diff options
| author | Dave Brolley <brolley@redhat.com> | 2009-04-28 11:43:05 -0400 |
|---|---|---|
| committer | Dave Brolley <brolley@redhat.com> | 2009-04-28 11:43:05 -0400 |
| commit | 35e8865695152377e91e387f1568229512ff0989 (patch) | |
| tree | f4a964c0e0452f5eb612b16aefb68e4ce32bda67 /stap-serverd | |
| parent | e84f20287ae21b31c3505dfd0a81176687ad1ec5 (diff) | |
| download | systemtap-steved-35e8865695152377e91e387f1568229512ff0989.tar.gz systemtap-steved-35e8865695152377e91e387f1568229512ff0989.tar.xz systemtap-steved-35e8865695152377e91e387f1568229512ff0989.zip | |
Keep the user's stap certificate in stap.cert (was stap-server.cert). Rename
the old cert file to the new name when it is encountered.
Diffstat (limited to 'stap-serverd')
| -rwxr-xr-x | stap-serverd | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/stap-serverd b/stap-serverd index 16869e89..b422deaa 100755 --- a/stap-serverd +++ b/stap-serverd @@ -37,20 +37,28 @@ function initialization { # Where is the ssl certificate/key database? ssl_db=$2 if test "X$ssl_db" = "X"; then + ssl_db=$stap_ssl_db/server + # Update the certificate file if it is old. + if test -f $ssl_db/$stap_old_certfile; then + if ! test -e $ssl_db/$stap_certfile; then + mv $ssl_db/$stap_old_certfile $ssl_db/$stap_certfile + else + rm -fr $ssl_db/$stap_old_certfile + fi + fi # If no certificate/key database has been specified, then find/create # a local one. - ssl_db=$stap_ssl_db/server - if ! test -f $ssl_db/stap-server.cert; then + if ! test -f $ssl_db/$stap_certfile; then ${stap_exec_prefix}stap-gen-cert $ssl_db || exit 1 # Now add the server's certificate to the client's database, # making it a trusted peer. Do this only if the client has been installed. if test -f `which ${stap_exec_prefix}stap-add-server-cert` -a -x `which ${stap_exec_prefix}stap-add-server-cert`; then - ${stap_exec_prefix}stap-authorize-server-cert $ssl_db/stap-server.cert + ${stap_exec_prefix}stap-authorize-server-cert $ssl_db/$stap_certfile fi elif ! test -f $stap_ssl_db/client/cert8.db; then # If the client's database does not exist, then initialize it with our certificate. if test -f `which ${stap_exec_prefix}stap-add-server-cert` -a -x `which ${stap_exec_prefix}stap-add-server-cert`; then - ${stap_exec_prefix}stap-authorize-server-cert $ssl_db/stap-server.cert + ${stap_exec_prefix}stap-authorize-server-cert $ssl_db/$stap_certfile fi fi fi @@ -155,7 +163,7 @@ function check_db { check_db_file $dir/key3.db || rc=1 check_db_file $dir/secmod.db || rc=1 check_db_file $dir/pw || rc=1 - check_cert_file $dir/stap-server.cert || rc=1 + check_cert_file $dir/$stap_certfile || rc=1 test $rc = 1 && fatal "Unable to use certificate database '$dir' due to errors" |