diff options
Diffstat (limited to 'tools/c_rehash.in')
-rw-r--r-- | tools/c_rehash.in | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/tools/c_rehash.in b/tools/c_rehash.in new file mode 100644 index 0000000000..cc3b65871f --- /dev/null +++ b/tools/c_rehash.in @@ -0,0 +1,61 @@ +#!/bin/sh +# +# redo the hashes for the certificates in your cert path or the ones passed +# on the command line. +# + +if [ "$OPENSSL"x = "x" -o ! -x "$OPENSSL" ]; then + OPENSSL='openssl' + export OPENSSL +fi +DIR=/usr/local/ssl +PATH=$DIR/bin:$PATH + +if [ ! -f "$OPENSSL" ]; then + found=0 + for dir in . `echo $PATH | sed -e 's/:/ /g'`; do + if [ -f "$dir/$OPENSSL" ]; then + found=1 + break + fi + done + if [ $found = 0 ]; then + echo "c_rehash: rehashing skipped ('openssl' program not available)" 1>&2 + exit 0 + fi +fi + +SSL_DIR=$DIR/certs + +if [ "$*" = "" ]; then + CERTS=${*:-${SSL_CERT_DIR:-$SSL_DIR}} +else + CERTS=$* +fi + +IFS=': ' +for i in $CERTS +do + ( + IFS=' ' + if [ -d $i -a -w $i ]; then + cd $i + echo "Doing $i" + for i in *.pem + do + if [ $i != '*.pem' ]; then + h=`$OPENSSL x509 -hash -noout -in $i` + if [ "x$h" = "x" ]; then + echo $i does not contain a certificate + else + if [ -f $h.0 ]; then + /bin/rm -f $h.0 + fi + echo "$i => $h.0" + ln -s $i $h.0 + fi + fi + done + fi + ) +done |