--- /dev/null
+#!/bin/ash
+
+#
+# This script will install a certificate bundle used to authenticate
+# the backend. The bundle can be downloaded from the net, or can be
+# installed from a file available to the installer.
+#
+
+. ${SCRIPT_DIR}/functions
+
+unset CACERTS
+[ ! -r ${BACKEND_CONF} ] || . ${BACKEND_CONF}
+[ ! -r ${CACERTS_CONF} ] || . ${CACERTS_CONF}
+
+cacerts_get_settings()
+{
+ if [ x"${CACERTS}" = x ]; then
+ # Provide default value for certificate location
+ NOPROTO="${BACKEND#http*://}"
+ CACERTS="http://${NOPROTO%/}"/cert/root.pem
+ fi
+
+ single_string_config \
+ "cacerts" \
+ "If you wish to install root certificates to authenticate the Transmitter, you may do so here by entering a "\
+"URL (ftp, http, file, nfs) pointing to your cert bundle. "\
+"
+
+You may also skip this step by leaving the field empty." \
+ "${CACERTS}" \
+ "CACERTS" \
+ "${CACERTS_CONF}" \
+ "$( not_previous $@ || echo --previous )" \
+ "11 70"
+ OPT="$?"
+
+ if [ x"$OPT" != x"${Continue}" ]; then
+ unset CACERTS
+ exit ${OPT}
+ fi
+
+ CACERTS="${STRING_VALUE}"
+}
+
+cacerts_install_problem() #str=1
+{
+ local errstr="$1"
+ local errdetails="$2" #optional
+
+ if interactive; then
+ if [ x"$errdetails" != x ]; then
+ dialog --colors --ok-label "Continue" --msgbox " \ZbERROR: $1. \ZB
+
+ Please enter an alternative URL. The following error was encountered:
+
+$errdetails" 15 75
+ else
+ dialog --colors --ok-label "Continue" --msgbox " \ZbERROR: $1. \ZB
+
+ Please enter an alternative URL." 8 75
+ fi
+ exit ${Retry}
+ else
+ exit ${Abort}
+ fi
+}
+
+cacerts_install()
+{
+ local leaf
+ local host
+ local mtpoint
+
+ case "${CACERTS}" in
+ tftp://*)
+ leaf=$(echo ${CACERTS} | sed -e 's/^tftp:\/\/[^\/]*\///g' )
+ host=$(echo ${CACERTS} | sed -ne 's/^tftp:\/\/\([^\/]*\)\/.*$/\1/p' )
+ if [ -z "$host" ]; then
+ host="dhcp"
+ fi
+ tftp -l "${INSTALL_CA_BUNDLE}" -r "$(cat /etc/dhcp-prefix)/$leaf" -g "$host" || {
+ cacerts_install_problem "Could not retrieve certificate bundle"
+ }
+ break
+ ;;
+ http://*|ftp://*)
+ wget "${CACERTS}" -O "${INSTALL_CA_BUNDLE}".tmp >/tmp/wget.output 2>&1 || {
+ cacerts_install_problem "Could not retrieve certificate bundle" "`cat /tmp/wget.output`"
+ }
+ mv "${INSTALL_CA_BUNDLE}".tmp "${INSTALL_CA_BUNDLE}"
+ break
+ ;;
+ nfs://*)
+ mtpoint=$(mktemp -d) && \
+ host=$(echo "${CACERTS}" | sed 's,^nfs://\([^/]\+\)/.*$,\1,') && \
+ mount -t nfs "$host" "$mtpoint" && \
+ leaf=$(echo "${CACERTS}" | sed 's,^nfs://[^/]\+/,/,') && \
+ cp "${mtpoint}/${leaf}" "${INSTALL_CA_BUNDLE}" || {
+ umount "${mtpoint}" && rmdir "${mtpoint}"
+ cacerts_install_problem "Could not retrieve certificate bundle"
+ }
+ umount "${mtpoint}"
+ rmdir "${mtpoint}"
+ break
+ ;;
+ https://*)
+ echo "Downloading SSL certificates over HTTPs is not supported">&2
+ cacerts_install_problem "Downloading SSL certificates over HTTPs is not supported"
+ ;;
+ file://*|/*)
+ #local file -- strip optional file:// prefix
+ CACERTS="${CACERTS#file://}"
+ if [ -r "${CACERTS}" ]; then
+ cp "${CACERTS}" "${INSTALL_CA_BUNDLE}" 2>/tmp/copy.err || {
+ cacerts_install_problem "Could not install file provided" "`cat /tmp/copy.err`"
+ }
+ else
+ cacerts_install_problem "Could not install file provided"
+ fi
+ ;;
+ *)
+ echo "Invalid URL given for certificate bundle." >&2
+ cacerts_install_problem "Unrecognized URL given"
+ ;;
+ esac
+ return ${Continue}
+}
+
+cacerts_get_settings
+
+# Skip certificates installation
+if [ x"$CACERTS" = x ]; then
+ exit ${Continue}
+fi
+
+#
+# CACERTS contains the URL/path to a certificates bundle
+#
+cacerts_install
PASSWORD_CONF="${INSTALL_DATA}/password.conf"
LICENSE_KEY_CONF="${INSTALL_DATA}/license-key.conf"
BACKEND_CONF="${INSTALL_DATA}/backend.conf"
+CACERTS_CONF="${INSTALL_DATA}/cacerts.conf"
INSTALL_STATUS_CONF="${INSTALL_DATA}/install-status.conf"
OPTICAL_CONF="${INSTALL_DATA}/optical.conf"
NETWORK_REPO_CONF="${INSTALL_DATA}/network-repo.conf"
INSTALL_MODE_CONF="${INSTALL_DATA}/install-mode.conf"
-
+INSTALL_CA_BUNDLE="${INSTALL_DATA}/ca-bundle.crt"
ALL_CONFIGS="${FULL_ANSWERFILE} ${ANSWERFILE} ${AUTOMATED_CONF} ${DISK_CONF}"
ALL_CONFIGS="${ALL_CONFIGS} ${HOST_CAPABILITY_CONF} ${NETWORK_NIC_CONF}"
ALL_CONFIGS="${ALL_CONFIGS} ${PASSWORD_CONF} ${LICENSE_KEY_CONF} ${BACKEND_CONF}"
ALL_CONFIGS="${ALL_CONFIGS} ${INSTALL_STATUS_CONF} ${OPTICAL_CONF} ${NETWORK_REPO_CONF}"
-ALL_CONFIGS="${ALL_CONFIGS} ${INSTALL_MODE_CONF}"
+ALL_CONFIGS="${ALL_CONFIGS} ${INSTALL_MODE_CONF} ${CACERTS_CONF}"
#-----------------------------------------------------------
# Filesystem paths
CONF_KEY="$4"
CONF_FILE="$5"
ARG_PREVIOUS="$6"
+ ARG_DIMENSIONS="$7"
HANDLE_PREV=0
show_cursor
CAPTURE=$(mktemp)
- dialog --cancel-label Previous --inputbox "${QUERY_TITLE}" 0 40 "${DEFAULT_STRING}" 2>${CAPTURE}
+ [ x"${ARG_DIMENSIONS}" != x ] || ARG_DIMENSIONS="0 40"
+ dialog --cancel-label Previous --inputbox "${QUERY_TITLE}" ${ARG_DIMENSIONS} "${DEFAULT_STRING}" 2>${CAPTURE}
OPT="$?"
hide_cursor
projects / xenclient / build.git / commitdiff