From mboxrd@z Thu Jan  1 00:00:00 1970
From: rmccabe@sourceware.org <rmccabe@sourceware.org>
Date: 18 Jan 2007 03:02:41 -0000
Subject: [Cluster-devel] conga luci/init.d/luci luci/utils/luci_admin r ...
Message-ID: <20070118030241.22320.qmail@sourceware.org>
List-Id: <cluster-devel.redhat.com>
To: cluster-devel.redhat.com
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

CVSROOT:	/cvs/cluster
Module name:	conga
Changes by:	rmccabe at sourceware.org	2007-01-18 03:02:39

Modified files:
	luci/init.d    : luci 
	luci/utils     : luci_admin 
	ricci          : ricci.spec.in.in 
	ricci/init.d   : ricci 
	ricci/test_suite: generate_certs.sh 

Log message:
	bump the certificate lifetime to 5 years (from 3) to match the settings in the -RHEL5 branch

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/init.d/luci.diff?cvsroot=cluster&r1=1.13&r2=1.14
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/utils/luci_admin.diff?cvsroot=cluster&r1=1.51&r2=1.52
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/ricci.spec.in.in.diff?cvsroot=cluster&r1=1.12&r2=1.13
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/init.d/ricci.diff?cvsroot=cluster&r1=1.9&r2=1.10
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/test_suite/generate_certs.sh.diff?cvsroot=cluster&r1=1.1&r2=1.2

--- conga/luci/init.d/luci	2006/11/02 00:46:49	1.13
+++ conga/luci/init.d/luci	2007/01/18 03:02:38	1.14
@@ -67,7 +67,7 @@
     rm -f $HTTPS_PRIVKEY $HTTPS_PUBKEY
     echo -n "generating https SSL certificates...  "
     /usr/bin/openssl genrsa -out $HTTPS_PRIVKEY 2048 > /dev/null 2>&1
-    /usr/bin/openssl req -new -x509 -key $HTTPS_PRIVKEY -out $HTTPS_PUBKEY -days 1095 -config /var/lib/luci/var/certs/cacert.config
+    /usr/bin/openssl req -new -x509 -key $HTTPS_PRIVKEY -out $HTTPS_PUBKEY -days 1825 -config /var/lib/luci/var/certs/cacert.config
     /bin/chown $LUCI_USER:$LUCI_GROUP $HTTPS_PRIVKEY $HTTPS_PUBKEY
     /bin/chmod 600 $HTTPS_PRIVKEY
     /bin/chmod 644 $HTTPS_PUBKEY
--- conga/luci/utils/luci_admin	2006/12/21 21:32:00	1.51
+++ conga/luci/utils/luci_admin	2007/01/18 03:02:38	1.52
@@ -996,9 +996,9 @@
     args = [command, 'genrsa', '-out', SSL_PRIVKEY_PATH, '2048']
     _execWithCaptureErrorStatus(command, args)
     
-    # /usr/bin/openssl req -new -x509 -key /var/lib/luci/var/certs/privkey.pem -out /var/lib/luci/var/certs/cacert.pem -days 1095 -config /var/lib/luci/var/certs/cacert.config
+    # /usr/bin/openssl req -new -x509 -key /var/lib/luci/var/certs/privkey.pem -out /var/lib/luci/var/certs/cacert.pem -days 1825 -config /var/lib/luci/var/certs/cacert.config
     command = '/usr/bin/openssl'
-    args = [command, 'req', '-new', '-x509', '-key', SSL_PRIVKEY_PATH, '-out', SSL_PUBKEY_PATH, '-days', '1095', '-config', SSL_KEYCONFIG_PATH]
+    args = [command, 'req', '-new', '-x509', '-key', SSL_PRIVKEY_PATH, '-out', SSL_PUBKEY_PATH, '-days', '1825', '-config', SSL_KEYCONFIG_PATH]
     _execWithCaptureErrorStatus(command, args)
     
     # take ownership and restrict access
--- conga/ricci/ricci.spec.in.in	2006/05/26 22:17:35	1.12
+++ conga/ricci/ricci.spec.in.in	2007/01/18 03:02:38	1.13
@@ -85,7 +85,7 @@
 if [ ! -e /var/lib/ricci/certs/privkey.pem ]; then
 	/usr/bin/openssl genrsa -out /var/lib/ricci/certs/privkey.pem 2048 > /dev/null 2>&1
 	/usr/bin/openssl req -new -x509 -key /var/lib/ricci/certs/privkey.pem \
-	-out /var/lib/ricci/certs/cacert.pem -days 1095 -config /var/lib/ricci/certs/cacert.config
+	-out /var/lib/ricci/certs/cacert.pem -days 1825 -config /var/lib/ricci/certs/cacert.config
 	/bin/chown -R ricci:ricci /var/lib/ricci/certs/*
 	/bin/chmod 644 /var/lib/ricci/certs/*
 	/bin/chmod 400 /var/lib/ricci/certs/privkey.pem
--- conga/ricci/init.d/ricci	2006/10/24 21:54:29	1.9
+++ conga/ricci/init.d/ricci	2007/01/18 03:02:38	1.10
@@ -58,7 +58,7 @@
     rm -f $SSL_PUBKEY $SSL_PRIVKEY
     echo -n "generating SSL certificates...  "
     /usr/bin/openssl genrsa -out $SSL_PRIVKEY 2048 > /dev/null 2>&1
-    /usr/bin/openssl req -new -x509 -key $SSL_PRIVKEY -out $SSL_PUBKEY -days 1095 -config /var/lib/ricci/certs/cacert.config
+    /usr/bin/openssl req -new -x509 -key $SSL_PRIVKEY -out $SSL_PUBKEY -days 1825 -config /var/lib/ricci/certs/cacert.config
     /bin/chown $RUNASUSER:$RUNASUSER $SSL_PRIVKEY $SSL_PUBKEY
     /bin/chmod 644 $SSL_PUBKEY
     /bin/chmod 600 $SSL_PRIVKEY
--- conga/ricci/test_suite/generate_certs.sh	2006/10/27 19:30:30	1.1
+++ conga/ricci/test_suite/generate_certs.sh	2007/01/18 03:02:39	1.2
@@ -1,5 +1,5 @@
 #!/bin/bash
 
 /usr/bin/openssl genrsa -out privkey.pem 2048
-/usr/bin/openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 -config cacert.config
+/usr/bin/openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1825 -config cacert.config
 chmod go-rwx *.pem