From ac5aa1099e05c567ef8621d4ee4e4c013b8c24d8 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Mon, 20 Jan 2014 20:53:20 +0100
Subject: [PATCH] Revert "CA.sh: Add a Master CA"

This reverts commit 6f260045fa10f16104bae1a9aa067288096b3722.
---
 misc/CA.sh | 79 +++++++++++++++---------------------------------------
 1 file changed, 22 insertions(+), 57 deletions(-)

diff --git a/misc/CA.sh b/misc/CA.sh
index 9ba3878a..3e7cc1cc 100755
--- a/misc/CA.sh
+++ b/misc/CA.sh
@@ -11,21 +11,17 @@ fi
 CAKEY=./cakey.key
 CAREQ=./careq.csr
 CACERT=./cacert.crt
-MASTERKEY=./master.key
-MASTEREQ=./master.csr
-MASTERCERT=./master.crt
-
 DAYS=365
 
-GREEN="\033[1;32m"
-RED="\033[1;31m"
-COLOR_RST="\033[0m"
+#GREEN="\033[1;32m"
+#RED="\033[1;31m"
+#COLOR_RST="\033[0m"
 
-#GREEN="<font color=green>"
-#RED="<font color=red>"
-#COLOR_RST="</font>"
-#BOLD="<b>"
-#END_BOLD="</b>"
+GREEN="<font color=green>"
+RED="<font color=red>"
+COLOR_RST="</font>"
+BOLD="<b>"
+END_BOLD="</b>"
 
 usage()
 {
@@ -65,7 +61,7 @@ case $1 in
         ESCAPED=$(echo "${TOP_DIR}" | sed 's/[\/\.]/\\&/g')
 
         echo -e "${GREEN}Making CA key and csr${COLOR_RST}"
-        sed -i 's/=.*#COMMONNAME/= FIC2014 MASTER #COMMONNAME/' $OPENSSL_CONF
+        sed -i 's/=.*#COMMONNAME/= FIC2014 CA #COMMONNAME/' $OPENSSL_CONF
         sed -i "s/=.*#DIR/= ${ESCAPED} #DIR/" $OPENSSL_CONF
         sed -i "s/=.*#CERTTYPE/= objsign #CERTTYPE/" $OPENSSL_CONF
 
@@ -75,37 +71,9 @@ case $1 in
             exit 5
         fi
 
-	# MASTER CA
-        sed -i 's/cacert\.crt/master\.crt/' $OPENSSL_CONF
-        sed -i 's/cakey\.key/master\.key/' $OPENSSL_CONF
         pass=`pwgen -n -B -y 12 1`
-	echo "Master pass: " $pass
-        openssl req -batch -new -keyout ${TOP_DIR}/private/${MASTERKEY}     \
-                    -out ${TOP_DIR}/${MASTEREQ} -passout pass:$pass         \
-                    -config $OPENSSL_CONF > $OUTPUT 2>&1
-        if [ $? -ne 0 ]; then
-            cat $OUTPUT
-            clean "ca"
-            exit 4
-        fi
 
-        echo -e "${GREEN}Self signes the MASTER certificate${COLOR_RST}"
-        openssl ca -batch -create_serial -out ${TOP_DIR}/${MASTERCERT}      \
-                -days ${DAYS} -keyfile ${TOP_DIR}/private/${MASTERKEY}      \
-                -selfsign -extensions v3_ca -config ${OPENSSL_CONF}         \
-                -infiles ${TOP_DIR}/${MASTEREQ} > $OUTPUT 2>&1
-        if [ $? -ne 0 ]; then
-            cat $OUTPUT
-            clean "ca"
-            exit 4
-        fi
-
-        sed -i 's/=.*#COMMONNAME/= FIC2014 CA #COMMONNAME/' $OPENSSL_CONF
-	echo -e "${GREEN}Generate CA certificate${COLOR_RST}"
-	
-        pass=`pwgen -n -B -y 12 1`
-	echo "CA pass: " $pass
-        openssl req -batch -new -keyout ${TOP_DIR}/private/${CAKEY}	    \
+        openssl req -batch -new -keyout ${TOP_DIR}/private/${CAKEY}         \
                     -out ${TOP_DIR}/${CAREQ} -passout pass:$pass            \
                     -config $OPENSSL_CONF > $OUTPUT 2>&1
         if [ $? -ne 0 ]; then
@@ -122,20 +90,17 @@ case $1 in
             clean "ca"
             exit 4
         fi
-        echo -e "${GREEN}Signing CA crt by Master${COLOR_RST}"
-	openssl ca -policy policy_match -config ${OPENSSL_CONF}             \
-                   -out ${TOP_DIR}/${CACERT} -infiles ${TOP_DIR}/${CAREQ}
-        if [ $? -ne 0 ]; then
-            echo -e "${RED}Signing failed for CA${COLOR_RST}"
-            rm -rf ${TOP_DIR}/${CACERT} ${TOP_DIR}/${CAKEY} ${TOP_DIR}/${CAREQ}
-            cat $OUTPUT
-            sed -i 's/master\.crt/cacert\.crt/' $OPENSSL_CONF
-            sed -i 's/master\.key/cakey\.key/' $OPENSSL_CONF
-            exit 4
-	fi
 
-        sed -i 's/master\.crt/cacert\.crt/' $OPENSSL_CONF
-        sed -i 's/master\.key/cakey\.key/' $OPENSSL_CONF
+        echo -e "${GREEN}Self signes the CA certificate${COLOR_RST}"
+        openssl ca -batch -create_serial -out ${TOP_DIR}/${CACERT}          \
+                -days ${DAYS} -keyfile ${TOP_DIR}/private/${CAKEY}          \
+                -selfsign -extensions v3_ca -config ${OPENSSL_CONF}         \
+                -infiles ${TOP_DIR}/${CAREQ} > $OUTPUT 2>&1
+        if [ $? -ne 0 ]; then
+            cat $OUTPUT
+            clean "ca"
+            exit 4
+        fi
         ;;
     "-newserver" )
         echo -e "${GREEN}Making the Server key and cert${COLOR_RST}"
@@ -143,7 +108,7 @@ case $1 in
             echo -e "${RED}Can not found the CA's key${COLOR_RST}"
             exit 2
         fi
-        sed -i 's/=.*#COMMONNAME/= srs.epita.fr #COMMONNAME/' $OPENSSL_CONF
+        sed -i 's/=.*#COMMONNAME/= FIC2014 Server #COMMONNAME/' $OPENSSL_CONF
         sed -i "s/=.*#CERTTYPE/= server #CERTTYPE/" $OPENSSL_CONF
         openssl req -batch -new -keyout server.key -out server.csr          \
                     -days ${DAYS} -config ${OPENSSL_CONF} > $OUTPUT 2>&1
@@ -153,7 +118,7 @@ case $1 in
         fi
         echo -e "${GREEN}Signing the Server crt${COLOR_RST}"
         openssl ca -policy policy_match -config ${OPENSSL_CONF}             \
-                   -out server.crt -infiles server.csr
+                   -out server.crt -infiles server.csr > $OUTPUT 2>&1
         if [ $? -ne 0 ]; then
             echo -e "${RED}Signing failed for new server${COLOR_RST}"
             rm -rf server.key server.crt server.csr