Store generated SSL certificates in the .configure directory.

Co-Authored-By: Nicole Kleinhoff <ilbelkyr@shalture.org>

5 files changed, 23 insertions, 7 deletions

diff --git a/configure b/configure
index 5c99c2b45..767929a1d 100755
--- a/configure
+++ b/configure
@@ -393,9 +393,10 @@ EOQ
 
 if (<$RealDir/src/modules/m_ssl_*.cpp>) {
 	if (prompt_bool $interactive, $question, $interactive) {
-		system './tools/genssl', 'auto';
+		create_directory CONFIGURE_DIRECTORY, 0750 or print_error "unable to create ${\CONFIGURE_DIRECTORY}: $!";
+		system './tools/genssl', 'auto', CONFIGURE_DIRECTORY;
 	} else {
-		my @pems = <$RealDir/{cert,csr,dhparams,key}.pem>;
+		my @pems = <${\CONFIGURE_DIRECTORY}/{cert,csr,dhparams,key}.pem>;
 		$question = <<EOQ;
 The following self-signed files were previously generated and will be installed
 when you run Make. Do you want to delete them?
diff --git a/make/configure.pm b/make/configure.pm
index cb9b8f640..fd1833d5f 100644
--- a/make/configure.pm
+++ b/make/configure.pm
@@ -45,6 +45,7 @@ use constant CONFIGURE_ERROR_PIPE    => $ENV{INSPIRCD_VERBOSE} ? '' : '1>/dev/nu
 
 our @EXPORT = qw(CONFIGURE_CACHE_FILE
                  CONFIGURE_CACHE_VERSION
+                 CONFIGURE_DIRECTORY
                  cmd_clean
                  cmd_help
                  cmd_update
diff --git a/make/template/inspircd-genssl.1 b/make/template/inspircd-genssl.1
index 93f05ff58..7a1f70c6a 100644
--- a/make/template/inspircd-genssl.1
+++ b/make/template/inspircd-genssl.1
@@ -24,7 +24,7 @@
 .BR
 
 .SH "SYNOPSIS"
-\t\fBinspircd-genssl\fR [ auto | gnutls | openssl ]
+\t\fBinspircd-genssl\fR [ auto | gnutls | openssl ] [ SSL-DIR ]
 
 .SH "OPTIONS"
 .TP
diff --git a/make/template/main.mk b/make/template/main.mk
index 9f905f970..5a2107d3d 100644
--- a/make/template/main.mk
+++ b/make/template/main.mk
@@ -250,7 +250,7 @@ endif
 	-$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_TXT) docs/conf/services/*.example $(EXAPATH)/services
 	-$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_TXT) docs/sql/*.sql $(EXAPATH)/sql
 	-$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_TXT) @CONFIGURE_DIRECTORY@/help.txt $(CONPATH)
-	-$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_PRV) *.pem $(CONPATH) 2>/dev/null
+	-$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_PRV) @CONFIGURE_DIRECTORY@/*.pem $(CONPATH) 2>/dev/null
 	@echo ""
 	@echo "*************************************"
 	@echo "*        INSTALL COMPLETE!          *"
diff --git a/tools/genssl b/tools/genssl
index 930f4b1d7..f4c38fd2e 100755
--- a/tools/genssl
+++ b/tools/genssl
@@ -31,10 +31,18 @@ use File::Temp();
 # IMPORTANT: This script has to be able to run by itself so that it can be used
 #            by binary distributions where the make/console.pm module will not
 #            be available!
+eval {
+	use File::Basename qw(dirname);
+	use FindBin        qw($RealDir);
+
+	use lib dirname $RealDir;
+	require make::console;
+	make::console->import();
+};
 
 sub prompt($$) {
 	my ($question, $default) = @_;
-	return prompt_string(1, $question, $default) if eval 'use File::Basename; use FindBin; use lib dirname($FindBin::RealDir); use make::console; 1';
+	return prompt_string(1, $question, $default) if defined main->can('prompt_string');
 	say $question;
 	print "[$default] => ";
 	chomp(my $answer = <STDIN>);
@@ -42,8 +50,8 @@ sub prompt($$) {
 	return $answer ? $answer : $default;
 }
 
-if ($#ARGV != 0 || $ARGV[0] !~ /^(?:auto|gnutls|openssl)$/i) {
-	say STDERR "Usage: $0 <auto|gnutls|openssl>";
+if (scalar @ARGV < 1 || $ARGV[0] !~ /^(?:auto|gnutls|openssl)$/i) {
+	say STDERR "Usage: $0 <auto|gnutls|openssl> [SSL-DIR]";
 	exit 1;
 }
 
@@ -75,6 +83,12 @@ if ($tool eq 'auto') {
 	exit 1;
 }
 
+# Output to the cwd unless an SSL directory is specified.
+if (scalar @ARGV > 1 && !chdir $ARGV[1]) {
+	say STDERR "Unable to change the working directory to $ARGV[1]: $!.";
+	exit 1;
+}
+
 # Harvest information needed to generate the certificate.
 my $common_name = prompt('What is the hostname of your server?', 'irc.example.com');
 my $email = prompt('What email address can you be contacted at?', 'example@example.com');