Commit 356f56f6 authored by Leigh Stoller's avatar Leigh Stoller

Add silly little script for generating digital signatures using the

emulab pub/priv key pair I installed yesterday.

Also committed some stuff for running tmcd on ops. Not in production
yet. Someday.
parent 484c9c1c
......@@ -1341,7 +1341,7 @@ esac
outfiles="$outfiles Makeconf GNUmakefile \
assign/GNUmakefile \
ssl/GNUmakefile \
ssl/GNUmakefile ssl/mksig \
capture/GNUmakefile \
db/GNUmakefile db/nalloc db/nfree db/if2port db/backup \
db/webcontrol db/node_status db/genelists db/genelists.proxy \
......
......@@ -384,7 +384,7 @@ esac]
outfiles="$outfiles Makeconf GNUmakefile \
assign/GNUmakefile \
ssl/GNUmakefile \
ssl/GNUmakefile ssl/mksig \
capture/GNUmakefile \
db/GNUmakefile db/nalloc db/nfree db/if2port db/backup \
db/webcontrol db/node_status db/genelists db/genelists.proxy \
......
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -12,7 +12,8 @@ SUBDIR = ssl
include $(OBJDIR)/Makeconf
all: emulab.pem server.pem localnode.pem ronnode.pem pcwa.pem keys
all: emulab.pem server.pem localnode.pem ronnode.pem pcwa.pem ctrlnode.pem \
keys mksig
include $(TESTBED_SRCDIR)/GNUmakerules
......@@ -84,6 +85,9 @@ capture.pem: dirsmade capture.cnf ca.cnf
localnode.pem: dirsmade localnode.cnf ca.cnf $(SRCDIR)/mkclient.sh
$(SRCDIR)/mkclient.sh localnode
ctrlnode.pem: dirsmade ctrlnode.cnf ca.cnf $(SRCDIR)/mkclient.sh
$(SRCDIR)/mkclient.sh ctrlnode
ronnode.pem: dirsmade ronnode.cnf ca.cnf $(SRCDIR)/mkclient.sh
$(SRCDIR)/mkclient.sh ronnode
......@@ -120,7 +124,7 @@ dirsmade:
# You do not want to run these targets unless you are sure you
# know what you are doing!
#
install:
install: $(INSTALL_SBINDIR)/mksig
@echo "BE VERY CAREFUL! INSTALLING NEW CERTS CAN CAUSE DISASTER!"
boss-installX: $(INSTALL_ETCDIR)/emulab.pem \
......
[ req ]
prompt = no
default_bits = 1024
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
encrypt_key = no
string_mask = nombstr
[ req_distinguished_name ]
C = US
ST = Utah
L = Salt Lake City
O = Utah Network Testbed
# tmcd uses OU and CN for verification.
OU = controlnode
CN = @BOSSNODE@
emailAddress = @TBOPSEMAIL@
[ req_attributes ]
[ v3_ca ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = CA:true
#!/bin/sh
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# All rights reserved.
#
#
# Create a digital sig and spit out to stdout. You have to know the
# password. Hint: its the same as widearea root ssh key.
#
openssl dgst -sha1 -sign @prefix@/etc/emulab_privkey.pem $1
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment