/[gentoo-x86]/eclass/ssl-cert.eclass
Gentoo

Diff of /eclass/ssl-cert.eclass

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.8 Revision 1.10
1# Copyright 1999-2004 Gentoo Foundation 1# Copyright 1999-2004 Gentoo Foundation
2# Distributed under the terms of the GNU General Public License v2 2# Distributed under the terms of the GNU General Public License v2
3# $Header: /var/cvsroot/gentoo-x86/eclass/ssl-cert.eclass,v 1.8 2005/07/06 21:01:21 agriffis Exp $ 3# $Header: /var/cvsroot/gentoo-x86/eclass/ssl-cert.eclass,v 1.10 2007/12/07 22:41:04 ulm Exp $
4# 4#
5# Author: Max Kalika <max@gentoo.org> 5# Author: Max Kalika <max@gentoo.org>
6# 6#
7# This eclass implements standard installation procedure for installing 7# This eclass implements standard installation procedure for installing
8# self-signed SSL certificates. 8# self-signed SSL certificates.
10# Conditionally depend on OpenSSL: allows inheretence 10# Conditionally depend on OpenSSL: allows inheretence
11# without pulling extra packages if not needed 11# without pulling extra packages if not needed
12DEPEND="ssl? ( dev-libs/openssl )" 12DEPEND="ssl? ( dev-libs/openssl )"
13IUSE="ssl" 13IUSE="ssl"
14 14
15# Initializes variables and generates the needed 15# Initializes variables and generates the needed
16# OpenSSL configuration file and a CA serial file 16# OpenSSL configuration file and a CA serial file
17# 17#
18# Access: private 18# Access: private
19gen_cnf() { 19gen_cnf() {
20 # Location of the config file 20 # Location of the config file
54 OU = ${SSL_UNIT} 54 OU = ${SSL_UNIT}
55 CN = ${SSL_COMMONNAME} 55 CN = ${SSL_COMMONNAME}
56 emailAddress = ${SSL_EMAIL} 56 emailAddress = ${SSL_EMAIL}
57 EOF 57 EOF
58 eend $? 58 eend $?
59 59
60 return $? 60 return $?
61} 61}
62 62
63# Simple function to determine whether we're creating 63# Simple function to determine whether we're creating
64# a CA (which should only be done once) or final part 64# a CA (which should only be done once) or final part
138 return $? 138 return $?
139} 139}
140 140
141# Uses all the private functions above to generate 141# Uses all the private functions above to generate
142# and install the requested certificates 142# and install the requested certificates
143# Note: This function is deprecated, use install_cert instead
143# 144#
144# Access: public 145# Access: public
145docert() { 146docert() {
146 if [ $# -lt 1 ] ; then 147 if [ $# -lt 1 ] ; then
147 eerror "At least one argument needed" 148 eerror "At least one argument needed"
201 return 1 202 return 1
202 elif [ ${count} != ${#} ] ; then 203 elif [ ${count} != ${#} ] ; then
203 ewarn "Some requested certificates were not generated" 204 ewarn "Some requested certificates were not generated"
204 fi 205 fi
205} 206}
207
208# Uses all the private functions above to generate
209# and install the requested certificates
210#
211# Access: public
212install_cert() {
213 if [ $# -lt 1 ] ; then
214 eerror "At least one argument needed"
215 return 1;
216 fi
217
218 case ${EBUILD_PHASE} in
219 unpack|compile|test|install)
220 eerror "install_cert cannot be called in ${EBUILD_PHASE}"
221 return 1 ;;
222 esac
223
224 # Initialize configuration
225 gen_cnf || return 1
226 echo
227
228 # Generate a CA environment
229 gen_key 1 || return 1
230 gen_csr 1 || return 1
231 gen_crt 1 || return 1
232 echo
233
234 local count=0
235 for cert in "$@" ; do
236 # Check the requested certificate
237 if [ -z "${cert##*/}" ] ; then
238 ewarn "Invalid certification requested, skipping"
239 continue
240 fi
241
242 # Check for previous existence of generated files
243 for type in key csr crt pem ; do
244 if [ -e "${ROOT}${cert}.${type}" ] ; then
245 ewarn "${ROOT}${cert}.${type}: exists, skipping"
246 continue 2
247 fi
248 done
249
250 # Generate the requested files
251 gen_key || continue
252 gen_csr || continue
253 gen_crt || continue
254 gen_pem || continue
255 echo
256
257 # Install the generated files and set sane permissions
258 local base=$(get_base)
259 install -d "${ROOT}${cert%/*}"
260 install -m0400 "${base}.key" "${ROOT}${cert}.key"
261 install -m0444 "${base}.csr" "${ROOT}${cert}.csr"
262 install -m0444 "${base}.crt" "${ROOT}${cert}.crt"
263 install -m0400 "${base}.pem" "${ROOT}${cert}.pem"
264 count=$((${count}+1))
265 done
266
267 # Resulting status
268 if [ ! ${count} ] ; then
269 eerror "No certificates were generated"
270 return 1
271 elif [ ${count} != ${#} ] ; then
272 ewarn "Some requested certificates were not generated"
273 fi
274}

Legend:
Removed from v.1.8  
changed lines
  Added in v.1.10

  ViewVC Help
Powered by ViewVC 1.1.20