diff options
| author |   Amadeusz Żołnowski <aidecoe@gentoo.org> | 2016-06-13 22:36:03 +0100 |
|---|---|---|
| committer | Amadeusz Żołnowski <aidecoe@gentoo.org> | 2016-06-13 22:36:03 +0100 |
| commit | d61bf402c24c0b492a684d3ee61eebfcb1b7d06a (patch) | |
| tree | a50bbf23235785001706157a3a63a59cf5cf586b /net-im | |
| parent | dev-lang/mujs: fix Prefix support, thanks Benda Xu, bug 585426. (diff) | |
| download | gentoo-d61bf402c24c0b492a684d3ee61eebfcb1b7d06a.tar.gz gentoo-d61bf402c24c0b492a684d3ee61eebfcb1b7d06a.tar.bz2 gentoo-d61bf402c24c0b492a684d3ee61eebfcb1b7d06a.zip | |
net-im/ejabberd: Don't try to generate cert if it is already set up
The ebuild used to always try to generate a certificate. ssl-cert eclass
function warns if certificate in a specified location already exists,
but that only clutters logs. When user has set different path to a
certificate, then eclass used to generate a self-signed cert which
wouldn't be used at all. Check if certificate set by user exists before
generating a new one.
Package-Manager: portage-2.3.0_rc1
Diffstat (limited to 'net-im')
| -rw-r--r-- | net-im/ejabberd/ejabberd-16.04.ebuild | 42 |
1 files changed, 27 insertions, 15 deletions
diff --git a/net-im/ejabberd/ejabberd-16.04.ebuild b/net-im/ejabberd/ejabberd-16.04.ebuild index 5c718138708c..56e0c9f31991 100644 --- a/net-im/ejabberd/ejabberd-16.04.ebuild +++ b/net-im/ejabberd/ejabberd-16.04.ebuild @@ -64,6 +64,7 @@ RDEPEND="${CDEPEND} PATCHES=( "${FILESDIR}/${P}-ejabberdctl.patch" ) +EJABBERD_CERT="${EPREFIX}/etc/ssl/ejabberd/server.pem" # Paths in net-im/jabber-base JABBER_ETC="${EPREFIX}/etc/jabber" JABBER_LOG="${EPREFIX}/var/log/jabber" @@ -73,8 +74,8 @@ JABBER_SPOOL="${EPREFIX}/var/spool/jabber" # - Use our sample certificates. # - Correct PAM service name. adjust_config() { - sed -e "s|/path/to/ssl.pem|/etc/ssl/ejabberd/server.pem|g" \ - -e "s|pamservicename|xmpp|" \ + sed -e "s|\"/path/to/ssl.pem\"|\"${EJABBERD_CERT}\"|g" \ + -e "s|\"pamservicename\"|\"xmpp\"|" \ -i "${S}/ejabberd.yml.example" \ || die 'failed to adjust example config' } @@ -106,6 +107,28 @@ customize_epam_wrapper() { || die 'failed to install epam-wrapper' } +# Check if there already exists a certificate. +ejabberd_cert_exists() { + local cert + + for cert in $(gawk -- \ + 'match($0, /^[[:space:]]*certfile: "([^"]+)"/, m) {print m[1];}' \ + "${EROOT}${JABBER_ETC}/ejabberd.yml"); do + [[ -f ${cert} ]] && return 0 + done + + return 1 +} + +# Generate and install sample ejabberd certificate. It's installed into +# EJABBERD_CERT path. +ejabberd_cert_install() { + SSL_ORGANIZATION="${SSL_ORGANIZATION:-ejabberd XMPP Server}" + install_cert "${EJABBERD_CERT%.*}" + chown root:jabber "${EROOT}${EJABBERD_CERT}" || die + chmod 0440 "${EROOT}${EJABBERD_CERT}" || die +} + # Get path to ejabberd lib directory. get_ejabberd_path() { echo "$(get_erl_libs)/${P}" @@ -139,15 +162,6 @@ skip_docs() { ' "${S}/Makefile.in" || die 'failed to remove docs section from Makefile.in' } -# Generate and install sample ejabberd certificate. -install_sample_ejabberd_cert() { - SSL_ORGANIZATION="${SSL_ORGANIZATION:-ejabberd XMPP Server}" - install_cert /etc/ssl/ejabberd/server || return - # Fix ssl cert permissions (bug #369809). - chown root:jabber "${EROOT}/etc/ssl/ejabberd/server.pem" || return - chmod 0440 "${EROOT}/etc/ssl/ejabberd/server.pem" -} - src_prepare() { default @@ -232,9 +246,7 @@ pkg_postinst() { echo fi - if ! install_sample_ejabberd_cert; then - eerror - eerror "Failed to install sample ejabberd certificate" - eerror + if ! ejabberd_cert_exists; then + ejabberd_cert_install fi } |