elemental-ircd/tools/genssl.sh.in

#!/bin/sh
prefix="@prefix@"
exec_prefix="@exec_prefix@"
sysconfdir="@sysconfdir@"

echo "Generating self-signed certificate .. "
openssl req -x509 -nodes -newkey rsa:1024 -keyout "${sysconfdir}"/ssl.key -out "${sysconfdir}"/ssl.cert

echo "Generating Diffie-Hellman file for secure SSL/TLS negotiation .. "
openssl dhparam -out "${sysconfdir}"/dh.pem 1024

# If sysconfdir is relative to prefix, make the path relative. I.e.,
# prefix=/usr and sysconfdir=/etc -> relative_sysconfdir=/etc,
# prefix=/home/binki/chary and sysconfdir=/home/binki/chary/etc ->
# relative_sysconfdir=etc
relative_sysconfdir="${sysconfdir#${prefix%/}/}"
relative_sysconfdir="${relative_sysconfdir%/}"

cat <<EOF


Now change these lines in the IRCd config file:

    ssl_private_key = "${relative_sysconfdir}/ssl.key";
    ssl_cert = "${relative_sysconfdir}/ssl.cert";
    ssl_dh_params = "${relative_sysconfdir}/dh.pem";

Enjoy using ssl.
EOF
Add explicit support for being installed into a system triggered with --enable-fhs-paths. Add two mechanism for avoiding name-collisions in a system-wide installation of charybdis. The ssld and bandb daemons, intended to be directly used by ircd and not the user, install into libexec when --enable-fhs-paths is set. For binaries which are meant to be in PATH (bindir), such as ircd and viconf, there is now an option --with-program-prefix=progprefix inspired by automake. If the user specifies --with-program-prefix=charybdis, the ircd binary is named charybdisircd when installed. Add support for saving the pidfile to a rundir and storing the ban database in localstatedir instead of in sysconfdir. This is, again, conditional on --enable-fhs-paths. Fix(?) genssl.sh to always write created SSL key/certificate/dh parameters to the sysconfdir specified during ./configure. The previous behavior was to assume that the user ran genssl.sh after ensuring that his current working directory was either sysconfdir or a sibling directory of sysconfdir. 2012-03-01 04:16:29 +00:00			`#!/bin/sh`
			`prefix="@prefix@"`
			`exec_prefix="@exec_prefix@"`
			`sysconfdir="@sysconfdir@"`

			`echo "Generating self-signed certificate .. "`
			`openssl req -x509 -nodes -newkey rsa:1024 -keyout "${sysconfdir}"/ssl.key -out "${sysconfdir}"/ssl.cert`

			`echo "Generating Diffie-Hellman file for secure SSL/TLS negotiation .. "`
			`openssl dhparam -out "${sysconfdir}"/dh.pem 1024`

			`# If sysconfdir is relative to prefix, make the path relative. I.e.,`
			`# prefix=/usr and sysconfdir=/etc -> relative_sysconfdir=/etc,`
			`# prefix=/home/binki/chary and sysconfdir=/home/binki/chary/etc ->`
			`# relative_sysconfdir=etc`
			`relative_sysconfdir="${sysconfdir#${prefix%/}/}"`
			`relative_sysconfdir="${relative_sysconfdir%/}"`

			`cat <<EOF`


			`Now change these lines in the IRCd config file:`

			`ssl_private_key = "${relative_sysconfdir}/ssl.key";`
			`ssl_cert = "${relative_sysconfdir}/ssl.cert";`
			`ssl_dh_params = "${relative_sysconfdir}/dh.pem";`

			`Enjoy using ssl.`
			`EOF`