projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Move Makefiles to Makefile.in
[openssl.git]
/
tools
/
c_rehash.in
diff --git
a/tools/c_rehash.in
b/tools/c_rehash.in
index 887e9271254e49857e8bee23aaed9e79a971df27..834de780ca247d6d5eaeccd993ffe4de2dad068d 100644
(file)
--- a/
tools/c_rehash.in
+++ b/
tools/c_rehash.in
@@
-6,6
+6,7
@@
my $dir;
my $prefix;
my $dir;
my $prefix;
+my $errorcount = 0;
my $openssl = $ENV{OPENSSL} || "openssl";
my $pwd;
my $x509hash = "-subject_hash";
my $openssl = $ENV{OPENSSL} || "openssl";
my $pwd;
my $x509hash = "-subject_hash";
@@
-15,13
+16,13
@@
my $symlink_exists=eval {symlink("",""); 1};
my $removelinks = 1;
## Parse flags.
my $removelinks = 1;
## Parse flags.
-while ( $ARGV[0] =~
'-.*'
) {
+while ( $ARGV[0] =~
/^-/
) {
my $flag = shift @ARGV;
last if ( $flag eq '--');
my $flag = shift @ARGV;
last if ( $flag eq '--');
- if ( $flag
=~ /-old/
) {
+ if ( $flag
eq '-old'
) {
$x509hash = "-subject_hash_old";
$crlhash = "-hash_old";
$x509hash = "-subject_hash_old";
$crlhash = "-hash_old";
- } elsif ( $flag
=~ /-h/
) {
+ } elsif ( $flag
eq '-h'
) {
help();
} elsif ( $flag eq '-n' ) {
$removelinks = 0;
help();
} elsif ( $flag eq '-n' ) {
$removelinks = 0;
@@
-54,24
+55,24
@@
if (defined(&Cwd::getcwd)) {
my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':';
$ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : "");
my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':';
$ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : "");
-if(! -x $openssl) {
+if
(! -x $openssl) {
my $found = 0;
foreach (split /$path_delim/, $ENV{PATH}) {
my $found = 0;
foreach (split /$path_delim/, $ENV{PATH}) {
- if(-x "$_/$openssl") {
+ if
(-x "$_/$openssl") {
$found = 1;
$openssl = "$_/$openssl";
last;
}
}
$found = 1;
$openssl = "$_/$openssl";
last;
}
}
- if($found == 0) {
+ if
($found == 0) {
print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
exit 0;
}
}
print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
exit 0;
}
}
-if(@ARGV) {
+if
(@ARGV) {
@dirlist = @ARGV;
@dirlist = @ARGV;
-} elsif($ENV{SSL_CERT_DIR}) {
+} elsif
($ENV{SSL_CERT_DIR}) {
@dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
} else {
$dirlist[0] = "$dir/certs";
@dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
} else {
$dirlist[0] = "$dir/certs";
@@
-84,10
+85,16
@@
if (-d $dirlist[0]) {
}
foreach (@dirlist) {
}
foreach (@dirlist) {
- if(-d $_ and -w $_) {
+ if (-d $_ ) {
+ if ( -w $_) {
hash_dir($_);
hash_dir($_);
+ } else {
+ print "Skipping $_, can't write\n";
+ $errorcount++;
+ }
}
}
}
}
+exit($errorcount);
sub hash_dir {
my %hashlist;
sub hash_dir {
my %hashlist;
@@
-99,21
+106,21
@@
sub hash_dir {
if ( $removelinks ) {
# Delete any existing symbolic links
foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
if ( $removelinks ) {
# Delete any existing symbolic links
foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
- if(-l $_) {
- unlink $_;
+ if (-l $_) {
print "unlink $_" if $verbose;
print "unlink $_" if $verbose;
+ unlink $_ || warn "Can't unlink $_, $!\n";
}
}
}
FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) {
# Check to see if certificates and/or CRLs present.
my ($cert, $crl) = check_file($fname);
}
}
}
FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) {
# Check to see if certificates and/or CRLs present.
my ($cert, $crl) = check_file($fname);
- if(!$cert && !$crl) {
+ if
(!$cert && !$crl) {
print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
next;
}
print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
next;
}
- link_hash_cert($fname) if($cert);
- link_hash_crl($fname) if($crl);
+ link_hash_cert($fname) if
($cert);
+ link_hash_crl($fname) if
($crl);
}
}
}
}
@@
-122,14
+129,14
@@
sub check_file {
my $fname = $_[0];
open IN, $fname;
while(<IN>) {
my $fname = $_[0];
open IN, $fname;
while(<IN>) {
- if(/^-----BEGIN (.*)-----/) {
+ if
(/^-----BEGIN (.*)-----/) {
my $hdr = $1;
my $hdr = $1;
- if($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
+ if
($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
$is_cert = 1;
$is_cert = 1;
- last if($is_crl);
- } elsif($hdr eq "X509 CRL") {
+ last if
($is_crl);
+ } elsif
($hdr eq "X509 CRL") {
$is_crl = 1;
$is_crl = 1;
- last if($is_cert);
+ last if
($is_cert);
}
}
}
}
}
}
@@
-156,7
+163,7
@@
sub link_hash_cert {
# Search for an unused hash filename
while(exists $hashlist{"$hash.$suffix"}) {
# Hash matches: if fingerprint matches its a duplicate cert
# Search for an unused hash filename
while(exists $hashlist{"$hash.$suffix"}) {
# Hash matches: if fingerprint matches its a duplicate cert
- if($hashlist{"$hash.$suffix"} eq $fprint) {
+ if
($hashlist{"$hash.$suffix"} eq $fprint) {
print STDERR "WARNING: Skipping duplicate certificate $fname\n";
return;
}
print STDERR "WARNING: Skipping duplicate certificate $fname\n";
return;
}
@@
-164,15
+171,21
@@
sub link_hash_cert {
}
$hash .= ".$suffix";
if ($symlink_exists) {
}
$hash .= ".$suffix";
if ($symlink_exists) {
- symlink $fname, $hash;
print "link $fname -> $hash\n" if $verbose;
print "link $fname -> $hash\n" if $verbose;
+ symlink $fname, $hash || warn "Can't symlink, $!";
} else {
} else {
- open IN,"<$fname" or die "can't open $fname for read";
- open OUT,">$hash" or die "can't open $hash for write";
- print OUT <IN>; # does the job for small text files
- close OUT;
- close IN;
print "copy $fname -> $hash\n" if $verbose;
print "copy $fname -> $hash\n" if $verbose;
+ if (open($in, "<", $fname)) {
+ if (open($out,">", $hash)) {
+ print $out $_ while (<$in>);
+ close $out;
+ } else {
+ warn "can't open $hash for write, $!";
+ }
+ close $in;
+ } else {
+ warn "can't open $fname for read, $!";
+ }
}
$hashlist{$hash} = $fprint;
}
}
$hashlist{$hash} = $fprint;
}
@@
-191,7
+204,7
@@
sub link_hash_crl {
# Search for an unused hash filename
while(exists $hashlist{"$hash.r$suffix"}) {
# Hash matches: if fingerprint matches its a duplicate cert
# Search for an unused hash filename
while(exists $hashlist{"$hash.r$suffix"}) {
# Hash matches: if fingerprint matches its a duplicate cert
- if($hashlist{"$hash.r$suffix"} eq $fprint) {
+ if
($hashlist{"$hash.r$suffix"} eq $fprint) {
print STDERR "WARNING: Skipping duplicate CRL $fname\n";
return;
}
print STDERR "WARNING: Skipping duplicate CRL $fname\n";
return;
}
@@
-199,12
+212,12
@@
sub link_hash_crl {
}
$hash .= ".r$suffix";
if ($symlink_exists) {
}
$hash .= ".r$suffix";
if ($symlink_exists) {
- symlink $fname, $hash;
print "link $fname -> $hash\n" if $verbose;
print "link $fname -> $hash\n" if $verbose;
+ symlink $fname, $hash || warn "Can't symlink, $!";
} else {
} else {
- system ("cp", $fname, $hash);
print "cp $fname -> $hash\n" if $verbose;
print "cp $fname -> $hash\n" if $verbose;
+ system ("cp", $fname, $hash);
+ warn "Can't copy, $!" if ($? >> 8) != 0;
}
$hashlist{$hash} = $fprint;
}
}
$hashlist{$hash} = $fprint;
}
-