Merge pull request #1096 from owncloud/fix_glauth_ldaps_cert_key

make glauth respect file paths
2026-01-27 15:32:15 -05:00 · 2020-12-15 13:53:25 +01:00
parent 71684a0af4 01e88d67b0
commit 21ab406dca
3 changed files with 27 additions and 2 deletions
--- a/glauth/.gitignore
+++ b/glauth/.gitignore
@@ -0,0 +1 @@
+data/
--- a/glauth/pkg/command/server.go
+++ b/glauth/pkg/command/server.go
@@ -188,8 +188,7 @@ func Server(cfg *config.Config) *cli.Command {
 				}

 				if lscfg.Enabled {
-					// GenCert has side effects as it writes 2 files to the binary running location
-					if err := crypto.GenCert("ldap.crt", "ldap.key", logger); err != nil {
+					if err := crypto.GenCert(cfg.Ldaps.Cert, cfg.Ldaps.Key, logger); err != nil {
 						logger.Fatal().Err(err).Msgf("Could not generate test-certificate")
 					}
 				}
--- a/glauth/pkg/crypto/gencert.go
+++ b/glauth/pkg/crypto/gencert.go
@@ -10,6 +10,7 @@ import (
 	"math/big"
 	"net"
 	"os"
+	"path/filepath"
 	"time"

 	"github.com/owncloud/ocis/ocis-pkg/log"
@@ -46,6 +47,14 @@ func GenCert(certName string, keyName string, l log.Logger) error {
 	var priv interface{}
 	var err error

+	_, certErr := os.Stat(certName)
+	_, keyErr := os.Stat(keyName)
+
+	if certErr == nil || keyErr == nil {
+		l.Debug().Msg("LDAPS certificate or key already present, using these")
+		return nil
+	}
+
 	priv, err = rsa.GenerateKey(rand.Reader, 2048)

 	if err != nil {
@@ -92,6 +101,14 @@ func GenCert(certName string, keyName string, l log.Logger) error {
 		l.Fatal().Err(err).Msg("Failed to create certificate")
 	}

+	certPath := filepath.Dir(certName)
+	if _, err := os.Stat(certPath); os.IsNotExist(err) {
+		err = os.MkdirAll(certPath, 0700)
+		if err != nil {
+			l.Fatal().Err(err).Msg("Failed to create path " + certPath)
+		}
+	}
+
 	certOut, err := os.Create(certName)
 	if err != nil {
 		l.Fatal().Err(err).Msgf("Failed to open %v for writing", certName)
@@ -106,6 +123,14 @@ func GenCert(certName string, keyName string, l log.Logger) error {
 	}
 	l.Info().Msg("Written server.crt")

+	keyPath := filepath.Dir(keyName)
+	if _, err := os.Stat(keyPath); os.IsNotExist(err) {
+		err = os.MkdirAll(keyPath, 0700)
+		if err != nil {
+			l.Fatal().Err(err).Msg("Failed to create path " + keyPath)
+		}
+	}
+
 	keyOut, err := os.OpenFile(keyName, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
 	if err != nil {
 		l.Fatal().Err(err).Msgf("Failed to open %v for writing", keyName)