(CommandList children: [ (Assignment keyword: Assign_None pairs: [(assign_pair lhs:(LhsName name:DESTDIR) op:Equal rhs:{(/var/unbound)} spids:[110])] spids: [110] ) (Assignment keyword: Assign_None pairs: [(assign_pair lhs:(LhsName name:SERVERNAME) op:Equal rhs:{(unbound)} spids:[117])] spids: [117] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:CLIENTNAME) op: Equal rhs: {(unbound-control)} spids: [120] ) ] spids: [120] ) (Assignment keyword: Assign_None pairs: [(assign_pair lhs:(LhsName name:DAYS) op:Equal rhs:{(7200)} spids:[127])] spids: [127] ) (Assignment keyword: Assign_None pairs: [(assign_pair lhs:(LhsName name:BITS) op:Equal rhs:{(3072)} spids:[134])] spids: [134] ) (Assignment keyword: Assign_None pairs: [(assign_pair lhs:(LhsName name:HASH) op:Equal rhs:{(sha256)} spids:[141])] spids: [141] ) (Assignment keyword: Assign_None pairs: [(assign_pair lhs:(LhsName name:SVR_BASE) op:Equal rhs:{(unbound_server)} spids:[148])] spids: [148] ) (Assignment keyword: Assign_None pairs: [(assign_pair lhs:(LhsName name:CTL_BASE) op:Equal rhs:{(unbound_control)} spids:[155])] spids: [155] ) (C {(umask)} {(0027)}) (FuncDef name: error body: (BraceGroup children: [ (C {(echo)} {(DQ ($ VSub_Number '$0') (' fatal error: ') ($ VSub_Number '$1'))}) (ControlFlow token:<ControlFlow_Exit exit> arg_word:{(1)}) ] spids: [180] ) spids: [174 179] ) (While cond: [ (Sentence child: (C {(test)} {($ VSub_Pound '$#')} {(-ne)} {(0)}) terminator: <Op_Semi ';'> ) ] body: (DoGroup children: [ (Case to_match: {($ VSub_Number '$1')} arms: [ (case_arm pat_list: [{(-d)}] action: [ (If arms: [ (if_arm cond: [ (Sentence child: (C {(test)} {($ VSub_Pound '$#')} {(-eq)} {(1)}) terminator: <Op_Semi ';'> ) ] action: [ (Sentence child: (C {(error)} {(DQ ('need argument for -d'))}) terminator: <Op_Semi ';'> ) ] spids: [16777215 238] ) ] spids: [16777215 247] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:DESTDIR) op: Equal rhs: {(DQ ($ VSub_Number '$2'))} spids: [250] ) ] spids: [250] ) (C {(shift)}) ] spids: [223 224 259 16777215] ) (case_arm pat_list: [{(Lit_Other '*')}] action: [ (C {(echo)} {(DQ ('unbound-control-setup.sh - setup SSL keys for unbound-control'))}) (C {(echo)} {(DQ ('\t-d dir\tuse directory to store keys and certificates.'))}) (C {(echo)} {(DQ ('\t\tdefault: ') ($ VSub_Name '$DESTDIR'))}) (C {(echo)} {(DQ ('please run this command using the same user id that the '))}) (C {(echo)} {(DQ ('unbound daemon uses, it needs read privileges.'))}) (ControlFlow token:<ControlFlow_Exit exit> arg_word:{(1)}) ] spids: [262 263 307 16777215] ) ] spids: [216 220 310] ) (C {(shift)}) ] spids: [213 315] ) ) (C {(echo)} {(DQ ('setup in directory ') ($ VSub_Name '$DESTDIR'))}) (AndOr ops: [Op_DPipe] children: [ (C {(cd)} {(DQ ($ VSub_Name '$DESTDIR'))}) (C {(error)} {(DQ ('could not cd to ') ($ VSub_Name '$DESTDIR'))}) ] ) (If arms: [ (if_arm cond: [ (Sentence child: (C {(test)} {(-f)} {($ VSub_Name '$SVR_BASE') (.key)}) terminator: <Op_Semi ';'> ) ] action: [(C {(echo)} {(DQ ($ VSub_Name '$SVR_BASE') ('.key exists'))})] spids: [16777215 357] ) ] else_action: [ (C {(echo)} {(DQ ('generating ') ($ VSub_Name '$SVR_BASE') (.key))}) (AndOr ops: [Op_DPipe] children: [ (C {(openssl)} {(genrsa)} {(-out)} {($ VSub_Name '$SVR_BASE') (.key)} {($ VSub_Name '$BITS')}) (C {(error)} {(DQ ('could not genrsa'))}) ] ) ] spids: [367 398] ) (If arms: [ (if_arm cond: [ (Sentence child: (C {(test)} {(-f)} {($ VSub_Name '$CTL_BASE') (.key)}) terminator: <Op_Semi ';'> ) ] action: [(C {(echo)} {(DQ ($ VSub_Name '$CTL_BASE') ('.key exists'))})] spids: [16777215 410] ) ] else_action: [ (C {(echo)} {(DQ ('generating ') ($ VSub_Name '$CTL_BASE') (.key))}) (AndOr ops: [Op_DPipe] children: [ (C {(openssl)} {(genrsa)} {(-out)} {($ VSub_Name '$CTL_BASE') (.key)} {($ VSub_Name '$BITS')}) (C {(error)} {(DQ ('could not genrsa'))}) ] ) ] spids: [420 451] ) (SimpleCommand words: [{(echo)} {(DQ ('[req]'))}] redirects: [(Redir op_id:Redir_Great fd:16777215 arg_word:{(request.cfg)} spids:[463])] ) (SimpleCommand words: [{(echo)} {(DQ ('default_bits=') ($ VSub_Name '$BITS'))}] redirects: [(Redir op_id:Redir_DGreat fd:16777215 arg_word:{(request.cfg)} spids:[474])] ) (SimpleCommand words: [{(echo)} {(DQ ('default_md=') ($ VSub_Name '$HASH'))}] redirects: [(Redir op_id:Redir_DGreat fd:16777215 arg_word:{(request.cfg)} spids:[485])] ) (SimpleCommand words: [{(echo)} {(DQ ('prompt=no'))}] redirects: [(Redir op_id:Redir_DGreat fd:16777215 arg_word:{(request.cfg)} spids:[495])] ) (SimpleCommand words: [{(echo)} {(DQ ('distinguished_name=req_distinguished_name'))}] redirects: [(Redir op_id:Redir_DGreat fd:16777215 arg_word:{(request.cfg)} spids:[505])] ) (SimpleCommand words: [{(echo)} {(DQ )}] redirects: [(Redir op_id:Redir_DGreat fd:16777215 arg_word:{(request.cfg)} spids:[514])] ) (SimpleCommand words: [{(echo)} {(DQ ('[req_distinguished_name]'))}] redirects: [(Redir op_id:Redir_DGreat fd:16777215 arg_word:{(request.cfg)} spids:[524])] ) (SimpleCommand words: [{(echo)} {(DQ ('commonName=') ($ VSub_Name '$SERVERNAME'))}] redirects: [(Redir op_id:Redir_DGreat fd:16777215 arg_word:{(request.cfg)} spids:[535])] ) (AndOr ops: [Op_DPipe] children: [ (C {(test)} {(-f)} {(request.cfg)}) (C {(error)} {(DQ ('could not create request.cfg'))}) ] ) (C {(echo)} {(DQ ('create ') ($ VSub_Name '$SVR_BASE') ('.pem (self signed certificate)'))}) (AndOr ops: [Op_DPipe] children: [ (C {(openssl)} {(req)} {(-key)} {($ VSub_Name '$SVR_BASE') (.key)} {(-config)} {(request.cfg)} {(-new)} {(-x509)} {(-days)} {($ VSub_Name '$DAYS')} {(-out)} {($ VSub_Name '$SVR_BASE') (.pem)} ) (C {(error)} {(DQ ('could not create ') ($ VSub_Name '$SVR_BASE') (.pem))}) ] ) (C {(openssl)} {(x509)} {(-in)} {($ VSub_Name '$SVR_BASE') (.pem)} {(-addtrust)} {(serverAuth)} {(-out)} {($ VSub_Name '$SVR_BASE') (DQ (_trust.pem))} ) (SimpleCommand words: [{(echo)} {(DQ ('[req]'))}] redirects: [(Redir op_id:Redir_Great fd:16777215 arg_word:{(request.cfg)} spids:[632])] ) (SimpleCommand words: [{(echo)} {(DQ ('default_bits=') ($ VSub_Name '$BITS'))}] redirects: [(Redir op_id:Redir_DGreat fd:16777215 arg_word:{(request.cfg)} spids:[643])] ) (SimpleCommand words: [{(echo)} {(DQ ('default_md=') ($ VSub_Name '$HASH'))}] redirects: [(Redir op_id:Redir_DGreat fd:16777215 arg_word:{(request.cfg)} spids:[654])] ) (SimpleCommand words: [{(echo)} {(DQ ('prompt=no'))}] redirects: [(Redir op_id:Redir_DGreat fd:16777215 arg_word:{(request.cfg)} spids:[664])] ) (SimpleCommand words: [{(echo)} {(DQ ('distinguished_name=req_distinguished_name'))}] redirects: [(Redir op_id:Redir_DGreat fd:16777215 arg_word:{(request.cfg)} spids:[674])] ) (SimpleCommand words: [{(echo)} {(DQ )}] redirects: [(Redir op_id:Redir_DGreat fd:16777215 arg_word:{(request.cfg)} spids:[683])] ) (SimpleCommand words: [{(echo)} {(DQ ('[req_distinguished_name]'))}] redirects: [(Redir op_id:Redir_DGreat fd:16777215 arg_word:{(request.cfg)} spids:[693])] ) (SimpleCommand words: [{(echo)} {(DQ ('commonName=') ($ VSub_Name '$CLIENTNAME'))}] redirects: [(Redir op_id:Redir_DGreat fd:16777215 arg_word:{(request.cfg)} spids:[704])] ) (AndOr ops: [Op_DPipe] children: [ (C {(test)} {(-f)} {(request.cfg)}) (C {(error)} {(DQ ('could not create request.cfg'))}) ] ) (C {(echo)} {(DQ ('create ') ($ VSub_Name '$CTL_BASE') ('.pem (signed client certificate)'))}) (Pipeline children: [ (C {(openssl)} {(req)} {(-key)} {($ VSub_Name '$CTL_BASE') (.key)} {(-config)} {(request.cfg)} {(-new)} ) (C {(openssl)} {(x509)} {(-req)} {(-days)} {($ VSub_Name '$DAYS')} {(-CA)} {($ VSub_Name '$SVR_BASE') (DQ (_trust.pem))} {(-CAkey)} {($ VSub_Name '$SVR_BASE') (.key)} {(-CAcreateserial)} {(-) ($ VSub_Name '$HASH')} {(-out)} {($ VSub_Name '$CTL_BASE') (.pem)} ) ] negated: F ) (AndOr ops: [Op_DPipe] children: [ (C {(test)} {(-f)} {($ VSub_Name '$CTL_BASE') (.pem)}) (C {(error)} {(DQ ('could not create ') ($ VSub_Name '$CTL_BASE') (.pem))}) ] ) (C {(chmod)} {(o-rw)} {($ VSub_Name '$SVR_BASE') (.pem)} {($ VSub_Name '$SVR_BASE') (.key)} {($ VSub_Name '$CTL_BASE') (.pem)} {($ VSub_Name '$CTL_BASE') (.key)} ) (C {(rm)} {(-f)} {(request.cfg)}) (C {(rm)} {(-f)} {($ VSub_Name '$CTL_BASE') (DQ (_trust.pem))} {($ VSub_Name '$SVR_BASE') (DQ (_trust.pem))} {($ VSub_Name '$SVR_BASE') (DQ (_trust.srl))} ) (C {(echo)} {(DQ ('Setup success. Certificates created. Enable in unbound.conf file to use'))}) (ControlFlow token:<ControlFlow_Exit exit> arg_word:{(0)}) ] )