summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlexys Jacob <ultrabug@gentoo.org>2011-09-13 12:14:45 +0000
committerAlexys Jacob <ultrabug@gentoo.org>2011-09-13 12:14:45 +0000
commit0054485e0464009dbfc5bad5b38e8330c8bea89d (patch)
tree5982c41bc0f3ec83286d51063f47712a58dda181 /app-admin/rsyslog
parentClean old entries. (diff)
downloadhistorical-0054485e0464009dbfc5bad5b38e8330c8bea89d.tar.gz
historical-0054485e0464009dbfc5bad5b38e8330c8bea89d.tar.bz2
historical-0054485e0464009dbfc5bad5b38e8330c8bea89d.zip
Drop old vulnerable versions wrt #381637
Package-Manager: portage-2.1.10.14/cvs/Linux x86_64
Diffstat (limited to 'app-admin/rsyslog')
-rw-r--r--app-admin/rsyslog/ChangeLog6
-rw-r--r--app-admin/rsyslog/Manifest16
-rw-r--r--app-admin/rsyslog/rsyslog-5.6.5.ebuild214
-rw-r--r--app-admin/rsyslog/rsyslog-5.8.3.ebuild228
4 files changed, 11 insertions, 453 deletions
diff --git a/app-admin/rsyslog/ChangeLog b/app-admin/rsyslog/ChangeLog
index 47118a0973ac..add68c356927 100644
--- a/app-admin/rsyslog/ChangeLog
+++ b/app-admin/rsyslog/ChangeLog
@@ -1,6 +1,10 @@
# ChangeLog for app-admin/rsyslog
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/ChangeLog,v 1.59 2011/09/11 09:28:27 maekke Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/ChangeLog,v 1.60 2011/09/13 12:14:45 ultrabug Exp $
+
+ 13 Sep 2011; Ultrabug <ultrabug@gentoo.org> -rsyslog-5.6.5.ebuild,
+ -rsyslog-5.8.3.ebuild:
+ Drop old vulnerable versions wrt #381637
11 Sep 2011; Markus Meier <maekke@gentoo.org> rsyslog-5.8.5.ebuild:
x86 stable, bug #381637
diff --git a/app-admin/rsyslog/Manifest b/app-admin/rsyslog/Manifest
index f05ec0b1ac60..a2014c6ff324 100644
--- a/app-admin/rsyslog/Manifest
+++ b/app-admin/rsyslog/Manifest
@@ -1,23 +1,19 @@
-----BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
+Hash: SHA256
AUX 5-stable/rsyslog-gentoo.conf 3998 RMD160 db8979c4cfe4aa43c6ae5583972a21037dddd161 SHA1 9d4702ac3b505293ad922cc85ef20f0a4a3ae848 SHA256 d31ba477fb94c82cd2362694b680d43bfc5eb83c6e930202feb7531c4396982b
AUX 5-stable/rsyslog.confd 654 RMD160 ca340f748c84404df86bfdaf9ca9d47d0ff38121 SHA1 e56695ebc21a30f60f1b070f8f26236677ef5d81 SHA256 c476c2180fcceaf581d26d2da6201fbe7a2b9fc89c58456fdb3bdaf18a4cbb56
AUX 5-stable/rsyslog.initd 944 RMD160 44c17fc063f2f80679803533dae6905d0044daab SHA1 1d73dac4178b37f2874d1b7cf8dadf8a4a976776 SHA256 b82b955b33ad6eafd876d5da1fa94a8d74163c8a13110d888adc219efffc2d51
AUX 5-stable/rsyslog.logrotate 440 RMD160 b2599c94c718af02a641e762960b9796952411bb SHA1 228dba04c683d778bccd86f6bcd80650b9c774b4 SHA256 f0effc19bd1f1bfa367d65d6516c73509cb34545157b9e91cf6e437685dd3fe5
-DIST rsyslog-5.6.5.tar.gz 2260991 RMD160 a954e783151f2854b1ea4fe9f1cc768e9222c027 SHA1 959c74f4b7a9ed1126b96b117053cd903915ad38 SHA256 4aa1036e9ec468aa7ab38095969d363941c815dd1ba6fabcd593d16baef1b859
-DIST rsyslog-5.8.3.tar.gz 2371617 RMD160 3dfa4c86cb18cdae271cb6fa3790931caea92cb4 SHA1 5f48e244050592a3e609c36e19a268c48552b632 SHA256 6d8853ea08f24b184c4d0f7faef1729612ed2217cfa4fd1b089103ae75f05606
DIST rsyslog-5.8.5.tar.gz 2364874 RMD160 46b20433e0e5feb807b4777bb8141221fe5dd65b SHA1 a5dc735714b573f577db2892f596dcb0ef35c747 SHA256 a519704c06de1026847f69d99f31a2a32783e9547f5249dddefe805bfbc3ea50
DIST rsyslog-zeromq.tar.gz 22223 RMD160 632a1888d3972da4ce623c8f6973c72b026b035c SHA1 e6f02c25af19022d0cc9d4782f58db3fc27a9f0f SHA256 3cca6ce8722ec5035744a9b88e65b89b35f6b2e6bbdbc9c9bba89d22addd2753
-EBUILD rsyslog-5.6.5.ebuild 6319 RMD160 d09296b3024e6f3fc6561c3e11d3fab4bd95d7fa SHA1 d77babde18a16ef6d4b561a5e2eec140cd9dc032 SHA256 169078cda9b4d59a2111154f2a13b1b3071fe9e3497cbd6c374dad495de6af28
-EBUILD rsyslog-5.8.3.ebuild 6473 RMD160 b2fbf5eb700876ba1bf281f583365a90003b2a99 SHA1 69cb52af8a07ea01869f1f8c2f830506eebb18fd SHA256 fd75f7e4e486a70c74765825133317c319996bdb6e924f1e4afaa00d106de0d2
EBUILD rsyslog-5.8.5.ebuild 7286 RMD160 ce2622a45949c96fcbd52e782b85154052fc7d93 SHA1 7a7a4e26155bb6e3cb504b0c24d814f2ca612adf SHA256 c0e88de79f155d7b1202bc0349862b10dce6d347b945a8e79bdefc73afc13441
-MISC ChangeLog 11636 RMD160 c2172c49f470fdbc831143fff5d91ef69d25fd71 SHA1 dc4b42c24b9c049757016b7c57722ed619739955 SHA256 a3c58e28cf44fd1a90a8d51baa077c9bd72f4e7449570a3c1204a244ae46ffd9
+MISC ChangeLog 11776 RMD160 f511c56ce9f9d8e401f931f7d110366dbb366635 SHA1 34c40c5a3b35b161cf8b6417fccc56c30c242ce2 SHA256 77e240cc89ffc8eae62f194f8b8549b3c779b99366c91c22268046171221dc74
MISC metadata.xml 790 RMD160 b510baec6979e673985861b294cf81d684847aca SHA1 61f748e9f95c443b5df58e79884bb323af5cfb45 SHA256 582f1c0e1e7d4826802fae8bc1efeae83a2ee04496ccfd1776872fc0dc227b10
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.17 (GNU/Linux)
+Version: GnuPG v2.0.18 (GNU/Linux)
-iEYEARECAAYFAk5sf3UACgkQkKaRLQcq0GJT2QCePraci6duzjd7BIsW1uo9JtPI
-pygAnA0jUPRiheEuQ04x064Woec+0DOO
-=GGo0
+iF4EAREIAAYFAk5vST4ACgkQKiQSS7ZY+hPHiAEAkP3FVOM8c4uujsktRDjErQQL
+7HdhUqGL9hkD6Rm3w2cBANz0FmoxPH9q6JxBQTYnLobvdBSxGhkF/XqhK0ALsZiz
+=nfMr
-----END PGP SIGNATURE-----
diff --git a/app-admin/rsyslog/rsyslog-5.6.5.ebuild b/app-admin/rsyslog/rsyslog-5.6.5.ebuild
deleted file mode 100644
index ff1bf2df95cc..000000000000
--- a/app-admin/rsyslog/rsyslog-5.6.5.ebuild
+++ /dev/null
@@ -1,214 +0,0 @@
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/rsyslog-5.6.5.ebuild,v 1.8 2011/09/09 18:17:50 radhermit Exp $
-
-EAPI=3
-
-DESCRIPTION="An enhanced multi-threaded syslogd with database support and more."
-HOMEPAGE="http://www.rsyslog.com/"
-SRC_URI="http://www.rsyslog.com/files/download/${PN}/${P}.tar.gz"
-
-LICENSE="GPL-3 LGPL-3"
-KEYWORDS="amd64 ~arm hppa ~sparc x86"
-SLOT="0"
-IUSE="dbi debug doc extras gnutls kerberos mysql oracle postgres relp snmp static-libs zlib"
-
-RDEPEND="dbi? ( dev-db/libdbi )
- extras? ( net-libs/libnet )
- gnutls? ( net-libs/gnutls )
- kerberos? ( virtual/krb5 )
- mysql? ( virtual/mysql )
- postgres? ( dev-db/postgresql-base )
- oracle? ( dev-db/oracle-instantclient-basic )
- relp? ( >=dev-libs/librelp-0.1.3 )
- snmp? ( net-analyzer/net-snmp )
- zlib? ( sys-libs/zlib )"
-DEPEND="${RDEPEND}
- dev-util/pkgconfig"
-
-BRANCH="5-stable"
-
-# need access to certain device nodes
-RESTRICT="test"
-
-src_configure() {
- # Maintainer notes:
- # * rfc3195 needs a library and development of that library
- # is suspended, so we disable it
- # * About the java GUI:
- # The maintainer says there is no real installation support
- # for the java GUI, so we disable it for now.
- econf \
- --disable-gui \
- --disable-rfc3195 \
- --enable-largefile \
- --enable-unlimited-select \
- --enable-imdiag \
- --enable-imfile \
- --enable-imtemplate \
- --enable-imptcp \
- --enable-mail \
- --enable-omprog \
- --enable-omstdout \
- --enable-omtemplate \
- --enable-omdbalerting \
- --enable-omuxsock \
- --enable-pmlastmsg \
- --enable-pmrfc3164sd \
- $(use_enable extras omudpspoof) \
- $(use_enable zlib) \
- $(use_enable mysql) \
- $(use_enable dbi libdbi) \
- $(use_enable postgres pgsql) \
- $(use_enable oracle oracle) \
- $(use_enable gnutls) \
- $(use_enable kerberos gssapi-krb5) \
- $(use_enable relp) \
- $(use_enable snmp) \
- $(use_enable debug) \
- $(use_enable debug rtinst) \
- $(use_enable debug diagtools) \
- $(use_enable debug memcheck) \
- $(use_enable debug valgrind) \
- $(use_enable static-libs static)
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die "emake install failed"
-
- dodoc AUTHORS ChangeLog doc/rsyslog-example.conf || die
- use doc && dohtml -r doc/*
-
- insinto /etc
- newins "${FILESDIR}/${BRANCH}/rsyslog-gentoo.conf" rsyslog.conf || die
- newconfd "${FILESDIR}/${BRANCH}/rsyslog.confd" rsyslog || die
- newinitd "${FILESDIR}/${BRANCH}/rsyslog.initd" rsyslog || die
- keepdir /var/spool/rsyslog
- keepdir /etc/ssl/rsyslog
- keepdir /etc/rsyslog.d
-
- if use mysql; then
- insinto /usr/share/doc/${PF}/scripts/mysql
- doins plugins/ommysql/{createDB.sql,contrib/delete_mysql} || die
- fi
-
- if use postgres; then
- insinto /usr/share/doc/${PF}/scripts/pgsql
- doins plugins/ompgsql/createDB.sql || die
- fi
-
- insinto /etc/logrotate.d/
- newins "${FILESDIR}/${BRANCH}/rsyslog.logrotate" rsyslog || die
-}
-
-pkg_postinst() {
- if use mysql || use postgres; then
- echo
- elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
- elog " /usr/share/doc/${PF}/scripts"
- fi
-
- if use gnutls; then
- echo
- elog "To create a default CA and certificates for your server and clients, run:"
- elog " emerge --config =${PF}"
- elog "on your logging server. You can run it several times,"
- elog "once for each logging client. The client certificates will be signed"
- elog "using the CA certificate generated during the first run."
- fi
-}
-
-pkg_config() {
- if ! use gnutls ; then
- einfo "There is nothing to configure for rsyslog unless you"
- einfo "used USE=gnutls to build it."
- return 0
- fi
-
- # Make sure the certificates directory exists
- CERTDIR="${ROOT}/etc/ssl/${PN}"
- if [ ! -d "${CERTDIR}" ]; then
- mkdir "${CERTDIR}" || die
- fi
- einfo "Your certificates will be stored in ${CERTDIR}"
-
- # Create a default CA if needed
- if [ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]; then
- einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
- certtool --generate-privkey \
- --outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null
- chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
-
- cat > "${T}/${PF}.$$" <<_EOF
- cn = Portage automated CA
- ca
- cert_signing_key
- expiration_days = 3650
-_EOF
-
- certtool --generate-self-signed \
- --load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
- --outfile "${CERTDIR}/${PN}_ca.cert.pem" \
- --template "${T}/${PF}.$$" &>/dev/null
- chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
-
- # Create the server certificate
- echo
- einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
- read -r CN
-
- einfo "Creating private key and certificate for server ${CN}..."
- certtool --generate-privkey \
- --outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
- chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
-
- cat > "${T}/${PF}.$$" <<_EOF
- cn = ${CN}
- tls_www_server
- dns_name = ${CN}
- expiration_days = 3650
-_EOF
-
- certtool --generate-certificate \
- --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
- --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
- --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
- --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
- --template "${T}/${PF}.$$" &>/dev/null
- chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
-
- else
- einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
- fi
-
- # Create a client certificate
- echo
- einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
- read -r CN
-
- einfo "Creating private key and certificate for client ${CN}..."
- certtool --generate-privkey \
- --outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
- chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
-
- cat > "${T}/${PF}.$$" <<_EOF
- cn = ${CN}
- tls_www_client
- dns_name = ${CN}
- expiration_days = 3650
-_EOF
-
- certtool --generate-certificate \
- --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
- --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
- --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
- --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
- --template "${T}/${PF}.$$" &>/dev/null
- chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
-
- rm -f "${T}/${PF}.$$"
-
- echo
- einfo "Here is the documentation on how to encrypt your log traffic:"
- einfo " http://www.rsyslog.com/doc/rsyslog_tls.html"
-}
diff --git a/app-admin/rsyslog/rsyslog-5.8.3.ebuild b/app-admin/rsyslog/rsyslog-5.8.3.ebuild
deleted file mode 100644
index ff3f93130808..000000000000
--- a/app-admin/rsyslog/rsyslog-5.8.3.ebuild
+++ /dev/null
@@ -1,228 +0,0 @@
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/rsyslog-5.8.3.ebuild,v 1.2 2011/09/09 18:17:50 radhermit Exp $
-
-EAPI=4
-
-inherit autotools-utils systemd
-
-DESCRIPTION="An enhanced multi-threaded syslogd with database support and more."
-HOMEPAGE="http://www.rsyslog.com/"
-SRC_URI="http://www.rsyslog.com/files/download/${PN}/${P}.tar.gz"
-
-LICENSE="GPL-3 LGPL-3"
-KEYWORDS="~amd64 ~arm ~hppa ~sparc ~x86"
-SLOT="0"
-IUSE="dbi debug doc extras gnutls kerberos mysql oracle postgres relp snmp static-libs zlib"
-
-RDEPEND="dbi? ( dev-db/libdbi )
- extras? ( net-libs/libnet )
- gnutls? ( net-libs/gnutls )
- kerberos? ( virtual/krb5 )
- mysql? ( virtual/mysql )
- postgres? ( dev-db/postgresql-base )
- oracle? ( dev-db/oracle-instantclient-basic )
- relp? ( >=dev-libs/librelp-0.1.3 )
- snmp? ( net-analyzer/net-snmp )
- zlib? ( sys-libs/zlib )"
-DEPEND="${RDEPEND}
- dev-util/pkgconfig"
-
-BRANCH="5-stable"
-
-# need access to certain device nodes
-RESTRICT="test"
-
-# Maitainer note : open a bug to upstream
-# showing that building in a separate dir fails
-AUTOTOOLS_IN_SOURCE_BUILD=1
-
-DOCS=(AUTHORS ChangeLog doc/rsyslog-example.conf)
-
-src_configure() {
- # Maintainer notes:
- # * rfc3195 needs a library and development of that library
- # is suspended, so we disable it
- # * About the java GUI:
- # The maintainer says there is no real installation support
- # for the java GUI, so we disable it for now.
- local myeconfargs=(
- --disable-gui
- --disable-rfc3195
- --enable-largefile
- --enable-unlimited-select
- --enable-imdiag
- --enable-imfile
- --enable-impstats
- --enable-imtemplate
- --enable-imptcp
- --enable-mail
- --enable-omprog
- --enable-omstdout
- --enable-omtemplate
- --enable-omdbalerting
- --enable-omuxsock
- --enable-pmlastmsg
- --enable-pmrfc3164sd
- --enable-pmcisconames
- --enable-pmaixforwardedfrom
- --enable-pmsnare
- $(use_enable extras omudpspoof)
- $(use_enable zlib)
- $(use_enable mysql)
- $(use_enable dbi libdbi)
- $(use_enable postgres pgsql)
- $(use_enable oracle oracle)
- $(use_enable gnutls)
- $(use_enable kerberos gssapi-krb5)
- $(use_enable relp)
- $(use_enable snmp)
- $(use_enable snmp mmsnmptrapd)
- $(use_enable debug)
- $(use_enable debug rtinst)
- $(use_enable debug diagtools)
- $(use_enable debug memcheck)
- $(use_enable debug valgrind)
- )
-
- systemd_to_myeconfargs
- autotools-utils_src_configure
-}
-
-src_install() {
- use doc && HTML_DOCS=(doc/)
- autotools-utils_src_install
-
- insinto /etc
- newins "${FILESDIR}/${BRANCH}/${PN}-gentoo.conf" ${PN}.conf
- newconfd "${FILESDIR}/${BRANCH}/${PN}.confd" ${PN}
- newinitd "${FILESDIR}/${BRANCH}/${PN}.initd" ${PN}
- keepdir /var/spool/${PN}
- keepdir /etc/ssl/${PN}
- keepdir /etc/${PN}.d
-
- if use mysql; then
- insinto /usr/share/doc/${PF}/scripts/mysql
- doins plugins/ommysql/{createDB.sql,contrib/delete_mysql}
- fi
-
- if use postgres; then
- insinto /usr/share/doc/${PF}/scripts/pgsql
- doins plugins/ompgsql/createDB.sql
- fi
-
- insinto /etc/logrotate.d/
- newins "${FILESDIR}/${BRANCH}/${PN}.logrotate" ${PN}
-}
-
-pkg_postinst() {
- if use mysql || use postgres; then
- echo
- elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
- elog " /usr/share/doc/${PF}/scripts"
- fi
-
- if use gnutls; then
- echo
- elog "To create a default CA and certificates for your server and clients, run:"
- elog " emerge --config =${PF}"
- elog "on your logging server. You can run it several times,"
- elog "once for each logging client. The client certificates will be signed"
- elog "using the CA certificate generated during the first run."
- fi
-}
-
-pkg_config() {
- if ! use gnutls ; then
- einfo "There is nothing to configure for rsyslog unless you"
- einfo "used USE=gnutls to build it."
- return 0
- fi
-
- # Make sure the certificates directory exists
- CERTDIR="${ROOT}/etc/ssl/${PN}"
- if [ ! -d "${CERTDIR}" ]; then
- mkdir "${CERTDIR}" || die
- fi
- einfo "Your certificates will be stored in ${CERTDIR}"
-
- # Create a default CA if needed
- if [ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]; then
- einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
- certtool --generate-privkey \
- --outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null
- chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
-
- cat > "${T}/${PF}.$$" <<_EOF
- cn = Portage automated CA
- ca
- cert_signing_key
- expiration_days = 3650
-_EOF
-
- certtool --generate-self-signed \
- --load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
- --outfile "${CERTDIR}/${PN}_ca.cert.pem" \
- --template "${T}/${PF}.$$" &>/dev/null
- chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
-
- # Create the server certificate
- echo
- einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
- read -r CN
-
- einfo "Creating private key and certificate for server ${CN}..."
- certtool --generate-privkey \
- --outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
- chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
-
- cat > "${T}/${PF}.$$" <<_EOF
- cn = ${CN}
- tls_www_server
- dns_name = ${CN}
- expiration_days = 3650
-_EOF
-
- certtool --generate-certificate \
- --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
- --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
- --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
- --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
- --template "${T}/${PF}.$$" &>/dev/null
- chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
-
- else
- einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
- fi
-
- # Create a client certificate
- echo
- einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
- read -r CN
-
- einfo "Creating private key and certificate for client ${CN}..."
- certtool --generate-privkey \
- --outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
- chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
-
- cat > "${T}/${PF}.$$" <<_EOF
- cn = ${CN}
- tls_www_client
- dns_name = ${CN}
- expiration_days = 3650
-_EOF
-
- certtool --generate-certificate \
- --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
- --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
- --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
- --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
- --template "${T}/${PF}.$$" &>/dev/null
- chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
-
- rm -f "${T}/${PF}.$$"
-
- echo
- einfo "Here is the documentation on how to encrypt your log traffic:"
- einfo " http://www.rsyslog.com/doc/rsyslog_tls.html"
-}