48 lines
1.4 KiB
Text
48 lines
1.4 KiB
Text
$NetBSD: patch-ax,v 1.1 2005/11/02 03:11:36 aolcarton Exp $
|
|
|
|
--- scepd/createcrl.in.orig 2001-04-04 19:36:40.000000000 -0400
|
|
+++ scepd/createcrl.in
|
|
@@ -14,16 +14,23 @@ scepconf=BINDIR/scepconf
|
|
crl2ldap=SBINDIR/crl2ldap
|
|
openssl=`${scepconf} scepd openssl`
|
|
|
|
+trap 'exit 1' USR1
|
|
+parentpid=$$
|
|
+(
|
|
+ (
|
|
+ (
|
|
${openssl} ca -config ${openscepdir}/openscep.cnf \
|
|
-cert ${openscepdir}/cacert.pem \
|
|
-keyfile ${openscepdir}/cakey.pem \
|
|
-out ${openscepdir}/crl.pem \
|
|
- -batch -gencrl -policy policy_unstructured
|
|
+ -batch -gencrl -policy policy_unstructured 2>&3
|
|
if [ $? -gt 0 ]
|
|
then
|
|
echo crl creation failed >&2
|
|
- exit 1
|
|
+ kill -USR1 $parentpid
|
|
fi
|
|
+ ) >&4 ) 3>&1 | grep -v "Using configuration from " >&2 ) 4>&1
|
|
+trap - USR1
|
|
|
|
# convert the crl to DER format
|
|
${openssl} crl -in ${openscepdir}/crl.pem \
|
|
@@ -36,15 +43,14 @@ fi
|
|
|
|
# update the entry in the directory (XXX assumes no blanks in ldapbase
|
|
# and binddn)
|
|
-ldaphost=`${scepconf} ldap ldaphost`
|
|
-ldapport=`${scepconf} ldap ldapport`
|
|
+ldapuri=`${scepconf} ldap ldapuri`
|
|
ldapbase=`${scepconf} ldap ldapbase`
|
|
binddn=`${scepconf} ldap binddn`
|
|
bindpw=`${scepconf} ldap bindpw`
|
|
ldapmodify=`${scepconf} ldap ldapmodify`
|
|
name=`${scepconf} scepd name`
|
|
|
|
-${crl2ldap} -h ${ldaphost} -p ${ldapport} \
|
|
+${crl2ldap} -H ${ldapuri} \
|
|
-D "${binddn}" -w "${bindpw}" "CN=${name},${ldapbase}" <${crlfile}
|
|
|
|
exit 0
|