From: Marcel Poul Date: Wed, 14 Sep 2011 15:01:32 +0000 (+0000) Subject: Generate two fake proxy certificates with voms attributes X-Git-Tag: before_mechglue_support~19 X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=d411b08d9bbd6c519a0a19dcddeae4abd4785027;p=jra1mw.git Generate two fake proxy certificates with voms attributes --- diff --git a/org.glite.testsuites.ctb/LB/tests/lb-generate-fake-proxy.sh b/org.glite.testsuites.ctb/LB/tests/lb-generate-fake-proxy.sh new file mode 100755 index 0000000..91b4a81 --- /dev/null +++ b/org.glite.testsuites.ctb/LB/tests/lb-generate-fake-proxy.sh @@ -0,0 +1,102 @@ +#!/bin/bash +# +# Copyright (c) Members of the EGEE Collaboration. 2004-2010. +# See http://www.eu-egee.org/partners for details on the copyright holders. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# show help and usage +progname=`basename $0` +CERTS_ROOT=/tmp/test-certs +USER=trusted_client00 +USER_BOB=trusted_client01 +VOMS_SERVER=trusted_host +VO=vo.org +user_id=`id -u` + +showHelp() +{ +cat << EndHelpHeader +Script for making fake proxy certificates out of fake credentials +Thist script generates 2 proxy certificates with voms attributes +and sets \$X509_USER_PROXY and \$X509_USER_PROXY_BOB +Prerequisities: + +Tests called: + +Returned values: + Exit 0: Certificate generated + Exit 1: Certificete not generated + +EndHelpHeader + echo "Usage: $progname [OPTIONS]" + echo "Options:" + echo " -h | --help Show this help message." + +} + +while test -n "$1" +do + case "$1" in + "-h" | "--help") showHelp && exit 2 ;; + esac + shift +done + +echo "Generating fake proxy certificate - this may take a few minutes" +echo "" + +cd /tmp +rm -rf $CERTS_ROOT org.glite.security.test-utils +wget -q -O org.glite.security.test-utils.tar.gz \ + 'http://jra1mw.cvs.cern.ch:8180/cgi-bin/jra1mw.cgi/org.glite.security.test-utils.tar.gz?view=tar' &> /dev/null || exit 1 +tar xzf org.glite.security.test-utils.tar.gz || exit 1 + +org.glite.security.test-utils/bin/generate-test-certificates.sh $CERTS_ROOT &> /dev/null || exit 1 + +cd $CERTS_ROOT/trusted-certs + +for p in $USER $VOMS_SERVER $USER_BOB; do + openssl rsa -in ${p}.priv -out ${p}.priv-clear -passin pass:changeit &> /dev/null + chmod 600 ${p}.priv-clear + done + +for p in $USER $USER_BOB; do + voms-proxy-fake -cert ${p}.cert -key ${p}.priv-clear \ + -hostcert ${VOMS_SERVER}.cert -hostkey ${VOMS_SERVER}.priv-clear \ + -voms ${VO} -out /tmp/x509up_u${p} \ + -fqan "/${VO}/Role=NULL/Capability=NULL" &> /dev/null || exit 1 + done +mv "/tmp/x509up_u${USER}" "/tmp/x509up_u${user_id}" + +export X509_USER_PROXY=/tmp/x509up_u${user_id} +export X509_USER_PROXY_BOB=/tmp/x509up_u${USER_BOB} + +echo "/tmp/x509up_u${user_id} proxy certificate has been generated" +echo "/tmp/x509up_u${USER} proxy certificate has been generated" +echo "" +echo "======================================================================" +echo "Credentials have been generated, adapt your configuration accordingly:" +echo "======================================================================" + +echo X509_CERT_DIR=$CERTS_ROOT/grid-security/certificates +echo X509_USER_PROXY=/tmp/x509up_u${user_id} +#BOB'S FAKE PROXY +echo X509_USER_PROXY_BOB=/tmp/x509up_u${USER_BOB} +echo mkdir /etc/grid-security/vomsdir/$VO +echo "openssl x509 -noout -subject -issuer -in $CERTS_ROOT/trusted-certs/${VOMS_SERVER}.cert | cut -d ' ' -f 2- > /etc/grid-security/vomsdir/$VO/server.serverovic.lsc" +echo "======================================================================" +echo "" + +exit 0