You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficcontrol.apache.org by fr...@apache.org on 2017/04/20 18:39:53 UTC
[04/44] incubator-trafficcontrol git commit: Removed openssl file and
now pass data directly to GenerateCert
Removed openssl file and now pass data directly to GenerateCert
(cherry picked from commit 9729d23677c3b8d2d4431d6e2e1335ff72fda7ff)
Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/64dc3bee
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/64dc3bee
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/64dc3bee
Branch: refs/heads/2.0.x
Commit: 64dc3bee748984622caa56588d7ba74c1819faa3
Parents: 13ba16d
Author: PeterRyder <pe...@gmail.com>
Authored: Mon Feb 6 10:51:43 2017 -0500
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Wed Apr 19 15:34:01 2017 -0600
----------------------------------------------------------------------
traffic_ops/install/bin/postinstall | 26 +++------------
traffic_ops/install/lib/GenerateCert.pm | 50 +++++++---------------------
2 files changed, 17 insertions(+), 59 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/64dc3bee/traffic_ops/install/bin/postinstall
----------------------------------------------------------------------
diff --git a/traffic_ops/install/bin/postinstall b/traffic_ops/install/bin/postinstall
index 7e13007..0c1d51b 100755
--- a/traffic_ops/install/bin/postinstall
+++ b/traffic_ops/install/bin/postinstall
@@ -270,17 +270,7 @@ sub generateOpenSSLConf {
my $userInput = shift;
my $fileName = shift;
- if ( !defined $userInput->{$fileName} ) {
- InstallUtils::logger( "No OpenSSL Configuration - questions will be asked", "info" );
-
- # write an empty config so openssl does not use an old file
- InstallUtils::writeJson( $fileName, my %emptyConfig );
- return;
- }
-
my %config = getConfig( $userInput, $fileName );
-
- InstallUtils::writeJson( $fileName, \%config );
return \%config;
}
@@ -408,7 +398,6 @@ sub getDefaults {
"config_var" => "password",
"hidden" => "true"
}
-
],
$dbConfFile => [
{
@@ -568,7 +557,6 @@ sub getDefaults {
sub setupDatabase {
my $todbconf = shift;
my $opensslconf = shift;
- my $genCert = shift;
my $setupMaxmind = shift;
InstallUtils::logger( "Setting up database", "info" );
@@ -600,7 +588,7 @@ sub setupDatabase {
InstallUtils::logger( "Failed to copy coverage zone file", "error" );
}
- if ( lc $genCert =~ /^y(?:es)?/ ) {
+ if ( lc $opensslconf->{"genCert"} =~ /^y(?:es)?/ ) {
if ( -x "/usr/bin/openssl" ) {
InstallUtils::logger( "Installing SSL Certificates", "info" );
$result = GenerateCert::createCert($opensslconf);
@@ -662,8 +650,9 @@ sub main {
InstallUtils::initLogger( $debug, $logFile );
+ print("unzipping log\n");
if ( -f "$logFile.gz" ) {
- InstallUtils::execCommand( "/bin/gunzip", "$logFile.gz" );
+ InstallUtils::execCommand( "/bin/gunzip", "-f", "$logFile.gz" );
}
InstallUtils::logger( "Starting postinstall", "info" );
@@ -687,7 +676,7 @@ sub main {
return;
}
- InstallUtils::logger( "Postinstall " . ( defined $reconfigure ? "in" : "not" ) . " in reconfigure mode", "info" );
+ InstallUtils::logger( "Postinstall " . ( $reconfigure ? "" : "not " ) . "in reconfigure mode", "info" );
InstallUtils::rotateLog($cpanLogFile);
@@ -761,12 +750,7 @@ sub main {
# if reconfigure is set then setup the database
if ($reconfigure) {
- if ($automatic) {
- setupDatabase( $todbconf, $opensslConfFile, $opensslconf->{"genCert"}, $todbconf->{"maxmind"} );
- }
- else {
- setupDatabase( $todbconf, 0, $opensslconf->{"genCert"}, $todbconf->{"maxmind"} );
- }
+ setupDatabase( $todbconf, $opensslconf, $todbconf->{"maxmind"} );
}
InstallUtils::logger( "Starting Traffic Ops", "info" );
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/64dc3bee/traffic_ops/install/lib/GenerateCert.pm
----------------------------------------------------------------------
diff --git a/traffic_ops/install/lib/GenerateCert.pm b/traffic_ops/install/lib/GenerateCert.pm
index 644e482..cad3782 100644
--- a/traffic_ops/install/lib/GenerateCert.pm
+++ b/traffic_ops/install/lib/GenerateCert.pm
@@ -114,14 +114,12 @@ sub execOpenssl {
return $result;
}
+
+# creates a certificate with parameters used from postinstall passed into $config
sub createCert {
# the file used for ssl configuration
- my $opensslconf = shift;
-
- if ( !defined $opensslconf ) {
- InstallUtils::logger( "No input file - running openssl configuration in interactive mode", "info" );
- }
+ my $config = shift;
InstallUtils::logger( $msg, "info" );
@@ -130,50 +128,26 @@ sub createCert {
my $params;
my $passphrase;
- # load the parameters for the certificate
- if ( defined $opensslconf ) {
- my $config = InstallUtils::readJson($opensslconf);
- if ( defined $config->{country} ) {
+ # create the string of parameters
+ $params = "/C=$config->{country}/ST=$config->{state}/L=$config->{locality}/O=$config->{company}/OU=$config->{org_unit}/CN=$config->{common_name}/";
- # the parameters to auto generate the certificate
- $params = "/C=$config->{country}/ST=$config->{state}/L=$config->{locality}/O=$config->{company}/OU=$config->{org_unit}/CN=$config->{common_name}/";
-
- $passphrase = $config->{rsaPassword};
- }
- }
+ $passphrase = $config->{rsaPassword};
InstallUtils::logger( "The server key has been generated", "info" );
- if ($params) {
- if ( execOpenssl( "Generating an RSA Private Server Key", "genrsa", "-des3", "-out", "server.key", "-passout", "pass:$passphrase", "1024" ) != 0 ) {
- exit 1;
- }
- if ( execOpenssl( "Creating a Certificate Signing Request (CSR)", "req", "-new", "-key", "server.key", "-out", "server.csr", "-passin", "pass:$passphrase", "-subj", $params ) != 0 ) {
- exit 1;
- }
+ if ( execOpenssl( "Generating an RSA Private Server Key", "genrsa", "-des3", "-out", "server.key", "-passout", "pass:$passphrase", "1024" ) != 0 ) {
+ exit 1;
}
- else {
- if ( execOpenssl( "Generating an RSA Private Server Key", "genrsa", "-des3", "-out", "server.key", "1024" ) != 0 ) {
- exit 1;
- }
- if ( execOpenssl( "Creating a Certificate Signing Request (CSR)", "req", "-new", "-key", "server.key", "-out", "server.csr") != 0 ) {
- exit 1;
- }
+ if ( execOpenssl( "Creating a Certificate Signing Request (CSR)", "req", "-new", "-key", "server.key", "-out", "server.csr", "-passin", "pass:$passphrase", "-subj", $params ) != 0 ) {
+ exit 1;
}
InstallUtils::logger( "The Certificate Signing Request has been generated", "info" );
InstallUtils::execCommand( "/bin/mv", "server.key", "server.key.orig" );
- if ($params) {
- if ( execOpenssl( "Removing the pass phrase from the server key", "rsa", "-in", "server.key.orig", "-out", "server.key", "-passin", "pass:$passphrase" ) != 0 ) {
- exit 1;
- }
- }
- else {
- if ( execOpenssl( "Removing the pass phrase from the server key", "rsa", "-in", "server.key.orig", "-out", "server.key") != 0 ) {
- exit 1;
- }
+ if ( execOpenssl( "Removing the pass phrase from the server key", "rsa", "-in", "server.key.orig", "-out", "server.key", "-passin", "pass:$passphrase" ) != 0 ) {
+ exit 1;
}
InstallUtils::logger( "The pass phrase has been removed from the server key", "info" );