From 2f54c4fe5a3aa21b4d5c38edabf83f3cdad0177d Mon Sep 17 00:00:00 2001
From: Dave Brolley <brolley@redhat.com>
Date: Thu, 2 Apr 2009 12:34:29 -0400
Subject: 2009-04-02  Dave Brolley  <brolley@redhat.com>

        * stap-serverd (initialization): Create client certificate database if it
        does not exist.
        * stap-server (call_stap): Don't pass --sign-module to stap.
        * session.h (unprivileged): New member of systemtap_session.
        * modsign.cxx (init_cert_db_path, check_cert_db_path): New functions.
        (sign_module): Call check_cert_db_path.
        * main.cxx (usage): Document --signing-cert and --unprivileged.
        (runner): Set default signing certificate path. Initialize s.unprivileged.
        (LONG_OPT_SIGN_MODULE): Renamed to LONG_OPT_SIGNING_CERT.
        (LONG_OPT_UNPRIVILEGED): #define it.
        (long_options): Add --signing-cert and --unprivileged.
        (runner): Allow multiple --signing-cert options. Use the last specified.
        Don't reset unless the new setting is valid. Handle LONG_OPT_UNPRIVILEGED.
---
 stap-serverd | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'stap-serverd')

diff --git a/stap-serverd b/stap-serverd
index 9b1dfd43..04ef54c3 100755
--- a/stap-serverd
+++ b/stap-serverd
@@ -47,6 +47,11 @@ function initialization {
 	    if test -f `which ${stap_exec_prefix}stap-add-server-cert` -a -x `which ${stap_exec_prefix}stap-add-server-cert`; then
 		${stap_exec_prefix}stap-authorize-server-cert $ssl_db/stap-server.cert
 	    fi
+	elif ! test -f $stap_ssl_db/client/cert8.db; then
+	    # If the client's database does not exist, then initialize it with our certificate.
+	    if test -f `which ${stap_exec_prefix}stap-add-server-cert` -a -x `which ${stap_exec_prefix}stap-add-server-cert`; then
+		${stap_exec_prefix}stap-authorize-server-cert $ssl_db/stap-server.cert
+	    fi
 	fi
     fi
 
-- 
cgit