c_rehash.in 1.1 KB
Newer Older
1 2 3 4 5 6
#!/bin/sh
#
# redo the hashes for the certificates in your cert path or the ones passed
# on the command line.
#

7 8 9
if [ "$OPENSSL"x = "x" -o ! -x "$OPENSSL" ]; then
	OPENSSL='openssl'
	export OPENSSL
10
fi
11
DIR=/usr/local/ssl
12
PATH=$DIR/bin:$PATH
13

14
if [ ! -f "$OPENSSL" ]; then
15 16
    found=0
    for dir in . `echo $PATH | sed -e 's/:/ /g'`; do
17
        if [ -f "$dir/$OPENSSL" ]; then
18 19 20 21 22
            found=1
            break
        fi
    done
    if [ $found = 0 ]; then
B
Ben Laurie 已提交
23
        echo "c_rehash: rehashing skipped ('openssl' program not available)" 1>&2
24 25 26 27
        exit 0
    fi
fi

28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
SSL_DIR=$DIR/certs

if [ "$*" = "" ]; then
	CERTS=${*:-${SSL_CERT_DIR:-$SSL_DIR}}
else
	CERTS=$*
fi

IFS=': '
for i in $CERTS
do
  (
  IFS=' '
  if [ -d $i -a -w $i ]; then
    cd $i
    echo "Doing $i"
    for i in *.pem
    do
      if [ $i != '*.pem' ]; then
47
        h=`$OPENSSL x509 -hash -noout -in $i`
48 49 50 51 52 53 54 55 56 57 58 59 60 61
	if [ "x$h" = "x" ]; then
	  echo $i does not contain a certificate
	else
          if [ -f $h.0 ]; then
            /bin/rm -f $h.0
          fi
          echo "$i => $h.0"
          ln -s $i $h.0
	fi
      fi
    done
  fi
  )
done