c_rehash 1.1 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061
  1. #!/bin/sh
  2. #
  3. # redo the hashes for the certificates in your cert path or the ones passed
  4. # on the command line.
  5. #
  6. if [ "$OPENSSL"x = "x" -o ! -x "$OPENSSL" ]; then
  7. OPENSSL='openssl'
  8. export OPENSSL
  9. fi
  10. DIR=/usr/local/ssl
  11. PATH=$DIR/bin:$PATH
  12. if [ ! -f "$OPENSSL" ]; then
  13. found=0
  14. for dir in . `echo $PATH | sed -e 's/:/ /g'`; do
  15. if [ -f "$dir/$OPENSSL" ]; then
  16. found=1
  17. break
  18. fi
  19. done
  20. if [ $found = 0 ]; then
  21. echo "c_rehash: rehashing skipped ('openssl' program still not available)" 1>&2
  22. exit 0
  23. fi
  24. fi
  25. SSL_DIR=$DIR/certs
  26. if [ "$*" = "" ]; then
  27. CERTS=${*:-${SSL_CERT_DIR:-$SSL_DIR}}
  28. else
  29. CERTS=$*
  30. fi
  31. IFS=': '
  32. for i in $CERTS
  33. do
  34. (
  35. IFS=' '
  36. if [ -d $i -a -w $i ]; then
  37. cd $i
  38. echo "Doing $i"
  39. for i in *.pem
  40. do
  41. if [ $i != '*.pem' ]; then
  42. h=`$OPENSSL x509 -hash -noout -in $i`
  43. if [ "x$h" = "x" ]; then
  44. echo $i does not contain a certificate
  45. else
  46. if [ -f $h.0 ]; then
  47. /bin/rm -f $h.0
  48. fi
  49. echo "$i => $h.0"
  50. ln -s $i $h.0
  51. fi
  52. fi
  53. done
  54. fi
  55. )
  56. done