From d2334a2233f4efd055dab021c603f7c046730a66 Mon Sep 17 00:00:00 2001 From: Dave Brolley Date: Tue, 2 Feb 2010 14:08:31 -0500 Subject: Compile server logging and robustness. Log certificate location and status when starting server. Additional care in handling arguments in stap-serverd. New test case discovered by fuzzing added and fixed. --- stap-serverd | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) (limited to 'stap-serverd') diff --git a/stap-serverd b/stap-serverd index fc186233..eda9711e 100755 --- a/stap-serverd +++ b/stap-serverd @@ -81,12 +81,18 @@ function initialization { -x `which ${stap_exec_prefix}stap-client 2>/dev/null`; then ${stap_exec_prefix}stap-authorize-server-cert $ssl_db/$stap_certfile >> $logfile 2>&1 fi - elif ! test -f $stap_ssl_db/client/cert8.db; then - # If the client's database does not exist, then initialize it with our certificate. - # Do this only if the client has been installed. - if test -f `which ${stap_exec_prefix}stap-client` -a \ - -x `which ${stap_exec_prefix}stap-client`; then - ${stap_exec_prefix}stap-authorize-server-cert $ssl_db/$stap_certfile >> $logfile 2>&1 + else + echo "Certificate found in database $ssl_db" >> $logfile + certutil -L -d "$ssl_db" -n stap-server | \ + awk '/Validity|Not After|Not Before/ { print $0 }' | \ + sed 's/^ */ /' >> $logfile + if ! test -f $stap_ssl_db/client/cert8.db; then + # If the client's database does not exist, then initialize it with our certificate. + # Do this only if the client has been installed. + if test -f `which ${stap_exec_prefix}stap-client 2>/dev/null` -a \ + -x `which ${stap_exec_prefix}stap-client 2>/dev/null`; then + ${stap_exec_prefix}stap-authorize-server-cert $ssl_db/$stap_certfile >> $logfile 2>&1 + fi fi fi fi -- cgit