commit da121b3a5135d66095edb469b02c47f8ccb1adab Author: Isis Lovecruft <isis@torproject.org> Date: Tue May 20 18:14:41 2014 +0000 Hush OpenSSL during key/cert creation in scripts/make-ssl-cert. --- scripts/make-ssl-cert | 47 +++++++++++++++++++++++++++-------------------- 1 file changed, 27 insertions(+), 20 deletions(-) diff --git a/scripts/make-ssl-cert b/scripts/make-ssl-cert index ce8f7c2..76e4d70 100755 --- a/scripts/make-ssl-cert +++ b/scripts/make-ssl-cert @@ -34,27 +34,34 @@ THIS_PATH="$( cd -P "$( dirname "$THIS_FILE" )" && pwd )" REPO_PATH=${THIS_PATH%%/scripts} function usage () { - printf "Usage: %s\n\n" $NAME - printf "This script will create an SSL key and certificate ('privkey.pem' and 'cert'\n" - printf "respectively). The key has had it's password removed, and thus is suitable\n" - printf "for automation and CI tests." - printf "\n" + cat <<EOF +Usage: $NAME + +This script will create an SSL key and certificate ('privkey.pem' and 'cert' +respectively). The key has had it's password removed, and thus is suitable +for automation and CI tests. + +EOF } if test "$#" -ge 1 ; then usage ; exit 1 ; fi -# Go to the toplevel directory of the BridgeDB repo: -cd $REPO_PATH -#printf "%s: Current working directory:\n\t%s\n" $NAME $PWD - -openssl genrsa -des3 -passout pass:bridgedb -out privkey 4096 -openssl req -batch -passin pass:bridgedb -new -key privkey -out server.csr -cp privkey privkey.nopasswd -openssl rsa -passin pass:bridgedb -in privkey.nopasswd -out privkey.pem -openssl x509 -req -days 365 -in server.csr -signkey privkey.pem -out cert -test -f "privkey.nopasswd" && rm -f privkey.nopasswd -test -f "privkey" && rm -f privkey -test -f "server.csr" && rm -f server.csr - -printf "Done. Your private key was saved in ${REPO_PATH}/privkey.pem \n" -printf "and your certificate is in ${REPO_PATH}/cert \n" +{ + # Go to the toplevel directory of the BridgeDB repo: + cd $REPO_PATH + + openssl genrsa -des3 -passout pass:bridgedb -out privkey 4096 + openssl req -batch -passin pass:bridgedb -new -key privkey -out server.csr + cp privkey privkey.nopasswd + openssl rsa -passin pass:bridgedb -in privkey.nopasswd -out privkey.pem + openssl x509 -req -days 365 -in server.csr -signkey privkey.pem -out cert + + test -f "privkey.nopasswd" && rm -f privkey.nopasswd + test -f "privkey" && rm -f privkey + test -f "server.csr" && rm -f server.csr + +} 1>/dev/null 2>&1 + + +printf "Created private key: ${REPO_PATH}/privkey.pem \n" +printf "Created certificate: ${REPO_PATH}/cert \n"