| 1 | # Copyright 1999-2004 Gentoo Foundation |
1 | # Copyright 1999-2004 Gentoo Foundation |
| 2 | # Distributed under the terms of the GNU General Public License v2 |
2 | # Distributed under the terms of the GNU General Public License v2 |
| 3 | # $Header: /var/cvsroot/gentoo-x86/eclass/ssl-cert.eclass,v 1.12 2007/12/09 08:09:56 ulm Exp $ |
3 | # $Header: /var/cvsroot/gentoo-x86/eclass/ssl-cert.eclass,v 1.15 2008/04/14 06:27:45 ulm Exp $ |
| 4 | # |
4 | # |
| 5 | # Author: Max Kalika <max@gentoo.org> |
5 | # Author: Max Kalika <max@gentoo.org> |
| 6 | # |
6 | # |
| 7 | # This eclass implements standard installation procedure for installing |
7 | # This eclass implements standard installation procedure for installing |
| 8 | # self-signed SSL certificates. |
8 | # self-signed SSL certificates. |
| … | |
… | |
| 136 | eend $? |
136 | eend $? |
| 137 | |
137 | |
| 138 | return $? |
138 | return $? |
| 139 | } |
139 | } |
| 140 | |
140 | |
| 141 | # Uses all the private functions above to generate |
141 | # Removed due to bug 174759 |
| 142 | # and install the requested certificates |
|
|
| 143 | # Note: This function is deprecated, use install_cert instead |
|
|
| 144 | # |
|
|
| 145 | # Access: public |
|
|
| 146 | docert() { |
142 | docert() { |
| 147 | ewarn "Function \"docert\" is deprecated for security reasons." |
143 | eerror "Function \"docert\" has been removed for security reasons." |
| 148 | ewarn "\"install_cert\" should be used instead. See bug #174759." |
144 | eerror "\"install_cert\" should be used instead. See bug 174759." |
| 149 | |
145 | die |
| 150 | if [ $# -lt 1 ] ; then |
|
|
| 151 | eerror "At least one argument needed" |
|
|
| 152 | return 1; |
|
|
| 153 | fi |
|
|
| 154 | |
|
|
| 155 | # Initialize configuration |
|
|
| 156 | gen_cnf || return 1 |
|
|
| 157 | echo |
|
|
| 158 | |
|
|
| 159 | # Generate a CA environment |
|
|
| 160 | gen_key 1 || return 1 |
|
|
| 161 | gen_csr 1 || return 1 |
|
|
| 162 | gen_crt 1 || return 1 |
|
|
| 163 | echo |
|
|
| 164 | |
|
|
| 165 | local count=0 |
|
|
| 166 | for cert in "$@" ; do |
|
|
| 167 | # Sanitize and check the requested certificate |
|
|
| 168 | cert="`/usr/bin/basename "${cert}"`" |
|
|
| 169 | if [ -z "${cert}" ] ; then |
|
|
| 170 | ewarn "Invalid certification requested, skipping" |
|
|
| 171 | continue |
|
|
| 172 | fi |
|
|
| 173 | |
|
|
| 174 | # Check for previous existence of generated files |
|
|
| 175 | for type in key crt pem ; do |
|
|
| 176 | if [ -e "${D}${INSDESTTREE}/${cert}.${type}" ] ; then |
|
|
| 177 | ewarn "${D}${INSDESTTREE}/${cert}.${type}: exists, skipping" |
|
|
| 178 | continue 2 |
|
|
| 179 | fi |
|
|
| 180 | done |
|
|
| 181 | |
|
|
| 182 | # Generate the requested files |
|
|
| 183 | gen_key || continue |
|
|
| 184 | gen_csr || continue |
|
|
| 185 | gen_crt || continue |
|
|
| 186 | gen_pem || continue |
|
|
| 187 | echo |
|
|
| 188 | |
|
|
| 189 | # Install the generated files and set sane permissions |
|
|
| 190 | local base=`get_base` |
|
|
| 191 | newins "${base}.key" "${cert}.key" |
|
|
| 192 | fperms 0400 "${INSDESTTREE}/${cert}.key" |
|
|
| 193 | newins "${base}.csr" "${cert}.csr" |
|
|
| 194 | fperms 0444 "${INSDESTTREE}/${cert}.csr" |
|
|
| 195 | newins "${base}.crt" "${cert}.crt" |
|
|
| 196 | fperms 0444 "${INSDESTTREE}/${cert}.crt" |
|
|
| 197 | newins "${base}.pem" "${cert}.pem" |
|
|
| 198 | fperms 0400 "${INSDESTTREE}/${cert}.pem" |
|
|
| 199 | count=$((${count}+1)) |
|
|
| 200 | done |
|
|
| 201 | |
|
|
| 202 | # Resulting status |
|
|
| 203 | if [ ! ${count} ] ; then |
|
|
| 204 | eerror "No certificates were generated" |
|
|
| 205 | return 1 |
|
|
| 206 | elif [ ${count} != ${#} ] ; then |
|
|
| 207 | ewarn "Some requested certificates were not generated" |
|
|
| 208 | fi |
|
|
| 209 | } |
146 | } |
| 210 | |
147 | |
| 211 | # Uses all the private functions above to generate |
148 | # Uses all the private functions above to generate |
| 212 | # and install the requested certificates |
149 | # and install the requested certificates |
| 213 | # |
150 | # |
Parent Directory
| 
Revision Log
| 
Patch