blob: 7c0fa0e873d9c82872e15ec7580dc3cdbdb7756d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
|
# Umbrella script to provide *SSL environment
# and helper functions
PATH="`pwd`:$PATH"
CADIR=`pwd | cut -d':' -f1 | sed s/compile/etc/`
# include the ssl and crypto libs by means of LD_LIBRARY_PATH
#export LD_LIBRARY_PATH="/home/ucspi/_SSL/libressl-3.7.2/ssl/.libs:/home/ucspi/_SSL/libressl-3.7.2/crypto/.libs"
export LD_LIBRARY_PATH="/home/ucspi/_SSL/openssl-3.2.0-alpha2"
rm -rf rts-tmp
mkdir rts-tmp
cd rts-tmp
CAFILE="$CADIR/rootCA_cert.pem"
if [ ! -f $CAFILE ]
then
echo "$CAFILE does no exist!"
exit 1
fi
CERTFILE="$CADIR/::1_cert.pem"
if [ ! -f $CERTFILE ]
then
echo "$CERTFILE does no exist!"
exit 1
fi
CHAINFILE="$CADIR/chain6.pem"
if [ ! -f $CHAINFILE ]
then
echo "$CHAINFILE does no exist!"
exit 1
fi
KEYFILE="$CADIR/::1_key.pem"
if [ ! -f $KEYFILE ]
then
echo "$KEYFILE does no exist!"
exit 1
fi
CCAFILE="$CADIR/rootCA_cert.pem"
if [ ! -f $CCAFILE ]
then
echo "$CCAFILE does no exist!"
exit 1
fi
CCERTFILE="$CADIR/localhost_cert.pem"
if [ ! -f $CCERTFILE ]
then
echo "$CCERTFILE does no exist!"
exit 1
fi
CKEYFILE="$CADIR/localhost_key.pem"
if [ ! -f $CKEYFILE ]
then
echo "$CKEYFILE does no exist!"
exit 1
fi
DHFILE="$CADIR/dh2048.pem"
if [ ! -f $DHFILE ]
then
echo "$DHFILE does no exist!"
exit 1
fi
export CADIR CAFILE CCAFILE CERTFILE CHAINFILE KEYFILE CCERTFILE CKEYFILE DHFILE
# Create ./print file
echo '#!/bin/sh
# trap "" 13
echo ""
echo PROTO="$PROTO"
echo SSLLOCALHOST="${SSLLOCALHOST-unset}"
echo SSLLOCALIP="${SSLLOCALIP-unset}"
echo SSLLOCALPORT="${SSLLOCALPORT-unset}"
echo SSLREMOTEHOST="${SSLREMOTEHOST-unset}"
echo SSLREMOTEIP="${SSLREMOTEIP-unset}"
echo SSLREMOTEPORT="${SSLREMOTEPORT-unset}"
echo SSLREMOTEINFO="${SSLREMOTEINFO-unset}"
echo TCPLOCALHOST="${TCPLOCALHOST-unset}"
echo TCPLOCALIP="${TCPLOCALIP-unset}"
echo TCPLOCALPORT="${TCPLOCALPORT-unset}"
echo TCPREMOTEHOST="${TCPREMOTEHOST-unset}"
echo TCPREMOTEIP="${TCPREMOTEIP-unset}"
echo TCPREMOTEPORT="${TCPREMOTEPORT-unset}"
echo TCPREMOTEINFO="${TCPREMOTEINFO-unset}"
echo TCP6REMOTEHOST="${TCP6REMOTEHOST-unset}"
echo TCP6REMOTEIP="${TCP6REMOTEIP-unset}"
echo TCP6REMOTEPORT="${TCP6REMOTEPORT-unset}"
echo SSL_PROTOCOL="${SSL_PROTOCOL-unset}"
echo SSL_SESSION_ID="${SSL_SESSION_ID-unset}"
echo SSL_CIPHER="${SSL_CIPHER-unset}"
echo SSL_CIPHER_EXPORT="${SSL_CIPHER_EXPORT-unset}"
echo SSL_CIPHER_USEKEYSIZE="${SSL_CIPHER_USEKEYSIZE-unset}"
echo SSL_CIPHER_ALGKEYSIZE="${SSL_CIPHER_ALGKEYSIZE-unset}"
echo SSL_VERSION_INTERFACE="${SSL_VERSION_INTERFACE-unset}"
echo SSL_VERSION_LIBRARY="${SSL_VERSION_LIBRARY-unset}"
echo SSL_SERVER_M_VERSION="${SSL_SERVER_M_VERSION-unset}"
echo SSL_SERVER_M_SERIAL="${SSL_SERVER_M_SERIAL-unset}"
echo SSL_SERVER_S_DN="${SSL_SERVER_S_DN-unset}"
echo SSL_SERVER_S_DN_C="${SSL_SERVER_S_DN_C-unset}"
echo SSL_SERVER_S_DN_ST="${SSL_SERVER_S_DN_ST-unset}"
echo SSL_SERVER_S_DN_L="${SSL_SERVER_S_DN_L-unset}"
echo SSL_SERVER_S_DN_O="${SSL_SERVER_S_DN_O-unset}"
echo SSL_SERVER_S_DN_OU="${SSL_SERVER_S_DN_OU-unset}"
echo SSL_SERVER_S_DN_CN="${SSL_SERVER_S_DN_CN-unset}"
echo SSL_SERVER_S_DN_T="${SSL_SERVER_S_DN_T-unset}"
echo SSL_SERVER_S_DN_I="${SSL_SERVER_S_DN_I-unset}"
echo SSL_SERVER_S_DN_G="${SSL_SERVER_S_DN_G-unset}"
echo SSL_SERVER_S_DN_S="${SSL_SERVER_S_DN_S-unset}"
echo SSL_SERVER_S_DN_D="${SSL_SERVER_S_DN_D-unset}"
echo SSL_SERVER_S_DN_UID="${SSL_SERVER_S_DN_UID-unset}"
echo SSL_SERVER_S_DN_Email="${SSL_SERVER_S_DN_Email-unset}"
echo SSL_SERVER_I_DN="${SSL_SERVER_I_DN-unset}"
echo SSL_SERVER_I_DN_C="${SSL_SERVER_I_DN_C-unset}"
echo SSL_SERVER_I_DN_ST="${SSL_SERVER_I_DN_ST-unset}"
echo SSL_SERVER_I_DN_L="${SSL_SERVER_I_DN_L-unset}"
echo SSL_SERVER_I_DN_O="${SSL_SERVER_I_DN_O-unset}"
echo SSL_SERVER_I_DN_OU="${SSL_SERVER_I_DN_OU-unset}"
echo SSL_SERVER_I_DN_CN="${SSL_SERVER_I_DN_CN-unset}"
echo SSL_SERVER_I_DN_T="${SSL_SERVER_I_DN_T-unset}"
echo SSL_SERVER_I_DN_I="${SSL_SERVER_I_DN_I-unset}"
echo SSL_SERVER_I_DN_G="${SSL_SERVER_I_DN_G-unset}"
echo SSL_SERVER_I_DN_S="${SSL_SERVER_I_DN_S-unset}"
echo SSL_SERVER_I_DN_D="${SSL_SERVER_I_DN_D-unset}"
echo SSL_SERVER_I_DN_UID="${SSL_SERVER_I_DN_UID-unset}"
echo SSL_SERVER_I_DN_Email="${SSL_SERVER_I_DN_Email-unset}"
echo SSL_SERVER_V_START="${SSL_SERVER_V_START-unset}"
echo SSL_SERVER_V_END="${SSL_SERVER_V_END-unset}"
echo SSL_SERVER_A_SIG="${SSL_SERVER_A_SIG-unset}"
echo SSL_SERVER_A_KEY="${SSL_SERVER_A_KEY-unset}"
echo SSL_SERVER_CERT="${SSL_SERVER_CERT-unset}"
echo SSL_CLIENT_M_VERSION="${SSL_CLIENT_M_VERSION-unset}"
echo SSL_CLIENT_M_SERIAL="${SSL_CLIENT_M_SERIAL-unset}"
echo SSL_CLIENT_S_DN="${SSL_CLIENT_S_DN-unset}"
echo SSL_CLIENT_S_DN_C="${SSL_CLIENT_S_DN_C-unset}"
echo SSL_CLIENT_S_DN_ST="${SSL_CLIENT_S_DN_ST-unset}"
echo SSL_CLIENT_S_DN_L="${SSL_CLIENT_S_DN_L-unset}"
echo SSL_CLIENT_S_DN_O="${SSL_CLIENT_S_DN_O-unset}"
echo SSL_CLIENT_S_DN_OU="${SSL_CLIENT_S_DN_OU-unset}"
echo SSL_CLIENT_S_DN_CN="${SSL_CLIENT_S_DN_CN-unset}"
echo SSL_CLIENT_S_DN_T="${SSL_CLIENT_S_DN_T-unset}"
echo SSL_CLIENT_S_DN_I="${SSL_CLIENT_S_DN_I-unset}"
echo SSL_CLIENT_S_DN_G="${SSL_CLIENT_S_DN_G-unset}"
echo SSL_CLIENT_S_DN_S="${SSL_CLIENT_S_DN_S-unset}"
echo SSL_CLIENT_S_DN_D="${SSL_CLIENT_S_DN_D-unset}"
echo SSL_CLIENT_S_DN_UID="${SSL_CLIENT_S_DN_UID-unset}"
echo SSL_CLIENT_S_DN_Email="${SSL_CLIENT_S_DN_Email-unset}"
echo SSL_CLIENT_I_DN="${SSL_CLIENT_I_DN-unset}"
echo SSL_CLIENT_I_DN_C="${SSL_CLIENT_I_DN_C-unset}"
echo SSL_CLIENT_I_DN_ST="${SSL_CLIENT_I_DN_ST-unset}"
echo SSL_CLIENT_I_DN_L="${SSL_CLIENT_I_DN_L-unset}"
echo SSL_CLIENT_I_DN_O="${SSL_CLIENT_I_DN_O-unset}"
echo SSL_CLIENT_I_DN_OU="${SSL_CLIENT_I_DN_OU-unset}"
echo SSL_CLIENT_I_DN_CN="${SSL_CLIENT_I_DN_CN-unset}"
echo SSL_CLIENT_I_DN_T="${SSL_CLIENT_I_DN_T-unset}"
echo SSL_CLIENT_I_DN_I="${SSL_CLIENT_I_DN_I-unset}"
echo SSL_CLIENT_I_DN_G="${SSL_CLIENT_I_DN_G-unset}"
echo SSL_CLIENT_I_DN_S="${SSL_CLIENT_I_DN_S-unset}"
echo SSL_CLIENT_I_DN_D="${SSL_CLIENT_I_DN_D-unset}"
echo SSL_CLIENT_I_DN_UID="${SSL_CLIENT_I_DN_UID-unset}"
echo SSL_CLIENT_I_DN_Email="${SSL_CLIENT_I_DN_Email-unset}"
echo SSL_CLIENT_V_START="${SSL_CLIENT_V_START-unset}"
echo SSL_CLIENT_V_END="${SSL_CLIENT_V_END-unset}"
echo SSL_CLIENT_A_SIG="${SSL_CLIENT_A_SIG-unset}"
echo SSL_CLIENT_A_KEY="${SSL_CLIENT_A_KEY-unset}"
echo SSL_CLIENT_CERT="${SSL_CLIENT_CERT-unset}"
echo SSL_CLIENT_CERT_CHAIN_0="${SSL_CLIENT_CERT_CHAIN_0-unset}"
echo SSL_CLIENT_CERT_CHAIN_1="${SSL_CLIENT_CERT_CHAIN_1-unset}"
' > print
chmod 755 print
# Sanitze output
sanitize() {
sed -e 's/^SSL_SESSION_ID=.*/SSL_SESSION_ID=.../' \
-e 's/^SSLREMOTEPORT=.*/SSLREMOTEPORT=.../' \
-e 's/^SSLLOCALPORT=.*/SSLLOCALPORT=.../' \
-e 's/^TCPREMOTEPORT=.*/TCPREMOTEPORT=.../' \
-e 's/^TCP6REMOTEPORT=.*/TCP6REMOTEPORT=.../' \
-e 's/^TCPLOCALPORT=.*/TCPLOCALPORT=.../' \
-e 's/^SSL_VERSION_LIBRARY=.*/SSL_VERSION_LIBRARY=.../' \
-e 's/^SSL_CIPHER_USEKEYSIZE=.*/SSL_CIPHER_USEKEYSIZE=.../' \
-e 's/^SSL_CIPHER_ALGKEYSIZE=.*/SSL_CIPHER_ALGKEYSIZE=.../' \
-e 's/^SSL_CIPHER=.*/SSL_CIPHER=.../' \
-e 's/^SSL_PROTOCOL=TLSv1.*/SSL_PROTOCOL=TLSv1.../' \
-e 's/Localserver:::1:[0-9]*/Localserver:::1:... /' \
-e 's/ip6-localnet:::::[0-9]*/ip6-localnet:::::.../'
}
# done
|
