From: Evan Broder <broder@mit.edu>
Date: Wed, 29 Oct 2008 02:53:30 +0000 (-0400)
Subject: Generate the VNC server certificates at install time
X-Git-Tag: 0.0.2~1
X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-vnc-server.git/commitdiff_plain/fb40a4a5cc90d713c0e62dc6e7b168f8db18f6e7

Generate the VNC server certificates at install time

svn path=/trunk/packages/invirt-vnc-server/; revision=1400
---

diff --git a/debian/changelog b/debian/changelog
index 8d9a6b1..4600adf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,8 +1,9 @@
 invirt-vnc-server (0.0.2) unstable; urgency=low
 
   * Cleanup the init script to use /lib/init/std-init.sh
+  * Generate the SSL certificates at install-time
 
- -- Evan Broder <broder@mit.edu>  Tue, 28 Oct 2008 20:48:38 -0400
+ -- Evan Broder <broder@mit.edu>  Tue, 28 Oct 2008 21:19:14 -0400
 
 invirt-vnc-server (0.0.1) unstable; urgency=low
 
diff --git a/debian/invirt-vnc-server.postinst b/debian/invirt-vnc-server.postinst
index ee266d9..12f3616 100755
--- a/debian/invirt-vnc-server.postinst
+++ b/debian/invirt-vnc-server.postinst
@@ -20,10 +20,16 @@ set -e
 
 case "$1" in
     configure)
-	if [ -z "$2" ]; then
-	    echo "Please be sure to copy vncproxy.crt and vncproxykey.pem into /usr/share/invirt-vnc-server/"
-	fi
         mkdir -p /etc/invirt/secrets
+        if ! [ -e /etc/invirt/secrets/vnc.pem ]; then
+            openssl genrsa -out /etc/invirt/secrets/vnc.pem 1024 >/dev/null
+        fi
+        
+        if ! [ -e /etc/invirt/secrets/vnc.crt ]; then
+            openssl req -new -x509 -nodes -sha1 -subj '/' -key /etc/invirt/secrets/vnc.pem \
+                > /etc/invirt/secrets/vnc.crt
+        fi
+        
         if ! [ -e /etc/invirt/secrets/vnc-key ]; then
             openssl rand -base64 33 >/etc/invirt/secrets/vnc-key
         fi
diff --git a/invirt-vnc-getcert b/invirt-vnc-getcert
new file mode 100755
index 0000000..11b62c8
--- /dev/null
+++ b/invirt-vnc-getcert
@@ -0,0 +1,8 @@
+#!/usr/bin/python
+
+import sys
+
+try:
+    print open('/etc/invirt/secrets/vnc.crt').read()
+except IOError, e:
+    sys.exit(e.errno)
diff --git a/setup.py b/setup.py
index 4e11026..652b983 100755
--- a/setup.py
+++ b/setup.py
@@ -20,5 +20,5 @@ setup(
     
     packages = ['invirt.vnc'],
     package_dir = {'invirt': 'python'},
-    scripts=['invirt-vnc-server', 'invirt-vnc-authtoken']
+    scripts=['invirt-vnc-server', 'invirt-vnc-authtoken', 'invirt-vnc-getcert']
 )