From 1f7da1f5a223776f67663a79b282f2f4344829c1 Mon Sep 17 00:00:00 2001 From: Andras Timar Date: Thu, 14 Apr 2016 18:47:35 +0200 Subject: [PATCH] loolwsd: install and package SSL key and certs if SSL is enabled --- loolwsd/Makefile.am | 14 +++++++------- loolwsd/configure.ac | 2 ++ loolwsd/loolwsd.spec.in | 5 +++++ 3 files changed, 14 insertions(+), 7 deletions(-) diff --git a/loolwsd/Makefile.am b/loolwsd/Makefile.am index 1f696c4ac..0748c6c18 100644 --- a/loolwsd/Makefile.am +++ b/loolwsd/Makefile.am @@ -12,6 +12,12 @@ loolwsdconfigdir = @LOOLWSD_CONFIGDIR@ loolwsdconfig_DATA = loolwsd.xml +if ENABLE_SSL +loolwsdconfig_DATA += etc/key.pem \ + etc/cert.pem \ + etc/ca-chain.cert.pem +endif + ACLOCAL_AMFLAGS = -I m4 AM_CPPFLAGS = -pthread -DLOOLWSD_DATADIR='"@LOOLWSD_DATADIR@"' -DLOOLWSD_CONFIGDIR='"@LOOLWSD_CONFIGDIR@"' @@ -140,7 +146,7 @@ clean-cache: # capabilities won't survive packaging anyway. Instead, handle it when # installing the RPM or Debian package. -all-local: loolforkit certificates @JAILS_PATH@ $(SYSTEM_STAMP) +all-local: loolforkit @JAILS_PATH@ $(SYSTEM_STAMP) if test "$$BUILDING_FROM_RPMBUILD" != yes; then \ sudo @SETCAP@ cap_fowner,cap_mknod,cap_sys_chroot=ep loolforkit; \ sudo @SETCAP@ cap_sys_admin=ep loolmount; \ @@ -148,9 +154,3 @@ all-local: loolforkit certificates @JAILS_PATH@ $(SYSTEM_STAMP) else \ echo "Skipping capability setting"; \ fi - -certificates: etc/cert.pem etc/key.pem etc/ca-chain.cert.pem - if test "$$BUILDING_FROM_RPMBUILD" != yes; then \ - sudo mkdir -p /etc/loolwsd ; \ - sudo cp $? /etc/loolwsd/ ; \ - fi diff --git a/loolwsd/configure.ac b/loolwsd/configure.ac index 8df2e115a..e372b2517 100644 --- a/loolwsd/configure.ac +++ b/loolwsd/configure.ac @@ -174,6 +174,8 @@ AS_IF([test "$enable_ssl" != "no"], [AC_DEFINE([ENABLE_SSL],1,[Whether to enable SSL])], [AC_DEFINE([ENABLE_SSL],0,[Whether to enable SSL])]) +AM_CONDITIONAL([ENABLE_SSL], [test "$enable_ssl" != "no"]) + ENABLE_SSL= if test "$enable_ssl" != "no"; then ssl_msg="ssl enabled" diff --git a/loolwsd/loolwsd.spec.in b/loolwsd/loolwsd.spec.in index 51101e554..d3b04b779 100644 --- a/loolwsd/loolwsd.spec.in +++ b/loolwsd/loolwsd.spec.in @@ -77,6 +77,11 @@ tar cf - . | (cd %{buildroot}/usr/share/loolwsd/loleaflet && tar xf -) %config(noreplace) /etc/cron.d/loolwsd.cron %config(noreplace) /etc/loolwsd/loolwsd.xml +%if %{ssl_support} == "YES" +%config(noreplace) %attr(400, %{owner}, %{owner}) /etc/loolwsd/key.pem +%config(noreplace) /etc/loolwsd/cert.pem +%config(noreplace) /etc/loolwsd/ca-chain.cert.pem +%endif %doc README