Initial euclide.org release

2023-11-17 06:55:06 +01:00
commit 97379c8e8a
210 changed files with 32403 additions and 0 deletions
--- a/fixtures/test/Makefile
+++ b/fixtures/test/Makefile
@@ -0,0 +1,78 @@
+#!/bin/sh
+
+all: client-cert.pem server-cert.pem badclient-cert.pem public-key.txt root.crl.pem ldap-cert.pem webclient-cert.pem
+
+clean:
+	rm -f *.key *.pem *.csr *.crt ca.srl public-key.txt index.txt index.txt.attr index.txt.old crlnumber crlnumber.old ../replay/commands.asc
+
+myCA.key:
+	openssl genrsa -out myCA.key 2048
+
+public-key.txt:
+	rm -f ~/.gnupg/testkeys.gpg
+	gpg --no-default-keyring --keyring testkeys.gpg --batch --generate-key gpg-key-conf 
+	gpg --no-default-keyring --keyring testkeys.gpg --armor --export joe@foo.bar | sed -e ':a' -e 'N' -e '$$!ba' -e 's/\n/\\n/g' | tr -d "\n" > public-key.txt
+	rm -f ../replay/commands.asc
+	test -f ../replay/commands && gpg --no-default-keyring --keyring testkeys.gpg --clear-sign -u joe@foo.bar ../replay/commands || echo
+	rm -f ~/.gnupg/testkeys.gpg
+
+ca.crt: myCA.key
+	OPENSSL_CONF=ca.cnf openssl req -x509 -new -nodes -key myCA.key -sha256 -days 1825 -out ca.crt
+
+server-key.pem:
+	openssl genrsa -out server-key.pem  2048
+
+server-csr.pem: server-key.pem
+	OPENSSL_CONF=server.cnf openssl req -new -key server-key.pem -out server-csr.pem
+
+client-key.pem:
+	openssl genrsa -out client-key.pem  2048
+
+badclient-csr.pem: client-key.pem
+	OPENSSL_CONF=badclient.cnf openssl req -new -key client-key.pem -out badclient-csr.pem
+
+client-csr.pem: client-key.pem
+	OPENSSL_CONF=client.cnf openssl req -new -key client-key.pem -out client-csr.pem
+
+server-cert.pem: server-csr.pem ca.crt
+	openssl x509 -req -in server-csr.pem  -CA ca.crt -CAkey myCA.key \
+	  -CAcreateserial -out server-cert.pem  -days 1825 -sha256
+
+client-cert.pem: client-csr.pem ca.crt
+	openssl x509 -req -in client-csr.pem  -CA ca.crt -CAkey myCA.key \
+	  -CAcreateserial -out client-cert.pem  -days 1825 -sha256
+
+badclient-cert.pem: badclient-csr.pem ca.crt
+	openssl x509 -req -in badclient-csr.pem  -CA ca.crt -CAkey myCA.key \
+	  -CAcreateserial -out badclient-cert.pem  -days 1825 -sha256
+
+webclient-key.pem:
+	openssl genrsa -out webclient-key.pem  2048
+
+webclient-csr.pem: webclient-key.pem
+	OPENSSL_CONF=webclient.cnf openssl req -new -key webclient-key.pem -out webclient-csr.pem
+
+webclient-cert.pem: webclient-csr.pem
+	openssl x509 -req -in webclient-csr.pem  -CA ca.crt -CAkey myCA.key \
+	  -CAcreateserial -out webclient-cert.pem  -days 1825 -sha256
+
+ldap-key.pem:
+	openssl genrsa -out ldap-key.pem  2048
+
+ldap-csr.pem: ldap-key.pem
+	OPENSSL_CONF=ldap.cnf openssl req -new -key ldap-key.pem -out ldap-csr.pem
+
+ldap-cert.pem: ldap-csr.pem
+	openssl x509 -req -in ldap-csr.pem  -CA ca.crt -CAkey myCA.key \
+			-CAcreateserial -out ldap-cert.pem  -days 1825 -sha256
+
+index.txt: badclient-cert.pem
+	touch index.txt
+	echo 01 > crlnumber
+	openssl ca -cert ca.crt -keyfile myCA.key -config ca.cnf  -revoke  badclient-cert.pem
+
+root.crl.pem: index.txt
+	openssl ca -config ca.cnf -gencrl -keyfile myCA.key  -cert ca.crt -out root.crl.pem
+	cat ca.crt >> root.crl.pem
+
+