diff options
author | Sadie Powell <sadie@witchery.services> | 2020-09-26 23:32:09 +0100 |
---|---|---|
committer | Sadie Powell <sadie@witchery.services> | 2020-09-26 23:34:03 +0100 |
commit | b64fe8320ecbcc3f6099a3c0ae1b2739447bfc76 (patch) | |
tree | 927a8ad5bc5c1098f42db2c185cfe1e93d8d6a9a | |
parent | d0bb6bd79a7909b498ad018b4a9f6f90d4e89787 (diff) |
Store generated SSL certificates in the .configure directory.
Co-Authored-By: Nicole Kleinhoff <ilbelkyr@shalture.org>
-rwxr-xr-x | configure | 5 | ||||
-rw-r--r-- | make/configure.pm | 1 | ||||
-rw-r--r-- | make/template/inspircd-genssl.1 | 2 | ||||
-rw-r--r-- | make/template/main.mk | 2 | ||||
-rwxr-xr-x | tools/genssl | 20 |
5 files changed, 23 insertions, 7 deletions
@@ -393,9 +393,10 @@ EOQ if (<$RealDir/src/modules/m_ssl_*.cpp>) { if (prompt_bool $interactive, $question, $interactive) { - system './tools/genssl', 'auto'; + create_directory CONFIGURE_DIRECTORY, 0750 or print_error "unable to create ${\CONFIGURE_DIRECTORY}: $!"; + system './tools/genssl', 'auto', CONFIGURE_DIRECTORY; } else { - my @pems = <$RealDir/{cert,csr,dhparams,key}.pem>; + my @pems = <${\CONFIGURE_DIRECTORY}/{cert,csr,dhparams,key}.pem>; $question = <<EOQ; The following self-signed files were previously generated and will be installed when you run Make. Do you want to delete them? diff --git a/make/configure.pm b/make/configure.pm index cb9b8f640..fd1833d5f 100644 --- a/make/configure.pm +++ b/make/configure.pm @@ -45,6 +45,7 @@ use constant CONFIGURE_ERROR_PIPE => $ENV{INSPIRCD_VERBOSE} ? '' : '1>/dev/nu our @EXPORT = qw(CONFIGURE_CACHE_FILE CONFIGURE_CACHE_VERSION + CONFIGURE_DIRECTORY cmd_clean cmd_help cmd_update diff --git a/make/template/inspircd-genssl.1 b/make/template/inspircd-genssl.1 index 93f05ff58..7a1f70c6a 100644 --- a/make/template/inspircd-genssl.1 +++ b/make/template/inspircd-genssl.1 @@ -24,7 +24,7 @@ .BR .SH "SYNOPSIS" -\t\fBinspircd-genssl\fR [ auto | gnutls | openssl ] +\t\fBinspircd-genssl\fR [ auto | gnutls | openssl ] [ SSL-DIR ] .SH "OPTIONS" .TP diff --git a/make/template/main.mk b/make/template/main.mk index 9f905f970..5a2107d3d 100644 --- a/make/template/main.mk +++ b/make/template/main.mk @@ -250,7 +250,7 @@ endif -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_TXT) docs/conf/services/*.example $(EXAPATH)/services -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_TXT) docs/sql/*.sql $(EXAPATH)/sql -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_TXT) @CONFIGURE_DIRECTORY@/help.txt $(CONPATH) - -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_PRV) *.pem $(CONPATH) 2>/dev/null + -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_PRV) @CONFIGURE_DIRECTORY@/*.pem $(CONPATH) 2>/dev/null @echo "" @echo "*************************************" @echo "* INSTALL COMPLETE! *" diff --git a/tools/genssl b/tools/genssl index 930f4b1d7..f4c38fd2e 100755 --- a/tools/genssl +++ b/tools/genssl @@ -31,10 +31,18 @@ use File::Temp(); # IMPORTANT: This script has to be able to run by itself so that it can be used # by binary distributions where the make/console.pm module will not # be available! +eval { + use File::Basename qw(dirname); + use FindBin qw($RealDir); + + use lib dirname $RealDir; + require make::console; + make::console->import(); +}; sub prompt($$) { my ($question, $default) = @_; - return prompt_string(1, $question, $default) if eval 'use File::Basename; use FindBin; use lib dirname($FindBin::RealDir); use make::console; 1'; + return prompt_string(1, $question, $default) if defined main->can('prompt_string'); say $question; print "[$default] => "; chomp(my $answer = <STDIN>); @@ -42,8 +50,8 @@ sub prompt($$) { return $answer ? $answer : $default; } -if ($#ARGV != 0 || $ARGV[0] !~ /^(?:auto|gnutls|openssl)$/i) { - say STDERR "Usage: $0 <auto|gnutls|openssl>"; +if (scalar @ARGV < 1 || $ARGV[0] !~ /^(?:auto|gnutls|openssl)$/i) { + say STDERR "Usage: $0 <auto|gnutls|openssl> [SSL-DIR]"; exit 1; } @@ -75,6 +83,12 @@ if ($tool eq 'auto') { exit 1; } +# Output to the cwd unless an SSL directory is specified. +if (scalar @ARGV > 1 && !chdir $ARGV[1]) { + say STDERR "Unable to change the working directory to $ARGV[1]: $!."; + exit 1; +} + # Harvest information needed to generate the certificate. my $common_name = prompt('What is the hostname of your server?', 'irc.example.com'); my $email = prompt('What email address can you be contacted at?', 'example@example.com'); |