+++ /dev/null
-#!/usr/bin/env perl\r
-\r
-# WARNING: do not edit!\r
-# Generated by makefile from tools\c_rehash.in\r
-# Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.\r
-#\r
-# Licensed under the OpenSSL license (the "License"). You may not use\r
-# this file except in compliance with the License. You can obtain a copy\r
-# in the file LICENSE in the source distribution or at\r
-# https://www.openssl.org/source/license.html\r
-\r
-# Perl c_rehash script, scan all files in a directory\r
-# and add symbolic links to their hash values.\r
-\r
-my $dir = "";\r
-my $prefix = "";\r
-\r
-my $errorcount = 0;\r
-my $openssl = $ENV{OPENSSL} || "openssl";\r
-my $pwd;\r
-my $x509hash = "-subject_hash";\r
-my $crlhash = "-hash";\r
-my $verbose = 0;\r
-my $symlink_exists=eval {symlink("",""); 1};\r
-my $removelinks = 1;\r
-\r
-## Parse flags.\r
-while ( $ARGV[0] =~ /^-/ ) {\r
- my $flag = shift @ARGV;\r
- last if ( $flag eq '--');\r
- if ( $flag eq '-old') {\r
- $x509hash = "-subject_hash_old";\r
- $crlhash = "-hash_old";\r
- } elsif ( $flag eq '-h' || $flag eq '-help' ) {\r
- help();\r
- } elsif ( $flag eq '-n' ) {\r
- $removelinks = 0;\r
- } elsif ( $flag eq '-v' ) {\r
- $verbose++;\r
- }\r
- else {\r
- print STDERR "Usage error; try -h.\n";\r
- exit 1;\r
- }\r
-}\r
-\r
-sub help {\r
- print "Usage: c_rehash [-old] [-h] [-help] [-v] [dirs...]\n";\r
- print " -old use old-style digest\n";\r
- print " -h or -help print this help text\n";\r
- print " -v print files removed and linked\n";\r
- exit 0;\r
-}\r
-\r
-eval "require Cwd";\r
-if (defined(&Cwd::getcwd)) {\r
- $pwd=Cwd::getcwd();\r
-} else {\r
- $pwd=`pwd`;\r
- chomp($pwd);\r
-}\r
-\r
-# DOS/Win32 or Unix delimiter? Prefix our installdir, then search.\r
-my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':';\r
-$ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : "");\r
-\r
-if (! -x $openssl) {\r
- my $found = 0;\r
- foreach (split /$path_delim/, $ENV{PATH}) {\r
- if (-x "$_/$openssl") {\r
- $found = 1;\r
- $openssl = "$_/$openssl";\r
- last;\r
- } \r
- }\r
- if ($found == 0) {\r
- print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";\r
- exit 0;\r
- }\r
-}\r
-\r
-if (@ARGV) {\r
- @dirlist = @ARGV;\r
-} elsif ($ENV{SSL_CERT_DIR}) {\r
- @dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};\r
-} else {\r
- $dirlist[0] = "$dir/certs";\r
-}\r
-\r
-if (-d $dirlist[0]) {\r
- chdir $dirlist[0];\r
- $openssl="$pwd/$openssl" if (!-x $openssl);\r
- chdir $pwd;\r
-}\r
-\r
-foreach (@dirlist) {\r
- if (-d $_ ) {\r
- if ( -w $_) {\r
- hash_dir($_);\r
- } else {\r
- print "Skipping $_, can't write\n";\r
- $errorcount++;\r
- }\r
- }\r
-}\r
-exit($errorcount);\r
-\r
-sub hash_dir {\r
- my %hashlist;\r
- print "Doing $_[0]\n";\r
- chdir $_[0];\r
- opendir(DIR, ".");\r
- my @flist = sort readdir(DIR);\r
- closedir DIR;\r
- if ( $removelinks ) {\r
- # Delete any existing symbolic links\r
- foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {\r
- if (-l $_) {\r
- print "unlink $_" if $verbose;\r
- unlink $_ || warn "Can't unlink $_, $!\n";\r
- }\r
- }\r
- }\r
- FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) {\r
- # Check to see if certificates and/or CRLs present.\r
- my ($cert, $crl) = check_file($fname);\r
- if (!$cert && !$crl) {\r
- print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";\r
- next;\r
- }\r
- link_hash_cert($fname) if ($cert);\r
- link_hash_crl($fname) if ($crl);\r
- }\r
-}\r
-\r
-sub check_file {\r
- my ($is_cert, $is_crl) = (0,0);\r
- my $fname = $_[0];\r
- open IN, $fname;\r
- while(<IN>) {\r
- if (/^-----BEGIN (.*)-----/) {\r
- my $hdr = $1;\r
- if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {\r
- $is_cert = 1;\r
- last if ($is_crl);\r
- } elsif ($hdr eq "X509 CRL") {\r
- $is_crl = 1;\r
- last if ($is_cert);\r
- }\r
- }\r
- }\r
- close IN;\r
- return ($is_cert, $is_crl);\r
-}\r
-\r
-\r
-# Link a certificate to its subject name hash value, each hash is of\r
-# the form <hash>.<n> where n is an integer. If the hash value already exists\r
-# then we need to up the value of n, unless its a duplicate in which\r
-# case we skip the link. We check for duplicates by comparing the\r
-# certificate fingerprints\r
-\r
-sub link_hash_cert {\r
- my $fname = $_[0];\r
- $fname =~ s/'/'\\''/g;\r
- my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;\r
- chomp $hash;\r
- chomp $fprint;\r
- $fprint =~ s/^.*=//;\r
- $fprint =~ tr/://d;\r
- my $suffix = 0;\r
- # Search for an unused hash filename\r
- while(exists $hashlist{"$hash.$suffix"}) {\r
- # Hash matches: if fingerprint matches its a duplicate cert\r
- if ($hashlist{"$hash.$suffix"} eq $fprint) {\r
- print STDERR "WARNING: Skipping duplicate certificate $fname\n";\r
- return;\r
- }\r
- $suffix++;\r
- }\r
- $hash .= ".$suffix";\r
- if ($symlink_exists) {\r
- print "link $fname -> $hash\n" if $verbose;\r
- symlink $fname, $hash || warn "Can't symlink, $!";\r
- } else {\r
- print "copy $fname -> $hash\n" if $verbose;\r
- if (open($in, "<", $fname)) {\r
- if (open($out,">", $hash)) {\r
- print $out $_ while (<$in>);\r
- close $out;\r
- } else {\r
- warn "can't open $hash for write, $!";\r
- }\r
- close $in;\r
- } else {\r
- warn "can't open $fname for read, $!";\r
- }\r
- }\r
- $hashlist{$hash} = $fprint;\r
-}\r
-\r
-# Same as above except for a CRL. CRL links are of the form <hash>.r<n>\r
-\r
-sub link_hash_crl {\r
- my $fname = $_[0];\r
- $fname =~ s/'/'\\''/g;\r
- my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`;\r
- chomp $hash;\r
- chomp $fprint;\r
- $fprint =~ s/^.*=//;\r
- $fprint =~ tr/://d;\r
- my $suffix = 0;\r
- # Search for an unused hash filename\r
- while(exists $hashlist{"$hash.r$suffix"}) {\r
- # Hash matches: if fingerprint matches its a duplicate cert\r
- if ($hashlist{"$hash.r$suffix"} eq $fprint) {\r
- print STDERR "WARNING: Skipping duplicate CRL $fname\n";\r
- return;\r
- }\r
- $suffix++;\r
- }\r
- $hash .= ".r$suffix";\r
- if ($symlink_exists) {\r
- print "link $fname -> $hash\n" if $verbose;\r
- symlink $fname, $hash || warn "Can't symlink, $!";\r
- } else {\r
- print "cp $fname -> $hash\n" if $verbose;\r
- system ("cp", $fname, $hash);\r
- warn "Can't copy, $!" if ($? >> 8) != 0;\r
- }\r
- $hashlist{$hash} = $fprint;\r
-}\r
projects / feisty_meow.git / blobdiff