From 32dab58ffef32188de77c6dc6e5177f36b6a57c7 Mon Sep 17 00:00:00 2001 From: Timothy Prepscius Date: Thu, 5 Sep 2013 15:36:14 -0400 Subject: [PATCH] moves the config to lower directory, makes the keys generate automatically --- build/comma | 1 + build/compile-web-html | 2 +- build/compile-web-js | 8 +- build/quote | 1 + build/replace_html.sed | 4 + build/replace_js_dev.sed | 15 +++ build/replace_js_prod.sed | 16 ++++ config/company | 1 + {deploy/config => config}/hosts/.gitignore | 0 {deploy/config => config}/hosts/make-dev | 0 {deploy/config => config}/hosts/make-prod | 0 {deploy/config => config}/title | 0 config/truststores/auth.jks.b64 | 1 + config/truststores/send.jks.b64 | 1 + deploy/config.hosts | 4 +- install/setup-web.remote | 8 +- keys/clean.autos | 5 + keys/client/clean | 3 + keys/client/make | 8 +- keys/client/make.auto | 101 +++++++++++++++++++++ keys/key/clean | 3 + keys/key/make | 8 +- keys/key/make.auto | 101 +++++++++++++++++++++ keys/localrelay/clean | 3 + keys/localrelay/make | 8 +- keys/localrelay/make.auto | 101 +++++++++++++++++++++ keys/mail/clean | 3 + keys/mail/make | 7 +- keys/mail/make.auto | 101 +++++++++++++++++++++ keys/make.autos | 5 + keys/push/clean | 3 + keys/push/make | 8 +- keys/push/make.auto | 101 +++++++++++++++++++++ 33 files changed, 606 insertions(+), 25 deletions(-) create mode 100644 build/comma create mode 100644 build/quote create mode 100644 config/company rename {deploy/config => config}/hosts/.gitignore (100%) rename {deploy/config => config}/hosts/make-dev (100%) rename {deploy/config => config}/hosts/make-prod (100%) rename {deploy/config => config}/title (100%) create mode 120000 config/truststores/auth.jks.b64 create mode 120000 config/truststores/send.jks.b64 create mode 100755 keys/clean.autos create mode 100755 keys/client/clean create mode 100755 keys/client/make.auto create mode 100755 keys/key/clean create mode 100755 keys/key/make.auto create mode 100755 keys/localrelay/clean create mode 100755 keys/localrelay/make.auto create mode 100755 keys/mail/clean create mode 100755 keys/mail/make.auto create mode 100755 keys/make.autos create mode 100755 keys/push/clean create mode 100755 keys/push/make.auto diff --git a/build/comma b/build/comma new file mode 100644 index 0000000..7edb2fa --- /dev/null +++ b/build/comma @@ -0,0 +1 @@ +, diff --git a/build/compile-web-html b/build/compile-web-html index c92e349..2adc4fb 100755 --- a/build/compile-web-html +++ b/build/compile-web-html @@ -4,7 +4,7 @@ set -x V=$1 M=$2 -APP_TITLE=`cat ../deploy/config/title` +APP_TITLE=`cat ../config/title` dst=www cmn_src=../web/common diff --git a/build/compile-web-js b/build/compile-web-js index 45107f6..8068053 100755 --- a/build/compile-web-js +++ b/build/compile-web-js @@ -4,10 +4,10 @@ V=$1 M=$2 dst=www -HOST_PRIMARY=`cat ../deploy/config/hosts/$M` -HOST_AUTH=`cat ../deploy/config/hosts/auth_$M` -HOST_TOMCAT=`cat ../deploy/config/hosts/tomcat_$M` -HOST_WEB=`cat ../deploy/config/hosts/web_$M` +HOST_PRIMARY=`cat ../config/hosts/$M` +HOST_AUTH=`cat ../config/hosts/auth_$M` +HOST_TOMCAT=`cat ../config/hosts/tomcat_$M` +HOST_WEB=`cat ../config/hosts/web_$M` function replaceStrings() { sed -i '' -f replace_js_$M.sed $1 diff --git a/build/quote b/build/quote new file mode 100644 index 0000000..9d68933 --- /dev/null +++ b/build/quote @@ -0,0 +1 @@ +" \ No newline at end of file diff --git a/build/replace_html.sed b/build/replace_html.sed index 191d7bc..0f6afac 100644 --- a/build/replace_html.sed +++ b/build/replace_html.sed @@ -24,4 +24,8 @@ d } +/{##COMPANY##}/ { + r ../config/company + d +} diff --git a/build/replace_js_dev.sed b/build/replace_js_dev.sed index 0ad91be..ca14d5e 100644 --- a/build/replace_js_dev.sed +++ b/build/replace_js_dev.sed @@ -4,3 +4,18 @@ d } +/{##TRUSTSTORE_AUTH##}/ { + r quote + r ../config/truststores/auth.jks.b64 + r quote + r comma + d +} + +/{##TRUSTSTORE_SEND##}/ { + r quote + r ../config/truststores/send.jks.b64 + r quote + r comma + d +} diff --git a/build/replace_js_prod.sed b/build/replace_js_prod.sed index 8770937..809edae 100644 --- a/build/replace_js_prod.sed +++ b/build/replace_js_prod.sed @@ -2,3 +2,19 @@ r ../web/common/Link.ConstantsProd.html d } + +/{##TRUSTSTORE_AUTH##}/ { + r quote + r ../config/truststores/auth.jks.b64 + r quote + r comma + d +} + +/{##TRUSTSTORE_SEND##}/ { + r quote + r ../config/truststores/send.jks.b64 + r quote + r comma + d +} diff --git a/config/company b/config/company new file mode 100644 index 0000000..709348d --- /dev/null +++ b/config/company @@ -0,0 +1 @@ +Your Company Inc. diff --git a/deploy/config/hosts/.gitignore b/config/hosts/.gitignore similarity index 100% rename from deploy/config/hosts/.gitignore rename to config/hosts/.gitignore diff --git a/deploy/config/hosts/make-dev b/config/hosts/make-dev similarity index 100% rename from deploy/config/hosts/make-dev rename to config/hosts/make-dev diff --git a/deploy/config/hosts/make-prod b/config/hosts/make-prod similarity index 100% rename from deploy/config/hosts/make-prod rename to config/hosts/make-prod diff --git a/deploy/config/title b/config/title similarity index 100% rename from deploy/config/title rename to config/title diff --git a/config/truststores/auth.jks.b64 b/config/truststores/auth.jks.b64 new file mode 120000 index 0000000..3ea0c18 --- /dev/null +++ b/config/truststores/auth.jks.b64 @@ -0,0 +1 @@ +../../keys/mail/truststore.jks.pem.b64 \ No newline at end of file diff --git a/config/truststores/send.jks.b64 b/config/truststores/send.jks.b64 new file mode 120000 index 0000000..8ad789b --- /dev/null +++ b/config/truststores/send.jks.b64 @@ -0,0 +1 @@ +../../keys/localrelay/truststore.jks.pem.b64 \ No newline at end of file diff --git a/deploy/config.hosts b/deploy/config.hosts index be59576..037be97 100644 --- a/deploy/config.hosts +++ b/deploy/config.hosts @@ -1,2 +1,2 @@ -M_HOST_PROD=`cat config/hosts/web_prod` -M_HOST_DEV=`cat config/hosts/web_dev` +M_HOST_PROD=`cat ../config/hosts/web_prod` +M_HOST_DEV=`cat ../config/hosts/web_dev` diff --git a/install/setup-web.remote b/install/setup-web.remote index 1b9bc91..9020717 100755 --- a/install/setup-web.remote +++ b/install/setup-web.remote @@ -3,13 +3,15 @@ set -x sudo ./setup-nginx.remote sudo mkdir -p /var/log/nginx +chdown nginx /var/log/nginx + cp sudoers.d-web /etc/sudoers.d/web chmod 0440 /etc/sudoers.d/web cd /opt/nginx/conf -ln -s /home/web/resources/nginx-ssl.crt -ln -s /home/web/resources/nginx-ssl.key -ln -s /home/web/resources/nginx.conf +ln -fs /home/web/resources/nginx-ssl.crt +ln -fs /home/web/resources/nginx-ssl.key +ln -fs /home/web/resources/nginx.conf cd /var/local mkdir www diff --git a/keys/clean.autos b/keys/clean.autos new file mode 100755 index 0000000..4a03817 --- /dev/null +++ b/keys/clean.autos @@ -0,0 +1,5 @@ +(cd mail && ./clean) +(cd localrelay && ./clean) +(cd key && ./clean) +(cd client && ./clean) +(cd push && ./clean) diff --git a/keys/client/clean b/keys/client/clean new file mode 100755 index 0000000..30de318 --- /dev/null +++ b/keys/client/clean @@ -0,0 +1,3 @@ +rm *.jks +rm *.cer +rm *.b64 diff --git a/keys/client/make b/keys/client/make index b70d645..451e78a 100755 --- a/keys/client/make +++ b/keys/client/make @@ -1,3 +1,5 @@ -keytool -genkeypair -alias client -keyalg RSA -keysize 2048 -keystore keystore.jks -keytool -export -alias client -keystore keystore.jks -rfc -file selfsignedcert.cer -keytool -import -alias client -file selfsignedcert.cer -keystore truststore.jks +keytool -genkeypair -alias anonymous -keyalg RSA -keysize 2048 -keystore keystore.jks +keytool -export -alias anonymous -keystore keystore.jks -rfc -file selfsignedcert.cer +keytool -import -alias anonymous -file selfsignedcert.cer -keystore truststore.jks +java -jar ../../build/exported/Tools.jar --export-pem file=truststore.jks + diff --git a/keys/client/make.auto b/keys/client/make.auto new file mode 100755 index 0000000..8167e33 --- /dev/null +++ b/keys/client/make.auto @@ -0,0 +1,101 @@ +#!/opt/local/bin/expect -f +# +# This Expect script was generated by autoexpect on Thu Sep 5 10:43:19 2013 +# Expect and autoexpect were both written by Don Libes, NIST. +# +# Note that autoexpect does not guarantee a working script. It +# necessarily has to guess about certain things. Two reasons a script +# might fail are: +# +# 1) timing - A surprising number of programs (rn, ksh, zsh, telnet, +# etc.) and devices discard or ignore keystrokes that arrive "too +# quickly" after prompts. If you find your new script hanging up at +# one spot, try adding a short sleep just before the previous send. +# Setting "force_conservative" to 1 (see below) makes Expect do this +# automatically - pausing briefly before sending each character. This +# pacifies every program I know of. The -c flag makes the script do +# this in the first place. The -C flag allows you to define a +# character to toggle this mode off and on. + +set force_conservative 0 ;# set to 1 to force conservative mode even if + ;# script wasn't run conservatively originally +if {$force_conservative} { + set send_slow {1 .1} + proc send {ignore arg} { + sleep .1 + exp_send -s -- $arg + } +} + +# +# 2) differing output - Some programs produce different output each time +# they run. The "date" command is an obvious example. Another is +# ftp, if it produces throughput statistics at the end of a file +# transfer. If this causes a problem, delete these patterns or replace +# them with wildcards. An alternative is to use the -p flag (for +# "prompt") which makes Expect only look for the last line of output +# (i.e., the prompt). The -P flag allows you to define a character to +# toggle this mode off and on. +# +# Read the man page for more info. +# +# -Don + + +set timeout -1 +spawn ./make +match_max 100000 +expect -exact "Enter keystore password: " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +expect -exact "\r +What is your first and last name?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your organizational unit?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your organization?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your City or Locality?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your State or Province?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the two-letter country code for this unit?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?\r + \[no\]: " +send -- "yes\r" +expect -exact "yes\r +\r +Enter key password for \r + (RETURN if same as keystore password): " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +expect -exact "\r +Enter keystore password: " +send -- "password\r" +expect -exact "\r +Certificate stored in file \r +Enter keystore password: " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +sleep 1 +send -- "yes\r" +expect eof diff --git a/keys/key/clean b/keys/key/clean new file mode 100755 index 0000000..30de318 --- /dev/null +++ b/keys/key/clean @@ -0,0 +1,3 @@ +rm *.jks +rm *.cer +rm *.b64 diff --git a/keys/key/make b/keys/key/make index a8d860f..451e78a 100755 --- a/keys/key/make +++ b/keys/key/make @@ -1,3 +1,5 @@ -keytool -genkeypair -alias piratekey -keyalg RSA -keysize 2048 -keystore keystore.jks -keytool -export -alias piratekey -keystore keystore.jks -rfc -file selfsignedcert.cer -keytool -import -alias piratekey -file selfsignedcert.cer -keystore truststore.jks +keytool -genkeypair -alias anonymous -keyalg RSA -keysize 2048 -keystore keystore.jks +keytool -export -alias anonymous -keystore keystore.jks -rfc -file selfsignedcert.cer +keytool -import -alias anonymous -file selfsignedcert.cer -keystore truststore.jks +java -jar ../../build/exported/Tools.jar --export-pem file=truststore.jks + diff --git a/keys/key/make.auto b/keys/key/make.auto new file mode 100755 index 0000000..8167e33 --- /dev/null +++ b/keys/key/make.auto @@ -0,0 +1,101 @@ +#!/opt/local/bin/expect -f +# +# This Expect script was generated by autoexpect on Thu Sep 5 10:43:19 2013 +# Expect and autoexpect were both written by Don Libes, NIST. +# +# Note that autoexpect does not guarantee a working script. It +# necessarily has to guess about certain things. Two reasons a script +# might fail are: +# +# 1) timing - A surprising number of programs (rn, ksh, zsh, telnet, +# etc.) and devices discard or ignore keystrokes that arrive "too +# quickly" after prompts. If you find your new script hanging up at +# one spot, try adding a short sleep just before the previous send. +# Setting "force_conservative" to 1 (see below) makes Expect do this +# automatically - pausing briefly before sending each character. This +# pacifies every program I know of. The -c flag makes the script do +# this in the first place. The -C flag allows you to define a +# character to toggle this mode off and on. + +set force_conservative 0 ;# set to 1 to force conservative mode even if + ;# script wasn't run conservatively originally +if {$force_conservative} { + set send_slow {1 .1} + proc send {ignore arg} { + sleep .1 + exp_send -s -- $arg + } +} + +# +# 2) differing output - Some programs produce different output each time +# they run. The "date" command is an obvious example. Another is +# ftp, if it produces throughput statistics at the end of a file +# transfer. If this causes a problem, delete these patterns or replace +# them with wildcards. An alternative is to use the -p flag (for +# "prompt") which makes Expect only look for the last line of output +# (i.e., the prompt). The -P flag allows you to define a character to +# toggle this mode off and on. +# +# Read the man page for more info. +# +# -Don + + +set timeout -1 +spawn ./make +match_max 100000 +expect -exact "Enter keystore password: " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +expect -exact "\r +What is your first and last name?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your organizational unit?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your organization?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your City or Locality?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your State or Province?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the two-letter country code for this unit?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?\r + \[no\]: " +send -- "yes\r" +expect -exact "yes\r +\r +Enter key password for \r + (RETURN if same as keystore password): " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +expect -exact "\r +Enter keystore password: " +send -- "password\r" +expect -exact "\r +Certificate stored in file \r +Enter keystore password: " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +sleep 1 +send -- "yes\r" +expect eof diff --git a/keys/localrelay/clean b/keys/localrelay/clean new file mode 100755 index 0000000..30de318 --- /dev/null +++ b/keys/localrelay/clean @@ -0,0 +1,3 @@ +rm *.jks +rm *.cer +rm *.b64 diff --git a/keys/localrelay/make b/keys/localrelay/make index 972242d..451e78a 100755 --- a/keys/localrelay/make +++ b/keys/localrelay/make @@ -1,3 +1,5 @@ -keytool -genkeypair -alias localrelay.mailiverse -keyalg RSA -keysize 2048 -keystore keystore.jks -keytool -export -alias localrelay.mailiverse -keystore keystore.jks -rfc -file selfsignedcert.cer -keytool -import -alias localrelay.mailiverse -file selfsignedcert.cer -keystore truststore.jks +keytool -genkeypair -alias anonymous -keyalg RSA -keysize 2048 -keystore keystore.jks +keytool -export -alias anonymous -keystore keystore.jks -rfc -file selfsignedcert.cer +keytool -import -alias anonymous -file selfsignedcert.cer -keystore truststore.jks +java -jar ../../build/exported/Tools.jar --export-pem file=truststore.jks + diff --git a/keys/localrelay/make.auto b/keys/localrelay/make.auto new file mode 100755 index 0000000..8167e33 --- /dev/null +++ b/keys/localrelay/make.auto @@ -0,0 +1,101 @@ +#!/opt/local/bin/expect -f +# +# This Expect script was generated by autoexpect on Thu Sep 5 10:43:19 2013 +# Expect and autoexpect were both written by Don Libes, NIST. +# +# Note that autoexpect does not guarantee a working script. It +# necessarily has to guess about certain things. Two reasons a script +# might fail are: +# +# 1) timing - A surprising number of programs (rn, ksh, zsh, telnet, +# etc.) and devices discard or ignore keystrokes that arrive "too +# quickly" after prompts. If you find your new script hanging up at +# one spot, try adding a short sleep just before the previous send. +# Setting "force_conservative" to 1 (see below) makes Expect do this +# automatically - pausing briefly before sending each character. This +# pacifies every program I know of. The -c flag makes the script do +# this in the first place. The -C flag allows you to define a +# character to toggle this mode off and on. + +set force_conservative 0 ;# set to 1 to force conservative mode even if + ;# script wasn't run conservatively originally +if {$force_conservative} { + set send_slow {1 .1} + proc send {ignore arg} { + sleep .1 + exp_send -s -- $arg + } +} + +# +# 2) differing output - Some programs produce different output each time +# they run. The "date" command is an obvious example. Another is +# ftp, if it produces throughput statistics at the end of a file +# transfer. If this causes a problem, delete these patterns or replace +# them with wildcards. An alternative is to use the -p flag (for +# "prompt") which makes Expect only look for the last line of output +# (i.e., the prompt). The -P flag allows you to define a character to +# toggle this mode off and on. +# +# Read the man page for more info. +# +# -Don + + +set timeout -1 +spawn ./make +match_max 100000 +expect -exact "Enter keystore password: " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +expect -exact "\r +What is your first and last name?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your organizational unit?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your organization?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your City or Locality?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your State or Province?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the two-letter country code for this unit?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?\r + \[no\]: " +send -- "yes\r" +expect -exact "yes\r +\r +Enter key password for \r + (RETURN if same as keystore password): " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +expect -exact "\r +Enter keystore password: " +send -- "password\r" +expect -exact "\r +Certificate stored in file \r +Enter keystore password: " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +sleep 1 +send -- "yes\r" +expect eof diff --git a/keys/mail/clean b/keys/mail/clean new file mode 100755 index 0000000..30de318 --- /dev/null +++ b/keys/mail/clean @@ -0,0 +1,3 @@ +rm *.jks +rm *.cer +rm *.b64 diff --git a/keys/mail/make b/keys/mail/make index 660cfd0..63ef2b8 100755 --- a/keys/mail/make +++ b/keys/mail/make @@ -1,3 +1,4 @@ -keytool -genkeypair -alias piratemail -keyalg RSA -keysize 2048 -keystore keystore.jks -keytool -export -alias piratemail -keystore keystore.jks -rfc -file selfsignedcert.cer -keytool -import -alias piratemail -file selfsignedcert.cer -keystore truststore.jks +keytool -genkeypair -alias anonymous -keyalg RSA -keysize 2048 -keystore keystore.jks +keytool -export -alias anonymous -keystore keystore.jks -rfc -file selfsignedcert.cer +keytool -import -alias anonymous -file selfsignedcert.cer -keystore truststore.jks +java -jar ../../build/exported/Tools.jar --export-pem file=truststore.jks diff --git a/keys/mail/make.auto b/keys/mail/make.auto new file mode 100755 index 0000000..8167e33 --- /dev/null +++ b/keys/mail/make.auto @@ -0,0 +1,101 @@ +#!/opt/local/bin/expect -f +# +# This Expect script was generated by autoexpect on Thu Sep 5 10:43:19 2013 +# Expect and autoexpect were both written by Don Libes, NIST. +# +# Note that autoexpect does not guarantee a working script. It +# necessarily has to guess about certain things. Two reasons a script +# might fail are: +# +# 1) timing - A surprising number of programs (rn, ksh, zsh, telnet, +# etc.) and devices discard or ignore keystrokes that arrive "too +# quickly" after prompts. If you find your new script hanging up at +# one spot, try adding a short sleep just before the previous send. +# Setting "force_conservative" to 1 (see below) makes Expect do this +# automatically - pausing briefly before sending each character. This +# pacifies every program I know of. The -c flag makes the script do +# this in the first place. The -C flag allows you to define a +# character to toggle this mode off and on. + +set force_conservative 0 ;# set to 1 to force conservative mode even if + ;# script wasn't run conservatively originally +if {$force_conservative} { + set send_slow {1 .1} + proc send {ignore arg} { + sleep .1 + exp_send -s -- $arg + } +} + +# +# 2) differing output - Some programs produce different output each time +# they run. The "date" command is an obvious example. Another is +# ftp, if it produces throughput statistics at the end of a file +# transfer. If this causes a problem, delete these patterns or replace +# them with wildcards. An alternative is to use the -p flag (for +# "prompt") which makes Expect only look for the last line of output +# (i.e., the prompt). The -P flag allows you to define a character to +# toggle this mode off and on. +# +# Read the man page for more info. +# +# -Don + + +set timeout -1 +spawn ./make +match_max 100000 +expect -exact "Enter keystore password: " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +expect -exact "\r +What is your first and last name?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your organizational unit?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your organization?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your City or Locality?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your State or Province?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the two-letter country code for this unit?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?\r + \[no\]: " +send -- "yes\r" +expect -exact "yes\r +\r +Enter key password for \r + (RETURN if same as keystore password): " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +expect -exact "\r +Enter keystore password: " +send -- "password\r" +expect -exact "\r +Certificate stored in file \r +Enter keystore password: " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +sleep 1 +send -- "yes\r" +expect eof diff --git a/keys/make.autos b/keys/make.autos new file mode 100755 index 0000000..a6b8dcb --- /dev/null +++ b/keys/make.autos @@ -0,0 +1,5 @@ +(cd mail && ./make.auto) +(cd localrelay && ./make.auto) +(cd key && ./make.auto) +(cd client && ./make.auto) +(cd push && ./make.auto) diff --git a/keys/push/clean b/keys/push/clean new file mode 100755 index 0000000..30de318 --- /dev/null +++ b/keys/push/clean @@ -0,0 +1,3 @@ +rm *.jks +rm *.cer +rm *.b64 diff --git a/keys/push/make b/keys/push/make index b70d645..451e78a 100755 --- a/keys/push/make +++ b/keys/push/make @@ -1,3 +1,5 @@ -keytool -genkeypair -alias client -keyalg RSA -keysize 2048 -keystore keystore.jks -keytool -export -alias client -keystore keystore.jks -rfc -file selfsignedcert.cer -keytool -import -alias client -file selfsignedcert.cer -keystore truststore.jks +keytool -genkeypair -alias anonymous -keyalg RSA -keysize 2048 -keystore keystore.jks +keytool -export -alias anonymous -keystore keystore.jks -rfc -file selfsignedcert.cer +keytool -import -alias anonymous -file selfsignedcert.cer -keystore truststore.jks +java -jar ../../build/exported/Tools.jar --export-pem file=truststore.jks + diff --git a/keys/push/make.auto b/keys/push/make.auto new file mode 100755 index 0000000..8167e33 --- /dev/null +++ b/keys/push/make.auto @@ -0,0 +1,101 @@ +#!/opt/local/bin/expect -f +# +# This Expect script was generated by autoexpect on Thu Sep 5 10:43:19 2013 +# Expect and autoexpect were both written by Don Libes, NIST. +# +# Note that autoexpect does not guarantee a working script. It +# necessarily has to guess about certain things. Two reasons a script +# might fail are: +# +# 1) timing - A surprising number of programs (rn, ksh, zsh, telnet, +# etc.) and devices discard or ignore keystrokes that arrive "too +# quickly" after prompts. If you find your new script hanging up at +# one spot, try adding a short sleep just before the previous send. +# Setting "force_conservative" to 1 (see below) makes Expect do this +# automatically - pausing briefly before sending each character. This +# pacifies every program I know of. The -c flag makes the script do +# this in the first place. The -C flag allows you to define a +# character to toggle this mode off and on. + +set force_conservative 0 ;# set to 1 to force conservative mode even if + ;# script wasn't run conservatively originally +if {$force_conservative} { + set send_slow {1 .1} + proc send {ignore arg} { + sleep .1 + exp_send -s -- $arg + } +} + +# +# 2) differing output - Some programs produce different output each time +# they run. The "date" command is an obvious example. Another is +# ftp, if it produces throughput statistics at the end of a file +# transfer. If this causes a problem, delete these patterns or replace +# them with wildcards. An alternative is to use the -p flag (for +# "prompt") which makes Expect only look for the last line of output +# (i.e., the prompt). The -P flag allows you to define a character to +# toggle this mode off and on. +# +# Read the man page for more info. +# +# -Don + + +set timeout -1 +spawn ./make +match_max 100000 +expect -exact "Enter keystore password: " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +expect -exact "\r +What is your first and last name?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your organizational unit?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your organization?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your City or Locality?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the name of your State or Province?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +What is the two-letter country code for this unit?\r + \[Unknown\]: " +send -- "\r" +expect -exact "\r +Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?\r + \[no\]: " +send -- "yes\r" +expect -exact "yes\r +\r +Enter key password for \r + (RETURN if same as keystore password): " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +expect -exact "\r +Enter keystore password: " +send -- "password\r" +expect -exact "\r +Certificate stored in file \r +Enter keystore password: " +send -- "password\r" +expect -exact "\r +Re-enter new password: " +send -- "password\r" +sleep 1 +send -- "yes\r" +expect eof