# -------------------------------------------------------------------------- ### # # Copyright (c) Ensim Corporation 2000, 2001 All Rights Reserved. # # This software is furnished under a license and may be used and copied # only in accordance with the terms of such license and with the # inclusion of the above copyright notice. This software or any other # copies thereof may not be provided or otherwise made available to any # other person. No title to and ownership of the software is hereby # transferred. # # The information in this software is subject to change without notice # and should not be construed as a commitment by Ensim Corporation. # Ensim assumes no responsibility for the use or reliability of its # software on equipment which is not supplied by Ensim. # # Exit codes (on failure error message goes to stderr): # 0 - success # 1 - failure # # Boolean arguments on the command line are given as 0 or 1. All the # command line arguments are encoded to avoid problems with escapes. # # All functions defined here either return an error message if an # error occured and "" if everything went well or allways return a # valid value, but exit (with code 1) printing an error message if an # error occurs. This second type of functions have _e appended to # their name. Functions are allowed to print results onto stdout, but # errors are printed only in the main program. # -------------------------------------------------------------------------- # $Id: SSLconf.pm,v 1.9.148.4 2006/07/04 11:34:07 arvindd Exp $ # $Name: $ # -------------------------------------------------------------------------- package SSLconf; use File::Basename; BEGIN { } END { } $config{'command'} = "/usr/bin/openssl"; $config{'key_command'} = "/usr/bin/openssl"; $mod_ssl_cf = "/etc/httpd/conf.d/ssl.conf"; # the location for the openssl.cnf file seems to have changed. # maybe a better option should be to deterministically pick up a particular conf # file depending on the version of openssl rpm or the redhat distro if (-f "/etc/pki/tls/openssl.cnf") { $config{'conf_file'} = "/etc/pki/tls/openssl.cnf"; } else { $config{'conf_file'} = "/usr/share/ssl/openssl.cnf"; } # Where are my httpd certificates. This should parse the # /etc/httpd/conf.d/ssl.conf file and get the Certificate and CertKeyfile. # If such file does not exists we will just assume previous files. if ( -f $mod_ssl_cf ){ open(MODSSLCF,$mod_ssl_cf) || die("Unable to open $mod_ssl_cf\n"); while( $line= ){ if ( $line=~ /^#/ ){ next; }else{ if( $line=~/^[ ]*SSLCertificateFile[ ]*/ ){ ($directive, $fname) = split(' ',$line); $config{'cert_file'}=$fname; } if( $line=~/^[ ]*SSLCertificateKeyFile[ ]*/ ){ ($directive, $fname) = split(' ',$line); $config{'key_file'}=$fname; } } } close(MODSSLCF); $mybasename = dirname($config{'key_file'}); $mybasename =~ s/private$/certs/ if $mybasename=~ /private$/; $mybasename =~ s/\.key$/\.csr/ if $mybasename=~ /key$/; $config{'req_file'} = $mybasename."server.csr"; }else{ $config{'cert_file'} = "/etc/httpd/conf/ssl.crt/server.crt"; $config{'req_file'} = "/etc/httpd/conf/ssl.csr/server.csr"; $config{'key_file'} = "/etc/httpd/conf/ssl.key/server.key"; } return 1;