From bdd283b003c646af43d30c2e4f96c51c4c3df82d Mon Sep 17 00:00:00 2001 From: Dinko Korunic Date: Mon, 13 Apr 2009 17:50:19 +0200 Subject: [PATCH] - update za Lenny - rekonfigurirani certifikati tako da se razdvajaju lijepo u certs i private - dependancy update - ciscenje postinsta.. --- README.CARNet | 9 ++++----- debian/changelog | 8 ++++++++ debian/control | 4 ++-- debian/postinst | 15 +++++++-------- 4 files changed, 21 insertions(+), 15 deletions(-) diff --git a/README.CARNet b/README.CARNet index 13de3be..98b6273 100644 --- a/README.CARNet +++ b/README.CARNet @@ -1,9 +1,8 @@ proftpd-cn ~~~~~~~~~~ -Zabranjen je anonimni FTP pristup. +Zabranjen je anonimni FTP pristup. Proftp-cn generira SSL certifikat ftpd, +ukoliko certifikat vec ne postoji; a tipicno se omogucava i FTP-TLS +pristup. -Proftp-cn generira SSL certifikat proftpd, ukoliko certifikat vec ne -postoji. - - -- Zoran Dzelajlija Fri, 26 Oct 2007 19:30:16 +0200 + -- Dinko Korunic Mon, 13 Apr 2009 17:49:05 +0200 diff --git a/debian/changelog b/debian/changelog index 59e1d93..3998057 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +proftpd-cn (2:1.3.1-1) stable; urgency=low + + * Upgrade za Lenny + * SSL certifikat i kljuc su sad ispravno razdvojeni u certs i private + direktorije + + -- Dinko Korunic Mon, 13 Apr 2009 17:12:49 +0200 + proftpd-cn (2:1.3.0-3) stable; urgency=low * popravljen debconf problem sa interaktivnom skriptom (openssl) diff --git a/debian/control b/debian/control index 447fc16..fcd60f5 100644 --- a/debian/control +++ b/debian/control @@ -1,13 +1,13 @@ Source: proftpd-cn Section: net Priority: optional -Maintainer: Zoran Dzelajlija +Maintainer: Dinko Korunic Build-Depends: debhelper (>= 4) Standards-Version: 3.7.2 Package: proftpd-cn Architecture: all -Depends: proftpd (>= 1.3.0-18cn1), openssl, carnet-tools-cn (>= 2.4), debconf (>= 0.5) | debconf-2.0 +Depends: proftpd (>= 1.3.1-17lenny2), openssl (>= 0.9.8g-15+lenny1), carnet-tools-cn (>= 2.8.1), debconf (>= 0.5) | debconf-2.0 Description: Versatile, virtual-hosting FTP daemon A powerful replacement for wu-ftpd, this File Transfer Protocol daemon supports hidden directories, virtual hosts, and per-directory diff --git a/debian/postinst b/debian/postinst index 955e496..d1222fe 100755 --- a/debian/postinst +++ b/debian/postinst @@ -40,8 +40,8 @@ esac FTP_CONF=/etc/proftpd/proftpd.conf FTP_TMP=`mktemp /etc/proftpd/proftpd.conf.XXXXXX` FTP_OLD=/var/backups/proftpd.conf.bak -SSL_CERT=/etc/ssl/certs/ftpd-rsa.pem -SSL_KEY=/etc/ssl/certs/ftpd-rsa-key.pem +SSL_CERT=/etc/ssl/certs/ftpd.pem +SSL_KEY=/etc/ssl/private/ftpd.pem # Backup stare konfiguracije cp_backup_conffile $FTP_CONF @@ -127,7 +127,7 @@ include_modules() if ! egrep -qi "^[[:space:]]*Include.*/etc/proftpd/modules.conf" $FTP_TMP ; then printf "#\n# Includes required DSO modules. This is mandatory in proftpd 1.3\n#\nInclude\t/etc/proftpd/modules.conf\n\n" >$FTP_TMP.tmp.$$ cat $FTP_TMP >>$FTP_TMP.tmp.$$ - mv -f $FTP_TMP.tmp.$$ $FTP_TMP + cp_mv $FTP_TMP.tmp.$$ $FTP_TMP fi fi } @@ -135,13 +135,12 @@ include_modules() # Generiranje SSL certifikata make_ssl_cert() { - if [ ! -f $SSL_CERT ] ; then - cd $(dirname $SSL_CERT) - echo "CN: Generating SSL certificate ... " + if [ \( ! -f $SSL_CERT \) -o \( ! -f $SSL_KEY \) ] ; then + echo "CN: Generating SSL certificate... " HOSTNAME=`hostname -s` FQDN=`hostname -f` MAILNAME=`cat /etc/mailname 2> /dev/null || hostname -f` - (openssl req -new -x509 -days 365 -nodes -out $(basename $SSL_CERT) -keyout $(basename $SSL_KEY) >/dev/null 2>&1 </dev/null 2>&1 <