Module: sip-router Branch: master Commit: 0efe88e297c66d5a18131ffef22843c4dc5d439d URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=0efe88e… Author: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt; Committer: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt; Date: Mon Sep 6 22:21:00 2010 +0200 tls.cfg: update paths during installation - path to certificates is absolute and set to cfg dir --- modules/tls/Makefile | 14 +++++++++++++- modules/tls/tls.cfg | 14 +++++++------- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/modules/tls/Makefile b/modules/tls/Makefile index a04aea6..f1c0f52 100644 --- a/modules/tls/Makefile +++ b/modules/tls/Makefile @@ -17,7 +17,9 @@ LIBS+= -L$(LOCALBASE)/lib -L$(LOCALBASE)/ssl/lib \ # NOTE: depending on the way in which libssl was compiled you might # have to add -lz -lkrb5 (zlib and kerberos5). # E.g.: make TLS_HOOKS=1 TLS_EXTRA_LIBS="-lz -lkrb5" -MOD_INSTALL_CFGS=tls.cfg + +# dcm: tls.cfg installed via local 'install-cfg' to update paths +#MOD_INSTALL_CFGS=tls.cfg DEFS+=-DOPENSER_MOD_INTERFACE @@ -28,3 +30,13 @@ install-tls-cert: $(cfg_prefix)/$(cfg_dir) MAIN_NAME=$(MAIN_NAME) ./$(SCR_NAME)_cert.sh -d $(cfg_prefix)/$(cfg_dir) install-cfg: install-tls-cert + @$(call try_err, $(INSTALL_TOUCH) \ + "$(cfg_prefix)/$(cfg_dir)tls.cfg.sample" ) + @sed -e "s#/usr/local/etc/ser/#$(cfg_prefix)/$(cfg_dir)#g" \ + -e "s#ser-selfsigned#$(MAIN_NAME)-selfsigned#g" \ + < ./tls.cfg > "$(cfg_prefix)/$(cfg_dir)tls.cfg.sample" + @if [ -z "${skip_cfg_install}" -a \ + ! -f "$(cfg_prefix)/$(cfg_dir)tls.cfg" ]; then \ + mv -f "$(cfg_prefix)/$(cfg_dir)tls.cfg.sample" \ + "$(cfg_prefix)/$(cfg_dir)tls.cfg" ; \ + fi diff --git a/modules/tls/tls.cfg b/modules/tls/tls.cfg index a5da29b..81d0a43 100644 --- a/modules/tls/tls.cfg +++ b/modules/tls/tls.cfg @@ -17,8 +17,8 @@ method = TLSv1 verify_certificate = no require_certificate = no -private_key = ser-selfsigned.key -certificate = ser-selfsigned.pem +private_key = /usr/local/etc/ser/ser-selfsigned.key +certificate = /usr/local/etc/ser/ser-selfsigned.pem # This is the default client domain, settings # in this domain will be used for all outgoing @@ -42,8 +42,8 @@ require_certificate = yes #method = SSLv23 #verify_certificate = yes #require_certificate = no -#private_key = local_key.pem -#certificate = local_cert.pem +#private_key = /usr/local/etc/ser/local_key.pem +#certificate = /usr/local/etc/ser/local_cert.pem #verify_depth = 3 #ca_list = local_ca.pem @@ -56,6 +56,6 @@ require_certificate = yes # #[client:195.37.77.101:5061] #verify_certificate = no -#certificate = iptel_client.pem -#private_key = iptel_key.pem -#ca_list = iptel_ca.pem +#certificate = /usr/local/etc/ser/iptel_client.pem +#private_key = /usr/local/etc/ser/iptel_key.pem +#ca_list = /usr/local/etc/ser/iptel_ca.pem