[Pkg-apache-commits] r1081 - in /trunk/ssl-cert: debian/changelog make-ssl-cert
sf at alioth.debian.org
sf at alioth.debian.org
Sun Nov 1 11:14:05 UTC 2009
Author: sf
Date: Sun Nov 1 11:14:05 2009
New Revision: 1081
URL: http://svn.debian.org/wsvn/pkg-apache/?sc=1&rev=1081
Log:
Print error message if openssl fails
Modified:
trunk/ssl-cert/debian/changelog
trunk/ssl-cert/make-ssl-cert
Modified: trunk/ssl-cert/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/ssl-cert/debian/changelog?rev=1081&op=diff
==============================================================================
--- trunk/ssl-cert/debian/changelog (original)
+++ trunk/ssl-cert/debian/changelog Sun Nov 1 11:14:05 2009
@@ -1,6 +1,7 @@
ssl-cert (1.0.24) UNRELEASED; urgency=low
* Print error message if debconf fails. Closes: #288045
+ * Print error message if openssl fails. LP: #132714
* Create group even if user tweaked NAME_REGEX. Closes: #540016
* Update Slovak translation, thanks to helix84 at centrum.sk. Closes: #514376
* Fix typo. Closes: #536083 LP: #352157
Modified: trunk/ssl-cert/make-ssl-cert
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/ssl-cert/make-ssl-cert?rev=1081&op=diff
==============================================================================
--- trunk/ssl-cert/make-ssl-cert (original)
+++ trunk/ssl-cert/make-ssl-cert Sun Nov 1 11:14:05 2009
@@ -79,21 +79,35 @@
# sacrifice one char.
TMPFILE="$(mktemp)" || exit 1
+TMPOUT="$(mktemp)" || exit 1
+
+trap "rm -f $TMPFILE $TMPOUT" EXIT
create_temporary_cnf
# create the certificate.
if [ "$1" != "generate-default-snakeoil" ]; then
- openssl req -config $TMPFILE -new -x509 -days 3650 -nodes -out $output -keyout $output > /dev/null 2>&1
+ if ! openssl req -config $TMPFILE -new -x509 -days 3650 -nodes \
+ -out $output -keyout $output > $TMPOUT 2>&1
+ then
+ echo Could not create certificate. Openssl output was: >&2
+ cat $TMPOUT >&2
+ exit 1
+ fi
chmod 600 $output
# hash symlink
cd $(dirname $output)
ln -sf $(basename $output) $(openssl x509 -hash -noout -in $(basename $output))
else
- openssl req -config $TMPFILE -new -x509 -days 3650 -nodes \
+ if ! openssl req -config $TMPFILE -new -x509 -days 3650 -nodes \
-out /etc/ssl/certs/ssl-cert-snakeoil.pem \
- -keyout /etc/ssl/private/ssl-cert-snakeoil.key > /dev/null 2>&1
+ -keyout /etc/ssl/private/ssl-cert-snakeoil.key > $TMPOUT 2>&1
+ then
+ echo Could not create certificate. Openssl output was: >&2
+ cat $TMPOUT >&2
+ exit 1
+ fi
chmod 644 /etc/ssl/certs/ssl-cert-snakeoil.pem
chmod 640 /etc/ssl/private/ssl-cert-snakeoil.key
chown root:ssl-cert /etc/ssl/private/ssl-cert-snakeoil.key
@@ -101,6 +115,3 @@
cd /etc/ssl/certs/
ln -sf ssl-cert-snakeoil.pem $(openssl x509 -hash -noout -in ssl-cert-snakeoil.pem)
fi
-
-# cleanup
-rm -f $TMPFILE
More information about the Pkg-apache-commits
mailing list