#######################################
## Do Not Edit
## san2(at)linuxchannel.net
########################################
##
## mod_ssl.lib

mod_ssl_install_preview() {

    if [ "$foundmod_ssl" != "0" -a "$foundapache" != "0" ] ; then

        ## add 2002.03.30
        ##
        check_mod_ssl_version

        if [ "$foundmod_ssl" = "0" ] ; then
            echo "${T_MR}[$i] Error !!! not match${T_ME} version ${APACHE_V} and ${MOD_SSL_V}"
        else
            if [ "$foundopenssl" != "0" ] ; then
                echo "${T_MD}[$i] ${MOD_SSL_V}/${OPENSSL_V}${T_ME} install to $APACHE_V Static modules(NOT DSO modules)"
            else
                if [ "$openssl_installed_case" != "0" ] ; then
                    echo "${T_MD}[$i] ${MOD_SSL_V}[${openssl_path}]${T_ME} install to $APACHE_V Static modules(NOT DSO modules)"
                fi
            fi
        fi

        i=$(($i+1))
    #else
    #    echo "*** Notice!!! Not found ${WORK}/mod_ssl-xxx.tar.gz"
    #    echo "*** so SKIP mod_ssl install"
    #    echo "*** Do you have TWO(2) mod_ssl-xxx.tar.gz ???"
    fi
}


make_sh_apachesslkey() {
    openssl_cmdfile="/usr/local/ssl/bin/openssl"
    if [ -s "$openssl_cmdfile" ] ; then
        openssl_cmd=$openssl_cmdfile
    else
        openssl_cmdfile=`which openssl 2>/dev/null`
        if [ "$openssl_cmdfile" != "" ] ; then
            openssl_cmd=$openssl_cmdfile
        else
            openssl_cmd=""
        fi
    fi

    if [ "$openssl_cmd" != "" ] ; then

        echo "${T_MD}Make APACHE SSL KEY starting : command is $openssl_cmd${T_ME}"
        echo ""
        echo "[SETP 1] -> [STEP 2] -> [STEP 3]"
        echo ""
        echo "Ok now"
        echo "${T_MD}[STEP 1] make  PRIVATE Key(RSA PRIVATE KEY)${T_ME}"
        $openssl_cmd genrsa -des3 -rand T1:T2:T3:T4:T5 1024 > ${LOGDIR}/server.key
        cp -f ${LOGDIR}/server.key /usr/local/apache/conf/ssl.key/
        echo "cp -f ${LOGDIR}/server.key /usr/local/apache/conf/ssl.key/"
        echo ""
        echo ""
        echo "${T_MD}[STEP 2] make CSR key(CERTIFICATE REQUEST)${T_ME}"
        $openssl_cmd req -new -key ${LOGDIR}/server.key -out ${LOGDIR}/server.csr
        cp -f ${LOGDIR}/server.csr /usr/local/apache/conf/ssl.csr/
        echo "cp -f ${LOGDIR}/server.csr /usr/local/apache/conf/ssl.csr/"
        echo ""
        echo ""
        echo "${T_MD}[Step 3] make CRT key${T_ME}"
        $openssl_cmd req -x509 -key ${LOGDIR}/server.key -in ${LOGDIR}/server.csr > ${LOGDIR}/server.crt
        cp -f ${LOGDIR}/server.crt /usr/local/apache/conf/ssl.crt/
        echo "cp -f ${LOGDIR}/server.crt /usr/local/apache/conf/ssl.crt/"
        echo ""
        echo ""
        echo "Ok, You ${T_MD}CAN DO${T_ME} that command line : ${T_MD}/usr/local/apache/bin/apachectl startssl${T_ME}"
        echo ""
    else
        echo ""
        echo "Unknow openssl command"
        echo ""
    fi
}


readme_apachesslkey() {
    readmesslfile="$1"
    echo "" > $readmesslfile
    echo "Readme Apache SSL start" >> $readmesslfile
    echo "" >> $readmesslfile
    echo "[Step 1] make  PRIVATE Key(RSA PRIVATE KEY)" >> $readmesslfile
    echo "   [root@host /]# cd /usr/local/ssl/private" >> $readmesslfile
    echo "   [root@host private]# /usr/local/bin/openssl genrsa -des3 -rand T1:T2:T3:T4:T5 1024 > server.key" >> $readmesslfile
    echo "   [root@host private]# ls" >> $readmesslfile
    echo "   [root@host private]# server.key" >> $readmesslfile
    echo "   [root@host private]# cp -f server.key /usr/local/apache/conf/ssl.key/" >> $readmesslfile
    echo "" >> $readmesslfile
    echo "[Step 2] make CSR key(CERTIFICATE REQUEST)" >> $readmesslfile
    echo "   [root@host private]# /usr/local/bin/openssl req -new -key server.key -out server.csr" >> $readmesslfile
    echo "   [root@host private]# cp -f server.csr /usr/local/apache/conf/ssl.csr/" >> $readmesslfile
    echo "" >> $readmesslfile
    echo "[Step 3] make CRT key" >> $readmesslfile
    echo "   [root@host private]# /usr/local/bin/openssl req -x509 -key server.key -in server.csr > server.crt" >> $readmesslfile
    echo "     *** there some question, you must answer ***" >> $readmesslfile
    echo "   [root@host private]# cp -f server.crt /usr/local/apache/conf/ssl.crt/" >> $readmesslfile
    echo "" >> $readmesslfile
    echo "[Step 4] apache ssl start" >> $readmesslfile
    echo "   [root@host private]# cd /usr/local/apache" >> $readmesslfile
    echo "     *** You must some edit /usr/local/apache/conf/httpd.conf ***" >> $readmesslfile
    echo "   [root@host apache]# bin/apachectl startssl" >> $readmesslfile
    echo "   ..." >> $readmesslfile
    echo "   ..." >> $readmesslfile
    echo "   Enter pass phrase: <-- input password when make CRT key" >> $readmesslfile
    echo "   Ok: Pass Phrase Dialog successful." >> $readmesslfile
    echo "   bin/apachectl startssl: httpd started" >> $readmesslfile
    echo "   [root@host apache]#" >> $readmesslfile
    echo "   [root@host apache]# ps -ef | grep httpd" >> $readmesslfile
    echo "   ..." >> $readmesslfile
    echo "   nobody    6343  6339  0 00:44 ? 00:00:00 bin/httpd -DSS" >> $readmesslfile
    echo "   ..." >> $readmesslfile
    echo "   [root@host apache]#" >> $readmesslfile
    echo "" >> $readmesslfile
    echo "" >> $readmesslfile
    echo "" >> $readmesslfile
    echo "END" >> $readmesslfile
}

## add 2002.03.30
##
check_mod_ssl_version() {
    check_V_apache=`echo "$APACHE_V" | sed 's/apache_//'`
    check_V_mod_ssl=`echo "$MOD_SSL_V" | awk -F"-" '{print ($3)}'`

    if [ "$check_V_apache" != "$check_V_mod_ssl" ] ; then
        foundmod_ssl="0"
    fi
}