X-Original-To: alpine-aports@mail.alpinelinux.org Delivered-To: alpine-aports@mail.alpinelinux.org Received: from mail.alpinelinux.org (dallas-a1.alpinelinux.org [127.0.0.1]) by mail.alpinelinux.org (Postfix) with ESMTP id 6F229DC6A15 for ; Tue, 6 Oct 2015 14:10:57 +0000 (UTC) Received: from lithium.8pit.net (lithium.8pit.net [141.101.32.65]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.alpinelinux.org (Postfix) with ESMTPS id EF643DC6454 for ; Tue, 6 Oct 2015 14:10:56 +0000 (UTC) Received: from localhost (p20030058A61984005D8019E1F362119D.dip0.t-ipconnect.de [IPv6:2003:58:a619:8400:5d80:19e1:f362:119d]); by lithium.8pit.net (OpenSMTPD) with ESMTPSA id 4d72d789; TLS version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO; for ; Tue, 6 Oct 2015 16:10:53 +0200 (CEST) Date: Tue, 6 Oct 2015 16:10:52 +0200 From: =?iso-8859-1?Q?S=F6ren?= Tempel To: alpine-aports@lists.alpinelinux.org Subject: Re: [alpine-aports] [PATCH] testing/csync2: cleanups in strlcpy patch. ssl key&cert MUST be generated or csync2 does not sync. ssl defaults must be configured in /etc/ssl/openssl.conf Message-ID: <20151006141052.GA21548@francium.fritz.box> References: <1444063657-29323-1-git-send-email-valery.kartel@gmail.com> X-Mailinglist: alpine-aports Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable In-Reply-To: <1444063657-29323-1-git-send-email-valery.kartel@gmail.com> User-Agent: Mutt/1.5.24 (2015-08-30) X-Virus-Scanned: ClamAV using ClamSMTP On 05.10.15, Valery Kartel wrote: > diff --git a/testing/csync2/csync2.post-install b/testing/csync2/csync2.p= ost-install > new file mode 100644 > index 0000000..8d6331f > --- /dev/null > +++ b/testing/csync2/csync2.post-install > @@ -0,0 +1,12 @@ > +#!/bin/sh > + > +SSL=3D"/etc/csync2/csync2_ssl_" > + > +if [ ! -f ${SSL}key.pem -o ! -f ${SSL}cert.pem ]; then > + openssl genrsa -out ${SSL}key.pem 1024 >/dev/null 2>&1 > + yes '' | openssl req -new -key ${SSL}key.pem -out ${SSL}cert.csr= >/dev/null 2>&1 > + openssl x509 -req -days 3600 -in ${SSL}cert.csr -out ${SSL}cert.= pem -signkey ${SSL}key.pem >/dev/null 2>&1 > + rm ${SSL}cert.csr > +fi > + > +exit 0 I told you this 3 times already: I doesn't make much sense to generate an openssl certificate which uses the default values for all fields. The fact that csync2 doesn't csync without an OpenSSL certificate doesn't change my opinion on this. For other aports like testing/opensmtpd you also have to generate your SSL cert manually, it's not that hard... S=F6ren. --- Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org Help: alpine-aports+help@lists.alpinelinux.org ---