smeserver-ejabberd/contribs7/smeserver-ejabberd-2.0.0-SSLCert.patch

--- smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/home/e-smith/ssl.pem/80ejabberd.pem.SSLCert     2008-06-22 20:48:27.000000000 +0200
+++ smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/home/e-smith/ssl.pem/80ejabberd.pem     2008-06-22 18:56:56.000000000 +0200
@@ -0,0 +1,19 @@
+{
+    my $domain = $DomainName || "localdomain";
+    my $hostname = $SystemName || "localhost";
+    my $ppid = $$;
+    $pid = fork();
+    if( $pid == 0 ){
+        # wait for SME cert to be expanded
+       waitpid($ppid,0);
+       use esmith::templates;
+        esmith::templates::processTemplate({
+           TEMPLATE_PATH => "/home/e-smith/ssl.pem/$hostname.$domain.pem" ,
+           TEMPLATE_EXPAND_QUEUE => [ "/" ] ,
+           OUTPUT_FILENAME => "/var/service/ejabberd/ssl/cert.pem" ,
+           UID => "ejabberd" ,
+           PERMS => 0640 ,
+           });
+       exec 'sv', '2', '/service/ejabberd';
+    }
+}
\ Pas de fin de ligne à la fin du fichier.
--- smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports30http.SSLCert 2008-06-22 20:44:21.000000000 +0200
+++ smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports30http 2008-06-22 18:56:56.000000000 +0200
@@ -3,10 +3,7 @@
     $OUT .= "\n";
     $OUT .= '    %% remove web_admin to disable admin interface:';
     $OUT .= "\n";
-    $OUT .= '    ,{5280, ejabberd_http,    [tls, {certfile, "/home/e-smith/ssl.pem/';
-    $OUT .= ${SystemName};
-    $OUT .= ('.' . ${DomainName});
-    $OUT .= '.pem"}, http_poll';
+    $OUT .= '    ,{5280, ejabberd_http,    [tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}, http_poll';
     $OUT .= ', web_admin' if (${ejabberd}{WebAdmin} eq 'enabled');
     $OUT .= ']}';
     $OUT .= "\n";
--- smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports10c2s.SSLCert  2008-06-22 20:44:21.000000000 +0200
+++ smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports10c2s  2008-06-22 18:56:56.000000000 +0200
@@ -2,32 +2,23 @@
     $OUT =<<'HERE';
           %%{5222, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, {shaper, c2s_shaper}]},
          %% Use this line to enable SSL:
-         %%{5223, ejabberd_c2s,     [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/home/e-smith/server.pem"}]},
+         %%{5223, ejabberd_c2s,     [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},
          %% 
          %% Use those lines instead for TLS support:
-         %%{5222, ejabberd_c2s,     [{access, c2s}, {shaper, c2s_shaper}, starttls, {certfile, "/home/e-smith/server.pem"}]},
-         %%{5223, ejabberd_c2s,     [{access, c2s}, tls, {certfile, "/home/e-smith/server.pem"}]},
+         %%{5222, ejabberd_c2s,     [{access, c2s}, {shaper, c2s_shaper}, starttls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},
+         %%{5223, ejabberd_c2s,     [{access, c2s}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},
 
 HERE
     if ( ${ejabberd}{XMPPAccess} eq 'tls' ) {
-        $OUT .= '       {5222, ejabberd_c2s,     [{access, c2s}, {shaper, c2s_shaper}, starttls_required, {certfile, "/home/e-smith/ssl.pem/';
-        $OUT .= ${SystemName};
-        $OUT .= ('.' . ${DomainName});
-        $OUT .= '.pem"}]},';
+        $OUT .= '       {5222, ejabberd_c2s,     [{access, c2s}, {shaper, c2s_shaper}, starttls_required, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},';
         $OUT .= "\n";
-        $OUT .= '       {5223, ejabberd_c2s,     [{access, c2s}, tls, {certfile, "/home/e-smith/ssl.pem/';
-        $OUT .= ${SystemName};
-        $OUT .= ('.' . ${DomainName});
-        $OUT .= '.pem"}]}';
+        $OUT .= '       {5223, ejabberd_c2s,     [{access, c2s}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]}';
         $OUT .= "\n\n";
        }
     else {
         $OUT .= '       {5222, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, {shaper, c2s_shaper}]},';
         $OUT .= "\n";
-        $OUT .= '       {5223, ejabberd_c2s,     [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/home/e-smith/ssl.pem/';
-        $OUT .= ${SystemName};
-        $OUT .= ('.' . ${DomainName});
-        $OUT .= '.pem"}]}';
+        $OUT .= '       {5223, ejabberd_c2s,     [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]}';
         $OUT .= "\n\n";
        }
 }
\ Pas de fin de ligne à la fin du fichier.
--- smeserver-ejabberd-2.0.0/root/var/service/ejabberd/control/2.SSLCert        2008-06-22 20:47:37.000000000 +0200
+++ smeserver-ejabberd-2.0.0/root/var/service/ejabberd/control/2        2008-06-22 18:56:56.000000000 +0200
@@ -0,0 +1,5 @@
+#! /bin/sh
+
+test /var/service/ejabberd/ssl/cert.pem -nt ./supervise/pid || exit 0
+sv t .
+
1	gnujpl	1.1	--- smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/home/e-smith/ssl.pem/80ejabberd.pem.SSLCert 2008-06-22 20:48:27.000000000 +0200
2			+++ smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/home/e-smith/ssl.pem/80ejabberd.pem 2008-06-22 18:56:56.000000000 +0200
3			@@ -0,0 +1,19 @@
4			+{
5			+ my $domain = $DomainName \|\| "localdomain";
6			+ my $hostname = $SystemName \|\| "localhost";
7			+ my $ppid = $$;
8			+ $pid = fork();
9			+ if( $pid == 0 ){
10			+ # wait for SME cert to be expanded
11			+ waitpid($ppid,0);
12			+ use esmith::templates;
13			+ esmith::templates::processTemplate({
14			+ TEMPLATE_PATH => "/home/e-smith/ssl.pem/$hostname.$domain.pem" ,
15			+ TEMPLATE_EXPAND_QUEUE => [ "/" ] ,
16			+ OUTPUT_FILENAME => "/var/service/ejabberd/ssl/cert.pem" ,
17			+ UID => "ejabberd" ,
18			+ PERMS => 0640 ,
19			+ });
20			+ exec 'sv', '2', '/service/ejabberd';
21			+ }
22			+}
23			\ Pas de fin de ligne à la fin du fichier.
24			--- smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports30http.SSLCert 2008-06-22 20:44:21.000000000 +0200
25			+++ smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports30http 2008-06-22 18:56:56.000000000 +0200
26			@@ -3,10 +3,7 @@
27			$OUT .= "\n";
28			$OUT .= ' %% remove web_admin to disable admin interface:';
29			$OUT .= "\n";
30			- $OUT .= ' ,{5280, ejabberd_http, [tls, {certfile, "/home/e-smith/ssl.pem/';
31			- $OUT .= ${SystemName};
32			- $OUT .= ('.' . ${DomainName});
33			- $OUT .= '.pem"}, http_poll';
34			+ $OUT .= ' ,{5280, ejabberd_http, [tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}, http_poll';
35			$OUT .= ', web_admin' if (${ejabberd}{WebAdmin} eq 'enabled');
36			$OUT .= ']}';
37			$OUT .= "\n";
38			--- smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports10c2s.SSLCert 2008-06-22 20:44:21.000000000 +0200
39			+++ smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports10c2s 2008-06-22 18:56:56.000000000 +0200
40			@@ -2,32 +2,23 @@
41			$OUT =<<'HERE';
42			%%{5222, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, {shaper, c2s_shaper}]},
43			%% Use this line to enable SSL:
44			- %%{5223, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/home/e-smith/server.pem"}]},
45			+ %%{5223, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},
46			%%
47			%% Use those lines instead for TLS support:
48			- %%{5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}, starttls, {certfile, "/home/e-smith/server.pem"}]},
49			- %%{5223, ejabberd_c2s, [{access, c2s}, tls, {certfile, "/home/e-smith/server.pem"}]},
50			+ %%{5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}, starttls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},
51			+ %%{5223, ejabberd_c2s, [{access, c2s}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},
52
53			HERE
54			if ( ${ejabberd}{XMPPAccess} eq 'tls' ) {
55			- $OUT .= ' {5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}, starttls_required, {certfile, "/home/e-smith/ssl.pem/';
56			- $OUT .= ${SystemName};
57			- $OUT .= ('.' . ${DomainName});
58			- $OUT .= '.pem"}]},';
59			+ $OUT .= ' {5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}, starttls_required, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},';
60			$OUT .= "\n";
61			- $OUT .= ' {5223, ejabberd_c2s, [{access, c2s}, tls, {certfile, "/home/e-smith/ssl.pem/';
62			- $OUT .= ${SystemName};
63			- $OUT .= ('.' . ${DomainName});
64			- $OUT .= '.pem"}]}';
65			+ $OUT .= ' {5223, ejabberd_c2s, [{access, c2s}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]}';
66			$OUT .= "\n\n";
67			}
68			else {
69			$OUT .= ' {5222, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, {shaper, c2s_shaper}]},';
70			$OUT .= "\n";
71			- $OUT .= ' {5223, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/home/e-smith/ssl.pem/';
72			- $OUT .= ${SystemName};
73			- $OUT .= ('.' . ${DomainName});
74			- $OUT .= '.pem"}]}';
75			+ $OUT .= ' {5223, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]}';
76			$OUT .= "\n\n";
77			}
78			}
79			\ Pas de fin de ligne à la fin du fichier.
80			--- smeserver-ejabberd-2.0.0/root/var/service/ejabberd/control/2.SSLCert 2008-06-22 20:47:37.000000000 +0200
81			+++ smeserver-ejabberd-2.0.0/root/var/service/ejabberd/control/2 2008-06-22 18:56:56.000000000 +0200
82			@@ -0,0 +1,5 @@
83			+#! /bin/sh
84			+
85			+test /var/service/ejabberd/ssl/cert.pem -nt ./supervise/pid \|\| exit 0
86			+sv t .
87			+