summaryrefslogtreecommitdiffstats
path: root/stap-gen-server-cert
diff options
context:
space:
mode:
Diffstat (limited to 'stap-gen-server-cert')
-rwxr-xr-xstap-gen-server-cert30
1 files changed, 28 insertions, 2 deletions
diff --git a/stap-gen-server-cert b/stap-gen-server-cert
index 06665c48..9cc15b3f 100755
--- a/stap-gen-server-cert
+++ b/stap-gen-server-cert
@@ -3,13 +3,37 @@
# Generate a certificate for the systemtap server and add it to the
# database of trusted servers for the client.
#
-# Copyright (C) 2008 Red Hat Inc.
+# Copyright (C) 2008, 2009 Red Hat Inc.
#
# This file is part of systemtap, and is free software. You can
# redistribute it and/or modify it under the terms of the GNU General
# Public License (GPL); either version 2, or (at your option) any
# later version.
+# Obtain a password from stdin and echo it.
+function user_enter_password
+{
+ while true
+ do
+ while true
+ do
+ read -sp "Enter new password for systemtap server certificate/key database:" pw1 junk
+ echo "" >&2
+ test "X$pw1" != "X" && break
+ done
+ while true
+ do
+ read -sp "Reenter new password:" pw2 junk
+ echo "" >&2
+ test "X$pw2" != "X" && break
+ done
+ test "$pw1" = "$pw2" && break
+ echo "Passwords do not match" >&2
+ done
+
+ echo $pw1
+}
+
# Obtain the certificate database directory name.
if test "X$1" = "X"; then
echo "Certificate database directory must be specified" >&2
@@ -32,7 +56,9 @@ if ! (touch $serverdb/pw && chmod 600 $serverdb/pw); then
fi
# Generate a random password.
-mkpasswd -l 20 > $serverdb/pw
+mkpasswd -l 20 > $serverdb/pw 2>/dev/null || \
+apg -a 1 -n 1 -m 20 -x 20 > $serverdb/pw 2>/dev/null || \
+user_enter_password > $serverdb/pw
# Generate the server certificate database
if ! certutil -N -d $serverdb -f $serverdb/pw > /dev/null; then
generated by cgit (git 2.34.1) at 2025-08-05 15:43:38 +0000