Make c_rehash look for both .pem and .crt files. Also make it support
files in DER format. Patch by "Yauheni Kaliuta" <y.kaliuta@gmail.com>
(Closes: #387089)
Kurt Roeckx
17 years ago
1 | 1 |
|
2 | 2 |
* Add German debconf translation. Thanks to
|
3 | 3 |
Johannes Starosta <feedback-an-johannes@arcor.de> (Closes: #388108)
|
|
4 |
* Make c_rehash look for both .pem and .crt files. Also make it support
|
|
5 |
files in DER format. Patch by "Yauheni Kaliuta" <y.kaliuta@gmail.com>
|
|
6 |
(Closes: #387089)
|
4 | 7 |
|
5 | 8 |
-- Kurt Roeckx <kurt@roeckx.be> Thu, 30 Nov 2006 20:57:46 +0000
|
6 | 9 |
|
11 | 11 |
|
12 | 12 |
=head1 DESCRIPTION
|
13 | 13 |
|
14 | |
c_rehash scans directories and takes a hash value of each .pem file in the directory. It then creates symbolic links for each of the files named by the hash value. This is useful as many programs require directories to be set up like this in order to find the certificates they require.
|
|
14 |
c_rehash scans directories and takes a hash value of each .pem and .crt file in the directory. It then creates symbolic links for each of the files named by the hash value. This is useful as many programs require directories to be set up like this in order to find the certificates they require.
|
15 | 15 |
|
16 | 16 |
If any directories are named on the command line then these directories are processed in turn. If not then and the environment variable SSL_CERT_DIR is defined then that is consulted. This variable should be a colon (:) separated list of directories, all of which will be processed. If neither of these conditions are true then /usr/lib/ssl/certs is processed.
|
17 | 17 |
|
58 | 58 |
}
|
59 | 59 |
}
|
60 | 60 |
closedir DIR;
|
61 | |
FILE: foreach $fname (grep {/\.pem$/} @flist) {
|
|
61 |
FILE: foreach $fname (grep {/\.pem$|\.crt$/} @flist) {
|
62 | 62 |
# Check to see if certificates and/or CRLs present.
|
63 | 63 |
my ($cert, $crl) = check_file($fname);
|
64 | 64 |
if(!$cert && !$crl) {
|
65 | |
print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
|
66 | |
next;
|
|
65 |
($cert, $crl) = check_file("$openssl x509 -in \"$fname\" -inform der -outform pem | ");
|
|
66 |
if(!$cert && !$crl) {
|
|
67 |
print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
|
|
68 |
next;
|
|
69 |
}
|
67 | 70 |
}
|
68 | 71 |
link_hash_cert($fname) if($cert);
|
69 | 72 |
link_hash_crl($fname) if($crl);
|
|
101 | 104 |
my $fname = $_[0];
|
102 | 105 |
$fname =~ s/'/'\\''/g;
|
103 | 106 |
my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
|
|
107 |
if(!$hash || !fprint) {
|
|
108 |
($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname' -inform der`;
|
|
109 |
}
|
104 | 110 |
chomp $hash;
|
105 | 111 |
chomp $fprint;
|
106 | 112 |
$fprint =~ s/^.*=//;
|
58 | 58 |
}
|
59 | 59 |
}
|
60 | 60 |
closedir DIR;
|
61 | |
FILE: foreach $fname (grep {/\.pem$/} @flist) {
|
|
61 |
FILE: foreach $fname (grep {/\.pem$|\.crt$/} @flist) {
|
62 | 62 |
# Check to see if certificates and/or CRLs present.
|
63 | 63 |
my ($cert, $crl) = check_file($fname);
|
64 | 64 |
if(!$cert && !$crl) {
|
65 | |
print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
|
66 | |
next;
|
|
65 |
($cert, $crl) = check_file("$openssl x509 -in \"$fname\" -inform der -outform pem | ");
|
|
66 |
if(!$cert && !$crl) {
|
|
67 |
print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
|
|
68 |
next;
|
|
69 |
}
|
67 | 70 |
}
|
68 | 71 |
link_hash_cert($fname) if($cert);
|
69 | 72 |
link_hash_crl($fname) if($crl);
|
|
101 | 104 |
my $fname = $_[0];
|
102 | 105 |
$fname =~ s/'/'\\''/g;
|
103 | 106 |
my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
|
|
107 |
if(!$hash || !fprint) {
|
|
108 |
($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname' -inform der`;
|
|
109 |
}
|
104 | 110 |
chomp $hash;
|
105 | 111 |
chomp $fprint;
|
106 | 112 |
$fprint =~ s/^.*=//;
|