From: Michael Friedrich <michael.friedrich@netways.de>
Date: Thu, 19 Nov 2015 16:06:41 +0000 (+0100)
Subject: Fix pki new-ca not checking for existing ca files
X-Git-Tag: v2.5.0~720
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=530c7c7fcc586ed55ddfa82ad47944bbe77b5d4a;p=icinga2

Fix pki new-ca not checking for existing ca files

fixes #10677
---

diff --git a/lib/cli/pkiutility.cpp b/lib/cli/pkiutility.cpp
index d40cdc2da..6f0faab80 100644
--- a/lib/cli/pkiutility.cpp
+++ b/lib/cli/pkiutility.cpp
@@ -45,17 +45,20 @@ String PkiUtility::GetLocalCaPath(void)
 
 int PkiUtility::NewCa(void)
 {
-	String cadir = GetLocalCaPath();
+	String caDir = GetLocalCaPath();
+	String caCertFile = caDir + "/ca.crt";
+	String caKeyFile = caDir + "/ca.key";
+	String caSerialFile = caDir + "/serial.txt";
 
-	if (Utility::PathExists(cadir)) {
+	if (Utility::PathExists(caCertFile) && Utility::PathExists(caKeyFile)) {
 		Log(LogCritical, "cli")
-		    << "CA directory '" << cadir << "' already exists.";
+		    << "CA files '" << caCertFile << "' and '" << caKeyFile << "'already exist.";
 		return 1;
 	}
 
-	Utility::MkDirP(cadir, 0700);
+	Utility::MkDirP(caDir, 0700);
 
-	MakeX509CSR("Icinga CA", cadir + "/ca.key", String(), cadir + "/ca.crt", cadir + "/serial.txt", true);
+	MakeX509CSR("Icinga CA", caKeyFile, String(), caCertFile, caSerialFile, true);
 
 	return 0;
 }