[Pkg-apache-commits] r1081 - in /trunk/ssl-cert: debian/changelog make-ssl-cert

sf at alioth.debian.org sf at alioth.debian.org
Sun Nov 1 11:14:05 UTC 2009 

Author: sf
Date: Sun Nov  1 11:14:05 2009
New Revision: 1081

URL: http://svn.debian.org/wsvn/pkg-apache/?sc=1&rev=1081
Log:
Print error message if openssl fails

Modified:
    trunk/ssl-cert/debian/changelog
    trunk/ssl-cert/make-ssl-cert

Modified: trunk/ssl-cert/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/ssl-cert/debian/changelog?rev=1081&op=diff
==============================================================================
--- trunk/ssl-cert/debian/changelog (original)
+++ trunk/ssl-cert/debian/changelog Sun Nov  1 11:14:05 2009
@@ -1,6 +1,7 @@
 ssl-cert (1.0.24) UNRELEASED; urgency=low
 
   * Print error message if debconf fails. Closes: #288045
+  * Print error message if openssl fails. LP: #132714
   * Create group even if user tweaked NAME_REGEX. Closes: #540016
   * Update Slovak translation, thanks to helix84 at centrum.sk. Closes: #514376
   * Fix typo. Closes: #536083 LP: #352157

Modified: trunk/ssl-cert/make-ssl-cert
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/ssl-cert/make-ssl-cert?rev=1081&op=diff
==============================================================================
--- trunk/ssl-cert/make-ssl-cert (original)
+++ trunk/ssl-cert/make-ssl-cert Sun Nov  1 11:14:05 2009
@@ -79,21 +79,35 @@
 # sacrifice one char.
 
 TMPFILE="$(mktemp)" || exit 1
+TMPOUT="$(mktemp)"  || exit 1
+
+trap "rm -f $TMPFILE $TMPOUT" EXIT
 
 create_temporary_cnf
 
 # create the certificate.
 
 if [ "$1" != "generate-default-snakeoil" ]; then
-    openssl req -config $TMPFILE -new -x509 -days 3650 -nodes -out $output -keyout $output > /dev/null 2>&1
+    if ! openssl req -config $TMPFILE -new -x509 -days 3650 -nodes \
+	-out $output -keyout $output > $TMPOUT 2>&1
+    then
+	echo Could not create certificate. Openssl output was: >&2
+	cat $TMPOUT >&2
+	exit 1
+    fi
     chmod 600 $output
     # hash symlink
     cd $(dirname $output)
     ln -sf $(basename $output) $(openssl x509 -hash -noout -in $(basename $output))
 else
-    openssl req -config $TMPFILE -new -x509 -days 3650 -nodes \
+    if ! openssl req -config $TMPFILE -new -x509 -days 3650 -nodes \
 	-out /etc/ssl/certs/ssl-cert-snakeoil.pem \
-        -keyout /etc/ssl/private/ssl-cert-snakeoil.key > /dev/null 2>&1
+        -keyout /etc/ssl/private/ssl-cert-snakeoil.key > $TMPOUT 2>&1
+    then
+	echo Could not create certificate. Openssl output was: >&2
+	cat $TMPOUT >&2
+	exit 1
+    fi
     chmod 644 /etc/ssl/certs/ssl-cert-snakeoil.pem
     chmod 640 /etc/ssl/private/ssl-cert-snakeoil.key
     chown root:ssl-cert /etc/ssl/private/ssl-cert-snakeoil.key
@@ -101,6 +115,3 @@
     cd /etc/ssl/certs/
     ln -sf ssl-cert-snakeoil.pem $(openssl x509 -hash -noout -in ssl-cert-snakeoil.pem)
 fi
-
-# cleanup
-rm -f $TMPFILE

More information about the Pkg-apache-commits mailing list