diff options
| author |   Michael Hanselmann <hansmi@gentoo.org> | 2005-06-08 19:23:06 +0000 |
|---|---|---|
| committer | Michael Hanselmann <hansmi@gentoo.org> | 2005-06-08 19:23:06 +0000 |
| commit | 44f16b0973ce6a2c1cc1f6250ebc91bec77de50a (patch) | |
| tree | a7e789799dc9088f6cd6a1c9dcc5ea28b93f80f4 /mail-mta/qmail/files | |
| parent | Removed some old versions of rpc2 and adapted SRC_URI. (diff) | |
| download | historical-44f16b0973ce6a2c1cc1f6250ebc91bec77de50a.tar.gz historical-44f16b0973ce6a2c1cc1f6250ebc91bec77de50a.tar.bz2 historical-44f16b0973ce6a2c1cc1f6250ebc91bec77de50a.zip | |
Modified qmail-genrsacert.sh so it can generate multiple keys.
Package-Manager: portage-2.0.51.22-r1
Diffstat (limited to 'mail-mta/qmail/files')
| -rw-r--r-- | mail-mta/qmail/files/qmail-genrsacert.sh | 35 |
1 files changed, 20 insertions, 15 deletions
diff --git a/mail-mta/qmail/files/qmail-genrsacert.sh b/mail-mta/qmail/files/qmail-genrsacert.sh index fd9515a8184f..16d11e7578ba 100644 --- a/mail-mta/qmail/files/qmail-genrsacert.sh +++ b/mail-mta/qmail/files/qmail-genrsacert.sh @@ -1,5 +1,5 @@ #!/bin/bash -# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/files/qmail-genrsacert.sh,v 1.2 2004/07/18 03:29:51 dragonheart Exp $ +# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/files/qmail-genrsacert.sh,v 1.3 2005/06/08 19:23:06 hansmi Exp $ # Robin H. Johnson <robbat2@gentoo.org> - October 17, 2003 # This file generates the static temporary RSA keys needed for qmail to encrypt messages # It should be run from a crontab, once a day is ok on low load machines, but @@ -8,17 +8,10 @@ # each connection, which can be VERY slow. if [ -z "${ROOT}" -o "${ROOT}" = "/" ]; then -confdir=/var/qmail/control + confdir=/var/qmail/control else -confdir=${ROOT}/var/qmail/control + confdir=${ROOT}/var/qmail/control fi -pemfile="${confdir}/rsa512.pem" -tmpfile="${confdir}/rsa512.pem.tmp" - -# this is the number of bits in the key -# it should be a power of 2 ideally -# and it must be more than 64! -bits="512" # the key should be 0600 # which is readable by qmaild only! @@ -26,8 +19,20 @@ umaskvalue="0077" uid="qmaild" gid="qmail" -umask ${umaskvalue} ; -# we need to make sure that all of the operations succeed -/usr/bin/openssl genrsa -out ${tmpfile} ${bits} 2>/dev/null && \ -/bin/chown ${uid}:${gid} ${tmpfile} && \ -/bin/mv -f ${tmpfile} ${pemfile} +umask ${umaskvalue} + +# This is a list with bits of the generated keys. They should +# be a power of 2 ideally and must be more than 64. +# Sample: 128 256 512 1024 +keys="512" + +for bits in ${keys} +do + pemfile="${confdir}/rsa${bits}.pem" + tmpfile="${confdir}/rsa${bits}.pem.tmp" + + # we need to make sure that all of the operations succeed + /usr/bin/openssl genrsa -out ${tmpfile} ${bits} 2>/dev/null && \ + /bin/chown ${uid}:${gid} ${tmpfile} && \ + /bin/mv -f ${tmpfile} ${pemfile} || exit 1 +done |