1 files changed, 28 insertions, 3 deletions
diff --git a/src/initconf.c b/src/initconf.c
index 960fb6b..92f8085 100644
--- a/src/initconf.c
+++ b/src/initconf.c
@@ -25,11 +25,34 @@
 int debug = 1;
+int get_rand(int min, int max) {
+        int retval = (rand() % (max - min)) + min;
+        return retval;
+}
+char *lockdownd_generate_hostid() {
+        char *hostid = (char*)malloc(sizeof(char) * 37); // HostID's are just UUID's, and UUID's are 36 characters long
+        const char *chars = "ABCDEF0123456789";
+        srand(time(NULL));
+        int i = 0;
+        
+        for (i = 0; i < 36; i++) {
+                if (i == 8 || i == 13 || i == 18 || i == 23) {
+                        hostid[i] = '-';
+                        continue;
+                } else {
+                        hostid[i] = chars[get_rand(0,16)];
+                }
+        }
+        hostid[36] = '\0';
+        return hostid;
+}
 int main(int argc, char *argv[]) {
        gnutls_global_init();
-        char* host_id = "29942970-207913891623273984";
+        char* host_id = NULL; //"29942970-207913891623273984"
        gnutls_x509_privkey_t root_privkey;
        gnutls_x509_privkey_t host_privkey;
@@ -44,7 +67,8 @@ int main(int argc, char *argv[]) {
        /* generate HostID */
        //TODO
+        host_id = lockdownd_generate_hostid();
+        if (debug) printf("HostID: %s\n", host_id);
        /* generate keys */
        gnutls_x509_privkey_generate(root_privkey, GNUTLS_PK_RSA, 2048, 0);
        gnutls_x509_privkey_generate(host_privkey, GNUTLS_PK_RSA, 2048, 0);
@@ -62,7 +86,8 @@ int main(int argc, char *argv[]) {
        gnutls_x509_crt_set_key(host_cert, host_privkey);
        gnutls_x509_crt_set_serial(host_cert, "\x00", 1);
        gnutls_x509_crt_set_version(host_cert, 3);
-        gnutls_x509_crt_set_ca_status(host_cert, 1);
+        gnutls_x509_crt_set_ca_status(host_cert, 0);
+        gnutls_x509_crt_set_key_usage(host_cert, GNUTLS_KEY_KEY_ENCIPHERMENT | GNUTLS_KEY_DIGITAL_SIGNATURE);
        gnutls_x509_crt_set_activation_time(host_cert, time(NULL));
        gnutls_x509_crt_set_expiration_time(host_cert, time(NULL) + (60 * 60 * 24 * 365 * 10));
        gnutls_x509_crt_sign(host_cert, root_cert, root_privkey);

diff --git a/src/initconf.c b/src/initconf.c index 960fb6b..92f8085 100644 --- a/src/initconf.c +++ b/src/initconf.c
@@ -25,11 +25,34 @@
25		25
26	int debug = 1;	26	int debug = 1;
27		27
		28	int get_rand(int min, int max) {
		29	int retval = (rand() % (max - min)) + min;
		30	return retval;
		31	}
		32
		33	char *lockdownd_generate_hostid() {
		34	char hostid = (char)malloc(sizeof(char) * 37); // HostID's are just UUID's, and UUID's are 36 characters long
		35	const char *chars = "ABCDEF0123456789";
		36	srand(time(NULL));
		37	int i = 0;
		38
		39	for (i = 0; i < 36; i++) {
		40	if (i == 8 \|\| i == 13 \|\| i == 18 \|\| i == 23) {
		41	hostid[i] = '-';
		42	continue;
		43	} else {
		44	hostid[i] = chars[get_rand(0,16)];
		45	}
		46	}
		47	hostid[36] = '\0';
		48	return hostid;
		49	}
		50
28	int main(int argc, char *argv[]) {	51	int main(int argc, char *argv[]) {
29		52
30	gnutls_global_init();	53	gnutls_global_init();
31		54
32	char* host_id = "29942970-207913891623273984";	55	char* host_id = NULL; //"29942970-207913891623273984"
33	gnutls_x509_privkey_t root_privkey;	56	gnutls_x509_privkey_t root_privkey;
34	gnutls_x509_privkey_t host_privkey;	57	gnutls_x509_privkey_t host_privkey;
35		58
@@ -44,7 +67,8 @@ int main(int argc, char *argv[]) {
44		67
45	/* generate HostID */	68	/* generate HostID */
46	//TODO	69	//TODO
47		70	host_id = lockdownd_generate_hostid();
		71	if (debug) printf("HostID: %s\n", host_id);
48	/* generate keys */	72	/* generate keys */
49	gnutls_x509_privkey_generate(root_privkey, GNUTLS_PK_RSA, 2048, 0);	73	gnutls_x509_privkey_generate(root_privkey, GNUTLS_PK_RSA, 2048, 0);
50	gnutls_x509_privkey_generate(host_privkey, GNUTLS_PK_RSA, 2048, 0);	74	gnutls_x509_privkey_generate(host_privkey, GNUTLS_PK_RSA, 2048, 0);
@@ -62,7 +86,8 @@ int main(int argc, char *argv[]) {
62	gnutls_x509_crt_set_key(host_cert, host_privkey);	86	gnutls_x509_crt_set_key(host_cert, host_privkey);
63	gnutls_x509_crt_set_serial(host_cert, "\x00", 1);	87	gnutls_x509_crt_set_serial(host_cert, "\x00", 1);
64	gnutls_x509_crt_set_version(host_cert, 3);	88	gnutls_x509_crt_set_version(host_cert, 3);
65	gnutls_x509_crt_set_ca_status(host_cert, 1);	89	gnutls_x509_crt_set_ca_status(host_cert, 0);
		90	gnutls_x509_crt_set_key_usage(host_cert, GNUTLS_KEY_KEY_ENCIPHERMENT \| GNUTLS_KEY_DIGITAL_SIGNATURE);
66	gnutls_x509_crt_set_activation_time(host_cert, time(NULL));	91	gnutls_x509_crt_set_activation_time(host_cert, time(NULL));
67	gnutls_x509_crt_set_expiration_time(host_cert, time(NULL) + (60 * 60 * 24 * 365 * 10));	92	gnutls_x509_crt_set_expiration_time(host_cert, time(NULL) + (60 * 60 * 24 * 365 * 10));
68	gnutls_x509_crt_sign(host_cert, root_cert, root_privkey);	93	gnutls_x509_crt_sign(host_cert, root_cert, root_privkey);