@@ -137,6 +137,23 @@ sub check_file {
137137 return ($is_cert , $is_crl );
138138}
139139
140+ sub compute_hash {
141+ my $fh ;
142+ if ( $^O eq " VMS" ) {
143+ # VMS uses the open through shell
144+ # The file names are safe there and list form is unsupported
145+ if (!open ($fh , " -|" , join (' ' , @_ ))) {
146+ print STDERR " Cannot compute hash on '$fname '\n " ;
147+ return ;
148+ }
149+ } else {
150+ if (!open ($fh , " -|" , @_ )) {
151+ print STDERR " Cannot compute hash on '$fname '\n " ;
152+ return ;
153+ }
154+ }
155+ return (<$fh >, <$fh >);
156+ }
140157
141158# Link a certificate to its subject name hash value, each hash is of
142159# the form <hash>.<n> where n is an integer. If the hash value already exists
@@ -146,10 +163,12 @@ sub check_file {
146163
147164sub link_hash_cert {
148165 my $fname = $_ [0];
149- $fname =~ s / '/ '\\ ''/ g ;
150- my ($hash , $fprint ) = ` "$openssl " x509 $x509hash -fingerprint -noout -in "$fname "` ;
166+ my ($hash , $fprint ) = compute_hash($openssl , " x509" , $x509hash ,
167+ " -fingerprint" , " -noout" ,
168+ " -in" , $fname );
151169 chomp $hash ;
152170 chomp $fprint ;
171+ return if !$hash ;
153172 $fprint =~ s / ^.*=// ;
154173 $fprint =~ tr / :// d;
155174 my $suffix = 0;
@@ -181,10 +200,12 @@ sub link_hash_cert {
181200
182201sub link_hash_crl {
183202 my $fname = $_ [0];
184- $fname =~ s / '/ '\\ ''/ g ;
185- my ($hash , $fprint ) = ` "$openssl " crl $crlhash -fingerprint -noout -in '$fname '` ;
203+ my ($hash , $fprint ) = compute_hash($openssl , " crl" , $crlhash ,
204+ " -fingerprint" , " -noout" ,
205+ " -in" , $fname );
186206 chomp $hash ;
187207 chomp $fprint ;
208+ return if !$hash ;
188209 $fprint =~ s / ^.*=// ;
189210 $fprint =~ tr / :// d;
190211 my $suffix = 0;
0 commit comments