/[gentoo-x86]/eclass/ssl-cert.eclass
Gentoo

Diff of /eclass/ssl-cert.eclass

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.12 Revision 1.15
1# Copyright 1999-2004 Gentoo Foundation 1# Copyright 1999-2004 Gentoo Foundation
2# Distributed under the terms of the GNU General Public License v2 2# Distributed under the terms of the GNU General Public License v2
3# $Header: /var/cvsroot/gentoo-x86/eclass/ssl-cert.eclass,v 1.12 2007/12/09 08:09:56 ulm Exp $ 3# $Header: /var/cvsroot/gentoo-x86/eclass/ssl-cert.eclass,v 1.15 2008/04/14 06:27:45 ulm Exp $
4# 4#
5# Author: Max Kalika <max@gentoo.org> 5# Author: Max Kalika <max@gentoo.org>
6# 6#
7# This eclass implements standard installation procedure for installing 7# This eclass implements standard installation procedure for installing
8# self-signed SSL certificates. 8# self-signed SSL certificates.
136 eend $? 136 eend $?
137 137
138 return $? 138 return $?
139} 139}
140 140
141# Uses all the private functions above to generate 141# Removed due to bug 174759
142# and install the requested certificates
143# Note: This function is deprecated, use install_cert instead
144#
145# Access: public
146docert() { 142docert() {
147 ewarn "Function \"docert\" is deprecated for security reasons." 143 eerror "Function \"docert\" has been removed for security reasons."
148 ewarn "\"install_cert\" should be used instead. See bug #174759." 144 eerror "\"install_cert\" should be used instead. See bug 174759."
149 145 die
150 if [ $# -lt 1 ] ; then
151 eerror "At least one argument needed"
152 return 1;
153 fi
154
155 # Initialize configuration
156 gen_cnf || return 1
157 echo
158
159 # Generate a CA environment
160 gen_key 1 || return 1
161 gen_csr 1 || return 1
162 gen_crt 1 || return 1
163 echo
164
165 local count=0
166 for cert in "$@" ; do
167 # Sanitize and check the requested certificate
168 cert="`/usr/bin/basename "${cert}"`"
169 if [ -z "${cert}" ] ; then
170 ewarn "Invalid certification requested, skipping"
171 continue
172 fi
173
174 # Check for previous existence of generated files
175 for type in key crt pem ; do
176 if [ -e "${D}${INSDESTTREE}/${cert}.${type}" ] ; then
177 ewarn "${D}${INSDESTTREE}/${cert}.${type}: exists, skipping"
178 continue 2
179 fi
180 done
181
182 # Generate the requested files
183 gen_key || continue
184 gen_csr || continue
185 gen_crt || continue
186 gen_pem || continue
187 echo
188
189 # Install the generated files and set sane permissions
190 local base=`get_base`
191 newins "${base}.key" "${cert}.key"
192 fperms 0400 "${INSDESTTREE}/${cert}.key"
193 newins "${base}.csr" "${cert}.csr"
194 fperms 0444 "${INSDESTTREE}/${cert}.csr"
195 newins "${base}.crt" "${cert}.crt"
196 fperms 0444 "${INSDESTTREE}/${cert}.crt"
197 newins "${base}.pem" "${cert}.pem"
198 fperms 0400 "${INSDESTTREE}/${cert}.pem"
199 count=$((${count}+1))
200 done
201
202 # Resulting status
203 if [ ! ${count} ] ; then
204 eerror "No certificates were generated"
205 return 1
206 elif [ ${count} != ${#} ] ; then
207 ewarn "Some requested certificates were not generated"
208 fi
209} 146}
210 147
211# Uses all the private functions above to generate 148# Uses all the private functions above to generate
212# and install the requested certificates 149# and install the requested certificates
213# 150#

Legend:
Removed from v.1.12  
changed lines
  Added in v.1.15

  ViewVC Help
Powered by ViewVC 1.1.20