blob: 5d48a1f55f87133897e71566256f707abb69beb0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
#! @SHELL@
#
#
# Copyright 2000-2007 Double Precision, Inc. See COPYING for
# distribution information.
#
# This is a short script to quickly generate a self-signed X.509 key for
# POP3 over SSL. Normally this script would get called by an automatic
# package installation routine.
if test "@ssllib@" = "openssl"
then
test -x @OPENSSL@ || exit 0
else
test -x @CERTTOOL@ || exit 0
fi
prefix="@prefix@"
if test -f @certsdir@/pop3d.pem
then
echo "@certsdir@/pop3d.pem already exists."
exit 1
fi
umask 077
set -e
cleanup() {
rm -f @certsdir@/pop3d.pem
rm -f @certsdir@/pop3d.rand
rm -f @certsdir@/pop3d.key
rm -f @certsdir@/pop3d.cert
exit 1
}
cd @certsdir@
umask 077
BITS="$BITS"
set -e
if test "@ssllib@" = "openssl"
then
cp /dev/null @certsdir@/pop3d.pem
chmod 600 @certsdir@/pop3d.pem
chown @mailuser@ @certsdir@/pop3d.pem
dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null
@OPENSSL@ req -new -x509 -days 365 -nodes \
-config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem || cleanup
@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem || cleanup
rm -f @certsdir@/pop3d.rand
else
if test "$BITS" = ""
then
BITS="high"
fi
cp /dev/null @certsdir@/pop3d.key
chmod 600 @certsdir@/pop3d.key
cp /dev/null @certsdir@/pop3d.cert
chmod 600 @certsdir@/pop3d.cert
cp /dev/null @certsdir@/pop3d.pem
chmod 600 @certsdir@/pop3d.pem
chown @mailuser@ @certsdir@/pop3d.pem
@CERTTOOL@ --generate-privkey --sec-param=$BITS --outfile pop3d.key
@CERTTOOL@ --generate-self-signed --load-privkey pop3d.key --outfile pop3d.cert --template @sysconfdir@/pop3d.cnf
cat pop3d.key pop3d.cert >pop3d.pem
rm -f pop3d.key pop3d.cert
fi
|
