From f20457e099fe07d166818ee458519cd7ea5b125b Mon Sep 17 00:00:00 2001
From: rpe <>
Date: Fri, 28 Aug 2015 18:10:46 +0000
Subject: [PATCH] Changes for start_daemon(): - use more descriptive variable
 name

Changes for make_keys():
- use variables for file paths
- key -> keys in message
- take into account the return codes of isakmpd private *and* public
  key generation

OK krw@ halex@
---
 src/etc/rc | 40 +++++++++++++++++++++-------------------
 1 file changed, 21 insertions(+), 19 deletions(-)

diff --git a/src/etc/rc b/src/etc/rc
index 334acd53..0735432f 100644
--- a/src/etc/rc
+++ b/src/etc/rc
@@ -1,4 +1,4 @@
-#	$OpenBSD: rc,v 1.459 2015/08/22 23:32:18 rpe Exp $
+#	$OpenBSD: rc,v 1.460 2015/08/28 18:10:46 rpe Exp $
 
 # System startup script run by init on autoboot or after single-user.
 # Output and error are redirected to console by init, and the console is the
@@ -121,36 +121,38 @@ fill_baddynamic() {
 # Start daemon using the rc.d daemon control scripts.
 # Usage: start_daemon daemon1 daemon2 daemon3
 start_daemon() {
-	local _n
-	for _n; do
-		eval _do=\${${_n}_flags}
-		if [ X"${_do}" != X"NO" ]; then
-			/etc/rc.d/${_n} start
-		fi
+	local _daemon
+
+	for _daemon; do
+		eval "_do=\${${_daemon}_flags}"
+		[[ $_do != NO ]] && /etc/rc.d/${_daemon} start
 	done
 }
 
 # Generate keys for isakmpd, iked and sshd if the don't exist yet.
 make_keys() {
-	if [ ! -f /etc/isakmpd/private/local.key ]; then
-		echo -n "openssl: generating isakmpd/iked RSA key... "
-		if openssl genrsa -out /etc/isakmpd/private/local.key 2048 \
-		    >/dev/null 2>&1; then
-			chmod 600 /etc/isakmpd/private/local.key
-			openssl rsa -out /etc/isakmpd/local.pub -in \
-			    /etc/isakmpd/private/local.key -pubout \
-			    >/dev/null 2>&1
+	local _isakmpd_key=/etc/isakmpd/private/local.key
+	local _isakmpd_pub=/etc/isakmpd/local.pub
+	local _iked_key=/etc/iked/private/local.key
+	local _iked_pub=/etc/iked/local.pub
+
+	if [[ ! -f $_isakmpd_key ]]; then
+		echo -n "openssl: generating isakmpd/iked RSA keys... "
+		if openssl genrsa -out $_isakmpd_key 2048 >/dev/null 2>&1 &&
+			chmod 600 $_isakmpd_key &&
+			openssl rsa -out $_isakmpd_pub -in $_isakmpd_key \
+			    -pubout >/dev/null 2>&1; then
 			echo done.
 		else
 			echo failed.
 		fi
 	fi
 
-	if [ ! -f /etc/iked/private/local.key ]; then
+	if [[ ! -f $_iked_key ]]; then
 		# Just copy the generated isakmpd key
-		cp /etc/isakmpd/private/local.key /etc/iked/private/local.key
-		chmod 600 /etc/iked/private/local.key
-		cp /etc/isakmpd/local.pub /etc/iked/local.pub
+		cp $_isakmpd_key $_iked_key
+		chmod 600 $_iked_key
+		cp $_isakmpd_pub $_iked_pub
 	fi
 
 	ssh-keygen -A