Modified and improved default way how to store self generated cert

openSUSE · May 21, 2024 · 6af079e · 6af079e
1 parent 20d553f
commit 6af079e
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 6 deletions.
diff --git a/rust/agama-server/src/cert.rs b/rust/agama-server/src/cert.rs
@@ -27,16 +27,20 @@ use openssl::x509::{X509NameBuilder, X509};
 //     pub write(...)
 // }
 
-const DEFAULT_CERT_FILE: &str = "/run/agama/cert.pem";
-const DEFAULT_KEY_FILE: &str = "/run/agama/key.pem";
+const DEFAULT_CERT_DIR: &str = "/run/agama/ssl";
 
 /// Writes the certificate and the key to the well known location
 pub fn write_certificate(cert: X509, key: PKey<Private>) -> anyhow::Result<()> {
+    // check and create default dir if needed
+    if ! Path::new(DEFAULT_CERT_DIR).is_dir() {
+        std::fs::create_dir_all(DEFAULT_CERT_DIR)?;
+    }
+
     if let Ok(bytes) = cert.to_pem() {
-        fs::write(Path::new(DEFAULT_CERT_FILE), bytes)?;
+        fs::write(Path::new(DEFAULT_CERT_DIR).join("cert.pem"), bytes)?;
     }
     if let Ok(bytes) = key.public_key_to_pem() {
-        fs::write(Path::new(DEFAULT_KEY_FILE), bytes)?;
+        fs::write(Path::new(DEFAULT_CERT_DIR).join("key.pem"), bytes)?;
     }
 
     Ok(())

diff --git a/service/Gemfile.lock b/service/Gemfile.lock
@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    agama-yast (7.devel737)
+    agama-yast (7.devel1132)
       cfa (~> 1.0.2)
       cfa_grub2 (~> 2.0.0)
       cheetah (~> 1.0.0)
@@ -75,4 +75,4 @@ DEPENDENCIES
   yard (~> 0.9.0)
 
 BUNDLED WITH
-   2.4.22
+   2.5.3