diff options
author | Simon Rettberg | 2021-06-18 14:32:04 +0200 |
---|---|---|
committer | Simon Rettberg | 2021-06-18 14:32:04 +0200 |
commit | 1169c84ac66f4c75c51e2525c5e55ce77bbe792d (patch) | |
tree | 1d74152c5e1143ac6c70b0ff8fb66aeccc0c00fa /satellit_installer/static_files/lighttpd/opt/openslx/slx-cert | |
parent | [SSPS] Properly copy ipxe config (diff) | |
download | setup-scripts-1169c84ac66f4c75c51e2525c5e55ce77bbe792d.tar.gz setup-scripts-1169c84ac66f4c75c51e2525c5e55ce77bbe792d.tar.xz setup-scripts-1169c84ac66f4c75c51e2525c5e55ce77bbe792d.zip |
[SSPS] slx-cert: Fix handling missing/outdated packed certificate
Diffstat (limited to 'satellit_installer/static_files/lighttpd/opt/openslx/slx-cert')
-rwxr-xr-x | satellit_installer/static_files/lighttpd/opt/openslx/slx-cert | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert b/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert index 109a6c1..e25e3d7 100755 --- a/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert +++ b/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert @@ -86,6 +86,7 @@ create_conf () { MYCA } +latest_ca_file= ca_last= for i in "${PRIV}"/ca-??????????.key; do [ -s "$i" ] || continue @@ -99,6 +100,7 @@ for i in "${PRIV}"/ca-??????????.key; do continue fi ca_last="$ts" + latest_ca_file="${CERT}/ca-${ts}.crt" done mknew= @@ -128,7 +130,9 @@ if [ -z "$ca_last" ] || (( NOW + ca_min_remain_s > ca_last )); then rm -rf -- "$ca_dir" "$csr" fi -if [ -n "$mknew" ]; then + +if [ -n "$mknew" ] || ! [ -s "/opt/openslx/configs/modules/self-signed-ca.tar" ] \ + || [ "/opt/openslx/configs/modules/self-signed-ca.tar" -ot "$latest_ca_file" ]; then # Rebuild config module for clients echo "Updating client config module..." ( @@ -138,7 +142,7 @@ if [ -n "$mknew" ]; then openssl rehash . tar -c -k -f "/opt/openslx/configs/modules/self-signed-ca.tar" \ --transform 's#^[./][./]*#/opt/openslx/ssl/#' . - cd /tmp + cd /tmp || exit 7 rm -rf -- "$tmpdir" sudo -u www-data -n php /srv/openslx/www/slx-admin/api.php sysconfig --action rebuild echo "." |