refactor build wrapper into smaller operations
This commit is contained in:
Aidan Hahn
parent
4c7c703846
commit
71f806847a
2 changed files with 56 additions and 57 deletions
134
buildwrapper.sh
134
buildwrapper.sh
|
|
@ -1,134 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
read -p "Enter Server CN (localhost or address): " SRVNAME
|
||||
read -p "Enter Client CN (localhost or address): " CLTNAME
|
||||
|
||||
SERVER_CA_CN=jobserv-server-ca
|
||||
SERVER_PATH=resources/server
|
||||
CLIENT_CA_CN=jobserv-client-ca
|
||||
CLIENT_PATH=resources/client
|
||||
TEST_CA_CN=jobserv-bad-cert-ca
|
||||
TEST_CN=localhost
|
||||
TEST_PATH=resources/test
|
||||
|
||||
# refactor this to test for directory existanc
|
||||
rm -rf resources
|
||||
mkdir resources/
|
||||
mkdir resources/client
|
||||
mkdir resources/server
|
||||
mkdir resources/test
|
||||
rm -rf staging
|
||||
|
||||
|
||||
# Get passwords for CAs
|
||||
read -p "Enter Server CA Passphrase: " SRVCAPASS
|
||||
read -p "Enter Client CA Passphrase: " CLTCAPASS
|
||||
|
||||
# Generate CA Keys
|
||||
echo "[+] Generating Server CA Key"
|
||||
openssl genrsa -passout pass:$SRVCAPASS -aes256 -out $SERVER_PATH/ca.key 4096
|
||||
echo "[+] Generating Client CA Key"
|
||||
openssl genrsa -passout pass:$CLTCAPASS -aes256 -out $CLIENT_PATH/ca.key 4096
|
||||
echo "[+] Generating test CA Key"
|
||||
openssl genrsa -passout pass:dontusethiskey -aes256 -out $TEST_PATH/ca.key 4096
|
||||
|
||||
# Generate CA Certs
|
||||
echo "[+] Generating Server CA Cert"
|
||||
openssl req -passin pass:$SRVCAPASS -new -x509 -days 365 -key $SERVER_PATH/ca.key -out $SERVER_PATH/ca.crt -subj "/CN=${SERVER_CA_CN}"
|
||||
echo "[+] Generating Client CA Cert"
|
||||
openssl req -passin pass:$CLTCAPASS -new -x509 -days 365 -key $CLIENT_PATH/ca.key -out $CLIENT_PATH/ca.crt -subj "/CN=${CLIENT_CA_CN}"
|
||||
echo "[+] Generating test CA Key"
|
||||
openssl req -passin pass:dontusethiskey -new -x509 -days 365 -key $TEST_PATH/ca.key -out $TEST_PATH/ca.crt -subj "/CN=${TEST_CA_CN}"
|
||||
|
||||
|
||||
# Generate Server Key, Signing request, cert
|
||||
echo "[+] Generating Server key"
|
||||
openssl genrsa -passout pass:${SRVCAPASS} -aes256 -out $SERVER_PATH/private.key 4096
|
||||
echo "[+] Generating Server signing request"
|
||||
openssl req -passin pass:${SRVCAPASS} -new -key $SERVER_PATH/private.key -out $SERVER_PATH/request.csr -subj "/CN=${SRVNAME}"
|
||||
echo "[+] Generating Server certificate "
|
||||
openssl x509 -req -passin pass:${SRVCAPASS} -days 365 -in $SERVER_PATH/request.csr -CA $SERVER_PATH/ca.crt -CAkey $SERVER_PATH/ca.key -set_serial 01 -out $SERVER_PATH/server.crt
|
||||
echo "[+] Removing passphrase from server key"
|
||||
openssl rsa -passin pass:${SRVCAPASS} -in $SERVER_PATH/private.key -out $SERVER_PATH/private.key
|
||||
|
||||
# Generate Client Key, Signing request, cert
|
||||
echo "[+] Generating Client key"
|
||||
openssl genrsa -passout pass:${CLTCAPASS} -aes256 -out $CLIENT_PATH/private.key 4096
|
||||
echo "[+] Generating Client signing request"
|
||||
openssl req -passin pass:${CLTCAPASS} -new -key $CLIENT_PATH/private.key -out $CLIENT_PATH/request.csr -subj "/CN=${CLTNAME}"
|
||||
echo "[+] Generating Client certificate "
|
||||
openssl x509 -req -passin pass:${CLTCAPASS} -days 365 -in $CLIENT_PATH/request.csr -CA $CLIENT_PATH/ca.crt -CAkey $CLIENT_PATH/ca.key -set_serial 01 -out $CLIENT_PATH/client.crt
|
||||
echo "[+] Removing passphrase from client key"
|
||||
openssl rsa -passin pass:${CLTCAPASS} -in $CLIENT_PATH/private.key -out $CLIENT_PATH/private.key
|
||||
|
||||
# Generate Test Key, Signing request, cert
|
||||
echo "[+] Generating test key"
|
||||
openssl genrsa -passout pass:dontusethiskey -aes256 -out $TEST_PATH/private.key 4096
|
||||
echo "[+] Generating test signing request"
|
||||
openssl req -passin pass:dontusethiskey -new -key $TEST_PATH/private.key -out $TEST_PATH/request.csr -subj "/CN=${TEST_CN}"
|
||||
echo "[+] Generating test certificate "
|
||||
openssl x509 -req -passin pass:dontusethiskey -days 365 -in $TEST_PATH/request.csr -CA $TEST_PATH/ca.crt -CAkey $TEST_PATH/ca.key -set_serial 01 -out $TEST_PATH/test.crt
|
||||
echo "[+] Removing passphrase from test key"
|
||||
openssl rsa -passin pass:dontusethiskey -in $TEST_PATH/private.key -out $TEST_PATH/private.key
|
||||
|
||||
|
||||
echo "[+] Converting private keys to X.509"
|
||||
openssl pkcs8 -topk8 -nocrypt -in $CLIENT_PATH/private.key -out $CLIENT_PATH/private.pem
|
||||
openssl pkcs8 -topk8 -nocrypt -in $SERVER_PATH/private.key -out $SERVER_PATH/private.pem
|
||||
openssl pkcs8 -topk8 -nocrypt -in $TEST_PATH/private.key -out $TEST_PATH/private.pem
|
||||
|
||||
echo "[+] initiating gradle build"
|
||||
./gradlew clean build
|
||||
|
||||
# Ideally this next section would be done with gradle
|
||||
# Unfortunately gradle's protobuf distribution plugin does not seem to have facilities to manually include certs
|
||||
# Or to specify seperate client and server tarballs for that matter
|
||||
# Definitely more research on gradle should be done, but after JobServ hits MVP
|
||||
echo "[+] extracting built code"
|
||||
mkdir staging
|
||||
mkdir staging/client
|
||||
mkdir staging/server
|
||||
mkdir staging/test
|
||||
|
||||
DIST_TAR=JobServ.tar
|
||||
DIST_DIR=JobServ
|
||||
if [ -f build/distributions/jobserv.tar ]; then
|
||||
DIST_TAR=jobserv.tar
|
||||
DIST_DIR=jobserv
|
||||
fi
|
||||
|
||||
tar -xvf build/distributions/$DIST_TAR -C staging/client
|
||||
tar -xvf build/distributions/$DIST_TAR -C staging/server
|
||||
tar -xvf build/distributions/$DIST_TAR -C staging/test
|
||||
|
||||
echo "[+] removing server capabilities from client"
|
||||
rm staging/client/$DIST_DIR/bin/jobserv-server staging/client/$DIST_DIR/bin/jobserv-server.bat
|
||||
|
||||
echo "[+] removing client capabilities from server"
|
||||
rm staging/server/$DIST_DIR/bin/jobserv-client staging/server/$DIST_DIR/bin/jobserv-client.bat
|
||||
|
||||
echo "[+] populating certificates"
|
||||
cp resources/server/server.crt staging/server/
|
||||
cp resources/server/private.pem staging/server/
|
||||
cp resources/client/ca.crt staging/server/
|
||||
cp resources/client/client.crt staging/client/
|
||||
cp resources/client/private.pem staging/client/
|
||||
cp resources/server/ca.crt staging/client/
|
||||
cp -r resources/* staging/test/
|
||||
|
||||
echo "[+] Adding wrapper script for client"
|
||||
# This could also be a .desktop file without much more work.
|
||||
cat << EOF > staging/client/client
|
||||
./$DIST_DIR/bin/jobserv-client private.pem client.crt ca.crt \$@
|
||||
EOF
|
||||
chmod +x staging/client/client
|
||||
|
||||
echo "[+] Adding wrapper script for server"
|
||||
# This could also be a .desktop file without much more work.
|
||||
cat << EOF > staging/server/server
|
||||
./$DIST_DIR/bin/jobserv-server \$1 server.crt private.pem ca.crt
|
||||
EOF
|
||||
chmod +x staging/server/server
|
||||
|
||||
echo "[+] removing test logs"
|
||||
rm JobServ-Server-*
|
||||
Loading…
Add table
Add a link
Reference in a new issue