diff options
Diffstat (limited to 'src/rts.it')
| -rw-r--r-- | src/rts.it | 197 |
1 files changed, 197 insertions, 0 deletions
diff --git a/src/rts.it b/src/rts.it new file mode 100644 index 0000000..7c0fa0e --- /dev/null +++ b/src/rts.it @@ -0,0 +1,197 @@ +# Umbrella script to provide *SSL environment +# and helper functions + +PATH="`pwd`:$PATH" +CADIR=`pwd | cut -d':' -f1 | sed s/compile/etc/` + +# include the ssl and crypto libs by means of LD_LIBRARY_PATH +#export LD_LIBRARY_PATH="/home/ucspi/_SSL/libressl-3.7.2/ssl/.libs:/home/ucspi/_SSL/libressl-3.7.2/crypto/.libs" +export LD_LIBRARY_PATH="/home/ucspi/_SSL/openssl-3.2.0-alpha2" + +rm -rf rts-tmp +mkdir rts-tmp +cd rts-tmp + +CAFILE="$CADIR/rootCA_cert.pem" +if [ ! -f $CAFILE ] +then + echo "$CAFILE does no exist!" + exit 1 +fi +CERTFILE="$CADIR/::1_cert.pem" +if [ ! -f $CERTFILE ] +then + echo "$CERTFILE does no exist!" + exit 1 +fi +CHAINFILE="$CADIR/chain6.pem" +if [ ! -f $CHAINFILE ] +then + echo "$CHAINFILE does no exist!" + exit 1 +fi +KEYFILE="$CADIR/::1_key.pem" +if [ ! -f $KEYFILE ] +then + echo "$KEYFILE does no exist!" + exit 1 +fi +CCAFILE="$CADIR/rootCA_cert.pem" +if [ ! -f $CCAFILE ] +then + echo "$CCAFILE does no exist!" + exit 1 +fi +CCERTFILE="$CADIR/localhost_cert.pem" +if [ ! -f $CCERTFILE ] +then + echo "$CCERTFILE does no exist!" + exit 1 +fi +CKEYFILE="$CADIR/localhost_key.pem" +if [ ! -f $CKEYFILE ] +then + echo "$CKEYFILE does no exist!" + exit 1 +fi +DHFILE="$CADIR/dh2048.pem" +if [ ! -f $DHFILE ] +then + echo "$DHFILE does no exist!" + exit 1 +fi + +export CADIR CAFILE CCAFILE CERTFILE CHAINFILE KEYFILE CCERTFILE CKEYFILE DHFILE + +# Create ./print file + +echo '#!/bin/sh +# trap "" 13 + echo "" + echo PROTO="$PROTO" + echo SSLLOCALHOST="${SSLLOCALHOST-unset}" + echo SSLLOCALIP="${SSLLOCALIP-unset}" + echo SSLLOCALPORT="${SSLLOCALPORT-unset}" + echo SSLREMOTEHOST="${SSLREMOTEHOST-unset}" + echo SSLREMOTEIP="${SSLREMOTEIP-unset}" + echo SSLREMOTEPORT="${SSLREMOTEPORT-unset}" + echo SSLREMOTEINFO="${SSLREMOTEINFO-unset}" + + echo TCPLOCALHOST="${TCPLOCALHOST-unset}" + echo TCPLOCALIP="${TCPLOCALIP-unset}" + echo TCPLOCALPORT="${TCPLOCALPORT-unset}" + + echo TCPREMOTEHOST="${TCPREMOTEHOST-unset}" + echo TCPREMOTEIP="${TCPREMOTEIP-unset}" + echo TCPREMOTEPORT="${TCPREMOTEPORT-unset}" + echo TCPREMOTEINFO="${TCPREMOTEINFO-unset}" + + echo TCP6REMOTEHOST="${TCP6REMOTEHOST-unset}" + echo TCP6REMOTEIP="${TCP6REMOTEIP-unset}" + echo TCP6REMOTEPORT="${TCP6REMOTEPORT-unset}" + + echo SSL_PROTOCOL="${SSL_PROTOCOL-unset}" + echo SSL_SESSION_ID="${SSL_SESSION_ID-unset}" + echo SSL_CIPHER="${SSL_CIPHER-unset}" + echo SSL_CIPHER_EXPORT="${SSL_CIPHER_EXPORT-unset}" + echo SSL_CIPHER_USEKEYSIZE="${SSL_CIPHER_USEKEYSIZE-unset}" + echo SSL_CIPHER_ALGKEYSIZE="${SSL_CIPHER_ALGKEYSIZE-unset}" + echo SSL_VERSION_INTERFACE="${SSL_VERSION_INTERFACE-unset}" + echo SSL_VERSION_LIBRARY="${SSL_VERSION_LIBRARY-unset}" + + echo SSL_SERVER_M_VERSION="${SSL_SERVER_M_VERSION-unset}" + echo SSL_SERVER_M_SERIAL="${SSL_SERVER_M_SERIAL-unset}" + echo SSL_SERVER_S_DN="${SSL_SERVER_S_DN-unset}" + echo SSL_SERVER_S_DN_C="${SSL_SERVER_S_DN_C-unset}" + echo SSL_SERVER_S_DN_ST="${SSL_SERVER_S_DN_ST-unset}" + echo SSL_SERVER_S_DN_L="${SSL_SERVER_S_DN_L-unset}" + echo SSL_SERVER_S_DN_O="${SSL_SERVER_S_DN_O-unset}" + echo SSL_SERVER_S_DN_OU="${SSL_SERVER_S_DN_OU-unset}" + echo SSL_SERVER_S_DN_CN="${SSL_SERVER_S_DN_CN-unset}" + echo SSL_SERVER_S_DN_T="${SSL_SERVER_S_DN_T-unset}" + echo SSL_SERVER_S_DN_I="${SSL_SERVER_S_DN_I-unset}" + echo SSL_SERVER_S_DN_G="${SSL_SERVER_S_DN_G-unset}" + echo SSL_SERVER_S_DN_S="${SSL_SERVER_S_DN_S-unset}" + echo SSL_SERVER_S_DN_D="${SSL_SERVER_S_DN_D-unset}" + echo SSL_SERVER_S_DN_UID="${SSL_SERVER_S_DN_UID-unset}" + echo SSL_SERVER_S_DN_Email="${SSL_SERVER_S_DN_Email-unset}" + echo SSL_SERVER_I_DN="${SSL_SERVER_I_DN-unset}" + echo SSL_SERVER_I_DN_C="${SSL_SERVER_I_DN_C-unset}" + echo SSL_SERVER_I_DN_ST="${SSL_SERVER_I_DN_ST-unset}" + echo SSL_SERVER_I_DN_L="${SSL_SERVER_I_DN_L-unset}" + echo SSL_SERVER_I_DN_O="${SSL_SERVER_I_DN_O-unset}" + echo SSL_SERVER_I_DN_OU="${SSL_SERVER_I_DN_OU-unset}" + echo SSL_SERVER_I_DN_CN="${SSL_SERVER_I_DN_CN-unset}" + echo SSL_SERVER_I_DN_T="${SSL_SERVER_I_DN_T-unset}" + echo SSL_SERVER_I_DN_I="${SSL_SERVER_I_DN_I-unset}" + echo SSL_SERVER_I_DN_G="${SSL_SERVER_I_DN_G-unset}" + echo SSL_SERVER_I_DN_S="${SSL_SERVER_I_DN_S-unset}" + echo SSL_SERVER_I_DN_D="${SSL_SERVER_I_DN_D-unset}" + echo SSL_SERVER_I_DN_UID="${SSL_SERVER_I_DN_UID-unset}" + echo SSL_SERVER_I_DN_Email="${SSL_SERVER_I_DN_Email-unset}" + echo SSL_SERVER_V_START="${SSL_SERVER_V_START-unset}" + echo SSL_SERVER_V_END="${SSL_SERVER_V_END-unset}" + echo SSL_SERVER_A_SIG="${SSL_SERVER_A_SIG-unset}" + echo SSL_SERVER_A_KEY="${SSL_SERVER_A_KEY-unset}" + echo SSL_SERVER_CERT="${SSL_SERVER_CERT-unset}" + + echo SSL_CLIENT_M_VERSION="${SSL_CLIENT_M_VERSION-unset}" + echo SSL_CLIENT_M_SERIAL="${SSL_CLIENT_M_SERIAL-unset}" + echo SSL_CLIENT_S_DN="${SSL_CLIENT_S_DN-unset}" + echo SSL_CLIENT_S_DN_C="${SSL_CLIENT_S_DN_C-unset}" + echo SSL_CLIENT_S_DN_ST="${SSL_CLIENT_S_DN_ST-unset}" + echo SSL_CLIENT_S_DN_L="${SSL_CLIENT_S_DN_L-unset}" + echo SSL_CLIENT_S_DN_O="${SSL_CLIENT_S_DN_O-unset}" + echo SSL_CLIENT_S_DN_OU="${SSL_CLIENT_S_DN_OU-unset}" + echo SSL_CLIENT_S_DN_CN="${SSL_CLIENT_S_DN_CN-unset}" + echo SSL_CLIENT_S_DN_T="${SSL_CLIENT_S_DN_T-unset}" + echo SSL_CLIENT_S_DN_I="${SSL_CLIENT_S_DN_I-unset}" + echo SSL_CLIENT_S_DN_G="${SSL_CLIENT_S_DN_G-unset}" + echo SSL_CLIENT_S_DN_S="${SSL_CLIENT_S_DN_S-unset}" + echo SSL_CLIENT_S_DN_D="${SSL_CLIENT_S_DN_D-unset}" + echo SSL_CLIENT_S_DN_UID="${SSL_CLIENT_S_DN_UID-unset}" + echo SSL_CLIENT_S_DN_Email="${SSL_CLIENT_S_DN_Email-unset}" + echo SSL_CLIENT_I_DN="${SSL_CLIENT_I_DN-unset}" + echo SSL_CLIENT_I_DN_C="${SSL_CLIENT_I_DN_C-unset}" + echo SSL_CLIENT_I_DN_ST="${SSL_CLIENT_I_DN_ST-unset}" + echo SSL_CLIENT_I_DN_L="${SSL_CLIENT_I_DN_L-unset}" + echo SSL_CLIENT_I_DN_O="${SSL_CLIENT_I_DN_O-unset}" + echo SSL_CLIENT_I_DN_OU="${SSL_CLIENT_I_DN_OU-unset}" + echo SSL_CLIENT_I_DN_CN="${SSL_CLIENT_I_DN_CN-unset}" + echo SSL_CLIENT_I_DN_T="${SSL_CLIENT_I_DN_T-unset}" + echo SSL_CLIENT_I_DN_I="${SSL_CLIENT_I_DN_I-unset}" + echo SSL_CLIENT_I_DN_G="${SSL_CLIENT_I_DN_G-unset}" + echo SSL_CLIENT_I_DN_S="${SSL_CLIENT_I_DN_S-unset}" + echo SSL_CLIENT_I_DN_D="${SSL_CLIENT_I_DN_D-unset}" + echo SSL_CLIENT_I_DN_UID="${SSL_CLIENT_I_DN_UID-unset}" + echo SSL_CLIENT_I_DN_Email="${SSL_CLIENT_I_DN_Email-unset}" + echo SSL_CLIENT_V_START="${SSL_CLIENT_V_START-unset}" + echo SSL_CLIENT_V_END="${SSL_CLIENT_V_END-unset}" + echo SSL_CLIENT_A_SIG="${SSL_CLIENT_A_SIG-unset}" + echo SSL_CLIENT_A_KEY="${SSL_CLIENT_A_KEY-unset}" + echo SSL_CLIENT_CERT="${SSL_CLIENT_CERT-unset}" + echo SSL_CLIENT_CERT_CHAIN_0="${SSL_CLIENT_CERT_CHAIN_0-unset}" + echo SSL_CLIENT_CERT_CHAIN_1="${SSL_CLIENT_CERT_CHAIN_1-unset}" +' > print +chmod 755 print + + +# Sanitze output + +sanitize() { + sed -e 's/^SSL_SESSION_ID=.*/SSL_SESSION_ID=.../' \ + -e 's/^SSLREMOTEPORT=.*/SSLREMOTEPORT=.../' \ + -e 's/^SSLLOCALPORT=.*/SSLLOCALPORT=.../' \ + -e 's/^TCPREMOTEPORT=.*/TCPREMOTEPORT=.../' \ + -e 's/^TCP6REMOTEPORT=.*/TCP6REMOTEPORT=.../' \ + -e 's/^TCPLOCALPORT=.*/TCPLOCALPORT=.../' \ + -e 's/^SSL_VERSION_LIBRARY=.*/SSL_VERSION_LIBRARY=.../' \ + -e 's/^SSL_CIPHER_USEKEYSIZE=.*/SSL_CIPHER_USEKEYSIZE=.../' \ + -e 's/^SSL_CIPHER_ALGKEYSIZE=.*/SSL_CIPHER_ALGKEYSIZE=.../' \ + -e 's/^SSL_CIPHER=.*/SSL_CIPHER=.../' \ + -e 's/^SSL_PROTOCOL=TLSv1.*/SSL_PROTOCOL=TLSv1.../' \ + -e 's/Localserver:::1:[0-9]*/Localserver:::1:... /' \ + -e 's/ip6-localnet:::::[0-9]*/ip6-localnet:::::.../' +} + +# done |