From 3738d7795b0b1e70f568c73baefdcbca779352d0 Mon Sep 17 00:00:00 2001 From: "Schanzenbach, Martin" Date: Sat, 22 Jun 2019 10:38:43 +0200 Subject: [PATCH] #5675: Also detect openssl again --- src/gns/gnunet-gns-proxy-setup-ca.in | 35 +++++++++++++++++++++------- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/src/gns/gnunet-gns-proxy-setup-ca.in b/src/gns/gnunet-gns-proxy-setup-ca.in index 931971cb0..d0c4b8773 100644 --- a/src/gns/gnunet-gns-proxy-setup-ca.in +++ b/src/gns/gnunet-gns-proxy-setup-ca.in @@ -134,15 +134,24 @@ generate_ca() # ------------- openssl GNUTLS_CA_TEMPLATE=@pkgdatadir@/gnunet-gns-proxy-ca.template + OPENSSLCFG=@pkgdatadir@/openssl.cnf CERTTOOL="" + OPENSSL=0 if test -z "`gnutls-certtool --version`" > /dev/null then - if test -z "`certtool --versionn`" > /dev/null + #TODO sometimes certtools is gnutls, sometimes openssl :/ + if test -z "`certtool --version | grep gnutls`" > /dev/null then - warningmsg "'gnutls-certtool' or 'certtool' command not found. Please install it." - infomsg "Cleaning up." - rm -f $GNSCAKY $GNSCERT - exit 1 + warningmsg "'gnutls-certtool' or 'certtool' command not found. Trying openssl." + if test -z "`openssl version`" > /dev/null + then + $OPENSSL=1 + else + warningmsg "Install either gnutls certtool or openssl for certificate generation!" + infomsg "Cleaning up." + rm -f $GNSCAKY $GNSCERT + exit 1 + fi fi CERTTOOL="certtool" else @@ -156,10 +165,18 @@ generate_ca() GNS_CA_CERT_PEM=`gnunet-config ${GNUNET_CONFIG} -s gns-proxy -o PROXY_CACERT -f ${options}` mkdir -p `dirname $GNS_CA_CERT_PEM` - $CERTTOOL --generate-privkey --outfile $GNSCAKY - $CERTTOOL --template $GNUTLS_CA_TEMPLATE --generate-self-signed --load-privkey $GNSCAKY --outfile $GNSCERT - infomsg "Making private key available to gnunet-gns-proxy" - cat $GNSCERT $GNSCAKY > $GNS_CA_CERT_PEM + if test 1 -eq $OPENSSL + then + openssl req -config $OPENSSLCFG -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System" + infomsg "Removing passphrase from key" + openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO + cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM + else + $CERTTOOL --generate-privkey --outfile $GNSCAKY + $CERTTOOL --template $GNUTLS_CA_TEMPLATE --generate-self-signed --load-privkey $GNSCAKY --outfile $GNSCERT + infomsg "Making private key available to gnunet-gns-proxy" + cat $GNSCERT $GNSCAKY > $GNS_CA_CERT_PEM + fi } importbrowsers() -- 2.25.1