Changeset 6206


Ignore:
Timestamp:
Nov 8, 2017, 5:36:55 PM (2 years ago)
Author:
hectorgh
Message:

making sure a failed fetch_certificate call doesnt overwrite current crt file

Location:
epoptes/trunk/fuentes
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • epoptes/trunk/fuentes/debian/changelog

    r6189 r6206  
     1epoptes (0.5.9-lliurex36) xenial; urgency=high
     2
     3  * Making sure a failed fetch_certificate doesn't overwrite current crt file
     4
     5 -- Hector Garcia Huerta <hectorgh@gmail.com>  Wed, 08 Nov 2017 17:35:43 +0100
     6
    17epoptes (0.5.9-lliurex35) xenial; urgency=medium
    28
  • epoptes/trunk/fuentes/epoptes-client/epoptes-client

    r6069 r6206  
    162162    openssl s_client -connect $SERVER:$PORT < /dev/null \
    163163        | sed '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/!d' \
    164         > /etc/epoptes/server.crt
    165     if [ -s /etc/epoptes/server.crt ]; then
     164        > /tmp/.epoptes_server.crt
     165    if [ -s /tmp/.epoptes_server.crt ]; then
     166        mv /tmp/.epoptes_server.crt /etc/epoptes/server.crt
    166167        echo "[fetch_certificate] Successfully fetched certificate from $SERVER:$PORT" >> $log_file
    167168        echo "[fetch_certificate] Successfully fetched certificate from $SERVER:$PORT"
    168169        exit 0
    169170    else
     171        rm -rf /tmp/.epoptes_server.crt || true
    170172        echo  "[fetch_certificate] FIRST Failed to fetch certificate from $SERVER:$PORT" >> $log_file
    171173        sleep 10
    172174        openssl s_client -connect $SERVER:$PORT < /dev/null \
    173175        | sed '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/!d' \
    174         > /etc/epoptes/server.crt
    175          if [ -s /etc/epoptes/server.crt ]; then
     176        > /tmp/.epoptes_server.crt
     177         if [ -s /tmp/.epoptes_server.crt ]; then
     178                mv /tmp/.epoptes_server.crt /etc/epoptes/server.crt
    176179                echo "[fetch_certificate] Successfully fetched certificate from $SERVER:$PORT" >> $log_file
    177180                echo "[fetch_certificate] Successfully fetched certificate from $SERVER:$PORT"
    178181                exit 0
    179182        else
     183                rm -rf /tmp/.epoptes_server.crt || true
    180184                die "[fetch_certificate] SECOND Failed to fetch certificate from $SERVER:$PORT"
    181185        fi
     
    193197    openssl s_client -connect $SERVER:$PORT < /dev/null \
    194198        | sed '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/!d' \
    195         > /etc/epoptes/server.crt
    196     if [ -s /etc/epoptes/server.crt ]; then
     199        > /tmp/.epoptes_server.crt
     200    if [ -s /tmp/.epoptes_server.crt ]; then
     201        mv /tmp/.epoptes_server.crt /etc/epoptes/server.crt
    197202        echo "[fetch_certificate_download] Successfully fetched certificate from $SERVER:$PORT" >> $log_file
    198203        echo "[fetch_certificate_download] Successfully fetched certificate from $SERVER:$PORT"
    199204    else
     205        rm -rf /tmp/.epoptes_server.crt || true
    200206        echo  "[fetch_certificate_download] FIRST Failed to fetch certificate from $SERVER:$PORT" >> $log_file
    201207        sleep 10
    202208        openssl s_client -connect $SERVER:$PORT < /dev/null \
    203209        | sed '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/!d' \
    204         > /etc/epoptes/server.crt
    205          if [ -s /etc/epoptes/server.crt ]; then
     210        > /tmp/.epoptes_server.crt
     211         if [ -s /tmp/.epoptes_server.crt ]; then
     212                mv /tmp/.epoptes_server.crt /etc/epoptes/server.crt
    206213                echo "[fetch_certificate_download] Successfully fetched certificate from $SERVER:$PORT" >> $log_file
    207214                echo "[fetch_certificate_download] Successfully fetched certificate from $SERVER:$PORT"
    208215        else
     216                rm -rf /tmp/.epoptes_server.crt || true
    209217                die "[fetch_certificate_download] SECOND Failed to fetch certificate from $SERVER:$PORT"
    210218        fi
Note: See TracChangeset for help on using the changeset viewer.