# PRACTICA SERVIDOR WEB. SEGURIDAD EN REDES

APACHE="apache_1.3.29"
MODSSL="mod_ssl-2.8.16-1.3.29"
OPENSSL="openssl-0.9.7d"
#APACHE="apache_1.3.42"
#APACHE="apache_1.3.41"
#MODSSL="mod_ssl-2.8.31-1.3.41"
#OPENSSL="openssl-1.0.0d"


echo "Apartado 1: Ser root"
if [ $(whoami) != "root" ]
then
  echo "no eres root. Y para esta practica hay que serlo"
  exit 1
fi
# crear directorio de trabajo
mkdir Practica
cd Practica

echo "Apartados 2, 3 y 4: Descargas..."
echo "Descargar Apache (${APACHE}.tar.gz):"
echo wget http://archive.apache.org/dist/httpd/${APACHE}.tar.gz
echo wget http://labit501.upct.es/~fburrull/docencia/SeguridadEnRedes/${APACHE}.tar.gz
wget http://labit501.upct.es/~fburrull/docencia/SeguridadEnRedes/${APACHE}.tar.gz
echo "Descargar Modssl (${MODSSL}):"
echo wget http://www.modssl.org/source/${MODSSL}.tar.gz
echo wget  http://labit501.upct.es/~fburrull/docencia/SeguridadEnRedes/${MODSSL}.tar.gz
wget  http://labit501.upct.es/~fburrull/docencia/SeguridadEnRedes/${MODSSL}.tar.gz
echo "Descargar Openssl (${OPENSSL}):"
echo wget http://openssl.org/source/${OPENSSL}.tar.gz
echo wget  http://labit501.upct.es/~fburrull/docencia/SeguridadEnRedes/${OPENSSL}.tar.gz
wget  http://labit501.upct.es/~fburrull/docencia/SeguridadEnRedes/${OPENSSL}.tar.gz
echo "Descargas finalizadas."

echo "Apartado 5: Descomprimir apache y preconfigurar."
tar zxvf ${APACHE}.tar.gz
cd ${APACHE}
./configure --prefix=/usr/local/apache
cd ..

echo "Apartado 6: Descomprimir openssl y preconfigurar."
tar zxvf ${OPENSSL}.tar.gz
cd ${OPENSSL}

if [ ${MODSSL} = "mod_ssl-2.8.16-1.3.29" ]
then
  echo "Patching time ...."
  if [ ! -e "Configure.original" ]
  then
    cp Configure Configure.original
    sed 's/-m486/-mtune=i486/' <Configure.original >Configure
  else
    echo "Patch previously applied to Configure. Nothing to do."
  fi
  if [ ! -e "Makefile.original" ]
  then
    cp Makefile Makefile.original
    sed 's/-m486/-mtune=i486/' <Makefile.original >Makefile
  else
    echo "Patch previously applied to Makefile. Nothing to do."
  fi
fi



./config --prefix=/usr/local/ssl
make
make install
cd ..

echo "Apartado 7: Descomprimir mod_ssl y preconfigurar."
tar zxvf ${MODSSL}.tar.gz
cd ${MODSSL}

if [ ${APACHE} = "apache_1.3.42" ]
then
  if [ ${MODSSL} = "mod_ssl-2.8.31-1.3.41" ]
  then
    echo "Patching time ...."
    if [ ! -e "pkg.sslmod/libssl.version.original" ]
    then
      cp pkg.sslmod/libssl.version pkg.sslmod/libssl.version.original
      sed 's/.8.31-1.3.41/.8.31-1.3.42/' <pkg.sslmod/libssl.version.original >pkg.sslmod/libssl.version
    else
      echo "Patch previously applied. Nothing to do."
    fi
  fi
fi

./configure --with-apache=../${APACHE}
cd ..


echo "Apartado 8: configurar apache."
cd ${APACHE}
SSL_BASE=../${OPENSSL} ./configure --prefix=/usr/local/apache --enable-module=ssl --enable-shared=ssl

echo "Apartado 9: compilar apache."
make

echo "Apartado 10: Crear el certificado."
#make certificate
wget http://labit501.upct.es/~fburrull/docencia/SeguridadEnRedes/certdata.txt
make certificate <certdata.txt

echo "Apartado 19: Paso final de la instalacion de Apache."
make install
echo "Para arrancar el servidor seguro, ejecutar:"
echo "/usr/local/apache/bin/apachectl startssl"
cd ..

echo "Apartado 24: Certificado de VeriSign"
echo "Utilizar la solicitud de certificado: conf/ssl.csr/server.csr"
echo $PWD/"conf/ssl.csr/server.csr"
#echo "https://www.verisign.com/products/srv/trial/intro.html"
#echo "https://ssl-certificate-center.verisign.com/process/retail/trial_product_selector"
#echo "http://www.verisign.com/support/verisign-intermediate-ca/Trial_Secure_Server_Root/index.html"
wget http://labit501.upct.es/~fburrull/docencia/SeguridadEnRedes/SecureSiteTrialRootCertificate.cer
wget http://labit501.upct.es/~fburrull/docencia/SeguridadEnRedes/verisign.crt
cp verisign.crt ${APACHE}/conf/ssl.crt/

echo "Installing verisign certificate ...."
  if [ ! -e "/usr/local/apache/conf/httpd.conf.original" ]
  then
    cp /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf.original
    sed 's/conf\/ssl.crt\/server.crt/conf\/ssl.crt\/verisign.crt/' </usr/local/apache/conf/httpd.conf.original >/usr/local/apache/conf/httpd.conf
    /usr/local/apache/bin/apachectl stop
    /usr/local/apache/bin/apachectl startssl
  else
    echo "Patch previously applied to Configure. Nothing to do."
  fi

wget http://labit501.upct.es/~fburrull/docencia/SeguridadEnRedes/firefox.txt
cat firefox.txt