pdns-auth-proxy/fixtures/test/Makefile

#!/bin/sh

all: client-cert.pem server-cert.pem badclient-cert.pem public-key.txt root.crl.pem ldap-cert.pem webclient-cert.pem

clean:
	rm -f *.key *.pem *.csr *.crt ca.srl public-key.txt index.txt index.txt.attr index.txt.old crlnumber crlnumber.old ../replay/commands.asc

myCA.key:
	openssl genrsa -out myCA.key 2048

public-key.txt:
	rm -f ~/.gnupg/testkeys.gpg
	gpg --no-default-keyring --keyring testkeys.gpg --batch --generate-key gpg-key-conf 
	gpg --no-default-keyring --keyring testkeys.gpg --armor --export joe@foo.bar | sed -e ':a' -e 'N' -e '$$!ba' -e 's/\n/\\n/g' | tr -d "\n" > public-key.txt
	rm -f ../replay/commands.asc
	test -f ../replay/commands && gpg --no-default-keyring --keyring testkeys.gpg --clear-sign -u joe@foo.bar ../replay/commands || echo
	rm -f ~/.gnupg/testkeys.gpg

ca.crt: myCA.key
	OPENSSL_CONF=ca.cnf openssl req -x509 -new -nodes -key myCA.key -sha256 -days 1825 -out ca.crt

server-key.pem:
	openssl genrsa -out server-key.pem  2048

server-csr.pem: server-key.pem
	OPENSSL_CONF=server.cnf openssl req -new -key server-key.pem -out server-csr.pem

client-key.pem:
	openssl genrsa -out client-key.pem  2048

badclient-csr.pem: client-key.pem
	OPENSSL_CONF=badclient.cnf openssl req -new -key client-key.pem -out badclient-csr.pem

client-csr.pem: client-key.pem
	OPENSSL_CONF=client.cnf openssl req -new -key client-key.pem -out client-csr.pem

server-cert.pem: server-csr.pem ca.crt
	openssl x509 -req -in server-csr.pem  -CA ca.crt -CAkey myCA.key \
	  -CAcreateserial -out server-cert.pem  -days 1825 -sha256

client-cert.pem: client-csr.pem ca.crt
	openssl x509 -req -in client-csr.pem  -CA ca.crt -CAkey myCA.key \
	  -CAcreateserial -out client-cert.pem  -days 1825 -sha256

badclient-cert.pem: badclient-csr.pem ca.crt
	openssl x509 -req -in badclient-csr.pem  -CA ca.crt -CAkey myCA.key \
	  -CAcreateserial -out badclient-cert.pem  -days 1825 -sha256

webclient-key.pem:
	openssl genrsa -out webclient-key.pem  2048

webclient-csr.pem: webclient-key.pem
	OPENSSL_CONF=webclient.cnf openssl req -new -key webclient-key.pem -out webclient-csr.pem

webclient-cert.pem: webclient-csr.pem
	openssl x509 -req -in webclient-csr.pem  -CA ca.crt -CAkey myCA.key \
	  -CAcreateserial -out webclient-cert.pem  -days 1825 -sha256

ldap-key.pem:
	openssl genrsa -out ldap-key.pem  2048

ldap-csr.pem: ldap-key.pem
	OPENSSL_CONF=ldap.cnf openssl req -new -key ldap-key.pem -out ldap-csr.pem

ldap-cert.pem: ldap-csr.pem
	openssl x509 -req -in ldap-csr.pem  -CA ca.crt -CAkey myCA.key \
			-CAcreateserial -out ldap-cert.pem  -days 1825 -sha256

index.txt: badclient-cert.pem
	touch index.txt
	echo 01 > crlnumber
	openssl ca -cert ca.crt -keyfile myCA.key -config ca.cnf  -revoke  badclient-cert.pem

root.crl.pem: index.txt
	openssl ca -config ca.cnf -gencrl -keyfile myCA.key  -cert ca.crt -out root.crl.pem
	cat ca.crt >> root.crl.pem
Initial euclide.org release 2023-11-17 05:55:06 +00:00			`#!/bin/sh`

			`all: client-cert.pem server-cert.pem badclient-cert.pem public-key.txt root.crl.pem ldap-cert.pem webclient-cert.pem`

			`clean:`
			`rm -f .key .pem .csr .crt ca.srl public-key.txt index.txt index.txt.attr index.txt.old crlnumber crlnumber.old ../replay/commands.asc`

			`myCA.key:`
			`openssl genrsa -out myCA.key 2048`

			`public-key.txt:`
			`rm -f ~/.gnupg/testkeys.gpg`
			`gpg --no-default-keyring --keyring testkeys.gpg --batch --generate-key gpg-key-conf`
			`gpg --no-default-keyring --keyring testkeys.gpg --armor --export joe@foo.bar \| sed -e ':a' -e 'N' -e '$$!ba' -e 's/\n/\\n/g' \| tr -d "\n" > public-key.txt`
			`rm -f ../replay/commands.asc`
			`test -f ../replay/commands && gpg --no-default-keyring --keyring testkeys.gpg --clear-sign -u joe@foo.bar ../replay/commands \|\| echo`
			`rm -f ~/.gnupg/testkeys.gpg`

			`ca.crt: myCA.key`
			`OPENSSL_CONF=ca.cnf openssl req -x509 -new -nodes -key myCA.key -sha256 -days 1825 -out ca.crt`

			`server-key.pem:`
			`openssl genrsa -out server-key.pem 2048`

			`server-csr.pem: server-key.pem`
			`OPENSSL_CONF=server.cnf openssl req -new -key server-key.pem -out server-csr.pem`

			`client-key.pem:`
			`openssl genrsa -out client-key.pem 2048`

			`badclient-csr.pem: client-key.pem`
			`OPENSSL_CONF=badclient.cnf openssl req -new -key client-key.pem -out badclient-csr.pem`

			`client-csr.pem: client-key.pem`
			`OPENSSL_CONF=client.cnf openssl req -new -key client-key.pem -out client-csr.pem`

			`server-cert.pem: server-csr.pem ca.crt`
			`openssl x509 -req -in server-csr.pem -CA ca.crt -CAkey myCA.key \`
			`-CAcreateserial -out server-cert.pem -days 1825 -sha256`

			`client-cert.pem: client-csr.pem ca.crt`
			`openssl x509 -req -in client-csr.pem -CA ca.crt -CAkey myCA.key \`
			`-CAcreateserial -out client-cert.pem -days 1825 -sha256`

			`badclient-cert.pem: badclient-csr.pem ca.crt`
			`openssl x509 -req -in badclient-csr.pem -CA ca.crt -CAkey myCA.key \`
			`-CAcreateserial -out badclient-cert.pem -days 1825 -sha256`

			`webclient-key.pem:`
			`openssl genrsa -out webclient-key.pem 2048`

			`webclient-csr.pem: webclient-key.pem`
			`OPENSSL_CONF=webclient.cnf openssl req -new -key webclient-key.pem -out webclient-csr.pem`

			`webclient-cert.pem: webclient-csr.pem`
			`openssl x509 -req -in webclient-csr.pem -CA ca.crt -CAkey myCA.key \`
			`-CAcreateserial -out webclient-cert.pem -days 1825 -sha256`

			`ldap-key.pem:`
			`openssl genrsa -out ldap-key.pem 2048`

			`ldap-csr.pem: ldap-key.pem`
			`OPENSSL_CONF=ldap.cnf openssl req -new -key ldap-key.pem -out ldap-csr.pem`

			`ldap-cert.pem: ldap-csr.pem`
			`openssl x509 -req -in ldap-csr.pem -CA ca.crt -CAkey myCA.key \`
			`-CAcreateserial -out ldap-cert.pem -days 1825 -sha256`

			`index.txt: badclient-cert.pem`
			`touch index.txt`
			`echo 01 > crlnumber`
			`openssl ca -cert ca.crt -keyfile myCA.key -config ca.cnf -revoke badclient-cert.pem`

			`root.crl.pem: index.txt`
			`openssl ca -config ca.cnf -gencrl -keyfile myCA.key -cert ca.crt -out root.crl.pem`
			`cat ca.crt >> root.crl.pem`