iron.git

diff --git a/iron/bin/iron b/iron/bin/iron
new file mode 100644
index 0000000000000000000000000000000000000000..d8d79d306e29cd1ff5a513b0f144f8e703ff502f
--- /dev/null
+++ b/iron/bin/iron
@@ -0,0 +1,48 @@
+#!/usr/bin/env bash
+set -e
+
+resolve_link() {
+  $(type -p greadlink readlink | head -1) "$1"
+}
+
+abs_dirname() {
+  local cwd="$(pwd)"
+  local path="$1"
+
+  while [ -n "$path" ]; do
+    cd "${path%/*}"
+    local name="${path##*/}"
+    path="$(resolve_link "$name" || true)"
+  done
+
+  pwd
+  cd "$cwd"
+}
+
+#libexec_path="$(abs_dirname "$0")"
+sjalv=$(basename $0)
+libexec_path=//libexec/$sjalv
+
+if [[ "${libexec_path}" = *"@"* ]]; then
+        libexec_path="$(abs_dirname "$0")" #Substitution has not happened -> dev version
+fi
+
+export _IRON_ROOT="$(abs_dirname "$libexec_path")"
+export PATH="${libexec_path}:$PATH"
+
+command="$1"
+case "$command" in
+"" | "-h" | "--help" )
+  exec iron-help
+  ;;
+* )
+  command_path="$(command -v "iron-$command" || true)"
+  if [ ! -x "$command_path" ]; then
+    echo "iron: no such command \`$command'" >&2
+    exit 1
+  fi
+
+  shift
+  exec "$command_path" "$@"
+  ;;
+esac




diff --git a/iron/debian/control b/iron/debian/control
index def44cfaa42a8f96dd6fc44eef55f864e50bb23e..e176ae3ee2126c6a8e3b2eb716921bce736b83e5 100644
--- a/iron/debian/control
+++ b/iron/debian/control
@@ -1,5 +1,5 @@
 Package: iron
-Version: 1.0-1
+Version: 1.0-2
 Section: base
 Priority: optional
 Architecture: all




diff --git a/iron/libexec/iron/iron-ca b/iron/libexec/iron/iron-ca
index c2de9b822c1c29d13b20b6fda484b08ae8df56bb..ae29d3c293b1f81e305d56542fb9bbe9a3e7f92b 100755
--- a/iron/libexec/iron/iron-ca
+++ b/iron/libexec/iron/iron-ca
@@ -57,7 +57,8 @@ ST                     = Italia
 L                      = Roma
 O                      = service.lulli.net
 OU                     = service.lulli.net
-CN                     = ca.service.lulli.net
+#CN                     = ca.service.lulli.net
+CN                     = service.lulli.net
 emailAddress           = info@service.lulli.net
 
 [ req_attributes ]




diff --git a/iron/libexec/iron/iron-certificate b/iron/libexec/iron/iron-certificate
index ea190604c314a4e7c568db9e43e004714a31ad5b..e3b5be71451d84b2ed1574d7b417b947d94c9efc 100755
--- a/iron/libexec/iron/iron-certificate
+++ b/iron/libexec/iron/iron-certificate
@@ -59,6 +59,23 @@ 	openssl x509 -req -days 365 -CA $CAPATH/ca.crt -CAkey $CAPATH/ca.key -CAcreateserial -in $CP/$client.csr -out $CP/$client.crt
 	test -f $CP/$client.crt && echo "Created certificate in [$CP/$client.crt]"
 }
 
+
+function pkcs12_create()
+{
+	service=$1
+	client=$2
+	CLIENT_CERTPATH=$RCDIR/$service/certs
+	CP=$CLIENT_CERTPATH/$client
+	test -d ${CP} || mkdir -p ${CP}
+        openssl pkcs12 -export -clcerts -in $CP/$client.crt -inkey $CP/$client.key -out $CP/$client.p12\
+                 -name "${client}"\
+                 -CAfile ${CAPATH}/ca.crt -caname root
+	test -f $CP/$client.p12 && echo "Created PKCS12 (*.p12) in [$CP/$client.p12]"
+}
+
+
+
+
 if [ "$#" = 3 ];then
 	operation=$1
 	service=$2
@@ -72,6 +89,7 @@
 	if [ "$operation" = "create" ]; then
 		client=$3
 		certificate_create $service $client
+		pkcs12_create $service $client
 	fi 
 
 	if [ "$operation" = "remotesign" ]; then
@@ -91,4 +109,3 @@ 	echo "\$iron certificate   "
 	echo "\$iron certificate <remotesign> <service><client-id>"
 	exit -1
 fi
-




diff --git a/iron/libexec/iron/iron-keystore b/iron/libexec/iron/iron-keystore
new file mode 100755
index 0000000000000000000000000000000000000000..469d2aab55db616920d6610e269bd6e3ac2f8b26
--- /dev/null
+++ b/iron/libexec/iron/iron-keystore
@@ -0,0 +1,73 @@
+#! /bin/bash 
+# Usage: $iron keystore <create|sho> <service> <client>
+# Summary: create and show contents of java  keystore
+# Help: This command groups commands used to create java keystore from pkcs#12 
+
+APPNAME="iron"
+CURRDIR=$(pwd)
+
+RCDIR=$HOME/.$APPNAME
+test -d $RCDIR || mkdir -p $RCDIR
+CURRENT_TSTAMP=$(date '+%Y%m%d%H%M')
+
+function certificate_create()
+{
+	service=$1
+	client=$2
+	CLIENT_CERTPATH=$RCDIR/$service/certs
+	CP=$CLIENT_CERTPATH/$client
+	test -d ${CP} || mkdir -p ${CP}
+	openssl x509 -req -days 365 -CA $CAPATH/ca.crt -CAkey $CAPATH/ca.key -CAcreateserial -in $CP/$client.csr -out $CP/$client.crt
+	test -f $CP/$client.crt && echo "Created certificate in [$CP/$client.crt]"
+}
+
+function keystore_show()
+{
+	service=$1
+	client=$2
+	CLIENT_CERTPATH=$RCDIR/$service/certs
+	CP=$CLIENT_CERTPATH/$client
+	test -d ${CP} || mkdir -p ${CP}
+	echo "Showing content of KeyStore: [$CP/client.keystore]"
+	keytool -keystore $CP/client.keystore -list -v
+}
+
+function keystore_create()
+{
+	service=$1
+	client=$2
+	CLIENT_CERTPATH=$RCDIR/$service/certs
+	CP=$CLIENT_CERTPATH/$client
+	test -d ${CP} || mkdir -p ${CP}
+	echo "Insert PKCS#12 (*.p12) keystore password:"
+	read keystore_password
+	keytool -importkeystore \
+        -deststorepass "${keystore_password}" -destkeypass "${keystore_password}" -destkeystore $CP/client.keystore \
+        -srckeystore $CP/${client}.p12 -srcstoretype PKCS12 -srcstorepass "${keystore_password}" \
+        -alias "${client}"
+
+	test -f $CP/client.keystore && echo "Created Java Keystore in [$CP/client.keystore]"
+}
+
+if [ "$#" = 3 ];then
+	operation=$1
+	service=$2
+	CA_RCFILE="$HOME/"."$APPNAME/default-ca"".env"
+	source ${CA_RCFILE}
+
+	if [ "$operation" = "create" ]; then
+		client=$3
+		keystore_create $service $client
+	fi 
+
+	if [ "$operation" = "show" ]; then
+		client=$3
+		keystore_show $service $client
+	fi 
+
+else
+	echo "Usage:"
+	echo "\$iron keystore create <service> <client-id>"
+	echo "\$iron keystore show <service> <client-id>"
+	exit -1
+fi




diff --git a/iron/libexec/iron/iron-pkcs12 b/iron/libexec/iron/iron-pkcs12
new file mode 100755
index 0000000000000000000000000000000000000000..58ec37cd255df973b03f41e647c0c94a06f36785
--- /dev/null
+++ b/iron/libexec/iron/iron-pkcs12
@@ -0,0 +1,90 @@
+#! /bin/bash 
+# Usage: $iron pkcs12 create <service> <client>
+# Summary: create *.p12 keystore
+# Help: This command groups commands used to create pkcs#12 for distribution
+
+APPNAME="iron"
+CURRDIR=$(pwd)
+
+RCDIR=$HOME/.$APPNAME
+test -d $RCDIR || mkdir -p $RCDIR
+CURRENT_TSTAMP=$(date '+%Y%m%d%H%M')
+
+function certificate_sign()
+{
+	service=$1
+	csrfile=$2
+	client=$(basename $csrfile | sed -e 's/.csr$//')
+	CLIENT_CERTPATH=$RCDIR/$service/certs
+	CP=$CLIENT_CERTPATH/$client
+	test -d ${CP} || mkdir -p ${CP}
+	openssl x509 -req -days 365 -CA $CAPATH/ca.crt -CAkey $CAPATH/ca.key -CAcreateserial -in $csrfile -out $CP/$client.crt
+}
+
+function remote_client_write_setup()
+{
+	CLIENT_RCFILE="$RCDIR/client-$client"".env"
+        echo "REMOTE_RCDIR=$RCDIR">${CLIENT_RCFILE}
+        echo "REMOTE_USER=">>${CLIENT_RCFILE}
+        echo "REMOTE_HOST=">>${CLIENT_RCFILE}
+}
+
+
+function remote_certificate_sign()
+{
+	service=$1
+	remote_csr_user=$2
+	remote_csr_host=$3
+	remote_csrfile=$4
+	csrfile=$(basename $remote_csrfile) 
+	remote_certdir=$(dirname $remote_csrfile) 
+	client=$(basename $csrfile | sed -e 's/.csr$//')
+	CLIENT_CERTPATH=$RCDIR/$service/certs
+	CP=$CLIENT_CERTPATH/$client 
+	test -d ${CP} || mkdir -p ${CP}
+	scp $remote_csr_user@$remote_csr_host:$remote_csrfile $CP/$client.csr
+	openssl x509 -req -days 365 -CA $CAPATH/ca.crt -CAkey $CAPATH/ca.key -CAcreateserial -in $CP/$client.csr -out $CP/$client.crt
+	scp $CP/$client.crt $REMOTE_USER@$REMOTE_HOST:$remote_certdir
+}
+
+function certificate_create()
+{
+	service=$1
+	client=$2
+	CLIENT_CERTPATH=$RCDIR/$service/certs
+	CP=$CLIENT_CERTPATH/$client
+	test -d ${CP} || mkdir -p ${CP}
+	openssl x509 -req -days 365 -CA $CAPATH/ca.crt -CAkey $CAPATH/ca.key -CAcreateserial -in $CP/$client.csr -out $CP/$client.crt
+	test -f $CP/$client.crt && echo "Created certificate in [$CP/$client.crt]"
+}
+
+
+function pkcs12_create()
+{
+	service=$1
+	client=$2
+	CLIENT_CERTPATH=$RCDIR/$service/certs
+	CP=$CLIENT_CERTPATH/$client
+	test -d ${CP} || mkdir -p ${CP}
+        openssl pkcs12 -export -clcerts -in $CP/$client.crt -inkey $CP/$client.key -out $CP/$client.p12\
+                 -name "${client}"\
+                 -CAfile ${CAPATH}/ca.crt -caname root
+	test -f $CP/$client.p12 && echo "Created PKCS12 (*.p12) in [$CP/$client.p12]"
+}
+
+if [ "$#" = 3 ];then
+	operation=$1
+	service=$2
+	CA_RCFILE="$HOME/"."$APPNAME/default-ca"".env"
+	source ${CA_RCFILE}
+
+	if [ "$operation" = "create" ]; then
+		client=$3
+		pkcs12_create $service $client
+	fi 
+
+else
+	echo "Usage:"
+	echo "\$iron pkcs12 <create> <service> <client-id>"
+	exit -1
+fi




diff --git a/iron/libexec/iron/iron-service b/iron/libexec/iron/iron-service
index ab132956f08d1ad9030c7b485309e2b8e2faa90c..7147180d217887df4207c6409e67f0fbe4d3f414 100755
--- a/iron/libexec/iron/iron-service
+++ b/iron/libexec/iron/iron-service
@@ -73,12 +73,14 @@ 	service=$2
 	RCFILE="$HOME/"."$APPNAME/service-${service}"".env"
 
 	if [ "$operation" = "create" ]; then
-		test -f ${RCFILE} || ( service_home_setup_write ; echo "Edit values in ${RCFILE}"; exit -1) 
+		echo "BEFORE"
+		test -f ${RCFILE} || ( service_home_setup_write $service; echo "Edit values in ${RCFILE}"; exit -1) 
+		echo "AFTER"
 		source ${RCFILE}
 		service_create $service 
 	fi 
 	if [ "$operation" = "setup" ]; then
-		test -f ${RCFILE} || ( service_home_setup_write ; echo "Edit values in ${RCFILE}"; exit 0) 
+		test -f ${RCFILE} || ( service_home_setup_write $service; echo "Edit values in ${RCFILE}"; exit 0) 
 	fi 
 	if [ "$operation" = "delete" ]; then
 		source ${RCFILE}




diff --git a/iron/makedeb.sh b/iron/makedeb.sh
index 649eac8c99867750165728fc5c795d5793402ad8..773de5f6a5adc17c0a96814d814c3fd73816cb94 100755
--- a/iron/makedeb.sh
+++ b/iron/makedeb.sh
@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-VERS=1.0.0
+VERS=1.0.1
 TARGET_DIR=../target
 cd $(dirname $0);
 CURRDIR=$(pwd)