ref: refs/heads/master
commit d911631162b51d8145bcf1c9d1c53eb69aa50332
Author: J. Daniel Schmidt
Date: Fri Nov 20 17:06:36 2009 +0100
create ssl certificate when starting webclient the first time (bnc#550395)
---
webclient/config/lighttpd.conf | 2 +-
webclient/package/yast2-webclient.spec | 7 +++----
webclient/package/yastwc | 12 ++++++++++++
3 files changed, 16 insertions(+), 5 deletions(-)
diff --git a/webclient/config/lighttpd.conf b/webclient/config/lighttpd.conf
index 388e11a..81e1f0f 100644
--- a/webclient/config/lighttpd.conf
+++ b/webclient/config/lighttpd.conf
@@ -20,7 +20,7 @@ server.bind = "0.0.0.0"
server.port = 54984
ssl.engine = "enable"
-ssl.pemfile = "/etc/lighttpd/certs/webyast.pem"
+ssl.pemfile = "/etc/lighttpd/certs/webyast-combined.pem"
##
## Run as a different username/groupname.
diff --git a/webclient/package/yast2-webclient.spec b/webclient/package/yast2-webclient.spec
index c386993..b09ef32 100644
--- a/webclient/package/yast2-webclient.spec
+++ b/webclient/package/yast2-webclient.spec
@@ -23,7 +23,7 @@ Summary: YaST2 - Webclient
Source: www.tar.bz2
Source1: cleanurl-v5.lua
Source2: yastwc
-Source3: webyast.pem
+Source3: check-create-certificate.pl
Source4: webyast-ui
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: ruby
@@ -81,7 +81,7 @@ mkdir -p $RPM_BUILD_ROOT/etc/lighttpd
install -m 0644 %SOURCE1 $RPM_BUILD_ROOT/etc/lighttpd
mkdir -p $RPM_BUILD_ROOT/etc/lighttpd/certs
-install -m 0400 %SOURCE3 $RPM_BUILD_ROOT/etc/lighttpd/certs
+install -m 0755 %SOURCE3 $RPM_BUILD_ROOT/usr/sbin
# firewall service definition, bnc#545627
mkdir -p $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services
@@ -140,8 +140,7 @@ chmod 600 db/*.sqlite* log/*
%config /etc/lighttpd/cleanurl-v5.lua
%config /etc/sysconfig/SuSEfirewall2.d/services/webyast-ui
%dir /etc/lighttpd/certs
-%attr(-,lighttpd,lighttpd) %config /etc/lighttpd/certs/webyast.pem
-/etc/lighttpd/certs/webyast.pem
+/usr/sbin/check-create-certificate.pl
%config(noreplace) %{_sysconfdir}/init.d/%{service_name}
%{_sbindir}/rc%{service_name}
diff --git a/webclient/package/yastwc b/webclient/package/yastwc
index d97c005..207e12b 100755
--- a/webclient/package/yastwc
+++ b/webclient/package/yastwc
@@ -128,6 +128,11 @@ test -r $LIGHTTPD_CONFIG || { echo "$LIGHTTPD_CONFIG not existing";
PID_FILE=/var/run/yastwc.pid
IGNORE_FILE=/var/run/yastws.pid
+
+CERTIFICATEFILE=/etc/lighttpd/certs/webyast.pem
+CERTKEYFILE=/etc/lighttpd/certs/webyast.key
+COMBINEDCERTFILE=/etc/lighttpd/certs/webyast-combined.pem
+
# Source LSB init functions
# providing start_daemon, killproc, pidofproc,
# log_success_msg, log_failure_msg and log_warning_msg.
@@ -171,6 +176,13 @@ rc_reset
case "$1" in
start)
+ if [ ! -e $COMBINEDCERTFILE ]
+ then
+ echo "No certificate found. Creating one now."
+ /usr/sbin/check-create-certificate.pl -c -C $CERTIFICATEFILE -K $CERTKEYFILE -B $COMBINEDCERTFILE >/dev/null 2>&1
+ chown lighttpd:lighttpd $CERTIFICATEFILE $CERTKEYFILE $COMBINEDCERTFILE
+ fi
+
echo -n "Starting yastwc "
startproc -p $PID_FILE -i $IGNORE_FILE $LIGHTTPD_BIN -f $LIGHTTPD_CONFIG
--
To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org
For additional commands, e-mail: yast-commit+help@opensuse.org