diff options
| author | Dave Brolley <brolley@redhat.com> | 2009-01-09 15:11:04 -0500 |
|---|---|---|
| committer | Dave Brolley <brolley@redhat.com> | 2009-01-09 15:11:04 -0500 |
| commit | 64aa100f39dca60999028f83feb31983728ea4d4 (patch) | |
| tree | 208d28f47e3fd612bd2345fb7c51e12090488f7d /stap-add-server-cert | |
| parent | be21f2dbd39ad4c508883dc4f69ae6d57d67d1fb (diff) | |
| download | systemtap-steved-64aa100f39dca60999028f83feb31983728ea4d4.tar.gz systemtap-steved-64aa100f39dca60999028f83feb31983728ea4d4.tar.xz systemtap-steved-64aa100f39dca60999028f83feb31983728ea4d4.zip | |
New framework for creating/using certificate databases for client/server.
Diffstat (limited to 'stap-add-server-cert')
| -rwxr-xr-x | stap-add-server-cert | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/stap-add-server-cert b/stap-add-server-cert index 6d788160..5f17f165 100755 --- a/stap-add-server-cert +++ b/stap-add-server-cert @@ -3,7 +3,7 @@ # Add an existing server certificate to the # database of trusted servers for the client. # -# Copyright (C) 2008 Red Hat Inc. +# Copyright (C) 2008, 2009 Red Hat Inc. # # This file is part of systemtap, and is free software. You can # redistribute it and/or modify it under the terms of the GNU General @@ -26,13 +26,23 @@ if test "X$2" = "X"; then exit 1 fi if ! test -d $2; then - echo "Cannot find certificate database directory $2" >&2 - exit 1 + if ! mkdir -p $2; then + echo "Unable to find or create the client certificate database directory: $2" >&2 + exit 1 + fi fi +# Add the certificate if ! certutil -A -n stap-server -d $2 -i $1 -t "P,P,P" > /dev/null; then echo "Unable to add $1 to the client certificate database $2" >&2 exit 1 fi +# Ensure that the database is readable by others +if ! chmod +r $2/*.db; then + echo "Unable to make the client certificate database $2 readable by others" >&2 + exit 1 +fi + + exit 0 |