FTP_CONF=/etc/proftpd/proftpd.conf
FTP_TMP=`mktemp /etc/proftpd/proftpd.conf.XXXXXX`
FTP_OLD=/var/backups/proftpd.conf.bak
-SSL_CERT=/etc/ssl/certs/ftpd-rsa.pem
-SSL_KEY=/etc/ssl/certs/ftpd-rsa-key.pem
+SSL_CERT=/etc/ssl/certs/ftpd.pem
+SSL_KEY=/etc/ssl/private/ftpd.pem
# Backup stare konfiguracije
cp_backup_conffile $FTP_CONF
if ! egrep -qi "^[[:space:]]*Include.*/etc/proftpd/modules.conf" $FTP_TMP ; then
printf "#\n# Includes required DSO modules. This is mandatory in proftpd 1.3\n#\nInclude\t/etc/proftpd/modules.conf\n\n" >$FTP_TMP.tmp.$$
cat $FTP_TMP >>$FTP_TMP.tmp.$$
- mv -f $FTP_TMP.tmp.$$ $FTP_TMP
+ cp_mv $FTP_TMP.tmp.$$ $FTP_TMP
fi
fi
}
# Generiranje SSL certifikata
make_ssl_cert()
{
- if [ ! -f $SSL_CERT ] ; then
- cd $(dirname $SSL_CERT)
- echo "CN: Generating SSL certificate ... "
- openssl req -new -x509 -days 365 -nodes -out $(basename $SSL_CERT) -keyout $(basename $SSL_KEY)
+ if [ \( ! -f $SSL_CERT \) -o \( ! -f $SSL_KEY \) ] ; then
+ echo "CN: Generating SSL certificate... "
+ HOSTNAME=`hostname -s`
+ FQDN=`hostname -f`
+ MAILNAME=`cat /etc/mailname 2> /dev/null || hostname -f`
+ (openssl req -new -x509 -days 365 -nodes -out $SSL_CERT -keyout $SSL_KEY >/dev/null 2>&1 <<EOF
+.
+.
+.
+FTP server
+$hostname.$domainname
+$fqdn
+root@$mailname
+EOF
+)
echo "CN: Self-signed SSL certificate generated in $SSL_CERT."
echo "CN: Please note that the certificate will expire in one year."
fi
defuse_old_postrm
disable_anonymous
+make_ssl_cert
fix_conf
add_tls
include_modules
-make_ssl_cert
if [ -z "$2" ]; then
echo "CN: Proftpd-cn is configured with disabled anonymous FTP access,"
rm -f $FTP_TMP
fi
-echo "CN: Restarting proftpd ..."
+echo "CN: Restarting proftpd..."
if [ -x /usr/sbin/invoke-rc.d ]; then
invoke-rc.d proftpd restart
projects / proftpd-cn.git / blobdiff