#!/bin/bash # This program is a handler written for Apache mod_ssl's SSLPassPhraseDialog. # # If you'd like to write your custom binary providing passwords to mod_ssl, # see the documentation of the aforementioned directive of the mod_ssl module. USAGE="./ipa-pwdreader host:port RSA|DSA|ECC|number" if [ "$#" -ne 2 ]; then echo "Wrong number of arguments!" 1>&2 echo "$USAGE" 1>&2 exit 1 fi fname=${1/:/-}-$2 pwdpath=/var/lib/ipa/passwds/$fname # Make sure the values passed in do not contain path information checkpath=$(/usr/bin/realpath -e ${pwdpath} 2>/dev/null) if [ $pwdpath == "${checkpath}" ]; then cat $pwdpath else echo "Invalid path ${pwdpath}" 1>&2 fi