From: Simon Ruderich <simon@ruderich.org>
Date: Fri, 11 Mar 2011 02:03:50 +0000 (+0100)
Subject: src/tlsproxy-setup.sh: Add. Creates files to use tlsproxy.
X-Git-Tag: 0.1~14
X-Git-Url: https://ruderich.org/simon/gitweb/?p=tlsproxy%2Ftlsproxy.git;a=commitdiff_plain;h=9daed8d9714796db166cfe65173e0c4307aedd87

src/tlsproxy-setup.sh: Add. Creates files to use tlsproxy.
---

diff --git a/src/tlsproxy-setup.sh b/src/tlsproxy-setup.sh
new file mode 100755
index 0000000..9f17f0b
--- /dev/null
+++ b/src/tlsproxy-setup.sh
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+# Create necessary files to run tlsproxy in the current directory.
+#
+# Requires certtool (from GnuTLS).
+#
+# Copyright (C) 2011  Simon Ruderich
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+
+tempfile=`mktemp` || exit 1
+
+die() {
+    rm -f $tempfile
+    exit 1
+}
+
+# Generate proxy CA key file.
+certtool --generate-privkey > proxy-ca-key.pem || die
+# Generate proxy CA.
+echo 'cn = tlsproxy CA' > $tempfile
+echo ca                >> $tempfile
+echo cert_signing_key  >> $tempfile
+certtool --generate-self-signed \
+         --load-privkey proxy-ca-key.pem \
+         --template $tempfile \
+         --outfile proxy-ca.pem || die
+
+# Generate proxy key file.
+certtool --generate-privkey > proxy-key.pem || die
+
+# Generate proxy "invalid" server certificate. It's used for problematic
+# connections.
+echo 'organization = tlsproxy' > $tempfile
+echo 'cn = invalid'           >> $tempfile
+echo tls_www_server           >> $tempfile
+echo encryption_key           >> $tempfile
+echo signing_key              >> $tempfile
+certtool --generate-self-signed \
+         --load-privkey proxy-key.pem \
+         --template $tempfile \
+         --outfile proxy-invalid.pem || die
+
+rm $tempfile