From f1672e9c535820669f9ec3e0e5c9db6f79b2b866 Mon Sep 17 00:00:00 2001 From: Victor Seva Date: Tue, 29 Apr 2014 16:47:04 +0200 Subject: [PATCH] MT#6833 MT#6695 use api_ssl directory --- debian/ngcp-panel.postinst | 7 ------- ngcp_panel.conf | 6 +++--- sandbox/api_auth.php | 6 +++--- sandbox/api_auth.pl | 6 +++--- t/api-auth.t | 8 ++++---- t/api-billingfees.t | 4 ++-- t/api-billingprofiles.t | 4 ++-- t/api-callforwards.t | 4 ++-- t/api-contracts.t | 4 ++-- t/api-customercontacts.t | 4 ++-- t/api-customers.t | 4 ++-- t/api-resellers.t | 4 ++-- t/api-rewriterulesets.t | 4 ++-- t/api-root.t | 4 ++-- t/api-systemcontacts.t | 4 ++-- t/api-valid-patch.t | 4 ++-- 16 files changed, 35 insertions(+), 42 deletions(-) diff --git a/debian/ngcp-panel.postinst b/debian/ngcp-panel.postinst index 090ad1e28c..7476754c17 100644 --- a/debian/ngcp-panel.postinst +++ b/debian/ngcp-panel.postinst @@ -15,13 +15,6 @@ case "$1" in ;; esac -# certs should end up in db, but in the meanwhile prepare -# the dir structure -if [ ! -d /etc/ssl/ngcp/api ]; then - mkdir -p /etc/ssl/ngcp/api - chown www-data:www-data /etc/ssl/ngcp/api -fi - # remove default debian site if [ -e /etc/nginx/sites-enabled/default ]; then rm /etc/nginx/sites-enabled/default diff --git a/ngcp_panel.conf b/ngcp_panel.conf index b0e9089374..2f41db58b9 100644 --- a/ngcp_panel.conf +++ b/ngcp_panel.conf @@ -96,7 +96,7 @@ log4perl.appender.Default.layout.ConversionPattern=%d{ISO8601} [%p] [%F +%L] %m{ - rest_api_keyfile /etc/ssl/ngcp/api/ca-key.pem - rest_api_certfile /etc/ssl/ngcp/api/ca-cert.pem - server_certfile /etc/ssl/ngcp/api/ca-cert.pem + rest_api_keyfile /etc/ngcp-panel/api_ssl/api_ca.key + rest_api_certfile /etc/ngcp-panel/api_ssl/api_ca.crt + server_certfile /etc/ngcp-panel/api_ssl/api_ca.crt diff --git a/sandbox/api_auth.php b/sandbox/api_auth.php index 2c626a20d0..36bac59353 100644 --- a/sandbox/api_auth.php +++ b/sandbox/api_auth.php @@ -1,9 +1,9 @@ '/etc/ssl/ngcp/api/NGCP-API-client-certificate-1385650532.pem', - CURLOPT_SSLKEY => '/etc/ssl/ngcp/api/NGCP-API-client-certificate-1385650532.pem', - CURLOPT_CAINFO => '/etc/ssl/ngcp/api/ca-cert.pem', + CURLOPT_SSLCERT => '/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate-1385650532.pem', + CURLOPT_SSLKEY => '/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate-1385650532.pem', + CURLOPT_CAINFO => '/etc/ngcp-panel/api_ssl/api_ca.crt', CURLOPT_SSL_VERIFYPEER => true, CURLOPT_RETURNTRANSFER => true, ); diff --git a/sandbox/api_auth.pl b/sandbox/api_auth.pl index 61820acd0a..b7e70e97d2 100755 --- a/sandbox/api_auth.pl +++ b/sandbox/api_auth.pl @@ -4,9 +4,9 @@ use LWP::UserAgent; my $ua = LWP::UserAgent->new(); $ua->ssl_opts( - SSL_cert_file => '/etc/ssl/ngcp/api/NGCP-API-client-certificate-1385650532.pem', - SSL_key_file => '/etc/ssl/ngcp/api/NGCP-API-client-certificate-1385650532.pem', - SSL_ca_file => '/etc/ssl/ngcp/api/ca-cert.pem', + SSL_cert_file => '/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate-1385650532.pem', + SSL_key_file => '/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate-1385650532.pem', + SSL_ca_file => '/etc/ngcp-panel/api_ssl/api_ca.crt', ); my $can_accept = HTTP::Message::decodable; my $res = $ua->get( diff --git a/t/api-auth.t b/t/api-auth.t index 976249d109..bcf77be95b 100644 --- a/t/api-auth.t +++ b/t/api-auth.t @@ -6,21 +6,21 @@ use Test::More; my $uri = $ENV{CATALYST_SERVER} || ('https://'.hostfqdn.':4443'); my $valid_ssl_client_cert = $ENV{API_SSL_CLIENT_CERT} || - "/etc/ssl/ngcp/api/NGCP-API-client-certificate.pem"; + "/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate.pem"; my $valid_ssl_client_key = $ENV{API_SSL_CLIENT_KEY} || $valid_ssl_client_cert; my $invalid_ssl_client_cert = $ENV{API_SSL_INVALID_CLIENT_CERT} || - "/etc/ssl/ngcp/api/NGCP-API-client-certificate.invalid.pem"; + "/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate.invalid.pem"; my $invalid_ssl_client_key = $ENV{API_SSL_INVALID_CLIENT_KEY} || $invalid_ssl_client_cert; my $unauth_ssl_client_cert = $ENV{API_SSL_UNAUTH_CLIENT_CERT} || - "/etc/ssl/ngcp/api/NGCP-API-client-certificate.unauth.pem"; + "/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate.unauth.pem"; my $unauth_ssl_client_key = $ENV{API_SSL_UNAUTH_CLIENT_KEY} || $unauth_ssl_client_cert; -my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ssl/ngcp/api/ca-cert.pem"; +my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ngcp-panel/api_ssl/api_ca.crt"; my ($ua, $res); $ua = LWP::UserAgent->new; diff --git a/t/api-billingfees.t b/t/api-billingfees.t index 8af3d6c06d..c7fa9d9753 100644 --- a/t/api-billingfees.t +++ b/t/api-billingfees.t @@ -7,10 +7,10 @@ use Test::More; my $uri = $ENV{CATALYST_SERVER} || ('https://'.hostfqdn.':4443'); my $valid_ssl_client_cert = $ENV{API_SSL_CLIENT_CERT} || - "/etc/ssl/ngcp/api/NGCP-API-client-certificate.pem"; + "/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate.pem"; my $valid_ssl_client_key = $ENV{API_SSL_CLIENT_KEY} || $valid_ssl_client_cert; -my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ssl/ngcp/api/ca-cert.pem"; +my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ngcp-panel/api_ssl/api_ca.crt"; my ($ua, $req, $res); $ua = LWP::UserAgent->new; diff --git a/t/api-billingprofiles.t b/t/api-billingprofiles.t index 7ac58c3e9c..70e55b55be 100644 --- a/t/api-billingprofiles.t +++ b/t/api-billingprofiles.t @@ -7,10 +7,10 @@ use Test::More; my $uri = $ENV{CATALYST_SERVER} || ('https://'.hostfqdn.':4443'); my $valid_ssl_client_cert = $ENV{API_SSL_CLIENT_CERT} || - "/etc/ssl/ngcp/api/NGCP-API-client-certificate.pem"; + "/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate.pem"; my $valid_ssl_client_key = $ENV{API_SSL_CLIENT_KEY} || $valid_ssl_client_cert; -my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ssl/ngcp/api/ca-cert.pem"; +my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ngcp-panel/api_ssl/api_ca.crt"; my ($ua, $req, $res); $ua = LWP::UserAgent->new; diff --git a/t/api-callforwards.t b/t/api-callforwards.t index 29d1b332ac..8696cd694b 100644 --- a/t/api-callforwards.t +++ b/t/api-callforwards.t @@ -7,10 +7,10 @@ use Test::More; my $uri = $ENV{CATALYST_SERVER} || ('https://'.hostfqdn.':4443'); my $valid_ssl_client_cert = $ENV{API_SSL_CLIENT_CERT} || - "/etc/ssl/ngcp/api/NGCP-API-client-certificate.pem"; + "/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate.pem"; my $valid_ssl_client_key = $ENV{API_SSL_CLIENT_KEY} || $valid_ssl_client_cert; -my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ssl/ngcp/api/ca-cert.pem"; +my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ngcp-panel/api_ssl/api_ca.crt"; my ($ua, $req, $res); $ua = LWP::UserAgent->new; diff --git a/t/api-contracts.t b/t/api-contracts.t index 9b8eea4538..0e0e602b5c 100644 --- a/t/api-contracts.t +++ b/t/api-contracts.t @@ -9,10 +9,10 @@ use Test::More; my $uri = $ENV{CATALYST_SERVER} || ('https://'.hostfqdn.':4443'); my $valid_ssl_client_cert = $ENV{API_SSL_CLIENT_CERT} || - "/etc/ssl/ngcp/api/NGCP-API-client-certificate.pem"; + "/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate.pem"; my $valid_ssl_client_key = $ENV{API_SSL_CLIENT_KEY} || $valid_ssl_client_cert; -my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ssl/ngcp/api/ca-cert.pem"; +my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ngcp-panel/api_ssl/api_ca.crt"; my ($ua, $req, $res); $ua = LWP::UserAgent->new; diff --git a/t/api-customercontacts.t b/t/api-customercontacts.t index c1b99aeeff..0eedf0e33b 100644 --- a/t/api-customercontacts.t +++ b/t/api-customercontacts.t @@ -7,10 +7,10 @@ use Test::More; my $uri = $ENV{CATALYST_SERVER} || ('https://'.hostfqdn.':4443'); my $valid_ssl_client_cert = $ENV{API_SSL_CLIENT_CERT} || - "/etc/ssl/ngcp/api/NGCP-API-client-certificate.pem"; + "/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate.pem"; my $valid_ssl_client_key = $ENV{API_SSL_CLIENT_KEY} || $valid_ssl_client_cert; -my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ssl/ngcp/api/ca-cert.pem"; +my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ngcp-panel/api_ssl/api_ca.crt"; my ($ua, $req, $res); $ua = LWP::UserAgent->new; diff --git a/t/api-customers.t b/t/api-customers.t index 152b493fe7..823ccde127 100644 --- a/t/api-customers.t +++ b/t/api-customers.t @@ -9,10 +9,10 @@ use Test::More; my $uri = $ENV{CATALYST_SERVER} || ('https://'.hostfqdn.':4443'); my $valid_ssl_client_cert = $ENV{API_SSL_CLIENT_CERT} || - "/etc/ssl/ngcp/api/NGCP-API-client-certificate.pem"; + "/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate.pem"; my $valid_ssl_client_key = $ENV{API_SSL_CLIENT_KEY} || $valid_ssl_client_cert; -my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ssl/ngcp/api/ca-cert.pem"; +my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ngcp-panel/api_ssl/api_ca.crt"; my ($ua, $req, $res); $ua = LWP::UserAgent->new; diff --git a/t/api-resellers.t b/t/api-resellers.t index 397246a810..158490a556 100644 --- a/t/api-resellers.t +++ b/t/api-resellers.t @@ -7,10 +7,10 @@ use Test::More; my $uri = $ENV{CATALYST_SERVER} || ('https://'.hostfqdn.':4443'); my $valid_ssl_client_cert = $ENV{API_SSL_CLIENT_CERT} || - "/etc/ssl/ngcp/api/NGCP-API-client-certificate.pem"; + "/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate.pem"; my $valid_ssl_client_key = $ENV{API_SSL_CLIENT_KEY} || $valid_ssl_client_cert; -my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ssl/ngcp/api/ca-cert.pem"; +my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ngcp-panel/api_ssl/api_ca.crt"; my ($ua, $req, $res); $ua = LWP::UserAgent->new; diff --git a/t/api-rewriterulesets.t b/t/api-rewriterulesets.t index c0059d65e4..94400795d3 100644 --- a/t/api-rewriterulesets.t +++ b/t/api-rewriterulesets.t @@ -7,10 +7,10 @@ use Test::More; my $uri = $ENV{CATALYST_SERVER} || ('https://'.hostfqdn.':4443'); my $valid_ssl_client_cert = $ENV{API_SSL_CLIENT_CERT} || - "/etc/ssl/ngcp/api/NGCP-API-client-certificate.pem"; + "/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate.pem"; my $valid_ssl_client_key = $ENV{API_SSL_CLIENT_KEY} || $valid_ssl_client_cert; -my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ssl/ngcp/api/ca-cert.pem"; +my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ngcp-panel/api_ssl/api_ca.crt"; my ($ua, $req, $res); $ua = LWP::UserAgent->new; diff --git a/t/api-root.t b/t/api-root.t index a34110a620..a7d22581f2 100644 --- a/t/api-root.t +++ b/t/api-root.t @@ -7,10 +7,10 @@ use Test::More; my $uri = $ENV{CATALYST_SERVER} || ('https://'.hostfqdn.':4443'); my $valid_ssl_client_cert = $ENV{API_SSL_CLIENT_CERT} || - "/etc/ssl/ngcp/api/NGCP-API-client-certificate.pem"; + "/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate.pem"; my $valid_ssl_client_key = $ENV{API_SSL_CLIENT_KEY} || $valid_ssl_client_cert; -my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ssl/ngcp/api/ca-cert.pem"; +my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ngcp-panel/api_ssl/api_ca.crt"; my ($ua, $req, $res); $ua = LWP::UserAgent->new; diff --git a/t/api-systemcontacts.t b/t/api-systemcontacts.t index eb11e3abce..35493b3605 100644 --- a/t/api-systemcontacts.t +++ b/t/api-systemcontacts.t @@ -7,10 +7,10 @@ use Test::More; my $uri = $ENV{CATALYST_SERVER} || ('https://'.hostfqdn.':4443'); my $valid_ssl_client_cert = $ENV{API_SSL_CLIENT_CERT} || - "/etc/ssl/ngcp/api/NGCP-API-client-certificate.pem"; + "/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate.pem"; my $valid_ssl_client_key = $ENV{API_SSL_CLIENT_KEY} || $valid_ssl_client_cert; -my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ssl/ngcp/api/ca-cert.pem"; +my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ngcp-panel/api_ssl/api_ca.crt"; my ($ua, $req, $res); $ua = LWP::UserAgent->new; diff --git a/t/api-valid-patch.t b/t/api-valid-patch.t index e4ea4255d6..9f268c840f 100644 --- a/t/api-valid-patch.t +++ b/t/api-valid-patch.t @@ -7,10 +7,10 @@ use Test::More; my $uri = $ENV{CATALYST_SERVER} || ('https://'.hostfqdn.':4443'); my $valid_ssl_client_cert = $ENV{API_SSL_CLIENT_CERT} || - "/etc/ssl/ngcp/api/NGCP-API-client-certificate.pem"; + "/etc/ngcp-panel/api_ssl/NGCP-API-client-certificate.pem"; my $valid_ssl_client_key = $ENV{API_SSL_CLIENT_KEY} || $valid_ssl_client_cert; -my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ssl/ngcp/api/ca-cert.pem"; +my $ssl_ca_cert = $ENV{API_SSL_CA_CERT} || "/etc/ngcp-panel/api_ssl/api_ca.crt"; my ($ua, $req, $res, $body); $ua = LWP::UserAgent->new;