This repository has been archived by the owner. It is now read-only.
Permalink
Browse files

openssl: Updated mk-ca-bundle.pl

  • Loading branch information...
Arnavion committed Sep 7, 2016
1 parent 8428c83 commit 94788f22b29e66cdb8bcea51441a4116c25c1ef7
Showing with 18 additions and 10 deletions.
  1. +17 −9 openssl/mk-ca-bundle.pl
  2. +1 −1 openssl/mod.md
View
@@ -6,7 +6,7 @@
# * | (__| |_| | _ <| |___
# * \___|\___/|_| \_\_____|
# *
# * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
# * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
# *
# * This software is licensed as described in the file COPYING, which
# * you should have received as part of this distribution. The terms
@@ -33,7 +33,7 @@
use Getopt::Std;
use MIME::Base64;
use strict;
use vars qw($opt_b $opt_d $opt_f $opt_h $opt_i $opt_l $opt_n $opt_p $opt_q $opt_s $opt_t $opt_u $opt_v $opt_w);
use vars qw($opt_b $opt_d $opt_f $opt_h $opt_i $opt_l $opt_m $opt_n $opt_p $opt_q $opt_s $opt_t $opt_u $opt_v $opt_w);
use List::Util;
use Text::Wrap;
my $MOD_SHA = "Digest::SHA";
@@ -61,7 +61,7 @@
# If the OpenSSL commandline is not in search path you can configure it here!
my $openssl = 'openssl';
my $version = '1.25';
my $version = '1.26';
$opt_w = 76; # default base64 encoded lines length
@@ -108,7 +108,7 @@
$0 =~ s@.*(/|\\)@@;
$Getopt::Std::STANDARD_HELP_VERSION = 1;
getopts('bd:fhilnp:qs:tuvw:');
getopts('bd:fhilmnp:qs:tuvw:');
if(!defined($opt_d)) {
# to make plain "-d" use not cause warnings, and actually still work
@@ -160,6 +160,7 @@ ()
print "\t-f\tforce rebuild even if certdata.txt is current\n";
print "\t-i\tprint version info about used modules\n";
print "\t-l\tprint license info about certdata.txt\n";
print "\t-m\tinclude meta data in output\n";
print "\t-n\tno download of certdata.txt (to use existing)\n";
print wrap("\t","\t\t", "-p\tlist of Mozilla trust purposes and levels for certificates to include in output. Takes the form of a comma separated list of purposes, a colon, and a comma separated list of levels. (default: $default_mozilla_trust_purposes:$default_mozilla_trust_levels)"), "\n";
print "\t\t Valid purposes are:\n";
@@ -370,6 +371,7 @@ (%)
my $certnum = 0;
my $skipnum = 0;
my $start_of_cert = 0;
my @precert;
open(TXT,"$txt") or die "Couldn't open $txt: $!\n";
while (<TXT>) {
@@ -382,11 +384,15 @@ (%)
last if (/\*\*\*\*\* END LICENSE BLOCK \*\*\*\*\*/);
}
}
next if /^#|^\s*$/;
chomp;
if (/^CVS_ID\s+\"(.*)\"/) {
print CRT "# $1\n";
elsif(/^# (Issuer|Serial Number|Subject|Not Valid Before|Not Valid After |Fingerprint \(MD5\)|Fingerprint \(SHA1\)):/) {
push @precert, $_;
next;
}
elsif(/^#|^\s*$/) {
undef @precert;
next;
}
chomp;
# this is a match for the start of a certificate
if (/^CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE/) {
@@ -435,7 +441,7 @@ (%)
. $encoded
. "-----END CERTIFICATE-----\n";
print CRT "\n$caname\n";
print CRT @precert if($opt_m);
my $maxStringLength = length($caname);
if ($opt_t) {
foreach my $key (keys %trust_purposes_by_level) {
@@ -478,7 +484,9 @@ (%)
$certnum ++;
$start_of_cert = 0;
}
undef @precert;
}
}
close(TXT) or die "Couldn't close $txt: $!\n";
close(CRT) or die "Couldn't close $crt.~: $!\n";
View
@@ -1,4 +1,4 @@
* Download [OpenSSL 1.0.2h](https://www.openssl.org/source/openssl-1.0.2h.tar.gz)
* Download the latest [NSS certificate list](https://hg.mozilla.org/mozilla-central/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt)
* Download the latest [mk-ca-bundle.pl](https://raw.githubusercontent.com/bagder/curl/master/lib/mk-ca-bundle.pl) and make the following changes:
* Download the latest [mk-ca-bundle.pl](https://raw.githubusercontent.com/curl/curl/master/lib/mk-ca-bundle.pl) and make the following changes:
* Remove `use LWP::UserAgent`

0 comments on commit 94788f2

Please sign in to comment.