X-Git-Url: http://git.cascardo.eti.br/?a=blobdiff_plain;f=utilities%2Fovs-pki.in;h=470517808eb01dd4718886bfa336f41542a55ba5;hb=5b5c922b0ca64abb4ac63f4467e02fcd2221a51a;hp=501b06e47bce40bcb1bee84e6a4de66af0b76b46;hpb=d652859bfd3fd81f3db9344ae5760ba756600b97;p=cascardo%2Fovs.git diff --git a/utilities/ovs-pki.in b/utilities/ovs-pki.in index 501b06e47..470517808 100755 --- a/utilities/ovs-pki.in +++ b/utilities/ovs-pki.in @@ -1,6 +1,6 @@ #! /bin/sh -# Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013 Nicira, Inc. +# Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014 Nicira, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -274,7 +274,7 @@ private_key = $dir/private/cakey.pem# CA private key RANDFILE = $dir/private/.rand # random number file default_days = 3650 # how long to certify for default_crl_days= 30 # how long before next CRL -default_md = md5 # md to use +default_md = sha1 # message digest to use policy = policy # default policy email_in_dn = no # Don't add the email into cert DN name_opt = ca_default # Subject name display option @@ -461,9 +461,18 @@ sign_request() { must_not_exist "$2" pkidir_must_exist + case "$1" in + "/"*) + request_file="$1" + ;; + *) + request_file="`pwd`/$1" + ;; + esac + (cd "$pkidir/${type}ca" && - openssl ca -config ca.cnf -batch -in /dev/stdin) \ - < "$1" > "$2.tmp$$" 2>&3 + openssl ca -config ca.cnf -batch -in "$request_file") \ + > "$2.tmp$$" 2>&3 mv "$2.tmp$$" "$2" } @@ -485,7 +494,7 @@ elif test "$command" = sign; then check_type "$arg2" verify_fingerprint "$arg1-req.pem" - sign_request "$arg1-req.pem" "$arg2-cert.pem" + sign_request "$arg1-req.pem" "$arg1-cert.pem" elif test "$command" = req+sign; then one_or_two_args check_type "$arg2"