[csw-devel] SF.net SVN: gar:[19415] csw/mgar/pkg/cswclassutils/trunk

bdwalton at users.sourceforge.net bdwalton at users.sourceforge.net
Thu Oct 11 00:04:57 CEST 2012


Revision: 19415
          http://gar.svn.sourceforge.net/gar/?rev=19415&view=rev
Author:   bdwalton
Date:     2012-10-10 22:04:57 +0000 (Wed, 10 Oct 2012)
Log Message:
-----------
cswclassutils/trunk: add the first cut at cas_sslcert; add the default cas-ssl.conf file

Modified Paths:
--------------
    csw/mgar/pkg/cswclassutils/trunk/Makefile

Added Paths:
-----------
    csw/mgar/pkg/cswclassutils/trunk/files/CSWcswclassutils.i.cswsslcert
    csw/mgar/pkg/cswclassutils/trunk/files/CSWcswclassutils.r.cswsslcert
    csw/mgar/pkg/cswclassutils/trunk/files/cas-ssl.conf

Modified: csw/mgar/pkg/cswclassutils/trunk/Makefile
===================================================================
--- csw/mgar/pkg/cswclassutils/trunk/Makefile	2012-10-10 13:52:35 UTC (rev 19414)
+++ csw/mgar/pkg/cswclassutils/trunk/Makefile	2012-10-10 22:04:57 UTC (rev 19415)
@@ -59,7 +59,7 @@
 DESCRIPTION = CSW class action utilities
 
 MASTER_SITES =
-DISTFILES = COPYING CSWcas-initsmf.cswreleasenotes
+DISTFILES = COPYING CSWcas-initsmf.cswreleasenotes cas-ssl.conf
 
 ARCHALL = 1
 
@@ -90,6 +90,8 @@
 PROTOTYPE_USER_cas = bin
 PROTOTYPE_GROUP_cas = sys
 
+PRESERVECONF = /etc/opt/csw/cas-ssl.conf
+
 # set a unique description for each CAS
 $(foreach C,$(CSWCLASSES),$(call spkg_desc,$(C)))
 SPKG_DESC_CSWcswclassutils = $(DESCRIPTION)
@@ -119,6 +121,8 @@
 PKGFILES_CSWcas-inetd_SHARED += /var/opt/csw/cswclassutils
 PKGFILES_CSWcas-pycompile_SHARED += /var/opt/csw/cswclassutils
 
+PKGFILES_CSWcas-sslcert += /etc/opt/csw/cas-ssl.conf.CSW
+
 CHECKPKG_OVERRIDES_CSWcas-initsmf += init-file-missing-cswinitsmf-class
 CHECKPKG_OVERRIDES_CSWcas-initsmf += init-file-wrong-location
 CHECKPKG_OVERRIDES_CSWcas-initsmf += init-file-wrong-location|/opt/csw/etc/init.d/csw.smf.sample
@@ -142,4 +146,5 @@
 	@ginstall -m 0755 $(FILEDIR)/CSW$(NAME).csw.smf.sample $(DESTDIR)/opt/csw/etc/init.d/csw.smf.sample
 	@ginstall -m 0444 $(FILEDIR)/CSW$(NAME).README.CSW $(DESTDIR)$(docdir)/$(NAME)/README.CSW
 	@$(foreach CAS,$(CASLIST),ginstall -m 0555 $(FILEDIR)/CSW$(NAME).$(CAS) $(DESTDIR)/usr/sadm/install/scripts/$(CAS);)
+	@ginstall -m 0644 $(FILEDIR)/cas-ssl.conf $(DESTDIR)/etc/opt/csw/
 	@$(MAKECOOKIE)

Added: csw/mgar/pkg/cswclassutils/trunk/files/CSWcswclassutils.i.cswsslcert
===================================================================
--- csw/mgar/pkg/cswclassutils/trunk/files/CSWcswclassutils.i.cswsslcert	                        (rev 0)
+++ csw/mgar/pkg/cswclassutils/trunk/files/CSWcswclassutils.i.cswsslcert	2012-10-10 22:04:57 UTC (rev 19415)
@@ -0,0 +1,99 @@
+#!/bin/sh
+#
+# i.cswsslcert - Generate a self signed key/certificate or a key/csr
+#
+# $Id: CSWcswclassutils.i.cswsslcert 14492 2011-05-02 19:49:44Z bdwalton $
+#
+# Written by Ben Walton
+#
+# 2012-10-10 Initial creation
+#
+# Documentation: http://wiki.opencsw.org/cswclassutils-package
+#
+
+# Safety measure during coding, bail out on access of unset variables
+set -u
+
+# Functions
+
+debug_echo() {
+  [ -n "$DEBUG" ] && echo "DEBUG: $*" >&2
+}
+
+# Set DEBUG to anything via environment to display debugging messages
+DEBUG=${DEBUG:-}
+
+# Avoid unset errors for variables which are usually unset during CLI tests
+PKGINST=${PKGINST:-}
+PKG_INSTALL_ROOT=${PKG_INSTALL_ROOT:-/}
+
+if [ -f $PKG_INSTALL_ROOT/opt/csw/etc/csw.conf ] ; then
+  . $PKG_INSTALL_ROOT/opt/csw/etc/csw.conf
+fi
+if [ -f $PKG_INSTALL_ROOT/etc/opt/csw/csw.conf ] ; then
+  . $PKG_INSTALL_ROOT/etc/opt/csw/csw.conf
+fi
+
+CAS_SSL_CONFIG=$PKG_INSTALL_ROOT/etc/opt/csw/cas-ssl.conf
+CAS_SSL_CONFIG=$PKG_INSTALL_ROOT/$PWD/cas-ssl.conf
+
+if [ -f "$CAS_SSL_CONFIG" ]; then
+    debug_echo "Sourcing $CAS_SSL_CONFIG"
+   . "$CAS_SSL_CONFIG"
+fi
+
+# hopefully the cas-ssl.conf file exists and has usable data but cover
+# the case where it doesn't exist or forgets to set some value.
+
+DN=`domainname`
+if [ -z "$DN" ]; then
+    DN=theshire.net
+fi
+
+SSL_COUNTRY=${SSL_COUNTRY:-TS}
+SSL_STATE=${SSL_STATE:-Westfarthing}
+SSL_CITY=${SSL_CITY:-Hobbiton}
+SSL_ORG=${SSL_ORG:-"Thorin and Company"}
+SSL_OU=${SSL_OU:-Burglars}
+if [ -z "${SSL_HOST:-}" ]; then
+    SSL_HOST="`hostname`.$DN"
+fi
+if [ -z "${SSL_EMAIL:-}" ]; then
+    SSL_EMAIL="bilbo@$DN"
+fi
+
+debug_echo "PACKAGE: $PKGINST"
+
+# Copy files
+echo "Installing class <cswsslcert> ..."
+
+while read src dest; do
+  debug_echo "SRC: $src DEST: $dest"
+
+  /usr/bin/cp $src $dest || exit 2
+
+  if [ -n "${cas_ssl_csr:-}" ]; then
+      args="req -out $dest.csr -new -newkey rsa:${cas_ssl_bits:-2048} -nodes -keyout $dest.key"
+  else
+      args="req -new -newkey rsa:${cas_ssl_bits:-2048} -days ${cas_ssl_days:-365} -nodes -x509 -keyout $dest.key -out $dest.crt"
+  fi
+
+
+  cat <<EOF | /usr/sbin/chroot ${PKG_INSTALL_ROOT} /opt/csw/bin/openssl $args >/dev/null 2>&1
+${SSL_COUNTRY}
+${SSL_STATE}
+${SSL_CITY}
+${SSL_ORG}
+${SSL_OU}
+${SSL_HOST}
+${SSL_EMAIL}
+EOF
+
+  # we could bail here on $? != 0 but in the event there are multiple files we
+  # should at least attempt to generate them all.
+  if [ $? -ne 0 ]; then
+      echo "ERROR: There was a problem generating $dest.key/$dest.crt"
+  fi
+done
+
+exit 0


Property changes on: csw/mgar/pkg/cswclassutils/trunk/files/CSWcswclassutils.i.cswsslcert
___________________________________________________________________
Added: svn:executable
   + *

Added: csw/mgar/pkg/cswclassutils/trunk/files/CSWcswclassutils.r.cswsslcert
===================================================================
--- csw/mgar/pkg/cswclassutils/trunk/files/CSWcswclassutils.r.cswsslcert	                        (rev 0)
+++ csw/mgar/pkg/cswclassutils/trunk/files/CSWcswclassutils.r.cswsslcert	2012-10-10 22:04:57 UTC (rev 19415)
@@ -0,0 +1,41 @@
+#!/bin/sh
+#
+# r.cswsslcert - The dummy half of i.cswsslcert - no real action taken
+#
+# $Id: CSWcswclassutils.r.cswsslcert 14492 2011-05-02 19:49:44Z bdwalton $
+#
+# Written by Ben Walton
+#
+# 2012-10-10 Initial creation
+#
+# Documentation: http://wiki.opencsw.org/cswclassutils-package
+#
+
+# Safety measure during coding, bail out on access of unset variables
+set -u
+
+# Functions
+
+debug_echo() {
+  [ -n "$DEBUG" ] && echo "DEBUG: $*" >&2
+}
+
+# Set DEBUG to anything via environment to display debugging messages
+DEBUG=${DEBUG:-}
+
+# Avoid unset errors for variables which are usually unset during CLI tests
+PKGINST=${PKGINST:-}
+PKG_INSTALL_ROOT=${PKG_INSTALL_ROOT:-/}
+
+
+
+# Copy files
+echo "Removing class <cswsslcert> ..."
+
+while read dest; do
+  debug_echo "DEST: $dest"
+
+  /usr/bin/rm $dest || exit 2
+done
+
+exit 0


Property changes on: csw/mgar/pkg/cswclassutils/trunk/files/CSWcswclassutils.r.cswsslcert
___________________________________________________________________
Added: svn:executable
   + *

Added: csw/mgar/pkg/cswclassutils/trunk/files/cas-ssl.conf
===================================================================
--- csw/mgar/pkg/cswclassutils/trunk/files/cas-ssl.conf	                        (rev 0)
+++ csw/mgar/pkg/cswclassutils/trunk/files/cas-ssl.conf	2012-10-10 22:04:57 UTC (rev 19415)
@@ -0,0 +1,23 @@
+# NOTE: This file is sourced by /bin/sh while running i.cswsslcert
+# 	from the cas_sslcert package
+#
+# * Any valid (/bin/sh) shell commands may be used to set the variables.
+# * Unset values will have defaults provided.
+# * Invalid syntax will cause the class action script to abort.
+# * Any values that OpenSSL rejects will also cause the script to abort.
+#
+# Changes to this file will be preserved across package updates.
+# Please see /etc/opt/csw/cas-ssl.conf.CSW for current defaults
+
+DN=`domainname`
+if [ -z "$DN" ]; then
+   DN=theshire.net
+fi
+
+SSL_COUNTRY=TS
+SSL_STATE=Westfarthing
+SSL_CITY=Hobbiton
+SSL_ORG="Thorin and Company"
+SSL_OU=Burglars
+SSL_HOST="`hostname`.$DN"
+SSL_EMAIL="bilbo@$DN"

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



More information about the devel mailing list