static gboolean openssl_make_dummy_cert (const gchar *key_file, const gchar *out_file, GError **error) { gboolean ret = FALSE; gint exit_status; gchar *stderr_str = NULL; gchar *command_line = NULL; gchar *subject = generate_subject (); const gchar *argv[] = { "openssl", "req", "-x509", "-days", "36500", "-newkey", "rsa:2048", "-keyout", key_file, "-keyform", "PEM", "-nodes", "-out", out_file, "-outform", "PEM", "-subj", subject, NULL }; command_line = g_strjoinv (" ", (gchar **)argv); g_info ("Generating temporary certificate using: %s", command_line); if (!g_spawn_sync (NULL, (gchar **)argv, NULL, G_SPAWN_SEARCH_PATH, NULL, NULL, NULL, &stderr_str, &exit_status, error) || !g_spawn_check_exit_status (exit_status, error)) { g_warning ("%s", stderr_str); g_prefix_error (error, "Error generating temporary self-signed dummy cert using openssl: "); goto out; } ret = TRUE; out: g_free (stderr_str); g_free (command_line); g_free (subject); return ret; }
static gboolean openssl_make_dummy_cert (const gchar *key_file, const gchar *out_file, GError **error) { gboolean ret = FALSE; gint exit_status; gchar *stderr_str = NULL; gchar *command_line = NULL; gchar *ssl_config = NULL; gchar *subject = generate_subject (); /* make config file with subjectAltName for localhost and our tests */ ssl_config = create_temp_file (g_get_tmp_dir (), "ssl.conf.XXXXXX", error); if (!ssl_config) return FALSE; if (!g_file_set_contents (ssl_config, "[ req ]\n" "req_extensions = v3_req\n" "extensions = v3_req\n" "distinguished_name = req_distinguished_name\n" "[ req_distinguished_name ]\n" "[ v3_req ]\n" "subjectAltName=IP:127.0.0.1,DNS:localhost\n", -1, error)) return FALSE; const gchar *argv[] = { "openssl", "req", "-x509", "-days", "36500", "-newkey", "rsa:2048", "-keyout", key_file, "-keyform", "PEM", "-nodes", "-out", out_file, "-outform", "PEM", "-subj", subject, "-config", ssl_config, "-extensions", "v3_req", NULL }; command_line = g_strjoinv (" ", (gchar **)argv); g_info ("Generating temporary certificate using: %s", command_line); if (!g_spawn_sync (NULL, (gchar **)argv, NULL, G_SPAWN_SEARCH_PATH, NULL, NULL, NULL, &stderr_str, &exit_status, error) || !g_spawn_check_exit_status (exit_status, error)) { g_warning ("%s", stderr_str); g_prefix_error (error, "Error generating temporary self-signed dummy cert using openssl: "); goto out; } ret = TRUE; out: if (ssl_config) g_unlink (ssl_config); g_free (ssl_config); g_free (stderr_str); g_free (command_line); g_free (subject); return ret; }