Wrap commands in "if ! output_file, then run command"

This lets people run "./bootstrap" multiple times without problems.

diff --git a/raddb/certs/bootstrap b/raddb/certs/bootstrap
index cd7ce0a..f76a84f 100755 (executable)
--- a/raddb/certs/bootstrap
+++ b/raddb/certs/bootstrap
@@ -13,15 +13,15 @@
 umask 027
 cd `dirname $0`
 
-make -h 2>&1 > /dev/null
+make -h > /dev/null 2>&1
 
 #
 #  If we have a working "make", then use it.  Otherwise, run the commands
 #  manually.
 #
-if [ "$?" = "0" ]
-then
-  exec make all
+if [ "$?" = "0" ]; then
+  make all
+  exit $?
 fi
 
 #
@@ -31,18 +31,51 @@ fi
 #  Don't edit the following text.  Instead, edit the Makefile, and
 #  re-generate these commands.
 #
-openssl dhparam -out dh 1024 || exit 1
-if [ -e /dev/urandom ] ; then
+if [ ! -f dh ]; then
+  openssl dhparam -out dh 1024 || exit 1
+  if [ -e /dev/urandom ] ; then
        dd if=/dev/urandom of=./random count=10 >/dev/null 2>&1;
-else
+  else
        date > ./random;
+  fi
+fi
+
+if [ ! -f server.key ]; then
+  openssl req -new  -out server.csr -keyout server.key -config ./server.cnf || exit 1
+fi
+
+if [ ! -f ca.key ]; then
+  openssl req -new -x509 -keyout ca.key -out ca.pem -days `grep default_days ca.cnf | sed 's/.*=//;s/^ *//'` -config ./ca.cnf || exit 1
+fi
+
+if [ ! -f index.txt ]; then
+  touch index.txt
+fi
+
+if [ ! -f serial ]; then
+  echo '01' > serial
+fi
+
+if [ ! -f server.crt ]; then
+  openssl ca -batch -keyfile ca.key -cert ca.pem -in server.csr  -key `grep output_password ca.cnf | sed 's/.*=//;s/^ *//'` -out server.crt -extensions xpserver_ext -extfile xpextensions -config ./server.cnf || exit 1
+fi
+
+if [ ! -f server.p12 ]; then
+  openssl pkcs12 -export -in server.crt -inkey server.key -out server.p12  -passin pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` -passout pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` || exit 1
+fi
+
+if [ ! -f server.pem ]; then
+  openssl pkcs12 -in server.p12 -out server.pem -passin pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` -passout pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` || exit 1
+fi
+
+if [ ! -f ca.der ]; then
+  openssl x509 -inform PEM -outform DER -in ca.pem -out ca.der || exit 1
+fi
+
+if [ ! -f client.key ]; then
+  openssl req -new  -out client.csr -keyout client.key -config ./client.cnf
+fi
+
+if [ ! -f client.crt ]; then
+  openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr  -key `grep output_password ca.cnf | sed 's/.*=//;s/^ *//'` -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf
 fi
-openssl req -new  -out server.csr -keyout server.key -config ./server.cnf || exit 1
-openssl req -new -x509 -keyout ca.key -out ca.pem -days `grep default_days ca.cnf | sed 's/.*=//;s/^ *//'` -config ./ca.cnf || exit 1
-openssl req -new -x509 -keyout ca.key -out ca.pem -days `grep default_days ca.cnf | sed 's/.*=//;s/^ *//'` -config ./ca.cnf || exit 1
-touch index.txt
-echo '01' > serial
-openssl ca -batch -keyfile ca.key -cert ca.pem -in server.csr  -key `grep output_password ca.cnf | sed 's/.*=//;s/^ *//'` -out server.crt -extensions xpserver_ext -extfile xpextensions -config ./server.cnf || exit 1
-openssl pkcs12 -export -in server.crt -inkey server.key -out server.p12  -passin pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` -passout pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` || exit 1
-openssl pkcs12 -in server.p12 -out server.pem -passin pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` -passout pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` || exit 1
-openssl x509 -inform PEM -outform DER -in ca.pem -out ca.der || exit 1