[yast-commit] <web-client> backgroud_patches_bnc550934 : create ssl certificate when starting webclient the first time (bnc#550395)
ref: refs/heads/backgroud_patches_bnc550934 commit d911631162b51d8145bcf1c9d1c53eb69aa50332 Author: J. Daniel Schmidt <jdsn@suse.de> Date: Fri Nov 20 17:06:36 2009 +0100 create ssl certificate when starting webclient the first time (bnc#550395) --- webclient/config/lighttpd.conf | 2 +- webclient/package/yast2-webclient.spec | 7 +++---- webclient/package/yastwc | 12 ++++++++++++ 3 files changed, 16 insertions(+), 5 deletions(-) diff --git a/webclient/config/lighttpd.conf b/webclient/config/lighttpd.conf index 388e11a..81e1f0f 100644 --- a/webclient/config/lighttpd.conf +++ b/webclient/config/lighttpd.conf @@ -20,7 +20,7 @@ server.bind = "0.0.0.0" server.port = 54984 ssl.engine = "enable" -ssl.pemfile = "/etc/lighttpd/certs/webyast.pem" +ssl.pemfile = "/etc/lighttpd/certs/webyast-combined.pem" ## ## Run as a different username/groupname. diff --git a/webclient/package/yast2-webclient.spec b/webclient/package/yast2-webclient.spec index c386993..b09ef32 100644 --- a/webclient/package/yast2-webclient.spec +++ b/webclient/package/yast2-webclient.spec @@ -23,7 +23,7 @@ Summary: YaST2 - Webclient Source: www.tar.bz2 Source1: cleanurl-v5.lua Source2: yastwc -Source3: webyast.pem +Source3: check-create-certificate.pl Source4: webyast-ui BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: ruby @@ -81,7 +81,7 @@ mkdir -p $RPM_BUILD_ROOT/etc/lighttpd install -m 0644 %SOURCE1 $RPM_BUILD_ROOT/etc/lighttpd mkdir -p $RPM_BUILD_ROOT/etc/lighttpd/certs -install -m 0400 %SOURCE3 $RPM_BUILD_ROOT/etc/lighttpd/certs +install -m 0755 %SOURCE3 $RPM_BUILD_ROOT/usr/sbin # firewall service definition, bnc#545627 mkdir -p $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services @@ -140,8 +140,7 @@ chmod 600 db/*.sqlite* log/* %config /etc/lighttpd/cleanurl-v5.lua %config /etc/sysconfig/SuSEfirewall2.d/services/webyast-ui %dir /etc/lighttpd/certs -%attr(-,lighttpd,lighttpd) %config /etc/lighttpd/certs/webyast.pem -/etc/lighttpd/certs/webyast.pem +/usr/sbin/check-create-certificate.pl %config(noreplace) %{_sysconfdir}/init.d/%{service_name} %{_sbindir}/rc%{service_name} diff --git a/webclient/package/yastwc b/webclient/package/yastwc index d97c005..207e12b 100755 --- a/webclient/package/yastwc +++ b/webclient/package/yastwc @@ -128,6 +128,11 @@ test -r $LIGHTTPD_CONFIG || { echo "$LIGHTTPD_CONFIG not existing"; PID_FILE=/var/run/yastwc.pid IGNORE_FILE=/var/run/yastws.pid + +CERTIFICATEFILE=/etc/lighttpd/certs/webyast.pem +CERTKEYFILE=/etc/lighttpd/certs/webyast.key +COMBINEDCERTFILE=/etc/lighttpd/certs/webyast-combined.pem + # Source LSB init functions # providing start_daemon, killproc, pidofproc, # log_success_msg, log_failure_msg and log_warning_msg. @@ -171,6 +176,13 @@ rc_reset case "$1" in start) + if [ ! -e $COMBINEDCERTFILE ] + then + echo "No certificate found. Creating one now." + /usr/sbin/check-create-certificate.pl -c -C $CERTIFICATEFILE -K $CERTKEYFILE -B $COMBINEDCERTFILE >/dev/null 2>&1 + chown lighttpd:lighttpd $CERTIFICATEFILE $CERTKEYFILE $COMBINEDCERTFILE + fi + echo -n "Starting yastwc " startproc -p $PID_FILE -i $IGNORE_FILE $LIGHTTPD_BIN -f $LIGHTTPD_CONFIG -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org
participants (1)
-
J.Daniel Schmidt