diff options
Diffstat (limited to 'debian/ask-for-passphrase')
| -rwxr-xr-x | debian/ask-for-passphrase | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/debian/ask-for-passphrase b/debian/ask-for-passphrase new file mode 100755 index 0000000..de66d52 --- /dev/null +++ b/debian/ask-for-passphrase @@ -0,0 +1,48 @@ +#!/bin/bash +# +# ask-for-passphrase - designed to be used by SSLPassPhraseDialog exec: +# +# Copyright Canonical, Ltd. 2010, All Rights Reserved +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +sitename=$1 +keytype=$2 + +log="logger -p daemon.err -t apache2" + +prompt="Enter passphrase for SSL/TLS keys for $sitename ($keytype):" + +# Apache gives us a pipe for stdin, but we want to +# talk to apache's terminal. +tty=`tty < /proc/${PPID}/fd/0` +if [ "$tty" = "not a tty" ] ; then + if [ -x /bin/systemd-ask-password ] ; then + exec /bin/systemd-ask-password --timeout=0 "$prompt" + elif [ -x /bin/plymouth ] && plymouth --ping ; then + echo $prompt | logger + exec plymouth ask-for-password --prompt="$prompt" + else + $log "No way to ask user for passphrase" + exit 1 + fi + $log "Passphrase prompt failed" + exit 1 +fi + +# We must not print anything on stdout except the passphrase +read -s -p "$prompt" passphrase > $tty 2>&1 < $tty +echo > $tty +echo "$passphrase" |