make_ssl_cert script added (from former release)
This commit is contained in:
parent
45935b6e79
commit
834c9a35ff
|
@ -1,49 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
#
|
|
||||||
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
|
|
||||||
#
|
|
||||||
# License: This script is distributed under the terms of version 2
|
|
||||||
# of the GNU GPL. See the LICENSE file included with the package.
|
|
||||||
#
|
|
||||||
# $Id: cbox-build.sh 336 2005-11-29 22:28:28Z lars $
|
|
||||||
#
|
|
||||||
# build a debian package
|
|
||||||
#
|
|
||||||
|
|
||||||
set -ue
|
|
||||||
|
|
||||||
# include common functions and settings
|
|
||||||
source $(dirname $0)/common.sh.inc
|
|
||||||
|
|
||||||
######### some settings ###########
|
|
||||||
DEB_BUILD_DIR=/tmp/cryptobox-debian-$$
|
|
||||||
[ -e "$DEB_BUILD_DIR" ] && rm -rf "$DEB_BUILD_DIR"
|
|
||||||
|
|
||||||
DEB_CONTROL_DIR=$ROOT_DIR/DEBIAN
|
|
||||||
DEB_PACKAGE_DIR=$ROOT_DIR/packages
|
|
||||||
|
|
||||||
############# do it ###############
|
|
||||||
|
|
||||||
ACTION=build
|
|
||||||
[ $# -gt 0 ] && ACTION=$1 && shift
|
|
||||||
|
|
||||||
case "$ACTION" in
|
|
||||||
build )
|
|
||||||
svn export "$CBOX_DEVEL_DIR" "$DEB_BUILD_DIR" >/dev/null
|
|
||||||
svn export "$DEB_CONTROL_DIR" "$DEB_BUILD_DIR/DEBIAN" >/dev/null
|
|
||||||
fakeroot dpkg-deb --build "$DEB_BUILD_DIR" "$DEB_PACKAGE_DIR"
|
|
||||||
rm -rf "$DEB_BUILD_DIR"
|
|
||||||
;;
|
|
||||||
check )
|
|
||||||
PACKAGE_FILE=$(find "$DEB_PACKAGE_DIR" -type f -name "cryptobox*" | grep "\.deb$" | sort -n | tail -1)
|
|
||||||
if [ -z "$PACKAGE_FILE" ]
|
|
||||||
then echo "no debian package found in $DEB_PACKAGE_DIR"
|
|
||||||
else lintian "$PACKAGE_FILE"
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
* )
|
|
||||||
echo "Syntax: $(basename $0) [ build | check help ]"
|
|
||||||
echo
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
35
scripts/make_stunnel_cert.sh
Executable file
35
scripts/make_stunnel_cert.sh
Executable file
|
@ -0,0 +1,35 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# this script creates the stunnel certificate for https
|
||||||
|
#
|
||||||
|
# parameter: "destination file"
|
||||||
|
#
|
||||||
|
# called by:
|
||||||
|
# - cbox-manage.sh during network-up if no certificate was found on the config partition
|
||||||
|
#
|
||||||
|
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
# parse config file
|
||||||
|
. /etc/cryptobox/cryptobox.conf
|
||||||
|
|
||||||
|
|
||||||
|
## vcert values are in openssl.conf
|
||||||
|
CERTFILE="$1"
|
||||||
|
TMP_FILE=/tmp/cryptobox-cert.tmp
|
||||||
|
|
||||||
|
[ ! -f "$OPENSSL_CONF_FILE" ] && echo "`basename $0`: $OPENSSL_CONF_FILE not found" && exit 2
|
||||||
|
# this command creates the certificate
|
||||||
|
# this is required, because the certbuilding asks for 5 returns
|
||||||
|
echo -ne "\n\n\n\n\n" | openssl req -new -x509 -nodes -days 3650 -config "$OPENSSL_CONF_FILE" -out "$CERTFILE" -keyout "$CERTFILE"
|
||||||
|
chmod 600 "$CERTFILE"
|
||||||
|
|
||||||
|
# next step needs a lot of randomdata
|
||||||
|
dd if=/dev/urandom of="$TMP_FILE" bs=1024 count=1024
|
||||||
|
openssl dhparam -rand "$TMP_FILE" 512 >> "$CERTFILE"
|
||||||
|
rm "$TMP_FILE"
|
||||||
|
|
||||||
|
#ln -sf ${CERTPATH}stunnel.pem ${CERTPATH}`openssl x509 -noout -hash < "${CERTPATH}stunnel.pem"`.0
|
||||||
|
|
||||||
|
## print out cert values
|
||||||
|
#openssl x509 -subject -dates -fingerprint -in stunnel.pem
|
Loading…
Reference in a new issue