From f4ed3701bcd91a336fdd9c91d9fa5923cd22b6c7 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Tue, 10 Dec 2013 07:52:48 -0500
Subject: [PATCH] Remove unused genSSLcerts scripts

The SSL generation is actually performed by the script version in
the tarball.
---
 genOpenPegasusSSLCerts | 67 ------------------------------------------
 genSSLcerts            | 66 -----------------------------------------
 tog-pegasus.spec       |  3 --
 3 files changed, 136 deletions(-)
 delete mode 100755 genOpenPegasusSSLCerts
 delete mode 100755 genSSLcerts

diff --git a/genOpenPegasusSSLCerts b/genOpenPegasusSSLCerts
deleted file mode 100755
index 5e75567..0000000
--- a/genOpenPegasusSSLCerts
+++ /dev/null
@@ -1,67 +0,0 @@
-#!/bin/bash
-#
-PEGASUS_PEM_DIR=/etc/Pegasus
-PEGASUS_CONFIG_DIR=/etc/Pegasus
-PEGASUS_INSTALL_LOG=/var/lib/Pegasus/log/install.log
-PEGASUS_SSL_CERT_FILE=server.pem
-PEGASUS_SSL_KEY_FILE=file.pem
-PEGASUS_SSL_TRUSTSTORE=client.pem
-#
-#  Set up OpenSSL certificates for the tog-pegasus cimserver
-#
-#  Creates a default ssl.cnf file.
-#  Generates a self-signed certificate for use by the cimserver.
-#
-cnfChanged=0;
-if [ ! -e $PEGASUS_CONFIG_DIR/ssl.cnf ]; then
-    mkdir -p ${PEGASUS_INSTALL_LOG%/*}
-    mkdir -p $PEGASUS_CONFIG_DIR
-    echo "[ req ]" > $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "distinguished_name     = req_distinguished_name"  >> \
-            $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "prompt                 = no"  >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "[ req_distinguished_name ]" >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "C                      = UK" >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "ST                     = Berkshire" >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "L                      = Reading" >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "O                      = The Open Group" >> \
-            $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "OU                     = The OpenPegasus Project" >> \
-            $PEGASUS_CONFIG_DIR/ssl.cnf
-    DN=`hostname`;
-    if [ -z "$DN" ] || [ "$DN" = "(none)" ]; then
-            DN='localhost.localdomain';
-    fi;
-    FQDN=`{ host -W1 $DN 2>/dev/null || echo "$DN has address "; } |\
-            grep 'has address' | head -1 | sed 's/\ .*$//'`;
-    if [ -z "$FQDN" ] ; then
-        FQDN="$DN";
-    fi;
-    # cannot use 'hostname --fqdn' because this can hang indefinitely
-    echo "CN                     = $FQDN"  >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    chmod 400 $PEGASUS_CONFIG_DIR/ssl.cnf
-    chown root $PEGASUS_CONFIG_DIR/ssl.cnf
-    chgrp root $PEGASUS_CONFIG_DIR/ssl.cnf
-    cnfChanged=1;
-fi
-if [ $cnfChanged -eq 1 ] || \
-         [ ! -e $PEGASUS_PEM_DIR/$PEGASUS_SSL_CERT_FILE ] || \
-         [ ! -e $PEGASUS_PEM_DIR/$PEGASUS_SSL_KEY_FILE ]; then
-    /usr/bin/openssl req -x509 -days 3650 -newkey rsa:2048 \
-         -nodes -config $PEGASUS_CONFIG_DIR/ssl.cnf   \
-         -keyout $PEGASUS_PEM_DIR/key.pem \
-         -out $PEGASUS_PEM_DIR/cert.pem 2>>$PEGASUS_INSTALL_LOG
-    chmod 700 $PEGASUS_PEM_DIR/*.pem
-    cp -fp $PEGASUS_PEM_DIR/cert.pem \
-        $PEGASUS_PEM_DIR/$PEGASUS_SSL_CERT_FILE
-    cp -fp $PEGASUS_PEM_DIR/key.pem \
-        $PEGASUS_PEM_DIR/$PEGASUS_SSL_KEY_FILE
-    chmod 400 $PEGASUS_PEM_DIR/$PEGASUS_SSL_KEY_FILE
-    chmod 444 $PEGASUS_PEM_DIR/$PEGASUS_SSL_CERT_FILE 
-    rm -f $PEGASUS_PEM_DIR/key.pem $PEGASUS_PEM_DIR/cert.pem
-fi;
-if [ ! -e $PEGASUS_PEM_DIR/$PEGASUS_SSL_TRUSTSTORE ]; then
-    cp -fp $PEGASUS_PEM_DIR/$PEGASUS_SSL_CERT_FILE \
-        $PEGASUS_PEM_DIR/$PEGASUS_SSL_TRUSTSTORE
-    chmod 444 $PEGASUS_PEM_DIR/$PEGASUS_SSL_TRUSTSTORE;
-fi;
diff --git a/genSSLcerts b/genSSLcerts
deleted file mode 100755
index 706a3d6..0000000
--- a/genSSLcerts
+++ /dev/null
@@ -1,66 +0,0 @@
-#!/bin/bash
-#
-#  Set up the openssl certificates for the tog-pegasus cimserver
-#
-#  Arguments:
-#    If a single host name argument is given that resolves to a host
-#    IP address, then the script will attempt to copy the certificate
-#    files from that host name.
-#
-#  Without any arguments:
-# 
-#  Modify entries in ssl.cnf, then
-#  Generate a self signed node certificate
-#
-PEGASUS_CONFIG_DIR=${PEGASUS_CONFIG_DIR:=/etc/Pegasus}
-INSTALL_LOG=${INSTALL_LOG:=/var/log/Pegasus/install.log}
-PEGASUS_SSL_CERT_FILE=${PEGASUS_SSL_CERT_FILE:=server.pem}
-PEGASUS_SSL_KEY_FILE=${PEGASUS_SSL_KEY_FILE:=file.pem}
-PEGASUS_SSL_TRUSTSTORE=${PEGASUS_SSL_TRUSTSTORE:=client.pem}
-cnfChanged=0;
-if [ ! -e $PEGASUS_CONFIG_DIR/ssl.cnf ]; then
-    mkdir -p ${INSTALL_LOG%/*}
-    mkdir -p $PEGASUS_CONFIG_DIR
-    echo "[ req ]" > $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "distinguished_name     = req_distinguished_name"  >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "prompt                 = no"  >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "[ req_distinguished_name ]" >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "C                      = UK" >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "ST                     = Berkshire" >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "L                      = Reading" >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "O                      = The Open Group" >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    echo "OU                     = The OpenPegasus Project" >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    DN=`hostname`;
-    if [ -z "$DN" ] || [ "$DN" = "(none)" ]; then
-       DN='localhost.localdomain';
-    fi;
-    FQDN=`{ host -W1 $DN 2>/dev/null || echo "$DN has address "; } | grep 'has address' | head -1 | sed 's/\ .*$//'`;
-    if [ -z "$FQDN" ] ; then
-	FQDN="$DN";
-    fi;
-    # cannot use 'hostname --fqdn' because this can hang indefinitely
-    echo "CN                     = $FQDN"  >> $PEGASUS_CONFIG_DIR/ssl.cnf
-    chmod 400 $PEGASUS_CONFIG_DIR/ssl.cnf
-    chown root $PEGASUS_CONFIG_DIR/ssl.cnf
-    chgrp root $PEGASUS_CONFIG_DIR/ssl.cnf
-    cnfChanged=1;
-fi
-if [ $cnfChanged -eq 1 ] || [ ! -e /etc/Pegasus/$PEGASUS_SSL_CERT_FILE ] || [ ! -e /etc/Pegasus/$PEGASUS_SSL_KEY_FILE ] || [ ! -e /etc/Pegasus/$PEGASUS_SSL_TRUSTSTORE ]; then
-    /usr/bin/openssl req -x509 -days 3650 -newkey rsa:2048 \
-       -nodes -config $PEGASUS_CONFIG_DIR/ssl.cnf   \
-       -keyout $PEGASUS_CONFIG_DIR/key.pem -out $PEGASUS_CONFIG_DIR/cert.pem 2>>$INSTALL_LOG
-    chmod 700 $PEGASUS_CONFIG_DIR/*.pem
-    cat $PEGASUS_CONFIG_DIR/key.pem > $PEGASUS_CONFIG_DIR/file_2048.pem
-    chmod 400 $PEGASUS_CONFIG_DIR/file_2048.pem
-    cat $PEGASUS_CONFIG_DIR/cert.pem > $PEGASUS_CONFIG_DIR/server_2048.pem
-    chmod 400 $PEGASUS_CONFIG_DIR/server_2048.pem
-    cat $PEGASUS_CONFIG_DIR/cert.pem > $PEGASUS_CONFIG_DIR/client_2048.pem
-    chmod 400 $PEGASUS_CONFIG_DIR/client_2048.pem
-    rm -f $PEGASUS_CONFIG_DIR/key.pem $PEGASUS_CONFIG_DIR/cert.pem
-    cp -fp $PEGASUS_CONFIG_DIR/server_2048.pem $PEGASUS_CONFIG_DIR/$PEGASUS_SSL_CERT_FILE
-    cp -fp $PEGASUS_CONFIG_DIR/file_2048.pem $PEGASUS_CONFIG_DIR/$PEGASUS_SSL_KEY_FILE
-    chmod 400 $PEGASUS_CONFIG_DIR/$PEGASUS_SSL_KEY_FILE
-    chmod 444 $PEGASUS_CONFIG_DIR/$PEGASUS_SSL_CERT_FILE 
-    cp -fp $PEGASUS_CONFIG_DIR/client_2048.pem $PEGASUS_CONFIG_DIR/$PEGASUS_SSL_TRUSTSTORE
-    chmod 444 $PEGASUS_CONFIG_DIR/$PEGASUS_SSL_TRUSTSTORE;
-fi;
diff --git a/tog-pegasus.spec b/tog-pegasus.spec
index db31104..fd17fe0 100644
--- a/tog-pegasus.spec
+++ b/tog-pegasus.spec
@@ -18,8 +18,6 @@ URL:            http://www.openpegasus.org
 Source0:        https://collaboration.opengroup.org/pegasus/documents/27211/pegasus-%{version}.tar.gz
 #  1: Description of security enhacements
 Source1:        README.RedHat.Security
-#  2: Script for setting SSL certificates - used in init script when cimserver is started for the first time
-Source2:        genOpenPegasusSSLCerts
 #  3: Description of SSL settings
 Source3:        README.RedHat.SSL
 #  4: /etc/tmpfiles.d configuration file
@@ -216,7 +214,6 @@ yes | mak/CreateDmtfSchema 238 %{SOURCE9} cim_schema_2.38.0
 
 %build
 cp -fp %SOURCE1 doc
-cp -fp %SOURCE2 rpm
 cp -fp %SOURCE3 doc
 cp -fp %SOURCE6 rpm
 cp -fp %SOURCE8 doc