commit: d61bf402c24c0b492a684d3ee61eebfcb1b7d06a
Author: Amadeusz Żołnowski <aidecoe <AT> gentoo <DOT> org>
AuthorDate: Mon Jun 13 21:36:03 2016 +0000
Commit: Amadeusz Piotr Żołnowski <aidecoe <AT> gentoo <DOT> org>
CommitDate: Mon Jun 13 21:36:03 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d61bf402
net-im/ejabberd: Don't try to generate cert if it is already set up
The ebuild used to always try to generate a certificate. ssl-cert eclass
function warns if certificate in a specified location already exists,
but that only clutters logs. When user has set different path to a
certificate, then eclass used to generate a self-signed cert which
wouldn't be used at all. Check if certificate set by user exists before
generating a new one.
Package-Manager: portage-2.3.0_rc1
net-im/ejabberd/ejabberd-16.04.ebuild | 42 ++++++++++++++++++++++-------------
1 file changed, 27 insertions(+), 15 deletions(-)
diff --git a/net-im/ejabberd/ejabberd-16.04.ebuild
b/net-im/ejabberd/ejabberd-16.04.ebuild
index 5c71813..56e0c9f 100644
--- a/net-im/ejabberd/ejabberd-16.04.ebuild
+++ b/net-im/ejabberd/ejabberd-16.04.ebuild
@@ -64,6 +64,7 @@ RDEPEND="${CDEPEND}
PATCHES=( "${FILESDIR}/${P}-ejabberdctl.patch" )
+EJABBERD_CERT="${EPREFIX}/etc/ssl/ejabberd/server.pem"
# Paths in net-im/jabber-base
JABBER_ETC="${EPREFIX}/etc/jabber"
JABBER_LOG="${EPREFIX}/var/log/jabber"
@@ -73,8 +74,8 @@ JABBER_SPOOL="${EPREFIX}/var/spool/jabber"
# - Use our sample certificates.
# - Correct PAM service name.
adjust_config() {
- sed -e "s|/path/to/ssl.pem|/etc/ssl/ejabberd/server.pem|g" \
- -e "s|pamservicename|xmpp|" \
+ sed -e "s|\"/path/to/ssl.pem\"|\"${EJABBERD_CERT}\"|g" \
+ -e "s|\"pamservicename\"|\"xmpp\"|" \
-i "${S}/ejabberd.yml.example" \
|| die 'failed to adjust example config'
}
@@ -106,6 +107,28 @@ customize_epam_wrapper() {
|| die 'failed to install epam-wrapper'
}
+# Check if there already exists a certificate.
+ejabberd_cert_exists() {
+ local cert
+
+ for cert in $(gawk -- \
+ 'match($0, /^[[:space:]]*certfile: "([^"]+)"/, m)
{print m[1];}' \
+ "${EROOT}${JABBER_ETC}/ejabberd.yml"); do
+ [[ -f ${cert} ]] && return 0
+ done
+
+ return 1
+}
+
+# Generate and install sample ejabberd certificate. It's installed into
+# EJABBERD_CERT path.
+ejabberd_cert_install() {
+ SSL_ORGANIZATION="${SSL_ORGANIZATION:-ejabberd XMPP Server}"
+ install_cert "${EJABBERD_CERT%.*}"
+ chown root:jabber "${EROOT}${EJABBERD_CERT}" || die
+ chmod 0440 "${EROOT}${EJABBERD_CERT}" || die
+}
+
# Get path to ejabberd lib directory.
get_ejabberd_path() {
echo "$(get_erl_libs)/${P}"
@@ -139,15 +162,6 @@ skip_docs() {
' "${S}/Makefile.in" || die 'failed to remove docs section from Makefile.in'
}
-# Generate and install sample ejabberd certificate.
-install_sample_ejabberd_cert() {
- SSL_ORGANIZATION="${SSL_ORGANIZATION:-ejabberd XMPP Server}"
- install_cert /etc/ssl/ejabberd/server || return
- # Fix ssl cert permissions (bug #369809).
- chown root:jabber "${EROOT}/etc/ssl/ejabberd/server.pem" || return
- chmod 0440 "${EROOT}/etc/ssl/ejabberd/server.pem"
-}
-
src_prepare() {
default
@@ -232,9 +246,7 @@ pkg_postinst() {
echo
fi
- if ! install_sample_ejabberd_cert; then
- eerror
- eerror "Failed to install sample ejabberd certificate"
- eerror
+ if ! ejabberd_cert_exists; then
+ ejabberd_cert_install
fi
}
