iron.git

commit a181c0d58140b57e934ea56cde97962f26c78a7d

Author: Paolo Lulli <paolo@lulli.net>

cleanup


 .gitignore | 1 -
 iron/LICENSE | 2 +-
 iron/LICENSE.sub | 20 ++++++++++++++++++++
 iron/libexec/iron/check-server-cert.sh | 3 +++
 iron/libexec/iron/iron-client | 8 ++++----
 iron/libexec/iron/iron-service | 8 ++++++--


diff --git a/.gitignore b/.gitignore
index ebbe6c5b910b0e9a856576ad6bbef95b4b6dd1f4..e7816793abb74967a40f95e8840ecf47b5eeb45e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,4 +5,3 @@ */Makefile
 */*/Makefile
 */config.log
 */config.status
-




diff --git a/certsign/certsign.jar b/certsign/certsign.jar
new file mode 100644
index 0000000000000000000000000000000000000000..b0b0f64c0494de26df58c6155c525acb0d24cd59
Binary files /dev/null and b/certsign/certsign.jar differ




diff --git a/certsign/certsign.jar.original b/certsign/certsign.jar.original
new file mode 100644
index 0000000000000000000000000000000000000000..dd8ee74e611b2e7ee9dbfd2172f2313c76f49ba2
Binary files /dev/null and b/certsign/certsign.jar.original differ




diff --git a/certsign/certsign.war.original b/certsign/certsign.war.original
new file mode 100644
index 0000000000000000000000000000000000000000..8b8aad80733b00fd19f89035d2da1b275c5516d6
Binary files /dev/null and b/certsign/certsign.war.original differ




diff --git a/iron/LICENSE b/iron/LICENSE
index f98256075a01bcf6c4b17495979e85908184a01e..da43423a8afda0b6036695d8966357ceabea9896 100644
--- a/iron/LICENSE
+++ b/iron/LICENSE
@@ -1,4 +1,4 @@
-Copyright (c) 2012 Sam Stephenson, Nick Quaranto, 37signals
+Copyright (c) 2018 Paolo Lulli
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the




diff --git a/iron/LICENSE.sub b/iron/LICENSE.sub
new file mode 100644
index 0000000000000000000000000000000000000000..f98256075a01bcf6c4b17495979e85908184a01e
--- /dev/null
+++ b/iron/LICENSE.sub
@@ -0,0 +1,20 @@
+Copyright (c) 2012 Sam Stephenson, Nick Quaranto, 37signals
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.




diff --git a/iron/libexec/iron/check-server-cert.sh b/iron/libexec/iron/check-server-cert.sh
new file mode 100755
index 0000000000000000000000000000000000000000..e4e107b7c5d9e693177cdce046b05f41dbb0265a
--- /dev/null
+++ b/iron/libexec/iron/check-server-cert.sh
@@ -0,0 +1,3 @@
+#! /bin/bash -x
+
+openssl verify -CAfile ca.crt  server.crt




diff --git a/iron/libexec/iron/iron-client b/iron/libexec/iron/iron-client
index b6eb66142ebd825acdd7f752f0dce902ef11bd8d..0c688417fbfa063cc1fdc8f28af6792883dedd25 100755
--- a/iron/libexec/iron/iron-client
+++ b/iron/libexec/iron/iron-client
@@ -44,11 +44,11 @@ 	CAPATH=$RCDIR/CA
 	CLIENT_CERTPATH=$RCDIR/${DOMAIN}/certs
 	target_dir="cert-$client"
 	mkdir -p $target_dir/CA
-	mkdir -p $target_dir/$domain
-	mkdir -p $target_dir/$domain/certs/$client
+	mkdir -p $target_dir/$DOMAIN
+	mkdir -p $target_dir/$DOMAIN/certs/$client
 	cp $CAPATH/ca.crt $target_dir/CA
-	cp $CLIENT_CERTPATH/$client/$client.crt $target_dir/$domain/certs/$client
-	openssl rsa -aes256 -in $CLIENT_CERTPATH/$client/$client.key --out $target_dir/$domain/certs/$client/$client.key
+	cp $CLIENT_CERTPATH/$client/$client.crt $target_dir/$DOMAIN/certs/$client
+	openssl rsa -aes256 -in $CLIENT_CERTPATH/$client/$client.key --out $target_dir/$DOMAIN/certs/$client/$client.key
 	tar cvfz $target_dir.tar.gz $target_dir && rm -fr $target_dir
 }
 




diff --git a/iron/libexec/iron/iron-service b/iron/libexec/iron/iron-service
index 7147180d217887df4207c6409e67f0fbe4d3f414..a19d3bf2a4d7051cfafb8ab618822129042b3434 100755
--- a/iron/libexec/iron/iron-service
+++ b/iron/libexec/iron/iron-service
@@ -14,8 +14,12 @@ function service_create()
 {
 	test -d $CERTPATH   || mkdir -p $CERTPATH
 	openssl genrsa -out   $CERTPATH/server.key 2048 
-	openssl req    -batch -new -key $CERTPATH/server.key      -out $CERTPATH/server.csr -config $SERVER_CONFIG_FILE
-	openssl x509   -req   -days 365 -in $CERTPATH/server.csr -signkey $CERTPATH/server.key -out $CERTPATH/server.crt
+	openssl req    -batch -new -key $CERTPATH/server.key -out $CERTPATH/server.csr -config $SERVER_CONFIG_FILE
+	#OLD::openssl x509   -req   -days 365 -in $CERTPATH/server.csr -signkey $CERTPATH/server.key -out $CERTPATH/server.crt
+	openssl x509   -req   -days 365 -CA $CAPATH/ca.crt -CAkey $CAPATH/ca.key -CAcreateserial -in $CERTPATH/server.csr \
+		-signkey $CERTPATH/server.key -out $CERTPATH/server.crt
+	#openssl ca -cert $CAPATH/ca.crt  -keyfile $CAPATH/ca.key -in $CERTPATH/server.csr -out $CERTPATH/server.crt -config /home/paolo/.iron/dev.lulli.net/conf/openssl-server.conf
+
 }
 
 function service_home_setup_delete()