From b42e507ab5fb10087f4ef55d9ffa368514c9b1ee Mon Sep 17 00:00:00 2001
From: Willy Kloucek <wkloucek@owncloud.com>
Date: Fri, 11 Dec 2020 13:14:32 +0100
Subject: [PATCH 1/3] make glauth respect file paths

---
 glauth/.gitignore            |  1 +
 glauth/pkg/command/server.go |  2 +-
 glauth/pkg/crypto/gencert.go | 20 ++++++++++++++++++++
 3 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 glauth/.gitignore

diff --git a/glauth/.gitignore b/glauth/.gitignore
new file mode 100644
index 0000000000..adbb97d2d3
--- /dev/null
+++ b/glauth/.gitignore
@@ -0,0 +1 @@
+data/
\ No newline at end of file
diff --git a/glauth/pkg/command/server.go b/glauth/pkg/command/server.go
index 38efbcc6f5..5479067797 100644
--- a/glauth/pkg/command/server.go
+++ b/glauth/pkg/command/server.go
@@ -189,7 +189,7 @@ func Server(cfg *config.Config) *cli.Command {
 
 				if lscfg.Enabled {
 					// GenCert has side effects as it writes 2 files to the binary running location
-					if err := crypto.GenCert("ldap.crt", "ldap.key", logger); err != nil {
+					if err := crypto.GenCert(cfg.Ldaps.Cert, cfg.Ldaps.Key, logger); err != nil {
 						logger.Fatal().Err(err).Msgf("Could not generate test-certificate")
 					}
 				}
diff --git a/glauth/pkg/crypto/gencert.go b/glauth/pkg/crypto/gencert.go
index 039fe540b3..deda299109 100644
--- a/glauth/pkg/crypto/gencert.go
+++ b/glauth/pkg/crypto/gencert.go
@@ -10,6 +10,7 @@ import (
 	"math/big"
 	"net"
 	"os"
+	"path/filepath"
 	"time"
 
 	"github.com/owncloud/ocis/ocis-pkg/log"
@@ -92,6 +93,17 @@ func GenCert(certName string, keyName string, l log.Logger) error {
 		l.Fatal().Err(err).Msg("Failed to create certificate")
 	}
 
+	certPath := filepath.Dir(certName)
+	l.Error().Msg("certPath: " + certPath)
+	l.Error().Msg("certName: " + certName)
+
+	if _, err := os.Stat(certPath); os.IsNotExist(err) {
+		err = os.MkdirAll(certPath, 0700)
+		if err != nil {
+			l.Fatal().Err(err).Msg("Failed to create path " + certPath)
+		}
+	}
+
 	certOut, err := os.Create(certName)
 	if err != nil {
 		l.Fatal().Err(err).Msgf("Failed to open %v for writing", certName)
@@ -106,6 +118,14 @@ func GenCert(certName string, keyName string, l log.Logger) error {
 	}
 	l.Info().Msg("Written server.crt")
 
+	keyPath := filepath.Dir(keyName)
+	if _, err := os.Stat(keyPath); os.IsNotExist(err) {
+		err = os.MkdirAll(keyPath, 0700)
+		if err != nil {
+			l.Fatal().Err(err).Msg("Failed to create path " + keyPath)
+		}
+	}
+
 	keyOut, err := os.OpenFile(keyName, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
 	if err != nil {
 		l.Fatal().Err(err).Msgf("Failed to open %v for writing", keyName)

From 368d6db248e288eb1ce9c7b8a24b504265416a51 Mon Sep 17 00:00:00 2001
From: Willy Kloucek <wkloucek@owncloud.com>
Date: Tue, 15 Dec 2020 10:06:35 +0100
Subject: [PATCH 2/3] generate only if not present

---
 glauth/pkg/command/server.go |  1 -
 glauth/pkg/crypto/gencert.go | 11 ++++++++---
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/glauth/pkg/command/server.go b/glauth/pkg/command/server.go
index 5479067797..f59a54b4be 100644
--- a/glauth/pkg/command/server.go
+++ b/glauth/pkg/command/server.go
@@ -188,7 +188,6 @@ func Server(cfg *config.Config) *cli.Command {
 				}
 
 				if lscfg.Enabled {
-					// GenCert has side effects as it writes 2 files to the binary running location
 					if err := crypto.GenCert(cfg.Ldaps.Cert, cfg.Ldaps.Key, logger); err != nil {
 						logger.Fatal().Err(err).Msgf("Could not generate test-certificate")
 					}
diff --git a/glauth/pkg/crypto/gencert.go b/glauth/pkg/crypto/gencert.go
index deda299109..6182346b3e 100644
--- a/glauth/pkg/crypto/gencert.go
+++ b/glauth/pkg/crypto/gencert.go
@@ -47,6 +47,14 @@ func GenCert(certName string, keyName string, l log.Logger) error {
 	var priv interface{}
 	var err error
 
+	_, certErr := os.Stat(certName)
+	_, keyErr := os.Stat(keyName)
+
+	if certErr == nil && keyErr == nil {
+		l.Debug().Msg("LDAPS certificate and key already present, using these")
+		return nil
+	}
+
 	priv, err = rsa.GenerateKey(rand.Reader, 2048)
 
 	if err != nil {
@@ -94,9 +102,6 @@ func GenCert(certName string, keyName string, l log.Logger) error {
 	}
 
 	certPath := filepath.Dir(certName)
-	l.Error().Msg("certPath: " + certPath)
-	l.Error().Msg("certName: " + certName)
-
 	if _, err := os.Stat(certPath); os.IsNotExist(err) {
 		err = os.MkdirAll(certPath, 0700)
 		if err != nil {

From 01e88d67b0a3e7d1faea0a0d680203759d7ef23d Mon Sep 17 00:00:00 2001
From: Willy Kloucek <wkloucek@owncloud.com>
Date: Tue, 15 Dec 2020 10:09:33 +0100
Subject: [PATCH 3/3] do not overwrite any files

---
 glauth/pkg/crypto/gencert.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/glauth/pkg/crypto/gencert.go b/glauth/pkg/crypto/gencert.go
index 6182346b3e..ceea464f83 100644
--- a/glauth/pkg/crypto/gencert.go
+++ b/glauth/pkg/crypto/gencert.go
@@ -50,8 +50,8 @@ func GenCert(certName string, keyName string, l log.Logger) error {
 	_, certErr := os.Stat(certName)
 	_, keyErr := os.Stat(keyName)
 
-	if certErr == nil && keyErr == nil {
-		l.Debug().Msg("LDAPS certificate and key already present, using these")
+	if certErr == nil || keyErr == nil {
+		l.Debug().Msg("LDAPS certificate or key already present, using these")
 		return nil
 	}