rpms/crypto-utils/devel genkey.pl,1.15,1.16
Elio Maldonado (emaldonado)
fedora-extras-commits at redhat.com
Sun May 11 02:48:32 UTC 2008
Author: emaldonado
Update of /cvs/extras/rpms/crypto-utils/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14655
Modified Files:
genkey.pl
Log Message:
Ensure that either mod_nss or mod_ssl is installed for the type of request to be processed (#346731)
Index: genkey.pl
===================================================================
RCS file: /cvs/extras/rpms/crypto-utils/devel/genkey.pl,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- genkey.pl 7 May 2008 18:48:17 -0000 1.15
+++ genkey.pl 11 May 2008 02:47:51 -0000 1.16
@@ -69,7 +69,7 @@
{
print STDERR <<EOH;
Usage: genkey [options] servername
- --test Test mode, skip random data creation, overwrite existing key
+ --test Test mode, faster seeding, overwrite existing key
--genreq Just generate a CSR from an existing key
--makeca Generate a private CA key instead
--days Days until expiry of self-signed certificate (default 30)
@@ -168,6 +168,9 @@
exit 1;
}
+# Either mod_nss or mod_ssl is required
+requireModule();
+
# For mod_nss we need these variables set
if ($nss) {
# the configuration file is required
@@ -204,7 +207,7 @@
getkeysizeWindow,
customKeySizeWindow,
getRandomDataWindow,
- keyPasswordWindow,
+ passwordWindow,
genReqWindow,
);
$doingwhat="CSR generation";
@@ -213,7 +216,7 @@
getkeysizeWindow,
customKeySizeWindow,
getRandomDataWindow,
- keyPasswordWindow,
+ passwordWindow,
genCACertWindow,
);
$doingwhat="CA cert generation";
@@ -223,7 +226,7 @@
customKeySizeWindow,
getRandomDataWindow,
wantCAWindow,
- keyPasswordWindow,
+ passwordWindow,
genReqWindow,
genReqWindow,
genCertWindow,
@@ -305,6 +308,22 @@
->Add(2, 0, $cancelb, Newt::NEWT_ANCHOR_LEFT(), 1, 1, 0, 0);
}
+# Require that this Apache module (mod_nss or mod_ssl) be installed
+sub requireModule {
+
+ my $module = $nss ? "mod_nss" : "mod_ssl";
+ my $not_installed_msg = `rpm -q $module | grep "not installed"`;
+
+ if ($not_installed_msg) {
+ Newt::newtWinMessage("Error", "Close",
+ "$not_installed_msg".
+ "\nIt is required to generate this type of CSRs or certs".
+ "for this host:\n\nPress return to exit");
+ Newt::Finished();
+ exit 1;
+ }
+}
+
# Check that nss.conf exists
sub nssconfigFound {
# if it isn't in its usual place
@@ -652,7 +671,7 @@
$panel = Newt::Panel(1, 3, "Module access");
$panel->Add(0, 0, Newt::Textbox(70, 5, 0, $message));
- my $checkbox = Newt::Checkbox("Does the module require a password");
+ my $checkbox = Newt::Checkbox("Module access password if any");
$panel->Add(0, 1, $checkbox);
$panel->Add(0, 2, NextBackCancelButton());
@@ -714,7 +733,7 @@
# Prompts for key encryption password
# When using NSS it prompts for the
# module acces password instead.
-sub keyPasswordWindow
+sub passwordWindow
{
return moduleAccesPasswordWindow() if $nss;
@@ -924,11 +943,10 @@
use integer;
my $months = $days ? $days / 30 : 24;
- my $keysize = $bits;
# build the arguments for a gen cert call, self-signed
my $args = "-c makecert ";
- $args .= "-g $keysize ";
+ $args .= "-g $bits ";
$args .= "-s $subject ";
$args .= "-v $months ";
$args .= "-a "; ## using ascii
@@ -939,7 +957,7 @@
$args .= "-o $certfile ";
$args .= "-k $keyfile";
- nssUtilCmd("$ssltop/keyutil", $args);
+ nssUtilCmd("$bindir/keyutil", $args);
if (!-f $certfile) {
Newt::newtWinMessage("Error", "Close",
@@ -985,7 +1003,7 @@
# user wants the key in the clear
$args .= "-z $noisefile " if $noisefile;
- nssUtilCmd("$ssltop/keyutil", $args);
+ nssUtilCmd("$bindir/keyutil", $args);
unlink($noisefile);
Newt::Resume();
More information about the fedora-extras-commits
mailing list