1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
#!/usr/bin/env python
# **********************************************************************
#
# Copyright (c) 2003-2017 ZeroC, Inc. All rights reserved.
#
# **********************************************************************
import os, sys, socket, getopt
try:
import IceCertUtils
except Exception as ex:
print("couldn't load IceCertUtils, did you install the `zeroc-icecertutils'\n"
"package from the Python package repository?\nerror: " + str(ex))
sys.exit(1)
def usage():
print("Usage: " + sys.argv[0] + " [options]")
print("")
print("Options:")
print("-h Show this message.")
print("-d | --debug Debugging output.")
print("--ip <ip> The IP address for the server certificate.")
print("--dns <dns> The DNS name for the server certificate.")
print("--use-dns Use the DNS name for the server certificate common")
print(" name (default is to use the IP address)." )
sys.exit(1)
#
# Check arguments
#
debug = False
ip = None
dns = None
usedns = False
impl = ""
try:
opts, args = getopt.getopt(sys.argv[1:], "hd", ["help", "debug", "ip=", "dns=","use-dns","impl="])
except getopt.GetoptError as e:
print("Error %s " % e)
usage()
sys.exit(1)
for (o, a) in opts:
if o == "-h" or o == "--help":
usage()
sys.exit(0)
elif o == "-d" or o == "--debug":
debug = True
elif o == "--ip":
ip = a
elif o == "--dns":
dns = a
elif o == "--use-dns":
usedns = True
elif o == "--impl":
impl = a
def request(question, newvalue, value):
while True:
sys.stdout.write(question)
sys.stdout.flush()
input = sys.stdin.readline().strip()
if input == 'n':
sys.stdout.write(newvalue)
sys.stdout.flush()
return sys.stdin.readline().strip()
else:
return value
#
# Change to the directory where the certs files are stored
#
os.chdir(os.path.dirname(os.path.abspath(__file__)))
if not ip:
try:
ip = socket.gethostbyname(socket.gethostname())
except:
ip = "127.0.0.1"
ip = request("The IP address used for the server certificate will be: " + ip + "\n"
"Do you want to keep this IP address? (y/n) [y]", "IP : ", ip)
if not dns:
dns = "localhost"
dns = request("The DNS name used for the server certificate will be: " + dns + "\n"
"Do you want to keep this DNS name? (y/n) [y]", "DNS : ", dns)
CertificateFactory = vars(IceCertUtils)[impl + "CertificateFactory"]
factory = CertificateFactory(debug=debug, cn="Ice Tests CA")
#
# CA certificate
#
factory.getCA().save("cacert.pem").save("cacert.der")
#
# Client certificate
#
client = factory.create("client")
client.save("client.p12")
#
# Server certificate
#
# NOTE: server.pem is used by scripts/TestController.py
#
server = factory.create("server", cn = (dns if usedns else ip), ip=ip, dns=dns)
server.save("server.p12").save("server.pem")
try:
server.save("server.jks", caalias="cacert")
client.save("client.jks", caalias="cacert")
# Don't try to generate the BKS if the JKS generation fails
try:
server.save("server.bks", caalias="cacert")
client.save("client.bks", caalias="cacert")
except Exception as ex:
for f in ["server.bks", "client.bks"]:
if os.path.exists(f): os.remove(f)
print("warning: couldn't generate BKS certificates for Android applications:\n" + str(ex))
print("Please fix this issue if you want to run the Android tests.")
except Exception as ex:
for f in ["server.jks", "client.jks"]:
if os.path.exists(f): os.remove(f)
print("warning: couldn't generate JKS certificates for Java applications:\n" + str(ex))
print("Please fix this issue if you want to run the Java tests.")
factory.destroy()
|
