1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-18 00:10:04 +00:00
freebsd-ports/security/skip/scripts/post-install

85 lines
1.7 KiB
Plaintext
Raw Normal View History

#!/bin/sh
# This is an interactive script to setup SKIP keys, etc.
SKIP_ETC="${PREFIX}/etc/skip"
SKIP_BIN="${PREFIX}/bin"
Confirm()
{
while true; do
{
YESNO="$2"
echo -n "$1? [${YESNO}] "
read NEWYESNO
if [ "${NEWYESNO}" != "" ]; then
YESNO=${NEWYESNO}
fi
if [ "${YESNO}" != "y" -a "${YESNO}" != "n" ]; then
echo "Please answer y or n."
else
break
fi
}
done
if [ "${YESNO}" != "y" ]; then
return 1
else
return 0
fi
}
init_skip_dbs ()
{
echo "Initializing SKIP certification database..."
${SKIP_BIN}/skipdb init -o
echo "Initializing SKIP authorities database..."
${SKIP_BIN}/skipca init -r
echo "Initializing SKIP local identities database..."
${SKIP_BIN}/skiplocal init -o
}
generate_key ()
{
echo "Generating Diffie-Hellman public/private key pair..."
${SKIP_BIN}/skiplocal keygen
}
activate_skip ()
{
echo "Adding SKIP to primary network interface..."
${SKIP_BIN}/skipif -a
}
# main()
cat << xxENDxx
You now have a chance to:
o Initialize your SKIP databases.
o Generate a Diffie-Hellman public/private key pair.
o Add SKIP to your primary network interface.
Notes:
o If you have an existing working SKIP configuration that
you want to keep, you should choose NOT to proceed.
Proceeding will overwrite any existing SKIP configuration.
o If you choose not to proceed, you will have to initialize
the SKIP certification, authorities, and local identities
databases manually.
o SKIP will be active, but disabled, until you reboot and
enable it manually using the skiphost command as described
in step 5 of doc/INSTALL.
xxENDxx
Confirm "Do you want to proceed" "y" || exit 0
init_skip_dbs;
generate_key;
activate_skip;