62 lines
1.1 KiB
Bash
62 lines
1.1 KiB
Bash
#!/bin/sh
|
|
#
|
|
# redo the hashes for the certificates in your cert path or the ones passed
|
|
# on the command line.
|
|
#
|
|
|
|
if [ "$OPENSSL"x = "x" -o ! -x "$OPENSSL" ]; then
|
|
OPENSSL='openssl'
|
|
export OPENSSL
|
|
fi
|
|
DIR=/usr/local/ssl
|
|
PATH=$DIR/bin:$PATH
|
|
|
|
if [ ! -f "$OPENSSL" ]; then
|
|
found=0
|
|
for dir in . `echo $PATH | sed -e 's/:/ /g'`; do
|
|
if [ -f "$dir/$OPENSSL" ]; then
|
|
found=1
|
|
break
|
|
fi
|
|
done
|
|
if [ $found = 0 ]; then
|
|
echo "c_rehash: rehashing skipped ('openssl' program not available)" 1>&2
|
|
exit 0
|
|
fi
|
|
fi
|
|
|
|
SSL_DIR=$DIR/certs
|
|
|
|
if [ "$*" = "" ]; then
|
|
CERTS=${*:-${SSL_CERT_DIR:-$SSL_DIR}}
|
|
else
|
|
CERTS=$*
|
|
fi
|
|
|
|
IFS=': '
|
|
for i in $CERTS
|
|
do
|
|
(
|
|
IFS=' '
|
|
if [ -d $i -a -w $i ]; then
|
|
cd $i
|
|
echo "Doing $i"
|
|
for i in *.pem
|
|
do
|
|
if [ $i != '*.pem' ]; then
|
|
h=`$OPENSSL x509 -hash -noout -in $i`
|
|
if [ "x$h" = "x" ]; then
|
|
echo $i does not contain a certificate
|
|
else
|
|
if [ -f $h.0 ]; then
|
|
/bin/rm -f $h.0
|
|
fi
|
|
echo "$i => $h.0"
|
|
ln -s $i $h.0
|
|
fi
|
|
fi
|
|
done
|
|
fi
|
|
)
|
|
done
|