
+ then
+ warningmsg "'gnutls-certtool' or 'certtool' command not found. Trying openssl."
+ if test -z "`openssl version`" > /dev/null
+ then
+ $OPENSSL=1
+ else
+ warningmsg "Install either gnutls certtool or openssl for certificate generation!"
+ exit 1
+ fi
+ CERTTOOL="openssl"
+ else
+ CERTTOOL="gnutls-certtool"
+ fi
+ mkdir -p `dirname $KEYFILE`
+
+ if test 1 -eq $OPENSSL
+ then
+ $CERTTOOL genrsa -out $KEYFILE 1024
+ $CERTTOOL req -batch -days 365 -out $CERTFILE, -new -x509 -key $KEYFILE
+ else
+ $CERTTOOL --generate-privkey --outfile $KEYFILE 2>/dev/null
+ $CERTTOOL --template $GNUTLS_CA_TEMPLATE --generate-self-signed --load-privkey $KEYFILE --outfile $CERTFILE 2>/dev/null
+ fi
+ }
+
+print_version()
+{
+ GNUNET_ARM_VERSION=`gnunet-arm -v`
+ echo $GNUNET_ARM_VERSION
+}
+
+main()
+{
+ KEYFILE=$1
+ CERTFILE=$2
+ setdefaults
+ generate_cert_key
+}
+
+main "$@"
projects / oweals / gnunet.git / commitdiff