-
Notifications
You must be signed in to change notification settings - Fork 49
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Code was all correct, but the encoding was wrong, so it failed in Linux.
- Loading branch information
Showing
1 changed file
with
103 additions
and
103 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -1,103 +1,103 @@ | |||
#!/usr/bin/env bash | #!/usr/bin/env bash | ||
|
|
||
commonName=$2 | commonName=$2 | ||
server1=$3 | server1=$3 | ||
server2=$4 | server2=$4 | ||
|
|
||
if [ "${commonName}" == "" ] | if [ "${commonName}" == "" ] | ||
then | then | ||
commonName="SiriProxyCA" | commonName="SiriProxyCA" | ||
fi | fi | ||
if [ "${server1}" == "" ] | if [ "${server1}" == "" ] | ||
then | then | ||
server1="guzzoni.apple.com" | server1="guzzoni.apple.com" | ||
fi | fi | ||
if [ "${server2}" == "" ] | if [ "${server2}" == "" ] | ||
then | then | ||
server2="your.siri.proxy.server.com" # Doesn't matter if you don't have one for your server, | server2="your.siri.proxy.server.com" # Doesn't matter if you don't have one for your server, | ||
# the other will still work | # the other will still work | ||
fi | fi | ||
|
|
||
# Feel free to change any of these defaults | # Feel free to change any of these defaults | ||
countryName="US" | countryName="US" | ||
stateOrProvinceName="Missouri" | stateOrProvinceName="Missouri" | ||
localityName="" | localityName="" | ||
organizationName="Siri Proxy" | organizationName="Siri Proxy" | ||
organizationalUnitName="" | organizationalUnitName="" | ||
emailAddress="" | emailAddress="" | ||
|
|
||
#You probably don't need to modify these unless you know what you're doing. | #You probably don't need to modify these unless you know what you're doing. | ||
SIRI_PROXY_ROOT=$1 | SIRI_PROXY_ROOT=$1 | ||
SIRI_PROXY_SETTINGS=~/.siriproxy | SIRI_PROXY_SETTINGS=~/.siriproxy | ||
LOG_FILE=$SIRI_PROXY_SETTINGS/cert.log | LOG_FILE=$SIRI_PROXY_SETTINGS/cert.log | ||
TMP_DIR=/tmp | TMP_DIR=/tmp | ||
TMP_CA_DIR=/tmp/siriCA #THIS ($dir) ALSO MUST BE MODIFIED IN openssl.cnf IF YOU CHANGE IT! | TMP_CA_DIR=/tmp/siriCA #THIS ($dir) ALSO MUST BE MODIFIED IN openssl.cnf IF YOU CHANGE IT! | ||
|
|
||
## Do not edit below here! | ## Do not edit below here! | ||
|
|
||
date > $LOG_FILE | date > $LOG_FILE | ||
|
|
||
echo "Creating CA directory" | echo "Creating CA directory" | ||
echo "Creating CA directory" >> $LOG_FILE | echo "Creating CA directory" >> $LOG_FILE | ||
mkdir -p $TMP_CA_DIR/{certs,crl,newcerts,private} | mkdir -p $TMP_CA_DIR/{certs,crl,newcerts,private} | ||
touch $TMP_CA_DIR/index.txt | touch $TMP_CA_DIR/index.txt | ||
echo 01 > $TMP_CA_DIR/crtnumber | echo 01 > $TMP_CA_DIR/crtnumber | ||
|
|
||
echo "Generating '${commonName}' CA request" | echo "Generating '${commonName}' CA request" | ||
echo "Generating '${commonName}' CA request" >> $LOG_FILE | echo "Generating '${commonName}' CA request" >> $LOG_FILE | ||
echo "${countryName}" > $TMP_DIR/ca.args | echo "${countryName}" > $TMP_DIR/ca.args | ||
echo "${stateOrProvinceName}" >> $TMP_DIR/ca.args | echo "${stateOrProvinceName}" >> $TMP_DIR/ca.args | ||
echo "${localityName}" >> $TMP_DIR/ca.args | echo "${localityName}" >> $TMP_DIR/ca.args | ||
echo "${organizationName}" >> $TMP_DIR/ca.args | echo "${organizationName}" >> $TMP_DIR/ca.args | ||
echo "${organizationalUnitName}" >> $TMP_DIR/ca.args | echo "${organizationalUnitName}" >> $TMP_DIR/ca.args | ||
echo "${commonName}" >> $TMP_DIR/ca.args | echo "${commonName}" >> $TMP_DIR/ca.args | ||
echo "${commonName}" >> $TMP_DIR/ca.args | echo "${commonName}" >> $TMP_DIR/ca.args | ||
echo "${emailAddress}" >> $TMP_DIR/ca.args | echo "${emailAddress}" >> $TMP_DIR/ca.args | ||
echo "" >> $TMP_DIR/ca.args | echo "" >> $TMP_DIR/ca.args | ||
echo "" >> $TMP_DIR/ca.args | echo "" >> $TMP_DIR/ca.args | ||
|
|
||
cat $TMP_DIR/ca.args | openssl req -new -config $SIRI_PROXY_ROOT/scripts/openssl.cnf -keyout $TMP_CA_DIR/private/cakey.pem -out $TMP_CA_DIR/careq.pem -passin pass:1234 -passout pass:1234 >> $LOG_FILE 2>> $LOG_FILE | cat $TMP_DIR/ca.args | openssl req -new -config $SIRI_PROXY_ROOT/scripts/openssl.cnf -keyout $TMP_CA_DIR/private/cakey.pem -out $TMP_CA_DIR/careq.pem -passin pass:1234 -passout pass:1234 >> $LOG_FILE 2>> $LOG_FILE | ||
|
|
||
echo "Self-signing '${commonName}' CA" | echo "Self-signing '${commonName}' CA" | ||
echo "Self-signing '${commonName}' CA" >> $LOG_FILE | echo "Self-signing '${commonName}' CA" >> $LOG_FILE | ||
openssl ca -create_serial -passin pass:1234 -config $SIRI_PROXY_ROOT/scripts/openssl.cnf -out $TMP_CA_DIR/cacert.pem -outdir $TMP_CA_DIR/newcerts -days 1095 -batch -keyfile $TMP_CA_DIR/private/cakey.pem -selfsign -extensions v3_ca -infiles $TMP_CA_DIR/careq.pem >> $LOG_FILE 2>> $LOG_FILE | openssl ca -create_serial -passin pass:1234 -config $SIRI_PROXY_ROOT/scripts/openssl.cnf -out $TMP_CA_DIR/cacert.pem -outdir $TMP_CA_DIR/newcerts -days 1095 -batch -keyfile $TMP_CA_DIR/private/cakey.pem -selfsign -extensions v3_ca -infiles $TMP_CA_DIR/careq.pem >> $LOG_FILE 2>> $LOG_FILE | ||
|
|
||
echo "Generating ${server1} & ${server2} certificate request" | echo "Generating ${server1} & ${server2} certificate request" | ||
echo "Generating '${commonName}' CA request" | echo "Generating '${commonName}' CA request" | ||
echo "Generating ${server1} & ${server2} certificate request" >> $LOG_FILE | echo "Generating ${server1} & ${server2} certificate request" >> $LOG_FILE | ||
echo "Generating '${commonName}' CA request" >> $LOG_FILE | echo "Generating '${commonName}' CA request" >> $LOG_FILE | ||
echo "${countryName}" > $TMP_DIR/ca.args | echo "${countryName}" > $TMP_DIR/ca.args | ||
echo "${stateOrProvinceName}" >> $TMP_DIR/ca.args | echo "${stateOrProvinceName}" >> $TMP_DIR/ca.args | ||
echo "${localityName}" >> $TMP_DIR/ca.args | echo "${localityName}" >> $TMP_DIR/ca.args | ||
echo "${organizationName}" >> $TMP_DIR/ca.args | echo "${organizationName}" >> $TMP_DIR/ca.args | ||
echo "${organizationalUnitName}" >> $TMP_DIR/ca.args | echo "${organizationalUnitName}" >> $TMP_DIR/ca.args | ||
echo "${server1}" >> $TMP_DIR/ca.args | echo "${server1}" >> $TMP_DIR/ca.args | ||
echo "${server2}" >> $TMP_DIR/ca.args | echo "${server2}" >> $TMP_DIR/ca.args | ||
echo "${emailAddress}" >> $TMP_DIR/ca.args | echo "${emailAddress}" >> $TMP_DIR/ca.args | ||
echo "" >> $TMP_DIR/ca.args | echo "" >> $TMP_DIR/ca.args | ||
echo "" >> $TMP_DIR/ca.args | echo "" >> $TMP_DIR/ca.args | ||
cat $TMP_DIR/ca.args | openssl req -new -keyout $TMP_DIR/newkey.pem -config $SIRI_PROXY_ROOT/scripts/openssl.cnf -out $TMP_DIR/newreq.pem -days 1095 -passin pass:1234 -passout pass:1234 >> $LOG_FILE 2>> $LOG_FILE | cat $TMP_DIR/ca.args | openssl req -new -keyout $TMP_DIR/newkey.pem -config $SIRI_PROXY_ROOT/scripts/openssl.cnf -out $TMP_DIR/newreq.pem -days 1095 -passin pass:1234 -passout pass:1234 >> $LOG_FILE 2>> $LOG_FILE | ||
|
|
||
echo "Generating ${server1} & ${server2} certificate" | echo "Generating ${server1} & ${server2} certificate" | ||
echo "Generating ${server1} & ${server2} certificate" >> $LOG_FILE | echo "Generating ${server1} & ${server2} certificate" >> $LOG_FILE | ||
yes | openssl ca -policy policy_anything -out $TMP_DIR/newcert.pem -config $SIRI_PROXY_ROOT/scripts/openssl.cnf -passin pass:1234 -keyfile $TMP_CA_DIR/private/cakey.pem -cert $TMP_CA_DIR/cacert.pem -infiles $TMP_DIR/newreq.pem >> $LOG_FILE 2>> $LOG_FILE | yes | openssl ca -policy policy_anything -out $TMP_DIR/newcert.pem -config $SIRI_PROXY_ROOT/scripts/openssl.cnf -passin pass:1234 -keyfile $TMP_CA_DIR/private/cakey.pem -cert $TMP_CA_DIR/cacert.pem -infiles $TMP_DIR/newreq.pem >> $LOG_FILE 2>> $LOG_FILE | ||
|
|
||
echo "Removing passphrase from ${server1} & ${server2} key" | echo "Removing passphrase from ${server1} & ${server2} key" | ||
echo "Removing passphrase from ${server1} & ${server2} key" >> $LOG_FILE | echo "Removing passphrase from ${server1} & ${server2} key" >> $LOG_FILE | ||
yes | openssl rsa -in $TMP_DIR/newkey.pem -out $SIRI_PROXY_SETTINGS/server.passless.key -passin pass:1234 >> $LOG_FILE 2>> $LOG_FILE | yes | openssl rsa -in $TMP_DIR/newkey.pem -out $SIRI_PROXY_SETTINGS/server.passless.key -passin pass:1234 >> $LOG_FILE 2>> $LOG_FILE | ||
|
|
||
echo "Cleaning up..." | echo "Cleaning up..." | ||
echo "Cleaning up..." >> $LOG_FILE | echo "Cleaning up..." >> $LOG_FILE | ||
mv $TMP_DIR/newcert.pem $SIRI_PROXY_SETTINGS/server.passless.crt | mv $TMP_DIR/newcert.pem $SIRI_PROXY_SETTINGS/server.passless.crt | ||
mv $TMP_CA_DIR/cacert.pem $SIRI_PROXY_SETTINGS/ca.pem | mv $TMP_CA_DIR/cacert.pem $SIRI_PROXY_SETTINGS/ca.pem | ||
rm -rf $TMP_DIR/new{key,req}.pem $TMP_CA_DIR $TMP_DIR/ca.args | rm -rf $TMP_DIR/new{key,req}.pem $TMP_CA_DIR $TMP_DIR/ca.args | ||
|
|
||
echo "Done! (For details on any errors, check '${LOG_FILE}')" | echo "Done! (For details on any errors, check '${LOG_FILE}')" | ||
echo "Done! " >> $LOG_FILE | echo "Done! " >> $LOG_FILE | ||
echo "-------------------------------------------------------------" | echo "-------------------------------------------------------------" | ||
echo "" | echo "" | ||
echo "Please install ${SIRI_PROXY_SETTINGS}/ca.pem onto your phone!" | echo "Please install ${SIRI_PROXY_SETTINGS}/ca.pem onto your phone!" | ||
echo "Please install ${SIRI_PROXY_SETTINGS}/ca.pem onto your phone!" >> $LOG_FILE | echo "Please install ${SIRI_PROXY_SETTINGS}/ca.pem onto your phone!" >> $LOG_FILE | ||
echo "(Note: You can do this by emailing the file to yourself)" | echo "(Note: You can do this by emailing the file to yourself)" | ||
echo "" | echo "" | ||
echo "-------------------------------------------------------------" | echo "-------------------------------------------------------------" |