smeserver-ejabberd/contribs7/smeserver-ejabberd-2.0.0-SSLCert.patch

--- smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/home/e-smith/ssl.pem/80ejabberd.pem.SSLCert     2008-06-22 20:48:27.000000000 +0200
+++ smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/home/e-smith/ssl.pem/80ejabberd.pem     2008-06-22 18:56:56.000000000 +0200
@@ -0,0 +1,19 @@
+{
+    my $domain = $DomainName || "localdomain";
+    my $hostname = $SystemName || "localhost";
+    my $ppid = $$;
+    $pid = fork();
+    if( $pid == 0 ){
+        # wait for SME cert to be expanded
+       waitpid($ppid,0);
+       use esmith::templates;
+        esmith::templates::processTemplate({
+           TEMPLATE_PATH => "/home/e-smith/ssl.pem/$hostname.$domain.pem" ,
+           TEMPLATE_EXPAND_QUEUE => [ "/" ] ,
+           OUTPUT_FILENAME => "/var/service/ejabberd/ssl/cert.pem" ,
+           UID => "ejabberd" ,
+           PERMS => 0640 ,
+           });
+       exec 'sv', '2', '/service/ejabberd';
+    }
+}
\ Pas de fin de ligne à la fin du fichier.
--- smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports30http.SSLCert 2008-06-22 20:44:21.000000000 +0200
+++ smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports30http 2008-06-22 18:56:56.000000000 +0200
@@ -3,10 +3,7 @@
     $OUT .= "\n";
     $OUT .= '    %% remove web_admin to disable admin interface:';
     $OUT .= "\n";
-    $OUT .= '    ,{5280, ejabberd_http,    [tls, {certfile, "/home/e-smith/ssl.pem/';
-    $OUT .= ${SystemName};
-    $OUT .= ('.' . ${DomainName});
-    $OUT .= '.pem"}, http_poll';
+    $OUT .= '    ,{5280, ejabberd_http,    [tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}, http_poll';
     $OUT .= ', web_admin' if (${ejabberd}{WebAdmin} eq 'enabled');
     $OUT .= ']}';
     $OUT .= "\n";
--- smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports10c2s.SSLCert  2008-06-22 20:44:21.000000000 +0200
+++ smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports10c2s  2008-06-22 18:56:56.000000000 +0200
@@ -2,32 +2,23 @@
     $OUT =<<'HERE';
           %%{5222, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, {shaper, c2s_shaper}]},
          %% Use this line to enable SSL:
-         %%{5223, ejabberd_c2s,     [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/home/e-smith/server.pem"}]},
+         %%{5223, ejabberd_c2s,     [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},
          %% 
          %% Use those lines instead for TLS support:
-         %%{5222, ejabberd_c2s,     [{access, c2s}, {shaper, c2s_shaper}, starttls, {certfile, "/home/e-smith/server.pem"}]},
-         %%{5223, ejabberd_c2s,     [{access, c2s}, tls, {certfile, "/home/e-smith/server.pem"}]},
+         %%{5222, ejabberd_c2s,     [{access, c2s}, {shaper, c2s_shaper}, starttls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},
+         %%{5223, ejabberd_c2s,     [{access, c2s}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},
 
 HERE
     if ( ${ejabberd}{XMPPAccess} eq 'tls' ) {
-        $OUT .= '       {5222, ejabberd_c2s,     [{access, c2s}, {shaper, c2s_shaper}, starttls_required, {certfile, "/home/e-smith/ssl.pem/';
-        $OUT .= ${SystemName};
-        $OUT .= ('.' . ${DomainName});
-        $OUT .= '.pem"}]},';
+        $OUT .= '       {5222, ejabberd_c2s,     [{access, c2s}, {shaper, c2s_shaper}, starttls_required, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},';
         $OUT .= "\n";
-        $OUT .= '       {5223, ejabberd_c2s,     [{access, c2s}, tls, {certfile, "/home/e-smith/ssl.pem/';
-        $OUT .= ${SystemName};
-        $OUT .= ('.' . ${DomainName});
-        $OUT .= '.pem"}]}';
+        $OUT .= '       {5223, ejabberd_c2s,     [{access, c2s}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]}';
         $OUT .= "\n\n";
        }
     else {
         $OUT .= '       {5222, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, {shaper, c2s_shaper}]},';
         $OUT .= "\n";
-        $OUT .= '       {5223, ejabberd_c2s,     [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/home/e-smith/ssl.pem/';
-        $OUT .= ${SystemName};
-        $OUT .= ('.' . ${DomainName});
-        $OUT .= '.pem"}]}';
+        $OUT .= '       {5223, ejabberd_c2s,     [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]}';
         $OUT .= "\n\n";
        }
 }
\ Pas de fin de ligne à la fin du fichier.
--- smeserver-ejabberd-2.0.0/root/var/service/ejabberd/control/2.SSLCert        2008-06-22 20:47:37.000000000 +0200
+++ smeserver-ejabberd-2.0.0/root/var/service/ejabberd/control/2        2008-06-22 18:56:56.000000000 +0200
@@ -0,0 +1,5 @@
+#! /bin/sh
+
+test /var/service/ejabberd/ssl/cert.pem -nt ./supervise/pid || exit 0
+sv t .
+
1	--- smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/home/e-smith/ssl.pem/80ejabberd.pem.SSLCert 2008-06-22 20:48:27.000000000 +0200
2	+++ smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/home/e-smith/ssl.pem/80ejabberd.pem 2008-06-22 18:56:56.000000000 +0200
3	@@ -0,0 +1,19 @@
4	+{
5	+ my $domain = $DomainName \|\| "localdomain";
6	+ my $hostname = $SystemName \|\| "localhost";
7	+ my $ppid = $$;
8	+ $pid = fork();
9	+ if( $pid == 0 ){
10	+ # wait for SME cert to be expanded
11	+ waitpid($ppid,0);
12	+ use esmith::templates;
13	+ esmith::templates::processTemplate({
14	+ TEMPLATE_PATH => "/home/e-smith/ssl.pem/$hostname.$domain.pem" ,
15	+ TEMPLATE_EXPAND_QUEUE => [ "/" ] ,
16	+ OUTPUT_FILENAME => "/var/service/ejabberd/ssl/cert.pem" ,
17	+ UID => "ejabberd" ,
18	+ PERMS => 0640 ,
19	+ });
20	+ exec 'sv', '2', '/service/ejabberd';
21	+ }
22	+}
23	\ Pas de fin de ligne à la fin du fichier.
24	--- smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports30http.SSLCert 2008-06-22 20:44:21.000000000 +0200
25	+++ smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports30http 2008-06-22 18:56:56.000000000 +0200
26	@@ -3,10 +3,7 @@
27	$OUT .= "\n";
28	$OUT .= ' %% remove web_admin to disable admin interface:';
29	$OUT .= "\n";
30	- $OUT .= ' ,{5280, ejabberd_http, [tls, {certfile, "/home/e-smith/ssl.pem/';
31	- $OUT .= ${SystemName};
32	- $OUT .= ('.' . ${DomainName});
33	- $OUT .= '.pem"}, http_poll';
34	+ $OUT .= ' ,{5280, ejabberd_http, [tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}, http_poll';
35	$OUT .= ', web_admin' if (${ejabberd}{WebAdmin} eq 'enabled');
36	$OUT .= ']}';
37	$OUT .= "\n";
38	--- smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports10c2s.SSLCert 2008-06-22 20:44:21.000000000 +0200
39	+++ smeserver-ejabberd-2.0.0/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports10c2s 2008-06-22 18:56:56.000000000 +0200
40	@@ -2,32 +2,23 @@
41	$OUT =<<'HERE';
42	%%{5222, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, {shaper, c2s_shaper}]},
43	%% Use this line to enable SSL:
44	- %%{5223, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/home/e-smith/server.pem"}]},
45	+ %%{5223, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},
46	%%
47	%% Use those lines instead for TLS support:
48	- %%{5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}, starttls, {certfile, "/home/e-smith/server.pem"}]},
49	- %%{5223, ejabberd_c2s, [{access, c2s}, tls, {certfile, "/home/e-smith/server.pem"}]},
50	+ %%{5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}, starttls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},
51	+ %%{5223, ejabberd_c2s, [{access, c2s}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},
52
53	HERE
54	if ( ${ejabberd}{XMPPAccess} eq 'tls' ) {
55	- $OUT .= ' {5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}, starttls_required, {certfile, "/home/e-smith/ssl.pem/';
56	- $OUT .= ${SystemName};
57	- $OUT .= ('.' . ${DomainName});
58	- $OUT .= '.pem"}]},';
59	+ $OUT .= ' {5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}, starttls_required, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]},';
60	$OUT .= "\n";
61	- $OUT .= ' {5223, ejabberd_c2s, [{access, c2s}, tls, {certfile, "/home/e-smith/ssl.pem/';
62	- $OUT .= ${SystemName};
63	- $OUT .= ('.' . ${DomainName});
64	- $OUT .= '.pem"}]}';
65	+ $OUT .= ' {5223, ejabberd_c2s, [{access, c2s}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]}';
66	$OUT .= "\n\n";
67	}
68	else {
69	$OUT .= ' {5222, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, {shaper, c2s_shaper}]},';
70	$OUT .= "\n";
71	- $OUT .= ' {5223, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/home/e-smith/ssl.pem/';
72	- $OUT .= ${SystemName};
73	- $OUT .= ('.' . ${DomainName});
74	- $OUT .= '.pem"}]}';
75	+ $OUT .= ' {5223, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]}';
76	$OUT .= "\n\n";
77	}
78	}
79	\ Pas de fin de ligne à la fin du fichier.
80	--- smeserver-ejabberd-2.0.0/root/var/service/ejabberd/control/2.SSLCert 2008-06-22 20:47:37.000000000 +0200
81	+++ smeserver-ejabberd-2.0.0/root/var/service/ejabberd/control/2 2008-06-22 18:56:56.000000000 +0200
82	@@ -0,0 +1,5 @@
83	+#! /bin/sh
84	+
85	+test /var/service/ejabberd/ssl/cert.pem -nt ./supervise/pid \|\| exit 0
86	+sv t .
87	+