src/test/setup/radius-config/freeradius/certs_2/bootstrap - cord-tester - Gitiles

 #!/bin/sh
 #
 #  This is a wrapper script to create default certificates when the
 #  server first starts in debugging mode.  Once the certificates have been
 #  created, this file should be deleted.
 #
 #  Ideally, this program should be run as part of the installation of any
 #  binary package.  The installation should also ensure that the permissions
 #  and owners are correct for the files generated by this script.
 #
 #  $Id: c9d939beac8d5bdc21ea1ff9233442f9ab933297 $
 #
 umask 027
 cd `dirname $0`

 make -h > /dev/null 2>&1

 #
 #  If we have a working "make", then use it.  Otherwise, run the commands
 #  manually.
 #
 if [ "$?" = "0" ]; then
   make all
   exit $?
 fi

 #
 #  The following commands were created by running "make -n", and edited
 #  to remove the trailing backslash, and to add "exit 1" after the commands.
 #
 #  Don't edit the following text.  Instead, edit the Makefile, and
 #  re-generate these commands.
 #
 if [ ! -f dh ]; then
   openssl dhparam -out dh 1024 || exit 1
   if [ -e /dev/urandom ] ; then
 	ln -sf /dev/urandom random
   else
 	date > ./random;
   fi
 fi

 if [ ! -f server.key ]; then
   openssl req -new  -out server.csr -keyout server.key -config ./server.cnf || exit 1
 fi

 if [ ! -f ca.key ]; then
   openssl req -new -x509 -keyout ca.key -out ca.pem -days `grep default_days ca.cnf | sed 's/.*=//;s/^ *//'` -config ./ca.cnf || exit 1
 fi

 if [ ! -f index.txt ]; then
   touch index.txt
 fi

 if [ ! -f serial ]; then
   echo '01' > serial
 fi

 if [ ! -f server.crt ]; then
   openssl ca -batch -keyfile ca.key -cert ca.pem -in server.csr  -key `grep output_password ca.cnf | sed 's/.*=//;s/^ *//'` -out server.crt -extensions xpserver_ext -extfile xpextensions -config ./server.cnf || exit 1
 fi

 if [ ! -f server.p12 ]; then
   openssl pkcs12 -export -in server.crt -inkey server.key -out server.p12  -passin pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` -passout pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` || exit 1
 fi

 if [ ! -f server.pem ]; then
   openssl pkcs12 -in server.p12 -out server.pem -passin pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` -passout pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` || exit 1
   openssl verify -CAfile ca.pem server.pem || exit 1
 fi

 if [ ! -f ca.der ]; then
   openssl x509 -inform PEM -outform DER -in ca.pem -out ca.der || exit 1
 fi

 if [ ! -f client.key ]; then
   openssl req -new  -out client.csr -keyout client.key -config ./client.cnf
 fi

 if [ ! -f client.crt ]; then
   openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr  -key `grep output_password ca.cnf | sed 's/.*=//;s/^ *//'` -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf
 fi
	#!/bin/sh
	#
	# This is a wrapper script to create default certificates when the
	# server first starts in debugging mode. Once the certificates have been
	# created, this file should be deleted.
	#
	# Ideally, this program should be run as part of the installation of any
	# binary package. The installation should also ensure that the permissions
	# and owners are correct for the files generated by this script.
	#
	# $Id: c9d939beac8d5bdc21ea1ff9233442f9ab933297 $
	#
	umask 027
	cd `dirname $0`

	make -h > /dev/null 2>&1

	#
	# If we have a working "make", then use it. Otherwise, run the commands
	# manually.
	#
	if [ "$?" = "0" ]; then
	make all
	exit $?
	fi

	#
	# The following commands were created by running "make -n", and edited
	# to remove the trailing backslash, and to add "exit 1" after the commands.
	#
	# Don't edit the following text. Instead, edit the Makefile, and
	# re-generate these commands.
	#
	if [ ! -f dh ]; then
	openssl dhparam -out dh 1024 \|\| exit 1
	if [ -e /dev/urandom ] ; then
	ln -sf /dev/urandom random
	else
	date > ./random;
	fi
	fi

	if [ ! -f server.key ]; then
	openssl req -new -out server.csr -keyout server.key -config ./server.cnf \|\| exit 1
	fi

	if [ ! -f ca.key ]; then
	openssl req -new -x509 -keyout ca.key -out ca.pem -days `grep default_days ca.cnf \| sed 's/.=//;s/^ //'` -config ./ca.cnf \|\| exit 1
	fi

	if [ ! -f index.txt ]; then
	touch index.txt
	fi

	if [ ! -f serial ]; then
	echo '01' > serial
	fi

	if [ ! -f server.crt ]; then
	openssl ca -batch -keyfile ca.key -cert ca.pem -in server.csr -key `grep output_password ca.cnf \| sed 's/.=//;s/^ //'` -out server.crt -extensions xpserver_ext -extfile xpextensions -config ./server.cnf \|\| exit 1
	fi

	if [ ! -f server.p12 ]; then
	openssl pkcs12 -export -in server.crt -inkey server.key -out server.p12 -passin pass:`grep output_password server.cnf \| sed 's/.=//;s/^ //'` -passout pass:`grep output_password server.cnf \| sed 's/.=//;s/^ //'` \|\| exit 1
	fi

	if [ ! -f server.pem ]; then
	openssl pkcs12 -in server.p12 -out server.pem -passin pass:`grep output_password server.cnf \| sed 's/.=//;s/^ //'` -passout pass:`grep output_password server.cnf \| sed 's/.=//;s/^ //'` \|\| exit 1
	openssl verify -CAfile ca.pem server.pem \|\| exit 1
	fi

	if [ ! -f ca.der ]; then
	openssl x509 -inform PEM -outform DER -in ca.pem -out ca.der \|\| exit 1
	fi

	if [ ! -f client.key ]; then
	openssl req -new -out client.csr -keyout client.key -config ./client.cnf
	fi

	if [ ! -f client.crt ]; then
	openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key `grep output_password ca.cnf \| sed 's/.=//;s/^ //'` -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf
	fi