[sr-dev] git:master: tls.cfg: update paths during installation

Daniel-Constantin Mierla miconda at gmail.com
Mon Sep 6 22:25:02 CEST 2010 

Module: sip-router
Branch: master
Commit: 0efe88e297c66d5a18131ffef22843c4dc5d439d
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=0efe88e297c66d5a18131ffef22843c4dc5d439d

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date:   Mon Sep  6 22:21:00 2010 +0200

tls.cfg: update paths during installation

- path to certificates is absolute and set to cfg dir

---

 modules/tls/Makefile |   14 +++++++++++++-
 modules/tls/tls.cfg  |   14 +++++++-------
 2 files changed, 20 insertions(+), 8 deletions(-)

diff --git a/modules/tls/Makefile b/modules/tls/Makefile
index a04aea6..f1c0f52 100644
--- a/modules/tls/Makefile
+++ b/modules/tls/Makefile
@@ -17,7 +17,9 @@ LIBS+=	-L$(LOCALBASE)/lib -L$(LOCALBASE)/ssl/lib \
 # NOTE: depending on the way in which libssl was compiled you might
 #       have to add -lz -lkrb5   (zlib and kerberos5).
 #       E.g.: make TLS_HOOKS=1 TLS_EXTRA_LIBS="-lz -lkrb5"
-MOD_INSTALL_CFGS=tls.cfg
+
+# dcm: tls.cfg installed via local 'install-cfg' to update paths
+#MOD_INSTALL_CFGS=tls.cfg
 
 DEFS+=-DOPENSER_MOD_INTERFACE
 
@@ -28,3 +30,13 @@ install-tls-cert: $(cfg_prefix)/$(cfg_dir)
 	MAIN_NAME=$(MAIN_NAME) ./$(SCR_NAME)_cert.sh -d $(cfg_prefix)/$(cfg_dir)
 
 install-cfg:  install-tls-cert
+	@$(call try_err, $(INSTALL_TOUCH) \
+			"$(cfg_prefix)/$(cfg_dir)tls.cfg.sample" )
+	@sed -e "s#/usr/local/etc/ser/#$(cfg_prefix)/$(cfg_dir)#g" \
+			-e "s#ser-selfsigned#$(MAIN_NAME)-selfsigned#g" \
+				< ./tls.cfg > "$(cfg_prefix)/$(cfg_dir)tls.cfg.sample"
+	@if [ -z "${skip_cfg_install}" -a \
+			! -f "$(cfg_prefix)/$(cfg_dir)tls.cfg" ]; then \
+		mv -f "$(cfg_prefix)/$(cfg_dir)tls.cfg.sample" \
+						"$(cfg_prefix)/$(cfg_dir)tls.cfg" ; \
+	fi
diff --git a/modules/tls/tls.cfg b/modules/tls/tls.cfg
index a5da29b..81d0a43 100644
--- a/modules/tls/tls.cfg
+++ b/modules/tls/tls.cfg
@@ -17,8 +17,8 @@
 method = TLSv1
 verify_certificate = no
 require_certificate = no
-private_key = ser-selfsigned.key
-certificate = ser-selfsigned.pem
+private_key = /usr/local/etc/ser/ser-selfsigned.key
+certificate = /usr/local/etc/ser/ser-selfsigned.pem
 
 # This is the default client domain, settings
 # in this domain will be used for all outgoing
@@ -42,8 +42,8 @@ require_certificate = yes
 #method = SSLv23
 #verify_certificate = yes
 #require_certificate = no
-#private_key = local_key.pem
-#certificate = local_cert.pem
+#private_key = /usr/local/etc/ser/local_key.pem
+#certificate = /usr/local/etc/ser/local_cert.pem
 #verify_depth = 3
 #ca_list = local_ca.pem
 
@@ -56,6 +56,6 @@ require_certificate = yes
 #
 #[client:195.37.77.101:5061]
 #verify_certificate = no
-#certificate = iptel_client.pem
-#private_key = iptel_key.pem
-#ca_list = iptel_ca.pem
+#certificate = /usr/local/etc/ser/iptel_client.pem
+#private_key = /usr/local/etc/ser/iptel_key.pem
+#ca_list = /usr/local/etc/ser/iptel_ca.pem

More information about the sr-dev mailing list