diff options
| author | Andrew Manison <amanison@anselsystems.com> | 2010-07-14 15:39:29 +0000 |
|---|---|---|
| committer | Andrew Manison <amanison@anselsystems.com> | 2010-07-14 15:39:29 +0000 |
| commit | 6e8020140bbfb5e42802eed7c1491e675924cc01 (patch) | |
| tree | cc54f3cce7238609561da3b2de59e2d3780c1085 /main/dovecot/dovecot.post-install | |
| parent | 4ae2c3d81c309f93d2c41e22e71c5cf445123896 (diff) | |
| parent | daa6e0d05fff7a0d1216fd6719e32d5426b24e8b (diff) | |
| download | aports-6e8020140bbfb5e42802eed7c1491e675924cc01.tar.bz2 aports-6e8020140bbfb5e42802eed7c1491e675924cc01.tar.xz | |
Merge remote branch 'alpine/master'
Conflicts:
main/man-pages/APKBUILD
Diffstat (limited to 'main/dovecot/dovecot.post-install')
| -rw-r--r-- | main/dovecot/dovecot.post-install | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/main/dovecot/dovecot.post-install b/main/dovecot/dovecot.post-install index a7cccddfd..d75f01ea2 100644 --- a/main/dovecot/dovecot.post-install +++ b/main/dovecot/dovecot.post-install @@ -3,7 +3,6 @@ # based on doc/mkcert.sh # Generates a self-signed certificate. -# Edit dovecot-openssl.cnf before running this. OPENSSL=${OPENSSL-openssl} SSLDIR=${SSLDIR-/etc/ssl/dovecot} @@ -12,8 +11,17 @@ OPENSSLCONFIG=${OPENSSLCONFIG-/etc/dovecot/dovecot-openssl.cnf} CERTDIR=$SSLDIR KEYDIR=$SSLDIR -CERTFILE=$CERTDIR/server.pem -KEYFILE=$KEYDIR/server.key +# parse cert and key file from dovecot.conf +dovecot_conf=/etc/dovecot/dovecot.conf +ssl_cert_file= +ssl_key_file= +if [ -r "$dovecot_conf" ]; then + ssl_cert_file=$(awk -F'[[:space:]]*=[[:space:]]*' '/^ssl_cert_file/ { print $2}' $dovecot_conf) + ssl_cert_file=$(awk -F'[[:space:]]*=[[:space:]]*' '/^ssl_key_file/ { print $2}' $dovecot_conf) +fi + +CERTFILE=${ssl_cert_file:-$CERTDIR/server.pem} +KEYFILE=${ssl_key_file:-$KEYDIR/server.key} if [ -e "$CERTFILE" ]; then echo "Keeiping existing $CERTFILE" @@ -25,6 +33,11 @@ if [ -e "$KEYFILE" ]; then exit 0 fi +if [ ! -c /dev/urandom ] && [ ! -c /dev/random ]; then + echo "No /dev/urandom or /dev/random so ssl cert not created" + exit 1 +fi + $OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2 chmod 0600 $KEYFILE echo |