| 1 | # Copyright 1999-2004 Gentoo Foundation |
1 | # Copyright 1999-2004 Gentoo Foundation |
| 2 | # Distributed under the terms of the GNU General Public License v2 |
2 | # Distributed under the terms of the GNU General Public License v2 |
| 3 | # $Header: /var/cvsroot/gentoo-x86/eclass/ssl-cert.eclass,v 1.16 2008/04/14 06:37:44 ulm Exp $ |
3 | # $Header: /var/cvsroot/gentoo-x86/eclass/ssl-cert.eclass,v 1.18 2010/02/16 14:23:39 pva Exp $ |
| 4 | # |
4 | # |
| 5 | # @ECLASS: ssl-cert.eclass |
5 | # @ECLASS: ssl-cert.eclass |
| 6 | # @MAINTAINER: |
6 | # @MAINTAINER: |
| 7 | # Author: Max Kalika <max@gentoo.org> |
7 | # Author: Max Kalika <max@gentoo.org> |
| 8 | # @BLURB: Eclass for SSL certificates |
8 | # @BLURB: Eclass for SSL certificates |
| … | |
… | |
| 46 | |
46 | |
| 47 | # Create the CA serial file |
47 | # Create the CA serial file |
| 48 | echo "01" > "${SSL_SERIAL}" |
48 | echo "01" > "${SSL_SERIAL}" |
| 49 | |
49 | |
| 50 | # Create the config file |
50 | # Create the config file |
| 51 | ebegin "Generating OpenSSL configuration" |
51 | ebegin "Generating OpenSSL configuration${1:+ for CA}" |
| 52 | cat <<-EOF > "${SSL_CONF}" |
52 | cat <<-EOF > "${SSL_CONF}" |
| 53 | [ req ] |
53 | [ req ] |
| 54 | prompt = no |
54 | prompt = no |
| 55 | default_bits = ${SSL_BITS} |
55 | default_bits = ${SSL_BITS} |
| 56 | distinguished_name = req_dn |
56 | distinguished_name = req_dn |
| … | |
… | |
| 58 | C = ${SSL_COUNTRY} |
58 | C = ${SSL_COUNTRY} |
| 59 | ST = ${SSL_STATE} |
59 | ST = ${SSL_STATE} |
| 60 | L = ${SSL_LOCALITY} |
60 | L = ${SSL_LOCALITY} |
| 61 | O = ${SSL_ORGANIZATION} |
61 | O = ${SSL_ORGANIZATION} |
| 62 | OU = ${SSL_UNIT} |
62 | OU = ${SSL_UNIT} |
| 63 | CN = ${SSL_COMMONNAME} |
63 | CN = ${SSL_COMMONNAME}${1:+ CA} |
| 64 | emailAddress = ${SSL_EMAIL} |
64 | emailAddress = ${SSL_EMAIL} |
| 65 | EOF |
65 | EOF |
| 66 | eend $? |
66 | eend $? |
| 67 | |
67 | |
| 68 | return $? |
68 | return $? |
| … | |
… | |
| 189 | unpack|compile|test|install) |
189 | unpack|compile|test|install) |
| 190 | eerror "install_cert cannot be called in ${EBUILD_PHASE}" |
190 | eerror "install_cert cannot be called in ${EBUILD_PHASE}" |
| 191 | return 1 ;; |
191 | return 1 ;; |
| 192 | esac |
192 | esac |
| 193 | |
193 | |
| 194 | # Initialize configuration |
194 | # Generate a CA environment #164601 |
| 195 | gen_cnf || return 1 |
195 | gen_cnf 1 || return 1 |
| 196 | echo |
|
|
| 197 | |
|
|
| 198 | # Generate a CA environment |
|
|
| 199 | gen_key 1 || return 1 |
196 | gen_key 1 || return 1 |
| 200 | gen_csr 1 || return 1 |
197 | gen_csr 1 || return 1 |
| 201 | gen_crt 1 || return 1 |
198 | gen_crt 1 || return 1 |
|
|
199 | echo |
|
|
200 | |
|
|
201 | gen_cnf || return 1 |
| 202 | echo |
202 | echo |
| 203 | |
203 | |
| 204 | local count=0 |
204 | local count=0 |
| 205 | for cert in "$@" ; do |
205 | for cert in "$@" ; do |
| 206 | # Check the requested certificate |
206 | # Check the requested certificate |
| … | |
… | |
| 233 | install -m0400 "${base}.pem" "${ROOT}${cert}.pem" |
233 | install -m0400 "${base}.pem" "${ROOT}${cert}.pem" |
| 234 | count=$((${count}+1)) |
234 | count=$((${count}+1)) |
| 235 | done |
235 | done |
| 236 | |
236 | |
| 237 | # Resulting status |
237 | # Resulting status |
| 238 | if [ ! ${count} ] ; then |
238 | if [ ${count} = 0 ] ; then |
| 239 | eerror "No certificates were generated" |
239 | eerror "No certificates were generated" |
| 240 | return 1 |
240 | return 1 |
| 241 | elif [ ${count} != ${#} ] ; then |
241 | elif [ ${count} != ${#} ] ; then |
| 242 | ewarn "Some requested certificates were not generated" |
242 | ewarn "Some requested certificates were not generated" |
| 243 | fi |
243 | fi |
Parent Directory
| 
Revision Log
| 
Patch