48 lines
1.5 KiB
Bash
Executable file
48 lines
1.5 KiB
Bash
Executable file
#!/bin/bash
|
|
#
|
|
# ask-for-passphrase - designed to be used by SSLPassPhraseDialog exec:
|
|
#
|
|
# Copyright Canonical, Ltd. 2010, All Rights Reserved
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
#
|
|
|
|
sitename=$1
|
|
keytype=$2
|
|
|
|
log="logger -p daemon.err -t apache2"
|
|
|
|
prompt="Enter passphrase for SSL/TLS keys for $sitename ($keytype):"
|
|
|
|
# Apache gives us a pipe for stdin, but we want to
|
|
# talk to apache's terminal.
|
|
tty=`tty < /proc/${PPID}/fd/0`
|
|
if [ "$tty" = "not a tty" ] ; then
|
|
if [ -x /bin/systemd-ask-password ] ; then
|
|
exec /bin/systemd-ask-password --timeout=0 "$prompt"
|
|
elif [ -x /bin/plymouth ] && plymouth --ping ; then
|
|
echo $prompt | logger
|
|
exec plymouth ask-for-password --prompt="$prompt"
|
|
else
|
|
$log "No way to ask user for passphrase"
|
|
exit 1
|
|
fi
|
|
$log "Passphrase prompt failed"
|
|
exit 1
|
|
fi
|
|
|
|
# We must not print anything on stdout except the passphrase
|
|
read -s -p "$prompt" passphrase > $tty 2>&1 < $tty
|
|
echo > $tty
|
|
echo "$passphrase"
|