diff options
| author | Sam Varshavchik | 2013-08-19 16:39:41 -0400 |
|---|---|---|
| committer | Sam Varshavchik | 2013-08-25 14:43:51 -0400 |
| commit | 9c45d9ad13fdf439d44d7443ae75da15ea0223ed (patch) | |
| tree | 7a81a04cb51efb078ee350859a64be2ebc6b8813 /imap/mkimapdcert.in | |
| parent | a9520698b770168d1f33d6301463bb70a19655ec (diff) | |
| download | courier-libs-9c45d9ad13fdf439d44d7443ae75da15ea0223ed.tar.bz2 | |
Initial checkin
Imported from subversion report, converted to git. Updated all paths in
scripts and makefiles, reflecting the new directory hierarchy.
Diffstat (limited to 'imap/mkimapdcert.in')
| -rw-r--r-- | imap/mkimapdcert.in | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/imap/mkimapdcert.in b/imap/mkimapdcert.in new file mode 100644 index 0000000..4156975 --- /dev/null +++ b/imap/mkimapdcert.in @@ -0,0 +1,63 @@ +#! @SHELL@ +# +# +# Copyright 2000-2007 Double Precision, Inc. See COPYING for +# distribution information. +# +# This is a short script to quickly generate a self-signed X.509 key for +# IMAP over SSL. Normally this script would get called by an automatic +# package installation routine. + +if test "@ssllib@" = "openssl" +then + test -x @OPENSSL@ || exit 0 +else + test -x @CERTTOOL@ || exit 0 +fi + +prefix="@prefix@" + +if test -f @certsdir@/imapd.pem +then + echo "@certsdir@/imapd.pem already exists." + exit 1 +fi + +umask 077 + +cleanup() { + rm -f @certsdir@/imapd.pem + rm -f @certsdir@/imapd.rand + rm -f @certsdir@/imapd.key + rm -f @certsdir@/imapd.cert + exit 1 +} + +cd @certsdir@ + +if test "@ssllib@" = "openssl" +then + cp /dev/null @certsdir@/imapd.pem + chmod 600 @certsdir@/imapd.pem + chown @mailuser@ @certsdir@/imapd.pem + + dd if=@RANDOMV@ of=@certsdir@/imapd.rand count=1 2>/dev/null + @OPENSSL@ req -new -x509 -days 365 -nodes \ + -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @certsdir@/imapd.pem || cleanup + @OPENSSL@ gendh -rand @certsdir@/imapd.rand 512 >>@certsdir@/imapd.pem || cleanup + @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem || cleanup + rm -f @certsdir@/imapd.rand +else + cp /dev/null @certsdir@/imapd.key + chmod 600 @certsdir@/imapd.key + cp /dev/null @certsdir@/imapd.cert + chmod 600 @certsdir@/imapd.cert + cp /dev/null @certsdir@/imapd.pem + chmod 600 @certsdir@/imapd.pem + + @CERTTOOL@ --generate-privkey --outfile imapd.key + @CERTTOOL@ --generate-self-signed --load-privkey imapd.key --outfile imapd.cert --template @sysconfdir@/imapd.cnf + @CERTTOOL@ --generate-dh-params >>imapd.cert + cat imapd.key imapd.cert >imapd.pem + rm -f imapd.key imapd.cert +fi |