e-smith-radiusd/sme10/e-smith-radiusd-2.6.0-bz11602-ssl-template.patch

diff -Nur --no-dereference e-smith-radiusd-2.6.0.old/createlinks e-smith-radiusd-2.6.0/createlinks
--- e-smith-radiusd-2.6.0.old/createlinks       2021-05-31 00:02:03.557000000 -0400
+++ e-smith-radiusd-2.6.0/createlinks   2021-05-31 00:08:47.922000000 -0400
@@ -71,6 +71,7 @@
        user-lock
        user-modify
        user-modify-admin
+       bootstrap-console-save
             ) )
 {
     safe_symlink("sigterm", "root/etc/e-smith/events/$event/services2adjust/radiusd");
@@ -82,6 +83,9 @@
 event_link("systemd-reload", $event, "89");
 event_link("systemd-default", $event, "88");
 
+templates2events("/etc/raddb/certs/radiusd.pem", qw( bootstrap-console-save ssl-update e-smith-radiusd-update) );
+safe_symlink("restart", "root/etc/e-smith/events/ssl-update/services2adjust/radiusd");
+
 # activate modules
 #safe_symlink("../mods-available/realm", "root/etc/raddb/mods-enabled/realm");
 safe_symlink("../mods-available/ldap", "root/etc/raddb/mods-enabled/ldap");
diff -Nur --no-dereference e-smith-radiusd-2.6.0.old/root/etc/e-smith/templates.metadata/etc/raddb/certs/radiusd.pem e-smith-radiusd-2.6.0/root/etc/e-smith/templates.metadata/etc/raddb/certs/radiusd.pem
--- e-smith-radiusd-2.6.0.old/root/etc/e-smith/templates.metadata/etc/raddb/certs/radiusd.pem   1969-12-31 19:00:00.000000000 -0500
+++ e-smith-radiusd-2.6.0/root/etc/e-smith/templates.metadata/etc/raddb/certs/radiusd.pem       2021-05-31 00:03:48.456000000 -0400
@@ -0,0 +1,5 @@
+/etc/e-smith/templates.metadata/etc/raddb/certs/radiusd.pem
+TEMPLATE_PATH="/home/e-smith/ssl.pem"
+OUTPUT_FILENAME="/etc/raddb/certs/radiusd.pem"
+GID="radiusd"
+PERMS=0640
diff -Nur --no-dereference e-smith-radiusd-2.6.0.old/root/sbin/e-smith/systemd/radiusd-certificate e-smith-radiusd-2.6.0/root/sbin/e-smith/systemd/radiusd-certificate
--- e-smith-radiusd-2.6.0.old/root/sbin/e-smith/systemd/radiusd-certificate     2021-05-31 00:02:03.558000000 -0400
+++ e-smith-radiusd-2.6.0/root/sbin/e-smith/systemd/radiusd-certificate 1969-12-31 19:00:00.000000000 -0500
@@ -1,40 +0,0 @@
-#!/usr/bin/perl -w
-
-#----------------------------------------------------------------------
-# copyright (C) 2005 Mitel Networks Corporation
-# 
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#               
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#               
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
-# 
-# Technical support for this program is available from Mitel Networks 
-# Please visit our web site www.mitel.com/sme/ for details.
-#----------------------------------------------------------------------
-
-use esmith::tcpsvd;
-use esmith::ConfigDB;
-use File::Copy;
-
-my $c = esmith::ConfigDB->open_ro;
-my $s = $c->get('SystemName')->value;
-my $d = $c->get('DomainName')->value;
-
-my $pem = "/etc/raddb/certs/radiusd.pem";
-# Now copy system pem file into jail used by stunnel/sslio
-copy("/home/e-smith/ssl.pem/$s.$d.pem", "$pem.$$")
-  or die "failed to copy SSL PEM: $!";
-chmod 0640, "$pem.$$";
-esmith::util::chownFile("root", "radiusd", "$pem.$$");
-rename("$pem.$$", "$pem")
-  or die "failed to rename $pem.$$ to $pem: $!";
-
diff -Nur --no-dereference e-smith-radiusd-2.6.0.old/root/usr/lib/systemd/system/radiusd.service.d/50-koozali.conf e-smith-radiusd-2.6.0/root/usr/lib/systemd/system/radiusd.service.d/50-koozali.conf
--- e-smith-radiusd-2.6.0.old/root/usr/lib/systemd/system/radiusd.service.d/50-koozali.conf     2021-05-31 00:02:03.566000000 -0400
+++ e-smith-radiusd-2.6.0/root/usr/lib/systemd/system/radiusd.service.d/50-koozali.conf 2021-05-31 00:09:43.323000000 -0400
@@ -5,7 +5,7 @@
 ExecStartPre=
 ExecStartPre=/sbin/e-smith/service-status radiusd
 ExecStartPre=/sbin/e-smith/systemd/radiusd-configure
-ExecStartPre=/sbin/e-smith/systemd/radiusd-certificate
+ExecStartPre=/sbin/e-smith/expand-template /etc/raddb/certs/radiusd.pem
 ExecStartPre=-/bin/chown -R radiusd.radiusd /var/run/radiusd
 ExecStartPre=/usr/sbin/radiusd -C
 Restart=always
1	diff -Nur --no-dereference e-smith-radiusd-2.6.0.old/createlinks e-smith-radiusd-2.6.0/createlinks
2	--- e-smith-radiusd-2.6.0.old/createlinks 2021-05-31 00:02:03.557000000 -0400
3	+++ e-smith-radiusd-2.6.0/createlinks 2021-05-31 00:08:47.922000000 -0400
4	@@ -71,6 +71,7 @@
5	user-lock
6	user-modify
7	user-modify-admin
8	+ bootstrap-console-save
9	) )
10	{
11	safe_symlink("sigterm", "root/etc/e-smith/events/$event/services2adjust/radiusd");
12	@@ -82,6 +83,9 @@
13	event_link("systemd-reload", $event, "89");
14	event_link("systemd-default", $event, "88");
15
16	+templates2events("/etc/raddb/certs/radiusd.pem", qw( bootstrap-console-save ssl-update e-smith-radiusd-update) );
17	+safe_symlink("restart", "root/etc/e-smith/events/ssl-update/services2adjust/radiusd");
18	+
19	# activate modules
20	#safe_symlink("../mods-available/realm", "root/etc/raddb/mods-enabled/realm");
21	safe_symlink("../mods-available/ldap", "root/etc/raddb/mods-enabled/ldap");
22	diff -Nur --no-dereference e-smith-radiusd-2.6.0.old/root/etc/e-smith/templates.metadata/etc/raddb/certs/radiusd.pem e-smith-radiusd-2.6.0/root/etc/e-smith/templates.metadata/etc/raddb/certs/radiusd.pem
23	--- e-smith-radiusd-2.6.0.old/root/etc/e-smith/templates.metadata/etc/raddb/certs/radiusd.pem 1969-12-31 19:00:00.000000000 -0500
24	+++ e-smith-radiusd-2.6.0/root/etc/e-smith/templates.metadata/etc/raddb/certs/radiusd.pem 2021-05-31 00:03:48.456000000 -0400
25	@@ -0,0 +1,5 @@
26	+/etc/e-smith/templates.metadata/etc/raddb/certs/radiusd.pem
27	+TEMPLATE_PATH="/home/e-smith/ssl.pem"
28	+OUTPUT_FILENAME="/etc/raddb/certs/radiusd.pem"
29	+GID="radiusd"
30	+PERMS=0640
31	diff -Nur --no-dereference e-smith-radiusd-2.6.0.old/root/sbin/e-smith/systemd/radiusd-certificate e-smith-radiusd-2.6.0/root/sbin/e-smith/systemd/radiusd-certificate
32	--- e-smith-radiusd-2.6.0.old/root/sbin/e-smith/systemd/radiusd-certificate 2021-05-31 00:02:03.558000000 -0400
33	+++ e-smith-radiusd-2.6.0/root/sbin/e-smith/systemd/radiusd-certificate 1969-12-31 19:00:00.000000000 -0500
34	@@ -1,40 +0,0 @@
35	-#!/usr/bin/perl -w
36	-
37	-#----------------------------------------------------------------------
38	-# copyright (C) 2005 Mitel Networks Corporation
39	-#
40	-# This program is free software; you can redistribute it and/or modify
41	-# it under the terms of the GNU General Public License as published by
42	-# the Free Software Foundation; either version 2 of the License, or
43	-# (at your option) any later version.
44	-#
45	-# This program is distributed in the hope that it will be useful,
46	-# but WITHOUT ANY WARRANTY; without even the implied warranty of
47	-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
48	-# GNU General Public License for more details.
49	-#
50	-# You should have received a copy of the GNU General Public License
51	-# along with this program; if not, write to the Free Software
52	-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
53	-#
54	-# Technical support for this program is available from Mitel Networks
55	-# Please visit our web site www.mitel.com/sme/ for details.
56	-#----------------------------------------------------------------------
57	-
58	-use esmith::tcpsvd;
59	-use esmith::ConfigDB;
60	-use File::Copy;
61	-
62	-my $c = esmith::ConfigDB->open_ro;
63	-my $s = $c->get('SystemName')->value;
64	-my $d = $c->get('DomainName')->value;
65	-
66	-my $pem = "/etc/raddb/certs/radiusd.pem";
67	-# Now copy system pem file into jail used by stunnel/sslio
68	-copy("/home/e-smith/ssl.pem/$s.$d.pem", "$pem.$$")
69	- or die "failed to copy SSL PEM: $!";
70	-chmod 0640, "$pem.$$";
71	-esmith::util::chownFile("root", "radiusd", "$pem.$$");
72	-rename("$pem.$$", "$pem")
73	- or die "failed to rename $pem.$$ to $pem: $!";
74	-
75	diff -Nur --no-dereference e-smith-radiusd-2.6.0.old/root/usr/lib/systemd/system/radiusd.service.d/50-koozali.conf e-smith-radiusd-2.6.0/root/usr/lib/systemd/system/radiusd.service.d/50-koozali.conf
76	--- e-smith-radiusd-2.6.0.old/root/usr/lib/systemd/system/radiusd.service.d/50-koozali.conf 2021-05-31 00:02:03.566000000 -0400
77	+++ e-smith-radiusd-2.6.0/root/usr/lib/systemd/system/radiusd.service.d/50-koozali.conf 2021-05-31 00:09:43.323000000 -0400
78	@@ -5,7 +5,7 @@
79	ExecStartPre=
80	ExecStartPre=/sbin/e-smith/service-status radiusd
81	ExecStartPre=/sbin/e-smith/systemd/radiusd-configure
82	-ExecStartPre=/sbin/e-smith/systemd/radiusd-certificate
83	+ExecStartPre=/sbin/e-smith/expand-template /etc/raddb/certs/radiusd.pem
84	ExecStartPre=-/bin/chown -R radiusd.radiusd /var/run/radiusd
85	ExecStartPre=/usr/sbin/radiusd -C
86	Restart=always