From cb926df2fa42bd1e396a600ff6212ee4f4e04118 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 1 Aug 2016 23:18:25 +0200 Subject: [PATCH] Don't overwrite existing installed openssl.cnf Instead, install the new one as openssl.cnf.dist (openssl.cnf-dist on VMS), and only install it as openssl.cnf if that file doesn't already exist. Also, don't install with exec privileges on VMS. Reviewed-by: Rich Salz --- Configurations/descrip.mms.tmpl | 7 +++++-- Configurations/unix-Makefile.tmpl | 9 +++++++-- Configurations/windows-makefile.tmpl | 5 ++++- 3 files changed, 16 insertions(+), 5 deletions(-) diff --git a/Configurations/descrip.mms.tmpl b/Configurations/descrip.mms.tmpl index 89930972a8..40e04bbb17 100644 --- a/Configurations/descrip.mms.tmpl +++ b/Configurations/descrip.mms.tmpl @@ -375,8 +375,11 @@ install_ssldirs : check_INSTALLTOP CREATE/DIR/PROT=(S:RWED,O:RWE,G,W) OSSL_DATAROOT:[MISC] COPY/PROT=W:RE $(MISC_SCRIPTS) OSSL_DATAROOT:[MISC] @ ! Install configuration file - COPY/PROT=W:RE {- sourcefile("apps", "openssl-vms.cnf") -} - - ossl_dataroot:[000000]openssl.cnf + COPY/PROT=W:R {- sourcefile("apps", "openssl-vms.cnf") -} - + ossl_dataroot:[000000]openssl.cnf-dist + IF F$SEARCH("OSSL_DATAROOT:[000000]openssl.cnf") .EQS. "" THEN - + COPY/PROT=W:R {- sourcefile("apps", "openssl-vms.cnf") -} - + ossl_dataroot:[000000]openssl.cnf install_shared : check_INSTALLTOP @ {- output_off() if $disabled{shared}; "" -} ! diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl index 9feb4b1bbc..3b6914c930 100644 --- a/Configurations/unix-Makefile.tmpl +++ b/Configurations/unix-Makefile.tmpl @@ -346,10 +346,15 @@ install_ssldirs: mv -f $(DESTDIR)$(OPENSSLDIR)/misc/$$fn.new \ $(DESTDIR)$(OPENSSLDIR)/misc/$$fn; \ done - @echo "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(OPENSSLDIR)/openssl.cnf" + @echo "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.dist" @cp $(SRCDIR)/apps/openssl.cnf $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.new @chmod 644 $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.new - @mv -f $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.new $(DESTDIR)$(OPENSSLDIR)/openssl.cnf + @mv -f $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.new $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.dist + @if ! [ -f "$(DESTDIR)$(OPENSSLDIR)/openssl.cnf" ]; then \ + echo "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(OPENSSLDIR)/openssl.cnf"; \ + cp $(SRCDIR)/apps/openssl.cnf $(DESTDIR)$(OPENSSLDIR)/openssl.cnf; \ + chmod 644 $(DESTDIR)$(OPENSSLDIR)/openssl.cnf; \ + fi install_dev: @[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1) diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl index b35feb5fe7..cbb9116be8 100644 --- a/Configurations/windows-makefile.tmpl +++ b/Configurations/windows-makefile.tmpl @@ -257,7 +257,10 @@ install_ssldirs: @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(OPENSSLDIR)\private" @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(OPENSSLDIR)\misc" @"$(PERL)" "$(SRCDIR)\util\copy.pl" "$(SRCDIR)\apps\openssl.cnf" \ - "$(OPENSSLDIR)" + "$(OPENSSLDIR)\openssl.cnf.dist" + @IF NOT EXIST "$(OPENSSLDIR)\openssl.cnf" \ + "$(PERL)" "$(SRCDIR)\util\copy.pl" "$(SRCDIR)\apps\openssl.cnf" \ + "$(OPENSSLDIR)\openssl.cnf" @"$(PERL)" "$(SRCDIR)\util\copy.pl" $(MISC_SCRIPTS) \ "$(OPENSSLDIR)\misc" -- 2.25.1