/[gentoo-x86]/eclass/ssl-cert.eclass
Gentoo

Diff of /eclass/ssl-cert.eclass

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.13 Revision 1.16
1# Copyright 1999-2004 Gentoo Foundation 1# Copyright 1999-2004 Gentoo Foundation
2# Distributed under the terms of the GNU General Public License v2 2# Distributed under the terms of the GNU General Public License v2
3# $Header: /var/cvsroot/gentoo-x86/eclass/ssl-cert.eclass,v 1.13 2007/12/28 17:48:34 ulm Exp $ 3# $Header: /var/cvsroot/gentoo-x86/eclass/ssl-cert.eclass,v 1.16 2008/04/14 06:37:44 ulm Exp $
4# 4#
5# @ECLASS: ssl-cert.eclass 5# @ECLASS: ssl-cert.eclass
6# @MAINTAINER: 6# @MAINTAINER:
7# Author: Max Kalika <max@gentoo.org> 7# Author: Max Kalika <max@gentoo.org>
8# @BLURB: Eclass for SSL certificates 8# @BLURB: Eclass for SSL certificates
9# @DESCRIPTION: 9# @DESCRIPTION:
10# This eclass implements standard installation procedure for installing 10# This eclass implements a standard installation procedure for installing
11# self-signed SSL certificates. 11# self-signed SSL certificates.
12# @EXAMPLE: 12# @EXAMPLE:
13# "install_cert /foo/bar" installs ${ROOT}/foo/bar.{key,csr,crt,pem} 13# "install_cert /foo/bar" installs ${ROOT}/foo/bar.{key,csr,crt,pem}
14 14
15# Conditionally depend on OpenSSL: allows inheretence 15# Conditionally depend on OpenSSL: allows inheretence
160 eend $? 160 eend $?
161 161
162 return $? 162 return $?
163} 163}
164 164
165# Uses all the private functions above to generate 165# Removed due to bug 174759
166# and install the requested certificates
167# Note: This function is deprecated, use install_cert instead
168#
169# Access: public
170docert() { 166docert() {
171 ewarn "Function \"docert\" is deprecated for security reasons." 167 eerror "Function \"docert\" has been removed for security reasons."
172 ewarn "\"install_cert\" should be used instead. See bug #174759." 168 eerror "\"install_cert\" should be used instead. See bug 174759."
173 169 die
174 if [ $# -lt 1 ] ; then
175 eerror "At least one argument needed"
176 return 1;
177 fi
178
179 # Initialize configuration
180 gen_cnf || return 1
181 echo
182
183 # Generate a CA environment
184 gen_key 1 || return 1
185 gen_csr 1 || return 1
186 gen_crt 1 || return 1
187 echo
188
189 local count=0
190 for cert in "$@" ; do
191 # Sanitize and check the requested certificate
192 cert="`/usr/bin/basename "${cert}"`"
193 if [ -z "${cert}" ] ; then
194 ewarn "Invalid certification requested, skipping"
195 continue
196 fi
197
198 # Check for previous existence of generated files
199 for type in key crt pem ; do
200 if [ -e "${D}${INSDESTTREE}/${cert}.${type}" ] ; then
201 ewarn "${D}${INSDESTTREE}/${cert}.${type}: exists, skipping"
202 continue 2
203 fi
204 done
205
206 # Generate the requested files
207 gen_key || continue
208 gen_csr || continue
209 gen_crt || continue
210 gen_pem || continue
211 echo
212
213 # Install the generated files and set sane permissions
214 local base=`get_base`
215 newins "${base}.key" "${cert}.key"
216 fperms 0400 "${INSDESTTREE}/${cert}.key"
217 newins "${base}.csr" "${cert}.csr"
218 fperms 0444 "${INSDESTTREE}/${cert}.csr"
219 newins "${base}.crt" "${cert}.crt"
220 fperms 0444 "${INSDESTTREE}/${cert}.crt"
221 newins "${base}.pem" "${cert}.pem"
222 fperms 0400 "${INSDESTTREE}/${cert}.pem"
223 count=$((${count}+1))
224 done
225
226 # Resulting status
227 if [ ! ${count} ] ; then
228 eerror "No certificates were generated"
229 return 1
230 elif [ ${count} != ${#} ] ; then
231 ewarn "Some requested certificates were not generated"
232 fi
233} 170}
234 171
235# @FUNCTION: install_cert 172# @FUNCTION: install_cert
236# @USAGE: <certificates> 173# @USAGE: <certificates>
237# @DESCRIPTION: 174# @DESCRIPTION:

Legend:
Removed from v.1.13  
changed lines
  Added in v.1.16

  ViewVC Help
Powered by ViewVC 1.1.20