From 75b27e65dcf69b07ec3070971733def0cdac5669 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 26 Oct 2016 17:08:45 +0100 Subject: [PATCH] Checking that certs exist --- src/freedombone-app-xmpp | 26 ++++++++++++++++++++------ src/freedombone-utils-web | 4 ++-- 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/src/freedombone-app-xmpp b/src/freedombone-app-xmpp index f77907c6..b005f69f 100755 --- a/src/freedombone-app-xmpp +++ b/src/freedombone-app-xmpp @@ -310,7 +310,7 @@ function install_xmpp_main { fi # obtain a cert for the default domain - if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then + if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "0" ]]; then echo $'Obtaining certificate for the main domain' create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes' fi @@ -339,9 +339,9 @@ function install_xmpp_main { fi # create a certificate - if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then - if [ ! -f /etc/ssl/certs/xmpp.dhparam ]; then - ${PROJECT_NAME}-addcert -h xmpp --dhkey $DH_KEYLENGTH + if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "0" ]]; then + if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} xmpp) == "0" ]]; then + ${PROJECT_NAME}-addcert -h xmpp --dhkey ${DH_KEYLENGTH} check_certificates xmpp fi fi @@ -349,7 +349,7 @@ function install_xmpp_main { chown prosody:prosody /etc/ssl/certs/xmpp.* cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua - if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then + if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then sed -i "s|/etc/prosody/certs/example.com.key|/etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua sed -i "s|/etc/prosody/certs/example.com.crt|/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua else @@ -357,7 +357,7 @@ function install_xmpp_main { sed -i 's|/etc/prosody/certs/example.com.crt|/etc/ssl/certs/xmpp.crt|g' /etc/prosody/conf.avail/xmpp.cfg.lua fi if ! grep -q "xmpp.dhparam" /etc/prosody/conf.avail/xmpp.cfg.lua; then - if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam ]; then + if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME}) == "1" ]]; then sed -i "/certificate =/a\ dhparam = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" /etc/prosody/conf.avail/xmpp.cfg.lua else sed -i '/certificate =/a\ dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua @@ -451,6 +451,20 @@ function install_xmpp_main { fi sed -i "s/example.com/$DEFAULT_DOMAIN_NAME/g" /etc/prosody/prosody.cfg.lua + if [ $XMPP_DOMAIN_CODE ]; then + if [ ${#XMPP_DOMAIN_CODE} -gt 0 ]; then + if [[ $(cert_exists chat.${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then + sed -i 's|--Component "conference.|Component "chat.|g' /etc/prosody/prosody.cfg.lua + fi + if [[ $(cert_exists xmpp.${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then + sed -i 's|--Component "conference.|Component "xmpp.|g' /etc/prosody/prosody.cfg.lua + fi + if [[ $(cert_exists conference.${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then + sed -i 's|--Component "conference.|Component "conference.|g' /etc/prosody/prosody.cfg.lua + fi + fi + fi + systemctl restart prosody touch /home/$MY_USERNAME/README diff --git a/src/freedombone-utils-web b/src/freedombone-utils-web index c04c80ff..162b9730 100755 --- a/src/freedombone-utils-web +++ b/src/freedombone-utils-web @@ -234,7 +234,7 @@ function create_site_certificate { fi if [[ $ONION_ONLY == "no" ]]; then - if [[ $(cert_exists) == "0" ]]; then + if [[ $(cert_exists $SITE_DOMAIN_NAME) == "0" ]]; then if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then create_self_signed_cert else @@ -242,7 +242,7 @@ function create_site_certificate { fi else if [[ $LETSENCRYPT_ENABLED == "yes" ]]; then - if [[ $(cert_exists pem) == "0" ]]; then + if [[ $(cert_exists $SITE_DOMAIN_NAME pem) == "0" ]]; then create_letsencrypt_cert fi fi