Mail archive
alpine-aports

[alpine-aports] [PATCH] testing/csync2: Certificate & key generation added to post_install

From: Valery Kartel <valery.kartel_at_gmail.com>
Date: Mon, 7 Dec 2015 16:47:07 +0200

---
 testing/csync2/APKBUILD            | 16 ++++++++++------
 testing/csync2/csync2-openssl.cnf  | 31 +++++++++++++++++++++++++++++++
 testing/csync2/csync2.initd        |  5 ++---
 testing/csync2/csync2.post-install | 25 +++++++++++++++++++++++++
 4 files changed, 68 insertions(+), 9 deletions(-)
 create mode 100644 testing/csync2/csync2-openssl.cnf
 create mode 100644 testing/csync2/csync2.post-install
diff --git a/testing/csync2/APKBUILD b/testing/csync2/APKBUILD
index 7850f17..3dc5181 100644
--- a/testing/csync2/APKBUILD
+++ b/testing/csync2/APKBUILD
_at_@ -4,17 +4,18 @@
 # Maintainer: Natanael Copa <ncopa_at_alpinelinux.org>
 pkgname=csync2
 pkgver=2.0
-pkgrel=2
+pkgrel=3
 pkgdesc="Cluster synchronization tool"
 url="http://oss.linbit.com/csync2/"
 arch="all"
 license="GPL2+"
-depends=""
+depends="openssl"
 depends_dev=""
 makedepends="autoconf automake librsync-dev gnutls-dev sqlite-dev mysql-dev postgresql-dev"
-install="$pkgname.post-upgrade"
+install="$pkgname.post-install $pkgname.post-upgrade"
 subpackages="$pkgname-compare $pkgname-doc"
 source="http://oss.linbit.com/$pkgname/$pkgname-$pkgver.tar.gz
+	csync2-openssl.cnf
 	longlong-format.patch
 	nossl-config.patch
 	have-strlcpy.patch
_at_@ -64,17 +65,20 @@ compare() {
 }
 
 md5sums="4069fc9e86e8508c392fe2862059eb91  csync2-2.0.tar.gz
+f2f42a8ba543d5a22d2740e794c7f872  csync2-openssl.cnf
 8fc73254db29316f9125761d18f1ed46  longlong-format.patch
 b5adcbe1a3b0bc409336e539087319ea  nossl-config.patch
 3ed476916ba9afa7c4aa587ae86a6e34  have-strlcpy.patch
-bf77ad1534addbd596a08d1f7084e85e  csync2.initd"
+8197fe5a195d1e7a6843f0be7f9230f5  csync2.initd"
 sha256sums="11cb37380fb185bce0c22b804fec9b01c385d9d83cc528cfd48d748453834fa2  csync2-2.0.tar.gz
+53e2ae5141f9b1517072798f2d78b63b7a4653e59ebeb626940a7b8d173bc4df  csync2-openssl.cnf
 afb1317987cc4b81908bc437269162c7af23b34e6842306483da5b53efce2db3  longlong-format.patch
 bc7abcb34224b6ea77cd4f90ee69d916b4bc7ef0f321bd649b1060ff54cdc084  nossl-config.patch
 f9aad05465919657894ee24fd102451790911445d0d8291ce565242a96f6024e  have-strlcpy.patch
-0c1488e6bca746d8e5c5e3d893997b94e3c1766de69270d7c5c5a2282fb3b767  csync2.initd"
+c45f4177182cb567b9581e9882cf3004bbdde174b44b02b212df0e16a60bd6f8  csync2.initd"
 sha512sums="f91fd222f67affe9634471d341b43ff67854a6ed25b620301a454e98a79a9fb80b2a66eb8713546758fd08300d52751e5ca7472c696daa20ee11779b87a830f8  csync2-2.0.tar.gz
+614da46cdaea46da5de8d3f4e4dc634f34ec5fa402af8557e17324c43dd6b06cc4797bfb42bd5d0d4e34edcf9eb30241bd9054732d75e9646edd32e650fde7d4  csync2-openssl.cnf
 38a17cbf23cbccd4996ad1af049851e33179586e619e3f3edbfacbaa36662e44d916839acd59b1cfc67b3af9042c3258068ec9e5b57f7e26c00a41a0e6f0e148  longlong-format.patch
 9fe50c761ba463ebeecda147c7172526bb9a2378e11101bcab60433b2aec389439eefe8139539babe0d680e2f30cc69df34788454a1d3dce64decd66cc153b32  nossl-config.patch
 66a4762c2a6f99dd0f48aaf36d977150b93f3710de8ae34f090636285115a5801878089ca509d26737bbc30fadb6f9f6acebad8cea1c60e40aaff95ce43ee3a6  have-strlcpy.patch
-5050af0004679c7c63e0eb41a8dfed9ca1d92ce6acaee7c5e2150ce808474c61e6feb84f9b77185a282fbb36de9b981e1eab937ee0fb1ec045ab587960fda812  csync2.initd"
+617235cb9383e72f48e7dd1aa82ecca394b87ceb1e5853b6eb04fb620e6146828fdf64a117d899be4174d3ddde81c9b092937fedada6d0c213825124d70546ee  csync2.initd"
diff --git a/testing/csync2/csync2-openssl.cnf b/testing/csync2/csync2-openssl.cnf
new file mode 100644
index 0000000..7f64b1c
--- /dev/null
+++ b/testing/csync2/csync2-openssl.cnf
_at_@ -0,0 +1,31 @@
+[ req ]
+default_bits = 1024
+encrypt_key = yes
+distinguished_name = req_dn
+x509_extensions = cert_type
+prompt = no
+
+[ req_dn ]
+# country (2 letter code)
+#C=UA
+
+# State or Province Name (full name)
+#ST=
+
+# Locality Name (eg. city)
+#L=Kyiv
+
+# Organization (eg. company)
+#O=CSync2
+
+# Organizational Unit Name (eg. section)
+OU=CSYNC2 Server
+
+# Common Name (*.example.com is also possible)
+CN=csync2.example.com
+
+# E-mail contact
+emailAddress=root_at_example.com
+
+[ cert_type ]
+nsCertType = server
diff --git a/testing/csync2/csync2.initd b/testing/csync2/csync2.initd
index 424a1e2..43c545e 100644
--- a/testing/csync2/csync2.initd
+++ b/testing/csync2/csync2.initd
_at_@ -1,8 +1,7 @@
 #!/sbin/openrc-run
 
-name="$SVCNAME"
-pidfile="/var/run/$SVCNAME.pid"
-command="/usr/sbin/$SVCNAME"
+pidfile="/run/csync2.pid"
+command="/usr/sbin/csync2"
 command_args="-ii${CSYNC2_OPTS:+ $CSYNC2_OPTS}"
 command_background="yes"
 
diff --git a/testing/csync2/csync2.post-install b/testing/csync2/csync2.post-install
new file mode 100644
index 0000000..ab02fa0
--- /dev/null
+++ b/testing/csync2/csync2.post-install
_at_@ -0,0 +1,25 @@
+#!/bin/sh
+
+OPENSSL=${OPENSSL:-openssl}
+OPENSSL_CONF=${OPENSSL_CONF:-/etc/csync2/csync2-openssl.cnf}
+
+CRTFILE=/etc/csync2/csync2_ssl_cert.pem
+CSRFILE=/etc/csync2/csync2_ssl_cert.csr
+KEYFILE=/etc/csync2/csync2_ssl_key.pem
+
+if [ -f $CRTFILE ]; then
+  echo "$CRTFILE already exists, won't overwrite"
+  exit 0
+fi
+
+if [ -f $KEYFILE ]; then
+  echo "$KEYFILE already exists, won't overwrite"
+  exit 0
+fi
+
+$OPENSSL genrsa -out $KEYFILE 1024 || exit 2
+$OPENSSL req -config $OPENSSL_CONF -new -key $KEYFILE -out $CSRFILE || exit 2
+$OPENSSL x509 -req -days 365 -in $CSRFILE -signkey $KEYFILE -out $CRTFILE || exit 2
+
+chmod 0600 $KEYFILE
+rm $CSRFILE
-- 
2.6.3
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Mon Dec 07 2015 - 16:47:07 GMT