-SET(ETC_DIR ${PROJECT_SOURCE_DIR}/etc)
+SET(ETC_DIR ${CMAKE_CURRENT_SOURCE_DIR})
INSTALL(FILES
${ETC_DIR}/schema.xsd
DESTINATION ${TZ_SYS_RO_WRT_ENGINE}
)
-INSTALL(FILES
- ${ETC_DIR}/make-ca-certificate.sh
- DESTINATION ${TZ_SYS_BIN}
- PERMISSIONS OWNER_READ
- OWNER_WRITE
- OWNER_EXECUTE
+MESSAGE("Add ssl table to certs-meta.db")
+
+EXECUTE_PROCESS(
+ COMMAND
+ ${ETC_DIR}/cert_svc_create_clean_store_db.sh
+ ${ETC_DIR}/cert_svc_store_db.sql
+ ${ETC_DIR}/certs-meta.db
+ RESULT_VARIABLE ERROR_CODE
+ )
+
+IF (ERROR_CODE)
+ MESSAGE(FATAL_ERROR "[${ERROR_CODE}] Failed to create clean store db")
+ENDIF (ERROR_CODE)
+
+EXECUTE_PROCESS(
+ COMMAND
+ ${ETC_DIR}/initialize_store_db.sh
+ ${ETC_DIR}/certs-meta.db
+ ${ETC_DIR}/ca-certificate.crt
+ RESULT_VARIABLE ERROR_CODE
)
+IF (ERROR_CODE)
+ MESSAGE(FATAL_ERROR "[${ERROR_CODE}] Failed to initialize store db")
+ENDIF (ERROR_CODE)
+
INSTALL(FILES
- ${ETC_DIR}/initialize_store_db.sh
- ${ETC_DIR}/cert_svc_create_clean_store_db.sh
- DESTINATION ${TZ_SYS_BIN}
- PERMISSIONS OWNER_READ
- OWNER_WRITE
- OWNER_EXECUTE
+ ${ETC_DIR}/certs-meta.db
+ ${ETC_DIR}/certs-meta.db-journal
+ DESTINATION ${TZ_SYS_SHARE}/cert-svc/dbspace
)
INSTALL(FILES
- ${ETC_DIR}/cert_svc_store_db.sql
+ ${ETC_DIR}/ca-certificate.crt
DESTINATION ${TZ_SYS_SHARE}/cert-svc
)
# See the License for the specific language governing permissions and
# limitations under the License.
#
-source /etc/tizen-platform.conf
+INIT_SQL=$1
+DB_PATH=$2
-DB_PATH=${TZ_SYS_SHARE}/cert-svc/dbspace
-name="certs-meta.db"
+sqlite3 $DB_PATH "PRAGMA journal_mode = PERSIST;"
+sqlite3 $DB_PATH ".read $INIT_SQL"
-rm -f ${DB_PATH}/$name
-rm -f ${DB_PATH}/$name-journal
-
-SQL="PRAGMA journal_mode = PERSIST;"
-sqlite3 ${DB_PATH}/$name "$SQL"
-
-SQL=".read ${TZ_SYS_SHARE}/cert-svc/cert_svc_store_db.sql"
-sqlite3 ${DB_PATH}/$name "$SQL"
-
-touch ${DB_PATH}/$name-journal
-
-chown system:system ${DB_PATH}/$name
-chown system:system ${DB_PATH}/$name-journal
-
-chmod 664 ${DB_PATH}/$name
-chmod 664 ${DB_PATH}/$name-journal
-
-echo "cert_svc_create_clean_store_db.sh done"
+touch $DB_PATH-journal
#!/bin/bash
source /etc/tizen-platform.conf
-ROOT_CERT_SQL=${TZ_SYS_SHARE}/cert-svc/root-cert.sql
-CERT_LIST_CRT=${TZ_SYS_SHARE}/cert-svc/ca-certificate.crt
+DB_PATH=$1
+CRT_PATH=$2
-MOZILLA_SSL_DIRECTORY=${TZ_SYS_SHARE}/ca-certificates/mozilla
-TIZEN_SSL_DIRECTORY=${TZ_SYS_SHARE}/ca-certificates/tizen
+ROOT_CERT_SQL=root-cert.sql
+MOZILLA_SSL_DIRECTORY=$TZ_SYS_SHARE/ca-certificates/mozilla
+TIZEN_SSL_DIRECTORY=$TZ_SYS_SHARE/ca-certificates/tizen
function initialize_store_in_dir {
for i in `find $1/* -name '*'`
do
- cert=`openssl x509 -in $i`
- echo $cert >> ${CERT_LIST_CRT}
- echo >> ${CERT_LIST_CRT}
+ openssl x509 -in $i -outform PEM >> $CRT_PATH
+# echo >> $CRT_PATH
gname=`echo $i | cut -f 6 -d '/'`
filehash=`openssl x509 -in $i -hash -noout`
commonname=${commonname:1} # cut first whitespace
- echo "INSERT INTO ssl (gname, certificate, file_hash, subject_hash, common_name, enabled, is_root_app_enabled) values (\"$gname\", \"$cert\", \"$filehash\", \"$subjecthash\", \"$commonname\", 1, 1);" >> ${ROOT_CERT_SQL}
+ echo "INSERT INTO ssl (gname, certificate, file_hash, subject_hash, common_name, enabled, is_root_app_enabled) values (\"$gname\", \"$cert\", \"$filehash\", \"$subjecthash\", \"$commonname\", 1, 1);" >> $ROOT_CERT_SQL
done
}
-if [[ -e $ROOT_CERT_SQL ]]
-then
- rm $ROOT_CERT_SQL
-fi
-
-if [[ -e $CERT_LIST_CRT ]]
-then
- rm $CERT_LIST_CRT
-fi
-
touch $ROOT_CERT_SQL
-touch $CERT_LIST_CRT
+touch $CRT_PATH
initialize_store_in_dir $MOZILLA_SSL_DIRECTORY
initialize_store_in_dir $TIZEN_SSL_DIRECTORY
-chown system:system ${CERT_LIST_CRT}
-chmod 644 ${CERT_LIST_CRT}
-
-echo "initialize_store_db.sh done"
+cat $ROOT_CERT_SQL | sqlite3 $DB_PATH
+rm $ROOT_CERT_SQL
+++ /dev/null
-#!/bin/bash
-source /etc/tizen-platform.conf
-
-MOZILLA_SSL_DIRECTORY=${TZ_SYS_SHARE}/ca-certificates/mozilla
-TIZEN_SSL_DIRECTORY=${TZ_SYS_SHARE}/ca-certificates/tizen
-
-CRT_PATH=${TZ_SYS_SHARE}/cert-svc/ca-certificate.crt
-
-function append_to_crt_file {
- for i in `find $1/* -name '*'`
- do
- openssl x509 -in $i -outform PEM >> $CRT_PATH
- done
-}
-
-if [ -e $CRT_PATH ]
-then
- rm $CRT_PATH
-fi
-
-touch $CRT_PATH
-
-append_to_crt_file $MOZILLA_SSL_DIRECTORY
-append_to_crt_file $TIZEN_SSL_DIRECTORY
-
-chown system:system ${CRT_PATH}
-chmod 644 ${CRT_PATH}
-
-echo "make-ca-certificate.sh done"
License: Apache-2.0
Source0: %{name}-%{version}.tar.gz
Source1001: %{name}.manifest
-Requires(post): findutils
BuildRequires: cmake
+BuildRequires: findutils
+BuildRequires: openssl
BuildRequires: pkgconfig(dlog)
BuildRequires: pkgconfig(openssl)
BuildRequires: pkgconfig(libpcrecpp)
BuildRequires: pkgconfig(key-manager)
BuildRequires: pkgconfig(libtzplatform-config)
BuildRequires: pkgconfig(libsystemd-journal)
-Requires: pkgconfig(libtzplatform-config)
-Requires: ca-certificates-tizen
-Requires: ca-certificates-mozilla
-Requires: ca-certificates
-Requires: openssl
+BuildRequires: pkgconfig(sqlite3)
+BuildRequires: ca-certificates-tizen
+BuildRequires: ca-certificates-mozilla
%description
Certification service
systemctl restart cert-server.service
fi
-echo "make ca-certificate.crt"
-%{TZ_SYS_BIN}/make-ca-certificate.sh
-rm %{TZ_SYS_BIN}/make-ca-certificate.sh
-
-echo "create certs-meta.db"
-rm -rf %{TZ_SYS_SHARE}/cert-svc/dbspace/certs-meta.db
-%{TZ_SYS_BIN}/cert_svc_create_clean_store_db.sh %{TZ_SYS_SHARE}/cert-svc/cert_svc_store_db.sql
-%{TZ_SYS_BIN}/initialize_store_db.sh
-if [[ -e %{TZ_SYS_SHARE}/cert-svc/dbspace/certs-meta.db ]]; then
- cat %{TZ_SYS_SHARE}/cert-svc/root-cert.sql | sqlite3 %{TZ_SYS_SHARE}/cert-svc/dbspace/certs-meta.db
-fi
-rm %{TZ_SYS_SHARE}/cert-svc/cert_svc_store_db.sql
-rm %{TZ_SYS_SHARE}/cert-svc/root-cert.sql
-rm %{TZ_SYS_BIN}/cert_svc_create_clean_store_db.sh
-rm %{TZ_SYS_BIN}/initialize_store_db.sh
-
%postun
/sbin/ldconfig
%attr(755,root,root) %{_libdir}/libcert-svc-vcore.so.*
%attr(644,root,root) %{TZ_SYS_SHARE}/license/%{name}
%attr(644,root,root) %{TZ_SYS_RO_WRT_ENGINE}/schema.xsd
-%attr(644,root,root) %{TZ_SYS_SHARE}/cert-svc/cert_svc_store_db.sql
-%attr(755,root,root) %{TZ_SYS_BIN}/cert_svc_create_clean_store_db.sh
-%attr(755,root,root) %{TZ_SYS_BIN}/make-ca-certificate.sh
-%attr(755,root,root) %{TZ_SYS_BIN}/initialize_store_db.sh
# Resource files install as system
%{TZ_SYS_SHARE}/cert-svc/pkcs12
-%{TZ_SYS_SHARE}/cert-svc/dbspace
-
+%{TZ_SYS_SHARE}/cert-svc/dbspace/certs-meta.db*
+%{TZ_SYS_SHARE}/cert-svc/ca-certificate.crt
%files devel
%defattr(-,root,root,-)