Compare commits
5 Commits
Author | SHA1 | Date |
---|---|---|
Fedora Release Engineering | 6d8d3415b7 | |
Bill Nottingham | 81b3f7ef93 | |
Elio Maldonado | ab2e979a3e | |
Elio Maldonado | 1731a5087d | |
Jesse Keating | 6c46a7489e |
113
Makefile
113
Makefile
|
@ -1,113 +0,0 @@
|
|||
# Makefile for source rpm: crypto-utils
|
||||
# $Id$
|
||||
NAME := crypto-utils
|
||||
SPECFILE = $(firstword $(wildcard *.spec))
|
||||
|
||||
define find-makefile-common
|
||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(find-makefile-common))
|
||||
|
||||
ifeq ($(MAKEFILE_COMMON),)
|
||||
# attempt a checkout
|
||||
define checkout-makefile-common
|
||||
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
|
||||
endif
|
||||
|
||||
include $(MAKEFILE_COMMON)
|
||||
|
||||
certwatch: certwatch.c pemutil.c
|
||||
gcc -Wall -Werror -O2 -g $^ -o $@ \
|
||||
-lnspr4 -lnss3 -I/usr/include/nspr4 -I/usr/include/nss3
|
||||
|
||||
test-certwatch: certwatch
|
||||
./certwatch
|
||||
|
||||
keyutil: keyutil.c keyutil.h certext.c secutil.c secutil.h secerror.c
|
||||
gcc -Wall -Werror -O2 -g $^ -o $@ \
|
||||
-lnspr4 -lnss3 -I/usr/include/nspr4 -I/usr/include/nss3
|
||||
chmod 755 $@
|
||||
|
||||
genkey: genkey.pl keyutil Makefile
|
||||
sed -e "s|^\$$bindir.*$$|\$$bindir = \"/usr/bin\";|" \
|
||||
-e "s|^\$$ssltop.*$$|\$$ssltop = \"$(PWD)\";|" \
|
||||
-e "s|^\$$sslconf.*$$|\$$sslconf = \"/etc/pki/tls/openssl.cnf\";|" \
|
||||
-e "s|^\$$cadir.*$$|\$$cadir = \"/etc/pki/CA\";|" \
|
||||
-e "1s|.*|\#\!/usr/bin/perl| g" \
|
||||
-e "s/'Challenge',/'Email','Challenge',/g" \
|
||||
-e "/@EXTRA@/d" < $< > $@
|
||||
chmod 755 $@
|
||||
|
||||
test-genkey: genkey
|
||||
mkdir -p certs private
|
||||
./genkey --test `hostname`
|
||||
|
||||
test-genkey-nss: genkey
|
||||
mkdir -p certs private
|
||||
./genkey --test --nss nsstest.`hostname`
|
||||
|
||||
#########################################################################
|
||||
# Individual testing targets.
|
||||
#########################################################################
|
||||
|
||||
test-genreq-modssl: genkey
|
||||
perl ./genkey --genreq test.`hostname`
|
||||
|
||||
test-makecert-modssl: genkey
|
||||
perl ./genkey --makeca test.`hostname`
|
||||
|
||||
test-renew-modssl: genkey
|
||||
perl ./genkey --genreq --renew `hostname`
|
||||
|
||||
test-keyutil-renew-modssl: keyutil
|
||||
./keyutil --command genreq --validity 24 --out server.csr --renew /etc/pki/tls/certs/server.crt --input /etc/pki/tls/private/server.key
|
||||
|
||||
test-keyutil-renew-modssl-ca: keyutil
|
||||
./keyutil --command genreq --validity 24 --out server.csr --renew --ca /etc/pki/tls/certs/server.crt --input /etc/pki/tls/private/server.key
|
||||
|
||||
test-renew-modnss: genkey
|
||||
perl ./genkey --genreq --renew --nss `hostname`
|
||||
|
||||
test-genreq-modnss: genkey
|
||||
perl ./genkey --genreq --nss test.`hostname`
|
||||
|
||||
test-makecert-modnss: genkey
|
||||
perl ./genkey --makeca --nss test.`hostname`
|
||||
|
||||
prepare-tests:
|
||||
mkdir -p certs private
|
||||
|
||||
cleanup-tests: certs private
|
||||
rm -f -r certs private
|
||||
|
||||
# get some random seed in a file
|
||||
# enables testing with keyutil directly
|
||||
# without user interaction.
|
||||
seed-file:
|
||||
echo "Saving random seed..."
|
||||
touch random-seed
|
||||
dd if=/dev/urandom of=random-seed count=1 bs=4096
|
||||
|
||||
#########################################################################
|
||||
|
||||
date.xml:
|
||||
date +"%e %B %Y" | tr -d '\n' > $@
|
||||
|
||||
version.xml:
|
||||
echo -n ${VERSION} > $@
|
||||
|
||||
man-genkey: genkey.xml date.xml version.xml
|
||||
xmlto man genkey.xml
|
||||
man ./genkey.1
|
||||
|
||||
man-keyrand: keyrand.xml date.xml version.xml
|
||||
xmlto man keyrand.xml
|
||||
man ./keyrand.1
|
||||
|
||||
man-certwatch: certwatch.xml date.xml version.xml
|
||||
xmlto man certwatch.xml
|
||||
man ./certwatch.1
|
|
@ -4,7 +4,7 @@
|
|||
Summary: SSL certificate and key management utilities
|
||||
Name: crypto-utils
|
||||
Version: 2.4.1
|
||||
Release: 18
|
||||
Release: 19
|
||||
Source: crypto-rand-%{crver}.tar.gz
|
||||
Source1: genkey.pl
|
||||
Source2: certwatch.c
|
||||
|
@ -131,6 +131,10 @@ chmod -R u+w $RPM_BUILD_ROOT
|
|||
%{perl_vendorarch}/auto/Crypt
|
||||
|
||||
%changelog
|
||||
* Sun Oct 04 2009 Elio Maldonado<emaldona@redhat.com> - 2.4.1-19
|
||||
- Fix genkey to produce CSRs, certs, and key in ascii PEM format (#526720)
|
||||
- Fixed cert suffix to be .crt as Apache expects it (#162116)
|
||||
|
||||
* Sun Mar 15 2009 Elio Maldonado <emaldona@redhat.com> - 2.4.1-18
|
||||
- certwatch: Fixed cert expiry time calculations (#473860)
|
||||
- keyutil: Fixed segfault on certificate generation and missing of key/cert pem files (#479886)
|
||||
|
|
|
@ -1086,7 +1086,8 @@ sub genRequestOpenSSL
|
|||
my $args = "-c genreq ";
|
||||
$args .= "-g $bits ";
|
||||
$args .= "-s $subject ";
|
||||
$args .= "-v $months ";
|
||||
$args .= "-v $months ";
|
||||
$args .= "-a "; ## using ascii
|
||||
$args .= "-o $csrfile ";
|
||||
$args .= "-k $keyfile ";
|
||||
$args .= "-e $keyEncPassword " if $keyEncPassword;
|
||||
|
@ -1166,6 +1167,7 @@ sub renewCertOpenSSL
|
|||
# This is a request where we reuse the existing key pair
|
||||
|
||||
my $args = "--command genreq ";
|
||||
$args .= "--ascii "; ## using ascii
|
||||
$args .= "--renew $certfile ";
|
||||
$args .= "--input $keyfile ";
|
||||
$args .= "--cacert " if $cacert;
|
||||
|
@ -1521,7 +1523,7 @@ sub genCertWindow
|
|||
return "Skip" if $useca;
|
||||
|
||||
$keyfile = $ssltop."/private/".$servername.".key";
|
||||
$certfile = $ssltop."/certs/".$servername.".cert";
|
||||
$certfile = $ssltop."/certs/".$servername.".crt";
|
||||
|
||||
my $msg = "You are about to be asked to enter information that will be ".
|
||||
"made into a self-signed certificate for your server. What you are ".
|
||||
|
|
Loading…
Reference in New Issue